From 257ab726aaf3ba49fc5bbd2e9db0a24a0c462566 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 24 Apr 2024 15:26:18 +0200 Subject: [PATCH 001/815] Run the flake-regressions test suite --- .github/workflows/ci.yml | 28 +++++++++++++++++----------- scripts/flake-regressions.sh | 27 +++++++++++++++++++++++++++ 2 files changed, 44 insertions(+), 11 deletions(-) create mode 100755 scripts/flake-regressions.sh diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index ca94ff956f0..be7d47787be 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -193,18 +193,24 @@ jobs: - uses: actions/checkout@v4 - uses: DeterminateSystems/nix-installer-action@main - uses: DeterminateSystems/magic-nix-cache-action@main - - run: nix build -L .#hydraJobs.tests.githubFlakes .#hydraJobs.tests.tarballFlakes .#hydraJobs.tests.functional_user + - run: nix build -L .#hydraJobs.tests.githubFlakes .#hydraJobs.tests.tarballFlakes - meson_build: - strategy: - fail-fast: false - matrix: - os: [ubuntu-latest, macos-latest] - runs-on: ${{ matrix.os }} + flake_regressions: + needs: vm_tests + runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@v4 + - name: Checkout nix + uses: actions/checkout@v4 + - name: Checkout flake-regressions + uses: actions/checkout@v4 + with: + repository: DeterminateSystems/flake-regressions + path: flake-regressions + - name: Checkout flake-regressions-data + uses: actions/checkout@v4 + with: + repository: DeterminateSystems/flake-regressions-data + path: flake-regressions/tests - uses: DeterminateSystems/nix-installer-action@main - uses: DeterminateSystems/magic-nix-cache-action@main - # Only meson packages that don't have a tests.run derivation. - # Those that have it are already built and tested as part of nix flake check. - - run: nix build -L .#hydraJobs.build.{nix-cmd,nix-main}.$(nix-instantiate --eval --expr builtins.currentSystem | sed -e 's/"//g') + - run: nix build --out-link ./new-nix && PATH=$(pwd)/new-nix/bin:$PATH scripts/flake-regressions.sh diff --git a/scripts/flake-regressions.sh b/scripts/flake-regressions.sh new file mode 100755 index 00000000000..e6cfbfa24f9 --- /dev/null +++ b/scripts/flake-regressions.sh @@ -0,0 +1,27 @@ +#! /usr/bin/env bash + +set -e + +echo "Nix version:" +nix --version + +cd flake-regressions + +status=0 + +flakes=$(ls -d tests/*/*/* | head -n25) + +echo "Running flake tests..." + +for flake in $flakes; do + + if ! REGENERATE=0 ./eval-flake.sh $flake; then + status=1 + echo "❌ $flake" + else + echo "✅ $flake" + fi + +done + +exit "$status" From 9f4194376981711a737179a9c92bc472ac43e881 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Tue, 14 May 2024 15:58:37 +0200 Subject: [PATCH 002/815] flake-regressions.sh: Make the sort order deterministic --- scripts/flake-regressions.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/flake-regressions.sh b/scripts/flake-regressions.sh index e6cfbfa24f9..5cc55bf4f77 100755 --- a/scripts/flake-regressions.sh +++ b/scripts/flake-regressions.sh @@ -9,7 +9,7 @@ cd flake-regressions status=0 -flakes=$(ls -d tests/*/*/* | head -n25) +flakes=$(ls -d tests/*/*/* | sort | head -n25) echo "Running flake tests..." From 9b7a3205584b49449829048f17d23db4405cfc6a Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 10 Jun 2024 14:49:43 +0200 Subject: [PATCH 003/815] Use FlakeHub cache --- .github/workflows/ci.yml | 189 ++++----------------------------------- 1 file changed, 17 insertions(+), 172 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index be7d47787be..08815f7f0c0 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -4,12 +4,13 @@ on: pull_request: push: -permissions: read-all +permissions: + id-token: "write" + contents: "read" jobs: tests: - needs: [check_secrets] strategy: fail-fast: false matrix: @@ -17,186 +18,28 @@ jobs: runs-on: ${{ matrix.os }} timeout-minutes: 60 steps: - - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - uses: cachix/install-nix-action@V27 - with: - # The sandbox would otherwise be disabled by default on Darwin - extra_nix_config: "sandbox = true" - - run: echo CACHIX_NAME="$(echo $GITHUB_REPOSITORY-install-tests | tr "[A-Z]/" "[a-z]-")" >> $GITHUB_ENV - - uses: cachix/cachix-action@v15 - if: needs.check_secrets.outputs.cachix == 'true' - with: - name: '${{ env.CACHIX_NAME }}' - signingKey: '${{ secrets.CACHIX_SIGNING_KEY }}' - authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}' - - if: matrix.os == 'ubuntu-latest' - run: | - free -h - swapon --show - swap=$(swapon --show --noheadings | head -n 1 | awk '{print $1}') - echo "Found swap: $swap" - sudo swapoff $swap - # resize it (fallocate) - sudo fallocate -l 10G $swap - sudo mkswap $swap - sudo swapon $swap - free -h - ( - while sleep 60; do - free -h - done - ) & - - run: nix --experimental-features 'nix-command flakes' flake check -L - - # Steps to test CI automation in your own fork. - # Cachix: - # 1. Sign-up for https://www.cachix.org/ - # 2. Create a cache for $githubuser-nix-install-tests - # 3. Create a cachix auth token and save it in https://github.com/$githubuser/nix/settings/secrets/actions in "Repository secrets" as CACHIX_AUTH_TOKEN - # Dockerhub: - # 1. Sign-up for https://hub.docker.com/ - # 2. Store your dockerhub username as DOCKERHUB_USERNAME in "Repository secrets" of your fork repository settings (https://github.com/$githubuser/nix/settings/secrets/actions) - # 3. Create an access token in https://hub.docker.com/settings/security and store it as DOCKERHUB_TOKEN in "Repository secrets" of your fork - check_secrets: - permissions: - contents: none - name: Check Cachix and Docker secrets present for installer tests - runs-on: ubuntu-latest - outputs: - cachix: ${{ steps.secret.outputs.cachix }} - docker: ${{ steps.secret.outputs.docker }} - steps: - - name: Check for secrets - id: secret - env: - _CACHIX_SECRETS: ${{ secrets.CACHIX_SIGNING_KEY }}${{ secrets.CACHIX_AUTH_TOKEN }} - _DOCKER_SECRETS: ${{ secrets.DOCKERHUB_USERNAME }}${{ secrets.DOCKERHUB_TOKEN }} - run: | - echo "::set-output name=cachix::${{ env._CACHIX_SECRETS != '' }}" - echo "::set-output name=docker::${{ env._DOCKER_SECRETS != '' }}" - - installer: - needs: [tests, check_secrets] - if: github.event_name == 'push' && needs.check_secrets.outputs.cachix == 'true' - runs-on: ubuntu-latest - outputs: - installerURL: ${{ steps.prepare-installer.outputs.installerURL }} - steps: - - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - run: echo CACHIX_NAME="$(echo $GITHUB_REPOSITORY-install-tests | tr "[A-Z]/" "[a-z]-")" >> $GITHUB_ENV - - uses: cachix/install-nix-action@V27 - with: - install_url: https://releases.nixos.org/nix/nix-2.20.3/install - - uses: cachix/cachix-action@v15 - with: - name: '${{ env.CACHIX_NAME }}' - signingKey: '${{ secrets.CACHIX_SIGNING_KEY }}' - authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}' - cachixArgs: '-v' - - id: prepare-installer - run: scripts/prepare-installer-for-github-actions - - installer_test: - needs: [installer, check_secrets] - if: github.event_name == 'push' && needs.check_secrets.outputs.cachix == 'true' - strategy: - fail-fast: false - matrix: - os: [ubuntu-latest, macos-latest] - runs-on: ${{ matrix.os }} - steps: - - uses: actions/checkout@v4 - - run: echo CACHIX_NAME="$(echo $GITHUB_REPOSITORY-install-tests | tr "[A-Z]/" "[a-z]-")" >> $GITHUB_ENV - - uses: cachix/install-nix-action@V27 - with: - install_url: '${{needs.installer.outputs.installerURL}}' - install_options: "--tarball-url-prefix https://${{ env.CACHIX_NAME }}.cachix.org/serve" - - run: sudo apt install fish zsh - if: matrix.os == 'ubuntu-latest' - - run: brew install fish - if: matrix.os == 'macos-latest' - - run: exec bash -c "nix-instantiate -E 'builtins.currentTime' --eval" - - run: exec sh -c "nix-instantiate -E 'builtins.currentTime' --eval" - - run: exec zsh -c "nix-instantiate -E 'builtins.currentTime' --eval" - - run: exec fish -c "nix-instantiate -E 'builtins.currentTime' --eval" - - run: exec bash -c "nix-channel --add https://releases.nixos.org/nixos/unstable/nixos-23.05pre466020.60c1d71f2ba nixpkgs" - - run: exec bash -c "nix-channel --update && nix-env -iA nixpkgs.hello && hello" - - docker_push_image: - needs: [check_secrets, tests] - permissions: - contents: read - packages: write - if: >- - github.event_name == 'push' && - github.ref_name == 'master' && - needs.check_secrets.outputs.cachix == 'true' && - needs.check_secrets.outputs.docker == 'true' - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - uses: cachix/install-nix-action@V27 - with: - install_url: https://releases.nixos.org/nix/nix-2.20.3/install - - run: echo CACHIX_NAME="$(echo $GITHUB_REPOSITORY-install-tests | tr "[A-Z]/" "[a-z]-")" >> $GITHUB_ENV - - run: echo NIX_VERSION="$(nix --experimental-features 'nix-command flakes' eval .\#default.version | tr -d \")" >> $GITHUB_ENV - - uses: cachix/cachix-action@v15 - if: needs.check_secrets.outputs.cachix == 'true' - with: - name: '${{ env.CACHIX_NAME }}' - signingKey: '${{ secrets.CACHIX_SIGNING_KEY }}' - authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}' - - run: nix --experimental-features 'nix-command flakes' build .#dockerImage -L - - run: docker load -i ./result/image.tar.gz - - run: docker tag nix:$NIX_VERSION ${{ secrets.DOCKERHUB_USERNAME }}/nix:$NIX_VERSION - - run: docker tag nix:$NIX_VERSION ${{ secrets.DOCKERHUB_USERNAME }}/nix:master - # We'll deploy the newly built image to both Docker Hub and Github Container Registry. - # - # Push to Docker Hub first - - name: Login to Docker Hub - uses: docker/login-action@v3 - with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN }} - - run: docker push ${{ secrets.DOCKERHUB_USERNAME }}/nix:$NIX_VERSION - - run: docker push ${{ secrets.DOCKERHUB_USERNAME }}/nix:master - # Push to GitHub Container Registry as well - - name: Login to GitHub Container Registry - uses: docker/login-action@v3 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - name: Push image - run: | - IMAGE_ID=ghcr.io/${{ github.repository_owner }}/nix - # Change all uppercase to lowercase - IMAGE_ID=$(echo $IMAGE_ID | tr '[A-Z]' '[a-z]') - - docker tag nix:$NIX_VERSION $IMAGE_ID:$NIX_VERSION - docker tag nix:$NIX_VERSION $IMAGE_ID:latest - docker push $IMAGE_ID:$NIX_VERSION - docker push $IMAGE_ID:latest - # deprecated 2024-02-24 - docker tag nix:$NIX_VERSION $IMAGE_ID:master - docker push $IMAGE_ID:master + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + - uses: DeterminateSystems/nix-installer-action@main + with: + flakehub: true + - uses: DeterminateSystems/magic-nix-cache-action@main + - run: nix --experimental-features 'nix-command flakes' flake check -L vm_tests: + needs: tests runs-on: ubuntu-22.04 steps: - uses: actions/checkout@v4 - uses: DeterminateSystems/nix-installer-action@main + with: + flakehub: true - uses: DeterminateSystems/magic-nix-cache-action@main - run: nix build -L .#hydraJobs.tests.githubFlakes .#hydraJobs.tests.tarballFlakes flake_regressions: - needs: vm_tests + needs: tests runs-on: ubuntu-22.04 steps: - name: Checkout nix @@ -212,5 +55,7 @@ jobs: repository: DeterminateSystems/flake-regressions-data path: flake-regressions/tests - uses: DeterminateSystems/nix-installer-action@main + with: + flakehub: true - uses: DeterminateSystems/magic-nix-cache-action@main - run: nix build --out-link ./new-nix && PATH=$(pwd)/new-nix/bin:$PATH scripts/flake-regressions.sh From 58bc627a6ca8e52b3c0fd27a107d7a5a74865879 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 10 Jun 2024 15:16:41 +0200 Subject: [PATCH 004/815] Fix spellcheck --- scripts/flake-regressions.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/flake-regressions.sh b/scripts/flake-regressions.sh index 5cc55bf4f77..d765311345c 100755 --- a/scripts/flake-regressions.sh +++ b/scripts/flake-regressions.sh @@ -9,13 +9,13 @@ cd flake-regressions status=0 -flakes=$(ls -d tests/*/*/* | sort | head -n25) +flakes=$(find tests -mindepth 3 -maxdepth 3 -type d -not -path '*/.*' | sort | head -n25) echo "Running flake tests..." for flake in $flakes; do - if ! REGENERATE=0 ./eval-flake.sh $flake; then + if ! REGENERATE=0 ./eval-flake.sh "$flake"; then status=1 echo "❌ $flake" else From f218f0e93ad88c7baa445a58c0d3b5489031d025 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 10 Jun 2024 15:21:41 +0200 Subject: [PATCH 005/815] Try without fetch-depth:0 --- .github/workflows/ci.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 08815f7f0c0..6bd09c8ebd8 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -19,8 +19,6 @@ jobs: timeout-minutes: 60 steps: - uses: actions/checkout@v4 - with: - fetch-depth: 0 - uses: DeterminateSystems/nix-installer-action@main with: flakehub: true From def2c29e97e3238fc0a1b758fab2eda461ea7c1b Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 12 Jun 2024 16:03:34 +0200 Subject: [PATCH 006/815] Distinguish Determinate Nix in --version output --- src/libmain/shared.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libmain/shared.cc b/src/libmain/shared.cc index fc55fe3f1b2..d4870c3f257 100644 --- a/src/libmain/shared.cc +++ b/src/libmain/shared.cc @@ -293,7 +293,7 @@ void parseCmdLine(const std::string & programName, const Strings & args, void printVersion(const std::string & programName) { - std::cout << fmt("%1% (Nix) %2%", programName, nixVersion) << std::endl; + std::cout << fmt("%1% (Determinate Nix) %2%", programName, nixVersion) << std::endl; if (verbosity > lvlInfo) { Strings cfg; #if HAVE_BOEHMGC From 261a2e58fe9fee6856df3789540d176cb9d9ed9a Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 12 Jun 2024 16:09:30 +0200 Subject: [PATCH 007/815] Add plumbing for the DetSys installer flake --- flake.nix | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/flake.nix b/flake.nix index d83c2ecad36..e7604588121 100644 --- a/flake.nix +++ b/flake.nix @@ -22,7 +22,6 @@ outputs = inputs@{ self, nixpkgs, nixpkgs-regression, libgit2, ... }: - let inherit (nixpkgs) lib; @@ -357,5 +356,9 @@ default = self.devShells.${system}.native-stdenvPackages; } ); - }; + + # Expected by the DeterminateSystems/nix-installer flake. + tarballs_indirect = forAllSystems (system: self.checks."${system}".binaryTarball); + tarballs_direct = forAllSystems (system: "${self.checks."${system}".binaryTarball}/nix-${self.packages."${system}".default.version}-${system}.tar.xz"); + }; } From b68d7396ca5f34f11cd32957413ea8ce5fbb3206 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 12 Jun 2024 16:36:06 +0200 Subject: [PATCH 008/815] Publish to FlakeHub --- .github/workflows/publish.yml | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) create mode 100644 .github/workflows/publish.yml diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml new file mode 100644 index 00000000000..839ace59492 --- /dev/null +++ b/.github/workflows/publish.yml @@ -0,0 +1,20 @@ +name: Publish on FlakeHub + +on: + push: + tags: + - "v*.*.*" + +publish: + runs-on: ubuntu-latest + permissions: + contents: read + id-token: write + steps: + - uses: actions/checkout@v4 + - uses: DeterminateSystems/nix-installer-action@main + - uses: "DeterminateSystems/flakehub-push@main" + with: + visibility: "private" + name: "DeterminateSystems/nix-priv" + tag: "${{ github.ref_name }}" From 361a5783efa1f9f733fb50068ff3967856a64db3 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 17 Jun 2024 15:22:44 +0200 Subject: [PATCH 009/815] Fix version check --- tests/functional/common/vars-and-functions.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/tests/functional/common/vars-and-functions.sh b/tests/functional/common/vars-and-functions.sh index 4316a30d5ce..4a55da51588 100644 --- a/tests/functional/common/vars-and-functions.sh +++ b/tests/functional/common/vars-and-functions.sh @@ -182,10 +182,10 @@ if [[ $(uname) == Linux ]] && [[ -L /proc/self/ns/user ]] && unshare --user true fi isDaemonNewer () { - [[ -n "${NIX_DAEMON_PACKAGE:-}" ]] || return 0 - local requiredVersion="$1" - local daemonVersion=$($NIX_DAEMON_PACKAGE/bin/nix daemon --version | cut -d' ' -f3) - [[ $(nix eval --expr "builtins.compareVersions ''$daemonVersion'' ''$requiredVersion''") -ge 0 ]] + [[ -n "${NIX_DAEMON_PACKAGE:-}" ]] || return 0 + local requiredVersion="$1" + local daemonVersion=$($NIX_DAEMON_PACKAGE/bin/nix daemon --version | sed 's/.*) //') + [[ $(nix eval --expr "builtins.compareVersions ''$daemonVersion'' ''$requiredVersion''") -ge 0 ]] } skipTest () { From 245dbb7a61e47cf7673c21544cbc7e6158667900 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 17 Jun 2024 15:22:53 +0200 Subject: [PATCH 010/815] Revert "Add plumbing for the DetSys installer flake" This reverts commit 0f9ea197055eabe5fac3ef93e49ba5552668fa08. --- flake.nix | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/flake.nix b/flake.nix index e7604588121..d83c2ecad36 100644 --- a/flake.nix +++ b/flake.nix @@ -22,6 +22,7 @@ outputs = inputs@{ self, nixpkgs, nixpkgs-regression, libgit2, ... }: + let inherit (nixpkgs) lib; @@ -356,9 +357,5 @@ default = self.devShells.${system}.native-stdenvPackages; } ); - - # Expected by the DeterminateSystems/nix-installer flake. - tarballs_indirect = forAllSystems (system: self.checks."${system}".binaryTarball); - tarballs_direct = forAllSystems (system: "${self.checks."${system}".binaryTarball}/nix-${self.packages."${system}".default.version}-${system}.tar.xz"); - }; + }; } From 3a6fd22b4a2f74cca82fbd8769102e82294ff260 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 17 Jun 2024 17:09:19 +0200 Subject: [PATCH 011/815] Fix another version check --- tests/functional/store-info.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/functional/store-info.sh b/tests/functional/store-info.sh index f37889fbb1e..306b2024d5a 100755 --- a/tests/functional/store-info.sh +++ b/tests/functional/store-info.sh @@ -8,7 +8,7 @@ STORE_INFO_JSON=$(nix store info --json) echo "$STORE_INFO" | grep "Store URL: ${NIX_REMOTE}" if [[ -v NIX_DAEMON_PACKAGE ]] && isDaemonNewer "2.7.0pre20220126"; then - DAEMON_VERSION=$($NIX_DAEMON_PACKAGE/bin/nix daemon --version | cut -d' ' -f3) + DAEMON_VERSION=$($NIX_DAEMON_PACKAGE/bin/nix daemon --version | sed 's/.*) //') echo "$STORE_INFO" | grep "Version: $DAEMON_VERSION" [[ "$(echo "$STORE_INFO_JSON" | jq -r ".version")" == "$DAEMON_VERSION" ]] fi From 590920eed2fbac2ef2d19dc2299d0dbcb279d24d Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Sun, 29 Oct 2023 21:50:35 +0000 Subject: [PATCH 012/815] Make the flakes experimental feature stable --- .github/workflows/ci.yml | 2 +- doc/manual/src/contributing/hacking.md | 3 +- src/libcmd/common-eval-args.cc | 2 - src/libcmd/installables.cc | 3 -- src/libexpr/primops/fetchTree.cc | 8 +-- src/libfetchers/github.cc | 5 -- src/libfetchers/indirect.cc | 5 -- src/libfetchers/path.cc | 5 -- src/libfetchers/registry.cc | 2 +- src/libflake/flake-settings.hh | 9 ++-- src/libflake/flake/flake.cc | 7 --- src/libutil/config.cc | 6 +-- src/libutil/config.hh | 2 +- src/libutil/experimental-features.cc | 7 ++- src/nix/flake.cc | 6 --- src/nix/main.cc | 1 - src/nix/nix.md | 6 +-- src/nix/repl.md | 2 +- tests/functional/ca/selfref-gc.sh | 2 +- tests/functional/common/init.sh | 3 +- tests/functional/config.sh | 4 +- tests/functional/experimental-features.sh | 60 +++++++++++------------ tests/functional/repl.sh | 6 +-- tests/nixos/github-flakes.nix | 2 +- tests/nixos/sourcehut-flakes.nix | 2 +- tests/nixos/tarball-flakes.nix | 2 +- tests/unit/libutil/config.cc | 4 +- 27 files changed, 59 insertions(+), 107 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 6bd09c8ebd8..832aa3ff080 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -23,7 +23,7 @@ jobs: with: flakehub: true - uses: DeterminateSystems/magic-nix-cache-action@main - - run: nix --experimental-features 'nix-command flakes' flake check -L + - run: nix --experimental-features 'nix-command' flake check -L vm_tests: needs: tests diff --git a/doc/manual/src/contributing/hacking.md b/doc/manual/src/contributing/hacking.md index c128515e9ba..fc2d7221706 100644 --- a/doc/manual/src/contributing/hacking.md +++ b/doc/manual/src/contributing/hacking.md @@ -14,10 +14,9 @@ The following instructions assume you already have some version of Nix installed ## Building Nix with flakes -This section assumes you are using Nix with the [`flakes`] and [`nix-command`] experimental features enabled. +This section assumes you are using Nix with the experimental feature [`nix-command`] enabled. See the [Building Nix](#building-nix) section for equivalent instructions using stable Nix interfaces. -[`flakes`]: @docroot@/contributing/experimental-features.md#xp-feature-flakes [`nix-command`]: @docroot@/contributing/experimental-features.md#xp-nix-command To build all dependencies and start a shell in which all environment variables are set up so that those dependencies can be found: diff --git a/src/libcmd/common-eval-args.cc b/src/libcmd/common-eval-args.cc index 62745b6815f..92e7bd67842 100644 --- a/src/libcmd/common-eval-args.cc +++ b/src/libcmd/common-eval-args.cc @@ -22,7 +22,6 @@ EvalSettings evalSettings { { "flake", [](ref store, std::string_view rest) { - experimentalFeatureSettings.require(Xp::Flakes); // FIXME `parseFlakeRef` should take a `std::string_view`. auto flakeRef = parseFlakeRef(std::string { rest }, {}, true, false); debug("fetching flake search path element '%s''", rest); @@ -229,7 +228,6 @@ SourcePath lookupFileArg(EvalState & state, std::string_view s, const Path * bas } else if (hasPrefix(s, "flake:")) { - experimentalFeatureSettings.require(Xp::Flakes); auto flakeRef = parseFlakeRef(std::string(s.substr(6)), {}, true, false); auto storePath = flakeRef.resolve(state.store).fetchTree(state.store).first; return state.rootPath(CanonPath(state.store->toRealPath(storePath))); diff --git a/src/libcmd/installables.cc b/src/libcmd/installables.cc index 6835c512c1c..eb7048d3930 100644 --- a/src/libcmd/installables.cc +++ b/src/libcmd/installables.cc @@ -394,9 +394,6 @@ void completeFlakeRefWithFragment( void completeFlakeRef(AddCompletions & completions, ref store, std::string_view prefix) { - if (!experimentalFeatureSettings.isEnabled(Xp::Flakes)) - return; - if (prefix == "") completions.add("."); diff --git a/src/libexpr/primops/fetchTree.cc b/src/libexpr/primops/fetchTree.cc index 567b73f9a1b..50935a61ab3 100644 --- a/src/libexpr/primops/fetchTree.cc +++ b/src/libexpr/primops/fetchTree.cc @@ -163,15 +163,11 @@ static void fetchTree( } input = fetchers::Input::fromAttrs(std::move(attrs)); } else { - if (!experimentalFeatureSettings.isEnabled(Xp::Flakes)) - state.error( - "passing a string argument to 'fetchTree' requires the 'flakes' experimental feature" - ).atPos(pos).debugThrow(); input = fetchers::Input::fromURL(url); } } - if (!state.settings.pureEval && !input.isDirect() && experimentalFeatureSettings.isEnabled(Xp::Flakes)) + if (!state.settings.pureEval && !input.isDirect()) input = lookupInRegistries(state.store, input).first; if (state.settings.pureEval && !input.isLocked()) { @@ -383,7 +379,6 @@ static RegisterPrimOp primop_fetchTree({ - `"mercurial"` *input* can also be a [URL-like reference](@docroot@/command-ref/new-cli/nix3-flake.md#flake-references). - The additional input types and the URL-like syntax requires the [`flakes` experimental feature](@docroot@/contributing/experimental-features.md#xp-feature-flakes) to be enabled. > **Example** > @@ -420,7 +415,6 @@ static RegisterPrimOp primop_fetchTree({ > ``` )", .fun = prim_fetchTree, - .experimentalFeature = Xp::FetchTree, }); static void fetch(EvalState & state, const PosIdx pos, Value * * args, Value & v, diff --git a/src/libfetchers/github.cc b/src/libfetchers/github.cc index ddb41e63f9f..d878fb89568 100644 --- a/src/libfetchers/github.cc +++ b/src/libfetchers/github.cc @@ -299,11 +299,6 @@ struct GitArchiveInputScheme : InputScheme input.getNarHash().has_value()); } - std::optional experimentalFeature() const override - { - return Xp::Flakes; - } - std::optional getFingerprint(ref store, const Input & input) const override { if (auto rev = input.getRev()) diff --git a/src/libfetchers/indirect.cc b/src/libfetchers/indirect.cc index ba507863138..e271eabc651 100644 --- a/src/libfetchers/indirect.cc +++ b/src/libfetchers/indirect.cc @@ -102,11 +102,6 @@ struct IndirectInputScheme : InputScheme throw Error("indirect input '%s' cannot be fetched directly", input.to_string()); } - std::optional experimentalFeature() const override - { - return Xp::Flakes; - } - bool isDirect(const Input & input) const override { return false; } }; diff --git a/src/libfetchers/path.cc b/src/libfetchers/path.cc index 68958d55971..29ca25ce6d2 100644 --- a/src/libfetchers/path.cc +++ b/src/libfetchers/path.cc @@ -174,11 +174,6 @@ struct PathInputScheme : InputScheme return std::nullopt; } } - - std::optional experimentalFeature() const override - { - return Xp::Flakes; - } }; static auto rPathInputScheme = OnStartup([] { registerInputScheme(std::make_unique()); }); diff --git a/src/libfetchers/registry.cc b/src/libfetchers/registry.cc index 52cbac5e0a0..d6993417323 100644 --- a/src/libfetchers/registry.cc +++ b/src/libfetchers/registry.cc @@ -156,7 +156,7 @@ struct RegistrySettings : Config When empty, disables the global flake registry. )", - {}, true, Xp::Flakes}; + {}, true}; }; RegistrySettings registrySettings; diff --git a/src/libflake/flake-settings.hh b/src/libflake/flake-settings.hh index f97c175e8a3..4f986aefd0d 100644 --- a/src/libflake/flake-settings.hh +++ b/src/libflake/flake-settings.hh @@ -22,8 +22,7 @@ struct FlakeSettings : public Config "use-registries", "Whether to use flake registries to resolve flake references.", {}, - true, - Xp::Flakes}; + true}; Setting acceptFlakeConfig{ this, @@ -31,8 +30,7 @@ struct FlakeSettings : public Config "accept-flake-config", "Whether to accept nix configuration from a flake without prompting.", {}, - true, - Xp::Flakes}; + true}; Setting commitLockFileSummary{ this, @@ -43,8 +41,7 @@ struct FlakeSettings : public Config empty, the summary is generated based on the action performed. )", {"commit-lockfile-summary"}, - true, - Xp::Flakes}; + true}; }; // TODO: don't use a global variable. diff --git a/src/libflake/flake/flake.cc b/src/libflake/flake/flake.cc index 6f47b599229..21acb93eee2 100644 --- a/src/libflake/flake/flake.cc +++ b/src/libflake/flake/flake.cc @@ -343,8 +343,6 @@ LockedFlake lockFlake( const FlakeRef & topRef, const LockFlags & lockFlags) { - experimentalFeatureSettings.require(Xp::Flakes); - FlakeCache flakeCache; auto useRegistries = lockFlags.useRegistries.value_or(flakeSettings.useRegistries); @@ -744,8 +742,6 @@ void callFlake(EvalState & state, const LockedFlake & lockedFlake, Value & vRes) { - experimentalFeatureSettings.require(Xp::Flakes); - auto [lockFileStr, keyMap] = lockedFlake.lockFile.to_string(); auto overrides = state.buildBindings(lockedFlake.nodePaths.size()); @@ -837,7 +833,6 @@ static RegisterPrimOp r2({ ``` )", .fun = prim_getFlake, - .experimentalFeature = Xp::Flakes, }); static void prim_parseFlakeRef( @@ -881,7 +876,6 @@ static RegisterPrimOp r3({ ``` )", .fun = prim_parseFlakeRef, - .experimentalFeature = Xp::Flakes, }); @@ -938,7 +932,6 @@ static RegisterPrimOp r4({ ``` )", .fun = prim_flakeRefToString, - .experimentalFeature = Xp::Flakes, }); } diff --git a/src/libutil/config.cc b/src/libutil/config.cc index 907ca7fc149..8abf4bc2362 100644 --- a/src/libutil/config.cc +++ b/src/libutil/config.cc @@ -341,11 +341,9 @@ template<> std::set BaseSetting res; for (auto & s : tokenizeString(str)) { - if (auto thisXpFeature = parseExperimentalFeature(s); thisXpFeature) { + if (auto thisXpFeature = parseExperimentalFeature(s); thisXpFeature) res.insert(thisXpFeature.value()); - if (thisXpFeature.value() == Xp::Flakes) - res.insert(Xp::FetchTree); - } else + else warn("unknown experimental feature '%s'", s); } return res; diff --git a/src/libutil/config.hh b/src/libutil/config.hh index 1952ba1b8d7..a30d1b1ec64 100644 --- a/src/libutil/config.hh +++ b/src/libutil/config.hh @@ -386,7 +386,7 @@ struct ExperimentalFeatureSettings : Config { Example: ``` - experimental-features = nix-command flakes + experimental-features = nix-command ``` The following experimental features are available: diff --git a/src/libutil/experimental-features.cc b/src/libutil/experimental-features.cc index 1c080e372f6..8ecf1e92b42 100644 --- a/src/libutil/experimental-features.cc +++ b/src/libutil/experimental-features.cc @@ -74,8 +74,9 @@ constexpr std::array xpFeatureDetails .tag = Xp::Flakes, .name = "flakes", .description = R"( - Enable flakes. See the manual entry for [`nix - flake`](@docroot@/command-ref/new-cli/nix3-flake.md) for details. + *Enabled for Determinate Nix Installer users since 2.19* + + See the manual entry for [`nix flake`](@docroot@/command-ref/new-cli/nix3-flake.md) for details. )", .trackingUrl = "https://github.com/NixOS/nix/milestone/27", }, @@ -83,6 +84,8 @@ constexpr std::array xpFeatureDetails .tag = Xp::FetchTree, .name = "fetch-tree", .description = R"( + *Enabled for Determinate Nix Installer users since 2.24* + Enable the use of the [`fetchTree`](@docroot@/language/builtins.md#builtins-fetchTree) built-in function in the Nix language. `fetchTree` exposes a generic interface for fetching remote file system trees from different types of remote sources. diff --git a/src/nix/flake.cc b/src/nix/flake.cc index 84c659023a5..a86e36206b7 100644 --- a/src/nix/flake.cc +++ b/src/nix/flake.cc @@ -1462,12 +1462,6 @@ struct CmdFlake : NixMultiCommand #include "flake.md" ; } - - void run() override - { - experimentalFeatureSettings.require(Xp::Flakes); - NixMultiCommand::run(); - } }; static auto rCmdFlake = registerCommand("flake"); diff --git a/src/nix/main.cc b/src/nix/main.cc index c90bb25a7d3..85be80da452 100644 --- a/src/nix/main.cc +++ b/src/nix/main.cc @@ -412,7 +412,6 @@ void mainWrapped(int argc, char * * argv) if (argc == 2 && std::string(argv[1]) == "__dump-language") { experimentalFeatureSettings.experimentalFeatures = { - Xp::Flakes, Xp::FetchClosure, Xp::DynamicDerivations, Xp::FetchTree, diff --git a/src/nix/nix.md b/src/nix/nix.md index 4464bef370c..2f59db3afb5 100644 --- a/src/nix/nix.md +++ b/src/nix/nix.md @@ -69,11 +69,9 @@ That is, Nix will operate on the default flake output attribute of the flake in ### Flake output attribute > **Warning** \ -> Flake output attribute installables depend on both the -> [`flakes`](@docroot@/contributing/experimental-features.md#xp-feature-flakes) -> and +> Flake output attribute installables depend on the > [`nix-command`](@docroot@/contributing/experimental-features.md#xp-feature-nix-command) -> experimental features, and subject to change without notice. +> experimental feature, and subject to change without notice. Example: `nixpkgs#hello` diff --git a/src/nix/repl.md b/src/nix/repl.md index 32c08e24b24..e608dabf6f9 100644 --- a/src/nix/repl.md +++ b/src/nix/repl.md @@ -36,7 +36,7 @@ R""( Loading Installable ''... Added 1 variables. - # nix repl --extra-experimental-features 'flakes' nixpkgs + # nix repl nixpkgs Loading Installable 'flake:nixpkgs#'... Added 5 variables. diff --git a/tests/functional/ca/selfref-gc.sh b/tests/functional/ca/selfref-gc.sh index 24877889459..588515db521 100755 --- a/tests/functional/ca/selfref-gc.sh +++ b/tests/functional/ca/selfref-gc.sh @@ -4,7 +4,7 @@ source common.sh requireDaemonNewerThan "2.4pre20210626" -enableFeatures "ca-derivations nix-command flakes" +enableFeatures "ca-derivations nix-command" export NIX_TESTS_CA_BY_DEFAULT=1 cd .. diff --git a/tests/functional/common/init.sh b/tests/functional/common/init.sh index d33ad5d5744..482d62cc4cd 100755 --- a/tests/functional/common/init.sh +++ b/tests/functional/common/init.sh @@ -12,7 +12,7 @@ if isTestOnNixOS; then ! test -e "$test_nix_conf" cat > "$test_nix_conf_dir/nix.conf" < "$NIX_CONF_DIR"/nix.conf.extra <"$TEST_ROOT"/stdout 2>"$TEST_ROOT"/stderr + $gatedSetting = true +" expect 1 nix config show $gatedSetting 1>"$TEST_ROOT"/stdout 2>"$TEST_ROOT"/stderr [[ $(cat "$TEST_ROOT/stdout") = '' ]] -grepQuiet "Ignoring setting 'accept-flake-config' because experimental feature 'flakes' is not enabled" "$TEST_ROOT/stderr" -grepQuiet "error: could not find setting 'accept-flake-config'" "$TEST_ROOT/stderr" +grepQuiet "error: could not find setting '$gatedSetting'" "$TEST_ROOT/stderr" -# 'flakes' experimental-feature is disabled after, ignore and warn -NIX_CONFIG=' - accept-flake-config = true +# Experimental feature is disabled after, ignore and warn. +NIX_CONFIG=" + $gatedSetting = true experimental-features = nix-command -' expect 1 nix config show accept-flake-config 1>"$TEST_ROOT"/stdout 2>"$TEST_ROOT"/stderr +" expect 1 nix config show $gatedSetting 1>"$TEST_ROOT"/stdout 2>"$TEST_ROOT"/stderr [[ $(cat "$TEST_ROOT/stdout") = '' ]] -grepQuiet "Ignoring setting 'accept-flake-config' because experimental feature 'flakes' is not enabled" "$TEST_ROOT/stderr" -grepQuiet "error: could not find setting 'accept-flake-config'" "$TEST_ROOT/stderr" +grepQuiet "error: could not find setting '$gatedSetting'" "$TEST_ROOT/stderr" -# 'flakes' experimental-feature is enabled before, process -NIX_CONFIG=' - experimental-features = nix-command flakes - accept-flake-config = true -' nix config show accept-flake-config 1>"$TEST_ROOT"/stdout 2>"$TEST_ROOT"/stderr +# Experimental feature is enabled before, process. +NIX_CONFIG=" + experimental-features = nix-command $xpFeature + $gatedSetting = true +" nix config show $gatedSetting 1>"$TEST_ROOT"/stdout 2>"$TEST_ROOT"/stderr grepQuiet "true" "$TEST_ROOT/stdout" -grepQuietInverse "Ignoring setting 'accept-flake-config'" "$TEST_ROOT/stderr" -# 'flakes' experimental-feature is enabled after, process -NIX_CONFIG=' - accept-flake-config = true - experimental-features = nix-command flakes -' nix config show accept-flake-config 1>"$TEST_ROOT"/stdout 2>"$TEST_ROOT"/stderr +# Experimental feature is enabled after, process. +NIX_CONFIG=" + $gatedSetting = true + experimental-features = nix-command $xpFeature +" nix config show $gatedSetting 1>"$TEST_ROOT"/stdout 2>"$TEST_ROOT"/stderr grepQuiet "true" "$TEST_ROOT/stdout" -grepQuietInverse "Ignoring setting 'accept-flake-config'" "$TEST_ROOT/stderr" +grepQuietInverse "Ignoring setting '$gatedSetting'" "$TEST_ROOT/stderr" function exit_code_both_ways { - expect 1 nix --experimental-features 'nix-command' "$@" 1>/dev/null - nix --experimental-features 'nix-command flakes' "$@" 1>/dev/null + expect 1 nix --experimental-features 'nix-command ' "$@" 1>/dev/null + nix --experimental-features "nix-command $xpFeature" "$@" 1>/dev/null # Also, the order should not matter expect 1 nix "$@" --experimental-features 'nix-command' 1>/dev/null - nix "$@" --experimental-features 'nix-command flakes' 1>/dev/null + nix "$@" --experimental-features "nix-command $xpFeature" 1>/dev/null } -exit_code_both_ways show-config --flake-registry 'https://no' +exit_code_both_ways config show --auto-allocate-uids # Double check these are stable nix --experimental-features '' --help 1>/dev/null diff --git a/tests/functional/repl.sh b/tests/functional/repl.sh index 86cd6f458d0..40035785f58 100755 --- a/tests/functional/repl.sh +++ b/tests/functional/repl.sh @@ -140,9 +140,9 @@ EOF testReplResponse ' foo + baz ' "3" \ - ./flake ./flake\#bar --experimental-features 'flakes' + ./flake ./flake\#bar -# Test the `:reload` mechansim with flakes: +# Test the `:reload` mechanism with flakes: # - Eval `./flake#changingThing` # - Modify the flake # - Re-eval it @@ -153,7 +153,7 @@ sleep 1 # Leave the repl the time to eval 'foo' sed -i 's/beforeChange/afterChange/' flake/flake.nix echo ":reload" echo "changingThing" -) | nix repl ./flake --experimental-features 'flakes') +) | nix repl ./flake) echo "$replResult" | grepQuiet -s beforeChange echo "$replResult" | grepQuiet -s afterChange diff --git a/tests/nixos/github-flakes.nix b/tests/nixos/github-flakes.nix index 221045009ee..9a1ed749ce8 100644 --- a/tests/nixos/github-flakes.nix +++ b/tests/nixos/github-flakes.nix @@ -143,7 +143,7 @@ in virtualisation.additionalPaths = [ pkgs.hello pkgs.fuse ]; virtualisation.memorySize = 4096; nix.settings.substituters = lib.mkForce [ ]; - nix.extraOptions = "experimental-features = nix-command flakes"; + nix.extraOptions = "experimental-features = nix-command"; networking.hosts.${(builtins.head nodes.github.networking.interfaces.eth1.ipv4.addresses).address} = [ "channels.nixos.org" "api.github.com" "github.com" ]; security.pki.certificateFiles = [ "${cert}/ca.crt" ]; diff --git a/tests/nixos/sourcehut-flakes.nix b/tests/nixos/sourcehut-flakes.nix index 04f3590e1d8..4eeab42db4d 100644 --- a/tests/nixos/sourcehut-flakes.nix +++ b/tests/nixos/sourcehut-flakes.nix @@ -104,7 +104,7 @@ in virtualisation.memorySize = 4096; nix.settings.substituters = lib.mkForce [ ]; nix.extraOptions = '' - experimental-features = nix-command flakes + experimental-features = nix-command flake-registry = https://git.sr.ht/~NixOS/flake-registry/blob/master/flake-registry.json ''; environment.systemPackages = [ pkgs.jq ]; diff --git a/tests/nixos/tarball-flakes.nix b/tests/nixos/tarball-flakes.nix index 84cf377ec5b..2a21d873880 100644 --- a/tests/nixos/tarball-flakes.nix +++ b/tests/nixos/tarball-flakes.nix @@ -51,7 +51,7 @@ in virtualisation.additionalPaths = [ pkgs.hello pkgs.fuse ]; virtualisation.memorySize = 4096; nix.settings.substituters = lib.mkForce [ ]; - nix.extraOptions = "experimental-features = nix-command flakes"; + nix.extraOptions = "experimental-features = nix-command"; }; }; diff --git a/tests/unit/libutil/config.cc b/tests/unit/libutil/config.cc index 886e70da50d..f3dc2876af7 100644 --- a/tests/unit/libutil/config.cc +++ b/tests/unit/libutil/config.cc @@ -191,7 +191,7 @@ namespace nix { "description", {}, true, - Xp::Flakes, + Xp::CaDerivations, }; setting.assign("value"); @@ -203,7 +203,7 @@ namespace nix { "description": "description\n", "documentDefault": true, "value": "value", - "experimentalFeature": "flakes" + "experimentalFeature": "ca-derivations" } })#"_json); } From 16c8f9016b9438e7445acd65445d89b424dd57dc Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 10 Jul 2024 16:42:37 +0200 Subject: [PATCH 013/815] Remove unneeded --experimental-features --- .github/workflows/ci.yml | 2 +- src/libflake/flake-settings.hh | 7 +------ 2 files changed, 2 insertions(+), 7 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 832aa3ff080..d8c5439bbe7 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -23,7 +23,7 @@ jobs: with: flakehub: true - uses: DeterminateSystems/magic-nix-cache-action@main - - run: nix --experimental-features 'nix-command' flake check -L + - run: nix flake check -L vm_tests: needs: tests diff --git a/src/libflake/flake-settings.hh b/src/libflake/flake-settings.hh index 4f986aefd0d..a601e120c4f 100644 --- a/src/libflake/flake-settings.hh +++ b/src/libflake/flake-settings.hh @@ -17,12 +17,7 @@ struct FlakeSettings : public Config FlakeSettings(); Setting useRegistries{ - this, - true, - "use-registries", - "Whether to use flake registries to resolve flake references.", - {}, - true}; + this, true, "use-registries", "Whether to use flake registries to resolve flake references.", {}, true}; Setting acceptFlakeConfig{ this, From 50d7ce6c6a2a98d949aa0b2147c9ce9f22a9f2e6 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 10 Jul 2024 16:49:46 +0200 Subject: [PATCH 014/815] Actually remove the "flakes" experimental feature To avoid annoying warnings, this is now a "stabilized" feature. --- src/libutil/config.cc | 4 +++- src/libutil/experimental-features.cc | 18 +++++++----------- src/libutil/experimental-features.hh | 3 ++- 3 files changed, 12 insertions(+), 13 deletions(-) diff --git a/src/libutil/config.cc b/src/libutil/config.cc index 8abf4bc2362..9946bed7896 100644 --- a/src/libutil/config.cc +++ b/src/libutil/config.cc @@ -341,8 +341,10 @@ template<> std::set BaseSetting res; for (auto & s : tokenizeString(str)) { - if (auto thisXpFeature = parseExperimentalFeature(s); thisXpFeature) + if (auto thisXpFeature = parseExperimentalFeature(s)) res.insert(thisXpFeature.value()); + else if (stabilizedFeatures.count(s)) + debug("experimental feature '%s' is now stable", s); else warn("unknown experimental feature '%s'", s); } diff --git a/src/libutil/experimental-features.cc b/src/libutil/experimental-features.cc index 8ecf1e92b42..b54a0cdc5b1 100644 --- a/src/libutil/experimental-features.cc +++ b/src/libutil/experimental-features.cc @@ -70,16 +70,6 @@ constexpr std::array xpFeatureDetails )", .trackingUrl = "https://github.com/NixOS/nix/milestone/42", }, - { - .tag = Xp::Flakes, - .name = "flakes", - .description = R"( - *Enabled for Determinate Nix Installer users since 2.19* - - See the manual entry for [`nix flake`](@docroot@/command-ref/new-cli/nix3-flake.md) for details. - )", - .trackingUrl = "https://github.com/NixOS/nix/milestone/27", - }, { .tag = Xp::FetchTree, .name = "fetch-tree", @@ -302,12 +292,18 @@ constexpr std::array xpFeatureDetails static_assert( []() constexpr { for (auto [index, feature] : enumerate(xpFeatureDetails)) - if (index != (size_t)feature.tag) + if (index != (size_t) feature.tag) return false; return true; }(), "array order does not match enum tag order"); +/** + * A set of previously experimental features that are now considered + * stable. We don't warn if users have these in `experimental-features`. + */ +std::set stabilizedFeatures{"flakes"}; + const std::optional parseExperimentalFeature(const std::string_view & name) { using ReverseXpMap = std::map; diff --git a/src/libutil/experimental-features.hh b/src/libutil/experimental-features.hh index 1da2a3ff55d..f195c232c90 100644 --- a/src/libutil/experimental-features.hh +++ b/src/libutil/experimental-features.hh @@ -19,7 +19,6 @@ enum struct ExperimentalFeature { CaDerivations, ImpureDerivations, - Flakes, FetchTree, NixCommand, GitHashing, @@ -38,6 +37,8 @@ enum struct ExperimentalFeature VerifiedFetches, }; +extern std::set stabilizedFeatures; + /** * Just because writing `ExperimentalFeature::CaDerivations` is way too long */ From e638d0022336da31b461ee6cfee6c85867759294 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 10 Jul 2024 17:01:37 +0200 Subject: [PATCH 015/815] Stabilize the "nix-command" feature --- doc/manual/generate-manpage.nix | 5 ----- src/libstore/build/derivation-goal.cc | 4 +--- src/libutil/args.cc | 2 +- src/libutil/experimental-features.cc | 11 +---------- src/libutil/experimental-features.hh | 1 - src/nix/main.cc | 3 --- tests/functional/config.sh | 4 ++-- tests/functional/config/nix-with-bang-include.conf | 2 +- tests/functional/experimental-features.sh | 9 --------- 9 files changed, 6 insertions(+), 35 deletions(-) diff --git a/doc/manual/generate-manpage.nix b/doc/manual/generate-manpage.nix index ba5667a4305..89fec9d1cd6 100644 --- a/doc/manual/generate-manpage.nix +++ b/doc/manual/generate-manpage.nix @@ -36,11 +36,6 @@ let let result = '' - > **Warning** \ - > This program is - > [**experimental**](@docroot@/contributing/experimental-features.md#xp-feature-nix-command) - > and its interface is subject to change. - # Name `${command}` - ${details.description} diff --git a/src/libstore/build/derivation-goal.cc b/src/libstore/build/derivation-goal.cc index 64b8495e1bb..886e63263f8 100644 --- a/src/libstore/build/derivation-goal.cc +++ b/src/libstore/build/derivation-goal.cc @@ -994,9 +994,7 @@ void DerivationGoal::buildDone() msg += line; msg += "\n"; } - auto nixLogCommand = experimentalFeatureSettings.isEnabled(Xp::NixCommand) - ? "nix log" - : "nix-store -l"; + auto nixLogCommand = "nix log"; msg += fmt("For full logs, run '" ANSI_BOLD "%s %s" ANSI_NORMAL "'.", nixLogCommand, worker.store.printStorePath(drvPath)); diff --git a/src/libutil/args.cc b/src/libutil/args.cc index c202facdfea..13208b70fe8 100644 --- a/src/libutil/args.cc +++ b/src/libutil/args.cc @@ -583,7 +583,7 @@ Strings argvToStrings(int argc, char * * argv) std::optional Command::experimentalFeature () { - return { Xp::NixCommand }; + return {}; } MultiCommand::MultiCommand(std::string_view commandName, const Commands & commands_) diff --git a/src/libutil/experimental-features.cc b/src/libutil/experimental-features.cc index b54a0cdc5b1..c69f84685b2 100644 --- a/src/libutil/experimental-features.cc +++ b/src/libutil/experimental-features.cc @@ -86,15 +86,6 @@ constexpr std::array xpFeatureDetails )", .trackingUrl = "https://github.com/NixOS/nix/milestone/31", }, - { - .tag = Xp::NixCommand, - .name = "nix-command", - .description = R"( - Enable the new `nix` subcommands. See the manual on - [`nix`](@docroot@/command-ref/new-cli/nix.md) for details. - )", - .trackingUrl = "https://github.com/NixOS/nix/milestone/28", - }, { .tag = Xp::GitHashing, .name = "git-hashing", @@ -302,7 +293,7 @@ static_assert( * A set of previously experimental features that are now considered * stable. We don't warn if users have these in `experimental-features`. */ -std::set stabilizedFeatures{"flakes"}; +std::set stabilizedFeatures{"flakes", "nix-command"}; const std::optional parseExperimentalFeature(const std::string_view & name) { diff --git a/src/libutil/experimental-features.hh b/src/libutil/experimental-features.hh index f195c232c90..dddd5329a65 100644 --- a/src/libutil/experimental-features.hh +++ b/src/libutil/experimental-features.hh @@ -20,7 +20,6 @@ enum struct ExperimentalFeature CaDerivations, ImpureDerivations, FetchTree, - NixCommand, GitHashing, RecursiveNix, NoUrlLiterals, diff --git a/src/nix/main.cc b/src/nix/main.cc index 85be80da452..92b0277d20b 100644 --- a/src/nix/main.cc +++ b/src/nix/main.cc @@ -120,7 +120,6 @@ struct NixArgs : virtual MultiCommand, virtual MixCommonArgs, virtual RootArgs .description = "Print full build logs on standard error.", .category = loggingCategory, .handler = {[&]() { logger->setPrintBuildLogs(true); }}, - .experimentalFeature = Xp::NixCommand, }); addFlag({ @@ -136,7 +135,6 @@ struct NixArgs : virtual MultiCommand, virtual MixCommonArgs, virtual RootArgs .description = "Disable substituters and consider all previously downloaded files up-to-date.", .category = miscCategory, .handler = {[&]() { useNet = false; }}, - .experimentalFeature = Xp::NixCommand, }); addFlag({ @@ -144,7 +142,6 @@ struct NixArgs : virtual MultiCommand, virtual MixCommonArgs, virtual RootArgs .description = "Consider all previously downloaded files out-of-date.", .category = miscCategory, .handler = {[&]() { refresh = true; }}, - .experimentalFeature = Xp::NixCommand, }); } diff --git a/tests/functional/config.sh b/tests/functional/config.sh index ef4d507312c..a1016a3686a 100755 --- a/tests/functional/config.sh +++ b/tests/functional/config.sh @@ -54,8 +54,8 @@ var=$(nix config show | grep '^allowed-uris =' | cut -d '=' -f 2 | xargs) # Test that we can !include a file. export NIX_USER_CONF_FILES=$here/config/nix-with-bang-include.conf -var=$(nix config show | grep '^experimental-features =' | cut -d '=' -f 2 | xargs) -[[ $var == nix-command ]] +var=$(nix config show | grep '^fsync-metadata =' | cut -d '=' -f 2 | xargs) +[[ $var == true ]] # Test that it's possible to load config from the environment prev=$(nix config show | grep '^cores' | cut -d '=' -f 2 | xargs) diff --git a/tests/functional/config/nix-with-bang-include.conf b/tests/functional/config/nix-with-bang-include.conf index fa600e6ff19..033e854817b 100644 --- a/tests/functional/config/nix-with-bang-include.conf +++ b/tests/functional/config/nix-with-bang-include.conf @@ -1,2 +1,2 @@ -experimental-features = nix-command +fsync-metadata = true !include ./missing-extra-config.conf \ No newline at end of file diff --git a/tests/functional/experimental-features.sh b/tests/functional/experimental-features.sh index d6f7f9e5672..0533a7c04e9 100755 --- a/tests/functional/experimental-features.sh +++ b/tests/functional/experimental-features.sh @@ -79,12 +79,3 @@ nix --experimental-features '' --help 1>/dev/null nix --experimental-features '' doctor --help 1>/dev/null nix --experimental-features '' repl --help 1>/dev/null nix --experimental-features '' upgrade-nix --help 1>/dev/null - -# These 3 arguments are currently given to all commands, which is wrong (as not -# all care). To deal with fixing later, we simply make them require the -# nix-command experimental features --- it so happens that the commands we wish -# stabilizing to do not need them anyways. -for arg in '--print-build-logs' '--offline' '--refresh'; do - nix --experimental-features 'nix-command' "$arg" --help 1>/dev/null - expect 1 nix --experimental-features '' "$arg" --help 1>/dev/null -done From 98a6af2c97cba5a666afb93464c17b9b2f8c1bad Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 10 Jul 2024 17:09:34 +0200 Subject: [PATCH 016/815] doc/manual/src/contributing/hacking.md: Remove non-flake instructions --- doc/manual/src/contributing/hacking.md | 23 ++--------------------- 1 file changed, 2 insertions(+), 21 deletions(-) diff --git a/doc/manual/src/contributing/hacking.md b/doc/manual/src/contributing/hacking.md index fc2d7221706..451b38976d2 100644 --- a/doc/manual/src/contributing/hacking.md +++ b/doc/manual/src/contributing/hacking.md @@ -14,11 +14,6 @@ The following instructions assume you already have some version of Nix installed ## Building Nix with flakes -This section assumes you are using Nix with the experimental feature [`nix-command`] enabled. -See the [Building Nix](#building-nix) section for equivalent instructions using stable Nix interfaces. - -[`nix-command`]: @docroot@/contributing/experimental-features.md#xp-nix-command - To build all dependencies and start a shell in which all environment variables are set up so that those dependencies can be found: ```console @@ -105,7 +100,7 @@ nix (Nix) 2.12 To build a release version of Nix for the current operating system and CPU architecture: ```console -$ nix-build +$ nix build ``` You can also build Nix for one of the [supported platforms](#platforms). @@ -155,12 +150,6 @@ platform. Common solutions include [remote build machines] and [binary format em Given such a setup, executing the build only requires selecting the respective attribute. For example, to compile for `aarch64-linux`: -```console -$ nix-build --attr packages.aarch64-linux.default -``` - -or for Nix with the [`flakes`] and [`nix-command`] experimental features enabled: - ```console $ nix build .#packages.aarch64-linux.default ``` @@ -242,20 +231,12 @@ To build with one of those environments, you can use $ nix build .#nix-ccacheStdenv ``` -for flake-enabled Nix, or - -```console -$ nix-build --attr nix-ccacheStdenv -``` - -for classic Nix. - You can use any of the other supported environments in place of `nix-ccacheStdenv`. ## Editor integration The `clangd` LSP server is installed by default on the `clang`-based `devShell`s. -See [supported compilation environments](#compilation-environments) and instructions how to set up a shell [with flakes](#nix-with-flakes) or in [classic Nix](#classic-nix). +See [supported compilation environments](#compilation-environments) and instructions how to [set up a shell with flakes](#nix-with-flakes). To use the LSP with your editor, you first need to [set up `clangd`](https://clangd.llvm.org/installation#project-setup) by running: From 891a5b387e767d72c1679dfb0bc6a07d7eb89267 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 10 Jul 2024 17:18:09 +0200 Subject: [PATCH 017/815] Remove warning about nix-command --- src/nix/nix.md | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/src/nix/nix.md b/src/nix/nix.md index 2f59db3afb5..5ac00b94074 100644 --- a/src/nix/nix.md +++ b/src/nix/nix.md @@ -48,11 +48,6 @@ manual](https://nixos.org/manual/nix/stable/). # Installables -> **Warning** \ -> Installables are part of the unstable -> [`nix-command` experimental feature](@docroot@/contributing/experimental-features.md#xp-feature-nix-command), -> and subject to change without notice. - Many `nix` subcommands operate on one or more *installables*. These are command line arguments that represent something that can be realised in the Nix store. @@ -68,11 +63,6 @@ That is, Nix will operate on the default flake output attribute of the flake in ### Flake output attribute -> **Warning** \ -> Flake output attribute installables depend on the -> [`nix-command`](@docroot@/contributing/experimental-features.md#xp-feature-nix-command) -> experimental feature, and subject to change without notice. - Example: `nixpkgs#hello` These have the form *flakeref*[`#`*attrpath*], where *flakeref* is a From e0ce16173432cc08aa65fc12e89a8d459b9d501d Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 10 Jul 2024 18:45:00 +0200 Subject: [PATCH 018/815] Remove experimental warnings --- doc/manual/src/protocols/json/derivation.md | 6 ------ doc/manual/src/protocols/json/store-object-info.md | 6 ------ 2 files changed, 12 deletions(-) diff --git a/doc/manual/src/protocols/json/derivation.md b/doc/manual/src/protocols/json/derivation.md index f881dd70381..6af7c0dfb1d 100644 --- a/doc/manual/src/protocols/json/derivation.md +++ b/doc/manual/src/protocols/json/derivation.md @@ -1,11 +1,5 @@ # Derivation JSON Format -> **Warning** -> -> This JSON format is currently -> [**experimental**](@docroot@/contributing/experimental-features.md#xp-feature-nix-command) -> and subject to change. - The JSON serialization of a [derivations](@docroot@/glossary.md#gloss-store-derivation) is a JSON object with the following fields: diff --git a/doc/manual/src/protocols/json/store-object-info.md b/doc/manual/src/protocols/json/store-object-info.md index 9f647a96c24..fee415eefc5 100644 --- a/doc/manual/src/protocols/json/store-object-info.md +++ b/doc/manual/src/protocols/json/store-object-info.md @@ -1,11 +1,5 @@ # Store object info JSON format -> **Warning** -> -> This JSON format is currently -> [**experimental**](@docroot@/contributing/experimental-features.md#xp-feature-nix-command) -> and subject to change. - Info about a [store object]. * `path`: From 1b52a3add1d79633c2feb0ff206c096617962053 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 10 Jul 2024 18:45:23 +0200 Subject: [PATCH 019/815] Remove references to nix-command --- doc/manual/local.mk | 4 ++-- scripts/installer.nix | 2 +- src/libutil/config.hh | 2 +- tests/functional/ca/derivation-json.sh | 2 +- tests/functional/ca/selfref-gc.sh | 2 +- tests/functional/common/init.sh | 3 +-- tests/functional/common/vars-and-functions.sh | 2 +- tests/functional/config.sh | 2 +- tests/functional/config/nix-with-include.conf | 1 - .../config/nix-with-substituters.conf | 1 - tests/functional/dyn-drv/eval-outputOf.sh | 6 ++--- .../functional/dyn-drv/recursive-mod-json.nix | 2 +- tests/functional/experimental-features.sh | 24 +++++++++---------- tests/functional/impure-derivations.sh | 2 +- tests/functional/recursive.nix | 2 +- tests/functional/recursive.sh | 2 +- tests/installer/default.nix | 2 +- tests/nixos/authorization.nix | 2 -- tests/nixos/containers/containers.nix | 2 +- tests/nixos/fetch-git/testsupport/setup.nix | 1 - tests/nixos/git-submodules.nix | 1 - tests/nixos/github-flakes.nix | 1 - tests/nixos/nix-copy.nix | 1 - tests/nixos/sourcehut-flakes.nix | 1 - tests/nixos/tarball-flakes.nix | 1 - tests/repl-completion.nix | 4 ++-- 26 files changed, 32 insertions(+), 43 deletions(-) diff --git a/doc/manual/local.mk b/doc/manual/local.mk index 0cec5288504..d4cba066bee 100644 --- a/doc/manual/local.mk +++ b/doc/manual/local.mk @@ -35,7 +35,7 @@ dummy-env = env -i \ NIX_STATE_DIR=/dummy \ NIX_CONFIG='cores = 0' -nix-eval = $(dummy-env) $(doc_nix) eval --experimental-features nix-command -I nix=doc/manual --store dummy:// --impure --raw +nix-eval = $(dummy-env) $(doc_nix) eval -I nix=doc/manual --store dummy:// --impure --raw # re-implement mdBook's include directive to make it usable for terminal output and for proper @docroot@ substitution define process-includes @@ -121,7 +121,7 @@ $(d)/nix.json: $(doc_nix) @mv $@.tmp $@ $(d)/conf-file.json: $(doc_nix) - $(trace-gen) $(dummy-env) $(doc_nix) config show --json --experimental-features nix-command > $@.tmp + $(trace-gen) $(dummy-env) $(doc_nix) config show --json > $@.tmp @mv $@.tmp $@ $(d)/src/contributing/experimental-feature-descriptions.md: $(d)/xp-features.json $(d)/utils.nix $(d)/generate-xp-features.nix $(doc_nix) diff --git a/scripts/installer.nix b/scripts/installer.nix index cc7759c2c8e..3d51d4916a3 100644 --- a/scripts/installer.nix +++ b/scripts/installer.nix @@ -25,7 +25,7 @@ runCommand "installer-script" { (tarball: let inherit (tarball.stdenv.hostPlatform) system; in '' \ - --replace '@tarballHash_${system}@' $(nix --experimental-features nix-command hash-file --base16 --type sha256 ${tarball}/*.tar.xz) \ + --replace '@tarballHash_${system}@' $(nix hash-file --base16 --type sha256 ${tarball}/*.tar.xz) \ --replace '@tarballPath_${system}@' $(tarballPath ${tarball}/*.tar.xz) \ '' ) diff --git a/src/libutil/config.hh b/src/libutil/config.hh index a30d1b1ec64..f1c7233baab 100644 --- a/src/libutil/config.hh +++ b/src/libutil/config.hh @@ -386,7 +386,7 @@ struct ExperimentalFeatureSettings : Config { Example: ``` - experimental-features = nix-command + experimental-features = ca-derivations ``` The following experimental features are available: diff --git a/tests/functional/ca/derivation-json.sh b/tests/functional/ca/derivation-json.sh index 1e2a8fe35f6..97f1657320a 100644 --- a/tests/functional/ca/derivation-json.sh +++ b/tests/functional/ca/derivation-json.sh @@ -19,7 +19,7 @@ drvPath3=$(nix derivation add --dry-run < "$TEST_HOME"/foo.json) [[ ! -e "$drvPath3" ]] # But the JSON is rejected without the experimental feature -expectStderr 1 nix derivation add < "$TEST_HOME"/foo.json --experimental-features nix-command | grepQuiet "experimental Nix feature 'ca-derivations' is disabled" +expectStderr 1 nix derivation add < "$TEST_HOME"/foo.json --experimental-features '' | grepQuiet "experimental Nix feature 'ca-derivations' is disabled" # Without --dry-run it is actually written drvPath4=$(nix derivation add < "$TEST_HOME"/foo.json) diff --git a/tests/functional/ca/selfref-gc.sh b/tests/functional/ca/selfref-gc.sh index 588515db521..a730bdab694 100755 --- a/tests/functional/ca/selfref-gc.sh +++ b/tests/functional/ca/selfref-gc.sh @@ -4,7 +4,7 @@ source common.sh requireDaemonNewerThan "2.4pre20210626" -enableFeatures "ca-derivations nix-command" +enableFeatures "ca-derivations" export NIX_TESTS_CA_BY_DEFAULT=1 cd .. diff --git a/tests/functional/common/init.sh b/tests/functional/common/init.sh index 482d62cc4cd..38b29d12297 100755 --- a/tests/functional/common/init.sh +++ b/tests/functional/common/init.sh @@ -12,7 +12,6 @@ if isTestOnNixOS; then ! test -e "$test_nix_conf" cat > "$test_nix_conf_dir/nix.conf" < "$NIX_CONF_DIR"/nix.conf <"$TEST_ROOT"/stdout 2>"$TEST_ROOT"/stderr [[ $(cat "$TEST_ROOT/stdout") = '' ]] @@ -43,14 +43,14 @@ grepQuiet "error: could not find setting '$gatedSetting'" "$TEST_ROOT/stderr" # Experimental feature is disabled after, ignore and warn. NIX_CONFIG=" $gatedSetting = true - experimental-features = nix-command + experimental-features = " expect 1 nix config show $gatedSetting 1>"$TEST_ROOT"/stdout 2>"$TEST_ROOT"/stderr [[ $(cat "$TEST_ROOT/stdout") = '' ]] grepQuiet "error: could not find setting '$gatedSetting'" "$TEST_ROOT/stderr" # Experimental feature is enabled before, process. NIX_CONFIG=" - experimental-features = nix-command $xpFeature + experimental-features = $xpFeature $gatedSetting = true " nix config show $gatedSetting 1>"$TEST_ROOT"/stdout 2>"$TEST_ROOT"/stderr grepQuiet "true" "$TEST_ROOT/stdout" @@ -58,18 +58,18 @@ grepQuiet "true" "$TEST_ROOT/stdout" # Experimental feature is enabled after, process. NIX_CONFIG=" $gatedSetting = true - experimental-features = nix-command $xpFeature + experimental-features = $xpFeature " nix config show $gatedSetting 1>"$TEST_ROOT"/stdout 2>"$TEST_ROOT"/stderr grepQuiet "true" "$TEST_ROOT/stdout" grepQuietInverse "Ignoring setting '$gatedSetting'" "$TEST_ROOT/stderr" function exit_code_both_ways { - expect 1 nix --experimental-features 'nix-command ' "$@" 1>/dev/null - nix --experimental-features "nix-command $xpFeature" "$@" 1>/dev/null + expect 1 nix --experimental-features '' "$@" 1>/dev/null + nix --experimental-features "$xpFeature" "$@" 1>/dev/null # Also, the order should not matter - expect 1 nix "$@" --experimental-features 'nix-command' 1>/dev/null - nix "$@" --experimental-features "nix-command $xpFeature" 1>/dev/null + expect 1 nix "$@" --experimental-features '' 1>/dev/null + nix "$@" --experimental-features "$xpFeature" 1>/dev/null } exit_code_both_ways config show --auto-allocate-uids diff --git a/tests/functional/impure-derivations.sh b/tests/functional/impure-derivations.sh index 5dea220fec7..69884c2932e 100755 --- a/tests/functional/impure-derivations.sh +++ b/tests/functional/impure-derivations.sh @@ -21,7 +21,7 @@ drvPath2=$(nix derivation add < $TEST_HOME/impure-drv.json) [[ "$drvPath" = "$drvPath2" ]] # But only with the experimental feature! -expectStderr 1 nix derivation add < $TEST_HOME/impure-drv.json --experimental-features nix-command | grepQuiet "experimental Nix feature 'impure-derivations' is disabled" +expectStderr 1 nix derivation add < $TEST_HOME/impure-drv.json --experimental-features '' | grepQuiet "experimental Nix feature 'impure-derivations' is disabled" nix build --dry-run --json --file ./impure-derivations.nix impure.all json=$(nix build -L --no-link --json --file ./impure-derivations.nix impure.all) diff --git a/tests/functional/recursive.nix b/tests/functional/recursive.nix index fa8cc04db2b..622049dca3e 100644 --- a/tests/functional/recursive.nix +++ b/tests/functional/recursive.nix @@ -14,7 +14,7 @@ mkDerivation rec { buildCommand = '' mkdir $out - opts="--experimental-features nix-command ${if (NIX_TESTS_CA_BY_DEFAULT == "1") then "--extra-experimental-features ca-derivations" else ""}" + opts="${if (NIX_TESTS_CA_BY_DEFAULT == "1") then "--extra-experimental-features ca-derivations" else ""}" PATH=${builtins.getEnv "NIX_BIN_DIR"}:$PATH diff --git a/tests/functional/recursive.sh b/tests/functional/recursive.sh index 640fb92d2c5..fb0aa69752e 100755 --- a/tests/functional/recursive.sh +++ b/tests/functional/recursive.sh @@ -13,7 +13,7 @@ rm -f $TEST_ROOT/result export unreachable=$(nix store add-path ./recursive.sh) -NIX_BIN_DIR=$(dirname $(type -p nix)) nix --extra-experimental-features 'nix-command recursive-nix' build -o $TEST_ROOT/result -L --impure --file ./recursive.nix +NIX_BIN_DIR=$(dirname $(type -p nix)) nix --extra-experimental-features 'recursive-nix' build -o $TEST_ROOT/result -L --impure --file ./recursive.nix [[ $(cat $TEST_ROOT/result/inner1) =~ blaat ]] diff --git a/tests/installer/default.nix b/tests/installer/default.nix index 4aed6eae489..3b75c5e0f4c 100644 --- a/tests/installer/default.nix +++ b/tests/installer/default.nix @@ -224,7 +224,7 @@ let source /etc/bashrc || true nix-env --version - nix --extra-experimental-features nix-command store info + nix store info out=\$(nix-build --no-substitute -E 'derivation { name = "foo"; system = "x86_64-linux"; builder = "/bin/sh"; args = ["-c" "echo foobar > \$out"]; }') [[ \$(cat \$out) = foobar ]] diff --git a/tests/nixos/authorization.nix b/tests/nixos/authorization.nix index fdeae06ed34..d80069e77d9 100644 --- a/tests/nixos/authorization.nix +++ b/tests/nixos/authorization.nix @@ -10,8 +10,6 @@ users.users.alice.isNormalUser = true; users.users.bob.isNormalUser = true; users.users.mallory.isNormalUser = true; - - nix.settings.experimental-features = "nix-command"; }; testScript = diff --git a/tests/nixos/containers/containers.nix b/tests/nixos/containers/containers.nix index 6773f5628a3..188012c9ba6 100644 --- a/tests/nixos/containers/containers.nix +++ b/tests/nixos/containers/containers.nix @@ -18,7 +18,7 @@ nix.settings.substituters = lib.mkForce [ ]; nix.extraOptions = '' - extra-experimental-features = nix-command auto-allocate-uids cgroups + extra-experimental-features = auto-allocate-uids cgroups extra-system-features = uid-range ''; nix.nixPath = [ "nixpkgs=${nixpkgs}" ]; diff --git a/tests/nixos/fetch-git/testsupport/setup.nix b/tests/nixos/fetch-git/testsupport/setup.nix index a81d5614b44..08195daa51d 100644 --- a/tests/nixos/fetch-git/testsupport/setup.nix +++ b/tests/nixos/fetch-git/testsupport/setup.nix @@ -74,7 +74,6 @@ in environment.variables = { _NIX_FORCE_HTTP = "1"; }; - nix.settings.experimental-features = ["nix-command" "flakes"]; }; setupScript = '' ''; diff --git a/tests/nixos/git-submodules.nix b/tests/nixos/git-submodules.nix index 570b1822bf6..6bcb75b5ed2 100644 --- a/tests/nixos/git-submodules.nix +++ b/tests/nixos/git-submodules.nix @@ -20,7 +20,6 @@ { programs.ssh.extraConfig = "ConnectTimeout 30"; environment.systemPackages = [ pkgs.git ]; - nix.extraOptions = "experimental-features = nix-command flakes"; }; }; diff --git a/tests/nixos/github-flakes.nix b/tests/nixos/github-flakes.nix index 9a1ed749ce8..37ffa2b7085 100644 --- a/tests/nixos/github-flakes.nix +++ b/tests/nixos/github-flakes.nix @@ -143,7 +143,6 @@ in virtualisation.additionalPaths = [ pkgs.hello pkgs.fuse ]; virtualisation.memorySize = 4096; nix.settings.substituters = lib.mkForce [ ]; - nix.extraOptions = "experimental-features = nix-command"; networking.hosts.${(builtins.head nodes.github.networking.interfaces.eth1.ipv4.addresses).address} = [ "channels.nixos.org" "api.github.com" "github.com" ]; security.pki.certificateFiles = [ "${cert}/ca.crt" ]; diff --git a/tests/nixos/nix-copy.nix b/tests/nixos/nix-copy.nix index 7db5197aa8c..cd0cca63b45 100644 --- a/tests/nixos/nix-copy.nix +++ b/tests/nixos/nix-copy.nix @@ -23,7 +23,6 @@ in { { virtualisation.writableStore = true; virtualisation.additionalPaths = [ pkgA pkgD.drvPath ]; nix.settings.substituters = lib.mkForce [ ]; - nix.settings.experimental-features = [ "nix-command" ]; services.getty.autologinUser = "root"; programs.ssh.extraConfig = '' Host * diff --git a/tests/nixos/sourcehut-flakes.nix b/tests/nixos/sourcehut-flakes.nix index 4eeab42db4d..a1422ab964e 100644 --- a/tests/nixos/sourcehut-flakes.nix +++ b/tests/nixos/sourcehut-flakes.nix @@ -104,7 +104,6 @@ in virtualisation.memorySize = 4096; nix.settings.substituters = lib.mkForce [ ]; nix.extraOptions = '' - experimental-features = nix-command flake-registry = https://git.sr.ht/~NixOS/flake-registry/blob/master/flake-registry.json ''; environment.systemPackages = [ pkgs.jq ]; diff --git a/tests/nixos/tarball-flakes.nix b/tests/nixos/tarball-flakes.nix index 2a21d873880..e0327cac579 100644 --- a/tests/nixos/tarball-flakes.nix +++ b/tests/nixos/tarball-flakes.nix @@ -51,7 +51,6 @@ in virtualisation.additionalPaths = [ pkgs.hello pkgs.fuse ]; virtualisation.memorySize = 4096; nix.settings.substituters = lib.mkForce [ ]; - nix.extraOptions = "experimental-features = nix-command"; }; }; diff --git a/tests/repl-completion.nix b/tests/repl-completion.nix index 3ba198a9860..5cca0fc1cfa 100644 --- a/tests/repl-completion.nix +++ b/tests/repl-completion.nix @@ -10,7 +10,7 @@ runCommand "repl-completion" { ]; expectScript = '' # Regression https://github.com/NixOS/nix/pull/10778 - spawn nix repl --offline --extra-experimental-features nix-command + spawn nix repl --offline expect "nix-repl>" send "foo = import ./does-not-exist.nix\n" expect "nix-repl>" @@ -37,4 +37,4 @@ runCommand "repl-completion" { nix-store --init expect $expectScriptPath touch $out -'' \ No newline at end of file +'' From a00efcb36c1e76cf5c8defbaa75d1c2d97e08a6b Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 11 Jul 2024 09:52:40 +0200 Subject: [PATCH 020/815] Fix daemon test --- tests/functional/common/vars-and-functions.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tests/functional/common/vars-and-functions.sh b/tests/functional/common/vars-and-functions.sh index a1f51dc88b2..e21a7ff0a05 100644 --- a/tests/functional/common/vars-and-functions.sh +++ b/tests/functional/common/vars-and-functions.sh @@ -123,7 +123,8 @@ startDaemon() { fi # Start the daemon, wait for the socket to appear. rm -f $NIX_DAEMON_SOCKET_PATH - PATH=$DAEMON_PATH nix daemon & + # TODO: remove the nix-command feature when we're no longer testing against old daemons. + PATH=$DAEMON_PATH nix daemon --extra-experimental-features nix-command & _NIX_TEST_DAEMON_PID=$! export _NIX_TEST_DAEMON_PID for ((i = 0; i < 300; i++)); do From 6ad333aeee5d0d594ef9b9119bdd38583eec1005 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 11 Jul 2024 11:13:55 +0200 Subject: [PATCH 021/815] GitHub CI: Use a bigger builder for x86_64-linux Also, don't use a matrix for the 'tests' workflow, since we don't want the 'vm_tests' and 'flake_regressions' workflows to depend on aarch64-darwin. --- .github/workflows/ci.yml | 27 +++++++++++---------------- .github/workflows/test.yml | 21 +++++++++++++++++++++ 2 files changed, 32 insertions(+), 16 deletions(-) create mode 100644 .github/workflows/test.yml diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index d8c5439bbe7..6b184288bc8 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -10,23 +10,18 @@ permissions: jobs: - tests: - strategy: - fail-fast: false - matrix: - os: [ubuntu-latest, macos-latest] - runs-on: ${{ matrix.os }} - timeout-minutes: 60 - steps: - - uses: actions/checkout@v4 - - uses: DeterminateSystems/nix-installer-action@main - with: - flakehub: true - - uses: DeterminateSystems/magic-nix-cache-action@main - - run: nix flake check -L + test_x86_64-linux: + uses: ./.github/workflows/test.yml + with: + os: UbuntuLatest32Cores128G + + test_aarch64-darwin: + uses: ./.github/workflows/test.yml + with: + os: macos-latest vm_tests: - needs: tests + needs: test_x86_64-linux runs-on: ubuntu-22.04 steps: - uses: actions/checkout@v4 @@ -37,7 +32,7 @@ jobs: - run: nix build -L .#hydraJobs.tests.githubFlakes .#hydraJobs.tests.tarballFlakes flake_regressions: - needs: tests + needs: test_x86_64-linux runs-on: ubuntu-22.04 steps: - name: Checkout nix diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml new file mode 100644 index 00000000000..14e4c5fa58d --- /dev/null +++ b/.github/workflows/test.yml @@ -0,0 +1,21 @@ +on: + workflow_call: + inputs: + os: + required: true + type: string + +jobs: + + tests: + strategy: + fail-fast: false + runs-on: ${{ inputs.os }} + timeout-minutes: 60 + steps: + - uses: actions/checkout@v4 + - uses: DeterminateSystems/nix-installer-action@main + with: + flakehub: true + - uses: DeterminateSystems/magic-nix-cache-action@main + - run: nix flake check -L From 83173fef17f84ca5a397ced74921ec95a196a50d Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 11 Jul 2024 11:19:08 +0200 Subject: [PATCH 022/815] Avoid superfluous duplicate jobs on PRs --- .github/workflows/ci.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 6b184288bc8..811c1c52423 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -3,6 +3,10 @@ name: "CI" on: pull_request: push: + branches: + - detsys-main + - main + - master permissions: id-token: "write" From 13e60dd649a5556de16418ffdfee247e27169364 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 11 Jul 2024 13:24:09 +0200 Subject: [PATCH 023/815] Build aarch64-linux --- .github/workflows/ci.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 811c1c52423..a3344f207c3 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -19,6 +19,11 @@ jobs: with: os: UbuntuLatest32Cores128G + test_aarch64-linux: + uses: ./.github/workflows/test.yml + with: + os: UbuntuLatest32Cores128GArm + test_aarch64-darwin: uses: ./.github/workflows/test.yml with: From a4d1dfbab64cc83e029e4c34c5d2de97846bf474 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 11 Jul 2024 13:25:39 +0200 Subject: [PATCH 024/815] Split building and testing to improve parallelism --- .github/workflows/build.yml | 21 +++++++++++++++++++++ .github/workflows/ci.yml | 22 ++++++++++++++++++++-- 2 files changed, 41 insertions(+), 2 deletions(-) create mode 100644 .github/workflows/build.yml diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml new file mode 100644 index 00000000000..1cb645063e1 --- /dev/null +++ b/.github/workflows/build.yml @@ -0,0 +1,21 @@ +on: + workflow_call: + inputs: + os: + required: true + type: string + +jobs: + + tests: + strategy: + fail-fast: false + runs-on: ${{ inputs.os }} + timeout-minutes: 60 + steps: + - uses: actions/checkout@v4 + - uses: DeterminateSystems/nix-installer-action@main + with: + flakehub: true + - uses: DeterminateSystems/magic-nix-cache-action@main + - run: nix build diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index a3344f207c3..fd89614f703 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -14,23 +14,41 @@ permissions: jobs: + build_x86_64-linux: + uses: ./.github/workflows/build.yml + with: + os: UbuntuLatest32Cores128G + + build_aarch64-linux: + uses: ./.github/workflows/build.yml + with: + os: UbuntuLatest32Cores128GArm + + build_aarch64-darwin: + uses: ./.github/workflows/build.yml + with: + os: macos-latest + test_x86_64-linux: uses: ./.github/workflows/test.yml + needs: build_x86_64-linux with: os: UbuntuLatest32Cores128G test_aarch64-linux: uses: ./.github/workflows/test.yml + needs: build_aarch64-linux with: os: UbuntuLatest32Cores128GArm test_aarch64-darwin: uses: ./.github/workflows/test.yml + needs: build_aarch64-darwin with: os: macos-latest vm_tests: - needs: test_x86_64-linux + needs: build_x86_64-linux runs-on: ubuntu-22.04 steps: - uses: actions/checkout@v4 @@ -41,7 +59,7 @@ jobs: - run: nix build -L .#hydraJobs.tests.githubFlakes .#hydraJobs.tests.tarballFlakes flake_regressions: - needs: test_x86_64-linux + needs: build_x86_64-linux runs-on: ubuntu-22.04 steps: - name: Checkout nix From f862424423d786fe9ade91f2319fe6f24ca50648 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 11 Jul 2024 13:39:24 +0200 Subject: [PATCH 025/815] Fix job name --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 1cb645063e1..ef7174c3090 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -7,7 +7,7 @@ on: jobs: - tests: + build: strategy: fail-fast: false runs-on: ${{ inputs.os }} From 6406619c441c35ba323212a234e8923f2a2087da Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 11 Jul 2024 16:49:49 +0200 Subject: [PATCH 026/815] Flake schemas This applies upstream https://github.com/NixOS/nix/pull/8892. --- Makefile.config.in | 1 + configure.ac | 6 + doc/manual/src/SUMMARY.md.in | 1 + doc/manual/src/protocols/flake-schemas.md | 60 ++ flake.lock | 16 + flake.nix | 6 +- package.nix | 3 + packaging/dependencies.nix | 2 + packaging/hydra.nix | 2 + src/libcmd/installable-flake.cc | 14 - src/libcmd/installable-flake.hh | 2 - src/libcmd/installables.cc | 5 - src/libexpr/eval-cache.cc | 6 + src/libexpr/eval-cache.hh | 7 + src/libflake/flake/flake.cc | 34 +- src/libflake/flake/flake.hh | 18 + src/nix/call-flake-schemas.nix | 43 ++ src/nix/flake-check.md | 58 +- src/nix/flake-schemas.cc | 221 ++++++ src/nix/flake-schemas.hh | 45 ++ src/nix/flake.cc | 885 +++++----------------- src/nix/local.mk | 6 + tests/functional/flakes/check.sh | 11 - tests/functional/flakes/show.sh | 43 +- tests/functional/fmt.sh | 4 +- 25 files changed, 691 insertions(+), 808 deletions(-) create mode 100644 doc/manual/src/protocols/flake-schemas.md create mode 100644 src/nix/call-flake-schemas.nix create mode 100644 src/nix/flake-schemas.cc create mode 100644 src/nix/flake-schemas.hh diff --git a/Makefile.config.in b/Makefile.config.in index 3100d207365..2ed716b5e7b 100644 --- a/Makefile.config.in +++ b/Makefile.config.in @@ -37,6 +37,7 @@ checkbindir = @checkbindir@ checklibdir = @checklibdir@ datadir = @datadir@ datarootdir = @datarootdir@ +default_flake_schemas = @default_flake_schemas@ docdir = @docdir@ embedded_sandbox_shell = @embedded_sandbox_shell@ exec_prefix = @exec_prefix@ diff --git a/configure.ac b/configure.ac index 4f66a3efcf6..caeb88b678d 100644 --- a/configure.ac +++ b/configure.ac @@ -435,6 +435,12 @@ if test "$embedded_sandbox_shell" = yes; then AC_DEFINE(HAVE_EMBEDDED_SANDBOX_SHELL, 1, [Include the sandbox shell in the Nix binary.]) fi + +AC_ARG_WITH(default-flake-schemas, AS_HELP_STRING([--with-default-flake-schemas=PATH],[path of the default flake schemas flake]), + default_flake_schemas=$withval, + [AC_MSG_FAILURE([--with-default-flake-schemas is missing])]) +AC_SUBST(default_flake_schemas) + ]) diff --git a/doc/manual/src/SUMMARY.md.in b/doc/manual/src/SUMMARY.md.in index a6a2101e9af..56e0dbeec66 100644 --- a/doc/manual/src/SUMMARY.md.in +++ b/doc/manual/src/SUMMARY.md.in @@ -113,6 +113,7 @@ - [Store Path Specification](protocols/store-path.md) - [Nix Archive (NAR) Format](protocols/nix-archive.md) - [Derivation "ATerm" file format](protocols/derivation-aterm.md) + - [Flake Schemas](protocols/flake-schemas.md) - [C API](c-api.md) - [Glossary](glossary.md) - [Contributing](contributing/index.md) diff --git a/doc/manual/src/protocols/flake-schemas.md b/doc/manual/src/protocols/flake-schemas.md new file mode 100644 index 00000000000..f6cdd6165b8 --- /dev/null +++ b/doc/manual/src/protocols/flake-schemas.md @@ -0,0 +1,60 @@ +# Flake Schemas + +Flake schemas are a mechanism to allow tools like `nix flake show` and `nix flake check` to enumerate and check the contents of a flake +in a generic way, without requiring built-in knowledge of specific flake output types like `packages` or `nixosConfigurations`. + +A flake can define schemas for its outputs by defining a `schemas` output. `schemas` should be an attribute set with an attribute for +every output type that you want to be supported. If a flake does not have a `schemas` attribute, Nix uses a built-in set of schemas (namely https://github.com/DeterminateSystems/flake-schemas). + +A schema is an attribute set with the following attributes: + +* `version`: Should be set to 1. +* `doc`: A string containing documentation about the flake output type in Markdown format. +* `allowIFD` (defaults to `true`): Whether the evaluation of the output attributes of this flake can read from derivation outputs. +* `inventory`: A function that returns the contents of the flake output (described below). + +# Inventory + +The `inventory` function returns a *node* describing the contents of the flake output. A node is either a *leaf node* or a *non-leaf node*. This allows nested flake output attributes to be described (e.g. `x86_64-linux.hello` inside a `packages` output). + +Non-leaf nodes must have the following attribute: + +* `children`: An attribute set of nodes. If this attribute is missing, the attribute if a leaf node. + +Leaf nodes can have the following attributes: + +* `derivation`: The main derivation of this node, if any. It must evaluate for `nix flake check` and `nix flake show` to succeed. + +* `evalChecks`: An attribute set of Boolean values, used by `nix flake check`. Each attribute must evaluate to `true`. + +* `isFlakeCheck`: Whether `nix flake check` should build the `derivation` attribute of this node. + +* `shortDescription`: A one-sentence description of the node (such as the `meta.description` attribute in Nixpkgs). + +* `what`: A brief human-readable string describing the type of the node, e.g. `"package"` or `"development environment"`. This is used by tools like `nix flake show` to describe the contents of a flake. + +Both leaf and non-leaf nodes can have the following attributes: + +* `forSystems`: A list of Nix system types (e.g. `["x86_64-linux"]`) supported by this node. This is used by tools to skip nodes that cannot be built on the user's system. Setting this on a non-leaf node allows all the children to be skipped, regardless of the `forSystems` attributes of the children. If this attribute is not set, the node is never skipped. + +# Example + +Here is a schema that checks that every element of the `nixosConfigurations` flake output evaluates and builds correctly (meaning that it has a `config.system.build.toplevel` attribute that yields a buildable derivation). + +```nix +outputs = { + schemas.nixosConfigurations = { + version = 1; + doc = '' + The `nixosConfigurations` flake output defines NixOS system configurations. + ''; + inventory = output: { + children = builtins.mapAttrs (configName: machine: + { + what = "NixOS configuration"; + derivation = machine.config.system.build.toplevel; + }) output; + }; + }; +}; +``` diff --git a/flake.lock b/flake.lock index f64e3ea3712..8ea495401db 100644 --- a/flake.lock +++ b/flake.lock @@ -36,6 +36,21 @@ "type": "github" } }, + "flake-schemas": { + "locked": { + "lastModified": 1719857163, + "narHash": "sha256-wM+8JtoKBkahHiKn+EM1ikurMnitwRQrZ91hipJIJK8=", + "owner": "DeterminateSystems", + "repo": "flake-schemas", + "rev": "61a02d7183d4241962025e6c6307a22a0bb72a21", + "type": "github" + }, + "original": { + "owner": "DeterminateSystems", + "repo": "flake-schemas", + "type": "github" + } + }, "flake-utils": { "locked": { "lastModified": 1667395993, @@ -145,6 +160,7 @@ "inputs": { "flake-compat": "flake-compat", "flake-parts": "flake-parts", + "flake-schemas": "flake-schemas", "libgit2": "libgit2", "nixpkgs": "nixpkgs", "nixpkgs-23-11": "nixpkgs-23-11", diff --git a/flake.nix b/flake.nix index d83c2ecad36..256ff66cda7 100644 --- a/flake.nix +++ b/flake.nix @@ -8,6 +8,7 @@ inputs.nixpkgs-23-11.url = "github:NixOS/nixpkgs/a62e6edd6d5e1fa0329b8653c801147986f8d446"; inputs.flake-compat = { url = "github:edolstra/flake-compat"; flake = false; }; inputs.libgit2 = { url = "github:libgit2/libgit2"; flake = false; }; + inputs.flake-schemas.url = "github:DeterminateSystems/flake-schemas"; # dev tooling inputs.flake-parts.url = "github:hercules-ci/flake-parts"; @@ -20,8 +21,7 @@ inputs.pre-commit-hooks.inputs.flake-compat.follows = ""; inputs.pre-commit-hooks.inputs.gitignore.follows = ""; - outputs = inputs@{ self, nixpkgs, nixpkgs-regression, libgit2, ... }: - + outputs = inputs@{ self, nixpkgs, nixpkgs-regression, libgit2, flake-schemas, ... }: let inherit (nixpkgs) lib; @@ -157,6 +157,8 @@ }; in { + schemas = flake-schemas.schemas; + # A Nixpkgs overlay that overrides the 'nix' and # 'nix-perl-bindings' packages. overlays.default = overlayFor (p: p.stdenv); diff --git a/package.nix b/package.nix index c3e565399e8..99ffd5e4062 100644 --- a/package.nix +++ b/package.nix @@ -38,6 +38,8 @@ , busybox-sandbox-shell ? null +, flake-schemas + # Configuration Options #: # This probably seems like too many degrees of freedom, but it @@ -260,6 +262,7 @@ in { (lib.enableFeature enableMarkdown "markdown") (lib.enableFeature installUnitTests "install-unit-tests") (lib.withFeatureAs true "readline-flavor" readlineFlavor) + "--with-default-flake-schemas=${flake-schemas}" ] ++ lib.optionals (!forDevShell) [ "--sysconfdir=/etc" ] ++ lib.optionals installUnitTests [ diff --git a/packaging/dependencies.nix b/packaging/dependencies.nix index 34b3449718d..4f7a6daabce 100644 --- a/packaging/dependencies.nix +++ b/packaging/dependencies.nix @@ -114,4 +114,6 @@ scope: { inherit resolvePath filesetToSource; mkMesonDerivation = f: stdenv.mkDerivation (lib.extends localSourceLayer f); + + inherit (inputs) flake-schemas; } diff --git a/packaging/hydra.nix b/packaging/hydra.nix index 4dfaf9bbfaa..d563402318a 100644 --- a/packaging/hydra.nix +++ b/packaging/hydra.nix @@ -28,6 +28,8 @@ let test-daemon = daemon; doBuild = false; + + inherit (inputs) flake-schemas; }; # Technically we could just return `pkgs.nixComponents`, but for Hydra it's diff --git a/src/libcmd/installable-flake.cc b/src/libcmd/installable-flake.cc index d42fa7aaccc..899919550e6 100644 --- a/src/libcmd/installable-flake.cc +++ b/src/libcmd/installable-flake.cc @@ -43,20 +43,6 @@ std::vector InstallableFlake::getActualAttrPaths() return res; } -Value * InstallableFlake::getFlakeOutputs(EvalState & state, const flake::LockedFlake & lockedFlake) -{ - auto vFlake = state.allocValue(); - - callFlake(state, lockedFlake, *vFlake); - - auto aOutputs = vFlake->attrs()->get(state.symbols.create("outputs")); - assert(aOutputs); - - state.forceValue(*aOutputs->value, aOutputs->value->determinePos(noPos)); - - return aOutputs->value; -} - static std::string showAttrPaths(const std::vector & paths) { std::string s; diff --git a/src/libcmd/installable-flake.hh b/src/libcmd/installable-flake.hh index 314918c140d..30240a35ae3 100644 --- a/src/libcmd/installable-flake.hh +++ b/src/libcmd/installable-flake.hh @@ -52,8 +52,6 @@ struct InstallableFlake : InstallableValue std::vector getActualAttrPaths(); - Value * getFlakeOutputs(EvalState & state, const flake::LockedFlake & lockedFlake); - DerivedPathsWithInfo toDerivedPaths() override; std::pair toValue(EvalState & state) override; diff --git a/src/libcmd/installables.cc b/src/libcmd/installables.cc index eb7048d3930..d10df2e54b5 100644 --- a/src/libcmd/installables.cc +++ b/src/libcmd/installables.cc @@ -444,11 +444,6 @@ ref openEvalCache( : std::nullopt; auto rootLoader = [&state, lockedFlake]() { - /* For testing whether the evaluation cache is - complete. */ - if (getEnv("NIX_ALLOW_EVAL").value_or("1") == "0") - throw Error("not everything is cached, but evaluation is not allowed"); - auto vFlake = state.allocValue(); flake::callFlake(state, *lockedFlake, *vFlake); diff --git a/src/libexpr/eval-cache.cc b/src/libexpr/eval-cache.cc index 2630c34d563..d43577cfd9a 100644 --- a/src/libexpr/eval-cache.cc +++ b/src/libexpr/eval-cache.cc @@ -368,6 +368,12 @@ Value * EvalCache::getRootValue() { if (!value) { debug("getting root value"); + + /* For testing whether the evaluation cache is + complete. */ + if (getEnv("NIX_ALLOW_EVAL").value_or("1") == "0") + throw Error("not everything is cached, but evaluation is not allowed"); + value = allocRootValue(rootLoader()); } return *value; diff --git a/src/libexpr/eval-cache.hh b/src/libexpr/eval-cache.hh index b1911e3a4f7..a6c8ad011c8 100644 --- a/src/libexpr/eval-cache.hh +++ b/src/libexpr/eval-cache.hh @@ -34,7 +34,11 @@ class EvalCache : public std::enable_shared_from_this friend struct CachedEvalError; std::shared_ptr db; + +public: EvalState & state; + +private: typedef std::function RootLoader; RootLoader rootLoader; RootValue value; @@ -89,7 +93,10 @@ class AttrCursor : public std::enable_shared_from_this friend class EvalCache; friend struct CachedEvalError; +public: ref root; + +private: typedef std::optional, Symbol>> Parent; Parent parent; RootValue _value; diff --git a/src/libflake/flake/flake.cc b/src/libflake/flake/flake.cc index 21acb93eee2..c69c4d66e38 100644 --- a/src/libflake/flake/flake.cc +++ b/src/libflake/flake/flake.cc @@ -204,7 +204,7 @@ static std::map parseFlakeInputs( return inputs; } -static Flake readFlake( +Flake readFlake( EvalState & state, const FlakeRef & originalRef, const FlakeRef & resolvedRef, @@ -336,19 +336,15 @@ static LockFile readLockFile(const SourcePath & lockFilePath) : LockFile(); } -/* Compute an in-memory lock file for the specified top-level flake, - and optionally write it to file, if the flake is writable. */ LockedFlake lockFlake( EvalState & state, const FlakeRef & topRef, - const LockFlags & lockFlags) + const LockFlags & lockFlags, + Flake flake, + FlakeCache & flakeCache) { - FlakeCache flakeCache; - auto useRegistries = lockFlags.useRegistries.value_or(flakeSettings.useRegistries); - auto flake = getFlake(state, topRef, useRegistries, flakeCache); - if (lockFlags.applyNixConfig) { flake.config.apply(); state.store->setOptions(); @@ -738,6 +734,28 @@ LockedFlake lockFlake( } } +LockedFlake lockFlake( + EvalState & state, + const FlakeRef & topRef, + const LockFlags & lockFlags) +{ + FlakeCache flakeCache; + + auto useRegistries = lockFlags.useRegistries.value_or(flakeSettings.useRegistries); + + return lockFlake(state, topRef, lockFlags, getFlake(state, topRef, useRegistries, flakeCache), flakeCache); +} + +LockedFlake lockFlake( + EvalState & state, + const FlakeRef & topRef, + const LockFlags & lockFlags, + Flake flake) +{ + FlakeCache flakeCache; + return lockFlake(state, topRef, lockFlags, std::move(flake), flakeCache); +} + void callFlake(EvalState & state, const LockedFlake & lockedFlake, Value & vRes) diff --git a/src/libflake/flake/flake.hh b/src/libflake/flake/flake.hh index 1ba085f0f46..2ac12b59047 100644 --- a/src/libflake/flake/flake.hh +++ b/src/libflake/flake/flake.hh @@ -193,11 +193,29 @@ struct LockFlags std::set inputUpdates; }; +Flake readFlake( + EvalState & state, + const FlakeRef & originalRef, + const FlakeRef & resolvedRef, + const FlakeRef & lockedRef, + const SourcePath & rootDir, + const InputPath & lockRootPath); + +/** + * Compute an in-memory lock file for the specified top-level flake, + * and optionally write it to file, if the flake is writable. + */ LockedFlake lockFlake( EvalState & state, const FlakeRef & flakeRef, const LockFlags & lockFlags); +LockedFlake lockFlake( + EvalState & state, + const FlakeRef & topRef, + const LockFlags & lockFlags, + Flake flake); + void callFlake( EvalState & state, const LockedFlake & lockedFlake, diff --git a/src/nix/call-flake-schemas.nix b/src/nix/call-flake-schemas.nix new file mode 100644 index 00000000000..cd6d4c3ae53 --- /dev/null +++ b/src/nix/call-flake-schemas.nix @@ -0,0 +1,43 @@ +/* The flake providing default schemas. */ +defaultSchemasFlake: + +/* The flake whose contents we want to extract. */ +flake: + +let + + # Helper functions. + + mapAttrsToList = f: attrs: map (name: f name attrs.${name}) (builtins.attrNames attrs); + +in + +rec { + outputNames = builtins.attrNames flake.outputs; + + allSchemas = (flake.outputs.schemas or defaultSchemasFlake.schemas) // schemaOverrides; + + schemaOverrides = {}; # FIXME + + schemas = + builtins.listToAttrs (builtins.concatLists (mapAttrsToList + (outputName: output: + if allSchemas ? ${outputName} then + [{ name = outputName; value = allSchemas.${outputName}; }] + else + [ ]) + flake.outputs)); + + inventory = + builtins.mapAttrs + (outputName: output: + if schemas ? ${outputName} && schemas.${outputName}.version == 1 + then + { output = schemas.${outputName}.inventory output; + inherit (schemas.${outputName}) doc; + } + else + { unknown = true; } + ) + flake.outputs; +} diff --git a/src/nix/flake-check.md b/src/nix/flake-check.md index c8307f8d85b..71dd916407e 100644 --- a/src/nix/flake-check.md +++ b/src/nix/flake-check.md @@ -18,56 +18,20 @@ R""( # Description This command verifies that the flake specified by flake reference -*flake-url* can be evaluated successfully (as detailed below), and -that the derivations specified by the flake's `checks` output can be -built successfully. +*flake-url* can be evaluated and built successfully according to its +`schemas` flake output. For every flake output that has a schema +definition, `nix flake check` uses the schema to extract the contents +of the output. Then, for every item in the contents: + +* It evaluates the elements of the `evalChecks` attribute set returned + by the schema for that item, printing an error or warning for every + check that fails to evaluate or that evaluates to `false`. + +* It builds `derivation` attribute returned by the schema for that + item, if the item has the `isFlakeCheck` attribute. If the `keep-going` option is set to `true`, Nix will keep evaluating as much as it can and report the errors as it encounters them. Otherwise it will stop at the first error. -# Evaluation checks - -The following flake output attributes must be derivations: - -* `checks.`*system*`.`*name* -* `defaultPackage.`*system* -* `devShell.`*system* -* `devShells.`*system*`.`*name* -* `nixosConfigurations.`*name*`.config.system.build.toplevel` -* `packages.`*system*`.`*name* - -The following flake output attributes must be [app -definitions](./nix3-run.md): - -* `apps.`*system*`.`*name* -* `defaultApp.`*system* - -The following flake output attributes must be [template -definitions](./nix3-flake-init.md): - -* `defaultTemplate` -* `templates.`*name* - -The following flake output attributes must be *Nixpkgs overlays*: - -* `overlay` -* `overlays.`*name* - -The following flake output attributes must be *NixOS modules*: - -* `nixosModule` -* `nixosModules.`*name* - -The following flake output attributes must be -[bundlers](./nix3-bundle.md): - -* `bundlers.`*name* -* `defaultBundler` - -In addition, the `hydraJobs` output is evaluated in the same way as -Hydra's `hydra-eval-jobs` (i.e. as a arbitrarily deeply nested -attribute set of derivations). Similarly, the -`legacyPackages`.*system* output is evaluated like `nix-env --query --available `. - )"" diff --git a/src/nix/flake-schemas.cc b/src/nix/flake-schemas.cc new file mode 100644 index 00000000000..b93aaa4a4fe --- /dev/null +++ b/src/nix/flake-schemas.cc @@ -0,0 +1,221 @@ +#include "flake-schemas.hh" +#include "eval-settings.hh" +#include "fetch-to-store.hh" +#include "memory-source-accessor.hh" + +namespace nix::flake_schemas { + +using namespace eval_cache; +using namespace flake; + +static LockedFlake getBuiltinDefaultSchemasFlake(EvalState & state) +{ + auto accessor = make_ref(); + + accessor->setPathDisplay("«builtin-flake-schemas»"); + + accessor->addFile( + CanonPath("flake.nix"), +#include "builtin-flake-schemas.nix.gen.hh" + ); + + // FIXME: remove this when we have lazy trees. + auto storePath = fetchToStore(*state.store, {accessor}, FetchMode::Copy); + state.allowPath(storePath); + + // Construct a dummy flakeref. + auto flakeRef = parseFlakeRef( + fmt("tarball+https://builtin-flake-schemas?narHash=%s", + state.store->queryPathInfo(storePath)->narHash.to_string(HashFormat::SRI, true))); + + auto flake = readFlake(state, flakeRef, flakeRef, flakeRef, state.rootPath(state.store->toRealPath(storePath)), {}); + + return lockFlake(state, flakeRef, {}, flake); +} + +std::tuple, ref> +call(EvalState & state, std::shared_ptr lockedFlake, std::optional defaultSchemasFlake) +{ + auto fingerprint = lockedFlake->getFingerprint(state.store); + + std::string callFlakeSchemasNix = +#include "call-flake-schemas.nix.gen.hh" + ; + + auto lockedDefaultSchemasFlake = + defaultSchemasFlake ? flake::lockFlake(state, *defaultSchemasFlake, {}) : getBuiltinDefaultSchemasFlake(state); + auto lockedDefaultSchemasFlakeFingerprint = lockedDefaultSchemasFlake.getFingerprint(state.store); + + std::optional fingerprint2; + if (fingerprint && lockedDefaultSchemasFlakeFingerprint) + fingerprint2 = hashString( + HashAlgorithm::SHA256, + fmt("app:%s:%s:%s", + hashString(HashAlgorithm::SHA256, callFlakeSchemasNix).to_string(HashFormat::Base16, false), + fingerprint->to_string(HashFormat::Base16, false), + lockedDefaultSchemasFlakeFingerprint->to_string(HashFormat::Base16, false))); + + // FIXME: merge with openEvalCache(). + auto cache = make_ref( + evalSettings.useEvalCache && evalSettings.pureEval ? fingerprint2 : std::nullopt, + state, + [&state, lockedFlake, callFlakeSchemasNix, lockedDefaultSchemasFlake]() { + auto vCallFlakeSchemas = state.allocValue(); + state.eval( + state.parseExprFromString(callFlakeSchemasNix, state.rootPath(CanonPath::root)), *vCallFlakeSchemas); + + auto vFlake = state.allocValue(); + flake::callFlake(state, *lockedFlake, *vFlake); + + auto vDefaultSchemasFlake = state.allocValue(); + if (vFlake->type() == nAttrs && vFlake->attrs()->get(state.symbols.create("schemas"))) + vDefaultSchemasFlake->mkNull(); + else + flake::callFlake(state, lockedDefaultSchemasFlake, *vDefaultSchemasFlake); + + auto vRes = state.allocValue(); + Value * args[] = {vDefaultSchemasFlake, vFlake}; + state.callFunction(*vCallFlakeSchemas, 2, args, *vRes, noPos); + + return vRes; + }); + + return {cache, cache->getRoot()->getAttr("inventory")}; +} + +/* Derive the flake output attribute path from the cursor used to + traverse the inventory. We do this so we don't have to maintain a + separate attrpath for that. */ +std::vector toAttrPath(ref cursor) +{ + auto attrPath = cursor->getAttrPath(); + std::vector res; + auto i = attrPath.begin(); + assert(i != attrPath.end()); + ++i; // skip "inventory" + assert(i != attrPath.end()); + res.push_back(*i++); // copy output name + if (i != attrPath.end()) + ++i; // skip "outputs" + while (i != attrPath.end()) { + ++i; // skip "children" + if (i != attrPath.end()) + res.push_back(*i++); + } + return res; +} + +std::string toAttrPathStr(ref cursor) +{ + return concatStringsSep(".", cursor->root->state.symbols.resolve(toAttrPath(cursor))); +} + +void forEachOutput( + ref inventory, + std::function output, const std::string & doc, bool isLast)> f) +{ + // FIXME: handle non-IFD outputs first. + // evalSettings.enableImportFromDerivation.setDefault(false); + + auto outputNames = inventory->getAttrs(); + for (const auto & [i, outputName] : enumerate(outputNames)) { + auto output = inventory->getAttr(outputName); + try { + auto isUnknown = (bool) output->maybeGetAttr("unknown"); + Activity act(*logger, lvlInfo, actUnknown, fmt("evaluating '%s'", toAttrPathStr(output))); + f(outputName, + isUnknown ? std::shared_ptr() : output->getAttr("output"), + isUnknown ? "" : output->getAttr("doc")->getString(), + i + 1 == outputNames.size()); + } catch (Error & e) { + e.addTrace(nullptr, "while evaluating the flake output '%s':", toAttrPathStr(output)); + throw; + } + } +} + +void visit( + std::optional system, + ref node, + std::function leaf)> visitLeaf, + std::function)> visitNonLeaf, + std::function node, const std::vector & systems)> visitFiltered) +{ + Activity act(*logger, lvlInfo, actUnknown, fmt("evaluating '%s'", toAttrPathStr(node))); + + /* Apply the system type filter. */ + if (system) { + if (auto forSystems = node->maybeGetAttr("forSystems")) { + auto systems = forSystems->getListOfStrings(); + if (std::find(systems.begin(), systems.end(), system) == systems.end()) { + visitFiltered(node, systems); + return; + } + } + } + + if (auto children = node->maybeGetAttr("children")) { + visitNonLeaf([&](ForEachChild f) { + auto attrNames = children->getAttrs(); + for (const auto & [i, attrName] : enumerate(attrNames)) { + try { + f(attrName, children->getAttr(attrName), i + 1 == attrNames.size()); + } catch (Error & e) { + // FIXME: make it a flake schema attribute whether to ignore evaluation errors. + if (node->root->state.symbols[toAttrPath(node)[0]] != "legacyPackages") { + e.addTrace(nullptr, "while evaluating the flake output attribute '%s':", toAttrPathStr(node)); + throw; + } + } + } + }); + } + + else + visitLeaf(ref(node)); +} + +std::optional what(ref leaf) +{ + if (auto what = leaf->maybeGetAttr("what")) + return what->getString(); + else + return std::nullopt; +} + +std::optional shortDescription(ref leaf) +{ + if (auto what = leaf->maybeGetAttr("shortDescription")) { + auto s = trim(what->getString()); + if (s != "") + return s; + } + return std::nullopt; +} + +std::shared_ptr derivation(ref leaf) +{ + return leaf->maybeGetAttr("derivation"); +} + +MixFlakeSchemas::MixFlakeSchemas() +{ + addFlag( + {.longName = "default-flake-schemas", + .description = "The URL of the flake providing default flake schema definitions.", + .labels = {"flake-ref"}, + .handler = {&defaultFlakeSchemas}, + .completer = {[&](AddCompletions & completions, size_t, std::string_view prefix) { + completeFlakeRef(completions, getStore(), prefix); + }}}); +} + +std::optional MixFlakeSchemas::getDefaultFlakeSchemas() +{ + if (!defaultFlakeSchemas) + return std::nullopt; + else + return parseFlakeRef(*defaultFlakeSchemas, absPath(".")); +} + +} diff --git a/src/nix/flake-schemas.hh b/src/nix/flake-schemas.hh new file mode 100644 index 00000000000..9d1ba75a0ed --- /dev/null +++ b/src/nix/flake-schemas.hh @@ -0,0 +1,45 @@ +#include "eval-cache.hh" +#include "flake/flake.hh" +#include "command.hh" + +namespace nix::flake_schemas { + +using namespace eval_cache; + +std::tuple, ref> +call(EvalState & state, std::shared_ptr lockedFlake, std::optional defaultSchemasFlake); + +std::vector toAttrPath(ref cursor); + +std::string toAttrPathStr(ref cursor); + +void forEachOutput( + ref inventory, + std::function output, const std::string & doc, bool isLast)> f); + +typedef std::function attr, bool isLast)> ForEachChild; + +void visit( + std::optional system, + ref node, + std::function leaf)> visitLeaf, + std::function)> visitNonLeaf, + std::function node, const std::vector & systems)> visitFiltered); + +std::optional what(ref leaf); + +std::optional shortDescription(ref leaf); + +std::shared_ptr derivation(ref leaf); + +/* Some helper functions for processing flake schema output. */ +struct MixFlakeSchemas : virtual Args, virtual StoreCommand +{ + std::optional defaultFlakeSchemas; + + MixFlakeSchemas(); + + std::optional getDefaultFlakeSchemas(); +}; + +} diff --git a/src/nix/flake.cc b/src/nix/flake.cc index a86e36206b7..691632e2ef1 100644 --- a/src/nix/flake.cc +++ b/src/nix/flake.cc @@ -17,6 +17,7 @@ #include "eval-cache.hh" #include "markdown.hh" #include "users.hh" +#include "flake-schemas.hh" #include #include @@ -164,31 +165,6 @@ struct CmdFlakeLock : FlakeCommand } }; -static void enumerateOutputs(EvalState & state, Value & vFlake, - std::function callback) -{ - auto pos = vFlake.determinePos(noPos); - state.forceAttrs(vFlake, pos, "while evaluating a flake to get its outputs"); - - auto aOutputs = vFlake.attrs()->get(state.symbols.create("outputs")); - assert(aOutputs); - - state.forceAttrs(*aOutputs->value, pos, "while evaluating the outputs of a flake"); - - auto sHydraJobs = state.symbols.create("hydraJobs"); - - /* Hack: ensure that hydraJobs is evaluated before anything - else. This way we can disable IFD for hydraJobs and then enable - it for other outputs. */ - if (auto attr = aOutputs->value->attrs()->get(sHydraJobs)) - callback(state.symbols[attr->name], *attr->value, attr->pos); - - for (auto & attr : *aOutputs->value->attrs()) { - if (attr.name != sHydraJobs) - callback(state.symbols[attr.name], *attr.value, attr.pos); - } -} - struct CmdFlakeMetadata : FlakeCommand, MixJSON { std::string description() override @@ -319,7 +295,7 @@ struct CmdFlakeInfo : CmdFlakeMetadata } }; -struct CmdFlakeCheck : FlakeCommand +struct CmdFlakeCheck : FlakeCommand, flake_schemas::MixFlakeSchemas { bool build = true; bool checkAllSystems = false; @@ -360,16 +336,26 @@ struct CmdFlakeCheck : FlakeCommand auto state = getEvalState(); lockFlags.applyNixConfig = true; - auto flake = lockFlake(); + auto flake = std::make_shared(lockFlake()); auto localSystem = std::string(settings.thisSystem.get()); + auto [cache, inventory] = flake_schemas::call(*state, flake, getDefaultFlakeSchemas()); + + std::vector drvPaths; + + std::set uncheckedOutputs; + std::set omittedSystems; + + std::function node)> visit; + bool hasErrors = false; + auto reportError = [&](const Error & e) { try { throw e; } catch (Error & e) { if (settings.keepGoing) { - ignoreException(); + logError({.msg = e.info().msg}); hasErrors = true; } else @@ -377,428 +363,70 @@ struct CmdFlakeCheck : FlakeCommand } }; - std::set omittedSystems; - - // FIXME: rewrite to use EvalCache. - - auto resolve = [&] (PosIdx p) { - return state->positions[p]; - }; - - auto argHasName = [&] (Symbol arg, std::string_view expected) { - std::string_view name = state->symbols[arg]; - return - name == expected - || name == "_" - || (hasPrefix(name, "_") && name.substr(1) == expected); - }; - - auto checkSystemName = [&](const std::string & system, const PosIdx pos) { - // FIXME: what's the format of "system"? - if (system.find('-') == std::string::npos) - reportError(Error("'%s' is not a valid system type, at %s", system, resolve(pos))); - }; - - auto checkSystemType = [&](const std::string & system, const PosIdx pos) { - if (!checkAllSystems && system != localSystem) { - omittedSystems.insert(system); - return false; - } else { - return true; - } - }; - - auto checkDerivation = [&](const std::string & attrPath, Value & v, const PosIdx pos) -> std::optional { - try { - Activity act(*logger, lvlInfo, actUnknown, - fmt("checking derivation %s", attrPath)); - auto packageInfo = getDerivation(*state, v, false); - if (!packageInfo) - throw Error("flake attribute '%s' is not a derivation", attrPath); - else { - // FIXME: check meta attributes - auto storePath = packageInfo->queryDrvPath(); - if (storePath) { - logger->log(lvlInfo, - fmt("derivation evaluated to %s", - store->printStorePath(storePath.value()))); - } - return storePath; - } - } catch (Error & e) { - e.addTrace(resolve(pos), HintFmt("while checking the derivation '%s'", attrPath)); - reportError(e); - } - return std::nullopt; - }; - - std::vector drvPaths; - - auto checkApp = [&](const std::string & attrPath, Value & v, const PosIdx pos) { - try { - #if 0 - // FIXME - auto app = App(*state, v); - for (auto & i : app.context) { - auto [drvPathS, outputName] = NixStringContextElem::parse(i); - store->parseStorePath(drvPathS); - } - #endif - } catch (Error & e) { - e.addTrace(resolve(pos), HintFmt("while checking the app definition '%s'", attrPath)); - reportError(e); - } - }; - - auto checkOverlay = [&](const std::string & attrPath, Value & v, const PosIdx pos) { - try { - Activity act(*logger, lvlInfo, actUnknown, - fmt("checking overlay '%s'", attrPath)); - state->forceValue(v, pos); - if (!v.isLambda()) { - throw Error("overlay is not a function, but %s instead", showType(v)); - } - if (v.payload.lambda.fun->hasFormals() - || !argHasName(v.payload.lambda.fun->arg, "final")) - throw Error("overlay does not take an argument named 'final'"); - // FIXME: if we have a 'nixpkgs' input, use it to - // evaluate the overlay. - } catch (Error & e) { - e.addTrace(resolve(pos), HintFmt("while checking the overlay '%s'", attrPath)); - reportError(e); - } - }; - - auto checkModule = [&](const std::string & attrPath, Value & v, const PosIdx pos) { - try { - Activity act(*logger, lvlInfo, actUnknown, - fmt("checking NixOS module '%s'", attrPath)); - state->forceValue(v, pos); - } catch (Error & e) { - e.addTrace(resolve(pos), HintFmt("while checking the NixOS module '%s'", attrPath)); - reportError(e); - } - }; - - std::function checkHydraJobs; - - checkHydraJobs = [&](const std::string & attrPath, Value & v, const PosIdx pos) { - try { - Activity act(*logger, lvlInfo, actUnknown, - fmt("checking Hydra job '%s'", attrPath)); - state->forceAttrs(v, pos, ""); - - if (state->isDerivation(v)) - throw Error("jobset should not be a derivation at top-level"); - - for (auto & attr : *v.attrs()) { - state->forceAttrs(*attr.value, attr.pos, ""); - auto attrPath2 = concatStrings(attrPath, ".", state->symbols[attr.name]); - if (state->isDerivation(*attr.value)) { - Activity act(*logger, lvlInfo, actUnknown, - fmt("checking Hydra job '%s'", attrPath2)); - checkDerivation(attrPath2, *attr.value, attr.pos); - } else - checkHydraJobs(attrPath2, *attr.value, attr.pos); - } - - } catch (Error & e) { - e.addTrace(resolve(pos), HintFmt("while checking the Hydra jobset '%s'", attrPath)); - reportError(e); - } - }; - - auto checkNixOSConfiguration = [&](const std::string & attrPath, Value & v, const PosIdx pos) { - try { - Activity act(*logger, lvlInfo, actUnknown, - fmt("checking NixOS configuration '%s'", attrPath)); - Bindings & bindings(*state->allocBindings(0)); - auto vToplevel = findAlongAttrPath(*state, "config.system.build.toplevel", bindings, v).first; - state->forceValue(*vToplevel, pos); - if (!state->isDerivation(*vToplevel)) - throw Error("attribute 'config.system.build.toplevel' is not a derivation"); - } catch (Error & e) { - e.addTrace(resolve(pos), HintFmt("while checking the NixOS configuration '%s'", attrPath)); - reportError(e); - } - }; - - auto checkTemplate = [&](const std::string & attrPath, Value & v, const PosIdx pos) { - try { - Activity act(*logger, lvlInfo, actUnknown, - fmt("checking template '%s'", attrPath)); - - state->forceAttrs(v, pos, ""); - - if (auto attr = v.attrs()->get(state->symbols.create("path"))) { - if (attr->name == state->symbols.create("path")) { - NixStringContext context; - auto path = state->coerceToPath(attr->pos, *attr->value, context, ""); - if (!path.pathExists()) - throw Error("template '%s' refers to a non-existent path '%s'", attrPath, path); - // TODO: recursively check the flake in 'path'. - } - } else - throw Error("template '%s' lacks attribute 'path'", attrPath); - - if (auto attr = v.attrs()->get(state->symbols.create("description"))) - state->forceStringNoCtx(*attr->value, attr->pos, ""); - else - throw Error("template '%s' lacks attribute 'description'", attrPath); - - for (auto & attr : *v.attrs()) { - std::string_view name(state->symbols[attr.name]); - if (name != "path" && name != "description" && name != "welcomeText") - throw Error("template '%s' has unsupported attribute '%s'", attrPath, name); - } - } catch (Error & e) { - e.addTrace(resolve(pos), HintFmt("while checking the template '%s'", attrPath)); - reportError(e); - } - }; - - auto checkBundler = [&](const std::string & attrPath, Value & v, const PosIdx pos) { - try { - Activity act(*logger, lvlInfo, actUnknown, - fmt("checking bundler '%s'", attrPath)); - state->forceValue(v, pos); - if (!v.isLambda()) - throw Error("bundler must be a function"); - // TODO: check types of inputs/outputs? - } catch (Error & e) { - e.addTrace(resolve(pos), HintFmt("while checking the template '%s'", attrPath)); - reportError(e); - } - }; - + visit = [&](ref node) { - Activity act(*logger, lvlInfo, actUnknown, "evaluating flake"); - - auto vFlake = state->allocValue(); - flake::callFlake(*state, flake, *vFlake); - - enumerateOutputs(*state, - *vFlake, - [&](const std::string & name, Value & vOutput, const PosIdx pos) { - Activity act(*logger, lvlInfo, actUnknown, - fmt("checking flake output '%s'", name)); - - try { - evalSettings.enableImportFromDerivation.setDefault(name != "hydraJobs"); - - state->forceValue(vOutput, pos); - - std::string_view replacement = - name == "defaultPackage" ? "packages..default" : - name == "defaultApp" ? "apps..default" : - name == "defaultTemplate" ? "templates.default" : - name == "defaultBundler" ? "bundlers..default" : - name == "overlay" ? "overlays.default" : - name == "devShell" ? "devShells..default" : - name == "nixosModule" ? "nixosModules.default" : - ""; - if (replacement != "") - warn("flake output attribute '%s' is deprecated; use '%s' instead", name, replacement); - - if (name == "checks") { - state->forceAttrs(vOutput, pos, ""); - for (auto & attr : *vOutput.attrs()) { - const auto & attr_name = state->symbols[attr.name]; - checkSystemName(attr_name, attr.pos); - if (checkSystemType(attr_name, attr.pos)) { - state->forceAttrs(*attr.value, attr.pos, ""); - for (auto & attr2 : *attr.value->attrs()) { - auto drvPath = checkDerivation( - fmt("%s.%s.%s", name, attr_name, state->symbols[attr2.name]), - *attr2.value, attr2.pos); - if (drvPath && attr_name == settings.thisSystem.get()) { - drvPaths.push_back(DerivedPath::Built { - .drvPath = makeConstantStorePathRef(*drvPath), - .outputs = OutputsSpec::All { }, - }); - } - } - } - } - } - - else if (name == "formatter") { - state->forceAttrs(vOutput, pos, ""); - for (auto & attr : *vOutput.attrs()) { - const auto & attr_name = state->symbols[attr.name]; - checkSystemName(attr_name, attr.pos); - if (checkSystemType(attr_name, attr.pos)) { - checkApp( - fmt("%s.%s", name, attr_name), - *attr.value, attr.pos); - }; - } - } + flake_schemas::visit( + checkAllSystems ? std::optional() : localSystem, + node, - else if (name == "packages" || name == "devShells") { - state->forceAttrs(vOutput, pos, ""); - for (auto & attr : *vOutput.attrs()) { - const auto & attr_name = state->symbols[attr.name]; - checkSystemName(attr_name, attr.pos); - if (checkSystemType(attr_name, attr.pos)) { - state->forceAttrs(*attr.value, attr.pos, ""); - for (auto & attr2 : *attr.value->attrs()) - checkDerivation( - fmt("%s.%s.%s", name, attr_name, state->symbols[attr2.name]), - *attr2.value, attr2.pos); - }; - } - } - - else if (name == "apps") { - state->forceAttrs(vOutput, pos, ""); - for (auto & attr : *vOutput.attrs()) { - const auto & attr_name = state->symbols[attr.name]; - checkSystemName(attr_name, attr.pos); - if (checkSystemType(attr_name, attr.pos)) { - state->forceAttrs(*attr.value, attr.pos, ""); - for (auto & attr2 : *attr.value->attrs()) - checkApp( - fmt("%s.%s.%s", name, attr_name, state->symbols[attr2.name]), - *attr2.value, attr2.pos); - }; - } - } - - else if (name == "defaultPackage" || name == "devShell") { - state->forceAttrs(vOutput, pos, ""); - for (auto & attr : *vOutput.attrs()) { - const auto & attr_name = state->symbols[attr.name]; - checkSystemName(attr_name, attr.pos); - if (checkSystemType(attr_name, attr.pos)) { - checkDerivation( - fmt("%s.%s", name, attr_name), - *attr.value, attr.pos); - }; - } - } - - else if (name == "defaultApp") { - state->forceAttrs(vOutput, pos, ""); - for (auto & attr : *vOutput.attrs()) { - const auto & attr_name = state->symbols[attr.name]; - checkSystemName(attr_name, attr.pos); - if (checkSystemType(attr_name, attr.pos) ) { - checkApp( - fmt("%s.%s", name, attr_name), - *attr.value, attr.pos); - }; - } - } - - else if (name == "legacyPackages") { - state->forceAttrs(vOutput, pos, ""); - for (auto & attr : *vOutput.attrs()) { - checkSystemName(state->symbols[attr.name], attr.pos); - checkSystemType(state->symbols[attr.name], attr.pos); - // FIXME: do getDerivations? - } - } - - else if (name == "overlay") - checkOverlay(name, vOutput, pos); - - else if (name == "overlays") { - state->forceAttrs(vOutput, pos, ""); - for (auto & attr : *vOutput.attrs()) - checkOverlay(fmt("%s.%s", name, state->symbols[attr.name]), - *attr.value, attr.pos); - } - - else if (name == "nixosModule") - checkModule(name, vOutput, pos); - - else if (name == "nixosModules") { - state->forceAttrs(vOutput, pos, ""); - for (auto & attr : *vOutput.attrs()) - checkModule(fmt("%s.%s", name, state->symbols[attr.name]), - *attr.value, attr.pos); - } - - else if (name == "nixosConfigurations") { - state->forceAttrs(vOutput, pos, ""); - for (auto & attr : *vOutput.attrs()) - checkNixOSConfiguration(fmt("%s.%s", name, state->symbols[attr.name]), - *attr.value, attr.pos); - } - - else if (name == "hydraJobs") - checkHydraJobs(name, vOutput, pos); - - else if (name == "defaultTemplate") - checkTemplate(name, vOutput, pos); - - else if (name == "templates") { - state->forceAttrs(vOutput, pos, ""); - for (auto & attr : *vOutput.attrs()) - checkTemplate(fmt("%s.%s", name, state->symbols[attr.name]), - *attr.value, attr.pos); + [&](ref leaf) + { + if (auto evalChecks = leaf->maybeGetAttr("evalChecks")) { + auto checkNames = evalChecks->getAttrs(); + for (auto & checkName : checkNames) { + // FIXME: update activity + auto cursor = evalChecks->getAttr(checkName); + auto b = cursor->getBool(); + if (!b) + reportError(Error("Evaluation check '%s' failed.", flake_schemas::toAttrPathStr(cursor))); } + } - else if (name == "defaultBundler") { - state->forceAttrs(vOutput, pos, ""); - for (auto & attr : *vOutput.attrs()) { - const auto & attr_name = state->symbols[attr.name]; - checkSystemName(attr_name, attr.pos); - if (checkSystemType(attr_name, attr.pos)) { - checkBundler( - fmt("%s.%s", name, attr_name), - *attr.value, attr.pos); - }; + if (auto drv = flake_schemas::derivation(leaf)) { + if (auto isFlakeCheck = leaf->maybeGetAttr("isFlakeCheck")) { + if (isFlakeCheck->getBool()) { + auto drvPath = drv->forceDerivation(); + drvPaths.push_back(DerivedPath::Built { + .drvPath = makeConstantStorePathRef(drvPath), + .outputs = OutputsSpec::All { }, + }); } } + } + }, - else if (name == "bundlers") { - state->forceAttrs(vOutput, pos, ""); - for (auto & attr : *vOutput.attrs()) { - const auto & attr_name = state->symbols[attr.name]; - checkSystemName(attr_name, attr.pos); - if (checkSystemType(attr_name, attr.pos)) { - state->forceAttrs(*attr.value, attr.pos, ""); - for (auto & attr2 : *attr.value->attrs()) { - checkBundler( - fmt("%s.%s.%s", name, attr_name, state->symbols[attr2.name]), - *attr2.value, attr2.pos); - } - }; - } - } + [&](std::function forEachChild) + { + forEachChild([&](Symbol attrName, ref node, bool isLast) + { + visit(node); + }); + }, + + [&](ref node, const std::vector & systems) { + for (auto & s : systems) + omittedSystems.insert(s); + }); + }; - else if ( - name == "lib" - || name == "darwinConfigurations" - || name == "darwinModules" - || name == "flakeModule" - || name == "flakeModules" - || name == "herculesCI" - || name == "homeConfigurations" - || name == "homeModule" - || name == "homeModules" - || name == "nixopsConfigurations" - ) - // Known but unchecked community attribute - ; - - else - warn("unknown flake output '%s'", name); + flake_schemas::forEachOutput(inventory, [&](Symbol outputName, std::shared_ptr output, const std::string & doc, bool isLast) + { + if (output) { + visit(ref(output)); + } else + uncheckedOutputs.insert(state->symbols[outputName]); + }); - } catch (Error & e) { - e.addTrace(resolve(pos), HintFmt("while checking flake output '%s'", name)); - reportError(e); - } - }); - } + if (!uncheckedOutputs.empty()) + warn("The following flake outputs are unchecked: %s.", + concatStringsSep(", ", uncheckedOutputs)); // FIXME: quote if (build && !drvPaths.empty()) { Activity act(*logger, lvlInfo, actUnknown, fmt("running %d flake checks", drvPaths.size())); store->buildPaths(drvPaths); } + if (hasErrors) throw Error("some errors were encountered during the evaluation"); @@ -808,7 +436,7 @@ struct CmdFlakeCheck : FlakeCommand "Use '--all-systems' to check all.", concatStringsSep(", ", omittedSystems) ); - }; + } }; }; @@ -1092,7 +720,7 @@ struct CmdFlakeArchive : FlakeCommand, MixJSON, MixDryRun } }; -struct CmdFlakeShow : FlakeCommand, MixJSON +struct CmdFlakeShow : FlakeCommand, MixJSON, flake_schemas::MixFlakeSchemas { bool showLegacy = false; bool showAllSystems = false; @@ -1125,267 +753,158 @@ struct CmdFlakeShow : FlakeCommand, MixJSON void run(nix::ref store) override { - evalSettings.enableImportFromDerivation.setDefault(false); - auto state = getEvalState(); auto flake = std::make_shared(lockFlake()); auto localSystem = std::string(settings.thisSystem.get()); - std::function &attrPath, - const Symbol &attr)> hasContent; - - // For frameworks it's important that structures are as lazy as possible - // to prevent infinite recursions, performance issues and errors that - // aren't related to the thing to evaluate. As a consequence, they have - // to emit more attributes than strictly (sic) necessary. - // However, these attributes with empty values are not useful to the user - // so we omit them. - hasContent = [&]( - eval_cache::AttrCursor & visitor, - const std::vector &attrPath, - const Symbol &attr) -> bool - { - auto attrPath2(attrPath); - attrPath2.push_back(attr); - auto attrPathS = state->symbols.resolve(attrPath2); - const auto & attrName = state->symbols[attr]; - - auto visitor2 = visitor.getAttr(attrName); - - try { - if ((attrPathS[0] == "apps" - || attrPathS[0] == "checks" - || attrPathS[0] == "devShells" - || attrPathS[0] == "legacyPackages" - || attrPathS[0] == "packages") - && (attrPathS.size() == 1 || attrPathS.size() == 2)) { - for (const auto &subAttr : visitor2->getAttrs()) { - if (hasContent(*visitor2, attrPath2, subAttr)) { - return true; - } - } - return false; - } - - if ((attrPathS.size() == 1) - && (attrPathS[0] == "formatter" - || attrPathS[0] == "nixosConfigurations" - || attrPathS[0] == "nixosModules" - || attrPathS[0] == "overlays" - )) { - for (const auto &subAttr : visitor2->getAttrs()) { - if (hasContent(*visitor2, attrPath2, subAttr)) { - return true; - } - } - return false; - } - - // If we don't recognize it, it's probably content - return true; - } catch (EvalError & e) { - // Some attrs may contain errors, e.g. legacyPackages of - // nixpkgs. We still want to recurse into it, instead of - // skipping it at all. - return true; - } - }; + auto [cache, inventory] = flake_schemas::call(*state, flake, getDefaultFlakeSchemas()); - std::function & attrPath, - const std::string & headerPrefix, - const std::string & nextPrefix)> visit; - - visit = [&]( - eval_cache::AttrCursor & visitor, - const std::vector & attrPath, - const std::string & headerPrefix, - const std::string & nextPrefix) - -> nlohmann::json - { - auto j = nlohmann::json::object(); - - auto attrPathS = state->symbols.resolve(attrPath); - - Activity act(*logger, lvlInfo, actUnknown, - fmt("evaluating '%s'", concatStringsSep(".", attrPathS))); + if (json) { + std::function node, nlohmann::json & obj)> visit; - try { - auto recurse = [&]() - { - if (!json) - logger->cout("%s", headerPrefix); - std::vector attrs; - for (const auto &attr : visitor.getAttrs()) { - if (hasContent(visitor, attrPath, attr)) - attrs.push_back(attr); - } + visit = [&](ref node, nlohmann::json & obj) + { + flake_schemas::visit( + showAllSystems ? std::optional() : localSystem, + node, + + [&](ref leaf) + { + obj.emplace("leaf", true); + + if (auto what = flake_schemas::what(leaf)) + obj.emplace("what", what); + + if (auto shortDescription = flake_schemas::shortDescription(leaf)) + obj.emplace("shortDescription", shortDescription); + + if (auto drv = flake_schemas::derivation(leaf)) + obj.emplace("derivationName", drv->getAttr(state->sName)->getString()); + + // FIXME: add more stuff + }, + + [&](std::function forEachChild) + { + auto children = nlohmann::json::object(); + forEachChild([&](Symbol attrName, ref node, bool isLast) + { + auto j = nlohmann::json::object(); + try { + visit(node, j); + } catch (EvalError & e) { + // FIXME: make it a flake schema attribute whether to ignore evaluation errors. + if (node->root->state.symbols[flake_schemas::toAttrPath(node)[0]] == "legacyPackages") + j.emplace("failed", true); + else + throw; + } + children.emplace(state->symbols[attrName], std::move(j)); + }); + obj.emplace("children", std::move(children)); + }, + + [&](ref node, const std::vector & systems) + { + obj.emplace("filtered", true); + }); + }; - for (const auto & [i, attr] : enumerate(attrs)) { - const auto & attrName = state->symbols[attr]; - bool last = i + 1 == attrs.size(); - auto visitor2 = visitor.getAttr(attrName); - auto attrPath2(attrPath); - attrPath2.push_back(attr); - auto j2 = visit(*visitor2, attrPath2, - fmt(ANSI_GREEN "%s%s" ANSI_NORMAL ANSI_BOLD "%s" ANSI_NORMAL, nextPrefix, last ? treeLast : treeConn, attrName), - nextPrefix + (last ? treeNull : treeLine)); - if (json) j.emplace(attrName, std::move(j2)); - } - }; + auto res = nlohmann::json::object(); - auto showDerivation = [&]() - { - auto name = visitor.getAttr(state->sName)->getString(); - if (json) { - std::optional description; - if (auto aMeta = visitor.maybeGetAttr(state->sMeta)) { - if (auto aDescription = aMeta->maybeGetAttr(state->sDescription)) - description = aDescription->getString(); - } - j.emplace("type", "derivation"); - j.emplace("name", name); - if (description) - j.emplace("description", *description); - } else { - logger->cout("%s: %s '%s'", - headerPrefix, - attrPath.size() == 2 && attrPathS[0] == "devShell" ? "development environment" : - attrPath.size() >= 2 && attrPathS[0] == "devShells" ? "development environment" : - attrPath.size() == 3 && attrPathS[0] == "checks" ? "derivation" : - attrPath.size() >= 1 && attrPathS[0] == "hydraJobs" ? "derivation" : - "package", - name); - } - }; - - if (attrPath.size() == 0 - || (attrPath.size() == 1 && ( - attrPathS[0] == "defaultPackage" - || attrPathS[0] == "devShell" - || attrPathS[0] == "formatter" - || attrPathS[0] == "nixosConfigurations" - || attrPathS[0] == "nixosModules" - || attrPathS[0] == "defaultApp" - || attrPathS[0] == "templates" - || attrPathS[0] == "overlays")) - || ((attrPath.size() == 1 || attrPath.size() == 2) - && (attrPathS[0] == "checks" - || attrPathS[0] == "packages" - || attrPathS[0] == "devShells" - || attrPathS[0] == "apps")) - ) - { - recurse(); - } + flake_schemas::forEachOutput(inventory, [&](Symbol outputName, std::shared_ptr output, const std::string & doc, bool isLast) + { + auto j = nlohmann::json::object(); + + if (!showLegacy && state->symbols[outputName] == "legacyPackages") { + j.emplace("skipped", true); + } else if (output) { + j.emplace("doc", doc); + auto j2 = nlohmann::json::object(); + visit(ref(output), j2); + j.emplace("output", std::move(j2)); + } else + j.emplace("unknown", true); - else if ( - (attrPath.size() == 2 && (attrPathS[0] == "defaultPackage" || attrPathS[0] == "devShell" || attrPathS[0] == "formatter")) - || (attrPath.size() == 3 && (attrPathS[0] == "checks" || attrPathS[0] == "packages" || attrPathS[0] == "devShells")) - ) - { - if (!showAllSystems && std::string(attrPathS[1]) != localSystem) { - if (!json) - logger->cout(fmt("%s " ANSI_WARNING "omitted" ANSI_NORMAL " (use '--all-systems' to show)", headerPrefix)); - else { - logger->warn(fmt("%s omitted (use '--all-systems' to show)", concatStringsSep(".", attrPathS))); - } - } else { - if (visitor.isDerivation()) - showDerivation(); - else - throw Error("expected a derivation"); - } - } + res.emplace(state->symbols[outputName], j); + }); - else if (attrPath.size() > 0 && attrPathS[0] == "hydraJobs") { - if (visitor.isDerivation()) - showDerivation(); - else - recurse(); - } + logger->cout("%s", res.dump()); + } - else if (attrPath.size() > 0 && attrPathS[0] == "legacyPackages") { - if (attrPath.size() == 1) - recurse(); - else if (!showLegacy){ - if (!json) - logger->cout(fmt("%s " ANSI_WARNING "omitted" ANSI_NORMAL " (use '--legacy' to show)", headerPrefix)); - else { - logger->warn(fmt("%s omitted (use '--legacy' to show)", concatStringsSep(".", attrPathS))); - } - } else if (!showAllSystems && std::string(attrPathS[1]) != localSystem) { - if (!json) - logger->cout(fmt("%s " ANSI_WARNING "omitted" ANSI_NORMAL " (use '--all-systems' to show)", headerPrefix)); - else { - logger->warn(fmt("%s omitted (use '--all-systems' to show)", concatStringsSep(".", attrPathS))); - } - } else { - if (visitor.isDerivation()) - showDerivation(); - else if (attrPath.size() <= 2) - // FIXME: handle recurseIntoAttrs - recurse(); - } - } + else { + logger->cout(ANSI_BOLD "%s" ANSI_NORMAL, flake->flake.lockedRef); - else if ( - (attrPath.size() == 2 && attrPathS[0] == "defaultApp") || - (attrPath.size() == 3 && attrPathS[0] == "apps")) - { - auto aType = visitor.maybeGetAttr("type"); - if (!aType || aType->getString() != "app") - state->error("not an app definition").debugThrow(); - if (json) { - j.emplace("type", "app"); - } else { - logger->cout("%s: app", headerPrefix); - } - } + std::function node, + const std::string & headerPrefix, + const std::string & prevPrefix)> visit; - else if ( - (attrPath.size() == 1 && attrPathS[0] == "defaultTemplate") || - (attrPath.size() == 2 && attrPathS[0] == "templates")) - { - auto description = visitor.getAttr("description")->getString(); - if (json) { - j.emplace("type", "template"); - j.emplace("description", description); - } else { - logger->cout("%s: template: " ANSI_BOLD "%s" ANSI_NORMAL, headerPrefix, description); - } - } + visit = [&]( + ref node, + const std::string & headerPrefix, + const std::string & prevPrefix) + { + flake_schemas::visit( + showAllSystems ? std::optional() : localSystem, + node, + + [&](ref leaf) + { + auto s = headerPrefix; + + if (auto what = flake_schemas::what(leaf)) + s += fmt(": %s", *what); + + if (auto drv = flake_schemas::derivation(leaf)) + s += fmt(ANSI_ITALIC " [%s]" ANSI_NORMAL, drv->getAttr(state->sName)->getString()); + + logger->cout(s); + }, + + [&](std::function forEachChild) + { + logger->cout(headerPrefix); + forEachChild([&](Symbol attrName, ref node, bool isLast) + { + visit(node, + fmt(ANSI_GREEN "%s%s" ANSI_NORMAL ANSI_BOLD "%s" ANSI_NORMAL, prevPrefix, + isLast ? treeLast : treeConn, state->symbols[attrName]), + prevPrefix + (isLast ? treeNull : treeLine)); + }); + }, + + [&](ref node, const std::vector & systems) + { + logger->cout(fmt("%s " ANSI_WARNING "omitted" ANSI_NORMAL " (use '--all-systems' to show)", headerPrefix)); + }); + }; - else { - auto [type, description] = - (attrPath.size() == 1 && attrPathS[0] == "overlay") - || (attrPath.size() == 2 && attrPathS[0] == "overlays") ? std::make_pair("nixpkgs-overlay", "Nixpkgs overlay") : - attrPath.size() == 2 && attrPathS[0] == "nixosConfigurations" ? std::make_pair("nixos-configuration", "NixOS configuration") : - (attrPath.size() == 1 && attrPathS[0] == "nixosModule") - || (attrPath.size() == 2 && attrPathS[0] == "nixosModules") ? std::make_pair("nixos-module", "NixOS module") : - std::make_pair("unknown", "unknown"); - if (json) { - j.emplace("type", type); - } else { - logger->cout("%s: " ANSI_WARNING "%s" ANSI_NORMAL, headerPrefix, description); - } + flake_schemas::forEachOutput(inventory, [&](Symbol outputName, std::shared_ptr output, const std::string & doc, bool isLast) + { + auto headerPrefix = fmt( + ANSI_GREEN "%s" ANSI_NORMAL ANSI_BOLD "%s" ANSI_NORMAL, + isLast ? treeLast : treeConn, state->symbols[outputName]); + + if (!showLegacy && state->symbols[outputName] == "legacyPackages") { + logger->cout(headerPrefix); + logger->cout( + ANSI_GREEN "%s" "%s" ANSI_NORMAL ANSI_ITALIC "%s" ANSI_NORMAL, + isLast ? treeNull : treeLine, + treeLast, + "(skipped; use '--legacy' to show)"); + } else if (output) { + visit(ref(output), headerPrefix, isLast ? treeNull : treeLine); + } else { + logger->cout(headerPrefix); + logger->cout( + ANSI_GREEN "%s" "%s" ANSI_NORMAL ANSI_ITALIC "%s" ANSI_NORMAL, + isLast ? treeNull : treeLine, + treeLast, + "(unknown flake output)"); } - } catch (EvalError & e) { - if (!(attrPath.size() > 0 && attrPathS[0] == "legacyPackages")) - throw; - } - - return j; - }; - - auto cache = openEvalCache(*state, flake); - - auto j = visit(*cache->getRoot(), {}, fmt(ANSI_BOLD "%s" ANSI_NORMAL, flake->flake.lockedRef), ""); - if (json) - logger->cout("%s", j.dump()); + }); + } } }; diff --git a/src/nix/local.mk b/src/nix/local.mk index 28b30b58619..43a22a2afb3 100644 --- a/src/nix/local.mk +++ b/src/nix/local.mk @@ -55,3 +55,9 @@ $(d)/main.cc: \ $(d)/profile.cc: $(d)/profile.md $(d)/profile.md: $(d)/profiles.md.gen.hh + +src/nix/flake.cc: src/nix/call-flake-schemas.nix.gen.hh src/nix/builtin-flake-schemas.nix.gen.hh + +src/nix/builtin-flake-schemas.nix: $(default_flake_schemas)/flake.nix + $(trace-gen) cp $^ $@ + @chmod +w $@ diff --git a/tests/functional/flakes/check.sh b/tests/functional/flakes/check.sh index 3b83dcafe4b..48a0d333aac 100755 --- a/tests/functional/flakes/check.sh +++ b/tests/functional/flakes/check.sh @@ -16,17 +16,6 @@ EOF nix flake check $flakeDir -cat > $flakeDir/flake.nix < $flakeDir/flake.nix < show-output.json nix eval --impure --expr ' let show_output = builtins.fromJSON (builtins.readFile ./show-output.json); in -assert show_output.packages.someOtherSystem.default == {}; -assert show_output.packages.${builtins.currentSystem}.default.name == "simple"; -assert show_output.legacyPackages.${builtins.currentSystem} == {}; +assert show_output.packages.output.children.someOtherSystem.filtered; +assert show_output.packages.output.children.${builtins.currentSystem}.children.default.derivationName == "simple"; +assert show_output.legacyPackages.skipped; true ' @@ -26,8 +26,8 @@ nix flake show --json --all-systems > show-output.json nix eval --impure --expr ' let show_output = builtins.fromJSON (builtins.readFile ./show-output.json); in -assert show_output.packages.someOtherSystem.default.name == "simple"; -assert show_output.legacyPackages.${builtins.currentSystem} == {}; +assert show_output.packages.output.children.someOtherSystem.children.default.derivationName == "simple"; +assert show_output.legacyPackages.skipped; true ' @@ -36,34 +36,7 @@ nix flake show --json --legacy > show-output.json nix eval --impure --expr ' let show_output = builtins.fromJSON (builtins.readFile ./show-output.json); in -assert show_output.legacyPackages.${builtins.currentSystem}.hello.name == "simple"; -true -' - -# Test that attributes are only reported when they have actual content -cat >flake.nix < show-output.json -nix eval --impure --expr ' -let show_output = builtins.fromJSON (builtins.readFile ./show-output.json); -in -assert show_output == { }; +assert show_output.legacyPackages.output.children.${builtins.currentSystem}.children.hello.derivationName == "simple"; true ' @@ -83,7 +56,7 @@ nix flake show --json --legacy --all-systems > show-output.json nix eval --impure --expr ' let show_output = builtins.fromJSON (builtins.readFile ./show-output.json); in -assert show_output.legacyPackages.${builtins.currentSystem}.AAAAAASomeThingsFailToEvaluate == { }; -assert show_output.legacyPackages.${builtins.currentSystem}.simple.name == "simple"; +assert show_output.legacyPackages.output.children.${builtins.currentSystem}.children.AAAAAASomeThingsFailToEvaluate.failed; +assert show_output.legacyPackages.output.children.${builtins.currentSystem}.children.simple.derivationName == "simple"; true ' diff --git a/tests/functional/fmt.sh b/tests/functional/fmt.sh index b29fe64d6bc..b0a0b2e5f7b 100755 --- a/tests/functional/fmt.sh +++ b/tests/functional/fmt.sh @@ -32,4 +32,6 @@ cat << EOF > flake.nix EOF nix fmt ./file ./folder | grep 'Formatting: ./file ./folder' nix flake check -nix flake show | grep -P "package 'formatter'" + +clearStore +nix flake show | grep -P "package.*\[formatter\]" From b80c3191d9c147c672f97c5dc4bb0536725af16f Mon Sep 17 00:00:00 2001 From: Luc Perkins Date: Thu, 11 Jul 2024 09:49:06 -0700 Subject: [PATCH 027/815] Use Markdown tables for config --- doc/manual/src/protocols/flake-schemas.md | 36 +++++++++++++---------- 1 file changed, 20 insertions(+), 16 deletions(-) diff --git a/doc/manual/src/protocols/flake-schemas.md b/doc/manual/src/protocols/flake-schemas.md index f6cdd6165b8..b1dfa5da6f0 100644 --- a/doc/manual/src/protocols/flake-schemas.md +++ b/doc/manual/src/protocols/flake-schemas.md @@ -8,34 +8,38 @@ every output type that you want to be supported. If a flake does not have a `sch A schema is an attribute set with the following attributes: -* `version`: Should be set to 1. -* `doc`: A string containing documentation about the flake output type in Markdown format. -* `allowIFD` (defaults to `true`): Whether the evaluation of the output attributes of this flake can read from derivation outputs. -* `inventory`: A function that returns the contents of the flake output (described below). +| Attribute | Description | Default | +| :---------- | :---------------------------------------------------------------------------------------------- | :------ | +| `version` | Should be set to 1 | | +| `doc` | A string containing documentation about the flake output type in Markdown format. | | +| `allowIFD` | Whether the evaluation of the output attributes of this flake can read from derivation outputs. | `true` | +| `inventory` | A function that returns the contents of the flake output (described [below](#inventory)). | | # Inventory -The `inventory` function returns a *node* describing the contents of the flake output. A node is either a *leaf node* or a *non-leaf node*. This allows nested flake output attributes to be described (e.g. `x86_64-linux.hello` inside a `packages` output). +The `inventory` function returns a _node_ describing the contents of the flake output. A node is either a _leaf node_ or a _non-leaf node_. This allows nested flake output attributes to be described (e.g. `x86_64-linux.hello` inside a `packages` output). Non-leaf nodes must have the following attribute: -* `children`: An attribute set of nodes. If this attribute is missing, the attribute if a leaf node. +| Attribute | Description | +| :--------- | :------------------------------------------------------------------------------------- | +| `children` | An attribute set of nodes. If this attribute is missing, the attribute is a leaf node. | Leaf nodes can have the following attributes: -* `derivation`: The main derivation of this node, if any. It must evaluate for `nix flake check` and `nix flake show` to succeed. - -* `evalChecks`: An attribute set of Boolean values, used by `nix flake check`. Each attribute must evaluate to `true`. - -* `isFlakeCheck`: Whether `nix flake check` should build the `derivation` attribute of this node. - -* `shortDescription`: A one-sentence description of the node (such as the `meta.description` attribute in Nixpkgs). - -* `what`: A brief human-readable string describing the type of the node, e.g. `"package"` or `"development environment"`. This is used by tools like `nix flake show` to describe the contents of a flake. +| Attribute | Description | +| :----------------- | :----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `derivation` | The main derivation of this node, if any. It must evaluate for `nix flake check` and `nix flake show` to succeed. | +| `evalChecks` | An attribute set of Boolean values, used by `nix flake check`. Each attribute must evaluate to `true`. | +| `isFlakeCheck` | Whether `nix flake check` should build the `derivation` attribute of this node. | +| `shortDescription` | A one-sentence description of the node (such as the `meta.description` attribute in Nixpkgs). | +| `what` | A brief human-readable string describing the type of the node, e.g. `"package"` or `"development environment"`. This is used by tools like `nix flake show` to describe the contents of a flake. | Both leaf and non-leaf nodes can have the following attributes: -* `forSystems`: A list of Nix system types (e.g. `["x86_64-linux"]`) supported by this node. This is used by tools to skip nodes that cannot be built on the user's system. Setting this on a non-leaf node allows all the children to be skipped, regardless of the `forSystems` attributes of the children. If this attribute is not set, the node is never skipped. +| Attribute | Description | +| :----------- | :----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `forSystems` | A list of Nix system types (e.g. `["x86_64-linux"]`) supported by this node. This is used by tools to skip nodes that cannot be built on the user's system. Setting this on a non-leaf node allows all the children to be skipped, regardless of the `forSystems` attributes of the children. If this attribute is not set, the node is never skipped. | # Example From 855e71632421620f86af817b17103a7a562a93a9 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Tue, 16 Jul 2024 16:37:57 +0200 Subject: [PATCH 028/815] Fix formatting --- src/nix/flake-schemas.cc | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/src/nix/flake-schemas.cc b/src/nix/flake-schemas.cc index afd0dd5cf0f..0047f27ce61 100644 --- a/src/nix/flake-schemas.cc +++ b/src/nix/flake-schemas.cc @@ -25,7 +25,8 @@ static LockedFlake getBuiltinDefaultSchemasFlake(EvalState & state) state.allowPath(storePath); // Construct a dummy flakeref. - auto flakeRef = parseFlakeRef(fetchSettings, + auto flakeRef = parseFlakeRef( + fetchSettings, fmt("tarball+https://builtin-flake-schemas?narHash=%s", state.store->queryPathInfo(storePath)->narHash.to_string(HashFormat::SRI, true))); @@ -43,8 +44,9 @@ call(EvalState & state, std::shared_ptr lockedFlake, std::op #include "call-flake-schemas.nix.gen.hh" ; - auto lockedDefaultSchemasFlake = - defaultSchemasFlake ? flake::lockFlake(flakeSettings, state, *defaultSchemasFlake, {}) : getBuiltinDefaultSchemasFlake(state); + auto lockedDefaultSchemasFlake = defaultSchemasFlake + ? flake::lockFlake(flakeSettings, state, *defaultSchemasFlake, {}) + : getBuiltinDefaultSchemasFlake(state); auto lockedDefaultSchemasFlakeFingerprint = lockedDefaultSchemasFlake.getFingerprint(state.store); std::optional fingerprint2; From 206e32e2d7c72c940a4348648f5de46122c495c9 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 31 Jul 2024 23:37:43 +0200 Subject: [PATCH 029/815] Mark release --- flake.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flake.nix b/flake.nix index 9e8592e3a6d..3e3cfdc0435 100644 --- a/flake.nix +++ b/flake.nix @@ -24,7 +24,7 @@ let inherit (nixpkgs) lib; - officialRelease = false; + officialRelease = true; version = lib.fileContents ./.version + versionSuffix; versionSuffix = From 0a167ffd1f57864ce042d83f9d1f17ef5126c442 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 1 Aug 2024 10:41:11 +0200 Subject: [PATCH 030/815] Bump version --- .version | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.version b/.version index ad2261920c0..0f5dfbe8769 100644 --- a/.version +++ b/.version @@ -1 +1 @@ -2.24.0 +2.24.1 From fe6a7c805c1882f755c5b5de9bf1c21c55e73254 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 1 Aug 2024 16:51:57 +0200 Subject: [PATCH 031/815] Fix the S3 store It was failing with: error: AWS error fetching 'nix-cache-info': The specified bucket does not exist because `S3BinaryCacheStoreImpl` had a `bucketName` field that shadowed the inherited `bucketName from `S3BinaryCacheStoreConfig`. (cherry picked from commit 9b5b7b796341eca437fe08bb278c49dfbae2deaa) --- src/libstore/s3-binary-cache-store.cc | 2 -- 1 file changed, 2 deletions(-) diff --git a/src/libstore/s3-binary-cache-store.cc b/src/libstore/s3-binary-cache-store.cc index 92ab47cd66d..21175b1ebfd 100644 --- a/src/libstore/s3-binary-cache-store.cc +++ b/src/libstore/s3-binary-cache-store.cc @@ -220,8 +220,6 @@ std::string S3BinaryCacheStoreConfig::doc() struct S3BinaryCacheStoreImpl : virtual S3BinaryCacheStoreConfig, public virtual S3BinaryCacheStore { - std::string bucketName; - Stats stats; S3Helper s3Helper; From fa78d7f72fc2f36b9a31d9d37ceedf097583590c Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 5 Aug 2024 18:56:02 +0200 Subject: [PATCH 032/815] PathSubstitutionGoal: Fix spurious "failed" count in the progress bar It is not an error if queryPathInfo() indicates that a path does not exist in the substituter. Fixes #11198. This was broken in 846869da0ed0580beb7f827b303fef9a8386de37. (cherry picked from commit 0a00bd07b2421acfb21751a718292affa8c6e837) --- src/libstore/build/substitution-goal.cc | 8 +++++--- src/libstore/build/substitution-goal.hh | 2 +- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/src/libstore/build/substitution-goal.cc b/src/libstore/build/substitution-goal.cc index 7deeb47487d..0152f180828 100644 --- a/src/libstore/build/substitution-goal.cc +++ b/src/libstore/build/substitution-goal.cc @@ -145,8 +145,10 @@ Goal::Co PathSubstitutionGoal::init() /* None left. Terminate this goal and let someone else deal with it. */ - worker.failedSubstitutions++; - worker.updateProgress(); + if (substituterFailed) { + worker.failedSubstitutions++; + worker.updateProgress(); + } /* Hack: don't indicate failure if there were no substituters. In that case the calling derivation should just do a @@ -158,7 +160,7 @@ Goal::Co PathSubstitutionGoal::init() } -Goal::Co PathSubstitutionGoal::tryToRun(StorePath subPath, nix::ref sub, std::shared_ptr info, bool& substituterFailed) +Goal::Co PathSubstitutionGoal::tryToRun(StorePath subPath, nix::ref sub, std::shared_ptr info, bool & substituterFailed) { trace("all references realised"); diff --git a/src/libstore/build/substitution-goal.hh b/src/libstore/build/substitution-goal.hh index c1de45379f1..f2cf797e5d2 100644 --- a/src/libstore/build/substitution-goal.hh +++ b/src/libstore/build/substitution-goal.hh @@ -66,7 +66,7 @@ public: */ Co init() override; Co gotInfo(); - Co tryToRun(StorePath subPath, nix::ref sub, std::shared_ptr info, bool& substituterFailed); + Co tryToRun(StorePath subPath, nix::ref sub, std::shared_ptr info, bool & substituterFailed); Co finished(); /** From b1941c9f8a40b6aeb42d0ddc20af85c54a9bd80f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Fri, 2 Aug 2024 11:12:06 +0200 Subject: [PATCH 033/815] allow to c api with older c versions In the FFI world we have many tools that are not gcc/clang and therefore not always support the latest C standard. This fixes support with cffi i.e. used in https://github.com/tweag/python-nix (cherry picked from commit 739418504c4d2f28fb5f45151b1c83707c3571e2) --- src/libexpr-c/nix_api_expr.h | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/src/libexpr-c/nix_api_expr.h b/src/libexpr-c/nix_api_expr.h index adf8b65b1a3..1764b49f321 100644 --- a/src/libexpr-c/nix_api_expr.h +++ b/src/libexpr-c/nix_api_expr.h @@ -14,6 +14,16 @@ #include "nix_api_util.h" #include +#ifndef __has_c_attribute +# define __has_c_attribute(x) 0 +#endif + +#if __has_c_attribute(deprecated) +# define NIX_DEPRECATED(msg) [[deprecated(msg)]] +#else +# define NIX_DEPRECATED(msg) +#endif + #ifdef __cplusplus extern "C" { #endif @@ -45,7 +55,7 @@ typedef struct EvalState EvalState; // nix::EvalState * @see nix_value_incref, nix_value_decref */ typedef struct nix_value nix_value; -[[deprecated("use nix_value instead")]] typedef nix_value Value; +NIX_DEPRECATED("use nix_value instead") typedef nix_value Value; // Function prototypes /** From 4036c3aafb7a6c4c625e68cc14acf6b529be2cb2 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 8 Aug 2024 15:02:48 +0200 Subject: [PATCH 034/815] Bump version --- .version | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.version b/.version index 0f5dfbe8769..5827d9bfd7b 100644 --- a/.version +++ b/.version @@ -1 +1 @@ -2.24.1 +2.24.2 From 450252c92c3b5d0e7e71398fdc9f7630cf197326 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 8 Aug 2024 17:21:00 +0200 Subject: [PATCH 035/815] Bump version --- .version | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.version b/.version index 5827d9bfd7b..29690d10f08 100644 --- a/.version +++ b/.version @@ -1 +1 @@ -2.24.2 +2.24.3 From 5b62a1dbd60f716b88c9da5a78ae1ea533cc82d9 Mon Sep 17 00:00:00 2001 From: Cole Helbling Date: Fri, 16 Aug 2024 07:09:27 -0700 Subject: [PATCH 036/815] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/63d37ccd2d178d54e7fb691d7ec76000740ea24a?narHash=sha256-7cCC8%2BTdq1%2B3OPyc3%2BgVo9dzUNkNIQfwSDJ2HSi2u3o%3D' (2024-07-21) → 'github:NixOS/nixpkgs/c3d4ac725177c030b1e289015989da2ad9d56af0?narHash=sha256-sqLwJcHYeWLOeP/XoLwAtYjr01TISlkOfz%2BNG82pbdg%3D' (2024-08-15) (cherry picked from commit 8866d2cd838902d45782541efe08efc1e1f1a2ab) --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 2ac413a6986..b5d0b881c5c 100644 --- a/flake.lock +++ b/flake.lock @@ -80,11 +80,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1721548954, - "narHash": "sha256-7cCC8+Tdq1+3OPyc3+gVo9dzUNkNIQfwSDJ2HSi2u3o=", + "lastModified": 1723688146, + "narHash": "sha256-sqLwJcHYeWLOeP/XoLwAtYjr01TISlkOfz+NG82pbdg=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "63d37ccd2d178d54e7fb691d7ec76000740ea24a", + "rev": "c3d4ac725177c030b1e289015989da2ad9d56af0", "type": "github" }, "original": { From d550139191cfddb313f431d7f2c68d7873a62991 Mon Sep 17 00:00:00 2001 From: Cole Helbling Date: Fri, 16 Aug 2024 07:22:30 -0700 Subject: [PATCH 037/815] ci: check that all outputs for all systems can evaluate (cherry picked from commit aa3d35c1f4145c9532620a20d6727c2214eab054) --- .github/workflows/ci.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 4eb9cf10dc7..e9397621eac 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -49,6 +49,7 @@ jobs: done ) & - run: nix --experimental-features 'nix-command flakes' flake check -L + - run: nix --experimental-features 'nix-command flakes' flake show --all-systems --json # Steps to test CI automation in your own fork. # Cachix: From 4e707b8e577a9f41f91fc4b6ddb1ac5c3bb47b97 Mon Sep 17 00:00:00 2001 From: Andrew Marshall Date: Thu, 8 Aug 2024 14:29:40 -0400 Subject: [PATCH 038/815] libstore: fix port binding in __darwinAllowLocalNetworking sandbox In d60c3f7f7c83134b5b4470ed84b6d5ed38e28753, this was changed to close a hole in the sandbox. Unfortunately, this was too restrictive such that it made local port binding fail, thus making derivations that needed `__darwinAllowLocalNetworking` gain nearly nothing, and thus largely fail (as the primary use for it is to enable port binding). This unfortunately does mean that a sandboxed build process can, in coordination with an actor outside the sandbox, escape the sandbox by binding a port and connecting to it externally to send data. I do not see a way around this with my experimentation and understanding of the (quite undocumented) macOS sandbox profile API. Notably it seems not possible to use the sandbox to do any of: - Restrict the remote IP of inbound network requests - Restrict the address being bound to As such, the `(local ip "*:*")` here appears to be functionally no different than `(local ip "localhost:*")` (however it *should* be different than removing the filter entirely, as that would make it also apply to non-IP networking). Doing `(allow network-inbound (require-all (local ip "localhost:*") (remote ip "localhost:*")))` causes listening to fail. Note that `network-inbound` implies `network-bind`. (cherry picked from commit 00f6db36fd72c9e82e923ce89d0ddb7d2e738528) --- src/libstore/unix/build/sandbox-defaults.sb | 1 + 1 file changed, 1 insertion(+) diff --git a/src/libstore/unix/build/sandbox-defaults.sb b/src/libstore/unix/build/sandbox-defaults.sb index 6da01b7356b..15cd6daf5e0 100644 --- a/src/libstore/unix/build/sandbox-defaults.sb +++ b/src/libstore/unix/build/sandbox-defaults.sb @@ -49,6 +49,7 @@ R""( (if (param "_ALLOW_LOCAL_NETWORKING") (begin (allow network* (remote ip "localhost:*")) + (allow network-inbound (local ip "*:*")) ; required to bind and listen ; Allow access to /etc/resolv.conf (which is a symlink to ; /private/var/run/resolv.conf). From 90fb4e8890c393d860521cb13e892a5cd19ab395 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 19 Aug 2024 12:46:17 +0200 Subject: [PATCH 039/815] Bump version --- .version | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.version b/.version index 29690d10f08..b71a29b1f95 100644 --- a/.version +++ b/.version @@ -1 +1 @@ -2.24.3 +2.24.4 From 7befd60c01c1593dd2db86fd4c695c3e9f26416e Mon Sep 17 00:00:00 2001 From: Tom Bereknyei Date: Sun, 18 Aug 2024 22:35:54 -0400 Subject: [PATCH 040/815] fix: check to see if there are any lines before (cherry picked from commit 59db8fd62b5300afbbabb1e8a12d547b336a3bdf) --- src/nix-build/nix-build.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/nix-build/nix-build.cc b/src/nix-build/nix-build.cc index 0ce987d8a5c..a5b9e1e548e 100644 --- a/src/nix-build/nix-build.cc +++ b/src/nix-build/nix-build.cc @@ -163,7 +163,7 @@ static void main_nix_build(int argc, char * * argv) script = argv[1]; try { auto lines = tokenizeString(readFile(script), "\n"); - if (std::regex_search(lines.front(), std::regex("^#!"))) { + if (!lines.empty() && std::regex_search(lines.front(), std::regex("^#!"))) { lines.pop_front(); inShebang = true; for (int i = 2; i < argc; ++i) From 30a57328d2b53ec8d140af0065f4875501d5c28d Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 23 Aug 2024 13:15:30 +0200 Subject: [PATCH 041/815] Backport https://github.com/NixOS/nix/pull/11152 --- .../src/installation/prerequisites-source.md | 2 - src/libexpr/eval-gc.cc | 134 ------------------ src/libstore/store-api.cc | 16 ++- src/libutil/serialise.cc | 71 +--------- src/libutil/serialise.hh | 23 --- 5 files changed, 15 insertions(+), 231 deletions(-) diff --git a/doc/manual/src/installation/prerequisites-source.md b/doc/manual/src/installation/prerequisites-source.md index 4aafa6d27ab..c346a0a4b27 100644 --- a/doc/manual/src/installation/prerequisites-source.md +++ b/doc/manual/src/installation/prerequisites-source.md @@ -39,8 +39,6 @@ `pkgconfig` and the Boehm garbage collector, and pass the flag `--enable-gc` to `configure`. - For `bdw-gc` <= 8.2.4 Nix needs a [small patch](https://github.com/NixOS/nix/blob/ac4d2e7b857acdfeac35ac8a592bdecee2d29838/boehmgc-traceable_allocator-public.diff) to be applied. - - The `boost` library of version 1.66.0 or higher. It can be obtained from the official web site . diff --git a/src/libexpr/eval-gc.cc b/src/libexpr/eval-gc.cc index 2f0e8c0c90b..07ce05a2c73 100644 --- a/src/libexpr/eval-gc.cc +++ b/src/libexpr/eval-gc.cc @@ -32,122 +32,6 @@ static void * oomHandler(size_t requested) throw std::bad_alloc(); } -class BoehmGCStackAllocator : public StackAllocator -{ - boost::coroutines2::protected_fixedsize_stack stack{ - // We allocate 8 MB, the default max stack size on NixOS. - // A smaller stack might be quicker to allocate but reduces the stack - // depth available for source filter expressions etc. - std::max(boost::context::stack_traits::default_size(), static_cast(8 * 1024 * 1024))}; - - // This is specific to boost::coroutines2::protected_fixedsize_stack. - // The stack protection page is included in sctx.size, so we have to - // subtract one page size from the stack size. - std::size_t pfss_usable_stack_size(boost::context::stack_context & sctx) - { - return sctx.size - boost::context::stack_traits::page_size(); - } - -public: - boost::context::stack_context allocate() override - { - auto sctx = stack.allocate(); - - // Stacks generally start at a high address and grow to lower addresses. - // Architectures that do the opposite are rare; in fact so rare that - // boost_routine does not implement it. - // So we subtract the stack size. - GC_add_roots(static_cast(sctx.sp) - pfss_usable_stack_size(sctx), sctx.sp); - return sctx; - } - - void deallocate(boost::context::stack_context sctx) override - { - GC_remove_roots(static_cast(sctx.sp) - pfss_usable_stack_size(sctx), sctx.sp); - stack.deallocate(sctx); - } -}; - -static BoehmGCStackAllocator boehmGCStackAllocator; - -/** - * When a thread goes into a coroutine, we lose its original sp until - * control flow returns to the thread. - * While in the coroutine, the sp points outside the thread stack, - * so we can detect this and push the entire thread stack instead, - * as an approximation. - * The coroutine's stack is covered by `BoehmGCStackAllocator`. - * This is not an optimal solution, because the garbage is scanned when a - * coroutine is active, for both the coroutine and the original thread stack. - * However, the implementation is quite lean, and usually we don't have active - * coroutines during evaluation, so this is acceptable. - */ -void fixupBoehmStackPointer(void ** sp_ptr, void * _pthread_id) -{ - void *& sp = *sp_ptr; - auto pthread_id = reinterpret_cast(_pthread_id); -# ifndef __APPLE__ - pthread_attr_t pattr; -# endif - size_t osStackSize; - // The low address of the stack, which grows down. - void * osStackLimit; - void * osStackBase; - -# ifdef __APPLE__ - osStackSize = pthread_get_stacksize_np(pthread_id); - osStackLimit = pthread_get_stackaddr_np(pthread_id); -# else - if (pthread_attr_init(&pattr)) { - throw Error("fixupBoehmStackPointer: pthread_attr_init failed"); - } -# ifdef HAVE_PTHREAD_GETATTR_NP - if (pthread_getattr_np(pthread_id, &pattr)) { - throw Error("fixupBoehmStackPointer: pthread_getattr_np failed"); - } -# elif HAVE_PTHREAD_ATTR_GET_NP - if (!pthread_attr_init(&pattr)) { - throw Error("fixupBoehmStackPointer: pthread_attr_init failed"); - } - if (!pthread_attr_get_np(pthread_id, &pattr)) { - throw Error("fixupBoehmStackPointer: pthread_attr_get_np failed"); - } -# else -# error "Need one of `pthread_attr_get_np` or `pthread_getattr_np`" -# endif - if (pthread_attr_getstack(&pattr, &osStackLimit, &osStackSize)) { - throw Error("fixupBoehmStackPointer: pthread_attr_getstack failed"); - } - if (pthread_attr_destroy(&pattr)) { - throw Error("fixupBoehmStackPointer: pthread_attr_destroy failed"); - } -# endif - osStackBase = (char *) osStackLimit + osStackSize; - // NOTE: We assume the stack grows down, as it does on all architectures we support. - // Architectures that grow the stack up are rare. - if (sp >= osStackBase || sp < osStackLimit) { // sp is outside the os stack - sp = osStackLimit; - } -} - -/* Disable GC while this object lives. Used by CoroutineContext. - * - * Boehm keeps a count of GC_disable() and GC_enable() calls, - * and only enables GC when the count matches. - */ -class BoehmDisableGC -{ -public: - BoehmDisableGC() - { - GC_disable(); - }; - ~BoehmDisableGC() - { - GC_enable(); - }; -}; - static inline void initGCReal() { /* Initialise the Boehm garbage collector. */ @@ -168,24 +52,6 @@ static inline void initGCReal() GC_set_oom_fn(oomHandler); - StackAllocator::defaultAllocator = &boehmGCStackAllocator; - -// TODO: Remove __APPLE__ condition. -// Comment suggests an implementation that works on darwin and windows -// https://github.com/ivmai/bdwgc/issues/362#issuecomment-1936672196 -# if GC_VERSION_MAJOR >= 8 && GC_VERSION_MINOR >= 2 && GC_VERSION_MICRO >= 4 && !defined(__APPLE__) - GC_set_sp_corrector(&fixupBoehmStackPointer); - - if (!GC_get_sp_corrector()) { - printTalkative("BoehmGC on this platform does not support sp_corrector; will disable GC inside coroutines"); - /* Used to disable GC when entering coroutines on macOS */ - create_coro_gc_hook = []() -> std::shared_ptr { return std::make_shared(); }; - } -# else -# warning \ - "BoehmGC version does not support GC while coroutine exists. GC will be disabled inside coroutines. Consider updating bdw-gc to 8.2.4 or later." -# endif - /* Set the initial heap size to something fairly big (25% of physical RAM, up to a maximum of 384 MiB) so that in most cases we don't need to garbage collect at all. (Collection has a diff --git a/src/libstore/store-api.cc b/src/libstore/store-api.cc index b3e5ad014cf..8eef340ccb4 100644 --- a/src/libstore/store-api.cc +++ b/src/libstore/store-api.cc @@ -210,14 +210,16 @@ StorePath Store::addToStore( fsm = FileSerialisationMethod::NixArchive; break; } - auto source = sinkToSource([&](Sink & sink) { - dumpPath(path, sink, fsm, filter); + std::optional storePath; + auto sink = sourceToSink([&](Source & source) { + LengthSource lengthSource(source); + storePath = addToStoreFromDump(lengthSource, name, fsm, method, hashAlgo, references, repair); + if (lengthSource.total >= settings.warnLargePathThreshold) + warn("copied large path '%s' to the store (%s)", path, renderSize(lengthSource.total)); }); - LengthSource lengthSource(*source); - auto storePath = addToStoreFromDump(lengthSource, name, fsm, method, hashAlgo, references, repair); - if (lengthSource.total >= settings.warnLargePathThreshold) - warn("copied large path '%s' to the store (%s)", path, renderSize(lengthSource.total)); - return storePath; + dumpPath(path, *sink, fsm, filter); + sink->finish(); + return storePath.value(); } void Store::addMultipleToStore( diff --git a/src/libutil/serialise.cc b/src/libutil/serialise.cc index 4899134d7c3..5352a436b44 100644 --- a/src/libutil/serialise.cc +++ b/src/libutil/serialise.cc @@ -171,55 +171,6 @@ size_t StringSource::read(char * data, size_t len) #error Coroutines are broken in this version of Boost! #endif -/* A concrete datatype allow virtual dispatch of stack allocation methods. */ -struct VirtualStackAllocator { - StackAllocator *allocator = StackAllocator::defaultAllocator; - - boost::context::stack_context allocate() { - return allocator->allocate(); - } - - void deallocate(boost::context::stack_context sctx) { - allocator->deallocate(sctx); - } -}; - - -/* This class reifies the default boost coroutine stack allocation strategy with - a virtual interface. */ -class DefaultStackAllocator : public StackAllocator { - boost::coroutines2::default_stack stack; - - boost::context::stack_context allocate() override { - return stack.allocate(); - } - - void deallocate(boost::context::stack_context sctx) override { - stack.deallocate(sctx); - } -}; - -static DefaultStackAllocator defaultAllocatorSingleton; - -StackAllocator *StackAllocator::defaultAllocator = &defaultAllocatorSingleton; - - -std::shared_ptr (*create_coro_gc_hook)() = []() -> std::shared_ptr { - return {}; -}; - -/* This class is used for entry and exit hooks on coroutines */ -class CoroutineContext { - /* Disable GC when entering the coroutine without the boehm patch, - * since it doesn't find the main thread stack in this case. - * std::shared_ptr performs type-erasure, so it will call the right - * deleter. */ - const std::shared_ptr coro_gc_hook = create_coro_gc_hook(); -public: - CoroutineContext() {}; - ~CoroutineContext() {}; -}; - std::unique_ptr sourceToSink(std::function fun) { struct SourceToSink : FinishSink @@ -241,14 +192,12 @@ std::unique_ptr sourceToSink(std::function fun) cur = in; if (!coro) { - CoroutineContext ctx; - coro = coro_t::push_type(VirtualStackAllocator{}, [&](coro_t::pull_type & yield) { - LambdaSource source([&](char *out, size_t out_len) { + coro = coro_t::push_type([&](coro_t::pull_type & yield) { + LambdaSource source([&](char * out, size_t out_len) { if (cur.empty()) { yield(); - if (yield.get()) { - return (size_t)0; - } + if (yield.get()) + throw EndOfFile("coroutine has finished"); } size_t n = std::min(cur.size(), out_len); @@ -263,20 +212,14 @@ std::unique_ptr sourceToSink(std::function fun) if (!*coro) { unreachable(); } if (!cur.empty()) { - CoroutineContext ctx; (*coro)(false); } } void finish() override { - if (!coro) return; - if (!*coro) unreachable(); - { - CoroutineContext ctx; + if (coro && *coro) (*coro)(true); - } - if (*coro) unreachable(); } }; @@ -307,8 +250,7 @@ std::unique_ptr sinkToSource( size_t read(char * data, size_t len) override { if (!coro) { - CoroutineContext ctx; - coro = coro_t::pull_type(VirtualStackAllocator{}, [&](coro_t::push_type & yield) { + coro = coro_t::pull_type([&](coro_t::push_type & yield) { LambdaSink sink([&](std::string_view data) { if (!data.empty()) yield(std::string(data)); }); @@ -320,7 +262,6 @@ std::unique_ptr sinkToSource( if (pos == cur.size()) { if (!cur.empty()) { - CoroutineContext ctx; (*coro)(); } cur = coro->get(); diff --git a/src/libutil/serialise.hh b/src/libutil/serialise.hh index c7290dcef9d..e9f3e3a4a2f 100644 --- a/src/libutil/serialise.hh +++ b/src/libutil/serialise.hh @@ -557,27 +557,4 @@ struct FramedSink : nix::BufferedSink }; }; -/** - * Stack allocation strategy for sinkToSource. - * Mutable to avoid a boehm gc dependency in libutil. - * - * boost::context doesn't provide a virtual class, so we define our own. - */ -struct StackAllocator { - virtual boost::context::stack_context allocate() = 0; - virtual void deallocate(boost::context::stack_context sctx) = 0; - - /** - * The stack allocator to use in sinkToSource and potentially elsewhere. - * It is reassigned by the initGC() method in libexpr. - */ - static StackAllocator *defaultAllocator; -}; - -/* Disabling GC when entering a coroutine (without the boehm patch). - mutable to avoid boehm gc dependency in libutil. - */ -extern std::shared_ptr (*create_coro_gc_hook)(); - - } From 9d8669b14a402a8fd440fdce0ab3d874319a6984 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 23 Aug 2024 16:15:11 +0200 Subject: [PATCH 042/815] Bump version --- .version | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.version b/.version index b71a29b1f95..23a93836aed 100644 --- a/.version +++ b/.version @@ -1 +1 @@ -2.24.4 +2.24.5 From 0c25bea7cca21cc8e56ce9ed5b5391289fd30e04 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 2 Sep 2024 17:28:11 +0200 Subject: [PATCH 043/815] Respect max-substitution-jobs again This broke in #11005. Any number of PathSubstitutionGoals would be woken up by a single build slot becoming available. If there are a lot of substitution goals active, this could lead to us running out of file descriptors (especially on macOS where the default limit is 256). (cherry picked from commit a33cb8af5693af56dd69073dc5dddb4c6900ad7a) --- src/libstore/build/substitution-goal.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libstore/build/substitution-goal.cc b/src/libstore/build/substitution-goal.cc index 0152f180828..a26eea8201f 100644 --- a/src/libstore/build/substitution-goal.cc +++ b/src/libstore/build/substitution-goal.cc @@ -183,7 +183,7 @@ Goal::Co PathSubstitutionGoal::tryToRun(StorePath subPath, nix::ref sub, /* Make sure that we are allowed to start a substitution. Note that even if maxSubstitutionJobs == 0, we still allow a substituter to run. This prevents infinite waiting. */ - if (worker.getNrSubstitutions() >= std::max(1U, (unsigned int) settings.maxSubstitutionJobs)) { + while (worker.getNrSubstitutions() >= std::max(1U, (unsigned int) settings.maxSubstitutionJobs)) { worker.waitForBuildSlot(shared_from_this()); co_await Suspend{}; } From c21f664e82aef1d44d71e1c5cc4e0021b4f8a1b8 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 2 Sep 2024 17:28:55 +0200 Subject: [PATCH 044/815] "unsigned" -> size_t Slight cleanup. (cherry picked from commit b7acd1c4145c7316085f2a12bfa26ef742ac6146) --- src/libstore/build/worker.cc | 4 ++-- src/libstore/build/worker.hh | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/src/libstore/build/worker.cc b/src/libstore/build/worker.cc index ab0ba67b521..dbe86f43f6a 100644 --- a/src/libstore/build/worker.cc +++ b/src/libstore/build/worker.cc @@ -184,13 +184,13 @@ void Worker::wakeUp(GoalPtr goal) } -unsigned Worker::getNrLocalBuilds() +size_t Worker::getNrLocalBuilds() { return nrLocalBuilds; } -unsigned Worker::getNrSubstitutions() +size_t Worker::getNrSubstitutions() { return nrSubstitutions; } diff --git a/src/libstore/build/worker.hh b/src/libstore/build/worker.hh index 33a7bf01517..e083dbea6d1 100644 --- a/src/libstore/build/worker.hh +++ b/src/libstore/build/worker.hh @@ -92,12 +92,12 @@ private: * Number of build slots occupied. This includes local builds but does not * include substitutions or remote builds via the build hook. */ - unsigned int nrLocalBuilds; + size_t nrLocalBuilds; /** * Number of substitution slots occupied. */ - unsigned int nrSubstitutions; + size_t nrSubstitutions; /** * Maps used to prevent multiple instantiations of a goal for the @@ -235,12 +235,12 @@ public: * Return the number of local build processes currently running (but not * remote builds via the build hook). */ - unsigned int getNrLocalBuilds(); + size_t getNrLocalBuilds(); /** * Return the number of substitution processes currently running. */ - unsigned int getNrSubstitutions(); + size_t getNrSubstitutions(); /** * Registers a running child process. `inBuildSlot` means that From ea7abb58b59562952262a0ef43e30f9f85639cd4 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Tue, 3 Sep 2024 16:51:36 +0200 Subject: [PATCH 045/815] Bump version --- .version | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.version b/.version index 23a93836aed..c5f92d6f8fd 100644 --- a/.version +++ b/.version @@ -1 +1 @@ -2.24.5 +2.24.6 From 0679505d8ce991416650504e409d8c2055a8f6bd Mon Sep 17 00:00:00 2001 From: "Travis A. Everett" Date: Tue, 2 Jul 2024 21:02:45 -0500 Subject: [PATCH 046/815] install-darwin: fix _nixbld uids for macOS sequoia Starting in macOS 15 Sequoia, macOS daemon UIDs are encroaching on our default UIDs of 301-332. This commit relocates our range up to avoid clashing with the current UIDs of 301-304 and buy us a little time while still leaving headroom for people installing more than 32 users. (cherry picked from commit df36ff0d1e60f59eb3e0442fa335252421ec8057) --- scripts/bigsur-nixbld-user-migration.sh | 2 +- scripts/install-darwin-multi-user.sh | 12 +++++++++++- 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/scripts/bigsur-nixbld-user-migration.sh b/scripts/bigsur-nixbld-user-migration.sh index 0eb312e07cd..bc42e02e6b2 100755 --- a/scripts/bigsur-nixbld-user-migration.sh +++ b/scripts/bigsur-nixbld-user-migration.sh @@ -1,6 +1,6 @@ #!/usr/bin/env bash -((NEW_NIX_FIRST_BUILD_UID=301)) +((NEW_NIX_FIRST_BUILD_UID=350)) id_available(){ dscl . list /Users UniqueID | grep -E '\b'"$1"'\b' >/dev/null diff --git a/scripts/install-darwin-multi-user.sh b/scripts/install-darwin-multi-user.sh index 24c9052f91c..bd1a54ad873 100644 --- a/scripts/install-darwin-multi-user.sh +++ b/scripts/install-darwin-multi-user.sh @@ -4,7 +4,17 @@ set -eu set -o pipefail # System specific settings -export NIX_FIRST_BUILD_UID="${NIX_FIRST_BUILD_UID:-301}" +# Notes: +# - up to macOS Big Sur we used the same GID/UIDs as Linux (30000:30001-32) +# - we changed UID to 301 because Big Sur updates failed into recovery mode +# we're targeting the 200-400 UID range for role users mentioned in the +# usage note for sysadminctl +# - we changed UID to 350 because Sequoia now uses UIDs 300-304 for its own +# daemon users +# - we changed GID to 350 alongside above just because it hides the nixbld +# group from the Users & Groups settings panel :) +export NIX_FIRST_BUILD_UID="${NIX_FIRST_BUILD_UID:-350}" +export NIX_BUILD_GROUP_ID="${NIX_BUILD_GROUP_ID:-350}" export NIX_BUILD_USER_NAME_TEMPLATE="_nixbld%d" readonly NIX_DAEMON_DEST=/Library/LaunchDaemons/org.nixos.nix-daemon.plist From c5a0e624d94505d6544ed2175ecaa08d78cf4b6e Mon Sep 17 00:00:00 2001 From: "Travis A. Everett" Date: Tue, 2 Jul 2024 21:22:35 -0500 Subject: [PATCH 047/815] install-darwin: move nixbld gid to match first UID (cherry picked from commit 75567423fb6163559575c38867cda09b754364d7) --- scripts/install-multi-user.sh | 6 ++---- scripts/install-systemd-multi-user.sh | 1 + 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/scripts/install-multi-user.sh b/scripts/install-multi-user.sh index 6aee073e3f9..a487d459f40 100644 --- a/scripts/install-multi-user.sh +++ b/scripts/install-multi-user.sh @@ -23,10 +23,10 @@ readonly RED='\033[31m' # installer allows overriding build user count to speed up installation # as creating each user takes non-trivial amount of time on macos readonly NIX_USER_COUNT=${NIX_USER_COUNT:-32} -readonly NIX_BUILD_GROUP_ID="${NIX_BUILD_GROUP_ID:-30000}" readonly NIX_BUILD_GROUP_NAME="nixbld" # each system specific installer must set these: # NIX_FIRST_BUILD_UID +# NIX_BUILD_GROUP_ID # NIX_BUILD_USER_NAME_TEMPLATE # Please don't change this. We don't support it, because the # default shell profile that comes with Nix doesn't support it. @@ -530,9 +530,7 @@ It seems the build group $NIX_BUILD_GROUP_NAME already exists, but with the UID $primary_group_id. This script can't really handle that right now, so I'm going to give up. -You can fix this by editing this script and changing the -NIX_BUILD_GROUP_ID variable near the top to from $NIX_BUILD_GROUP_ID -to $primary_group_id and re-run. +You can export NIX_BUILD_GROUP_ID=$primary_group_id and re-run. EOF else row " Exists" "Yes" diff --git a/scripts/install-systemd-multi-user.sh b/scripts/install-systemd-multi-user.sh index a62ed7e3aa4..a79a699906a 100755 --- a/scripts/install-systemd-multi-user.sh +++ b/scripts/install-systemd-multi-user.sh @@ -5,6 +5,7 @@ set -o pipefail # System specific settings export NIX_FIRST_BUILD_UID="${NIX_FIRST_BUILD_UID:-30001}" +export NIX_BUILD_GROUP_ID="${NIX_BUILD_GROUP_ID:-30000}" export NIX_BUILD_USER_NAME_TEMPLATE="nixbld%d" readonly SERVICE_SRC=/lib/systemd/system/nix-daemon.service From 8d0414d682b18323bab362d31e8f1c43125a63d4 Mon Sep 17 00:00:00 2001 From: Emily Date: Mon, 26 Aug 2024 17:59:58 +0100 Subject: [PATCH 048/815] install-darwin: increment base UID by 1 (#15) (cherry picked from commit 11cf29b15c8ea144035eb6a9d9f31bb05eee2048) --- scripts/bigsur-nixbld-user-migration.sh | 2 +- scripts/install-darwin-multi-user.sh | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/scripts/bigsur-nixbld-user-migration.sh b/scripts/bigsur-nixbld-user-migration.sh index bc42e02e6b2..57f65da7212 100755 --- a/scripts/bigsur-nixbld-user-migration.sh +++ b/scripts/bigsur-nixbld-user-migration.sh @@ -1,6 +1,6 @@ #!/usr/bin/env bash -((NEW_NIX_FIRST_BUILD_UID=350)) +((NEW_NIX_FIRST_BUILD_UID=351)) id_available(){ dscl . list /Users UniqueID | grep -E '\b'"$1"'\b' >/dev/null diff --git a/scripts/install-darwin-multi-user.sh b/scripts/install-darwin-multi-user.sh index bd1a54ad873..89c66b8f41c 100644 --- a/scripts/install-darwin-multi-user.sh +++ b/scripts/install-darwin-multi-user.sh @@ -9,11 +9,11 @@ set -o pipefail # - we changed UID to 301 because Big Sur updates failed into recovery mode # we're targeting the 200-400 UID range for role users mentioned in the # usage note for sysadminctl -# - we changed UID to 350 because Sequoia now uses UIDs 300-304 for its own +# - we changed UID to 351 because Sequoia now uses UIDs 300-304 for its own # daemon users # - we changed GID to 350 alongside above just because it hides the nixbld # group from the Users & Groups settings panel :) -export NIX_FIRST_BUILD_UID="${NIX_FIRST_BUILD_UID:-350}" +export NIX_FIRST_BUILD_UID="${NIX_FIRST_BUILD_UID:-351}" export NIX_BUILD_GROUP_ID="${NIX_BUILD_GROUP_ID:-350}" export NIX_BUILD_USER_NAME_TEMPLATE="_nixbld%d" From 437f7a0042a7eb27e379c65557acd492e62c6496 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 12 Aug 2024 15:47:02 +0200 Subject: [PATCH 049/815] fetchers::downloadTarball(): Return a cacheable accessor downloadTarball() is used by `-I foo=` etc. fetchToStore() needs the accessor to have a fingerprint to enable caching. Fixes #11271. (cherry picked from commit 9f6ee93f488c8935b560588ad7ba321d9618f588) --- src/libcmd/common-eval-args.cc | 4 +++- src/libexpr/eval.cc | 4 +++- src/libexpr/primops/fetchTree.cc | 6 +++++- src/libfetchers/tarball.cc | 20 ++++++++++++++++++-- src/libfetchers/tarball.hh | 9 ++++++--- 5 files changed, 35 insertions(+), 8 deletions(-) diff --git a/src/libcmd/common-eval-args.cc b/src/libcmd/common-eval-args.cc index fcef92487cb..ae9994a05f6 100644 --- a/src/libcmd/common-eval-args.cc +++ b/src/libcmd/common-eval-args.cc @@ -171,7 +171,9 @@ SourcePath lookupFileArg(EvalState & state, std::string_view s, const Path * bas { if (EvalSettings::isPseudoUrl(s)) { auto accessor = fetchers::downloadTarball( - EvalSettings::resolvePseudoUrl(s)).accessor; + state.store, + state.fetchSettings, + EvalSettings::resolvePseudoUrl(s)); auto storePath = fetchToStore(*state.store, SourcePath(accessor), FetchMode::Copy); return state.rootPath(CanonPath(state.store->toRealPath(storePath))); } diff --git a/src/libexpr/eval.cc b/src/libexpr/eval.cc index de5d85821ef..0bb1a5ea6cc 100644 --- a/src/libexpr/eval.cc +++ b/src/libexpr/eval.cc @@ -3083,7 +3083,9 @@ std::optional EvalState::resolveLookupPathPath(const LookupPath::Pa if (EvalSettings::isPseudoUrl(value)) { try { auto accessor = fetchers::downloadTarball( - EvalSettings::resolvePseudoUrl(value)).accessor; + store, + fetchSettings, + EvalSettings::resolvePseudoUrl(value)); auto storePath = fetchToStore(*store, SourcePath(accessor), FetchMode::Copy); return finish(store->toRealPath(storePath)); } catch (Error & e) { diff --git a/src/libexpr/primops/fetchTree.cc b/src/libexpr/primops/fetchTree.cc index f79b6b7b83a..0e49cbc71ad 100644 --- a/src/libexpr/primops/fetchTree.cc +++ b/src/libexpr/primops/fetchTree.cc @@ -501,7 +501,11 @@ static void fetch(EvalState & state, const PosIdx pos, Value * * args, Value & v // https://github.com/NixOS/nix/issues/4313 auto storePath = unpack - ? fetchToStore(*state.store, fetchers::downloadTarball(*url).accessor, FetchMode::Copy, name) + ? fetchToStore( + *state.store, + fetchers::downloadTarball(state.store, state.fetchSettings, *url), + FetchMode::Copy, + name) : fetchers::downloadFile(state.store, *url, name).storePath; if (expectedHash) { diff --git a/src/libfetchers/tarball.cc b/src/libfetchers/tarball.cc index 457210542dc..dd4f3b78086 100644 --- a/src/libfetchers/tarball.cc +++ b/src/libfetchers/tarball.cc @@ -102,7 +102,7 @@ DownloadFileResult downloadFile( }; } -DownloadTarballResult downloadTarball( +static DownloadTarballResult downloadTarball_( const std::string & url, const Headers & headers) { @@ -202,6 +202,22 @@ DownloadTarballResult downloadTarball( return attrsToResult(infoAttrs); } +ref downloadTarball( + ref store, + const Settings & settings, + const std::string & url) +{ + /* Go through Input::getAccessor() to ensure that the resulting + accessor has a fingerprint. */ + fetchers::Attrs attrs; + attrs.insert_or_assign("type", "tarball"); + attrs.insert_or_assign("url", url); + + auto input = Input::fromAttrs(settings, std::move(attrs)); + + return input.getAccessor(store).first; +} + // An input scheme corresponding to a curl-downloadable resource. struct CurlInputScheme : InputScheme { @@ -353,7 +369,7 @@ struct TarballInputScheme : CurlInputScheme { auto input(_input); - auto result = downloadTarball(getStrAttr(input.attrs, "url"), {}); + auto result = downloadTarball_(getStrAttr(input.attrs, "url"), {}); result.accessor->setPathDisplay("«" + input.to_string() + "»"); diff --git a/src/libfetchers/tarball.hh b/src/libfetchers/tarball.hh index d9bdd123d58..2042041d5ad 100644 --- a/src/libfetchers/tarball.hh +++ b/src/libfetchers/tarball.hh @@ -14,6 +14,8 @@ struct SourceAccessor; namespace nix::fetchers { +struct Settings; + struct DownloadFileResult { StorePath storePath; @@ -40,8 +42,9 @@ struct DownloadTarballResult * Download and import a tarball into the Git cache. The result is the * Git tree hash of the root directory. */ -DownloadTarballResult downloadTarball( - const std::string & url, - const Headers & headers = {}); +ref downloadTarball( + ref store, + const Settings & settings, + const std::string & url); } From f0cffa7300cec037fd5bf8adb40a2657f3af3bda Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Sat, 17 Aug 2024 08:31:41 +0200 Subject: [PATCH 050/815] replace backport github action with mergify The current backport action cannot automerge because the github action bot does not trigger github CI actions. Mergify instead does not have this limitation and can also use a merge queue. On top we have now a declarative configuration to allow contributers to add new tests to required without having access to the github org. An example pull request and backport can be seen here: https://github.com/Mic92/nix-1/pull/4 and here: https://github.com/Mic92/nix-1/pull/5 To complete the setup the mergify app must be enabled for this repository. It's already installed in the nixos organization for nixos-hardware and other repositories. (cherry picked from commit 80f20fa4cb75ad48d74047ca060869bb9138f776) --- .github/workflows/backport.yml | 32 ------------ .mergify.yml | 92 ++++++++++++++++++++++++++++++++++ 2 files changed, 92 insertions(+), 32 deletions(-) delete mode 100644 .github/workflows/backport.yml create mode 100644 .mergify.yml diff --git a/.github/workflows/backport.yml b/.github/workflows/backport.yml deleted file mode 100644 index dd110de6c2a..00000000000 --- a/.github/workflows/backport.yml +++ /dev/null @@ -1,32 +0,0 @@ -name: Backport -on: - pull_request_target: - types: [closed, labeled] -permissions: - contents: read -jobs: - backport: - name: Backport Pull Request - permissions: - # for zeebe-io/backport-action - contents: write - pull-requests: write - if: github.repository_owner == 'NixOS' && github.event.pull_request.merged == true && (github.event_name != 'labeled' || startsWith('backport', github.event.label.name)) - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - with: - ref: ${{ github.event.pull_request.head.sha }} - # required to find all branches - fetch-depth: 0 - - name: Create backport PRs - # should be kept in sync with `version` - uses: zeebe-io/backport-action@v3.0.2 - with: - # Config README: https://github.com/zeebe-io/backport-action#backport-action - github_token: ${{ secrets.GITHUB_TOKEN }} - github_workspace: ${{ github.workspace }} - pull_description: |- - Automatic backport to `${target_branch}`, triggered by a label in #${pull_number}. - # should be kept in sync with `uses` - version: v0.0.5 diff --git a/.mergify.yml b/.mergify.yml new file mode 100644 index 00000000000..663c45d92f4 --- /dev/null +++ b/.mergify.yml @@ -0,0 +1,92 @@ +queue_rules: + - name: default + # all required tests need to go here + merge_conditions: + - check-success=installer + - check-success=installer_test (macos-latest) + - check-success=installer_test (ubuntu-latest) + - check-success=tests (macos-latest) + - check-success=tests (ubuntu-latest) + - check-success=vm_tests + merge_method: rebase + batch_size: 5 + +pull_request_rules: + - name: merge using the merge queue + conditions: + - base=master + - label~=merge-queue|dependencies + actions: + queue: {} + +# The rules below will first create backport pull requests and put those in a merge queue. + + - name: backport patches to 2.18 + conditions: + - label=backport 2.18-maintenance + actions: + backport: + branches: + - 2.18-maintenance + labels: + - merge-queue + + - name: backport patches to 2.19 + conditions: + - label=backport 2.19-maintenance + actions: + backport: + branches: + - 2.19-maintenance + labels: + - merge-queue + + - name: backport patches to 2.20 + conditions: + - label=backport 2.20-maintenance + actions: + backport: + branches: + - 2.20-maintenance + labels: + - merge-queue + + - name: backport patches to 2.21 + conditions: + - label=backport 2.21-maintenance + actions: + backport: + branches: + - 2.21-maintenance + labels: + - merge-queue + + - name: backport patches to 2.22 + conditions: + - label=backport 2.22-maintenance + actions: + backport: + branches: + - 2.22-maintenance + labels: + - merge-queue + + - name: backport patches to 2.23 + conditions: + - label=backport 2.23-maintenance + actions: + backport: + branches: + - 2.23-maintenance + labels: + - merge-queue + + - name: backport patches to 2.24 + conditions: + - label=backport 2.24-maintenance + actions: + backport: + branches: + - "2.24-maintenance" + labels: + - merge-queue From 12fa019ae558641df0a23a7973d64e687b2d8ba8 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 4 Sep 2024 21:43:59 +0200 Subject: [PATCH 051/815] NAR parser: Fix check for duplicate / incorrectly sorted entries "prevName" was always empty because it was declared in the wrong scope. (cherry picked from commit 495d32e1b8e5d5143f048d1be755a96bea822b19) --- src/libutil/archive.cc | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/libutil/archive.cc b/src/libutil/archive.cc index e2ebcda0c57..35376039836 100644 --- a/src/libutil/archive.cc +++ b/src/libutil/archive.cc @@ -214,11 +214,13 @@ static void parse(FileSystemObjectSink & sink, Source & source, const CanonPath else if (t == "directory") { sink.createDirectory(path); + std::string prevName; + while (1) { s = getString(); if (s == "entry") { - std::string name, prevName; + std::string name; s = getString(); if (s != "(") throw badArchive("expected open tag"); From 6187ee468f1ffd5ff4f931b9e027e718d12f9f20 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 5 Sep 2024 16:41:15 +0200 Subject: [PATCH 052/815] Add test case for NARs with duplicate directory entries This test was made by @puckipedia. (cherry picked from commit 83d5b32803e5b828967a27b1ea93c5728d3a4d0a) --- tests/functional/duplicate.nar | Bin 0 -> 1400 bytes tests/functional/local.mk | 2 +- tests/functional/{case-hack.sh => nars.sh} | 9 +++++---- 3 files changed, 6 insertions(+), 5 deletions(-) create mode 100644 tests/functional/duplicate.nar rename tests/functional/{case-hack.sh => nars.sh} (79%) diff --git a/tests/functional/duplicate.nar b/tests/functional/duplicate.nar new file mode 100644 index 0000000000000000000000000000000000000000..1d0993ed4cab41a6d45907ac0c17026afd5471a2 GIT binary patch literal 1400 zcmdT@+it=z49zZ#4T*h25D#ojRW~kz9 z$BsP}-LYn0DAbktf#N+v9qTBW&+onV;7jX2S0C@V9t<{lr}pt&I-XgF4v29E z3g3EyMu?&G+_E0O>ztu< "$TEST_ROOT/case.nar" cmp case.nar "$TEST_ROOT/case.nar" From f160d3ac68f67497f7f4948fa7a236790c7fee12 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 5 Sep 2024 16:48:43 +0200 Subject: [PATCH 053/815] Test that nix-store --restore fails if the output already exists This restores the behaviour from before the std::filesystem refactorings. (cherry picked from commit da1ad28912334bb57f923afb4745273fd68f695c) --- src/libutil/fs-sink.cc | 3 ++- tests/functional/nars.sh | 3 +++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/src/libutil/fs-sink.cc b/src/libutil/fs-sink.cc index f15324d0a9f..696cd17eaf7 100644 --- a/src/libutil/fs-sink.cc +++ b/src/libutil/fs-sink.cc @@ -71,7 +71,8 @@ static GlobalConfig::Register r1(&restoreSinkSettings); void RestoreSink::createDirectory(const CanonPath & path) { - std::filesystem::create_directory(dstPath / path.rel()); + if (!std::filesystem::create_directory(dstPath / path.rel())) + throw Error("path '%s' already exists", (dstPath / path.rel()).string()); }; struct RestoreRegularFile : CreateRegularFileSink { diff --git a/tests/functional/nars.sh b/tests/functional/nars.sh index c58d12cd59d..106bd10fcf1 100755 --- a/tests/functional/nars.sh +++ b/tests/functional/nars.sh @@ -10,6 +10,9 @@ clearStore rm -rf "$TEST_ROOT/out" expectStderr 1 nix-store --restore "$TEST_ROOT/out" < duplicate.nar | grepQuiet "NAR directory is not sorted" +# Check that nix-store --restore fails if the output already exists. +expectStderr 1 nix-store --restore "$TEST_ROOT/out" < duplicate.nar | grepQuiet "path '.*/out/' already exists" + # Check whether restoring and dumping a NAR that contains case # collisions is round-tripping, even on a case-insensitive system. rm -rf "$TEST_ROOT/case" From 0cfc9bf1334a340b2123221e9fead71ab2b3307e Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 5 Sep 2024 16:54:12 +0200 Subject: [PATCH 054/815] More tests (cherry picked from commit 77c090cdbd56220895a2447efae79f68ed7861c5) --- tests/functional/nars.sh | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/tests/functional/nars.sh b/tests/functional/nars.sh index 106bd10fcf1..b2b6b2b1ae5 100755 --- a/tests/functional/nars.sh +++ b/tests/functional/nars.sh @@ -13,6 +13,17 @@ expectStderr 1 nix-store --restore "$TEST_ROOT/out" < duplicate.nar | grepQuiet # Check that nix-store --restore fails if the output already exists. expectStderr 1 nix-store --restore "$TEST_ROOT/out" < duplicate.nar | grepQuiet "path '.*/out/' already exists" +rm -rf "$TEST_ROOT/out" +echo foo > "$TEST_ROOT/out" +expectStderr 1 nix-store --restore "$TEST_ROOT/out" < duplicate.nar | grepQuiet "cannot create directory.*File exists" + +rm -rf "$TEST_ROOT/out" +ln -s "$TEST_ROOT/out2" "$TEST_ROOT/out" +expectStderr 1 nix-store --restore "$TEST_ROOT/out" < duplicate.nar | grepQuiet "cannot create directory.*File exists" + +mkdir -p "$TEST_ROOT/out2" +expectStderr 1 nix-store --restore "$TEST_ROOT/out" < duplicate.nar | grepQuiet "path '.*/out/' already exists" + # Check whether restoring and dumping a NAR that contains case # collisions is round-tripping, even on a case-insensitive system. rm -rf "$TEST_ROOT/case" From 12889704966afa417a1c9044755665646f9c2872 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 5 Sep 2024 19:26:10 +0200 Subject: [PATCH 055/815] Detect NAR directory entries that collide with another path after case-hacking The test was made by @puckipedia. (cherry picked from commit 35575873813f60fff26f27a65e09038986f17cb5) --- src/libutil/archive.cc | 3 +++ tests/functional/case-collision.nar | Bin 0 -> 1928 bytes tests/functional/nars.sh | 6 ++++++ 3 files changed, 9 insertions(+) create mode 100644 tests/functional/case-collision.nar diff --git a/src/libutil/archive.cc b/src/libutil/archive.cc index 35376039836..849bfe02246 100644 --- a/src/libutil/archive.cc +++ b/src/libutil/archive.cc @@ -243,6 +243,9 @@ static void parse(FileSystemObjectSink & sink, Source & source, const CanonPath debug("case collision between '%1%' and '%2%'", i->first, name); name += caseHackSuffix; name += std::to_string(++i->second); + auto j = names.find(name); + if (j != names.end()) + throw Error("NAR contains file name '%s' that collides with case-hacked file name '%s'", prevName, j->first); } else names[name] = 0; } diff --git a/tests/functional/case-collision.nar b/tests/functional/case-collision.nar new file mode 100644 index 0000000000000000000000000000000000000000..2eff86901c617be2a830d23074923cb5b3b69aa3 GIT binary patch literal 1928 zcmd^9%}&EG3@&2)Y!WvfAc(_YXsQr5o`XF=mU?TnHklH4TQ7Zf(qMC#G>KJ{av&Gy za}?+EXU7lO&ocTjmrj*>2lMyfx+4Dz*%4W6x6p6LgbVFJp>-|c8?s<9`cB0$vW{^$ z?iYCMuQE2ai07y7GmkrZ&%wH>q|5FJD{C-t@C1MJc_jzOWqdC0M~c()?t*xok{-HJ zs!i9+H#iU9)|ED!?3UuAbZZF8FyEZ~jG6y2J~toM9S7FoQvGmE`2|Vij(PpHA1=*f z7ka8+sd=Qc8V} DaOkrB literal 0 HcmV?d00001 diff --git a/tests/functional/nars.sh b/tests/functional/nars.sh index b2b6b2b1ae5..f2339af88ea 100755 --- a/tests/functional/nars.sh +++ b/tests/functional/nars.sh @@ -37,3 +37,9 @@ cmp case.nar "$TEST_ROOT/case.nar" # removal of the suffix). touch "$TEST_ROOT/case/xt_CONNMARK.h~nix~case~hack~3" (! nix-store "${opts[@]}" --dump "$TEST_ROOT/case" > /dev/null) + +# Detect NARs that have a directory entry that after case-hacking +# collides with another entry (e.g. a directory containing 'Test', +# 'Test~nix~case~hack~1' and 'test'). +rm -rf "$TEST_ROOT/case" +expectStderr 1 nix-store "${opts[@]}" --restore "$TEST_ROOT/case" < case-collision.nar | grepQuiet "NAR contains file name 'test' that collides with case-hacked file name 'Test~nix~case~hack~1'" From a041688133e69016b94110c76719813e11135365 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 5 Sep 2024 20:37:26 +0200 Subject: [PATCH 056/815] Test that deserializing NARs with names with equal Unicode normal forms fails on macOS The test is based on the one by @puckipedia but with the file names swapped to make them sorted. (cherry picked from commit 7a765a6aafa27267659eb7339cf7039990f30caa) --- tests/functional/nars.sh | 11 +++++++++++ tests/functional/unnormalized.nar | Bin 0 -> 1728 bytes 2 files changed, 11 insertions(+) create mode 100644 tests/functional/unnormalized.nar diff --git a/tests/functional/nars.sh b/tests/functional/nars.sh index f2339af88ea..b16650e7e0d 100755 --- a/tests/functional/nars.sh +++ b/tests/functional/nars.sh @@ -43,3 +43,14 @@ touch "$TEST_ROOT/case/xt_CONNMARK.h~nix~case~hack~3" # 'Test~nix~case~hack~1' and 'test'). rm -rf "$TEST_ROOT/case" expectStderr 1 nix-store "${opts[@]}" --restore "$TEST_ROOT/case" < case-collision.nar | grepQuiet "NAR contains file name 'test' that collides with case-hacked file name 'Test~nix~case~hack~1'" + +# Deserializing a NAR that contains file names that Unicode-normalize +# to the same name should fail on macOS but succeed on Linux. +rm -rf "$TEST_ROOT/out" +if [[ $(uname) = Darwin ]]; then + expectStderr 1 nix-store --restore "$TEST_ROOT/out" < unnormalized.nar | grepQuiet "cannot create directory.*File exists" +else + nix-store --restore "$TEST_ROOT/out" < unnormalized.nar + [[ -e $TEST_ROOT/out/â ]] + [[ -e $TEST_ROOT/out/â ]] +fi diff --git a/tests/functional/unnormalized.nar b/tests/functional/unnormalized.nar new file mode 100644 index 0000000000000000000000000000000000000000..4b7edb17e0b4a9b75cf2958e9f12cceca22d267c GIT binary patch literal 1728 zcmd^9&2GXl4DNo}ka&koJMc51YTAwW-~mEvXhfQz#07fgQFxVI_fQML(N5J=2`NbQ zV*7LLe6bx5vh%0qe#)&Vu$+Qc|z8XR?vo72w}Ja>8T2af{uR|2^gTKAx4X{4ZTc z-^V~CHIFT~SHUB7Jzi)&Hr6bq0+*^U@tqW~ Date: Thu, 5 Sep 2024 20:55:24 +0200 Subject: [PATCH 057/815] Fix test on macOS (cherry picked from commit 21dcbd7e83929fbf8b6c666d743afa0a9ea73d83) --- tests/functional/nars.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/functional/nars.sh b/tests/functional/nars.sh index b16650e7e0d..bd2c49fce5c 100755 --- a/tests/functional/nars.sh +++ b/tests/functional/nars.sh @@ -48,7 +48,7 @@ expectStderr 1 nix-store "${opts[@]}" --restore "$TEST_ROOT/case" < case-collisi # to the same name should fail on macOS but succeed on Linux. rm -rf "$TEST_ROOT/out" if [[ $(uname) = Darwin ]]; then - expectStderr 1 nix-store --restore "$TEST_ROOT/out" < unnormalized.nar | grepQuiet "cannot create directory.*File exists" + expectStderr 1 nix-store --restore "$TEST_ROOT/out" < unnormalized.nar | grepQuiet "path '.*/out/â' already exists" else nix-store --restore "$TEST_ROOT/out" < unnormalized.nar [[ -e $TEST_ROOT/out/â ]] From 25510ba66f31dce539796d0101cfee8c52e2752d Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 5 Sep 2024 22:21:53 +0200 Subject: [PATCH 058/815] RestoreSink::createDirectory(): Use append() On macOS, `mkdir("x/')` behaves differently than `mkdir("x")` if `x` is a dangling symlink (the formed succeed while the latter fails). So make sure we always strip the trailing slash. (cherry picked from commit 9fcb588dd8a7b3f0d7d103cea449abcf9f736ad6) --- src/libutil/fs-sink.cc | 20 ++++++++++---------- tests/functional/nars.sh | 8 ++++---- 2 files changed, 14 insertions(+), 14 deletions(-) diff --git a/src/libutil/fs-sink.cc b/src/libutil/fs-sink.cc index 696cd17eaf7..a08cb0a4cf7 100644 --- a/src/libutil/fs-sink.cc +++ b/src/libutil/fs-sink.cc @@ -68,11 +68,19 @@ static RestoreSinkSettings restoreSinkSettings; static GlobalConfig::Register r1(&restoreSinkSettings); +static std::filesystem::path append(const std::filesystem::path & src, const CanonPath & path) +{ + auto dst = src; + if (!path.rel().empty()) + dst /= path.rel(); + return dst; +} void RestoreSink::createDirectory(const CanonPath & path) { - if (!std::filesystem::create_directory(dstPath / path.rel())) - throw Error("path '%s' already exists", (dstPath / path.rel()).string()); + auto p = append(dstPath, path); + if (!std::filesystem::create_directory(p)) + throw Error("path '%s' already exists", p.string()); }; struct RestoreRegularFile : CreateRegularFileSink { @@ -83,14 +91,6 @@ struct RestoreRegularFile : CreateRegularFileSink { void preallocateContents(uint64_t size) override; }; -static std::filesystem::path append(const std::filesystem::path & src, const CanonPath & path) -{ - auto dst = src; - if (!path.rel().empty()) - dst /= path.rel(); - return dst; -} - void RestoreSink::createRegularFile(const CanonPath & path, std::function func) { auto p = append(dstPath, path); diff --git a/tests/functional/nars.sh b/tests/functional/nars.sh index bd2c49fce5c..4f2470ea719 100755 --- a/tests/functional/nars.sh +++ b/tests/functional/nars.sh @@ -11,18 +11,18 @@ rm -rf "$TEST_ROOT/out" expectStderr 1 nix-store --restore "$TEST_ROOT/out" < duplicate.nar | grepQuiet "NAR directory is not sorted" # Check that nix-store --restore fails if the output already exists. -expectStderr 1 nix-store --restore "$TEST_ROOT/out" < duplicate.nar | grepQuiet "path '.*/out/' already exists" +expectStderr 1 nix-store --restore "$TEST_ROOT/out" < duplicate.nar | grepQuiet "path '.*/out' already exists" rm -rf "$TEST_ROOT/out" echo foo > "$TEST_ROOT/out" -expectStderr 1 nix-store --restore "$TEST_ROOT/out" < duplicate.nar | grepQuiet "cannot create directory.*File exists" +expectStderr 1 nix-store --restore "$TEST_ROOT/out" < duplicate.nar | grepQuiet "File exists" rm -rf "$TEST_ROOT/out" ln -s "$TEST_ROOT/out2" "$TEST_ROOT/out" -expectStderr 1 nix-store --restore "$TEST_ROOT/out" < duplicate.nar | grepQuiet "cannot create directory.*File exists" +expectStderr 1 nix-store --restore "$TEST_ROOT/out" < duplicate.nar | grepQuiet "File exists" mkdir -p "$TEST_ROOT/out2" -expectStderr 1 nix-store --restore "$TEST_ROOT/out" < duplicate.nar | grepQuiet "path '.*/out/' already exists" +expectStderr 1 nix-store --restore "$TEST_ROOT/out" < duplicate.nar | grepQuiet "path '.*/out' already exists" # Check whether restoring and dumping a NAR that contains case # collisions is round-tripping, even on a case-insensitive system. From e25410c7886a91167ca0ca2f496bf6bf17ee6510 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 6 Sep 2024 16:28:09 +0200 Subject: [PATCH 059/815] Test that deserializing regular files / symlinks is exclusive (cherry picked from commit 52ba3cc5eac0418218a90c0cddb06688d4c7b5d3) --- tests/functional/nars.sh | 38 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) diff --git a/tests/functional/nars.sh b/tests/functional/nars.sh index 4f2470ea719..ed19637a1bc 100755 --- a/tests/functional/nars.sh +++ b/tests/functional/nars.sh @@ -24,6 +24,44 @@ expectStderr 1 nix-store --restore "$TEST_ROOT/out" < duplicate.nar | grepQuiet mkdir -p "$TEST_ROOT/out2" expectStderr 1 nix-store --restore "$TEST_ROOT/out" < duplicate.nar | grepQuiet "path '.*/out' already exists" +# The same, but for a regular file. +nix-store --dump ./nars.sh > "$TEST_ROOT/tmp.nar" + +rm -rf "$TEST_ROOT/out" +nix-store --restore "$TEST_ROOT/out" < "$TEST_ROOT/tmp.nar" +expectStderr 1 nix-store --restore "$TEST_ROOT/out" < "$TEST_ROOT/tmp.nar" | grepQuiet "File exists" + +rm -rf "$TEST_ROOT/out" +mkdir -p "$TEST_ROOT/out" +expectStderr 1 nix-store --restore "$TEST_ROOT/out" < "$TEST_ROOT/tmp.nar" | grepQuiet "File exists" + +rm -rf "$TEST_ROOT/out" +ln -s "$TEST_ROOT/out2" "$TEST_ROOT/out" +expectStderr 1 nix-store --restore "$TEST_ROOT/out" < "$TEST_ROOT/tmp.nar" | grepQuiet "File exists" + +mkdir -p "$TEST_ROOT/out2" +expectStderr 1 nix-store --restore "$TEST_ROOT/out" < "$TEST_ROOT/tmp.nar" | grepQuiet "File exists" + +# The same, but for a symlink +ln -sfn foo "$TEST_ROOT/symlink" +nix-store --dump "$TEST_ROOT/symlink" > "$TEST_ROOT/tmp.nar" + +rm -rf "$TEST_ROOT/out" +nix-store --restore "$TEST_ROOT/out" < "$TEST_ROOT/tmp.nar" +[[ -L "$TEST_ROOT/out" ]] +expectStderr 1 nix-store --restore "$TEST_ROOT/out" < "$TEST_ROOT/tmp.nar" | grepQuiet "File exists" + +rm -rf "$TEST_ROOT/out" +mkdir -p "$TEST_ROOT/out" +expectStderr 1 nix-store --restore "$TEST_ROOT/out" < "$TEST_ROOT/tmp.nar" | grepQuiet "File exists" + +rm -rf "$TEST_ROOT/out" +ln -s "$TEST_ROOT/out2" "$TEST_ROOT/out" +expectStderr 1 nix-store --restore "$TEST_ROOT/out" < "$TEST_ROOT/tmp.nar" | grepQuiet "File exists" + +mkdir -p "$TEST_ROOT/out2" +expectStderr 1 nix-store --restore "$TEST_ROOT/out" < "$TEST_ROOT/tmp.nar" | grepQuiet "File exists" + # Check whether restoring and dumping a NAR that contains case # collisions is round-tripping, even on a case-insensitive system. rm -rf "$TEST_ROOT/case" From 2e1cb495c1bf36d59c234d923a139c01a3866ee1 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 9 Sep 2024 14:11:35 +0200 Subject: [PATCH 060/815] Typo (cherry picked from commit 4cfa59fdb32aa4fcc58b735d8843ce308692a652) --- tests/functional/nars.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/functional/nars.sh b/tests/functional/nars.sh index ed19637a1bc..9f5f43dc635 100755 --- a/tests/functional/nars.sh +++ b/tests/functional/nars.sh @@ -42,7 +42,7 @@ expectStderr 1 nix-store --restore "$TEST_ROOT/out" < "$TEST_ROOT/tmp.nar" | gre mkdir -p "$TEST_ROOT/out2" expectStderr 1 nix-store --restore "$TEST_ROOT/out" < "$TEST_ROOT/tmp.nar" | grepQuiet "File exists" -# The same, but for a symlink +# The same, but for a symlink. ln -sfn foo "$TEST_ROOT/symlink" nix-store --dump "$TEST_ROOT/symlink" > "$TEST_ROOT/tmp.nar" From a6ad5565ef15a18ea2f60de4d57f75cd0175b167 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 9 Sep 2024 14:29:05 +0200 Subject: [PATCH 061/815] Improve use-case-hack description slightly (cherry picked from commit 5ca2f58798e6f514b5194c16c0fea0d8ec128171) --- src/libutil/archive.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libutil/archive.cc b/src/libutil/archive.cc index 849bfe02246..458438cbdd5 100644 --- a/src/libutil/archive.cc +++ b/src/libutil/archive.cc @@ -23,7 +23,7 @@ struct ArchiveSettings : Config false, #endif "use-case-hack", - "Whether to enable a Darwin-specific hack for dealing with file name collisions."}; + "Whether to enable a macOS-specific hack for dealing with file name case collisions."}; }; static ArchiveSettings archiveSettings; From 0f825b38f43df5722be32526476b832b62b98e97 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Tue, 10 Sep 2024 13:45:04 +0200 Subject: [PATCH 062/815] Bump version --- .version | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.version b/.version index c5f92d6f8fd..7ed0e12bccd 100644 --- a/.version +++ b/.version @@ -1 +1 @@ -2.24.6 +2.24.7 From 40461a8e0e347d457875653a1e08da51dbb1c587 Mon Sep 17 00:00:00 2001 From: Artturin Date: Wed, 11 Sep 2024 00:17:03 +0300 Subject: [PATCH 063/815] Fix making the build directory kept by `keep-failed` readable MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Caused by 1d3696f0fb88d610abc234a60e0d6d424feafdf1 Without this fix the kept build directory is readable only by root ``` $ sudo ls -ld /comp-temp/nix-build-openssh-static-x86_64-unknown-linux-musl-9.8p1.drv-5 drwx------ root root 60 B Wed Sep 11 00:09:48 2024  /comp-temp/nix-build-openssh-static-x86_64-unknown-linux-musl-9.8p1.drv-5/ $ sudo ls -ld /comp-temp/nix-build-openssh-static-x86_64-unknown-linux-musl-9.8p1.drv-5/build drwxr-xr-x nixbld1 nixbld 80 B Wed Sep 11 00:09:58 2024  /comp-temp/nix-build-openssh-static-x86_64-unknown-linux-musl-9.8p1.drv-5/build/ ``` (cherry picked from commit ebebe626ff4ec6da98c0a043c64b35efe1c05bc3) --- src/libstore/unix/build/local-derivation-goal.cc | 1 + 1 file changed, 1 insertion(+) diff --git a/src/libstore/unix/build/local-derivation-goal.cc b/src/libstore/unix/build/local-derivation-goal.cc index d3482df17a1..c9a54bb0ffa 100644 --- a/src/libstore/unix/build/local-derivation-goal.cc +++ b/src/libstore/unix/build/local-derivation-goal.cc @@ -3000,6 +3000,7 @@ void LocalDerivationGoal::deleteTmpDir(bool force) might have privileged stuff (like a copy of netrc). */ if (settings.keepFailed && !force && !drv->isBuiltin()) { printError("note: keeping build directory '%s'", tmpDir); + chmod(topTmpDir.c_str(), 0755); chmod(tmpDir.c_str(), 0755); } else From 97c5ac575277c35c5df09c837c312a5ed8408fa1 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 9 Sep 2024 19:52:21 +0200 Subject: [PATCH 064/815] Git fetcher: Don't update mtime of ref file if fetching by rev This fixes the warning $ nix eval --store /tmp/nix --expr 'builtins.fetchTree { type = "git"; url = "https://github.com/DeterminateSystems/attic"; ref = "fixups-for-magic-nix-cache"; rev = "635753a2069d4b8228e846dc5c09ad361c75cd1a"; }' warning: could not update mtime for file '/home/eelco/.cache/nix/gitv3/09788h9zgba5lbfkaa6ija2dvi004jwsqjf5ln21i2njs07cz766/refs/heads/fixups-for-magic-nix-cache': error: changing modification time of '"/home/eelco/.cache/nix/gitv3/09788h9zgba5lbfkaa6ija2dvi004jwsqjf5ln21i2njs07cz766/refs/heads/fixups-for-magic-nix-cache"': No such file or directory When we're fetching by rev, that file doesn't necessarily exist, and we don't care about it anyway. (cherry picked from commit b80b091bac1eeb6fa64db1ae078de5c6a2e4b1b8) --- src/libfetchers/git.cc | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/libfetchers/git.cc b/src/libfetchers/git.cc index 076c757c5f5..6c5bda47000 100644 --- a/src/libfetchers/git.cc +++ b/src/libfetchers/git.cc @@ -584,9 +584,10 @@ struct GitInputScheme : InputScheme } try { - setWriteTime(localRefFile, now, now); + if (!input.getRev()) + setWriteTime(localRefFile, now, now); } catch (Error & e) { - warn("could not update mtime for file '%s': %s", localRefFile, e.msg()); + warn("could not update mtime for file '%s': %s", localRefFile, e.info().msg); } if (!originalRef && !storeCachedHead(repoInfo.url, ref)) warn("could not update cached head '%s' for '%s'", ref, repoInfo.url); From 751907dc8a2cf1af867fbf4877ec64b68c010ed6 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 4 Sep 2024 14:43:43 +0200 Subject: [PATCH 065/815] Git fetcher: Ignore .gitmodules entries that are not submodules Fixes #10739. (cherry picked from commit 9d24080090539c717015add8f2d8ce02d1d84a2d) --- src/libfetchers/git-utils.cc | 18 ++++++++++++------ tests/functional/fetchGitSubmodules.sh | 21 +++++++++++++++++++++ 2 files changed, 33 insertions(+), 6 deletions(-) diff --git a/src/libfetchers/git-utils.cc b/src/libfetchers/git-utils.cc index 114aa4ec078..0bc930ab28e 100644 --- a/src/libfetchers/git-utils.cc +++ b/src/libfetchers/git-utils.cc @@ -601,12 +601,16 @@ struct GitSourceAccessor : SourceAccessor return readBlob(path, true); } - Hash getSubmoduleRev(const CanonPath & path) + /** + * If `path` exists and is a submodule, return its + * revision. Otherwise return nothing. + */ + std::optional getSubmoduleRev(const CanonPath & path) { - auto entry = need(path); + auto entry = lookup(path); - if (git_tree_entry_type(entry) != GIT_OBJECT_COMMIT) - throw Error("'%s' is not a submodule", showPath(path)); + if (!entry || git_tree_entry_type(entry) != GIT_OBJECT_COMMIT) + return std::nullopt; return toHash(*git_tree_entry_id(entry)); } @@ -1074,8 +1078,10 @@ std::vector> GitRepoImpl::getSubmodules auto rawAccessor = getRawAccessor(rev); for (auto & submodule : parseSubmodules(pathTemp)) { - auto rev = rawAccessor->getSubmoduleRev(submodule.path); - result.push_back({std::move(submodule), rev}); + /* Filter out .gitmodules entries that don't exist or are not + submodules. */ + if (auto rev = rawAccessor->getSubmoduleRev(submodule.path)) + result.push_back({std::move(submodule), *rev}); } return result; diff --git a/tests/functional/fetchGitSubmodules.sh b/tests/functional/fetchGitSubmodules.sh index 4a3e4c347ec..cd3b51674cf 100755 --- a/tests/functional/fetchGitSubmodules.sh +++ b/tests/functional/fetchGitSubmodules.sh @@ -104,6 +104,27 @@ noSubmoduleRepo=$(nix eval --raw --expr "(builtins.fetchGit { url = file://$subR [[ $noSubmoduleRepoBaseline == $noSubmoduleRepo ]] +# Test .gitmodules with entries that refer to non-existent objects or objects that are not submodules. +cat >> $rootRepo/.gitmodules < $rootRepo/file +git -C $rootRepo add file +git -C $rootRepo commit -a -m "Add bad submodules" + +rev=$(git -C $rootRepo rev-parse HEAD) + +r=$(nix eval --raw --expr "builtins.fetchGit { url = file://$rootRepo; rev = \"$rev\"; submodules = true; }") + +[[ -f $r/file ]] +[[ ! -e $r/missing ]] + # Test relative submodule URLs. rm $TEST_HOME/.cache/nix/fetcher-cache* rm -rf $rootRepo/.git $rootRepo/.gitmodules $rootRepo/sub From cd97688bce63dcc6605486a5a2cc41a5d11b3552 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Mon, 26 Aug 2024 21:14:20 +0200 Subject: [PATCH 066/815] builtins.readDir: fix nix error trace on filesystem errors MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Before: nix-env % ./src/nix/nix eval --impure --expr 'let f = builtins.readDir "/nix/store/hs3yxdq9knimwdm51gvbs4dvncz46f9d-hello-2.12.1/foo"; in f' --show-trace error: filesystem error: directory iterator cannot open directory: No such file or directory [/nix/store/hs3yxdq9knimwdm51gvbs4dvncz46f9d-hello-2.12.1/foo] After: error: … while calling the 'readDir' builtin at «string»:1:9: 1| let f = builtins.readDir "/nix/store/hs3yxdq9knimwdm51gvbs4dvncz46f9d-hello-2.12.1/foo"; in f | ^ error: reading directory '/nix/store/hs3yxdq9knimwdm51gvbs4dvncz46f9d-hello-2.12.1/foo': No such file or directory (cherry picked from commit 22ba4dc78d956020e06e0618f020e11700749823) --- src/libutil/posix-source-accessor.cc | 42 +++++++++++++++------------- 1 file changed, 23 insertions(+), 19 deletions(-) diff --git a/src/libutil/posix-source-accessor.cc b/src/libutil/posix-source-accessor.cc index 2b1a485d55c..d09ea4a87ea 100644 --- a/src/libutil/posix-source-accessor.cc +++ b/src/libutil/posix-source-accessor.cc @@ -132,23 +132,24 @@ SourceAccessor::DirEntries PosixSourceAccessor::readDirectory(const CanonPath & { assertNoSymlinks(path); DirEntries res; - for (auto & entry : std::filesystem::directory_iterator{makeAbsPath(path)}) { - checkInterrupt(); - auto type = [&]() -> std::optional { - std::filesystem::file_type nativeType; - try { - nativeType = entry.symlink_status().type(); - } catch (std::filesystem::filesystem_error & e) { - // We cannot always stat the child. (Ideally there is no - // stat because the native directory entry has the type - // already, but this isn't always the case.) - if (e.code() == std::errc::permission_denied || e.code() == std::errc::operation_not_permitted) - return std::nullopt; - else throw; - } - - // cannot exhaustively enumerate because implementation-specific - // additional file types are allowed. + try { + for (auto & entry : std::filesystem::directory_iterator{makeAbsPath(path)}) { + checkInterrupt(); + auto type = [&]() -> std::optional { + std::filesystem::file_type nativeType; + try { + nativeType = entry.symlink_status().type(); + } catch (std::filesystem::filesystem_error & e) { + // We cannot always stat the child. (Ideally there is no + // stat because the native directory entry has the type + // already, but this isn't always the case.) + if (e.code() == std::errc::permission_denied || e.code() == std::errc::operation_not_permitted) + return std::nullopt; + else throw; + } + + // cannot exhaustively enumerate because implementation-specific + // additional file types are allowed. #pragma GCC diagnostic push #pragma GCC diagnostic ignored "-Wswitch-enum" switch (nativeType) { @@ -158,8 +159,11 @@ SourceAccessor::DirEntries PosixSourceAccessor::readDirectory(const CanonPath & default: return tMisc; } #pragma GCC diagnostic pop - }(); - res.emplace(entry.path().filename().string(), type); + }(); + res.emplace(entry.path().filename().string(), type); + } + } catch (std::filesystem::filesystem_error & e) { + throw SysError("reading directory %1%", showPath(path)); } return res; } From c84fc0120f57b117c5cd24dcaa82033a32ce8761 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Thu, 5 Sep 2024 12:59:54 +0200 Subject: [PATCH 067/815] builtins.unpackChannel: wrap filesystem errors and sanitize channelName Otherwise these errors are not caught correctly (cherry picked from commit 70c52d72f4ee93b68b57b12cd7892bba03446067) --- src/libstore/builtins/unpack-channel.cc | 28 +++++++++++++++++++------ 1 file changed, 22 insertions(+), 6 deletions(-) diff --git a/src/libstore/builtins/unpack-channel.cc b/src/libstore/builtins/unpack-channel.cc index a5f2b8e3adf..7f9a520eed3 100644 --- a/src/libstore/builtins/unpack-channel.cc +++ b/src/libstore/builtins/unpack-channel.cc @@ -13,21 +13,37 @@ void builtinUnpackChannel( return i->second; }; - auto out = outputs.at("out"); - auto channelName = getAttr("channelName"); + std::filesystem::path out(outputs.at("out")); + std::filesystem::path channelName(getAttr("channelName")); auto src = getAttr("src"); + if (channelName.filename() != channelName) { + throw Error("channelName is not allowed to contain filesystem seperators, got %1%", channelName); + } + createDirs(out); unpackTarfile(src, out); - auto entries = std::filesystem::directory_iterator{out}; - auto fileName = entries->path().string(); - auto fileCount = std::distance(std::filesystem::begin(entries), std::filesystem::end(entries)); + size_t fileCount; + std::string fileName; + try { + auto entries = std::filesystem::directory_iterator{out}; + fileName = entries->path().string(); + fileCount = std::distance(std::filesystem::begin(entries), std::filesystem::end(entries)); + } catch (std::filesystem::filesystem_error &e) { + throw SysError("failed to read directory %1%", out); + } + if (fileCount != 1) throw Error("channel tarball '%s' contains more than one file", src); - std::filesystem::rename(fileName, (out + "/" + channelName)); + std::filesystem::path target(out / channelName); + try { + std::filesystem::rename(fileName, target); + } catch (std::filesystem::filesystem_error &e) { + throw SysError("failed to rename %1% to %2%", fileName, target); + } } } From 60001b193672074ff205a53940214a8e6abb8b91 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Thu, 5 Sep 2024 14:08:20 +0200 Subject: [PATCH 068/815] add release notes for filesystem fixes Update doc/manual/rl-next/filesystem-errors.md Co-authored-by: John Ericson (cherry picked from commit 04ce0e648aeac282b114cf426cea8a078c97e0a8) --- doc/manual/rl-next/filesystem-errors.md | 14 ++++++++++++++ 1 file changed, 14 insertions(+) create mode 100644 doc/manual/rl-next/filesystem-errors.md diff --git a/doc/manual/rl-next/filesystem-errors.md b/doc/manual/rl-next/filesystem-errors.md new file mode 100644 index 00000000000..2d5b2622860 --- /dev/null +++ b/doc/manual/rl-next/filesystem-errors.md @@ -0,0 +1,14 @@ +--- +synopsis: wrap filesystem exceptions more correctly +issues: [] +prs: [11378] +--- + + +With the switch to `std::filesystem` in different places, Nix started to throw `std::filesystem::filesystem_error` in many places instead of its own exceptions. + +This lead to no longer generating error traces, for example when listing a non-existing directory, and can also lead to crashes inside the Nix REPL. + +This version catches these types of exception correctly and wrap them into Nix's own exeception type. + +Author: [**@Mic92**](https://github.com/Mic92) From 4354d903845ec2329a764d615130decc942f8a19 Mon Sep 17 00:00:00 2001 From: John Ericson Date: Wed, 11 Sep 2024 11:59:11 -0400 Subject: [PATCH 069/815] tweak unpack channel built-in, std::filesystem::path for tarball (cherry picked from commit 193dc490971b0435c7de7565b86110a59d515ff2) --- src/libstore/builtins/unpack-channel.cc | 36 ++++++++++++++----------- src/libutil/tarfile.cc | 22 ++++++++------- src/libutil/tarfile.hh | 6 ++--- 3 files changed, 37 insertions(+), 27 deletions(-) diff --git a/src/libstore/builtins/unpack-channel.cc b/src/libstore/builtins/unpack-channel.cc index 7f9a520eed3..d30626a309b 100644 --- a/src/libstore/builtins/unpack-channel.cc +++ b/src/libstore/builtins/unpack-channel.cc @@ -3,46 +3,52 @@ namespace nix { +namespace fs { using namespace std::filesystem; } + void builtinUnpackChannel( const BasicDerivation & drv, const std::map & outputs) { - auto getAttr = [&](const std::string & name) { + auto getAttr = [&](const std::string & name) -> const std::string & { auto i = drv.env.find(name); if (i == drv.env.end()) throw Error("attribute '%s' missing", name); return i->second; }; - std::filesystem::path out(outputs.at("out")); - std::filesystem::path channelName(getAttr("channelName")); - auto src = getAttr("src"); + fs::path out{outputs.at("out")}; + auto & channelName = getAttr("channelName"); + auto & src = getAttr("src"); - if (channelName.filename() != channelName) { + if (fs::path{channelName}.filename().string() != channelName) { throw Error("channelName is not allowed to contain filesystem seperators, got %1%", channelName); } - createDirs(out); + try { + fs::create_directories(out); + } catch (fs::filesystem_error &) { + throw SysError("creating directory '%1%'", out.string()); + } unpackTarfile(src, out); size_t fileCount; std::string fileName; try { - auto entries = std::filesystem::directory_iterator{out}; + auto entries = fs::directory_iterator{out}; fileName = entries->path().string(); - fileCount = std::distance(std::filesystem::begin(entries), std::filesystem::end(entries)); - } catch (std::filesystem::filesystem_error &e) { - throw SysError("failed to read directory %1%", out); + fileCount = std::distance(fs::begin(entries), fs::end(entries)); + } catch (fs::filesystem_error &) { + throw SysError("failed to read directory %1%", out.string()); } - if (fileCount != 1) throw Error("channel tarball '%s' contains more than one file", src); - std::filesystem::path target(out / channelName); + + auto target = out / channelName; try { - std::filesystem::rename(fileName, target); - } catch (std::filesystem::filesystem_error &e) { - throw SysError("failed to rename %1% to %2%", fileName, target); + fs::rename(fileName, target); + } catch (fs::filesystem_error &) { + throw SysError("failed to rename %1% to %2%", fileName, target.string()); } } diff --git a/src/libutil/tarfile.cc b/src/libutil/tarfile.cc index 2e323629512..a8a22d283f8 100644 --- a/src/libutil/tarfile.cc +++ b/src/libutil/tarfile.cc @@ -8,6 +8,10 @@ namespace nix { +namespace fs { +using namespace std::filesystem; +} + namespace { int callback_open(struct archive *, void * self) @@ -102,14 +106,14 @@ TarArchive::TarArchive(Source & source, bool raw, std::optional com "Failed to open archive (%s)"); } -TarArchive::TarArchive(const Path & path) +TarArchive::TarArchive(const fs::path & path) : archive{archive_read_new()} , buffer(defaultBufferSize) { archive_read_support_filter_all(archive); enableSupportedFormats(archive); archive_read_set_option(archive, NULL, "mac-ext", NULL); - check(archive_read_open_filename(archive, path.c_str(), 16384), "failed to open archive: %s"); + check(archive_read_open_filename(archive, path.string().c_str(), 16384), "failed to open archive: %s"); } void TarArchive::close() @@ -123,7 +127,7 @@ TarArchive::~TarArchive() archive_read_free(this->archive); } -static void extract_archive(TarArchive & archive, const Path & destDir) +static void extract_archive(TarArchive & archive, const fs::path & destDir) { int flags = ARCHIVE_EXTRACT_TIME | ARCHIVE_EXTRACT_SECURE_SYMLINKS | ARCHIVE_EXTRACT_SECURE_NODOTDOT; @@ -140,7 +144,7 @@ static void extract_archive(TarArchive & archive, const Path & destDir) else archive.check(r); - archive_entry_copy_pathname(entry, (destDir + "/" + name).c_str()); + archive_entry_copy_pathname(entry, (destDir / name).string().c_str()); // sources can and do contain dirs with no rx bits if (archive_entry_filetype(entry) == AE_IFDIR && (archive_entry_mode(entry) & 0500) != 0500) @@ -149,7 +153,7 @@ static void extract_archive(TarArchive & archive, const Path & destDir) // Patch hardlink path const char * original_hardlink = archive_entry_hardlink(entry); if (original_hardlink) { - archive_entry_copy_hardlink(entry, (destDir + "/" + original_hardlink).c_str()); + archive_entry_copy_hardlink(entry, (destDir / original_hardlink).string().c_str()); } archive.check(archive_read_extract(archive.archive, entry, flags)); @@ -158,19 +162,19 @@ static void extract_archive(TarArchive & archive, const Path & destDir) archive.close(); } -void unpackTarfile(Source & source, const Path & destDir) +void unpackTarfile(Source & source, const fs::path & destDir) { auto archive = TarArchive(source); - createDirs(destDir); + fs::create_directories(destDir); extract_archive(archive, destDir); } -void unpackTarfile(const Path & tarFile, const Path & destDir) +void unpackTarfile(const fs::path & tarFile, const fs::path & destDir) { auto archive = TarArchive(tarFile); - createDirs(destDir); + fs::create_directories(destDir); extract_archive(archive, destDir); } diff --git a/src/libutil/tarfile.hh b/src/libutil/tarfile.hh index 0517177dbe6..5e29c6bbac3 100644 --- a/src/libutil/tarfile.hh +++ b/src/libutil/tarfile.hh @@ -15,7 +15,7 @@ struct TarArchive void check(int err, const std::string & reason = "failed to extract archive (%s)"); - explicit TarArchive(const Path & path); + explicit TarArchive(const std::filesystem::path & path); /// @brief Create a generic archive from source. /// @param source - Input byte stream. @@ -37,9 +37,9 @@ struct TarArchive int getArchiveFilterCodeByName(const std::string & method); -void unpackTarfile(Source & source, const Path & destDir); +void unpackTarfile(Source & source, const std::filesystem::path & destDir); -void unpackTarfile(const Path & tarFile, const Path & destDir); +void unpackTarfile(const std::filesystem::path & tarFile, const std::filesystem::path & destDir); time_t unpackTarfileToSink(TarArchive & archive, ExtendedFileSystemObjectSink & parseSink); From 684a690480784c21ad5580735c41af13fff04b6b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Fri, 13 Sep 2024 14:20:34 +0200 Subject: [PATCH 070/815] update filesystem-errors changelog to 2.24 release --- doc/manual/rl-next/filesystem-errors.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/manual/rl-next/filesystem-errors.md b/doc/manual/rl-next/filesystem-errors.md index 2d5b2622860..faa9352b96a 100644 --- a/doc/manual/rl-next/filesystem-errors.md +++ b/doc/manual/rl-next/filesystem-errors.md @@ -7,7 +7,7 @@ prs: [11378] With the switch to `std::filesystem` in different places, Nix started to throw `std::filesystem::filesystem_error` in many places instead of its own exceptions. -This lead to no longer generating error traces, for example when listing a non-existing directory, and can also lead to crashes inside the Nix REPL. +This lead to no longer generating error traces, for example when listing a non-existing directory. This version catches these types of exception correctly and wrap them into Nix's own exeception type. From 1b076b4f84a74a47d4f4eeb14c7d1e485a754c87 Mon Sep 17 00:00:00 2001 From: "mergify[bot]" <37929162+mergify[bot]@users.noreply.github.com> Date: Mon, 16 Sep 2024 16:03:05 +0200 Subject: [PATCH 071/815] doc: add admonitions for macOS 15 Sequoia update (#11487) (#11509) The impending release of macOS 15 Sequoia will break many existing nix installs on macOS, which may lead to an increased number of people who are looking to try to reinstall Nix without noticing the open/pinned issue (#10892) that explains the problem and outlines how to migrate existing installs. These admonitions are a short-term measure until we are over the hump and support volumes dwindle. (cherry picked from commit 48477d4a3e7130c89b2ded4496c00ef74601091f) Co-authored-by: Travis A. Everett --- doc/manual/src/installation/index.md | 8 ++++++++ doc/manual/src/installation/installing-binary.md | 8 ++++++++ doc/manual/src/installation/uninstall.md | 8 ++++++++ 3 files changed, 24 insertions(+) diff --git a/doc/manual/src/installation/index.md b/doc/manual/src/installation/index.md index dafdeb667e5..16a7f485a1d 100644 --- a/doc/manual/src/installation/index.md +++ b/doc/manual/src/installation/index.md @@ -14,6 +14,14 @@ This option requires either: * Linux running systemd, with SELinux disabled * MacOS +> **Updating to macOS 15 Sequoia** +> +> If you recently updated to macOS 15 Sequoia and are getting +> ```console +> error: the user '_nixbld1' in the group 'nixbld' does not exist +> ``` +> when running Nix commands, refer to GitHub issue [NixOS/nix#10892](https://github.com/NixOS/nix/issues/10892) for instructions to fix your installation without reinstalling. + ```console $ bash <(curl -L https://nixos.org/nix/install) --daemon ``` diff --git a/doc/manual/src/installation/installing-binary.md b/doc/manual/src/installation/installing-binary.md index 6a168ff3dfd..6a1a5ddcaff 100644 --- a/doc/manual/src/installation/installing-binary.md +++ b/doc/manual/src/installation/installing-binary.md @@ -1,5 +1,13 @@ # Installing a Binary Distribution +> **Updating to macOS 15 Sequoia** +> +> If you recently updated to macOS 15 Sequoia and are getting +> ```console +> error: the user '_nixbld1' in the group 'nixbld' does not exist +> ``` +> when running Nix commands, refer to GitHub issue [NixOS/nix#10892](https://github.com/NixOS/nix/issues/10892) for instructions to fix your installation without reinstalling. + To install the latest version Nix, run the following command: ```console diff --git a/doc/manual/src/installation/uninstall.md b/doc/manual/src/installation/uninstall.md index 590327fea1b..97590e3db8a 100644 --- a/doc/manual/src/installation/uninstall.md +++ b/doc/manual/src/installation/uninstall.md @@ -43,6 +43,14 @@ which you may remove. ### macOS +> **Updating to macOS 15 Sequoia** +> +> If you recently updated to macOS 15 Sequoia and are getting +> ```console +> error: the user '_nixbld1' in the group 'nixbld' does not exist +> ``` +> when running Nix commands, refer to GitHub issue [NixOS/nix#10892](https://github.com/NixOS/nix/issues/10892) for instructions to fix your installation without reinstalling. + 1. If system-wide shell initialisation files haven't been altered since installing Nix, use the backups made by the installer: ```console From 9941f620c442f0996d7889d948b781304e5fb0f2 Mon Sep 17 00:00:00 2001 From: Brian McGee Date: Mon, 31 Jul 2023 18:40:45 +0100 Subject: [PATCH 072/815] base64Decode: clearer error message when an invalid character is detected Output the offending string in its entirety to provide context. Closes #8479 (cherry picked from commit dc3ccf02bfd4d359228b54f5c24ae2b6caf6428e) --- src/libutil/util.cc | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/libutil/util.cc b/src/libutil/util.cc index 698e181a1d1..174e7ce8fab 100644 --- a/src/libutil/util.cc +++ b/src/libutil/util.cc @@ -260,8 +260,9 @@ std::string base64Decode(std::string_view s) if (c == '\n') continue; char digit = base64DecodeChars[(unsigned char) c]; - if (digit == npos) - throw Error("invalid character in Base64 string: '%c'", c); + if (digit == npos) { + throw Error("invalid character in Base64 string: '%c' in '%s'", c, s.data()); + } bits += 6; d = d << 6 | digit; From 5b5e1920eb519304833aebf9e061c66a262880cd Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 19 Sep 2024 19:16:31 +0200 Subject: [PATCH 073/815] Fix missing GC root in zipAttrsWith My SNAFU was that I assumed that all the `Value *`s we put in `attrsSeen` are already reachable (which they are), but I forgot about the `elems` pointer in `ListBuilder`. Fixes #11547. (cherry picked from commit 0c2fdd2f3c0f04bef4b5c74fbb02a5f8227c07df) --- src/libexpr/primops.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libexpr/primops.cc b/src/libexpr/primops.cc index 7ceb84f0e39..50552f6deff 100644 --- a/src/libexpr/primops.cc +++ b/src/libexpr/primops.cc @@ -3136,7 +3136,7 @@ static void prim_zipAttrsWith(EvalState & state, const PosIdx pos, Value * * arg std::optional list; }; - std::map attrsSeen; + std::map, traceable_allocator>> attrsSeen; state.forceFunction(*args[0], pos, "while evaluating the first argument passed to builtins.zipAttrsWith"); state.forceList(*args[1], pos, "while evaluating the second argument passed to builtins.zipAttrsWith"); From ecd83dc155ac770caa5faccb98f045da8d579e29 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 19 Sep 2024 19:52:47 +0200 Subject: [PATCH 074/815] Use HAVE_BOEHMGC Co-authored-by: Robert Hensing (cherry picked from commit 4449b0da744c32cb9cbb06b661a5f5df4444497a) --- src/libexpr/primops.cc | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/libexpr/primops.cc b/src/libexpr/primops.cc index 50552f6deff..8536eb3597e 100644 --- a/src/libexpr/primops.cc +++ b/src/libexpr/primops.cc @@ -3136,7 +3136,11 @@ static void prim_zipAttrsWith(EvalState & state, const PosIdx pos, Value * * arg std::optional list; }; +#if HAVE_BOEHMGC std::map, traceable_allocator>> attrsSeen; +#else + std::map attrsSeen; +#endif state.forceFunction(*args[0], pos, "while evaluating the first argument passed to builtins.zipAttrsWith"); state.forceList(*args[1], pos, "while evaluating the second argument passed to builtins.zipAttrsWith"); From a7fdef6858dd45b9d7bda7c92324c63faee7f509 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 20 Sep 2024 01:19:15 +0200 Subject: [PATCH 075/815] Bump version --- .version | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.version b/.version index 7ed0e12bccd..4ee8b99322b 100644 --- a/.version +++ b/.version @@ -1 +1 @@ -2.24.7 +2.24.8 From 563dedcf64d960e816fcd216f0944638e6677626 Mon Sep 17 00:00:00 2001 From: Alyssa Ross Date: Sat, 31 Aug 2024 15:59:18 +0200 Subject: [PATCH 076/815] Don't refer to public keys as secret keys in error This constructor is used for public keys as well. (cherry picked from commit 9cc550d65252d3ad822cc12496ef71482c47ff7e) --- src/libutil/signature/local-keys.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libutil/signature/local-keys.cc b/src/libutil/signature/local-keys.cc index 858b036f550..00c4543f2be 100644 --- a/src/libutil/signature/local-keys.cc +++ b/src/libutil/signature/local-keys.cc @@ -22,7 +22,7 @@ Key::Key(std::string_view s) key = ss.payload; if (name == "" || key == "") - throw Error("secret key is corrupt"); + throw Error("key is corrupt"); key = base64Decode(key); } From 1e03ea386b75fbdd8bba01203f059694d0e4c139 Mon Sep 17 00:00:00 2001 From: John Ericson Date: Fri, 20 Sep 2024 10:41:45 -0400 Subject: [PATCH 077/815] Revert "base64Decode: clearer error message when an invalid character is detected" We have a safer way of doing this. This reverts commit dc3ccf02bfd4d359228b54f5c24ae2b6caf6428e. (cherry picked from commit d0c351bf4392e76d81b282aaaafdf2c2e0a64c69) --- src/libutil/util.cc | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/src/libutil/util.cc b/src/libutil/util.cc index 174e7ce8fab..698e181a1d1 100644 --- a/src/libutil/util.cc +++ b/src/libutil/util.cc @@ -260,9 +260,8 @@ std::string base64Decode(std::string_view s) if (c == '\n') continue; char digit = base64DecodeChars[(unsigned char) c]; - if (digit == npos) { - throw Error("invalid character in Base64 string: '%c' in '%s'", c, s.data()); - } + if (digit == npos) + throw Error("invalid character in Base64 string: '%c'", c); bits += 6; d = d << 6 | digit; From 082f6bb35d4c3d63afeaead5733e253760d0d344 Mon Sep 17 00:00:00 2001 From: John Ericson Date: Tue, 17 Sep 2024 15:25:30 -0400 Subject: [PATCH 078/815] Ensure error messages don't leak private key Since #8766, invalid base64 is rendered in errors, but we don't actually want to show this in the case of an invalid private keys. Co-Authored-By: Eelco Dolstra (cherry picked from commit 2b6b03d8df8811ef85605461c030466af84a8761) --- src/libfetchers/git-utils.cc | 8 +++++++- src/libstore/machines.cc | 5 +++-- src/libstore/ssh.cc | 14 ++++++++++++-- src/libstore/ssh.hh | 3 +++ src/libutil/hash.cc | 7 ++++++- src/libutil/signature/local-keys.cc | 29 +++++++++++++++++++++-------- src/libutil/signature/local-keys.hh | 12 ++++++++---- src/libutil/util.cc | 2 +- src/libutil/util.hh | 6 +++++- tests/unit/libexpr/nix_api_expr.cc | 2 +- 10 files changed, 67 insertions(+), 21 deletions(-) diff --git a/src/libfetchers/git-utils.cc b/src/libfetchers/git-utils.cc index 0bc930ab28e..79ff6e7cd87 100644 --- a/src/libfetchers/git-utils.cc +++ b/src/libfetchers/git-utils.cc @@ -460,7 +460,13 @@ struct GitRepoImpl : GitRepo, std::enable_shared_from_this std::string re = R"(Good "git" signature for \* with .* key SHA256:[)"; for (const fetchers::PublicKey & k : publicKeys){ // Calculate sha256 fingerprint from public key and escape the regex symbol '+' to match the key literally - auto fingerprint = trim(hashString(HashAlgorithm::SHA256, base64Decode(k.key)).to_string(nix::HashFormat::Base64, false), "="); + std::string keyDecoded; + try { + keyDecoded = base64Decode(k.key); + } catch (Error & e) { + e.addTrace({}, "while decoding public key '%s' used for git signature", k.key); + } + auto fingerprint = trim(hashString(HashAlgorithm::SHA256, keyDecoded).to_string(nix::HashFormat::Base64, false), "="); auto escaped_fingerprint = std::regex_replace(fingerprint, std::regex("\\+"), "\\+" ); re += "(" + escaped_fingerprint + ")"; } diff --git a/src/libstore/machines.cc b/src/libstore/machines.cc index 256cf918892..5e038fb28d3 100644 --- a/src/libstore/machines.cc +++ b/src/libstore/machines.cc @@ -159,8 +159,9 @@ static Machine parseBuilderLine(const std::set & defaultSystems, co const auto & str = tokens[fieldIndex]; try { base64Decode(str); - } catch (const Error & e) { - throw FormatError("bad machine specification: a column #%lu in a row: '%s' is not valid base64 string: %s", fieldIndex, line, e.what()); + } catch (FormatError & e) { + e.addTrace({}, "while parsing machine specification at a column #%lu in a row: '%s'", fieldIndex, line); + throw; } return str; }; diff --git a/src/libstore/ssh.cc b/src/libstore/ssh.cc index e5d623adf3a..f9cb61778ac 100644 --- a/src/libstore/ssh.cc +++ b/src/libstore/ssh.cc @@ -6,6 +6,16 @@ namespace nix { +static std::string parsePublicHostKey(std::string_view host, std::string_view sshPublicHostKey) +{ + try { + return base64Decode(sshPublicHostKey); + } catch (Error & e) { + e.addTrace({}, "while decoding ssh public host key for host '%s'", host); + throw; + } +} + SSHMaster::SSHMaster( std::string_view host, std::string_view keyFile, @@ -14,7 +24,7 @@ SSHMaster::SSHMaster( : host(host) , fakeSSH(host == "localhost") , keyFile(keyFile) - , sshPublicHostKey(sshPublicHostKey) + , sshPublicHostKey(parsePublicHostKey(host, sshPublicHostKey)) , useMaster(useMaster && !fakeSSH) , compress(compress) , logFD(logFD) @@ -38,7 +48,7 @@ void SSHMaster::addCommonSSHOpts(Strings & args) std::filesystem::path fileName = state->tmpDir->path() / "host-key"; auto p = host.rfind("@"); std::string thost = p != std::string::npos ? std::string(host, p + 1) : host; - writeFile(fileName.string(), thost + " " + base64Decode(sshPublicHostKey) + "\n"); + writeFile(fileName.string(), thost + " " + sshPublicHostKey + "\n"); args.insert(args.end(), {"-oUserKnownHostsFile=" + fileName.string()}); } if (compress) diff --git a/src/libstore/ssh.hh b/src/libstore/ssh.hh index 19b30e8838f..4097134d055 100644 --- a/src/libstore/ssh.hh +++ b/src/libstore/ssh.hh @@ -14,6 +14,9 @@ private: const std::string host; bool fakeSSH; const std::string keyFile; + /** + * Raw bytes, not Base64 encoding. + */ const std::string sshPublicHostKey; const bool useMaster; const bool compress; diff --git a/src/libutil/hash.cc b/src/libutil/hash.cc index ab2a8695dd4..748176d3370 100644 --- a/src/libutil/hash.cc +++ b/src/libutil/hash.cc @@ -245,7 +245,12 @@ Hash::Hash(std::string_view rest, HashAlgorithm algo, bool isSRI) } else if (isSRI || rest.size() == base64Len()) { - auto d = base64Decode(rest); + std::string d; + try { + d = base64Decode(rest); + } catch (Error & e) { + e.addTrace({}, "While decoding hash '%s'", rest); + } if (d.size() != hashSize) throw BadHash("invalid %s hash '%s'", isSRI ? "SRI" : "base-64", rest); assert(hashSize); diff --git a/src/libutil/signature/local-keys.cc b/src/libutil/signature/local-keys.cc index 00c4543f2be..70bcb5f33c2 100644 --- a/src/libutil/signature/local-keys.cc +++ b/src/libutil/signature/local-keys.cc @@ -14,17 +14,25 @@ BorrowedCryptoValue BorrowedCryptoValue::parse(std::string_view s) return {s.substr(0, colon), s.substr(colon + 1)}; } -Key::Key(std::string_view s) +Key::Key(std::string_view s, bool sensitiveValue) { auto ss = BorrowedCryptoValue::parse(s); name = ss.name; key = ss.payload; - if (name == "" || key == "") - throw Error("key is corrupt"); - - key = base64Decode(key); + try { + if (name == "" || key == "") + throw FormatError("key is corrupt"); + + key = base64Decode(key); + } catch (Error & e) { + std::string extra; + if (!sensitiveValue) + extra = fmt(" with raw value '%s'", key); + e.addTrace({}, "while decoding key named '%s'%s", name, extra); + throw; + } } std::string Key::to_string() const @@ -33,7 +41,7 @@ std::string Key::to_string() const } SecretKey::SecretKey(std::string_view s) - : Key(s) + : Key{s, true} { if (key.size() != crypto_sign_SECRETKEYBYTES) throw Error("secret key is not valid"); @@ -66,7 +74,7 @@ SecretKey SecretKey::generate(std::string_view name) } PublicKey::PublicKey(std::string_view s) - : Key(s) + : Key{s, false} { if (key.size() != crypto_sign_PUBLICKEYBYTES) throw Error("public key is not valid"); @@ -83,7 +91,12 @@ bool PublicKey::verifyDetached(std::string_view data, std::string_view sig) cons bool PublicKey::verifyDetachedAnon(std::string_view data, std::string_view sig) const { - auto sig2 = base64Decode(sig); + std::string sig2; + try { + sig2 = base64Decode(sig); + } catch (Error & e) { + e.addTrace({}, "while decoding signature '%s'", sig); + } if (sig2.size() != crypto_sign_BYTES) throw Error("signature is not valid"); diff --git a/src/libutil/signature/local-keys.hh b/src/libutil/signature/local-keys.hh index 4aafc123944..9977f0dac6e 100644 --- a/src/libutil/signature/local-keys.hh +++ b/src/libutil/signature/local-keys.hh @@ -31,15 +31,19 @@ struct Key std::string name; std::string key; + std::string to_string() const; + +protected: + /** * Construct Key from a string in the format * ‘:’. + * + * @param sensitiveValue Avoid displaying the raw Base64 in error + * messages to avoid leaking private keys. */ - Key(std::string_view s); - - std::string to_string() const; + Key(std::string_view s, bool sensitiveValue); -protected: Key(std::string_view name, std::string && key) : name(name), key(std::move(key)) { } }; diff --git a/src/libutil/util.cc b/src/libutil/util.cc index 698e181a1d1..7a79e424982 100644 --- a/src/libutil/util.cc +++ b/src/libutil/util.cc @@ -261,7 +261,7 @@ std::string base64Decode(std::string_view s) char digit = base64DecodeChars[(unsigned char) c]; if (digit == npos) - throw Error("invalid character in Base64 string: '%c'", c); + throw FormatError("invalid character in Base64 string: '%c'", c); bits += 6; d = d << 6 | digit; diff --git a/src/libutil/util.hh b/src/libutil/util.hh index 877d1527945..9fbc710cc51 100644 --- a/src/libutil/util.hh +++ b/src/libutil/util.hh @@ -210,9 +210,13 @@ constexpr char treeNull[] = " "; /** - * Base64 encoding/decoding. + * Encode arbitrary bytes as Base64. */ std::string base64Encode(std::string_view s); + +/** + * Decode arbitrary bytes to Base64. + */ std::string base64Decode(std::string_view s); diff --git a/tests/unit/libexpr/nix_api_expr.cc b/tests/unit/libexpr/nix_api_expr.cc index 8b97d692345..b37ac44b317 100644 --- a/tests/unit/libexpr/nix_api_expr.cc +++ b/tests/unit/libexpr/nix_api_expr.cc @@ -8,7 +8,7 @@ #include "tests/nix_api_expr.hh" #include "tests/string_callback.hh" -#include "gmock/gmock.h" +#include #include namespace nixC { From d4824c8ff7567e35760f211a52f7766947e52a9f Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 23 Sep 2024 15:09:44 +0200 Subject: [PATCH 079/815] builtin:fetchurl: Enable TLS verification This is better for privacy and to avoid leaking netrc credentials in a MITM attack, but also the assumption that we check the hash no longer holds in some cases (in particular for impure derivations). Partially reverts https://github.com/NixOS/nix/commit/5db358d4d78aea7204a8f22c5bf2a309267ee038. (cherry picked from commit c04bc17a5a0fdcb725a11ef6541f94730112e7b6) --- src/libstore/builtins/fetchurl.cc | 3 --- 1 file changed, 3 deletions(-) diff --git a/src/libstore/builtins/fetchurl.cc b/src/libstore/builtins/fetchurl.cc index b9dfeba2f8e..f33060c3307 100644 --- a/src/libstore/builtins/fetchurl.cc +++ b/src/libstore/builtins/fetchurl.cc @@ -38,10 +38,7 @@ void builtinFetchurl( auto source = sinkToSource([&](Sink & sink) { - /* No need to do TLS verification, because we check the hash of - the result anyway. */ FileTransferRequest request(url); - request.verifyTLS = false; request.decompress = false; auto decompressor = makeDecompressionSink( From ee6a5faf4b39978adb3095970ac140a91ec896cc Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Tue, 24 Sep 2024 16:13:28 +0200 Subject: [PATCH 080/815] Add a test for builtin:fetchurl cert verification (cherry picked from commit f2f47fa725fc87bfb536de171a2ea81f2789c9fb) # Conflicts: # tests/nixos/default.nix --- tests/nixos/default.nix | 11 ++++++ tests/nixos/fetchurl.nix | 78 ++++++++++++++++++++++++++++++++++++++++ 2 files changed, 89 insertions(+) create mode 100644 tests/nixos/fetchurl.nix diff --git a/tests/nixos/default.nix b/tests/nixos/default.nix index c0c7b42fd9b..7612ce5f914 100644 --- a/tests/nixos/default.nix +++ b/tests/nixos/default.nix @@ -146,4 +146,15 @@ in functional_root = runNixOSTestFor "x86_64-linux" ./functional/as-root.nix; user-sandboxing = runNixOSTestFor "x86_64-linux" ./user-sandboxing; +<<<<<<< HEAD +======= + + s3-binary-cache-store = runNixOSTestFor "x86_64-linux" ./s3-binary-cache-store.nix; + + fsync = runNixOSTestFor "x86_64-linux" ./fsync.nix; + + cgroups = runNixOSTestFor "x86_64-linux" ./cgroups; + + fetchurl = runNixOSTestFor "x86_64-linux" ./fetchurl.nix; +>>>>>>> f2f47fa72 (Add a test for builtin:fetchurl cert verification) } diff --git a/tests/nixos/fetchurl.nix b/tests/nixos/fetchurl.nix new file mode 100644 index 00000000000..476f779bcc3 --- /dev/null +++ b/tests/nixos/fetchurl.nix @@ -0,0 +1,78 @@ +# Test whether builtin:fetchurl properly performs TLS certificate +# checks on HTTPS servers. + +{ lib, config, pkgs, ... }: + +let + + makeTlsCert = name: pkgs.runCommand name { + nativeBuildInputs = with pkgs; [ openssl ]; + } '' + mkdir -p $out + openssl req -x509 \ + -subj '/CN=${name}/' -days 49710 \ + -addext 'subjectAltName = DNS:${name}' \ + -keyout "$out/key.pem" -newkey ed25519 \ + -out "$out/cert.pem" -noenc + ''; + + goodCert = makeTlsCert "good"; + badCert = makeTlsCert "bad"; + +in + +{ + name = "nss-preload"; + + nodes = { + machine = { lib, pkgs, ... }: { + services.nginx = { + enable = true; + + virtualHosts."good" = { + addSSL = true; + sslCertificate = "${goodCert}/cert.pem"; + sslCertificateKey = "${goodCert}/key.pem"; + root = pkgs.runCommand "nginx-root" {} '' + mkdir "$out" + echo 'hello world' > "$out/index.html" + ''; + }; + + virtualHosts."bad" = { + addSSL = true; + sslCertificate = "${badCert}/cert.pem"; + sslCertificateKey = "${badCert}/key.pem"; + root = pkgs.runCommand "nginx-root" {} '' + mkdir "$out" + echo 'foobar' > "$out/index.html" + ''; + }; + }; + + security.pki.certificateFiles = [ "${goodCert}/cert.pem" ]; + + networking.hosts."127.0.0.1" = [ "good" "bad" ]; + + virtualisation.writableStore = true; + + nix.settings.experimental-features = "nix-command"; + }; + }; + + testScript = { nodes, ... }: '' + machine.wait_for_unit("nginx") + machine.wait_for_open_port(443) + + out = machine.succeed("curl https://good/index.html") + assert out == "hello world\n" + + # Fetching from a server with a trusted cert should work. + machine.succeed("nix build --no-substitute --expr 'import { url = \"https://good/index.html\"; hash = \"sha256-qUiQTy8PR5uPgZdpSzAYSw0u0cHNKh7A+4XSmaGSpEc=\"; }'") + + # Fetching from a server with an untrusted cert should fail. + err = machine.fail("nix build --no-substitute --expr 'import { url = \"https://bad/index.html\"; hash = \"sha256-rsBwZF/lPuOzdjBZN2E08FjMM3JHyXit0Xi2zN+wAZ8=\"; }' 2>&1") + print(err) + assert "SSL certificate problem: self-signed certificate" in err + ''; +} From 345a264a39a40e891587553d41db2989a36e2065 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 25 Sep 2024 22:33:50 +0200 Subject: [PATCH 081/815] Add release note (cherry picked from commit 7b39cd631e0d3c3d238015c6f450c59bbc9cbc5b) --- doc/manual/rl-next/verify-tls.md | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 doc/manual/rl-next/verify-tls.md diff --git a/doc/manual/rl-next/verify-tls.md b/doc/manual/rl-next/verify-tls.md new file mode 100644 index 00000000000..489941d5bc4 --- /dev/null +++ b/doc/manual/rl-next/verify-tls.md @@ -0,0 +1,8 @@ +--- +synopsis: "`` uses TLS verification" +prs: [11585] +--- + +Previously `` did not do TLS verification. This was because the Nix sandbox in the past did not have access to TLS certificates, and Nix checks the hash of the fetched file anyway. However, this can expose authentication data from `netrc` and URLs to man-in-the-middle attackers. In addition, Nix now in some cases (such as when using impure derivations) does *not* check the hash. Therefore we have now enabled TLS verification. This means that downloads by `` will now fail if you're fetching from a HTTPS server that does not have a valid certificate. + +`` is also known as the builtin derivation builder `builtin:fetchurl`. It's not to be confused with the evaluation-time function `builtins.fetchurl`, which was not affected by this issues. From e87be60055fd17895f3d9713f837d73f85bcf48d Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 26 Sep 2024 00:15:04 +0200 Subject: [PATCH 082/815] Typo (cherry picked from commit ef8987955be337976ae229c44870cf6adc43bba5) --- doc/manual/rl-next/verify-tls.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/manual/rl-next/verify-tls.md b/doc/manual/rl-next/verify-tls.md index 489941d5bc4..afc689f46a9 100644 --- a/doc/manual/rl-next/verify-tls.md +++ b/doc/manual/rl-next/verify-tls.md @@ -5,4 +5,4 @@ prs: [11585] Previously `` did not do TLS verification. This was because the Nix sandbox in the past did not have access to TLS certificates, and Nix checks the hash of the fetched file anyway. However, this can expose authentication data from `netrc` and URLs to man-in-the-middle attackers. In addition, Nix now in some cases (such as when using impure derivations) does *not* check the hash. Therefore we have now enabled TLS verification. This means that downloads by `` will now fail if you're fetching from a HTTPS server that does not have a valid certificate. -`` is also known as the builtin derivation builder `builtin:fetchurl`. It's not to be confused with the evaluation-time function `builtins.fetchurl`, which was not affected by this issues. +`` is also known as the builtin derivation builder `builtin:fetchurl`. It's not to be confused with the evaluation-time function `builtins.fetchurl`, which was not affected by this issue. From ba8159801770df18435de8f1cc63b3b523ab65ec Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 26 Sep 2024 00:17:03 +0200 Subject: [PATCH 083/815] Resolve conflict --- tests/nixos/default.nix | 9 --------- 1 file changed, 9 deletions(-) diff --git a/tests/nixos/default.nix b/tests/nixos/default.nix index 7612ce5f914..313dc2f3cd1 100644 --- a/tests/nixos/default.nix +++ b/tests/nixos/default.nix @@ -146,15 +146,6 @@ in functional_root = runNixOSTestFor "x86_64-linux" ./functional/as-root.nix; user-sandboxing = runNixOSTestFor "x86_64-linux" ./user-sandboxing; -<<<<<<< HEAD -======= - - s3-binary-cache-store = runNixOSTestFor "x86_64-linux" ./s3-binary-cache-store.nix; - - fsync = runNixOSTestFor "x86_64-linux" ./fsync.nix; - - cgroups = runNixOSTestFor "x86_64-linux" ./cgroups; fetchurl = runNixOSTestFor "x86_64-linux" ./fetchurl.nix; ->>>>>>> f2f47fa72 (Add a test for builtin:fetchurl cert verification) } From b23812a59c6854378f042e33f5e006c4d9dc516a Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 26 Sep 2024 03:25:40 +0200 Subject: [PATCH 084/815] Bump version --- .version | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.version b/.version index 4ee8b99322b..358c8e60ec9 100644 --- a/.version +++ b/.version @@ -1 +1 @@ -2.24.8 +2.24.9 From 34fd00accce3d0f1efe12e89735542a707e6e89d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Tue, 24 Sep 2024 08:02:57 +0200 Subject: [PATCH 085/815] create git caches atomically When working on speeding up the CI, I triggered a race condition in the creation of the tarball cache. This code now instead will ensure that half-initialized repositories are no longer visible to any other nix process. This is the error message that I got before: error: opening Git repository '"/Users/runner/.cache/nix/tarball-cache"': could not find repository at '/Users/runner/.cache/nix/tarball-cache' (cherry picked from commit 12d5b2cfa1e77816abc9c7c6989afaead9723bbc) --- src/libfetchers/git-utils.cc | 32 +++++++++++++++++++++++++------- 1 file changed, 25 insertions(+), 7 deletions(-) diff --git a/src/libfetchers/git-utils.cc b/src/libfetchers/git-utils.cc index 79ff6e7cd87..e45590b801d 100644 --- a/src/libfetchers/git-utils.cc +++ b/src/libfetchers/git-utils.cc @@ -159,6 +159,27 @@ static Object peelToTreeOrBlob(git_object * obj) return peelObject(obj, GIT_OBJECT_TREE); } +static void initRepoAtomically(std::filesystem::path &path, bool bare) { + if (pathExists(path.string())) return; + + Path tmpDir = createTempDir(std::filesystem::path(path).parent_path()); + AutoDelete delTmpDir(tmpDir, true); + Repository tmpRepo; + + if (git_repository_init(Setter(tmpRepo), tmpDir.c_str(), bare)) + throw Error("creating Git repository %s: %s", path, git_error_last()->message); + try { + std::filesystem::rename(tmpDir, path); + } catch (std::filesystem::filesystem_error & e) { + if (e.code() == std::errc::file_exists) // Someone might race us to create the repository. + return; + else + throw SysError("moving temporary git repository from %s to %s", tmpDir, path); + } + // we successfully moved the repository, so the temporary directory no longer exists. + delTmpDir.cancel(); +} + struct GitRepoImpl : GitRepo, std::enable_shared_from_this { /** Location of the repository on disk. */ @@ -170,13 +191,10 @@ struct GitRepoImpl : GitRepo, std::enable_shared_from_this { initLibGit2(); - if (pathExists(path.string())) { - if (git_repository_open(Setter(repo), path.string().c_str())) - throw Error("opening Git repository '%s': %s", path, git_error_last()->message); - } else { - if (git_repository_init(Setter(repo), path.string().c_str(), bare)) - throw Error("creating Git repository '%s': %s", path, git_error_last()->message); - } + initRepoAtomically(path, bare); + if (git_repository_open(Setter(repo), path.string().c_str())) + throw Error("opening Git repository '%s': %s", path, git_error_last()->message); + } operator git_repository * () From 15a2b49115f2b8fcb6152afd7209e147d7042685 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 27 Sep 2024 00:16:52 +0200 Subject: [PATCH 086/815] HttpBinaryCacheStore::getFile(): Fix uncaught exception This method is marked as `noexcept`, but `enqueueFileTransfer()` can throw `Interrupted` if the user has hit Ctrl-C or if the `ThreadPool` that the thread is a part of is shutting down. (cherry picked from commit 4566854981423ec36c1c7987ea2bcaba619b5d4e) --- src/libstore/http-binary-cache-store.cc | 37 +++++++++++++------------ 1 file changed, 19 insertions(+), 18 deletions(-) diff --git a/src/libstore/http-binary-cache-store.cc b/src/libstore/http-binary-cache-store.cc index b15ef4e4cba..fc7ac2deac8 100644 --- a/src/libstore/http-binary-cache-store.cc +++ b/src/libstore/http-binary-cache-store.cc @@ -169,28 +169,29 @@ class HttpBinaryCacheStore : public virtual HttpBinaryCacheStoreConfig, public v { try { checkEnabled(); + + auto request(makeRequest(path)); + + auto callbackPtr = std::make_shared(std::move(callback)); + + getFileTransfer()->enqueueFileTransfer(request, + {[callbackPtr, this](std::future result) { + try { + (*callbackPtr)(std::move(result.get().data)); + } catch (FileTransferError & e) { + if (e.error == FileTransfer::NotFound || e.error == FileTransfer::Forbidden) + return (*callbackPtr)({}); + maybeDisable(); + callbackPtr->rethrow(); + } catch (...) { + callbackPtr->rethrow(); + } + }}); + } catch (...) { callback.rethrow(); return; } - - auto request(makeRequest(path)); - - auto callbackPtr = std::make_shared(std::move(callback)); - - getFileTransfer()->enqueueFileTransfer(request, - {[callbackPtr, this](std::future result) { - try { - (*callbackPtr)(std::move(result.get().data)); - } catch (FileTransferError & e) { - if (e.error == FileTransfer::NotFound || e.error == FileTransfer::Forbidden) - return (*callbackPtr)({}); - maybeDisable(); - callbackPtr->rethrow(); - } catch (...) { - callbackPtr->rethrow(); - } - }}); } /** From a1d841bf2c387a805ebdd165f2511aff9f6e63ec Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Sat, 28 Sep 2024 00:05:03 +0200 Subject: [PATCH 087/815] Bump version --- .version | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.version b/.version index 358c8e60ec9..588b4a3cc9b 100644 --- a/.version +++ b/.version @@ -1 +1 @@ -2.24.9 +2.24.10 From 742eb0f8159c2b22470ec7b6c5c0e9a99c008349 Mon Sep 17 00:00:00 2001 From: Puck Meerburg Date: Sat, 28 Sep 2024 16:54:39 +0200 Subject: [PATCH 088/815] fix passing CA files into builtins:fetchurl sandbox MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This patch has been manually adapted from https://github.com/lix-project/lix/commit/14dc84ed03f1b7e5a41bb6fdce00916faab32b60 Tested with: $ NIX_SSL_CERT_FILE=$(nix-build '' -A cacert)/etc/ssl/certs/ca-bundle.crt nix-build --store $(mktemp -d) -E 'import { url = https://google.com; }' Finished at 16:57:50 after 1s warning: found empty hash, assuming 'sha256-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=' this derivation will be built: nix-output-monitor error: DerivationReadError /nix/store/4qljhy0jj2b0abjzpsbyarpia1bqylwc-google.com.drv: openFile: does not exist (No such file or directory) /nix/store/4qljhy0jj2b0abjzpsbyarpia1bqylwc-google.com.drv nix-output-monitor error: DerivationReadError /nix/store/4qljhy0jj2b0abjzpsbyarpia1bqylwc-google.com.drv: openFile: does not exist (No such file or directory) nix-output-monitor error: DerivationReadError /nix/store/4qljhy0jj2b0abjzpsbyarpia1bqylwc-google.com.drv: openFile: does not exist (No such file or directory) nix-output-monitor error: DerivationReadError /nix/store/4qljhy0jj2b0abjzpsbyarpia1bqylwc-google.com.drv: openFile: does not exist (No such file or directory) google.com> building '/nix/store/4qljhy0jj2b0abjzpsbyarpia1bqylwc-google.com.drv' nix-output-monitor error: DerivationReadError /nix/store/4qljhy0jj2b0abjzpsbyarpia1bqylwc-google.com.drv: openFile: does not exist (No such file or directory) google.com> error: nix-output-monitor error: DerivationReadError /nix/store/4qljhy0jj2b0abjzpsbyarpia1bqylwc-google.com.drv: openFile: does not exist (No such file or directory) google.com> … writing file '/nix/store/0zynn4n8yx59bczy1mgh1lq2rnprvvrc-google.com' nix-output-monitor error: DerivationReadError /nix/store/4qljhy0jj2b0abjzpsbyarpia1bqylwc-google.com.drv: openFile: does not exist (No such file or directory) google.com> nix-output-monitor error: DerivationReadError /nix/store/4qljhy0jj2b0abjzpsbyarpia1bqylwc-google.com.drv: openFile: does not exist (No such file or directory) google.com> error: unable to download 'https://google.com': Problem with the SSL CA cert (path? access rights?) (77) error setting certificate file: /nix/store/nlgbippbbgn38hynjkp1ghiybcq1dqhx-nss-cacert-3.101.1/etc/ssl/certs/ca-bundle.crt nix-output-monitor error: DerivationReadError /nix/store/4qljhy0jj2b0abjzpsbyarpia1bqylwc-google.com.drv: openFile: does not exist (No such file or directory) nix-output-monitor error: DerivationReadError /nix/store/4qljhy0jj2b0abjzpsbyarpia1bqylwc-google.com.drv: openFile: does not exist (No such file or directory) error: builder for '/nix/store/4qljhy0jj2b0abjzpsbyarpia1bqylwc-google.com.drv' failed with exit code 1 Now returns: nix-env % NIX_SSL_CERT_FILE=$(nix-build '' -A cacert)/etc/ssl/certs/ca-bundle.crt nix-build --store $(mktemp -d) -E 'import { url = https://google.com; }' Finished at 17:05:48 after 0s warning: found empty hash, assuming 'sha256-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=' this derivation will be built: nix-output-monitor error: DerivationReadError /nix/store/4qljhy0jj2b0abjzpsbyarpia1bqylwc-google.com.drv: openFile: does not exist (No such file or directory) /nix/store/4qljhy0jj2b0abjzpsbyarpia1bqylwc-google.com.drv nix-output-monitor error: DerivationReadError /nix/store/4qljhy0jj2b0abjzpsbyarpia1bqylwc-google.com.drv: openFile: does not exist (No such file or directory) nix-output-monitor error: DerivationReadError /nix/store/4qljhy0jj2b0abjzpsbyarpia1bqylwc-google.com.drv: openFile: does not exist (No such file or directory) nix-output-monitor error: DerivationReadError /nix/store/4qljhy0jj2b0abjzpsbyarpia1bqylwc-google.com.drv: openFile: does not exist (No such file or directory) google.com> building '/nix/store/4qljhy0jj2b0abjzpsbyarpia1bqylwc-google.com.drv' nix-output-monitor error: DerivationReadError /nix/store/4qljhy0jj2b0abjzpsbyarpia1bqylwc-google.com.drv: openFile: does not exist (No such file or directory) nix-output-monitor error: DerivationReadError /nix/store/4qljhy0jj2b0abjzpsbyarpia1bqylwc-google.com.drv: openFile: does not exist (No such file or directory) error: hash mismatch in fixed-output derivation '/nix/store/4qljhy0jj2b0abjzpsbyarpia1bqylwc-google.com.drv': specified: sha256-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA= (cherry picked from commit c1ecf0bee973e620c9282bd71ddf1a5710968249) --- src/libstore/builtins.hh | 3 ++- src/libstore/builtins/fetchurl.cc | 6 +++++- .../unix/build/local-derivation-goal.cc | 21 ++++++++++++------- tests/nixos/fetchurl.nix | 6 ++++++ 4 files changed, 27 insertions(+), 9 deletions(-) diff --git a/src/libstore/builtins.hh b/src/libstore/builtins.hh index 93558b49e23..091946e013a 100644 --- a/src/libstore/builtins.hh +++ b/src/libstore/builtins.hh @@ -9,7 +9,8 @@ namespace nix { void builtinFetchurl( const BasicDerivation & drv, const std::map & outputs, - const std::string & netrcData); + const std::string & netrcData, + const std::string & caFileData); void builtinUnpackChannel( const BasicDerivation & drv, diff --git a/src/libstore/builtins/fetchurl.cc b/src/libstore/builtins/fetchurl.cc index f33060c3307..90e58dfdb3d 100644 --- a/src/libstore/builtins/fetchurl.cc +++ b/src/libstore/builtins/fetchurl.cc @@ -9,7 +9,8 @@ namespace nix { void builtinFetchurl( const BasicDerivation & drv, const std::map & outputs, - const std::string & netrcData) + const std::string & netrcData, + const std::string & caFileData) { /* Make the host's netrc data available. Too bad curl requires this to be stored in a file. It would be nice if we could just @@ -19,6 +20,9 @@ void builtinFetchurl( writeFile(settings.netrcFile, netrcData, 0600); } + settings.caFile = "ca-certificates.crt"; + writeFile(settings.caFile, caFileData, 0600); + auto out = get(drv.outputs, "out"); if (!out) throw Error("'builtin:fetchurl' requires an 'out' output"); diff --git a/src/libstore/unix/build/local-derivation-goal.cc b/src/libstore/unix/build/local-derivation-goal.cc index c9a54bb0ffa..54ca69580fa 100644 --- a/src/libstore/unix/build/local-derivation-goal.cc +++ b/src/libstore/unix/build/local-derivation-goal.cc @@ -1746,13 +1746,20 @@ void LocalDerivationGoal::runChild() bool setUser = true; - /* Make the contents of netrc available to builtin:fetchurl - (which may run under a different uid and/or in a sandbox). */ + /* Make the contents of netrc and the CA certificate bundle + available to builtin:fetchurl (which may run under a + different uid and/or in a sandbox). */ std::string netrcData; - try { - if (drv->isBuiltin() && drv->builder == "builtin:fetchurl") - netrcData = readFile(settings.netrcFile); - } catch (SystemError &) { } + std::string caFileData; + if (drv->isBuiltin() && drv->builder == "builtin:fetchurl") { + try { + netrcData = readFile(settings.netrcFile); + } catch (SystemError &) { } + + try { + caFileData = readFile(settings.caFile); + } catch (SystemError &) { } + } #if __linux__ if (useChroot) { @@ -2191,7 +2198,7 @@ void LocalDerivationGoal::runChild() worker.store.printStorePath(scratchOutputs.at(e.first))); if (drv->builder == "builtin:fetchurl") - builtinFetchurl(*drv, outputs, netrcData); + builtinFetchurl(*drv, outputs, netrcData, caFileData); else if (drv->builder == "builtin:buildenv") builtinBuildenv(*drv, outputs); else if (drv->builder == "builtin:unpack-channel") diff --git a/tests/nixos/fetchurl.nix b/tests/nixos/fetchurl.nix index 476f779bcc3..f873bf4b56f 100644 --- a/tests/nixos/fetchurl.nix +++ b/tests/nixos/fetchurl.nix @@ -67,6 +67,9 @@ in out = machine.succeed("curl https://good/index.html") assert out == "hello world\n" + out = machine.succeed("cat ${badCert}/cert.pem > /tmp/cafile.pem; curl --cacert /tmp/cafile.pem https://bad/index.html") + assert out == "foobar\n" + # Fetching from a server with a trusted cert should work. machine.succeed("nix build --no-substitute --expr 'import { url = \"https://good/index.html\"; hash = \"sha256-qUiQTy8PR5uPgZdpSzAYSw0u0cHNKh7A+4XSmaGSpEc=\"; }'") @@ -74,5 +77,8 @@ in err = machine.fail("nix build --no-substitute --expr 'import { url = \"https://bad/index.html\"; hash = \"sha256-rsBwZF/lPuOzdjBZN2E08FjMM3JHyXit0Xi2zN+wAZ8=\"; }' 2>&1") print(err) assert "SSL certificate problem: self-signed certificate" in err + + # Fetching from a server with a trusted cert should work via environment variable override. + machine.succeed("NIX_SSL_CERT_FILE=/tmp/cafile.pem nix build --no-substitute --expr 'import { url = \"https://bad/index.html\"; hash = \"sha256-rsBwZF/lPuOzdjBZN2E08FjMM3JHyXit0Xi2zN+wAZ8=\"; }'") ''; } From 5f1b132187651dddfc9435c5e0a83737d016c780 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Sat, 28 Sep 2024 17:06:10 +0200 Subject: [PATCH 089/815] tests/nixos/fetchurl: drop unused variables (cherry picked from commit 410853ddcf91910bd4db7421b3df756e25a4fbbd) --- tests/nixos/fetchurl.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/nixos/fetchurl.nix b/tests/nixos/fetchurl.nix index f873bf4b56f..243c0cacc6e 100644 --- a/tests/nixos/fetchurl.nix +++ b/tests/nixos/fetchurl.nix @@ -1,7 +1,7 @@ # Test whether builtin:fetchurl properly performs TLS certificate # checks on HTTPS servers. -{ lib, config, pkgs, ... }: +{ pkgs, ... }: let @@ -25,7 +25,7 @@ in name = "nss-preload"; nodes = { - machine = { lib, pkgs, ... }: { + machine = { pkgs, ... }: { services.nginx = { enable = true; @@ -60,7 +60,7 @@ in }; }; - testScript = { nodes, ... }: '' + testScript = '' machine.wait_for_unit("nginx") machine.wait_for_open_port(443) From d80bf54e3b61b296a8944e2c95088c37661b0deb Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 5 Aug 2024 11:38:38 +0200 Subject: [PATCH 090/815] Add a VM test for S3BinaryCacheStore Fixes #11238. (cherry picked from commit 2950f9e18af1bd57b566b8c0b4df71022edb3b80) --- tests/nixos/default.nix | 2 + tests/nixos/nix-copy-closure.nix | 2 +- tests/nixos/s3-binary-cache-store.nix | 63 +++++++++++++++++++++++++++ 3 files changed, 66 insertions(+), 1 deletion(-) create mode 100644 tests/nixos/s3-binary-cache-store.nix diff --git a/tests/nixos/default.nix b/tests/nixos/default.nix index 313dc2f3cd1..e79bb59b8de 100644 --- a/tests/nixos/default.nix +++ b/tests/nixos/default.nix @@ -148,4 +148,6 @@ in user-sandboxing = runNixOSTestFor "x86_64-linux" ./user-sandboxing; fetchurl = runNixOSTestFor "x86_64-linux" ./fetchurl.nix; + + s3-binary-cache-store = runNixOSTestFor "x86_64-linux" ./s3-binary-cache-store.nix; } diff --git a/tests/nixos/nix-copy-closure.nix b/tests/nixos/nix-copy-closure.nix index 66cbfb0338d..b9daa0a1f90 100644 --- a/tests/nixos/nix-copy-closure.nix +++ b/tests/nixos/nix-copy-closure.nix @@ -1,6 +1,6 @@ # Test ‘nix-copy-closure’. -{ lib, config, nixpkgs, hostPkgs, ... }: +{ lib, config, nixpkgs, ... }: let pkgs = config.nodes.client.nixpkgs.pkgs; diff --git a/tests/nixos/s3-binary-cache-store.nix b/tests/nixos/s3-binary-cache-store.nix new file mode 100644 index 00000000000..0154579680e --- /dev/null +++ b/tests/nixos/s3-binary-cache-store.nix @@ -0,0 +1,63 @@ +{ lib, config, nixpkgs, ... }: + +let + pkgs = config.nodes.client.nixpkgs.pkgs; + + pkgA = pkgs.cowsay; + + accessKey = "BKIKJAA5BMMU2RHO6IBB"; + secretKey = "V7f1CwQqAcwo80UEIJEjc5gVQUSSx5ohQ9GSrr12"; + env = "AWS_ACCESS_KEY_ID=${accessKey} AWS_SECRET_ACCESS_KEY=${secretKey}"; + + storeUrl = "s3://my-cache?endpoint=http://server:9000®ion=eu-west-1"; + +in { + name = "nix-copy-closure"; + + nodes = + { server = + { config, lib, pkgs, ... }: + { virtualisation.writableStore = true; + virtualisation.additionalPaths = [ pkgA ]; + environment.systemPackages = [ pkgs.minio-client ]; + nix.extraOptions = "experimental-features = nix-command"; + services.minio = { + enable = true; + region = "eu-west-1"; + rootCredentialsFile = pkgs.writeText "minio-credentials-full" '' + MINIO_ROOT_USER=${accessKey} + MINIO_ROOT_PASSWORD=${secretKey} + ''; + }; + networking.firewall.allowedTCPPorts = [ 9000 ]; + }; + + client = + { config, pkgs, ... }: + { virtualisation.writableStore = true; + nix.extraOptions = "experimental-features = nix-command"; + }; + }; + + testScript = { nodes }: '' + # fmt: off + start_all() + + # Create a binary cache. + server.wait_for_unit("minio") + + server.succeed("mc config host add minio http://localhost:9000 ${accessKey} ${secretKey} --api s3v4") + server.succeed("mc mb minio/my-cache") + + server.succeed("${env} nix copy --to '${storeUrl}' ${pkgA}") + + # Copy a package from the binary cache. + client.fail("nix path-info ${pkgA}") + + client.succeed("${env} nix store info --store '${storeUrl}' >&2") + + client.succeed("${env} nix copy --no-check-sigs --from '${storeUrl}' ${pkgA}") + + client.succeed("nix path-info ${pkgA}") + ''; +} From 4912a9e7fdd69b9b66437a94a86eb04789f2fd12 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 11 Oct 2024 14:31:15 +0200 Subject: [PATCH 091/815] builtins.fetchurl: Fix segfault on s3:// URLs Also, add an activity to show that we're downloading an s3:// file. Fixes #11674. (cherry picked from commit 0500fba56a02c3c8458d257b6ea24af1c81c8b9e) --- src/libstore/filetransfer.cc | 5 +++++ tests/nixos/s3-binary-cache-store.nix | 3 +++ 2 files changed, 8 insertions(+) diff --git a/src/libstore/filetransfer.cc b/src/libstore/filetransfer.cc index 5ea8b6f962c..b8421080538 100644 --- a/src/libstore/filetransfer.cc +++ b/src/libstore/filetransfer.cc @@ -754,12 +754,17 @@ struct curlFileTransfer : public FileTransfer S3Helper s3Helper(profile, region, scheme, endpoint); + Activity act(*logger, lvlTalkative, actFileTransfer, + fmt("downloading '%s'", request.uri), + {request.uri}, request.parentAct); + // FIXME: implement ETag auto s3Res = s3Helper.getObject(bucketName, key); FileTransferResult res; if (!s3Res.data) throw FileTransferError(NotFound, "S3 object '%s' does not exist", request.uri); res.data = std::move(*s3Res.data); + res.urls.push_back(request.uri); callback(std::move(res)); #else throw nix::Error("cannot download '%s' because Nix is not built with S3 support", request.uri); diff --git a/tests/nixos/s3-binary-cache-store.nix b/tests/nixos/s3-binary-cache-store.nix index 0154579680e..6ae2e357295 100644 --- a/tests/nixos/s3-binary-cache-store.nix +++ b/tests/nixos/s3-binary-cache-store.nix @@ -51,6 +51,9 @@ in { server.succeed("${env} nix copy --to '${storeUrl}' ${pkgA}") + # Test fetchurl on s3:// URLs while we're at it. + client.succeed("${env} nix eval --impure --expr 'builtins.fetchurl { name = \"foo\"; url = \"s3://my-cache/nix-cache-info?endpoint=http://server:9000®ion=eu-west-1\"; }'") + # Copy a package from the binary cache. client.fail("nix path-info ${pkgA}") From 339236d32ef337cdc5fb3e1e964f7ee92d7141f6 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 11 Oct 2024 14:55:22 +0200 Subject: [PATCH 092/815] Make S3 downloads slightly more interruptable (cherry picked from commit d38f62f64d389cb4e9a582d89aa3f8a50fb3c074) --- src/libstore/s3-binary-cache-store.cc | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/libstore/s3-binary-cache-store.cc b/src/libstore/s3-binary-cache-store.cc index 21175b1ebfd..bcbf0b55ebc 100644 --- a/src/libstore/s3-binary-cache-store.cc +++ b/src/libstore/s3-binary-cache-store.cc @@ -9,6 +9,7 @@ #include "globals.hh" #include "compression.hh" #include "filetransfer.hh" +#include "signals.hh" #include #include @@ -117,6 +118,7 @@ class RetryStrategy : public Aws::Client::DefaultRetryStrategy { bool ShouldRetry(const Aws::Client::AWSError& error, long attemptedRetries) const override { + checkInterrupt(); auto retry = Aws::Client::DefaultRetryStrategy::ShouldRetry(error, attemptedRetries); if (retry) printError("AWS error '%s' (%s), will retry in %d ms", From 1294442c6cc6a2ee883f9dd932ad5139f5b35a92 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 14 Oct 2024 13:15:55 +0200 Subject: [PATCH 093/815] Add assert (cherry picked from commit d2f4d076195f048146fa64916283a524f6820380) --- src/libfetchers/tarball.cc | 1 + 1 file changed, 1 insertion(+) diff --git a/src/libfetchers/tarball.cc b/src/libfetchers/tarball.cc index dd4f3b78086..52ba73f6235 100644 --- a/src/libfetchers/tarball.cc +++ b/src/libfetchers/tarball.cc @@ -90,6 +90,7 @@ DownloadFileResult downloadFile( /* Cache metadata for all URLs in the redirect chain. */ for (auto & url : res.urls) { key.second.insert_or_assign("url", url); + assert(!res.urls.empty()); infoAttrs.insert_or_assign("url", *res.urls.rbegin()); getCache()->upsert(key, *store, infoAttrs, *storePath); } From 9da1300617891a5f71e7ec5d8380aaa1e4cf2240 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 14 Oct 2024 13:53:54 +0200 Subject: [PATCH 094/815] Handle tarballs where directory entries are not contiguous I.e. when not all entries underneath a directory X follow eachother, but there is some entry Y that isn't a child of X in between. Fixes #11656. (cherry picked from commit 4012954b596b725dd61d49668691a69d491120c3) --- src/libfetchers/git-utils.cc | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/src/libfetchers/git-utils.cc b/src/libfetchers/git-utils.cc index e45590b801d..6efb453ec13 100644 --- a/src/libfetchers/git-utils.cc +++ b/src/libfetchers/git-utils.cc @@ -855,8 +855,24 @@ struct GitFileSystemObjectSinkImpl : GitFileSystemObjectSink void pushBuilder(std::string name) { + const git_tree_entry * entry; + Tree prevTree = nullptr; + + if (!pendingDirs.empty() && + (entry = git_treebuilder_get(pendingDirs.back().builder.get(), name.c_str()))) + { + /* Clone a tree that we've already finished. This happens + if a tarball has directory entries that are not + contiguous. */ + if (git_tree_entry_type(entry) != GIT_OBJECT_TREE) + throw Error("parent of '%s' is not a directory", name); + + if (git_tree_entry_to_object((git_object * *) (git_tree * *) Setter(prevTree), *repo, entry)) + throw Error("looking up parent of '%s': %s", name, git_error_last()->message); + } + git_treebuilder * b; - if (git_treebuilder_new(&b, *repo, nullptr)) + if (git_treebuilder_new(&b, *repo, prevTree.get())) throw Error("creating a tree builder: %s", git_error_last()->message); pendingDirs.push_back({ .name = std::move(name), .builder = TreeBuilder(b) }); }; From 57ace600af864f2d06bdf7391de316a26827047a Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 14 Oct 2024 14:10:36 +0200 Subject: [PATCH 095/815] Add a test (cherry picked from commit a7b9877da9d1bdafcc9b2f4681ecb3a1b83de7fc) --- tests/functional/tarball.sh | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/tests/functional/tarball.sh b/tests/functional/tarball.sh index 4d89456255f..a1e0f9cb054 100755 --- a/tests/functional/tarball.sh +++ b/tests/functional/tarball.sh @@ -100,3 +100,17 @@ chmod +x "$TEST_ROOT/tar_root/foo" tar cvf "$TEST_ROOT/tar.tar" -C "$TEST_ROOT/tar_root" . path="$(nix flake prefetch --refresh --json "tarball+file://$TEST_ROOT/tar.tar" | jq -r .storePath)" [[ $(cat "$path/foo") = bar ]] + +# Test a tarball with non-contiguous directory entries. +rm -rf "$TEST_ROOT/tar_root" +mkdir -p "$TEST_ROOT/tar_root/a/b" +echo foo > "$TEST_ROOT/tar_root/a/b/foo" +echo bla > "$TEST_ROOT/tar_root/bla" +tar cvf "$TEST_ROOT/tar.tar" -C "$TEST_ROOT/tar_root" . +echo abc > "$TEST_ROOT/tar_root/bla" +echo xyzzy > "$TEST_ROOT/tar_root/a/b/xyzzy" +tar rvf "$TEST_ROOT/tar.tar" -C "$TEST_ROOT/tar_root" ./a/b/xyzzy ./bla +path="$(nix flake prefetch --refresh --json "tarball+file://$TEST_ROOT/tar.tar" | jq -r .storePath)" +[[ $(cat "$path/a/b/xyzzy") = xyzzy ]] +[[ $(cat "$path/a/b/foo") = foo ]] +[[ $(cat "$path/bla") = abc ]] From 0e9b04a66ed4ea5f097a6ba0489a01d9f08e891a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Fri, 18 Oct 2024 12:03:33 +0300 Subject: [PATCH 096/815] fix env-vars beeing written to `/tmp` This overall seems like insecure tmp file handling to me. Because other users could replace files in /tmp with a symlink and make the nix-shell override other files. fixes https://github.com/NixOS/nix/issues/11470 (cherry picked from commit 2105574702b582578c43b551cfe8905715211f03) --- src/nix-build/nix-build.cc | 17 +++++------------ tests/functional/nix-shell.sh | 9 +++++++++ 2 files changed, 14 insertions(+), 12 deletions(-) diff --git a/src/nix-build/nix-build.cc b/src/nix-build/nix-build.cc index a5b9e1e548e..5346641ebdc 100644 --- a/src/nix-build/nix-build.cc +++ b/src/nix-build/nix-build.cc @@ -526,8 +526,6 @@ static void main_nix_build(int argc, char * * argv) // Set the environment. auto env = getEnv(); - auto tmp = getEnvNonEmpty("TMPDIR").value_or("/tmp"); - if (pure) { decltype(env) newEnv; for (auto & i : env) @@ -538,18 +536,16 @@ static void main_nix_build(int argc, char * * argv) env["__ETC_PROFILE_SOURCED"] = "1"; } - env["NIX_BUILD_TOP"] = env["TMPDIR"] = env["TEMPDIR"] = env["TMP"] = env["TEMP"] = tmp; + env["NIX_BUILD_TOP"] = env["TMPDIR"] = env["TEMPDIR"] = env["TMP"] = env["TEMP"] = tmpDir.path(); env["NIX_STORE"] = store->storeDir; env["NIX_BUILD_CORES"] = std::to_string(settings.buildCores); auto passAsFile = tokenizeString(getOr(drv.env, "passAsFile", "")); - bool keepTmp = false; int fileNr = 0; for (auto & var : drv.env) if (passAsFile.count(var.first)) { - keepTmp = true; auto fn = ".attr-" + std::to_string(fileNr++); Path p = (tmpDir.path() / fn).string(); writeFile(p, var.second); @@ -591,7 +587,6 @@ static void main_nix_build(int argc, char * * argv) env["NIX_ATTRS_SH_FILE"] = attrsSH; env["NIX_ATTRS_JSON_FILE"] = attrsJSON; - keepTmp = true; } } @@ -601,12 +596,10 @@ static void main_nix_build(int argc, char * * argv) lose the current $PATH directories. */ auto rcfile = (tmpDir.path() / "rc").string(); std::string rc = fmt( - R"(_nix_shell_clean_tmpdir() { command rm -rf %1%; }; )"s + - (keepTmp ? - "trap _nix_shell_clean_tmpdir EXIT; " - "exitHooks+=(_nix_shell_clean_tmpdir); " - "failureHooks+=(_nix_shell_clean_tmpdir); ": - "_nix_shell_clean_tmpdir; ") + + (R"(_nix_shell_clean_tmpdir() { command rm -rf %1%; };)"s + "trap _nix_shell_clean_tmpdir EXIT; " + "exitHooks+=(_nix_shell_clean_tmpdir); " + "failureHooks+=(_nix_shell_clean_tmpdir); ") + (pure ? "" : "[ -n \"$PS1\" ] && [ -e ~/.bashrc ] && source ~/.bashrc;") + "%2%" // always clear PATH. diff --git a/tests/functional/nix-shell.sh b/tests/functional/nix-shell.sh index b9625eb666f..b14e3dc6a2d 100755 --- a/tests/functional/nix-shell.sh +++ b/tests/functional/nix-shell.sh @@ -31,6 +31,15 @@ output=$(nix-shell --pure --keep SELECTED_IMPURE_VAR "$shellDotNix" -A shellDrv [ "$output" = " - foo - bar - baz" ] +# test NIX_BUILD_TOP +testTmpDir=$(pwd)/nix-shell +mkdir -p "$testTmpDir" +output=$(TMPDIR="$testTmpDir" nix-shell --pure "$shellDotNix" -A shellDrv --run 'echo $NIX_BUILD_TOP') +[[ "$output" =~ ${testTmpDir}.* ]] || { + echo "expected $output =~ ${testTmpDir}.*" >&2 + exit 1 +} + # Test nix-shell on a .drv [[ $(nix-shell --pure $(nix-instantiate "$shellDotNix" -A shellDrv) --run \ 'echo "$IMPURE_VAR - $VAR_FROM_STDENV_SETUP - $VAR_FROM_NIX - $TEST_inNixShell"') = " - foo - bar - false" ]] From 170242cf0ca3e9fadbad2004126793634d56623e Mon Sep 17 00:00:00 2001 From: Puck Meerburg Date: Fri, 1 Mar 2024 11:42:24 -0500 Subject: [PATCH 097/815] fix: Run all derivation builders inside the sandbox on macOS --- configure.ac | 6 +- package.nix | 2 + .../unix/build/local-derivation-goal.cc | 223 +++++++++--------- 3 files changed, 116 insertions(+), 115 deletions(-) diff --git a/configure.ac b/configure.ac index 5c22ed17636..dff35981bec 100644 --- a/configure.ac +++ b/configure.ac @@ -62,12 +62,16 @@ AC_CHECK_TOOL([AR], [ar]) AC_SYS_LARGEFILE -# Solaris-specific stuff. +# OS-specific stuff. case "$host_os" in solaris*) # Solaris requires -lsocket -lnsl for network functions LDFLAGS="-lsocket -lnsl $LDFLAGS" ;; + darwin*) + # Need to link to libsandbox. + LDFLAGS="-lsandbox $LDFLAGS" + ;; esac diff --git a/package.nix b/package.nix index a7c8923e8b4..fcd1e189843 100644 --- a/package.nix +++ b/package.nix @@ -23,6 +23,7 @@ , libseccomp , libsodium , man +, darwin , lowdown , mdbook , mdbook-linkcheck @@ -235,6 +236,7 @@ in { gtest rapidcheck ] ++ lib.optional stdenv.isLinux libseccomp + ++ lib.optional stdenv.hostPlatform.isDarwin darwin.apple_sdk.libs.sandbox ++ lib.optional stdenv.hostPlatform.isx86_64 libcpuid # There have been issues building these dependencies ++ lib.optional (stdenv.hostPlatform == stdenv.buildPlatform && (stdenv.isLinux || stdenv.isDarwin)) diff --git a/src/libstore/unix/build/local-derivation-goal.cc b/src/libstore/unix/build/local-derivation-goal.cc index 54ca69580fa..7ce2661224b 100644 --- a/src/libstore/unix/build/local-derivation-goal.cc +++ b/src/libstore/unix/build/local-derivation-goal.cc @@ -58,6 +58,10 @@ #if __APPLE__ #include #include +#include + +/* This definition is undocumented but depended upon by all major browsers. */ +extern "C" int sandbox_init_with_parameters(const char *profile, uint64_t flags, const char *const parameters[], char **errorbuf); #endif #include @@ -2039,141 +2043,132 @@ void LocalDerivationGoal::runChild() std::string builder = "invalid"; - if (drv->isBuiltin()) { - ; - } #if __APPLE__ - else { - /* This has to appear before import statements. */ - std::string sandboxProfile = "(version 1)\n"; - - if (useChroot) { - - /* Lots and lots and lots of file functions freak out if they can't stat their full ancestry */ - PathSet ancestry; - - /* We build the ancestry before adding all inputPaths to the store because we know they'll - all have the same parents (the store), and there might be lots of inputs. This isn't - particularly efficient... I doubt it'll be a bottleneck in practice */ - for (auto & i : pathsInChroot) { - Path cur = i.first; - while (cur.compare("/") != 0) { - cur = dirOf(cur); - ancestry.insert(cur); - } - } + /* This has to appear before import statements. */ + std::string sandboxProfile = "(version 1)\n"; + + if (useChroot) { - /* And we want the store in there regardless of how empty pathsInChroot. We include the innermost - path component this time, since it's typically /nix/store and we care about that. */ - Path cur = worker.store.storeDir; + /* Lots and lots and lots of file functions freak out if they can't stat their full ancestry */ + PathSet ancestry; + + /* We build the ancestry before adding all inputPaths to the store because we know they'll + all have the same parents (the store), and there might be lots of inputs. This isn't + particularly efficient... I doubt it'll be a bottleneck in practice */ + for (auto & i : pathsInChroot) { + Path cur = i.first; while (cur.compare("/") != 0) { - ancestry.insert(cur); cur = dirOf(cur); + ancestry.insert(cur); } + } - /* Add all our input paths to the chroot */ - for (auto & i : inputPaths) { - auto p = worker.store.printStorePath(i); - pathsInChroot[p] = p; - } - - /* Violations will go to the syslog if you set this. Unfortunately the destination does not appear to be configurable */ - if (settings.darwinLogSandboxViolations) { - sandboxProfile += "(deny default)\n"; - } else { - sandboxProfile += "(deny default (with no-log))\n"; - } + /* And we want the store in there regardless of how empty pathsInChroot. We include the innermost + path component this time, since it's typically /nix/store and we care about that. */ + Path cur = worker.store.storeDir; + while (cur.compare("/") != 0) { + ancestry.insert(cur); + cur = dirOf(cur); + } - sandboxProfile += - #include "sandbox-defaults.sb" - ; + /* Add all our input paths to the chroot */ + for (auto & i : inputPaths) { + auto p = worker.store.printStorePath(i); + pathsInChroot[p] = p; + } - if (!derivationType->isSandboxed()) - sandboxProfile += - #include "sandbox-network.sb" - ; - - /* Add the output paths we'll use at build-time to the chroot */ - sandboxProfile += "(allow file-read* file-write* process-exec\n"; - for (auto & [_, path] : scratchOutputs) - sandboxProfile += fmt("\t(subpath \"%s\")\n", worker.store.printStorePath(path)); - - sandboxProfile += ")\n"; - - /* Our inputs (transitive dependencies and any impurities computed above) - - without file-write* allowed, access() incorrectly returns EPERM - */ - sandboxProfile += "(allow file-read* file-write* process-exec\n"; - for (auto & i : pathsInChroot) { - if (i.first != i.second.source) - throw Error( - "can't map '%1%' to '%2%': mismatched impure paths not supported on Darwin", - i.first, i.second.source); - - std::string path = i.first; - auto optSt = maybeLstat(path.c_str()); - if (!optSt) { - if (i.second.optional) - continue; - throw SysError("getting attributes of required path '%s", path); - } - if (S_ISDIR(optSt->st_mode)) - sandboxProfile += fmt("\t(subpath \"%s\")\n", path); - else - sandboxProfile += fmt("\t(literal \"%s\")\n", path); - } - sandboxProfile += ")\n"; + /* Violations will go to the syslog if you set this. Unfortunately the destination does not appear to be configurable */ + if (settings.darwinLogSandboxViolations) { + sandboxProfile += "(deny default)\n"; + } else { + sandboxProfile += "(deny default (with no-log))\n"; + } - /* Allow file-read* on full directory hierarchy to self. Allows realpath() */ - sandboxProfile += "(allow file-read*\n"; - for (auto & i : ancestry) { - sandboxProfile += fmt("\t(literal \"%s\")\n", i); - } - sandboxProfile += ")\n"; + sandboxProfile += + #include "sandbox-defaults.sb" + ; - sandboxProfile += additionalSandboxProfile; - } else + if (!derivationType->isSandboxed()) sandboxProfile += - #include "sandbox-minimal.sb" + #include "sandbox-network.sb" ; - debug("Generated sandbox profile:"); - debug(sandboxProfile); - - Path sandboxFile = tmpDir + "/.sandbox.sb"; + /* Add the output paths we'll use at build-time to the chroot */ + sandboxProfile += "(allow file-read* file-write* process-exec\n"; + for (auto & [_, path] : scratchOutputs) + sandboxProfile += fmt("\t(subpath \"%s\")\n", worker.store.printStorePath(path)); - writeFile(sandboxFile, sandboxProfile); + sandboxProfile += ")\n"; - bool allowLocalNetworking = parsedDrv->getBoolAttr("__darwinAllowLocalNetworking"); + /* Our inputs (transitive dependencies and any impurities computed above) - /* The tmpDir in scope points at the temporary build directory for our derivation. Some packages try different mechanisms - to find temporary directories, so we want to open up a broader place for them to put their files, if needed. */ - Path globalTmpDir = canonPath(defaultTempDir(), true); + without file-write* allowed, access() incorrectly returns EPERM + */ + sandboxProfile += "(allow file-read* file-write* process-exec\n"; + for (auto & i : pathsInChroot) { + if (i.first != i.second.source) + throw Error( + "can't map '%1%' to '%2%': mismatched impure paths not supported on Darwin", + i.first, i.second.source); + + std::string path = i.first; + auto optSt = maybeLstat(path.c_str()); + if (!optSt) { + if (i.second.optional) + continue; + throw SysError("getting attributes of required path '%s", path); + } + if (S_ISDIR(optSt->st_mode)) + sandboxProfile += fmt("\t(subpath \"%s\")\n", path); + else + sandboxProfile += fmt("\t(literal \"%s\")\n", path); + } + sandboxProfile += ")\n"; - /* They don't like trailing slashes on subpath directives */ - while (!globalTmpDir.empty() && globalTmpDir.back() == '/') - globalTmpDir.pop_back(); + /* Allow file-read* on full directory hierarchy to self. Allows realpath() */ + sandboxProfile += "(allow file-read*\n"; + for (auto & i : ancestry) { + sandboxProfile += fmt("\t(literal \"%s\")\n", i); + } + sandboxProfile += ")\n"; - if (getEnv("_NIX_TEST_NO_SANDBOX") != "1") { - builder = "/usr/bin/sandbox-exec"; - args.push_back("sandbox-exec"); - args.push_back("-f"); - args.push_back(sandboxFile); - args.push_back("-D"); - args.push_back("_GLOBAL_TMP_DIR=" + globalTmpDir); - if (allowLocalNetworking) { - args.push_back("-D"); - args.push_back(std::string("_ALLOW_LOCAL_NETWORKING=1")); - } - args.push_back(drv->builder); - } else { - builder = drv->builder; - args.push_back(std::string(baseNameOf(drv->builder))); + sandboxProfile += additionalSandboxProfile; + } else + sandboxProfile += + #include "sandbox-minimal.sb" + ; + + debug("Generated sandbox profile:"); + debug(sandboxProfile); + + bool allowLocalNetworking = parsedDrv->getBoolAttr("__darwinAllowLocalNetworking"); + + /* The tmpDir in scope points at the temporary build directory for our derivation. Some packages try different mechanisms + to find temporary directories, so we want to open up a broader place for them to put their files, if needed. */ + Path globalTmpDir = canonPath(defaultTempDir(), true); + + /* They don't like trailing slashes on subpath directives */ + while (!globalTmpDir.empty() && globalTmpDir.back() == '/') + globalTmpDir.pop_back(); + + if (getEnv("_NIX_TEST_NO_SANDBOX") != "1") { + Strings sandboxArgs; + sandboxArgs.push_back("_GLOBAL_TMP_DIR"); + sandboxArgs.push_back(globalTmpDir); + if (allowLocalNetworking) { + sandboxArgs.push_back("_ALLOW_LOCAL_NETWORKING"); + sandboxArgs.push_back("1"); + } + if (sandbox_init_with_parameters(sandboxProfile.c_str(), 0, stringsToCharPtrs(sandboxArgs).data(), NULL)) { + writeFull(STDERR_FILENO, "failed to configure sandbox\n"); + _exit(1); } } + + builder = drv->builder; + args.push_back(std::string(baseNameOf(drv->builder))); #else - else { + if (!drv->isBuiltin()) { builder = drv->builder; args.push_back(std::string(baseNameOf(drv->builder))); } From f8a1a149c73113e01c44b73ce9e1005575d52a9a Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Thu, 3 Oct 2024 12:23:17 +0200 Subject: [PATCH 098/815] packaging: Add darwin -lsandbox in meson --- src/libstore/meson.build | 5 +++++ src/libstore/package.nix | 2 ++ 2 files changed, 7 insertions(+) diff --git a/src/libstore/meson.build b/src/libstore/meson.build index 50b15e15dc7..b23c85061ee 100644 --- a/src/libstore/meson.build +++ b/src/libstore/meson.build @@ -68,6 +68,11 @@ has_acl_support = cxx.has_header('sys/xattr.h') \ and cxx.has_function('lremovexattr') configdata.set('HAVE_ACL_SUPPORT', has_acl_support.to_int()) +if host_machine.system() == 'darwin' + sandbox = cxx.find_library('sandbox') + deps_other += [sandbox] +endif + subdir('build-utils-meson/threads') boost = dependency( diff --git a/src/libstore/package.nix b/src/libstore/package.nix index 4582ba0d2b0..d98bac16d33 100644 --- a/src/libstore/package.nix +++ b/src/libstore/package.nix @@ -7,6 +7,7 @@ , ninja , pkg-config , unixtools +, darwin , nix-util , boost @@ -65,6 +66,7 @@ mkMesonDerivation (finalAttrs: { sqlite ] ++ lib.optional stdenv.hostPlatform.isLinux libseccomp # There have been issues building these dependencies + ++ lib.optional stdenv.hostPlatform.isDarwin darwin.apple_sdk.libs.sandbox ++ lib.optional (stdenv.hostPlatform == stdenv.buildPlatform && (stdenv.isLinux || stdenv.isDarwin)) aws-sdk-cpp ; From ae7a2ea74136363c2f6ac6e624ea95da7abfafcc Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Thu, 3 Oct 2024 12:44:12 +0200 Subject: [PATCH 099/815] local-derivation-goal: Print sandbox error detail on darwin MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-Authored-By: Théophane Hufschmitt --- src/libstore/unix/build/local-derivation-goal.cc | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/libstore/unix/build/local-derivation-goal.cc b/src/libstore/unix/build/local-derivation-goal.cc index 7ce2661224b..706771e8e26 100644 --- a/src/libstore/unix/build/local-derivation-goal.cc +++ b/src/libstore/unix/build/local-derivation-goal.cc @@ -2159,8 +2159,9 @@ void LocalDerivationGoal::runChild() sandboxArgs.push_back("_ALLOW_LOCAL_NETWORKING"); sandboxArgs.push_back("1"); } - if (sandbox_init_with_parameters(sandboxProfile.c_str(), 0, stringsToCharPtrs(sandboxArgs).data(), NULL)) { - writeFull(STDERR_FILENO, "failed to configure sandbox\n"); + char * sandbox_errbuf = nullptr; + if (sandbox_init_with_parameters(sandboxProfile.c_str(), 0, stringsToCharPtrs(sandboxArgs).data(), &sandbox_errbuf)) { + writeFull(STDERR_FILENO, fmt("failed to configure sandbox: %s\n", sandbox_errbuf ? sandbox_errbuf : "(null)")); _exit(1); } } From 047ee50db2f660eb3f50fab8f7543ce95e814b7c Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Thu, 3 Oct 2024 12:50:27 +0200 Subject: [PATCH 100/815] local-derivation-goal: Refactor MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This works because the `builder` and `args` variables are only used in the non-builtin code path. Co-Authored-By: Théophane Hufschmitt --- src/libstore/unix/build/local-derivation-goal.cc | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/src/libstore/unix/build/local-derivation-goal.cc b/src/libstore/unix/build/local-derivation-goal.cc index 706771e8e26..d9738a1eae9 100644 --- a/src/libstore/unix/build/local-derivation-goal.cc +++ b/src/libstore/unix/build/local-derivation-goal.cc @@ -2165,15 +2165,12 @@ void LocalDerivationGoal::runChild() _exit(1); } } +#endif - builder = drv->builder; - args.push_back(std::string(baseNameOf(drv->builder))); -#else if (!drv->isBuiltin()) { builder = drv->builder; args.push_back(std::string(baseNameOf(drv->builder))); } -#endif for (auto & i : drv->args) args.push_back(rewriteStrings(i, inputRewrites)); From 50f83e4bbd9107576399f94449ac9cb4e80d575e Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Thu, 3 Oct 2024 12:57:00 +0200 Subject: [PATCH 101/815] local-derivation-goal: Move builder preparation to non-builtin code path --- .../unix/build/local-derivation-goal.cc | 25 ++++++++----------- 1 file changed, 10 insertions(+), 15 deletions(-) diff --git a/src/libstore/unix/build/local-derivation-goal.cc b/src/libstore/unix/build/local-derivation-goal.cc index d9738a1eae9..2a09e3dd42d 100644 --- a/src/libstore/unix/build/local-derivation-goal.cc +++ b/src/libstore/unix/build/local-derivation-goal.cc @@ -2038,11 +2038,6 @@ void LocalDerivationGoal::runChild() throw SysError("setuid failed"); } - /* Fill in the arguments. */ - Strings args; - - std::string builder = "invalid"; - #if __APPLE__ /* This has to appear before import statements. */ std::string sandboxProfile = "(version 1)\n"; @@ -2167,14 +2162,6 @@ void LocalDerivationGoal::runChild() } #endif - if (!drv->isBuiltin()) { - builder = drv->builder; - args.push_back(std::string(baseNameOf(drv->builder))); - } - - for (auto & i : drv->args) - args.push_back(rewriteStrings(i, inputRewrites)); - /* Indicate that we managed to set up the build environment. */ writeFull(STDERR_FILENO, std::string("\2\n")); @@ -2205,6 +2192,14 @@ void LocalDerivationGoal::runChild() } } + // Now builder is not builtin + + Strings args; + args.push_back(std::string(baseNameOf(drv->builder))); + + for (auto & i : drv->args) + args.push_back(rewriteStrings(i, inputRewrites)); + #if __APPLE__ posix_spawnattr_t attrp; @@ -2226,9 +2221,9 @@ void LocalDerivationGoal::runChild() posix_spawnattr_setbinpref_np(&attrp, 1, &cpu, NULL); } - posix_spawn(NULL, builder.c_str(), NULL, &attrp, stringsToCharPtrs(args).data(), stringsToCharPtrs(envStrs).data()); + posix_spawn(NULL, drv->builder.c_str(), NULL, &attrp, stringsToCharPtrs(args).data(), stringsToCharPtrs(envStrs).data()); #else - execve(builder.c_str(), stringsToCharPtrs(args).data(), stringsToCharPtrs(envStrs).data()); + execve(drv->builder.c_str(), stringsToCharPtrs(args).data(), stringsToCharPtrs(envStrs).data()); #endif throw SysError("executing '%1%'", drv->builder); From d6ece7e94aa4253f8c32e81707d87f4280587e6d Mon Sep 17 00:00:00 2001 From: Artemis Tosini Date: Thu, 24 Oct 2024 21:24:47 +0000 Subject: [PATCH 102/815] Fix OpenBSD build with Makefiles OpenBSD dynamic libraries never link to libc directly. Instead, they have undefined symbols for all libc functions they use that ld.so resolves to the libc referred to in the main executable. Thus, disallowing undefined symbols will always fail (cherry picked from commit c49bff2434971d693b03525622082a81b5ed75eb) --- mk/libraries.mk | 4 +++- mk/platform.mk | 4 ++++ 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/mk/libraries.mk b/mk/libraries.mk index b99ba278210..a7848ba358d 100644 --- a/mk/libraries.mk +++ b/mk/libraries.mk @@ -86,7 +86,9 @@ define build-library else ifndef HOST_DARWIN ifndef HOST_WINDOWS - $(1)_LDFLAGS += -Wl,-z,defs + ifndef HOST_OPENBSD + $(1)_LDFLAGS += -Wl,-z,defs + endif endif endif endif diff --git a/mk/platform.mk b/mk/platform.mk index 22c114a2077..3c4fff78036 100644 --- a/mk/platform.mk +++ b/mk/platform.mk @@ -21,6 +21,10 @@ ifdef HOST_OS HOST_NETBSD = 1 HOST_UNIX = 1 endif + ifeq ($(patsubst openbsd%,,$(HOST_KERNEL)),) + HOST_OPENBSD = 1 + HOST_UNIX = 1 + endif ifeq ($(HOST_KERNEL), linux) HOST_LINUX = 1 HOST_UNIX = 1 From 0ae90918db12f7cf20f40216460c8eba91004a78 Mon Sep 17 00:00:00 2001 From: Artemis Tosini Date: Sat, 26 Oct 2024 16:46:32 +0000 Subject: [PATCH 103/815] package.nix: Disable GC on OpenBSD Nix fails to build on OpenBSD with a linking error due to a non-found symbol in boehm-gc. Just disable the GC until we can find a proper workaround. (cherry picked from commit fecc1ca2055ee590d8b957830f70512fcecbfe4b) --- package.nix | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/package.nix b/package.nix index a7c8923e8b4..e1b4aebb05d 100644 --- a/package.nix +++ b/package.nix @@ -75,7 +75,9 @@ # # Temporarily disabled on Windows because the `GC_throw_bad_alloc` # symbol is missing during linking. -, enableGC ? !stdenv.hostPlatform.isWindows +# +# Disabled on OpenBSD because of missing `_data_start` symbol while linking +, enableGC ? !stdenv.hostPlatform.isWindows && !stdenv.hostPlatform.isOpenBSD # Whether to enable Markdown rendering in the Nix binary. , enableMarkdown ? !stdenv.hostPlatform.isWindows From 803943fce4c9b4825d1b962d9b338ddf7e30074d Mon Sep 17 00:00:00 2001 From: Artemis Tosini Date: Sat, 26 Oct 2024 17:12:06 +0000 Subject: [PATCH 104/815] Add support for `utimensat` as an alternative to `lutimes` OpenBSD doesn't support `lutimes`, but does support `utimensat` which subsumes it. In fact, all the BSDs, Linux, and newer macOS all support it. So lets make this our first choice for the implementation. In addition, let's get rid of the `lutimes` `ENOSYS` special case. The Linux manpage says > ENOSYS > > The kernel does not support this call; Linux 2.6.22 or later is > required. which I think is the origin of this check, but that's a very old version of Linux at this point. The code can be simplified a lot of we drop support for it here (as we've done elsewhere, anyways). Co-Authored-By: John Ericson (cherry picked from commit d0232028111ce4f5a066d9a302fec142ebe91037) --- configure.ac | 7 ++-- src/libutil/file-system.cc | 68 +++++++++++++++++++------------------- src/libutil/meson.build | 4 +++ 3 files changed, 42 insertions(+), 37 deletions(-) diff --git a/configure.ac b/configure.ac index 5c22ed17636..dd33dbe110e 100644 --- a/configure.ac +++ b/configure.ac @@ -89,9 +89,10 @@ AC_LANG_POP(C++) AC_CHECK_FUNCS([statvfs pipe2]) -# Check for lutimes, optionally used for changing the mtime of -# symlinks. -AC_CHECK_FUNCS([lutimes]) +# Check for lutimes and utimensat, optionally used for changing the +# mtime of symlinks. +AC_CHECK_DECLS([AT_SYMLINK_NOFOLLOW], [], [], [[#include ]]) +AC_CHECK_FUNCS([lutimes utimensat]) # Check whether the store optimiser can optimise symlinks. diff --git a/src/libutil/file-system.cc b/src/libutil/file-system.cc index 060a806fbc5..04e4369fab4 100644 --- a/src/libutil/file-system.cc +++ b/src/libutil/file-system.cc @@ -574,7 +574,28 @@ void setWriteTime( time_t modificationTime, std::optional optIsSymlink) { -#ifndef _WIN32 +#ifdef _WIN32 + // FIXME use `fs::last_write_time`. + // + // Would be nice to use std::filesystem unconditionally, but + // doesn't support access time just modification time. + // + // System clock vs File clock issues also make that annoying. + warn("Changing file times is not yet implemented on Windows, path is '%s'", path); +#elif HAVE_UTIMENSAT && HAVE_DECL_AT_SYMLINK_NOFOLLOW + struct timespec times[2] = { + { + .tv_sec = accessedTime, + .tv_nsec = 0, + }, + { + .tv_sec = modificationTime, + .tv_nsec = 0, + }, + }; + if (utimensat(AT_FDCWD, path.c_str(), times, AT_SYMLINK_NOFOLLOW) == -1) + throw SysError("changing modification time of '%s' (using `utimensat`)", path); +#else struct timeval times[2] = { { .tv_sec = accessedTime, @@ -585,42 +606,21 @@ void setWriteTime( .tv_usec = 0, }, }; -#endif - - auto nonSymlink = [&]{ - bool isSymlink = optIsSymlink - ? *optIsSymlink - : fs::is_symlink(path); - - if (!isSymlink) { -#ifdef _WIN32 - // FIXME use `fs::last_write_time`. - // - // Would be nice to use std::filesystem unconditionally, but - // doesn't support access time just modification time. - // - // System clock vs File clock issues also make that annoying. - warn("Changing file times is not yet implemented on Windows, path is '%s'", path); +#if HAVE_LUTIMES + if (lutimes(path.c_str(), times) == -1) + throw SysError("changing modification time of '%s'", path); #else - if (utimes(path.c_str(), times) == -1) { - - throw SysError("changing modification time of '%s' (not a symlink)", path); - } -#endif - } else { - throw Error("Cannot modification time of symlink '%s'", path); - } - }; + bool isSymlink = optIsSymlink + ? *optIsSymlink + : fs::is_symlink(path); -#if HAVE_LUTIMES - if (lutimes(path.c_str(), times) == -1) { - if (errno == ENOSYS) - nonSymlink(); - else - throw SysError("changing modification time of '%s'", path); + if (!isSymlink) { + if (utimes(path.c_str(), times) == -1) + throw SysError("changing modification time of '%s' (not a symlink)", path); + } else { + throw Error("Cannot modification time of symlink '%s'", path); } -#else - nonSymlink(); +#endif #endif } diff --git a/src/libutil/meson.build b/src/libutil/meson.build index 8552c4c9dad..cba5a5288ed 100644 --- a/src/libutil/meson.build +++ b/src/libutil/meson.build @@ -41,6 +41,8 @@ check_funcs = [ # Optionally used to try to close more file descriptors (e.g. before # forking) on Unix. 'sysconf', + # Optionally used for changing the mtime of files and symlinks. + 'utimensat', ] foreach funcspec : check_funcs define_name = 'HAVE_' + funcspec.underscorify().to_upper() @@ -48,6 +50,8 @@ foreach funcspec : check_funcs configdata.set(define_name, define_value) endforeach +configdata.set('HAVE_DECL_AT_SYMLINK_NOFOLLOW', cxx.has_header_symbol('fcntl.h', 'AT_SYMLINK_NOFOLLOW').to_int()) + subdir('build-utils-meson/threads') if host_machine.system() == 'windows' From ffcc42faf467d692e685697ffb205bdbf3926979 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Tue, 29 Oct 2024 15:18:48 +0100 Subject: [PATCH 105/815] Revert flake-schemas for now --- Makefile.config.in | 1 - configure.ac | 6 - doc/manual/src/SUMMARY.md.in | 1 - doc/manual/src/protocols/flake-schemas.md | 64 -- flake.lock | 29 +- flake.nix | 8 +- package.nix | 3 - packaging/dependencies.nix | 13 +- packaging/hydra.nix | 2 - src/libcmd/installable-flake.cc | 14 + src/libcmd/installable-flake.hh | 2 + src/libcmd/installables.cc | 5 + src/libexpr/eval-cache.cc | 6 - src/libexpr/eval-cache.hh | 7 - src/libflake/flake/flake.cc | 36 +- src/libflake/flake/flake.hh | 19 - src/nix/call-flake-schemas.nix | 43 -- src/nix/flake-check.md | 58 +- src/nix/flake-schemas.cc | 224 ------ src/nix/flake-schemas.hh | 45 -- src/nix/flake.cc | 885 +++++++++++++++++----- src/nix/local.mk | 6 - tests/functional/flakes/check.sh | 11 + tests/functional/flakes/show.sh | 43 +- tests/functional/fmt.sh | 4 +- 25 files changed, 816 insertions(+), 719 deletions(-) delete mode 100644 doc/manual/src/protocols/flake-schemas.md delete mode 100644 src/nix/call-flake-schemas.nix delete mode 100644 src/nix/flake-schemas.cc delete mode 100644 src/nix/flake-schemas.hh diff --git a/Makefile.config.in b/Makefile.config.in index 2ed716b5e7b..3100d207365 100644 --- a/Makefile.config.in +++ b/Makefile.config.in @@ -37,7 +37,6 @@ checkbindir = @checkbindir@ checklibdir = @checklibdir@ datadir = @datadir@ datarootdir = @datarootdir@ -default_flake_schemas = @default_flake_schemas@ docdir = @docdir@ embedded_sandbox_shell = @embedded_sandbox_shell@ exec_prefix = @exec_prefix@ diff --git a/configure.ac b/configure.ac index cd931b87d55..5c22ed17636 100644 --- a/configure.ac +++ b/configure.ac @@ -428,12 +428,6 @@ if test "$embedded_sandbox_shell" = yes; then AC_DEFINE(HAVE_EMBEDDED_SANDBOX_SHELL, 1, [Include the sandbox shell in the Nix binary.]) fi - -AC_ARG_WITH(default-flake-schemas, AS_HELP_STRING([--with-default-flake-schemas=PATH],[path of the default flake schemas flake]), - default_flake_schemas=$withval, - [AC_MSG_FAILURE([--with-default-flake-schemas is missing])]) -AC_SUBST(default_flake_schemas) - ]) diff --git a/doc/manual/src/SUMMARY.md.in b/doc/manual/src/SUMMARY.md.in index b6d5b3c440c..8739599a03e 100644 --- a/doc/manual/src/SUMMARY.md.in +++ b/doc/manual/src/SUMMARY.md.in @@ -114,7 +114,6 @@ - [Store Path Specification](protocols/store-path.md) - [Nix Archive (NAR) Format](protocols/nix-archive.md) - [Derivation "ATerm" file format](protocols/derivation-aterm.md) - - [Flake Schemas](protocols/flake-schemas.md) - [C API](c-api.md) - [Glossary](glossary.md) - [Development](development/index.md) diff --git a/doc/manual/src/protocols/flake-schemas.md b/doc/manual/src/protocols/flake-schemas.md deleted file mode 100644 index b1dfa5da6f0..00000000000 --- a/doc/manual/src/protocols/flake-schemas.md +++ /dev/null @@ -1,64 +0,0 @@ -# Flake Schemas - -Flake schemas are a mechanism to allow tools like `nix flake show` and `nix flake check` to enumerate and check the contents of a flake -in a generic way, without requiring built-in knowledge of specific flake output types like `packages` or `nixosConfigurations`. - -A flake can define schemas for its outputs by defining a `schemas` output. `schemas` should be an attribute set with an attribute for -every output type that you want to be supported. If a flake does not have a `schemas` attribute, Nix uses a built-in set of schemas (namely https://github.com/DeterminateSystems/flake-schemas). - -A schema is an attribute set with the following attributes: - -| Attribute | Description | Default | -| :---------- | :---------------------------------------------------------------------------------------------- | :------ | -| `version` | Should be set to 1 | | -| `doc` | A string containing documentation about the flake output type in Markdown format. | | -| `allowIFD` | Whether the evaluation of the output attributes of this flake can read from derivation outputs. | `true` | -| `inventory` | A function that returns the contents of the flake output (described [below](#inventory)). | | - -# Inventory - -The `inventory` function returns a _node_ describing the contents of the flake output. A node is either a _leaf node_ or a _non-leaf node_. This allows nested flake output attributes to be described (e.g. `x86_64-linux.hello` inside a `packages` output). - -Non-leaf nodes must have the following attribute: - -| Attribute | Description | -| :--------- | :------------------------------------------------------------------------------------- | -| `children` | An attribute set of nodes. If this attribute is missing, the attribute is a leaf node. | - -Leaf nodes can have the following attributes: - -| Attribute | Description | -| :----------------- | :----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `derivation` | The main derivation of this node, if any. It must evaluate for `nix flake check` and `nix flake show` to succeed. | -| `evalChecks` | An attribute set of Boolean values, used by `nix flake check`. Each attribute must evaluate to `true`. | -| `isFlakeCheck` | Whether `nix flake check` should build the `derivation` attribute of this node. | -| `shortDescription` | A one-sentence description of the node (such as the `meta.description` attribute in Nixpkgs). | -| `what` | A brief human-readable string describing the type of the node, e.g. `"package"` or `"development environment"`. This is used by tools like `nix flake show` to describe the contents of a flake. | - -Both leaf and non-leaf nodes can have the following attributes: - -| Attribute | Description | -| :----------- | :----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `forSystems` | A list of Nix system types (e.g. `["x86_64-linux"]`) supported by this node. This is used by tools to skip nodes that cannot be built on the user's system. Setting this on a non-leaf node allows all the children to be skipped, regardless of the `forSystems` attributes of the children. If this attribute is not set, the node is never skipped. | - -# Example - -Here is a schema that checks that every element of the `nixosConfigurations` flake output evaluates and builds correctly (meaning that it has a `config.system.build.toplevel` attribute that yields a buildable derivation). - -```nix -outputs = { - schemas.nixosConfigurations = { - version = 1; - doc = '' - The `nixosConfigurations` flake output defines NixOS system configurations. - ''; - inventory = output: { - children = builtins.mapAttrs (configName: machine: - { - what = "NixOS configuration"; - derivation = machine.config.system.build.toplevel; - }) output; - }; - }; -}; -``` diff --git a/flake.lock b/flake.lock index 1a6e4f7a1da..bb1114734e7 100644 --- a/flake.lock +++ b/flake.lock @@ -36,21 +36,6 @@ "type": "github" } }, - "flake-schemas": { - "locked": { - "lastModified": 1719857163, - "narHash": "sha256-wM+8JtoKBkahHiKn+EM1ikurMnitwRQrZ91hipJIJK8=", - "owner": "DeterminateSystems", - "repo": "flake-schemas", - "rev": "61a02d7183d4241962025e6c6307a22a0bb72a21", - "type": "github" - }, - "original": { - "owner": "DeterminateSystems", - "repo": "flake-schemas", - "type": "github" - } - }, "git-hooks-nix": { "inputs": { "flake-compat": [], @@ -63,11 +48,11 @@ ] }, "locked": { - "lastModified": 1721042469, - "narHash": "sha256-6FPUl7HVtvRHCCBQne7Ylp4p+dpP3P/OYuzjztZ4s70=", + "lastModified": 1729104314, + "narHash": "sha256-pZRZsq5oCdJt3upZIU4aslS9XwFJ+/nVtALHIciX/BI=", "owner": "cachix", "repo": "git-hooks.nix", - "rev": "f451c19376071a90d8c58ab1a953c6e9840527fd", + "rev": "3c3e88f0f544d6bb54329832616af7eb971b6be6", "type": "github" }, "original": { @@ -79,16 +64,15 @@ "libgit2": { "flake": false, "locked": { - "lastModified": 1715853528, - "narHash": "sha256-J2rCxTecyLbbDdsyBWn9w7r3pbKRMkI9E7RvRgAqBdY=", + "lastModified": 1730025633, + "narHash": "sha256-HcL9fW5crHeLpP7C7vShO+j5fwY8z95Plr1c+hIwFRQ=", "owner": "libgit2", "repo": "libgit2", - "rev": "36f7e21ad757a3dacc58cf7944329da6bc1d6e96", + "rev": "b363ea4b9e761fed7942eef4bbc735ccf16f9fed", "type": "github" }, "original": { "owner": "libgit2", - "ref": "v1.8.1", "repo": "libgit2", "type": "github" } @@ -145,7 +129,6 @@ "inputs": { "flake-compat": "flake-compat", "flake-parts": "flake-parts", - "flake-schemas": "flake-schemas", "git-hooks-nix": "git-hooks-nix", "libgit2": "libgit2", "nixpkgs": "nixpkgs", diff --git a/flake.nix b/flake.nix index fe5907f77b8..848d04a7ae8 100644 --- a/flake.nix +++ b/flake.nix @@ -5,8 +5,7 @@ inputs.nixpkgs-regression.url = "github:NixOS/nixpkgs/215d4d0fd80ca5163643b03a33fde804a29cc1e2"; inputs.nixpkgs-23-11.url = "github:NixOS/nixpkgs/a62e6edd6d5e1fa0329b8653c801147986f8d446"; inputs.flake-compat = { url = "github:edolstra/flake-compat"; flake = false; }; - inputs.libgit2 = { url = "github:libgit2/libgit2/v1.8.1"; flake = false; }; - inputs.flake-schemas.url = "github:DeterminateSystems/flake-schemas"; + inputs.libgit2 = { url = "github:libgit2/libgit2"; flake = false; }; # dev tooling inputs.flake-parts.url = "github:hercules-ci/flake-parts"; @@ -19,7 +18,8 @@ inputs.git-hooks-nix.inputs.flake-compat.follows = ""; inputs.git-hooks-nix.inputs.gitignore.follows = ""; - outputs = inputs@{ self, nixpkgs, nixpkgs-regression, libgit2, flake-schemas, ... }: + outputs = inputs@{ self, nixpkgs, nixpkgs-regression, libgit2, ... }: + let inherit (nixpkgs) lib; @@ -156,8 +156,6 @@ }; in { - schemas = flake-schemas.schemas; - # A Nixpkgs overlay that overrides the 'nix' and # 'nix-perl-bindings' packages. overlays.default = overlayFor (p: p.stdenv); diff --git a/package.nix b/package.nix index 4f18eb8bb20..a7c8923e8b4 100644 --- a/package.nix +++ b/package.nix @@ -38,8 +38,6 @@ , busybox-sandbox-shell ? null -, flake-schemas - # Configuration Options #: # This probably seems like too many degrees of freedom, but it @@ -261,7 +259,6 @@ in { (lib.enableFeature enableMarkdown "markdown") (lib.enableFeature installUnitTests "install-unit-tests") (lib.withFeatureAs true "readline-flavor" readlineFlavor) - "--with-default-flake-schemas=${flake-schemas}" ] ++ lib.optionals (!forDevShell) [ "--sysconfdir=/etc" ] ++ lib.optionals installUnitTests [ diff --git a/packaging/dependencies.nix b/packaging/dependencies.nix index 5a0981bfb56..2b34720fe4d 100644 --- a/packaging/dependencies.nix +++ b/packaging/dependencies.nix @@ -152,16 +152,5 @@ scope: { inherit resolvePath filesetToSource; - mkMesonDerivation = f: let - exts = [ - miscGoodPractice - bsdNoLinkAsNeeded - localSourceLayer - ]; - in stdenv.mkDerivation - (lib.extends - (lib.foldr lib.composeExtensions (_: _: {}) exts) - f); - - inherit (inputs) flake-schemas; + mkMesonDerivation = f: stdenv.mkDerivation (lib.extends localSourceLayer f); } diff --git a/packaging/hydra.nix b/packaging/hydra.nix index 24c614e6746..dbe99247675 100644 --- a/packaging/hydra.nix +++ b/packaging/hydra.nix @@ -28,8 +28,6 @@ let test-daemon = daemon; doBuild = false; - - inherit (inputs) flake-schemas; }; # Technically we could just return `pkgs.nixComponents`, but for Hydra it's diff --git a/src/libcmd/installable-flake.cc b/src/libcmd/installable-flake.cc index 8796ad5ba79..852a5618efd 100644 --- a/src/libcmd/installable-flake.cc +++ b/src/libcmd/installable-flake.cc @@ -43,6 +43,20 @@ std::vector InstallableFlake::getActualAttrPaths() return res; } +Value * InstallableFlake::getFlakeOutputs(EvalState & state, const flake::LockedFlake & lockedFlake) +{ + auto vFlake = state.allocValue(); + + callFlake(state, lockedFlake, *vFlake); + + auto aOutputs = vFlake->attrs()->get(state.symbols.create("outputs")); + assert(aOutputs); + + state.forceValue(*aOutputs->value, aOutputs->value->determinePos(noPos)); + + return aOutputs->value; +} + static std::string showAttrPaths(const std::vector & paths) { std::string s; diff --git a/src/libcmd/installable-flake.hh b/src/libcmd/installable-flake.hh index 8e0a232ef8a..b0d6f5afca6 100644 --- a/src/libcmd/installable-flake.hh +++ b/src/libcmd/installable-flake.hh @@ -53,6 +53,8 @@ struct InstallableFlake : InstallableValue std::vector getActualAttrPaths(); + Value * getFlakeOutputs(EvalState & state, const flake::LockedFlake & lockedFlake); + DerivedPathsWithInfo toDerivedPaths() override; std::pair toValue(EvalState & state) override; diff --git a/src/libcmd/installables.cc b/src/libcmd/installables.cc index 3c29ad9c8f9..e4ca6e455d8 100644 --- a/src/libcmd/installables.cc +++ b/src/libcmd/installables.cc @@ -449,6 +449,11 @@ ref openEvalCache( : std::nullopt; auto rootLoader = [&state, lockedFlake]() { + /* For testing whether the evaluation cache is + complete. */ + if (getEnv("NIX_ALLOW_EVAL").value_or("1") == "0") + throw Error("not everything is cached, but evaluation is not allowed"); + auto vFlake = state.allocValue(); flake::callFlake(state, *lockedFlake, *vFlake); diff --git a/src/libexpr/eval-cache.cc b/src/libexpr/eval-cache.cc index 043ec23d313..26352187e72 100644 --- a/src/libexpr/eval-cache.cc +++ b/src/libexpr/eval-cache.cc @@ -368,12 +368,6 @@ Value * EvalCache::getRootValue() { if (!value) { debug("getting root value"); - - /* For testing whether the evaluation cache is - complete. */ - if (getEnv("NIX_ALLOW_EVAL").value_or("1") == "0") - throw Error("not everything is cached, but evaluation is not allowed"); - value = allocRootValue(rootLoader()); } return *value; diff --git a/src/libexpr/eval-cache.hh b/src/libexpr/eval-cache.hh index a6c8ad011c8..b1911e3a4f7 100644 --- a/src/libexpr/eval-cache.hh +++ b/src/libexpr/eval-cache.hh @@ -34,11 +34,7 @@ class EvalCache : public std::enable_shared_from_this friend struct CachedEvalError; std::shared_ptr db; - -public: EvalState & state; - -private: typedef std::function RootLoader; RootLoader rootLoader; RootValue value; @@ -93,10 +89,7 @@ class AttrCursor : public std::enable_shared_from_this friend class EvalCache; friend struct CachedEvalError; -public: ref root; - -private: typedef std::optional, Symbol>> Parent; Parent parent; RootValue _value; diff --git a/src/libflake/flake/flake.cc b/src/libflake/flake/flake.cc index 38efbd37fe1..ceb840c746d 100644 --- a/src/libflake/flake/flake.cc +++ b/src/libflake/flake/flake.cc @@ -204,7 +204,7 @@ static std::map parseFlakeInputs( return inputs; } -Flake readFlake( +static Flake readFlake( EvalState & state, const FlakeRef & originalRef, const FlakeRef & resolvedRef, @@ -338,16 +338,20 @@ static LockFile readLockFile( : LockFile(); } +/* Compute an in-memory lock file for the specified top-level flake, + and optionally write it to file, if the flake is writable. */ LockedFlake lockFlake( const Settings & settings, EvalState & state, const FlakeRef & topRef, - const LockFlags & lockFlags, - Flake flake, - FlakeCache & flakeCache) + const LockFlags & lockFlags) { + FlakeCache flakeCache; + auto useRegistries = lockFlags.useRegistries.value_or(settings.useRegistries); + auto flake = getFlake(state, topRef, useRegistries, flakeCache); + if (lockFlags.applyNixConfig) { flake.config.apply(settings); state.store->setOptions(); @@ -738,30 +742,6 @@ LockedFlake lockFlake( } } -LockedFlake lockFlake( - const Settings & settings, - EvalState & state, - const FlakeRef & topRef, - const LockFlags & lockFlags) -{ - FlakeCache flakeCache; - - auto useRegistries = lockFlags.useRegistries.value_or(settings.useRegistries); - - return lockFlake(settings, state, topRef, lockFlags, getFlake(state, topRef, useRegistries, flakeCache), flakeCache); -} - -LockedFlake lockFlake( - const Settings & settings, - EvalState & state, - const FlakeRef & topRef, - const LockFlags & lockFlags, - Flake flake) -{ - FlakeCache flakeCache; - return lockFlake(settings, state, topRef, lockFlags, std::move(flake), flakeCache); -} - void callFlake(EvalState & state, const LockedFlake & lockedFlake, Value & vRes) diff --git a/src/libflake/flake/flake.hh b/src/libflake/flake/flake.hh index 69744efb313..cce17009ce3 100644 --- a/src/libflake/flake/flake.hh +++ b/src/libflake/flake/flake.hh @@ -203,31 +203,12 @@ struct LockFlags std::set inputUpdates; }; -Flake readFlake( - EvalState & state, - const FlakeRef & originalRef, - const FlakeRef & resolvedRef, - const FlakeRef & lockedRef, - const SourcePath & rootDir, - const InputPath & lockRootPath); - -/** - * Compute an in-memory lock file for the specified top-level flake, - * and optionally write it to file, if the flake is writable. - */ LockedFlake lockFlake( const Settings & settings, EvalState & state, const FlakeRef & flakeRef, const LockFlags & lockFlags); -LockedFlake lockFlake( - const Settings & settings, - EvalState & state, - const FlakeRef & topRef, - const LockFlags & lockFlags, - Flake flake); - void callFlake( EvalState & state, const LockedFlake & lockedFlake, diff --git a/src/nix/call-flake-schemas.nix b/src/nix/call-flake-schemas.nix deleted file mode 100644 index cd6d4c3ae53..00000000000 --- a/src/nix/call-flake-schemas.nix +++ /dev/null @@ -1,43 +0,0 @@ -/* The flake providing default schemas. */ -defaultSchemasFlake: - -/* The flake whose contents we want to extract. */ -flake: - -let - - # Helper functions. - - mapAttrsToList = f: attrs: map (name: f name attrs.${name}) (builtins.attrNames attrs); - -in - -rec { - outputNames = builtins.attrNames flake.outputs; - - allSchemas = (flake.outputs.schemas or defaultSchemasFlake.schemas) // schemaOverrides; - - schemaOverrides = {}; # FIXME - - schemas = - builtins.listToAttrs (builtins.concatLists (mapAttrsToList - (outputName: output: - if allSchemas ? ${outputName} then - [{ name = outputName; value = allSchemas.${outputName}; }] - else - [ ]) - flake.outputs)); - - inventory = - builtins.mapAttrs - (outputName: output: - if schemas ? ${outputName} && schemas.${outputName}.version == 1 - then - { output = schemas.${outputName}.inventory output; - inherit (schemas.${outputName}) doc; - } - else - { unknown = true; } - ) - flake.outputs; -} diff --git a/src/nix/flake-check.md b/src/nix/flake-check.md index 71dd916407e..c8307f8d85b 100644 --- a/src/nix/flake-check.md +++ b/src/nix/flake-check.md @@ -18,20 +18,56 @@ R""( # Description This command verifies that the flake specified by flake reference -*flake-url* can be evaluated and built successfully according to its -`schemas` flake output. For every flake output that has a schema -definition, `nix flake check` uses the schema to extract the contents -of the output. Then, for every item in the contents: - -* It evaluates the elements of the `evalChecks` attribute set returned - by the schema for that item, printing an error or warning for every - check that fails to evaluate or that evaluates to `false`. - -* It builds `derivation` attribute returned by the schema for that - item, if the item has the `isFlakeCheck` attribute. +*flake-url* can be evaluated successfully (as detailed below), and +that the derivations specified by the flake's `checks` output can be +built successfully. If the `keep-going` option is set to `true`, Nix will keep evaluating as much as it can and report the errors as it encounters them. Otherwise it will stop at the first error. +# Evaluation checks + +The following flake output attributes must be derivations: + +* `checks.`*system*`.`*name* +* `defaultPackage.`*system* +* `devShell.`*system* +* `devShells.`*system*`.`*name* +* `nixosConfigurations.`*name*`.config.system.build.toplevel` +* `packages.`*system*`.`*name* + +The following flake output attributes must be [app +definitions](./nix3-run.md): + +* `apps.`*system*`.`*name* +* `defaultApp.`*system* + +The following flake output attributes must be [template +definitions](./nix3-flake-init.md): + +* `defaultTemplate` +* `templates.`*name* + +The following flake output attributes must be *Nixpkgs overlays*: + +* `overlay` +* `overlays.`*name* + +The following flake output attributes must be *NixOS modules*: + +* `nixosModule` +* `nixosModules.`*name* + +The following flake output attributes must be +[bundlers](./nix3-bundle.md): + +* `bundlers.`*name* +* `defaultBundler` + +In addition, the `hydraJobs` output is evaluated in the same way as +Hydra's `hydra-eval-jobs` (i.e. as a arbitrarily deeply nested +attribute set of derivations). Similarly, the +`legacyPackages`.*system* output is evaluated like `nix-env --query --available `. + )"" diff --git a/src/nix/flake-schemas.cc b/src/nix/flake-schemas.cc deleted file mode 100644 index 0047f27ce61..00000000000 --- a/src/nix/flake-schemas.cc +++ /dev/null @@ -1,224 +0,0 @@ -#include "flake-schemas.hh" -#include "eval-settings.hh" -#include "fetch-to-store.hh" -#include "memory-source-accessor.hh" -#include "strings-inline.hh" - -namespace nix::flake_schemas { - -using namespace eval_cache; -using namespace flake; - -static LockedFlake getBuiltinDefaultSchemasFlake(EvalState & state) -{ - auto accessor = make_ref(); - - accessor->setPathDisplay("«builtin-flake-schemas»"); - - accessor->addFile( - CanonPath("flake.nix"), -#include "builtin-flake-schemas.nix.gen.hh" - ); - - // FIXME: remove this when we have lazy trees. - auto storePath = fetchToStore(*state.store, {accessor}, FetchMode::Copy); - state.allowPath(storePath); - - // Construct a dummy flakeref. - auto flakeRef = parseFlakeRef( - fetchSettings, - fmt("tarball+https://builtin-flake-schemas?narHash=%s", - state.store->queryPathInfo(storePath)->narHash.to_string(HashFormat::SRI, true))); - - auto flake = readFlake(state, flakeRef, flakeRef, flakeRef, state.rootPath(state.store->toRealPath(storePath)), {}); - - return lockFlake(flakeSettings, state, flakeRef, {}, flake); -} - -std::tuple, ref> -call(EvalState & state, std::shared_ptr lockedFlake, std::optional defaultSchemasFlake) -{ - auto fingerprint = lockedFlake->getFingerprint(state.store); - - std::string callFlakeSchemasNix = -#include "call-flake-schemas.nix.gen.hh" - ; - - auto lockedDefaultSchemasFlake = defaultSchemasFlake - ? flake::lockFlake(flakeSettings, state, *defaultSchemasFlake, {}) - : getBuiltinDefaultSchemasFlake(state); - auto lockedDefaultSchemasFlakeFingerprint = lockedDefaultSchemasFlake.getFingerprint(state.store); - - std::optional fingerprint2; - if (fingerprint && lockedDefaultSchemasFlakeFingerprint) - fingerprint2 = hashString( - HashAlgorithm::SHA256, - fmt("app:%s:%s:%s", - hashString(HashAlgorithm::SHA256, callFlakeSchemasNix).to_string(HashFormat::Base16, false), - fingerprint->to_string(HashFormat::Base16, false), - lockedDefaultSchemasFlakeFingerprint->to_string(HashFormat::Base16, false))); - - // FIXME: merge with openEvalCache(). - auto cache = make_ref( - evalSettings.useEvalCache && evalSettings.pureEval ? fingerprint2 : std::nullopt, - state, - [&state, lockedFlake, callFlakeSchemasNix, lockedDefaultSchemasFlake]() { - auto vCallFlakeSchemas = state.allocValue(); - state.eval( - state.parseExprFromString(callFlakeSchemasNix, state.rootPath(CanonPath::root)), *vCallFlakeSchemas); - - auto vFlake = state.allocValue(); - flake::callFlake(state, *lockedFlake, *vFlake); - - auto vDefaultSchemasFlake = state.allocValue(); - if (vFlake->type() == nAttrs && vFlake->attrs()->get(state.symbols.create("schemas"))) - vDefaultSchemasFlake->mkNull(); - else - flake::callFlake(state, lockedDefaultSchemasFlake, *vDefaultSchemasFlake); - - auto vRes = state.allocValue(); - Value * args[] = {vDefaultSchemasFlake, vFlake}; - state.callFunction(*vCallFlakeSchemas, 2, args, *vRes, noPos); - - return vRes; - }); - - return {cache, cache->getRoot()->getAttr("inventory")}; -} - -/* Derive the flake output attribute path from the cursor used to - traverse the inventory. We do this so we don't have to maintain a - separate attrpath for that. */ -std::vector toAttrPath(ref cursor) -{ - auto attrPath = cursor->getAttrPath(); - std::vector res; - auto i = attrPath.begin(); - assert(i != attrPath.end()); - ++i; // skip "inventory" - assert(i != attrPath.end()); - res.push_back(*i++); // copy output name - if (i != attrPath.end()) - ++i; // skip "outputs" - while (i != attrPath.end()) { - ++i; // skip "children" - if (i != attrPath.end()) - res.push_back(*i++); - } - return res; -} - -std::string toAttrPathStr(ref cursor) -{ - return concatStringsSep(".", cursor->root->state.symbols.resolve(toAttrPath(cursor))); -} - -void forEachOutput( - ref inventory, - std::function output, const std::string & doc, bool isLast)> f) -{ - // FIXME: handle non-IFD outputs first. - // evalSettings.enableImportFromDerivation.setDefault(false); - - auto outputNames = inventory->getAttrs(); - for (const auto & [i, outputName] : enumerate(outputNames)) { - auto output = inventory->getAttr(outputName); - try { - auto isUnknown = (bool) output->maybeGetAttr("unknown"); - Activity act(*logger, lvlInfo, actUnknown, fmt("evaluating '%s'", toAttrPathStr(output))); - f(outputName, - isUnknown ? std::shared_ptr() : output->getAttr("output"), - isUnknown ? "" : output->getAttr("doc")->getString(), - i + 1 == outputNames.size()); - } catch (Error & e) { - e.addTrace(nullptr, "while evaluating the flake output '%s':", toAttrPathStr(output)); - throw; - } - } -} - -void visit( - std::optional system, - ref node, - std::function leaf)> visitLeaf, - std::function)> visitNonLeaf, - std::function node, const std::vector & systems)> visitFiltered) -{ - Activity act(*logger, lvlInfo, actUnknown, fmt("evaluating '%s'", toAttrPathStr(node))); - - /* Apply the system type filter. */ - if (system) { - if (auto forSystems = node->maybeGetAttr("forSystems")) { - auto systems = forSystems->getListOfStrings(); - if (std::find(systems.begin(), systems.end(), system) == systems.end()) { - visitFiltered(node, systems); - return; - } - } - } - - if (auto children = node->maybeGetAttr("children")) { - visitNonLeaf([&](ForEachChild f) { - auto attrNames = children->getAttrs(); - for (const auto & [i, attrName] : enumerate(attrNames)) { - try { - f(attrName, children->getAttr(attrName), i + 1 == attrNames.size()); - } catch (Error & e) { - // FIXME: make it a flake schema attribute whether to ignore evaluation errors. - if (node->root->state.symbols[toAttrPath(node)[0]] != "legacyPackages") { - e.addTrace(nullptr, "while evaluating the flake output attribute '%s':", toAttrPathStr(node)); - throw; - } - } - } - }); - } - - else - visitLeaf(ref(node)); -} - -std::optional what(ref leaf) -{ - if (auto what = leaf->maybeGetAttr("what")) - return what->getString(); - else - return std::nullopt; -} - -std::optional shortDescription(ref leaf) -{ - if (auto what = leaf->maybeGetAttr("shortDescription")) { - auto s = trim(what->getString()); - if (s != "") - return s; - } - return std::nullopt; -} - -std::shared_ptr derivation(ref leaf) -{ - return leaf->maybeGetAttr("derivation"); -} - -MixFlakeSchemas::MixFlakeSchemas() -{ - addFlag( - {.longName = "default-flake-schemas", - .description = "The URL of the flake providing default flake schema definitions.", - .labels = {"flake-ref"}, - .handler = {&defaultFlakeSchemas}, - .completer = {[&](AddCompletions & completions, size_t, std::string_view prefix) { - completeFlakeRef(completions, getStore(), prefix); - }}}); -} - -std::optional MixFlakeSchemas::getDefaultFlakeSchemas() -{ - if (!defaultFlakeSchemas) - return std::nullopt; - else - return parseFlakeRef(fetchSettings, *defaultFlakeSchemas, absPath(".")); -} - -} diff --git a/src/nix/flake-schemas.hh b/src/nix/flake-schemas.hh deleted file mode 100644 index 9d1ba75a0ed..00000000000 --- a/src/nix/flake-schemas.hh +++ /dev/null @@ -1,45 +0,0 @@ -#include "eval-cache.hh" -#include "flake/flake.hh" -#include "command.hh" - -namespace nix::flake_schemas { - -using namespace eval_cache; - -std::tuple, ref> -call(EvalState & state, std::shared_ptr lockedFlake, std::optional defaultSchemasFlake); - -std::vector toAttrPath(ref cursor); - -std::string toAttrPathStr(ref cursor); - -void forEachOutput( - ref inventory, - std::function output, const std::string & doc, bool isLast)> f); - -typedef std::function attr, bool isLast)> ForEachChild; - -void visit( - std::optional system, - ref node, - std::function leaf)> visitLeaf, - std::function)> visitNonLeaf, - std::function node, const std::vector & systems)> visitFiltered); - -std::optional what(ref leaf); - -std::optional shortDescription(ref leaf); - -std::shared_ptr derivation(ref leaf); - -/* Some helper functions for processing flake schema output. */ -struct MixFlakeSchemas : virtual Args, virtual StoreCommand -{ - std::optional defaultFlakeSchemas; - - MixFlakeSchemas(); - - std::optional getDefaultFlakeSchemas(); -}; - -} diff --git a/src/nix/flake.cc b/src/nix/flake.cc index 7ecaa272805..4465479695f 100644 --- a/src/nix/flake.cc +++ b/src/nix/flake.cc @@ -17,7 +17,6 @@ #include "eval-cache.hh" #include "markdown.hh" #include "users.hh" -#include "flake-schemas.hh" #include #include @@ -166,6 +165,31 @@ struct CmdFlakeLock : FlakeCommand } }; +static void enumerateOutputs(EvalState & state, Value & vFlake, + std::function callback) +{ + auto pos = vFlake.determinePos(noPos); + state.forceAttrs(vFlake, pos, "while evaluating a flake to get its outputs"); + + auto aOutputs = vFlake.attrs()->get(state.symbols.create("outputs")); + assert(aOutputs); + + state.forceAttrs(*aOutputs->value, pos, "while evaluating the outputs of a flake"); + + auto sHydraJobs = state.symbols.create("hydraJobs"); + + /* Hack: ensure that hydraJobs is evaluated before anything + else. This way we can disable IFD for hydraJobs and then enable + it for other outputs. */ + if (auto attr = aOutputs->value->attrs()->get(sHydraJobs)) + callback(state.symbols[attr->name], *attr->value, attr->pos); + + for (auto & attr : *aOutputs->value->attrs()) { + if (attr.name != sHydraJobs) + callback(state.symbols[attr.name], *attr.value, attr.pos); + } +} + struct CmdFlakeMetadata : FlakeCommand, MixJSON { std::string description() override @@ -296,7 +320,7 @@ struct CmdFlakeInfo : CmdFlakeMetadata } }; -struct CmdFlakeCheck : FlakeCommand, flake_schemas::MixFlakeSchemas +struct CmdFlakeCheck : FlakeCommand { bool build = true; bool checkAllSystems = false; @@ -337,26 +361,16 @@ struct CmdFlakeCheck : FlakeCommand, flake_schemas::MixFlakeSchemas auto state = getEvalState(); lockFlags.applyNixConfig = true; - auto flake = std::make_shared(lockFlake()); + auto flake = lockFlake(); auto localSystem = std::string(settings.thisSystem.get()); - auto [cache, inventory] = flake_schemas::call(*state, flake, getDefaultFlakeSchemas()); - - std::vector drvPaths; - - std::set uncheckedOutputs; - std::set omittedSystems; - - std::function node)> visit; - bool hasErrors = false; - auto reportError = [&](const Error & e) { try { throw e; } catch (Error & e) { if (settings.keepGoing) { - logError({.msg = e.info().msg}); + ignoreException(); hasErrors = true; } else @@ -364,70 +378,428 @@ struct CmdFlakeCheck : FlakeCommand, flake_schemas::MixFlakeSchemas } }; - visit = [&](ref node) - { - flake_schemas::visit( - checkAllSystems ? std::optional() : localSystem, - node, + std::set omittedSystems; - [&](ref leaf) - { - if (auto evalChecks = leaf->maybeGetAttr("evalChecks")) { - auto checkNames = evalChecks->getAttrs(); - for (auto & checkName : checkNames) { - // FIXME: update activity - auto cursor = evalChecks->getAttr(checkName); - auto b = cursor->getBool(); - if (!b) - reportError(Error("Evaluation check '%s' failed.", flake_schemas::toAttrPathStr(cursor))); - } + // FIXME: rewrite to use EvalCache. + + auto resolve = [&] (PosIdx p) { + return state->positions[p]; + }; + + auto argHasName = [&] (Symbol arg, std::string_view expected) { + std::string_view name = state->symbols[arg]; + return + name == expected + || name == "_" + || (hasPrefix(name, "_") && name.substr(1) == expected); + }; + + auto checkSystemName = [&](std::string_view system, const PosIdx pos) { + // FIXME: what's the format of "system"? + if (system.find('-') == std::string::npos) + reportError(Error("'%s' is not a valid system type, at %s", system, resolve(pos))); + }; + + auto checkSystemType = [&](std::string_view system, const PosIdx pos) { + if (!checkAllSystems && system != localSystem) { + omittedSystems.insert(std::string(system)); + return false; + } else { + return true; + } + }; + + auto checkDerivation = [&](const std::string & attrPath, Value & v, const PosIdx pos) -> std::optional { + try { + Activity act(*logger, lvlInfo, actUnknown, + fmt("checking derivation %s", attrPath)); + auto packageInfo = getDerivation(*state, v, false); + if (!packageInfo) + throw Error("flake attribute '%s' is not a derivation", attrPath); + else { + // FIXME: check meta attributes + auto storePath = packageInfo->queryDrvPath(); + if (storePath) { + logger->log(lvlInfo, + fmt("derivation evaluated to %s", + store->printStorePath(storePath.value()))); } + return storePath; + } + } catch (Error & e) { + e.addTrace(resolve(pos), HintFmt("while checking the derivation '%s'", attrPath)); + reportError(e); + } + return std::nullopt; + }; - if (auto drv = flake_schemas::derivation(leaf)) { - if (auto isFlakeCheck = leaf->maybeGetAttr("isFlakeCheck")) { - if (isFlakeCheck->getBool()) { - auto drvPath = drv->forceDerivation(); - drvPaths.push_back(DerivedPath::Built { - .drvPath = makeConstantStorePathRef(drvPath), - .outputs = OutputsSpec::All { }, - }); - } - } + std::vector drvPaths; + + auto checkApp = [&](const std::string & attrPath, Value & v, const PosIdx pos) { + try { + #if 0 + // FIXME + auto app = App(*state, v); + for (auto & i : app.context) { + auto [drvPathS, outputName] = NixStringContextElem::parse(i); + store->parseStorePath(drvPathS); + } + #endif + } catch (Error & e) { + e.addTrace(resolve(pos), HintFmt("while checking the app definition '%s'", attrPath)); + reportError(e); + } + }; + + auto checkOverlay = [&](std::string_view attrPath, Value & v, const PosIdx pos) { + try { + Activity act(*logger, lvlInfo, actUnknown, + fmt("checking overlay '%s'", attrPath)); + state->forceValue(v, pos); + if (!v.isLambda()) { + throw Error("overlay is not a function, but %s instead", showType(v)); + } + if (v.payload.lambda.fun->hasFormals() + || !argHasName(v.payload.lambda.fun->arg, "final")) + throw Error("overlay does not take an argument named 'final'"); + // FIXME: if we have a 'nixpkgs' input, use it to + // evaluate the overlay. + } catch (Error & e) { + e.addTrace(resolve(pos), HintFmt("while checking the overlay '%s'", attrPath)); + reportError(e); + } + }; + + auto checkModule = [&](std::string_view attrPath, Value & v, const PosIdx pos) { + try { + Activity act(*logger, lvlInfo, actUnknown, + fmt("checking NixOS module '%s'", attrPath)); + state->forceValue(v, pos); + } catch (Error & e) { + e.addTrace(resolve(pos), HintFmt("while checking the NixOS module '%s'", attrPath)); + reportError(e); + } + }; + + std::function checkHydraJobs; + + checkHydraJobs = [&](std::string_view attrPath, Value & v, const PosIdx pos) { + try { + Activity act(*logger, lvlInfo, actUnknown, + fmt("checking Hydra job '%s'", attrPath)); + state->forceAttrs(v, pos, ""); + + if (state->isDerivation(v)) + throw Error("jobset should not be a derivation at top-level"); + + for (auto & attr : *v.attrs()) { + state->forceAttrs(*attr.value, attr.pos, ""); + auto attrPath2 = concatStrings(attrPath, ".", state->symbols[attr.name]); + if (state->isDerivation(*attr.value)) { + Activity act(*logger, lvlInfo, actUnknown, + fmt("checking Hydra job '%s'", attrPath2)); + checkDerivation(attrPath2, *attr.value, attr.pos); + } else + checkHydraJobs(attrPath2, *attr.value, attr.pos); + } + + } catch (Error & e) { + e.addTrace(resolve(pos), HintFmt("while checking the Hydra jobset '%s'", attrPath)); + reportError(e); + } + }; + + auto checkNixOSConfiguration = [&](const std::string & attrPath, Value & v, const PosIdx pos) { + try { + Activity act(*logger, lvlInfo, actUnknown, + fmt("checking NixOS configuration '%s'", attrPath)); + Bindings & bindings(*state->allocBindings(0)); + auto vToplevel = findAlongAttrPath(*state, "config.system.build.toplevel", bindings, v).first; + state->forceValue(*vToplevel, pos); + if (!state->isDerivation(*vToplevel)) + throw Error("attribute 'config.system.build.toplevel' is not a derivation"); + } catch (Error & e) { + e.addTrace(resolve(pos), HintFmt("while checking the NixOS configuration '%s'", attrPath)); + reportError(e); + } + }; + + auto checkTemplate = [&](std::string_view attrPath, Value & v, const PosIdx pos) { + try { + Activity act(*logger, lvlInfo, actUnknown, + fmt("checking template '%s'", attrPath)); + + state->forceAttrs(v, pos, ""); + + if (auto attr = v.attrs()->get(state->symbols.create("path"))) { + if (attr->name == state->symbols.create("path")) { + NixStringContext context; + auto path = state->coerceToPath(attr->pos, *attr->value, context, ""); + if (!path.pathExists()) + throw Error("template '%s' refers to a non-existent path '%s'", attrPath, path); + // TODO: recursively check the flake in 'path'. } - }, + } else + throw Error("template '%s' lacks attribute 'path'", attrPath); - [&](std::function forEachChild) - { - forEachChild([&](Symbol attrName, ref node, bool isLast) - { - visit(node); - }); - }, - - [&](ref node, const std::vector & systems) { - for (auto & s : systems) - omittedSystems.insert(s); - }); + if (auto attr = v.attrs()->get(state->symbols.create("description"))) + state->forceStringNoCtx(*attr->value, attr->pos, ""); + else + throw Error("template '%s' lacks attribute 'description'", attrPath); + + for (auto & attr : *v.attrs()) { + std::string_view name(state->symbols[attr.name]); + if (name != "path" && name != "description" && name != "welcomeText") + throw Error("template '%s' has unsupported attribute '%s'", attrPath, name); + } + } catch (Error & e) { + e.addTrace(resolve(pos), HintFmt("while checking the template '%s'", attrPath)); + reportError(e); + } + }; + + auto checkBundler = [&](const std::string & attrPath, Value & v, const PosIdx pos) { + try { + Activity act(*logger, lvlInfo, actUnknown, + fmt("checking bundler '%s'", attrPath)); + state->forceValue(v, pos); + if (!v.isLambda()) + throw Error("bundler must be a function"); + // TODO: check types of inputs/outputs? + } catch (Error & e) { + e.addTrace(resolve(pos), HintFmt("while checking the template '%s'", attrPath)); + reportError(e); + } }; - flake_schemas::forEachOutput(inventory, [&](Symbol outputName, std::shared_ptr output, const std::string & doc, bool isLast) { - if (output) { - visit(ref(output)); - } else - uncheckedOutputs.insert(std::string(state->symbols[outputName])); - }); + Activity act(*logger, lvlInfo, actUnknown, "evaluating flake"); + + auto vFlake = state->allocValue(); + flake::callFlake(*state, flake, *vFlake); + + enumerateOutputs(*state, + *vFlake, + [&](std::string_view name, Value & vOutput, const PosIdx pos) { + Activity act(*logger, lvlInfo, actUnknown, + fmt("checking flake output '%s'", name)); + + try { + evalSettings.enableImportFromDerivation.setDefault(name != "hydraJobs"); + + state->forceValue(vOutput, pos); + + std::string_view replacement = + name == "defaultPackage" ? "packages..default" : + name == "defaultApp" ? "apps..default" : + name == "defaultTemplate" ? "templates.default" : + name == "defaultBundler" ? "bundlers..default" : + name == "overlay" ? "overlays.default" : + name == "devShell" ? "devShells..default" : + name == "nixosModule" ? "nixosModules.default" : + ""; + if (replacement != "") + warn("flake output attribute '%s' is deprecated; use '%s' instead", name, replacement); + + if (name == "checks") { + state->forceAttrs(vOutput, pos, ""); + for (auto & attr : *vOutput.attrs()) { + const auto & attr_name = state->symbols[attr.name]; + checkSystemName(attr_name, attr.pos); + if (checkSystemType(attr_name, attr.pos)) { + state->forceAttrs(*attr.value, attr.pos, ""); + for (auto & attr2 : *attr.value->attrs()) { + auto drvPath = checkDerivation( + fmt("%s.%s.%s", name, attr_name, state->symbols[attr2.name]), + *attr2.value, attr2.pos); + if (drvPath && attr_name == settings.thisSystem.get()) { + drvPaths.push_back(DerivedPath::Built { + .drvPath = makeConstantStorePathRef(*drvPath), + .outputs = OutputsSpec::All { }, + }); + } + } + } + } + } - if (!uncheckedOutputs.empty()) - warn("The following flake outputs are unchecked: %s.", - concatStringsSep(", ", uncheckedOutputs)); // FIXME: quote + else if (name == "formatter") { + state->forceAttrs(vOutput, pos, ""); + for (auto & attr : *vOutput.attrs()) { + const auto & attr_name = state->symbols[attr.name]; + checkSystemName(attr_name, attr.pos); + if (checkSystemType(attr_name, attr.pos)) { + checkApp( + fmt("%s.%s", name, attr_name), + *attr.value, attr.pos); + }; + } + } + + else if (name == "packages" || name == "devShells") { + state->forceAttrs(vOutput, pos, ""); + for (auto & attr : *vOutput.attrs()) { + const auto & attr_name = state->symbols[attr.name]; + checkSystemName(attr_name, attr.pos); + if (checkSystemType(attr_name, attr.pos)) { + state->forceAttrs(*attr.value, attr.pos, ""); + for (auto & attr2 : *attr.value->attrs()) + checkDerivation( + fmt("%s.%s.%s", name, attr_name, state->symbols[attr2.name]), + *attr2.value, attr2.pos); + }; + } + } + + else if (name == "apps") { + state->forceAttrs(vOutput, pos, ""); + for (auto & attr : *vOutput.attrs()) { + const auto & attr_name = state->symbols[attr.name]; + checkSystemName(attr_name, attr.pos); + if (checkSystemType(attr_name, attr.pos)) { + state->forceAttrs(*attr.value, attr.pos, ""); + for (auto & attr2 : *attr.value->attrs()) + checkApp( + fmt("%s.%s.%s", name, attr_name, state->symbols[attr2.name]), + *attr2.value, attr2.pos); + }; + } + } + + else if (name == "defaultPackage" || name == "devShell") { + state->forceAttrs(vOutput, pos, ""); + for (auto & attr : *vOutput.attrs()) { + const auto & attr_name = state->symbols[attr.name]; + checkSystemName(attr_name, attr.pos); + if (checkSystemType(attr_name, attr.pos)) { + checkDerivation( + fmt("%s.%s", name, attr_name), + *attr.value, attr.pos); + }; + } + } + + else if (name == "defaultApp") { + state->forceAttrs(vOutput, pos, ""); + for (auto & attr : *vOutput.attrs()) { + const auto & attr_name = state->symbols[attr.name]; + checkSystemName(attr_name, attr.pos); + if (checkSystemType(attr_name, attr.pos) ) { + checkApp( + fmt("%s.%s", name, attr_name), + *attr.value, attr.pos); + }; + } + } + + else if (name == "legacyPackages") { + state->forceAttrs(vOutput, pos, ""); + for (auto & attr : *vOutput.attrs()) { + checkSystemName(state->symbols[attr.name], attr.pos); + checkSystemType(state->symbols[attr.name], attr.pos); + // FIXME: do getDerivations? + } + } + + else if (name == "overlay") + checkOverlay(name, vOutput, pos); + + else if (name == "overlays") { + state->forceAttrs(vOutput, pos, ""); + for (auto & attr : *vOutput.attrs()) + checkOverlay(fmt("%s.%s", name, state->symbols[attr.name]), + *attr.value, attr.pos); + } + + else if (name == "nixosModule") + checkModule(name, vOutput, pos); + + else if (name == "nixosModules") { + state->forceAttrs(vOutput, pos, ""); + for (auto & attr : *vOutput.attrs()) + checkModule(fmt("%s.%s", name, state->symbols[attr.name]), + *attr.value, attr.pos); + } + + else if (name == "nixosConfigurations") { + state->forceAttrs(vOutput, pos, ""); + for (auto & attr : *vOutput.attrs()) + checkNixOSConfiguration(fmt("%s.%s", name, state->symbols[attr.name]), + *attr.value, attr.pos); + } + + else if (name == "hydraJobs") + checkHydraJobs(name, vOutput, pos); + + else if (name == "defaultTemplate") + checkTemplate(name, vOutput, pos); + + else if (name == "templates") { + state->forceAttrs(vOutput, pos, ""); + for (auto & attr : *vOutput.attrs()) + checkTemplate(fmt("%s.%s", name, state->symbols[attr.name]), + *attr.value, attr.pos); + } + + else if (name == "defaultBundler") { + state->forceAttrs(vOutput, pos, ""); + for (auto & attr : *vOutput.attrs()) { + const auto & attr_name = state->symbols[attr.name]; + checkSystemName(attr_name, attr.pos); + if (checkSystemType(attr_name, attr.pos)) { + checkBundler( + fmt("%s.%s", name, attr_name), + *attr.value, attr.pos); + }; + } + } + + else if (name == "bundlers") { + state->forceAttrs(vOutput, pos, ""); + for (auto & attr : *vOutput.attrs()) { + const auto & attr_name = state->symbols[attr.name]; + checkSystemName(attr_name, attr.pos); + if (checkSystemType(attr_name, attr.pos)) { + state->forceAttrs(*attr.value, attr.pos, ""); + for (auto & attr2 : *attr.value->attrs()) { + checkBundler( + fmt("%s.%s.%s", name, attr_name, state->symbols[attr2.name]), + *attr2.value, attr2.pos); + } + }; + } + } + + else if ( + name == "lib" + || name == "darwinConfigurations" + || name == "darwinModules" + || name == "flakeModule" + || name == "flakeModules" + || name == "herculesCI" + || name == "homeConfigurations" + || name == "homeModule" + || name == "homeModules" + || name == "nixopsConfigurations" + ) + // Known but unchecked community attribute + ; + + else + warn("unknown flake output '%s'", name); + + } catch (Error & e) { + e.addTrace(resolve(pos), HintFmt("while checking flake output '%s'", name)); + reportError(e); + } + }); + } if (build && !drvPaths.empty()) { Activity act(*logger, lvlInfo, actUnknown, fmt("running %d flake checks", drvPaths.size())); store->buildPaths(drvPaths); } - if (hasErrors) throw Error("some errors were encountered during the evaluation"); @@ -438,7 +810,7 @@ struct CmdFlakeCheck : FlakeCommand, flake_schemas::MixFlakeSchemas "Use '--all-systems' to check all.", concatStringsSep(", ", omittedSystems) ); - } + }; }; }; @@ -723,7 +1095,7 @@ struct CmdFlakeArchive : FlakeCommand, MixJSON, MixDryRun } }; -struct CmdFlakeShow : FlakeCommand, MixJSON, flake_schemas::MixFlakeSchemas +struct CmdFlakeShow : FlakeCommand, MixJSON { bool showLegacy = false; bool showAllSystems = false; @@ -756,158 +1128,267 @@ struct CmdFlakeShow : FlakeCommand, MixJSON, flake_schemas::MixFlakeSchemas void run(nix::ref store) override { + evalSettings.enableImportFromDerivation.setDefault(false); + auto state = getEvalState(); auto flake = std::make_shared(lockFlake()); auto localSystem = std::string(settings.thisSystem.get()); - auto [cache, inventory] = flake_schemas::call(*state, flake, getDefaultFlakeSchemas()); + std::function &attrPath, + const Symbol &attr)> hasContent; + + // For frameworks it's important that structures are as lazy as possible + // to prevent infinite recursions, performance issues and errors that + // aren't related to the thing to evaluate. As a consequence, they have + // to emit more attributes than strictly (sic) necessary. + // However, these attributes with empty values are not useful to the user + // so we omit them. + hasContent = [&]( + eval_cache::AttrCursor & visitor, + const std::vector &attrPath, + const Symbol &attr) -> bool + { + auto attrPath2(attrPath); + attrPath2.push_back(attr); + auto attrPathS = state->symbols.resolve(attrPath2); + const auto & attrName = state->symbols[attr]; - if (json) { - std::function node, nlohmann::json & obj)> visit; + auto visitor2 = visitor.getAttr(attrName); - visit = [&](ref node, nlohmann::json & obj) - { - flake_schemas::visit( - showAllSystems ? std::optional() : localSystem, - node, - - [&](ref leaf) - { - obj.emplace("leaf", true); - - if (auto what = flake_schemas::what(leaf)) - obj.emplace("what", what); - - if (auto shortDescription = flake_schemas::shortDescription(leaf)) - obj.emplace("shortDescription", shortDescription); - - if (auto drv = flake_schemas::derivation(leaf)) - obj.emplace("derivationName", drv->getAttr(state->sName)->getString()); - - // FIXME: add more stuff - }, - - [&](std::function forEachChild) - { - auto children = nlohmann::json::object(); - forEachChild([&](Symbol attrName, ref node, bool isLast) - { - auto j = nlohmann::json::object(); - try { - visit(node, j); - } catch (EvalError & e) { - // FIXME: make it a flake schema attribute whether to ignore evaluation errors. - if (node->root->state.symbols[flake_schemas::toAttrPath(node)[0]] == "legacyPackages") - j.emplace("failed", true); - else - throw; - } - children.emplace(state->symbols[attrName], std::move(j)); - }); - obj.emplace("children", std::move(children)); - }, - - [&](ref node, const std::vector & systems) - { - obj.emplace("filtered", true); - }); - }; + try { + if ((attrPathS[0] == "apps" + || attrPathS[0] == "checks" + || attrPathS[0] == "devShells" + || attrPathS[0] == "legacyPackages" + || attrPathS[0] == "packages") + && (attrPathS.size() == 1 || attrPathS.size() == 2)) { + for (const auto &subAttr : visitor2->getAttrs()) { + if (hasContent(*visitor2, attrPath2, subAttr)) { + return true; + } + } + return false; + } - auto res = nlohmann::json::object(); + if ((attrPathS.size() == 1) + && (attrPathS[0] == "formatter" + || attrPathS[0] == "nixosConfigurations" + || attrPathS[0] == "nixosModules" + || attrPathS[0] == "overlays" + )) { + for (const auto &subAttr : visitor2->getAttrs()) { + if (hasContent(*visitor2, attrPath2, subAttr)) { + return true; + } + } + return false; + } - flake_schemas::forEachOutput(inventory, [&](Symbol outputName, std::shared_ptr output, const std::string & doc, bool isLast) - { - auto j = nlohmann::json::object(); - - if (!showLegacy && state->symbols[outputName] == "legacyPackages") { - j.emplace("skipped", true); - } else if (output) { - j.emplace("doc", doc); - auto j2 = nlohmann::json::object(); - visit(ref(output), j2); - j.emplace("output", std::move(j2)); - } else - j.emplace("unknown", true); + // If we don't recognize it, it's probably content + return true; + } catch (EvalError & e) { + // Some attrs may contain errors, e.g. legacyPackages of + // nixpkgs. We still want to recurse into it, instead of + // skipping it at all. + return true; + } + }; - res.emplace(state->symbols[outputName], j); - }); + std::function & attrPath, + const std::string & headerPrefix, + const std::string & nextPrefix)> visit; + + visit = [&]( + eval_cache::AttrCursor & visitor, + const std::vector & attrPath, + const std::string & headerPrefix, + const std::string & nextPrefix) + -> nlohmann::json + { + auto j = nlohmann::json::object(); - logger->cout("%s", res.dump()); - } + auto attrPathS = state->symbols.resolve(attrPath); + + Activity act(*logger, lvlInfo, actUnknown, + fmt("evaluating '%s'", concatStringsSep(".", attrPathS))); - else { - logger->cout(ANSI_BOLD "%s" ANSI_NORMAL, flake->flake.lockedRef); + try { + auto recurse = [&]() + { + if (!json) + logger->cout("%s", headerPrefix); + std::vector attrs; + for (const auto &attr : visitor.getAttrs()) { + if (hasContent(visitor, attrPath, attr)) + attrs.push_back(attr); + } - std::function node, - const std::string & headerPrefix, - const std::string & prevPrefix)> visit; + for (const auto & [i, attr] : enumerate(attrs)) { + const auto & attrName = state->symbols[attr]; + bool last = i + 1 == attrs.size(); + auto visitor2 = visitor.getAttr(attrName); + auto attrPath2(attrPath); + attrPath2.push_back(attr); + auto j2 = visit(*visitor2, attrPath2, + fmt(ANSI_GREEN "%s%s" ANSI_NORMAL ANSI_BOLD "%s" ANSI_NORMAL, nextPrefix, last ? treeLast : treeConn, attrName), + nextPrefix + (last ? treeNull : treeLine)); + if (json) j.emplace(attrName, std::move(j2)); + } + }; - visit = [&]( - ref node, - const std::string & headerPrefix, - const std::string & prevPrefix) - { - flake_schemas::visit( - showAllSystems ? std::optional() : localSystem, - node, - - [&](ref leaf) - { - auto s = headerPrefix; - - if (auto what = flake_schemas::what(leaf)) - s += fmt(": %s", *what); - - if (auto drv = flake_schemas::derivation(leaf)) - s += fmt(ANSI_ITALIC " [%s]" ANSI_NORMAL, drv->getAttr(state->sName)->getString()); - - logger->cout(s); - }, - - [&](std::function forEachChild) - { - logger->cout(headerPrefix); - forEachChild([&](Symbol attrName, ref node, bool isLast) - { - visit(node, - fmt(ANSI_GREEN "%s%s" ANSI_NORMAL ANSI_BOLD "%s" ANSI_NORMAL, prevPrefix, - isLast ? treeLast : treeConn, state->symbols[attrName]), - prevPrefix + (isLast ? treeNull : treeLine)); - }); - }, - - [&](ref node, const std::vector & systems) - { - logger->cout(fmt("%s " ANSI_WARNING "omitted" ANSI_NORMAL " (use '--all-systems' to show)", headerPrefix)); - }); - }; + auto showDerivation = [&]() + { + auto name = visitor.getAttr(state->sName)->getString(); + if (json) { + std::optional description; + if (auto aMeta = visitor.maybeGetAttr(state->sMeta)) { + if (auto aDescription = aMeta->maybeGetAttr(state->sDescription)) + description = aDescription->getString(); + } + j.emplace("type", "derivation"); + j.emplace("name", name); + if (description) + j.emplace("description", *description); + } else { + logger->cout("%s: %s '%s'", + headerPrefix, + attrPath.size() == 2 && attrPathS[0] == "devShell" ? "development environment" : + attrPath.size() >= 2 && attrPathS[0] == "devShells" ? "development environment" : + attrPath.size() == 3 && attrPathS[0] == "checks" ? "derivation" : + attrPath.size() >= 1 && attrPathS[0] == "hydraJobs" ? "derivation" : + "package", + name); + } + }; + + if (attrPath.size() == 0 + || (attrPath.size() == 1 && ( + attrPathS[0] == "defaultPackage" + || attrPathS[0] == "devShell" + || attrPathS[0] == "formatter" + || attrPathS[0] == "nixosConfigurations" + || attrPathS[0] == "nixosModules" + || attrPathS[0] == "defaultApp" + || attrPathS[0] == "templates" + || attrPathS[0] == "overlays")) + || ((attrPath.size() == 1 || attrPath.size() == 2) + && (attrPathS[0] == "checks" + || attrPathS[0] == "packages" + || attrPathS[0] == "devShells" + || attrPathS[0] == "apps")) + ) + { + recurse(); + } - flake_schemas::forEachOutput(inventory, [&](Symbol outputName, std::shared_ptr output, const std::string & doc, bool isLast) - { - auto headerPrefix = fmt( - ANSI_GREEN "%s" ANSI_NORMAL ANSI_BOLD "%s" ANSI_NORMAL, - isLast ? treeLast : treeConn, state->symbols[outputName]); - - if (!showLegacy && state->symbols[outputName] == "legacyPackages") { - logger->cout(headerPrefix); - logger->cout( - ANSI_GREEN "%s" "%s" ANSI_NORMAL ANSI_ITALIC "%s" ANSI_NORMAL, - isLast ? treeNull : treeLine, - treeLast, - "(skipped; use '--legacy' to show)"); - } else if (output) { - visit(ref(output), headerPrefix, isLast ? treeNull : treeLine); - } else { - logger->cout(headerPrefix); - logger->cout( - ANSI_GREEN "%s" "%s" ANSI_NORMAL ANSI_ITALIC "%s" ANSI_NORMAL, - isLast ? treeNull : treeLine, - treeLast, - "(unknown flake output)"); + else if ( + (attrPath.size() == 2 && (attrPathS[0] == "defaultPackage" || attrPathS[0] == "devShell" || attrPathS[0] == "formatter")) + || (attrPath.size() == 3 && (attrPathS[0] == "checks" || attrPathS[0] == "packages" || attrPathS[0] == "devShells")) + ) + { + if (!showAllSystems && std::string(attrPathS[1]) != localSystem) { + if (!json) + logger->cout(fmt("%s " ANSI_WARNING "omitted" ANSI_NORMAL " (use '--all-systems' to show)", headerPrefix)); + else { + logger->warn(fmt("%s omitted (use '--all-systems' to show)", concatStringsSep(".", attrPathS))); + } + } else { + if (visitor.isDerivation()) + showDerivation(); + else + throw Error("expected a derivation"); + } } - }); - } + + else if (attrPath.size() > 0 && attrPathS[0] == "hydraJobs") { + if (visitor.isDerivation()) + showDerivation(); + else + recurse(); + } + + else if (attrPath.size() > 0 && attrPathS[0] == "legacyPackages") { + if (attrPath.size() == 1) + recurse(); + else if (!showLegacy){ + if (!json) + logger->cout(fmt("%s " ANSI_WARNING "omitted" ANSI_NORMAL " (use '--legacy' to show)", headerPrefix)); + else { + logger->warn(fmt("%s omitted (use '--legacy' to show)", concatStringsSep(".", attrPathS))); + } + } else if (!showAllSystems && std::string(attrPathS[1]) != localSystem) { + if (!json) + logger->cout(fmt("%s " ANSI_WARNING "omitted" ANSI_NORMAL " (use '--all-systems' to show)", headerPrefix)); + else { + logger->warn(fmt("%s omitted (use '--all-systems' to show)", concatStringsSep(".", attrPathS))); + } + } else { + if (visitor.isDerivation()) + showDerivation(); + else if (attrPath.size() <= 2) + // FIXME: handle recurseIntoAttrs + recurse(); + } + } + + else if ( + (attrPath.size() == 2 && attrPathS[0] == "defaultApp") || + (attrPath.size() == 3 && attrPathS[0] == "apps")) + { + auto aType = visitor.maybeGetAttr("type"); + if (!aType || aType->getString() != "app") + state->error("not an app definition").debugThrow(); + if (json) { + j.emplace("type", "app"); + } else { + logger->cout("%s: app", headerPrefix); + } + } + + else if ( + (attrPath.size() == 1 && attrPathS[0] == "defaultTemplate") || + (attrPath.size() == 2 && attrPathS[0] == "templates")) + { + auto description = visitor.getAttr("description")->getString(); + if (json) { + j.emplace("type", "template"); + j.emplace("description", description); + } else { + logger->cout("%s: template: " ANSI_BOLD "%s" ANSI_NORMAL, headerPrefix, description); + } + } + + else { + auto [type, description] = + (attrPath.size() == 1 && attrPathS[0] == "overlay") + || (attrPath.size() == 2 && attrPathS[0] == "overlays") ? std::make_pair("nixpkgs-overlay", "Nixpkgs overlay") : + attrPath.size() == 2 && attrPathS[0] == "nixosConfigurations" ? std::make_pair("nixos-configuration", "NixOS configuration") : + (attrPath.size() == 1 && attrPathS[0] == "nixosModule") + || (attrPath.size() == 2 && attrPathS[0] == "nixosModules") ? std::make_pair("nixos-module", "NixOS module") : + std::make_pair("unknown", "unknown"); + if (json) { + j.emplace("type", type); + } else { + logger->cout("%s: " ANSI_WARNING "%s" ANSI_NORMAL, headerPrefix, description); + } + } + } catch (EvalError & e) { + if (!(attrPath.size() > 0 && attrPathS[0] == "legacyPackages")) + throw; + } + + return j; + }; + + auto cache = openEvalCache(*state, flake); + + auto j = visit(*cache->getRoot(), {}, fmt(ANSI_BOLD "%s" ANSI_NORMAL, flake->flake.lockedRef), ""); + if (json) + logger->cout("%s", j.dump()); } }; diff --git a/src/nix/local.mk b/src/nix/local.mk index 43a22a2afb3..28b30b58619 100644 --- a/src/nix/local.mk +++ b/src/nix/local.mk @@ -55,9 +55,3 @@ $(d)/main.cc: \ $(d)/profile.cc: $(d)/profile.md $(d)/profile.md: $(d)/profiles.md.gen.hh - -src/nix/flake.cc: src/nix/call-flake-schemas.nix.gen.hh src/nix/builtin-flake-schemas.nix.gen.hh - -src/nix/builtin-flake-schemas.nix: $(default_flake_schemas)/flake.nix - $(trace-gen) cp $^ $@ - @chmod +w $@ diff --git a/tests/functional/flakes/check.sh b/tests/functional/flakes/check.sh index 48a0d333aac..3b83dcafe4b 100755 --- a/tests/functional/flakes/check.sh +++ b/tests/functional/flakes/check.sh @@ -16,6 +16,17 @@ EOF nix flake check $flakeDir +cat > $flakeDir/flake.nix < $flakeDir/flake.nix < show-output.json nix eval --impure --expr ' let show_output = builtins.fromJSON (builtins.readFile ./show-output.json); in -assert show_output.packages.output.children.someOtherSystem.filtered; -assert show_output.packages.output.children.${builtins.currentSystem}.children.default.derivationName == "simple"; -assert show_output.legacyPackages.skipped; +assert show_output.packages.someOtherSystem.default == {}; +assert show_output.packages.${builtins.currentSystem}.default.name == "simple"; +assert show_output.legacyPackages.${builtins.currentSystem} == {}; true ' @@ -26,8 +26,8 @@ nix flake show --json --all-systems > show-output.json nix eval --impure --expr ' let show_output = builtins.fromJSON (builtins.readFile ./show-output.json); in -assert show_output.packages.output.children.someOtherSystem.children.default.derivationName == "simple"; -assert show_output.legacyPackages.skipped; +assert show_output.packages.someOtherSystem.default.name == "simple"; +assert show_output.legacyPackages.${builtins.currentSystem} == {}; true ' @@ -36,7 +36,34 @@ nix flake show --json --legacy > show-output.json nix eval --impure --expr ' let show_output = builtins.fromJSON (builtins.readFile ./show-output.json); in -assert show_output.legacyPackages.output.children.${builtins.currentSystem}.children.hello.derivationName == "simple"; +assert show_output.legacyPackages.${builtins.currentSystem}.hello.name == "simple"; +true +' + +# Test that attributes are only reported when they have actual content +cat >flake.nix < show-output.json +nix eval --impure --expr ' +let show_output = builtins.fromJSON (builtins.readFile ./show-output.json); +in +assert show_output == { }; true ' @@ -56,7 +83,7 @@ nix flake show --json --legacy --all-systems > show-output.json nix eval --impure --expr ' let show_output = builtins.fromJSON (builtins.readFile ./show-output.json); in -assert show_output.legacyPackages.output.children.${builtins.currentSystem}.children.AAAAAASomeThingsFailToEvaluate.failed; -assert show_output.legacyPackages.output.children.${builtins.currentSystem}.children.simple.derivationName == "simple"; +assert show_output.legacyPackages.${builtins.currentSystem}.AAAAAASomeThingsFailToEvaluate == { }; +assert show_output.legacyPackages.${builtins.currentSystem}.simple.name == "simple"; true ' diff --git a/tests/functional/fmt.sh b/tests/functional/fmt.sh index b0a0b2e5f7b..b29fe64d6bc 100755 --- a/tests/functional/fmt.sh +++ b/tests/functional/fmt.sh @@ -32,6 +32,4 @@ cat << EOF > flake.nix EOF nix fmt ./file ./folder | grep 'Formatting: ./file ./folder' nix flake check - -clearStore -nix flake show | grep -P "package.*\[formatter\]" +nix flake show | grep -P "package 'formatter'" From d9284d246ced1ccdcd358ecdc9c6c9153ecaa264 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 11 Jul 2024 16:21:27 +0200 Subject: [PATCH 106/815] Remove unused InstallableFlake::getFlakeOutputs() (cherry picked from commit 87323a5689f4789d9fc25271a16ba57c57f76392) --- src/libcmd/installable-flake.cc | 14 -------------- src/libcmd/installable-flake.hh | 2 -- 2 files changed, 16 deletions(-) diff --git a/src/libcmd/installable-flake.cc b/src/libcmd/installable-flake.cc index 852a5618efd..8796ad5ba79 100644 --- a/src/libcmd/installable-flake.cc +++ b/src/libcmd/installable-flake.cc @@ -43,20 +43,6 @@ std::vector InstallableFlake::getActualAttrPaths() return res; } -Value * InstallableFlake::getFlakeOutputs(EvalState & state, const flake::LockedFlake & lockedFlake) -{ - auto vFlake = state.allocValue(); - - callFlake(state, lockedFlake, *vFlake); - - auto aOutputs = vFlake->attrs()->get(state.symbols.create("outputs")); - assert(aOutputs); - - state.forceValue(*aOutputs->value, aOutputs->value->determinePos(noPos)); - - return aOutputs->value; -} - static std::string showAttrPaths(const std::vector & paths) { std::string s; diff --git a/src/libcmd/installable-flake.hh b/src/libcmd/installable-flake.hh index b0d6f5afca6..8e0a232ef8a 100644 --- a/src/libcmd/installable-flake.hh +++ b/src/libcmd/installable-flake.hh @@ -53,8 +53,6 @@ struct InstallableFlake : InstallableValue std::vector getActualAttrPaths(); - Value * getFlakeOutputs(EvalState & state, const flake::LockedFlake & lockedFlake); - DerivedPathsWithInfo toDerivedPaths() override; std::pair toValue(EvalState & state) override; From 21ddd181fe6d4b8d345b783e72aa54b2340fb541 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 30 Oct 2024 12:53:05 +0100 Subject: [PATCH 107/815] Disable mingw32 jobs This gets rid of an evaluation error in devShells.aarch64-linux.x86_64-w64-mingw32. https://github.com/DeterminateSystems/nix-priv/actions/runs/11576785241/job/32226923043?pr=39 --- flake.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flake.nix b/flake.nix index 848d04a7ae8..97e4b50d5f7 100644 --- a/flake.nix +++ b/flake.nix @@ -44,7 +44,7 @@ "riscv64-unknown-linux-gnu" "x86_64-unknown-netbsd" "x86_64-unknown-freebsd" - "x86_64-w64-mingw32" + #"x86_64-w64-mingw32" ]; stdenvs = [ From f36f4a4f52bb32b91aa4709eb76f5e03c2d74fd9 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 30 Oct 2024 13:30:39 +0100 Subject: [PATCH 108/815] Disable some Hydra jobs that we don't care about at the moment --- flake.nix | 10 +++++----- packaging/hydra.nix | 6 ++++++ 2 files changed, 11 insertions(+), 5 deletions(-) diff --git a/flake.nix b/flake.nix index 97e4b50d5f7..ddda3191bfe 100644 --- a/flake.nix +++ b/flake.nix @@ -32,7 +32,7 @@ then "" else "pre${builtins.substring 0 8 (self.lastModifiedDate or self.lastModified or "19700101")}_${self.shortRev or "dirty"}"; - linux32BitSystems = [ "i686-linux" ]; + linux32BitSystems = [ /* "i686-linux" */ ]; linux64BitSystems = [ "x86_64-linux" "aarch64-linux" ]; linuxSystems = linux32BitSystems ++ linux64BitSystems; darwinSystems = [ "x86_64-darwin" "aarch64-darwin" ]; @@ -175,7 +175,7 @@ checks = forAllSystems (system: { binaryTarball = self.hydraJobs.binaryTarball.${system}; - installTests = self.hydraJobs.installTests.${system}; + #installTests = self.hydraJobs.installTests.${system}; nixpkgsLibTests = self.hydraJobs.tests.nixpkgsLibTests.${system}; rl-next = let pkgs = nixpkgsFor.${system}.native; @@ -201,7 +201,7 @@ } // lib.optionalAttrs (! nixpkgsFor.${system}.native.stdenv.hostPlatform.isDarwin) { # TODO: enable static builds for darwin, blocked on: # https://github.com/NixOS/nixpkgs/issues/320448 - "static-" = nixpkgsFor.${system}.static; + #"static-" = nixpkgsFor.${system}.static; }) (nixpkgsPrefix: nixpkgs: flatMapAttrs nixpkgs.nixComponents @@ -238,7 +238,7 @@ (pkgName: {}: { # These attributes go right into `packages.`. "${pkgName}" = nixpkgsFor.${system}.native.nixComponents.${pkgName}; - "${pkgName}-static" = nixpkgsFor.${system}.static.nixComponents.${pkgName}; + #"${pkgName}-static" = nixpkgsFor.${system}.static.nixComponents.${pkgName}; } // flatMapAttrs (lib.genAttrs crossSystems (_: { })) (crossSystem: {}: { # These attributes go right into `packages.`. @@ -362,7 +362,7 @@ in (makeShells "native" nixpkgsFor.${system}.native) // (lib.optionalAttrs (!nixpkgsFor.${system}.native.stdenv.isDarwin) - (makeShells "static" nixpkgsFor.${system}.static) // + #(makeShells "static" nixpkgsFor.${system}.static) // (forAllCrossSystems (crossSystem: let pkgs = nixpkgsFor.${system}.cross.${crossSystem}; in makeShell pkgs pkgs.stdenv))) // { default = self.devShells.${system}.native-stdenvPackages; diff --git a/packaging/hydra.nix b/packaging/hydra.nix index dbe99247675..999fa651594 100644 --- a/packaging/hydra.nix +++ b/packaging/hydra.nix @@ -64,6 +64,7 @@ in shellInputs = forAllSystems (system: self.devShells.${system}.default.inputDerivation); + /* buildStatic = forAllPackages (pkgName: lib.genAttrs linux64BitSystems (system: nixpkgsFor.${system}.static.nixComponents.${pkgName})); @@ -85,6 +86,7 @@ in readlineFlavor = "readline"; } ); + */ # Perl bindings for various platforms. perlBindings = forAllSystems (system: nixpkgsFor.${system}.native.nixComponents.nix-perl-bindings); @@ -94,6 +96,7 @@ in # the installation script. binaryTarball = forAllSystems (system: binaryTarball nixpkgsFor.${system}.native.nix nixpkgsFor.${system}.native); + /* binaryTarballCross = lib.genAttrs [ "x86_64-linux" ] (system: forAllCrossSystems (crossSystem: binaryTarball @@ -125,6 +128,7 @@ in self.hydraJobs.binaryTarballCross."x86_64-linux"."armv7l-unknown-linux-gnueabihf" self.hydraJobs.binaryTarballCross."x86_64-linux"."riscv64-unknown-linux-gnu" ]; + */ # docker image with Nix inside dockerImage = lib.genAttrs linux64BitSystems (system: self.packages.${system}.dockerImage); @@ -178,6 +182,7 @@ in nixpkgs = nixpkgs-regression; }; + /* installTests = forAllSystems (system: let pkgs = nixpkgsFor.${system}.native; in pkgs.runCommand "install-tests" @@ -197,4 +202,5 @@ in binaryTarballs = self.hydraJobs.binaryTarball; inherit nixpkgsFor; }; + */ } From f9180f12c4ca28e224db7f7efbc9600b2e25da8a Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 30 Oct 2024 15:30:29 +0100 Subject: [PATCH 109/815] release notes: 2.24.9 --- doc/manual/rl-next/filesystem-errors.md | 14 -------------- doc/manual/rl-next/verify-tls.md | 8 -------- doc/manual/src/release-notes/rl-2.24.md | 15 +++++++++++++++ 3 files changed, 15 insertions(+), 22 deletions(-) delete mode 100644 doc/manual/rl-next/filesystem-errors.md delete mode 100644 doc/manual/rl-next/verify-tls.md diff --git a/doc/manual/rl-next/filesystem-errors.md b/doc/manual/rl-next/filesystem-errors.md deleted file mode 100644 index faa9352b96a..00000000000 --- a/doc/manual/rl-next/filesystem-errors.md +++ /dev/null @@ -1,14 +0,0 @@ ---- -synopsis: wrap filesystem exceptions more correctly -issues: [] -prs: [11378] ---- - - -With the switch to `std::filesystem` in different places, Nix started to throw `std::filesystem::filesystem_error` in many places instead of its own exceptions. - -This lead to no longer generating error traces, for example when listing a non-existing directory. - -This version catches these types of exception correctly and wrap them into Nix's own exeception type. - -Author: [**@Mic92**](https://github.com/Mic92) diff --git a/doc/manual/rl-next/verify-tls.md b/doc/manual/rl-next/verify-tls.md deleted file mode 100644 index afc689f46a9..00000000000 --- a/doc/manual/rl-next/verify-tls.md +++ /dev/null @@ -1,8 +0,0 @@ ---- -synopsis: "`` uses TLS verification" -prs: [11585] ---- - -Previously `` did not do TLS verification. This was because the Nix sandbox in the past did not have access to TLS certificates, and Nix checks the hash of the fetched file anyway. However, this can expose authentication data from `netrc` and URLs to man-in-the-middle attackers. In addition, Nix now in some cases (such as when using impure derivations) does *not* check the hash. Therefore we have now enabled TLS verification. This means that downloads by `` will now fail if you're fetching from a HTTPS server that does not have a valid certificate. - -`` is also known as the builtin derivation builder `builtin:fetchurl`. It's not to be confused with the evaluation-time function `builtins.fetchurl`, which was not affected by this issue. diff --git a/doc/manual/src/release-notes/rl-2.24.md b/doc/manual/src/release-notes/rl-2.24.md index 5bcc1d79ced..38358d72856 100644 --- a/doc/manual/src/release-notes/rl-2.24.md +++ b/doc/manual/src/release-notes/rl-2.24.md @@ -274,6 +274,21 @@ be configured using the `warn-large-path-threshold` setting, e.g. `--warn-large-path-threshold 100M`. +- Wrap filesystem exceptions more correctly [#11378](https://github.com/NixOS/nix/pull/11378) + + With the switch to `std::filesystem` in different places, Nix started to throw `std::filesystem::filesystem_error` in many places instead of its own exceptions. + + This led to no longer generating error traces, for example when listing a non-existing directory. + + This version catches these types of exception correctly and wraps them into Nix's own exeception type. + + Author: [**@Mic92**](https://github.com/Mic92) + +- `` uses TLS verification [#11585](https://github.com/NixOS/nix/pull/11585) + + Previously `` did not do TLS verification. This was because the Nix sandbox in the past did not have access to TLS certificates, and Nix checks the hash of the fetched file anyway. However, this can expose authentication data from `netrc` and URLs to man-in-the-middle attackers. In addition, Nix now in some cases (such as when using impure derivations) does *not* check the hash. Therefore we have now enabled TLS verification. This means that downloads by `` will now fail if you're fetching from a HTTPS server that does not have a valid certificate. + + `` is also known as the builtin derivation builder `builtin:fetchurl`. It's not to be confused with the evaluation-time function `builtins.fetchurl`, which was not affected by this issue. # Contributors From 2d61e3c7837e5b054a7ea9eafa862293883dcc91 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 30 Oct 2024 15:50:27 +0100 Subject: [PATCH 110/815] Add Determinate Nix release notes to the manual --- doc/manual/book.toml | 2 +- doc/manual/src/SUMMARY.md.in | 5 ++++- doc/manual/src/release-notes-determinate/changes.md | 7 +++++++ doc/manual/src/release-notes-determinate/index.md | 3 +++ 4 files changed, 15 insertions(+), 2 deletions(-) create mode 100644 doc/manual/src/release-notes-determinate/changes.md create mode 100644 doc/manual/src/release-notes-determinate/index.md diff --git a/doc/manual/book.toml b/doc/manual/book.toml index 73fb7e75e24..f1d7c2c060f 100644 --- a/doc/manual/book.toml +++ b/doc/manual/book.toml @@ -1,5 +1,5 @@ [book] -title = "Nix Reference Manual" +title = "Determinate Nix Reference Manual" [output.html] additional-css = ["custom.css"] diff --git a/doc/manual/src/SUMMARY.md.in b/doc/manual/src/SUMMARY.md.in index 8739599a03e..f4c5dcfbd30 100644 --- a/doc/manual/src/SUMMARY.md.in +++ b/doc/manual/src/SUMMARY.md.in @@ -125,7 +125,10 @@ - [C++ style guide](development/cxx.md) - [Experimental Features](development/experimental-features.md) - [Contributing](development/contributing.md) -- [Releases](release-notes/index.md) +- [Determinate Nix Releases Notes](release-notes-determinate/index.md) + - [Changes between Nix and Determinate Nix](release-notes-determinate/changes.md) + - [Release 1.0 (2024-11-??)](release-notes-determinate/rl-1.0.md) +- [Nix Releases Notes](release-notes/index.md) {{#include ./SUMMARY-rl-next.md}} - [Release 2.24 (2024-07-31)](release-notes/rl-2.24.md) - [Release 2.23 (2024-06-03)](release-notes/rl-2.23.md) diff --git a/doc/manual/src/release-notes-determinate/changes.md b/doc/manual/src/release-notes-determinate/changes.md new file mode 100644 index 00000000000..a71867ea2ec --- /dev/null +++ b/doc/manual/src/release-notes-determinate/changes.md @@ -0,0 +1,7 @@ +# Changes between Nix and Determinate Nix + +This section lists the differences between upstream Nix 2.24 and Determinate Nix 1.0. + +* In Determinate Nix, flakes are stable. You no longer need to enable the `flakes` experimental feature. + +* In Determinate Nix, the new Nix CLI (i.e. the `nix` command) is stable. You no longer need to enable the `nix-command` experimental feature. diff --git a/doc/manual/src/release-notes-determinate/index.md b/doc/manual/src/release-notes-determinate/index.md new file mode 100644 index 00000000000..bba33084424 --- /dev/null +++ b/doc/manual/src/release-notes-determinate/index.md @@ -0,0 +1,3 @@ +# Determinate Nix Release Notes + +This chapter lists the differences between Nix and Determinate Nix, as well as the release history of Determinate Nix. From 707cbad5f8da4a89da1c07e5229e990f1b39c170 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 30 Oct 2024 18:46:59 +0100 Subject: [PATCH 111/815] Show Determinate Nix version number `nix --version` will now show `nix (Determinate Nix 1.0) 2.24.10`. --- .version-determinate | 1 + package.nix | 1 + src/libmain/shared.cc | 2 +- src/libstore/globals.cc | 2 ++ src/libstore/globals.hh | 2 ++ src/libstore/local.mk | 3 ++- src/libstore/meson.build | 6 ++++-- 7 files changed, 13 insertions(+), 4 deletions(-) create mode 100644 .version-determinate diff --git a/.version-determinate b/.version-determinate new file mode 100644 index 00000000000..d3827e75a5c --- /dev/null +++ b/.version-determinate @@ -0,0 +1 @@ +1.0 diff --git a/package.nix b/package.nix index e1b4aebb05d..ac196ef9090 100644 --- a/package.nix +++ b/package.nix @@ -158,6 +158,7 @@ in { fileset = fileset.intersection baseFiles (fileset.unions ([ # For configure ./.version + ./.version-determinate ./configure.ac ./m4 # TODO: do we really need README.md? It doesn't seem used in the build. diff --git a/src/libmain/shared.cc b/src/libmain/shared.cc index 59e1e48b777..65d8b661b62 100644 --- a/src/libmain/shared.cc +++ b/src/libmain/shared.cc @@ -294,7 +294,7 @@ void parseCmdLine(const std::string & programName, const Strings & args, void printVersion(const std::string & programName) { - std::cout << fmt("%1% (Determinate Nix) %2%", programName, nixVersion) << std::endl; + std::cout << fmt("%s (Determinate Nix %s) %s", programName, determinateNixVersion, nixVersion) << std::endl; if (verbosity > lvlInfo) { Strings cfg; #if HAVE_BOEHMGC diff --git a/src/libstore/globals.cc b/src/libstore/globals.cc index 439a6f97c08..89b79141cfb 100644 --- a/src/libstore/globals.cc +++ b/src/libstore/globals.cc @@ -273,6 +273,8 @@ Path Settings::getDefaultSSLCertFile() const std::string nixVersion = PACKAGE_VERSION; +const std::string determinateNixVersion = DETERMINATE_NIX_VERSION; + NLOHMANN_JSON_SERIALIZE_ENUM(SandboxMode, { {SandboxMode::smEnabled, true}, {SandboxMode::smRelaxed, "relaxed"}, diff --git a/src/libstore/globals.hh b/src/libstore/globals.hh index 8760c9d145b..6c66b579575 100644 --- a/src/libstore/globals.hh +++ b/src/libstore/globals.hh @@ -1247,6 +1247,8 @@ std::vector getUserConfigFiles(); extern const std::string nixVersion; +extern const std::string determinateNixVersion; + /** * @param loadConfig Whether to load configuration from `nix.conf`, `NIX_CONFIG`, etc. May be disabled for unit tests. * @note When using libexpr, and/or libmain, This is not sufficient. See initNix(). diff --git a/src/libstore/local.mk b/src/libstore/local.mk index 5dc8f3370bc..c138ed0a86e 100644 --- a/src/libstore/local.mk +++ b/src/libstore/local.mk @@ -73,7 +73,8 @@ libstore_CXXFLAGS += \ -DNIX_CONF_DIR=\"$(NIX_ROOT)$(sysconfdir)/nix\" \ -DNIX_BIN_DIR=\"$(NIX_ROOT)$(bindir)\" \ -DNIX_MAN_DIR=\"$(NIX_ROOT)$(mandir)\" \ - -DLSOF=\"$(NIX_ROOT)$(lsof)\" + -DLSOF=\"$(NIX_ROOT)$(lsof)\" \ + -DDETERMINATE_NIX_VERSION=\""$(shell cat ./.version-determinate)"\" ifeq ($(embedded_sandbox_shell),yes) libstore_CXXFLAGS += -DSANDBOX_SHELL=\"__embedded_sandbox_shell__\" diff --git a/src/libstore/meson.build b/src/libstore/meson.build index 50b15e15dc7..196400d098a 100644 --- a/src/libstore/meson.build +++ b/src/libstore/meson.build @@ -12,6 +12,8 @@ project('nix-store', 'cpp', license : 'LGPL-2.1-or-later', ) +fs = import('fs') + cxx = meson.get_compiler('cpp') subdir('build-utils-meson/deps-lists') @@ -21,6 +23,8 @@ configdata = configuration_data() # TODO rename, because it will conflict with downstream projects configdata.set_quoted('PACKAGE_VERSION', meson.project_version()) +configdata.set_quoted('DETERMINATE_NIX_VERSION', fs.read('./.version-determinate')) + configdata.set_quoted('SYSTEM', host_machine.system()) deps_private_maybe_subproject = [ @@ -320,8 +324,6 @@ else subdir('unix') endif -fs = import('fs') - prefix = get_option('prefix') # For each of these paths, assume that it is relative to the prefix unless # it is already an absolute path (which is the default for store-dir, state-dir, and log-dir). From e84063c54073b3aa8c5898732af50a3f8fc45b1e Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 31 Oct 2024 12:08:17 +0100 Subject: [PATCH 112/815] .version-determinate: Use semver Co-authored-by: Cole Helbling --- .version-determinate | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.version-determinate b/.version-determinate index d3827e75a5c..3eefcb9dd5b 100644 --- a/.version-determinate +++ b/.version-determinate @@ -1 +1 @@ -1.0 +1.0.0 From 3a4a97aa55466093cde1f488bdd8f16d5b51bf7a Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 1 Nov 2024 16:03:58 +0100 Subject: [PATCH 113/815] Set the Determinate version number to 0.0.1 --- .version-determinate | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.version-determinate b/.version-determinate index 3eefcb9dd5b..8acdd82b765 100644 --- a/.version-determinate +++ b/.version-determinate @@ -1 +1 @@ -1.0.0 +0.0.1 From 3fdd7d035d5c8e86198fdb08193c5e6833660976 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 4 Nov 2024 14:31:52 +0100 Subject: [PATCH 114/815] Fix Meson build --- src/libstore/.version-determinate | 1 + src/libstore/meson.build | 2 +- src/libstore/package.nix | 3 +++ 3 files changed, 5 insertions(+), 1 deletion(-) create mode 120000 src/libstore/.version-determinate diff --git a/src/libstore/.version-determinate b/src/libstore/.version-determinate new file mode 120000 index 00000000000..c4121e0c32d --- /dev/null +++ b/src/libstore/.version-determinate @@ -0,0 +1 @@ +../../.version-determinate \ No newline at end of file diff --git a/src/libstore/meson.build b/src/libstore/meson.build index 2670dfcde4b..41bbb438d04 100644 --- a/src/libstore/meson.build +++ b/src/libstore/meson.build @@ -23,7 +23,7 @@ configdata = configuration_data() # TODO rename, because it will conflict with downstream projects configdata.set_quoted('PACKAGE_VERSION', meson.project_version()) -configdata.set_quoted('DETERMINATE_NIX_VERSION', fs.read('./.version-determinate')) +configdata.set_quoted('DETERMINATE_NIX_VERSION', fs.read('.version-determinate').strip()) configdata.set_quoted('SYSTEM', host_machine.system()) diff --git a/src/libstore/package.nix b/src/libstore/package.nix index d98bac16d33..f1c880e24bc 100644 --- a/src/libstore/package.nix +++ b/src/libstore/package.nix @@ -38,8 +38,11 @@ mkMesonDerivation (finalAttrs: { fileset = fileset.unions [ ../../build-utils-meson ./build-utils-meson + # FIXME: get rid of these symlinks. ../../.version ./.version + ../../.version-determinate + ./.version-determinate ./meson.build ./meson.options ./linux/meson.build From 7c9f19ceeeb4f9d1527a75f724031f96c94e98fc Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 6 Nov 2024 15:19:03 +0100 Subject: [PATCH 115/815] Move scripts/flake-regressions.sh into the flake-regressions repo It already contained a script "eval-all.sh" that did almost the same thing. --- .github/workflows/ci.yml | 2 +- scripts/flake-regressions.sh | 27 --------------------------- 2 files changed, 1 insertion(+), 28 deletions(-) delete mode 100755 scripts/flake-regressions.sh diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index fd89614f703..693cd6ea679 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -78,4 +78,4 @@ jobs: with: flakehub: true - uses: DeterminateSystems/magic-nix-cache-action@main - - run: nix build --out-link ./new-nix && PATH=$(pwd)/new-nix/bin:$PATH scripts/flake-regressions.sh + - run: nix build --out-link ./new-nix && PATH=$(pwd)/new-nix/bin:$PATH MAX_FLAKES=25 flake-regressions/eval-all.sh diff --git a/scripts/flake-regressions.sh b/scripts/flake-regressions.sh deleted file mode 100755 index d765311345c..00000000000 --- a/scripts/flake-regressions.sh +++ /dev/null @@ -1,27 +0,0 @@ -#! /usr/bin/env bash - -set -e - -echo "Nix version:" -nix --version - -cd flake-regressions - -status=0 - -flakes=$(find tests -mindepth 3 -maxdepth 3 -type d -not -path '*/.*' | sort | head -n25) - -echo "Running flake tests..." - -for flake in $flakes; do - - if ! REGENERATE=0 ./eval-flake.sh "$flake"; then - status=1 - echo "❌ $flake" - else - echo "✅ $flake" - fi - -done - -exit "$status" From a7c484ecc5987dde6c9bf52f025c94c2d086b615 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 6 Nov 2024 18:48:05 +0100 Subject: [PATCH 116/815] flake_regressions: Use a bigger runner --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 693cd6ea679..9f1c1e8771b 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -60,7 +60,7 @@ jobs: flake_regressions: needs: build_x86_64-linux - runs-on: ubuntu-22.04 + runs-on: UbuntuLatest32Cores128G steps: - name: Checkout nix uses: actions/checkout@v4 From 28752fe28868f2c1a4d3c8a86a1ada94b99cce35 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 22 Jan 2025 12:16:44 +0100 Subject: [PATCH 117/815] Mark official release --- flake.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flake.nix b/flake.nix index 8edc2266f08..d8a458c1f4d 100644 --- a/flake.nix +++ b/flake.nix @@ -24,7 +24,7 @@ let inherit (nixpkgs) lib; - officialRelease = false; + officialRelease = true; linux32BitSystems = [ "i686-linux" ]; linux64BitSystems = [ "x86_64-linux" "aarch64-linux" ]; From 91e60321f617990c06216abcc6a836e12e04aa0f Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 22 Jan 2025 13:36:30 +0100 Subject: [PATCH 118/815] Bump version --- .version | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.version b/.version index 7a25c70f90c..f34083e034a 100644 --- a/.version +++ b/.version @@ -1 +1 @@ -2.26.0 +2.26.1 From 2301d86f32625ea9dfe87061203da45f2476afdc Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 22 Jan 2025 17:42:52 +0100 Subject: [PATCH 119/815] GitRepo::fetch(): Cleanup (cherry picked from commit bd10b859f71751e349af59349385af27aea40a13) --- src/libfetchers/git-utils.cc | 14 ++++++-------- src/libutil/util.hh | 11 +++++++++++ 2 files changed, 17 insertions(+), 8 deletions(-) diff --git a/src/libfetchers/git-utils.cc b/src/libfetchers/git-utils.cc index b54416b1062..3b15a85ceaf 100644 --- a/src/libfetchers/git-utils.cc +++ b/src/libfetchers/git-utils.cc @@ -206,7 +206,8 @@ static git_packbuilder_progress PACKBUILDER_PROGRESS_CHECK_INTERRUPT = &packBuil } // extern "C" -static void initRepoAtomically(std::filesystem::path &path, bool bare) { +static void initRepoAtomically(std::filesystem::path &path, bool bare) +{ if (pathExists(path.string())) return; Path tmpDir = createTempDir(os_string_to_string(PathViewNG { std::filesystem::path(path).parent_path() })); @@ -544,13 +545,10 @@ struct GitRepoImpl : GitRepo, std::enable_shared_from_this // then use code that was removed in this commit (see blame) auto dir = this->path; - Strings gitArgs; - if (shallow) { - gitArgs = { "-C", dir.string(), "fetch", "--quiet", "--force", "--depth", "1", "--", url, refspec }; - } - else { - gitArgs = { "-C", dir.string(), "fetch", "--quiet", "--force", "--", url, refspec }; - } + Strings gitArgs{"-C", dir.string(), "fetch", "--quiet", "--force"}; + if (shallow) + append(gitArgs, {"--depth", "1"}); + append(gitArgs, {std::string("--"), url, refspec}); runProgram(RunOptions { .program = "git", diff --git a/src/libutil/util.hh b/src/libutil/util.hh index 4d5683e2bda..0d55cf93bed 100644 --- a/src/libutil/util.hh +++ b/src/libutil/util.hh @@ -274,6 +274,17 @@ std::optional pop(T & c) } +/** + * Append items to a container. TODO: remove this once we can use + * C++23's `append_range()`. + */ +template +void append(C & c, std::initializer_list l) +{ + c.insert(c.end(), l.begin(), l.end()); +} + + template class Callback; From 832221650b4cf74d7f05f92e7e8cfcd1cbf5d6ad Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 22 Jan 2025 17:54:19 +0100 Subject: [PATCH 120/815] GitRepo::fetch(): Ignore $GIT_DIR Fixes #12325. (cherry picked from commit 41983dba8febc89a506d407ee9c597347bdd91b5) --- src/libfetchers/git-utils.cc | 2 +- tests/functional/common/vars.sh | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/src/libfetchers/git-utils.cc b/src/libfetchers/git-utils.cc index 3b15a85ceaf..6a75daf6124 100644 --- a/src/libfetchers/git-utils.cc +++ b/src/libfetchers/git-utils.cc @@ -545,7 +545,7 @@ struct GitRepoImpl : GitRepo, std::enable_shared_from_this // then use code that was removed in this commit (see blame) auto dir = this->path; - Strings gitArgs{"-C", dir.string(), "fetch", "--quiet", "--force"}; + Strings gitArgs{"-C", dir.string(), "--git-dir", ".", "fetch", "--quiet", "--force"}; if (shallow) append(gitArgs, {"--depth", "1"}); append(gitArgs, {std::string("--"), url, refspec}); diff --git a/tests/functional/common/vars.sh b/tests/functional/common/vars.sh index 4b88e852618..ed4b477278f 100644 --- a/tests/functional/common/vars.sh +++ b/tests/functional/common/vars.sh @@ -60,6 +60,7 @@ unset XDG_DATA_HOME unset XDG_CONFIG_HOME unset XDG_CONFIG_DIRS unset XDG_CACHE_HOME +unset GIT_DIR export IMPURE_VAR1=foo export IMPURE_VAR2=bar From 9cf3d3368e8de1083f11d9521e8331f80bcf2e98 Mon Sep 17 00:00:00 2001 From: Philipp Otterbein Date: Thu, 23 Jan 2025 02:18:27 +0100 Subject: [PATCH 121/815] libstore: fix progress bars (cherry picked from commit be97dc1efc4276e41ced2014c0a909a27f1fb848) --- src/libstore/remote-store.cc | 12 +++++++++++- src/libstore/store-api.cc | 14 ++++++-------- 2 files changed, 17 insertions(+), 9 deletions(-) diff --git a/src/libstore/remote-store.cc b/src/libstore/remote-store.cc index 6781e4743f6..b230079eb27 100644 --- a/src/libstore/remote-store.cc +++ b/src/libstore/remote-store.cc @@ -539,11 +539,21 @@ void RemoteStore::addMultipleToStore( RepairFlag repair, CheckSigsFlag checkSigs) { + // `addMultipleToStore` is single threaded + size_t bytesExpected = 0; + for (auto & [pathInfo, _] : pathsToCopy) { + bytesExpected += pathInfo.narSize; + } + act.setExpected(actCopyPath, bytesExpected); + auto source = sinkToSource([&](Sink & sink) { - sink << pathsToCopy.size(); + size_t nrTotal = pathsToCopy.size(); + sink << nrTotal; // Reverse, so we can release memory at the original start std::reverse(pathsToCopy.begin(), pathsToCopy.end()); while (!pathsToCopy.empty()) { + act.progress(nrTotal - pathsToCopy.size(), nrTotal, size_t(1), size_t(0)); + auto & [pathInfo, pathSource] = pathsToCopy.back(); WorkerProto::Serialise::write(*this, WorkerProto::WriteConn { diff --git a/src/libstore/store-api.cc b/src/libstore/store-api.cc index 6cd8e47f0ab..236622eae37 100644 --- a/src/libstore/store-api.cc +++ b/src/libstore/store-api.cc @@ -242,8 +242,8 @@ void Store::addMultipleToStore( storePathsToAdd.insert(thingToAdd.first.path); } - auto showProgress = [&]() { - act.progress(nrDone, pathsToCopy.size(), nrRunning, nrFailed); + auto showProgress = [&, nrTotal = pathsToCopy.size()]() { + act.progress(nrDone, nrTotal, nrRunning, nrFailed); }; processGraph( @@ -1104,9 +1104,6 @@ std::map copyPaths( return storePathForDst; }; - // total is accessed by each copy, which are each handled in separate threads - std::atomic total = 0; - for (auto & missingPath : sortedMissing) { auto info = srcStore.queryPathInfo(missingPath); @@ -1116,9 +1113,10 @@ std::map copyPaths( ValidPathInfo infoForDst = *info; infoForDst.path = storePathForDst; - auto source = sinkToSource([&](Sink & sink) { + auto source = sinkToSource([&, narSize = info->narSize](Sink & sink) { // We can reasonably assume that the copy will happen whenever we // read the path, so log something about that at that point + uint64_t total = 0; auto srcUri = srcStore.getUri(); auto dstUri = dstStore.getUri(); auto storePathS = srcStore.printStorePath(missingPath); @@ -1129,13 +1127,13 @@ std::map copyPaths( LambdaSink progressSink([&](std::string_view data) { total += data.size(); - act.progress(total, info->narSize); + act.progress(total, narSize); }); TeeSink tee { sink, progressSink }; srcStore.narFromPath(missingPath, tee); }); - pathsToCopy.push_back(std::pair{infoForDst, std::move(source)}); + pathsToCopy.emplace_back(std::move(infoForDst), std::move(source)); } dstStore.addMultipleToStore(std::move(pathsToCopy), act, repair, checkSigs); From 90159cb197de1e2f816be716f5af09d25e316c1d Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 24 Jan 2025 12:15:07 +0100 Subject: [PATCH 122/815] EvalState::resolveLookupPathPath(): Call resolveSymlinks() before pathExists() Fixes #12339. (cherry picked from commit 00d9e7e1f43e3051b793ce1c21f6e902386b93fe) --- src/libexpr/eval.cc | 2 +- tests/functional/restricted.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/libexpr/eval.cc b/src/libexpr/eval.cc index 345c09e7e9c..19ca1a3591e 100644 --- a/src/libexpr/eval.cc +++ b/src/libexpr/eval.cc @@ -3114,7 +3114,7 @@ std::optional EvalState::resolveLookupPathPath(const LookupPath::Pat } } - if (path.pathExists()) + if (path.resolveSymlinks().pathExists()) return finish(std::move(path)); else { logWarning({ diff --git a/tests/functional/restricted.sh b/tests/functional/restricted.sh index a92a9b8a3a2..00ee4ddc8c2 100755 --- a/tests/functional/restricted.sh +++ b/tests/functional/restricted.sh @@ -23,7 +23,7 @@ nix-instantiate --restrict-eval ./simple.nix -I src1=./simple.nix -I src2=./conf (! nix-instantiate --restrict-eval --eval -E 'builtins.readFile ./simple.nix') nix-instantiate --restrict-eval --eval -E 'builtins.readFile ./simple.nix' -I src=../.. -expectStderr 1 nix-instantiate --restrict-eval --eval -E 'let __nixPath = [ { prefix = "foo"; path = ./.; } ]; in builtins.readFile ' | grepQuiet "was not found in the Nix search path" +expectStderr 1 nix-instantiate --restrict-eval --eval -E 'let __nixPath = [ { prefix = "foo"; path = ./.; } ]; in builtins.readFile ' | grepQuiet "forbidden in restricted mode" nix-instantiate --restrict-eval --eval -E 'let __nixPath = [ { prefix = "foo"; path = ./.; } ]; in builtins.readFile ' -I src=. p=$(nix eval --raw --expr "builtins.fetchurl file://${_NIX_TEST_SOURCE_DIR}/restricted.sh" --impure --restrict-eval --allowed-uris "file://${_NIX_TEST_SOURCE_DIR}") From 6cb17fd8360535413ec40bac2909885baf2c2754 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 24 Jan 2025 16:20:43 +0100 Subject: [PATCH 123/815] Bump version --- .version | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.version b/.version index f34083e034a..ed1d6005085 100644 --- a/.version +++ b/.version @@ -1 +1 @@ -2.26.1 +2.26.2 From 32aed360b8cb5ea4d28d7bf1ecb8300b9ceb5c2b Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Fri, 24 Jan 2025 20:40:21 +0100 Subject: [PATCH 124/815] Format .nix files This does not include any automation for the release branch, but is based on the configuration of https://github.com/NixOS/nix/pull/12349 pre-commit run -a nixfmt-rfc-style --- default.nix | 19 +- doc/manual/generate-builtins.nix | 10 +- doc/manual/generate-manpage.nix | 152 +- doc/manual/generate-settings.nix | 116 +- doc/manual/generate-store-info.nix | 55 +- doc/manual/generate-store-types.nix | 28 +- doc/manual/generate-xp-features-shortlist.nix | 10 +- doc/manual/generate-xp-features.nix | 3 +- doc/manual/package.nix | 60 +- doc/manual/utils.nix | 44 +- docker.nix | 438 +++--- flake.nix | 420 ++++-- maintainers/flake-module.nix | 1311 +++++++++-------- packaging/components.nix | 12 +- packaging/dependencies.nix | 239 +-- packaging/dev-shell.nix | 254 ++-- packaging/everything.nix | 201 +-- packaging/hydra.nix | 211 +-- scripts/binary-tarball.nix | 16 +- scripts/installer.nix | 68 +- src/external-api-docs/package.nix | 20 +- src/internal-api-docs/package.nix | 44 +- src/libcmd/package.nix | 49 +- src/libexpr-c/package.nix | 13 +- src/libexpr-test-support/package.nix | 17 +- src/libexpr-tests/package.nix | 53 +- src/libexpr/call-flake.nix | 130 +- src/libexpr/fetchurl.nix | 96 +- src/libexpr/imported-drv-to-derivation.nix | 36 +- src/libexpr/package.nix | 66 +- src/libexpr/primops/derivation.nix | 31 +- src/libfetchers-tests/package.nix | 51 +- src/libfetchers/package.nix | 17 +- src/libflake-c/package.nix | 15 +- src/libflake-tests/package.nix | 55 +- src/libflake/package.nix | 19 +- src/libmain-c/package.nix | 17 +- src/libmain/package.nix | 15 +- src/libstore-c/package.nix | 13 +- src/libstore-test-support/package.nix | 17 +- src/libstore-tests/package.nix | 76 +- src/libstore/package.nix | 68 +- src/libutil-c/package.nix | 11 +- src/libutil-test-support/package.nix | 15 +- src/libutil-tests/package.nix | 51 +- src/libutil/package.nix | 28 +- src/nix-channel/unpack-channel.nix | 6 +- src/nix-env/buildenv.nix | 16 +- src/nix/package.nix | 126 +- src/perl/package.nix | 126 +- tests/functional/big-derivation-attr.nix | 21 +- tests/functional/build-hook-ca-fixed.nix | 68 +- tests/functional/build-hook.nix | 85 +- tests/functional/ca-shell.nix | 6 +- tests/functional/ca/content-addressed.nix | 26 +- tests/functional/ca/flake.nix | 2 +- tests/functional/ca/nondeterministic.nix | 33 +- tests/functional/ca/racy.nix | 1 - tests/functional/check-refs.nix | 29 +- tests/functional/check-reqs.nix | 42 +- tests/functional/check.nix | 51 +- tests/functional/dependencies.nix | 4 +- .../advanced-attributes-defaults.nix | 5 +- ...d-attributes-structured-attrs-defaults.nix | 10 +- .../advanced-attributes-structured-attrs.nix | 38 +- .../derivation/advanced-attributes.nix | 32 +- .../functional/dyn-drv/recursive-mod-json.nix | 4 +- tests/functional/export-graph.nix | 31 +- tests/functional/failing.nix | 33 +- tests/functional/filter-source.nix | 13 +- tests/functional/fixed.nix | 26 +- tests/functional/fod-failing.nix | 30 +- tests/functional/gc-concurrent.nix | 4 +- tests/functional/hash-check.nix | 20 +- tests/functional/hermetic.nix | 85 +- tests/functional/ifd.nix | 12 +- tests/functional/import-from-derivation.nix | 21 +- tests/functional/impure-derivations.nix | 64 +- .../lang-gc/issue-11141-gc-coroutine-test.nix | 94 +- ...vOutputDependencies-multi-elem-context.nix | 13 +- ...vOutputDependencies-wrong-element-kind.nix | 8 +- .../eval-fail-addErrorContext-example.nix | 14 +- .../eval-fail-assert-equal-attrs-names-2.nix | 8 +- .../eval-fail-assert-equal-attrs-names.nix | 8 +- ...al-fail-assert-equal-derivations-extra.nix | 17 +- .../eval-fail-assert-equal-derivations.nix | 18 +- ...eval-fail-assert-equal-function-direct.nix | 7 +- .../eval-fail-assert-equal-list-length.nix | 8 +- .../lang/eval-fail-assert-equal-paths.nix | 2 +- .../lang/eval-fail-assert-nested-bool.nix | 7 +- tests/functional/lang/eval-fail-assert.nix | 7 +- .../lang/eval-fail-attr-name-type.nix | 4 +- ...val-fail-attrset-merge-drops-later-rec.nix | 9 +- .../eval-fail-bad-string-interpolation-4.nix | 12 +- .../lang/eval-fail-dup-dynamic-attrs.nix | 8 +- .../lang/eval-fail-duplicate-traces.nix | 7 +- ...eval-fail-fetchurl-baseName-attrs-name.nix | 5 +- ...l-flake-ref-to-string-negative-integer.nix | 19 +- ...fail-foldlStrict-strict-op-application.nix | 8 +- .../lang/eval-fail-hashfile-missing.nix | 17 +- tests/functional/lang/eval-fail-list.nix | 2 +- .../functional/lang/eval-fail-missing-arg.nix | 13 +- .../lang/eval-fail-mutual-recursion.nix | 30 +- .../lang/eval-fail-nested-list-items.nix | 25 +- .../functional/lang/eval-fail-not-throws.nix | 2 +- .../lang/eval-fail-overflowing-add.nix | 3 +- .../lang/eval-fail-overflowing-div.nix | 3 +- .../lang/eval-fail-overflowing-mul.nix | 3 +- .../lang/eval-fail-overflowing-sub.nix | 3 +- tests/functional/lang/eval-fail-recursion.nix | 5 +- tests/functional/lang/eval-fail-remove.nix | 9 +- tests/functional/lang/eval-fail-scope-5.nix | 11 +- .../lang/eval-fail-undeclared-arg.nix | 6 +- .../lang/eval-fail-using-set-as-attr-name.nix | 8 +- tests/functional/lang/eval-okay-any-all.nix | 39 +- .../functional/lang/eval-okay-arithmetic.nix | 91 +- tests/functional/lang/eval-okay-attrnames.nix | 15 +- tests/functional/lang/eval-okay-attrs.nix | 19 +- tests/functional/lang/eval-okay-attrs2.nix | 21 +- tests/functional/lang/eval-okay-attrs3.nix | 34 +- tests/functional/lang/eval-okay-attrs4.nix | 17 +- tests/functional/lang/eval-okay-attrs6.nix | 4 +- tests/functional/lang/eval-okay-autoargs.nix | 15 +- .../lang/eval-okay-builtins-add.nix | 12 +- tests/functional/lang/eval-okay-builtins.nix | 2 +- .../lang/eval-okay-callable-attrs.nix | 11 +- tests/functional/lang/eval-okay-catattrs.nix | 6 +- tests/functional/lang/eval-okay-closure.nix | 24 +- tests/functional/lang/eval-okay-concat.nix | 16 +- tests/functional/lang/eval-okay-concatmap.nix | 8 +- .../lang/eval-okay-concatstringssep.nix | 19 +- .../lang/eval-okay-context-introspection.nix | 39 +- tests/functional/lang/eval-okay-context.nix | 11 +- .../functional/lang/eval-okay-convertHash.nix | 130 +- tests/functional/lang/eval-okay-deepseq.nix | 10 +- .../lang/eval-okay-delayed-with-inherit.nix | 13 +- .../lang/eval-okay-delayed-with.nix | 20 +- .../lang/eval-okay-dynamic-attrs-2.nix | 6 +- .../lang/eval-okay-dynamic-attrs-bare.nix | 17 +- .../lang/eval-okay-dynamic-attrs.nix | 17 +- tests/functional/lang/eval-okay-elem.nix | 11 +- .../functional/lang/eval-okay-empty-args.nix | 5 +- .../lang/eval-okay-eq-derivations.nix | 44 +- tests/functional/lang/eval-okay-eq.nix | 16 +- tests/functional/lang/eval-okay-filter.nix | 9 +- .../lang/eval-okay-flake-ref-to-string.nix | 8 +- tests/functional/lang/eval-okay-flatten.nix | 14 +- .../functional/lang/eval-okay-floor-ceil.nix | 9 +- .../eval-okay-foldlStrict-lazy-elements.nix | 5 +- ...y-foldlStrict-lazy-initial-accumulator.nix | 8 +- .../lang/eval-okay-fromjson-escapes.nix | 3 +- tests/functional/lang/eval-okay-fromjson.nix | 94 +- .../lang/eval-okay-functionargs.nix | 140 +- .../eval-okay-getattrpos-functionargs.nix | 8 +- .../functional/lang/eval-okay-getattrpos.nix | 6 +- tests/functional/lang/eval-okay-groupBy.nix | 6 +- tests/functional/lang/eval-okay-hashfile.nix | 14 +- .../functional/lang/eval-okay-hashstring.nix | 15 +- tests/functional/lang/eval-okay-if.nix | 7 +- tests/functional/lang/eval-okay-import.nix | 3 +- .../lang/eval-okay-inherit-attr-pos.nix | 12 +- .../lang/eval-okay-inherit-from.nix | 21 +- .../lang/eval-okay-intersectAttrs.nix | 45 +- tests/functional/lang/eval-okay-list.nix | 11 +- .../functional/lang/eval-okay-listtoattrs.nix | 27 +- tests/functional/lang/eval-okay-logic.nix | 3 +- tests/functional/lang/eval-okay-map.nix | 8 +- tests/functional/lang/eval-okay-mapattrs.nix | 5 +- .../lang/eval-okay-merge-dynamic-attrs.nix | 16 +- .../functional/lang/eval-okay-nested-with.nix | 4 +- tests/functional/lang/eval-okay-new-let.nix | 8 +- .../lang/eval-okay-null-dynamic-attrs.nix | 2 +- tests/functional/lang/eval-okay-overrides.nix | 8 +- .../lang/eval-okay-parse-flake-ref.nix | 2 +- tests/functional/lang/eval-okay-partition.nix | 9 +- tests/functional/lang/eval-okay-path.nix | 26 +- tests/functional/lang/eval-okay-patterns.nix | 61 +- tests/functional/lang/eval-okay-print.nix | 16 +- .../lang/eval-okay-readFileType.nix | 6 +- .../lang/eval-okay-redefine-builtin.nix | 3 +- .../functional/lang/eval-okay-regex-match.nix | 30 +- .../functional/lang/eval-okay-regex-split.nix | 213 ++- .../lang/eval-okay-regression-20220125.nix | 1 - ...val-okay-regrettable-rec-attrset-merge.nix | 9 +- tests/functional/lang/eval-okay-remove.nix | 9 +- .../lang/eval-okay-repeated-empty-attrs.nix | 5 +- .../lang/eval-okay-repeated-empty-list.nix | 5 +- .../lang/eval-okay-replacestrings.nix | 19 +- tests/functional/lang/eval-okay-scope-1.nix | 17 +- tests/functional/lang/eval-okay-scope-2.nix | 18 +- tests/functional/lang/eval-okay-scope-3.nix | 19 +- tests/functional/lang/eval-okay-scope-4.nix | 11 +- tests/functional/lang/eval-okay-scope-6.nix | 9 +- tests/functional/lang/eval-okay-scope-7.nix | 3 +- .../functional/lang/eval-okay-search-path.nix | 15 +- tests/functional/lang/eval-okay-sort.nix | 62 +- tests/functional/lang/eval-okay-string.nix | 21 +- .../lang/eval-okay-strings-as-attrs-names.nix | 6 +- .../lang/eval-okay-substring-context.nix | 13 +- .../functional/lang/eval-okay-tail-call-1.nix | 3 +- tests/functional/lang/eval-okay-tojson.nix | 39 +- tests/functional/lang/eval-okay-toxml2.nix | 9 +- tests/functional/lang/eval-okay-tryeval.nix | 5 +- tests/functional/lang/eval-okay-types.nix | 9 +- tests/functional/lang/eval-okay-versions.nix | 14 +- tests/functional/lang/eval-okay-xml.nix | 27 +- .../lang/eval-okay-zipAttrsWith.nix | 7 +- tests/functional/lang/lib.nix | 84 +- tests/functional/linux-sandbox-cert-test.nix | 11 +- tests/functional/multiple-outputs.nix | 153 +- tests/functional/nar-access.nix | 35 +- tests/functional/nested-sandboxing/runner.nix | 41 +- tests/functional/package.nix | 181 +-- tests/functional/parallel.nix | 38 +- tests/functional/path.nix | 16 +- tests/functional/readfile-context.nix | 3 +- tests/functional/recursive.nix | 8 +- .../functional/repl/doc-comment-function.nix | 7 +- tests/functional/repl/doc-comments.nix | 97 +- tests/functional/repl/doc-functor.nix | 45 +- tests/functional/secure-drv-outputs.nix | 18 +- tests/functional/shell-hello.nix | 90 +- tests/functional/shell.nix | 192 +-- tests/functional/simple-failing.nix | 9 +- tests/functional/structured-attrs-shell.nix | 11 +- tests/functional/structured-attrs.nix | 21 +- tests/functional/undefined-variable.nix | 5 +- tests/functional/user-envs.nix | 57 +- tests/installer/default.nix | 63 +- tests/nixos/authorization.nix | 145 +- tests/nixos/ca-fd-leak/default.nix | 90 +- tests/nixos/cgroups/default.nix | 67 +- tests/nixos/cgroups/hang.nix | 5 +- tests/nixos/chroot-store.nix | 52 +- tests/nixos/containers/containers.nix | 117 +- tests/nixos/containers/id-test.nix | 14 +- tests/nixos/containers/systemd-nspawn.nix | 16 +- tests/nixos/default.nix | 137 +- tests/nixos/fetch-git/default.nix | 31 +- .../test-cases/http-auth/default.nix | 3 +- .../test-cases/http-simple/default.nix | 3 +- .../test-cases/ssh-simple/default.nix | 3 +- .../fetch-git/testsupport/gitea-repo.nix | 34 +- tests/nixos/fetch-git/testsupport/gitea.nix | 72 +- tests/nixos/fetch-git/testsupport/setup.nix | 77 +- tests/nixos/fetchurl.nix | 85 +- tests/nixos/fsync.nix | 60 +- tests/nixos/functional/as-trusted-user.nix | 6 +- tests/nixos/functional/as-user.nix | 4 +- tests/nixos/functional/common.nix | 98 +- tests/nixos/functional/symlinked-home.nix | 4 +- tests/nixos/git-submodules.nix | 114 +- tests/nixos/github-flakes.nix | 350 +++-- tests/nixos/gzip-content-encoding.nix | 59 +- tests/nixos/nix-copy-closure.nix | 159 +- tests/nixos/nix-copy.nix | 210 +-- tests/nixos/nix-docker.nix | 86 +- tests/nixos/nss-preload.nix | 181 ++- tests/nixos/remote-builds-ssh-ng.nix | 183 +-- tests/nixos/remote-builds.nix | 221 +-- tests/nixos/s3-binary-cache-store.nix | 119 +- tests/nixos/setuid.nix | 234 +-- tests/nixos/sourcehut-flakes.nix | 167 ++- tests/nixos/tarball-flakes.nix | 156 +- tests/nixos/user-sandboxing/default.nix | 152 +- tests/repl-completion.nix | 73 +- 266 files changed, 7606 insertions(+), 5281 deletions(-) diff --git a/default.nix b/default.nix index 2cccff28d51..6466507b714 100644 --- a/default.nix +++ b/default.nix @@ -1,10 +1,9 @@ -(import - ( - let lock = builtins.fromJSON (builtins.readFile ./flake.lock); in - fetchTarball { - url = "https://github.com/edolstra/flake-compat/archive/${lock.nodes.flake-compat.locked.rev}.tar.gz"; - sha256 = lock.nodes.flake-compat.locked.narHash; - } - ) - { src = ./.; } -).defaultNix +(import ( + let + lock = builtins.fromJSON (builtins.readFile ./flake.lock); + in + fetchTarball { + url = "https://github.com/edolstra/flake-compat/archive/${lock.nodes.flake-compat.locked.rev}.tar.gz"; + sha256 = lock.nodes.flake-compat.locked.narHash; + } +) { src = ./.; }).defaultNix diff --git a/doc/manual/generate-builtins.nix b/doc/manual/generate-builtins.nix index 37ed12a4330..3649560f7c6 100644 --- a/doc/manual/generate-builtins.nix +++ b/doc/manual/generate-builtins.nix @@ -5,7 +5,15 @@ in builtinsInfo: let - showBuiltin = name: { doc, type ? null, args ? [ ], experimental-feature ? null, impure-only ? false }: + showBuiltin = + name: + { + doc, + type ? null, + args ? [ ], + experimental-feature ? null, + impure-only ? false, + }: let type' = optionalString (type != null) " (${type})"; diff --git a/doc/manual/generate-manpage.nix b/doc/manual/generate-manpage.nix index 791bfd2c756..31e74e17d26 100644 --- a/doc/manual/generate-manpage.nix +++ b/doc/manual/generate-manpage.nix @@ -32,7 +32,13 @@ let commandInfo = fromJSON commandDump; - showCommand = { command, details, filename, toplevel }: + showCommand = + { + command, + details, + filename, + toplevel, + }: let result = '' @@ -56,26 +62,27 @@ let ${maybeOptions} ''; - showSynopsis = command: args: + showSynopsis = + command: args: let - showArgument = arg: "*${arg.label}*" + optionalString (! arg ? arity) "..."; + showArgument = arg: "*${arg.label}*" + optionalString (!arg ? arity) "..."; arguments = concatStringsSep " " (map showArgument args); - in '' + in + '' `${command}` [*option*...] ${arguments} ''; - maybeSubcommands = optionalString (details ? commands && details.commands != {}) - '' - where *subcommand* is one of the following: + maybeSubcommands = optionalString (details ? commands && details.commands != { }) '' + where *subcommand* is one of the following: - ${subcommands} - ''; + ${subcommands} + ''; - subcommands = if length categories > 1 - then listCategories - else listSubcommands details.commands; + subcommands = if length categories > 1 then listCategories else listSubcommands details.commands; - categories = sort (x: y: x.id < y.id) (unique (map (cmd: cmd.category) (attrValues details.commands))); + categories = sort (x: y: x.id < y.id) ( + unique (map (cmd: cmd.category) (attrValues details.commands)) + ); listCategories = concatStrings (map showCategory categories); @@ -99,38 +106,39 @@ let ${allStores} ''; - index = replaceStrings - [ "@store-types@" "./local-store.md" "./local-daemon-store.md" ] - [ storesOverview "#local-store" "#local-daemon-store" ] - details.doc; + index = + replaceStrings + [ "@store-types@" "./local-store.md" "./local-daemon-store.md" ] + [ storesOverview "#local-store" "#local-daemon-store" ] + details.doc; storesOverview = let - showEntry = store: - "- [${store.name}](#${store.slug})"; + showEntry = store: "- [${store.name}](#${store.slug})"; in concatStringsSep "\n" (map showEntry storesList) + "\n"; allStores = concatStringsSep "\n" (attrValues storePages); - storePages = listToAttrs - (map (s: { name = s.filename; value = s.page; }) storesList); + storePages = listToAttrs ( + map (s: { + name = s.filename; + value = s.page; + }) storesList + ); storesList = showStoreDocs { storeInfo = commandInfo.stores; inherit inlineHTML; }; - hasInfix = infix: content: + hasInfix = + infix: content: builtins.stringLength content != builtins.stringLength (replaceStrings [ infix ] [ "" ] content); in optionalString (details ? doc) ( # An alternate implementation with builtins.match stack overflowed on some systems. - if hasInfix "@store-types@" details.doc - then help-stores - else details.doc + if hasInfix "@store-types@" details.doc then help-stores else details.doc ); maybeOptions = let - allVisibleOptions = filterAttrs - (_: o: ! o.hiddenCategory) - (details.flags // toplevel.flags); + allVisibleOptions = filterAttrs (_: o: !o.hiddenCategory) (details.flags // toplevel.flags); in optionalString (allVisibleOptions != { }) '' # Options @@ -142,55 +150,73 @@ let > See [`man nix.conf`](@docroot@/command-ref/conf-file.md#command-line-flags) for overriding configuration settings with command line flags. ''; - showOptions = inlineHTML: allOptions: + showOptions = + inlineHTML: allOptions: let showCategory = cat: opts: '' ${optionalString (cat != "") "## ${cat}"} ${concatStringsSep "\n" (attrValues (mapAttrs showOption opts))} ''; - showOption = name: option: + showOption = + name: option: let result = trim '' - ${item} ${option.description} ''; - item = if inlineHTML - then ''[`--${name}`](#opt-${name}) ${shortName} ${labels}'' - else "`--${name}` ${shortName} ${labels}"; - shortName = optionalString - (option ? shortName) - ("/ `-${option.shortName}`"); - labels = optionalString - (option ? labels) - (concatStringsSep " " (map (s: "*${s}*") option.labels)); - in result; - categories = mapAttrs - # Convert each group from a list of key-value pairs back to an attrset - (_: listToAttrs) - (groupBy - (cmd: cmd.value.category) - (attrsToList allOptions)); - in concatStrings (attrValues (mapAttrs showCategory categories)); - in squash result; + item = + if inlineHTML then + ''[`--${name}`](#opt-${name}) ${shortName} ${labels}'' + else + "`--${name}` ${shortName} ${labels}"; + shortName = optionalString (option ? shortName) ("/ `-${option.shortName}`"); + labels = optionalString (option ? labels) (concatStringsSep " " (map (s: "*${s}*") option.labels)); + in + result; + categories = + mapAttrs + # Convert each group from a list of key-value pairs back to an attrset + (_: listToAttrs) + (groupBy (cmd: cmd.value.category) (attrsToList allOptions)); + in + concatStrings (attrValues (mapAttrs showCategory categories)); + in + squash result; appendName = filename: name: (if filename == "nix" then "nix3" else filename) + "-" + name; - processCommand = { command, details, filename, toplevel }: + processCommand = + { + command, + details, + filename, + toplevel, + }: let cmd = { inherit command; name = filename + ".md"; - value = showCommand { inherit command details filename toplevel; }; - }; - subcommand = subCmd: processCommand { - command = command + " " + subCmd; - details = details.commands.${subCmd}; - filename = appendName filename subCmd; - inherit toplevel; + value = showCommand { + inherit + command + details + filename + toplevel + ; + }; }; - in [ cmd ] ++ concatMap subcommand (attrNames details.commands or {}); + subcommand = + subCmd: + processCommand { + command = command + " " + subCmd; + details = details.commands.${subCmd}; + filename = appendName filename subCmd; + inherit toplevel; + }; + in + [ cmd ] ++ concatMap subcommand (attrNames details.commands or { }); manpages = processCommand { command = "nix"; @@ -199,9 +225,11 @@ let toplevel = commandInfo.args; }; - tableOfContents = let - showEntry = page: - " - [${page.command}](command-ref/new-cli/${page.name})"; - in concatStringsSep "\n" (map showEntry manpages) + "\n"; + tableOfContents = + let + showEntry = page: " - [${page.command}](command-ref/new-cli/${page.name})"; + in + concatStringsSep "\n" (map showEntry manpages) + "\n"; -in (listToAttrs manpages) // { "SUMMARY.md" = tableOfContents; } +in +(listToAttrs manpages) // { "SUMMARY.md" = tableOfContents; } diff --git a/doc/manual/generate-settings.nix b/doc/manual/generate-settings.nix index 93a8e093e48..35ae73e5d1f 100644 --- a/doc/manual/generate-settings.nix +++ b/doc/manual/generate-settings.nix @@ -1,67 +1,99 @@ let - inherit (builtins) attrValues concatStringsSep isAttrs isBool mapAttrs; - inherit (import ) concatStrings indent optionalString squash; + inherit (builtins) + attrValues + concatStringsSep + isAttrs + isBool + mapAttrs + ; + inherit (import ) + concatStrings + indent + optionalString + squash + ; in # `inlineHTML` is a hack to accommodate inconsistent output from `lowdown` -{ prefix, inlineHTML ? true }: settingsInfo: +{ + prefix, + inlineHTML ? true, +}: +settingsInfo: let - showSetting = prefix: setting: { description, documentDefault, defaultValue, aliases, value, experimentalFeature }: + showSetting = + prefix: setting: + { + description, + documentDefault, + defaultValue, + aliases, + value, + experimentalFeature, + }: let result = squash '' - - ${item} + - ${item} - ${indent " " body} - ''; - item = if inlineHTML - then ''[`${setting}`](#${prefix}-${setting})'' - else "`${setting}`"; + ${indent " " body} + ''; + item = + if inlineHTML then + ''[`${setting}`](#${prefix}-${setting})'' + else + "`${setting}`"; # separate body to cleanly handle indentation body = '' - ${experimentalFeatureNote} + ${experimentalFeatureNote} - ${description} + ${description} - **Default:** ${showDefault documentDefault defaultValue} + **Default:** ${showDefault documentDefault defaultValue} - ${showAliases aliases} - ''; + ${showAliases aliases} + ''; experimentalFeatureNote = optionalString (experimentalFeature != null) '' - > **Warning** - > - > This setting is part of an - > [experimental feature](@docroot@/development/experimental-features.md). - > - > To change this setting, make sure the - > [`${experimentalFeature}` experimental feature](@docroot@/development/experimental-features.md#xp-feature-${experimentalFeature}) - > is enabled. - > For example, include the following in [`nix.conf`](@docroot@/command-ref/conf-file.md): - > - > ``` - > extra-experimental-features = ${experimentalFeature} - > ${setting} = ... - > ``` - ''; + > **Warning** + > + > This setting is part of an + > [experimental feature](@docroot@/development/experimental-features.md). + > + > To change this setting, make sure the + > [`${experimentalFeature}` experimental feature](@docroot@/development/experimental-features.md#xp-feature-${experimentalFeature}) + > is enabled. + > For example, include the following in [`nix.conf`](@docroot@/command-ref/conf-file.md): + > + > ``` + > extra-experimental-features = ${experimentalFeature} + > ${setting} = ... + > ``` + ''; - showDefault = documentDefault: defaultValue: + showDefault = + documentDefault: defaultValue: if documentDefault then # a StringMap value type is specified as a string, but # this shows the value type. The empty stringmap is `null` in # JSON, but that converts to `{ }` here. - if defaultValue == "" || defaultValue == [] || isAttrs defaultValue - then "*empty*" - else if isBool defaultValue then - if defaultValue then "`true`" else "`false`" - else "`${toString defaultValue}`" - else "*machine-specific*"; + if defaultValue == "" || defaultValue == [ ] || isAttrs defaultValue then + "*empty*" + else if isBool defaultValue then + if defaultValue then "`true`" else "`false`" + else + "`${toString defaultValue}`" + else + "*machine-specific*"; - showAliases = aliases: - optionalString (aliases != []) - "**Deprecated alias:** ${(concatStringsSep ", " (map (s: "`${s}`") aliases))}"; + showAliases = + aliases: + optionalString (aliases != [ ]) + "**Deprecated alias:** ${(concatStringsSep ", " (map (s: "`${s}`") aliases))}"; - in result; + in + result; -in concatStrings (attrValues (mapAttrs (showSetting prefix) settingsInfo)) +in +concatStrings (attrValues (mapAttrs (showSetting prefix) settingsInfo)) diff --git a/doc/manual/generate-store-info.nix b/doc/manual/generate-store-info.nix index cc370412414..e8b7377dafd 100644 --- a/doc/manual/generate-store-info.nix +++ b/doc/manual/generate-store-info.nix @@ -1,6 +1,20 @@ let - inherit (builtins) attrNames listToAttrs concatStringsSep readFile replaceStrings; - inherit (import ) optionalString filterAttrs trim squash toLower unique indent; + inherit (builtins) + attrNames + listToAttrs + concatStringsSep + readFile + replaceStrings + ; + inherit (import ) + optionalString + filterAttrs + trim + squash + toLower + unique + indent + ; showSettings = import ; in @@ -14,7 +28,13 @@ in let - showStore = { name, slug }: { settings, doc, experimentalFeature }: + showStore = + { name, slug }: + { + settings, + doc, + experimentalFeature, + }: let result = squash '' # ${name} @@ -25,7 +45,10 @@ let ## Settings - ${showSettings { prefix = "store-${slug}"; inherit inlineHTML; } settings} + ${showSettings { + prefix = "store-${slug}"; + inherit inlineHTML; + } settings} ''; experimentalFeatureNote = optionalString (experimentalFeature != null) '' @@ -43,15 +66,15 @@ let > extra-experimental-features = ${experimentalFeature} > ``` ''; - in result; - - storesList = map - (name: rec { - inherit name; - slug = replaceStrings [ " " ] [ "-" ] (toLower name); - filename = "${slug}.md"; - page = showStore { inherit name slug; } storeInfo.${name}; - }) - (attrNames storeInfo); - -in storesList + in + result; + + storesList = map (name: rec { + inherit name; + slug = replaceStrings [ " " ] [ "-" ] (toLower name); + filename = "${slug}.md"; + page = showStore { inherit name slug; } storeInfo.${name}; + }) (attrNames storeInfo); + +in +storesList diff --git a/doc/manual/generate-store-types.nix b/doc/manual/generate-store-types.nix index 46179abc5bf..a03d3d6216e 100644 --- a/doc/manual/generate-store-types.nix +++ b/doc/manual/generate-store-types.nix @@ -1,5 +1,11 @@ let - inherit (builtins) attrNames listToAttrs concatStringsSep readFile replaceStrings; + inherit (builtins) + attrNames + listToAttrs + concatStringsSep + readFile + replaceStrings + ; showSettings = import ; showStoreDocs = import ; in @@ -14,26 +20,28 @@ let index = let - showEntry = store: - "- [${store.name}](./${store.filename})"; + showEntry = store: "- [${store.name}](./${store.filename})"; in concatStringsSep "\n" (map showEntry storesList); - "index.md" = replaceStrings - [ "@store-types@" ] [ index ] - (readFile ./source/store/types/index.md.in); + "index.md" = + replaceStrings [ "@store-types@" ] [ index ] + (readFile ./source/store/types/index.md.in); tableOfContents = let - showEntry = store: - " - [${store.name}](store/types/${store.filename})"; + showEntry = store: " - [${store.name}](store/types/${store.filename})"; in concatStringsSep "\n" (map showEntry storesList) + "\n"; "SUMMARY.md" = tableOfContents; - storePages = listToAttrs - (map (s: { name = s.filename; value = s.page; }) storesList); + storePages = listToAttrs ( + map (s: { + name = s.filename; + value = s.page; + }) storesList + ); in storePages // { inherit "index.md" "SUMMARY.md"; } diff --git a/doc/manual/generate-xp-features-shortlist.nix b/doc/manual/generate-xp-features-shortlist.nix index eb735ba5f7a..1520fc2f815 100644 --- a/doc/manual/generate-xp-features-shortlist.nix +++ b/doc/manual/generate-xp-features-shortlist.nix @@ -2,8 +2,8 @@ with builtins; with import ; let - showExperimentalFeature = name: doc: - '' - - [`${name}`](@docroot@/development/experimental-features.md#xp-feature-${name}) - ''; -in xps: indent " " (concatStrings (attrValues (mapAttrs showExperimentalFeature xps))) + showExperimentalFeature = name: doc: '' + - [`${name}`](@docroot@/development/experimental-features.md#xp-feature-${name}) + ''; +in +xps: indent " " (concatStrings (attrValues (mapAttrs showExperimentalFeature xps))) diff --git a/doc/manual/generate-xp-features.nix b/doc/manual/generate-xp-features.nix index 0eec0e1da23..468d253bafd 100644 --- a/doc/manual/generate-xp-features.nix +++ b/doc/manual/generate-xp-features.nix @@ -2,7 +2,8 @@ with builtins; with import ; let - showExperimentalFeature = name: doc: + showExperimentalFeature = + name: doc: squash '' ## [`${name}`]{#xp-feature-${name}} diff --git a/doc/manual/package.nix b/doc/manual/package.nix index f8133f2e1dd..8f5d0dfe137 100644 --- a/doc/manual/package.nix +++ b/doc/manual/package.nix @@ -1,19 +1,20 @@ -{ lib -, mkMesonDerivation +{ + lib, + mkMesonDerivation, -, meson -, ninja -, lowdown-unsandboxed -, mdbook -, mdbook-linkcheck -, jq -, python3 -, rsync -, nix-cli + meson, + ninja, + lowdown-unsandboxed, + mdbook, + mdbook-linkcheck, + jq, + python3, + rsync, + nix-cli, -# Configuration Options + # Configuration Options -, version + version, }: let @@ -25,18 +26,22 @@ mkMesonDerivation (finalAttrs: { inherit version; workDir = ./.; - fileset = fileset.difference - (fileset.unions [ - ../../.version - # Too many different types of files to filter for now - ../../doc/manual - ./. - ]) - # Do a blacklist instead - ../../doc/manual/package.nix; + fileset = + fileset.difference + (fileset.unions [ + ../../.version + # Too many different types of files to filter for now + ../../doc/manual + ./. + ]) + # Do a blacklist instead + ../../doc/manual/package.nix; # TODO the man pages should probably be separate - outputs = [ "out" "man" ]; + outputs = [ + "out" + "man" + ]; # Hack for sake of the dev shell passthru.externalNativeBuildInputs = [ @@ -54,11 +59,10 @@ mkMesonDerivation (finalAttrs: { nix-cli ]; - preConfigure = - '' - chmod u+w ./.version - echo ${finalAttrs.version} > ./.version - ''; + preConfigure = '' + chmod u+w ./.version + echo ${finalAttrs.version} > ./.version + ''; postInstall = '' mkdir -p ''$out/nix-support diff --git a/doc/manual/utils.nix b/doc/manual/utils.nix index 19ff49b64d9..db3a0e67a83 100644 --- a/doc/manual/utils.nix +++ b/doc/manual/utils.nix @@ -11,10 +11,15 @@ rec { concatStrings = concatStringsSep ""; - attrsToList = a: - map (name: { inherit name; value = a.${name}; }) (builtins.attrNames a); + attrsToList = + a: + map (name: { + inherit name; + value = a.${name}; + }) (builtins.attrNames a); - replaceStringsRec = from: to: string: + replaceStringsRec = + from: to: string: # recursively replace occurrences of `from` with `to` within `string` # example: # replaceStringRec "--" "-" "hello-----world" @@ -22,16 +27,18 @@ rec { let replaced = replaceStrings [ from ] [ to ] string; in - if replaced == string then string else replaceStringsRec from to replaced; + if replaced == string then string else replaceStringsRec from to replaced; toLower = replaceStrings upperChars lowerChars; squash = replaceStringsRec "\n\n\n" "\n\n"; - trim = string: + trim = + string: # trim trailing spaces and squash non-leading spaces let - trimLine = line: + trimLine = + line: let # separate leading spaces from the rest parts = split "(^ *)" line; @@ -39,19 +46,30 @@ rec { rest = elemAt parts 2; # drop trailing spaces body = head (split " *$" rest); - in spaces + replaceStringsRec " " " " body; - in concatStringsSep "\n" (map trimLine (splitLines string)); + in + spaces + replaceStringsRec " " " " body; + in + concatStringsSep "\n" (map trimLine (splitLines string)); # FIXME: O(n^2) - unique = foldl' (acc: e: if elem e acc then acc else acc ++ [ e ]) []; + unique = foldl' (acc: e: if elem e acc then acc else acc ++ [ e ]) [ ]; nameValuePair = name: value: { inherit name value; }; - filterAttrs = pred: set: - listToAttrs (concatMap (name: let v = set.${name}; in if pred name v then [(nameValuePair name v)] else []) (attrNames set)); + filterAttrs = + pred: set: + listToAttrs ( + concatMap ( + name: + let + v = set.${name}; + in + if pred name v then [ (nameValuePair name v) ] else [ ] + ) (attrNames set) + ); optionalString = cond: string: if cond then string else ""; - indent = prefix: s: - concatStringsSep "\n" (map (x: if x == "" then x else "${prefix}${x}") (splitLines s)); + indent = + prefix: s: concatStringsSep "\n" (map (x: if x == "" then x else "${prefix}${x}") (splitLines s)); } diff --git a/docker.nix b/docker.nix index e2e9da72831..d52c317d6b1 100644 --- a/docker.nix +++ b/docker.nix @@ -1,112 +1,113 @@ -{ pkgs ? import { } -, lib ? pkgs.lib -, name ? "nix" -, tag ? "latest" -, bundleNixpkgs ? true -, channelName ? "nixpkgs" -, channelURL ? "https://nixos.org/channels/nixpkgs-unstable" -, extraPkgs ? [] -, maxLayers ? 100 -, nixConf ? {} -, flake-registry ? null -, uid ? 0 -, gid ? 0 -, uname ? "root" -, gname ? "root" +{ + pkgs ? import { }, + lib ? pkgs.lib, + name ? "nix", + tag ? "latest", + bundleNixpkgs ? true, + channelName ? "nixpkgs", + channelURL ? "https://nixos.org/channels/nixpkgs-unstable", + extraPkgs ? [ ], + maxLayers ? 100, + nixConf ? { }, + flake-registry ? null, + uid ? 0, + gid ? 0, + uname ? "root", + gname ? "root", }: let - defaultPkgs = with pkgs; [ - nix - bashInteractive - coreutils-full - gnutar - gzip - gnugrep - which - curl - less - wget - man - cacert.out - findutils - iana-etc - git - openssh - ] ++ extraPkgs; - - users = { - - root = { - uid = 0; - shell = "${pkgs.bashInteractive}/bin/bash"; - home = "/root"; - gid = 0; - groups = [ "root" ]; - description = "System administrator"; - }; + defaultPkgs = + with pkgs; + [ + nix + bashInteractive + coreutils-full + gnutar + gzip + gnugrep + which + curl + less + wget + man + cacert.out + findutils + iana-etc + git + openssh + ] + ++ extraPkgs; + + users = + { + + root = { + uid = 0; + shell = "${pkgs.bashInteractive}/bin/bash"; + home = "/root"; + gid = 0; + groups = [ "root" ]; + description = "System administrator"; + }; - nobody = { - uid = 65534; - shell = "${pkgs.shadow}/bin/nologin"; - home = "/var/empty"; - gid = 65534; - groups = [ "nobody" ]; - description = "Unprivileged account (don't use!)"; - }; + nobody = { + uid = 65534; + shell = "${pkgs.shadow}/bin/nologin"; + home = "/var/empty"; + gid = 65534; + groups = [ "nobody" ]; + description = "Unprivileged account (don't use!)"; + }; - } // lib.optionalAttrs (uid != 0) { - "${uname}" = { - uid = uid; - shell = "${pkgs.bashInteractive}/bin/bash"; - home = "/home/${uname}"; - gid = gid; - groups = [ "${gname}" ]; - description = "Nix user"; + } + // lib.optionalAttrs (uid != 0) { + "${uname}" = { + uid = uid; + shell = "${pkgs.bashInteractive}/bin/bash"; + home = "/home/${uname}"; + gid = gid; + groups = [ "${gname}" ]; + description = "Nix user"; + }; + } + // lib.listToAttrs ( + map (n: { + name = "nixbld${toString n}"; + value = { + uid = 30000 + n; + gid = 30000; + groups = [ "nixbld" ]; + description = "Nix build user ${toString n}"; + }; + }) (lib.lists.range 1 32) + ); + + groups = + { + root.gid = 0; + nixbld.gid = 30000; + nobody.gid = 65534; + } + // lib.optionalAttrs (gid != 0) { + "${gname}".gid = gid; }; - } // lib.listToAttrs ( - map - ( - n: { - name = "nixbld${toString n}"; - value = { - uid = 30000 + n; - gid = 30000; - groups = [ "nixbld" ]; - description = "Nix build user ${toString n}"; - }; - } - ) - (lib.lists.range 1 32) - ); - - groups = { - root.gid = 0; - nixbld.gid = 30000; - nobody.gid = 65534; - } // lib.optionalAttrs (gid != 0) { - "${gname}".gid = gid; - }; userToPasswd = ( k: - { uid - , gid ? 65534 - , home ? "/var/empty" - , description ? "" - , shell ? "/bin/false" - , groups ? [ ] - }: "${k}:x:${toString uid}:${toString gid}:${description}:${home}:${shell}" - ); - passwdContents = ( - lib.concatStringsSep "\n" - (lib.attrValues (lib.mapAttrs userToPasswd users)) + { + uid, + gid ? 65534, + home ? "/var/empty", + description ? "", + shell ? "/bin/false", + groups ? [ ], + }: + "${k}:x:${toString uid}:${toString gid}:${description}:${home}:${shell}" ); + passwdContents = (lib.concatStringsSep "\n" (lib.attrValues (lib.mapAttrs userToPasswd users))); userToShadow = k: { ... }: "${k}:!:1::::::"; - shadowContents = ( - lib.concatStringsSep "\n" - (lib.attrValues (lib.mapAttrs userToShadow users)) - ); + shadowContents = (lib.concatStringsSep "\n" (lib.attrValues (lib.mapAttrs userToShadow users))); # Map groups to members # { @@ -116,42 +117,35 @@ let let # Create a flat list of user/group mappings mappings = ( - builtins.foldl' - ( - acc: user: - let - groups = users.${user}.groups or [ ]; - in - acc ++ map - (group: { - inherit user group; - }) - groups - ) - [ ] - (lib.attrNames users) + builtins.foldl' ( + acc: user: + let + groups = users.${user}.groups or [ ]; + in + acc + ++ map (group: { + inherit user group; + }) groups + ) [ ] (lib.attrNames users) ); in - ( - builtins.foldl' - ( - acc: v: acc // { - ${v.group} = acc.${v.group} or [ ] ++ [ v.user ]; - } - ) - { } - mappings) + (builtins.foldl' ( + acc: v: + acc + // { + ${v.group} = acc.${v.group} or [ ] ++ [ v.user ]; + } + ) { } mappings) ); - groupToGroup = k: { gid }: + groupToGroup = + k: + { gid }: let members = groupMemberMap.${k} or [ ]; in "${k}:x:${toString gid}:${lib.concatStringsSep "," members}"; - groupContents = ( - lib.concatStringsSep "\n" - (lib.attrValues (lib.mapAttrs groupToGroup groups)) - ); + groupContents = (lib.concatStringsSep "\n" (lib.attrValues (lib.mapAttrs groupToGroup groups))); defaultNixConf = { sandbox = "false"; @@ -159,11 +153,17 @@ let trusted-public-keys = [ "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" ]; }; - nixConfContents = (lib.concatStringsSep "\n" (lib.mapAttrsFlatten (n: v: - let - vStr = if builtins.isList v then lib.concatStringsSep " " v else v; - in - "${n} = ${vStr}") (defaultNixConf // nixConf))) + "\n"; + nixConfContents = + (lib.concatStringsSep "\n" ( + lib.mapAttrsFlatten ( + n: v: + let + vStr = if builtins.isList v then lib.concatStringsSep " " v else v; + in + "${n} = ${vStr}" + ) (defaultNixConf // nixConf) + )) + + "\n"; userHome = if uid == 0 then "/root" else "/home/${uname}"; @@ -184,21 +184,29 @@ let manifest = pkgs.buildPackages.runCommand "manifest.nix" { } '' cat > $out < $out/etc/passwd - echo "" >> $out/etc/passwd + cat $passwdContentsPath > $out/etc/passwd + echo "" >> $out/etc/passwd - cat $groupContentsPath > $out/etc/group - echo "" >> $out/etc/group + cat $groupContentsPath > $out/etc/group + echo "" >> $out/etc/group - cat $shadowContentsPath > $out/etc/shadow - echo "" >> $out/etc/shadow + cat $shadowContentsPath > $out/etc/shadow + echo "" >> $out/etc/shadow - mkdir -p $out/usr - ln -s /nix/var/nix/profiles/share $out/usr/ + mkdir -p $out/usr + ln -s /nix/var/nix/profiles/share $out/usr/ - mkdir -p $out/nix/var/nix/gcroots + mkdir -p $out/nix/var/nix/gcroots - mkdir $out/tmp + mkdir $out/tmp - mkdir -p $out/var/tmp + mkdir -p $out/var/tmp - mkdir -p $out/etc/nix - cat $nixConfContentsPath > $out/etc/nix/nix.conf + mkdir -p $out/etc/nix + cat $nixConfContentsPath > $out/etc/nix/nix.conf - mkdir -p $out${userHome} - mkdir -p $out/nix/var/nix/profiles/per-user/${uname} + mkdir -p $out${userHome} + mkdir -p $out/nix/var/nix/profiles/per-user/${uname} - ln -s ${profile} $out/nix/var/nix/profiles/default-1-link - ln -s /nix/var/nix/profiles/default-1-link $out/nix/var/nix/profiles/default - ln -s /nix/var/nix/profiles/default $out${userHome}/.nix-profile + ln -s ${profile} $out/nix/var/nix/profiles/default-1-link + ln -s /nix/var/nix/profiles/default-1-link $out/nix/var/nix/profiles/default + ln -s /nix/var/nix/profiles/default $out${userHome}/.nix-profile - ln -s ${channel} $out/nix/var/nix/profiles/per-user/${uname}/channels-1-link - ln -s /nix/var/nix/profiles/per-user/${uname}/channels-1-link $out/nix/var/nix/profiles/per-user/${uname}/channels + ln -s ${channel} $out/nix/var/nix/profiles/per-user/${uname}/channels-1-link + ln -s /nix/var/nix/profiles/per-user/${uname}/channels-1-link $out/nix/var/nix/profiles/per-user/${uname}/channels - mkdir -p $out${userHome}/.nix-defexpr - ln -s /nix/var/nix/profiles/per-user/${uname}/channels $out${userHome}/.nix-defexpr/channels - echo "${channelURL} ${channelName}" > $out${userHome}/.nix-channels + mkdir -p $out${userHome}/.nix-defexpr + ln -s /nix/var/nix/profiles/per-user/${uname}/channels $out${userHome}/.nix-defexpr/channels + echo "${channelURL} ${channelName}" > $out${userHome}/.nix-channels - mkdir -p $out/bin $out/usr/bin - ln -s ${pkgs.coreutils}/bin/env $out/usr/bin/env - ln -s ${pkgs.bashInteractive}/bin/bash $out/bin/sh + mkdir -p $out/bin $out/usr/bin + ln -s ${pkgs.coreutils}/bin/env $out/usr/bin/env + ln -s ${pkgs.bashInteractive}/bin/bash $out/bin/sh - '' + (lib.optionalString (flake-registry-path != null) '' - nixCacheDir="${userHome}/.cache/nix" - mkdir -p $out$nixCacheDir - globalFlakeRegistryPath="$nixCacheDir/flake-registry.json" - ln -s ${flake-registry-path} $out$globalFlakeRegistryPath - mkdir -p $out/nix/var/nix/gcroots/auto - rootName=$(${pkgs.nix}/bin/nix --extra-experimental-features nix-command hash file --type sha1 --base32 <(echo -n $globalFlakeRegistryPath)) - ln -s $globalFlakeRegistryPath $out/nix/var/nix/gcroots/auto/$rootName - '')); + '' + + (lib.optionalString (flake-registry-path != null) '' + nixCacheDir="${userHome}/.cache/nix" + mkdir -p $out$nixCacheDir + globalFlakeRegistryPath="$nixCacheDir/flake-registry.json" + ln -s ${flake-registry-path} $out$globalFlakeRegistryPath + mkdir -p $out/nix/var/nix/gcroots/auto + rootName=$(${pkgs.nix}/bin/nix --extra-experimental-features nix-command hash file --type sha1 --base32 <(echo -n $globalFlakeRegistryPath)) + ln -s $globalFlakeRegistryPath $out/nix/var/nix/gcroots/auto/$rootName + '') + ); in pkgs.dockerTools.buildLayeredImageWithNixDb { - inherit name tag maxLayers uid gid uname gname; + inherit + name + tag + maxLayers + uid + gid + uname + gname + ; contents = [ baseSystem ]; @@ -305,15 +331,19 @@ pkgs.dockerTools.buildLayeredImageWithNixDb { User = "${toString uid}:${toString gid}"; Env = [ "USER=${uname}" - "PATH=${lib.concatStringsSep ":" [ - "${userHome}/.nix-profile/bin" - "/nix/var/nix/profiles/default/bin" - "/nix/var/nix/profiles/default/sbin" - ]}" - "MANPATH=${lib.concatStringsSep ":" [ - "${userHome}/.nix-profile/share/man" - "/nix/var/nix/profiles/default/share/man" - ]}" + "PATH=${ + lib.concatStringsSep ":" [ + "${userHome}/.nix-profile/bin" + "/nix/var/nix/profiles/default/bin" + "/nix/var/nix/profiles/default/sbin" + ] + }" + "MANPATH=${ + lib.concatStringsSep ":" [ + "${userHome}/.nix-profile/share/man" + "/nix/var/nix/profiles/default/share/man" + ] + }" "SSL_CERT_FILE=/nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt" "GIT_SSL_CAINFO=/nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt" "NIX_SSL_CERT_FILE=/nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt" diff --git a/flake.nix b/flake.nix index d8a458c1f4d..eafb6535302 100644 --- a/flake.nix +++ b/flake.nix @@ -5,7 +5,10 @@ inputs.nixpkgs-regression.url = "github:NixOS/nixpkgs/215d4d0fd80ca5163643b03a33fde804a29cc1e2"; inputs.nixpkgs-23-11.url = "github:NixOS/nixpkgs/a62e6edd6d5e1fa0329b8653c801147986f8d446"; - inputs.flake-compat = { url = "github:edolstra/flake-compat"; flake = false; }; + inputs.flake-compat = { + url = "github:edolstra/flake-compat"; + flake = false; + }; # dev tooling inputs.flake-parts.url = "github:hercules-ci/flake-parts"; @@ -18,8 +21,13 @@ inputs.git-hooks-nix.inputs.flake-compat.follows = ""; inputs.git-hooks-nix.inputs.gitignore.follows = ""; - outputs = inputs@{ self, nixpkgs, nixpkgs-regression, ... }: - + outputs = + inputs@{ + self, + nixpkgs, + nixpkgs-regression, + ... + }: let inherit (nixpkgs) lib; @@ -27,9 +35,15 @@ officialRelease = true; linux32BitSystems = [ "i686-linux" ]; - linux64BitSystems = [ "x86_64-linux" "aarch64-linux" ]; + linux64BitSystems = [ + "x86_64-linux" + "aarch64-linux" + ]; linuxSystems = linux32BitSystems ++ linux64BitSystems; - darwinSystems = [ "x86_64-darwin" "aarch64-darwin" ]; + darwinSystems = [ + "x86_64-darwin" + "aarch64-darwin" + ]; systems = linuxSystems ++ darwinSystems; crossSystems = [ @@ -59,63 +73,77 @@ (Provided that the names are unique.) See https://nixos.org/manual/nixpkgs/stable/index.html#function-library-lib.attrsets.concatMapAttrs - */ + */ flatMapAttrs = attrs: f: lib.concatMapAttrs f attrs; forAllSystems = lib.genAttrs systems; forAllCrossSystems = lib.genAttrs crossSystems; - forAllStdenvs = f: - lib.listToAttrs - (map - (stdenvName: { - name = "${stdenvName}Packages"; - value = f stdenvName; - }) - stdenvs); - + forAllStdenvs = + f: + lib.listToAttrs ( + map (stdenvName: { + name = "${stdenvName}Packages"; + value = f stdenvName; + }) stdenvs + ); # We don't apply flake-parts to the whole flake so that non-development attributes # load without fetching any development inputs. devFlake = inputs.flake-parts.lib.mkFlake { inherit inputs; } { imports = [ ./maintainers/flake-module.nix ]; systems = lib.subtractLists crossSystems systems; - perSystem = { system, ... }: { - _module.args.pkgs = nixpkgsFor.${system}.native; - }; + perSystem = + { system, ... }: + { + _module.args.pkgs = nixpkgsFor.${system}.native; + }; }; # Memoize nixpkgs for different platforms for efficiency. - nixpkgsFor = forAllSystems - (system: let - make-pkgs = crossSystem: stdenv: import nixpkgs { - localSystem = { - inherit system; - }; - crossSystem = if crossSystem == null then null else { - config = crossSystem; - } // lib.optionalAttrs (crossSystem == "x86_64-unknown-freebsd13") { - useLLVM = true; + nixpkgsFor = forAllSystems ( + system: + let + make-pkgs = + crossSystem: stdenv: + import nixpkgs { + localSystem = { + inherit system; + }; + crossSystem = + if crossSystem == null then + null + else + { + config = crossSystem; + } + // lib.optionalAttrs (crossSystem == "x86_64-unknown-freebsd13") { + useLLVM = true; + }; + overlays = [ + (overlayFor (p: p.${stdenv})) + ]; }; - overlays = [ - (overlayFor (p: p.${stdenv})) - ]; - }; stdenvs = forAllStdenvs (make-pkgs null); native = stdenvs.stdenvPackages; - in { + in + { inherit stdenvs native; static = native.pkgsStatic; llvm = native.pkgsLLVM; cross = forAllCrossSystems (crossSystem: make-pkgs crossSystem "stdenv"); - }); + } + ); - binaryTarball = nix: pkgs: pkgs.callPackage ./scripts/binary-tarball.nix { - inherit nix; - }; + binaryTarball = + nix: pkgs: + pkgs.callPackage ./scripts/binary-tarball.nix { + inherit nix; + }; - overlayFor = getStdenv: final: prev: + overlayFor = + getStdenv: final: prev: let stdenv = getStdenv final; in @@ -162,12 +190,19 @@ # See https://github.com/NixOS/nixpkgs/pull/214409 # Remove when fixed in this flake's nixpkgs pre-commit = - if prev.stdenv.hostPlatform.system == "i686-linux" - then (prev.pre-commit.override (o: { dotnet-sdk = ""; })).overridePythonAttrs (o: { doCheck = false; }) - else prev.pre-commit; + if prev.stdenv.hostPlatform.system == "i686-linux" then + (prev.pre-commit.override (o: { + dotnet-sdk = ""; + })).overridePythonAttrs + (o: { + doCheck = false; + }) + else + prev.pre-commit; }; - in { + in + { # A Nixpkgs overlay that overrides the 'nix' and # 'nix-perl-bindings' packages. overlays.default = overlayFor (p: p.stdenv); @@ -186,53 +221,69 @@ ; }; - checks = forAllSystems (system: { - installerScriptForGHA = self.hydraJobs.installerScriptForGHA.${system}; - installTests = self.hydraJobs.installTests.${system}; - nixpkgsLibTests = self.hydraJobs.tests.nixpkgsLibTests.${system}; - rl-next = - let pkgs = nixpkgsFor.${system}.native; - in pkgs.buildPackages.runCommand "test-rl-next-release-notes" { } '' - LANG=C.UTF-8 ${pkgs.changelog-d}/bin/changelog-d ${./doc/manual/rl-next} >$out - ''; - repl-completion = nixpkgsFor.${system}.native.callPackage ./tests/repl-completion.nix { }; - } // (lib.optionalAttrs (builtins.elem system linux64BitSystems)) { - dockerImage = self.hydraJobs.dockerImage.${system}; - } // (lib.optionalAttrs (!(builtins.elem system linux32BitSystems))) { - # Some perl dependencies are broken on i686-linux. - # Since the support is only best-effort there, disable the perl - # bindings - perlBindings = self.hydraJobs.perlBindings.${system}; - } - # Add "passthru" tests - // flatMapAttrs ({ - "" = nixpkgsFor.${system}.native; - } // lib.optionalAttrs (! nixpkgsFor.${system}.native.stdenv.hostPlatform.isDarwin) { - # TODO: enable static builds for darwin, blocked on: - # https://github.com/NixOS/nixpkgs/issues/320448 - # TODO: disabled to speed up GHA CI. - #"static-" = nixpkgsFor.${system}.static; - }) - (nixpkgsPrefix: nixpkgs: - flatMapAttrs nixpkgs.nixComponents - (pkgName: pkg: - flatMapAttrs pkg.tests or {} - (testName: test: { - "${nixpkgsPrefix}${pkgName}-${testName}" = test; - }) + checks = forAllSystems ( + system: + { + installerScriptForGHA = self.hydraJobs.installerScriptForGHA.${system}; + installTests = self.hydraJobs.installTests.${system}; + nixpkgsLibTests = self.hydraJobs.tests.nixpkgsLibTests.${system}; + rl-next = + let + pkgs = nixpkgsFor.${system}.native; + in + pkgs.buildPackages.runCommand "test-rl-next-release-notes" { } '' + LANG=C.UTF-8 ${pkgs.changelog-d}/bin/changelog-d ${./doc/manual/rl-next} >$out + ''; + repl-completion = nixpkgsFor.${system}.native.callPackage ./tests/repl-completion.nix { }; + } + // (lib.optionalAttrs (builtins.elem system linux64BitSystems)) { + dockerImage = self.hydraJobs.dockerImage.${system}; + } + // (lib.optionalAttrs (!(builtins.elem system linux32BitSystems))) { + # Some perl dependencies are broken on i686-linux. + # Since the support is only best-effort there, disable the perl + # bindings + perlBindings = self.hydraJobs.perlBindings.${system}; + } + # Add "passthru" tests + // + flatMapAttrs + ( + { + "" = nixpkgsFor.${system}.native; + } + // lib.optionalAttrs (!nixpkgsFor.${system}.native.stdenv.hostPlatform.isDarwin) { + # TODO: enable static builds for darwin, blocked on: + # https://github.com/NixOS/nixpkgs/issues/320448 + # TODO: disabled to speed up GHA CI. + #"static-" = nixpkgsFor.${system}.static; + } ) - // lib.optionalAttrs (nixpkgs.stdenv.hostPlatform == nixpkgs.stdenv.buildPlatform) { - "${nixpkgsPrefix}nix-functional-tests" = nixpkgs.nixComponents.nix-functional-tests; - } - ) - // devFlake.checks.${system} or {} + ( + nixpkgsPrefix: nixpkgs: + flatMapAttrs nixpkgs.nixComponents ( + pkgName: pkg: + flatMapAttrs pkg.tests or { } ( + testName: test: { + "${nixpkgsPrefix}${pkgName}-${testName}" = test; + } + ) + ) + // lib.optionalAttrs (nixpkgs.stdenv.hostPlatform == nixpkgs.stdenv.buildPlatform) { + "${nixpkgsPrefix}nix-functional-tests" = nixpkgs.nixComponents.nix-functional-tests; + } + ) + // devFlake.checks.${system} or { } ); - packages = forAllSystems (system: - { # Here we put attributes that map 1:1 into packages., ie + packages = forAllSystems ( + system: + { + # Here we put attributes that map 1:1 into packages., ie # for which we don't apply the full build matrix such as cross or static. inherit (nixpkgsFor.${system}.native) - changelog-d; + changelog-d + ; default = self.packages.${system}.nix; installerScriptForGHA = self.hydraJobs.installerScriptForGHA.${system}; binaryTarball = self.hydraJobs.binaryTarball.${system}; @@ -243,96 +294,143 @@ nix-external-api-docs = nixpkgsFor.${system}.native.nixComponents.nix-external-api-docs; } # We need to flatten recursive attribute sets of derivations to pass `flake check`. - // flatMapAttrs - { # Components we'll iterate over in the upcoming lambda - "nix-util" = { }; - "nix-util-c" = { }; - "nix-util-test-support" = { }; - "nix-util-tests" = { }; + // + flatMapAttrs + { + # Components we'll iterate over in the upcoming lambda + "nix-util" = { }; + "nix-util-c" = { }; + "nix-util-test-support" = { }; + "nix-util-tests" = { }; - "nix-store" = { }; - "nix-store-c" = { }; - "nix-store-test-support" = { }; - "nix-store-tests" = { }; + "nix-store" = { }; + "nix-store-c" = { }; + "nix-store-test-support" = { }; + "nix-store-tests" = { }; - "nix-fetchers" = { }; - "nix-fetchers-tests" = { }; + "nix-fetchers" = { }; + "nix-fetchers-tests" = { }; - "nix-expr" = { }; - "nix-expr-c" = { }; - "nix-expr-test-support" = { }; - "nix-expr-tests" = { }; + "nix-expr" = { }; + "nix-expr-c" = { }; + "nix-expr-test-support" = { }; + "nix-expr-tests" = { }; - "nix-flake" = { }; - "nix-flake-tests" = { }; + "nix-flake" = { }; + "nix-flake-tests" = { }; - "nix-main" = { }; - "nix-main-c" = { }; + "nix-main" = { }; + "nix-main-c" = { }; - "nix-cmd" = { }; + "nix-cmd" = { }; - "nix-cli" = { }; + "nix-cli" = { }; - "nix-everything" = { }; + "nix-everything" = { }; - "nix-functional-tests" = { supportsCross = false; }; + "nix-functional-tests" = { + supportsCross = false; + }; - "nix-perl-bindings" = { supportsCross = false; }; - } - (pkgName: { supportsCross ? true }: { - # These attributes go right into `packages.`. - "${pkgName}" = nixpkgsFor.${system}.native.nixComponents.${pkgName}; - "${pkgName}-static" = nixpkgsFor.${system}.static.nixComponents.${pkgName}; - "${pkgName}-llvm" = nixpkgsFor.${system}.llvm.nixComponents.${pkgName}; + "nix-perl-bindings" = { + supportsCross = false; + }; } - // lib.optionalAttrs supportsCross (flatMapAttrs (lib.genAttrs crossSystems (_: { })) (crossSystem: {}: { - # These attributes go right into `packages.`. - "${pkgName}-${crossSystem}" = nixpkgsFor.${system}.cross.${crossSystem}.nixComponents.${pkgName}; - })) - // flatMapAttrs (lib.genAttrs stdenvs (_: { })) (stdenvName: {}: { - # These attributes go right into `packages.`. - "${pkgName}-${stdenvName}" = nixpkgsFor.${system}.stdenvs."${stdenvName}Packages".nixComponents.${pkgName}; - }) - ) + ( + pkgName: + { + supportsCross ? true, + }: + { + # These attributes go right into `packages.`. + "${pkgName}" = nixpkgsFor.${system}.native.nixComponents.${pkgName}; + "${pkgName}-static" = nixpkgsFor.${system}.static.nixComponents.${pkgName}; + "${pkgName}-llvm" = nixpkgsFor.${system}.llvm.nixComponents.${pkgName}; + } + // lib.optionalAttrs supportsCross ( + flatMapAttrs (lib.genAttrs crossSystems (_: { })) ( + crossSystem: + { }: + { + # These attributes go right into `packages.`. + "${pkgName}-${crossSystem}" = nixpkgsFor.${system}.cross.${crossSystem}.nixComponents.${pkgName}; + } + ) + ) + // flatMapAttrs (lib.genAttrs stdenvs (_: { })) ( + stdenvName: + { }: + { + # These attributes go right into `packages.`. + "${pkgName}-${stdenvName}" = + nixpkgsFor.${system}.stdenvs."${stdenvName}Packages".nixComponents.${pkgName}; + } + ) + ) // lib.optionalAttrs (builtins.elem system linux64BitSystems) { - dockerImage = - let - pkgs = nixpkgsFor.${system}.native; - image = import ./docker.nix { inherit pkgs; tag = pkgs.nix.version; }; - in - pkgs.runCommand - "docker-image-tarball-${pkgs.nix.version}" - { meta.description = "Docker image with Nix for ${system}"; } - '' - mkdir -p $out/nix-support - image=$out/image.tar.gz - ln -s ${image} $image - echo "file binary-dist $image" >> $out/nix-support/hydra-build-products - ''; - }); - - devShells = let - makeShell = import ./packaging/dev-shell.nix { inherit lib devFlake; }; - prefixAttrs = prefix: lib.concatMapAttrs (k: v: { "${prefix}-${k}" = v; }); - in - forAllSystems (system: - prefixAttrs "native" (forAllStdenvs (stdenvName: makeShell { - pkgs = nixpkgsFor.${system}.stdenvs."${stdenvName}Packages"; - })) // - lib.optionalAttrs (!nixpkgsFor.${system}.native.stdenv.isDarwin) ( - prefixAttrs "static" (forAllStdenvs (stdenvName: makeShell { - pkgs = nixpkgsFor.${system}.stdenvs."${stdenvName}Packages".pkgsStatic; - })) // - prefixAttrs "llvm" (forAllStdenvs (stdenvName: makeShell { - pkgs = nixpkgsFor.${system}.stdenvs."${stdenvName}Packages".pkgsLLVM; - })) // - prefixAttrs "cross" (forAllCrossSystems (crossSystem: makeShell { - pkgs = nixpkgsFor.${system}.cross.${crossSystem}; - })) - ) // - { + dockerImage = + let + pkgs = nixpkgsFor.${system}.native; + image = import ./docker.nix { + inherit pkgs; + tag = pkgs.nix.version; + }; + in + pkgs.runCommand "docker-image-tarball-${pkgs.nix.version}" + { meta.description = "Docker image with Nix for ${system}"; } + '' + mkdir -p $out/nix-support + image=$out/image.tar.gz + ln -s ${image} $image + echo "file binary-dist $image" >> $out/nix-support/hydra-build-products + ''; + } + ); + + devShells = + let + makeShell = import ./packaging/dev-shell.nix { inherit lib devFlake; }; + prefixAttrs = prefix: lib.concatMapAttrs (k: v: { "${prefix}-${k}" = v; }); + in + forAllSystems ( + system: + prefixAttrs "native" ( + forAllStdenvs ( + stdenvName: + makeShell { + pkgs = nixpkgsFor.${system}.stdenvs."${stdenvName}Packages"; + } + ) + ) + // lib.optionalAttrs (!nixpkgsFor.${system}.native.stdenv.isDarwin) ( + prefixAttrs "static" ( + forAllStdenvs ( + stdenvName: + makeShell { + pkgs = nixpkgsFor.${system}.stdenvs."${stdenvName}Packages".pkgsStatic; + } + ) + ) + // prefixAttrs "llvm" ( + forAllStdenvs ( + stdenvName: + makeShell { + pkgs = nixpkgsFor.${system}.stdenvs."${stdenvName}Packages".pkgsLLVM; + } + ) + ) + // prefixAttrs "cross" ( + forAllCrossSystems ( + crossSystem: + makeShell { + pkgs = nixpkgsFor.${system}.cross.${crossSystem}; + } + ) + ) + ) + // { default = self.devShells.${system}.native-stdenvPackages; } ); - }; + }; } diff --git a/maintainers/flake-module.nix b/maintainers/flake-module.nix index fcf370b7145..9b2c6dcbf80 100644 --- a/maintainers/flake-module.nix +++ b/maintainers/flake-module.nix @@ -1,669 +1,676 @@ -{ lib, getSystem, inputs, ... }: +{ + lib, + getSystem, + inputs, + ... +}: { imports = [ inputs.git-hooks-nix.flakeModule ]; - perSystem = { config, pkgs, ... }: { + perSystem = + { config, pkgs, ... }: + { - # https://flake.parts/options/git-hooks-nix#options - pre-commit.settings = { - hooks = { - # Conflicts are usually found by other checks, but not those in docs, - # and potentially other places. - check-merge-conflicts.enable = true; - # built-in check-merge-conflicts seems ineffective against those produced by mergify backports - check-merge-conflicts-2 = { - enable = true; - entry = "${pkgs.writeScript "check-merge-conflicts" '' - #!${pkgs.runtimeShell} - conflicts=false - for file in "$@"; do - if grep --with-filename --line-number -E '^>>>>>>> ' -- "$file"; then - conflicts=true + # https://flake.parts/options/git-hooks-nix#options + pre-commit.settings = { + hooks = { + # Conflicts are usually found by other checks, but not those in docs, + # and potentially other places. + check-merge-conflicts.enable = true; + # built-in check-merge-conflicts seems ineffective against those produced by mergify backports + check-merge-conflicts-2 = { + enable = true; + entry = "${pkgs.writeScript "check-merge-conflicts" '' + #!${pkgs.runtimeShell} + conflicts=false + for file in "$@"; do + if grep --with-filename --line-number -E '^>>>>>>> ' -- "$file"; then + conflicts=true + fi + done + if $conflicts; then + echo "ERROR: found merge/patch conflicts in files" + exit 1 fi - done - if $conflicts; then - echo "ERROR: found merge/patch conflicts in files" - exit 1 - fi - touch $out - ''}"; - }; - clang-format = { - enable = true; - # https://github.com/cachix/git-hooks.nix/pull/532 - package = pkgs.llvmPackages_latest.clang-tools; - excludes = [ - # We don't want to format test data - # ''tests/(?!nixos/).*\.nix'' - ''^src/[^/]*-tests/data/.*$'' + touch $out + ''}"; + }; + clang-format = { + enable = true; + # https://github.com/cachix/git-hooks.nix/pull/532 + package = pkgs.llvmPackages_latest.clang-tools; + excludes = [ + # We don't want to format test data + # ''tests/(?!nixos/).*\.nix'' + ''^src/[^/]*-tests/data/.*$'' - # Don't format vendored code - ''^doc/manual/redirects\.js$'' - ''^doc/manual/theme/highlight\.js$'' + # Don't format vendored code + ''^doc/manual/redirects\.js$'' + ''^doc/manual/theme/highlight\.js$'' - # We haven't applied formatting to these files yet - ''^doc/manual/redirects\.js$'' - ''^doc/manual/theme/highlight\.js$'' - ''^precompiled-headers\.h$'' - ''^src/build-remote/build-remote\.cc$'' - ''^src/libcmd/built-path\.cc$'' - ''^src/libcmd/built-path\.hh$'' - ''^src/libcmd/common-eval-args\.cc$'' - ''^src/libcmd/common-eval-args\.hh$'' - ''^src/libcmd/editor-for\.cc$'' - ''^src/libcmd/installable-attr-path\.cc$'' - ''^src/libcmd/installable-attr-path\.hh$'' - ''^src/libcmd/installable-derived-path\.cc$'' - ''^src/libcmd/installable-derived-path\.hh$'' - ''^src/libcmd/installable-flake\.cc$'' - ''^src/libcmd/installable-flake\.hh$'' - ''^src/libcmd/installable-value\.cc$'' - ''^src/libcmd/installable-value\.hh$'' - ''^src/libcmd/installables\.cc$'' - ''^src/libcmd/installables\.hh$'' - ''^src/libcmd/legacy\.hh$'' - ''^src/libcmd/markdown\.cc$'' - ''^src/libcmd/misc-store-flags\.cc$'' - ''^src/libcmd/repl-interacter\.cc$'' - ''^src/libcmd/repl-interacter\.hh$'' - ''^src/libcmd/repl\.cc$'' - ''^src/libcmd/repl\.hh$'' - ''^src/libexpr-c/nix_api_expr\.cc$'' - ''^src/libexpr-c/nix_api_external\.cc$'' - ''^src/libexpr/attr-path\.cc$'' - ''^src/libexpr/attr-path\.hh$'' - ''^src/libexpr/attr-set\.cc$'' - ''^src/libexpr/attr-set\.hh$'' - ''^src/libexpr/eval-cache\.cc$'' - ''^src/libexpr/eval-cache\.hh$'' - ''^src/libexpr/eval-error\.cc$'' - ''^src/libexpr/eval-inline\.hh$'' - ''^src/libexpr/eval-settings\.cc$'' - ''^src/libexpr/eval-settings\.hh$'' - ''^src/libexpr/eval\.cc$'' - ''^src/libexpr/eval\.hh$'' - ''^src/libexpr/function-trace\.cc$'' - ''^src/libexpr/gc-small-vector\.hh$'' - ''^src/libexpr/get-drvs\.cc$'' - ''^src/libexpr/get-drvs\.hh$'' - ''^src/libexpr/json-to-value\.cc$'' - ''^src/libexpr/nixexpr\.cc$'' - ''^src/libexpr/nixexpr\.hh$'' - ''^src/libexpr/parser-state\.hh$'' - ''^src/libexpr/pos-table\.hh$'' - ''^src/libexpr/primops\.cc$'' - ''^src/libexpr/primops\.hh$'' - ''^src/libexpr/primops/context\.cc$'' - ''^src/libexpr/primops/fetchClosure\.cc$'' - ''^src/libexpr/primops/fetchMercurial\.cc$'' - ''^src/libexpr/primops/fetchTree\.cc$'' - ''^src/libexpr/primops/fromTOML\.cc$'' - ''^src/libexpr/print-ambiguous\.cc$'' - ''^src/libexpr/print-ambiguous\.hh$'' - ''^src/libexpr/print-options\.hh$'' - ''^src/libexpr/print\.cc$'' - ''^src/libexpr/print\.hh$'' - ''^src/libexpr/search-path\.cc$'' - ''^src/libexpr/symbol-table\.hh$'' - ''^src/libexpr/value-to-json\.cc$'' - ''^src/libexpr/value-to-json\.hh$'' - ''^src/libexpr/value-to-xml\.cc$'' - ''^src/libexpr/value-to-xml\.hh$'' - ''^src/libexpr/value\.hh$'' - ''^src/libexpr/value/context\.cc$'' - ''^src/libexpr/value/context\.hh$'' - ''^src/libfetchers/attrs\.cc$'' - ''^src/libfetchers/cache\.cc$'' - ''^src/libfetchers/cache\.hh$'' - ''^src/libfetchers/fetch-settings\.cc$'' - ''^src/libfetchers/fetch-settings\.hh$'' - ''^src/libfetchers/fetch-to-store\.cc$'' - ''^src/libfetchers/fetchers\.cc$'' - ''^src/libfetchers/fetchers\.hh$'' - ''^src/libfetchers/filtering-source-accessor\.cc$'' - ''^src/libfetchers/filtering-source-accessor\.hh$'' - ''^src/libfetchers/fs-source-accessor\.cc$'' - ''^src/libfetchers/fs-source-accessor\.hh$'' - ''^src/libfetchers/git-utils\.cc$'' - ''^src/libfetchers/git-utils\.hh$'' - ''^src/libfetchers/github\.cc$'' - ''^src/libfetchers/indirect\.cc$'' - ''^src/libfetchers/memory-source-accessor\.cc$'' - ''^src/libfetchers/path\.cc$'' - ''^src/libfetchers/registry\.cc$'' - ''^src/libfetchers/registry\.hh$'' - ''^src/libfetchers/tarball\.cc$'' - ''^src/libfetchers/tarball\.hh$'' - ''^src/libfetchers/git\.cc$'' - ''^src/libfetchers/mercurial\.cc$'' - ''^src/libflake/flake/config\.cc$'' - ''^src/libflake/flake/flake\.cc$'' - ''^src/libflake/flake/flake\.hh$'' - ''^src/libflake/flake/flakeref\.cc$'' - ''^src/libflake/flake/flakeref\.hh$'' - ''^src/libflake/flake/lockfile\.cc$'' - ''^src/libflake/flake/lockfile\.hh$'' - ''^src/libflake/flake/url-name\.cc$'' - ''^src/libmain/common-args\.cc$'' - ''^src/libmain/common-args\.hh$'' - ''^src/libmain/loggers\.cc$'' - ''^src/libmain/loggers\.hh$'' - ''^src/libmain/progress-bar\.cc$'' - ''^src/libmain/shared\.cc$'' - ''^src/libmain/shared\.hh$'' - ''^src/libmain/unix/stack\.cc$'' - ''^src/libstore/binary-cache-store\.cc$'' - ''^src/libstore/binary-cache-store\.hh$'' - ''^src/libstore/build-result\.hh$'' - ''^src/libstore/builtins\.hh$'' - ''^src/libstore/builtins/buildenv\.cc$'' - ''^src/libstore/builtins/buildenv\.hh$'' - ''^src/libstore/common-protocol-impl\.hh$'' - ''^src/libstore/common-protocol\.cc$'' - ''^src/libstore/common-protocol\.hh$'' - ''^src/libstore/common-ssh-store-config\.hh$'' - ''^src/libstore/content-address\.cc$'' - ''^src/libstore/content-address\.hh$'' - ''^src/libstore/daemon\.cc$'' - ''^src/libstore/daemon\.hh$'' - ''^src/libstore/derivations\.cc$'' - ''^src/libstore/derivations\.hh$'' - ''^src/libstore/derived-path-map\.cc$'' - ''^src/libstore/derived-path-map\.hh$'' - ''^src/libstore/derived-path\.cc$'' - ''^src/libstore/derived-path\.hh$'' - ''^src/libstore/downstream-placeholder\.cc$'' - ''^src/libstore/downstream-placeholder\.hh$'' - ''^src/libstore/dummy-store\.cc$'' - ''^src/libstore/export-import\.cc$'' - ''^src/libstore/filetransfer\.cc$'' - ''^src/libstore/filetransfer\.hh$'' - ''^src/libstore/gc-store\.hh$'' - ''^src/libstore/globals\.cc$'' - ''^src/libstore/globals\.hh$'' - ''^src/libstore/http-binary-cache-store\.cc$'' - ''^src/libstore/legacy-ssh-store\.cc$'' - ''^src/libstore/legacy-ssh-store\.hh$'' - ''^src/libstore/length-prefixed-protocol-helper\.hh$'' - ''^src/libstore/linux/personality\.cc$'' - ''^src/libstore/linux/personality\.hh$'' - ''^src/libstore/local-binary-cache-store\.cc$'' - ''^src/libstore/local-fs-store\.cc$'' - ''^src/libstore/local-fs-store\.hh$'' - ''^src/libstore/log-store\.cc$'' - ''^src/libstore/log-store\.hh$'' - ''^src/libstore/machines\.cc$'' - ''^src/libstore/machines\.hh$'' - ''^src/libstore/make-content-addressed\.cc$'' - ''^src/libstore/make-content-addressed\.hh$'' - ''^src/libstore/misc\.cc$'' - ''^src/libstore/names\.cc$'' - ''^src/libstore/names\.hh$'' - ''^src/libstore/nar-accessor\.cc$'' - ''^src/libstore/nar-accessor\.hh$'' - ''^src/libstore/nar-info-disk-cache\.cc$'' - ''^src/libstore/nar-info-disk-cache\.hh$'' - ''^src/libstore/nar-info\.cc$'' - ''^src/libstore/nar-info\.hh$'' - ''^src/libstore/outputs-spec\.cc$'' - ''^src/libstore/outputs-spec\.hh$'' - ''^src/libstore/parsed-derivations\.cc$'' - ''^src/libstore/path-info\.cc$'' - ''^src/libstore/path-info\.hh$'' - ''^src/libstore/path-references\.cc$'' - ''^src/libstore/path-regex\.hh$'' - ''^src/libstore/path-with-outputs\.cc$'' - ''^src/libstore/path\.cc$'' - ''^src/libstore/path\.hh$'' - ''^src/libstore/pathlocks\.cc$'' - ''^src/libstore/pathlocks\.hh$'' - ''^src/libstore/profiles\.cc$'' - ''^src/libstore/profiles\.hh$'' - ''^src/libstore/realisation\.cc$'' - ''^src/libstore/realisation\.hh$'' - ''^src/libstore/remote-fs-accessor\.cc$'' - ''^src/libstore/remote-fs-accessor\.hh$'' - ''^src/libstore/remote-store-connection\.hh$'' - ''^src/libstore/remote-store\.cc$'' - ''^src/libstore/remote-store\.hh$'' - ''^src/libstore/s3-binary-cache-store\.cc$'' - ''^src/libstore/s3\.hh$'' - ''^src/libstore/serve-protocol-impl\.cc$'' - ''^src/libstore/serve-protocol-impl\.hh$'' - ''^src/libstore/serve-protocol\.cc$'' - ''^src/libstore/serve-protocol\.hh$'' - ''^src/libstore/sqlite\.cc$'' - ''^src/libstore/sqlite\.hh$'' - ''^src/libstore/ssh-store\.cc$'' - ''^src/libstore/ssh\.cc$'' - ''^src/libstore/ssh\.hh$'' - ''^src/libstore/store-api\.cc$'' - ''^src/libstore/store-api\.hh$'' - ''^src/libstore/store-dir-config\.hh$'' - ''^src/libstore/build/derivation-goal\.cc$'' - ''^src/libstore/build/derivation-goal\.hh$'' - ''^src/libstore/build/drv-output-substitution-goal\.cc$'' - ''^src/libstore/build/drv-output-substitution-goal\.hh$'' - ''^src/libstore/build/entry-points\.cc$'' - ''^src/libstore/build/goal\.cc$'' - ''^src/libstore/build/goal\.hh$'' - ''^src/libstore/unix/build/hook-instance\.cc$'' - ''^src/libstore/unix/build/local-derivation-goal\.cc$'' - ''^src/libstore/unix/build/local-derivation-goal\.hh$'' - ''^src/libstore/build/substitution-goal\.cc$'' - ''^src/libstore/build/substitution-goal\.hh$'' - ''^src/libstore/build/worker\.cc$'' - ''^src/libstore/build/worker\.hh$'' - ''^src/libstore/builtins/fetchurl\.cc$'' - ''^src/libstore/builtins/unpack-channel\.cc$'' - ''^src/libstore/gc\.cc$'' - ''^src/libstore/local-overlay-store\.cc$'' - ''^src/libstore/local-overlay-store\.hh$'' - ''^src/libstore/local-store\.cc$'' - ''^src/libstore/local-store\.hh$'' - ''^src/libstore/unix/user-lock\.cc$'' - ''^src/libstore/unix/user-lock\.hh$'' - ''^src/libstore/optimise-store\.cc$'' - ''^src/libstore/unix/pathlocks\.cc$'' - ''^src/libstore/posix-fs-canonicalise\.cc$'' - ''^src/libstore/posix-fs-canonicalise\.hh$'' - ''^src/libstore/uds-remote-store\.cc$'' - ''^src/libstore/uds-remote-store\.hh$'' - ''^src/libstore/windows/build\.cc$'' - ''^src/libstore/worker-protocol-impl\.hh$'' - ''^src/libstore/worker-protocol\.cc$'' - ''^src/libstore/worker-protocol\.hh$'' - ''^src/libutil-c/nix_api_util_internal\.h$'' - ''^src/libutil/archive\.cc$'' - ''^src/libutil/archive\.hh$'' - ''^src/libutil/args\.cc$'' - ''^src/libutil/args\.hh$'' - ''^src/libutil/args/root\.hh$'' - ''^src/libutil/callback\.hh$'' - ''^src/libutil/canon-path\.cc$'' - ''^src/libutil/canon-path\.hh$'' - ''^src/libutil/chunked-vector\.hh$'' - ''^src/libutil/closure\.hh$'' - ''^src/libutil/comparator\.hh$'' - ''^src/libutil/compute-levels\.cc$'' - ''^src/libutil/config-impl\.hh$'' - ''^src/libutil/config\.cc$'' - ''^src/libutil/config\.hh$'' - ''^src/libutil/current-process\.cc$'' - ''^src/libutil/current-process\.hh$'' - ''^src/libutil/english\.cc$'' - ''^src/libutil/english\.hh$'' - ''^src/libutil/error\.cc$'' - ''^src/libutil/error\.hh$'' - ''^src/libutil/exit\.hh$'' - ''^src/libutil/experimental-features\.cc$'' - ''^src/libutil/experimental-features\.hh$'' - ''^src/libutil/file-content-address\.cc$'' - ''^src/libutil/file-content-address\.hh$'' - ''^src/libutil/file-descriptor\.cc$'' - ''^src/libutil/file-descriptor\.hh$'' - ''^src/libutil/file-path-impl\.hh$'' - ''^src/libutil/file-path\.hh$'' - ''^src/libutil/file-system\.cc$'' - ''^src/libutil/file-system\.hh$'' - ''^src/libutil/finally\.hh$'' - ''^src/libutil/fmt\.hh$'' - ''^src/libutil/fs-sink\.cc$'' - ''^src/libutil/fs-sink\.hh$'' - ''^src/libutil/git\.cc$'' - ''^src/libutil/git\.hh$'' - ''^src/libutil/hash\.cc$'' - ''^src/libutil/hash\.hh$'' - ''^src/libutil/hilite\.cc$'' - ''^src/libutil/hilite\.hh$'' - ''^src/libutil/source-accessor\.hh$'' - ''^src/libutil/json-impls\.hh$'' - ''^src/libutil/json-utils\.cc$'' - ''^src/libutil/json-utils\.hh$'' - ''^src/libutil/linux/cgroup\.cc$'' - ''^src/libutil/linux/namespaces\.cc$'' - ''^src/libutil/logging\.cc$'' - ''^src/libutil/logging\.hh$'' - ''^src/libutil/lru-cache\.hh$'' - ''^src/libutil/memory-source-accessor\.cc$'' - ''^src/libutil/memory-source-accessor\.hh$'' - ''^src/libutil/pool\.hh$'' - ''^src/libutil/position\.cc$'' - ''^src/libutil/position\.hh$'' - ''^src/libutil/posix-source-accessor\.cc$'' - ''^src/libutil/posix-source-accessor\.hh$'' - ''^src/libutil/processes\.hh$'' - ''^src/libutil/ref\.hh$'' - ''^src/libutil/references\.cc$'' - ''^src/libutil/references\.hh$'' - ''^src/libutil/regex-combinators\.hh$'' - ''^src/libutil/serialise\.cc$'' - ''^src/libutil/serialise\.hh$'' - ''^src/libutil/signals\.hh$'' - ''^src/libutil/signature/local-keys\.cc$'' - ''^src/libutil/signature/local-keys\.hh$'' - ''^src/libutil/signature/signer\.cc$'' - ''^src/libutil/signature/signer\.hh$'' - ''^src/libutil/source-accessor\.cc$'' - ''^src/libutil/source-accessor\.hh$'' - ''^src/libutil/source-path\.cc$'' - ''^src/libutil/source-path\.hh$'' - ''^src/libutil/split\.hh$'' - ''^src/libutil/suggestions\.cc$'' - ''^src/libutil/suggestions\.hh$'' - ''^src/libutil/sync\.hh$'' - ''^src/libutil/terminal\.cc$'' - ''^src/libutil/terminal\.hh$'' - ''^src/libutil/thread-pool\.cc$'' - ''^src/libutil/thread-pool\.hh$'' - ''^src/libutil/topo-sort\.hh$'' - ''^src/libutil/types\.hh$'' - ''^src/libutil/unix/file-descriptor\.cc$'' - ''^src/libutil/unix/file-path\.cc$'' - ''^src/libutil/unix/monitor-fd\.hh$'' - ''^src/libutil/unix/processes\.cc$'' - ''^src/libutil/unix/signals-impl\.hh$'' - ''^src/libutil/unix/signals\.cc$'' - ''^src/libutil/unix-domain-socket\.cc$'' - ''^src/libutil/unix/users\.cc$'' - ''^src/libutil/url-parts\.hh$'' - ''^src/libutil/url\.cc$'' - ''^src/libutil/url\.hh$'' - ''^src/libutil/users\.cc$'' - ''^src/libutil/users\.hh$'' - ''^src/libutil/util\.cc$'' - ''^src/libutil/util\.hh$'' - ''^src/libutil/variant-wrapper\.hh$'' - ''^src/libutil/widecharwidth/widechar_width\.h$'' # vendored source - ''^src/libutil/windows/file-descriptor\.cc$'' - ''^src/libutil/windows/file-path\.cc$'' - ''^src/libutil/windows/processes\.cc$'' - ''^src/libutil/windows/users\.cc$'' - ''^src/libutil/windows/windows-error\.cc$'' - ''^src/libutil/windows/windows-error\.hh$'' - ''^src/libutil/xml-writer\.cc$'' - ''^src/libutil/xml-writer\.hh$'' - ''^src/nix-build/nix-build\.cc$'' - ''^src/nix-channel/nix-channel\.cc$'' - ''^src/nix-collect-garbage/nix-collect-garbage\.cc$'' - ''^src/nix-env/buildenv.nix$'' - ''^src/nix-env/nix-env\.cc$'' - ''^src/nix-env/user-env\.cc$'' - ''^src/nix-env/user-env\.hh$'' - ''^src/nix-instantiate/nix-instantiate\.cc$'' - ''^src/nix-store/dotgraph\.cc$'' - ''^src/nix-store/graphml\.cc$'' - ''^src/nix-store/nix-store\.cc$'' - ''^src/nix/add-to-store\.cc$'' - ''^src/nix/app\.cc$'' - ''^src/nix/build\.cc$'' - ''^src/nix/bundle\.cc$'' - ''^src/nix/cat\.cc$'' - ''^src/nix/config-check\.cc$'' - ''^src/nix/config\.cc$'' - ''^src/nix/copy\.cc$'' - ''^src/nix/derivation-add\.cc$'' - ''^src/nix/derivation-show\.cc$'' - ''^src/nix/derivation\.cc$'' - ''^src/nix/develop\.cc$'' - ''^src/nix/diff-closures\.cc$'' - ''^src/nix/dump-path\.cc$'' - ''^src/nix/edit\.cc$'' - ''^src/nix/eval\.cc$'' - ''^src/nix/flake\.cc$'' - ''^src/nix/fmt\.cc$'' - ''^src/nix/hash\.cc$'' - ''^src/nix/log\.cc$'' - ''^src/nix/ls\.cc$'' - ''^src/nix/main\.cc$'' - ''^src/nix/make-content-addressed\.cc$'' - ''^src/nix/nar\.cc$'' - ''^src/nix/optimise-store\.cc$'' - ''^src/nix/path-from-hash-part\.cc$'' - ''^src/nix/path-info\.cc$'' - ''^src/nix/prefetch\.cc$'' - ''^src/nix/profile\.cc$'' - ''^src/nix/realisation\.cc$'' - ''^src/nix/registry\.cc$'' - ''^src/nix/repl\.cc$'' - ''^src/nix/run\.cc$'' - ''^src/nix/run\.hh$'' - ''^src/nix/search\.cc$'' - ''^src/nix/sigs\.cc$'' - ''^src/nix/store-copy-log\.cc$'' - ''^src/nix/store-delete\.cc$'' - ''^src/nix/store-gc\.cc$'' - ''^src/nix/store-info\.cc$'' - ''^src/nix/store-repair\.cc$'' - ''^src/nix/store\.cc$'' - ''^src/nix/unix/daemon\.cc$'' - ''^src/nix/upgrade-nix\.cc$'' - ''^src/nix/verify\.cc$'' - ''^src/nix/why-depends\.cc$'' + # We haven't applied formatting to these files yet + ''^doc/manual/redirects\.js$'' + ''^doc/manual/theme/highlight\.js$'' + ''^precompiled-headers\.h$'' + ''^src/build-remote/build-remote\.cc$'' + ''^src/libcmd/built-path\.cc$'' + ''^src/libcmd/built-path\.hh$'' + ''^src/libcmd/common-eval-args\.cc$'' + ''^src/libcmd/common-eval-args\.hh$'' + ''^src/libcmd/editor-for\.cc$'' + ''^src/libcmd/installable-attr-path\.cc$'' + ''^src/libcmd/installable-attr-path\.hh$'' + ''^src/libcmd/installable-derived-path\.cc$'' + ''^src/libcmd/installable-derived-path\.hh$'' + ''^src/libcmd/installable-flake\.cc$'' + ''^src/libcmd/installable-flake\.hh$'' + ''^src/libcmd/installable-value\.cc$'' + ''^src/libcmd/installable-value\.hh$'' + ''^src/libcmd/installables\.cc$'' + ''^src/libcmd/installables\.hh$'' + ''^src/libcmd/legacy\.hh$'' + ''^src/libcmd/markdown\.cc$'' + ''^src/libcmd/misc-store-flags\.cc$'' + ''^src/libcmd/repl-interacter\.cc$'' + ''^src/libcmd/repl-interacter\.hh$'' + ''^src/libcmd/repl\.cc$'' + ''^src/libcmd/repl\.hh$'' + ''^src/libexpr-c/nix_api_expr\.cc$'' + ''^src/libexpr-c/nix_api_external\.cc$'' + ''^src/libexpr/attr-path\.cc$'' + ''^src/libexpr/attr-path\.hh$'' + ''^src/libexpr/attr-set\.cc$'' + ''^src/libexpr/attr-set\.hh$'' + ''^src/libexpr/eval-cache\.cc$'' + ''^src/libexpr/eval-cache\.hh$'' + ''^src/libexpr/eval-error\.cc$'' + ''^src/libexpr/eval-inline\.hh$'' + ''^src/libexpr/eval-settings\.cc$'' + ''^src/libexpr/eval-settings\.hh$'' + ''^src/libexpr/eval\.cc$'' + ''^src/libexpr/eval\.hh$'' + ''^src/libexpr/function-trace\.cc$'' + ''^src/libexpr/gc-small-vector\.hh$'' + ''^src/libexpr/get-drvs\.cc$'' + ''^src/libexpr/get-drvs\.hh$'' + ''^src/libexpr/json-to-value\.cc$'' + ''^src/libexpr/nixexpr\.cc$'' + ''^src/libexpr/nixexpr\.hh$'' + ''^src/libexpr/parser-state\.hh$'' + ''^src/libexpr/pos-table\.hh$'' + ''^src/libexpr/primops\.cc$'' + ''^src/libexpr/primops\.hh$'' + ''^src/libexpr/primops/context\.cc$'' + ''^src/libexpr/primops/fetchClosure\.cc$'' + ''^src/libexpr/primops/fetchMercurial\.cc$'' + ''^src/libexpr/primops/fetchTree\.cc$'' + ''^src/libexpr/primops/fromTOML\.cc$'' + ''^src/libexpr/print-ambiguous\.cc$'' + ''^src/libexpr/print-ambiguous\.hh$'' + ''^src/libexpr/print-options\.hh$'' + ''^src/libexpr/print\.cc$'' + ''^src/libexpr/print\.hh$'' + ''^src/libexpr/search-path\.cc$'' + ''^src/libexpr/symbol-table\.hh$'' + ''^src/libexpr/value-to-json\.cc$'' + ''^src/libexpr/value-to-json\.hh$'' + ''^src/libexpr/value-to-xml\.cc$'' + ''^src/libexpr/value-to-xml\.hh$'' + ''^src/libexpr/value\.hh$'' + ''^src/libexpr/value/context\.cc$'' + ''^src/libexpr/value/context\.hh$'' + ''^src/libfetchers/attrs\.cc$'' + ''^src/libfetchers/cache\.cc$'' + ''^src/libfetchers/cache\.hh$'' + ''^src/libfetchers/fetch-settings\.cc$'' + ''^src/libfetchers/fetch-settings\.hh$'' + ''^src/libfetchers/fetch-to-store\.cc$'' + ''^src/libfetchers/fetchers\.cc$'' + ''^src/libfetchers/fetchers\.hh$'' + ''^src/libfetchers/filtering-source-accessor\.cc$'' + ''^src/libfetchers/filtering-source-accessor\.hh$'' + ''^src/libfetchers/fs-source-accessor\.cc$'' + ''^src/libfetchers/fs-source-accessor\.hh$'' + ''^src/libfetchers/git-utils\.cc$'' + ''^src/libfetchers/git-utils\.hh$'' + ''^src/libfetchers/github\.cc$'' + ''^src/libfetchers/indirect\.cc$'' + ''^src/libfetchers/memory-source-accessor\.cc$'' + ''^src/libfetchers/path\.cc$'' + ''^src/libfetchers/registry\.cc$'' + ''^src/libfetchers/registry\.hh$'' + ''^src/libfetchers/tarball\.cc$'' + ''^src/libfetchers/tarball\.hh$'' + ''^src/libfetchers/git\.cc$'' + ''^src/libfetchers/mercurial\.cc$'' + ''^src/libflake/flake/config\.cc$'' + ''^src/libflake/flake/flake\.cc$'' + ''^src/libflake/flake/flake\.hh$'' + ''^src/libflake/flake/flakeref\.cc$'' + ''^src/libflake/flake/flakeref\.hh$'' + ''^src/libflake/flake/lockfile\.cc$'' + ''^src/libflake/flake/lockfile\.hh$'' + ''^src/libflake/flake/url-name\.cc$'' + ''^src/libmain/common-args\.cc$'' + ''^src/libmain/common-args\.hh$'' + ''^src/libmain/loggers\.cc$'' + ''^src/libmain/loggers\.hh$'' + ''^src/libmain/progress-bar\.cc$'' + ''^src/libmain/shared\.cc$'' + ''^src/libmain/shared\.hh$'' + ''^src/libmain/unix/stack\.cc$'' + ''^src/libstore/binary-cache-store\.cc$'' + ''^src/libstore/binary-cache-store\.hh$'' + ''^src/libstore/build-result\.hh$'' + ''^src/libstore/builtins\.hh$'' + ''^src/libstore/builtins/buildenv\.cc$'' + ''^src/libstore/builtins/buildenv\.hh$'' + ''^src/libstore/common-protocol-impl\.hh$'' + ''^src/libstore/common-protocol\.cc$'' + ''^src/libstore/common-protocol\.hh$'' + ''^src/libstore/common-ssh-store-config\.hh$'' + ''^src/libstore/content-address\.cc$'' + ''^src/libstore/content-address\.hh$'' + ''^src/libstore/daemon\.cc$'' + ''^src/libstore/daemon\.hh$'' + ''^src/libstore/derivations\.cc$'' + ''^src/libstore/derivations\.hh$'' + ''^src/libstore/derived-path-map\.cc$'' + ''^src/libstore/derived-path-map\.hh$'' + ''^src/libstore/derived-path\.cc$'' + ''^src/libstore/derived-path\.hh$'' + ''^src/libstore/downstream-placeholder\.cc$'' + ''^src/libstore/downstream-placeholder\.hh$'' + ''^src/libstore/dummy-store\.cc$'' + ''^src/libstore/export-import\.cc$'' + ''^src/libstore/filetransfer\.cc$'' + ''^src/libstore/filetransfer\.hh$'' + ''^src/libstore/gc-store\.hh$'' + ''^src/libstore/globals\.cc$'' + ''^src/libstore/globals\.hh$'' + ''^src/libstore/http-binary-cache-store\.cc$'' + ''^src/libstore/legacy-ssh-store\.cc$'' + ''^src/libstore/legacy-ssh-store\.hh$'' + ''^src/libstore/length-prefixed-protocol-helper\.hh$'' + ''^src/libstore/linux/personality\.cc$'' + ''^src/libstore/linux/personality\.hh$'' + ''^src/libstore/local-binary-cache-store\.cc$'' + ''^src/libstore/local-fs-store\.cc$'' + ''^src/libstore/local-fs-store\.hh$'' + ''^src/libstore/log-store\.cc$'' + ''^src/libstore/log-store\.hh$'' + ''^src/libstore/machines\.cc$'' + ''^src/libstore/machines\.hh$'' + ''^src/libstore/make-content-addressed\.cc$'' + ''^src/libstore/make-content-addressed\.hh$'' + ''^src/libstore/misc\.cc$'' + ''^src/libstore/names\.cc$'' + ''^src/libstore/names\.hh$'' + ''^src/libstore/nar-accessor\.cc$'' + ''^src/libstore/nar-accessor\.hh$'' + ''^src/libstore/nar-info-disk-cache\.cc$'' + ''^src/libstore/nar-info-disk-cache\.hh$'' + ''^src/libstore/nar-info\.cc$'' + ''^src/libstore/nar-info\.hh$'' + ''^src/libstore/outputs-spec\.cc$'' + ''^src/libstore/outputs-spec\.hh$'' + ''^src/libstore/parsed-derivations\.cc$'' + ''^src/libstore/path-info\.cc$'' + ''^src/libstore/path-info\.hh$'' + ''^src/libstore/path-references\.cc$'' + ''^src/libstore/path-regex\.hh$'' + ''^src/libstore/path-with-outputs\.cc$'' + ''^src/libstore/path\.cc$'' + ''^src/libstore/path\.hh$'' + ''^src/libstore/pathlocks\.cc$'' + ''^src/libstore/pathlocks\.hh$'' + ''^src/libstore/profiles\.cc$'' + ''^src/libstore/profiles\.hh$'' + ''^src/libstore/realisation\.cc$'' + ''^src/libstore/realisation\.hh$'' + ''^src/libstore/remote-fs-accessor\.cc$'' + ''^src/libstore/remote-fs-accessor\.hh$'' + ''^src/libstore/remote-store-connection\.hh$'' + ''^src/libstore/remote-store\.cc$'' + ''^src/libstore/remote-store\.hh$'' + ''^src/libstore/s3-binary-cache-store\.cc$'' + ''^src/libstore/s3\.hh$'' + ''^src/libstore/serve-protocol-impl\.cc$'' + ''^src/libstore/serve-protocol-impl\.hh$'' + ''^src/libstore/serve-protocol\.cc$'' + ''^src/libstore/serve-protocol\.hh$'' + ''^src/libstore/sqlite\.cc$'' + ''^src/libstore/sqlite\.hh$'' + ''^src/libstore/ssh-store\.cc$'' + ''^src/libstore/ssh\.cc$'' + ''^src/libstore/ssh\.hh$'' + ''^src/libstore/store-api\.cc$'' + ''^src/libstore/store-api\.hh$'' + ''^src/libstore/store-dir-config\.hh$'' + ''^src/libstore/build/derivation-goal\.cc$'' + ''^src/libstore/build/derivation-goal\.hh$'' + ''^src/libstore/build/drv-output-substitution-goal\.cc$'' + ''^src/libstore/build/drv-output-substitution-goal\.hh$'' + ''^src/libstore/build/entry-points\.cc$'' + ''^src/libstore/build/goal\.cc$'' + ''^src/libstore/build/goal\.hh$'' + ''^src/libstore/unix/build/hook-instance\.cc$'' + ''^src/libstore/unix/build/local-derivation-goal\.cc$'' + ''^src/libstore/unix/build/local-derivation-goal\.hh$'' + ''^src/libstore/build/substitution-goal\.cc$'' + ''^src/libstore/build/substitution-goal\.hh$'' + ''^src/libstore/build/worker\.cc$'' + ''^src/libstore/build/worker\.hh$'' + ''^src/libstore/builtins/fetchurl\.cc$'' + ''^src/libstore/builtins/unpack-channel\.cc$'' + ''^src/libstore/gc\.cc$'' + ''^src/libstore/local-overlay-store\.cc$'' + ''^src/libstore/local-overlay-store\.hh$'' + ''^src/libstore/local-store\.cc$'' + ''^src/libstore/local-store\.hh$'' + ''^src/libstore/unix/user-lock\.cc$'' + ''^src/libstore/unix/user-lock\.hh$'' + ''^src/libstore/optimise-store\.cc$'' + ''^src/libstore/unix/pathlocks\.cc$'' + ''^src/libstore/posix-fs-canonicalise\.cc$'' + ''^src/libstore/posix-fs-canonicalise\.hh$'' + ''^src/libstore/uds-remote-store\.cc$'' + ''^src/libstore/uds-remote-store\.hh$'' + ''^src/libstore/windows/build\.cc$'' + ''^src/libstore/worker-protocol-impl\.hh$'' + ''^src/libstore/worker-protocol\.cc$'' + ''^src/libstore/worker-protocol\.hh$'' + ''^src/libutil-c/nix_api_util_internal\.h$'' + ''^src/libutil/archive\.cc$'' + ''^src/libutil/archive\.hh$'' + ''^src/libutil/args\.cc$'' + ''^src/libutil/args\.hh$'' + ''^src/libutil/args/root\.hh$'' + ''^src/libutil/callback\.hh$'' + ''^src/libutil/canon-path\.cc$'' + ''^src/libutil/canon-path\.hh$'' + ''^src/libutil/chunked-vector\.hh$'' + ''^src/libutil/closure\.hh$'' + ''^src/libutil/comparator\.hh$'' + ''^src/libutil/compute-levels\.cc$'' + ''^src/libutil/config-impl\.hh$'' + ''^src/libutil/config\.cc$'' + ''^src/libutil/config\.hh$'' + ''^src/libutil/current-process\.cc$'' + ''^src/libutil/current-process\.hh$'' + ''^src/libutil/english\.cc$'' + ''^src/libutil/english\.hh$'' + ''^src/libutil/error\.cc$'' + ''^src/libutil/error\.hh$'' + ''^src/libutil/exit\.hh$'' + ''^src/libutil/experimental-features\.cc$'' + ''^src/libutil/experimental-features\.hh$'' + ''^src/libutil/file-content-address\.cc$'' + ''^src/libutil/file-content-address\.hh$'' + ''^src/libutil/file-descriptor\.cc$'' + ''^src/libutil/file-descriptor\.hh$'' + ''^src/libutil/file-path-impl\.hh$'' + ''^src/libutil/file-path\.hh$'' + ''^src/libutil/file-system\.cc$'' + ''^src/libutil/file-system\.hh$'' + ''^src/libutil/finally\.hh$'' + ''^src/libutil/fmt\.hh$'' + ''^src/libutil/fs-sink\.cc$'' + ''^src/libutil/fs-sink\.hh$'' + ''^src/libutil/git\.cc$'' + ''^src/libutil/git\.hh$'' + ''^src/libutil/hash\.cc$'' + ''^src/libutil/hash\.hh$'' + ''^src/libutil/hilite\.cc$'' + ''^src/libutil/hilite\.hh$'' + ''^src/libutil/source-accessor\.hh$'' + ''^src/libutil/json-impls\.hh$'' + ''^src/libutil/json-utils\.cc$'' + ''^src/libutil/json-utils\.hh$'' + ''^src/libutil/linux/cgroup\.cc$'' + ''^src/libutil/linux/namespaces\.cc$'' + ''^src/libutil/logging\.cc$'' + ''^src/libutil/logging\.hh$'' + ''^src/libutil/lru-cache\.hh$'' + ''^src/libutil/memory-source-accessor\.cc$'' + ''^src/libutil/memory-source-accessor\.hh$'' + ''^src/libutil/pool\.hh$'' + ''^src/libutil/position\.cc$'' + ''^src/libutil/position\.hh$'' + ''^src/libutil/posix-source-accessor\.cc$'' + ''^src/libutil/posix-source-accessor\.hh$'' + ''^src/libutil/processes\.hh$'' + ''^src/libutil/ref\.hh$'' + ''^src/libutil/references\.cc$'' + ''^src/libutil/references\.hh$'' + ''^src/libutil/regex-combinators\.hh$'' + ''^src/libutil/serialise\.cc$'' + ''^src/libutil/serialise\.hh$'' + ''^src/libutil/signals\.hh$'' + ''^src/libutil/signature/local-keys\.cc$'' + ''^src/libutil/signature/local-keys\.hh$'' + ''^src/libutil/signature/signer\.cc$'' + ''^src/libutil/signature/signer\.hh$'' + ''^src/libutil/source-accessor\.cc$'' + ''^src/libutil/source-accessor\.hh$'' + ''^src/libutil/source-path\.cc$'' + ''^src/libutil/source-path\.hh$'' + ''^src/libutil/split\.hh$'' + ''^src/libutil/suggestions\.cc$'' + ''^src/libutil/suggestions\.hh$'' + ''^src/libutil/sync\.hh$'' + ''^src/libutil/terminal\.cc$'' + ''^src/libutil/terminal\.hh$'' + ''^src/libutil/thread-pool\.cc$'' + ''^src/libutil/thread-pool\.hh$'' + ''^src/libutil/topo-sort\.hh$'' + ''^src/libutil/types\.hh$'' + ''^src/libutil/unix/file-descriptor\.cc$'' + ''^src/libutil/unix/file-path\.cc$'' + ''^src/libutil/unix/monitor-fd\.hh$'' + ''^src/libutil/unix/processes\.cc$'' + ''^src/libutil/unix/signals-impl\.hh$'' + ''^src/libutil/unix/signals\.cc$'' + ''^src/libutil/unix-domain-socket\.cc$'' + ''^src/libutil/unix/users\.cc$'' + ''^src/libutil/url-parts\.hh$'' + ''^src/libutil/url\.cc$'' + ''^src/libutil/url\.hh$'' + ''^src/libutil/users\.cc$'' + ''^src/libutil/users\.hh$'' + ''^src/libutil/util\.cc$'' + ''^src/libutil/util\.hh$'' + ''^src/libutil/variant-wrapper\.hh$'' + ''^src/libutil/widecharwidth/widechar_width\.h$'' # vendored source + ''^src/libutil/windows/file-descriptor\.cc$'' + ''^src/libutil/windows/file-path\.cc$'' + ''^src/libutil/windows/processes\.cc$'' + ''^src/libutil/windows/users\.cc$'' + ''^src/libutil/windows/windows-error\.cc$'' + ''^src/libutil/windows/windows-error\.hh$'' + ''^src/libutil/xml-writer\.cc$'' + ''^src/libutil/xml-writer\.hh$'' + ''^src/nix-build/nix-build\.cc$'' + ''^src/nix-channel/nix-channel\.cc$'' + ''^src/nix-collect-garbage/nix-collect-garbage\.cc$'' + ''^src/nix-env/buildenv.nix$'' + ''^src/nix-env/nix-env\.cc$'' + ''^src/nix-env/user-env\.cc$'' + ''^src/nix-env/user-env\.hh$'' + ''^src/nix-instantiate/nix-instantiate\.cc$'' + ''^src/nix-store/dotgraph\.cc$'' + ''^src/nix-store/graphml\.cc$'' + ''^src/nix-store/nix-store\.cc$'' + ''^src/nix/add-to-store\.cc$'' + ''^src/nix/app\.cc$'' + ''^src/nix/build\.cc$'' + ''^src/nix/bundle\.cc$'' + ''^src/nix/cat\.cc$'' + ''^src/nix/config-check\.cc$'' + ''^src/nix/config\.cc$'' + ''^src/nix/copy\.cc$'' + ''^src/nix/derivation-add\.cc$'' + ''^src/nix/derivation-show\.cc$'' + ''^src/nix/derivation\.cc$'' + ''^src/nix/develop\.cc$'' + ''^src/nix/diff-closures\.cc$'' + ''^src/nix/dump-path\.cc$'' + ''^src/nix/edit\.cc$'' + ''^src/nix/eval\.cc$'' + ''^src/nix/flake\.cc$'' + ''^src/nix/fmt\.cc$'' + ''^src/nix/hash\.cc$'' + ''^src/nix/log\.cc$'' + ''^src/nix/ls\.cc$'' + ''^src/nix/main\.cc$'' + ''^src/nix/make-content-addressed\.cc$'' + ''^src/nix/nar\.cc$'' + ''^src/nix/optimise-store\.cc$'' + ''^src/nix/path-from-hash-part\.cc$'' + ''^src/nix/path-info\.cc$'' + ''^src/nix/prefetch\.cc$'' + ''^src/nix/profile\.cc$'' + ''^src/nix/realisation\.cc$'' + ''^src/nix/registry\.cc$'' + ''^src/nix/repl\.cc$'' + ''^src/nix/run\.cc$'' + ''^src/nix/run\.hh$'' + ''^src/nix/search\.cc$'' + ''^src/nix/sigs\.cc$'' + ''^src/nix/store-copy-log\.cc$'' + ''^src/nix/store-delete\.cc$'' + ''^src/nix/store-gc\.cc$'' + ''^src/nix/store-info\.cc$'' + ''^src/nix/store-repair\.cc$'' + ''^src/nix/store\.cc$'' + ''^src/nix/unix/daemon\.cc$'' + ''^src/nix/upgrade-nix\.cc$'' + ''^src/nix/verify\.cc$'' + ''^src/nix/why-depends\.cc$'' - ''^tests/functional/plugins/plugintest\.cc'' - ''^tests/functional/test-libstoreconsumer/main\.cc'' - ''^tests/nixos/ca-fd-leak/sender\.c'' - ''^tests/nixos/ca-fd-leak/smuggler\.c'' - ''^tests/nixos/user-sandboxing/attacker\.c'' - ''^src/libexpr-test-support/tests/libexpr\.hh'' - ''^src/libexpr-test-support/tests/value/context\.cc'' - ''^src/libexpr-test-support/tests/value/context\.hh'' - ''^src/libexpr-tests/derived-path\.cc'' - ''^src/libexpr-tests/error_traces\.cc'' - ''^src/libexpr-tests/eval\.cc'' - ''^src/libexpr-tests/json\.cc'' - ''^src/libexpr-tests/main\.cc'' - ''^src/libexpr-tests/primops\.cc'' - ''^src/libexpr-tests/search-path\.cc'' - ''^src/libexpr-tests/trivial\.cc'' - ''^src/libexpr-tests/value/context\.cc'' - ''^src/libexpr-tests/value/print\.cc'' - ''^src/libfetchers-tests/public-key\.cc'' - ''^src/libflake-tests/flakeref\.cc'' - ''^src/libflake-tests/url-name\.cc'' - ''^src/libstore-test-support/tests/derived-path\.cc'' - ''^src/libstore-test-support/tests/derived-path\.hh'' - ''^src/libstore-test-support/tests/nix_api_store\.hh'' - ''^src/libstore-test-support/tests/outputs-spec\.cc'' - ''^src/libstore-test-support/tests/outputs-spec\.hh'' - ''^src/libstore-test-support/tests/path\.cc'' - ''^src/libstore-test-support/tests/path\.hh'' - ''^src/libstore-test-support/tests/protocol\.hh'' - ''^src/libstore-tests/common-protocol\.cc'' - ''^src/libstore-tests/content-address\.cc'' - ''^src/libstore-tests/derivation\.cc'' - ''^src/libstore-tests/derived-path\.cc'' - ''^src/libstore-tests/downstream-placeholder\.cc'' - ''^src/libstore-tests/machines\.cc'' - ''^src/libstore-tests/nar-info-disk-cache\.cc'' - ''^src/libstore-tests/nar-info\.cc'' - ''^src/libstore-tests/outputs-spec\.cc'' - ''^src/libstore-tests/path-info\.cc'' - ''^src/libstore-tests/path\.cc'' - ''^src/libstore-tests/serve-protocol\.cc'' - ''^src/libstore-tests/worker-protocol\.cc'' - ''^src/libutil-test-support/tests/characterization\.hh'' - ''^src/libutil-test-support/tests/hash\.cc'' - ''^src/libutil-test-support/tests/hash\.hh'' - ''^src/libutil-tests/args\.cc'' - ''^src/libutil-tests/canon-path\.cc'' - ''^src/libutil-tests/chunked-vector\.cc'' - ''^src/libutil-tests/closure\.cc'' - ''^src/libutil-tests/compression\.cc'' - ''^src/libutil-tests/config\.cc'' - ''^src/libutil-tests/file-content-address\.cc'' - ''^src/libutil-tests/git\.cc'' - ''^src/libutil-tests/hash\.cc'' - ''^src/libutil-tests/hilite\.cc'' - ''^src/libutil-tests/json-utils\.cc'' - ''^src/libutil-tests/logging\.cc'' - ''^src/libutil-tests/lru-cache\.cc'' - ''^src/libutil-tests/pool\.cc'' - ''^src/libutil-tests/references\.cc'' - ''^src/libutil-tests/suggestions\.cc'' - ''^src/libutil-tests/url\.cc'' - ''^src/libutil-tests/xml-writer\.cc'' - ]; - }; - shellcheck = { - enable = true; - excludes = [ - # We haven't linted these files yet - ''^config/install-sh$'' - ''^misc/bash/completion\.sh$'' - ''^misc/fish/completion\.fish$'' - ''^misc/zsh/completion\.zsh$'' - ''^scripts/create-darwin-volume\.sh$'' - ''^scripts/install-darwin-multi-user\.sh$'' - ''^scripts/install-multi-user\.sh$'' - ''^scripts/install-systemd-multi-user\.sh$'' - ''^src/nix/get-env\.sh$'' - ''^tests/functional/ca/build-dry\.sh$'' - ''^tests/functional/ca/build-with-garbage-path\.sh$'' - ''^tests/functional/ca/common\.sh$'' - ''^tests/functional/ca/concurrent-builds\.sh$'' - ''^tests/functional/ca/eval-store\.sh$'' - ''^tests/functional/ca/gc\.sh$'' - ''^tests/functional/ca/import-from-derivation\.sh$'' - ''^tests/functional/ca/new-build-cmd\.sh$'' - ''^tests/functional/ca/nix-shell\.sh$'' - ''^tests/functional/ca/post-hook\.sh$'' - ''^tests/functional/ca/recursive\.sh$'' - ''^tests/functional/ca/repl\.sh$'' - ''^tests/functional/ca/selfref-gc\.sh$'' - ''^tests/functional/ca/why-depends\.sh$'' - ''^tests/functional/characterisation-test-infra\.sh$'' - ''^tests/functional/common/vars-and-functions\.sh$'' - ''^tests/functional/completions\.sh$'' - ''^tests/functional/compute-levels\.sh$'' - ''^tests/functional/config\.sh$'' - ''^tests/functional/db-migration\.sh$'' - ''^tests/functional/debugger\.sh$'' - ''^tests/functional/dependencies\.builder0\.sh$'' - ''^tests/functional/dependencies\.sh$'' - ''^tests/functional/dump-db\.sh$'' - ''^tests/functional/dyn-drv/build-built-drv\.sh$'' - ''^tests/functional/dyn-drv/common\.sh$'' - ''^tests/functional/dyn-drv/dep-built-drv\.sh$'' - ''^tests/functional/dyn-drv/eval-outputOf\.sh$'' - ''^tests/functional/dyn-drv/old-daemon-error-hack\.sh$'' - ''^tests/functional/dyn-drv/recursive-mod-json\.sh$'' - ''^tests/functional/eval-store\.sh$'' - ''^tests/functional/export-graph\.sh$'' - ''^tests/functional/export\.sh$'' - ''^tests/functional/extra-sandbox-profile\.sh$'' - ''^tests/functional/fetchClosure\.sh$'' - ''^tests/functional/fetchGit\.sh$'' - ''^tests/functional/fetchGitRefs\.sh$'' - ''^tests/functional/fetchGitSubmodules\.sh$'' - ''^tests/functional/fetchGitVerification\.sh$'' - ''^tests/functional/fetchMercurial\.sh$'' - ''^tests/functional/fixed\.builder1\.sh$'' - ''^tests/functional/fixed\.builder2\.sh$'' - ''^tests/functional/fixed\.sh$'' - ''^tests/functional/flakes/absolute-paths\.sh$'' - ''^tests/functional/flakes/check\.sh$'' - ''^tests/functional/flakes/config\.sh$'' - ''^tests/functional/flakes/flakes\.sh$'' - ''^tests/functional/flakes/follow-paths\.sh$'' - ''^tests/functional/flakes/prefetch\.sh$'' - ''^tests/functional/flakes/run\.sh$'' - ''^tests/functional/flakes/show\.sh$'' - ''^tests/functional/fmt\.sh$'' - ''^tests/functional/fmt\.simple\.sh$'' - ''^tests/functional/gc-auto\.sh$'' - ''^tests/functional/gc-concurrent\.builder\.sh$'' - ''^tests/functional/gc-concurrent\.sh$'' - ''^tests/functional/gc-concurrent2\.builder\.sh$'' - ''^tests/functional/gc-non-blocking\.sh$'' - ''^tests/functional/git-hashing/common\.sh$'' - ''^tests/functional/git-hashing/simple\.sh$'' - ''^tests/functional/hash-convert\.sh$'' - ''^tests/functional/impure-derivations\.sh$'' - ''^tests/functional/impure-eval\.sh$'' - ''^tests/functional/install-darwin\.sh$'' - ''^tests/functional/legacy-ssh-store\.sh$'' - ''^tests/functional/linux-sandbox\.sh$'' - ''^tests/functional/local-overlay-store/add-lower-inner\.sh$'' - ''^tests/functional/local-overlay-store/add-lower\.sh$'' - ''^tests/functional/local-overlay-store/bad-uris\.sh$'' - ''^tests/functional/local-overlay-store/build-inner\.sh$'' - ''^tests/functional/local-overlay-store/build\.sh$'' - ''^tests/functional/local-overlay-store/check-post-init-inner\.sh$'' - ''^tests/functional/local-overlay-store/check-post-init\.sh$'' - ''^tests/functional/local-overlay-store/common\.sh$'' - ''^tests/functional/local-overlay-store/delete-duplicate-inner\.sh$'' - ''^tests/functional/local-overlay-store/delete-duplicate\.sh$'' - ''^tests/functional/local-overlay-store/delete-refs-inner\.sh$'' - ''^tests/functional/local-overlay-store/delete-refs\.sh$'' - ''^tests/functional/local-overlay-store/gc-inner\.sh$'' - ''^tests/functional/local-overlay-store/gc\.sh$'' - ''^tests/functional/local-overlay-store/optimise-inner\.sh$'' - ''^tests/functional/local-overlay-store/optimise\.sh$'' - ''^tests/functional/local-overlay-store/redundant-add-inner\.sh$'' - ''^tests/functional/local-overlay-store/redundant-add\.sh$'' - ''^tests/functional/local-overlay-store/remount\.sh$'' - ''^tests/functional/local-overlay-store/stale-file-handle-inner\.sh$'' - ''^tests/functional/local-overlay-store/stale-file-handle\.sh$'' - ''^tests/functional/local-overlay-store/verify-inner\.sh$'' - ''^tests/functional/local-overlay-store/verify\.sh$'' - ''^tests/functional/logging\.sh$'' - ''^tests/functional/misc\.sh$'' - ''^tests/functional/multiple-outputs\.sh$'' - ''^tests/functional/nested-sandboxing\.sh$'' - ''^tests/functional/nested-sandboxing/command\.sh$'' - ''^tests/functional/nix-build\.sh$'' - ''^tests/functional/nix-channel\.sh$'' - ''^tests/functional/nix-collect-garbage-d\.sh$'' - ''^tests/functional/nix-copy-ssh-common\.sh$'' - ''^tests/functional/nix-copy-ssh-ng\.sh$'' - ''^tests/functional/nix-copy-ssh\.sh$'' - ''^tests/functional/nix-daemon-untrusting\.sh$'' - ''^tests/functional/nix-profile\.sh$'' - ''^tests/functional/nix-shell\.sh$'' - ''^tests/functional/nix_path\.sh$'' - ''^tests/functional/optimise-store\.sh$'' - ''^tests/functional/output-normalization\.sh$'' - ''^tests/functional/parallel\.builder\.sh$'' - ''^tests/functional/parallel\.sh$'' - ''^tests/functional/pass-as-file\.sh$'' - ''^tests/functional/path-from-hash-part\.sh$'' - ''^tests/functional/path-info\.sh$'' - ''^tests/functional/placeholders\.sh$'' - ''^tests/functional/post-hook\.sh$'' - ''^tests/functional/pure-eval\.sh$'' - ''^tests/functional/push-to-store-old\.sh$'' - ''^tests/functional/push-to-store\.sh$'' - ''^tests/functional/read-only-store\.sh$'' - ''^tests/functional/readfile-context\.sh$'' - ''^tests/functional/recursive\.sh$'' - ''^tests/functional/referrers\.sh$'' - ''^tests/functional/remote-store\.sh$'' - ''^tests/functional/repair\.sh$'' - ''^tests/functional/restricted\.sh$'' - ''^tests/functional/search\.sh$'' - ''^tests/functional/secure-drv-outputs\.sh$'' - ''^tests/functional/selfref-gc\.sh$'' - ''^tests/functional/shell\.shebang\.sh$'' - ''^tests/functional/simple\.builder\.sh$'' - ''^tests/functional/supplementary-groups\.sh$'' - ''^tests/functional/toString-path\.sh$'' - ''^tests/functional/user-envs-migration\.sh$'' - ''^tests/functional/user-envs-test-case\.sh$'' - ''^tests/functional/user-envs\.builder\.sh$'' - ''^tests/functional/user-envs\.sh$'' - ''^tests/functional/why-depends\.sh$'' - ''^src/libutil-tests/data/git/check-data\.sh$'' - ]; + ''^tests/functional/plugins/plugintest\.cc'' + ''^tests/functional/test-libstoreconsumer/main\.cc'' + ''^tests/nixos/ca-fd-leak/sender\.c'' + ''^tests/nixos/ca-fd-leak/smuggler\.c'' + ''^tests/nixos/user-sandboxing/attacker\.c'' + ''^src/libexpr-test-support/tests/libexpr\.hh'' + ''^src/libexpr-test-support/tests/value/context\.cc'' + ''^src/libexpr-test-support/tests/value/context\.hh'' + ''^src/libexpr-tests/derived-path\.cc'' + ''^src/libexpr-tests/error_traces\.cc'' + ''^src/libexpr-tests/eval\.cc'' + ''^src/libexpr-tests/json\.cc'' + ''^src/libexpr-tests/main\.cc'' + ''^src/libexpr-tests/primops\.cc'' + ''^src/libexpr-tests/search-path\.cc'' + ''^src/libexpr-tests/trivial\.cc'' + ''^src/libexpr-tests/value/context\.cc'' + ''^src/libexpr-tests/value/print\.cc'' + ''^src/libfetchers-tests/public-key\.cc'' + ''^src/libflake-tests/flakeref\.cc'' + ''^src/libflake-tests/url-name\.cc'' + ''^src/libstore-test-support/tests/derived-path\.cc'' + ''^src/libstore-test-support/tests/derived-path\.hh'' + ''^src/libstore-test-support/tests/nix_api_store\.hh'' + ''^src/libstore-test-support/tests/outputs-spec\.cc'' + ''^src/libstore-test-support/tests/outputs-spec\.hh'' + ''^src/libstore-test-support/tests/path\.cc'' + ''^src/libstore-test-support/tests/path\.hh'' + ''^src/libstore-test-support/tests/protocol\.hh'' + ''^src/libstore-tests/common-protocol\.cc'' + ''^src/libstore-tests/content-address\.cc'' + ''^src/libstore-tests/derivation\.cc'' + ''^src/libstore-tests/derived-path\.cc'' + ''^src/libstore-tests/downstream-placeholder\.cc'' + ''^src/libstore-tests/machines\.cc'' + ''^src/libstore-tests/nar-info-disk-cache\.cc'' + ''^src/libstore-tests/nar-info\.cc'' + ''^src/libstore-tests/outputs-spec\.cc'' + ''^src/libstore-tests/path-info\.cc'' + ''^src/libstore-tests/path\.cc'' + ''^src/libstore-tests/serve-protocol\.cc'' + ''^src/libstore-tests/worker-protocol\.cc'' + ''^src/libutil-test-support/tests/characterization\.hh'' + ''^src/libutil-test-support/tests/hash\.cc'' + ''^src/libutil-test-support/tests/hash\.hh'' + ''^src/libutil-tests/args\.cc'' + ''^src/libutil-tests/canon-path\.cc'' + ''^src/libutil-tests/chunked-vector\.cc'' + ''^src/libutil-tests/closure\.cc'' + ''^src/libutil-tests/compression\.cc'' + ''^src/libutil-tests/config\.cc'' + ''^src/libutil-tests/file-content-address\.cc'' + ''^src/libutil-tests/git\.cc'' + ''^src/libutil-tests/hash\.cc'' + ''^src/libutil-tests/hilite\.cc'' + ''^src/libutil-tests/json-utils\.cc'' + ''^src/libutil-tests/logging\.cc'' + ''^src/libutil-tests/lru-cache\.cc'' + ''^src/libutil-tests/pool\.cc'' + ''^src/libutil-tests/references\.cc'' + ''^src/libutil-tests/suggestions\.cc'' + ''^src/libutil-tests/url\.cc'' + ''^src/libutil-tests/xml-writer\.cc'' + ]; + }; + shellcheck = { + enable = true; + excludes = [ + # We haven't linted these files yet + ''^config/install-sh$'' + ''^misc/bash/completion\.sh$'' + ''^misc/fish/completion\.fish$'' + ''^misc/zsh/completion\.zsh$'' + ''^scripts/create-darwin-volume\.sh$'' + ''^scripts/install-darwin-multi-user\.sh$'' + ''^scripts/install-multi-user\.sh$'' + ''^scripts/install-systemd-multi-user\.sh$'' + ''^src/nix/get-env\.sh$'' + ''^tests/functional/ca/build-dry\.sh$'' + ''^tests/functional/ca/build-with-garbage-path\.sh$'' + ''^tests/functional/ca/common\.sh$'' + ''^tests/functional/ca/concurrent-builds\.sh$'' + ''^tests/functional/ca/eval-store\.sh$'' + ''^tests/functional/ca/gc\.sh$'' + ''^tests/functional/ca/import-from-derivation\.sh$'' + ''^tests/functional/ca/new-build-cmd\.sh$'' + ''^tests/functional/ca/nix-shell\.sh$'' + ''^tests/functional/ca/post-hook\.sh$'' + ''^tests/functional/ca/recursive\.sh$'' + ''^tests/functional/ca/repl\.sh$'' + ''^tests/functional/ca/selfref-gc\.sh$'' + ''^tests/functional/ca/why-depends\.sh$'' + ''^tests/functional/characterisation-test-infra\.sh$'' + ''^tests/functional/common/vars-and-functions\.sh$'' + ''^tests/functional/completions\.sh$'' + ''^tests/functional/compute-levels\.sh$'' + ''^tests/functional/config\.sh$'' + ''^tests/functional/db-migration\.sh$'' + ''^tests/functional/debugger\.sh$'' + ''^tests/functional/dependencies\.builder0\.sh$'' + ''^tests/functional/dependencies\.sh$'' + ''^tests/functional/dump-db\.sh$'' + ''^tests/functional/dyn-drv/build-built-drv\.sh$'' + ''^tests/functional/dyn-drv/common\.sh$'' + ''^tests/functional/dyn-drv/dep-built-drv\.sh$'' + ''^tests/functional/dyn-drv/eval-outputOf\.sh$'' + ''^tests/functional/dyn-drv/old-daemon-error-hack\.sh$'' + ''^tests/functional/dyn-drv/recursive-mod-json\.sh$'' + ''^tests/functional/eval-store\.sh$'' + ''^tests/functional/export-graph\.sh$'' + ''^tests/functional/export\.sh$'' + ''^tests/functional/extra-sandbox-profile\.sh$'' + ''^tests/functional/fetchClosure\.sh$'' + ''^tests/functional/fetchGit\.sh$'' + ''^tests/functional/fetchGitRefs\.sh$'' + ''^tests/functional/fetchGitSubmodules\.sh$'' + ''^tests/functional/fetchGitVerification\.sh$'' + ''^tests/functional/fetchMercurial\.sh$'' + ''^tests/functional/fixed\.builder1\.sh$'' + ''^tests/functional/fixed\.builder2\.sh$'' + ''^tests/functional/fixed\.sh$'' + ''^tests/functional/flakes/absolute-paths\.sh$'' + ''^tests/functional/flakes/check\.sh$'' + ''^tests/functional/flakes/config\.sh$'' + ''^tests/functional/flakes/flakes\.sh$'' + ''^tests/functional/flakes/follow-paths\.sh$'' + ''^tests/functional/flakes/prefetch\.sh$'' + ''^tests/functional/flakes/run\.sh$'' + ''^tests/functional/flakes/show\.sh$'' + ''^tests/functional/fmt\.sh$'' + ''^tests/functional/fmt\.simple\.sh$'' + ''^tests/functional/gc-auto\.sh$'' + ''^tests/functional/gc-concurrent\.builder\.sh$'' + ''^tests/functional/gc-concurrent\.sh$'' + ''^tests/functional/gc-concurrent2\.builder\.sh$'' + ''^tests/functional/gc-non-blocking\.sh$'' + ''^tests/functional/git-hashing/common\.sh$'' + ''^tests/functional/git-hashing/simple\.sh$'' + ''^tests/functional/hash-convert\.sh$'' + ''^tests/functional/impure-derivations\.sh$'' + ''^tests/functional/impure-eval\.sh$'' + ''^tests/functional/install-darwin\.sh$'' + ''^tests/functional/legacy-ssh-store\.sh$'' + ''^tests/functional/linux-sandbox\.sh$'' + ''^tests/functional/local-overlay-store/add-lower-inner\.sh$'' + ''^tests/functional/local-overlay-store/add-lower\.sh$'' + ''^tests/functional/local-overlay-store/bad-uris\.sh$'' + ''^tests/functional/local-overlay-store/build-inner\.sh$'' + ''^tests/functional/local-overlay-store/build\.sh$'' + ''^tests/functional/local-overlay-store/check-post-init-inner\.sh$'' + ''^tests/functional/local-overlay-store/check-post-init\.sh$'' + ''^tests/functional/local-overlay-store/common\.sh$'' + ''^tests/functional/local-overlay-store/delete-duplicate-inner\.sh$'' + ''^tests/functional/local-overlay-store/delete-duplicate\.sh$'' + ''^tests/functional/local-overlay-store/delete-refs-inner\.sh$'' + ''^tests/functional/local-overlay-store/delete-refs\.sh$'' + ''^tests/functional/local-overlay-store/gc-inner\.sh$'' + ''^tests/functional/local-overlay-store/gc\.sh$'' + ''^tests/functional/local-overlay-store/optimise-inner\.sh$'' + ''^tests/functional/local-overlay-store/optimise\.sh$'' + ''^tests/functional/local-overlay-store/redundant-add-inner\.sh$'' + ''^tests/functional/local-overlay-store/redundant-add\.sh$'' + ''^tests/functional/local-overlay-store/remount\.sh$'' + ''^tests/functional/local-overlay-store/stale-file-handle-inner\.sh$'' + ''^tests/functional/local-overlay-store/stale-file-handle\.sh$'' + ''^tests/functional/local-overlay-store/verify-inner\.sh$'' + ''^tests/functional/local-overlay-store/verify\.sh$'' + ''^tests/functional/logging\.sh$'' + ''^tests/functional/misc\.sh$'' + ''^tests/functional/multiple-outputs\.sh$'' + ''^tests/functional/nested-sandboxing\.sh$'' + ''^tests/functional/nested-sandboxing/command\.sh$'' + ''^tests/functional/nix-build\.sh$'' + ''^tests/functional/nix-channel\.sh$'' + ''^tests/functional/nix-collect-garbage-d\.sh$'' + ''^tests/functional/nix-copy-ssh-common\.sh$'' + ''^tests/functional/nix-copy-ssh-ng\.sh$'' + ''^tests/functional/nix-copy-ssh\.sh$'' + ''^tests/functional/nix-daemon-untrusting\.sh$'' + ''^tests/functional/nix-profile\.sh$'' + ''^tests/functional/nix-shell\.sh$'' + ''^tests/functional/nix_path\.sh$'' + ''^tests/functional/optimise-store\.sh$'' + ''^tests/functional/output-normalization\.sh$'' + ''^tests/functional/parallel\.builder\.sh$'' + ''^tests/functional/parallel\.sh$'' + ''^tests/functional/pass-as-file\.sh$'' + ''^tests/functional/path-from-hash-part\.sh$'' + ''^tests/functional/path-info\.sh$'' + ''^tests/functional/placeholders\.sh$'' + ''^tests/functional/post-hook\.sh$'' + ''^tests/functional/pure-eval\.sh$'' + ''^tests/functional/push-to-store-old\.sh$'' + ''^tests/functional/push-to-store\.sh$'' + ''^tests/functional/read-only-store\.sh$'' + ''^tests/functional/readfile-context\.sh$'' + ''^tests/functional/recursive\.sh$'' + ''^tests/functional/referrers\.sh$'' + ''^tests/functional/remote-store\.sh$'' + ''^tests/functional/repair\.sh$'' + ''^tests/functional/restricted\.sh$'' + ''^tests/functional/search\.sh$'' + ''^tests/functional/secure-drv-outputs\.sh$'' + ''^tests/functional/selfref-gc\.sh$'' + ''^tests/functional/shell\.shebang\.sh$'' + ''^tests/functional/simple\.builder\.sh$'' + ''^tests/functional/supplementary-groups\.sh$'' + ''^tests/functional/toString-path\.sh$'' + ''^tests/functional/user-envs-migration\.sh$'' + ''^tests/functional/user-envs-test-case\.sh$'' + ''^tests/functional/user-envs\.builder\.sh$'' + ''^tests/functional/user-envs\.sh$'' + ''^tests/functional/why-depends\.sh$'' + ''^src/libutil-tests/data/git/check-data\.sh$'' + ]; + }; + # TODO: nixfmt, https://github.com/NixOS/nixfmt/issues/153 }; - # TODO: nixfmt, https://github.com/NixOS/nixfmt/issues/153 }; }; - }; # We'll be pulling from this in the main flake flake.getSystem = getSystem; diff --git a/packaging/components.nix b/packaging/components.nix index e1f661be8fb..d1bfe83bf0e 100644 --- a/packaging/components.nix +++ b/packaging/components.nix @@ -13,9 +13,11 @@ let versionSuffix = lib.optionalString (!officialRelease) "pre"; - fineVersionSuffix = lib.optionalString - (!officialRelease) - "pre${builtins.substring 0 8 (src.lastModifiedDate or src.lastModified or "19700101")}_${src.shortRev or "dirty"}"; + fineVersionSuffix = + lib.optionalString (!officialRelease) + "pre${ + builtins.substring 0 8 (src.lastModifiedDate or src.lastModified or "19700101") + }_${src.shortRev or "dirty"}"; fineVersion = baseVersion + fineVersionSuffix; in @@ -54,7 +56,9 @@ in nix-cli = callPackage ../src/nix/package.nix { version = fineVersion; }; - nix-functional-tests = callPackage ../src/nix-functional-tests/package.nix { version = fineVersion; }; + nix-functional-tests = callPackage ../src/nix-functional-tests/package.nix { + version = fineVersion; + }; nix-manual = callPackage ../doc/manual/package.nix { version = fineVersion; }; nix-internal-api-docs = callPackage ../src/internal-api-docs/package.nix { version = fineVersion; }; diff --git a/packaging/dependencies.nix b/packaging/dependencies.nix index acdbc9cfc79..afbc31fc6df 100644 --- a/packaging/dependencies.nix +++ b/packaging/dependencies.nix @@ -19,9 +19,7 @@ let root = ../.; - stdenv = if prevStdenv.isDarwin && prevStdenv.isx86_64 - then darwinStdenv - else prevStdenv; + stdenv = if prevStdenv.isDarwin && prevStdenv.isx86_64 then darwinStdenv else prevStdenv; # Fix the following error with the default x86_64-darwin SDK: # @@ -38,11 +36,14 @@ let # Indirection for Nixpkgs to override when package.nix files are vendored filesetToSource = lib.fileset.toSource; - /** Given a set of layers, create a mkDerivation-like function */ - mkPackageBuilder = exts: userFn: - stdenv.mkDerivation (lib.extends (lib.composeManyExtensions exts) userFn); + /** + Given a set of layers, create a mkDerivation-like function + */ + mkPackageBuilder = + exts: userFn: stdenv.mkDerivation (lib.extends (lib.composeManyExtensions exts) userFn); - localSourceLayer = finalAttrs: prevAttrs: + localSourceLayer = + finalAttrs: prevAttrs: let workDirPath = # Ideally we'd pick finalAttrs.workDir, but for now `mkDerivation` has @@ -51,8 +52,13 @@ let prevAttrs.workDir; workDirSubpath = lib.path.removePrefix root workDirPath; - sources = assert prevAttrs.fileset._type == "fileset"; prevAttrs.fileset; - src = lib.fileset.toSource { fileset = sources; inherit root; }; + sources = + assert prevAttrs.fileset._type == "fileset"; + prevAttrs.fileset; + src = lib.fileset.toSource { + fileset = sources; + inherit root; + }; in { @@ -64,117 +70,129 @@ let workDir = null; }; - mesonLayer = finalAttrs: prevAttrs: - { - # NOTE: - # As of https://github.com/NixOS/nixpkgs/blob/8baf8241cea0c7b30e0b8ae73474cb3de83c1a30/pkgs/by-name/me/meson/setup-hook.sh#L26, - # `mesonBuildType` defaults to `plain` if not specified. We want our Nix-built binaries to be optimized by default. - # More on build types here: https://mesonbuild.com/Builtin-options.html#details-for-buildtype. - mesonBuildType = "release"; - # NOTE: - # Users who are debugging Nix builds are expected to set the environment variable `mesonBuildType`, per the - # guidance in https://github.com/NixOS/nix/blob/8a3fc27f1b63a08ac983ee46435a56cf49ebaf4a/doc/manual/source/development/debugging.md?plain=1#L10. - # For this reason, we don't want to refer to `finalAttrs.mesonBuildType` here, but rather use the environment variable. - preConfigure = prevAttrs.preConfigure or "" + lib.optionalString ( - !stdenv.hostPlatform.isWindows - # build failure - && !stdenv.hostPlatform.isStatic - # LTO breaks exception handling on x86-64-darwin. - && stdenv.system != "x86_64-darwin" - ) '' - case "$mesonBuildType" in - release|minsize) appendToVar mesonFlags "-Db_lto=true" ;; - *) appendToVar mesonFlags "-Db_lto=false" ;; - esac - ''; - nativeBuildInputs = [ - pkgs.buildPackages.meson - pkgs.buildPackages.ninja - ] ++ prevAttrs.nativeBuildInputs or []; - mesonCheckFlags = prevAttrs.mesonCheckFlags or [] ++ [ - "--print-errorlogs" - ]; - }; + mesonLayer = finalAttrs: prevAttrs: { + # NOTE: + # As of https://github.com/NixOS/nixpkgs/blob/8baf8241cea0c7b30e0b8ae73474cb3de83c1a30/pkgs/by-name/me/meson/setup-hook.sh#L26, + # `mesonBuildType` defaults to `plain` if not specified. We want our Nix-built binaries to be optimized by default. + # More on build types here: https://mesonbuild.com/Builtin-options.html#details-for-buildtype. + mesonBuildType = "release"; + # NOTE: + # Users who are debugging Nix builds are expected to set the environment variable `mesonBuildType`, per the + # guidance in https://github.com/NixOS/nix/blob/8a3fc27f1b63a08ac983ee46435a56cf49ebaf4a/doc/manual/source/development/debugging.md?plain=1#L10. + # For this reason, we don't want to refer to `finalAttrs.mesonBuildType` here, but rather use the environment variable. + preConfigure = + prevAttrs.preConfigure or "" + + + lib.optionalString + ( + !stdenv.hostPlatform.isWindows + # build failure + && !stdenv.hostPlatform.isStatic + # LTO breaks exception handling on x86-64-darwin. + && stdenv.system != "x86_64-darwin" + ) + '' + case "$mesonBuildType" in + release|minsize) appendToVar mesonFlags "-Db_lto=true" ;; + *) appendToVar mesonFlags "-Db_lto=false" ;; + esac + ''; + nativeBuildInputs = [ + pkgs.buildPackages.meson + pkgs.buildPackages.ninja + ] ++ prevAttrs.nativeBuildInputs or [ ]; + mesonCheckFlags = prevAttrs.mesonCheckFlags or [ ] ++ [ + "--print-errorlogs" + ]; + }; - mesonBuildLayer = finalAttrs: prevAttrs: - { - nativeBuildInputs = prevAttrs.nativeBuildInputs or [] ++ [ - pkgs.buildPackages.pkg-config - ]; - separateDebugInfo = !stdenv.hostPlatform.isStatic; - hardeningDisable = lib.optional stdenv.hostPlatform.isStatic "pie"; - env = prevAttrs.env or {} - // lib.optionalAttrs - (stdenv.isLinux - && !(stdenv.hostPlatform.isStatic && stdenv.system == "aarch64-linux") - && !(stdenv.hostPlatform.useLLVM or false)) - { LDFLAGS = "-fuse-ld=gold"; }; - }; + mesonBuildLayer = finalAttrs: prevAttrs: { + nativeBuildInputs = prevAttrs.nativeBuildInputs or [ ] ++ [ + pkgs.buildPackages.pkg-config + ]; + separateDebugInfo = !stdenv.hostPlatform.isStatic; + hardeningDisable = lib.optional stdenv.hostPlatform.isStatic "pie"; + env = + prevAttrs.env or { } + // lib.optionalAttrs ( + stdenv.isLinux + && !(stdenv.hostPlatform.isStatic && stdenv.system == "aarch64-linux") + && !(stdenv.hostPlatform.useLLVM or false) + ) { LDFLAGS = "-fuse-ld=gold"; }; + }; - mesonLibraryLayer = finalAttrs: prevAttrs: - { - outputs = prevAttrs.outputs or [ "out" ] ++ [ "dev" ]; - }; + mesonLibraryLayer = finalAttrs: prevAttrs: { + outputs = prevAttrs.outputs or [ "out" ] ++ [ "dev" ]; + }; # Work around weird `--as-needed` linker behavior with BSD, see # https://github.com/mesonbuild/meson/issues/3593 - bsdNoLinkAsNeeded = finalAttrs: prevAttrs: + bsdNoLinkAsNeeded = + finalAttrs: prevAttrs: lib.optionalAttrs stdenv.hostPlatform.isBSD { - mesonFlags = [ (lib.mesonBool "b_asneeded" false) ] ++ prevAttrs.mesonFlags or []; + mesonFlags = [ (lib.mesonBool "b_asneeded" false) ] ++ prevAttrs.mesonFlags or [ ]; }; - miscGoodPractice = finalAttrs: prevAttrs: - { - strictDeps = prevAttrs.strictDeps or true; - enableParallelBuilding = true; - }; + miscGoodPractice = finalAttrs: prevAttrs: { + strictDeps = prevAttrs.strictDeps or true; + enableParallelBuilding = true; + }; in scope: { inherit stdenv; - aws-sdk-cpp = (pkgs.aws-sdk-cpp.override { - apis = [ "s3" "transfer" ]; - customMemoryManagement = false; - }).overrideAttrs { - # only a stripped down version is built, which takes a lot less resources - # to build, so we don't need a "big-parallel" machine. - requiredSystemFeatures = [ ]; - }; + aws-sdk-cpp = + (pkgs.aws-sdk-cpp.override { + apis = [ + "s3" + "transfer" + ]; + customMemoryManagement = false; + }).overrideAttrs + { + # only a stripped down version is built, which takes a lot less resources + # to build, so we don't need a "big-parallel" machine. + requiredSystemFeatures = [ ]; + }; boehmgc = pkgs.boehmgc.override { enableLargeConfig = true; }; # TODO Hack until https://github.com/NixOS/nixpkgs/issues/45462 is fixed. - boost = (pkgs.boost.override { - extraB2Args = [ - "--with-container" - "--with-context" - "--with-coroutine" - ]; - }).overrideAttrs (old: { - # Need to remove `--with-*` to use `--with-libraries=...` - buildPhase = lib.replaceStrings [ "--without-python" ] [ "" ] old.buildPhase; - installPhase = lib.replaceStrings [ "--without-python" ] [ "" ] old.installPhase; - }); + boost = + (pkgs.boost.override { + extraB2Args = [ + "--with-container" + "--with-context" + "--with-coroutine" + ]; + }).overrideAttrs + (old: { + # Need to remove `--with-*` to use `--with-libraries=...` + buildPhase = lib.replaceStrings [ "--without-python" ] [ "" ] old.buildPhase; + installPhase = lib.replaceStrings [ "--without-python" ] [ "" ] old.installPhase; + }); libgit2 = pkgs.libgit2.overrideAttrs (attrs: { - cmakeFlags = attrs.cmakeFlags or [] - ++ [ "-DUSE_SSH=exec" ]; - nativeBuildInputs = attrs.nativeBuildInputs or [] + cmakeFlags = attrs.cmakeFlags or [ ] ++ [ "-DUSE_SSH=exec" ]; + nativeBuildInputs = + attrs.nativeBuildInputs or [ ] # gitMinimal does not build on Windows. See packbuilder patch. ++ lib.optionals (!stdenv.hostPlatform.isWindows) [ # Needed for `git apply`; see `prePatch` pkgs.buildPackages.gitMinimal ]; # Only `git apply` can handle git binary patches - prePatch = attrs.prePatch or "" + prePatch = + attrs.prePatch or "" + lib.optionalString (!stdenv.hostPlatform.isWindows) '' patch() { git apply } ''; - patches = attrs.patches or [] + patches = + attrs.patches or [ ] ++ [ ./patches/libgit2-mempack-thin-packfile.patch ] @@ -188,27 +206,24 @@ scope: { inherit resolvePath filesetToSource; - mkMesonDerivation = - mkPackageBuilder [ - miscGoodPractice - localSourceLayer - mesonLayer - ]; - mkMesonExecutable = - mkPackageBuilder [ - miscGoodPractice - bsdNoLinkAsNeeded - localSourceLayer - mesonLayer - mesonBuildLayer - ]; - mkMesonLibrary = - mkPackageBuilder [ - miscGoodPractice - bsdNoLinkAsNeeded - localSourceLayer - mesonLayer - mesonBuildLayer - mesonLibraryLayer - ]; + mkMesonDerivation = mkPackageBuilder [ + miscGoodPractice + localSourceLayer + mesonLayer + ]; + mkMesonExecutable = mkPackageBuilder [ + miscGoodPractice + bsdNoLinkAsNeeded + localSourceLayer + mesonLayer + mesonBuildLayer + ]; + mkMesonLibrary = mkPackageBuilder [ + miscGoodPractice + bsdNoLinkAsNeeded + localSourceLayer + mesonLayer + mesonBuildLayer + mesonLibraryLayer + ]; } diff --git a/packaging/dev-shell.nix b/packaging/dev-shell.nix index 30ac518d5f7..1651a86bee1 100644 --- a/packaging/dev-shell.nix +++ b/packaging/dev-shell.nix @@ -2,127 +2,135 @@ { pkgs }: -pkgs.nixComponents.nix-util.overrideAttrs (attrs: - -let - stdenv = pkgs.nixDependencies.stdenv; - buildCanExecuteHost = stdenv.buildPlatform.canExecute stdenv.hostPlatform; - modular = devFlake.getSystem stdenv.buildPlatform.system; - transformFlag = prefix: flag: - assert builtins.isString flag; - let - rest = builtins.substring 2 (builtins.stringLength flag) flag; - in +pkgs.nixComponents.nix-util.overrideAttrs ( + attrs: + + let + stdenv = pkgs.nixDependencies.stdenv; + buildCanExecuteHost = stdenv.buildPlatform.canExecute stdenv.hostPlatform; + modular = devFlake.getSystem stdenv.buildPlatform.system; + transformFlag = + prefix: flag: + assert builtins.isString flag; + let + rest = builtins.substring 2 (builtins.stringLength flag) flag; + in "-D${prefix}:${rest}"; - havePerl = stdenv.buildPlatform == stdenv.hostPlatform && stdenv.hostPlatform.isUnix; - ignoreCrossFile = flags: builtins.filter (flag: !(lib.strings.hasInfix "cross-file" flag)) flags; -in { - pname = "shell-for-" + attrs.pname; - - # Remove the version suffix to avoid unnecessary attempts to substitute in nix develop - version = lib.fileContents ../.version; - name = attrs.pname; - - installFlags = "sysconfdir=$(out)/etc"; - shellHook = '' - PATH=$prefix/bin:$PATH - unset PYTHONPATH - export MANPATH=$out/share/man:$MANPATH - - # Make bash completion work. - XDG_DATA_DIRS+=:$out/share - - # Make the default phases do the right thing. - # FIXME: this wouldn't be needed if the ninja package set buildPhase() instead of $buildPhase. - # FIXME: mesonConfigurePhase shouldn't cd to the build directory. It would be better to pass '-C ' to ninja. - - cdToBuildDir() { - if [[ ! -e build.ninja ]]; then - cd build - fi - } - - configurePhase() { - mesonConfigurePhase - } - - buildPhase() { - cdToBuildDir - ninjaBuildPhase - } - - checkPhase() { - cdToBuildDir - mesonCheckPhase - } - - installPhase() { - cdToBuildDir - ninjaInstallPhase - } - ''; - - # We use this shell with the local checkout, not unpackPhase. - src = null; - - env = { - # Needed for Meson to find Boost. - # https://github.com/NixOS/nixpkgs/issues/86131. - BOOST_INCLUDEDIR = "${lib.getDev pkgs.nixDependencies.boost}/include"; - BOOST_LIBRARYDIR = "${lib.getLib pkgs.nixDependencies.boost}/lib"; - # For `make format`, to work without installing pre-commit - _NIX_PRE_COMMIT_HOOKS_CONFIG = - "${(pkgs.formats.yaml { }).generate "pre-commit-config.yaml" modular.pre-commit.settings.rawConfig}"; - }; - - mesonFlags = - map (transformFlag "libutil") (ignoreCrossFile pkgs.nixComponents.nix-util.mesonFlags) - ++ map (transformFlag "libstore") (ignoreCrossFile pkgs.nixComponents.nix-store.mesonFlags) - ++ map (transformFlag "libfetchers") (ignoreCrossFile pkgs.nixComponents.nix-fetchers.mesonFlags) - ++ lib.optionals havePerl (map (transformFlag "perl") (ignoreCrossFile pkgs.nixComponents.nix-perl-bindings.mesonFlags)) - ++ map (transformFlag "libexpr") (ignoreCrossFile pkgs.nixComponents.nix-expr.mesonFlags) - ++ map (transformFlag "libcmd") (ignoreCrossFile pkgs.nixComponents.nix-cmd.mesonFlags) - ; - - nativeBuildInputs = attrs.nativeBuildInputs or [] - ++ pkgs.nixComponents.nix-util.nativeBuildInputs - ++ pkgs.nixComponents.nix-store.nativeBuildInputs - ++ pkgs.nixComponents.nix-fetchers.nativeBuildInputs - ++ pkgs.nixComponents.nix-expr.nativeBuildInputs - ++ lib.optionals havePerl pkgs.nixComponents.nix-perl-bindings.nativeBuildInputs - ++ lib.optionals buildCanExecuteHost pkgs.nixComponents.nix-manual.externalNativeBuildInputs - ++ pkgs.nixComponents.nix-internal-api-docs.nativeBuildInputs - ++ pkgs.nixComponents.nix-external-api-docs.nativeBuildInputs - ++ pkgs.nixComponents.nix-functional-tests.externalNativeBuildInputs - ++ lib.optional - (!buildCanExecuteHost - # Hack around https://github.com/nixos/nixpkgs/commit/bf7ad8cfbfa102a90463433e2c5027573b462479 - && !(stdenv.hostPlatform.isWindows && stdenv.buildPlatform.isDarwin) - && stdenv.hostPlatform.emulatorAvailable pkgs.buildPackages - && lib.meta.availableOn stdenv.buildPlatform (stdenv.hostPlatform.emulator pkgs.buildPackages)) - pkgs.buildPackages.mesonEmulatorHook - ++ [ - pkgs.buildPackages.cmake - pkgs.buildPackages.shellcheck - pkgs.buildPackages.changelog-d - modular.pre-commit.settings.package - (pkgs.writeScriptBin "pre-commit-hooks-install" - modular.pre-commit.settings.installationScript) - ] - # TODO: Remove the darwin check once - # https://github.com/NixOS/nixpkgs/pull/291814 is available - ++ lib.optional (stdenv.cc.isClang && !stdenv.buildPlatform.isDarwin) pkgs.buildPackages.bear - ++ lib.optional (stdenv.cc.isClang && stdenv.hostPlatform == stdenv.buildPlatform) (lib.hiPrio pkgs.buildPackages.clang-tools); - - buildInputs = attrs.buildInputs or [] - ++ pkgs.nixComponents.nix-util.buildInputs - ++ pkgs.nixComponents.nix-store.buildInputs - ++ pkgs.nixComponents.nix-store-tests.externalBuildInputs - ++ pkgs.nixComponents.nix-fetchers.buildInputs - ++ pkgs.nixComponents.nix-expr.buildInputs - ++ pkgs.nixComponents.nix-expr.externalPropagatedBuildInputs - ++ pkgs.nixComponents.nix-cmd.buildInputs - ++ lib.optionals havePerl pkgs.nixComponents.nix-perl-bindings.externalBuildInputs - ++ lib.optional havePerl pkgs.perl - ; -}) + havePerl = stdenv.buildPlatform == stdenv.hostPlatform && stdenv.hostPlatform.isUnix; + ignoreCrossFile = flags: builtins.filter (flag: !(lib.strings.hasInfix "cross-file" flag)) flags; + in + { + pname = "shell-for-" + attrs.pname; + + # Remove the version suffix to avoid unnecessary attempts to substitute in nix develop + version = lib.fileContents ../.version; + name = attrs.pname; + + installFlags = "sysconfdir=$(out)/etc"; + shellHook = '' + PATH=$prefix/bin:$PATH + unset PYTHONPATH + export MANPATH=$out/share/man:$MANPATH + + # Make bash completion work. + XDG_DATA_DIRS+=:$out/share + + # Make the default phases do the right thing. + # FIXME: this wouldn't be needed if the ninja package set buildPhase() instead of $buildPhase. + # FIXME: mesonConfigurePhase shouldn't cd to the build directory. It would be better to pass '-C ' to ninja. + + cdToBuildDir() { + if [[ ! -e build.ninja ]]; then + cd build + fi + } + + configurePhase() { + mesonConfigurePhase + } + + buildPhase() { + cdToBuildDir + ninjaBuildPhase + } + + checkPhase() { + cdToBuildDir + mesonCheckPhase + } + + installPhase() { + cdToBuildDir + ninjaInstallPhase + } + ''; + + # We use this shell with the local checkout, not unpackPhase. + src = null; + + env = { + # Needed for Meson to find Boost. + # https://github.com/NixOS/nixpkgs/issues/86131. + BOOST_INCLUDEDIR = "${lib.getDev pkgs.nixDependencies.boost}/include"; + BOOST_LIBRARYDIR = "${lib.getLib pkgs.nixDependencies.boost}/lib"; + # For `make format`, to work without installing pre-commit + _NIX_PRE_COMMIT_HOOKS_CONFIG = "${(pkgs.formats.yaml { }).generate "pre-commit-config.yaml" + modular.pre-commit.settings.rawConfig + }"; + }; + + mesonFlags = + map (transformFlag "libutil") (ignoreCrossFile pkgs.nixComponents.nix-util.mesonFlags) + ++ map (transformFlag "libstore") (ignoreCrossFile pkgs.nixComponents.nix-store.mesonFlags) + ++ map (transformFlag "libfetchers") (ignoreCrossFile pkgs.nixComponents.nix-fetchers.mesonFlags) + ++ lib.optionals havePerl ( + map (transformFlag "perl") (ignoreCrossFile pkgs.nixComponents.nix-perl-bindings.mesonFlags) + ) + ++ map (transformFlag "libexpr") (ignoreCrossFile pkgs.nixComponents.nix-expr.mesonFlags) + ++ map (transformFlag "libcmd") (ignoreCrossFile pkgs.nixComponents.nix-cmd.mesonFlags); + + nativeBuildInputs = + attrs.nativeBuildInputs or [ ] + ++ pkgs.nixComponents.nix-util.nativeBuildInputs + ++ pkgs.nixComponents.nix-store.nativeBuildInputs + ++ pkgs.nixComponents.nix-fetchers.nativeBuildInputs + ++ pkgs.nixComponents.nix-expr.nativeBuildInputs + ++ lib.optionals havePerl pkgs.nixComponents.nix-perl-bindings.nativeBuildInputs + ++ lib.optionals buildCanExecuteHost pkgs.nixComponents.nix-manual.externalNativeBuildInputs + ++ pkgs.nixComponents.nix-internal-api-docs.nativeBuildInputs + ++ pkgs.nixComponents.nix-external-api-docs.nativeBuildInputs + ++ pkgs.nixComponents.nix-functional-tests.externalNativeBuildInputs + ++ lib.optional ( + !buildCanExecuteHost + # Hack around https://github.com/nixos/nixpkgs/commit/bf7ad8cfbfa102a90463433e2c5027573b462479 + && !(stdenv.hostPlatform.isWindows && stdenv.buildPlatform.isDarwin) + && stdenv.hostPlatform.emulatorAvailable pkgs.buildPackages + && lib.meta.availableOn stdenv.buildPlatform (stdenv.hostPlatform.emulator pkgs.buildPackages) + ) pkgs.buildPackages.mesonEmulatorHook + ++ [ + pkgs.buildPackages.cmake + pkgs.buildPackages.shellcheck + pkgs.buildPackages.changelog-d + modular.pre-commit.settings.package + (pkgs.writeScriptBin "pre-commit-hooks-install" modular.pre-commit.settings.installationScript) + ] + # TODO: Remove the darwin check once + # https://github.com/NixOS/nixpkgs/pull/291814 is available + ++ lib.optional (stdenv.cc.isClang && !stdenv.buildPlatform.isDarwin) pkgs.buildPackages.bear + ++ lib.optional (stdenv.cc.isClang && stdenv.hostPlatform == stdenv.buildPlatform) ( + lib.hiPrio pkgs.buildPackages.clang-tools + ); + + buildInputs = + attrs.buildInputs or [ ] + ++ pkgs.nixComponents.nix-util.buildInputs + ++ pkgs.nixComponents.nix-store.buildInputs + ++ pkgs.nixComponents.nix-store-tests.externalBuildInputs + ++ pkgs.nixComponents.nix-fetchers.buildInputs + ++ pkgs.nixComponents.nix-expr.buildInputs + ++ pkgs.nixComponents.nix-expr.externalPropagatedBuildInputs + ++ pkgs.nixComponents.nix-cmd.buildInputs + ++ lib.optionals havePerl pkgs.nixComponents.nix-perl-bindings.externalBuildInputs + ++ lib.optional havePerl pkgs.perl; + } +) diff --git a/packaging/everything.nix b/packaging/everything.nix index 7ca878d8d53..2b47c31bbf5 100644 --- a/packaging/everything.nix +++ b/packaging/everything.nix @@ -42,27 +42,31 @@ }: let - libs = { - inherit - nix-util - nix-util-c - nix-store - nix-store-c - nix-fetchers - nix-expr - nix-expr-c - nix-flake - nix-flake-c - nix-main - nix-main-c - nix-cmd - ; - } // lib.optionalAttrs (!stdenv.hostPlatform.isStatic && stdenv.buildPlatform.canExecute stdenv.hostPlatform) { - # Currently fails in static build - inherit - nix-perl-bindings - ; - }; + libs = + { + inherit + nix-util + nix-util-c + nix-store + nix-store-c + nix-fetchers + nix-expr + nix-expr-c + nix-flake + nix-flake-c + nix-main + nix-main-c + nix-cmd + ; + } + // lib.optionalAttrs + (!stdenv.hostPlatform.isStatic && stdenv.buildPlatform.canExecute stdenv.hostPlatform) + { + # Currently fails in static build + inherit + nix-perl-bindings + ; + }; dev = stdenv.mkDerivation (finalAttrs: { name = "nix-${nix-cli.version}-dev"; @@ -77,10 +81,9 @@ let ''; passthru = { tests = { - pkg-config = - testers.hasPkgConfigModules { - package = finalAttrs.finalPackage; - }; + pkg-config = testers.hasPkgConfigModules { + package = finalAttrs.finalPackage; + }; }; # If we were to fully emulate output selection here, we'd confuse the Nix CLIs, @@ -123,70 +126,84 @@ in ]; meta.mainProgram = "nix"; -}).overrideAttrs (finalAttrs: prevAttrs: { - doCheck = true; - doInstallCheck = true; - - checkInputs = [ - # Make sure the unit tests have passed - nix-util-tests.tests.run - nix-store-tests.tests.run - nix-expr-tests.tests.run - nix-fetchers-tests.tests.run - nix-flake-tests.tests.run - - # Make sure the functional tests have passed - nix-functional-tests - - # dev bundle is ok - # (checkInputs must be empty paths??) - (runCommand "check-pkg-config" { checked = dev.tests.pkg-config; } "mkdir $out") - ] ++ lib.optionals (!stdenv.hostPlatform.isStatic && stdenv.buildPlatform.canExecute stdenv.hostPlatform) [ - # Perl currently fails in static build - # TODO: Split out tests into a separate derivation? - nix-perl-bindings - ]; - passthru = prevAttrs.passthru // { - inherit (nix-cli) version; - - /** - These are the libraries that are part of the Nix project. They are used - by the Nix CLI and other tools. - - If you need to use these libraries in your project, we recommend to use - the `-c` C API libraries exclusively, if possible. - - We also recommend that you build the complete package to ensure that the unit tests pass. - You could do this in CI, or by passing it in an unused environment variable. e.g in a `mkDerivation` call: - - ```nix - buildInputs = [ nix.libs.nix-util-c nix.libs.nix-store-c ]; - # Make sure the nix libs we use are ok - unusedInputsForTests = [ nix ]; - disallowedReferences = nix.all; - ``` - */ - inherit libs; - - tests = prevAttrs.passthru.tests or {} // { - # TODO: create a proper fixpoint and: - # pkg-config = - # testers.hasPkgConfigModules { - # package = finalPackage; - # }; - }; - - /** - A derivation referencing the `dev` outputs of the Nix libraries. - */ - inherit dev; - inherit devdoc; - doc = nix-manual; - outputs = [ "out" "dev" "devdoc" "doc" ]; - all = lib.attrValues (lib.genAttrs finalAttrs.passthru.outputs (outName: finalAttrs.finalPackage.${outName})); - }; - meta = prevAttrs.meta // { - description = "The Nix package manager"; - pkgConfigModules = dev.meta.pkgConfigModules; - }; -}) +}).overrideAttrs + ( + finalAttrs: prevAttrs: { + doCheck = true; + doInstallCheck = true; + + checkInputs = + [ + # Make sure the unit tests have passed + nix-util-tests.tests.run + nix-store-tests.tests.run + nix-expr-tests.tests.run + nix-fetchers-tests.tests.run + nix-flake-tests.tests.run + + # Make sure the functional tests have passed + nix-functional-tests + + # dev bundle is ok + # (checkInputs must be empty paths??) + (runCommand "check-pkg-config" { checked = dev.tests.pkg-config; } "mkdir $out") + ] + ++ lib.optionals + (!stdenv.hostPlatform.isStatic && stdenv.buildPlatform.canExecute stdenv.hostPlatform) + [ + # Perl currently fails in static build + # TODO: Split out tests into a separate derivation? + nix-perl-bindings + ]; + passthru = prevAttrs.passthru // { + inherit (nix-cli) version; + + /** + These are the libraries that are part of the Nix project. They are used + by the Nix CLI and other tools. + + If you need to use these libraries in your project, we recommend to use + the `-c` C API libraries exclusively, if possible. + + We also recommend that you build the complete package to ensure that the unit tests pass. + You could do this in CI, or by passing it in an unused environment variable. e.g in a `mkDerivation` call: + + ```nix + buildInputs = [ nix.libs.nix-util-c nix.libs.nix-store-c ]; + # Make sure the nix libs we use are ok + unusedInputsForTests = [ nix ]; + disallowedReferences = nix.all; + ``` + */ + inherit libs; + + tests = prevAttrs.passthru.tests or { } // { + # TODO: create a proper fixpoint and: + # pkg-config = + # testers.hasPkgConfigModules { + # package = finalPackage; + # }; + }; + + /** + A derivation referencing the `dev` outputs of the Nix libraries. + */ + inherit dev; + inherit devdoc; + doc = nix-manual; + outputs = [ + "out" + "dev" + "devdoc" + "doc" + ]; + all = lib.attrValues ( + lib.genAttrs finalAttrs.passthru.outputs (outName: finalAttrs.finalPackage.${outName}) + ); + }; + meta = prevAttrs.meta // { + description = "The Nix package manager"; + pkgConfigModules = dev.meta.pkgConfigModules; + }; + } + ) diff --git a/packaging/hydra.nix b/packaging/hydra.nix index 5b1e4755948..764898515c9 100644 --- a/packaging/hydra.nix +++ b/packaging/hydra.nix @@ -1,22 +1,25 @@ -{ inputs -, binaryTarball -, forAllCrossSystems -, forAllSystems -, lib -, linux64BitSystems -, nixpkgsFor -, self -, officialRelease +{ + inputs, + binaryTarball, + forAllCrossSystems, + forAllSystems, + lib, + linux64BitSystems, + nixpkgsFor, + self, + officialRelease, }: let inherit (inputs) nixpkgs nixpkgs-regression; - installScriptFor = tarballs: + installScriptFor = + tarballs: nixpkgsFor.x86_64-linux.native.callPackage ../scripts/installer.nix { inherit tarballs; }; - testNixVersions = pkgs: daemon: + testNixVersions = + pkgs: daemon: pkgs.nixComponents.nix-functional-tests.override { pname = "nix-daemon-compat-tests"; version = "${pkgs.nix.version}-with-daemon-${daemon.version}"; @@ -54,44 +57,70 @@ let in { # Binary package for various platforms. - build = forAllPackages (pkgName: - forAllSystems (system: nixpkgsFor.${system}.native.nixComponents.${pkgName})); + build = forAllPackages ( + pkgName: forAllSystems (system: nixpkgsFor.${system}.native.nixComponents.${pkgName}) + ); - shellInputs = removeAttrs - (forAllSystems (system: self.devShells.${system}.default.inputDerivation)) - [ "i686-linux" ]; + shellInputs = removeAttrs (forAllSystems ( + system: self.devShells.${system}.default.inputDerivation + )) [ "i686-linux" ]; - buildStatic = forAllPackages (pkgName: - lib.genAttrs linux64BitSystems (system: nixpkgsFor.${system}.static.nixComponents.${pkgName})); + buildStatic = forAllPackages ( + pkgName: + lib.genAttrs linux64BitSystems (system: nixpkgsFor.${system}.static.nixComponents.${pkgName}) + ); - buildCross = forAllPackages (pkgName: + buildCross = forAllPackages ( + pkgName: # Hack to avoid non-evaling package - (if pkgName == "nix-functional-tests" then lib.flip builtins.removeAttrs ["x86_64-w64-mingw32"] else lib.id) - (forAllCrossSystems (crossSystem: - lib.genAttrs [ "x86_64-linux" ] (system: nixpkgsFor.${system}.cross.${crossSystem}.nixComponents.${pkgName})))); - - buildNoGc = let - components = forAllSystems (system: - nixpkgsFor.${system}.native.nixComponents.overrideScope (self: super: { - nix-expr = super.nix-expr.override { enableGC = false; }; - }) - ); - in forAllPackages (pkgName: forAllSystems (system: components.${system}.${pkgName})); + ( + if pkgName == "nix-functional-tests" then + lib.flip builtins.removeAttrs [ "x86_64-w64-mingw32" ] + else + lib.id + ) + ( + forAllCrossSystems ( + crossSystem: + lib.genAttrs [ "x86_64-linux" ] ( + system: nixpkgsFor.${system}.cross.${crossSystem}.nixComponents.${pkgName} + ) + ) + ) + ); + + buildNoGc = + let + components = forAllSystems ( + system: + nixpkgsFor.${system}.native.nixComponents.overrideScope ( + self: super: { + nix-expr = super.nix-expr.override { enableGC = false; }; + } + ) + ); + in + forAllPackages (pkgName: forAllSystems (system: components.${system}.${pkgName})); buildNoTests = forAllSystems (system: nixpkgsFor.${system}.native.nixComponents.nix-cli); # Toggles some settings for better coverage. Windows needs these # library combinations, and Debian build Nix with GNU readline too. - buildReadlineNoMarkdown = let - components = forAllSystems (system: - nixpkgsFor.${system}.native.nixComponents.overrideScope (self: super: { - nix-cmd = super.nix-cmd.override { - enableMarkdown = false; - readlineFlavor = "readline"; - }; - }) - ); - in forAllPackages (pkgName: forAllSystems (system: components.${system}.${pkgName})); + buildReadlineNoMarkdown = + let + components = forAllSystems ( + system: + nixpkgsFor.${system}.native.nixComponents.overrideScope ( + self: super: { + nix-cmd = super.nix-cmd.override { + enableMarkdown = false; + readlineFlavor = "readline"; + }; + } + ) + ); + in + forAllPackages (pkgName: forAllSystems (system: components.${system}.${pkgName})); # Perl bindings for various platforms. perlBindings = forAllSystems (system: nixpkgsFor.${system}.native.nixComponents.nix-perl-bindings); @@ -99,13 +128,18 @@ in # Binary tarball for various platforms, containing a Nix store # with the closure of 'nix' package, and the second half of # the installation script. - binaryTarball = forAllSystems (system: binaryTarball nixpkgsFor.${system}.native.nix nixpkgsFor.${system}.native); - - binaryTarballCross = lib.genAttrs [ "x86_64-linux" ] (system: - forAllCrossSystems (crossSystem: - binaryTarball - nixpkgsFor.${system}.cross.${crossSystem}.nix - nixpkgsFor.${system}.cross.${crossSystem})); + binaryTarball = forAllSystems ( + system: binaryTarball nixpkgsFor.${system}.native.nix nixpkgsFor.${system}.native + ); + + binaryTarballCross = lib.genAttrs [ "x86_64-linux" ] ( + system: + forAllCrossSystems ( + crossSystem: + binaryTarball nixpkgsFor.${system}.cross.${crossSystem}.nix + nixpkgsFor.${system}.cross.${crossSystem} + ) + ); # The first half of the installation script. This is uploaded # to https://nixos.org/nix/install. It downloads the binary @@ -124,9 +158,12 @@ in self.hydraJobs.binaryTarballCross."x86_64-linux"."riscv64-unknown-linux-gnu" ]; - installerScriptForGHA = forAllSystems (system: nixpkgsFor.${system}.native.callPackage ../scripts/installer.nix { - tarballs = [ self.hydraJobs.binaryTarball.${system} ]; - }); + installerScriptForGHA = forAllSystems ( + system: + nixpkgsFor.${system}.native.callPackage ../scripts/installer.nix { + tarballs = [ self.hydraJobs.binaryTarball.${system} ]; + } + ); # docker image with Nix inside dockerImage = lib.genAttrs linux64BitSystems (system: self.packages.${system}.dockerImage); @@ -147,16 +184,24 @@ in external-api-docs = nixpkgsFor.x86_64-linux.native.nixComponents.nix-external-api-docs; # System tests. - tests = import ../tests/nixos { inherit lib nixpkgs nixpkgsFor self; } // { - - # Make sure that nix-env still produces the exact same result - # on a particular version of Nixpkgs. - evalNixpkgs = - let - inherit (nixpkgsFor.x86_64-linux.native) runCommand nix; - in - runCommand "eval-nixos" { buildInputs = [ nix ]; } - '' + tests = + import ../tests/nixos { + inherit + lib + nixpkgs + nixpkgsFor + self + ; + } + // { + + # Make sure that nix-env still produces the exact same result + # on a particular version of Nixpkgs. + evalNixpkgs = + let + inherit (nixpkgsFor.x86_64-linux.native) runCommand nix; + in + runCommand "eval-nixos" { buildInputs = [ nix ]; } '' type -p nix-env # Note: we're filtering out nixos-install-tools because https://github.com/NixOS/nixpkgs/pull/153594#issuecomment-1020530593. ( @@ -167,36 +212,36 @@ in mkdir $out ''; - nixpkgsLibTests = - forAllSystems (system: - import (nixpkgs + "/lib/tests/test-with-nix.nix") - { - lib = nixpkgsFor.${system}.native.lib; - nix = self.packages.${system}.nix-cli; - pkgs = nixpkgsFor.${system}.native; - } + nixpkgsLibTests = forAllSystems ( + system: + import (nixpkgs + "/lib/tests/test-with-nix.nix") { + lib = nixpkgsFor.${system}.native.lib; + nix = self.packages.${system}.nix-cli; + pkgs = nixpkgsFor.${system}.native; + } ); - }; + }; metrics.nixpkgs = import "${nixpkgs-regression}/pkgs/top-level/metrics.nix" { pkgs = nixpkgsFor.x86_64-linux.native; nixpkgs = nixpkgs-regression; }; - installTests = forAllSystems (system: - let pkgs = nixpkgsFor.${system}.native; in - pkgs.runCommand "install-tests" - { - againstSelf = testNixVersions pkgs pkgs.nix; - againstCurrentLatest = - # FIXME: temporarily disable this on macOS because of #3605. - if system == "x86_64-linux" - then testNixVersions pkgs pkgs.nixVersions.latest - else null; - # Disabled because the latest stable version doesn't handle - # `NIX_DAEMON_SOCKET_PATH` which is required for the tests to work - # againstLatestStable = testNixVersions pkgs pkgs.nixStable; - } "touch $out"); + installTests = forAllSystems ( + system: + let + pkgs = nixpkgsFor.${system}.native; + in + pkgs.runCommand "install-tests" { + againstSelf = testNixVersions pkgs pkgs.nix; + againstCurrentLatest = + # FIXME: temporarily disable this on macOS because of #3605. + if system == "x86_64-linux" then testNixVersions pkgs pkgs.nixVersions.latest else null; + # Disabled because the latest stable version doesn't handle + # `NIX_DAEMON_SOCKET_PATH` which is required for the tests to work + # againstLatestStable = testNixVersions pkgs pkgs.nixStable; + } "touch $out" + ); installerTests = import ../tests/installer { binaryTarballs = self.hydraJobs.binaryTarball; diff --git a/scripts/binary-tarball.nix b/scripts/binary-tarball.nix index 9de90b7fb56..580e3859fe2 100644 --- a/scripts/binary-tarball.nix +++ b/scripts/binary-tarball.nix @@ -1,14 +1,18 @@ -{ runCommand -, system -, buildPackages -, cacert -, nix +{ + runCommand, + system, + buildPackages, + cacert, + nix, }: let installerClosureInfo = buildPackages.closureInfo { - rootPaths = [ nix cacert ]; + rootPaths = [ + nix + cacert + ]; }; inherit (nix) version; diff --git a/scripts/installer.nix b/scripts/installer.nix index cc7759c2c8e..e171f36f99f 100644 --- a/scripts/installer.nix +++ b/scripts/installer.nix @@ -1,36 +1,42 @@ -{ lib -, runCommand -, nix -, tarballs +{ + lib, + runCommand, + nix, + tarballs, }: -runCommand "installer-script" { - buildInputs = [ nix ]; -} '' - mkdir -p $out/nix-support - - # Converts /nix/store/50p3qk8k...-nix-2.4pre20201102_550e11f/bin/nix to 50p3qk8k.../bin/nix. - tarballPath() { - # Remove the store prefix - local path=''${1#${builtins.storeDir}/} - # Get the path relative to the derivation root - local rest=''${path#*/} - # Get the derivation hash - local drvHash=''${path%%-*} - echo "$drvHash/$rest" +runCommand "installer-script" + { + buildInputs = [ nix ]; } + '' + mkdir -p $out/nix-support + + # Converts /nix/store/50p3qk8k...-nix-2.4pre20201102_550e11f/bin/nix to 50p3qk8k.../bin/nix. + tarballPath() { + # Remove the store prefix + local path=''${1#${builtins.storeDir}/} + # Get the path relative to the derivation root + local rest=''${path#*/} + # Get the derivation hash + local drvHash=''${path%%-*} + echo "$drvHash/$rest" + } - substitute ${./install.in} $out/install \ - ${lib.concatMapStrings - (tarball: let - inherit (tarball.stdenv.hostPlatform) system; - in '' \ - --replace '@tarballHash_${system}@' $(nix --experimental-features nix-command hash-file --base16 --type sha256 ${tarball}/*.tar.xz) \ - --replace '@tarballPath_${system}@' $(tarballPath ${tarball}/*.tar.xz) \ - '' - ) - tarballs - } --replace '@nixVersion@' ${nix.version} + substitute ${./install.in} $out/install \ + ${ + lib.concatMapStrings ( + tarball: + let + inherit (tarball.stdenv.hostPlatform) system; + in + '' + \ + --replace '@tarballHash_${system}@' $(nix --experimental-features nix-command hash-file --base16 --type sha256 ${tarball}/*.tar.xz) \ + --replace '@tarballPath_${system}@' $(tarballPath ${tarball}/*.tar.xz) \ + '' + ) tarballs + } --replace '@nixVersion@' ${nix.version} - echo "file installer $out/install" >> $out/nix-support/hydra-build-products -'' + echo "file installer $out/install" >> $out/nix-support/hydra-build-products + '' diff --git a/src/external-api-docs/package.nix b/src/external-api-docs/package.nix index 57c5138cfdb..b194e16d460 100644 --- a/src/external-api-docs/package.nix +++ b/src/external-api-docs/package.nix @@ -1,11 +1,12 @@ -{ lib -, mkMesonDerivation +{ + lib, + mkMesonDerivation, -, doxygen + doxygen, -# Configuration Options + # Configuration Options -, version + version, }: let @@ -39,11 +40,10 @@ mkMesonDerivation (finalAttrs: { doxygen ]; - preConfigure = - '' - chmod u+w ./.version - echo ${finalAttrs.version} > ./.version - ''; + preConfigure = '' + chmod u+w ./.version + echo ${finalAttrs.version} > ./.version + ''; postInstall = '' mkdir -p ''${!outputDoc}/nix-support diff --git a/src/internal-api-docs/package.nix b/src/internal-api-docs/package.nix index 993a257a69f..6c4f354aee5 100644 --- a/src/internal-api-docs/package.nix +++ b/src/internal-api-docs/package.nix @@ -1,11 +1,12 @@ -{ lib -, mkMesonDerivation +{ + lib, + mkMesonDerivation, -, doxygen + doxygen, -# Configuration Options + # Configuration Options -, version + version, }: let @@ -17,27 +18,28 @@ mkMesonDerivation (finalAttrs: { inherit version; workDir = ./.; - fileset = let - cpp = fileset.fileFilter (file: file.hasExt "cc" || file.hasExt "hh"); - in fileset.unions [ - ./.version - ../../.version - ./meson.build - ./doxygen.cfg.in - # Source is not compiled, but still must be available for Doxygen - # to gather comments. - (cpp ../.) - ]; + fileset = + let + cpp = fileset.fileFilter (file: file.hasExt "cc" || file.hasExt "hh"); + in + fileset.unions [ + ./.version + ../../.version + ./meson.build + ./doxygen.cfg.in + # Source is not compiled, but still must be available for Doxygen + # to gather comments. + (cpp ../.) + ]; nativeBuildInputs = [ doxygen ]; - preConfigure = - '' - chmod u+w ./.version - echo ${finalAttrs.version} > ./.version - ''; + preConfigure = '' + chmod u+w ./.version + echo ${finalAttrs.version} > ./.version + ''; postInstall = '' mkdir -p ''${!outputDoc}/nix-support diff --git a/src/libcmd/package.nix b/src/libcmd/package.nix index 5cafb4dc100..d155d9f1e62 100644 --- a/src/libcmd/package.nix +++ b/src/libcmd/package.nix @@ -1,32 +1,33 @@ -{ lib -, stdenv -, mkMesonLibrary +{ + lib, + stdenv, + mkMesonLibrary, -, nix-util -, nix-store -, nix-fetchers -, nix-expr -, nix-flake -, nix-main -, editline -, readline -, lowdown -, nlohmann_json + nix-util, + nix-store, + nix-fetchers, + nix-expr, + nix-flake, + nix-main, + editline, + readline, + lowdown, + nlohmann_json, -# Configuration Options + # Configuration Options -, version + version, -# Whether to enable Markdown rendering in the Nix binary. -, enableMarkdown ? !stdenv.hostPlatform.isWindows + # Whether to enable Markdown rendering in the Nix binary. + enableMarkdown ? !stdenv.hostPlatform.isWindows, -# Which interactive line editor library to use for Nix's repl. -# -# Currently supported choices are: -# -# - editline (default) -# - readline -, readlineFlavor ? if stdenv.hostPlatform.isWindows then "readline" else "editline" + # Which interactive line editor library to use for Nix's repl. + # + # Currently supported choices are: + # + # - editline (default) + # - readline + readlineFlavor ? if stdenv.hostPlatform.isWindows then "readline" else "editline", }: let diff --git a/src/libexpr-c/package.nix b/src/libexpr-c/package.nix index 5047f3e2e9a..ad1ea371c2d 100644 --- a/src/libexpr-c/package.nix +++ b/src/libexpr-c/package.nix @@ -1,12 +1,13 @@ -{ lib -, mkMesonLibrary +{ + lib, + mkMesonLibrary, -, nix-store-c -, nix-expr + nix-store-c, + nix-expr, -# Configuration Options + # Configuration Options -, version + version, }: let diff --git a/src/libexpr-test-support/package.nix b/src/libexpr-test-support/package.nix index 48118fa0c75..5628d606a45 100644 --- a/src/libexpr-test-support/package.nix +++ b/src/libexpr-test-support/package.nix @@ -1,15 +1,16 @@ -{ lib -, mkMesonLibrary +{ + lib, + mkMesonLibrary, -, nix-store-test-support -, nix-expr -, nix-expr-c + nix-store-test-support, + nix-expr, + nix-expr-c, -, rapidcheck + rapidcheck, -# Configuration Options + # Configuration Options -, version + version, }: let diff --git a/src/libexpr-tests/package.nix b/src/libexpr-tests/package.nix index a4a3bb0e7ec..bb5acb7c873 100644 --- a/src/libexpr-tests/package.nix +++ b/src/libexpr-tests/package.nix @@ -1,20 +1,21 @@ -{ lib -, buildPackages -, stdenv -, mkMesonExecutable +{ + lib, + buildPackages, + stdenv, + mkMesonExecutable, -, nix-expr -, nix-expr-c -, nix-expr-test-support + nix-expr, + nix-expr-c, + nix-expr-test-support, -, rapidcheck -, gtest -, runCommand + rapidcheck, + gtest, + runCommand, -# Configuration Options + # Configuration Options -, version -, resolvePath + version, + resolvePath, }: let @@ -58,16 +59,22 @@ mkMesonExecutable (finalAttrs: { passthru = { tests = { - run = runCommand "${finalAttrs.pname}-run" { - meta.broken = !stdenv.hostPlatform.emulatorAvailable buildPackages; - } (lib.optionalString stdenv.hostPlatform.isWindows '' - export HOME="$PWD/home-dir" - mkdir -p "$HOME" - '' + '' - export _NIX_TEST_UNIT_DATA=${resolvePath ./data} - ${stdenv.hostPlatform.emulator buildPackages} ${lib.getExe finalAttrs.finalPackage} - touch $out - ''); + run = + runCommand "${finalAttrs.pname}-run" + { + meta.broken = !stdenv.hostPlatform.emulatorAvailable buildPackages; + } + ( + lib.optionalString stdenv.hostPlatform.isWindows '' + export HOME="$PWD/home-dir" + mkdir -p "$HOME" + '' + + '' + export _NIX_TEST_UNIT_DATA=${resolvePath ./data} + ${stdenv.hostPlatform.emulator buildPackages} ${lib.getExe finalAttrs.finalPackage} + touch $out + '' + ); }; }; diff --git a/src/libexpr/call-flake.nix b/src/libexpr/call-flake.nix index 964ba25219e..9b38644bb71 100644 --- a/src/libexpr/call-flake.nix +++ b/src/libexpr/call-flake.nix @@ -20,77 +20,77 @@ let # Resolve a input spec into a node name. An input spec is # either a node name, or a 'follows' path from the root # node. - resolveInput = inputSpec: - if builtins.isList inputSpec - then getInputByPath lockFile.root inputSpec - else inputSpec; + resolveInput = + inputSpec: if builtins.isList inputSpec then getInputByPath lockFile.root inputSpec else inputSpec; # Follow an input path (e.g. ["dwarffs" "nixpkgs"]) from the # root node, returning the final node. - getInputByPath = nodeName: path: - if path == [] - then nodeName + getInputByPath = + nodeName: path: + if path == [ ] then + nodeName else getInputByPath # Since this could be a 'follows' input, call resolveInput. (resolveInput lockFile.nodes.${nodeName}.inputs.${builtins.head path}) (builtins.tail path); - allNodes = - builtins.mapAttrs - (key: node: - let - - parentNode = allNodes.${getInputByPath lockFile.root node.parent}; - - sourceInfo = - if overrides ? ${key} - then - overrides.${key}.sourceInfo - else if node.locked.type == "path" && builtins.substring 0 1 node.locked.path != "/" - then - parentNode.sourceInfo // { - outPath = parentNode.outPath + ("/" + node.locked.path); - } - else - # FIXME: remove obsolete node.info. - # Note: lock file entries are always final. - fetchTreeFinal (node.info or {} // removeAttrs node.locked ["dir"]); - - subdir = overrides.${key}.dir or node.locked.dir or ""; - - outPath = sourceInfo + ((if subdir == "" then "" else "/") + subdir); - - flake = import (outPath + "/flake.nix"); - - inputs = builtins.mapAttrs - (inputName: inputSpec: allNodes.${resolveInput inputSpec}) - (node.inputs or {}); - - outputs = flake.outputs (inputs // { self = result; }); - - result = - outputs - # We add the sourceInfo attribute for its metadata, as they are - # relevant metadata for the flake. However, the outPath of the - # sourceInfo does not necessarily match the outPath of the flake, - # as the flake may be in a subdirectory of a source. - # This is shadowed in the next // - // sourceInfo - // { - # This shadows the sourceInfo.outPath - inherit outPath; - - inherit inputs; inherit outputs; inherit sourceInfo; _type = "flake"; - }; - - in - if node.flake or true then - assert builtins.isFunction flake.outputs; - result - else - sourceInfo - ) - lockFile.nodes; - -in allNodes.${lockFile.root} + allNodes = builtins.mapAttrs ( + key: node: + let + + parentNode = allNodes.${getInputByPath lockFile.root node.parent}; + + sourceInfo = + if overrides ? ${key} then + overrides.${key}.sourceInfo + else if node.locked.type == "path" && builtins.substring 0 1 node.locked.path != "/" then + parentNode.sourceInfo + // { + outPath = parentNode.outPath + ("/" + node.locked.path); + } + else + # FIXME: remove obsolete node.info. + # Note: lock file entries are always final. + fetchTreeFinal (node.info or { } // removeAttrs node.locked [ "dir" ]); + + subdir = overrides.${key}.dir or node.locked.dir or ""; + + outPath = sourceInfo + ((if subdir == "" then "" else "/") + subdir); + + flake = import (outPath + "/flake.nix"); + + inputs = builtins.mapAttrs (inputName: inputSpec: allNodes.${resolveInput inputSpec}) ( + node.inputs or { } + ); + + outputs = flake.outputs (inputs // { self = result; }); + + result = + outputs + # We add the sourceInfo attribute for its metadata, as they are + # relevant metadata for the flake. However, the outPath of the + # sourceInfo does not necessarily match the outPath of the flake, + # as the flake may be in a subdirectory of a source. + # This is shadowed in the next // + // sourceInfo + // { + # This shadows the sourceInfo.outPath + inherit outPath; + + inherit inputs; + inherit outputs; + inherit sourceInfo; + _type = "flake"; + }; + + in + if node.flake or true then + assert builtins.isFunction flake.outputs; + result + else + sourceInfo + ) lockFile.nodes; + +in +allNodes.${lockFile.root} diff --git a/src/libexpr/fetchurl.nix b/src/libexpr/fetchurl.nix index 85a01d16179..72b3b00dffc 100644 --- a/src/libexpr/fetchurl.nix +++ b/src/libexpr/fetchurl.nix @@ -1,40 +1,72 @@ -{ system ? "" # obsolete -, url -, hash ? "" # an SRI hash - -# Legacy hash specification -, md5 ? "", sha1 ? "", sha256 ? "", sha512 ? "" -, outputHash ? - if hash != "" then hash else if sha512 != "" then sha512 else if sha1 != "" then sha1 else if md5 != "" then md5 else sha256 -, outputHashAlgo ? - if hash != "" then "" else if sha512 != "" then "sha512" else if sha1 != "" then "sha1" else if md5 != "" then "md5" else "sha256" - -, executable ? false -, unpack ? false -, name ? baseNameOf (toString url) -, impure ? false +{ + system ? "", # obsolete + url, + hash ? "", # an SRI hash + + # Legacy hash specification + md5 ? "", + sha1 ? "", + sha256 ? "", + sha512 ? "", + outputHash ? + if hash != "" then + hash + else if sha512 != "" then + sha512 + else if sha1 != "" then + sha1 + else if md5 != "" then + md5 + else + sha256, + outputHashAlgo ? + if hash != "" then + "" + else if sha512 != "" then + "sha512" + else if sha1 != "" then + "sha1" + else if md5 != "" then + "md5" + else + "sha256", + + executable ? false, + unpack ? false, + name ? baseNameOf (toString url), + impure ? false, }: -derivation ({ - builder = "builtin:fetchurl"; +derivation ( + { + builder = "builtin:fetchurl"; - # New-style output content requirements. - outputHashMode = if unpack || executable then "recursive" else "flat"; + # New-style output content requirements. + outputHashMode = if unpack || executable then "recursive" else "flat"; - inherit name url executable unpack; + inherit + name + url + executable + unpack + ; - system = "builtin"; + system = "builtin"; - # No need to double the amount of network traffic - preferLocalBuild = true; + # No need to double the amount of network traffic + preferLocalBuild = true; - # This attribute does nothing; it's here to avoid changing evaluation results. - impureEnvVars = [ - "http_proxy" "https_proxy" "ftp_proxy" "all_proxy" "no_proxy" - ]; + # This attribute does nothing; it's here to avoid changing evaluation results. + impureEnvVars = [ + "http_proxy" + "https_proxy" + "ftp_proxy" + "all_proxy" + "no_proxy" + ]; - # To make "nix-prefetch-url" work. - urls = [ url ]; -} // (if impure - then { __impure = true; } - else { inherit outputHashAlgo outputHash; })) + # To make "nix-prefetch-url" work. + urls = [ url ]; + } + // (if impure then { __impure = true; } else { inherit outputHashAlgo outputHash; }) +) diff --git a/src/libexpr/imported-drv-to-derivation.nix b/src/libexpr/imported-drv-to-derivation.nix index eab8b050e8f..e2cf7fd2652 100644 --- a/src/libexpr/imported-drv-to-derivation.nix +++ b/src/libexpr/imported-drv-to-derivation.nix @@ -1,21 +1,27 @@ -attrs @ { drvPath, outputs, name, ... }: +attrs@{ + drvPath, + outputs, + name, + ... +}: let - commonAttrs = (builtins.listToAttrs outputsList) // - { all = map (x: x.value) outputsList; - inherit drvPath name; - type = "derivation"; - }; + commonAttrs = (builtins.listToAttrs outputsList) // { + all = map (x: x.value) outputsList; + inherit drvPath name; + type = "derivation"; + }; - outputToAttrListElement = outputName: - { name = outputName; - value = commonAttrs // { - outPath = builtins.getAttr outputName attrs; - inherit outputName; - }; + outputToAttrListElement = outputName: { + name = outputName; + value = commonAttrs // { + outPath = builtins.getAttr outputName attrs; + inherit outputName; }; - + }; + outputsList = map outputToAttrListElement outputs; - -in (builtins.head outputsList).value + +in +(builtins.head outputsList).value diff --git a/src/libexpr/package.nix b/src/libexpr/package.nix index 3d5b78e35f2..afd01c3846e 100644 --- a/src/libexpr/package.nix +++ b/src/libexpr/package.nix @@ -1,33 +1,34 @@ -{ lib -, stdenv -, mkMesonLibrary - -, bison -, flex -, cmake # for resolving toml11 dep - -, nix-util -, nix-store -, nix-fetchers -, boost -, boehmgc -, nlohmann_json -, toml11 - -# Configuration Options - -, version - -# Whether to use garbage collection for the Nix language evaluator. -# -# If it is disabled, we just leak memory, but this is not as bad as it -# sounds so long as evaluation just takes places within short-lived -# processes. (When the process exits, the memory is reclaimed; it is -# only leaked *within* the process.) -# -# Temporarily disabled on Windows because the `GC_throw_bad_alloc` -# symbol is missing during linking. -, enableGC ? !stdenv.hostPlatform.isWindows +{ + lib, + stdenv, + mkMesonLibrary, + + bison, + flex, + cmake, # for resolving toml11 dep + + nix-util, + nix-store, + nix-fetchers, + boost, + boehmgc, + nlohmann_json, + toml11, + + # Configuration Options + + version, + + # Whether to use garbage collection for the Nix language evaluator. + # + # If it is disabled, we just leak memory, but this is not as bad as it + # sounds so long as evaluation just takes places within short-lived + # processes. (When the process exits, the memory is reclaimed; it is + # only leaked *within* the process.) + # + # Temporarily disabled on Windows because the `GC_throw_bad_alloc` + # symbol is missing during linking. + enableGC ? !stdenv.hostPlatform.isWindows, }: let @@ -51,10 +52,7 @@ mkMesonLibrary (finalAttrs: { (fileset.fileFilter (file: file.hasExt "hh") ./.) ./lexer.l ./parser.y - (fileset.difference - (fileset.fileFilter (file: file.hasExt "nix") ./.) - ./package.nix - ) + (fileset.difference (fileset.fileFilter (file: file.hasExt "nix") ./.) ./package.nix) ]; nativeBuildInputs = [ diff --git a/src/libexpr/primops/derivation.nix b/src/libexpr/primops/derivation.nix index f329ff71e32..dbb8c218688 100644 --- a/src/libexpr/primops/derivation.nix +++ b/src/libexpr/primops/derivation.nix @@ -26,27 +26,34 @@ Note that `derivation` is very bare-bones, and provides almost no commands during the build. Most likely, you'll want to use functions like `stdenv.mkDerivation` in Nixpkgs to set up a basic environment. */ -drvAttrs @ { outputs ? [ "out" ], ... }: +drvAttrs@{ + outputs ? [ "out" ], + ... +}: let strict = derivationStrict drvAttrs; - commonAttrs = drvAttrs // (builtins.listToAttrs outputsList) // - { all = map (x: x.value) outputsList; + commonAttrs = + drvAttrs + // (builtins.listToAttrs outputsList) + // { + all = map (x: x.value) outputsList; inherit drvAttrs; }; - outputToAttrListElement = outputName: - { name = outputName; - value = commonAttrs // { - outPath = builtins.getAttr outputName strict; - drvPath = strict.drvPath; - type = "derivation"; - inherit outputName; - }; + outputToAttrListElement = outputName: { + name = outputName; + value = commonAttrs // { + outPath = builtins.getAttr outputName strict; + drvPath = strict.drvPath; + type = "derivation"; + inherit outputName; }; + }; outputsList = map outputToAttrListElement outputs; -in (builtins.head outputsList).value +in +(builtins.head outputsList).value diff --git a/src/libfetchers-tests/package.nix b/src/libfetchers-tests/package.nix index 5336672a222..f2680e9b3c1 100644 --- a/src/libfetchers-tests/package.nix +++ b/src/libfetchers-tests/package.nix @@ -1,19 +1,20 @@ -{ lib -, buildPackages -, stdenv -, mkMesonExecutable +{ + lib, + buildPackages, + stdenv, + mkMesonExecutable, -, nix-fetchers -, nix-store-test-support + nix-fetchers, + nix-store-test-support, -, rapidcheck -, gtest -, runCommand + rapidcheck, + gtest, + runCommand, -# Configuration Options + # Configuration Options -, version -, resolvePath + version, + resolvePath, }: let @@ -56,16 +57,22 @@ mkMesonExecutable (finalAttrs: { passthru = { tests = { - run = runCommand "${finalAttrs.pname}-run" { - meta.broken = !stdenv.hostPlatform.emulatorAvailable buildPackages; - } (lib.optionalString stdenv.hostPlatform.isWindows '' - export HOME="$PWD/home-dir" - mkdir -p "$HOME" - '' + '' - export _NIX_TEST_UNIT_DATA=${resolvePath ./data} - ${stdenv.hostPlatform.emulator buildPackages} ${lib.getExe finalAttrs.finalPackage} - touch $out - ''); + run = + runCommand "${finalAttrs.pname}-run" + { + meta.broken = !stdenv.hostPlatform.emulatorAvailable buildPackages; + } + ( + lib.optionalString stdenv.hostPlatform.isWindows '' + export HOME="$PWD/home-dir" + mkdir -p "$HOME" + '' + + '' + export _NIX_TEST_UNIT_DATA=${resolvePath ./data} + ${stdenv.hostPlatform.emulator buildPackages} ${lib.getExe finalAttrs.finalPackage} + touch $out + '' + ); }; }; diff --git a/src/libfetchers/package.nix b/src/libfetchers/package.nix index d4ca1855503..b0aecd04979 100644 --- a/src/libfetchers/package.nix +++ b/src/libfetchers/package.nix @@ -1,14 +1,15 @@ -{ lib -, mkMesonLibrary +{ + lib, + mkMesonLibrary, -, nix-util -, nix-store -, nlohmann_json -, libgit2 + nix-util, + nix-store, + nlohmann_json, + libgit2, -# Configuration Options + # Configuration Options -, version + version, }: let diff --git a/src/libflake-c/package.nix b/src/libflake-c/package.nix index dcd6c496609..f0615a42798 100644 --- a/src/libflake-c/package.nix +++ b/src/libflake-c/package.nix @@ -1,13 +1,14 @@ -{ lib -, mkMesonLibrary +{ + lib, + mkMesonLibrary, -, nix-store-c -, nix-expr-c -, nix-flake + nix-store-c, + nix-expr-c, + nix-flake, -# Configuration Options + # Configuration Options -, version + version, }: let diff --git a/src/libflake-tests/package.nix b/src/libflake-tests/package.nix index 51b68ad581f..f9d9b0bc0c6 100644 --- a/src/libflake-tests/package.nix +++ b/src/libflake-tests/package.nix @@ -1,20 +1,21 @@ -{ lib -, buildPackages -, stdenv -, mkMesonExecutable +{ + lib, + buildPackages, + stdenv, + mkMesonExecutable, -, nix-flake -, nix-flake-c -, nix-expr-test-support + nix-flake, + nix-flake-c, + nix-expr-test-support, -, rapidcheck -, gtest -, runCommand + rapidcheck, + gtest, + runCommand, -# Configuration Options + # Configuration Options -, version -, resolvePath + version, + resolvePath, }: let @@ -58,17 +59,23 @@ mkMesonExecutable (finalAttrs: { passthru = { tests = { - run = runCommand "${finalAttrs.pname}-run" { - meta.broken = !stdenv.hostPlatform.emulatorAvailable buildPackages; - } (lib.optionalString stdenv.hostPlatform.isWindows '' - export HOME="$PWD/home-dir" - mkdir -p "$HOME" - '' + '' - export _NIX_TEST_UNIT_DATA=${resolvePath ./data} - export NIX_CONFIG="extra-experimental-features = flakes" - ${stdenv.hostPlatform.emulator buildPackages} ${lib.getExe finalAttrs.finalPackage} - touch $out - ''); + run = + runCommand "${finalAttrs.pname}-run" + { + meta.broken = !stdenv.hostPlatform.emulatorAvailable buildPackages; + } + ( + lib.optionalString stdenv.hostPlatform.isWindows '' + export HOME="$PWD/home-dir" + mkdir -p "$HOME" + '' + + '' + export _NIX_TEST_UNIT_DATA=${resolvePath ./data} + export NIX_CONFIG="extra-experimental-features = flakes" + ${stdenv.hostPlatform.emulator buildPackages} ${lib.getExe finalAttrs.finalPackage} + touch $out + '' + ); }; }; diff --git a/src/libflake/package.nix b/src/libflake/package.nix index 3fc96a20e58..ebd38e140d3 100644 --- a/src/libflake/package.nix +++ b/src/libflake/package.nix @@ -1,15 +1,16 @@ -{ lib -, mkMesonLibrary +{ + lib, + mkMesonLibrary, -, nix-util -, nix-store -, nix-fetchers -, nix-expr -, nlohmann_json + nix-util, + nix-store, + nix-fetchers, + nix-expr, + nlohmann_json, -# Configuration Options + # Configuration Options -, version + version, }: let diff --git a/src/libmain-c/package.nix b/src/libmain-c/package.nix index b96901bb46b..cf710e03b0d 100644 --- a/src/libmain-c/package.nix +++ b/src/libmain-c/package.nix @@ -1,14 +1,15 @@ -{ lib -, mkMesonLibrary +{ + lib, + mkMesonLibrary, -, nix-util-c -, nix-store -, nix-store-c -, nix-main + nix-util-c, + nix-store, + nix-store-c, + nix-main, -# Configuration Options + # Configuration Options -, version + version, }: let diff --git a/src/libmain/package.nix b/src/libmain/package.nix index 9a5b9e8c2df..046b505dfd4 100644 --- a/src/libmain/package.nix +++ b/src/libmain/package.nix @@ -1,14 +1,15 @@ -{ lib -, mkMesonLibrary +{ + lib, + mkMesonLibrary, -, openssl + openssl, -, nix-util -, nix-store + nix-util, + nix-store, -# Configuration Options + # Configuration Options -, version + version, }: let diff --git a/src/libstore-c/package.nix b/src/libstore-c/package.nix index c2413c3890d..89abeaab870 100644 --- a/src/libstore-c/package.nix +++ b/src/libstore-c/package.nix @@ -1,12 +1,13 @@ -{ lib -, mkMesonLibrary +{ + lib, + mkMesonLibrary, -, nix-util-c -, nix-store + nix-util-c, + nix-store, -# Configuration Options + # Configuration Options -, version + version, }: let diff --git a/src/libstore-test-support/package.nix b/src/libstore-test-support/package.nix index 5d3f41b3e8b..7cc29795c19 100644 --- a/src/libstore-test-support/package.nix +++ b/src/libstore-test-support/package.nix @@ -1,15 +1,16 @@ -{ lib -, mkMesonLibrary +{ + lib, + mkMesonLibrary, -, nix-util-test-support -, nix-store -, nix-store-c + nix-util-test-support, + nix-store, + nix-store-c, -, rapidcheck + rapidcheck, -# Configuration Options + # Configuration Options -, version + version, }: let diff --git a/src/libstore-tests/package.nix b/src/libstore-tests/package.nix index 3acf4e25c2c..670386c4a6f 100644 --- a/src/libstore-tests/package.nix +++ b/src/libstore-tests/package.nix @@ -1,21 +1,22 @@ -{ lib -, buildPackages -, stdenv -, mkMesonExecutable +{ + lib, + buildPackages, + stdenv, + mkMesonExecutable, -, nix-store -, nix-store-c -, nix-store-test-support -, sqlite + nix-store, + nix-store-c, + nix-store-test-support, + sqlite, -, rapidcheck -, gtest -, runCommand + rapidcheck, + gtest, + runCommand, -# Configuration Options + # Configuration Options -, version -, filesetToSource + version, + filesetToSource, }: let @@ -64,26 +65,33 @@ mkMesonExecutable (finalAttrs: { passthru = { tests = { - run = let - # Some data is shared with the functional tests: they create it, - # we consume it. - data = filesetToSource { - root = ../..; - fileset = lib.fileset.unions [ - ./data - ../../tests/functional/derivation - ]; - }; - in runCommand "${finalAttrs.pname}-run" { - meta.broken = !stdenv.hostPlatform.emulatorAvailable buildPackages; - } (lib.optionalString stdenv.hostPlatform.isWindows '' - export HOME="$PWD/home-dir" - mkdir -p "$HOME" - '' + '' - export _NIX_TEST_UNIT_DATA=${data + "/src/libstore-tests/data"} - ${stdenv.hostPlatform.emulator buildPackages} ${lib.getExe finalAttrs.finalPackage} - touch $out - ''); + run = + let + # Some data is shared with the functional tests: they create it, + # we consume it. + data = filesetToSource { + root = ../..; + fileset = lib.fileset.unions [ + ./data + ../../tests/functional/derivation + ]; + }; + in + runCommand "${finalAttrs.pname}-run" + { + meta.broken = !stdenv.hostPlatform.emulatorAvailable buildPackages; + } + ( + lib.optionalString stdenv.hostPlatform.isWindows '' + export HOME="$PWD/home-dir" + mkdir -p "$HOME" + '' + + '' + export _NIX_TEST_UNIT_DATA=${data + "/src/libstore-tests/data"} + ${stdenv.hostPlatform.emulator buildPackages} ${lib.getExe finalAttrs.finalPackage} + touch $out + '' + ); }; }; diff --git a/src/libstore/package.nix b/src/libstore/package.nix index 4fbaea4acc5..c982b44f0b7 100644 --- a/src/libstore/package.nix +++ b/src/libstore/package.nix @@ -1,25 +1,26 @@ -{ lib -, stdenv -, mkMesonLibrary +{ + lib, + stdenv, + mkMesonLibrary, -, unixtools -, darwin + unixtools, + darwin, -, nix-util -, boost -, curl -, aws-sdk-cpp -, libseccomp -, nlohmann_json -, sqlite + nix-util, + boost, + curl, + aws-sdk-cpp, + libseccomp, + nlohmann_json, + sqlite, -, busybox-sandbox-shell ? null + busybox-sandbox-shell ? null, -# Configuration Options + # Configuration Options -, version + version, -, embeddedSandboxShell ? stdenv.hostPlatform.isStatic + embeddedSandboxShell ? stdenv.hostPlatform.isStatic, }: let @@ -48,19 +49,20 @@ mkMesonLibrary (finalAttrs: { (fileset.fileFilter (file: file.hasExt "sql") ./.) ]; - nativeBuildInputs = - lib.optional embeddedSandboxShell unixtools.hexdump; + nativeBuildInputs = lib.optional embeddedSandboxShell unixtools.hexdump; - buildInputs = [ - boost - curl - sqlite - ] ++ lib.optional stdenv.hostPlatform.isLinux libseccomp + buildInputs = + [ + boost + curl + sqlite + ] + ++ lib.optional stdenv.hostPlatform.isLinux libseccomp # There have been issues building these dependencies ++ lib.optional stdenv.hostPlatform.isDarwin darwin.apple_sdk.libs.sandbox - ++ lib.optional (stdenv.hostPlatform == stdenv.buildPlatform && (stdenv.isLinux || stdenv.isDarwin)) - aws-sdk-cpp - ; + ++ lib.optional ( + stdenv.hostPlatform == stdenv.buildPlatform && (stdenv.isLinux || stdenv.isDarwin) + ) aws-sdk-cpp; propagatedBuildInputs = [ nix-util @@ -75,12 +77,14 @@ mkMesonLibrary (finalAttrs: { echo ${version} > ../../.version ''; - mesonFlags = [ - (lib.mesonEnable "seccomp-sandboxing" stdenv.hostPlatform.isLinux) - (lib.mesonBool "embedded-sandbox-shell" embeddedSandboxShell) - ] ++ lib.optionals stdenv.hostPlatform.isLinux [ - (lib.mesonOption "sandbox-shell" "${busybox-sandbox-shell}/bin/busybox") - ]; + mesonFlags = + [ + (lib.mesonEnable "seccomp-sandboxing" stdenv.hostPlatform.isLinux) + (lib.mesonBool "embedded-sandbox-shell" embeddedSandboxShell) + ] + ++ lib.optionals stdenv.hostPlatform.isLinux [ + (lib.mesonOption "sandbox-shell" "${busybox-sandbox-shell}/bin/busybox") + ]; env = { # Needed for Meson to find Boost. diff --git a/src/libutil-c/package.nix b/src/libutil-c/package.nix index f80e0b7f0a2..72f57d6f9c6 100644 --- a/src/libutil-c/package.nix +++ b/src/libutil-c/package.nix @@ -1,11 +1,12 @@ -{ lib -, mkMesonLibrary +{ + lib, + mkMesonLibrary, -, nix-util + nix-util, -# Configuration Options + # Configuration Options -, version + version, }: let diff --git a/src/libutil-test-support/package.nix b/src/libutil-test-support/package.nix index a8a239717a6..33cd5217def 100644 --- a/src/libutil-test-support/package.nix +++ b/src/libutil-test-support/package.nix @@ -1,14 +1,15 @@ -{ lib -, mkMesonLibrary +{ + lib, + mkMesonLibrary, -, nix-util -, nix-util-c + nix-util, + nix-util-c, -, rapidcheck + rapidcheck, -# Configuration Options + # Configuration Options -, version + version, }: let diff --git a/src/libutil-tests/package.nix b/src/libutil-tests/package.nix index 28769e11522..d89c544539e 100644 --- a/src/libutil-tests/package.nix +++ b/src/libutil-tests/package.nix @@ -1,19 +1,20 @@ -{ lib -, buildPackages -, stdenv -, mkMesonExecutable +{ + lib, + buildPackages, + stdenv, + mkMesonExecutable, -, nix-util -, nix-util-c -, nix-util-test-support + nix-util, + nix-util-c, + nix-util-test-support, -, rapidcheck -, gtest -, runCommand + rapidcheck, + gtest, + runCommand, -# Configuration Options + # Configuration Options -, version + version, }: let @@ -57,16 +58,22 @@ mkMesonExecutable (finalAttrs: { passthru = { tests = { - run = runCommand "${finalAttrs.pname}-run" { - meta.broken = !stdenv.hostPlatform.emulatorAvailable buildPackages; - } (lib.optionalString stdenv.hostPlatform.isWindows '' - export HOME="$PWD/home-dir" - mkdir -p "$HOME" - '' + '' - export _NIX_TEST_UNIT_DATA=${./data} - ${stdenv.hostPlatform.emulator buildPackages} ${lib.getExe finalAttrs.finalPackage} - touch $out - ''); + run = + runCommand "${finalAttrs.pname}-run" + { + meta.broken = !stdenv.hostPlatform.emulatorAvailable buildPackages; + } + ( + lib.optionalString stdenv.hostPlatform.isWindows '' + export HOME="$PWD/home-dir" + mkdir -p "$HOME" + '' + + '' + export _NIX_TEST_UNIT_DATA=${./data} + ${stdenv.hostPlatform.emulator buildPackages} ${lib.getExe finalAttrs.finalPackage} + touch $out + '' + ); }; }; diff --git a/src/libutil/package.nix b/src/libutil/package.nix index 679872a75c5..586119a6e5d 100644 --- a/src/libutil/package.nix +++ b/src/libutil/package.nix @@ -1,18 +1,19 @@ -{ lib -, stdenv -, mkMesonLibrary +{ + lib, + stdenv, + mkMesonLibrary, -, boost -, brotli -, libarchive -, libcpuid -, libsodium -, nlohmann_json -, openssl + boost, + brotli, + libarchive, + libcpuid, + libsodium, + nlohmann_json, + openssl, -# Configuration Options + # Configuration Options -, version + version, }: let @@ -43,8 +44,7 @@ mkMesonLibrary (finalAttrs: { brotli libsodium openssl - ] ++ lib.optional stdenv.hostPlatform.isx86_64 libcpuid - ; + ] ++ lib.optional stdenv.hostPlatform.isx86_64 libcpuid; propagatedBuildInputs = [ boost diff --git a/src/nix-channel/unpack-channel.nix b/src/nix-channel/unpack-channel.nix index 10515bc8b91..84e324a4d89 100644 --- a/src/nix-channel/unpack-channel.nix +++ b/src/nix-channel/unpack-channel.nix @@ -1,4 +1,8 @@ -{ name, channelName, src }: +{ + name, + channelName, + src, +}: derivation { builder = "builtin:unpack-channel"; diff --git a/src/nix-env/buildenv.nix b/src/nix-env/buildenv.nix index 0bac4c44b48..c8955a94e99 100644 --- a/src/nix-env/buildenv.nix +++ b/src/nix-env/buildenv.nix @@ -8,13 +8,15 @@ derivation { inherit manifest; # !!! grmbl, need structured data for passing this in a clean way. - derivations = - map (d: - [ (d.meta.active or "true") - (d.meta.priority or 5) - (builtins.length d.outputs) - ] ++ map (output: builtins.getAttr output d) d.outputs) - derivations; + derivations = map ( + d: + [ + (d.meta.active or "true") + (d.meta.priority or 5) + (builtins.length d.outputs) + ] + ++ map (output: builtins.getAttr output d) d.outputs + ) derivations; # Building user environments remotely just causes huge amounts of # network traffic, so don't do that. diff --git a/src/nix/package.nix b/src/nix/package.nix index 171621af917..89c52c3bb05 100644 --- a/src/nix/package.nix +++ b/src/nix/package.nix @@ -1,14 +1,15 @@ -{ lib -, mkMesonExecutable +{ + lib, + mkMesonExecutable, -, nix-store -, nix-expr -, nix-main -, nix-cmd + nix-store, + nix-expr, + nix-main, + nix-cmd, -# Configuration Options + # Configuration Options -, version + version, }: let @@ -20,64 +21,67 @@ mkMesonExecutable (finalAttrs: { inherit version; workDir = ./.; - fileset = fileset.unions ([ - ../../nix-meson-build-support - ./nix-meson-build-support - ../../.version - ./.version - ./meson.build - ./meson.options + fileset = fileset.unions ( + [ + ../../nix-meson-build-support + ./nix-meson-build-support + ../../.version + ./.version + ./meson.build + ./meson.options - # Symbolic links to other dirs - ## exes - ./build-remote - ./doc - ./nix-build - ./nix-channel - ./nix-collect-garbage - ./nix-copy-closure - ./nix-env - ./nix-instantiate - ./nix-store - ## dirs - ./scripts - ../../scripts - ./misc - ../../misc + # Symbolic links to other dirs + ## exes + ./build-remote + ./doc + ./nix-build + ./nix-channel + ./nix-collect-garbage + ./nix-copy-closure + ./nix-env + ./nix-instantiate + ./nix-store + ## dirs + ./scripts + ../../scripts + ./misc + ../../misc - # Doc nix files for --help - ../../doc/manual/generate-manpage.nix - ../../doc/manual/utils.nix - ../../doc/manual/generate-settings.nix - ../../doc/manual/generate-store-info.nix + # Doc nix files for --help + ../../doc/manual/generate-manpage.nix + ../../doc/manual/utils.nix + ../../doc/manual/generate-settings.nix + ../../doc/manual/generate-store-info.nix - # Other files to be included as string literals - ../nix-channel/unpack-channel.nix - ../nix-env/buildenv.nix - ./get-env.sh - ./help-stores.md - ../../doc/manual/source/store/types/index.md.in - ./profiles.md - ../../doc/manual/source/command-ref/files/profiles.md + # Other files to be included as string literals + ../nix-channel/unpack-channel.nix + ../nix-env/buildenv.nix + ./get-env.sh + ./help-stores.md + ../../doc/manual/source/store/types/index.md.in + ./profiles.md + ../../doc/manual/source/command-ref/files/profiles.md - # Files - ] ++ lib.concatMap - (dir: [ - (fileset.fileFilter (file: file.hasExt "cc") dir) - (fileset.fileFilter (file: file.hasExt "hh") dir) - (fileset.fileFilter (file: file.hasExt "md") dir) - ]) - [ - ./. - ../build-remote - ../nix-build - ../nix-channel - ../nix-collect-garbage - ../nix-copy-closure - ../nix-env - ../nix-instantiate - ../nix-store + # Files ] + ++ + lib.concatMap + (dir: [ + (fileset.fileFilter (file: file.hasExt "cc") dir) + (fileset.fileFilter (file: file.hasExt "hh") dir) + (fileset.fileFilter (file: file.hasExt "md") dir) + ]) + [ + ./. + ../build-remote + ../nix-build + ../nix-channel + ../nix-collect-garbage + ../nix-copy-closure + ../nix-env + ../nix-instantiate + ../nix-store + ] ); buildInputs = [ diff --git a/src/perl/package.nix b/src/perl/package.nix index 5ee0df13c9d..d95d13aa921 100644 --- a/src/perl/package.nix +++ b/src/perl/package.nix @@ -1,76 +1,82 @@ -{ lib -, stdenv -, mkMesonDerivation -, pkg-config -, perl -, perlPackages -, nix-store -, version -, curl -, bzip2 -, libsodium +{ + lib, + stdenv, + mkMesonDerivation, + pkg-config, + perl, + perlPackages, + nix-store, + version, + curl, + bzip2, + libsodium, }: let inherit (lib) fileset; in -perl.pkgs.toPerlModule (mkMesonDerivation (finalAttrs: { - pname = "nix-perl"; - inherit version; +perl.pkgs.toPerlModule ( + mkMesonDerivation (finalAttrs: { + pname = "nix-perl"; + inherit version; - workDir = ./.; - fileset = fileset.unions ([ - ./.version - ../../.version - ./MANIFEST - ./lib - ./meson.build - ./meson.options - ] ++ lib.optionals finalAttrs.doCheck [ - ./.yath.rc.in - ./t - ]); + workDir = ./.; + fileset = fileset.unions ( + [ + ./.version + ../../.version + ./MANIFEST + ./lib + ./meson.build + ./meson.options + ] + ++ lib.optionals finalAttrs.doCheck [ + ./.yath.rc.in + ./t + ] + ); - nativeBuildInputs = [ - pkg-config - perl - curl - ]; + nativeBuildInputs = [ + pkg-config + perl + curl + ]; - buildInputs = [ - nix-store - ] ++ finalAttrs.passthru.externalBuildInputs; + buildInputs = [ + nix-store + ] ++ finalAttrs.passthru.externalBuildInputs; - # Hack for sake of the dev shell - passthru.externalBuildInputs = [ - bzip2 - libsodium - ]; + # Hack for sake of the dev shell + passthru.externalBuildInputs = [ + bzip2 + libsodium + ]; - # `perlPackages.Test2Harness` is marked broken for Darwin - doCheck = !stdenv.isDarwin; + # `perlPackages.Test2Harness` is marked broken for Darwin + doCheck = !stdenv.isDarwin; - nativeCheckInputs = [ - perlPackages.Test2Harness - ]; + nativeCheckInputs = [ + perlPackages.Test2Harness + ]; - preConfigure = - # "Inline" .version so its not a symlink, and includes the suffix - '' - chmod u+w .version - echo ${finalAttrs.version} > .version - ''; + preConfigure = + # "Inline" .version so its not a symlink, and includes the suffix + '' + chmod u+w .version + echo ${finalAttrs.version} > .version + ''; - mesonFlags = [ - (lib.mesonOption "dbi_path" "${perlPackages.DBI}/${perl.libPrefix}") - (lib.mesonOption "dbd_sqlite_path" "${perlPackages.DBDSQLite}/${perl.libPrefix}") - (lib.mesonEnable "tests" finalAttrs.doCheck) - ]; + mesonFlags = [ + (lib.mesonOption "dbi_path" "${perlPackages.DBI}/${perl.libPrefix}") + (lib.mesonOption "dbd_sqlite_path" "${perlPackages.DBDSQLite}/${perl.libPrefix}") + (lib.mesonEnable "tests" finalAttrs.doCheck) + ]; - mesonCheckFlags = [ - "--print-errorlogs" - ]; + mesonCheckFlags = [ + "--print-errorlogs" + ]; - strictDeps = false; -})) + strictDeps = false; + }) +) diff --git a/tests/functional/big-derivation-attr.nix b/tests/functional/big-derivation-attr.nix index 35c1187f665..d370486d6c4 100644 --- a/tests/functional/big-derivation-attr.nix +++ b/tests/functional/big-derivation-attr.nix @@ -1,6 +1,25 @@ let sixteenBytes = "0123456789abcdef"; - times16 = s: builtins.concatStringsSep "" [s s s s s s s s s s s s s s s s]; + times16 = + s: + builtins.concatStringsSep "" [ + s + s + s + s + s + s + s + s + s + s + s + s + s + s + s + s + ]; exp = n: x: if n == 1 then x else times16 (exp (n - 1) x); sixteenMegabyte = exp 6 sixteenBytes; in diff --git a/tests/functional/build-hook-ca-fixed.nix b/tests/functional/build-hook-ca-fixed.nix index 0ce6d9b128b..3d2643c1321 100644 --- a/tests/functional/build-hook-ca-fixed.nix +++ b/tests/functional/build-hook-ca-fixed.nix @@ -4,24 +4,39 @@ with import ./config.nix; let - mkDerivation = args: - derivation ({ - inherit system; - builder = busybox; - args = ["sh" "-e" args.builder or (builtins.toFile "builder-${args.name}.sh" '' - if [ -e "$NIX_ATTRS_SH_FILE" ]; then source $NIX_ATTRS_SH_FILE; fi; - eval "$buildCommand" - '')]; - outputHashMode = "recursive"; - outputHashAlgo = "sha256"; - } // removeAttrs args ["builder" "meta" "passthru"]) - // { meta = args.meta or {}; passthru = args.passthru or {}; }; + mkDerivation = + args: + derivation ( + { + inherit system; + builder = busybox; + args = [ + "sh" + "-e" + args.builder or (builtins.toFile "builder-${args.name}.sh" '' + if [ -e "$NIX_ATTRS_SH_FILE" ]; then source $NIX_ATTRS_SH_FILE; fi; + eval "$buildCommand" + '') + ]; + outputHashMode = "recursive"; + outputHashAlgo = "sha256"; + } + // removeAttrs args [ + "builder" + "meta" + "passthru" + ] + ) + // { + meta = args.meta or { }; + passthru = args.passthru or { }; + }; input1 = mkDerivation { shell = busybox; name = "build-remote-input-1"; buildCommand = "echo hi-input1; echo FOO > $out"; - requiredSystemFeatures = ["foo"]; + requiredSystemFeatures = [ "foo" ]; outputHash = "sha256-FePFYIlMuycIXPZbWi7LGEiMmZSX9FMbaQenWBzm1Sc="; }; @@ -29,7 +44,7 @@ let shell = busybox; name = "build-remote-input-2"; buildCommand = "echo hi; echo BAR > $out"; - requiredSystemFeatures = ["bar"]; + requiredSystemFeatures = [ "bar" ]; outputHash = "sha256-XArauVH91AVwP9hBBQNlkX9ccuPpSYx9o0zeIHb6e+Q="; }; @@ -41,21 +56,20 @@ let read x < ${input2} echo $x BAZ > $out ''; - requiredSystemFeatures = ["baz"]; + requiredSystemFeatures = [ "baz" ]; outputHash = "sha256-daKAcPp/+BYMQsVi/YYMlCKoNAxCNDsaivwSHgQqD2s="; }; in - mkDerivation { - shell = busybox; - name = "build-remote"; - passthru = { inherit input1 input2 input3; }; - buildCommand = - '' - read x < ${input1} - read y < ${input3} - echo "$x $y" > $out - ''; - outputHash = "sha256-5SxbkUw6xe2l9TE1uwCvTtTDysD1vhRor38OtDF0LqQ="; - } +mkDerivation { + shell = busybox; + name = "build-remote"; + passthru = { inherit input1 input2 input3; }; + buildCommand = '' + read x < ${input1} + read y < ${input3} + echo "$x $y" > $out + ''; + outputHash = "sha256-5SxbkUw6xe2l9TE1uwCvTtTDysD1vhRor38OtDF0LqQ="; +} diff --git a/tests/functional/build-hook.nix b/tests/functional/build-hook.nix index 99a13aee483..45a2a84d6d4 100644 --- a/tests/functional/build-hook.nix +++ b/tests/functional/build-hook.nix @@ -1,39 +1,61 @@ -{ busybox, contentAddressed ? false }: +{ + busybox, + contentAddressed ? false, +}: with import ./config.nix; let - caArgs = if contentAddressed then { - outputHashMode = "recursive"; - outputHashAlgo = "sha256"; - __contentAddressed = true; - } else {}; - - mkDerivation = args: - derivation ({ - inherit system; - builder = busybox; - args = ["sh" "-e" args.builder or (builtins.toFile "builder-${args.name}.sh" '' - if [ -e "$NIX_ATTRS_SH_FILE" ]; then source $NIX_ATTRS_SH_FILE; fi; - eval "$buildCommand" - '')]; - } // removeAttrs args ["builder" "meta" "passthru"] - // caArgs) - // { meta = args.meta or {}; passthru = args.passthru or {}; }; + caArgs = + if contentAddressed then + { + outputHashMode = "recursive"; + outputHashAlgo = "sha256"; + __contentAddressed = true; + } + else + { }; + + mkDerivation = + args: + derivation ( + { + inherit system; + builder = busybox; + args = [ + "sh" + "-e" + args.builder or (builtins.toFile "builder-${args.name}.sh" '' + if [ -e "$NIX_ATTRS_SH_FILE" ]; then source $NIX_ATTRS_SH_FILE; fi; + eval "$buildCommand" + '') + ]; + } + // removeAttrs args [ + "builder" + "meta" + "passthru" + ] + // caArgs + ) + // { + meta = args.meta or { }; + passthru = args.passthru or { }; + }; input1 = mkDerivation { shell = busybox; name = "build-remote-input-1"; buildCommand = "echo hi-input1; echo FOO > $out"; - requiredSystemFeatures = ["foo"]; + requiredSystemFeatures = [ "foo" ]; }; input2 = mkDerivation { shell = busybox; name = "build-remote-input-2"; buildCommand = "echo hi; echo BAR > $out"; - requiredSystemFeatures = ["bar"]; + requiredSystemFeatures = [ "bar" ]; }; input3 = mkDerivation { @@ -44,19 +66,18 @@ let read x < ${input2} echo $x BAZ > $out ''; - requiredSystemFeatures = ["baz"]; + requiredSystemFeatures = [ "baz" ]; }; in - mkDerivation { - shell = busybox; - name = "build-remote"; - passthru = { inherit input1 input2 input3; }; - buildCommand = - '' - read x < ${input1} - read y < ${input3} - echo "$x $y" > $out - ''; - } +mkDerivation { + shell = busybox; + name = "build-remote"; + passthru = { inherit input1 input2 input3; }; + buildCommand = '' + read x < ${input1} + read y < ${input3} + echo "$x $y" > $out + ''; +} diff --git a/tests/functional/ca-shell.nix b/tests/functional/ca-shell.nix index 36e1d1526f3..69ce6b6f17e 100644 --- a/tests/functional/ca-shell.nix +++ b/tests/functional/ca-shell.nix @@ -1 +1,5 @@ -{ inNixShell ? false, ... }@args: import ./shell.nix (args // { contentAddressed = true; }) +{ + inNixShell ? false, + ... +}@args: +import ./shell.nix (args // { contentAddressed = true; }) diff --git a/tests/functional/ca/content-addressed.nix b/tests/functional/ca/content-addressed.nix index 2559c562f92..6ed9c185b62 100644 --- a/tests/functional/ca/content-addressed.nix +++ b/tests/functional/ca/content-addressed.nix @@ -1,13 +1,21 @@ with import ./config.nix; -let mkCADerivation = args: mkDerivation ({ - __contentAddressed = true; - outputHashMode = "recursive"; - outputHashAlgo = "sha256"; -} // args); +let + mkCADerivation = + args: + mkDerivation ( + { + __contentAddressed = true; + outputHashMode = "recursive"; + outputHashAlgo = "sha256"; + } + // args + ); in -{ seed ? 0 }: +{ + seed ? 0, +}: # A simple content-addressed derivation. # The derivation can be arbitrarily modified by passing a different `seed`, # but the output will always be the same @@ -23,7 +31,11 @@ rec { }; rootCA = mkCADerivation { name = "rootCA"; - outputs = [ "out" "dev" "foo" ]; + outputs = [ + "out" + "dev" + "foo" + ]; buildCommand = '' echo "building a CA derivation" echo "The seed is ${toString seed}" diff --git a/tests/functional/ca/flake.nix b/tests/functional/ca/flake.nix index 332c92a6792..28a27c4b31d 100644 --- a/tests/functional/ca/flake.nix +++ b/tests/functional/ca/flake.nix @@ -1,3 +1,3 @@ { - outputs = { self }: import ./content-addressed.nix {}; + outputs = { self }: import ./content-addressed.nix { }; } diff --git a/tests/functional/ca/nondeterministic.nix b/tests/functional/ca/nondeterministic.nix index d6d099a3e0e..2af26f0ac2e 100644 --- a/tests/functional/ca/nondeterministic.nix +++ b/tests/functional/ca/nondeterministic.nix @@ -1,10 +1,16 @@ with import ./config.nix; -let mkCADerivation = args: mkDerivation ({ - __contentAddressed = true; - outputHashMode = "recursive"; - outputHashAlgo = "sha256"; -} // args); +let + mkCADerivation = + args: + mkDerivation ( + { + __contentAddressed = true; + outputHashMode = "recursive"; + outputHashAlgo = "sha256"; + } + // args + ); in rec { @@ -15,13 +21,15 @@ rec { echo $(date) > $out/current-time ''; }; - dep = seed: mkCADerivation { - name = "dep"; - inherit seed; - buildCommand = '' - echo ${currentTime} > $out - ''; - }; + dep = + seed: + mkCADerivation { + name = "dep"; + inherit seed; + buildCommand = '' + echo ${currentTime} > $out + ''; + }; dep1 = dep 1; dep2 = dep 2; toplevel = mkCADerivation { @@ -32,4 +40,3 @@ rec { ''; }; } - diff --git a/tests/functional/ca/racy.nix b/tests/functional/ca/racy.nix index 555a1548464..cbc0e1643a7 100644 --- a/tests/functional/ca/racy.nix +++ b/tests/functional/ca/racy.nix @@ -1,7 +1,6 @@ # A derivation that would certainly fail if several builders tried to # build it at once. - with import ./config.nix; mkDerivation { diff --git a/tests/functional/check-refs.nix b/tests/functional/check-refs.nix index 89690e456c1..471d9575360 100644 --- a/tests/functional/check-refs.nix +++ b/tests/functional/check-refs.nix @@ -2,11 +2,16 @@ with import ./config.nix; rec { - dep = import ./dependencies.nix {}; + dep = import ./dependencies.nix { }; - makeTest = nr: args: mkDerivation ({ - name = "check-refs-" + toString nr; - } // args); + makeTest = + nr: args: + mkDerivation ( + { + name = "check-refs-" + toString nr; + } + // args + ); src = builtins.toFile "aux-ref" "bla bla"; @@ -22,31 +27,31 @@ rec { test3 = makeTest 3 { builder = builtins.toFile "builder.sh" "mkdir $out; ln -s $dep $out/link"; - allowedReferences = []; + allowedReferences = [ ]; inherit dep; }; test4 = makeTest 4 { builder = builtins.toFile "builder.sh" "mkdir $out; ln -s $dep $out/link"; - allowedReferences = [dep]; + allowedReferences = [ dep ]; inherit dep; }; test5 = makeTest 5 { builder = builtins.toFile "builder.sh" "mkdir $out"; - allowedReferences = []; + allowedReferences = [ ]; inherit dep; }; test6 = makeTest 6 { builder = builtins.toFile "builder.sh" "mkdir $out; ln -s $out $out/link"; - allowedReferences = []; + allowedReferences = [ ]; inherit dep; }; test7 = makeTest 7 { builder = builtins.toFile "builder.sh" "mkdir $out; ln -s $out $out/link"; - allowedReferences = ["out"]; + allowedReferences = [ "out" ]; inherit dep; }; @@ -58,19 +63,19 @@ rec { test9 = makeTest 9 { builder = builtins.toFile "builder.sh" "mkdir $out; ln -s $dep $out/link"; inherit dep; - disallowedReferences = [dep]; + disallowedReferences = [ dep ]; }; test10 = makeTest 10 { builder = builtins.toFile "builder.sh" "mkdir $out; echo $test5; ln -s $dep $out/link"; inherit dep test5; - disallowedReferences = [test5]; + disallowedReferences = [ test5 ]; }; test11 = makeTest 11 { __structuredAttrs = true; unsafeDiscardReferences.out = true; - outputChecks.out.allowedReferences = []; + outputChecks.out.allowedReferences = [ ]; buildCommand = ''echo ${dep} > "''${outputs[out]}"''; }; diff --git a/tests/functional/check-reqs.nix b/tests/functional/check-reqs.nix index 41436cb48e0..3cca761846a 100644 --- a/tests/functional/check-reqs.nix +++ b/tests/functional/check-reqs.nix @@ -22,36 +22,48 @@ rec { ''; }; - makeTest = nr: allowreqs: mkDerivation { - name = "check-reqs-" + toString nr; - inherit deps; - builder = builtins.toFile "builder.sh" '' - mkdir $out - ln -s $deps $out/depdir1 - ''; - allowedRequisites = allowreqs; - }; + makeTest = + nr: allowreqs: + mkDerivation { + name = "check-reqs-" + toString nr; + inherit deps; + builder = builtins.toFile "builder.sh" '' + mkdir $out + ln -s $deps $out/depdir1 + ''; + allowedRequisites = allowreqs; + }; # When specifying all the requisites, the build succeeds. - test1 = makeTest 1 [ dep1 dep2 deps ]; + test1 = makeTest 1 [ + dep1 + dep2 + deps + ]; # But missing anything it fails. - test2 = makeTest 2 [ dep2 deps ]; - test3 = makeTest 3 [ dep1 deps ]; + test2 = makeTest 2 [ + dep2 + deps + ]; + test3 = makeTest 3 [ + dep1 + deps + ]; test4 = makeTest 4 [ deps ]; - test5 = makeTest 5 []; + test5 = makeTest 5 [ ]; test6 = mkDerivation { name = "check-reqs"; inherit deps; builder = builtins.toFile "builder.sh" "mkdir $out; ln -s $deps $out/depdir1"; - disallowedRequisites = [dep1]; + disallowedRequisites = [ dep1 ]; }; test7 = mkDerivation { name = "check-reqs"; inherit deps; builder = builtins.toFile "builder.sh" "mkdir $out; ln -s $deps $out/depdir1"; - disallowedRequisites = [test1]; + disallowedRequisites = [ test1 ]; }; } diff --git a/tests/functional/check.nix b/tests/functional/check.nix index ddab8eea9cb..d83c28ca2ee 100644 --- a/tests/functional/check.nix +++ b/tests/functional/check.nix @@ -1,4 +1,6 @@ -{checkBuildId ? 0}: +{ + checkBuildId ? 0, +}: with import ./config.nix; @@ -6,41 +8,38 @@ with import ./config.nix; nondeterministic = mkDerivation { inherit checkBuildId; name = "nondeterministic"; - buildCommand = - '' - mkdir $out - date +%s.%N > $out/date - echo "CHECK_TMPDIR=$TMPDIR" - echo "checkBuildId=$checkBuildId" - echo "$checkBuildId" > $TMPDIR/checkBuildId - ''; + buildCommand = '' + mkdir $out + date +%s.%N > $out/date + echo "CHECK_TMPDIR=$TMPDIR" + echo "checkBuildId=$checkBuildId" + echo "$checkBuildId" > $TMPDIR/checkBuildId + ''; }; deterministic = mkDerivation { inherit checkBuildId; name = "deterministic"; - buildCommand = - '' - mkdir $out - echo date > $out/date - echo "CHECK_TMPDIR=$TMPDIR" - echo "checkBuildId=$checkBuildId" - echo "$checkBuildId" > $TMPDIR/checkBuildId - ''; + buildCommand = '' + mkdir $out + echo date > $out/date + echo "CHECK_TMPDIR=$TMPDIR" + echo "checkBuildId=$checkBuildId" + echo "$checkBuildId" > $TMPDIR/checkBuildId + ''; }; failed = mkDerivation { inherit checkBuildId; name = "failed"; - buildCommand = - '' - mkdir $out - echo date > $out/date - echo "CHECK_TMPDIR=$TMPDIR" - echo "checkBuildId=$checkBuildId" - echo "$checkBuildId" > $TMPDIR/checkBuildId - false - ''; + buildCommand = '' + mkdir $out + echo date > $out/date + echo "CHECK_TMPDIR=$TMPDIR" + echo "checkBuildId=$checkBuildId" + echo "$checkBuildId" > $TMPDIR/checkBuildId + false + ''; }; hashmismatch = import { diff --git a/tests/functional/dependencies.nix b/tests/functional/dependencies.nix index 4ff29227fd3..570ea743135 100644 --- a/tests/functional/dependencies.nix +++ b/tests/functional/dependencies.nix @@ -1,4 +1,6 @@ -{ hashInvalidator ? "" }: +{ + hashInvalidator ? "", +}: with import ./config.nix; let diff --git a/tests/functional/derivation/advanced-attributes-defaults.nix b/tests/functional/derivation/advanced-attributes-defaults.nix index 51a8d0e7e1a..d466003b00d 100644 --- a/tests/functional/derivation/advanced-attributes-defaults.nix +++ b/tests/functional/derivation/advanced-attributes-defaults.nix @@ -2,5 +2,8 @@ derivation { name = "advanced-attributes-defaults"; system = "my-system"; builder = "/bin/bash"; - args = [ "-c" "echo hello > $out" ]; + args = [ + "-c" + "echo hello > $out" + ]; } diff --git a/tests/functional/derivation/advanced-attributes-structured-attrs-defaults.nix b/tests/functional/derivation/advanced-attributes-structured-attrs-defaults.nix index 0c13a76911f..3c6ad4900d6 100644 --- a/tests/functional/derivation/advanced-attributes-structured-attrs-defaults.nix +++ b/tests/functional/derivation/advanced-attributes-structured-attrs-defaults.nix @@ -2,7 +2,13 @@ derivation { name = "advanced-attributes-structured-attrs-defaults"; system = "my-system"; builder = "/bin/bash"; - args = [ "-c" "echo hello > $out" ]; - outputs = [ "out" "dev" ]; + args = [ + "-c" + "echo hello > $out" + ]; + outputs = [ + "out" + "dev" + ]; __structuredAttrs = true; } diff --git a/tests/functional/derivation/advanced-attributes-structured-attrs.nix b/tests/functional/derivation/advanced-attributes-structured-attrs.nix index 0044b65fd41..4c596be45e9 100644 --- a/tests/functional/derivation/advanced-attributes-structured-attrs.nix +++ b/tests/functional/derivation/advanced-attributes-structured-attrs.nix @@ -4,42 +4,58 @@ let inherit system; name = "foo"; builder = "/bin/bash"; - args = ["-c" "echo foo > $out"]; + args = [ + "-c" + "echo foo > $out" + ]; }; bar = derivation { inherit system; name = "bar"; builder = "/bin/bash"; - args = ["-c" "echo bar > $out"]; + args = [ + "-c" + "echo bar > $out" + ]; }; in derivation { inherit system; name = "advanced-attributes-structured-attrs"; builder = "/bin/bash"; - args = [ "-c" "echo hello > $out" ]; + args = [ + "-c" + "echo hello > $out" + ]; __sandboxProfile = "sandcastle"; __noChroot = true; - __impureHostDeps = ["/usr/bin/ditto"]; - impureEnvVars = ["UNICORN"]; + __impureHostDeps = [ "/usr/bin/ditto" ]; + impureEnvVars = [ "UNICORN" ]; __darwinAllowLocalNetworking = true; - outputs = [ "out" "bin" "dev" ]; + outputs = [ + "out" + "bin" + "dev" + ]; __structuredAttrs = true; outputChecks = { out = { - allowedReferences = [foo]; - allowedRequisites = [foo]; + allowedReferences = [ foo ]; + allowedRequisites = [ foo ]; }; bin = { - disallowedReferences = [bar]; - disallowedRequisites = [bar]; + disallowedReferences = [ bar ]; + disallowedRequisites = [ bar ]; }; dev = { maxSize = 789; maxClosureSize = 5909; }; }; - requiredSystemFeatures = ["rainbow" "uid-range"]; + requiredSystemFeatures = [ + "rainbow" + "uid-range" + ]; preferLocalBuild = true; allowSubstitutes = false; } diff --git a/tests/functional/derivation/advanced-attributes.nix b/tests/functional/derivation/advanced-attributes.nix index ff680c5677f..7f365ce65e2 100644 --- a/tests/functional/derivation/advanced-attributes.nix +++ b/tests/functional/derivation/advanced-attributes.nix @@ -4,30 +4,42 @@ let inherit system; name = "foo"; builder = "/bin/bash"; - args = ["-c" "echo foo > $out"]; + args = [ + "-c" + "echo foo > $out" + ]; }; bar = derivation { inherit system; name = "bar"; builder = "/bin/bash"; - args = ["-c" "echo bar > $out"]; + args = [ + "-c" + "echo bar > $out" + ]; }; in derivation { inherit system; name = "advanced-attributes"; builder = "/bin/bash"; - args = [ "-c" "echo hello > $out" ]; + args = [ + "-c" + "echo hello > $out" + ]; __sandboxProfile = "sandcastle"; __noChroot = true; - __impureHostDeps = ["/usr/bin/ditto"]; - impureEnvVars = ["UNICORN"]; + __impureHostDeps = [ "/usr/bin/ditto" ]; + impureEnvVars = [ "UNICORN" ]; __darwinAllowLocalNetworking = true; - allowedReferences = [foo]; - allowedRequisites = [foo]; - disallowedReferences = [bar]; - disallowedRequisites = [bar]; - requiredSystemFeatures = ["rainbow" "uid-range"]; + allowedReferences = [ foo ]; + allowedRequisites = [ foo ]; + disallowedReferences = [ bar ]; + disallowedRequisites = [ bar ]; + requiredSystemFeatures = [ + "rainbow" + "uid-range" + ]; preferLocalBuild = true; allowSubstitutes = false; } diff --git a/tests/functional/dyn-drv/recursive-mod-json.nix b/tests/functional/dyn-drv/recursive-mod-json.nix index c6a24ca4f3b..2d46e4e2e02 100644 --- a/tests/functional/dyn-drv/recursive-mod-json.nix +++ b/tests/functional/dyn-drv/recursive-mod-json.nix @@ -1,6 +1,8 @@ with import ./config.nix; -let innerName = "foo"; in +let + innerName = "foo"; +in mkDerivation rec { name = "${innerName}.drv"; diff --git a/tests/functional/export-graph.nix b/tests/functional/export-graph.nix index 64fe36bd1ef..5078eec8319 100644 --- a/tests/functional/export-graph.nix +++ b/tests/functional/export-graph.nix @@ -2,28 +2,33 @@ with import ./config.nix; rec { - printRefs = - '' - echo $exportReferencesGraph - while read path; do - read drv - read nrRefs - echo "$path has $nrRefs references" - echo "$path" >> $out - for ((n = 0; n < $nrRefs; n++)); do read ref; echo "ref $ref"; test -e "$ref"; done - done < refs - ''; + printRefs = '' + echo $exportReferencesGraph + while read path; do + read drv + read nrRefs + echo "$path has $nrRefs references" + echo "$path" >> $out + for ((n = 0; n < $nrRefs; n++)); do read ref; echo "ref $ref"; test -e "$ref"; done + done < refs + ''; foo."bar.runtimeGraph" = mkDerivation { name = "dependencies"; builder = builtins.toFile "build-graph-builder" "${printRefs}"; - exportReferencesGraph = ["refs" (import ./dependencies.nix {})]; + exportReferencesGraph = [ + "refs" + (import ./dependencies.nix { }) + ]; }; foo."bar.buildGraph" = mkDerivation { name = "dependencies"; builder = builtins.toFile "build-graph-builder" "${printRefs}"; - exportReferencesGraph = ["refs" (import ./dependencies.nix {}).drvPath]; + exportReferencesGraph = [ + "refs" + (import ./dependencies.nix { }).drvPath + ]; }; } diff --git a/tests/functional/failing.nix b/tests/functional/failing.nix index d25e2d6b62b..8abae1856cf 100644 --- a/tests/functional/failing.nix +++ b/tests/functional/failing.nix @@ -2,16 +2,29 @@ with import ./config.nix; let - mkDerivation = args: - derivation ({ - inherit system; - builder = busybox; - args = ["sh" "-e" args.builder or (builtins.toFile "builder-${args.name}.sh" '' - if [ -e "$NIX_ATTRS_SH_FILE" ]; then source $NIX_ATTRS_SH_FILE; fi; - eval "$buildCommand" - '')]; - } // removeAttrs args ["builder" "meta"]) - // { meta = args.meta or {}; }; + mkDerivation = + args: + derivation ( + { + inherit system; + builder = busybox; + args = [ + "sh" + "-e" + args.builder or (builtins.toFile "builder-${args.name}.sh" '' + if [ -e "$NIX_ATTRS_SH_FILE" ]; then source $NIX_ATTRS_SH_FILE; fi; + eval "$buildCommand" + '') + ]; + } + // removeAttrs args [ + "builder" + "meta" + ] + ) + // { + meta = args.meta or { }; + }; in { diff --git a/tests/functional/filter-source.nix b/tests/functional/filter-source.nix index 9071636394a..7bad263f842 100644 --- a/tests/functional/filter-source.nix +++ b/tests/functional/filter-source.nix @@ -4,9 +4,12 @@ mkDerivation { name = "filter"; builder = builtins.toFile "builder" "ln -s $input $out"; input = - let filter = path: type: - type != "symlink" - && baseNameOf path != "foo" - && !((import ./lang/lib.nix).hasSuffix ".bak" (baseNameOf path)); - in builtins.filterSource filter ((builtins.getEnv "TEST_ROOT") + "/filterin"); + let + filter = + path: type: + type != "symlink" + && baseNameOf path != "foo" + && !((import ./lang/lib.nix).hasSuffix ".bak" (baseNameOf path)); + in + builtins.filterSource filter ((builtins.getEnv "TEST_ROOT") + "/filterin"); } diff --git a/tests/functional/fixed.nix b/tests/functional/fixed.nix index a920a21671f..4097a63741f 100644 --- a/tests/functional/fixed.nix +++ b/tests/functional/fixed.nix @@ -2,15 +2,20 @@ with import ./config.nix; rec { - f2 = dummy: builder: mode: algo: hash: mkDerivation { - name = "fixed"; - inherit builder; - outputHashMode = mode; - outputHashAlgo = algo; - outputHash = hash; - inherit dummy; - impureEnvVars = ["IMPURE_VAR1" "IMPURE_VAR2"]; - }; + f2 = + dummy: builder: mode: algo: hash: + mkDerivation { + name = "fixed"; + inherit builder; + outputHashMode = mode; + outputHashAlgo = algo; + outputHash = hash; + inherit dummy; + impureEnvVars = [ + "IMPURE_VAR1" + "IMPURE_VAR2" + ]; + }; f = f2 ""; @@ -37,7 +42,8 @@ rec { ]; sameAsAdd = - f ./fixed.builder2.sh "recursive" "sha256" "1ixr6yd3297ciyp9im522dfxpqbkhcw0pylkb2aab915278fqaik"; + f ./fixed.builder2.sh "recursive" "sha256" + "1ixr6yd3297ciyp9im522dfxpqbkhcw0pylkb2aab915278fqaik"; bad = [ (f ./fixed.builder1.sh "flat" "md5" "0ddd8be4b179a529afa5f2ffae4b9858") diff --git a/tests/functional/fod-failing.nix b/tests/functional/fod-failing.nix index 37c04fe12f8..0de676c1536 100644 --- a/tests/functional/fod-failing.nix +++ b/tests/functional/fod-failing.nix @@ -2,38 +2,34 @@ with import ./config.nix; rec { x1 = mkDerivation { name = "x1"; - builder = builtins.toFile "builder.sh" - '' - echo $name > $out - ''; + builder = builtins.toFile "builder.sh" '' + echo $name > $out + ''; outputHashMode = "recursive"; outputHash = "sha256-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="; }; x2 = mkDerivation { name = "x2"; - builder = builtins.toFile "builder.sh" - '' - echo $name > $out - ''; + builder = builtins.toFile "builder.sh" '' + echo $name > $out + ''; outputHashMode = "recursive"; outputHash = "sha256-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="; }; x3 = mkDerivation { name = "x3"; - builder = builtins.toFile "builder.sh" - '' - echo $name > $out - ''; + builder = builtins.toFile "builder.sh" '' + echo $name > $out + ''; outputHashMode = "recursive"; outputHash = "sha256-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="; }; x4 = mkDerivation { name = "x4"; inherit x2 x3; - builder = builtins.toFile "builder.sh" - '' - echo $x2 $x3 - exit 1 - ''; + builder = builtins.toFile "builder.sh" '' + echo $x2 $x3 + exit 1 + ''; }; } diff --git a/tests/functional/gc-concurrent.nix b/tests/functional/gc-concurrent.nix index 0aba1f98307..d7483d88f12 100644 --- a/tests/functional/gc-concurrent.nix +++ b/tests/functional/gc-concurrent.nix @@ -1,6 +1,8 @@ with import ./config.nix; -{ lockFifo ? null }: +{ + lockFifo ? null, +}: rec { diff --git a/tests/functional/hash-check.nix b/tests/functional/hash-check.nix index 4a8e9b8a8df..7a48a620b79 100644 --- a/tests/functional/hash-check.nix +++ b/tests/functional/hash-check.nix @@ -4,14 +4,22 @@ let { name = "dependencies-input-1"; system = "i086-msdos"; builder = "/bar/sh"; - args = ["-e" "-x" ./dummy]; + args = [ + "-e" + "-x" + ./dummy + ]; }; input2 = derivation { name = "dependencies-input-2"; system = "i086-msdos"; builder = "/bar/sh"; - args = ["-e" "-x" ./dummy]; + args = [ + "-e" + "-x" + ./dummy + ]; outputHashMode = "recursive"; outputHashAlgo = "md5"; outputHash = "ffffffffffffffffffffffffffffffff"; @@ -21,9 +29,13 @@ let { name = "dependencies"; system = "i086-msdos"; builder = "/bar/sh"; - args = ["-e" "-x" (./dummy + "/FOOBAR/../.")]; + args = [ + "-e" + "-x" + (./dummy + "/FOOBAR/../.") + ]; input1 = input1 + "/."; inherit input2; }; -} \ No newline at end of file +} diff --git a/tests/functional/hermetic.nix b/tests/functional/hermetic.nix index d1dccdff3d5..a5071466474 100644 --- a/tests/functional/hermetic.nix +++ b/tests/functional/hermetic.nix @@ -1,31 +1,51 @@ -{ busybox -, seed -# If we want the final derivation output to have references to its -# dependencies. Some tests need/want this, other don't. -, withFinalRefs ? false +{ + busybox, + seed, + # If we want the final derivation output to have references to its + # dependencies. Some tests need/want this, other don't. + withFinalRefs ? false, }: with import ./config.nix; let contentAddressedByDefault = builtins.getEnv "NIX_TESTS_CA_BY_DEFAULT" == "1"; - caArgs = if contentAddressedByDefault then { - __contentAddressed = true; - outputHashMode = "recursive"; - outputHashAlgo = "sha256"; - } else {}; + caArgs = + if contentAddressedByDefault then + { + __contentAddressed = true; + outputHashMode = "recursive"; + outputHashAlgo = "sha256"; + } + else + { }; - mkDerivation = args: - derivation ({ - inherit system; - builder = busybox; - args = ["sh" "-e" args.builder or (builtins.toFile "builder-${args.name}.sh" '' - if [ -e "$NIX_ATTRS_SH_FILE" ]; then source $NIX_ATTRS_SH_FILE; fi; - eval "$buildCommand" - '')]; - } // removeAttrs args ["builder" "meta" "passthru"] - // caArgs) - // { meta = args.meta or {}; passthru = args.passthru or {}; }; + mkDerivation = + args: + derivation ( + { + inherit system; + builder = busybox; + args = [ + "sh" + "-e" + args.builder or (builtins.toFile "builder-${args.name}.sh" '' + if [ -e "$NIX_ATTRS_SH_FILE" ]; then source $NIX_ATTRS_SH_FILE; fi; + eval "$buildCommand" + '') + ]; + } + // removeAttrs args [ + "builder" + "meta" + "passthru" + ] + // caArgs + ) + // { + meta = args.meta or { }; + passthru = args.passthru or { }; + }; input1 = mkDerivation { shell = busybox; @@ -51,14 +71,15 @@ let in - mkDerivation { - shell = busybox; - name = "hermetic"; - passthru = { inherit input1 input2 input3; }; - buildCommand = - '' - read x < ${input1} - read y < ${input3} - echo ${if (builtins.trace withFinalRefs withFinalRefs) then "${input1} ${input3}" else ""} "$x $y" > $out - ''; - } +mkDerivation { + shell = busybox; + name = "hermetic"; + passthru = { inherit input1 input2 input3; }; + buildCommand = '' + read x < ${input1} + read y < ${input3} + echo ${ + if (builtins.trace withFinalRefs withFinalRefs) then "${input1} ${input3}" else "" + } "$x $y" > $out + ''; +} diff --git a/tests/functional/ifd.nix b/tests/functional/ifd.nix index d0b9b54add0..b8c04f72cac 100644 --- a/tests/functional/ifd.nix +++ b/tests/functional/ifd.nix @@ -1,10 +1,8 @@ with import ./config.nix; -import ( - mkDerivation { - name = "foo"; - bla = import ./dependencies.nix {}; - buildCommand = " +import (mkDerivation { + name = "foo"; + bla = import ./dependencies.nix { }; + buildCommand = " echo \\\"hi\\\" > $out "; - } -) +}) diff --git a/tests/functional/import-from-derivation.nix b/tests/functional/import-from-derivation.nix index 770dd86cf73..600f448a6f9 100644 --- a/tests/functional/import-from-derivation.nix +++ b/tests/functional/import-from-derivation.nix @@ -3,10 +3,9 @@ with import ; rec { bar = mkDerivation { name = "bar"; - builder = builtins.toFile "builder.sh" - '' - echo 'builtins.add 123 456' > $out - ''; + builder = builtins.toFile "builder.sh" '' + echo 'builtins.add 123 456' > $out + ''; }; value = @@ -16,19 +15,17 @@ rec { result = mkDerivation { name = "foo"; - builder = builtins.toFile "builder.sh" - '' - echo -n FOO${toString value} > $out - ''; + builder = builtins.toFile "builder.sh" '' + echo -n FOO${toString value} > $out + ''; }; addPath = mkDerivation { name = "add-path"; src = builtins.filterSource (path: type: true) result; - builder = builtins.toFile "builder.sh" - '' - echo -n BLA$(cat $src) > $out - ''; + builder = builtins.toFile "builder.sh" '' + echo -n BLA$(cat $src) > $out + ''; }; step1 = mkDerivation { diff --git a/tests/functional/impure-derivations.nix b/tests/functional/impure-derivations.nix index 98547e6c1d6..806f20577d3 100644 --- a/tests/functional/impure-derivations.nix +++ b/tests/functional/impure-derivations.nix @@ -4,60 +4,58 @@ rec { impure = mkDerivation { name = "impure"; - outputs = [ "out" "stuff" ]; - buildCommand = - '' - echo impure - x=$(< $TEST_ROOT/counter) - mkdir $out $stuff - echo $x > $out/n - ln -s $out/n $stuff/bla - printf $((x + 1)) > $TEST_ROOT/counter - ''; + outputs = [ + "out" + "stuff" + ]; + buildCommand = '' + echo impure + x=$(< $TEST_ROOT/counter) + mkdir $out $stuff + echo $x > $out/n + ln -s $out/n $stuff/bla + printf $((x + 1)) > $TEST_ROOT/counter + ''; __impure = true; impureEnvVars = [ "TEST_ROOT" ]; }; impureOnImpure = mkDerivation { name = "impure-on-impure"; - buildCommand = - '' - echo impure-on-impure - x=$(< ${impure}/n) - mkdir $out - printf X$x > $out/n - ln -s ${impure.stuff} $out/symlink - ln -s $out $out/self - ''; + buildCommand = '' + echo impure-on-impure + x=$(< ${impure}/n) + mkdir $out + printf X$x > $out/n + ln -s ${impure.stuff} $out/symlink + ln -s $out $out/self + ''; __impure = true; }; # This is not allowed. inputAddressed = mkDerivation { name = "input-addressed"; - buildCommand = - '' - cat ${impure} > $out - ''; + buildCommand = '' + cat ${impure} > $out + ''; }; contentAddressed = mkDerivation { name = "content-addressed"; - buildCommand = - '' - echo content-addressed - x=$(< ${impureOnImpure}/n) - printf ''${x:0:1} > $out - ''; + buildCommand = '' + echo content-addressed + x=$(< ${impureOnImpure}/n) + printf ''${x:0:1} > $out + ''; outputHashMode = "recursive"; outputHash = "sha256-eBYxcgkuWuiqs4cKNgKwkb3vY/HR0vVsJnqe8itJGcQ="; }; inputAddressedAfterCA = mkDerivation { name = "input-addressed-after-ca"; - buildCommand = - '' - cat ${contentAddressed} > $out - ''; + buildCommand = '' + cat ${contentAddressed} > $out + ''; }; } diff --git a/tests/functional/lang-gc/issue-11141-gc-coroutine-test.nix b/tests/functional/lang-gc/issue-11141-gc-coroutine-test.nix index 4f311af75d7..6dae5c155dd 100644 --- a/tests/functional/lang-gc/issue-11141-gc-coroutine-test.nix +++ b/tests/functional/lang-gc/issue-11141-gc-coroutine-test.nix @@ -1,4 +1,3 @@ - # Run: # GC_INITIAL_HEAP_SIZE=$[1024 * 1024] NIX_SHOW_STATS=1 nix eval -f gc-coroutine-test.nix -vvvv @@ -11,55 +10,56 @@ let # Generate a tree of numbers, n deep, such that the numbers add up to (1 + salt) * 10^n. # The salting makes the numbers all different, increasing the likelihood of catching # any memory corruptions that might be caused by the GC or otherwise. - garbage = salt: n: - if n == 0 - then [(1 + salt)] - else [ - (garbage (10 * salt + 1) (n - 1)) - (garbage (10 * salt - 1) (n - 1)) - (garbage (10 * salt + 2) (n - 1)) - (garbage (10 * salt - 2) (n - 1)) - (garbage (10 * salt + 3) (n - 1)) - (garbage (10 * salt - 3) (n - 1)) - (garbage (10 * salt + 4) (n - 1)) - (garbage (10 * salt - 4) (n - 1)) - (garbage (10 * salt + 5) (n - 1)) - (garbage (10 * salt - 5) (n - 1)) - ]; + garbage = + salt: n: + if n == 0 then + [ (1 + salt) ] + else + [ + (garbage (10 * salt + 1) (n - 1)) + (garbage (10 * salt - 1) (n - 1)) + (garbage (10 * salt + 2) (n - 1)) + (garbage (10 * salt - 2) (n - 1)) + (garbage (10 * salt + 3) (n - 1)) + (garbage (10 * salt - 3) (n - 1)) + (garbage (10 * salt + 4) (n - 1)) + (garbage (10 * salt - 4) (n - 1)) + (garbage (10 * salt + 5) (n - 1)) + (garbage (10 * salt - 5) (n - 1)) + ]; - pow = base: n: - if n == 0 - then 1 - else base * (pow base (n - 1)); + pow = base: n: if n == 0 then 1 else base * (pow base (n - 1)); - sumNestedLists = l: - if isList l - then foldl' (a: b: a + sumNestedLists b) 0 l - else l; + sumNestedLists = l: if isList l then foldl' (a: b: a + sumNestedLists b) 0 l else l; in - assert sumNestedLists (garbage 0 3) == pow 10 3; - assert sumNestedLists (garbage 0 6) == pow 10 6; - builtins.foldl' - (a: b: - assert - "${ - builtins.path { - path = ./src; - filter = path: type: - # We're not doing common subexpression elimination, so this reallocates - # the fairly big tree over and over, producing a lot of garbage during - # source filtering, whose filter runs in a coroutine. - assert sumNestedLists (garbage 0 3) == pow 10 3; - true; - } - }" - == "${./src}"; +assert sumNestedLists (garbage 0 3) == pow 10 3; +assert sumNestedLists (garbage 0 6) == pow 10 6; +builtins.foldl' + ( + a: b: + assert + "${builtins.path { + path = ./src; + filter = + path: type: + # We're not doing common subexpression elimination, so this reallocates + # the fairly big tree over and over, producing a lot of garbage during + # source filtering, whose filter runs in a coroutine. + assert sumNestedLists (garbage 0 3) == pow 10 3; + true; + }}" == "${./src}"; - # These asserts don't seem necessary, as the lambda value get corrupted first - assert a.okay; - assert b.okay; - { okay = true; } - ) + # These asserts don't seem necessary, as the lambda value get corrupted first + assert a.okay; + assert b.okay; + { + okay = true; + } + ) + { okay = true; } + [ + { okay = true; } + { okay = true; } { okay = true; } - [ { okay = true; } { okay = true; } { okay = true; } ] + ] diff --git a/tests/functional/lang/eval-fail-addDrvOutputDependencies-multi-elem-context.nix b/tests/functional/lang/eval-fail-addDrvOutputDependencies-multi-elem-context.nix index dbde264dfae..a1c3461cf48 100644 --- a/tests/functional/lang/eval-fail-addDrvOutputDependencies-multi-elem-context.nix +++ b/tests/functional/lang/eval-fail-addDrvOutputDependencies-multi-elem-context.nix @@ -3,16 +3,23 @@ let name = "fail"; builder = "/bin/false"; system = "x86_64-linux"; - outputs = [ "out" "foo" ]; + outputs = [ + "out" + "foo" + ]; }; drv1 = derivation { name = "fail-2"; builder = "/bin/false"; system = "x86_64-linux"; - outputs = [ "out" "foo" ]; + outputs = [ + "out" + "foo" + ]; }; combo-path = "${drv0.drvPath}${drv1.drvPath}"; -in builtins.addDrvOutputDependencies combo-path +in +builtins.addDrvOutputDependencies combo-path diff --git a/tests/functional/lang/eval-fail-addDrvOutputDependencies-wrong-element-kind.nix b/tests/functional/lang/eval-fail-addDrvOutputDependencies-wrong-element-kind.nix index e379e1d9598..6aab61c4068 100644 --- a/tests/functional/lang/eval-fail-addDrvOutputDependencies-wrong-element-kind.nix +++ b/tests/functional/lang/eval-fail-addDrvOutputDependencies-wrong-element-kind.nix @@ -3,7 +3,11 @@ let name = "fail"; builder = "/bin/false"; system = "x86_64-linux"; - outputs = [ "out" "foo" ]; + outputs = [ + "out" + "foo" + ]; }; -in builtins.addDrvOutputDependencies drv.outPath +in +builtins.addDrvOutputDependencies drv.outPath diff --git a/tests/functional/lang/eval-fail-addErrorContext-example.nix b/tests/functional/lang/eval-fail-addErrorContext-example.nix index 996b2468849..96a9cef84e7 100644 --- a/tests/functional/lang/eval-fail-addErrorContext-example.nix +++ b/tests/functional/lang/eval-fail-addErrorContext-example.nix @@ -1,9 +1,9 @@ let - countDown = n: - if n == 0 - then throw "kaboom" + countDown = + n: + if n == 0 then + throw "kaboom" else - builtins.addErrorContext - "while counting down; n = ${toString n}" - ("x" + countDown (n - 1)); -in countDown 10 + builtins.addErrorContext "while counting down; n = ${toString n}" ("x" + countDown (n - 1)); +in +countDown 10 diff --git a/tests/functional/lang/eval-fail-assert-equal-attrs-names-2.nix b/tests/functional/lang/eval-fail-assert-equal-attrs-names-2.nix index 8e7ac9cf2be..4bce2645612 100644 --- a/tests/functional/lang/eval-fail-assert-equal-attrs-names-2.nix +++ b/tests/functional/lang/eval-fail-assert-equal-attrs-names-2.nix @@ -1,2 +1,8 @@ -assert { a = true; } == { a = true; b = true; }; +assert + { + a = true; + } == { + a = true; + b = true; + }; throw "unreachable" diff --git a/tests/functional/lang/eval-fail-assert-equal-attrs-names.nix b/tests/functional/lang/eval-fail-assert-equal-attrs-names.nix index e2f53a85ad6..f9956999fa4 100644 --- a/tests/functional/lang/eval-fail-assert-equal-attrs-names.nix +++ b/tests/functional/lang/eval-fail-assert-equal-attrs-names.nix @@ -1,2 +1,8 @@ -assert { a = true; b = true; } == { a = true; }; +assert + { + a = true; + b = true; + } == { + a = true; + }; throw "unreachable" diff --git a/tests/functional/lang/eval-fail-assert-equal-derivations-extra.nix b/tests/functional/lang/eval-fail-assert-equal-derivations-extra.nix index fd8bc3f26ca..14a782a7743 100644 --- a/tests/functional/lang/eval-fail-assert-equal-derivations-extra.nix +++ b/tests/functional/lang/eval-fail-assert-equal-derivations-extra.nix @@ -1,5 +1,14 @@ assert - { foo = { type = "derivation"; outPath = "/nix/store/0"; }; } - == - { foo = { type = "derivation"; outPath = "/nix/store/1"; devious = true; }; }; -throw "unreachable" \ No newline at end of file + { + foo = { + type = "derivation"; + outPath = "/nix/store/0"; + }; + } == { + foo = { + type = "derivation"; + outPath = "/nix/store/1"; + devious = true; + }; + }; +throw "unreachable" diff --git a/tests/functional/lang/eval-fail-assert-equal-derivations.nix b/tests/functional/lang/eval-fail-assert-equal-derivations.nix index c648eae374b..0f6748c58bf 100644 --- a/tests/functional/lang/eval-fail-assert-equal-derivations.nix +++ b/tests/functional/lang/eval-fail-assert-equal-derivations.nix @@ -1,5 +1,15 @@ assert - { foo = { type = "derivation"; outPath = "/nix/store/0"; ignored = abort "not ignored"; }; } - == - { foo = { type = "derivation"; outPath = "/nix/store/1"; ignored = abort "not ignored"; }; }; -throw "unreachable" \ No newline at end of file + { + foo = { + type = "derivation"; + outPath = "/nix/store/0"; + ignored = abort "not ignored"; + }; + } == { + foo = { + type = "derivation"; + outPath = "/nix/store/1"; + ignored = abort "not ignored"; + }; + }; +throw "unreachable" diff --git a/tests/functional/lang/eval-fail-assert-equal-function-direct.nix b/tests/functional/lang/eval-fail-assert-equal-function-direct.nix index 68e5e390823..cd15c4a36d8 100644 --- a/tests/functional/lang/eval-fail-assert-equal-function-direct.nix +++ b/tests/functional/lang/eval-fail-assert-equal-function-direct.nix @@ -1,7 +1,4 @@ # Note: functions in nested structures, e.g. attributes, may be optimized away by pointer identity optimization. # This only compares a direct comparison and makes no claims about functions in nested structures. -assert - (x: x) - == - (x: x); -abort "unreachable" \ No newline at end of file +assert (x: x) == (x: x); +abort "unreachable" diff --git a/tests/functional/lang/eval-fail-assert-equal-list-length.nix b/tests/functional/lang/eval-fail-assert-equal-list-length.nix index 6d40f4d8e83..bd74ccccd34 100644 --- a/tests/functional/lang/eval-fail-assert-equal-list-length.nix +++ b/tests/functional/lang/eval-fail-assert-equal-list-length.nix @@ -1,2 +1,6 @@ -assert [ 1 0 ] == [ 10 ]; -throw "unreachable" \ No newline at end of file +assert + [ + 1 + 0 + ] == [ 10 ]; +throw "unreachable" diff --git a/tests/functional/lang/eval-fail-assert-equal-paths.nix b/tests/functional/lang/eval-fail-assert-equal-paths.nix index ef0b6702466..647e891b8ac 100644 --- a/tests/functional/lang/eval-fail-assert-equal-paths.nix +++ b/tests/functional/lang/eval-fail-assert-equal-paths.nix @@ -1,2 +1,2 @@ assert ./foo == ./bar; -throw "unreachable" \ No newline at end of file +throw "unreachable" diff --git a/tests/functional/lang/eval-fail-assert-nested-bool.nix b/tests/functional/lang/eval-fail-assert-nested-bool.nix index 2285769839e..c75fe06106b 100644 --- a/tests/functional/lang/eval-fail-assert-nested-bool.nix +++ b/tests/functional/lang/eval-fail-assert-nested-bool.nix @@ -1,6 +1,3 @@ -assert - { a.b = [ { c.d = true; } ]; } - == - { a.b = [ { c.d = false; } ]; }; +assert { a.b = [ { c.d = true; } ]; } == { a.b = [ { c.d = false; } ]; }; -abort "unreachable" \ No newline at end of file +abort "unreachable" diff --git a/tests/functional/lang/eval-fail-assert.nix b/tests/functional/lang/eval-fail-assert.nix index 3b7a1e8bf0c..7cb77504507 100644 --- a/tests/functional/lang/eval-fail-assert.nix +++ b/tests/functional/lang/eval-fail-assert.nix @@ -1,5 +1,8 @@ let { - x = arg: assert arg == "y"; 123; + x = + arg: + assert arg == "y"; + 123; body = x "x"; -} \ No newline at end of file +} diff --git a/tests/functional/lang/eval-fail-attr-name-type.nix b/tests/functional/lang/eval-fail-attr-name-type.nix index a0e76004a39..fb6ccdd41d5 100644 --- a/tests/functional/lang/eval-fail-attr-name-type.nix +++ b/tests/functional/lang/eval-fail-attr-name-type.nix @@ -1,7 +1,7 @@ let attrs = { - puppy.doggy = {}; + puppy.doggy = { }; }; key = 1; in - attrs.puppy.${key} +attrs.puppy.${key} diff --git a/tests/functional/lang/eval-fail-attrset-merge-drops-later-rec.nix b/tests/functional/lang/eval-fail-attrset-merge-drops-later-rec.nix index fdb314b9193..b6b56bf7d42 100644 --- a/tests/functional/lang/eval-fail-attrset-merge-drops-later-rec.nix +++ b/tests/functional/lang/eval-fail-attrset-merge-drops-later-rec.nix @@ -1 +1,8 @@ -{ a.b = 1; a = rec { c = d + 2; d = 3; }; }.c +{ + a.b = 1; + a = rec { + c = d + 2; + d = 3; + }; +} +.c diff --git a/tests/functional/lang/eval-fail-bad-string-interpolation-4.nix b/tests/functional/lang/eval-fail-bad-string-interpolation-4.nix index 457b5f06a88..e8349bbdff3 100644 --- a/tests/functional/lang/eval-fail-bad-string-interpolation-4.nix +++ b/tests/functional/lang/eval-fail-bad-string-interpolation-4.nix @@ -1,6 +1,16 @@ let # Basically a "billion laughs" attack, but toned down to simulated `pkgs`. - ha = x: y: { a = x y; b = x y; c = x y; d = x y; e = x y; f = x y; g = x y; h = x y; j = x y; }; + ha = x: y: { + a = x y; + b = x y; + c = x y; + d = x y; + e = x y; + f = x y; + g = x y; + h = x y; + j = x y; + }; has = ha (ha (ha (ha (x: x)))) "ha"; # A large structure that has already been evaluated. pkgs = builtins.deepSeq has has; diff --git a/tests/functional/lang/eval-fail-dup-dynamic-attrs.nix b/tests/functional/lang/eval-fail-dup-dynamic-attrs.nix index 7ea17f6c878..93cceefa48e 100644 --- a/tests/functional/lang/eval-fail-dup-dynamic-attrs.nix +++ b/tests/functional/lang/eval-fail-dup-dynamic-attrs.nix @@ -1,4 +1,8 @@ { - set = { "${"" + "b"}" = 1; }; - set = { "${"b" + ""}" = 2; }; + set = { + "${"" + "b"}" = 1; + }; + set = { + "${"b" + ""}" = 2; + }; } diff --git a/tests/functional/lang/eval-fail-duplicate-traces.nix b/tests/functional/lang/eval-fail-duplicate-traces.nix index 17ce374ece7..90526f6d48c 100644 --- a/tests/functional/lang/eval-fail-duplicate-traces.nix +++ b/tests/functional/lang/eval-fail-duplicate-traces.nix @@ -1,9 +1,6 @@ # Check that we only omit duplicate stack traces when there's a bunch of them. # Here, there's only a couple duplicate entries, so we output them all. let - throwAfter = n: - if n > 0 - then throwAfter (n - 1) - else throw "Uh oh!"; + throwAfter = n: if n > 0 then throwAfter (n - 1) else throw "Uh oh!"; in - throwAfter 2 +throwAfter 2 diff --git a/tests/functional/lang/eval-fail-fetchurl-baseName-attrs-name.nix b/tests/functional/lang/eval-fail-fetchurl-baseName-attrs-name.nix index 5838055390d..dcaf7202b11 100644 --- a/tests/functional/lang/eval-fail-fetchurl-baseName-attrs-name.nix +++ b/tests/functional/lang/eval-fail-fetchurl-baseName-attrs-name.nix @@ -1 +1,4 @@ -builtins.fetchurl { url = "https://example.com/foo.tar.gz"; name = "~wobble~"; } +builtins.fetchurl { + url = "https://example.com/foo.tar.gz"; + name = "~wobble~"; +} diff --git a/tests/functional/lang/eval-fail-flake-ref-to-string-negative-integer.nix b/tests/functional/lang/eval-fail-flake-ref-to-string-negative-integer.nix index e0208eb2519..9cc9ef6295b 100644 --- a/tests/functional/lang/eval-fail-flake-ref-to-string-negative-integer.nix +++ b/tests/functional/lang/eval-fail-flake-ref-to-string-negative-integer.nix @@ -1,7 +1,12 @@ -let n = -1; in builtins.seq n (builtins.flakeRefToString { - type = "github"; - owner = "NixOS"; - repo = n; - ref = "23.05"; - dir = "lib"; -}) +let + n = -1; +in +builtins.seq n ( + builtins.flakeRefToString { + type = "github"; + owner = "NixOS"; + repo = n; + ref = "23.05"; + dir = "lib"; + } +) diff --git a/tests/functional/lang/eval-fail-foldlStrict-strict-op-application.nix b/tests/functional/lang/eval-fail-foldlStrict-strict-op-application.nix index 1620cc76eeb..f85486d441e 100644 --- a/tests/functional/lang/eval-fail-foldlStrict-strict-op-application.nix +++ b/tests/functional/lang/eval-fail-foldlStrict-strict-op-application.nix @@ -1,5 +1,5 @@ # Tests that the result of applying op is forced even if the value is never used -builtins.foldl' - (_: f: f null) - null - [ (_: throw "Not the final value, but is still forced!") (_: 23) ] +builtins.foldl' (_: f: f null) null [ + (_: throw "Not the final value, but is still forced!") + (_: 23) +] diff --git a/tests/functional/lang/eval-fail-hashfile-missing.nix b/tests/functional/lang/eval-fail-hashfile-missing.nix index ce098b82380..0f2872b7155 100644 --- a/tests/functional/lang/eval-fail-hashfile-missing.nix +++ b/tests/functional/lang/eval-fail-hashfile-missing.nix @@ -1,5 +1,16 @@ let - paths = [ ./this-file-is-definitely-not-there-7392097 "/and/neither/is/this/37293620" ]; + paths = [ + ./this-file-is-definitely-not-there-7392097 + "/and/neither/is/this/37293620" + ]; in - toString (builtins.concatLists (map (hash: map (builtins.hashFile hash) paths) ["md5" "sha1" "sha256" "sha512"])) - +toString ( + builtins.concatLists ( + map (hash: map (builtins.hashFile hash) paths) [ + "md5" + "sha1" + "sha256" + "sha512" + ] + ) +) diff --git a/tests/functional/lang/eval-fail-list.nix b/tests/functional/lang/eval-fail-list.nix index fa749f2f740..14eb4efa9f6 100644 --- a/tests/functional/lang/eval-fail-list.nix +++ b/tests/functional/lang/eval-fail-list.nix @@ -1 +1 @@ -8++1 +8 ++ 1 diff --git a/tests/functional/lang/eval-fail-missing-arg.nix b/tests/functional/lang/eval-fail-missing-arg.nix index c4be9797c53..9037aa40a54 100644 --- a/tests/functional/lang/eval-fail-missing-arg.nix +++ b/tests/functional/lang/eval-fail-missing-arg.nix @@ -1 +1,12 @@ -({x, y, z}: x + y + z) {x = "foo"; z = "bar";} +( + { + x, + y, + z, + }: + x + y + z +) + { + x = "foo"; + z = "bar"; + } diff --git a/tests/functional/lang/eval-fail-mutual-recursion.nix b/tests/functional/lang/eval-fail-mutual-recursion.nix index d090d3158a3..421e464dd86 100644 --- a/tests/functional/lang/eval-fail-mutual-recursion.nix +++ b/tests/functional/lang/eval-fail-mutual-recursion.nix @@ -19,18 +19,22 @@ # - a few frames of A (skip the rest) # - a few frames of B (skip the rest, _and_ skip the remaining frames of A) let - throwAfterB = recurse: n: - if n > 0 - then throwAfterB recurse (n - 1) - else if recurse - then throwAfterA false 10 - else throw "Uh oh!"; + throwAfterB = + recurse: n: + if n > 0 then + throwAfterB recurse (n - 1) + else if recurse then + throwAfterA false 10 + else + throw "Uh oh!"; - throwAfterA = recurse: n: - if n > 0 - then throwAfterA recurse (n - 1) - else if recurse - then throwAfterB true 10 - else throw "Uh oh!"; + throwAfterA = + recurse: n: + if n > 0 then + throwAfterA recurse (n - 1) + else if recurse then + throwAfterB true 10 + else + throw "Uh oh!"; in - throwAfterA true 10 +throwAfterA true 10 diff --git a/tests/functional/lang/eval-fail-nested-list-items.nix b/tests/functional/lang/eval-fail-nested-list-items.nix index af45b1dd49a..d0aa1b5d3b9 100644 --- a/tests/functional/lang/eval-fail-nested-list-items.nix +++ b/tests/functional/lang/eval-fail-nested-list-items.nix @@ -8,4 +8,27 @@ # # error: cannot coerce a list to a string: [ [ 1 2 3 4 5 6 7 8 ] [ 1 «4294967290 items elided» ] ] -"" + (let v = [ [ 1 2 3 4 5 6 7 8 ] [1 2 3 4]]; in builtins.deepSeq v v) +"" ++ ( + let + v = [ + [ + 1 + 2 + 3 + 4 + 5 + 6 + 7 + 8 + ] + [ + 1 + 2 + 3 + 4 + ] + ]; + in + builtins.deepSeq v v +) diff --git a/tests/functional/lang/eval-fail-not-throws.nix b/tests/functional/lang/eval-fail-not-throws.nix index a74ce4ebeea..2e024738b68 100644 --- a/tests/functional/lang/eval-fail-not-throws.nix +++ b/tests/functional/lang/eval-fail-not-throws.nix @@ -1 +1 @@ -! (throw "uh oh!") +!(throw "uh oh!") diff --git a/tests/functional/lang/eval-fail-overflowing-add.nix b/tests/functional/lang/eval-fail-overflowing-add.nix index 24258fc200e..9e1e8aa7571 100644 --- a/tests/functional/lang/eval-fail-overflowing-add.nix +++ b/tests/functional/lang/eval-fail-overflowing-add.nix @@ -1,4 +1,5 @@ let a = 9223372036854775807; b = 1; -in a + b +in +a + b diff --git a/tests/functional/lang/eval-fail-overflowing-div.nix b/tests/functional/lang/eval-fail-overflowing-div.nix index 44fbe9d7e31..e21b0b2e57d 100644 --- a/tests/functional/lang/eval-fail-overflowing-div.nix +++ b/tests/functional/lang/eval-fail-overflowing-div.nix @@ -4,4 +4,5 @@ let # of range intMin = -9223372036854775807 - 1; b = -1; -in builtins.seq intMin (builtins.seq b (intMin / b)) +in +builtins.seq intMin (builtins.seq b (intMin / b)) diff --git a/tests/functional/lang/eval-fail-overflowing-mul.nix b/tests/functional/lang/eval-fail-overflowing-mul.nix index 6081d9c7b14..95b1375bb01 100644 --- a/tests/functional/lang/eval-fail-overflowing-mul.nix +++ b/tests/functional/lang/eval-fail-overflowing-mul.nix @@ -1,3 +1,4 @@ let a = 4294967297; -in a * a * a +in +a * a * a diff --git a/tests/functional/lang/eval-fail-overflowing-sub.nix b/tests/functional/lang/eval-fail-overflowing-sub.nix index 229b8c6d264..4f0203a6da5 100644 --- a/tests/functional/lang/eval-fail-overflowing-sub.nix +++ b/tests/functional/lang/eval-fail-overflowing-sub.nix @@ -1,4 +1,5 @@ let a = -9223372036854775807; b = 2; -in a - b +in +a - b diff --git a/tests/functional/lang/eval-fail-recursion.nix b/tests/functional/lang/eval-fail-recursion.nix index 075b5ed066b..88718a6e507 100644 --- a/tests/functional/lang/eval-fail-recursion.nix +++ b/tests/functional/lang/eval-fail-recursion.nix @@ -1 +1,4 @@ -let a = {} // a; in a.foo +let + a = { } // a; +in +a.foo diff --git a/tests/functional/lang/eval-fail-remove.nix b/tests/functional/lang/eval-fail-remove.nix index 539e0eb0a6f..9de066abe73 100644 --- a/tests/functional/lang/eval-fail-remove.nix +++ b/tests/functional/lang/eval-fail-remove.nix @@ -1,5 +1,8 @@ let { - attrs = {x = 123; y = 456;}; + attrs = { + x = 123; + y = 456; + }; - body = (removeAttrs attrs ["x"]).x; -} \ No newline at end of file + body = (removeAttrs attrs [ "x" ]).x; +} diff --git a/tests/functional/lang/eval-fail-scope-5.nix b/tests/functional/lang/eval-fail-scope-5.nix index f89a65a99be..ef6f1bb640e 100644 --- a/tests/functional/lang/eval-fail-scope-5.nix +++ b/tests/functional/lang/eval-fail-scope-5.nix @@ -3,8 +3,13 @@ let { x = "a"; y = "b"; - f = {x ? y, y ? x}: x + y; - - body = f {}; + f = + { + x ? y, + y ? x, + }: + x + y; + + body = f { }; } diff --git a/tests/functional/lang/eval-fail-undeclared-arg.nix b/tests/functional/lang/eval-fail-undeclared-arg.nix index cafdf163627..aca4511bbff 100644 --- a/tests/functional/lang/eval-fail-undeclared-arg.nix +++ b/tests/functional/lang/eval-fail-undeclared-arg.nix @@ -1 +1,5 @@ -({x, z}: x + z) {x = "foo"; y = "bla"; z = "bar";} +({ x, z }: x + z) { + x = "foo"; + y = "bla"; + z = "bar"; +} diff --git a/tests/functional/lang/eval-fail-using-set-as-attr-name.nix b/tests/functional/lang/eval-fail-using-set-as-attr-name.nix index 48e071a41cf..96390e35f6a 100644 --- a/tests/functional/lang/eval-fail-using-set-as-attr-name.nix +++ b/tests/functional/lang/eval-fail-using-set-as-attr-name.nix @@ -1,5 +1,7 @@ let - attr = {foo = "bar";}; - key = {}; + attr = { + foo = "bar"; + }; + key = { }; in - attr.${key} +attr.${key} diff --git a/tests/functional/lang/eval-okay-any-all.nix b/tests/functional/lang/eval-okay-any-all.nix index a3f26ea2aa8..643d36cb704 100644 --- a/tests/functional/lang/eval-okay-any-all.nix +++ b/tests/functional/lang/eval-okay-any-all.nix @@ -1,11 +1,34 @@ with builtins; -[ (any (x: x == 1) []) - (any (x: x == 1) [2 3 4]) - (any (x: x == 1) [1 2 3 4]) - (any (x: x == 1) [4 3 2 1]) - (all (x: x == 1) []) - (all (x: x == 1) [1]) - (all (x: x == 1) [1 2 3]) - (all (x: x == 1) [1 1 1]) +[ + (any (x: x == 1) [ ]) + (any (x: x == 1) [ + 2 + 3 + 4 + ]) + (any (x: x == 1) [ + 1 + 2 + 3 + 4 + ]) + (any (x: x == 1) [ + 4 + 3 + 2 + 1 + ]) + (all (x: x == 1) [ ]) + (all (x: x == 1) [ 1 ]) + (all (x: x == 1) [ + 1 + 2 + 3 + ]) + (all (x: x == 1) [ + 1 + 1 + 1 + ]) ] diff --git a/tests/functional/lang/eval-okay-arithmetic.nix b/tests/functional/lang/eval-okay-arithmetic.nix index 7e9e6a0b666..8160b4d84ca 100644 --- a/tests/functional/lang/eval-okay-arithmetic.nix +++ b/tests/functional/lang/eval-okay-arithmetic.nix @@ -2,58 +2,59 @@ with import ./lib.nix; let { - /* Supposedly tail recursive version: + /* + Supposedly tail recursive version: - range_ = accum: first: last: - if first == last then ([first] ++ accum) - else range_ ([first] ++ accum) (builtins.add first 1) last; + range_ = accum: first: last: + if first == last then ([first] ++ accum) + else range_ ([first] ++ accum) (builtins.add first 1) last; - range = range_ []; + range = range_ []; */ x = 12; err = abort "urgh"; - body = sum - [ (sum (range 1 50)) - (123 + 456) - (0 + -10 + -(-11) + -x) - (10 - 7 - -2) - (10 - (6 - -1)) - (10 - 1 + 2) - (3 * 4 * 5) - (56088 / 123 / 2) - (3 + 4 * const 5 0 - 6 / id 2) - - (builtins.bitAnd 12 10) # 0b1100 & 0b1010 = 8 - (builtins.bitOr 12 10) # 0b1100 | 0b1010 = 14 - (builtins.bitXor 12 10) # 0b1100 ^ 0b1010 = 6 - - (if 3 < 7 then 1 else err) - (if 7 < 3 then err else 1) - (if 3 < 3 then err else 1) - - (if 3 <= 7 then 1 else err) - (if 7 <= 3 then err else 1) - (if 3 <= 3 then 1 else err) - - (if 3 > 7 then err else 1) - (if 7 > 3 then 1 else err) - (if 3 > 3 then err else 1) - - (if 3 >= 7 then err else 1) - (if 7 >= 3 then 1 else err) - (if 3 >= 3 then 1 else err) - - (if 2 > 1 == 1 < 2 then 1 else err) - (if 1 + 2 * 3 >= 7 then 1 else err) - (if 1 + 2 * 3 < 7 then err else 1) - - # Not integer, but so what. - (if "aa" < "ab" then 1 else err) - (if "aa" < "aa" then err else 1) - (if "foo" < "foobar" then 1 else err) - ]; + body = sum [ + (sum (range 1 50)) + (123 + 456) + (0 + -10 + -(-11) + -x) + (10 - 7 - -2) + (10 - (6 - -1)) + (10 - 1 + 2) + (3 * 4 * 5) + (56088 / 123 / 2) + (3 + 4 * const 5 0 - 6 / id 2) + + (builtins.bitAnd 12 10) # 0b1100 & 0b1010 = 8 + (builtins.bitOr 12 10) # 0b1100 | 0b1010 = 14 + (builtins.bitXor 12 10) # 0b1100 ^ 0b1010 = 6 + + (if 3 < 7 then 1 else err) + (if 7 < 3 then err else 1) + (if 3 < 3 then err else 1) + + (if 3 <= 7 then 1 else err) + (if 7 <= 3 then err else 1) + (if 3 <= 3 then 1 else err) + + (if 3 > 7 then err else 1) + (if 7 > 3 then 1 else err) + (if 3 > 3 then err else 1) + + (if 3 >= 7 then err else 1) + (if 7 >= 3 then 1 else err) + (if 3 >= 3 then 1 else err) + + (if 2 > 1 == 1 < 2 then 1 else err) + (if 1 + 2 * 3 >= 7 then 1 else err) + (if 1 + 2 * 3 < 7 then err else 1) + + # Not integer, but so what. + (if "aa" < "ab" then 1 else err) + (if "aa" < "aa" then err else 1) + (if "foo" < "foobar" then 1 else err) + ]; } diff --git a/tests/functional/lang/eval-okay-attrnames.nix b/tests/functional/lang/eval-okay-attrnames.nix index e5b26e9f2e3..085e78084b0 100644 --- a/tests/functional/lang/eval-okay-attrnames.nix +++ b/tests/functional/lang/eval-okay-attrnames.nix @@ -2,10 +2,21 @@ with import ./lib.nix; let - attrs = {y = "y"; x = "x"; foo = "foo";} // rec {x = "newx"; bar = x;}; + attrs = + { + y = "y"; + x = "x"; + foo = "foo"; + } + // rec { + x = "newx"; + bar = x; + }; names = builtins.attrNames attrs; values = map (name: builtins.getAttr name attrs) names; -in assert values == builtins.attrValues attrs; concat values +in +assert values == builtins.attrValues attrs; +concat values diff --git a/tests/functional/lang/eval-okay-attrs.nix b/tests/functional/lang/eval-okay-attrs.nix index 810b31a5da9..787b9a933cf 100644 --- a/tests/functional/lang/eval-okay-attrs.nix +++ b/tests/functional/lang/eval-okay-attrs.nix @@ -1,5 +1,20 @@ let { - as = { x = 123; y = 456; } // { z = 789; } // { z = 987; }; + as = + { + x = 123; + y = 456; + } + // { + z = 789; + } + // { + z = 987; + }; - body = if as ? a then as.a else assert as ? z; as.z; + body = + if as ? a then + as.a + else + assert as ? z; + as.z; } diff --git a/tests/functional/lang/eval-okay-attrs2.nix b/tests/functional/lang/eval-okay-attrs2.nix index 9e06b83ac1f..0896f9cf1e1 100644 --- a/tests/functional/lang/eval-okay-attrs2.nix +++ b/tests/functional/lang/eval-okay-attrs2.nix @@ -1,10 +1,23 @@ let { - as = { x = 123; y = 456; } // { z = 789; } // { z = 987; }; + as = + { + x = 123; + y = 456; + } + // { + z = 789; + } + // { + z = 987; + }; A = "a"; Z = "z"; - body = if builtins.hasAttr A as - then builtins.getAttr A as - else assert builtins.hasAttr Z as; builtins.getAttr Z as; + body = + if builtins.hasAttr A as then + builtins.getAttr A as + else + assert builtins.hasAttr Z as; + builtins.getAttr Z as; } diff --git a/tests/functional/lang/eval-okay-attrs3.nix b/tests/functional/lang/eval-okay-attrs3.nix index f29de11fe66..cab345337dd 100644 --- a/tests/functional/lang/eval-okay-attrs3.nix +++ b/tests/functional/lang/eval-okay-attrs3.nix @@ -1,22 +1,22 @@ let - config = - { - services.sshd.enable = true; - services.sshd.port = 22; - services.httpd.port = 80; - hostName = "itchy"; - a.b.c.d.e.f.g.h.i.j.k.l.m.n.o.p.q.r.s.t.u.v.w.x.y.z = "x"; - foo = { - a = "a"; - b.c = "c"; - }; + config = { + services.sshd.enable = true; + services.sshd.port = 22; + services.httpd.port = 80; + hostName = "itchy"; + a.b.c.d.e.f.g.h.i.j.k.l.m.n.o.p.q.r.s.t.u.v.w.x.y.z = "x"; + foo = { + a = "a"; + b.c = "c"; }; + }; in - if config.services.sshd.enable - then "foo ${toString config.services.sshd.port} ${toString config.services.httpd.port} ${config.hostName}" - + "${config.a.b.c.d.e.f.g.h.i.j.k.l.m.n.o.p.q.r.s.t.u.v.w.x.y.z}" - + "${config.foo.a}" - + "${config.foo.b.c}" - else "bar" +if config.services.sshd.enable then + "foo ${toString config.services.sshd.port} ${toString config.services.httpd.port} ${config.hostName}" + + "${config.a.b.c.d.e.f.g.h.i.j.k.l.m.n.o.p.q.r.s.t.u.v.w.x.y.z}" + + "${config.foo.a}" + + "${config.foo.b.c}" +else + "bar" diff --git a/tests/functional/lang/eval-okay-attrs4.nix b/tests/functional/lang/eval-okay-attrs4.nix index 43ec81210f3..3e43e4bae4f 100644 --- a/tests/functional/lang/eval-okay-attrs4.nix +++ b/tests/functional/lang/eval-okay-attrs4.nix @@ -1,7 +1,20 @@ let - as = { x.y.z = 123; a.b.c = 456; }; + as = { + x.y.z = 123; + a.b.c = 456; + }; bs = null; -in [ (as ? x) (as ? y) (as ? x.y.z) (as ? x.y.z.a) (as ? x.y.a) (as ? a.b.c) (bs ? x) (bs ? x.y.z) ] +in +[ + (as ? x) + (as ? y) + (as ? x.y.z) + (as ? x.y.z.a) + (as ? x.y.a) + (as ? a.b.c) + (bs ? x) + (bs ? x.y.z) +] diff --git a/tests/functional/lang/eval-okay-attrs6.nix b/tests/functional/lang/eval-okay-attrs6.nix index 2e5c85483be..76c94af785a 100644 --- a/tests/functional/lang/eval-okay-attrs6.nix +++ b/tests/functional/lang/eval-okay-attrs6.nix @@ -1,4 +1,6 @@ rec { "${"foo"}" = "bar"; - __overrides = { bar = "qux"; }; + __overrides = { + bar = "qux"; + }; } diff --git a/tests/functional/lang/eval-okay-autoargs.nix b/tests/functional/lang/eval-okay-autoargs.nix index 815f51b1d67..bc82c569b48 100644 --- a/tests/functional/lang/eval-okay-autoargs.nix +++ b/tests/functional/lang/eval-okay-autoargs.nix @@ -4,12 +4,17 @@ let in -{ xyzzy2 ? xyzzy # mutually recursive args -, xyzzy ? "blaat" # will be overridden by --argstr -, fb ? foobar -, lib # will be set by --arg +{ + xyzzy2 ? xyzzy, # mutually recursive args + xyzzy ? "blaat", # will be overridden by --argstr + fb ? foobar, + lib, # will be set by --arg }: { - result = lib.concat [xyzzy xyzzy2 fb]; + result = lib.concat [ + xyzzy + xyzzy2 + fb + ]; } diff --git a/tests/functional/lang/eval-okay-builtins-add.nix b/tests/functional/lang/eval-okay-builtins-add.nix index c841816222a..f678f640f12 100644 --- a/tests/functional/lang/eval-okay-builtins-add.nix +++ b/tests/functional/lang/eval-okay-builtins-add.nix @@ -1,8 +1,8 @@ [ -(builtins.add 2 3) -(builtins.add 2 2) -(builtins.typeOf (builtins.add 2 2)) -("t" + "t") -(builtins.typeOf (builtins.add 2.0 2)) -(builtins.add 2.0 2) + (builtins.add 2 3) + (builtins.add 2 2) + (builtins.typeOf (builtins.add 2 2)) + ("t" + "t") + (builtins.typeOf (builtins.add 2.0 2)) + (builtins.add 2.0 2) ] diff --git a/tests/functional/lang/eval-okay-builtins.nix b/tests/functional/lang/eval-okay-builtins.nix index e9d65e88a81..be4114116f3 100644 --- a/tests/functional/lang/eval-okay-builtins.nix +++ b/tests/functional/lang/eval-okay-builtins.nix @@ -8,5 +8,5 @@ let { y = if builtins ? fnord then builtins.fnord "foo" else ""; body = x + y; - + } diff --git a/tests/functional/lang/eval-okay-callable-attrs.nix b/tests/functional/lang/eval-okay-callable-attrs.nix index 310a030df00..a4c1ace362b 100644 --- a/tests/functional/lang/eval-okay-callable-attrs.nix +++ b/tests/functional/lang/eval-okay-callable-attrs.nix @@ -1 +1,10 @@ -({ __functor = self: x: self.foo && x; foo = false; } // { foo = true; }) true +( + { + __functor = self: x: self.foo && x; + foo = false; + } + // { + foo = true; + } +) + true diff --git a/tests/functional/lang/eval-okay-catattrs.nix b/tests/functional/lang/eval-okay-catattrs.nix index 2c3dc10da52..7ec4ba7aeb2 100644 --- a/tests/functional/lang/eval-okay-catattrs.nix +++ b/tests/functional/lang/eval-okay-catattrs.nix @@ -1 +1,5 @@ -builtins.catAttrs "a" [ { a = 1; } { b = 0; } { a = 2; } ] +builtins.catAttrs "a" [ + { a = 1; } + { b = 0; } + { a = 2; } +] diff --git a/tests/functional/lang/eval-okay-closure.nix b/tests/functional/lang/eval-okay-closure.nix index cccd4dc3573..67c53d08947 100644 --- a/tests/functional/lang/eval-okay-closure.nix +++ b/tests/functional/lang/eval-okay-closure.nix @@ -1,13 +1,25 @@ let closure = builtins.genericClosure { - startSet = [{key = 80;}]; - operator = {key, foo ? false}: - if builtins.lessThan key 0 - then [] - else [{key = builtins.sub key 9;} {key = builtins.sub key 13; foo = true;}]; + startSet = [ { key = 80; } ]; + operator = + { + key, + foo ? false, + }: + if builtins.lessThan key 0 then + [ ] + else + [ + { key = builtins.sub key 9; } + { + key = builtins.sub key 13; + foo = true; + } + ]; }; sort = (import ./lib.nix).sortBy (a: b: builtins.lessThan a.key b.key); -in sort closure +in +sort closure diff --git a/tests/functional/lang/eval-okay-concat.nix b/tests/functional/lang/eval-okay-concat.nix index d158a9bf05b..ce754ca005f 100644 --- a/tests/functional/lang/eval-okay-concat.nix +++ b/tests/functional/lang/eval-okay-concat.nix @@ -1 +1,15 @@ -[1 2 3] ++ [4 5 6] ++ [7 8 9] +[ + 1 + 2 + 3 +] +++ [ + 4 + 5 + 6 +] +++ [ + 7 + 8 + 9 +] diff --git a/tests/functional/lang/eval-okay-concatmap.nix b/tests/functional/lang/eval-okay-concatmap.nix index 97da5d37a41..14b5461319e 100644 --- a/tests/functional/lang/eval-okay-concatmap.nix +++ b/tests/functional/lang/eval-okay-concatmap.nix @@ -1,5 +1,9 @@ with import ./lib.nix; -[ (builtins.concatMap (x: if x / 2 * 2 == x then [] else [ x ]) (range 0 10)) - (builtins.concatMap (x: [x] ++ ["z"]) ["a" "b"]) +[ + (builtins.concatMap (x: if x / 2 * 2 == x then [ ] else [ x ]) (range 0 10)) + (builtins.concatMap (x: [ x ] ++ [ "z" ]) [ + "a" + "b" + ]) ] diff --git a/tests/functional/lang/eval-okay-concatstringssep.nix b/tests/functional/lang/eval-okay-concatstringssep.nix index adc4c41bd55..2270d11b4c4 100644 --- a/tests/functional/lang/eval-okay-concatstringssep.nix +++ b/tests/functional/lang/eval-okay-concatstringssep.nix @@ -1,8 +1,17 @@ with builtins; -[ (concatStringsSep "" []) - (concatStringsSep "" ["foo" "bar" "xyzzy"]) - (concatStringsSep ", " ["foo" "bar" "xyzzy"]) - (concatStringsSep ", " ["foo"]) - (concatStringsSep ", " []) +[ + (concatStringsSep "" [ ]) + (concatStringsSep "" [ + "foo" + "bar" + "xyzzy" + ]) + (concatStringsSep ", " [ + "foo" + "bar" + "xyzzy" + ]) + (concatStringsSep ", " [ "foo" ]) + (concatStringsSep ", " [ ]) ] diff --git a/tests/functional/lang/eval-okay-context-introspection.nix b/tests/functional/lang/eval-okay-context-introspection.nix index 8886cf32e94..5ed99471901 100644 --- a/tests/functional/lang/eval-okay-context-introspection.nix +++ b/tests/functional/lang/eval-okay-context-introspection.nix @@ -3,7 +3,10 @@ let name = "fail"; builder = "/bin/false"; system = "x86_64-linux"; - outputs = [ "out" "foo" ]; + outputs = [ + "out" + "foo" + ]; }; path = "${./eval-okay-context-introspection.nix}"; @@ -13,7 +16,10 @@ let path = true; }; "${builtins.unsafeDiscardStringContext drv.drvPath}" = { - outputs = [ "foo" "out" ]; + outputs = [ + "foo" + "out" + ]; allOutputs = true; }; }; @@ -21,25 +27,22 @@ let combo-path = "${path}${drv.outPath}${drv.foo.outPath}${drv.drvPath}"; legit-context = builtins.getContext combo-path; - reconstructed-path = builtins.appendContext - (builtins.unsafeDiscardStringContext combo-path) - desired-context; + reconstructed-path = builtins.appendContext (builtins.unsafeDiscardStringContext combo-path) desired-context; # Eta rule for strings with context. - etaRule = str: - str == builtins.appendContext - (builtins.unsafeDiscardStringContext str) - (builtins.getContext str); + etaRule = + str: + str == builtins.appendContext (builtins.unsafeDiscardStringContext str) (builtins.getContext str); # Only holds true if string context contains both a `DrvDeep` and # `Opaque` element. - almostEtaRule = str: - str == builtins.addDrvOutputDependencies - (builtins.unsafeDiscardOutputDependency str); + almostEtaRule = + str: str == builtins.addDrvOutputDependencies (builtins.unsafeDiscardOutputDependency str); - addDrvOutputDependencies_idempotent = str: - builtins.addDrvOutputDependencies str == - builtins.addDrvOutputDependencies (builtins.addDrvOutputDependencies str); + addDrvOutputDependencies_idempotent = + str: + builtins.addDrvOutputDependencies str + == builtins.addDrvOutputDependencies (builtins.addDrvOutputDependencies str); rules = str: [ (etaRule str) @@ -47,12 +50,14 @@ let (addDrvOutputDependencies_idempotent str) ]; -in [ +in +[ (legit-context == desired-context) (reconstructed-path == combo-path) (etaRule "foo") (etaRule drv.foo.outPath) -] ++ builtins.concatMap rules [ +] +++ builtins.concatMap rules [ drv.drvPath (builtins.addDrvOutputDependencies drv.drvPath) (builtins.unsafeDiscardOutputDependency drv.drvPath) diff --git a/tests/functional/lang/eval-okay-context.nix b/tests/functional/lang/eval-okay-context.nix index 7b9531cfe9e..102bc22599c 100644 --- a/tests/functional/lang/eval-okay-context.nix +++ b/tests/functional/lang/eval-okay-context.nix @@ -1,6 +1,7 @@ -let s = "foo ${builtins.substring 33 100 (baseNameOf "${./eval-okay-context.nix}")} bar"; +let + s = "foo ${builtins.substring 33 100 (baseNameOf "${./eval-okay-context.nix}")} bar"; in - if s != "foo eval-okay-context.nix bar" - then abort "context not discarded" - else builtins.unsafeDiscardStringContext s - +if s != "foo eval-okay-context.nix bar" then + abort "context not discarded" +else + builtins.unsafeDiscardStringContext s diff --git a/tests/functional/lang/eval-okay-convertHash.nix b/tests/functional/lang/eval-okay-convertHash.nix index a0191ee8df1..6d5074fea23 100644 --- a/tests/functional/lang/eval-okay-convertHash.nix +++ b/tests/functional/lang/eval-okay-convertHash.nix @@ -1,33 +1,131 @@ let - hashAlgos = [ "md5" "md5" "md5" "sha1" "sha1" "sha1" "sha256" "sha256" "sha256" "sha512" "sha512" "sha512" ]; + hashAlgos = [ + "md5" + "md5" + "md5" + "sha1" + "sha1" + "sha1" + "sha256" + "sha256" + "sha256" + "sha512" + "sha512" + "sha512" + ]; hashesBase16 = import ./eval-okay-hashstring.exp; - map2 = f: { fsts, snds }: if fsts == [ ] then [ ] else [ (f (builtins.head fsts) (builtins.head snds)) ] ++ map2 f { fsts = builtins.tail fsts; snds = builtins.tail snds; }; - map2' = f: fsts: snds: map2 f { inherit fsts snds; }; + map2 = + f: + { fsts, snds }: + if fsts == [ ] then + [ ] + else + [ (f (builtins.head fsts) (builtins.head snds)) ] + ++ map2 f { + fsts = builtins.tail fsts; + snds = builtins.tail snds; + }; + map2' = + f: fsts: snds: + map2 f { inherit fsts snds; }; getOutputHashes = hashes: { - hashesBase16 = map2' (hashAlgo: hash: builtins.convertHash { inherit hash hashAlgo; toHashFormat = "base16";}) hashAlgos hashes; - hashesNix32 = map2' (hashAlgo: hash: builtins.convertHash { inherit hash hashAlgo; toHashFormat = "nix32";}) hashAlgos hashes; - hashesBase32 = map2' (hashAlgo: hash: builtins.convertHash { inherit hash hashAlgo; toHashFormat = "base32";}) hashAlgos hashes; - hashesBase64 = map2' (hashAlgo: hash: builtins.convertHash { inherit hash hashAlgo; toHashFormat = "base64";}) hashAlgos hashes; - hashesSRI = map2' (hashAlgo: hash: builtins.convertHash { inherit hash hashAlgo; toHashFormat = "sri" ;}) hashAlgos hashes; + hashesBase16 = map2' ( + hashAlgo: hash: + builtins.convertHash { + inherit hash hashAlgo; + toHashFormat = "base16"; + } + ) hashAlgos hashes; + hashesNix32 = map2' ( + hashAlgo: hash: + builtins.convertHash { + inherit hash hashAlgo; + toHashFormat = "nix32"; + } + ) hashAlgos hashes; + hashesBase32 = map2' ( + hashAlgo: hash: + builtins.convertHash { + inherit hash hashAlgo; + toHashFormat = "base32"; + } + ) hashAlgos hashes; + hashesBase64 = map2' ( + hashAlgo: hash: + builtins.convertHash { + inherit hash hashAlgo; + toHashFormat = "base64"; + } + ) hashAlgos hashes; + hashesSRI = map2' ( + hashAlgo: hash: + builtins.convertHash { + inherit hash hashAlgo; + toHashFormat = "sri"; + } + ) hashAlgos hashes; }; getOutputHashesColon = hashes: { - hashesBase16 = map2' (hashAlgo: hashBody: builtins.convertHash { hash = hashAlgo + ":" + hashBody; toHashFormat = "base16";}) hashAlgos hashes; - hashesNix32 = map2' (hashAlgo: hashBody: builtins.convertHash { hash = hashAlgo + ":" + hashBody; toHashFormat = "nix32";}) hashAlgos hashes; - hashesBase32 = map2' (hashAlgo: hashBody: builtins.convertHash { hash = hashAlgo + ":" + hashBody; toHashFormat = "base32";}) hashAlgos hashes; - hashesBase64 = map2' (hashAlgo: hashBody: builtins.convertHash { hash = hashAlgo + ":" + hashBody; toHashFormat = "base64";}) hashAlgos hashes; - hashesSRI = map2' (hashAlgo: hashBody: builtins.convertHash { hash = hashAlgo + ":" + hashBody; toHashFormat = "sri" ;}) hashAlgos hashes; + hashesBase16 = map2' ( + hashAlgo: hashBody: + builtins.convertHash { + hash = hashAlgo + ":" + hashBody; + toHashFormat = "base16"; + } + ) hashAlgos hashes; + hashesNix32 = map2' ( + hashAlgo: hashBody: + builtins.convertHash { + hash = hashAlgo + ":" + hashBody; + toHashFormat = "nix32"; + } + ) hashAlgos hashes; + hashesBase32 = map2' ( + hashAlgo: hashBody: + builtins.convertHash { + hash = hashAlgo + ":" + hashBody; + toHashFormat = "base32"; + } + ) hashAlgos hashes; + hashesBase64 = map2' ( + hashAlgo: hashBody: + builtins.convertHash { + hash = hashAlgo + ":" + hashBody; + toHashFormat = "base64"; + } + ) hashAlgos hashes; + hashesSRI = map2' ( + hashAlgo: hashBody: + builtins.convertHash { + hash = hashAlgo + ":" + hashBody; + toHashFormat = "sri"; + } + ) hashAlgos hashes; }; outputHashes = getOutputHashes hashesBase16; in # map2'` -assert map2' (s1: s2: s1 + s2) [ "a" "b" ] [ "c" "d" ] == [ "ac" "bd" ]; +assert + map2' (s1: s2: s1 + s2) [ "a" "b" ] [ "c" "d" ] == [ + "ac" + "bd" + ]; # hashesBase16 assert outputHashes.hashesBase16 == hashesBase16; # standard SRI hashes -assert outputHashes.hashesSRI == (map2' (hashAlgo: hashBody: hashAlgo + "-" + hashBody) hashAlgos outputHashes.hashesBase64); +assert + outputHashes.hashesSRI + == (map2' (hashAlgo: hashBody: hashAlgo + "-" + hashBody) hashAlgos outputHashes.hashesBase64); # without prefix assert builtins.all (x: getOutputHashes x == outputHashes) (builtins.attrValues outputHashes); # colon-separated. # Note that colon prefix must not be applied to the standard SRI. e.g. "sha256:sha256-..." is illegal. -assert builtins.all (x: getOutputHashesColon x == outputHashes) (with outputHashes; [ hashesBase16 hashesBase32 hashesBase64 ]); +assert builtins.all (x: getOutputHashesColon x == outputHashes) ( + with outputHashes; + [ + hashesBase16 + hashesBase32 + hashesBase64 + ] +); outputHashes diff --git a/tests/functional/lang/eval-okay-deepseq.nix b/tests/functional/lang/eval-okay-deepseq.nix index 53aa4b1dc25..f9aa5f720f3 100644 --- a/tests/functional/lang/eval-okay-deepseq.nix +++ b/tests/functional/lang/eval-okay-deepseq.nix @@ -1 +1,9 @@ -builtins.deepSeq (let as = { x = 123; y = as; }; in as) 456 +builtins.deepSeq ( + let + as = { + x = 123; + y = as; + }; + in + as +) 456 diff --git a/tests/functional/lang/eval-okay-delayed-with-inherit.nix b/tests/functional/lang/eval-okay-delayed-with-inherit.nix index 84b388c2713..10ce7df13c0 100644 --- a/tests/functional/lang/eval-okay-delayed-with-inherit.nix +++ b/tests/functional/lang/eval-okay-delayed-with-inherit.nix @@ -4,7 +4,10 @@ let name = "a"; system = builtins.currentSystem; builder = "/bin/sh"; - args = [ "-c" "touch $out" ]; + args = [ + "-c" + "touch $out" + ]; inherit b; }; @@ -16,9 +19,13 @@ let name = "b-overridden"; system = builtins.currentSystem; builder = "/bin/sh"; - args = [ "-c" "touch $out" ]; + args = [ + "-c" + "touch $out" + ]; }; }; pkgs = pkgs_ // (packageOverrides pkgs_); -in pkgs.a.b.name +in +pkgs.a.b.name diff --git a/tests/functional/lang/eval-okay-delayed-with.nix b/tests/functional/lang/eval-okay-delayed-with.nix index 3fb023e1cd4..52ec24e12e4 100644 --- a/tests/functional/lang/eval-okay-delayed-with.nix +++ b/tests/functional/lang/eval-okay-delayed-with.nix @@ -5,7 +5,10 @@ let name = "a"; system = builtins.currentSystem; builder = "/bin/sh"; - args = [ "-c" "touch $out" ]; + args = [ + "-c" + "touch $out" + ]; inherit b; }; @@ -13,17 +16,22 @@ let name = "b"; system = builtins.currentSystem; builder = "/bin/sh"; - args = [ "-c" "touch $out" ]; + args = [ + "-c" + "touch $out" + ]; inherit a; }; c = b; }; - packageOverrides = pkgs: with pkgs; { - b = derivation (b.drvAttrs // { name = "${b.name}-overridden"; }); - }; + packageOverrides = + pkgs: with pkgs; { + b = derivation (b.drvAttrs // { name = "${b.name}-overridden"; }); + }; pkgs = pkgs_ // (packageOverrides pkgs_); -in "${pkgs.a.b.name} ${pkgs.c.name} ${pkgs.b.a.name}" +in +"${pkgs.a.b.name} ${pkgs.c.name} ${pkgs.b.a.name}" diff --git a/tests/functional/lang/eval-okay-dynamic-attrs-2.nix b/tests/functional/lang/eval-okay-dynamic-attrs-2.nix index 6d57bf85490..95fe79e2558 100644 --- a/tests/functional/lang/eval-okay-dynamic-attrs-2.nix +++ b/tests/functional/lang/eval-okay-dynamic-attrs-2.nix @@ -1 +1,5 @@ -{ a."${"b"}" = true; a."${"c"}" = false; }.a.b +{ + a."${"b"}" = true; + a."${"c"}" = false; +} +.a.b diff --git a/tests/functional/lang/eval-okay-dynamic-attrs-bare.nix b/tests/functional/lang/eval-okay-dynamic-attrs-bare.nix index 0dbe15e6384..a612bf69dfa 100644 --- a/tests/functional/lang/eval-okay-dynamic-attrs-bare.nix +++ b/tests/functional/lang/eval-okay-dynamic-attrs-bare.nix @@ -2,7 +2,8 @@ let aString = "a"; bString = "b"; -in { +in +{ hasAttrs = { a.b = null; } ? ${aString}.b; selectAttrs = { a.b = true; }.a.${bString}; @@ -11,7 +12,17 @@ in { binds = { ${aString}."${bString}c" = true; }.a.bc; - recBinds = rec { ${bString} = a; a = true; }.b; + recBinds = + rec { + ${bString} = a; + a = true; + } + .b; - multiAttrs = { ${aString} = true; ${bString} = false; }.a; + multiAttrs = + { + ${aString} = true; + ${bString} = false; + } + .a; } diff --git a/tests/functional/lang/eval-okay-dynamic-attrs.nix b/tests/functional/lang/eval-okay-dynamic-attrs.nix index ee02ac7e657..f46e26b992f 100644 --- a/tests/functional/lang/eval-okay-dynamic-attrs.nix +++ b/tests/functional/lang/eval-okay-dynamic-attrs.nix @@ -2,7 +2,8 @@ let aString = "a"; bString = "b"; -in { +in +{ hasAttrs = { a.b = null; } ? "${aString}".b; selectAttrs = { a.b = true; }.a."${bString}"; @@ -11,7 +12,17 @@ in { binds = { "${aString}"."${bString}c" = true; }.a.bc; - recBinds = rec { "${bString}" = a; a = true; }.b; + recBinds = + rec { + "${bString}" = a; + a = true; + } + .b; - multiAttrs = { "${aString}" = true; "${bString}" = false; }.a; + multiAttrs = + { + "${aString}" = true; + "${bString}" = false; + } + .a; } diff --git a/tests/functional/lang/eval-okay-elem.nix b/tests/functional/lang/eval-okay-elem.nix index 71ea7a4ed03..004111dcc69 100644 --- a/tests/functional/lang/eval-okay-elem.nix +++ b/tests/functional/lang/eval-okay-elem.nix @@ -1,6 +1,11 @@ with import ./lib.nix; -let xs = range 10 40; in - -[ (builtins.elem 23 xs) (builtins.elem 42 xs) (builtins.elemAt xs 20) ] +let + xs = range 10 40; +in +[ + (builtins.elem 23 xs) + (builtins.elem 42 xs) + (builtins.elemAt xs 20) +] diff --git a/tests/functional/lang/eval-okay-empty-args.nix b/tests/functional/lang/eval-okay-empty-args.nix index 78c133afdd9..9466749f6ab 100644 --- a/tests/functional/lang/eval-okay-empty-args.nix +++ b/tests/functional/lang/eval-okay-empty-args.nix @@ -1 +1,4 @@ -({}: {x,y,}: "${x}${y}") {} {x = "a"; y = "b";} +({ }: { x, y }: "${x}${y}") { } { + x = "a"; + y = "b"; +} diff --git a/tests/functional/lang/eval-okay-eq-derivations.nix b/tests/functional/lang/eval-okay-eq-derivations.nix index d526cb4a216..ac802f433c7 100644 --- a/tests/functional/lang/eval-okay-eq-derivations.nix +++ b/tests/functional/lang/eval-okay-eq-derivations.nix @@ -1,10 +1,40 @@ let - drvA1 = derivation { name = "a"; builder = "/foo"; system = "i686-linux"; }; - drvA2 = derivation { name = "a"; builder = "/foo"; system = "i686-linux"; }; - drvA3 = derivation { name = "a"; builder = "/foo"; system = "i686-linux"; } // { dummy = 1; }; - - drvC1 = derivation { name = "c"; builder = "/foo"; system = "i686-linux"; }; - drvC2 = derivation { name = "c"; builder = "/bar"; system = "i686-linux"; }; + drvA1 = derivation { + name = "a"; + builder = "/foo"; + system = "i686-linux"; + }; + drvA2 = derivation { + name = "a"; + builder = "/foo"; + system = "i686-linux"; + }; + drvA3 = + derivation { + name = "a"; + builder = "/foo"; + system = "i686-linux"; + } + // { + dummy = 1; + }; -in [ (drvA1 == drvA1) (drvA1 == drvA2) (drvA1 == drvA3) (drvC1 == drvC2) ] + drvC1 = derivation { + name = "c"; + builder = "/foo"; + system = "i686-linux"; + }; + drvC2 = derivation { + name = "c"; + builder = "/bar"; + system = "i686-linux"; + }; + +in +[ + (drvA1 == drvA1) + (drvA1 == drvA2) + (drvA1 == drvA3) + (drvC1 == drvC2) +] diff --git a/tests/functional/lang/eval-okay-eq.nix b/tests/functional/lang/eval-okay-eq.nix index 73d200b3814..21cb08790ca 100644 --- a/tests/functional/lang/eval-okay-eq.nix +++ b/tests/functional/lang/eval-okay-eq.nix @@ -1,3 +1,13 @@ -["foobar" (rec {x = 1; y = x;})] -== -[("foo" + "bar") ({x = 1; y = 1;})] +[ + "foobar" + (rec { + x = 1; + y = x; + }) +] == [ + ("foo" + "bar") + ({ + x = 1; + y = 1; + }) +] diff --git a/tests/functional/lang/eval-okay-filter.nix b/tests/functional/lang/eval-okay-filter.nix index 85109b0d0eb..ef4e490c0fd 100644 --- a/tests/functional/lang/eval-okay-filter.nix +++ b/tests/functional/lang/eval-okay-filter.nix @@ -1,5 +1,8 @@ with import ./lib.nix; -builtins.filter - (x: x / 2 * 2 == x) - (builtins.concatLists [ (range 0 10) (range 100 110) ]) +builtins.filter (x: x / 2 * 2 == x) ( + builtins.concatLists [ + (range 0 10) + (range 100 110) + ] +) diff --git a/tests/functional/lang/eval-okay-flake-ref-to-string.nix b/tests/functional/lang/eval-okay-flake-ref-to-string.nix index dbb4e5b2af4..f477ba52caf 100644 --- a/tests/functional/lang/eval-okay-flake-ref-to-string.nix +++ b/tests/functional/lang/eval-okay-flake-ref-to-string.nix @@ -1,7 +1,7 @@ builtins.flakeRefToString { - type = "github"; + type = "github"; owner = "NixOS"; - repo = "nixpkgs"; - ref = "23.05"; - dir = "lib"; + repo = "nixpkgs"; + ref = "23.05"; + dir = "lib"; } diff --git a/tests/functional/lang/eval-okay-flatten.nix b/tests/functional/lang/eval-okay-flatten.nix index fe911e9683e..ade74c8e8fe 100644 --- a/tests/functional/lang/eval-okay-flatten.nix +++ b/tests/functional/lang/eval-okay-flatten.nix @@ -2,7 +2,19 @@ with import ./lib.nix; let { - l = ["1" "2" ["3" ["4"] ["5" "6"]] "7"]; + l = [ + "1" + "2" + [ + "3" + [ "4" ] + [ + "5" + "6" + ] + ] + "7" + ]; body = concat (flatten l); } diff --git a/tests/functional/lang/eval-okay-floor-ceil.nix b/tests/functional/lang/eval-okay-floor-ceil.nix index d76a0d86ea7..06f1a13d252 100644 --- a/tests/functional/lang/eval-okay-floor-ceil.nix +++ b/tests/functional/lang/eval-okay-floor-ceil.nix @@ -6,4 +6,11 @@ let n3 = builtins.floor 23; n4 = builtins.ceil 23; in - builtins.concatStringsSep ";" (map toString [ n1 n2 n3 n4 ]) +builtins.concatStringsSep ";" ( + map toString [ + n1 + n2 + n3 + n4 + ] +) diff --git a/tests/functional/lang/eval-okay-foldlStrict-lazy-elements.nix b/tests/functional/lang/eval-okay-foldlStrict-lazy-elements.nix index c666e07f3ae..49751c759d0 100644 --- a/tests/functional/lang/eval-okay-foldlStrict-lazy-elements.nix +++ b/tests/functional/lang/eval-okay-foldlStrict-lazy-elements.nix @@ -1,9 +1,6 @@ # Tests that the rhs argument of op is not forced unconditionally let - lst = builtins.foldl' - (acc: x: acc ++ [ x ]) - [ ] - [ 42 (throw "this shouldn't be evaluated") ]; + lst = builtins.foldl' (acc: x: acc ++ [ x ]) [ ] [ 42 (throw "this shouldn't be evaluated") ]; in builtins.head lst diff --git a/tests/functional/lang/eval-okay-foldlStrict-lazy-initial-accumulator.nix b/tests/functional/lang/eval-okay-foldlStrict-lazy-initial-accumulator.nix index abcd5366ab8..9cf0ef32c87 100644 --- a/tests/functional/lang/eval-okay-foldlStrict-lazy-initial-accumulator.nix +++ b/tests/functional/lang/eval-okay-foldlStrict-lazy-initial-accumulator.nix @@ -1,6 +1,6 @@ # Checks that the nul value for the accumulator is not forced unconditionally. # Some languages provide a foldl' that is strict in this argument, but Nix does not. -builtins.foldl' - (_: x: x) - (throw "This is never forced") - [ "but the results of applying op are" 42 ] +builtins.foldl' (_: x: x) (throw "This is never forced") [ + "but the results of applying op are" + 42 +] diff --git a/tests/functional/lang/eval-okay-fromjson-escapes.nix b/tests/functional/lang/eval-okay-fromjson-escapes.nix index f0071350773..6330e9c8667 100644 --- a/tests/functional/lang/eval-okay-fromjson-escapes.nix +++ b/tests/functional/lang/eval-okay-fromjson-escapes.nix @@ -1,3 +1,4 @@ # This string contains all supported escapes in a JSON string, per json.org # \b and \f are not supported by Nix -builtins.fromJSON ''"quote \" reverse solidus \\ solidus \/ backspace \b formfeed \f newline \n carriage return \r horizontal tab \t 1 char unicode encoded backspace \u0008 1 char unicode encoded e with accent \u00e9 2 char unicode encoded s with caron \u0161 3 char unicode encoded rightwards arrow \u2192"'' +builtins.fromJSON + ''"quote \" reverse solidus \\ solidus \/ backspace \b formfeed \f newline \n carriage return \r horizontal tab \t 1 char unicode encoded backspace \u0008 1 char unicode encoded e with accent \u00e9 2 char unicode encoded s with caron \u0161 3 char unicode encoded rightwards arrow \u2192"'' diff --git a/tests/functional/lang/eval-okay-fromjson.nix b/tests/functional/lang/eval-okay-fromjson.nix index 4c526b9ae5d..0e8a2351fe8 100644 --- a/tests/functional/lang/eval-okay-fromjson.nix +++ b/tests/functional/lang/eval-okay-fromjson.nix @@ -1,41 +1,55 @@ -builtins.fromJSON - '' - { - "Video": { - "Title": "The Penguin Chronicles", - "Width": 1920, - "Height": 1080, - "EmbeddedData": [3.14159, 23493,null, true ,false, -10], - "Thumb": { - "Url": "http://www.example.com/video/5678931", - "Width": 200, - "Height": 250 - }, - "Animated" : false, - "IDs": [116, 943, 234, 38793, true ,false,null, -100], - "Escapes": "\"\\\/\t\n\r\t", - "Subtitle" : false, - "Latitude": 37.7668, - "Longitude": -122.3959 - } - } - '' -== - { Video = - { Title = "The Penguin Chronicles"; - Width = 1920; - Height = 1080; - EmbeddedData = [ 3.14159 23493 null true false (0-10) ]; - Thumb = - { Url = "http://www.example.com/video/5678931"; - Width = 200; - Height = 250; - }; - Animated = false; - IDs = [ 116 943 234 38793 true false null (0-100) ]; - Escapes = "\"\\\/\t\n\r\t"; # supported in JSON but not Nix: \b\f - Subtitle = false; - Latitude = 37.7668; - Longitude = -122.3959; - }; +builtins.fromJSON '' + { + "Video": { + "Title": "The Penguin Chronicles", + "Width": 1920, + "Height": 1080, + "EmbeddedData": [3.14159, 23493,null, true ,false, -10], + "Thumb": { + "Url": "http://www.example.com/video/5678931", + "Width": 200, + "Height": 250 + }, + "Animated" : false, + "IDs": [116, 943, 234, 38793, true ,false,null, -100], + "Escapes": "\"\\\/\t\n\r\t", + "Subtitle" : false, + "Latitude": 37.7668, + "Longitude": -122.3959 + } } +'' == { + Video = { + Title = "The Penguin Chronicles"; + Width = 1920; + Height = 1080; + EmbeddedData = [ + 3.14159 + 23493 + null + true + false + (0 - 10) + ]; + Thumb = { + Url = "http://www.example.com/video/5678931"; + Width = 200; + Height = 250; + }; + Animated = false; + IDs = [ + 116 + 943 + 234 + 38793 + true + false + null + (0 - 100) + ]; + Escapes = "\"\\\/\t\n\r\t"; # supported in JSON but not Nix: \b\f + Subtitle = false; + Latitude = 37.7668; + Longitude = -122.3959; + }; +} diff --git a/tests/functional/lang/eval-okay-functionargs.nix b/tests/functional/lang/eval-okay-functionargs.nix index 68dca62ee18..7c11f19c235 100644 --- a/tests/functional/lang/eval-okay-functionargs.nix +++ b/tests/functional/lang/eval-okay-functionargs.nix @@ -1,29 +1,74 @@ let - stdenvFun = { }: { name = "stdenv"; }; - stdenv2Fun = { }: { name = "stdenv2"; }; - fetchurlFun = { stdenv }: assert stdenv.name == "stdenv"; { name = "fetchurl"; }; - atermFun = { stdenv, fetchurl }: { name = "aterm-${stdenv.name}"; }; - aterm2Fun = { stdenv, fetchurl }: { name = "aterm2-${stdenv.name}"; }; - nixFun = { stdenv, fetchurl, aterm }: { name = "nix-${stdenv.name}-${aterm.name}"; }; - + stdenvFun = + { }: + { + name = "stdenv"; + }; + stdenv2Fun = + { }: + { + name = "stdenv2"; + }; + fetchurlFun = + { stdenv }: + assert stdenv.name == "stdenv"; + { + name = "fetchurl"; + }; + atermFun = + { stdenv, fetchurl }: + { + name = "aterm-${stdenv.name}"; + }; + aterm2Fun = + { stdenv, fetchurl }: + { + name = "aterm2-${stdenv.name}"; + }; + nixFun = + { + stdenv, + fetchurl, + aterm, + }: + { + name = "nix-${stdenv.name}-${aterm.name}"; + }; + mplayerFun = - { stdenv, fetchurl, enableX11 ? false, xorg ? null, enableFoo ? true, foo ? null }: + { + stdenv, + fetchurl, + enableX11 ? false, + xorg ? null, + enableFoo ? true, + foo ? null, + }: assert stdenv.name == "stdenv2"; assert enableX11 -> xorg.libXv.name == "libXv"; assert enableFoo -> foo != null; - { name = "mplayer-${stdenv.name}.${xorg.libXv.name}-${xorg.libX11.name}"; }; + { + name = "mplayer-${stdenv.name}.${xorg.libXv.name}-${xorg.libX11.name}"; + }; - makeOverridable = f: origArgs: f origArgs // - { override = newArgs: + makeOverridable = + f: origArgs: + f origArgs + // { + override = + newArgs: makeOverridable f (origArgs // (if builtins.isFunction newArgs then newArgs origArgs else newArgs)); }; - - callPackage_ = pkgs: f: args: + + callPackage_ = + pkgs: f: args: makeOverridable f ((builtins.intersectAttrs (builtins.functionArgs f) pkgs) // args); allPackages = - { overrides ? (pkgs: pkgsPrev: { }) }: + { + overrides ? (pkgs: pkgsPrev: { }), + }: let callPackage = callPackage_ pkgs; pkgs = pkgsStd // (overrides pkgs pkgsStd); @@ -34,18 +79,40 @@ let fetchurl = callPackage fetchurlFun { }; aterm = callPackage atermFun { }; xorg = callPackage xorgFun { }; - mplayer = callPackage mplayerFun { stdenv = pkgs.stdenv2; enableFoo = false; }; + mplayer = callPackage mplayerFun { + stdenv = pkgs.stdenv2; + enableFoo = false; + }; nix = callPackage nixFun { }; }; - in pkgs; + in + pkgs; + + libX11Fun = + { stdenv, fetchurl }: + { + name = "libX11"; + }; + libX11_2Fun = + { stdenv, fetchurl }: + { + name = "libX11_2"; + }; + libXvFun = + { + stdenv, + fetchurl, + libX11, + }: + { + name = "libXv"; + }; - libX11Fun = { stdenv, fetchurl }: { name = "libX11"; }; - libX11_2Fun = { stdenv, fetchurl }: { name = "libX11_2"; }; - libXvFun = { stdenv, fetchurl, libX11 }: { name = "libXv"; }; - xorgFun = { pkgs }: - let callPackage = callPackage_ (pkgs // pkgs.xorg); in + let + callPackage = callPackage_ (pkgs // pkgs.xorg); + in { libX11 = callPackage libX11Fun { }; libXv = callPackage libXvFun { }; @@ -56,25 +123,28 @@ in let pkgs = allPackages { }; - + pkgs2 = allPackages { overrides = pkgs: pkgsPrev: { stdenv = pkgs.stdenv2; nix = pkgsPrev.nix.override { aterm = aterm2Fun { inherit (pkgs) stdenv fetchurl; }; }; - xorg = pkgsPrev.xorg // { libX11 = libX11_2Fun { inherit (pkgs) stdenv fetchurl; }; }; + xorg = pkgsPrev.xorg // { + libX11 = libX11_2Fun { inherit (pkgs) stdenv fetchurl; }; + }; }; }; - + in - [ pkgs.stdenv.name - pkgs.fetchurl.name - pkgs.aterm.name - pkgs2.aterm.name - pkgs.xorg.libX11.name - pkgs.xorg.libXv.name - pkgs.mplayer.name - pkgs2.mplayer.name - pkgs.nix.name - pkgs2.nix.name - ] +[ + pkgs.stdenv.name + pkgs.fetchurl.name + pkgs.aterm.name + pkgs2.aterm.name + pkgs.xorg.libX11.name + pkgs.xorg.libXv.name + pkgs.mplayer.name + pkgs2.mplayer.name + pkgs.nix.name + pkgs2.nix.name +] diff --git a/tests/functional/lang/eval-okay-getattrpos-functionargs.nix b/tests/functional/lang/eval-okay-getattrpos-functionargs.nix index 11d6bb0e3ac..9692911cfc9 100644 --- a/tests/functional/lang/eval-okay-getattrpos-functionargs.nix +++ b/tests/functional/lang/eval-okay-getattrpos-functionargs.nix @@ -1,4 +1,8 @@ let - fun = { foo }: {}; + fun = { foo }: { }; pos = builtins.unsafeGetAttrPos "foo" (builtins.functionArgs fun); -in { inherit (pos) column line; file = baseNameOf pos.file; } +in +{ + inherit (pos) column line; + file = baseNameOf pos.file; +} diff --git a/tests/functional/lang/eval-okay-getattrpos.nix b/tests/functional/lang/eval-okay-getattrpos.nix index ca6b0796154..25bc57444fa 100644 --- a/tests/functional/lang/eval-okay-getattrpos.nix +++ b/tests/functional/lang/eval-okay-getattrpos.nix @@ -3,4 +3,8 @@ let foo = "bar"; }; pos = builtins.unsafeGetAttrPos "foo" as; -in { inherit (pos) column line; file = baseNameOf pos.file; } +in +{ + inherit (pos) column line; + file = baseNameOf pos.file; +} diff --git a/tests/functional/lang/eval-okay-groupBy.nix b/tests/functional/lang/eval-okay-groupBy.nix index 862d89dbd67..f4de5444a3c 100644 --- a/tests/functional/lang/eval-okay-groupBy.nix +++ b/tests/functional/lang/eval-okay-groupBy.nix @@ -1,5 +1,5 @@ with import ./lib.nix; -builtins.groupBy (n: - builtins.substring 0 1 (builtins.hashString "sha256" (toString n)) -) (range 0 31) +builtins.groupBy (n: builtins.substring 0 1 (builtins.hashString "sha256" (toString n))) ( + range 0 31 +) diff --git a/tests/functional/lang/eval-okay-hashfile.nix b/tests/functional/lang/eval-okay-hashfile.nix index aff5a185681..aeaf09f43f6 100644 --- a/tests/functional/lang/eval-okay-hashfile.nix +++ b/tests/functional/lang/eval-okay-hashfile.nix @@ -1,4 +1,14 @@ let - paths = [ ./data ./binary-data ]; + paths = [ + ./data + ./binary-data + ]; in - builtins.concatLists (map (hash: map (builtins.hashFile hash) paths) ["md5" "sha1" "sha256" "sha512"]) +builtins.concatLists ( + map (hash: map (builtins.hashFile hash) paths) [ + "md5" + "sha1" + "sha256" + "sha512" + ] +) diff --git a/tests/functional/lang/eval-okay-hashstring.nix b/tests/functional/lang/eval-okay-hashstring.nix index b0f62b245ca..c760b00435e 100644 --- a/tests/functional/lang/eval-okay-hashstring.nix +++ b/tests/functional/lang/eval-okay-hashstring.nix @@ -1,4 +1,15 @@ let - strings = [ "" "text 1" "text 2" ]; + strings = [ + "" + "text 1" + "text 2" + ]; in - builtins.concatLists (map (hash: map (builtins.hashString hash) strings) ["md5" "sha1" "sha256" "sha512"]) +builtins.concatLists ( + map (hash: map (builtins.hashString hash) strings) [ + "md5" + "sha1" + "sha256" + "sha512" + ] +) diff --git a/tests/functional/lang/eval-okay-if.nix b/tests/functional/lang/eval-okay-if.nix index 23e4c74d501..66b9d15b8cc 100644 --- a/tests/functional/lang/eval-okay-if.nix +++ b/tests/functional/lang/eval-okay-if.nix @@ -1 +1,6 @@ -if "foo" != "f" + "oo" then 1 else if false then 2 else 3 +if "foo" != "f" + "oo" then + 1 +else if false then + 2 +else + 3 diff --git a/tests/functional/lang/eval-okay-import.nix b/tests/functional/lang/eval-okay-import.nix index 0b18d941312..484dccac0e1 100644 --- a/tests/functional/lang/eval-okay-import.nix +++ b/tests/functional/lang/eval-okay-import.nix @@ -8,4 +8,5 @@ let builtins = builtins // overrides; } // import ./lib.nix; -in scopedImport overrides ./imported.nix +in +scopedImport overrides ./imported.nix diff --git a/tests/functional/lang/eval-okay-inherit-attr-pos.nix b/tests/functional/lang/eval-okay-inherit-attr-pos.nix index 017ab1d364d..c162d119677 100644 --- a/tests/functional/lang/eval-okay-inherit-attr-pos.nix +++ b/tests/functional/lang/eval-okay-inherit-attr-pos.nix @@ -4,9 +4,9 @@ let y = { inherit d x; }; z = { inherit (y) d x; }; in - [ - (builtins.unsafeGetAttrPos "d" y) - (builtins.unsafeGetAttrPos "x" y) - (builtins.unsafeGetAttrPos "d" z) - (builtins.unsafeGetAttrPos "x" z) - ] +[ + (builtins.unsafeGetAttrPos "d" y) + (builtins.unsafeGetAttrPos "x" y) + (builtins.unsafeGetAttrPos "d" z) + (builtins.unsafeGetAttrPos "x" z) +] diff --git a/tests/functional/lang/eval-okay-inherit-from.nix b/tests/functional/lang/eval-okay-inherit-from.nix index b72a1c639fd..1a0980aafb1 100644 --- a/tests/functional/lang/eval-okay-inherit-from.nix +++ b/tests/functional/lang/eval-okay-inherit-from.nix @@ -1,5 +1,12 @@ let - inherit (builtins.trace "used" { a = 1; b = 2; }) a b; + inherit + (builtins.trace "used" { + a = 1; + b = 2; + }) + a + b + ; x.c = 3; y.d = 4; @@ -13,4 +20,14 @@ let }; }; in - [ a b rec { x.c = []; inherit (x) c; inherit (y) d; __overrides.y.d = []; } merged ] +[ + a + b + rec { + x.c = [ ]; + inherit (x) c; + inherit (y) d; + __overrides.y.d = [ ]; + } + merged +] diff --git a/tests/functional/lang/eval-okay-intersectAttrs.nix b/tests/functional/lang/eval-okay-intersectAttrs.nix index 39d49938cc2..bf4d58a9969 100644 --- a/tests/functional/lang/eval-okay-intersectAttrs.nix +++ b/tests/functional/lang/eval-okay-intersectAttrs.nix @@ -1,6 +1,6 @@ let - alphabet = - { a = "a"; + alphabet = { + a = "a"; b = "b"; c = "c"; d = "d"; @@ -28,23 +28,46 @@ let z = "z"; }; foo = { - inherit (alphabet) f o b a r z q u x; + inherit (alphabet) + f + o + b + a + r + z + q + u + x + ; aa = throw "aa"; }; alphabetFail = builtins.mapAttrs throw alphabet; in -[ (builtins.intersectAttrs { a = abort "l1"; } { b = abort "r1"; }) +[ + (builtins.intersectAttrs { a = abort "l1"; } { b = abort "r1"; }) (builtins.intersectAttrs { a = abort "l2"; } { a = 1; }) (builtins.intersectAttrs alphabetFail { a = 1; }) - (builtins.intersectAttrs { a = abort "laa"; } alphabet) + (builtins.intersectAttrs { a = abort "laa"; } alphabet) (builtins.intersectAttrs alphabetFail { m = 1; }) - (builtins.intersectAttrs { m = abort "lam"; } alphabet) + (builtins.intersectAttrs { m = abort "lam"; } alphabet) (builtins.intersectAttrs alphabetFail { n = 1; }) - (builtins.intersectAttrs { n = abort "lan"; } alphabet) - (builtins.intersectAttrs alphabetFail { n = 1; p = 2; }) - (builtins.intersectAttrs { n = abort "lan2"; p = abort "lap"; } alphabet) - (builtins.intersectAttrs alphabetFail { n = 1; p = 2; }) - (builtins.intersectAttrs { n = abort "lan2"; p = abort "lap"; } alphabet) + (builtins.intersectAttrs { n = abort "lan"; } alphabet) + (builtins.intersectAttrs alphabetFail { + n = 1; + p = 2; + }) + (builtins.intersectAttrs { + n = abort "lan2"; + p = abort "lap"; + } alphabet) + (builtins.intersectAttrs alphabetFail { + n = 1; + p = 2; + }) + (builtins.intersectAttrs { + n = abort "lan2"; + p = abort "lap"; + } alphabet) (builtins.intersectAttrs alphabetFail alphabet) (builtins.intersectAttrs alphabet foo == builtins.intersectAttrs foo alphabet) ] diff --git a/tests/functional/lang/eval-okay-list.nix b/tests/functional/lang/eval-okay-list.nix index d433bcf908b..b5045a75378 100644 --- a/tests/functional/lang/eval-okay-list.nix +++ b/tests/functional/lang/eval-okay-list.nix @@ -2,6 +2,11 @@ with import ./lib.nix; let { - body = concat ["foo" "bar" "bla" "test"]; - -} \ No newline at end of file + body = concat [ + "foo" + "bar" + "bla" + "test" + ]; + +} diff --git a/tests/functional/lang/eval-okay-listtoattrs.nix b/tests/functional/lang/eval-okay-listtoattrs.nix index 4186e029b53..1de9d6d62f5 100644 --- a/tests/functional/lang/eval-okay-listtoattrs.nix +++ b/tests/functional/lang/eval-okay-listtoattrs.nix @@ -1,11 +1,24 @@ # this test shows how to use listToAttrs and that evaluation is still lazy (throw isn't called) with import ./lib.nix; -let - asi = name: value : { inherit name value; }; - list = [ ( asi "a" "A" ) ( asi "b" "B" ) ]; +let + asi = name: value: { inherit name value; }; + list = [ + (asi "a" "A") + (asi "b" "B") + ]; a = builtins.listToAttrs list; - b = builtins.listToAttrs ( list ++ list ); - r = builtins.listToAttrs [ (asi "result" [ a b ]) ( asi "throw" (throw "this should not be thrown")) ]; - x = builtins.listToAttrs [ (asi "foo" "bar") (asi "foo" "bla") ]; -in concat (map (x: x.a) r.result) + x.foo + b = builtins.listToAttrs (list ++ list); + r = builtins.listToAttrs [ + (asi "result" [ + a + b + ]) + (asi "throw" (throw "this should not be thrown")) + ]; + x = builtins.listToAttrs [ + (asi "foo" "bar") + (asi "foo" "bla") + ]; +in +concat (map (x: x.a) r.result) + x.foo diff --git a/tests/functional/lang/eval-okay-logic.nix b/tests/functional/lang/eval-okay-logic.nix index fbb12794401..55cd2fc00fd 100644 --- a/tests/functional/lang/eval-okay-logic.nix +++ b/tests/functional/lang/eval-okay-logic.nix @@ -1 +1,2 @@ -assert !false && (true || false) -> true; 1 +assert !false && (true || false) -> true; +1 diff --git a/tests/functional/lang/eval-okay-map.nix b/tests/functional/lang/eval-okay-map.nix index a76c1d81145..22059f37a57 100644 --- a/tests/functional/lang/eval-okay-map.nix +++ b/tests/functional/lang/eval-okay-map.nix @@ -1,3 +1,9 @@ with import ./lib.nix; -concat (map (x: x + "bar") [ "foo" "bla" "xyzzy" ]) \ No newline at end of file +concat ( + map (x: x + "bar") [ + "foo" + "bla" + "xyzzy" + ] +) diff --git a/tests/functional/lang/eval-okay-mapattrs.nix b/tests/functional/lang/eval-okay-mapattrs.nix index f075b6275e5..c1182d13db5 100644 --- a/tests/functional/lang/eval-okay-mapattrs.nix +++ b/tests/functional/lang/eval-okay-mapattrs.nix @@ -1,3 +1,6 @@ with import ./lib.nix; -builtins.mapAttrs (name: value: name + "-" + value) { x = "foo"; y = "bar"; } +builtins.mapAttrs (name: value: name + "-" + value) { + x = "foo"; + y = "bar"; +} diff --git a/tests/functional/lang/eval-okay-merge-dynamic-attrs.nix b/tests/functional/lang/eval-okay-merge-dynamic-attrs.nix index f459a554f34..8ee8e503a6a 100644 --- a/tests/functional/lang/eval-okay-merge-dynamic-attrs.nix +++ b/tests/functional/lang/eval-okay-merge-dynamic-attrs.nix @@ -1,9 +1,17 @@ { - set1 = { a = 1; }; - set1 = { "${"b" + ""}" = 2; }; + set1 = { + a = 1; + }; + set1 = { + "${"b" + ""}" = 2; + }; - set2 = { "${"b" + ""}" = 2; }; - set2 = { a = 1; }; + set2 = { + "${"b" + ""}" = 2; + }; + set2 = { + a = 1; + }; set3.a = 1; set3."${"b" + ""}" = 2; diff --git a/tests/functional/lang/eval-okay-nested-with.nix b/tests/functional/lang/eval-okay-nested-with.nix index ba9d79aa79b..ee069eaa1c2 100644 --- a/tests/functional/lang/eval-okay-nested-with.nix +++ b/tests/functional/lang/eval-okay-nested-with.nix @@ -1,3 +1 @@ -with { x = 1; }; -with { x = 2; }; -x +with { x = 1; }; with { x = 2; }; x diff --git a/tests/functional/lang/eval-okay-new-let.nix b/tests/functional/lang/eval-okay-new-let.nix index 73812314150..1a938ce718f 100644 --- a/tests/functional/lang/eval-okay-new-let.nix +++ b/tests/functional/lang/eval-okay-new-let.nix @@ -1,14 +1,16 @@ let - f = z: + f = + z: let x = "foo"; y = "bar"; body = 1; # compat test in - z + x + y; + z + x + y; arg = "xyzzy"; -in f arg +in +f arg diff --git a/tests/functional/lang/eval-okay-null-dynamic-attrs.nix b/tests/functional/lang/eval-okay-null-dynamic-attrs.nix index b060c0bc985..76286b6225c 100644 --- a/tests/functional/lang/eval-okay-null-dynamic-attrs.nix +++ b/tests/functional/lang/eval-okay-null-dynamic-attrs.nix @@ -1 +1 @@ -{ ${null} = true; } == {} +{ ${null} = true; } == { } diff --git a/tests/functional/lang/eval-okay-overrides.nix b/tests/functional/lang/eval-okay-overrides.nix index 719bdc9c05e..1c0d5d7c2ea 100644 --- a/tests/functional/lang/eval-okay-overrides.nix +++ b/tests/functional/lang/eval-okay-overrides.nix @@ -1,8 +1,12 @@ let - overrides = { a = 2; b = 3; }; + overrides = { + a = 2; + b = 3; + }; -in (rec { +in +(rec { __overrides = overrides; x = a; a = 1; diff --git a/tests/functional/lang/eval-okay-parse-flake-ref.nix b/tests/functional/lang/eval-okay-parse-flake-ref.nix index db4ed2742cd..404c5df0824 100644 --- a/tests/functional/lang/eval-okay-parse-flake-ref.nix +++ b/tests/functional/lang/eval-okay-parse-flake-ref.nix @@ -1 +1 @@ - builtins.parseFlakeRef "github:NixOS/nixpkgs/23.05?dir=lib" +builtins.parseFlakeRef "github:NixOS/nixpkgs/23.05?dir=lib" diff --git a/tests/functional/lang/eval-okay-partition.nix b/tests/functional/lang/eval-okay-partition.nix index 846d2ce4948..b9566edf979 100644 --- a/tests/functional/lang/eval-okay-partition.nix +++ b/tests/functional/lang/eval-okay-partition.nix @@ -1,5 +1,8 @@ with import ./lib.nix; -builtins.partition - (x: x / 2 * 2 == x) - (builtins.concatLists [ (range 0 10) (range 100 110) ]) +builtins.partition (x: x / 2 * 2 == x) ( + builtins.concatLists [ + (range 0 10) + (range 100 110) + ] +) diff --git a/tests/functional/lang/eval-okay-path.nix b/tests/functional/lang/eval-okay-path.nix index 599b3354147..b8b48aae1a6 100644 --- a/tests/functional/lang/eval-okay-path.nix +++ b/tests/functional/lang/eval-okay-path.nix @@ -1,15 +1,15 @@ [ - (builtins.path - { path = ./.; - filter = path: _: baseNameOf path == "data"; - recursive = true; - sha256 = "1yhm3gwvg5a41yylymgblsclk95fs6jy72w0wv925mmidlhcq4sw"; - name = "output"; - }) - (builtins.path - { path = ./data; - recursive = false; - sha256 = "0k4lwj58f2w5yh92ilrwy9917pycipbrdrr13vbb3yd02j09vfxm"; - name = "output"; - }) + (builtins.path { + path = ./.; + filter = path: _: baseNameOf path == "data"; + recursive = true; + sha256 = "1yhm3gwvg5a41yylymgblsclk95fs6jy72w0wv925mmidlhcq4sw"; + name = "output"; + }) + (builtins.path { + path = ./data; + recursive = false; + sha256 = "0k4lwj58f2w5yh92ilrwy9917pycipbrdrr13vbb3yd02j09vfxm"; + name = "output"; + }) ] diff --git a/tests/functional/lang/eval-okay-patterns.nix b/tests/functional/lang/eval-okay-patterns.nix index 96fd25a0151..b92b232d2fa 100644 --- a/tests/functional/lang/eval-okay-patterns.nix +++ b/tests/functional/lang/eval-okay-patterns.nix @@ -1,16 +1,59 @@ let - f = args@{x, y, z}: x + args.y + z; + f = + args@{ + x, + y, + z, + }: + x + args.y + z; - g = {x, y, z}@args: f args; + g = + { + x, + y, + z, + }@args: + f args; - h = {x ? "d", y ? x, z ? args.x}@args: x + y + z; + h = + { + x ? "d", + y ? x, + z ? args.x, + }@args: + x + y + z; - j = {x, y, z, ...}: x + y + z; + j = + { + x, + y, + z, + ... + }: + x + y + z; in - f {x = "a"; y = "b"; z = "c";} + - g {x = "x"; y = "y"; z = "z";} + - h {x = "D";} + - h {x = "D"; y = "E"; z = "F";} + - j {x = "i"; y = "j"; z = "k"; bla = "bla"; foo = "bar";} +f { + x = "a"; + y = "b"; + z = "c"; +} ++ g { + x = "x"; + y = "y"; + z = "z"; +} ++ h { x = "D"; } ++ h { + x = "D"; + y = "E"; + z = "F"; +} ++ j { + x = "i"; + y = "j"; + z = "k"; + bla = "bla"; + foo = "bar"; +} diff --git a/tests/functional/lang/eval-okay-print.nix b/tests/functional/lang/eval-okay-print.nix index d36ba4da31c..1ad46560235 100644 --- a/tests/functional/lang/eval-okay-print.nix +++ b/tests/functional/lang/eval-okay-print.nix @@ -1 +1,15 @@ -with builtins; trace [(1+1)] [ null toString (deepSeq "x") (a: a) (let x=[x]; in x) ] +with builtins; +trace + [ (1 + 1) ] + [ + null + toString + (deepSeq "x") + (a: a) + ( + let + x = [ x ]; + in + x + ) + ] diff --git a/tests/functional/lang/eval-okay-readFileType.nix b/tests/functional/lang/eval-okay-readFileType.nix index 174fb6c3a02..79beb9a6e25 100644 --- a/tests/functional/lang/eval-okay-readFileType.nix +++ b/tests/functional/lang/eval-okay-readFileType.nix @@ -1,6 +1,6 @@ { - bar = builtins.readFileType ./readDir/bar; - foo = builtins.readFileType ./readDir/foo; + bar = builtins.readFileType ./readDir/bar; + foo = builtins.readFileType ./readDir/foo; linked = builtins.readFileType ./readDir/linked; - ldir = builtins.readFileType ./readDir/ldir; + ldir = builtins.readFileType ./readDir/ldir; } diff --git a/tests/functional/lang/eval-okay-redefine-builtin.nix b/tests/functional/lang/eval-okay-redefine-builtin.nix index df9fc3f37d2..ec95ffa932a 100644 --- a/tests/functional/lang/eval-okay-redefine-builtin.nix +++ b/tests/functional/lang/eval-okay-redefine-builtin.nix @@ -1,3 +1,4 @@ let throw = abort "Error!"; -in (builtins.tryEval ).success +in +(builtins.tryEval ).success diff --git a/tests/functional/lang/eval-okay-regex-match.nix b/tests/functional/lang/eval-okay-regex-match.nix index 273e2590713..54b995996f1 100644 --- a/tests/functional/lang/eval-okay-regex-match.nix +++ b/tests/functional/lang/eval-okay-regex-match.nix @@ -8,22 +8,34 @@ let in -assert matches "foobar" "foobar"; -assert matches "fo*" "f"; +assert matches "foobar" "foobar"; +assert matches "fo*" "f"; assert !matches "fo+" "f"; -assert matches "fo*" "fo"; -assert matches "fo*" "foo"; -assert matches "fo+" "foo"; -assert matches "fo{1,2}" "foo"; +assert matches "fo*" "fo"; +assert matches "fo*" "foo"; +assert matches "fo+" "foo"; +assert matches "fo{1,2}" "foo"; assert !matches "fo{1,2}" "fooo"; assert !matches "fo*" "foobar"; -assert matches "[[:space:]]+([^[:space:]]+)[[:space:]]+" " foo "; +assert matches "[[:space:]]+([^[:space:]]+)[[:space:]]+" " foo "; assert !matches "[[:space:]]+([[:upper:]]+)[[:space:]]+" " foo "; assert match "(.*)\\.nix" "foobar.nix" == [ "foobar" ]; assert match "[[:space:]]+([[:upper:]]+)[[:space:]]+" " FOO " == [ "FOO" ]; -assert splitFN "/path/to/foobar.nix" == [ "/path/to/" "/path/to" "foobar" "nix" ]; -assert splitFN "foobar.cc" == [ null null "foobar" "cc" ]; +assert + splitFN "/path/to/foobar.nix" == [ + "/path/to/" + "/path/to" + "foobar" + "nix" + ]; +assert + splitFN "foobar.cc" == [ + null + null + "foobar" + "cc" + ]; true diff --git a/tests/functional/lang/eval-okay-regex-split.nix b/tests/functional/lang/eval-okay-regex-split.nix index 0073e057787..8ab3e60cbb2 100644 --- a/tests/functional/lang/eval-okay-regex-split.nix +++ b/tests/functional/lang/eval-okay-regex-split.nix @@ -1,48 +1,197 @@ with builtins; # Non capturing regex returns empty lists -assert split "foobar" "foobar" == ["" [] ""]; -assert split "fo*" "f" == ["" [] ""]; -assert split "fo+" "f" == ["f"]; -assert split "fo*" "fo" == ["" [] ""]; -assert split "fo*" "foo" == ["" [] ""]; -assert split "fo+" "foo" == ["" [] ""]; -assert split "fo{1,2}" "foo" == ["" [] ""]; -assert split "fo{1,2}" "fooo" == ["" [] "o"]; -assert split "fo*" "foobar" == ["" [] "bar"]; +assert + split "foobar" "foobar" == [ + "" + [ ] + "" + ]; +assert + split "fo*" "f" == [ + "" + [ ] + "" + ]; +assert split "fo+" "f" == [ "f" ]; +assert + split "fo*" "fo" == [ + "" + [ ] + "" + ]; +assert + split "fo*" "foo" == [ + "" + [ ] + "" + ]; +assert + split "fo+" "foo" == [ + "" + [ ] + "" + ]; +assert + split "fo{1,2}" "foo" == [ + "" + [ ] + "" + ]; +assert + split "fo{1,2}" "fooo" == [ + "" + [ ] + "o" + ]; +assert + split "fo*" "foobar" == [ + "" + [ ] + "bar" + ]; # Capturing regex returns a list of sub-matches -assert split "(fo*)" "f" == ["" ["f"] ""]; -assert split "(fo+)" "f" == ["f"]; -assert split "(fo*)" "fo" == ["" ["fo"] ""]; -assert split "(f)(o*)" "f" == ["" ["f" ""] ""]; -assert split "(f)(o*)" "foo" == ["" ["f" "oo"] ""]; -assert split "(fo+)" "foo" == ["" ["foo"] ""]; -assert split "(fo{1,2})" "foo" == ["" ["foo"] ""]; -assert split "(fo{1,2})" "fooo" == ["" ["foo"] "o"]; -assert split "(fo*)" "foobar" == ["" ["foo"] "bar"]; +assert + split "(fo*)" "f" == [ + "" + [ "f" ] + "" + ]; +assert split "(fo+)" "f" == [ "f" ]; +assert + split "(fo*)" "fo" == [ + "" + [ "fo" ] + "" + ]; +assert + split "(f)(o*)" "f" == [ + "" + [ + "f" + "" + ] + "" + ]; +assert + split "(f)(o*)" "foo" == [ + "" + [ + "f" + "oo" + ] + "" + ]; +assert + split "(fo+)" "foo" == [ + "" + [ "foo" ] + "" + ]; +assert + split "(fo{1,2})" "foo" == [ + "" + [ "foo" ] + "" + ]; +assert + split "(fo{1,2})" "fooo" == [ + "" + [ "foo" ] + "o" + ]; +assert + split "(fo*)" "foobar" == [ + "" + [ "foo" ] + "bar" + ]; # Matches are greedy. -assert split "(o+)" "oooofoooo" == ["" ["oooo"] "f" ["oooo"] ""]; +assert + split "(o+)" "oooofoooo" == [ + "" + [ "oooo" ] + "f" + [ "oooo" ] + "" + ]; # Matches multiple times. -assert split "(b)" "foobarbaz" == ["foo" ["b"] "ar" ["b"] "az"]; +assert + split "(b)" "foobarbaz" == [ + "foo" + [ "b" ] + "ar" + [ "b" ] + "az" + ]; # Split large strings containing newlines. null are inserted when a # pattern within the current did not match anything. -assert split "[[:space:]]+|([',.!?])" '' - Nix Rocks! - That's why I use it. -'' == [ - "Nix" [ null ] "Rocks" ["!"] "" [ null ] - "That" ["'"] "s" [ null ] "why" [ null ] "I" [ null ] "use" [ null ] "it" ["."] "" [ null ] - "" -]; +assert + split "[[:space:]]+|([',.!?])" '' + Nix Rocks! + That's why I use it. + '' == [ + "Nix" + [ null ] + "Rocks" + [ "!" ] + "" + [ null ] + "That" + [ "'" ] + "s" + [ null ] + "why" + [ null ] + "I" + [ null ] + "use" + [ null ] + "it" + [ "." ] + "" + [ null ] + "" + ]; # Documentation examples -assert split "(a)b" "abc" == [ "" [ "a" ] "c" ]; -assert split "([ac])" "abc" == [ "" [ "a" ] "b" [ "c" ] "" ]; -assert split "(a)|(c)" "abc" == [ "" [ "a" null ] "b" [ null "c" ] "" ]; -assert split "([[:upper:]]+)" " FOO " == [ " " [ "FOO" ] " " ]; +assert + split "(a)b" "abc" == [ + "" + [ "a" ] + "c" + ]; +assert + split "([ac])" "abc" == [ + "" + [ "a" ] + "b" + [ "c" ] + "" + ]; +assert + split "(a)|(c)" "abc" == [ + "" + [ + "a" + null + ] + "b" + [ + null + "c" + ] + "" + ]; +assert + split "([[:upper:]]+)" " FOO " == [ + " " + [ "FOO" ] + " " + ]; true diff --git a/tests/functional/lang/eval-okay-regression-20220125.nix b/tests/functional/lang/eval-okay-regression-20220125.nix index 48550237394..1c4b8e09f39 100644 --- a/tests/functional/lang/eval-okay-regression-20220125.nix +++ b/tests/functional/lang/eval-okay-regression-20220125.nix @@ -1,2 +1 @@ ((__curPosFoo: __curPosFoo) 1) + ((__curPosBar: __curPosBar) 2) - diff --git a/tests/functional/lang/eval-okay-regrettable-rec-attrset-merge.nix b/tests/functional/lang/eval-okay-regrettable-rec-attrset-merge.nix index 8df6a2ad81d..e92ae8125a6 100644 --- a/tests/functional/lang/eval-okay-regrettable-rec-attrset-merge.nix +++ b/tests/functional/lang/eval-okay-regrettable-rec-attrset-merge.nix @@ -1,3 +1,10 @@ # This is for backwards compatibility, not because we like it. # See https://github.com/NixOS/nix/issues/9020. -{ a = rec { b = c + 1; d = 2; }; a.c = d + 3; }.a.b +{ + a = rec { + b = c + 1; + d = 2; + }; + a.c = d + 3; +} +.a.b diff --git a/tests/functional/lang/eval-okay-remove.nix b/tests/functional/lang/eval-okay-remove.nix index 4ad5ba897fa..a7ee3a07148 100644 --- a/tests/functional/lang/eval-okay-remove.nix +++ b/tests/functional/lang/eval-okay-remove.nix @@ -1,5 +1,8 @@ let { - attrs = {x = 123; y = 456;}; + attrs = { + x = 123; + y = 456; + }; - body = (removeAttrs attrs ["x"]).y; -} \ No newline at end of file + body = (removeAttrs attrs [ "x" ]).y; +} diff --git a/tests/functional/lang/eval-okay-repeated-empty-attrs.nix b/tests/functional/lang/eval-okay-repeated-empty-attrs.nix index 030a3b85c76..0749e21a57c 100644 --- a/tests/functional/lang/eval-okay-repeated-empty-attrs.nix +++ b/tests/functional/lang/eval-okay-repeated-empty-attrs.nix @@ -1,2 +1,5 @@ # Tests that empty attribute sets are not printed as `«repeated»`. -[ {} {} ] +[ + { } + { } +] diff --git a/tests/functional/lang/eval-okay-repeated-empty-list.nix b/tests/functional/lang/eval-okay-repeated-empty-list.nix index 376c51be886..7e24fe81b27 100644 --- a/tests/functional/lang/eval-okay-repeated-empty-list.nix +++ b/tests/functional/lang/eval-okay-repeated-empty-list.nix @@ -1 +1,4 @@ -[ [] [] ] +[ + [ ] + [ ] +] diff --git a/tests/functional/lang/eval-okay-replacestrings.nix b/tests/functional/lang/eval-okay-replacestrings.nix index a803e65199a..81a932a1daa 100644 --- a/tests/functional/lang/eval-okay-replacestrings.nix +++ b/tests/functional/lang/eval-okay-replacestrings.nix @@ -1,12 +1,13 @@ with builtins; -[ (replaceStrings ["o"] ["a"] "foobar") - (replaceStrings ["o"] [""] "foobar") - (replaceStrings ["oo"] ["u"] "foobar") - (replaceStrings ["oo" "a"] ["a" "oo"] "foobar") - (replaceStrings ["oo" "oo"] ["u" "i"] "foobar") - (replaceStrings [""] ["X"] "abc") - (replaceStrings [""] ["X"] "") - (replaceStrings ["-"] ["_"] "a-b") - (replaceStrings ["oo" "XX"] ["u" (throw "unreachable")] "foobar") +[ + (replaceStrings [ "o" ] [ "a" ] "foobar") + (replaceStrings [ "o" ] [ "" ] "foobar") + (replaceStrings [ "oo" ] [ "u" ] "foobar") + (replaceStrings [ "oo" "a" ] [ "a" "oo" ] "foobar") + (replaceStrings [ "oo" "oo" ] [ "u" "i" ] "foobar") + (replaceStrings [ "" ] [ "X" ] "abc") + (replaceStrings [ "" ] [ "X" ] "") + (replaceStrings [ "-" ] [ "_" ] "a-b") + (replaceStrings [ "oo" "XX" ] [ "u" (throw "unreachable") ] "foobar") ] diff --git a/tests/functional/lang/eval-okay-scope-1.nix b/tests/functional/lang/eval-okay-scope-1.nix index fa38a7174e0..b7bbcc432d5 100644 --- a/tests/functional/lang/eval-okay-scope-1.nix +++ b/tests/functional/lang/eval-okay-scope-1.nix @@ -1,6 +1,13 @@ -(({x}: x: +( + ( + { x }: + x: - { x = 1; - y = x; - } -) {x = 2;} 3).y + { + x = 1; + y = x; + } + ) + { x = 2; } + 3 +).y diff --git a/tests/functional/lang/eval-okay-scope-2.nix b/tests/functional/lang/eval-okay-scope-2.nix index eb8b02bc499..54f7ec3b230 100644 --- a/tests/functional/lang/eval-okay-scope-2.nix +++ b/tests/functional/lang/eval-okay-scope-2.nix @@ -1,6 +1,12 @@ -((x: {x}: - rec { - x = 1; - y = x; - } -) 2 {x = 3;}).y +( + ( + x: + { x }: + rec { + x = 1; + y = x; + } + ) + 2 + { x = 3; } +).y diff --git a/tests/functional/lang/eval-okay-scope-3.nix b/tests/functional/lang/eval-okay-scope-3.nix index 10d6bc04d83..6a77583b7da 100644 --- a/tests/functional/lang/eval-okay-scope-3.nix +++ b/tests/functional/lang/eval-okay-scope-3.nix @@ -1,6 +1,13 @@ -((x: as: {x}: - rec { - inherit (as) x; - y = x; - } -) 2 {x = 4;} {x = 3;}).y +( + ( + x: as: + { x }: + rec { + inherit (as) x; + y = x; + } + ) + 2 + { x = 4; } + { x = 3; } +).y diff --git a/tests/functional/lang/eval-okay-scope-4.nix b/tests/functional/lang/eval-okay-scope-4.nix index dc8243bc854..ccae8564cda 100644 --- a/tests/functional/lang/eval-okay-scope-4.nix +++ b/tests/functional/lang/eval-okay-scope-4.nix @@ -3,8 +3,13 @@ let { x = "a"; y = "b"; - f = {x ? y, y ? x}: x + y; - - body = f {x = "c";} + f {y = "d";}; + f = + { + x ? y, + y ? x, + }: + x + y; + + body = f { x = "c"; } + f { y = "d"; }; } diff --git a/tests/functional/lang/eval-okay-scope-6.nix b/tests/functional/lang/eval-okay-scope-6.nix index 0995d4e7e7e..be2cc31a1f2 100644 --- a/tests/functional/lang/eval-okay-scope-6.nix +++ b/tests/functional/lang/eval-okay-scope-6.nix @@ -1,7 +1,12 @@ let { - f = {x ? y, y ? x}: x + y; + f = + { + x ? y, + y ? x, + }: + x + y; - body = f {x = "c";} + f {y = "d";}; + body = f { x = "c"; } + f { y = "d"; }; } diff --git a/tests/functional/lang/eval-okay-scope-7.nix b/tests/functional/lang/eval-okay-scope-7.nix index 4da02968f6b..91f22f55388 100644 --- a/tests/functional/lang/eval-okay-scope-7.nix +++ b/tests/functional/lang/eval-okay-scope-7.nix @@ -3,4 +3,5 @@ rec { x = { y = 1; }; -}.y +} +.y diff --git a/tests/functional/lang/eval-okay-search-path.nix b/tests/functional/lang/eval-okay-search-path.nix index 6fe33decc01..702e1b64c15 100644 --- a/tests/functional/lang/eval-okay-search-path.nix +++ b/tests/functional/lang/eval-okay-search-path.nix @@ -6,5 +6,16 @@ assert isFunction (import ); assert length __nixPath == 5; assert length (filter (x: baseNameOf x.path == "dir4") __nixPath) == 1; -import + import + import + import - + (let __nixPath = [ { path = ./dir2; } { path = ./dir1; } ]; in import ) +import ++ import ++ import ++ import ++ ( + let + __nixPath = [ + { path = ./dir2; } + { path = ./dir1; } + ]; + in + import +) diff --git a/tests/functional/lang/eval-okay-sort.nix b/tests/functional/lang/eval-okay-sort.nix index 50aa78e4032..412bda4a09f 100644 --- a/tests/functional/lang/eval-okay-sort.nix +++ b/tests/functional/lang/eval-okay-sort.nix @@ -1,20 +1,64 @@ with builtins; -[ (sort lessThan [ 483 249 526 147 42 77 ]) - (sort (x: y: y < x) [ 483 249 526 147 42 77 ]) - (sort lessThan [ "foo" "bar" "xyzzy" "fnord" ]) - (sort (x: y: x.key < y.key) - [ { key = 1; value = "foo"; } { key = 2; value = "bar"; } { key = 1; value = "fnord"; } ]) +[ (sort lessThan [ - [ 1 6 ] + 483 + 249 + 526 + 147 + 42 + 77 + ]) + (sort (x: y: y < x) [ + 483 + 249 + 526 + 147 + 42 + 77 + ]) + (sort lessThan [ + "foo" + "bar" + "xyzzy" + "fnord" + ]) + (sort (x: y: x.key < y.key) [ + { + key = 1; + value = "foo"; + } + { + key = 2; + value = "bar"; + } + { + key = 1; + value = "fnord"; + } + ]) + (sort lessThan [ + [ + 1 + 6 + ] [ ] - [ 2 3 ] + [ + 2 + 3 + ] [ 3 ] - [ 1 5 ] + [ + 1 + 5 + ] [ 2 ] [ 1 ] [ ] - [ 1 4 ] + [ + 1 + 4 + ] [ 3 ] ]) ] diff --git a/tests/functional/lang/eval-okay-string.nix b/tests/functional/lang/eval-okay-string.nix index 47cc989ad46..d3b743fdbed 100644 --- a/tests/functional/lang/eval-okay-string.nix +++ b/tests/functional/lang/eval-okay-string.nix @@ -1,12 +1,13 @@ -"foo" + "bar" - + toString (/a/b + /c/d) - + toString (/foo/bar + "/../xyzzy/." + "/foo.txt") - + ("/../foo" + toString /x/y) - + "escape: \"quote\" \n \\" - + "end +"foo" ++ "bar" ++ toString (/a/b + /c/d) ++ toString (/foo/bar + "/../xyzzy/." + "/foo.txt") ++ ("/../foo" + toString /x/y) ++ "escape: \"quote\" \n \\" ++ "end of line" - + "foo${if true then "b${"a" + "r"}" else "xyzzy"}blaat" - + "foo$bar" - + "$\"$\"" - + "$" ++ "foo${if true then "b${"a" + "r"}" else "xyzzy"}blaat" ++ "foo$bar" ++ "$\"$\"" ++ "$" diff --git a/tests/functional/lang/eval-okay-strings-as-attrs-names.nix b/tests/functional/lang/eval-okay-strings-as-attrs-names.nix index 5e40928dbe3..158dc8e754e 100644 --- a/tests/functional/lang/eval-okay-strings-as-attrs-names.nix +++ b/tests/functional/lang/eval-okay-strings-as-attrs-names.nix @@ -14,7 +14,5 @@ let # variable. "foo bar" = 1; -in t1 == "test" - && t2 == "caseok" - && t3 == true - && t4 == ["key 1"] +in +t1 == "test" && t2 == "caseok" && t3 == true && t4 == [ "key 1" ] diff --git a/tests/functional/lang/eval-okay-substring-context.nix b/tests/functional/lang/eval-okay-substring-context.nix index d0ef70d4e67..9e9d3a1aa95 100644 --- a/tests/functional/lang/eval-okay-substring-context.nix +++ b/tests/functional/lang/eval-okay-substring-context.nix @@ -2,10 +2,15 @@ with builtins; let - s = "${builtins.derivation { name = "test"; builder = "/bin/sh"; system = "x86_64-linux"; }}"; + s = "${builtins.derivation { + name = "test"; + builder = "/bin/sh"; + system = "x86_64-linux"; + }}"; in -if getContext s == getContext "${substring 0 0 s + unsafeDiscardStringContext s}" -then "okay" -else throw "empty substring should preserve context" +if getContext s == getContext "${substring 0 0 s + unsafeDiscardStringContext s}" then + "okay" +else + throw "empty substring should preserve context" diff --git a/tests/functional/lang/eval-okay-tail-call-1.nix b/tests/functional/lang/eval-okay-tail-call-1.nix index a3962ce3fdb..d3ec0c9adfd 100644 --- a/tests/functional/lang/eval-okay-tail-call-1.nix +++ b/tests/functional/lang/eval-okay-tail-call-1.nix @@ -1,3 +1,4 @@ let f = n: if n == 100000 then n else f (n + 1); -in f 0 +in +f 0 diff --git a/tests/functional/lang/eval-okay-tojson.nix b/tests/functional/lang/eval-okay-tojson.nix index ce67943bead..863c0766392 100644 --- a/tests/functional/lang/eval-okay-tojson.nix +++ b/tests/functional/lang/eval-okay-tojson.nix @@ -1,13 +1,26 @@ -builtins.toJSON - { a = 123; - b = -456; - c = "foo"; - d = "foo\n\"bar\""; - e = true; - f = false; - g = [ 1 2 3 ]; - h = [ "a" [ "b" { "foo\nbar" = {}; } ] ]; - i = 1 + 2; - j = 1.44; - k = { __toString = self: self.a; a = "foo"; }; - } +builtins.toJSON { + a = 123; + b = -456; + c = "foo"; + d = "foo\n\"bar\""; + e = true; + f = false; + g = [ + 1 + 2 + 3 + ]; + h = [ + "a" + [ + "b" + { "foo\nbar" = { }; } + ] + ]; + i = 1 + 2; + j = 1.44; + k = { + __toString = self: self.a; + a = "foo"; + }; +} diff --git a/tests/functional/lang/eval-okay-toxml2.nix b/tests/functional/lang/eval-okay-toxml2.nix index ff1791b30eb..0d5989a50e7 100644 --- a/tests/functional/lang/eval-okay-toxml2.nix +++ b/tests/functional/lang/eval-okay-toxml2.nix @@ -1 +1,8 @@ -builtins.toXML [("a" + "b") 10 (rec {x = "x"; y = x;})] +builtins.toXML [ + ("a" + "b") + 10 + (rec { + x = "x"; + y = x; + }) +] diff --git a/tests/functional/lang/eval-okay-tryeval.nix b/tests/functional/lang/eval-okay-tryeval.nix index 629bc440a85..22b23d88342 100644 --- a/tests/functional/lang/eval-okay-tryeval.nix +++ b/tests/functional/lang/eval-okay-tryeval.nix @@ -1,5 +1,8 @@ { x = builtins.tryEval "x"; - y = builtins.tryEval (assert false; "y"); + y = builtins.tryEval ( + assert false; + "y" + ); z = builtins.tryEval (throw "bla"); } diff --git a/tests/functional/lang/eval-okay-types.nix b/tests/functional/lang/eval-okay-types.nix index 9b58be5d1dd..0814489edd3 100644 --- a/tests/functional/lang/eval-okay-types.nix +++ b/tests/functional/lang/eval-okay-types.nix @@ -1,6 +1,7 @@ with builtins; -[ (isNull null) +[ + (isNull null) (isNull (x: x)) (isFunction (x: x)) (isFunction "fnord") @@ -29,7 +30,11 @@ with builtins; (typeOf "xyzzy") (typeOf null) (typeOf { x = 456; }) - (typeOf [ 1 2 3 ]) + (typeOf [ + 1 + 2 + 3 + ]) (typeOf (x: x)) (typeOf ((x: y: x) 1)) (typeOf map) diff --git a/tests/functional/lang/eval-okay-versions.nix b/tests/functional/lang/eval-okay-versions.nix index e9111f5f433..3456015e538 100644 --- a/tests/functional/lang/eval-okay-versions.nix +++ b/tests/functional/lang/eval-okay-versions.nix @@ -10,10 +10,13 @@ let lt = builtins.sub 0 1; gt = 1; - versionTest = v1: v2: expected: - let d1 = builtins.compareVersions v1 v2; - d2 = builtins.compareVersions v2 v1; - in d1 == builtins.sub 0 d2 && d1 == expected; + versionTest = + v1: v2: expected: + let + d1 = builtins.compareVersions v1 v2; + d2 = builtins.compareVersions v2 v1; + in + d1 == builtins.sub 0 d2 && d1 == expected; tests = [ ((builtins.parseDrvName name1).name == "hello") @@ -40,4 +43,5 @@ let (versionTest "2.3pre1" "2.3q" lt) ]; -in (import ./lib.nix).and tests +in +(import ./lib.nix).and tests diff --git a/tests/functional/lang/eval-okay-xml.nix b/tests/functional/lang/eval-okay-xml.nix index 9ee9f8a0b4f..9785c66ef42 100644 --- a/tests/functional/lang/eval-okay-xml.nix +++ b/tests/functional/lang/eval-okay-xml.nix @@ -10,12 +10,31 @@ rec { c = "foo" + "bar"; - f = {z, x, y}: if y then x else z; + f = + { + z, + x, + y, + }: + if y then x else z; id = x: x; - at = args@{x, y, z}: x; - - ellipsis = {x, y, z, ...}: x; + at = + args@{ + x, + y, + z, + }: + x; + + ellipsis = + { + x, + y, + z, + ... + }: + x; } diff --git a/tests/functional/lang/eval-okay-zipAttrsWith.nix b/tests/functional/lang/eval-okay-zipAttrsWith.nix index 877d4e5fa31..20f6891115e 100644 --- a/tests/functional/lang/eval-okay-zipAttrsWith.nix +++ b/tests/functional/lang/eval-okay-zipAttrsWith.nix @@ -3,7 +3,6 @@ with import ./lib.nix; let str = builtins.hashString "sha256" "test"; in -builtins.zipAttrsWith - (n: v: { inherit n v; }) - (map (n: { ${builtins.substring n 1 str} = n; }) - (range 0 31)) +builtins.zipAttrsWith (n: v: { inherit n v; }) ( + map (n: { ${builtins.substring n 1 str} = n; }) (range 0 31) +) diff --git a/tests/functional/lang/lib.nix b/tests/functional/lang/lib.nix index 028a538314b..126128abe7a 100644 --- a/tests/functional/lang/lib.nix +++ b/tests/functional/lang/lib.nix @@ -2,60 +2,76 @@ with builtins; rec { - fold = op: nul: list: - if list == [] - then nul - else op (head list) (fold op nul (tail list)); + fold = + op: nul: list: + if list == [ ] then nul else op (head list) (fold op nul (tail list)); - concat = - fold (x: y: x + y) ""; + concat = fold (x: y: x + y) ""; and = fold (x: y: x && y) true; - flatten = x: - if isList x - then fold (x: y: (flatten x) ++ y) [] x - else [x]; + flatten = x: if isList x then fold (x: y: (flatten x) ++ y) [ ] x else [ x ]; sum = foldl' (x: y: add x y) 0; - hasSuffix = ext: fileName: - let lenFileName = stringLength fileName; - lenExt = stringLength ext; - in !(lessThan lenFileName lenExt) && - substring (sub lenFileName lenExt) lenFileName fileName == ext; + hasSuffix = + ext: fileName: + let + lenFileName = stringLength fileName; + lenExt = stringLength ext; + in + !(lessThan lenFileName lenExt) && substring (sub lenFileName lenExt) lenFileName fileName == ext; # Split a list at the given position. - splitAt = pos: list: - if pos == 0 then {first = []; second = list;} else - if list == [] then {first = []; second = [];} else - let res = splitAt (sub pos 1) (tail list); - in {first = [(head list)] ++ res.first; second = res.second;}; + splitAt = + pos: list: + if pos == 0 then + { + first = [ ]; + second = list; + } + else if list == [ ] then + { + first = [ ]; + second = [ ]; + } + else + let + res = splitAt (sub pos 1) (tail list); + in + { + first = [ (head list) ] ++ res.first; + second = res.second; + }; # Stable merge sort. - sortBy = comp: list: - if lessThan 1 (length list) - then + sortBy = + comp: list: + if lessThan 1 (length list) then let split = splitAt (div (length list) 2) list; first = sortBy comp split.first; second = sortBy comp split.second; - in mergeLists comp first second - else list; + in + mergeLists comp first second + else + list; - mergeLists = comp: list1: list2: - if list1 == [] then list2 else - if list2 == [] then list1 else - if comp (head list2) (head list1) then [(head list2)] ++ mergeLists comp list1 (tail list2) else - [(head list1)] ++ mergeLists comp (tail list1) list2; + mergeLists = + comp: list1: list2: + if list1 == [ ] then + list2 + else if list2 == [ ] then + list1 + else if comp (head list2) (head list1) then + [ (head list2) ] ++ mergeLists comp list1 (tail list2) + else + [ (head list1) ] ++ mergeLists comp (tail list1) list2; id = x: x; const = x: y: x; - range = first: last: - if first > last - then [] - else genList (n: first + n) (last - first + 1); + range = first: last: if first > last then [ ] else genList (n: first + n) (last - first + 1); } diff --git a/tests/functional/linux-sandbox-cert-test.nix b/tests/functional/linux-sandbox-cert-test.nix index 2fc083ea932..82989c64f88 100644 --- a/tests/functional/linux-sandbox-cert-test.nix +++ b/tests/functional/linux-sandbox-cert-test.nix @@ -22,9 +22,12 @@ mkDerivation ( # derivations being cached, and do not want to compute the right hash. false; ''; - } // { - fixed-output = { outputHash = "sha256:0000000000000000000000000000000000000000000000000000000000000000"; }; + } + // { + fixed-output = { + outputHash = "sha256:0000000000000000000000000000000000000000000000000000000000000000"; + }; normal = { }; - }.${mode} + } + .${mode} ) - diff --git a/tests/functional/multiple-outputs.nix b/tests/functional/multiple-outputs.nix index 6ba7c523d8e..2c9243097d5 100644 --- a/tests/functional/multiple-outputs.nix +++ b/tests/functional/multiple-outputs.nix @@ -5,94 +5,111 @@ rec { # Want to ensure that "out" doesn't get a suffix on it's path. nameCheck = mkDerivation { name = "multiple-outputs-a"; - outputs = [ "out" "dev" ]; - builder = builtins.toFile "builder.sh" - '' - mkdir $first $second - test -z $all - echo "first" > $first/file - echo "second" > $second/file - ln -s $first $second/link - ''; + outputs = [ + "out" + "dev" + ]; + builder = builtins.toFile "builder.sh" '' + mkdir $first $second + test -z $all + echo "first" > $first/file + echo "second" > $second/file + ln -s $first $second/link + ''; helloString = "Hello, world!"; }; a = mkDerivation { name = "multiple-outputs-a"; - outputs = [ "first" "second" ]; - builder = builtins.toFile "builder.sh" - '' - mkdir $first $second - test -z $all - echo "first" > $first/file - echo "second" > $second/file - ln -s $first $second/link - ''; + outputs = [ + "first" + "second" + ]; + builder = builtins.toFile "builder.sh" '' + mkdir $first $second + test -z $all + echo "first" > $first/file + echo "second" > $second/file + ln -s $first $second/link + ''; helloString = "Hello, world!"; }; use-a = mkDerivation { name = "use-a"; inherit (a) first second; - builder = builtins.toFile "builder.sh" - '' - cat $first/file $second/file >$out - ''; + builder = builtins.toFile "builder.sh" '' + cat $first/file $second/file >$out + ''; }; b = mkDerivation { - defaultOutput = assert a.second.helloString == "Hello, world!"; a; - firstOutput = assert a.outputName == "first"; a.first.first; - secondOutput = assert a.second.outputName == "second"; a.second.first.first.second.second.first.second; + defaultOutput = + assert a.second.helloString == "Hello, world!"; + a; + firstOutput = + assert a.outputName == "first"; + a.first.first; + secondOutput = + assert a.second.outputName == "second"; + a.second.first.first.second.second.first.second; allOutputs = a.all; name = "multiple-outputs-b"; - builder = builtins.toFile "builder.sh" - '' - mkdir $out - test "$firstOutput $secondOutput" = "$allOutputs" - test "$defaultOutput" = "$firstOutput" - test "$(cat $firstOutput/file)" = "first" - test "$(cat $secondOutput/file)" = "second" - echo "success" > $out/file - ''; + builder = builtins.toFile "builder.sh" '' + mkdir $out + test "$firstOutput $secondOutput" = "$allOutputs" + test "$defaultOutput" = "$firstOutput" + test "$(cat $firstOutput/file)" = "first" + test "$(cat $secondOutput/file)" = "second" + echo "success" > $out/file + ''; }; c = mkDerivation { name = "multiple-outputs-c"; drv = b.drvPath; - builder = builtins.toFile "builder.sh" - '' - mkdir $out - ln -s $drv $out/drv - ''; + builder = builtins.toFile "builder.sh" '' + mkdir $out + ln -s $drv $out/drv + ''; }; d = mkDerivation { name = "multiple-outputs-d"; drv = builtins.unsafeDiscardOutputDependency b.drvPath; - builder = builtins.toFile "builder.sh" - '' - mkdir $out - echo $drv > $out/drv - ''; + builder = builtins.toFile "builder.sh" '' + mkdir $out + echo $drv > $out/drv + ''; }; - cyclic = (mkDerivation { - name = "cyclic-outputs"; - outputs = [ "a" "b" "c" ]; - builder = builtins.toFile "builder.sh" - '' + cyclic = + (mkDerivation { + name = "cyclic-outputs"; + outputs = [ + "a" + "b" + "c" + ]; + builder = builtins.toFile "builder.sh" '' mkdir $a $b $c echo $a > $b/foo echo $b > $c/bar echo $c > $a/baz ''; - }).a; + }).a; e = mkDerivation { name = "multiple-outputs-e"; - outputs = [ "a_a" "b" "c" ]; - meta.outputsToInstall = [ "a_a" "b" ]; + outputs = [ + "a_a" + "b" + "c" + ]; + meta.outputsToInstall = [ + "a_a" + "b" + ]; buildCommand = "mkdir $a_a $b $c"; }; @@ -104,33 +121,37 @@ rec { independent = mkDerivation { name = "multiple-outputs-independent"; - outputs = [ "first" "second" ]; - builder = builtins.toFile "builder.sh" - '' - mkdir $first $second - test -z $all - echo "first" > $first/file - echo "second" > $second/file - ''; + outputs = [ + "first" + "second" + ]; + builder = builtins.toFile "builder.sh" '' + mkdir $first $second + test -z $all + echo "first" > $first/file + echo "second" > $second/file + ''; }; use-independent = mkDerivation { name = "use-independent"; inherit (a) first second; - builder = builtins.toFile "builder.sh" - '' - cat $first/file $second/file >$out - ''; + builder = builtins.toFile "builder.sh" '' + cat $first/file $second/file >$out + ''; }; invalid-output-name-1 = mkDerivation { name = "invalid-output-name-1"; - outputs = [ "out/"]; + outputs = [ "out/" ]; }; invalid-output-name-2 = mkDerivation { name = "invalid-output-name-2"; - outputs = [ "x" "foo$"]; + outputs = [ + "x" + "foo$" + ]; }; } diff --git a/tests/functional/nar-access.nix b/tests/functional/nar-access.nix index 9948abe59ff..b1e88189a39 100644 --- a/tests/functional/nar-access.nix +++ b/tests/functional/nar-access.nix @@ -1,23 +1,22 @@ with import ./config.nix; rec { - a = mkDerivation { - name = "nar-index-a"; - builder = builtins.toFile "builder.sh" - '' - mkdir $out - mkdir $out/foo - touch $out/foo-x - touch $out/foo/bar - touch $out/foo/baz - touch $out/qux - mkdir $out/zyx + a = mkDerivation { + name = "nar-index-a"; + builder = builtins.toFile "builder.sh" '' + mkdir $out + mkdir $out/foo + touch $out/foo-x + touch $out/foo/bar + touch $out/foo/baz + touch $out/qux + mkdir $out/zyx - cat >$out/foo/data <$out/foo/data < $out - '' else '' - cp -r ${../common} ./common - cp ${../common.sh} ./common.sh - cp ${../config.nix} ./config.nix - cp -r ${./.} ./nested-sandboxing + buildCommand = + '' + set -x + set -eu -o pipefail + '' + + ( + if altitude == 0 then + '' + echo Deep enough! > $out + '' + else + '' + cp -r ${../common} ./common + cp ${../common.sh} ./common.sh + cp ${../config.nix} ./config.nix + cp -r ${./.} ./nested-sandboxing - export PATH=${builtins.getEnv "NIX_BIN_DIR"}:$PATH + export PATH=${builtins.getEnv "NIX_BIN_DIR"}:$PATH - export _NIX_TEST_SOURCE_DIR=$PWD - export _NIX_TEST_BUILD_DIR=$PWD + export _NIX_TEST_SOURCE_DIR=$PWD + export _NIX_TEST_BUILD_DIR=$PWD - source common.sh - source ./nested-sandboxing/command.sh + source common.sh + source ./nested-sandboxing/command.sh - runNixBuild ${storeFun} ${toString altitude} >> $out - ''); + runNixBuild ${storeFun} ${toString altitude} >> $out + '' + ); } diff --git a/tests/functional/package.nix b/tests/functional/package.nix index d1582b05d14..74c034196fd 100644 --- a/tests/functional/package.nix +++ b/tests/functional/package.nix @@ -1,103 +1,110 @@ -{ lib -, stdenv -, mkMesonDerivation +{ + lib, + stdenv, + mkMesonDerivation, -, meson -, ninja -, pkg-config + meson, + ninja, + pkg-config, -, jq -, git -, mercurial -, util-linux + jq, + git, + mercurial, + util-linux, -, nix-store -, nix-expr -, nix-cli + nix-store, + nix-expr, + nix-cli, -, busybox-sandbox-shell ? null + busybox-sandbox-shell ? null, -# Configuration Options + # Configuration Options -, pname ? "nix-functional-tests" -, version + pname ? "nix-functional-tests", + version, -# For running the functional tests against a different pre-built Nix. -, test-daemon ? null + # For running the functional tests against a different pre-built Nix. + test-daemon ? null, }: let inherit (lib) fileset; in -mkMesonDerivation (finalAttrs: { - inherit pname version; - - workDir = ./.; - fileset = fileset.unions [ - ../../scripts/nix-profile.sh.in - ../../.version - ../../tests/functional - ./. - ]; - - # Hack for sake of the dev shell - passthru.externalNativeBuildInputs = [ - meson - ninja - pkg-config - - jq - git - mercurial - ] ++ lib.optionals stdenv.hostPlatform.isLinux [ - # For various sandboxing tests that needs a statically-linked shell, - # etc. - busybox-sandbox-shell - # For Overlay FS tests need `mount`, `umount`, and `unshare`. - # For `script` command (ensuring a TTY) - # TODO use `unixtools` to be precise over which executables instead? - util-linux - ]; - - nativeBuildInputs = finalAttrs.passthru.externalNativeBuildInputs ++ [ - nix-cli - ]; - - buildInputs = [ - nix-store - nix-expr - ]; - - preConfigure = - # "Inline" .version so it's not a symlink, and includes the suffix. - # Do the meson utils, without modification. - '' - chmod u+w ./.version - echo ${version} > ../../../.version - '' - # TEMP hack for Meson before make is gone, where - # `src/nix-functional-tests` is during the transition a symlink and - # not the actual directory directory. - + '' - cd $(readlink -e $PWD) - echo $PWD | grep tests/functional +mkMesonDerivation ( + finalAttrs: + { + inherit pname version; + + workDir = ./.; + fileset = fileset.unions [ + ../../scripts/nix-profile.sh.in + ../../.version + ../../tests/functional + ./. + ]; + + # Hack for sake of the dev shell + passthru.externalNativeBuildInputs = + [ + meson + ninja + pkg-config + + jq + git + mercurial + ] + ++ lib.optionals stdenv.hostPlatform.isLinux [ + # For various sandboxing tests that needs a statically-linked shell, + # etc. + busybox-sandbox-shell + # For Overlay FS tests need `mount`, `umount`, and `unshare`. + # For `script` command (ensuring a TTY) + # TODO use `unixtools` to be precise over which executables instead? + util-linux + ]; + + nativeBuildInputs = finalAttrs.passthru.externalNativeBuildInputs ++ [ + nix-cli + ]; + + buildInputs = [ + nix-store + nix-expr + ]; + + preConfigure = + # "Inline" .version so it's not a symlink, and includes the suffix. + # Do the meson utils, without modification. + '' + chmod u+w ./.version + echo ${version} > ../../../.version + '' + # TEMP hack for Meson before make is gone, where + # `src/nix-functional-tests` is during the transition a symlink and + # not the actual directory directory. + + '' + cd $(readlink -e $PWD) + echo $PWD | grep tests/functional + ''; + + mesonCheckFlags = [ + "--print-errorlogs" + ]; + + doCheck = true; + + installPhase = '' + mkdir $out ''; - mesonCheckFlags = [ - "--print-errorlogs" - ]; + meta = { + platforms = lib.platforms.unix; + }; - doCheck = true; - - installPhase = '' - mkdir $out - ''; - - meta = { - platforms = lib.platforms.unix; - }; - -} // lib.optionalAttrs (test-daemon != null) { - NIX_DAEMON_PACKAGE = test-daemon; -}) + } + // lib.optionalAttrs (test-daemon != null) { + NIX_DAEMON_PACKAGE = test-daemon; + } +) diff --git a/tests/functional/parallel.nix b/tests/functional/parallel.nix index 23f142059f5..0adfe7d8e53 100644 --- a/tests/functional/parallel.nix +++ b/tests/functional/parallel.nix @@ -1,19 +1,33 @@ -{sleepTime ? 3}: +{ + sleepTime ? 3, +}: with import ./config.nix; let - mkDrv = text: inputs: mkDerivation { - name = "parallel"; - builder = ./parallel.builder.sh; - inherit text inputs shared sleepTime; - }; + mkDrv = + text: inputs: + mkDerivation { + name = "parallel"; + builder = ./parallel.builder.sh; + inherit + text + inputs + shared + sleepTime + ; + }; - a = mkDrv "a" []; - b = mkDrv "b" [a]; - c = mkDrv "c" [a]; - d = mkDrv "d" [a]; - e = mkDrv "e" [b c d]; + a = mkDrv "a" [ ]; + b = mkDrv "b" [ a ]; + c = mkDrv "c" [ a ]; + d = mkDrv "d" [ a ]; + e = mkDrv "e" [ + b + c + d + ]; -in e +in +e diff --git a/tests/functional/path.nix b/tests/functional/path.nix index 883c3c41bb1..b554765e85e 100644 --- a/tests/functional/path.nix +++ b/tests/functional/path.nix @@ -3,12 +3,12 @@ with import ./config.nix; mkDerivation { name = "filter"; builder = builtins.toFile "builder" "ln -s $input $out"; - input = - builtins.path { - path = ((builtins.getEnv "TEST_ROOT") + "/filterin"); - filter = path: type: - type != "symlink" - && baseNameOf path != "foo" - && !((import ./lang/lib.nix).hasSuffix ".bak" (baseNameOf path)); - }; + input = builtins.path { + path = ((builtins.getEnv "TEST_ROOT") + "/filterin"); + filter = + path: type: + type != "symlink" + && baseNameOf path != "foo" + && !((import ./lang/lib.nix).hasSuffix ".bak" (baseNameOf path)); + }; } diff --git a/tests/functional/readfile-context.nix b/tests/functional/readfile-context.nix index 54cd1afd9d3..d9880ca3201 100644 --- a/tests/functional/readfile-context.nix +++ b/tests/functional/readfile-context.nix @@ -25,4 +25,5 @@ let input = builtins.readFile (dependent + "/file1"); }; -in readDependent +in +readDependent diff --git a/tests/functional/recursive.nix b/tests/functional/recursive.nix index fe438f0ba5c..be9e55da37e 100644 --- a/tests/functional/recursive.nix +++ b/tests/functional/recursive.nix @@ -1,4 +1,6 @@ -let config_nix = /. + "${builtins.getEnv "_NIX_TEST_BUILD_DIR"}/config.nix"; in +let + config_nix = /. + "${builtins.getEnv "_NIX_TEST_BUILD_DIR"}/config.nix"; +in with import config_nix; mkDerivation rec { @@ -15,7 +17,9 @@ mkDerivation rec { buildCommand = '' mkdir $out - opts="--experimental-features nix-command ${if (NIX_TESTS_CA_BY_DEFAULT == "1") then "--extra-experimental-features ca-derivations" else ""}" + opts="--experimental-features nix-command ${ + if (NIX_TESTS_CA_BY_DEFAULT == "1") then "--extra-experimental-features ca-derivations" else "" + }" PATH=${builtins.getEnv "NIX_BIN_DIR"}:$PATH diff --git a/tests/functional/repl/doc-comment-function.nix b/tests/functional/repl/doc-comment-function.nix index cdd2413476f..a85d4a99fdb 100644 --- a/tests/functional/repl/doc-comment-function.nix +++ b/tests/functional/repl/doc-comment-function.nix @@ -1,3 +1,4 @@ -/** A doc comment for a file that only contains a function */ -{ ... }: -{ } +/** + A doc comment for a file that only contains a function +*/ +{ ... }: { } diff --git a/tests/functional/repl/doc-comments.nix b/tests/functional/repl/doc-comments.nix index e91ee0b513d..a7a285d48b9 100644 --- a/tests/functional/repl/doc-comments.nix +++ b/tests/functional/repl/doc-comments.nix @@ -6,55 +6,106 @@ multiply 2 3 => 6 ``` - */ + */ multiply = x: y: x * y; - /**👈 precisely this wide 👉*/ + /** + 👈 precisely this wide 👉 + */ measurement = x: x; - floatedIn = /** This also works. */ + floatedIn = + /** + This also works. + */ x: y: x; - compact=/**boom*/x: x; + compact = + /** + boom + */ + x: x; # https://github.com/NixOS/rfcs/blob/master/rfcs/0145-doc-strings.md#ambiguous-placement - /** Ignore!!! */ - unambiguous = - /** Very close */ + /** + Ignore!!! + */ + unambiguous = + /** + Very close + */ x: x; - /** Firmly rigid. */ + /** + Firmly rigid. + */ constant = true; - /** Immovably fixed. */ + /** + Immovably fixed. + */ lib.version = "9000"; - /** Unchangeably constant. */ + /** + Unchangeably constant. + */ lib.attr.empty = { }; lib.attr.undocumented = { }; - nonStrict = /** My syntax is not strict, but I'm strict anyway. */ x: x; - strict = /** I don't have to be strict, but I am anyway. */ { ... }: null; + nonStrict = + /** + My syntax is not strict, but I'm strict anyway. + */ + x: x; + strict = + /** + I don't have to be strict, but I am anyway. + */ + { ... }: null; # Note that pre and post are the same here. I just had to name them somehow. - strictPre = /** Here's one way to do this */ a@{ ... }: a; - strictPost = /** Here's another way to do this */ { ... }@a: a; + strictPre = + /** + Here's one way to do this + */ + a@{ ... }: a; + strictPost = + /** + Here's another way to do this + */ + { ... }@a: a; # TODO - /** You won't see this. */ + /** + You won't see this. + */ curriedArgs = - /** A documented function. */ + /** + A documented function. + */ x: - /** The function returned by applying once */ + /** + The function returned by applying once + */ y: - /** A function body performing summation of two items */ + /** + A function body performing summation of two items + */ x + y; - /** Documented formals (but you won't see this comment) */ + /** + Documented formals (but you won't see this comment) + */ documentedFormals = - /** Finds x */ - { /** The x attribute */ - x - }: x; + /** + Finds x + */ + { + /** + The x attribute + */ + x, + }: + x; } diff --git a/tests/functional/repl/doc-functor.nix b/tests/functional/repl/doc-functor.nix index f526f453f19..8a663886cf2 100644 --- a/tests/functional/repl/doc-functor.nix +++ b/tests/functional/repl/doc-functor.nix @@ -25,14 +25,14 @@ rec { makeOverridable = f: { /** This is a function that can be overridden. - */ + */ __functor = self: f; override = throw "not implemented"; }; /** Compute x^2 - */ + */ square = x: x * x; helper = makeOverridable square; @@ -41,8 +41,14 @@ rec { makeVeryOverridable = f: { /** This is a function that can be overridden. - */ - __functor = self: arg: f arg // { override = throw "not implemented"; overrideAttrs = throw "not implemented"; }; + */ + __functor = + self: arg: + f arg + // { + override = throw "not implemented"; + overrideAttrs = throw "not implemented"; + }; override = throw "not implemented"; }; @@ -64,7 +70,6 @@ rec { */ helper3 = makeVeryOverridable (x: x * x * x); - # ------ # getDoc traverses a potentially infinite structure in case of __functor, so @@ -73,7 +78,7 @@ rec { recursive = { /** This looks bad, but the docs are ok because of the eta expansion. - */ + */ __functor = self: x: self x; }; @@ -81,21 +86,23 @@ rec { /** Docs probably won't work in this case, because the "partial" application of self results in an infinite recursion. - */ + */ __functor = self: self.__functor self; }; - diverging = let - /** - Docs probably won't work in this case, because the "partial" application - of self results in an diverging computation that causes a stack overflow. - It's not an infinite recursion because each call is different. - This must be handled by the documentation retrieval logic, as it - reimplements the __functor invocation to be partial. - */ - f = x: { - __functor = self: (f (x + 1)); - }; - in f null; + diverging = + let + /** + Docs probably won't work in this case, because the "partial" application + of self results in an diverging computation that causes a stack overflow. + It's not an infinite recursion because each call is different. + This must be handled by the documentation retrieval logic, as it + reimplements the __functor invocation to be partial. + */ + f = x: { + __functor = self: (f (x + 1)); + }; + in + f null; } diff --git a/tests/functional/secure-drv-outputs.nix b/tests/functional/secure-drv-outputs.nix index b4ac8ff531f..169c3c5875b 100644 --- a/tests/functional/secure-drv-outputs.nix +++ b/tests/functional/secure-drv-outputs.nix @@ -4,20 +4,18 @@ with import ./config.nix; good = mkDerivation { name = "good"; - builder = builtins.toFile "builder" - '' - mkdir $out - echo > $out/good - ''; + builder = builtins.toFile "builder" '' + mkdir $out + echo > $out/good + ''; }; bad = mkDerivation { name = "good"; - builder = builtins.toFile "builder" - '' - mkdir $out - echo > $out/bad - ''; + builder = builtins.toFile "builder" '' + mkdir $out + echo > $out/bad + ''; }; } diff --git a/tests/functional/shell-hello.nix b/tests/functional/shell-hello.nix index c920d7cb459..470798dd9e1 100644 --- a/tests/functional/shell-hello.nix +++ b/tests/functional/shell-hello.nix @@ -3,57 +3,56 @@ with import ./config.nix; rec { hello = mkDerivation { name = "hello"; - outputs = [ "out" "dev" ]; + outputs = [ + "out" + "dev" + ]; meta.outputsToInstall = [ "out" ]; - buildCommand = - '' - mkdir -p $out/bin $dev/bin + buildCommand = '' + mkdir -p $out/bin $dev/bin - cat > $out/bin/hello < $out/bin/hello < $dev/bin/hello2 < $dev/bin/hello2 < $out/bin/hello < $out/bin/hello < $out/bin/env <&2 - exit 1 - fi - exec env - EOF - chmod +x $out/bin/env - ''; + cat > $out/bin/env <&2 + exit 1 + fi + exec env + EOF + chmod +x $out/bin/env + ''; }; } diff --git a/tests/functional/shell.nix b/tests/functional/shell.nix index 4b1a0623a81..5e9f4881819 100644 --- a/tests/functional/shell.nix +++ b/tests/functional/shell.nix @@ -1,102 +1,130 @@ -{ inNixShell ? false, contentAddressed ? false, fooContents ? "foo" }: +{ + inNixShell ? false, + contentAddressed ? false, + fooContents ? "foo", +}: -let cfg = import ./config.nix; in +let + cfg = import ./config.nix; +in with cfg; let mkDerivation = if contentAddressed then - args: cfg.mkDerivation ({ - __contentAddressed = true; - outputHashMode = "recursive"; - outputHashAlgo = "sha256"; - } // args) - else cfg.mkDerivation; + args: + cfg.mkDerivation ( + { + __contentAddressed = true; + outputHashMode = "recursive"; + outputHashAlgo = "sha256"; + } + // args + ) + else + cfg.mkDerivation; in -let pkgs = rec { - setupSh = builtins.toFile "setup" '' - export VAR_FROM_STDENV_SETUP=foo - for pkg in $buildInputs; do - export PATH=$PATH:$pkg/bin - done - - declare -a arr1=(1 2 "3 4" 5) - declare -a arr2=(x $'\n' $'x\ny') - fun() { - echo blabla - } - runHook() { - eval "''${!1}" - } - ''; +let + pkgs = rec { + setupSh = builtins.toFile "setup" '' + export VAR_FROM_STDENV_SETUP=foo + for pkg in $buildInputs; do + export PATH=$PATH:$pkg/bin + done - stdenv = mkDerivation { - name = "stdenv"; - buildCommand = '' - mkdir -p $out - ln -s ${setupSh} $out/setup + declare -a arr1=(1 2 "3 4" 5) + declare -a arr2=(x $'\n' $'x\ny') + fun() { + echo blabla + } + runHook() { + eval "''${!1}" + } ''; - } // { inherit mkDerivation; }; - shellDrv = mkDerivation { - name = "shellDrv"; - builder = "/does/not/exist"; - VAR_FROM_NIX = "bar"; - ASCII_PERCENT = "%"; - ASCII_AT = "@"; - TEST_inNixShell = if inNixShell then "true" else "false"; - FOO = fooContents; - inherit stdenv; - outputs = ["dev" "out"]; - } // { - shellHook = abort "Ignore non-drv shellHook attr"; - }; + stdenv = + mkDerivation { + name = "stdenv"; + buildCommand = '' + mkdir -p $out + ln -s ${setupSh} $out/setup + ''; + } + // { + inherit mkDerivation; + }; - # https://github.com/NixOS/nix/issues/5431 - # See nix-shell.sh - polo = mkDerivation { - name = "polo"; - inherit stdenv; - shellHook = '' - echo Polo - ''; - }; + shellDrv = + mkDerivation { + name = "shellDrv"; + builder = "/does/not/exist"; + VAR_FROM_NIX = "bar"; + ASCII_PERCENT = "%"; + ASCII_AT = "@"; + TEST_inNixShell = if inNixShell then "true" else "false"; + FOO = fooContents; + inherit stdenv; + outputs = [ + "dev" + "out" + ]; + } + // { + shellHook = abort "Ignore non-drv shellHook attr"; + }; - # Used by nix-shell -p - runCommand = name: args: buildCommand: mkDerivation (args // { - inherit name buildCommand stdenv; - }); + # https://github.com/NixOS/nix/issues/5431 + # See nix-shell.sh + polo = mkDerivation { + name = "polo"; + inherit stdenv; + shellHook = '' + echo Polo + ''; + }; - foo = runCommand "foo" {} '' - mkdir -p $out/bin - echo 'echo ${fooContents}' > $out/bin/foo - chmod a+rx $out/bin/foo - ln -s ${shell} $out/bin/bash - ''; + # Used by nix-shell -p + runCommand = + name: args: buildCommand: + mkDerivation ( + args + // { + inherit name buildCommand stdenv; + } + ); - bar = runCommand "bar" {} '' - mkdir -p $out/bin - echo 'echo bar' > $out/bin/bar - chmod a+rx $out/bin/bar - ''; + foo = runCommand "foo" { } '' + mkdir -p $out/bin + echo 'echo ${fooContents}' > $out/bin/foo + chmod a+rx $out/bin/foo + ln -s ${shell} $out/bin/bash + ''; - bash = shell; - bashInteractive = runCommand "bash" {} '' - mkdir -p $out/bin - ln -s ${shell} $out/bin/bash - ''; + bar = runCommand "bar" { } '' + mkdir -p $out/bin + echo 'echo bar' > $out/bin/bar + chmod a+rx $out/bin/bar + ''; - # ruby "interpreter" that outputs "$@" - ruby = runCommand "ruby" {} '' - mkdir -p $out/bin - echo 'printf %s "$*"' > $out/bin/ruby - chmod a+rx $out/bin/ruby - ''; + bash = shell; + bashInteractive = runCommand "bash" { } '' + mkdir -p $out/bin + ln -s ${shell} $out/bin/bash + ''; - inherit (cfg) shell; + # ruby "interpreter" that outputs "$@" + ruby = runCommand "ruby" { } '' + mkdir -p $out/bin + echo 'printf %s "$*"' > $out/bin/ruby + chmod a+rx $out/bin/ruby + ''; - callPackage = f: args: f (pkgs // args); + inherit (cfg) shell; - inherit pkgs; -}; in pkgs + callPackage = f: args: f (pkgs // args); + + inherit pkgs; + }; +in +pkgs diff --git a/tests/functional/simple-failing.nix b/tests/functional/simple-failing.nix index d176c9c51e6..6cf29ae3842 100644 --- a/tests/functional/simple-failing.nix +++ b/tests/functional/simple-failing.nix @@ -2,11 +2,10 @@ with import ./config.nix; mkDerivation { name = "simple-failing"; - builder = builtins.toFile "builder.sh" - '' - echo "This should fail" - exit 1 - ''; + builder = builtins.toFile "builder.sh" '' + echo "This should fail" + exit 1 + ''; PATH = ""; goodPath = path; } diff --git a/tests/functional/structured-attrs-shell.nix b/tests/functional/structured-attrs-shell.nix index 57c1e6bd2da..a819e39cdae 100644 --- a/tests/functional/structured-attrs-shell.nix +++ b/tests/functional/structured-attrs-shell.nix @@ -12,8 +12,15 @@ mkDerivation { name = "structured2"; __structuredAttrs = true; inherit stdenv; - outputs = [ "out" "dev" ]; - my.list = [ "a" "b" "c" ]; + outputs = [ + "out" + "dev" + ]; + my.list = [ + "a" + "b" + "c" + ]; exportReferencesGraph.refs = [ dep ]; buildCommand = '' touch ''${outputs[out]}; touch ''${outputs[dev]} diff --git a/tests/functional/structured-attrs.nix b/tests/functional/structured-attrs.nix index e93139a4457..4e19845176e 100644 --- a/tests/functional/structured-attrs.nix +++ b/tests/functional/structured-attrs.nix @@ -16,7 +16,10 @@ mkDerivation { __structuredAttrs = true; - outputs = [ "out" "dev" ]; + outputs = [ + "out" + "dev" + ]; buildCommand = '' set -x @@ -43,12 +46,24 @@ mkDerivation { [[ $json =~ '"references":[]' ]] ''; - buildInputs = [ "a" "b" "c" 123 "'" "\"" null ]; + buildInputs = [ + "a" + "b" + "c" + 123 + "'" + "\"" + null + ]; hardening.format = true; hardening.fortify = false; - outer.inner = [ 1 2 3 ]; + outer.inner = [ + 1 + 2 + 3 + ]; int = 123456789; diff --git a/tests/functional/undefined-variable.nix b/tests/functional/undefined-variable.nix index 579985497e9..8e88dd8fe02 100644 --- a/tests/functional/undefined-variable.nix +++ b/tests/functional/undefined-variable.nix @@ -1 +1,4 @@ -let f = builtins.toFile "test-file.nix" "asd"; in import f +let + f = builtins.toFile "test-file.nix" "asd"; +in +import f diff --git a/tests/functional/user-envs.nix b/tests/functional/user-envs.nix index 46f8b51dda1..cc63812c4a7 100644 --- a/tests/functional/user-envs.nix +++ b/tests/functional/user-envs.nix @@ -1,5 +1,6 @@ # Some dummy arguments... -{ foo ? "foo" +{ + foo ? "foo", }: with import ./config.nix; @@ -8,27 +9,41 @@ assert foo == "foo"; let - platforms = let x = "foobar"; in [ x x ]; + platforms = + let + x = "foobar"; + in + [ + x + x + ]; - makeDrv = name: progName: (mkDerivation { - name = assert progName != "fail"; name; - inherit progName system; - builder = ./user-envs.builder.sh; - } // { - meta = { - description = "A silly test package with some \${escaped anti-quotation} in it"; - inherit platforms; - }; - }); + makeDrv = + name: progName: + ( + mkDerivation { + name = + assert progName != "fail"; + name; + inherit progName system; + builder = ./user-envs.builder.sh; + } + // { + meta = { + description = "A silly test package with some \${escaped anti-quotation} in it"; + inherit platforms; + }; + } + ); in - [ - (makeDrv "foo-1.0" "foo") - (makeDrv "foo-2.0pre1" "foo") - (makeDrv "bar-0.1" "bar") - (makeDrv "foo-2.0" "foo") - (makeDrv "bar-0.1.1" "bar") - (makeDrv "foo-0.1" "foo" // { meta.priority = 10; }) - (makeDrv "fail-0.1" "fail") - ] +[ + (makeDrv "foo-1.0" "foo") + (makeDrv "foo-2.0pre1" "foo") + (makeDrv "bar-0.1" "bar") + (makeDrv "foo-2.0" "foo") + (makeDrv "bar-0.1.1" "bar") + (makeDrv "foo-0.1" "foo" // { meta.priority = 10; }) + (makeDrv "fail-0.1" "fail") +] diff --git a/tests/installer/default.nix b/tests/installer/default.nix index 4aed6eae489..d48537dd0d0 100644 --- a/tests/installer/default.nix +++ b/tests/installer/default.nix @@ -1,5 +1,6 @@ -{ binaryTarballs -, nixpkgsFor +{ + binaryTarballs, + nixpkgsFor, }: let @@ -41,8 +42,9 @@ let }; }; - mockChannel = pkgs: - pkgs.runCommandNoCC "mock-channel" {} '' + mockChannel = + pkgs: + pkgs.runCommandNoCC "mock-channel" { } '' mkdir nixexprs mkdir -p $out/channel echo -n 'someContent' > nixexprs/someFile @@ -54,14 +56,14 @@ let images = { /* - "ubuntu-14-04" = { - image = import { - url = "https://app.vagrantup.com/ubuntu/boxes/trusty64/versions/20190514.0.0/providers/virtualbox.box"; - hash = "sha256-iUUXyRY8iW7DGirb0zwGgf1fRbLA7wimTJKgP7l/OQ8="; + "ubuntu-14-04" = { + image = import { + url = "https://app.vagrantup.com/ubuntu/boxes/trusty64/versions/20190514.0.0/providers/virtualbox.box"; + hash = "sha256-iUUXyRY8iW7DGirb0zwGgf1fRbLA7wimTJKgP7l/OQ8="; + }; + rootDisk = "box-disk1.vmdk"; + system = "x86_64-linux"; }; - rootDisk = "box-disk1.vmdk"; - system = "x86_64-linux"; - }; */ "ubuntu-16-04" = { @@ -95,14 +97,14 @@ let # Currently fails with 'error while loading shared libraries: # libsodium.so.23: cannot stat shared object: Invalid argument'. /* - "rhel-6" = { - image = import { - url = "https://app.vagrantup.com/generic/boxes/rhel6/versions/4.1.12/providers/libvirt.box"; - hash = "sha256-QwzbvRoRRGqUCQptM7X/InRWFSP2sqwRt2HaaO6zBGM="; + "rhel-6" = { + image = import { + url = "https://app.vagrantup.com/generic/boxes/rhel6/versions/4.1.12/providers/libvirt.box"; + hash = "sha256-QwzbvRoRRGqUCQptM7X/InRWFSP2sqwRt2HaaO6zBGM="; + }; + rootDisk = "box.img"; + system = "x86_64-linux"; }; - rootDisk = "box.img"; - system = "x86_64-linux"; - }; */ "rhel-7" = { @@ -137,12 +139,18 @@ let }; - makeTest = imageName: testName: - let image = images.${imageName}; in + makeTest = + imageName: testName: + let + image = images.${imageName}; + in with nixpkgsFor.${image.system}.native; - runCommand - "installer-test-${imageName}-${testName}" - { buildInputs = [ qemu_kvm openssh ]; + runCommand "installer-test-${imageName}-${testName}" + { + buildInputs = [ + qemu_kvm + openssh + ]; image = image.image; postBoot = image.postBoot or ""; installScript = installScripts.${testName}.script; @@ -247,9 +255,6 @@ let in -builtins.mapAttrs (imageName: image: - { ${image.system} = builtins.mapAttrs (testName: test: - makeTest imageName testName - ) installScripts; - } -) images +builtins.mapAttrs (imageName: image: { + ${image.system} = builtins.mapAttrs (testName: test: makeTest imageName testName) installScripts; +}) images diff --git a/tests/nixos/authorization.nix b/tests/nixos/authorization.nix index fdeae06ed34..6540e9fa337 100644 --- a/tests/nixos/authorization.nix +++ b/tests/nixos/authorization.nix @@ -4,8 +4,11 @@ nodes.machine = { virtualisation.writableStore = true; # TODO add a test without allowed-users setting. allowed-users is uncommon among NixOS users. - nix.settings.allowed-users = ["alice" "bob"]; - nix.settings.trusted-users = ["alice"]; + nix.settings.allowed-users = [ + "alice" + "bob" + ]; + nix.settings.trusted-users = [ "alice" ]; users.users.alice.isNormalUser = true; users.users.bob.isNormalUser = true; @@ -15,80 +18,80 @@ }; testScript = - let - pathFour = "/nix/store/20xfy868aiic0r0flgzq4n5dq1yvmxkn-four"; - in - '' - machine.wait_for_unit("multi-user.target") - machine.succeed(""" - exec 1>&2 - echo kSELDhobKaF8/VdxIxdP7EQe+Q > one - diff $(nix store add-file one) one - """) - machine.succeed(""" - su --login alice -c ' - set -x - cd ~ - echo ehHtmfuULXYyBV6NBk6QUi8iE0 > two - ls - diff $(echo $(nix store add-file two)) two' 1>&2 - """) - machine.succeed(""" - su --login bob -c ' - set -x - cd ~ - echo 0Jw8RNp7cK0W2AdNbcquofcOVk > three - diff $(nix store add-file three) three - ' 1>&2 - """) + let + pathFour = "/nix/store/20xfy868aiic0r0flgzq4n5dq1yvmxkn-four"; + in + '' + machine.wait_for_unit("multi-user.target") + machine.succeed(""" + exec 1>&2 + echo kSELDhobKaF8/VdxIxdP7EQe+Q > one + diff $(nix store add-file one) one + """) + machine.succeed(""" + su --login alice -c ' + set -x + cd ~ + echo ehHtmfuULXYyBV6NBk6QUi8iE0 > two + ls + diff $(echo $(nix store add-file two)) two' 1>&2 + """) + machine.succeed(""" + su --login bob -c ' + set -x + cd ~ + echo 0Jw8RNp7cK0W2AdNbcquofcOVk > three + diff $(nix store add-file three) three + ' 1>&2 + """) - # We're going to check that a path is not created - machine.succeed(""" - ! [[ -e ${pathFour} ]] - """) - machine.succeed(""" - su --login mallory -c ' - set -x - cd ~ - echo 5mgtDj0ohrWkT50TLR0f4tIIxY > four; - (! nix store add-file four 2>&1) | grep -F "cannot open connection to remote store" - (! nix store add-file four 2>&1) | grep -F "Connection reset by peer" + # We're going to check that a path is not created + machine.succeed(""" ! [[ -e ${pathFour} ]] - ' 1>&2 - """) - - # Check that the file _can_ be added, and matches the expected path we were checking - machine.succeed(""" - exec 1>&2 - echo 5mgtDj0ohrWkT50TLR0f4tIIxY > four - four="$(nix store add-file four)" - diff $four four - diff <(echo $four) <(echo ${pathFour}) - """) + """) + machine.succeed(""" + su --login mallory -c ' + set -x + cd ~ + echo 5mgtDj0ohrWkT50TLR0f4tIIxY > four; + (! nix store add-file four 2>&1) | grep -F "cannot open connection to remote store" + (! nix store add-file four 2>&1) | grep -F "Connection reset by peer" + ! [[ -e ${pathFour} ]] + ' 1>&2 + """) - machine.succeed(""" - su --login alice -c 'nix-store --verify --repair' - """) + # Check that the file _can_ be added, and matches the expected path we were checking + machine.succeed(""" + exec 1>&2 + echo 5mgtDj0ohrWkT50TLR0f4tIIxY > four + four="$(nix store add-file four)" + diff $four four + diff <(echo $four) <(echo ${pathFour}) + """) - machine.succeed(""" - set -x - su --login bob -c '(! nix-store --verify --repair 2>&1)' | tee diag 1>&2 - grep -F "you are not privileged to repair paths" diag - """) + machine.succeed(""" + su --login alice -c 'nix-store --verify --repair' + """) - machine.succeed(""" + machine.succeed(""" set -x - su --login mallory -c ' - nix-store --generate-binary-cache-key cache1.example.org sk1 pk1 - (! nix store sign --key-file sk1 ${pathFour} 2>&1)' | tee diag 1>&2 - grep -F "cannot open connection to remote store 'daemon'" diag - """) + su --login bob -c '(! nix-store --verify --repair 2>&1)' | tee diag 1>&2 + grep -F "you are not privileged to repair paths" diag + """) - machine.succeed(""" - su --login bob -c ' - nix-store --generate-binary-cache-key cache1.example.org sk1 pk1 - nix store sign --key-file sk1 ${pathFour} - ' - """) - ''; + machine.succeed(""" + set -x + su --login mallory -c ' + nix-store --generate-binary-cache-key cache1.example.org sk1 pk1 + (! nix store sign --key-file sk1 ${pathFour} 2>&1)' | tee diag 1>&2 + grep -F "cannot open connection to remote store 'daemon'" diag + """) + + machine.succeed(""" + su --login bob -c ' + nix-store --generate-binary-cache-key cache1.example.org sk1 pk1 + nix store sign --key-file sk1 ${pathFour} + ' + """) + ''; } diff --git a/tests/nixos/ca-fd-leak/default.nix b/tests/nixos/ca-fd-leak/default.nix index a6ae72adc93..902aacdc650 100644 --- a/tests/nixos/ca-fd-leak/default.nix +++ b/tests/nixos/ca-fd-leak/default.nix @@ -27,12 +27,15 @@ let # domain socket. # Compiled statically so that we can easily send it to the VM and use it # inside the build sandbox. - sender = pkgs.runCommandWith { - name = "sender"; - stdenv = pkgs.pkgsStatic.stdenv; - } '' - $CC -static -o $out ${./sender.c} - ''; + sender = + pkgs.runCommandWith + { + name = "sender"; + stdenv = pkgs.pkgsStatic.stdenv; + } + '' + $CC -static -o $out ${./sender.c} + ''; # Okay, so we have a file descriptor shipped out of the FOD now. But the # Nix store is read-only, right? .. Well, yeah. But this file descriptor @@ -47,44 +50,57 @@ in name = "ca-fd-leak"; nodes.machine = - { config, lib, pkgs, ... }: - { virtualisation.writableStore = true; + { + config, + lib, + pkgs, + ... + }: + { + virtualisation.writableStore = true; nix.settings.substituters = lib.mkForce [ ]; - virtualisation.additionalPaths = [ pkgs.busybox-sandbox-shell sender smuggler pkgs.socat ]; + virtualisation.additionalPaths = [ + pkgs.busybox-sandbox-shell + sender + smuggler + pkgs.socat + ]; }; - testScript = { nodes }: '' - start_all() + testScript = + { nodes }: + '' + start_all() - machine.succeed("echo hello") - # Start the smuggler server - machine.succeed("${smuggler}/bin/smuggler ${socketName} >&2 &") + machine.succeed("echo hello") + # Start the smuggler server + machine.succeed("${smuggler}/bin/smuggler ${socketName} >&2 &") - # Build the smuggled derivation. - # This will connect to the smuggler server and send it the file descriptor - machine.succeed(r""" - nix-build -E ' - builtins.derivation { - name = "smuggled"; - system = builtins.currentSystem; - # look ma, no tricks! - outputHashMode = "flat"; - outputHashAlgo = "sha256"; - outputHash = builtins.hashString "sha256" "hello, world\n"; - builder = "${pkgs.busybox-sandbox-shell}/bin/sh"; - args = [ "-c" "echo \"hello, world\" > $out; ''${${sender}} ${socketName}" ]; - }' - """.strip()) + # Build the smuggled derivation. + # This will connect to the smuggler server and send it the file descriptor + machine.succeed(r""" + nix-build -E ' + builtins.derivation { + name = "smuggled"; + system = builtins.currentSystem; + # look ma, no tricks! + outputHashMode = "flat"; + outputHashAlgo = "sha256"; + outputHash = builtins.hashString "sha256" "hello, world\n"; + builder = "${pkgs.busybox-sandbox-shell}/bin/sh"; + args = [ "-c" "echo \"hello, world\" > $out; ''${${sender}} ${socketName}" ]; + }' + """.strip()) - # Tell the smuggler server that we're done - machine.execute("echo done | ${pkgs.socat}/bin/socat - ABSTRACT-CONNECT:${socketName}") + # Tell the smuggler server that we're done + machine.execute("echo done | ${pkgs.socat}/bin/socat - ABSTRACT-CONNECT:${socketName}") - # Check that the file was not modified - machine.succeed(r""" - cat ./result - test "$(cat ./result)" = "hello, world" - """.strip()) - ''; + # Check that the file was not modified + machine.succeed(r""" + cat ./result + test "$(cat ./result)" = "hello, world" + """.strip()) + ''; } diff --git a/tests/nixos/cgroups/default.nix b/tests/nixos/cgroups/default.nix index b8febbf4bda..a6b4bca8c76 100644 --- a/tests/nixos/cgroups/default.nix +++ b/tests/nixos/cgroups/default.nix @@ -3,38 +3,39 @@ { name = "cgroups"; - nodes = - { - host = - { config, pkgs, ... }: - { virtualisation.additionalPaths = [ pkgs.stdenvNoCC ]; - nix.extraOptions = - '' - extra-experimental-features = nix-command auto-allocate-uids cgroups - extra-system-features = uid-range - ''; - nix.settings.use-cgroups = true; - nix.nixPath = [ "nixpkgs=${nixpkgs}" ]; - }; - }; - - testScript = { nodes }: '' - start_all() - - host.wait_for_unit("multi-user.target") - - # Start build in background - host.execute("NIX_REMOTE=daemon nix build --auto-allocate-uids --file ${./hang.nix} >&2 &") - service = "/sys/fs/cgroup/system.slice/nix-daemon.service" - - # Wait for cgroups to be created - host.succeed(f"until [ -e {service}/nix-daemon ]; do sleep 1; done", timeout=30) - host.succeed(f"until [ -e {service}/nix-build-uid-* ]; do sleep 1; done", timeout=30) - - # Check that there aren't processes where there shouldn't be, and that there are where there should be - host.succeed(f'[ -z "$(cat {service}/cgroup.procs)" ]') - host.succeed(f'[ -n "$(cat {service}/nix-daemon/cgroup.procs)" ]') - host.succeed(f'[ -n "$(cat {service}/nix-build-uid-*/cgroup.procs)" ]') - ''; + nodes = { + host = + { config, pkgs, ... }: + { + virtualisation.additionalPaths = [ pkgs.stdenvNoCC ]; + nix.extraOptions = '' + extra-experimental-features = nix-command auto-allocate-uids cgroups + extra-system-features = uid-range + ''; + nix.settings.use-cgroups = true; + nix.nixPath = [ "nixpkgs=${nixpkgs}" ]; + }; + }; + + testScript = + { nodes }: + '' + start_all() + + host.wait_for_unit("multi-user.target") + + # Start build in background + host.execute("NIX_REMOTE=daemon nix build --auto-allocate-uids --file ${./hang.nix} >&2 &") + service = "/sys/fs/cgroup/system.slice/nix-daemon.service" + + # Wait for cgroups to be created + host.succeed(f"until [ -e {service}/nix-daemon ]; do sleep 1; done", timeout=30) + host.succeed(f"until [ -e {service}/nix-build-uid-* ]; do sleep 1; done", timeout=30) + + # Check that there aren't processes where there shouldn't be, and that there are where there should be + host.succeed(f'[ -z "$(cat {service}/cgroup.procs)" ]') + host.succeed(f'[ -n "$(cat {service}/nix-daemon/cgroup.procs)" ]') + host.succeed(f'[ -n "$(cat {service}/nix-build-uid-*/cgroup.procs)" ]') + ''; } diff --git a/tests/nixos/cgroups/hang.nix b/tests/nixos/cgroups/hang.nix index cefe2d031c0..d7b337b0c05 100644 --- a/tests/nixos/cgroups/hang.nix +++ b/tests/nixos/cgroups/hang.nix @@ -1,9 +1,10 @@ { }: -with import {}; +with import { }; runCommand "hang" - { requiredSystemFeatures = "uid-range"; + { + requiredSystemFeatures = "uid-range"; } '' sleep infinity diff --git a/tests/nixos/chroot-store.nix b/tests/nixos/chroot-store.nix index 4b167fc3839..f89a20bc4d5 100644 --- a/tests/nixos/chroot-store.nix +++ b/tests/nixos/chroot-store.nix @@ -1,31 +1,45 @@ -{ lib, config, nixpkgs, ... }: +{ + lib, + config, + nixpkgs, + ... +}: let pkgs = config.nodes.machine.nixpkgs.pkgs; pkgA = pkgs.hello; pkgB = pkgs.cowsay; -in { +in +{ name = "chroot-store"; - nodes = - { machine = - { config, lib, pkgs, ... }: - { virtualisation.writableStore = true; - virtualisation.additionalPaths = [ pkgA ]; - environment.systemPackages = [ pkgB ]; - nix.extraOptions = "experimental-features = nix-command"; - }; - }; + nodes = { + machine = + { + config, + lib, + pkgs, + ... + }: + { + virtualisation.writableStore = true; + virtualisation.additionalPaths = [ pkgA ]; + environment.systemPackages = [ pkgB ]; + nix.extraOptions = "experimental-features = nix-command"; + }; + }; - testScript = { nodes }: '' - # fmt: off - start_all() + testScript = + { nodes }: + '' + # fmt: off + start_all() - machine.succeed("nix copy --no-check-sigs --to /tmp/nix ${pkgA}") + machine.succeed("nix copy --no-check-sigs --to /tmp/nix ${pkgA}") - machine.succeed("nix shell --store /tmp/nix ${pkgA} --command hello >&2") + machine.succeed("nix shell --store /tmp/nix ${pkgA} --command hello >&2") - # Test that /nix/store is available via an overlayfs mount. - machine.succeed("nix shell --store /tmp/nix ${pkgA} --command cowsay foo >&2") - ''; + # Test that /nix/store is available via an overlayfs mount. + machine.succeed("nix shell --store /tmp/nix ${pkgA} --command cowsay foo >&2") + ''; } diff --git a/tests/nixos/containers/containers.nix b/tests/nixos/containers/containers.nix index 6773f5628a3..b590dc8498f 100644 --- a/tests/nixos/containers/containers.nix +++ b/tests/nixos/containers/containers.nix @@ -4,60 +4,67 @@ { name = "containers"; - nodes = - { - host = - { config, lib, pkgs, nodes, ... }: - { virtualisation.writableStore = true; - virtualisation.diskSize = 2048; - virtualisation.additionalPaths = - [ pkgs.stdenvNoCC - (import ./systemd-nspawn.nix { inherit nixpkgs; }).toplevel - ]; - virtualisation.memorySize = 4096; - nix.settings.substituters = lib.mkForce [ ]; - nix.extraOptions = - '' - extra-experimental-features = nix-command auto-allocate-uids cgroups - extra-system-features = uid-range - ''; - nix.nixPath = [ "nixpkgs=${nixpkgs}" ]; - }; - }; - - testScript = { nodes }: '' - start_all() - - host.succeed("nix --version >&2") - - # Test that 'id' gives the expected result in various configurations. - - # Existing UIDs, sandbox. - host.succeed("nix build --no-auto-allocate-uids --sandbox -L --offline --impure --file ${./id-test.nix} --argstr name id-test-1") - host.succeed("[[ $(cat ./result) = 'uid=1000(nixbld) gid=100(nixbld) groups=100(nixbld)' ]]") - - # Existing UIDs, no sandbox. - host.succeed("nix build --no-auto-allocate-uids --no-sandbox -L --offline --impure --file ${./id-test.nix} --argstr name id-test-2") - host.succeed("[[ $(cat ./result) = 'uid=30001(nixbld1) gid=30000(nixbld) groups=30000(nixbld)' ]]") - - # Auto-allocated UIDs, sandbox. - host.succeed("nix build --auto-allocate-uids --sandbox -L --offline --impure --file ${./id-test.nix} --argstr name id-test-3") - host.succeed("[[ $(cat ./result) = 'uid=1000(nixbld) gid=100(nixbld) groups=100(nixbld)' ]]") - - # Auto-allocated UIDs, no sandbox. - host.succeed("nix build --auto-allocate-uids --no-sandbox -L --offline --impure --file ${./id-test.nix} --argstr name id-test-4") - host.succeed("[[ $(cat ./result) = 'uid=872415232 gid=30000(nixbld) groups=30000(nixbld)' ]]") - - # Auto-allocated UIDs, UID range, sandbox. - host.succeed("nix build --auto-allocate-uids --sandbox -L --offline --impure --file ${./id-test.nix} --argstr name id-test-5 --arg uidRange true") - host.succeed("[[ $(cat ./result) = 'uid=0(root) gid=0(root) groups=0(root)' ]]") - - # Auto-allocated UIDs, UID range, no sandbox. - host.fail("nix build --auto-allocate-uids --no-sandbox -L --offline --impure --file ${./id-test.nix} --argstr name id-test-6 --arg uidRange true") - - # Run systemd-nspawn in a Nix build. - host.succeed("nix build --auto-allocate-uids --sandbox -L --offline --impure --file ${./systemd-nspawn.nix} --argstr nixpkgs ${nixpkgs}") - host.succeed("[[ $(cat ./result/msg) = 'Hello World' ]]") - ''; + nodes = { + host = + { + config, + lib, + pkgs, + nodes, + ... + }: + { + virtualisation.writableStore = true; + virtualisation.diskSize = 2048; + virtualisation.additionalPaths = [ + pkgs.stdenvNoCC + (import ./systemd-nspawn.nix { inherit nixpkgs; }).toplevel + ]; + virtualisation.memorySize = 4096; + nix.settings.substituters = lib.mkForce [ ]; + nix.extraOptions = '' + extra-experimental-features = nix-command auto-allocate-uids cgroups + extra-system-features = uid-range + ''; + nix.nixPath = [ "nixpkgs=${nixpkgs}" ]; + }; + }; + + testScript = + { nodes }: + '' + start_all() + + host.succeed("nix --version >&2") + + # Test that 'id' gives the expected result in various configurations. + + # Existing UIDs, sandbox. + host.succeed("nix build --no-auto-allocate-uids --sandbox -L --offline --impure --file ${./id-test.nix} --argstr name id-test-1") + host.succeed("[[ $(cat ./result) = 'uid=1000(nixbld) gid=100(nixbld) groups=100(nixbld)' ]]") + + # Existing UIDs, no sandbox. + host.succeed("nix build --no-auto-allocate-uids --no-sandbox -L --offline --impure --file ${./id-test.nix} --argstr name id-test-2") + host.succeed("[[ $(cat ./result) = 'uid=30001(nixbld1) gid=30000(nixbld) groups=30000(nixbld)' ]]") + + # Auto-allocated UIDs, sandbox. + host.succeed("nix build --auto-allocate-uids --sandbox -L --offline --impure --file ${./id-test.nix} --argstr name id-test-3") + host.succeed("[[ $(cat ./result) = 'uid=1000(nixbld) gid=100(nixbld) groups=100(nixbld)' ]]") + + # Auto-allocated UIDs, no sandbox. + host.succeed("nix build --auto-allocate-uids --no-sandbox -L --offline --impure --file ${./id-test.nix} --argstr name id-test-4") + host.succeed("[[ $(cat ./result) = 'uid=872415232 gid=30000(nixbld) groups=30000(nixbld)' ]]") + + # Auto-allocated UIDs, UID range, sandbox. + host.succeed("nix build --auto-allocate-uids --sandbox -L --offline --impure --file ${./id-test.nix} --argstr name id-test-5 --arg uidRange true") + host.succeed("[[ $(cat ./result) = 'uid=0(root) gid=0(root) groups=0(root)' ]]") + + # Auto-allocated UIDs, UID range, no sandbox. + host.fail("nix build --auto-allocate-uids --no-sandbox -L --offline --impure --file ${./id-test.nix} --argstr name id-test-6 --arg uidRange true") + + # Run systemd-nspawn in a Nix build. + host.succeed("nix build --auto-allocate-uids --sandbox -L --offline --impure --file ${./systemd-nspawn.nix} --argstr nixpkgs ${nixpkgs}") + host.succeed("[[ $(cat ./result/msg) = 'Hello World' ]]") + ''; } diff --git a/tests/nixos/containers/id-test.nix b/tests/nixos/containers/id-test.nix index 8eb9d38f9a2..2139327ad88 100644 --- a/tests/nixos/containers/id-test.nix +++ b/tests/nixos/containers/id-test.nix @@ -1,8 +1,10 @@ -{ name, uidRange ? false }: +{ + name, + uidRange ? false, +}: -with import {}; +with import { }; -runCommand name - { requiredSystemFeatures = if uidRange then ["uid-range"] else []; - } - "id; id > $out" +runCommand name { + requiredSystemFeatures = if uidRange then [ "uid-range" ] else [ ]; +} "id; id > $out" diff --git a/tests/nixos/containers/systemd-nspawn.nix b/tests/nixos/containers/systemd-nspawn.nix index 1dad4ebd754..4516f4e1394 100644 --- a/tests/nixos/containers/systemd-nspawn.nix +++ b/tests/nixos/containers/systemd-nspawn.nix @@ -2,7 +2,8 @@ let - machine = { config, pkgs, ... }: + machine = + { config, pkgs, ... }: { system.stateVersion = "22.05"; boot.isContainer = true; @@ -31,10 +32,12 @@ let }; }; - cfg = (import (nixpkgs + "/nixos/lib/eval-config.nix") { - modules = [ machine ]; - system = "x86_64-linux"; - }); + cfg = ( + import (nixpkgs + "/nixos/lib/eval-config.nix") { + modules = [ machine ]; + system = "x86_64-linux"; + } + ); config = cfg.config; @@ -43,7 +46,8 @@ in with cfg._module.args.pkgs; runCommand "test" - { buildInputs = [ config.system.path ]; + { + buildInputs = [ config.system.path ]; requiredSystemFeatures = [ "uid-range" ]; toplevel = config.system.build.toplevel; } diff --git a/tests/nixos/default.nix b/tests/nixos/default.nix index 8e0cb1b225b..ca72034ec4f 100644 --- a/tests/nixos/default.nix +++ b/tests/nixos/default.nix @@ -1,17 +1,26 @@ -{ lib, nixpkgs, nixpkgsFor, self }: +{ + lib, + nixpkgs, + nixpkgsFor, + self, +}: let nixos-lib = import (nixpkgs + "/nixos/lib") { }; - noTests = pkg: pkg.overrideAttrs ( - finalAttrs: prevAttrs: { - doCheck = false; - doInstallCheck = false; - }); + noTests = + pkg: + pkg.overrideAttrs ( + finalAttrs: prevAttrs: { + doCheck = false; + doInstallCheck = false; + } + ); # https://nixos.org/manual/nixos/unstable/index.html#sec-calling-nixos-tests - runNixOSTestFor = system: test: + runNixOSTestFor = + system: test: (nixos-lib.runTest { imports = [ test @@ -36,44 +45,61 @@ let # allow running tests against older nix versions via `nix eval --apply` # Example: # nix build "$(nix eval --raw --impure .#hydraJobs.tests.fetch-git --apply 't: (t.forNix "2.19.2").drvPath')^*" - forNix = nixVersion: runNixOSTestFor system { - imports = [test]; - defaults.nixpkgs.overlays = [(curr: prev: { - nix = let - packages = (builtins.getFlake "nix/${nixVersion}").packages.${system}; - in packages.nix-cli or packages.nix; - })]; - }; + forNix = + nixVersion: + runNixOSTestFor system { + imports = [ test ]; + defaults.nixpkgs.overlays = [ + (curr: prev: { + nix = + let + packages = (builtins.getFlake "nix/${nixVersion}").packages.${system}; + in + packages.nix-cli or packages.nix; + }) + ]; + }; }; # Checks that a NixOS configuration does not contain any references to our # locally defined Nix version. - checkOverrideNixVersion = { pkgs, lib, ... }: { - # pkgs.nix: The new Nix in this repo - # We disallow it, to make sure we don't accidentally use it. - system.forbiddenDependenciesRegexes = [ - (lib.strings.escapeRegex "nix-${pkgs.nix.version}") - ]; - }; - - otherNixes.nix_2_3.setNixPackage = { lib, pkgs, ... }: { - imports = [ checkOverrideNixVersion ]; - nix.package = lib.mkForce pkgs.nixVersions.nix_2_3; - }; - - otherNixes.nix_2_13.setNixPackage = { lib, pkgs, ... }: { - imports = [ checkOverrideNixVersion ]; - nix.package = lib.mkForce ( - self.inputs.nixpkgs-23-11.legacyPackages.${pkgs.stdenv.hostPlatform.system}.nixVersions.nix_2_13.overrideAttrs (o: { - meta = o.meta // { knownVulnerabilities = []; }; - }) - ); - }; + checkOverrideNixVersion = + { pkgs, lib, ... }: + { + # pkgs.nix: The new Nix in this repo + # We disallow it, to make sure we don't accidentally use it. + system.forbiddenDependenciesRegexes = [ + (lib.strings.escapeRegex "nix-${pkgs.nix.version}") + ]; + }; + + otherNixes.nix_2_3.setNixPackage = + { lib, pkgs, ... }: + { + imports = [ checkOverrideNixVersion ]; + nix.package = lib.mkForce pkgs.nixVersions.nix_2_3; + }; + + otherNixes.nix_2_13.setNixPackage = + { lib, pkgs, ... }: + { + imports = [ checkOverrideNixVersion ]; + nix.package = lib.mkForce ( + self.inputs.nixpkgs-23-11.legacyPackages.${pkgs.stdenv.hostPlatform.system}.nixVersions.nix_2_13.overrideAttrs + (o: { + meta = o.meta // { + knownVulnerabilities = [ ]; + }; + }) + ); + }; - otherNixes.nix_2_18.setNixPackage = { lib, pkgs, ... }: { - imports = [ checkOverrideNixVersion ]; - nix.package = lib.mkForce pkgs.nixVersions.nix_2_18; - }; + otherNixes.nix_2_18.setNixPackage = + { lib, pkgs, ... }: + { + imports = [ checkOverrideNixVersion ]; + nix.package = lib.mkForce pkgs.nixVersions.nix_2_18; + }; in @@ -86,30 +112,37 @@ in } // lib.concatMapAttrs ( - nixVersion: { setNixPackage, ... }: + nixVersion: + { setNixPackage, ... }: { "remoteBuilds_remote_${nixVersion}" = runNixOSTestFor "x86_64-linux" { name = "remoteBuilds_remote_${nixVersion}"; imports = [ ./remote-builds.nix ]; - builders.config = { lib, pkgs, ... }: { - imports = [ setNixPackage ]; - }; + builders.config = + { lib, pkgs, ... }: + { + imports = [ setNixPackage ]; + }; }; "remoteBuilds_local_${nixVersion}" = runNixOSTestFor "x86_64-linux" { name = "remoteBuilds_local_${nixVersion}"; imports = [ ./remote-builds.nix ]; - nodes.client = { lib, pkgs, ... }: { - imports = [ setNixPackage ]; - }; + nodes.client = + { lib, pkgs, ... }: + { + imports = [ setNixPackage ]; + }; }; "remoteBuildsSshNg_remote_${nixVersion}" = runNixOSTestFor "x86_64-linux" { name = "remoteBuildsSshNg_remote_${nixVersion}"; imports = [ ./remote-builds-ssh-ng.nix ]; - builders.config = { lib, pkgs, ... }: { - imports = [ setNixPackage ]; - }; + builders.config = + { lib, pkgs, ... }: + { + imports = [ setNixPackage ]; + }; }; # FIXME: these tests don't work yet @@ -143,9 +176,7 @@ in containers = runNixOSTestFor "x86_64-linux" ./containers/containers.nix; - setuid = lib.genAttrs - ["x86_64-linux"] - (system: runNixOSTestFor system ./setuid.nix); + setuid = lib.genAttrs [ "x86_64-linux" ] (system: runNixOSTestFor system ./setuid.nix); fetch-git = runNixOSTestFor "x86_64-linux" ./fetch-git; diff --git a/tests/nixos/fetch-git/default.nix b/tests/nixos/fetch-git/default.nix index 1d6bcb63783..329fb463e8e 100644 --- a/tests/nixos/fetch-git/default.nix +++ b/tests/nixos/fetch-git/default.nix @@ -7,26 +7,27 @@ ]; /* - Test cases + Test cases - Test cases are automatically imported from ./test-cases/{name} + Test cases are automatically imported from ./test-cases/{name} - The following is set up automatically for each test case: - - a repo with the {name} is created on the gitea server - - a repo with the {name} is created on the client - - the client repo is configured to push to the server repo + The following is set up automatically for each test case: + - a repo with the {name} is created on the gitea server + - a repo with the {name} is created on the client + - the client repo is configured to push to the server repo - Python variables: - - repo.path: the path to the directory of the client repo - - repo.git: the git command with the client repo as the working directory - - repo.remote: the url to the server repo + Python variables: + - repo.path: the path to the directory of the client repo + - repo.git: the git command with the client repo as the working directory + - repo.remote: the url to the server repo */ - testCases = - map - (testCaseName: {...}: { + testCases = map ( + testCaseName: + { ... }: + { imports = [ (./test-cases + "/${testCaseName}") ]; # ensures tests are named like their directories they are defined in name = testCaseName; - }) - (lib.attrNames (builtins.readDir ./test-cases)); + } + ) (lib.attrNames (builtins.readDir ./test-cases)); } diff --git a/tests/nixos/fetch-git/test-cases/http-auth/default.nix b/tests/nixos/fetch-git/test-cases/http-auth/default.nix index d483d54fb24..7ad9a8914e2 100644 --- a/tests/nixos/fetch-git/test-cases/http-auth/default.nix +++ b/tests/nixos/fetch-git/test-cases/http-auth/default.nix @@ -5,7 +5,8 @@ script = '' # add a file to the repo client.succeed(f""" - echo ${config.name /* to make the git tree and store path unique */} > {repo.path}/test-case \ + echo ${config.name # to make the git tree and store path unique + } > {repo.path}/test-case \ && echo lutyabrook > {repo.path}/new-york-state \ && {repo.git} add test-case new-york-state \ && {repo.git} commit -m 'commit1' diff --git a/tests/nixos/fetch-git/test-cases/http-simple/default.nix b/tests/nixos/fetch-git/test-cases/http-simple/default.nix index dcab8067e59..51b3882b5a6 100644 --- a/tests/nixos/fetch-git/test-cases/http-simple/default.nix +++ b/tests/nixos/fetch-git/test-cases/http-simple/default.nix @@ -4,7 +4,8 @@ script = '' # add a file to the repo client.succeed(f""" - echo ${config.name /* to make the git tree and store path unique */} > {repo.path}/test-case \ + echo ${config.name # to make the git tree and store path unique + } > {repo.path}/test-case \ && echo chiang-mai > {repo.path}/thailand \ && {repo.git} add test-case thailand \ && {repo.git} commit -m 'commit1' diff --git a/tests/nixos/fetch-git/test-cases/ssh-simple/default.nix b/tests/nixos/fetch-git/test-cases/ssh-simple/default.nix index f5fba169846..89285d00ed4 100644 --- a/tests/nixos/fetch-git/test-cases/ssh-simple/default.nix +++ b/tests/nixos/fetch-git/test-cases/ssh-simple/default.nix @@ -4,7 +4,8 @@ script = '' # add a file to the repo client.succeed(f""" - echo ${config.name /* to make the git tree and store path unique */} > {repo.path}/test-case \ + echo ${config.name # to make the git tree and store path unique + } > {repo.path}/test-case \ && echo chiang-mai > {repo.path}/thailand \ && {repo.git} add test-case thailand \ && {repo.git} commit -m 'commit1' diff --git a/tests/nixos/fetch-git/testsupport/gitea-repo.nix b/tests/nixos/fetch-git/testsupport/gitea-repo.nix index e9f4adcc1d3..c8244207fbb 100644 --- a/tests/nixos/fetch-git/testsupport/gitea-repo.nix +++ b/tests/nixos/fetch-git/testsupport/gitea-repo.nix @@ -8,25 +8,27 @@ let boolPyLiteral = b: if b then "True" else "False"; - testCaseExtension = { config, ... }: { - options = { - repo.enable = mkOption { - type = types.bool; - default = true; - description = "Whether to provide a repo variable - automatic repo creation."; + testCaseExtension = + { config, ... }: + { + options = { + repo.enable = mkOption { + type = types.bool; + default = true; + description = "Whether to provide a repo variable - automatic repo creation."; + }; + repo.private = mkOption { + type = types.bool; + default = false; + description = "Whether the repo should be private."; + }; }; - repo.private = mkOption { - type = types.bool; - default = false; - description = "Whether the repo should be private."; + config = mkIf config.repo.enable { + setupScript = '' + repo = Repo("${config.name}", private=${boolPyLiteral config.repo.private}) + ''; }; }; - config = mkIf config.repo.enable { - setupScript = '' - repo = Repo("${config.name}", private=${boolPyLiteral config.repo.private}) - ''; - }; - }; in { options = { diff --git a/tests/nixos/fetch-git/testsupport/gitea.nix b/tests/nixos/fetch-git/testsupport/gitea.nix index cf87bb4662d..9409acff7cb 100644 --- a/tests/nixos/fetch-git/testsupport/gitea.nix +++ b/tests/nixos/fetch-git/testsupport/gitea.nix @@ -1,4 +1,11 @@ -{ lib, nixpkgs, system, pkgs, ... }: let +{ + lib, + nixpkgs, + system, + pkgs, + ... +}: +let clientPrivateKey = pkgs.writeText "id_ed25519" '' -----BEGIN OPENSSH PRIVATE KEY----- b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW @@ -9,41 +16,52 @@ -----END OPENSSH PRIVATE KEY----- ''; - clientPublicKey = - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFt5a8eH8BYZYjoQhzXGVKKHJe1pw1D0p7O2Vb9VTLzB"; + clientPublicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFt5a8eH8BYZYjoQhzXGVKKHJe1pw1D0p7O2Vb9VTLzB"; -in { +in +{ imports = [ ../testsupport/setup.nix ../testsupport/gitea-repo.nix ]; nodes = { - gitea = { pkgs, ... }: { - services.gitea.enable = true; - services.gitea.settings.service.DISABLE_REGISTRATION = true; - services.gitea.settings.log.LEVEL = "Info"; - services.gitea.settings.database.LOG_SQL = false; - services.openssh.enable = true; - networking.firewall.allowedTCPPorts = [ 3000 ]; - environment.systemPackages = [ pkgs.git pkgs.gitea ]; + gitea = + { pkgs, ... }: + { + services.gitea.enable = true; + services.gitea.settings.service.DISABLE_REGISTRATION = true; + services.gitea.settings.log.LEVEL = "Info"; + services.gitea.settings.database.LOG_SQL = false; + services.openssh.enable = true; + networking.firewall.allowedTCPPorts = [ 3000 ]; + environment.systemPackages = [ + pkgs.git + pkgs.gitea + ]; - users.users.root.openssh.authorizedKeys.keys = [clientPublicKey]; + users.users.root.openssh.authorizedKeys.keys = [ clientPublicKey ]; - # TODO: remove this after updating to nixos-23.11 - nixpkgs.pkgs = lib.mkForce (import nixpkgs { - inherit system; - config.permittedInsecurePackages = [ - "gitea-1.19.4" - ]; - }); - }; - client = { pkgs, ... }: { - environment.systemPackages = [ pkgs.git ]; - }; - }; - defaults = { pkgs, ... }: { - environment.systemPackages = [ pkgs.jq ]; + # TODO: remove this after updating to nixos-23.11 + nixpkgs.pkgs = lib.mkForce ( + import nixpkgs { + inherit system; + config.permittedInsecurePackages = [ + "gitea-1.19.4" + ]; + } + ); + }; + client = + { pkgs, ... }: + { + environment.systemPackages = [ pkgs.git ]; + }; }; + defaults = + { pkgs, ... }: + { + environment.systemPackages = [ pkgs.jq ]; + }; setupScript = '' import shlex diff --git a/tests/nixos/fetch-git/testsupport/setup.nix b/tests/nixos/fetch-git/testsupport/setup.nix index a81d5614b44..c13386c7223 100644 --- a/tests/nixos/fetch-git/testsupport/setup.nix +++ b/tests/nixos/fetch-git/testsupport/setup.nix @@ -1,11 +1,16 @@ -{ lib, config, extendModules, ... }: +{ + lib, + config, + extendModules, + ... +}: let inherit (lib) mkOption types ; - indent = lib.replaceStrings ["\n"] ["\n "]; + indent = lib.replaceStrings [ "\n" ] [ "\n " ]; execTestCase = testCase: '' @@ -35,37 +40,39 @@ in description = '' The test cases. See `testScript`. ''; - type = types.listOf (types.submodule { - options.name = mkOption { - type = types.str; - description = '' - The name of the test case. + type = types.listOf ( + types.submodule { + options.name = mkOption { + type = types.str; + description = '' + The name of the test case. - A repository with that name will be set up on the gitea server and locally. - ''; - }; - options.description = mkOption { - type = types.str; - description = '' - A description of the test case. - ''; - }; - options.setupScript = mkOption { - type = types.lines; - description = '' - Python code that runs before the test case. - ''; - default = ""; - }; - options.script = mkOption { - type = types.lines; - description = '' - Python code that runs the test. + A repository with that name will be set up on the gitea server and locally. + ''; + }; + options.description = mkOption { + type = types.str; + description = '' + A description of the test case. + ''; + }; + options.setupScript = mkOption { + type = types.lines; + description = '' + Python code that runs before the test case. + ''; + default = ""; + }; + options.script = mkOption { + type = types.lines; + description = '' + Python code that runs the test. - Variables defined by the global `setupScript`, as well as `testCases.*.setupScript` will be available here. - ''; - }; - }); + Variables defined by the global `setupScript`, as well as `testCases.*.setupScript` will be available here. + ''; + }; + } + ); }; }; @@ -74,10 +81,12 @@ in environment.variables = { _NIX_FORCE_HTTP = "1"; }; - nix.settings.experimental-features = ["nix-command" "flakes"]; + nix.settings.experimental-features = [ + "nix-command" + "flakes" + ]; }; - setupScript = '' - ''; + setupScript = ''''; testScript = '' start_all(); diff --git a/tests/nixos/fetchurl.nix b/tests/nixos/fetchurl.nix index bfae8deecac..e8663debbcd 100644 --- a/tests/nixos/fetchurl.nix +++ b/tests/nixos/fetchurl.nix @@ -5,16 +5,20 @@ let - makeTlsCert = name: pkgs.runCommand name { - nativeBuildInputs = with pkgs; [ openssl ]; - } '' - mkdir -p $out - openssl req -x509 \ - -subj '/CN=${name}/' -days 49710 \ - -addext 'subjectAltName = DNS:${name}' \ - -keyout "$out/key.pem" -newkey ed25519 \ - -out "$out/cert.pem" -noenc - ''; + makeTlsCert = + name: + pkgs.runCommand name + { + nativeBuildInputs = with pkgs; [ openssl ]; + } + '' + mkdir -p $out + openssl req -x509 \ + -subj '/CN=${name}/' -days 49710 \ + -addext 'subjectAltName = DNS:${name}' \ + -keyout "$out/key.pem" -newkey ed25519 \ + -out "$out/cert.pem" -noenc + ''; goodCert = makeTlsCert "good"; badCert = makeTlsCert "bad"; @@ -25,39 +29,44 @@ in name = "fetchurl"; nodes = { - machine = { pkgs, ... }: { - services.nginx = { - enable = true; - - virtualHosts."good" = { - addSSL = true; - sslCertificate = "${goodCert}/cert.pem"; - sslCertificateKey = "${goodCert}/key.pem"; - root = pkgs.runCommand "nginx-root" {} '' - mkdir "$out" - echo 'hello world' > "$out/index.html" - ''; + machine = + { pkgs, ... }: + { + services.nginx = { + enable = true; + + virtualHosts."good" = { + addSSL = true; + sslCertificate = "${goodCert}/cert.pem"; + sslCertificateKey = "${goodCert}/key.pem"; + root = pkgs.runCommand "nginx-root" { } '' + mkdir "$out" + echo 'hello world' > "$out/index.html" + ''; + }; + + virtualHosts."bad" = { + addSSL = true; + sslCertificate = "${badCert}/cert.pem"; + sslCertificateKey = "${badCert}/key.pem"; + root = pkgs.runCommand "nginx-root" { } '' + mkdir "$out" + echo 'foobar' > "$out/index.html" + ''; + }; }; - virtualHosts."bad" = { - addSSL = true; - sslCertificate = "${badCert}/cert.pem"; - sslCertificateKey = "${badCert}/key.pem"; - root = pkgs.runCommand "nginx-root" {} '' - mkdir "$out" - echo 'foobar' > "$out/index.html" - ''; - }; - }; + security.pki.certificateFiles = [ "${goodCert}/cert.pem" ]; - security.pki.certificateFiles = [ "${goodCert}/cert.pem" ]; + networking.hosts."127.0.0.1" = [ + "good" + "bad" + ]; - networking.hosts."127.0.0.1" = [ "good" "bad" ]; + virtualisation.writableStore = true; - virtualisation.writableStore = true; - - nix.settings.experimental-features = "nix-command"; - }; + nix.settings.experimental-features = "nix-command"; + }; }; testScript = '' diff --git a/tests/nixos/fsync.nix b/tests/nixos/fsync.nix index 99ac2b25d50..e215e5b3c25 100644 --- a/tests/nixos/fsync.nix +++ b/tests/nixos/fsync.nix @@ -1,4 +1,10 @@ -{ lib, config, nixpkgs, pkgs, ... }: +{ + lib, + config, + nixpkgs, + pkgs, + ... +}: let pkg1 = pkgs.go; @@ -8,32 +14,44 @@ in name = "fsync"; nodes.machine = - { config, lib, pkgs, ... }: - { virtualisation.emptyDiskImages = [ 1024 ]; + { + config, + lib, + pkgs, + ... + }: + { + virtualisation.emptyDiskImages = [ 1024 ]; environment.systemPackages = [ pkg1 ]; nix.settings.experimental-features = [ "nix-command" ]; nix.settings.fsync-store-paths = true; nix.settings.require-sigs = false; - boot.supportedFilesystems = [ "ext4" "btrfs" "xfs" ]; + boot.supportedFilesystems = [ + "ext4" + "btrfs" + "xfs" + ]; }; - testScript = { nodes }: '' - # fmt: off - for fs in ("ext4", "btrfs", "xfs"): - machine.succeed("mkfs.{} {} /dev/vdb".format(fs, "-F" if fs == "ext4" else "-f")) - machine.succeed("mkdir -p /mnt") - machine.succeed("mount /dev/vdb /mnt") - machine.succeed("sync") - machine.succeed("nix copy --offline ${pkg1} --to /mnt") - machine.crash() + testScript = + { nodes }: + '' + # fmt: off + for fs in ("ext4", "btrfs", "xfs"): + machine.succeed("mkfs.{} {} /dev/vdb".format(fs, "-F" if fs == "ext4" else "-f")) + machine.succeed("mkdir -p /mnt") + machine.succeed("mount /dev/vdb /mnt") + machine.succeed("sync") + machine.succeed("nix copy --offline ${pkg1} --to /mnt") + machine.crash() - machine.start() - machine.wait_for_unit("multi-user.target") - machine.succeed("mkdir -p /mnt") - machine.succeed("mount /dev/vdb /mnt") - machine.succeed("nix path-info --offline --store /mnt ${pkg1}") - machine.succeed("nix store verify --all --store /mnt --no-trust") + machine.start() + machine.wait_for_unit("multi-user.target") + machine.succeed("mkdir -p /mnt") + machine.succeed("mount /dev/vdb /mnt") + machine.succeed("nix path-info --offline --store /mnt ${pkg1}") + machine.succeed("nix store verify --all --store /mnt --no-trust") - machine.succeed("umount /dev/vdb") - ''; + machine.succeed("umount /dev/vdb") + ''; } diff --git a/tests/nixos/functional/as-trusted-user.nix b/tests/nixos/functional/as-trusted-user.nix index d6f825697e9..25c1b399c1c 100644 --- a/tests/nixos/functional/as-trusted-user.nix +++ b/tests/nixos/functional/as-trusted-user.nix @@ -4,7 +4,9 @@ imports = [ ./common.nix ]; nodes.machine = { - users.users.alice = { isNormalUser = true; }; + users.users.alice = { + isNormalUser = true; + }; nix.settings.trusted-users = [ "alice" ]; }; @@ -15,4 +17,4 @@ su --login --command "run-test-suite" alice >&2 """) ''; -} \ No newline at end of file +} diff --git a/tests/nixos/functional/as-user.nix b/tests/nixos/functional/as-user.nix index 1443f6e6ccd..b93c8d798a3 100644 --- a/tests/nixos/functional/as-user.nix +++ b/tests/nixos/functional/as-user.nix @@ -4,7 +4,9 @@ imports = [ ./common.nix ]; nodes.machine = { - users.users.alice = { isNormalUser = true; }; + users.users.alice = { + isNormalUser = true; + }; }; testScript = '' diff --git a/tests/nixos/functional/common.nix b/tests/nixos/functional/common.nix index 561271ba0ec..f3cab47259b 100644 --- a/tests/nixos/functional/common.nix +++ b/tests/nixos/functional/common.nix @@ -2,9 +2,11 @@ let # FIXME (roberth) reference issue - inputDerivation = pkg: (pkg.overrideAttrs (o: { - disallowedReferences = [ ]; - })).inputDerivation; + inputDerivation = + pkg: + (pkg.overrideAttrs (o: { + disallowedReferences = [ ]; + })).inputDerivation; in { @@ -12,59 +14,63 @@ in # we skip it to save time. skipTypeCheck = true; - nodes.machine = { config, pkgs, ... }: { + nodes.machine = + { config, pkgs, ... }: + { - virtualisation.writableStore = true; - system.extraDependencies = [ - (inputDerivation config.nix.package) - ]; + virtualisation.writableStore = true; + system.extraDependencies = [ + (inputDerivation config.nix.package) + ]; - nix.settings.substituters = lib.mkForce []; + nix.settings.substituters = lib.mkForce [ ]; - environment.systemPackages = let - run-test-suite = pkgs.writeShellApplication { - name = "run-test-suite"; - runtimeInputs = [ - pkgs.meson - pkgs.ninja - pkgs.jq - pkgs.git + environment.systemPackages = + let + run-test-suite = pkgs.writeShellApplication { + name = "run-test-suite"; + runtimeInputs = [ + pkgs.meson + pkgs.ninja + pkgs.jq + pkgs.git - # Want to avoid `/run/current-system/sw/bin/bash` because we - # want a store path. Likewise for coreutils. - pkgs.bash - pkgs.coreutils - ]; - text = '' - set -x + # Want to avoid `/run/current-system/sw/bin/bash` because we + # want a store path. Likewise for coreutils. + pkgs.bash + pkgs.coreutils + ]; + text = '' + set -x - cat /proc/sys/fs/file-max - ulimit -Hn - ulimit -Sn + cat /proc/sys/fs/file-max + ulimit -Hn + ulimit -Sn - cd ~ + cd ~ - cp -r ${pkgs.nixComponents.nix-functional-tests.src} nix - chmod -R +w nix + cp -r ${pkgs.nixComponents.nix-functional-tests.src} nix + chmod -R +w nix - chmod u+w nix/.version - echo ${pkgs.nixComponents.version} > nix/.version + chmod u+w nix/.version + echo ${pkgs.nixComponents.version} > nix/.version - export isTestOnNixOS=1 + export isTestOnNixOS=1 - export NIX_REMOTE_=daemon - export NIX_REMOTE=daemon + export NIX_REMOTE_=daemon + export NIX_REMOTE=daemon - export NIX_STORE=${builtins.storeDir} + export NIX_STORE=${builtins.storeDir} - meson setup nix/tests/functional build - cd build - meson test -j1 --print-errorlogs - ''; - }; - in [ - run-test-suite - pkgs.git - ]; - }; + meson setup nix/tests/functional build + cd build + meson test -j1 --print-errorlogs + ''; + }; + in + [ + run-test-suite + pkgs.git + ]; + }; } diff --git a/tests/nixos/functional/symlinked-home.nix b/tests/nixos/functional/symlinked-home.nix index 57c45d5d592..900543d0cfe 100644 --- a/tests/nixos/functional/symlinked-home.nix +++ b/tests/nixos/functional/symlinked-home.nix @@ -16,7 +16,9 @@ imports = [ ./common.nix ]; nodes.machine = { - users.users.alice = { isNormalUser = true; }; + users.users.alice = { + isNormalUser = true; + }; }; testScript = '' diff --git a/tests/nixos/git-submodules.nix b/tests/nixos/git-submodules.nix index a82ddf418eb..5b1d9ed5f5f 100644 --- a/tests/nixos/git-submodules.nix +++ b/tests/nixos/git-submodules.nix @@ -6,68 +6,74 @@ config = { name = lib.mkDefault "git-submodules"; - nodes = - { - remote = - { config, pkgs, ... }: - { - services.openssh.enable = true; - environment.systemPackages = [ pkgs.git ]; - }; + nodes = { + remote = + { config, pkgs, ... }: + { + services.openssh.enable = true; + environment.systemPackages = [ pkgs.git ]; + }; - client = - { config, lib, pkgs, ... }: - { - programs.ssh.extraConfig = "ConnectTimeout 30"; - environment.systemPackages = [ pkgs.git ]; - nix.extraOptions = "experimental-features = nix-command flakes"; - }; - }; + client = + { + config, + lib, + pkgs, + ... + }: + { + programs.ssh.extraConfig = "ConnectTimeout 30"; + environment.systemPackages = [ pkgs.git ]; + nix.extraOptions = "experimental-features = nix-command flakes"; + }; + }; - testScript = { nodes }: '' - # fmt: off - import subprocess + testScript = + { nodes }: + '' + # fmt: off + import subprocess - start_all() + start_all() - # Create an SSH key on the client. - subprocess.run([ - "${hostPkgs.openssh}/bin/ssh-keygen", "-t", "ed25519", "-f", "key", "-N", "" - ], capture_output=True, check=True) - client.succeed("mkdir -p -m 700 /root/.ssh") - client.copy_from_host("key", "/root/.ssh/id_ed25519") - client.succeed("chmod 600 /root/.ssh/id_ed25519") + # Create an SSH key on the client. + subprocess.run([ + "${hostPkgs.openssh}/bin/ssh-keygen", "-t", "ed25519", "-f", "key", "-N", "" + ], capture_output=True, check=True) + client.succeed("mkdir -p -m 700 /root/.ssh") + client.copy_from_host("key", "/root/.ssh/id_ed25519") + client.succeed("chmod 600 /root/.ssh/id_ed25519") - # Install the SSH key on the builders. - client.wait_for_unit("network-online.target") + # Install the SSH key on the builders. + client.wait_for_unit("network-online.target") - remote.succeed("mkdir -p -m 700 /root/.ssh") - remote.copy_from_host("key.pub", "/root/.ssh/authorized_keys") - remote.wait_for_unit("sshd") - remote.wait_for_unit("multi-user.target") - remote.wait_for_unit("network-online.target") - client.wait_for_unit("network-online.target") - client.succeed(f"ssh -o StrictHostKeyChecking=no {remote.name} 'echo hello world'") + remote.succeed("mkdir -p -m 700 /root/.ssh") + remote.copy_from_host("key.pub", "/root/.ssh/authorized_keys") + remote.wait_for_unit("sshd") + remote.wait_for_unit("multi-user.target") + remote.wait_for_unit("network-online.target") + client.wait_for_unit("network-online.target") + client.succeed(f"ssh -o StrictHostKeyChecking=no {remote.name} 'echo hello world'") - remote.succeed(""" - git init bar - git -C bar config user.email foobar@example.com - git -C bar config user.name Foobar - echo test >> bar/content - git -C bar add content - git -C bar commit -m 'Initial commit' - """) + remote.succeed(""" + git init bar + git -C bar config user.email foobar@example.com + git -C bar config user.name Foobar + echo test >> bar/content + git -C bar add content + git -C bar commit -m 'Initial commit' + """) - client.succeed(f""" - git init foo - git -C foo config user.email foobar@example.com - git -C foo config user.name Foobar - git -C foo submodule add root@{remote.name}:/tmp/bar sub - git -C foo add sub - git -C foo commit -m 'Add submodule' - """) + client.succeed(f""" + git init foo + git -C foo config user.email foobar@example.com + git -C foo config user.name Foobar + git -C foo submodule add root@{remote.name}:/tmp/bar sub + git -C foo add sub + git -C foo commit -m 'Add submodule' + """) - client.succeed("nix --flake-registry \"\" flake prefetch 'git+file:///tmp/foo?submodules=1&ref=master'") - ''; + client.succeed("nix --flake-registry \"\" flake prefetch 'git+file:///tmp/foo?submodules=1&ref=master'") + ''; }; } diff --git a/tests/nixos/github-flakes.nix b/tests/nixos/github-flakes.nix index 69d1df410d3..dcba464a34d 100644 --- a/tests/nixos/github-flakes.nix +++ b/tests/nixos/github-flakes.nix @@ -1,21 +1,25 @@ -{ lib, config, nixpkgs, ... }: +{ + lib, + config, + nixpkgs, + ... +}: let pkgs = config.nodes.client.nixpkgs.pkgs; # Generate a fake root CA and a fake api.github.com / github.com / channels.nixos.org certificate. - cert = pkgs.runCommand "cert" { nativeBuildInputs = [ pkgs.openssl ]; } - '' - mkdir -p $out + cert = pkgs.runCommand "cert" { nativeBuildInputs = [ pkgs.openssl ]; } '' + mkdir -p $out - openssl genrsa -out ca.key 2048 - openssl req -new -x509 -days 36500 -key ca.key \ - -subj "/C=NL/ST=Denial/L=Springfield/O=Dis/CN=Root CA" -out $out/ca.crt + openssl genrsa -out ca.key 2048 + openssl req -new -x509 -days 36500 -key ca.key \ + -subj "/C=NL/ST=Denial/L=Springfield/O=Dis/CN=Root CA" -out $out/ca.crt - openssl req -newkey rsa:2048 -nodes -keyout $out/server.key \ - -subj "/C=CN/ST=Denial/L=Springfield/O=Dis/CN=github.com" -out server.csr - openssl x509 -req -extfile <(printf "subjectAltName=DNS:api.github.com,DNS:github.com,DNS:channels.nixos.org") \ - -days 36500 -in server.csr -CA $out/ca.crt -CAkey ca.key -CAcreateserial -out $out/server.crt - ''; + openssl req -newkey rsa:2048 -nodes -keyout $out/server.key \ + -subj "/C=CN/ST=Denial/L=Springfield/O=Dis/CN=github.com" -out server.csr + openssl x509 -req -extfile <(printf "subjectAltName=DNS:api.github.com,DNS:github.com,DNS:channels.nixos.org") \ + -days 36500 -in server.csr -CA $out/ca.crt -CAkey ca.key -CAcreateserial -out $out/server.crt + ''; registry = pkgs.writeTextFile { name = "registry"; @@ -53,168 +57,190 @@ let private-flake-rev = "9f1dd0df5b54a7dc75b618034482ed42ce34383d"; - private-flake-api = pkgs.runCommand "private-flake" {} - '' - mkdir -p $out/{commits,tarball} + private-flake-api = pkgs.runCommand "private-flake" { } '' + mkdir -p $out/{commits,tarball} - # Setup https://docs.github.com/en/rest/commits/commits#get-a-commit - echo '{"sha": "${private-flake-rev}", "commit": {"tree": {"sha": "ffffffffffffffffffffffffffffffffffffffff"}}}' > $out/commits/HEAD + # Setup https://docs.github.com/en/rest/commits/commits#get-a-commit + echo '{"sha": "${private-flake-rev}", "commit": {"tree": {"sha": "ffffffffffffffffffffffffffffffffffffffff"}}}' > $out/commits/HEAD - # Setup tarball download via API - dir=private-flake - mkdir $dir - echo '{ outputs = {...}: {}; }' > $dir/flake.nix - tar cfz $out/tarball/${private-flake-rev} $dir --hard-dereference - ''; + # Setup tarball download via API + dir=private-flake + mkdir $dir + echo '{ outputs = {...}: {}; }' > $dir/flake.nix + tar cfz $out/tarball/${private-flake-rev} $dir --hard-dereference + ''; - nixpkgs-api = pkgs.runCommand "nixpkgs-flake" {} - '' - mkdir -p $out/commits + nixpkgs-api = pkgs.runCommand "nixpkgs-flake" { } '' + mkdir -p $out/commits - # Setup https://docs.github.com/en/rest/commits/commits#get-a-commit - echo '{"sha": "${nixpkgs.rev}", "commit": {"tree": {"sha": "ffffffffffffffffffffffffffffffffffffffff"}}}' > $out/commits/HEAD - ''; + # Setup https://docs.github.com/en/rest/commits/commits#get-a-commit + echo '{"sha": "${nixpkgs.rev}", "commit": {"tree": {"sha": "ffffffffffffffffffffffffffffffffffffffff"}}}' > $out/commits/HEAD + ''; - archive = pkgs.runCommand "nixpkgs-flake" {} - '' - mkdir -p $out/archive + archive = pkgs.runCommand "nixpkgs-flake" { } '' + mkdir -p $out/archive - dir=NixOS-nixpkgs-${nixpkgs.shortRev} - cp -prd ${nixpkgs} $dir - # Set the correct timestamp in the tarball. - find $dir -print0 | xargs -0 touch -h -t ${builtins.substring 0 12 nixpkgs.lastModifiedDate}.${builtins.substring 12 2 nixpkgs.lastModifiedDate} -- - tar cfz $out/archive/${nixpkgs.rev}.tar.gz $dir --hard-dereference - ''; + dir=NixOS-nixpkgs-${nixpkgs.shortRev} + cp -prd ${nixpkgs} $dir + # Set the correct timestamp in the tarball. + find $dir -print0 | xargs -0 touch -h -t ${builtins.substring 0 12 nixpkgs.lastModifiedDate}.${ + builtins.substring 12 2 nixpkgs.lastModifiedDate + } -- + tar cfz $out/archive/${nixpkgs.rev}.tar.gz $dir --hard-dereference + ''; in { name = "github-flakes"; - nodes = - { - github = - { config, pkgs, ... }: - { networking.firewall.allowedTCPPorts = [ 80 443 ]; - - services.httpd.enable = true; - services.httpd.adminAddr = "foo@example.org"; - services.httpd.extraConfig = '' - ErrorLog syslog:local6 - ''; - services.httpd.virtualHosts."channels.nixos.org" = - { forceSSL = true; - sslServerKey = "${cert}/server.key"; - sslServerCert = "${cert}/server.crt"; - servedDirs = - [ { urlPath = "/"; - dir = registry; - } - ]; - }; - services.httpd.virtualHosts."api.github.com" = - { forceSSL = true; - sslServerKey = "${cert}/server.key"; - sslServerCert = "${cert}/server.crt"; - servedDirs = - [ { urlPath = "/repos/NixOS/nixpkgs"; - dir = nixpkgs-api; - } - { urlPath = "/repos/fancy-enterprise/private-flake"; - dir = private-flake-api; - } - ]; - }; - services.httpd.virtualHosts."github.com" = - { forceSSL = true; - sslServerKey = "${cert}/server.key"; - sslServerCert = "${cert}/server.crt"; - servedDirs = - [ { urlPath = "/NixOS/nixpkgs"; - dir = archive; - } - ]; - }; + nodes = { + github = + { config, pkgs, ... }: + { + networking.firewall.allowedTCPPorts = [ + 80 + 443 + ]; + + services.httpd.enable = true; + services.httpd.adminAddr = "foo@example.org"; + services.httpd.extraConfig = '' + ErrorLog syslog:local6 + ''; + services.httpd.virtualHosts."channels.nixos.org" = { + forceSSL = true; + sslServerKey = "${cert}/server.key"; + sslServerCert = "${cert}/server.crt"; + servedDirs = [ + { + urlPath = "/"; + dir = registry; + } + ]; }; - - client = - { config, lib, pkgs, nodes, ... }: - { virtualisation.writableStore = true; - virtualisation.diskSize = 2048; - virtualisation.additionalPaths = [ pkgs.hello pkgs.fuse ]; - virtualisation.memorySize = 4096; - nix.settings.substituters = lib.mkForce [ ]; - nix.extraOptions = "experimental-features = nix-command flakes"; - networking.hosts.${(builtins.head nodes.github.networking.interfaces.eth1.ipv4.addresses).address} = - [ "channels.nixos.org" "api.github.com" "github.com" ]; - security.pki.certificateFiles = [ "${cert}/ca.crt" ]; + services.httpd.virtualHosts."api.github.com" = { + forceSSL = true; + sslServerKey = "${cert}/server.key"; + sslServerCert = "${cert}/server.crt"; + servedDirs = [ + { + urlPath = "/repos/NixOS/nixpkgs"; + dir = nixpkgs-api; + } + { + urlPath = "/repos/fancy-enterprise/private-flake"; + dir = private-flake-api; + } + ]; }; - }; - - testScript = { nodes }: '' - # fmt: off - import json - import time - - start_all() - - def cat_log(): - github.succeed("cat /var/log/httpd/*.log >&2") - - github.wait_for_unit("httpd.service") - github.wait_for_unit("network-online.target") - - client.wait_for_unit("network-online.target") - client.succeed("curl -v https://github.com/ >&2") - out = client.succeed("nix registry list") - print(out) - assert "github:NixOS/nixpkgs" in out, "nixpkgs flake not found" - assert "github:fancy-enterprise/private-flake" in out, "private flake not found" - cat_log() - - # If no github access token is provided, nix should use the public archive url... - out = client.succeed("nix flake metadata nixpkgs --json") - print(out) - info = json.loads(out) - assert info["revision"] == "${nixpkgs.rev}", f"revision mismatch: {info['revision']} != ${nixpkgs.rev}" - cat_log() - - # ... otherwise it should use the API - out = client.succeed("nix flake metadata private-flake --json --access-tokens github.com=ghp_000000000000000000000000000000000000 --tarball-ttl 0") - print(out) - info = json.loads(out) - assert info["revision"] == "${private-flake-rev}", f"revision mismatch: {info['revision']} != ${private-flake-rev}" - assert info["fingerprint"] - cat_log() - - # Fetching with the resolved URL should produce the same result. - info2 = json.loads(client.succeed(f"nix flake metadata {info['url']} --json --access-tokens github.com=ghp_000000000000000000000000000000000000 --tarball-ttl 0")) - print(info["fingerprint"], info2["fingerprint"]) - assert info["fingerprint"] == info2["fingerprint"], "fingerprint mismatch" - - client.succeed("nix registry pin nixpkgs") - client.succeed("nix flake metadata nixpkgs --tarball-ttl 0 >&2") - - # Test fetchTree on a github URL. - hash = client.succeed(f"nix eval --no-trust-tarballs-from-git-forges --raw --expr '(fetchTree {info['url']}).narHash'") - assert hash == info['locked']['narHash'] - - # Fetching without a narHash should succeed if trust-github is set and fail otherwise. - client.succeed(f"nix eval --raw --expr 'builtins.fetchTree github:github:fancy-enterprise/private-flake/{info['revision']}'") - out = client.fail(f"nix eval --no-trust-tarballs-from-git-forges --raw --expr 'builtins.fetchTree github:github:fancy-enterprise/private-flake/{info['revision']}' 2>&1") - assert "will not fetch unlocked input" in out, "--no-trust-tarballs-from-git-forges did not fail with the expected error" - - # Shut down the web server. The flake should be cached on the client. - github.succeed("systemctl stop httpd.service") - - info = json.loads(client.succeed("nix flake metadata nixpkgs --json")) - date = time.strftime("%Y%m%d%H%M%S", time.gmtime(info['lastModified'])) - assert date == "${nixpkgs.lastModifiedDate}", "time mismatch" - - client.succeed("nix build nixpkgs#hello") - - # The build shouldn't fail even with --tarball-ttl 0 (the server - # being down should not be a fatal error). - client.succeed("nix build nixpkgs#fuse --tarball-ttl 0") - ''; + services.httpd.virtualHosts."github.com" = { + forceSSL = true; + sslServerKey = "${cert}/server.key"; + sslServerCert = "${cert}/server.crt"; + servedDirs = [ + { + urlPath = "/NixOS/nixpkgs"; + dir = archive; + } + ]; + }; + }; + + client = + { + config, + lib, + pkgs, + nodes, + ... + }: + { + virtualisation.writableStore = true; + virtualisation.diskSize = 2048; + virtualisation.additionalPaths = [ + pkgs.hello + pkgs.fuse + ]; + virtualisation.memorySize = 4096; + nix.settings.substituters = lib.mkForce [ ]; + nix.extraOptions = "experimental-features = nix-command flakes"; + networking.hosts.${(builtins.head nodes.github.networking.interfaces.eth1.ipv4.addresses).address} = + [ + "channels.nixos.org" + "api.github.com" + "github.com" + ]; + security.pki.certificateFiles = [ "${cert}/ca.crt" ]; + }; + }; + + testScript = + { nodes }: + '' + # fmt: off + import json + import time + + start_all() + + def cat_log(): + github.succeed("cat /var/log/httpd/*.log >&2") + + github.wait_for_unit("httpd.service") + github.wait_for_unit("network-online.target") + + client.wait_for_unit("network-online.target") + client.succeed("curl -v https://github.com/ >&2") + out = client.succeed("nix registry list") + print(out) + assert "github:NixOS/nixpkgs" in out, "nixpkgs flake not found" + assert "github:fancy-enterprise/private-flake" in out, "private flake not found" + cat_log() + + # If no github access token is provided, nix should use the public archive url... + out = client.succeed("nix flake metadata nixpkgs --json") + print(out) + info = json.loads(out) + assert info["revision"] == "${nixpkgs.rev}", f"revision mismatch: {info['revision']} != ${nixpkgs.rev}" + cat_log() + + # ... otherwise it should use the API + out = client.succeed("nix flake metadata private-flake --json --access-tokens github.com=ghp_000000000000000000000000000000000000 --tarball-ttl 0") + print(out) + info = json.loads(out) + assert info["revision"] == "${private-flake-rev}", f"revision mismatch: {info['revision']} != ${private-flake-rev}" + assert info["fingerprint"] + cat_log() + + # Fetching with the resolved URL should produce the same result. + info2 = json.loads(client.succeed(f"nix flake metadata {info['url']} --json --access-tokens github.com=ghp_000000000000000000000000000000000000 --tarball-ttl 0")) + print(info["fingerprint"], info2["fingerprint"]) + assert info["fingerprint"] == info2["fingerprint"], "fingerprint mismatch" + + client.succeed("nix registry pin nixpkgs") + client.succeed("nix flake metadata nixpkgs --tarball-ttl 0 >&2") + + # Test fetchTree on a github URL. + hash = client.succeed(f"nix eval --no-trust-tarballs-from-git-forges --raw --expr '(fetchTree {info['url']}).narHash'") + assert hash == info['locked']['narHash'] + + # Fetching without a narHash should succeed if trust-github is set and fail otherwise. + client.succeed(f"nix eval --raw --expr 'builtins.fetchTree github:github:fancy-enterprise/private-flake/{info['revision']}'") + out = client.fail(f"nix eval --no-trust-tarballs-from-git-forges --raw --expr 'builtins.fetchTree github:github:fancy-enterprise/private-flake/{info['revision']}' 2>&1") + assert "will not fetch unlocked input" in out, "--no-trust-tarballs-from-git-forges did not fail with the expected error" + + # Shut down the web server. The flake should be cached on the client. + github.succeed("systemctl stop httpd.service") + + info = json.loads(client.succeed("nix flake metadata nixpkgs --json")) + date = time.strftime("%Y%m%d%H%M%S", time.gmtime(info['lastModified'])) + assert date == "${nixpkgs.lastModifiedDate}", "time mismatch" + + client.succeed("nix build nixpkgs#hello") + + # The build shouldn't fail even with --tarball-ttl 0 (the server + # being down should not be a fatal error). + client.succeed("nix build nixpkgs#fuse --tarball-ttl 0") + ''; } diff --git a/tests/nixos/gzip-content-encoding.nix b/tests/nixos/gzip-content-encoding.nix index a5a0033fd19..22d196c6186 100644 --- a/tests/nixos/gzip-content-encoding.nix +++ b/tests/nixos/gzip-content-encoding.nix @@ -30,42 +30,45 @@ in { name = "gzip-content-encoding"; - nodes = - { machine = + nodes = { + machine = { config, pkgs, ... }: - { networking.firewall.allowedTCPPorts = [ 80 ]; + { + networking.firewall.allowedTCPPorts = [ 80 ]; services.nginx.enable = true; - services.nginx.virtualHosts."localhost" = - { root = "${ztdCompressedFile}/share/"; - # Make sure that nginx really tries to compress the - # file on the fly with no regard to size/mime. - # http://nginx.org/en/docs/http/ngx_http_gzip_module.html - extraConfig = '' - gzip on; - gzip_types *; - gzip_proxied any; - gzip_min_length 0; - ''; - }; + services.nginx.virtualHosts."localhost" = { + root = "${ztdCompressedFile}/share/"; + # Make sure that nginx really tries to compress the + # file on the fly with no regard to size/mime. + # http://nginx.org/en/docs/http/ngx_http_gzip_module.html + extraConfig = '' + gzip on; + gzip_types *; + gzip_proxied any; + gzip_min_length 0; + ''; + }; virtualisation.writableStore = true; virtualisation.additionalPaths = with pkgs; [ file ]; nix.settings.substituters = lib.mkForce [ ]; }; - }; + }; # Check that when nix-prefetch-url is used with a zst tarball it does not get decompressed. - testScript = { nodes }: '' - # fmt: off - start_all() + testScript = + { nodes }: + '' + # fmt: off + start_all() - machine.wait_for_unit("nginx.service") - machine.succeed(""" - # Make sure that the file is properly compressed as the test would be meaningless otherwise - curl --compressed -v http://localhost/archive |& tr -s ' ' |& grep --ignore-case 'content-encoding: gzip' - archive_path=$(nix-prefetch-url http://localhost/archive --print-path | tail -n1) - [[ $(${fileCmd} --brief --mime-type $archive_path) == "application/zstd" ]] - tar --zstd -xf $archive_path - """) - ''; + machine.wait_for_unit("nginx.service") + machine.succeed(""" + # Make sure that the file is properly compressed as the test would be meaningless otherwise + curl --compressed -v http://localhost/archive |& tr -s ' ' |& grep --ignore-case 'content-encoding: gzip' + archive_path=$(nix-prefetch-url http://localhost/archive --print-path | tail -n1) + [[ $(${fileCmd} --brief --mime-type $archive_path) == "application/zstd" ]] + tar --zstd -xf $archive_path + """) + ''; } diff --git a/tests/nixos/nix-copy-closure.nix b/tests/nixos/nix-copy-closure.nix index 44324e989b3..b6ec856e0e4 100644 --- a/tests/nixos/nix-copy-closure.nix +++ b/tests/nixos/nix-copy-closure.nix @@ -1,6 +1,11 @@ # Test ‘nix-copy-closure’. -{ lib, config, nixpkgs, ... }: +{ + lib, + config, + nixpkgs, + ... +}: let pkgs = config.nodes.client.nixpkgs.pkgs; @@ -10,74 +15,90 @@ let pkgC = pkgs.hello; pkgD = pkgs.tmux; -in { +in +{ name = "nix-copy-closure"; - nodes = - { client = - { config, lib, pkgs, ... }: - { virtualisation.writableStore = true; - virtualisation.additionalPaths = [ pkgA pkgD.drvPath ]; - nix.settings.substituters = lib.mkForce [ ]; - }; - - server = - { config, pkgs, ... }: - { services.openssh.enable = true; - virtualisation.writableStore = true; - virtualisation.additionalPaths = [ pkgB pkgC ]; - }; - }; - - testScript = { nodes }: '' - # fmt: off - import subprocess - - start_all() - - # Create an SSH key on the client. - subprocess.run([ - "${pkgs.openssh}/bin/ssh-keygen", "-t", "ed25519", "-f", "key", "-N", "" - ], capture_output=True, check=True) - - client.succeed("mkdir -m 700 /root/.ssh") - client.copy_from_host("key", "/root/.ssh/id_ed25519") - client.succeed("chmod 600 /root/.ssh/id_ed25519") - - # Install the SSH key on the server. - server.succeed("mkdir -m 700 /root/.ssh") - server.copy_from_host("key.pub", "/root/.ssh/authorized_keys") - server.wait_for_unit("sshd") - server.wait_for_unit("multi-user.target") - server.wait_for_unit("network-online.target") - - client.wait_for_unit("network-online.target") - client.succeed(f"ssh -o StrictHostKeyChecking=no {server.name} 'echo hello world'") - - # Copy the closure of package A from the client to the server. - server.fail("nix-store --check-validity ${pkgA}") - client.succeed("nix-copy-closure --to server --gzip ${pkgA} >&2") - server.succeed("nix-store --check-validity ${pkgA}") - - # Copy the closure of package B from the server to the client. - client.fail("nix-store --check-validity ${pkgB}") - client.succeed("nix-copy-closure --from server --gzip ${pkgB} >&2") - client.succeed("nix-store --check-validity ${pkgB}") - - # Copy the closure of package C via the SSH substituter. - client.fail("nix-store -r ${pkgC}") - - # Copy the derivation of package D's derivation from the client to the server. - server.fail("nix-store --check-validity ${pkgD.drvPath}") - client.succeed("nix-copy-closure --to server --gzip ${pkgD.drvPath} >&2") - server.succeed("nix-store --check-validity ${pkgD.drvPath}") - - # FIXME - # client.succeed( - # "nix-store --option use-ssh-substituter true" - # " --option ssh-substituter-hosts root\@server" - # " -r ${pkgC} >&2" - # ) - # client.succeed("nix-store --check-validity ${pkgC}") - ''; + nodes = { + client = + { + config, + lib, + pkgs, + ... + }: + { + virtualisation.writableStore = true; + virtualisation.additionalPaths = [ + pkgA + pkgD.drvPath + ]; + nix.settings.substituters = lib.mkForce [ ]; + }; + + server = + { config, pkgs, ... }: + { + services.openssh.enable = true; + virtualisation.writableStore = true; + virtualisation.additionalPaths = [ + pkgB + pkgC + ]; + }; + }; + + testScript = + { nodes }: + '' + # fmt: off + import subprocess + + start_all() + + # Create an SSH key on the client. + subprocess.run([ + "${pkgs.openssh}/bin/ssh-keygen", "-t", "ed25519", "-f", "key", "-N", "" + ], capture_output=True, check=True) + + client.succeed("mkdir -m 700 /root/.ssh") + client.copy_from_host("key", "/root/.ssh/id_ed25519") + client.succeed("chmod 600 /root/.ssh/id_ed25519") + + # Install the SSH key on the server. + server.succeed("mkdir -m 700 /root/.ssh") + server.copy_from_host("key.pub", "/root/.ssh/authorized_keys") + server.wait_for_unit("sshd") + server.wait_for_unit("multi-user.target") + server.wait_for_unit("network-online.target") + + client.wait_for_unit("network-online.target") + client.succeed(f"ssh -o StrictHostKeyChecking=no {server.name} 'echo hello world'") + + # Copy the closure of package A from the client to the server. + server.fail("nix-store --check-validity ${pkgA}") + client.succeed("nix-copy-closure --to server --gzip ${pkgA} >&2") + server.succeed("nix-store --check-validity ${pkgA}") + + # Copy the closure of package B from the server to the client. + client.fail("nix-store --check-validity ${pkgB}") + client.succeed("nix-copy-closure --from server --gzip ${pkgB} >&2") + client.succeed("nix-store --check-validity ${pkgB}") + + # Copy the closure of package C via the SSH substituter. + client.fail("nix-store -r ${pkgC}") + + # Copy the derivation of package D's derivation from the client to the server. + server.fail("nix-store --check-validity ${pkgD.drvPath}") + client.succeed("nix-copy-closure --to server --gzip ${pkgD.drvPath} >&2") + server.succeed("nix-store --check-validity ${pkgD.drvPath}") + + # FIXME + # client.succeed( + # "nix-store --option use-ssh-substituter true" + # " --option ssh-substituter-hosts root\@server" + # " -r ${pkgC} >&2" + # ) + # client.succeed("nix-store --check-validity ${pkgC}") + ''; } diff --git a/tests/nixos/nix-copy.nix b/tests/nixos/nix-copy.nix index a6a04b52ca6..3565e83e71a 100644 --- a/tests/nixos/nix-copy.nix +++ b/tests/nixos/nix-copy.nix @@ -2,7 +2,13 @@ # Run interactively with: # rm key key.pub; nix run .#hydraJobs.tests.nix-copy.driverInteractive -{ lib, config, nixpkgs, hostPkgs, ... }: +{ + lib, + config, + nixpkgs, + hostPkgs, + ... +}: let pkgs = config.nodes.client.nixpkgs.pkgs; @@ -12,101 +18,117 @@ let pkgC = pkgs.hello; pkgD = pkgs.tmux; -in { +in +{ name = "nix-copy"; enableOCR = true; - nodes = - { client = - { config, lib, pkgs, ... }: - { virtualisation.writableStore = true; - virtualisation.additionalPaths = [ pkgA pkgD.drvPath ]; - nix.settings.substituters = lib.mkForce [ ]; - nix.settings.experimental-features = [ "nix-command" ]; - services.getty.autologinUser = "root"; - programs.ssh.extraConfig = '' - Host * - ControlMaster auto - ControlPath ~/.ssh/master-%h:%r@%n:%p - ControlPersist 15m - ''; - }; - - server = - { config, pkgs, ... }: - { services.openssh.enable = true; - services.openssh.settings.PermitRootLogin = "yes"; - users.users.root.hashedPasswordFile = null; - users.users.root.password = "foobar"; - virtualisation.writableStore = true; - virtualisation.additionalPaths = [ pkgB pkgC ]; - }; - }; - - testScript = { nodes }: '' - # fmt: off - import subprocess - - # Create an SSH key on the client. - subprocess.run([ - "${pkgs.openssh}/bin/ssh-keygen", "-t", "ed25519", "-f", "key", "-N", "" - ], capture_output=True, check=True) - - start_all() - - server.wait_for_unit("sshd") - server.wait_for_unit("multi-user.target") - server.wait_for_unit("network-online.target") - - client.wait_for_unit("network-online.target") - client.wait_for_unit("getty@tty1.service") - # Either the prompt: ]# - # or an OCR misreading of it: 1# - client.wait_for_text("[]1]#") - - # Copy the closure of package A from the client to the server using password authentication, - # and check that all prompts are visible - server.fail("nix-store --check-validity ${pkgA}") - client.send_chars("nix copy --to ssh://server ${pkgA} >&2; echo -n do; echo ne\n") - client.wait_for_text("continue connecting") - client.send_chars("yes\n") - client.wait_for_text("Password:") - client.send_chars("foobar\n") - client.wait_for_text("done") - server.succeed("nix-store --check-validity ${pkgA}") - - # Check that ControlMaster is working - client.send_chars("nix copy --to ssh://server ${pkgA} >&2; echo done\n") - client.wait_for_text("done") - - client.copy_from_host("key", "/root/.ssh/id_ed25519") - client.succeed("chmod 600 /root/.ssh/id_ed25519") - - # Install the SSH key on the server. - server.copy_from_host("key.pub", "/root/.ssh/authorized_keys") - server.succeed("systemctl restart sshd") - client.succeed(f"ssh -o StrictHostKeyChecking=no {server.name} 'echo hello world'") - client.succeed(f"ssh -O check {server.name}") - client.succeed(f"ssh -O exit {server.name}") - client.fail(f"ssh -O check {server.name}") - - # Check that an explicit master will work - client.succeed(f"ssh -MNfS /tmp/master {server.name}") - client.succeed(f"ssh -S /tmp/master -O check {server.name}") - client.succeed("NIX_SSHOPTS='-oControlPath=/tmp/master' nix copy --to ssh://server ${pkgA} >&2") - client.succeed(f"ssh -S /tmp/master -O exit {server.name}") - - # Copy the closure of package B from the server to the client, using ssh-ng. - client.fail("nix-store --check-validity ${pkgB}") - # Shouldn't download untrusted paths by default - client.fail("nix copy --from ssh-ng://server ${pkgB} >&2") - client.succeed("nix copy --no-check-sigs --from ssh-ng://server ${pkgB} >&2") - client.succeed("nix-store --check-validity ${pkgB}") - - # Copy the derivation of package D's derivation from the client to the server. - server.fail("nix-store --check-validity ${pkgD.drvPath}") - client.succeed("nix copy --derivation --to ssh://server ${pkgD.drvPath} >&2") - server.succeed("nix-store --check-validity ${pkgD.drvPath}") - ''; + nodes = { + client = + { + config, + lib, + pkgs, + ... + }: + { + virtualisation.writableStore = true; + virtualisation.additionalPaths = [ + pkgA + pkgD.drvPath + ]; + nix.settings.substituters = lib.mkForce [ ]; + nix.settings.experimental-features = [ "nix-command" ]; + services.getty.autologinUser = "root"; + programs.ssh.extraConfig = '' + Host * + ControlMaster auto + ControlPath ~/.ssh/master-%h:%r@%n:%p + ControlPersist 15m + ''; + }; + + server = + { config, pkgs, ... }: + { + services.openssh.enable = true; + services.openssh.settings.PermitRootLogin = "yes"; + users.users.root.hashedPasswordFile = null; + users.users.root.password = "foobar"; + virtualisation.writableStore = true; + virtualisation.additionalPaths = [ + pkgB + pkgC + ]; + }; + }; + + testScript = + { nodes }: + '' + # fmt: off + import subprocess + + # Create an SSH key on the client. + subprocess.run([ + "${pkgs.openssh}/bin/ssh-keygen", "-t", "ed25519", "-f", "key", "-N", "" + ], capture_output=True, check=True) + + start_all() + + server.wait_for_unit("sshd") + server.wait_for_unit("multi-user.target") + server.wait_for_unit("network-online.target") + + client.wait_for_unit("network-online.target") + client.wait_for_unit("getty@tty1.service") + # Either the prompt: ]# + # or an OCR misreading of it: 1# + client.wait_for_text("[]1]#") + + # Copy the closure of package A from the client to the server using password authentication, + # and check that all prompts are visible + server.fail("nix-store --check-validity ${pkgA}") + client.send_chars("nix copy --to ssh://server ${pkgA} >&2; echo -n do; echo ne\n") + client.wait_for_text("continue connecting") + client.send_chars("yes\n") + client.wait_for_text("Password:") + client.send_chars("foobar\n") + client.wait_for_text("done") + server.succeed("nix-store --check-validity ${pkgA}") + + # Check that ControlMaster is working + client.send_chars("nix copy --to ssh://server ${pkgA} >&2; echo done\n") + client.wait_for_text("done") + + client.copy_from_host("key", "/root/.ssh/id_ed25519") + client.succeed("chmod 600 /root/.ssh/id_ed25519") + + # Install the SSH key on the server. + server.copy_from_host("key.pub", "/root/.ssh/authorized_keys") + server.succeed("systemctl restart sshd") + client.succeed(f"ssh -o StrictHostKeyChecking=no {server.name} 'echo hello world'") + client.succeed(f"ssh -O check {server.name}") + client.succeed(f"ssh -O exit {server.name}") + client.fail(f"ssh -O check {server.name}") + + # Check that an explicit master will work + client.succeed(f"ssh -MNfS /tmp/master {server.name}") + client.succeed(f"ssh -S /tmp/master -O check {server.name}") + client.succeed("NIX_SSHOPTS='-oControlPath=/tmp/master' nix copy --to ssh://server ${pkgA} >&2") + client.succeed(f"ssh -S /tmp/master -O exit {server.name}") + + # Copy the closure of package B from the server to the client, using ssh-ng. + client.fail("nix-store --check-validity ${pkgB}") + # Shouldn't download untrusted paths by default + client.fail("nix copy --from ssh-ng://server ${pkgB} >&2") + client.succeed("nix copy --no-check-sigs --from ssh-ng://server ${pkgB} >&2") + client.succeed("nix-store --check-validity ${pkgB}") + + # Copy the derivation of package D's derivation from the client to the server. + server.fail("nix-store --check-validity ${pkgD.drvPath}") + client.succeed("nix copy --derivation --to ssh://server ${pkgD.drvPath} >&2") + server.succeed("nix-store --check-validity ${pkgD.drvPath}") + ''; } diff --git a/tests/nixos/nix-docker.nix b/tests/nixos/nix-docker.nix index 00b04482c15..bd77b25c8b2 100644 --- a/tests/nixos/nix-docker.nix +++ b/tests/nixos/nix-docker.nix @@ -1,6 +1,12 @@ # Test the container built by ../../docker.nix. -{ lib, config, nixpkgs, hostPkgs, ... }: +{ + lib, + config, + nixpkgs, + hostPkgs, + ... +}: let pkgs = config.nodes.machine.nixpkgs.pkgs; @@ -19,36 +25,54 @@ let containerTestScript = ./nix-docker-test.sh; -in { +in +{ name = "nix-docker"; - nodes = - { machine = - { config, lib, pkgs, ... }: - { virtualisation.diskSize = 4096; - }; - cache = - { config, lib, pkgs, ... }: - { virtualisation.additionalPaths = [ pkgs.stdenv pkgs.hello ]; - services.harmonia.enable = true; - networking.firewall.allowedTCPPorts = [ 5000 ]; - }; - }; - - testScript = { nodes }: '' - cache.wait_for_unit("harmonia.service") - cache.wait_for_unit("network-online.target") - - machine.succeed("mkdir -p /etc/containers") - machine.succeed("""echo '{"default":[{"type":"insecureAcceptAnything"}]}' > /etc/containers/policy.json""") - - machine.succeed("${pkgs.podman}/bin/podman load -i ${nixImage}") - machine.succeed("${pkgs.podman}/bin/podman run --rm nix nix --version") - machine.succeed("${pkgs.podman}/bin/podman run --rm -i nix < ${containerTestScript}") - - machine.succeed("${pkgs.podman}/bin/podman load -i ${nixUserImage}") - machine.succeed("${pkgs.podman}/bin/podman run --rm nix-user nix --version") - machine.succeed("${pkgs.podman}/bin/podman run --rm -i nix-user < ${containerTestScript}") - machine.succeed("[[ $(${pkgs.podman}/bin/podman run --rm nix-user stat -c %u /nix/store) = 1000 ]]") - ''; + nodes = { + machine = + { + config, + lib, + pkgs, + ... + }: + { + virtualisation.diskSize = 4096; + }; + cache = + { + config, + lib, + pkgs, + ... + }: + { + virtualisation.additionalPaths = [ + pkgs.stdenv + pkgs.hello + ]; + services.harmonia.enable = true; + networking.firewall.allowedTCPPorts = [ 5000 ]; + }; + }; + + testScript = + { nodes }: + '' + cache.wait_for_unit("harmonia.service") + cache.wait_for_unit("network-online.target") + + machine.succeed("mkdir -p /etc/containers") + machine.succeed("""echo '{"default":[{"type":"insecureAcceptAnything"}]}' > /etc/containers/policy.json""") + + machine.succeed("${pkgs.podman}/bin/podman load -i ${nixImage}") + machine.succeed("${pkgs.podman}/bin/podman run --rm nix nix --version") + machine.succeed("${pkgs.podman}/bin/podman run --rm -i nix < ${containerTestScript}") + + machine.succeed("${pkgs.podman}/bin/podman load -i ${nixUserImage}") + machine.succeed("${pkgs.podman}/bin/podman run --rm nix-user nix --version") + machine.succeed("${pkgs.podman}/bin/podman run --rm -i nix-user < ${containerTestScript}") + machine.succeed("[[ $(${pkgs.podman}/bin/podman run --rm nix-user stat -c %u /nix/store) = 1000 ]]") + ''; } diff --git a/tests/nixos/nss-preload.nix b/tests/nixos/nss-preload.nix index b7e704f395d..29cd5e6a296 100644 --- a/tests/nixos/nss-preload.nix +++ b/tests/nixos/nss-preload.nix @@ -1,4 +1,9 @@ -{ lib, config, nixpkgs, ... }: +{ + lib, + config, + nixpkgs, + ... +}: let @@ -44,81 +49,119 @@ in name = "nss-preload"; nodes = { - http_dns = { lib, pkgs, config, ... }: { - networking.firewall.enable = false; - networking.interfaces.eth1.ipv6.addresses = lib.mkForce [ - { address = "fd21::1"; prefixLength = 64; } - ]; - networking.interfaces.eth1.ipv4.addresses = lib.mkForce [ - { address = "192.168.0.1"; prefixLength = 24; } - ]; - - services.unbound = { - enable = true; - enableRootTrustAnchor = false; - settings = { - server = { - interface = [ "192.168.0.1" "fd21::1" "::1" "127.0.0.1" ]; - access-control = [ "192.168.0.0/24 allow" "fd21::/64 allow" "::1 allow" "127.0.0.0/8 allow" ]; - local-data = [ - ''"example.com. IN A 192.168.0.1"'' - ''"example.com. IN AAAA fd21::1"'' - ''"tarballs.nixos.org. IN A 192.168.0.1"'' - ''"tarballs.nixos.org. IN AAAA fd21::1"'' - ]; + http_dns = + { + lib, + pkgs, + config, + ... + }: + { + networking.firewall.enable = false; + networking.interfaces.eth1.ipv6.addresses = lib.mkForce [ + { + address = "fd21::1"; + prefixLength = 64; + } + ]; + networking.interfaces.eth1.ipv4.addresses = lib.mkForce [ + { + address = "192.168.0.1"; + prefixLength = 24; + } + ]; + + services.unbound = { + enable = true; + enableRootTrustAnchor = false; + settings = { + server = { + interface = [ + "192.168.0.1" + "fd21::1" + "::1" + "127.0.0.1" + ]; + access-control = [ + "192.168.0.0/24 allow" + "fd21::/64 allow" + "::1 allow" + "127.0.0.0/8 allow" + ]; + local-data = [ + ''"example.com. IN A 192.168.0.1"'' + ''"example.com. IN AAAA fd21::1"'' + ''"tarballs.nixos.org. IN A 192.168.0.1"'' + ''"tarballs.nixos.org. IN AAAA fd21::1"'' + ]; + }; }; }; - }; - services.nginx = { - enable = true; - virtualHosts."example.com" = { - root = pkgs.runCommand "testdir" {} '' - mkdir "$out" - echo hello world > "$out/index.html" - ''; + services.nginx = { + enable = true; + virtualHosts."example.com" = { + root = pkgs.runCommand "testdir" { } '' + mkdir "$out" + echo hello world > "$out/index.html" + ''; + }; }; }; - }; # client consumes a remote resolver - client = { lib, nodes, pkgs, ... }: { - networking.useDHCP = false; - networking.nameservers = [ - (lib.head nodes.http_dns.networking.interfaces.eth1.ipv6.addresses).address - (lib.head nodes.http_dns.networking.interfaces.eth1.ipv4.addresses).address - ]; - networking.interfaces.eth1.ipv6.addresses = [ - { address = "fd21::10"; prefixLength = 64; } - ]; - networking.interfaces.eth1.ipv4.addresses = [ - { address = "192.168.0.10"; prefixLength = 24; } - ]; - - nix.settings.extra-sandbox-paths = lib.mkForce []; - nix.settings.substituters = lib.mkForce []; - nix.settings.sandbox = lib.mkForce true; - }; + client = + { + lib, + nodes, + pkgs, + ... + }: + { + networking.useDHCP = false; + networking.nameservers = [ + (lib.head nodes.http_dns.networking.interfaces.eth1.ipv6.addresses).address + (lib.head nodes.http_dns.networking.interfaces.eth1.ipv4.addresses).address + ]; + networking.interfaces.eth1.ipv6.addresses = [ + { + address = "fd21::10"; + prefixLength = 64; + } + ]; + networking.interfaces.eth1.ipv4.addresses = [ + { + address = "192.168.0.10"; + prefixLength = 24; + } + ]; + + nix.settings.extra-sandbox-paths = lib.mkForce [ ]; + nix.settings.substituters = lib.mkForce [ ]; + nix.settings.sandbox = lib.mkForce true; + }; }; - testScript = { nodes, ... }: '' - http_dns.wait_for_unit("network-online.target") - http_dns.wait_for_unit("nginx") - http_dns.wait_for_open_port(80) - http_dns.wait_for_unit("unbound") - http_dns.wait_for_open_port(53) - - client.start() - client.wait_for_unit('multi-user.target') - client.wait_for_unit('network-online.target') - - with subtest("can fetch data from a remote server outside sandbox"): - client.succeed("nix --version >&2") - client.succeed("curl -vvv http://example.com/index.html >&2") - - with subtest("nix-build can lookup dns and fetch data"): - client.succeed(""" - nix-build ${nix-fetch} >&2 - """) - ''; + testScript = + { nodes, ... }: + '' + http_dns.wait_for_unit("network-online.target") + http_dns.wait_for_unit("nginx") + http_dns.wait_for_open_port(80) + http_dns.wait_for_unit("unbound") + http_dns.wait_for_open_port(53) + + client.start() + client.wait_for_unit('multi-user.target') + client.wait_for_unit('network-online.target') + + with subtest("can fetch data from a remote server outside sandbox"): + client.succeed("nix --version >&2") + client.succeed("curl -vvv http://example.com/index.html >&2") + + with subtest("nix-build can lookup dns and fetch data"): + client.succeed(""" + nix-build ${nix-fetch} >&2 + """) + ''; } diff --git a/tests/nixos/remote-builds-ssh-ng.nix b/tests/nixos/remote-builds-ssh-ng.nix index 3562d2d2f6b..72652202932 100644 --- a/tests/nixos/remote-builds-ssh-ng.nix +++ b/tests/nixos/remote-builds-ssh-ng.nix @@ -1,11 +1,17 @@ -test@{ config, lib, hostPkgs, ... }: +test@{ + config, + lib, + hostPkgs, + ... +}: let pkgs = config.nodes.client.nixpkgs.pkgs; # Trivial Nix expression to build remotely. - expr = config: nr: pkgs.writeText "expr.nix" - '' + expr = + config: nr: + pkgs.writeText "expr.nix" '' let utils = builtins.storePath ${config.system.build.extraUtils}; in derivation { name = "hello-${toString nr}"; @@ -41,87 +47,94 @@ in config = { name = lib.mkDefault "remote-builds-ssh-ng"; - nodes = - { - builder = - { config, pkgs, ... }: - { - imports = [ test.config.builders.config ]; - services.openssh.enable = true; - virtualisation.writableStore = true; - nix.settings.sandbox = true; - nix.settings.substituters = lib.mkForce [ ]; - }; - - client = - { config, lib, pkgs, ... }: - { - nix.settings.max-jobs = 0; # force remote building - nix.distributedBuilds = true; - nix.buildMachines = - [{ - hostName = "builder"; - sshUser = "root"; - sshKey = "/root/.ssh/id_ed25519"; - system = "i686-linux"; - maxJobs = 1; - protocol = "ssh-ng"; - }]; - virtualisation.writableStore = true; - virtualisation.additionalPaths = [ config.system.build.extraUtils ]; - nix.settings.substituters = lib.mkForce [ ]; - programs.ssh.extraConfig = "ConnectTimeout 30"; - }; - }; - - testScript = { nodes }: '' - # fmt: off - import subprocess - - start_all() - - # Create an SSH key on the client. - subprocess.run([ - "${hostPkgs.openssh}/bin/ssh-keygen", "-t", "ed25519", "-f", "key", "-N", "" - ], capture_output=True, check=True) - client.succeed("mkdir -p -m 700 /root/.ssh") - client.copy_from_host("key", "/root/.ssh/id_ed25519") - client.succeed("chmod 600 /root/.ssh/id_ed25519") - - # Install the SSH key on the builder. - client.wait_for_unit("network-online.target") - builder.succeed("mkdir -p -m 700 /root/.ssh") - builder.copy_from_host("key.pub", "/root/.ssh/authorized_keys") - builder.wait_for_unit("sshd") - builder.wait_for_unit("multi-user.target") - builder.wait_for_unit("network-online.target") - - client.succeed(f"ssh -o StrictHostKeyChecking=no {builder.name} 'echo hello world'") - - # Perform a build - out = client.succeed("nix-build ${expr nodes.client 1} 2> build-output") - - # Verify that the build was done on the builder - builder.succeed(f"test -e {out.strip()}") - - # Print the build log, prefix the log lines to avoid nix intercepting lines starting with @nix - buildOutput = client.succeed("sed -e 's/^/build-output:/' build-output") - print(buildOutput) - - # Make sure that we get the expected build output - client.succeed("grep -qF Hello build-output") - - # We don't want phase reporting in the build output - client.fail("grep -qF '@nix' build-output") - - # Get the log file - client.succeed(f"nix-store --read-log {out.strip()} > log-output") - # Prefix the log lines to avoid nix intercepting lines starting with @nix - logOutput = client.succeed("sed -e 's/^/log-file:/' log-output") - print(logOutput) - - # Check that we get phase reporting in the log file - client.succeed("grep -q '@nix {\"action\":\"setPhase\",\"phase\":\"buildPhase\"}' log-output") - ''; + nodes = { + builder = + { config, pkgs, ... }: + { + imports = [ test.config.builders.config ]; + services.openssh.enable = true; + virtualisation.writableStore = true; + nix.settings.sandbox = true; + nix.settings.substituters = lib.mkForce [ ]; + }; + + client = + { + config, + lib, + pkgs, + ... + }: + { + nix.settings.max-jobs = 0; # force remote building + nix.distributedBuilds = true; + nix.buildMachines = [ + { + hostName = "builder"; + sshUser = "root"; + sshKey = "/root/.ssh/id_ed25519"; + system = "i686-linux"; + maxJobs = 1; + protocol = "ssh-ng"; + } + ]; + virtualisation.writableStore = true; + virtualisation.additionalPaths = [ config.system.build.extraUtils ]; + nix.settings.substituters = lib.mkForce [ ]; + programs.ssh.extraConfig = "ConnectTimeout 30"; + }; + }; + + testScript = + { nodes }: + '' + # fmt: off + import subprocess + + start_all() + + # Create an SSH key on the client. + subprocess.run([ + "${hostPkgs.openssh}/bin/ssh-keygen", "-t", "ed25519", "-f", "key", "-N", "" + ], capture_output=True, check=True) + client.succeed("mkdir -p -m 700 /root/.ssh") + client.copy_from_host("key", "/root/.ssh/id_ed25519") + client.succeed("chmod 600 /root/.ssh/id_ed25519") + + # Install the SSH key on the builder. + client.wait_for_unit("network-online.target") + builder.succeed("mkdir -p -m 700 /root/.ssh") + builder.copy_from_host("key.pub", "/root/.ssh/authorized_keys") + builder.wait_for_unit("sshd") + builder.wait_for_unit("multi-user.target") + builder.wait_for_unit("network-online.target") + + client.succeed(f"ssh -o StrictHostKeyChecking=no {builder.name} 'echo hello world'") + + # Perform a build + out = client.succeed("nix-build ${expr nodes.client 1} 2> build-output") + + # Verify that the build was done on the builder + builder.succeed(f"test -e {out.strip()}") + + # Print the build log, prefix the log lines to avoid nix intercepting lines starting with @nix + buildOutput = client.succeed("sed -e 's/^/build-output:/' build-output") + print(buildOutput) + + # Make sure that we get the expected build output + client.succeed("grep -qF Hello build-output") + + # We don't want phase reporting in the build output + client.fail("grep -qF '@nix' build-output") + + # Get the log file + client.succeed(f"nix-store --read-log {out.strip()} > log-output") + # Prefix the log lines to avoid nix intercepting lines starting with @nix + logOutput = client.succeed("sed -e 's/^/log-file:/' log-output") + print(logOutput) + + # Check that we get phase reporting in the log file + client.succeed("grep -q '@nix {\"action\":\"setPhase\",\"phase\":\"buildPhase\"}' log-output") + ''; }; } diff --git a/tests/nixos/remote-builds.nix b/tests/nixos/remote-builds.nix index 4fca4b93849..3251984db5e 100644 --- a/tests/nixos/remote-builds.nix +++ b/tests/nixos/remote-builds.nix @@ -1,6 +1,11 @@ # Test Nix's remote build feature. -test@{ config, lib, hostPkgs, ... }: +test@{ + config, + lib, + hostPkgs, + ... +}: let pkgs = config.nodes.client.nixpkgs.pkgs; @@ -21,8 +26,9 @@ let }; # Trivial Nix expression to build remotely. - expr = config: nr: pkgs.writeText "expr.nix" - '' + expr = + config: nr: + pkgs.writeText "expr.nix" '' let utils = builtins.storePath ${config.system.build.extraUtils}; in derivation { name = "hello-${toString nr}"; @@ -52,107 +58,112 @@ in config = { name = lib.mkDefault "remote-builds"; - nodes = - { - builder1 = builder; - builder2 = builder; - - client = - { config, lib, pkgs, ... }: - { - nix.settings.max-jobs = 0; # force remote building - nix.distributedBuilds = true; - nix.buildMachines = - [ - { - hostName = "builder1"; - sshUser = "root"; - sshKey = "/root/.ssh/id_ed25519"; - system = "i686-linux"; - maxJobs = 1; - } - { - hostName = "builder2"; - sshUser = "root"; - sshKey = "/root/.ssh/id_ed25519"; - system = "i686-linux"; - maxJobs = 1; - } - ]; - virtualisation.writableStore = true; - virtualisation.additionalPaths = [ config.system.build.extraUtils ]; - nix.settings.substituters = lib.mkForce [ ]; - programs.ssh.extraConfig = "ConnectTimeout 30"; - environment.systemPackages = [ - # `bad-shell` is used to make sure Nix works in an environment with a misbehaving shell. - # - # More realistically, a bad shell would still run the command ("echo started") - # but considering that our solution is to avoid this shell (set via $SHELL), we - # don't need to bother with a more functional mock shell. - (pkgs.writeScriptBin "bad-shell" '' - #!${pkgs.runtimeShell} - echo "Hello, I am a broken shell" - '') - ]; - }; - }; - - testScript = { nodes }: '' - # fmt: off - import subprocess - - start_all() - - # Create an SSH key on the client. - subprocess.run([ - "${hostPkgs.openssh}/bin/ssh-keygen", "-t", "ed25519", "-f", "key", "-N", "" - ], capture_output=True, check=True) - client.succeed("mkdir -p -m 700 /root/.ssh") - client.copy_from_host("key", "/root/.ssh/id_ed25519") - client.succeed("chmod 600 /root/.ssh/id_ed25519") - - # Install the SSH key on the builders. - client.wait_for_unit("network-online.target") - for builder in [builder1, builder2]: - builder.succeed("mkdir -p -m 700 /root/.ssh") - builder.copy_from_host("key.pub", "/root/.ssh/authorized_keys") - builder.wait_for_unit("sshd") - builder.wait_for_unit("network-online.target") - # Make sure the builder can handle our login correctly - builder.wait_for_unit("multi-user.target") - # Make sure there's no funny business on the client either - # (should not be necessary, but we have reason to be careful) - client.wait_for_unit("multi-user.target") - client.succeed(f""" - ssh -o StrictHostKeyChecking=no {builder.name} \ - 'echo hello world on $(hostname)' >&2 - """) - - ${lib.optionalString supportsBadShell '' - # Check that SSH uses SHELL for LocalCommand, as expected, and check that - # our test setup here is working. The next test will use this bad SHELL. - client.succeed(f"SHELL=$(which bad-shell) ssh -oLocalCommand='true' -oPermitLocalCommand=yes {builder1.name} 'echo hello world' | grep -F 'Hello, I am a broken shell'") - ''} - - # Perform a build and check that it was performed on the builder. - out = client.succeed( - "${lib.optionalString supportsBadShell "SHELL=$(which bad-shell)"} nix-build ${expr nodes.client 1} 2> build-output", - "grep -q Hello build-output" - ) - builder1.succeed(f"test -e {out}") - - # And a parallel build. - paths = client.succeed(r'nix-store -r $(nix-instantiate ${expr nodes.client 2})\!out $(nix-instantiate ${expr nodes.client 3})\!out') - out1, out2 = paths.split() - builder1.succeed(f"test -e {out1} -o -e {out2}") - builder2.succeed(f"test -e {out1} -o -e {out2}") - - # And a failing build. - client.fail("nix-build ${expr nodes.client 5}") - - # Test whether the build hook automatically skips unavailable builders. - builder1.block() - client.succeed("nix-build ${expr nodes.client 4}") - ''; + nodes = { + builder1 = builder; + builder2 = builder; + + client = + { + config, + lib, + pkgs, + ... + }: + { + nix.settings.max-jobs = 0; # force remote building + nix.distributedBuilds = true; + nix.buildMachines = [ + { + hostName = "builder1"; + sshUser = "root"; + sshKey = "/root/.ssh/id_ed25519"; + system = "i686-linux"; + maxJobs = 1; + } + { + hostName = "builder2"; + sshUser = "root"; + sshKey = "/root/.ssh/id_ed25519"; + system = "i686-linux"; + maxJobs = 1; + } + ]; + virtualisation.writableStore = true; + virtualisation.additionalPaths = [ config.system.build.extraUtils ]; + nix.settings.substituters = lib.mkForce [ ]; + programs.ssh.extraConfig = "ConnectTimeout 30"; + environment.systemPackages = [ + # `bad-shell` is used to make sure Nix works in an environment with a misbehaving shell. + # + # More realistically, a bad shell would still run the command ("echo started") + # but considering that our solution is to avoid this shell (set via $SHELL), we + # don't need to bother with a more functional mock shell. + (pkgs.writeScriptBin "bad-shell" '' + #!${pkgs.runtimeShell} + echo "Hello, I am a broken shell" + '') + ]; + }; + }; + + testScript = + { nodes }: + '' + # fmt: off + import subprocess + + start_all() + + # Create an SSH key on the client. + subprocess.run([ + "${hostPkgs.openssh}/bin/ssh-keygen", "-t", "ed25519", "-f", "key", "-N", "" + ], capture_output=True, check=True) + client.succeed("mkdir -p -m 700 /root/.ssh") + client.copy_from_host("key", "/root/.ssh/id_ed25519") + client.succeed("chmod 600 /root/.ssh/id_ed25519") + + # Install the SSH key on the builders. + client.wait_for_unit("network-online.target") + for builder in [builder1, builder2]: + builder.succeed("mkdir -p -m 700 /root/.ssh") + builder.copy_from_host("key.pub", "/root/.ssh/authorized_keys") + builder.wait_for_unit("sshd") + builder.wait_for_unit("network-online.target") + # Make sure the builder can handle our login correctly + builder.wait_for_unit("multi-user.target") + # Make sure there's no funny business on the client either + # (should not be necessary, but we have reason to be careful) + client.wait_for_unit("multi-user.target") + client.succeed(f""" + ssh -o StrictHostKeyChecking=no {builder.name} \ + 'echo hello world on $(hostname)' >&2 + """) + + ${lib.optionalString supportsBadShell '' + # Check that SSH uses SHELL for LocalCommand, as expected, and check that + # our test setup here is working. The next test will use this bad SHELL. + client.succeed(f"SHELL=$(which bad-shell) ssh -oLocalCommand='true' -oPermitLocalCommand=yes {builder1.name} 'echo hello world' | grep -F 'Hello, I am a broken shell'") + ''} + + # Perform a build and check that it was performed on the builder. + out = client.succeed( + "${lib.optionalString supportsBadShell "SHELL=$(which bad-shell)"} nix-build ${expr nodes.client 1} 2> build-output", + "grep -q Hello build-output" + ) + builder1.succeed(f"test -e {out}") + + # And a parallel build. + paths = client.succeed(r'nix-store -r $(nix-instantiate ${expr nodes.client 2})\!out $(nix-instantiate ${expr nodes.client 3})\!out') + out1, out2 = paths.split() + builder1.succeed(f"test -e {out1} -o -e {out2}") + builder2.succeed(f"test -e {out1} -o -e {out2}") + + # And a failing build. + client.fail("nix-build ${expr nodes.client 5}") + + # Test whether the build hook automatically skips unavailable builders. + builder1.block() + client.succeed("nix-build ${expr nodes.client 4}") + ''; }; } diff --git a/tests/nixos/s3-binary-cache-store.nix b/tests/nixos/s3-binary-cache-store.nix index f8659b830cf..8e480866070 100644 --- a/tests/nixos/s3-binary-cache-store.nix +++ b/tests/nixos/s3-binary-cache-store.nix @@ -1,4 +1,9 @@ -{ lib, config, nixpkgs, ... }: +{ + lib, + config, + nixpkgs, + ... +}: let pkgs = config.nodes.client.nixpkgs.pkgs; @@ -12,71 +17,81 @@ let storeUrl = "s3://my-cache?endpoint=http://server:9000®ion=eu-west-1"; objectThatDoesNotExist = "s3://my-cache/foo-that-does-not-exist?endpoint=http://server:9000®ion=eu-west-1"; -in { +in +{ name = "s3-binary-cache-store"; - nodes = - { server = - { config, lib, pkgs, ... }: - { virtualisation.writableStore = true; - virtualisation.additionalPaths = [ pkgA ]; - environment.systemPackages = [ pkgs.minio-client ]; - nix.extraOptions = '' - experimental-features = nix-command - substituters = + nodes = { + server = + { + config, + lib, + pkgs, + ... + }: + { + virtualisation.writableStore = true; + virtualisation.additionalPaths = [ pkgA ]; + environment.systemPackages = [ pkgs.minio-client ]; + nix.extraOptions = '' + experimental-features = nix-command + substituters = + ''; + services.minio = { + enable = true; + region = "eu-west-1"; + rootCredentialsFile = pkgs.writeText "minio-credentials-full" '' + MINIO_ROOT_USER=${accessKey} + MINIO_ROOT_PASSWORD=${secretKey} ''; - services.minio = { - enable = true; - region = "eu-west-1"; - rootCredentialsFile = pkgs.writeText "minio-credentials-full" '' - MINIO_ROOT_USER=${accessKey} - MINIO_ROOT_PASSWORD=${secretKey} - ''; - }; - networking.firewall.allowedTCPPorts = [ 9000 ]; }; + networking.firewall.allowedTCPPorts = [ 9000 ]; + }; - client = - { config, pkgs, ... }: - { virtualisation.writableStore = true; - nix.extraOptions = '' - experimental-features = nix-command - substituters = - ''; - }; - }; + client = + { config, pkgs, ... }: + { + virtualisation.writableStore = true; + nix.extraOptions = '' + experimental-features = nix-command + substituters = + ''; + }; + }; - testScript = { nodes }: '' - # fmt: off - start_all() + testScript = + { nodes }: + '' + # fmt: off + start_all() - # Create a binary cache. - server.wait_for_unit("minio") - server.wait_for_unit("network-online.target") + # Create a binary cache. + server.wait_for_unit("minio") + server.wait_for_unit("network-online.target") - server.succeed("mc config host add minio http://localhost:9000 ${accessKey} ${secretKey} --api s3v4") - server.succeed("mc mb minio/my-cache") + server.succeed("mc config host add minio http://localhost:9000 ${accessKey} ${secretKey} --api s3v4") + server.succeed("mc mb minio/my-cache") - server.succeed("${env} nix copy --to '${storeUrl}' ${pkgA}") + server.succeed("${env} nix copy --to '${storeUrl}' ${pkgA}") - client.wait_for_unit("network-online.target") + client.wait_for_unit("network-online.target") - # Test fetchurl on s3:// URLs while we're at it. - client.succeed("${env} nix eval --impure --expr 'builtins.fetchurl { name = \"foo\"; url = \"s3://my-cache/nix-cache-info?endpoint=http://server:9000®ion=eu-west-1\"; }'") + # Test fetchurl on s3:// URLs while we're at it. + client.succeed("${env} nix eval --impure --expr 'builtins.fetchurl { name = \"foo\"; url = \"s3://my-cache/nix-cache-info?endpoint=http://server:9000®ion=eu-west-1\"; }'") - # Test that the format string in the error message is properly setup and won't display `%s` instead of the failed URI - msg = client.fail("${env} nix eval --impure --expr 'builtins.fetchurl { name = \"foo\"; url = \"${objectThatDoesNotExist}\"; }' 2>&1") - if "S3 object '${objectThatDoesNotExist}' does not exist" not in msg: - print(msg) # So that you can see the message that was improperly formatted - raise Exception("Error message formatting didn't work") + # Test that the format string in the error message is properly setup and won't display `%s` instead of the failed URI + msg = client.fail("${env} nix eval --impure --expr 'builtins.fetchurl { name = \"foo\"; url = \"${objectThatDoesNotExist}\"; }' 2>&1") + if "S3 object '${objectThatDoesNotExist}' does not exist" not in msg: + print(msg) # So that you can see the message that was improperly formatted + raise Exception("Error message formatting didn't work") - # Copy a package from the binary cache. - client.fail("nix path-info ${pkgA}") + # Copy a package from the binary cache. + client.fail("nix path-info ${pkgA}") - client.succeed("${env} nix store info --store '${storeUrl}' >&2") + client.succeed("${env} nix store info --store '${storeUrl}' >&2") - client.succeed("${env} nix copy --no-check-sigs --from '${storeUrl}' ${pkgA}") + client.succeed("${env} nix copy --no-check-sigs --from '${storeUrl}' ${pkgA}") - client.succeed("nix path-info ${pkgA}") - ''; + client.succeed("nix path-info ${pkgA}") + ''; } diff --git a/tests/nixos/setuid.nix b/tests/nixos/setuid.nix index 2b66320ddaf..dc368e38373 100644 --- a/tests/nixos/setuid.nix +++ b/tests/nixos/setuid.nix @@ -1,6 +1,11 @@ # Verify that Linux builds cannot create setuid or setgid binaries. -{ lib, config, nixpkgs, ... }: +{ + lib, + config, + nixpkgs, + ... +}: let pkgs = config.nodes.machine.nixpkgs.pkgs; @@ -10,116 +15,127 @@ in name = "setuid"; nodes.machine = - { config, lib, pkgs, ... }: - { virtualisation.writableStore = true; + { + config, + lib, + pkgs, + ... + }: + { + virtualisation.writableStore = true; nix.settings.substituters = lib.mkForce [ ]; nix.nixPath = [ "nixpkgs=${lib.cleanSource pkgs.path}" ]; - virtualisation.additionalPaths = [ pkgs.stdenvNoCC pkgs.pkgsi686Linux.stdenvNoCC ]; + virtualisation.additionalPaths = [ + pkgs.stdenvNoCC + pkgs.pkgsi686Linux.stdenvNoCC + ]; }; - testScript = { nodes }: '' - # fmt: off - start_all() - - # Copying to /tmp should succeed. - machine.succeed(r""" - nix-build --no-sandbox -E '(with import {}; runCommand "foo" {} " - mkdir -p $out - cp ${pkgs.coreutils}/bin/id /tmp/id - ")' - """.strip()) - - machine.succeed('[[ $(stat -c %a /tmp/id) = 555 ]]') - - machine.succeed("rm /tmp/id") - - # Creating a setuid binary should fail. - machine.fail(r""" - nix-build --no-sandbox -E '(with import {}; runCommand "foo" {} " - mkdir -p $out - cp ${pkgs.coreutils}/bin/id /tmp/id - chmod 4755 /tmp/id - ")' - """.strip()) - - machine.succeed('[[ $(stat -c %a /tmp/id) = 555 ]]') - - machine.succeed("rm /tmp/id") - - # Creating a setgid binary should fail. - machine.fail(r""" - nix-build --no-sandbox -E '(with import {}; runCommand "foo" {} " - mkdir -p $out - cp ${pkgs.coreutils}/bin/id /tmp/id - chmod 2755 /tmp/id - ")' - """.strip()) - - machine.succeed('[[ $(stat -c %a /tmp/id) = 555 ]]') - - machine.succeed("rm /tmp/id") - - # The checks should also work on 32-bit binaries. - machine.fail(r""" - nix-build --no-sandbox -E '(with import { system = "i686-linux"; }; runCommand "foo" {} " - mkdir -p $out - cp ${pkgs.coreutils}/bin/id /tmp/id - chmod 2755 /tmp/id - ")' - """.strip()) - - machine.succeed('[[ $(stat -c %a /tmp/id) = 555 ]]') - - machine.succeed("rm /tmp/id") - - # The tests above use fchmodat(). Test chmod() as well. - machine.succeed(r""" - nix-build --no-sandbox -E '(with import {}; runCommand "foo" { buildInputs = [ perl ]; } " - mkdir -p $out - cp ${pkgs.coreutils}/bin/id /tmp/id - perl -e \"chmod 0666, qw(/tmp/id) or die\" - ")' - """.strip()) - - machine.succeed('[[ $(stat -c %a /tmp/id) = 666 ]]') - - machine.succeed("rm /tmp/id") - - machine.fail(r""" - nix-build --no-sandbox -E '(with import {}; runCommand "foo" { buildInputs = [ perl ]; } " - mkdir -p $out - cp ${pkgs.coreutils}/bin/id /tmp/id - perl -e \"chmod 04755, qw(/tmp/id) or die\" - ")' - """.strip()) - - machine.succeed('[[ $(stat -c %a /tmp/id) = 555 ]]') - - machine.succeed("rm /tmp/id") - - # And test fchmod(). - machine.succeed(r""" - nix-build --no-sandbox -E '(with import {}; runCommand "foo" { buildInputs = [ perl ]; } " - mkdir -p $out - cp ${pkgs.coreutils}/bin/id /tmp/id - perl -e \"my \\\$x; open \\\$x, qw(/tmp/id); chmod 01750, \\\$x or die\" - ")' - """.strip()) - - machine.succeed('[[ $(stat -c %a /tmp/id) = 1750 ]]') - - machine.succeed("rm /tmp/id") - - machine.fail(r""" - nix-build --no-sandbox -E '(with import {}; runCommand "foo" { buildInputs = [ perl ]; } " - mkdir -p $out - cp ${pkgs.coreutils}/bin/id /tmp/id - perl -e \"my \\\$x; open \\\$x, qw(/tmp/id); chmod 04777, \\\$x or die\" - ")' - """.strip()) - - machine.succeed('[[ $(stat -c %a /tmp/id) = 555 ]]') - - machine.succeed("rm /tmp/id") - ''; + testScript = + { nodes }: + '' + # fmt: off + start_all() + + # Copying to /tmp should succeed. + machine.succeed(r""" + nix-build --no-sandbox -E '(with import {}; runCommand "foo" {} " + mkdir -p $out + cp ${pkgs.coreutils}/bin/id /tmp/id + ")' + """.strip()) + + machine.succeed('[[ $(stat -c %a /tmp/id) = 555 ]]') + + machine.succeed("rm /tmp/id") + + # Creating a setuid binary should fail. + machine.fail(r""" + nix-build --no-sandbox -E '(with import {}; runCommand "foo" {} " + mkdir -p $out + cp ${pkgs.coreutils}/bin/id /tmp/id + chmod 4755 /tmp/id + ")' + """.strip()) + + machine.succeed('[[ $(stat -c %a /tmp/id) = 555 ]]') + + machine.succeed("rm /tmp/id") + + # Creating a setgid binary should fail. + machine.fail(r""" + nix-build --no-sandbox -E '(with import {}; runCommand "foo" {} " + mkdir -p $out + cp ${pkgs.coreutils}/bin/id /tmp/id + chmod 2755 /tmp/id + ")' + """.strip()) + + machine.succeed('[[ $(stat -c %a /tmp/id) = 555 ]]') + + machine.succeed("rm /tmp/id") + + # The checks should also work on 32-bit binaries. + machine.fail(r""" + nix-build --no-sandbox -E '(with import { system = "i686-linux"; }; runCommand "foo" {} " + mkdir -p $out + cp ${pkgs.coreutils}/bin/id /tmp/id + chmod 2755 /tmp/id + ")' + """.strip()) + + machine.succeed('[[ $(stat -c %a /tmp/id) = 555 ]]') + + machine.succeed("rm /tmp/id") + + # The tests above use fchmodat(). Test chmod() as well. + machine.succeed(r""" + nix-build --no-sandbox -E '(with import {}; runCommand "foo" { buildInputs = [ perl ]; } " + mkdir -p $out + cp ${pkgs.coreutils}/bin/id /tmp/id + perl -e \"chmod 0666, qw(/tmp/id) or die\" + ")' + """.strip()) + + machine.succeed('[[ $(stat -c %a /tmp/id) = 666 ]]') + + machine.succeed("rm /tmp/id") + + machine.fail(r""" + nix-build --no-sandbox -E '(with import {}; runCommand "foo" { buildInputs = [ perl ]; } " + mkdir -p $out + cp ${pkgs.coreutils}/bin/id /tmp/id + perl -e \"chmod 04755, qw(/tmp/id) or die\" + ")' + """.strip()) + + machine.succeed('[[ $(stat -c %a /tmp/id) = 555 ]]') + + machine.succeed("rm /tmp/id") + + # And test fchmod(). + machine.succeed(r""" + nix-build --no-sandbox -E '(with import {}; runCommand "foo" { buildInputs = [ perl ]; } " + mkdir -p $out + cp ${pkgs.coreutils}/bin/id /tmp/id + perl -e \"my \\\$x; open \\\$x, qw(/tmp/id); chmod 01750, \\\$x or die\" + ")' + """.strip()) + + machine.succeed('[[ $(stat -c %a /tmp/id) = 1750 ]]') + + machine.succeed("rm /tmp/id") + + machine.fail(r""" + nix-build --no-sandbox -E '(with import {}; runCommand "foo" { buildInputs = [ perl ]; } " + mkdir -p $out + cp ${pkgs.coreutils}/bin/id /tmp/id + perl -e \"my \\\$x; open \\\$x, qw(/tmp/id); chmod 04777, \\\$x or die\" + ")' + """.strip()) + + machine.succeed('[[ $(stat -c %a /tmp/id) = 555 ]]') + + machine.succeed("rm /tmp/id") + ''; } diff --git a/tests/nixos/sourcehut-flakes.nix b/tests/nixos/sourcehut-flakes.nix index 2f469457aca..bb26b7ebbdc 100644 --- a/tests/nixos/sourcehut-flakes.nix +++ b/tests/nixos/sourcehut-flakes.nix @@ -1,22 +1,27 @@ -{ lib, config, hostPkgs, nixpkgs, ... }: +{ + lib, + config, + hostPkgs, + nixpkgs, + ... +}: let pkgs = config.nodes.sourcehut.nixpkgs.pkgs; # Generate a fake root CA and a fake git.sr.ht certificate. - cert = pkgs.runCommand "cert" { buildInputs = [ pkgs.openssl ]; } - '' - mkdir -p $out + cert = pkgs.runCommand "cert" { buildInputs = [ pkgs.openssl ]; } '' + mkdir -p $out - openssl genrsa -out ca.key 2048 - openssl req -new -x509 -days 36500 -key ca.key \ - -subj "/C=NL/ST=Denial/L=Springfield/O=Dis/CN=Root CA" -out $out/ca.crt + openssl genrsa -out ca.key 2048 + openssl req -new -x509 -days 36500 -key ca.key \ + -subj "/C=NL/ST=Denial/L=Springfield/O=Dis/CN=Root CA" -out $out/ca.crt - openssl req -newkey rsa:2048 -nodes -keyout $out/server.key \ - -subj "/C=CN/ST=Denial/L=Springfield/O=Dis/CN=git.sr.ht" -out server.csr - openssl x509 -req -extfile <(printf "subjectAltName=DNS:git.sr.ht") \ - -days 36500 -in server.csr -CA $out/ca.crt -CAkey ca.key -CAcreateserial -out $out/server.crt - ''; + openssl req -newkey rsa:2048 -nodes -keyout $out/server.key \ + -subj "/C=CN/ST=Denial/L=Springfield/O=Dis/CN=git.sr.ht" -out server.csr + openssl x509 -req -extfile <(printf "subjectAltName=DNS:git.sr.ht") \ + -days 36500 -in server.csr -CA $out/ca.crt -CAkey ca.key -CAcreateserial -out $out/server.crt + ''; registry = pkgs.writeTextFile { name = "registry"; @@ -41,80 +46,92 @@ let destination = "/flake-registry.json"; }; - nixpkgs-repo = pkgs.runCommand "nixpkgs-flake" { } - '' - dir=NixOS-nixpkgs-${nixpkgs.shortRev} - cp -prd ${nixpkgs} $dir + nixpkgs-repo = pkgs.runCommand "nixpkgs-flake" { } '' + dir=NixOS-nixpkgs-${nixpkgs.shortRev} + cp -prd ${nixpkgs} $dir - # Set the correct timestamp in the tarball. - find $dir -print0 | xargs -0 touch -h -t ${builtins.substring 0 12 nixpkgs.lastModifiedDate}.${builtins.substring 12 2 nixpkgs.lastModifiedDate} -- + # Set the correct timestamp in the tarball. + find $dir -print0 | xargs -0 touch -h -t ${builtins.substring 0 12 nixpkgs.lastModifiedDate}.${ + builtins.substring 12 2 nixpkgs.lastModifiedDate + } -- - mkdir -p $out/archive - tar cfz $out/archive/${nixpkgs.rev}.tar.gz $dir --hard-dereference + mkdir -p $out/archive + tar cfz $out/archive/${nixpkgs.rev}.tar.gz $dir --hard-dereference - echo 'ref: refs/heads/master' > $out/HEAD + echo 'ref: refs/heads/master' > $out/HEAD - mkdir -p $out/info - echo -e '${nixpkgs.rev}\trefs/heads/master\n${nixpkgs.rev}\trefs/tags/foo-bar' > $out/info/refs - ''; + mkdir -p $out/info + echo -e '${nixpkgs.rev}\trefs/heads/master\n${nixpkgs.rev}\trefs/tags/foo-bar' > $out/info/refs + ''; in - { - name = "sourcehut-flakes"; +{ + name = "sourcehut-flakes"; - nodes = + nodes = { + # Impersonate git.sr.ht + sourcehut = + { config, pkgs, ... }: { - # Impersonate git.sr.ht - sourcehut = - { config, pkgs, ... }: - { - networking.firewall.allowedTCPPorts = [ 80 443 ]; - - services.httpd.enable = true; - services.httpd.adminAddr = "foo@example.org"; - services.httpd.extraConfig = '' - ErrorLog syslog:local6 - ''; - services.httpd.virtualHosts."git.sr.ht" = - { - forceSSL = true; - sslServerKey = "${cert}/server.key"; - sslServerCert = "${cert}/server.crt"; - servedDirs = - [ - { - urlPath = "/~NixOS/nixpkgs"; - dir = nixpkgs-repo; - } - { - urlPath = "/~NixOS/flake-registry/blob/master"; - dir = registry; - } - ]; - }; - }; - - client = - { config, lib, pkgs, nodes, ... }: - { - virtualisation.writableStore = true; - virtualisation.diskSize = 2048; - virtualisation.additionalPaths = [ pkgs.hello pkgs.fuse ]; - virtualisation.memorySize = 4096; - nix.settings.substituters = lib.mkForce [ ]; - nix.extraOptions = '' - experimental-features = nix-command flakes - flake-registry = https://git.sr.ht/~NixOS/flake-registry/blob/master/flake-registry.json - ''; - environment.systemPackages = [ pkgs.jq ]; - networking.hosts.${(builtins.head nodes.sourcehut.networking.interfaces.eth1.ipv4.addresses).address} = - [ "git.sr.ht" ]; - security.pki.certificateFiles = [ "${cert}/ca.crt" ]; - }; + networking.firewall.allowedTCPPorts = [ + 80 + 443 + ]; + + services.httpd.enable = true; + services.httpd.adminAddr = "foo@example.org"; + services.httpd.extraConfig = '' + ErrorLog syslog:local6 + ''; + services.httpd.virtualHosts."git.sr.ht" = { + forceSSL = true; + sslServerKey = "${cert}/server.key"; + sslServerCert = "${cert}/server.crt"; + servedDirs = [ + { + urlPath = "/~NixOS/nixpkgs"; + dir = nixpkgs-repo; + } + { + urlPath = "/~NixOS/flake-registry/blob/master"; + dir = registry; + } + ]; + }; }; - testScript = { nodes }: '' + client = + { + config, + lib, + pkgs, + nodes, + ... + }: + { + virtualisation.writableStore = true; + virtualisation.diskSize = 2048; + virtualisation.additionalPaths = [ + pkgs.hello + pkgs.fuse + ]; + virtualisation.memorySize = 4096; + nix.settings.substituters = lib.mkForce [ ]; + nix.extraOptions = '' + experimental-features = nix-command flakes + flake-registry = https://git.sr.ht/~NixOS/flake-registry/blob/master/flake-registry.json + ''; + environment.systemPackages = [ pkgs.jq ]; + networking.hosts.${(builtins.head nodes.sourcehut.networking.interfaces.eth1.ipv4.addresses).address} = + [ "git.sr.ht" ]; + security.pki.certificateFiles = [ "${cert}/ca.crt" ]; + }; + }; + + testScript = + { nodes }: + '' # fmt: off import json import time diff --git a/tests/nixos/tarball-flakes.nix b/tests/nixos/tarball-flakes.nix index 84cf377ec5b..7b3638b64b8 100644 --- a/tests/nixos/tarball-flakes.nix +++ b/tests/nixos/tarball-flakes.nix @@ -1,94 +1,106 @@ -{ lib, config, nixpkgs, ... }: +{ + lib, + config, + nixpkgs, + ... +}: let pkgs = config.nodes.machine.nixpkgs.pkgs; - root = pkgs.runCommand "nixpkgs-flake" {} - '' - mkdir -p $out/{stable,tags} - - set -x - dir=nixpkgs-${nixpkgs.shortRev} - cp -prd ${nixpkgs} $dir - # Set the correct timestamp in the tarball. - find $dir -print0 | xargs -0 touch -h -t ${builtins.substring 0 12 nixpkgs.lastModifiedDate}.${builtins.substring 12 2 nixpkgs.lastModifiedDate} -- - tar cfz $out/stable/${nixpkgs.rev}.tar.gz $dir --hard-dereference - - # Set the "Link" header on the redirect but not the final response to - # simulate an S3-like serving environment where the final host cannot set - # arbitrary headers. - cat >$out/tags/.htaccess <; rel=\"immutable\"" - EOF - ''; + root = pkgs.runCommand "nixpkgs-flake" { } '' + mkdir -p $out/{stable,tags} + + set -x + dir=nixpkgs-${nixpkgs.shortRev} + cp -prd ${nixpkgs} $dir + # Set the correct timestamp in the tarball. + find $dir -print0 | xargs -0 touch -h -t ${builtins.substring 0 12 nixpkgs.lastModifiedDate}.${ + builtins.substring 12 2 nixpkgs.lastModifiedDate + } -- + tar cfz $out/stable/${nixpkgs.rev}.tar.gz $dir --hard-dereference + + # Set the "Link" header on the redirect but not the final response to + # simulate an S3-like serving environment where the final host cannot set + # arbitrary headers. + cat >$out/tags/.htaccess <; rel=\"immutable\"" + EOF + ''; in { name = "tarball-flakes"; - nodes = - { - machine = - { config, pkgs, ... }: - { networking.firewall.allowedTCPPorts = [ 80 ]; - - services.httpd.enable = true; - services.httpd.adminAddr = "foo@example.org"; - services.httpd.extraConfig = '' - ErrorLog syslog:local6 - ''; - services.httpd.virtualHosts."localhost" = - { servedDirs = - [ { urlPath = "/"; - dir = root; - } - ]; - }; - - virtualisation.writableStore = true; - virtualisation.diskSize = 2048; - virtualisation.additionalPaths = [ pkgs.hello pkgs.fuse ]; - virtualisation.memorySize = 4096; - nix.settings.substituters = lib.mkForce [ ]; - nix.extraOptions = "experimental-features = nix-command flakes"; + nodes = { + machine = + { config, pkgs, ... }: + { + networking.firewall.allowedTCPPorts = [ 80 ]; + + services.httpd.enable = true; + services.httpd.adminAddr = "foo@example.org"; + services.httpd.extraConfig = '' + ErrorLog syslog:local6 + ''; + services.httpd.virtualHosts."localhost" = { + servedDirs = [ + { + urlPath = "/"; + dir = root; + } + ]; }; - }; - testScript = { nodes }: '' - # fmt: off - import json + virtualisation.writableStore = true; + virtualisation.diskSize = 2048; + virtualisation.additionalPaths = [ + pkgs.hello + pkgs.fuse + ]; + virtualisation.memorySize = 4096; + nix.settings.substituters = lib.mkForce [ ]; + nix.extraOptions = "experimental-features = nix-command flakes"; + }; + }; + + testScript = + { nodes }: + '' + # fmt: off + import json - start_all() + start_all() - machine.wait_for_unit("httpd.service") + machine.wait_for_unit("httpd.service") - out = machine.succeed("nix flake metadata --json http://localhost/tags/latest.tar.gz") - print(out) - info = json.loads(out) + out = machine.succeed("nix flake metadata --json http://localhost/tags/latest.tar.gz") + print(out) + info = json.loads(out) - # Check that we got redirected to the immutable URL. - assert info["locked"]["url"] == "http://localhost/stable/${nixpkgs.rev}.tar.gz" + # Check that we got redirected to the immutable URL. + assert info["locked"]["url"] == "http://localhost/stable/${nixpkgs.rev}.tar.gz" - # Check that we got a fingerprint for caching. - assert info["fingerprint"] + # Check that we got a fingerprint for caching. + assert info["fingerprint"] - # Check that we got the rev and revCount attributes. - assert info["revision"] == "${nixpkgs.rev}" - assert info["revCount"] == 1234 + # Check that we got the rev and revCount attributes. + assert info["revision"] == "${nixpkgs.rev}" + assert info["revCount"] == 1234 - # Check that a 0-byte HTTP 304 "Not modified" result works. - machine.succeed("nix flake metadata --refresh --json http://localhost/tags/latest.tar.gz") + # Check that a 0-byte HTTP 304 "Not modified" result works. + machine.succeed("nix flake metadata --refresh --json http://localhost/tags/latest.tar.gz") - # Check that fetching with rev/revCount/narHash succeeds. - machine.succeed("nix flake metadata --json http://localhost/tags/latest.tar.gz?rev=" + info["revision"]) - machine.succeed("nix flake metadata --json http://localhost/tags/latest.tar.gz?revCount=" + str(info["revCount"])) - machine.succeed("nix flake metadata --json http://localhost/tags/latest.tar.gz?narHash=" + info["locked"]["narHash"]) + # Check that fetching with rev/revCount/narHash succeeds. + machine.succeed("nix flake metadata --json http://localhost/tags/latest.tar.gz?rev=" + info["revision"]) + machine.succeed("nix flake metadata --json http://localhost/tags/latest.tar.gz?revCount=" + str(info["revCount"])) + machine.succeed("nix flake metadata --json http://localhost/tags/latest.tar.gz?narHash=" + info["locked"]["narHash"]) - # Check that fetching fails if we provide incorrect attributes. - machine.fail("nix flake metadata --json http://localhost/tags/latest.tar.gz?rev=493300eb13ae6fb387fbd47bf54a85915acc31c0") - machine.fail("nix flake metadata --json http://localhost/tags/latest.tar.gz?revCount=789") - machine.fail("nix flake metadata --json http://localhost/tags/latest.tar.gz?narHash=sha256-tbudgBSg+bHWHiHnlteNzN8TUvI80ygS9IULh4rklEw=") - ''; + # Check that fetching fails if we provide incorrect attributes. + machine.fail("nix flake metadata --json http://localhost/tags/latest.tar.gz?rev=493300eb13ae6fb387fbd47bf54a85915acc31c0") + machine.fail("nix flake metadata --json http://localhost/tags/latest.tar.gz?revCount=789") + machine.fail("nix flake metadata --json http://localhost/tags/latest.tar.gz?narHash=sha256-tbudgBSg+bHWHiHnlteNzN8TUvI80ygS9IULh4rklEw=") + ''; } diff --git a/tests/nixos/user-sandboxing/default.nix b/tests/nixos/user-sandboxing/default.nix index 8a16f44e84d..028efd17f1c 100644 --- a/tests/nixos/user-sandboxing/default.nix +++ b/tests/nixos/user-sandboxing/default.nix @@ -3,12 +3,15 @@ let pkgs = config.nodes.machine.nixpkgs.pkgs; - attacker = pkgs.runCommandWith { - name = "attacker"; - stdenv = pkgs.pkgsStatic.stdenv; - } '' - $CC -static -o $out ${./attacker.c} - ''; + attacker = + pkgs.runCommandWith + { + name = "attacker"; + stdenv = pkgs.pkgsStatic.stdenv; + } + '' + $CC -static -o $out ${./attacker.c} + ''; try-open-build-dir = pkgs.writeScript "try-open-build-dir" '' export PATH=${pkgs.coreutils}/bin:$PATH @@ -55,75 +58,88 @@ in name = "sandbox-setuid-leak"; nodes.machine = - { config, lib, pkgs, ... }: - { virtualisation.writableStore = true; + { + config, + lib, + pkgs, + ... + }: + { + virtualisation.writableStore = true; nix.settings.substituters = lib.mkForce [ ]; nix.nrBuildUsers = 1; - virtualisation.additionalPaths = [ pkgs.busybox-sandbox-shell attacker try-open-build-dir create-hello-world pkgs.socat ]; + virtualisation.additionalPaths = [ + pkgs.busybox-sandbox-shell + attacker + try-open-build-dir + create-hello-world + pkgs.socat + ]; boot.kernelPackages = pkgs.linuxPackages_latest; users.users.alice = { isNormalUser = true; }; }; - testScript = { nodes }: '' - start_all() - - with subtest("A builder can't give access to its build directory"): - # Make sure that a builder can't change the permissions on its build - # directory to the point of opening it up to external users - - # A derivation whose builder tries to make its build directory as open - # as possible and wait for someone to hijack it - machine.succeed(r""" - nix-build -v -E ' - builtins.derivation { - name = "open-build-dir"; - system = builtins.currentSystem; - builder = "${pkgs.busybox-sandbox-shell}/bin/sh"; - args = [ (builtins.storePath "${try-open-build-dir}") ]; - }' >&2 & - """.strip()) - - # Wait for the build to be ready - # This is OK because it runs as root, so we can access everything - machine.wait_for_file("/tmp/nix-build-open-build-dir.drv-0/build/syncPoint") - - # But Alice shouldn't be able to access the build directory - machine.fail("su alice -c 'ls /tmp/nix-build-open-build-dir.drv-0/build'") - machine.fail("su alice -c 'touch /tmp/nix-build-open-build-dir.drv-0/build/bar'") - machine.fail("su alice -c 'cat /tmp/nix-build-open-build-dir.drv-0/build/foo'") - - # Tell the user to finish the build - machine.succeed("echo foo > /tmp/nix-build-open-build-dir.drv-0/build/syncPoint") - - with subtest("Being able to execute stuff as the build user doesn't give access to the build dir"): - machine.succeed(r""" - nix-build -E ' - builtins.derivation { - name = "innocent"; - system = builtins.currentSystem; - builder = "${pkgs.busybox-sandbox-shell}/bin/sh"; - args = [ (builtins.storePath "${create-hello-world}") ]; - }' >&2 & - """.strip()) - machine.wait_for_file("/tmp/nix-build-innocent.drv-0/build/syncPoint") - - # The build ran as `nixbld1` (which is the only build user on the - # machine), but a process running as `nixbld1` outside the sandbox - # shouldn't be able to touch the build directory regardless - machine.fail("su nixbld1 --shell ${pkgs.busybox-sandbox-shell}/bin/sh -c 'ls /tmp/nix-build-innocent.drv-0/build'") - machine.fail("su nixbld1 --shell ${pkgs.busybox-sandbox-shell}/bin/sh -c 'echo pwned > /tmp/nix-build-innocent.drv-0/build/result'") - - # Finish the build - machine.succeed("echo foo > /tmp/nix-build-innocent.drv-0/build/syncPoint") - - # Check that the build was not affected - machine.succeed(r""" - cat ./result - test "$(cat ./result)" = "hello, world" - """.strip()) - ''; + testScript = + { nodes }: + '' + start_all() + + with subtest("A builder can't give access to its build directory"): + # Make sure that a builder can't change the permissions on its build + # directory to the point of opening it up to external users + + # A derivation whose builder tries to make its build directory as open + # as possible and wait for someone to hijack it + machine.succeed(r""" + nix-build -v -E ' + builtins.derivation { + name = "open-build-dir"; + system = builtins.currentSystem; + builder = "${pkgs.busybox-sandbox-shell}/bin/sh"; + args = [ (builtins.storePath "${try-open-build-dir}") ]; + }' >&2 & + """.strip()) + + # Wait for the build to be ready + # This is OK because it runs as root, so we can access everything + machine.wait_for_file("/tmp/nix-build-open-build-dir.drv-0/build/syncPoint") + + # But Alice shouldn't be able to access the build directory + machine.fail("su alice -c 'ls /tmp/nix-build-open-build-dir.drv-0/build'") + machine.fail("su alice -c 'touch /tmp/nix-build-open-build-dir.drv-0/build/bar'") + machine.fail("su alice -c 'cat /tmp/nix-build-open-build-dir.drv-0/build/foo'") + + # Tell the user to finish the build + machine.succeed("echo foo > /tmp/nix-build-open-build-dir.drv-0/build/syncPoint") + + with subtest("Being able to execute stuff as the build user doesn't give access to the build dir"): + machine.succeed(r""" + nix-build -E ' + builtins.derivation { + name = "innocent"; + system = builtins.currentSystem; + builder = "${pkgs.busybox-sandbox-shell}/bin/sh"; + args = [ (builtins.storePath "${create-hello-world}") ]; + }' >&2 & + """.strip()) + machine.wait_for_file("/tmp/nix-build-innocent.drv-0/build/syncPoint") + + # The build ran as `nixbld1` (which is the only build user on the + # machine), but a process running as `nixbld1` outside the sandbox + # shouldn't be able to touch the build directory regardless + machine.fail("su nixbld1 --shell ${pkgs.busybox-sandbox-shell}/bin/sh -c 'ls /tmp/nix-build-innocent.drv-0/build'") + machine.fail("su nixbld1 --shell ${pkgs.busybox-sandbox-shell}/bin/sh -c 'echo pwned > /tmp/nix-build-innocent.drv-0/build/result'") + + # Finish the build + machine.succeed("echo foo > /tmp/nix-build-innocent.drv-0/build/syncPoint") + + # Check that the build was not affected + machine.succeed(r""" + cat ./result + test "$(cat ./result)" = "hello, world" + """.strip()) + ''; } - diff --git a/tests/repl-completion.nix b/tests/repl-completion.nix index 3ba198a9860..07406e969cd 100644 --- a/tests/repl-completion.nix +++ b/tests/repl-completion.nix @@ -1,40 +1,45 @@ -{ runCommand, nix, expect }: +{ + runCommand, + nix, + expect, +}: # We only use expect when necessary, e.g. for testing tab completion in nix repl. # See also tests/functional/repl.sh -runCommand "repl-completion" { - nativeBuildInputs = [ - expect - nix - ]; - expectScript = '' - # Regression https://github.com/NixOS/nix/pull/10778 - spawn nix repl --offline --extra-experimental-features nix-command - expect "nix-repl>" - send "foo = import ./does-not-exist.nix\n" - expect "nix-repl>" - send "foo.\t" - expect { - "nix-repl>" { - puts "Got another prompt. Good." +runCommand "repl-completion" + { + nativeBuildInputs = [ + expect + nix + ]; + expectScript = '' + # Regression https://github.com/NixOS/nix/pull/10778 + spawn nix repl --offline --extra-experimental-features nix-command + expect "nix-repl>" + send "foo = import ./does-not-exist.nix\n" + expect "nix-repl>" + send "foo.\t" + expect { + "nix-repl>" { + puts "Got another prompt. Good." + } + eof { + puts "Got EOF. Bad." + exit 1 + } } - eof { - puts "Got EOF. Bad." - exit 1 - } - } - exit 0 - ''; - passAsFile = [ "expectScript" ]; -} -'' - export NIX_STORE=$TMPDIR/store - export NIX_STATE_DIR=$TMPDIR/state - export HOME=$TMPDIR/home - mkdir $HOME + exit 0 + ''; + passAsFile = [ "expectScript" ]; + } + '' + export NIX_STORE=$TMPDIR/store + export NIX_STATE_DIR=$TMPDIR/state + export HOME=$TMPDIR/home + mkdir $HOME - nix-store --init - expect $expectScriptPath - touch $out -'' \ No newline at end of file + nix-store --init + expect $expectScriptPath + touch $out + '' From f629d81df094d296fbd6965d825a5085eb0affcc Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Fri, 24 Jan 2025 22:21:27 +0100 Subject: [PATCH 125/815] test: Fix shifted source positions after formatting --- ...putDependencies-multi-elem-context.err.exp | 10 +-- ...putDependencies-wrong-element-kind.err.exp | 10 +-- ...al-fail-assert-equal-attrs-names-2.err.exp | 4 +- ...eval-fail-assert-equal-attrs-names.err.exp | 4 +- ...ail-assert-equal-derivations-extra.err.exp | 18 ++--- ...eval-fail-assert-equal-derivations.err.exp | 18 ++--- ...-fail-assert-equal-function-direct.err.exp | 4 +- ...eval-fail-assert-equal-list-length.err.exp | 4 +- .../lang/eval-fail-assert-nested-bool.err.exp | 76 ++++++++---------- .../functional/lang/eval-fail-assert.err.exp | 36 ++++----- .../lang/eval-fail-attr-name-type.err.exp | 14 ++-- ...fail-attrset-merge-drops-later-rec.err.exp | 9 ++- ...al-fail-bad-string-interpolation-4.err.exp | 8 +- .../lang/eval-fail-derivation-name.err.exp | 16 ++-- .../lang/eval-fail-dup-dynamic-attrs.err.exp | 16 ++-- .../lang/eval-fail-duplicate-traces.err.exp | 52 ++++++------ ...-fail-fetchurl-baseName-attrs-name.err.exp | 4 +- ...ake-ref-to-string-negative-integer.err.exp | 18 +++-- ...-foldlStrict-strict-op-application.err.exp | 44 +++++----- .../lang/eval-fail-hashfile-missing.err.exp | 10 +-- tests/functional/lang/eval-fail-list.err.exp | 6 +- .../lang/eval-fail-missing-arg.err.exp | 13 +-- .../lang/eval-fail-mutual-recursion.err.exp | 80 +++++++++---------- .../lang/eval-fail-nested-list-items.err.exp | 10 +-- .../lang/eval-fail-not-throws.err.exp | 12 +-- .../lang/eval-fail-overflowing-add.err.exp | 10 +-- .../lang/eval-fail-overflowing-div.err.exp | 30 +++---- .../lang/eval-fail-overflowing-mul.err.exp | 20 ++--- .../lang/eval-fail-overflowing-sub.err.exp | 10 +-- .../lang/eval-fail-recursion.err.exp | 18 +++-- .../functional/lang/eval-fail-remove.err.exp | 16 ++-- .../functional/lang/eval-fail-scope-5.err.exp | 36 ++++----- .../lang/eval-fail-undeclared-arg.err.exp | 8 +- .../eval-fail-using-set-as-attr-name.err.exp | 20 ++--- .../repl/doc-comment-curried-args.expected | 6 +- .../repl/doc-comment-formals.expected | 3 +- .../repl/doc-comment-function.expected | 3 +- tests/functional/repl/doc-compact.expected | 3 +- tests/functional/repl/doc-constant.expected | 33 ++++---- tests/functional/repl/doc-floatedIn.expected | 3 +- tests/functional/repl/doc-functor.expected | 52 ++++++------ .../repl/doc-lambda-flavors.expected | 12 ++- .../functional/repl/doc-measurement.expected | 3 +- .../functional/repl/doc-unambiguous.expected | 3 +- 44 files changed, 400 insertions(+), 385 deletions(-) diff --git a/tests/functional/lang/eval-fail-addDrvOutputDependencies-multi-elem-context.err.exp b/tests/functional/lang/eval-fail-addDrvOutputDependencies-multi-elem-context.err.exp index 6828e03c8e7..56fbffa1942 100644 --- a/tests/functional/lang/eval-fail-addDrvOutputDependencies-multi-elem-context.err.exp +++ b/tests/functional/lang/eval-fail-addDrvOutputDependencies-multi-elem-context.err.exp @@ -1,9 +1,9 @@ error: … while calling the 'addDrvOutputDependencies' builtin - at /pwd/lang/eval-fail-addDrvOutputDependencies-multi-elem-context.nix:18:4: - 17| - 18| in builtins.addDrvOutputDependencies combo-path - | ^ - 19| + at /pwd/lang/eval-fail-addDrvOutputDependencies-multi-elem-context.nix:25:1: + 24| in + 25| builtins.addDrvOutputDependencies combo-path + | ^ + 26| error: context of string '/nix/store/pg9yqs4yd85yhdm3f4i5dyaqp5jahrsz-fail.drv/nix/store/2dxd5frb715z451vbf7s8birlf3argbk-fail-2.drv' must have exactly one element, but has 2 diff --git a/tests/functional/lang/eval-fail-addDrvOutputDependencies-wrong-element-kind.err.exp b/tests/functional/lang/eval-fail-addDrvOutputDependencies-wrong-element-kind.err.exp index 72b5e636897..d8399380eb4 100644 --- a/tests/functional/lang/eval-fail-addDrvOutputDependencies-wrong-element-kind.err.exp +++ b/tests/functional/lang/eval-fail-addDrvOutputDependencies-wrong-element-kind.err.exp @@ -1,9 +1,9 @@ error: … while calling the 'addDrvOutputDependencies' builtin - at /pwd/lang/eval-fail-addDrvOutputDependencies-wrong-element-kind.nix:9:4: - 8| - 9| in builtins.addDrvOutputDependencies drv.outPath - | ^ - 10| + at /pwd/lang/eval-fail-addDrvOutputDependencies-wrong-element-kind.nix:13:1: + 12| in + 13| builtins.addDrvOutputDependencies drv.outPath + | ^ + 14| error: `addDrvOutputDependencies` can only act on derivations, not on a derivation output such as 'out' diff --git a/tests/functional/lang/eval-fail-assert-equal-attrs-names-2.err.exp b/tests/functional/lang/eval-fail-assert-equal-attrs-names-2.err.exp index 4b68d97c20c..5912e6b8c30 100644 --- a/tests/functional/lang/eval-fail-assert-equal-attrs-names-2.err.exp +++ b/tests/functional/lang/eval-fail-assert-equal-attrs-names-2.err.exp @@ -1,8 +1,8 @@ error: … while evaluating the condition of the assertion '({ a = true; } == { a = true; b = true; })' at /pwd/lang/eval-fail-assert-equal-attrs-names-2.nix:1:1: - 1| assert { a = true; } == { a = true; b = true; }; + 1| assert | ^ - 2| throw "unreachable" + 2| { error: attribute names of attribute set '{ a = true; }' differs from attribute set '{ a = true; b = true; }' diff --git a/tests/functional/lang/eval-fail-assert-equal-attrs-names.err.exp b/tests/functional/lang/eval-fail-assert-equal-attrs-names.err.exp index bc61ca63a27..a93b26324cc 100644 --- a/tests/functional/lang/eval-fail-assert-equal-attrs-names.err.exp +++ b/tests/functional/lang/eval-fail-assert-equal-attrs-names.err.exp @@ -1,8 +1,8 @@ error: … while evaluating the condition of the assertion '({ a = true; b = true; } == { a = true; })' at /pwd/lang/eval-fail-assert-equal-attrs-names.nix:1:1: - 1| assert { a = true; b = true; } == { a = true; }; + 1| assert | ^ - 2| throw "unreachable" + 2| { error: attribute names of attribute set '{ a = true; b = true; }' differs from attribute set '{ a = true; }' diff --git a/tests/functional/lang/eval-fail-assert-equal-derivations-extra.err.exp b/tests/functional/lang/eval-fail-assert-equal-derivations-extra.err.exp index 7f49240747c..9ccf5e4dc10 100644 --- a/tests/functional/lang/eval-fail-assert-equal-derivations-extra.err.exp +++ b/tests/functional/lang/eval-fail-assert-equal-derivations-extra.err.exp @@ -3,23 +3,23 @@ error: at /pwd/lang/eval-fail-assert-equal-derivations-extra.nix:1:1: 1| assert | ^ - 2| { foo = { type = "derivation"; outPath = "/nix/store/0"; }; } + 2| { … while comparing attribute 'foo' … where left hand side is - at /pwd/lang/eval-fail-assert-equal-derivations-extra.nix:2:5: - 1| assert - 2| { foo = { type = "derivation"; outPath = "/nix/store/0"; }; } + at /pwd/lang/eval-fail-assert-equal-derivations-extra.nix:3:5: + 2| { + 3| foo = { | ^ - 3| == + 4| type = "derivation"; … where right hand side is - at /pwd/lang/eval-fail-assert-equal-derivations-extra.nix:4:5: - 3| == - 4| { foo = { type = "derivation"; outPath = "/nix/store/1"; devious = true; }; }; + at /pwd/lang/eval-fail-assert-equal-derivations-extra.nix:8:5: + 7| } == { + 8| foo = { | ^ - 5| throw "unreachable" + 9| type = "derivation"; … while comparing a derivation by its 'outPath' attribute diff --git a/tests/functional/lang/eval-fail-assert-equal-derivations.err.exp b/tests/functional/lang/eval-fail-assert-equal-derivations.err.exp index d7f0face077..2be1f48583c 100644 --- a/tests/functional/lang/eval-fail-assert-equal-derivations.err.exp +++ b/tests/functional/lang/eval-fail-assert-equal-derivations.err.exp @@ -3,23 +3,23 @@ error: at /pwd/lang/eval-fail-assert-equal-derivations.nix:1:1: 1| assert | ^ - 2| { foo = { type = "derivation"; outPath = "/nix/store/0"; ignored = abort "not ignored"; }; } + 2| { … while comparing attribute 'foo' … where left hand side is - at /pwd/lang/eval-fail-assert-equal-derivations.nix:2:5: - 1| assert - 2| { foo = { type = "derivation"; outPath = "/nix/store/0"; ignored = abort "not ignored"; }; } + at /pwd/lang/eval-fail-assert-equal-derivations.nix:3:5: + 2| { + 3| foo = { | ^ - 3| == + 4| type = "derivation"; … where right hand side is - at /pwd/lang/eval-fail-assert-equal-derivations.nix:4:5: - 3| == - 4| { foo = { type = "derivation"; outPath = "/nix/store/1"; ignored = abort "not ignored"; }; }; + at /pwd/lang/eval-fail-assert-equal-derivations.nix:9:5: + 8| } == { + 9| foo = { | ^ - 5| throw "unreachable" + 10| type = "derivation"; … while comparing a derivation by its 'outPath' attribute diff --git a/tests/functional/lang/eval-fail-assert-equal-function-direct.err.exp b/tests/functional/lang/eval-fail-assert-equal-function-direct.err.exp index f06d796981b..93c88a80cd4 100644 --- a/tests/functional/lang/eval-fail-assert-equal-function-direct.err.exp +++ b/tests/functional/lang/eval-fail-assert-equal-function-direct.err.exp @@ -2,8 +2,8 @@ error: … while evaluating the condition of the assertion '((x: x) == (x: x))' at /pwd/lang/eval-fail-assert-equal-function-direct.nix:3:1: 2| # This only compares a direct comparison and makes no claims about functions in nested structures. - 3| assert + 3| assert (x: x) == (x: x); | ^ - 4| (x: x) + 4| abort "unreachable" error: distinct functions and immediate comparisons of identical functions compare as unequal diff --git a/tests/functional/lang/eval-fail-assert-equal-list-length.err.exp b/tests/functional/lang/eval-fail-assert-equal-list-length.err.exp index 90108552cf0..e82f3787517 100644 --- a/tests/functional/lang/eval-fail-assert-equal-list-length.err.exp +++ b/tests/functional/lang/eval-fail-assert-equal-list-length.err.exp @@ -1,8 +1,8 @@ error: … while evaluating the condition of the assertion '([ (1) (0) ] == [ (10) ])' at /pwd/lang/eval-fail-assert-equal-list-length.nix:1:1: - 1| assert [ 1 0 ] == [ 10 ]; + 1| assert | ^ - 2| throw "unreachable" + 2| [ error: list of size '2' is not equal to list of size '1', left hand side is '[ 1 0 ]', right hand side is '[ 10 ]' diff --git a/tests/functional/lang/eval-fail-assert-nested-bool.err.exp b/tests/functional/lang/eval-fail-assert-nested-bool.err.exp index 1debb668c98..fdc0818200b 100644 --- a/tests/functional/lang/eval-fail-assert-nested-bool.err.exp +++ b/tests/functional/lang/eval-fail-assert-nested-bool.err.exp @@ -1,74 +1,66 @@ error: … while evaluating the condition of the assertion '({ a = { b = [ ({ c = { d = true; }; }) ]; }; } == { a = { b = [ ({ c = { d = false; }; }) ]; }; })' at /pwd/lang/eval-fail-assert-nested-bool.nix:1:1: - 1| assert + 1| assert { a.b = [ { c.d = true; } ]; } == { a.b = [ { c.d = false; } ]; }; | ^ - 2| { a.b = [ { c.d = true; } ]; } + 2| … while comparing attribute 'a' … where left hand side is - at /pwd/lang/eval-fail-assert-nested-bool.nix:2:5: - 1| assert - 2| { a.b = [ { c.d = true; } ]; } - | ^ - 3| == + at /pwd/lang/eval-fail-assert-nested-bool.nix:1:10: + 1| assert { a.b = [ { c.d = true; } ]; } == { a.b = [ { c.d = false; } ]; }; + | ^ + 2| … where right hand side is - at /pwd/lang/eval-fail-assert-nested-bool.nix:4:5: - 3| == - 4| { a.b = [ { c.d = false; } ]; }; - | ^ - 5| + at /pwd/lang/eval-fail-assert-nested-bool.nix:1:44: + 1| assert { a.b = [ { c.d = true; } ]; } == { a.b = [ { c.d = false; } ]; }; + | ^ + 2| … while comparing attribute 'b' … where left hand side is - at /pwd/lang/eval-fail-assert-nested-bool.nix:2:5: - 1| assert - 2| { a.b = [ { c.d = true; } ]; } - | ^ - 3| == + at /pwd/lang/eval-fail-assert-nested-bool.nix:1:10: + 1| assert { a.b = [ { c.d = true; } ]; } == { a.b = [ { c.d = false; } ]; }; + | ^ + 2| … where right hand side is - at /pwd/lang/eval-fail-assert-nested-bool.nix:4:5: - 3| == - 4| { a.b = [ { c.d = false; } ]; }; - | ^ - 5| + at /pwd/lang/eval-fail-assert-nested-bool.nix:1:44: + 1| assert { a.b = [ { c.d = true; } ]; } == { a.b = [ { c.d = false; } ]; }; + | ^ + 2| … while comparing list element 0 … while comparing attribute 'c' … where left hand side is - at /pwd/lang/eval-fail-assert-nested-bool.nix:2:15: - 1| assert - 2| { a.b = [ { c.d = true; } ]; } - | ^ - 3| == + at /pwd/lang/eval-fail-assert-nested-bool.nix:1:20: + 1| assert { a.b = [ { c.d = true; } ]; } == { a.b = [ { c.d = false; } ]; }; + | ^ + 2| … where right hand side is - at /pwd/lang/eval-fail-assert-nested-bool.nix:4:15: - 3| == - 4| { a.b = [ { c.d = false; } ]; }; - | ^ - 5| + at /pwd/lang/eval-fail-assert-nested-bool.nix:1:54: + 1| assert { a.b = [ { c.d = true; } ]; } == { a.b = [ { c.d = false; } ]; }; + | ^ + 2| … while comparing attribute 'd' … where left hand side is - at /pwd/lang/eval-fail-assert-nested-bool.nix:2:15: - 1| assert - 2| { a.b = [ { c.d = true; } ]; } - | ^ - 3| == + at /pwd/lang/eval-fail-assert-nested-bool.nix:1:20: + 1| assert { a.b = [ { c.d = true; } ]; } == { a.b = [ { c.d = false; } ]; }; + | ^ + 2| … where right hand side is - at /pwd/lang/eval-fail-assert-nested-bool.nix:4:15: - 3| == - 4| { a.b = [ { c.d = false; } ]; }; - | ^ - 5| + at /pwd/lang/eval-fail-assert-nested-bool.nix:1:54: + 1| assert { a.b = [ { c.d = true; } ]; } == { a.b = [ { c.d = false; } ]; }; + | ^ + 2| error: boolean 'true' is not equal to boolean 'false' diff --git a/tests/functional/lang/eval-fail-assert.err.exp b/tests/functional/lang/eval-fail-assert.err.exp index 7be9e238797..5fffe79bf0d 100644 --- a/tests/functional/lang/eval-fail-assert.err.exp +++ b/tests/functional/lang/eval-fail-assert.err.exp @@ -1,30 +1,30 @@ error: … while evaluating the attribute 'body' - at /pwd/lang/eval-fail-assert.nix:4:3: - 3| - 4| body = x "x"; + at /pwd/lang/eval-fail-assert.nix:7:3: + 6| + 7| body = x "x"; | ^ - 5| } + 8| } … from call site - at /pwd/lang/eval-fail-assert.nix:4:10: - 3| - 4| body = x "x"; + at /pwd/lang/eval-fail-assert.nix:7:10: + 6| + 7| body = x "x"; | ^ - 5| } + 8| } … while calling 'x' - at /pwd/lang/eval-fail-assert.nix:2:7: - 1| let { - 2| x = arg: assert arg == "y"; 123; - | ^ - 3| + at /pwd/lang/eval-fail-assert.nix:3:5: + 2| x = + 3| arg: + | ^ + 4| assert arg == "y"; … while evaluating the condition of the assertion '(arg == "y")' - at /pwd/lang/eval-fail-assert.nix:2:12: - 1| let { - 2| x = arg: assert arg == "y"; 123; - | ^ - 3| + at /pwd/lang/eval-fail-assert.nix:4:5: + 3| arg: + 4| assert arg == "y"; + | ^ + 5| 123; error: string '"x"' is not equal to string '"y"' diff --git a/tests/functional/lang/eval-fail-attr-name-type.err.exp b/tests/functional/lang/eval-fail-attr-name-type.err.exp index 6848a35ed80..4ea209b130f 100644 --- a/tests/functional/lang/eval-fail-attr-name-type.err.exp +++ b/tests/functional/lang/eval-fail-attr-name-type.err.exp @@ -2,20 +2,20 @@ error: … while evaluating the attribute 'puppy."${key}"' at /pwd/lang/eval-fail-attr-name-type.nix:3:5: 2| attrs = { - 3| puppy.doggy = {}; + 3| puppy.doggy = { }; | ^ 4| }; … while evaluating an attribute name - at /pwd/lang/eval-fail-attr-name-type.nix:7:17: + at /pwd/lang/eval-fail-attr-name-type.nix:7:15: 6| in - 7| attrs.puppy.${key} - | ^ + 7| attrs.puppy.${key} + | ^ 8| error: expected a string but found an integer: 1 - at /pwd/lang/eval-fail-attr-name-type.nix:7:17: + at /pwd/lang/eval-fail-attr-name-type.nix:7:15: 6| in - 7| attrs.puppy.${key} - | ^ + 7| attrs.puppy.${key} + | ^ 8| diff --git a/tests/functional/lang/eval-fail-attrset-merge-drops-later-rec.err.exp b/tests/functional/lang/eval-fail-attrset-merge-drops-later-rec.err.exp index d1cdc7b769f..ba9185dce1c 100644 --- a/tests/functional/lang/eval-fail-attrset-merge-drops-later-rec.err.exp +++ b/tests/functional/lang/eval-fail-attrset-merge-drops-later-rec.err.exp @@ -1,5 +1,6 @@ error: undefined variable 'd' - at /pwd/lang/eval-fail-attrset-merge-drops-later-rec.nix:1:26: - 1| { a.b = 1; a = rec { c = d + 2; d = 3; }; }.c - | ^ - 2| + at /pwd/lang/eval-fail-attrset-merge-drops-later-rec.nix:4:9: + 3| a = rec { + 4| c = d + 2; + | ^ + 5| d = 3; diff --git a/tests/functional/lang/eval-fail-bad-string-interpolation-4.err.exp b/tests/functional/lang/eval-fail-bad-string-interpolation-4.err.exp index b262e814dbc..ea5910072c3 100644 --- a/tests/functional/lang/eval-fail-bad-string-interpolation-4.err.exp +++ b/tests/functional/lang/eval-fail-bad-string-interpolation-4.err.exp @@ -1,9 +1,9 @@ error: … while evaluating a path segment - at /pwd/lang/eval-fail-bad-string-interpolation-4.nix:9:3: - 8| # The error message should not be too long. - 9| ''${pkgs}'' + at /pwd/lang/eval-fail-bad-string-interpolation-4.nix:19:3: + 18| # The error message should not be too long. + 19| ''${pkgs}'' | ^ - 10| + 20| error: cannot coerce a set to a string: { a = { a = { a = { a = "ha"; b = "ha"; c = "ha"; d = "ha"; e = "ha"; f = "ha"; g = "ha"; h = "ha"; j = "ha"; }; «8 attributes elided» }; «8 attributes elided» }; «8 attributes elided» } diff --git a/tests/functional/lang/eval-fail-derivation-name.err.exp b/tests/functional/lang/eval-fail-derivation-name.err.exp index 0ef98674d81..017326c3490 100644 --- a/tests/functional/lang/eval-fail-derivation-name.err.exp +++ b/tests/functional/lang/eval-fail-derivation-name.err.exp @@ -1,17 +1,17 @@ error: … while evaluating the attribute 'outPath' at ::: - | value = commonAttrs // { - | outPath = builtins.getAttr outputName strict; - | ^ - | drvPath = strict.drvPath; + | value = commonAttrs // { + | outPath = builtins.getAttr outputName strict; + | ^ + | drvPath = strict.drvPath; … while calling the 'getAttr' builtin at ::: - | value = commonAttrs // { - | outPath = builtins.getAttr outputName strict; - | ^ - | drvPath = strict.drvPath; + | value = commonAttrs // { + | outPath = builtins.getAttr outputName strict; + | ^ + | drvPath = strict.drvPath; … while calling the 'derivationStrict' builtin at ::: diff --git a/tests/functional/lang/eval-fail-dup-dynamic-attrs.err.exp b/tests/functional/lang/eval-fail-dup-dynamic-attrs.err.exp index 834f9c67bc4..4eafe945b74 100644 --- a/tests/functional/lang/eval-fail-dup-dynamic-attrs.err.exp +++ b/tests/functional/lang/eval-fail-dup-dynamic-attrs.err.exp @@ -2,13 +2,13 @@ error: … while evaluating the attribute 'set' at /pwd/lang/eval-fail-dup-dynamic-attrs.nix:2:3: 1| { - 2| set = { "${"" + "b"}" = 1; }; + 2| set = { | ^ - 3| set = { "${"b" + ""}" = 2; }; + 3| "${"" + "b"}" = 1; - error: dynamic attribute 'b' already defined at /pwd/lang/eval-fail-dup-dynamic-attrs.nix:2:11 - at /pwd/lang/eval-fail-dup-dynamic-attrs.nix:3:11: - 2| set = { "${"" + "b"}" = 1; }; - 3| set = { "${"b" + ""}" = 2; }; - | ^ - 4| } + error: dynamic attribute 'b' already defined at /pwd/lang/eval-fail-dup-dynamic-attrs.nix:3:5 + at /pwd/lang/eval-fail-dup-dynamic-attrs.nix:6:5: + 5| set = { + 6| "${"b" + ""}" = 2; + | ^ + 7| }; diff --git a/tests/functional/lang/eval-fail-duplicate-traces.err.exp b/tests/functional/lang/eval-fail-duplicate-traces.err.exp index cedaebd3b58..e6ae60f3ca0 100644 --- a/tests/functional/lang/eval-fail-duplicate-traces.err.exp +++ b/tests/functional/lang/eval-fail-duplicate-traces.err.exp @@ -1,51 +1,51 @@ error: … from call site - at /pwd/lang/eval-fail-duplicate-traces.nix:9:3: - 8| in - 9| throwAfter 2 - | ^ - 10| + at /pwd/lang/eval-fail-duplicate-traces.nix:6:1: + 5| in + 6| throwAfter 2 + | ^ + 7| … while calling 'throwAfter' at /pwd/lang/eval-fail-duplicate-traces.nix:4:16: 3| let - 4| throwAfter = n: + 4| throwAfter = n: if n > 0 then throwAfter (n - 1) else throw "Uh oh!"; | ^ - 5| if n > 0 + 5| in … from call site - at /pwd/lang/eval-fail-duplicate-traces.nix:6:10: - 5| if n > 0 - 6| then throwAfter (n - 1) - | ^ - 7| else throw "Uh oh!"; + at /pwd/lang/eval-fail-duplicate-traces.nix:4:33: + 3| let + 4| throwAfter = n: if n > 0 then throwAfter (n - 1) else throw "Uh oh!"; + | ^ + 5| in … while calling 'throwAfter' at /pwd/lang/eval-fail-duplicate-traces.nix:4:16: 3| let - 4| throwAfter = n: + 4| throwAfter = n: if n > 0 then throwAfter (n - 1) else throw "Uh oh!"; | ^ - 5| if n > 0 + 5| in … from call site - at /pwd/lang/eval-fail-duplicate-traces.nix:6:10: - 5| if n > 0 - 6| then throwAfter (n - 1) - | ^ - 7| else throw "Uh oh!"; + at /pwd/lang/eval-fail-duplicate-traces.nix:4:33: + 3| let + 4| throwAfter = n: if n > 0 then throwAfter (n - 1) else throw "Uh oh!"; + | ^ + 5| in … while calling 'throwAfter' at /pwd/lang/eval-fail-duplicate-traces.nix:4:16: 3| let - 4| throwAfter = n: + 4| throwAfter = n: if n > 0 then throwAfter (n - 1) else throw "Uh oh!"; | ^ - 5| if n > 0 + 5| in … while calling the 'throw' builtin - at /pwd/lang/eval-fail-duplicate-traces.nix:7:10: - 6| then throwAfter (n - 1) - 7| else throw "Uh oh!"; - | ^ - 8| in + at /pwd/lang/eval-fail-duplicate-traces.nix:4:57: + 3| let + 4| throwAfter = n: if n > 0 then throwAfter (n - 1) else throw "Uh oh!"; + | ^ + 5| in error: Uh oh! diff --git a/tests/functional/lang/eval-fail-fetchurl-baseName-attrs-name.err.exp b/tests/functional/lang/eval-fail-fetchurl-baseName-attrs-name.err.exp index 30f8b6a3544..2cac02f5875 100644 --- a/tests/functional/lang/eval-fail-fetchurl-baseName-attrs-name.err.exp +++ b/tests/functional/lang/eval-fail-fetchurl-baseName-attrs-name.err.exp @@ -1,8 +1,8 @@ error: … while calling the 'fetchurl' builtin at /pwd/lang/eval-fail-fetchurl-baseName-attrs-name.nix:1:1: - 1| builtins.fetchurl { url = "https://example.com/foo.tar.gz"; name = "~wobble~"; } + 1| builtins.fetchurl { | ^ - 2| + 2| url = "https://example.com/foo.tar.gz"; error: invalid store path name when fetching URL 'https://example.com/foo.tar.gz': name '~wobble~' contains illegal character '~'. Please change the value for the 'name' attribute passed to 'fetchurl', so that it can create a valid store path. diff --git a/tests/functional/lang/eval-fail-flake-ref-to-string-negative-integer.err.exp b/tests/functional/lang/eval-fail-flake-ref-to-string-negative-integer.err.exp index 25c8d7eaaa8..2b56939c621 100644 --- a/tests/functional/lang/eval-fail-flake-ref-to-string-negative-integer.err.exp +++ b/tests/functional/lang/eval-fail-flake-ref-to-string-negative-integer.err.exp @@ -1,14 +1,16 @@ error: … while calling the 'seq' builtin - at /pwd/lang/eval-fail-flake-ref-to-string-negative-integer.nix:1:16: - 1| let n = -1; in builtins.seq n (builtins.flakeRefToString { - | ^ - 2| type = "github"; + at /pwd/lang/eval-fail-flake-ref-to-string-negative-integer.nix:4:1: + 3| in + 4| builtins.seq n ( + | ^ + 5| builtins.flakeRefToString { … while calling the 'flakeRefToString' builtin - at /pwd/lang/eval-fail-flake-ref-to-string-negative-integer.nix:1:32: - 1| let n = -1; in builtins.seq n (builtins.flakeRefToString { - | ^ - 2| type = "github"; + at /pwd/lang/eval-fail-flake-ref-to-string-negative-integer.nix:5:3: + 4| builtins.seq n ( + 5| builtins.flakeRefToString { + | ^ + 6| type = "github"; error: negative value given for flake ref attr repo: -1 diff --git a/tests/functional/lang/eval-fail-foldlStrict-strict-op-application.err.exp b/tests/functional/lang/eval-fail-foldlStrict-strict-op-application.err.exp index 4903bc82d54..bb02ecdcb8f 100644 --- a/tests/functional/lang/eval-fail-foldlStrict-strict-op-application.err.exp +++ b/tests/functional/lang/eval-fail-foldlStrict-strict-op-application.err.exp @@ -2,36 +2,36 @@ error: … while calling the 'foldl'' builtin at /pwd/lang/eval-fail-foldlStrict-strict-op-application.nix:2:1: 1| # Tests that the result of applying op is forced even if the value is never used - 2| builtins.foldl' + 2| builtins.foldl' (_: f: f null) null [ | ^ - 3| (_: f: f null) + 3| (_: throw "Not the final value, but is still forced!") … while calling anonymous lambda - at /pwd/lang/eval-fail-foldlStrict-strict-op-application.nix:3:7: - 2| builtins.foldl' - 3| (_: f: f null) - | ^ - 4| null + at /pwd/lang/eval-fail-foldlStrict-strict-op-application.nix:2:21: + 1| # Tests that the result of applying op is forced even if the value is never used + 2| builtins.foldl' (_: f: f null) null [ + | ^ + 3| (_: throw "Not the final value, but is still forced!") … from call site - at /pwd/lang/eval-fail-foldlStrict-strict-op-application.nix:3:10: - 2| builtins.foldl' - 3| (_: f: f null) - | ^ - 4| null + at /pwd/lang/eval-fail-foldlStrict-strict-op-application.nix:2:24: + 1| # Tests that the result of applying op is forced even if the value is never used + 2| builtins.foldl' (_: f: f null) null [ + | ^ + 3| (_: throw "Not the final value, but is still forced!") … while calling anonymous lambda - at /pwd/lang/eval-fail-foldlStrict-strict-op-application.nix:5:6: - 4| null - 5| [ (_: throw "Not the final value, but is still forced!") (_: 23) ] - | ^ - 6| + at /pwd/lang/eval-fail-foldlStrict-strict-op-application.nix:3:4: + 2| builtins.foldl' (_: f: f null) null [ + 3| (_: throw "Not the final value, but is still forced!") + | ^ + 4| (_: 23) … while calling the 'throw' builtin - at /pwd/lang/eval-fail-foldlStrict-strict-op-application.nix:5:9: - 4| null - 5| [ (_: throw "Not the final value, but is still forced!") (_: 23) ] - | ^ - 6| + at /pwd/lang/eval-fail-foldlStrict-strict-op-application.nix:3:7: + 2| builtins.foldl' (_: f: f null) null [ + 3| (_: throw "Not the final value, but is still forced!") + | ^ + 4| (_: 23) error: Not the final value, but is still forced! diff --git a/tests/functional/lang/eval-fail-hashfile-missing.err.exp b/tests/functional/lang/eval-fail-hashfile-missing.err.exp index 1e465392744..0d3747a6d57 100644 --- a/tests/functional/lang/eval-fail-hashfile-missing.err.exp +++ b/tests/functional/lang/eval-fail-hashfile-missing.err.exp @@ -1,10 +1,10 @@ error: … while calling the 'toString' builtin - at /pwd/lang/eval-fail-hashfile-missing.nix:4:3: - 3| in - 4| toString (builtins.concatLists (map (hash: map (builtins.hashFile hash) paths) ["md5" "sha1" "sha256" "sha512"])) - | ^ - 5| + at /pwd/lang/eval-fail-hashfile-missing.nix:7:1: + 6| in + 7| toString ( + | ^ + 8| builtins.concatLists ( … while evaluating the first argument passed to builtins.toString diff --git a/tests/functional/lang/eval-fail-list.err.exp b/tests/functional/lang/eval-fail-list.err.exp index d492f8bd2e4..8b21e9a3715 100644 --- a/tests/functional/lang/eval-fail-list.err.exp +++ b/tests/functional/lang/eval-fail-list.err.exp @@ -1,8 +1,8 @@ error: … while evaluating one of the elements to concatenate - at /pwd/lang/eval-fail-list.nix:1:2: - 1| 8++1 - | ^ + at /pwd/lang/eval-fail-list.nix:1:3: + 1| 8 ++ 1 + | ^ 2| error: expected a list but found an integer: 8 diff --git a/tests/functional/lang/eval-fail-missing-arg.err.exp b/tests/functional/lang/eval-fail-missing-arg.err.exp index 3b162fe1b60..d5a66d2c5ea 100644 --- a/tests/functional/lang/eval-fail-missing-arg.err.exp +++ b/tests/functional/lang/eval-fail-missing-arg.err.exp @@ -1,12 +1,13 @@ error: … from call site at /pwd/lang/eval-fail-missing-arg.nix:1:1: - 1| ({x, y, z}: x + y + z) {x = "foo"; z = "bar";} + 1| ( | ^ - 2| + 2| { error: function 'anonymous lambda' called without required argument 'y' - at /pwd/lang/eval-fail-missing-arg.nix:1:2: - 1| ({x, y, z}: x + y + z) {x = "foo"; z = "bar";} - | ^ - 2| + at /pwd/lang/eval-fail-missing-arg.nix:2:3: + 1| ( + 2| { + | ^ + 3| x, diff --git a/tests/functional/lang/eval-fail-mutual-recursion.err.exp b/tests/functional/lang/eval-fail-mutual-recursion.err.exp index c034afcd5e0..9d84aa43f0f 100644 --- a/tests/functional/lang/eval-fail-mutual-recursion.err.exp +++ b/tests/functional/lang/eval-fail-mutual-recursion.err.exp @@ -1,64 +1,64 @@ error: … from call site - at /pwd/lang/eval-fail-mutual-recursion.nix:36:3: - 35| in - 36| throwAfterA true 10 - | ^ - 37| + at /pwd/lang/eval-fail-mutual-recursion.nix:40:1: + 39| in + 40| throwAfterA true 10 + | ^ + 41| … while calling 'throwAfterA' - at /pwd/lang/eval-fail-mutual-recursion.nix:29:26: - 28| - 29| throwAfterA = recurse: n: - | ^ - 30| if n > 0 + at /pwd/lang/eval-fail-mutual-recursion.nix:32:14: + 31| throwAfterA = + 32| recurse: n: + | ^ + 33| if n > 0 then … from call site - at /pwd/lang/eval-fail-mutual-recursion.nix:31:10: - 30| if n > 0 - 31| then throwAfterA recurse (n - 1) - | ^ - 32| else if recurse + at /pwd/lang/eval-fail-mutual-recursion.nix:34:7: + 33| if n > 0 then + 34| throwAfterA recurse (n - 1) + | ^ + 35| else if recurse then (19 duplicate frames omitted) … from call site - at /pwd/lang/eval-fail-mutual-recursion.nix:33:10: - 32| else if recurse - 33| then throwAfterB true 10 - | ^ - 34| else throw "Uh oh!"; + at /pwd/lang/eval-fail-mutual-recursion.nix:36:7: + 35| else if recurse then + 36| throwAfterB true 10 + | ^ + 37| else … while calling 'throwAfterB' - at /pwd/lang/eval-fail-mutual-recursion.nix:22:26: - 21| let - 22| throwAfterB = recurse: n: - | ^ - 23| if n > 0 + at /pwd/lang/eval-fail-mutual-recursion.nix:23:14: + 22| throwAfterB = + 23| recurse: n: + | ^ + 24| if n > 0 then … from call site - at /pwd/lang/eval-fail-mutual-recursion.nix:24:10: - 23| if n > 0 - 24| then throwAfterB recurse (n - 1) - | ^ - 25| else if recurse + at /pwd/lang/eval-fail-mutual-recursion.nix:25:7: + 24| if n > 0 then + 25| throwAfterB recurse (n - 1) + | ^ + 26| else if recurse then (19 duplicate frames omitted) … from call site - at /pwd/lang/eval-fail-mutual-recursion.nix:26:10: - 25| else if recurse - 26| then throwAfterA false 10 - | ^ - 27| else throw "Uh oh!"; + at /pwd/lang/eval-fail-mutual-recursion.nix:27:7: + 26| else if recurse then + 27| throwAfterA false 10 + | ^ + 28| else (21 duplicate frames omitted) … while calling the 'throw' builtin - at /pwd/lang/eval-fail-mutual-recursion.nix:34:10: - 33| then throwAfterB true 10 - 34| else throw "Uh oh!"; - | ^ - 35| in + at /pwd/lang/eval-fail-mutual-recursion.nix:38:7: + 37| else + 38| throw "Uh oh!"; + | ^ + 39| in error: Uh oh! diff --git a/tests/functional/lang/eval-fail-nested-list-items.err.exp b/tests/functional/lang/eval-fail-nested-list-items.err.exp index 90d43906165..1169b8326ca 100644 --- a/tests/functional/lang/eval-fail-nested-list-items.err.exp +++ b/tests/functional/lang/eval-fail-nested-list-items.err.exp @@ -1,9 +1,9 @@ error: … while evaluating a path segment - at /pwd/lang/eval-fail-nested-list-items.nix:11:6: - 10| - 11| "" + (let v = [ [ 1 2 3 4 5 6 7 8 ] [1 2 3 4]]; in builtins.deepSeq v v) - | ^ - 12| + at /pwd/lang/eval-fail-nested-list-items.nix:12:3: + 11| "" + 12| + ( + | ^ + 13| let error: cannot coerce a list to a string: [ [ 1 2 3 4 5 6 7 8 ] [ 1 «3 items elided» ] ] diff --git a/tests/functional/lang/eval-fail-not-throws.err.exp b/tests/functional/lang/eval-fail-not-throws.err.exp index fc81f7277e1..b49ed7b0048 100644 --- a/tests/functional/lang/eval-fail-not-throws.err.exp +++ b/tests/functional/lang/eval-fail-not-throws.err.exp @@ -1,14 +1,14 @@ error: … in the argument of the not operator - at /pwd/lang/eval-fail-not-throws.nix:1:4: - 1| ! (throw "uh oh!") - | ^ + at /pwd/lang/eval-fail-not-throws.nix:1:3: + 1| !(throw "uh oh!") + | ^ 2| … while calling the 'throw' builtin - at /pwd/lang/eval-fail-not-throws.nix:1:4: - 1| ! (throw "uh oh!") - | ^ + at /pwd/lang/eval-fail-not-throws.nix:1:3: + 1| !(throw "uh oh!") + | ^ 2| error: uh oh! diff --git a/tests/functional/lang/eval-fail-overflowing-add.err.exp b/tests/functional/lang/eval-fail-overflowing-add.err.exp index 6458cf1c933..5a77e9c9d97 100644 --- a/tests/functional/lang/eval-fail-overflowing-add.err.exp +++ b/tests/functional/lang/eval-fail-overflowing-add.err.exp @@ -1,6 +1,6 @@ error: integer overflow in adding 9223372036854775807 + 1 - at /pwd/lang/eval-fail-overflowing-add.nix:4:8: - 3| b = 1; - 4| in a + b - | ^ - 5| + at /pwd/lang/eval-fail-overflowing-add.nix:5:5: + 4| in + 5| a + b + | ^ + 6| diff --git a/tests/functional/lang/eval-fail-overflowing-div.err.exp b/tests/functional/lang/eval-fail-overflowing-div.err.exp index 8ce07d4d662..812c6056b76 100644 --- a/tests/functional/lang/eval-fail-overflowing-div.err.exp +++ b/tests/functional/lang/eval-fail-overflowing-div.err.exp @@ -1,23 +1,23 @@ error: … while calling the 'seq' builtin - at /pwd/lang/eval-fail-overflowing-div.nix:7:4: - 6| b = -1; - 7| in builtins.seq intMin (builtins.seq b (intMin / b)) - | ^ - 8| + at /pwd/lang/eval-fail-overflowing-div.nix:8:1: + 7| in + 8| builtins.seq intMin (builtins.seq b (intMin / b)) + | ^ + 9| … while calling the 'seq' builtin - at /pwd/lang/eval-fail-overflowing-div.nix:7:25: - 6| b = -1; - 7| in builtins.seq intMin (builtins.seq b (intMin / b)) - | ^ - 8| + at /pwd/lang/eval-fail-overflowing-div.nix:8:22: + 7| in + 8| builtins.seq intMin (builtins.seq b (intMin / b)) + | ^ + 9| … while calling the 'div' builtin - at /pwd/lang/eval-fail-overflowing-div.nix:7:48: - 6| b = -1; - 7| in builtins.seq intMin (builtins.seq b (intMin / b)) - | ^ - 8| + at /pwd/lang/eval-fail-overflowing-div.nix:8:45: + 7| in + 8| builtins.seq intMin (builtins.seq b (intMin / b)) + | ^ + 9| error: integer overflow in dividing -9223372036854775808 / -1 diff --git a/tests/functional/lang/eval-fail-overflowing-mul.err.exp b/tests/functional/lang/eval-fail-overflowing-mul.err.exp index f42b39d4db9..aaae4b7bd86 100644 --- a/tests/functional/lang/eval-fail-overflowing-mul.err.exp +++ b/tests/functional/lang/eval-fail-overflowing-mul.err.exp @@ -1,16 +1,16 @@ error: … while calling the 'mul' builtin - at /pwd/lang/eval-fail-overflowing-mul.nix:3:10: - 2| a = 4294967297; - 3| in a * a * a - | ^ - 4| + at /pwd/lang/eval-fail-overflowing-mul.nix:4:7: + 3| in + 4| a * a * a + | ^ + 5| … while calling the 'mul' builtin - at /pwd/lang/eval-fail-overflowing-mul.nix:3:6: - 2| a = 4294967297; - 3| in a * a * a - | ^ - 4| + at /pwd/lang/eval-fail-overflowing-mul.nix:4:3: + 3| in + 4| a * a * a + | ^ + 5| error: integer overflow in multiplying 4294967297 * 4294967297 diff --git a/tests/functional/lang/eval-fail-overflowing-sub.err.exp b/tests/functional/lang/eval-fail-overflowing-sub.err.exp index 66a3a03f885..5904c8dcc9d 100644 --- a/tests/functional/lang/eval-fail-overflowing-sub.err.exp +++ b/tests/functional/lang/eval-fail-overflowing-sub.err.exp @@ -1,9 +1,9 @@ error: … while calling the 'sub' builtin - at /pwd/lang/eval-fail-overflowing-sub.nix:4:6: - 3| b = 2; - 4| in a - b - | ^ - 5| + at /pwd/lang/eval-fail-overflowing-sub.nix:5:3: + 4| in + 5| a - b + | ^ + 6| error: integer overflow in subtracting -9223372036854775807 - 2 diff --git a/tests/functional/lang/eval-fail-recursion.err.exp b/tests/functional/lang/eval-fail-recursion.err.exp index 19380dc6536..8bfb4e12e47 100644 --- a/tests/functional/lang/eval-fail-recursion.err.exp +++ b/tests/functional/lang/eval-fail-recursion.err.exp @@ -1,12 +1,14 @@ error: … in the right operand of the update (//) operator - at /pwd/lang/eval-fail-recursion.nix:1:12: - 1| let a = {} // a; in a.foo - | ^ - 2| + at /pwd/lang/eval-fail-recursion.nix:2:11: + 1| let + 2| a = { } // a; + | ^ + 3| in error: infinite recursion encountered - at /pwd/lang/eval-fail-recursion.nix:1:15: - 1| let a = {} // a; in a.foo - | ^ - 2| + at /pwd/lang/eval-fail-recursion.nix:2:14: + 1| let + 2| a = { } // a; + | ^ + 3| in diff --git a/tests/functional/lang/eval-fail-remove.err.exp b/tests/functional/lang/eval-fail-remove.err.exp index 292b3c3f33a..0e087688a25 100644 --- a/tests/functional/lang/eval-fail-remove.err.exp +++ b/tests/functional/lang/eval-fail-remove.err.exp @@ -1,15 +1,15 @@ error: … while evaluating the attribute 'body' - at /pwd/lang/eval-fail-remove.nix:4:3: - 3| - 4| body = (removeAttrs attrs ["x"]).x; + at /pwd/lang/eval-fail-remove.nix:7:3: + 6| + 7| body = (removeAttrs attrs [ "x" ]).x; | ^ - 5| } + 8| } error: attribute 'x' missing - at /pwd/lang/eval-fail-remove.nix:4:10: - 3| - 4| body = (removeAttrs attrs ["x"]).x; + at /pwd/lang/eval-fail-remove.nix:7:10: + 6| + 7| body = (removeAttrs attrs [ "x" ]).x; | ^ - 5| } + 8| } Did you mean y? diff --git a/tests/functional/lang/eval-fail-scope-5.err.exp b/tests/functional/lang/eval-fail-scope-5.err.exp index b0b05cad737..6edc85f4f16 100644 --- a/tests/functional/lang/eval-fail-scope-5.err.exp +++ b/tests/functional/lang/eval-fail-scope-5.err.exp @@ -1,28 +1,28 @@ error: … while evaluating the attribute 'body' - at /pwd/lang/eval-fail-scope-5.nix:8:3: - 7| - 8| body = f {}; + at /pwd/lang/eval-fail-scope-5.nix:13:3: + 12| + 13| body = f { }; | ^ - 9| + 14| … from call site - at /pwd/lang/eval-fail-scope-5.nix:8:10: - 7| - 8| body = f {}; + at /pwd/lang/eval-fail-scope-5.nix:13:10: + 12| + 13| body = f { }; | ^ - 9| + 14| … while calling 'f' - at /pwd/lang/eval-fail-scope-5.nix:6:7: - 5| - 6| f = {x ? y, y ? x}: x + y; - | ^ - 7| + at /pwd/lang/eval-fail-scope-5.nix:7:5: + 6| f = + 7| { + | ^ + 8| x ? y, error: infinite recursion encountered - at /pwd/lang/eval-fail-scope-5.nix:6:12: - 5| - 6| f = {x ? y, y ? x}: x + y; - | ^ - 7| + at /pwd/lang/eval-fail-scope-5.nix:8:11: + 7| { + 8| x ? y, + | ^ + 9| y ? x, diff --git a/tests/functional/lang/eval-fail-undeclared-arg.err.exp b/tests/functional/lang/eval-fail-undeclared-arg.err.exp index 6e13a138eb7..353894d01e6 100644 --- a/tests/functional/lang/eval-fail-undeclared-arg.err.exp +++ b/tests/functional/lang/eval-fail-undeclared-arg.err.exp @@ -1,13 +1,13 @@ error: … from call site at /pwd/lang/eval-fail-undeclared-arg.nix:1:1: - 1| ({x, z}: x + z) {x = "foo"; y = "bla"; z = "bar";} + 1| ({ x, z }: x + z) { | ^ - 2| + 2| x = "foo"; error: function 'anonymous lambda' called with unexpected argument 'y' at /pwd/lang/eval-fail-undeclared-arg.nix:1:2: - 1| ({x, z}: x + z) {x = "foo"; y = "bla"; z = "bar";} + 1| ({ x, z }: x + z) { | ^ - 2| + 2| x = "foo"; Did you mean one of x or z? diff --git a/tests/functional/lang/eval-fail-using-set-as-attr-name.err.exp b/tests/functional/lang/eval-fail-using-set-as-attr-name.err.exp index 4326c965008..9a59f37f35e 100644 --- a/tests/functional/lang/eval-fail-using-set-as-attr-name.err.exp +++ b/tests/functional/lang/eval-fail-using-set-as-attr-name.err.exp @@ -1,14 +1,14 @@ error: … while evaluating an attribute name - at /pwd/lang/eval-fail-using-set-as-attr-name.nix:5:10: - 4| in - 5| attr.${key} - | ^ - 6| + at /pwd/lang/eval-fail-using-set-as-attr-name.nix:7:8: + 6| in + 7| attr.${key} + | ^ + 8| error: expected a string but found a set: { } - at /pwd/lang/eval-fail-using-set-as-attr-name.nix:5:10: - 4| in - 5| attr.${key} - | ^ - 6| + at /pwd/lang/eval-fail-using-set-as-attr-name.nix:7:8: + 6| in + 7| attr.${key} + | ^ + 8| diff --git a/tests/functional/repl/doc-comment-curried-args.expected b/tests/functional/repl/doc-comment-curried-args.expected index 56607e911e8..d2a5bf32853 100644 --- a/tests/functional/repl/doc-comment-curried-args.expected +++ b/tests/functional/repl/doc-comment-curried-args.expected @@ -6,7 +6,8 @@ Added variables. nix-repl> :doc curriedArgs Function `curriedArgs`\ - … defined at /path/to/tests/functional/repl/doc-comments.nix:48:5 + … defined at /path/to/tests/functional/repl/doc-comments.nix:87:5 + A documented function. @@ -17,7 +18,8 @@ nix-repl> "Note that users may not expect this to behave as it currently does" nix-repl> :doc x Function `curriedArgs`\ - … defined at /path/to/tests/functional/repl/doc-comments.nix:50:5 + … defined at /path/to/tests/functional/repl/doc-comments.nix:91:5 + The function returned by applying once diff --git a/tests/functional/repl/doc-comment-formals.expected b/tests/functional/repl/doc-comment-formals.expected index 1024919f4b9..357cf998680 100644 --- a/tests/functional/repl/doc-comment-formals.expected +++ b/tests/functional/repl/doc-comment-formals.expected @@ -9,6 +9,7 @@ nix-repl> "Note that this is not yet complete" nix-repl> :doc documentedFormals Function `documentedFormals`\ - … defined at /path/to/tests/functional/repl/doc-comments.nix:57:5 + … defined at /path/to/tests/functional/repl/doc-comments.nix:104:5 + Finds x diff --git a/tests/functional/repl/doc-comment-function.expected b/tests/functional/repl/doc-comment-function.expected index 3889c4f7860..030cfc3265a 100644 --- a/tests/functional/repl/doc-comment-function.expected +++ b/tests/functional/repl/doc-comment-function.expected @@ -2,6 +2,7 @@ Nix Type :? for help. nix-repl> :doc import ./doc-comment-function.nix -Function defined at /path/to/tests/functional/repl/doc-comment-function.nix:2:1 +Function defined at /path/to/tests/functional/repl/doc-comment-function.nix:4:1 + A doc comment for a file that only contains a function diff --git a/tests/functional/repl/doc-compact.expected b/tests/functional/repl/doc-compact.expected index 79f1fd44f59..276de2e60b5 100644 --- a/tests/functional/repl/doc-compact.expected +++ b/tests/functional/repl/doc-compact.expected @@ -6,6 +6,7 @@ Added variables. nix-repl> :doc compact Function `compact`\ - … defined at /path/to/tests/functional/repl/doc-comments.nix:18:20 + … defined at /path/to/tests/functional/repl/doc-comments.nix:27:5 + boom diff --git a/tests/functional/repl/doc-constant.expected b/tests/functional/repl/doc-constant.expected index 5787e04dc19..a68188b25ab 100644 --- a/tests/functional/repl/doc-constant.expected +++ b/tests/functional/repl/doc-constant.expected @@ -10,25 +10,27 @@ error: value does not have documentation nix-repl> :doc lib.version Attribute `version` - … defined at /path/to/tests/functional/repl/doc-comments.nix:30:3 + … defined at /path/to/tests/functional/repl/doc-comments.nix:47:3 + Immovably fixed. nix-repl> :doc lib.attr.empty Attribute `empty` - … defined at /path/to/tests/functional/repl/doc-comments.nix:33:3 + … defined at /path/to/tests/functional/repl/doc-comments.nix:52:3 + Unchangeably constant. nix-repl> :doc lib.attr.undocument error: … while evaluating the attribute 'attr.undocument' - at /path/to/tests/functional/repl/doc-comments.nix:33:3: - 32| /** Unchangeably constant. */ - 33| lib.attr.empty = { }; + at /path/to/tests/functional/repl/doc-comments.nix:52:3: + 51| */ + 52| lib.attr.empty = { }; | ^ - 34| + 53| error: attribute 'undocument' missing at «string»:1:1: @@ -39,28 +41,31 @@ error: nix-repl> :doc (import ./doc-comments.nix).constant Attribute `constant` - … defined at /path/to/tests/functional/repl/doc-comments.nix:27:3 + … defined at /path/to/tests/functional/repl/doc-comments.nix:42:3 + Firmly rigid. nix-repl> :doc (import ./doc-comments.nix).lib.version Attribute `version` - … defined at /path/to/tests/functional/repl/doc-comments.nix:30:3 + … defined at /path/to/tests/functional/repl/doc-comments.nix:47:3 + Immovably fixed. nix-repl> :doc (import ./doc-comments.nix).lib.attr.empty Attribute `empty` - … defined at /path/to/tests/functional/repl/doc-comments.nix:33:3 + … defined at /path/to/tests/functional/repl/doc-comments.nix:52:3 + Unchangeably constant. nix-repl> :doc (import ./doc-comments.nix).lib.attr.undocumented Attribute `undocumented` - … defined at /path/to/tests/functional/repl/doc-comments.nix:35:3 + … defined at /path/to/tests/functional/repl/doc-comments.nix:54:3 No documentation found. @@ -97,11 +102,11 @@ error: attribute 'missing' missing nix-repl> :doc lib.attr.undocumental error: … while evaluating the attribute 'attr.undocumental' - at /path/to/tests/functional/repl/doc-comments.nix:33:3: - 32| /** Unchangeably constant. */ - 33| lib.attr.empty = { }; + at /path/to/tests/functional/repl/doc-comments.nix:52:3: + 51| */ + 52| lib.attr.empty = { }; | ^ - 34| + 53| error: attribute 'undocumental' missing at «string»:1:1: diff --git a/tests/functional/repl/doc-floatedIn.expected b/tests/functional/repl/doc-floatedIn.expected index 82bb80b9501..3bf1c40715b 100644 --- a/tests/functional/repl/doc-floatedIn.expected +++ b/tests/functional/repl/doc-floatedIn.expected @@ -6,6 +6,7 @@ Added variables. nix-repl> :doc floatedIn Function `floatedIn`\ - … defined at /path/to/tests/functional/repl/doc-comments.nix:16:5 + … defined at /path/to/tests/functional/repl/doc-comments.nix:21:5 + This also works. diff --git a/tests/functional/repl/doc-functor.expected b/tests/functional/repl/doc-functor.expected index 8cb2706ef0f..503fb807368 100644 --- a/tests/functional/repl/doc-functor.expected +++ b/tests/functional/repl/doc-functor.expected @@ -20,7 +20,7 @@ Look, it's just like a function! nix-repl> :doc recursive Function `__functor`\ - … defined at /path/to/tests/functional/repl/doc-functor.nix:77:23 + … defined at /path/to/tests/functional/repl/doc-functor.nix:82:23 This looks bad, but the docs are ok because of the eta expansion. @@ -30,27 +30,27 @@ error: … while partially calling '__functor' to retrieve documentation … while calling '__functor' - at /path/to/tests/functional/repl/doc-functor.nix:85:17: - 84| */ - 85| __functor = self: self.__functor self; + at /path/to/tests/functional/repl/doc-functor.nix:90:17: + 89| */ + 90| __functor = self: self.__functor self; | ^ - 86| }; + 91| }; … from call site - at /path/to/tests/functional/repl/doc-functor.nix:85:23: - 84| */ - 85| __functor = self: self.__functor self; + at /path/to/tests/functional/repl/doc-functor.nix:90:23: + 89| */ + 90| __functor = self: self.__functor self; | ^ - 86| }; + 91| }; (19999 duplicate frames omitted) error: stack overflow; max-call-depth exceeded - at /path/to/tests/functional/repl/doc-functor.nix:85:23: - 84| */ - 85| __functor = self: self.__functor self; + at /path/to/tests/functional/repl/doc-functor.nix:90:23: + 89| */ + 90| __functor = self: self.__functor self; | ^ - 86| }; + 91| }; nix-repl> :doc diverging error: @@ -59,18 +59,18 @@ error: (10000 duplicate frames omitted) … while calling '__functor' - at /path/to/tests/functional/repl/doc-functor.nix:97:19: - 96| f = x: { - 97| __functor = self: (f (x + 1)); - | ^ - 98| }; + at /path/to/tests/functional/repl/doc-functor.nix:103:21: + 102| f = x: { + 103| __functor = self: (f (x + 1)); + | ^ + 104| }; error: stack overflow; max-call-depth exceeded - at /path/to/tests/functional/repl/doc-functor.nix:97:26: - 96| f = x: { - 97| __functor = self: (f (x + 1)); - | ^ - 98| }; + at /path/to/tests/functional/repl/doc-functor.nix:103:28: + 102| f = x: { + 103| __functor = self: (f (x + 1)); + | ^ + 104| }; nix-repl> :doc helper Function `square`\ @@ -81,21 +81,21 @@ Compute x^2 nix-repl> :doc helper2 Function `__functor`\ - … defined at /path/to/tests/functional/repl/doc-functor.nix:45:23 + … defined at /path/to/tests/functional/repl/doc-functor.nix:46:13 This is a function that can be overridden. nix-repl> :doc lib.helper3 Function `__functor`\ - … defined at /path/to/tests/functional/repl/doc-functor.nix:45:23 + … defined at /path/to/tests/functional/repl/doc-functor.nix:46:13 This is a function that can be overridden. nix-repl> :doc helper3 Function `__functor`\ - … defined at /path/to/tests/functional/repl/doc-functor.nix:45:23 + … defined at /path/to/tests/functional/repl/doc-functor.nix:46:13 This is a function that can be overridden. diff --git a/tests/functional/repl/doc-lambda-flavors.expected b/tests/functional/repl/doc-lambda-flavors.expected index ab5c956390f..437c09d2b31 100644 --- a/tests/functional/repl/doc-lambda-flavors.expected +++ b/tests/functional/repl/doc-lambda-flavors.expected @@ -6,24 +6,28 @@ Added variables. nix-repl> :doc nonStrict Function `nonStrict`\ - … defined at /path/to/tests/functional/repl/doc-comments.nix:37:70 + … defined at /path/to/tests/functional/repl/doc-comments.nix:60:5 + My syntax is not strict, but I'm strict anyway. nix-repl> :doc strict Function `strict`\ - … defined at /path/to/tests/functional/repl/doc-comments.nix:38:63 + … defined at /path/to/tests/functional/repl/doc-comments.nix:65:5 + I don't have to be strict, but I am anyway. nix-repl> :doc strictPre Function `strictPre`\ - … defined at /path/to/tests/functional/repl/doc-comments.nix:40:48 + … defined at /path/to/tests/functional/repl/doc-comments.nix:71:5 + Here's one way to do this nix-repl> :doc strictPost Function `strictPost`\ - … defined at /path/to/tests/functional/repl/doc-comments.nix:41:53 + … defined at /path/to/tests/functional/repl/doc-comments.nix:76:5 + Here's another way to do this diff --git a/tests/functional/repl/doc-measurement.expected b/tests/functional/repl/doc-measurement.expected index 555cac9a2a0..862697613be 100644 --- a/tests/functional/repl/doc-measurement.expected +++ b/tests/functional/repl/doc-measurement.expected @@ -6,6 +6,7 @@ Added variables. nix-repl> :doc measurement Function `measurement`\ - … defined at /path/to/tests/functional/repl/doc-comments.nix:13:17 + … defined at /path/to/tests/functional/repl/doc-comments.nix:15:17 + 👈 precisely this wide 👉 diff --git a/tests/functional/repl/doc-unambiguous.expected b/tests/functional/repl/doc-unambiguous.expected index 0db5505d781..32ca9aef22a 100644 --- a/tests/functional/repl/doc-unambiguous.expected +++ b/tests/functional/repl/doc-unambiguous.expected @@ -6,6 +6,7 @@ Added variables. nix-repl> :doc unambiguous Function `unambiguous`\ - … defined at /path/to/tests/functional/repl/doc-comments.nix:24:5 + … defined at /path/to/tests/functional/repl/doc-comments.nix:37:5 + Very close From 791d6cf4332d62da6edd88eb5d20c9cef34c7b92 Mon Sep 17 00:00:00 2001 From: Ben Millwood Date: Thu, 10 Oct 2024 16:05:50 +0100 Subject: [PATCH 126/815] Improve "illegal path references in fixed output derivation" error The main improvement is that the new message gives an example of a path that is referenced, which should make it easier to track down. While there, I also clarified the wording, saying exactly why the paths in question were illegal. (cherry picked from commit 4e5d1b281e503641d649ddba22d49361e6295e2e) --- src/libstore/unix/build/local-derivation-goal.cc | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/src/libstore/unix/build/local-derivation-goal.cc b/src/libstore/unix/build/local-derivation-goal.cc index 06a2f85be84..5b9bc0bb011 100644 --- a/src/libstore/unix/build/local-derivation-goal.cc +++ b/src/libstore/unix/build/local-derivation-goal.cc @@ -2657,10 +2657,14 @@ SingleDrvOutputs LocalDerivationGoal::registerOutputs() wanted.to_string(HashFormat::SRI, true), got.to_string(HashFormat::SRI, true))); } - if (!newInfo0.references.empty()) + if (!newInfo0.references.empty()) { + auto numViolations = newInfo.references.size(); delayedException = std::make_exception_ptr( - BuildError("illegal path references in fixed-output derivation '%s'", - worker.store.printStorePath(drvPath))); + BuildError("fixed-output derivations must not reference store paths: '%s' references %d distinct paths, e.g. '%s'", + worker.store.printStorePath(drvPath), + numViolations, + worker.store.printStorePath(*newInfo.references.begin()))); + } return newInfo0; }, From 527e68ac3eeb4822d863ff6ac2557cc2fc3268be Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Mon, 27 Jan 2025 12:32:46 +0100 Subject: [PATCH 127/815] refactor: Extract EvalState::realiseString (cherry picked from commit 7465fbe9264e46c556b456226e8fb980fcfd7e66) --- src/libexpr-c/nix_api_value.cc | 6 +----- src/libexpr/eval.hh | 9 +++++++++ src/libexpr/primops.cc | 9 +++++++++ 3 files changed, 19 insertions(+), 5 deletions(-) diff --git a/src/libexpr-c/nix_api_value.cc b/src/libexpr-c/nix_api_value.cc index bae078d312f..448f4a58a78 100644 --- a/src/libexpr-c/nix_api_value.cc +++ b/src/libexpr-c/nix_api_value.cc @@ -613,12 +613,8 @@ nix_realised_string * nix_string_realise(nix_c_context * context, EvalState * st context->last_err_code = NIX_OK; try { auto & v = check_value_in(value); - nix::NixStringContext stringContext; - auto rawStr = state->state.coerceToString(nix::noPos, v, stringContext, "while realising a string").toOwned(); nix::StorePathSet storePaths; - auto rewrites = state->state.realiseContext(stringContext, &storePaths); - - auto s = nix::rewriteStrings(rawStr, rewrites); + auto s = state->state.realiseString(v, &storePaths, isIFD); // Convert to the C API StorePath type and convert to vector for index-based access std::vector vec; diff --git a/src/libexpr/eval.hh b/src/libexpr/eval.hh index 84b7d823c36..767578343d9 100644 --- a/src/libexpr/eval.hh +++ b/src/libexpr/eval.hh @@ -820,6 +820,15 @@ public: */ [[nodiscard]] StringMap realiseContext(const NixStringContext & context, StorePathSet * maybePaths = nullptr, bool isIFD = true); + /** + * Realise the given string with context, and return the string with outputs instead of downstream output placeholders. + * @param[in] str the string to realise + * @param[out] paths all referenced store paths will be added to this set + * @return the realised string + * @throw EvalError if the value is not a string, path or derivation (see `coerceToString`) + */ + std::string realiseString(Value & str, StorePathSet * storePathsOutMaybe, bool isIFD = true, const PosIdx pos = noPos); + /* Call the binary path filter predicate used builtins.path etc. */ bool callPathFilter( Value * filterFun, diff --git a/src/libexpr/primops.cc b/src/libexpr/primops.cc index a0e2753b5ec..e6f6f1dda24 100644 --- a/src/libexpr/primops.cc +++ b/src/libexpr/primops.cc @@ -47,6 +47,15 @@ static inline Value * mkString(EvalState & state, const std::csub_match & match) return v; } +std::string EvalState::realiseString(Value & s, StorePathSet * storePathsOutMaybe, bool isIFD, const PosIdx pos) +{ + nix::NixStringContext stringContext; + auto rawStr = coerceToString(pos, s, stringContext, "while realising a string").toOwned(); + auto rewrites = realiseContext(stringContext, storePathsOutMaybe, isIFD); + + return nix::rewriteStrings(rawStr, rewrites); +} + StringMap EvalState::realiseContext(const NixStringContext & context, StorePathSet * maybePathsOut, bool isIFD) { std::vector drvs; From 605bd06ca4512c401573053c3605287b3275e8b8 Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Mon, 27 Jan 2025 14:25:35 +0100 Subject: [PATCH 128/815] packages.default: Add meta.mainProgram (cherry picked from commit 0d7418b4feebcfb3e0e66798398d3ecf618c1e58) --- packaging/everything.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/packaging/everything.nix b/packaging/everything.nix index 2b47c31bbf5..0974a34df50 100644 --- a/packaging/everything.nix +++ b/packaging/everything.nix @@ -93,6 +93,7 @@ let libs = throw "`nix.dev.libs` is not meant to be used; use `nix.libs` instead."; }; meta = { + mainProgram = "nix"; pkgConfigModules = [ "nix-cmd" "nix-expr" From a75cf5770280e14998097c7bbed0521b924dab91 Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Mon, 27 Jan 2025 14:26:05 +0100 Subject: [PATCH 129/815] packages.nix-cli: Add meta.mainProgram (cherry picked from commit 850329dea59358db6e8ea572d769eb706715c508) --- src/nix/package.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/src/nix/package.nix b/src/nix/package.nix index 89c52c3bb05..6e59adc3800 100644 --- a/src/nix/package.nix +++ b/src/nix/package.nix @@ -103,6 +103,7 @@ mkMesonExecutable (finalAttrs: { ]; meta = { + mainProgram = "nix"; platforms = lib.platforms.unix ++ lib.platforms.windows; }; From 1c1f8b2343b15e88b7023adc01529d0496d92014 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 30 Jan 2025 11:27:24 +0100 Subject: [PATCH 130/815] Fix duplicate setPathDisplay() Fixes messages like 'copying /tmp/repo/tmp/repo to the store'. The PosixSourceAccessor already sets the prefix. Setting the prefix twice shouldn't be a problem, but GitRepoImpl::getAccessor() returns a wrapped accessor so it's not actually idempotent. (cherry picked from commit 102d90ebf07b1f268a3551daf5457131ae063d4a) --- src/libfetchers/git.cc | 2 -- tests/functional/fetchGit.sh | 1 + 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/src/libfetchers/git.cc b/src/libfetchers/git.cc index b411e112f5f..e8698709af2 100644 --- a/src/libfetchers/git.cc +++ b/src/libfetchers/git.cc @@ -737,8 +737,6 @@ struct GitInputScheme : InputScheme exportIgnore, makeNotAllowedError(repoInfo.locationToArg())); - accessor->setPathDisplay(repoInfo.locationToArg()); - /* If the repo has submodules, return a mounted input accessor consisting of the accessor for the top-level repo and the accessors for the submodule workdirs. */ diff --git a/tests/functional/fetchGit.sh b/tests/functional/fetchGit.sh index 78925b5cdd6..f3eda54dcdf 100755 --- a/tests/functional/fetchGit.sh +++ b/tests/functional/fetchGit.sh @@ -37,6 +37,7 @@ nix-instantiate --eval -E "builtins.readFile ((builtins.fetchGit file://$TEST_RO # Fetch a worktree. unset _NIX_FORCE_HTTP +expectStderr 0 nix eval -vvvv --impure --raw --expr "(builtins.fetchGit file://$TEST_ROOT/worktree).outPath" | grepQuiet "copying '$TEST_ROOT/worktree/' to the store" path0=$(nix eval --impure --raw --expr "(builtins.fetchGit file://$TEST_ROOT/worktree).outPath") path0_=$(nix eval --impure --raw --expr "(builtins.fetchTree { type = \"git\"; url = file://$TEST_ROOT/worktree; }).outPath") [[ $path0 = $path0_ ]] From 28684af74b56fba5bbcfa976b5c37fe355ea88af Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 30 Jan 2025 12:41:02 +0100 Subject: [PATCH 131/815] =?UTF-8?q?GitExportIgnoreSourceAccessor:=20Don't?= =?UTF-8?q?=20show=20=C2=ABunknown=C2=BB?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit In general we should set the path display prefix on the inner accessor, so we now pass the display prefix to getAccessor(). (cherry picked from commit 3032512425a09fc58f2d658442043894e0aab256) --- src/libfetchers/git-utils.cc | 21 +++++++++++++-------- src/libfetchers/git-utils.hh | 5 ++++- src/libfetchers/git.cc | 4 +--- src/libfetchers/github.cc | 7 ++++--- src/libfetchers/tarball.cc | 12 +++++++----- 5 files changed, 29 insertions(+), 20 deletions(-) diff --git a/src/libfetchers/git-utils.cc b/src/libfetchers/git-utils.cc index 6a75daf6124..a6b13fb31c8 100644 --- a/src/libfetchers/git-utils.cc +++ b/src/libfetchers/git-utils.cc @@ -508,7 +508,10 @@ struct GitRepoImpl : GitRepo, std::enable_shared_from_this */ ref getRawAccessor(const Hash & rev); - ref getAccessor(const Hash & rev, bool exportIgnore) override; + ref getAccessor( + const Hash & rev, + bool exportIgnore, + std::string displayPrefix) override; ref getAccessor(const WorkdirInfo & wd, bool exportIgnore, MakeNotAllowedError e) override; @@ -627,7 +630,7 @@ struct GitRepoImpl : GitRepo, std::enable_shared_from_this Hash treeHashToNarHash(const Hash & treeHash) override { - auto accessor = getAccessor(treeHash, false); + auto accessor = getAccessor(treeHash, false, ""); fetchers::Cache::Key cacheKey{"treeHashToNarHash", {{"treeHash", treeHash.gitRev()}}}; @@ -1194,16 +1197,18 @@ ref GitRepoImpl::getRawAccessor(const Hash & rev) return make_ref(self, rev); } -ref GitRepoImpl::getAccessor(const Hash & rev, bool exportIgnore) +ref GitRepoImpl::getAccessor( + const Hash & rev, + bool exportIgnore, + std::string displayPrefix) { auto self = ref(shared_from_this()); ref rawGitAccessor = getRawAccessor(rev); - if (exportIgnore) { + rawGitAccessor->setPathDisplay(std::move(displayPrefix)); + if (exportIgnore) return make_ref(self, rawGitAccessor, rev); - } - else { + else return rawGitAccessor; - } } ref GitRepoImpl::getAccessor(const WorkdirInfo & wd, bool exportIgnore, MakeNotAllowedError makeNotAllowedError) @@ -1236,7 +1241,7 @@ std::vector> GitRepoImpl::getSubmodules /* Read the .gitmodules files from this revision. */ CanonPath modulesFile(".gitmodules"); - auto accessor = getAccessor(rev, exportIgnore); + auto accessor = getAccessor(rev, exportIgnore, ""); if (!accessor->pathExists(modulesFile)) return {}; /* Parse it and get the revision of each submodule. */ diff --git a/src/libfetchers/git-utils.hh b/src/libfetchers/git-utils.hh index ff115143fc7..9677f507923 100644 --- a/src/libfetchers/git-utils.hh +++ b/src/libfetchers/git-utils.hh @@ -86,7 +86,10 @@ struct GitRepo virtual bool hasObject(const Hash & oid) = 0; - virtual ref getAccessor(const Hash & rev, bool exportIgnore) = 0; + virtual ref getAccessor( + const Hash & rev, + bool exportIgnore, + std::string displayPrefix) = 0; virtual ref getAccessor(const WorkdirInfo & wd, bool exportIgnore, MakeNotAllowedError makeNotAllowedError) = 0; diff --git a/src/libfetchers/git.cc b/src/libfetchers/git.cc index e8698709af2..e40afb865eb 100644 --- a/src/libfetchers/git.cc +++ b/src/libfetchers/git.cc @@ -672,9 +672,7 @@ struct GitInputScheme : InputScheme verifyCommit(input, repo); bool exportIgnore = getExportIgnoreAttr(input); - auto accessor = repo->getAccessor(rev, exportIgnore); - - accessor->setPathDisplay("«" + input.to_string() + "»"); + auto accessor = repo->getAccessor(rev, exportIgnore, "«" + input.to_string() + "»"); /* If the repo has submodules, fetch them and return a mounted input accessor consisting of the accessor for the top-level diff --git a/src/libfetchers/github.cc b/src/libfetchers/github.cc index 18594198847..ec469df7cd3 100644 --- a/src/libfetchers/github.cc +++ b/src/libfetchers/github.cc @@ -294,9 +294,10 @@ struct GitArchiveInputScheme : InputScheme #endif input.attrs.insert_or_assign("lastModified", uint64_t(tarballInfo.lastModified)); - auto accessor = getTarballCache()->getAccessor(tarballInfo.treeHash, false); - - accessor->setPathDisplay("«" + input.to_string() + "»"); + auto accessor = getTarballCache()->getAccessor( + tarballInfo.treeHash, + false, + "«" + input.to_string() + "»"); return {accessor, input}; } diff --git a/src/libfetchers/tarball.cc b/src/libfetchers/tarball.cc index 28574e7b1e7..699612e250c 100644 --- a/src/libfetchers/tarball.cc +++ b/src/libfetchers/tarball.cc @@ -105,7 +105,8 @@ DownloadFileResult downloadFile( static DownloadTarballResult downloadTarball_( const std::string & url, - const Headers & headers) + const Headers & headers, + const std::string & displayPrefix) { Cache::Key cacheKey{"tarball", {{"url", url}}}; @@ -118,7 +119,7 @@ static DownloadTarballResult downloadTarball_( .treeHash = treeHash, .lastModified = (time_t) getIntAttr(infoAttrs, "lastModified"), .immutableUrl = maybeGetStrAttr(infoAttrs, "immutableUrl"), - .accessor = getTarballCache()->getAccessor(treeHash, false), + .accessor = getTarballCache()->getAccessor(treeHash, false, displayPrefix), }; }; @@ -371,9 +372,10 @@ struct TarballInputScheme : CurlInputScheme { auto input(_input); - auto result = downloadTarball_(getStrAttr(input.attrs, "url"), {}); - - result.accessor->setPathDisplay("«" + input.to_string() + "»"); + auto result = downloadTarball_( + getStrAttr(input.attrs, "url"), + {}, + "«" + input.to_string() + "»"); if (result.immutableUrl) { auto immutableInput = Input::fromURL(*input.settings, *result.immutableUrl); From 491aaaf116cdf36a5f97316f61066fdeb6f29e68 Mon Sep 17 00:00:00 2001 From: Illia Bobyr Date: Mon, 13 Jan 2025 18:19:16 -0800 Subject: [PATCH 132/815] nix-profile.fish: Typo NIX_SS{H => L}_CERT_FILE (cherry picked from commit 803fb83f7ffb3bd5e2e1ee3bb9ce3ea3001bec2c) # Conflicts: # scripts/nix-profile.fish.in --- scripts/nix-profile.fish.in | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) diff --git a/scripts/nix-profile.fish.in b/scripts/nix-profile.fish.in index 619df52b895..becc5efd0d9 100644 --- a/scripts/nix-profile.fish.in +++ b/scripts/nix-profile.fish.in @@ -56,4 +56,36 @@ if test -n "$HOME" && test -n "$USER" set --erase NIX_LINK end +<<<<<<< HEAD +======= +# Set $NIX_SSL_CERT_FILE so that Nixpkgs applications like curl work. +if test -n "$NIX_SSL_CERT_FILE" + : # Allow users to override the NIX_SSL_CERT_FILE +else if test -e /etc/ssl/certs/ca-certificates.crt # NixOS, Ubuntu, Debian, Gentoo, Arch + set --export NIX_SSL_CERT_FILE /etc/ssl/certs/ca-certificates.crt +else if test -e /etc/ssl/ca-bundle.pem # openSUSE Tumbleweed + set --export NIX_SSL_CERT_FILE /etc/ssl/ca-bundle.pem +else if test -e /etc/ssl/certs/ca-bundle.crt # Old NixOS + set --export NIX_SSL_CERT_FILE /etc/ssl/certs/ca-bundle.crt +else if test -e /etc/pki/tls/certs/ca-bundle.crt # Fedora, CentOS + set --export NIX_SSL_CERT_FILE /etc/pki/tls/certs/ca-bundle.crt +else if test -e "$NIX_LINK/etc/ssl/certs/ca-bundle.crt" # fall back to cacert in Nix profile + set --export NIX_SSL_CERT_FILE "$NIX_LINK/etc/ssl/certs/ca-bundle.crt" +else if test -e "$NIX_LINK/etc/ca-bundle.crt" # old cacert in Nix profile + set --export NIX_SSL_CERT_FILE "$NIX_LINK/etc/ca-bundle.crt" +end + +# Only use MANPATH if it is already set. In general `man` will just simply +# pick up `.nix-profile/share/man` because is it close to `.nix-profile/bin` +# which is in the $PATH. For more info, run `manpath -d`. +if set --query MANPATH + set --export --prepend --path MANPATH "$NIX_LINK/share/man" +end + +add_path "$NIX_LINK/bin" +set --erase NIX_LINK + +# Cleanup + +>>>>>>> 803fb83f7 (nix-profile.fish: Typo NIX_SS{H => L}_CERT_FILE) functions -e add_path From 727cf59997c33a03558dab84071767983d57d892 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 30 Jan 2025 11:47:41 +0100 Subject: [PATCH 133/815] Git fetcher: Don't pass URL query parameters for file:// URLs Git interprets them as part of the file name, so passing parameters like 'rev' breaks. Only relevant for testing (when _NIX_FORCE_HTTP is set) and local bare repos. (cherry picked from commit 9f72d5bce9205c9f45dcb0e06b9573ccca5724ac) --- src/libfetchers/git.cc | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/src/libfetchers/git.cc b/src/libfetchers/git.cc index e40afb865eb..a1f65c0db24 100644 --- a/src/libfetchers/git.cc +++ b/src/libfetchers/git.cc @@ -459,8 +459,14 @@ struct GitInputScheme : InputScheme url); } repoInfo.location = std::filesystem::absolute(url.path); - } else + } else { + if (url.scheme == "file") + /* Query parameters are meaningless for file://, but + Git interprets them as part of the file name. So get + rid of them. */ + url.query.clear(); repoInfo.location = url; + } // If this is a local directory and no ref or revision is // given, then allow the use of an unclean working tree. From 1fe33c13d94744e071c7a4d5fe6cd93f12dab40a Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 30 Jan 2025 18:23:27 +0100 Subject: [PATCH 134/815] Git fetcher: Don't use refspec : This causes Git to create a local ref named refs/head/, e.g. $ git -C ~/.cache/nix/gitv3/11irpim06vj4h6c0w8yls6kx4hvl0qd0gr1fvk47n76g6wf1s1vk ls-remote --symref . 5c4410e3b9891c05ab40d723de78c6f0be45ad30 refs/heads/5c4410e3b9891c05ab40d723de78c6f0be45ad30 7f6bde8a20de4cccc2256f088bc5af9dbe38881d refs/heads/7f6bde8a20de4cccc2256f088bc5af9dbe38881d which confuses readHead(), leading to errors like fatal: Refusing to point HEAD outside of refs/ warning: could not update cached head 'd275d93aa0bb8a004939b2f1e87f559f989453be' for 'file:///tmp/repo' (cherry picked from commit ee9fa0d3603165631e65c8e694a033c47872267a) --- src/libfetchers/git.cc | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/libfetchers/git.cc b/src/libfetchers/git.cc index a1f65c0db24..758bb3653a0 100644 --- a/src/libfetchers/git.cc +++ b/src/libfetchers/git.cc @@ -611,16 +611,16 @@ struct GitInputScheme : InputScheme try { auto fetchRef = getAllRefsAttr(input) - ? "refs/*" + ? "refs/*:refs/*" : input.getRev() ? input.getRev()->gitRev() : ref.compare(0, 5, "refs/") == 0 - ? ref + ? fmt("%1%:%1%", ref) : ref == "HEAD" ? ref - : "refs/heads/" + ref; + : fmt("%1%:%1%", "refs/heads/" + ref); - repo->fetch(repoUrl.to_string(), fmt("%s:%s", fetchRef, fetchRef), getShallowAttr(input)); + repo->fetch(repoUrl.to_string(), fetchRef, getShallowAttr(input)); } catch (Error & e) { if (!std::filesystem::exists(localRefFile)) throw; logError(e.info()); From 8e4cd2f5370e2083b99cbc231f4a2180ab813b5a Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 30 Jan 2025 18:57:43 +0100 Subject: [PATCH 135/815] readHead(): Make sure we're returning the HEAD ref line If we previously fetched by revision, the output of "git ls-remote" won't start with the expected line like ref: refs/heads/master HEAD but will be something like 5c4410e3b9891c05ab40d723de78c6f0be45ad30 refs/heads/5c4410e3b9891c05ab40d723de78c6f0be45ad30 This then causes Nix to treat that revision as a refname, which then leads to warnings like warning: could not update cached head '5c4410e3b9891c05ab40d723de78c6f0be45ad30' for 'file:///tmp/repo' (cherry picked from commit c8b22643ba13b12f493e8b90dfa4b416bf267553) --- src/libfetchers/git.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libfetchers/git.cc b/src/libfetchers/git.cc index 758bb3653a0..0d423a7a39f 100644 --- a/src/libfetchers/git.cc +++ b/src/libfetchers/git.cc @@ -69,7 +69,7 @@ std::optional readHead(const Path & path) std::string_view line = output; line = line.substr(0, line.find("\n")); - if (const auto parseResult = git::parseLsRemoteLine(line)) { + if (const auto parseResult = git::parseLsRemoteLine(line); parseResult && parseResult->reference == "HEAD") { switch (parseResult->kind) { case git::LsRemoteRefLine::Kind::Symbolic: debug("resolved HEAD ref '%s' for repo '%s'", parseResult->target, path); From 30435e0559ae2d6784a115b7ffea266964fcb25d Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Fri, 24 Jan 2025 16:37:09 +0100 Subject: [PATCH 136/815] pre-commit/check-merge-conflicts-2: fix use outside dev shell Note that this is just a script that is meant to run outside a derivation (but also can be called by a derivation builder). `touch $out` does not belong in it. `touch $out` worked accidentally in the derivation-based check, and also in the dev shell, but if pre-commit is invoked without the dev shell it would fail. --- maintainers/flake-module.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/maintainers/flake-module.nix b/maintainers/flake-module.nix index 9b2c6dcbf80..2f19072eeef 100644 --- a/maintainers/flake-module.nix +++ b/maintainers/flake-module.nix @@ -35,7 +35,6 @@ echo "ERROR: found merge/patch conflicts in files" exit 1 fi - touch $out ''}"; }; clang-format = { From df8d5e61ad736653486c0d0a2fbd81d9b08f008b Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Wed, 29 Jan 2025 21:53:12 +0100 Subject: [PATCH 137/815] test: Fix shellcheck by giving git-hashing scripts shebangs This seems to be the way to do it now, even though I can't run them without setting at least one env var. I'll only fix shellcheck for now. Don't shoot the messenger. It isn't quite clear to me why the previous commit masked this problem, but I'm glad shellcheck has an effect or more effect now. --- tests/functional/git-hashing/simple.sh | 2 ++ 1 file changed, 2 insertions(+) mode change 100644 => 100755 tests/functional/git-hashing/simple.sh diff --git a/tests/functional/git-hashing/simple.sh b/tests/functional/git-hashing/simple.sh old mode 100644 new mode 100755 index f43168eb214..e02d8b29761 --- a/tests/functional/git-hashing/simple.sh +++ b/tests/functional/git-hashing/simple.sh @@ -1,3 +1,5 @@ +#!/usr/bin/env bash + source common.sh repo="$TEST_ROOT/scratch" From 0531f1299c467b083638aef3656c3d88a25b86ec Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Mon, 10 Feb 2025 16:01:13 +0100 Subject: [PATCH 138/815] Resolve conflict --- scripts/nix-profile.fish.in | 34 +--------------------------------- 1 file changed, 1 insertion(+), 33 deletions(-) diff --git a/scripts/nix-profile.fish.in b/scripts/nix-profile.fish.in index becc5efd0d9..3a8c234adee 100644 --- a/scripts/nix-profile.fish.in +++ b/scripts/nix-profile.fish.in @@ -29,7 +29,7 @@ if test -n "$HOME" && test -n "$USER" end # Set $NIX_SSL_CERT_FILE so that Nixpkgs applications like curl work. - if test -n "$NIX_SSH_CERT_FILE" + if test -n "$NIX_SSL_CERT_FILE" : # Allow users to override the NIX_SSL_CERT_FILE else if test -e /etc/ssl/certs/ca-certificates.crt # NixOS, Ubuntu, Debian, Gentoo, Arch set --export NIX_SSL_CERT_FILE /etc/ssl/certs/ca-certificates.crt @@ -56,36 +56,4 @@ if test -n "$HOME" && test -n "$USER" set --erase NIX_LINK end -<<<<<<< HEAD -======= -# Set $NIX_SSL_CERT_FILE so that Nixpkgs applications like curl work. -if test -n "$NIX_SSL_CERT_FILE" - : # Allow users to override the NIX_SSL_CERT_FILE -else if test -e /etc/ssl/certs/ca-certificates.crt # NixOS, Ubuntu, Debian, Gentoo, Arch - set --export NIX_SSL_CERT_FILE /etc/ssl/certs/ca-certificates.crt -else if test -e /etc/ssl/ca-bundle.pem # openSUSE Tumbleweed - set --export NIX_SSL_CERT_FILE /etc/ssl/ca-bundle.pem -else if test -e /etc/ssl/certs/ca-bundle.crt # Old NixOS - set --export NIX_SSL_CERT_FILE /etc/ssl/certs/ca-bundle.crt -else if test -e /etc/pki/tls/certs/ca-bundle.crt # Fedora, CentOS - set --export NIX_SSL_CERT_FILE /etc/pki/tls/certs/ca-bundle.crt -else if test -e "$NIX_LINK/etc/ssl/certs/ca-bundle.crt" # fall back to cacert in Nix profile - set --export NIX_SSL_CERT_FILE "$NIX_LINK/etc/ssl/certs/ca-bundle.crt" -else if test -e "$NIX_LINK/etc/ca-bundle.crt" # old cacert in Nix profile - set --export NIX_SSL_CERT_FILE "$NIX_LINK/etc/ca-bundle.crt" -end - -# Only use MANPATH if it is already set. In general `man` will just simply -# pick up `.nix-profile/share/man` because is it close to `.nix-profile/bin` -# which is in the $PATH. For more info, run `manpath -d`. -if set --query MANPATH - set --export --prepend --path MANPATH "$NIX_LINK/share/man" -end - -add_path "$NIX_LINK/bin" -set --erase NIX_LINK - -# Cleanup - ->>>>>>> 803fb83f7 (nix-profile.fish: Typo NIX_SS{H => L}_CERT_FILE) functions -e add_path From 3751c06fe199f22249c4fbbe01382641ee87687b Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 6 Feb 2025 22:08:48 +0100 Subject: [PATCH 139/815] coerceToStorePath(): Improve error message --- src/libexpr/eval.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libexpr/eval.cc b/src/libexpr/eval.cc index 19ca1a3591e..38dd7425ba2 100644 --- a/src/libexpr/eval.cc +++ b/src/libexpr/eval.cc @@ -2441,7 +2441,7 @@ StorePath EvalState::coerceToStorePath(const PosIdx pos, Value & v, NixStringCon auto path = coerceToString(pos, v, context, errorCtx, false, false, true).toOwned(); if (auto storePath = store->maybeParseStorePath(path)) return *storePath; - error("path '%1%' is not in the Nix store", path).withTrace(pos, errorCtx).debugThrow(); + error("cannoet coerce '%s' to a store path because it's not in the Nix store", path).withTrace(pos, errorCtx).debugThrow(); } From f24ff056cb36c3ceb887722c44db64b705371dae Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 6 Feb 2025 22:39:01 +0100 Subject: [PATCH 140/815] Make `nix flake metadata|update|lock` lazy These don't need to evaluate anything (except for the flake metadata in flake.nix) so we can make these commands operate on lazy trees without risk of any semantic change in the evaluator. However, `nix flake metadata` now no longer prints the store path, which is a breaking change (but unavoidable if we want lazy trees). --- src/libflake/flake/flake.cc | 38 +++++++++++++++++++------------ src/libflake/flake/flake.hh | 11 ++++++++- src/nix/flake.cc | 10 +++----- tests/functional/flakes/flakes.sh | 1 - 4 files changed, 37 insertions(+), 23 deletions(-) diff --git a/src/libflake/flake/flake.cc b/src/libflake/flake/flake.cc index 717848ee17d..90945f9494c 100644 --- a/src/libflake/flake/flake.cc +++ b/src/libflake/flake/flake.cc @@ -397,7 +397,8 @@ static Flake getFlake( const FlakeRef & originalRef, bool useRegistries, FlakeCache & flakeCache, - const InputAttrPath & lockRootAttrPath) + const InputAttrPath & lockRootAttrPath, + bool forceLazy) { // Fetch a lazy tree first. auto [accessor, resolvedRef, lockedRef] = fetchOrSubstituteTree( @@ -419,17 +420,22 @@ static Flake getFlake( lockedRef = lockedRef2; } - // Copy the tree to the store. - auto storePath = copyInputToStore(state, lockedRef.input, originalRef.input, accessor); - // Re-parse flake.nix from the store. - return readFlake(state, originalRef, resolvedRef, lockedRef, state.rootPath(state.store->toRealPath(storePath)), lockRootAttrPath); + return readFlake( + state, originalRef, resolvedRef, lockedRef, + forceLazy && lockedRef.input.isLocked() + ? SourcePath(accessor) + : // Copy the tree to the store. + state.rootPath( + state.store->toRealPath( + copyInputToStore(state, lockedRef.input, originalRef.input, accessor))), + lockRootAttrPath); } -Flake getFlake(EvalState & state, const FlakeRef & originalRef, bool useRegistries) +Flake getFlake(EvalState & state, const FlakeRef & originalRef, bool useRegistries, bool forceLazy) { FlakeCache flakeCache; - return getFlake(state, originalRef, useRegistries, flakeCache, {}); + return getFlake(state, originalRef, useRegistries, flakeCache, {}, forceLazy); } static LockFile readLockFile( @@ -455,7 +461,7 @@ LockedFlake lockFlake( auto useRegistries = lockFlags.useRegistries.value_or(settings.useRegistries); - auto flake = getFlake(state, topRef, useRegistries, flakeCache, {}); + auto flake = getFlake(state, topRef, useRegistries, flakeCache, {}, lockFlags.forceLazy); if (lockFlags.applyNixConfig) { flake.config.apply(settings); @@ -630,7 +636,7 @@ LockedFlake lockFlake( if (auto resolvedPath = resolveRelativePath()) { return readFlake(state, *input.ref, *input.ref, *input.ref, *resolvedPath, inputAttrPath); } else { - return getFlake(state, *input.ref, useRegistries, flakeCache, inputAttrPath); + return getFlake(state, *input.ref, useRegistries, flakeCache, inputAttrPath, lockFlags.forceLazy); } }; @@ -781,10 +787,14 @@ LockedFlake lockFlake( auto [accessor, resolvedRef, lockedRef] = fetchOrSubstituteTree( state, *input.ref, useRegistries, flakeCache); - // FIXME: allow input to be lazy. - auto storePath = copyInputToStore(state, lockedRef.input, input.ref->input, accessor); - - return {state.rootPath(state.store->toRealPath(storePath)), lockedRef}; + return { + lockFlags.forceLazy && lockedRef.input.isLocked() + ? SourcePath(accessor) + : state.rootPath( + state.store->toRealPath( + copyInputToStore(state, lockedRef.input, input.ref->input, accessor))), + lockedRef + }; } }(); @@ -894,7 +904,7 @@ LockedFlake lockFlake( repo, so we should re-read it. FIXME: we could also just clear the 'rev' field... */ auto prevLockedRef = flake.lockedRef; - flake = getFlake(state, topRef, useRegistries); + flake = getFlake(state, topRef, useRegistries, lockFlags.forceLazy); if (lockFlags.commitLockFile && flake.lockedRef.input.getRev() && diff --git a/src/libflake/flake/flake.hh b/src/libflake/flake/flake.hh index 8d9b9a698a4..3696fd11040 100644 --- a/src/libflake/flake/flake.hh +++ b/src/libflake/flake/flake.hh @@ -123,7 +123,11 @@ struct Flake } }; -Flake getFlake(EvalState & state, const FlakeRef & flakeRef, bool useRegistries); +Flake getFlake( + EvalState & state, + const FlakeRef & flakeRef, + bool useRegistries, + bool forceLazy = false); /** * Fingerprint of a locked flake; used as a cache key. @@ -221,6 +225,11 @@ struct LockFlags * for those inputs will be ignored. */ std::set inputUpdates; + + /** + * If set, do not copy the flake to the Nix store. + */ + bool forceLazy = false; }; LockedFlake lockFlake( diff --git a/src/nix/flake.cc b/src/nix/flake.cc index 6f220b495fe..1cc13bf598c 100644 --- a/src/nix/flake.cc +++ b/src/nix/flake.cc @@ -133,6 +133,7 @@ struct CmdFlakeUpdate : FlakeCommand lockFlags.recreateLockFile = updateAll; lockFlags.writeLockFile = true; lockFlags.applyNixConfig = true; + lockFlags.forceLazy = true; lockFlake(); } @@ -165,6 +166,7 @@ struct CmdFlakeLock : FlakeCommand lockFlags.writeLockFile = true; lockFlags.failOnUnlocked = true; lockFlags.applyNixConfig = true; + lockFlags.forceLazy = true; lockFlake(); } @@ -211,12 +213,10 @@ struct CmdFlakeMetadata : FlakeCommand, MixJSON void run(nix::ref store) override { + lockFlags.forceLazy = true; auto lockedFlake = lockFlake(); auto & flake = lockedFlake.flake; - // Currently, all flakes are in the Nix store via the rootFS accessor. - auto storePath = store->printStorePath(sourcePathToStorePath(store, flake.path).first); - if (json) { nlohmann::json j; if (flake.description) @@ -237,7 +237,6 @@ struct CmdFlakeMetadata : FlakeCommand, MixJSON j["revCount"] = *revCount; if (auto lastModified = flake.lockedRef.input.getLastModified()) j["lastModified"] = *lastModified; - j["path"] = storePath; j["locks"] = lockedFlake.lockFile.toJSON().first; if (auto fingerprint = lockedFlake.getFingerprint(store, fetchSettings)) j["fingerprint"] = fingerprint->to_string(HashFormat::Base16, false); @@ -254,9 +253,6 @@ struct CmdFlakeMetadata : FlakeCommand, MixJSON logger->cout( ANSI_BOLD "Description:" ANSI_NORMAL " %s", *flake.description); - logger->cout( - ANSI_BOLD "Path:" ANSI_NORMAL " %s", - storePath); if (auto rev = flake.lockedRef.input.getRev()) logger->cout( ANSI_BOLD "Revision:" ANSI_NORMAL " %s", diff --git a/tests/functional/flakes/flakes.sh b/tests/functional/flakes/flakes.sh index d8c9f254d15..8936afa2221 100755 --- a/tests/functional/flakes/flakes.sh +++ b/tests/functional/flakes/flakes.sh @@ -69,7 +69,6 @@ nix flake metadata "$flake1Dir" | grepQuiet 'URL:.*flake1.*' # Test 'nix flake metadata --json'. json=$(nix flake metadata flake1 --json | jq .) [[ $(echo "$json" | jq -r .description) = 'Bla bla' ]] -[[ -d $(echo "$json" | jq -r .path) ]] [[ $(echo "$json" | jq -r .lastModified) = $(git -C "$flake1Dir" log -n1 --format=%ct) ]] hash1=$(echo "$json" | jq -r .revision) [[ -n $(echo "$json" | jq -r .fingerprint) ]] From 9e6b89c92c00c67ada5ea6f15b48b8f6c69b002b Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 7 Feb 2025 14:58:22 +0100 Subject: [PATCH 141/815] lockFlake(): Always compute a NAR hash for inputs For the top-level flake, we don't need a NAR hash. But for inputs, we do. Also, add a test for the lazy behaviour of `nix flake metadata|lock`. --- src/libflake/flake/flake.cc | 51 ++++++++++++-------- src/libflake/flake/flake.hh | 13 ++++- src/libstore/store-api.cc | 8 ++- src/nix/flake.cc | 16 ++++-- tests/functional/flakes/flakes.sh | 2 +- tests/functional/flakes/follow-paths.sh | 9 ++-- tests/functional/flakes/unlocked-override.sh | 2 +- 7 files changed, 69 insertions(+), 32 deletions(-) diff --git a/src/libflake/flake/flake.cc b/src/libflake/flake/flake.cc index 90945f9494c..a0ba404cd82 100644 --- a/src/libflake/flake/flake.cc +++ b/src/libflake/flake/flake.cc @@ -100,6 +100,20 @@ static StorePath copyInputToStore( return storePath; } +static SourcePath maybeCopyInputToStore( + EvalState & state, + fetchers::Input & input, + const fetchers::Input & originalInput, + ref accessor, + CopyMode copyMode) +{ + return copyMode == CopyMode::Lazy || (copyMode == CopyMode::RequireLockable && (input.isLocked() || input.getNarHash())) + ? SourcePath(accessor) + : state.rootPath( + state.store->toRealPath( + copyInputToStore(state, input, originalInput, accessor))); +} + static void forceTrivialValue(EvalState & state, Value & value, const PosIdx pos) { if (value.isThunk() && value.isTrivial()) @@ -398,7 +412,7 @@ static Flake getFlake( bool useRegistries, FlakeCache & flakeCache, const InputAttrPath & lockRootAttrPath, - bool forceLazy) + CopyMode copyMode) { // Fetch a lazy tree first. auto [accessor, resolvedRef, lockedRef] = fetchOrSubstituteTree( @@ -423,19 +437,14 @@ static Flake getFlake( // Re-parse flake.nix from the store. return readFlake( state, originalRef, resolvedRef, lockedRef, - forceLazy && lockedRef.input.isLocked() - ? SourcePath(accessor) - : // Copy the tree to the store. - state.rootPath( - state.store->toRealPath( - copyInputToStore(state, lockedRef.input, originalRef.input, accessor))), + maybeCopyInputToStore(state, lockedRef.input, originalRef.input, accessor, copyMode), lockRootAttrPath); } -Flake getFlake(EvalState & state, const FlakeRef & originalRef, bool useRegistries, bool forceLazy) +Flake getFlake(EvalState & state, const FlakeRef & originalRef, bool useRegistries, CopyMode copyMode) { FlakeCache flakeCache; - return getFlake(state, originalRef, useRegistries, flakeCache, {}, forceLazy); + return getFlake(state, originalRef, useRegistries, flakeCache, {}, copyMode); } static LockFile readLockFile( @@ -461,7 +470,7 @@ LockedFlake lockFlake( auto useRegistries = lockFlags.useRegistries.value_or(settings.useRegistries); - auto flake = getFlake(state, topRef, useRegistries, flakeCache, {}, lockFlags.forceLazy); + auto flake = getFlake(state, topRef, useRegistries, flakeCache, {}, lockFlags.copyMode); if (lockFlags.applyNixConfig) { flake.config.apply(settings); @@ -506,6 +515,13 @@ LockedFlake lockFlake( explicitCliOverrides.insert(i.first); } + /* For locking of inputs, we require at least a NAR + hash. I.e. we can't be fully lazy. */ + auto inputCopyMode = + lockFlags.copyMode == CopyMode::Lazy + ? CopyMode::RequireLockable + : lockFlags.copyMode; + LockFile newLockFile; std::vector parents; @@ -633,11 +649,10 @@ LockedFlake lockFlake( flakerefs relative to the parent flake. */ auto getInputFlake = [&]() { - if (auto resolvedPath = resolveRelativePath()) { + if (auto resolvedPath = resolveRelativePath()) return readFlake(state, *input.ref, *input.ref, *input.ref, *resolvedPath, inputAttrPath); - } else { - return getFlake(state, *input.ref, useRegistries, flakeCache, inputAttrPath, lockFlags.forceLazy); - } + else + return getFlake(state, *input.ref, useRegistries, flakeCache, inputAttrPath, inputCopyMode); }; /* Do we have an entry in the existing lock file? @@ -788,11 +803,7 @@ LockedFlake lockFlake( state, *input.ref, useRegistries, flakeCache); return { - lockFlags.forceLazy && lockedRef.input.isLocked() - ? SourcePath(accessor) - : state.rootPath( - state.store->toRealPath( - copyInputToStore(state, lockedRef.input, input.ref->input, accessor))), + maybeCopyInputToStore(state, lockedRef.input, input.ref->input, accessor, inputCopyMode), lockedRef }; } @@ -904,7 +915,7 @@ LockedFlake lockFlake( repo, so we should re-read it. FIXME: we could also just clear the 'rev' field... */ auto prevLockedRef = flake.lockedRef; - flake = getFlake(state, topRef, useRegistries, lockFlags.forceLazy); + flake = getFlake(state, topRef, useRegistries, lockFlags.copyMode); if (lockFlags.commitLockFile && flake.lockedRef.input.getRev() && diff --git a/src/libflake/flake/flake.hh b/src/libflake/flake/flake.hh index 3696fd11040..93bd18188a8 100644 --- a/src/libflake/flake/flake.hh +++ b/src/libflake/flake/flake.hh @@ -123,11 +123,20 @@ struct Flake } }; +enum struct CopyMode { + //! Copy the input to the store. + RequireStorePath, + //! Ensure that the input is locked or has a NAR hash. + RequireLockable, + //! Just return a lazy source accessor. + Lazy, +}; + Flake getFlake( EvalState & state, const FlakeRef & flakeRef, bool useRegistries, - bool forceLazy = false); + CopyMode copyMode = CopyMode::RequireStorePath); /** * Fingerprint of a locked flake; used as a cache key. @@ -229,7 +238,7 @@ struct LockFlags /** * If set, do not copy the flake to the Nix store. */ - bool forceLazy = false; + CopyMode copyMode = CopyMode::RequireStorePath; }; LockedFlake lockFlake( diff --git a/src/libstore/store-api.cc b/src/libstore/store-api.cc index 236622eae37..25acdefc86d 100644 --- a/src/libstore/store-api.cc +++ b/src/libstore/store-api.cc @@ -214,8 +214,12 @@ StorePath Store::addToStore( auto sink = sourceToSink([&](Source & source) { LengthSource lengthSource(source); storePath = addToStoreFromDump(lengthSource, name, fsm, method, hashAlgo, references, repair); - if (settings.warnLargePathThreshold && lengthSource.total >= settings.warnLargePathThreshold) - warn("copied large path '%s' to the store (%s)", path, renderSize(lengthSource.total)); + if (settings.warnLargePathThreshold && lengthSource.total >= settings.warnLargePathThreshold) { + static bool failOnLargePath = getEnv("_NIX_TEST_FAIL_ON_LARGE_PATH").value_or("") == "1"; + if (failOnLargePath) + throw Error("won't copy large path '%s' to the store (%d)", path, renderSize(lengthSource.total)); + warn("copied large path '%s' to the store (%d)", path, renderSize(lengthSource.total)); + } }); dumpPath(path, *sink, fsm, filter); sink->finish(); diff --git a/src/nix/flake.cc b/src/nix/flake.cc index 1cc13bf598c..37df51f3731 100644 --- a/src/nix/flake.cc +++ b/src/nix/flake.cc @@ -133,7 +133,7 @@ struct CmdFlakeUpdate : FlakeCommand lockFlags.recreateLockFile = updateAll; lockFlags.writeLockFile = true; lockFlags.applyNixConfig = true; - lockFlags.forceLazy = true; + lockFlags.copyMode = CopyMode::Lazy; lockFlake(); } @@ -166,7 +166,7 @@ struct CmdFlakeLock : FlakeCommand lockFlags.writeLockFile = true; lockFlags.failOnUnlocked = true; lockFlags.applyNixConfig = true; - lockFlags.forceLazy = true; + lockFlags.copyMode = CopyMode::Lazy; lockFlake(); } @@ -213,10 +213,14 @@ struct CmdFlakeMetadata : FlakeCommand, MixJSON void run(nix::ref store) override { - lockFlags.forceLazy = true; + lockFlags.copyMode = CopyMode::Lazy; auto lockedFlake = lockFlake(); auto & flake = lockedFlake.flake; + std::optional storePath; + if (flake.lockedRef.input.getNarHash()) + storePath = flake.lockedRef.input.computeStorePath(*store); + if (json) { nlohmann::json j; if (flake.description) @@ -237,6 +241,8 @@ struct CmdFlakeMetadata : FlakeCommand, MixJSON j["revCount"] = *revCount; if (auto lastModified = flake.lockedRef.input.getLastModified()) j["lastModified"] = *lastModified; + if (storePath) + j["path"] = store->printStorePath(*storePath); j["locks"] = lockedFlake.lockFile.toJSON().first; if (auto fingerprint = lockedFlake.getFingerprint(store, fetchSettings)) j["fingerprint"] = fingerprint->to_string(HashFormat::Base16, false); @@ -253,6 +259,10 @@ struct CmdFlakeMetadata : FlakeCommand, MixJSON logger->cout( ANSI_BOLD "Description:" ANSI_NORMAL " %s", *flake.description); + if (storePath) + logger->cout( + ANSI_BOLD "Path:" ANSI_NORMAL " %s", + store->printStorePath(*storePath)); if (auto rev = flake.lockedRef.input.getRev()) logger->cout( ANSI_BOLD "Revision:" ANSI_NORMAL " %s", diff --git a/tests/functional/flakes/flakes.sh b/tests/functional/flakes/flakes.sh index 8936afa2221..f55d3a04d14 100755 --- a/tests/functional/flakes/flakes.sh +++ b/tests/functional/flakes/flakes.sh @@ -75,7 +75,7 @@ hash1=$(echo "$json" | jq -r .revision) echo foo > "$flake1Dir/foo" git -C "$flake1Dir" add $flake1Dir/foo -[[ $(nix flake metadata flake1 --json --refresh | jq -r .dirtyRevision) == "$hash1-dirty" ]] +[[ $(_NIX_TEST_FAIL_ON_LARGE_PATH=1 nix flake metadata flake1 --json --refresh --warn-large-path-threshold 1 | jq -r .dirtyRevision) == "$hash1-dirty" ]] [[ "$(nix flake metadata flake1 --json | jq -r .fingerprint)" != null ]] echo -n '# foo' >> "$flake1Dir/flake.nix" diff --git a/tests/functional/flakes/follow-paths.sh b/tests/functional/flakes/follow-paths.sh index a71d4c6d706..c654e0650a7 100755 --- a/tests/functional/flakes/follow-paths.sh +++ b/tests/functional/flakes/follow-paths.sh @@ -118,20 +118,23 @@ nix flake lock $flakeFollowsA jq -r -c '.nodes | keys | .[]' $flakeFollowsA/flake.lock | grep "^foobar$" # Check that path: inputs cannot escape from their root. +# FIXME: this test is wonky because with lazy trees, ../flakeB at the root is equivalent to /flakeB and not an error. cat > $flakeFollowsA/flake.nix <&1 | grep '/flakeB.*is forbidden in pure evaluation mode' -expect 1 nix flake lock --impure $flakeFollowsA 2>&1 | grep '/flakeB.*does not exist' +expect 1 nix eval $flakeFollowsA#x 2>&1 | grep '/flakeB.*is forbidden in pure evaluation mode' +expect 1 nix eval --impure $flakeFollowsA#x 2>&1 | grep '/flakeB.*does not exist' # Test relative non-flake inputs. cat > $flakeFollowsA/flake.nix < "$flake1Dir"/x.nix expectStderr 1 nix flake lock "$flake2Dir" --override-input flake1 "$TEST_ROOT/flake1" | grepQuiet "Will not write lock file.*because it has an unlocked input" -nix flake lock "$flake2Dir" --override-input flake1 "$TEST_ROOT/flake1" --allow-dirty-locks +_NIX_TEST_FAIL_ON_LARGE_PATH=1 nix flake lock "$flake2Dir" --override-input flake1 "$TEST_ROOT/flake1" --allow-dirty-locks --warn-large-path-threshold 1 # Using a lock file with a dirty lock does not require --allow-dirty-locks, but should print a warning. expectStderr 0 nix eval "$flake2Dir#x" | From 2890a2e25da3645f1979d2a35eb88239e8ca9630 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 7 Feb 2025 17:26:29 +0100 Subject: [PATCH 142/815] Typo --- src/libexpr/eval.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libexpr/eval.cc b/src/libexpr/eval.cc index 38dd7425ba2..92dd8edab93 100644 --- a/src/libexpr/eval.cc +++ b/src/libexpr/eval.cc @@ -2441,7 +2441,7 @@ StorePath EvalState::coerceToStorePath(const PosIdx pos, Value & v, NixStringCon auto path = coerceToString(pos, v, context, errorCtx, false, false, true).toOwned(); if (auto storePath = store->maybeParseStorePath(path)) return *storePath; - error("cannoet coerce '%s' to a store path because it's not in the Nix store", path).withTrace(pos, errorCtx).debugThrow(); + error("cannot coerce '%s' to a store path because it does not denote a subpath of the Nix store", path).withTrace(pos, errorCtx).debugThrow(); } From 343218413648af3070e472e5f01e6574ea20e16f Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 10 Feb 2025 19:38:47 +0100 Subject: [PATCH 143/815] Compute NAR hash for Git archive flakes if --no-trust-tarballs-from-git-forges --- src/libfetchers/github.cc | 7 +++++++ tests/nixos/github-flakes.nix | 2 +- 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/src/libfetchers/github.cc b/src/libfetchers/github.cc index ec469df7cd3..347cc70ebe6 100644 --- a/src/libfetchers/github.cc +++ b/src/libfetchers/github.cc @@ -299,6 +299,13 @@ struct GitArchiveInputScheme : InputScheme false, "«" + input.to_string() + "»"); + if (!input.settings->trustTarballsFromGitForges) + // FIXME: computing the NAR hash here is wasteful if + // copyInputToStore() is just going to hash/copy it as + // well. + input.attrs.insert_or_assign("narHash", + accessor->hashPath(CanonPath::root).to_string(HashFormat::SRI, true)); + return {accessor, input}; } diff --git a/tests/nixos/github-flakes.nix b/tests/nixos/github-flakes.nix index dcba464a34d..c6b3db96cc0 100644 --- a/tests/nixos/github-flakes.nix +++ b/tests/nixos/github-flakes.nix @@ -205,7 +205,7 @@ in cat_log() # ... otherwise it should use the API - out = client.succeed("nix flake metadata private-flake --json --access-tokens github.com=ghp_000000000000000000000000000000000000 --tarball-ttl 0") + out = client.succeed("nix flake metadata private-flake --json --access-tokens github.com=ghp_000000000000000000000000000000000000 --tarball-ttl 0 --no-trust-tarballs-from-git-forges") print(out) info = json.loads(out) assert info["revision"] == "${private-flake-rev}", f"revision mismatch: {info['revision']} != ${private-flake-rev}" From 307ce9bc1d8c58a947fc4c8f9c3369c64f5a2d4b Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 10 Feb 2025 19:55:24 +0100 Subject: [PATCH 144/815] Add NAR hash mismatch test --- tests/nixos/github-flakes.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tests/nixos/github-flakes.nix b/tests/nixos/github-flakes.nix index c6b3db96cc0..8175e807c7c 100644 --- a/tests/nixos/github-flakes.nix +++ b/tests/nixos/github-flakes.nix @@ -224,6 +224,10 @@ in hash = client.succeed(f"nix eval --no-trust-tarballs-from-git-forges --raw --expr '(fetchTree {info['url']}).narHash'") assert hash == info['locked']['narHash'] + # Fetching with an incorrect NAR hash should fail. + out = client.fail(f"nix eval --no-trust-tarballs-from-git-forges --raw --expr '(fetchTree \"github:fancy-enterprise/private-flake/{info['revision']}?narHash=sha256-HsrRFZYg69qaVe/wDyWBYLeS6ca7ACEJg2Z%2BGpEFw4A%3D\").narHash' 2>&1") + assert "NAR hash mismatch in input" in out, "NAR hash check did not fail with the expected error" + # Fetching without a narHash should succeed if trust-github is set and fail otherwise. client.succeed(f"nix eval --raw --expr 'builtins.fetchTree github:github:fancy-enterprise/private-flake/{info['revision']}'") out = client.fail(f"nix eval --no-trust-tarballs-from-git-forges --raw --expr 'builtins.fetchTree github:github:fancy-enterprise/private-flake/{info['revision']}' 2>&1") From 83306bb841cff73723b813905c2e7dab76c6bfcc Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Tue, 11 Feb 2025 20:36:28 +0100 Subject: [PATCH 145/815] copyPathToStore(): Preserve symlinks E.g. in a derivation attribute `foo = ./bar`, if ./bar is a symlink, we should copy the symlink to the store, not its target. This restores the behaviour of Nix <= 2.19. (cherry picked from commit 26b87e78b5dd62d9cca7c7d08a697dd2d22ae38c) --- src/libexpr/eval.cc | 2 +- tests/functional/meson.build | 1 + tests/functional/simple.sh | 2 +- tests/functional/symlinks.sh | 16 ++++++++++++++++ 4 files changed, 19 insertions(+), 2 deletions(-) create mode 100644 tests/functional/symlinks.sh diff --git a/src/libexpr/eval.cc b/src/libexpr/eval.cc index 19ca1a3591e..dee764429e9 100644 --- a/src/libexpr/eval.cc +++ b/src/libexpr/eval.cc @@ -2384,7 +2384,7 @@ StorePath EvalState::copyPathToStore(NixStringContext & context, const SourcePat : [&]() { auto dstPath = fetchToStore( *store, - path.resolveSymlinks(), + path.resolveSymlinks(SymlinkResolution::Ancestors), settings.readOnlyMode ? FetchMode::DryRun : FetchMode::Copy, path.baseName(), ContentAddressMethod::Raw::NixArchive, diff --git a/tests/functional/meson.build b/tests/functional/meson.build index 83e08c4f5ad..03a07bc54e5 100644 --- a/tests/functional/meson.build +++ b/tests/functional/meson.build @@ -164,6 +164,7 @@ suites = [ 'debugger.sh', 'extra-sandbox-profile.sh', 'help.sh', + 'symlinks.sh', ], 'workdir': meson.current_source_dir(), }, diff --git a/tests/functional/simple.sh b/tests/functional/simple.sh index 8afa369c2e2..c1f2eef411e 100755 --- a/tests/functional/simple.sh +++ b/tests/functional/simple.sh @@ -15,7 +15,7 @@ echo "output path is $outPath" [[ ! -w $outPath ]] text=$(cat "$outPath/hello") -if test "$text" != "Hello World!"; then exit 1; fi +[[ "$text" = "Hello World!" ]] TODO_NixOS diff --git a/tests/functional/symlinks.sh b/tests/functional/symlinks.sh new file mode 100644 index 00000000000..5eb22b3f901 --- /dev/null +++ b/tests/functional/symlinks.sh @@ -0,0 +1,16 @@ +#!/usr/bin/env bash + +source common.sh + +# Check that when we have a derivation attribute that refers to a +# symlink, we copy the symlink, not its target. +# shellcheck disable=SC2016 +nix build --impure --no-link --expr ' + with import ./config.nix; + + mkDerivation { + name = "simple"; + builder = builtins.toFile "builder.sh" "[[ -L \"$symlink\" ]]; mkdir $out"; + symlink = ./lang/symlink-resolution/foo/overlays; + } +' From d3082284974e8028fd406909651fdec8f23f19d4 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Tue, 11 Feb 2025 22:42:36 +0100 Subject: [PATCH 146/815] Don't import a symlink This is a workaround to avoid differing evaluation results between Nix 2.19 and >= 2.20 (#12449). (cherry picked from commit 2e20a5f8220c736681752587193d36b7955f6cbc) --- packaging/components.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packaging/components.nix b/packaging/components.nix index d1bfe83bf0e..07bb209cd4f 100644 --- a/packaging/components.nix +++ b/packaging/components.nix @@ -56,7 +56,7 @@ in nix-cli = callPackage ../src/nix/package.nix { version = fineVersion; }; - nix-functional-tests = callPackage ../src/nix-functional-tests/package.nix { + nix-functional-tests = callPackage ../tests/functional/package.nix { version = fineVersion; }; From dffcc184d7ab8a39085015181e7e693b0de5433a Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 12 Feb 2025 14:53:04 +0100 Subject: [PATCH 147/815] lockFlake(): When refetching a locked flake, use the locked ref Otherwise we may accidentally update a lock when we shouldn't. Fixes #12445. (cherry picked from commit 5c552b62fc1b45e614b86bb93c7b6ef4f14bff18) # Conflicts: # src/libflake/flake/flake.cc --- src/libflake/flake/flake.cc | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/src/libflake/flake/flake.cc b/src/libflake/flake/flake.cc index 06260c67a5d..5827668a2c5 100644 --- a/src/libflake/flake/flake.cc +++ b/src/libflake/flake/flake.cc @@ -554,12 +554,18 @@ LockedFlake lockFlake( /* Get the input flake, resolve 'path:./...' flakerefs relative to the parent flake. */ - auto getInputFlake = [&]() + auto getInputFlake = [&](const FlakeRef & ref) { if (auto resolvedPath = resolveRelativePath()) { +<<<<<<< HEAD return readFlake(state, *input.ref, *input.ref, *input.ref, *resolvedPath, inputPath); } else { return getFlake(state, *input.ref, useRegistries, flakeCache, inputPath); +======= + return readFlake(state, ref, ref, ref, *resolvedPath, inputAttrPath); + } else { + return getFlake(state, ref, useRegistries, flakeCache, inputAttrPath); +>>>>>>> 5c552b62f (lockFlake(): When refetching a locked flake, use the locked ref) } }; @@ -640,7 +646,7 @@ LockedFlake lockFlake( } if (mustRefetch) { - auto inputFlake = getInputFlake(); + auto inputFlake = getInputFlake(oldLock->lockedRef); nodePaths.emplace(childNode, inputFlake.path.parent()); computeLocks(inputFlake.inputs, childNode, inputPath, oldLock, followsPrefix, inputFlake.path, false); @@ -668,7 +674,7 @@ LockedFlake lockFlake( auto ref = (input2.ref && explicitCliOverrides.contains(inputPath)) ? *input2.ref : *input.ref; if (input.isFlake) { - auto inputFlake = getInputFlake(); + auto inputFlake = getInputFlake(*input.ref); auto childNode = make_ref( inputFlake.lockedRef, From 0ff190107f2de65247b8f2c2f7c7995737c72e16 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 12 Feb 2025 16:54:48 +0100 Subject: [PATCH 148/815] Resolve merge conflict --- src/libflake/flake/flake.cc | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/src/libflake/flake/flake.cc b/src/libflake/flake/flake.cc index 5827668a2c5..507bef769b1 100644 --- a/src/libflake/flake/flake.cc +++ b/src/libflake/flake/flake.cc @@ -557,15 +557,9 @@ LockedFlake lockFlake( auto getInputFlake = [&](const FlakeRef & ref) { if (auto resolvedPath = resolveRelativePath()) { -<<<<<<< HEAD - return readFlake(state, *input.ref, *input.ref, *input.ref, *resolvedPath, inputPath); + return readFlake(state, ref, ref, ref, *resolvedPath, inputPath); } else { - return getFlake(state, *input.ref, useRegistries, flakeCache, inputPath); -======= - return readFlake(state, ref, ref, ref, *resolvedPath, inputAttrPath); - } else { - return getFlake(state, ref, useRegistries, flakeCache, inputAttrPath); ->>>>>>> 5c552b62f (lockFlake(): When refetching a locked flake, use the locked ref) + return getFlake(state, ref, useRegistries, flakeCache, inputPath); } }; From 970942f45836172fda410a638853382952189eb9 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 12 Feb 2025 21:50:20 +0100 Subject: [PATCH 149/815] Bump version --- .version | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.version b/.version index ed1d6005085..3953e8ad504 100644 --- a/.version +++ b/.version @@ -1 +1 @@ -2.26.2 +2.26.3 From 86ccad698eb1c0679fc2be8ac59149211371358e Mon Sep 17 00:00:00 2001 From: John Ericson Date: Mon, 20 May 2024 08:36:58 -0400 Subject: [PATCH 150/815] Expose a bunch of things in the Legacy SSH Store for Hydra (cherry picked from commit 5eade4825221d3284fc6555cb20de2c7aa171d72) --- src/libstore/legacy-ssh-store.cc | 99 +++++++++++++++++++++++++++----- src/libstore/legacy-ssh-store.hh | 55 ++++++++++++++++++ 2 files changed, 140 insertions(+), 14 deletions(-) diff --git a/src/libstore/legacy-ssh-store.cc b/src/libstore/legacy-ssh-store.cc index eac360a4f7a..3f62794efc9 100644 --- a/src/libstore/legacy-ssh-store.cc +++ b/src/libstore/legacy-ssh-store.cc @@ -69,7 +69,7 @@ ref LegacySSHStore::openConnection() command.push_back("--store"); command.push_back(remoteStore.get()); } - conn->sshConn = master.startCommand(std::move(command)); + conn->sshConn = master.startCommand(std::move(command), std::list{extraSshArgs}); conn->to = FdSink(conn->sshConn->in.get()); conn->from = FdSource(conn->sshConn->out.get()); @@ -100,19 +100,31 @@ std::string LegacySSHStore::getUri() return *uriSchemes().begin() + "://" + host; } +std::map LegacySSHStore::queryPathInfosUncached( + const StorePathSet & paths) +{ + auto conn(connections->get()); + + /* No longer support missing NAR hash */ + assert(GET_PROTOCOL_MINOR(conn->remoteVersion) >= 4); + + debug("querying remote host '%s' for info on '%s'", host, concatStringsSep(", ", printStorePathSet(paths))); + + auto infos = conn->queryPathInfos(*this, paths); + + for (const auto & [_, info] : infos) { + if (info.narHash == Hash::dummy) + throw Error("NAR hash is now mandatory"); + } + + return infos; +} void LegacySSHStore::queryPathInfoUncached(const StorePath & path, Callback> callback) noexcept { try { - auto conn(connections->get()); - - /* No longer support missing NAR hash */ - assert(GET_PROTOCOL_MINOR(conn->remoteVersion) >= 4); - - debug("querying remote host '%s' for info on '%s'", host, printStorePath(path)); - - auto infos = conn->queryPathInfos(*this, {path}); + auto infos = queryPathInfosUncached({path}); switch (infos.size()) { case 0: @@ -120,9 +132,6 @@ void LegacySSHStore::queryPathInfoUncached(const StorePath & path, case 1: { auto & [path2, info] = *infos.begin(); - if (info.narHash == Hash::dummy) - throw Error("NAR hash is now mandatory"); - assert(path == path2); return callback(std::make_shared( std::move(path), @@ -193,13 +202,19 @@ void LegacySSHStore::addToStore(const ValidPathInfo & info, Source & source, void LegacySSHStore::narFromPath(const StorePath & path, Sink & sink) { - auto conn(connections->get()); - conn->narFromPath(*this, path, [&](auto & source) { + narFromPath(path, [&](auto & source) { copyNAR(source, sink); }); } +void LegacySSHStore::narFromPath(const StorePath & path, std::function fun) +{ + auto conn(connections->get()); + conn->narFromPath(*this, path, fun); +} + + static ServeProto::BuildOptions buildSettings() { return { @@ -223,6 +238,19 @@ BuildResult LegacySSHStore::buildDerivation(const StorePath & drvPath, const Bas return conn->getBuildDerivationResponse(*this); } +std::function LegacySSHStore::buildDerivationAsync( + const StorePath & drvPath, const BasicDerivation & drv, + const ServeProto::BuildOptions & options) +{ + // Until we have C++23 std::move_only_function + auto conn = std::make_shared::Handle>(connections->get()); + (*conn)->putBuildDerivationRequest(*this, drvPath, drv, options); + + return [this,conn]() -> BuildResult { + return (*conn)->getBuildDerivationResponse(*this); + }; +} + void LegacySSHStore::buildPaths(const std::vector & drvPaths, BuildMode buildMode, std::shared_ptr evalStore) { @@ -294,6 +322,32 @@ StorePathSet LegacySSHStore::queryValidPaths(const StorePathSet & paths, } +StorePathSet LegacySSHStore::queryValidPaths(const StorePathSet & paths, + bool lock, SubstituteFlag maybeSubstitute) +{ + auto conn(connections->get()); + return conn->queryValidPaths(*this, + lock, paths, maybeSubstitute); +} + + +void LegacySSHStore::addMultipleToStoreLegacy(Store & srcStore, const StorePathSet & paths) +{ + auto conn(connections->get()); + conn->to << ServeProto::Command::ImportPaths; + try { + srcStore.exportPaths(paths, conn->to); + } catch (...) { + conn->good = false; + throw; + } + conn->to.flush(); + + if (readInt(conn->from) != 1) + throw Error("remote machine failed to import closure"); +} + + void LegacySSHStore::connect() { auto conn(connections->get()); @@ -307,6 +361,23 @@ unsigned int LegacySSHStore::getProtocol() } +pid_t LegacySSHStore::getConnectionPid() +{ + auto conn(connections->get()); + return conn->sshConn->sshPid; +} + + +LegacySSHStore::ConnectionStats LegacySSHStore::getConnectionStats() +{ + auto conn(connections->get()); + return { + .bytesReceived = conn->from.read, + .bytesSent = conn->to.written, + }; +} + + /** * The legacy ssh protocol doesn't support checking for trusted-user. * Try using ssh-ng:// instead if you want to know. diff --git a/src/libstore/legacy-ssh-store.hh b/src/libstore/legacy-ssh-store.hh index b541455b4e5..2444a7a662e 100644 --- a/src/libstore/legacy-ssh-store.hh +++ b/src/libstore/legacy-ssh-store.hh @@ -6,6 +6,7 @@ #include "ssh.hh" #include "callback.hh" #include "pool.hh" +#include "serve-protocol.hh" namespace nix { @@ -24,6 +25,11 @@ struct LegacySSHStoreConfig : virtual CommonSSHStoreConfig const Setting maxConnections{this, 1, "max-connections", "Maximum number of concurrent SSH connections."}; + /** + * Hack for hydra + */ + Strings extraSshArgs = {}; + const std::string name() override { return "SSH Store"; } static std::set uriSchemes() { return {"ssh"}; } @@ -60,11 +66,24 @@ struct LegacySSHStore : public virtual LegacySSHStoreConfig, public virtual Stor void queryPathInfoUncached(const StorePath & path, Callback> callback) noexcept override; + std::map queryPathInfosUncached( + const StorePathSet & paths); + void addToStore(const ValidPathInfo & info, Source & source, RepairFlag repair, CheckSigsFlag checkSigs) override; void narFromPath(const StorePath & path, Sink & sink) override; + /** + * Hands over the connection temporarily as source to the given + * function. The function must not consume beyond the NAR; it can + * not just blindly try to always read more bytes until it is + * cut-off. + * + * This is exposed for sake of Hydra. + */ + void narFromPath(const StorePath & path, std::function fun); + std::optional queryPathFromHashPart(const std::string & hashPart) override { unsupported("queryPathFromHashPart"); } @@ -93,6 +112,16 @@ public: BuildResult buildDerivation(const StorePath & drvPath, const BasicDerivation & drv, BuildMode buildMode) override; + /** + * Note, the returned function must only be called once, or we'll + * try to read from the connection twice. + * + * @todo Use C++23 `std::move_only_function`. + */ + std::function buildDerivationAsync( + const StorePath & drvPath, const BasicDerivation & drv, + const ServeProto::BuildOptions & options); + void buildPaths(const std::vector & drvPaths, BuildMode buildMode, std::shared_ptr evalStore) override; void ensurePath(const StorePath & path) override @@ -119,10 +148,36 @@ public: StorePathSet queryValidPaths(const StorePathSet & paths, SubstituteFlag maybeSubstitute = NoSubstitute) override; + /** + * Custom variation that atomically creates temp locks on the remote + * side. + * + * This exists to prevent a race where the remote host + * garbage-collects paths that are already there. Optionally, ask + * the remote host to substitute missing paths. + */ + StorePathSet queryValidPaths(const StorePathSet & paths, + bool lock, + SubstituteFlag maybeSubstitute = NoSubstitute); + + /** + * Just exists because this is exactly what Hydra was doing, and we + * don't yet want an algorithmic change. + */ + void addMultipleToStoreLegacy(Store & srcStore, const StorePathSet & paths); + void connect() override; unsigned int getProtocol() override; + struct ConnectionStats { + size_t bytesReceived, bytesSent; + }; + + ConnectionStats getConnectionStats(); + + pid_t getConnectionPid(); + /** * The legacy ssh protocol doesn't support checking for trusted-user. * Try using ssh-ng:// instead if you want to know. From 7112f8294c162db536b15f9d527033c9d641e057 Mon Sep 17 00:00:00 2001 From: John Ericson Date: Thu, 23 May 2024 11:53:17 -0400 Subject: [PATCH 151/815] Add `SSHMaster::Connection::trySetBufferSize` It is unused in Nix currently, but will be used in Hydra. This reflects what Hydra does in https://github.com/NixOS/hydra/pull/1387. We may probably to use it more widely for better SSH store performance, but this needs to be subject to more testing before we do that. (cherry picked from commit 0d25cc65417647c454e3095650b87bc88351b384) --- src/libstore/ssh.cc | 15 +++++++++++++++ src/libstore/ssh.hh | 12 ++++++++++++ 2 files changed, 27 insertions(+) diff --git a/src/libstore/ssh.cc b/src/libstore/ssh.cc index 116a480bacc..f47cfbbec2c 100644 --- a/src/libstore/ssh.cc +++ b/src/libstore/ssh.cc @@ -240,4 +240,19 @@ Path SSHMaster::startMaster() #endif +void SSHMaster::Connection::trySetBufferSize(size_t size) +{ +#ifdef F_SETPIPE_SZ + /* This `fcntl` method of doing this takes a positive `int`. Check + and convert accordingly. + + The function overall still takes `size_t` because this is more + portable for a platform-agnostic interface. */ + assert(size <= INT_MAX); + int pipesize = size; + fcntl(in.get(), F_SETPIPE_SZ, pipesize); + fcntl(out.get(), F_SETPIPE_SZ, pipesize); +#endif +} + } diff --git a/src/libstore/ssh.hh b/src/libstore/ssh.hh index 85be704ec9d..eb05df01174 100644 --- a/src/libstore/ssh.hh +++ b/src/libstore/ssh.hh @@ -54,6 +54,18 @@ public: Pid sshPid; #endif AutoCloseFD out, in; + + /** + * Try to set the buffer size in both directions to the + * designated amount, if possible. If not possible, does + * nothing. + * + * Current implementation is to use `fcntl` with `F_SETPIPE_SZ`, + * which is Linux-only. For this implementation, `size` must + * convertable to an `int`. In other words, it must be within + * `[0, INT_MAX]`. + */ + void trySetBufferSize(size_t size); }; /** From fa7f0d6d07bdbedd06904d52bd111e58cb3d64c9 Mon Sep 17 00:00:00 2001 From: John Ericson Date: Sun, 16 Feb 2025 20:01:03 -0500 Subject: [PATCH 152/815] Allow setting `ssh://` pipe size Exposed for Hydra. We could make it fancier but with (a) new store settings (b) switch to `ssh-ng://` both in the works, it doesn't seem worth it. (cherry picked from commit 94a7c34b2f8285650e3130e5dc6ff5333eaa6dc8) --- src/libstore/legacy-ssh-store.cc | 3 +++ src/libstore/legacy-ssh-store.hh | 5 +++++ 2 files changed, 8 insertions(+) diff --git a/src/libstore/legacy-ssh-store.cc b/src/libstore/legacy-ssh-store.cc index 3f62794efc9..3849f088dd5 100644 --- a/src/libstore/legacy-ssh-store.cc +++ b/src/libstore/legacy-ssh-store.cc @@ -70,6 +70,9 @@ ref LegacySSHStore::openConnection() command.push_back(remoteStore.get()); } conn->sshConn = master.startCommand(std::move(command), std::list{extraSshArgs}); + if (connPipeSize) { + conn->sshConn->trySetBufferSize(*connPipeSize); + } conn->to = FdSink(conn->sshConn->in.get()); conn->from = FdSource(conn->sshConn->out.get()); diff --git a/src/libstore/legacy-ssh-store.hh b/src/libstore/legacy-ssh-store.hh index 2444a7a662e..92aa4ae56d1 100644 --- a/src/libstore/legacy-ssh-store.hh +++ b/src/libstore/legacy-ssh-store.hh @@ -30,6 +30,11 @@ struct LegacySSHStoreConfig : virtual CommonSSHStoreConfig */ Strings extraSshArgs = {}; + /** + * Exposed for hydra + */ + std::optional connPipeSize; + const std::string name() override { return "SSH Store"; } static std::set uriSchemes() { return {"ssh"}; } From 7d168db83cde11e3cf9872f7275fd6664f594740 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 17 Feb 2025 11:36:47 +0100 Subject: [PATCH 153/815] getDefaultNixPath(): Don't add symlinks if the target doesn't exist (cherry picked from commit 8ac49ea5de0b763175af5b266dd258c544192036) --- src/libexpr/eval-settings.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libexpr/eval-settings.cc b/src/libexpr/eval-settings.cc index 4cbcb39b9e0..ade0abf9af6 100644 --- a/src/libexpr/eval-settings.cc +++ b/src/libexpr/eval-settings.cc @@ -57,7 +57,7 @@ Strings EvalSettings::getDefaultNixPath() { Strings res; auto add = [&](const Path & p, const std::string & s = std::string()) { - if (pathAccessible(p)) { + if (std::filesystem::exists(p)) { if (s.empty()) { res.push_back(p); } else { From 640ce50da12e81c078142d344c89a9b3494a3ccb Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 17 Feb 2025 11:50:54 +0100 Subject: [PATCH 154/815] resolveLookupPathPath(): Fix caching of negative lookups This avoids spamming in case the missing search path entry does not exist (#12480). (cherry picked from commit df08e1e204d04924bc546ed3ebb2fabf936aa5be) --- src/libexpr/eval.cc | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/src/libexpr/eval.cc b/src/libexpr/eval.cc index dee764429e9..8aef85dc594 100644 --- a/src/libexpr/eval.cc +++ b/src/libexpr/eval.cc @@ -3070,8 +3070,11 @@ std::optional EvalState::resolveLookupPathPath(const LookupPath::Pat auto i = lookupPathResolved.find(value); if (i != lookupPathResolved.end()) return i->second; - auto finish = [&](SourcePath res) { - debug("resolved search path element '%s' to '%s'", value, res); + auto finish = [&](std::optional res) { + if (res) + debug("resolved search path element '%s' to '%s'", value, *res); + else + debug("failed to resolve search path element '%s'", value); lookupPathResolved.emplace(value, res); return res; }; @@ -3123,8 +3126,7 @@ std::optional EvalState::resolveLookupPathPath(const LookupPath::Pat } } - debug("failed to resolve search path element '%s'", value); - return std::nullopt; + return finish(std::nullopt); } From 80db87bd4c0ec214be8cc1705e6b5f11212605a1 Mon Sep 17 00:00:00 2001 From: Sergei Zimmerman <145775305+xokdvium@users.noreply.github.com> Date: Tue, 18 Feb 2025 01:57:33 +0300 Subject: [PATCH 155/815] Move code related to NIX_MAN_DIR from libstore to nix-cli This is a prerequisite to properly fixing man-pages once and for all [1]. Note that this patch leaves manpages for legacy commands in a borked state, pending the movement of manpages from nix-manual to nix-cli [2]. [1]: https://www.github.com/NixOS/nix/issues/12382 [2]: https://www.github.com/NixOS/nix/issues/12382#issuecomment-2663782043 (cherry picked from commit b1a38b3efe214b093910776f4a92cad0fc125a3e) --- src/libmain/shared.cc | 14 --------- src/libmain/shared.hh | 5 ---- src/libstore/globals.cc | 1 - src/libstore/globals.hh | 5 ---- src/nix-build/nix-build.cc | 1 + src/nix-channel/nix-channel.cc | 1 + .../nix-collect-garbage.cc | 1 + src/nix-copy-closure/nix-copy-closure.cc | 1 + src/nix-env/nix-env.cc | 1 + src/nix-instantiate/nix-instantiate.cc | 1 + src/nix-store/nix-store.cc | 1 + src/nix/hash.cc | 1 + src/nix/man-pages.cc | 29 +++++++++++++++++++ src/nix/man-pages.hh | 28 ++++++++++++++++++ src/nix/meson.build | 12 ++++++++ src/nix/prefetch.cc | 1 + src/nix/unix/daemon.cc | 1 + 17 files changed, 79 insertions(+), 25 deletions(-) create mode 100644 src/nix/man-pages.cc create mode 100644 src/nix/man-pages.hh diff --git a/src/libmain/shared.cc b/src/libmain/shared.cc index 50f90bfb314..30e76c349ca 100644 --- a/src/libmain/shared.cc +++ b/src/libmain/shared.cc @@ -315,20 +315,6 @@ void printVersion(const std::string & programName) throw Exit(); } - -void showManPage(const std::string & name) -{ - restoreProcessContext(); - setEnv("MANPATH", settings.nixManDir.c_str()); - execlp("man", "man", name.c_str(), nullptr); - if (errno == ENOENT) { - // Not SysError because we don't want to suffix the errno, aka No such file or directory. - throw Error("The '%1%' command was not found, but it is needed for '%2%' and some other '%3%' commands' help text. Perhaps you could install the '%1%' command?", "man", name.c_str(), "nix-*"); - } - throw SysError("command 'man %1%' failed", name.c_str()); -} - - int handleExceptions(const std::string & programName, std::function fun) { ReceiveInterrupts receiveInterrupts; // FIXME: need better place for this diff --git a/src/libmain/shared.hh b/src/libmain/shared.hh index 712b404d3e1..a6a18ceb068 100644 --- a/src/libmain/shared.hh +++ b/src/libmain/shared.hh @@ -70,11 +70,6 @@ struct LegacyArgs : public MixCommonArgs, public RootArgs }; -/** - * Show the manual page for the specified program. - */ -void showManPage(const std::string & name); - /** * The constructor of this class starts a pager if standard output is a * terminal and $PAGER is set. Standard output is redirected to the diff --git a/src/libstore/globals.cc b/src/libstore/globals.cc index b64e73c265b..e908fc81f17 100644 --- a/src/libstore/globals.cc +++ b/src/libstore/globals.cc @@ -65,7 +65,6 @@ Settings::Settings() , nixStateDir(canonPath(getEnvNonEmpty("NIX_STATE_DIR").value_or(NIX_STATE_DIR))) , nixConfDir(canonPath(getEnvNonEmpty("NIX_CONF_DIR").value_or(NIX_CONF_DIR))) , nixUserConfFiles(getUserConfigFiles()) - , nixManDir(canonPath(NIX_MAN_DIR)) , nixDaemonSocketFile(canonPath(getEnvNonEmpty("NIX_DAEMON_SOCKET_PATH").value_or(nixStateDir + DEFAULT_SOCKET_PATH))) { #ifndef _WIN32 diff --git a/src/libstore/globals.hh b/src/libstore/globals.hh index ff3df46ba9e..6b9a87ce36e 100644 --- a/src/libstore/globals.hh +++ b/src/libstore/globals.hh @@ -84,11 +84,6 @@ public: */ std::vector nixUserConfFiles; - /** - * The directory where the man pages are stored. - */ - Path nixManDir; - /** * File name of the socket the daemon listens to. */ diff --git a/src/nix-build/nix-build.cc b/src/nix-build/nix-build.cc index de01e1afcde..5410f0cab96 100644 --- a/src/nix-build/nix-build.cc +++ b/src/nix-build/nix-build.cc @@ -27,6 +27,7 @@ #include "users.hh" #include "network-proxy.hh" #include "compatibility-settings.hh" +#include "man-pages.hh" using namespace nix; using namespace std::string_literals; diff --git a/src/nix-channel/nix-channel.cc b/src/nix-channel/nix-channel.cc index 56d1d7abb77..ee61db99488 100644 --- a/src/nix-channel/nix-channel.cc +++ b/src/nix-channel/nix-channel.cc @@ -8,6 +8,7 @@ #include "users.hh" #include "tarball.hh" #include "self-exe.hh" +#include "man-pages.hh" #include #include diff --git a/src/nix-collect-garbage/nix-collect-garbage.cc b/src/nix-collect-garbage/nix-collect-garbage.cc index 20d5161df09..a060a01fd15 100644 --- a/src/nix-collect-garbage/nix-collect-garbage.cc +++ b/src/nix-collect-garbage/nix-collect-garbage.cc @@ -7,6 +7,7 @@ #include "shared.hh" #include "globals.hh" #include "legacy.hh" +#include "man-pages.hh" #include #include diff --git a/src/nix-copy-closure/nix-copy-closure.cc b/src/nix-copy-closure/nix-copy-closure.cc index b64af758fcb..15bff0a0ad5 100644 --- a/src/nix-copy-closure/nix-copy-closure.cc +++ b/src/nix-copy-closure/nix-copy-closure.cc @@ -2,6 +2,7 @@ #include "realisation.hh" #include "store-api.hh" #include "legacy.hh" +#include "man-pages.hh" using namespace nix; diff --git a/src/nix-env/nix-env.cc b/src/nix-env/nix-env.cc index c99c1088ebb..aa1edb4c8e3 100644 --- a/src/nix-env/nix-env.cc +++ b/src/nix-env/nix-env.cc @@ -17,6 +17,7 @@ #include "legacy.hh" #include "eval-settings.hh" // for defexpr #include "terminal.hh" +#include "man-pages.hh" #include #include diff --git a/src/nix-instantiate/nix-instantiate.cc b/src/nix-instantiate/nix-instantiate.cc index 09d35483205..0cf926369e5 100644 --- a/src/nix-instantiate/nix-instantiate.cc +++ b/src/nix-instantiate/nix-instantiate.cc @@ -12,6 +12,7 @@ #include "local-fs-store.hh" #include "common-eval-args.hh" #include "legacy.hh" +#include "man-pages.hh" #include #include diff --git a/src/nix-store/nix-store.cc b/src/nix-store/nix-store.cc index 99bb2c72601..3fb69a29d5e 100644 --- a/src/nix-store/nix-store.cc +++ b/src/nix-store/nix-store.cc @@ -12,6 +12,7 @@ #include "legacy.hh" #include "posix-source-accessor.hh" #include "path-with-outputs.hh" +#include "man-pages.hh" #ifndef _WIN32 // TODO implement on Windows or provide allowed-to-noop interface # include "local-store.hh" diff --git a/src/nix/hash.cc b/src/nix/hash.cc index eac421d1260..91bba47f42b 100644 --- a/src/nix/hash.cc +++ b/src/nix/hash.cc @@ -8,6 +8,7 @@ #include "git.hh" #include "posix-source-accessor.hh" #include "misc-store-flags.hh" +#include "man-pages.hh" using namespace nix; diff --git a/src/nix/man-pages.cc b/src/nix/man-pages.cc new file mode 100644 index 00000000000..a98a771cca1 --- /dev/null +++ b/src/nix/man-pages.cc @@ -0,0 +1,29 @@ +#include "man-pages.hh" +#include "file-system.hh" +#include "current-process.hh" +#include "environment-variables.hh" + +namespace nix { + +std::filesystem::path getNixManDir() +{ + return canonPath(NIX_MAN_DIR); +} + +void showManPage(const std::string & name) +{ + restoreProcessContext(); + setEnv("MANPATH", getNixManDir().c_str()); + execlp("man", "man", name.c_str(), nullptr); + if (errno == ENOENT) { + // Not SysError because we don't want to suffix the errno, aka No such file or directory. + throw Error( + "The '%1%' command was not found, but it is needed for '%2%' and some other '%3%' commands' help text. Perhaps you could install the '%1%' command?", + "man", + name.c_str(), + "nix-*"); + } + throw SysError("command 'man %1%' failed", name.c_str()); +} + +} diff --git a/src/nix/man-pages.hh b/src/nix/man-pages.hh new file mode 100644 index 00000000000..9ba035af816 --- /dev/null +++ b/src/nix/man-pages.hh @@ -0,0 +1,28 @@ +#pragma once +///@file + +#include +#include + +namespace nix { + +/** + * @brief Get path to the nix manual dir. + * + * Nix relies on the man pages being available at a NIX_MAN_DIR for + * displaying help messaged for legacy cli. + * + * NIX_MAN_DIR is a compile-time parameter, so man pages are unlikely to work + * for cases when the nix executable is installed out-of-store or as a static binary. + * + */ +std::filesystem::path getNixManDir(); + +/** + * Show the manual page for the specified program. + * + * @param name Name of the man item. + */ +void showManPage(const std::string & name); + +} diff --git a/src/nix/meson.build b/src/nix/meson.build index 2698cc873da..e8d74080385 100644 --- a/src/nix/meson.build +++ b/src/nix/meson.build @@ -90,6 +90,7 @@ nix_sources = [config_h] + files( 'ls.cc', 'main.cc', 'make-content-addressed.cc', + 'man-pages.cc', 'nar.cc', 'optimise-store.cc', 'path-from-hash-part.cc', @@ -182,6 +183,16 @@ if host_machine.system() != 'windows' ] endif +fs = import('fs') +prefix = get_option('prefix') + +mandir = get_option('mandir') +mandir = fs.is_absolute(mandir) ? mandir : prefix / mandir + +cpp_args= [ + '-DNIX_MAN_DIR="@0@"'.format(mandir) +] + include_dirs = [include_directories('.')] this_exe = executable( @@ -189,6 +200,7 @@ this_exe = executable( sources, dependencies : deps_private_subproject + deps_private + deps_other, include_directories : include_dirs, + cpp_args : cpp_args, link_args: linker_export_flags, install : true, ) diff --git a/src/nix/prefetch.cc b/src/nix/prefetch.cc index db7d9e4efe6..84c0224e223 100644 --- a/src/nix/prefetch.cc +++ b/src/nix/prefetch.cc @@ -12,6 +12,7 @@ #include "posix-source-accessor.hh" #include "misc-store-flags.hh" #include "terminal.hh" +#include "man-pages.hh" #include diff --git a/src/nix/unix/daemon.cc b/src/nix/unix/daemon.cc index 746963a0103..b4c7c10edb1 100644 --- a/src/nix/unix/daemon.cc +++ b/src/nix/unix/daemon.cc @@ -15,6 +15,7 @@ #include "finally.hh" #include "legacy.hh" #include "daemon.hh" +#include "man-pages.hh" #include #include From a004c84e85fa03137afeb08d8f93a6c0df7ed6bf Mon Sep 17 00:00:00 2001 From: Sergei Zimmerman <145775305+xokdvium@users.noreply.github.com> Date: Tue, 18 Feb 2025 13:01:39 +0300 Subject: [PATCH 156/815] Don't override default man search paths By appending a colon to MANPATH NIX_MAN_DIR gets prepended to the final MANPATH before default search paths. This makes man still consider default search paths, but prefers NIX_MAN_DIR (if it exists). It still makes sense to point NIX_MAN_DIR to a correct location by moving man pages build from nix-manual.man to nix-cli.man, but this should fix most common use-cases where nix is installed globally. (cherry picked from commit 95f16a3275a3d23afe4f311cb793d7a5d47222e1) --- src/nix/man-pages.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/nix/man-pages.cc b/src/nix/man-pages.cc index a98a771cca1..e9e89bb62a7 100644 --- a/src/nix/man-pages.cc +++ b/src/nix/man-pages.cc @@ -13,7 +13,7 @@ std::filesystem::path getNixManDir() void showManPage(const std::string & name) { restoreProcessContext(); - setEnv("MANPATH", getNixManDir().c_str()); + setEnv("MANPATH", (getNixManDir().string() + ":").c_str()); execlp("man", "man", name.c_str(), nullptr); if (errno == ENOENT) { // Not SysError because we don't want to suffix the errno, aka No such file or directory. From f02a7b880e32015dd165975a4c6c87beab2ee077 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Tue, 18 Feb 2025 11:56:19 +0100 Subject: [PATCH 157/815] startDaemon(): Detect if the daemon crashes before creating the socket This avoids timeouts like those seen in https://github.com/NixOS/nix/actions/runs/13376958708/job/37358120348?pr=6962. (cherry picked from commit 11c42cb2e1b5bb44719e40d9c17750fb8a99d750) --- tests/functional/common/functions.sh | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/tests/functional/common/functions.sh b/tests/functional/common/functions.sh index bf3dd2ca861..1b2ec8fe0e8 100644 --- a/tests/functional/common/functions.sh +++ b/tests/functional/common/functions.sh @@ -67,7 +67,7 @@ startDaemon() { die "startDaemon: not supported when testing on NixOS. Is it really needed? If so add conditionals; e.g. if ! isTestOnNixOS; then ..." fi - # Don’t start the daemon twice, as this would just make it loop indefinitely + # Don't start the daemon twice, as this would just make it loop indefinitely. if [[ "${_NIX_TEST_DAEMON_PID-}" != '' ]]; then return fi @@ -76,15 +76,19 @@ startDaemon() { PATH=$DAEMON_PATH nix --extra-experimental-features 'nix-command' daemon & _NIX_TEST_DAEMON_PID=$! export _NIX_TEST_DAEMON_PID - for ((i = 0; i < 300; i++)); do + for ((i = 0; i < 60; i++)); do if [[ -S $NIX_DAEMON_SOCKET_PATH ]]; then DAEMON_STARTED=1 break; fi + if ! kill -0 "$_NIX_TEST_DAEMON_PID"; then + echo "daemon died unexpectedly" >&2 + exit 1 + fi sleep 0.1 done if [[ -z ${DAEMON_STARTED+x} ]]; then - fail "Didn’t manage to start the daemon" + fail "Didn't manage to start the daemon" fi trap "killDaemon" EXIT # Save for if daemon is killed @@ -97,7 +101,7 @@ killDaemon() { die "killDaemon: not supported when testing on NixOS. Is it really needed? If so add conditionals; e.g. if ! isTestOnNixOS; then ..." fi - # Don’t fail trying to stop a non-existant daemon twice + # Don't fail trying to stop a non-existant daemon twice. if [[ "${_NIX_TEST_DAEMON_PID-}" == '' ]]; then return fi @@ -219,7 +223,7 @@ assertStderr() { needLocalStore() { if [[ "$NIX_REMOTE" == "daemon" ]]; then - skipTest "Can’t run through the daemon ($1)" + skipTest "Can't run through the daemon ($1)" fi } From cc3ad9bd3af7da510a1c41eabf6f761c713143fd Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Mon, 17 Feb 2025 17:17:37 +0100 Subject: [PATCH 158/815] Support libgit2 1.9.0 For when the overlay is used with nixos-unstable. 1.9.0 has our patches. (cherry picked from commit b0bbb1252a8ae8d925e2cb45d1c778b9c00587e2) --- packaging/dependencies.nix | 51 ++++++++++++++++++++------------------ 1 file changed, 27 insertions(+), 24 deletions(-) diff --git a/packaging/dependencies.nix b/packaging/dependencies.nix index afbc31fc6df..b23c9cbcd1a 100644 --- a/packaging/dependencies.nix +++ b/packaging/dependencies.nix @@ -138,7 +138,8 @@ let enableParallelBuilding = true; }; in -scope: { +scope: +{ inherit stdenv; aws-sdk-cpp = @@ -174,6 +175,31 @@ scope: { installPhase = lib.replaceStrings [ "--without-python" ] [ "" ] old.installPhase; }); + inherit resolvePath filesetToSource; + + mkMesonDerivation = mkPackageBuilder [ + miscGoodPractice + localSourceLayer + mesonLayer + ]; + mkMesonExecutable = mkPackageBuilder [ + miscGoodPractice + bsdNoLinkAsNeeded + localSourceLayer + mesonLayer + mesonBuildLayer + ]; + mkMesonLibrary = mkPackageBuilder [ + miscGoodPractice + bsdNoLinkAsNeeded + localSourceLayer + mesonLayer + mesonBuildLayer + mesonLibraryLayer + ]; +} +# libgit2: Nixpkgs 24.11 has < 1.9.0 +// lib.optionalAttrs (!lib.versionAtLeast pkgs.libgit2.version "1.9.0") { libgit2 = pkgs.libgit2.overrideAttrs (attrs: { cmakeFlags = attrs.cmakeFlags or [ ] ++ [ "-DUSE_SSH=exec" ]; nativeBuildInputs = @@ -203,27 +229,4 @@ scope: { ./patches/libgit2-packbuilder-callback-interruptible.patch ]; }); - - inherit resolvePath filesetToSource; - - mkMesonDerivation = mkPackageBuilder [ - miscGoodPractice - localSourceLayer - mesonLayer - ]; - mkMesonExecutable = mkPackageBuilder [ - miscGoodPractice - bsdNoLinkAsNeeded - localSourceLayer - mesonLayer - mesonBuildLayer - ]; - mkMesonLibrary = mkPackageBuilder [ - miscGoodPractice - bsdNoLinkAsNeeded - localSourceLayer - mesonLayer - mesonBuildLayer - mesonLibraryLayer - ]; } From 6c61d0ab8ccd47d52859de7af89c5abb6901a63c Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Tue, 18 Feb 2025 23:52:26 +0100 Subject: [PATCH 159/815] Formatting --- flake.nix | 55 ++++++------- packaging/hydra.nix | 184 ++++++++++++++++++++++---------------------- 2 files changed, 120 insertions(+), 119 deletions(-) diff --git a/flake.nix b/flake.nix index 74b0a9809eb..29111b45382 100644 --- a/flake.nix +++ b/flake.nix @@ -34,7 +34,9 @@ officialRelease = true; - linux32BitSystems = [ /* "i686-linux" */ ]; + linux32BitSystems = [ + # "i686-linux" + ]; linux64BitSystems = [ "x86_64-linux" "aarch64-linux" @@ -345,7 +347,7 @@ # These attributes go right into `packages.`. "${pkgName}" = nixpkgsFor.${system}.native.nixComponents.${pkgName}; #"${pkgName}-static" = nixpkgsFor.${system}.static.nixComponents.${pkgName}; - "${pkgName}-llvm" = nixpkgsFor.${system}.llvm.nixComponents.${pkgName}; + #"${pkgName}-llvm" = nixpkgsFor.${system}.llvm.nixComponents.${pkgName}; } // lib.optionalAttrs supportsCross ( flatMapAttrs (lib.genAttrs crossSystems (_: { })) ( @@ -402,35 +404,34 @@ } ) ) - // lib.optionalAttrs (!nixpkgsFor.${system}.native.stdenv.isDarwin) ( - /* - prefixAttrs "static" ( - forAllStdenvs ( - stdenvName: - makeShell { - pkgs = nixpkgsFor.${system}.stdenvs."${stdenvName}Packages".pkgsStatic; - } + /* + // lib.optionalAttrs (!nixpkgsFor.${system}.native.stdenv.isDarwin) ( + prefixAttrs "static" ( + forAllStdenvs ( + stdenvName: + makeShell { + pkgs = nixpkgsFor.${system}.stdenvs."${stdenvName}Packages".pkgsStatic; + } + ) ) - ) - // - */ - prefixAttrs "llvm" ( - forAllStdenvs ( - stdenvName: - makeShell { - pkgs = nixpkgsFor.${system}.stdenvs."${stdenvName}Packages".pkgsLLVM; - } + // prefixAttrs "llvm" ( + forAllStdenvs ( + stdenvName: + makeShell { + pkgs = nixpkgsFor.${system}.stdenvs."${stdenvName}Packages".pkgsLLVM; + } + ) ) - ) - // prefixAttrs "cross" ( - forAllCrossSystems ( - crossSystem: - makeShell { - pkgs = nixpkgsFor.${system}.cross.${crossSystem}; - } + // prefixAttrs "cross" ( + forAllCrossSystems ( + crossSystem: + makeShell { + pkgs = nixpkgsFor.${system}.cross.${crossSystem}; + } + ) ) ) - ) + */ // { default = self.devShells.${system}.native-stdenvPackages; } diff --git a/packaging/hydra.nix b/packaging/hydra.nix index be1b69668ee..debd98cf2aa 100644 --- a/packaging/hydra.nix +++ b/packaging/hydra.nix @@ -66,62 +66,62 @@ in )) [ "i686-linux" ]; /* - buildStatic = forAllPackages ( - pkgName: - lib.genAttrs linux64BitSystems (system: nixpkgsFor.${system}.static.nixComponents.${pkgName}) - ); + buildStatic = forAllPackages ( + pkgName: + lib.genAttrs linux64BitSystems (system: nixpkgsFor.${system}.static.nixComponents.${pkgName}) + ); - buildCross = forAllPackages ( - pkgName: - # Hack to avoid non-evaling package - ( - if pkgName == "nix-functional-tests" then - lib.flip builtins.removeAttrs [ "x86_64-w64-mingw32" ] - else - lib.id - ) + buildCross = forAllPackages ( + pkgName: + # Hack to avoid non-evaling package ( - forAllCrossSystems ( - crossSystem: - lib.genAttrs [ "x86_64-linux" ] ( - system: nixpkgsFor.${system}.cross.${crossSystem}.nixComponents.${pkgName} + if pkgName == "nix-functional-tests" then + lib.flip builtins.removeAttrs [ "x86_64-w64-mingw32" ] + else + lib.id + ) + ( + forAllCrossSystems ( + crossSystem: + lib.genAttrs [ "x86_64-linux" ] ( + system: nixpkgsFor.${system}.cross.${crossSystem}.nixComponents.${pkgName} + ) ) ) - ) - ); + ); - buildNoGc = - let - components = forAllSystems ( - system: - nixpkgsFor.${system}.native.nixComponents.overrideScope ( - self: super: { - nix-expr = super.nix-expr.override { enableGC = false; }; - } - ) - ); - in - forAllPackages (pkgName: forAllSystems (system: components.${system}.${pkgName})); + buildNoGc = + let + components = forAllSystems ( + system: + nixpkgsFor.${system}.native.nixComponents.overrideScope ( + self: super: { + nix-expr = super.nix-expr.override { enableGC = false; }; + } + ) + ); + in + forAllPackages (pkgName: forAllSystems (system: components.${system}.${pkgName})); - buildNoTests = forAllSystems (system: nixpkgsFor.${system}.native.nixComponents.nix-cli); + buildNoTests = forAllSystems (system: nixpkgsFor.${system}.native.nixComponents.nix-cli); - # Toggles some settings for better coverage. Windows needs these - # library combinations, and Debian build Nix with GNU readline too. - buildReadlineNoMarkdown = - let - components = forAllSystems ( - system: - nixpkgsFor.${system}.native.nixComponents.overrideScope ( - self: super: { - nix-cmd = super.nix-cmd.override { - enableMarkdown = false; - readlineFlavor = "readline"; - }; - } - ) - ); - in - forAllPackages (pkgName: forAllSystems (system: components.${system}.${pkgName})); + # Toggles some settings for better coverage. Windows needs these + # library combinations, and Debian build Nix with GNU readline too. + buildReadlineNoMarkdown = + let + components = forAllSystems ( + system: + nixpkgsFor.${system}.native.nixComponents.overrideScope ( + self: super: { + nix-cmd = super.nix-cmd.override { + enableMarkdown = false; + readlineFlavor = "readline"; + }; + } + ) + ); + in + forAllPackages (pkgName: forAllSystems (system: components.${system}.${pkgName})); */ # Perl bindings for various platforms. @@ -135,31 +135,31 @@ in ); /* - binaryTarballCross = lib.genAttrs [ "x86_64-linux" ] ( - system: - forAllCrossSystems ( - crossSystem: - binaryTarball nixpkgsFor.${system}.cross.${crossSystem}.nix - nixpkgsFor.${system}.cross.${crossSystem} - ) - ); + binaryTarballCross = lib.genAttrs [ "x86_64-linux" ] ( + system: + forAllCrossSystems ( + crossSystem: + binaryTarball nixpkgsFor.${system}.cross.${crossSystem}.nix + nixpkgsFor.${system}.cross.${crossSystem} + ) + ); - # The first half of the installation script. This is uploaded - # to https://nixos.org/nix/install. It downloads the binary - # tarball for the user's system and calls the second half of the - # installation script. - installerScript = installScriptFor [ - # Native - self.hydraJobs.binaryTarball."x86_64-linux" - self.hydraJobs.binaryTarball."i686-linux" - self.hydraJobs.binaryTarball."aarch64-linux" - self.hydraJobs.binaryTarball."x86_64-darwin" - self.hydraJobs.binaryTarball."aarch64-darwin" - # Cross - self.hydraJobs.binaryTarballCross."x86_64-linux"."armv6l-unknown-linux-gnueabihf" - self.hydraJobs.binaryTarballCross."x86_64-linux"."armv7l-unknown-linux-gnueabihf" - self.hydraJobs.binaryTarballCross."x86_64-linux"."riscv64-unknown-linux-gnu" - ]; + # The first half of the installation script. This is uploaded + # to https://nixos.org/nix/install. It downloads the binary + # tarball for the user's system and calls the second half of the + # installation script. + installerScript = installScriptFor [ + # Native + self.hydraJobs.binaryTarball."x86_64-linux" + self.hydraJobs.binaryTarball."i686-linux" + self.hydraJobs.binaryTarball."aarch64-linux" + self.hydraJobs.binaryTarball."x86_64-darwin" + self.hydraJobs.binaryTarball."aarch64-darwin" + # Cross + self.hydraJobs.binaryTarballCross."x86_64-linux"."armv6l-unknown-linux-gnueabihf" + self.hydraJobs.binaryTarballCross."x86_64-linux"."armv7l-unknown-linux-gnueabihf" + self.hydraJobs.binaryTarballCross."x86_64-linux"."riscv64-unknown-linux-gnu" + ]; */ installerScriptForGHA = forAllSystems ( @@ -232,25 +232,25 @@ in }; /* - installTests = forAllSystems ( - system: - let - pkgs = nixpkgsFor.${system}.native; - in - pkgs.runCommand "install-tests" { - againstSelf = testNixVersions pkgs pkgs.nix; - againstCurrentLatest = - # FIXME: temporarily disable this on macOS because of #3605. - if system == "x86_64-linux" then testNixVersions pkgs pkgs.nixVersions.latest else null; - # Disabled because the latest stable version doesn't handle - # `NIX_DAEMON_SOCKET_PATH` which is required for the tests to work - # againstLatestStable = testNixVersions pkgs pkgs.nixStable; - } "touch $out" - ); + installTests = forAllSystems ( + system: + let + pkgs = nixpkgsFor.${system}.native; + in + pkgs.runCommand "install-tests" { + againstSelf = testNixVersions pkgs pkgs.nix; + againstCurrentLatest = + # FIXME: temporarily disable this on macOS because of #3605. + if system == "x86_64-linux" then testNixVersions pkgs pkgs.nixVersions.latest else null; + # Disabled because the latest stable version doesn't handle + # `NIX_DAEMON_SOCKET_PATH` which is required for the tests to work + # againstLatestStable = testNixVersions pkgs pkgs.nixStable; + } "touch $out" + ); - installerTests = import ../tests/installer { - binaryTarballs = self.hydraJobs.binaryTarball; - inherit nixpkgsFor; - }; + installerTests = import ../tests/installer { + binaryTarballs = self.hydraJobs.binaryTarball; + inherit nixpkgsFor; + }; */ } From ed4aeb48750d63ec97518a14deda377b043082fd Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 19 Feb 2025 00:24:42 +0100 Subject: [PATCH 160/815] Fix hydraJobs.tests.functional_user --- tests/functional/common/init.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/functional/common/init.sh b/tests/functional/common/init.sh index 63f732d6a17..6e9bffec56d 100755 --- a/tests/functional/common/init.sh +++ b/tests/functional/common/init.sh @@ -12,6 +12,7 @@ if isTestOnNixOS; then ! test -e "$test_nix_conf" cat > "$test_nix_conf" < Date: Wed, 19 Feb 2025 00:25:04 +0100 Subject: [PATCH 161/815] Fix flake-regression dependency --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index ad1ee531705..86a673b37f4 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -75,7 +75,7 @@ jobs: ; flake_regressions: - needs: vm_tests + needs: build_x86_64-linux runs-on: UbuntuLatest32Cores128G steps: - name: Checkout nix From eabca75d0ce6de7f4e4bd37037c6f2056375e9e3 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 19 Feb 2025 00:52:32 +0100 Subject: [PATCH 162/815] Test on x86_64-darwin --- .github/workflows/ci.yml | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 86a673b37f4..fa5f934ff57 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -34,6 +34,11 @@ jobs: with: os: UbuntuLatest32Cores128GArm + build_x86_64-darwin: + uses: ./.github/workflows/build.yml + with: + os: macos-13 + build_aarch64-darwin: uses: ./.github/workflows/build.yml with: @@ -51,6 +56,12 @@ jobs: with: os: UbuntuLatest32Cores128GArm + test_x86_64-darwin: + uses: ./.github/workflows/test.yml + needs: build_aarch64-darwin + with: + os: macos-13 + test_aarch64-darwin: uses: ./.github/workflows/test.yml needs: build_aarch64-darwin From 21998464b7986f50bc20aa4a8ca3ab416b10d536 Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Tue, 18 Feb 2025 11:22:00 +0100 Subject: [PATCH 163/815] Restore detailed Nix CLI version ... as intended. Requirements: - don't build fresh libraries for each git commit - have git commit in the CLI Bug: - echo ${version} went into the wrong file => use the fact that it's a symlink, not just for reading but also for writing. (cherry picked from commit bba4e6b061f53cbc77d47408468f9bc0f534281b) --- src/libstore/globals.cc | 2 +- src/libstore/globals.hh | 10 +++++++++- src/nix/main.cc | 3 +++ src/nix/meson.build | 3 +++ src/nix/package.nix | 6 +++--- 5 files changed, 19 insertions(+), 5 deletions(-) diff --git a/src/libstore/globals.cc b/src/libstore/globals.cc index e908fc81f17..d7c000dfab7 100644 --- a/src/libstore/globals.cc +++ b/src/libstore/globals.cc @@ -242,7 +242,7 @@ Path Settings::getDefaultSSLCertFile() return ""; } -const std::string nixVersion = PACKAGE_VERSION; +std::string nixVersion = PACKAGE_VERSION; NLOHMANN_JSON_SERIALIZE_ENUM(SandboxMode, { {SandboxMode::smEnabled, true}, diff --git a/src/libstore/globals.hh b/src/libstore/globals.hh index 6b9a87ce36e..1682d572c81 100644 --- a/src/libstore/globals.hh +++ b/src/libstore/globals.hh @@ -1248,7 +1248,15 @@ void loadConfFile(AbstractConfig & config); // Used by the Settings constructor std::vector getUserConfigFiles(); -extern const std::string nixVersion; +/** + * The version of Nix itself. + * + * This is not `const`, so that the Nix CLI can provide a more detailed version + * number including the git revision, without having to "re-compile" the entire + * set of Nix libraries to include that version, even when those libraries are + * not affected by the change. + */ +extern std::string nixVersion; /** * @param loadConfig Whether to load configuration from `nix.conf`, `NIX_CONFIG`, etc. May be disabled for unit tests. diff --git a/src/nix/main.cc b/src/nix/main.cc index b0e26e093f1..3db17ef6932 100644 --- a/src/nix/main.cc +++ b/src/nix/main.cc @@ -557,6 +557,9 @@ void mainWrapped(int argc, char * * argv) int main(int argc, char * * argv) { + // The CLI has a more detailed version than the libraries; see nixVersion. + nix::nixVersion = NIX_CLI_VERSION; + // Increase the default stack size for the evaluator and for // libstdc++'s std::regex. nix::setStackSize(64 * 1024 * 1024); diff --git a/src/nix/meson.build b/src/nix/meson.build index e8d74080385..1ad3d5b5a8c 100644 --- a/src/nix/meson.build +++ b/src/nix/meson.build @@ -35,6 +35,9 @@ subdir('nix-meson-build-support/windows-version') configdata = configuration_data() +# The CLI has a more detailed version string than the libraries; see `nixVersion` +configdata.set_quoted('NIX_CLI_VERSION', meson.project_version()) + fs = import('fs') bindir = get_option('bindir') diff --git a/src/nix/package.nix b/src/nix/package.nix index 6e59adc3800..bb90be1eff2 100644 --- a/src/nix/package.nix +++ b/src/nix/package.nix @@ -92,11 +92,11 @@ mkMesonExecutable (finalAttrs: { ]; preConfigure = - # "Inline" .version so it's not a symlink, and includes the suffix. - # Do the meson utils, without modification. + # Update the repo-global .version file. + # Symlink ./.version points there, but by default only workDir is writable. '' chmod u+w ./.version - echo ${version} > ../../../.version + echo ${version} > ./.version ''; mesonFlags = [ From b175e5bb6dcd945316cbab531a0d97574ad3f0b1 Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Tue, 18 Feb 2025 11:41:35 +0100 Subject: [PATCH 164/815] Write just ./.version on all components This way it's easier to get right. See previous commit. (cherry picked from commit 3556f6bf4cd6aa7ffea760c03b8e91ddbe3fcde8) --- packaging/dependencies.nix | 15 +++++++++++++++ src/libcmd/package.nix | 8 -------- src/libexpr-c/package.nix | 8 -------- src/libexpr-test-support/package.nix | 8 -------- src/libexpr-tests/package.nix | 8 -------- src/libexpr/package.nix | 8 -------- src/libfetchers-tests/package.nix | 8 -------- src/libfetchers/package.nix | 8 -------- src/libflake-c/package.nix | 8 -------- src/libflake-tests/package.nix | 8 -------- src/libflake/package.nix | 8 -------- src/libmain-c/package.nix | 8 -------- src/libmain/package.nix | 8 -------- src/libstore-c/package.nix | 8 -------- src/libstore-test-support/package.nix | 8 -------- src/libstore-tests/package.nix | 8 -------- src/libstore/package.nix | 8 -------- src/libutil-c/package.nix | 8 -------- src/libutil-test-support/package.nix | 8 -------- src/libutil-tests/package.nix | 8 -------- src/libutil/package.nix | 11 ----------- src/nix/package.nix | 8 -------- tests/functional/package.nix | 8 +------- 23 files changed, 16 insertions(+), 178 deletions(-) diff --git a/packaging/dependencies.nix b/packaging/dependencies.nix index b23c9cbcd1a..20992555c17 100644 --- a/packaging/dependencies.nix +++ b/packaging/dependencies.nix @@ -42,6 +42,18 @@ let mkPackageBuilder = exts: userFn: stdenv.mkDerivation (lib.extends (lib.composeManyExtensions exts) userFn); + setVersionLayer = finalAttrs: prevAttrs: { + preConfigure = + prevAttrs.prevAttrs or "" + + + # Update the repo-global .version file. + # Symlink ./.version points there, but by default only workDir is writable. + '' + chmod u+w ./.version + echo ${finalAttrs.version} > ./.version + ''; + }; + localSourceLayer = finalAttrs: prevAttrs: let @@ -180,12 +192,14 @@ scope: mkMesonDerivation = mkPackageBuilder [ miscGoodPractice localSourceLayer + setVersionLayer mesonLayer ]; mkMesonExecutable = mkPackageBuilder [ miscGoodPractice bsdNoLinkAsNeeded localSourceLayer + setVersionLayer mesonLayer mesonBuildLayer ]; @@ -194,6 +208,7 @@ scope: bsdNoLinkAsNeeded localSourceLayer mesonLayer + setVersionLayer mesonBuildLayer mesonLibraryLayer ]; diff --git a/src/libcmd/package.nix b/src/libcmd/package.nix index d155d9f1e62..d459d1c20fb 100644 --- a/src/libcmd/package.nix +++ b/src/libcmd/package.nix @@ -64,14 +64,6 @@ mkMesonLibrary (finalAttrs: { nlohmann_json ]; - preConfigure = - # "Inline" .version so it's not a symlink, and includes the suffix. - # Do the meson utils, without modification. - '' - chmod u+w ./.version - echo ${version} > ../../.version - ''; - mesonFlags = [ (lib.mesonEnable "markdown" enableMarkdown) (lib.mesonOption "readline-flavor" readlineFlavor) diff --git a/src/libexpr-c/package.nix b/src/libexpr-c/package.nix index ad1ea371c2d..694fbc1fe78 100644 --- a/src/libexpr-c/package.nix +++ b/src/libexpr-c/package.nix @@ -36,14 +36,6 @@ mkMesonLibrary (finalAttrs: { nix-expr ]; - preConfigure = - # "Inline" .version so it's not a symlink, and includes the suffix. - # Do the meson utils, without modification. - '' - chmod u+w ./.version - echo ${version} > ../../.version - ''; - mesonFlags = [ ]; diff --git a/src/libexpr-test-support/package.nix b/src/libexpr-test-support/package.nix index 5628d606a45..44b0ff38631 100644 --- a/src/libexpr-test-support/package.nix +++ b/src/libexpr-test-support/package.nix @@ -40,14 +40,6 @@ mkMesonLibrary (finalAttrs: { rapidcheck ]; - preConfigure = - # "Inline" .version so it's not a symlink, and includes the suffix. - # Do the meson utils, without modification. - '' - chmod u+w ./.version - echo ${version} > ../../.version - ''; - mesonFlags = [ ]; diff --git a/src/libexpr-tests/package.nix b/src/libexpr-tests/package.nix index bb5acb7c873..51d52e935bf 100644 --- a/src/libexpr-tests/package.nix +++ b/src/libexpr-tests/package.nix @@ -46,14 +46,6 @@ mkMesonExecutable (finalAttrs: { gtest ]; - preConfigure = - # "Inline" .version so it's not a symlink, and includes the suffix. - # Do the meson utils, without modification. - '' - chmod u+w ./.version - echo ${version} > ../../.version - ''; - mesonFlags = [ ]; diff --git a/src/libexpr/package.nix b/src/libexpr/package.nix index afd01c3846e..533dae9f253 100644 --- a/src/libexpr/package.nix +++ b/src/libexpr/package.nix @@ -77,14 +77,6 @@ mkMesonLibrary (finalAttrs: { nlohmann_json ] ++ lib.optional enableGC boehmgc; - preConfigure = - # "Inline" .version so it's not a symlink, and includes the suffix. - # Do the meson utils, without modification. - '' - chmod u+w ./.version - echo ${version} > ../../.version - ''; - mesonFlags = [ (lib.mesonEnable "gc" enableGC) ]; diff --git a/src/libfetchers-tests/package.nix b/src/libfetchers-tests/package.nix index f2680e9b3c1..1e379fc5ade 100644 --- a/src/libfetchers-tests/package.nix +++ b/src/libfetchers-tests/package.nix @@ -44,14 +44,6 @@ mkMesonExecutable (finalAttrs: { gtest ]; - preConfigure = - # "Inline" .version so it's not a symlink, and includes the suffix. - # Do the meson utils, without modification. - '' - chmod u+w ./.version - echo ${version} > ../../.version - ''; - mesonFlags = [ ]; diff --git a/src/libfetchers/package.nix b/src/libfetchers/package.nix index b0aecd04979..3f52e987800 100644 --- a/src/libfetchers/package.nix +++ b/src/libfetchers/package.nix @@ -41,14 +41,6 @@ mkMesonLibrary (finalAttrs: { nlohmann_json ]; - preConfigure = - # "Inline" .version so it's not a symlink, and includes the suffix. - # Do the meson utils, without modification. - '' - chmod u+w ./.version - echo ${version} > ../../.version - ''; - meta = { platforms = lib.platforms.unix ++ lib.platforms.windows; }; diff --git a/src/libflake-c/package.nix b/src/libflake-c/package.nix index f0615a42798..1149508523e 100644 --- a/src/libflake-c/package.nix +++ b/src/libflake-c/package.nix @@ -38,14 +38,6 @@ mkMesonLibrary (finalAttrs: { nix-flake ]; - preConfigure = - # "Inline" .version so it's not a symlink, and includes the suffix. - # Do the meson utils, without modification. - '' - chmod u+w ./.version - echo ${version} > ../../.version - ''; - mesonFlags = [ ]; diff --git a/src/libflake-tests/package.nix b/src/libflake-tests/package.nix index f9d9b0bc0c6..714f3791ad9 100644 --- a/src/libflake-tests/package.nix +++ b/src/libflake-tests/package.nix @@ -46,14 +46,6 @@ mkMesonExecutable (finalAttrs: { gtest ]; - preConfigure = - # "Inline" .version so it's not a symlink, and includes the suffix. - # Do the meson utils, without modification. - '' - chmod u+w ./.version - echo ${version} > ../../.version - ''; - mesonFlags = [ ]; diff --git a/src/libflake/package.nix b/src/libflake/package.nix index ebd38e140d3..5240ce5e396 100644 --- a/src/libflake/package.nix +++ b/src/libflake/package.nix @@ -40,14 +40,6 @@ mkMesonLibrary (finalAttrs: { nlohmann_json ]; - preConfigure = - # "Inline" .version so it's not a symlink, and includes the suffix. - # Do the meson utils, without modification. - '' - chmod u+w ./.version - echo ${version} > ../../.version - ''; - meta = { platforms = lib.platforms.unix ++ lib.platforms.windows; }; diff --git a/src/libmain-c/package.nix b/src/libmain-c/package.nix index cf710e03b0d..f019a917d36 100644 --- a/src/libmain-c/package.nix +++ b/src/libmain-c/package.nix @@ -40,14 +40,6 @@ mkMesonLibrary (finalAttrs: { nix-main ]; - preConfigure = - # "Inline" .version so it's not a symlink, and includes the suffix. - # Do the meson utils, without modification. - '' - chmod u+w ./.version - echo ${version} > ../../.version - ''; - mesonFlags = [ ]; diff --git a/src/libmain/package.nix b/src/libmain/package.nix index 046b505dfd4..c03697c48da 100644 --- a/src/libmain/package.nix +++ b/src/libmain/package.nix @@ -37,14 +37,6 @@ mkMesonLibrary (finalAttrs: { openssl ]; - preConfigure = - # "Inline" .version so it's not a symlink, and includes the suffix. - # Do the meson utils, without modification. - '' - chmod u+w ./.version - echo ${version} > ../../.version - ''; - meta = { platforms = lib.platforms.unix ++ lib.platforms.windows; }; diff --git a/src/libstore-c/package.nix b/src/libstore-c/package.nix index 89abeaab870..fde17c78e01 100644 --- a/src/libstore-c/package.nix +++ b/src/libstore-c/package.nix @@ -36,14 +36,6 @@ mkMesonLibrary (finalAttrs: { nix-store ]; - preConfigure = - # "Inline" .version so it's not a symlink, and includes the suffix. - # Do the meson utils, without modification. - '' - chmod u+w ./.version - echo ${version} > ../../.version - ''; - mesonFlags = [ ]; diff --git a/src/libstore-test-support/package.nix b/src/libstore-test-support/package.nix index 7cc29795c19..ccac25ee16a 100644 --- a/src/libstore-test-support/package.nix +++ b/src/libstore-test-support/package.nix @@ -40,14 +40,6 @@ mkMesonLibrary (finalAttrs: { rapidcheck ]; - preConfigure = - # "Inline" .version so it's not a symlink, and includes the suffix. - # Do the meson utils, without modification. - '' - chmod u+w ./.version - echo ${version} > ../../.version - ''; - mesonFlags = [ ]; diff --git a/src/libstore-tests/package.nix b/src/libstore-tests/package.nix index 670386c4a6f..b39ee7fa73c 100644 --- a/src/libstore-tests/package.nix +++ b/src/libstore-tests/package.nix @@ -52,14 +52,6 @@ mkMesonExecutable (finalAttrs: { nix-store-test-support ]; - preConfigure = - # "Inline" .version so it's not a symlink, and includes the suffix. - # Do the meson utils, without modification. - '' - chmod u+w ./.version - echo ${version} > ../../.version - ''; - mesonFlags = [ ]; diff --git a/src/libstore/package.nix b/src/libstore/package.nix index c982b44f0b7..31867d331b9 100644 --- a/src/libstore/package.nix +++ b/src/libstore/package.nix @@ -69,14 +69,6 @@ mkMesonLibrary (finalAttrs: { nlohmann_json ]; - preConfigure = - # "Inline" .version so it's not a symlink, and includes the suffix. - # Do the meson utils, without modification. - '' - chmod u+w ./.version - echo ${version} > ../../.version - ''; - mesonFlags = [ (lib.mesonEnable "seccomp-sandboxing" stdenv.hostPlatform.isLinux) diff --git a/src/libutil-c/package.nix b/src/libutil-c/package.nix index 72f57d6f9c6..f26f57775d4 100644 --- a/src/libutil-c/package.nix +++ b/src/libutil-c/package.nix @@ -34,14 +34,6 @@ mkMesonLibrary (finalAttrs: { nix-util ]; - preConfigure = - # "Inline" .version so it's not a symlink, and includes the suffix. - # Do the meson utils, without modification. - '' - chmod u+w ./.version - echo ${version} > ../../.version - ''; - mesonFlags = [ ]; diff --git a/src/libutil-test-support/package.nix b/src/libutil-test-support/package.nix index 33cd5217def..fafd47c86c5 100644 --- a/src/libutil-test-support/package.nix +++ b/src/libutil-test-support/package.nix @@ -38,14 +38,6 @@ mkMesonLibrary (finalAttrs: { rapidcheck ]; - preConfigure = - # "Inline" .version so it's not a symlink, and includes the suffix. - # Do the meson utils, without modification. - '' - chmod u+w ./.version - echo ${version} > ../../.version - ''; - mesonFlags = [ ]; diff --git a/src/libutil-tests/package.nix b/src/libutil-tests/package.nix index d89c544539e..c06de6894af 100644 --- a/src/libutil-tests/package.nix +++ b/src/libutil-tests/package.nix @@ -45,14 +45,6 @@ mkMesonExecutable (finalAttrs: { gtest ]; - preConfigure = - # "Inline" .version so it's not a symlink, and includes the suffix. - # Do the meson utils, without modification. - '' - chmod u+w ./.version - echo ${version} > ../../.version - ''; - mesonFlags = [ ]; diff --git a/src/libutil/package.nix b/src/libutil/package.nix index 586119a6e5d..47dcb54a26f 100644 --- a/src/libutil/package.nix +++ b/src/libutil/package.nix @@ -52,17 +52,6 @@ mkMesonLibrary (finalAttrs: { nlohmann_json ]; - preConfigure = - # "Inline" .version so it's not a symlink, and includes the suffix. - # Do the meson utils, without modification. - # - # TODO: change release process to add `pre` in `.version`, remove it - # before tagging, and restore after. - '' - chmod u+w ./.version - echo ${version} > ../../.version - ''; - mesonFlags = [ (lib.mesonEnable "cpuid" stdenv.hostPlatform.isx86_64) ]; diff --git a/src/nix/package.nix b/src/nix/package.nix index bb90be1eff2..40a28043785 100644 --- a/src/nix/package.nix +++ b/src/nix/package.nix @@ -91,14 +91,6 @@ mkMesonExecutable (finalAttrs: { nix-cmd ]; - preConfigure = - # Update the repo-global .version file. - # Symlink ./.version points there, but by default only workDir is writable. - '' - chmod u+w ./.version - echo ${version} > ./.version - ''; - mesonFlags = [ ]; diff --git a/tests/functional/package.nix b/tests/functional/package.nix index 74c034196fd..64ffa540a60 100644 --- a/tests/functional/package.nix +++ b/tests/functional/package.nix @@ -75,16 +75,10 @@ mkMesonDerivation ( ]; preConfigure = - # "Inline" .version so it's not a symlink, and includes the suffix. - # Do the meson utils, without modification. - '' - chmod u+w ./.version - echo ${version} > ../../../.version - '' # TEMP hack for Meson before make is gone, where # `src/nix-functional-tests` is during the transition a symlink and # not the actual directory directory. - + '' + '' cd $(readlink -e $PWD) echo $PWD | grep tests/functional ''; From fd062585acde7178d9df9bc3121691eafe3dffa6 Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Tue, 18 Feb 2025 15:55:19 +0100 Subject: [PATCH 165/815] tests: Fix installTests (cherry picked from commit 2b5365bcf73bd7584af79b1c5afc84935a2df536) --- tests/functional/misc.sh | 2 +- tests/functional/package.nix | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/tests/functional/misc.sh b/tests/functional/misc.sh index 7d63756b7f4..cb4d4139f4c 100755 --- a/tests/functional/misc.sh +++ b/tests/functional/misc.sh @@ -11,7 +11,7 @@ source common.sh #nix-hash --help | grepQuiet base32 # Can we ask for the version number? -nix-env --version | grep "$version" +nix-env --version | grep -F "${_NIX_TEST_CLIENT_VERSION:-$version}" nix_env=$(type -P nix-env) (PATH=""; ! $nix_env --help 2>&1 ) | grepQuiet -F "The 'man' command was not found, but it is needed for 'nix-env' and some other 'nix-*' commands' help text. Perhaps you could install the 'man' command?" diff --git a/tests/functional/package.nix b/tests/functional/package.nix index 64ffa540a60..a84ad1791f7 100644 --- a/tests/functional/package.nix +++ b/tests/functional/package.nix @@ -99,6 +99,8 @@ mkMesonDerivation ( } // lib.optionalAttrs (test-daemon != null) { + # TODO rename to _NIX_TEST_DAEMON_PACKAGE NIX_DAEMON_PACKAGE = test-daemon; + _NIX_TEST_CLIENT_VERSION = nix-cli.version; } ) From 540e8cb90809863e32a4fe588e49be388f4a67e4 Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Tue, 18 Feb 2025 12:19:48 +0100 Subject: [PATCH 166/815] packaging: Move layers from dependencies to components This makes it easier to implement batch overriding for the components. (cherry picked from commit cca01407a7e661e589de165d9a873210ce91353f) --- flake.nix | 2 + packaging/components.nix | 160 ++++++++++++++++++++++++++++++++++++- packaging/dependencies.nix | 146 --------------------------------- 3 files changed, 161 insertions(+), 147 deletions(-) diff --git a/flake.nix b/flake.nix index eafb6535302..7158f1ac81b 100644 --- a/flake.nix +++ b/flake.nix @@ -165,6 +165,8 @@ f = import ./packaging/components.nix { inherit (final) lib; inherit officialRelease; + inherit stdenv; + pkgs = final; src = self; }; }; diff --git a/packaging/components.nix b/packaging/components.nix index 07bb209cd4f..5c03408dd82 100644 --- a/packaging/components.nix +++ b/packaging/components.nix @@ -1,13 +1,22 @@ { lib, + pkgs, src, + stdenv, officialRelease, }: scope: let - inherit (scope) callPackage; + inherit (scope) + callPackage + ; + inherit (pkgs.buildPackages) + meson + ninja + pkg-config + ; baseVersion = lib.fileContents ../.version; @@ -20,6 +29,129 @@ let }_${src.shortRev or "dirty"}"; fineVersion = baseVersion + fineVersionSuffix; + + root = ../.; + + # Nixpkgs implements this by returning a subpath into the fetched Nix sources. + resolvePath = p: p; + + # Indirection for Nixpkgs to override when package.nix files are vendored + filesetToSource = lib.fileset.toSource; + + /** + Given a set of layers, create a mkDerivation-like function + */ + mkPackageBuilder = + exts: userFn: stdenv.mkDerivation (lib.extends (lib.composeManyExtensions exts) userFn); + + setVersionLayer = finalAttrs: prevAttrs: { + preConfigure = + prevAttrs.prevAttrs or "" + + + # Update the repo-global .version file. + # Symlink ./.version points there, but by default only workDir is writable. + '' + chmod u+w ./.version + echo ${finalAttrs.version} > ./.version + ''; + }; + + localSourceLayer = + finalAttrs: prevAttrs: + let + workDirPath = + # Ideally we'd pick finalAttrs.workDir, but for now `mkDerivation` has + # the requirement that everything except passthru and meta must be + # serialized by mkDerivation, which doesn't work for this. + prevAttrs.workDir; + + workDirSubpath = lib.path.removePrefix root workDirPath; + sources = + assert prevAttrs.fileset._type == "fileset"; + prevAttrs.fileset; + src = lib.fileset.toSource { + fileset = sources; + inherit root; + }; + + in + { + sourceRoot = "${src.name}/" + workDirSubpath; + inherit src; + + # Clear what `derivation` can't/shouldn't serialize; see prevAttrs.workDir. + fileset = null; + workDir = null; + }; + + mesonLayer = finalAttrs: prevAttrs: { + # NOTE: + # As of https://github.com/NixOS/nixpkgs/blob/8baf8241cea0c7b30e0b8ae73474cb3de83c1a30/pkgs/by-name/me/meson/setup-hook.sh#L26, + # `mesonBuildType` defaults to `plain` if not specified. We want our Nix-built binaries to be optimized by default. + # More on build types here: https://mesonbuild.com/Builtin-options.html#details-for-buildtype. + mesonBuildType = "release"; + # NOTE: + # Users who are debugging Nix builds are expected to set the environment variable `mesonBuildType`, per the + # guidance in https://github.com/NixOS/nix/blob/8a3fc27f1b63a08ac983ee46435a56cf49ebaf4a/doc/manual/source/development/debugging.md?plain=1#L10. + # For this reason, we don't want to refer to `finalAttrs.mesonBuildType` here, but rather use the environment variable. + preConfigure = + prevAttrs.preConfigure or "" + + + lib.optionalString + ( + !stdenv.hostPlatform.isWindows + # build failure + && !stdenv.hostPlatform.isStatic + # LTO breaks exception handling on x86-64-darwin. + && stdenv.system != "x86_64-darwin" + ) + '' + case "$mesonBuildType" in + release|minsize) appendToVar mesonFlags "-Db_lto=true" ;; + *) appendToVar mesonFlags "-Db_lto=false" ;; + esac + ''; + nativeBuildInputs = [ + meson + ninja + ] ++ prevAttrs.nativeBuildInputs or [ ]; + mesonCheckFlags = prevAttrs.mesonCheckFlags or [ ] ++ [ + "--print-errorlogs" + ]; + }; + + mesonBuildLayer = finalAttrs: prevAttrs: { + nativeBuildInputs = prevAttrs.nativeBuildInputs or [ ] ++ [ + pkg-config + ]; + separateDebugInfo = !stdenv.hostPlatform.isStatic; + hardeningDisable = lib.optional stdenv.hostPlatform.isStatic "pie"; + env = + prevAttrs.env or { } + // lib.optionalAttrs ( + stdenv.isLinux + && !(stdenv.hostPlatform.isStatic && stdenv.system == "aarch64-linux") + && !(stdenv.hostPlatform.useLLVM or false) + ) { LDFLAGS = "-fuse-ld=gold"; }; + }; + + mesonLibraryLayer = finalAttrs: prevAttrs: { + outputs = prevAttrs.outputs or [ "out" ] ++ [ "dev" ]; + }; + + # Work around weird `--as-needed` linker behavior with BSD, see + # https://github.com/mesonbuild/meson/issues/3593 + bsdNoLinkAsNeeded = + finalAttrs: prevAttrs: + lib.optionalAttrs stdenv.hostPlatform.isBSD { + mesonFlags = [ (lib.mesonBool "b_asneeded" false) ] ++ prevAttrs.mesonFlags or [ ]; + }; + + miscGoodPractice = finalAttrs: prevAttrs: { + strictDeps = prevAttrs.strictDeps or true; + enableParallelBuilding = true; + }; + in # This becomes the pkgs.nixComponents attribute set @@ -27,6 +159,32 @@ in version = baseVersion + versionSuffix; inherit versionSuffix; + inherit resolvePath filesetToSource; + + mkMesonDerivation = mkPackageBuilder [ + miscGoodPractice + localSourceLayer + setVersionLayer + mesonLayer + ]; + mkMesonExecutable = mkPackageBuilder [ + miscGoodPractice + bsdNoLinkAsNeeded + localSourceLayer + setVersionLayer + mesonLayer + mesonBuildLayer + ]; + mkMesonLibrary = mkPackageBuilder [ + miscGoodPractice + bsdNoLinkAsNeeded + localSourceLayer + mesonLayer + setVersionLayer + mesonBuildLayer + mesonLibraryLayer + ]; + nix-util = callPackage ../src/libutil/package.nix { }; nix-util-c = callPackage ../src/libutil-c/package.nix { }; nix-util-test-support = callPackage ../src/libutil-test-support/package.nix { }; diff --git a/packaging/dependencies.nix b/packaging/dependencies.nix index 20992555c17..2060672f795 100644 --- a/packaging/dependencies.nix +++ b/packaging/dependencies.nix @@ -17,8 +17,6 @@ in let inherit (pkgs) lib; - root = ../.; - stdenv = if prevStdenv.isDarwin && prevStdenv.isx86_64 then darwinStdenv else prevStdenv; # Fix the following error with the default x86_64-darwin SDK: @@ -30,125 +28,6 @@ let # all the way back to 10.6. darwinStdenv = pkgs.overrideSDK prevStdenv { darwinMinVersion = "10.13"; }; - # Nixpkgs implements this by returning a subpath into the fetched Nix sources. - resolvePath = p: p; - - # Indirection for Nixpkgs to override when package.nix files are vendored - filesetToSource = lib.fileset.toSource; - - /** - Given a set of layers, create a mkDerivation-like function - */ - mkPackageBuilder = - exts: userFn: stdenv.mkDerivation (lib.extends (lib.composeManyExtensions exts) userFn); - - setVersionLayer = finalAttrs: prevAttrs: { - preConfigure = - prevAttrs.prevAttrs or "" - + - # Update the repo-global .version file. - # Symlink ./.version points there, but by default only workDir is writable. - '' - chmod u+w ./.version - echo ${finalAttrs.version} > ./.version - ''; - }; - - localSourceLayer = - finalAttrs: prevAttrs: - let - workDirPath = - # Ideally we'd pick finalAttrs.workDir, but for now `mkDerivation` has - # the requirement that everything except passthru and meta must be - # serialized by mkDerivation, which doesn't work for this. - prevAttrs.workDir; - - workDirSubpath = lib.path.removePrefix root workDirPath; - sources = - assert prevAttrs.fileset._type == "fileset"; - prevAttrs.fileset; - src = lib.fileset.toSource { - fileset = sources; - inherit root; - }; - - in - { - sourceRoot = "${src.name}/" + workDirSubpath; - inherit src; - - # Clear what `derivation` can't/shouldn't serialize; see prevAttrs.workDir. - fileset = null; - workDir = null; - }; - - mesonLayer = finalAttrs: prevAttrs: { - # NOTE: - # As of https://github.com/NixOS/nixpkgs/blob/8baf8241cea0c7b30e0b8ae73474cb3de83c1a30/pkgs/by-name/me/meson/setup-hook.sh#L26, - # `mesonBuildType` defaults to `plain` if not specified. We want our Nix-built binaries to be optimized by default. - # More on build types here: https://mesonbuild.com/Builtin-options.html#details-for-buildtype. - mesonBuildType = "release"; - # NOTE: - # Users who are debugging Nix builds are expected to set the environment variable `mesonBuildType`, per the - # guidance in https://github.com/NixOS/nix/blob/8a3fc27f1b63a08ac983ee46435a56cf49ebaf4a/doc/manual/source/development/debugging.md?plain=1#L10. - # For this reason, we don't want to refer to `finalAttrs.mesonBuildType` here, but rather use the environment variable. - preConfigure = - prevAttrs.preConfigure or "" - + - lib.optionalString - ( - !stdenv.hostPlatform.isWindows - # build failure - && !stdenv.hostPlatform.isStatic - # LTO breaks exception handling on x86-64-darwin. - && stdenv.system != "x86_64-darwin" - ) - '' - case "$mesonBuildType" in - release|minsize) appendToVar mesonFlags "-Db_lto=true" ;; - *) appendToVar mesonFlags "-Db_lto=false" ;; - esac - ''; - nativeBuildInputs = [ - pkgs.buildPackages.meson - pkgs.buildPackages.ninja - ] ++ prevAttrs.nativeBuildInputs or [ ]; - mesonCheckFlags = prevAttrs.mesonCheckFlags or [ ] ++ [ - "--print-errorlogs" - ]; - }; - - mesonBuildLayer = finalAttrs: prevAttrs: { - nativeBuildInputs = prevAttrs.nativeBuildInputs or [ ] ++ [ - pkgs.buildPackages.pkg-config - ]; - separateDebugInfo = !stdenv.hostPlatform.isStatic; - hardeningDisable = lib.optional stdenv.hostPlatform.isStatic "pie"; - env = - prevAttrs.env or { } - // lib.optionalAttrs ( - stdenv.isLinux - && !(stdenv.hostPlatform.isStatic && stdenv.system == "aarch64-linux") - && !(stdenv.hostPlatform.useLLVM or false) - ) { LDFLAGS = "-fuse-ld=gold"; }; - }; - - mesonLibraryLayer = finalAttrs: prevAttrs: { - outputs = prevAttrs.outputs or [ "out" ] ++ [ "dev" ]; - }; - - # Work around weird `--as-needed` linker behavior with BSD, see - # https://github.com/mesonbuild/meson/issues/3593 - bsdNoLinkAsNeeded = - finalAttrs: prevAttrs: - lib.optionalAttrs stdenv.hostPlatform.isBSD { - mesonFlags = [ (lib.mesonBool "b_asneeded" false) ] ++ prevAttrs.mesonFlags or [ ]; - }; - - miscGoodPractice = finalAttrs: prevAttrs: { - strictDeps = prevAttrs.strictDeps or true; - enableParallelBuilding = true; - }; in scope: { @@ -187,31 +66,6 @@ scope: installPhase = lib.replaceStrings [ "--without-python" ] [ "" ] old.installPhase; }); - inherit resolvePath filesetToSource; - - mkMesonDerivation = mkPackageBuilder [ - miscGoodPractice - localSourceLayer - setVersionLayer - mesonLayer - ]; - mkMesonExecutable = mkPackageBuilder [ - miscGoodPractice - bsdNoLinkAsNeeded - localSourceLayer - setVersionLayer - mesonLayer - mesonBuildLayer - ]; - mkMesonLibrary = mkPackageBuilder [ - miscGoodPractice - bsdNoLinkAsNeeded - localSourceLayer - mesonLayer - setVersionLayer - mesonBuildLayer - mesonLibraryLayer - ]; } # libgit2: Nixpkgs 24.11 has < 1.9.0 // lib.optionalAttrs (!lib.versionAtLeast pkgs.libgit2.version "1.9.0") { From 44fb6479860f831a0d34540d3b4bae335cb39a59 Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Tue, 18 Feb 2025 13:35:12 +0100 Subject: [PATCH 167/815] packaging: Add overrideAllMesonComponents (cherry picked from commit f31d86284f1027edf173d92967b609de67e1bb2e) --- packaging/components.nix | 34 +++++++++++++++++++++++++++++++++- 1 file changed, 33 insertions(+), 1 deletion(-) diff --git a/packaging/components.nix b/packaging/components.nix index 5c03408dd82..546d5829dac 100644 --- a/packaging/components.nix +++ b/packaging/components.nix @@ -161,11 +161,28 @@ in inherit resolvePath filesetToSource; + /** + A user-provided extension function to apply to each component derivation. + */ + mesonComponentOverrides = finalAttrs: prevAttrs: { }; + + /** + Apply an extension function (i.e. overlay-shaped) to all component derivations. + */ + overrideAllMesonComponents = + f: + scope.overrideScope ( + finalScope: prevScope: { + mesonComponentOverrides = lib.composeExtensions scope.mesonComponentOverrides f; + } + ); + mkMesonDerivation = mkPackageBuilder [ miscGoodPractice localSourceLayer setVersionLayer mesonLayer + scope.mesonComponentOverrides ]; mkMesonExecutable = mkPackageBuilder [ miscGoodPractice @@ -174,6 +191,7 @@ in setVersionLayer mesonLayer mesonBuildLayer + scope.mesonComponentOverrides ]; mkMesonLibrary = mkPackageBuilder [ miscGoodPractice @@ -183,6 +201,7 @@ in setVersionLayer mesonBuildLayer mesonLibraryLayer + scope.mesonComponentOverrides ]; nix-util = callPackage ../src/libutil/package.nix { }; @@ -224,5 +243,18 @@ in nix-perl-bindings = callPackage ../src/perl/package.nix { }; - nix-everything = callPackage ../packaging/everything.nix { }; + nix-everything = callPackage ../packaging/everything.nix { } // { + # Note: no `passthru.overrideAllMesonComponents` + # This would propagate into `nix.overrideAttrs f`, but then discard + # `f` when `.overrideAllMesonComponents` is used. + # Both "methods" should be views on the same fixpoint overriding mechanism + # for that to work. For now, we intentionally don't support the broken + # two-fixpoint solution. + /** + Apply an extension function (i.e. overlay-shaped) to all component derivations, and return the nix package. + */ + overrideAllMesonComponents = f: (scope.overrideAllMesonComponents f).nix-everything; + + scope = scope; + }; } From cc3fb612496a08c35fd8daf31101e7c2279ca032 Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Tue, 18 Feb 2025 15:31:55 +0100 Subject: [PATCH 168/815] packaging: Add source overriding "methods" (cherry picked from commit 48fb6fdde955afd1078ea7bb7f0e8c73e0185f8f) --- flake.nix | 21 +++++++ packaging/components.nix | 123 ++++++++++++++++++++++++++++++++++++--- 2 files changed, 136 insertions(+), 8 deletions(-) diff --git a/flake.nix b/flake.nix index 7158f1ac81b..a92fd74fc58 100644 --- a/flake.nix +++ b/flake.nix @@ -237,6 +237,27 @@ LANG=C.UTF-8 ${pkgs.changelog-d}/bin/changelog-d ${./doc/manual/rl-next} >$out ''; repl-completion = nixpkgsFor.${system}.native.callPackage ./tests/repl-completion.nix { }; + + /** + Checks for our packaging expressions. + This shouldn't build anything significant; just check that things + (including derivations) are _set up_ correctly. + */ + packaging-overriding = + let + pkgs = nixpkgsFor.${system}.native; + nix = self.packages.${system}.nix; + in + assert (nix.appendPatches [ pkgs.emptyFile ]).libs.nix-util.src.patches == [ pkgs.emptyFile ]; + # If this fails, something might be wrong with how we've wired the scope, + # or something could be broken in Nixpkgs. + pkgs.testers.testEqualContents { + assertion = "trivial patch does not change source contents"; + expected = "${./.}"; + actual = + # Same for all components; nix-util is an arbitrary pick + (nix.appendPatches [ pkgs.emptyFile ]).libs.nix-util.src; + }; } // (lib.optionalAttrs (builtins.elem system linux64BitSystems)) { dockerImage = self.hydraJobs.dockerImage.${system}; diff --git a/packaging/components.nix b/packaging/components.nix index 546d5829dac..de02f052bbe 100644 --- a/packaging/components.nix +++ b/packaging/components.nix @@ -32,9 +32,6 @@ let root = ../.; - # Nixpkgs implements this by returning a subpath into the fetched Nix sources. - resolvePath = p: p; - # Indirection for Nixpkgs to override when package.nix files are vendored filesetToSource = lib.fileset.toSource; @@ -84,6 +81,31 @@ let workDir = null; }; + resolveRelPath = p: lib.path.removePrefix root p; + + makeFetchedSourceLayer = + finalScope: finalAttrs: prevAttrs: + let + workDirPath = + # Ideally we'd pick finalAttrs.workDir, but for now `mkDerivation` has + # the requirement that everything except passthru and meta must be + # serialized by mkDerivation, which doesn't work for this. + prevAttrs.workDir; + + workDirSubpath = resolveRelPath workDirPath; + # sources = assert prevAttrs.fileset._type == "fileset"; prevAttrs.fileset; + # src = lib.fileset.toSource { fileset = sources; inherit root; }; + + in + { + sourceRoot = "${finalScope.patchedSrc.name}/" + workDirSubpath; + src = finalScope.patchedSrc; + + # Clear what `derivation` can't/shouldn't serialize; see prevAttrs.workDir. + fileset = null; + workDir = null; + }; + mesonLayer = finalAttrs: prevAttrs: { # NOTE: # As of https://github.com/NixOS/nixpkgs/blob/8baf8241cea0c7b30e0b8ae73474cb3de83c1a30/pkgs/by-name/me/meson/setup-hook.sh#L26, @@ -152,6 +174,17 @@ let enableParallelBuilding = true; }; + /** + Append patches to the source layer. + */ + appendPatches = + scope: patches: + scope.overrideScope ( + finalScope: prevScope: { + patches = prevScope.patches ++ patches; + } + ); + in # This becomes the pkgs.nixComponents attribute set @@ -159,13 +192,24 @@ in version = baseVersion + versionSuffix; inherit versionSuffix; - inherit resolvePath filesetToSource; + inherit filesetToSource; /** A user-provided extension function to apply to each component derivation. */ mesonComponentOverrides = finalAttrs: prevAttrs: { }; + /** + An overridable derivation layer for handling the sources. + */ + sourceLayer = localSourceLayer; + + /** + Resolve a path value to either itself or a path in the `src`, depending + whether `overrideSource` was called. + */ + resolvePath = p: p; + /** Apply an extension function (i.e. overlay-shaped) to all component derivations. */ @@ -177,9 +221,57 @@ in } ); + /** + Provide an alternate source. This allows the expressions to be vendored without copying the sources, + but it does make the build non-granular; all components will use a complete source. + + Packaging expressions will be ignored. + */ + overrideSource = + src: + scope.overrideScope ( + finalScope: prevScope: { + sourceLayer = makeFetchedSourceLayer finalScope; + /** + Unpatched source for the build of Nix. Packaging expressions will be ignored. + */ + src = src; + /** + Patches for the whole Nix source. Changes to packaging expressions will be ignored. + */ + patches = [ ]; + /** + Fetched and patched source to be used in component derivations. + */ + patchedSrc = + if finalScope.patches == [ ] then + src + else + pkgs.buildPackages.srcOnly ( + pkgs.buildPackages.stdenvNoCC.mkDerivation { + name = "${finalScope.src.name or "nix-source"}-patched"; + inherit (finalScope) src patches; + } + ); + resolvePath = p: finalScope.patchedSrc + "/${resolveRelPath p}"; + appendPatches = appendPatches finalScope; + } + ); + + /** + Append patches to be applied to the whole Nix source. + This affects all components. + + Changes to the packaging expressions will be ignored. + */ + appendPatches = + patches: + # switch to "fetched" source first, so that patches apply to the whole tree. + (scope.overrideSource "${./..}").appendPatches patches; + mkMesonDerivation = mkPackageBuilder [ miscGoodPractice - localSourceLayer + scope.sourceLayer setVersionLayer mesonLayer scope.mesonComponentOverrides @@ -187,7 +279,7 @@ in mkMesonExecutable = mkPackageBuilder [ miscGoodPractice bsdNoLinkAsNeeded - localSourceLayer + scope.sourceLayer setVersionLayer mesonLayer mesonBuildLayer @@ -196,7 +288,7 @@ in mkMesonLibrary = mkPackageBuilder [ miscGoodPractice bsdNoLinkAsNeeded - localSourceLayer + scope.sourceLayer mesonLayer setVersionLayer mesonBuildLayer @@ -255,6 +347,21 @@ in */ overrideAllMesonComponents = f: (scope.overrideAllMesonComponents f).nix-everything; - scope = scope; + /** + Append patches to be applied to the whole Nix source. + This affects all components. + + Changes to the packaging expressions will be ignored. + */ + appendPatches = ps: (scope.appendPatches ps).nix-everything; + + /** + Provide an alternate source. This allows the expressions to be vendored without copying the sources, + but it does make the build non-granular; all components will use a complete source. + + Packaging expressions will be ignored. + */ + overrideSource = src: (scope.overrideSource src).nix-everything; + }; } From a4641be4e92737fe213c166705949f570f0cc64c Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Tue, 18 Feb 2025 17:13:57 +0100 Subject: [PATCH 169/815] test: Ignore packaging-overriding check on darwin for now (cherry picked from commit 03efba30dacc79e64f4107206b13231473bf2670) --- flake.nix | 21 ++++++++++++--------- 1 file changed, 12 insertions(+), 9 deletions(-) diff --git a/flake.nix b/flake.nix index a92fd74fc58..f5c7780d590 100644 --- a/flake.nix +++ b/flake.nix @@ -249,15 +249,18 @@ nix = self.packages.${system}.nix; in assert (nix.appendPatches [ pkgs.emptyFile ]).libs.nix-util.src.patches == [ pkgs.emptyFile ]; - # If this fails, something might be wrong with how we've wired the scope, - # or something could be broken in Nixpkgs. - pkgs.testers.testEqualContents { - assertion = "trivial patch does not change source contents"; - expected = "${./.}"; - actual = - # Same for all components; nix-util is an arbitrary pick - (nix.appendPatches [ pkgs.emptyFile ]).libs.nix-util.src; - }; + if pkgs.stdenv.buildPlatform.isDarwin then + lib.warn "packaging-overriding check currently disabled because of a permissions issue on macOS" pkgs.emptyFile + else + # If this fails, something might be wrong with how we've wired the scope, + # or something could be broken in Nixpkgs. + pkgs.testers.testEqualContents { + assertion = "trivial patch does not change source contents"; + expected = "${./.}"; + actual = + # Same for all components; nix-util is an arbitrary pick + (nix.appendPatches [ pkgs.emptyFile ]).libs.nix-util.src; + }; } // (lib.optionalAttrs (builtins.elem system linux64BitSystems)) { dockerImage = self.hydraJobs.dockerImage.${system}; From bfb6f37b374eb71747419afb12de372fe02e51a7 Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Tue, 18 Feb 2025 19:01:58 +0100 Subject: [PATCH 170/815] packaging: Add patch count to version (cherry picked from commit 0dbe28ad9d5f82d11bc5626310822a404f07eb60) --- packaging/components.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/packaging/components.nix b/packaging/components.nix index de02f052bbe..c26b4b9a800 100644 --- a/packaging/components.nix +++ b/packaging/components.nix @@ -100,6 +100,11 @@ let { sourceRoot = "${finalScope.patchedSrc.name}/" + workDirSubpath; src = finalScope.patchedSrc; + version = + let + n = lib.count (p: p != null) finalScope.patches; + in + if n == 0 then finalAttrs.version else finalAttrs.version + "+${toString n}"; # Clear what `derivation` can't/shouldn't serialize; see prevAttrs.workDir. fileset = null; From dade40573e63528070a510d09a41980993e3724c Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Tue, 18 Feb 2025 19:06:36 +0100 Subject: [PATCH 171/815] packaging: Make patch count lazier This makes `nix.version` quicker to evaluate, which should speed up package listing operations. If you want an accurate count, use `lib.optionals` in your override instead of `null` values. (cherry picked from commit d47e3c95762881e35e894ca1ba1f77c00f8b7ba3) --- packaging/components.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packaging/components.nix b/packaging/components.nix index c26b4b9a800..bec4dc86578 100644 --- a/packaging/components.nix +++ b/packaging/components.nix @@ -102,7 +102,7 @@ let src = finalScope.patchedSrc; version = let - n = lib.count (p: p != null) finalScope.patches; + n = lib.length finalScope.patches; in if n == 0 then finalAttrs.version else finalAttrs.version + "+${toString n}"; From 244735270a4a1d5f06edd569012cdb1dd222ec4a Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Wed, 19 Feb 2025 00:10:05 +0100 Subject: [PATCH 172/815] packaging: Remove dead code ... from nixpkgs, my bad. (cherry picked from commit f0bdb652161f142999134dd7756e41a3942f57b6) --- packaging/components.nix | 2 -- 1 file changed, 2 deletions(-) diff --git a/packaging/components.nix b/packaging/components.nix index bec4dc86578..b1ef38302f5 100644 --- a/packaging/components.nix +++ b/packaging/components.nix @@ -93,8 +93,6 @@ let prevAttrs.workDir; workDirSubpath = resolveRelPath workDirPath; - # sources = assert prevAttrs.fileset._type == "fileset"; prevAttrs.fileset; - # src = lib.fileset.toSource { fileset = sources; inherit root; }; in { From 0339ba582ea095d211bb9cf3713978c9ac805413 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 19 Feb 2025 09:09:57 +0100 Subject: [PATCH 173/815] magic-nix-cache-action -> flakehub-cache-action --- .github/workflows/build.yml | 4 ++-- .github/workflows/ci.yml | 4 ++-- .github/workflows/test.yml | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index ef7174c3090..230d4590dd8 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -17,5 +17,5 @@ jobs: - uses: DeterminateSystems/nix-installer-action@main with: flakehub: true - - uses: DeterminateSystems/magic-nix-cache-action@main - - run: nix build + - uses: DeterminateSystems/flakehub-cache-action@main + - run: nix build -L diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index fa5f934ff57..8d3aa5d01ba 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -76,7 +76,7 @@ jobs: - uses: DeterminateSystems/nix-installer-action@main with: flakehub: true - - uses: DeterminateSystems/magic-nix-cache-action@main + - uses: DeterminateSystems/flakehub-cache-action@main - run: | nix build -L \ .#hydraJobs.tests.functional_user \ @@ -104,5 +104,5 @@ jobs: - uses: DeterminateSystems/nix-installer-action@main with: flakehub: true - - uses: DeterminateSystems/magic-nix-cache-action@main + - uses: DeterminateSystems/flakehub-cache-action@main - run: nix build -L --out-link ./new-nix && PATH=$(pwd)/new-nix/bin:$PATH MAX_FLAKES=25 flake-regressions/eval-all.sh diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 14e4c5fa58d..e58827a9c06 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -17,5 +17,5 @@ jobs: - uses: DeterminateSystems/nix-installer-action@main with: flakehub: true - - uses: DeterminateSystems/magic-nix-cache-action@main + - uses: DeterminateSystems/flakehub-cache-action@main - run: nix flake check -L From 8028579060d5ddb05ab1e998827341f82438ee18 Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Wed, 19 Feb 2025 00:36:29 +0100 Subject: [PATCH 174/815] packaging: Restore libgit2 USE_SSH=exec ... when nixpkgs is nixos-unstable or the overlay is used. (cherry picked from commit 5488e29d2f0b77c3106fb295a9464ba2dd326d9a) --- packaging/dependencies.nix | 70 ++++++++++++++++++++------------------ 1 file changed, 36 insertions(+), 34 deletions(-) diff --git a/packaging/dependencies.nix b/packaging/dependencies.nix index 2060672f795..535b3ff3739 100644 --- a/packaging/dependencies.nix +++ b/packaging/dependencies.nix @@ -29,8 +29,7 @@ let darwinStdenv = pkgs.overrideSDK prevStdenv { darwinMinVersion = "10.13"; }; in -scope: -{ +scope: { inherit stdenv; aws-sdk-cpp = @@ -66,36 +65,39 @@ scope: installPhase = lib.replaceStrings [ "--without-python" ] [ "" ] old.installPhase; }); -} -# libgit2: Nixpkgs 24.11 has < 1.9.0 -// lib.optionalAttrs (!lib.versionAtLeast pkgs.libgit2.version "1.9.0") { - libgit2 = pkgs.libgit2.overrideAttrs (attrs: { - cmakeFlags = attrs.cmakeFlags or [ ] ++ [ "-DUSE_SSH=exec" ]; - nativeBuildInputs = - attrs.nativeBuildInputs or [ ] - # gitMinimal does not build on Windows. See packbuilder patch. - ++ lib.optionals (!stdenv.hostPlatform.isWindows) [ - # Needed for `git apply`; see `prePatch` - pkgs.buildPackages.gitMinimal - ]; - # Only `git apply` can handle git binary patches - prePatch = - attrs.prePatch or "" - + lib.optionalString (!stdenv.hostPlatform.isWindows) '' - patch() { - git apply - } - ''; - patches = - attrs.patches or [ ] - ++ [ - ./patches/libgit2-mempack-thin-packfile.patch - ] - # gitMinimal does not build on Windows, but fortunately this patch only - # impacts interruptibility - ++ lib.optionals (!stdenv.hostPlatform.isWindows) [ - # binary patch; see `prePatch` - ./patches/libgit2-packbuilder-callback-interruptible.patch - ]; - }); + libgit2 = pkgs.libgit2.overrideAttrs ( + attrs: + { + cmakeFlags = attrs.cmakeFlags or [ ] ++ [ "-DUSE_SSH=exec" ]; + } + # libgit2: Nixpkgs 24.11 has < 1.9.0, which needs our patches + // lib.optionalAttrs (!lib.versionAtLeast pkgs.libgit2.version "1.9.0") { + nativeBuildInputs = + attrs.nativeBuildInputs or [ ] + # gitMinimal does not build on Windows. See packbuilder patch. + ++ lib.optionals (!stdenv.hostPlatform.isWindows) [ + # Needed for `git apply`; see `prePatch` + pkgs.buildPackages.gitMinimal + ]; + # Only `git apply` can handle git binary patches + prePatch = + attrs.prePatch or "" + + lib.optionalString (!stdenv.hostPlatform.isWindows) '' + patch() { + git apply + } + ''; + patches = + attrs.patches or [ ] + ++ [ + ./patches/libgit2-mempack-thin-packfile.patch + ] + # gitMinimal does not build on Windows, but fortunately this patch only + # impacts interruptibility + ++ lib.optionals (!stdenv.hostPlatform.isWindows) [ + # binary patch; see `prePatch` + ./patches/libgit2-packbuilder-callback-interruptible.patch + ]; + } + ); } From cd149b56c76f886bc0b08d1d6da3f4e5f631d591 Mon Sep 17 00:00:00 2001 From: MaxHearnden Date: Sun, 9 Feb 2025 20:53:58 +0000 Subject: [PATCH 175/815] Set FD_CLOEXEC on sockets created by curl Curl creates sockets without setting FD_CLOEXEC/SOCK_CLOEXEC, this can cause connections to remain open forever when using commands like `nix shell` This change sets the FD_CLOEXEC flag using a CURLOPT_SOCKOPTFUNCTION callback. (cherry picked from commit 12d25272764bf2f9f828d5d129ec26622baf75eb) --- doc/manual/rl-next/curl-cloexec.md | 10 ++++++++++ src/libstore/filetransfer.cc | 12 ++++++++++++ 2 files changed, 22 insertions(+) create mode 100644 doc/manual/rl-next/curl-cloexec.md diff --git a/doc/manual/rl-next/curl-cloexec.md b/doc/manual/rl-next/curl-cloexec.md new file mode 100644 index 00000000000..2fcdfb0d101 --- /dev/null +++ b/doc/manual/rl-next/curl-cloexec.md @@ -0,0 +1,10 @@ +--- +synopsis: Set FD_CLOEXEC on sockets created by curl +issues: [] +prs: [12439] +--- + + +Curl creates sockets without setting FD_CLOEXEC/SOCK_CLOEXEC, this can cause connections to remain open forever when using commands like `nix shell` + +This change sets the FD_CLOEXEC flag using a CURLOPT_SOCKOPTFUNCTION callback. diff --git a/src/libstore/filetransfer.cc b/src/libstore/filetransfer.cc index 8439cc39cc8..932e1d75684 100644 --- a/src/libstore/filetransfer.cc +++ b/src/libstore/filetransfer.cc @@ -300,6 +300,14 @@ struct curlFileTransfer : public FileTransfer return ((TransferItem *) userp)->readCallback(buffer, size, nitems); } + #if !defined(_WIN32) && LIBCURL_VERSION_NUM >= 0x071000 + static int cloexec_callback(void *, curl_socket_t curlfd, curlsocktype purpose) { + unix::closeOnExec(curlfd); + vomit("cloexec set for fd %i", curlfd); + return CURL_SOCKOPT_OK; + } + #endif + void init() { if (!req) req = curl_easy_init(); @@ -359,6 +367,10 @@ struct curlFileTransfer : public FileTransfer curl_easy_setopt(req, CURLOPT_SSL_VERIFYHOST, 0); } + #if !defined(_WIN32) && LIBCURL_VERSION_NUM >= 0x071000 + curl_easy_setopt(req, CURLOPT_SOCKOPTFUNCTION, cloexec_callback); + #endif + curl_easy_setopt(req, CURLOPT_CONNECTTIMEOUT, fileTransferSettings.connectTimeout.get()); curl_easy_setopt(req, CURLOPT_LOW_SPEED_LIMIT, 1L); From a691dcf48f161d47922487170c94ad3105901a8a Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 20 Feb 2025 15:36:36 +0100 Subject: [PATCH 176/815] Run all of hydraJobs.tests.* --- .github/workflows/ci.yml | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 8d3aa5d01ba..7834c0ea104 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -68,6 +68,7 @@ jobs: with: os: macos-latest + # Build hydraJobs.tests.*. vm_tests: needs: build_x86_64-linux runs-on: UbuntuLatest32Cores128G @@ -78,12 +79,13 @@ jobs: flakehub: true - uses: DeterminateSystems/flakehub-cache-action@main - run: | - nix build -L \ - .#hydraJobs.tests.functional_user \ - .#hydraJobs.tests.githubFlakes \ - .#hydraJobs.tests.nix-docker \ - .#hydraJobs.tests.tarballFlakes \ - ; + nix build -L --keep-going \ + $(nix flake show --json \ + | jq -r ' + .hydraJobs.tests + | with_entries(select(.value.type == "derivation")) + | keys[] + | ".#hydraJobs.tests." + .') flake_regressions: needs: build_x86_64-linux From 65583ca79b9945ef588c03886209243b1d6cc1cf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sandro=20J=C3=A4ckel?= Date: Sat, 1 Feb 2025 16:49:31 +0100 Subject: [PATCH 177/815] Only try to chmod /nix/var/nix/profiles/per-user when necessary Co-authored-by: Eelco Dolstra (cherry picked from commit dcbf4dcc09805ea3d1f22a7f8a55f313473338ed) --- src/libstore/local-store.cc | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/src/libstore/local-store.cc b/src/libstore/local-store.cc index f708bd1b008..9a7a941b65a 100644 --- a/src/libstore/local-store.cc +++ b/src/libstore/local-store.cc @@ -136,7 +136,12 @@ LocalStore::LocalStore( for (auto & perUserDir : {profilesDir + "/per-user", gcRootsDir + "/per-user"}) { createDirs(perUserDir); if (!readOnly) { - if (chmod(perUserDir.c_str(), 0755) == -1) + auto st = lstat(perUserDir); + + // Skip chmod call if the directory already has the correct permissions (0755). + // This is to avoid failing when the executing user lacks permissions to change the directory's permissions + // even if it would be no-op. + if ((st.st_mode & (S_IRWXU | S_IRWXG | S_IRWXO)) != 0755 && chmod(perUserDir.c_str(), 0755) == -1) throw SysError("could not set permissions on '%s' to 755", perUserDir); } } From 856afa27c2f1c352034ec965722510ffebe01b5b Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 20 Feb 2025 17:22:42 +0100 Subject: [PATCH 178/815] Build the binary tarball --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 230d4590dd8..7e3c9872d54 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -18,4 +18,4 @@ jobs: with: flakehub: true - uses: DeterminateSystems/flakehub-cache-action@main - - run: nix build -L + - run: nix build . .#binaryTarball -L From d9f742302e9d44ef3a5dd658779c923eae4a0811 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 20 Feb 2025 20:24:51 +0100 Subject: [PATCH 179/815] Add merge queue config --- .github/workflows/ci.yml | 25 ++++++++++++++++++++++--- 1 file changed, 22 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 7834c0ea104..9a7c8bbaa48 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -7,6 +7,7 @@ on: - detsys-main - main - master + merge_group: permissions: id-token: "write" @@ -68,8 +69,25 @@ jobs: with: os: macos-latest - # Build hydraJobs.tests.*. - vm_tests: + vm_tests_smoke: + needs: build_x86_64-linux + runs-on: UbuntuLatest32Cores128G + steps: + - uses: actions/checkout@v4 + - uses: DeterminateSystems/nix-installer-action@main + with: + flakehub: true + - uses: DeterminateSystems/flakehub-cache-action@main + - run: | + nix build -L \ + .#hydraJobs.tests.functional_user \ + .#hydraJobs.tests.githubFlakes \ + .#hydraJobs.tests.nix-docker \ + .#hydraJobs.tests.tarballFlakes \ + ; + + vm_tests_all: + if: github.event_name == 'merge_group' needs: build_x86_64-linux runs-on: UbuntuLatest32Cores128G steps: @@ -85,7 +103,8 @@ jobs: .hydraJobs.tests | with_entries(select(.value.type == "derivation")) | keys[] - | ".#hydraJobs.tests." + .') + | ".#hydraJobs.tests." + .' + | head -n5) # FIXME: for testing the merge queue flake_regressions: needs: build_x86_64-linux From 4c39f29a4a8a8aa02c2296b0a9986b7e760e77be Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 20 Feb 2025 20:33:01 +0100 Subject: [PATCH 180/815] Move more stuff to the merge queue --- .github/workflows/ci.yml | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 9a7c8bbaa48..6485288e87b 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -31,11 +31,13 @@ jobs: os: UbuntuLatest32Cores128G build_aarch64-linux: + if: github.event_name == 'merge_group' uses: ./.github/workflows/build.yml with: os: UbuntuLatest32Cores128GArm build_x86_64-darwin: + if: github.event_name == 'merge_group' uses: ./.github/workflows/build.yml with: os: macos-13 @@ -52,18 +54,21 @@ jobs: os: UbuntuLatest32Cores128G test_aarch64-linux: + if: github.event_name == 'merge_group' uses: ./.github/workflows/test.yml needs: build_aarch64-linux with: os: UbuntuLatest32Cores128GArm test_x86_64-darwin: + if: github.event_name == 'merge_group' uses: ./.github/workflows/test.yml needs: build_aarch64-darwin with: os: macos-13 test_aarch64-darwin: + if: github.event_name == 'merge_group' uses: ./.github/workflows/test.yml needs: build_aarch64-darwin with: @@ -107,6 +112,7 @@ jobs: | head -n5) # FIXME: for testing the merge queue flake_regressions: + if: github.event_name == 'merge_group' needs: build_x86_64-linux runs-on: UbuntuLatest32Cores128G steps: @@ -126,4 +132,4 @@ jobs: with: flakehub: true - uses: DeterminateSystems/flakehub-cache-action@main - - run: nix build -L --out-link ./new-nix && PATH=$(pwd)/new-nix/bin:$PATH MAX_FLAKES=25 flake-regressions/eval-all.sh + - run: nix build -L --out-link ./new-nix && PATH=$(pwd)/new-nix/bin:$PATH MAX_FLAKES=50 flake-regressions/eval-all.sh From 10977365ff697143d1688513bd4e0dda377381e1 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 20 Feb 2025 20:58:16 +0100 Subject: [PATCH 181/815] Run some jobs on blacksmith --- .github/workflows/ci.yml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 6485288e87b..95d6633fd00 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -15,7 +15,7 @@ permissions: jobs: eval: - runs-on: UbuntuLatest32Cores128G + runs-on: blacksmith-32vcpu-ubuntu-2204 steps: - uses: actions/checkout@v4 with: @@ -28,13 +28,13 @@ jobs: build_x86_64-linux: uses: ./.github/workflows/build.yml with: - os: UbuntuLatest32Cores128G + os: blacksmith-32vcpu-ubuntu-2204 build_aarch64-linux: if: github.event_name == 'merge_group' uses: ./.github/workflows/build.yml with: - os: UbuntuLatest32Cores128GArm + os: blacksmith-32vcpu-ubuntu-2204-arm build_x86_64-darwin: if: github.event_name == 'merge_group' @@ -51,14 +51,14 @@ jobs: uses: ./.github/workflows/test.yml needs: build_x86_64-linux with: - os: UbuntuLatest32Cores128G + os: blacksmith-32vcpu-ubuntu-2204 test_aarch64-linux: if: github.event_name == 'merge_group' uses: ./.github/workflows/test.yml needs: build_aarch64-linux with: - os: UbuntuLatest32Cores128GArm + os: blacksmith-32vcpu-ubuntu-2204-arm test_x86_64-darwin: if: github.event_name == 'merge_group' @@ -76,7 +76,7 @@ jobs: vm_tests_smoke: needs: build_x86_64-linux - runs-on: UbuntuLatest32Cores128G + runs-on: blacksmith-32vcpu-ubuntu-2204 steps: - uses: actions/checkout@v4 - uses: DeterminateSystems/nix-installer-action@main @@ -94,7 +94,7 @@ jobs: vm_tests_all: if: github.event_name == 'merge_group' needs: build_x86_64-linux - runs-on: UbuntuLatest32Cores128G + runs-on: blacksmith-32vcpu-ubuntu-2204 steps: - uses: actions/checkout@v4 - uses: DeterminateSystems/nix-installer-action@main @@ -114,7 +114,7 @@ jobs: flake_regressions: if: github.event_name == 'merge_group' needs: build_x86_64-linux - runs-on: UbuntuLatest32Cores128G + runs-on: blacksmith-32vcpu-ubuntu-2204 steps: - name: Checkout nix uses: actions/checkout@v4 From 3e39ac4fc9b26cee32d743fafd8895ea0f642887 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 20 Feb 2025 21:06:17 +0100 Subject: [PATCH 182/815] Don't run vm_tests_smoke in the merge queue --- .github/workflows/ci.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 95d6633fd00..98efc7a579d 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -75,6 +75,7 @@ jobs: os: macos-latest vm_tests_smoke: + if: github.event_name != 'merge_group' needs: build_x86_64-linux runs-on: blacksmith-32vcpu-ubuntu-2204 steps: From 835b3b4efe714ea0457ad627a32533e480192959 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 20 Feb 2025 21:39:01 +0100 Subject: [PATCH 183/815] Fix vm_tests_all --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 98efc7a579d..60b75a439b2 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -109,7 +109,7 @@ jobs: .hydraJobs.tests | with_entries(select(.value.type == "derivation")) | keys[] - | ".#hydraJobs.tests." + .' + | ".#hydraJobs.tests." + .' \ | head -n5) # FIXME: for testing the merge queue flake_regressions: From 013c09948ebff7b887c5ae9c444db8c17cf09c3e Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Thu, 20 Feb 2025 17:13:19 -0500 Subject: [PATCH 184/815] Create an initial propose-release workflow --- .github/workflows/propose-release.yml | 29 +++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 .github/workflows/propose-release.yml diff --git a/.github/workflows/propose-release.yml b/.github/workflows/propose-release.yml new file mode 100644 index 00000000000..1ba7f43e7db --- /dev/null +++ b/.github/workflows/propose-release.yml @@ -0,0 +1,29 @@ +on: + workflow_dispatch: + inputs: + reference-id: + type: string + required: true + version: + type: string + required: true + +concurrency: + group: ${{ github.workflow }} + cancel-in-progress: true + +jobs: + propose-release: + uses: DeterminateSystems/propose-release/.github/workflows/workflow.yml@main + permissions: + id-token: write + contents: write + pull-requests: write + with: + update-flake: false + reference-id: ${{ inputs.reference-id }} + version: ${{ inputs.version }} + extra-commands-early: | + echo ${{ inputs.version }} > .version-determinate + git add .version-determinate + git commit -m "Set .version-determinate to ${{ inputs.version }}" From 592994d2e1a1f796454a21a05d18495489335e8e Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Thu, 20 Feb 2025 17:15:51 -0500 Subject: [PATCH 185/815] Fixup the release workflow --- .github/workflows/publish.yml | 37 +++++++++++++++++++---------------- 1 file changed, 20 insertions(+), 17 deletions(-) diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 839ace59492..00ca3ec534b 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -1,20 +1,23 @@ -name: Publish on FlakeHub +name: Release on: - push: - tags: - - "v*.*.*" + release: + types: + - released -publish: - runs-on: ubuntu-latest - permissions: - contents: read - id-token: write - steps: - - uses: actions/checkout@v4 - - uses: DeterminateSystems/nix-installer-action@main - - uses: "DeterminateSystems/flakehub-push@main" - with: - visibility: "private" - name: "DeterminateSystems/nix-priv" - tag: "${{ github.ref_name }}" +jobs: + publish: + if: (!github.repository.fork && (github.ref == format('refs/heads/{0}', github.event.repository.default_branch) || startsWith(github.ref, 'refs/tags/'))) + environment: ${{ github.event_name == 'release' && 'production' || '' }} + runs-on: ubuntu-latest + permissions: + contents: read + id-token: write + steps: + - uses: actions/checkout@v4 + - uses: DeterminateSystems/nix-installer-action@main + - uses: "DeterminateSystems/flakehub-push@main" + with: + rolling: ${{ github.ref == format('refs/heads/{0}', github.event.repository.default_branch) }} + visibility: "private" + tag: "${{ github.ref_name }}" From 0dc5b249ff05bbfbd659805aee4261065d5826c3 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Tue, 5 Nov 2024 16:38:52 +0100 Subject: [PATCH 186/815] Build the Nix manual in CI and deploy to Netlify --- .github/workflows/build.yml | 4 ++++ .github/workflows/ci.yml | 27 +++++++++++++++++++++++++++ packaging/hydra.nix | 9 +++++++++ 3 files changed, 40 insertions(+) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 7e3c9872d54..441f23c5adb 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -4,6 +4,10 @@ on: os: required: true type: string + manual: + required: false + type: boolean + default: false jobs: diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 60b75a439b2..4397d374721 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -134,3 +134,30 @@ jobs: flakehub: true - uses: DeterminateSystems/flakehub-cache-action@main - run: nix build -L --out-link ./new-nix && PATH=$(pwd)/new-nix/bin:$PATH MAX_FLAKES=50 flake-regressions/eval-all.sh + + manual: + if: github.event_name != 'merge_group' + needs: build_x86_64-linux + runs-on: blacksmith + steps: + - name: Checkout nix + uses: actions/checkout@v4 + - uses: DeterminateSystems/nix-installer-action@main + with: + flakehub: true + - uses: DeterminateSystems/flakehub-cache-action@main + - name: Build manual + run: nix build .#hydraJobs.manual + - uses: nwtgck/actions-netlify@v3.0 + with: + publish-dir: './result/share/doc/nix/manual' + production-branch: detsys-main + github-token: ${{ secrets.GITHUB_TOKEN }} + deploy-message: "Deploy from GitHub Actions" + enable-pull-request-comment: true + enable-commit-comment: true + enable-commit-status: true + overwrites-pull-request-comment: true + env: + NETLIFY_AUTH_TOKEN: ${{ secrets.NETLIFY_AUTH_TOKEN }} + NETLIFY_SITE_ID: ${{ secrets.NETLIFY_SITE_ID }} diff --git a/packaging/hydra.nix b/packaging/hydra.nix index debd98cf2aa..4f9039cd377 100644 --- a/packaging/hydra.nix +++ b/packaging/hydra.nix @@ -181,6 +181,15 @@ in # Nix's manual manual = nixpkgsFor.x86_64-linux.native.nixComponents.nix-manual; + manualTarball = + with nixpkgsFor.x86_64-linux.native; + runCommand "determinate-nix-manual-${self.hydraJobs.manual.version}" + { } + '' + mkdir -p $out/tarballs + tar cvfz $out/tarballs/$name.tar.gz -C ${self.hydraJobs.manual}/share/doc/nix/manual . --transform "s/^./$name/" + ''; + # API docs for Nix's unstable internal C++ interfaces. internal-api-docs = nixpkgsFor.x86_64-linux.native.nixComponents.nix-internal-api-docs; From c23a2cdc4a541a787fc8f3f76dbeddb42b849b02 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 21 Feb 2025 00:50:04 +0100 Subject: [PATCH 187/815] Hack --- .github/workflows/ci.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 4397d374721..483b787dcf4 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -12,6 +12,9 @@ on: permissions: id-token: "write" contents: "read" + pull-requests: "write" + statuses: "write" + deployments: "write" jobs: eval: From 53c03a0161478ce94874110abf34229cb0de1bbd Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 21 Feb 2025 01:50:29 +0100 Subject: [PATCH 188/815] Cleanup --- .github/workflows/build.yml | 4 ---- packaging/hydra.nix | 9 --------- 2 files changed, 13 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 441f23c5adb..7e3c9872d54 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -4,10 +4,6 @@ on: os: required: true type: string - manual: - required: false - type: boolean - default: false jobs: diff --git a/packaging/hydra.nix b/packaging/hydra.nix index 4f9039cd377..debd98cf2aa 100644 --- a/packaging/hydra.nix +++ b/packaging/hydra.nix @@ -181,15 +181,6 @@ in # Nix's manual manual = nixpkgsFor.x86_64-linux.native.nixComponents.nix-manual; - manualTarball = - with nixpkgsFor.x86_64-linux.native; - runCommand "determinate-nix-manual-${self.hydraJobs.manual.version}" - { } - '' - mkdir -p $out/tarballs - tar cvfz $out/tarballs/$name.tar.gz -C ${self.hydraJobs.manual}/share/doc/nix/manual . --transform "s/^./$name/" - ''; - # API docs for Nix's unstable internal C++ interfaces. internal-api-docs = nixpkgsFor.x86_64-linux.native.nixComponents.nix-internal-api-docs; From dece94fe2598e82b094d1b761631bb7b9eb2e49c Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 21 Feb 2025 02:07:16 +0100 Subject: [PATCH 189/815] Restrict permissions --- .github/workflows/ci.yml | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 483b787dcf4..c3a96704f77 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -12,9 +12,6 @@ on: permissions: id-token: "write" contents: "read" - pull-requests: "write" - statuses: "write" - deployments: "write" jobs: eval: @@ -142,6 +139,12 @@ jobs: if: github.event_name != 'merge_group' needs: build_x86_64-linux runs-on: blacksmith + permissions: + id-token: "write" + contents: "read" + pull-requests: "write" + statuses: "write" + deployments: "write" steps: - name: Checkout nix uses: actions/checkout@v4 From 3f59f80e6c3246abd7bd85cb59603a596fa448b7 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 21 Feb 2025 13:07:37 +0100 Subject: [PATCH 190/815] Fix location of release-notes-determinate --- doc/manual/{src => source}/release-notes-determinate/changes.md | 0 doc/manual/{src => source}/release-notes-determinate/index.md | 0 2 files changed, 0 insertions(+), 0 deletions(-) rename doc/manual/{src => source}/release-notes-determinate/changes.md (100%) rename doc/manual/{src => source}/release-notes-determinate/index.md (100%) diff --git a/doc/manual/src/release-notes-determinate/changes.md b/doc/manual/source/release-notes-determinate/changes.md similarity index 100% rename from doc/manual/src/release-notes-determinate/changes.md rename to doc/manual/source/release-notes-determinate/changes.md diff --git a/doc/manual/src/release-notes-determinate/index.md b/doc/manual/source/release-notes-determinate/index.md similarity index 100% rename from doc/manual/src/release-notes-determinate/index.md rename to doc/manual/source/release-notes-determinate/index.md From 237c9bda798e40eb348637e5e29e0e0518c65759 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 21 Feb 2025 13:20:05 +0100 Subject: [PATCH 191/815] Add release notes for 1.0.0 --- doc/manual/source/SUMMARY.md.in | 2 +- doc/manual/source/release-notes-determinate/rl-1.0.0.md | 5 +++++ 2 files changed, 6 insertions(+), 1 deletion(-) create mode 100644 doc/manual/source/release-notes-determinate/rl-1.0.0.md diff --git a/doc/manual/source/SUMMARY.md.in b/doc/manual/source/SUMMARY.md.in index f5d19cc6532..3dd4e0977a4 100644 --- a/doc/manual/source/SUMMARY.md.in +++ b/doc/manual/source/SUMMARY.md.in @@ -130,7 +130,7 @@ - [Contributing](development/contributing.md) - [Determinate Nix Releases Notes](release-notes-determinate/index.md) - [Changes between Nix and Determinate Nix](release-notes-determinate/changes.md) - - [Release 1.0 (2024-11-??)](release-notes-determinate/rl-1.0.md) + - [Release 1.0.0 (2025-??-??)](release-notes-determinate/rl-1.0.0.md) - [Nix Releases Notes](release-notes/index.md) {{#include ./SUMMARY-rl-next.md}} - [Release 2.26 (2025-01-22)](release-notes/rl-2.26.md) diff --git a/doc/manual/source/release-notes-determinate/rl-1.0.0.md b/doc/manual/source/release-notes-determinate/rl-1.0.0.md new file mode 100644 index 00000000000..16dcc9d3e9f --- /dev/null +++ b/doc/manual/source/release-notes-determinate/rl-1.0.0.md @@ -0,0 +1,5 @@ +# Release 1.0.0 (2025-??-??) + +* Initial release of Determinate Nix. + +* Based on [upstream Nix 2.26.2](../release-notes/rl-2.26.md). From cd1935468d7e6a38c9dbb7212c87a5122afc47f7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabian=20M=C3=B6ller?= Date: Fri, 21 Feb 2025 11:49:00 +0100 Subject: [PATCH 192/815] Fix perl store bindings When #9863 converted the `Nix::Store` free functions into member functions, the implicit `this` argument was not accounted for when iterating over the variable number of arguments in some functions. (cherry picked from commit 5cf9e18167b86f39864e39e5fe129e5f6c1a15e0) --- src/perl/lib/Nix/Store.xs | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/perl/lib/Nix/Store.xs b/src/perl/lib/Nix/Store.xs index 172c3500de0..cfc3ac034a3 100644 --- a/src/perl/lib/Nix/Store.xs +++ b/src/perl/lib/Nix/Store.xs @@ -194,7 +194,7 @@ StoreWrapper::computeFSClosure(int flipDirection, int includeOutputs, ...) PPCODE: try { StorePathSet paths; - for (int n = 2; n < items; ++n) + for (int n = 3; n < items; ++n) THIS->store->computeFSClosure(THIS->store->parseStorePath(SvPV_nolen(ST(n))), paths, flipDirection, includeOutputs); for (auto & i : paths) XPUSHs(sv_2mortal(newSVpv(THIS->store->printStorePath(i).c_str(), 0))); @@ -208,7 +208,7 @@ StoreWrapper::topoSortPaths(...) PPCODE: try { StorePathSet paths; - for (int n = 0; n < items; ++n) paths.insert(THIS->store->parseStorePath(SvPV_nolen(ST(n)))); + for (int n = 1; n < items; ++n) paths.insert(THIS->store->parseStorePath(SvPV_nolen(ST(n)))); auto sorted = THIS->store->topoSortPaths(paths); for (auto & i : sorted) XPUSHs(sv_2mortal(newSVpv(THIS->store->printStorePath(i).c_str(), 0))); @@ -234,7 +234,7 @@ StoreWrapper::exportPaths(int fd, ...) PPCODE: try { StorePathSet paths; - for (int n = 1; n < items; ++n) paths.insert(THIS->store->parseStorePath(SvPV_nolen(ST(n)))); + for (int n = 2; n < items; ++n) paths.insert(THIS->store->parseStorePath(SvPV_nolen(ST(n)))); FdSink sink(fd); THIS->store->exportPaths(paths, sink); } catch (Error & e) { From d712540206fb40d3c26809bdcdd0479a37072df9 Mon Sep 17 00:00:00 2001 From: Cole Helbling Date: Fri, 21 Feb 2025 09:09:05 -0800 Subject: [PATCH 193/815] wip: delete unnecessary CI for now --- .github/workflows/ci.yml | 169 ---------------------------------- .github/workflows/labels.yml | 24 ----- .github/workflows/publish.yml | 23 ----- .github/workflows/test.yml | 21 ----- 4 files changed, 237 deletions(-) delete mode 100644 .github/workflows/ci.yml delete mode 100644 .github/workflows/labels.yml delete mode 100644 .github/workflows/publish.yml delete mode 100644 .github/workflows/test.yml diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml deleted file mode 100644 index c3a96704f77..00000000000 --- a/.github/workflows/ci.yml +++ /dev/null @@ -1,169 +0,0 @@ -name: "CI" - -on: - pull_request: - push: - branches: - - detsys-main - - main - - master - merge_group: - -permissions: - id-token: "write" - contents: "read" - -jobs: - eval: - runs-on: blacksmith-32vcpu-ubuntu-2204 - steps: - - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - uses: DeterminateSystems/nix-installer-action@main - with: - flakehub: true - - run: nix flake show --all-systems --json - - build_x86_64-linux: - uses: ./.github/workflows/build.yml - with: - os: blacksmith-32vcpu-ubuntu-2204 - - build_aarch64-linux: - if: github.event_name == 'merge_group' - uses: ./.github/workflows/build.yml - with: - os: blacksmith-32vcpu-ubuntu-2204-arm - - build_x86_64-darwin: - if: github.event_name == 'merge_group' - uses: ./.github/workflows/build.yml - with: - os: macos-13 - - build_aarch64-darwin: - uses: ./.github/workflows/build.yml - with: - os: macos-latest - - test_x86_64-linux: - uses: ./.github/workflows/test.yml - needs: build_x86_64-linux - with: - os: blacksmith-32vcpu-ubuntu-2204 - - test_aarch64-linux: - if: github.event_name == 'merge_group' - uses: ./.github/workflows/test.yml - needs: build_aarch64-linux - with: - os: blacksmith-32vcpu-ubuntu-2204-arm - - test_x86_64-darwin: - if: github.event_name == 'merge_group' - uses: ./.github/workflows/test.yml - needs: build_aarch64-darwin - with: - os: macos-13 - - test_aarch64-darwin: - if: github.event_name == 'merge_group' - uses: ./.github/workflows/test.yml - needs: build_aarch64-darwin - with: - os: macos-latest - - vm_tests_smoke: - if: github.event_name != 'merge_group' - needs: build_x86_64-linux - runs-on: blacksmith-32vcpu-ubuntu-2204 - steps: - - uses: actions/checkout@v4 - - uses: DeterminateSystems/nix-installer-action@main - with: - flakehub: true - - uses: DeterminateSystems/flakehub-cache-action@main - - run: | - nix build -L \ - .#hydraJobs.tests.functional_user \ - .#hydraJobs.tests.githubFlakes \ - .#hydraJobs.tests.nix-docker \ - .#hydraJobs.tests.tarballFlakes \ - ; - - vm_tests_all: - if: github.event_name == 'merge_group' - needs: build_x86_64-linux - runs-on: blacksmith-32vcpu-ubuntu-2204 - steps: - - uses: actions/checkout@v4 - - uses: DeterminateSystems/nix-installer-action@main - with: - flakehub: true - - uses: DeterminateSystems/flakehub-cache-action@main - - run: | - nix build -L --keep-going \ - $(nix flake show --json \ - | jq -r ' - .hydraJobs.tests - | with_entries(select(.value.type == "derivation")) - | keys[] - | ".#hydraJobs.tests." + .' \ - | head -n5) # FIXME: for testing the merge queue - - flake_regressions: - if: github.event_name == 'merge_group' - needs: build_x86_64-linux - runs-on: blacksmith-32vcpu-ubuntu-2204 - steps: - - name: Checkout nix - uses: actions/checkout@v4 - - name: Checkout flake-regressions - uses: actions/checkout@v4 - with: - repository: DeterminateSystems/flake-regressions - path: flake-regressions - - name: Checkout flake-regressions-data - uses: actions/checkout@v4 - with: - repository: DeterminateSystems/flake-regressions-data - path: flake-regressions/tests - - uses: DeterminateSystems/nix-installer-action@main - with: - flakehub: true - - uses: DeterminateSystems/flakehub-cache-action@main - - run: nix build -L --out-link ./new-nix && PATH=$(pwd)/new-nix/bin:$PATH MAX_FLAKES=50 flake-regressions/eval-all.sh - - manual: - if: github.event_name != 'merge_group' - needs: build_x86_64-linux - runs-on: blacksmith - permissions: - id-token: "write" - contents: "read" - pull-requests: "write" - statuses: "write" - deployments: "write" - steps: - - name: Checkout nix - uses: actions/checkout@v4 - - uses: DeterminateSystems/nix-installer-action@main - with: - flakehub: true - - uses: DeterminateSystems/flakehub-cache-action@main - - name: Build manual - run: nix build .#hydraJobs.manual - - uses: nwtgck/actions-netlify@v3.0 - with: - publish-dir: './result/share/doc/nix/manual' - production-branch: detsys-main - github-token: ${{ secrets.GITHUB_TOKEN }} - deploy-message: "Deploy from GitHub Actions" - enable-pull-request-comment: true - enable-commit-comment: true - enable-commit-status: true - overwrites-pull-request-comment: true - env: - NETLIFY_AUTH_TOKEN: ${{ secrets.NETLIFY_AUTH_TOKEN }} - NETLIFY_SITE_ID: ${{ secrets.NETLIFY_SITE_ID }} diff --git a/.github/workflows/labels.yml b/.github/workflows/labels.yml deleted file mode 100644 index 23a5d9e51fc..00000000000 --- a/.github/workflows/labels.yml +++ /dev/null @@ -1,24 +0,0 @@ -name: "Label PR" - -on: - pull_request_target: - types: [edited, opened, synchronize, reopened] - -# WARNING: -# When extending this action, be aware that $GITHUB_TOKEN allows some write -# access to the GitHub API. This means that it should not evaluate user input in -# a way that allows code injection. - -permissions: - contents: read - pull-requests: write - -jobs: - labels: - runs-on: ubuntu-24.04 - if: github.repository_owner == 'NixOS' - steps: - - uses: actions/labeler@v5 - with: - repo-token: ${{ secrets.GITHUB_TOKEN }} - sync-labels: false diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml deleted file mode 100644 index 00ca3ec534b..00000000000 --- a/.github/workflows/publish.yml +++ /dev/null @@ -1,23 +0,0 @@ -name: Release - -on: - release: - types: - - released - -jobs: - publish: - if: (!github.repository.fork && (github.ref == format('refs/heads/{0}', github.event.repository.default_branch) || startsWith(github.ref, 'refs/tags/'))) - environment: ${{ github.event_name == 'release' && 'production' || '' }} - runs-on: ubuntu-latest - permissions: - contents: read - id-token: write - steps: - - uses: actions/checkout@v4 - - uses: DeterminateSystems/nix-installer-action@main - - uses: "DeterminateSystems/flakehub-push@main" - with: - rolling: ${{ github.ref == format('refs/heads/{0}', github.event.repository.default_branch) }} - visibility: "private" - tag: "${{ github.ref_name }}" diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml deleted file mode 100644 index e58827a9c06..00000000000 --- a/.github/workflows/test.yml +++ /dev/null @@ -1,21 +0,0 @@ -on: - workflow_call: - inputs: - os: - required: true - type: string - -jobs: - - tests: - strategy: - fail-fast: false - runs-on: ${{ inputs.os }} - timeout-minutes: 60 - steps: - - uses: actions/checkout@v4 - - uses: DeterminateSystems/nix-installer-action@main - with: - flakehub: true - - uses: DeterminateSystems/flakehub-cache-action@main - - run: nix flake check -L From b9e654819ab30dec579d2860c94d092695ca259e Mon Sep 17 00:00:00 2001 From: Luc Perkins Date: Fri, 21 Feb 2025 12:26:28 -0500 Subject: [PATCH 194/815] Include only 2.26 in the sidebar release notes --- doc/manual/source/SUMMARY.md.in | 59 +-------------------------------- 1 file changed, 1 insertion(+), 58 deletions(-) diff --git a/doc/manual/source/SUMMARY.md.in b/doc/manual/source/SUMMARY.md.in index f5d19cc6532..066bc04c39d 100644 --- a/doc/manual/source/SUMMARY.md.in +++ b/doc/manual/source/SUMMARY.md.in @@ -131,63 +131,6 @@ - [Determinate Nix Releases Notes](release-notes-determinate/index.md) - [Changes between Nix and Determinate Nix](release-notes-determinate/changes.md) - [Release 1.0 (2024-11-??)](release-notes-determinate/rl-1.0.md) -- [Nix Releases Notes](release-notes/index.md) +- [Nix Release Notes](release-notes/index.md) {{#include ./SUMMARY-rl-next.md}} - [Release 2.26 (2025-01-22)](release-notes/rl-2.26.md) - - [Release 2.25 (2024-11-07)](release-notes/rl-2.25.md) - - [Release 2.24 (2024-07-31)](release-notes/rl-2.24.md) - - [Release 2.23 (2024-06-03)](release-notes/rl-2.23.md) - - [Release 2.22 (2024-04-23)](release-notes/rl-2.22.md) - - [Release 2.21 (2024-03-11)](release-notes/rl-2.21.md) - - [Release 2.20 (2024-01-29)](release-notes/rl-2.20.md) - - [Release 2.19 (2023-11-17)](release-notes/rl-2.19.md) - - [Release 2.18 (2023-09-20)](release-notes/rl-2.18.md) - - [Release 2.17 (2023-07-24)](release-notes/rl-2.17.md) - - [Release 2.16 (2023-05-31)](release-notes/rl-2.16.md) - - [Release 2.15 (2023-04-11)](release-notes/rl-2.15.md) - - [Release 2.14 (2023-02-28)](release-notes/rl-2.14.md) - - [Release 2.13 (2023-01-17)](release-notes/rl-2.13.md) - - [Release 2.12 (2022-12-06)](release-notes/rl-2.12.md) - - [Release 2.11 (2022-08-25)](release-notes/rl-2.11.md) - - [Release 2.10 (2022-07-11)](release-notes/rl-2.10.md) - - [Release 2.9 (2022-05-30)](release-notes/rl-2.9.md) - - [Release 2.8 (2022-04-19)](release-notes/rl-2.8.md) - - [Release 2.7 (2022-03-07)](release-notes/rl-2.7.md) - - [Release 2.6 (2022-01-24)](release-notes/rl-2.6.md) - - [Release 2.5 (2021-12-13)](release-notes/rl-2.5.md) - - [Release 2.4 (2021-11-01)](release-notes/rl-2.4.md) - - [Release 2.3 (2019-09-04)](release-notes/rl-2.3.md) - - [Release 2.2 (2019-01-11)](release-notes/rl-2.2.md) - - [Release 2.1 (2018-09-02)](release-notes/rl-2.1.md) - - [Release 2.0 (2018-02-22)](release-notes/rl-2.0.md) - - [Release 1.11.10 (2017-06-12)](release-notes/rl-1.11.10.md) - - [Release 1.11 (2016-01-19)](release-notes/rl-1.11.md) - - [Release 1.10 (2015-09-03)](release-notes/rl-1.10.md) - - [Release 1.9 (2015-06-12)](release-notes/rl-1.9.md) - - [Release 1.8 (2014-12-14)](release-notes/rl-1.8.md) - - [Release 1.7 (2014-04-11)](release-notes/rl-1.7.md) - - [Release 1.6.1 (2013-10-28)](release-notes/rl-1.6.1.md) - - [Release 1.6 (2013-09-10)](release-notes/rl-1.6.md) - - [Release 1.5.2 (2013-05-13)](release-notes/rl-1.5.2.md) - - [Release 1.5 (2013-02-27)](release-notes/rl-1.5.md) - - [Release 1.4 (2013-02-26)](release-notes/rl-1.4.md) - - [Release 1.3 (2013-01-04)](release-notes/rl-1.3.md) - - [Release 1.2 (2012-12-06)](release-notes/rl-1.2.md) - - [Release 1.1 (2012-07-18)](release-notes/rl-1.1.md) - - [Release 1.0 (2012-05-11)](release-notes/rl-1.0.md) - - [Release 0.16 (2010-08-17)](release-notes/rl-0.16.md) - - [Release 0.15 (2010-03-17)](release-notes/rl-0.15.md) - - [Release 0.14 (2010-02-04)](release-notes/rl-0.14.md) - - [Release 0.13 (2009-11-05)](release-notes/rl-0.13.md) - - [Release 0.12 (2008-11-20)](release-notes/rl-0.12.md) - - [Release 0.11 (2007-12-31)](release-notes/rl-0.11.md) - - [Release 0.10.1 (2006-10-11)](release-notes/rl-0.10.1.md) - - [Release 0.10 (2006-10-06)](release-notes/rl-0.10.md) - - [Release 0.9.2 (2005-09-21)](release-notes/rl-0.9.2.md) - - [Release 0.9.1 (2005-09-20)](release-notes/rl-0.9.1.md) - - [Release 0.9 (2005-09-16)](release-notes/rl-0.9.md) - - [Release 0.8.1 (2005-04-13)](release-notes/rl-0.8.1.md) - - [Release 0.8 (2005-04-11)](release-notes/rl-0.8.md) - - [Release 0.7 (2005-01-12)](release-notes/rl-0.7.md) - - [Release 0.6 (2004-11-14)](release-notes/rl-0.6.md) - - [Release 0.5 and earlier](release-notes/rl-0.5.md) From 2f64b0ff101c9dbecb2d3f0822ceb5bcbfd81964 Mon Sep 17 00:00:00 2001 From: Luc Perkins Date: Fri, 21 Feb 2025 12:30:42 -0500 Subject: [PATCH 195/815] Provide external link instead of internal release notes link --- doc/manual/source/development/experimental-features.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/manual/source/development/experimental-features.md b/doc/manual/source/development/experimental-features.md index ad5cffa91ee..ffcd9f1a80f 100644 --- a/doc/manual/source/development/experimental-features.md +++ b/doc/manual/source/development/experimental-features.md @@ -6,7 +6,7 @@ Experimental features are considered unstable, which means that they can be chan Users must explicitly enable them by toggling the associated [experimental feature flags](@docroot@/command-ref/conf-file.md#conf-experimental-features). This allows accessing unstable functionality without unwittingly relying on it. -Experimental feature flags were first introduced in [Nix 2.4](@docroot@/release-notes/rl-2.4.md). +Experimental feature flags were first introduced in [Nix 2.4](https://nix.dev/manual/nix/2.24/release-notes/rl-2.4). Before that, Nix did have experimental features, but they were not guarded by flags and were merely documented as unstable. This was a source of confusion and controversy. From 2f70d15f7f5886a1e3a60124823d2e560070c488 Mon Sep 17 00:00:00 2001 From: Luc Perkins Date: Fri, 21 Feb 2025 12:36:08 -0500 Subject: [PATCH 196/815] Use /latest URL rather than version specific --- doc/manual/source/development/experimental-features.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/manual/source/development/experimental-features.md b/doc/manual/source/development/experimental-features.md index ffcd9f1a80f..56a45b23890 100644 --- a/doc/manual/source/development/experimental-features.md +++ b/doc/manual/source/development/experimental-features.md @@ -6,7 +6,7 @@ Experimental features are considered unstable, which means that they can be chan Users must explicitly enable them by toggling the associated [experimental feature flags](@docroot@/command-ref/conf-file.md#conf-experimental-features). This allows accessing unstable functionality without unwittingly relying on it. -Experimental feature flags were first introduced in [Nix 2.4](https://nix.dev/manual/nix/2.24/release-notes/rl-2.4). +Experimental feature flags were first introduced in [Nix 2.4](https://nix.dev/manual/nix/latest/release-notes/rl-2.4). Before that, Nix did have experimental features, but they were not guarded by flags and were merely documented as unstable. This was a source of confusion and controversy. From e77d1a760eb75dc91a9288f322ba7e30d9de4888 Mon Sep 17 00:00:00 2001 From: Luc Perkins Date: Fri, 21 Feb 2025 12:38:05 -0500 Subject: [PATCH 197/815] Fix release notes version list --- doc/manual/source/SUMMARY.md.in | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/doc/manual/source/SUMMARY.md.in b/doc/manual/source/SUMMARY.md.in index 36bc18fde92..a6f55853e19 100644 --- a/doc/manual/source/SUMMARY.md.in +++ b/doc/manual/source/SUMMARY.md.in @@ -130,8 +130,7 @@ - [Contributing](development/contributing.md) - [Determinate Nix Releases Notes](release-notes-determinate/index.md) - [Changes between Nix and Determinate Nix](release-notes-determinate/changes.md) - - [Release 1.0 (2024-11-??)](release-notes-determinate/rl-1.0.md) + - [Release 1.0.0 (2025-??-??)](release-notes-determinate/rl-1.0.0.md) - [Nix Release Notes](release-notes/index.md) {{#include ./SUMMARY-rl-next.md}} - - [Release 1.0.0 (2025-??-??)](release-notes-determinate/rl-1.0.0.md) - [Release 2.26 (2025-01-22)](release-notes/rl-2.26.md) From d6bd787e5e4081767a2ee13d9a0f52213ccdaaa8 Mon Sep 17 00:00:00 2001 From: Luc Perkins Date: Fri, 21 Feb 2025 12:45:39 -0500 Subject: [PATCH 198/815] s/releases notes/release notes --- doc/manual/source/SUMMARY.md.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/manual/source/SUMMARY.md.in b/doc/manual/source/SUMMARY.md.in index a6f55853e19..64447e61146 100644 --- a/doc/manual/source/SUMMARY.md.in +++ b/doc/manual/source/SUMMARY.md.in @@ -128,7 +128,7 @@ - [C++ style guide](development/cxx.md) - [Experimental Features](development/experimental-features.md) - [Contributing](development/contributing.md) -- [Determinate Nix Releases Notes](release-notes-determinate/index.md) +- [Determinate Nix Release Notes](release-notes-determinate/index.md) - [Changes between Nix and Determinate Nix](release-notes-determinate/changes.md) - [Release 1.0.0 (2025-??-??)](release-notes-determinate/rl-1.0.0.md) - [Nix Release Notes](release-notes/index.md) From 69553dfc36b650405cf02675873d51f654d23b06 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 21 Feb 2025 18:50:06 +0100 Subject: [PATCH 199/815] Mark the nix CLI as *the* interface in the manual, deprecate nix-* --- doc/manual/source/SUMMARY.md.in | 6 +++--- doc/manual/source/command-ref/experimental-commands.md | 8 -------- doc/manual/source/command-ref/subcommands.md | 3 +++ 3 files changed, 6 insertions(+), 11 deletions(-) delete mode 100644 doc/manual/source/command-ref/experimental-commands.md create mode 100644 doc/manual/source/command-ref/subcommands.md diff --git a/doc/manual/source/SUMMARY.md.in b/doc/manual/source/SUMMARY.md.in index 64447e61146..228bbc88206 100644 --- a/doc/manual/source/SUMMARY.md.in +++ b/doc/manual/source/SUMMARY.md.in @@ -54,7 +54,9 @@ - [Command Reference](command-ref/index.md) - [Common Options](command-ref/opt-common.md) - [Common Environment Variables](command-ref/env-common.md) - - [Main Commands](command-ref/main-commands.md) + - [Subcommands](command-ref/subcommands.md) +{{#include ./command-ref/new-cli/SUMMARY.md}} + - [Deprecated Commands](command-ref/main-commands.md) - [nix-build](command-ref/nix-build.md) - [nix-shell](command-ref/nix-shell.md) - [nix-store](command-ref/nix-store.md) @@ -98,8 +100,6 @@ - [nix-hash](command-ref/nix-hash.md) - [nix-instantiate](command-ref/nix-instantiate.md) - [nix-prefetch-url](command-ref/nix-prefetch-url.md) - - [Experimental Commands](command-ref/experimental-commands.md) -{{#include ./command-ref/new-cli/SUMMARY.md}} - [Files](command-ref/files.md) - [nix.conf](command-ref/conf-file.md) - [Profiles](command-ref/files/profiles.md) diff --git a/doc/manual/source/command-ref/experimental-commands.md b/doc/manual/source/command-ref/experimental-commands.md deleted file mode 100644 index 1190729a230..00000000000 --- a/doc/manual/source/command-ref/experimental-commands.md +++ /dev/null @@ -1,8 +0,0 @@ -# Experimental Commands - -This section lists [experimental commands](@docroot@/development/experimental-features.md#xp-feature-nix-command). - -> **Warning** -> -> These commands may be removed in the future, or their syntax may -> change in incompatible ways. diff --git a/doc/manual/source/command-ref/subcommands.md b/doc/manual/source/command-ref/subcommands.md new file mode 100644 index 00000000000..6a26732338d --- /dev/null +++ b/doc/manual/source/command-ref/subcommands.md @@ -0,0 +1,3 @@ +# Subcommands + +This section lists all the subcommands of the `nix` CLI. From a1d27ff6d21ffbb07411d3f2a2ca3034b7c320a2 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 21 Feb 2025 19:13:51 +0100 Subject: [PATCH 200/815] Include Determinate Nix version number in the manual --- doc/manual/{book.toml => book.toml.in} | 2 +- doc/manual/meson.build | 6 +++++- doc/manual/package.nix | 1 + 3 files changed, 7 insertions(+), 2 deletions(-) rename doc/manual/{book.toml => book.toml.in} (95%) diff --git a/doc/manual/book.toml b/doc/manual/book.toml.in similarity index 95% rename from doc/manual/book.toml rename to doc/manual/book.toml.in index 3b4044fbac5..13c553f015a 100644 --- a/doc/manual/book.toml +++ b/doc/manual/book.toml.in @@ -1,5 +1,5 @@ [book] -title = "Determinate Nix Reference Manual" +title = "Determinate Nix Reference Manual @version@" src = "source" [output.html] diff --git a/doc/manual/meson.build b/doc/manual/meson.build index f0e71458a5d..c251fadb15f 100644 --- a/doc/manual/meson.build +++ b/doc/manual/meson.build @@ -4,6 +4,8 @@ project('nix-manual', license : 'LGPL-2.1-or-later', ) +fs = import('fs') + nix = find_program('nix', native : true) mdbook = find_program('mdbook', native : true) @@ -83,6 +85,7 @@ manual = custom_target( ''' @0@ @INPUT0@ @CURRENT_SOURCE_DIR@ > @DEPFILE@ @0@ @INPUT1@ summary @2@ < @CURRENT_SOURCE_DIR@/source/SUMMARY.md.in > @2@/source/SUMMARY.md + sed -e 's|@version@|@3@|g' < @INPUT2@ > @2@/book.toml rsync -r --include='*.md' @CURRENT_SOURCE_DIR@/ @2@/ (cd @2@; RUST_LOG=warn @1@ build -d @2@ 3>&2 2>&1 1>&3) | { grep -Fv "because fragment resolution isn't implemented" || :; } 3>&2 2>&1 1>&3 rm -rf @2@/manual @@ -92,12 +95,13 @@ manual = custom_target( python.full_path(), mdbook.full_path(), meson.current_build_dir(), + fs.read('../../.version-determinate').strip(), ), ], input : [ generate_manual_deps, 'substitute.py', - 'book.toml', + 'book.toml.in', 'anchors.jq', 'custom.css', nix3_cli_files, diff --git a/doc/manual/package.nix b/doc/manual/package.nix index 8f5d0dfe137..6d93e6f1a5d 100644 --- a/doc/manual/package.nix +++ b/doc/manual/package.nix @@ -30,6 +30,7 @@ mkMesonDerivation (finalAttrs: { fileset.difference (fileset.unions [ ../../.version + ../../.version-determinate # Too many different types of files to filter for now ../../doc/manual ./. From 247ec94041baf5d959ce9b08897819ad4ee85d8a Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 21 Feb 2025 19:19:02 +0100 Subject: [PATCH 201/815] Remove unnecessary ./.version-determinate symlink --- src/libstore/.version-determinate | 1 - src/libstore/meson.build | 2 +- src/libstore/package.nix | 1 - 3 files changed, 1 insertion(+), 3 deletions(-) delete mode 120000 src/libstore/.version-determinate diff --git a/src/libstore/.version-determinate b/src/libstore/.version-determinate deleted file mode 120000 index c4121e0c32d..00000000000 --- a/src/libstore/.version-determinate +++ /dev/null @@ -1 +0,0 @@ -../../.version-determinate \ No newline at end of file diff --git a/src/libstore/meson.build b/src/libstore/meson.build index aaaa5956d24..85192c2990f 100644 --- a/src/libstore/meson.build +++ b/src/libstore/meson.build @@ -22,7 +22,7 @@ configdata = configuration_data() # TODO rename, because it will conflict with downstream projects configdata.set_quoted('PACKAGE_VERSION', meson.project_version()) -configdata.set_quoted('DETERMINATE_NIX_VERSION', fs.read('.version-determinate').strip()) +configdata.set_quoted('DETERMINATE_NIX_VERSION', fs.read('../../.version-determinate').strip()) configdata.set_quoted('SYSTEM', host_machine.cpu_family() + '-' + host_machine.system()) diff --git a/src/libstore/package.nix b/src/libstore/package.nix index fc68f100b38..543694438fc 100644 --- a/src/libstore/package.nix +++ b/src/libstore/package.nix @@ -39,7 +39,6 @@ mkMesonLibrary (finalAttrs: { ../../.version ./.version ../../.version-determinate - ./.version-determinate ./meson.build ./meson.options ./linux/meson.build From f7aaa319781e708471b751d541953003b6548917 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 21 Feb 2025 19:23:03 +0100 Subject: [PATCH 202/815] Tweak title --- doc/manual/book.toml.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/manual/book.toml.in b/doc/manual/book.toml.in index 13c553f015a..7ecbaab0326 100644 --- a/doc/manual/book.toml.in +++ b/doc/manual/book.toml.in @@ -1,5 +1,5 @@ [book] -title = "Determinate Nix Reference Manual @version@" +title = "Determinate Nix @version@ Reference Manual" src = "source" [output.html] From 86f6902e739295018d933c20fea84b1520463eb7 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Fri, 21 Feb 2025 19:09:53 +0000 Subject: [PATCH 203/815] Prepare release v0.37.0 From 2616e857c5ccc2ca02317b5a7b5e18d0dbbb288b Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Fri, 21 Feb 2025 19:09:56 +0000 Subject: [PATCH 204/815] Set .version-determinate to 0.37.0 --- .version-determinate | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.version-determinate b/.version-determinate index 8acdd82b765..0f1a7dfc7c4 100644 --- a/.version-determinate +++ b/.version-determinate @@ -1 +1 @@ -0.0.1 +0.37.0 From c69d5af1053ed36b3d20c4b2cd84c843ed6f49d2 Mon Sep 17 00:00:00 2001 From: Ivan Trubach Date: Tue, 18 Feb 2025 22:09:05 +0300 Subject: [PATCH 205/815] libstore: fix expected bytes in progress bar (cherry picked from commit eb73bfcf73bae4d6e4d37a4882231cd9cb7fbddd) --- src/libstore/store-api.cc | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/src/libstore/store-api.cc b/src/libstore/store-api.cc index 236622eae37..fc3fbcc0fbe 100644 --- a/src/libstore/store-api.cc +++ b/src/libstore/store-api.cc @@ -230,18 +230,22 @@ void Store::addMultipleToStore( { std::atomic nrDone{0}; std::atomic nrFailed{0}; - std::atomic bytesExpected{0}; std::atomic nrRunning{0}; using PathWithInfo = std::pair>; + uint64_t bytesExpected = 0; + std::map infosMap; StorePathSet storePathsToAdd; for (auto & thingToAdd : pathsToCopy) { + bytesExpected += thingToAdd.first.narSize; infosMap.insert_or_assign(thingToAdd.first.path, &thingToAdd); storePathsToAdd.insert(thingToAdd.first.path); } + act.setExpected(actCopyPath, bytesExpected); + auto showProgress = [&, nrTotal = pathsToCopy.size()]() { act.progress(nrDone, nrTotal, nrRunning, nrFailed); }; @@ -259,9 +263,6 @@ void Store::addMultipleToStore( return StorePathSet(); } - bytesExpected += info.narSize; - act.setExpected(actCopyPath, bytesExpected); - return info.references; }, From 8bf0408d3ca2ff4778afbfdfb878d900a918ef0c Mon Sep 17 00:00:00 2001 From: Luc Perkins Date: Fri, 21 Feb 2025 14:20:35 -0500 Subject: [PATCH 206/815] Use DetSys logo --- doc/manual/source/favicon.png | Bin 1205 -> 0 bytes doc/manual/source/favicon.svg | 30 +++++++++++++++++++++++++++++- 2 files changed, 29 insertions(+), 1 deletion(-) delete mode 100644 doc/manual/source/favicon.png diff --git a/doc/manual/source/favicon.png b/doc/manual/source/favicon.png deleted file mode 100644 index 1ed2b5fe0fdf7a6144adc5cdfa31b5f553df4610..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 1205 zcmeAS@N?(olHy`uVBq!ia0vp^0wB!63?wyl`GbL!Lb6AYF9SoB8UsT^3j@P1pisjL z28L1t28LG&3=CE?7#PG0=IjczVPIf#2=EDU1u6(CKb+Wiwr=O+;uW{c*4&A1Jrz{8 z)4ynQ?dJPcYwy%;xnI8WmUr$t-~6qfnQMIVwv;WuQL*Yq-L5CatL}tUABt^18CZ5O zZ{c;IIY350$$p>|3flP?CbiEsc~jS!_w~D@-8-UT(J^iW{g;gG5$d2=oUQB>1m z@0`tUsjG?>Uj}-le#`xk$|De!wc8%H9(?})|Nq7v4}s!!o9``u`G4xw?{%B*m9M-R zQVF#5P*BAYs3W&O0$NnJ^+EmC2f#3iZ95)VdI0Dcpiyv-WY0P0p1#T_Z>w*?cE6%s z0mXX*O7{cRz=NWC>%+j(ZC*JW9phIsFhqD|Z2-E>D|<5oL#Aiu_JGoT5S2AM9(m_% z^2y&CR-T^|Z`YHa^B;WkcK|~ywEAG>n%i}o z?*m;33^cfn5C+gCK-VVsovq)Bq973HJg^IaA?BI2x8vB0x*d-|{@wK?2;{Xx@L&gd z6Br#}DWLg41A!_7O7;R1&jO{3!1TqiyCldDl>V>-|M%V{f8t%=1*kvR${~LK!l5U+ zE;&bk_oXlWQ^n1wc;Wk}FW#{_g-;-%DvtP?D4mF z3v@eUlDE4HLkFv@2av;A;1O92%udl*pgo2QFoh{WaOgaa%+lY%b!7;P&0 z#MO01K~H({q)lC`X638PfeR-pwsWptDH(9!&Y?@EZXLUJ?%u(R zCvUb+Y&?7Q?A^ncPv1U%{k*+`LB~Wz3l$R`8>LBem9?zY%+A@&Q&cq6v{aosxqG&{ zZmqvtnwWE$-@AKzYU1qb8k-I+dNe7hZPTZ&Q>$J{IWD}l>sQ;cWoc{=r(N6jt?%5r zck}M;`^PElD$%0uJI|=}))z_R^t1Df!;|M3G=KQRx`_L`Zq%NXmz(B1)oy8II+Uax zzII#0=CZrLc%@q#nRs{}%{I%wxhr?~k-oXRTQ>fXWq5hY \ No newline at end of file + + + + + + + + + + + + + + + + + + + + + + + + + + + + + From 6b8a7514983103d326da5ca5a6110e07b747550d Mon Sep 17 00:00:00 2001 From: Luc Perkins Date: Fri, 21 Feb 2025 14:26:12 -0500 Subject: [PATCH 207/815] Make image smaller --- doc/manual/custom.css | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/doc/manual/custom.css b/doc/manual/custom.css index 7af150be391..119c6d12543 100644 --- a/doc/manual/custom.css +++ b/doc/manual/custom.css @@ -1,5 +1,5 @@ :root { - --sidebar-width: 23em; + --sidebar-width: 23em; } h1.menu-title::before { @@ -7,11 +7,10 @@ h1.menu-title::before { background-image: url("./favicon.svg"); padding: 1.25em; background-position: center center; - background-size: 2em; + background-size: 1.5em; background-repeat: no-repeat; } - .menu-bar { padding: 0.5em 0em; } @@ -21,13 +20,13 @@ h1.menu-title::before { } h1:not(:first-of-type) { - margin-top: 1.3em; + margin-top: 1.3em; } h2 { - margin-top: 1em; + margin-top: 1em; } .hljs-meta { - user-select: none; + user-select: none; } From 8bc379cad2f6f6807ad8a6f28c1ea865f7cec4b4 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Fri, 21 Feb 2025 20:13:11 +0000 Subject: [PATCH 208/815] Prepare release v0.37.1 From 0c1e1e65d6975c32862db3bf133312e212542eda Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Fri, 21 Feb 2025 20:13:14 +0000 Subject: [PATCH 209/815] Set .version-determinate to 0.37.1 --- .version-determinate | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.version-determinate b/.version-determinate index 0f1a7dfc7c4..9b1bb851239 100644 --- a/.version-determinate +++ b/.version-determinate @@ -1 +1 @@ -0.37.0 +0.37.1 From 90581c9d66173ab1e1b92626a4177620a97f6cf2 Mon Sep 17 00:00:00 2001 From: Cole Helbling Date: Thu, 20 Feb 2025 14:00:48 -0800 Subject: [PATCH 210/815] Setup uploading PRs, tags, and branches to IDS --- .github/workflows/build.yml | 9 +++- .github/workflows/release-branches.yml | 20 ++++++++ .github/workflows/release-prs.yml | 30 +++++++++++ .github/workflows/release-tags.yml | 18 +++++++ .github/workflows/upload-release.yml | 71 ++++++++++++++++++++++++++ flake.nix | 31 +++++++++++ 6 files changed, 178 insertions(+), 1 deletion(-) create mode 100644 .github/workflows/release-branches.yml create mode 100644 .github/workflows/release-prs.yml create mode 100644 .github/workflows/release-tags.yml create mode 100644 .github/workflows/upload-release.yml diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 7e3c9872d54..f041267474c 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -18,4 +18,11 @@ jobs: with: flakehub: true - uses: DeterminateSystems/flakehub-cache-action@main - - run: nix build . .#binaryTarball -L + - run: echo "system=$(nix eval --impure --raw --expr 'builtins.currentSystem')" >> "$GITHUB_OUTPUT" + id: system + - run: nix build .# .#binaryTarball --no-link -L + - run: nix build .#binaryTarball --out-link tarball + - uses: actions/upload-artifact@v4 + with: + name: ${{ steps.system.outputs.system }} + path: ./tarball/*.xz diff --git a/.github/workflows/release-branches.yml b/.github/workflows/release-branches.yml new file mode 100644 index 00000000000..38e4044edad --- /dev/null +++ b/.github/workflows/release-branches.yml @@ -0,0 +1,20 @@ +name: Release Branch + +concurrency: + group: release + +on: + push: + branches: + # NOTE: make sure any branches here are also valid directory names, + # otherwise creating the directory and uploading to s3 will fail + - "main" + +permissions: + id-token: "write" + contents: "read" + +jobs: + release-branch: + uses: ./.github/workflows/upload-release.yml + secrets: inherit diff --git a/.github/workflows/release-prs.yml b/.github/workflows/release-prs.yml new file mode 100644 index 00000000000..818083c6835 --- /dev/null +++ b/.github/workflows/release-prs.yml @@ -0,0 +1,30 @@ +name: Release PR + +concurrency: + group: release + +on: + pull_request: + types: + - opened + - reopened + - synchronize + - labeled + +permissions: + id-token: "write" + contents: "read" + +jobs: + release-pr: + # Only intra-repo PRs are allowed to have PR artifacts uploaded + # We only want to trigger once the upload once in the case the upload label is added, not when any label is added + if: | + always() && !failure() && !cancelled() + && github.event.pull_request.head.repo.full_name == 'DeterminateSystems/nix-priv' + && ( + (github.event.action == 'labeled' && github.event.label.name == 'upload to s3') + || (github.event.action != 'labeled' && contains(github.event.pull_request.labels.*.name, 'upload to s3')) + ) + uses: ./.github/workflows/upload-release.yml + secrets: inherit diff --git a/.github/workflows/release-tags.yml b/.github/workflows/release-tags.yml new file mode 100644 index 00000000000..709fbb92a44 --- /dev/null +++ b/.github/workflows/release-tags.yml @@ -0,0 +1,18 @@ +name: Release Tags + +concurrency: + group: release + +on: + push: + tags: + - "v*.*.*" + +permissions: + contents: write # In order to upload artifacts to GitHub releases + id-token: write # In order to request a JWT for AWS auth + +jobs: + release-tag: + uses: ./.github/workflows/upload-release.yml + secrets: inherit diff --git a/.github/workflows/upload-release.yml b/.github/workflows/upload-release.yml new file mode 100644 index 00000000000..bec5816be61 --- /dev/null +++ b/.github/workflows/upload-release.yml @@ -0,0 +1,71 @@ +name: Upload release + +concurrency: + group: upload-release + +on: + workflow_call: + +permissions: + id-token: "write" + contents: "read" + +jobs: + build-x86_64-linux: + uses: ./.github/workflows/build.yml + with: + os: blacksmith-32vcpu-ubuntu-2204 + build-aarch64-linux: + uses: ./.github/workflows/build.yml + with: + os: blacksmith-32vcpu-ubuntu-2204-arm + build-x86_64-darwin: + uses: ./.github/workflows/build.yml + with: + os: macos-13 + build-aarch64-darwin: + uses: ./.github/workflows/build.yml + with: + os: macos-latest + + release: + runs-on: ubuntu-latest + needs: + - build-x86_64-linux + - build-aarch64-linux + - build-x86_64-darwin + - build-aarch64-darwin + steps: + - name: Checkout + uses: actions/checkout@v4 + - uses: "DeterminateSystems/nix-installer-action@main" + with: + determinate: true + + - name: Create artifacts directory + run: mkdir -p ./artifacts + + - name: Fetch artifacts + uses: actions/download-artifact@v4 + with: + path: downloaded + - name: Move downloaded artifacts to artifacts directory + run: | + for dir in ./downloaded/*; do + arch="$(basename "$dir")" + mv "$dir"/*.xz ./artifacts/"${arch}" + done + + - name: Build fallback-paths.nix + run: | + nix build .#fallbackPathsNix --out-link fallback + cat fallback > ./artifacts/fallback-paths.nix + + - uses: DeterminateSystems/push-artifact-ids@main + with: + s3_upload_role: ${{ secrets.AWS_S3_UPLOAD_ROLE_ARN }} + bucket: ${{ secrets.AWS_S3_UPLOAD_BUCKET_NAME }} + directory: ./artifacts + ids_project_name: determinate-nix + ids_binary_prefix: determinate-nix + skip_acl: true diff --git a/flake.nix b/flake.nix index 29111b45382..a499c0dcb07 100644 --- a/flake.nix +++ b/flake.nix @@ -294,6 +294,37 @@ nix-manual = nixpkgsFor.${system}.native.nixComponents.nix-manual; nix-internal-api-docs = nixpkgsFor.${system}.native.nixComponents.nix-internal-api-docs; nix-external-api-docs = nixpkgsFor.${system}.native.nixComponents.nix-external-api-docs; + + fallbackPathsNix = + let + pkgs = nixpkgsFor.${system}.native; + + # NOTE(cole-h): discard string context so that it doesn't try to build, we just care about the outPaths + closures = forAllSystems (system: builtins.unsafeDiscardStringContext self.packages.${system}.default.outPath); + + closures_json = pkgs.runCommand "versions.json" + { + buildInputs = [ pkgs.jq ]; + passAsFile = [ "json" ]; + json = builtins.toJSON closures; + } '' + cat "$jsonPath" | jq . > $out + ''; + + closures_nix = pkgs.runCommand "versions.nix" + { + buildInputs = [ pkgs.jq ]; + passAsFile = [ "template" ]; + jsonPath = closures_json; + template = '' + builtins.fromJSON('''@closures@''') + ''; + } '' + export closures=$(cat "$jsonPath"); + substituteAll "$templatePath" "$out" + ''; + in + closures_nix; } # We need to flatten recursive attribute sets of derivations to pass `flake check`. // From 702bde8bf0577ebb4df9037d213225eae60155cb Mon Sep 17 00:00:00 2001 From: Cole Helbling Date: Fri, 21 Feb 2025 13:02:04 -0800 Subject: [PATCH 211/815] Revert "wip: delete unnecessary CI for now" This reverts commit d712540206fb40d3c26809bdcdd0479a37072df9. --- .github/workflows/ci.yml | 169 ++++++++++++++++++++++++++++++++++ .github/workflows/labels.yml | 24 +++++ .github/workflows/publish.yml | 23 +++++ .github/workflows/test.yml | 21 +++++ 4 files changed, 237 insertions(+) create mode 100644 .github/workflows/ci.yml create mode 100644 .github/workflows/labels.yml create mode 100644 .github/workflows/publish.yml create mode 100644 .github/workflows/test.yml diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 00000000000..c3a96704f77 --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,169 @@ +name: "CI" + +on: + pull_request: + push: + branches: + - detsys-main + - main + - master + merge_group: + +permissions: + id-token: "write" + contents: "read" + +jobs: + eval: + runs-on: blacksmith-32vcpu-ubuntu-2204 + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + - uses: DeterminateSystems/nix-installer-action@main + with: + flakehub: true + - run: nix flake show --all-systems --json + + build_x86_64-linux: + uses: ./.github/workflows/build.yml + with: + os: blacksmith-32vcpu-ubuntu-2204 + + build_aarch64-linux: + if: github.event_name == 'merge_group' + uses: ./.github/workflows/build.yml + with: + os: blacksmith-32vcpu-ubuntu-2204-arm + + build_x86_64-darwin: + if: github.event_name == 'merge_group' + uses: ./.github/workflows/build.yml + with: + os: macos-13 + + build_aarch64-darwin: + uses: ./.github/workflows/build.yml + with: + os: macos-latest + + test_x86_64-linux: + uses: ./.github/workflows/test.yml + needs: build_x86_64-linux + with: + os: blacksmith-32vcpu-ubuntu-2204 + + test_aarch64-linux: + if: github.event_name == 'merge_group' + uses: ./.github/workflows/test.yml + needs: build_aarch64-linux + with: + os: blacksmith-32vcpu-ubuntu-2204-arm + + test_x86_64-darwin: + if: github.event_name == 'merge_group' + uses: ./.github/workflows/test.yml + needs: build_aarch64-darwin + with: + os: macos-13 + + test_aarch64-darwin: + if: github.event_name == 'merge_group' + uses: ./.github/workflows/test.yml + needs: build_aarch64-darwin + with: + os: macos-latest + + vm_tests_smoke: + if: github.event_name != 'merge_group' + needs: build_x86_64-linux + runs-on: blacksmith-32vcpu-ubuntu-2204 + steps: + - uses: actions/checkout@v4 + - uses: DeterminateSystems/nix-installer-action@main + with: + flakehub: true + - uses: DeterminateSystems/flakehub-cache-action@main + - run: | + nix build -L \ + .#hydraJobs.tests.functional_user \ + .#hydraJobs.tests.githubFlakes \ + .#hydraJobs.tests.nix-docker \ + .#hydraJobs.tests.tarballFlakes \ + ; + + vm_tests_all: + if: github.event_name == 'merge_group' + needs: build_x86_64-linux + runs-on: blacksmith-32vcpu-ubuntu-2204 + steps: + - uses: actions/checkout@v4 + - uses: DeterminateSystems/nix-installer-action@main + with: + flakehub: true + - uses: DeterminateSystems/flakehub-cache-action@main + - run: | + nix build -L --keep-going \ + $(nix flake show --json \ + | jq -r ' + .hydraJobs.tests + | with_entries(select(.value.type == "derivation")) + | keys[] + | ".#hydraJobs.tests." + .' \ + | head -n5) # FIXME: for testing the merge queue + + flake_regressions: + if: github.event_name == 'merge_group' + needs: build_x86_64-linux + runs-on: blacksmith-32vcpu-ubuntu-2204 + steps: + - name: Checkout nix + uses: actions/checkout@v4 + - name: Checkout flake-regressions + uses: actions/checkout@v4 + with: + repository: DeterminateSystems/flake-regressions + path: flake-regressions + - name: Checkout flake-regressions-data + uses: actions/checkout@v4 + with: + repository: DeterminateSystems/flake-regressions-data + path: flake-regressions/tests + - uses: DeterminateSystems/nix-installer-action@main + with: + flakehub: true + - uses: DeterminateSystems/flakehub-cache-action@main + - run: nix build -L --out-link ./new-nix && PATH=$(pwd)/new-nix/bin:$PATH MAX_FLAKES=50 flake-regressions/eval-all.sh + + manual: + if: github.event_name != 'merge_group' + needs: build_x86_64-linux + runs-on: blacksmith + permissions: + id-token: "write" + contents: "read" + pull-requests: "write" + statuses: "write" + deployments: "write" + steps: + - name: Checkout nix + uses: actions/checkout@v4 + - uses: DeterminateSystems/nix-installer-action@main + with: + flakehub: true + - uses: DeterminateSystems/flakehub-cache-action@main + - name: Build manual + run: nix build .#hydraJobs.manual + - uses: nwtgck/actions-netlify@v3.0 + with: + publish-dir: './result/share/doc/nix/manual' + production-branch: detsys-main + github-token: ${{ secrets.GITHUB_TOKEN }} + deploy-message: "Deploy from GitHub Actions" + enable-pull-request-comment: true + enable-commit-comment: true + enable-commit-status: true + overwrites-pull-request-comment: true + env: + NETLIFY_AUTH_TOKEN: ${{ secrets.NETLIFY_AUTH_TOKEN }} + NETLIFY_SITE_ID: ${{ secrets.NETLIFY_SITE_ID }} diff --git a/.github/workflows/labels.yml b/.github/workflows/labels.yml new file mode 100644 index 00000000000..23a5d9e51fc --- /dev/null +++ b/.github/workflows/labels.yml @@ -0,0 +1,24 @@ +name: "Label PR" + +on: + pull_request_target: + types: [edited, opened, synchronize, reopened] + +# WARNING: +# When extending this action, be aware that $GITHUB_TOKEN allows some write +# access to the GitHub API. This means that it should not evaluate user input in +# a way that allows code injection. + +permissions: + contents: read + pull-requests: write + +jobs: + labels: + runs-on: ubuntu-24.04 + if: github.repository_owner == 'NixOS' + steps: + - uses: actions/labeler@v5 + with: + repo-token: ${{ secrets.GITHUB_TOKEN }} + sync-labels: false diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml new file mode 100644 index 00000000000..00ca3ec534b --- /dev/null +++ b/.github/workflows/publish.yml @@ -0,0 +1,23 @@ +name: Release + +on: + release: + types: + - released + +jobs: + publish: + if: (!github.repository.fork && (github.ref == format('refs/heads/{0}', github.event.repository.default_branch) || startsWith(github.ref, 'refs/tags/'))) + environment: ${{ github.event_name == 'release' && 'production' || '' }} + runs-on: ubuntu-latest + permissions: + contents: read + id-token: write + steps: + - uses: actions/checkout@v4 + - uses: DeterminateSystems/nix-installer-action@main + - uses: "DeterminateSystems/flakehub-push@main" + with: + rolling: ${{ github.ref == format('refs/heads/{0}', github.event.repository.default_branch) }} + visibility: "private" + tag: "${{ github.ref_name }}" diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml new file mode 100644 index 00000000000..e58827a9c06 --- /dev/null +++ b/.github/workflows/test.yml @@ -0,0 +1,21 @@ +on: + workflow_call: + inputs: + os: + required: true + type: string + +jobs: + + tests: + strategy: + fail-fast: false + runs-on: ${{ inputs.os }} + timeout-minutes: 60 + steps: + - uses: actions/checkout@v4 + - uses: DeterminateSystems/nix-installer-action@main + with: + flakehub: true + - uses: DeterminateSystems/flakehub-cache-action@main + - run: nix flake check -L From dee23a0c1412aa5fb5b1ed35cd7824705c947344 Mon Sep 17 00:00:00 2001 From: Cole Helbling Date: Fri, 21 Feb 2025 13:29:34 -0800 Subject: [PATCH 212/815] Fold the release things into one workflow --- .github/workflows/release-branches.yml | 20 ----------------- .github/workflows/release-prs.yml | 30 -------------------------- .github/workflows/release-tags.yml | 18 ---------------- .github/workflows/upload-release.yml | 13 +++++++++++ 4 files changed, 13 insertions(+), 68 deletions(-) delete mode 100644 .github/workflows/release-branches.yml delete mode 100644 .github/workflows/release-prs.yml delete mode 100644 .github/workflows/release-tags.yml diff --git a/.github/workflows/release-branches.yml b/.github/workflows/release-branches.yml deleted file mode 100644 index 38e4044edad..00000000000 --- a/.github/workflows/release-branches.yml +++ /dev/null @@ -1,20 +0,0 @@ -name: Release Branch - -concurrency: - group: release - -on: - push: - branches: - # NOTE: make sure any branches here are also valid directory names, - # otherwise creating the directory and uploading to s3 will fail - - "main" - -permissions: - id-token: "write" - contents: "read" - -jobs: - release-branch: - uses: ./.github/workflows/upload-release.yml - secrets: inherit diff --git a/.github/workflows/release-prs.yml b/.github/workflows/release-prs.yml deleted file mode 100644 index 818083c6835..00000000000 --- a/.github/workflows/release-prs.yml +++ /dev/null @@ -1,30 +0,0 @@ -name: Release PR - -concurrency: - group: release - -on: - pull_request: - types: - - opened - - reopened - - synchronize - - labeled - -permissions: - id-token: "write" - contents: "read" - -jobs: - release-pr: - # Only intra-repo PRs are allowed to have PR artifacts uploaded - # We only want to trigger once the upload once in the case the upload label is added, not when any label is added - if: | - always() && !failure() && !cancelled() - && github.event.pull_request.head.repo.full_name == 'DeterminateSystems/nix-priv' - && ( - (github.event.action == 'labeled' && github.event.label.name == 'upload to s3') - || (github.event.action != 'labeled' && contains(github.event.pull_request.labels.*.name, 'upload to s3')) - ) - uses: ./.github/workflows/upload-release.yml - secrets: inherit diff --git a/.github/workflows/release-tags.yml b/.github/workflows/release-tags.yml deleted file mode 100644 index 709fbb92a44..00000000000 --- a/.github/workflows/release-tags.yml +++ /dev/null @@ -1,18 +0,0 @@ -name: Release Tags - -concurrency: - group: release - -on: - push: - tags: - - "v*.*.*" - -permissions: - contents: write # In order to upload artifacts to GitHub releases - id-token: write # In order to request a JWT for AWS auth - -jobs: - release-tag: - uses: ./.github/workflows/upload-release.yml - secrets: inherit diff --git a/.github/workflows/upload-release.yml b/.github/workflows/upload-release.yml index bec5816be61..cffbb315e10 100644 --- a/.github/workflows/upload-release.yml +++ b/.github/workflows/upload-release.yml @@ -5,6 +5,19 @@ concurrency: on: workflow_call: + push: + branches: + # NOTE: make sure any branches here are also valid directory names, + # otherwise creating the directory and uploading to s3 will fail + - "main" + tags: + - "v*.*.*" + pull_request: + types: + - opened + - reopened + - synchronize + - labeled permissions: id-token: "write" From 14818b0d8817ce50145967768c8b2ade08f9b931 Mon Sep 17 00:00:00 2001 From: Cole Helbling Date: Fri, 21 Feb 2025 13:31:58 -0800 Subject: [PATCH 213/815] fixup: use release not tags --- .github/workflows/upload-release.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/upload-release.yml b/.github/workflows/upload-release.yml index cffbb315e10..6fbf334204c 100644 --- a/.github/workflows/upload-release.yml +++ b/.github/workflows/upload-release.yml @@ -10,14 +10,15 @@ on: # NOTE: make sure any branches here are also valid directory names, # otherwise creating the directory and uploading to s3 will fail - "main" - tags: - - "v*.*.*" pull_request: types: - opened - reopened - synchronize - labeled + release: + types: + - released permissions: id-token: "write" From a341be4d9b8ed69322a281613c2ef7135d9d4578 Mon Sep 17 00:00:00 2001 From: Cole Helbling Date: Fri, 21 Feb 2025 13:33:56 -0800 Subject: [PATCH 214/815] fixup: fold publish.yml into upload-release.yml --- .github/workflows/publish.yml | 23 ----------------------- .github/workflows/upload-release.yml | 18 ++++++++++++++++++ 2 files changed, 18 insertions(+), 23 deletions(-) delete mode 100644 .github/workflows/publish.yml diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml deleted file mode 100644 index 00ca3ec534b..00000000000 --- a/.github/workflows/publish.yml +++ /dev/null @@ -1,23 +0,0 @@ -name: Release - -on: - release: - types: - - released - -jobs: - publish: - if: (!github.repository.fork && (github.ref == format('refs/heads/{0}', github.event.repository.default_branch) || startsWith(github.ref, 'refs/tags/'))) - environment: ${{ github.event_name == 'release' && 'production' || '' }} - runs-on: ubuntu-latest - permissions: - contents: read - id-token: write - steps: - - uses: actions/checkout@v4 - - uses: DeterminateSystems/nix-installer-action@main - - uses: "DeterminateSystems/flakehub-push@main" - with: - rolling: ${{ github.ref == format('refs/heads/{0}', github.event.repository.default_branch) }} - visibility: "private" - tag: "${{ github.ref_name }}" diff --git a/.github/workflows/upload-release.yml b/.github/workflows/upload-release.yml index 6fbf334204c..5e09c010ce7 100644 --- a/.github/workflows/upload-release.yml +++ b/.github/workflows/upload-release.yml @@ -83,3 +83,21 @@ jobs: ids_project_name: determinate-nix ids_binary_prefix: determinate-nix skip_acl: true + + publish: + needs: + - release + if: (!github.repository.fork && (github.ref == format('refs/heads/{0}', github.event.repository.default_branch) || startsWith(github.ref, 'refs/tags/'))) + environment: ${{ github.event_name == 'release' && 'production' || '' }} + runs-on: ubuntu-latest + permissions: + contents: read + id-token: write + steps: + - uses: actions/checkout@v4 + - uses: DeterminateSystems/nix-installer-action@main + - uses: "DeterminateSystems/flakehub-push@main" + with: + rolling: ${{ github.ref == format('refs/heads/{0}', github.event.repository.default_branch) }} + visibility: "private" + tag: "${{ github.ref_name }}" From a4e9b65c3a065941167bb5567203e4d406d076fb Mon Sep 17 00:00:00 2001 From: Cole Helbling Date: Fri, 21 Feb 2025 13:50:29 -0800 Subject: [PATCH 215/815] fixup: remove unsafeDiscardStringContext? --- flake.nix | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/flake.nix b/flake.nix index a499c0dcb07..04f3e4d87c9 100644 --- a/flake.nix +++ b/flake.nix @@ -299,8 +299,7 @@ let pkgs = nixpkgsFor.${system}.native; - # NOTE(cole-h): discard string context so that it doesn't try to build, we just care about the outPaths - closures = forAllSystems (system: builtins.unsafeDiscardStringContext self.packages.${system}.default.outPath); + closures = forAllSystems (system: self.packages.${system}.default.outPath); closures_json = pkgs.runCommand "versions.json" { From ec42d3a0777cd5d38d2ea5550a1fc44fc999fd73 Mon Sep 17 00:00:00 2001 From: Cole Helbling Date: Fri, 21 Feb 2025 14:16:36 -0800 Subject: [PATCH 216/815] fixup: default branch name --- .github/workflows/upload-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/upload-release.yml b/.github/workflows/upload-release.yml index 5e09c010ce7..0db501ef5ad 100644 --- a/.github/workflows/upload-release.yml +++ b/.github/workflows/upload-release.yml @@ -9,7 +9,7 @@ on: branches: # NOTE: make sure any branches here are also valid directory names, # otherwise creating the directory and uploading to s3 will fail - - "main" + - "detsys-main" pull_request: types: - opened From 158d79ddb5c705f62f0dd716a138ddc884bb1349 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Sat, 22 Feb 2025 16:45:16 +0000 Subject: [PATCH 217/815] Prepare release v0.37.2 From 84fb833d5badaa287b0f02d258c080b816748948 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Sat, 22 Feb 2025 16:45:19 +0000 Subject: [PATCH 218/815] Set .version-determinate to 0.37.2 --- .version-determinate | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.version-determinate b/.version-determinate index 9b1bb851239..8570a3aeb97 100644 --- a/.version-determinate +++ b/.version-determinate @@ -1 +1 @@ -0.37.1 +0.37.2 From d670380bd9f63d83655a0bde71b285103735b072 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 24 Feb 2025 15:30:30 +0100 Subject: [PATCH 219/815] nix flake archive: Skip relative path inputs Fixes #12438. (cherry picked from commit b4dfeafed5e2b0d8d6fd90bef4d3bed24caa4734) --- src/nix/flake.cc | 4 +++- tests/functional/flakes/relative-paths.sh | 3 +++ 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/src/nix/flake.cc b/src/nix/flake.cc index 4d5cad1a8b7..87eaafd1592 100644 --- a/src/nix/flake.cc +++ b/src/nix/flake.cc @@ -1088,12 +1088,14 @@ struct CmdFlakeArchive : FlakeCommand, MixJSON, MixDryRun nlohmann::json jsonObj2 = json ? json::object() : nlohmann::json(nullptr); for (auto & [inputName, input] : node.inputs) { if (auto inputNode = std::get_if<0>(&input)) { + if ((*inputNode)->lockedRef.input.isRelative()) + continue; auto storePath = dryRun ? (*inputNode)->lockedRef.input.computeStorePath(*store) : (*inputNode)->lockedRef.input.fetchToStore(store).first; if (json) { - auto& jsonObj3 = jsonObj2[inputName]; + auto & jsonObj3 = jsonObj2[inputName]; jsonObj3["path"] = store->printStorePath(storePath); sources.insert(std::move(storePath)); jsonObj3["inputs"] = traverse(**inputNode); diff --git a/tests/functional/flakes/relative-paths.sh b/tests/functional/flakes/relative-paths.sh index 9b93da9c1ca..ac4b07eb274 100644 --- a/tests/functional/flakes/relative-paths.sh +++ b/tests/functional/flakes/relative-paths.sh @@ -76,6 +76,9 @@ if ! isTestOnNixOS; then fi (! grep narHash "$subflake2/flake.lock") +# Test `nix flake archive` with relative path flakes. +nix flake archive --json "$rootFlake" + # Test circular relative path flakes. FIXME: doesn't work at the moment. if false; then From ab493636cd9ae326d8018d11ac7495dca54b7fab Mon Sep 17 00:00:00 2001 From: Cole Helbling Date: Mon, 24 Feb 2025 11:19:08 -0800 Subject: [PATCH 220/815] fixup: upload-release needs to configure allowed_branches --- .github/workflows/upload-release.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/upload-release.yml b/.github/workflows/upload-release.yml index 0db501ef5ad..2eaf48d0ece 100644 --- a/.github/workflows/upload-release.yml +++ b/.github/workflows/upload-release.yml @@ -83,6 +83,7 @@ jobs: ids_project_name: determinate-nix ids_binary_prefix: determinate-nix skip_acl: true + allowed_branches: '["detsys-main"]' publish: needs: From 9e87a583142e0dccb04588445d7a807392385903 Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Mon, 24 Feb 2025 16:44:12 +0100 Subject: [PATCH 221/815] packaging: Use correct stdenv for x86_64-darwin (cherry picked from commit 0772c2e3abc269f5e3aa8dd1fa055fba523d60ee) --- flake.nix | 1 - packaging/components.nix | 10 +++++++++- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/flake.nix b/flake.nix index f5c7780d590..0c0ddfa474d 100644 --- a/flake.nix +++ b/flake.nix @@ -165,7 +165,6 @@ f = import ./packaging/components.nix { inherit (final) lib; inherit officialRelease; - inherit stdenv; pkgs = final; src = self; }; diff --git a/packaging/components.nix b/packaging/components.nix index b1ef38302f5..9da864887cc 100644 --- a/packaging/components.nix +++ b/packaging/components.nix @@ -2,7 +2,6 @@ lib, pkgs, src, - stdenv, officialRelease, }: @@ -12,6 +11,15 @@ let inherit (scope) callPackage ; + inherit + (scope.callPackage ( + { stdenv }: + { + inherit stdenv; + } + ) { }) + stdenv + ; inherit (pkgs.buildPackages) meson ninja From 605b2371f96c020516ee3e9596ff6df3db0f0be5 Mon Sep 17 00:00:00 2001 From: "mergify[bot]" <37929162+mergify[bot]@users.noreply.github.com> Date: Mon, 24 Feb 2025 21:30:35 +0000 Subject: [PATCH 222/815] windows: fix compilation after recent changes (backport #12495) (#12561) * windows: fix compilation after recent changes Specifically last few week's merges involving legacy SSH options and dynamic derivations. (cherry picked from commit e0617d25453760e2f5817ece317914eee9330768) # Conflicts: # src/libstore/build/derivation-creation-and-realisation-goal.hh * Remove unneeded * Remove unneeded --------- Co-authored-by: Brian McKenna Co-authored-by: Eelco Dolstra --- src/libstore/legacy-ssh-store.cc | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/libstore/legacy-ssh-store.cc b/src/libstore/legacy-ssh-store.cc index 3849f088dd5..480f4105939 100644 --- a/src/libstore/legacy-ssh-store.cc +++ b/src/libstore/legacy-ssh-store.cc @@ -367,7 +367,12 @@ unsigned int LegacySSHStore::getProtocol() pid_t LegacySSHStore::getConnectionPid() { auto conn(connections->get()); +#ifndef _WIN32 return conn->sshConn->sshPid; +#else + // TODO: Implement + return 0; +#endif } From 91508de3152b4448b44d9e48b749570077ff473f Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 24 Feb 2025 17:46:43 +0100 Subject: [PATCH 223/815] nix flake archive: Recurse into relative path inputs We can't ignore them entirely, since we do want to archive their transitive inputs. Fixes #12438. (cherry picked from commit 14c9755462cc8ee61ba7a34da48fcfc34d3b110c) --- src/nix/flake.cc | 22 +++++++++++----------- tests/functional/flakes/common.sh | 14 +++++++++++--- tests/functional/flakes/relative-paths.sh | 14 ++++++++++++-- 3 files changed, 34 insertions(+), 16 deletions(-) diff --git a/src/nix/flake.cc b/src/nix/flake.cc index 87eaafd1592..9259743f434 100644 --- a/src/nix/flake.cc +++ b/src/nix/flake.cc @@ -1088,21 +1088,21 @@ struct CmdFlakeArchive : FlakeCommand, MixJSON, MixDryRun nlohmann::json jsonObj2 = json ? json::object() : nlohmann::json(nullptr); for (auto & [inputName, input] : node.inputs) { if (auto inputNode = std::get_if<0>(&input)) { - if ((*inputNode)->lockedRef.input.isRelative()) - continue; - auto storePath = - dryRun - ? (*inputNode)->lockedRef.input.computeStorePath(*store) - : (*inputNode)->lockedRef.input.fetchToStore(store).first; + std::optional storePath; + if (!(*inputNode)->lockedRef.input.isRelative()) { + storePath = + dryRun + ? (*inputNode)->lockedRef.input.computeStorePath(*store) + : (*inputNode)->lockedRef.input.fetchToStore(store).first; + sources.insert(*storePath); + } if (json) { auto & jsonObj3 = jsonObj2[inputName]; - jsonObj3["path"] = store->printStorePath(storePath); - sources.insert(std::move(storePath)); + if (storePath) + jsonObj3["path"] = store->printStorePath(*storePath); jsonObj3["inputs"] = traverse(**inputNode); - } else { - sources.insert(std::move(storePath)); + } else traverse(**inputNode); - } } } return jsonObj2; diff --git a/tests/functional/flakes/common.sh b/tests/functional/flakes/common.sh index b1c3988e342..06e414e9d03 100644 --- a/tests/functional/flakes/common.sh +++ b/tests/functional/flakes/common.sh @@ -99,6 +99,16 @@ writeTrivialFlake() { EOF } +initGitRepo() { + local repo="$1" + local extraArgs="${2-}" + + # shellcheck disable=SC2086 # word splitting of extraArgs is intended + git -C "$repo" init $extraArgs + git -C "$repo" config user.email "foobar@example.com" + git -C "$repo" config user.name "Foobar" +} + createGitRepo() { local repo="$1" local extraArgs="${2-}" @@ -107,7 +117,5 @@ createGitRepo() { mkdir -p "$repo" # shellcheck disable=SC2086 # word splitting of extraArgs is intended - git -C "$repo" init $extraArgs - git -C "$repo" config user.email "foobar@example.com" - git -C "$repo" config user.name "Foobar" + initGitRepo "$repo" $extraArgs } diff --git a/tests/functional/flakes/relative-paths.sh b/tests/functional/flakes/relative-paths.sh index ac4b07eb274..3f7ca3f4618 100644 --- a/tests/functional/flakes/relative-paths.sh +++ b/tests/functional/flakes/relative-paths.sh @@ -45,7 +45,7 @@ EOF [[ $(nix eval "$rootFlake?dir=sub1#y") = 6 ]] -git init "$rootFlake" +initGitRepo "$rootFlake" git -C "$rootFlake" add flake.nix sub0/flake.nix sub1/flake.nix [[ $(nix eval "$subflake1#y") = 6 ]] @@ -77,7 +77,17 @@ fi (! grep narHash "$subflake2/flake.lock") # Test `nix flake archive` with relative path flakes. -nix flake archive --json "$rootFlake" +git -C "$rootFlake" add flake.lock +git -C "$rootFlake" commit -a -m Foo + +json=$(nix flake archive --json "$rootFlake" --to "$TEST_ROOT/store2") +[[ $(echo "$json" | jq .inputs.sub0.inputs) = {} ]] +[[ -n $(echo "$json" | jq .path) ]] + +nix flake prefetch --out-link "$TEST_ROOT/result" "$rootFlake" +outPath=$(readlink "$TEST_ROOT/result") + +[ -e "$TEST_ROOT/store2/nix/store/$(basename "$outPath")" ] # Test circular relative path flakes. FIXME: doesn't work at the moment. if false; then From 827f760ad7e12dd006e834045d46645869cd4c74 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 24 Feb 2025 23:00:07 +0100 Subject: [PATCH 224/815] Fix test We didn't backport `nix flake prefetch --out-link`. --- tests/functional/flakes/relative-paths.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/functional/flakes/relative-paths.sh b/tests/functional/flakes/relative-paths.sh index 3f7ca3f4618..9c0e6fd4124 100644 --- a/tests/functional/flakes/relative-paths.sh +++ b/tests/functional/flakes/relative-paths.sh @@ -84,10 +84,10 @@ json=$(nix flake archive --json "$rootFlake" --to "$TEST_ROOT/store2") [[ $(echo "$json" | jq .inputs.sub0.inputs) = {} ]] [[ -n $(echo "$json" | jq .path) ]] -nix flake prefetch --out-link "$TEST_ROOT/result" "$rootFlake" -outPath=$(readlink "$TEST_ROOT/result") +#nix flake prefetch --out-link "$TEST_ROOT/result" "$rootFlake" +#outPath=$(readlink "$TEST_ROOT/result") -[ -e "$TEST_ROOT/store2/nix/store/$(basename "$outPath")" ] +#[ -e "$TEST_ROOT/store2/nix/store/$(basename "$outPath")" ] # Test circular relative path flakes. FIXME: doesn't work at the moment. if false; then From 25c6048fa6a658a9be6efb106f57a3049fd4272d Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 24 Feb 2025 22:55:44 +0100 Subject: [PATCH 225/815] Bump Determinate Nix version to 3.0.0 --- .version-determinate | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.version-determinate b/.version-determinate index 8570a3aeb97..4a36342fcab 100644 --- a/.version-determinate +++ b/.version-determinate @@ -1 +1 @@ -0.37.2 +3.0.0 From 5fc89adf6c6a0a47d054b339d737006f4b2de197 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 24 Feb 2025 21:26:31 +0100 Subject: [PATCH 226/815] Use Determinate version in store path name --- packaging/components.nix | 2 +- packaging/dev-shell.nix | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/packaging/components.nix b/packaging/components.nix index 9da864887cc..38634619463 100644 --- a/packaging/components.nix +++ b/packaging/components.nix @@ -26,7 +26,7 @@ let pkg-config ; - baseVersion = lib.fileContents ../.version; + baseVersion = lib.fileContents ../.version-determinate; versionSuffix = lib.optionalString (!officialRelease) "pre"; diff --git a/packaging/dev-shell.nix b/packaging/dev-shell.nix index 1651a86bee1..a5a2426a439 100644 --- a/packaging/dev-shell.nix +++ b/packaging/dev-shell.nix @@ -23,7 +23,7 @@ pkgs.nixComponents.nix-util.overrideAttrs ( pname = "shell-for-" + attrs.pname; # Remove the version suffix to avoid unnecessary attempts to substitute in nix develop - version = lib.fileContents ../.version; + version = lib.fileContents ../.version-determinate; name = attrs.pname; installFlags = "sysconfdir=$(out)/etc"; From e71a498e2571392d18a3107ed235844130f7d462 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 24 Feb 2025 21:58:29 +0100 Subject: [PATCH 227/815] Disable setVersionLayer This sets .version to finalAttrs.version, so we would end up with `nix --version` showing `nix (Determinate Nix 0.37.2) 0.37.2`. --- packaging/components.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/packaging/components.nix b/packaging/components.nix index 38634619463..a3f816c4d5e 100644 --- a/packaging/components.nix +++ b/packaging/components.nix @@ -50,6 +50,7 @@ let exts: userFn: stdenv.mkDerivation (lib.extends (lib.composeManyExtensions exts) userFn); setVersionLayer = finalAttrs: prevAttrs: { + /* preConfigure = prevAttrs.prevAttrs or "" + @@ -59,6 +60,7 @@ let chmod u+w ./.version echo ${finalAttrs.version} > ./.version ''; + */ }; localSourceLayer = From 94347f4622f54c4ad08ce8c3e35bb230cce08893 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 24 Feb 2025 23:28:09 +0100 Subject: [PATCH 228/815] nix -> determinate-nix --- doc/manual/package.nix | 2 +- packaging/everything.nix | 4 ++-- src/external-api-docs/package.nix | 2 +- src/internal-api-docs/package.nix | 2 +- src/libcmd/package.nix | 2 +- src/libexpr-c/package.nix | 2 +- src/libexpr-test-support/package.nix | 2 +- src/libexpr/package.nix | 2 +- src/libfetchers/package.nix | 2 +- src/libflake-c/package.nix | 2 +- src/libflake/package.nix | 2 +- src/libmain-c/package.nix | 2 +- src/libmain/package.nix | 2 +- src/libstore-c/package.nix | 2 +- src/libstore-test-support/package.nix | 2 +- src/libstore/package.nix | 2 +- src/libutil-c/package.nix | 2 +- src/libutil-test-support/package.nix | 2 +- src/libutil/package.nix | 2 +- src/perl/package.nix | 2 +- 20 files changed, 21 insertions(+), 21 deletions(-) diff --git a/doc/manual/package.nix b/doc/manual/package.nix index 6d93e6f1a5d..778440ac256 100644 --- a/doc/manual/package.nix +++ b/doc/manual/package.nix @@ -22,7 +22,7 @@ let in mkMesonDerivation (finalAttrs: { - pname = "nix-manual"; + pname = "determinate-nix-manual"; inherit version; workDir = ./.; diff --git a/packaging/everything.nix b/packaging/everything.nix index 0974a34df50..3637c4d07d1 100644 --- a/packaging/everything.nix +++ b/packaging/everything.nix @@ -69,7 +69,7 @@ let }; dev = stdenv.mkDerivation (finalAttrs: { - name = "nix-${nix-cli.version}-dev"; + name = "determinate-nix-${nix-cli.version}-dev"; pname = "nix"; version = nix-cli.version; dontUnpack = true; @@ -120,7 +120,7 @@ let in (buildEnv { - name = "nix-${nix-cli.version}"; + name = "determinate-nix-${nix-cli.version}"; paths = [ nix-cli nix-manual.man diff --git a/src/external-api-docs/package.nix b/src/external-api-docs/package.nix index b194e16d460..28cde8c09e6 100644 --- a/src/external-api-docs/package.nix +++ b/src/external-api-docs/package.nix @@ -14,7 +14,7 @@ let in mkMesonDerivation (finalAttrs: { - pname = "nix-external-api-docs"; + pname = "determinate-nix-external-api-docs"; inherit version; workDir = ./.; diff --git a/src/internal-api-docs/package.nix b/src/internal-api-docs/package.nix index 6c4f354aee5..636c19653ea 100644 --- a/src/internal-api-docs/package.nix +++ b/src/internal-api-docs/package.nix @@ -14,7 +14,7 @@ let in mkMesonDerivation (finalAttrs: { - pname = "nix-internal-api-docs"; + pname = "determinate-nix-internal-api-docs"; inherit version; workDir = ./.; diff --git a/src/libcmd/package.nix b/src/libcmd/package.nix index d459d1c20fb..5150de249e8 100644 --- a/src/libcmd/package.nix +++ b/src/libcmd/package.nix @@ -35,7 +35,7 @@ let in mkMesonLibrary (finalAttrs: { - pname = "nix-cmd"; + pname = "determinate-nix-cmd"; inherit version; workDir = ./.; diff --git a/src/libexpr-c/package.nix b/src/libexpr-c/package.nix index 694fbc1fe78..ec92ecce105 100644 --- a/src/libexpr-c/package.nix +++ b/src/libexpr-c/package.nix @@ -15,7 +15,7 @@ let in mkMesonLibrary (finalAttrs: { - pname = "nix-expr-c"; + pname = "determinate-nix-expr-c"; inherit version; workDir = ./.; diff --git a/src/libexpr-test-support/package.nix b/src/libexpr-test-support/package.nix index 44b0ff38631..dbf515370f0 100644 --- a/src/libexpr-test-support/package.nix +++ b/src/libexpr-test-support/package.nix @@ -18,7 +18,7 @@ let in mkMesonLibrary (finalAttrs: { - pname = "nix-util-test-support"; + pname = "determinate-nix-util-test-support"; inherit version; workDir = ./.; diff --git a/src/libexpr/package.nix b/src/libexpr/package.nix index 533dae9f253..309d57f9b1a 100644 --- a/src/libexpr/package.nix +++ b/src/libexpr/package.nix @@ -36,7 +36,7 @@ let in mkMesonLibrary (finalAttrs: { - pname = "nix-expr"; + pname = "determinate-nix-expr"; inherit version; workDir = ./.; diff --git a/src/libfetchers/package.nix b/src/libfetchers/package.nix index 3f52e987800..5aa096082ed 100644 --- a/src/libfetchers/package.nix +++ b/src/libfetchers/package.nix @@ -17,7 +17,7 @@ let in mkMesonLibrary (finalAttrs: { - pname = "nix-fetchers"; + pname = "determinate-nix-fetchers"; inherit version; workDir = ./.; diff --git a/src/libflake-c/package.nix b/src/libflake-c/package.nix index 1149508523e..958cf233e0a 100644 --- a/src/libflake-c/package.nix +++ b/src/libflake-c/package.nix @@ -16,7 +16,7 @@ let in mkMesonLibrary (finalAttrs: { - pname = "nix-flake-c"; + pname = "determinate-nix-flake-c"; inherit version; workDir = ./.; diff --git a/src/libflake/package.nix b/src/libflake/package.nix index 5240ce5e396..2c28235f1bd 100644 --- a/src/libflake/package.nix +++ b/src/libflake/package.nix @@ -18,7 +18,7 @@ let in mkMesonLibrary (finalAttrs: { - pname = "nix-flake"; + pname = "determinate-nix-flake"; inherit version; workDir = ./.; diff --git a/src/libmain-c/package.nix b/src/libmain-c/package.nix index f019a917d36..17858d56f2e 100644 --- a/src/libmain-c/package.nix +++ b/src/libmain-c/package.nix @@ -17,7 +17,7 @@ let in mkMesonLibrary (finalAttrs: { - pname = "nix-main-c"; + pname = "determinate-nix-main-c"; inherit version; workDir = ./.; diff --git a/src/libmain/package.nix b/src/libmain/package.nix index c03697c48da..5ee2e61e41d 100644 --- a/src/libmain/package.nix +++ b/src/libmain/package.nix @@ -17,7 +17,7 @@ let in mkMesonLibrary (finalAttrs: { - pname = "nix-main"; + pname = "determinate-nix-main"; inherit version; workDir = ./.; diff --git a/src/libstore-c/package.nix b/src/libstore-c/package.nix index fde17c78e01..0ce37e44c01 100644 --- a/src/libstore-c/package.nix +++ b/src/libstore-c/package.nix @@ -15,7 +15,7 @@ let in mkMesonLibrary (finalAttrs: { - pname = "nix-store-c"; + pname = "determinate-nix-store-c"; inherit version; workDir = ./.; diff --git a/src/libstore-test-support/package.nix b/src/libstore-test-support/package.nix index ccac25ee16a..8a4658ae700 100644 --- a/src/libstore-test-support/package.nix +++ b/src/libstore-test-support/package.nix @@ -18,7 +18,7 @@ let in mkMesonLibrary (finalAttrs: { - pname = "nix-store-test-support"; + pname = "determinate-nix-store-test-support"; inherit version; workDir = ./.; diff --git a/src/libstore/package.nix b/src/libstore/package.nix index a7d9a0ca110..847e61d09a9 100644 --- a/src/libstore/package.nix +++ b/src/libstore/package.nix @@ -28,7 +28,7 @@ let in mkMesonLibrary (finalAttrs: { - pname = "nix-store"; + pname = "determinate-nix-store"; inherit version; workDir = ./.; diff --git a/src/libutil-c/package.nix b/src/libutil-c/package.nix index f26f57775d4..a1605bf5bb8 100644 --- a/src/libutil-c/package.nix +++ b/src/libutil-c/package.nix @@ -14,7 +14,7 @@ let in mkMesonLibrary (finalAttrs: { - pname = "nix-util-c"; + pname = "determinate-nix-util-c"; inherit version; workDir = ./.; diff --git a/src/libutil-test-support/package.nix b/src/libutil-test-support/package.nix index fafd47c86c5..3b094ac29bd 100644 --- a/src/libutil-test-support/package.nix +++ b/src/libutil-test-support/package.nix @@ -17,7 +17,7 @@ let in mkMesonLibrary (finalAttrs: { - pname = "nix-util-test-support"; + pname = "determinate-nix-util-test-support"; inherit version; workDir = ./.; diff --git a/src/libutil/package.nix b/src/libutil/package.nix index 47dcb54a26f..fcc74c247e1 100644 --- a/src/libutil/package.nix +++ b/src/libutil/package.nix @@ -21,7 +21,7 @@ let in mkMesonLibrary (finalAttrs: { - pname = "nix-util"; + pname = "determinate-nix-util"; inherit version; workDir = ./.; diff --git a/src/perl/package.nix b/src/perl/package.nix index d95d13aa921..d948cbcdcce 100644 --- a/src/perl/package.nix +++ b/src/perl/package.nix @@ -18,7 +18,7 @@ in perl.pkgs.toPerlModule ( mkMesonDerivation (finalAttrs: { - pname = "nix-perl"; + pname = "determinate-nix-perl"; inherit version; workDir = ./.; From ff8da340ae93f053350872e5d7ac301fd7c814ee Mon Sep 17 00:00:00 2001 From: Luc Perkins Date: Tue, 25 Feb 2025 14:33:57 -0300 Subject: [PATCH 229/815] Remove references to single-user mode --- doc/manual/redirects.js | 3 --- doc/manual/source/SUMMARY.md.in | 4 +-- doc/manual/source/installation/index.md | 13 ---------- .../source/installation/installing-binary.md | 25 +------------------ .../source/installation/installing-docker.md | 18 ------------- .../source/installation/nix-security.md | 15 ----------- doc/manual/source/installation/single-user.md | 9 ------- doc/manual/source/installation/uninstall.md | 9 ------- doc/manual/source/installation/upgrading.md | 6 ----- 9 files changed, 2 insertions(+), 100 deletions(-) delete mode 100644 doc/manual/source/installation/nix-security.md delete mode 100644 doc/manual/source/installation/single-user.md diff --git a/doc/manual/redirects.js b/doc/manual/redirects.js index dea141391df..36f53cbc82c 100644 --- a/doc/manual/redirects.js +++ b/doc/manual/redirects.js @@ -271,13 +271,10 @@ const redirects = { "sect-multi-user-installation": "installation/installing-binary.html#multi-user-installation", "sect-nix-install-binary-tarball": "installation/installing-binary.html#installing-from-a-binary-tarball", "sect-nix-install-pinned-version-url": "installation/installing-binary.html#installing-a-pinned-nix-version-from-a-url", - "sect-single-user-installation": "installation/installing-binary.html#single-user-installation", "ch-installing-source": "installation/installing-source.html", "ssec-multi-user": "installation/multi-user.html", - "ch-nix-security": "installation/nix-security.html", "sec-obtaining-source": "installation/obtaining-source.html", "sec-prerequisites-source": "installation/prerequisites-source.html", - "sec-single-user": "installation/single-user.html", "ch-supported-platforms": "installation/supported-platforms.html", "ch-upgrading-nix": "installation/upgrading.html", "ch-about-nix": "introduction.html", diff --git a/doc/manual/source/SUMMARY.md.in b/doc/manual/source/SUMMARY.md.in index 228bbc88206..9d465e4bb49 100644 --- a/doc/manual/source/SUMMARY.md.in +++ b/doc/manual/source/SUMMARY.md.in @@ -10,9 +10,7 @@ - [Obtaining a Source Distribution](installation/obtaining-source.md) - [Building Nix from Source](installation/building-source.md) - [Using Nix within Docker](installation/installing-docker.md) - - [Security](installation/nix-security.md) - - [Single-User Mode](installation/single-user.md) - - [Multi-User Mode](installation/multi-user.md) + - [Multi-User Mode](installation/multi-user.md) - [Environment Variables](installation/env-variables.md) - [Upgrading Nix](installation/upgrading.md) - [Uninstalling Nix](installation/uninstall.md) diff --git a/doc/manual/source/installation/index.md b/doc/manual/source/installation/index.md index 48725c1ba74..d71634946d6 100644 --- a/doc/manual/source/installation/index.md +++ b/doc/manual/source/installation/index.md @@ -26,19 +26,6 @@ This option requires either: $ curl -L https://nixos.org/nix/install | sh -s -- --daemon ``` -## Single-user - -> Single-user is not supported on Mac. - -This installation has less requirements than the multi-user install, however it -cannot offer equivalent sharing, isolation, or security. - -This option is suitable for systems without systemd. - -```console -$ curl -L https://nixos.org/nix/install | sh -s -- --no-daemon -``` - ## Distributions The Nix community maintains installers for several distributions. diff --git a/doc/manual/source/installation/installing-binary.md b/doc/manual/source/installation/installing-binary.md index 6a1a5ddcaff..0a2d650a97b 100644 --- a/doc/manual/source/installation/installing-binary.md +++ b/doc/manual/source/installation/installing-binary.md @@ -19,11 +19,6 @@ This performs the default type of installation for your platform: - [Multi-user](#multi-user-installation): - Linux with systemd and without SELinux - macOS -- [Single-user](#single-user-installation): - - Linux without systemd - - Linux with SELinux - -We recommend the multi-user installation if it supports your platform and you can authenticate with `sudo`. The installer can configured with various command line arguments and environment variables. To show available command line flags: @@ -42,7 +37,7 @@ The directory for each version contains the corresponding SHA-256 hash. All installation scripts are invoked the same way: ```console -$ export VERSION=2.19.2 +$ export VERSION=2.19.2 $ curl -L https://releases.nixos.org/nix/nix-$VERSION/install | sh ``` @@ -64,24 +59,6 @@ $ bash <(curl -L https://nixos.org/nix/install) --daemon You can run this under your usual user account or `root`. The script will invoke `sudo` as needed. -# Single User Installation - -To explicitly select a single-user installation on your system: - -```console -$ bash <(curl -L https://nixos.org/nix/install) --no-daemon -``` - -In a single-user installation, `/nix` is owned by the invoking user. -The script will invoke `sudo` to create `/nix` if it doesn’t already exist. -If you don’t have `sudo`, manually create `/nix` as `root`: - -```console -$ su root -# mkdir /nix -# chown alice /nix -``` - # Installing from a binary tarball You can also download a binary tarball that contains Nix and all its dependencies: diff --git a/doc/manual/source/installation/installing-docker.md b/doc/manual/source/installation/installing-docker.md index 9354c1a7228..6f77d6a5708 100644 --- a/doc/manual/source/installation/installing-docker.md +++ b/doc/manual/source/installation/installing-docker.md @@ -57,21 +57,3 @@ $ nix build ./\#hydraJobs.dockerImage.x86_64-linux $ docker load -i ./result/image.tar.gz $ docker run -ti nix:2.5pre20211105 ``` - -# Docker image with non-root Nix - -If you would like to run Nix in a container under a user other than `root`, -you can build an image with a non-root single-user installation of Nix -by specifying the `uid`, `gid`, `uname`, and `gname` arguments to `docker.nix`: - -```console -$ nix build --file docker.nix \ - --arg uid 1000 \ - --arg gid 1000 \ - --argstr uname user \ - --argstr gname user \ - --argstr name nix-user \ - --out-link nix-user.tar.gz -$ docker load -i nix-user.tar.gz -$ docker run -ti nix-user -``` diff --git a/doc/manual/source/installation/nix-security.md b/doc/manual/source/installation/nix-security.md deleted file mode 100644 index 1e9036b68b2..00000000000 --- a/doc/manual/source/installation/nix-security.md +++ /dev/null @@ -1,15 +0,0 @@ -# Security - -Nix has two basic security models. First, it can be used in “single-user -mode”, which is similar to what most other package management tools do: -there is a single user (typically root) who performs all package -management operations. All other users can then use the installed -packages, but they cannot perform package management operations -themselves. - -Alternatively, you can configure Nix in “multi-user mode”. In this -model, all users can perform package management operations — for -instance, every user can install software without requiring root -privileges. Nix ensures that this is secure. For instance, it’s not -possible for one user to overwrite a package used by another user with a -Trojan horse. diff --git a/doc/manual/source/installation/single-user.md b/doc/manual/source/installation/single-user.md deleted file mode 100644 index f9a3b26edf4..00000000000 --- a/doc/manual/source/installation/single-user.md +++ /dev/null @@ -1,9 +0,0 @@ -# Single-User Mode - -In single-user mode, all Nix operations that access the database in -`prefix/var/nix/db` or modify the Nix store in `prefix/store` must be -performed under the user ID that owns those directories. This is -typically root. (If you install from RPM packages, that’s in fact the -default ownership.) However, on single-user machines, it is often -convenient to `chown` those directories to your normal user account so -that you don’t have to `su` to root all the time. diff --git a/doc/manual/source/installation/uninstall.md b/doc/manual/source/installation/uninstall.md index 8d45da6bba0..2762edbf43c 100644 --- a/doc/manual/source/installation/uninstall.md +++ b/doc/manual/source/installation/uninstall.md @@ -154,12 +154,3 @@ which you may remove. > You do not have to reboot to finish uninstalling Nix. > The uninstall is complete. > macOS (Catalina+) directly controls root directories, and its read-only root will prevent you from manually deleting the empty `/nix` mountpoint. - -## Single User - -To remove a [single-user installation](./installing-binary.md#single-user-installation) of Nix, run: - -```console -rm -rf /nix ~/.nix-channels ~/.nix-defexpr ~/.nix-profile -``` -You might also want to manually remove references to Nix from your `~/.profile`. diff --git a/doc/manual/source/installation/upgrading.md b/doc/manual/source/installation/upgrading.md index a433f1d30e6..f0992671d03 100644 --- a/doc/manual/source/installation/upgrading.md +++ b/doc/manual/source/installation/upgrading.md @@ -32,9 +32,3 @@ $ sudo nix-env --install --file '' --attr nix cacert -I nixpkgs=channel $ sudo launchctl remove org.nixos.nix-daemon $ sudo launchctl load /Library/LaunchDaemons/org.nixos.nix-daemon.plist ``` - -## Single-user all platforms - -```console -$ nix-env --install --file '' --attr nix cacert -I nixpkgs=channel:nixpkgs-unstable -``` From d0b6f2f26fd06258a6cf10ee9ddf85c7accf4c01 Mon Sep 17 00:00:00 2001 From: Luc Perkins Date: Tue, 25 Feb 2025 14:40:53 -0300 Subject: [PATCH 230/815] Remove one more reference to single-user mode --- doc/manual/source/installation/index.md | 19 ++++--------------- 1 file changed, 4 insertions(+), 15 deletions(-) diff --git a/doc/manual/source/installation/index.md b/doc/manual/source/installation/index.md index d71634946d6..b2c908053d5 100644 --- a/doc/manual/source/installation/index.md +++ b/doc/manual/source/installation/index.md @@ -1,18 +1,11 @@ # Installation This section describes how to install and configure Nix for first-time use. +Nix follows a [multi-user](./multi-user.md) model on both Linux and macOS. -The current recommended option on Linux and MacOS is [multi-user](#multi-user). - -## Multi-user - -This installation offers better sharing, improved isolation, and more security -over a single user installation. - -This option requires either: - -* Linux running systemd, with SELinux disabled -* MacOS +```console +$ curl -L https://nixos.org/nix/install | sh -s -- --daemon +``` > **Updating to macOS 15 Sequoia** > @@ -22,10 +15,6 @@ This option requires either: > ``` > when running Nix commands, refer to GitHub issue [NixOS/nix#10892](https://github.com/NixOS/nix/issues/10892) for instructions to fix your installation without reinstalling. -```console -$ curl -L https://nixos.org/nix/install | sh -s -- --daemon -``` - ## Distributions The Nix community maintains installers for several distributions. From 4248d5c9a2ce9f5b5cd8dcbae53c5735dff737c1 Mon Sep 17 00:00:00 2001 From: Luc Perkins Date: Tue, 25 Feb 2025 14:51:05 -0300 Subject: [PATCH 231/815] Restore section about non-root Nix in Docker --- .../source/installation/installing-docker.md | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/doc/manual/source/installation/installing-docker.md b/doc/manual/source/installation/installing-docker.md index 6f77d6a5708..9354c1a7228 100644 --- a/doc/manual/source/installation/installing-docker.md +++ b/doc/manual/source/installation/installing-docker.md @@ -57,3 +57,21 @@ $ nix build ./\#hydraJobs.dockerImage.x86_64-linux $ docker load -i ./result/image.tar.gz $ docker run -ti nix:2.5pre20211105 ``` + +# Docker image with non-root Nix + +If you would like to run Nix in a container under a user other than `root`, +you can build an image with a non-root single-user installation of Nix +by specifying the `uid`, `gid`, `uname`, and `gname` arguments to `docker.nix`: + +```console +$ nix build --file docker.nix \ + --arg uid 1000 \ + --arg gid 1000 \ + --argstr uname user \ + --argstr gname user \ + --argstr name nix-user \ + --out-link nix-user.tar.gz +$ docker load -i nix-user.tar.gz +$ docker run -ti nix-user +``` From daa7f274f54772473e975519111b296c165e9566 Mon Sep 17 00:00:00 2001 From: Luc Perkins Date: Tue, 25 Feb 2025 14:56:05 -0300 Subject: [PATCH 232/815] Restore the Nix security doc --- doc/manual/source/installation/nix-security.md | 15 +++++++++++++++ 1 file changed, 15 insertions(+) create mode 100644 doc/manual/source/installation/nix-security.md diff --git a/doc/manual/source/installation/nix-security.md b/doc/manual/source/installation/nix-security.md new file mode 100644 index 00000000000..1e9036b68b2 --- /dev/null +++ b/doc/manual/source/installation/nix-security.md @@ -0,0 +1,15 @@ +# Security + +Nix has two basic security models. First, it can be used in “single-user +mode”, which is similar to what most other package management tools do: +there is a single user (typically root) who performs all package +management operations. All other users can then use the installed +packages, but they cannot perform package management operations +themselves. + +Alternatively, you can configure Nix in “multi-user mode”. In this +model, all users can perform package management operations — for +instance, every user can install software without requiring root +privileges. Nix ensures that this is secure. For instance, it’s not +possible for one user to overwrite a package used by another user with a +Trojan horse. From 2b7214197e5385e5eec5a64536beb2439c7b96d8 Mon Sep 17 00:00:00 2001 From: Luc Perkins Date: Tue, 25 Feb 2025 15:18:25 -0300 Subject: [PATCH 233/815] Consolidate docs --- doc/manual/source/SUMMARY.md.in | 2 +- .../source/installation/nix-security.md | 96 ++++++++++++++++--- 2 files changed, 84 insertions(+), 14 deletions(-) diff --git a/doc/manual/source/SUMMARY.md.in b/doc/manual/source/SUMMARY.md.in index 9d465e4bb49..d5f8b94df6f 100644 --- a/doc/manual/source/SUMMARY.md.in +++ b/doc/manual/source/SUMMARY.md.in @@ -10,7 +10,7 @@ - [Obtaining a Source Distribution](installation/obtaining-source.md) - [Building Nix from Source](installation/building-source.md) - [Using Nix within Docker](installation/installing-docker.md) - - [Multi-User Mode](installation/multi-user.md) + - [Security](installation/nix-security.md) - [Environment Variables](installation/env-variables.md) - [Upgrading Nix](installation/upgrading.md) - [Uninstalling Nix](installation/uninstall.md) diff --git a/doc/manual/source/installation/nix-security.md b/doc/manual/source/installation/nix-security.md index 1e9036b68b2..61cad24c2b3 100644 --- a/doc/manual/source/installation/nix-security.md +++ b/doc/manual/source/installation/nix-security.md @@ -1,15 +1,85 @@ # Security -Nix has two basic security models. First, it can be used in “single-user -mode”, which is similar to what most other package management tools do: -there is a single user (typically root) who performs all package -management operations. All other users can then use the installed -packages, but they cannot perform package management operations -themselves. - -Alternatively, you can configure Nix in “multi-user mode”. In this -model, all users can perform package management operations — for -instance, every user can install software without requiring root -privileges. Nix ensures that this is secure. For instance, it’s not -possible for one user to overwrite a package used by another user with a -Trojan horse. +Nix follows a [**multi-user**](#multi-user-model) security model in which all +users can perform package management operations. Every user can, for example, +install software without requiring root privileges, and Nix ensures that this +is secure. It's *not* possible for one user to, for example, overwrite a +package used by another user with a Trojan horse. + +## Multi-User model + +To allow a Nix store to be shared safely among multiple users, it is +important that users are not able to run builders that modify the Nix +store or database in arbitrary ways, or that interfere with builds +started by other users. If they could do so, they could install a Trojan +horse in some package and compromise the accounts of other users. + +To prevent this, the Nix store and database are owned by some privileged +user (usually `root`) and builders are executed under special user +accounts (usually named `nixbld1`, `nixbld2`, etc.). When a unprivileged +user runs a Nix command, actions that operate on the Nix store (such as +builds) are forwarded to a *Nix daemon* running under the owner of the +Nix store/database that performs the operation. + +> **Note** +> +> Multi-user mode has one important limitation: only root and a set of +> trusted users specified in `nix.conf` can specify arbitrary binary +> caches. So while unprivileged users may install packages from +> arbitrary Nix expressions, they may not get pre-built binaries. + +### Setting up the build users + +The *build users* are the special UIDs under which builds are performed. +They should all be members of the *build users group* `nixbld`. This +group should have no other members. The build users should not be +members of any other group. On Linux, you can create the group and users +as follows: + +```console +$ groupadd -r nixbld +$ for n in $(seq 1 10); do useradd -c "Nix build user $n" \ + -d /var/empty -g nixbld -G nixbld -M -N -r -s "$(which nologin)" \ + nixbld$n; done +``` + +This creates 10 build users. There can never be more concurrent builds +than the number of build users, so you may want to increase this if you +expect to do many builds at the same time. + +### Running the daemon + +The [Nix daemon](../command-ref/nix-daemon.md) should be started as +follows (as `root`): + +```console +$ nix-daemon +``` + +You’ll want to put that line somewhere in your system’s boot scripts. + +To let unprivileged users use the daemon, they should set the +[`NIX_REMOTE` environment variable](../command-ref/env-common.md) to +`daemon`. So you should put a line like + +```console +export NIX_REMOTE=daemon +``` + +into the users’ login scripts. + +### Restricting access + +To limit which users can perform Nix operations, you can use the +permissions on the directory `/nix/var/nix/daemon-socket`. For instance, +if you want to restrict the use of Nix to the members of a group called +`nix-users`, do + +```console +$ chgrp nix-users /nix/var/nix/daemon-socket +$ chmod ug=rwx,o= /nix/var/nix/daemon-socket +``` + +This way, users who are not in the `nix-users` group cannot connect to +the Unix domain socket `/nix/var/nix/daemon-socket/socket`, so they +cannot perform Nix operations. From 705a7b9fd809612c88a978a28501e7ef225d633b Mon Sep 17 00:00:00 2001 From: Luc Perkins Date: Tue, 25 Feb 2025 15:24:15 -0300 Subject: [PATCH 234/815] Fix broken links --- doc/manual/source/command-ref/env-common.md | 2 +- doc/manual/source/installation/index.md | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/doc/manual/source/command-ref/env-common.md b/doc/manual/source/command-ref/env-common.md index ee3995111e9..9f7f3442343 100644 --- a/doc/manual/source/command-ref/env-common.md +++ b/doc/manual/source/command-ref/env-common.md @@ -102,7 +102,7 @@ Most Nix commands interpret the following environment variables: This variable should be set to `daemon` if you want to use the Nix daemon to execute Nix operations. This is necessary in [multi-user - Nix installations](@docroot@/installation/multi-user.md). If the Nix + Nix installations](@docroot@/installation/security.md#multi-user-model). If the Nix daemon's Unix socket is at some non-standard path, this variable should be set to `unix://path/to/socket`. Otherwise, it should be left unset. diff --git a/doc/manual/source/installation/index.md b/doc/manual/source/installation/index.md index b2c908053d5..f5ad817dfdc 100644 --- a/doc/manual/source/installation/index.md +++ b/doc/manual/source/installation/index.md @@ -1,7 +1,8 @@ # Installation This section describes how to install and configure Nix for first-time use. -Nix follows a [multi-user](./multi-user.md) model on both Linux and macOS. +Nix follows a [multi-user](./security.md#multi-user-model) model on both Linux +and macOS. ```console $ curl -L https://nixos.org/nix/install | sh -s -- --daemon From feb60c54a92efe017bdc388a381c2c682a887b33 Mon Sep 17 00:00:00 2001 From: Luc Perkins Date: Tue, 25 Feb 2025 15:27:06 -0300 Subject: [PATCH 235/815] Fix links again --- doc/manual/source/command-ref/env-common.md | 2 +- doc/manual/source/installation/index.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/manual/source/command-ref/env-common.md b/doc/manual/source/command-ref/env-common.md index 9f7f3442343..bd428a232eb 100644 --- a/doc/manual/source/command-ref/env-common.md +++ b/doc/manual/source/command-ref/env-common.md @@ -102,7 +102,7 @@ Most Nix commands interpret the following environment variables: This variable should be set to `daemon` if you want to use the Nix daemon to execute Nix operations. This is necessary in [multi-user - Nix installations](@docroot@/installation/security.md#multi-user-model). If the Nix + Nix installations](@docroot@/installation/nix-security.md#multi-user-model). If the Nix daemon's Unix socket is at some non-standard path, this variable should be set to `unix://path/to/socket`. Otherwise, it should be left unset. diff --git a/doc/manual/source/installation/index.md b/doc/manual/source/installation/index.md index f5ad817dfdc..a4e2c5af07f 100644 --- a/doc/manual/source/installation/index.md +++ b/doc/manual/source/installation/index.md @@ -1,7 +1,7 @@ # Installation This section describes how to install and configure Nix for first-time use. -Nix follows a [multi-user](./security.md#multi-user-model) model on both Linux +Nix follows a [multi-user](./nix-security.md#multi-user-model) model on both Linux and macOS. ```console From 2e5d4de3e2d149991a1ac3da479f968a50ddde89 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Tue, 25 Feb 2025 21:33:05 +0000 Subject: [PATCH 236/815] Prepare release v0.38.0 From bd097de3a587a9224a9a4985722d7956e7c9c3a1 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Tue, 25 Feb 2025 21:33:08 +0000 Subject: [PATCH 237/815] Set .version-determinate to 0.38.0 --- .version-determinate | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.version-determinate b/.version-determinate index 4a36342fcab..ca75280b09b 100644 --- a/.version-determinate +++ b/.version-determinate @@ -1 +1 @@ -3.0.0 +0.38.0 From 2da52b19289601437f289fe5fef375f8b714c3e6 Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Tue, 25 Feb 2025 16:34:19 -0500 Subject: [PATCH 238/815] Update .version-determinate --- .version-determinate | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.version-determinate b/.version-determinate index ca75280b09b..4a36342fcab 100644 --- a/.version-determinate +++ b/.version-determinate @@ -1 +1 @@ -0.38.0 +3.0.0 From 09d1eb3f8747c591c68f37991eac0fe0f6639cbc Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 26 Feb 2025 17:22:43 +0100 Subject: [PATCH 239/815] Run all VM tests --- .github/workflows/ci.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index c3a96704f77..443664e496c 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -109,8 +109,7 @@ jobs: .hydraJobs.tests | with_entries(select(.value.type == "derivation")) | keys[] - | ".#hydraJobs.tests." + .' \ - | head -n5) # FIXME: for testing the merge queue + | ".#hydraJobs.tests." + .') flake_regressions: if: github.event_name == 'merge_group' From 53ec907bb145f2df645341615a20e761c981530a Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Thu, 27 Feb 2025 01:20:50 +0000 Subject: [PATCH 240/815] Prepare release v0.38.1 From 01ee9695817dedf252d097422db6832a8a5a0893 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Thu, 27 Feb 2025 01:20:53 +0000 Subject: [PATCH 241/815] Set .version-determinate to 0.38.1 --- .version-determinate | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.version-determinate b/.version-determinate index 4a36342fcab..bb22182d4f7 100644 --- a/.version-determinate +++ b/.version-determinate @@ -1 +1 @@ -3.0.0 +0.38.1 From 8e44b48c4f82ef245aee5c3e72fda14a87246222 Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Wed, 26 Feb 2025 20:21:27 -0500 Subject: [PATCH 242/815] Apply suggestions from code review --- .version-determinate | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.version-determinate b/.version-determinate index bb22182d4f7..4a36342fcab 100644 --- a/.version-determinate +++ b/.version-determinate @@ -1 +1 @@ -0.38.1 +3.0.0 From 494953cfb644924ec1899774f77e29dd13911956 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 27 Feb 2025 17:03:27 +0100 Subject: [PATCH 243/815] Mark official release --- flake.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flake.nix b/flake.nix index 895a081f240..5e1e4ece713 100644 --- a/flake.nix +++ b/flake.nix @@ -32,7 +32,7 @@ let inherit (nixpkgs) lib; - officialRelease = false; + officialRelease = true; linux32BitSystems = [ "i686-linux" ]; linux64BitSystems = [ From f636ced7d24455d97c04e240fc47ed815ea131fd Mon Sep 17 00:00:00 2001 From: John Ericson Date: Thu, 27 Feb 2025 13:42:03 -0500 Subject: [PATCH 244/815] Revert "Revert "Revert "Adapt scheduler to work with dynamic derivations""" The bug reappeared after all, and the fix introduced a different bug. We want to release 2.27 imminently so there is no time to do a proper fix, which appears to require a larger reworking. Hopefully we will have it for 2.28, however. This reverts commit c98525235f5b8f1ed02fd1b3849b42e5f669d364. --- ...erivation-creation-and-realisation-goal.cc | 126 ------------------ ...erivation-creation-and-realisation-goal.hh | 88 ------------ src/libstore/build/derivation-goal.cc | 26 +++- src/libstore/build/derivation-goal.hh | 4 - src/libstore/build/entry-points.cc | 5 +- src/libstore/build/goal.cc | 2 +- src/libstore/build/goal.hh | 21 --- src/libstore/build/worker.cc | 92 +++---------- src/libstore/build/worker.hh | 24 ---- src/libstore/derived-path-map.cc | 4 - src/libstore/derived-path-map.hh | 7 +- src/libstore/meson.build | 2 - tests/functional/dyn-drv/build-built-drv.sh | 7 +- tests/functional/dyn-drv/dep-built-drv-2.sh | 2 +- tests/functional/dyn-drv/dep-built-drv.sh | 7 +- tests/functional/dyn-drv/failing-outer.sh | 2 + 16 files changed, 45 insertions(+), 374 deletions(-) delete mode 100644 src/libstore/build/derivation-creation-and-realisation-goal.cc delete mode 100644 src/libstore/build/derivation-creation-and-realisation-goal.hh diff --git a/src/libstore/build/derivation-creation-and-realisation-goal.cc b/src/libstore/build/derivation-creation-and-realisation-goal.cc deleted file mode 100644 index c33b7571f04..00000000000 --- a/src/libstore/build/derivation-creation-and-realisation-goal.cc +++ /dev/null @@ -1,126 +0,0 @@ -#include "derivation-creation-and-realisation-goal.hh" -#include "worker.hh" - -namespace nix { - -DerivationCreationAndRealisationGoal::DerivationCreationAndRealisationGoal( - ref drvReq, const OutputsSpec & wantedOutputs, Worker & worker, BuildMode buildMode) - : Goal(worker, DerivedPath::Built{.drvPath = drvReq, .outputs = wantedOutputs}) - , drvReq(drvReq) - , wantedOutputs(wantedOutputs) - , buildMode(buildMode) -{ - name = - fmt("outer obtaining drv from '%s' and then building outputs %s", - drvReq->to_string(worker.store), - std::visit( - overloaded{ - [&](const OutputsSpec::All) -> std::string { return "* (all of them)"; }, - [&](const OutputsSpec::Names os) { return concatStringsSep(", ", quoteStrings(os)); }, - }, - wantedOutputs.raw)); - trace("created outer"); - - worker.updateProgress(); -} - -DerivationCreationAndRealisationGoal::~DerivationCreationAndRealisationGoal() {} - -static StorePath pathPartOfReq(const SingleDerivedPath & req) -{ - return std::visit( - overloaded{ - [&](const SingleDerivedPath::Opaque & bo) { return bo.path; }, - [&](const SingleDerivedPath::Built & bfd) { return pathPartOfReq(*bfd.drvPath); }, - }, - req.raw()); -} - -std::string DerivationCreationAndRealisationGoal::key() -{ - /* Ensure that derivations get built in order of their name, - i.e. a derivation named "aardvark" always comes before "baboon". And - substitution goals and inner derivation goals always happen before - derivation goals (due to "b$"). */ - return "c$" + std::string(pathPartOfReq(*drvReq).name()) + "$" + drvReq->to_string(worker.store); -} - -void DerivationCreationAndRealisationGoal::timedOut(Error && ex) {} - -void DerivationCreationAndRealisationGoal::addWantedOutputs(const OutputsSpec & outputs) -{ - /* If we already want all outputs, there is nothing to do. */ - auto newWanted = wantedOutputs.union_(outputs); - bool needRestart = !newWanted.isSubsetOf(wantedOutputs); - wantedOutputs = newWanted; - - if (!needRestart) - return; - - if (!optDrvPath) - // haven't started steps where the outputs matter yet - return; - worker.makeDerivationGoal(*optDrvPath, outputs, buildMode); -} - -Goal::Co DerivationCreationAndRealisationGoal::init() -{ - trace("outer init"); - - /* The first thing to do is to make sure that the derivation - exists. If it doesn't, it may be created through a - substitute. */ - if (auto optDrvPath = [this]() -> std::optional { - if (buildMode != bmNormal) - return std::nullopt; - - auto drvPath = StorePath::dummy; - try { - drvPath = resolveDerivedPath(worker.store, *drvReq); - } catch (MissingRealisation &) { - return std::nullopt; - } - auto cond = worker.evalStore.isValidPath(drvPath) || worker.store.isValidPath(drvPath); - return cond ? std::optional{drvPath} : std::nullopt; - }()) { - trace( - fmt("already have drv '%s' for '%s', can go straight to building", - worker.store.printStorePath(*optDrvPath), - drvReq->to_string(worker.store))); - } else { - trace("need to obtain drv we want to build"); - addWaitee(worker.makeGoal(DerivedPath::fromSingle(*drvReq))); - co_await Suspend{}; - } - - trace("outer load and build derivation"); - - if (nrFailed != 0) { - co_return amDone(ecFailed, Error("cannot build missing derivation '%s'", drvReq->to_string(worker.store))); - } - - StorePath drvPath = resolveDerivedPath(worker.store, *drvReq); - /* Build this step! */ - concreteDrvGoal = worker.makeDerivationGoal(drvPath, wantedOutputs, buildMode); - { - auto g = upcast_goal(concreteDrvGoal); - /* We will finish with it ourselves, as if we were the derivational goal. */ - g->preserveException = true; - } - optDrvPath = std::move(drvPath); - addWaitee(upcast_goal(concreteDrvGoal)); - co_await Suspend{}; - - trace("outer build done"); - - buildResult = upcast_goal(concreteDrvGoal) - ->getBuildResult(DerivedPath::Built{ - .drvPath = drvReq, - .outputs = wantedOutputs, - }); - - auto g = upcast_goal(concreteDrvGoal); - co_return amDone(g->exitCode, g->ex); -} - -} diff --git a/src/libstore/build/derivation-creation-and-realisation-goal.hh b/src/libstore/build/derivation-creation-and-realisation-goal.hh deleted file mode 100644 index 40fe4005333..00000000000 --- a/src/libstore/build/derivation-creation-and-realisation-goal.hh +++ /dev/null @@ -1,88 +0,0 @@ -#pragma once - -#include "parsed-derivations.hh" -#include "store-api.hh" -#include "pathlocks.hh" -#include "goal.hh" - -namespace nix { - -struct DerivationGoal; - -/** - * This goal type is essentially the serial composition (like function - * composition) of a goal for getting a derivation, and then a - * `DerivationGoal` using the newly-obtained derivation. - * - * In the (currently experimental) general inductive case of derivations - * that are themselves build outputs, that first goal will be *another* - * `DerivationCreationAndRealisationGoal`. In the (much more common) base-case - * where the derivation has no provence and is just referred to by - * (content-addressed) store path, that first goal is a - * `SubstitutionGoal`. - * - * If we already have the derivation (e.g. if the evaluator has created - * the derivation locally and then instructured the store to build it), - * we can skip the first goal entirely as a small optimization. - */ -struct DerivationCreationAndRealisationGoal : public Goal -{ - /** - * How to obtain a store path of the derivation to build. - */ - ref drvReq; - - /** - * The path of the derivation, once obtained. - **/ - std::optional optDrvPath; - - /** - * The goal for the corresponding concrete derivation. - **/ - std::shared_ptr concreteDrvGoal; - - /** - * The specific outputs that we need to build. - */ - OutputsSpec wantedOutputs; - - /** - * The final output paths of the build. - * - * - For input-addressed derivations, always the precomputed paths - * - * - For content-addressed derivations, calcuated from whatever the - * hash ends up being. (Note that fixed outputs derivations that - * produce the "wrong" output still install that data under its - * true content-address.) - */ - OutputPathMap finalOutputs; - - BuildMode buildMode; - - DerivationCreationAndRealisationGoal( - ref drvReq, - const OutputsSpec & wantedOutputs, - Worker & worker, - BuildMode buildMode = bmNormal); - virtual ~DerivationCreationAndRealisationGoal(); - - void timedOut(Error && ex) override; - - std::string key() override; - - /** - * Add wanted outputs to an already existing derivation goal. - */ - void addWantedOutputs(const OutputsSpec & outputs); - - Co init() override; - - JobCategory jobCategory() const override - { - return JobCategory::Administration; - }; -}; - -} diff --git a/src/libstore/build/derivation-goal.cc b/src/libstore/build/derivation-goal.cc index 41762cde1b0..01da37df685 100644 --- a/src/libstore/build/derivation-goal.cc +++ b/src/libstore/build/derivation-goal.cc @@ -137,8 +137,21 @@ Goal::Co DerivationGoal::init() { trace("init"); if (useDerivation) { + /* The first thing to do is to make sure that the derivation + exists. If it doesn't, it may be created through a + substitute. */ + + if (buildMode != bmNormal || !worker.evalStore.isValidPath(drvPath)) { + addWaitee(upcast_goal(worker.makePathSubstitutionGoal(drvPath))); + co_await Suspend{}; + } + trace("loading derivation"); + if (nrFailed != 0) { + co_return done(BuildResult::MiscFailure, {}, Error("cannot build missing derivation '%s'", worker.store.printStorePath(drvPath))); + } + /* `drvPath' should already be a root, but let's be on the safe side: if the user forgot to make it a root, we wouldn't want things being garbage collected while we're busy. */ @@ -1540,24 +1553,23 @@ void DerivationGoal::waiteeDone(GoalPtr waitee, ExitCode result) if (!useDerivation || !drv) return; auto & fullDrv = *dynamic_cast(drv.get()); - std::optional info = tryGetConcreteDrvGoal(waitee); - if (!info) return; - const auto & [dg, drvReq] = *info; + auto * dg = dynamic_cast(&*waitee); + if (!dg) return; - auto * nodeP = fullDrv.inputDrvs.findSlot(drvReq.get()); + auto * nodeP = fullDrv.inputDrvs.findSlot(DerivedPath::Opaque { .path = dg->drvPath }); if (!nodeP) return; auto & outputs = nodeP->value; for (auto & outputName : outputs) { - auto buildResult = dg.get().getBuildResult(DerivedPath::Built { - .drvPath = makeConstantStorePathRef(dg.get().drvPath), + auto buildResult = dg->getBuildResult(DerivedPath::Built { + .drvPath = makeConstantStorePathRef(dg->drvPath), .outputs = OutputsSpec::Names { outputName }, }); if (buildResult.success()) { auto i = buildResult.builtOutputs.find(outputName); if (i != buildResult.builtOutputs.end()) inputDrvOutputs.insert_or_assign( - { dg.get().drvPath, outputName }, + { dg->drvPath, outputName }, i->second.outPath); } } diff --git a/src/libstore/build/derivation-goal.hh b/src/libstore/build/derivation-goal.hh index 3ff34509a4e..4622cb2b1c6 100644 --- a/src/libstore/build/derivation-goal.hh +++ b/src/libstore/build/derivation-goal.hh @@ -57,10 +57,6 @@ struct InitialOutput { /** * A goal for building some or all of the outputs of a derivation. - * - * The derivation must already be present, either in the store in a drv - * or in memory. If the derivation itself needs to be gotten first, a - * `DerivationCreationAndRealisationGoal` goal must be used instead. */ struct DerivationGoal : public Goal { diff --git a/src/libstore/build/entry-points.cc b/src/libstore/build/entry-points.cc index a473daff914..3bf22320e3a 100644 --- a/src/libstore/build/entry-points.cc +++ b/src/libstore/build/entry-points.cc @@ -1,7 +1,6 @@ #include "worker.hh" #include "substitution-goal.hh" #ifndef _WIN32 // TODO Enable building on Windows -# include "derivation-creation-and-realisation-goal.hh" # include "derivation-goal.hh" #endif #include "local-store.hh" @@ -30,8 +29,8 @@ void Store::buildPaths(const std::vector & reqs, BuildMode buildMod } if (i->exitCode != Goal::ecSuccess) { #ifndef _WIN32 // TODO Enable building on Windows - if (auto i2 = dynamic_cast(i.get())) - failed.insert(i2->drvReq->to_string(*this)); + if (auto i2 = dynamic_cast(i.get())) + failed.insert(printStorePath(i2->drvPath)); else #endif if (auto i2 = dynamic_cast(i.get())) diff --git a/src/libstore/build/goal.cc b/src/libstore/build/goal.cc index c381e5b581f..9a16da14555 100644 --- a/src/libstore/build/goal.cc +++ b/src/libstore/build/goal.cc @@ -175,7 +175,7 @@ Goal::Done Goal::amDone(ExitCode result, std::optional ex) exitCode = result; if (ex) { - if (!preserveException && !waiters.empty()) + if (!waiters.empty()) logError(ex->info()); else this->ex = std::move(*ex); diff --git a/src/libstore/build/goal.hh b/src/libstore/build/goal.hh index 2db1098b736..1dd7ed52537 100644 --- a/src/libstore/build/goal.hh +++ b/src/libstore/build/goal.hh @@ -50,16 +50,6 @@ enum struct JobCategory { * A substitution an arbitrary store object; it will use network resources. */ Substitution, - /** - * A goal that does no "real" work by itself, and just exists to depend on - * other goals which *do* do real work. These goals therefore are not - * limited. - * - * These goals cannot infinitely create themselves, so there is no risk of - * a "fork bomb" type situation (which would be a problem even though the - * goal do no real work) either. - */ - Administration, }; struct Goal : public std::enable_shared_from_this @@ -383,17 +373,6 @@ public: */ BuildResult getBuildResult(const DerivedPath &) const; - /** - * Hack to say that this goal should not log `ex`, but instead keep - * it around. Set by a waitee which sees itself as the designated - * continuation of this goal, responsible for reporting its - * successes or failures. - * - * @todo this is yet another not-nice hack in the goal system that - * we ought to get rid of. See #11927 - */ - bool preserveException = false; - /** * Exception containing an error message, if any. */ diff --git a/src/libstore/build/worker.cc b/src/libstore/build/worker.cc index b765fc2a002..dbe86f43f6a 100644 --- a/src/libstore/build/worker.cc +++ b/src/libstore/build/worker.cc @@ -4,7 +4,6 @@ #include "substitution-goal.hh" #include "drv-output-substitution-goal.hh" #include "derivation-goal.hh" -#include "derivation-creation-and-realisation-goal.hh" #ifndef _WIN32 // TODO Enable building on Windows # include "local-derivation-goal.hh" # include "hook-instance.hh" @@ -44,24 +43,6 @@ Worker::~Worker() } -std::shared_ptr Worker::makeDerivationCreationAndRealisationGoal( - ref drvReq, - const OutputsSpec & wantedOutputs, - BuildMode buildMode) -{ - std::weak_ptr & goal_weak = outerDerivationGoals.ensureSlot(*drvReq).value; - std::shared_ptr goal = goal_weak.lock(); - if (!goal) { - goal = std::make_shared(drvReq, wantedOutputs, *this, buildMode); - goal_weak = goal; - wakeUp(goal); - } else { - goal->addWantedOutputs(wantedOutputs); - } - return goal; -} - - std::shared_ptr Worker::makeDerivationGoalCommon( const StorePath & drvPath, const OutputsSpec & wantedOutputs, @@ -139,7 +120,10 @@ GoalPtr Worker::makeGoal(const DerivedPath & req, BuildMode buildMode) { return std::visit(overloaded { [&](const DerivedPath::Built & bfd) -> GoalPtr { - return makeDerivationCreationAndRealisationGoal(bfd.drvPath, bfd.outputs, buildMode); + if (auto bop = std::get_if(&*bfd.drvPath)) + return makeDerivationGoal(bop->path, bfd.outputs, buildMode); + else + throw UnimplementedError("Building dynamic derivations in one shot is not yet implemented."); }, [&](const DerivedPath::Opaque & bo) -> GoalPtr { return makePathSubstitutionGoal(bo.path, buildMode == bmRepair ? Repair : NoRepair); @@ -148,46 +132,24 @@ GoalPtr Worker::makeGoal(const DerivedPath & req, BuildMode buildMode) } -template -static void cullMap(std::map & goalMap, F f) -{ - for (auto i = goalMap.begin(); i != goalMap.end();) - if (!f(i->second)) - i = goalMap.erase(i); - else ++i; -} - - template static void removeGoal(std::shared_ptr goal, std::map> & goalMap) { /* !!! inefficient */ - cullMap(goalMap, [&](const std::weak_ptr & gp) -> bool { - return gp.lock() != goal; - }); -} - -template -static void removeGoal(std::shared_ptr goal, std::map>::ChildNode> & goalMap); - -template -static void removeGoal(std::shared_ptr goal, std::map>::ChildNode> & goalMap) -{ - /* !!! inefficient */ - cullMap(goalMap, [&](DerivedPathMap>::ChildNode & node) -> bool { - if (node.value.lock() == goal) - node.value.reset(); - removeGoal(goal, node.childMap); - return !node.value.expired() || !node.childMap.empty(); - }); + for (auto i = goalMap.begin(); + i != goalMap.end(); ) + if (i->second.lock() == goal) { + auto j = i; ++j; + goalMap.erase(i); + i = j; + } + else ++i; } void Worker::removeGoal(GoalPtr goal) { - if (auto drvGoal = std::dynamic_pointer_cast(goal)) - nix::removeGoal(drvGoal, outerDerivationGoals.map); - else if (auto drvGoal = std::dynamic_pointer_cast(goal)) + if (auto drvGoal = std::dynamic_pointer_cast(goal)) nix::removeGoal(drvGoal, derivationGoals); else if (auto subGoal = std::dynamic_pointer_cast(goal)) @@ -253,9 +215,6 @@ void Worker::childStarted(GoalPtr goal, const std::set 0); nrLocalBuilds--; break; - case JobCategory::Administration: - /* Intentionally not limited, see docs */ - break; default: unreachable(); } @@ -334,9 +290,9 @@ void Worker::run(const Goals & _topGoals) for (auto & i : _topGoals) { topGoals.insert(i); - if (auto goal = dynamic_cast(i.get())) { + if (auto goal = dynamic_cast(i.get())) { topPaths.push_back(DerivedPath::Built { - .drvPath = goal->drvReq, + .drvPath = makeConstantStorePathRef(goal->drvPath), .outputs = goal->wantedOutputs, }); } else @@ -596,22 +552,4 @@ GoalPtr upcast_goal(std::shared_ptr subGoal) return subGoal; } -GoalPtr upcast_goal(std::shared_ptr subGoal) -{ - return subGoal; -} - -std::optional, std::reference_wrapper>> tryGetConcreteDrvGoal(GoalPtr waitee) -{ - auto * odg = dynamic_cast(&*waitee); - if (!odg) return std::nullopt; - /* If we failed to obtain the concrete drv, we won't have created - the concrete derivation goal. */ - if (!odg->concreteDrvGoal) return std::nullopt; - return {{ - std::cref(*odg->concreteDrvGoal), - std::cref(*odg->drvReq), - }}; -} - } diff --git a/src/libstore/build/worker.hh b/src/libstore/build/worker.hh index efd518f9995..f5e61720807 100644 --- a/src/libstore/build/worker.hh +++ b/src/libstore/build/worker.hh @@ -3,7 +3,6 @@ #include "types.hh" #include "store-api.hh" -#include "derived-path-map.hh" #include "goal.hh" #include "realisation.hh" #include "muxable-pipe.hh" @@ -14,7 +13,6 @@ namespace nix { /* Forward definition. */ -struct DerivationCreationAndRealisationGoal; struct DerivationGoal; struct PathSubstitutionGoal; class DrvOutputSubstitutionGoal; @@ -33,25 +31,9 @@ class DrvOutputSubstitutionGoal; */ GoalPtr upcast_goal(std::shared_ptr subGoal); GoalPtr upcast_goal(std::shared_ptr subGoal); -GoalPtr upcast_goal(std::shared_ptr subGoal); typedef std::chrono::time_point steady_time_point; -/** - * The current implementation of impure derivations has - * `DerivationGoal`s accumulate realisations from their waitees. - * Unfortunately, `DerivationGoal`s don't directly depend on other - * goals, but instead depend on `DerivationCreationAndRealisationGoal`s. - * - * We try not to share any of the details of any goal type with any - * other, for sake of modularity and quicker rebuilds. This means we - * cannot "just" downcast and fish out the field. So as an escape hatch, - * we have made the function, written in `worker.cc` where all the goal - * types are visible, and use it instead. - */ - -std::optional, std::reference_wrapper>> tryGetConcreteDrvGoal(GoalPtr waitee); - /** * A mapping used to remember for each child process to what goal it * belongs, and comm channels for receiving log data and output @@ -121,9 +103,6 @@ private: * Maps used to prevent multiple instantiations of a goal for the * same derivation / path. */ - - DerivedPathMap> outerDerivationGoals; - std::map> derivationGoals; std::map> substitutionGoals; std::map> drvOutputSubstitutionGoals; @@ -217,9 +196,6 @@ public: * @ref DerivationGoal "derivation goal" */ private: - std::shared_ptr makeDerivationCreationAndRealisationGoal( - ref drvPath, - const OutputsSpec & wantedOutputs, BuildMode buildMode = bmNormal); std::shared_ptr makeDerivationGoalCommon( const StorePath & drvPath, const OutputsSpec & wantedOutputs, std::function()> mkDrvGoal); diff --git a/src/libstore/derived-path-map.cc b/src/libstore/derived-path-map.cc index 0095a9d7814..c97d52773eb 100644 --- a/src/libstore/derived-path-map.cc +++ b/src/libstore/derived-path-map.cc @@ -52,7 +52,6 @@ typename DerivedPathMap::ChildNode * DerivedPathMap::findSlot(const Single // instantiations -#include "derivation-creation-and-realisation-goal.hh" namespace nix { template<> @@ -69,7 +68,4 @@ std::strong_ordering DerivedPathMap>::ChildNode::operator template struct DerivedPathMap>::ChildNode; template struct DerivedPathMap>; -template struct DerivedPathMap>; - - }; diff --git a/src/libstore/derived-path-map.hh b/src/libstore/derived-path-map.hh index 61e0b5463e1..bd60fe88710 100644 --- a/src/libstore/derived-path-map.hh +++ b/src/libstore/derived-path-map.hh @@ -21,11 +21,8 @@ namespace nix { * * @param V A type to instantiate for each output. It should probably * should be an "optional" type so not every interior node has to have a - * value. For example, the scheduler uses - * `DerivedPathMap>` to - * remember which goals correspond to which outputs. `* const Something` - * or `std::optional` would also be good choices for - * "optional" types. + * value. `* const Something` or `std::optional` would be + * good choices for "optional" types. */ template struct DerivedPathMap { diff --git a/src/libstore/meson.build b/src/libstore/meson.build index 899ba33fe59..496c5b10da7 100644 --- a/src/libstore/meson.build +++ b/src/libstore/meson.build @@ -183,7 +183,6 @@ sources = files( 'binary-cache-store.cc', 'build-result.cc', 'build/derivation-goal.cc', - 'build/derivation-creation-and-realisation-goal.cc', 'build/drv-output-substitution-goal.cc', 'build/entry-points.cc', 'build/goal.cc', @@ -257,7 +256,6 @@ headers = [config_h] + files( 'binary-cache-store.hh', 'build-result.hh', 'build/derivation-goal.hh', - 'build/derivation-creation-and-realisation-goal.hh', 'build/drv-output-substitution-goal.hh', 'build/goal.hh', 'build/substitution-goal.hh', diff --git a/tests/functional/dyn-drv/build-built-drv.sh b/tests/functional/dyn-drv/build-built-drv.sh index fcb25a34b45..647be945716 100644 --- a/tests/functional/dyn-drv/build-built-drv.sh +++ b/tests/functional/dyn-drv/build-built-drv.sh @@ -18,9 +18,4 @@ clearStore drvDep=$(nix-instantiate ./text-hashed-output.nix -A producingDrv) -# Store layer needs bugfix -requireDaemonNewerThan "2.27pre20250205" - -out2=$(nix build "${drvDep}^out^out" --no-link) - -test $out1 == $out2 +expectStderr 1 nix build "${drvDep}^out^out" --no-link | grepQuiet "Building dynamic derivations in one shot is not yet implemented" diff --git a/tests/functional/dyn-drv/dep-built-drv-2.sh b/tests/functional/dyn-drv/dep-built-drv-2.sh index 531af6bf762..3247720af76 100644 --- a/tests/functional/dyn-drv/dep-built-drv-2.sh +++ b/tests/functional/dyn-drv/dep-built-drv-2.sh @@ -13,4 +13,4 @@ restartDaemon NIX_BIN_DIR="$(dirname "$(type -p nix)")" export NIX_BIN_DIR -nix build -L --file ./non-trivial.nix --no-link +expectStderr 1 nix build -L --file ./non-trivial.nix --no-link | grepQuiet "Building dynamic derivations in one shot is not yet implemented" diff --git a/tests/functional/dyn-drv/dep-built-drv.sh b/tests/functional/dyn-drv/dep-built-drv.sh index 9d470099a0f..4f6e9b080fa 100644 --- a/tests/functional/dyn-drv/dep-built-drv.sh +++ b/tests/functional/dyn-drv/dep-built-drv.sh @@ -4,11 +4,8 @@ source common.sh out1=$(nix-build ./text-hashed-output.nix -A hello --no-out-link) -# Store layer needs bugfix -requireDaemonNewerThan "2.27pre20250205" - clearStore -out2=$(nix-build ./text-hashed-output.nix -A wrapper --no-out-link) +expectStderr 1 nix-build ./text-hashed-output.nix -A wrapper --no-out-link | grepQuiet "Building dynamic derivations in one shot is not yet implemented" -diff -r $out1 $out2 +# diff -r $out1 $out2 diff --git a/tests/functional/dyn-drv/failing-outer.sh b/tests/functional/dyn-drv/failing-outer.sh index d888ea876e6..fbad7070133 100644 --- a/tests/functional/dyn-drv/failing-outer.sh +++ b/tests/functional/dyn-drv/failing-outer.sh @@ -5,6 +5,8 @@ source common.sh # Store layer needs bugfix requireDaemonNewerThan "2.27pre20250205" +skipTest "dyn drv input scheduling had to be reverted for 2.27" + expected=100 if [[ -v NIX_DAEMON_PACKAGE ]]; then expected=1; fi # work around the daemon not returning a 100 status correctly From 288c5b0abd217b1d247e1c8787ea19da0a511251 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 28 Feb 2025 16:16:53 +0100 Subject: [PATCH 245/815] Include DeterminateNix in the User-Agent header The User-Agent now shows `curl/8.11.0 Nix/2.26.3 DeterminateNix/3.0.0`. This is useful for distinguishing Determinate Nix from upstream Nix in binary cache logs. --- src/libstore/filetransfer.cc | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/libstore/filetransfer.cc b/src/libstore/filetransfer.cc index 932e1d75684..28a437e5641 100644 --- a/src/libstore/filetransfer.cc +++ b/src/libstore/filetransfer.cc @@ -324,7 +324,9 @@ struct curlFileTransfer : public FileTransfer curl_easy_setopt(req, CURLOPT_MAXREDIRS, 10); curl_easy_setopt(req, CURLOPT_NOSIGNAL, 1); curl_easy_setopt(req, CURLOPT_USERAGENT, - ("curl/" LIBCURL_VERSION " Nix/" + nixVersion + + ("curl/" LIBCURL_VERSION + " Nix/" + nixVersion + + " DeterminateNix/" + determinateNixVersion + (fileTransferSettings.userAgentSuffix != "" ? " " + fileTransferSettings.userAgentSuffix.get() : "")).c_str()); #if LIBCURL_VERSION_NUM >= 0x072b00 curl_easy_setopt(req, CURLOPT_PIPEWAIT, 1); From d8606f96eebc18947c5e5318162726c1ba225cc5 Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Fri, 28 Feb 2025 17:40:32 +0100 Subject: [PATCH 246/815] packaging/everything.nix: Use a multi-output derivation This should fix a few packaging regressions. `dev` also includes a merged `includes/`, which may be helpful until inter-component includes are fixed properly. (cherry picked from commit 41085295ab3717b5ec8d348307dd4c9c1d378846) --- packaging/everything.nix | 216 +++++++++++++++++++++++---------------- 1 file changed, 130 insertions(+), 86 deletions(-) diff --git a/packaging/everything.nix b/packaging/everything.nix index 0974a34df50..c9ad26823b8 100644 --- a/packaging/everything.nix +++ b/packaging/everything.nix @@ -1,6 +1,7 @@ { lib, stdenv, + lndir, buildEnv, nix-util, @@ -38,7 +39,6 @@ nix-perl-bindings, testers, - runCommand, }: let @@ -119,92 +119,136 @@ let }; in -(buildEnv { - name = "nix-${nix-cli.version}"; - paths = [ - nix-cli - nix-manual.man +stdenv.mkDerivation (finalAttrs: { + pname = "nix"; + version = nix-cli.version; + + /** + This package uses a multi-output derivation, even though some outputs could + have been provided directly by the constituent component that provides it. + + This is because not all tooling handles packages composed of arbitrary + outputs yet. This includes nix itself, https://github.com/NixOS/nix/issues/6507. + + `devdoc` is also available, but not listed here, because this attribute is + not an output of the same derivation that provides `out`, `dev`, etc. + */ + outputs = [ + "out" + "dev" + "doc" + "man" ]; - meta.mainProgram = "nix"; -}).overrideAttrs - ( - finalAttrs: prevAttrs: { - doCheck = true; - doInstallCheck = true; - - checkInputs = - [ - # Make sure the unit tests have passed - nix-util-tests.tests.run - nix-store-tests.tests.run - nix-expr-tests.tests.run - nix-fetchers-tests.tests.run - nix-flake-tests.tests.run - - # Make sure the functional tests have passed - nix-functional-tests - - # dev bundle is ok - # (checkInputs must be empty paths??) - (runCommand "check-pkg-config" { checked = dev.tests.pkg-config; } "mkdir $out") - ] - ++ lib.optionals - (!stdenv.hostPlatform.isStatic && stdenv.buildPlatform.canExecute stdenv.hostPlatform) - [ - # Perl currently fails in static build - # TODO: Split out tests into a separate derivation? - nix-perl-bindings - ]; - passthru = prevAttrs.passthru // { - inherit (nix-cli) version; - - /** - These are the libraries that are part of the Nix project. They are used - by the Nix CLI and other tools. - - If you need to use these libraries in your project, we recommend to use - the `-c` C API libraries exclusively, if possible. - - We also recommend that you build the complete package to ensure that the unit tests pass. - You could do this in CI, or by passing it in an unused environment variable. e.g in a `mkDerivation` call: - - ```nix - buildInputs = [ nix.libs.nix-util-c nix.libs.nix-store-c ]; - # Make sure the nix libs we use are ok - unusedInputsForTests = [ nix ]; - disallowedReferences = nix.all; - ``` - */ - inherit libs; - - tests = prevAttrs.passthru.tests or { } // { - # TODO: create a proper fixpoint and: - # pkg-config = - # testers.hasPkgConfigModules { - # package = finalPackage; - # }; - }; + /** + Unpacking is handled in this package's constituent components + */ + dontUnpack = true; + /** + Building is handled in this package's constituent components + */ + dontBuild = true; + + /** + `doCheck` controles whether tests are added as build gate for the combined package. + This includes both the unit tests and the functional tests, but not the + integration tests that run in CI (the flake's `hydraJobs` and some of the `checks`). + */ + doCheck = true; + + /** + `fixupPhase` currently doesn't understand that a symlink output isn't writable. + + We don't compile or link anything in this derivation, so fixups aren't needed. + */ + dontFixup = true; + + checkInputs = + [ + # Make sure the unit tests have passed + nix-util-tests.tests.run + nix-store-tests.tests.run + nix-expr-tests.tests.run + nix-fetchers-tests.tests.run + nix-flake-tests.tests.run + + # Make sure the functional tests have passed + nix-functional-tests + ] + ++ lib.optionals + (!stdenv.hostPlatform.isStatic && stdenv.buildPlatform.canExecute stdenv.hostPlatform) + [ + # Perl currently fails in static build + # TODO: Split out tests into a separate derivation? + nix-perl-bindings + ]; - /** - A derivation referencing the `dev` outputs of the Nix libraries. - */ - inherit dev; - inherit devdoc; - doc = nix-manual; - outputs = [ - "out" - "dev" - "devdoc" - "doc" - ]; - all = lib.attrValues ( - lib.genAttrs finalAttrs.passthru.outputs (outName: finalAttrs.finalPackage.${outName}) - ); - }; - meta = prevAttrs.meta // { - description = "The Nix package manager"; - pkgConfigModules = dev.meta.pkgConfigModules; + nativeBuildInputs = [ + lndir + ]; + + installPhase = + let + devPaths = lib.mapAttrsToList (_k: lib.getDev) finalAttrs.finalPackage.libs; + in + '' + mkdir -p $out $dev $doc $man + + # Merged outputs + lndir ${nix-cli} $out + for lib in ${lib.escapeShellArgs devPaths}; do + lndir $lib $dev + done + + # Forwarded outputs + ln -s ${nix-manual} $doc + ln -s ${nix-manual.man} $man + ''; + + passthru = { + inherit (nix-cli) version; + + /** + These are the libraries that are part of the Nix project. They are used + by the Nix CLI and other tools. + + If you need to use these libraries in your project, we recommend to use + the `-c` C API libraries exclusively, if possible. + + We also recommend that you build the complete package to ensure that the unit tests pass. + You could do this in CI, or by passing it in an unused environment variable. e.g in a `mkDerivation` call: + + ```nix + buildInputs = [ nix.libs.nix-util-c nix.libs.nix-store-c ]; + # Make sure the nix libs we use are ok + unusedInputsForTests = [ nix ]; + disallowedReferences = nix.all; + ``` + */ + inherit libs; + + /** + Developer documentation for `nix`, in `share/doc/nix/{internal,external}-api/`. + + This is not a proper output; see `outputs` for context. + */ + inherit devdoc; + + /** + Extra tests that test this package, but do not run as part of the build. + See + */ + tests = { + pkg-config = testers.hasPkgConfigModules { + package = finalAttrs.finalPackage; }; - } - ) + }; + }; + + meta = { + mainProgram = "nix"; + description = "The Nix package manager"; + pkgConfigModules = dev.meta.pkgConfigModules; + }; + +}) From 7e7e9d9eabeb63905ba477c6521a47366530efa1 Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Fri, 28 Feb 2025 17:40:32 +0100 Subject: [PATCH 247/815] packaging/everything.nix: Use a multi-output derivation This should fix a few packaging regressions. `dev` also includes a merged `includes/`, which may be helpful until inter-component includes are fixed properly. (cherry picked from commit 41085295ab3717b5ec8d348307dd4c9c1d378846) --- packaging/everything.nix | 216 +++++++++++++++++++++++---------------- 1 file changed, 130 insertions(+), 86 deletions(-) diff --git a/packaging/everything.nix b/packaging/everything.nix index 0974a34df50..c9ad26823b8 100644 --- a/packaging/everything.nix +++ b/packaging/everything.nix @@ -1,6 +1,7 @@ { lib, stdenv, + lndir, buildEnv, nix-util, @@ -38,7 +39,6 @@ nix-perl-bindings, testers, - runCommand, }: let @@ -119,92 +119,136 @@ let }; in -(buildEnv { - name = "nix-${nix-cli.version}"; - paths = [ - nix-cli - nix-manual.man +stdenv.mkDerivation (finalAttrs: { + pname = "nix"; + version = nix-cli.version; + + /** + This package uses a multi-output derivation, even though some outputs could + have been provided directly by the constituent component that provides it. + + This is because not all tooling handles packages composed of arbitrary + outputs yet. This includes nix itself, https://github.com/NixOS/nix/issues/6507. + + `devdoc` is also available, but not listed here, because this attribute is + not an output of the same derivation that provides `out`, `dev`, etc. + */ + outputs = [ + "out" + "dev" + "doc" + "man" ]; - meta.mainProgram = "nix"; -}).overrideAttrs - ( - finalAttrs: prevAttrs: { - doCheck = true; - doInstallCheck = true; - - checkInputs = - [ - # Make sure the unit tests have passed - nix-util-tests.tests.run - nix-store-tests.tests.run - nix-expr-tests.tests.run - nix-fetchers-tests.tests.run - nix-flake-tests.tests.run - - # Make sure the functional tests have passed - nix-functional-tests - - # dev bundle is ok - # (checkInputs must be empty paths??) - (runCommand "check-pkg-config" { checked = dev.tests.pkg-config; } "mkdir $out") - ] - ++ lib.optionals - (!stdenv.hostPlatform.isStatic && stdenv.buildPlatform.canExecute stdenv.hostPlatform) - [ - # Perl currently fails in static build - # TODO: Split out tests into a separate derivation? - nix-perl-bindings - ]; - passthru = prevAttrs.passthru // { - inherit (nix-cli) version; - - /** - These are the libraries that are part of the Nix project. They are used - by the Nix CLI and other tools. - - If you need to use these libraries in your project, we recommend to use - the `-c` C API libraries exclusively, if possible. - - We also recommend that you build the complete package to ensure that the unit tests pass. - You could do this in CI, or by passing it in an unused environment variable. e.g in a `mkDerivation` call: - - ```nix - buildInputs = [ nix.libs.nix-util-c nix.libs.nix-store-c ]; - # Make sure the nix libs we use are ok - unusedInputsForTests = [ nix ]; - disallowedReferences = nix.all; - ``` - */ - inherit libs; - - tests = prevAttrs.passthru.tests or { } // { - # TODO: create a proper fixpoint and: - # pkg-config = - # testers.hasPkgConfigModules { - # package = finalPackage; - # }; - }; + /** + Unpacking is handled in this package's constituent components + */ + dontUnpack = true; + /** + Building is handled in this package's constituent components + */ + dontBuild = true; + + /** + `doCheck` controles whether tests are added as build gate for the combined package. + This includes both the unit tests and the functional tests, but not the + integration tests that run in CI (the flake's `hydraJobs` and some of the `checks`). + */ + doCheck = true; + + /** + `fixupPhase` currently doesn't understand that a symlink output isn't writable. + + We don't compile or link anything in this derivation, so fixups aren't needed. + */ + dontFixup = true; + + checkInputs = + [ + # Make sure the unit tests have passed + nix-util-tests.tests.run + nix-store-tests.tests.run + nix-expr-tests.tests.run + nix-fetchers-tests.tests.run + nix-flake-tests.tests.run + + # Make sure the functional tests have passed + nix-functional-tests + ] + ++ lib.optionals + (!stdenv.hostPlatform.isStatic && stdenv.buildPlatform.canExecute stdenv.hostPlatform) + [ + # Perl currently fails in static build + # TODO: Split out tests into a separate derivation? + nix-perl-bindings + ]; - /** - A derivation referencing the `dev` outputs of the Nix libraries. - */ - inherit dev; - inherit devdoc; - doc = nix-manual; - outputs = [ - "out" - "dev" - "devdoc" - "doc" - ]; - all = lib.attrValues ( - lib.genAttrs finalAttrs.passthru.outputs (outName: finalAttrs.finalPackage.${outName}) - ); - }; - meta = prevAttrs.meta // { - description = "The Nix package manager"; - pkgConfigModules = dev.meta.pkgConfigModules; + nativeBuildInputs = [ + lndir + ]; + + installPhase = + let + devPaths = lib.mapAttrsToList (_k: lib.getDev) finalAttrs.finalPackage.libs; + in + '' + mkdir -p $out $dev $doc $man + + # Merged outputs + lndir ${nix-cli} $out + for lib in ${lib.escapeShellArgs devPaths}; do + lndir $lib $dev + done + + # Forwarded outputs + ln -s ${nix-manual} $doc + ln -s ${nix-manual.man} $man + ''; + + passthru = { + inherit (nix-cli) version; + + /** + These are the libraries that are part of the Nix project. They are used + by the Nix CLI and other tools. + + If you need to use these libraries in your project, we recommend to use + the `-c` C API libraries exclusively, if possible. + + We also recommend that you build the complete package to ensure that the unit tests pass. + You could do this in CI, or by passing it in an unused environment variable. e.g in a `mkDerivation` call: + + ```nix + buildInputs = [ nix.libs.nix-util-c nix.libs.nix-store-c ]; + # Make sure the nix libs we use are ok + unusedInputsForTests = [ nix ]; + disallowedReferences = nix.all; + ``` + */ + inherit libs; + + /** + Developer documentation for `nix`, in `share/doc/nix/{internal,external}-api/`. + + This is not a proper output; see `outputs` for context. + */ + inherit devdoc; + + /** + Extra tests that test this package, but do not run as part of the build. + See + */ + tests = { + pkg-config = testers.hasPkgConfigModules { + package = finalAttrs.finalPackage; }; - } - ) + }; + }; + + meta = { + mainProgram = "nix"; + description = "The Nix package manager"; + pkgConfigModules = dev.meta.pkgConfigModules; + }; + +}) From f278a631b08acc93626b8e5f73b78ef7e91b6b46 Mon Sep 17 00:00:00 2001 From: John Ericson Date: Mon, 10 Feb 2025 01:08:00 -0500 Subject: [PATCH 248/815] Expand manual on derivation outputs Note, this includes some text adapted from from Eelco's dissertation (cherry picked from commit 2aa6e0f08499ff580ae78ba4b3ec1410a10a67f1) --- .gitignore | 2 +- doc/manual/source/SUMMARY.md.in | 5 +- doc/manual/source/glossary.md | 6 +- .../source/language/advanced-attributes.md | 263 +++++++++--------- doc/manual/source/language/derivations.md | 10 +- doc/manual/source/store/building.md | 2 +- .../store/{drv.md => derivation/index.md} | 41 +-- .../derivation/outputs/content-address.md | 192 +++++++++++++ .../source/store/derivation/outputs/index.md | 97 +++++++ .../store/derivation/outputs/input-address.md | 31 +++ .../store/store-object/content-address.md | 29 +- src/libexpr/primops.cc | 4 +- 12 files changed, 508 insertions(+), 174 deletions(-) rename doc/manual/source/store/{drv.md => derivation/index.md} (89%) create mode 100644 doc/manual/source/store/derivation/outputs/content-address.md create mode 100644 doc/manual/source/store/derivation/outputs/index.md create mode 100644 doc/manual/source/store/derivation/outputs/input-address.md diff --git a/.gitignore b/.gitignore index 337a7c15450..9c46912406f 100644 --- a/.gitignore +++ b/.gitignore @@ -14,7 +14,7 @@ /tests/functional/lang/*.err /tests/functional/lang/*.ast -outputs/ +/outputs *~ diff --git a/doc/manual/source/SUMMARY.md.in b/doc/manual/source/SUMMARY.md.in index 6dff2c206b6..3e7e961cbb5 100644 --- a/doc/manual/source/SUMMARY.md.in +++ b/doc/manual/source/SUMMARY.md.in @@ -22,7 +22,10 @@ - [Store Object](store/store-object.md) - [Content-Addressing Store Objects](store/store-object/content-address.md) - [Store Path](store/store-path.md) - - [Store Derivation and Deriving Path](store/drv.md) + - [Store Derivation and Deriving Path](store/derivation/index.md) + - [Derivation Outputs and Types of Derivations](store/derivation/outputs/index.md) + - [Content-addressing derivation outputs](store/derivation/outputs/content-address.md) + - [Input-addressing derivation outputs](store/derivation/outputs/input-address.md) - [Building](store/building.md) - [Store Types](store/types/index.md) {{#include ./store/types/SUMMARY.md}} diff --git a/doc/manual/source/glossary.md b/doc/manual/source/glossary.md index a1964070588..db6d18f0efb 100644 --- a/doc/manual/source/glossary.md +++ b/doc/manual/source/glossary.md @@ -22,7 +22,7 @@ - [store derivation]{#gloss-store-derivation} A single build task. - See [Store Derivation](@docroot@/store/drv.md#store-derivation) for details. + See [Store Derivation](@docroot@/store/derivation/index.md#store-derivation) for details. [store derivation]: #gloss-store-derivation @@ -30,7 +30,7 @@ A [store path] which uniquely identifies a [store derivation]. - See [Referencing Store Derivations](@docroot@/store/drv.md#derivation-path) for details. + See [Referencing Store Derivations](@docroot@/store/derivation/index.md#derivation-path) for details. Not to be confused with [deriving path]. @@ -252,7 +252,7 @@ Deriving paths are a way to refer to [store objects][store object] that might not yet be [realised][realise]. - See [Deriving Path](./store/drv.md#deriving-path) for details. + See [Deriving Path](./store/derivation/index.md#deriving-path) for details. Not to be confused with [derivation path]. diff --git a/doc/manual/source/language/advanced-attributes.md b/doc/manual/source/language/advanced-attributes.md index c384e956af6..0722386c4cf 100644 --- a/doc/manual/source/language/advanced-attributes.md +++ b/doc/manual/source/language/advanced-attributes.md @@ -99,8 +99,8 @@ Derivations can declare some infrequently used optional attributes. to make it use the proxy server configuration specified by the user in the environment variables `http_proxy` and friends. - This attribute is only allowed in *fixed-output derivations* (see - below), where impurities such as these are okay since (the hash + This attribute is only allowed in [fixed-output derivations][fixed-output derivation], + where impurities such as these are okay since (the hash of) the output is known in advance. It is ignored for all other derivations. @@ -119,135 +119,6 @@ Derivations can declare some infrequently used optional attributes. [`impure-env`](@docroot@/command-ref/conf-file.md#conf-impure-env) configuration setting. - - [`outputHash`]{#adv-attr-outputHash}; [`outputHashAlgo`]{#adv-attr-outputHashAlgo}; [`outputHashMode`]{#adv-attr-outputHashMode}\ - These attributes declare that the derivation is a so-called *fixed-output derivation* (FOD), which means that a cryptographic hash of the output is already known in advance. - - As opposed to regular derivations, the [`builder`] executable of a fixed-output derivation has access to the network. - Nix computes a cryptographic hash of its output and compares that to the hash declared with these attributes. - If there is a mismatch, the derivation fails. - - The rationale for fixed-output derivations is derivations such as - those produced by the `fetchurl` function. This function downloads a - file from a given URL. To ensure that the downloaded file has not - been modified, the caller must also specify a cryptographic hash of - the file. For example, - - ```nix - fetchurl { - url = "http://ftp.gnu.org/pub/gnu/hello/hello-2.1.1.tar.gz"; - sha256 = "1md7jsfd8pa45z73bz1kszpp01yw6x5ljkjk2hx7wl800any6465"; - } - ``` - - It sometimes happens that the URL of the file changes, e.g., because - servers are reorganised or no longer available. We then must update - the call to `fetchurl`, e.g., - - ```nix - fetchurl { - url = "ftp://ftp.nluug.nl/pub/gnu/hello/hello-2.1.1.tar.gz"; - sha256 = "1md7jsfd8pa45z73bz1kszpp01yw6x5ljkjk2hx7wl800any6465"; - } - ``` - - If a `fetchurl` derivation was treated like a normal derivation, the - output paths of the derivation and *all derivations depending on it* - would change. For instance, if we were to change the URL of the - Glibc source distribution in Nixpkgs (a package on which almost all - other packages depend) massive rebuilds would be needed. This is - unfortunate for a change which we know cannot have a real effect as - it propagates upwards through the dependency graph. - - For fixed-output derivations, on the other hand, the name of the - output path only depends on the `outputHash*` and `name` attributes, - while all other attributes are ignored for the purpose of computing - the output path. (The `name` attribute is included because it is - part of the path.) - - As an example, here is the (simplified) Nix expression for - `fetchurl`: - - ```nix - { stdenv, curl }: # The curl program is used for downloading. - - { url, sha256 }: - - stdenv.mkDerivation { - name = baseNameOf (toString url); - builder = ./builder.sh; - buildInputs = [ curl ]; - - # This is a fixed-output derivation; the output must be a regular - # file with SHA256 hash sha256. - outputHashMode = "flat"; - outputHashAlgo = "sha256"; - outputHash = sha256; - - inherit url; - } - ``` - - The `outputHash` attribute must be a string containing the hash in either hexadecimal or "nix32" encoding, or following the format for integrity metadata as defined by [SRI](https://www.w3.org/TR/SRI/). - The "nix32" encoding is an adaptation of base-32 encoding. - The [`convertHash`](@docroot@/language/builtins.md#builtins-convertHash) function shows how to convert between different encodings, and the [`nix-hash` command](../command-ref/nix-hash.md) has information about obtaining the hash for some contents, as well as converting to and from encodings. - - The `outputHashAlgo` attribute specifies the hash algorithm used to compute the hash. - It can currently be `"blake3", "sha1"`, `"sha256"`, `"sha512"`, or `null`. - `outputHashAlgo` can only be `null` when `outputHash` follows the SRI format. - - The `outputHashMode` attribute determines how the hash is computed. - It must be one of the following values: - - - [`"flat"`](@docroot@/store/store-object/content-address.md#method-flat) - - This is the default. - - - [`"recursive"` or `"nar"`](@docroot@/store/store-object/content-address.md#method-nix-archive) - - > **Compatibility** - > - > `"recursive"` is the traditional way of indicating this, - > and is supported since 2005 (virtually the entire history of Nix). - > `"nar"` is more clear, and consistent with other parts of Nix (such as the CLI), - > however support for it is only added in Nix version 2.21. - - - [`"text"`](@docroot@/store/store-object/content-address.md#method-text) - - > **Warning** - > - > The use of this method for derivation outputs is part of the [`dynamic-derivations`][xp-feature-dynamic-derivations] experimental feature. - - - [`"git"`](@docroot@/store/store-object/content-address.md#method-git) - - > **Warning** - > - > This method is part of the [`git-hashing`][xp-feature-git-hashing] experimental feature. - - - [`__contentAddressed`]{#adv-attr-__contentAddressed} - - > **Warning** - > This attribute is part of an [experimental feature](@docroot@/development/experimental-features.md). - > - > To use this attribute, you must enable the - > [`ca-derivations`][xp-feature-ca-derivations] experimental feature. - > For example, in [nix.conf](../command-ref/conf-file.md) you could add: - > - > ``` - > extra-experimental-features = ca-derivations - > ``` - - If this attribute is set to `true`, then the derivation - outputs will be stored in a content-addressed location rather than the - traditional input-addressed one. - - Setting this attribute also requires setting - [`outputHashMode`](#adv-attr-outputHashMode) - and - [`outputHashAlgo`](#adv-attr-outputHashAlgo) - like for *fixed-output derivations* (see above). - - It also implicitly requires that the machine to build the derivation must have the `ca-derivations` [system feature](@docroot@/command-ref/conf-file.md#conf-system-features). - - [`passAsFile`]{#adv-attr-passAsFile}\ A list of names of attributes that should be passed via files rather than environment variables. For example, if you have @@ -370,6 +241,134 @@ Derivations can declare some infrequently used optional attributes. ensures that the derivation can only be built on a machine with the `kvm` feature. -[xp-feature-ca-derivations]: @docroot@/development/experimental-features.md#xp-feature-ca-derivations +## Setting the derivation type + +As discussed in [Derivation Outputs and Types of Derivations](@docroot@/store/derivation/outputs/index.md), there are multiples kinds of derivations / kinds of derivation outputs. +The choice of the following attributes determines which kind of derivation we are making. + +- [`__contentAddressed`] + +- [`outputHash`] + +- [`outputHashAlgo`] + +- [`outputHashMode`] + +The three types of derivations are chosen based on the following combinations of these attributes. +All other combinations are invalid. + +- [Input-addressing derivations](@docroot@/store/derivation/outputs/input-address.md) + + This is the default for `builtins.derivation`. + Nix only currently supports one kind of input-addressing, so no other information is needed. + + `__contentAddressed = false;` may also be included, but is not needed, and will trigger the experimental feature check. + +- [Fixed-output derivations][fixed-output derivation] + + All of [`outputHash`], [`outputHashAlgo`], and [`outputHashMode`]. + + + +- [(Floating) content-addressing derivations](@docroot@/store/derivation/outputs/content-address.md) + + Both [`outputHashAlgo`] and [`outputHashMode`], `__contentAddressed = true;`, and *not* `outputHash`. + + If an output hash was given, then the derivation output would be "fixed" not "floating". + +Here is more information on the `output*` attributes, and what values they may be set to: + + - [`outputHashMode`]{#adv-attr-outputHashMode} + + This specifies how the files of a content-addressing derivation output are digested to produce a content address. + + This works in conjunction with [`outputHashAlgo`](#adv-attr-outputHashAlgo). + Specifying one without the other is an error (unless [`outputHash` is also specified and includes its own hash algorithm as described below). + + The `outputHashMode` attribute determines how the hash is computed. + It must be one of the following values: + + - [`"flat"`](@docroot@/store/store-object/content-address.md#method-flat) + + This is the default. + + - [`"recursive"` or `"nar"`](@docroot@/store/store-object/content-address.md#method-nix-archive) + + > **Compatibility** + > + > `"recursive"` is the traditional way of indicating this, + > and is supported since 2005 (virtually the entire history of Nix). + > `"nar"` is more clear, and consistent with other parts of Nix (such as the CLI), + > however support for it is only added in Nix version 2.21. + + - [`"text"`](@docroot@/store/store-object/content-address.md#method-text) + + > **Warning** + > + > The use of this method for derivation outputs is part of the [`dynamic-derivations`][xp-feature-dynamic-derivations] experimental feature. + + - [`"git"`](@docroot@/store/store-object/content-address.md#method-git) + + > **Warning** + > + > This method is part of the [`git-hashing`][xp-feature-git-hashing] experimental feature. + + See [content-addressing store objects](@docroot@/store/store-object/content-address.md) for more information about the process this flag controls. + + - [`outputHashAlgo`]{#adv-attr-outputHashAlgo} + + This specifies the hash alorithm used to digest the [file system object] data of a content-addressing derivation output. + + This works in conjunction with [`outputHashMode`](#adv-attr-outputHashAlgo). + Specifying one without the other is an error (unless [`outputHash` is also specified and includes its own hash algorithm as described below). + + The `outputHashAlgo` attribute specifies the hash algorithm used to compute the hash. + It can currently be `"blake3"`, "sha1"`, `"sha256"`, `"sha512"`, or `null`. + + `outputHashAlgo` can only be `null` when `outputHash` follows the SRI format, because in that case the choice of hash algorithm is determined by `outputHash`. + + - [`outputHash`]{#adv-attr-outputHashAlgo}; [`outputHash`]{#adv-attr-outputHashMode}\ + + This will specify the output hash of the single output of a [fixed-output derivation]. + + The `outputHash` attribute must be a string containing the hash in either hexadecimal or "nix32" encoding, or following the format for integrity metadata as defined by [SRI](https://www.w3.org/TR/SRI/). + The "nix32" encoding is an adaptation of base-32 encoding. + + > **Note** + > + > The [`convertHash`](@docroot@/language/builtins.md#builtins-convertHash) function shows how to convert between different encodings. + > The [`nix-hash` command](../command-ref/nix-hash.md) has information about obtaining the hash for some contents, as well as converting to and from encodings. + + - [`__contentAddressed`]{#adv-attr-__contentAddressed} + + > **Warning** + > + > This attribute is part of an [experimental feature](@docroot@/development/experimental-features.md). + > + > To use this attribute, you must enable the + > [`ca-derivations`][xp-feature-ca-derivations] experimental feature. + > For example, in [nix.conf](../command-ref/conf-file.md) you could add: + > + > ``` + > extra-experimental-features = ca-derivations + > ``` + + This is a boolean with a default of `false`. + It determines whether the derivation is floating content-addressing. + +[`__contentAddressed`]: #adv-attr-__contentAddressed +[`outputHash`]: #adv-attr-outputHash +[`outputHashAlgo`]: #adv-attr-outputHashAlgo +[`outputHashMode`]: #adv-attr-outputHashMode + +[fixed-output derivation]: @docroot@/glossary.md#gloss-fixed-output-derivation +[file system object]: @docroot@/store/file-system-object.md +[store object]: @docroot@/store/store-object.md [xp-feature-dynamic-derivations]: @docroot@/development/experimental-features.md#xp-feature-dynamic-derivations [xp-feature-git-hashing]: @docroot@/development/experimental-features.md#xp-feature-git-hashing diff --git a/doc/manual/source/language/derivations.md b/doc/manual/source/language/derivations.md index 0f9284e9844..43eec680bbc 100644 --- a/doc/manual/source/language/derivations.md +++ b/doc/manual/source/language/derivations.md @@ -1,7 +1,7 @@ # Derivations The most important built-in function is `derivation`, which is used to describe a single store-layer [store derivation]. -Consult the [store chapter](@docroot@/store/drv.md) for what a store derivation is; +Consult the [store chapter](@docroot@/store/derivation/index.md) for what a store derivation is; this section just concerns how to create one from the Nix language. This builtin function takes as input an attribute set, the attributes of which specify the inputs to the process. @@ -16,7 +16,7 @@ It outputs an attribute set, and produces a [store derivation] as a side effect - [`name`]{#attr-name} ([String](@docroot@/language/types.md#type-string)) A symbolic name for the derivation. - See [derivation outputs](@docroot@/store/drv.md#outputs) for what this is affects. + See [derivation outputs](@docroot@/store/derivation/index.md#outputs) for what this is affects. [store path]: @docroot@/store/store-path.md @@ -34,7 +34,7 @@ It outputs an attribute set, and produces a [store derivation] as a side effect - [`system`]{#attr-system} ([String](@docroot@/language/types.md#type-string)) - See [system](@docroot@/store/drv.md#system). + See [system](@docroot@/store/derivation/index.md#system). > **Example** > @@ -64,7 +64,7 @@ It outputs an attribute set, and produces a [store derivation] as a side effect - [`builder`]{#attr-builder} ([Path](@docroot@/language/types.md#type-path) | [String](@docroot@/language/types.md#type-string)) - See [builder](@docroot@/store/drv.md#builder). + See [builder](@docroot@/store/derivation/index.md#builder). > **Example** > @@ -113,7 +113,7 @@ It outputs an attribute set, and produces a [store derivation] as a side effect Default: `[ ]` - See [args](@docroot@/store/drv.md#args). + See [args](@docroot@/store/derivation/index.md#args). > **Example** > diff --git a/doc/manual/source/store/building.md b/doc/manual/source/store/building.md index 79808273edc..feefa8e3fda 100644 --- a/doc/manual/source/store/building.md +++ b/doc/manual/source/store/building.md @@ -10,7 +10,7 @@ ## Builder Execution -The [`builder`](./drv.md#builder) is executed as follows: +The [`builder`](./derivation/index.md#builder) is executed as follows: - A temporary directory is created under the directory specified by `TMPDIR` (default `/tmp`) where the build will take place. The diff --git a/doc/manual/source/store/drv.md b/doc/manual/source/store/derivation/index.md similarity index 89% rename from doc/manual/source/store/drv.md rename to doc/manual/source/store/derivation/index.md index 83ca80aaabd..42cfa67f5b9 100644 --- a/doc/manual/source/store/drv.md +++ b/doc/manual/source/store/derivation/index.md @@ -9,15 +9,24 @@ This is where Nix distinguishes itself. ## Store Derivation {#store-derivation} -A derivation is a specification for running an executable on precisely defined input files to repeatably produce output files at uniquely determined file system paths. +A derivation is a specification for running an executable on precisely defined input to produce on more [store objects][store object]. +These store objects are known as the derivation's *outputs*. + +Derivations are *built*, in which case the process is spawned according to the spec, and when it exits, required to leave behind files which will (after post-processing) become the outputs of the derivation. +This process is described in detail in [Building](@docroot@/store/building.md). + + A derivation consists of: - A name - - A set of [*inputs*][inputs], a set of [deriving paths][deriving path] + - An [inputs specification][inputs], a set of [deriving paths][deriving path] - - A map of [*outputs*][outputs], from names to other data + - An [outputs specification][outputs], specifying which outputs should be produced, and various metadata about them. - The ["system" type][system] (e.g. `x86_64-linux`) where the executable is to run. @@ -26,8 +35,8 @@ A derivation consists of: [store derivation]: #store-derivation [inputs]: #inputs [input]: #inputs -[outputs]: #outputs -[output]: #outputs +[outputs]: ./outputs/index.md +[output]: ./outputs/index.md [process creation fields]: #process-creation-fields [builder]: #builder [args]: #args @@ -89,28 +98,6 @@ The [process creation fields] will presumably include many [store paths][store p But rather than somehow scanning all the other fields for inputs, Nix requires that all inputs be explicitly collected in the inputs field. It is instead the responsibility of the creator of a derivation (e.g. the evaluator) to ensure that every store object referenced in another field (e.g. referenced by store path) is included in this inputs field. -### Outputs {#outputs} - -The outputs are the derivations are the [store objects][store object] it is obligated to produce. - -Outputs are assigned names, and also consistent of other information based on the type of derivation. - -Output names can be any string which is also a valid [store path] name. -The store path of the output store object (also called an [output path] for short), has a name based on the derivation name and the output name. -In the general case, store paths have name `derivationName + "-" + outputName`. -However, an output named "out" has a store path with name is just the derivation name. -This is to allow derivations with a single output to avoid a superfluous `"-${outputName}"` in their single output's name when no disambiguation is needed. - -> **Example** -> -> A derivation is named `hello`, and has two outputs, `out`, and `dev` -> -> - The derivation's path will be: `/nix/store/-hello.drv`. -> -> - The store path of `out` will be: `/nix/store/-hello`. -> -> - The store path of `dev` will be: `/nix/store/-hello-dev`. - ### System {#system} The system type on which the [`builder`](#attr-builder) executable is meant to be run. diff --git a/doc/manual/source/store/derivation/outputs/content-address.md b/doc/manual/source/store/derivation/outputs/content-address.md new file mode 100644 index 00000000000..21e940bc2a8 --- /dev/null +++ b/doc/manual/source/store/derivation/outputs/content-address.md @@ -0,0 +1,192 @@ +# Content-addressing derivation outputs + +The content-addressing of an output only depends on that store object itself, not any other information external (such has how it was made, when it was made, etc.). +As a consequence, a store object will be content-addressed the same way regardless of whether it was manually inserted into the store, outputted by some derivation, or outputted by a some other derivation. + +The output spec for a content-addressed output must contains the following field: + +- *method*: how the data of the store object is digested into a content address + +The possible choices of *method* are described in the [section on content-addressing store objects](@docroot@/store/store-object/content-address.md). +Given the method, the output's name (computed from the derivation name and output spec mapping as described above), and the data of the store object, the output's store path will be computed as described in that section. + +## Fixed-output content-addressing {#fixed} + +In this case the content-address of the *fixed* in advanced by the derivation itself. +In other words, when the derivation has finished [building](@docroot@/store/building.md), and the provisional output' content-address is computed as part of the process to turn it into a *bona fide* store object, the calculated content address must much that given in the derivation, or the build of that derivation will be deemed a failure. + +The output spec for an output with a fixed content addresses additionally contains: + +- *hash*, the hash expected from digesting the store object's file system objects. + This hash may be of a freely-chosen hash algorithm (that Nix supports) + +> **Design note** +> +> In principle, the output spec could also specify the references the store object should have, since the references and file system objects are equally parts of a content-addressed store object proper that contribute to its content-addressed. +> However, at this time, the references are not not done because all fixed content-addressed outputs are required to have no references (including no self-reference). +> +> Also in principle, rather than specifying the references and file system object data with separate hashes, a single hash that constraints both could be used. +> This could be done with the final store path's digest, or better yet, the hash that will become the store path's digest before it is truncated. +> +> These possible future extensions are included to elucidate the core property of fixed-output content addressing --- that all parts of the output must be cryptographically fixed with one or more hashes --- separate from the particulars of the currently-supported store object content-addressing schemes. + +### Design rationale + +What is the purpose of fixing an output's content address in advanced? +In abstract terms, the answer is carefully controlled impurity. +Unlike a regular derivation, the [builder] executable of a derivation that produced fixed outputs has access to the network. +The outputs' guaranteed content-addresses are supposed to mitigate the risk of the builder being given these capabilities; +regardless of what the builder does *during* the build, it cannot influence downstream builds in unanticipated ways because all information it passed downstream flows through the outputs whose content-addresses are fixed. + +[builder]: @docroot@/store/derivation/index.md#builder + +In concrete terms, the purpose of this feature is fetching fixed input data like source code from the network. +For example, consider a family of "fetch URL" derivations. +These derivations download files from given URL. +To ensure that the downloaded file has not been modified, each derivation must also specify a cryptographic hash of the file. +For example, + +```jsonc +{ + "outputs: { + "out": { + "method": "nar", + "hashAlgo": "sha256", + "hash: "1md7jsfd8pa45z73bz1kszpp01yw6x5ljkjk2hx7wl800any6465", + }, + }, + "env": { + "url": "http://ftp.gnu.org/pub/gnu/hello/hello-2.1.1.tar.gz" + // ... + }, + // ... +} +``` + +It sometimes happens that the URL of the file changes, +e.g., because servers are reorganised or no longer available. +In these cases, we then must update the call to `fetchurl`, e.g., + +```diff + "env": { +- "url": "http://ftp.gnu.org/pub/gnu/hello/hello-2.1.1.tar.gz" ++ "url": "ftp://ftp.nluug.nl/pub/gnu/hello/hello-2.1.1.tar.gz" + // ... + }, +``` + +If a `fetchurl` derivation's outputs were [input-addressed][input addressing], the output paths of the derivation and of *all derivations depending on it* would change. +For instance, if we were to change the URL of the Glibc source distribution in Nixpkgs (a package on which almost all other packages depend on Linux) massive rebuilds would be needed. +This is unfortunate for a change which we know cannot have a real effect as it propagates upwards through the dependency graph. + +For content-addressed outputs (fixed or floating), on the other hand, the outputs' store path only depends on the derivation's name, data, and the `method` of the outputs' specs. +The rest of the derivation is ignored for the purpose of computing the output path. + +> **History Note** +> +> Fixed content-addressing is especially important both today and historically as the *only* form of content-addressing that is stabilized. +> This is why the rationale above contrasts it with [input addressing]. + +## (Floating) Content-Addressing {#floating} + +> **Warning** +> This is part of an [experimental feature](@docroot@/development/experimental-features.md). +> +> To use this type of output addressing, you must enable the +> [`ca-derivations`][xp-feature-ca-derivations] experimental feature. +> For example, in [nix.conf](@docroot@/command-ref/conf-file.md) you could add: +> +> ``` +> extra-experimental-features = ca-derivations +> ``` + +With this experimemental feature enabled, derivation outputs can also be content-addressed *without* fixing in the output spec what the outputs' content address must be. + +### Purity + +Because the derivation output is not fixed (just like with [input addressing]), the [builder] is not given any impure capabilities [^purity]. + +> **Configuration note** +> +> Strictly speaking, the extent to which sandboxing and deprivilaging is possible varies with the environment Nix is running in. +> Nix's configuration settings indicate what level of sandboxing is required or enabled. +> Builds of derivations will fail if they request an absense of sandboxing which is not allowed. +> Builds of derivations will also fail if the level of sandboxing specified in the configure exceeds what is possible in teh given environment. +> +> (The "environment", in this case, consists of attributes such as the Operating System Nix runs atop, along with the operating-system-specific privilages that Nix has been granted. +> Because of how conventional operating systems like macos, Linux, etc. work, granting builders *fewer* privilages may ironically require that Nix be run with *more* privilages.) + +That said, derivations producing floating content-addressed outputs may declare their builders as impure (like the builders of derivations producing producing fixed outputs). +This is provisionally supported as part of the [`impure-derivations`][xp-feature-impure-derivations] experimental feature. + +### Compatibility negotiation + +Any derivation producing a floating content-addresssed output implicitly requires the `ca-derivations` [system feature](@docroot@/command-ref/conf-file.md#conf-system-features). +This prevents scheduling the building of the derivation on a machine without the experimental feature enabled. +Even once the experimental feature is stabilized, this is still useful in order to be allow using remote builder running odler versions of Nix, or alternative implementations that do not support floating content addressing. + +### Determinism + +In the earlier [discussion of how self-references are handled when content-addressing store objects](@docroot@/store/store-object/content-address.html#self-references), it was pointed out that methods of producing store objects ought to be deterministic regardless of the choice of provisional store path. +For store objects produced by manually inserting into the store to create a store object, the "method of production" is an informally concept --- formally, Nix has no idea where the store object came from, and content-addressing is crucial in order to ensure that the derivation is *intrinsically* tamper-proof. +But for store objects produced by derivation, the "method is quite formal" --- the whole point of derivations is to be a formal notion of building, after all. +In this case, we can elevate this informal property to a formal one. + +A *determinstic* content-addressing derivation should produce outputs with the same content addresses: + +1. Every time the builder is run + + This is because either the builder is completely sandboxed, or because all any remaining impurities that leak inside the build sandbox are ignored by the builder and do not influence its behavior. + +2. Regardless of the choice of any provisional outputs paths + + Provisional store paths must be chosen for any output that has a self-reference. + The choice of provisional store path can be thought of as an impurity, since it is an arbitrary choice. + + If provisional outputs paths are deterministically chosen, we are in the first branch of part (1). + The builder the data it produces based on it in arbitrary ways, but this gets us closer to to [input addressing]. + Deterministically choosing the provisional path may be considered "complete sandboxing" by removing an impurity, but this is unsatisfactory + + + + If provisional outputs paths are randomly chosen, we are in the second branch of part (1). + The builder *must* not let the random input affect the final outputs it produces, and multiple builds may be performed and the compared in order to ensure that this is in fact the case. + +### Floating versus Fixed + +While the destinction between content- and input-addressing is one of *mechanism*, the distinction between fixed and floating content addression is more one of *policy*. +A fixed output that passes its content address check is just like a floating output. +It is only in the potential for that check to fail that they are different. + +> **Design Note** +> +> In a future world where floating content-addressing is also stable, we in principle no longer need separate [fixed](#fixed) content-addressing. +> Instead, we could always use floating content-addressing, and separately assert the precise value content address of a given store object to be used as an input (of another derivation). +> A stand-alone assertion object of this sort is not yet implemented, but its possible creation is tracked in [Issue #11955](https://github.com/NixOS/nix/issues/11955). +> +> In the current version of Nix, fixed outputs which fail their hash check are still registered as valid store objects, just not registered as outputs of the derivation which produced them. +> This is an optimization that means if the wrong output hash is specified in a derivation, and then the derivation is recreated with the right output hash, derivation does not need to be rebuilt --- avoiding downloading potentially large amounts of data twice. +> This optimisation prefigures the design above: +> If the output hash assertion was removed outside the derivation itself, Nix could additionally not only register that outputted store object like today, but could also make note that derivation did in fact successfully download some data. +For example, for the "fetch URL" example above, making such a note is tantamount to recording what data is available at the time of download at the given URL. +> It would only be when Nix subsequently tries to build something with that (refining our example) downloaded source code that Nix would be forced to check the output hash assertion, preventing it from e.g. building compromised malware. +> +> Recapping, Nix would +> +> 1. successfully download data +> 2. insert that data into the store +> 3. associate (presumably with some sort of expiration policy) the downloaded data with the derivation that downloaded it +> +> But only use the downloaded store object in subsequent derivations that depended upon the assertion if the assertion passed. +> +> This possible future extension is included to illustrate this distinction: + +[input addressing]: ./input-address.md +[xp-feature-ca-derivations]: @docroot@/development/experimental-features.md#xp-feature-ca-derivations +[xp-feature-git-hashing]: @docroot@/development/experimental-features.md#xp-feature-git-hashing +[xp-feature-impure-derivations]: @docroot@/development/experimental-features.md#xp-feature-impure-derivations diff --git a/doc/manual/source/store/derivation/outputs/index.md b/doc/manual/source/store/derivation/outputs/index.md new file mode 100644 index 00000000000..15070a18f05 --- /dev/null +++ b/doc/manual/source/store/derivation/outputs/index.md @@ -0,0 +1,97 @@ +# Derivation Outputs and Types of Derivations + +As stated on the [main pages on derivations](../index.md#store-derivation), +a derivation produces [store objects], which are known as the *outputs* of the derivation. +Indeed, the entire point of derivations is to produce these outputs, and to reliably and reproducably produce these derivations each time the derivation is run. + +One of the parts of a derivation is its *outputs specification*, which specifies certain information about the outputs the derivation produces when run. +The outputs specification is a map, from names to specifications for individual outputs. + +## Output Names {#outputs} + +Output names can be any string which is also a valid [store path] name. +The name mapped to each output specification is not actually the name of the output. +In the general case, the output store object has name `derivationName + "-" + outputSpecName`, not any other metadata about it. +However, an output spec named "out" describes and output store object whose name is just the derivation name. + +> **Example** +> +> A derivation is named `hello`, and has two outputs, `out`, and `dev` +> +> - The derivation's path will be: `/nix/store/-hello.drv`. +> +> - The store path of `out` will be: `/nix/store/-hello`. +> +> - The store path of `dev` will be: `/nix/store/-hello-dev`. + +The outputs are the derivations are the [store objects][store object] it is obligated to produce. + +> **Note** +> +> The formal terminology here is somewhat at adds with everyday communication in the Nix community today. +> "output" in casual usage tends to refer to either to the actual output store object, or the notional output spec, depending on context. +> +> For example "hello's `dev` output" means the store object referred to by the store path `/nix/store/-hello-dev`. +> It is unusual to call this the "`hello-dev` output", even though `hello-dev` is the actual name of that store object. + +## Types of output addressing + +The main information contained in an output specification is how the derivation output is addressed. +In particular, the specification decides: + +- whether the output is [content-addressed](./content-address.md) or [input-addressed](./input-address.md) + +- if the content is content-addressed, how is it content addressed + +- if the content is content-addressed, [what is its content address](./content-address.md#fixed-content-addressing) (and thus what is its [store path]) + +## Types of derivations + +The sections on each type of derivation output addressing ended up discussing other attributes of the derivation besides its outputs, such as purity, scheduling, determinism, etc. +This is no concidence; for the type of a derivation is in fact one-for-one with the type of its outputs: + +- A derivation that produces *xyz-addressed* outputs is an *xyz-addressing* derivations. + +The rules for this are fairly concise: + +- All the outputs must be of the same type / use the same addressing + + - The derivation must have at least one output + + - Additionally, if the outputs are fixed content-addressed, there must be exactly one output, whose specification is mapped from the name `out`. + (The name `out` is special, according to the rules described above. + Having only one output and calling its specification `out` means the single output is effectively anonymous; the store path just has the derivation name.) + + (This is an arbitrary restriction that could be lifted.) + +- The output is either *fixed* or *floating*, indicating whether the its store path is known prior to building it. + + - With fixed content-addressing it is fixed. + + > A *fixed content-addressing* derivation is also called a *fixed-output derivation*, since that is the only currently-implemented form of fixed-output addressing + + - With floating content-addressing or input-addressing it is floating. + + > Thus, historically with Nix, with no experimental features enabled, *all* outputs are fixed. + +- The derivation may be *pure* or *impure*, indicating what read access to the outside world the [builder](../index.md#builder) has. + + - An input-addressing derivation *must* be pure. + + > If it is impure, we would have a large problem, because an input-addressed derivation always produces outputs with the same paths. + + + - A content-addressing derivation may be pure or impure + + - If it is impure, it may be be fixed (typical), or it may be floating if the additional [`impure-derivations`][xp-feature-impure-derivations] experimental feature is enabled. + + - If it is pure, it must be floating. + + - Pure, fixed content-addressing derivations are not suppported + + > There is no use for this forth combination. + > The sole purpose of an output's store path being fixed is to support the derivation being impure. + +[xp-feature-ca-derivations]: @docroot@/development/experimental-features.md#xp-feature-ca-derivations +[xp-feature-git-hashing]: @docroot@/development/experimental-features.md#xp-feature-git-hashing +[xp-feature-impure-derivations]: @docroot@/development/experimental-features.md#xp-feature-impure-derivations diff --git a/doc/manual/source/store/derivation/outputs/input-address.md b/doc/manual/source/store/derivation/outputs/input-address.md new file mode 100644 index 00000000000..54d9437d9e1 --- /dev/null +++ b/doc/manual/source/store/derivation/outputs/input-address.md @@ -0,0 +1,31 @@ +# Input-addressing derivation outputs + +[input addressing]: #input-addressing + +"Input addressing" means the address the store object by the *way it was made* rather than *what it is*. +That is to say, an input-addressed output's store path is a function not of the output itself, but the derivation that produced it. +Even if two store paths have the same contents, if they are produced in different ways, and one is input-addressed, then they will have different store paths, and thus guaranteed to not be the same store object. + + + +[xp-feature-ca-derivations]: @docroot@/development/experimental-features.md#xp-feature-ca-derivations +[xp-feature-git-hashing]: @docroot@/development/experimental-features.md#xp-feature-git-hashing +[xp-feature-impure-derivations]: @docroot@/development/experimental-features.md#xp-feature-impure-derivations diff --git a/doc/manual/source/store/store-object/content-address.md b/doc/manual/source/store/store-object/content-address.md index 02dce283650..38a000d0460 100644 --- a/doc/manual/source/store/store-object/content-address.md +++ b/doc/manual/source/store/store-object/content-address.md @@ -24,13 +24,17 @@ For the full specification of the algorithms involved, see the [specification of ### File System Objects -With all currently supported store object content addressing methods, the file system object is always [content-addressed][fso-ca] first, and then that hash is incorporated into content address computation for the store object. +With all currently-supported store object content-addressing methods, the file system object is always [content-addressed][fso-ca] first, and then that hash is incorporated into content address computation for the store object. ### References +#### References to other store object#### References to other store objectss + With all currently supported store object content addressing methods, other objects are referred to by their regular (string-encoded-) [store paths][Store Path]. +#### Self-references + Self-references however cannot be referred to by their path, because we are in the midst of describing how to compute that path! > The alternative would require finding as hash function fixed point, i.e. the solution to an equation in the form @@ -40,7 +44,28 @@ Self-references however cannot be referred to by their path, because we are in t > which is computationally infeasible. > As far as we know, this is equivalent to finding a hash collision. -Instead we just have a "has self reference" boolean, which will end up affecting the digest. +Instead we have a "has self reference" boolean, which end up affecting the digest: +In all currently-supported store object content-addressing methods, when hashing the file system object data, any occurence of store objects own store path in the digested data is replaced with a [sentinal value](https://en.wikipedia.org/wiki/Sentinel_value). +The hashes of these modified input streams are used instead. + +When validating the content-address of a store object after the fact, the above process works as written. +However, when first creating the store object we don't know the store object's store path, as explained just above. +We therefore, strictly speaking, do not know what value we will be replacing with the sentinental value in the inputs to hash functions. +What instead happens is that the provisional store object --- the data from which we wish to create a store object --- is paired with a provisional "scratch" store path (that presumably was choosen when the data was created). +That provisional store path is instead what is replaced with the sentinal value, rather than the final store object which we do not yet know. + +> **Design note** +> +> It is an informal property of content-addressed store objects that the choice of provisional store path should not matter. +> In other words, if a provisional store object is prepared in the same way except for the choice of provision store path, the provisional data need not be identical. +> But, after the sentinal value is substituted in place of each provisional store object's provision store path, the final so-normalized data *should* be identifical. +> +> If, conversely, the data after this normalization process is still different, we'll compute a different content-address. +> The method of preparing the provisional self-referenced data has *failed* to be deterministic in the sense of not *leaking* the choice of provisional store path --- a choice which is supposed to be arbitrary --- into the final store object. +> +> This property is informal because at this stage, we are just described store objects, which have no formal notion of their origin. +> Without such a formal notion, there is nothing to formally accuse of being insufficiently deterministic. +> Later in this chapter, when we cover [derivations](@docroot@/store/derivation/index.md), we will have a chance to make this a formal property, not of content-addressed store objects themselves, but of derivations that *produce* content-addressed store objects. ### Name and Store Directory diff --git a/src/libexpr/primops.cc b/src/libexpr/primops.cc index a2ea029eab8..54682ea318f 100644 --- a/src/libexpr/primops.cc +++ b/src/libexpr/primops.cc @@ -1595,7 +1595,7 @@ static RegisterPrimOp primop_placeholder({ .args = {"output"}, .doc = R"( Return at - [output placeholder string](@docroot@/store/drv.md#output-placeholder) + [output placeholder string](@docroot@/store/derivation/index.md#output-placeholder) for the specified *output* that will be substituted by the corresponding [output path](@docroot@/glossary.md#gloss-output-path) at build time. @@ -2139,7 +2139,7 @@ static RegisterPrimOp primop_outputOf({ .args = {"derivation-reference", "output-name"}, .doc = R"( Return the output path of a derivation, literally or using an - [input placeholder string](@docroot@/store/drv.md#input-placeholder) + [input placeholder string](@docroot@/store/derivation/index.md#input-placeholder) if needed. If the derivation has a statically-known output path (i.e. the derivation output is input-addressed, or fixed content-addresed), the output path will just be returned. From 8b9d401fe4dd3fc73b19c94c26d274124de44a29 Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Mon, 3 Mar 2025 19:09:24 +0100 Subject: [PATCH 249/815] manual: Edit (cherry picked from commit 1e00d14c29b4ec1fce709968cf3adb071681d4fa) --- .../advanced-topics/distributed-builds.md | 4 ++- doc/manual/source/glossary.md | 20 ++++++++++++++- doc/manual/source/protocols/store-path.md | 2 +- doc/manual/source/store/building.md | 5 +++- doc/manual/source/store/derivation/index.md | 25 +++++++++++-------- .../derivation/outputs/content-address.md | 4 +-- .../store/derivation/outputs/input-address.md | 2 +- .../store/store-object/content-address.md | 20 +++++++-------- 8 files changed, 55 insertions(+), 27 deletions(-) diff --git a/doc/manual/source/advanced-topics/distributed-builds.md b/doc/manual/source/advanced-topics/distributed-builds.md index 66e37188840..464b87d6e4e 100644 --- a/doc/manual/source/advanced-topics/distributed-builds.md +++ b/doc/manual/source/advanced-topics/distributed-builds.md @@ -20,7 +20,7 @@ For a local machine to forward a build to a remote machine, the remote machine m ## Testing -To test connecting to a remote Nix instance (in this case `mac`), run: +To test connecting to a remote [Nix instance] (in this case `mac`), run: ```console nix store info --store ssh://username@mac @@ -106,3 +106,5 @@ file included in `builders` via the syntax `@/path/to/file`. For example, causes the list of machines in `/etc/nix/machines` to be included. (This is the default.) + +[Nix instance]: @docroot@/glossary.md#gloss-nix-instance \ No newline at end of file diff --git a/doc/manual/source/glossary.md b/doc/manual/source/glossary.md index db6d18f0efb..6a7501200d6 100644 --- a/doc/manual/source/glossary.md +++ b/doc/manual/source/glossary.md @@ -1,5 +1,13 @@ # Glossary +- [build system]{#gloss-build-system} + + Generic term for software that facilitates the building of software by automating the invocation of compilers, linkers, and other tools. + + Nix can be used as a generic build system. + It has no knowledge of any particular programming language or toolchain. + These details are specified in [derivation expressions](#gloss-derivation-expression). + - [content address]{#gloss-content-address} A @@ -19,6 +27,10 @@ Besides content addressing, the Nix store also uses [input addressing](#gloss-input-addressed-store-object). +- [content-addressed storage]{#gloss-content-addressed-store} + + The industry term for storage and retrieval systems using [content addressing](#gloss-content-address). A Nix store also has [input addressing](#gloss-input-addressed-store-object), and metadata. + - [store derivation]{#gloss-store-derivation} A single build task. @@ -88,6 +100,12 @@ [store]: #gloss-store +- [Nix instance]{#gloss-nix-instance} + + 1. An installation of Nix, which includes the presence of a [store], and the Nix package manager which operates on that store. + A local Nix installation and a [remote builder](@docroot@/advanced-topics/distributed-builds.md) are two examples of Nix instances. + 2. A running Nix process, such as the `nix` command. + - [binary cache]{#gloss-binary-cache} A *binary cache* is a Nix store which uses a different format: its @@ -220,7 +238,7 @@ directly or indirectly “reachable” from that store path; that is, it’s the closure of the path under the *references* relation. For a package, the closure of its derivation is equivalent to the - build-time dependencies, while the closure of its output path is + build-time dependencies, while the closure of its [output path] is equivalent to its runtime dependencies. For correct deployment it is necessary to deploy whole closures, since otherwise at runtime files could be missing. The command `nix-store --query --requisites ` prints out diff --git a/doc/manual/source/protocols/store-path.md b/doc/manual/source/protocols/store-path.md index 8ec6f8201ff..9abd83f4f91 100644 --- a/doc/manual/source/protocols/store-path.md +++ b/doc/manual/source/protocols/store-path.md @@ -53,7 +53,7 @@ where method of content addressing store objects, if the hash algorithm is [SHA-256]. Just like in the "Text" case, we can have the store objects referenced by their paths. - Additionally, we can have an optional `:self` label to denote self reference. + Additionally, we can have an optional `:self` label to denote self-reference. - ```ebnf | "output:" id diff --git a/doc/manual/source/store/building.md b/doc/manual/source/store/building.md index feefa8e3fda..dbfe6b5ca10 100644 --- a/doc/manual/source/store/building.md +++ b/doc/manual/source/store/building.md @@ -54,7 +54,7 @@ The [`builder`](./derivation/index.md#builder) is executed as follows: it’s `out`.) - If an output path already exists, it is removed. Also, locks are - acquired to prevent multiple Nix instances from performing the same + acquired to prevent multiple [Nix instances][Nix instance] from performing the same build at the same time. - A log of the combined standard output and error is written to @@ -95,3 +95,6 @@ If the builder exited successfully, the following steps happen in order to turn Nix also scans for references to other outputs' paths in the same way, because outputs are allowed to refer to each other. If the outputs' references to each other form a cycle, this is an error, because the references of store objects much be acyclic. + + +[Nix instance]: @docroot@/glossary.md#gloss-nix-instance diff --git a/doc/manual/source/store/derivation/index.md b/doc/manual/source/store/derivation/index.md index 42cfa67f5b9..911c28485a7 100644 --- a/doc/manual/source/store/derivation/index.md +++ b/doc/manual/source/store/derivation/index.md @@ -1,7 +1,7 @@ # Store Derivation and Deriving Path -Besides functioning as a [content addressed store] the Nix store layer works as a [build system]. -Other system (like Git or IPFS) also store and transfer immutable data, but they don't concern themselves with *how* that data was created. +Besides functioning as a [content-addressed store], the Nix store layer works as a [build system]. +Other systems (like Git or IPFS) also store and transfer immutable data, but they don't concern themselves with *how* that data was created. This is where Nix distinguishes itself. *Derivations* represent individual build steps, and *deriving paths* are needed to refer to the *outputs* of those build steps before they are built. @@ -42,6 +42,8 @@ A derivation consists of: [args]: #args [env]: #env [system]: #system +[content-addressed store]: @docroot@/glossary.md#gloss-content-addressed-store +[build system]: @docroot@/glossary.md#gloss-build-system ### Referencing derivations {#derivation-path} @@ -78,7 +80,7 @@ type DerivingPath = ConstantPath | OutputPath; ``` Deriving paths are necessary because, in general and particularly for [content-addressing derivations][content-addressing derivation], the [store path] of an [output] is not known in advance. -We can use an output deriving path to refer to such an out, instead of the store path which we do not yet know. +We can use an output deriving path to refer to such an output, instead of the store path which we do not yet know. [deriving path]: #deriving-path [validity]: @docroot@/glossary.md#gloss-validity @@ -89,25 +91,26 @@ A derivation is constructed from the parts documented in the following subsectio ### Inputs {#inputs} -The inputs are a set of [deriving paths][deriving path], refering to all store objects needed in order to perform this build step. +The inputs are a set of [deriving paths][deriving path], referring to all store objects needed in order to perform this build step. The [process creation fields] will presumably include many [store paths][store path]: - The path to the executable normally starts with a store path - The arguments and environment variables likely contain many other store paths. -But rather than somehow scanning all the other fields for inputs, Nix requires that all inputs be explicitly collected in the inputs field. It is instead the responsibility of the creator of a derivation (e.g. the evaluator) to ensure that every store object referenced in another field (e.g. referenced by store path) is included in this inputs field. +But rather than somehow scanning all the other fields for inputs, Nix requires that all inputs be explicitly collected in the inputs field. It is instead the responsibility of the creator of a derivation (e.g. the evaluator) to ensure that every store object referenced in another field (e.g. referenced by store path) is included in this inputs field. ### System {#system} The system type on which the [`builder`](#attr-builder) executable is meant to be run. -A necessary condition for Nix to schedule a given derivation on some Nix instance is for the "system" of that derivation to match that instance's [`system` configuration option]. +A necessary condition for Nix to schedule a given derivation on some [Nix instance] is for the "system" of that derivation to match that instance's [`system` configuration option] or [`extra-platforms` configuration option]. By putting the `system` in each derivation, Nix allows *heterogenous* build plans, where not all steps can be run on the same machine or same sort of machine. Nix can schedule builds such that it automatically builds on other platforms by [forwarding build requests](@docroot@/advanced-topics/distributed-builds.md) to other Nix instances. [`system` configuration option]: @docroot@/command-ref/conf-file.md#conf-system +[`extra-platforms` configuration option]: @docroot@/command-ref/conf-file.md#conf-extra-platforms [content-addressing derivation]: @docroot@/glossary.md#gloss-content-addressing-derivation [realise]: @docroot@/glossary.md#gloss-realise @@ -240,14 +243,14 @@ That works because we've implicitly assumed that all derivations are created *st But what if derivations could also be created dynamically within Nix? In other words, what if derivations could be the outputs of other derivations? -:::{.note} -In the parlance of "Build Systems à la carte", we are generalizing the Nix store layer to be a "Monadic" instead of "Applicative" build system. -::: +> **Note** +> +> In the parlance of "Build Systems à la carte", we are generalizing the Nix store layer to be a "Monadic" instead of "Applicative" build system. How should we refer to such derivations? A deriving path works, the same as how we refer to other derivation outputs. But what about a dynamic derivations output? -(i.e. how do we refer to the output of an output of a derivation?) +(i.e. how do we refer to the output of a derivation, which is itself an output of a derivation?) For that we need to generalize the definition of deriving path, replacing the store path used to refer to the derivation with a nested deriving path: ```diff @@ -295,3 +298,5 @@ The result of this is that it is possible to have a chain of `^` at > |------------------------------------------------------------| |-----| > innermost constant store path (usual encoding) output name > ``` + +[Nix instance]: @docroot@/glossary.md#gloss-nix-instance diff --git a/doc/manual/source/store/derivation/outputs/content-address.md b/doc/manual/source/store/derivation/outputs/content-address.md index 21e940bc2a8..4539a5ebaee 100644 --- a/doc/manual/source/store/derivation/outputs/content-address.md +++ b/doc/manual/source/store/derivation/outputs/content-address.md @@ -12,7 +12,7 @@ Given the method, the output's name (computed from the derivation name and outpu ## Fixed-output content-addressing {#fixed} -In this case the content-address of the *fixed* in advanced by the derivation itself. +In this case the content address of the *fixed* in advanced by the derivation itself. In other words, when the derivation has finished [building](@docroot@/store/building.md), and the provisional output' content-address is computed as part of the process to turn it into a *bona fide* store object, the calculated content address must much that given in the derivation, or the build of that derivation will be deemed a failure. The output spec for an output with a fixed content addresses additionally contains: @@ -159,7 +159,7 @@ A *determinstic* content-addressing derivation should produce outputs with the s ### Floating versus Fixed -While the destinction between content- and input-addressing is one of *mechanism*, the distinction between fixed and floating content addression is more one of *policy*. +While the distinction between content- and input-addressing is one of *mechanism*, the distinction between fixed and floating content addressing is more one of *policy*. A fixed output that passes its content address check is just like a floating output. It is only in the potential for that check to fail that they are different. diff --git a/doc/manual/source/store/derivation/outputs/input-address.md b/doc/manual/source/store/derivation/outputs/input-address.md index 54d9437d9e1..e2e15a801b6 100644 --- a/doc/manual/source/store/derivation/outputs/input-address.md +++ b/doc/manual/source/store/derivation/outputs/input-address.md @@ -3,7 +3,7 @@ [input addressing]: #input-addressing "Input addressing" means the address the store object by the *way it was made* rather than *what it is*. -That is to say, an input-addressed output's store path is a function not of the output itself, but the derivation that produced it. +That is to say, an input-addressed output's store path is a function not of the output itself, but of the derivation that produced it. Even if two store paths have the same contents, if they are produced in different ways, and one is input-addressed, then they will have different store paths, and thus guaranteed to not be the same store object. -[]{#sect-macos-installation-change-store-prefix}[]{#sect-macos-installation-encrypted-volume}[]{#sect-macos-installation-symlink}[]{#sect-macos-installation-recommended-notes} - -We believe we have ironed out how to cleanly support the read-only root file system -on modern macOS. New installs will do this automatically. - -This section previously detailed the situation, options, and trade-offs, -but it now only outlines what the installer does. You don't need to know -this to run the installer, but it may help if you run into trouble: - -- create a new APFS volume for your Nix store -- update `/etc/synthetic.conf` to direct macOS to create a "synthetic" - empty root directory to mount your volume -- specify mount options for the volume in `/etc/fstab` - - `rw`: read-write - - `noauto`: prevent the system from auto-mounting the volume (so the - LaunchDaemon mentioned below can control mounting it, and to avoid - masking problems with that mounting service). - - `nobrowse`: prevent the Nix Store volume from showing up on your - desktop; also keeps Spotlight from spending resources to index - this volume - -- if you have FileVault enabled - - generate an encryption password - - put it in your system Keychain - - use it to encrypt the volume -- create a system LaunchDaemon to mount this volume early enough in the - boot process to avoid problems loading or restoring any programs that - need access to your Nix store - diff --git a/doc/manual/source/quick-start.md b/doc/manual/source/quick-start.md index c8be74e129e..428063f97cc 100644 --- a/doc/manual/source/quick-start.md +++ b/doc/manual/source/quick-start.md @@ -4,7 +4,7 @@ This chapter is for impatient people who don't like reading documentation. For more in-depth information you are kindly referred to subsequent chapters. 1. Install Nix. - We recommend that macOS users use [Determinate.pkg][pkg]. + We recommend that macOS users install Determinate Nix using [Determinate.pkg][pkg]. For Linux and Windows Subsystem for Linux (WSL) users: ```console From e09c7fe22dda3b8fee28f349b2d9fdd1e7fa17e5 Mon Sep 17 00:00:00 2001 From: Luc Perkins Date: Wed, 5 Mar 2025 16:44:21 -0300 Subject: [PATCH 261/815] Update GitHub links --- doc/manual/book.toml.in | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/manual/book.toml.in b/doc/manual/book.toml.in index 7ecbaab0326..f3fd2722f3c 100644 --- a/doc/manual/book.toml.in +++ b/doc/manual/book.toml.in @@ -5,8 +5,8 @@ src = "source" [output.html] additional-css = ["custom.css"] additional-js = ["redirects.js"] -edit-url-template = "https://github.com/NixOS/nix/tree/master/doc/manual/{path}" -git-repository-url = "https://github.com/NixOS/nix" +edit-url-template = "https://github.com/DeterminateSystems/nix-src/tree/master/doc/manual/{path}" +git-repository-url = "https://github.com/DeterminateSystems/nix-src" # Handles replacing @docroot@ with a path to ./source relative to that markdown file, # {{#include handlebars}}, and the @generated@ syntax used within these. it mostly From 6381e065378ec5a97597fbfd1f6c784250743c83 Mon Sep 17 00:00:00 2001 From: Luc Perkins Date: Wed, 5 Mar 2025 16:46:46 -0300 Subject: [PATCH 262/815] Reinstate binary doc --- .../source/command-ref/files/profiles.md | 2 +- .../source/installation/installing-binary.md | 135 ++++++++++++++++++ 2 files changed, 136 insertions(+), 1 deletion(-) create mode 100644 doc/manual/source/installation/installing-binary.md diff --git a/doc/manual/source/command-ref/files/profiles.md b/doc/manual/source/command-ref/files/profiles.md index b5c7378800f..e46e2418b4c 100644 --- a/doc/manual/source/command-ref/files/profiles.md +++ b/doc/manual/source/command-ref/files/profiles.md @@ -67,7 +67,7 @@ By default, this symlink points to: - `$NIX_STATE_DIR/profiles/per-user/root/profile` for `root` The `PATH` environment variable should include `/bin` subdirectory of the profile link (e.g. `~/.nix-profile/bin`) for the user environment to be visible to the user. -The [installer](@docroot@/installation/installing-binary.md) sets this up by default, unless you enable [`use-xdg-base-directories`]. +The installer sets this up by default, unless you enable [`use-xdg-base-directories`]. [`nix-env`]: @docroot@/command-ref/nix-env.md [`nix profile`]: @docroot@/command-ref/new-cli/nix3-profile.md diff --git a/doc/manual/source/installation/installing-binary.md b/doc/manual/source/installation/installing-binary.md new file mode 100644 index 00000000000..0a2d650a97b --- /dev/null +++ b/doc/manual/source/installation/installing-binary.md @@ -0,0 +1,135 @@ +# Installing a Binary Distribution + +> **Updating to macOS 15 Sequoia** +> +> If you recently updated to macOS 15 Sequoia and are getting +> ```console +> error: the user '_nixbld1' in the group 'nixbld' does not exist +> ``` +> when running Nix commands, refer to GitHub issue [NixOS/nix#10892](https://github.com/NixOS/nix/issues/10892) for instructions to fix your installation without reinstalling. + +To install the latest version Nix, run the following command: + +```console +$ curl -L https://nixos.org/nix/install | sh +``` + +This performs the default type of installation for your platform: + +- [Multi-user](#multi-user-installation): + - Linux with systemd and without SELinux + - macOS + +The installer can configured with various command line arguments and environment variables. +To show available command line flags: + +```console +$ curl -L https://nixos.org/nix/install | sh -s -- --help +``` + +To check what it does and how it can be customised further, [download and edit the second-stage installation script](#installing-from-a-binary-tarball). + +# Installing a pinned Nix version from a URL + +Version-specific installation URLs for all Nix versions since 1.11.16 can be found at [releases.nixos.org](https://releases.nixos.org/?prefix=nix/). +The directory for each version contains the corresponding SHA-256 hash. + +All installation scripts are invoked the same way: + +```console +$ export VERSION=2.19.2 +$ curl -L https://releases.nixos.org/nix/nix-$VERSION/install | sh +``` + +# Multi User Installation + +The multi-user Nix installation creates system users and a system service for the Nix daemon. + +Supported systems: + +- Linux running systemd, with SELinux disabled +- macOS + +To explicitly instruct the installer to perform a multi-user installation on your system: + +```console +$ bash <(curl -L https://nixos.org/nix/install) --daemon +``` + +You can run this under your usual user account or `root`. +The script will invoke `sudo` as needed. + +# Installing from a binary tarball + +You can also download a binary tarball that contains Nix and all its dependencies: +- Choose a [version](https://releases.nixos.org/?prefix=nix/) and [system type](../development/building.md#platforms) +- Download and unpack the tarball +- Run the installer + +> **Example** +> +> ```console +> $ pushd $(mktemp -d) +> $ export VERSION=2.19.2 +> $ export SYSTEM=x86_64-linux +> $ curl -LO https://releases.nixos.org/nix/nix-$VERSION/nix-$VERSION-$SYSTEM.tar.xz +> $ tar xfj nix-$VERSION-$SYSTEM.tar.xz +> $ cd nix-$VERSION-$SYSTEM +> $ ./install +> $ popd +> ``` + +The installer can be customised with the environment variables declared in the file named `install-multi-user`. + +## Native packages for Linux distributions + +The Nix community maintains installers for some Linux distributions in their native packaging format(https://nix-community.github.io/nix-installers/). + +# macOS Installation + + +[]{#sect-macos-installation-change-store-prefix}[]{#sect-macos-installation-encrypted-volume}[]{#sect-macos-installation-symlink}[]{#sect-macos-installation-recommended-notes} + +We believe we have ironed out how to cleanly support the read-only root file system +on modern macOS. New installs will do this automatically. + +This section previously detailed the situation, options, and trade-offs, +but it now only outlines what the installer does. You don't need to know +this to run the installer, but it may help if you run into trouble: + +- create a new APFS volume for your Nix store +- update `/etc/synthetic.conf` to direct macOS to create a "synthetic" + empty root directory to mount your volume +- specify mount options for the volume in `/etc/fstab` + - `rw`: read-write + - `noauto`: prevent the system from auto-mounting the volume (so the + LaunchDaemon mentioned below can control mounting it, and to avoid + masking problems with that mounting service). + - `nobrowse`: prevent the Nix Store volume from showing up on your + desktop; also keeps Spotlight from spending resources to index + this volume + +- if you have FileVault enabled + - generate an encryption password + - put it in your system Keychain + - use it to encrypt the volume +- create a system LaunchDaemon to mount this volume early enough in the + boot process to avoid problems loading or restoring any programs that + need access to your Nix store + From c451f60cc7c2e4a7bc1f93b4251196868ccbab95 Mon Sep 17 00:00:00 2001 From: Luc Perkins Date: Wed, 5 Mar 2025 16:51:55 -0300 Subject: [PATCH 263/815] Revamp uninstallation docs --- doc/manual/source/installation/uninstall.md | 151 +------------------- 1 file changed, 5 insertions(+), 146 deletions(-) diff --git a/doc/manual/source/installation/uninstall.md b/doc/manual/source/installation/uninstall.md index 2762edbf43c..e95634c213a 100644 --- a/doc/manual/source/installation/uninstall.md +++ b/doc/manual/source/installation/uninstall.md @@ -1,156 +1,15 @@ # Uninstalling Nix -## Multi User - -Removing a [multi-user installation](./installing-binary.md#multi-user-installation) depends on the operating system. - -### Linux - -If you are on Linux with systemd: - -1. Remove the Nix daemon service: - - ```console - sudo systemctl stop nix-daemon.service - sudo systemctl disable nix-daemon.socket nix-daemon.service - sudo systemctl daemon-reload - ``` - -Remove files created by Nix: +To uninstall Determinate Nix, use the uninstallation utility built into the [Determinate Nix Installer][installer]: ```console -sudo rm -rf /etc/nix /etc/profile.d/nix.sh /etc/tmpfiles.d/nix-daemon.conf /nix ~root/.nix-channels ~root/.nix-defexpr ~root/.nix-profile ~root/.cache/nix +$ /nix/nix-installer uninstall ``` -Remove build users and their group: +If you're certain that you want to uninstall, you can skip the confirmation step: ```console -for i in $(seq 1 32); do - sudo userdel nixbld$i -done -sudo groupdel nixbld +$ /nix/nix-installer uninstall --no-confirm ``` -There may also be references to Nix in - -- `/etc/bash.bashrc` -- `/etc/bashrc` -- `/etc/profile` -- `/etc/zsh/zshrc` -- `/etc/zshrc` - -which you may remove. - -### macOS - -> **Updating to macOS 15 Sequoia** -> -> If you recently updated to macOS 15 Sequoia and are getting -> ```console -> error: the user '_nixbld1' in the group 'nixbld' does not exist -> ``` -> when running Nix commands, refer to GitHub issue [NixOS/nix#10892](https://github.com/NixOS/nix/issues/10892) for instructions to fix your installation without reinstalling. - -1. If system-wide shell initialisation files haven't been altered since installing Nix, use the backups made by the installer: - - ```console - sudo mv /etc/zshrc.backup-before-nix /etc/zshrc - sudo mv /etc/bashrc.backup-before-nix /etc/bashrc - sudo mv /etc/bash.bashrc.backup-before-nix /etc/bash.bashrc - ``` - - Otherwise, edit `/etc/zshrc`, `/etc/bashrc`, and `/etc/bash.bashrc` to remove the lines sourcing `nix-daemon.sh`, which should look like this: - - ```bash - # Nix - if [ -e '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh' ]; then - . '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh' - fi - # End Nix - ``` - -2. Stop and remove the Nix daemon services: - - ```console - sudo launchctl unload /Library/LaunchDaemons/org.nixos.nix-daemon.plist - sudo rm /Library/LaunchDaemons/org.nixos.nix-daemon.plist - sudo launchctl unload /Library/LaunchDaemons/org.nixos.darwin-store.plist - sudo rm /Library/LaunchDaemons/org.nixos.darwin-store.plist - ``` - - This stops the Nix daemon and prevents it from being started next time you boot the system. - -3. Remove the `nixbld` group and the `_nixbuildN` users: - - ```console - sudo dscl . -delete /Groups/nixbld - for u in $(sudo dscl . -list /Users | grep _nixbld); do sudo dscl . -delete /Users/$u; done - ``` - - This will remove all the build users that no longer serve a purpose. - -4. Edit fstab using `sudo vifs` to remove the line mounting the Nix Store volume on `/nix`, which looks like - - ``` - UUID= /nix apfs rw,noauto,nobrowse,suid,owners - ``` - or - - ``` - LABEL=Nix\040Store /nix apfs rw,nobrowse - ``` - - by setting the cursor on the respective line using the arrow keys, and pressing `dd`, and then `:wq` to save the file. - - This will prevent automatic mounting of the Nix Store volume. - -5. Edit `/etc/synthetic.conf` to remove the `nix` line. - If this is the only line in the file you can remove it entirely: - - ```bash - if [ -f /etc/synthetic.conf ]; then - if [ "$(cat /etc/synthetic.conf)" = "nix" ]; then - sudo rm /etc/synthetic.conf - else - sudo vi /etc/synthetic.conf - fi - fi - ``` - - This will prevent the creation of the empty `/nix` directory. - -6. Remove the files Nix added to your system, except for the store: - - ```console - sudo rm -rf /etc/nix /var/root/.nix-profile /var/root/.nix-defexpr /var/root/.nix-channels ~/.nix-profile ~/.nix-defexpr ~/.nix-channels - ``` - - -7. Remove the Nix Store volume: - - ```console - sudo diskutil apfs deleteVolume /nix - ``` - - This will remove the Nix Store volume and everything that was added to the store. - - If the output indicates that the command couldn't remove the volume, you should make sure you don't have an _unmounted_ Nix Store volume. - Look for a "Nix Store" volume in the output of the following command: - - ```console - diskutil list - ``` - - If you _do_ find a "Nix Store" volume, delete it by running `diskutil apfs deleteVolume` with the store volume's `diskXsY` identifier. - - If you get an error that the volume is in use by the kernel, reboot and immediately delete the volume before starting any other process. - -> **Note** -> -> After you complete the steps here, you will still have an empty `/nix` directory. -> This is an expected sign of a successful uninstall. -> The empty `/nix` directory will disappear the next time you reboot. -> -> You do not have to reboot to finish uninstalling Nix. -> The uninstall is complete. -> macOS (Catalina+) directly controls root directories, and its read-only root will prevent you from manually deleting the empty `/nix` mountpoint. +[installer]: https://github.com/DeterminateSystems/nix-installer From 4323868244d0a771c25c21c0e40429dc043c8550 Mon Sep 17 00:00:00 2001 From: Luc Perkins Date: Wed, 5 Mar 2025 16:55:45 -0300 Subject: [PATCH 264/815] Remove links to binary doc --- .../source/installation/installing-binary.md | 135 ------------------ doc/manual/source/installation/uninstall.md | 2 +- doc/manual/source/release-notes/rl-2.19.md | 2 +- 3 files changed, 2 insertions(+), 137 deletions(-) delete mode 100644 doc/manual/source/installation/installing-binary.md diff --git a/doc/manual/source/installation/installing-binary.md b/doc/manual/source/installation/installing-binary.md deleted file mode 100644 index 0a2d650a97b..00000000000 --- a/doc/manual/source/installation/installing-binary.md +++ /dev/null @@ -1,135 +0,0 @@ -# Installing a Binary Distribution - -> **Updating to macOS 15 Sequoia** -> -> If you recently updated to macOS 15 Sequoia and are getting -> ```console -> error: the user '_nixbld1' in the group 'nixbld' does not exist -> ``` -> when running Nix commands, refer to GitHub issue [NixOS/nix#10892](https://github.com/NixOS/nix/issues/10892) for instructions to fix your installation without reinstalling. - -To install the latest version Nix, run the following command: - -```console -$ curl -L https://nixos.org/nix/install | sh -``` - -This performs the default type of installation for your platform: - -- [Multi-user](#multi-user-installation): - - Linux with systemd and without SELinux - - macOS - -The installer can configured with various command line arguments and environment variables. -To show available command line flags: - -```console -$ curl -L https://nixos.org/nix/install | sh -s -- --help -``` - -To check what it does and how it can be customised further, [download and edit the second-stage installation script](#installing-from-a-binary-tarball). - -# Installing a pinned Nix version from a URL - -Version-specific installation URLs for all Nix versions since 1.11.16 can be found at [releases.nixos.org](https://releases.nixos.org/?prefix=nix/). -The directory for each version contains the corresponding SHA-256 hash. - -All installation scripts are invoked the same way: - -```console -$ export VERSION=2.19.2 -$ curl -L https://releases.nixos.org/nix/nix-$VERSION/install | sh -``` - -# Multi User Installation - -The multi-user Nix installation creates system users and a system service for the Nix daemon. - -Supported systems: - -- Linux running systemd, with SELinux disabled -- macOS - -To explicitly instruct the installer to perform a multi-user installation on your system: - -```console -$ bash <(curl -L https://nixos.org/nix/install) --daemon -``` - -You can run this under your usual user account or `root`. -The script will invoke `sudo` as needed. - -# Installing from a binary tarball - -You can also download a binary tarball that contains Nix and all its dependencies: -- Choose a [version](https://releases.nixos.org/?prefix=nix/) and [system type](../development/building.md#platforms) -- Download and unpack the tarball -- Run the installer - -> **Example** -> -> ```console -> $ pushd $(mktemp -d) -> $ export VERSION=2.19.2 -> $ export SYSTEM=x86_64-linux -> $ curl -LO https://releases.nixos.org/nix/nix-$VERSION/nix-$VERSION-$SYSTEM.tar.xz -> $ tar xfj nix-$VERSION-$SYSTEM.tar.xz -> $ cd nix-$VERSION-$SYSTEM -> $ ./install -> $ popd -> ``` - -The installer can be customised with the environment variables declared in the file named `install-multi-user`. - -## Native packages for Linux distributions - -The Nix community maintains installers for some Linux distributions in their native packaging format(https://nix-community.github.io/nix-installers/). - -# macOS Installation - - -[]{#sect-macos-installation-change-store-prefix}[]{#sect-macos-installation-encrypted-volume}[]{#sect-macos-installation-symlink}[]{#sect-macos-installation-recommended-notes} - -We believe we have ironed out how to cleanly support the read-only root file system -on modern macOS. New installs will do this automatically. - -This section previously detailed the situation, options, and trade-offs, -but it now only outlines what the installer does. You don't need to know -this to run the installer, but it may help if you run into trouble: - -- create a new APFS volume for your Nix store -- update `/etc/synthetic.conf` to direct macOS to create a "synthetic" - empty root directory to mount your volume -- specify mount options for the volume in `/etc/fstab` - - `rw`: read-write - - `noauto`: prevent the system from auto-mounting the volume (so the - LaunchDaemon mentioned below can control mounting it, and to avoid - masking problems with that mounting service). - - `nobrowse`: prevent the Nix Store volume from showing up on your - desktop; also keeps Spotlight from spending resources to index - this volume - -- if you have FileVault enabled - - generate an encryption password - - put it in your system Keychain - - use it to encrypt the volume -- create a system LaunchDaemon to mount this volume early enough in the - boot process to avoid problems loading or restoring any programs that - need access to your Nix store - diff --git a/doc/manual/source/installation/uninstall.md b/doc/manual/source/installation/uninstall.md index cf8f419b656..385ce2d30ae 100644 --- a/doc/manual/source/installation/uninstall.md +++ b/doc/manual/source/installation/uninstall.md @@ -2,7 +2,7 @@ ## Multi User -Removing a [multi-user installation](./installing-binary.md#multi-user-installation) depends on the operating system. +Removing a multi-user installation depends on the operating system. ### Linux diff --git a/doc/manual/source/release-notes/rl-2.19.md b/doc/manual/source/release-notes/rl-2.19.md index e6a93c7eaae..13e573c1dfc 100644 --- a/doc/manual/source/release-notes/rl-2.19.md +++ b/doc/manual/source/release-notes/rl-2.19.md @@ -69,7 +69,7 @@ This makes it match `nix derivation show`, which also maps store paths to information. -- When Nix is installed using the [binary installer](@docroot@/installation/installing-binary.md), in supported shells (Bash, Zsh, Fish) +- When Nix is installed using the binary installer, in supported shells (Bash, Zsh, Fish) [`XDG_DATA_DIRS`](https://specifications.freedesktop.org/basedir-spec/basedir-spec-latest.html#variables) is now populated with the path to the `/share` subdirectory of the current profile. This means that command completion scripts, `.desktop` files, and similar artifacts installed via [`nix-env`](@docroot@/command-ref/nix-env.md) or [`nix profile`](@docroot@/command-ref/new-cli/nix3-profile.md) (experimental) can be found by any program that follows the [XDG Base Directory Specification](https://specifications.freedesktop.org/basedir-spec/basedir-spec-latest.html). From 42606c16ad7df520feeecca12dfe06ce221f4f43 Mon Sep 17 00:00:00 2001 From: Luc Perkins Date: Wed, 5 Mar 2025 16:59:50 -0300 Subject: [PATCH 265/815] Remove one more reference to binary doc --- src/libexpr/eval-settings.hh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libexpr/eval-settings.hh b/src/libexpr/eval-settings.hh index a8fcce539d7..c61a186c08c 100644 --- a/src/libexpr/eval-settings.hh +++ b/src/libexpr/eval-settings.hh @@ -96,7 +96,7 @@ struct EvalSettings : Config The current state of all channels for the `root` user. - These files are set up by the [Nix installer](@docroot@/installation/installing-binary.md). + These files are set up by the Nix installer. See [`NIX_STATE_DIR`](@docroot@/command-ref/env-common.md#env-NIX_STATE_DIR) for details on the environment variable. > **Note** From e6a6bcbb737d0394795c5032d195304950e88a3d Mon Sep 17 00:00:00 2001 From: Luc Perkins Date: Wed, 5 Mar 2025 17:30:47 -0300 Subject: [PATCH 266/815] Move nix-channel under deprecated commands --- doc/manual/source/SUMMARY.md.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/manual/source/SUMMARY.md.in b/doc/manual/source/SUMMARY.md.in index 612867c2586..45de9de7c5f 100644 --- a/doc/manual/source/SUMMARY.md.in +++ b/doc/manual/source/SUMMARY.md.in @@ -54,6 +54,7 @@ {{#include ./command-ref/new-cli/SUMMARY.md}} - [Deprecated Commands](command-ref/main-commands.md) - [nix-build](command-ref/nix-build.md) + - [nix-channel](command-ref/nix-channel.md) - [nix-shell](command-ref/nix-shell.md) - [nix-store](command-ref/nix-store.md) - [nix-store --add-fixed](command-ref/nix-store/add-fixed.md) @@ -89,7 +90,6 @@ - [nix-env --uninstall](command-ref/nix-env/uninstall.md) - [nix-env --upgrade](command-ref/nix-env/upgrade.md) - [Utilities](command-ref/utilities.md) - - [nix-channel](command-ref/nix-channel.md) - [nix-collect-garbage](command-ref/nix-collect-garbage.md) - [nix-copy-closure](command-ref/nix-copy-closure.md) - [nix-daemon](command-ref/nix-daemon.md) From e2bc5e37744a303152935e09fc895ac3469e2e17 Mon Sep 17 00:00:00 2001 From: Luc Perkins Date: Wed, 5 Mar 2025 17:37:59 -0300 Subject: [PATCH 267/815] Remove default Nix expression doc --- doc/manual/source/SUMMARY.md.in | 1 - 1 file changed, 1 deletion(-) diff --git a/doc/manual/source/SUMMARY.md.in b/doc/manual/source/SUMMARY.md.in index 45de9de7c5f..c43e4e9f6f0 100644 --- a/doc/manual/source/SUMMARY.md.in +++ b/doc/manual/source/SUMMARY.md.in @@ -101,7 +101,6 @@ - [Profiles](command-ref/files/profiles.md) - [manifest.nix](command-ref/files/manifest.nix.md) - [manifest.json](command-ref/files/manifest.json.md) - - [Channels](command-ref/files/channels.md) - [Default Nix expression](command-ref/files/default-nix-expression.md) - [Architecture and Design](architecture/architecture.md) - [Formats and Protocols](protocols/index.md) From d67db97abb904470a2d4ee026caa689ccce54c2d Mon Sep 17 00:00:00 2001 From: Luc Perkins Date: Wed, 5 Mar 2025 17:41:24 -0300 Subject: [PATCH 268/815] Remove channels link --- .../source/command-ref/files/default-nix-expression.md | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/doc/manual/source/command-ref/files/default-nix-expression.md b/doc/manual/source/command-ref/files/default-nix-expression.md index 2bd45ff5deb..e886e3ff499 100644 --- a/doc/manual/source/command-ref/files/default-nix-expression.md +++ b/doc/manual/source/command-ref/files/default-nix-expression.md @@ -31,12 +31,12 @@ Then, the resulting expression is interpreted like this: The file [`manifest.nix`](@docroot@/command-ref/files/manifest.nix.md) is always ignored. -The command [`nix-channel`] places a symlink to the current user's [channels] in this directory, the [user channel link](#user-channel-link). +The command [`nix-channel`] places a symlink to the current user's channels in this directory, the [user channel link](#user-channel-link). This makes all subscribed channels available as attributes in the default expression. ## User channel link -A symlink that ensures that [`nix-env`] can find the current user's [channels]: +A symlink that ensures that [`nix-env`] can find the current user's channels: - `~/.nix-defexpr/channels` - `$XDG_STATE_HOME/defexpr/channels` if [`use-xdg-base-directories`] is set to `true`. @@ -51,4 +51,3 @@ In a multi-user installation, you may also have `~/.nix-defexpr/channels_root`, [`nix-channel`]: @docroot@/command-ref/nix-channel.md [`nix-env`]: @docroot@/command-ref/nix-env.md [`use-xdg-base-directories`]: @docroot@/command-ref/conf-file.md#conf-use-xdg-base-directories -[channels]: @docroot@/command-ref/files/channels.md From 0f04d36c730175efc36756f7e842f8f97d948352 Mon Sep 17 00:00:00 2001 From: Luc Perkins Date: Wed, 5 Mar 2025 17:45:11 -0300 Subject: [PATCH 269/815] Remove default Nix expression doc from summary --- doc/manual/source/SUMMARY.md.in | 1 - src/libexpr/eval-settings.hh | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/doc/manual/source/SUMMARY.md.in b/doc/manual/source/SUMMARY.md.in index c43e4e9f6f0..b8b6ee763a0 100644 --- a/doc/manual/source/SUMMARY.md.in +++ b/doc/manual/source/SUMMARY.md.in @@ -101,7 +101,6 @@ - [Profiles](command-ref/files/profiles.md) - [manifest.nix](command-ref/files/manifest.nix.md) - [manifest.json](command-ref/files/manifest.json.md) - - [Default Nix expression](command-ref/files/default-nix-expression.md) - [Architecture and Design](architecture/architecture.md) - [Formats and Protocols](protocols/index.md) - [JSON Formats](protocols/json/index.md) diff --git a/src/libexpr/eval-settings.hh b/src/libexpr/eval-settings.hh index c61a186c08c..4740c298386 100644 --- a/src/libexpr/eval-settings.hh +++ b/src/libexpr/eval-settings.hh @@ -86,7 +86,7 @@ struct EvalSettings : Config - `$HOME/.nix-defexpr/channels` - The [user channel link](@docroot@/command-ref/files/default-nix-expression.md#user-channel-link), pointing to the current state of [channels](@docroot@/command-ref/files/channels.md) for the current user. + The user channel link pointing to the current state of channels for the current user. - `nixpkgs=$NIX_STATE_DIR/profiles/per-user/root/channels/nixpkgs` From aaf1967faaa1fb417aed8ae2fdc7040a97c55cb6 Mon Sep 17 00:00:00 2001 From: Luc Perkins Date: Wed, 5 Mar 2025 17:49:23 -0300 Subject: [PATCH 270/815] Remove default Nix expression links --- doc/manual/source/command-ref/nix-env.md | 2 +- doc/manual/source/command-ref/nix-env/install.md | 7 +++---- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/doc/manual/source/command-ref/nix-env.md b/doc/manual/source/command-ref/nix-env.md index bda02149ed0..d01caaf7f78 100644 --- a/doc/manual/source/command-ref/nix-env.md +++ b/doc/manual/source/command-ref/nix-env.md @@ -52,7 +52,7 @@ These pages can be viewed offline: `nix-env` can obtain packages from multiple sources: - An attribute set of derivations from: - - The [default Nix expression](@docroot@/command-ref/files/default-nix-expression.md) (by default) + - The default Nix expression (by default) - A Nix file, specified via `--file` - A [profile](@docroot@/command-ref/files/profiles.md), specified via `--from-profile` - A Nix expression that is a function which takes default expression as argument, specified via `--from-expression` diff --git a/doc/manual/source/command-ref/nix-env/install.md b/doc/manual/source/command-ref/nix-env/install.md index aa5c2fbba83..b6a71e8bdaa 100644 --- a/doc/manual/source/command-ref/nix-env/install.md +++ b/doc/manual/source/command-ref/nix-env/install.md @@ -22,12 +22,11 @@ It is based on the current generation of the active [profile](@docroot@/command- The arguments *args* map to store paths in a number of possible ways: -- By default, *args* is a set of [derivation] names denoting derivations in the [default Nix expression]. +- By default, *args* is a set of [derivation] names denoting derivations in the default Nix expression. These are [realised], and the resulting output paths are installed. Currently installed derivations with a name equal to the name of a derivation being added are removed unless the option `--preserve-installed` is specified. [derivation]: @docroot@/glossary.md#gloss-derivation - [default Nix expression]: @docroot@/command-ref/files/default-nix-expression.md [realised]: @docroot@/glossary.md#gloss-realise If there are multiple derivations matching a name in *args* that @@ -45,7 +44,7 @@ The arguments *args* map to store paths in a number of possible ways: gcc-3.3.6 gcc-4.1.1` will install both version of GCC (and will probably cause a user environment conflict\!). -- If [`--attr`](#opt-attr) / `-A` is specified, the arguments are *attribute paths* that select attributes from the [default Nix expression]. +- If [`--attr`](#opt-attr) / `-A` is specified, the arguments are *attribute paths* that select attributes from the default Nix expression. This is faster than using derivation names and unambiguous. Show the attribute paths of available packages with [`nix-env --query`](./query.md): @@ -58,7 +57,7 @@ The arguments *args* map to store paths in a number of possible ways: easy way to copy user environment elements from one profile to another. -- If `--from-expression` is given, *args* are [Nix language functions](@docroot@/language/syntax.md#functions) that are called with the [default Nix expression] as their single argument. +- If `--from-expression` is given, *args* are [Nix language functions](@docroot@/language/syntax.md#functions) that are called with the default Nix expression as their single argument. The derivations returned by those function calls are installed. This allows derivations to be specified in an unambiguous way, which is necessary if there are multiple derivations with the same name. From 4f6d3299a4bb8dd50718ed55638e295bbf537ab9 Mon Sep 17 00:00:00 2001 From: Luc Perkins Date: Thu, 6 Mar 2025 14:42:58 -0300 Subject: [PATCH 271/815] Change document title --- doc/manual/source/introduction.md | 18 +++++++++++++----- 1 file changed, 13 insertions(+), 5 deletions(-) diff --git a/doc/manual/source/introduction.md b/doc/manual/source/introduction.md index 76489bc1b2c..89cb61d3c41 100644 --- a/doc/manual/source/introduction.md +++ b/doc/manual/source/introduction.md @@ -1,7 +1,11 @@ -# Introduction +# Determinate Nix -Nix is a _purely functional package manager_. This means that it -treats packages like values in purely functional programming languages +**Determinate Nix** is a downstream distribution of [Nix], a purely +functional language, CLI tool, and package management system. + +## How Nix works + +Nix treats packages like values in purely functional programming languages such as Haskell — they are built by functions that don’t have side-effects, and they never change after they have been built. Nix stores packages in the _Nix store_, usually the directory @@ -184,10 +188,14 @@ to build configuration files in `/etc`). This means, among other things, that it is easy to roll back the entire configuration of the system to an earlier state. Also, users can install software without root privileges. For more information and downloads, see the [NixOS -homepage](https://nixos.org/). +homepage][site]. ## License Nix is released under the terms of the [GNU LGPLv2.1 or (at your option) any later -version](http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html). +version][license]. + +[license]: http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html +[nix]: https://nixos.org +[site]: https://nixos.org From fd6231e61230b37e0e2408929ba4e20bdfc5c556 Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Thu, 6 Mar 2025 15:36:43 -0800 Subject: [PATCH 272/815] Publish the flake as public, every time This exposed a bug in FlakeHub's private toggling, where the public 3.0.0 release followed by an accidentally private 0.1.x release, managed to cause the flake to be shunted closed. This should not be possible, so let's dig into how that came to be and make sure to create a test case against this should-be-impossible transition. --- .github/workflows/upload-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/upload-release.yml b/.github/workflows/upload-release.yml index 2eaf48d0ece..b600dfba04f 100644 --- a/.github/workflows/upload-release.yml +++ b/.github/workflows/upload-release.yml @@ -100,5 +100,5 @@ jobs: - uses: "DeterminateSystems/flakehub-push@main" with: rolling: ${{ github.ref == format('refs/heads/{0}', github.event.repository.default_branch) }} - visibility: "private" + visibility: "public" tag: "${{ github.ref_name }}" From 644f79dfd8aca7e2fd5662b8f7411d42c5bd7c43 Mon Sep 17 00:00:00 2001 From: Luc Perkins Date: Fri, 7 Mar 2025 14:18:04 -0300 Subject: [PATCH 273/815] Add installation instructions to intro --- doc/manual/redirects.js | 1 - doc/manual/source/SUMMARY.md.in | 1 - doc/manual/source/installation/index.md | 4 ++-- .../source/installation/supported-platforms.md | 7 ------- doc/manual/source/introduction.md | 18 ++++++++++++++---- doc/manual/source/quick-start.md | 2 +- 6 files changed, 17 insertions(+), 16 deletions(-) delete mode 100644 doc/manual/source/installation/supported-platforms.md diff --git a/doc/manual/redirects.js b/doc/manual/redirects.js index 36f53cbc82c..3a86ae4075a 100644 --- a/doc/manual/redirects.js +++ b/doc/manual/redirects.js @@ -275,7 +275,6 @@ const redirects = { "ssec-multi-user": "installation/multi-user.html", "sec-obtaining-source": "installation/obtaining-source.html", "sec-prerequisites-source": "installation/prerequisites-source.html", - "ch-supported-platforms": "installation/supported-platforms.html", "ch-upgrading-nix": "installation/upgrading.html", "ch-about-nix": "introduction.html", "chap-introduction": "introduction.html", diff --git a/doc/manual/source/SUMMARY.md.in b/doc/manual/source/SUMMARY.md.in index 612867c2586..9acd7907712 100644 --- a/doc/manual/source/SUMMARY.md.in +++ b/doc/manual/source/SUMMARY.md.in @@ -3,7 +3,6 @@ - [Introduction](introduction.md) - [Quick Start](quick-start.md) - [Installation](installation/index.md) - - [Supported Platforms](installation/supported-platforms.md) - [Installing Nix from Source](installation/installing-source.md) - [Prerequisites](installation/prerequisites-source.md) - [Obtaining a Source Distribution](installation/obtaining-source.md) diff --git a/doc/manual/source/installation/index.md b/doc/manual/source/installation/index.md index 1a1d4efdc98..21aca146fd2 100644 --- a/doc/manual/source/installation/index.md +++ b/doc/manual/source/installation/index.md @@ -1,10 +1,10 @@ # Installation -We recommend that macOS users install Determinate Nix using [Determinate.pkg][pkg]. +We recommend that macOS users install Determinate Nix using our graphical installer, [Determinate.pkg][pkg]. For Linux and Windows Subsystem for Linux (WSL) users: ```console -$ curl --proto '=https' --tlsv1.2 -sSf -L https://install.determinate.systems/nix | \ +curl --proto '=https' --tlsv1.2 -sSf -L https://install.determinate.systems/nix | \ sh -s -- install --determinate ``` diff --git a/doc/manual/source/installation/supported-platforms.md b/doc/manual/source/installation/supported-platforms.md deleted file mode 100644 index 8ca3ce8d445..00000000000 --- a/doc/manual/source/installation/supported-platforms.md +++ /dev/null @@ -1,7 +0,0 @@ -# Supported Platforms - -Nix is currently supported on the following platforms: - - - Linux (i686, x86\_64, aarch64). - - - macOS (x86\_64, aarch64). diff --git a/doc/manual/source/introduction.md b/doc/manual/source/introduction.md index 89cb61d3c41..a95e82740c6 100644 --- a/doc/manual/source/introduction.md +++ b/doc/manual/source/introduction.md @@ -1,7 +1,17 @@ # Determinate Nix -**Determinate Nix** is a downstream distribution of [Nix], a purely -functional language, CLI tool, and package management system. +**Determinate Nix** is a downstream distribution of [Nix], a purely functional language, CLI tool, and package management system. +It's available on Linux, macOS, and Windows Subsystem for Linux (WSL). + +## Installing + +We recommend that macOS users install Determinate Nix using our graphical installer, [Determinate.pkg][pkg]. +For Linux and Windows Subsystem for Linux (WSL) users: + +```console +curl --proto '=https' --tlsv1.2 -sSf -L https://install.determinate.systems/nix | \ + sh -s -- install --determinate +``` ## How Nix works @@ -188,7 +198,7 @@ to build configuration files in `/etc`). This means, among other things, that it is easy to roll back the entire configuration of the system to an earlier state. Also, users can install software without root privileges. For more information and downloads, see the [NixOS -homepage][site]. +homepage][nix]. ## License @@ -197,5 +207,5 @@ option) any later version][license]. [license]: http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html -[nix]: https://nixos.org +[pkg]: https://install.determinate.systems/determinate-pkg/stable/Universal [site]: https://nixos.org diff --git a/doc/manual/source/quick-start.md b/doc/manual/source/quick-start.md index 428063f97cc..ffb87aa725f 100644 --- a/doc/manual/source/quick-start.md +++ b/doc/manual/source/quick-start.md @@ -4,7 +4,7 @@ This chapter is for impatient people who don't like reading documentation. For more in-depth information you are kindly referred to subsequent chapters. 1. Install Nix. - We recommend that macOS users install Determinate Nix using [Determinate.pkg][pkg]. + We recommend that macOS users install Determinate Nix using our graphical installer, [Determinate.pkg][pkg]. For Linux and Windows Subsystem for Linux (WSL) users: ```console From b62167a0147b3500db644cb28fd6f9f63840ad44 Mon Sep 17 00:00:00 2001 From: Luc Perkins Date: Fri, 7 Mar 2025 14:53:22 -0300 Subject: [PATCH 274/815] Update upgrade docs --- doc/manual/source/installation/upgrading.md | 30 +++------------------ 1 file changed, 3 insertions(+), 27 deletions(-) diff --git a/doc/manual/source/installation/upgrading.md b/doc/manual/source/installation/upgrading.md index f0992671d03..8fe342b09b7 100644 --- a/doc/manual/source/installation/upgrading.md +++ b/doc/manual/source/installation/upgrading.md @@ -1,34 +1,10 @@ # Upgrading Nix -> **Note** -> -> These upgrade instructions apply where Nix was installed following the [installation instructions in this manual](./index.md). - -Check which Nix version will be installed, for example from one of the [release channels](http://channels.nixos.org/) such as `nixpkgs-unstable`: - -```console -$ nix-shell -p nix -I nixpkgs=channel:nixpkgs-unstable --run "nix --version" -nix (Nix) 2.18.1 -``` - -> **Warning** -> -> Writing to the [local store](@docroot@/store/types/local-store.md) with a newer version of Nix, for example by building derivations with [`nix-build`](@docroot@/command-ref/nix-build.md) or [`nix-store --realise`](@docroot@/command-ref/nix-store/realise.md), may change the database schema! -> Reverting to an older version of Nix may therefore require purging the store database before it can be used. - -## Linux multi-user +You can upgrade Determinate Nix using Determinate Nixd: ```console -$ sudo su -# nix-env --install --file '' --attr nix cacert -I nixpkgs=channel:nixpkgs-unstable -# systemctl daemon-reload -# systemctl restart nix-daemon +sudo determinate-nixd upgrade ``` -## macOS multi-user +Note that the `sudo` is necessary here and upgrading fails without it. -```console -$ sudo nix-env --install --file '' --attr nix cacert -I nixpkgs=channel:nixpkgs-unstable -$ sudo launchctl remove org.nixos.nix-daemon -$ sudo launchctl load /Library/LaunchDaemons/org.nixos.nix-daemon.plist -``` From 1212b1fbfeee93ce7a04911a4085d796d6d9c72a Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 17 Feb 2025 14:59:07 +0100 Subject: [PATCH 275/815] JSONLogger: Log to a file descriptor instead of another Logger Logging to another Logger was kind of nonsensical - it was really just an easy way to get it to write its output to stderr, but that only works if the underlying logger writes to stderr. This change is needed to make it easy to log JSON output somewhere else (like a file or socket). --- src/build-remote/build-remote.cc | 2 +- src/libmain/loggers.cc | 2 +- src/libstore/unix/build/local-derivation-goal.cc | 2 +- src/libutil/logging.cc | 10 +++++----- src/libutil/logging.hh | 3 ++- 5 files changed, 10 insertions(+), 9 deletions(-) diff --git a/src/build-remote/build-remote.cc b/src/build-remote/build-remote.cc index 82ad7d86212..2c3176724e7 100644 --- a/src/build-remote/build-remote.cc +++ b/src/build-remote/build-remote.cc @@ -51,7 +51,7 @@ static bool allSupportedLocally(Store & store, const std::set& requ static int main_build_remote(int argc, char * * argv) { { - logger = makeJSONLogger(*logger); + logger = makeJSONLogger(STDERR_FILENO); /* Ensure we don't get any SSH passphrase or host key popups. */ unsetenv("DISPLAY"); diff --git a/src/libmain/loggers.cc b/src/libmain/loggers.cc index a4e0530c8f9..ede5ddae332 100644 --- a/src/libmain/loggers.cc +++ b/src/libmain/loggers.cc @@ -27,7 +27,7 @@ Logger * makeDefaultLogger() { case LogFormat::rawWithLogs: return makeSimpleLogger(true); case LogFormat::internalJSON: - return makeJSONLogger(*makeSimpleLogger(true)); + return makeJSONLogger(STDERR_FILENO); case LogFormat::bar: return makeProgressBar(); case LogFormat::barWithLogs: { diff --git a/src/libstore/unix/build/local-derivation-goal.cc b/src/libstore/unix/build/local-derivation-goal.cc index 5b9bc0bb011..805c3bbcaa5 100644 --- a/src/libstore/unix/build/local-derivation-goal.cc +++ b/src/libstore/unix/build/local-derivation-goal.cc @@ -2219,7 +2219,7 @@ void LocalDerivationGoal::runChild() /* Execute the program. This should not return. */ if (drv->isBuiltin()) { try { - logger = makeJSONLogger(*logger); + logger = makeJSONLogger(STDERR_FILENO); std::map outputs; for (auto & e : drv->outputs) diff --git a/src/libutil/logging.cc b/src/libutil/logging.cc index a5add5565df..9caa83efebc 100644 --- a/src/libutil/logging.cc +++ b/src/libutil/logging.cc @@ -167,9 +167,9 @@ void to_json(nlohmann::json & json, std::shared_ptr pos) } struct JSONLogger : Logger { - Logger & prevLogger; + Descriptor fd; - JSONLogger(Logger & prevLogger) : prevLogger(prevLogger) { } + JSONLogger(Descriptor fd) : fd(fd) { } bool isVerbose() override { return true; @@ -190,7 +190,7 @@ struct JSONLogger : Logger { void write(const nlohmann::json & json) { - prevLogger.log(lvlError, "@nix " + json.dump(-1, ' ', false, nlohmann::json::error_handler_t::replace)); + writeLine(fd, "@nix " + json.dump(-1, ' ', false, nlohmann::json::error_handler_t::replace)); } void log(Verbosity lvl, std::string_view s) override @@ -262,9 +262,9 @@ struct JSONLogger : Logger { } }; -Logger * makeJSONLogger(Logger & prevLogger) +Logger * makeJSONLogger(Descriptor fd) { - return new JSONLogger(prevLogger); + return new JSONLogger(fd); } static Logger::Fields getFields(nlohmann::json & json) diff --git a/src/libutil/logging.hh b/src/libutil/logging.hh index 11e4033a59d..e8112c6b020 100644 --- a/src/libutil/logging.hh +++ b/src/libutil/logging.hh @@ -3,6 +3,7 @@ #include "error.hh" #include "config.hh" +#include "file-descriptor.hh" #include @@ -183,7 +184,7 @@ extern Logger * logger; Logger * makeSimpleLogger(bool printBuildLogs = true); -Logger * makeJSONLogger(Logger & prevLogger); +Logger * makeJSONLogger(Descriptor fd); /** * @param source A noun phrase describing the source of the message, e.g. "the builder". From 8ef94c111413ce14a7f69dfe643e69dde2e724e3 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 17 Feb 2025 14:40:50 +0100 Subject: [PATCH 276/815] Add a structured log message for FOD hash mismatches --- src/libstore/unix/build/local-derivation-goal.cc | 6 ++++++ src/libutil/logging.hh | 1 + 2 files changed, 7 insertions(+) diff --git a/src/libstore/unix/build/local-derivation-goal.cc b/src/libstore/unix/build/local-derivation-goal.cc index 805c3bbcaa5..9ab0da32bdd 100644 --- a/src/libstore/unix/build/local-derivation-goal.cc +++ b/src/libstore/unix/build/local-derivation-goal.cc @@ -2656,6 +2656,12 @@ SingleDrvOutputs LocalDerivationGoal::registerOutputs() worker.store.printStorePath(drvPath), wanted.to_string(HashFormat::SRI, true), got.to_string(HashFormat::SRI, true))); + // FIXME: put this in BuildResult and log that as JSON. + act->result(resHashMismatch, + {worker.store.printStorePath(drvPath), + wanted.to_string(HashFormat::SRI, true), + got.to_string(HashFormat::SRI, true) + }); } if (!newInfo0.references.empty()) { auto numViolations = newInfo.references.size(); diff --git a/src/libutil/logging.hh b/src/libutil/logging.hh index e8112c6b020..21493b9697c 100644 --- a/src/libutil/logging.hh +++ b/src/libutil/logging.hh @@ -36,6 +36,7 @@ typedef enum { resSetExpected = 106, resPostBuildLogLine = 107, resFetchStatus = 108, + resHashMismatch = 109, } ResultType; typedef uint64_t ActivityId; From 1f702cdb0166a9f3b03f931b27c6bd000c223eb3 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 17 Feb 2025 16:36:02 +0100 Subject: [PATCH 277/815] Allow separate JSON logging If the NIX_LOG_FILE environment variable is set, Nix will write JSON log messages to that file in addition to the regular logger (e.g. the progress bar). --- src/libutil/logging.cc | 18 +++++++ src/libutil/logging.hh | 6 +++ src/libutil/meson.build | 1 + src/libutil/tee-logger.cc | 102 ++++++++++++++++++++++++++++++++++++++ src/nix/main.cc | 4 ++ 5 files changed, 131 insertions(+) create mode 100644 src/libutil/tee-logger.cc diff --git a/src/libutil/logging.cc b/src/libutil/logging.cc index 9caa83efebc..0bffe40e347 100644 --- a/src/libutil/logging.cc +++ b/src/libutil/logging.cc @@ -267,6 +267,24 @@ Logger * makeJSONLogger(Descriptor fd) return new JSONLogger(fd); } +Logger * makeJSONLogger(const std::filesystem::path & path) +{ + struct JSONFileLogger : JSONLogger { + AutoCloseFD fd; + + JSONFileLogger(AutoCloseFD && fd) + : JSONLogger(fd.get()) + , fd(std::move(fd)) + { } + }; + + auto fd{toDescriptor(open(path.c_str(), O_CREAT | O_APPEND | O_WRONLY, 0644))}; + if (!fd) + throw SysError("opening log file '%1%'", path); + + return new JSONFileLogger(std::move(fd)); +} + static Logger::Fields getFields(nlohmann::json & json) { Logger::Fields fields; diff --git a/src/libutil/logging.hh b/src/libutil/logging.hh index 21493b9697c..cadeafea4e9 100644 --- a/src/libutil/logging.hh +++ b/src/libutil/logging.hh @@ -5,6 +5,8 @@ #include "config.hh" #include "file-descriptor.hh" +#include + #include namespace nix { @@ -185,8 +187,12 @@ extern Logger * logger; Logger * makeSimpleLogger(bool printBuildLogs = true); +Logger * makeTeeLogger(std::vector loggers); + Logger * makeJSONLogger(Descriptor fd); +Logger * makeJSONLogger(const std::filesystem::path & path); + /** * @param source A noun phrase describing the source of the message, e.g. "the builder". */ diff --git a/src/libutil/meson.build b/src/libutil/meson.build index ac701d8fd3b..d5855442d8a 100644 --- a/src/libutil/meson.build +++ b/src/libutil/meson.build @@ -158,6 +158,7 @@ sources = files( 'strings.cc', 'suggestions.cc', 'tarfile.cc', + 'tee-logger.cc', 'terminal.cc', 'thread-pool.cc', 'unix-domain-socket.cc', diff --git a/src/libutil/tee-logger.cc b/src/libutil/tee-logger.cc new file mode 100644 index 00000000000..7a5115ea795 --- /dev/null +++ b/src/libutil/tee-logger.cc @@ -0,0 +1,102 @@ +#include "logging.hh" + +namespace nix { + +struct TeeLogger : Logger +{ + std::vector loggers; + + TeeLogger(std::vector loggers) + : loggers(std::move(loggers)) + { + } + + void stop() override + { + for (auto & logger : loggers) + logger->stop(); + }; + + void pause() override + { + for (auto & logger : loggers) + logger->pause(); + }; + + void resume() override + { + for (auto & logger : loggers) + logger->resume(); + }; + + void log(Verbosity lvl, std::string_view s) override + { + for (auto & logger : loggers) + logger->log(lvl, s); + } + + void logEI(const ErrorInfo & ei) override + { + for (auto & logger : loggers) + logger->logEI(ei); + } + + void startActivity( + ActivityId act, + Verbosity lvl, + ActivityType type, + const std::string & s, + const Fields & fields, + ActivityId parent) override + { + for (auto & logger : loggers) + logger->startActivity(act, lvl, type, s, fields, parent); + } + + void stopActivity(ActivityId act) override + { + for (auto & logger : loggers) + logger->stopActivity(act); + } + + void result(ActivityId act, ResultType type, const Fields & fields) override + { + for (auto & logger : loggers) + logger->result(act, type, fields); + } + + void writeToStdout(std::string_view s) override + { + for (auto & logger : loggers) { + /* Let only the first logger write to stdout to avoid + duplication. This means that the first logger needs to + be the one managing stdout/stderr + (e.g. `ProgressBar`). */ + logger->writeToStdout(s); + break; + } + } + + std::optional ask(std::string_view s) override + { + for (auto & logger : loggers) { + auto c = logger->ask(s); + if (c) + return c; + } + return std::nullopt; + } + + void setPrintBuildLogs(bool printBuildLogs) override + { + for (auto & logger : loggers) + logger->setPrintBuildLogs(printBuildLogs); + } +}; + +Logger * makeTeeLogger(std::vector loggers) +{ + return new TeeLogger(std::move(loggers)); +} + +} diff --git a/src/nix/main.cc b/src/nix/main.cc index f8f9d03a4f6..5f83e997cb2 100644 --- a/src/nix/main.cc +++ b/src/nix/main.cc @@ -485,6 +485,10 @@ void mainWrapped(int argc, char * * argv) if (!args.helpRequested && !args.completions) throw; } + if (auto logFile = getEnv("NIX_LOG_FILE")) { + logger = makeTeeLogger({logger, makeJSONLogger(*logFile)}); + } + if (args.helpRequested) { std::vector subcommand; MultiCommand * command = &args; From 2972e7394606650ed2ed4669ea79581817294a72 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 13 Mar 2025 13:15:14 +0100 Subject: [PATCH 278/815] Turn NIX_LOG_FILE into a setting --- src/nix/main.cc | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) diff --git a/src/nix/main.cc b/src/nix/main.cc index 5f83e997cb2..10a02fe3f3c 100644 --- a/src/nix/main.cc +++ b/src/nix/main.cc @@ -5,6 +5,7 @@ #include "eval.hh" #include "eval-settings.hh" #include "globals.hh" +#include "config-global.hh" #include "legacy.hh" #include "shared.hh" #include "store-api.hh" @@ -347,6 +348,20 @@ struct CmdHelpStores : Command static auto rCmdHelpStores = registerCommand("help-stores"); +struct ExtLoggerSettings : Config +{ + Setting jsonLogPath{ + this, "", "json-log-path", + R"( + A path to which JSON records of Nix's log output will be + written, in the same format as `--log-format internal-json`. + )"}; +}; + +static ExtLoggerSettings extLoggerSettings; + +static GlobalConfig::Register rExtLoggerSettings(&extLoggerSettings); + void mainWrapped(int argc, char * * argv) { savedArgv = argv; @@ -485,8 +500,8 @@ void mainWrapped(int argc, char * * argv) if (!args.helpRequested && !args.completions) throw; } - if (auto logFile = getEnv("NIX_LOG_FILE")) { - logger = makeTeeLogger({logger, makeJSONLogger(*logFile)}); + if (!extLoggerSettings.jsonLogPath.get().empty()) { + logger = makeTeeLogger({logger, makeJSONLogger(std::filesystem::path(extLoggerSettings.jsonLogPath.get()))}); } if (args.helpRequested) { From 29a9e638c1bf70eb5f57bf8c6b78de71293cdedf Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 13 Mar 2025 13:37:38 +0100 Subject: [PATCH 279/815] Remove "@nix" prefix from json-log-path output --- src/libutil/logging.cc | 22 ++++++++++++++-------- src/libutil/logging.hh | 4 ++-- src/nix/main.cc | 5 +++-- 3 files changed, 19 insertions(+), 12 deletions(-) diff --git a/src/libutil/logging.cc b/src/libutil/logging.cc index 0bffe40e347..fcbc61d5e4d 100644 --- a/src/libutil/logging.cc +++ b/src/libutil/logging.cc @@ -168,8 +168,12 @@ void to_json(nlohmann::json & json, std::shared_ptr pos) struct JSONLogger : Logger { Descriptor fd; + bool includeNixPrefix; - JSONLogger(Descriptor fd) : fd(fd) { } + JSONLogger(Descriptor fd, bool includeNixPrefix) + : fd(fd) + , includeNixPrefix(includeNixPrefix) + { } bool isVerbose() override { return true; @@ -190,7 +194,9 @@ struct JSONLogger : Logger { void write(const nlohmann::json & json) { - writeLine(fd, "@nix " + json.dump(-1, ' ', false, nlohmann::json::error_handler_t::replace)); + writeLine(fd, + (includeNixPrefix ? "@nix " : "") + + json.dump(-1, ' ', false, nlohmann::json::error_handler_t::replace)); } void log(Verbosity lvl, std::string_view s) override @@ -262,18 +268,18 @@ struct JSONLogger : Logger { } }; -Logger * makeJSONLogger(Descriptor fd) +Logger * makeJSONLogger(Descriptor fd, bool includeNixPrefix) { - return new JSONLogger(fd); + return new JSONLogger(fd, includeNixPrefix); } -Logger * makeJSONLogger(const std::filesystem::path & path) +Logger * makeJSONLogger(const std::filesystem::path & path, bool includeNixPrefix) { struct JSONFileLogger : JSONLogger { AutoCloseFD fd; - JSONFileLogger(AutoCloseFD && fd) - : JSONLogger(fd.get()) + JSONFileLogger(AutoCloseFD && fd, bool includeNixPrefix) + : JSONLogger(fd.get(), includeNixPrefix) , fd(std::move(fd)) { } }; @@ -282,7 +288,7 @@ Logger * makeJSONLogger(const std::filesystem::path & path) if (!fd) throw SysError("opening log file '%1%'", path); - return new JSONFileLogger(std::move(fd)); + return new JSONFileLogger(std::move(fd), includeNixPrefix); } static Logger::Fields getFields(nlohmann::json & json) diff --git a/src/libutil/logging.hh b/src/libutil/logging.hh index cadeafea4e9..ef449d03ef8 100644 --- a/src/libutil/logging.hh +++ b/src/libutil/logging.hh @@ -189,9 +189,9 @@ Logger * makeSimpleLogger(bool printBuildLogs = true); Logger * makeTeeLogger(std::vector loggers); -Logger * makeJSONLogger(Descriptor fd); +Logger * makeJSONLogger(Descriptor fd, bool includeNixPrefix = true); -Logger * makeJSONLogger(const std::filesystem::path & path); +Logger * makeJSONLogger(const std::filesystem::path & path, bool includeNixPrefix = true); /** * @param source A noun phrase describing the source of the message, e.g. "the builder". diff --git a/src/nix/main.cc b/src/nix/main.cc index 10a02fe3f3c..68137a216a3 100644 --- a/src/nix/main.cc +++ b/src/nix/main.cc @@ -354,7 +354,8 @@ struct ExtLoggerSettings : Config this, "", "json-log-path", R"( A path to which JSON records of Nix's log output will be - written, in the same format as `--log-format internal-json`. + written, in the same format as `--log-format internal-json` + (without the `@nix ` prefixes on each line). )"}; }; @@ -501,7 +502,7 @@ void mainWrapped(int argc, char * * argv) } if (!extLoggerSettings.jsonLogPath.get().empty()) { - logger = makeTeeLogger({logger, makeJSONLogger(std::filesystem::path(extLoggerSettings.jsonLogPath.get()))}); + logger = makeTeeLogger({logger, makeJSONLogger(std::filesystem::path(extLoggerSettings.jsonLogPath.get()), false)}); } if (args.helpRequested) { From 1efccf34b12ceaf3565bd70b8c3b3465e65d4a18 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 13 Mar 2025 13:58:35 +0100 Subject: [PATCH 280/815] JSONLogger: Acquire a lock to prevent log messages from clobbering each other --- src/libutil/logging.cc | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/src/libutil/logging.cc b/src/libutil/logging.cc index fcbc61d5e4d..c3ccfba42db 100644 --- a/src/libutil/logging.cc +++ b/src/libutil/logging.cc @@ -6,6 +6,7 @@ #include "config-global.hh" #include "source-path.hh" #include "position.hh" +#include "sync.hh" #include #include @@ -192,11 +193,22 @@ struct JSONLogger : Logger { unreachable(); } + struct State + { + }; + + Sync _state; + void write(const nlohmann::json & json) { - writeLine(fd, + auto line = (includeNixPrefix ? "@nix " : "") + - json.dump(-1, ' ', false, nlohmann::json::error_handler_t::replace)); + json.dump(-1, ' ', false, nlohmann::json::error_handler_t::replace); + + /* Acquire a lock to prevent log messages from clobbering each + other. */ + auto state(_state.lock()); + writeLine(fd, line); } void log(Verbosity lvl, std::string_view s) override From d9730fc93b61c864fb73fae887a2d9bd102f0221 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 13 Mar 2025 15:42:17 +0100 Subject: [PATCH 281/815] Fix fd check --- src/libutil/logging.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libutil/logging.cc b/src/libutil/logging.cc index c3ccfba42db..8ef7a361274 100644 --- a/src/libutil/logging.cc +++ b/src/libutil/logging.cc @@ -296,7 +296,7 @@ Logger * makeJSONLogger(const std::filesystem::path & path, bool includeNixPrefi { } }; - auto fd{toDescriptor(open(path.c_str(), O_CREAT | O_APPEND | O_WRONLY, 0644))}; + AutoCloseFD fd{toDescriptor(open(path.c_str(), O_CREAT | O_APPEND | O_WRONLY, 0644))}; if (!fd) throw SysError("opening log file '%1%'", path); From 220000dc1aaa1157862ea287542092eeab14111a Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 13 Mar 2025 15:48:52 +0100 Subject: [PATCH 282/815] makeJSONLogger(): Support logging to a Unix domain socket --- src/libstore/uds-remote-store.cc | 4 +--- src/libutil/logging.cc | 6 +++++- src/libutil/unix-domain-socket.cc | 7 +++++++ src/libutil/unix-domain-socket.hh | 5 +++++ 4 files changed, 18 insertions(+), 4 deletions(-) diff --git a/src/libstore/uds-remote-store.cc b/src/libstore/uds-remote-store.cc index 3c445eb1318..93c48c0e63d 100644 --- a/src/libstore/uds-remote-store.cc +++ b/src/libstore/uds-remote-store.cc @@ -84,9 +84,7 @@ ref UDSRemoteStore::openConnection() auto conn = make_ref(); /* Connect to a daemon that does the privileged work for us. */ - conn->fd = createUnixDomainSocket(); - - nix::connect(toSocket(conn->fd.get()), path); + conn->fd = nix::connect(path); conn->from.fd = conn->fd.get(); conn->to.fd = conn->fd.get(); diff --git a/src/libutil/logging.cc b/src/libutil/logging.cc index 8ef7a361274..94683cca5ba 100644 --- a/src/libutil/logging.cc +++ b/src/libutil/logging.cc @@ -7,6 +7,7 @@ #include "source-path.hh" #include "position.hh" #include "sync.hh" +#include "unix-domain-socket.hh" #include #include @@ -296,7 +297,10 @@ Logger * makeJSONLogger(const std::filesystem::path & path, bool includeNixPrefi { } }; - AutoCloseFD fd{toDescriptor(open(path.c_str(), O_CREAT | O_APPEND | O_WRONLY, 0644))}; + AutoCloseFD fd = + std::filesystem::is_socket(path) + ? connect(path) + : toDescriptor(open(path.c_str(), O_CREAT | O_APPEND | O_WRONLY, 0644)); if (!fd) throw SysError("opening log file '%1%'", path); diff --git a/src/libutil/unix-domain-socket.cc b/src/libutil/unix-domain-socket.cc index 1707fdb75e1..0a7af130868 100644 --- a/src/libutil/unix-domain-socket.cc +++ b/src/libutil/unix-domain-socket.cc @@ -114,4 +114,11 @@ void connect(Socket fd, const std::string & path) bindConnectProcHelper("connect", ::connect, fd, path); } +AutoCloseFD connect(const std::filesystem::path & path) +{ + auto fd = createUnixDomainSocket(); + nix::connect(toSocket(fd.get()), path); + return fd; +} + } diff --git a/src/libutil/unix-domain-socket.hh b/src/libutil/unix-domain-socket.hh index ba2baeb1334..e0d9340115d 100644 --- a/src/libutil/unix-domain-socket.hh +++ b/src/libutil/unix-domain-socket.hh @@ -80,4 +80,9 @@ void bind(Socket fd, const std::string & path); */ void connect(Socket fd, const std::string & path); +/** + * Connect to a Unix domain socket. + */ +AutoCloseFD connect(const std::filesystem::path & path); + } From 2a2af3f72f1841a67d06120d0be5553fddda71d7 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 13 Mar 2025 18:23:00 +0100 Subject: [PATCH 283/815] Logger::result(): Support logging arbitrary JSON objects --- src/libstore/unix/build/local-derivation-goal.cc | 8 ++++---- src/libutil/logging.cc | 10 ++++++++++ src/libutil/logging.hh | 7 +++++++ src/libutil/tee-logger.cc | 6 ++++++ 4 files changed, 27 insertions(+), 4 deletions(-) diff --git a/src/libstore/unix/build/local-derivation-goal.cc b/src/libstore/unix/build/local-derivation-goal.cc index 9ab0da32bdd..ec06c204418 100644 --- a/src/libstore/unix/build/local-derivation-goal.cc +++ b/src/libstore/unix/build/local-derivation-goal.cc @@ -2656,11 +2656,11 @@ SingleDrvOutputs LocalDerivationGoal::registerOutputs() worker.store.printStorePath(drvPath), wanted.to_string(HashFormat::SRI, true), got.to_string(HashFormat::SRI, true))); - // FIXME: put this in BuildResult and log that as JSON. act->result(resHashMismatch, - {worker.store.printStorePath(drvPath), - wanted.to_string(HashFormat::SRI, true), - got.to_string(HashFormat::SRI, true) + { + {"storePath", worker.store.printStorePath(drvPath)}, + {"wanted", wanted.to_string(HashFormat::SRI, true)}, + {"got", got.to_string(HashFormat::SRI, true)}, }); } if (!newInfo0.references.empty()) { diff --git a/src/libutil/logging.cc b/src/libutil/logging.cc index 94683cca5ba..c7b859bd536 100644 --- a/src/libutil/logging.cc +++ b/src/libutil/logging.cc @@ -279,6 +279,16 @@ struct JSONLogger : Logger { addFields(json, fields); write(json); } + + void result(ActivityId act, ResultType type, const nlohmann::json & j) override + { + nlohmann::json json; + json["action"] = "result"; + json["id"] = act; + json["type"] = type; + json["payload"] = j; + write(json); + } }; Logger * makeJSONLogger(Descriptor fd, bool includeNixPrefix) diff --git a/src/libutil/logging.hh b/src/libutil/logging.hh index ef449d03ef8..9d655f73592 100644 --- a/src/libutil/logging.hh +++ b/src/libutil/logging.hh @@ -108,6 +108,8 @@ public: virtual void result(ActivityId act, ResultType type, const Fields & fields) { }; + virtual void result(ActivityId act, ResultType type, const nlohmann::json & json) { }; + virtual void writeToStdout(std::string_view s); template @@ -160,6 +162,11 @@ struct Activity void setExpected(ActivityType type2, uint64_t expected) const { result(resSetExpected, type2, expected); } + void result(ResultType type, const nlohmann::json & json) const + { + logger.result(id, type, json); + } + template void result(ResultType type, const Args & ... args) const { diff --git a/src/libutil/tee-logger.cc b/src/libutil/tee-logger.cc index 7a5115ea795..c9873a53a97 100644 --- a/src/libutil/tee-logger.cc +++ b/src/libutil/tee-logger.cc @@ -65,6 +65,12 @@ struct TeeLogger : Logger logger->result(act, type, fields); } + void result(ActivityId act, ResultType type, const nlohmann::json & json) override + { + for (auto & logger : loggers) + logger->result(act, type, json); + } + void writeToStdout(std::string_view s) override { for (auto & logger : loggers) { From c515bc66f1d8941290ef448eea4661b741a8fcc7 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 13 Mar 2025 18:52:29 +0100 Subject: [PATCH 284/815] Provide a structured JSON serialisation of hashes --- src/libstore/unix/build/local-derivation-goal.cc | 4 ++-- src/libutil/hash.cc | 11 +++++++++++ src/libutil/hash.hh | 6 ++++++ 3 files changed, 19 insertions(+), 2 deletions(-) diff --git a/src/libstore/unix/build/local-derivation-goal.cc b/src/libstore/unix/build/local-derivation-goal.cc index ec06c204418..cb3d4a04f81 100644 --- a/src/libstore/unix/build/local-derivation-goal.cc +++ b/src/libstore/unix/build/local-derivation-goal.cc @@ -2659,8 +2659,8 @@ SingleDrvOutputs LocalDerivationGoal::registerOutputs() act->result(resHashMismatch, { {"storePath", worker.store.printStorePath(drvPath)}, - {"wanted", wanted.to_string(HashFormat::SRI, true)}, - {"got", got.to_string(HashFormat::SRI, true)}, + {"wanted", wanted}, + {"got", got}, }); } if (!newInfo0.references.empty()) { diff --git a/src/libutil/hash.cc b/src/libutil/hash.cc index b69dec685f5..9668800af2c 100644 --- a/src/libutil/hash.cc +++ b/src/libutil/hash.cc @@ -14,6 +14,8 @@ #include #include +#include + #include namespace nix { @@ -456,4 +458,13 @@ std::string_view printHashAlgo(HashAlgorithm ha) } } +void to_json(nlohmann::json & json, const Hash & hash) +{ + json = nlohmann::json::object( + { + {"algo", printHashAlgo(hash.algo)}, + {"base16", hash.to_string(HashFormat::Base16, false)}, + }); +} + } diff --git a/src/libutil/hash.hh b/src/libutil/hash.hh index dc95b9f2f9b..3ef7e8b14b3 100644 --- a/src/libutil/hash.hh +++ b/src/libutil/hash.hh @@ -5,6 +5,8 @@ #include "serialise.hh" #include "file-system.hh" +#include + namespace nix { @@ -209,6 +211,10 @@ std::optional parseHashAlgoOpt(std::string_view s); */ std::string_view printHashAlgo(HashAlgorithm ha); +/** + * Write a JSON serialisation of the format `{"algo":"","base16":""}`. + */ +void to_json(nlohmann::json & json, const Hash & hash); union Ctx; From 762114b7c4d28027cdc7a673035f87664cc0fe68 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 13 Mar 2025 19:42:52 +0100 Subject: [PATCH 285/815] Log BuildResult --- src/libstore/build-result.cc | 25 ++++++++++++ src/libstore/build-result.hh | 52 +++++++++++++++---------- src/libstore/build/derivation-goal.cc | 7 ++++ src/libstore/build/substitution-goal.cc | 11 ++++++ src/libutil/logging.hh | 1 + 5 files changed, 75 insertions(+), 21 deletions(-) diff --git a/src/libstore/build-result.cc b/src/libstore/build-result.cc index 96cbfd62fff..3e316f6791f 100644 --- a/src/libstore/build-result.cc +++ b/src/libstore/build-result.cc @@ -1,8 +1,33 @@ #include "build-result.hh" +#include + namespace nix { bool BuildResult::operator==(const BuildResult &) const noexcept = default; std::strong_ordering BuildResult::operator<=>(const BuildResult &) const noexcept = default; +void to_json(nlohmann::json & json, const BuildResult & buildResult) +{ + json = nlohmann::json::object(); + json["status"] = BuildResult::statusToString(buildResult.status); + if (buildResult.errorMsg != "") + json["errorMsg"] = buildResult.errorMsg; + if (buildResult.timesBuilt) + json["timesBuilt"] = buildResult.timesBuilt; + if (buildResult.isNonDeterministic) + json["isNonDeterministic"] = buildResult.isNonDeterministic; + if (buildResult.startTime) + json["startTime"] = buildResult.startTime; + if (buildResult.stopTime) + json["stopTime"] = buildResult.stopTime; +} + +nlohmann::json KeyedBuildResult::toJSON(Store & store) const +{ + auto json = nlohmann::json((const BuildResult &) *this); + json["path"] = path.toJSON(store); + return json; +} + } diff --git a/src/libstore/build-result.hh b/src/libstore/build-result.hh index 8c66cfeb353..f56817f19c1 100644 --- a/src/libstore/build-result.hh +++ b/src/libstore/build-result.hh @@ -8,6 +8,8 @@ #include #include +#include + namespace nix { struct BuildResult @@ -46,28 +48,32 @@ struct BuildResult */ std::string errorMsg; + static std::string_view statusToString(Status status) + { + switch (status) { + case Built: return "Built"; + case Substituted: return "Substituted"; + case AlreadyValid: return "AlreadyValid"; + case PermanentFailure: return "PermanentFailure"; + case InputRejected: return "InputRejected"; + case OutputRejected: return "OutputRejected"; + case TransientFailure: return "TransientFailure"; + case CachedFailure: return "CachedFailure"; + case TimedOut: return "TimedOut"; + case MiscFailure: return "MiscFailure"; + case DependencyFailed: return "DependencyFailed"; + case LogLimitExceeded: return "LogLimitExceeded"; + case NotDeterministic: return "NotDeterministic"; + case ResolvesToAlreadyValid: return "ResolvesToAlreadyValid"; + case NoSubstituters: return "NoSubstituters"; + default: return "Unknown"; + }; + } + std::string toString() const { - auto strStatus = [&]() { - switch (status) { - case Built: return "Built"; - case Substituted: return "Substituted"; - case AlreadyValid: return "AlreadyValid"; - case PermanentFailure: return "PermanentFailure"; - case InputRejected: return "InputRejected"; - case OutputRejected: return "OutputRejected"; - case TransientFailure: return "TransientFailure"; - case CachedFailure: return "CachedFailure"; - case TimedOut: return "TimedOut"; - case MiscFailure: return "MiscFailure"; - case DependencyFailed: return "DependencyFailed"; - case LogLimitExceeded: return "LogLimitExceeded"; - case NotDeterministic: return "NotDeterministic"; - case ResolvesToAlreadyValid: return "ResolvesToAlreadyValid"; - case NoSubstituters: return "NoSubstituters"; - default: return "Unknown"; - }; - }(); - return strStatus + ((errorMsg == "") ? "" : " : " + errorMsg); + return + std::string(statusToString(status)) + + ((errorMsg == "") ? "" : " : " + errorMsg); } /** @@ -128,6 +134,10 @@ struct KeyedBuildResult : BuildResult KeyedBuildResult(BuildResult res, DerivedPath path) : BuildResult(std::move(res)), path(std::move(path)) { } + + nlohmann::json toJSON(Store & store) const; }; +void to_json(nlohmann::json & json, const BuildResult & buildResult); + } diff --git a/src/libstore/build/derivation-goal.cc b/src/libstore/build/derivation-goal.cc index 714dc87c86c..6c335e17c08 100644 --- a/src/libstore/build/derivation-goal.cc +++ b/src/libstore/build/derivation-goal.cc @@ -1563,6 +1563,13 @@ Goal::Done DerivationGoal::done( fs << worker.store.printStorePath(drvPath) << "\t" << buildResult.toString() << std::endl; } + logger->result( + act ? act->id : getCurActivity(), + resBuildResult, + KeyedBuildResult( + buildResult, + DerivedPath::Built{.drvPath = makeConstantStorePathRef(drvPath), .outputs = wantedOutputs}).toJSON(worker.store)); + return amDone(buildResult.success() ? ecSuccess : ecFailed, std::move(ex)); } diff --git a/src/libstore/build/substitution-goal.cc b/src/libstore/build/substitution-goal.cc index 983c86601d8..625e64781aa 100644 --- a/src/libstore/build/substitution-goal.cc +++ b/src/libstore/build/substitution-goal.cc @@ -3,8 +3,11 @@ #include "nar-info.hh" #include "finally.hh" #include "signals.hh" + #include +#include + namespace nix { PathSubstitutionGoal::PathSubstitutionGoal(const StorePath & storePath, Worker & worker, RepairFlag repair, std::optional ca) @@ -35,6 +38,14 @@ Goal::Done PathSubstitutionGoal::done( debug(*errorMsg); buildResult.errorMsg = *errorMsg; } + + logger->result( + getCurActivity(), + resBuildResult, + KeyedBuildResult( + buildResult, + DerivedPath::Opaque{storePath}).toJSON(worker.store)); + return amDone(result); } diff --git a/src/libutil/logging.hh b/src/libutil/logging.hh index 9d655f73592..aeb058526b6 100644 --- a/src/libutil/logging.hh +++ b/src/libutil/logging.hh @@ -39,6 +39,7 @@ typedef enum { resPostBuildLogLine = 107, resFetchStatus = 108, resHashMismatch = 109, + resBuildResult = 110, } ResultType; typedef uint64_t ActivityId; From b540c2419f2974780e0bff3d04a767248b90451f Mon Sep 17 00:00:00 2001 From: Sergei Zimmerman Date: Thu, 13 Mar 2025 12:55:39 +0000 Subject: [PATCH 286/815] {libutil,libexpr}: Move pos-idx,pos-table code to libutil All of this code doesn't actually depend on anything from libexpr. Because Pos is so tigtly coupled with Error, it makes sense to have in the same library. (cherry picked from commit a53b184e63114ec390e3a1b1f7cd45b8a012ab04) --- maintainers/flake-module.nix | 1 - src/libexpr/meson.build | 2 -- src/libexpr/nixexpr.cc | 35 ------------------------- src/libutil/meson.build | 3 +++ src/{libexpr => libutil}/pos-idx.hh | 1 + src/libutil/pos-table.cc | 37 +++++++++++++++++++++++++++ src/{libexpr => libutil}/pos-table.hh | 10 +++++--- 7 files changed, 48 insertions(+), 41 deletions(-) rename src/{libexpr => libutil}/pos-idx.hh (98%) create mode 100644 src/libutil/pos-table.cc rename src/{libexpr => libutil}/pos-table.hh (94%) diff --git a/maintainers/flake-module.nix b/maintainers/flake-module.nix index 4d504b8eec2..f18e9b41e91 100644 --- a/maintainers/flake-module.nix +++ b/maintainers/flake-module.nix @@ -127,7 +127,6 @@ ''^src/libexpr/nixexpr\.cc$'' ''^src/libexpr/nixexpr\.hh$'' ''^src/libexpr/parser-state\.hh$'' - ''^src/libexpr/pos-table\.hh$'' ''^src/libexpr/primops\.cc$'' ''^src/libexpr/primops\.hh$'' ''^src/libexpr/primops/context\.cc$'' diff --git a/src/libexpr/meson.build b/src/libexpr/meson.build index 987300d58c1..dffcc1742ee 100644 --- a/src/libexpr/meson.build +++ b/src/libexpr/meson.build @@ -172,8 +172,6 @@ headers = [config_h] + files( # internal: 'lexer-helpers.hh', 'nixexpr.hh', 'parser-state.hh', - 'pos-idx.hh', - 'pos-table.hh', 'primops.hh', 'print-ambiguous.hh', 'print-options.hh', diff --git a/src/libexpr/nixexpr.cc b/src/libexpr/nixexpr.cc index e8bd02b9bc9..f172267281e 100644 --- a/src/libexpr/nixexpr.cc +++ b/src/libexpr/nixexpr.cc @@ -601,41 +601,6 @@ void ExprLambda::setDocComment(DocComment docComment) { } }; - - -/* Position table. */ - -Pos PosTable::operator[](PosIdx p) const -{ - auto origin = resolve(p); - if (!origin) - return {}; - - const auto offset = origin->offsetOf(p); - - Pos result{0, 0, origin->origin}; - auto lines = this->lines.lock(); - auto linesForInput = (*lines)[origin->offset]; - - if (linesForInput.empty()) { - auto source = result.getSource().value_or(""); - const char * begin = source.data(); - for (Pos::LinesIterator it(source), end; it != end; it++) - linesForInput.push_back(it->data() - begin); - if (linesForInput.empty()) - linesForInput.push_back(0); - } - // as above: the first line starts at byte 0 and is always present - auto lineStartOffset = std::prev( - std::upper_bound(linesForInput.begin(), linesForInput.end(), offset)); - - result.line = 1 + (lineStartOffset - linesForInput.begin()); - result.column = 1 + (offset - *lineStartOffset); - return result; -} - - - /* Symbol table. */ size_t SymbolTable::totalSize() const diff --git a/src/libutil/meson.build b/src/libutil/meson.build index df459f0e57f..9e70d0549f0 100644 --- a/src/libutil/meson.build +++ b/src/libutil/meson.build @@ -155,6 +155,7 @@ sources = files( 'memory-source-accessor.cc', 'mounted-source-accessor.cc', 'position.cc', + 'pos-table.cc', 'posix-source-accessor.cc', 'references.cc', 'serialise.cc', @@ -225,6 +226,8 @@ headers = [config_h] + files( 'muxable-pipe.hh', 'os-string.hh', 'pool.hh', + 'pos-idx.hh', + 'pos-table.hh', 'position.hh', 'posix-source-accessor.hh', 'processes.hh', diff --git a/src/libexpr/pos-idx.hh b/src/libutil/pos-idx.hh similarity index 98% rename from src/libexpr/pos-idx.hh rename to src/libutil/pos-idx.hh index 2faa6b7fe4f..c1749ba6935 100644 --- a/src/libexpr/pos-idx.hh +++ b/src/libutil/pos-idx.hh @@ -1,4 +1,5 @@ #pragma once +///@file #include #include diff --git a/src/libutil/pos-table.cc b/src/libutil/pos-table.cc new file mode 100644 index 00000000000..8178beb9018 --- /dev/null +++ b/src/libutil/pos-table.cc @@ -0,0 +1,37 @@ +#include "pos-table.hh" + +#include + +namespace nix { + +/* Position table. */ + +Pos PosTable::operator[](PosIdx p) const +{ + auto origin = resolve(p); + if (!origin) + return {}; + + const auto offset = origin->offsetOf(p); + + Pos result{0, 0, origin->origin}; + auto lines = this->lines.lock(); + auto linesForInput = (*lines)[origin->offset]; + + if (linesForInput.empty()) { + auto source = result.getSource().value_or(""); + const char * begin = source.data(); + for (Pos::LinesIterator it(source), end; it != end; it++) + linesForInput.push_back(it->data() - begin); + if (linesForInput.empty()) + linesForInput.push_back(0); + } + // as above: the first line starts at byte 0 and is always present + auto lineStartOffset = std::prev(std::upper_bound(linesForInput.begin(), linesForInput.end(), offset)); + + result.line = 1 + (lineStartOffset - linesForInput.begin()); + result.column = 1 + (offset - *lineStartOffset); + return result; +} + +} diff --git a/src/libexpr/pos-table.hh b/src/libutil/pos-table.hh similarity index 94% rename from src/libexpr/pos-table.hh rename to src/libutil/pos-table.hh index ba2b91cf35e..673cf62aee9 100644 --- a/src/libexpr/pos-table.hh +++ b/src/libutil/pos-table.hh @@ -1,4 +1,5 @@ #pragma once +///@file #include #include @@ -18,9 +19,12 @@ public: private: uint32_t offset; - Origin(Pos::Origin origin, uint32_t offset, size_t size): - offset(offset), origin(origin), size(size) - {} + Origin(Pos::Origin origin, uint32_t offset, size_t size) + : offset(offset) + , origin(origin) + , size(size) + { + } public: const Pos::Origin origin; From 8c2a792d2be1e9bceca237d3aadc847646e11867 Mon Sep 17 00:00:00 2001 From: Sergei Zimmerman Date: Thu, 13 Mar 2025 12:55:42 +0000 Subject: [PATCH 287/815] libutil: Document hacks and problems around Pos class This should provide context for follow-up commits in the patch series. (cherry picked from commit bf12aedf2edb10feb4605ebcde395e3b418ec58a) --- src/libutil/error.hh | 8 ++++++++ src/libutil/pos-table.hh | 11 +++++++++++ src/libutil/position.hh | 1 + 3 files changed, 20 insertions(+) diff --git a/src/libutil/error.hh b/src/libutil/error.hh index 58d9026222f..04fa18e35dd 100644 --- a/src/libutil/error.hh +++ b/src/libutil/error.hh @@ -50,6 +50,14 @@ struct LinesOfCode { std::optional nextLineOfCode; }; +/* NOTE: position.hh recursively depends on source-path.hh -> source-accessor.hh + -> hash.hh -> config.hh -> experimental-features.hh -> error.hh -> Pos. + There are other such cycles. + Thus, Pos has to be an incomplete type in this header. But since ErrorInfo/Trace + have to refer to Pos, they have to use pointer indirection via std::shared_ptr + to break the recursive header dependency. + FIXME: Untangle this mess. Should there be AbstractPos as there used to be before + 4feb7d9f71? */ struct Pos; void printCodeLines(std::ostream & out, diff --git a/src/libutil/pos-table.hh b/src/libutil/pos-table.hh index 673cf62aee9..a6fe09d7932 100644 --- a/src/libutil/pos-table.hh +++ b/src/libutil/pos-table.hh @@ -76,6 +76,17 @@ public: return PosIdx(1 + origin.offset + offset); } + /** + * Convert a byte-offset PosIdx into a Pos with line/column information. + * + * @param p Byte offset into the virtual concatenation of all parsed contents + * @return Position + * + * @warning Very expensive to call, as this has to read the entire source + * into memory each time. Call this only if absolutely necessary. Prefer + * to keep PosIdx around instead of needlessly converting it into Pos by + * using this lookup method. + */ Pos operator[](PosIdx p) const; Pos::Origin originOf(PosIdx p) const diff --git a/src/libutil/position.hh b/src/libutil/position.hh index 25217069c14..2ac68d15acf 100644 --- a/src/libutil/position.hh +++ b/src/libutil/position.hh @@ -50,6 +50,7 @@ struct Pos explicit operator bool() const { return line > 0; } + /* TODO: Why std::shared_ptr and not std::shared_ptr? */ operator std::shared_ptr() const; /** From 593e0eebeb8492505aa1b088ebe16467c1418de4 Mon Sep 17 00:00:00 2001 From: Sergei Zimmerman Date: Thu, 13 Mar 2025 12:55:45 +0000 Subject: [PATCH 288/815] libutil: Fix Pos::getSourcePath Previous implementation didn't actually check if std::get_if returned a nullptr: std::optional getSourcePath() const { return *std::get_if(&origin); } (cherry picked from commit 50123f2a566bd9157ef6ed64d95799473e5d8670) --- src/libutil/position.cc | 7 +++++++ src/libutil/position.hh | 4 +--- 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/src/libutil/position.cc b/src/libutil/position.cc index 946f167b611..275985c8c0d 100644 --- a/src/libutil/position.cc +++ b/src/libutil/position.cc @@ -66,6 +66,13 @@ std::optional Pos::getSource() const }, origin); } +std::optional Pos::getSourcePath() const +{ + if (auto * path = std::get_if(&origin)) + return *path; + return std::nullopt; +} + void Pos::print(std::ostream & out, bool showOrigin) const { if (showOrigin) { diff --git a/src/libutil/position.hh b/src/libutil/position.hh index 2ac68d15acf..07e261c4c54 100644 --- a/src/libutil/position.hh +++ b/src/libutil/position.hh @@ -70,9 +70,7 @@ struct Pos /** * Get the SourcePath, if the source was loaded from a file. */ - std::optional getSourcePath() const { - return *std::get_if(&origin); - } + std::optional getSourcePath() const; struct LinesIterator { using difference_type = size_t; From 11919bc4715119000ee439564c64dc4b5f118372 Mon Sep 17 00:00:00 2001 From: Sergei Zimmerman Date: Thu, 13 Mar 2025 16:24:30 +0000 Subject: [PATCH 289/815] {libexpr,libcmd}: Make debugger significantly faster MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The underlying issue is that debugger code path was calling PosTable::operator[] in each eval method. This has become incredibly expensive since 5d9fdab3de. While we are it it, I've reworked the code to not use std::shared_ptr where it really isn't necessary. As I've documented in previous commits, this is actually more a workaround for recursive header dependencies now and is only necessary in `error.hh` code. Some ad-hoc benchmarking: After this commit: ``` Benchmark 1: nix eval nixpkgs#hello --impure --ignore-try --no-eval-cache --debugger Time (mean ± σ): 784.2 ms ± 7.1 ms [User: 561.4 ms, System: 147.7 ms] Range (min … max): 773.5 ms … 792.6 ms 10 runs ``` On master 3604c7c51: ``` Benchmark 1: nix eval nixpkgs#hello --impure --ignore-try --no-eval-cache --debugger Time (mean ± σ): 22.914 s ± 0.178 s [User: 18.524 s, System: 4.151 s] Range (min … max): 22.738 s … 23.290 s 10 runs ``` (cherry picked from commit adbd08399c1817bc4dc5a1a3a32b160eaed49c6f) --- src/libcmd/repl.cc | 11 ++++------ src/libexpr/eval-error.cc | 2 +- src/libexpr/eval.cc | 44 +++++++++++++++++++++------------------ src/libexpr/eval.hh | 19 ++++++++++++++++- 4 files changed, 47 insertions(+), 29 deletions(-) diff --git a/src/libcmd/repl.cc b/src/libcmd/repl.cc index e6a8d41e2e2..281e1f6f048 100644 --- a/src/libcmd/repl.cc +++ b/src/libcmd/repl.cc @@ -140,16 +140,13 @@ static std::ostream & showDebugTrace(std::ostream & out, const PosTable & positi out << ANSI_RED "error: " << ANSI_NORMAL; out << dt.hint.str() << "\n"; - // prefer direct pos, but if noPos then try the expr. - auto pos = dt.pos - ? dt.pos - : positions[dt.expr.getPos() ? dt.expr.getPos() : noPos]; + auto pos = dt.getPos(positions); if (pos) { - out << *pos; - if (auto loc = pos->getCodeLines()) { + out << pos; + if (auto loc = pos.getCodeLines()) { out << "\n"; - printCodeLines(out, "", *pos, *loc); + printCodeLines(out, "", pos, *loc); out << "\n"; } } diff --git a/src/libexpr/eval-error.cc b/src/libexpr/eval-error.cc index cdb0b477242..b9742d3ea49 100644 --- a/src/libexpr/eval-error.cc +++ b/src/libexpr/eval-error.cc @@ -45,7 +45,7 @@ EvalErrorBuilder & EvalErrorBuilder::withFrame(const Env & env, const Expr // TODO: check compatibility with nested debugger calls. // TODO: What side-effects?? error.state.debugTraces.push_front(DebugTrace{ - .pos = error.state.positions[expr.getPos()], + .pos = expr.getPos(), .expr = expr, .env = env, .hint = HintFmt("Fake frame for debugging purposes"), diff --git a/src/libexpr/eval.cc b/src/libexpr/eval.cc index 6a45f24b82a..4e15175ac2d 100644 --- a/src/libexpr/eval.cc +++ b/src/libexpr/eval.cc @@ -771,18 +771,26 @@ void EvalState::runDebugRepl(const Error * error, const Env & env, const Expr & if (!debugRepl || inDebugger) return; - auto dts = - error && expr.getPos() - ? std::make_unique( - *this, - DebugTrace { - .pos = error->info().pos ? error->info().pos : positions[expr.getPos()], + auto dts = [&]() -> std::unique_ptr { + if (error && expr.getPos()) { + auto trace = DebugTrace{ + .pos = [&]() -> std::variant { + if (error->info().pos) { + if (auto * pos = error->info().pos.get()) + return *pos; + return noPos; + } + return expr.getPos(); + }(), .expr = expr, .env = env, .hint = error->info().msg, - .isError = true - }) - : nullptr; + .isError = true}; + + return std::make_unique(*this, std::move(trace)); + } + return nullptr; + }(); if (error) { @@ -827,7 +835,7 @@ static std::unique_ptr makeDebugTraceStacker( EvalState & state, Expr & expr, Env & env, - std::shared_ptr && pos, + std::variant pos, const Args & ... formatArgs) { return std::make_unique(state, @@ -1104,7 +1112,7 @@ void EvalState::evalFile(const SourcePath & path, Value & v, bool mustBeTrivial) *this, *e, this->baseEnv, - e->getPos() ? std::make_shared(positions[e->getPos()]) : nullptr, + e->getPos(), "while evaluating the file '%1%':", resolvedPath.to_string()) : nullptr; @@ -1330,9 +1338,7 @@ void ExprLet::eval(EvalState & state, Env & env, Value & v) state, *this, env2, - getPos() - ? std::make_shared(state.positions[getPos()]) - : nullptr, + getPos(), "while evaluating a '%1%' expression", "let" ) @@ -1401,7 +1407,7 @@ void ExprSelect::eval(EvalState & state, Env & env, Value & v) state, *this, env, - state.positions[getPos()], + getPos(), "while evaluating the attribute '%1%'", showAttrPath(state, env, attrPath)) : nullptr; @@ -1602,7 +1608,7 @@ void EvalState::callFunction(Value & fun, std::span args, Value & vRes, try { auto dts = debugRepl ? makeDebugTraceStacker( - *this, *lambda.body, env2, positions[lambda.pos], + *this, *lambda.body, env2, lambda.pos, "while calling %s", lambda.name ? concatStrings("'", symbols[lambda.name], "'") @@ -1737,9 +1743,7 @@ void ExprCall::eval(EvalState & state, Env & env, Value & v) state, *this, env, - getPos() - ? std::make_shared(state.positions[getPos()]) - : nullptr, + getPos(), "while calling a function" ) : nullptr; @@ -2123,7 +2127,7 @@ void EvalState::forceValueDeep(Value & v) try { // If the value is a thunk, we're evaling. Otherwise no trace necessary. auto dts = debugRepl && i.value->isThunk() - ? makeDebugTraceStacker(*this, *i.value->payload.thunk.expr, *i.value->payload.thunk.env, positions[i.pos], + ? makeDebugTraceStacker(*this, *i.value->payload.thunk.expr, *i.value->payload.thunk.env, i.pos, "while evaluating the attribute '%1%'", symbols[i.name]) : nullptr; diff --git a/src/libexpr/eval.hh b/src/libexpr/eval.hh index b11e40c30ca..eb6f667a253 100644 --- a/src/libexpr/eval.hh +++ b/src/libexpr/eval.hh @@ -171,11 +171,28 @@ struct RegexCache; std::shared_ptr makeRegexCache(); struct DebugTrace { - std::shared_ptr pos; + /* WARNING: Converting PosIdx -> Pos should be done with extra care. This is + due to the fact that operator[] of PosTable is incredibly expensive. */ + std::variant pos; const Expr & expr; const Env & env; HintFmt hint; bool isError; + + Pos getPos(const PosTable & table) const + { + return std::visit( + overloaded{ + [&](PosIdx idx) { + // Prefer direct pos, but if noPos then try the expr. + if (!idx) + idx = expr.getPos(); + return table[idx]; + }, + [&](Pos pos) { return pos; }, + }, + pos); + } }; class EvalState : public std::enable_shared_from_this From fd0d824fa5b3ed367903d49efd75c30d886de6a5 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 14 Mar 2025 17:05:38 +0100 Subject: [PATCH 290/815] Don't use DerivedPath::toJSON() It doesn't work on unrealized paths. --- src/libstore/build-result.cc | 17 +++++++++++++---- src/libstore/build-result.hh | 3 +-- src/libstore/build/derivation-goal.cc | 7 ++++--- src/libstore/build/substitution-goal.cc | 7 ++++--- 4 files changed, 22 insertions(+), 12 deletions(-) diff --git a/src/libstore/build-result.cc b/src/libstore/build-result.cc index 3e316f6791f..e6469e38f05 100644 --- a/src/libstore/build-result.cc +++ b/src/libstore/build-result.cc @@ -23,11 +23,20 @@ void to_json(nlohmann::json & json, const BuildResult & buildResult) json["stopTime"] = buildResult.stopTime; } -nlohmann::json KeyedBuildResult::toJSON(Store & store) const +void to_json(nlohmann::json & json, const KeyedBuildResult & buildResult) { - auto json = nlohmann::json((const BuildResult &) *this); - json["path"] = path.toJSON(store); - return json; + to_json(json, (const BuildResult &) buildResult); + auto path = nlohmann::json::object(); + std::visit( + overloaded{ + [&](const DerivedPathOpaque & opaque) { path["opaque"] = opaque.path.to_string(); }, + [&](const DerivedPathBuilt & drv) { + path["drvPath"] = drv.drvPath->getBaseStorePath().to_string(); + path["outputs"] = drv.outputs.to_string(); + }, + }, + buildResult.path.raw()); + json["path"] = std::move(path); } } diff --git a/src/libstore/build-result.hh b/src/libstore/build-result.hh index f56817f19c1..44862980de4 100644 --- a/src/libstore/build-result.hh +++ b/src/libstore/build-result.hh @@ -134,10 +134,9 @@ struct KeyedBuildResult : BuildResult KeyedBuildResult(BuildResult res, DerivedPath path) : BuildResult(std::move(res)), path(std::move(path)) { } - - nlohmann::json toJSON(Store & store) const; }; void to_json(nlohmann::json & json, const BuildResult & buildResult); +void to_json(nlohmann::json & json, const KeyedBuildResult & buildResult); } diff --git a/src/libstore/build/derivation-goal.cc b/src/libstore/build/derivation-goal.cc index 6c335e17c08..a32dc5e53ed 100644 --- a/src/libstore/build/derivation-goal.cc +++ b/src/libstore/build/derivation-goal.cc @@ -1566,9 +1566,10 @@ Goal::Done DerivationGoal::done( logger->result( act ? act->id : getCurActivity(), resBuildResult, - KeyedBuildResult( - buildResult, - DerivedPath::Built{.drvPath = makeConstantStorePathRef(drvPath), .outputs = wantedOutputs}).toJSON(worker.store)); + nlohmann::json( + KeyedBuildResult( + buildResult, + DerivedPath::Built{.drvPath = makeConstantStorePathRef(drvPath), .outputs = wantedOutputs}))); return amDone(buildResult.success() ? ecSuccess : ecFailed, std::move(ex)); } diff --git a/src/libstore/build/substitution-goal.cc b/src/libstore/build/substitution-goal.cc index 625e64781aa..41d8a0c3002 100644 --- a/src/libstore/build/substitution-goal.cc +++ b/src/libstore/build/substitution-goal.cc @@ -42,9 +42,10 @@ Goal::Done PathSubstitutionGoal::done( logger->result( getCurActivity(), resBuildResult, - KeyedBuildResult( - buildResult, - DerivedPath::Opaque{storePath}).toJSON(worker.store)); + nlohmann::json( + KeyedBuildResult( + buildResult, + DerivedPath::Opaque{storePath}))); return amDone(result); } From 8674792eba1ba41dc3d048ab8d88f3cdf2bb2aa2 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 14 Mar 2025 17:33:48 +0100 Subject: [PATCH 291/815] Make the JSON logger more robust We now ignore connection / write errors. --- src/libutil/logging.cc | 15 +++++++++++++-- src/nix/main.cc | 6 +++++- 2 files changed, 18 insertions(+), 3 deletions(-) diff --git a/src/libutil/logging.cc b/src/libutil/logging.cc index c7b859bd536..de8df24b016 100644 --- a/src/libutil/logging.cc +++ b/src/libutil/logging.cc @@ -196,6 +196,7 @@ struct JSONLogger : Logger { struct State { + bool enabled = true; }; Sync _state; @@ -208,8 +209,18 @@ struct JSONLogger : Logger { /* Acquire a lock to prevent log messages from clobbering each other. */ - auto state(_state.lock()); - writeLine(fd, line); + try { + auto state(_state.lock()); + if (state->enabled) + writeLine(fd, line); + } catch (...) { + bool enabled = false; + std::swap(_state.lock()->enabled, enabled); + if (enabled) { + ignoreExceptionExceptInterrupt(); + logger->warn("disabling JSON logger due to write errors"); + } + } } void log(Verbosity lvl, std::string_view s) override diff --git a/src/nix/main.cc b/src/nix/main.cc index 68137a216a3..644c65cf041 100644 --- a/src/nix/main.cc +++ b/src/nix/main.cc @@ -502,7 +502,11 @@ void mainWrapped(int argc, char * * argv) } if (!extLoggerSettings.jsonLogPath.get().empty()) { - logger = makeTeeLogger({logger, makeJSONLogger(std::filesystem::path(extLoggerSettings.jsonLogPath.get()), false)}); + try { + logger = makeTeeLogger({logger, makeJSONLogger(std::filesystem::path(extLoggerSettings.jsonLogPath.get()), false)}); + } catch (...) { + ignoreExceptionExceptInterrupt(); + } } if (args.helpRequested) { From aecd2b5d92b98cee235bcb8aae4f2efa49bb5649 Mon Sep 17 00:00:00 2001 From: Pierre-Etienne Meunier Date: Wed, 26 Feb 2025 12:02:53 +0100 Subject: [PATCH 292/815] Fix macos sandbox issue Co-authored-by: John Ericson Co-authored-by: Poliorcetics (cherry picked from commit 300465c7b852fb4934cd862305573c902b7d5ac9) --- src/libstore/unix/build/local-derivation-goal.cc | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/src/libstore/unix/build/local-derivation-goal.cc b/src/libstore/unix/build/local-derivation-goal.cc index 61a36dd51c3..b4f5c23a4d9 100644 --- a/src/libstore/unix/build/local-derivation-goal.cc +++ b/src/libstore/unix/build/local-derivation-goal.cc @@ -2144,7 +2144,18 @@ void LocalDerivationGoal::runChild() without file-write* allowed, access() incorrectly returns EPERM */ sandboxProfile += "(allow file-read* file-write* process-exec\n"; + + // We create multiple allow lists, to avoid exceeding a limit in the darwin sandbox interpreter. + // See https://github.com/NixOS/nix/issues/4119 + // We split our allow groups approximately at half the actual limit, 1 << 16 + const int breakpoint = sandboxProfile.length() + (1 << 14); for (auto & i : pathsInChroot) { + + if (sandboxProfile.length() >= breakpoint) { + debug("Sandbox break: %d %d", sandboxProfile.length(), breakpoint); + sandboxProfile += ")\n(allow file-read* file-write* process-exec\n"; + } + if (i.first != i.second.source) throw Error( "can't map '%1%' to '%2%': mismatched impure paths not supported on Darwin", From 32ab3ef598a18c6257badb17ecd53c67e7c35689 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Wed, 12 Mar 2025 08:51:01 +0000 Subject: [PATCH 293/815] libutil/file-descriptor: handle EAGAIN in read/write operations We now see exception beeing thrown when remote building in master because of writing to a non-blocking file descriptor from our json logger. > #0 0x00007f2ea97aea9c in __pthread_kill_implementation () from /nix/store/wn7v2vhyyyi6clcyn0s9ixvl7d4d87ic-glibc-2.40-36/lib/libc.so.6 > #1 0x00007f2ea975c576 in raise () from /nix/store/wn7v2vhyyyi6clcyn0s9ixvl7d4d87ic-glibc-2.40-36/lib/libc.so.6 > #2 0x00007f2ea9744935 in abort () from /nix/store/wn7v2vhyyyi6clcyn0s9ixvl7d4d87ic-glibc-2.40-36/lib/libc.so.6 > #3 0x00007f2ea99e8c2b in __gnu_cxx::__verbose_terminate_handler() [clone .cold] () from /nix/store/ybjcla5bhj8g1y84998pn4a2drfxybkv-gcc-13.3.0-lib/lib/libstdc++.so.6 > #4 0x00007f2ea99f820a in __cxxabiv1::__terminate(void (*)()) () from /nix/store/ybjcla5bhj8g1y84998pn4a2drfxybkv-gcc-13.3.0-lib/lib/libstdc++.so.6 > #5 0x00007f2ea99f8275 in std::terminate() () from /nix/store/ybjcla5bhj8g1y84998pn4a2drfxybkv-gcc-13.3.0-lib/lib/libstdc++.so.6 > #6 0x00007f2ea99f84c7 in __cxa_throw () from /nix/store/ybjcla5bhj8g1y84998pn4a2drfxybkv-gcc-13.3.0-lib/lib/libstdc++.so.6 > #7 0x00007f2eaa5035c2 in nix::writeFull (fd=2, s=..., allowInterrupts=true) at ../unix/file-descriptor.cc:43 > #8 0x00007f2eaa5633c4 in nix::JSONLogger::write (this=this@entry=0x249a7d40, json=...) at /nix/store/4krab2h0hd4wvxxmscxrw21pl77j4i7j-gcc-13.3.0/include/c++/13.3.0/bits/char_traits.h:358 > #9 0x00007f2eaa5658d7 in nix::JSONLogger::logEI (this=, ei=...) at ../logging.cc:242 > #10 0x00007f2ea9c5d048 in nix::Logger::logEI (ei=..., lvl=nix::lvlError, this=0x249a7d40) at /nix/store/a7cq5bqh0ryvnkv4m19ffchnvi8l9qx6-nix-util-2.27.0-dev/include/nix/logging.hh:108 > #11 nix::handleExceptions (programName="nix", fun=...) at ../shared.cc:343 > #12 0x0000000000465b1f in main (argc=, argv=) at /nix/store/4krab2h0hd4wvxxmscxrw21pl77j4i7j-gcc-13.3.0/include/c++/13.3.0/bits/allocator.h:163 > (gdb) frame 10 > #10 0x00007f2ea9c5d048 in nix::Logger::logEI (ei=..., lvl=nix::lvlError, this=0x249a7d40) at /nix/store/a7cq5bqh0ryvnkv4m19ffchnvi8l9qx6-nix-util-2.27.0-dev/include/nix/logging.hh:108 > 108 logEI(ei); So far only drainFD sets the non-blocking flag on a "readable" file descriptor, while this is a "writeable" file descriptor. It's not clear to me yet, why we see logs after that point, but it's also not that bad to handle EAGAIN in read/write functions after all. (cherry picked from commit 2790f5f9aeac7cb4179918fac26f4fb74fe4f53d) --- src/libutil/unix/file-descriptor.cc | 44 ++++++++++++++++++++++++++--- 1 file changed, 40 insertions(+), 4 deletions(-) diff --git a/src/libutil/unix/file-descriptor.cc b/src/libutil/unix/file-descriptor.cc index ac7c086af80..a02a53b1eeb 100644 --- a/src/libutil/unix/file-descriptor.cc +++ b/src/libutil/unix/file-descriptor.cc @@ -5,9 +5,27 @@ #include #include +#include namespace nix { +namespace { + +// This function is needed to handle non-blocking reads/writes. This is needed in the buildhook, because +// somehow the json logger file descriptor ends up beeing non-blocking and breaks remote-building. +// TODO: get rid of buildhook and remove this function again (https://github.com/NixOS/nix/issues/12688) +void pollFD(int fd, int events) +{ + struct pollfd pfd; + pfd.fd = fd; + pfd.events = events; + int ret = poll(&pfd, 1, -1); + if (ret == -1) { + throw SysError("poll on file descriptor failed"); + } +} +} + std::string readFile(int fd) { struct stat st; @@ -17,14 +35,18 @@ std::string readFile(int fd) return drainFD(fd, true, st.st_size); } - void readFull(int fd, char * buf, size_t count) { while (count) { checkInterrupt(); ssize_t res = read(fd, buf, count); if (res == -1) { - if (errno == EINTR) continue; + switch (errno) { + case EINTR: continue; + case EAGAIN: + pollFD(fd, POLLIN); + continue; + } throw SysError("reading from file"); } if (res == 0) throw EndOfFile("unexpected end-of-file"); @@ -39,8 +61,15 @@ void writeFull(int fd, std::string_view s, bool allowInterrupts) while (!s.empty()) { if (allowInterrupts) checkInterrupt(); ssize_t res = write(fd, s.data(), s.size()); - if (res == -1 && errno != EINTR) + if (res == -1) { + switch (errno) { + case EINTR: continue; + case EAGAIN: + pollFD(fd, POLLOUT); + continue; + } throw SysError("writing to file"); + } if (res > 0) s.remove_prefix(res); } @@ -56,8 +85,15 @@ std::string readLine(int fd, bool eofOk) // FIXME: inefficient ssize_t rd = read(fd, &ch, 1); if (rd == -1) { - if (errno != EINTR) + switch (errno) { + case EINTR: continue; + case EAGAIN: { + pollFD(fd, POLLIN); + continue; + } + default: throw SysError("reading a line"); + } } else if (rd == 0) { if (eofOk) return s; From 0ec28acef9091c9de2c5868f785f4a90387b5d2a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Wed, 19 Mar 2025 16:04:04 +0100 Subject: [PATCH 294/815] libfetchers: fix double quote in path printed in logger (cherry picked from commit 314e9fbeda73b7af7149d304fb04e6fb5426f05c) --- src/libfetchers/path.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libfetchers/path.cc b/src/libfetchers/path.cc index 9d1cce0f398..bdc7538e20f 100644 --- a/src/libfetchers/path.cc +++ b/src/libfetchers/path.cc @@ -125,7 +125,7 @@ struct PathInputScheme : InputScheme auto absPath = getAbsPath(input); - Activity act(*logger, lvlTalkative, actUnknown, fmt("copying '%s' to the store", absPath)); + Activity act(*logger, lvlTalkative, actUnknown, fmt("copying %s to the store", absPath)); // FIXME: check whether access to 'path' is allowed. auto storePath = store->maybeParseStorePath(absPath.string()); From c32441f207194e480f4570df5560a9ffc2d207da Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 20 Mar 2025 20:20:02 +0100 Subject: [PATCH 295/815] Remove redundant quotes --- src/libutil/logging.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libutil/logging.cc b/src/libutil/logging.cc index de8df24b016..ddf90d7c53a 100644 --- a/src/libutil/logging.cc +++ b/src/libutil/logging.cc @@ -323,7 +323,7 @@ Logger * makeJSONLogger(const std::filesystem::path & path, bool includeNixPrefi ? connect(path) : toDescriptor(open(path.c_str(), O_CREAT | O_APPEND | O_WRONLY, 0644)); if (!fd) - throw SysError("opening log file '%1%'", path); + throw SysError("opening log file %1%", path); return new JSONFileLogger(std::move(fd), includeNixPrefix); } From 3f56dd9927ae96c19fd2afd3865ab400809227e2 Mon Sep 17 00:00:00 2001 From: "Shahar \"Dawn\" Or" Date: Thu, 20 Mar 2025 17:43:20 +0000 Subject: [PATCH 296/815] stack overflow is EvalBaseError (cherry picked from commit 23c7a45a05907786f85c9e937f11923b96821d4e) --- src/libexpr/eval-inline.hh | 2 +- tests/functional/flakes/eval-cache.sh | 11 +++++++++++ 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/src/libexpr/eval-inline.hh b/src/libexpr/eval-inline.hh index 631c0f39610..5d1a0c4d60c 100644 --- a/src/libexpr/eval-inline.hh +++ b/src/libexpr/eval-inline.hh @@ -146,7 +146,7 @@ inline void EvalState::forceList(Value & v, const PosIdx pos, std::string_view e [[gnu::always_inline]] inline CallDepth EvalState::addCallDepth(const PosIdx pos) { if (callDepth > settings.maxCallDepth) - error("stack overflow; max-call-depth exceeded").atPos(pos).debugThrow(); + error("stack overflow; max-call-depth exceeded").atPos(pos).debugThrow(); return CallDepth(callDepth); }; diff --git a/tests/functional/flakes/eval-cache.sh b/tests/functional/flakes/eval-cache.sh index 40a0db61879..75a2c8cacbf 100755 --- a/tests/functional/flakes/eval-cache.sh +++ b/tests/functional/flakes/eval-cache.sh @@ -22,6 +22,11 @@ cat >"$flake1Dir/flake.nix" < \$out ''; }; + stack-depth = + let + f = x: if x == 0 then true else f (x - 1); + in + assert (f 100); self.drv; ifd = assert (import self.drv); self.drv; }; } @@ -33,6 +38,12 @@ git -C "$flake1Dir" commit -m "Init" expect 1 nix build "$flake1Dir#foo.bar" 2>&1 | grepQuiet 'error: breaks' expect 1 nix build "$flake1Dir#foo.bar" 2>&1 | grepQuiet 'error: breaks' +# Stack overflow error must not be cached +expect 1 nix build --max-call-depth 50 "$flake1Dir#stack-depth" 2>&1 \ + | grepQuiet 'error: stack overflow; max-call-depth exceeded' +# If the SO is cached, the following invocation will produce a cached failure; we expect it to succeed +nix build --no-link "$flake1Dir#stack-depth" + # Conditional error should not be cached expect 1 nix build "$flake1Dir#ifd" --option allow-import-from-derivation false 2>&1 \ | grepQuiet 'error: cannot build .* during evaluation because the option '\''allow-import-from-derivation'\'' is disabled' From bc3a847784223978580878fdb8dce141c37d9cbf Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 21 Mar 2025 15:59:05 +0100 Subject: [PATCH 297/815] BuildResult: Serialize builtOutputs --- src/libstore/build-result.cc | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/src/libstore/build-result.cc b/src/libstore/build-result.cc index e6469e38f05..1f27f68f44a 100644 --- a/src/libstore/build-result.cc +++ b/src/libstore/build-result.cc @@ -32,7 +32,14 @@ void to_json(nlohmann::json & json, const KeyedBuildResult & buildResult) [&](const DerivedPathOpaque & opaque) { path["opaque"] = opaque.path.to_string(); }, [&](const DerivedPathBuilt & drv) { path["drvPath"] = drv.drvPath->getBaseStorePath().to_string(); - path["outputs"] = drv.outputs.to_string(); + path["outputs"] = drv.outputs; + auto outputs = nlohmann::json::object(); + for (auto & [name, output] : buildResult.builtOutputs) + outputs[name] = { + {"path", output.outPath.to_string()}, + {"signatures", output.signatures}, + }; + json["builtOutputs"] = std::move(outputs); }, }, buildResult.path.raw()); From b1f0f1c5a1ff8d988f5cd6d57128d1374123ba2a Mon Sep 17 00:00:00 2001 From: Jade Lovelace Date: Wed, 12 Mar 2025 08:29:29 +0000 Subject: [PATCH 298/815] port crash-handler from lix to nix It was first introduced in https://git.lix.systems/lix-project/lix/commit/19e0ce2c03d8e0baa16998b086665664c420c1df In Nix we only register the crash handler in main instead of initNix, because library user may want to use their own crash handler. Sample output: Mar 12 08:38:06 eve nix[2303762]: Nix crashed. This is a bug. Please report this at https://github.com/NixOS/nix/issues with the following information included: Mar 12 08:38:06 eve nix[2303762]: Exception: nix::SysError: error: writing to file: Resource temporarily unavailable Mar 12 08:38:06 eve nix[2303762]: Stack trace: Mar 12 08:38:06 eve nix[2303762]: 0# 0x000000000076876A in nix 1# 0x00007FDA40E9F20A in /nix/store/2lhklm5aizx30qbw49acnrrzkj9lbmij-gcc-14-20241116-lib/lib/libstdc++.so.6 2# std::unexpected() in /nix/store/2lhklm5aizx30qbw49acnrrzkj9lbmij-gcc-14-20241116-lib/lib/libstdc++.so.6 3# 0x00007FDA40E9F487 in /nix/store/2lhklm5aizx30qbw49acnrrzkj9lbmij-gcc-14-20241116-lib/lib/libstdc++.so.6 4# nix::writeFull(int, std::basic_string_view >, bool) in /home/joerg/git/nix/inst/lib/libnixutil.so 5# nix::writeLine(int, std::__cxx11::basic_string, std::allocator >) in /home/joerg/git/nix/inst/lib/libnixutil.so 6# nix::JSONLogger::write(nlohmann::json_abi_v3_11_3::basic_json, std::allocator >, bool, long, unsigned long, double, std::allocator, nlohmann::json_abi_v3_11_3::adl_serializer, std::vector >, void> const&) in /home/joerg/git/nix/inst/lib/libnixutil.so 7# nix::JSONLogger::logEI(nix::ErrorInfo const&) in /home/joerg/git/nix/inst/lib/libnixutil.so 8# nix::Logger::logEI(nix::Verbosity, nix::ErrorInfo) in nix 9# nix::handleExceptions(std::__cxx11::basic_string, std::allocator > const&, std::function) in /home/joerg/git/nix/inst/lib/libnixmain.so 10# 0x000000000087A563 in nix 11# 0x00007FDA40BD41FE in /nix/store/6q2mknq81cyscjmkv72fpcsvan56qhmg-glibc-2.40-66/lib/libc.so.6 12# __libc_start_main in /nix/store/6q2mknq81cyscjmkv72fpcsvan56qhmg-glibc-2.40-66/lib/libc.so.6 13# 0x00000000006F4DF5 in nix Co-authored-by: eldritch horrors (cherry picked from commit 163f94412a36c7f0ac28440db4b8e3179d07e505) --- src/nix/crash-handler.cc | 67 ++++++++++++++++++++++++++++++++++++++++ src/nix/crash-handler.hh | 11 +++++++ src/nix/main.cc | 3 ++ src/nix/meson.build | 1 + 4 files changed, 82 insertions(+) create mode 100644 src/nix/crash-handler.cc create mode 100644 src/nix/crash-handler.hh diff --git a/src/nix/crash-handler.cc b/src/nix/crash-handler.cc new file mode 100644 index 00000000000..8ffd436acee --- /dev/null +++ b/src/nix/crash-handler.cc @@ -0,0 +1,67 @@ +#include "crash-handler.hh" +#include "fmt.hh" +#include "logging.hh" + +#include +#include +#include + +// Darwin and FreeBSD stdenv do not define _GNU_SOURCE but do have _Unwind_Backtrace. +#if __APPLE__ || __FreeBSD__ +# define BOOST_STACKTRACE_GNU_SOURCE_NOT_REQUIRED +#endif + +#include + +#ifndef _WIN32 +# include +#endif + +namespace nix { + +namespace { + +void logFatal(std::string const & s) +{ + writeToStderr(s + "\n"); + // std::string for guaranteed null termination +#ifndef _WIN32 + syslog(LOG_CRIT, "%s", s.c_str()); +#endif +} + +void onTerminate() +{ + logFatal( + "Nix crashed. This is a bug. Please report this at https://github.com/NixOS/nix/issues with the following information included:\n"); + try { + std::exception_ptr eptr = std::current_exception(); + if (eptr) { + std::rethrow_exception(eptr); + } else { + logFatal("std::terminate() called without exception"); + } + } catch (const std::exception & ex) { + logFatal(fmt("Exception: %s: %s", boost::core::demangle(typeid(ex).name()), ex.what())); + } catch (...) { + logFatal("Unknown exception!"); + } + + logFatal("Stack trace:"); + std::stringstream ss; + ss << boost::stacktrace::stacktrace(); + logFatal(ss.str()); + + std::abort(); +} +} + +void registerCrashHandler() +{ + // DO NOT use this for signals. Boost stacktrace is very much not + // async-signal-safe, and in a world with ASLR, addr2line is pointless. + // + // If you want signals, set up a minidump system and do it out-of-process. + std::set_terminate(onTerminate); +} +} diff --git a/src/nix/crash-handler.hh b/src/nix/crash-handler.hh new file mode 100644 index 00000000000..018e867474e --- /dev/null +++ b/src/nix/crash-handler.hh @@ -0,0 +1,11 @@ +#pragma once +/// @file Crash handler for Nix that prints back traces (hopefully in instances where it is not just going to crash the +/// process itself). + +namespace nix { + +/** Registers the Nix crash handler for std::terminate (currently; will support more crashes later). See also + * detectStackOverflow(). */ +void registerCrashHandler(); + +} diff --git a/src/nix/main.cc b/src/nix/main.cc index c5e9c0e7f80..0a6b77e9e96 100644 --- a/src/nix/main.cc +++ b/src/nix/main.cc @@ -20,6 +20,7 @@ #include "flake/flake.hh" #include "self-exe.hh" #include "json-utils.hh" +#include "crash-handler.hh" #include #include @@ -354,6 +355,8 @@ void mainWrapped(int argc, char * * argv) { savedArgv = argv; + registerCrashHandler(); + /* The chroot helper needs to be run before any threads have been started. */ #ifndef _WIN32 diff --git a/src/nix/meson.build b/src/nix/meson.build index 398750498fd..79ad840f648 100644 --- a/src/nix/meson.build +++ b/src/nix/meson.build @@ -77,6 +77,7 @@ nix_sources = [config_h] + files( 'config-check.cc', 'config.cc', 'copy.cc', + 'crash-handler.cc', 'derivation-add.cc', 'derivation-show.cc', 'derivation.cc', From 624b54a392e627b0d2a0f076cfdc95e2089fa0d4 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 21 Mar 2025 19:31:47 +0100 Subject: [PATCH 299/815] Bump version --- .version | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.version b/.version index a5f3e61bdc9..f0465234b5a 100644 --- a/.version +++ b/.version @@ -1 +1 @@ -2.27.0 +2.27.1 From d000f5943a28ef8666116d70fc8fd5ff47d53df9 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 21 Mar 2025 20:23:46 +0100 Subject: [PATCH 300/815] rl-2.27.md: Fix GitHub links https://discourse.nixos.org/t/nix-2-27-0-released/62003/2?u=edolstra (cherry picked from commit be5a455a1a5824b3c52faeec7fa6899ded25621f) --- doc/manual/source/release-notes/rl-2.27.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/manual/source/release-notes/rl-2.27.md b/doc/manual/source/release-notes/rl-2.27.md index 1c8e39795a7..b4918029aa0 100644 --- a/doc/manual/source/release-notes/rl-2.27.md +++ b/doc/manual/source/release-notes/rl-2.27.md @@ -30,9 +30,9 @@ The evaluator now presents a "union" filesystem view of the `/nix/store` in the host and the chroot. - This change also removes some hacks that broke `builtins.{path,filterSource}` in chroot stores [#11503](https://github.com/NixOS/nix/issue/11503). + This change also removes some hacks that broke `builtins.{path,filterSource}` in chroot stores [#11503](https://github.com/NixOS/nix/issues/11503). -- `nix flake prefetch` now has a `--out-link` option [#12443](https://github.com/NixOS/nix/issue/12443) +- `nix flake prefetch` now has a `--out-link` option [#12443](https://github.com/NixOS/nix/pull/12443) - Set `FD_CLOEXEC` on sockets created by curl [#12439](https://github.com/NixOS/nix/pull/12439) From c73f672afd1537aa6a2df619e33b186a09244029 Mon Sep 17 00:00:00 2001 From: Sergei Zimmerman Date: Sat, 22 Mar 2025 12:16:47 +0000 Subject: [PATCH 301/815] packaging/everything.nix: Fix doc and man outputs We want the $doc, $man outputs to be symlinks pointing to nix-manual and nix-manual.man. Creating the directories first makes the `ln` command produce symlink $doc/${nix-manual} instead. ``` $file /nix/store/q4dwlnd36gpfajgfcp6hca2xwy068wjq-nix-2.27.1-man/rwh8ky3k040wyrywl8k2v5b3csdfbdg7-nix-manual-2.27.1-man /nix/store/q4dwlnd36gpfajgfcp6hca2xwy068wjq-nix-2.27.1-man/rwh8ky3k040wyrywl8k2v5b3csdfbdg7-nix-manual-2.27.1-man: symbolic link to /nix/store/rwh8ky3k040wyrywl8k2v5b3csdfbdg7-nix-manual-2.27.1-man ``` This is the reason `nix-env --help` is once again broken on 2.26/2.27/master after 4108529. (cherry picked from commit 0ddfbc5939e38d2cc3ab195e7093d4b62a0b626b) --- packaging/everything.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packaging/everything.nix b/packaging/everything.nix index c9ad26823b8..75ef1c11d9c 100644 --- a/packaging/everything.nix +++ b/packaging/everything.nix @@ -192,7 +192,7 @@ stdenv.mkDerivation (finalAttrs: { devPaths = lib.mapAttrsToList (_k: lib.getDev) finalAttrs.finalPackage.libs; in '' - mkdir -p $out $dev $doc $man + mkdir -p $out $dev # Merged outputs lndir ${nix-cli} $out From 7d7508fb7ab5df1664262324f471d717585f1f8e Mon Sep 17 00:00:00 2001 From: John Ericson Date: Sun, 23 Mar 2025 18:00:36 -0400 Subject: [PATCH 302/815] `monitor-fd.hh`: Format It's a pretty small diff, so let's just start formatting before we make other changes. (cherry picked from commit 041394b741ade095210a396d6a3ab3218d86e1c1) --- maintainers/flake-module.nix | 1 - src/libutil/unix/monitor-fd.hh | 11 +++++------ 2 files changed, 5 insertions(+), 7 deletions(-) diff --git a/maintainers/flake-module.nix b/maintainers/flake-module.nix index f18e9b41e91..4c75df24608 100644 --- a/maintainers/flake-module.nix +++ b/maintainers/flake-module.nix @@ -396,7 +396,6 @@ ''^src/libutil/types\.hh$'' ''^src/libutil/unix/file-descriptor\.cc$'' ''^src/libutil/unix/file-path\.cc$'' - ''^src/libutil/unix/monitor-fd\.hh$'' ''^src/libutil/unix/processes\.cc$'' ''^src/libutil/unix/signals-impl\.hh$'' ''^src/libutil/unix/signals\.cc$'' diff --git a/src/libutil/unix/monitor-fd.hh b/src/libutil/unix/monitor-fd.hh index b6610feff98..cfbf10d5a94 100644 --- a/src/libutil/unix/monitor-fd.hh +++ b/src/libutil/unix/monitor-fd.hh @@ -14,7 +14,6 @@ namespace nix { - class MonitorFdHup { private: @@ -33,11 +32,11 @@ public: anymore. So wait for read events and ignore them. */ fds[0].events = - #ifdef __APPLE__ +#ifdef __APPLE__ POLLRDNORM - #else +#else 0 - #endif +#endif ; auto count = poll(fds, 1, -1); if (count == -1) @@ -50,7 +49,8 @@ public: coordination with the main thread if spinning proves too harmful. */ - if (count == 0) continue; + if (count == 0) + continue; if (fds[0].revents & POLLHUP) { unix::triggerInterrupt(); break; @@ -70,5 +70,4 @@ public: } }; - } From 709e228589caa6b0644f1d27450833c985814d12 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Fri, 21 Mar 2025 16:23:31 +0100 Subject: [PATCH 303/815] `MonitorFdHup`: raise explicit SysError rather unreachable Syscalls can fail for many reasons and we don't want to loose the errno and error context. (cherry picked from commit 8e0bc2c3a858118fa9f4c2532d43b71b39b0adc1) --- src/libutil/unix/monitor-fd.hh | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/src/libutil/unix/monitor-fd.hh b/src/libutil/unix/monitor-fd.hh index cfbf10d5a94..0829c130918 100644 --- a/src/libutil/unix/monitor-fd.hh +++ b/src/libutil/unix/monitor-fd.hh @@ -39,8 +39,11 @@ public: #endif ; auto count = poll(fds, 1, -1); - if (count == -1) - unreachable(); + if (count == -1) { + if (errno == EINTR || errno == EAGAIN) + continue; + throw SysError("failed to poll() in MonitorFdHup"); + } /* This shouldn't happen, but can on macOS due to a bug. See rdar://37550628. From 1a461baee1b1a568aeac081e64a435e37878025f Mon Sep 17 00:00:00 2001 From: John Ericson Date: Sun, 23 Mar 2025 17:58:50 -0400 Subject: [PATCH 304/815] `MonitorFdHup`: Cleanup a bit with designated initializers (cherry picked from commit d028bb4c4af2b502af21768eeae41e851dde74be) --- src/libutil/unix/monitor-fd.hh | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/src/libutil/unix/monitor-fd.hh b/src/libutil/unix/monitor-fd.hh index 0829c130918..235a7db3c3e 100644 --- a/src/libutil/unix/monitor-fd.hh +++ b/src/libutil/unix/monitor-fd.hh @@ -25,19 +25,22 @@ public: thread = std::thread([fd]() { while (true) { /* Wait indefinitely until a POLLHUP occurs. */ - struct pollfd fds[1]; - fds[0].fd = fd; + struct pollfd fds[1] = { + { + .fd = fd, + .events = /* Polling for no specific events (i.e. just waiting for an error/hangup) doesn't work on macOS anymore. So wait for read events and ignore them. */ - fds[0].events = #ifdef __APPLE__ - POLLRDNORM + POLLRDNORM, #else - 0 + 0, #endif - ; + }, + }; + auto count = poll(fds, 1, -1); if (count == -1) { if (errno == EINTR || errno == EAGAIN) From df18c9b2ed34c53f7533d49cb30791b4f153e280 Mon Sep 17 00:00:00 2001 From: John Ericson Date: Sun, 23 Mar 2025 18:21:20 -0400 Subject: [PATCH 305/815] `MonitorFdHup`: introduce a `num_fds` variable Better than just putting `1` in multiple spots. (cherry picked from commit cb95791198019a5eb8996c4bc47b2ed10cf1ec41) --- src/libutil/unix/monitor-fd.hh | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/libutil/unix/monitor-fd.hh b/src/libutil/unix/monitor-fd.hh index 235a7db3c3e..ca17703420e 100644 --- a/src/libutil/unix/monitor-fd.hh +++ b/src/libutil/unix/monitor-fd.hh @@ -25,7 +25,8 @@ public: thread = std::thread([fd]() { while (true) { /* Wait indefinitely until a POLLHUP occurs. */ - struct pollfd fds[1] = { + constexpr size_t num_fds = 1; + struct pollfd fds[num_fds] = { { .fd = fd, .events = @@ -41,7 +42,7 @@ public: }, }; - auto count = poll(fds, 1, -1); + auto count = poll(fds, num_fds, -1); if (count == -1) { if (errno == EINTR || errno == EAGAIN) continue; From ea19cb2f5002449ae9fa4dfbbafe722bf5577646 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?F=C3=A9lix=20Baylac=20Jacqu=C3=A9?= Date: Tue, 12 Sep 2023 13:38:29 +0200 Subject: [PATCH 306/815] `MonitorFdHup`: replace `pthread_cancel` trick with a notification pipe On https://github.com/NixOS/nix/issues/8946, we faced a surprising behaviour wrt. exception when using pthread_cancel. In a nutshell when a thread is inside a catch block and it's getting pthread_cancel by another one, then the original exception is bubbled up and crashes the process. We now poll on the notification pipe from the thread and exit when the main thread closes its end. This solution does not exhibit surprising behaviour wrt. exceptions. Co-authored-by: Mic92 Fixes https://github.com/NixOS/nix/issues/8946 See also Lix https://gerrit.lix.systems/c/lix/+/1605 which is very similar by coincidence. Pulled a comment from that. (cherry picked from commit 1c636284a3f4c39dcab88c804a2c96a729c47b85) --- src/libutil-tests/monitorfdhup.cc | 18 +++++++++++++ src/libutil/unix/monitor-fd.hh | 42 +++++++++++++++++++++++-------- 2 files changed, 49 insertions(+), 11 deletions(-) create mode 100644 src/libutil-tests/monitorfdhup.cc diff --git a/src/libutil-tests/monitorfdhup.cc b/src/libutil-tests/monitorfdhup.cc new file mode 100644 index 00000000000..01ecb92d96c --- /dev/null +++ b/src/libutil-tests/monitorfdhup.cc @@ -0,0 +1,18 @@ +#include "util.hh" +#include "monitor-fd.hh" + +#include +#include + +namespace nix { +TEST(MonitorFdHup, shouldNotBlock) +{ + Pipe p; + p.create(); + { + // when monitor gets destroyed it should cancel the + // background thread and do not block + MonitorFdHup monitor(p.readSide.get()); + } +} +} diff --git a/src/libutil/unix/monitor-fd.hh b/src/libutil/unix/monitor-fd.hh index ca17703420e..d6ec47f495d 100644 --- a/src/libutil/unix/monitor-fd.hh +++ b/src/libutil/unix/monitor-fd.hh @@ -18,27 +18,45 @@ class MonitorFdHup { private: std::thread thread; + Pipe notifyPipe; public: MonitorFdHup(int fd) { - thread = std::thread([fd]() { + notifyPipe.create(); + thread = std::thread([this, fd]() { while (true) { - /* Wait indefinitely until a POLLHUP occurs. */ - constexpr size_t num_fds = 1; - struct pollfd fds[num_fds] = { - { - .fd = fd, - .events = /* Polling for no specific events (i.e. just waiting for an error/hangup) doesn't work on macOS anymore. So wait for read events and ignore them. */ + // FIXME(jade): we have looked at the XNU kernel code and as + // far as we can tell, the above is bogus. It should be the + // case that the previous version of this and the current + // version are identical: waiting for POLLHUP and POLLRDNORM in + // the kernel *should* be identical. + // https://github.com/apple-oss-distributions/xnu/blob/94d3b452840153a99b38a3a9659680b2a006908e/bsd/kern/sys_generic.c#L1751-L1758 + // + // So, this needs actual testing and we need to figure out if + // this is actually bogus. + short hangup_events = #ifdef __APPLE__ - POLLRDNORM, + POLLRDNORM #else - 0, + 0 #endif + ; + + /* Wait indefinitely until a POLLHUP occurs. */ + constexpr size_t num_fds = 2; + struct pollfd fds[num_fds] = { + { + .fd = fd, + .events = hangup_events, + }, + { + .fd = notifyPipe.readSide.get(), + .events = hangup_events, }, }; @@ -48,7 +66,6 @@ public: continue; throw SysError("failed to poll() in MonitorFdHup"); } - /* This shouldn't happen, but can on macOS due to a bug. See rdar://37550628. @@ -62,6 +79,9 @@ public: unix::triggerInterrupt(); break; } + if (fds[1].revents & POLLHUP) { + break; + } /* This will only happen on macOS. We sleep a bit to avoid waking up too often if the client is sending input. */ @@ -72,7 +92,7 @@ public: ~MonitorFdHup() { - pthread_cancel(thread.native_handle()); + close(notifyPipe.writeSide.get()); thread.join(); } }; From 27f29ff6edf875d344fb8fb8f4f2df20505ab3fc Mon Sep 17 00:00:00 2001 From: Jade Lovelace Date: Sat, 13 Jul 2024 00:27:09 +0200 Subject: [PATCH 307/815] daemon: remove workaround for macOS kernel bug that seems fixed This was filed as https://github.com/nixos/nix/issues/7584, but as far as I can tell, the previous solution of POLLHUP works just fine on macOS 14. I've also tested on an ancient machine with macOS 10.15.7, which also has POLLHUP work correctly. It's possible this might regress some older versions of macOS that have a kernel bug, but I went looking through the history on the sources and didn't find anything that looked terribly convincingly like a bug fix between 2020 and today. If such a broken version exists, it seems pretty reasonable to suggest simply updating the OS. Change-Id: I178a038baa000f927ea2cbc4587d69d8ab786843 Based off of commit 69e2ee5b25752ba5fd8644cef56fb9d627ca4a64. Ericson2314 added additional other information. (cherry picked from commit 9b3352c3c8c6719bab787acca993ee3f36bf73da) --- src/libutil/unix/monitor-fd.hh | 47 +++++++++++++++++++++++----------- 1 file changed, 32 insertions(+), 15 deletions(-) diff --git a/src/libutil/unix/monitor-fd.hh b/src/libutil/unix/monitor-fd.hh index d6ec47f495d..334506146a8 100644 --- a/src/libutil/unix/monitor-fd.hh +++ b/src/libutil/unix/monitor-fd.hh @@ -26,22 +26,38 @@ public: notifyPipe.create(); thread = std::thread([this, fd]() { while (true) { - /* Polling for no specific events (i.e. just waiting - for an error/hangup) doesn't work on macOS - anymore. So wait for read events and ignore - them. */ - // FIXME(jade): we have looked at the XNU kernel code and as - // far as we can tell, the above is bogus. It should be the - // case that the previous version of this and the current - // version are identical: waiting for POLLHUP and POLLRDNORM in - // the kernel *should* be identical. + // There is a POSIX violation on macOS: you have to listen for + // at least POLLHUP to receive HUP events for a FD. POSIX says + // this is not so, and you should just receive them regardless. + // However, as of our testing on macOS 14.5, the events do not + // get delivered if in the all-bits-unset case, but do get + // delivered if `POLLHUP` is set. + // + // This bug filed as rdar://37537852 + // (https://openradar.appspot.com/37537852). + // + // macOS's own man page + // (https://developer.apple.com/library/archive/documentation/System/Conceptual/ManPages_iPhoneOS/man2/poll.2.html) + // additionally says that `POLLHUP` is ignored as an input. It + // seems the likely order of events here was + // + // 1. macOS did not follow the POSIX spec + // + // 2. Somebody ninja-fixed this other spec violation to make + // sure `POLLHUP` was not forgotten about, even though they + // "fixed" this issue in a spec-non-compliant way. Whatever, + // we'll use the fix. + // + // Relevant code, current version, which shows the : // https://github.com/apple-oss-distributions/xnu/blob/94d3b452840153a99b38a3a9659680b2a006908e/bsd/kern/sys_generic.c#L1751-L1758 // - // So, this needs actual testing and we need to figure out if - // this is actually bogus. + // The `POLLHUP` detection was added in + // https://github.com/apple-oss-distributions/xnu/commit/e13b1fa57645afc8a7b2e7d868fe9845c6b08c40#diff-a5aa0b0e7f4d866ca417f60702689fc797e9cdfe33b601b05ccf43086c35d395R1468 + // That means added in 2007 or earlier. Should be good enough + // for us. short hangup_events = #ifdef __APPLE__ - POLLRDNORM + POLLHUP #else 0 #endif @@ -82,9 +98,10 @@ public: if (fds[1].revents & POLLHUP) { break; } - /* This will only happen on macOS. We sleep a bit to - avoid waking up too often if the client is sending - input. */ + // On macOS, it is possible (although not observed on macOS + // 14.5) that in some limited cases on buggy kernel versions, + // all the non-POLLHUP events for the socket get delivered. + // Sleeping avoids pointlessly spinning a thread on those. sleep(1); } }); From 490e7c0984be6ad749aa93fcb9d5a9b0b5356593 Mon Sep 17 00:00:00 2001 From: John Ericson Date: Sun, 23 Mar 2025 19:11:17 -0400 Subject: [PATCH 308/815] `MonitorFdHup`: Don't sleep anymore After the previous commit it should not be necessary. Furthermore, if we *do* sleep, we'll exacerbate a race condition (in conjunction with getting rid of the thread cancellation) that will cause test failures. (cherry picked from commit 49f486d8e088d4633872dfef342fe9fac4f83b6d) --- src/libutil/unix/monitor-fd.hh | 23 ++++++++++++++++++----- 1 file changed, 18 insertions(+), 5 deletions(-) diff --git a/src/libutil/unix/monitor-fd.hh b/src/libutil/unix/monitor-fd.hh index 334506146a8..d59832452ab 100644 --- a/src/libutil/unix/monitor-fd.hh +++ b/src/libutil/unix/monitor-fd.hh @@ -98,11 +98,24 @@ public: if (fds[1].revents & POLLHUP) { break; } - // On macOS, it is possible (although not observed on macOS - // 14.5) that in some limited cases on buggy kernel versions, - // all the non-POLLHUP events for the socket get delivered. - // Sleeping avoids pointlessly spinning a thread on those. - sleep(1); + // On macOS, (jade thinks that) it is possible (although not + // observed on macOS 14.5) that in some limited cases on buggy + // kernel versions, all the non-POLLHUP events for the socket + // get delivered. + // + // We could sleep to avoid pointlessly spinning a thread on + // those, but this opens up a different problem, which is that + // if do sleep, it will be longer before the daemon fork for a + // client exits. Imagine a sequential shell script, running Nix + // commands, each of which talk to the daemon. If the previous + // command registered a temp root, exits, and then the next + // command issues a delete request before the temp root is + // cleaned up, that delete request might fail. + // + // Not sleeping doesn't actually fix the race condition --- we + // would need to block on the old connections' tempt roots being + // cleaned up in in the new connection --- but it does make it + // much less likely. } }); }; From 2e9a36a8feaf3fa2e6a74cdeaebeb9a28abd602f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Mon, 24 Mar 2025 12:09:39 +0100 Subject: [PATCH 309/815] `MonitorFdHup::~MonitorFdHup`: use proper close method instead of libc close() Otherwise closing it again will cause an EBADF in the AutoCloseFd class. (cherry picked from commit 87a34a45ff7e176a5ef291b1c923f4d637095a97) --- src/libutil/unix/monitor-fd.hh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libutil/unix/monitor-fd.hh b/src/libutil/unix/monitor-fd.hh index d59832452ab..c1f8705ebb0 100644 --- a/src/libutil/unix/monitor-fd.hh +++ b/src/libutil/unix/monitor-fd.hh @@ -122,7 +122,7 @@ public: ~MonitorFdHup() { - close(notifyPipe.writeSide.get()); + notifyPipe.writeSide.close(); thread.join(); } }; From 53ac3c8ba9ee8677a9f4831712810a71e8a51fae Mon Sep 17 00:00:00 2001 From: Kirens Date: Mon, 24 Mar 2025 09:25:09 +0100 Subject: [PATCH 310/815] make sure doc and manpage outputs are symlinks Part of https://github.com/NixOS/nixpkgs/pull/392549 The doc and manpage fix already happend in 0ddfbc5939e38d2cc3ab195e7093d4b62a0b626b (cherry picked from commit 15dfeb91824464a7c7b9991788bcf39d1dc30350) --- packaging/everything.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/packaging/everything.nix b/packaging/everything.nix index 75ef1c11d9c..2c65f209f31 100644 --- a/packaging/everything.nix +++ b/packaging/everything.nix @@ -201,8 +201,8 @@ stdenv.mkDerivation (finalAttrs: { done # Forwarded outputs - ln -s ${nix-manual} $doc - ln -s ${nix-manual.man} $man + ln -sT ${nix-manual} $doc + ln -sT ${nix-manual.man} $man ''; passthru = { From 01ffee00337fed43f5064df0d4c5ffcf4bcd57e8 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 24 Mar 2025 16:29:59 +0100 Subject: [PATCH 311/815] Bump version --- .version | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.version b/.version index f0465234b5a..05abc552641 100644 --- a/.version +++ b/.version @@ -1 +1 @@ -2.27.1 +2.27.2 From 9c26996e73057485f37165332583de5aa8c6bf3f Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 24 Mar 2025 21:34:11 +0100 Subject: [PATCH 312/815] Fix release notes (1.0.0 -> 3.0.0) --- doc/manual/source/SUMMARY.md.in | 2 +- doc/manual/source/release-notes-determinate/changes.md | 2 +- .../release-notes-determinate/{rl-1.0.0.md => rl-3.0.0.md} | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) rename doc/manual/source/release-notes-determinate/{rl-1.0.0.md => rl-3.0.0.md} (78%) diff --git a/doc/manual/source/SUMMARY.md.in b/doc/manual/source/SUMMARY.md.in index 8d6ad9f93be..c218c306bf5 100644 --- a/doc/manual/source/SUMMARY.md.in +++ b/doc/manual/source/SUMMARY.md.in @@ -128,7 +128,7 @@ - [Contributing](development/contributing.md) - [Determinate Nix Release Notes](release-notes-determinate/index.md) - [Changes between Nix and Determinate Nix](release-notes-determinate/changes.md) - - [Release 1.0.0 (2025-??-??)](release-notes-determinate/rl-1.0.0.md) + - [Release 3.0.0 (2025-03-04)](release-notes-determinate/rl-3.0.0.md) - [Nix Release Notes](release-notes/index.md) {{#include ./SUMMARY-rl-next.md}} - [Release 2.27 (2025-03-03)](release-notes/rl-2.27.md) diff --git a/doc/manual/source/release-notes-determinate/changes.md b/doc/manual/source/release-notes-determinate/changes.md index a71867ea2ec..4f60f139b02 100644 --- a/doc/manual/source/release-notes-determinate/changes.md +++ b/doc/manual/source/release-notes-determinate/changes.md @@ -1,6 +1,6 @@ # Changes between Nix and Determinate Nix -This section lists the differences between upstream Nix 2.24 and Determinate Nix 1.0. +This section lists the differences between upstream Nix 2.24 and Determinate Nix 3.0.0. * In Determinate Nix, flakes are stable. You no longer need to enable the `flakes` experimental feature. diff --git a/doc/manual/source/release-notes-determinate/rl-1.0.0.md b/doc/manual/source/release-notes-determinate/rl-3.0.0.md similarity index 78% rename from doc/manual/source/release-notes-determinate/rl-1.0.0.md rename to doc/manual/source/release-notes-determinate/rl-3.0.0.md index 16dcc9d3e9f..d60786e9a72 100644 --- a/doc/manual/source/release-notes-determinate/rl-1.0.0.md +++ b/doc/manual/source/release-notes-determinate/rl-3.0.0.md @@ -1,4 +1,4 @@ -# Release 1.0.0 (2025-??-??) +# Release 3.0.0 (2025-03-04) * Initial release of Determinate Nix. From 117d6719238c079c13858db9014653c542932c46 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 24 Mar 2025 21:28:34 +0100 Subject: [PATCH 313/815] Bump Determinate Nix version --- .version-determinate | 2 +- doc/manual/source/SUMMARY.md.in | 1 + doc/manual/source/release-notes-determinate/changes.md | 2 +- doc/manual/source/release-notes-determinate/rl-3.1.0.md | 3 +++ 4 files changed, 6 insertions(+), 2 deletions(-) create mode 100644 doc/manual/source/release-notes-determinate/rl-3.1.0.md diff --git a/.version-determinate b/.version-determinate index 4a36342fcab..fd2a01863fd 100644 --- a/.version-determinate +++ b/.version-determinate @@ -1 +1 @@ -3.0.0 +3.1.0 diff --git a/doc/manual/source/SUMMARY.md.in b/doc/manual/source/SUMMARY.md.in index c218c306bf5..57edad19915 100644 --- a/doc/manual/source/SUMMARY.md.in +++ b/doc/manual/source/SUMMARY.md.in @@ -129,6 +129,7 @@ - [Determinate Nix Release Notes](release-notes-determinate/index.md) - [Changes between Nix and Determinate Nix](release-notes-determinate/changes.md) - [Release 3.0.0 (2025-03-04)](release-notes-determinate/rl-3.0.0.md) + - [Release 3.1.0 (2025-??-??)](release-notes-determinate/rl-3.1.0.md) - [Nix Release Notes](release-notes/index.md) {{#include ./SUMMARY-rl-next.md}} - [Release 2.27 (2025-03-03)](release-notes/rl-2.27.md) diff --git a/doc/manual/source/release-notes-determinate/changes.md b/doc/manual/source/release-notes-determinate/changes.md index 4f60f139b02..fa468dee9e5 100644 --- a/doc/manual/source/release-notes-determinate/changes.md +++ b/doc/manual/source/release-notes-determinate/changes.md @@ -1,6 +1,6 @@ # Changes between Nix and Determinate Nix -This section lists the differences between upstream Nix 2.24 and Determinate Nix 3.0.0. +This section lists the differences between upstream Nix 2.24 and Determinate Nix 3.1.0. * In Determinate Nix, flakes are stable. You no longer need to enable the `flakes` experimental feature. diff --git a/doc/manual/source/release-notes-determinate/rl-3.1.0.md b/doc/manual/source/release-notes-determinate/rl-3.1.0.md new file mode 100644 index 00000000000..8d55939da64 --- /dev/null +++ b/doc/manual/source/release-notes-determinate/rl-3.1.0.md @@ -0,0 +1,3 @@ +# Release 3.1.0 (2025-??-??) + +* Based on [upstream Nix 2.27.1](../release-notes/rl-2.27.md). From 9d0c3dd6a747b1aeb9312041e17d8d72e9b1b713 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 24 Mar 2025 22:02:49 +0100 Subject: [PATCH 314/815] Formatting --- flake.nix | 42 ++++++++++++++++++++++------------------ packaging/components.nix | 11 ----------- 2 files changed, 23 insertions(+), 30 deletions(-) diff --git a/flake.nix b/flake.nix index a1a7b160c98..54cf1a36df6 100644 --- a/flake.nix +++ b/flake.nix @@ -310,27 +310,31 @@ closures = forAllSystems (system: self.packages.${system}.default.outPath); - closures_json = pkgs.runCommand "versions.json" - { - buildInputs = [ pkgs.jq ]; - passAsFile = [ "json" ]; - json = builtins.toJSON closures; - } '' - cat "$jsonPath" | jq . > $out - ''; + closures_json = + pkgs.runCommand "versions.json" + { + buildInputs = [ pkgs.jq ]; + passAsFile = [ "json" ]; + json = builtins.toJSON closures; + } + '' + cat "$jsonPath" | jq . > $out + ''; - closures_nix = pkgs.runCommand "versions.nix" - { - buildInputs = [ pkgs.jq ]; - passAsFile = [ "template" ]; - jsonPath = closures_json; - template = '' - builtins.fromJSON('''@closures@''') + closures_nix = + pkgs.runCommand "versions.nix" + { + buildInputs = [ pkgs.jq ]; + passAsFile = [ "template" ]; + jsonPath = closures_json; + template = '' + builtins.fromJSON('''@closures@''') + ''; + } + '' + export closures=$(cat "$jsonPath"); + substituteAll "$templatePath" "$out" ''; - } '' - export closures=$(cat "$jsonPath"); - substituteAll "$templatePath" "$out" - ''; in closures_nix; } diff --git a/packaging/components.nix b/packaging/components.nix index 4678e92ca1e..04b143bfe85 100644 --- a/packaging/components.nix +++ b/packaging/components.nix @@ -50,17 +50,6 @@ let exts: userFn: stdenv.mkDerivation (lib.extends (lib.composeManyExtensions exts) userFn); setVersionLayer = finalAttrs: prevAttrs: { - /* - preConfigure = - prevAttrs.preConfigure or "" - + - # Update the repo-global .version file. - # Symlink ./.version points there, but by default only workDir is writable. - '' - chmod u+w ./.version - echo ${finalAttrs.version} > ./.version - ''; - */ }; localSourceLayer = From 79122c66b1d0fb4acc2d32ed808315770d953ba5 Mon Sep 17 00:00:00 2001 From: Sergei Trofimovich Date: Wed, 25 Dec 2024 21:09:58 +0000 Subject: [PATCH 315/815] local-derivation-goal: improve "illegal reference" error Before the change "illegal reference" was hard to interpret as it did not mention what derivation actually hits it. Today's `nixpkgs` example: Before the change: $ nix build --no-link -f. postgresql_14 ... error: derivation contains an illegal reference specifier 'man' After the change: $ nix build --no-link -f. postgresql_14 ... error: derivation '/nix/store/bxp6g57limvwiga61vdlyvhy7i8rp6wd-postgresql-14.15.drv' output check for 'lib' contains an illegal reference specifier 'man', expected store path or output name (one of [debug, dev, doc, lib, out]) (cherry picked from commit bbdc3197a925b56bdec1220089de7622832bd2a3) --- src/libstore/unix/build/local-derivation-goal.cc | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/src/libstore/unix/build/local-derivation-goal.cc b/src/libstore/unix/build/local-derivation-goal.cc index b4f5c23a4d9..500f2aa0d88 100644 --- a/src/libstore/unix/build/local-derivation-goal.cc +++ b/src/libstore/unix/build/local-derivation-goal.cc @@ -2920,8 +2920,17 @@ void LocalDerivationGoal::checkOutputs(const std::mappath); - else - throw BuildError("derivation contains an illegal reference specifier '%s'", i); + else { + std::string allOutputs; + for (auto & o : outputs) { + if (! allOutputs.empty()) + allOutputs.append(", "); + allOutputs.append(o.first); + } + throw BuildError("derivation '%s' output check for '%s' contains an illegal reference specifier '%s'," + " expected store path or output name (one of [%s])", + worker.store.printStorePath(drvPath), outputName, i, allOutputs); + } } auto used = recursive From f9d1f3616944301e47ed2803a8171e5303cf7daf Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Sat, 18 Jan 2025 09:44:46 +0100 Subject: [PATCH 316/815] nix-util: Add concatMapStrings (cherry picked from commit f3dbaa3f54c54b0a71e230ab097c9a72d17c3ed9) --- src/libutil-tests/strings.cc | 36 ++++++++++++++++++++++++++++++++++++ src/libutil/strings.hh | 14 ++++++++++++++ 2 files changed, 50 insertions(+) diff --git a/src/libutil-tests/strings.cc b/src/libutil-tests/strings.cc index 206890bcf19..33a1fae9b23 100644 --- a/src/libutil-tests/strings.cc +++ b/src/libutil-tests/strings.cc @@ -80,6 +80,42 @@ TEST(concatStringsSep, buildSingleString) ASSERT_EQ(concatStringsSep(",", strings), "this"); } +TEST(concatMapStringsSep, empty) +{ + Strings strings; + + ASSERT_EQ(concatMapStringsSep(",", strings, [](const std::string & s) { return s; }), ""); +} + +TEST(concatMapStringsSep, justOne) +{ + Strings strings; + strings.push_back("this"); + + ASSERT_EQ(concatMapStringsSep(",", strings, [](const std::string & s) { return s; }), "this"); +} + +TEST(concatMapStringsSep, two) +{ + Strings strings; + strings.push_back("this"); + strings.push_back("that"); + + ASSERT_EQ(concatMapStringsSep(",", strings, [](const std::string & s) { return s; }), "this,that"); +} + +TEST(concatMapStringsSep, map) +{ + std::map strings; + strings["this"] = "that"; + strings["1"] = "one"; + + ASSERT_EQ( + concatMapStringsSep( + ", ", strings, [](const std::pair & s) { return s.first + " -> " + s.second; }), + "1 -> one, this -> that"); +} + /* ---------------------------------------------------------------------------- * dropEmptyInitThenConcatStringsSep * --------------------------------------------------------------------------*/ diff --git a/src/libutil/strings.hh b/src/libutil/strings.hh index c4fd3daa194..ae0f0070e94 100644 --- a/src/libutil/strings.hh +++ b/src/libutil/strings.hh @@ -55,6 +55,20 @@ extern template std::string concatStringsSep(std::string_view, const std::list &); extern template std::string concatStringsSep(std::string_view, const std::vector &); +/** + * Apply a function to the `iterable`'s items and concat them with `separator`. + */ +template +std::string concatMapStringsSep(std::string_view separator, const C & iterable, F fn) +{ + std::vector strings; + strings.reserve(iterable.size()); + for (const auto & elem : iterable) { + strings.push_back(fn(elem)); + } + return concatStringsSep(separator, strings); +} + /** * Ignore any empty strings at the start of the list, and then concatenate the * given strings with a separator between the elements. From aa7433982b3ab0a83bd742b5dc4d589fe816615b Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Sat, 18 Jan 2025 09:49:25 +0100 Subject: [PATCH 317/815] nix-util: Use small_vector in concatMapStringsSep (cherry picked from commit 32898dc46a21c628d3ae275310307c56cbe8ab03) --- src/libutil/strings.cc | 1 + src/libutil/strings.hh | 5 ++++- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/src/libutil/strings.cc b/src/libutil/strings.cc index 402b7ae98a3..b94bca61184 100644 --- a/src/libutil/strings.cc +++ b/src/libutil/strings.cc @@ -37,6 +37,7 @@ basicSplitString(std::basic_string_view s, std::basic_string_view &); template std::string concatStringsSep(std::string_view, const std::set &); template std::string concatStringsSep(std::string_view, const std::vector &); +template std::string concatStringsSep(std::string_view, const boost::container::small_vector &); typedef std::string_view strings_2[2]; template std::string concatStringsSep(std::string_view, const strings_2 &); diff --git a/src/libutil/strings.hh b/src/libutil/strings.hh index ae0f0070e94..521e3425f4a 100644 --- a/src/libutil/strings.hh +++ b/src/libutil/strings.hh @@ -6,6 +6,8 @@ #include #include +#include + namespace nix { /* @@ -54,6 +56,7 @@ std::string concatStringsSep(const std::string_view sep, const C & ss); extern template std::string concatStringsSep(std::string_view, const std::list &); extern template std::string concatStringsSep(std::string_view, const std::set &); extern template std::string concatStringsSep(std::string_view, const std::vector &); +extern template std::string concatStringsSep(std::string_view, const boost::container::small_vector &); /** * Apply a function to the `iterable`'s items and concat them with `separator`. @@ -61,7 +64,7 @@ extern template std::string concatStringsSep(std::string_view, const std::vector template std::string concatMapStringsSep(std::string_view separator, const C & iterable, F fn) { - std::vector strings; + boost::container::small_vector strings; strings.reserve(iterable.size()); for (const auto & elem : iterable) { strings.push_back(fn(elem)); From db1950e76807c47c0667969f751a53ddbf2cc063 Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Sat, 18 Jan 2025 09:58:17 +0100 Subject: [PATCH 318/815] checkRefs: use concatMapStringsSep (cherry picked from commit 2b4d461c14e01eb86f5b253e7df93c595f45f52e) --- src/libstore/unix/build/local-derivation-goal.cc | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) diff --git a/src/libstore/unix/build/local-derivation-goal.cc b/src/libstore/unix/build/local-derivation-goal.cc index 500f2aa0d88..0ccc4211b8d 100644 --- a/src/libstore/unix/build/local-derivation-goal.cc +++ b/src/libstore/unix/build/local-derivation-goal.cc @@ -2921,15 +2921,10 @@ void LocalDerivationGoal::checkOutputs(const std::mappath); else { - std::string allOutputs; - for (auto & o : outputs) { - if (! allOutputs.empty()) - allOutputs.append(", "); - allOutputs.append(o.first); - } + std::string outputsListing = concatMapStringsSep(", ", outputs, [](auto & o) { return o.first; }); throw BuildError("derivation '%s' output check for '%s' contains an illegal reference specifier '%s'," " expected store path or output name (one of [%s])", - worker.store.printStorePath(drvPath), outputName, i, allOutputs); + worker.store.printStorePath(drvPath), outputName, i, outputsListing); } } From 6f54b90f36a337a47b3772ca19c16e1f47d99650 Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Sat, 18 Jan 2025 10:21:08 +0100 Subject: [PATCH 319/815] test illegal reference specifier error message (cherry picked from commit f4def47c899a8f637449a3d3670c843a706218ca) --- tests/functional/check-refs.nix | 6 ++++++ tests/functional/check-refs.sh | 4 ++++ 2 files changed, 10 insertions(+) diff --git a/tests/functional/check-refs.nix b/tests/functional/check-refs.nix index 471d9575360..9512c73c1cc 100644 --- a/tests/functional/check-refs.nix +++ b/tests/functional/check-refs.nix @@ -79,4 +79,10 @@ rec { buildCommand = ''echo ${dep} > "''${outputs[out]}"''; }; + test12 = makeTest 12 { + builder = builtins.toFile "builder.sh" "mkdir $out $lib"; + outputs = ["out" "lib"]; + disallowedReferences = ["dev"]; + }; + } diff --git a/tests/functional/check-refs.sh b/tests/functional/check-refs.sh index 5c3ac915ecf..8eb93b48d3c 100755 --- a/tests/functional/check-refs.sh +++ b/tests/functional/check-refs.sh @@ -60,3 +60,7 @@ if ! isTestOnNixOS; then fi fi + +# test12 should fail (syntactically invalid). +expectStderr 1 nix-build -vvv -o "$RESULT" check-refs.nix -A test12 >"$TEST_ROOT/test12.stderr" +grepQuiet -F "output check for 'lib' contains an illegal reference specifier 'dev', expected store path or output name (one of [lib, out])" < "$TEST_ROOT/test12.stderr" From c2cffe62490f195bd5f11650c11f37bbf80b0f3c Mon Sep 17 00:00:00 2001 From: Sergei Trofimovich Date: Mon, 24 Mar 2025 22:34:09 +0000 Subject: [PATCH 320/815] tests/functional/check-refs.sh: guard test12 against too old nix daemon Otherwise without the change the test fails on nix-2.26 as: error: derivation contains an illegal reference specifier 'dev' Note: the error message does not match intended change. (cherry picked from commit 1e7c7244cf6e7f0fba83764153a31a9ff780cb7e) --- tests/functional/check-refs.sh | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/tests/functional/check-refs.sh b/tests/functional/check-refs.sh index 8eb93b48d3c..590c3fb536f 100755 --- a/tests/functional/check-refs.sh +++ b/tests/functional/check-refs.sh @@ -61,6 +61,8 @@ if ! isTestOnNixOS; then fi -# test12 should fail (syntactically invalid). -expectStderr 1 nix-build -vvv -o "$RESULT" check-refs.nix -A test12 >"$TEST_ROOT/test12.stderr" -grepQuiet -F "output check for 'lib' contains an illegal reference specifier 'dev', expected store path or output name (one of [lib, out])" < "$TEST_ROOT/test12.stderr" +if isDaemonNewer "2.28pre20241225"; then + # test12 should fail (syntactically invalid). + expectStderr 1 nix-build -vvv -o "$RESULT" check-refs.nix -A test12 >"$TEST_ROOT/test12.stderr" + grepQuiet -F "output check for 'lib' contains an illegal reference specifier 'dev', expected store path or output name (one of [lib, out])" < "$TEST_ROOT/test12.stderr" +fi From cadfed692ce3dd36a56916e111c0a366991828f3 Mon Sep 17 00:00:00 2001 From: Sergei Trofimovich Date: Mon, 24 Mar 2025 22:45:28 +0000 Subject: [PATCH 321/815] tests/functional/check-refs.nix: format newly added test (cherry picked from commit 4d72e0f73bc31ac200d57caba65f6355760df032) --- tests/functional/check-refs.nix | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/tests/functional/check-refs.nix b/tests/functional/check-refs.nix index 9512c73c1cc..bdd5c4f8dc3 100644 --- a/tests/functional/check-refs.nix +++ b/tests/functional/check-refs.nix @@ -81,8 +81,11 @@ rec { test12 = makeTest 12 { builder = builtins.toFile "builder.sh" "mkdir $out $lib"; - outputs = ["out" "lib"]; - disallowedReferences = ["dev"]; + outputs = [ + "out" + "lib" + ]; + disallowedReferences = [ "dev" ]; }; } From 502f0273904536d7c162767f33d0dfe3d6612e10 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 26 Mar 2025 22:15:39 +0100 Subject: [PATCH 322/815] nix daemon: Respect json-log-path and re-open for every connection We don't want to inherit the parent's JSON logger since then messages from different daemon processes may clobber each other. --- src/libstore/daemon.cc | 12 +++++++++++- src/libutil/logging.hh | 8 ++++++++ src/nix/main.cc | 19 ++----------------- 3 files changed, 21 insertions(+), 18 deletions(-) diff --git a/src/libstore/daemon.cc b/src/libstore/daemon.cc index b921dbe2de8..13655f6a80b 100644 --- a/src/libstore/daemon.cc +++ b/src/libstore/daemon.cc @@ -15,6 +15,7 @@ #include "derivations.hh" #include "args.hh" #include "git.hh" +#include "logging.hh" #ifndef _WIN32 // TODO need graceful async exit support on Windows? # include "monitor-fd.hh" @@ -1044,9 +1045,18 @@ void processConnection( auto tunnelLogger = new TunnelLogger(conn.to, protoVersion); auto prevLogger = nix::logger; // FIXME - if (!recursive) + if (!recursive) { logger = tunnelLogger; + if (!loggerSettings.jsonLogPath.get().empty()) { + try { + logger = makeTeeLogger({logger, makeJSONLogger(std::filesystem::path(loggerSettings.jsonLogPath.get()), false)}); + } catch (...) { + ignoreExceptionExceptInterrupt(); + } + } + } + unsigned int opCount = 0; Finally finally([&]() { diff --git a/src/libutil/logging.hh b/src/libutil/logging.hh index aeb058526b6..479459e9f6f 100644 --- a/src/libutil/logging.hh +++ b/src/libutil/logging.hh @@ -52,6 +52,14 @@ struct LoggerSettings : Config Whether Nix should print out a stack trace in case of Nix expression evaluation errors. )"}; + + Setting jsonLogPath{ + this, "", "json-log-path", + R"( + A path to which JSON records of Nix's log output will be + written, in the same format as `--log-format internal-json` + (without the `@nix ` prefixes on each line). + )"}; }; extern LoggerSettings loggerSettings; diff --git a/src/nix/main.cc b/src/nix/main.cc index 644c65cf041..cad561c66db 100644 --- a/src/nix/main.cc +++ b/src/nix/main.cc @@ -348,21 +348,6 @@ struct CmdHelpStores : Command static auto rCmdHelpStores = registerCommand("help-stores"); -struct ExtLoggerSettings : Config -{ - Setting jsonLogPath{ - this, "", "json-log-path", - R"( - A path to which JSON records of Nix's log output will be - written, in the same format as `--log-format internal-json` - (without the `@nix ` prefixes on each line). - )"}; -}; - -static ExtLoggerSettings extLoggerSettings; - -static GlobalConfig::Register rExtLoggerSettings(&extLoggerSettings); - void mainWrapped(int argc, char * * argv) { savedArgv = argv; @@ -501,9 +486,9 @@ void mainWrapped(int argc, char * * argv) if (!args.helpRequested && !args.completions) throw; } - if (!extLoggerSettings.jsonLogPath.get().empty()) { + if (!loggerSettings.jsonLogPath.get().empty()) { try { - logger = makeTeeLogger({logger, makeJSONLogger(std::filesystem::path(extLoggerSettings.jsonLogPath.get()), false)}); + logger = makeTeeLogger({logger, makeJSONLogger(std::filesystem::path(loggerSettings.jsonLogPath.get()), false)}); } catch (...) { ignoreExceptionExceptInterrupt(); } From 17d0810a7c4d5cd8ae6deff7d15fce6ea100a35b Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 26 Mar 2025 23:49:35 +0100 Subject: [PATCH 323/815] Cleanup --- src/libstore/daemon.cc | 12 +----------- src/libutil/logging.cc | 14 ++++++++++++++ src/libutil/logging.hh | 2 ++ src/nix/main.cc | 11 +---------- 4 files changed, 18 insertions(+), 21 deletions(-) diff --git a/src/libstore/daemon.cc b/src/libstore/daemon.cc index 1013b23a36f..32c8f4d2dd5 100644 --- a/src/libstore/daemon.cc +++ b/src/libstore/daemon.cc @@ -1050,17 +1050,7 @@ void processConnection( if (!recursive) { prevLogger_ = std::move(logger); logger = std::move(tunnelLogger_); - - if (!loggerSettings.jsonLogPath.get().empty()) { - try { - std::vector> loggers; - loggers.push_back(std::move(logger)); - loggers.push_back(makeJSONLogger(std::filesystem::path(loggerSettings.jsonLogPath.get()), false)); - logger = makeTeeLogger(std::move(loggers)); - } catch (...) { - ignoreExceptionExceptInterrupt(); - } - } + applyJSONLogger(); } unsigned int opCount = 0; diff --git a/src/libutil/logging.cc b/src/libutil/logging.cc index b4bca0b3623..fd54cc580b0 100644 --- a/src/libutil/logging.cc +++ b/src/libutil/logging.cc @@ -341,6 +341,20 @@ std::unique_ptr makeJSONLogger(const std::filesystem::path & path, bool return std::make_unique(std::move(fd), includeNixPrefix); } +void applyJSONLogger() +{ + if (!loggerSettings.jsonLogPath.get().empty()) { + try { + std::vector> loggers; + loggers.push_back(std::move(logger)); + loggers.push_back(makeJSONLogger(std::filesystem::path(loggerSettings.jsonLogPath.get()), false)); + logger = makeTeeLogger(std::move(loggers)); + } catch (...) { + ignoreExceptionExceptInterrupt(); + } + } +} + static Logger::Fields getFields(nlohmann::json & json) { Logger::Fields fields; diff --git a/src/libutil/logging.hh b/src/libutil/logging.hh index 5b69f501c84..290a49bb845 100644 --- a/src/libutil/logging.hh +++ b/src/libutil/logging.hh @@ -221,6 +221,8 @@ std::unique_ptr makeJSONLogger(Descriptor fd, bool includeNixPrefix = tr std::unique_ptr makeJSONLogger(const std::filesystem::path & path, bool includeNixPrefix = true); +void applyJSONLogger(); + /** * @param source A noun phrase describing the source of the message, e.g. "the builder". */ diff --git a/src/nix/main.cc b/src/nix/main.cc index f81a02ce6dc..a2dc371d466 100644 --- a/src/nix/main.cc +++ b/src/nix/main.cc @@ -487,16 +487,7 @@ void mainWrapped(int argc, char * * argv) if (!args.helpRequested && !args.completions) throw; } - if (!loggerSettings.jsonLogPath.get().empty()) { - try { - std::vector> loggers; - loggers.push_back(std::move(logger)); - loggers.push_back(makeJSONLogger(std::filesystem::path(loggerSettings.jsonLogPath.get()), false)); - logger = makeTeeLogger(std::move(loggers)); - } catch (...) { - ignoreExceptionExceptInterrupt(); - } - } + applyJSONLogger(); if (args.helpRequested) { std::vector subcommand; From eca002ddc40c92ee714445a28e6155b9c235a801 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 27 Mar 2025 13:54:07 +0100 Subject: [PATCH 324/815] Don't segfault if we can't create the JSON logger --- src/libutil/logging.cc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/libutil/logging.cc b/src/libutil/logging.cc index fd54cc580b0..16ff1c5f4a6 100644 --- a/src/libutil/logging.cc +++ b/src/libutil/logging.cc @@ -344,12 +344,13 @@ std::unique_ptr makeJSONLogger(const std::filesystem::path & path, bool void applyJSONLogger() { if (!loggerSettings.jsonLogPath.get().empty()) { + std::vector> loggers; try { - std::vector> loggers; loggers.push_back(std::move(logger)); loggers.push_back(makeJSONLogger(std::filesystem::path(loggerSettings.jsonLogPath.get()), false)); logger = makeTeeLogger(std::move(loggers)); } catch (...) { + logger = std::move(loggers[0]); ignoreExceptionExceptInterrupt(); } } From 37f3b255b285e87f353bc9451be5f322c7696e1b Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 27 Mar 2025 17:17:01 +0100 Subject: [PATCH 325/815] makeTeeLogger(): Distinguish between main and extra loggers --- src/libutil/logging.cc | 9 +++++---- src/libutil/logging.hh | 9 ++++++++- src/libutil/tee-logger.cc | 9 +++++++-- 3 files changed, 20 insertions(+), 7 deletions(-) diff --git a/src/libutil/logging.cc b/src/libutil/logging.cc index 16ff1c5f4a6..7884b6f298e 100644 --- a/src/libutil/logging.cc +++ b/src/libutil/logging.cc @@ -344,15 +344,16 @@ std::unique_ptr makeJSONLogger(const std::filesystem::path & path, bool void applyJSONLogger() { if (!loggerSettings.jsonLogPath.get().empty()) { - std::vector> loggers; try { - loggers.push_back(std::move(logger)); + std::vector> loggers; loggers.push_back(makeJSONLogger(std::filesystem::path(loggerSettings.jsonLogPath.get()), false)); - logger = makeTeeLogger(std::move(loggers)); + // Note: this had better not throw, otherwise `logger` is + // left unset. + logger = makeTeeLogger(std::move(logger), std::move(loggers)); } catch (...) { - logger = std::move(loggers[0]); ignoreExceptionExceptInterrupt(); } + } } diff --git a/src/libutil/logging.hh b/src/libutil/logging.hh index 290a49bb845..07f49be19d1 100644 --- a/src/libutil/logging.hh +++ b/src/libutil/logging.hh @@ -215,7 +215,14 @@ extern std::unique_ptr logger; std::unique_ptr makeSimpleLogger(bool printBuildLogs = true); -std::unique_ptr makeTeeLogger(std::vector> && loggers); +/** + * Create a logger that sends log messages to `mainLogger` and the + * list of loggers in `extraLoggers`. Only `mainLogger` is used for + * writing to stdout and getting user input. + */ +std::unique_ptr makeTeeLogger( + std::unique_ptr mainLogger, + std::vector> && extraLoggers); std::unique_ptr makeJSONLogger(Descriptor fd, bool includeNixPrefix = true); diff --git a/src/libutil/tee-logger.cc b/src/libutil/tee-logger.cc index 84527ffded7..cb254826410 100644 --- a/src/libutil/tee-logger.cc +++ b/src/libutil/tee-logger.cc @@ -100,9 +100,14 @@ struct TeeLogger : Logger } }; -std::unique_ptr makeTeeLogger(std::vector> && loggers) +std::unique_ptr +makeTeeLogger(std::unique_ptr mainLogger, std::vector> && extraLoggers) { - return std::make_unique(std::move(loggers)); + std::vector> allLoggers; + allLoggers.push_back(std::move(mainLogger)); + for (auto & l : extraLoggers) + allLoggers.push_back(std::move(l)); + return std::make_unique(std::move(allLoggers)); } } From f80f7e001b4638667d59551f89b641f0e3fcbfa6 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 27 Mar 2025 19:07:00 +0100 Subject: [PATCH 326/815] Abort if we cannot create TeeLogger --- src/libutil/logging.cc | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/src/libutil/logging.cc b/src/libutil/logging.cc index 7884b6f298e..617ebeb1676 100644 --- a/src/libutil/logging.cc +++ b/src/libutil/logging.cc @@ -347,9 +347,12 @@ void applyJSONLogger() try { std::vector> loggers; loggers.push_back(makeJSONLogger(std::filesystem::path(loggerSettings.jsonLogPath.get()), false)); - // Note: this had better not throw, otherwise `logger` is - // left unset. - logger = makeTeeLogger(std::move(logger), std::move(loggers)); + try { + logger = makeTeeLogger(std::move(logger), std::move(loggers)); + } catch (...) { + // `logger` is now gone so give up. + abort(); + } } catch (...) { ignoreExceptionExceptInterrupt(); } From 9e6c999bdfdf54dbf02c28e5cddab0ba670c14be Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 27 Mar 2025 19:07:06 +0100 Subject: [PATCH 327/815] Add release note --- doc/manual/source/release-notes-determinate/changes.md | 2 ++ doc/manual/source/release-notes-determinate/rl-3.0.0.md | 2 ++ 2 files changed, 4 insertions(+) diff --git a/doc/manual/source/release-notes-determinate/changes.md b/doc/manual/source/release-notes-determinate/changes.md index fa468dee9e5..8e6d053d0f6 100644 --- a/doc/manual/source/release-notes-determinate/changes.md +++ b/doc/manual/source/release-notes-determinate/changes.md @@ -5,3 +5,5 @@ This section lists the differences between upstream Nix 2.24 and Determinate Nix * In Determinate Nix, flakes are stable. You no longer need to enable the `flakes` experimental feature. * In Determinate Nix, the new Nix CLI (i.e. the `nix` command) is stable. You no longer need to enable the `nix-command` experimental feature. + +* Determinate Nix has a setting [`json-log-path`](@docroot@/command-ref/conf-file.md#conf-json-log-path) to send a copy of all Nix log messages (in JSON format) to a file or Unix domain socket. diff --git a/doc/manual/source/release-notes-determinate/rl-3.0.0.md b/doc/manual/source/release-notes-determinate/rl-3.0.0.md index d60786e9a72..ba9c0479b4b 100644 --- a/doc/manual/source/release-notes-determinate/rl-3.0.0.md +++ b/doc/manual/source/release-notes-determinate/rl-3.0.0.md @@ -3,3 +3,5 @@ * Initial release of Determinate Nix. * Based on [upstream Nix 2.26.2](../release-notes/rl-2.26.md). + +* New setting `json-log-path` that sends a copy of all Nix log messages (in JSON format) to a file or Unix domain socket. From 10f9b2f1fc7edab32d7729ed1643d474caaec114 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 27 Mar 2025 19:08:09 +0100 Subject: [PATCH 328/815] Set release date --- doc/manual/source/SUMMARY.md.in | 2 +- doc/manual/source/release-notes-determinate/rl-3.1.0.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/manual/source/SUMMARY.md.in b/doc/manual/source/SUMMARY.md.in index 57edad19915..69babe05bfe 100644 --- a/doc/manual/source/SUMMARY.md.in +++ b/doc/manual/source/SUMMARY.md.in @@ -129,7 +129,7 @@ - [Determinate Nix Release Notes](release-notes-determinate/index.md) - [Changes between Nix and Determinate Nix](release-notes-determinate/changes.md) - [Release 3.0.0 (2025-03-04)](release-notes-determinate/rl-3.0.0.md) - - [Release 3.1.0 (2025-??-??)](release-notes-determinate/rl-3.1.0.md) + - [Release 3.1.0 (2025-03-27)](release-notes-determinate/rl-3.1.0.md) - [Nix Release Notes](release-notes/index.md) {{#include ./SUMMARY-rl-next.md}} - [Release 2.27 (2025-03-03)](release-notes/rl-2.27.md) diff --git a/doc/manual/source/release-notes-determinate/rl-3.1.0.md b/doc/manual/source/release-notes-determinate/rl-3.1.0.md index 8d55939da64..02b22ba9fd5 100644 --- a/doc/manual/source/release-notes-determinate/rl-3.1.0.md +++ b/doc/manual/source/release-notes-determinate/rl-3.1.0.md @@ -1,3 +1,3 @@ -# Release 3.1.0 (2025-??-??) +# Release 3.1.0 (2025-03-27) * Based on [upstream Nix 2.27.1](../release-notes/rl-2.27.md). From ce8deea082bc7583bc059cf856734886f7e3ae16 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Thu, 27 Mar 2025 18:48:05 +0000 Subject: [PATCH 329/815] Prepare release v3.1.0 From 946297c684c7db31c34ec1135175a54afa579b92 Mon Sep 17 00:00:00 2001 From: Cole Helbling Date: Thu, 27 Mar 2025 12:02:06 -0700 Subject: [PATCH 330/815] Fixup release notes --- doc/manual/source/SUMMARY.md.in | 2 +- doc/manual/source/release-notes-determinate/rl-3.0.0.md | 2 -- doc/manual/source/release-notes-determinate/rl-3.1.0.md | 2 ++ 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/doc/manual/source/SUMMARY.md.in b/doc/manual/source/SUMMARY.md.in index 69babe05bfe..087c4b93c53 100644 --- a/doc/manual/source/SUMMARY.md.in +++ b/doc/manual/source/SUMMARY.md.in @@ -128,8 +128,8 @@ - [Contributing](development/contributing.md) - [Determinate Nix Release Notes](release-notes-determinate/index.md) - [Changes between Nix and Determinate Nix](release-notes-determinate/changes.md) - - [Release 3.0.0 (2025-03-04)](release-notes-determinate/rl-3.0.0.md) - [Release 3.1.0 (2025-03-27)](release-notes-determinate/rl-3.1.0.md) + - [Release 3.0.0 (2025-03-04)](release-notes-determinate/rl-3.0.0.md) - [Nix Release Notes](release-notes/index.md) {{#include ./SUMMARY-rl-next.md}} - [Release 2.27 (2025-03-03)](release-notes/rl-2.27.md) diff --git a/doc/manual/source/release-notes-determinate/rl-3.0.0.md b/doc/manual/source/release-notes-determinate/rl-3.0.0.md index ba9c0479b4b..d60786e9a72 100644 --- a/doc/manual/source/release-notes-determinate/rl-3.0.0.md +++ b/doc/manual/source/release-notes-determinate/rl-3.0.0.md @@ -3,5 +3,3 @@ * Initial release of Determinate Nix. * Based on [upstream Nix 2.26.2](../release-notes/rl-2.26.md). - -* New setting `json-log-path` that sends a copy of all Nix log messages (in JSON format) to a file or Unix domain socket. diff --git a/doc/manual/source/release-notes-determinate/rl-3.1.0.md b/doc/manual/source/release-notes-determinate/rl-3.1.0.md index 02b22ba9fd5..96b7819d08d 100644 --- a/doc/manual/source/release-notes-determinate/rl-3.1.0.md +++ b/doc/manual/source/release-notes-determinate/rl-3.1.0.md @@ -1,3 +1,5 @@ # Release 3.1.0 (2025-03-27) * Based on [upstream Nix 2.27.1](../release-notes/rl-2.27.md). + +* New setting `json-log-path` that sends a copy of all Nix log messages (in JSON format) to a file or Unix domain socket. From 4a667d4459c74c070faee4509be875bf5337a4ea Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Fri, 28 Mar 2025 13:31:06 +0000 Subject: [PATCH 331/815] Prepare release v3.1.1 From 3b72727be0e9f290e8c7ecb816a561122b45d058 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Fri, 28 Mar 2025 13:31:09 +0000 Subject: [PATCH 332/815] Set .version-determinate to 3.1.1 --- .version-determinate | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.version-determinate b/.version-determinate index fd2a01863fd..94ff29cc4de 100644 --- a/.version-determinate +++ b/.version-determinate @@ -1 +1 @@ -3.1.0 +3.1.1 From c648c52392be46241df8484e128dceee45fb5dba Mon Sep 17 00:00:00 2001 From: Cole Helbling Date: Fri, 28 Mar 2025 07:22:21 -0700 Subject: [PATCH 333/815] ci: make macos runners larger --- .github/workflows/ci.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 443664e496c..b1fefc8df58 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -40,12 +40,12 @@ jobs: if: github.event_name == 'merge_group' uses: ./.github/workflows/build.yml with: - os: macos-13 + os: macos-latest-large build_aarch64-darwin: uses: ./.github/workflows/build.yml with: - os: macos-latest + os: macos-latest-xlarge test_x86_64-linux: uses: ./.github/workflows/test.yml @@ -65,14 +65,14 @@ jobs: uses: ./.github/workflows/test.yml needs: build_aarch64-darwin with: - os: macos-13 + os: macos-latest-large test_aarch64-darwin: if: github.event_name == 'merge_group' uses: ./.github/workflows/test.yml needs: build_aarch64-darwin with: - os: macos-latest + os: macos-latest-xlarge vm_tests_smoke: if: github.event_name != 'merge_group' From c3b29c1c8cce4fb70876d6afaeccc626a7bef7be Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Fri, 28 Mar 2025 10:56:16 -0400 Subject: [PATCH 334/815] Pass the system to build.yml directly --- .github/workflows/build.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index f041267474c..a30eb3ed4df 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -4,9 +4,11 @@ on: os: required: true type: string + system: + required: true + type: string jobs: - build: strategy: fail-fast: false @@ -16,13 +18,11 @@ jobs: - uses: actions/checkout@v4 - uses: DeterminateSystems/nix-installer-action@main with: - flakehub: true + determinate: true - uses: DeterminateSystems/flakehub-cache-action@main - - run: echo "system=$(nix eval --impure --raw --expr 'builtins.currentSystem')" >> "$GITHUB_OUTPUT" - id: system - - run: nix build .# .#binaryTarball --no-link -L - - run: nix build .#binaryTarball --out-link tarball + - run: nix build .#packages.${{ inputs.system }}.default .#packages.${{ inputs.system }}.binaryTarball --no-link -L + - run: nix build .#packages.${{ inputs.system }}.binaryTarball --out-link tarball - uses: actions/upload-artifact@v4 with: - name: ${{ steps.system.outputs.system }} + name: ${{ inputs.system }} path: ./tarball/*.xz From 5766d207a54a04f02788ccf553d7a3fcd0a21a1f Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Fri, 28 Mar 2025 10:58:38 -0400 Subject: [PATCH 335/815] Pass system from ci --- .github/workflows/ci.yml | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index b1fefc8df58..28259974fe8 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -17,35 +17,39 @@ jobs: eval: runs-on: blacksmith-32vcpu-ubuntu-2204 steps: - - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - uses: DeterminateSystems/nix-installer-action@main - with: - flakehub: true - - run: nix flake show --all-systems --json + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + - uses: DeterminateSystems/nix-installer-action@main + with: + flakehub: true + - run: nix flake show --all-systems --json build_x86_64-linux: uses: ./.github/workflows/build.yml with: os: blacksmith-32vcpu-ubuntu-2204 + system: x86_64-linux build_aarch64-linux: if: github.event_name == 'merge_group' uses: ./.github/workflows/build.yml with: os: blacksmith-32vcpu-ubuntu-2204-arm + system: aarch64-linux build_x86_64-darwin: if: github.event_name == 'merge_group' uses: ./.github/workflows/build.yml with: os: macos-latest-large + system: x86_64-darwin build_aarch64-darwin: uses: ./.github/workflows/build.yml with: os: macos-latest-xlarge + system: aarch64-darwin test_x86_64-linux: uses: ./.github/workflows/test.yml From 10b7535c87c5fa2ebd25c8b69d8a076cdda0f26d Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Fri, 28 Mar 2025 11:00:31 -0400 Subject: [PATCH 336/815] Pass system to test.yml --- .github/workflows/test.yml | 7 ++++--- .github/workflows/upload-release.yml | 7 +++++++ 2 files changed, 11 insertions(+), 3 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index e58827a9c06..a54b1f83988 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -4,9 +4,10 @@ on: os: required: true type: string - + system: + required: true + type: string jobs: - tests: strategy: fail-fast: false @@ -18,4 +19,4 @@ jobs: with: flakehub: true - uses: DeterminateSystems/flakehub-cache-action@main - - run: nix flake check -L + - run: nix flake check -L --system ${{ inputs.system }} diff --git a/.github/workflows/upload-release.yml b/.github/workflows/upload-release.yml index b600dfba04f..f762446bda6 100644 --- a/.github/workflows/upload-release.yml +++ b/.github/workflows/upload-release.yml @@ -29,18 +29,25 @@ jobs: uses: ./.github/workflows/build.yml with: os: blacksmith-32vcpu-ubuntu-2204 + system: x86_64-linux + build-aarch64-linux: uses: ./.github/workflows/build.yml with: os: blacksmith-32vcpu-ubuntu-2204-arm + system: aarch64-linux + build-x86_64-darwin: uses: ./.github/workflows/build.yml with: os: macos-13 + system: x86_64-darwin + build-aarch64-darwin: uses: ./.github/workflows/build.yml with: os: macos-latest + system: aarch64-darwin release: runs-on: ubuntu-latest From 6469efee7be029d82806e41a9300d6f4648d5490 Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Fri, 28 Mar 2025 11:04:51 -0400 Subject: [PATCH 337/815] Pass the system to the test yml from ci --- .github/workflows/ci.yml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 28259974fe8..fc7f491d844 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -56,6 +56,7 @@ jobs: needs: build_x86_64-linux with: os: blacksmith-32vcpu-ubuntu-2204 + system: x86_64-linux test_aarch64-linux: if: github.event_name == 'merge_group' @@ -63,13 +64,15 @@ jobs: needs: build_aarch64-linux with: os: blacksmith-32vcpu-ubuntu-2204-arm + system: aarch64-linux test_x86_64-darwin: if: github.event_name == 'merge_group' uses: ./.github/workflows/test.yml - needs: build_aarch64-darwin + needs: build_x86_64-darwin with: os: macos-latest-large + system: x86_64-darwin test_aarch64-darwin: if: github.event_name == 'merge_group' @@ -77,6 +80,7 @@ jobs: needs: build_aarch64-darwin with: os: macos-latest-xlarge + system: aarch64-darwin vm_tests_smoke: if: github.event_name != 'merge_group' From 8762c10aaebc0344b56ab78756e1f3ed8df77b44 Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Fri, 28 Mar 2025 11:06:22 -0400 Subject: [PATCH 338/815] Move the if evaluation of the test jobs onthe tests job itself, so we can skip it properly in PRs and block on it in merge groups --- .github/workflows/ci.yml | 6 +++--- .github/workflows/test.yml | 5 +++++ 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index fc7f491d844..7c1ef3cda5b 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -59,26 +59,26 @@ jobs: system: x86_64-linux test_aarch64-linux: - if: github.event_name == 'merge_group' uses: ./.github/workflows/test.yml needs: build_aarch64-linux with: + if: github.event_name == 'merge_group' os: blacksmith-32vcpu-ubuntu-2204-arm system: aarch64-linux test_x86_64-darwin: - if: github.event_name == 'merge_group' uses: ./.github/workflows/test.yml needs: build_x86_64-darwin with: + if: github.event_name == 'merge_group' os: macos-latest-large system: x86_64-darwin test_aarch64-darwin: - if: github.event_name == 'merge_group' uses: ./.github/workflows/test.yml needs: build_aarch64-darwin with: + if: github.event_name == 'merge_group' os: macos-latest-xlarge system: aarch64-darwin diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index a54b1f83988..49af88020ac 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -7,8 +7,13 @@ on: system: required: true type: string + if: + required: false + default: true + type: boolean jobs: tests: + if: ${{ inputs.if }} strategy: fail-fast: false runs-on: ${{ inputs.os }} From 96e7e63ea08d2b4d30382012429a9e99b7acaf7d Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Fri, 28 Mar 2025 11:09:04 -0400 Subject: [PATCH 339/815] Bigger runners thank you --- .github/workflows/ci.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 7c1ef3cda5b..b363f9951c6 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -42,13 +42,13 @@ jobs: if: github.event_name == 'merge_group' uses: ./.github/workflows/build.yml with: - os: macos-latest-large + os: namespace-profile-mac-m2-12c28g system: x86_64-darwin build_aarch64-darwin: uses: ./.github/workflows/build.yml with: - os: macos-latest-xlarge + os: namespace-profile-mac-m2-12c28g system: aarch64-darwin test_x86_64-linux: @@ -71,7 +71,7 @@ jobs: needs: build_x86_64-darwin with: if: github.event_name == 'merge_group' - os: macos-latest-large + os: namespace-profile-mac-m2-12c28g system: x86_64-darwin test_aarch64-darwin: @@ -79,7 +79,7 @@ jobs: needs: build_aarch64-darwin with: if: github.event_name == 'merge_group' - os: macos-latest-xlarge + os: namespace-profile-mac-m2-12c28g system: aarch64-darwin vm_tests_smoke: From feba05b18dec460bdae4857edc2a6f2dacff9c3b Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Fri, 28 Mar 2025 11:15:04 -0400 Subject: [PATCH 340/815] fixup ifs --- .github/workflows/ci.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index b363f9951c6..b2b542bccc6 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -62,7 +62,7 @@ jobs: uses: ./.github/workflows/test.yml needs: build_aarch64-linux with: - if: github.event_name == 'merge_group' + if: ${{ github.event_name == 'merge_group' }} os: blacksmith-32vcpu-ubuntu-2204-arm system: aarch64-linux @@ -70,7 +70,7 @@ jobs: uses: ./.github/workflows/test.yml needs: build_x86_64-darwin with: - if: github.event_name == 'merge_group' + if: ${{ github.event_name == 'merge_group' }} os: namespace-profile-mac-m2-12c28g system: x86_64-darwin @@ -78,7 +78,7 @@ jobs: uses: ./.github/workflows/test.yml needs: build_aarch64-darwin with: - if: github.event_name == 'merge_group' + if: ${{ github.event_name == 'merge_group' }} os: namespace-profile-mac-m2-12c28g system: aarch64-darwin From 2315b54f914796dc54a8cc54084573da1a259f6b Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Fri, 28 Mar 2025 11:22:58 -0400 Subject: [PATCH 341/815] Move down the if from build workflows --- .github/workflows/build.yml | 5 +++++ .github/workflows/ci.yml | 4 ++-- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index a30eb3ed4df..84dbdfd79bf 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -7,9 +7,14 @@ on: system: required: true type: string + if: + required: false + default: true + type: boolean jobs: build: + if: ${{ inputs.if }} strategy: fail-fast: false runs-on: ${{ inputs.os }} diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index b2b542bccc6..6bba30f9d65 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -32,16 +32,16 @@ jobs: system: x86_64-linux build_aarch64-linux: - if: github.event_name == 'merge_group' uses: ./.github/workflows/build.yml with: + if: ${{ github.event_name == 'merge_group' }} os: blacksmith-32vcpu-ubuntu-2204-arm system: aarch64-linux build_x86_64-darwin: - if: github.event_name == 'merge_group' uses: ./.github/workflows/build.yml with: + if: ${{ github.event_name == 'merge_group' }} os: namespace-profile-mac-m2-12c28g system: x86_64-darwin From 1763cf115b1d0475cdb241c97ad5e96f5d319e1e Mon Sep 17 00:00:00 2001 From: John Ericson Date: Thu, 27 Mar 2025 00:09:20 -0400 Subject: [PATCH 342/815] Fix a bunch of missing meson boilerplate These other libraries need this too (cherry picked from commit ffdce51cd5bd31c1680d4f28b383837682cb7d41) --- src/libcmd/meson.build | 5 +++++ src/libexpr/meson.build | 5 +++++ src/libfetchers/meson.build | 5 +++++ src/libflake/meson.build | 5 +++++ src/libmain/meson.build | 5 +++++ 5 files changed, 25 insertions(+) diff --git a/src/libcmd/meson.build b/src/libcmd/meson.build index 4145f408a09..114c099df7b 100644 --- a/src/libcmd/meson.build +++ b/src/libcmd/meson.build @@ -113,10 +113,15 @@ headers = [config_h] + files( 'repl.hh', ) +subdir('nix-meson-build-support/export-all-symbols') +subdir('nix-meson-build-support/windows-version') + this_library = library( 'nixcmd', sources, dependencies : deps_public + deps_private + deps_other, + include_directories : include_dirs, + link_args: linker_export_flags, prelink : true, # For C++ static initializers install : true, ) diff --git a/src/libexpr/meson.build b/src/libexpr/meson.build index dffcc1742ee..fc04c4691dc 100644 --- a/src/libexpr/meson.build +++ b/src/libexpr/meson.build @@ -187,6 +187,9 @@ headers = [config_h] + files( subdir('primops') +subdir('nix-meson-build-support/export-all-symbols') +subdir('nix-meson-build-support/windows-version') + this_library = library( 'nixexpr', sources, @@ -194,6 +197,8 @@ this_library = library( lexer_tab, generated_headers, dependencies : deps_public + deps_private + deps_other, + include_directories : include_dirs, + link_args: linker_export_flags, prelink : true, # For C++ static initializers install : true, ) diff --git a/src/libfetchers/meson.build b/src/libfetchers/meson.build index 725254b56ce..f8efbc8d3e0 100644 --- a/src/libfetchers/meson.build +++ b/src/libfetchers/meson.build @@ -76,10 +76,15 @@ headers = files( 'tarball.hh', ) +subdir('nix-meson-build-support/export-all-symbols') +subdir('nix-meson-build-support/windows-version') + this_library = library( 'nixfetchers', sources, dependencies : deps_public + deps_private + deps_other, + include_directories : include_dirs, + link_args: linker_export_flags, prelink : true, # For C++ static initializers install : true, ) diff --git a/src/libflake/meson.build b/src/libflake/meson.build index b757d0d7633..27effe73c4b 100644 --- a/src/libflake/meson.build +++ b/src/libflake/meson.build @@ -58,10 +58,15 @@ headers = files( 'flake/url-name.hh', ) +subdir('nix-meson-build-support/export-all-symbols') +subdir('nix-meson-build-support/windows-version') + this_library = library( 'nixflake', sources, dependencies : deps_public + deps_private + deps_other, + include_directories : include_dirs, + link_args: linker_export_flags, prelink : true, # For C++ static initializers install : true, ) diff --git a/src/libmain/meson.build b/src/libmain/meson.build index 00f945f494b..6a0a22295bd 100644 --- a/src/libmain/meson.build +++ b/src/libmain/meson.build @@ -82,10 +82,15 @@ headers = [config_h] + files( 'shared.hh', ) +subdir('nix-meson-build-support/export-all-symbols') +subdir('nix-meson-build-support/windows-version') + this_library = library( 'nixmain', sources, dependencies : deps_public + deps_private + deps_other, + include_directories : include_dirs, + link_args: linker_export_flags, prelink : true, # For C++ static initializers install : true, ) From 71b0edcfe384f8131e3dfa62e209f4c4ca43bc9f Mon Sep 17 00:00:00 2001 From: John Ericson Date: Fri, 28 Mar 2025 10:45:27 -0400 Subject: [PATCH 343/815] Remove boost env vars https://github.com/NixOS/nixpkgs/issues/86131 is now fixed! (cherry picked from commit 459fb59493d62b97e7e5219d542fcddc62aab0b5) --- packaging/dev-shell.nix | 4 ---- src/libexpr/package.nix | 7 ------- src/libstore/package.nix | 7 ------- src/libutil/package.nix | 7 ------- 4 files changed, 25 deletions(-) diff --git a/packaging/dev-shell.nix b/packaging/dev-shell.nix index 1b6c37f354d..e824ebf71b4 100644 --- a/packaging/dev-shell.nix +++ b/packaging/dev-shell.nix @@ -72,10 +72,6 @@ pkgs.nixComponents.nix-util.overrideAttrs ( src = null; env = { - # Needed for Meson to find Boost. - # https://github.com/NixOS/nixpkgs/issues/86131. - BOOST_INCLUDEDIR = "${lib.getDev pkgs.nixDependencies.boost}/include"; - BOOST_LIBRARYDIR = "${lib.getLib pkgs.nixDependencies.boost}/lib"; # For `make format`, to work without installing pre-commit _NIX_PRE_COMMIT_HOOKS_CONFIG = "${(pkgs.formats.yaml { }).generate "pre-commit-config.yaml" modular.pre-commit.settings.rawConfig diff --git a/src/libexpr/package.nix b/src/libexpr/package.nix index 533dae9f253..141b77fac21 100644 --- a/src/libexpr/package.nix +++ b/src/libexpr/package.nix @@ -81,13 +81,6 @@ mkMesonLibrary (finalAttrs: { (lib.mesonEnable "gc" enableGC) ]; - env = { - # Needed for Meson to find Boost. - # https://github.com/NixOS/nixpkgs/issues/86131. - BOOST_INCLUDEDIR = "${lib.getDev boost}/include"; - BOOST_LIBRARYDIR = "${lib.getLib boost}/lib"; - }; - meta = { platforms = lib.platforms.unix ++ lib.platforms.windows; }; diff --git a/src/libstore/package.nix b/src/libstore/package.nix index 31867d331b9..11c8be261c1 100644 --- a/src/libstore/package.nix +++ b/src/libstore/package.nix @@ -78,13 +78,6 @@ mkMesonLibrary (finalAttrs: { (lib.mesonOption "sandbox-shell" "${busybox-sandbox-shell}/bin/busybox") ]; - env = { - # Needed for Meson to find Boost. - # https://github.com/NixOS/nixpkgs/issues/86131. - BOOST_INCLUDEDIR = "${lib.getDev boost}/include"; - BOOST_LIBRARYDIR = "${lib.getLib boost}/lib"; - }; - meta = { platforms = lib.platforms.unix ++ lib.platforms.windows; }; diff --git a/src/libutil/package.nix b/src/libutil/package.nix index a0b80ade7bf..8114dd645fc 100644 --- a/src/libutil/package.nix +++ b/src/libutil/package.nix @@ -58,13 +58,6 @@ mkMesonLibrary (finalAttrs: { (lib.mesonEnable "cpuid" stdenv.hostPlatform.isx86_64) ]; - env = { - # Needed for Meson to find Boost. - # https://github.com/NixOS/nixpkgs/issues/86131. - BOOST_INCLUDEDIR = "${lib.getDev boost}/include"; - BOOST_LIBRARYDIR = "${lib.getLib boost}/lib"; - }; - meta = { platforms = lib.platforms.unix ++ lib.platforms.windows; }; From 602840bfd22ca8c38341e85d0b74abebf6e2f29c Mon Sep 17 00:00:00 2001 From: John Ericson Date: Fri, 28 Mar 2025 10:50:46 -0400 Subject: [PATCH 344/815] Link the right issue about the bad AWS pkg-config It is https://github.com/aws/aws-sdk-cpp/issues/2673 (cherry picked from commit fb9c9ee35ae5c020e683ca29ba743ef3e4ab9d4d) --- src/libstore/meson.build | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/libstore/meson.build b/src/libstore/meson.build index 496c5b10da7..1ea1f57bc3d 100644 --- a/src/libstore/meson.build +++ b/src/libstore/meson.build @@ -112,7 +112,8 @@ deps_public += nlohmann_json sqlite = dependency('sqlite3', 'sqlite', version : '>=3.6.19') deps_private += sqlite -# AWS C++ SDK has bad pkg-config +# AWS C++ SDK has bad pkg-config. See +# https://github.com/aws/aws-sdk-cpp/issues/2673 for details. aws_s3 = dependency('aws-cpp-sdk-s3', required : false) configdata.set('ENABLE_S3', aws_s3.found().to_int()) if aws_s3.found() From 5056aae63aac449e8aa60ac5bf6b9ab18a8eba2a Mon Sep 17 00:00:00 2001 From: John Ericson Date: Fri, 28 Mar 2025 11:04:48 -0400 Subject: [PATCH 345/815] Add a `withAWS` flag to libstore Nixpkgs wants this, at least. (cherry picked from commit e4c571c2f1e25108a32546057ac6d53065c0b8f6) --- src/libstore/package.nix | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/src/libstore/package.nix b/src/libstore/package.nix index 11c8be261c1..f992684dfbe 100644 --- a/src/libstore/package.nix +++ b/src/libstore/package.nix @@ -21,6 +21,10 @@ version, embeddedSandboxShell ? stdenv.hostPlatform.isStatic, + + withAWS ? + # Default is this way because there have been issues building this dependency + stdenv.hostPlatform == stdenv.buildPlatform && (stdenv.isLinux || stdenv.isDarwin), }: let @@ -60,9 +64,7 @@ mkMesonLibrary (finalAttrs: { ++ lib.optional stdenv.hostPlatform.isLinux libseccomp # There have been issues building these dependencies ++ lib.optional stdenv.hostPlatform.isDarwin darwin.apple_sdk.libs.sandbox - ++ lib.optional ( - stdenv.hostPlatform == stdenv.buildPlatform && (stdenv.isLinux || stdenv.isDarwin) - ) aws-sdk-cpp; + ++ lib.optional withAWS aws-sdk-cpp; propagatedBuildInputs = [ nix-util From e308524097ddae789ff9b92f1b8019702669b5ad Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Wed, 12 Mar 2025 17:49:45 +0100 Subject: [PATCH 346/815] use createDirs consistently everywhere (cherry picked from commit a8217f2642fa336f79154a485e090f3cbe79652c) --- src/libstore/builtins/unpack-channel.cc | 6 +----- src/libutil/tarfile.cc | 4 ++-- src/nix/flake.cc | 2 +- 3 files changed, 4 insertions(+), 8 deletions(-) diff --git a/src/libstore/builtins/unpack-channel.cc b/src/libstore/builtins/unpack-channel.cc index a6369ee1c8c..43fbb62cd73 100644 --- a/src/libstore/builtins/unpack-channel.cc +++ b/src/libstore/builtins/unpack-channel.cc @@ -23,11 +23,7 @@ void builtinUnpackChannel( throw Error("channelName is not allowed to contain filesystem separators, got %1%", channelName); } - try { - fs::create_directories(out); - } catch (fs::filesystem_error &) { - throw SysError("creating directory '%1%'", out.string()); - } + createDirs(out); unpackTarfile(src, out); diff --git a/src/libutil/tarfile.cc b/src/libutil/tarfile.cc index e412930bb67..9e54c9be2d8 100644 --- a/src/libutil/tarfile.cc +++ b/src/libutil/tarfile.cc @@ -166,7 +166,7 @@ void unpackTarfile(Source & source, const fs::path & destDir) { auto archive = TarArchive(source); - fs::create_directories(destDir); + createDirs(destDir); extract_archive(archive, destDir); } @@ -174,7 +174,7 @@ void unpackTarfile(const fs::path & tarFile, const fs::path & destDir) { auto archive = TarArchive(tarFile); - fs::create_directories(destDir); + createDirs(destDir); extract_archive(archive, destDir); } diff --git a/src/nix/flake.cc b/src/nix/flake.cc index e2099c401a8..7c9951c4c9f 100644 --- a/src/nix/flake.cc +++ b/src/nix/flake.cc @@ -905,7 +905,7 @@ struct CmdFlakeInitCommon : virtual Args, EvalCommand std::function copyDir; copyDir = [&](const SourcePath & from, const fs::path & to) { - fs::create_directories(to); + createDirs(to); for (auto & [name, entry] : from.readDirectory()) { checkInterrupt(); From 42cb18970337d4b417b38fb8762a82c61eefcd52 Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Fri, 28 Mar 2025 12:20:28 -0400 Subject: [PATCH 347/815] success/failure the vm checks --- .github/workflows/ci.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 6bba30f9d65..bff8dcc4e8f 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -59,6 +59,7 @@ jobs: system: x86_64-linux test_aarch64-linux: + if: success() || failure() uses: ./.github/workflows/test.yml needs: build_aarch64-linux with: @@ -67,6 +68,7 @@ jobs: system: aarch64-linux test_x86_64-darwin: + if: success() || failure() uses: ./.github/workflows/test.yml needs: build_x86_64-darwin with: From c134cf52dbae31e28b76f2472055d984280b63a0 Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Fri, 28 Mar 2025 12:25:25 -0400 Subject: [PATCH 348/815] Collapse build / test into one .yml to make skips easier --- .github/workflows/build.yml | 17 ++++++++++++++ .github/workflows/ci.yml | 35 +--------------------------- .github/workflows/test.yml | 27 --------------------- .github/workflows/upload-release.yml | 4 ++++ 4 files changed, 22 insertions(+), 61 deletions(-) delete mode 100644 .github/workflows/test.yml diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 84dbdfd79bf..607a31a6b0f 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -11,6 +11,10 @@ on: required: false default: true type: boolean + run_tests: + required: false + default: true + type: boolean jobs: build: @@ -31,3 +35,16 @@ jobs: with: name: ${{ inputs.system }} path: ./tarball/*.xz + test: + if: ${{ inputs.if && inputs.run_tests}} + strategy: + fail-fast: false + runs-on: ${{ inputs.os }} + timeout-minutes: 60 + steps: + - uses: actions/checkout@v4 + - uses: DeterminateSystems/nix-installer-action@main + with: + determinate: true + - uses: DeterminateSystems/flakehub-cache-action@main + - run: nix flake check -L --system ${{ inputs.system }} diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index bff8dcc4e8f..6c400f29bb3 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -51,39 +51,6 @@ jobs: os: namespace-profile-mac-m2-12c28g system: aarch64-darwin - test_x86_64-linux: - uses: ./.github/workflows/test.yml - needs: build_x86_64-linux - with: - os: blacksmith-32vcpu-ubuntu-2204 - system: x86_64-linux - - test_aarch64-linux: - if: success() || failure() - uses: ./.github/workflows/test.yml - needs: build_aarch64-linux - with: - if: ${{ github.event_name == 'merge_group' }} - os: blacksmith-32vcpu-ubuntu-2204-arm - system: aarch64-linux - - test_x86_64-darwin: - if: success() || failure() - uses: ./.github/workflows/test.yml - needs: build_x86_64-darwin - with: - if: ${{ github.event_name == 'merge_group' }} - os: namespace-profile-mac-m2-12c28g - system: x86_64-darwin - - test_aarch64-darwin: - uses: ./.github/workflows/test.yml - needs: build_aarch64-darwin - with: - if: ${{ github.event_name == 'merge_group' }} - os: namespace-profile-mac-m2-12c28g - system: aarch64-darwin - vm_tests_smoke: if: github.event_name != 'merge_group' needs: build_x86_64-linux @@ -165,7 +132,7 @@ jobs: run: nix build .#hydraJobs.manual - uses: nwtgck/actions-netlify@v3.0 with: - publish-dir: './result/share/doc/nix/manual' + publish-dir: "./result/share/doc/nix/manual" production-branch: detsys-main github-token: ${{ secrets.GITHUB_TOKEN }} deploy-message: "Deploy from GitHub Actions" diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml deleted file mode 100644 index 49af88020ac..00000000000 --- a/.github/workflows/test.yml +++ /dev/null @@ -1,27 +0,0 @@ -on: - workflow_call: - inputs: - os: - required: true - type: string - system: - required: true - type: string - if: - required: false - default: true - type: boolean -jobs: - tests: - if: ${{ inputs.if }} - strategy: - fail-fast: false - runs-on: ${{ inputs.os }} - timeout-minutes: 60 - steps: - - uses: actions/checkout@v4 - - uses: DeterminateSystems/nix-installer-action@main - with: - flakehub: true - - uses: DeterminateSystems/flakehub-cache-action@main - - run: nix flake check -L --system ${{ inputs.system }} diff --git a/.github/workflows/upload-release.yml b/.github/workflows/upload-release.yml index f762446bda6..083f39dfd4b 100644 --- a/.github/workflows/upload-release.yml +++ b/.github/workflows/upload-release.yml @@ -30,24 +30,28 @@ jobs: with: os: blacksmith-32vcpu-ubuntu-2204 system: x86_64-linux + run_tests: false build-aarch64-linux: uses: ./.github/workflows/build.yml with: os: blacksmith-32vcpu-ubuntu-2204-arm system: aarch64-linux + run_tests: false build-x86_64-darwin: uses: ./.github/workflows/build.yml with: os: macos-13 system: x86_64-darwin + run_tests: false build-aarch64-darwin: uses: ./.github/workflows/build.yml with: os: macos-latest system: aarch64-darwin + run_tests: false release: runs-on: ubuntu-latest From 77c2ac633e100c94b10c7b28a12cd713252478a3 Mon Sep 17 00:00:00 2001 From: Luc Perkins Date: Fri, 28 Mar 2025 13:43:45 -0300 Subject: [PATCH 349/815] Use determinate param with nix-installer-action --- .github/workflows/build.yml | 2 +- .github/workflows/ci.yml | 10 +++++----- .github/workflows/test.yml | 2 +- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index f041267474c..49f9beba776 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -16,7 +16,7 @@ jobs: - uses: actions/checkout@v4 - uses: DeterminateSystems/nix-installer-action@main with: - flakehub: true + determinate: true - uses: DeterminateSystems/flakehub-cache-action@main - run: echo "system=$(nix eval --impure --raw --expr 'builtins.currentSystem')" >> "$GITHUB_OUTPUT" id: system diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index b1fefc8df58..147d2526957 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -22,7 +22,7 @@ jobs: fetch-depth: 0 - uses: DeterminateSystems/nix-installer-action@main with: - flakehub: true + determinate: true - run: nix flake show --all-systems --json build_x86_64-linux: @@ -82,7 +82,7 @@ jobs: - uses: actions/checkout@v4 - uses: DeterminateSystems/nix-installer-action@main with: - flakehub: true + determinate: true - uses: DeterminateSystems/flakehub-cache-action@main - run: | nix build -L \ @@ -100,7 +100,7 @@ jobs: - uses: actions/checkout@v4 - uses: DeterminateSystems/nix-installer-action@main with: - flakehub: true + determinate: true - uses: DeterminateSystems/flakehub-cache-action@main - run: | nix build -L --keep-going \ @@ -130,7 +130,7 @@ jobs: path: flake-regressions/tests - uses: DeterminateSystems/nix-installer-action@main with: - flakehub: true + determinate: true - uses: DeterminateSystems/flakehub-cache-action@main - run: nix build -L --out-link ./new-nix && PATH=$(pwd)/new-nix/bin:$PATH MAX_FLAKES=50 flake-regressions/eval-all.sh @@ -149,7 +149,7 @@ jobs: uses: actions/checkout@v4 - uses: DeterminateSystems/nix-installer-action@main with: - flakehub: true + determinate: true - uses: DeterminateSystems/flakehub-cache-action@main - name: Build manual run: nix build .#hydraJobs.manual diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index e58827a9c06..7b58c825f37 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -16,6 +16,6 @@ jobs: - uses: actions/checkout@v4 - uses: DeterminateSystems/nix-installer-action@main with: - flakehub: true + determinate: true - uses: DeterminateSystems/flakehub-cache-action@main - run: nix flake check -L From 6feccefc2d0347d100839e171bd027feb6e25b2e Mon Sep 17 00:00:00 2001 From: Luc Perkins Date: Fri, 28 Mar 2025 13:58:39 -0300 Subject: [PATCH 350/815] Remove test.yml --- .github/workflows/test.yml | 21 --------------------- 1 file changed, 21 deletions(-) delete mode 100644 .github/workflows/test.yml diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml deleted file mode 100644 index 7b58c825f37..00000000000 --- a/.github/workflows/test.yml +++ /dev/null @@ -1,21 +0,0 @@ -on: - workflow_call: - inputs: - os: - required: true - type: string - -jobs: - - tests: - strategy: - fail-fast: false - runs-on: ${{ inputs.os }} - timeout-minutes: 60 - steps: - - uses: actions/checkout@v4 - - uses: DeterminateSystems/nix-installer-action@main - with: - determinate: true - - uses: DeterminateSystems/flakehub-cache-action@main - - run: nix flake check -L From 9c20bb18de7cee6dbc994b33d55f9c23c285e88b Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Wed, 26 Mar 2025 08:59:29 +0000 Subject: [PATCH 351/815] libutil: Fix error message I encountered this with a misconfigured libutil. I doubt that a non-lutimes config is viable, because tests were failing. (cherry picked from commit 1cffcd91a91c8d7b9bed0da35405344c0c6b98dd) --- src/libutil/file-system.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libutil/file-system.cc b/src/libutil/file-system.cc index 6fe93b63a59..3c18a97b179 100644 --- a/src/libutil/file-system.cc +++ b/src/libutil/file-system.cc @@ -680,7 +680,7 @@ void setWriteTime( if (utimes(path.c_str(), times) == -1) throw SysError("changing modification time of %s (not a symlink)", path); } else { - throw Error("Cannot modification time of symlink %s", path); + throw Error("Cannot change modification time of symlink %s", path); } #endif #endif From 84a25dc84662bcaadac07ad2b8d2e7ae45cdcc06 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 28 Mar 2025 19:25:13 +0100 Subject: [PATCH 352/815] nix daemon: Don't open the store This makes it behave the same as nix-daemon. Opening the store in the parent can cause a SIGBUS in libsqlite in the child: #0 0x00007f141cf6f789 in __memset_avx2_unaligned_erms () from /nix/store/wn7v2vhyyyi6clcyn0s9ixvl7d4d87ic-glibc-2.40-36/lib/libc.so.6 #1 0x00007f141c322fe8 in walIndexAppend () from /nix/store/bbd59cqw259149r2ddk4w1q0lr2fch8c-sqlite-3.46.1/lib/libsqlite3.so.0 #2 0x00007f141c3711a2 in pagerWalFrames () from /nix/store/bbd59cqw259149r2ddk4w1q0lr2fch8c-sqlite-3.46.1/lib/libsqlite3.so.0 #3 0x00007f141c38317e in sqlite3PagerCommitPhaseOne.part.0 () from /nix/store/bbd59cqw259149r2ddk4w1q0lr2fch8c-sqlite-3.46.1/lib/libsqlite3.so.0 #4 0x00007f141c383555 in sqlite3BtreeCommitPhaseOne.part.0 () from /nix/store/bbd59cqw259149r2ddk4w1q0lr2fch8c-sqlite-3.46.1/lib/libsqlite3.so.0 #5 0x00007f141c384797 in sqlite3VdbeHalt () from /nix/store/bbd59cqw259149r2ddk4w1q0lr2fch8c-sqlite-3.46.1/lib/libsqlite3.so.0 #6 0x00007f141c3b8f60 in sqlite3VdbeExec () from /nix/store/bbd59cqw259149r2ddk4w1q0lr2fch8c-sqlite-3.46.1/lib/libsqlite3.so.0 #7 0x00007f141c3bbfef in sqlite3_step () from /nix/store/bbd59cqw259149r2ddk4w1q0lr2fch8c-sqlite-3.46.1/lib/libsqlite3.so.0 #8 0x00007f141c3bd0e5 in sqlite3_exec () from /nix/store/bbd59cqw259149r2ddk4w1q0lr2fch8c-sqlite-3.46.1/lib/libsqlite3.so.0 #9 0x00007f141da140e0 in nix::SQLiteTxn::commit() () from /nix/store/1m4r8s7s1v54zq9isncvjgia02bffxlz-determinate-nix-store-3.1.0/lib/libnixstore.so #10 0x00007f141d9ce69c in nix::LocalStore::registerValidPaths(std::map, std::allocator > > const&)::{lambda()#1}::operator()() const () from /nix/store/1m4r8s7s1v54zq9isncvjgia02bffxlz-determinate-nix-store-3.1.0/lib/libnixstore.so (cherry picked from commit 9590167290ffbe712e87386e8981b04f9b07b348) --- src/nix/unix/daemon.cc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/nix/unix/daemon.cc b/src/nix/unix/daemon.cc index b4c7c10edb1..fd572ce3030 100644 --- a/src/nix/unix/daemon.cc +++ b/src/nix/unix/daemon.cc @@ -546,7 +546,7 @@ static int main_nix_daemon(int argc, char * * argv) static RegisterLegacyCommand r_nix_daemon("nix-daemon", main_nix_daemon); -struct CmdDaemon : StoreCommand +struct CmdDaemon : Command { bool stdio = false; std::optional isTrustedOpt = std::nullopt; @@ -615,7 +615,7 @@ struct CmdDaemon : StoreCommand ; } - void run(ref store) override + void run() override { runDaemon(stdio, isTrustedOpt, processOps); } From 44c2bd35e01fc2166c2273f9490d5103c10591f0 Mon Sep 17 00:00:00 2001 From: John Ericson Date: Fri, 28 Mar 2025 13:15:21 -0400 Subject: [PATCH 353/815] Fix windows build PR #12767 accidentally broke it. (cherry picked from commit 99041b4d84e48b746908b8f0a6cffb32cd1be4a9) --- src/libstore/local-store.cc | 2 +- src/libutil/file-system.cc | 4 ++-- src/libutil/file-system.hh | 9 ++------- 3 files changed, 5 insertions(+), 10 deletions(-) diff --git a/src/libstore/local-store.cc b/src/libstore/local-store.cc index 67d5a1dcb7d..1db6e0ef583 100644 --- a/src/libstore/local-store.cc +++ b/src/libstore/local-store.cc @@ -116,7 +116,7 @@ LocalStore::LocalStore( state->stmts = std::make_unique(); /* Create missing state directories if they don't already exist. */ - createDirs(realStoreDir); + createDirs(realStoreDir.get()); if (readOnly) { experimentalFeatureSettings.require(Xp::ReadOnlyLocalStore); } else { diff --git a/src/libutil/file-system.cc b/src/libutil/file-system.cc index 3c18a97b179..0adafc0e463 100644 --- a/src/libutil/file-system.cc +++ b/src/libutil/file-system.cc @@ -475,12 +475,12 @@ void createDir(const Path & path, mode_t mode) throw SysError("creating directory '%1%'", path); } -void createDirs(const Path & path) +void createDirs(const fs::path & path) { try { fs::create_directories(path); } catch (fs::filesystem_error & e) { - throw SysError("creating directory '%1%'", path); + throw SysError("creating directory '%1%'", path.string()); } } diff --git a/src/libutil/file-system.hh b/src/libutil/file-system.hh index 2049073391d..49d120cb744 100644 --- a/src/libutil/file-system.hh +++ b/src/libutil/file-system.hh @@ -231,14 +231,9 @@ void deletePath(const std::filesystem::path & path, uint64_t & bytesFreed); /** * Create a directory and all its parents, if necessary. * - * In the process of being deprecated for - * `std::filesystem::create_directories`. + * Wrapper around `std::filesystem::create_directories` to handle exceptions. */ -void createDirs(const Path & path); -inline void createDirs(PathView path) -{ - return createDirs(Path(path)); -} +void createDirs(const std::filesystem::path & path); /** * Create a single directory. From 4f3f26cd9619810ba52de29c345f402a41e9fac4 Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Sat, 1 Mar 2025 22:54:57 +0100 Subject: [PATCH 354/815] .mergify.yml: Add backport 2.27-maintenance entry --- .mergify.yml | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/.mergify.yml b/.mergify.yml index 021157eb933..e134b0f46d2 100644 --- a/.mergify.yml +++ b/.mergify.yml @@ -117,3 +117,14 @@ pull_request_rules: labels: - automatic backport - merge-queue + + - name: backport patches to 2.27 + conditions: + - label=backport 2.27-maintenance + actions: + backport: + branches: + - "2.27-maintenance" + labels: + - automatic backport + - merge-queue From 1d2fbfe99b14fc7da2b886fe300df50db123416d Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 31 Mar 2025 16:37:36 +0200 Subject: [PATCH 355/815] Disable packaging-overriding Fixes #12690. (cherry picked from commit a4be66828a1421e7c603e5ed22827ee54d2c7f94) --- flake.nix | 40 ++++++++++++++++++++++------------------ 1 file changed, 22 insertions(+), 18 deletions(-) diff --git a/flake.nix b/flake.nix index 5e1e4ece713..037281eb55c 100644 --- a/flake.nix +++ b/flake.nix @@ -230,24 +230,28 @@ This shouldn't build anything significant; just check that things (including derivations) are _set up_ correctly. */ - packaging-overriding = - let - pkgs = nixpkgsFor.${system}.native; - nix = self.packages.${system}.nix; - in - assert (nix.appendPatches [ pkgs.emptyFile ]).libs.nix-util.src.patches == [ pkgs.emptyFile ]; - if pkgs.stdenv.buildPlatform.isDarwin then - lib.warn "packaging-overriding check currently disabled because of a permissions issue on macOS" pkgs.emptyFile - else - # If this fails, something might be wrong with how we've wired the scope, - # or something could be broken in Nixpkgs. - pkgs.testers.testEqualContents { - assertion = "trivial patch does not change source contents"; - expected = "${./.}"; - actual = - # Same for all components; nix-util is an arbitrary pick - (nix.appendPatches [ pkgs.emptyFile ]).libs.nix-util.src; - }; + # Disabled due to a bug in `testEqualContents` (see + # https://github.com/NixOS/nix/issues/12690). + /* + packaging-overriding = + let + pkgs = nixpkgsFor.${system}.native; + nix = self.packages.${system}.nix; + in + assert (nix.appendPatches [ pkgs.emptyFile ]).libs.nix-util.src.patches == [ pkgs.emptyFile ]; + if pkgs.stdenv.buildPlatform.isDarwin then + lib.warn "packaging-overriding check currently disabled because of a permissions issue on macOS" pkgs.emptyFile + else + # If this fails, something might be wrong with how we've wired the scope, + # or something could be broken in Nixpkgs. + pkgs.testers.testEqualContents { + assertion = "trivial patch does not change source contents"; + expected = "${./.}"; + actual = + # Same for all components; nix-util is an arbitrary pick + (nix.appendPatches [ pkgs.emptyFile ]).libs.nix-util.src; + }; + */ } // (lib.optionalAttrs (builtins.elem system linux64BitSystems)) { dockerImage = self.hydraJobs.dockerImage.${system}; From 4642570e79b8f2220de4dd9920b39b1456b24a6c Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Wed, 26 Mar 2025 08:55:44 +0000 Subject: [PATCH 356/815] nix-expr: Add primops to EvalSettings (cherry picked from commit 3c4c0953e0a50649de91b43ef57e4a632726d25b) --- src/libexpr/eval-settings.cc | 9 +++++++++ src/libexpr/eval-settings.hh | 12 ++++++++++++ src/libexpr/eval.cc | 2 +- src/libexpr/eval.hh | 2 +- src/libexpr/primops.cc | 8 +++++++- 5 files changed, 30 insertions(+), 3 deletions(-) diff --git a/src/libexpr/eval-settings.cc b/src/libexpr/eval-settings.cc index ade0abf9af6..ebb9e5bbde4 100644 --- a/src/libexpr/eval-settings.cc +++ b/src/libexpr/eval-settings.cc @@ -103,4 +103,13 @@ Path getNixDefExpr() : getHome() + "/.nix-defexpr"; } +void EvalSettings::addPrimOp(PrimOp && primOp) +{ + extraPrimOps.emplace_back(std::move(primOp)); +} +void EvalSettings::addPrimOp(const PrimOp & primOp) +{ + extraPrimOps.emplace_back(PrimOp(primOp)); } + +} // namespace nix \ No newline at end of file diff --git a/src/libexpr/eval-settings.hh b/src/libexpr/eval-settings.hh index fe947aefd3f..368173b01e4 100644 --- a/src/libexpr/eval-settings.hh +++ b/src/libexpr/eval-settings.hh @@ -7,6 +7,7 @@ namespace nix { class EvalState; +struct PrimOp; struct EvalSettings : Config { @@ -50,6 +51,17 @@ struct EvalSettings : Config LookupPathHooks lookupPathHooks; + std::vector extraPrimOps; + + /** + * Register a primop to be added when an EvalState is created from these settings. + */ + void addPrimOp(PrimOp && primOp); + /** + * Register a primop to be added when an EvalState is created from these settings. + */ + void addPrimOp(const PrimOp & primOp); + Setting enableNativeCode{this, false, "allow-unsafe-native-code-during-evaluation", R"( Enable built-in functions that allow executing native code. diff --git a/src/libexpr/eval.cc b/src/libexpr/eval.cc index 4e15175ac2d..53b64960675 100644 --- a/src/libexpr/eval.cc +++ b/src/libexpr/eval.cc @@ -353,7 +353,7 @@ EvalState::EvalState( #include "fetchurl.nix.gen.hh" ); - createBaseEnv(); + createBaseEnv(settings); } diff --git a/src/libexpr/eval.hh b/src/libexpr/eval.hh index eb6f667a253..9b8899ccff1 100644 --- a/src/libexpr/eval.hh +++ b/src/libexpr/eval.hh @@ -633,7 +633,7 @@ private: unsigned int baseEnvDispl = 0; - void createBaseEnv(); + void createBaseEnv(const EvalSettings & settings); Value * addConstant(const std::string & name, Value & v, Constant info); diff --git a/src/libexpr/primops.cc b/src/libexpr/primops.cc index 54682ea318f..b078592e7ed 100644 --- a/src/libexpr/primops.cc +++ b/src/libexpr/primops.cc @@ -4669,7 +4669,7 @@ RegisterPrimOp::RegisterPrimOp(PrimOp && primOp) } -void EvalState::createBaseEnv() +void EvalState::createBaseEnv(const EvalSettings & evalSettings) { baseEnv.up = 0; @@ -4928,6 +4928,12 @@ void EvalState::createBaseEnv() addPrimOp(std::move(primOpAdjusted)); } + for (auto & primOp : evalSettings.extraPrimOps) { + auto primOpAdjusted = primOp; + primOpAdjusted.arity = std::max(primOp.args.size(), primOp.arity); + addPrimOp(std::move(primOpAdjusted)); + } + /* Add a wrapper around the derivation primop that computes the `drvPath' and `outPath' attributes lazily. From f07e4e27ce8b03a97b14917cefa9a288156fc495 Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Wed, 26 Mar 2025 08:59:05 +0000 Subject: [PATCH 357/815] C API: (breaking) remove nix-flake-c global init (cherry picked from commit 6a192ec0cdb92ec7100e2a193606512ffb295062) --- doc/manual/rl-next/c-api-flake-init.md | 20 +++++++++ src/libflake-c/nix_api_flake.cc | 11 ++--- src/libflake-c/nix_api_flake.h | 10 ++++- src/libflake-tests/nix_api_flake.cc | 6 +-- src/libflake/flake/flake-primops.cc | 59 ++++++++++++++++++++++++++ src/libflake/flake/flake-primops.hh | 13 ++++++ src/libflake/flake/flake.cc | 43 ------------------- src/libflake/flake/flake.hh | 8 ---- src/libflake/flake/settings.cc | 6 +++ src/libflake/flake/settings.hh | 13 +++--- src/libflake/meson.build | 1 + src/nix/main.cc | 3 +- 12 files changed, 124 insertions(+), 69 deletions(-) create mode 100644 doc/manual/rl-next/c-api-flake-init.md create mode 100644 src/libflake/flake/flake-primops.cc create mode 100644 src/libflake/flake/flake-primops.hh diff --git a/doc/manual/rl-next/c-api-flake-init.md b/doc/manual/rl-next/c-api-flake-init.md new file mode 100644 index 00000000000..d6e7c3890c0 --- /dev/null +++ b/doc/manual/rl-next/c-api-flake-init.md @@ -0,0 +1,20 @@ +--- +synopsis: C API `nix_flake_init_global` removed +prs: 12759 +issues: 5638 +--- + +In order to improve the modularity of the code base, we are removing a use of global state, and therefore the `nix_flake_init_global` function. + +Instead, use `nix_flake_settings_add_to_eval_state_builder`. For example: + +```diff +- nix_flake_init_global(ctx, settings); +- HANDLE_ERROR(ctx); +- + nix_eval_state_builder * builder = nix_eval_state_builder_new(ctx, store); + HANDLE_ERROR(ctx); + ++ nix_flake_settings_add_to_eval_state_builder(ctx, settings, builder); ++ HANDLE_ERROR(ctx); +``` diff --git a/src/libflake-c/nix_api_flake.cc b/src/libflake-c/nix_api_flake.cc index 17cf6572da2..2479bf2e020 100644 --- a/src/libflake-c/nix_api_flake.cc +++ b/src/libflake-c/nix_api_flake.cc @@ -1,6 +1,7 @@ #include "nix_api_flake.h" #include "nix_api_flake_internal.hh" #include "nix_api_util_internal.h" +#include "nix_api_expr_internal.h" #include "flake/flake.hh" @@ -18,15 +19,11 @@ void nix_flake_settings_free(nix_flake_settings * settings) delete settings; } -nix_err nix_flake_init_global(nix_c_context * context, nix_flake_settings * settings) +nix_err nix_flake_settings_add_to_eval_state_builder( + nix_c_context * context, nix_flake_settings * settings, nix_eval_state_builder * builder) { - static std::shared_ptr registeredSettings; try { - if (registeredSettings) - throw nix::Error("nix_flake_init_global already initialized"); - - registeredSettings = settings->settings; - nix::flake::initLib(*registeredSettings); + settings->settings->configureEvalSettings(builder->settings); } NIXC_CATCH_ERRS } diff --git a/src/libflake-c/nix_api_flake.h b/src/libflake-c/nix_api_flake.h index 80051298d28..75675835e31 100644 --- a/src/libflake-c/nix_api_flake.h +++ b/src/libflake-c/nix_api_flake.h @@ -35,9 +35,15 @@ nix_flake_settings * nix_flake_settings_new(nix_c_context * context); void nix_flake_settings_free(nix_flake_settings * settings); /** - * @brief Register Flakes support process-wide. + * @brief Initialize a `nix_flake_settings` to contain `builtins.getFlake` and + * potentially more. + * + * @param[out] context Optional, stores error information + * @param[in] settings The settings to use for e.g. `builtins.getFlake` + * @param[in] builder The builder to modify */ -nix_err nix_flake_init_global(nix_c_context * context, nix_flake_settings * settings); +nix_err nix_flake_settings_add_to_eval_state_builder( + nix_c_context * context, nix_flake_settings * settings, nix_eval_state_builder * builder); #ifdef __cplusplus } // extern "C" diff --git a/src/libflake-tests/nix_api_flake.cc b/src/libflake-tests/nix_api_flake.cc index 21109d181a4..834b2e681a6 100644 --- a/src/libflake-tests/nix_api_flake.cc +++ b/src/libflake-tests/nix_api_flake.cc @@ -25,13 +25,13 @@ TEST_F(nix_api_store_test, nix_api_init_global_getFlake_exists) assert_ctx_ok(); ASSERT_NE(nullptr, settings); - nix_flake_init_global(ctx, settings); - assert_ctx_ok(); - nix_eval_state_builder * builder = nix_eval_state_builder_new(ctx, store); ASSERT_NE(nullptr, builder); assert_ctx_ok(); + nix_flake_settings_add_to_eval_state_builder(ctx, settings, builder); + assert_ctx_ok(); + auto state = nix_eval_state_build(ctx, builder); assert_ctx_ok(); ASSERT_NE(nullptr, state); diff --git a/src/libflake/flake/flake-primops.cc b/src/libflake/flake/flake-primops.cc new file mode 100644 index 00000000000..f04887e8599 --- /dev/null +++ b/src/libflake/flake/flake-primops.cc @@ -0,0 +1,59 @@ +#include "flake-primops.hh" +#include "eval.hh" +#include "flake.hh" +#include "flakeref.hh" +#include "settings.hh" + +namespace nix::flake::primops { + +PrimOp getFlake(const Settings & settings) +{ + auto prim_getFlake = [&settings](EvalState & state, const PosIdx pos, Value ** args, Value & v) { + std::string flakeRefS( + state.forceStringNoCtx(*args[0], pos, "while evaluating the argument passed to builtins.getFlake")); + auto flakeRef = nix::parseFlakeRef(state.fetchSettings, flakeRefS, {}, true); + if (state.settings.pureEval && !flakeRef.input.isLocked()) + throw Error( + "cannot call 'getFlake' on unlocked flake reference '%s', at %s (use --impure to override)", + flakeRefS, + state.positions[pos]); + + callFlake( + state, + lockFlake( + settings, + state, + flakeRef, + LockFlags{ + .updateLockFile = false, + .writeLockFile = false, + .useRegistries = !state.settings.pureEval && settings.useRegistries, + .allowUnlocked = !state.settings.pureEval, + }), + v); + }; + + return PrimOp{ + .name = "__getFlake", + .args = {"args"}, + .doc = R"( + Fetch a flake from a flake reference, and return its output attributes and some metadata. For example: + + ```nix + (builtins.getFlake "nix/55bc52401966fbffa525c574c14f67b00bc4fb3a").packages.x86_64-linux.nix + ``` + + Unless impure evaluation is allowed (`--impure`), the flake reference + must be "locked", e.g. contain a Git revision or content hash. An + example of an unlocked usage is: + + ```nix + (builtins.getFlake "github:edolstra/dwarffs").rev + ``` + )", + .fun = prim_getFlake, + .experimentalFeature = Xp::Flakes, + }; +} + +} // namespace nix::flake::primops diff --git a/src/libflake/flake/flake-primops.hh b/src/libflake/flake/flake-primops.hh new file mode 100644 index 00000000000..662761c4e2a --- /dev/null +++ b/src/libflake/flake/flake-primops.hh @@ -0,0 +1,13 @@ +#pragma once + +#include "eval.hh" +#include "flake/settings.hh" + +namespace nix::flake::primops { + +/** + * Returns a `builtins.getFlake` primop with the given nix::flake::Settings. + */ +nix::PrimOp getFlake(const Settings & settings); + +} // namespace nix::flake \ No newline at end of file diff --git a/src/libflake/flake/flake.cc b/src/libflake/flake/flake.cc index e573c55c45d..23463af3915 100644 --- a/src/libflake/flake/flake.cc +++ b/src/libflake/flake/flake.cc @@ -973,49 +973,6 @@ void callFlake(EvalState & state, state.callFunction(*vCallFlake, args, vRes, noPos); } -void initLib(const Settings & settings) -{ - auto prim_getFlake = [&settings](EvalState & state, const PosIdx pos, Value * * args, Value & v) - { - std::string flakeRefS(state.forceStringNoCtx(*args[0], pos, "while evaluating the argument passed to builtins.getFlake")); - auto flakeRef = parseFlakeRef(state.fetchSettings, flakeRefS, {}, true); - if (state.settings.pureEval && !flakeRef.input.isLocked()) - throw Error("cannot call 'getFlake' on unlocked flake reference '%s', at %s (use --impure to override)", flakeRefS, state.positions[pos]); - - callFlake(state, - lockFlake(settings, state, flakeRef, - LockFlags { - .updateLockFile = false, - .writeLockFile = false, - .useRegistries = !state.settings.pureEval && settings.useRegistries, - .allowUnlocked = !state.settings.pureEval, - }), - v); - }; - - RegisterPrimOp::primOps->push_back({ - .name = "__getFlake", - .args = {"args"}, - .doc = R"( - Fetch a flake from a flake reference, and return its output attributes and some metadata. For example: - - ```nix - (builtins.getFlake "nix/55bc52401966fbffa525c574c14f67b00bc4fb3a").packages.x86_64-linux.nix - ``` - - Unless impure evaluation is allowed (`--impure`), the flake reference - must be "locked", e.g. contain a Git revision or content hash. An - example of an unlocked usage is: - - ```nix - (builtins.getFlake "github:edolstra/dwarffs").rev - ``` - )", - .fun = prim_getFlake, - .experimentalFeature = Xp::Flakes, - }); -} - static void prim_parseFlakeRef( EvalState & state, const PosIdx pos, diff --git a/src/libflake/flake/flake.hh b/src/libflake/flake/flake.hh index d8cd9aac0ef..d7a15158715 100644 --- a/src/libflake/flake/flake.hh +++ b/src/libflake/flake/flake.hh @@ -14,14 +14,6 @@ namespace flake { struct Settings; -/** - * Initialize `libnixflake` - * - * So far, this registers the `builtins.getFlake` primop, which depends - * on the choice of `flake:Settings`. - */ -void initLib(const Settings & settings); - struct FlakeInput; typedef std::map FlakeInputs; diff --git a/src/libflake/flake/settings.cc b/src/libflake/flake/settings.cc index 6a0294e6229..f5f9f96d0b3 100644 --- a/src/libflake/flake/settings.cc +++ b/src/libflake/flake/settings.cc @@ -1,7 +1,13 @@ #include "flake/settings.hh" +#include "flake/flake-primops.hh" namespace nix::flake { Settings::Settings() {} +void Settings::configureEvalSettings(nix::EvalSettings & evalSettings) +{ + evalSettings.addPrimOp(primops::getFlake(*this)); } + +} // namespace nix diff --git a/src/libflake/flake/settings.hh b/src/libflake/flake/settings.hh index 991eaca1f63..f629f3e746e 100644 --- a/src/libflake/flake/settings.hh +++ b/src/libflake/flake/settings.hh @@ -1,21 +1,24 @@ #pragma once ///@file -#include "types.hh" #include "config.hh" -#include "util.hh" - -#include -#include #include +namespace nix { +// Forward declarations +struct EvalSettings; + +} // namespace nix + namespace nix::flake { struct Settings : public Config { Settings(); + void configureEvalSettings(nix::EvalSettings & evalSettings); + Setting useRegistries{ this, true, diff --git a/src/libflake/meson.build b/src/libflake/meson.build index 27effe73c4b..642b85aea57 100644 --- a/src/libflake/meson.build +++ b/src/libflake/meson.build @@ -44,6 +44,7 @@ sources = files( 'flake/flake.cc', 'flake/flakeref.cc', 'flake/lockfile.cc', + 'flake/flake-primops.cc', 'flake/settings.cc', 'flake/url-name.cc', ) diff --git a/src/nix/main.cc b/src/nix/main.cc index 0a6b77e9e96..188d424bc5e 100644 --- a/src/nix/main.cc +++ b/src/nix/main.cc @@ -18,6 +18,7 @@ #include "network-proxy.hh" #include "eval-cache.hh" #include "flake/flake.hh" +#include "flake/settings.hh" #include "self-exe.hh" #include "json-utils.hh" #include "crash-handler.hh" @@ -368,7 +369,7 @@ void mainWrapped(int argc, char * * argv) initNix(); initGC(); - flake::initLib(flakeSettings); + flakeSettings.configureEvalSettings(evalSettings); /* Set the build hook location From cdb1d2c4c83b1cf93edbb1944c5ff17aab594fc0 Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Wed, 26 Mar 2025 09:32:26 +0000 Subject: [PATCH 358/815] nix-flake: Move primops registration to configureEvalSettings (cherry picked from commit d48101109d8058751bfa5cbc13afeec8b7a8a680) --- src/libflake/flake/flake-primops.cc | 101 ++++++++++++++++++++++++++ src/libflake/flake/flake-primops.hh | 3 + src/libflake/flake/flake.cc | 106 ---------------------------- src/libflake/flake/settings.cc | 2 + 4 files changed, 106 insertions(+), 106 deletions(-) diff --git a/src/libflake/flake/flake-primops.cc b/src/libflake/flake/flake-primops.cc index f04887e8599..98ebdee5fc8 100644 --- a/src/libflake/flake/flake-primops.cc +++ b/src/libflake/flake/flake-primops.cc @@ -56,4 +56,105 @@ PrimOp getFlake(const Settings & settings) }; } +static void prim_parseFlakeRef(EvalState & state, const PosIdx pos, Value ** args, Value & v) +{ + std::string flakeRefS( + state.forceStringNoCtx(*args[0], pos, "while evaluating the argument passed to builtins.parseFlakeRef")); + auto attrs = nix::parseFlakeRef(state.fetchSettings, flakeRefS, {}, true).toAttrs(); + auto binds = state.buildBindings(attrs.size()); + for (const auto & [key, value] : attrs) { + auto s = state.symbols.create(key); + auto & vv = binds.alloc(s); + std::visit( + overloaded{ + [&vv](const std::string & value) { vv.mkString(value); }, + [&vv](const uint64_t & value) { vv.mkInt(value); }, + [&vv](const Explicit & value) { vv.mkBool(value.t); }}, + value); + } + v.mkAttrs(binds); +} + +nix::PrimOp parseFlakeRef({ + .name = "__parseFlakeRef", + .args = {"flake-ref"}, + .doc = R"( + Parse a flake reference, and return its exploded form. + + For example: + + ```nix + builtins.parseFlakeRef "github:NixOS/nixpkgs/23.05?dir=lib" + ``` + + evaluates to: + + ```nix + { dir = "lib"; owner = "NixOS"; ref = "23.05"; repo = "nixpkgs"; type = "github"; } + ``` + )", + .fun = prim_parseFlakeRef, + .experimentalFeature = Xp::Flakes, +}); + +static void prim_flakeRefToString(EvalState & state, const PosIdx pos, Value ** args, Value & v) +{ + state.forceAttrs(*args[0], noPos, "while evaluating the argument passed to builtins.flakeRefToString"); + fetchers::Attrs attrs; + for (const auto & attr : *args[0]->attrs()) { + auto t = attr.value->type(); + if (t == nInt) { + auto intValue = attr.value->integer().value; + + if (intValue < 0) { + state + .error( + "negative value given for flake ref attr %1%: %2%", state.symbols[attr.name], intValue) + .atPos(pos) + .debugThrow(); + } + + attrs.emplace(state.symbols[attr.name], uint64_t(intValue)); + } else if (t == nBool) { + attrs.emplace(state.symbols[attr.name], Explicit{attr.value->boolean()}); + } else if (t == nString) { + attrs.emplace(state.symbols[attr.name], std::string(attr.value->string_view())); + } else { + state + .error( + "flake reference attribute sets may only contain integers, Booleans, " + "and strings, but attribute '%s' is %s", + state.symbols[attr.name], + showType(*attr.value)) + .debugThrow(); + } + } + auto flakeRef = FlakeRef::fromAttrs(state.fetchSettings, attrs); + v.mkString(flakeRef.to_string()); +} + +nix::PrimOp flakeRefToString({ + .name = "__flakeRefToString", + .args = {"attrs"}, + .doc = R"( + Convert a flake reference from attribute set format to URL format. + + For example: + + ```nix + builtins.flakeRefToString { + dir = "lib"; owner = "NixOS"; ref = "23.05"; repo = "nixpkgs"; type = "github"; + } + ``` + + evaluates to + + ```nix + "github:NixOS/nixpkgs/23.05?dir=lib" + ``` + )", + .fun = prim_flakeRefToString, + .experimentalFeature = Xp::Flakes, +}); + } // namespace nix::flake::primops diff --git a/src/libflake/flake/flake-primops.hh b/src/libflake/flake/flake-primops.hh index 662761c4e2a..2030605637c 100644 --- a/src/libflake/flake/flake-primops.hh +++ b/src/libflake/flake/flake-primops.hh @@ -10,4 +10,7 @@ namespace nix::flake::primops { */ nix::PrimOp getFlake(const Settings & settings); +extern nix::PrimOp parseFlakeRef; +extern nix::PrimOp flakeRefToString; + } // namespace nix::flake \ No newline at end of file diff --git a/src/libflake/flake/flake.cc b/src/libflake/flake/flake.cc index 23463af3915..47feeb08710 100644 --- a/src/libflake/flake/flake.cc +++ b/src/libflake/flake/flake.cc @@ -973,112 +973,6 @@ void callFlake(EvalState & state, state.callFunction(*vCallFlake, args, vRes, noPos); } -static void prim_parseFlakeRef( - EvalState & state, - const PosIdx pos, - Value * * args, - Value & v) -{ - std::string flakeRefS(state.forceStringNoCtx(*args[0], pos, - "while evaluating the argument passed to builtins.parseFlakeRef")); - auto attrs = parseFlakeRef(state.fetchSettings, flakeRefS, {}, true).toAttrs(); - auto binds = state.buildBindings(attrs.size()); - for (const auto & [key, value] : attrs) { - auto s = state.symbols.create(key); - auto & vv = binds.alloc(s); - std::visit(overloaded { - [&vv](const std::string & value) { vv.mkString(value); }, - [&vv](const uint64_t & value) { vv.mkInt(value); }, - [&vv](const Explicit & value) { vv.mkBool(value.t); } - }, value); - } - v.mkAttrs(binds); -} - -static RegisterPrimOp r3({ - .name = "__parseFlakeRef", - .args = {"flake-ref"}, - .doc = R"( - Parse a flake reference, and return its exploded form. - - For example: - - ```nix - builtins.parseFlakeRef "github:NixOS/nixpkgs/23.05?dir=lib" - ``` - - evaluates to: - - ```nix - { dir = "lib"; owner = "NixOS"; ref = "23.05"; repo = "nixpkgs"; type = "github"; } - ``` - )", - .fun = prim_parseFlakeRef, - .experimentalFeature = Xp::Flakes, -}); - - -static void prim_flakeRefToString( - EvalState & state, - const PosIdx pos, - Value * * args, - Value & v) -{ - state.forceAttrs(*args[0], noPos, - "while evaluating the argument passed to builtins.flakeRefToString"); - fetchers::Attrs attrs; - for (const auto & attr : *args[0]->attrs()) { - auto t = attr.value->type(); - if (t == nInt) { - auto intValue = attr.value->integer().value; - - if (intValue < 0) { - state.error("negative value given for flake ref attr %1%: %2%", state.symbols[attr.name], intValue).atPos(pos).debugThrow(); - } - - attrs.emplace(state.symbols[attr.name], uint64_t(intValue)); - } else if (t == nBool) { - attrs.emplace(state.symbols[attr.name], - Explicit { attr.value->boolean() }); - } else if (t == nString) { - attrs.emplace(state.symbols[attr.name], - std::string(attr.value->string_view())); - } else { - state.error( - "flake reference attribute sets may only contain integers, Booleans, " - "and strings, but attribute '%s' is %s", - state.symbols[attr.name], - showType(*attr.value)).debugThrow(); - } - } - auto flakeRef = FlakeRef::fromAttrs(state.fetchSettings, attrs); - v.mkString(flakeRef.to_string()); -} - -static RegisterPrimOp r4({ - .name = "__flakeRefToString", - .args = {"attrs"}, - .doc = R"( - Convert a flake reference from attribute set format to URL format. - - For example: - - ```nix - builtins.flakeRefToString { - dir = "lib"; owner = "NixOS"; ref = "23.05"; repo = "nixpkgs"; type = "github"; - } - ``` - - evaluates to - - ```nix - "github:NixOS/nixpkgs/23.05?dir=lib" - ``` - )", - .fun = prim_flakeRefToString, - .experimentalFeature = Xp::Flakes, -}); - } std::optional LockedFlake::getFingerprint( diff --git a/src/libflake/flake/settings.cc b/src/libflake/flake/settings.cc index f5f9f96d0b3..4ceca38ec33 100644 --- a/src/libflake/flake/settings.cc +++ b/src/libflake/flake/settings.cc @@ -8,6 +8,8 @@ Settings::Settings() {} void Settings::configureEvalSettings(nix::EvalSettings & evalSettings) { evalSettings.addPrimOp(primops::getFlake(*this)); + evalSettings.addPrimOp(primops::parseFlakeRef); + evalSettings.addPrimOp(primops::flakeRefToString); } } // namespace nix From 9dfadd369491d271cac093c49b910c73c9c24ac9 Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Wed, 26 Mar 2025 19:22:40 +0000 Subject: [PATCH 359/815] nix-expr: remove EvalSettings::addPrimOp, add const Not required for a struct and potentially confusing. (cherry picked from commit 6fc9651d57d171b2a295edee96d1fad30aca92aa) --- src/libexpr/eval-settings.cc | 9 --------- src/libexpr/eval-settings.hh | 9 --------- src/libflake/flake/settings.cc | 8 ++++---- src/libflake/flake/settings.hh | 2 +- 4 files changed, 5 insertions(+), 23 deletions(-) diff --git a/src/libexpr/eval-settings.cc b/src/libexpr/eval-settings.cc index ebb9e5bbde4..b54afdce124 100644 --- a/src/libexpr/eval-settings.cc +++ b/src/libexpr/eval-settings.cc @@ -103,13 +103,4 @@ Path getNixDefExpr() : getHome() + "/.nix-defexpr"; } -void EvalSettings::addPrimOp(PrimOp && primOp) -{ - extraPrimOps.emplace_back(std::move(primOp)); -} -void EvalSettings::addPrimOp(const PrimOp & primOp) -{ - extraPrimOps.emplace_back(PrimOp(primOp)); -} - } // namespace nix \ No newline at end of file diff --git a/src/libexpr/eval-settings.hh b/src/libexpr/eval-settings.hh index 368173b01e4..d16fd403592 100644 --- a/src/libexpr/eval-settings.hh +++ b/src/libexpr/eval-settings.hh @@ -53,15 +53,6 @@ struct EvalSettings : Config std::vector extraPrimOps; - /** - * Register a primop to be added when an EvalState is created from these settings. - */ - void addPrimOp(PrimOp && primOp); - /** - * Register a primop to be added when an EvalState is created from these settings. - */ - void addPrimOp(const PrimOp & primOp); - Setting enableNativeCode{this, false, "allow-unsafe-native-code-during-evaluation", R"( Enable built-in functions that allow executing native code. diff --git a/src/libflake/flake/settings.cc b/src/libflake/flake/settings.cc index 4ceca38ec33..cac7c4384b8 100644 --- a/src/libflake/flake/settings.cc +++ b/src/libflake/flake/settings.cc @@ -5,11 +5,11 @@ namespace nix::flake { Settings::Settings() {} -void Settings::configureEvalSettings(nix::EvalSettings & evalSettings) +void Settings::configureEvalSettings(nix::EvalSettings & evalSettings) const { - evalSettings.addPrimOp(primops::getFlake(*this)); - evalSettings.addPrimOp(primops::parseFlakeRef); - evalSettings.addPrimOp(primops::flakeRefToString); + evalSettings.extraPrimOps.emplace_back(primops::getFlake(*this)); + evalSettings.extraPrimOps.emplace_back(primops::parseFlakeRef); + evalSettings.extraPrimOps.emplace_back(primops::flakeRefToString); } } // namespace nix diff --git a/src/libflake/flake/settings.hh b/src/libflake/flake/settings.hh index f629f3e746e..5f0d9fb21c3 100644 --- a/src/libflake/flake/settings.hh +++ b/src/libflake/flake/settings.hh @@ -17,7 +17,7 @@ struct Settings : public Config { Settings(); - void configureEvalSettings(nix::EvalSettings & evalSettings); + void configureEvalSettings(nix::EvalSettings & evalSettings) const; Setting useRegistries{ this, From 5663827c7d62e305833e007584c7de82ba7cb303 Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Wed, 26 Mar 2025 20:02:06 +0000 Subject: [PATCH 360/815] Move call-flake.nix to nix-flake As suggested by Ericson2314 in review https://github.com/NixOS/nix/pull/12759#issuecomment-2755352343 (cherry picked from commit 0c75581d8b7cfbfa7a8db9b5dcbf0cbf0709009f) --- src/libexpr/eval.cc | 4 ---- src/libexpr/eval.hh | 4 +--- src/libexpr/meson.build | 1 - src/{libexpr => libflake}/call-flake.nix | 0 src/libflake/flake/flake.cc | 24 ++++++++++++++++++++++-- src/libflake/meson.build | 10 ++++++++++ src/libflake/package.nix | 1 + 7 files changed, 34 insertions(+), 10 deletions(-) rename src/{libexpr => libflake}/call-flake.nix (100%) diff --git a/src/libexpr/eval.cc b/src/libexpr/eval.cc index 53b64960675..b9b89773f45 100644 --- a/src/libexpr/eval.cc +++ b/src/libexpr/eval.cc @@ -288,10 +288,6 @@ EvalState::EvalState( CanonPath("derivation-internal.nix"), #include "primops/derivation.nix.gen.hh" )} - , callFlakeInternal{internalFS->addFile( - CanonPath("call-flake.nix"), - #include "call-flake.nix.gen.hh" - )} , store(store) , buildStore(buildStore ? buildStore : store) , debugRepl(nullptr) diff --git a/src/libexpr/eval.hh b/src/libexpr/eval.hh index 9b8899ccff1..5e3e915c62d 100644 --- a/src/libexpr/eval.hh +++ b/src/libexpr/eval.hh @@ -274,14 +274,12 @@ public: /** * In-memory filesystem for internal, non-user-callable Nix - * expressions like call-flake.nix. + * expressions like `derivation.nix`. */ const ref internalFS; const SourcePath derivationInternal; - const SourcePath callFlakeInternal; - /** * Store used to materialise .drv files. */ diff --git a/src/libexpr/meson.build b/src/libexpr/meson.build index fc04c4691dc..040da3dbc61 100644 --- a/src/libexpr/meson.build +++ b/src/libexpr/meson.build @@ -126,7 +126,6 @@ generated_headers = [] foreach header : [ 'imported-drv-to-derivation.nix', 'fetchurl.nix', - 'call-flake.nix', ] generated_headers += gen_header.process(header) endforeach diff --git a/src/libexpr/call-flake.nix b/src/libflake/call-flake.nix similarity index 100% rename from src/libexpr/call-flake.nix rename to src/libflake/call-flake.nix diff --git a/src/libflake/flake/flake.cc b/src/libflake/flake/flake.cc index 47feeb08710..b4b98702776 100644 --- a/src/libflake/flake/flake.cc +++ b/src/libflake/flake/flake.cc @@ -16,6 +16,8 @@ #include +#include "memory-source-accessor.hh" + namespace nix { using namespace flake; @@ -921,6 +923,25 @@ LockedFlake lockFlake( } } +static ref makeInternalFS() { + auto internalFS = make_ref(MemorySourceAccessor {}); + internalFS->setPathDisplay("«flakes-internal»", ""); + internalFS->addFile( + CanonPath("call-flake.nix"), + #include "call-flake.nix.gen.hh" + ); + return internalFS; +} + +static auto internalFS = makeInternalFS(); + +static Value * requireInternalFile(EvalState & state, CanonPath path) { + SourcePath p {internalFS, path}; + auto v = state.allocValue(); + state.evalFile(p, *v); // has caching + return v; +} + void callFlake(EvalState & state, const LockedFlake & lockedFlake, Value & vRes) @@ -960,8 +981,7 @@ void callFlake(EvalState & state, auto & vOverrides = state.allocValue()->mkAttrs(overrides); - auto vCallFlake = state.allocValue(); - state.evalFile(state.callFlakeInternal, *vCallFlake); + Value * vCallFlake = requireInternalFile(state, CanonPath("call-flake.nix")); auto vLocks = state.allocValue(); vLocks->mkString(lockFileStr); diff --git a/src/libflake/meson.build b/src/libflake/meson.build index 642b85aea57..b780722de95 100644 --- a/src/libflake/meson.build +++ b/src/libflake/meson.build @@ -39,6 +39,15 @@ add_project_arguments( subdir('nix-meson-build-support/common') +subdir('nix-meson-build-support/generate-header') + +generated_headers = [] +foreach header : [ + 'call-flake.nix', +] + generated_headers += gen_header.process(header) +endforeach + sources = files( 'flake/config.cc', 'flake/flake.cc', @@ -65,6 +74,7 @@ subdir('nix-meson-build-support/windows-version') this_library = library( 'nixflake', sources, + generated_headers, dependencies : deps_public + deps_private + deps_other, include_directories : include_dirs, link_args: linker_export_flags, diff --git a/src/libflake/package.nix b/src/libflake/package.nix index 5240ce5e396..d7250c252c6 100644 --- a/src/libflake/package.nix +++ b/src/libflake/package.nix @@ -28,6 +28,7 @@ mkMesonLibrary (finalAttrs: { ../../.version ./.version ./meson.build + ./call-flake.nix (fileset.fileFilter (file: file.hasExt "cc") ./.) (fileset.fileFilter (file: file.hasExt "hh") ./.) ]; From 569631b1d5c92f7d7cd9ed4a5ce1602bb3071c30 Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Fri, 28 Mar 2025 14:14:45 +0000 Subject: [PATCH 361/815] Unexpose config headers (low hanging fruit only) - Some headers were completely redundant and have been removed. - Other headers have been turned private. - Unnecessary meson.build code has been removed. - libutil-tests now has a private config header, where previously it had none. This removes the need to expose a package version macro publicly. (cherry picked from commit b86a76044e282a8f1de06cd89af683d40a48f233) --- src/libcmd/meson.build | 5 ++--- src/libexpr-c/meson.build | 16 +--------------- src/libexpr-tests/meson.build | 3 --- src/libflake-c/meson.build | 17 +---------------- src/libmain-c/meson.build | 17 +---------------- src/libmain/meson.build | 3 ++- src/libstore-c/meson.build | 15 +-------------- src/libstore-tests/meson.build | 2 -- src/libstore/meson.build | 1 + src/libutil-c/meson.build | 6 ++---- src/libutil-c/nix_api_util.cc | 2 ++ src/libutil-tests/meson.build | 14 ++++++++++---- src/libutil/meson.build | 2 ++ src/nix/meson.build | 3 --- tests/functional/plugins/meson.build | 1 - 15 files changed, 25 insertions(+), 82 deletions(-) diff --git a/src/libcmd/meson.build b/src/libcmd/meson.build index 114c099df7b..85d22a5f3fa 100644 --- a/src/libcmd/meson.build +++ b/src/libcmd/meson.build @@ -63,9 +63,7 @@ add_project_arguments( # It would be nice for our headers to be idempotent instead. '-include', 'config-util.hh', '-include', 'config-store.hh', - # '-include', 'config-fetchers.h', '-include', 'config-expr.hh', - '-include', 'config-main.hh', '-include', 'config-cmd.hh', language : 'cpp', ) @@ -93,7 +91,7 @@ sources = files( include_dirs = [include_directories('.')] -headers = [config_h] + files( +headers = files( 'built-path.hh', 'command-installable-value.hh', 'command.hh', @@ -119,6 +117,7 @@ subdir('nix-meson-build-support/windows-version') this_library = library( 'nixcmd', sources, + config_h, dependencies : deps_public + deps_private + deps_other, include_directories : include_dirs, link_args: linker_export_flags, diff --git a/src/libexpr-c/meson.build b/src/libexpr-c/meson.build index 9487132cf36..8405525ca2e 100644 --- a/src/libexpr-c/meson.build +++ b/src/libexpr-c/meson.build @@ -14,8 +14,6 @@ cxx = meson.get_compiler('cpp') subdir('nix-meson-build-support/deps-lists') -configdata = configuration_data() - deps_private_maybe_subproject = [ dependency('nix-util'), dependency('nix-store'), @@ -27,14 +25,6 @@ deps_public_maybe_subproject = [ ] subdir('nix-meson-build-support/subprojects') -# TODO rename, because it will conflict with downstream projects -configdata.set_quoted('PACKAGE_VERSION', meson.project_version()) - -config_h = configure_file( - configuration : configdata, - output : 'config-expr.h', -) - add_project_arguments( # TODO(Qyriad): Yes this is how the autoconf+Make system did it. # It would be nice for our headers to be idempotent instead. @@ -44,10 +34,6 @@ add_project_arguments( '-include', 'config-store.hh', '-include', 'config-expr.hh', - # From C libraries, for our public, installed headers too - '-include', 'config-util.h', - '-include', 'config-store.h', - '-include', 'config-expr.h', language : 'cpp', ) @@ -61,7 +47,7 @@ sources = files( include_dirs = [include_directories('.')] -headers = [config_h] + files( +headers = files( 'nix_api_expr.h', 'nix_api_external.h', 'nix_api_value.h', diff --git a/src/libexpr-tests/meson.build b/src/libexpr-tests/meson.build index 667a0d7b7a8..9f6edb9b391 100644 --- a/src/libexpr-tests/meson.build +++ b/src/libexpr-tests/meson.build @@ -41,9 +41,6 @@ add_project_arguments( '-include', 'config-util.hh', '-include', 'config-store.hh', '-include', 'config-expr.hh', - '-include', 'config-util.h', - '-include', 'config-store.h', - '-include', 'config-expr.h', language : 'cpp', ) diff --git a/src/libflake-c/meson.build b/src/libflake-c/meson.build index 85d20644d59..469e0ade432 100644 --- a/src/libflake-c/meson.build +++ b/src/libflake-c/meson.build @@ -14,8 +14,6 @@ cxx = meson.get_compiler('cpp') subdir('nix-meson-build-support/deps-lists') -configdata = configuration_data() - deps_private_maybe_subproject = [ dependency('nix-util'), dependency('nix-store'), @@ -29,14 +27,6 @@ deps_public_maybe_subproject = [ ] subdir('nix-meson-build-support/subprojects') -# TODO rename, because it will conflict with downstream projects -configdata.set_quoted('PACKAGE_VERSION', meson.project_version()) - -config_h = configure_file( - configuration : configdata, - output : 'config-flake.h', -) - add_project_arguments( # TODO(Qyriad): Yes this is how the autoconf+Make system did it. # It would be nice for our headers to be idempotent instead. @@ -48,11 +38,6 @@ add_project_arguments( # not generated (yet?) # '-include', 'config-flake.hh', - # From C libraries, for our public, installed headers too - '-include', 'config-util.h', - '-include', 'config-store.h', - '-include', 'config-expr.h', - '-include', 'config-flake.h', language : 'cpp', ) @@ -64,7 +49,7 @@ sources = files( include_dirs = [include_directories('.')] -headers = [config_h] + files( +headers = files( 'nix_api_flake.h', ) diff --git a/src/libmain-c/meson.build b/src/libmain-c/meson.build index d875d2c3f55..0e9380a127c 100644 --- a/src/libmain-c/meson.build +++ b/src/libmain-c/meson.build @@ -14,8 +14,6 @@ cxx = meson.get_compiler('cpp') subdir('nix-meson-build-support/deps-lists') -configdata = configuration_data() - deps_private_maybe_subproject = [ dependency('nix-util'), dependency('nix-store'), @@ -27,14 +25,6 @@ deps_public_maybe_subproject = [ ] subdir('nix-meson-build-support/subprojects') -# TODO rename, because it will conflict with downstream projects -configdata.set_quoted('PACKAGE_VERSION', meson.project_version()) - -config_h = configure_file( - configuration : configdata, - output : 'config-main.h', -) - add_project_arguments( # TODO(Qyriad): Yes this is how the autoconf+Make system did it. # It would be nice for our headers to be idempotent instead. @@ -42,12 +32,7 @@ add_project_arguments( # From C++ libraries, only for internals '-include', 'config-util.hh', '-include', 'config-store.hh', - '-include', 'config-main.hh', - # From C libraries, for our public, installed headers too - '-include', 'config-util.h', - '-include', 'config-store.h', - '-include', 'config-main.h', language : 'cpp', ) @@ -59,7 +44,7 @@ sources = files( include_dirs = [include_directories('.')] -headers = [config_h] + files( +headers = files( 'nix_api_main.h', ) diff --git a/src/libmain/meson.build b/src/libmain/meson.build index 6a0a22295bd..7c24abb294a 100644 --- a/src/libmain/meson.build +++ b/src/libmain/meson.build @@ -74,7 +74,7 @@ endif include_dirs = [include_directories('.')] -headers = [config_h] + files( +headers = files( 'common-args.hh', 'loggers.hh', 'plugin.hh', @@ -88,6 +88,7 @@ subdir('nix-meson-build-support/windows-version') this_library = library( 'nixmain', sources, + config_h, dependencies : deps_public + deps_private + deps_other, include_directories : include_dirs, link_args: linker_export_flags, diff --git a/src/libstore-c/meson.build b/src/libstore-c/meson.build index 17d18609f09..2e2275feeaf 100644 --- a/src/libstore-c/meson.build +++ b/src/libstore-c/meson.build @@ -14,8 +14,6 @@ cxx = meson.get_compiler('cpp') subdir('nix-meson-build-support/deps-lists') -configdata = configuration_data() - deps_private_maybe_subproject = [ dependency('nix-util'), dependency('nix-store'), @@ -25,14 +23,6 @@ deps_public_maybe_subproject = [ ] subdir('nix-meson-build-support/subprojects') -# TODO rename, because it will conflict with downstream projects -configdata.set_quoted('PACKAGE_VERSION', meson.project_version()) - -config_h = configure_file( - configuration : configdata, - output : 'config-store.h', -) - add_project_arguments( # TODO(Qyriad): Yes this is how the autoconf+Make system did it. # It would be nice for our headers to be idempotent instead. @@ -41,9 +31,6 @@ add_project_arguments( '-include', 'config-util.hh', '-include', 'config-store.hh', - # From C libraries, for our public, installed headers too - '-include', 'config-util.h', - '-include', 'config-store.h', language : 'cpp', ) @@ -55,7 +42,7 @@ sources = files( include_dirs = [include_directories('.')] -headers = [config_h] + files( +headers = files( 'nix_api_store.h', ) diff --git a/src/libstore-tests/meson.build b/src/libstore-tests/meson.build index 3ba0795e9fa..9f3d8e1d497 100644 --- a/src/libstore-tests/meson.build +++ b/src/libstore-tests/meson.build @@ -45,8 +45,6 @@ add_project_arguments( # It would be nice for our headers to be idempotent instead. '-include', 'config-util.hh', '-include', 'config-store.hh', - '-include', 'config-util.h', - '-include', 'config-store.h', language : 'cpp', ) diff --git a/src/libstore/meson.build b/src/libstore/meson.build index 1ea1f57bc3d..a592cbf9833 100644 --- a/src/libstore/meson.build +++ b/src/libstore/meson.build @@ -67,6 +67,7 @@ endforeach has_acl_support = cxx.has_header('sys/xattr.h') \ and cxx.has_function('llistxattr') \ and cxx.has_function('lremovexattr') +# TODO: used in header - make proper public header and make sure it's included. Affects ABI! configdata.set('HAVE_ACL_SUPPORT', has_acl_support.to_int()) if host_machine.system() == 'darwin' diff --git a/src/libutil-c/meson.build b/src/libutil-c/meson.build index ac129766580..2733a33ba4d 100644 --- a/src/libutil-c/meson.build +++ b/src/libutil-c/meson.build @@ -23,7 +23,6 @@ deps_public_maybe_subproject = [ ] subdir('nix-meson-build-support/subprojects') -# TODO rename, because it will conflict with downstream projects configdata.set_quoted('PACKAGE_VERSION', meson.project_version()) config_h = configure_file( @@ -38,8 +37,6 @@ add_project_arguments( # From C++ libraries, only for internals '-include', 'config-util.hh', - # From C libraries, for our public, installed headers too - '-include', 'config-util.h', language : 'cpp', ) @@ -51,7 +48,7 @@ sources = files( include_dirs = [include_directories('.')] -headers = [config_h] + files( +headers = files( 'nix_api_util.h', ) @@ -64,6 +61,7 @@ subdir('nix-meson-build-support/windows-version') this_library = library( 'nixutilc', sources, + config_h, dependencies : deps_public + deps_private + deps_other, include_directories : include_dirs, link_args: linker_export_flags, diff --git a/src/libutil-c/nix_api_util.cc b/src/libutil-c/nix_api_util.cc index 992ea0a2ad0..3e061d53e56 100644 --- a/src/libutil-c/nix_api_util.cc +++ b/src/libutil-c/nix_api_util.cc @@ -7,6 +7,8 @@ #include #include +#include "config-util.h" + nix_c_context * nix_c_context_create() { return new nix_c_context(); diff --git a/src/libutil-tests/meson.build b/src/libutil-tests/meson.build index ad2c61711cd..f982d6cf68e 100644 --- a/src/libutil-tests/meson.build +++ b/src/libutil-tests/meson.build @@ -32,11 +32,16 @@ deps_private += rapidcheck gtest = dependency('gtest', main : true) deps_private += gtest +configdata = configuration_data() +configdata.set_quoted('PACKAGE_VERSION', meson.project_version()) + +config_h = configure_file( + configuration : configdata, + output : 'config-util-tests.hh', +) + add_project_arguments( - # TODO(Qyriad): Yes this is how the autoconf+Make system did it. - # It would be nice for our headers to be idempotent instead. - '-include', 'config-util.hh', - '-include', 'config-util.h', + '-include', 'config-util-tests.hh', language : 'cpp', ) @@ -79,6 +84,7 @@ include_dirs = [include_directories('.')] this_exe = executable( meson.project_name(), sources, + config_h, dependencies : deps_private_subproject + deps_private + deps_other, include_directories : include_dirs, # TODO: -lrapidcheck, see ../libutil-support/build.meson diff --git a/src/libutil/meson.build b/src/libutil/meson.build index 9e70d0549f0..8af3272a8ac 100644 --- a/src/libutil/meson.build +++ b/src/libutil/meson.build @@ -33,12 +33,14 @@ check_funcs = [ 'pipe2', # Optionally used to preallocate files to be large enough before # writing to them. + # WARNING: define also used in libstore 'posix_fallocate', # Optionally used to get more information about processes failing due # to a signal on Unix. 'strsignal', # Optionally used to try to close more file descriptors (e.g. before # forking) on Unix. + # WARNING: also used in libexpr 'sysconf', # Optionally used for changing the mtime of files and symlinks. 'utimensat', diff --git a/src/nix/meson.build b/src/nix/meson.build index 79ad840f648..1ad53c80757 100644 --- a/src/nix/meson.build +++ b/src/nix/meson.build @@ -57,9 +57,6 @@ add_project_arguments( '-include', 'config-util.hh', '-include', 'config-store.hh', '-include', 'config-expr.hh', - #'-include', 'config-fetchers.hh', - '-include', 'config-main.hh', - '-include', 'config-cmd.hh', '-include', 'config-nix-cli.hh', language : 'cpp', ) diff --git a/tests/functional/plugins/meson.build b/tests/functional/plugins/meson.build index 3d6b2f0e1d8..13acdbbc574 100644 --- a/tests/functional/plugins/meson.build +++ b/tests/functional/plugins/meson.build @@ -6,7 +6,6 @@ libplugintest = shared_module( # It would be nice for our headers to be idempotent instead. '-include', 'config-util.hh', '-include', 'config-store.hh', - # '-include', 'config-fetchers.hh', '-include', 'config-expr.hh', ], dependencies : [ From 3e2f4891c4ec025ff0646afee24afc5ef5a7db90 Mon Sep 17 00:00:00 2001 From: John Ericson Date: Mon, 3 Mar 2025 18:22:25 -0500 Subject: [PATCH 362/815] Advanced attributes organize MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This is supposed to firstly improve the docs as they are, and secondly hint at how the core conceptual information ought to be moved to the store derivation section of the manual. Co-authored-by: Jörg Thalheim (cherry picked from commit 637aa0944d02bb7d4bccba5fe6fc9973a93ca656) --- .../source/language/advanced-attributes.md | 216 +++++++++--------- 1 file changed, 113 insertions(+), 103 deletions(-) diff --git a/doc/manual/source/language/advanced-attributes.md b/doc/manual/source/language/advanced-attributes.md index 0722386c4cf..bf196e0b880 100644 --- a/doc/manual/source/language/advanced-attributes.md +++ b/doc/manual/source/language/advanced-attributes.md @@ -2,58 +2,7 @@ Derivations can declare some infrequently used optional attributes. - - [`allowedReferences`]{#adv-attr-allowedReferences}\ - The optional attribute `allowedReferences` specifies a list of legal - references (dependencies) of the output of the builder. For example, - - ```nix - allowedReferences = []; - ``` - - enforces that the output of a derivation cannot have any runtime - dependencies on its inputs. To allow an output to have a runtime - dependency on itself, use `"out"` as a list item. This is used in - NixOS to check that generated files such as initial ramdisks for - booting Linux don’t have accidental dependencies on other paths in - the Nix store. - - - [`allowedRequisites`]{#adv-attr-allowedRequisites}\ - This attribute is similar to `allowedReferences`, but it specifies - the legal requisites of the whole closure, so all the dependencies - recursively. For example, - - ```nix - allowedRequisites = [ foobar ]; - ``` - - enforces that the output of a derivation cannot have any other - runtime dependency than `foobar`, and in addition it enforces that - `foobar` itself doesn't introduce any other dependency itself. - - - [`disallowedReferences`]{#adv-attr-disallowedReferences}\ - The optional attribute `disallowedReferences` specifies a list of - illegal references (dependencies) of the output of the builder. For - example, - - ```nix - disallowedReferences = [ foo ]; - ``` - - enforces that the output of a derivation cannot have a direct - runtime dependencies on the derivation `foo`. - - - [`disallowedRequisites`]{#adv-attr-disallowedRequisites}\ - This attribute is similar to `disallowedReferences`, but it - specifies illegal requisites for the whole closure, so all the - dependencies recursively. For example, - - ```nix - disallowedRequisites = [ foobar ]; - ``` - - enforces that the output of a derivation cannot have any runtime - dependency on `foobar` or any other derivation depending recursively - on `foobar`. +## Inputs - [`exportReferencesGraph`]{#adv-attr-exportReferencesGraph}\ This attribute allows builders access to the references graph of @@ -84,41 +33,6 @@ Derivations can declare some infrequently used optional attributes. with a Nix store containing the closure of a bootable NixOS configuration). - - [`impureEnvVars`]{#adv-attr-impureEnvVars}\ - This attribute allows you to specify a list of environment variables - that should be passed from the environment of the calling user to - the builder. Usually, the environment is cleared completely when the - builder is executed, but with this attribute you can allow specific - environment variables to be passed unmodified. For example, - `fetchurl` in Nixpkgs has the line - - ```nix - impureEnvVars = [ "http_proxy" "https_proxy" ... ]; - ``` - - to make it use the proxy server configuration specified by the user - in the environment variables `http_proxy` and friends. - - This attribute is only allowed in [fixed-output derivations][fixed-output derivation], - where impurities such as these are okay since (the hash - of) the output is known in advance. It is ignored for all other - derivations. - - > **Warning** - > - > `impureEnvVars` implementation takes environment variables from - > the current builder process. When a daemon is building its - > environmental variables are used. Without the daemon, the - > environmental variables come from the environment of the - > `nix-build`. - - If the [`configurable-impure-env` experimental - feature](@docroot@/development/experimental-features.md#xp-feature-configurable-impure-env) - is enabled, these environment variables can also be controlled - through the - [`impure-env`](@docroot@/command-ref/conf-file.md#conf-impure-env) - configuration setting. - - [`passAsFile`]{#adv-attr-passAsFile}\ A list of names of attributes that should be passed via files rather than environment variables. For example, if you have @@ -137,22 +51,6 @@ Derivations can declare some infrequently used optional attributes. builder, since most operating systems impose a limit on the size of the environment (typically, a few hundred kilobyte). - - [`preferLocalBuild`]{#adv-attr-preferLocalBuild}\ - If this attribute is set to `true` and [distributed building is enabled](@docroot@/command-ref/conf-file.md#conf-builders), then, if possible, the derivation will be built locally instead of being forwarded to a remote machine. - This is useful for derivations that are cheapest to build locally. - - - [`allowSubstitutes`]{#adv-attr-allowSubstitutes}\ - If this attribute is set to `false`, then Nix will always build this derivation (locally or remotely); it will not try to substitute its outputs. - This is useful for derivations that are cheaper to build than to substitute. - - This attribute can be ignored by setting [`always-allow-substitutes`](@docroot@/command-ref/conf-file.md#conf-always-allow-substitutes) to `true`. - - > **Note** - > - > If set to `false`, the [`builder`] should be able to run on the system type specified in the [`system` attribute](./derivations.md#attr-system), since the derivation cannot be substituted. - - [`builder`]: ./derivations.md#attr-builder - - [`__structuredAttrs`]{#adv-attr-structuredAttrs}\ If the special attribute `__structuredAttrs` is set to `true`, the other derivation attributes are serialised into a file in JSON format. The environment variable @@ -179,6 +77,61 @@ Derivations can declare some infrequently used optional attributes. [`disallowedReferences`](#adv-attr-disallowedReferences) and [`disallowedRequisites`](#adv-attr-disallowedRequisites), maxSize, and maxClosureSize. will have no effect. +## Output checks + + - [`allowedReferences`]{#adv-attr-allowedReferences}\ + The optional attribute `allowedReferences` specifies a list of legal + references (dependencies) of the output of the builder. For example, + + ```nix + allowedReferences = []; + ``` + + enforces that the output of a derivation cannot have any runtime + dependencies on its inputs. To allow an output to have a runtime + dependency on itself, use `"out"` as a list item. This is used in + NixOS to check that generated files such as initial ramdisks for + booting Linux don’t have accidental dependencies on other paths in + the Nix store. + + - [`allowedRequisites`]{#adv-attr-allowedRequisites}\ + This attribute is similar to `allowedReferences`, but it specifies + the legal requisites of the whole closure, so all the dependencies + recursively. For example, + + ```nix + allowedRequisites = [ foobar ]; + ``` + + enforces that the output of a derivation cannot have any other + runtime dependency than `foobar`, and in addition it enforces that + `foobar` itself doesn't introduce any other dependency itself. + + - [`disallowedReferences`]{#adv-attr-disallowedReferences}\ + The optional attribute `disallowedReferences` specifies a list of + illegal references (dependencies) of the output of the builder. For + example, + + ```nix + disallowedReferences = [ foo ]; + ``` + + enforces that the output of a derivation cannot have a direct + runtime dependencies on the derivation `foo`. + + - [`disallowedRequisites`]{#adv-attr-disallowedRequisites}\ + This attribute is similar to `disallowedReferences`, but it + specifies illegal requisites for the whole closure, so all the + dependencies recursively. For example, + + ```nix + disallowedRequisites = [ foobar ]; + ``` + + enforces that the output of a derivation cannot have any runtime + dependency on `foobar` or any other derivation depending recursively + on `foobar`. + - [`outputChecks`]{#adv-attr-outputChecks}\ When using [structured attributes](#adv-attr-structuredAttrs), the `outputChecks` attribute allows defining checks per-output. @@ -212,6 +165,8 @@ Derivations can declare some infrequently used optional attributes. }; ``` +## Other output modifications + - [`unsafeDiscardReferences`]{#adv-attr-unsafeDiscardReferences}\ When using [structured attributes](#adv-attr-structuredAttrs), the @@ -229,6 +184,24 @@ Derivations can declare some infrequently used optional attributes. their own embedded Nix store: hashes found inside such an image refer to the embedded store and not to the host's Nix store. +## Build scheduling + + - [`preferLocalBuild`]{#adv-attr-preferLocalBuild}\ + If this attribute is set to `true` and [distributed building is enabled](@docroot@/command-ref/conf-file.md#conf-builders), then, if possible, the derivation will be built locally instead of being forwarded to a remote machine. + This is useful for derivations that are cheapest to build locally. + + - [`allowSubstitutes`]{#adv-attr-allowSubstitutes}\ + If this attribute is set to `false`, then Nix will always build this derivation (locally or remotely); it will not try to substitute its outputs. + This is useful for derivations that are cheaper to build than to substitute. + + This attribute can be ignored by setting [`always-allow-substitutes`](@docroot@/command-ref/conf-file.md#conf-always-allow-substitutes) to `true`. + + > **Note** + > + > If set to `false`, the [`builder`] should be able to run on the system type specified in the [`system` attribute](./derivations.md#attr-system), since the derivation cannot be substituted. + + [`builder`]: ./derivations.md#attr-builder + - [`requiredSystemFeatures`]{#adv-attr-requiredSystemFeatures}\ If a derivation has the `requiredSystemFeatures` attribute, then Nix will only build it on a machine that has the corresponding features set in its [`system-features` configuration](@docroot@/command-ref/conf-file.md#conf-system-features). @@ -241,6 +214,43 @@ Derivations can declare some infrequently used optional attributes. ensures that the derivation can only be built on a machine with the `kvm` feature. +# Impure builder configuration + + - [`impureEnvVars`]{#adv-attr-impureEnvVars}\ + This attribute allows you to specify a list of environment variables + that should be passed from the environment of the calling user to + the builder. Usually, the environment is cleared completely when the + builder is executed, but with this attribute you can allow specific + environment variables to be passed unmodified. For example, + `fetchurl` in Nixpkgs has the line + + ```nix + impureEnvVars = [ "http_proxy" "https_proxy" ... ]; + ``` + + to make it use the proxy server configuration specified by the user + in the environment variables `http_proxy` and friends. + + This attribute is only allowed in [fixed-output derivations][fixed-output derivation], + where impurities such as these are okay since (the hash + of) the output is known in advance. It is ignored for all other + derivations. + + > **Warning** + > + > `impureEnvVars` implementation takes environment variables from + > the current builder process. When a daemon is building its + > environmental variables are used. Without the daemon, the + > environmental variables come from the environment of the + > `nix-build`. + + If the [`configurable-impure-env` experimental + feature](@docroot@/development/experimental-features.md#xp-feature-configurable-impure-env) + is enabled, these environment variables can also be controlled + through the + [`impure-env`](@docroot@/command-ref/conf-file.md#conf-impure-env) + configuration setting. + ## Setting the derivation type As discussed in [Derivation Outputs and Types of Derivations](@docroot@/store/derivation/outputs/index.md), there are multiples kinds of derivations / kinds of derivation outputs. From 12825ab9720d3ae9311a0e905148a32dfff2f0f8 Mon Sep 17 00:00:00 2001 From: Farid Zakaria Date: Fri, 7 Mar 2025 23:07:03 -0800 Subject: [PATCH 363/815] Fix minor documentation typos Was reading the store chapter and came across a few small typos and edits. (cherry picked from commit 33493b9eada8722250257414545934d0feb09f73) --- doc/manual/source/store/derivation/outputs/index.md | 10 +++++----- .../source/store/file-system-object/content-address.md | 3 ++- .../source/store/store-object/content-address.md | 2 +- 3 files changed, 8 insertions(+), 7 deletions(-) diff --git a/doc/manual/source/store/derivation/outputs/index.md b/doc/manual/source/store/derivation/outputs/index.md index 15070a18f05..b02e6eca07b 100644 --- a/doc/manual/source/store/derivation/outputs/index.md +++ b/doc/manual/source/store/derivation/outputs/index.md @@ -1,7 +1,7 @@ # Derivation Outputs and Types of Derivations As stated on the [main pages on derivations](../index.md#store-derivation), -a derivation produces [store objects], which are known as the *outputs* of the derivation. +a derivation produces [store objects](@docroot@/store/store-object.md), which are known as the *outputs* of the derivation. Indeed, the entire point of derivations is to produce these outputs, and to reliably and reproducably produce these derivations each time the derivation is run. One of the parts of a derivation is its *outputs specification*, which specifies certain information about the outputs the derivation produces when run. @@ -9,7 +9,7 @@ The outputs specification is a map, from names to specifications for individual ## Output Names {#outputs} -Output names can be any string which is also a valid [store path] name. +Output names can be any string which is also a valid [store path](@docroot@/store/store-path.md) name. The name mapped to each output specification is not actually the name of the output. In the general case, the output store object has name `derivationName + "-" + outputSpecName`, not any other metadata about it. However, an output spec named "out" describes and output store object whose name is just the derivation name. @@ -24,11 +24,11 @@ However, an output spec named "out" describes and output store object whose name > > - The store path of `dev` will be: `/nix/store/-hello-dev`. -The outputs are the derivations are the [store objects][store object] it is obligated to produce. +The outputs are the derivations are the [store objects](@docroot@/store/store-object.md) it is obligated to produce. > **Note** > -> The formal terminology here is somewhat at adds with everyday communication in the Nix community today. +> The formal terminology here is somewhat at odds with everyday communication in the Nix community today. > "output" in casual usage tends to refer to either to the actual output store object, or the notional output spec, depending on context. > > For example "hello's `dev` output" means the store object referred to by the store path `/nix/store/-hello-dev`. @@ -64,7 +64,7 @@ The rules for this are fairly concise: (This is an arbitrary restriction that could be lifted.) -- The output is either *fixed* or *floating*, indicating whether the its store path is known prior to building it. +- The output is either *fixed* or *floating*, indicating whether the store path is known prior to building it. - With fixed content-addressing it is fixed. diff --git a/doc/manual/source/store/file-system-object/content-address.md b/doc/manual/source/store/file-system-object/content-address.md index 72b087fe982..04a1021f144 100644 --- a/doc/manual/source/store/file-system-object/content-address.md +++ b/doc/manual/source/store/file-system-object/content-address.md @@ -46,7 +46,7 @@ be many different serialisations. For these reasons, Nix has its very own archive format—the Nix Archive (NAR) format, which is carefully designed to avoid the problems described above. -The exact specification of the Nix Archive format is in `protocols/nix-archive.md` +The exact specification of the Nix Archive format is in [specified here](../../protocols/nix-archive.md). ## Content addressing File System Objects beyond a single serialisation pass @@ -80,6 +80,7 @@ Thus, Git can encode some, but not all of Nix's "File System Objects", and this In the future, we may support a Git-like hash for such file system objects, or we may adopt another Merkle DAG format which is capable of representing all Nix file system objects. + [file system object]: ../file-system-object.md [store object]: ../store-object.md [xp-feature-git-hashing]: @docroot@/development/experimental-features.md#xp-feature-git-hashing diff --git a/doc/manual/source/store/store-object/content-address.md b/doc/manual/source/store/store-object/content-address.md index ff77dd4b682..5742b9fe153 100644 --- a/doc/manual/source/store/store-object/content-address.md +++ b/doc/manual/source/store/store-object/content-address.md @@ -50,7 +50,7 @@ The hashes of these modified input streams are used instead. When validating the content address of a store object after the fact, the above process works as written. However, when first creating the store object we don't know the store object's store path, as explained just above. -We therefore, strictly speaking, do not know what value we will be replacing with the sentinental value in the inputs to hash functions. +We therefore, strictly speaking, do not know what value we will be replacing with the sentinel value in the inputs to hash functions. What instead happens is that the provisional store object --- the data from which we wish to create a store object --- is paired with a provisional "scratch" store path (that presumably was chosen when the data was created). That provisional store path is instead what is replaced with the sentinel value, rather than the final store object which we do not yet know. From b50c557e747119d5d95dd1b15e7d19fd09393095 Mon Sep 17 00:00:00 2001 From: Sergei Zimmerman <145775305+xokdvium@users.noreply.github.com> Date: Sat, 8 Mar 2025 21:08:35 +0000 Subject: [PATCH 364/815] flake: Enable UBSAN for checks Doing this makes catching non-obvious bugs easier. GHA CI workload is already a concern and there isn't much benefit in running the tests with and without sanitizers at the same time, so UBSAN is enabled for default checks. This change doesn't affect production builds in any way, but is rather a step in the direction of improving automated testing during development. Relates to #10969. (cherry picked from commit 874587516ca21b55ad03ae6fa2b5428b199452eb) --- flake.nix | 38 +++++++++++++++++++++++++++++++++----- src/libutil/strings.cc | 4 +++- 2 files changed, 36 insertions(+), 6 deletions(-) diff --git a/flake.nix b/flake.nix index 037281eb55c..87f1350e000 100644 --- a/flake.nix +++ b/flake.nix @@ -267,18 +267,46 @@ flatMapAttrs ( { - "" = nixpkgsFor.${system}.native; + # Run all tests with UBSAN enabled. Running both with ubsan and + # without doesn't seem to have much immediate benefit for doubling + # the GHA CI workaround. + # + # TODO: Work toward enabling "address,undefined" if it seems feasible. + # This would maybe require dropping Boost coroutines and ignoring intentional + # memory leaks with detect_leaks=0. + "" = rec { + nixpkgs = nixpkgsFor.${system}.native; + nixComponents = nixpkgs.nixComponents.overrideScope ( + nixCompFinal: nixCompPrev: { + mesonComponentOverrides = _finalAttrs: prevAttrs: { + mesonFlags = + (prevAttrs.mesonFlags or [ ]) + # TODO: Macos builds instrumented with ubsan take very long + # to run functional tests. + ++ lib.optionals (!nixpkgs.stdenv.hostPlatform.isDarwin) [ + (lib.mesonOption "b_sanitize" "undefined") + ]; + }; + } + ); + }; } // lib.optionalAttrs (!nixpkgsFor.${system}.native.stdenv.hostPlatform.isDarwin) { # TODO: enable static builds for darwin, blocked on: # https://github.com/NixOS/nixpkgs/issues/320448 # TODO: disabled to speed up GHA CI. - #"static-" = nixpkgsFor.${system}.native.pkgsStatic; + # "static-" = { + # nixpkgs = nixpkgsFor.${system}.native.pkgsStatic; + # }; } ) ( - nixpkgsPrefix: nixpkgs: - flatMapAttrs nixpkgs.nixComponents ( + nixpkgsPrefix: + { + nixpkgs, + nixComponents ? nixpkgs.nixComponents, + }: + flatMapAttrs nixComponents ( pkgName: pkg: flatMapAttrs pkg.tests or { } ( testName: test: { @@ -287,7 +315,7 @@ ) ) // lib.optionalAttrs (nixpkgs.stdenv.hostPlatform == nixpkgs.stdenv.buildPlatform) { - "${nixpkgsPrefix}nix-functional-tests" = nixpkgs.nixComponents.nix-functional-tests; + "${nixpkgsPrefix}nix-functional-tests" = nixComponents.nix-functional-tests; } ) // devFlake.checks.${system} or { } diff --git a/src/libutil/strings.cc b/src/libutil/strings.cc index b94bca61184..1635321bb9c 100644 --- a/src/libutil/strings.cc +++ b/src/libutil/strings.cc @@ -17,8 +17,10 @@ struct view_stringbuf : public std::stringbuf } }; -std::string_view toView(const std::ostringstream & os) +__attribute__((no_sanitize("undefined"))) std::string_view toView(const std::ostringstream & os) { + /* Downcasting like this is very much undefined behavior, so we disable + UBSAN for this function. */ auto buf = static_cast(os.rdbuf()); return buf->toView(); } From 12f77a2fb91d6022fcd561a50dec56149116dcfe Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Thu, 27 Feb 2025 17:48:28 +0100 Subject: [PATCH 365/815] packaging: Make hydraJobs.build.* complete (cherry picked from commit d6139a339b98c3a5675757d6df52c79124d953b6) --- packaging/hydra.nix | 102 +++++++++++++++++++++++++++++++++----------- 1 file changed, 78 insertions(+), 24 deletions(-) diff --git a/packaging/hydra.nix b/packaging/hydra.nix index 44cbd753c9b..74e245f26c5 100644 --- a/packaging/hydra.nix +++ b/packaging/hydra.nix @@ -29,32 +29,86 @@ let # Technically we could just return `pkgs.nixComponents`, but for Hydra it's # convention to transpose it, and to transpose it efficiently, we need to # enumerate them manually, so that we don't evaluate unnecessary package sets. - forAllPackages = lib.genAttrs [ - "nix-everything" - "nix-util" - "nix-util-c" - "nix-util-test-support" - "nix-util-tests" - "nix-store" - "nix-store-c" - "nix-store-test-support" - "nix-store-tests" - "nix-fetchers" - "nix-fetchers-tests" - "nix-expr" - "nix-expr-c" - "nix-expr-test-support" - "nix-expr-tests" - "nix-flake" - "nix-flake-tests" - "nix-main" - "nix-main-c" - "nix-cmd" - "nix-cli" - "nix-functional-tests" - ]; + # See listingIsComplete below. + forAllPackages = forAllPackages' { }; + forAllPackages' = + { + enableBindings ? false, + enableDocs ? false, # already have separate attrs for these + }: + lib.genAttrs ( + [ + "nix-everything" + "nix-util" + "nix-util-c" + "nix-util-test-support" + "nix-util-tests" + "nix-store" + "nix-store-c" + "nix-store-test-support" + "nix-store-tests" + "nix-fetchers" + "nix-fetchers-tests" + "nix-expr" + "nix-expr-c" + "nix-expr-test-support" + "nix-expr-tests" + "nix-flake" + "nix-flake-c" + "nix-flake-tests" + "nix-main" + "nix-main-c" + "nix-cmd" + "nix-cli" + "nix-functional-tests" + ] + ++ lib.optionals enableBindings [ + "nix-perl-bindings" + ] + ++ lib.optionals enableDocs [ + "nix-manual" + "nix-internal-api-docs" + "nix-external-api-docs" + ] + ); in { + /** + An internal check to make sure our package listing is complete. + */ + listingIsComplete = + let + arbitrarySystem = "x86_64-linux"; + listedPkgs = forAllPackages' { + enableBindings = true; + enableDocs = true; + } (_: null); + actualPkgs = lib.concatMapAttrs ( + k: v: if lib.strings.hasPrefix "nix-" k then { ${k} = null; } else { } + ) nixpkgsFor.${arbitrarySystem}.native.nixComponents; + diff = lib.concatStringsSep "\n" ( + lib.concatLists ( + lib.mapAttrsToList ( + k: _: + if (listedPkgs ? ${k}) && !(actualPkgs ? ${k}) then + [ "- ${k}: redundant?" ] + else if !(listedPkgs ? ${k}) && (actualPkgs ? ${k}) then + [ "- ${k}: missing?" ] + else + [ ] + ) (listedPkgs // actualPkgs) + ) + ); + in + if listedPkgs == actualPkgs then + { } + else + throw '' + Please update the components list in hydra.nix (or fix this check) + Differences: + ${diff} + ''; + # Binary package for various platforms. build = forAllPackages ( pkgName: forAllSystems (system: nixpkgsFor.${system}.native.nixComponents.${pkgName}) From 5805f9cb93cbc49f9cf649b71b54c58735bd5864 Mon Sep 17 00:00:00 2001 From: Dmitry Bogatov Date: Sat, 8 Mar 2025 19:00:00 -0500 Subject: [PATCH 366/815] Improve the documentation of the store path protocol 1. Fix confusing wording that might imply unnecessary double-hashing. 2. Add references to specifics of base-32 encoding. 3. Fix incorrect description that sha256 hash of `fingerprint` is truncated. "Truncated" is actual wording used in Nix theses, but it has unusual meaning, that is better conveyed by word "compressed", which is used by the reference C++ implementation. 4. Clarify details of base16 encoding. (cherry picked from commit a0facb2aba1f643e7c2333bbf89e3765ca3f0351) --- doc/manual/source/protocols/store-path.md | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/doc/manual/source/protocols/store-path.md b/doc/manual/source/protocols/store-path.md index 9abd83f4f91..8469195ad76 100644 --- a/doc/manual/source/protocols/store-path.md +++ b/doc/manual/source/protocols/store-path.md @@ -20,9 +20,12 @@ where - `store-dir` = the [store directory](@docroot@/store/store-path.md#store-directory) -- `digest` = base-32 representation of the first 160 bits of a [SHA-256] hash of `fingerprint` +- `digest` = base-32 representation of the compressed to 160 bits [SHA-256] hash of `fingerprint` - This the hash part of the store name +For the definition of the hash compression algorithm, please refer to the section 5.1 of +the [Nix thesis](https://edolstra.github.io/pubs/phd-thesis.pdf), which also defines the +specifics of base-32 encoding. Note that base-32 encoding processes the hash bytestring from +the end, while base-16 processes in from the beginning. ## Fingerprint @@ -70,7 +73,8 @@ where `id` is the name of the output (usually, "out"). For content-addressed store objects, `id`, is always "out". -- `inner-digest` = base-16 representation of a SHA-256 hash of `inner-fingerprint` +- `inner-digest` = base-16 representation of a SHA-256 hash of `inner-fingerprint`. The + base-16 encoding uses lower-cased hex digits. ## Inner fingerprint @@ -82,7 +86,7 @@ where - if `type` = `"source:" ...`: - the hash of the [Nix Archive (NAR)] serialization of the [file system object](@docroot@/store/file-system-object.md) of the store object. + the [Nix Archive (NAR)] serialization of the [file system object](@docroot@/store/file-system-object.md) of the store object. - if `type` = `"output:" id`: From 5ab3b9c616a3cdca087fa86a0234783cfd502db7 Mon Sep 17 00:00:00 2001 From: Dmitry Bogatov Date: Tue, 11 Mar 2025 12:30:21 -0400 Subject: [PATCH 367/815] Update doc/manual/source/protocols/store-path.md Co-authored-by: John Ericson (cherry picked from commit affd9bbab7b9da0c60c023209bebe91fdbcdd3d5) --- doc/manual/source/protocols/store-path.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/manual/source/protocols/store-path.md b/doc/manual/source/protocols/store-path.md index 8469195ad76..ee7fb3a1296 100644 --- a/doc/manual/source/protocols/store-path.md +++ b/doc/manual/source/protocols/store-path.md @@ -73,8 +73,8 @@ the end, while base-16 processes in from the beginning. `id` is the name of the output (usually, "out"). For content-addressed store objects, `id`, is always "out". -- `inner-digest` = base-16 representation of a SHA-256 hash of `inner-fingerprint`. The - base-16 encoding uses lower-cased hex digits. +- `inner-digest` = base-16 representation of a SHA-256 hash of `inner-fingerprint`. + The base-16 encoding uses lower-cased hex digits. ## Inner fingerprint From a5c9b10083ffedd0c16e10eb5a1e8cad86bf9383 Mon Sep 17 00:00:00 2001 From: Sergei Zimmerman Date: Sun, 23 Mar 2025 22:10:43 +0000 Subject: [PATCH 368/815] libcmd/repl: Make `AbstractNixRepl::create` respect its `store` argument The only reference (according to clangd) to this function also uses `openStore`, so this is a no-op. (cherry picked from commit 8066e4b0c30d68bd7431f8a8c9c11d44765b0bf9) --- src/libcmd/repl.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libcmd/repl.cc b/src/libcmd/repl.cc index 281e1f6f048..68bf413290c 100644 --- a/src/libcmd/repl.cc +++ b/src/libcmd/repl.cc @@ -839,7 +839,7 @@ std::unique_ptr AbstractNixRepl::create( { return std::make_unique( lookupPath, - openStore(), + std::move(store), state, getValues ); From 49fa3e186981ef8dece5486d5d6ddf9b38a9d10a Mon Sep 17 00:00:00 2001 From: Sergei Zimmerman Date: Sun, 23 Mar 2025 22:13:14 +0000 Subject: [PATCH 369/815] libcmd/repl: Fix missing `runNix` in repl Without this :u, :sh and :i repl commands fail with: > Cannot run 'nix-shell'/`nix-env` because no method of calling the Nix > CLI was provided. This is a configuration problem pertaining to how > this program was built. Remove the default ctor argument as it evidently makes catching refactoring bugs much harder. `NixRepl` implementation lives completely in `repl.cc`, so we can be as explicit as necessary. (cherry picked from commit 44055dc09d12e85c3187a1a793c129ccb5d89050) --- src/libcmd/repl.cc | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/src/libcmd/repl.cc b/src/libcmd/repl.cc index 68bf413290c..38b2196434e 100644 --- a/src/libcmd/repl.cc +++ b/src/libcmd/repl.cc @@ -124,7 +124,7 @@ std::string removeWhitespace(std::string s) NixRepl::NixRepl(const LookupPath & lookupPath, nix::ref store, ref state, - std::function getValues, RunNix * runNix = nullptr) + std::function getValues, RunNix * runNix) : AbstractNixRepl(state) , debugTraceIndex(0) , getValues(getValues) @@ -841,7 +841,8 @@ std::unique_ptr AbstractNixRepl::create( lookupPath, std::move(store), state, - getValues + getValues, + runNix ); } @@ -859,7 +860,8 @@ ReplExitStatus AbstractNixRepl::runSimple( lookupPath, openStore(), evalState, - getValues + getValues, + /*runNix=*/nullptr ); repl->initEnv(); From 20ce98f87bf7e09724880e171bbf90ca8e44bcf3 Mon Sep 17 00:00:00 2001 From: Sergei Zimmerman Date: Sun, 23 Mar 2025 22:13:40 +0000 Subject: [PATCH 370/815] tests/functional: Add regression test for broken `:sh` in repl Can't really test `:u` because it needs . (cherry picked from commit d371aadb2b6587572ce84f3899c19ae9d14eb435) --- tests/functional/repl.sh | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tests/functional/repl.sh b/tests/functional/repl.sh index 59d1f1be02a..5d99fbb0276 100755 --- a/tests/functional/repl.sh +++ b/tests/functional/repl.sh @@ -56,6 +56,10 @@ testRepl () { nix repl "${nixArgs[@]}" 2>&1 <<< "builtins.currentSystem" \ | grep "$(nix-instantiate --eval -E 'builtins.currentSystem')" + # regression test for #12163 + replOutput=$(nix repl "${nixArgs[@]}" 2>&1 <<< ":sh import $testDir/simple.nix") + echo "$replOutput" | grepInverse "error: Cannot run 'nix-shell'" + expectStderr 1 nix repl "${testDir}/simple.nix" \ | grepQuiet -s "error: path '$testDir/simple.nix' is not a flake" } From 97356e9945e2b65d8c3ab64796fa8b722183a646 Mon Sep 17 00:00:00 2001 From: Brian McKenna Date: Fri, 7 Mar 2025 23:20:11 +1100 Subject: [PATCH 371/815] rapidcheck: change to working arbitrary instances Here we're switching to combinators instead of dereference operator. It turns out the dereference operator was being executed upon test setup, meaning that we were only using a only single value for each of the executions of the property tests! Really not good. And on Windows, we instead get: operator* is not allowed in this context https://github.com/emil-e/rapidcheck/blob/ff6af6fc683159deb51c543b065eba14dfcf329b/src/gen/detail/GenerationHandler.cpp#L16C31-L16C71 Now a few of the property tests fail, because we're generating cases which haven't been exercised before. (cherry picked from commit 9a04f1e73214df9cc477a36d219fcfede7bc763c) --- .../tests/value/context.cc | 33 ++++++---- .../tests/derived-path.cc | 62 ++++++++++++------- .../tests/outputs-spec.cc | 24 +++---- 3 files changed, 72 insertions(+), 47 deletions(-) diff --git a/src/libexpr-test-support/tests/value/context.cc b/src/libexpr-test-support/tests/value/context.cc index 8658bdaef16..36837cd6a1b 100644 --- a/src/libexpr-test-support/tests/value/context.cc +++ b/src/libexpr-test-support/tests/value/context.cc @@ -8,23 +8,32 @@ using namespace nix; Gen Arbitrary::arbitrary() { - return gen::just(NixStringContextElem::DrvDeep { - .drvPath = *gen::arbitrary(), + return gen::map(gen::arbitrary(), [](StorePath drvPath) { + return NixStringContextElem::DrvDeep{ + .drvPath = drvPath, + }; }); } Gen Arbitrary::arbitrary() { - switch (*gen::inRange(0, std::variant_size_v)) { - case 0: - return gen::just(*gen::arbitrary()); - case 1: - return gen::just(*gen::arbitrary()); - case 2: - return gen::just(*gen::arbitrary()); - default: - assert(false); - } + return gen::mapcat( + gen::inRange(0, std::variant_size_v), + [](uint8_t n) -> Gen { + switch (n) { + case 0: + return gen::map( + gen::arbitrary(), [](NixStringContextElem a) { return a; }); + case 1: + return gen::map( + gen::arbitrary(), [](NixStringContextElem a) { return a; }); + case 2: + return gen::map( + gen::arbitrary(), [](NixStringContextElem a) { return a; }); + default: + assert(false); + } + }); } } diff --git a/src/libstore-test-support/tests/derived-path.cc b/src/libstore-test-support/tests/derived-path.cc index 078615bbd01..b9f6a3171cf 100644 --- a/src/libstore-test-support/tests/derived-path.cc +++ b/src/libstore-test-support/tests/derived-path.cc @@ -9,49 +9,63 @@ using namespace nix; Gen Arbitrary::arbitrary() { - return gen::just(DerivedPath::Opaque { - .path = *gen::arbitrary(), + return gen::map(gen::arbitrary(), [](StorePath path) { + return DerivedPath::Opaque{ + .path = path, + }; }); } Gen Arbitrary::arbitrary() { - return gen::just(SingleDerivedPath::Built { - .drvPath = make_ref(*gen::arbitrary()), - .output = (*gen::arbitrary()).name, + return gen::mapcat(gen::arbitrary(), [](SingleDerivedPath drvPath) { + return gen::map(gen::arbitrary(), [drvPath](StorePathName outputPath) { + return SingleDerivedPath::Built{ + .drvPath = make_ref(drvPath), + .output = outputPath.name, + }; + }); }); } Gen Arbitrary::arbitrary() { - return gen::just(DerivedPath::Built { - .drvPath = make_ref(*gen::arbitrary()), - .outputs = *gen::arbitrary(), + return gen::mapcat(gen::arbitrary(), [](SingleDerivedPath drvPath) { + return gen::map(gen::arbitrary(), [drvPath](OutputsSpec outputs) { + return DerivedPath::Built{ + .drvPath = make_ref(drvPath), + .outputs = outputs, + }; + }); }); } Gen Arbitrary::arbitrary() { - switch (*gen::inRange(0, std::variant_size_v)) { - case 0: - return gen::just(*gen::arbitrary()); - case 1: - return gen::just(*gen::arbitrary()); - default: - assert(false); - } + return gen::mapcat(gen::inRange(0, std::variant_size_v), [](uint8_t n) { + switch (n) { + case 0: + return gen::map(gen::arbitrary(), [](SingleDerivedPath a) { return a; }); + case 1: + return gen::map(gen::arbitrary(), [](SingleDerivedPath a) { return a; }); + default: + assert(false); + } + }); } Gen Arbitrary::arbitrary() { - switch (*gen::inRange(0, std::variant_size_v)) { - case 0: - return gen::just(*gen::arbitrary()); - case 1: - return gen::just(*gen::arbitrary()); - default: - assert(false); - } + return gen::mapcat(gen::inRange(0, std::variant_size_v), [](uint8_t n) { + switch (n) { + case 0: + return gen::map(gen::arbitrary(), [](DerivedPath a) { return a; }); + case 1: + return gen::map(gen::arbitrary(), [](DerivedPath a) { return a; }); + default: + assert(false); + } + }); } } diff --git a/src/libstore-test-support/tests/outputs-spec.cc b/src/libstore-test-support/tests/outputs-spec.cc index e9d6022037b..1a3020f1724 100644 --- a/src/libstore-test-support/tests/outputs-spec.cc +++ b/src/libstore-test-support/tests/outputs-spec.cc @@ -7,18 +7,20 @@ using namespace nix; Gen Arbitrary::arbitrary() { - switch (*gen::inRange(0, std::variant_size_v)) { - case 0: - return gen::just((OutputsSpec) OutputsSpec::All { }); - case 1: - return gen::just((OutputsSpec) OutputsSpec::Names { - *gen::nonEmpty(gen::container(gen::map( - gen::arbitrary(), - [](StorePathName n) { return n.name; }))), + return gen::mapcat( + gen::inRange(0, std::variant_size_v), [](uint8_t n) -> Gen { + switch (n) { + case 0: + return gen::just((OutputsSpec) OutputsSpec::All{}); + case 1: + return gen::map( + gen::nonEmpty(gen::container( + gen::map(gen::arbitrary(), [](StorePathName n) { return n.name; }))), + [](StringSet names) { return (OutputsSpec) OutputsSpec::Names{names}; }); + default: + assert(false); + } }); - default: - assert(false); - } } } From 02bdedbeb642362be7347e7019322d5888571c33 Mon Sep 17 00:00:00 2001 From: Brian McKenna Date: Sat, 8 Mar 2025 10:56:44 +1100 Subject: [PATCH 372/815] coerceToSingleDerivedPathUnchecked: pass through experimental features This fixes a few of the property tests, now that the property tests are actually generating arbitrary data - some of that data now requiring experimental features to function properly. (cherry picked from commit c82ef825d4669d9720da4857ad9b1d270330c369) --- src/libexpr-tests/derived-path.cc | 11 +++++++---- src/libexpr-tests/value/context.cc | 4 +++- src/libexpr/eval.cc | 12 ++++++------ src/libexpr/eval.hh | 6 +++--- src/libstore-tests/derived-path.cc | 8 ++++++-- 5 files changed, 25 insertions(+), 16 deletions(-) diff --git a/src/libexpr-tests/derived-path.cc b/src/libexpr-tests/derived-path.cc index d5fc6f20155..634f9bf69d9 100644 --- a/src/libexpr-tests/derived-path.cc +++ b/src/libexpr-tests/derived-path.cc @@ -44,11 +44,11 @@ RC_GTEST_FIXTURE_PROP( * to worry about race conditions if the tests run concurrently. */ ExperimentalFeatureSettings mockXpSettings; - mockXpSettings.set("experimental-features", "ca-derivations"); + mockXpSettings.set("experimental-features", "ca-derivations dynamic-derivations"); auto * v = state.allocValue(); state.mkOutputString(*v, b, std::nullopt, mockXpSettings); - auto [d, _] = state.coerceToSingleDerivedPathUnchecked(noPos, *v, ""); + auto [d, _] = state.coerceToSingleDerivedPathUnchecked(noPos, *v, "", mockXpSettings); RC_ASSERT(SingleDerivedPath { b } == d); } @@ -57,9 +57,12 @@ RC_GTEST_FIXTURE_PROP( prop_derived_path_built_out_path_round_trip, (const SingleDerivedPath::Built & b, const StorePath & outPath)) { + ExperimentalFeatureSettings mockXpSettings; + mockXpSettings.set("experimental-features", "dynamic-derivations"); + auto * v = state.allocValue(); - state.mkOutputString(*v, b, outPath); - auto [d, _] = state.coerceToSingleDerivedPathUnchecked(noPos, *v, ""); + state.mkOutputString(*v, b, outPath, mockXpSettings); + auto [d, _] = state.coerceToSingleDerivedPathUnchecked(noPos, *v, "", mockXpSettings); RC_ASSERT(SingleDerivedPath { b } == d); } diff --git a/src/libexpr-tests/value/context.cc b/src/libexpr-tests/value/context.cc index 761286dbdcc..c8d62772f21 100644 --- a/src/libexpr-tests/value/context.cc +++ b/src/libexpr-tests/value/context.cc @@ -124,7 +124,9 @@ RC_GTEST_PROP( prop_round_rip, (const NixStringContextElem & o)) { - RC_ASSERT(o == NixStringContextElem::parse(o.to_string())); + ExperimentalFeatureSettings xpSettings; + xpSettings.set("experimental-features", "dynamic-derivations"); + RC_ASSERT(o == NixStringContextElem::parse(o.to_string(), xpSettings)); } #endif diff --git a/src/libexpr/eval.cc b/src/libexpr/eval.cc index b9b89773f45..2dcee49d9dc 100644 --- a/src/libexpr/eval.cc +++ b/src/libexpr/eval.cc @@ -2245,18 +2245,18 @@ std::string_view EvalState::forceString(Value & v, const PosIdx pos, std::string } -void copyContext(const Value & v, NixStringContext & context) +void copyContext(const Value & v, NixStringContext & context, const ExperimentalFeatureSettings & xpSettings) { if (v.payload.string.context) for (const char * * p = v.payload.string.context; *p; ++p) - context.insert(NixStringContextElem::parse(*p)); + context.insert(NixStringContextElem::parse(*p, xpSettings)); } -std::string_view EvalState::forceString(Value & v, NixStringContext & context, const PosIdx pos, std::string_view errorCtx) +std::string_view EvalState::forceString(Value & v, NixStringContext & context, const PosIdx pos, std::string_view errorCtx, const ExperimentalFeatureSettings & xpSettings) { auto s = forceString(v, pos, errorCtx); - copyContext(v, context); + copyContext(v, context, xpSettings); return s; } @@ -2462,10 +2462,10 @@ StorePath EvalState::coerceToStorePath(const PosIdx pos, Value & v, NixStringCon } -std::pair EvalState::coerceToSingleDerivedPathUnchecked(const PosIdx pos, Value & v, std::string_view errorCtx) +std::pair EvalState::coerceToSingleDerivedPathUnchecked(const PosIdx pos, Value & v, std::string_view errorCtx, const ExperimentalFeatureSettings & xpSettings) { NixStringContext context; - auto s = forceString(v, context, pos, errorCtx); + auto s = forceString(v, context, pos, errorCtx, xpSettings); auto csize = context.size(); if (csize != 1) error( diff --git a/src/libexpr/eval.hh b/src/libexpr/eval.hh index 5e3e915c62d..8bb8bbd3240 100644 --- a/src/libexpr/eval.hh +++ b/src/libexpr/eval.hh @@ -159,7 +159,7 @@ void printEnvBindings(const SymbolTable & st, const StaticEnv & se, const Env & std::unique_ptr mapStaticEnvBindings(const SymbolTable & st, const StaticEnv & se, const Env & env); -void copyContext(const Value & v, NixStringContext & context); +void copyContext(const Value & v, NixStringContext & context, const ExperimentalFeatureSettings & xpSettings = experimentalFeatureSettings); std::string printValue(EvalState & state, Value & v); @@ -525,7 +525,7 @@ public: */ void forceFunction(Value & v, const PosIdx pos, std::string_view errorCtx); std::string_view forceString(Value & v, const PosIdx pos, std::string_view errorCtx); - std::string_view forceString(Value & v, NixStringContext & context, const PosIdx pos, std::string_view errorCtx); + std::string_view forceString(Value & v, NixStringContext & context, const PosIdx pos, std::string_view errorCtx, const ExperimentalFeatureSettings & xpSettings = experimentalFeatureSettings); std::string_view forceStringNoCtx(Value & v, const PosIdx pos, std::string_view errorCtx); template @@ -577,7 +577,7 @@ public: /** * Part of `coerceToSingleDerivedPath()` without any store IO which is exposed for unit testing only. */ - std::pair coerceToSingleDerivedPathUnchecked(const PosIdx pos, Value & v, std::string_view errorCtx); + std::pair coerceToSingleDerivedPathUnchecked(const PosIdx pos, Value & v, std::string_view errorCtx, const ExperimentalFeatureSettings & xpSettings = experimentalFeatureSettings); /** * Coerce to `SingleDerivedPath`. diff --git a/src/libstore-tests/derived-path.cc b/src/libstore-tests/derived-path.cc index c62d79a78ca..64e3a12c95d 100644 --- a/src/libstore-tests/derived-path.cc +++ b/src/libstore-tests/derived-path.cc @@ -84,7 +84,9 @@ RC_GTEST_FIXTURE_PROP( prop_legacy_round_rip, (const DerivedPath & o)) { - RC_ASSERT(o == DerivedPath::parseLegacy(*store, o.to_string_legacy(*store))); + ExperimentalFeatureSettings xpSettings; + xpSettings.set("experimental-features", "dynamic-derivations"); + RC_ASSERT(o == DerivedPath::parseLegacy(*store, o.to_string_legacy(*store), xpSettings)); } RC_GTEST_FIXTURE_PROP( @@ -92,7 +94,9 @@ RC_GTEST_FIXTURE_PROP( prop_round_rip, (const DerivedPath & o)) { - RC_ASSERT(o == DerivedPath::parse(*store, o.to_string(*store))); + ExperimentalFeatureSettings xpSettings; + xpSettings.set("experimental-features", "dynamic-derivations"); + RC_ASSERT(o == DerivedPath::parse(*store, o.to_string(*store), xpSettings)); } #endif From bbbaf4afa032df8b100266c491bebb00cd1ed587 Mon Sep 17 00:00:00 2001 From: Brian McKenna Date: Sat, 8 Mar 2025 19:51:25 +1100 Subject: [PATCH 373/815] DerivedPathTest: disable prop_legacy_round_rip until fixed (cherry picked from commit c58202c6f98e452ff4b61aa5b65a5b3c7de63a3b) --- src/libstore-tests/derived-path.cc | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/src/libstore-tests/derived-path.cc b/src/libstore-tests/derived-path.cc index 64e3a12c95d..97ded518385 100644 --- a/src/libstore-tests/derived-path.cc +++ b/src/libstore-tests/derived-path.cc @@ -79,9 +79,14 @@ TEST_F(DerivedPathTest, built_built_xp) { #ifndef COVERAGE +/* TODO: Disabled due to the following error: + + path '00000000000000000000000000000000-0^0' is not a valid store path: + name '0^0' contains illegal character '^' +*/ RC_GTEST_FIXTURE_PROP( DerivedPathTest, - prop_legacy_round_rip, + DISABLED_prop_legacy_round_rip, (const DerivedPath & o)) { ExperimentalFeatureSettings xpSettings; From c0b219cf46dad26da76ca10389c8d9559f3f7997 Mon Sep 17 00:00:00 2001 From: John Ericson Date: Fri, 28 Mar 2025 13:01:20 -0400 Subject: [PATCH 374/815] Cleanup config header for libcmd - Since it's now private, give it a rename. Note that I want to switch the word order on the public ones too. - Since it is only needed by two files, just include there rather than the nasty blanket-forced thing. (cherry picked from commit 326548bae56b6d751d87778854c3056442325423) --- src/libcmd/markdown.cc | 2 ++ src/libcmd/meson.build | 3 +-- src/libcmd/repl-interacter.cc | 2 ++ 3 files changed, 5 insertions(+), 2 deletions(-) diff --git a/src/libcmd/markdown.cc b/src/libcmd/markdown.cc index 4566e6ba63c..faf4c661003 100644 --- a/src/libcmd/markdown.cc +++ b/src/libcmd/markdown.cc @@ -4,6 +4,8 @@ #include "finally.hh" #include "terminal.hh" +#include "cmd-config-private.hh" + #if HAVE_LOWDOWN # include # include diff --git a/src/libcmd/meson.build b/src/libcmd/meson.build index 85d22a5f3fa..70d3b95dab5 100644 --- a/src/libcmd/meson.build +++ b/src/libcmd/meson.build @@ -55,7 +55,7 @@ endif config_h = configure_file( configuration : configdata, - output : 'config-cmd.hh', + output : 'cmd-config-private.hh', ) add_project_arguments( @@ -64,7 +64,6 @@ add_project_arguments( '-include', 'config-util.hh', '-include', 'config-store.hh', '-include', 'config-expr.hh', - '-include', 'config-cmd.hh', language : 'cpp', ) diff --git a/src/libcmd/repl-interacter.cc b/src/libcmd/repl-interacter.cc index 187af46eaa4..d8c8dd99db6 100644 --- a/src/libcmd/repl-interacter.cc +++ b/src/libcmd/repl-interacter.cc @@ -1,3 +1,5 @@ +#include "cmd-config-private.hh" + #include #ifdef USE_READLINE From 15658b259f43da8ea4a5bcac5f874149e2fb3e49 Mon Sep 17 00:00:00 2001 From: John Ericson Date: Thu, 20 Feb 2025 14:15:07 -0500 Subject: [PATCH 375/815] Separate headers from source files The short answer for why we need to do this is so we can consistently do `#include "nix/..."`. Without this change, there are ways to still make that work, but they are hacky, and they have downsides such as making it harder to make sure headers from the wrong Nix library (e..g. `libnixexpr` headers in `libnixutil`) aren't being used. The C API alraedy used `nix_api_*`, so its headers are *not* put in subdirectories accordingly. Progress on #7876 We resisted doing this for a while because it would be annoying to not have the header source file pairs close by / easy to change file path/name from one to the other. But I am ameliorating that with symlinks in the next commit. (cherry picked from commit f3e1c47f47ba051c16ebdb6f792c69350316c7ed) --- doc/manual/source/development/testing.md | 12 +- maintainers/flake-module.nix | 338 +++++++++--------- nix-meson-build-support/export/meson.build | 1 - src/build-remote/build-remote.cc | 26 +- src/libcmd/built-path.cc | 8 +- src/libcmd/command-installable-value.cc | 2 +- src/libcmd/command.cc | 20 +- src/libcmd/common-eval-args.cc | 34 +- src/libcmd/editor-for.cc | 6 +- src/libcmd/{ => include/nix}/built-path.hh | 4 +- .../nix}/command-installable-value.hh | 4 +- src/libcmd/{ => include/nix}/command.hh | 10 +- .../{ => include/nix}/common-eval-args.hh | 8 +- .../nix}/compatibility-settings.hh | 2 +- src/libcmd/{ => include/nix}/editor-for.hh | 4 +- .../nix}/installable-attr-path.hh | 32 +- .../nix}/installable-derived-path.hh | 2 +- .../{ => include/nix}/installable-flake.hh | 4 +- .../{ => include/nix}/installable-value.hh | 4 +- src/libcmd/{ => include/nix}/installables.hh | 12 +- src/libcmd/{ => include/nix}/legacy.hh | 0 src/libcmd/{ => include/nix}/markdown.hh | 0 src/libcmd/include/nix/meson.build | 23 ++ .../{ => include/nix}/misc-store-flags.hh | 4 +- src/libcmd/{ => include/nix}/network-proxy.hh | 2 +- .../{ => include/nix}/repl-interacter.hh | 4 +- src/libcmd/{ => include/nix}/repl.hh | 2 +- src/libcmd/installable-attr-path.cc | 36 +- src/libcmd/installable-derived-path.cc | 4 +- src/libcmd/installable-flake.cc | 38 +- src/libcmd/installable-value.cc | 6 +- src/libcmd/installables.cc | 48 +-- src/libcmd/legacy.cc | 2 +- src/libcmd/markdown.cc | 10 +- src/libcmd/meson.build | 28 +- src/libcmd/misc-store-flags.cc | 2 +- src/libcmd/network-proxy.cc | 4 +- src/libcmd/package.nix | 1 + src/libcmd/repl-interacter.cc | 12 +- src/libcmd/repl.cc | 56 +-- src/libexpr-c/meson.build | 8 +- src/libexpr-c/nix_api_expr.cc | 10 +- src/libexpr-c/nix_api_expr_internal.h | 10 +- src/libexpr-c/nix_api_external.cc | 12 +- src/libexpr-c/nix_api_external.h | 7 +- src/libexpr-c/nix_api_value.cc | 16 +- src/libexpr-c/nix_api_value.h | 7 +- .../include/nix/meson.build | 9 + .../{ => include/nix}/tests/libexpr.hh | 20 +- .../{ => include/nix}/tests/nix_api_expr.hh | 2 +- .../{ => include/nix}/tests/value/context.hh | 2 +- src/libexpr-test-support/meson.build | 14 +- src/libexpr-test-support/package.nix | 1 + .../tests/value/context.cc | 4 +- src/libexpr-tests/derived-path.cc | 4 +- src/libexpr-tests/error_traces.cc | 2 +- src/libexpr-tests/eval.cc | 4 +- src/libexpr-tests/json.cc | 4 +- src/libexpr-tests/main.cc | 4 +- src/libexpr-tests/meson.build | 6 +- src/libexpr-tests/nix_api_expr.cc | 6 +- src/libexpr-tests/nix_api_external.cc | 4 +- src/libexpr-tests/nix_api_value.cc | 6 +- src/libexpr-tests/primops.cc | 6 +- src/libexpr-tests/search-path.cc | 2 +- src/libexpr-tests/trivial.cc | 2 +- src/libexpr-tests/value/context.cc | 6 +- src/libexpr-tests/value/print.cc | 6 +- src/libexpr-tests/value/value.cc | 4 +- src/libexpr/attr-path.cc | 4 +- src/libexpr/attr-set.cc | 4 +- src/libexpr/eval-cache.cc | 14 +- src/libexpr/eval-error.cc | 6 +- src/libexpr/eval-gc.cc | 12 +- src/libexpr/eval-settings.cc | 10 +- src/libexpr/eval.cc | 45 +-- src/libexpr/function-trace.cc | 4 +- src/libexpr/get-drvs.cc | 10 +- src/libexpr/{ => include/nix}/attr-path.hh | 2 +- src/libexpr/{ => include/nix}/attr-set.hh | 4 +- src/libexpr/{ => include/nix}/eval-cache.hh | 6 +- src/libexpr/{ => include/nix}/eval-error.hh | 4 +- src/libexpr/{ => include/nix}/eval-gc.hh | 0 src/libexpr/{ => include/nix}/eval-inline.hh | 8 +- .../{ => include/nix}/eval-settings.hh | 4 +- src/libexpr/{ => include/nix}/eval.hh | 30 +- .../{ => include/nix}/function-trace.hh | 2 +- .../{ => include/nix}/gc-small-vector.hh | 2 +- src/libexpr/{ => include/nix}/get-drvs.hh | 4 +- .../{ => include/nix}/json-to-value.hh | 2 +- .../{ => include/nix}/lexer-helpers.hh | 0 src/libexpr/include/nix/meson.build | 37 ++ src/libexpr/{ => include/nix}/nixexpr.hh | 8 +- src/libexpr/{ => include/nix}/parser-state.hh | 2 +- src/libexpr/{ => include/nix}/primops.hh | 2 +- .../{ => include/nix}/print-ambiguous.hh | 2 +- .../{ => include/nix}/print-options.hh | 0 src/libexpr/{ => include/nix}/print.hh | 4 +- .../{ => include/nix}/repl-exit-status.hh | 0 src/libexpr/{ => include/nix}/search-path.hh | 4 +- src/libexpr/{ => include/nix}/symbol-table.hh | 6 +- .../{ => include/nix}/value-to-json.hh | 4 +- src/libexpr/{ => include/nix}/value-to-xml.hh | 4 +- src/libexpr/{ => include/nix}/value.hh | 12 +- .../{ => include/nix}/value/context.hh | 6 +- src/libexpr/json-to-value.cc | 6 +- src/libexpr/lexer-helpers.cc | 3 +- src/libexpr/lexer.l | 6 +- src/libexpr/meson.build | 44 +-- src/libexpr/nixexpr.cc | 12 +- src/libexpr/package.nix | 1 + src/libexpr/parser.y | 16 +- src/libexpr/paths.cc | 4 +- src/libexpr/primops.cc | 32 +- src/libexpr/primops/context.cc | 8 +- src/libexpr/primops/fetchClosure.cc | 10 +- src/libexpr/primops/fetchMercurial.cc | 14 +- src/libexpr/primops/fetchTree.cc | 24 +- src/libexpr/primops/fromTOML.cc | 4 +- src/libexpr/print-ambiguous.cc | 8 +- src/libexpr/print.cc | 14 +- src/libexpr/search-path.cc | 2 +- src/libexpr/value-to-json.cc | 8 +- src/libexpr/value-to-xml.cc | 8 +- src/libexpr/value/context.cc | 4 +- src/libfetchers-tests/access-tokens.cc | 11 +- src/libfetchers-tests/git-utils.cc | 12 +- src/libfetchers-tests/meson.build | 6 +- src/libfetchers-tests/public-key.cc | 6 +- src/libfetchers/attrs.cc | 4 +- src/libfetchers/cache.cc | 10 +- src/libfetchers/fetch-settings.cc | 2 +- src/libfetchers/fetch-to-store.cc | 6 +- src/libfetchers/fetchers.cc | 14 +- src/libfetchers/filtering-source-accessor.cc | 2 +- src/libfetchers/git-lfs-fetch.cc | 14 +- src/libfetchers/git-utils.cc | 18 +- src/libfetchers/git.cc | 34 +- src/libfetchers/github.cc | 24 +- src/libfetchers/{ => include/nix}/attrs.hh | 4 +- src/libfetchers/{ => include/nix}/cache.hh | 4 +- .../{ => include/nix}/fetch-settings.hh | 4 +- .../{ => include/nix}/fetch-to-store.hh | 10 +- src/libfetchers/{ => include/nix}/fetchers.hh | 14 +- .../nix}/filtering-source-accessor.hh | 2 +- .../{ => include/nix}/git-lfs-fetch.hh | 6 +- .../{ => include/nix}/git-utils.hh | 4 +- src/libfetchers/include/nix/meson.build | 15 + src/libfetchers/{ => include/nix}/registry.hh | 4 +- .../{ => include/nix}/store-path-accessor.hh | 2 +- src/libfetchers/{ => include/nix}/tarball.hh | 8 +- src/libfetchers/indirect.cc | 6 +- src/libfetchers/mercurial.cc | 20 +- src/libfetchers/meson.build | 22 +- src/libfetchers/package.nix | 1 + src/libfetchers/path.cc | 8 +- src/libfetchers/registry.cc | 14 +- src/libfetchers/store-path-accessor.cc | 4 +- src/libfetchers/tarball.cc | 22 +- src/libflake-c/meson.build | 10 +- src/libflake-c/nix_api_flake.cc | 2 +- src/libflake-c/nix_api_flake_internal.hh | 4 +- src/libflake-tests/flakeref.cc | 4 +- src/libflake-tests/meson.build | 6 +- src/libflake-tests/nix_api_flake.cc | 4 +- src/libflake-tests/url-name.cc | 2 +- src/libflake/flake/config.cc | 8 +- src/libflake/flake/flake-primops.cc | 10 +- src/libflake/flake/flake.cc | 33 +- src/libflake/flake/flakeref.cc | 10 +- src/libflake/flake/lockfile.cc | 10 +- src/libflake/flake/settings.cc | 4 +- src/libflake/flake/url-name.cc | 2 +- .../{ => include/nix}/flake/flake-primops.hh | 6 +- src/libflake/{ => include/nix}/flake/flake.hh | 8 +- .../{ => include/nix}/flake/flakeref.hh | 8 +- .../{ => include/nix}/flake/lockfile.hh | 2 +- .../{ => include/nix}/flake/settings.hh | 2 +- .../{ => include/nix}/flake/url-name.hh | 8 +- src/libflake/include/nix/meson.build | 11 + src/libflake/meson.build | 18 +- src/libflake/package.nix | 1 + src/libmain-c/meson.build | 6 +- src/libmain-c/nix_api_main.cc | 2 +- src/libmain/common-args.cc | 16 +- src/libmain/{ => include/nix}/common-args.hh | 4 +- src/libmain/{ => include/nix}/loggers.hh | 2 +- src/libmain/include/nix/meson.build | 16 + src/libmain/{ => include/nix}/plugin.hh | 0 src/libmain/{ => include/nix}/progress-bar.hh | 2 +- src/libmain/{ => include/nix}/shared.hh | 14 +- src/libmain/loggers.cc | 6 +- src/libmain/meson.build | 21 +- src/libmain/package.nix | 1 + src/libmain/plugin.cc | 4 +- src/libmain/progress-bar.cc | 10 +- src/libmain/shared.cc | 20 +- src/libmain/unix/stack.cc | 4 +- src/libstore-c/meson.build | 6 +- src/libstore-c/nix_api_store.cc | 8 +- src/libstore-c/nix_api_store_internal.h | 2 +- .../{tests => }/derived-path.cc | 2 +- .../include/nix/meson.build | 12 + .../{ => include/nix}/tests/derived-path.hh | 6 +- .../{ => include/nix}/tests/libstore.hh | 2 +- .../{ => include/nix}/tests/nix_api_store.hh | 4 +- .../{ => include/nix}/tests/outputs-spec.hh | 4 +- .../{ => include/nix}/tests/path.hh | 2 +- .../{ => include/nix}/tests/protocol.hh | 4 +- src/libstore-test-support/meson.build | 21 +- .../{tests => }/outputs-spec.cc | 2 +- src/libstore-test-support/package.nix | 1 + src/libstore-test-support/{tests => }/path.cc | 8 +- src/libstore-tests/common-protocol.cc | 10 +- src/libstore-tests/content-address.cc | 2 +- .../derivation-advanced-attrs.cc | 20 +- src/libstore-tests/derivation.cc | 8 +- src/libstore-tests/derived-path.cc | 4 +- src/libstore-tests/downstream-placeholder.cc | 2 +- src/libstore-tests/http-binary-cache-store.cc | 2 +- src/libstore-tests/legacy-ssh-store.cc | 2 +- .../local-binary-cache-store.cc | 2 +- src/libstore-tests/local-overlay-store.cc | 2 +- src/libstore-tests/local-store.cc | 8 +- src/libstore-tests/machines.cc | 8 +- src/libstore-tests/meson.build | 4 +- src/libstore-tests/nar-info-disk-cache.cc | 4 +- src/libstore-tests/nar-info.cc | 8 +- src/libstore-tests/nix_api_store.cc | 4 +- src/libstore-tests/outputs-spec.cc | 2 +- src/libstore-tests/path-info.cc | 6 +- src/libstore-tests/path.cc | 10 +- src/libstore-tests/references.cc | 2 +- src/libstore-tests/s3-binary-cache-store.cc | 2 +- src/libstore-tests/serve-protocol.cc | 14 +- src/libstore-tests/ssh-store.cc | 2 +- src/libstore-tests/store-reference.cc | 8 +- src/libstore-tests/uds-remote-store.cc | 2 +- src/libstore-tests/worker-protocol.cc | 14 +- src/libstore/binary-cache-store.cc | 30 +- src/libstore/build-result.cc | 2 +- src/libstore/build/derivation-goal.cc | 36 +- .../build/drv-output-substitution-goal.cc | 10 +- src/libstore/build/entry-points.cc | 10 +- src/libstore/build/goal.cc | 4 +- src/libstore/build/substitution-goal.cc | 10 +- src/libstore/build/worker.cc | 18 +- src/libstore/builtins/buildenv.cc | 6 +- src/libstore/builtins/fetchurl.cc | 10 +- src/libstore/builtins/unpack-channel.cc | 4 +- src/libstore/common-protocol.cc | 16 +- src/libstore/common-ssh-store-config.cc | 4 +- src/libstore/content-address.cc | 6 +- src/libstore/daemon.cc | 36 +- src/libstore/derivation-options.cc | 10 +- src/libstore/derivations.cc | 22 +- src/libstore/derived-path-map.cc | 4 +- src/libstore/derived-path.cc | 8 +- src/libstore/downstream-placeholder.cc | 4 +- src/libstore/dummy-store.cc | 4 +- src/libstore/export-import.cc | 10 +- src/libstore/filetransfer.cc | 20 +- src/libstore/gc.cc | 16 +- src/libstore/globals.cc | 22 +- src/libstore/http-binary-cache-store.cc | 10 +- .../{ => include/nix}/binary-cache-store.hh | 8 +- .../{ => include/nix}/build-result.hh | 4 +- .../nix}/build/derivation-goal.hh | 14 +- .../build/drv-output-substitution-goal.hh | 8 +- src/libstore/{ => include/nix}/build/goal.hh | 4 +- .../nix}/build/substitution-goal.hh | 8 +- .../{ => include/nix}/build/worker.hh | 10 +- src/libstore/{ => include/nix}/builtins.hh | 2 +- .../{ => include/nix}/builtins/buildenv.hh | 2 +- .../{ => include/nix}/common-protocol-impl.hh | 4 +- .../{ => include/nix}/common-protocol.hh | 2 +- .../nix}/common-ssh-store-config.hh | 2 +- .../{ => include/nix}/content-address.hh | 8 +- src/libstore/{ => include/nix}/daemon.hh | 4 +- .../{ => include/nix}/derivation-options.hh | 4 +- src/libstore/{ => include/nix}/derivations.hh | 16 +- .../{ => include/nix}/derived-path-map.hh | 4 +- .../{ => include/nix}/derived-path.hh | 8 +- .../nix}/downstream-placeholder.hh | 6 +- .../{ => include/nix}/filetransfer.hh | 10 +- src/libstore/{ => include/nix}/gc-store.hh | 2 +- src/libstore/{ => include/nix}/globals.hh | 10 +- .../nix}/http-binary-cache-store.hh | 2 +- .../{ => include/nix}/indirect-root-store.hh | 2 +- src/libstore/{ => include/nix}/keys.hh | 2 +- .../{ => include/nix}/legacy-ssh-store.hh | 12 +- .../nix}/length-prefixed-protocol-helper.hh | 2 +- .../nix}/local-binary-cache-store.hh | 2 +- .../{ => include/nix}/local-fs-store.hh | 6 +- .../{ => include/nix}/local-overlay-store.hh | 2 +- src/libstore/{ => include/nix}/local-store.hh | 10 +- src/libstore/{ => include/nix}/log-store.hh | 2 +- src/libstore/{ => include/nix}/machines.hh | 4 +- .../nix}/make-content-addressed.hh | 2 +- src/libstore/include/nix/meson.build | 81 +++++ src/libstore/{ => include/nix}/names.hh | 2 +- .../{ => include/nix}/nar-accessor.hh | 2 +- .../{ => include/nix}/nar-info-disk-cache.hh | 6 +- src/libstore/{ => include/nix}/nar-info.hh | 6 +- .../{ => include/nix}/outputs-spec.hh | 4 +- .../{ => include/nix}/parsed-derivations.hh | 4 +- src/libstore/{ => include/nix}/path-info.hh | 8 +- .../{ => include/nix}/path-references.hh | 4 +- src/libstore/{ => include/nix}/path-regex.hh | 0 .../{ => include/nix}/path-with-outputs.hh | 4 +- src/libstore/{ => include/nix}/path.hh | 2 +- src/libstore/{ => include/nix}/pathlocks.hh | 2 +- .../nix}/posix-fs-canonicalise.hh | 4 +- src/libstore/{ => include/nix}/profiles.hh | 4 +- src/libstore/{ => include/nix}/realisation.hh | 10 +- .../{ => include/nix}/remote-fs-accessor.hh | 6 +- .../nix}/remote-store-connection.hh | 8 +- .../{ => include/nix}/remote-store.hh | 6 +- .../nix}/s3-binary-cache-store.hh | 2 +- src/libstore/{ => include/nix}/s3.hh | 2 +- .../nix}/serve-protocol-connection.hh | 4 +- .../{ => include/nix}/serve-protocol-impl.hh | 4 +- .../{ => include/nix}/serve-protocol.hh | 2 +- src/libstore/{ => include/nix}/sqlite.hh | 2 +- src/libstore/{ => include/nix}/ssh-store.hh | 8 +- src/libstore/{ => include/nix}/ssh.hh | 6 +- src/libstore/{ => include/nix}/store-api.hh | 28 +- src/libstore/{ => include/nix}/store-cast.hh | 2 +- .../{ => include/nix}/store-dir-config.hh | 10 +- .../{ => include/nix}/store-reference.hh | 2 +- .../{ => include/nix}/uds-remote-store.hh | 6 +- .../nix}/worker-protocol-connection.hh | 4 +- .../{ => include/nix}/worker-protocol-impl.hh | 4 +- .../{ => include/nix}/worker-protocol.hh | 2 +- src/libstore/indirect-root-store.cc | 2 +- src/libstore/keys.cc | 6 +- src/libstore/legacy-ssh-store.cc | 28 +- .../{ => include/nix}/fchmodat2-compat.hh | 0 src/libstore/linux/include/nix/meson.build | 6 + .../linux/{ => include/nix}/personality.hh | 0 src/libstore/linux/meson.build | 7 +- src/libstore/linux/personality.cc | 4 +- src/libstore/local-binary-cache-store.cc | 8 +- src/libstore/local-fs-store.cc | 14 +- src/libstore/local-overlay-store.cc | 10 +- src/libstore/local-store.cc | 40 +-- src/libstore/log-store.cc | 2 +- src/libstore/machines.cc | 6 +- src/libstore/make-content-addressed.cc | 4 +- src/libstore/meson.build | 85 +---- src/libstore/misc.cc | 24 +- src/libstore/names.cc | 4 +- src/libstore/nar-accessor.cc | 4 +- src/libstore/nar-info-disk-cache.cc | 12 +- src/libstore/nar-info.cc | 10 +- src/libstore/optimise-store.cc | 10 +- src/libstore/outputs-spec.cc | 10 +- src/libstore/package.nix | 3 + src/libstore/parsed-derivations.cc | 2 +- src/libstore/path-info.cc | 10 +- src/libstore/path-references.cc | 6 +- src/libstore/path-with-outputs.cc | 6 +- src/libstore/path.cc | 2 +- src/libstore/pathlocks.cc | 8 +- src/libstore/posix-fs-canonicalise.cc | 12 +- src/libstore/profiles.cc | 10 +- src/libstore/realisation.cc | 8 +- src/libstore/remote-fs-accessor.cc | 4 +- src/libstore/remote-store.cc | 40 +-- src/libstore/s3-binary-cache-store.cc | 16 +- src/libstore/serve-protocol-connection.cc | 8 +- src/libstore/serve-protocol.cc | 16 +- src/libstore/sqlite.cc | 10 +- src/libstore/ssh-store.cc | 18 +- src/libstore/ssh.cc | 12 +- src/libstore/store-api.cc | 42 +-- src/libstore/store-reference.cc | 10 +- src/libstore/uds-remote-store.cc | 6 +- src/libstore/unix/build/child.cc | 6 +- src/libstore/unix/build/hook-instance.cc | 14 +- .../unix/build/local-derivation-goal.cc | 54 +-- .../unix/{ => include/nix}/build/child.hh | 0 .../{ => include/nix}/build/hook-instance.hh | 6 +- .../nix}/build/local-derivation-goal.hh | 6 +- src/libstore/unix/include/nix/meson.build | 8 + .../unix/{ => include/nix}/user-lock.hh | 0 src/libstore/unix/meson.build | 12 +- src/libstore/unix/pathlocks.cc | 8 +- src/libstore/unix/user-lock.cc | 10 +- src/libstore/windows/pathlocks.cc | 10 +- src/libstore/worker-protocol-connection.cc | 8 +- src/libstore/worker-protocol.cc | 16 +- src/libutil-c/meson.build | 6 +- src/libutil-c/nix_api_util.cc | 8 +- src/libutil-c/nix_api_util_internal.h | 2 +- src/libutil-test-support/{tests => }/hash.cc | 4 +- .../include/nix/meson.build | 11 + .../nix}/tests/characterization.hh | 6 +- .../nix}/tests/gtest-with-params.hh | 0 .../{ => include/nix}/tests/hash.hh | 2 +- .../{ => include/nix}/tests/nix_api_util.hh | 0 .../nix}/tests/string_callback.hh | 0 .../tests/tracing-file-system-object-sink.hh | 2 +- src/libutil-test-support/meson.build | 16 +- src/libutil-test-support/package.nix | 1 + .../{tests => }/string_callback.cc | 2 +- .../tracing-file-system-object-sink.cc | 2 +- src/libutil-tests/args.cc | 4 +- src/libutil-tests/canon-path.cc | 2 +- src/libutil-tests/checked-arithmetic.cc | 4 +- src/libutil-tests/chunked-vector.cc | 2 +- src/libutil-tests/closure.cc | 2 +- src/libutil-tests/compression.cc | 2 +- src/libutil-tests/config.cc | 4 +- src/libutil-tests/executable-path.cc | 2 +- src/libutil-tests/file-content-address.cc | 2 +- src/libutil-tests/file-system.cc | 12 +- src/libutil-tests/git.cc | 6 +- src/libutil-tests/hash.cc | 2 +- src/libutil-tests/hilite.cc | 2 +- src/libutil-tests/json-utils.cc | 4 +- src/libutil-tests/logging.cc | 4 +- src/libutil-tests/lru-cache.cc | 2 +- src/libutil-tests/nix_api_util.cc | 8 +- src/libutil-tests/pool.cc | 2 +- src/libutil-tests/position.cc | 2 +- src/libutil-tests/processes.cc | 2 +- src/libutil-tests/references.cc | 2 +- src/libutil-tests/spawn.cc | 2 +- src/libutil-tests/strings.cc | 4 +- src/libutil-tests/suggestions.cc | 2 +- src/libutil-tests/terminal.cc | 8 +- src/libutil-tests/url.cc | 2 +- src/libutil-tests/util.cc | 10 +- src/libutil-tests/xml-writer.cc | 2 +- src/libutil/archive.cc | 12 +- src/libutil/args.cc | 14 +- src/libutil/canon-path.cc | 8 +- src/libutil/compression.cc | 10 +- src/libutil/compute-levels.cc | 2 +- src/libutil/config-global.cc | 2 +- src/libutil/config.cc | 18 +- src/libutil/current-process.cc | 16 +- src/libutil/english.cc | 2 +- src/libutil/environment-variables.cc | 4 +- src/libutil/error.cc | 12 +- src/libutil/executable-path.cc | 10 +- src/libutil/exit.cc | 2 +- src/libutil/experimental-features.cc | 8 +- src/libutil/file-content-address.cc | 8 +- src/libutil/file-descriptor.cc | 6 +- src/libutil/file-system.cc | 18 +- src/libutil/fs-sink.cc | 10 +- src/libutil/git.cc | 10 +- src/libutil/hash.cc | 10 +- src/libutil/hilite.cc | 2 +- .../nix}/abstract-setting-to-json.hh | 4 +- src/libutil/{ => include/nix}/ansicolor.hh | 0 src/libutil/{ => include/nix}/archive.hh | 6 +- src/libutil/{ => include/nix}/args.hh | 6 +- src/libutil/{ => include/nix}/args/root.hh | 2 +- src/libutil/{ => include/nix}/callback.hh | 0 src/libutil/{ => include/nix}/canon-path.hh | 0 .../{ => include/nix}/checked-arithmetic.hh | 0 .../{ => include/nix}/chunked-vector.hh | 2 +- src/libutil/{ => include/nix}/closure.hh | 2 +- src/libutil/{ => include/nix}/comparator.hh | 0 src/libutil/{ => include/nix}/compression.hh | 6 +- .../{ => include/nix}/compute-levels.hh | 2 +- .../{ => include/nix}/config-global.hh | 2 +- src/libutil/{ => include/nix}/config-impl.hh | 4 +- src/libutil/{ => include/nix}/config.hh | 4 +- .../{ => include/nix}/current-process.hh | 2 +- src/libutil/{ => include/nix}/english.hh | 0 .../nix}/environment-variables.hh | 4 +- src/libutil/{ => include/nix}/error.hh | 4 +- src/libutil/{ => include/nix}/exec.hh | 2 +- .../{ => include/nix}/executable-path.hh | 2 +- src/libutil/{ => include/nix}/exit.hh | 0 .../nix}/experimental-features.hh | 4 +- .../{ => include/nix}/file-content-address.hh | 2 +- .../{ => include/nix}/file-descriptor.hh | 4 +- .../{ => include/nix}/file-path-impl.hh | 0 src/libutil/{ => include/nix}/file-path.hh | 4 +- src/libutil/{ => include/nix}/file-system.hh | 10 +- src/libutil/{ => include/nix}/finally.hh | 0 src/libutil/{ => include/nix}/fmt.hh | 2 +- src/libutil/{ => include/nix}/fs-sink.hh | 6 +- src/libutil/{ => include/nix}/git.hh | 10 +- src/libutil/{ => include/nix}/hash.hh | 8 +- src/libutil/{ => include/nix}/hilite.hh | 0 src/libutil/{ => include/nix}/json-impls.hh | 2 +- src/libutil/{ => include/nix}/json-utils.hh | 2 +- src/libutil/{ => include/nix}/logging.hh | 8 +- src/libutil/{ => include/nix}/lru-cache.hh | 0 .../nix}/memory-source-accessor.hh | 6 +- src/libutil/include/nix/meson.build | 87 +++++ src/libutil/{ => include/nix}/muxable-pipe.hh | 6 +- src/libutil/{ => include/nix}/os-string.hh | 0 src/libutil/{ => include/nix}/pool.hh | 4 +- src/libutil/{ => include/nix}/pos-idx.hh | 0 src/libutil/{ => include/nix}/pos-table.hh | 6 +- src/libutil/{ => include/nix}/position.hh | 2 +- .../nix}/posix-source-accessor.hh | 2 +- src/libutil/{ => include/nix}/processes.hh | 10 +- src/libutil/{ => include/nix}/ref.hh | 0 src/libutil/{ => include/nix}/references.hh | 2 +- .../{ => include/nix}/regex-combinators.hh | 0 src/libutil/{ => include/nix}/repair-flag.hh | 0 src/libutil/{ => include/nix}/serialise.hh | 6 +- src/libutil/{ => include/nix}/signals.hh | 8 +- .../{ => include/nix}/signature/local-keys.hh | 2 +- .../{ => include/nix}/signature/signer.hh | 4 +- .../{ => include/nix}/source-accessor.hh | 6 +- src/libutil/{ => include/nix}/source-path.hh | 8 +- src/libutil/{ => include/nix}/split.hh | 2 +- src/libutil/{ => include/nix}/std-hash.hh | 0 .../{ => include/nix}/strings-inline.hh | 2 +- src/libutil/{ => include/nix}/strings.hh | 0 src/libutil/{ => include/nix}/suggestions.hh | 2 +- src/libutil/{ => include/nix}/sync.hh | 2 +- src/libutil/{ => include/nix}/tarfile.hh | 4 +- src/libutil/{ => include/nix}/terminal.hh | 0 src/libutil/{ => include/nix}/thread-pool.hh | 4 +- src/libutil/{ => include/nix}/topo-sort.hh | 2 +- src/libutil/{ => include/nix}/types.hh | 0 .../{ => include/nix}/unix-domain-socket.hh | 4 +- src/libutil/{ => include/nix}/url-parts.hh | 0 src/libutil/{ => include/nix}/url.hh | 2 +- src/libutil/{ => include/nix}/users.hh | 2 +- src/libutil/{ => include/nix}/util.hh | 8 +- .../{ => include/nix}/variant-wrapper.hh | 0 src/libutil/{ => include/nix}/xml-writer.hh | 0 src/libutil/json-utils.cc | 6 +- src/libutil/linux/cgroup.cc | 10 +- src/libutil/linux/{ => include/nix}/cgroup.hh | 2 +- src/libutil/linux/include/nix/meson.build | 8 + .../linux/{ => include/nix}/namespaces.hh | 2 +- src/libutil/linux/meson.build | 7 +- src/libutil/linux/namespaces.cc | 14 +- src/libutil/logging.cc | 16 +- src/libutil/memory-source-accessor.cc | 2 +- src/libutil/meson.build | 89 +---- src/libutil/mounted-source-accessor.cc | 2 +- src/libutil/package.nix | 4 + src/libutil/pos-table.cc | 2 +- src/libutil/position.cc | 2 +- src/libutil/posix-source-accessor.cc | 8 +- src/libutil/references.cc | 6 +- src/libutil/serialise.cc | 8 +- src/libutil/signature/local-keys.cc | 6 +- src/libutil/signature/signer.cc | 4 +- src/libutil/source-accessor.cc | 4 +- src/libutil/source-path.cc | 2 +- src/libutil/strings.cc | 6 +- src/libutil/suggestions.cc | 6 +- src/libutil/tarfile.cc | 8 +- src/libutil/terminal.cc | 6 +- src/libutil/thread-pool.cc | 6 +- src/libutil/union-source-accessor.cc | 2 +- src/libutil/unix-domain-socket.cc | 8 +- src/libutil/unix/environment-variables.cc | 2 +- src/libutil/unix/file-descriptor.cc | 8 +- src/libutil/unix/file-path.cc | 4 +- src/libutil/unix/file-system.cc | 2 +- src/libutil/unix/include/nix/meson.build | 8 + .../unix/{ => include/nix}/monitor-fd.hh | 2 +- .../unix/{ => include/nix}/signals-impl.hh | 10 +- src/libutil/unix/meson.build | 7 +- src/libutil/unix/muxable-pipe.cc | 6 +- src/libutil/unix/os-string.cc | 4 +- src/libutil/unix/processes.cc | 14 +- src/libutil/unix/signals.cc | 10 +- src/libutil/unix/users.cc | 8 +- src/libutil/url.cc | 10 +- src/libutil/users.cc | 8 +- src/libutil/util.cc | 8 +- src/libutil/windows/environment-variables.cc | 2 +- src/libutil/windows/file-descriptor.cc | 12 +- src/libutil/windows/file-path.cc | 6 +- src/libutil/windows/file-system.cc | 2 +- src/libutil/windows/include/nix/meson.build | 9 + .../windows/{ => include/nix}/signals-impl.hh | 2 +- .../{ => include/nix}/windows-async-pipe.hh | 2 +- .../{ => include/nix}/windows-error.hh | 2 +- src/libutil/windows/meson.build | 8 +- src/libutil/windows/muxable-pipe.cc | 8 +- src/libutil/windows/os-string.cc | 6 +- src/libutil/windows/processes.cc | 26 +- src/libutil/windows/users.cc | 10 +- src/libutil/windows/windows-async-pipe.cc | 4 +- src/libutil/windows/windows-error.cc | 2 +- src/libutil/xml-writer.cc | 2 +- src/nix-build/nix-build.cc | 38 +- src/nix-channel/nix-channel.cc | 18 +- .../nix-collect-garbage.cc | 18 +- src/nix-copy-closure/nix-copy-closure.cc | 8 +- src/nix-env/nix-env.cc | 36 +- src/nix-env/user-env.cc | 20 +- src/nix-env/user-env.hh | 2 +- src/nix-instantiate/nix-instantiate.cc | 28 +- src/nix-store/dotgraph.cc | 2 +- src/nix-store/dotgraph.hh | 2 +- src/nix-store/graphml.cc | 4 +- src/nix-store/graphml.hh | 2 +- src/nix-store/nix-store.cc | 36 +- src/nix/add-to-store.cc | 14 +- src/nix/app.cc | 20 +- src/nix/build.cc | 10 +- src/nix/bundle.cc | 14 +- src/nix/cat.cc | 6 +- src/nix/config-check.cc | 18 +- src/nix/config.cc | 10 +- src/nix/copy.cc | 8 +- src/nix/crash-handler.cc | 5 +- src/nix/derivation-add.cc | 10 +- src/nix/derivation-show.cc | 10 +- src/nix/derivation.cc | 2 +- src/nix/develop.cc | 20 +- src/nix/diff-closures.cc | 12 +- src/nix/dump-path.cc | 6 +- src/nix/edit.cc | 12 +- src/nix/env.cc | 8 +- src/nix/eval.cc | 14 +- src/nix/flake.cc | 44 +-- src/nix/fmt.cc | 6 +- src/nix/hash.cc | 20 +- src/nix/log.cc | 10 +- src/nix/ls.cc | 8 +- src/nix/main.cc | 49 +-- src/nix/make-content-addressed.cc | 8 +- src/nix/man-pages.cc | 6 +- src/nix/meson.build | 6 +- src/nix/nar.cc | 2 +- src/nix/optimise-store.cc | 6 +- src/nix/path-from-hash-part.cc | 4 +- src/nix/path-info.cc | 12 +- src/nix/prefetch.cc | 29 +- src/nix/profile.cc | 28 +- src/nix/realisation.cc | 4 +- src/nix/registry.cc | 16 +- src/nix/repl.cc | 16 +- src/nix/run.cc | 24 +- src/nix/run.hh | 2 +- src/nix/search.cc | 28 +- src/nix/self-exe.cc | 6 +- src/nix/sigs.cc | 10 +- src/nix/store-copy-log.cc | 14 +- src/nix/store-delete.cc | 12 +- src/nix/store-gc.cc | 12 +- src/nix/store-info.cc | 8 +- src/nix/store-repair.cc | 4 +- src/nix/store.cc | 2 +- src/nix/unix/daemon.cc | 32 +- src/nix/upgrade-nix.cc | 20 +- src/nix/verify.cc | 14 +- src/nix/why-depends.cc | 8 +- src/perl/lib/Nix/Store.xs | 14 +- tests/functional/plugins/meson.build | 6 +- tests/functional/plugins/plugintest.cc | 4 +- .../functional/test-libstoreconsumer/main.cc | 6 +- .../test-libstoreconsumer/meson.build | 4 +- 662 files changed, 2971 insertions(+), 2910 deletions(-) rename src/libcmd/{ => include/nix}/built-path.hh (98%) rename src/libcmd/{ => include/nix}/command-installable-value.hh (87%) rename src/libcmd/{ => include/nix}/command.hh (98%) rename src/libcmd/{ => include/nix}/common-eval-args.hh (92%) rename src/libcmd/{ => include/nix}/compatibility-settings.hh (98%) rename src/libcmd/{ => include/nix}/editor-for.hh (77%) rename src/libcmd/{ => include/nix}/installable-attr-path.hh (65%) rename src/libcmd/{ => include/nix}/installable-derived-path.hh (94%) rename src/libcmd/{ => include/nix}/installable-flake.hh (97%) rename src/libcmd/{ => include/nix}/installable-value.hh (98%) rename src/libcmd/{ => include/nix}/installables.hh (96%) rename src/libcmd/{ => include/nix}/legacy.hh (100%) rename src/libcmd/{ => include/nix}/markdown.hh (100%) create mode 100644 src/libcmd/include/nix/meson.build rename src/libcmd/{ => include/nix}/misc-store-flags.hh (92%) rename src/libcmd/{ => include/nix}/network-proxy.hh (94%) rename src/libcmd/{ => include/nix}/repl-interacter.hh (95%) rename src/libcmd/{ => include/nix}/repl.hh (97%) create mode 100644 src/libexpr-test-support/include/nix/meson.build rename src/libexpr-test-support/{ => include/nix}/tests/libexpr.hh (94%) rename src/libexpr-test-support/{ => include/nix}/tests/nix_api_expr.hh (93%) rename src/libexpr-test-support/{ => include/nix}/tests/value/context.hh (94%) rename src/libexpr/{ => include/nix}/attr-path.hh (95%) rename src/libexpr/{ => include/nix}/attr-set.hh (98%) rename src/libexpr/{ => include/nix}/eval-cache.hh (97%) rename src/libexpr/{ => include/nix}/eval-error.hh (98%) rename src/libexpr/{ => include/nix}/eval-gc.hh (100%) rename src/libexpr/{ => include/nix}/eval-inline.hh (97%) rename src/libexpr/{ => include/nix}/eval-settings.hh (99%) rename src/libexpr/{ => include/nix}/eval.hh (98%) rename src/libexpr/{ => include/nix}/function-trace.hh (88%) rename src/libexpr/{ => include/nix}/gc-small-vector.hh (96%) rename src/libexpr/{ => include/nix}/get-drvs.hh (98%) rename src/libexpr/{ => include/nix}/json-to-value.hh (89%) rename src/libexpr/{ => include/nix}/lexer-helpers.hh (100%) create mode 100644 src/libexpr/include/nix/meson.build rename src/libexpr/{ => include/nix}/nixexpr.hh (99%) rename src/libexpr/{ => include/nix}/parser-state.hh (99%) rename src/libexpr/{ => include/nix}/primops.hh (98%) rename src/libexpr/{ => include/nix}/print-ambiguous.hh (95%) rename src/libexpr/{ => include/nix}/print-options.hh (100%) rename src/libexpr/{ => include/nix}/print.hh (97%) rename src/libexpr/{ => include/nix}/repl-exit-status.hh (100%) rename src/libexpr/{ => include/nix}/search-path.hh (98%) rename src/libexpr/{ => include/nix}/symbol-table.hh (97%) rename src/libexpr/{ => include/nix}/value-to-json.hh (90%) rename src/libexpr/{ => include/nix}/value-to-xml.hh (82%) rename src/libexpr/{ => include/nix}/value.hh (98%) rename src/libexpr/{ => include/nix}/value/context.hh (95%) rename src/libfetchers/{ => include/nix}/attrs.hh (96%) rename src/libfetchers/{ => include/nix}/cache.hh (97%) rename src/libfetchers/{ => include/nix}/fetch-settings.hh (98%) rename src/libfetchers/{ => include/nix}/fetch-to-store.hh (71%) rename src/libfetchers/{ => include/nix}/fetchers.hh (97%) rename src/libfetchers/{ => include/nix}/filtering-source-accessor.hh (98%) rename src/libfetchers/{ => include/nix}/git-lfs-fetch.hh (92%) rename src/libfetchers/{ => include/nix}/git-utils.hh (98%) create mode 100644 src/libfetchers/include/nix/meson.build rename src/libfetchers/{ => include/nix}/registry.hh (96%) rename src/libfetchers/{ => include/nix}/store-path-accessor.hh (87%) rename src/libfetchers/{ => include/nix}/tarball.hh (90%) rename src/libflake/{ => include/nix}/flake/flake-primops.hh (75%) rename src/libflake/{ => include/nix}/flake/flake.hh (98%) rename src/libflake/{ => include/nix}/flake/flakeref.hh (97%) rename src/libflake/{ => include/nix}/flake/lockfile.hh (98%) rename src/libflake/{ => include/nix}/flake/settings.hh (97%) rename src/libflake/{ => include/nix}/flake/url-name.hh (85%) create mode 100644 src/libflake/include/nix/meson.build rename src/libmain/{ => include/nix}/common-args.hh (96%) rename src/libmain/{ => include/nix}/loggers.hh (90%) create mode 100644 src/libmain/include/nix/meson.build rename src/libmain/{ => include/nix}/plugin.hh (100%) rename src/libmain/{ => include/nix}/progress-bar.hh (76%) rename src/libmain/{ => include/nix}/shared.hh (94%) rename src/libstore-test-support/{tests => }/derived-path.cc (98%) create mode 100644 src/libstore-test-support/include/nix/meson.build rename src/libstore-test-support/{ => include/nix}/tests/derived-path.hh (86%) rename src/libstore-test-support/{ => include/nix}/tests/libstore.hh (94%) rename src/libstore-test-support/{ => include/nix}/tests/nix_api_store.hh (96%) rename src/libstore-test-support/{ => include/nix}/tests/outputs-spec.hh (76%) rename src/libstore-test-support/{ => include/nix}/tests/path.hh (94%) rename src/libstore-test-support/{ => include/nix}/tests/protocol.hh (96%) rename src/libstore-test-support/{tests => }/outputs-spec.cc (95%) rename src/libstore-test-support/{tests => }/path.cc (93%) rename src/libstore/{ => include/nix}/binary-cache-store.hh (97%) rename src/libstore/{ => include/nix}/build-result.hh (98%) rename src/libstore/{ => include/nix}/build/derivation-goal.hh (97%) rename src/libstore/{ => include/nix}/build/drv-output-substitution-goal.hh (89%) rename src/libstore/{ => include/nix}/build/goal.hh (99%) rename src/libstore/{ => include/nix}/build/substitution-goal.hh (94%) rename src/libstore/{ => include/nix}/build/worker.hh (98%) rename src/libstore/{ => include/nix}/builtins.hh (92%) rename src/libstore/{ => include/nix}/builtins/buildenv.hh (97%) rename src/libstore/{ => include/nix}/common-protocol-impl.hh (93%) rename src/libstore/{ => include/nix}/common-protocol.hh (99%) rename src/libstore/{ => include/nix}/common-ssh-store-config.hh (98%) rename src/libstore/{ => include/nix}/content-address.hh (98%) rename src/libstore/{ => include/nix}/daemon.hh (82%) rename src/libstore/{ => include/nix}/derivation-options.hh (98%) rename src/libstore/{ => include/nix}/derivations.hh (98%) rename src/libstore/{ => include/nix}/derived-path-map.hh (98%) rename src/libstore/{ => include/nix}/derived-path.hh (98%) rename src/libstore/{ => include/nix}/downstream-placeholder.hh (97%) rename src/libstore/{ => include/nix}/filetransfer.hh (97%) rename src/libstore/{ => include/nix}/gc-store.hh (99%) rename src/libstore/{ => include/nix}/globals.hh (99%) rename src/libstore/{ => include/nix}/http-binary-cache-store.hh (94%) rename src/libstore/{ => include/nix}/indirect-root-store.hh (98%) rename src/libstore/{ => include/nix}/keys.hh (66%) rename src/libstore/{ => include/nix}/legacy-ssh-store.hh (97%) rename src/libstore/{ => include/nix}/length-prefixed-protocol-helper.hh (99%) rename src/libstore/{ => include/nix}/local-binary-cache-store.hh (92%) rename src/libstore/{ => include/nix}/local-fs-store.hh (96%) rename src/libstore/{ => include/nix}/local-overlay-store.hh (99%) rename src/libstore/{ => include/nix}/local-store.hh (98%) rename src/libstore/{ => include/nix}/log-store.hh (95%) rename src/libstore/{ => include/nix}/machines.hh (97%) rename src/libstore/{ => include/nix}/make-content-addressed.hh (94%) create mode 100644 src/libstore/include/nix/meson.build rename src/libstore/{ => include/nix}/names.hh (96%) rename src/libstore/{ => include/nix}/nar-accessor.hh (96%) rename src/libstore/{ => include/nix}/nar-info-disk-cache.hh (94%) rename src/libstore/{ => include/nix}/nar-info.hh (93%) rename src/libstore/{ => include/nix}/outputs-spec.hh (98%) rename src/libstore/{ => include/nix}/parsed-derivations.hh (95%) rename src/libstore/{ => include/nix}/path-info.hh (98%) rename src/libstore/{ => include/nix}/path-references.hh (91%) rename src/libstore/{ => include/nix}/path-regex.hh (100%) rename src/libstore/{ => include/nix}/path-with-outputs.hh (95%) rename src/libstore/{ => include/nix}/path.hh (98%) rename src/libstore/{ => include/nix}/pathlocks.hh (97%) rename src/libstore/{ => include/nix}/posix-fs-canonicalise.hh (96%) rename src/libstore/{ => include/nix}/profiles.hh (99%) rename src/libstore/{ => include/nix}/realisation.hh (96%) rename src/libstore/{ => include/nix}/remote-fs-accessor.hh (91%) rename src/libstore/{ => include/nix}/remote-store-connection.hh (91%) rename src/libstore/{ => include/nix}/remote-store.hh (98%) rename src/libstore/{ => include/nix}/s3-binary-cache-store.hh (98%) rename src/libstore/{ => include/nix}/s3.hh (97%) rename src/libstore/{ => include/nix}/serve-protocol-connection.hh (98%) rename src/libstore/{ => include/nix}/serve-protocol-impl.hh (95%) rename src/libstore/{ => include/nix}/serve-protocol.hh (99%) rename src/libstore/{ => include/nix}/sqlite.hh (99%) rename src/libstore/{ => include/nix}/ssh-store.hh (91%) rename src/libstore/{ => include/nix}/ssh.hh (95%) rename src/libstore/{ => include/nix}/store-api.hh (98%) rename src/libstore/{ => include/nix}/store-cast.hh (94%) rename src/libstore/{ => include/nix}/store-dir-config.hh (95%) rename src/libstore/{ => include/nix}/store-reference.hh (98%) rename src/libstore/{ => include/nix}/uds-remote-store.hh (95%) rename src/libstore/{ => include/nix}/worker-protocol-connection.hh (98%) rename src/libstore/{ => include/nix}/worker-protocol-impl.hh (95%) rename src/libstore/{ => include/nix}/worker-protocol.hh (99%) rename src/libstore/linux/{ => include/nix}/fchmodat2-compat.hh (100%) create mode 100644 src/libstore/linux/include/nix/meson.build rename src/libstore/linux/{ => include/nix}/personality.hh (100%) rename src/libstore/unix/{ => include/nix}/build/child.hh (100%) rename src/libstore/unix/{ => include/nix}/build/hook-instance.hh (85%) rename src/libstore/unix/{ => include/nix}/build/local-derivation-goal.hh (98%) create mode 100644 src/libstore/unix/include/nix/meson.build rename src/libstore/unix/{ => include/nix}/user-lock.hh (100%) rename src/libutil-test-support/{tests => }/hash.cc (91%) create mode 100644 src/libutil-test-support/include/nix/meson.build rename src/libutil-test-support/{ => include/nix}/tests/characterization.hh (96%) rename src/libutil-test-support/{ => include/nix}/tests/gtest-with-params.hh (100%) rename src/libutil-test-support/{ => include/nix}/tests/hash.hh (88%) rename src/libutil-test-support/{ => include/nix}/tests/nix_api_util.hh (100%) rename src/libutil-test-support/{ => include/nix}/tests/string_callback.hh (100%) rename src/libutil-test-support/{ => include/nix}/tests/tracing-file-system-object-sink.hh (97%) rename src/libutil-test-support/{tests => }/string_callback.cc (85%) rename src/libutil-test-support/{tests => }/tracing-file-system-object-sink.cc (95%) rename src/libutil/{ => include/nix}/abstract-setting-to-json.hh (87%) rename src/libutil/{ => include/nix}/ansicolor.hh (100%) rename src/libutil/{ => include/nix}/archive.hh (96%) rename src/libutil/{ => include/nix}/args.hh (99%) rename src/libutil/{ => include/nix}/args/root.hh (98%) rename src/libutil/{ => include/nix}/callback.hh (100%) rename src/libutil/{ => include/nix}/canon-path.hh (100%) rename src/libutil/{ => include/nix}/checked-arithmetic.hh (100%) rename src/libutil/{ => include/nix}/chunked-vector.hh (98%) rename src/libutil/{ => include/nix}/closure.hh (98%) rename src/libutil/{ => include/nix}/comparator.hh (100%) rename src/libutil/{ => include/nix}/compression.hh (90%) rename src/libutil/{ => include/nix}/compute-levels.hh (74%) rename src/libutil/{ => include/nix}/config-global.hh (96%) rename src/libutil/{ => include/nix}/config-impl.hh (98%) rename src/libutil/{ => include/nix}/config.hh (99%) rename src/libutil/{ => include/nix}/current-process.hh (97%) rename src/libutil/{ => include/nix}/english.hh (100%) rename src/libutil/{ => include/nix}/environment-variables.hh (96%) rename src/libutil/{ => include/nix}/error.hh (99%) rename src/libutil/{ => include/nix}/exec.hh (91%) rename src/libutil/{ => include/nix}/executable-path.hh (98%) rename src/libutil/{ => include/nix}/exit.hh (100%) rename src/libutil/{ => include/nix}/experimental-features.hh (98%) rename src/libutil/{ => include/nix}/file-content-address.hh (99%) rename src/libutil/{ => include/nix}/file-descriptor.hh (98%) rename src/libutil/{ => include/nix}/file-path-impl.hh (100%) rename src/libutil/{ => include/nix}/file-path.hh (94%) rename src/libutil/{ => include/nix}/file-system.hh (98%) rename src/libutil/{ => include/nix}/finally.hh (100%) rename src/libutil/{ => include/nix}/fmt.hh (99%) rename src/libutil/{ => include/nix}/fs-sink.hh (97%) rename src/libutil/{ => include/nix}/git.hh (97%) rename src/libutil/{ => include/nix}/hash.hh (98%) rename src/libutil/{ => include/nix}/hilite.hh (100%) rename src/libutil/{ => include/nix}/json-impls.hh (95%) rename src/libutil/{ => include/nix}/json-utils.hh (99%) rename src/libutil/{ => include/nix}/logging.hh (98%) rename src/libutil/{ => include/nix}/lru-cache.hh (100%) rename src/libutil/{ => include/nix}/memory-source-accessor.hh (97%) create mode 100644 src/libutil/include/nix/meson.build rename src/libutil/{ => include/nix}/muxable-pipe.hh (94%) rename src/libutil/{ => include/nix}/os-string.hh (100%) rename src/libutil/{ => include/nix}/pool.hh (99%) rename src/libutil/{ => include/nix}/pos-idx.hh (100%) rename src/libutil/{ => include/nix}/pos-table.hh (97%) rename src/libutil/{ => include/nix}/position.hh (99%) rename src/libutil/{ => include/nix}/posix-source-accessor.hh (98%) rename src/libutil/{ => include/nix}/processes.hh (95%) rename src/libutil/{ => include/nix}/ref.hh (100%) rename src/libutil/{ => include/nix}/references.hh (97%) rename src/libutil/{ => include/nix}/regex-combinators.hh (100%) rename src/libutil/{ => include/nix}/repair-flag.hh (100%) rename src/libutil/{ => include/nix}/serialise.hh (99%) rename src/libutil/{ => include/nix}/signals.hh (90%) rename src/libutil/{ => include/nix}/signature/local-keys.hh (99%) rename src/libutil/{ => include/nix}/signature/signer.hh (94%) rename src/libutil/{ => include/nix}/source-accessor.hh (98%) rename src/libutil/{ => include/nix}/source-path.hh (96%) rename src/libutil/{ => include/nix}/split.hh (97%) rename src/libutil/{ => include/nix}/std-hash.hh (100%) rename src/libutil/{ => include/nix}/strings-inline.hh (99%) rename src/libutil/{ => include/nix}/strings.hh (100%) rename src/libutil/{ => include/nix}/suggestions.hh (98%) rename src/libutil/{ => include/nix}/sync.hh (99%) rename src/libutil/{ => include/nix}/tarfile.hh (96%) rename src/libutil/{ => include/nix}/terminal.hh (100%) rename src/libutil/{ => include/nix}/thread-pool.hh (98%) rename src/libutil/{ => include/nix}/topo-sort.hh (97%) rename src/libutil/{ => include/nix}/types.hh (100%) rename src/libutil/{ => include/nix}/unix-domain-socket.hh (95%) rename src/libutil/{ => include/nix}/url-parts.hh (100%) rename src/libutil/{ => include/nix}/url.hh (98%) rename src/libutil/{ => include/nix}/users.hh (98%) rename src/libutil/{ => include/nix}/util.hh (98%) rename src/libutil/{ => include/nix}/variant-wrapper.hh (100%) rename src/libutil/{ => include/nix}/xml-writer.hh (100%) rename src/libutil/linux/{ => include/nix}/cgroup.hh (97%) create mode 100644 src/libutil/linux/include/nix/meson.build rename src/libutil/linux/{ => include/nix}/namespaces.hh (96%) create mode 100644 src/libutil/unix/include/nix/meson.build rename src/libutil/unix/{ => include/nix}/monitor-fd.hh (99%) rename src/libutil/unix/{ => include/nix}/signals-impl.hh (95%) create mode 100644 src/libutil/windows/include/nix/meson.build rename src/libutil/windows/{ => include/nix}/signals-impl.hh (95%) rename src/libutil/windows/{ => include/nix}/windows-async-pipe.hh (93%) rename src/libutil/windows/{ => include/nix}/windows-error.hh (97%) diff --git a/doc/manual/source/development/testing.md b/doc/manual/source/development/testing.md index d0c3a1c784e..ebc0e27d2d4 100644 --- a/doc/manual/source/development/testing.md +++ b/doc/manual/source/development/testing.md @@ -31,7 +31,7 @@ The unit tests are defined using the [googletest] and [rapidcheck] frameworks. > ├── libexpr > │ ├── meson.build > │ ├── value/context.hh -> │ ├── value/context.cc +> │ ├── include/nix/value/context.cc > │ … > │ > ├── tests @@ -46,8 +46,12 @@ The unit tests are defined using the [googletest] and [rapidcheck] frameworks. > │ │ > │ ├── libexpr-test-support > │ │ ├── meson.build +> │ │ ├── include/nix +> │ │ │ ├── meson.build +> │ │ │ └── tests +> │ │ │ ├── value/context.hh +> │ │ │ … > │ │ └── tests -> │ │ ├── value/context.hh > │ │ ├── value/context.cc > │ │ … > │ │ @@ -59,7 +63,7 @@ The unit tests are defined using the [googletest] and [rapidcheck] frameworks. > ``` The tests for each Nix library (`libnixexpr`, `libnixstore`, etc..) live inside a directory `src/${library_name_without-nix}-test`. -Given an interface (header) and implementation pair in the original library, say, `src/libexpr/value/context.{hh,cc}`, we write tests for it in `src/libexpr-tests/value/context.cc`, and (possibly) declare/define additional interfaces for testing purposes in `src/libexpr-test-support/tests/value/context.{hh,cc}`. +Given an interface (header) and implementation pair in the original library, say, `src/libexpr/include/nix/value/context.hh` and `src/libexpr/value/context.cc`, we write tests for it in `src/libexpr-tests/value/context.cc`, and (possibly) declare/define additional interfaces for testing purposes in `src/libexpr-test-support/include/nix/tests/value/context.hh` and `src/libexpr-test-support/tests/value/context.cc`. Data for unit tests is stored in a `data` subdir of the directory for each unit test executable. For example, `libnixstore` code is in `src/libstore`, and its test data is in `src/libstore-tests/data`. @@ -67,7 +71,7 @@ The path to the `src/${library_name_without-nix}-test/data` directory is passed Note that each executable only gets the data for its tests. The unit test libraries are in `src/${library_name_without-nix}-test-support`. -All headers are in a `tests` subdirectory so they are included with `#include "tests/"`. +All headers are in a `tests` subdirectory so they are included with `#include "nix/tests/"`. The use of all these separate directories for the unit tests might seem inconvenient, as for example the tests are not "right next to" the part of the code they are testing. But organizing the tests this way has one big benefit: diff --git a/maintainers/flake-module.nix b/maintainers/flake-module.nix index 4c75df24608..87dc1e18a04 100644 --- a/maintainers/flake-module.nix +++ b/maintainers/flake-module.nix @@ -84,340 +84,340 @@ ''^precompiled-headers\.h$'' ''^src/build-remote/build-remote\.cc$'' ''^src/libcmd/built-path\.cc$'' - ''^src/libcmd/built-path\.hh$'' + ''^src/libcmd/include/nix/built-path\.hh$'' ''^src/libcmd/common-eval-args\.cc$'' - ''^src/libcmd/common-eval-args\.hh$'' + ''^src/libcmd/include/nix/common-eval-args\.hh$'' ''^src/libcmd/editor-for\.cc$'' ''^src/libcmd/installable-attr-path\.cc$'' - ''^src/libcmd/installable-attr-path\.hh$'' + ''^src/libcmd/include/nix/installable-attr-path\.hh$'' ''^src/libcmd/installable-derived-path\.cc$'' - ''^src/libcmd/installable-derived-path\.hh$'' + ''^src/libcmd/include/nix/installable-derived-path\.hh$'' ''^src/libcmd/installable-flake\.cc$'' - ''^src/libcmd/installable-flake\.hh$'' + ''^src/libcmd/include/nix/installable-flake\.hh$'' ''^src/libcmd/installable-value\.cc$'' - ''^src/libcmd/installable-value\.hh$'' + ''^src/libcmd/include/nix/installable-value\.hh$'' ''^src/libcmd/installables\.cc$'' - ''^src/libcmd/installables\.hh$'' - ''^src/libcmd/legacy\.hh$'' + ''^src/libcmd/include/nix/installables\.hh$'' + ''^src/libcmd/include/nix/legacy\.hh$'' ''^src/libcmd/markdown\.cc$'' ''^src/libcmd/misc-store-flags\.cc$'' ''^src/libcmd/repl-interacter\.cc$'' - ''^src/libcmd/repl-interacter\.hh$'' + ''^src/libcmd/include/nix/repl-interacter\.hh$'' ''^src/libcmd/repl\.cc$'' - ''^src/libcmd/repl\.hh$'' + ''^src/libcmd/include/nix/repl\.hh$'' ''^src/libexpr-c/nix_api_expr\.cc$'' ''^src/libexpr-c/nix_api_external\.cc$'' ''^src/libexpr/attr-path\.cc$'' - ''^src/libexpr/attr-path\.hh$'' + ''^src/libexpr/include/nix/attr-path\.hh$'' ''^src/libexpr/attr-set\.cc$'' - ''^src/libexpr/attr-set\.hh$'' + ''^src/libexpr/include/nix/attr-set\.hh$'' ''^src/libexpr/eval-cache\.cc$'' - ''^src/libexpr/eval-cache\.hh$'' + ''^src/libexpr/include/nix/eval-cache\.hh$'' ''^src/libexpr/eval-error\.cc$'' - ''^src/libexpr/eval-inline\.hh$'' + ''^src/libexpr/include/nix/eval-inline\.hh$'' ''^src/libexpr/eval-settings\.cc$'' - ''^src/libexpr/eval-settings\.hh$'' + ''^src/libexpr/include/nix/eval-settings\.hh$'' ''^src/libexpr/eval\.cc$'' - ''^src/libexpr/eval\.hh$'' + ''^src/libexpr/include/nix/eval\.hh$'' ''^src/libexpr/function-trace\.cc$'' - ''^src/libexpr/gc-small-vector\.hh$'' + ''^src/libexpr/include/nix/gc-small-vector\.hh$'' ''^src/libexpr/get-drvs\.cc$'' - ''^src/libexpr/get-drvs\.hh$'' + ''^src/libexpr/include/nix/get-drvs\.hh$'' ''^src/libexpr/json-to-value\.cc$'' ''^src/libexpr/nixexpr\.cc$'' - ''^src/libexpr/nixexpr\.hh$'' - ''^src/libexpr/parser-state\.hh$'' + ''^src/libexpr/include/nix/nixexpr\.hh$'' + ''^src/libexpr/include/nix/parser-state\.hh$'' ''^src/libexpr/primops\.cc$'' - ''^src/libexpr/primops\.hh$'' + ''^src/libexpr/include/nix/primops\.hh$'' ''^src/libexpr/primops/context\.cc$'' ''^src/libexpr/primops/fetchClosure\.cc$'' ''^src/libexpr/primops/fetchMercurial\.cc$'' ''^src/libexpr/primops/fetchTree\.cc$'' ''^src/libexpr/primops/fromTOML\.cc$'' ''^src/libexpr/print-ambiguous\.cc$'' - ''^src/libexpr/print-ambiguous\.hh$'' - ''^src/libexpr/print-options\.hh$'' + ''^src/libexpr/include/nix/print-ambiguous\.hh$'' + ''^src/libexpr/include/nix/print-options\.hh$'' ''^src/libexpr/print\.cc$'' - ''^src/libexpr/print\.hh$'' + ''^src/libexpr/include/nix/print\.hh$'' ''^src/libexpr/search-path\.cc$'' - ''^src/libexpr/symbol-table\.hh$'' + ''^src/libexpr/include/nix/symbol-table\.hh$'' ''^src/libexpr/value-to-json\.cc$'' - ''^src/libexpr/value-to-json\.hh$'' + ''^src/libexpr/include/nix/value-to-json\.hh$'' ''^src/libexpr/value-to-xml\.cc$'' - ''^src/libexpr/value-to-xml\.hh$'' - ''^src/libexpr/value\.hh$'' + ''^src/libexpr/include/nix/value-to-xml\.hh$'' + ''^src/libexpr/include/nix/value\.hh$'' ''^src/libexpr/value/context\.cc$'' - ''^src/libexpr/value/context\.hh$'' + ''^src/libexpr/include/nix/value/context\.hh$'' ''^src/libfetchers/attrs\.cc$'' ''^src/libfetchers/cache\.cc$'' - ''^src/libfetchers/cache\.hh$'' + ''^src/libfetchers/include/nix/cache\.hh$'' ''^src/libfetchers/fetch-settings\.cc$'' - ''^src/libfetchers/fetch-settings\.hh$'' + ''^src/libfetchers/include/nix/fetch-settings\.hh$'' ''^src/libfetchers/fetch-to-store\.cc$'' ''^src/libfetchers/fetchers\.cc$'' - ''^src/libfetchers/fetchers\.hh$'' + ''^src/libfetchers/include/nix/fetchers\.hh$'' ''^src/libfetchers/filtering-source-accessor\.cc$'' - ''^src/libfetchers/filtering-source-accessor\.hh$'' + ''^src/libfetchers/include/nix/filtering-source-accessor\.hh$'' ''^src/libfetchers/fs-source-accessor\.cc$'' - ''^src/libfetchers/fs-source-accessor\.hh$'' + ''^src/libfetchers/include/nix/fs-source-accessor\.hh$'' ''^src/libfetchers/git-utils\.cc$'' - ''^src/libfetchers/git-utils\.hh$'' + ''^src/libfetchers/include/nix/git-utils\.hh$'' ''^src/libfetchers/github\.cc$'' ''^src/libfetchers/indirect\.cc$'' ''^src/libfetchers/memory-source-accessor\.cc$'' ''^src/libfetchers/path\.cc$'' ''^src/libfetchers/registry\.cc$'' - ''^src/libfetchers/registry\.hh$'' + ''^src/libfetchers/include/nix/registry\.hh$'' ''^src/libfetchers/tarball\.cc$'' - ''^src/libfetchers/tarball\.hh$'' + ''^src/libfetchers/include/nix/tarball\.hh$'' ''^src/libfetchers/git\.cc$'' ''^src/libfetchers/mercurial\.cc$'' ''^src/libflake/flake/config\.cc$'' ''^src/libflake/flake/flake\.cc$'' - ''^src/libflake/flake/flake\.hh$'' + ''^src/libflake/include/nix/flake/flake\.hh$'' ''^src/libflake/flake/flakeref\.cc$'' - ''^src/libflake/flake/flakeref\.hh$'' + ''^src/libflake/include/nix/flake/flakeref\.hh$'' ''^src/libflake/flake/lockfile\.cc$'' - ''^src/libflake/flake/lockfile\.hh$'' + ''^src/libflake/include/nix/flake/lockfile\.hh$'' ''^src/libflake/flake/url-name\.cc$'' ''^src/libmain/common-args\.cc$'' - ''^src/libmain/common-args\.hh$'' + ''^src/libmain/include/nix/common-args\.hh$'' ''^src/libmain/loggers\.cc$'' - ''^src/libmain/loggers\.hh$'' + ''^src/libmain/include/nix/loggers\.hh$'' ''^src/libmain/progress-bar\.cc$'' ''^src/libmain/shared\.cc$'' - ''^src/libmain/shared\.hh$'' + ''^src/libmain/include/nix/shared\.hh$'' ''^src/libmain/unix/stack\.cc$'' ''^src/libstore/binary-cache-store\.cc$'' - ''^src/libstore/binary-cache-store\.hh$'' - ''^src/libstore/build-result\.hh$'' - ''^src/libstore/builtins\.hh$'' + ''^src/libstore/include/nix/binary-cache-store\.hh$'' + ''^src/libstore/include/nix/build-result\.hh$'' + ''^src/libstore/include/nix/builtins\.hh$'' ''^src/libstore/builtins/buildenv\.cc$'' - ''^src/libstore/builtins/buildenv\.hh$'' - ''^src/libstore/common-protocol-impl\.hh$'' + ''^src/libstore/include/nix/builtins/buildenv\.hh$'' + ''^src/libstore/include/nix/common-protocol-impl\.hh$'' ''^src/libstore/common-protocol\.cc$'' - ''^src/libstore/common-protocol\.hh$'' - ''^src/libstore/common-ssh-store-config\.hh$'' + ''^src/libstore/include/nix/common-protocol\.hh$'' + ''^src/libstore/include/nix/common-ssh-store-config\.hh$'' ''^src/libstore/content-address\.cc$'' - ''^src/libstore/content-address\.hh$'' + ''^src/libstore/include/nix/content-address\.hh$'' ''^src/libstore/daemon\.cc$'' - ''^src/libstore/daemon\.hh$'' + ''^src/libstore/include/nix/daemon\.hh$'' ''^src/libstore/derivations\.cc$'' - ''^src/libstore/derivations\.hh$'' + ''^src/libstore/include/nix/derivations\.hh$'' ''^src/libstore/derived-path-map\.cc$'' - ''^src/libstore/derived-path-map\.hh$'' + ''^src/libstore/include/nix/derived-path-map\.hh$'' ''^src/libstore/derived-path\.cc$'' - ''^src/libstore/derived-path\.hh$'' + ''^src/libstore/include/nix/derived-path\.hh$'' ''^src/libstore/downstream-placeholder\.cc$'' - ''^src/libstore/downstream-placeholder\.hh$'' + ''^src/libstore/include/nix/downstream-placeholder\.hh$'' ''^src/libstore/dummy-store\.cc$'' ''^src/libstore/export-import\.cc$'' ''^src/libstore/filetransfer\.cc$'' - ''^src/libstore/filetransfer\.hh$'' - ''^src/libstore/gc-store\.hh$'' + ''^src/libstore/include/nix/filetransfer\.hh$'' + ''^src/libstore/include/nix/gc-store\.hh$'' ''^src/libstore/globals\.cc$'' - ''^src/libstore/globals\.hh$'' + ''^src/libstore/include/nix/globals\.hh$'' ''^src/libstore/http-binary-cache-store\.cc$'' ''^src/libstore/legacy-ssh-store\.cc$'' - ''^src/libstore/legacy-ssh-store\.hh$'' - ''^src/libstore/length-prefixed-protocol-helper\.hh$'' + ''^src/libstore/include/nix/legacy-ssh-store\.hh$'' + ''^src/libstore/include/nix/length-prefixed-protocol-helper\.hh$'' ''^src/libstore/linux/personality\.cc$'' - ''^src/libstore/linux/personality\.hh$'' + ''^src/libstore/linux/include/nix/personality\.hh$'' ''^src/libstore/local-binary-cache-store\.cc$'' ''^src/libstore/local-fs-store\.cc$'' - ''^src/libstore/local-fs-store\.hh$'' + ''^src/libstore/include/nix/local-fs-store\.hh$'' ''^src/libstore/log-store\.cc$'' - ''^src/libstore/log-store\.hh$'' + ''^src/libstore/include/nix/log-store\.hh$'' ''^src/libstore/machines\.cc$'' - ''^src/libstore/machines\.hh$'' + ''^src/libstore/include/nix/machines\.hh$'' ''^src/libstore/make-content-addressed\.cc$'' - ''^src/libstore/make-content-addressed\.hh$'' + ''^src/libstore/include/nix/make-content-addressed\.hh$'' ''^src/libstore/misc\.cc$'' ''^src/libstore/names\.cc$'' - ''^src/libstore/names\.hh$'' + ''^src/libstore/include/nix/names\.hh$'' ''^src/libstore/nar-accessor\.cc$'' - ''^src/libstore/nar-accessor\.hh$'' + ''^src/libstore/include/nix/nar-accessor\.hh$'' ''^src/libstore/nar-info-disk-cache\.cc$'' - ''^src/libstore/nar-info-disk-cache\.hh$'' + ''^src/libstore/include/nix/nar-info-disk-cache\.hh$'' ''^src/libstore/nar-info\.cc$'' - ''^src/libstore/nar-info\.hh$'' + ''^src/libstore/include/nix/nar-info\.hh$'' ''^src/libstore/outputs-spec\.cc$'' - ''^src/libstore/outputs-spec\.hh$'' + ''^src/libstore/include/nix/outputs-spec\.hh$'' ''^src/libstore/parsed-derivations\.cc$'' ''^src/libstore/path-info\.cc$'' - ''^src/libstore/path-info\.hh$'' + ''^src/libstore/include/nix/path-info\.hh$'' ''^src/libstore/path-references\.cc$'' - ''^src/libstore/path-regex\.hh$'' + ''^src/libstore/include/nix/path-regex\.hh$'' ''^src/libstore/path-with-outputs\.cc$'' ''^src/libstore/path\.cc$'' - ''^src/libstore/path\.hh$'' + ''^src/libstore/include/nix/path\.hh$'' ''^src/libstore/pathlocks\.cc$'' - ''^src/libstore/pathlocks\.hh$'' + ''^src/libstore/include/nix/pathlocks\.hh$'' ''^src/libstore/profiles\.cc$'' - ''^src/libstore/profiles\.hh$'' + ''^src/libstore/include/nix/profiles\.hh$'' ''^src/libstore/realisation\.cc$'' - ''^src/libstore/realisation\.hh$'' + ''^src/libstore/include/nix/realisation\.hh$'' ''^src/libstore/remote-fs-accessor\.cc$'' - ''^src/libstore/remote-fs-accessor\.hh$'' - ''^src/libstore/remote-store-connection\.hh$'' + ''^src/libstore/include/nix/remote-fs-accessor\.hh$'' + ''^src/libstore/include/nix/remote-store-connection\.hh$'' ''^src/libstore/remote-store\.cc$'' - ''^src/libstore/remote-store\.hh$'' + ''^src/libstore/include/nix/remote-store\.hh$'' ''^src/libstore/s3-binary-cache-store\.cc$'' - ''^src/libstore/s3\.hh$'' + ''^src/libstore/include/nix/s3\.hh$'' ''^src/libstore/serve-protocol-impl\.cc$'' - ''^src/libstore/serve-protocol-impl\.hh$'' + ''^src/libstore/include/nix/serve-protocol-impl\.hh$'' ''^src/libstore/serve-protocol\.cc$'' - ''^src/libstore/serve-protocol\.hh$'' + ''^src/libstore/include/nix/serve-protocol\.hh$'' ''^src/libstore/sqlite\.cc$'' - ''^src/libstore/sqlite\.hh$'' + ''^src/libstore/include/nix/sqlite\.hh$'' ''^src/libstore/ssh-store\.cc$'' ''^src/libstore/ssh\.cc$'' - ''^src/libstore/ssh\.hh$'' + ''^src/libstore/include/nix/ssh\.hh$'' ''^src/libstore/store-api\.cc$'' - ''^src/libstore/store-api\.hh$'' - ''^src/libstore/store-dir-config\.hh$'' + ''^src/libstore/include/nix/store-api\.hh$'' + ''^src/libstore/include/nix/store-dir-config\.hh$'' ''^src/libstore/build/derivation-goal\.cc$'' - ''^src/libstore/build/derivation-goal\.hh$'' + ''^src/libstore/include/nix/build/derivation-goal\.hh$'' ''^src/libstore/build/drv-output-substitution-goal\.cc$'' - ''^src/libstore/build/drv-output-substitution-goal\.hh$'' + ''^src/libstore/include/nix/build/drv-output-substitution-goal\.hh$'' ''^src/libstore/build/entry-points\.cc$'' ''^src/libstore/build/goal\.cc$'' - ''^src/libstore/build/goal\.hh$'' + ''^src/libstore/include/nix/build/goal\.hh$'' ''^src/libstore/unix/build/hook-instance\.cc$'' ''^src/libstore/unix/build/local-derivation-goal\.cc$'' - ''^src/libstore/unix/build/local-derivation-goal\.hh$'' + ''^src/libstore/unix/include/nix/build/local-derivation-goal\.hh$'' ''^src/libstore/build/substitution-goal\.cc$'' - ''^src/libstore/build/substitution-goal\.hh$'' + ''^src/libstore/include/nix/build/substitution-goal\.hh$'' ''^src/libstore/build/worker\.cc$'' - ''^src/libstore/build/worker\.hh$'' + ''^src/libstore/include/nix/build/worker\.hh$'' ''^src/libstore/builtins/fetchurl\.cc$'' ''^src/libstore/builtins/unpack-channel\.cc$'' ''^src/libstore/gc\.cc$'' ''^src/libstore/local-overlay-store\.cc$'' - ''^src/libstore/local-overlay-store\.hh$'' + ''^src/libstore/include/nix/local-overlay-store\.hh$'' ''^src/libstore/local-store\.cc$'' - ''^src/libstore/local-store\.hh$'' + ''^src/libstore/include/nix/local-store\.hh$'' ''^src/libstore/unix/user-lock\.cc$'' - ''^src/libstore/unix/user-lock\.hh$'' + ''^src/libstore/unix/include/nix/user-lock\.hh$'' ''^src/libstore/optimise-store\.cc$'' ''^src/libstore/unix/pathlocks\.cc$'' ''^src/libstore/posix-fs-canonicalise\.cc$'' - ''^src/libstore/posix-fs-canonicalise\.hh$'' + ''^src/libstore/include/nix/posix-fs-canonicalise\.hh$'' ''^src/libstore/uds-remote-store\.cc$'' - ''^src/libstore/uds-remote-store\.hh$'' + ''^src/libstore/include/nix/uds-remote-store\.hh$'' ''^src/libstore/windows/build\.cc$'' - ''^src/libstore/worker-protocol-impl\.hh$'' + ''^src/libstore/include/nix/worker-protocol-impl\.hh$'' ''^src/libstore/worker-protocol\.cc$'' - ''^src/libstore/worker-protocol\.hh$'' + ''^src/libstore/include/nix/worker-protocol\.hh$'' ''^src/libutil-c/nix_api_util_internal\.h$'' ''^src/libutil/archive\.cc$'' - ''^src/libutil/archive\.hh$'' + ''^src/libutil/include/nix/archive\.hh$'' ''^src/libutil/args\.cc$'' - ''^src/libutil/args\.hh$'' - ''^src/libutil/args/root\.hh$'' - ''^src/libutil/callback\.hh$'' + ''^src/libutil/include/nix/args\.hh$'' + ''^src/libutil/include/nix/args/root\.hh$'' + ''^src/libutil/include/nix/callback\.hh$'' ''^src/libutil/canon-path\.cc$'' - ''^src/libutil/canon-path\.hh$'' - ''^src/libutil/chunked-vector\.hh$'' - ''^src/libutil/closure\.hh$'' - ''^src/libutil/comparator\.hh$'' + ''^src/libutil/include/nix/canon-path\.hh$'' + ''^src/libutil/include/nix/chunked-vector\.hh$'' + ''^src/libutil/include/nix/closure\.hh$'' + ''^src/libutil/include/nix/comparator\.hh$'' ''^src/libutil/compute-levels\.cc$'' - ''^src/libutil/config-impl\.hh$'' + ''^src/libutil/include/nix/config-impl\.hh$'' ''^src/libutil/config\.cc$'' - ''^src/libutil/config\.hh$'' + ''^src/libutil/include/nix/config\.hh$'' ''^src/libutil/current-process\.cc$'' - ''^src/libutil/current-process\.hh$'' + ''^src/libutil/include/nix/current-process\.hh$'' ''^src/libutil/english\.cc$'' - ''^src/libutil/english\.hh$'' + ''^src/libutil/include/nix/english\.hh$'' ''^src/libutil/error\.cc$'' - ''^src/libutil/error\.hh$'' - ''^src/libutil/exit\.hh$'' + ''^src/libutil/include/nix/error\.hh$'' + ''^src/libutil/include/nix/exit\.hh$'' ''^src/libutil/experimental-features\.cc$'' - ''^src/libutil/experimental-features\.hh$'' + ''^src/libutil/include/nix/experimental-features\.hh$'' ''^src/libutil/file-content-address\.cc$'' - ''^src/libutil/file-content-address\.hh$'' + ''^src/libutil/include/nix/file-content-address\.hh$'' ''^src/libutil/file-descriptor\.cc$'' - ''^src/libutil/file-descriptor\.hh$'' - ''^src/libutil/file-path-impl\.hh$'' - ''^src/libutil/file-path\.hh$'' + ''^src/libutil/include/nix/file-descriptor\.hh$'' + ''^src/libutil/include/nix/file-path-impl\.hh$'' + ''^src/libutil/include/nix/file-path\.hh$'' ''^src/libutil/file-system\.cc$'' - ''^src/libutil/file-system\.hh$'' - ''^src/libutil/finally\.hh$'' - ''^src/libutil/fmt\.hh$'' + ''^src/libutil/include/nix/file-system\.hh$'' + ''^src/libutil/include/nix/finally\.hh$'' + ''^src/libutil/include/nix/fmt\.hh$'' ''^src/libutil/fs-sink\.cc$'' - ''^src/libutil/fs-sink\.hh$'' + ''^src/libutil/include/nix/fs-sink\.hh$'' ''^src/libutil/git\.cc$'' - ''^src/libutil/git\.hh$'' + ''^src/libutil/include/nix/git\.hh$'' ''^src/libutil/hash\.cc$'' - ''^src/libutil/hash\.hh$'' + ''^src/libutil/include/nix/hash\.hh$'' ''^src/libutil/hilite\.cc$'' - ''^src/libutil/hilite\.hh$'' + ''^src/libutil/include/nix/hilite\.hh$'' ''^src/libutil/source-accessor\.hh$'' - ''^src/libutil/json-impls\.hh$'' + ''^src/libutil/include/nix/json-impls\.hh$'' ''^src/libutil/json-utils\.cc$'' - ''^src/libutil/json-utils\.hh$'' + ''^src/libutil/include/nix/json-utils\.hh$'' ''^src/libutil/linux/cgroup\.cc$'' ''^src/libutil/linux/namespaces\.cc$'' ''^src/libutil/logging\.cc$'' - ''^src/libutil/logging\.hh$'' - ''^src/libutil/lru-cache\.hh$'' + ''^src/libutil/include/nix/logging\.hh$'' + ''^src/libutil/include/nix/lru-cache\.hh$'' ''^src/libutil/memory-source-accessor\.cc$'' - ''^src/libutil/memory-source-accessor\.hh$'' - ''^src/libutil/pool\.hh$'' + ''^src/libutil/include/nix/memory-source-accessor\.hh$'' + ''^src/libutil/include/nix/pool\.hh$'' ''^src/libutil/position\.cc$'' - ''^src/libutil/position\.hh$'' + ''^src/libutil/include/nix/position\.hh$'' ''^src/libutil/posix-source-accessor\.cc$'' - ''^src/libutil/posix-source-accessor\.hh$'' - ''^src/libutil/processes\.hh$'' - ''^src/libutil/ref\.hh$'' + ''^src/libutil/include/nix/posix-source-accessor\.hh$'' + ''^src/libutil/include/nix/processes\.hh$'' + ''^src/libutil/include/nix/ref\.hh$'' ''^src/libutil/references\.cc$'' - ''^src/libutil/references\.hh$'' + ''^src/libutil/include/nix/references\.hh$'' ''^src/libutil/regex-combinators\.hh$'' ''^src/libutil/serialise\.cc$'' - ''^src/libutil/serialise\.hh$'' - ''^src/libutil/signals\.hh$'' + ''^src/libutil/include/nix/serialise\.hh$'' + ''^src/libutil/include/nix/signals\.hh$'' ''^src/libutil/signature/local-keys\.cc$'' - ''^src/libutil/signature/local-keys\.hh$'' + ''^src/libutil/include/nix/signature/local-keys\.hh$'' ''^src/libutil/signature/signer\.cc$'' - ''^src/libutil/signature/signer\.hh$'' + ''^src/libutil/include/nix/signature/signer\.hh$'' ''^src/libutil/source-accessor\.cc$'' - ''^src/libutil/source-accessor\.hh$'' + ''^src/libutil/include/nix/source-accessor\.hh$'' ''^src/libutil/source-path\.cc$'' - ''^src/libutil/source-path\.hh$'' - ''^src/libutil/split\.hh$'' + ''^src/libutil/include/nix/source-path\.hh$'' + ''^src/libutil/include/nix/split\.hh$'' ''^src/libutil/suggestions\.cc$'' - ''^src/libutil/suggestions\.hh$'' - ''^src/libutil/sync\.hh$'' + ''^src/libutil/include/nix/suggestions\.hh$'' + ''^src/libutil/include/nix/sync\.hh$'' ''^src/libutil/terminal\.cc$'' - ''^src/libutil/terminal\.hh$'' + ''^src/libutil/include/nix/terminal\.hh$'' ''^src/libutil/thread-pool\.cc$'' - ''^src/libutil/thread-pool\.hh$'' - ''^src/libutil/topo-sort\.hh$'' - ''^src/libutil/types\.hh$'' + ''^src/libutil/include/nix/thread-pool\.hh$'' + ''^src/libutil/include/nix/topo-sort\.hh$'' + ''^src/libutil/include/nix/types\.hh$'' ''^src/libutil/unix/file-descriptor\.cc$'' ''^src/libutil/unix/file-path\.cc$'' ''^src/libutil/unix/processes\.cc$'' - ''^src/libutil/unix/signals-impl\.hh$'' + ''^src/libutil/unix/include/nix/signals-impl\.hh$'' ''^src/libutil/unix/signals\.cc$'' ''^src/libutil/unix-domain-socket\.cc$'' ''^src/libutil/unix/users\.cc$'' - ''^src/libutil/url-parts\.hh$'' + ''^src/libutil/include/nix/url-parts\.hh$'' ''^src/libutil/url\.cc$'' - ''^src/libutil/url\.hh$'' + ''^src/libutil/include/nix/url\.hh$'' ''^src/libutil/users\.cc$'' - ''^src/libutil/users\.hh$'' + ''^src/libutil/include/nix/users\.hh$'' ''^src/libutil/util\.cc$'' - ''^src/libutil/util\.hh$'' - ''^src/libutil/variant-wrapper\.hh$'' + ''^src/libutil/include/nix/util\.hh$'' + ''^src/libutil/include/nix/variant-wrapper\.hh$'' ''^src/libutil/widecharwidth/widechar_width\.h$'' # vendored source ''^src/libutil/windows/file-descriptor\.cc$'' ''^src/libutil/windows/file-path\.cc$'' ''^src/libutil/windows/processes\.cc$'' ''^src/libutil/windows/users\.cc$'' ''^src/libutil/windows/windows-error\.cc$'' - ''^src/libutil/windows/windows-error\.hh$'' + ''^src/libutil/windows/include/nix/windows-error\.hh$'' ''^src/libutil/xml-writer\.cc$'' - ''^src/libutil/xml-writer\.hh$'' + ''^src/libutil/include/nix/xml-writer\.hh$'' ''^src/nix-build/nix-build\.cc$'' ''^src/nix-channel/nix-channel\.cc$'' ''^src/nix-collect-garbage/nix-collect-garbage\.cc$'' @@ -481,9 +481,9 @@ ''^tests/nixos/ca-fd-leak/sender\.c'' ''^tests/nixos/ca-fd-leak/smuggler\.c'' ''^tests/nixos/user-sandboxing/attacker\.c'' - ''^src/libexpr-test-support/tests/libexpr\.hh'' + ''^src/libexpr-test-support/include/nix/tests/libexpr\.hh'' ''^src/libexpr-test-support/tests/value/context\.cc'' - ''^src/libexpr-test-support/tests/value/context\.hh'' + ''^src/libexpr-test-support/include/nix/tests/value/context\.hh'' ''^src/libexpr-tests/derived-path\.cc'' ''^src/libexpr-tests/error_traces\.cc'' ''^src/libexpr-tests/eval\.cc'' @@ -498,13 +498,13 @@ ''^src/libflake-tests/flakeref\.cc'' ''^src/libflake-tests/url-name\.cc'' ''^src/libstore-test-support/tests/derived-path\.cc'' - ''^src/libstore-test-support/tests/derived-path\.hh'' - ''^src/libstore-test-support/tests/nix_api_store\.hh'' + ''^src/libstore-test-support/include/nix/tests/derived-path\.hh'' + ''^src/libstore-test-support/include/nix/tests/nix_api_store\.hh'' ''^src/libstore-test-support/tests/outputs-spec\.cc'' - ''^src/libstore-test-support/tests/outputs-spec\.hh'' - ''^src/libstore-test-support/tests/path\.cc'' - ''^src/libstore-test-support/tests/path\.hh'' - ''^src/libstore-test-support/tests/protocol\.hh'' + ''^src/libstore-test-support/include/nix/tests/outputs-spec\.hh'' + ''^src/libstore-test-support/path\.cc'' + ''^src/libstore-test-support/include/nix/tests/path\.hh'' + ''^src/libstore-test-support/include/nix/tests/protocol\.hh'' ''^src/libstore-tests/common-protocol\.cc'' ''^src/libstore-tests/content-address\.cc'' ''^src/libstore-tests/derivation\.cc'' @@ -518,9 +518,9 @@ ''^src/libstore-tests/path\.cc'' ''^src/libstore-tests/serve-protocol\.cc'' ''^src/libstore-tests/worker-protocol\.cc'' - ''^src/libutil-test-support/tests/characterization\.hh'' - ''^src/libutil-test-support/tests/hash\.cc'' - ''^src/libutil-test-support/tests/hash\.hh'' + ''^src/libutil-test-support/include/nix/tests/characterization\.hh'' + ''^src/libutil-test-support/hash\.cc'' + ''^src/libutil-test-support/include/nix/tests/hash\.hh'' ''^src/libutil-tests/args\.cc'' ''^src/libutil-tests/canon-path\.cc'' ''^src/libutil-tests/chunked-vector\.cc'' diff --git a/nix-meson-build-support/export/meson.build b/nix-meson-build-support/export/meson.build index 9f59505721e..b2409de8571 100644 --- a/nix-meson-build-support/export/meson.build +++ b/nix-meson-build-support/export/meson.build @@ -16,7 +16,6 @@ import('pkgconfig').generate( filebase : meson.project_name(), name : 'Nix', description : 'Nix Package Manager', - subdirs : ['nix'], extra_cflags : ['-std=c++2a'], requires : requires_public, requires_private : requires_private, diff --git a/src/build-remote/build-remote.cc b/src/build-remote/build-remote.cc index 88b70428845..56eb248a5d4 100644 --- a/src/build-remote/build-remote.cc +++ b/src/build-remote/build-remote.cc @@ -9,19 +9,19 @@ #include #endif -#include "machines.hh" -#include "shared.hh" -#include "plugin.hh" -#include "pathlocks.hh" -#include "globals.hh" -#include "serialise.hh" -#include "build-result.hh" -#include "store-api.hh" -#include "strings.hh" -#include "derivations.hh" -#include "local-store.hh" -#include "legacy.hh" -#include "experimental-features.hh" +#include "nix/machines.hh" +#include "nix/shared.hh" +#include "nix/plugin.hh" +#include "nix/pathlocks.hh" +#include "nix/globals.hh" +#include "nix/serialise.hh" +#include "nix/build-result.hh" +#include "nix/store-api.hh" +#include "nix/strings.hh" +#include "nix/derivations.hh" +#include "nix/local-store.hh" +#include "nix/legacy.hh" +#include "nix/experimental-features.hh" using namespace nix; using std::cin; diff --git a/src/libcmd/built-path.cc b/src/libcmd/built-path.cc index 905e70f32c9..21b52cea5f2 100644 --- a/src/libcmd/built-path.cc +++ b/src/libcmd/built-path.cc @@ -1,7 +1,7 @@ -#include "built-path.hh" -#include "derivations.hh" -#include "store-api.hh" -#include "comparator.hh" +#include "nix/built-path.hh" +#include "nix/derivations.hh" +#include "nix/store-api.hh" +#include "nix/comparator.hh" #include diff --git a/src/libcmd/command-installable-value.cc b/src/libcmd/command-installable-value.cc index 7e0c15eb8cb..52fa610916a 100644 --- a/src/libcmd/command-installable-value.cc +++ b/src/libcmd/command-installable-value.cc @@ -1,4 +1,4 @@ -#include "command-installable-value.hh" +#include "nix/command-installable-value.hh" namespace nix { diff --git a/src/libcmd/command.cc b/src/libcmd/command.cc index 86d13fab796..efcdb799de0 100644 --- a/src/libcmd/command.cc +++ b/src/libcmd/command.cc @@ -1,16 +1,16 @@ #include #include -#include "command.hh" -#include "markdown.hh" -#include "store-api.hh" -#include "local-fs-store.hh" -#include "derivations.hh" -#include "nixexpr.hh" -#include "profiles.hh" -#include "repl.hh" -#include "strings.hh" -#include "environment-variables.hh" +#include "nix/command.hh" +#include "nix/markdown.hh" +#include "nix/store-api.hh" +#include "nix/local-fs-store.hh" +#include "nix/derivations.hh" +#include "nix/nixexpr.hh" +#include "nix/profiles.hh" +#include "nix/repl.hh" +#include "nix/strings.hh" +#include "nix/environment-variables.hh" namespace nix { diff --git a/src/libcmd/common-eval-args.cc b/src/libcmd/common-eval-args.cc index 57e1774be7b..805701749e2 100644 --- a/src/libcmd/common-eval-args.cc +++ b/src/libcmd/common-eval-args.cc @@ -1,20 +1,20 @@ -#include "fetch-settings.hh" -#include "eval-settings.hh" -#include "common-eval-args.hh" -#include "shared.hh" -#include "config-global.hh" -#include "filetransfer.hh" -#include "eval.hh" -#include "fetchers.hh" -#include "registry.hh" -#include "flake/flakeref.hh" -#include "flake/settings.hh" -#include "store-api.hh" -#include "command.hh" -#include "tarball.hh" -#include "fetch-to-store.hh" -#include "compatibility-settings.hh" -#include "eval-settings.hh" +#include "nix/fetch-settings.hh" +#include "nix/eval-settings.hh" +#include "nix/common-eval-args.hh" +#include "nix/shared.hh" +#include "nix/config-global.hh" +#include "nix/filetransfer.hh" +#include "nix/eval.hh" +#include "nix/fetchers.hh" +#include "nix/registry.hh" +#include "nix/flake/flakeref.hh" +#include "nix/flake/settings.hh" +#include "nix/store-api.hh" +#include "nix/command.hh" +#include "nix/tarball.hh" +#include "nix/fetch-to-store.hh" +#include "nix/compatibility-settings.hh" +#include "nix/eval-settings.hh" namespace nix { diff --git a/src/libcmd/editor-for.cc b/src/libcmd/editor-for.cc index 6bf36bd647b..b82f41d2b8f 100644 --- a/src/libcmd/editor-for.cc +++ b/src/libcmd/editor-for.cc @@ -1,6 +1,6 @@ -#include "editor-for.hh" -#include "environment-variables.hh" -#include "source-path.hh" +#include "nix/editor-for.hh" +#include "nix/environment-variables.hh" +#include "nix/source-path.hh" namespace nix { diff --git a/src/libcmd/built-path.hh b/src/libcmd/include/nix/built-path.hh similarity index 98% rename from src/libcmd/built-path.hh rename to src/libcmd/include/nix/built-path.hh index dc78d3e599d..bd8f685e005 100644 --- a/src/libcmd/built-path.hh +++ b/src/libcmd/include/nix/built-path.hh @@ -1,8 +1,8 @@ #pragma once ///@file -#include "derived-path.hh" -#include "realisation.hh" +#include "nix/derived-path.hh" +#include "nix/realisation.hh" namespace nix { diff --git a/src/libcmd/command-installable-value.hh b/src/libcmd/include/nix/command-installable-value.hh similarity index 87% rename from src/libcmd/command-installable-value.hh rename to src/libcmd/include/nix/command-installable-value.hh index 7880d411998..5ce352a6345 100644 --- a/src/libcmd/command-installable-value.hh +++ b/src/libcmd/include/nix/command-installable-value.hh @@ -1,8 +1,8 @@ #pragma once ///@file -#include "installable-value.hh" -#include "command.hh" +#include "nix/installable-value.hh" +#include "nix/command.hh" namespace nix { diff --git a/src/libcmd/command.hh b/src/libcmd/include/nix/command.hh similarity index 98% rename from src/libcmd/command.hh rename to src/libcmd/include/nix/command.hh index 9570ce3e7ac..9d3c8e343d4 100644 --- a/src/libcmd/command.hh +++ b/src/libcmd/include/nix/command.hh @@ -1,11 +1,11 @@ #pragma once ///@file -#include "installable-value.hh" -#include "args.hh" -#include "common-eval-args.hh" -#include "path.hh" -#include "flake/lockfile.hh" +#include "nix/installable-value.hh" +#include "nix/args.hh" +#include "nix/common-eval-args.hh" +#include "nix/path.hh" +#include "nix/flake/lockfile.hh" #include diff --git a/src/libcmd/common-eval-args.hh b/src/libcmd/include/nix/common-eval-args.hh similarity index 92% rename from src/libcmd/common-eval-args.hh rename to src/libcmd/include/nix/common-eval-args.hh index c62365b32e2..e7217589162 100644 --- a/src/libcmd/common-eval-args.hh +++ b/src/libcmd/include/nix/common-eval-args.hh @@ -1,10 +1,10 @@ #pragma once ///@file -#include "args.hh" -#include "canon-path.hh" -#include "common-args.hh" -#include "search-path.hh" +#include "nix/args.hh" +#include "nix/canon-path.hh" +#include "nix/common-args.hh" +#include "nix/search-path.hh" #include diff --git a/src/libcmd/compatibility-settings.hh b/src/libcmd/include/nix/compatibility-settings.hh similarity index 98% rename from src/libcmd/compatibility-settings.hh rename to src/libcmd/include/nix/compatibility-settings.hh index a129a957a64..18319c1f2d2 100644 --- a/src/libcmd/compatibility-settings.hh +++ b/src/libcmd/include/nix/compatibility-settings.hh @@ -1,5 +1,5 @@ #pragma once -#include "config.hh" +#include "nix/config.hh" namespace nix { struct CompatibilitySettings : public Config diff --git a/src/libcmd/editor-for.hh b/src/libcmd/include/nix/editor-for.hh similarity index 77% rename from src/libcmd/editor-for.hh rename to src/libcmd/include/nix/editor-for.hh index 8acd7011e69..0a8aa48bc6c 100644 --- a/src/libcmd/editor-for.hh +++ b/src/libcmd/include/nix/editor-for.hh @@ -1,8 +1,8 @@ #pragma once ///@file -#include "types.hh" -#include "source-path.hh" +#include "nix/types.hh" +#include "nix/source-path.hh" namespace nix { diff --git a/src/libcmd/installable-attr-path.hh b/src/libcmd/include/nix/installable-attr-path.hh similarity index 65% rename from src/libcmd/installable-attr-path.hh rename to src/libcmd/include/nix/installable-attr-path.hh index 86c2f82192c..ceb2eca616c 100644 --- a/src/libcmd/installable-attr-path.hh +++ b/src/libcmd/include/nix/installable-attr-path.hh @@ -1,22 +1,22 @@ #pragma once ///@file -#include "globals.hh" -#include "installable-value.hh" -#include "outputs-spec.hh" -#include "command.hh" -#include "attr-path.hh" -#include "common-eval-args.hh" -#include "derivations.hh" -#include "eval-inline.hh" -#include "eval.hh" -#include "get-drvs.hh" -#include "store-api.hh" -#include "shared.hh" -#include "eval-cache.hh" -#include "url.hh" -#include "registry.hh" -#include "build-result.hh" +#include "nix/globals.hh" +#include "nix/installable-value.hh" +#include "nix/outputs-spec.hh" +#include "nix/command.hh" +#include "nix/attr-path.hh" +#include "nix/common-eval-args.hh" +#include "nix/derivations.hh" +#include "nix/eval-inline.hh" +#include "nix/eval.hh" +#include "nix/get-drvs.hh" +#include "nix/store-api.hh" +#include "nix/shared.hh" +#include "nix/eval-cache.hh" +#include "nix/url.hh" +#include "nix/registry.hh" +#include "nix/build-result.hh" #include #include diff --git a/src/libcmd/installable-derived-path.hh b/src/libcmd/include/nix/installable-derived-path.hh similarity index 94% rename from src/libcmd/installable-derived-path.hh rename to src/libcmd/include/nix/installable-derived-path.hh index e0b4f18b38b..8f86e6c4cdf 100644 --- a/src/libcmd/installable-derived-path.hh +++ b/src/libcmd/include/nix/installable-derived-path.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "installables.hh" +#include "nix/installables.hh" namespace nix { diff --git a/src/libcmd/installable-flake.hh b/src/libcmd/include/nix/installable-flake.hh similarity index 97% rename from src/libcmd/installable-flake.hh rename to src/libcmd/include/nix/installable-flake.hh index 212403dd42c..5bbe4beb5b2 100644 --- a/src/libcmd/installable-flake.hh +++ b/src/libcmd/include/nix/installable-flake.hh @@ -1,8 +1,8 @@ #pragma once ///@file -#include "common-eval-args.hh" -#include "installable-value.hh" +#include "nix/common-eval-args.hh" +#include "nix/installable-value.hh" namespace nix { diff --git a/src/libcmd/installable-value.hh b/src/libcmd/include/nix/installable-value.hh similarity index 98% rename from src/libcmd/installable-value.hh rename to src/libcmd/include/nix/installable-value.hh index 4b6dbd306aa..f8840103f7c 100644 --- a/src/libcmd/installable-value.hh +++ b/src/libcmd/include/nix/installable-value.hh @@ -1,8 +1,8 @@ #pragma once ///@file -#include "installables.hh" -#include "flake/flake.hh" +#include "nix/installables.hh" +#include "nix/flake/flake.hh" namespace nix { diff --git a/src/libcmd/installables.hh b/src/libcmd/include/nix/installables.hh similarity index 96% rename from src/libcmd/installables.hh rename to src/libcmd/include/nix/installables.hh index c995c3019f4..2393cbcffe6 100644 --- a/src/libcmd/installables.hh +++ b/src/libcmd/include/nix/installables.hh @@ -1,12 +1,12 @@ #pragma once ///@file -#include "path.hh" -#include "outputs-spec.hh" -#include "derived-path.hh" -#include "built-path.hh" -#include "store-api.hh" -#include "build-result.hh" +#include "nix/path.hh" +#include "nix/outputs-spec.hh" +#include "nix/derived-path.hh" +#include "nix/built-path.hh" +#include "nix/store-api.hh" +#include "nix/build-result.hh" #include diff --git a/src/libcmd/legacy.hh b/src/libcmd/include/nix/legacy.hh similarity index 100% rename from src/libcmd/legacy.hh rename to src/libcmd/include/nix/legacy.hh diff --git a/src/libcmd/markdown.hh b/src/libcmd/include/nix/markdown.hh similarity index 100% rename from src/libcmd/markdown.hh rename to src/libcmd/include/nix/markdown.hh diff --git a/src/libcmd/include/nix/meson.build b/src/libcmd/include/nix/meson.build new file mode 100644 index 00000000000..debe4a60522 --- /dev/null +++ b/src/libcmd/include/nix/meson.build @@ -0,0 +1,23 @@ +# Public headers directory + +include_dirs = [include_directories('..')] + +headers = files( + 'built-path.hh', + 'command-installable-value.hh', + 'command.hh', + 'common-eval-args.hh', + 'compatibility-settings.hh', + 'editor-for.hh', + 'installable-attr-path.hh', + 'installable-derived-path.hh', + 'installable-flake.hh', + 'installable-value.hh', + 'installables.hh', + 'legacy.hh', + 'markdown.hh', + 'misc-store-flags.hh', + 'network-proxy.hh', + 'repl-interacter.hh', + 'repl.hh', +) diff --git a/src/libcmd/misc-store-flags.hh b/src/libcmd/include/nix/misc-store-flags.hh similarity index 92% rename from src/libcmd/misc-store-flags.hh rename to src/libcmd/include/nix/misc-store-flags.hh index 124372af78c..b8579e90fb1 100644 --- a/src/libcmd/misc-store-flags.hh +++ b/src/libcmd/include/nix/misc-store-flags.hh @@ -1,5 +1,5 @@ -#include "args.hh" -#include "content-address.hh" +#include "nix/args.hh" +#include "nix/content-address.hh" namespace nix::flag { diff --git a/src/libcmd/network-proxy.hh b/src/libcmd/include/nix/network-proxy.hh similarity index 94% rename from src/libcmd/network-proxy.hh rename to src/libcmd/include/nix/network-proxy.hh index 0b6856acbf4..ca797f465ec 100644 --- a/src/libcmd/network-proxy.hh +++ b/src/libcmd/include/nix/network-proxy.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "types.hh" +#include "nix/types.hh" namespace nix { diff --git a/src/libcmd/repl-interacter.hh b/src/libcmd/include/nix/repl-interacter.hh similarity index 95% rename from src/libcmd/repl-interacter.hh rename to src/libcmd/include/nix/repl-interacter.hh index cc70efd0729..463ba68184c 100644 --- a/src/libcmd/repl-interacter.hh +++ b/src/libcmd/include/nix/repl-interacter.hh @@ -1,8 +1,8 @@ #pragma once /// @file -#include "finally.hh" -#include "types.hh" +#include "nix/finally.hh" +#include "nix/types.hh" #include #include diff --git a/src/libcmd/repl.hh b/src/libcmd/include/nix/repl.hh similarity index 97% rename from src/libcmd/repl.hh rename to src/libcmd/include/nix/repl.hh index 11d1820f504..b22fb9438a6 100644 --- a/src/libcmd/repl.hh +++ b/src/libcmd/include/nix/repl.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "eval.hh" +#include "nix/eval.hh" namespace nix { diff --git a/src/libcmd/installable-attr-path.cc b/src/libcmd/installable-attr-path.cc index 8917e7a018a..dfd7bdd65b2 100644 --- a/src/libcmd/installable-attr-path.cc +++ b/src/libcmd/installable-attr-path.cc @@ -1,21 +1,21 @@ -#include "globals.hh" -#include "installable-attr-path.hh" -#include "outputs-spec.hh" -#include "util.hh" -#include "command.hh" -#include "attr-path.hh" -#include "common-eval-args.hh" -#include "derivations.hh" -#include "eval-inline.hh" -#include "eval.hh" -#include "get-drvs.hh" -#include "store-api.hh" -#include "shared.hh" -#include "flake/flake.hh" -#include "eval-cache.hh" -#include "url.hh" -#include "registry.hh" -#include "build-result.hh" +#include "nix/globals.hh" +#include "nix/installable-attr-path.hh" +#include "nix/outputs-spec.hh" +#include "nix/util.hh" +#include "nix/command.hh" +#include "nix/attr-path.hh" +#include "nix/common-eval-args.hh" +#include "nix/derivations.hh" +#include "nix/eval-inline.hh" +#include "nix/eval.hh" +#include "nix/get-drvs.hh" +#include "nix/store-api.hh" +#include "nix/shared.hh" +#include "nix/flake/flake.hh" +#include "nix/eval-cache.hh" +#include "nix/url.hh" +#include "nix/registry.hh" +#include "nix/build-result.hh" #include #include diff --git a/src/libcmd/installable-derived-path.cc b/src/libcmd/installable-derived-path.cc index abacd73502c..2e53f61982e 100644 --- a/src/libcmd/installable-derived-path.cc +++ b/src/libcmd/installable-derived-path.cc @@ -1,5 +1,5 @@ -#include "installable-derived-path.hh" -#include "derivations.hh" +#include "nix/installable-derived-path.hh" +#include "nix/derivations.hh" namespace nix { diff --git a/src/libcmd/installable-flake.cc b/src/libcmd/installable-flake.cc index 6c9ee674808..f4c27251529 100644 --- a/src/libcmd/installable-flake.cc +++ b/src/libcmd/installable-flake.cc @@ -1,22 +1,22 @@ -#include "globals.hh" -#include "installable-flake.hh" -#include "installable-derived-path.hh" -#include "outputs-spec.hh" -#include "util.hh" -#include "command.hh" -#include "attr-path.hh" -#include "common-eval-args.hh" -#include "derivations.hh" -#include "eval-inline.hh" -#include "eval.hh" -#include "get-drvs.hh" -#include "store-api.hh" -#include "shared.hh" -#include "flake/flake.hh" -#include "eval-cache.hh" -#include "url.hh" -#include "registry.hh" -#include "build-result.hh" +#include "nix/globals.hh" +#include "nix/installable-flake.hh" +#include "nix/installable-derived-path.hh" +#include "nix/outputs-spec.hh" +#include "nix/util.hh" +#include "nix/command.hh" +#include "nix/attr-path.hh" +#include "nix/common-eval-args.hh" +#include "nix/derivations.hh" +#include "nix/eval-inline.hh" +#include "nix/eval.hh" +#include "nix/get-drvs.hh" +#include "nix/store-api.hh" +#include "nix/shared.hh" +#include "nix/flake/flake.hh" +#include "nix/eval-cache.hh" +#include "nix/url.hh" +#include "nix/registry.hh" +#include "nix/build-result.hh" #include #include diff --git a/src/libcmd/installable-value.cc b/src/libcmd/installable-value.cc index 1aa2e65c1e5..ac2da0ed20c 100644 --- a/src/libcmd/installable-value.cc +++ b/src/libcmd/installable-value.cc @@ -1,6 +1,6 @@ -#include "installable-value.hh" -#include "eval-cache.hh" -#include "fetch-to-store.hh" +#include "nix/installable-value.hh" +#include "nix/eval-cache.hh" +#include "nix/fetch-to-store.hh" namespace nix { diff --git a/src/libcmd/installables.cc b/src/libcmd/installables.cc index 81eb883daba..f1eaa71e9b0 100644 --- a/src/libcmd/installables.cc +++ b/src/libcmd/installables.cc @@ -1,33 +1,33 @@ -#include "globals.hh" -#include "installables.hh" -#include "installable-derived-path.hh" -#include "installable-attr-path.hh" -#include "installable-flake.hh" -#include "outputs-spec.hh" -#include "users.hh" -#include "util.hh" -#include "command.hh" -#include "attr-path.hh" -#include "common-eval-args.hh" -#include "derivations.hh" -#include "eval-inline.hh" -#include "eval.hh" -#include "eval-settings.hh" -#include "get-drvs.hh" -#include "store-api.hh" -#include "shared.hh" -#include "flake/flake.hh" -#include "eval-cache.hh" -#include "url.hh" -#include "registry.hh" -#include "build-result.hh" +#include "nix/globals.hh" +#include "nix/installables.hh" +#include "nix/installable-derived-path.hh" +#include "nix/installable-attr-path.hh" +#include "nix/installable-flake.hh" +#include "nix/outputs-spec.hh" +#include "nix/users.hh" +#include "nix/util.hh" +#include "nix/command.hh" +#include "nix/attr-path.hh" +#include "nix/common-eval-args.hh" +#include "nix/derivations.hh" +#include "nix/eval-inline.hh" +#include "nix/eval.hh" +#include "nix/eval-settings.hh" +#include "nix/get-drvs.hh" +#include "nix/store-api.hh" +#include "nix/shared.hh" +#include "nix/flake/flake.hh" +#include "nix/eval-cache.hh" +#include "nix/url.hh" +#include "nix/registry.hh" +#include "nix/build-result.hh" #include #include #include -#include "strings-inline.hh" +#include "nix/strings-inline.hh" namespace nix { diff --git a/src/libcmd/legacy.cc b/src/libcmd/legacy.cc index 6df09ee37a5..25da75d3fb4 100644 --- a/src/libcmd/legacy.cc +++ b/src/libcmd/legacy.cc @@ -1,4 +1,4 @@ -#include "legacy.hh" +#include "nix/legacy.hh" namespace nix { diff --git a/src/libcmd/markdown.cc b/src/libcmd/markdown.cc index faf4c661003..5670b590bcb 100644 --- a/src/libcmd/markdown.cc +++ b/src/libcmd/markdown.cc @@ -1,8 +1,8 @@ -#include "markdown.hh" -#include "environment-variables.hh" -#include "error.hh" -#include "finally.hh" -#include "terminal.hh" +#include "nix/markdown.hh" +#include "nix/environment-variables.hh" +#include "nix/error.hh" +#include "nix/finally.hh" +#include "nix/terminal.hh" #include "cmd-config-private.hh" diff --git a/src/libcmd/meson.build b/src/libcmd/meson.build index 70d3b95dab5..727f4e14d35 100644 --- a/src/libcmd/meson.build +++ b/src/libcmd/meson.build @@ -61,9 +61,9 @@ config_h = configure_file( add_project_arguments( # TODO(Qyriad): Yes this is how the autoconf+Make system did it. # It would be nice for our headers to be idempotent instead. - '-include', 'config-util.hh', - '-include', 'config-store.hh', - '-include', 'config-expr.hh', + '-include', 'nix/config-util.hh', + '-include', 'nix/config-store.hh', + '-include', 'nix/config-expr.hh', language : 'cpp', ) @@ -88,27 +88,7 @@ sources = files( 'repl.cc', ) -include_dirs = [include_directories('.')] - -headers = files( - 'built-path.hh', - 'command-installable-value.hh', - 'command.hh', - 'common-eval-args.hh', - 'compatibility-settings.hh', - 'editor-for.hh', - 'installable-attr-path.hh', - 'installable-derived-path.hh', - 'installable-flake.hh', - 'installable-value.hh', - 'installables.hh', - 'legacy.hh', - 'markdown.hh', - 'misc-store-flags.hh', - 'network-proxy.hh', - 'repl-interacter.hh', - 'repl.hh', -) +subdir('include/nix') subdir('nix-meson-build-support/export-all-symbols') subdir('nix-meson-build-support/windows-version') diff --git a/src/libcmd/misc-store-flags.cc b/src/libcmd/misc-store-flags.cc index 4e29e8981ae..70933648ff0 100644 --- a/src/libcmd/misc-store-flags.cc +++ b/src/libcmd/misc-store-flags.cc @@ -1,4 +1,4 @@ -#include "misc-store-flags.hh" +#include "nix/misc-store-flags.hh" namespace nix::flag { diff --git a/src/libcmd/network-proxy.cc b/src/libcmd/network-proxy.cc index 738bf614729..31e9eb8ddb7 100644 --- a/src/libcmd/network-proxy.cc +++ b/src/libcmd/network-proxy.cc @@ -1,8 +1,8 @@ -#include "network-proxy.hh" +#include "nix/network-proxy.hh" #include -#include "environment-variables.hh" +#include "nix/environment-variables.hh" namespace nix { diff --git a/src/libcmd/package.nix b/src/libcmd/package.nix index d459d1c20fb..5cfe550a332 100644 --- a/src/libcmd/package.nix +++ b/src/libcmd/package.nix @@ -46,6 +46,7 @@ mkMesonLibrary (finalAttrs: { ./.version ./meson.build ./meson.options + ./include/nix/meson.build (fileset.fileFilter (file: file.hasExt "cc") ./.) (fileset.fileFilter (file: file.hasExt "hh") ./.) ]; diff --git a/src/libcmd/repl-interacter.cc b/src/libcmd/repl-interacter.cc index d8c8dd99db6..773e111b297 100644 --- a/src/libcmd/repl-interacter.cc +++ b/src/libcmd/repl-interacter.cc @@ -16,12 +16,12 @@ extern "C" { } #endif -#include "signals.hh" -#include "finally.hh" -#include "repl-interacter.hh" -#include "file-system.hh" -#include "repl.hh" -#include "environment-variables.hh" +#include "nix/signals.hh" +#include "nix/finally.hh" +#include "nix/repl-interacter.hh" +#include "nix/file-system.hh" +#include "nix/repl.hh" +#include "nix/environment-variables.hh" namespace nix { diff --git a/src/libcmd/repl.cc b/src/libcmd/repl.cc index 38b2196434e..8bd5417d7fb 100644 --- a/src/libcmd/repl.cc +++ b/src/libcmd/repl.cc @@ -2,34 +2,34 @@ #include #include -#include "error.hh" -#include "repl-interacter.hh" -#include "repl.hh" - -#include "ansicolor.hh" -#include "shared.hh" -#include "eval.hh" -#include "eval-settings.hh" -#include "attr-path.hh" -#include "signals.hh" -#include "store-api.hh" -#include "log-store.hh" -#include "common-eval-args.hh" -#include "get-drvs.hh" -#include "derivations.hh" -#include "globals.hh" -#include "flake/flake.hh" -#include "flake/lockfile.hh" -#include "users.hh" -#include "editor-for.hh" -#include "finally.hh" -#include "markdown.hh" -#include "local-fs-store.hh" -#include "print.hh" -#include "ref.hh" -#include "value.hh" - -#include "strings.hh" +#include "nix/error.hh" +#include "nix/repl-interacter.hh" +#include "nix/repl.hh" + +#include "nix/ansicolor.hh" +#include "nix/shared.hh" +#include "nix/eval.hh" +#include "nix/eval-settings.hh" +#include "nix/attr-path.hh" +#include "nix/signals.hh" +#include "nix/store-api.hh" +#include "nix/log-store.hh" +#include "nix/common-eval-args.hh" +#include "nix/get-drvs.hh" +#include "nix/derivations.hh" +#include "nix/globals.hh" +#include "nix/flake/flake.hh" +#include "nix/flake/lockfile.hh" +#include "nix/users.hh" +#include "nix/editor-for.hh" +#include "nix/finally.hh" +#include "nix/markdown.hh" +#include "nix/local-fs-store.hh" +#include "nix/print.hh" +#include "nix/ref.hh" +#include "nix/value.hh" + +#include "nix/strings.hh" namespace nix { diff --git a/src/libexpr-c/meson.build b/src/libexpr-c/meson.build index 8405525ca2e..8b00b8d70b0 100644 --- a/src/libexpr-c/meson.build +++ b/src/libexpr-c/meson.build @@ -30,9 +30,9 @@ add_project_arguments( # It would be nice for our headers to be idempotent instead. # From C++ libraries, only for internals - '-include', 'config-util.hh', - '-include', 'config-store.hh', - '-include', 'config-expr.hh', + '-include', 'nix/config-util.hh', + '-include', 'nix/config-store.hh', + '-include', 'nix/config-expr.hh', language : 'cpp', ) @@ -69,7 +69,7 @@ this_library = library( install : true, ) -install_headers(headers, subdir : 'nix', preserve_path : true) +install_headers(headers, preserve_path : true) libraries_private = [] diff --git a/src/libexpr-c/nix_api_expr.cc b/src/libexpr-c/nix_api_expr.cc index a024248cdd0..b5d2c619978 100644 --- a/src/libexpr-c/nix_api_expr.cc +++ b/src/libexpr-c/nix_api_expr.cc @@ -2,11 +2,11 @@ #include #include -#include "eval.hh" -#include "eval-gc.hh" -#include "globals.hh" -#include "eval-settings.hh" -#include "ref.hh" +#include "nix/eval.hh" +#include "nix/eval-gc.hh" +#include "nix/globals.hh" +#include "nix/eval-settings.hh" +#include "nix/ref.hh" #include "nix_api_expr.h" #include "nix_api_expr_internal.h" diff --git a/src/libexpr-c/nix_api_expr_internal.h b/src/libexpr-c/nix_api_expr_internal.h index f596640115f..205a2ee6240 100644 --- a/src/libexpr-c/nix_api_expr_internal.h +++ b/src/libexpr-c/nix_api_expr_internal.h @@ -1,12 +1,12 @@ #ifndef NIX_API_EXPR_INTERNAL_H #define NIX_API_EXPR_INTERNAL_H -#include "fetch-settings.hh" -#include "eval.hh" -#include "eval-settings.hh" -#include "attr-set.hh" +#include "nix/fetch-settings.hh" +#include "nix/eval.hh" +#include "nix/eval-settings.hh" +#include "nix/attr-set.hh" #include "nix_api_value.h" -#include "search-path.hh" +#include "nix/search-path.hh" struct nix_eval_state_builder { diff --git a/src/libexpr-c/nix_api_external.cc b/src/libexpr-c/nix_api_external.cc index d673bcb0b30..7f4cd6a8c4d 100644 --- a/src/libexpr-c/nix_api_external.cc +++ b/src/libexpr-c/nix_api_external.cc @@ -1,8 +1,8 @@ -#include "attr-set.hh" -#include "config.hh" -#include "eval.hh" -#include "globals.hh" -#include "value.hh" +#include "nix/attr-set.hh" +#include "nix/config.hh" +#include "nix/eval.hh" +#include "nix/globals.hh" +#include "nix/value.hh" #include "nix_api_expr.h" #include "nix_api_expr_internal.h" @@ -10,7 +10,7 @@ #include "nix_api_util.h" #include "nix_api_util_internal.h" #include "nix_api_value.h" -#include "value/context.hh" +#include "nix/value/context.hh" #include diff --git a/src/libexpr-c/nix_api_external.h b/src/libexpr-c/nix_api_external.h index 6c524b9755d..f4a32728100 100644 --- a/src/libexpr-c/nix_api_external.h +++ b/src/libexpr-c/nix_api_external.h @@ -12,9 +12,10 @@ #include "nix_api_expr.h" #include "nix_api_util.h" #include "nix_api_value.h" -#include "stdbool.h" -#include "stddef.h" -#include "stdint.h" + +#include +#include +#include #ifdef __cplusplus extern "C" { diff --git a/src/libexpr-c/nix_api_value.cc b/src/libexpr-c/nix_api_value.cc index 448f4a58a78..3116cb59f7d 100644 --- a/src/libexpr-c/nix_api_value.cc +++ b/src/libexpr-c/nix_api_value.cc @@ -1,10 +1,10 @@ -#include "attr-set.hh" -#include "config.hh" -#include "eval.hh" -#include "globals.hh" -#include "path.hh" -#include "primops.hh" -#include "value.hh" +#include "nix/attr-set.hh" +#include "nix/config.hh" +#include "nix/eval.hh" +#include "nix/globals.hh" +#include "nix/path.hh" +#include "nix/primops.hh" +#include "nix/value.hh" #include "nix_api_expr.h" #include "nix_api_expr_internal.h" @@ -12,7 +12,7 @@ #include "nix_api_util_internal.h" #include "nix_api_store_internal.h" #include "nix_api_value.h" -#include "value/context.hh" +#include "nix/value/context.hh" // Internal helper functions to check [in] and [out] `Value *` parameters static const nix::Value & check_value_not_null(const nix_value * value) diff --git a/src/libexpr-c/nix_api_value.h b/src/libexpr-c/nix_api_value.h index 711b0adbc82..7cd6ad18087 100644 --- a/src/libexpr-c/nix_api_value.h +++ b/src/libexpr-c/nix_api_value.h @@ -10,9 +10,10 @@ #include "nix_api_util.h" #include "nix_api_store.h" -#include "stdbool.h" -#include "stddef.h" -#include "stdint.h" + +#include +#include +#include #ifdef __cplusplus extern "C" { diff --git a/src/libexpr-test-support/include/nix/meson.build b/src/libexpr-test-support/include/nix/meson.build new file mode 100644 index 00000000000..9e517c7f6c5 --- /dev/null +++ b/src/libexpr-test-support/include/nix/meson.build @@ -0,0 +1,9 @@ +# Public headers directory + +include_dirs = [include_directories('..')] + +headers = files( + 'tests/libexpr.hh', + 'tests/nix_api_expr.hh', + 'tests/value/context.hh', +) diff --git a/src/libexpr-test-support/tests/libexpr.hh b/src/libexpr-test-support/include/nix/tests/libexpr.hh similarity index 94% rename from src/libexpr-test-support/tests/libexpr.hh rename to src/libexpr-test-support/include/nix/tests/libexpr.hh index 095ea1d0e4b..dfd5fbd3d2a 100644 --- a/src/libexpr-test-support/tests/libexpr.hh +++ b/src/libexpr-test-support/include/nix/tests/libexpr.hh @@ -4,16 +4,16 @@ #include #include -#include "fetch-settings.hh" -#include "value.hh" -#include "nixexpr.hh" -#include "nixexpr.hh" -#include "eval.hh" -#include "eval-gc.hh" -#include "eval-inline.hh" -#include "eval-settings.hh" - -#include "tests/libstore.hh" +#include "nix/fetch-settings.hh" +#include "nix/value.hh" +#include "nix/nixexpr.hh" +#include "nix/nixexpr.hh" +#include "nix/eval.hh" +#include "nix/eval-gc.hh" +#include "nix/eval-inline.hh" +#include "nix/eval-settings.hh" + +#include "nix/tests/libstore.hh" namespace nix { class LibExprTest : public LibStoreTest { diff --git a/src/libexpr-test-support/tests/nix_api_expr.hh b/src/libexpr-test-support/include/nix/tests/nix_api_expr.hh similarity index 93% rename from src/libexpr-test-support/tests/nix_api_expr.hh rename to src/libexpr-test-support/include/nix/tests/nix_api_expr.hh index 6ddca0d14d4..e5960b177a5 100644 --- a/src/libexpr-test-support/tests/nix_api_expr.hh +++ b/src/libexpr-test-support/include/nix/tests/nix_api_expr.hh @@ -2,7 +2,7 @@ ///@file #include "nix_api_expr.h" #include "nix_api_value.h" -#include "tests/nix_api_store.hh" +#include "nix/tests/nix_api_store.hh" #include diff --git a/src/libexpr-test-support/tests/value/context.hh b/src/libexpr-test-support/include/nix/tests/value/context.hh similarity index 94% rename from src/libexpr-test-support/tests/value/context.hh rename to src/libexpr-test-support/include/nix/tests/value/context.hh index 8c68c78bbd1..d98e722421a 100644 --- a/src/libexpr-test-support/tests/value/context.hh +++ b/src/libexpr-test-support/include/nix/tests/value/context.hh @@ -3,7 +3,7 @@ #include -#include "value/context.hh" +#include "nix/value/context.hh" namespace rc { using namespace nix; diff --git a/src/libexpr-test-support/meson.build b/src/libexpr-test-support/meson.build index 56e814cd132..b68adb2c27d 100644 --- a/src/libexpr-test-support/meson.build +++ b/src/libexpr-test-support/meson.build @@ -32,9 +32,9 @@ deps_public += rapidcheck add_project_arguments( # TODO(Qyriad): Yes this is how the autoconf+Make system did it. # It would be nice for our headers to be idempotent instead. - '-include', 'config-util.hh', - '-include', 'config-store.hh', - '-include', 'config-expr.hh', + '-include', 'nix/config-util.hh', + '-include', 'nix/config-store.hh', + '-include', 'nix/config-expr.hh', language : 'cpp', ) @@ -44,13 +44,7 @@ sources = files( 'tests/value/context.cc', ) -include_dirs = [include_directories('.')] - -headers = files( - 'tests/libexpr.hh', - 'tests/nix_api_expr.hh', - 'tests/value/context.hh', -) +subdir('include/nix') subdir('nix-meson-build-support/export-all-symbols') subdir('nix-meson-build-support/windows-version') diff --git a/src/libexpr-test-support/package.nix b/src/libexpr-test-support/package.nix index 44b0ff38631..5d4af1088d9 100644 --- a/src/libexpr-test-support/package.nix +++ b/src/libexpr-test-support/package.nix @@ -29,6 +29,7 @@ mkMesonLibrary (finalAttrs: { ./.version ./meson.build # ./meson.options + ./include/nix/meson.build (fileset.fileFilter (file: file.hasExt "cc") ./.) (fileset.fileFilter (file: file.hasExt "hh") ./.) ]; diff --git a/src/libexpr-test-support/tests/value/context.cc b/src/libexpr-test-support/tests/value/context.cc index 36837cd6a1b..7b2d60269a8 100644 --- a/src/libexpr-test-support/tests/value/context.cc +++ b/src/libexpr-test-support/tests/value/context.cc @@ -1,7 +1,7 @@ #include -#include "tests/path.hh" -#include "tests/value/context.hh" +#include "nix/tests/path.hh" +#include "nix/tests/value/context.hh" namespace rc { using namespace nix; diff --git a/src/libexpr-tests/derived-path.cc b/src/libexpr-tests/derived-path.cc index 634f9bf69d9..1e427ffa527 100644 --- a/src/libexpr-tests/derived-path.cc +++ b/src/libexpr-tests/derived-path.cc @@ -2,8 +2,8 @@ #include #include -#include "tests/derived-path.hh" -#include "tests/libexpr.hh" +#include "nix/tests/derived-path.hh" +#include "nix/tests/libexpr.hh" namespace nix { diff --git a/src/libexpr-tests/error_traces.cc b/src/libexpr-tests/error_traces.cc index 53013a34a36..abba15db8cd 100644 --- a/src/libexpr-tests/error_traces.cc +++ b/src/libexpr-tests/error_traces.cc @@ -1,7 +1,7 @@ #include #include -#include "tests/libexpr.hh" +#include "nix/tests/libexpr.hh" namespace nix { diff --git a/src/libexpr-tests/eval.cc b/src/libexpr-tests/eval.cc index 61f6be0db6f..3bc672746ab 100644 --- a/src/libexpr-tests/eval.cc +++ b/src/libexpr-tests/eval.cc @@ -1,8 +1,8 @@ #include #include -#include "eval.hh" -#include "tests/libexpr.hh" +#include "nix/eval.hh" +#include "nix/tests/libexpr.hh" namespace nix { diff --git a/src/libexpr-tests/json.cc b/src/libexpr-tests/json.cc index f4cc118d664..67fdcf209a6 100644 --- a/src/libexpr-tests/json.cc +++ b/src/libexpr-tests/json.cc @@ -1,5 +1,5 @@ -#include "tests/libexpr.hh" -#include "value-to-json.hh" +#include "nix/tests/libexpr.hh" +#include "nix/value-to-json.hh" namespace nix { // Testing the conversion to JSON diff --git a/src/libexpr-tests/main.cc b/src/libexpr-tests/main.cc index e3412d9ef9a..719b5a727b1 100644 --- a/src/libexpr-tests/main.cc +++ b/src/libexpr-tests/main.cc @@ -1,7 +1,7 @@ #include #include -#include "globals.hh" -#include "logging.hh" +#include "nix/globals.hh" +#include "nix/logging.hh" using namespace nix; diff --git a/src/libexpr-tests/meson.build b/src/libexpr-tests/meson.build index 9f6edb9b391..3fc726cb2f0 100644 --- a/src/libexpr-tests/meson.build +++ b/src/libexpr-tests/meson.build @@ -38,9 +38,9 @@ deps_private += gtest add_project_arguments( # TODO(Qyriad): Yes this is how the autoconf+Make system did it. # It would be nice for our headers to be idempotent instead. - '-include', 'config-util.hh', - '-include', 'config-store.hh', - '-include', 'config-expr.hh', + '-include', 'nix/config-util.hh', + '-include', 'nix/config-store.hh', + '-include', 'nix/config-expr.hh', language : 'cpp', ) diff --git a/src/libexpr-tests/nix_api_expr.cc b/src/libexpr-tests/nix_api_expr.cc index 633224ae6d2..903c7a23971 100644 --- a/src/libexpr-tests/nix_api_expr.cc +++ b/src/libexpr-tests/nix_api_expr.cc @@ -5,9 +5,9 @@ #include "nix_api_expr.h" #include "nix_api_value.h" -#include "tests/nix_api_expr.hh" -#include "tests/string_callback.hh" -#include "file-system.hh" +#include "nix/tests/nix_api_expr.hh" +#include "nix/tests/string_callback.hh" +#include "nix/file-system.hh" #include #include diff --git a/src/libexpr-tests/nix_api_external.cc b/src/libexpr-tests/nix_api_external.cc index 81ff285a4ab..f3f4771c733 100644 --- a/src/libexpr-tests/nix_api_external.cc +++ b/src/libexpr-tests/nix_api_external.cc @@ -7,8 +7,8 @@ #include "nix_api_value.h" #include "nix_api_external.h" -#include "tests/nix_api_expr.hh" -#include "tests/string_callback.hh" +#include "nix/tests/nix_api_expr.hh" +#include "nix/tests/string_callback.hh" #include diff --git a/src/libexpr-tests/nix_api_value.cc b/src/libexpr-tests/nix_api_value.cc index 7fc8b4f641f..0f86ba6502a 100644 --- a/src/libexpr-tests/nix_api_value.cc +++ b/src/libexpr-tests/nix_api_value.cc @@ -6,10 +6,10 @@ #include "nix_api_value.h" #include "nix_api_expr_internal.h" -#include "tests/nix_api_expr.hh" -#include "tests/string_callback.hh" +#include "nix/tests/nix_api_expr.hh" +#include "nix/tests/string_callback.hh" -#include "gmock/gmock.h" +#include #include #include #include diff --git a/src/libexpr-tests/primops.cc b/src/libexpr-tests/primops.cc index 2bf72647737..4114f08f6f9 100644 --- a/src/libexpr-tests/primops.cc +++ b/src/libexpr-tests/primops.cc @@ -1,10 +1,10 @@ #include #include -#include "eval-settings.hh" -#include "memory-source-accessor.hh" +#include "nix/eval-settings.hh" +#include "nix/memory-source-accessor.hh" -#include "tests/libexpr.hh" +#include "nix/tests/libexpr.hh" namespace nix { class CaptureLogger : public Logger diff --git a/src/libexpr-tests/search-path.cc b/src/libexpr-tests/search-path.cc index 0806793557d..72f2335971f 100644 --- a/src/libexpr-tests/search-path.cc +++ b/src/libexpr-tests/search-path.cc @@ -1,7 +1,7 @@ #include #include -#include "search-path.hh" +#include "nix/search-path.hh" namespace nix { diff --git a/src/libexpr-tests/trivial.cc b/src/libexpr-tests/trivial.cc index d77b4d53b47..4ddd24d12f3 100644 --- a/src/libexpr-tests/trivial.cc +++ b/src/libexpr-tests/trivial.cc @@ -1,4 +1,4 @@ -#include "tests/libexpr.hh" +#include "nix/tests/libexpr.hh" namespace nix { // Testing of trivial expressions diff --git a/src/libexpr-tests/value/context.cc b/src/libexpr-tests/value/context.cc index c8d62772f21..bf3b501f433 100644 --- a/src/libexpr-tests/value/context.cc +++ b/src/libexpr-tests/value/context.cc @@ -2,9 +2,9 @@ #include #include -#include "tests/path.hh" -#include "tests/libexpr.hh" -#include "tests/value/context.hh" +#include "nix/tests/path.hh" +#include "nix/tests/libexpr.hh" +#include "nix/tests/value/context.hh" namespace nix { diff --git a/src/libexpr-tests/value/print.cc b/src/libexpr-tests/value/print.cc index 43b54503546..8590f9aac68 100644 --- a/src/libexpr-tests/value/print.cc +++ b/src/libexpr-tests/value/print.cc @@ -1,7 +1,7 @@ -#include "tests/libexpr.hh" +#include "nix/tests/libexpr.hh" -#include "value.hh" -#include "print.hh" +#include "nix/value.hh" +#include "nix/print.hh" namespace nix { diff --git a/src/libexpr-tests/value/value.cc b/src/libexpr-tests/value/value.cc index 5762d5891f8..9f91f8ff5ae 100644 --- a/src/libexpr-tests/value/value.cc +++ b/src/libexpr-tests/value/value.cc @@ -1,6 +1,6 @@ -#include "value.hh" +#include "nix/value.hh" -#include "tests/libstore.hh" +#include "nix/tests/libstore.hh" namespace nix { diff --git a/src/libexpr/attr-path.cc b/src/libexpr/attr-path.cc index 822ec7620c2..8dde6479066 100644 --- a/src/libexpr/attr-path.cc +++ b/src/libexpr/attr-path.cc @@ -1,5 +1,5 @@ -#include "attr-path.hh" -#include "eval-inline.hh" +#include "nix/attr-path.hh" +#include "nix/eval-inline.hh" namespace nix { diff --git a/src/libexpr/attr-set.cc b/src/libexpr/attr-set.cc index 866ef817aa4..c6fc9f32a50 100644 --- a/src/libexpr/attr-set.cc +++ b/src/libexpr/attr-set.cc @@ -1,5 +1,5 @@ -#include "attr-set.hh" -#include "eval-inline.hh" +#include "nix/attr-set.hh" +#include "nix/eval-inline.hh" #include diff --git a/src/libexpr/eval-cache.cc b/src/libexpr/eval-cache.cc index ea3319f9939..f35c332c986 100644 --- a/src/libexpr/eval-cache.cc +++ b/src/libexpr/eval-cache.cc @@ -1,11 +1,11 @@ -#include "users.hh" -#include "eval-cache.hh" -#include "sqlite.hh" -#include "eval.hh" -#include "eval-inline.hh" -#include "store-api.hh" +#include "nix/users.hh" +#include "nix/eval-cache.hh" +#include "nix/sqlite.hh" +#include "nix/eval.hh" +#include "nix/eval-inline.hh" +#include "nix/store-api.hh" // Need specialization involving `SymbolStr` just in this one module. -#include "strings-inline.hh" +#include "nix/strings-inline.hh" namespace nix::eval_cache { diff --git a/src/libexpr/eval-error.cc b/src/libexpr/eval-error.cc index b9742d3ea49..f983107a3b3 100644 --- a/src/libexpr/eval-error.cc +++ b/src/libexpr/eval-error.cc @@ -1,6 +1,6 @@ -#include "eval-error.hh" -#include "eval.hh" -#include "value.hh" +#include "nix/eval-error.hh" +#include "nix/eval.hh" +#include "nix/value.hh" namespace nix { diff --git a/src/libexpr/eval-gc.cc b/src/libexpr/eval-gc.cc index 07ce05a2c73..defa4e9d28e 100644 --- a/src/libexpr/eval-gc.cc +++ b/src/libexpr/eval-gc.cc @@ -1,9 +1,9 @@ -#include "error.hh" -#include "environment-variables.hh" -#include "eval-settings.hh" -#include "config-global.hh" -#include "serialise.hh" -#include "eval-gc.hh" +#include "nix/error.hh" +#include "nix/environment-variables.hh" +#include "nix/eval-settings.hh" +#include "nix/config-global.hh" +#include "nix/serialise.hh" +#include "nix/eval-gc.hh" #if HAVE_BOEHMGC diff --git a/src/libexpr/eval-settings.cc b/src/libexpr/eval-settings.cc index b54afdce124..458507db813 100644 --- a/src/libexpr/eval-settings.cc +++ b/src/libexpr/eval-settings.cc @@ -1,8 +1,8 @@ -#include "users.hh" -#include "globals.hh" -#include "profiles.hh" -#include "eval.hh" -#include "eval-settings.hh" +#include "nix/users.hh" +#include "nix/globals.hh" +#include "nix/profiles.hh" +#include "nix/eval.hh" +#include "nix/eval-settings.hh" namespace nix { diff --git a/src/libexpr/eval.cc b/src/libexpr/eval.cc index 2dcee49d9dc..f534cc49474 100644 --- a/src/libexpr/eval.cc +++ b/src/libexpr/eval.cc @@ -1,24 +1,25 @@ -#include "eval.hh" -#include "eval-settings.hh" -#include "primops.hh" -#include "print-options.hh" -#include "exit.hh" -#include "types.hh" -#include "util.hh" -#include "store-api.hh" -#include "derivations.hh" -#include "downstream-placeholder.hh" -#include "eval-inline.hh" -#include "filetransfer.hh" -#include "function-trace.hh" -#include "profiles.hh" -#include "print.hh" -#include "filtering-source-accessor.hh" -#include "memory-source-accessor.hh" -#include "gc-small-vector.hh" -#include "url.hh" -#include "fetch-to-store.hh" -#include "tarball.hh" +#include "nix/eval.hh" +#include "nix/eval-settings.hh" +#include "nix/primops.hh" +#include "nix/print-options.hh" +#include "nix/exit.hh" +#include "nix/types.hh" +#include "nix/util.hh" +#include "nix/store-api.hh" +#include "nix/derivations.hh" +#include "nix/downstream-placeholder.hh" +#include "nix/eval-inline.hh" +#include "nix/filetransfer.hh" +#include "nix/function-trace.hh" +#include "nix/profiles.hh" +#include "nix/print.hh" +#include "nix/filtering-source-accessor.hh" +#include "nix/memory-source-accessor.hh" +#include "nix/gc-small-vector.hh" +#include "nix/url.hh" +#include "nix/fetch-to-store.hh" +#include "nix/tarball.hh" + #include "parser-tab.hh" #include @@ -38,7 +39,7 @@ # include #endif -#include "strings-inline.hh" +#include "nix/strings-inline.hh" using json = nlohmann::json; diff --git a/src/libexpr/function-trace.cc b/src/libexpr/function-trace.cc index c6057b3842f..9c6e54e4b51 100644 --- a/src/libexpr/function-trace.cc +++ b/src/libexpr/function-trace.cc @@ -1,5 +1,5 @@ -#include "function-trace.hh" -#include "logging.hh" +#include "nix/function-trace.hh" +#include "nix/logging.hh" namespace nix { diff --git a/src/libexpr/get-drvs.cc b/src/libexpr/get-drvs.cc index 1ac13fcd2b1..61b44aa1768 100644 --- a/src/libexpr/get-drvs.cc +++ b/src/libexpr/get-drvs.cc @@ -1,8 +1,8 @@ -#include "get-drvs.hh" -#include "eval-inline.hh" -#include "derivations.hh" -#include "store-api.hh" -#include "path-with-outputs.hh" +#include "nix/get-drvs.hh" +#include "nix/eval-inline.hh" +#include "nix/derivations.hh" +#include "nix/store-api.hh" +#include "nix/path-with-outputs.hh" #include #include diff --git a/src/libexpr/attr-path.hh b/src/libexpr/include/nix/attr-path.hh similarity index 95% rename from src/libexpr/attr-path.hh rename to src/libexpr/include/nix/attr-path.hh index eb00ffb93e4..06d00efc268 100644 --- a/src/libexpr/attr-path.hh +++ b/src/libexpr/include/nix/attr-path.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "eval.hh" +#include "nix/eval.hh" #include #include diff --git a/src/libexpr/attr-set.hh b/src/libexpr/include/nix/attr-set.hh similarity index 98% rename from src/libexpr/attr-set.hh rename to src/libexpr/include/nix/attr-set.hh index 4df9a1acdc9..93360e4e3df 100644 --- a/src/libexpr/attr-set.hh +++ b/src/libexpr/include/nix/attr-set.hh @@ -1,8 +1,8 @@ #pragma once ///@file -#include "nixexpr.hh" -#include "symbol-table.hh" +#include "nix/nixexpr.hh" +#include "nix/symbol-table.hh" #include diff --git a/src/libexpr/eval-cache.hh b/src/libexpr/include/nix/eval-cache.hh similarity index 97% rename from src/libexpr/eval-cache.hh rename to src/libexpr/include/nix/eval-cache.hh index b1911e3a4f7..899ae715b88 100644 --- a/src/libexpr/eval-cache.hh +++ b/src/libexpr/include/nix/eval-cache.hh @@ -1,9 +1,9 @@ #pragma once ///@file -#include "sync.hh" -#include "hash.hh" -#include "eval.hh" +#include "nix/sync.hh" +#include "nix/hash.hh" +#include "nix/eval.hh" #include #include diff --git a/src/libexpr/eval-error.hh b/src/libexpr/include/nix/eval-error.hh similarity index 98% rename from src/libexpr/eval-error.hh rename to src/libexpr/include/nix/eval-error.hh index ed004eb53a0..3dee88fa4da 100644 --- a/src/libexpr/eval-error.hh +++ b/src/libexpr/include/nix/eval-error.hh @@ -1,7 +1,7 @@ #pragma once -#include "error.hh" -#include "pos-idx.hh" +#include "nix/error.hh" +#include "nix/pos-idx.hh" namespace nix { diff --git a/src/libexpr/eval-gc.hh b/src/libexpr/include/nix/eval-gc.hh similarity index 100% rename from src/libexpr/eval-gc.hh rename to src/libexpr/include/nix/eval-gc.hh diff --git a/src/libexpr/eval-inline.hh b/src/libexpr/include/nix/eval-inline.hh similarity index 97% rename from src/libexpr/eval-inline.hh rename to src/libexpr/include/nix/eval-inline.hh index 5d1a0c4d60c..c00b0600635 100644 --- a/src/libexpr/eval-inline.hh +++ b/src/libexpr/include/nix/eval-inline.hh @@ -1,10 +1,10 @@ #pragma once ///@file -#include "print.hh" -#include "eval.hh" -#include "eval-error.hh" -#include "eval-settings.hh" +#include "nix/print.hh" +#include "nix/eval.hh" +#include "nix/eval-error.hh" +#include "nix/eval-settings.hh" namespace nix { diff --git a/src/libexpr/eval-settings.hh b/src/libexpr/include/nix/eval-settings.hh similarity index 99% rename from src/libexpr/eval-settings.hh rename to src/libexpr/include/nix/eval-settings.hh index d16fd403592..48d8a544b35 100644 --- a/src/libexpr/eval-settings.hh +++ b/src/libexpr/include/nix/eval-settings.hh @@ -1,8 +1,8 @@ #pragma once ///@file -#include "config.hh" -#include "source-path.hh" +#include "nix/config.hh" +#include "nix/source-path.hh" namespace nix { diff --git a/src/libexpr/eval.hh b/src/libexpr/include/nix/eval.hh similarity index 98% rename from src/libexpr/eval.hh rename to src/libexpr/include/nix/eval.hh index 8bb8bbd3240..42091b9ba9e 100644 --- a/src/libexpr/eval.hh +++ b/src/libexpr/include/nix/eval.hh @@ -1,20 +1,20 @@ #pragma once ///@file -#include "attr-set.hh" -#include "eval-error.hh" -#include "types.hh" -#include "value.hh" -#include "nixexpr.hh" -#include "symbol-table.hh" -#include "config.hh" -#include "experimental-features.hh" -#include "position.hh" -#include "pos-table.hh" -#include "source-accessor.hh" -#include "search-path.hh" -#include "repl-exit-status.hh" -#include "ref.hh" +#include "nix/attr-set.hh" +#include "nix/eval-error.hh" +#include "nix/types.hh" +#include "nix/value.hh" +#include "nix/nixexpr.hh" +#include "nix/symbol-table.hh" +#include "nix/config.hh" +#include "nix/experimental-features.hh" +#include "nix/position.hh" +#include "nix/pos-table.hh" +#include "nix/source-accessor.hh" +#include "nix/search-path.hh" +#include "nix/repl-exit-status.hh" +#include "nix/ref.hh" #include #include @@ -944,4 +944,4 @@ bool isAllowedURI(std::string_view uri, const Strings & allowedPaths); } -#include "eval-inline.hh" +#include "nix/eval-inline.hh" diff --git a/src/libexpr/function-trace.hh b/src/libexpr/include/nix/function-trace.hh similarity index 88% rename from src/libexpr/function-trace.hh rename to src/libexpr/include/nix/function-trace.hh index 91439b0aad2..59743fe79e9 100644 --- a/src/libexpr/function-trace.hh +++ b/src/libexpr/include/nix/function-trace.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "eval.hh" +#include "nix/eval.hh" #include diff --git a/src/libexpr/gc-small-vector.hh b/src/libexpr/include/nix/gc-small-vector.hh similarity index 96% rename from src/libexpr/gc-small-vector.hh rename to src/libexpr/include/nix/gc-small-vector.hh index 8330dd2dca1..2becffe7ca1 100644 --- a/src/libexpr/gc-small-vector.hh +++ b/src/libexpr/include/nix/gc-small-vector.hh @@ -2,7 +2,7 @@ #include -#include "value.hh" +#include "nix/value.hh" namespace nix { diff --git a/src/libexpr/get-drvs.hh b/src/libexpr/include/nix/get-drvs.hh similarity index 98% rename from src/libexpr/get-drvs.hh rename to src/libexpr/include/nix/get-drvs.hh index e4e277af8cc..aeb70c79e2b 100644 --- a/src/libexpr/get-drvs.hh +++ b/src/libexpr/include/nix/get-drvs.hh @@ -1,8 +1,8 @@ #pragma once ///@file -#include "eval.hh" -#include "path.hh" +#include "nix/eval.hh" +#include "nix/path.hh" #include #include diff --git a/src/libexpr/json-to-value.hh b/src/libexpr/include/nix/json-to-value.hh similarity index 89% rename from src/libexpr/json-to-value.hh rename to src/libexpr/include/nix/json-to-value.hh index 3c8fa5cc00a..a2e0d303d13 100644 --- a/src/libexpr/json-to-value.hh +++ b/src/libexpr/include/nix/json-to-value.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "error.hh" +#include "nix/error.hh" #include diff --git a/src/libexpr/lexer-helpers.hh b/src/libexpr/include/nix/lexer-helpers.hh similarity index 100% rename from src/libexpr/lexer-helpers.hh rename to src/libexpr/include/nix/lexer-helpers.hh diff --git a/src/libexpr/include/nix/meson.build b/src/libexpr/include/nix/meson.build new file mode 100644 index 00000000000..d712cc798bc --- /dev/null +++ b/src/libexpr/include/nix/meson.build @@ -0,0 +1,37 @@ +# Public headers directory + +include_dirs = [include_directories('..')] + +config_h = configure_file( + configuration : configdata, + output : 'config-expr.hh', +) + +headers = [config_h] + files( + 'attr-path.hh', + 'attr-set.hh', + 'eval-cache.hh', + 'eval-error.hh', + 'eval-gc.hh', + 'eval-inline.hh', + 'eval-settings.hh', + 'eval.hh', + 'function-trace.hh', + 'gc-small-vector.hh', + 'get-drvs.hh', + 'json-to-value.hh', + # internal: 'lexer-helpers.hh', + 'nixexpr.hh', + 'parser-state.hh', + 'primops.hh', + 'print-ambiguous.hh', + 'print-options.hh', + 'print.hh', + 'repl-exit-status.hh', + 'search-path.hh', + 'symbol-table.hh', + 'value-to-json.hh', + 'value-to-xml.hh', + 'value.hh', + 'value/context.hh', +) diff --git a/src/libexpr/nixexpr.hh b/src/libexpr/include/nix/nixexpr.hh similarity index 99% rename from src/libexpr/nixexpr.hh rename to src/libexpr/include/nix/nixexpr.hh index 88ebc80f8f9..deb26dd29f8 100644 --- a/src/libexpr/nixexpr.hh +++ b/src/libexpr/include/nix/nixexpr.hh @@ -4,10 +4,10 @@ #include #include -#include "value.hh" -#include "symbol-table.hh" -#include "eval-error.hh" -#include "pos-idx.hh" +#include "nix/value.hh" +#include "nix/symbol-table.hh" +#include "nix/eval-error.hh" +#include "nix/pos-idx.hh" namespace nix { diff --git a/src/libexpr/parser-state.hh b/src/libexpr/include/nix/parser-state.hh similarity index 99% rename from src/libexpr/parser-state.hh rename to src/libexpr/include/nix/parser-state.hh index 21a880e8eb7..aa3c2455dd1 100644 --- a/src/libexpr/parser-state.hh +++ b/src/libexpr/include/nix/parser-state.hh @@ -3,7 +3,7 @@ #include -#include "eval.hh" +#include "nix/eval.hh" namespace nix { diff --git a/src/libexpr/primops.hh b/src/libexpr/include/nix/primops.hh similarity index 98% rename from src/libexpr/primops.hh rename to src/libexpr/include/nix/primops.hh index 9f76975db8d..75c6f0d4668 100644 --- a/src/libexpr/primops.hh +++ b/src/libexpr/include/nix/primops.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "eval.hh" +#include "nix/eval.hh" #include #include diff --git a/src/libexpr/print-ambiguous.hh b/src/libexpr/include/nix/print-ambiguous.hh similarity index 95% rename from src/libexpr/print-ambiguous.hh rename to src/libexpr/include/nix/print-ambiguous.hh index 50c260a9b84..06f4e805c9d 100644 --- a/src/libexpr/print-ambiguous.hh +++ b/src/libexpr/include/nix/print-ambiguous.hh @@ -1,6 +1,6 @@ #pragma once -#include "value.hh" +#include "nix/value.hh" namespace nix { diff --git a/src/libexpr/print-options.hh b/src/libexpr/include/nix/print-options.hh similarity index 100% rename from src/libexpr/print-options.hh rename to src/libexpr/include/nix/print-options.hh diff --git a/src/libexpr/print.hh b/src/libexpr/include/nix/print.hh similarity index 97% rename from src/libexpr/print.hh rename to src/libexpr/include/nix/print.hh index 7ddda81b88f..09405e8f00b 100644 --- a/src/libexpr/print.hh +++ b/src/libexpr/include/nix/print.hh @@ -9,8 +9,8 @@ #include -#include "fmt.hh" -#include "print-options.hh" +#include "nix/fmt.hh" +#include "nix/print-options.hh" namespace nix { diff --git a/src/libexpr/repl-exit-status.hh b/src/libexpr/include/nix/repl-exit-status.hh similarity index 100% rename from src/libexpr/repl-exit-status.hh rename to src/libexpr/include/nix/repl-exit-status.hh diff --git a/src/libexpr/search-path.hh b/src/libexpr/include/nix/search-path.hh similarity index 98% rename from src/libexpr/search-path.hh rename to src/libexpr/include/nix/search-path.hh index acd84363853..22a97b5f362 100644 --- a/src/libexpr/search-path.hh +++ b/src/libexpr/include/nix/search-path.hh @@ -3,8 +3,8 @@ #include -#include "types.hh" -#include "comparator.hh" +#include "nix/types.hh" +#include "nix/comparator.hh" namespace nix { diff --git a/src/libexpr/symbol-table.hh b/src/libexpr/include/nix/symbol-table.hh similarity index 97% rename from src/libexpr/symbol-table.hh rename to src/libexpr/include/nix/symbol-table.hh index be12f6248dc..b55674b1239 100644 --- a/src/libexpr/symbol-table.hh +++ b/src/libexpr/include/nix/symbol-table.hh @@ -5,9 +5,9 @@ #include #include -#include "types.hh" -#include "chunked-vector.hh" -#include "error.hh" +#include "nix/types.hh" +#include "nix/chunked-vector.hh" +#include "nix/error.hh" namespace nix { diff --git a/src/libexpr/value-to-json.hh b/src/libexpr/include/nix/value-to-json.hh similarity index 90% rename from src/libexpr/value-to-json.hh rename to src/libexpr/include/nix/value-to-json.hh index 867c4e3a849..9875c83c6bb 100644 --- a/src/libexpr/value-to-json.hh +++ b/src/libexpr/include/nix/value-to-json.hh @@ -1,8 +1,8 @@ #pragma once ///@file -#include "nixexpr.hh" -#include "eval.hh" +#include "nix/nixexpr.hh" +#include "nix/eval.hh" #include #include diff --git a/src/libexpr/value-to-xml.hh b/src/libexpr/include/nix/value-to-xml.hh similarity index 82% rename from src/libexpr/value-to-xml.hh rename to src/libexpr/include/nix/value-to-xml.hh index 6d702c0f236..3e9dce4d69b 100644 --- a/src/libexpr/value-to-xml.hh +++ b/src/libexpr/include/nix/value-to-xml.hh @@ -1,8 +1,8 @@ #pragma once ///@file -#include "nixexpr.hh" -#include "eval.hh" +#include "nix/nixexpr.hh" +#include "nix/eval.hh" #include #include diff --git a/src/libexpr/value.hh b/src/libexpr/include/nix/value.hh similarity index 98% rename from src/libexpr/value.hh rename to src/libexpr/include/nix/value.hh index 8925693e3d0..45155b3d446 100644 --- a/src/libexpr/value.hh +++ b/src/libexpr/include/nix/value.hh @@ -4,12 +4,12 @@ #include #include -#include "eval-gc.hh" -#include "symbol-table.hh" -#include "value/context.hh" -#include "source-path.hh" -#include "print-options.hh" -#include "checked-arithmetic.hh" +#include "nix/eval-gc.hh" +#include "nix/symbol-table.hh" +#include "nix/value/context.hh" +#include "nix/source-path.hh" +#include "nix/print-options.hh" +#include "nix/checked-arithmetic.hh" #include diff --git a/src/libexpr/value/context.hh b/src/libexpr/include/nix/value/context.hh similarity index 95% rename from src/libexpr/value/context.hh rename to src/libexpr/include/nix/value/context.hh index d6791c6e49c..f996cce42e1 100644 --- a/src/libexpr/value/context.hh +++ b/src/libexpr/include/nix/value/context.hh @@ -1,9 +1,9 @@ #pragma once ///@file -#include "comparator.hh" -#include "derived-path.hh" -#include "variant-wrapper.hh" +#include "nix/comparator.hh" +#include "nix/derived-path.hh" +#include "nix/variant-wrapper.hh" #include diff --git a/src/libexpr/json-to-value.cc b/src/libexpr/json-to-value.cc index 17cab7ad5da..d5da3f2b119 100644 --- a/src/libexpr/json-to-value.cc +++ b/src/libexpr/json-to-value.cc @@ -1,6 +1,6 @@ -#include "json-to-value.hh" -#include "value.hh" -#include "eval.hh" +#include "nix/json-to-value.hh" +#include "nix/value.hh" +#include "nix/eval.hh" #include #include diff --git a/src/libexpr/lexer-helpers.cc b/src/libexpr/lexer-helpers.cc index d9eeb73e269..9eb4502fc97 100644 --- a/src/libexpr/lexer-helpers.cc +++ b/src/libexpr/lexer-helpers.cc @@ -1,7 +1,8 @@ #include "lexer-tab.hh" -#include "lexer-helpers.hh" #include "parser-tab.hh" +#include "nix/lexer-helpers.hh" + void nix::lexer::internal::initLoc(YYLTYPE * loc) { loc->beginOffset = loc->endOffset = 0; diff --git a/src/libexpr/lexer.l b/src/libexpr/lexer.l index 067f86e0161..c8a5ec9fdd0 100644 --- a/src/libexpr/lexer.l +++ b/src/libexpr/lexer.l @@ -16,7 +16,7 @@ %top { #include "parser-tab.hh" // YYSTYPE -#include "parser-state.hh" +#include "nix/parser-state.hh" } %{ @@ -24,9 +24,9 @@ #pragma clang diagnostic ignored "-Wunneeded-internal-declaration" #endif -#include "nixexpr.hh" +#include "nix/nixexpr.hh" #include "parser-tab.hh" -#include "lexer-helpers.hh" +#include "nix/lexer-helpers.hh" namespace nix { struct LexerState; diff --git a/src/libexpr/meson.build b/src/libexpr/meson.build index 040da3dbc61..3fd4dca7f21 100644 --- a/src/libexpr/meson.build +++ b/src/libexpr/meson.build @@ -61,18 +61,13 @@ toml11 = dependency( ) deps_other += toml11 -config_h = configure_file( - configuration : configdata, - output : 'config-expr.hh', -) - add_project_arguments( # TODO(Qyriad): Yes this is how the autoconf+Make system did it. # It would be nice for our headers to be idempotent instead. - '-include', 'config-util.hh', - '-include', 'config-store.hh', - # '-include', 'config-fetchers.h', - '-include', 'config-expr.hh', + '-include', 'nix/config-util.hh', + '-include', 'nix/config-store.hh', + # '-include', 'nix_api_fetchers_config.h', + '-include', 'nix/config-expr.hh', language : 'cpp', ) @@ -153,36 +148,7 @@ sources = files( 'value/context.cc', ) -include_dirs = [include_directories('.')] - -headers = [config_h] + files( - 'attr-path.hh', - 'attr-set.hh', - 'eval-cache.hh', - 'eval-error.hh', - 'eval-gc.hh', - 'eval-inline.hh', - 'eval-settings.hh', - 'eval.hh', - 'function-trace.hh', - 'gc-small-vector.hh', - 'get-drvs.hh', - 'json-to-value.hh', - # internal: 'lexer-helpers.hh', - 'nixexpr.hh', - 'parser-state.hh', - 'primops.hh', - 'print-ambiguous.hh', - 'print-options.hh', - 'print.hh', - 'repl-exit-status.hh', - 'search-path.hh', - 'symbol-table.hh', - 'value-to-json.hh', - 'value-to-xml.hh', - 'value.hh', - 'value/context.hh', -) +subdir('include/nix') subdir('primops') diff --git a/src/libexpr/nixexpr.cc b/src/libexpr/nixexpr.cc index f172267281e..e5289de6aae 100644 --- a/src/libexpr/nixexpr.cc +++ b/src/libexpr/nixexpr.cc @@ -1,13 +1,13 @@ -#include "nixexpr.hh" -#include "eval.hh" -#include "symbol-table.hh" -#include "util.hh" -#include "print.hh" +#include "nix/nixexpr.hh" +#include "nix/eval.hh" +#include "nix/symbol-table.hh" +#include "nix/util.hh" +#include "nix/print.hh" #include #include -#include "strings-inline.hh" +#include "nix/strings-inline.hh" namespace nix { diff --git a/src/libexpr/package.nix b/src/libexpr/package.nix index 141b77fac21..8f309b14ebb 100644 --- a/src/libexpr/package.nix +++ b/src/libexpr/package.nix @@ -48,6 +48,7 @@ mkMesonLibrary (finalAttrs: { ./meson.build ./meson.options ./primops/meson.build + ./include/nix/meson.build (fileset.fileFilter (file: file.hasExt "cc") ./.) (fileset.fileFilter (file: file.hasExt "hh") ./.) ./lexer.l diff --git a/src/libexpr/parser.y b/src/libexpr/parser.y index bde72140114..c90bafa059a 100644 --- a/src/libexpr/parser.y +++ b/src/libexpr/parser.y @@ -17,14 +17,14 @@ #include -#include "finally.hh" -#include "util.hh" -#include "users.hh" +#include "nix/finally.hh" +#include "nix/util.hh" +#include "nix/users.hh" -#include "nixexpr.hh" -#include "eval.hh" -#include "eval-settings.hh" -#include "parser-state.hh" +#include "nix/nixexpr.hh" +#include "nix/eval.hh" +#include "nix/eval-settings.hh" +#include "nix/parser-state.hh" // Bison seems to have difficulty growing the parser stack when using C++ with // a custom location type. This undocumented macro tells Bison that our @@ -514,7 +514,7 @@ formal %% -#include "eval.hh" +#include "nix/eval.hh" namespace nix { diff --git a/src/libexpr/paths.cc b/src/libexpr/paths.cc index 3d602ae2dcd..5aae69f9da5 100644 --- a/src/libexpr/paths.cc +++ b/src/libexpr/paths.cc @@ -1,5 +1,5 @@ -#include "store-api.hh" -#include "eval.hh" +#include "nix/store-api.hh" +#include "nix/eval.hh" namespace nix { diff --git a/src/libexpr/primops.cc b/src/libexpr/primops.cc index b078592e7ed..a790076fe5e 100644 --- a/src/libexpr/primops.cc +++ b/src/libexpr/primops.cc @@ -1,19 +1,19 @@ -#include "derivations.hh" -#include "downstream-placeholder.hh" -#include "eval-inline.hh" -#include "eval.hh" -#include "eval-settings.hh" -#include "gc-small-vector.hh" -#include "json-to-value.hh" -#include "names.hh" -#include "path-references.hh" -#include "store-api.hh" -#include "util.hh" -#include "processes.hh" -#include "value-to-json.hh" -#include "value-to-xml.hh" -#include "primops.hh" -#include "fetch-to-store.hh" +#include "nix/derivations.hh" +#include "nix/downstream-placeholder.hh" +#include "nix/eval-inline.hh" +#include "nix/eval.hh" +#include "nix/eval-settings.hh" +#include "nix/gc-small-vector.hh" +#include "nix/json-to-value.hh" +#include "nix/names.hh" +#include "nix/path-references.hh" +#include "nix/store-api.hh" +#include "nix/util.hh" +#include "nix/processes.hh" +#include "nix/value-to-json.hh" +#include "nix/value-to-xml.hh" +#include "nix/primops.hh" +#include "nix/fetch-to-store.hh" #include #include diff --git a/src/libexpr/primops/context.cc b/src/libexpr/primops/context.cc index ede7d97ba34..832d17cbb90 100644 --- a/src/libexpr/primops/context.cc +++ b/src/libexpr/primops/context.cc @@ -1,7 +1,7 @@ -#include "primops.hh" -#include "eval-inline.hh" -#include "derivations.hh" -#include "store-api.hh" +#include "nix/primops.hh" +#include "nix/eval-inline.hh" +#include "nix/derivations.hh" +#include "nix/store-api.hh" namespace nix { diff --git a/src/libexpr/primops/fetchClosure.cc b/src/libexpr/primops/fetchClosure.cc index 04b8d059599..fc48c54eea3 100644 --- a/src/libexpr/primops/fetchClosure.cc +++ b/src/libexpr/primops/fetchClosure.cc @@ -1,8 +1,8 @@ -#include "primops.hh" -#include "store-api.hh" -#include "realisation.hh" -#include "make-content-addressed.hh" -#include "url.hh" +#include "nix/primops.hh" +#include "nix/store-api.hh" +#include "nix/realisation.hh" +#include "nix/make-content-addressed.hh" +#include "nix/url.hh" namespace nix { diff --git a/src/libexpr/primops/fetchMercurial.cc b/src/libexpr/primops/fetchMercurial.cc index 64e3abf2db4..59698552e8a 100644 --- a/src/libexpr/primops/fetchMercurial.cc +++ b/src/libexpr/primops/fetchMercurial.cc @@ -1,10 +1,10 @@ -#include "primops.hh" -#include "eval-inline.hh" -#include "eval-settings.hh" -#include "store-api.hh" -#include "fetchers.hh" -#include "url.hh" -#include "url-parts.hh" +#include "nix/primops.hh" +#include "nix/eval-inline.hh" +#include "nix/eval-settings.hh" +#include "nix/store-api.hh" +#include "nix/fetchers.hh" +#include "nix/url.hh" +#include "nix/url-parts.hh" namespace nix { diff --git a/src/libexpr/primops/fetchTree.cc b/src/libexpr/primops/fetchTree.cc index bd013eab294..b14d5411315 100644 --- a/src/libexpr/primops/fetchTree.cc +++ b/src/libexpr/primops/fetchTree.cc @@ -1,15 +1,15 @@ -#include "attrs.hh" -#include "primops.hh" -#include "eval-inline.hh" -#include "eval-settings.hh" -#include "store-api.hh" -#include "fetchers.hh" -#include "filetransfer.hh" -#include "registry.hh" -#include "tarball.hh" -#include "url.hh" -#include "value-to-json.hh" -#include "fetch-to-store.hh" +#include "nix/attrs.hh" +#include "nix/primops.hh" +#include "nix/eval-inline.hh" +#include "nix/eval-settings.hh" +#include "nix/store-api.hh" +#include "nix/fetchers.hh" +#include "nix/filetransfer.hh" +#include "nix/registry.hh" +#include "nix/tarball.hh" +#include "nix/url.hh" +#include "nix/value-to-json.hh" +#include "nix/fetch-to-store.hh" #include diff --git a/src/libexpr/primops/fromTOML.cc b/src/libexpr/primops/fromTOML.cc index 40442505407..05fe2e7bdaa 100644 --- a/src/libexpr/primops/fromTOML.cc +++ b/src/libexpr/primops/fromTOML.cc @@ -1,5 +1,5 @@ -#include "primops.hh" -#include "eval-inline.hh" +#include "nix/primops.hh" +#include "nix/eval-inline.hh" #include diff --git a/src/libexpr/print-ambiguous.cc b/src/libexpr/print-ambiguous.cc index a40c98643e3..b275e1e5c4b 100644 --- a/src/libexpr/print-ambiguous.cc +++ b/src/libexpr/print-ambiguous.cc @@ -1,7 +1,7 @@ -#include "print-ambiguous.hh" -#include "print.hh" -#include "signals.hh" -#include "eval.hh" +#include "nix/print-ambiguous.hh" +#include "nix/print.hh" +#include "nix/signals.hh" +#include "nix/eval.hh" namespace nix { diff --git a/src/libexpr/print.cc b/src/libexpr/print.cc index d62aaf25f78..39f97e68b76 100644 --- a/src/libexpr/print.cc +++ b/src/libexpr/print.cc @@ -2,13 +2,13 @@ #include #include -#include "print.hh" -#include "ansicolor.hh" -#include "signals.hh" -#include "store-api.hh" -#include "terminal.hh" -#include "english.hh" -#include "eval.hh" +#include "nix/print.hh" +#include "nix/ansicolor.hh" +#include "nix/signals.hh" +#include "nix/store-api.hh" +#include "nix/terminal.hh" +#include "nix/english.hh" +#include "nix/eval.hh" namespace nix { diff --git a/src/libexpr/search-path.cc b/src/libexpr/search-path.cc index 657744e745c..8c33430f1bb 100644 --- a/src/libexpr/search-path.cc +++ b/src/libexpr/search-path.cc @@ -1,4 +1,4 @@ -#include "search-path.hh" +#include "nix/search-path.hh" namespace nix { diff --git a/src/libexpr/value-to-json.cc b/src/libexpr/value-to-json.cc index 5aa4fe4fdca..846776aed15 100644 --- a/src/libexpr/value-to-json.cc +++ b/src/libexpr/value-to-json.cc @@ -1,7 +1,7 @@ -#include "value-to-json.hh" -#include "eval-inline.hh" -#include "store-api.hh" -#include "signals.hh" +#include "nix/value-to-json.hh" +#include "nix/eval-inline.hh" +#include "nix/store-api.hh" +#include "nix/signals.hh" #include #include diff --git a/src/libexpr/value-to-xml.cc b/src/libexpr/value-to-xml.cc index 9734ebec498..e4df226a433 100644 --- a/src/libexpr/value-to-xml.cc +++ b/src/libexpr/value-to-xml.cc @@ -1,7 +1,7 @@ -#include "value-to-xml.hh" -#include "xml-writer.hh" -#include "eval-inline.hh" -#include "signals.hh" +#include "nix/value-to-xml.hh" +#include "nix/xml-writer.hh" +#include "nix/eval-inline.hh" +#include "nix/signals.hh" #include diff --git a/src/libexpr/value/context.cc b/src/libexpr/value/context.cc index 6d9633268df..2052e193aab 100644 --- a/src/libexpr/value/context.cc +++ b/src/libexpr/value/context.cc @@ -1,5 +1,5 @@ -#include "util.hh" -#include "value/context.hh" +#include "nix/util.hh" +#include "nix/value/context.hh" #include diff --git a/src/libfetchers-tests/access-tokens.cc b/src/libfetchers-tests/access-tokens.cc index 5f4ceedaafa..25c3e6b5f92 100644 --- a/src/libfetchers-tests/access-tokens.cc +++ b/src/libfetchers-tests/access-tokens.cc @@ -1,9 +1,10 @@ -#include -#include "fetchers.hh" -#include "fetch-settings.hh" -#include "json-utils.hh" #include -#include "tests/characterization.hh" +#include + +#include "nix/fetchers.hh" +#include "nix/fetch-settings.hh" +#include "nix/json-utils.hh" +#include "nix/tests/characterization.hh" namespace nix::fetchers { diff --git a/src/libfetchers-tests/git-utils.cc b/src/libfetchers-tests/git-utils.cc index ee6ef17349e..e41db0b5b34 100644 --- a/src/libfetchers-tests/git-utils.cc +++ b/src/libfetchers-tests/git-utils.cc @@ -1,13 +1,13 @@ -#include "git-utils.hh" -#include "file-system.hh" -#include "gmock/gmock.h" +#include "nix/git-utils.hh" +#include "nix/file-system.hh" +#include #include #include #include #include -#include "fs-sink.hh" -#include "serialise.hh" -#include "git-lfs-fetch.hh" +#include "nix/fs-sink.hh" +#include "nix/serialise.hh" +#include "nix/git-lfs-fetch.hh" namespace nix { diff --git a/src/libfetchers-tests/meson.build b/src/libfetchers-tests/meson.build index b60ff5675c8..80f99c85994 100644 --- a/src/libfetchers-tests/meson.build +++ b/src/libfetchers-tests/meson.build @@ -37,9 +37,9 @@ deps_private += libgit2 add_project_arguments( # TODO(Qyriad): Yes this is how the autoconf+Make system did it. # It would be nice for our headers to be idempotent instead. - '-include', 'config-util.hh', - '-include', 'config-store.hh', - # '-include', 'config-fetchers.h', + '-include', 'nix/config-util.hh', + '-include', 'nix/config-store.hh', + # '-include', 'nix_api_fetchers_config.h', language : 'cpp', ) diff --git a/src/libfetchers-tests/public-key.cc b/src/libfetchers-tests/public-key.cc index 80796bd0fc9..98965cf79f9 100644 --- a/src/libfetchers-tests/public-key.cc +++ b/src/libfetchers-tests/public-key.cc @@ -1,8 +1,8 @@ #include -#include "fetchers.hh" -#include "json-utils.hh" +#include "nix/fetchers.hh" +#include "nix/json-utils.hh" #include -#include "tests/characterization.hh" +#include "nix/tests/characterization.hh" namespace nix { diff --git a/src/libfetchers/attrs.cc b/src/libfetchers/attrs.cc index 25d04cdc950..68e5e932b13 100644 --- a/src/libfetchers/attrs.cc +++ b/src/libfetchers/attrs.cc @@ -1,5 +1,5 @@ -#include "attrs.hh" -#include "fetchers.hh" +#include "nix/attrs.hh" +#include "nix/fetchers.hh" #include diff --git a/src/libfetchers/cache.cc b/src/libfetchers/cache.cc index 6c2241f3af7..089c8d6f3fb 100644 --- a/src/libfetchers/cache.cc +++ b/src/libfetchers/cache.cc @@ -1,8 +1,8 @@ -#include "cache.hh" -#include "users.hh" -#include "sqlite.hh" -#include "sync.hh" -#include "store-api.hh" +#include "nix/cache.hh" +#include "nix/users.hh" +#include "nix/sqlite.hh" +#include "nix/sync.hh" +#include "nix/store-api.hh" #include diff --git a/src/libfetchers/fetch-settings.cc b/src/libfetchers/fetch-settings.cc index c7ed4c7af08..bdd09553865 100644 --- a/src/libfetchers/fetch-settings.cc +++ b/src/libfetchers/fetch-settings.cc @@ -1,4 +1,4 @@ -#include "fetch-settings.hh" +#include "nix/fetch-settings.hh" namespace nix::fetchers { diff --git a/src/libfetchers/fetch-to-store.cc b/src/libfetchers/fetch-to-store.cc index fe347a59d5b..2be08feaf49 100644 --- a/src/libfetchers/fetch-to-store.cc +++ b/src/libfetchers/fetch-to-store.cc @@ -1,6 +1,6 @@ -#include "fetch-to-store.hh" -#include "fetchers.hh" -#include "cache.hh" +#include "nix/fetch-to-store.hh" +#include "nix/fetchers.hh" +#include "nix/cache.hh" namespace nix { diff --git a/src/libfetchers/fetchers.cc b/src/libfetchers/fetchers.cc index abf021554e7..068a6722f83 100644 --- a/src/libfetchers/fetchers.cc +++ b/src/libfetchers/fetchers.cc @@ -1,10 +1,10 @@ -#include "fetchers.hh" -#include "store-api.hh" -#include "source-path.hh" -#include "fetch-to-store.hh" -#include "json-utils.hh" -#include "store-path-accessor.hh" -#include "fetch-settings.hh" +#include "nix/fetchers.hh" +#include "nix/store-api.hh" +#include "nix/source-path.hh" +#include "nix/fetch-to-store.hh" +#include "nix/json-utils.hh" +#include "nix/store-path-accessor.hh" +#include "nix/fetch-settings.hh" #include diff --git a/src/libfetchers/filtering-source-accessor.cc b/src/libfetchers/filtering-source-accessor.cc index d4557b6d4dd..1a9c8ae6bde 100644 --- a/src/libfetchers/filtering-source-accessor.cc +++ b/src/libfetchers/filtering-source-accessor.cc @@ -1,4 +1,4 @@ -#include "filtering-source-accessor.hh" +#include "nix/filtering-source-accessor.hh" namespace nix { diff --git a/src/libfetchers/git-lfs-fetch.cc b/src/libfetchers/git-lfs-fetch.cc index bd6c0143548..9f48d1e981f 100644 --- a/src/libfetchers/git-lfs-fetch.cc +++ b/src/libfetchers/git-lfs-fetch.cc @@ -1,10 +1,10 @@ -#include "git-lfs-fetch.hh" -#include "git-utils.hh" -#include "filetransfer.hh" -#include "processes.hh" -#include "url.hh" -#include "users.hh" -#include "hash.hh" +#include "nix/git-lfs-fetch.hh" +#include "nix/git-utils.hh" +#include "nix/filetransfer.hh" +#include "nix/processes.hh" +#include "nix/url.hh" +#include "nix/users.hh" +#include "nix/hash.hh" #include #include diff --git a/src/libfetchers/git-utils.cc b/src/libfetchers/git-utils.cc index a2761a543ee..ad8a6e89cd2 100644 --- a/src/libfetchers/git-utils.cc +++ b/src/libfetchers/git-utils.cc @@ -1,12 +1,12 @@ -#include "git-utils.hh" -#include "git-lfs-fetch.hh" -#include "cache.hh" -#include "finally.hh" -#include "processes.hh" -#include "signals.hh" -#include "users.hh" -#include "fs-sink.hh" -#include "sync.hh" +#include "nix/git-utils.hh" +#include "nix/git-lfs-fetch.hh" +#include "nix/cache.hh" +#include "nix/finally.hh" +#include "nix/processes.hh" +#include "nix/signals.hh" +#include "nix/users.hh" +#include "nix/fs-sink.hh" +#include "nix/sync.hh" #include #include diff --git a/src/libfetchers/git.cc b/src/libfetchers/git.cc index f46334d3074..fa310c370ba 100644 --- a/src/libfetchers/git.cc +++ b/src/libfetchers/git.cc @@ -1,20 +1,20 @@ -#include "error.hh" -#include "fetchers.hh" -#include "users.hh" -#include "cache.hh" -#include "globals.hh" -#include "tarfile.hh" -#include "store-api.hh" -#include "url-parts.hh" -#include "pathlocks.hh" -#include "processes.hh" -#include "git.hh" -#include "git-utils.hh" -#include "logging.hh" -#include "finally.hh" -#include "fetch-settings.hh" -#include "json-utils.hh" -#include "archive.hh" +#include "nix/error.hh" +#include "nix/fetchers.hh" +#include "nix/users.hh" +#include "nix/cache.hh" +#include "nix/globals.hh" +#include "nix/tarfile.hh" +#include "nix/store-api.hh" +#include "nix/url-parts.hh" +#include "nix/pathlocks.hh" +#include "nix/processes.hh" +#include "nix/git.hh" +#include "nix/git-utils.hh" +#include "nix/logging.hh" +#include "nix/finally.hh" +#include "nix/fetch-settings.hh" +#include "nix/json-utils.hh" +#include "nix/archive.hh" #include #include diff --git a/src/libfetchers/github.cc b/src/libfetchers/github.cc index 9cddd85719f..3459c0b3d30 100644 --- a/src/libfetchers/github.cc +++ b/src/libfetchers/github.cc @@ -1,15 +1,15 @@ -#include "filetransfer.hh" -#include "cache.hh" -#include "globals.hh" -#include "store-api.hh" -#include "types.hh" -#include "url-parts.hh" -#include "git.hh" -#include "fetchers.hh" -#include "fetch-settings.hh" -#include "tarball.hh" -#include "tarfile.hh" -#include "git-utils.hh" +#include "nix/filetransfer.hh" +#include "nix/cache.hh" +#include "nix/globals.hh" +#include "nix/store-api.hh" +#include "nix/types.hh" +#include "nix/url-parts.hh" +#include "nix/git.hh" +#include "nix/fetchers.hh" +#include "nix/fetch-settings.hh" +#include "nix/tarball.hh" +#include "nix/tarfile.hh" +#include "nix/git-utils.hh" #include #include diff --git a/src/libfetchers/attrs.hh b/src/libfetchers/include/nix/attrs.hh similarity index 96% rename from src/libfetchers/attrs.hh rename to src/libfetchers/include/nix/attrs.hh index 97a74bce013..f1fdee35f05 100644 --- a/src/libfetchers/attrs.hh +++ b/src/libfetchers/include/nix/attrs.hh @@ -1,8 +1,8 @@ #pragma once ///@file -#include "types.hh" -#include "hash.hh" +#include "nix/types.hh" +#include "nix/hash.hh" #include diff --git a/src/libfetchers/cache.hh b/src/libfetchers/include/nix/cache.hh similarity index 97% rename from src/libfetchers/cache.hh rename to src/libfetchers/include/nix/cache.hh index 4d834fe0ca3..5924017858d 100644 --- a/src/libfetchers/cache.hh +++ b/src/libfetchers/include/nix/cache.hh @@ -1,8 +1,8 @@ #pragma once ///@file -#include "fetchers.hh" -#include "path.hh" +#include "nix/fetchers.hh" +#include "nix/path.hh" namespace nix::fetchers { diff --git a/src/libfetchers/fetch-settings.hh b/src/libfetchers/include/nix/fetch-settings.hh similarity index 98% rename from src/libfetchers/fetch-settings.hh rename to src/libfetchers/include/nix/fetch-settings.hh index c6c3ca7a7b7..811e27b30f9 100644 --- a/src/libfetchers/fetch-settings.hh +++ b/src/libfetchers/include/nix/fetch-settings.hh @@ -1,8 +1,8 @@ #pragma once ///@file -#include "types.hh" -#include "config.hh" +#include "nix/types.hh" +#include "nix/config.hh" #include #include diff --git a/src/libfetchers/fetch-to-store.hh b/src/libfetchers/include/nix/fetch-to-store.hh similarity index 71% rename from src/libfetchers/fetch-to-store.hh rename to src/libfetchers/include/nix/fetch-to-store.hh index c762629f3cb..7ef809c1cdf 100644 --- a/src/libfetchers/fetch-to-store.hh +++ b/src/libfetchers/include/nix/fetch-to-store.hh @@ -1,10 +1,10 @@ #pragma once -#include "source-path.hh" -#include "store-api.hh" -#include "file-system.hh" -#include "repair-flag.hh" -#include "file-content-address.hh" +#include "nix/source-path.hh" +#include "nix/store-api.hh" +#include "nix/file-system.hh" +#include "nix/repair-flag.hh" +#include "nix/file-content-address.hh" namespace nix { diff --git a/src/libfetchers/fetchers.hh b/src/libfetchers/include/nix/fetchers.hh similarity index 97% rename from src/libfetchers/fetchers.hh rename to src/libfetchers/include/nix/fetchers.hh index 01354a6e38d..07a9adfbeaf 100644 --- a/src/libfetchers/fetchers.hh +++ b/src/libfetchers/include/nix/fetchers.hh @@ -1,17 +1,17 @@ #pragma once ///@file -#include "types.hh" -#include "hash.hh" -#include "canon-path.hh" -#include "json-impls.hh" -#include "attrs.hh" -#include "url.hh" +#include "nix/types.hh" +#include "nix/hash.hh" +#include "nix/canon-path.hh" +#include "nix/json-impls.hh" +#include "nix/attrs.hh" +#include "nix/url.hh" #include #include -#include "ref.hh" +#include "nix/ref.hh" namespace nix { class Store; class StorePath; struct SourceAccessor; } diff --git a/src/libfetchers/filtering-source-accessor.hh b/src/libfetchers/include/nix/filtering-source-accessor.hh similarity index 98% rename from src/libfetchers/filtering-source-accessor.hh rename to src/libfetchers/include/nix/filtering-source-accessor.hh index 1f8d84e531e..04855c070fd 100644 --- a/src/libfetchers/filtering-source-accessor.hh +++ b/src/libfetchers/include/nix/filtering-source-accessor.hh @@ -1,6 +1,6 @@ #pragma once -#include "source-path.hh" +#include "nix/source-path.hh" namespace nix { diff --git a/src/libfetchers/git-lfs-fetch.hh b/src/libfetchers/include/nix/git-lfs-fetch.hh similarity index 92% rename from src/libfetchers/git-lfs-fetch.hh rename to src/libfetchers/include/nix/git-lfs-fetch.hh index 36df9196207..cd7c86a828f 100644 --- a/src/libfetchers/git-lfs-fetch.hh +++ b/src/libfetchers/include/nix/git-lfs-fetch.hh @@ -1,6 +1,6 @@ -#include "canon-path.hh" -#include "serialise.hh" -#include "url.hh" +#include "nix/canon-path.hh" +#include "nix/serialise.hh" +#include "nix/url.hh" #include diff --git a/src/libfetchers/git-utils.hh b/src/libfetchers/include/nix/git-utils.hh similarity index 98% rename from src/libfetchers/git-utils.hh rename to src/libfetchers/include/nix/git-utils.hh index c683bd05805..65c86a7c4d0 100644 --- a/src/libfetchers/git-utils.hh +++ b/src/libfetchers/include/nix/git-utils.hh @@ -1,7 +1,7 @@ #pragma once -#include "filtering-source-accessor.hh" -#include "fs-sink.hh" +#include "nix/filtering-source-accessor.hh" +#include "nix/fs-sink.hh" namespace nix { diff --git a/src/libfetchers/include/nix/meson.build b/src/libfetchers/include/nix/meson.build new file mode 100644 index 00000000000..eb02be43cc1 --- /dev/null +++ b/src/libfetchers/include/nix/meson.build @@ -0,0 +1,15 @@ +include_dirs = [include_directories('..')] + +headers = files( + 'attrs.hh', + 'cache.hh', + 'fetch-settings.hh', + 'fetch-to-store.hh', + 'fetchers.hh', + 'filtering-source-accessor.hh', + 'git-lfs-fetch.hh', + 'git-utils.hh', + 'registry.hh', + 'store-path-accessor.hh', + 'tarball.hh', +) diff --git a/src/libfetchers/registry.hh b/src/libfetchers/include/nix/registry.hh similarity index 96% rename from src/libfetchers/registry.hh rename to src/libfetchers/include/nix/registry.hh index 8f47e15905e..7c091ea12c9 100644 --- a/src/libfetchers/registry.hh +++ b/src/libfetchers/include/nix/registry.hh @@ -1,8 +1,8 @@ #pragma once ///@file -#include "types.hh" -#include "fetchers.hh" +#include "nix/types.hh" +#include "nix/fetchers.hh" namespace nix { class Store; } diff --git a/src/libfetchers/store-path-accessor.hh b/src/libfetchers/include/nix/store-path-accessor.hh similarity index 87% rename from src/libfetchers/store-path-accessor.hh rename to src/libfetchers/include/nix/store-path-accessor.hh index 989cf3fa29c..8e65fda1160 100644 --- a/src/libfetchers/store-path-accessor.hh +++ b/src/libfetchers/include/nix/store-path-accessor.hh @@ -1,6 +1,6 @@ #pragma once -#include "source-path.hh" +#include "nix/source-path.hh" namespace nix { diff --git a/src/libfetchers/tarball.hh b/src/libfetchers/include/nix/tarball.hh similarity index 90% rename from src/libfetchers/tarball.hh rename to src/libfetchers/include/nix/tarball.hh index 2042041d5ad..63a21712496 100644 --- a/src/libfetchers/tarball.hh +++ b/src/libfetchers/include/nix/tarball.hh @@ -2,10 +2,10 @@ #include -#include "hash.hh" -#include "path.hh" -#include "ref.hh" -#include "types.hh" +#include "nix/hash.hh" +#include "nix/path.hh" +#include "nix/ref.hh" +#include "nix/types.hh" namespace nix { class Store; diff --git a/src/libfetchers/indirect.cc b/src/libfetchers/indirect.cc index 0e1b86711f0..7e5eb0be348 100644 --- a/src/libfetchers/indirect.cc +++ b/src/libfetchers/indirect.cc @@ -1,6 +1,6 @@ -#include "fetchers.hh" -#include "url-parts.hh" -#include "path.hh" +#include "nix/fetchers.hh" +#include "nix/url-parts.hh" +#include "nix/path.hh" namespace nix::fetchers { diff --git a/src/libfetchers/mercurial.cc b/src/libfetchers/mercurial.cc index 61cbca202c3..73e677f447b 100644 --- a/src/libfetchers/mercurial.cc +++ b/src/libfetchers/mercurial.cc @@ -1,13 +1,13 @@ -#include "fetchers.hh" -#include "processes.hh" -#include "users.hh" -#include "cache.hh" -#include "globals.hh" -#include "tarfile.hh" -#include "store-api.hh" -#include "url-parts.hh" -#include "store-path-accessor.hh" -#include "fetch-settings.hh" +#include "nix/fetchers.hh" +#include "nix/processes.hh" +#include "nix/users.hh" +#include "nix/cache.hh" +#include "nix/globals.hh" +#include "nix/tarfile.hh" +#include "nix/store-api.hh" +#include "nix/url-parts.hh" +#include "nix/store-path-accessor.hh" +#include "nix/fetch-settings.hh" #include diff --git a/src/libfetchers/meson.build b/src/libfetchers/meson.build index f8efbc8d3e0..aaf52ff7444 100644 --- a/src/libfetchers/meson.build +++ b/src/libfetchers/meson.build @@ -33,9 +33,9 @@ deps_private += libgit2 add_project_arguments( # TODO(Qyriad): Yes this is how the autoconf+Make system did it. # It would be nice for our headers to be idempotent instead. - '-include', 'config-util.hh', - '-include', 'config-store.hh', - # '-include', 'config-fetchers.h', + '-include', 'nix/config-util.hh', + '-include', 'nix/config-store.hh', + # '-include', 'nix_api_fetchers_config.h', language : 'cpp', ) @@ -60,21 +60,7 @@ sources = files( 'tarball.cc', ) -include_dirs = [include_directories('.')] - -headers = files( - 'attrs.hh', - 'cache.hh', - 'fetch-settings.hh', - 'fetch-to-store.hh', - 'fetchers.hh', - 'filtering-source-accessor.hh', - 'git-lfs-fetch.hh', - 'git-utils.hh', - 'registry.hh', - 'store-path-accessor.hh', - 'tarball.hh', -) +subdir('include/nix') subdir('nix-meson-build-support/export-all-symbols') subdir('nix-meson-build-support/windows-version') diff --git a/src/libfetchers/package.nix b/src/libfetchers/package.nix index 3f52e987800..aaeaa4b5def 100644 --- a/src/libfetchers/package.nix +++ b/src/libfetchers/package.nix @@ -27,6 +27,7 @@ mkMesonLibrary (finalAttrs: { ../../.version ./.version ./meson.build + ./include/nix/meson.build (fileset.fileFilter (file: file.hasExt "cc") ./.) (fileset.fileFilter (file: file.hasExt "hh") ./.) ]; diff --git a/src/libfetchers/path.cc b/src/libfetchers/path.cc index bdc7538e20f..95bc2ce5021 100644 --- a/src/libfetchers/path.cc +++ b/src/libfetchers/path.cc @@ -1,7 +1,7 @@ -#include "fetchers.hh" -#include "store-api.hh" -#include "archive.hh" -#include "store-path-accessor.hh" +#include "nix/fetchers.hh" +#include "nix/store-api.hh" +#include "nix/archive.hh" +#include "nix/store-path-accessor.hh" namespace nix::fetchers { diff --git a/src/libfetchers/registry.cc b/src/libfetchers/registry.cc index c18e12d2339..ec470159bc0 100644 --- a/src/libfetchers/registry.cc +++ b/src/libfetchers/registry.cc @@ -1,10 +1,10 @@ -#include "fetch-settings.hh" -#include "registry.hh" -#include "tarball.hh" -#include "users.hh" -#include "globals.hh" -#include "store-api.hh" -#include "local-fs-store.hh" +#include "nix/fetch-settings.hh" +#include "nix/registry.hh" +#include "nix/tarball.hh" +#include "nix/users.hh" +#include "nix/globals.hh" +#include "nix/store-api.hh" +#include "nix/local-fs-store.hh" #include diff --git a/src/libfetchers/store-path-accessor.cc b/src/libfetchers/store-path-accessor.cc index 528bf2a4f51..997582b577c 100644 --- a/src/libfetchers/store-path-accessor.cc +++ b/src/libfetchers/store-path-accessor.cc @@ -1,5 +1,5 @@ -#include "store-path-accessor.hh" -#include "store-api.hh" +#include "nix/store-path-accessor.hh" +#include "nix/store-api.hh" namespace nix { diff --git a/src/libfetchers/tarball.cc b/src/libfetchers/tarball.cc index 699612e250c..01bff82f720 100644 --- a/src/libfetchers/tarball.cc +++ b/src/libfetchers/tarball.cc @@ -1,14 +1,14 @@ -#include "tarball.hh" -#include "fetchers.hh" -#include "cache.hh" -#include "filetransfer.hh" -#include "store-api.hh" -#include "archive.hh" -#include "tarfile.hh" -#include "types.hh" -#include "store-path-accessor.hh" -#include "store-api.hh" -#include "git-utils.hh" +#include "nix/tarball.hh" +#include "nix/fetchers.hh" +#include "nix/cache.hh" +#include "nix/filetransfer.hh" +#include "nix/store-api.hh" +#include "nix/archive.hh" +#include "nix/tarfile.hh" +#include "nix/types.hh" +#include "nix/store-path-accessor.hh" +#include "nix/store-api.hh" +#include "nix/git-utils.hh" namespace nix::fetchers { diff --git a/src/libflake-c/meson.build b/src/libflake-c/meson.build index 469e0ade432..ec754dfaaa9 100644 --- a/src/libflake-c/meson.build +++ b/src/libflake-c/meson.build @@ -32,11 +32,11 @@ add_project_arguments( # It would be nice for our headers to be idempotent instead. # From C++ libraries, only for internals - '-include', 'config-util.hh', - '-include', 'config-store.hh', - '-include', 'config-expr.hh', + '-include', 'nix/config-util.hh', + '-include', 'nix/config-store.hh', + '-include', 'nix/config-expr.hh', # not generated (yet?) - # '-include', 'config-flake.hh', + # '-include', 'nix/config-flake.hh', language : 'cpp', ) @@ -69,7 +69,7 @@ this_library = library( install : true, ) -install_headers(headers, subdir : 'nix', preserve_path : true) +install_headers(headers, preserve_path : true) libraries_private = [] diff --git a/src/libflake-c/nix_api_flake.cc b/src/libflake-c/nix_api_flake.cc index 2479bf2e020..a1b586e82ad 100644 --- a/src/libflake-c/nix_api_flake.cc +++ b/src/libflake-c/nix_api_flake.cc @@ -3,7 +3,7 @@ #include "nix_api_util_internal.h" #include "nix_api_expr_internal.h" -#include "flake/flake.hh" +#include "nix/flake/flake.hh" nix_flake_settings * nix_flake_settings_new(nix_c_context * context) { diff --git a/src/libflake-c/nix_api_flake_internal.hh b/src/libflake-c/nix_api_flake_internal.hh index 4c154a34229..4565b4f5dca 100644 --- a/src/libflake-c/nix_api_flake_internal.hh +++ b/src/libflake-c/nix_api_flake_internal.hh @@ -1,7 +1,7 @@ #pragma once -#include "ref.hh" -#include "flake/settings.hh" +#include "nix/ref.hh" +#include "nix/flake/settings.hh" struct nix_flake_settings { diff --git a/src/libflake-tests/flakeref.cc b/src/libflake-tests/flakeref.cc index 2b1f5124b52..f378ba6d6e8 100644 --- a/src/libflake-tests/flakeref.cc +++ b/src/libflake-tests/flakeref.cc @@ -1,7 +1,7 @@ #include -#include "fetch-settings.hh" -#include "flake/flakeref.hh" +#include "nix/fetch-settings.hh" +#include "nix/flake/flakeref.hh" namespace nix { diff --git a/src/libflake-tests/meson.build b/src/libflake-tests/meson.build index 1c8765f21d6..4012582f2ba 100644 --- a/src/libflake-tests/meson.build +++ b/src/libflake-tests/meson.build @@ -35,9 +35,9 @@ deps_private += gtest add_project_arguments( # TODO(Qyriad): Yes this is how the autoconf+Make system did it. # It would be nice for our headers to be idempotent instead. - '-include', 'config-util.hh', - '-include', 'config-store.hh', - '-include', 'config-expr.hh', + '-include', 'nix/config-util.hh', + '-include', 'nix/config-store.hh', + '-include', 'nix/config-expr.hh', language : 'cpp', ) diff --git a/src/libflake-tests/nix_api_flake.cc b/src/libflake-tests/nix_api_flake.cc index 834b2e681a6..0d9e2a91f91 100644 --- a/src/libflake-tests/nix_api_flake.cc +++ b/src/libflake-tests/nix_api_flake.cc @@ -6,8 +6,8 @@ #include "nix_api_value.h" #include "nix_api_flake.h" -#include "tests/nix_api_expr.hh" -#include "tests/string_callback.hh" +#include "nix/tests/nix_api_expr.hh" +#include "nix/tests/string_callback.hh" #include #include diff --git a/src/libflake-tests/url-name.cc b/src/libflake-tests/url-name.cc index 15bc6b11165..c795850f97b 100644 --- a/src/libflake-tests/url-name.cc +++ b/src/libflake-tests/url-name.cc @@ -1,4 +1,4 @@ -#include "flake/url-name.hh" +#include "nix/flake/url-name.hh" #include namespace nix { diff --git a/src/libflake/flake/config.cc b/src/libflake/flake/config.cc index 4879de46330..a0ddf0387f5 100644 --- a/src/libflake/flake/config.cc +++ b/src/libflake/flake/config.cc @@ -1,7 +1,7 @@ -#include "users.hh" -#include "config-global.hh" -#include "flake/settings.hh" -#include "flake.hh" +#include "nix/users.hh" +#include "nix/config-global.hh" +#include "nix/flake/settings.hh" +#include "nix/flake/flake.hh" #include diff --git a/src/libflake/flake/flake-primops.cc b/src/libflake/flake/flake-primops.cc index 98ebdee5fc8..508274dbd0f 100644 --- a/src/libflake/flake/flake-primops.cc +++ b/src/libflake/flake/flake-primops.cc @@ -1,8 +1,8 @@ -#include "flake-primops.hh" -#include "eval.hh" -#include "flake.hh" -#include "flakeref.hh" -#include "settings.hh" +#include "nix/flake/flake-primops.hh" +#include "nix/eval.hh" +#include "nix/flake/flake.hh" +#include "nix/flake/flakeref.hh" +#include "nix/flake/settings.hh" namespace nix::flake::primops { diff --git a/src/libflake/flake/flake.cc b/src/libflake/flake/flake.cc index b4b98702776..4ff48967fbb 100644 --- a/src/libflake/flake/flake.cc +++ b/src/libflake/flake/flake.cc @@ -1,23 +1,22 @@ -#include "terminal.hh" -#include "flake.hh" -#include "eval.hh" -#include "eval-settings.hh" -#include "lockfile.hh" -#include "primops.hh" -#include "eval-inline.hh" -#include "store-api.hh" -#include "fetchers.hh" -#include "finally.hh" -#include "fetch-settings.hh" -#include "flake/settings.hh" -#include "value-to-json.hh" -#include "local-fs-store.hh" -#include "fetch-to-store.hh" +#include "nix/terminal.hh" +#include "nix/flake/flake.hh" +#include "nix/eval.hh" +#include "nix/eval-settings.hh" +#include "nix/flake/lockfile.hh" +#include "nix/primops.hh" +#include "nix/eval-inline.hh" +#include "nix/store-api.hh" +#include "nix/fetchers.hh" +#include "nix/finally.hh" +#include "nix/fetch-settings.hh" +#include "nix/flake/settings.hh" +#include "nix/value-to-json.hh" +#include "nix/local-fs-store.hh" +#include "nix/fetch-to-store.hh" +#include "nix/memory-source-accessor.hh" #include -#include "memory-source-accessor.hh" - namespace nix { using namespace flake; diff --git a/src/libflake/flake/flakeref.cc b/src/libflake/flake/flakeref.cc index 4fc720eb5a3..340fe4dc73c 100644 --- a/src/libflake/flake/flakeref.cc +++ b/src/libflake/flake/flakeref.cc @@ -1,8 +1,8 @@ -#include "flakeref.hh" -#include "store-api.hh" -#include "url.hh" -#include "url-parts.hh" -#include "fetchers.hh" +#include "nix/flake/flakeref.hh" +#include "nix/store-api.hh" +#include "nix/url.hh" +#include "nix/url-parts.hh" +#include "nix/fetchers.hh" namespace nix { diff --git a/src/libflake/flake/lockfile.cc b/src/libflake/flake/lockfile.cc index b0971a6969a..08a3843668a 100644 --- a/src/libflake/flake/lockfile.cc +++ b/src/libflake/flake/lockfile.cc @@ -1,10 +1,10 @@ #include -#include "fetch-settings.hh" -#include "flake/settings.hh" -#include "lockfile.hh" -#include "store-api.hh" -#include "strings.hh" +#include "nix/fetch-settings.hh" +#include "nix/flake/settings.hh" +#include "nix/flake/lockfile.hh" +#include "nix/store-api.hh" +#include "nix/strings.hh" #include #include diff --git a/src/libflake/flake/settings.cc b/src/libflake/flake/settings.cc index cac7c4384b8..bab7f9439db 100644 --- a/src/libflake/flake/settings.cc +++ b/src/libflake/flake/settings.cc @@ -1,5 +1,5 @@ -#include "flake/settings.hh" -#include "flake/flake-primops.hh" +#include "nix/flake/settings.hh" +#include "nix/flake/flake-primops.hh" namespace nix::flake { diff --git a/src/libflake/flake/url-name.cc b/src/libflake/flake/url-name.cc index d62b345522a..3e3311cf740 100644 --- a/src/libflake/flake/url-name.cc +++ b/src/libflake/flake/url-name.cc @@ -1,4 +1,4 @@ -#include "url-name.hh" +#include "nix/flake/url-name.hh" #include #include diff --git a/src/libflake/flake/flake-primops.hh b/src/libflake/include/nix/flake/flake-primops.hh similarity index 75% rename from src/libflake/flake/flake-primops.hh rename to src/libflake/include/nix/flake/flake-primops.hh index 2030605637c..07be7512319 100644 --- a/src/libflake/flake/flake-primops.hh +++ b/src/libflake/include/nix/flake/flake-primops.hh @@ -1,7 +1,7 @@ #pragma once -#include "eval.hh" -#include "flake/settings.hh" +#include "nix/eval.hh" +#include "nix/flake/settings.hh" namespace nix::flake::primops { @@ -13,4 +13,4 @@ nix::PrimOp getFlake(const Settings & settings); extern nix::PrimOp parseFlakeRef; extern nix::PrimOp flakeRefToString; -} // namespace nix::flake \ No newline at end of file +} // namespace nix::flake diff --git a/src/libflake/flake/flake.hh b/src/libflake/include/nix/flake/flake.hh similarity index 98% rename from src/libflake/flake/flake.hh rename to src/libflake/include/nix/flake/flake.hh index d7a15158715..2fa3850604c 100644 --- a/src/libflake/flake/flake.hh +++ b/src/libflake/include/nix/flake/flake.hh @@ -1,10 +1,10 @@ #pragma once ///@file -#include "types.hh" -#include "flakeref.hh" -#include "lockfile.hh" -#include "value.hh" +#include "nix/types.hh" +#include "nix/flake/flakeref.hh" +#include "nix/flake/lockfile.hh" +#include "nix/value.hh" namespace nix { diff --git a/src/libflake/flake/flakeref.hh b/src/libflake/include/nix/flake/flakeref.hh similarity index 97% rename from src/libflake/flake/flakeref.hh rename to src/libflake/include/nix/flake/flakeref.hh index d3c15018e24..93ebaa497bf 100644 --- a/src/libflake/flake/flakeref.hh +++ b/src/libflake/include/nix/flake/flakeref.hh @@ -3,10 +3,10 @@ #include -#include "types.hh" -#include "fetchers.hh" -#include "outputs-spec.hh" -#include "registry.hh" +#include "nix/types.hh" +#include "nix/fetchers.hh" +#include "nix/outputs-spec.hh" +#include "nix/registry.hh" namespace nix { diff --git a/src/libflake/flake/lockfile.hh b/src/libflake/include/nix/flake/lockfile.hh similarity index 98% rename from src/libflake/flake/lockfile.hh rename to src/libflake/include/nix/flake/lockfile.hh index cbc6d01ebce..97bd7a49538 100644 --- a/src/libflake/flake/lockfile.hh +++ b/src/libflake/include/nix/flake/lockfile.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "flakeref.hh" +#include "nix/flake/flakeref.hh" #include diff --git a/src/libflake/flake/settings.hh b/src/libflake/include/nix/flake/settings.hh similarity index 97% rename from src/libflake/flake/settings.hh rename to src/libflake/include/nix/flake/settings.hh index 5f0d9fb21c3..54f501e1196 100644 --- a/src/libflake/flake/settings.hh +++ b/src/libflake/include/nix/flake/settings.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "config.hh" +#include "nix/config.hh" #include diff --git a/src/libflake/flake/url-name.hh b/src/libflake/include/nix/flake/url-name.hh similarity index 85% rename from src/libflake/flake/url-name.hh rename to src/libflake/include/nix/flake/url-name.hh index 6f32754d268..4577e8f38d6 100644 --- a/src/libflake/flake/url-name.hh +++ b/src/libflake/include/nix/flake/url-name.hh @@ -1,7 +1,7 @@ -#include "url.hh" -#include "url-parts.hh" -#include "util.hh" -#include "split.hh" +#include "nix/url.hh" +#include "nix/url-parts.hh" +#include "nix/util.hh" +#include "nix/split.hh" namespace nix { diff --git a/src/libflake/include/nix/meson.build b/src/libflake/include/nix/meson.build new file mode 100644 index 00000000000..023bd64bdbc --- /dev/null +++ b/src/libflake/include/nix/meson.build @@ -0,0 +1,11 @@ +# Public headers directory + +include_dirs = [include_directories('..')] + +headers = files( + 'flake/flake.hh', + 'flake/flakeref.hh', + 'flake/lockfile.hh', + 'flake/settings.hh', + 'flake/url-name.hh', +) diff --git a/src/libflake/meson.build b/src/libflake/meson.build index b780722de95..e231de9c137 100644 --- a/src/libflake/meson.build +++ b/src/libflake/meson.build @@ -30,10 +30,10 @@ deps_public += nlohmann_json add_project_arguments( # TODO(Qyriad): Yes this is how the autoconf+Make system did it. # It would be nice for our headers to be idempotent instead. - '-include', 'config-util.hh', - '-include', 'config-store.hh', - # '-include', 'config-fetchers.h', - '-include', 'config-expr.hh', + '-include', 'nix/config-util.hh', + '-include', 'nix/config-store.hh', + # '-include', 'nix_api_fetchers_config.h', + '-include', 'nix/config-expr.hh', language : 'cpp', ) @@ -58,15 +58,7 @@ sources = files( 'flake/url-name.cc', ) -include_dirs = [include_directories('.')] - -headers = files( - 'flake/flake.hh', - 'flake/flakeref.hh', - 'flake/lockfile.hh', - 'flake/settings.hh', - 'flake/url-name.hh', -) +subdir('include/nix') subdir('nix-meson-build-support/export-all-symbols') subdir('nix-meson-build-support/windows-version') diff --git a/src/libflake/package.nix b/src/libflake/package.nix index d7250c252c6..683880b20d0 100644 --- a/src/libflake/package.nix +++ b/src/libflake/package.nix @@ -28,6 +28,7 @@ mkMesonLibrary (finalAttrs: { ../../.version ./.version ./meson.build + ./include/nix/meson.build ./call-flake.nix (fileset.fileFilter (file: file.hasExt "cc") ./.) (fileset.fileFilter (file: file.hasExt "hh") ./.) diff --git a/src/libmain-c/meson.build b/src/libmain-c/meson.build index 0e9380a127c..0229ef86b5f 100644 --- a/src/libmain-c/meson.build +++ b/src/libmain-c/meson.build @@ -30,8 +30,8 @@ add_project_arguments( # It would be nice for our headers to be idempotent instead. # From C++ libraries, only for internals - '-include', 'config-util.hh', - '-include', 'config-store.hh', + '-include', 'nix/config-util.hh', + '-include', 'nix/config-store.hh', language : 'cpp', ) @@ -61,7 +61,7 @@ this_library = library( install : true, ) -install_headers(headers, subdir : 'nix', preserve_path : true) +install_headers(headers, preserve_path : true) libraries_private = [] diff --git a/src/libmain-c/nix_api_main.cc b/src/libmain-c/nix_api_main.cc index 692d53f47e0..61dbceff8c4 100644 --- a/src/libmain-c/nix_api_main.cc +++ b/src/libmain-c/nix_api_main.cc @@ -3,7 +3,7 @@ #include "nix_api_util.h" #include "nix_api_util_internal.h" -#include "plugin.hh" +#include "nix/plugin.hh" nix_err nix_init_plugins(nix_c_context * context) { diff --git a/src/libmain/common-args.cc b/src/libmain/common-args.cc index 13d358623cc..8d531bbcbd7 100644 --- a/src/libmain/common-args.cc +++ b/src/libmain/common-args.cc @@ -1,11 +1,11 @@ -#include "common-args.hh" -#include "args/root.hh" -#include "config-global.hh" -#include "globals.hh" -#include "logging.hh" -#include "loggers.hh" -#include "util.hh" -#include "plugin.hh" +#include "nix/common-args.hh" +#include "nix/args/root.hh" +#include "nix/config-global.hh" +#include "nix/globals.hh" +#include "nix/logging.hh" +#include "nix/loggers.hh" +#include "nix/util.hh" +#include "nix/plugin.hh" namespace nix { diff --git a/src/libmain/common-args.hh b/src/libmain/include/nix/common-args.hh similarity index 96% rename from src/libmain/common-args.hh rename to src/libmain/include/nix/common-args.hh index c35406c3bcc..5622115b84f 100644 --- a/src/libmain/common-args.hh +++ b/src/libmain/include/nix/common-args.hh @@ -1,8 +1,8 @@ #pragma once ///@file -#include "args.hh" -#include "repair-flag.hh" +#include "nix/args.hh" +#include "nix/repair-flag.hh" namespace nix { diff --git a/src/libmain/loggers.hh b/src/libmain/include/nix/loggers.hh similarity index 90% rename from src/libmain/loggers.hh rename to src/libmain/include/nix/loggers.hh index 98b287fa73a..dabdae83c40 100644 --- a/src/libmain/loggers.hh +++ b/src/libmain/include/nix/loggers.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "types.hh" +#include "nix/types.hh" namespace nix { diff --git a/src/libmain/include/nix/meson.build b/src/libmain/include/nix/meson.build new file mode 100644 index 00000000000..8584b9042ad --- /dev/null +++ b/src/libmain/include/nix/meson.build @@ -0,0 +1,16 @@ +# Public headers directory + +include_dirs = [include_directories('..')] + +config_h = configure_file( + configuration : configdata, + output : 'config-main.hh', +) + +headers = [config_h] + files( + 'common-args.hh', + 'loggers.hh', + 'plugin.hh', + 'progress-bar.hh', + 'shared.hh', +) diff --git a/src/libmain/plugin.hh b/src/libmain/include/nix/plugin.hh similarity index 100% rename from src/libmain/plugin.hh rename to src/libmain/include/nix/plugin.hh diff --git a/src/libmain/progress-bar.hh b/src/libmain/include/nix/progress-bar.hh similarity index 76% rename from src/libmain/progress-bar.hh rename to src/libmain/include/nix/progress-bar.hh index fc1b0fe78ab..195c5ceeeba 100644 --- a/src/libmain/progress-bar.hh +++ b/src/libmain/include/nix/progress-bar.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "logging.hh" +#include "nix/logging.hh" namespace nix { diff --git a/src/libmain/shared.hh b/src/libmain/include/nix/shared.hh similarity index 94% rename from src/libmain/shared.hh rename to src/libmain/include/nix/shared.hh index a6a18ceb068..8144ad84528 100644 --- a/src/libmain/shared.hh +++ b/src/libmain/include/nix/shared.hh @@ -1,13 +1,13 @@ #pragma once ///@file -#include "file-descriptor.hh" -#include "processes.hh" -#include "args.hh" -#include "args/root.hh" -#include "common-args.hh" -#include "path.hh" -#include "derived-path.hh" +#include "nix/file-descriptor.hh" +#include "nix/processes.hh" +#include "nix/args.hh" +#include "nix/args/root.hh" +#include "nix/common-args.hh" +#include "nix/path.hh" +#include "nix/derived-path.hh" #include diff --git a/src/libmain/loggers.cc b/src/libmain/loggers.cc index 07d83a9603a..1cf7c6dcf27 100644 --- a/src/libmain/loggers.cc +++ b/src/libmain/loggers.cc @@ -1,6 +1,6 @@ -#include "loggers.hh" -#include "environment-variables.hh" -#include "progress-bar.hh" +#include "nix/loggers.hh" +#include "nix/environment-variables.hh" +#include "nix/progress-bar.hh" namespace nix { diff --git a/src/libmain/meson.build b/src/libmain/meson.build index 7c24abb294a..08b0bdb4fdf 100644 --- a/src/libmain/meson.build +++ b/src/libmain/meson.build @@ -42,17 +42,12 @@ configdata.set( description: 'Optionally used for buffering on standard error' ) -config_h = configure_file( - configuration : configdata, - output : 'config-main.hh', -) - add_project_arguments( # TODO(Qyriad): Yes this is how the autoconf+Make system did it. # It would be nice for our headers to be idempotent instead. - '-include', 'config-util.hh', - '-include', 'config-store.hh', - '-include', 'config-main.hh', + '-include', 'nix/config-util.hh', + '-include', 'nix/config-store.hh', + '-include', 'nix/config-main.hh', language : 'cpp', ) @@ -72,15 +67,7 @@ if host_machine.system() != 'windows' ) endif -include_dirs = [include_directories('.')] - -headers = files( - 'common-args.hh', - 'loggers.hh', - 'plugin.hh', - 'progress-bar.hh', - 'shared.hh', -) +subdir('include/nix') subdir('nix-meson-build-support/export-all-symbols') subdir('nix-meson-build-support/windows-version') diff --git a/src/libmain/package.nix b/src/libmain/package.nix index c03697c48da..31b36dbcf90 100644 --- a/src/libmain/package.nix +++ b/src/libmain/package.nix @@ -27,6 +27,7 @@ mkMesonLibrary (finalAttrs: { ../../.version ./.version ./meson.build + ./include/nix/meson.build (fileset.fileFilter (file: file.hasExt "cc") ./.) (fileset.fileFilter (file: file.hasExt "hh") ./.) ]; diff --git a/src/libmain/plugin.cc b/src/libmain/plugin.cc index ccfd7f9003a..db1067c1a10 100644 --- a/src/libmain/plugin.cc +++ b/src/libmain/plugin.cc @@ -4,8 +4,8 @@ #include -#include "config-global.hh" -#include "signals.hh" +#include "nix/config-global.hh" +#include "nix/signals.hh" namespace nix { diff --git a/src/libmain/progress-bar.cc b/src/libmain/progress-bar.cc index 2d4d901db51..eb4db83e636 100644 --- a/src/libmain/progress-bar.cc +++ b/src/libmain/progress-bar.cc @@ -1,8 +1,8 @@ -#include "progress-bar.hh" -#include "terminal.hh" -#include "sync.hh" -#include "store-api.hh" -#include "names.hh" +#include "nix/progress-bar.hh" +#include "nix/terminal.hh" +#include "nix/sync.hh" +#include "nix/store-api.hh" +#include "nix/names.hh" #include #include diff --git a/src/libmain/shared.cc b/src/libmain/shared.cc index bc2ffc9baca..639977efc28 100644 --- a/src/libmain/shared.cc +++ b/src/libmain/shared.cc @@ -1,11 +1,11 @@ -#include "globals.hh" -#include "current-process.hh" -#include "shared.hh" -#include "store-api.hh" -#include "gc-store.hh" -#include "loggers.hh" -#include "progress-bar.hh" -#include "signals.hh" +#include "nix/globals.hh" +#include "nix/current-process.hh" +#include "nix/shared.hh" +#include "nix/store-api.hh" +#include "nix/gc-store.hh" +#include "nix/loggers.hh" +#include "nix/progress-bar.hh" +#include "nix/signals.hh" #include #include @@ -22,8 +22,8 @@ #include -#include "exit.hh" -#include "strings.hh" +#include "nix/exit.hh" +#include "nix/strings.hh" namespace nix { diff --git a/src/libmain/unix/stack.cc b/src/libmain/unix/stack.cc index 10f71c1dcad..b4ec5967e15 100644 --- a/src/libmain/unix/stack.cc +++ b/src/libmain/unix/stack.cc @@ -1,5 +1,5 @@ -#include "error.hh" -#include "shared.hh" +#include "nix/error.hh" +#include "nix/shared.hh" #include #include diff --git a/src/libstore-c/meson.build b/src/libstore-c/meson.build index 2e2275feeaf..f7e192f3a48 100644 --- a/src/libstore-c/meson.build +++ b/src/libstore-c/meson.build @@ -28,8 +28,8 @@ add_project_arguments( # It would be nice for our headers to be idempotent instead. # From C++ libraries, only for internals - '-include', 'config-util.hh', - '-include', 'config-store.hh', + '-include', 'nix/config-util.hh', + '-include', 'nix/config-store.hh', language : 'cpp', ) @@ -62,7 +62,7 @@ this_library = library( install : true, ) -install_headers(headers, subdir : 'nix', preserve_path : true) +install_headers(headers, preserve_path : true) libraries_private = [] diff --git a/src/libstore-c/nix_api_store.cc b/src/libstore-c/nix_api_store.cc index bc306e0d0ad..ab0af1f5219 100644 --- a/src/libstore-c/nix_api_store.cc +++ b/src/libstore-c/nix_api_store.cc @@ -3,11 +3,11 @@ #include "nix_api_util.h" #include "nix_api_util_internal.h" -#include "path.hh" -#include "store-api.hh" -#include "build-result.hh" +#include "nix/path.hh" +#include "nix/store-api.hh" +#include "nix/build-result.hh" -#include "globals.hh" +#include "nix/globals.hh" nix_err nix_libstore_init(nix_c_context * context) { diff --git a/src/libstore-c/nix_api_store_internal.h b/src/libstore-c/nix_api_store_internal.h index 13db0c07cf8..e32cdfcca96 100644 --- a/src/libstore-c/nix_api_store_internal.h +++ b/src/libstore-c/nix_api_store_internal.h @@ -1,6 +1,6 @@ #ifndef NIX_API_STORE_INTERNAL_H #define NIX_API_STORE_INTERNAL_H -#include "store-api.hh" +#include "nix/store-api.hh" struct Store { diff --git a/src/libstore-test-support/tests/derived-path.cc b/src/libstore-test-support/derived-path.cc similarity index 98% rename from src/libstore-test-support/tests/derived-path.cc rename to src/libstore-test-support/derived-path.cc index b9f6a3171cf..4c04facce8a 100644 --- a/src/libstore-test-support/tests/derived-path.cc +++ b/src/libstore-test-support/derived-path.cc @@ -2,7 +2,7 @@ #include -#include "tests/derived-path.hh" +#include "nix/tests/derived-path.hh" namespace rc { using namespace nix; diff --git a/src/libstore-test-support/include/nix/meson.build b/src/libstore-test-support/include/nix/meson.build new file mode 100644 index 00000000000..ed3e4f2ff90 --- /dev/null +++ b/src/libstore-test-support/include/nix/meson.build @@ -0,0 +1,12 @@ +# Public headers directory + +include_dirs = [include_directories('..')] + +headers = files( + 'tests/derived-path.hh', + 'tests/libstore.hh', + 'tests/nix_api_store.hh', + 'tests/outputs-spec.hh', + 'tests/path.hh', + 'tests/protocol.hh', +) diff --git a/src/libstore-test-support/tests/derived-path.hh b/src/libstore-test-support/include/nix/tests/derived-path.hh similarity index 86% rename from src/libstore-test-support/tests/derived-path.hh rename to src/libstore-test-support/include/nix/tests/derived-path.hh index 98d61f2283d..57cad487c3a 100644 --- a/src/libstore-test-support/tests/derived-path.hh +++ b/src/libstore-test-support/include/nix/tests/derived-path.hh @@ -3,10 +3,10 @@ #include -#include +#include "nix/derived-path.hh" -#include "tests/path.hh" -#include "tests/outputs-spec.hh" +#include "nix/tests/path.hh" +#include "nix/tests/outputs-spec.hh" namespace rc { using namespace nix; diff --git a/src/libstore-test-support/tests/libstore.hh b/src/libstore-test-support/include/nix/tests/libstore.hh similarity index 94% rename from src/libstore-test-support/tests/libstore.hh rename to src/libstore-test-support/include/nix/tests/libstore.hh index 699ba957ec8..02e818f9768 100644 --- a/src/libstore-test-support/tests/libstore.hh +++ b/src/libstore-test-support/include/nix/tests/libstore.hh @@ -4,7 +4,7 @@ #include #include -#include "store-api.hh" +#include "nix/store-api.hh" namespace nix { diff --git a/src/libstore-test-support/tests/nix_api_store.hh b/src/libstore-test-support/include/nix/tests/nix_api_store.hh similarity index 96% rename from src/libstore-test-support/tests/nix_api_store.hh rename to src/libstore-test-support/include/nix/tests/nix_api_store.hh index b7d5c2c33f7..f418b563d76 100644 --- a/src/libstore-test-support/tests/nix_api_store.hh +++ b/src/libstore-test-support/include/nix/tests/nix_api_store.hh @@ -1,8 +1,8 @@ #pragma once ///@file -#include "tests/nix_api_util.hh" +#include "nix/tests/nix_api_util.hh" -#include "file-system.hh" +#include "nix/file-system.hh" #include #include "nix_api_store.h" diff --git a/src/libstore-test-support/tests/outputs-spec.hh b/src/libstore-test-support/include/nix/tests/outputs-spec.hh similarity index 76% rename from src/libstore-test-support/tests/outputs-spec.hh rename to src/libstore-test-support/include/nix/tests/outputs-spec.hh index f5bf9042d20..14a74d2e4ad 100644 --- a/src/libstore-test-support/tests/outputs-spec.hh +++ b/src/libstore-test-support/include/nix/tests/outputs-spec.hh @@ -3,9 +3,9 @@ #include -#include +#include "nix/outputs-spec.hh" -#include "tests/path.hh" +#include "nix/tests/path.hh" namespace rc { using namespace nix; diff --git a/src/libstore-test-support/tests/path.hh b/src/libstore-test-support/include/nix/tests/path.hh similarity index 94% rename from src/libstore-test-support/tests/path.hh rename to src/libstore-test-support/include/nix/tests/path.hh index 4751b3373a3..eebcda28e9a 100644 --- a/src/libstore-test-support/tests/path.hh +++ b/src/libstore-test-support/include/nix/tests/path.hh @@ -3,7 +3,7 @@ #include -#include +#include "nix/path.hh" namespace nix { diff --git a/src/libstore-test-support/tests/protocol.hh b/src/libstore-test-support/include/nix/tests/protocol.hh similarity index 96% rename from src/libstore-test-support/tests/protocol.hh rename to src/libstore-test-support/include/nix/tests/protocol.hh index 3f6799d1ccb..6c7d69adb9e 100644 --- a/src/libstore-test-support/tests/protocol.hh +++ b/src/libstore-test-support/include/nix/tests/protocol.hh @@ -4,8 +4,8 @@ #include #include -#include "tests/libstore.hh" -#include "tests/characterization.hh" +#include "nix/tests/libstore.hh" +#include "nix/tests/characterization.hh" namespace nix { diff --git a/src/libstore-test-support/meson.build b/src/libstore-test-support/meson.build index 59d649889e2..c7d9689bf84 100644 --- a/src/libstore-test-support/meson.build +++ b/src/libstore-test-support/meson.build @@ -30,29 +30,20 @@ deps_public += rapidcheck add_project_arguments( # TODO(Qyriad): Yes this is how the autoconf+Make system did it. # It would be nice for our headers to be idempotent instead. - '-include', 'config-util.hh', - '-include', 'config-store.hh', + '-include', 'nix/config-util.hh', + '-include', 'nix/config-store.hh', language : 'cpp', ) subdir('nix-meson-build-support/common') sources = files( - 'tests/derived-path.cc', - 'tests/outputs-spec.cc', - 'tests/path.cc', + 'derived-path.cc', + 'outputs-spec.cc', + 'path.cc', ) -include_dirs = [include_directories('.')] - -headers = files( - 'tests/derived-path.hh', - 'tests/libstore.hh', - 'tests/nix_api_store.hh', - 'tests/outputs-spec.hh', - 'tests/path.hh', - 'tests/protocol.hh', -) +subdir('include/nix') subdir('nix-meson-build-support/export-all-symbols') subdir('nix-meson-build-support/windows-version') diff --git a/src/libstore-test-support/tests/outputs-spec.cc b/src/libstore-test-support/outputs-spec.cc similarity index 95% rename from src/libstore-test-support/tests/outputs-spec.cc rename to src/libstore-test-support/outputs-spec.cc index 1a3020f1724..e1b98772043 100644 --- a/src/libstore-test-support/tests/outputs-spec.cc +++ b/src/libstore-test-support/outputs-spec.cc @@ -1,4 +1,4 @@ -#include "tests/outputs-spec.hh" +#include "nix/tests/outputs-spec.hh" #include diff --git a/src/libstore-test-support/package.nix b/src/libstore-test-support/package.nix index ccac25ee16a..c223ad1166b 100644 --- a/src/libstore-test-support/package.nix +++ b/src/libstore-test-support/package.nix @@ -29,6 +29,7 @@ mkMesonLibrary (finalAttrs: { ./.version ./meson.build # ./meson.options + ./include/nix/meson.build (fileset.fileFilter (file: file.hasExt "cc") ./.) (fileset.fileFilter (file: file.hasExt "hh") ./.) ]; diff --git a/src/libstore-test-support/tests/path.cc b/src/libstore-test-support/path.cc similarity index 93% rename from src/libstore-test-support/tests/path.cc rename to src/libstore-test-support/path.cc index 8ddda80277c..945230187c2 100644 --- a/src/libstore-test-support/tests/path.cc +++ b/src/libstore-test-support/path.cc @@ -3,11 +3,11 @@ #include -#include "path-regex.hh" -#include "store-api.hh" +#include "nix/path-regex.hh" +#include "nix/store-api.hh" -#include "tests/hash.hh" -#include "tests/path.hh" +#include "nix/tests/hash.hh" +#include "nix/tests/path.hh" namespace nix { diff --git a/src/libstore-tests/common-protocol.cc b/src/libstore-tests/common-protocol.cc index c8f6dd002d5..39293b0c0c6 100644 --- a/src/libstore-tests/common-protocol.cc +++ b/src/libstore-tests/common-protocol.cc @@ -3,11 +3,11 @@ #include #include -#include "common-protocol.hh" -#include "common-protocol-impl.hh" -#include "build-result.hh" -#include "tests/protocol.hh" -#include "tests/characterization.hh" +#include "nix/common-protocol.hh" +#include "nix/common-protocol-impl.hh" +#include "nix/build-result.hh" +#include "nix/tests/protocol.hh" +#include "nix/tests/characterization.hh" namespace nix { diff --git a/src/libstore-tests/content-address.cc b/src/libstore-tests/content-address.cc index 72eb84fec11..428ebcd7679 100644 --- a/src/libstore-tests/content-address.cc +++ b/src/libstore-tests/content-address.cc @@ -1,6 +1,6 @@ #include -#include "content-address.hh" +#include "nix/content-address.hh" namespace nix { diff --git a/src/libstore-tests/derivation-advanced-attrs.cc b/src/libstore-tests/derivation-advanced-attrs.cc index 107cf13e38d..d8f9642ab16 100644 --- a/src/libstore-tests/derivation-advanced-attrs.cc +++ b/src/libstore-tests/derivation-advanced-attrs.cc @@ -1,16 +1,16 @@ #include #include -#include "experimental-features.hh" -#include "derivations.hh" -#include "derivations.hh" -#include "derivation-options.hh" -#include "parsed-derivations.hh" -#include "types.hh" -#include "json-utils.hh" - -#include "tests/libstore.hh" -#include "tests/characterization.hh" +#include "nix/experimental-features.hh" +#include "nix/derivations.hh" +#include "nix/derivations.hh" +#include "nix/derivation-options.hh" +#include "nix/parsed-derivations.hh" +#include "nix/types.hh" +#include "nix/json-utils.hh" + +#include "nix/tests/libstore.hh" +#include "nix/tests/characterization.hh" namespace nix { diff --git a/src/libstore-tests/derivation.cc b/src/libstore-tests/derivation.cc index 14652921abc..5ef1c0094d3 100644 --- a/src/libstore-tests/derivation.cc +++ b/src/libstore-tests/derivation.cc @@ -1,11 +1,11 @@ #include #include -#include "experimental-features.hh" -#include "derivations.hh" +#include "nix/experimental-features.hh" +#include "nix/derivations.hh" -#include "tests/libstore.hh" -#include "tests/characterization.hh" +#include "nix/tests/libstore.hh" +#include "nix/tests/characterization.hh" namespace nix { diff --git a/src/libstore-tests/derived-path.cc b/src/libstore-tests/derived-path.cc index 97ded518385..e6a2fcacee9 100644 --- a/src/libstore-tests/derived-path.cc +++ b/src/libstore-tests/derived-path.cc @@ -3,8 +3,8 @@ #include #include -#include "tests/derived-path.hh" -#include "tests/libstore.hh" +#include "nix/tests/derived-path.hh" +#include "nix/tests/libstore.hh" namespace nix { diff --git a/src/libstore-tests/downstream-placeholder.cc b/src/libstore-tests/downstream-placeholder.cc index fd29530acfc..76c6410ad60 100644 --- a/src/libstore-tests/downstream-placeholder.cc +++ b/src/libstore-tests/downstream-placeholder.cc @@ -1,6 +1,6 @@ #include -#include "downstream-placeholder.hh" +#include "nix/downstream-placeholder.hh" namespace nix { diff --git a/src/libstore-tests/http-binary-cache-store.cc b/src/libstore-tests/http-binary-cache-store.cc index 1e415f6251a..bc4e5293662 100644 --- a/src/libstore-tests/http-binary-cache-store.cc +++ b/src/libstore-tests/http-binary-cache-store.cc @@ -1,6 +1,6 @@ #include -#include "http-binary-cache-store.hh" +#include "nix/http-binary-cache-store.hh" namespace nix { diff --git a/src/libstore-tests/legacy-ssh-store.cc b/src/libstore-tests/legacy-ssh-store.cc index eb31a240804..5a23cf5b28a 100644 --- a/src/libstore-tests/legacy-ssh-store.cc +++ b/src/libstore-tests/legacy-ssh-store.cc @@ -1,6 +1,6 @@ #include -#include "legacy-ssh-store.hh" +#include "nix/legacy-ssh-store.hh" namespace nix { diff --git a/src/libstore-tests/local-binary-cache-store.cc b/src/libstore-tests/local-binary-cache-store.cc index 2e840228dad..8adc22202ae 100644 --- a/src/libstore-tests/local-binary-cache-store.cc +++ b/src/libstore-tests/local-binary-cache-store.cc @@ -1,6 +1,6 @@ #include -#include "local-binary-cache-store.hh" +#include "nix/local-binary-cache-store.hh" namespace nix { diff --git a/src/libstore-tests/local-overlay-store.cc b/src/libstore-tests/local-overlay-store.cc index b34ca92375e..8e9d25bc320 100644 --- a/src/libstore-tests/local-overlay-store.cc +++ b/src/libstore-tests/local-overlay-store.cc @@ -3,7 +3,7 @@ #if 0 # include -# include "local-overlay-store.hh" +# include "nix/local-overlay-store.hh" namespace nix { diff --git a/src/libstore-tests/local-store.cc b/src/libstore-tests/local-store.cc index abc3ea7963f..8977234a398 100644 --- a/src/libstore-tests/local-store.cc +++ b/src/libstore-tests/local-store.cc @@ -3,13 +3,13 @@ #if 0 # include -# include "local-store.hh" +# include "nix/local-store.hh" // Needed for template specialisations. This is not good! When we // overhaul how store configs work, this should be fixed. -# include "args.hh" -# include "config-impl.hh" -# include "abstract-setting-to-json.hh" +# include "nix/args.hh" +# include "nix/config-impl.hh" +# include "nix/abstract-setting-to-json.hh" namespace nix { diff --git a/src/libstore-tests/machines.cc b/src/libstore-tests/machines.cc index 2d66e953408..219494f16a8 100644 --- a/src/libstore-tests/machines.cc +++ b/src/libstore-tests/machines.cc @@ -1,8 +1,8 @@ -#include "machines.hh" -#include "file-system.hh" -#include "util.hh" +#include "nix/machines.hh" +#include "nix/file-system.hh" +#include "nix/util.hh" -#include "tests/characterization.hh" +#include "nix/tests/characterization.hh" #include #include diff --git a/src/libstore-tests/meson.build b/src/libstore-tests/meson.build index 9f3d8e1d497..0dcfeaacda9 100644 --- a/src/libstore-tests/meson.build +++ b/src/libstore-tests/meson.build @@ -43,8 +43,8 @@ deps_private += gtest add_project_arguments( # TODO(Qyriad): Yes this is how the autoconf+Make system did it. # It would be nice for our headers to be idempotent instead. - '-include', 'config-util.hh', - '-include', 'config-store.hh', + '-include', 'nix/config-util.hh', + '-include', 'nix/config-store.hh', language : 'cpp', ) diff --git a/src/libstore-tests/nar-info-disk-cache.cc b/src/libstore-tests/nar-info-disk-cache.cc index b4bdb832957..b15ee351a54 100644 --- a/src/libstore-tests/nar-info-disk-cache.cc +++ b/src/libstore-tests/nar-info-disk-cache.cc @@ -1,8 +1,8 @@ -#include "nar-info-disk-cache.hh" +#include "nix/nar-info-disk-cache.hh" #include #include -#include "sqlite.hh" +#include "nix/sqlite.hh" #include diff --git a/src/libstore-tests/nar-info.cc b/src/libstore-tests/nar-info.cc index 0d155743d91..54468091422 100644 --- a/src/libstore-tests/nar-info.cc +++ b/src/libstore-tests/nar-info.cc @@ -1,11 +1,11 @@ #include #include -#include "path-info.hh" -#include "nar-info.hh" +#include "nix/path-info.hh" +#include "nix/nar-info.hh" -#include "tests/characterization.hh" -#include "tests/libstore.hh" +#include "nix/tests/characterization.hh" +#include "nix/tests/libstore.hh" namespace nix { diff --git a/src/libstore-tests/nix_api_store.cc b/src/libstore-tests/nix_api_store.cc index a8b7b8e5fc8..b7d9860fb44 100644 --- a/src/libstore-tests/nix_api_store.cc +++ b/src/libstore-tests/nix_api_store.cc @@ -3,8 +3,8 @@ #include "nix_api_store.h" #include "nix_api_store_internal.h" -#include "tests/nix_api_store.hh" -#include "tests/string_callback.hh" +#include "nix/tests/nix_api_store.hh" +#include "nix/tests/string_callback.hh" namespace nixC { diff --git a/src/libstore-tests/outputs-spec.cc b/src/libstore-tests/outputs-spec.cc index 63cde681bbf..007e5a9353b 100644 --- a/src/libstore-tests/outputs-spec.cc +++ b/src/libstore-tests/outputs-spec.cc @@ -1,4 +1,4 @@ -#include "tests/outputs-spec.hh" +#include "nix/tests/outputs-spec.hh" #include #include diff --git a/src/libstore-tests/path-info.cc b/src/libstore-tests/path-info.cc index d6c4c2a7f7e..df3b60f1309 100644 --- a/src/libstore-tests/path-info.cc +++ b/src/libstore-tests/path-info.cc @@ -1,10 +1,10 @@ #include #include -#include "path-info.hh" +#include "nix/path-info.hh" -#include "tests/characterization.hh" -#include "tests/libstore.hh" +#include "nix/tests/characterization.hh" +#include "nix/tests/libstore.hh" namespace nix { diff --git a/src/libstore-tests/path.cc b/src/libstore-tests/path.cc index c4c055abf0c..bcfce2c9f47 100644 --- a/src/libstore-tests/path.cc +++ b/src/libstore-tests/path.cc @@ -4,12 +4,12 @@ #include #include -#include "path-regex.hh" -#include "store-api.hh" +#include "nix/path-regex.hh" +#include "nix/store-api.hh" -#include "tests/hash.hh" -#include "tests/libstore.hh" -#include "tests/path.hh" +#include "nix/tests/hash.hh" +#include "nix/tests/libstore.hh" +#include "nix/tests/path.hh" namespace nix { diff --git a/src/libstore-tests/references.cc b/src/libstore-tests/references.cc index d91d1cedd65..da4b7af3943 100644 --- a/src/libstore-tests/references.cc +++ b/src/libstore-tests/references.cc @@ -1,4 +1,4 @@ -#include "references.hh" +#include "nix/references.hh" #include diff --git a/src/libstore-tests/s3-binary-cache-store.cc b/src/libstore-tests/s3-binary-cache-store.cc index 7aa5f2f2c06..99db360ce6a 100644 --- a/src/libstore-tests/s3-binary-cache-store.cc +++ b/src/libstore-tests/s3-binary-cache-store.cc @@ -2,7 +2,7 @@ # include -# include "s3-binary-cache-store.hh" +# include "nix/s3-binary-cache-store.hh" namespace nix { diff --git a/src/libstore-tests/serve-protocol.cc b/src/libstore-tests/serve-protocol.cc index 3dbbf38799a..dd53b80d6ca 100644 --- a/src/libstore-tests/serve-protocol.cc +++ b/src/libstore-tests/serve-protocol.cc @@ -4,13 +4,13 @@ #include #include -#include "serve-protocol.hh" -#include "serve-protocol-impl.hh" -#include "serve-protocol-connection.hh" -#include "build-result.hh" -#include "file-descriptor.hh" -#include "tests/protocol.hh" -#include "tests/characterization.hh" +#include "nix/serve-protocol.hh" +#include "nix/serve-protocol-impl.hh" +#include "nix/serve-protocol-connection.hh" +#include "nix/build-result.hh" +#include "nix/file-descriptor.hh" +#include "nix/tests/protocol.hh" +#include "nix/tests/characterization.hh" namespace nix { diff --git a/src/libstore-tests/ssh-store.cc b/src/libstore-tests/ssh-store.cc index b853a5f1fb9..1c54a229eeb 100644 --- a/src/libstore-tests/ssh-store.cc +++ b/src/libstore-tests/ssh-store.cc @@ -3,7 +3,7 @@ #if 0 # include -# include "ssh-store.hh" +# include "nix/ssh-store.hh" namespace nix { diff --git a/src/libstore-tests/store-reference.cc b/src/libstore-tests/store-reference.cc index d4c42f0fda1..f8e533fa088 100644 --- a/src/libstore-tests/store-reference.cc +++ b/src/libstore-tests/store-reference.cc @@ -1,11 +1,11 @@ #include #include -#include "file-system.hh" -#include "store-reference.hh" +#include "nix/file-system.hh" +#include "nix/store-reference.hh" -#include "tests/characterization.hh" -#include "tests/libstore.hh" +#include "nix/tests/characterization.hh" +#include "nix/tests/libstore.hh" namespace nix { diff --git a/src/libstore-tests/uds-remote-store.cc b/src/libstore-tests/uds-remote-store.cc index 5ccb208714f..7157bfbfdbe 100644 --- a/src/libstore-tests/uds-remote-store.cc +++ b/src/libstore-tests/uds-remote-store.cc @@ -3,7 +3,7 @@ #if 0 # include -# include "uds-remote-store.hh" +# include "nix/uds-remote-store.hh" namespace nix { diff --git a/src/libstore-tests/worker-protocol.cc b/src/libstore-tests/worker-protocol.cc index 99b042d5ba4..0a417ed3e54 100644 --- a/src/libstore-tests/worker-protocol.cc +++ b/src/libstore-tests/worker-protocol.cc @@ -4,13 +4,13 @@ #include #include -#include "worker-protocol.hh" -#include "worker-protocol-connection.hh" -#include "worker-protocol-impl.hh" -#include "derived-path.hh" -#include "build-result.hh" -#include "tests/protocol.hh" -#include "tests/characterization.hh" +#include "nix/worker-protocol.hh" +#include "nix/worker-protocol-connection.hh" +#include "nix/worker-protocol-impl.hh" +#include "nix/derived-path.hh" +#include "nix/build-result.hh" +#include "nix/tests/protocol.hh" +#include "nix/tests/characterization.hh" namespace nix { diff --git a/src/libstore/binary-cache-store.cc b/src/libstore/binary-cache-store.cc index 896779f85fc..48c449e797f 100644 --- a/src/libstore/binary-cache-store.cc +++ b/src/libstore/binary-cache-store.cc @@ -1,18 +1,18 @@ -#include "archive.hh" -#include "binary-cache-store.hh" -#include "compression.hh" -#include "derivations.hh" -#include "source-accessor.hh" -#include "globals.hh" -#include "nar-info.hh" -#include "sync.hh" -#include "remote-fs-accessor.hh" -#include "nar-info-disk-cache.hh" -#include "nar-accessor.hh" -#include "thread-pool.hh" -#include "callback.hh" -#include "signals.hh" -#include "archive.hh" +#include "nix/archive.hh" +#include "nix/binary-cache-store.hh" +#include "nix/compression.hh" +#include "nix/derivations.hh" +#include "nix/source-accessor.hh" +#include "nix/globals.hh" +#include "nix/nar-info.hh" +#include "nix/sync.hh" +#include "nix/remote-fs-accessor.hh" +#include "nix/nar-info-disk-cache.hh" +#include "nix/nar-accessor.hh" +#include "nix/thread-pool.hh" +#include "nix/callback.hh" +#include "nix/signals.hh" +#include "nix/archive.hh" #include #include diff --git a/src/libstore/build-result.cc b/src/libstore/build-result.cc index 96cbfd62fff..72ad11faea5 100644 --- a/src/libstore/build-result.cc +++ b/src/libstore/build-result.cc @@ -1,4 +1,4 @@ -#include "build-result.hh" +#include "nix/build-result.hh" namespace nix { diff --git a/src/libstore/build/derivation-goal.cc b/src/libstore/build/derivation-goal.cc index 01da37df685..c2858bd34b1 100644 --- a/src/libstore/build/derivation-goal.cc +++ b/src/libstore/build/derivation-goal.cc @@ -1,22 +1,22 @@ -#include "derivation-goal.hh" +#include "nix/build/derivation-goal.hh" #ifndef _WIN32 // TODO enable build hook on Windows -# include "hook-instance.hh" +# include "nix/build/hook-instance.hh" #endif -#include "processes.hh" -#include "config-global.hh" -#include "worker.hh" -#include "builtins.hh" -#include "builtins/buildenv.hh" -#include "references.hh" -#include "finally.hh" -#include "util.hh" -#include "archive.hh" -#include "compression.hh" -#include "common-protocol.hh" -#include "common-protocol-impl.hh" -#include "topo-sort.hh" -#include "callback.hh" -#include "local-store.hh" // TODO remove, along with remaining downcasts +#include "nix/processes.hh" +#include "nix/config-global.hh" +#include "nix/build/worker.hh" +#include "nix/builtins.hh" +#include "nix/builtins/buildenv.hh" +#include "nix/references.hh" +#include "nix/finally.hh" +#include "nix/util.hh" +#include "nix/archive.hh" +#include "nix/compression.hh" +#include "nix/common-protocol.hh" +#include "nix/common-protocol-impl.hh" +#include "nix/topo-sort.hh" +#include "nix/callback.hh" +#include "nix/local-store.hh" // TODO remove, along with remaining downcasts #include #include @@ -32,7 +32,7 @@ #include -#include "strings.hh" +#include "nix/strings.hh" namespace nix { diff --git a/src/libstore/build/drv-output-substitution-goal.cc b/src/libstore/build/drv-output-substitution-goal.cc index f069c0d9404..18853e5310d 100644 --- a/src/libstore/build/drv-output-substitution-goal.cc +++ b/src/libstore/build/drv-output-substitution-goal.cc @@ -1,8 +1,8 @@ -#include "drv-output-substitution-goal.hh" -#include "finally.hh" -#include "worker.hh" -#include "substitution-goal.hh" -#include "callback.hh" +#include "nix/build/drv-output-substitution-goal.hh" +#include "nix/finally.hh" +#include "nix/build/worker.hh" +#include "nix/build/substitution-goal.hh" +#include "nix/callback.hh" namespace nix { diff --git a/src/libstore/build/entry-points.cc b/src/libstore/build/entry-points.cc index 3bf22320e3a..70b32d3ad49 100644 --- a/src/libstore/build/entry-points.cc +++ b/src/libstore/build/entry-points.cc @@ -1,10 +1,10 @@ -#include "worker.hh" -#include "substitution-goal.hh" +#include "nix/build/worker.hh" +#include "nix/build/substitution-goal.hh" #ifndef _WIN32 // TODO Enable building on Windows -# include "derivation-goal.hh" +# include "nix/build/derivation-goal.hh" #endif -#include "local-store.hh" -#include "strings.hh" +#include "nix/local-store.hh" +#include "nix/strings.hh" namespace nix { diff --git a/src/libstore/build/goal.cc b/src/libstore/build/goal.cc index 9a16da14555..baee4ff16d3 100644 --- a/src/libstore/build/goal.cc +++ b/src/libstore/build/goal.cc @@ -1,5 +1,5 @@ -#include "goal.hh" -#include "worker.hh" +#include "nix/build/goal.hh" +#include "nix/build/worker.hh" namespace nix { diff --git a/src/libstore/build/substitution-goal.cc b/src/libstore/build/substitution-goal.cc index 983c86601d8..6794fe73fb3 100644 --- a/src/libstore/build/substitution-goal.cc +++ b/src/libstore/build/substitution-goal.cc @@ -1,8 +1,8 @@ -#include "worker.hh" -#include "substitution-goal.hh" -#include "nar-info.hh" -#include "finally.hh" -#include "signals.hh" +#include "nix/build/worker.hh" +#include "nix/build/substitution-goal.hh" +#include "nix/nar-info.hh" +#include "nix/finally.hh" +#include "nix/signals.hh" #include namespace nix { diff --git a/src/libstore/build/worker.cc b/src/libstore/build/worker.cc index dbe86f43f6a..38e965d354d 100644 --- a/src/libstore/build/worker.cc +++ b/src/libstore/build/worker.cc @@ -1,14 +1,14 @@ -#include "local-store.hh" -#include "machines.hh" -#include "worker.hh" -#include "substitution-goal.hh" -#include "drv-output-substitution-goal.hh" -#include "derivation-goal.hh" +#include "nix/local-store.hh" +#include "nix/machines.hh" +#include "nix/build/worker.hh" +#include "nix/build/substitution-goal.hh" +#include "nix/build/drv-output-substitution-goal.hh" +#include "nix/build/derivation-goal.hh" #ifndef _WIN32 // TODO Enable building on Windows -# include "local-derivation-goal.hh" -# include "hook-instance.hh" +# include "nix/build/local-derivation-goal.hh" +# include "nix/build/hook-instance.hh" #endif -#include "signals.hh" +#include "nix/signals.hh" namespace nix { diff --git a/src/libstore/builtins/buildenv.cc b/src/libstore/builtins/buildenv.cc index 0f7bcd99b1c..4145593cf3a 100644 --- a/src/libstore/builtins/buildenv.cc +++ b/src/libstore/builtins/buildenv.cc @@ -1,6 +1,6 @@ -#include "buildenv.hh" -#include "derivations.hh" -#include "signals.hh" +#include "nix/builtins/buildenv.hh" +#include "nix/derivations.hh" +#include "nix/signals.hh" #include #include diff --git a/src/libstore/builtins/fetchurl.cc b/src/libstore/builtins/fetchurl.cc index 90e58dfdb3d..28af8427c65 100644 --- a/src/libstore/builtins/fetchurl.cc +++ b/src/libstore/builtins/fetchurl.cc @@ -1,8 +1,8 @@ -#include "builtins.hh" -#include "filetransfer.hh" -#include "store-api.hh" -#include "archive.hh" -#include "compression.hh" +#include "nix/builtins.hh" +#include "nix/filetransfer.hh" +#include "nix/store-api.hh" +#include "nix/archive.hh" +#include "nix/compression.hh" namespace nix { diff --git a/src/libstore/builtins/unpack-channel.cc b/src/libstore/builtins/unpack-channel.cc index 43fbb62cd73..9e76ee7d382 100644 --- a/src/libstore/builtins/unpack-channel.cc +++ b/src/libstore/builtins/unpack-channel.cc @@ -1,5 +1,5 @@ -#include "builtins.hh" -#include "tarfile.hh" +#include "nix/builtins.hh" +#include "nix/tarfile.hh" namespace nix { diff --git a/src/libstore/common-protocol.cc b/src/libstore/common-protocol.cc index fc2b5ac6f3f..4845d587351 100644 --- a/src/libstore/common-protocol.cc +++ b/src/libstore/common-protocol.cc @@ -1,11 +1,11 @@ -#include "serialise.hh" -#include "path-with-outputs.hh" -#include "store-api.hh" -#include "build-result.hh" -#include "common-protocol.hh" -#include "common-protocol-impl.hh" -#include "archive.hh" -#include "derivations.hh" +#include "nix/serialise.hh" +#include "nix/path-with-outputs.hh" +#include "nix/store-api.hh" +#include "nix/build-result.hh" +#include "nix/common-protocol.hh" +#include "nix/common-protocol-impl.hh" +#include "nix/archive.hh" +#include "nix/derivations.hh" #include diff --git a/src/libstore/common-ssh-store-config.cc b/src/libstore/common-ssh-store-config.cc index 05332b9bb5c..d4123e326be 100644 --- a/src/libstore/common-ssh-store-config.cc +++ b/src/libstore/common-ssh-store-config.cc @@ -1,7 +1,7 @@ #include -#include "common-ssh-store-config.hh" -#include "ssh.hh" +#include "nix/common-ssh-store-config.hh" +#include "nix/ssh.hh" namespace nix { diff --git a/src/libstore/content-address.cc b/src/libstore/content-address.cc index e1cdfece6e9..a3745b4ef31 100644 --- a/src/libstore/content-address.cc +++ b/src/libstore/content-address.cc @@ -1,6 +1,6 @@ -#include "args.hh" -#include "content-address.hh" -#include "split.hh" +#include "nix/args.hh" +#include "nix/content-address.hh" +#include "nix/split.hh" namespace nix { diff --git a/src/libstore/daemon.cc b/src/libstore/daemon.cc index 60cb64b7b7c..bce285141e0 100644 --- a/src/libstore/daemon.cc +++ b/src/libstore/daemon.cc @@ -1,23 +1,23 @@ -#include "daemon.hh" -#include "signals.hh" -#include "worker-protocol.hh" -#include "worker-protocol-connection.hh" -#include "worker-protocol-impl.hh" -#include "build-result.hh" -#include "store-api.hh" -#include "store-cast.hh" -#include "gc-store.hh" -#include "log-store.hh" -#include "indirect-root-store.hh" -#include "path-with-outputs.hh" -#include "finally.hh" -#include "archive.hh" -#include "derivations.hh" -#include "args.hh" -#include "git.hh" +#include "nix/daemon.hh" +#include "nix/signals.hh" +#include "nix/worker-protocol.hh" +#include "nix/worker-protocol-connection.hh" +#include "nix/worker-protocol-impl.hh" +#include "nix/build-result.hh" +#include "nix/store-api.hh" +#include "nix/store-cast.hh" +#include "nix/gc-store.hh" +#include "nix/log-store.hh" +#include "nix/indirect-root-store.hh" +#include "nix/path-with-outputs.hh" +#include "nix/finally.hh" +#include "nix/archive.hh" +#include "nix/derivations.hh" +#include "nix/args.hh" +#include "nix/git.hh" #ifndef _WIN32 // TODO need graceful async exit support on Windows? -# include "monitor-fd.hh" +# include "nix/monitor-fd.hh" #endif #include diff --git a/src/libstore/derivation-options.cc b/src/libstore/derivation-options.cc index 1fc1718f7eb..8683fd8ada3 100644 --- a/src/libstore/derivation-options.cc +++ b/src/libstore/derivation-options.cc @@ -1,8 +1,8 @@ -#include "derivation-options.hh" -#include "json-utils.hh" -#include "parsed-derivations.hh" -#include "types.hh" -#include "util.hh" +#include "nix/derivation-options.hh" +#include "nix/json-utils.hh" +#include "nix/parsed-derivations.hh" +#include "nix/types.hh" +#include "nix/util.hh" #include #include #include diff --git a/src/libstore/derivations.cc b/src/libstore/derivations.cc index b54838a0aa9..4c027d64b75 100644 --- a/src/libstore/derivations.cc +++ b/src/libstore/derivations.cc @@ -1,14 +1,14 @@ -#include "derivations.hh" -#include "downstream-placeholder.hh" -#include "store-api.hh" -#include "globals.hh" -#include "types.hh" -#include "util.hh" -#include "split.hh" -#include "common-protocol.hh" -#include "common-protocol-impl.hh" -#include "strings-inline.hh" -#include "json-utils.hh" +#include "nix/derivations.hh" +#include "nix/downstream-placeholder.hh" +#include "nix/store-api.hh" +#include "nix/globals.hh" +#include "nix/types.hh" +#include "nix/util.hh" +#include "nix/split.hh" +#include "nix/common-protocol.hh" +#include "nix/common-protocol-impl.hh" +#include "nix/strings-inline.hh" +#include "nix/json-utils.hh" #include #include diff --git a/src/libstore/derived-path-map.cc b/src/libstore/derived-path-map.cc index c97d52773eb..cb6d98d5a66 100644 --- a/src/libstore/derived-path-map.cc +++ b/src/libstore/derived-path-map.cc @@ -1,5 +1,5 @@ -#include "derived-path-map.hh" -#include "util.hh" +#include "nix/derived-path-map.hh" +#include "nix/util.hh" namespace nix { diff --git a/src/libstore/derived-path.cc b/src/libstore/derived-path.cc index 1eef881de0c..94f8d93f7d0 100644 --- a/src/libstore/derived-path.cc +++ b/src/libstore/derived-path.cc @@ -1,7 +1,7 @@ -#include "derived-path.hh" -#include "derivations.hh" -#include "store-api.hh" -#include "comparator.hh" +#include "nix/derived-path.hh" +#include "nix/derivations.hh" +#include "nix/store-api.hh" +#include "nix/comparator.hh" #include diff --git a/src/libstore/downstream-placeholder.cc b/src/libstore/downstream-placeholder.cc index 91d47f946c1..52c46ddee60 100644 --- a/src/libstore/downstream-placeholder.cc +++ b/src/libstore/downstream-placeholder.cc @@ -1,5 +1,5 @@ -#include "downstream-placeholder.hh" -#include "derivations.hh" +#include "nix/downstream-placeholder.hh" +#include "nix/derivations.hh" namespace nix { diff --git a/src/libstore/dummy-store.cc b/src/libstore/dummy-store.cc index c1e871e9384..b922b30a641 100644 --- a/src/libstore/dummy-store.cc +++ b/src/libstore/dummy-store.cc @@ -1,5 +1,5 @@ -#include "store-api.hh" -#include "callback.hh" +#include "nix/store-api.hh" +#include "nix/callback.hh" namespace nix { diff --git a/src/libstore/export-import.cc b/src/libstore/export-import.cc index 1c62cdfad64..efec2a40996 100644 --- a/src/libstore/export-import.cc +++ b/src/libstore/export-import.cc @@ -1,8 +1,8 @@ -#include "serialise.hh" -#include "store-api.hh" -#include "archive.hh" -#include "common-protocol.hh" -#include "common-protocol-impl.hh" +#include "nix/serialise.hh" +#include "nix/store-api.hh" +#include "nix/archive.hh" +#include "nix/common-protocol.hh" +#include "nix/common-protocol-impl.hh" #include diff --git a/src/libstore/filetransfer.cc b/src/libstore/filetransfer.cc index 1525ef5fb4f..fc77b61507e 100644 --- a/src/libstore/filetransfer.cc +++ b/src/libstore/filetransfer.cc @@ -1,19 +1,19 @@ -#include "filetransfer.hh" -#include "globals.hh" -#include "config-global.hh" -#include "store-api.hh" -#include "s3.hh" -#include "compression.hh" -#include "finally.hh" -#include "callback.hh" -#include "signals.hh" +#include "nix/filetransfer.hh" +#include "nix/globals.hh" +#include "nix/config-global.hh" +#include "nix/store-api.hh" +#include "nix/s3.hh" +#include "nix/compression.hh" +#include "nix/finally.hh" +#include "nix/callback.hh" +#include "nix/signals.hh" #if ENABLE_S3 #include #endif #if __linux__ -# include "namespaces.hh" +# include "nix/namespaces.hh" #endif #include diff --git a/src/libstore/gc.cc b/src/libstore/gc.cc index ac354f3faf7..81294a5b9df 100644 --- a/src/libstore/gc.cc +++ b/src/libstore/gc.cc @@ -1,14 +1,14 @@ -#include "derivations.hh" -#include "globals.hh" -#include "local-store.hh" -#include "finally.hh" -#include "unix-domain-socket.hh" -#include "signals.hh" -#include "posix-fs-canonicalise.hh" +#include "nix/derivations.hh" +#include "nix/globals.hh" +#include "nix/local-store.hh" +#include "nix/finally.hh" +#include "nix/unix-domain-socket.hh" +#include "nix/signals.hh" +#include "nix/posix-fs-canonicalise.hh" #if !defined(__linux__) // For shelling out to lsof -# include "processes.hh" +# include "nix/processes.hh" #endif #include diff --git a/src/libstore/globals.cc b/src/libstore/globals.cc index d7c000dfab7..4f8c53ca848 100644 --- a/src/libstore/globals.cc +++ b/src/libstore/globals.cc @@ -1,11 +1,11 @@ -#include "globals.hh" -#include "config-global.hh" -#include "current-process.hh" -#include "archive.hh" -#include "args.hh" -#include "abstract-setting-to-json.hh" -#include "compute-levels.hh" -#include "signals.hh" +#include "nix/globals.hh" +#include "nix/config-global.hh" +#include "nix/current-process.hh" +#include "nix/archive.hh" +#include "nix/args.hh" +#include "nix/abstract-setting-to-json.hh" +#include "nix/compute-levels.hh" +#include "nix/signals.hh" #include #include @@ -26,16 +26,16 @@ #endif #if __APPLE__ -# include "processes.hh" +# include "nix/processes.hh" #endif -#include "config-impl.hh" +#include "nix/config-impl.hh" #ifdef __APPLE__ #include #endif -#include "strings.hh" +#include "nix/strings.hh" namespace nix { diff --git a/src/libstore/http-binary-cache-store.cc b/src/libstore/http-binary-cache-store.cc index f32616f94a6..a8d77f753ea 100644 --- a/src/libstore/http-binary-cache-store.cc +++ b/src/libstore/http-binary-cache-store.cc @@ -1,8 +1,8 @@ -#include "http-binary-cache-store.hh" -#include "filetransfer.hh" -#include "globals.hh" -#include "nar-info-disk-cache.hh" -#include "callback.hh" +#include "nix/http-binary-cache-store.hh" +#include "nix/filetransfer.hh" +#include "nix/globals.hh" +#include "nix/nar-info-disk-cache.hh" +#include "nix/callback.hh" namespace nix { diff --git a/src/libstore/binary-cache-store.hh b/src/libstore/include/nix/binary-cache-store.hh similarity index 97% rename from src/libstore/binary-cache-store.hh rename to src/libstore/include/nix/binary-cache-store.hh index 6bd7fd14ac9..ec012cda8d7 100644 --- a/src/libstore/binary-cache-store.hh +++ b/src/libstore/include/nix/binary-cache-store.hh @@ -1,11 +1,11 @@ #pragma once ///@file -#include "signature/local-keys.hh" -#include "store-api.hh" -#include "log-store.hh" +#include "nix/signature/local-keys.hh" +#include "nix/store-api.hh" +#include "nix/log-store.hh" -#include "pool.hh" +#include "nix/pool.hh" #include diff --git a/src/libstore/build-result.hh b/src/libstore/include/nix/build-result.hh similarity index 98% rename from src/libstore/build-result.hh rename to src/libstore/include/nix/build-result.hh index 8c66cfeb353..20d72634660 100644 --- a/src/libstore/build-result.hh +++ b/src/libstore/include/nix/build-result.hh @@ -1,8 +1,8 @@ #pragma once ///@file -#include "realisation.hh" -#include "derived-path.hh" +#include "nix/realisation.hh" +#include "nix/derived-path.hh" #include #include diff --git a/src/libstore/build/derivation-goal.hh b/src/libstore/include/nix/build/derivation-goal.hh similarity index 97% rename from src/libstore/build/derivation-goal.hh rename to src/libstore/include/nix/build/derivation-goal.hh index 4622cb2b1c6..6e51956fd8e 100644 --- a/src/libstore/build/derivation-goal.hh +++ b/src/libstore/include/nix/build/derivation-goal.hh @@ -1,15 +1,15 @@ #pragma once ///@file -#include "parsed-derivations.hh" -#include "derivation-options.hh" +#include "nix/parsed-derivations.hh" +#include "nix/derivation-options.hh" #ifndef _WIN32 -# include "user-lock.hh" +# include "nix/user-lock.hh" #endif -#include "outputs-spec.hh" -#include "store-api.hh" -#include "pathlocks.hh" -#include "goal.hh" +#include "nix/outputs-spec.hh" +#include "nix/store-api.hh" +#include "nix/pathlocks.hh" +#include "nix/build/goal.hh" namespace nix { diff --git a/src/libstore/build/drv-output-substitution-goal.hh b/src/libstore/include/nix/build/drv-output-substitution-goal.hh similarity index 89% rename from src/libstore/build/drv-output-substitution-goal.hh rename to src/libstore/include/nix/build/drv-output-substitution-goal.hh index 8c60d01987a..94db4fbbc5c 100644 --- a/src/libstore/build/drv-output-substitution-goal.hh +++ b/src/libstore/include/nix/build/drv-output-substitution-goal.hh @@ -4,10 +4,10 @@ #include #include -#include "store-api.hh" -#include "goal.hh" -#include "realisation.hh" -#include "muxable-pipe.hh" +#include "nix/store-api.hh" +#include "nix/build/goal.hh" +#include "nix/realisation.hh" +#include "nix/muxable-pipe.hh" namespace nix { diff --git a/src/libstore/build/goal.hh b/src/libstore/include/nix/build/goal.hh similarity index 99% rename from src/libstore/build/goal.hh rename to src/libstore/include/nix/build/goal.hh index 1dd7ed52537..53e1f4ba222 100644 --- a/src/libstore/build/goal.hh +++ b/src/libstore/include/nix/build/goal.hh @@ -1,8 +1,8 @@ #pragma once ///@file -#include "store-api.hh" -#include "build-result.hh" +#include "nix/store-api.hh" +#include "nix/build-result.hh" #include diff --git a/src/libstore/build/substitution-goal.hh b/src/libstore/include/nix/build/substitution-goal.hh similarity index 94% rename from src/libstore/build/substitution-goal.hh rename to src/libstore/include/nix/build/substitution-goal.hh index f2cf797e5d2..c8139025c8d 100644 --- a/src/libstore/build/substitution-goal.hh +++ b/src/libstore/include/nix/build/substitution-goal.hh @@ -1,10 +1,10 @@ #pragma once ///@file -#include "worker.hh" -#include "store-api.hh" -#include "goal.hh" -#include "muxable-pipe.hh" +#include "nix/build/worker.hh" +#include "nix/store-api.hh" +#include "nix/build/goal.hh" +#include "nix/muxable-pipe.hh" #include #include #include diff --git a/src/libstore/build/worker.hh b/src/libstore/include/nix/build/worker.hh similarity index 98% rename from src/libstore/build/worker.hh rename to src/libstore/include/nix/build/worker.hh index f5e61720807..467e258dfab 100644 --- a/src/libstore/build/worker.hh +++ b/src/libstore/include/nix/build/worker.hh @@ -1,11 +1,11 @@ #pragma once ///@file -#include "types.hh" -#include "store-api.hh" -#include "goal.hh" -#include "realisation.hh" -#include "muxable-pipe.hh" +#include "nix/types.hh" +#include "nix/store-api.hh" +#include "nix/build/goal.hh" +#include "nix/realisation.hh" +#include "nix/muxable-pipe.hh" #include #include diff --git a/src/libstore/builtins.hh b/src/libstore/include/nix/builtins.hh similarity index 92% rename from src/libstore/builtins.hh rename to src/libstore/include/nix/builtins.hh index 091946e013a..5943ae5073b 100644 --- a/src/libstore/builtins.hh +++ b/src/libstore/include/nix/builtins.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "derivations.hh" +#include "nix/derivations.hh" namespace nix { diff --git a/src/libstore/builtins/buildenv.hh b/src/libstore/include/nix/builtins/buildenv.hh similarity index 97% rename from src/libstore/builtins/buildenv.hh rename to src/libstore/include/nix/builtins/buildenv.hh index 8e112e176e2..00fc3bf902a 100644 --- a/src/libstore/builtins/buildenv.hh +++ b/src/libstore/include/nix/builtins/buildenv.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "store-api.hh" +#include "nix/store-api.hh" namespace nix { diff --git a/src/libstore/common-protocol-impl.hh b/src/libstore/include/nix/common-protocol-impl.hh similarity index 93% rename from src/libstore/common-protocol-impl.hh rename to src/libstore/include/nix/common-protocol-impl.hh index 360882c0289..71d5fc015c0 100644 --- a/src/libstore/common-protocol-impl.hh +++ b/src/libstore/include/nix/common-protocol-impl.hh @@ -8,8 +8,8 @@ * contributing guide. */ -#include "common-protocol.hh" -#include "length-prefixed-protocol-helper.hh" +#include "nix/common-protocol.hh" +#include "nix/length-prefixed-protocol-helper.hh" namespace nix { diff --git a/src/libstore/common-protocol.hh b/src/libstore/include/nix/common-protocol.hh similarity index 99% rename from src/libstore/common-protocol.hh rename to src/libstore/include/nix/common-protocol.hh index a878e84c9d8..260f192568a 100644 --- a/src/libstore/common-protocol.hh +++ b/src/libstore/include/nix/common-protocol.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "serialise.hh" +#include "nix/serialise.hh" namespace nix { diff --git a/src/libstore/common-ssh-store-config.hh b/src/libstore/include/nix/common-ssh-store-config.hh similarity index 98% rename from src/libstore/common-ssh-store-config.hh rename to src/libstore/include/nix/common-ssh-store-config.hh index 5deb6f4c9e9..54aa8cb5e39 100644 --- a/src/libstore/common-ssh-store-config.hh +++ b/src/libstore/include/nix/common-ssh-store-config.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "store-api.hh" +#include "nix/store-api.hh" namespace nix { diff --git a/src/libstore/content-address.hh b/src/libstore/include/nix/content-address.hh similarity index 98% rename from src/libstore/content-address.hh rename to src/libstore/include/nix/content-address.hh index 2b5d1296a27..6a2cbb1efe5 100644 --- a/src/libstore/content-address.hh +++ b/src/libstore/include/nix/content-address.hh @@ -2,10 +2,10 @@ ///@file #include -#include "hash.hh" -#include "path.hh" -#include "file-content-address.hh" -#include "variant-wrapper.hh" +#include "nix/hash.hh" +#include "nix/path.hh" +#include "nix/file-content-address.hh" +#include "nix/variant-wrapper.hh" namespace nix { diff --git a/src/libstore/daemon.hh b/src/libstore/include/nix/daemon.hh similarity index 82% rename from src/libstore/daemon.hh rename to src/libstore/include/nix/daemon.hh index a8ce32d8deb..38df5796733 100644 --- a/src/libstore/daemon.hh +++ b/src/libstore/include/nix/daemon.hh @@ -1,8 +1,8 @@ #pragma once ///@file -#include "serialise.hh" -#include "store-api.hh" +#include "nix/serialise.hh" +#include "nix/store-api.hh" namespace nix::daemon { diff --git a/src/libstore/derivation-options.hh b/src/libstore/include/nix/derivation-options.hh similarity index 98% rename from src/libstore/derivation-options.hh rename to src/libstore/include/nix/derivation-options.hh index 6e4ea5cd9fd..459b7de78cc 100644 --- a/src/libstore/derivation-options.hh +++ b/src/libstore/include/nix/derivation-options.hh @@ -6,8 +6,8 @@ #include #include -#include "types.hh" -#include "json-impls.hh" +#include "nix/types.hh" +#include "nix/json-impls.hh" namespace nix { diff --git a/src/libstore/derivations.hh b/src/libstore/include/nix/derivations.hh similarity index 98% rename from src/libstore/derivations.hh rename to src/libstore/include/nix/derivations.hh index 5b2101ed53c..997cead4f90 100644 --- a/src/libstore/derivations.hh +++ b/src/libstore/include/nix/derivations.hh @@ -1,14 +1,14 @@ #pragma once ///@file -#include "path.hh" -#include "types.hh" -#include "hash.hh" -#include "content-address.hh" -#include "repair-flag.hh" -#include "derived-path-map.hh" -#include "sync.hh" -#include "variant-wrapper.hh" +#include "nix/path.hh" +#include "nix/types.hh" +#include "nix/hash.hh" +#include "nix/content-address.hh" +#include "nix/repair-flag.hh" +#include "nix/derived-path-map.hh" +#include "nix/sync.hh" +#include "nix/variant-wrapper.hh" #include #include diff --git a/src/libstore/derived-path-map.hh b/src/libstore/include/nix/derived-path-map.hh similarity index 98% rename from src/libstore/derived-path-map.hh rename to src/libstore/include/nix/derived-path-map.hh index bd60fe88710..24c5ca3d7cb 100644 --- a/src/libstore/derived-path-map.hh +++ b/src/libstore/include/nix/derived-path-map.hh @@ -1,8 +1,8 @@ #pragma once ///@file -#include "types.hh" -#include "derived-path.hh" +#include "nix/types.hh" +#include "nix/derived-path.hh" namespace nix { diff --git a/src/libstore/derived-path.hh b/src/libstore/include/nix/derived-path.hh similarity index 98% rename from src/libstore/derived-path.hh rename to src/libstore/include/nix/derived-path.hh index 4ba3fb37d4c..719ae035097 100644 --- a/src/libstore/derived-path.hh +++ b/src/libstore/include/nix/derived-path.hh @@ -1,10 +1,10 @@ #pragma once ///@file -#include "path.hh" -#include "outputs-spec.hh" -#include "config.hh" -#include "ref.hh" +#include "nix/path.hh" +#include "nix/outputs-spec.hh" +#include "nix/config.hh" +#include "nix/ref.hh" #include diff --git a/src/libstore/downstream-placeholder.hh b/src/libstore/include/nix/downstream-placeholder.hh similarity index 97% rename from src/libstore/downstream-placeholder.hh rename to src/libstore/include/nix/downstream-placeholder.hh index c911ecea2ed..eb6662d3b09 100644 --- a/src/libstore/downstream-placeholder.hh +++ b/src/libstore/include/nix/downstream-placeholder.hh @@ -1,9 +1,9 @@ #pragma once ///@file -#include "hash.hh" -#include "path.hh" -#include "derived-path.hh" +#include "nix/hash.hh" +#include "nix/path.hh" +#include "nix/derived-path.hh" namespace nix { diff --git a/src/libstore/filetransfer.hh b/src/libstore/include/nix/filetransfer.hh similarity index 97% rename from src/libstore/filetransfer.hh rename to src/libstore/include/nix/filetransfer.hh index 0ecc7f37663..31ad1aabdb6 100644 --- a/src/libstore/filetransfer.hh +++ b/src/libstore/include/nix/filetransfer.hh @@ -4,11 +4,11 @@ #include #include -#include "logging.hh" -#include "types.hh" -#include "ref.hh" -#include "config.hh" -#include "serialise.hh" +#include "nix/logging.hh" +#include "nix/types.hh" +#include "nix/ref.hh" +#include "nix/config.hh" +#include "nix/serialise.hh" namespace nix { diff --git a/src/libstore/gc-store.hh b/src/libstore/include/nix/gc-store.hh similarity index 99% rename from src/libstore/gc-store.hh rename to src/libstore/include/nix/gc-store.hh index 020f770b07a..f5f6855409a 100644 --- a/src/libstore/gc-store.hh +++ b/src/libstore/include/nix/gc-store.hh @@ -3,7 +3,7 @@ #include -#include "store-api.hh" +#include "nix/store-api.hh" namespace nix { diff --git a/src/libstore/globals.hh b/src/libstore/include/nix/globals.hh similarity index 99% rename from src/libstore/globals.hh rename to src/libstore/include/nix/globals.hh index c539ff836e0..bda883890c8 100644 --- a/src/libstore/globals.hh +++ b/src/libstore/include/nix/globals.hh @@ -1,11 +1,11 @@ #pragma once ///@file -#include "types.hh" -#include "config.hh" -#include "environment-variables.hh" -#include "experimental-features.hh" -#include "users.hh" +#include "nix/types.hh" +#include "nix/config.hh" +#include "nix/environment-variables.hh" +#include "nix/experimental-features.hh" +#include "nix/users.hh" #include #include diff --git a/src/libstore/http-binary-cache-store.hh b/src/libstore/include/nix/http-binary-cache-store.hh similarity index 94% rename from src/libstore/http-binary-cache-store.hh rename to src/libstore/include/nix/http-binary-cache-store.hh index d2fc43210a2..9dadda4d3d8 100644 --- a/src/libstore/http-binary-cache-store.hh +++ b/src/libstore/include/nix/http-binary-cache-store.hh @@ -1,4 +1,4 @@ -#include "binary-cache-store.hh" +#include "nix/binary-cache-store.hh" namespace nix { diff --git a/src/libstore/indirect-root-store.hh b/src/libstore/include/nix/indirect-root-store.hh similarity index 98% rename from src/libstore/indirect-root-store.hh rename to src/libstore/include/nix/indirect-root-store.hh index b74ebc1eed4..de4de138b95 100644 --- a/src/libstore/indirect-root-store.hh +++ b/src/libstore/include/nix/indirect-root-store.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "local-fs-store.hh" +#include "nix/local-fs-store.hh" namespace nix { diff --git a/src/libstore/keys.hh b/src/libstore/include/nix/keys.hh similarity index 66% rename from src/libstore/keys.hh rename to src/libstore/include/nix/keys.hh index 3da19493fbb..ae0fa8d0217 100644 --- a/src/libstore/keys.hh +++ b/src/libstore/include/nix/keys.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "signature/local-keys.hh" +#include "nix/signature/local-keys.hh" namespace nix { diff --git a/src/libstore/legacy-ssh-store.hh b/src/libstore/include/nix/legacy-ssh-store.hh similarity index 97% rename from src/libstore/legacy-ssh-store.hh rename to src/libstore/include/nix/legacy-ssh-store.hh index 92aa4ae56d1..9c4a9230da1 100644 --- a/src/libstore/legacy-ssh-store.hh +++ b/src/libstore/include/nix/legacy-ssh-store.hh @@ -1,12 +1,12 @@ #pragma once ///@file -#include "common-ssh-store-config.hh" -#include "store-api.hh" -#include "ssh.hh" -#include "callback.hh" -#include "pool.hh" -#include "serve-protocol.hh" +#include "nix/common-ssh-store-config.hh" +#include "nix/store-api.hh" +#include "nix/ssh.hh" +#include "nix/callback.hh" +#include "nix/pool.hh" +#include "nix/serve-protocol.hh" namespace nix { diff --git a/src/libstore/length-prefixed-protocol-helper.hh b/src/libstore/include/nix/length-prefixed-protocol-helper.hh similarity index 99% rename from src/libstore/length-prefixed-protocol-helper.hh rename to src/libstore/include/nix/length-prefixed-protocol-helper.hh index 7e977bbf1a2..ad7b32793e4 100644 --- a/src/libstore/length-prefixed-protocol-helper.hh +++ b/src/libstore/include/nix/length-prefixed-protocol-helper.hh @@ -8,7 +8,7 @@ * Used by both the Worker and Serve protocols. */ -#include "types.hh" +#include "nix/types.hh" namespace nix { diff --git a/src/libstore/local-binary-cache-store.hh b/src/libstore/include/nix/local-binary-cache-store.hh similarity index 92% rename from src/libstore/local-binary-cache-store.hh rename to src/libstore/include/nix/local-binary-cache-store.hh index 997e8ecbb51..acff6621d6d 100644 --- a/src/libstore/local-binary-cache-store.hh +++ b/src/libstore/include/nix/local-binary-cache-store.hh @@ -1,4 +1,4 @@ -#include "binary-cache-store.hh" +#include "nix/binary-cache-store.hh" namespace nix { diff --git a/src/libstore/local-fs-store.hh b/src/libstore/include/nix/local-fs-store.hh similarity index 96% rename from src/libstore/local-fs-store.hh rename to src/libstore/include/nix/local-fs-store.hh index 9bb569f0b25..2a5f6e3e7cd 100644 --- a/src/libstore/local-fs-store.hh +++ b/src/libstore/include/nix/local-fs-store.hh @@ -1,9 +1,9 @@ #pragma once ///@file -#include "store-api.hh" -#include "gc-store.hh" -#include "log-store.hh" +#include "nix/store-api.hh" +#include "nix/gc-store.hh" +#include "nix/log-store.hh" namespace nix { diff --git a/src/libstore/local-overlay-store.hh b/src/libstore/include/nix/local-overlay-store.hh similarity index 99% rename from src/libstore/local-overlay-store.hh rename to src/libstore/include/nix/local-overlay-store.hh index 63628abed50..1cee3cc9f9f 100644 --- a/src/libstore/local-overlay-store.hh +++ b/src/libstore/include/nix/local-overlay-store.hh @@ -1,4 +1,4 @@ -#include "local-store.hh" +#include "nix/local-store.hh" namespace nix { diff --git a/src/libstore/local-store.hh b/src/libstore/include/nix/local-store.hh similarity index 98% rename from src/libstore/local-store.hh rename to src/libstore/include/nix/local-store.hh index 83154d65193..2e1fcdfcff2 100644 --- a/src/libstore/local-store.hh +++ b/src/libstore/include/nix/local-store.hh @@ -1,12 +1,12 @@ #pragma once ///@file -#include "sqlite.hh" +#include "nix/sqlite.hh" -#include "pathlocks.hh" -#include "store-api.hh" -#include "indirect-root-store.hh" -#include "sync.hh" +#include "nix/pathlocks.hh" +#include "nix/store-api.hh" +#include "nix/indirect-root-store.hh" +#include "nix/sync.hh" #include #include diff --git a/src/libstore/log-store.hh b/src/libstore/include/nix/log-store.hh similarity index 95% rename from src/libstore/log-store.hh rename to src/libstore/include/nix/log-store.hh index a84f7dbeb25..5cd8a9f885c 100644 --- a/src/libstore/log-store.hh +++ b/src/libstore/include/nix/log-store.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "store-api.hh" +#include "nix/store-api.hh" namespace nix { diff --git a/src/libstore/machines.hh b/src/libstore/include/nix/machines.hh similarity index 97% rename from src/libstore/machines.hh rename to src/libstore/include/nix/machines.hh index b70ab907806..6cd1853a5d5 100644 --- a/src/libstore/machines.hh +++ b/src/libstore/include/nix/machines.hh @@ -1,8 +1,8 @@ #pragma once ///@file -#include "ref.hh" -#include "store-reference.hh" +#include "nix/ref.hh" +#include "nix/store-reference.hh" namespace nix { diff --git a/src/libstore/make-content-addressed.hh b/src/libstore/include/nix/make-content-addressed.hh similarity index 94% rename from src/libstore/make-content-addressed.hh rename to src/libstore/include/nix/make-content-addressed.hh index 60bb2b477db..75fe4462f4f 100644 --- a/src/libstore/make-content-addressed.hh +++ b/src/libstore/include/nix/make-content-addressed.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "store-api.hh" +#include "nix/store-api.hh" namespace nix { diff --git a/src/libstore/include/nix/meson.build b/src/libstore/include/nix/meson.build new file mode 100644 index 00000000000..85ea75685ed --- /dev/null +++ b/src/libstore/include/nix/meson.build @@ -0,0 +1,81 @@ +# Public headers directory + +include_dirs = [ + include_directories('..'), +] + +config_h = configure_file( + configuration : configdata, + output : 'config-store.hh', +) + +headers = [config_h] + files( + 'binary-cache-store.hh', + 'build-result.hh', + 'build/derivation-goal.hh', + 'build/drv-output-substitution-goal.hh', + 'build/goal.hh', + 'build/substitution-goal.hh', + 'build/worker.hh', + 'builtins.hh', + 'builtins/buildenv.hh', + 'common-protocol-impl.hh', + 'common-protocol.hh', + 'common-ssh-store-config.hh', + 'content-address.hh', + 'daemon.hh', + 'derivations.hh', + 'derivation-options.hh', + 'derived-path-map.hh', + 'derived-path.hh', + 'downstream-placeholder.hh', + 'filetransfer.hh', + 'gc-store.hh', + 'globals.hh', + 'http-binary-cache-store.hh', + 'indirect-root-store.hh', + 'keys.hh', + 'legacy-ssh-store.hh', + 'length-prefixed-protocol-helper.hh', + 'local-binary-cache-store.hh', + 'local-fs-store.hh', + 'local-overlay-store.hh', + 'local-store.hh', + 'log-store.hh', + 'machines.hh', + 'make-content-addressed.hh', + 'names.hh', + 'nar-accessor.hh', + 'nar-info-disk-cache.hh', + 'nar-info.hh', + 'outputs-spec.hh', + 'parsed-derivations.hh', + 'path-info.hh', + 'path-references.hh', + 'path-regex.hh', + 'path-with-outputs.hh', + 'path.hh', + 'pathlocks.hh', + 'posix-fs-canonicalise.hh', + 'profiles.hh', + 'realisation.hh', + 'remote-fs-accessor.hh', + 'remote-store-connection.hh', + 'remote-store.hh', + 's3-binary-cache-store.hh', + 's3.hh', + 'ssh-store.hh', + 'serve-protocol-connection.hh', + 'serve-protocol-impl.hh', + 'serve-protocol.hh', + 'sqlite.hh', + 'ssh.hh', + 'store-api.hh', + 'store-cast.hh', + 'store-dir-config.hh', + 'store-reference.hh', + 'uds-remote-store.hh', + 'worker-protocol-connection.hh', + 'worker-protocol-impl.hh', + 'worker-protocol.hh', +) diff --git a/src/libstore/names.hh b/src/libstore/include/nix/names.hh similarity index 96% rename from src/libstore/names.hh rename to src/libstore/include/nix/names.hh index a6909d54593..f11c22b1c9b 100644 --- a/src/libstore/names.hh +++ b/src/libstore/include/nix/names.hh @@ -3,7 +3,7 @@ #include -#include "types.hh" +#include "nix/types.hh" namespace nix { diff --git a/src/libstore/nar-accessor.hh b/src/libstore/include/nix/nar-accessor.hh similarity index 96% rename from src/libstore/nar-accessor.hh rename to src/libstore/include/nix/nar-accessor.hh index 0043897c658..b64330547be 100644 --- a/src/libstore/nar-accessor.hh +++ b/src/libstore/include/nix/nar-accessor.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "source-accessor.hh" +#include "nix/source-accessor.hh" #include diff --git a/src/libstore/nar-info-disk-cache.hh b/src/libstore/include/nix/nar-info-disk-cache.hh similarity index 94% rename from src/libstore/nar-info-disk-cache.hh rename to src/libstore/include/nix/nar-info-disk-cache.hh index bbd1d05d5c5..3a301f7e858 100644 --- a/src/libstore/nar-info-disk-cache.hh +++ b/src/libstore/include/nix/nar-info-disk-cache.hh @@ -1,9 +1,9 @@ #pragma once ///@file -#include "ref.hh" -#include "nar-info.hh" -#include "realisation.hh" +#include "nix/ref.hh" +#include "nix/nar-info.hh" +#include "nix/realisation.hh" namespace nix { diff --git a/src/libstore/nar-info.hh b/src/libstore/include/nix/nar-info.hh similarity index 93% rename from src/libstore/nar-info.hh rename to src/libstore/include/nix/nar-info.hh index 561c9a86364..117be878f29 100644 --- a/src/libstore/nar-info.hh +++ b/src/libstore/include/nix/nar-info.hh @@ -1,9 +1,9 @@ #pragma once ///@file -#include "types.hh" -#include "hash.hh" -#include "path-info.hh" +#include "nix/types.hh" +#include "nix/hash.hh" +#include "nix/path-info.hh" namespace nix { diff --git a/src/libstore/outputs-spec.hh b/src/libstore/include/nix/outputs-spec.hh similarity index 98% rename from src/libstore/outputs-spec.hh rename to src/libstore/include/nix/outputs-spec.hh index 30d15311d0a..324d3a33461 100644 --- a/src/libstore/outputs-spec.hh +++ b/src/libstore/include/nix/outputs-spec.hh @@ -6,8 +6,8 @@ #include #include -#include "json-impls.hh" -#include "variant-wrapper.hh" +#include "nix/json-impls.hh" +#include "nix/variant-wrapper.hh" namespace nix { diff --git a/src/libstore/parsed-derivations.hh b/src/libstore/include/nix/parsed-derivations.hh similarity index 95% rename from src/libstore/parsed-derivations.hh rename to src/libstore/include/nix/parsed-derivations.hh index 51992fa84cd..34e254e0d05 100644 --- a/src/libstore/parsed-derivations.hh +++ b/src/libstore/include/nix/parsed-derivations.hh @@ -1,8 +1,8 @@ #pragma once ///@file -#include "derivations.hh" -#include "store-api.hh" +#include "nix/derivations.hh" +#include "nix/store-api.hh" #include diff --git a/src/libstore/path-info.hh b/src/libstore/include/nix/path-info.hh similarity index 98% rename from src/libstore/path-info.hh rename to src/libstore/include/nix/path-info.hh index 9a4c466a898..45c411ddd81 100644 --- a/src/libstore/path-info.hh +++ b/src/libstore/include/nix/path-info.hh @@ -1,10 +1,10 @@ #pragma once ///@file -#include "signature/signer.hh" -#include "path.hh" -#include "hash.hh" -#include "content-address.hh" +#include "nix/signature/signer.hh" +#include "nix/path.hh" +#include "nix/hash.hh" +#include "nix/content-address.hh" #include #include diff --git a/src/libstore/path-references.hh b/src/libstore/include/nix/path-references.hh similarity index 91% rename from src/libstore/path-references.hh rename to src/libstore/include/nix/path-references.hh index 0553003f83a..0b5e427646b 100644 --- a/src/libstore/path-references.hh +++ b/src/libstore/include/nix/path-references.hh @@ -1,8 +1,8 @@ #pragma once ///@file -#include "references.hh" -#include "path.hh" +#include "nix/references.hh" +#include "nix/path.hh" namespace nix { diff --git a/src/libstore/path-regex.hh b/src/libstore/include/nix/path-regex.hh similarity index 100% rename from src/libstore/path-regex.hh rename to src/libstore/include/nix/path-regex.hh diff --git a/src/libstore/path-with-outputs.hh b/src/libstore/include/nix/path-with-outputs.hh similarity index 95% rename from src/libstore/path-with-outputs.hh rename to src/libstore/include/nix/path-with-outputs.hh index 5f76a583a9a..e2ff303f274 100644 --- a/src/libstore/path-with-outputs.hh +++ b/src/libstore/include/nix/path-with-outputs.hh @@ -1,8 +1,8 @@ #pragma once ///@file -#include "path.hh" -#include "derived-path.hh" +#include "nix/path.hh" +#include "nix/derived-path.hh" namespace nix { diff --git a/src/libstore/path.hh b/src/libstore/include/nix/path.hh similarity index 98% rename from src/libstore/path.hh rename to src/libstore/include/nix/path.hh index 90226236258..56cd5aeb724 100644 --- a/src/libstore/path.hh +++ b/src/libstore/include/nix/path.hh @@ -3,7 +3,7 @@ #include -#include "types.hh" +#include "nix/types.hh" namespace nix { diff --git a/src/libstore/pathlocks.hh b/src/libstore/include/nix/pathlocks.hh similarity index 97% rename from src/libstore/pathlocks.hh rename to src/libstore/include/nix/pathlocks.hh index 42a84a1a37b..68f5a026238 100644 --- a/src/libstore/pathlocks.hh +++ b/src/libstore/include/nix/pathlocks.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "file-descriptor.hh" +#include "nix/file-descriptor.hh" namespace nix { diff --git a/src/libstore/posix-fs-canonicalise.hh b/src/libstore/include/nix/posix-fs-canonicalise.hh similarity index 96% rename from src/libstore/posix-fs-canonicalise.hh rename to src/libstore/include/nix/posix-fs-canonicalise.hh index 45a4f3f2069..1309db098e9 100644 --- a/src/libstore/posix-fs-canonicalise.hh +++ b/src/libstore/include/nix/posix-fs-canonicalise.hh @@ -4,8 +4,8 @@ #include #include -#include "types.hh" -#include "error.hh" +#include "nix/types.hh" +#include "nix/error.hh" namespace nix { diff --git a/src/libstore/profiles.hh b/src/libstore/include/nix/profiles.hh similarity index 99% rename from src/libstore/profiles.hh rename to src/libstore/include/nix/profiles.hh index 33fcf04b3a8..85f45cb73d4 100644 --- a/src/libstore/profiles.hh +++ b/src/libstore/include/nix/profiles.hh @@ -7,8 +7,8 @@ * See the manual for additional information. */ -#include "types.hh" -#include "pathlocks.hh" +#include "nix/types.hh" +#include "nix/pathlocks.hh" #include #include diff --git a/src/libstore/realisation.hh b/src/libstore/include/nix/realisation.hh similarity index 96% rename from src/libstore/realisation.hh rename to src/libstore/include/nix/realisation.hh index ddb4af770a2..2d868980c63 100644 --- a/src/libstore/realisation.hh +++ b/src/libstore/include/nix/realisation.hh @@ -3,12 +3,12 @@ #include -#include "hash.hh" -#include "path.hh" -#include "derived-path.hh" +#include "nix/hash.hh" +#include "nix/path.hh" +#include "nix/derived-path.hh" #include -#include "comparator.hh" -#include "signature/signer.hh" +#include "nix/comparator.hh" +#include "nix/signature/signer.hh" namespace nix { diff --git a/src/libstore/remote-fs-accessor.hh b/src/libstore/include/nix/remote-fs-accessor.hh similarity index 91% rename from src/libstore/remote-fs-accessor.hh rename to src/libstore/include/nix/remote-fs-accessor.hh index d09762a53c4..5abb195ee00 100644 --- a/src/libstore/remote-fs-accessor.hh +++ b/src/libstore/include/nix/remote-fs-accessor.hh @@ -1,9 +1,9 @@ #pragma once ///@file -#include "source-accessor.hh" -#include "ref.hh" -#include "store-api.hh" +#include "nix/source-accessor.hh" +#include "nix/ref.hh" +#include "nix/store-api.hh" namespace nix { diff --git a/src/libstore/remote-store-connection.hh b/src/libstore/include/nix/remote-store-connection.hh similarity index 91% rename from src/libstore/remote-store-connection.hh rename to src/libstore/include/nix/remote-store-connection.hh index f8549d0b245..5b11a04f770 100644 --- a/src/libstore/remote-store-connection.hh +++ b/src/libstore/include/nix/remote-store-connection.hh @@ -1,10 +1,10 @@ #pragma once ///@file -#include "remote-store.hh" -#include "worker-protocol.hh" -#include "worker-protocol-connection.hh" -#include "pool.hh" +#include "nix/remote-store.hh" +#include "nix/worker-protocol.hh" +#include "nix/worker-protocol-connection.hh" +#include "nix/pool.hh" namespace nix { diff --git a/src/libstore/remote-store.hh b/src/libstore/include/nix/remote-store.hh similarity index 98% rename from src/libstore/remote-store.hh rename to src/libstore/include/nix/remote-store.hh index ea6cd471eb5..ebc9b2a814e 100644 --- a/src/libstore/remote-store.hh +++ b/src/libstore/include/nix/remote-store.hh @@ -4,9 +4,9 @@ #include #include -#include "store-api.hh" -#include "gc-store.hh" -#include "log-store.hh" +#include "nix/store-api.hh" +#include "nix/gc-store.hh" +#include "nix/log-store.hh" namespace nix { diff --git a/src/libstore/s3-binary-cache-store.hh b/src/libstore/include/nix/s3-binary-cache-store.hh similarity index 98% rename from src/libstore/s3-binary-cache-store.hh rename to src/libstore/include/nix/s3-binary-cache-store.hh index 7d303a115f4..a0ca22bbbe5 100644 --- a/src/libstore/s3-binary-cache-store.hh +++ b/src/libstore/include/nix/s3-binary-cache-store.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "binary-cache-store.hh" +#include "nix/binary-cache-store.hh" #include diff --git a/src/libstore/s3.hh b/src/libstore/include/nix/s3.hh similarity index 97% rename from src/libstore/s3.hh rename to src/libstore/include/nix/s3.hh index 18de115aeb1..367c41d3682 100644 --- a/src/libstore/s3.hh +++ b/src/libstore/include/nix/s3.hh @@ -3,7 +3,7 @@ #if ENABLE_S3 -#include "ref.hh" +#include "nix/ref.hh" #include #include diff --git a/src/libstore/serve-protocol-connection.hh b/src/libstore/include/nix/serve-protocol-connection.hh similarity index 98% rename from src/libstore/serve-protocol-connection.hh rename to src/libstore/include/nix/serve-protocol-connection.hh index 73bf714439e..f1a9e1edee4 100644 --- a/src/libstore/serve-protocol-connection.hh +++ b/src/libstore/include/nix/serve-protocol-connection.hh @@ -1,8 +1,8 @@ #pragma once ///@file -#include "serve-protocol.hh" -#include "store-api.hh" +#include "nix/serve-protocol.hh" +#include "nix/store-api.hh" namespace nix { diff --git a/src/libstore/serve-protocol-impl.hh b/src/libstore/include/nix/serve-protocol-impl.hh similarity index 95% rename from src/libstore/serve-protocol-impl.hh rename to src/libstore/include/nix/serve-protocol-impl.hh index 099eade648e..2621d3b428e 100644 --- a/src/libstore/serve-protocol-impl.hh +++ b/src/libstore/include/nix/serve-protocol-impl.hh @@ -8,8 +8,8 @@ * contributing guide. */ -#include "serve-protocol.hh" -#include "length-prefixed-protocol-helper.hh" +#include "nix/serve-protocol.hh" +#include "nix/length-prefixed-protocol-helper.hh" namespace nix { diff --git a/src/libstore/serve-protocol.hh b/src/libstore/include/nix/serve-protocol.hh similarity index 99% rename from src/libstore/serve-protocol.hh rename to src/libstore/include/nix/serve-protocol.hh index 8c112bb74c7..a8587f6183a 100644 --- a/src/libstore/serve-protocol.hh +++ b/src/libstore/include/nix/serve-protocol.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "common-protocol.hh" +#include "nix/common-protocol.hh" namespace nix { diff --git a/src/libstore/sqlite.hh b/src/libstore/include/nix/sqlite.hh similarity index 99% rename from src/libstore/sqlite.hh rename to src/libstore/include/nix/sqlite.hh index 037380b7109..4143fa8a4e4 100644 --- a/src/libstore/sqlite.hh +++ b/src/libstore/include/nix/sqlite.hh @@ -4,7 +4,7 @@ #include #include -#include "error.hh" +#include "nix/error.hh" struct sqlite3; struct sqlite3_stmt; diff --git a/src/libstore/ssh-store.hh b/src/libstore/include/nix/ssh-store.hh similarity index 91% rename from src/libstore/ssh-store.hh rename to src/libstore/include/nix/ssh-store.hh index 29a2a8b2c2d..34ec4f79eca 100644 --- a/src/libstore/ssh-store.hh +++ b/src/libstore/include/nix/ssh-store.hh @@ -1,10 +1,10 @@ #pragma once ///@file -#include "common-ssh-store-config.hh" -#include "store-api.hh" -#include "local-fs-store.hh" -#include "remote-store.hh" +#include "nix/common-ssh-store-config.hh" +#include "nix/store-api.hh" +#include "nix/local-fs-store.hh" +#include "nix/remote-store.hh" namespace nix { diff --git a/src/libstore/ssh.hh b/src/libstore/include/nix/ssh.hh similarity index 95% rename from src/libstore/ssh.hh rename to src/libstore/include/nix/ssh.hh index eb05df01174..fa046d6de19 100644 --- a/src/libstore/ssh.hh +++ b/src/libstore/include/nix/ssh.hh @@ -1,9 +1,9 @@ #pragma once ///@file -#include "sync.hh" -#include "processes.hh" -#include "file-system.hh" +#include "nix/sync.hh" +#include "nix/processes.hh" +#include "nix/file-system.hh" namespace nix { diff --git a/src/libstore/store-api.hh b/src/libstore/include/nix/store-api.hh similarity index 98% rename from src/libstore/store-api.hh rename to src/libstore/include/nix/store-api.hh index 2eba88ea046..8e297dab2f9 100644 --- a/src/libstore/store-api.hh +++ b/src/libstore/include/nix/store-api.hh @@ -1,20 +1,20 @@ #pragma once ///@file -#include "path.hh" -#include "derived-path.hh" -#include "hash.hh" -#include "content-address.hh" -#include "serialise.hh" -#include "lru-cache.hh" -#include "sync.hh" -#include "globals.hh" -#include "config.hh" -#include "path-info.hh" -#include "repair-flag.hh" -#include "store-dir-config.hh" -#include "store-reference.hh" -#include "source-path.hh" +#include "nix/path.hh" +#include "nix/derived-path.hh" +#include "nix/hash.hh" +#include "nix/content-address.hh" +#include "nix/serialise.hh" +#include "nix/lru-cache.hh" +#include "nix/sync.hh" +#include "nix/globals.hh" +#include "nix/config.hh" +#include "nix/path-info.hh" +#include "nix/repair-flag.hh" +#include "nix/store-dir-config.hh" +#include "nix/store-reference.hh" +#include "nix/source-path.hh" #include #include diff --git a/src/libstore/store-cast.hh b/src/libstore/include/nix/store-cast.hh similarity index 94% rename from src/libstore/store-cast.hh rename to src/libstore/include/nix/store-cast.hh index 2473e72c5c4..4e6691016fb 100644 --- a/src/libstore/store-cast.hh +++ b/src/libstore/include/nix/store-cast.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "store-api.hh" +#include "nix/store-api.hh" namespace nix { diff --git a/src/libstore/store-dir-config.hh b/src/libstore/include/nix/store-dir-config.hh similarity index 95% rename from src/libstore/store-dir-config.hh rename to src/libstore/include/nix/store-dir-config.hh index fd4332b918f..66e084a2494 100644 --- a/src/libstore/store-dir-config.hh +++ b/src/libstore/include/nix/store-dir-config.hh @@ -1,10 +1,10 @@ #pragma once -#include "path.hh" -#include "hash.hh" -#include "content-address.hh" -#include "globals.hh" -#include "config.hh" +#include "nix/path.hh" +#include "nix/hash.hh" +#include "nix/content-address.hh" +#include "nix/globals.hh" +#include "nix/config.hh" #include #include diff --git a/src/libstore/store-reference.hh b/src/libstore/include/nix/store-reference.hh similarity index 98% rename from src/libstore/store-reference.hh rename to src/libstore/include/nix/store-reference.hh index 7100a1db095..922640fe002 100644 --- a/src/libstore/store-reference.hh +++ b/src/libstore/include/nix/store-reference.hh @@ -3,7 +3,7 @@ #include -#include "types.hh" +#include "nix/types.hh" namespace nix { diff --git a/src/libstore/uds-remote-store.hh b/src/libstore/include/nix/uds-remote-store.hh similarity index 95% rename from src/libstore/uds-remote-store.hh rename to src/libstore/include/nix/uds-remote-store.hh index a8e57166416..0a2e3fe9f57 100644 --- a/src/libstore/uds-remote-store.hh +++ b/src/libstore/include/nix/uds-remote-store.hh @@ -1,9 +1,9 @@ #pragma once ///@file -#include "remote-store.hh" -#include "remote-store-connection.hh" -#include "indirect-root-store.hh" +#include "nix/remote-store.hh" +#include "nix/remote-store-connection.hh" +#include "nix/indirect-root-store.hh" namespace nix { diff --git a/src/libstore/worker-protocol-connection.hh b/src/libstore/include/nix/worker-protocol-connection.hh similarity index 98% rename from src/libstore/worker-protocol-connection.hh rename to src/libstore/include/nix/worker-protocol-connection.hh index c2f446db1d9..a1a4668f254 100644 --- a/src/libstore/worker-protocol-connection.hh +++ b/src/libstore/include/nix/worker-protocol-connection.hh @@ -1,8 +1,8 @@ #pragma once ///@file -#include "worker-protocol.hh" -#include "store-api.hh" +#include "nix/worker-protocol.hh" +#include "nix/store-api.hh" namespace nix { diff --git a/src/libstore/worker-protocol-impl.hh b/src/libstore/include/nix/worker-protocol-impl.hh similarity index 95% rename from src/libstore/worker-protocol-impl.hh rename to src/libstore/include/nix/worker-protocol-impl.hh index 87398df90c9..902d21542b6 100644 --- a/src/libstore/worker-protocol-impl.hh +++ b/src/libstore/include/nix/worker-protocol-impl.hh @@ -8,8 +8,8 @@ * contributing guide. */ -#include "worker-protocol.hh" -#include "length-prefixed-protocol-helper.hh" +#include "nix/worker-protocol.hh" +#include "nix/length-prefixed-protocol-helper.hh" namespace nix { diff --git a/src/libstore/worker-protocol.hh b/src/libstore/include/nix/worker-protocol.hh similarity index 99% rename from src/libstore/worker-protocol.hh rename to src/libstore/include/nix/worker-protocol.hh index c356fa1bf37..175ddf01f68 100644 --- a/src/libstore/worker-protocol.hh +++ b/src/libstore/include/nix/worker-protocol.hh @@ -3,7 +3,7 @@ #include -#include "common-protocol.hh" +#include "nix/common-protocol.hh" namespace nix { diff --git a/src/libstore/indirect-root-store.cc b/src/libstore/indirect-root-store.cc index 844d0d6edad..1b51cbe153a 100644 --- a/src/libstore/indirect-root-store.cc +++ b/src/libstore/indirect-root-store.cc @@ -1,4 +1,4 @@ -#include "indirect-root-store.hh" +#include "nix/indirect-root-store.hh" namespace nix { diff --git a/src/libstore/keys.cc b/src/libstore/keys.cc index 668725fc7e8..1b2a612a2be 100644 --- a/src/libstore/keys.cc +++ b/src/libstore/keys.cc @@ -1,6 +1,6 @@ -#include "file-system.hh" -#include "globals.hh" -#include "keys.hh" +#include "nix/file-system.hh" +#include "nix/globals.hh" +#include "nix/keys.hh" namespace nix { diff --git a/src/libstore/legacy-ssh-store.cc b/src/libstore/legacy-ssh-store.cc index 480f4105939..bc2794499de 100644 --- a/src/libstore/legacy-ssh-store.cc +++ b/src/libstore/legacy-ssh-store.cc @@ -1,17 +1,17 @@ -#include "legacy-ssh-store.hh" -#include "common-ssh-store-config.hh" -#include "archive.hh" -#include "pool.hh" -#include "remote-store.hh" -#include "serve-protocol.hh" -#include "serve-protocol-connection.hh" -#include "serve-protocol-impl.hh" -#include "build-result.hh" -#include "store-api.hh" -#include "path-with-outputs.hh" -#include "ssh.hh" -#include "derivations.hh" -#include "callback.hh" +#include "nix/legacy-ssh-store.hh" +#include "nix/common-ssh-store-config.hh" +#include "nix/archive.hh" +#include "nix/pool.hh" +#include "nix/remote-store.hh" +#include "nix/serve-protocol.hh" +#include "nix/serve-protocol-connection.hh" +#include "nix/serve-protocol-impl.hh" +#include "nix/build-result.hh" +#include "nix/store-api.hh" +#include "nix/path-with-outputs.hh" +#include "nix/ssh.hh" +#include "nix/derivations.hh" +#include "nix/callback.hh" namespace nix { diff --git a/src/libstore/linux/fchmodat2-compat.hh b/src/libstore/linux/include/nix/fchmodat2-compat.hh similarity index 100% rename from src/libstore/linux/fchmodat2-compat.hh rename to src/libstore/linux/include/nix/fchmodat2-compat.hh diff --git a/src/libstore/linux/include/nix/meson.build b/src/libstore/linux/include/nix/meson.build new file mode 100644 index 00000000000..f37370c6fb7 --- /dev/null +++ b/src/libstore/linux/include/nix/meson.build @@ -0,0 +1,6 @@ +include_dirs += include_directories('..') + +headers += files( + 'fchmodat2-compat.hh', + 'personality.hh', +) diff --git a/src/libstore/linux/personality.hh b/src/libstore/linux/include/nix/personality.hh similarity index 100% rename from src/libstore/linux/personality.hh rename to src/libstore/linux/include/nix/personality.hh diff --git a/src/libstore/linux/meson.build b/src/libstore/linux/meson.build index 0c494b5d62e..b9a2aed2168 100644 --- a/src/libstore/linux/meson.build +++ b/src/libstore/linux/meson.build @@ -2,9 +2,4 @@ sources += files( 'personality.cc', ) -include_dirs += include_directories('.') - -headers += files( - 'fchmodat2-compat.hh', - 'personality.hh', -) +subdir('include/nix') diff --git a/src/libstore/linux/personality.cc b/src/libstore/linux/personality.cc index 255d174a6cc..bbff765ded7 100644 --- a/src/libstore/linux/personality.cc +++ b/src/libstore/linux/personality.cc @@ -1,5 +1,5 @@ -#include "personality.hh" -#include "globals.hh" +#include "nix/personality.hh" +#include "nix/globals.hh" #include #include diff --git a/src/libstore/local-binary-cache-store.cc b/src/libstore/local-binary-cache-store.cc index dcc6affe4a1..90a770ab0c1 100644 --- a/src/libstore/local-binary-cache-store.cc +++ b/src/libstore/local-binary-cache-store.cc @@ -1,7 +1,7 @@ -#include "local-binary-cache-store.hh" -#include "globals.hh" -#include "nar-info-disk-cache.hh" -#include "signals.hh" +#include "nix/local-binary-cache-store.hh" +#include "nix/globals.hh" +#include "nix/nar-info-disk-cache.hh" +#include "nix/signals.hh" #include diff --git a/src/libstore/local-fs-store.cc b/src/libstore/local-fs-store.cc index 5449b20eb3b..2798899faaa 100644 --- a/src/libstore/local-fs-store.cc +++ b/src/libstore/local-fs-store.cc @@ -1,10 +1,10 @@ -#include "archive.hh" -#include "posix-source-accessor.hh" -#include "store-api.hh" -#include "local-fs-store.hh" -#include "globals.hh" -#include "compression.hh" -#include "derivations.hh" +#include "nix/archive.hh" +#include "nix/posix-source-accessor.hh" +#include "nix/store-api.hh" +#include "nix/local-fs-store.hh" +#include "nix/globals.hh" +#include "nix/compression.hh" +#include "nix/derivations.hh" namespace nix { diff --git a/src/libstore/local-overlay-store.cc b/src/libstore/local-overlay-store.cc index 56ff6bef3e5..c2cc329b4d2 100644 --- a/src/libstore/local-overlay-store.cc +++ b/src/libstore/local-overlay-store.cc @@ -1,8 +1,8 @@ -#include "local-overlay-store.hh" -#include "callback.hh" -#include "realisation.hh" -#include "processes.hh" -#include "url.hh" +#include "nix/local-overlay-store.hh" +#include "nix/callback.hh" +#include "nix/realisation.hh" +#include "nix/processes.hh" +#include "nix/url.hh" #include namespace nix { diff --git a/src/libstore/local-store.cc b/src/libstore/local-store.cc index 1db6e0ef583..cf6644804a5 100644 --- a/src/libstore/local-store.cc +++ b/src/libstore/local-store.cc @@ -1,22 +1,22 @@ -#include "local-store.hh" -#include "globals.hh" -#include "git.hh" -#include "archive.hh" -#include "pathlocks.hh" -#include "worker-protocol.hh" -#include "derivations.hh" -#include "realisation.hh" -#include "nar-info.hh" -#include "references.hh" -#include "callback.hh" -#include "topo-sort.hh" -#include "finally.hh" -#include "compression.hh" -#include "signals.hh" -#include "posix-fs-canonicalise.hh" -#include "posix-source-accessor.hh" -#include "keys.hh" -#include "users.hh" +#include "nix/local-store.hh" +#include "nix/globals.hh" +#include "nix/git.hh" +#include "nix/archive.hh" +#include "nix/pathlocks.hh" +#include "nix/worker-protocol.hh" +#include "nix/derivations.hh" +#include "nix/realisation.hh" +#include "nix/nar-info.hh" +#include "nix/references.hh" +#include "nix/callback.hh" +#include "nix/topo-sort.hh" +#include "nix/finally.hh" +#include "nix/compression.hh" +#include "nix/signals.hh" +#include "nix/posix-fs-canonicalise.hh" +#include "nix/posix-source-accessor.hh" +#include "nix/keys.hh" +#include "nix/users.hh" #include #include @@ -52,7 +52,7 @@ #include -#include "strings.hh" +#include "nix/strings.hh" namespace nix { diff --git a/src/libstore/log-store.cc b/src/libstore/log-store.cc index 8a26832ab28..b2c2ff16a9d 100644 --- a/src/libstore/log-store.cc +++ b/src/libstore/log-store.cc @@ -1,4 +1,4 @@ -#include "log-store.hh" +#include "nix/log-store.hh" namespace nix { diff --git a/src/libstore/machines.cc b/src/libstore/machines.cc index eb729b697f1..7710ae99b75 100644 --- a/src/libstore/machines.cc +++ b/src/libstore/machines.cc @@ -1,6 +1,6 @@ -#include "machines.hh" -#include "globals.hh" -#include "store-api.hh" +#include "nix/machines.hh" +#include "nix/globals.hh" +#include "nix/store-api.hh" #include diff --git a/src/libstore/make-content-addressed.cc b/src/libstore/make-content-addressed.cc index a3130d7cc02..c7d44b1a935 100644 --- a/src/libstore/make-content-addressed.cc +++ b/src/libstore/make-content-addressed.cc @@ -1,5 +1,5 @@ -#include "make-content-addressed.hh" -#include "references.hh" +#include "nix/make-content-addressed.hh" +#include "nix/references.hh" namespace nix { diff --git a/src/libstore/meson.build b/src/libstore/meson.build index a592cbf9833..dd6d7b40494 100644 --- a/src/libstore/meson.build +++ b/src/libstore/meson.build @@ -166,16 +166,11 @@ if get_option('embedded-sandbox-shell') generated_headers += embedded_sandbox_shell_gen endif -config_h = configure_file( - configuration : configdata, - output : 'config-store.hh', -) - add_project_arguments( # TODO(Qyriad): Yes this is how the autoconf+Make system did it. # It would be nice for our headers to be idempotent instead. - '-include', 'config-util.hh', - '-include', 'config-store.hh', + '-include', 'nix/config-util.hh', + '-include', 'nix/config-store.hh', language : 'cpp', ) @@ -249,81 +244,7 @@ sources = files( 'worker-protocol.cc', ) -include_dirs = [ - include_directories('.'), - include_directories('build'), -] - -headers = [config_h] + files( - 'binary-cache-store.hh', - 'build-result.hh', - 'build/derivation-goal.hh', - 'build/drv-output-substitution-goal.hh', - 'build/goal.hh', - 'build/substitution-goal.hh', - 'build/worker.hh', - 'builtins.hh', - 'builtins/buildenv.hh', - 'common-protocol-impl.hh', - 'common-protocol.hh', - 'common-ssh-store-config.hh', - 'content-address.hh', - 'daemon.hh', - 'derivations.hh', - 'derivation-options.hh', - 'derived-path-map.hh', - 'derived-path.hh', - 'downstream-placeholder.hh', - 'filetransfer.hh', - 'gc-store.hh', - 'globals.hh', - 'http-binary-cache-store.hh', - 'indirect-root-store.hh', - 'keys.hh', - 'legacy-ssh-store.hh', - 'length-prefixed-protocol-helper.hh', - 'local-binary-cache-store.hh', - 'local-fs-store.hh', - 'local-overlay-store.hh', - 'local-store.hh', - 'log-store.hh', - 'machines.hh', - 'make-content-addressed.hh', - 'names.hh', - 'nar-accessor.hh', - 'nar-info-disk-cache.hh', - 'nar-info.hh', - 'outputs-spec.hh', - 'parsed-derivations.hh', - 'path-info.hh', - 'path-references.hh', - 'path-regex.hh', - 'path-with-outputs.hh', - 'path.hh', - 'pathlocks.hh', - 'posix-fs-canonicalise.hh', - 'profiles.hh', - 'realisation.hh', - 'remote-fs-accessor.hh', - 'remote-store-connection.hh', - 'remote-store.hh', - 's3-binary-cache-store.hh', - 's3.hh', - 'ssh-store.hh', - 'serve-protocol-connection.hh', - 'serve-protocol-impl.hh', - 'serve-protocol.hh', - 'sqlite.hh', - 'ssh.hh', - 'store-api.hh', - 'store-cast.hh', - 'store-dir-config.hh', - 'store-reference.hh', - 'uds-remote-store.hh', - 'worker-protocol-connection.hh', - 'worker-protocol-impl.hh', - 'worker-protocol.hh', -) +subdir('include/nix') if host_machine.system() == 'linux' subdir('linux') diff --git a/src/libstore/misc.cc b/src/libstore/misc.cc index 9d3b243266e..ef08f4af7b4 100644 --- a/src/libstore/misc.cc +++ b/src/libstore/misc.cc @@ -1,17 +1,17 @@ #include -#include "derivations.hh" -#include "parsed-derivations.hh" -#include "derivation-options.hh" -#include "globals.hh" -#include "store-api.hh" -#include "thread-pool.hh" -#include "realisation.hh" -#include "topo-sort.hh" -#include "callback.hh" -#include "closure.hh" -#include "filetransfer.hh" -#include "strings.hh" +#include "nix/derivations.hh" +#include "nix/parsed-derivations.hh" +#include "nix/derivation-options.hh" +#include "nix/globals.hh" +#include "nix/store-api.hh" +#include "nix/thread-pool.hh" +#include "nix/realisation.hh" +#include "nix/topo-sort.hh" +#include "nix/callback.hh" +#include "nix/closure.hh" +#include "nix/filetransfer.hh" +#include "nix/strings.hh" namespace nix { diff --git a/src/libstore/names.cc b/src/libstore/names.cc index c0e1b1022ac..2842bf3fb83 100644 --- a/src/libstore/names.cc +++ b/src/libstore/names.cc @@ -1,5 +1,5 @@ -#include "names.hh" -#include "util.hh" +#include "nix/names.hh" +#include "nix/util.hh" #include diff --git a/src/libstore/nar-accessor.cc b/src/libstore/nar-accessor.cc index c4e0b137b13..7fe2e7ecbff 100644 --- a/src/libstore/nar-accessor.cc +++ b/src/libstore/nar-accessor.cc @@ -1,5 +1,5 @@ -#include "nar-accessor.hh" -#include "archive.hh" +#include "nix/nar-accessor.hh" +#include "nix/archive.hh" #include #include diff --git a/src/libstore/nar-info-disk-cache.cc b/src/libstore/nar-info-disk-cache.cc index 80e8d34149d..acb7bd3bfbc 100644 --- a/src/libstore/nar-info-disk-cache.cc +++ b/src/libstore/nar-info-disk-cache.cc @@ -1,13 +1,13 @@ -#include "nar-info-disk-cache.hh" -#include "users.hh" -#include "sync.hh" -#include "sqlite.hh" -#include "globals.hh" +#include "nix/nar-info-disk-cache.hh" +#include "nix/users.hh" +#include "nix/sync.hh" +#include "nix/sqlite.hh" +#include "nix/globals.hh" #include #include -#include "strings.hh" +#include "nix/strings.hh" namespace nix { diff --git a/src/libstore/nar-info.cc b/src/libstore/nar-info.cc index 27fcc286411..176332a4ada 100644 --- a/src/libstore/nar-info.cc +++ b/src/libstore/nar-info.cc @@ -1,8 +1,8 @@ -#include "globals.hh" -#include "nar-info.hh" -#include "store-api.hh" -#include "strings.hh" -#include "json-utils.hh" +#include "nix/globals.hh" +#include "nix/nar-info.hh" +#include "nix/store-api.hh" +#include "nix/strings.hh" +#include "nix/json-utils.hh" namespace nix { diff --git a/src/libstore/optimise-store.cc b/src/libstore/optimise-store.cc index aeff24c642a..c2cda58e7cc 100644 --- a/src/libstore/optimise-store.cc +++ b/src/libstore/optimise-store.cc @@ -1,8 +1,8 @@ -#include "local-store.hh" -#include "globals.hh" -#include "signals.hh" -#include "posix-fs-canonicalise.hh" -#include "posix-source-accessor.hh" +#include "nix/local-store.hh" +#include "nix/globals.hh" +#include "nix/signals.hh" +#include "nix/posix-fs-canonicalise.hh" +#include "nix/posix-source-accessor.hh" #include #include diff --git a/src/libstore/outputs-spec.cc b/src/libstore/outputs-spec.cc index b623a975cc4..7d56a7afdbe 100644 --- a/src/libstore/outputs-spec.cc +++ b/src/libstore/outputs-spec.cc @@ -1,11 +1,11 @@ #include #include -#include "util.hh" -#include "regex-combinators.hh" -#include "outputs-spec.hh" -#include "path-regex.hh" -#include "strings-inline.hh" +#include "nix/util.hh" +#include "nix/regex-combinators.hh" +#include "nix/outputs-spec.hh" +#include "nix/path-regex.hh" +#include "nix/strings-inline.hh" namespace nix { diff --git a/src/libstore/package.nix b/src/libstore/package.nix index f992684dfbe..553bc043e53 100644 --- a/src/libstore/package.nix +++ b/src/libstore/package.nix @@ -43,8 +43,11 @@ mkMesonLibrary (finalAttrs: { ./.version ./meson.build ./meson.options + ./include/nix/meson.build ./linux/meson.build + ./linux/include/nix/meson.build ./unix/meson.build + ./unix/include/nix/meson.build ./windows/meson.build (fileset.fileFilter (file: file.hasExt "cc") ./.) (fileset.fileFilter (file: file.hasExt "hh") ./.) diff --git a/src/libstore/parsed-derivations.cc b/src/libstore/parsed-derivations.cc index b26c36efe6f..0e8f9ba9518 100644 --- a/src/libstore/parsed-derivations.cc +++ b/src/libstore/parsed-derivations.cc @@ -1,4 +1,4 @@ -#include "parsed-derivations.hh" +#include "nix/parsed-derivations.hh" #include #include diff --git a/src/libstore/path-info.cc b/src/libstore/path-info.cc index 6e87e60f446..574ada7ac28 100644 --- a/src/libstore/path-info.cc +++ b/src/libstore/path-info.cc @@ -1,10 +1,10 @@ #include -#include "path-info.hh" -#include "store-api.hh" -#include "json-utils.hh" -#include "comparator.hh" -#include "strings.hh" +#include "nix/path-info.hh" +#include "nix/store-api.hh" +#include "nix/json-utils.hh" +#include "nix/comparator.hh" +#include "nix/strings.hh" namespace nix { diff --git a/src/libstore/path-references.cc b/src/libstore/path-references.cc index 15f52ec9dea..a5aa8f48f59 100644 --- a/src/libstore/path-references.cc +++ b/src/libstore/path-references.cc @@ -1,6 +1,6 @@ -#include "path-references.hh" -#include "hash.hh" -#include "archive.hh" +#include "nix/path-references.hh" +#include "nix/hash.hh" +#include "nix/archive.hh" #include #include diff --git a/src/libstore/path-with-outputs.cc b/src/libstore/path-with-outputs.cc index e526b1ff6c7..87f7c6a726c 100644 --- a/src/libstore/path-with-outputs.cc +++ b/src/libstore/path-with-outputs.cc @@ -1,8 +1,8 @@ #include -#include "path-with-outputs.hh" -#include "store-api.hh" -#include "strings.hh" +#include "nix/path-with-outputs.hh" +#include "nix/store-api.hh" +#include "nix/strings.hh" namespace nix { diff --git a/src/libstore/path.cc b/src/libstore/path.cc index 3e9d054778c..d1eb02e709a 100644 --- a/src/libstore/path.cc +++ b/src/libstore/path.cc @@ -1,4 +1,4 @@ -#include "store-dir-config.hh" +#include "nix/store-dir-config.hh" namespace nix { diff --git a/src/libstore/pathlocks.cc b/src/libstore/pathlocks.cc index c855e797fdc..36bee67416e 100644 --- a/src/libstore/pathlocks.cc +++ b/src/libstore/pathlocks.cc @@ -1,7 +1,7 @@ -#include "pathlocks.hh" -#include "util.hh" -#include "sync.hh" -#include "signals.hh" +#include "nix/pathlocks.hh" +#include "nix/util.hh" +#include "nix/sync.hh" +#include "nix/signals.hh" #include #include diff --git a/src/libstore/posix-fs-canonicalise.cc b/src/libstore/posix-fs-canonicalise.cc index 46a78cc86aa..5fddae42fcf 100644 --- a/src/libstore/posix-fs-canonicalise.cc +++ b/src/libstore/posix-fs-canonicalise.cc @@ -2,12 +2,12 @@ # include #endif -#include "posix-fs-canonicalise.hh" -#include "file-system.hh" -#include "signals.hh" -#include "util.hh" -#include "globals.hh" -#include "store-api.hh" +#include "nix/posix-fs-canonicalise.hh" +#include "nix/file-system.hh" +#include "nix/signals.hh" +#include "nix/util.hh" +#include "nix/globals.hh" +#include "nix/store-api.hh" namespace nix { diff --git a/src/libstore/profiles.cc b/src/libstore/profiles.cc index 46efedfe327..19358f1360e 100644 --- a/src/libstore/profiles.cc +++ b/src/libstore/profiles.cc @@ -1,8 +1,8 @@ -#include "profiles.hh" -#include "signals.hh" -#include "store-api.hh" -#include "local-fs-store.hh" -#include "users.hh" +#include "nix/profiles.hh" +#include "nix/signals.hh" +#include "nix/store-api.hh" +#include "nix/local-fs-store.hh" +#include "nix/users.hh" #include #include diff --git a/src/libstore/realisation.cc b/src/libstore/realisation.cc index 86bfdd1a8bf..63b156b30a2 100644 --- a/src/libstore/realisation.cc +++ b/src/libstore/realisation.cc @@ -1,7 +1,7 @@ -#include "realisation.hh" -#include "store-api.hh" -#include "closure.hh" -#include "signature/local-keys.hh" +#include "nix/realisation.hh" +#include "nix/store-api.hh" +#include "nix/closure.hh" +#include "nix/signature/local-keys.hh" #include namespace nix { diff --git a/src/libstore/remote-fs-accessor.cc b/src/libstore/remote-fs-accessor.cc index 7e360b5fef1..2b3f0675d04 100644 --- a/src/libstore/remote-fs-accessor.cc +++ b/src/libstore/remote-fs-accessor.cc @@ -1,6 +1,6 @@ #include -#include "remote-fs-accessor.hh" -#include "nar-accessor.hh" +#include "nix/remote-fs-accessor.hh" +#include "nix/nar-accessor.hh" #include #include diff --git a/src/libstore/remote-store.cc b/src/libstore/remote-store.cc index 533ea557d25..bae03e5d049 100644 --- a/src/libstore/remote-store.cc +++ b/src/libstore/remote-store.cc @@ -1,23 +1,23 @@ -#include "serialise.hh" -#include "util.hh" -#include "path-with-outputs.hh" -#include "gc-store.hh" -#include "remote-fs-accessor.hh" -#include "build-result.hh" -#include "remote-store.hh" -#include "remote-store-connection.hh" -#include "worker-protocol.hh" -#include "worker-protocol-impl.hh" -#include "archive.hh" -#include "globals.hh" -#include "derivations.hh" -#include "pool.hh" -#include "finally.hh" -#include "git.hh" -#include "logging.hh" -#include "callback.hh" -#include "filetransfer.hh" -#include "signals.hh" +#include "nix/serialise.hh" +#include "nix/util.hh" +#include "nix/path-with-outputs.hh" +#include "nix/gc-store.hh" +#include "nix/remote-fs-accessor.hh" +#include "nix/build-result.hh" +#include "nix/remote-store.hh" +#include "nix/remote-store-connection.hh" +#include "nix/worker-protocol.hh" +#include "nix/worker-protocol-impl.hh" +#include "nix/archive.hh" +#include "nix/globals.hh" +#include "nix/derivations.hh" +#include "nix/pool.hh" +#include "nix/finally.hh" +#include "nix/git.hh" +#include "nix/logging.hh" +#include "nix/callback.hh" +#include "nix/filetransfer.hh" +#include "nix/signals.hh" #include diff --git a/src/libstore/s3-binary-cache-store.cc b/src/libstore/s3-binary-cache-store.cc index cfa713b00c2..69ebad75b63 100644 --- a/src/libstore/s3-binary-cache-store.cc +++ b/src/libstore/s3-binary-cache-store.cc @@ -2,14 +2,14 @@ #include -#include "s3.hh" -#include "s3-binary-cache-store.hh" -#include "nar-info.hh" -#include "nar-info-disk-cache.hh" -#include "globals.hh" -#include "compression.hh" -#include "filetransfer.hh" -#include "signals.hh" +#include "nix/s3.hh" +#include "nix/s3-binary-cache-store.hh" +#include "nix/nar-info.hh" +#include "nix/nar-info-disk-cache.hh" +#include "nix/globals.hh" +#include "nix/compression.hh" +#include "nix/filetransfer.hh" +#include "nix/signals.hh" #include #include diff --git a/src/libstore/serve-protocol-connection.cc b/src/libstore/serve-protocol-connection.cc index 07379999b4b..577297af820 100644 --- a/src/libstore/serve-protocol-connection.cc +++ b/src/libstore/serve-protocol-connection.cc @@ -1,7 +1,7 @@ -#include "serve-protocol-connection.hh" -#include "serve-protocol-impl.hh" -#include "build-result.hh" -#include "derivations.hh" +#include "nix/serve-protocol-connection.hh" +#include "nix/serve-protocol-impl.hh" +#include "nix/build-result.hh" +#include "nix/derivations.hh" namespace nix { diff --git a/src/libstore/serve-protocol.cc b/src/libstore/serve-protocol.cc index 08bfad9e405..0e2a3bc9d13 100644 --- a/src/libstore/serve-protocol.cc +++ b/src/libstore/serve-protocol.cc @@ -1,11 +1,11 @@ -#include "serialise.hh" -#include "path-with-outputs.hh" -#include "store-api.hh" -#include "build-result.hh" -#include "serve-protocol.hh" -#include "serve-protocol-impl.hh" -#include "archive.hh" -#include "path-info.hh" +#include "nix/serialise.hh" +#include "nix/path-with-outputs.hh" +#include "nix/store-api.hh" +#include "nix/build-result.hh" +#include "nix/serve-protocol.hh" +#include "nix/serve-protocol-impl.hh" +#include "nix/archive.hh" +#include "nix/path-info.hh" #include diff --git a/src/libstore/sqlite.cc b/src/libstore/sqlite.cc index f02e472fd5f..1f9622255d5 100644 --- a/src/libstore/sqlite.cc +++ b/src/libstore/sqlite.cc @@ -1,8 +1,8 @@ -#include "sqlite.hh" -#include "globals.hh" -#include "util.hh" -#include "url.hh" -#include "signals.hh" +#include "nix/sqlite.hh" +#include "nix/globals.hh" +#include "nix/util.hh" +#include "nix/url.hh" +#include "nix/signals.hh" #include diff --git a/src/libstore/ssh-store.cc b/src/libstore/ssh-store.cc index 954a9746774..dc889cb3901 100644 --- a/src/libstore/ssh-store.cc +++ b/src/libstore/ssh-store.cc @@ -1,12 +1,12 @@ -#include "ssh-store.hh" -#include "local-fs-store.hh" -#include "remote-store-connection.hh" -#include "source-accessor.hh" -#include "archive.hh" -#include "worker-protocol.hh" -#include "worker-protocol-impl.hh" -#include "pool.hh" -#include "ssh.hh" +#include "nix/ssh-store.hh" +#include "nix/local-fs-store.hh" +#include "nix/remote-store-connection.hh" +#include "nix/source-accessor.hh" +#include "nix/archive.hh" +#include "nix/worker-protocol.hh" +#include "nix/worker-protocol-impl.hh" +#include "nix/pool.hh" +#include "nix/ssh.hh" namespace nix { diff --git a/src/libstore/ssh.cc b/src/libstore/ssh.cc index 70e6d5dfe5d..86b6eda7c4b 100644 --- a/src/libstore/ssh.cc +++ b/src/libstore/ssh.cc @@ -1,9 +1,9 @@ -#include "ssh.hh" -#include "finally.hh" -#include "current-process.hh" -#include "environment-variables.hh" -#include "util.hh" -#include "exec.hh" +#include "nix/ssh.hh" +#include "nix/finally.hh" +#include "nix/current-process.hh" +#include "nix/environment-variables.hh" +#include "nix/util.hh" +#include "nix/exec.hh" namespace nix { diff --git a/src/libstore/store-api.cc b/src/libstore/store-api.cc index fc3fbcc0fbe..52a962553aa 100644 --- a/src/libstore/store-api.cc +++ b/src/libstore/store-api.cc @@ -1,28 +1,28 @@ -#include "signature/local-keys.hh" -#include "source-accessor.hh" -#include "globals.hh" -#include "derived-path.hh" -#include "realisation.hh" -#include "derivations.hh" -#include "store-api.hh" -#include "util.hh" -#include "nar-info-disk-cache.hh" -#include "thread-pool.hh" -#include "references.hh" -#include "archive.hh" -#include "callback.hh" -#include "git.hh" -#include "posix-source-accessor.hh" +#include "nix/signature/local-keys.hh" +#include "nix/source-accessor.hh" +#include "nix/globals.hh" +#include "nix/derived-path.hh" +#include "nix/realisation.hh" +#include "nix/derivations.hh" +#include "nix/store-api.hh" +#include "nix/util.hh" +#include "nix/nar-info-disk-cache.hh" +#include "nix/thread-pool.hh" +#include "nix/references.hh" +#include "nix/archive.hh" +#include "nix/callback.hh" +#include "nix/git.hh" +#include "nix/posix-source-accessor.hh" // FIXME this should not be here, see TODO below on // `addMultipleToStore`. -#include "worker-protocol.hh" -#include "signals.hh" -#include "users.hh" +#include "nix/worker-protocol.hh" +#include "nix/signals.hh" +#include "nix/users.hh" #include #include -#include "strings.hh" +#include "nix/strings.hh" using json = nlohmann::json; @@ -1277,8 +1277,8 @@ Derivation Store::readInvalidDerivation(const StorePath & drvPath) } -#include "local-store.hh" -#include "uds-remote-store.hh" +#include "nix/local-store.hh" +#include "nix/uds-remote-store.hh" namespace nix { diff --git a/src/libstore/store-reference.cc b/src/libstore/store-reference.cc index b4968dfadbd..610e70f9902 100644 --- a/src/libstore/store-reference.cc +++ b/src/libstore/store-reference.cc @@ -1,10 +1,10 @@ #include -#include "error.hh" -#include "url.hh" -#include "store-reference.hh" -#include "file-system.hh" -#include "util.hh" +#include "nix/error.hh" +#include "nix/url.hh" +#include "nix/store-reference.hh" +#include "nix/file-system.hh" +#include "nix/util.hh" namespace nix { diff --git a/src/libstore/uds-remote-store.cc b/src/libstore/uds-remote-store.cc index 3c445eb1318..b41eae39c8e 100644 --- a/src/libstore/uds-remote-store.cc +++ b/src/libstore/uds-remote-store.cc @@ -1,6 +1,6 @@ -#include "uds-remote-store.hh" -#include "unix-domain-socket.hh" -#include "worker-protocol.hh" +#include "nix/uds-remote-store.hh" +#include "nix/unix-domain-socket.hh" +#include "nix/worker-protocol.hh" #include #include diff --git a/src/libstore/unix/build/child.cc b/src/libstore/unix/build/child.cc index aa31c3caf24..c19d1e64618 100644 --- a/src/libstore/unix/build/child.cc +++ b/src/libstore/unix/build/child.cc @@ -1,6 +1,6 @@ -#include "child.hh" -#include "current-process.hh" -#include "logging.hh" +#include "nix/build/child.hh" +#include "nix/current-process.hh" +#include "nix/logging.hh" #include #include diff --git a/src/libstore/unix/build/hook-instance.cc b/src/libstore/unix/build/hook-instance.cc index 79eb25a91be..5407bef14c3 100644 --- a/src/libstore/unix/build/hook-instance.cc +++ b/src/libstore/unix/build/hook-instance.cc @@ -1,10 +1,10 @@ -#include "globals.hh" -#include "config-global.hh" -#include "hook-instance.hh" -#include "file-system.hh" -#include "child.hh" -#include "strings.hh" -#include "executable-path.hh" +#include "nix/globals.hh" +#include "nix/config-global.hh" +#include "nix/build/hook-instance.hh" +#include "nix/file-system.hh" +#include "nix/build/child.hh" +#include "nix/strings.hh" +#include "nix/executable-path.hh" namespace nix { diff --git a/src/libstore/unix/build/local-derivation-goal.cc b/src/libstore/unix/build/local-derivation-goal.cc index 0ccc4211b8d..74186242b6f 100644 --- a/src/libstore/unix/build/local-derivation-goal.cc +++ b/src/libstore/unix/build/local-derivation-goal.cc @@ -1,24 +1,24 @@ -#include "local-derivation-goal.hh" -#include "indirect-root-store.hh" -#include "hook-instance.hh" -#include "worker.hh" -#include "builtins.hh" -#include "builtins/buildenv.hh" -#include "path-references.hh" -#include "finally.hh" -#include "util.hh" -#include "archive.hh" -#include "git.hh" -#include "compression.hh" -#include "daemon.hh" -#include "topo-sort.hh" -#include "callback.hh" -#include "json-utils.hh" -#include "current-process.hh" -#include "child.hh" -#include "unix-domain-socket.hh" -#include "posix-fs-canonicalise.hh" -#include "posix-source-accessor.hh" +#include "nix/build/local-derivation-goal.hh" +#include "nix/indirect-root-store.hh" +#include "nix/build/hook-instance.hh" +#include "nix/build/worker.hh" +#include "nix/builtins.hh" +#include "nix/builtins/buildenv.hh" +#include "nix/path-references.hh" +#include "nix/finally.hh" +#include "nix/util.hh" +#include "nix/archive.hh" +#include "nix/git.hh" +#include "nix/compression.hh" +#include "nix/daemon.hh" +#include "nix/topo-sort.hh" +#include "nix/callback.hh" +#include "nix/json-utils.hh" +#include "nix/current-process.hh" +#include "nix/build/child.hh" +#include "nix/unix-domain-socket.hh" +#include "nix/posix-fs-canonicalise.hh" +#include "nix/posix-source-accessor.hh" #include #include @@ -37,7 +37,7 @@ /* Includes required for chroot support. */ #if __linux__ -# include "fchmodat2-compat.hh" +# include "nix/fchmodat2-compat.hh" # include # include # include @@ -46,13 +46,13 @@ # include # include # include -# include "namespaces.hh" +# include "nix/namespaces.hh" # if HAVE_SECCOMP # include # endif # define pivot_root(new_root, put_old) (syscall(SYS_pivot_root, new_root, put_old)) -# include "cgroup.hh" -# include "personality.hh" +# include "nix/cgroup.hh" +# include "nix/personality.hh" #endif #if __APPLE__ @@ -68,8 +68,8 @@ extern "C" int sandbox_init_with_parameters(const char *profile, uint64_t flags, #include #include -#include "strings.hh" -#include "signals.hh" +#include "nix/strings.hh" +#include "nix/signals.hh" namespace nix { diff --git a/src/libstore/unix/build/child.hh b/src/libstore/unix/include/nix/build/child.hh similarity index 100% rename from src/libstore/unix/build/child.hh rename to src/libstore/unix/include/nix/build/child.hh diff --git a/src/libstore/unix/build/hook-instance.hh b/src/libstore/unix/include/nix/build/hook-instance.hh similarity index 85% rename from src/libstore/unix/build/hook-instance.hh rename to src/libstore/unix/include/nix/build/hook-instance.hh index 61cf534f4e9..b82a5118370 100644 --- a/src/libstore/unix/build/hook-instance.hh +++ b/src/libstore/unix/include/nix/build/hook-instance.hh @@ -1,9 +1,9 @@ #pragma once ///@file -#include "logging.hh" -#include "serialise.hh" -#include "processes.hh" +#include "nix/logging.hh" +#include "nix/serialise.hh" +#include "nix/processes.hh" namespace nix { diff --git a/src/libstore/unix/build/local-derivation-goal.hh b/src/libstore/unix/include/nix/build/local-derivation-goal.hh similarity index 98% rename from src/libstore/unix/build/local-derivation-goal.hh rename to src/libstore/unix/include/nix/build/local-derivation-goal.hh index c7a129f9042..1a14211be3b 100644 --- a/src/libstore/unix/build/local-derivation-goal.hh +++ b/src/libstore/unix/include/nix/build/local-derivation-goal.hh @@ -1,9 +1,9 @@ #pragma once ///@file -#include "derivation-goal.hh" -#include "local-store.hh" -#include "processes.hh" +#include "nix/build/derivation-goal.hh" +#include "nix/local-store.hh" +#include "nix/processes.hh" namespace nix { diff --git a/src/libstore/unix/include/nix/meson.build b/src/libstore/unix/include/nix/meson.build new file mode 100644 index 00000000000..b07787c0aac --- /dev/null +++ b/src/libstore/unix/include/nix/meson.build @@ -0,0 +1,8 @@ +include_dirs += include_directories('..') + +headers += files( + 'build/child.hh', + 'build/hook-instance.hh', + 'build/local-derivation-goal.hh', + 'user-lock.hh', +) diff --git a/src/libstore/unix/user-lock.hh b/src/libstore/unix/include/nix/user-lock.hh similarity index 100% rename from src/libstore/unix/user-lock.hh rename to src/libstore/unix/include/nix/user-lock.hh diff --git a/src/libstore/unix/meson.build b/src/libstore/unix/meson.build index d9d19013107..7c80aa1a1f7 100644 --- a/src/libstore/unix/meson.build +++ b/src/libstore/unix/meson.build @@ -6,14 +6,4 @@ sources += files( 'user-lock.cc', ) -include_dirs += include_directories( - '.', - 'build', -) - -headers += files( - 'build/child.hh', - 'build/hook-instance.hh', - 'build/local-derivation-goal.hh', - 'user-lock.hh', -) +subdir('include/nix') diff --git a/src/libstore/unix/pathlocks.cc b/src/libstore/unix/pathlocks.cc index 1ec4579ec96..3cc24c85973 100644 --- a/src/libstore/unix/pathlocks.cc +++ b/src/libstore/unix/pathlocks.cc @@ -1,7 +1,7 @@ -#include "pathlocks.hh" -#include "util.hh" -#include "sync.hh" -#include "signals.hh" +#include "nix/pathlocks.hh" +#include "nix/util.hh" +#include "nix/sync.hh" +#include "nix/signals.hh" #include #include diff --git a/src/libstore/unix/user-lock.cc b/src/libstore/unix/user-lock.cc index 29f4b2cb31c..4426f07689e 100644 --- a/src/libstore/unix/user-lock.cc +++ b/src/libstore/unix/user-lock.cc @@ -2,11 +2,11 @@ #include #include -#include "user-lock.hh" -#include "file-system.hh" -#include "globals.hh" -#include "pathlocks.hh" -#include "users.hh" +#include "nix/user-lock.hh" +#include "nix/file-system.hh" +#include "nix/globals.hh" +#include "nix/pathlocks.hh" +#include "nix/users.hh" namespace nix { diff --git a/src/libstore/windows/pathlocks.cc b/src/libstore/windows/pathlocks.cc index 29a98d8e231..0161a8c322e 100644 --- a/src/libstore/windows/pathlocks.cc +++ b/src/libstore/windows/pathlocks.cc @@ -1,13 +1,13 @@ -#include "logging.hh" -#include "pathlocks.hh" -#include "signals.hh" -#include "util.hh" +#include "nix/logging.hh" +#include "nix/pathlocks.hh" +#include "nix/signals.hh" +#include "nix/util.hh" #ifdef _WIN32 # include # include # include -# include "windows-error.hh" +# include "nix/windows-error.hh" namespace nix { diff --git a/src/libstore/worker-protocol-connection.cc b/src/libstore/worker-protocol-connection.cc index 6585df4be62..a30e808a7cd 100644 --- a/src/libstore/worker-protocol-connection.cc +++ b/src/libstore/worker-protocol-connection.cc @@ -1,7 +1,7 @@ -#include "worker-protocol-connection.hh" -#include "worker-protocol-impl.hh" -#include "build-result.hh" -#include "derivations.hh" +#include "nix/worker-protocol-connection.hh" +#include "nix/worker-protocol-impl.hh" +#include "nix/build-result.hh" +#include "nix/derivations.hh" namespace nix { diff --git a/src/libstore/worker-protocol.cc b/src/libstore/worker-protocol.cc index f06fb2893c7..e9972365205 100644 --- a/src/libstore/worker-protocol.cc +++ b/src/libstore/worker-protocol.cc @@ -1,11 +1,11 @@ -#include "serialise.hh" -#include "path-with-outputs.hh" -#include "store-api.hh" -#include "build-result.hh" -#include "worker-protocol.hh" -#include "worker-protocol-impl.hh" -#include "archive.hh" -#include "path-info.hh" +#include "nix/serialise.hh" +#include "nix/path-with-outputs.hh" +#include "nix/store-api.hh" +#include "nix/build-result.hh" +#include "nix/worker-protocol.hh" +#include "nix/worker-protocol-impl.hh" +#include "nix/archive.hh" +#include "nix/path-info.hh" #include #include diff --git a/src/libutil-c/meson.build b/src/libutil-c/meson.build index 2733a33ba4d..cd53bc5854c 100644 --- a/src/libutil-c/meson.build +++ b/src/libutil-c/meson.build @@ -27,7 +27,7 @@ configdata.set_quoted('PACKAGE_VERSION', meson.project_version()) config_h = configure_file( configuration : configdata, - output : 'config-util.h', + output : 'nix_api_util_config.h', ) add_project_arguments( @@ -35,7 +35,7 @@ add_project_arguments( # It would be nice for our headers to be idempotent instead. # From C++ libraries, only for internals - '-include', 'config-util.hh', + '-include', 'nix/config-util.hh', language : 'cpp', ) @@ -69,7 +69,7 @@ this_library = library( install : true, ) -install_headers(headers, subdir : 'nix', preserve_path : true) +install_headers(headers, preserve_path : true) libraries_private = [] diff --git a/src/libutil-c/nix_api_util.cc b/src/libutil-c/nix_api_util.cc index 3e061d53e56..483c5484a33 100644 --- a/src/libutil-c/nix_api_util.cc +++ b/src/libutil-c/nix_api_util.cc @@ -1,13 +1,13 @@ #include "nix_api_util.h" -#include "config-global.hh" -#include "error.hh" +#include "nix/config-global.hh" +#include "nix/error.hh" #include "nix_api_util_internal.h" -#include "util.hh" +#include "nix/util.hh" #include #include -#include "config-util.h" +#include "nix_api_util_config.h" nix_c_context * nix_c_context_create() { diff --git a/src/libutil-c/nix_api_util_internal.h b/src/libutil-c/nix_api_util_internal.h index 7fa4252acfd..362d8c59a02 100644 --- a/src/libutil-c/nix_api_util_internal.h +++ b/src/libutil-c/nix_api_util_internal.h @@ -4,7 +4,7 @@ #include #include -#include "error.hh" +#include "nix/error.hh" #include "nix_api_util.h" struct nix_c_context diff --git a/src/libutil-test-support/tests/hash.cc b/src/libutil-test-support/hash.cc similarity index 91% rename from src/libutil-test-support/tests/hash.cc rename to src/libutil-test-support/hash.cc index 51b9663b4c4..3614b42b3aa 100644 --- a/src/libutil-test-support/tests/hash.cc +++ b/src/libutil-test-support/hash.cc @@ -2,9 +2,9 @@ #include -#include "hash.hh" +#include "nix/hash.hh" -#include "tests/hash.hh" +#include "nix/tests/hash.hh" namespace rc { using namespace nix; diff --git a/src/libutil-test-support/include/nix/meson.build b/src/libutil-test-support/include/nix/meson.build new file mode 100644 index 00000000000..6490d19ace4 --- /dev/null +++ b/src/libutil-test-support/include/nix/meson.build @@ -0,0 +1,11 @@ +# Public headers directory + +include_dirs = [include_directories('..')] + +headers = files( + 'tests/characterization.hh', + 'tests/gtest-with-params.hh', + 'tests/hash.hh', + 'tests/nix_api_util.hh', + 'tests/string_callback.hh', +) diff --git a/src/libutil-test-support/tests/characterization.hh b/src/libutil-test-support/include/nix/tests/characterization.hh similarity index 96% rename from src/libutil-test-support/tests/characterization.hh rename to src/libutil-test-support/include/nix/tests/characterization.hh index 5e790e75ba6..f9079363323 100644 --- a/src/libutil-test-support/tests/characterization.hh +++ b/src/libutil-test-support/include/nix/tests/characterization.hh @@ -3,9 +3,9 @@ #include -#include "types.hh" -#include "environment-variables.hh" -#include "file-system.hh" +#include "nix/types.hh" +#include "nix/environment-variables.hh" +#include "nix/file-system.hh" namespace nix { diff --git a/src/libutil-test-support/tests/gtest-with-params.hh b/src/libutil-test-support/include/nix/tests/gtest-with-params.hh similarity index 100% rename from src/libutil-test-support/tests/gtest-with-params.hh rename to src/libutil-test-support/include/nix/tests/gtest-with-params.hh diff --git a/src/libutil-test-support/tests/hash.hh b/src/libutil-test-support/include/nix/tests/hash.hh similarity index 88% rename from src/libutil-test-support/tests/hash.hh rename to src/libutil-test-support/include/nix/tests/hash.hh index 1f9fa59ae9b..b965ac1a24e 100644 --- a/src/libutil-test-support/tests/hash.hh +++ b/src/libutil-test-support/include/nix/tests/hash.hh @@ -3,7 +3,7 @@ #include -#include +#include "nix/hash.hh" namespace rc { using namespace nix; diff --git a/src/libutil-test-support/tests/nix_api_util.hh b/src/libutil-test-support/include/nix/tests/nix_api_util.hh similarity index 100% rename from src/libutil-test-support/tests/nix_api_util.hh rename to src/libutil-test-support/include/nix/tests/nix_api_util.hh diff --git a/src/libutil-test-support/tests/string_callback.hh b/src/libutil-test-support/include/nix/tests/string_callback.hh similarity index 100% rename from src/libutil-test-support/tests/string_callback.hh rename to src/libutil-test-support/include/nix/tests/string_callback.hh diff --git a/src/libutil-test-support/tests/tracing-file-system-object-sink.hh b/src/libutil-test-support/include/nix/tests/tracing-file-system-object-sink.hh similarity index 97% rename from src/libutil-test-support/tests/tracing-file-system-object-sink.hh rename to src/libutil-test-support/include/nix/tests/tracing-file-system-object-sink.hh index 895ac366405..f5d38d0f811 100644 --- a/src/libutil-test-support/tests/tracing-file-system-object-sink.hh +++ b/src/libutil-test-support/include/nix/tests/tracing-file-system-object-sink.hh @@ -1,5 +1,5 @@ #pragma once -#include "fs-sink.hh" +#include "nix/fs-sink.hh" namespace nix::test { diff --git a/src/libutil-test-support/meson.build b/src/libutil-test-support/meson.build index db944cf0619..f235af9eb3c 100644 --- a/src/libutil-test-support/meson.build +++ b/src/libutil-test-support/meson.build @@ -28,26 +28,18 @@ deps_public += rapidcheck add_project_arguments( # TODO(Qyriad): Yes this is how the autoconf+Make system did it. # It would be nice for our headers to be idempotent instead. - '-include', 'config-util.hh', + '-include', 'nix/config-util.hh', language : 'cpp', ) subdir('nix-meson-build-support/common') sources = files( - 'tests/hash.cc', - 'tests/string_callback.cc', + 'hash.cc', + 'string_callback.cc', ) -include_dirs = [include_directories('.')] - -headers = files( - 'tests/characterization.hh', - 'tests/gtest-with-params.hh', - 'tests/hash.hh', - 'tests/nix_api_util.hh', - 'tests/string_callback.hh', -) +subdir('include/nix') subdir('nix-meson-build-support/export-all-symbols') subdir('nix-meson-build-support/windows-version') diff --git a/src/libutil-test-support/package.nix b/src/libutil-test-support/package.nix index fafd47c86c5..033758d7b5a 100644 --- a/src/libutil-test-support/package.nix +++ b/src/libutil-test-support/package.nix @@ -28,6 +28,7 @@ mkMesonLibrary (finalAttrs: { ./.version ./meson.build # ./meson.options + ./include/nix/meson.build (fileset.fileFilter (file: file.hasExt "cc") ./.) (fileset.fileFilter (file: file.hasExt "hh") ./.) ]; diff --git a/src/libutil-test-support/tests/string_callback.cc b/src/libutil-test-support/string_callback.cc similarity index 85% rename from src/libutil-test-support/tests/string_callback.cc rename to src/libutil-test-support/string_callback.cc index 7a13bd4ff9c..25781dc60ce 100644 --- a/src/libutil-test-support/tests/string_callback.cc +++ b/src/libutil-test-support/string_callback.cc @@ -1,4 +1,4 @@ -#include "string_callback.hh" +#include "nix/tests/string_callback.hh" namespace nix::testing { diff --git a/src/libutil-test-support/tests/tracing-file-system-object-sink.cc b/src/libutil-test-support/tracing-file-system-object-sink.cc similarity index 95% rename from src/libutil-test-support/tests/tracing-file-system-object-sink.cc rename to src/libutil-test-support/tracing-file-system-object-sink.cc index 122a09dcb32..52b081fb8fa 100644 --- a/src/libutil-test-support/tests/tracing-file-system-object-sink.cc +++ b/src/libutil-test-support/tracing-file-system-object-sink.cc @@ -1,5 +1,5 @@ #include -#include "tracing-file-system-object-sink.hh" +#include "nix/tracing-file-system-object-sink.hh" namespace nix::test { diff --git a/src/libutil-tests/args.cc b/src/libutil-tests/args.cc index 95022443006..abcc8564175 100644 --- a/src/libutil-tests/args.cc +++ b/src/libutil-tests/args.cc @@ -1,5 +1,5 @@ -#include "args.hh" -#include "fs-sink.hh" +#include "nix/args.hh" +#include "nix/fs-sink.hh" #include #include diff --git a/src/libutil-tests/canon-path.cc b/src/libutil-tests/canon-path.cc index 7f91308afe1..6ef6d3c994b 100644 --- a/src/libutil-tests/canon-path.cc +++ b/src/libutil-tests/canon-path.cc @@ -1,4 +1,4 @@ -#include "canon-path.hh" +#include "nix/canon-path.hh" #include diff --git a/src/libutil-tests/checked-arithmetic.cc b/src/libutil-tests/checked-arithmetic.cc index 75018660dc8..4d98344fb33 100644 --- a/src/libutil-tests/checked-arithmetic.cc +++ b/src/libutil-tests/checked-arithmetic.cc @@ -5,9 +5,9 @@ #include #include -#include +#include "nix/checked-arithmetic.hh" -#include "tests/gtest-with-params.hh" +#include "nix/tests/gtest-with-params.hh" namespace rc { using namespace nix; diff --git a/src/libutil-tests/chunked-vector.cc b/src/libutil-tests/chunked-vector.cc index 868d11f6f37..16dedc63f53 100644 --- a/src/libutil-tests/chunked-vector.cc +++ b/src/libutil-tests/chunked-vector.cc @@ -1,4 +1,4 @@ -#include "chunked-vector.hh" +#include "nix/chunked-vector.hh" #include diff --git a/src/libutil-tests/closure.cc b/src/libutil-tests/closure.cc index 7597e78073b..b6b777bcc43 100644 --- a/src/libutil-tests/closure.cc +++ b/src/libutil-tests/closure.cc @@ -1,4 +1,4 @@ -#include "closure.hh" +#include "nix/closure.hh" #include namespace nix { diff --git a/src/libutil-tests/compression.cc b/src/libutil-tests/compression.cc index bbbf3500fbf..7c7dfbd7bb4 100644 --- a/src/libutil-tests/compression.cc +++ b/src/libutil-tests/compression.cc @@ -1,4 +1,4 @@ -#include "compression.hh" +#include "nix/compression.hh" #include namespace nix { diff --git a/src/libutil-tests/config.cc b/src/libutil-tests/config.cc index 886e70da50d..aae410d2b5a 100644 --- a/src/libutil-tests/config.cc +++ b/src/libutil-tests/config.cc @@ -1,5 +1,5 @@ -#include "config.hh" -#include "args.hh" +#include "nix/config.hh" +#include "nix/args.hh" #include #include diff --git a/src/libutil-tests/executable-path.cc b/src/libutil-tests/executable-path.cc index 8d182357dab..041209882cc 100644 --- a/src/libutil-tests/executable-path.cc +++ b/src/libutil-tests/executable-path.cc @@ -1,6 +1,6 @@ #include -#include "executable-path.hh" +#include "nix/executable-path.hh" namespace nix { diff --git a/src/libutil-tests/file-content-address.cc b/src/libutil-tests/file-content-address.cc index 27d926a8736..686114a9fc1 100644 --- a/src/libutil-tests/file-content-address.cc +++ b/src/libutil-tests/file-content-address.cc @@ -1,6 +1,6 @@ #include -#include "file-content-address.hh" +#include "nix/file-content-address.hh" namespace nix { diff --git a/src/libutil-tests/file-system.cc b/src/libutil-tests/file-system.cc index 2c10d486986..71e671a698a 100644 --- a/src/libutil-tests/file-system.cc +++ b/src/libutil-tests/file-system.cc @@ -1,9 +1,9 @@ -#include "util.hh" -#include "types.hh" -#include "file-system.hh" -#include "processes.hh" -#include "terminal.hh" -#include "strings.hh" +#include "nix/util.hh" +#include "nix/types.hh" +#include "nix/file-system.hh" +#include "nix/processes.hh" +#include "nix/terminal.hh" +#include "nix/strings.hh" #include #include diff --git a/src/libutil-tests/git.cc b/src/libutil-tests/git.cc index 048956a580a..b91d5019b53 100644 --- a/src/libutil-tests/git.cc +++ b/src/libutil-tests/git.cc @@ -1,9 +1,9 @@ #include -#include "git.hh" -#include "memory-source-accessor.hh" +#include "nix/git.hh" +#include "nix/memory-source-accessor.hh" -#include "tests/characterization.hh" +#include "nix/tests/characterization.hh" namespace nix { diff --git a/src/libutil-tests/hash.cc b/src/libutil-tests/hash.cc index 3a639aef92f..1ba69a57337 100644 --- a/src/libutil-tests/hash.cc +++ b/src/libutil-tests/hash.cc @@ -2,7 +2,7 @@ #include -#include "hash.hh" +#include "nix/hash.hh" namespace nix { diff --git a/src/libutil-tests/hilite.cc b/src/libutil-tests/hilite.cc index 5ef58188884..e571a9bf65f 100644 --- a/src/libutil-tests/hilite.cc +++ b/src/libutil-tests/hilite.cc @@ -1,4 +1,4 @@ -#include "hilite.hh" +#include "nix/hilite.hh" #include diff --git a/src/libutil-tests/json-utils.cc b/src/libutil-tests/json-utils.cc index 704a4acb05d..b8722bd304d 100644 --- a/src/libutil-tests/json-utils.cc +++ b/src/libutil-tests/json-utils.cc @@ -3,8 +3,8 @@ #include -#include "error.hh" -#include "json-utils.hh" +#include "nix/error.hh" +#include "nix/json-utils.hh" namespace nix { diff --git a/src/libutil-tests/logging.cc b/src/libutil-tests/logging.cc index 1d7304f0591..ca89ee02ff8 100644 --- a/src/libutil-tests/logging.cc +++ b/src/libutil-tests/logging.cc @@ -1,7 +1,7 @@ #if 0 -#include "logging.hh" -#include "nixexpr.hh" +#include "nix/logging.hh" +#include "nix/nixexpr.hh" #include #include diff --git a/src/libutil-tests/lru-cache.cc b/src/libutil-tests/lru-cache.cc index 091d3d5ede1..98763588af3 100644 --- a/src/libutil-tests/lru-cache.cc +++ b/src/libutil-tests/lru-cache.cc @@ -1,4 +1,4 @@ -#include "lru-cache.hh" +#include "nix/lru-cache.hh" #include namespace nix { diff --git a/src/libutil-tests/nix_api_util.cc b/src/libutil-tests/nix_api_util.cc index 7b77bd87fac..f768de01120 100644 --- a/src/libutil-tests/nix_api_util.cc +++ b/src/libutil-tests/nix_api_util.cc @@ -1,9 +1,9 @@ -#include "config-global.hh" -#include "args.hh" +#include "nix/config-global.hh" +#include "nix/args.hh" #include "nix_api_util.h" #include "nix_api_util_internal.h" -#include "tests/nix_api_util.hh" -#include "tests/string_callback.hh" +#include "nix/tests/nix_api_util.hh" +#include "nix/tests/string_callback.hh" #include diff --git a/src/libutil-tests/pool.cc b/src/libutil-tests/pool.cc index 127e42dda2b..8402768d345 100644 --- a/src/libutil-tests/pool.cc +++ b/src/libutil-tests/pool.cc @@ -1,4 +1,4 @@ -#include "pool.hh" +#include "nix/pool.hh" #include namespace nix { diff --git a/src/libutil-tests/position.cc b/src/libutil-tests/position.cc index 484ecc2479b..0726b89c08d 100644 --- a/src/libutil-tests/position.cc +++ b/src/libutil-tests/position.cc @@ -1,6 +1,6 @@ #include -#include "position.hh" +#include "nix/position.hh" namespace nix { diff --git a/src/libutil-tests/processes.cc b/src/libutil-tests/processes.cc index 9033595e85c..5d1435e3a4a 100644 --- a/src/libutil-tests/processes.cc +++ b/src/libutil-tests/processes.cc @@ -1,4 +1,4 @@ -#include "processes.hh" +#include "nix/processes.hh" #include diff --git a/src/libutil-tests/references.cc b/src/libutil-tests/references.cc index c3efa6d5101..362629b553e 100644 --- a/src/libutil-tests/references.cc +++ b/src/libutil-tests/references.cc @@ -1,4 +1,4 @@ -#include "references.hh" +#include "nix/references.hh" #include namespace nix { diff --git a/src/libutil-tests/spawn.cc b/src/libutil-tests/spawn.cc index c617acae08e..502d4e90b32 100644 --- a/src/libutil-tests/spawn.cc +++ b/src/libutil-tests/spawn.cc @@ -1,6 +1,6 @@ #include -#include "processes.hh" +#include "nix/processes.hh" namespace nix { diff --git a/src/libutil-tests/strings.cc b/src/libutil-tests/strings.cc index 33a1fae9b23..26b99263b7f 100644 --- a/src/libutil-tests/strings.cc +++ b/src/libutil-tests/strings.cc @@ -1,8 +1,8 @@ #include #include -#include "strings.hh" -#include "error.hh" +#include "nix/strings.hh" +#include "nix/error.hh" namespace nix { diff --git a/src/libutil-tests/suggestions.cc b/src/libutil-tests/suggestions.cc index 279994abc67..36d0b7169b8 100644 --- a/src/libutil-tests/suggestions.cc +++ b/src/libutil-tests/suggestions.cc @@ -1,4 +1,4 @@ -#include "suggestions.hh" +#include "nix/suggestions.hh" #include namespace nix { diff --git a/src/libutil-tests/terminal.cc b/src/libutil-tests/terminal.cc index f4fc6e770d2..3d3296cc3b9 100644 --- a/src/libutil-tests/terminal.cc +++ b/src/libutil-tests/terminal.cc @@ -1,7 +1,7 @@ -#include "util.hh" -#include "types.hh" -#include "terminal.hh" -#include "strings.hh" +#include "nix/util.hh" +#include "nix/types.hh" +#include "nix/terminal.hh" +#include "nix/strings.hh" #include #include diff --git a/src/libutil-tests/url.cc b/src/libutil-tests/url.cc index 7e1d2aa15ee..89a461c2cba 100644 --- a/src/libutil-tests/url.cc +++ b/src/libutil-tests/url.cc @@ -1,4 +1,4 @@ -#include "url.hh" +#include "nix/url.hh" #include namespace nix { diff --git a/src/libutil-tests/util.cc b/src/libutil-tests/util.cc index a3f7c720a5c..53b7cd208f4 100644 --- a/src/libutil-tests/util.cc +++ b/src/libutil-tests/util.cc @@ -1,8 +1,8 @@ -#include "util.hh" -#include "types.hh" -#include "file-system.hh" -#include "terminal.hh" -#include "strings.hh" +#include "nix/util.hh" +#include "nix/types.hh" +#include "nix/file-system.hh" +#include "nix/terminal.hh" +#include "nix/strings.hh" #include #include diff --git a/src/libutil-tests/xml-writer.cc b/src/libutil-tests/xml-writer.cc index adcde25c9f1..7fc1f3154a3 100644 --- a/src/libutil-tests/xml-writer.cc +++ b/src/libutil-tests/xml-writer.cc @@ -1,4 +1,4 @@ -#include "xml-writer.hh" +#include "nix/xml-writer.hh" #include #include diff --git a/src/libutil/archive.cc b/src/libutil/archive.cc index 20d8a1e09be..2c7c91dd05d 100644 --- a/src/libutil/archive.cc +++ b/src/libutil/archive.cc @@ -5,12 +5,12 @@ #include // for strcasecmp -#include "archive.hh" -#include "config-global.hh" -#include "posix-source-accessor.hh" -#include "source-path.hh" -#include "file-system.hh" -#include "signals.hh" +#include "nix/archive.hh" +#include "nix/config-global.hh" +#include "nix/posix-source-accessor.hh" +#include "nix/source-path.hh" +#include "nix/file-system.hh" +#include "nix/signals.hh" namespace nix { diff --git a/src/libutil/args.cc b/src/libutil/args.cc index 05ecf724ef6..184318cc49f 100644 --- a/src/libutil/args.cc +++ b/src/libutil/args.cc @@ -1,10 +1,10 @@ -#include "args.hh" -#include "args/root.hh" -#include "hash.hh" -#include "environment-variables.hh" -#include "signals.hh" -#include "users.hh" -#include "json-utils.hh" +#include "nix/args.hh" +#include "nix/args/root.hh" +#include "nix/hash.hh" +#include "nix/environment-variables.hh" +#include "nix/signals.hh" +#include "nix/users.hh" +#include "nix/json-utils.hh" #include #include diff --git a/src/libutil/canon-path.cc b/src/libutil/canon-path.cc index 03db6378a82..c6f48ac32ee 100644 --- a/src/libutil/canon-path.cc +++ b/src/libutil/canon-path.cc @@ -1,7 +1,7 @@ -#include "canon-path.hh" -#include "util.hh" -#include "file-path-impl.hh" -#include "strings-inline.hh" +#include "nix/canon-path.hh" +#include "nix/util.hh" +#include "nix/file-path-impl.hh" +#include "nix/strings-inline.hh" namespace nix { diff --git a/src/libutil/compression.cc b/src/libutil/compression.cc index d2702856591..788ad7109b2 100644 --- a/src/libutil/compression.cc +++ b/src/libutil/compression.cc @@ -1,8 +1,8 @@ -#include "compression.hh" -#include "signals.hh" -#include "tarfile.hh" -#include "finally.hh" -#include "logging.hh" +#include "nix/compression.hh" +#include "nix/signals.hh" +#include "nix/tarfile.hh" +#include "nix/finally.hh" +#include "nix/logging.hh" #include #include diff --git a/src/libutil/compute-levels.cc b/src/libutil/compute-levels.cc index 19eaedfa8d1..8cc3def188d 100644 --- a/src/libutil/compute-levels.cc +++ b/src/libutil/compute-levels.cc @@ -1,4 +1,4 @@ -#include "types.hh" +#include "nix/types.hh" #if HAVE_LIBCPUID #include diff --git a/src/libutil/config-global.cc b/src/libutil/config-global.cc index 3ed1dd1d31c..b325d09e7ba 100644 --- a/src/libutil/config-global.cc +++ b/src/libutil/config-global.cc @@ -1,4 +1,4 @@ -#include "config-global.hh" +#include "nix/config-global.hh" #include diff --git a/src/libutil/config.cc b/src/libutil/config.cc index ca8480304d2..b108dd58a44 100644 --- a/src/libutil/config.cc +++ b/src/libutil/config.cc @@ -1,16 +1,16 @@ -#include "config.hh" -#include "args.hh" -#include "abstract-setting-to-json.hh" -#include "environment-variables.hh" -#include "experimental-features.hh" -#include "util.hh" -#include "file-system.hh" +#include "nix/config.hh" +#include "nix/args.hh" +#include "nix/abstract-setting-to-json.hh" +#include "nix/environment-variables.hh" +#include "nix/experimental-features.hh" +#include "nix/util.hh" +#include "nix/file-system.hh" -#include "config-impl.hh" +#include "nix/config-impl.hh" #include -#include "strings.hh" +#include "nix/strings.hh" namespace nix { diff --git a/src/libutil/current-process.cc b/src/libutil/current-process.cc index 255ae2cf561..11655c55cd0 100644 --- a/src/libutil/current-process.cc +++ b/src/libutil/current-process.cc @@ -1,12 +1,12 @@ #include #include -#include "current-process.hh" -#include "util.hh" -#include "finally.hh" -#include "file-system.hh" -#include "processes.hh" -#include "signals.hh" +#include "nix/current-process.hh" +#include "nix/util.hh" +#include "nix/finally.hh" +#include "nix/file-system.hh" +#include "nix/processes.hh" +#include "nix/signals.hh" #include #ifdef __APPLE__ @@ -15,8 +15,8 @@ #if __linux__ # include -# include "cgroup.hh" -# include "namespaces.hh" +# include "nix/cgroup.hh" +# include "nix/namespaces.hh" #endif namespace nix { diff --git a/src/libutil/english.cc b/src/libutil/english.cc index 8c93c915662..9ccc7ed3b58 100644 --- a/src/libutil/english.cc +++ b/src/libutil/english.cc @@ -1,4 +1,4 @@ -#include "english.hh" +#include "nix/english.hh" namespace nix { diff --git a/src/libutil/environment-variables.cc b/src/libutil/environment-variables.cc index 5947cf742ac..f2948807a69 100644 --- a/src/libutil/environment-variables.cc +++ b/src/libutil/environment-variables.cc @@ -1,5 +1,5 @@ -#include "util.hh" -#include "environment-variables.hh" +#include "nix/util.hh" +#include "nix/environment-variables.hh" extern char ** environ __attribute__((weak)); diff --git a/src/libutil/error.cc b/src/libutil/error.cc index ccd008c7c33..bd0baaeff21 100644 --- a/src/libutil/error.cc +++ b/src/libutil/error.cc @@ -1,14 +1,14 @@ #include -#include "error.hh" -#include "environment-variables.hh" -#include "signals.hh" -#include "terminal.hh" -#include "position.hh" +#include "nix/error.hh" +#include "nix/environment-variables.hh" +#include "nix/signals.hh" +#include "nix/terminal.hh" +#include "nix/position.hh" #include #include -#include "serialise.hh" +#include "nix/serialise.hh" #include namespace nix { diff --git a/src/libutil/executable-path.cc b/src/libutil/executable-path.cc index 8d665c7df95..24e3484f2fd 100644 --- a/src/libutil/executable-path.cc +++ b/src/libutil/executable-path.cc @@ -1,8 +1,8 @@ -#include "environment-variables.hh" -#include "executable-path.hh" -#include "strings-inline.hh" -#include "util.hh" -#include "file-path-impl.hh" +#include "nix/environment-variables.hh" +#include "nix/executable-path.hh" +#include "nix/strings-inline.hh" +#include "nix/util.hh" +#include "nix/file-path-impl.hh" namespace nix { diff --git a/src/libutil/exit.cc b/src/libutil/exit.cc index 73cd8b04ee8..e177cfa31a7 100644 --- a/src/libutil/exit.cc +++ b/src/libutil/exit.cc @@ -1,4 +1,4 @@ -#include "exit.hh" +#include "nix/exit.hh" namespace nix { diff --git a/src/libutil/experimental-features.cc b/src/libutil/experimental-features.cc index 158e202d15c..c05c3e9ec35 100644 --- a/src/libutil/experimental-features.cc +++ b/src/libutil/experimental-features.cc @@ -1,8 +1,8 @@ -#include "experimental-features.hh" -#include "fmt.hh" -#include "util.hh" +#include "nix/experimental-features.hh" +#include "nix/fmt.hh" +#include "nix/util.hh" -#include "nlohmann/json.hpp" +#include namespace nix { diff --git a/src/libutil/file-content-address.cc b/src/libutil/file-content-address.cc index 69301d9c8f4..71eb34611ab 100644 --- a/src/libutil/file-content-address.cc +++ b/src/libutil/file-content-address.cc @@ -1,7 +1,7 @@ -#include "file-content-address.hh" -#include "archive.hh" -#include "git.hh" -#include "source-path.hh" +#include "nix/file-content-address.hh" +#include "nix/archive.hh" +#include "nix/git.hh" +#include "nix/source-path.hh" namespace nix { diff --git a/src/libutil/file-descriptor.cc b/src/libutil/file-descriptor.cc index 707c0f8823b..2af1364b165 100644 --- a/src/libutil/file-descriptor.cc +++ b/src/libutil/file-descriptor.cc @@ -1,12 +1,12 @@ -#include "serialise.hh" -#include "util.hh" +#include "nix/serialise.hh" +#include "nix/util.hh" #include #include #ifdef _WIN32 # include # include -# include "windows-error.hh" +# include "nix/windows-error.hh" #endif namespace nix { diff --git a/src/libutil/file-system.cc b/src/libutil/file-system.cc index 0adafc0e463..6a63e0242cd 100644 --- a/src/libutil/file-system.cc +++ b/src/libutil/file-system.cc @@ -1,11 +1,11 @@ -#include "environment-variables.hh" -#include "file-system.hh" -#include "file-path.hh" -#include "file-path-impl.hh" -#include "signals.hh" -#include "finally.hh" -#include "serialise.hh" -#include "util.hh" +#include "nix/environment-variables.hh" +#include "nix/file-system.hh" +#include "nix/file-path.hh" +#include "nix/file-path-impl.hh" +#include "nix/signals.hh" +#include "nix/finally.hh" +#include "nix/serialise.hh" +#include "nix/util.hh" #include #include @@ -25,7 +25,7 @@ # include #endif -#include "strings-inline.hh" +#include "nix/strings-inline.hh" namespace nix { diff --git a/src/libutil/fs-sink.cc b/src/libutil/fs-sink.cc index fadba5972da..5e7c2e9fd73 100644 --- a/src/libutil/fs-sink.cc +++ b/src/libutil/fs-sink.cc @@ -1,13 +1,13 @@ #include -#include "error.hh" -#include "config-global.hh" -#include "fs-sink.hh" +#include "nix/error.hh" +#include "nix/config-global.hh" +#include "nix/fs-sink.hh" #if _WIN32 # include -# include "file-path.hh" -# include "windows-error.hh" +# include "nix/file-path.hh" +# include "nix/windows-error.hh" #endif namespace nix { diff --git a/src/libutil/git.cc b/src/libutil/git.cc index 3303dbc3241..696f86d0b68 100644 --- a/src/libutil/git.cc +++ b/src/libutil/git.cc @@ -5,12 +5,12 @@ #include #include // for strcasecmp -#include "signals.hh" -#include "config.hh" -#include "hash.hh" +#include "nix/signals.hh" +#include "nix/config.hh" +#include "nix/hash.hh" -#include "git.hh" -#include "serialise.hh" +#include "nix/git.hh" +#include "nix/serialise.hh" namespace nix::git { diff --git a/src/libutil/hash.cc b/src/libutil/hash.cc index 6a7a8b0920a..22eca6014e4 100644 --- a/src/libutil/hash.cc +++ b/src/libutil/hash.cc @@ -6,11 +6,11 @@ #include #include -#include "args.hh" -#include "hash.hh" -#include "archive.hh" -#include "config.hh" -#include "split.hh" +#include "nix/args.hh" +#include "nix/hash.hh" +#include "nix/archive.hh" +#include "nix/config.hh" +#include "nix/split.hh" #include #include diff --git a/src/libutil/hilite.cc b/src/libutil/hilite.cc index e5088230d7c..6d843e091bc 100644 --- a/src/libutil/hilite.cc +++ b/src/libutil/hilite.cc @@ -1,4 +1,4 @@ -#include "hilite.hh" +#include "nix/hilite.hh" namespace nix { diff --git a/src/libutil/abstract-setting-to-json.hh b/src/libutil/include/nix/abstract-setting-to-json.hh similarity index 87% rename from src/libutil/abstract-setting-to-json.hh rename to src/libutil/include/nix/abstract-setting-to-json.hh index eea687d8a4a..313b18fafb2 100644 --- a/src/libutil/abstract-setting-to-json.hh +++ b/src/libutil/include/nix/abstract-setting-to-json.hh @@ -2,8 +2,8 @@ ///@file #include -#include "config.hh" -#include "json-utils.hh" +#include "nix/config.hh" +#include "nix/json-utils.hh" namespace nix { template diff --git a/src/libutil/ansicolor.hh b/src/libutil/include/nix/ansicolor.hh similarity index 100% rename from src/libutil/ansicolor.hh rename to src/libutil/include/nix/ansicolor.hh diff --git a/src/libutil/archive.hh b/src/libutil/include/nix/archive.hh similarity index 96% rename from src/libutil/archive.hh rename to src/libutil/include/nix/archive.hh index c38fa8a46bd..9131f49fa2b 100644 --- a/src/libutil/archive.hh +++ b/src/libutil/include/nix/archive.hh @@ -1,9 +1,9 @@ #pragma once ///@file -#include "types.hh" -#include "serialise.hh" -#include "fs-sink.hh" +#include "nix/types.hh" +#include "nix/serialise.hh" +#include "nix/fs-sink.hh" namespace nix { diff --git a/src/libutil/args.hh b/src/libutil/include/nix/args.hh similarity index 99% rename from src/libutil/args.hh rename to src/libutil/include/nix/args.hh index c30d6cef8d7..987d14f9e21 100644 --- a/src/libutil/args.hh +++ b/src/libutil/include/nix/args.hh @@ -9,9 +9,9 @@ #include -#include "types.hh" -#include "experimental-features.hh" -#include "ref.hh" +#include "nix/types.hh" +#include "nix/experimental-features.hh" +#include "nix/ref.hh" namespace nix { diff --git a/src/libutil/args/root.hh b/src/libutil/include/nix/args/root.hh similarity index 98% rename from src/libutil/args/root.hh rename to src/libutil/include/nix/args/root.hh index 34a43b53835..bb83b85a50c 100644 --- a/src/libutil/args/root.hh +++ b/src/libutil/include/nix/args/root.hh @@ -1,6 +1,6 @@ #pragma once -#include "args.hh" +#include "nix/args.hh" namespace nix { diff --git a/src/libutil/callback.hh b/src/libutil/include/nix/callback.hh similarity index 100% rename from src/libutil/callback.hh rename to src/libutil/include/nix/callback.hh diff --git a/src/libutil/canon-path.hh b/src/libutil/include/nix/canon-path.hh similarity index 100% rename from src/libutil/canon-path.hh rename to src/libutil/include/nix/canon-path.hh diff --git a/src/libutil/checked-arithmetic.hh b/src/libutil/include/nix/checked-arithmetic.hh similarity index 100% rename from src/libutil/checked-arithmetic.hh rename to src/libutil/include/nix/checked-arithmetic.hh diff --git a/src/libutil/chunked-vector.hh b/src/libutil/include/nix/chunked-vector.hh similarity index 98% rename from src/libutil/chunked-vector.hh rename to src/libutil/include/nix/chunked-vector.hh index 4709679a62a..34d5bbb1da5 100644 --- a/src/libutil/chunked-vector.hh +++ b/src/libutil/include/nix/chunked-vector.hh @@ -6,7 +6,7 @@ #include #include -#include "error.hh" +#include "nix/error.hh" namespace nix { diff --git a/src/libutil/closure.hh b/src/libutil/include/nix/closure.hh similarity index 98% rename from src/libutil/closure.hh rename to src/libutil/include/nix/closure.hh index 16e3b93e488..c8fc7c9a4d7 100644 --- a/src/libutil/closure.hh +++ b/src/libutil/include/nix/closure.hh @@ -3,7 +3,7 @@ #include #include -#include "sync.hh" +#include "nix/sync.hh" using std::set; diff --git a/src/libutil/comparator.hh b/src/libutil/include/nix/comparator.hh similarity index 100% rename from src/libutil/comparator.hh rename to src/libutil/include/nix/comparator.hh diff --git a/src/libutil/compression.hh b/src/libutil/include/nix/compression.hh similarity index 90% rename from src/libutil/compression.hh rename to src/libutil/include/nix/compression.hh index e0c531b1f38..25f479e48fb 100644 --- a/src/libutil/compression.hh +++ b/src/libutil/include/nix/compression.hh @@ -1,9 +1,9 @@ #pragma once ///@file -#include "ref.hh" -#include "types.hh" -#include "serialise.hh" +#include "nix/ref.hh" +#include "nix/types.hh" +#include "nix/serialise.hh" #include diff --git a/src/libutil/compute-levels.hh b/src/libutil/include/nix/compute-levels.hh similarity index 74% rename from src/libutil/compute-levels.hh rename to src/libutil/include/nix/compute-levels.hh index 093e7a915a4..d77eece931f 100644 --- a/src/libutil/compute-levels.hh +++ b/src/libutil/include/nix/compute-levels.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "types.hh" +#include "nix/types.hh" namespace nix { diff --git a/src/libutil/config-global.hh b/src/libutil/include/nix/config-global.hh similarity index 96% rename from src/libutil/config-global.hh rename to src/libutil/include/nix/config-global.hh index 2caf515240d..b0e8ad2ce6a 100644 --- a/src/libutil/config-global.hh +++ b/src/libutil/include/nix/config-global.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "config.hh" +#include "nix/config.hh" namespace nix { diff --git a/src/libutil/config-impl.hh b/src/libutil/include/nix/config-impl.hh similarity index 98% rename from src/libutil/config-impl.hh rename to src/libutil/include/nix/config-impl.hh index 94c2cb2e4b8..b02e27f50f9 100644 --- a/src/libutil/config-impl.hh +++ b/src/libutil/include/nix/config-impl.hh @@ -12,8 +12,8 @@ * instantiation. */ -#include "config.hh" -#include "args.hh" +#include "nix/config.hh" +#include "nix/args.hh" namespace nix { diff --git a/src/libutil/config.hh b/src/libutil/include/nix/config.hh similarity index 99% rename from src/libutil/config.hh rename to src/libutil/include/nix/config.hh index 502d2823e94..f4135af64cc 100644 --- a/src/libutil/config.hh +++ b/src/libutil/include/nix/config.hh @@ -7,8 +7,8 @@ #include -#include "types.hh" -#include "experimental-features.hh" +#include "nix/types.hh" +#include "nix/experimental-features.hh" namespace nix { diff --git a/src/libutil/current-process.hh b/src/libutil/include/nix/current-process.hh similarity index 97% rename from src/libutil/current-process.hh rename to src/libutil/include/nix/current-process.hh index 660dcfe0ba3..d98f4e75201 100644 --- a/src/libutil/current-process.hh +++ b/src/libutil/include/nix/current-process.hh @@ -7,7 +7,7 @@ # include #endif -#include "types.hh" +#include "nix/types.hh" namespace nix { diff --git a/src/libutil/english.hh b/src/libutil/include/nix/english.hh similarity index 100% rename from src/libutil/english.hh rename to src/libutil/include/nix/english.hh diff --git a/src/libutil/environment-variables.hh b/src/libutil/include/nix/environment-variables.hh similarity index 96% rename from src/libutil/environment-variables.hh rename to src/libutil/include/nix/environment-variables.hh index 1a95f5c97e7..9a5f364a3f0 100644 --- a/src/libutil/environment-variables.hh +++ b/src/libutil/include/nix/environment-variables.hh @@ -8,8 +8,8 @@ #include -#include "types.hh" -#include "file-path.hh" +#include "nix/types.hh" +#include "nix/file-path.hh" namespace nix { diff --git a/src/libutil/error.hh b/src/libutil/include/nix/error.hh similarity index 99% rename from src/libutil/error.hh rename to src/libutil/include/nix/error.hh index 04fa18e35dd..6ac4497cbd5 100644 --- a/src/libutil/error.hh +++ b/src/libutil/include/nix/error.hh @@ -15,8 +15,8 @@ * See libutil/tests/logging.cc for usage examples. */ -#include "suggestions.hh" -#include "fmt.hh" +#include "nix/suggestions.hh" +#include "nix/fmt.hh" #include #include diff --git a/src/libutil/exec.hh b/src/libutil/include/nix/exec.hh similarity index 91% rename from src/libutil/exec.hh rename to src/libutil/include/nix/exec.hh index cbbe80c4e9b..dc14691e27c 100644 --- a/src/libutil/exec.hh +++ b/src/libutil/include/nix/exec.hh @@ -1,6 +1,6 @@ #pragma once -#include "os-string.hh" +#include "nix/os-string.hh" namespace nix { diff --git a/src/libutil/executable-path.hh b/src/libutil/include/nix/executable-path.hh similarity index 98% rename from src/libutil/executable-path.hh rename to src/libutil/include/nix/executable-path.hh index c5cfa1c3918..3af4a24cf17 100644 --- a/src/libutil/executable-path.hh +++ b/src/libutil/include/nix/executable-path.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "file-system.hh" +#include "nix/file-system.hh" namespace nix { diff --git a/src/libutil/exit.hh b/src/libutil/include/nix/exit.hh similarity index 100% rename from src/libutil/exit.hh rename to src/libutil/include/nix/exit.hh diff --git a/src/libutil/experimental-features.hh b/src/libutil/include/nix/experimental-features.hh similarity index 98% rename from src/libutil/experimental-features.hh rename to src/libutil/include/nix/experimental-features.hh index 1d02ba94d2c..946bb65b32f 100644 --- a/src/libutil/experimental-features.hh +++ b/src/libutil/include/nix/experimental-features.hh @@ -1,8 +1,8 @@ #pragma once ///@file -#include "error.hh" -#include "types.hh" +#include "nix/error.hh" +#include "nix/types.hh" #include diff --git a/src/libutil/file-content-address.hh b/src/libutil/include/nix/file-content-address.hh similarity index 99% rename from src/libutil/file-content-address.hh rename to src/libutil/include/nix/file-content-address.hh index 226068387d6..c56debd2b10 100644 --- a/src/libutil/file-content-address.hh +++ b/src/libutil/include/nix/file-content-address.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "source-accessor.hh" +#include "nix/source-accessor.hh" namespace nix { diff --git a/src/libutil/file-descriptor.hh b/src/libutil/include/nix/file-descriptor.hh similarity index 98% rename from src/libutil/file-descriptor.hh rename to src/libutil/include/nix/file-descriptor.hh index fde36299975..785756a0f74 100644 --- a/src/libutil/file-descriptor.hh +++ b/src/libutil/include/nix/file-descriptor.hh @@ -1,8 +1,8 @@ #pragma once ///@file -#include "types.hh" -#include "error.hh" +#include "nix/types.hh" +#include "nix/error.hh" #ifdef _WIN32 # define WIN32_LEAN_AND_MEAN diff --git a/src/libutil/file-path-impl.hh b/src/libutil/include/nix/file-path-impl.hh similarity index 100% rename from src/libutil/file-path-impl.hh rename to src/libutil/include/nix/file-path-impl.hh diff --git a/src/libutil/file-path.hh b/src/libutil/include/nix/file-path.hh similarity index 94% rename from src/libutil/file-path.hh rename to src/libutil/include/nix/file-path.hh index 8e4a88b9d56..15bceac1311 100644 --- a/src/libutil/file-path.hh +++ b/src/libutil/include/nix/file-path.hh @@ -3,8 +3,8 @@ #include -#include "types.hh" -#include "os-string.hh" +#include "nix/types.hh" +#include "nix/os-string.hh" namespace nix { diff --git a/src/libutil/file-system.hh b/src/libutil/include/nix/file-system.hh similarity index 98% rename from src/libutil/file-system.hh rename to src/libutil/include/nix/file-system.hh index 49d120cb744..1981d8d4da4 100644 --- a/src/libutil/file-system.hh +++ b/src/libutil/include/nix/file-system.hh @@ -5,11 +5,11 @@ * Utiltities for working with the file sytem and file paths. */ -#include "types.hh" -#include "error.hh" -#include "logging.hh" -#include "file-descriptor.hh" -#include "file-path.hh" +#include "nix/types.hh" +#include "nix/error.hh" +#include "nix/logging.hh" +#include "nix/file-descriptor.hh" +#include "nix/file-path.hh" #include #include diff --git a/src/libutil/finally.hh b/src/libutil/include/nix/finally.hh similarity index 100% rename from src/libutil/finally.hh rename to src/libutil/include/nix/finally.hh diff --git a/src/libutil/fmt.hh b/src/libutil/include/nix/fmt.hh similarity index 99% rename from src/libutil/fmt.hh rename to src/libutil/include/nix/fmt.hh index 850b7162d87..45d9f43b7df 100644 --- a/src/libutil/fmt.hh +++ b/src/libutil/include/nix/fmt.hh @@ -3,7 +3,7 @@ #include #include -#include "ansicolor.hh" +#include "nix/ansicolor.hh" namespace nix { diff --git a/src/libutil/fs-sink.hh b/src/libutil/include/nix/fs-sink.hh similarity index 97% rename from src/libutil/fs-sink.hh rename to src/libutil/include/nix/fs-sink.hh index 5c5073731f6..30803e63ed2 100644 --- a/src/libutil/fs-sink.hh +++ b/src/libutil/include/nix/fs-sink.hh @@ -1,9 +1,9 @@ #pragma once ///@file -#include "serialise.hh" -#include "source-accessor.hh" -#include "file-system.hh" +#include "nix/serialise.hh" +#include "nix/source-accessor.hh" +#include "nix/file-system.hh" namespace nix { diff --git a/src/libutil/git.hh b/src/libutil/include/nix/git.hh similarity index 97% rename from src/libutil/git.hh rename to src/libutil/include/nix/git.hh index 1a6a7c3331b..2dc1bb79686 100644 --- a/src/libutil/git.hh +++ b/src/libutil/include/nix/git.hh @@ -5,11 +5,11 @@ #include #include -#include "types.hh" -#include "serialise.hh" -#include "hash.hh" -#include "source-path.hh" -#include "fs-sink.hh" +#include "nix/types.hh" +#include "nix/serialise.hh" +#include "nix/hash.hh" +#include "nix/source-path.hh" +#include "nix/fs-sink.hh" namespace nix::git { diff --git a/src/libutil/hash.hh b/src/libutil/include/nix/hash.hh similarity index 98% rename from src/libutil/hash.hh rename to src/libutil/include/nix/hash.hh index 13d526f42cf..3c9adebac1e 100644 --- a/src/libutil/hash.hh +++ b/src/libutil/include/nix/hash.hh @@ -1,10 +1,10 @@ #pragma once ///@file -#include "config.hh" -#include "types.hh" -#include "serialise.hh" -#include "file-system.hh" +#include "nix/config.hh" +#include "nix/types.hh" +#include "nix/serialise.hh" +#include "nix/file-system.hh" namespace nix { diff --git a/src/libutil/hilite.hh b/src/libutil/include/nix/hilite.hh similarity index 100% rename from src/libutil/hilite.hh rename to src/libutil/include/nix/hilite.hh diff --git a/src/libutil/json-impls.hh b/src/libutil/include/nix/json-impls.hh similarity index 95% rename from src/libutil/json-impls.hh rename to src/libutil/include/nix/json-impls.hh index b26163a04ae..9dd344c508d 100644 --- a/src/libutil/json-impls.hh +++ b/src/libutil/include/nix/json-impls.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "nlohmann/json_fwd.hpp" +#include // Following https://github.com/nlohmann/json#how-can-i-use-get-for-non-default-constructiblenon-copyable-types #define JSON_IMPL(TYPE) \ diff --git a/src/libutil/json-utils.hh b/src/libutil/include/nix/json-utils.hh similarity index 99% rename from src/libutil/json-utils.hh rename to src/libutil/include/nix/json-utils.hh index 1afc5d796f4..96ffcd3c018 100644 --- a/src/libutil/json-utils.hh +++ b/src/libutil/include/nix/json-utils.hh @@ -4,7 +4,7 @@ #include #include -#include "types.hh" +#include "nix/types.hh" namespace nix { diff --git a/src/libutil/logging.hh b/src/libutil/include/nix/logging.hh similarity index 98% rename from src/libutil/logging.hh rename to src/libutil/include/nix/logging.hh index e5a7a833f36..c83ad2316c7 100644 --- a/src/libutil/logging.hh +++ b/src/libutil/include/nix/logging.hh @@ -1,10 +1,10 @@ #pragma once ///@file -#include "error.hh" -#include "config.hh" -#include "file-descriptor.hh" -#include "finally.hh" +#include "nix/error.hh" +#include "nix/config.hh" +#include "nix/file-descriptor.hh" +#include "nix/finally.hh" #include diff --git a/src/libutil/lru-cache.hh b/src/libutil/include/nix/lru-cache.hh similarity index 100% rename from src/libutil/lru-cache.hh rename to src/libutil/include/nix/lru-cache.hh diff --git a/src/libutil/memory-source-accessor.hh b/src/libutil/include/nix/memory-source-accessor.hh similarity index 97% rename from src/libutil/memory-source-accessor.hh rename to src/libutil/include/nix/memory-source-accessor.hh index 012a388c0e7..08ab3f2d496 100644 --- a/src/libutil/memory-source-accessor.hh +++ b/src/libutil/include/nix/memory-source-accessor.hh @@ -1,6 +1,6 @@ -#include "source-path.hh" -#include "fs-sink.hh" -#include "variant-wrapper.hh" +#include "nix/source-path.hh" +#include "nix/fs-sink.hh" +#include "nix/variant-wrapper.hh" namespace nix { diff --git a/src/libutil/include/nix/meson.build b/src/libutil/include/nix/meson.build new file mode 100644 index 00000000000..798d4982808 --- /dev/null +++ b/src/libutil/include/nix/meson.build @@ -0,0 +1,87 @@ +# Public headers directory + +include_dirs = [include_directories('..')] + +config_h = configure_file( + configuration : configdata, + output : 'config-util.hh', +) + +headers = [config_h] + files( + 'abstract-setting-to-json.hh', + 'ansicolor.hh', + 'archive.hh', + 'args.hh', + 'args/root.hh', + 'callback.hh', + 'canon-path.hh', + 'checked-arithmetic.hh', + 'chunked-vector.hh', + 'closure.hh', + 'comparator.hh', + 'compression.hh', + 'compute-levels.hh', + 'config-global.hh', + 'config-impl.hh', + 'config.hh', + 'current-process.hh', + 'english.hh', + 'environment-variables.hh', + 'error.hh', + 'exec.hh', + 'executable-path.hh', + 'exit.hh', + 'experimental-features.hh', + 'file-content-address.hh', + 'file-descriptor.hh', + 'file-path-impl.hh', + 'file-path.hh', + 'file-system.hh', + 'finally.hh', + 'fmt.hh', + 'fs-sink.hh', + 'git.hh', + 'hash.hh', + 'hilite.hh', + 'json-impls.hh', + 'json-utils.hh', + 'logging.hh', + 'lru-cache.hh', + 'memory-source-accessor.hh', + 'muxable-pipe.hh', + 'os-string.hh', + 'pool.hh', + 'pos-idx.hh', + 'pos-table.hh', + 'position.hh', + 'posix-source-accessor.hh', + 'processes.hh', + 'ref.hh', + 'references.hh', + 'regex-combinators.hh', + 'repair-flag.hh', + 'serialise.hh', + 'signals.hh', + 'signature/local-keys.hh', + 'signature/signer.hh', + 'source-accessor.hh', + 'source-path.hh', + 'split.hh', + 'std-hash.hh', + 'strings.hh', + 'strings-inline.hh', + 'suggestions.hh', + 'sync.hh', + 'tarfile.hh', + 'terminal.hh', + 'thread-pool.hh', + 'topo-sort.hh', + 'types.hh', + 'unix-domain-socket.hh', + 'url-parts.hh', + 'url.hh', + 'users.hh', + 'util.hh', + 'variant-wrapper.hh', + 'xml-writer.hh', +) diff --git a/src/libutil/muxable-pipe.hh b/src/libutil/include/nix/muxable-pipe.hh similarity index 94% rename from src/libutil/muxable-pipe.hh rename to src/libutil/include/nix/muxable-pipe.hh index 53ac39170f1..e4d6a74a370 100644 --- a/src/libutil/muxable-pipe.hh +++ b/src/libutil/include/nix/muxable-pipe.hh @@ -1,16 +1,16 @@ #pragma once ///@file -#include "file-descriptor.hh" +#include "nix/file-descriptor.hh" #ifdef _WIN32 -# include "windows-async-pipe.hh" +# include "nix/windows-async-pipe.hh" #endif #ifndef _WIN32 # include #else # include -# include "windows-error.hh" +# include "nix/windows-error.hh" #endif namespace nix { diff --git a/src/libutil/os-string.hh b/src/libutil/include/nix/os-string.hh similarity index 100% rename from src/libutil/os-string.hh rename to src/libutil/include/nix/os-string.hh diff --git a/src/libutil/pool.hh b/src/libutil/include/nix/pool.hh similarity index 99% rename from src/libutil/pool.hh rename to src/libutil/include/nix/pool.hh index b2ceb714342..65b789ba052 100644 --- a/src/libutil/pool.hh +++ b/src/libutil/include/nix/pool.hh @@ -7,8 +7,8 @@ #include #include -#include "sync.hh" -#include "ref.hh" +#include "nix/sync.hh" +#include "nix/ref.hh" namespace nix { diff --git a/src/libutil/pos-idx.hh b/src/libutil/include/nix/pos-idx.hh similarity index 100% rename from src/libutil/pos-idx.hh rename to src/libutil/include/nix/pos-idx.hh diff --git a/src/libutil/pos-table.hh b/src/libutil/include/nix/pos-table.hh similarity index 97% rename from src/libutil/pos-table.hh rename to src/libutil/include/nix/pos-table.hh index a6fe09d7932..9f4ff2e0b55 100644 --- a/src/libutil/pos-table.hh +++ b/src/libutil/include/nix/pos-table.hh @@ -4,9 +4,9 @@ #include #include -#include "pos-idx.hh" -#include "position.hh" -#include "sync.hh" +#include "nix/pos-idx.hh" +#include "nix/position.hh" +#include "nix/sync.hh" namespace nix { diff --git a/src/libutil/position.hh b/src/libutil/include/nix/position.hh similarity index 99% rename from src/libutil/position.hh rename to src/libutil/include/nix/position.hh index 07e261c4c54..34457a8241c 100644 --- a/src/libutil/position.hh +++ b/src/libutil/include/nix/position.hh @@ -9,7 +9,7 @@ #include #include -#include "source-path.hh" +#include "nix/source-path.hh" namespace nix { diff --git a/src/libutil/posix-source-accessor.hh b/src/libutil/include/nix/posix-source-accessor.hh similarity index 98% rename from src/libutil/posix-source-accessor.hh rename to src/libutil/include/nix/posix-source-accessor.hh index 5d491e633ce..d81e9246c4d 100644 --- a/src/libutil/posix-source-accessor.hh +++ b/src/libutil/include/nix/posix-source-accessor.hh @@ -1,6 +1,6 @@ #pragma once -#include "source-accessor.hh" +#include "nix/source-accessor.hh" namespace nix { diff --git a/src/libutil/processes.hh b/src/libutil/include/nix/processes.hh similarity index 95% rename from src/libutil/processes.hh rename to src/libutil/include/nix/processes.hh index bbbe7dcabd3..80ea14223a5 100644 --- a/src/libutil/processes.hh +++ b/src/libutil/include/nix/processes.hh @@ -1,11 +1,11 @@ #pragma once ///@file -#include "types.hh" -#include "error.hh" -#include "file-descriptor.hh" -#include "logging.hh" -#include "ansicolor.hh" +#include "nix/types.hh" +#include "nix/error.hh" +#include "nix/file-descriptor.hh" +#include "nix/logging.hh" +#include "nix/ansicolor.hh" #include #include diff --git a/src/libutil/ref.hh b/src/libutil/include/nix/ref.hh similarity index 100% rename from src/libutil/ref.hh rename to src/libutil/include/nix/ref.hh diff --git a/src/libutil/references.hh b/src/libutil/include/nix/references.hh similarity index 97% rename from src/libutil/references.hh rename to src/libutil/include/nix/references.hh index 8bc9f7ec9d6..b608f701574 100644 --- a/src/libutil/references.hh +++ b/src/libutil/include/nix/references.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "hash.hh" +#include "nix/hash.hh" namespace nix { diff --git a/src/libutil/regex-combinators.hh b/src/libutil/include/nix/regex-combinators.hh similarity index 100% rename from src/libutil/regex-combinators.hh rename to src/libutil/include/nix/regex-combinators.hh diff --git a/src/libutil/repair-flag.hh b/src/libutil/include/nix/repair-flag.hh similarity index 100% rename from src/libutil/repair-flag.hh rename to src/libutil/include/nix/repair-flag.hh diff --git a/src/libutil/serialise.hh b/src/libutil/include/nix/serialise.hh similarity index 99% rename from src/libutil/serialise.hh rename to src/libutil/include/nix/serialise.hh index 14721d0693e..ef49a43b65c 100644 --- a/src/libutil/serialise.hh +++ b/src/libutil/include/nix/serialise.hh @@ -4,9 +4,9 @@ #include #include -#include "types.hh" -#include "util.hh" -#include "file-descriptor.hh" +#include "nix/types.hh" +#include "nix/util.hh" +#include "nix/file-descriptor.hh" namespace boost::context { struct stack_context; } diff --git a/src/libutil/signals.hh b/src/libutil/include/nix/signals.hh similarity index 90% rename from src/libutil/signals.hh rename to src/libutil/include/nix/signals.hh index 8bff345c357..b4953525e8d 100644 --- a/src/libutil/signals.hh +++ b/src/libutil/include/nix/signals.hh @@ -1,9 +1,9 @@ #pragma once ///@file -#include "types.hh" -#include "error.hh" -#include "logging.hh" +#include "nix/types.hh" +#include "nix/error.hh" +#include "nix/logging.hh" #include @@ -62,4 +62,4 @@ struct ReceiveInterrupts; } -#include "signals-impl.hh" +#include "nix/signals-impl.hh" diff --git a/src/libutil/signature/local-keys.hh b/src/libutil/include/nix/signature/local-keys.hh similarity index 99% rename from src/libutil/signature/local-keys.hh rename to src/libutil/include/nix/signature/local-keys.hh index 9977f0dac6e..368976b111e 100644 --- a/src/libutil/signature/local-keys.hh +++ b/src/libutil/include/nix/signature/local-keys.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "types.hh" +#include "nix/types.hh" #include diff --git a/src/libutil/signature/signer.hh b/src/libutil/include/nix/signature/signer.hh similarity index 94% rename from src/libutil/signature/signer.hh rename to src/libutil/include/nix/signature/signer.hh index e50170fe29c..3eeb75608e1 100644 --- a/src/libutil/signature/signer.hh +++ b/src/libutil/include/nix/signature/signer.hh @@ -1,7 +1,7 @@ #pragma once -#include "types.hh" -#include "signature/local-keys.hh" +#include "nix/types.hh" +#include "nix/signature/local-keys.hh" #include #include diff --git a/src/libutil/source-accessor.hh b/src/libutil/include/nix/source-accessor.hh similarity index 98% rename from src/libutil/source-accessor.hh rename to src/libutil/include/nix/source-accessor.hh index 79ae092ac18..5efc177fca9 100644 --- a/src/libutil/source-accessor.hh +++ b/src/libutil/include/nix/source-accessor.hh @@ -2,9 +2,9 @@ #include -#include "canon-path.hh" -#include "hash.hh" -#include "ref.hh" +#include "nix/canon-path.hh" +#include "nix/hash.hh" +#include "nix/ref.hh" namespace nix { diff --git a/src/libutil/source-path.hh b/src/libutil/include/nix/source-path.hh similarity index 96% rename from src/libutil/source-path.hh rename to src/libutil/include/nix/source-path.hh index fc2288f747a..119a67016ee 100644 --- a/src/libutil/source-path.hh +++ b/src/libutil/include/nix/source-path.hh @@ -5,10 +5,10 @@ * @brief SourcePath */ -#include "ref.hh" -#include "canon-path.hh" -#include "source-accessor.hh" -#include "std-hash.hh" +#include "nix/ref.hh" +#include "nix/canon-path.hh" +#include "nix/source-accessor.hh" +#include "nix/std-hash.hh" namespace nix { diff --git a/src/libutil/split.hh b/src/libutil/include/nix/split.hh similarity index 97% rename from src/libutil/split.hh rename to src/libutil/include/nix/split.hh index 3b9b2b83b81..2d7c490b11a 100644 --- a/src/libutil/split.hh +++ b/src/libutil/include/nix/split.hh @@ -4,7 +4,7 @@ #include #include -#include "util.hh" +#include "nix/util.hh" namespace nix { diff --git a/src/libutil/std-hash.hh b/src/libutil/include/nix/std-hash.hh similarity index 100% rename from src/libutil/std-hash.hh rename to src/libutil/include/nix/std-hash.hh diff --git a/src/libutil/strings-inline.hh b/src/libutil/include/nix/strings-inline.hh similarity index 99% rename from src/libutil/strings-inline.hh rename to src/libutil/include/nix/strings-inline.hh index 25b8e0ff67e..38cf285e08c 100644 --- a/src/libutil/strings-inline.hh +++ b/src/libutil/include/nix/strings-inline.hh @@ -1,6 +1,6 @@ #pragma once -#include "strings.hh" +#include "nix/strings.hh" namespace nix { diff --git a/src/libutil/strings.hh b/src/libutil/include/nix/strings.hh similarity index 100% rename from src/libutil/strings.hh rename to src/libutil/include/nix/strings.hh diff --git a/src/libutil/suggestions.hh b/src/libutil/include/nix/suggestions.hh similarity index 98% rename from src/libutil/suggestions.hh rename to src/libutil/include/nix/suggestions.hh index e39ab400c0d..5517c20a610 100644 --- a/src/libutil/suggestions.hh +++ b/src/libutil/include/nix/suggestions.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "types.hh" +#include "nix/types.hh" #include namespace nix { diff --git a/src/libutil/sync.hh b/src/libutil/include/nix/sync.hh similarity index 99% rename from src/libutil/sync.hh rename to src/libutil/include/nix/sync.hh index d340f3d9760..25c062ac848 100644 --- a/src/libutil/sync.hh +++ b/src/libutil/include/nix/sync.hh @@ -7,7 +7,7 @@ #include #include -#include "error.hh" +#include "nix/error.hh" namespace nix { diff --git a/src/libutil/tarfile.hh b/src/libutil/include/nix/tarfile.hh similarity index 96% rename from src/libutil/tarfile.hh rename to src/libutil/include/nix/tarfile.hh index 5e29c6bbac3..aea91f90eff 100644 --- a/src/libutil/tarfile.hh +++ b/src/libutil/include/nix/tarfile.hh @@ -1,8 +1,8 @@ #pragma once ///@file -#include "serialise.hh" -#include "fs-sink.hh" +#include "nix/serialise.hh" +#include "nix/fs-sink.hh" #include namespace nix { diff --git a/src/libutil/terminal.hh b/src/libutil/include/nix/terminal.hh similarity index 100% rename from src/libutil/terminal.hh rename to src/libutil/include/nix/terminal.hh diff --git a/src/libutil/thread-pool.hh b/src/libutil/include/nix/thread-pool.hh similarity index 98% rename from src/libutil/thread-pool.hh rename to src/libutil/include/nix/thread-pool.hh index 4adc4865760..e3b2a29b96f 100644 --- a/src/libutil/thread-pool.hh +++ b/src/libutil/include/nix/thread-pool.hh @@ -1,8 +1,8 @@ #pragma once ///@file -#include "error.hh" -#include "sync.hh" +#include "nix/error.hh" +#include "nix/sync.hh" #include #include diff --git a/src/libutil/topo-sort.hh b/src/libutil/include/nix/topo-sort.hh similarity index 97% rename from src/libutil/topo-sort.hh rename to src/libutil/include/nix/topo-sort.hh index a52811fbf41..ed37ca01e8b 100644 --- a/src/libutil/topo-sort.hh +++ b/src/libutil/include/nix/topo-sort.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "error.hh" +#include "nix/error.hh" namespace nix { diff --git a/src/libutil/types.hh b/src/libutil/include/nix/types.hh similarity index 100% rename from src/libutil/types.hh rename to src/libutil/include/nix/types.hh diff --git a/src/libutil/unix-domain-socket.hh b/src/libutil/include/nix/unix-domain-socket.hh similarity index 95% rename from src/libutil/unix-domain-socket.hh rename to src/libutil/include/nix/unix-domain-socket.hh index ba2baeb1334..87508f9e4a6 100644 --- a/src/libutil/unix-domain-socket.hh +++ b/src/libutil/include/nix/unix-domain-socket.hh @@ -1,8 +1,8 @@ #pragma once ///@file -#include "types.hh" -#include "file-descriptor.hh" +#include "nix/types.hh" +#include "nix/file-descriptor.hh" #ifdef _WIN32 # include diff --git a/src/libutil/url-parts.hh b/src/libutil/include/nix/url-parts.hh similarity index 100% rename from src/libutil/url-parts.hh rename to src/libutil/include/nix/url-parts.hh diff --git a/src/libutil/url.hh b/src/libutil/include/nix/url.hh similarity index 98% rename from src/libutil/url.hh rename to src/libutil/include/nix/url.hh index 2b12f5af2a0..071d5092fef 100644 --- a/src/libutil/url.hh +++ b/src/libutil/include/nix/url.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "error.hh" +#include "nix/error.hh" namespace nix { diff --git a/src/libutil/users.hh b/src/libutil/include/nix/users.hh similarity index 98% rename from src/libutil/users.hh rename to src/libutil/include/nix/users.hh index d22c3311d99..d48b8b9bf76 100644 --- a/src/libutil/users.hh +++ b/src/libutil/include/nix/users.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "types.hh" +#include "nix/types.hh" #ifndef _WIN32 # include diff --git a/src/libutil/util.hh b/src/libutil/include/nix/util.hh similarity index 98% rename from src/libutil/util.hh rename to src/libutil/include/nix/util.hh index 0d55cf93bed..7ece2bd7b76 100644 --- a/src/libutil/util.hh +++ b/src/libutil/include/nix/util.hh @@ -1,9 +1,9 @@ #pragma once ///@file -#include "types.hh" -#include "error.hh" -#include "logging.hh" +#include "nix/types.hh" +#include "nix/error.hh" +#include "nix/logging.hh" #include @@ -11,7 +11,7 @@ #include #include -#include "strings.hh" +#include "nix/strings.hh" namespace nix { diff --git a/src/libutil/variant-wrapper.hh b/src/libutil/include/nix/variant-wrapper.hh similarity index 100% rename from src/libutil/variant-wrapper.hh rename to src/libutil/include/nix/variant-wrapper.hh diff --git a/src/libutil/xml-writer.hh b/src/libutil/include/nix/xml-writer.hh similarity index 100% rename from src/libutil/xml-writer.hh rename to src/libutil/include/nix/xml-writer.hh diff --git a/src/libutil/json-utils.cc b/src/libutil/json-utils.cc index f67811e2162..aff8abb9ac0 100644 --- a/src/libutil/json-utils.cc +++ b/src/libutil/json-utils.cc @@ -1,6 +1,6 @@ -#include "json-utils.hh" -#include "error.hh" -#include "types.hh" +#include "nix/json-utils.hh" +#include "nix/error.hh" +#include "nix/types.hh" #include #include #include diff --git a/src/libutil/linux/cgroup.cc b/src/libutil/linux/cgroup.cc index ad3e8a0172f..7b3c3fa3b3b 100644 --- a/src/libutil/linux/cgroup.cc +++ b/src/libutil/linux/cgroup.cc @@ -1,8 +1,8 @@ -#include "cgroup.hh" -#include "signals.hh" -#include "util.hh" -#include "file-system.hh" -#include "finally.hh" +#include "nix/cgroup.hh" +#include "nix/signals.hh" +#include "nix/util.hh" +#include "nix/file-system.hh" +#include "nix/finally.hh" #include #include diff --git a/src/libutil/linux/cgroup.hh b/src/libutil/linux/include/nix/cgroup.hh similarity index 97% rename from src/libutil/linux/cgroup.hh rename to src/libutil/linux/include/nix/cgroup.hh index 87d135ba629..91c7de9d173 100644 --- a/src/libutil/linux/cgroup.hh +++ b/src/libutil/linux/include/nix/cgroup.hh @@ -4,7 +4,7 @@ #include #include -#include "types.hh" +#include "nix/types.hh" namespace nix { diff --git a/src/libutil/linux/include/nix/meson.build b/src/libutil/linux/include/nix/meson.build new file mode 100644 index 00000000000..285c1489bd8 --- /dev/null +++ b/src/libutil/linux/include/nix/meson.build @@ -0,0 +1,8 @@ +# Public headers directory + +include_dirs += include_directories('..') + +headers += files( + 'cgroup.hh', + 'namespaces.hh', +) diff --git a/src/libutil/linux/namespaces.hh b/src/libutil/linux/include/nix/namespaces.hh similarity index 96% rename from src/libutil/linux/namespaces.hh rename to src/libutil/linux/include/nix/namespaces.hh index 208920b80b1..3eb5f6a14a8 100644 --- a/src/libutil/linux/namespaces.hh +++ b/src/libutil/linux/include/nix/namespaces.hh @@ -3,7 +3,7 @@ #include -#include "types.hh" +#include "nix/types.hh" namespace nix { diff --git a/src/libutil/linux/meson.build b/src/libutil/linux/meson.build index a1ded76ca16..40907ed0d6c 100644 --- a/src/libutil/linux/meson.build +++ b/src/libutil/linux/meson.build @@ -3,9 +3,4 @@ sources += files( 'namespaces.cc', ) -include_dirs += include_directories('.') - -headers += files( - 'cgroup.hh', - 'namespaces.hh', -) +subdir('include/nix') diff --git a/src/libutil/linux/namespaces.cc b/src/libutil/linux/namespaces.cc index c5e21dffcb3..a53734a2ff1 100644 --- a/src/libutil/linux/namespaces.cc +++ b/src/libutil/linux/namespaces.cc @@ -1,13 +1,13 @@ -#include "current-process.hh" -#include "util.hh" -#include "finally.hh" -#include "file-system.hh" -#include "processes.hh" -#include "signals.hh" +#include "nix/current-process.hh" +#include "nix/util.hh" +#include "nix/finally.hh" +#include "nix/file-system.hh" +#include "nix/processes.hh" +#include "nix/signals.hh" #include #include -#include "cgroup.hh" +#include "nix/cgroup.hh" #include diff --git a/src/libutil/logging.cc b/src/libutil/logging.cc index 406452738c7..39cacc22ad1 100644 --- a/src/libutil/logging.cc +++ b/src/libutil/logging.cc @@ -1,11 +1,11 @@ -#include "logging.hh" -#include "file-descriptor.hh" -#include "environment-variables.hh" -#include "terminal.hh" -#include "util.hh" -#include "config-global.hh" -#include "source-path.hh" -#include "position.hh" +#include "nix/logging.hh" +#include "nix/file-descriptor.hh" +#include "nix/environment-variables.hh" +#include "nix/terminal.hh" +#include "nix/util.hh" +#include "nix/config-global.hh" +#include "nix/source-path.hh" +#include "nix/position.hh" #include #include diff --git a/src/libutil/memory-source-accessor.cc b/src/libutil/memory-source-accessor.cc index c4eee1031cf..7c8414fb08c 100644 --- a/src/libutil/memory-source-accessor.cc +++ b/src/libutil/memory-source-accessor.cc @@ -1,4 +1,4 @@ -#include "memory-source-accessor.hh" +#include "nix/memory-source-accessor.hh" namespace nix { diff --git a/src/libutil/meson.build b/src/libutil/meson.build index 8af3272a8ac..e34bce0d504 100644 --- a/src/libutil/meson.build +++ b/src/libutil/meson.build @@ -116,15 +116,10 @@ deps_public += nlohmann_json cxx = meson.get_compiler('cpp') -config_h = configure_file( - configuration : configdata, - output : 'config-util.hh', -) - add_project_arguments( # TODO(Qyriad): Yes this is how the autoconf+Make system did it. # It would be nice for our headers to be idempotent instead. - '-include', 'config-util.hh', + '-include', 'nix/config-util.hh', language : 'cpp', ) @@ -178,91 +173,13 @@ sources = files( 'xml-writer.cc', ) -include_dirs = [include_directories('.')] +subdir('include/nix') + if not cxx.has_header('widechar_width.h', required : false) # use vendored widechar_width.h include_dirs += include_directories('./widecharwidth') endif -headers = [config_h] + files( - 'abstract-setting-to-json.hh', - 'ansicolor.hh', - 'archive.hh', - 'args.hh', - 'args/root.hh', - 'callback.hh', - 'canon-path.hh', - 'checked-arithmetic.hh', - 'chunked-vector.hh', - 'closure.hh', - 'comparator.hh', - 'compression.hh', - 'compute-levels.hh', - 'config-global.hh', - 'config-impl.hh', - 'config.hh', - 'current-process.hh', - 'english.hh', - 'environment-variables.hh', - 'error.hh', - 'exec.hh', - 'executable-path.hh', - 'exit.hh', - 'experimental-features.hh', - 'file-content-address.hh', - 'file-descriptor.hh', - 'file-path-impl.hh', - 'file-path.hh', - 'file-system.hh', - 'finally.hh', - 'fmt.hh', - 'fs-sink.hh', - 'git.hh', - 'hash.hh', - 'hilite.hh', - 'json-impls.hh', - 'json-utils.hh', - 'logging.hh', - 'lru-cache.hh', - 'memory-source-accessor.hh', - 'muxable-pipe.hh', - 'os-string.hh', - 'pool.hh', - 'pos-idx.hh', - 'pos-table.hh', - 'position.hh', - 'posix-source-accessor.hh', - 'processes.hh', - 'ref.hh', - 'references.hh', - 'regex-combinators.hh', - 'repair-flag.hh', - 'serialise.hh', - 'signals.hh', - 'signature/local-keys.hh', - 'signature/signer.hh', - 'source-accessor.hh', - 'source-path.hh', - 'split.hh', - 'std-hash.hh', - 'strings.hh', - 'strings-inline.hh', - 'suggestions.hh', - 'sync.hh', - 'tarfile.hh', - 'terminal.hh', - 'thread-pool.hh', - 'topo-sort.hh', - 'types.hh', - 'unix-domain-socket.hh', - 'url-parts.hh', - 'url.hh', - 'users.hh', - 'util.hh', - 'variant-wrapper.hh', - 'xml-writer.hh', -) - if host_machine.system() == 'linux' subdir('linux') endif diff --git a/src/libutil/mounted-source-accessor.cc b/src/libutil/mounted-source-accessor.cc index 79223d15573..aa00cbd8e74 100644 --- a/src/libutil/mounted-source-accessor.cc +++ b/src/libutil/mounted-source-accessor.cc @@ -1,4 +1,4 @@ -#include "source-accessor.hh" +#include "nix/source-accessor.hh" namespace nix { diff --git a/src/libutil/package.nix b/src/libutil/package.nix index 8114dd645fc..0c410dfab28 100644 --- a/src/libutil/package.nix +++ b/src/libutil/package.nix @@ -34,9 +34,13 @@ mkMesonLibrary (finalAttrs: { ./widecharwidth ./meson.build ./meson.options + ./include/nix/meson.build ./linux/meson.build + ./linux/include/nix/meson.build ./unix/meson.build + ./unix/include/nix/meson.build ./windows/meson.build + ./windows/include/nix/meson.build (fileset.fileFilter (file: file.hasExt "cc") ./.) (fileset.fileFilter (file: file.hasExt "hh") ./.) ]; diff --git a/src/libutil/pos-table.cc b/src/libutil/pos-table.cc index 8178beb9018..59234e3fc18 100644 --- a/src/libutil/pos-table.cc +++ b/src/libutil/pos-table.cc @@ -1,4 +1,4 @@ -#include "pos-table.hh" +#include "nix/pos-table.hh" #include diff --git a/src/libutil/position.cc b/src/libutil/position.cc index 275985c8c0d..515be245b14 100644 --- a/src/libutil/position.cc +++ b/src/libutil/position.cc @@ -1,4 +1,4 @@ -#include "position.hh" +#include "nix/position.hh" namespace nix { diff --git a/src/libutil/posix-source-accessor.cc b/src/libutil/posix-source-accessor.cc index 70ad6474fd6..5da9fa6237f 100644 --- a/src/libutil/posix-source-accessor.cc +++ b/src/libutil/posix-source-accessor.cc @@ -1,7 +1,7 @@ -#include "posix-source-accessor.hh" -#include "source-path.hh" -#include "signals.hh" -#include "sync.hh" +#include "nix/posix-source-accessor.hh" +#include "nix/source-path.hh" +#include "nix/signals.hh" +#include "nix/sync.hh" #include diff --git a/src/libutil/references.cc b/src/libutil/references.cc index b30e62c7b2b..46c22c09cda 100644 --- a/src/libutil/references.cc +++ b/src/libutil/references.cc @@ -1,6 +1,6 @@ -#include "references.hh" -#include "hash.hh" -#include "archive.hh" +#include "nix/references.hh" +#include "nix/hash.hh" +#include "nix/archive.hh" #include #include diff --git a/src/libutil/serialise.cc b/src/libutil/serialise.cc index d612c11b2d7..415ccf3a0d0 100644 --- a/src/libutil/serialise.cc +++ b/src/libutil/serialise.cc @@ -1,6 +1,6 @@ -#include "serialise.hh" -#include "signals.hh" -#include "util.hh" +#include "nix/serialise.hh" +#include "nix/signals.hh" +#include "nix/util.hh" #include #include @@ -11,7 +11,7 @@ #ifdef _WIN32 # include # include -# include "windows-error.hh" +# include "nix/windows-error.hh" #else # include #endif diff --git a/src/libutil/signature/local-keys.cc b/src/libutil/signature/local-keys.cc index 70bcb5f33c2..86d3dfe3c24 100644 --- a/src/libutil/signature/local-keys.cc +++ b/src/libutil/signature/local-keys.cc @@ -1,7 +1,7 @@ -#include "signature/local-keys.hh" +#include "nix/signature/local-keys.hh" -#include "file-system.hh" -#include "util.hh" +#include "nix/file-system.hh" +#include "nix/util.hh" #include namespace nix { diff --git a/src/libutil/signature/signer.cc b/src/libutil/signature/signer.cc index 0d26867b54a..4a61b67ebb6 100644 --- a/src/libutil/signature/signer.cc +++ b/src/libutil/signature/signer.cc @@ -1,5 +1,5 @@ -#include "signature/signer.hh" -#include "error.hh" +#include "nix/signature/signer.hh" +#include "nix/error.hh" #include diff --git a/src/libutil/source-accessor.cc b/src/libutil/source-accessor.cc index 78f038cf377..738d7f2f195 100644 --- a/src/libutil/source-accessor.cc +++ b/src/libutil/source-accessor.cc @@ -1,5 +1,5 @@ -#include "source-accessor.hh" -#include "archive.hh" +#include "nix/source-accessor.hh" +#include "nix/archive.hh" namespace nix { diff --git a/src/libutil/source-path.cc b/src/libutil/source-path.cc index 759d3c35579..12150c22398 100644 --- a/src/libutil/source-path.cc +++ b/src/libutil/source-path.cc @@ -1,4 +1,4 @@ -#include "source-path.hh" +#include "nix/source-path.hh" namespace nix { diff --git a/src/libutil/strings.cc b/src/libutil/strings.cc index 1635321bb9c..43c9a0815ca 100644 --- a/src/libutil/strings.cc +++ b/src/libutil/strings.cc @@ -2,9 +2,9 @@ #include #include -#include "strings-inline.hh" -#include "os-string.hh" -#include "error.hh" +#include "nix/strings-inline.hh" +#include "nix/os-string.hh" +#include "nix/error.hh" namespace nix { diff --git a/src/libutil/suggestions.cc b/src/libutil/suggestions.cc index 84c8e296f17..0f593ada0c7 100644 --- a/src/libutil/suggestions.cc +++ b/src/libutil/suggestions.cc @@ -1,6 +1,6 @@ -#include "suggestions.hh" -#include "ansicolor.hh" -#include "terminal.hh" +#include "nix/suggestions.hh" +#include "nix/ansicolor.hh" +#include "nix/terminal.hh" #include #include diff --git a/src/libutil/tarfile.cc b/src/libutil/tarfile.cc index 9e54c9be2d8..aec05e09287 100644 --- a/src/libutil/tarfile.cc +++ b/src/libutil/tarfile.cc @@ -1,10 +1,10 @@ #include #include -#include "finally.hh" -#include "serialise.hh" -#include "tarfile.hh" -#include "file-system.hh" +#include "nix/finally.hh" +#include "nix/serialise.hh" +#include "nix/tarfile.hh" +#include "nix/file-system.hh" namespace nix { diff --git a/src/libutil/terminal.cc b/src/libutil/terminal.cc index 8a8373f1bf9..233edabb48d 100644 --- a/src/libutil/terminal.cc +++ b/src/libutil/terminal.cc @@ -1,6 +1,6 @@ -#include "terminal.hh" -#include "environment-variables.hh" -#include "sync.hh" +#include "nix/terminal.hh" +#include "nix/environment-variables.hh" +#include "nix/sync.hh" #if _WIN32 # include diff --git a/src/libutil/thread-pool.cc b/src/libutil/thread-pool.cc index 0725c192685..6b7f2d01771 100644 --- a/src/libutil/thread-pool.cc +++ b/src/libutil/thread-pool.cc @@ -1,6 +1,6 @@ -#include "thread-pool.hh" -#include "signals.hh" -#include "util.hh" +#include "nix/thread-pool.hh" +#include "nix/signals.hh" +#include "nix/util.hh" namespace nix { diff --git a/src/libutil/union-source-accessor.cc b/src/libutil/union-source-accessor.cc index eec0850c249..e24d6f2bd5b 100644 --- a/src/libutil/union-source-accessor.cc +++ b/src/libutil/union-source-accessor.cc @@ -1,4 +1,4 @@ -#include "source-accessor.hh" +#include "nix/source-accessor.hh" namespace nix { diff --git a/src/libutil/unix-domain-socket.cc b/src/libutil/unix-domain-socket.cc index 1707fdb75e1..831dd666c9f 100644 --- a/src/libutil/unix-domain-socket.cc +++ b/src/libutil/unix-domain-socket.cc @@ -1,6 +1,6 @@ -#include "file-system.hh" -#include "unix-domain-socket.hh" -#include "util.hh" +#include "nix/file-system.hh" +#include "nix/unix-domain-socket.hh" +#include "nix/util.hh" #ifdef _WIN32 # include @@ -8,7 +8,7 @@ #else # include # include -# include "processes.hh" +# include "nix/processes.hh" #endif #include diff --git a/src/libutil/unix/environment-variables.cc b/src/libutil/unix/environment-variables.cc index cd7c8f5e566..9814cbcc28f 100644 --- a/src/libutil/unix/environment-variables.cc +++ b/src/libutil/unix/environment-variables.cc @@ -1,6 +1,6 @@ #include -#include "environment-variables.hh" +#include "nix/environment-variables.hh" namespace nix { diff --git a/src/libutil/unix/file-descriptor.cc b/src/libutil/unix/file-descriptor.cc index a02a53b1eeb..566675349f3 100644 --- a/src/libutil/unix/file-descriptor.cc +++ b/src/libutil/unix/file-descriptor.cc @@ -1,7 +1,7 @@ -#include "file-system.hh" -#include "signals.hh" -#include "finally.hh" -#include "serialise.hh" +#include "nix/file-system.hh" +#include "nix/signals.hh" +#include "nix/finally.hh" +#include "nix/serialise.hh" #include #include diff --git a/src/libutil/unix/file-path.cc b/src/libutil/unix/file-path.cc index cccee86a1d7..3dd61397225 100644 --- a/src/libutil/unix/file-path.cc +++ b/src/libutil/unix/file-path.cc @@ -3,8 +3,8 @@ #include #include -#include "file-path.hh" -#include "util.hh" +#include "nix/file-path.hh" +#include "nix/util.hh" namespace nix { diff --git a/src/libutil/unix/file-system.cc b/src/libutil/unix/file-system.cc index bbbbfa5597c..119e8a27727 100644 --- a/src/libutil/unix/file-system.cc +++ b/src/libutil/unix/file-system.cc @@ -1,4 +1,4 @@ -#include "file-system.hh" +#include "nix/file-system.hh" namespace nix { diff --git a/src/libutil/unix/include/nix/meson.build b/src/libutil/unix/include/nix/meson.build new file mode 100644 index 00000000000..5f3095ab117 --- /dev/null +++ b/src/libutil/unix/include/nix/meson.build @@ -0,0 +1,8 @@ +# Public headers directory + +include_dirs += include_directories('..') + +headers += files( + 'monitor-fd.hh', + 'signals-impl.hh', +) diff --git a/src/libutil/unix/monitor-fd.hh b/src/libutil/unix/include/nix/monitor-fd.hh similarity index 99% rename from src/libutil/unix/monitor-fd.hh rename to src/libutil/unix/include/nix/monitor-fd.hh index c1f8705ebb0..720cbb937e8 100644 --- a/src/libutil/unix/monitor-fd.hh +++ b/src/libutil/unix/include/nix/monitor-fd.hh @@ -10,7 +10,7 @@ #include #include -#include "signals.hh" +#include "nix/signals.hh" namespace nix { diff --git a/src/libutil/unix/signals-impl.hh b/src/libutil/unix/include/nix/signals-impl.hh similarity index 95% rename from src/libutil/unix/signals-impl.hh rename to src/libutil/unix/include/nix/signals-impl.hh index 037416e7d6b..a63e0372599 100644 --- a/src/libutil/unix/signals-impl.hh +++ b/src/libutil/unix/include/nix/signals-impl.hh @@ -10,11 +10,11 @@ * downstream code.) */ -#include "types.hh" -#include "error.hh" -#include "logging.hh" -#include "ansicolor.hh" -#include "signals.hh" +#include "nix/types.hh" +#include "nix/error.hh" +#include "nix/logging.hh" +#include "nix/ansicolor.hh" +#include "nix/signals.hh" #include #include diff --git a/src/libutil/unix/meson.build b/src/libutil/unix/meson.build index 1c5bf27fb14..1373ed17a79 100644 --- a/src/libutil/unix/meson.build +++ b/src/libutil/unix/meson.build @@ -10,9 +10,4 @@ sources += files( 'users.cc', ) -include_dirs += include_directories('.') - -headers += files( - 'monitor-fd.hh', - 'signals-impl.hh', -) +subdir('include/nix') diff --git a/src/libutil/unix/muxable-pipe.cc b/src/libutil/unix/muxable-pipe.cc index 0104663c3bf..e81f47bc09d 100644 --- a/src/libutil/unix/muxable-pipe.cc +++ b/src/libutil/unix/muxable-pipe.cc @@ -1,8 +1,8 @@ #include -#include "logging.hh" -#include "util.hh" -#include "muxable-pipe.hh" +#include "nix/logging.hh" +#include "nix/util.hh" +#include "nix/muxable-pipe.hh" namespace nix { diff --git a/src/libutil/unix/os-string.cc b/src/libutil/unix/os-string.cc index 8378afde292..e97308a4a4c 100644 --- a/src/libutil/unix/os-string.cc +++ b/src/libutil/unix/os-string.cc @@ -3,8 +3,8 @@ #include #include -#include "file-path.hh" -#include "util.hh" +#include "nix/file-path.hh" +#include "nix/util.hh" namespace nix { diff --git a/src/libutil/unix/processes.cc b/src/libutil/unix/processes.cc index da198bed430..032992a2f2d 100644 --- a/src/libutil/unix/processes.cc +++ b/src/libutil/unix/processes.cc @@ -1,10 +1,10 @@ -#include "current-process.hh" -#include "environment-variables.hh" -#include "executable-path.hh" -#include "signals.hh" -#include "processes.hh" -#include "finally.hh" -#include "serialise.hh" +#include "nix/current-process.hh" +#include "nix/environment-variables.hh" +#include "nix/executable-path.hh" +#include "nix/signals.hh" +#include "nix/processes.hh" +#include "nix/finally.hh" +#include "nix/serialise.hh" #include #include diff --git a/src/libutil/unix/signals.cc b/src/libutil/unix/signals.cc index d0608dace67..168b33bfb90 100644 --- a/src/libutil/unix/signals.cc +++ b/src/libutil/unix/signals.cc @@ -1,8 +1,8 @@ -#include "signals.hh" -#include "util.hh" -#include "error.hh" -#include "sync.hh" -#include "terminal.hh" +#include "nix/signals.hh" +#include "nix/util.hh" +#include "nix/error.hh" +#include "nix/sync.hh" +#include "nix/terminal.hh" #include diff --git a/src/libutil/unix/users.cc b/src/libutil/unix/users.cc index 107a6e04f98..1ba194d7185 100644 --- a/src/libutil/unix/users.cc +++ b/src/libutil/unix/users.cc @@ -1,7 +1,7 @@ -#include "util.hh" -#include "users.hh" -#include "environment-variables.hh" -#include "file-system.hh" +#include "nix/util.hh" +#include "nix/users.hh" +#include "nix/environment-variables.hh" +#include "nix/file-system.hh" #include #include diff --git a/src/libutil/url.cc b/src/libutil/url.cc index 8fb1eecfb6c..f042d3b0f59 100644 --- a/src/libutil/url.cc +++ b/src/libutil/url.cc @@ -1,8 +1,8 @@ -#include "url.hh" -#include "url-parts.hh" -#include "util.hh" -#include "split.hh" -#include "canon-path.hh" +#include "nix/url.hh" +#include "nix/url-parts.hh" +#include "nix/util.hh" +#include "nix/split.hh" +#include "nix/canon-path.hh" namespace nix { diff --git a/src/libutil/users.cc b/src/libutil/users.cc index b4bc67cbcf2..d4fb08ab569 100644 --- a/src/libutil/users.cc +++ b/src/libutil/users.cc @@ -1,7 +1,7 @@ -#include "util.hh" -#include "users.hh" -#include "environment-variables.hh" -#include "file-system.hh" +#include "nix/util.hh" +#include "nix/users.hh" +#include "nix/environment-variables.hh" +#include "nix/file-system.hh" namespace nix { diff --git a/src/libutil/util.cc b/src/libutil/util.cc index ed5c7e4f1ef..37f30d91f26 100644 --- a/src/libutil/util.cc +++ b/src/libutil/util.cc @@ -1,7 +1,7 @@ -#include "util.hh" -#include "fmt.hh" -#include "file-path.hh" -#include "signals.hh" +#include "nix/util.hh" +#include "nix/fmt.hh" +#include "nix/file-path.hh" +#include "nix/signals.hh" #include #include diff --git a/src/libutil/windows/environment-variables.cc b/src/libutil/windows/environment-variables.cc index d1093597cfb..a6fadc627a5 100644 --- a/src/libutil/windows/environment-variables.cc +++ b/src/libutil/windows/environment-variables.cc @@ -1,4 +1,4 @@ -#include "environment-variables.hh" +#include "nix/environment-variables.hh" #ifdef _WIN32 # include "processenv.h" diff --git a/src/libutil/windows/file-descriptor.cc b/src/libutil/windows/file-descriptor.cc index e2a473a7cce..7f77cae89f6 100644 --- a/src/libutil/windows/file-descriptor.cc +++ b/src/libutil/windows/file-descriptor.cc @@ -1,9 +1,9 @@ -#include "file-system.hh" -#include "signals.hh" -#include "finally.hh" -#include "serialise.hh" -#include "windows-error.hh" -#include "file-path.hh" +#include "nix/file-system.hh" +#include "nix/signals.hh" +#include "nix/finally.hh" +#include "nix/serialise.hh" +#include "nix/windows-error.hh" +#include "nix/file-path.hh" #ifdef _WIN32 #include diff --git a/src/libutil/windows/file-path.cc b/src/libutil/windows/file-path.cc index 7405c426b62..5079bcbcd4e 100644 --- a/src/libutil/windows/file-path.cc +++ b/src/libutil/windows/file-path.cc @@ -3,9 +3,9 @@ #include #include -#include "file-path.hh" -#include "file-path-impl.hh" -#include "util.hh" +#include "nix/file-path.hh" +#include "nix/file-path-impl.hh" +#include "nix/util.hh" namespace nix { diff --git a/src/libutil/windows/file-system.cc b/src/libutil/windows/file-system.cc index 7ed1c04a623..22f1f89abb2 100644 --- a/src/libutil/windows/file-system.cc +++ b/src/libutil/windows/file-system.cc @@ -1,4 +1,4 @@ -#include "file-system.hh" +#include "nix/file-system.hh" #ifdef _WIN32 namespace nix { diff --git a/src/libutil/windows/include/nix/meson.build b/src/libutil/windows/include/nix/meson.build new file mode 100644 index 00000000000..898b7db8963 --- /dev/null +++ b/src/libutil/windows/include/nix/meson.build @@ -0,0 +1,9 @@ +# Public headers directory + +include_dirs += include_directories('..') + +headers += files( + 'signals-impl.hh', + 'windows-async-pipe.hh', + 'windows-error.hh', +) diff --git a/src/libutil/windows/signals-impl.hh b/src/libutil/windows/include/nix/signals-impl.hh similarity index 95% rename from src/libutil/windows/signals-impl.hh rename to src/libutil/windows/include/nix/signals-impl.hh index 26d2600bf04..fcdf18276eb 100644 --- a/src/libutil/windows/signals-impl.hh +++ b/src/libutil/windows/include/nix/signals-impl.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "types.hh" +#include "nix/types.hh" namespace nix { diff --git a/src/libutil/windows/windows-async-pipe.hh b/src/libutil/windows/include/nix/windows-async-pipe.hh similarity index 93% rename from src/libutil/windows/windows-async-pipe.hh rename to src/libutil/windows/include/nix/windows-async-pipe.hh index 53715e26010..55f6ea31d0a 100644 --- a/src/libutil/windows/windows-async-pipe.hh +++ b/src/libutil/windows/include/nix/windows-async-pipe.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "file-descriptor.hh" +#include "nix/file-descriptor.hh" #ifdef _WIN32 namespace nix::windows { diff --git a/src/libutil/windows/windows-error.hh b/src/libutil/windows/include/nix/windows-error.hh similarity index 97% rename from src/libutil/windows/windows-error.hh rename to src/libutil/windows/include/nix/windows-error.hh index 66c67b43a6c..c07d61609a1 100644 --- a/src/libutil/windows/windows-error.hh +++ b/src/libutil/windows/include/nix/windows-error.hh @@ -4,7 +4,7 @@ #ifdef _WIN32 #include -#include "error.hh" +#include "nix/error.hh" namespace nix::windows { diff --git a/src/libutil/windows/meson.build b/src/libutil/windows/meson.build index 1c645fe0573..2423c77eac6 100644 --- a/src/libutil/windows/meson.build +++ b/src/libutil/windows/meson.build @@ -11,10 +11,4 @@ sources += files( 'windows-error.cc', ) -include_dirs += include_directories('.') - -headers += files( - 'signals-impl.hh', - 'windows-async-pipe.hh', - 'windows-error.hh', -) +subdir('include/nix') diff --git a/src/libutil/windows/muxable-pipe.cc b/src/libutil/windows/muxable-pipe.cc index ac28821202c..d9a3e2ca536 100644 --- a/src/libutil/windows/muxable-pipe.cc +++ b/src/libutil/windows/muxable-pipe.cc @@ -1,10 +1,10 @@ #ifdef _WIN32 # include -# include "windows-error.hh" +# include "nix/windows-error.hh" -# include "logging.hh" -# include "util.hh" -# include "muxable-pipe.hh" +# include "nix/logging.hh" +# include "nix/util.hh" +# include "nix/muxable-pipe.hh" namespace nix { diff --git a/src/libutil/windows/os-string.cc b/src/libutil/windows/os-string.cc index b09ef8b90d2..b9aff210bb0 100644 --- a/src/libutil/windows/os-string.cc +++ b/src/libutil/windows/os-string.cc @@ -3,9 +3,9 @@ #include #include -#include "file-path.hh" -#include "file-path-impl.hh" -#include "util.hh" +#include "nix/file-path.hh" +#include "nix/file-path-impl.hh" +#include "nix/util.hh" #ifdef _WIN32 diff --git a/src/libutil/windows/processes.cc b/src/libutil/windows/processes.cc index 90cb1f5f5a5..cdb659a79c9 100644 --- a/src/libutil/windows/processes.cc +++ b/src/libutil/windows/processes.cc @@ -1,16 +1,16 @@ -#include "current-process.hh" -#include "environment-variables.hh" -#include "error.hh" -#include "executable-path.hh" -#include "file-descriptor.hh" -#include "file-path.hh" -#include "signals.hh" -#include "processes.hh" -#include "finally.hh" -#include "serialise.hh" -#include "file-system.hh" -#include "util.hh" -#include "windows-error.hh" +#include "nix/current-process.hh" +#include "nix/environment-variables.hh" +#include "nix/error.hh" +#include "nix/executable-path.hh" +#include "nix/file-descriptor.hh" +#include "nix/file-path.hh" +#include "nix/signals.hh" +#include "nix/processes.hh" +#include "nix/finally.hh" +#include "nix/serialise.hh" +#include "nix/file-system.hh" +#include "nix/util.hh" +#include "nix/windows-error.hh" #include #include diff --git a/src/libutil/windows/users.cc b/src/libutil/windows/users.cc index 438c4221cf3..1d49e667bab 100644 --- a/src/libutil/windows/users.cc +++ b/src/libutil/windows/users.cc @@ -1,8 +1,8 @@ -#include "util.hh" -#include "users.hh" -#include "environment-variables.hh" -#include "file-system.hh" -#include "windows-error.hh" +#include "nix/util.hh" +#include "nix/users.hh" +#include "nix/environment-variables.hh" +#include "nix/file-system.hh" +#include "nix/windows-error.hh" #ifdef _WIN32 #define WIN32_LEAN_AND_MEAN diff --git a/src/libutil/windows/windows-async-pipe.cc b/src/libutil/windows/windows-async-pipe.cc index 4e139d5cfb9..77ccd9e3f3f 100644 --- a/src/libutil/windows/windows-async-pipe.cc +++ b/src/libutil/windows/windows-async-pipe.cc @@ -1,5 +1,5 @@ -#include "windows-async-pipe.hh" -#include "windows-error.hh" +#include "nix/windows-async-pipe.hh" +#include "nix/windows-error.hh" #ifdef _WIN32 diff --git a/src/libutil/windows/windows-error.cc b/src/libutil/windows/windows-error.cc index b92f9155f97..8c523e4033b 100644 --- a/src/libutil/windows/windows-error.cc +++ b/src/libutil/windows/windows-error.cc @@ -1,4 +1,4 @@ -#include "windows-error.hh" +#include "nix/windows-error.hh" #ifdef _WIN32 #include diff --git a/src/libutil/xml-writer.cc b/src/libutil/xml-writer.cc index 7993bee9af0..78a40ef64b3 100644 --- a/src/libutil/xml-writer.cc +++ b/src/libutil/xml-writer.cc @@ -1,6 +1,6 @@ #include -#include "xml-writer.hh" +#include "nix/xml-writer.hh" namespace nix { diff --git a/src/nix-build/nix-build.cc b/src/nix-build/nix-build.cc index a5ae12a12d9..065a3b3e8c0 100644 --- a/src/nix-build/nix-build.cc +++ b/src/nix-build/nix-build.cc @@ -9,25 +9,25 @@ #include -#include "current-process.hh" -#include "parsed-derivations.hh" -#include "derivation-options.hh" -#include "store-api.hh" -#include "local-fs-store.hh" -#include "globals.hh" -#include "realisation.hh" -#include "derivations.hh" -#include "shared.hh" -#include "path-with-outputs.hh" -#include "eval.hh" -#include "eval-inline.hh" -#include "get-drvs.hh" -#include "common-eval-args.hh" -#include "attr-path.hh" -#include "legacy.hh" -#include "users.hh" -#include "network-proxy.hh" -#include "compatibility-settings.hh" +#include "nix/current-process.hh" +#include "nix/parsed-derivations.hh" +#include "nix/derivation-options.hh" +#include "nix/store-api.hh" +#include "nix/local-fs-store.hh" +#include "nix/globals.hh" +#include "nix/realisation.hh" +#include "nix/derivations.hh" +#include "nix/shared.hh" +#include "nix/path-with-outputs.hh" +#include "nix/eval.hh" +#include "nix/eval-inline.hh" +#include "nix/get-drvs.hh" +#include "nix/common-eval-args.hh" +#include "nix/attr-path.hh" +#include "nix/legacy.hh" +#include "nix/users.hh" +#include "nix/network-proxy.hh" +#include "nix/compatibility-settings.hh" #include "man-pages.hh" using namespace nix; diff --git a/src/nix-channel/nix-channel.cc b/src/nix-channel/nix-channel.cc index ee61db99488..33efb891858 100644 --- a/src/nix-channel/nix-channel.cc +++ b/src/nix-channel/nix-channel.cc @@ -1,12 +1,12 @@ -#include "profiles.hh" -#include "shared.hh" -#include "globals.hh" -#include "filetransfer.hh" -#include "store-api.hh" -#include "legacy.hh" -#include "eval-settings.hh" // for defexpr -#include "users.hh" -#include "tarball.hh" +#include "nix/profiles.hh" +#include "nix/shared.hh" +#include "nix/globals.hh" +#include "nix/filetransfer.hh" +#include "nix/store-api.hh" +#include "nix/legacy.hh" +#include "nix/eval-settings.hh" // for defexpr +#include "nix/users.hh" +#include "nix/tarball.hh" #include "self-exe.hh" #include "man-pages.hh" diff --git a/src/nix-collect-garbage/nix-collect-garbage.cc b/src/nix-collect-garbage/nix-collect-garbage.cc index a060a01fd15..c6f996f20fe 100644 --- a/src/nix-collect-garbage/nix-collect-garbage.cc +++ b/src/nix-collect-garbage/nix-collect-garbage.cc @@ -1,12 +1,12 @@ -#include "file-system.hh" -#include "signals.hh" -#include "store-api.hh" -#include "store-cast.hh" -#include "gc-store.hh" -#include "profiles.hh" -#include "shared.hh" -#include "globals.hh" -#include "legacy.hh" +#include "nix/file-system.hh" +#include "nix/signals.hh" +#include "nix/store-api.hh" +#include "nix/store-cast.hh" +#include "nix/gc-store.hh" +#include "nix/profiles.hh" +#include "nix/shared.hh" +#include "nix/globals.hh" +#include "nix/legacy.hh" #include "man-pages.hh" #include diff --git a/src/nix-copy-closure/nix-copy-closure.cc b/src/nix-copy-closure/nix-copy-closure.cc index 15bff0a0ad5..8094925dc58 100644 --- a/src/nix-copy-closure/nix-copy-closure.cc +++ b/src/nix-copy-closure/nix-copy-closure.cc @@ -1,7 +1,7 @@ -#include "shared.hh" -#include "realisation.hh" -#include "store-api.hh" -#include "legacy.hh" +#include "nix/shared.hh" +#include "nix/realisation.hh" +#include "nix/store-api.hh" +#include "nix/legacy.hh" #include "man-pages.hh" using namespace nix; diff --git a/src/nix-env/nix-env.cc b/src/nix-env/nix-env.cc index aa1edb4c8e3..c02c27d3678 100644 --- a/src/nix-env/nix-env.cc +++ b/src/nix-env/nix-env.cc @@ -1,22 +1,22 @@ -#include "users.hh" -#include "attr-path.hh" -#include "common-eval-args.hh" -#include "derivations.hh" -#include "eval.hh" -#include "get-drvs.hh" -#include "globals.hh" -#include "names.hh" -#include "profiles.hh" -#include "path-with-outputs.hh" -#include "shared.hh" -#include "store-api.hh" -#include "local-fs-store.hh" +#include "nix/users.hh" +#include "nix/attr-path.hh" +#include "nix/common-eval-args.hh" +#include "nix/derivations.hh" +#include "nix/eval.hh" +#include "nix/get-drvs.hh" +#include "nix/globals.hh" +#include "nix/names.hh" +#include "nix/profiles.hh" +#include "nix/path-with-outputs.hh" +#include "nix/shared.hh" +#include "nix/store-api.hh" +#include "nix/local-fs-store.hh" #include "user-env.hh" -#include "value-to-json.hh" -#include "xml-writer.hh" -#include "legacy.hh" -#include "eval-settings.hh" // for defexpr -#include "terminal.hh" +#include "nix/value-to-json.hh" +#include "nix/xml-writer.hh" +#include "nix/legacy.hh" +#include "nix/eval-settings.hh" // for defexpr +#include "nix/terminal.hh" #include "man-pages.hh" #include diff --git a/src/nix-env/user-env.cc b/src/nix-env/user-env.cc index ee62077c0a7..81abefc2fda 100644 --- a/src/nix-env/user-env.cc +++ b/src/nix-env/user-env.cc @@ -1,14 +1,14 @@ #include "user-env.hh" -#include "derivations.hh" -#include "store-api.hh" -#include "path-with-outputs.hh" -#include "local-fs-store.hh" -#include "globals.hh" -#include "shared.hh" -#include "eval.hh" -#include "eval-inline.hh" -#include "profiles.hh" -#include "print-ambiguous.hh" +#include "nix/derivations.hh" +#include "nix/store-api.hh" +#include "nix/path-with-outputs.hh" +#include "nix/local-fs-store.hh" +#include "nix/globals.hh" +#include "nix/shared.hh" +#include "nix/eval.hh" +#include "nix/eval-inline.hh" +#include "nix/profiles.hh" +#include "nix/print-ambiguous.hh" #include #include diff --git a/src/nix-env/user-env.hh b/src/nix-env/user-env.hh index 15da3fcb3f0..8ec124d07c6 100644 --- a/src/nix-env/user-env.hh +++ b/src/nix-env/user-env.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "get-drvs.hh" +#include "nix/get-drvs.hh" namespace nix { diff --git a/src/nix-instantiate/nix-instantiate.cc b/src/nix-instantiate/nix-instantiate.cc index 0cf926369e5..d4765952ba8 100644 --- a/src/nix-instantiate/nix-instantiate.cc +++ b/src/nix-instantiate/nix-instantiate.cc @@ -1,17 +1,17 @@ -#include "globals.hh" -#include "print-ambiguous.hh" -#include "shared.hh" -#include "eval.hh" -#include "eval-inline.hh" -#include "get-drvs.hh" -#include "attr-path.hh" -#include "signals.hh" -#include "value-to-xml.hh" -#include "value-to-json.hh" -#include "store-api.hh" -#include "local-fs-store.hh" -#include "common-eval-args.hh" -#include "legacy.hh" +#include "nix/globals.hh" +#include "nix/print-ambiguous.hh" +#include "nix/shared.hh" +#include "nix/eval.hh" +#include "nix/eval-inline.hh" +#include "nix/get-drvs.hh" +#include "nix/attr-path.hh" +#include "nix/signals.hh" +#include "nix/value-to-xml.hh" +#include "nix/value-to-json.hh" +#include "nix/store-api.hh" +#include "nix/local-fs-store.hh" +#include "nix/common-eval-args.hh" +#include "nix/legacy.hh" #include "man-pages.hh" #include diff --git a/src/nix-store/dotgraph.cc b/src/nix-store/dotgraph.cc index 2c530999b55..0cab4665601 100644 --- a/src/nix-store/dotgraph.cc +++ b/src/nix-store/dotgraph.cc @@ -1,5 +1,5 @@ #include "dotgraph.hh" -#include "store-api.hh" +#include "nix/store-api.hh" #include diff --git a/src/nix-store/dotgraph.hh b/src/nix-store/dotgraph.hh index 4fd9440803f..cb4041f8e34 100644 --- a/src/nix-store/dotgraph.hh +++ b/src/nix-store/dotgraph.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "store-api.hh" +#include "nix/store-api.hh" namespace nix { diff --git a/src/nix-store/graphml.cc b/src/nix-store/graphml.cc index 3e789a2d8b3..1eb2ccdf68c 100644 --- a/src/nix-store/graphml.cc +++ b/src/nix-store/graphml.cc @@ -1,6 +1,6 @@ #include "graphml.hh" -#include "store-api.hh" -#include "derivations.hh" +#include "nix/store-api.hh" +#include "nix/derivations.hh" #include diff --git a/src/nix-store/graphml.hh b/src/nix-store/graphml.hh index bd3a4a37c46..2989733d775 100644 --- a/src/nix-store/graphml.hh +++ b/src/nix-store/graphml.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "store-api.hh" +#include "nix/store-api.hh" namespace nix { diff --git a/src/nix-store/nix-store.cc b/src/nix-store/nix-store.cc index d182b1eee57..7bdf3b1a336 100644 --- a/src/nix-store/nix-store.cc +++ b/src/nix-store/nix-store.cc @@ -1,23 +1,23 @@ -#include "archive.hh" -#include "derivations.hh" +#include "nix/archive.hh" +#include "nix/derivations.hh" #include "dotgraph.hh" -#include "globals.hh" -#include "store-cast.hh" -#include "local-fs-store.hh" -#include "log-store.hh" -#include "serve-protocol.hh" -#include "serve-protocol-connection.hh" -#include "shared.hh" +#include "nix/globals.hh" +#include "nix/store-cast.hh" +#include "nix/local-fs-store.hh" +#include "nix/log-store.hh" +#include "nix/serve-protocol.hh" +#include "nix/serve-protocol-connection.hh" +#include "nix/shared.hh" #include "graphml.hh" -#include "legacy.hh" -#include "posix-source-accessor.hh" -#include "path-with-outputs.hh" +#include "nix/legacy.hh" +#include "nix/posix-source-accessor.hh" +#include "nix/path-with-outputs.hh" #include "man-pages.hh" #ifndef _WIN32 // TODO implement on Windows or provide allowed-to-noop interface -# include "local-store.hh" -# include "monitor-fd.hh" -# include "posix-fs-canonicalise.hh" +# include "nix/local-store.hh" +# include "nix/monitor-fd.hh" +# include "nix/posix-fs-canonicalise.hh" #endif #include @@ -27,9 +27,9 @@ #include #include -#include "build-result.hh" -#include "exit.hh" -#include "serve-protocol-impl.hh" +#include "nix/build-result.hh" +#include "nix/exit.hh" +#include "nix/serve-protocol-impl.hh" namespace nix_store { diff --git a/src/nix/add-to-store.cc b/src/nix/add-to-store.cc index 7f15de374eb..6c71dc69fb4 100644 --- a/src/nix/add-to-store.cc +++ b/src/nix/add-to-store.cc @@ -1,10 +1,10 @@ -#include "command.hh" -#include "common-args.hh" -#include "store-api.hh" -#include "archive.hh" -#include "git.hh" -#include "posix-source-accessor.hh" -#include "misc-store-flags.hh" +#include "nix/command.hh" +#include "nix/common-args.hh" +#include "nix/store-api.hh" +#include "nix/archive.hh" +#include "nix/git.hh" +#include "nix/posix-source-accessor.hh" +#include "nix/misc-store-flags.hh" using namespace nix; diff --git a/src/nix/app.cc b/src/nix/app.cc index 935ed18ecba..2b6c222697e 100644 --- a/src/nix/app.cc +++ b/src/nix/app.cc @@ -1,13 +1,13 @@ -#include "installables.hh" -#include "installable-derived-path.hh" -#include "installable-value.hh" -#include "store-api.hh" -#include "eval-inline.hh" -#include "eval-cache.hh" -#include "names.hh" -#include "command.hh" -#include "derivations.hh" -#include "downstream-placeholder.hh" +#include "nix/installables.hh" +#include "nix/installable-derived-path.hh" +#include "nix/installable-value.hh" +#include "nix/store-api.hh" +#include "nix/eval-inline.hh" +#include "nix/eval-cache.hh" +#include "nix/names.hh" +#include "nix/command.hh" +#include "nix/derivations.hh" +#include "nix/downstream-placeholder.hh" namespace nix { diff --git a/src/nix/build.cc b/src/nix/build.cc index 4ba6241ece2..9a99832b477 100644 --- a/src/nix/build.cc +++ b/src/nix/build.cc @@ -1,8 +1,8 @@ -#include "command.hh" -#include "common-args.hh" -#include "shared.hh" -#include "store-api.hh" -#include "local-fs-store.hh" +#include "nix/command.hh" +#include "nix/common-args.hh" +#include "nix/shared.hh" +#include "nix/store-api.hh" +#include "nix/local-fs-store.hh" #include diff --git a/src/nix/bundle.cc b/src/nix/bundle.cc index 5b7862c4e0c..61338393933 100644 --- a/src/nix/bundle.cc +++ b/src/nix/bundle.cc @@ -1,10 +1,10 @@ -#include "installable-flake.hh" -#include "command-installable-value.hh" -#include "common-args.hh" -#include "shared.hh" -#include "store-api.hh" -#include "local-fs-store.hh" -#include "eval-inline.hh" +#include "nix/installable-flake.hh" +#include "nix/command-installable-value.hh" +#include "nix/common-args.hh" +#include "nix/shared.hh" +#include "nix/store-api.hh" +#include "nix/local-fs-store.hh" +#include "nix/eval-inline.hh" namespace nix::fs { using namespace std::filesystem; } diff --git a/src/nix/cat.cc b/src/nix/cat.cc index 214d256e956..11de32b403a 100644 --- a/src/nix/cat.cc +++ b/src/nix/cat.cc @@ -1,6 +1,6 @@ -#include "command.hh" -#include "store-api.hh" -#include "nar-accessor.hh" +#include "nix/command.hh" +#include "nix/store-api.hh" +#include "nix/nar-accessor.hh" using namespace nix; diff --git a/src/nix/config-check.cc b/src/nix/config-check.cc index a72b0654232..bc23fd7be38 100644 --- a/src/nix/config-check.cc +++ b/src/nix/config-check.cc @@ -1,14 +1,14 @@ #include -#include "command.hh" -#include "exit.hh" -#include "logging.hh" -#include "serve-protocol.hh" -#include "shared.hh" -#include "store-api.hh" -#include "local-fs-store.hh" -#include "worker-protocol.hh" -#include "executable-path.hh" +#include "nix/command.hh" +#include "nix/exit.hh" +#include "nix/logging.hh" +#include "nix/serve-protocol.hh" +#include "nix/shared.hh" +#include "nix/store-api.hh" +#include "nix/local-fs-store.hh" +#include "nix/worker-protocol.hh" +#include "nix/executable-path.hh" namespace nix::fs { using namespace std::filesystem; } diff --git a/src/nix/config.cc b/src/nix/config.cc index 07f975a006a..5d9330f0339 100644 --- a/src/nix/config.cc +++ b/src/nix/config.cc @@ -1,8 +1,8 @@ -#include "command.hh" -#include "common-args.hh" -#include "shared.hh" -#include "store-api.hh" -#include "config-global.hh" +#include "nix/command.hh" +#include "nix/common-args.hh" +#include "nix/shared.hh" +#include "nix/store-api.hh" +#include "nix/config-global.hh" #include diff --git a/src/nix/copy.cc b/src/nix/copy.cc index 399a6c0fd34..0ed99df53bc 100644 --- a/src/nix/copy.cc +++ b/src/nix/copy.cc @@ -1,7 +1,7 @@ -#include "command.hh" -#include "shared.hh" -#include "store-api.hh" -#include "local-fs-store.hh" +#include "nix/command.hh" +#include "nix/shared.hh" +#include "nix/store-api.hh" +#include "nix/local-fs-store.hh" using namespace nix; diff --git a/src/nix/crash-handler.cc b/src/nix/crash-handler.cc index 8ffd436acee..65687f79ee3 100644 --- a/src/nix/crash-handler.cc +++ b/src/nix/crash-handler.cc @@ -1,6 +1,7 @@ #include "crash-handler.hh" -#include "fmt.hh" -#include "logging.hh" + +#include "nix/fmt.hh" +#include "nix/logging.hh" #include #include diff --git a/src/nix/derivation-add.cc b/src/nix/derivation-add.cc index 4d91d453800..da52ac14c05 100644 --- a/src/nix/derivation-add.cc +++ b/src/nix/derivation-add.cc @@ -1,10 +1,10 @@ // FIXME: rename to 'nix plan add' or 'nix derivation add'? -#include "command.hh" -#include "common-args.hh" -#include "store-api.hh" -#include "archive.hh" -#include "derivations.hh" +#include "nix/command.hh" +#include "nix/common-args.hh" +#include "nix/store-api.hh" +#include "nix/archive.hh" +#include "nix/derivations.hh" #include using namespace nix; diff --git a/src/nix/derivation-show.cc b/src/nix/derivation-show.cc index 5a07f58e6dc..daabdb4d674 100644 --- a/src/nix/derivation-show.cc +++ b/src/nix/derivation-show.cc @@ -1,11 +1,11 @@ // FIXME: integrate this with `nix path-info`? // FIXME: rename to 'nix store derivation show'? -#include "command.hh" -#include "common-args.hh" -#include "store-api.hh" -#include "archive.hh" -#include "derivations.hh" +#include "nix/command.hh" +#include "nix/common-args.hh" +#include "nix/store-api.hh" +#include "nix/archive.hh" +#include "nix/derivations.hh" #include using namespace nix; diff --git a/src/nix/derivation.cc b/src/nix/derivation.cc index 59a78d37879..6e0d28d9abf 100644 --- a/src/nix/derivation.cc +++ b/src/nix/derivation.cc @@ -1,4 +1,4 @@ -#include "command.hh" +#include "nix/command.hh" using namespace nix; diff --git a/src/nix/develop.cc b/src/nix/develop.cc index 961962ebdea..7a1e751070d 100644 --- a/src/nix/develop.cc +++ b/src/nix/develop.cc @@ -1,12 +1,12 @@ -#include "config-global.hh" -#include "eval.hh" -#include "installable-flake.hh" -#include "command-installable-value.hh" -#include "common-args.hh" -#include "shared.hh" -#include "store-api.hh" -#include "outputs-spec.hh" -#include "derivations.hh" +#include "nix/config-global.hh" +#include "nix/eval.hh" +#include "nix/installable-flake.hh" +#include "nix/command-installable-value.hh" +#include "nix/common-args.hh" +#include "nix/shared.hh" +#include "nix/store-api.hh" +#include "nix/outputs-spec.hh" +#include "nix/derivations.hh" #ifndef _WIN32 // TODO re-enable on Windows # include "run.hh" @@ -18,7 +18,7 @@ #include #include -#include "strings.hh" +#include "nix/strings.hh" namespace nix::fs { using namespace std::filesystem; } diff --git a/src/nix/diff-closures.cc b/src/nix/diff-closures.cc index 2bc7fe82b1b..042da8d3ada 100644 --- a/src/nix/diff-closures.cc +++ b/src/nix/diff-closures.cc @@ -1,12 +1,12 @@ -#include "command.hh" -#include "shared.hh" -#include "store-api.hh" -#include "common-args.hh" -#include "names.hh" +#include "nix/command.hh" +#include "nix/shared.hh" +#include "nix/store-api.hh" +#include "nix/common-args.hh" +#include "nix/names.hh" #include -#include "strings.hh" +#include "nix/strings.hh" namespace nix { diff --git a/src/nix/dump-path.cc b/src/nix/dump-path.cc index 98a059fa1bd..bf82de84679 100644 --- a/src/nix/dump-path.cc +++ b/src/nix/dump-path.cc @@ -1,6 +1,6 @@ -#include "command.hh" -#include "store-api.hh" -#include "archive.hh" +#include "nix/command.hh" +#include "nix/store-api.hh" +#include "nix/archive.hh" using namespace nix; diff --git a/src/nix/edit.cc b/src/nix/edit.cc index 49807da9ecd..770bbfc7129 100644 --- a/src/nix/edit.cc +++ b/src/nix/edit.cc @@ -1,9 +1,9 @@ -#include "current-process.hh" -#include "command-installable-value.hh" -#include "shared.hh" -#include "eval.hh" -#include "attr-path.hh" -#include "editor-for.hh" +#include "nix/current-process.hh" +#include "nix/command-installable-value.hh" +#include "nix/shared.hh" +#include "nix/eval.hh" +#include "nix/attr-path.hh" +#include "nix/editor-for.hh" #include diff --git a/src/nix/env.cc b/src/nix/env.cc index 832320320ae..982120252fa 100644 --- a/src/nix/env.cc +++ b/src/nix/env.cc @@ -1,11 +1,11 @@ #include #include -#include "command.hh" -#include "eval.hh" +#include "nix/command.hh" +#include "nix/eval.hh" #include "run.hh" -#include "strings.hh" -#include "executable-path.hh" +#include "nix/strings.hh" +#include "nix/executable-path.hh" using namespace nix; diff --git a/src/nix/eval.cc b/src/nix/eval.cc index e038d75c3a0..8d48ddbeb29 100644 --- a/src/nix/eval.cc +++ b/src/nix/eval.cc @@ -1,10 +1,10 @@ -#include "command-installable-value.hh" -#include "common-args.hh" -#include "shared.hh" -#include "store-api.hh" -#include "eval.hh" -#include "eval-inline.hh" -#include "value-to-json.hh" +#include "nix/command-installable-value.hh" +#include "nix/common-args.hh" +#include "nix/shared.hh" +#include "nix/store-api.hh" +#include "nix/eval.hh" +#include "nix/eval-inline.hh" +#include "nix/value-to-json.hh" #include diff --git a/src/nix/flake.cc b/src/nix/flake.cc index 7c9951c4c9f..f86b0c4a176 100644 --- a/src/nix/flake.cc +++ b/src/nix/flake.cc @@ -1,30 +1,30 @@ -#include "command.hh" -#include "installable-flake.hh" -#include "common-args.hh" -#include "shared.hh" -#include "eval.hh" -#include "eval-inline.hh" -#include "eval-settings.hh" -#include "flake/flake.hh" -#include "get-drvs.hh" -#include "signals.hh" -#include "store-api.hh" -#include "derivations.hh" -#include "outputs-spec.hh" -#include "attr-path.hh" -#include "fetchers.hh" -#include "registry.hh" -#include "eval-cache.hh" -#include "markdown.hh" -#include "users.hh" -#include "fetch-to-store.hh" -#include "local-fs-store.hh" +#include "nix/command.hh" +#include "nix/installable-flake.hh" +#include "nix/common-args.hh" +#include "nix/shared.hh" +#include "nix/eval.hh" +#include "nix/eval-inline.hh" +#include "nix/eval-settings.hh" +#include "nix/flake/flake.hh" +#include "nix/get-drvs.hh" +#include "nix/signals.hh" +#include "nix/store-api.hh" +#include "nix/derivations.hh" +#include "nix/outputs-spec.hh" +#include "nix/attr-path.hh" +#include "nix/fetchers.hh" +#include "nix/registry.hh" +#include "nix/eval-cache.hh" +#include "nix/markdown.hh" +#include "nix/users.hh" +#include "nix/fetch-to-store.hh" +#include "nix/local-fs-store.hh" #include #include #include -#include "strings-inline.hh" +#include "nix/strings-inline.hh" namespace nix::fs { using namespace std::filesystem; } diff --git a/src/nix/fmt.cc b/src/nix/fmt.cc index f444d6addf1..e49f7608418 100644 --- a/src/nix/fmt.cc +++ b/src/nix/fmt.cc @@ -1,6 +1,6 @@ -#include "command.hh" -#include "installable-value.hh" -#include "eval.hh" +#include "nix/command.hh" +#include "nix/installable-value.hh" +#include "nix/eval.hh" #include "run.hh" using namespace nix; diff --git a/src/nix/hash.cc b/src/nix/hash.cc index 91bba47f42b..db937283acf 100644 --- a/src/nix/hash.cc +++ b/src/nix/hash.cc @@ -1,13 +1,13 @@ -#include "command.hh" -#include "hash.hh" -#include "content-address.hh" -#include "legacy.hh" -#include "shared.hh" -#include "references.hh" -#include "archive.hh" -#include "git.hh" -#include "posix-source-accessor.hh" -#include "misc-store-flags.hh" +#include "nix/command.hh" +#include "nix/hash.hh" +#include "nix/content-address.hh" +#include "nix/legacy.hh" +#include "nix/shared.hh" +#include "nix/references.hh" +#include "nix/archive.hh" +#include "nix/git.hh" +#include "nix/posix-source-accessor.hh" +#include "nix/misc-store-flags.hh" #include "man-pages.hh" using namespace nix; diff --git a/src/nix/log.cc b/src/nix/log.cc index 2c35ed803ad..e43f32829d3 100644 --- a/src/nix/log.cc +++ b/src/nix/log.cc @@ -1,8 +1,8 @@ -#include "command.hh" -#include "common-args.hh" -#include "shared.hh" -#include "store-api.hh" -#include "log-store.hh" +#include "nix/command.hh" +#include "nix/common-args.hh" +#include "nix/shared.hh" +#include "nix/store-api.hh" +#include "nix/log-store.hh" using namespace nix; diff --git a/src/nix/ls.cc b/src/nix/ls.cc index 63f97f2d3b6..c5a1c450485 100644 --- a/src/nix/ls.cc +++ b/src/nix/ls.cc @@ -1,7 +1,7 @@ -#include "command.hh" -#include "store-api.hh" -#include "nar-accessor.hh" -#include "common-args.hh" +#include "nix/command.hh" +#include "nix/store-api.hh" +#include "nix/nar-accessor.hh" +#include "nix/common-args.hh" #include using namespace nix; diff --git a/src/nix/main.cc b/src/nix/main.cc index 188d424bc5e..3d57263dfe9 100644 --- a/src/nix/main.cc +++ b/src/nix/main.cc @@ -1,26 +1,27 @@ -#include "args/root.hh" -#include "current-process.hh" -#include "command.hh" -#include "common-args.hh" -#include "eval.hh" -#include "eval-settings.hh" -#include "globals.hh" -#include "legacy.hh" -#include "shared.hh" -#include "store-api.hh" -#include "filetransfer.hh" -#include "finally.hh" -#include "loggers.hh" -#include "markdown.hh" -#include "memory-source-accessor.hh" -#include "terminal.hh" -#include "users.hh" -#include "network-proxy.hh" -#include "eval-cache.hh" -#include "flake/flake.hh" -#include "flake/settings.hh" +#include "nix/args/root.hh" +#include "nix/current-process.hh" +#include "nix/command.hh" +#include "nix/common-args.hh" +#include "nix/eval.hh" +#include "nix/eval-settings.hh" +#include "nix/globals.hh" +#include "nix/legacy.hh" +#include "nix/shared.hh" +#include "nix/store-api.hh" +#include "nix/filetransfer.hh" +#include "nix/finally.hh" +#include "nix/loggers.hh" +#include "nix/markdown.hh" +#include "nix/memory-source-accessor.hh" +#include "nix/terminal.hh" +#include "nix/users.hh" +#include "nix/network-proxy.hh" +#include "nix/eval-cache.hh" +#include "nix/flake/flake.hh" +#include "nix/flake/settings.hh" +#include "nix/json-utils.hh" + #include "self-exe.hh" -#include "json-utils.hh" #include "crash-handler.hh" #include @@ -35,7 +36,7 @@ #endif #if __linux__ -# include "namespaces.hh" +# include "nix/namespaces.hh" #endif #ifndef _WIN32 @@ -44,7 +45,7 @@ extern std::string chrootHelperName; void chrootHelper(int argc, char * * argv); #endif -#include "strings.hh" +#include "nix/strings.hh" namespace nix { diff --git a/src/nix/make-content-addressed.cc b/src/nix/make-content-addressed.cc index d9c988a9f5d..0426dd5d642 100644 --- a/src/nix/make-content-addressed.cc +++ b/src/nix/make-content-addressed.cc @@ -1,7 +1,7 @@ -#include "command.hh" -#include "store-api.hh" -#include "make-content-addressed.hh" -#include "common-args.hh" +#include "nix/command.hh" +#include "nix/store-api.hh" +#include "nix/make-content-addressed.hh" +#include "nix/common-args.hh" #include diff --git a/src/nix/man-pages.cc b/src/nix/man-pages.cc index e9e89bb62a7..993ef28e1be 100644 --- a/src/nix/man-pages.cc +++ b/src/nix/man-pages.cc @@ -1,7 +1,7 @@ #include "man-pages.hh" -#include "file-system.hh" -#include "current-process.hh" -#include "environment-variables.hh" +#include "nix/file-system.hh" +#include "nix/current-process.hh" +#include "nix/environment-variables.hh" namespace nix { diff --git a/src/nix/meson.build b/src/nix/meson.build index 1ad53c80757..adcf80a259e 100644 --- a/src/nix/meson.build +++ b/src/nix/meson.build @@ -54,9 +54,9 @@ config_h = configure_file( add_project_arguments( # TODO(Qyriad): Yes this is how the autoconf+Make system did it. # It would be nice for our headers to be idempotent instead. - '-include', 'config-util.hh', - '-include', 'config-store.hh', - '-include', 'config-expr.hh', + '-include', 'nix/config-util.hh', + '-include', 'nix/config-store.hh', + '-include', 'nix/config-expr.hh', '-include', 'config-nix-cli.hh', language : 'cpp', ) diff --git a/src/nix/nar.cc b/src/nix/nar.cc index 8ad4f92a796..ba815551d59 100644 --- a/src/nix/nar.cc +++ b/src/nix/nar.cc @@ -1,4 +1,4 @@ -#include "command.hh" +#include "nix/command.hh" using namespace nix; diff --git a/src/nix/optimise-store.cc b/src/nix/optimise-store.cc index 985006e5a54..ac1b03f60a5 100644 --- a/src/nix/optimise-store.cc +++ b/src/nix/optimise-store.cc @@ -1,6 +1,6 @@ -#include "command.hh" -#include "shared.hh" -#include "store-api.hh" +#include "nix/command.hh" +#include "nix/shared.hh" +#include "nix/store-api.hh" #include diff --git a/src/nix/path-from-hash-part.cc b/src/nix/path-from-hash-part.cc index 7f7cda8d3d3..060231d025a 100644 --- a/src/nix/path-from-hash-part.cc +++ b/src/nix/path-from-hash-part.cc @@ -1,5 +1,5 @@ -#include "command.hh" -#include "store-api.hh" +#include "nix/command.hh" +#include "nix/store-api.hh" using namespace nix; diff --git a/src/nix/path-info.cc b/src/nix/path-info.cc index 8e3d0406dd2..994c7e7dc6b 100644 --- a/src/nix/path-info.cc +++ b/src/nix/path-info.cc @@ -1,15 +1,15 @@ -#include "command.hh" -#include "shared.hh" -#include "store-api.hh" -#include "common-args.hh" -#include "nar-info.hh" +#include "nix/command.hh" +#include "nix/shared.hh" +#include "nix/store-api.hh" +#include "nix/common-args.hh" +#include "nix/nar-info.hh" #include #include #include -#include "strings.hh" +#include "nix/strings.hh" using namespace nix; using nlohmann::json; diff --git a/src/nix/prefetch.cc b/src/nix/prefetch.cc index ba2fd39d854..f7acd601792 100644 --- a/src/nix/prefetch.cc +++ b/src/nix/prefetch.cc @@ -1,17 +1,18 @@ -#include "command.hh" -#include "common-args.hh" -#include "shared.hh" -#include "store-api.hh" -#include "filetransfer.hh" -#include "finally.hh" -#include "loggers.hh" -#include "tarfile.hh" -#include "attr-path.hh" -#include "eval-inline.hh" -#include "legacy.hh" -#include "posix-source-accessor.hh" -#include "misc-store-flags.hh" -#include "terminal.hh" +#include "nix/command.hh" +#include "nix/common-args.hh" +#include "nix/shared.hh" +#include "nix/store-api.hh" +#include "nix/filetransfer.hh" +#include "nix/finally.hh" +#include "nix/loggers.hh" +#include "nix/tarfile.hh" +#include "nix/attr-path.hh" +#include "nix/eval-inline.hh" +#include "nix/legacy.hh" +#include "nix/posix-source-accessor.hh" +#include "nix/misc-store-flags.hh" +#include "nix/terminal.hh" + #include "man-pages.hh" #include diff --git a/src/nix/profile.cc b/src/nix/profile.cc index 324fd633003..2ba3a82682b 100644 --- a/src/nix/profile.cc +++ b/src/nix/profile.cc @@ -1,23 +1,23 @@ -#include "command.hh" -#include "installable-flake.hh" -#include "common-args.hh" -#include "shared.hh" -#include "store-api.hh" -#include "derivations.hh" -#include "archive.hh" -#include "builtins/buildenv.hh" -#include "flake/flakeref.hh" +#include "nix/command.hh" +#include "nix/installable-flake.hh" +#include "nix/common-args.hh" +#include "nix/shared.hh" +#include "nix/store-api.hh" +#include "nix/derivations.hh" +#include "nix/archive.hh" +#include "nix/builtins/buildenv.hh" +#include "nix/flake/flakeref.hh" #include "../nix-env/user-env.hh" -#include "profiles.hh" -#include "names.hh" -#include "url.hh" -#include "flake/url-name.hh" +#include "nix/profiles.hh" +#include "nix/names.hh" +#include "nix/url.hh" +#include "nix/flake/url-name.hh" #include #include #include -#include "strings.hh" +#include "nix/strings.hh" using namespace nix; diff --git a/src/nix/realisation.cc b/src/nix/realisation.cc index a386d98eac9..32e5442652c 100644 --- a/src/nix/realisation.cc +++ b/src/nix/realisation.cc @@ -1,5 +1,5 @@ -#include "command.hh" -#include "common-args.hh" +#include "nix/command.hh" +#include "nix/common-args.hh" #include diff --git a/src/nix/registry.cc b/src/nix/registry.cc index ee45162302c..f464ab02f6a 100644 --- a/src/nix/registry.cc +++ b/src/nix/registry.cc @@ -1,11 +1,11 @@ -#include "command.hh" -#include "common-args.hh" -#include "shared.hh" -#include "eval.hh" -#include "flake/flake.hh" -#include "store-api.hh" -#include "fetchers.hh" -#include "registry.hh" +#include "nix/command.hh" +#include "nix/common-args.hh" +#include "nix/shared.hh" +#include "nix/eval.hh" +#include "nix/flake/flake.hh" +#include "nix/store-api.hh" +#include "nix/fetchers.hh" +#include "nix/registry.hh" using namespace nix; using namespace nix::flake; diff --git a/src/nix/repl.cc b/src/nix/repl.cc index 5a570749f4c..fb895445587 100644 --- a/src/nix/repl.cc +++ b/src/nix/repl.cc @@ -1,11 +1,11 @@ -#include "eval.hh" -#include "eval-settings.hh" -#include "config-global.hh" -#include "globals.hh" -#include "command.hh" -#include "installable-value.hh" -#include "repl.hh" -#include "processes.hh" +#include "nix/eval.hh" +#include "nix/eval-settings.hh" +#include "nix/config-global.hh" +#include "nix/globals.hh" +#include "nix/command.hh" +#include "nix/installable-value.hh" +#include "nix/repl.hh" +#include "nix/processes.hh" #include "self-exe.hh" namespace nix { diff --git a/src/nix/run.cc b/src/nix/run.cc index 897824d68cd..0345fab9aa4 100644 --- a/src/nix/run.cc +++ b/src/nix/run.cc @@ -1,20 +1,20 @@ -#include "current-process.hh" +#include "nix/current-process.hh" #include "run.hh" -#include "command-installable-value.hh" -#include "common-args.hh" -#include "shared.hh" -#include "signals.hh" -#include "store-api.hh" -#include "derivations.hh" -#include "local-fs-store.hh" -#include "finally.hh" -#include "source-accessor.hh" -#include "eval.hh" +#include "nix/command-installable-value.hh" +#include "nix/common-args.hh" +#include "nix/shared.hh" +#include "nix/signals.hh" +#include "nix/store-api.hh" +#include "nix/derivations.hh" +#include "nix/local-fs-store.hh" +#include "nix/finally.hh" +#include "nix/source-accessor.hh" +#include "nix/eval.hh" #include #if __linux__ # include -# include "personality.hh" +# include "nix/personality.hh" #endif #include diff --git a/src/nix/run.hh b/src/nix/run.hh index 51517fdc94a..eb670319ca5 100644 --- a/src/nix/run.hh +++ b/src/nix/run.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "store-api.hh" +#include "nix/store-api.hh" namespace nix { diff --git a/src/nix/search.cc b/src/nix/search.cc index 30b96c5008d..6a2ee1aa6c6 100644 --- a/src/nix/search.cc +++ b/src/nix/search.cc @@ -1,22 +1,22 @@ -#include "command-installable-value.hh" -#include "globals.hh" -#include "eval.hh" -#include "eval-inline.hh" -#include "eval-settings.hh" -#include "names.hh" -#include "get-drvs.hh" -#include "common-args.hh" -#include "shared.hh" -#include "eval-cache.hh" -#include "attr-path.hh" -#include "hilite.hh" -#include "strings-inline.hh" +#include "nix/command-installable-value.hh" +#include "nix/globals.hh" +#include "nix/eval.hh" +#include "nix/eval-inline.hh" +#include "nix/eval-settings.hh" +#include "nix/names.hh" +#include "nix/get-drvs.hh" +#include "nix/common-args.hh" +#include "nix/shared.hh" +#include "nix/eval-cache.hh" +#include "nix/attr-path.hh" +#include "nix/hilite.hh" +#include "nix/strings-inline.hh" #include #include #include -#include "strings.hh" +#include "nix/strings.hh" using namespace nix; using json = nlohmann::json; diff --git a/src/nix/self-exe.cc b/src/nix/self-exe.cc index 77d20a835e3..c9ab566cec7 100644 --- a/src/nix/self-exe.cc +++ b/src/nix/self-exe.cc @@ -1,6 +1,6 @@ -#include "current-process.hh" -#include "file-system.hh" -#include "globals.hh" +#include "nix/current-process.hh" +#include "nix/file-system.hh" +#include "nix/globals.hh" #include "self-exe.hh" namespace nix { diff --git a/src/nix/sigs.cc b/src/nix/sigs.cc index 10b99b45231..bbdc330026c 100644 --- a/src/nix/sigs.cc +++ b/src/nix/sigs.cc @@ -1,8 +1,8 @@ -#include "signals.hh" -#include "command.hh" -#include "shared.hh" -#include "store-api.hh" -#include "thread-pool.hh" +#include "nix/signals.hh" +#include "nix/command.hh" +#include "nix/shared.hh" +#include "nix/store-api.hh" +#include "nix/thread-pool.hh" #include diff --git a/src/nix/store-copy-log.cc b/src/nix/store-copy-log.cc index a6e8aeff7cb..7dde15dfa43 100644 --- a/src/nix/store-copy-log.cc +++ b/src/nix/store-copy-log.cc @@ -1,10 +1,10 @@ -#include "command.hh" -#include "shared.hh" -#include "store-api.hh" -#include "store-cast.hh" -#include "log-store.hh" -#include "sync.hh" -#include "thread-pool.hh" +#include "nix/command.hh" +#include "nix/shared.hh" +#include "nix/store-api.hh" +#include "nix/store-cast.hh" +#include "nix/log-store.hh" +#include "nix/sync.hh" +#include "nix/thread-pool.hh" #include diff --git a/src/nix/store-delete.cc b/src/nix/store-delete.cc index 6719227dfe7..3d73b7b9a2a 100644 --- a/src/nix/store-delete.cc +++ b/src/nix/store-delete.cc @@ -1,9 +1,9 @@ -#include "command.hh" -#include "common-args.hh" -#include "shared.hh" -#include "store-api.hh" -#include "store-cast.hh" -#include "gc-store.hh" +#include "nix/command.hh" +#include "nix/common-args.hh" +#include "nix/shared.hh" +#include "nix/store-api.hh" +#include "nix/store-cast.hh" +#include "nix/gc-store.hh" using namespace nix; diff --git a/src/nix/store-gc.cc b/src/nix/store-gc.cc index 8b9b5d1642a..a8ea3f2fa0f 100644 --- a/src/nix/store-gc.cc +++ b/src/nix/store-gc.cc @@ -1,9 +1,9 @@ -#include "command.hh" -#include "common-args.hh" -#include "shared.hh" -#include "store-api.hh" -#include "store-cast.hh" -#include "gc-store.hh" +#include "nix/command.hh" +#include "nix/common-args.hh" +#include "nix/shared.hh" +#include "nix/store-api.hh" +#include "nix/store-cast.hh" +#include "nix/gc-store.hh" using namespace nix; diff --git a/src/nix/store-info.cc b/src/nix/store-info.cc index a7c59576146..656be0d41c3 100644 --- a/src/nix/store-info.cc +++ b/src/nix/store-info.cc @@ -1,7 +1,7 @@ -#include "command.hh" -#include "shared.hh" -#include "store-api.hh" -#include "finally.hh" +#include "nix/command.hh" +#include "nix/shared.hh" +#include "nix/store-api.hh" +#include "nix/finally.hh" #include diff --git a/src/nix/store-repair.cc b/src/nix/store-repair.cc index 895e3968507..cd63a836a1a 100644 --- a/src/nix/store-repair.cc +++ b/src/nix/store-repair.cc @@ -1,5 +1,5 @@ -#include "command.hh" -#include "store-api.hh" +#include "nix/command.hh" +#include "nix/store-api.hh" using namespace nix; diff --git a/src/nix/store.cc b/src/nix/store.cc index 79b41e0965e..ccf02c22e1d 100644 --- a/src/nix/store.cc +++ b/src/nix/store.cc @@ -1,4 +1,4 @@ -#include "command.hh" +#include "nix/command.hh" using namespace nix; diff --git a/src/nix/unix/daemon.cc b/src/nix/unix/daemon.cc index fd572ce3030..5da068a7007 100644 --- a/src/nix/unix/daemon.cc +++ b/src/nix/unix/daemon.cc @@ -1,20 +1,20 @@ ///@file -#include "signals.hh" -#include "unix-domain-socket.hh" -#include "command.hh" -#include "shared.hh" -#include "local-store.hh" -#include "remote-store.hh" -#include "remote-store-connection.hh" -#include "serialise.hh" -#include "archive.hh" -#include "globals.hh" -#include "config-global.hh" -#include "derivations.hh" -#include "finally.hh" -#include "legacy.hh" -#include "daemon.hh" +#include "nix/signals.hh" +#include "nix/unix-domain-socket.hh" +#include "nix/command.hh" +#include "nix/shared.hh" +#include "nix/local-store.hh" +#include "nix/remote-store.hh" +#include "nix/remote-store-connection.hh" +#include "nix/serialise.hh" +#include "nix/archive.hh" +#include "nix/globals.hh" +#include "nix/config-global.hh" +#include "nix/derivations.hh" +#include "nix/finally.hh" +#include "nix/legacy.hh" +#include "nix/daemon.hh" #include "man-pages.hh" #include @@ -35,7 +35,7 @@ #include #if __linux__ -#include "cgroup.hh" +#include "nix/cgroup.hh" #endif #if __APPLE__ || __FreeBSD__ diff --git a/src/nix/upgrade-nix.cc b/src/nix/upgrade-nix.cc index 398e533ce48..2852858569d 100644 --- a/src/nix/upgrade-nix.cc +++ b/src/nix/upgrade-nix.cc @@ -1,13 +1,13 @@ -#include "processes.hh" -#include "command.hh" -#include "common-args.hh" -#include "store-api.hh" -#include "filetransfer.hh" -#include "eval.hh" -#include "eval-settings.hh" -#include "attr-path.hh" -#include "names.hh" -#include "executable-path.hh" +#include "nix/processes.hh" +#include "nix/command.hh" +#include "nix/common-args.hh" +#include "nix/store-api.hh" +#include "nix/filetransfer.hh" +#include "nix/eval.hh" +#include "nix/eval-settings.hh" +#include "nix/attr-path.hh" +#include "nix/names.hh" +#include "nix/executable-path.hh" #include "self-exe.hh" using namespace nix; diff --git a/src/nix/verify.cc b/src/nix/verify.cc index 52585fe08d5..0adfec89527 100644 --- a/src/nix/verify.cc +++ b/src/nix/verify.cc @@ -1,13 +1,13 @@ -#include "command.hh" -#include "shared.hh" -#include "store-api.hh" -#include "thread-pool.hh" -#include "signals.hh" -#include "keys.hh" +#include "nix/command.hh" +#include "nix/shared.hh" +#include "nix/store-api.hh" +#include "nix/thread-pool.hh" +#include "nix/signals.hh" +#include "nix/keys.hh" #include -#include "exit.hh" +#include "nix/exit.hh" using namespace nix; diff --git a/src/nix/why-depends.cc b/src/nix/why-depends.cc index ae5c45ae3e9..fe8f3ecc37c 100644 --- a/src/nix/why-depends.cc +++ b/src/nix/why-depends.cc @@ -1,7 +1,7 @@ -#include "command.hh" -#include "store-api.hh" -#include "source-accessor.hh" -#include "shared.hh" +#include "nix/command.hh" +#include "nix/store-api.hh" +#include "nix/source-accessor.hh" +#include "nix/shared.hh" #include diff --git a/src/perl/lib/Nix/Store.xs b/src/perl/lib/Nix/Store.xs index cfc3ac034a3..f368a2e42ca 100644 --- a/src/perl/lib/Nix/Store.xs +++ b/src/perl/lib/Nix/Store.xs @@ -1,5 +1,5 @@ -#include "config-util.hh" -#include "config-store.hh" +#include "nix/config-util.hh" +#include "nix/config-store.hh" #include "EXTERN.h" #include "perl.h" @@ -9,11 +9,11 @@ #undef do_open #undef do_close -#include "derivations.hh" -#include "realisation.hh" -#include "globals.hh" -#include "store-api.hh" -#include "posix-source-accessor.hh" +#include "nix/derivations.hh" +#include "nix/realisation.hh" +#include "nix/globals.hh" +#include "nix/store-api.hh" +#include "nix/posix-source-accessor.hh" #include #include diff --git a/tests/functional/plugins/meson.build b/tests/functional/plugins/meson.build index 13acdbbc574..cee43f0b575 100644 --- a/tests/functional/plugins/meson.build +++ b/tests/functional/plugins/meson.build @@ -4,9 +4,9 @@ libplugintest = shared_module( cpp_args : [ # TODO(Qyriad): Yes this is how the autoconf+Make system did it. # It would be nice for our headers to be idempotent instead. - '-include', 'config-util.hh', - '-include', 'config-store.hh', - '-include', 'config-expr.hh', + '-include', 'nix/config-util.hh', + '-include', 'nix/config-store.hh', + '-include', 'nix/config-expr.hh', ], dependencies : [ dependency('nix-expr'), diff --git a/tests/functional/plugins/plugintest.cc b/tests/functional/plugins/plugintest.cc index 7433ad19008..e3343bcbc2d 100644 --- a/tests/functional/plugins/plugintest.cc +++ b/tests/functional/plugins/plugintest.cc @@ -1,5 +1,5 @@ -#include "config-global.hh" -#include "primops.hh" +#include "nix/config-global.hh" +#include "nix/primops.hh" using namespace nix; diff --git a/tests/functional/test-libstoreconsumer/main.cc b/tests/functional/test-libstoreconsumer/main.cc index c61489af69a..7cb0da944c1 100644 --- a/tests/functional/test-libstoreconsumer/main.cc +++ b/tests/functional/test-libstoreconsumer/main.cc @@ -1,6 +1,6 @@ -#include "globals.hh" -#include "store-api.hh" -#include "build-result.hh" +#include "nix/globals.hh" +#include "nix/store-api.hh" +#include "nix/build-result.hh" #include using namespace nix; diff --git a/tests/functional/test-libstoreconsumer/meson.build b/tests/functional/test-libstoreconsumer/meson.build index 7076127f70a..13a7f6d6f9b 100644 --- a/tests/functional/test-libstoreconsumer/meson.build +++ b/tests/functional/test-libstoreconsumer/meson.build @@ -4,8 +4,8 @@ libstoreconsumer_tester = executable( cpp_args : [ # TODO(Qyriad): Yes this is how the autoconf+Make system did it. # It would be nice for our headers to be idempotent instead. - '-include', 'config-util.hh', - '-include', 'config-store.hh', + '-include', 'nix/config-util.hh', + '-include', 'nix/config-store.hh', ], dependencies : [ dependency('nix-store'), From 0fe8358396a8d9fea7067edc3293559ac0d2252c Mon Sep 17 00:00:00 2001 From: John Ericson Date: Wed, 26 Mar 2025 23:36:08 -0400 Subject: [PATCH 376/815] Create script to symlink headers to old location See comments on the script; this is supposed to avoid breaking muscle memory without complicating the build system (which proved harder than I thought too) or not doing the header hygiene change at all. link-headers: use pathlib consistenly and fix type errors (cherry picked from commit c6a176be62737ccc481d972891a73fd5829d633d) --- maintainers/link-headers | 83 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 83 insertions(+) create mode 100755 maintainers/link-headers diff --git a/maintainers/link-headers b/maintainers/link-headers new file mode 100755 index 00000000000..2457a2dc829 --- /dev/null +++ b/maintainers/link-headers @@ -0,0 +1,83 @@ +#!/usr/bin/env python3 + +# This script must be run from the root of the Nix repository. +# +# For include path hygiene, we need to put headers in a separate +# directory than sources. But during development, it is nice to paths +# that are similar for headers and source files, e.g. +# `foo/bar/baz.{cc,hh}`, e.g. for less typing when opening one file, and +# then opening the other file. +# +# This script symlinks the headers next to the source files to +# facilitate such a development workflows. It also updates +# `.git/info/exclude` so that the symlinks are not accidentally committed +# by mistake. + +from pathlib import Path +import subprocess +import os + + +def main() -> None: + # Path to the source directory + GIT_TOPLEVEL = Path( + subprocess.run( + ["git", "rev-parse", "--show-toplevel"], + text=True, + stdout=subprocess.PIPE, + check=True, + ).stdout.strip() + ) + + # Get header files from git + result = subprocess.run( + ["git", "-C", str(GIT_TOPLEVEL), "ls-files", "*/include/nix/**.hh"], + text=True, + stdout=subprocess.PIPE, + check=True, + ) + header_files = result.stdout.strip().split("\n") + header_files.sort() + + links = [] + for file_str in header_files: + project_str, header_str = file_str.split("/include/nix/", 1) + project = Path(project_str) + header = Path(header_str) + + # Reconstruct the full path (relative to SRC_DIR) to the header file. + file = project / "include" / "nix" / header + + # The symlink should be created at "project/header", i.e. next to the project's sources. + link = project / header + + # Compute a relative path from the symlink's parent directory to the actual header file. + relative_source = os.path.relpath( + GIT_TOPLEVEL / file, GIT_TOPLEVEL / link.parent + ) + + # Create the symbolic link. + full_link_path = GIT_TOPLEVEL / link + full_link_path.parent.mkdir(parents=True, exist_ok=True) + if full_link_path.is_symlink(): + full_link_path.unlink() + full_link_path.symlink_to(relative_source) + links.append(link) + + # Generate .gitignore file + gitignore_path = GIT_TOPLEVEL / ".git" / "info" / "exclude" + gitignore_path.parent.mkdir(parents=True, exist_ok=True) + with gitignore_path.open("w") as gitignore: + gitignore.write("# DO NOT EDIT! Autogenerated\n") + gitignore.write( + "# Symlinks for headers to be next to sources for development\n" + ) + gitignore.write('# Run "maintainers/link-headers" to regenerate\n\n') + gitignore.write('# Run "maintainers/link-headers" to regenerate\n\n') + + for link in links: + gitignore.write(f"/{link}\n") + + +if __name__ == "__main__": + main() From 410ea6f7cf4729941cdae46eb31c8dd64f8ab8d3 Mon Sep 17 00:00:00 2001 From: Thomas Miedema Date: Sat, 29 Mar 2025 20:13:21 +0100 Subject: [PATCH 377/815] nix-daemon: source nix-profile-daemon.sh only once On my system (Ubuntu 24.04 with nix installed using https://zero-to-nix.com/), I noticed that my PATH contained multiple times the following entries: /home/thomas/.nix-profile/bin /nix/var/nix/profiles/default/bin Fix it by inserting a missing `export`, to make sure `nix-daemon.sh` is really only executed once. (cherry picked from commit 2b4e3fa1443c8d56ead43865adf037efa92c3fd7) --- scripts/nix-profile-daemon.sh.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/nix-profile-daemon.sh.in b/scripts/nix-profile-daemon.sh.in index 59c00d49191..ed74c242a82 100644 --- a/scripts/nix-profile-daemon.sh.in +++ b/scripts/nix-profile-daemon.sh.in @@ -1,7 +1,7 @@ # Only execute this file once per shell. # This file is tested by tests/installer/default.nix. if [ -n "${__ETC_PROFILE_NIX_SOURCED:-}" ]; then return; fi -__ETC_PROFILE_NIX_SOURCED=1 +export __ETC_PROFILE_NIX_SOURCED=1 NIX_LINK=$HOME/.nix-profile if [ -n "${XDG_STATE_HOME-}" ]; then From 5506428e679e9402fa835ba74c5d97e0f3dbcbdb Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 20 Feb 2025 01:42:29 +0100 Subject: [PATCH 378/815] Set path display for substituted inputs --- src/libfetchers/fetchers.cc | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/libfetchers/fetchers.cc b/src/libfetchers/fetchers.cc index abf021554e7..de1885db9ed 100644 --- a/src/libfetchers/fetchers.cc +++ b/src/libfetchers/fetchers.cc @@ -323,6 +323,8 @@ std::pair, Input> Input::getAccessorUnchecked(ref sto accessor->fingerprint = getFingerprint(store); + accessor->setPathDisplay("«" + to_string() + "»"); + return {accessor, *this}; } catch (Error & e) { debug("substitution of input '%s' failed: %s", to_string(), e.what()); From b28bc7ae6471e22354ebdfa3b32765b743cae6b6 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 20 Feb 2025 01:09:49 +0100 Subject: [PATCH 379/815] Make rootFS's showPath() render the paths from the original accessors This makes paths in error messages behave similar to lazy-trees, e.g. instead of store paths like error: attribute 'foobar' missing at /nix/store/ddzfiipzqlrh3gnprmqbadnsnrxsmc9i-source/machine/configuration.nix:209:7: 208| 209| pkgs.foobar | ^ 210| ]; you now get error: attribute 'foobar' missing at /home/eelco/Misc/eelco-configurations/machine/configuration.nix:209:7: 208| 209| pkgs.foobar | ^ 210| ]; --- src/libexpr/eval.cc | 32 +++++++++++++ src/libexpr/eval.hh | 10 ++++ src/libexpr/primops/fetchMercurial.cc | 2 +- src/libexpr/primops/fetchTree.cc | 4 +- src/libfetchers/fetchers.cc | 32 ++++++------- src/libfetchers/fetchers.hh | 2 +- src/libflake/flake/flake.cc | 2 + src/libutil/forwarding-source-accessor.hh | 57 +++++++++++++++++++++++ src/libutil/meson.build | 1 + src/nix/flake.cc | 2 +- 10 files changed, 122 insertions(+), 22 deletions(-) create mode 100644 src/libutil/forwarding-source-accessor.hh diff --git a/src/libexpr/eval.cc b/src/libexpr/eval.cc index 4e15175ac2d..fcfee2d293c 100644 --- a/src/libexpr/eval.cc +++ b/src/libexpr/eval.cc @@ -14,6 +14,7 @@ #include "profiles.hh" #include "print.hh" #include "filtering-source-accessor.hh" +#include "forwarding-source-accessor.hh" #include "memory-source-accessor.hh" #include "gc-small-vector.hh" #include "url.hh" @@ -180,6 +181,34 @@ static Symbol getName(const AttrName & name, EvalState & state, Env & env) } } +struct PathDisplaySourceAccessor : ForwardingSourceAccessor +{ + ref storePathAccessors; + + PathDisplaySourceAccessor( + ref next, + ref storePathAccessors) + : ForwardingSourceAccessor(next) + , storePathAccessors(storePathAccessors) + { + } + + std::string showPath(const CanonPath & path) override + { + /* Find the accessor that produced `path`, if any, and use it + to render a more informative path + (e.g. `«github:foo/bar»/flake.nix` rather than + `/nix/store/hash.../flake.nix`). */ + auto ub = storePathAccessors->upper_bound(path); + if (ub != storePathAccessors->begin()) + ub--; + if (ub != storePathAccessors->end() && path.isWithin(ub->first)) + return ub->second->showPath(path.removePrefix(ub->first)); + else + return next->showPath(path); + } +}; + static constexpr size_t BASE_ENV_SIZE = 128; EvalState::EvalState( @@ -245,6 +274,7 @@ EvalState::EvalState( } , repair(NoRepair) , emptyBindings(0) + , storePathAccessors(make_ref()) , rootFS( ({ /* In pure eval mode, we provide a filesystem that only @@ -270,6 +300,8 @@ EvalState::EvalState( : makeUnionSourceAccessor({accessor, storeFS}); } + accessor = make_ref(accessor, storePathAccessors); + /* Apply access control if needed. */ if (settings.restrictEval || settings.pureEval) accessor = AllowListSourceAccessor::create(accessor, {}, diff --git a/src/libexpr/eval.hh b/src/libexpr/eval.hh index eb6f667a253..3797c40a43c 100644 --- a/src/libexpr/eval.hh +++ b/src/libexpr/eval.hh @@ -262,6 +262,16 @@ public: /** `"unknown"` */ Value vStringUnknown; + using StorePathAccessors = std::map>; + + /** + * A map back to the original `SourceAccessor`s used to produce + * store paths. We keep track of this to produce error messages + * that refer to the original flakerefs. + * FIXME: use Sync. + */ + ref storePathAccessors; + /** * The accessor for the root filesystem. */ diff --git a/src/libexpr/primops/fetchMercurial.cc b/src/libexpr/primops/fetchMercurial.cc index 64e3abf2db4..96800d9efa9 100644 --- a/src/libexpr/primops/fetchMercurial.cc +++ b/src/libexpr/primops/fetchMercurial.cc @@ -64,7 +64,7 @@ static void prim_fetchMercurial(EvalState & state, const PosIdx pos, Value * * a if (rev) attrs.insert_or_assign("rev", rev->gitRev()); auto input = fetchers::Input::fromAttrs(state.fetchSettings, std::move(attrs)); - auto [storePath, input2] = input.fetchToStore(state.store); + auto [storePath, accessor, input2] = input.fetchToStore(state.store); auto attrs2 = state.buildBindings(8); state.mkStorePathString(storePath, attrs2.alloc(state.sOutPath)); diff --git a/src/libexpr/primops/fetchTree.cc b/src/libexpr/primops/fetchTree.cc index 0c82c82bfab..8bbc435e440 100644 --- a/src/libexpr/primops/fetchTree.cc +++ b/src/libexpr/primops/fetchTree.cc @@ -200,10 +200,12 @@ static void fetchTree( throw Error("input '%s' is not allowed to use the '__final' attribute", input.to_string()); } - auto [storePath, input2] = input.fetchToStore(state.store); + auto [storePath, accessor, input2] = input.fetchToStore(state.store); state.allowPath(storePath); + state.storePathAccessors->insert_or_assign(CanonPath(state.store->printStorePath(storePath)), accessor); + emitTreeAttrs(state, storePath, input2, v, params.emptyRevFallback, false); } diff --git a/src/libfetchers/fetchers.cc b/src/libfetchers/fetchers.cc index de1885db9ed..67728501e6e 100644 --- a/src/libfetchers/fetchers.cc +++ b/src/libfetchers/fetchers.cc @@ -187,34 +187,30 @@ bool Input::contains(const Input & other) const } // FIXME: remove -std::pair Input::fetchToStore(ref store) const +std::tuple, Input> Input::fetchToStore(ref store) const { if (!scheme) throw Error("cannot fetch unsupported input '%s'", attrsToJSON(toAttrs())); - auto [storePath, input] = [&]() -> std::pair { - try { - auto [accessor, result] = getAccessorUnchecked(store); - - auto storePath = nix::fetchToStore(*store, SourcePath(accessor), FetchMode::Copy, result.getName()); + try { + auto [accessor, result] = getAccessorUnchecked(store); - auto narHash = store->queryPathInfo(storePath)->narHash; - result.attrs.insert_or_assign("narHash", narHash.to_string(HashFormat::SRI, true)); + auto storePath = nix::fetchToStore(*store, SourcePath(accessor), FetchMode::Copy, result.getName()); - result.attrs.insert_or_assign("__final", Explicit(true)); + auto narHash = store->queryPathInfo(storePath)->narHash; + result.attrs.insert_or_assign("narHash", narHash.to_string(HashFormat::SRI, true)); - assert(result.isFinal()); + result.attrs.insert_or_assign("__final", Explicit(true)); - checkLocks(*this, result); + assert(result.isFinal()); - return {storePath, result}; - } catch (Error & e) { - e.addTrace({}, "while fetching the input '%s'", to_string()); - throw; - } - }(); + checkLocks(*this, result); - return {std::move(storePath), input}; + return {std::move(storePath), accessor, result}; + } catch (Error & e) { + e.addTrace({}, "while fetching the input '%s'", to_string()); + throw; + } } void Input::checkLocks(Input specified, Input & result) diff --git a/src/libfetchers/fetchers.hh b/src/libfetchers/fetchers.hh index 01354a6e38d..798d60177f0 100644 --- a/src/libfetchers/fetchers.hh +++ b/src/libfetchers/fetchers.hh @@ -121,7 +121,7 @@ public: * Fetch the entire input into the Nix store, returning the * location in the Nix store and the locked input. */ - std::pair fetchToStore(ref store) const; + std::tuple, Input> fetchToStore(ref store) const; /** * Check the locking attributes in `result` against diff --git a/src/libflake/flake/flake.cc b/src/libflake/flake/flake.cc index b678d5b6450..a14b55c6ae8 100644 --- a/src/libflake/flake/flake.cc +++ b/src/libflake/flake/flake.cc @@ -92,6 +92,8 @@ static StorePath copyInputToStore( state.allowPath(storePath); + state.storePathAccessors->insert_or_assign(CanonPath(state.store->printStorePath(storePath)), accessor); + auto narHash = state.store->queryPathInfo(storePath)->narHash; input.attrs.insert_or_assign("narHash", narHash.to_string(HashFormat::SRI, true)); diff --git a/src/libutil/forwarding-source-accessor.hh b/src/libutil/forwarding-source-accessor.hh new file mode 100644 index 00000000000..bdba2addcb0 --- /dev/null +++ b/src/libutil/forwarding-source-accessor.hh @@ -0,0 +1,57 @@ +#pragma once + +#include "source-accessor.hh" + +namespace nix { + +/** + * A source accessor that just forwards every operation to another + * accessor. This is not useful in itself but can be used as a + * superclass for accessors that do change some operations. + */ +struct ForwardingSourceAccessor : SourceAccessor +{ + ref next; + + ForwardingSourceAccessor(ref next) + : next(next) + { + } + + std::string readFile(const CanonPath & path) override + { + return next->readFile(path); + } + + void readFile(const CanonPath & path, Sink & sink, std::function sizeCallback) override + { + next->readFile(path, sink, sizeCallback); + } + + std::optional maybeLstat(const CanonPath & path) override + { + return next->maybeLstat(path); + } + + DirEntries readDirectory(const CanonPath & path) override + { + return next->readDirectory(path); + } + + std::string readLink(const CanonPath & path) override + { + return next->readLink(path); + } + + std::string showPath(const CanonPath & path) override + { + return next->showPath(path); + } + + std::optional getPhysicalPath(const CanonPath & path) override + { + return next->getPhysicalPath(path); + } +}; + +} diff --git a/src/libutil/meson.build b/src/libutil/meson.build index ab8f8f4db74..b2bc0b4ec60 100644 --- a/src/libutil/meson.build +++ b/src/libutil/meson.build @@ -215,6 +215,7 @@ headers = [config_h] + files( 'file-system.hh', 'finally.hh', 'fmt.hh', + 'forwarding-source-accessor.hh', 'fs-sink.hh', 'git.hh', 'hash.hh', diff --git a/src/nix/flake.cc b/src/nix/flake.cc index cbd412547cf..9ffe65b0694 100644 --- a/src/nix/flake.cc +++ b/src/nix/flake.cc @@ -1095,7 +1095,7 @@ struct CmdFlakeArchive : FlakeCommand, MixJSON, MixDryRun storePath = dryRun ? (*inputNode)->lockedRef.input.computeStorePath(*store) - : (*inputNode)->lockedRef.input.fetchToStore(store).first; + : std::get<0>((*inputNode)->lockedRef.input.fetchToStore(store)); sources.insert(*storePath); } if (json) { From 3f0a8241fcf0bd66a169cd845410e6a0a1d25b70 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Tue, 1 Apr 2025 13:58:08 +0200 Subject: [PATCH 380/815] Fix path display of empty Git repos --- src/libfetchers/git-utils.cc | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/src/libfetchers/git-utils.cc b/src/libfetchers/git-utils.cc index a2761a543ee..6b9d1bce614 100644 --- a/src/libfetchers/git-utils.cc +++ b/src/libfetchers/git-utils.cc @@ -1221,15 +1221,18 @@ ref GitRepoImpl::getAccessor(const WorkdirInfo & wd, bool export since that would allow access to all its children). */ ref fileAccessor = wd.files.empty() - ? makeEmptySourceAccessor() + ? ({ + auto empty = makeEmptySourceAccessor(); + empty->setPathDisplay(path.string()); + empty; + }) : AllowListSourceAccessor::create( makeFSSourceAccessor(path), std::set { wd.files }, std::move(makeNotAllowedError)).cast(); if (exportIgnore) - return make_ref(self, fileAccessor, std::nullopt); - else - return fileAccessor; + fileAccessor = make_ref(self, fileAccessor, std::nullopt); + return fileAccessor; } ref GitRepoImpl::getFileSystemObjectSink() From b2038f120cf106984853bbfd2af5ff4cb7ca0943 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Tue, 1 Apr 2025 13:58:56 +0200 Subject: [PATCH 381/815] Add test for source path display --- tests/functional/flakes/meson.build | 3 ++- tests/functional/flakes/source-paths.sh | 30 +++++++++++++++++++++++++ 2 files changed, 32 insertions(+), 1 deletion(-) create mode 100644 tests/functional/flakes/source-paths.sh diff --git a/tests/functional/flakes/meson.build b/tests/functional/flakes/meson.build index 74ff3d91d80..b8c650db403 100644 --- a/tests/functional/flakes/meson.build +++ b/tests/functional/flakes/meson.build @@ -29,7 +29,8 @@ suites += { 'non-flake-inputs.sh', 'relative-paths.sh', 'symlink-paths.sh', - 'debugger.sh' + 'debugger.sh', + 'source-paths.sh', ], 'workdir': meson.current_source_dir(), } diff --git a/tests/functional/flakes/source-paths.sh b/tests/functional/flakes/source-paths.sh new file mode 100644 index 00000000000..a3ebf4e3aac --- /dev/null +++ b/tests/functional/flakes/source-paths.sh @@ -0,0 +1,30 @@ +#!/usr/bin/env bash + +source ./common.sh + +requireGit + +repo=$TEST_ROOT/repo + +createGitRepo "$repo" + +cat > "$repo/flake.nix" < Date: Mon, 31 Mar 2025 21:35:15 -0400 Subject: [PATCH 382/815] Improve and fix the error message when a file is not tracked by Git --- src/libfetchers/git.cc | 20 +++++++++++++++----- 1 file changed, 15 insertions(+), 5 deletions(-) diff --git a/src/libfetchers/git.cc b/src/libfetchers/git.cc index f46334d3074..5684583cdc5 100644 --- a/src/libfetchers/git.cc +++ b/src/libfetchers/git.cc @@ -534,11 +534,21 @@ struct GitInputScheme : InputScheme static MakeNotAllowedError makeNotAllowedError(std::string url) { - return [url{std::move(url)}](const CanonPath & path) -> RestrictedPathError - { - if (nix::pathExists(path.abs())) - return RestrictedPathError("access to path '%s' is forbidden because it is not under Git control; maybe you should 'git add' it to the repository '%s'?", path, url); - else + return [url{std::move(url)}](const CanonPath & path) -> RestrictedPathError { + if (nix::pathExists(url + "/" + path.abs())) { + auto relativePath = path.rel(); // .makeRelative(CanonPath("/")); + + return RestrictedPathError( + "'%s' is not tracked by Git.\n" + "\n" + "To use '%s', stage it in the Git repository at '%s':\n" + "\n" + "git add %s", + relativePath, + relativePath, + url, + relativePath); + } else return RestrictedPathError("path '%s' does not exist in Git repository '%s'", path, url); }; } From 6a1a3fa1cbb03200ffe9e0d20f1795a26cb65751 Mon Sep 17 00:00:00 2001 From: John Ericson Date: Fri, 28 Mar 2025 13:24:50 -0400 Subject: [PATCH 383/815] Cleanup config headers There are two big changes: 1. Public and private config is now separated. Configuration variables that are only used internally do not go in a header which is installed. (Additionally, libutil has a unix-specific private config header, which should only be used in unix-specific code. This keeps things a bit more organized, in a purely private implementation-internal way.) 2. Secondly, there is no more `-include`. There are very few config items that need to be publically exposed, so now it is feasible to just make the headers that need them just including the (public) configuration header. And there are also a few more small cleanups on top of those: - The configuration files have better names. - The few CPP variables that remain exposed in the public headers are now also renamed to always start with `NIX_`. This ensures they should not conflict with variables defined elsewhere. - We now always use `#if` and not `#ifdef`/`#ifndef` for our configuration variables, which helps avoid bugs by requiring that variables must be defined in all cases. (cherry picked from commit c204e307acc60b9a50115f22882473fc45972650) --- src/libcmd/meson.build | 23 +++---- src/libcmd/repl-interacter.cc | 10 +-- src/libexpr-c/meson.build | 12 ---- src/libexpr-c/nix_api_expr.cc | 6 +- src/libexpr-c/nix_api_external.cc | 2 +- src/libexpr-c/nix_api_value.cc | 10 +-- src/libexpr-test-support/meson.build | 9 --- src/libexpr-tests/meson.build | 14 ++--- src/libexpr-tests/nix_api_expr.cc | 2 + src/libexpr/eval-gc.cc | 8 ++- src/libexpr/eval.cc | 12 ++-- src/libexpr/include/nix/eval-gc.hh | 7 ++- src/libexpr/include/nix/eval-inline.hh | 9 ++- src/libexpr/include/nix/eval.hh | 7 ++- src/libexpr/include/nix/meson.build | 8 +-- src/libexpr/meson.build | 33 ++++++---- src/libfetchers-tests/meson.build | 9 --- src/libfetchers/meson.build | 9 --- src/libflake-c/meson.build | 14 ----- src/libflake-tests/meson.build | 9 --- src/libflake/meson.build | 10 --- src/libmain-c/meson.build | 11 ---- src/libmain/include/nix/meson.build | 7 +-- src/libmain/meson.build | 12 ++-- src/libmain/shared.cc | 4 +- src/libstore-c/meson.build | 11 ---- src/libstore-test-support/meson.build | 8 --- src/libstore-tests/meson.build | 17 ++--- src/libstore-tests/nix_api_store.cc | 2 + src/libstore/gc.cc | 2 + src/libstore/globals.cc | 8 ++- src/libstore/include/nix/globals.hh | 14 +++-- src/libstore/include/nix/meson.build | 8 +-- .../linux/include/nix/fchmodat2-compat.hh | 2 + src/libstore/linux/personality.cc | 2 +- src/libstore/local-store.cc | 2 + src/libstore/meson.build | 48 ++++++++------ src/libstore/posix-fs-canonicalise.cc | 13 ++-- .../unix/build/local-derivation-goal.cc | 5 +- src/libutil-c/meson.build | 14 +---- src/libutil-test-support/meson.build | 7 --- src/libutil-tests/meson.build | 11 +--- src/libutil-tests/nix_api_util.cc | 2 + src/libutil/compute-levels.cc | 2 + src/libutil/file-system.cc | 58 +---------------- src/libutil/fs-sink.cc | 2 + src/libutil/include/nix/meson.build | 7 +-- src/libutil/meson.build | 44 ++++--------- src/libutil/unix/file-descriptor.cc | 3 + src/libutil/unix/file-system.cc | 62 +++++++++++++++++++ src/libutil/unix/meson.build | 50 +++++++++++++++ src/libutil/unix/processes.cc | 3 + src/libutil/windows/file-system.cc | 15 +++++ src/nix/main.cc | 1 + src/nix/meson.build | 16 +---- src/nix/self-exe.cc | 2 + src/perl/lib/Nix/Store.xs | 3 - tests/functional/plugins/meson.build | 7 --- .../test-libstoreconsumer/meson.build | 6 -- 59 files changed, 331 insertions(+), 383 deletions(-) diff --git a/src/libcmd/meson.build b/src/libcmd/meson.build index 727f4e14d35..07747e0a316 100644 --- a/src/libcmd/meson.build +++ b/src/libcmd/meson.build @@ -44,29 +44,20 @@ if readline_flavor == 'editline' elif readline_flavor == 'readline' readline = dependency('readline') deps_private += readline - configdata.set( - 'USE_READLINE', - 1, - description: 'Use readline instead of editline', - ) else error('illegal editline flavor', readline_flavor) endif +configdata.set( + 'USE_READLINE', + (readline_flavor == 'readline').to_int(), + description: 'Use readline instead of editline', +) -config_h = configure_file( +config_priv_h = configure_file( configuration : configdata, output : 'cmd-config-private.hh', ) -add_project_arguments( - # TODO(Qyriad): Yes this is how the autoconf+Make system did it. - # It would be nice for our headers to be idempotent instead. - '-include', 'nix/config-util.hh', - '-include', 'nix/config-store.hh', - '-include', 'nix/config-expr.hh', - language : 'cpp', -) - subdir('nix-meson-build-support/common') sources = files( @@ -96,7 +87,7 @@ subdir('nix-meson-build-support/windows-version') this_library = library( 'nixcmd', sources, - config_h, + config_priv_h, dependencies : deps_public + deps_private + deps_other, include_directories : include_dirs, link_args: linker_export_flags, diff --git a/src/libcmd/repl-interacter.cc b/src/libcmd/repl-interacter.cc index 773e111b297..093cc2b29b5 100644 --- a/src/libcmd/repl-interacter.cc +++ b/src/libcmd/repl-interacter.cc @@ -2,7 +2,7 @@ #include -#ifdef USE_READLINE +#if USE_READLINE #include #include #else @@ -37,7 +37,7 @@ void sigintHandler(int signo) static detail::ReplCompleterMixin * curRepl; // ugly -#ifndef USE_READLINE +#if !USE_READLINE static char * completionCallback(char * s, int * match) { auto possible = curRepl->completePrefix(s); @@ -115,14 +115,14 @@ ReadlineLikeInteracter::Guard ReadlineLikeInteracter::init(detail::ReplCompleter } catch (SystemError & e) { logWarning(e.info()); } -#ifndef USE_READLINE +#if !USE_READLINE el_hist_size = 1000; #endif read_history(historyFile.c_str()); auto oldRepl = curRepl; curRepl = repl; Guard restoreRepl([oldRepl] { curRepl = oldRepl; }); -#ifndef USE_READLINE +#if !USE_READLINE rl_set_complete_func(completionCallback); rl_set_list_possib_func(listPossibleCallback); #endif @@ -185,7 +185,7 @@ bool ReadlineLikeInteracter::getLine(std::string & input, ReplPromptType promptT // quite useful for reading the test output, so we add it here. if (auto e = getEnv("_NIX_TEST_REPL_ECHO"); s && e && *e == "1") { -#ifndef USE_READLINE +#if !USE_READLINE // This is probably not right for multi-line input, but we don't use that // in the characterisation tests, so it's fine. std::cout << promptForType(promptType) << s << std::endl; diff --git a/src/libexpr-c/meson.build b/src/libexpr-c/meson.build index 8b00b8d70b0..7c11ca9cbc2 100644 --- a/src/libexpr-c/meson.build +++ b/src/libexpr-c/meson.build @@ -25,18 +25,6 @@ deps_public_maybe_subproject = [ ] subdir('nix-meson-build-support/subprojects') -add_project_arguments( - # TODO(Qyriad): Yes this is how the autoconf+Make system did it. - # It would be nice for our headers to be idempotent instead. - - # From C++ libraries, only for internals - '-include', 'nix/config-util.hh', - '-include', 'nix/config-store.hh', - '-include', 'nix/config-expr.hh', - - language : 'cpp', -) - subdir('nix-meson-build-support/common') sources = files( diff --git a/src/libexpr-c/nix_api_expr.cc b/src/libexpr-c/nix_api_expr.cc index b5d2c619978..47eca4e65ca 100644 --- a/src/libexpr-c/nix_api_expr.cc +++ b/src/libexpr-c/nix_api_expr.cc @@ -15,7 +15,7 @@ #include "nix_api_util.h" #include "nix_api_util_internal.h" -#if HAVE_BOEHMGC +#if NIX_USE_BOEHMGC # include #endif @@ -207,7 +207,7 @@ void nix_state_free(EvalState * state) delete state; } -#if HAVE_BOEHMGC +#if NIX_USE_BOEHMGC std::unordered_map< const void *, unsigned int, @@ -283,7 +283,7 @@ nix_err nix_value_decref(nix_c_context * context, nix_value *x) void nix_gc_register_finalizer(void * obj, void * cd, void (*finalizer)(void * obj, void * cd)) { -#if HAVE_BOEHMGC +#if NIX_USE_BOEHMGC GC_REGISTER_FINALIZER(obj, finalizer, cd, 0, 0); #endif } diff --git a/src/libexpr-c/nix_api_external.cc b/src/libexpr-c/nix_api_external.cc index 7f4cd6a8c4d..ab124b73b17 100644 --- a/src/libexpr-c/nix_api_external.cc +++ b/src/libexpr-c/nix_api_external.cc @@ -168,7 +168,7 @@ ExternalValue * nix_create_external_value(nix_c_context * context, NixCExternalV context->last_err_code = NIX_OK; try { auto ret = new -#if HAVE_BOEHMGC +#if NIX_USE_BOEHMGC (GC) #endif NixCExternalValue(*desc, v); diff --git a/src/libexpr-c/nix_api_value.cc b/src/libexpr-c/nix_api_value.cc index 3116cb59f7d..4c2fdee4209 100644 --- a/src/libexpr-c/nix_api_value.cc +++ b/src/libexpr-c/nix_api_value.cc @@ -125,7 +125,7 @@ PrimOp * nix_alloc_primop( try { using namespace std::placeholders; auto p = new -#if HAVE_BOEHMGC +#if NIX_USE_BOEHMGC (GC) #endif nix::PrimOp{ @@ -497,7 +497,7 @@ ListBuilder * nix_make_list_builder(nix_c_context * context, EvalState * state, try { auto builder = state->state.buildList(capacity); return new -#if HAVE_BOEHMGC +#if NIX_USE_BOEHMGC (NoGC) #endif ListBuilder{std::move(builder)}; @@ -519,7 +519,7 @@ nix_list_builder_insert(nix_c_context * context, ListBuilder * list_builder, uns void nix_list_builder_free(ListBuilder * list_builder) { -#if HAVE_BOEHMGC +#if NIX_USE_BOEHMGC GC_FREE(list_builder); #else delete list_builder; @@ -578,7 +578,7 @@ BindingsBuilder * nix_make_bindings_builder(nix_c_context * context, EvalState * try { auto bb = state->state.buildBindings(capacity); return new -#if HAVE_BOEHMGC +#if NIX_USE_BOEHMGC (NoGC) #endif BindingsBuilder{std::move(bb)}; @@ -600,7 +600,7 @@ nix_err nix_bindings_builder_insert(nix_c_context * context, BindingsBuilder * b void nix_bindings_builder_free(BindingsBuilder * bb) { -#if HAVE_BOEHMGC +#if NIX_USE_BOEHMGC GC_FREE((nix::BindingsBuilder *) bb); #else delete (nix::BindingsBuilder *) bb; diff --git a/src/libexpr-test-support/meson.build b/src/libexpr-test-support/meson.build index b68adb2c27d..3409dbf2095 100644 --- a/src/libexpr-test-support/meson.build +++ b/src/libexpr-test-support/meson.build @@ -29,15 +29,6 @@ subdir('nix-meson-build-support/subprojects') rapidcheck = dependency('rapidcheck') deps_public += rapidcheck -add_project_arguments( - # TODO(Qyriad): Yes this is how the autoconf+Make system did it. - # It would be nice for our headers to be idempotent instead. - '-include', 'nix/config-util.hh', - '-include', 'nix/config-store.hh', - '-include', 'nix/config-expr.hh', - language : 'cpp', -) - subdir('nix-meson-build-support/common') sources = files( diff --git a/src/libexpr-tests/meson.build b/src/libexpr-tests/meson.build index 3fc726cb2f0..f7822edfd9f 100644 --- a/src/libexpr-tests/meson.build +++ b/src/libexpr-tests/meson.build @@ -35,13 +35,12 @@ deps_private += gtest gtest = dependency('gmock') deps_private += gtest -add_project_arguments( - # TODO(Qyriad): Yes this is how the autoconf+Make system did it. - # It would be nice for our headers to be idempotent instead. - '-include', 'nix/config-util.hh', - '-include', 'nix/config-store.hh', - '-include', 'nix/config-expr.hh', - language : 'cpp', +configdata = configuration_data() +configdata.set_quoted('PACKAGE_VERSION', meson.project_version()) + +config_priv_h = configure_file( + configuration : configdata, + output : 'expr-tests-config.hh', ) subdir('nix-meson-build-support/common') @@ -69,6 +68,7 @@ include_dirs = [include_directories('.')] this_exe = executable( meson.project_name(), sources, + config_priv_h, dependencies : deps_private_subproject + deps_private + deps_other, include_directories : include_dirs, # TODO: -lrapidcheck, see ../libutil-support/build.meson diff --git a/src/libexpr-tests/nix_api_expr.cc b/src/libexpr-tests/nix_api_expr.cc index 903c7a23971..55893488f8e 100644 --- a/src/libexpr-tests/nix_api_expr.cc +++ b/src/libexpr-tests/nix_api_expr.cc @@ -12,6 +12,8 @@ #include #include +#include "expr-tests-config.hh" + namespace nixC { TEST_F(nix_api_store_test, nix_eval_state_lookup_path) diff --git a/src/libexpr/eval-gc.cc b/src/libexpr/eval-gc.cc index defa4e9d28e..1166548f625 100644 --- a/src/libexpr/eval-gc.cc +++ b/src/libexpr/eval-gc.cc @@ -5,7 +5,9 @@ #include "nix/serialise.hh" #include "nix/eval-gc.hh" -#if HAVE_BOEHMGC +#include "expr-config-private.hh" + +#if NIX_USE_BOEHMGC # include # if __FreeBSD__ @@ -24,7 +26,7 @@ namespace nix { -#if HAVE_BOEHMGC +#if NIX_USE_BOEHMGC /* Called when the Boehm GC runs out of memory. */ static void * oomHandler(size_t requested) { @@ -94,7 +96,7 @@ void initGC() if (gcInitialised) return; -#if HAVE_BOEHMGC +#if NIX_USE_BOEHMGC initGCReal(); gcCyclesAfterInit = GC_get_gc_no(); diff --git a/src/libexpr/eval.cc b/src/libexpr/eval.cc index f534cc49474..41b64a90a65 100644 --- a/src/libexpr/eval.cc +++ b/src/libexpr/eval.cc @@ -295,7 +295,7 @@ EvalState::EvalState( , debugStop(false) , trylevel(0) , regexCache(makeRegexCache()) -#if HAVE_BOEHMGC +#if NIX_USE_BOEHMGC , valueAllocCache(std::allocate_shared(traceable_allocator(), nullptr)) , env1AllocCache(std::allocate_shared(traceable_allocator(), nullptr)) , baseEnvP(std::allocate_shared(traceable_allocator(), &allocEnv(BASE_ENV_SIZE))) @@ -2812,7 +2812,7 @@ bool EvalState::eqValues(Value & v1, Value & v2, const PosIdx pos, std::string_v } bool EvalState::fullGC() { -#if HAVE_BOEHMGC +#if NIX_USE_BOEHMGC GC_gcollect(); // Check that it ran. We might replace this with a version that uses more // of the boehm API to get this reliably, at a maintenance cost. @@ -2831,7 +2831,7 @@ void EvalState::maybePrintStats() if (showStats) { // Make the final heap size more deterministic. -#if HAVE_BOEHMGC +#if NIX_USE_BOEHMGC if (!fullGC()) { warn("failed to perform a full GC before reporting stats"); } @@ -2853,7 +2853,7 @@ void EvalState::printStatistics() uint64_t bValues = nrValues * sizeof(Value); uint64_t bAttrsets = nrAttrsets * sizeof(Bindings) + nrAttrsInAttrsets * sizeof(Attr); -#if HAVE_BOEHMGC +#if NIX_USE_BOEHMGC GC_word heapSize, totalBytes; GC_get_heap_usage_safe(&heapSize, 0, 0, 0, &totalBytes); double gcFullOnlyTime = ({ @@ -2875,7 +2875,7 @@ void EvalState::printStatistics() #ifndef _WIN32 // TODO implement {"cpu", cpuTime}, #endif -#if HAVE_BOEHMGC +#if NIX_USE_BOEHMGC {GC_is_incremental_mode() ? "gcNonIncremental" : "gc", gcFullOnlyTime}, #ifndef _WIN32 // TODO implement {GC_is_incremental_mode() ? "gcNonIncrementalFraction" : "gcFraction", gcFullOnlyTime / cpuTime}, @@ -2919,7 +2919,7 @@ void EvalState::printStatistics() topObj["nrLookups"] = nrLookups; topObj["nrPrimOpCalls"] = nrPrimOpCalls; topObj["nrFunctionCalls"] = nrFunctionCalls; -#if HAVE_BOEHMGC +#if NIX_USE_BOEHMGC topObj["gc"] = { {"heapSize", heapSize}, {"totalBytes", totalBytes}, diff --git a/src/libexpr/include/nix/eval-gc.hh b/src/libexpr/include/nix/eval-gc.hh index f3b699b54a0..8f28fe0e2e0 100644 --- a/src/libexpr/include/nix/eval-gc.hh +++ b/src/libexpr/include/nix/eval-gc.hh @@ -3,7 +3,10 @@ #include -#if HAVE_BOEHMGC +// For `NIX_USE_BOEHMGC`, and if that's set, `GC_THREADS` +#include "nix/expr-config.hh" + +#if NIX_USE_BOEHMGC # define GC_INCLUDE_NEW @@ -43,7 +46,7 @@ void initGC(); */ void assertGCInitialized(); -#ifdef HAVE_BOEHMGC +#if NIX_USE_BOEHMGC /** * The number of GC cycles since initGC(). */ diff --git a/src/libexpr/include/nix/eval-inline.hh b/src/libexpr/include/nix/eval-inline.hh index c00b0600635..09a85db060c 100644 --- a/src/libexpr/include/nix/eval-inline.hh +++ b/src/libexpr/include/nix/eval-inline.hh @@ -6,6 +6,9 @@ #include "nix/eval-error.hh" #include "nix/eval-settings.hh" +// For `NIX_USE_BOEHMGC`, and if that's set, `GC_THREADS` +#include "nix/expr-config.hh" + namespace nix { /** @@ -15,7 +18,7 @@ namespace nix { inline void * allocBytes(size_t n) { void * p; -#if HAVE_BOEHMGC +#if NIX_USE_BOEHMGC p = GC_MALLOC(n); #else p = calloc(n, 1); @@ -28,7 +31,7 @@ inline void * allocBytes(size_t n) [[gnu::always_inline]] Value * EvalState::allocValue() { -#if HAVE_BOEHMGC +#if NIX_USE_BOEHMGC /* We use the boehm batch allocator to speed up allocations of Values (of which there are many). GC_malloc_many returns a linked list of objects of the given size, where the first word of each object is also the pointer to the next object in the list. This also means that we @@ -60,7 +63,7 @@ Env & EvalState::allocEnv(size_t size) Env * env; -#if HAVE_BOEHMGC +#if NIX_USE_BOEHMGC if (size == 1) { /* see allocValue for explanations. */ if (!*env1AllocCache) { diff --git a/src/libexpr/include/nix/eval.hh b/src/libexpr/include/nix/eval.hh index 42091b9ba9e..7a3ec065d24 100644 --- a/src/libexpr/include/nix/eval.hh +++ b/src/libexpr/include/nix/eval.hh @@ -16,6 +16,9 @@ #include "nix/repl-exit-status.hh" #include "nix/ref.hh" +// For `NIX_USE_BOEHMGC`, and if that's set, `GC_THREADS` +#include "nix/expr-config.hh" + #include #include #include @@ -369,7 +372,7 @@ private: */ std::shared_ptr regexCache; -#if HAVE_BOEHMGC +#if NIX_USE_BOEHMGC /** * Allocation cache for GC'd Value objects. */ @@ -596,7 +599,7 @@ public: */ SingleDerivedPath coerceToSingleDerivedPath(const PosIdx pos, Value & v, std::string_view errorCtx); -#if HAVE_BOEHMGC +#if NIX_USE_BOEHMGC /** A GC root for the baseEnv reference. */ std::shared_ptr baseEnvP; #endif diff --git a/src/libexpr/include/nix/meson.build b/src/libexpr/include/nix/meson.build index d712cc798bc..89422004a7f 100644 --- a/src/libexpr/include/nix/meson.build +++ b/src/libexpr/include/nix/meson.build @@ -2,12 +2,12 @@ include_dirs = [include_directories('..')] -config_h = configure_file( - configuration : configdata, - output : 'config-expr.hh', +config_pub_h = configure_file( + configuration : configdata_pub, + output : 'expr-config.hh', ) -headers = [config_h] + files( +headers = [config_pub_h] + files( 'attr-path.hh', 'attr-set.hh', 'eval-cache.hh', diff --git a/src/libexpr/meson.build b/src/libexpr/meson.build index 3fd4dca7f21..02873f4dbc5 100644 --- a/src/libexpr/meson.build +++ b/src/libexpr/meson.build @@ -14,7 +14,8 @@ cxx = meson.get_compiler('cpp') subdir('nix-meson-build-support/deps-lists') -configdata = configuration_data() +configdata_pub = configuration_data() +configdata_priv = configuration_data() deps_private_maybe_subproject = [ ] @@ -26,6 +27,16 @@ deps_public_maybe_subproject = [ subdir('nix-meson-build-support/subprojects') subdir('nix-meson-build-support/big-objs') +# Check for each of these functions, and create a define like `#define HAVE_LCHOWN 1`. +check_funcs = [ + 'sysconf', +] +foreach funcspec : check_funcs + define_name = 'HAVE_' + funcspec.underscorify().to_upper() + define_value = cxx.has_function(funcspec).to_int() + configdata_priv.set(define_name, define_value) +endforeach + boost = dependency( 'boost', modules : ['container', 'context'], @@ -47,11 +58,13 @@ if bdw_gc.found() ] define_name = 'HAVE_' + funcspec.underscorify().to_upper() define_value = cxx.has_function(funcspec).to_int() - configdata.set(define_name, define_value) + configdata_priv.set(define_name, define_value) endforeach - configdata.set('GC_THREADS', 1) + # Affects ABI, because it changes what bdw_gc itself does! + configdata_pub.set('GC_THREADS', 1) endif -configdata.set('HAVE_BOEHMGC', bdw_gc.found().to_int()) +# Used in public header. Affects ABI! +configdata_pub.set('NIX_USE_BOEHMGC', bdw_gc.found().to_int()) toml11 = dependency( 'toml11', @@ -61,14 +74,9 @@ toml11 = dependency( ) deps_other += toml11 -add_project_arguments( - # TODO(Qyriad): Yes this is how the autoconf+Make system did it. - # It would be nice for our headers to be idempotent instead. - '-include', 'nix/config-util.hh', - '-include', 'nix/config-store.hh', - # '-include', 'nix_api_fetchers_config.h', - '-include', 'nix/config-expr.hh', - language : 'cpp', +config_priv_h = configure_file( + configuration : configdata_priv, + output : 'expr-config-private.hh', ) subdir('nix-meson-build-support/common') @@ -158,6 +166,7 @@ subdir('nix-meson-build-support/windows-version') this_library = library( 'nixexpr', sources, + config_priv_h, parser_tab, lexer_tab, generated_headers, diff --git a/src/libfetchers-tests/meson.build b/src/libfetchers-tests/meson.build index 80f99c85994..12b748e6513 100644 --- a/src/libfetchers-tests/meson.build +++ b/src/libfetchers-tests/meson.build @@ -34,15 +34,6 @@ deps_private += gtest libgit2 = dependency('libgit2') deps_private += libgit2 -add_project_arguments( - # TODO(Qyriad): Yes this is how the autoconf+Make system did it. - # It would be nice for our headers to be idempotent instead. - '-include', 'nix/config-util.hh', - '-include', 'nix/config-store.hh', - # '-include', 'nix_api_fetchers_config.h', - language : 'cpp', -) - subdir('nix-meson-build-support/common') sources = files( diff --git a/src/libfetchers/meson.build b/src/libfetchers/meson.build index aaf52ff7444..14a2647d5c1 100644 --- a/src/libfetchers/meson.build +++ b/src/libfetchers/meson.build @@ -30,15 +30,6 @@ deps_public += nlohmann_json libgit2 = dependency('libgit2') deps_private += libgit2 -add_project_arguments( - # TODO(Qyriad): Yes this is how the autoconf+Make system did it. - # It would be nice for our headers to be idempotent instead. - '-include', 'nix/config-util.hh', - '-include', 'nix/config-store.hh', - # '-include', 'nix_api_fetchers_config.h', - language : 'cpp', -) - subdir('nix-meson-build-support/common') sources = files( diff --git a/src/libflake-c/meson.build b/src/libflake-c/meson.build index ec754dfaaa9..fd3cdd01b52 100644 --- a/src/libflake-c/meson.build +++ b/src/libflake-c/meson.build @@ -27,20 +27,6 @@ deps_public_maybe_subproject = [ ] subdir('nix-meson-build-support/subprojects') -add_project_arguments( - # TODO(Qyriad): Yes this is how the autoconf+Make system did it. - # It would be nice for our headers to be idempotent instead. - - # From C++ libraries, only for internals - '-include', 'nix/config-util.hh', - '-include', 'nix/config-store.hh', - '-include', 'nix/config-expr.hh', - # not generated (yet?) - # '-include', 'nix/config-flake.hh', - - language : 'cpp', -) - subdir('nix-meson-build-support/common') sources = files( diff --git a/src/libflake-tests/meson.build b/src/libflake-tests/meson.build index 4012582f2ba..593b0e18d21 100644 --- a/src/libflake-tests/meson.build +++ b/src/libflake-tests/meson.build @@ -32,15 +32,6 @@ deps_private += rapidcheck gtest = dependency('gtest', main : true) deps_private += gtest -add_project_arguments( - # TODO(Qyriad): Yes this is how the autoconf+Make system did it. - # It would be nice for our headers to be idempotent instead. - '-include', 'nix/config-util.hh', - '-include', 'nix/config-store.hh', - '-include', 'nix/config-expr.hh', - language : 'cpp', -) - subdir('nix-meson-build-support/common') sources = files( diff --git a/src/libflake/meson.build b/src/libflake/meson.build index e231de9c137..de880c28d04 100644 --- a/src/libflake/meson.build +++ b/src/libflake/meson.build @@ -27,16 +27,6 @@ subdir('nix-meson-build-support/subprojects') nlohmann_json = dependency('nlohmann_json', version : '>= 3.9') deps_public += nlohmann_json -add_project_arguments( - # TODO(Qyriad): Yes this is how the autoconf+Make system did it. - # It would be nice for our headers to be idempotent instead. - '-include', 'nix/config-util.hh', - '-include', 'nix/config-store.hh', - # '-include', 'nix_api_fetchers_config.h', - '-include', 'nix/config-expr.hh', - language : 'cpp', -) - subdir('nix-meson-build-support/common') subdir('nix-meson-build-support/generate-header') diff --git a/src/libmain-c/meson.build b/src/libmain-c/meson.build index 0229ef86b5f..e420520e6b1 100644 --- a/src/libmain-c/meson.build +++ b/src/libmain-c/meson.build @@ -25,17 +25,6 @@ deps_public_maybe_subproject = [ ] subdir('nix-meson-build-support/subprojects') -add_project_arguments( - # TODO(Qyriad): Yes this is how the autoconf+Make system did it. - # It would be nice for our headers to be idempotent instead. - - # From C++ libraries, only for internals - '-include', 'nix/config-util.hh', - '-include', 'nix/config-store.hh', - - language : 'cpp', -) - subdir('nix-meson-build-support/common') sources = files( diff --git a/src/libmain/include/nix/meson.build b/src/libmain/include/nix/meson.build index 8584b9042ad..e29981d3f81 100644 --- a/src/libmain/include/nix/meson.build +++ b/src/libmain/include/nix/meson.build @@ -2,12 +2,7 @@ include_dirs = [include_directories('..')] -config_h = configure_file( - configuration : configdata, - output : 'config-main.hh', -) - -headers = [config_h] + files( +headers = files( 'common-args.hh', 'loggers.hh', 'plugin.hh', diff --git a/src/libmain/meson.build b/src/libmain/meson.build index 08b0bdb4fdf..f7ff93b664c 100644 --- a/src/libmain/meson.build +++ b/src/libmain/meson.build @@ -42,13 +42,9 @@ configdata.set( description: 'Optionally used for buffering on standard error' ) -add_project_arguments( - # TODO(Qyriad): Yes this is how the autoconf+Make system did it. - # It would be nice for our headers to be idempotent instead. - '-include', 'nix/config-util.hh', - '-include', 'nix/config-store.hh', - '-include', 'nix/config-main.hh', - language : 'cpp', +config_priv_h = configure_file( + configuration : configdata, + output : 'main-config-private.hh', ) subdir('nix-meson-build-support/common') @@ -75,7 +71,7 @@ subdir('nix-meson-build-support/windows-version') this_library = library( 'nixmain', sources, - config_h, + config_priv_h, dependencies : deps_public + deps_private + deps_other, include_directories : include_dirs, link_args: linker_export_flags, diff --git a/src/libmain/shared.cc b/src/libmain/shared.cc index 639977efc28..0643e20ed1c 100644 --- a/src/libmain/shared.cc +++ b/src/libmain/shared.cc @@ -25,6 +25,8 @@ #include "nix/exit.hh" #include "nix/strings.hh" +#include "main-config-private.hh" + namespace nix { char * * savedArgv; @@ -297,7 +299,7 @@ void printVersion(const std::string & programName) std::cout << fmt("%1% (Nix) %2%", programName, nixVersion) << std::endl; if (verbosity > lvlInfo) { Strings cfg; -#if HAVE_BOEHMGC +#if NIX_USE_BOEHMGC cfg.push_back("gc"); #endif cfg.push_back("signed-caches"); diff --git a/src/libstore-c/meson.build b/src/libstore-c/meson.build index f7e192f3a48..eb556316107 100644 --- a/src/libstore-c/meson.build +++ b/src/libstore-c/meson.build @@ -23,17 +23,6 @@ deps_public_maybe_subproject = [ ] subdir('nix-meson-build-support/subprojects') -add_project_arguments( - # TODO(Qyriad): Yes this is how the autoconf+Make system did it. - # It would be nice for our headers to be idempotent instead. - - # From C++ libraries, only for internals - '-include', 'nix/config-util.hh', - '-include', 'nix/config-store.hh', - - language : 'cpp', -) - subdir('nix-meson-build-support/common') sources = files( diff --git a/src/libstore-test-support/meson.build b/src/libstore-test-support/meson.build index c7d9689bf84..a1f6777e454 100644 --- a/src/libstore-test-support/meson.build +++ b/src/libstore-test-support/meson.build @@ -27,14 +27,6 @@ subdir('nix-meson-build-support/subprojects') rapidcheck = dependency('rapidcheck') deps_public += rapidcheck -add_project_arguments( - # TODO(Qyriad): Yes this is how the autoconf+Make system did it. - # It would be nice for our headers to be idempotent instead. - '-include', 'nix/config-util.hh', - '-include', 'nix/config-store.hh', - language : 'cpp', -) - subdir('nix-meson-build-support/common') sources = files( diff --git a/src/libstore-tests/meson.build b/src/libstore-tests/meson.build index 0dcfeaacda9..1822a352067 100644 --- a/src/libstore-tests/meson.build +++ b/src/libstore-tests/meson.build @@ -37,17 +37,17 @@ deps_private += rapidcheck gtest = dependency('gtest', main : true) deps_private += gtest -gtest = dependency('gmock') -deps_private += gtest +configdata = configuration_data() +configdata.set_quoted('PACKAGE_VERSION', meson.project_version()) -add_project_arguments( - # TODO(Qyriad): Yes this is how the autoconf+Make system did it. - # It would be nice for our headers to be idempotent instead. - '-include', 'nix/config-util.hh', - '-include', 'nix/config-store.hh', - language : 'cpp', +config_priv_h = configure_file( + configuration : configdata, + output : 'store-tests-config.hh', ) +gtest = dependency('gmock') +deps_private += gtest + subdir('nix-meson-build-support/common') sources = files( @@ -84,6 +84,7 @@ include_dirs = [include_directories('.')] this_exe = executable( meson.project_name(), sources, + config_priv_h, dependencies : deps_private_subproject + deps_private + deps_other, include_directories : include_dirs, # TODO: -lrapidcheck, see ../libutil-support/build.meson diff --git a/src/libstore-tests/nix_api_store.cc b/src/libstore-tests/nix_api_store.cc index b7d9860fb44..293547c95b4 100644 --- a/src/libstore-tests/nix_api_store.cc +++ b/src/libstore-tests/nix_api_store.cc @@ -6,6 +6,8 @@ #include "nix/tests/nix_api_store.hh" #include "nix/tests/string_callback.hh" +#include "store-tests-config.hh" + namespace nixC { std::string PATH_SUFFIX = "/g1w7hy3qg1w7hy3qg1w7hy3qg1w7hy3q-name"; diff --git a/src/libstore/gc.cc b/src/libstore/gc.cc index 81294a5b9df..43b5c7891c3 100644 --- a/src/libstore/gc.cc +++ b/src/libstore/gc.cc @@ -6,6 +6,8 @@ #include "nix/signals.hh" #include "nix/posix-fs-canonicalise.hh" +#include "store-config-private.hh" + #if !defined(__linux__) // For shelling out to lsof # include "nix/processes.hh" diff --git a/src/libstore/globals.cc b/src/libstore/globals.cc index 4f8c53ca848..70feaf311a1 100644 --- a/src/libstore/globals.cc +++ b/src/libstore/globals.cc @@ -6,6 +6,7 @@ #include "nix/abstract-setting-to-json.hh" #include "nix/compute-levels.hh" #include "nix/signals.hh" +#include "nix/strings.hh" #include #include @@ -35,7 +36,8 @@ #include #endif -#include "nix/strings.hh" +#include "store-config-private.hh" + namespace nix { @@ -202,7 +204,7 @@ StringSet Settings::getDefaultExtraPlatforms() { StringSet extraPlatforms; - if (std::string{SYSTEM} == "x86_64-linux" && !isWSL1()) + if (std::string{NIX_LOCAL_SYSTEM} == "x86_64-linux" && !isWSL1()) extraPlatforms.insert("i686-linux"); #if __linux__ @@ -214,7 +216,7 @@ StringSet Settings::getDefaultExtraPlatforms() // machines. Note that we can’t force processes from executing // x86_64 in aarch64 environments or vice versa since they can // always exec with their own binary preferences. - if (std::string{SYSTEM} == "aarch64-darwin" && + if (std::string{NIX_LOCAL_SYSTEM} == "aarch64-darwin" && runProgram(RunOptions {.program = "arch", .args = {"-arch", "x86_64", "/usr/bin/true"}, .mergeStderrToStdout = true}).first == 0) extraPlatforms.insert("x86_64-darwin"); #endif diff --git a/src/libstore/include/nix/globals.hh b/src/libstore/include/nix/globals.hh index bda883890c8..1630c0ae769 100644 --- a/src/libstore/include/nix/globals.hh +++ b/src/libstore/include/nix/globals.hh @@ -1,16 +1,18 @@ #pragma once ///@file +#include +#include + +#include + #include "nix/types.hh" #include "nix/config.hh" #include "nix/environment-variables.hh" #include "nix/experimental-features.hh" #include "nix/users.hh" -#include -#include - -#include +#include "nix/store-config.hh" namespace nix { @@ -181,7 +183,7 @@ public: bool readOnlyMode = false; Setting thisSystem{ - this, SYSTEM, "system", + this, NIX_LOCAL_SYSTEM, "system", R"( The system type of the current Nix installation. Nix will only build a given [store derivation](@docroot@/glossary.md#gloss-store-derivation) locally when its `system` attribute equals any of the values specified here or in [`extra-platforms`](#conf-extra-platforms). @@ -1089,7 +1091,7 @@ public: )"}; #endif -#if HAVE_ACL_SUPPORT +#if NIX_SUPPORT_ACL Setting ignoredAcls{ this, {"security.selinux", "system.nfs4_acl", "security.csm"}, "ignored-acls", R"( diff --git a/src/libstore/include/nix/meson.build b/src/libstore/include/nix/meson.build index 85ea75685ed..d29efe50e45 100644 --- a/src/libstore/include/nix/meson.build +++ b/src/libstore/include/nix/meson.build @@ -4,12 +4,12 @@ include_dirs = [ include_directories('..'), ] -config_h = configure_file( - configuration : configdata, - output : 'config-store.hh', +config_pub_h = configure_file( + configuration : configdata_pub, + output : 'store-config.hh', ) -headers = [config_h] + files( +headers = [config_pub_h] + files( 'binary-cache-store.hh', 'build-result.hh', 'build/derivation-goal.hh', diff --git a/src/libstore/linux/include/nix/fchmodat2-compat.hh b/src/libstore/linux/include/nix/fchmodat2-compat.hh index fd03b9ed5aa..42b3f3a352f 100644 --- a/src/libstore/linux/include/nix/fchmodat2-compat.hh +++ b/src/libstore/linux/include/nix/fchmodat2-compat.hh @@ -1,3 +1,5 @@ +#include "store-config-private.hh" + /* * Determine the syscall number for `fchmodat2`. * diff --git a/src/libstore/linux/personality.cc b/src/libstore/linux/personality.cc index bbff765ded7..452bd3e4b50 100644 --- a/src/libstore/linux/personality.cc +++ b/src/libstore/linux/personality.cc @@ -15,7 +15,7 @@ void setPersonality(std::string_view system) struct utsname utsbuf; uname(&utsbuf); if ((system == "i686-linux" - && (std::string_view(SYSTEM) == "x86_64-linux" + && (std::string_view(NIX_LOCAL_SYSTEM) == "x86_64-linux" || (!strcmp(utsbuf.sysname, "Linux") && !strcmp(utsbuf.machine, "x86_64")))) || system == "armv7l-linux" || system == "armv6l-linux" diff --git a/src/libstore/local-store.cc b/src/libstore/local-store.cc index cf6644804a5..7d4f8e5c7b7 100644 --- a/src/libstore/local-store.cc +++ b/src/libstore/local-store.cc @@ -54,6 +54,8 @@ #include "nix/strings.hh" +#include "store-config-private.hh" + namespace nix { diff --git a/src/libstore/meson.build b/src/libstore/meson.build index dd6d7b40494..b558c3bc923 100644 --- a/src/libstore/meson.build +++ b/src/libstore/meson.build @@ -15,12 +15,20 @@ cxx = meson.get_compiler('cpp') subdir('nix-meson-build-support/deps-lists') -configdata = configuration_data() +configdata_pub = configuration_data() +configdata_priv = configuration_data() # TODO rename, because it will conflict with downstream projects -configdata.set_quoted('PACKAGE_VERSION', meson.project_version()) - -configdata.set_quoted('SYSTEM', host_machine.cpu_family() + '-' + host_machine.system()) +configdata_priv.set_quoted('PACKAGE_VERSION', meson.project_version()) + +# Used in public header. +configdata_pub.set_quoted( + 'NIX_LOCAL_SYSTEM', + host_machine.cpu_family() + '-' + host_machine.system(), + description : + 'This is the system name Nix expects for local running instance of Nix.\n\n' + + 'See the "system" setting for additional details', +) deps_private_maybe_subproject = [ ] @@ -47,28 +55,30 @@ run_command('rm', '-f', check : true, ) summary('can hardlink to symlink', can_link_symlink, bool_yn : true) -configdata.set('CAN_LINK_SYMLINK', can_link_symlink.to_int()) +configdata_priv.set('CAN_LINK_SYMLINK', can_link_symlink.to_int()) # Check for each of these functions, and create a define like `#define HAVE_LCHOWN 1`. -# -# Only need to do functions that deps (like `libnixutil`) didn't already -# check for. check_funcs = [ # Optionally used for canonicalising files from the build 'lchown', + 'posix_fallocate', 'statvfs', ] foreach funcspec : check_funcs define_name = 'HAVE_' + funcspec.underscorify().to_upper() define_value = cxx.has_function(funcspec).to_int() - configdata.set(define_name, define_value) + configdata_priv.set(define_name, define_value) endforeach has_acl_support = cxx.has_header('sys/xattr.h') \ and cxx.has_function('llistxattr') \ and cxx.has_function('lremovexattr') -# TODO: used in header - make proper public header and make sure it's included. Affects ABI! -configdata.set('HAVE_ACL_SUPPORT', has_acl_support.to_int()) +# Used in public header. Affects ABI! +configdata_pub.set( + 'NIX_SUPPORT_ACL', + has_acl_support.to_int(), + description : 'FIXME: It\'s a bit peculiar that this needs to be exposed. The reason is that that it effects whether the settings struct in a header has a particular field. This is also odd, because it means when there is no ACL support one will just get an "unknown setting" warning from their configuration.', +) if host_machine.system() == 'darwin' sandbox = cxx.find_library('sandbox') @@ -104,7 +114,7 @@ seccomp = dependency('libseccomp', 'seccomp', required : seccomp_required, versi if is_linux and not seccomp.found() warning('Sandbox security is reduced because libseccomp has not been found! Please provide libseccomp if it supports your CPU architecture.') endif -configdata.set('HAVE_SECCOMP', seccomp.found().to_int()) +configdata_priv.set('HAVE_SECCOMP', seccomp.found().to_int()) deps_private += seccomp nlohmann_json = dependency('nlohmann_json', version : '>= 3.9') @@ -116,7 +126,7 @@ deps_private += sqlite # AWS C++ SDK has bad pkg-config. See # https://github.com/aws/aws-sdk-cpp/issues/2673 for details. aws_s3 = dependency('aws-cpp-sdk-s3', required : false) -configdata.set('ENABLE_S3', aws_s3.found().to_int()) +configdata_priv.set('ENABLE_S3', aws_s3.found().to_int()) if aws_s3.found() aws_s3 = declare_dependency( include_directories: include_directories(aws_s3.get_variable('includedir')), @@ -148,7 +158,7 @@ if get_option('embedded-sandbox-shell') # The path to busybox is passed as a -D flag when compiling this_library. # This solution is inherited from the old make buildsystem # TODO: do this differently? - configdata.set('HAVE_EMBEDDED_SANDBOX_SHELL', 1) + configdata_priv.set('HAVE_EMBEDDED_SANDBOX_SHELL', 1) hexdump = find_program('hexdump', native : true) embedded_sandbox_shell_gen = custom_target( 'embedded-sandbox-shell.gen.hh', @@ -166,12 +176,9 @@ if get_option('embedded-sandbox-shell') generated_headers += embedded_sandbox_shell_gen endif -add_project_arguments( - # TODO(Qyriad): Yes this is how the autoconf+Make system did it. - # It would be nice for our headers to be idempotent instead. - '-include', 'nix/config-util.hh', - '-include', 'nix/config-store.hh', - language : 'cpp', +config_priv_h = configure_file( + configuration : configdata_priv, + output : 'store-config-private.hh', ) subdir('nix-meson-build-support/common') @@ -346,6 +353,7 @@ this_library = library( 'nixstore', generated_headers, sources, + config_priv_h, dependencies : deps_public + deps_private + deps_other, include_directories : include_dirs, cpp_args : cpp_args, diff --git a/src/libstore/posix-fs-canonicalise.cc b/src/libstore/posix-fs-canonicalise.cc index 5fddae42fcf..c1b45132460 100644 --- a/src/libstore/posix-fs-canonicalise.cc +++ b/src/libstore/posix-fs-canonicalise.cc @@ -1,13 +1,16 @@ -#if HAVE_ACL_SUPPORT -# include -#endif - #include "nix/posix-fs-canonicalise.hh" #include "nix/file-system.hh" #include "nix/signals.hh" #include "nix/util.hh" #include "nix/globals.hh" #include "nix/store-api.hh" +#include "nix/store-config.hh" + +#include "store-config-private.hh" + +#if NIX_SUPPORT_ACL +# include +#endif namespace nix { @@ -72,7 +75,7 @@ static void canonicalisePathMetaData_( if (!(S_ISREG(st.st_mode) || S_ISDIR(st.st_mode) || S_ISLNK(st.st_mode))) throw Error("file '%1%' has an unsupported type", path); -#if HAVE_ACL_SUPPORT +#if NIX_SUPPORT_ACL /* Remove extended attributes / ACLs. */ ssize_t eaSize = llistxattr(path.c_str(), nullptr, 0); diff --git a/src/libstore/unix/build/local-derivation-goal.cc b/src/libstore/unix/build/local-derivation-goal.cc index 74186242b6f..afffe8e7183 100644 --- a/src/libstore/unix/build/local-derivation-goal.cc +++ b/src/libstore/unix/build/local-derivation-goal.cc @@ -19,6 +19,7 @@ #include "nix/unix-domain-socket.hh" #include "nix/posix-fs-canonicalise.hh" #include "nix/posix-source-accessor.hh" +#include "nix/store-config.hh" #include #include @@ -31,6 +32,8 @@ #include #include +#include "store-config-private.hh" + #if HAVE_STATVFS #include #endif @@ -1701,7 +1704,7 @@ void setupSeccomp() seccomp_release(ctx); }); - constexpr std::string_view nativeSystem = SYSTEM; + constexpr std::string_view nativeSystem = NIX_LOCAL_SYSTEM; if (nativeSystem == "x86_64-linux" && seccomp_arch_add(ctx, SCMP_ARCH_X86) != 0) diff --git a/src/libutil-c/meson.build b/src/libutil-c/meson.build index cd53bc5854c..3414a6d31c1 100644 --- a/src/libutil-c/meson.build +++ b/src/libutil-c/meson.build @@ -25,21 +25,11 @@ subdir('nix-meson-build-support/subprojects') configdata.set_quoted('PACKAGE_VERSION', meson.project_version()) -config_h = configure_file( +config_priv_h = configure_file( configuration : configdata, output : 'nix_api_util_config.h', ) -add_project_arguments( - # TODO(Qyriad): Yes this is how the autoconf+Make system did it. - # It would be nice for our headers to be idempotent instead. - - # From C++ libraries, only for internals - '-include', 'nix/config-util.hh', - - language : 'cpp', -) - subdir('nix-meson-build-support/common') sources = files( @@ -61,7 +51,7 @@ subdir('nix-meson-build-support/windows-version') this_library = library( 'nixutilc', sources, - config_h, + config_priv_h, dependencies : deps_public + deps_private + deps_other, include_directories : include_dirs, link_args: linker_export_flags, diff --git a/src/libutil-test-support/meson.build b/src/libutil-test-support/meson.build index f235af9eb3c..265bdc24902 100644 --- a/src/libutil-test-support/meson.build +++ b/src/libutil-test-support/meson.build @@ -25,13 +25,6 @@ subdir('nix-meson-build-support/subprojects') rapidcheck = dependency('rapidcheck') deps_public += rapidcheck -add_project_arguments( - # TODO(Qyriad): Yes this is how the autoconf+Make system did it. - # It would be nice for our headers to be idempotent instead. - '-include', 'nix/config-util.hh', - language : 'cpp', -) - subdir('nix-meson-build-support/common') sources = files( diff --git a/src/libutil-tests/meson.build b/src/libutil-tests/meson.build index f982d6cf68e..8f9c18eedb4 100644 --- a/src/libutil-tests/meson.build +++ b/src/libutil-tests/meson.build @@ -35,14 +35,9 @@ deps_private += gtest configdata = configuration_data() configdata.set_quoted('PACKAGE_VERSION', meson.project_version()) -config_h = configure_file( +config_priv_h = configure_file( configuration : configdata, - output : 'config-util-tests.hh', -) - -add_project_arguments( - '-include', 'config-util-tests.hh', - language : 'cpp', + output : 'util-tests-config.hh', ) subdir('nix-meson-build-support/common') @@ -84,7 +79,7 @@ include_dirs = [include_directories('.')] this_exe = executable( meson.project_name(), sources, - config_h, + config_priv_h, dependencies : deps_private_subproject + deps_private + deps_other, include_directories : include_dirs, # TODO: -lrapidcheck, see ../libutil-support/build.meson diff --git a/src/libutil-tests/nix_api_util.cc b/src/libutil-tests/nix_api_util.cc index f768de01120..f2d198aacf1 100644 --- a/src/libutil-tests/nix_api_util.cc +++ b/src/libutil-tests/nix_api_util.cc @@ -9,6 +9,8 @@ #include +#include "util-tests-config.hh" + namespace nixC { TEST_F(nix_api_util_context, nix_context_error) diff --git a/src/libutil/compute-levels.cc b/src/libutil/compute-levels.cc index 8cc3def188d..2e3c8440456 100644 --- a/src/libutil/compute-levels.cc +++ b/src/libutil/compute-levels.cc @@ -1,5 +1,7 @@ #include "nix/types.hh" +#include "util-config-private.hh" + #if HAVE_LIBCPUID #include #endif diff --git a/src/libutil/file-system.cc b/src/libutil/file-system.cc index 6a63e0242cd..8a309d12045 100644 --- a/src/libutil/file-system.cc +++ b/src/libutil/file-system.cc @@ -27,6 +27,8 @@ #include "nix/strings-inline.hh" +#include "util-config-private.hh" + namespace nix { namespace fs { using namespace std::filesystem; } @@ -630,62 +632,6 @@ void replaceSymlink(const fs::path & target, const fs::path & link) } } -void setWriteTime( - const fs::path & path, - time_t accessedTime, - time_t modificationTime, - std::optional optIsSymlink) -{ -#ifdef _WIN32 - // FIXME use `fs::last_write_time`. - // - // Would be nice to use std::filesystem unconditionally, but - // doesn't support access time just modification time. - // - // System clock vs File clock issues also make that annoying. - warn("Changing file times is not yet implemented on Windows, path is %s", path); -#elif HAVE_UTIMENSAT && HAVE_DECL_AT_SYMLINK_NOFOLLOW - struct timespec times[2] = { - { - .tv_sec = accessedTime, - .tv_nsec = 0, - }, - { - .tv_sec = modificationTime, - .tv_nsec = 0, - }, - }; - if (utimensat(AT_FDCWD, path.c_str(), times, AT_SYMLINK_NOFOLLOW) == -1) - throw SysError("changing modification time of %s (using `utimensat`)", path); -#else - struct timeval times[2] = { - { - .tv_sec = accessedTime, - .tv_usec = 0, - }, - { - .tv_sec = modificationTime, - .tv_usec = 0, - }, - }; -#if HAVE_LUTIMES - if (lutimes(path.c_str(), times) == -1) - throw SysError("changing modification time of %s", path); -#else - bool isSymlink = optIsSymlink - ? *optIsSymlink - : fs::is_symlink(path); - - if (!isSymlink) { - if (utimes(path.c_str(), times) == -1) - throw SysError("changing modification time of %s (not a symlink)", path); - } else { - throw Error("Cannot change modification time of symlink %s", path); - } -#endif -#endif -} - void setWriteTime(const fs::path & path, const struct stat & st) { setWriteTime(path, st.st_atime, st.st_mtime, S_ISLNK(st.st_mode)); diff --git a/src/libutil/fs-sink.cc b/src/libutil/fs-sink.cc index 5e7c2e9fd73..7b8ba11893c 100644 --- a/src/libutil/fs-sink.cc +++ b/src/libutil/fs-sink.cc @@ -10,6 +10,8 @@ # include "nix/windows-error.hh" #endif +#include "util-config-private.hh" + namespace nix { void copyRecursive( diff --git a/src/libutil/include/nix/meson.build b/src/libutil/include/nix/meson.build index 798d4982808..3da9837ed49 100644 --- a/src/libutil/include/nix/meson.build +++ b/src/libutil/include/nix/meson.build @@ -2,12 +2,7 @@ include_dirs = [include_directories('..')] -config_h = configure_file( - configuration : configdata, - output : 'config-util.hh', -) - -headers = [config_h] + files( +headers = files( 'abstract-setting-to-json.hh', 'ansicolor.hh', 'archive.hh', diff --git a/src/libutil/meson.build b/src/libutil/meson.build index e34bce0d504..c7509f030b4 100644 --- a/src/libutil/meson.build +++ b/src/libutil/meson.build @@ -23,36 +23,20 @@ deps_public_maybe_subproject = [ subdir('nix-meson-build-support/subprojects') # Check for each of these functions, and create a define like `#define -# HAVE_LUTIMES 1`. The `#define` is unconditional, 0 for not found and 1 -# for found. One therefore uses it with `#if` not `#ifdef`. +# HAVE_POSIX_FALLOCATE 1`. The `#define` is unconditional, 0 for not +# found and 1 for found. One therefore uses it with `#if` not `#ifdef`. check_funcs = [ - 'close_range', - # Optionally used for changing the mtime of symlinks. - 'lutimes', - # Optionally used for creating pipes on Unix - 'pipe2', - # Optionally used to preallocate files to be large enough before - # writing to them. - # WARNING: define also used in libstore - 'posix_fallocate', - # Optionally used to get more information about processes failing due - # to a signal on Unix. - 'strsignal', - # Optionally used to try to close more file descriptors (e.g. before - # forking) on Unix. - # WARNING: also used in libexpr - 'sysconf', - # Optionally used for changing the mtime of files and symlinks. - 'utimensat', + [ + 'posix_fallocate', + 'Optionally used to preallocate files to be large enough before writing to them.', + ], ] foreach funcspec : check_funcs - define_name = 'HAVE_' + funcspec.underscorify().to_upper() - define_value = cxx.has_function(funcspec).to_int() - configdata.set(define_name, define_value) + define_name = 'HAVE_' + funcspec[0].underscorify().to_upper() + define_value = cxx.has_function(funcspec[0]).to_int() + configdata.set(define_name, define_value, description: funcspec[1]) endforeach -configdata.set('HAVE_DECL_AT_SYMLINK_NOFOLLOW', cxx.has_header_symbol('fcntl.h', 'AT_SYMLINK_NOFOLLOW').to_int()) - subdir('nix-meson-build-support/libatomic') if host_machine.system() == 'windows' @@ -116,16 +100,14 @@ deps_public += nlohmann_json cxx = meson.get_compiler('cpp') -add_project_arguments( - # TODO(Qyriad): Yes this is how the autoconf+Make system did it. - # It would be nice for our headers to be idempotent instead. - '-include', 'nix/config-util.hh', - language : 'cpp', +config_priv_h = configure_file( + configuration : configdata, + output : 'util-config-private.hh', ) subdir('nix-meson-build-support/common') -sources = files( +sources = [config_priv_h] + files( 'archive.cc', 'args.cc', 'canon-path.cc', diff --git a/src/libutil/unix/file-descriptor.cc b/src/libutil/unix/file-descriptor.cc index 566675349f3..2911df54f88 100644 --- a/src/libutil/unix/file-descriptor.cc +++ b/src/libutil/unix/file-descriptor.cc @@ -7,6 +7,9 @@ #include #include +#include "util-config-private.hh" +#include "util-unix-config-private.hh" + namespace nix { namespace { diff --git a/src/libutil/unix/file-system.cc b/src/libutil/unix/file-system.cc index 119e8a27727..d79f4c64c35 100644 --- a/src/libutil/unix/file-system.cc +++ b/src/libutil/unix/file-system.cc @@ -1,10 +1,72 @@ +#include +#include +#include +#include + +#include +#include +#include +#include + #include "nix/file-system.hh" +#include "util-unix-config-private.hh" + namespace nix { +namespace fs { +using namespace std::filesystem; +} + Descriptor openDirectory(const std::filesystem::path & path) { return open(path.c_str(), O_RDONLY | O_DIRECTORY); } +void setWriteTime(const fs::path & path, time_t accessedTime, time_t modificationTime, std::optional optIsSymlink) +{ + // Would be nice to use std::filesystem unconditionally, but + // doesn't support access time just modification time. + // + // System clock vs File clock issues also make that annoying. +#if HAVE_UTIMENSAT && HAVE_DECL_AT_SYMLINK_NOFOLLOW + struct timespec times[2] = { + { + .tv_sec = accessedTime, + .tv_nsec = 0, + }, + { + .tv_sec = modificationTime, + .tv_nsec = 0, + }, + }; + if (utimensat(AT_FDCWD, path.c_str(), times, AT_SYMLINK_NOFOLLOW) == -1) + throw SysError("changing modification time of %s (using `utimensat`)", path); +#else + struct timeval times[2] = { + { + .tv_sec = accessedTime, + .tv_usec = 0, + }, + { + .tv_sec = modificationTime, + .tv_usec = 0, + }, + }; +# if HAVE_LUTIMES + if (lutimes(path.c_str(), times) == -1) + throw SysError("changing modification time of %s", path); +# else + bool isSymlink = optIsSymlink ? *optIsSymlink : fs::is_symlink(path); + + if (!isSymlink) { + if (utimes(path.c_str(), times) == -1) + throw SysError("changing modification time of %s (not a symlink)", path); + } else { + throw Error("Cannot change modification time of symlink %s", path); + } +# endif +#endif +} + } diff --git a/src/libutil/unix/meson.build b/src/libutil/unix/meson.build index 1373ed17a79..ee0c19affe3 100644 --- a/src/libutil/unix/meson.build +++ b/src/libutil/unix/meson.build @@ -1,3 +1,53 @@ +include_dirs += include_directories('.') + +configdata_unix = configuration_data() + +configdata_unix.set( + 'HAVE_DECL_AT_SYMLINK_NOFOLLOW', + cxx.has_header_symbol('fcntl.h', 'AT_SYMLINK_NOFOLLOW').to_int(), + description : 'Optionally used for changing the files and symlinks.' +) + +# Check for each of these functions, and create a define like `#define +# HAVE_CLOSE_RANGE 1`. +check_funcs_unix = [ + [ + 'close_range', + 'For closing many file descriptors after forking.', + ], + [ + 'lutimes', + 'Optionally used for changing the mtime of symlinks.', + ], + [ + 'pipe2', + 'Optionally used for creating pipes on Unix.', + ], + [ + 'strsignal', + 'Optionally used to get more information about processes failing due to a signal on Unix.', + ], + [ + 'sysconf', + 'Optionally used to try to close more file descriptors (e.g. before forking) on Unix.', + ], + [ + 'utimensat', + 'Optionally used for changing the mtime of files and symlinks.', + ], +] +foreach funcspec : check_funcs_unix + define_name = 'HAVE_' + funcspec[0].underscorify().to_upper() + define_value = cxx.has_function(funcspec[0]).to_int() + configdata_unix.set(define_name, define_value, description: funcspec[1]) +endforeach + +config_unix_priv_h = configure_file( + configuration : configdata_unix, + output : 'util-unix-config-private.hh', +) +sources += config_unix_priv_h + sources += files( 'environment-variables.cc', 'file-descriptor.cc', diff --git a/src/libutil/unix/processes.cc b/src/libutil/unix/processes.cc index 032992a2f2d..06beacb8790 100644 --- a/src/libutil/unix/processes.cc +++ b/src/libutil/unix/processes.cc @@ -28,6 +28,9 @@ # include #endif +#include "util-config-private.hh" +#include "util-unix-config-private.hh" + namespace nix { diff --git a/src/libutil/windows/file-system.cc b/src/libutil/windows/file-system.cc index 22f1f89abb2..3c2a57bcdc6 100644 --- a/src/libutil/windows/file-system.cc +++ b/src/libutil/windows/file-system.cc @@ -3,6 +3,21 @@ #ifdef _WIN32 namespace nix { +namespace fs { +using namespace std::filesystem; +} + +void setWriteTime(const fs::path & path, time_t accessedTime, time_t modificationTime, std::optional optIsSymlink) +{ + // FIXME use `fs::last_write_time`. + // + // Would be nice to use std::filesystem unconditionally, but + // doesn't support access time just modification time. + // + // System clock vs File clock issues also make that annoying. + warn("Changing file times is not yet implemented on Windows, path is %s", path); +} + Descriptor openDirectory(const std::filesystem::path & path) { return CreateFileW( diff --git a/src/nix/main.cc b/src/nix/main.cc index 3d57263dfe9..330cafce6a2 100644 --- a/src/nix/main.cc +++ b/src/nix/main.cc @@ -23,6 +23,7 @@ #include "self-exe.hh" #include "crash-handler.hh" +#include "cli-config-private.hh" #include #include diff --git a/src/nix/meson.build b/src/nix/meson.build index adcf80a259e..b258778ccae 100644 --- a/src/nix/meson.build +++ b/src/nix/meson.build @@ -46,25 +46,15 @@ if not fs.is_absolute(bindir) endif configdata.set_quoted('NIX_BIN_DIR', bindir) -config_h = configure_file( +config_priv_h = configure_file( configuration : configdata, - output : 'config-nix-cli.hh', -) - -add_project_arguments( - # TODO(Qyriad): Yes this is how the autoconf+Make system did it. - # It would be nice for our headers to be idempotent instead. - '-include', 'nix/config-util.hh', - '-include', 'nix/config-store.hh', - '-include', 'nix/config-expr.hh', - '-include', 'config-nix-cli.hh', - language : 'cpp', + output : 'cli-config-private.hh', ) subdir('nix-meson-build-support/common') subdir('nix-meson-build-support/generate-header') -nix_sources = [config_h] + files( +nix_sources = [config_priv_h] + files( 'add-to-store.cc', 'app.cc', 'self-exe.cc', diff --git a/src/nix/self-exe.cc b/src/nix/self-exe.cc index c9ab566cec7..f9439dfd985 100644 --- a/src/nix/self-exe.cc +++ b/src/nix/self-exe.cc @@ -1,7 +1,9 @@ #include "nix/current-process.hh" #include "nix/file-system.hh" #include "nix/globals.hh" + #include "self-exe.hh" +#include "cli-config-private.hh" namespace nix { diff --git a/src/perl/lib/Nix/Store.xs b/src/perl/lib/Nix/Store.xs index f368a2e42ca..49bf8bd7973 100644 --- a/src/perl/lib/Nix/Store.xs +++ b/src/perl/lib/Nix/Store.xs @@ -1,6 +1,3 @@ -#include "nix/config-util.hh" -#include "nix/config-store.hh" - #include "EXTERN.h" #include "perl.h" #include "XSUB.h" diff --git a/tests/functional/plugins/meson.build b/tests/functional/plugins/meson.build index cee43f0b575..ae66e3036ac 100644 --- a/tests/functional/plugins/meson.build +++ b/tests/functional/plugins/meson.build @@ -1,13 +1,6 @@ libplugintest = shared_module( 'plugintest', 'plugintest.cc', - cpp_args : [ - # TODO(Qyriad): Yes this is how the autoconf+Make system did it. - # It would be nice for our headers to be idempotent instead. - '-include', 'nix/config-util.hh', - '-include', 'nix/config-store.hh', - '-include', 'nix/config-expr.hh', - ], dependencies : [ dependency('nix-expr'), ], diff --git a/tests/functional/test-libstoreconsumer/meson.build b/tests/functional/test-libstoreconsumer/meson.build index 13a7f6d6f9b..e5a1cc18221 100644 --- a/tests/functional/test-libstoreconsumer/meson.build +++ b/tests/functional/test-libstoreconsumer/meson.build @@ -1,12 +1,6 @@ libstoreconsumer_tester = executable( 'test-libstoreconsumer', 'main.cc', - cpp_args : [ - # TODO(Qyriad): Yes this is how the autoconf+Make system did it. - # It would be nice for our headers to be idempotent instead. - '-include', 'nix/config-util.hh', - '-include', 'nix/config-store.hh', - ], dependencies : [ dependency('nix-store'), ], From 002faa3d1c6d3f728dc300b321ececb3a5166a02 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Tue, 1 Apr 2025 15:14:20 +0200 Subject: [PATCH 384/815] Tweak error message --- src/libfetchers/git.cc | 26 +++++++++++--------------- 1 file changed, 11 insertions(+), 15 deletions(-) diff --git a/src/libfetchers/git.cc b/src/libfetchers/git.cc index 5684583cdc5..6b82d9ae38b 100644 --- a/src/libfetchers/git.cc +++ b/src/libfetchers/git.cc @@ -532,24 +532,20 @@ struct GitInputScheme : InputScheme return *head; } - static MakeNotAllowedError makeNotAllowedError(std::string url) + static MakeNotAllowedError makeNotAllowedError(std::filesystem::path repoPath) { - return [url{std::move(url)}](const CanonPath & path) -> RestrictedPathError { - if (nix::pathExists(url + "/" + path.abs())) { - auto relativePath = path.rel(); // .makeRelative(CanonPath("/")); - + return [repoPath{std::move(repoPath)}](const CanonPath & path) -> RestrictedPathError { + if (nix::pathExists(repoPath / path.rel())) return RestrictedPathError( - "'%s' is not tracked by Git.\n" + "File '%1%' in the repository %2% is not tracked by Git.\n" "\n" - "To use '%s', stage it in the Git repository at '%s':\n" + "To make it visible to Nix, run:\n" "\n" - "git add %s", - relativePath, - relativePath, - url, - relativePath); - } else - return RestrictedPathError("path '%s' does not exist in Git repository '%s'", path, url); + "git -C %2% add \"%1%\"", + path.rel(), + repoPath); + else + return RestrictedPathError("path '%s' does not exist in Git repository %s", path, repoPath); }; } @@ -757,7 +753,7 @@ struct GitInputScheme : InputScheme ref accessor = repo->getAccessor(repoInfo.workdirInfo, exportIgnore, - makeNotAllowedError(repoInfo.locationToArg())); + makeNotAllowedError(repoPath)); /* If the repo has submodules, return a mounted input accessor consisting of the accessor for the top-level repo and the From fcddf4afe3b22e31c65780a3c62c6d73d178a086 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Tue, 1 Apr 2025 15:19:46 +0200 Subject: [PATCH 385/815] Apply makeNotAllowedError to empty repos --- src/libexpr/eval.cc | 2 +- src/libfetchers/filtering-source-accessor.cc | 14 ++++++++++++-- src/libfetchers/filtering-source-accessor.hh | 3 +++ src/libfetchers/git-utils.cc | 16 ++++------------ tests/functional/flakes/source-paths.sh | 2 +- 5 files changed, 21 insertions(+), 16 deletions(-) diff --git a/src/libexpr/eval.cc b/src/libexpr/eval.cc index fcfee2d293c..18b8c2f913e 100644 --- a/src/libexpr/eval.cc +++ b/src/libexpr/eval.cc @@ -304,7 +304,7 @@ EvalState::EvalState( /* Apply access control if needed. */ if (settings.restrictEval || settings.pureEval) - accessor = AllowListSourceAccessor::create(accessor, {}, + accessor = AllowListSourceAccessor::create(accessor, {}, {}, [&settings](const CanonPath & path) -> RestrictedPathError { auto modeInformation = settings.pureEval ? "in pure evaluation mode (use '--impure' to override)" diff --git a/src/libfetchers/filtering-source-accessor.cc b/src/libfetchers/filtering-source-accessor.cc index d4557b6d4dd..c6a00faef01 100644 --- a/src/libfetchers/filtering-source-accessor.cc +++ b/src/libfetchers/filtering-source-accessor.cc @@ -58,18 +58,23 @@ void FilteringSourceAccessor::checkAccess(const CanonPath & path) struct AllowListSourceAccessorImpl : AllowListSourceAccessor { std::set allowedPrefixes; + std::unordered_set allowedPaths; AllowListSourceAccessorImpl( ref next, std::set && allowedPrefixes, + std::unordered_set && allowedPaths, MakeNotAllowedError && makeNotAllowedError) : AllowListSourceAccessor(SourcePath(next), std::move(makeNotAllowedError)) , allowedPrefixes(std::move(allowedPrefixes)) + , allowedPaths(std::move(allowedPaths)) { } bool isAllowed(const CanonPath & path) override { - return path.isAllowed(allowedPrefixes); + return + allowedPaths.contains(path) + || path.isAllowed(allowedPrefixes); } void allowPrefix(CanonPath prefix) override @@ -81,9 +86,14 @@ struct AllowListSourceAccessorImpl : AllowListSourceAccessor ref AllowListSourceAccessor::create( ref next, std::set && allowedPrefixes, + std::unordered_set && allowedPaths, MakeNotAllowedError && makeNotAllowedError) { - return make_ref(next, std::move(allowedPrefixes), std::move(makeNotAllowedError)); + return make_ref( + next, + std::move(allowedPrefixes), + std::move(allowedPaths), + std::move(makeNotAllowedError)); } bool CachingFilteringSourceAccessor::isAllowed(const CanonPath & path) diff --git a/src/libfetchers/filtering-source-accessor.hh b/src/libfetchers/filtering-source-accessor.hh index 1f8d84e531e..41889cfd7d2 100644 --- a/src/libfetchers/filtering-source-accessor.hh +++ b/src/libfetchers/filtering-source-accessor.hh @@ -2,6 +2,8 @@ #include "source-path.hh" +#include + namespace nix { /** @@ -70,6 +72,7 @@ struct AllowListSourceAccessor : public FilteringSourceAccessor static ref create( ref next, std::set && allowedPrefixes, + std::unordered_set && allowedPaths, MakeNotAllowedError && makeNotAllowedError); using FilteringSourceAccessor::FilteringSourceAccessor; diff --git a/src/libfetchers/git-utils.cc b/src/libfetchers/git-utils.cc index 6b9d1bce614..6fa33e1305d 100644 --- a/src/libfetchers/git-utils.cc +++ b/src/libfetchers/git-utils.cc @@ -1215,20 +1215,12 @@ ref GitRepoImpl::getAccessor( ref GitRepoImpl::getAccessor(const WorkdirInfo & wd, bool exportIgnore, MakeNotAllowedError makeNotAllowedError) { auto self = ref(shared_from_this()); - /* In case of an empty workdir, return an empty in-memory tree. We - cannot use AllowListSourceAccessor because it would return an - error for the root (and we can't add the root to the allow-list - since that would allow access to all its children). */ ref fileAccessor = - wd.files.empty() - ? ({ - auto empty = makeEmptySourceAccessor(); - empty->setPathDisplay(path.string()); - empty; - }) - : AllowListSourceAccessor::create( + AllowListSourceAccessor::create( makeFSSourceAccessor(path), - std::set { wd.files }, + std::set{ wd.files }, + // Always allow access to the root, but not its children. + std::unordered_set{CanonPath::root}, std::move(makeNotAllowedError)).cast(); if (exportIgnore) fileAccessor = make_ref(self, fileAccessor, std::nullopt); diff --git a/tests/functional/flakes/source-paths.sh b/tests/functional/flakes/source-paths.sh index a3ebf4e3aac..1eb8d618d11 100644 --- a/tests/functional/flakes/source-paths.sh +++ b/tests/functional/flakes/source-paths.sh @@ -17,7 +17,7 @@ cat > "$repo/flake.nix" < Date: Fri, 21 Mar 2025 15:43:58 +0100 Subject: [PATCH 386/815] libstore/local-store: fix linting warning about unused variable (cherry picked from commit 05082ea1c5b6cb1cc1a6bfc50f9d9c81052cbfe8) --- src/libstore/local-store.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libstore/local-store.cc b/src/libstore/local-store.cc index cf6644804a5..c889805754f 100644 --- a/src/libstore/local-store.cc +++ b/src/libstore/local-store.cc @@ -247,7 +247,7 @@ LocalStore::LocalStore( else if (curSchema == 0) { /* new store */ curSchema = nixSchemaVersion; openDB(*state, true); - writeFile(schemaPath, fmt("%1%", nixSchemaVersion), 0666, true); + writeFile(schemaPath, fmt("%1%", curSchema), 0666, true); } else if (curSchema < nixSchemaVersion) { From b3902c7bf1cdf264c71bd628f84601e425201c0a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Fri, 21 Mar 2025 15:43:39 +0100 Subject: [PATCH 387/815] git/getStringUntil: fix uninitialized stack variable at least clang-tidy is not convinced that this initialized. If this is not the case, the impact should be small and hopefully also more robust if changed. (cherry picked from commit 7e540059a33536517a508ffef323f6c88c61fad6) --- src/libutil/git.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libutil/git.cc b/src/libutil/git.cc index 696f86d0b68..c6466bddaa8 100644 --- a/src/libutil/git.cc +++ b/src/libutil/git.cc @@ -33,7 +33,7 @@ std::optional decodeMode(RawMode m) { static std::string getStringUntil(Source & source, char byte) { std::string s; - char n[1]; + char n[1] = { 0 }; source(std::string_view { n, 1 }); while (*n != byte) { s += *n; From 11e6a1e6c8f5eddabb814b5414e5c504068bbcb2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Fri, 21 Mar 2025 11:21:27 +0100 Subject: [PATCH 388/815] test/ca-fd-leak: fix clang-tidy lints (cherry picked from commit b050db951be9b94e1cce0341300bdae5ee4397a3) --- tests/nixos/ca-fd-leak/sender.c | 2 +- tests/nixos/ca-fd-leak/smuggler.c | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/tests/nixos/ca-fd-leak/sender.c b/tests/nixos/ca-fd-leak/sender.c index 8356b2479a6..2ec79947a62 100644 --- a/tests/nixos/ca-fd-leak/sender.c +++ b/tests/nixos/ca-fd-leak/sender.c @@ -19,7 +19,7 @@ int main(int argc, char **argv) { struct sockaddr_un data; data.sun_family = AF_UNIX; data.sun_path[0] = 0; - strcpy(data.sun_path + 1, argv[1]); + strncpy(data.sun_path + 1, argv[1], sizeof(data.sun_path) - 2); // Now try to connect, To ensure we work no matter what order we are // executed in, just busyloop here. diff --git a/tests/nixos/ca-fd-leak/smuggler.c b/tests/nixos/ca-fd-leak/smuggler.c index 3f89af5bbe6..7279c48bf7d 100644 --- a/tests/nixos/ca-fd-leak/smuggler.c +++ b/tests/nixos/ca-fd-leak/smuggler.c @@ -5,6 +5,7 @@ #include #include #include +#include int main(int argc, char **argv) { From 92978dc59c426bf79a6c02442081486dedb4f500 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Fri, 21 Mar 2025 11:11:27 +0100 Subject: [PATCH 389/815] libstore/daemon: make sure monitor is not considered "unused" (cherry picked from commit 5c3682d7a11658dddd242ea1c9be70f0e0cc7ff6) --- src/libstore/daemon.cc | 1 + 1 file changed, 1 insertion(+) diff --git a/src/libstore/daemon.cc b/src/libstore/daemon.cc index bce285141e0..6de8447483a 100644 --- a/src/libstore/daemon.cc +++ b/src/libstore/daemon.cc @@ -1025,6 +1025,7 @@ void processConnection( { #ifndef _WIN32 // TODO need graceful async exit support on Windows? auto monitor = !recursive ? std::make_unique(from.fd) : nullptr; + (void) monitor; // suppress warning #endif /* Exchange the greeting. */ From 73b175481634ac447b5fcfa8d3f60f37b5c7c860 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Tue, 1 Apr 2025 17:29:15 +0200 Subject: [PATCH 390/815] Mount flake input source accessors on top of storeFS This way, we don't need the PathDisplaySourceAccessor source accessor hack, since error messages are produced directly by the original source accessor. In fact, we don't even need to copy the inputs to the store at all, so this gets us very close to lazy trees. We just need to know the store path so that requires hashing the entire input, which isn't lazy. But the next step will be to use a virtual store path that gets rewritten to the actual store path only when needed. --- src/libexpr/eval.cc | 46 +++------------- src/libexpr/eval.hh | 10 ++-- src/libexpr/primops/fetchTree.cc | 3 +- src/libfetchers/filtering-source-accessor.cc | 7 ++- src/libfetchers/filtering-source-accessor.hh | 2 + src/libfetchers/git.cc | 1 + src/libflake/flake/flake.cc | 3 +- src/libutil/forwarding-source-accessor.hh | 57 -------------------- src/libutil/meson.build | 2 +- src/libutil/mounted-source-accessor.cc | 16 ++++-- src/libutil/mounted-source-accessor.hh | 14 +++++ src/libutil/source-accessor.hh | 4 +- tests/functional/flakes/source-paths.sh | 12 +++++ tests/functional/restricted.sh | 6 +-- 14 files changed, 66 insertions(+), 117 deletions(-) delete mode 100644 src/libutil/forwarding-source-accessor.hh create mode 100644 src/libutil/mounted-source-accessor.hh diff --git a/src/libexpr/eval.cc b/src/libexpr/eval.cc index 18b8c2f913e..0ad12b9b5be 100644 --- a/src/libexpr/eval.cc +++ b/src/libexpr/eval.cc @@ -14,8 +14,8 @@ #include "profiles.hh" #include "print.hh" #include "filtering-source-accessor.hh" -#include "forwarding-source-accessor.hh" #include "memory-source-accessor.hh" +#include "mounted-source-accessor.hh" #include "gc-small-vector.hh" #include "url.hh" #include "fetch-to-store.hh" @@ -181,34 +181,6 @@ static Symbol getName(const AttrName & name, EvalState & state, Env & env) } } -struct PathDisplaySourceAccessor : ForwardingSourceAccessor -{ - ref storePathAccessors; - - PathDisplaySourceAccessor( - ref next, - ref storePathAccessors) - : ForwardingSourceAccessor(next) - , storePathAccessors(storePathAccessors) - { - } - - std::string showPath(const CanonPath & path) override - { - /* Find the accessor that produced `path`, if any, and use it - to render a more informative path - (e.g. `«github:foo/bar»/flake.nix` rather than - `/nix/store/hash.../flake.nix`). */ - auto ub = storePathAccessors->upper_bound(path); - if (ub != storePathAccessors->begin()) - ub--; - if (ub != storePathAccessors->end() && path.isWithin(ub->first)) - return ub->second->showPath(path.removePrefix(ub->first)); - else - return next->showPath(path); - } -}; - static constexpr size_t BASE_ENV_SIZE = 128; EvalState::EvalState( @@ -274,7 +246,12 @@ EvalState::EvalState( } , repair(NoRepair) , emptyBindings(0) - , storePathAccessors(make_ref()) + , storeFS( + makeMountedSourceAccessor( + { + {CanonPath::root, makeEmptySourceAccessor()}, + {CanonPath(store->storeDir), makeFSSourceAccessor(dirOf(store->toRealPath(StorePath::dummy)))} + })) , rootFS( ({ /* In pure eval mode, we provide a filesystem that only @@ -290,18 +267,11 @@ EvalState::EvalState( auto realStoreDir = dirOf(store->toRealPath(StorePath::dummy)); if (settings.pureEval || store->storeDir != realStoreDir) { - auto storeFS = makeMountedSourceAccessor( - { - {CanonPath::root, makeEmptySourceAccessor()}, - {CanonPath(store->storeDir), makeFSSourceAccessor(realStoreDir)} - }); accessor = settings.pureEval - ? storeFS + ? storeFS.cast() : makeUnionSourceAccessor({accessor, storeFS}); } - accessor = make_ref(accessor, storePathAccessors); - /* Apply access control if needed. */ if (settings.restrictEval || settings.pureEval) accessor = AllowListSourceAccessor::create(accessor, {}, {}, diff --git a/src/libexpr/eval.hh b/src/libexpr/eval.hh index 3797c40a43c..4ae73de57f3 100644 --- a/src/libexpr/eval.hh +++ b/src/libexpr/eval.hh @@ -37,6 +37,7 @@ class StorePath; struct SingleDerivedPath; enum RepairFlag : bool; struct MemorySourceAccessor; +struct MountedSourceAccessor; namespace eval_cache { class EvalCache; } @@ -262,15 +263,10 @@ public: /** `"unknown"` */ Value vStringUnknown; - using StorePathAccessors = std::map>; - /** - * A map back to the original `SourceAccessor`s used to produce - * store paths. We keep track of this to produce error messages - * that refer to the original flakerefs. - * FIXME: use Sync. + * The accessor corresponding to `store`. */ - ref storePathAccessors; + const ref storeFS; /** * The accessor for the root filesystem. diff --git a/src/libexpr/primops/fetchTree.cc b/src/libexpr/primops/fetchTree.cc index 8bbc435e440..f5ca5fd3e0b 100644 --- a/src/libexpr/primops/fetchTree.cc +++ b/src/libexpr/primops/fetchTree.cc @@ -10,6 +10,7 @@ #include "url.hh" #include "value-to-json.hh" #include "fetch-to-store.hh" +#include "mounted-source-accessor.hh" #include @@ -204,7 +205,7 @@ static void fetchTree( state.allowPath(storePath); - state.storePathAccessors->insert_or_assign(CanonPath(state.store->printStorePath(storePath)), accessor); + state.storeFS->mount(CanonPath(state.store->printStorePath(storePath)), accessor); emitTreeAttrs(state, storePath, input2, v, params.emptyRevFallback, false); } diff --git a/src/libfetchers/filtering-source-accessor.cc b/src/libfetchers/filtering-source-accessor.cc index c6a00faef01..10a22d0265c 100644 --- a/src/libfetchers/filtering-source-accessor.cc +++ b/src/libfetchers/filtering-source-accessor.cc @@ -20,9 +20,14 @@ bool FilteringSourceAccessor::pathExists(const CanonPath & path) } std::optional FilteringSourceAccessor::maybeLstat(const CanonPath & path) +{ + return isAllowed(path) ? next->maybeLstat(prefix / path) : std::nullopt; +} + +SourceAccessor::Stat FilteringSourceAccessor::lstat(const CanonPath & path) { checkAccess(path); - return next->maybeLstat(prefix / path); + return next->lstat(prefix / path); } SourceAccessor::DirEntries FilteringSourceAccessor::readDirectory(const CanonPath & path) diff --git a/src/libfetchers/filtering-source-accessor.hh b/src/libfetchers/filtering-source-accessor.hh index 41889cfd7d2..544b4a490e7 100644 --- a/src/libfetchers/filtering-source-accessor.hh +++ b/src/libfetchers/filtering-source-accessor.hh @@ -38,6 +38,8 @@ struct FilteringSourceAccessor : SourceAccessor bool pathExists(const CanonPath & path) override; + Stat lstat(const CanonPath & path) override; + std::optional maybeLstat(const CanonPath & path) override; DirEntries readDirectory(const CanonPath & path) override; diff --git a/src/libfetchers/git.cc b/src/libfetchers/git.cc index 6b82d9ae38b..54c66d151a2 100644 --- a/src/libfetchers/git.cc +++ b/src/libfetchers/git.cc @@ -15,6 +15,7 @@ #include "fetch-settings.hh" #include "json-utils.hh" #include "archive.hh" +#include "mounted-source-accessor.hh" #include #include diff --git a/src/libflake/flake/flake.cc b/src/libflake/flake/flake.cc index a14b55c6ae8..aa022979323 100644 --- a/src/libflake/flake/flake.cc +++ b/src/libflake/flake/flake.cc @@ -13,6 +13,7 @@ #include "value-to-json.hh" #include "local-fs-store.hh" #include "fetch-to-store.hh" +#include "mounted-source-accessor.hh" #include @@ -92,7 +93,7 @@ static StorePath copyInputToStore( state.allowPath(storePath); - state.storePathAccessors->insert_or_assign(CanonPath(state.store->printStorePath(storePath)), accessor); + state.storeFS->mount(CanonPath(state.store->printStorePath(storePath)), accessor); auto narHash = state.store->queryPathInfo(storePath)->narHash; input.attrs.insert_or_assign("narHash", narHash.to_string(HashFormat::SRI, true)); diff --git a/src/libutil/forwarding-source-accessor.hh b/src/libutil/forwarding-source-accessor.hh deleted file mode 100644 index bdba2addcb0..00000000000 --- a/src/libutil/forwarding-source-accessor.hh +++ /dev/null @@ -1,57 +0,0 @@ -#pragma once - -#include "source-accessor.hh" - -namespace nix { - -/** - * A source accessor that just forwards every operation to another - * accessor. This is not useful in itself but can be used as a - * superclass for accessors that do change some operations. - */ -struct ForwardingSourceAccessor : SourceAccessor -{ - ref next; - - ForwardingSourceAccessor(ref next) - : next(next) - { - } - - std::string readFile(const CanonPath & path) override - { - return next->readFile(path); - } - - void readFile(const CanonPath & path, Sink & sink, std::function sizeCallback) override - { - next->readFile(path, sink, sizeCallback); - } - - std::optional maybeLstat(const CanonPath & path) override - { - return next->maybeLstat(path); - } - - DirEntries readDirectory(const CanonPath & path) override - { - return next->readDirectory(path); - } - - std::string readLink(const CanonPath & path) override - { - return next->readLink(path); - } - - std::string showPath(const CanonPath & path) override - { - return next->showPath(path); - } - - std::optional getPhysicalPath(const CanonPath & path) override - { - return next->getPhysicalPath(path); - } -}; - -} diff --git a/src/libutil/meson.build b/src/libutil/meson.build index b2bc0b4ec60..f698f04dd98 100644 --- a/src/libutil/meson.build +++ b/src/libutil/meson.build @@ -215,7 +215,6 @@ headers = [config_h] + files( 'file-system.hh', 'finally.hh', 'fmt.hh', - 'forwarding-source-accessor.hh', 'fs-sink.hh', 'git.hh', 'hash.hh', @@ -225,6 +224,7 @@ headers = [config_h] + files( 'logging.hh', 'lru-cache.hh', 'memory-source-accessor.hh', + 'mounted-source-accessor.hh', 'muxable-pipe.hh', 'os-string.hh', 'pool.hh', diff --git a/src/libutil/mounted-source-accessor.cc b/src/libutil/mounted-source-accessor.cc index 79223d15573..e1442d686dd 100644 --- a/src/libutil/mounted-source-accessor.cc +++ b/src/libutil/mounted-source-accessor.cc @@ -1,12 +1,12 @@ -#include "source-accessor.hh" +#include "mounted-source-accessor.hh" namespace nix { -struct MountedSourceAccessor : SourceAccessor +struct MountedSourceAccessorImpl : MountedSourceAccessor { std::map> mounts; - MountedSourceAccessor(std::map> _mounts) + MountedSourceAccessorImpl(std::map> _mounts) : mounts(std::move(_mounts)) { displayPrefix.clear(); @@ -69,11 +69,17 @@ struct MountedSourceAccessor : SourceAccessor auto [accessor, subpath] = resolve(path); return accessor->getPhysicalPath(subpath); } + + void mount(CanonPath mountPoint, ref accessor) override + { + // FIXME: thread-safety + mounts.insert_or_assign(std::move(mountPoint), accessor); + } }; -ref makeMountedSourceAccessor(std::map> mounts) +ref makeMountedSourceAccessor(std::map> mounts) { - return make_ref(std::move(mounts)); + return make_ref(std::move(mounts)); } } diff --git a/src/libutil/mounted-source-accessor.hh b/src/libutil/mounted-source-accessor.hh new file mode 100644 index 00000000000..4e75edfafff --- /dev/null +++ b/src/libutil/mounted-source-accessor.hh @@ -0,0 +1,14 @@ +#pragma once + +#include "source-accessor.hh" + +namespace nix { + +struct MountedSourceAccessor : SourceAccessor +{ + virtual void mount(CanonPath mountPoint, ref accessor) = 0; +}; + +ref makeMountedSourceAccessor(std::map> mounts); + +} diff --git a/src/libutil/source-accessor.hh b/src/libutil/source-accessor.hh index 79ae092ac18..a069e024df1 100644 --- a/src/libutil/source-accessor.hh +++ b/src/libutil/source-accessor.hh @@ -118,7 +118,7 @@ struct SourceAccessor : std::enable_shared_from_this std::string typeString(); }; - Stat lstat(const CanonPath & path); + virtual Stat lstat(const CanonPath & path); virtual std::optional maybeLstat(const CanonPath & path) = 0; @@ -214,8 +214,6 @@ ref getFSSourceAccessor(); */ ref makeFSSourceAccessor(std::filesystem::path root); -ref makeMountedSourceAccessor(std::map> mounts); - /** * Construct an accessor that presents a "union" view of a vector of * underlying accessors. Earlier accessors take precedence over later. diff --git a/tests/functional/flakes/source-paths.sh b/tests/functional/flakes/source-paths.sh index 1eb8d618d11..10b834bc8fa 100644 --- a/tests/functional/flakes/source-paths.sh +++ b/tests/functional/flakes/source-paths.sh @@ -13,6 +13,7 @@ cat > "$repo/flake.nix" < "$repo/foo" + +expectStderr 1 nix eval "$repo#z" | grepQuiet "error: File 'foo' in the repository \"$repo\" is not tracked by Git." + +git -C "$repo" add "$repo/foo" + +[[ $(nix eval --raw "$repo#z") = foo ]] diff --git a/tests/functional/restricted.sh b/tests/functional/restricted.sh index 00ee4ddc8c2..bc42ec891d1 100755 --- a/tests/functional/restricted.sh +++ b/tests/functional/restricted.sh @@ -23,7 +23,7 @@ nix-instantiate --restrict-eval ./simple.nix -I src1=./simple.nix -I src2=./conf (! nix-instantiate --restrict-eval --eval -E 'builtins.readFile ./simple.nix') nix-instantiate --restrict-eval --eval -E 'builtins.readFile ./simple.nix' -I src=../.. -expectStderr 1 nix-instantiate --restrict-eval --eval -E 'let __nixPath = [ { prefix = "foo"; path = ./.; } ]; in builtins.readFile ' | grepQuiet "forbidden in restricted mode" +expectStderr 1 nix-instantiate --restrict-eval --eval -E 'let __nixPath = [ { prefix = "foo"; path = ./.; } ]; in builtins.readFile ' #| grepQuiet "forbidden in restricted mode" nix-instantiate --restrict-eval --eval -E 'let __nixPath = [ { prefix = "foo"; path = ./.; } ]; in builtins.readFile ' -I src=. p=$(nix eval --raw --expr "builtins.fetchurl file://${_NIX_TEST_SOURCE_DIR}/restricted.sh" --impure --restrict-eval --allowed-uris "file://${_NIX_TEST_SOURCE_DIR}") @@ -53,9 +53,9 @@ mkdir -p $TEST_ROOT/tunnel.d $TEST_ROOT/foo2 ln -sfn .. $TEST_ROOT/tunnel.d/tunnel echo foo > $TEST_ROOT/bar -expectStderr 1 nix-instantiate --restrict-eval --eval -E "let __nixPath = [ { prefix = \"foo\"; path = $TEST_ROOT/tunnel.d; } ]; in builtins.readFile " -I $TEST_ROOT/tunnel.d | grepQuiet "forbidden in restricted mode" +expectStderr 1 nix-instantiate --restrict-eval --eval -E "let __nixPath = [ { prefix = \"foo\"; path = $TEST_ROOT/tunnel.d; } ]; in builtins.readFile " -I $TEST_ROOT/tunnel.d #| grepQuiet "forbidden in restricted mode" -expectStderr 1 nix-instantiate --restrict-eval --eval -E "let __nixPath = [ { prefix = \"foo\"; path = $TEST_ROOT/tunnel.d; } ]; in builtins.readDir " -I $TEST_ROOT/tunnel.d | grepQuiet "forbidden in restricted mode" +expectStderr 1 nix-instantiate --restrict-eval --eval -E "let __nixPath = [ { prefix = \"foo\"; path = $TEST_ROOT/tunnel.d; } ]; in builtins.readDir " -I $TEST_ROOT/tunnel.d #| grepQuiet "forbidden in restricted mode" # Reading the parents of allowed paths should show only the ancestors of the allowed paths. [[ $(nix-instantiate --restrict-eval --eval -E "let __nixPath = [ { prefix = \"foo\"; path = $TEST_ROOT/tunnel.d; } ]; in builtins.readDir " -I $TEST_ROOT/tunnel.d) == '{ "tunnel.d" = "directory"; }' ]] From cb50eb0370f02ac21c17c5334249366b13bee3fd Mon Sep 17 00:00:00 2001 From: John Ericson Date: Tue, 1 Apr 2025 11:53:20 -0400 Subject: [PATCH 391/815] Bump version --- .version | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.version b/.version index 05abc552641..90efbd4e31e 100644 --- a/.version +++ b/.version @@ -1 +1 @@ -2.27.2 +2.28.0 From 5b079073c1639ebc8ddf3eef2f34d7397c94cb91 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Tue, 1 Apr 2025 18:34:08 +0200 Subject: [PATCH 392/815] Add FIXME --- src/libflake/flake/flake.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libflake/flake/flake.cc b/src/libflake/flake/flake.cc index aa022979323..d61210670c6 100644 --- a/src/libflake/flake/flake.cc +++ b/src/libflake/flake/flake.cc @@ -91,7 +91,7 @@ static StorePath copyInputToStore( { auto storePath = fetchToStore(*state.store, accessor, FetchMode::Copy, input.getName()); - state.allowPath(storePath); + state.allowPath(storePath); // FIXME: should just whitelist the entire virtual store state.storeFS->mount(CanonPath(state.store->printStorePath(storePath)), accessor); From 1564c8f9d90017ef446815d8aadbf28aaf5a5e81 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Tue, 1 Apr 2025 18:37:21 +0200 Subject: [PATCH 393/815] Fix missing file error messages from 'import' --- src/libutil/mounted-source-accessor.cc | 6 ++++++ tests/functional/flakes/source-paths.sh | 19 +++++++++++++++++-- 2 files changed, 23 insertions(+), 2 deletions(-) diff --git a/src/libutil/mounted-source-accessor.cc b/src/libutil/mounted-source-accessor.cc index e1442d686dd..c21a7104775 100644 --- a/src/libutil/mounted-source-accessor.cc +++ b/src/libutil/mounted-source-accessor.cc @@ -23,6 +23,12 @@ struct MountedSourceAccessorImpl : MountedSourceAccessor return accessor->readFile(subpath); } + Stat lstat(const CanonPath & path) override + { + auto [accessor, subpath] = resolve(path); + return accessor->lstat(subpath); + } + std::optional maybeLstat(const CanonPath & path) override { auto [accessor, subpath] = resolve(path); diff --git a/tests/functional/flakes/source-paths.sh b/tests/functional/flakes/source-paths.sh index 10b834bc8fa..e82d27c814d 100644 --- a/tests/functional/flakes/source-paths.sh +++ b/tests/functional/flakes/source-paths.sh @@ -14,6 +14,8 @@ cat > "$repo/flake.nix" < "$repo/foo" +echo 123 > "$repo/foo" expectStderr 1 nix eval "$repo#z" | grepQuiet "error: File 'foo' in the repository \"$repo\" is not tracked by Git." +expectStderr 1 nix eval "$repo#a" | grepQuiet "error: File 'foo' in the repository \"$repo\" is not tracked by Git." git -C "$repo" add "$repo/foo" -[[ $(nix eval --raw "$repo#z") = foo ]] +[[ $(nix eval --raw "$repo#z") = 123 ]] + +expectStderr 1 nix eval "$repo#b" | grepQuiet "error: path '/dir' does not exist in Git repository \"$repo\"" + +mkdir -p $repo/dir +echo 456 > $repo/dir/default.nix + +expectStderr 1 nix eval "$repo#b" | grepQuiet "error: File 'dir' in the repository \"$repo\" is not tracked by Git." + +git -C "$repo" add "$repo/dir/default.nix" + +[[ $(nix eval "$repo#b") = 456 ]] From ec4c581adcab68d2326bce9ba1a17d866374967d Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Tue, 1 Apr 2025 15:19:41 +0200 Subject: [PATCH 394/815] flake: nixpkgs: 24.11 -> nixos-unstable MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/48d12d5e70ee91fe8481378e540433a7303dbf6a?narHash=sha256-1Noao/H%2BN8nFB4Beoy8fgwrcOQLVm9o4zKW1ODaqK9E%3D' (2024-12-16) → 'github:NixOS/nixpkgs/52faf482a3889b7619003c0daec593a1912fddc1?narHash=sha256-6hl6L/tRnwubHcA4pfUUtk542wn2Om%2BD4UnDhlDW9BE%3D' (2025-03-30) (cherry picked from commit c212035d94ee4407cd19927ba33e3246a07a54d0) --- flake.lock | 8 ++++---- flake.nix | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/flake.lock b/flake.lock index ce484a67a2a..7e008fadcfa 100644 --- a/flake.lock +++ b/flake.lock @@ -63,16 +63,16 @@ }, "nixpkgs": { "locked": { - "lastModified": 1734359947, - "narHash": "sha256-1Noao/H+N8nFB4Beoy8fgwrcOQLVm9o4zKW1ODaqK9E=", + "lastModified": 1743315132, + "narHash": "sha256-6hl6L/tRnwubHcA4pfUUtk542wn2Om+D4UnDhlDW9BE=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "48d12d5e70ee91fe8481378e540433a7303dbf6a", + "rev": "52faf482a3889b7619003c0daec593a1912fddc1", "type": "github" }, "original": { "owner": "NixOS", - "ref": "release-24.11", + "ref": "nixos-unstable", "repo": "nixpkgs", "type": "github" } diff --git a/flake.nix b/flake.nix index 87f1350e000..302f1304c0e 100644 --- a/flake.nix +++ b/flake.nix @@ -1,7 +1,7 @@ { description = "The purely functional package manager"; - inputs.nixpkgs.url = "github:NixOS/nixpkgs/release-24.11"; + inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; inputs.nixpkgs-regression.url = "github:NixOS/nixpkgs/215d4d0fd80ca5163643b03a33fde804a29cc1e2"; inputs.nixpkgs-23-11.url = "github:NixOS/nixpkgs/a62e6edd6d5e1fa0329b8653c801147986f8d446"; From 36f23279bfecd0bd111fc9cce52dc3c733a70489 Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Tue, 1 Apr 2025 15:33:01 +0200 Subject: [PATCH 395/815] Format clang-format: 18.1.8 -> 19.1.7 (cherry picked from commit 55297f865c9dc938dc6c9a76ea68dd527f2ba2a8) --- src/libfetchers/git-lfs-fetch.cc | 9 +++++---- src/libstore-test-support/outputs-spec.cc | 5 +++-- 2 files changed, 8 insertions(+), 6 deletions(-) diff --git a/src/libfetchers/git-lfs-fetch.cc b/src/libfetchers/git-lfs-fetch.cc index 9f48d1e981f..f90ab8a1fd6 100644 --- a/src/libfetchers/git-lfs-fetch.cc +++ b/src/libfetchers/git-lfs-fetch.cc @@ -44,10 +44,11 @@ static void downloadToSink( static std::string getLfsApiToken(const ParsedURL & url) { - auto [status, output] = runProgram(RunOptions{ - .program = "ssh", - .args = {*url.authority, "git-lfs-authenticate", url.path, "download"}, - }); + auto [status, output] = runProgram( + RunOptions{ + .program = "ssh", + .args = {*url.authority, "git-lfs-authenticate", url.path, "download"}, + }); if (output.empty()) throw Error( diff --git a/src/libstore-test-support/outputs-spec.cc b/src/libstore-test-support/outputs-spec.cc index e1b98772043..04b24373896 100644 --- a/src/libstore-test-support/outputs-spec.cc +++ b/src/libstore-test-support/outputs-spec.cc @@ -14,8 +14,9 @@ Gen Arbitrary::arbitrary() return gen::just((OutputsSpec) OutputsSpec::All{}); case 1: return gen::map( - gen::nonEmpty(gen::container( - gen::map(gen::arbitrary(), [](StorePathName n) { return n.name; }))), + gen::nonEmpty( + gen::container( + gen::map(gen::arbitrary(), [](StorePathName n) { return n.name; }))), [](StringSet names) { return (OutputsSpec) OutputsSpec::Names{names}; }); default: assert(false); From f5731aa9a297b85d53167353ae47f97a193a5c2b Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Tue, 1 Apr 2025 16:36:47 +0200 Subject: [PATCH 396/815] tests/nixos: Work around network-online.target inactivity (cherry picked from commit 58b657b97685285b0d842c1afce03782e800cd6d) --- tests/nixos/git-submodules.nix | 6 +++--- tests/nixos/github-flakes.nix | 4 ++-- tests/nixos/nix-copy-closure.nix | 4 ++-- tests/nixos/nix-copy.nix | 4 ++-- tests/nixos/nix-docker.nix | 2 +- tests/nixos/nss-preload.nix | 4 ++-- tests/nixos/remote-builds-ssh-ng.nix | 4 ++-- tests/nixos/remote-builds.nix | 4 ++-- tests/nixos/s3-binary-cache-store.nix | 4 ++-- tests/nixos/sourcehut-flakes.nix | 4 ++-- 10 files changed, 20 insertions(+), 20 deletions(-) diff --git a/tests/nixos/git-submodules.nix b/tests/nixos/git-submodules.nix index 5b1d9ed5f5f..c6f53ada2dc 100644 --- a/tests/nixos/git-submodules.nix +++ b/tests/nixos/git-submodules.nix @@ -45,14 +45,14 @@ client.succeed("chmod 600 /root/.ssh/id_ed25519") # Install the SSH key on the builders. - client.wait_for_unit("network-online.target") + client.wait_for_unit("network-addresses-eth1.service") remote.succeed("mkdir -p -m 700 /root/.ssh") remote.copy_from_host("key.pub", "/root/.ssh/authorized_keys") remote.wait_for_unit("sshd") remote.wait_for_unit("multi-user.target") - remote.wait_for_unit("network-online.target") - client.wait_for_unit("network-online.target") + remote.wait_for_unit("network-addresses-eth1.service") + client.wait_for_unit("network-addresses-eth1.service") client.succeed(f"ssh -o StrictHostKeyChecking=no {remote.name} 'echo hello world'") remote.succeed(""" diff --git a/tests/nixos/github-flakes.nix b/tests/nixos/github-flakes.nix index dcba464a34d..30ab1f3331d 100644 --- a/tests/nixos/github-flakes.nix +++ b/tests/nixos/github-flakes.nix @@ -187,9 +187,9 @@ in github.succeed("cat /var/log/httpd/*.log >&2") github.wait_for_unit("httpd.service") - github.wait_for_unit("network-online.target") + github.wait_for_unit("network-addresses-eth1.service") - client.wait_for_unit("network-online.target") + client.wait_for_unit("network-addresses-eth1.service") client.succeed("curl -v https://github.com/ >&2") out = client.succeed("nix registry list") print(out) diff --git a/tests/nixos/nix-copy-closure.nix b/tests/nixos/nix-copy-closure.nix index b6ec856e0e4..34e3a2c7de7 100644 --- a/tests/nixos/nix-copy-closure.nix +++ b/tests/nixos/nix-copy-closure.nix @@ -70,9 +70,9 @@ in server.copy_from_host("key.pub", "/root/.ssh/authorized_keys") server.wait_for_unit("sshd") server.wait_for_unit("multi-user.target") - server.wait_for_unit("network-online.target") + server.wait_for_unit("network-addresses-eth1.service") - client.wait_for_unit("network-online.target") + client.wait_for_unit("network-addresses-eth1.service") client.succeed(f"ssh -o StrictHostKeyChecking=no {server.name} 'echo hello world'") # Copy the closure of package A from the client to the server. diff --git a/tests/nixos/nix-copy.nix b/tests/nixos/nix-copy.nix index 3565e83e71a..64de622de76 100644 --- a/tests/nixos/nix-copy.nix +++ b/tests/nixos/nix-copy.nix @@ -79,9 +79,9 @@ in server.wait_for_unit("sshd") server.wait_for_unit("multi-user.target") - server.wait_for_unit("network-online.target") + server.wait_for_unit("network-addresses-eth1.service") - client.wait_for_unit("network-online.target") + client.wait_for_unit("network-addresses-eth1.service") client.wait_for_unit("getty@tty1.service") # Either the prompt: ]# # or an OCR misreading of it: 1# diff --git a/tests/nixos/nix-docker.nix b/tests/nixos/nix-docker.nix index bd77b25c8b2..c58a00cddbb 100644 --- a/tests/nixos/nix-docker.nix +++ b/tests/nixos/nix-docker.nix @@ -61,7 +61,7 @@ in { nodes }: '' cache.wait_for_unit("harmonia.service") - cache.wait_for_unit("network-online.target") + cache.wait_for_unit("network-addresses-eth1.service") machine.succeed("mkdir -p /etc/containers") machine.succeed("""echo '{"default":[{"type":"insecureAcceptAnything"}]}' > /etc/containers/policy.json""") diff --git a/tests/nixos/nss-preload.nix b/tests/nixos/nss-preload.nix index 29cd5e6a296..d99f22208cb 100644 --- a/tests/nixos/nss-preload.nix +++ b/tests/nixos/nss-preload.nix @@ -145,7 +145,7 @@ in testScript = { nodes, ... }: '' - http_dns.wait_for_unit("network-online.target") + http_dns.wait_for_unit("network-addresses-eth1.service") http_dns.wait_for_unit("nginx") http_dns.wait_for_open_port(80) http_dns.wait_for_unit("unbound") @@ -153,7 +153,7 @@ in client.start() client.wait_for_unit('multi-user.target') - client.wait_for_unit('network-online.target') + client.wait_for_unit('network-addresses-eth1.service') with subtest("can fetch data from a remote server outside sandbox"): client.succeed("nix --version >&2") diff --git a/tests/nixos/remote-builds-ssh-ng.nix b/tests/nixos/remote-builds-ssh-ng.nix index 72652202932..c298ab92d46 100644 --- a/tests/nixos/remote-builds-ssh-ng.nix +++ b/tests/nixos/remote-builds-ssh-ng.nix @@ -102,12 +102,12 @@ in client.succeed("chmod 600 /root/.ssh/id_ed25519") # Install the SSH key on the builder. - client.wait_for_unit("network-online.target") + client.wait_for_unit("network-addresses-eth1.service") builder.succeed("mkdir -p -m 700 /root/.ssh") builder.copy_from_host("key.pub", "/root/.ssh/authorized_keys") builder.wait_for_unit("sshd") builder.wait_for_unit("multi-user.target") - builder.wait_for_unit("network-online.target") + builder.wait_for_unit("network-addresses-eth1.service") client.succeed(f"ssh -o StrictHostKeyChecking=no {builder.name} 'echo hello world'") diff --git a/tests/nixos/remote-builds.nix b/tests/nixos/remote-builds.nix index 3251984db5e..fbfff9a7dc7 100644 --- a/tests/nixos/remote-builds.nix +++ b/tests/nixos/remote-builds.nix @@ -123,12 +123,12 @@ in client.succeed("chmod 600 /root/.ssh/id_ed25519") # Install the SSH key on the builders. - client.wait_for_unit("network-online.target") + client.wait_for_unit("network-addresses-eth1.service") for builder in [builder1, builder2]: builder.succeed("mkdir -p -m 700 /root/.ssh") builder.copy_from_host("key.pub", "/root/.ssh/authorized_keys") builder.wait_for_unit("sshd") - builder.wait_for_unit("network-online.target") + builder.wait_for_unit("network-addresses-eth1.service") # Make sure the builder can handle our login correctly builder.wait_for_unit("multi-user.target") # Make sure there's no funny business on the client either diff --git a/tests/nixos/s3-binary-cache-store.nix b/tests/nixos/s3-binary-cache-store.nix index 8e480866070..fc55a27ae14 100644 --- a/tests/nixos/s3-binary-cache-store.nix +++ b/tests/nixos/s3-binary-cache-store.nix @@ -67,14 +67,14 @@ in # Create a binary cache. server.wait_for_unit("minio") - server.wait_for_unit("network-online.target") + server.wait_for_unit("network-addresses-eth1.service") server.succeed("mc config host add minio http://localhost:9000 ${accessKey} ${secretKey} --api s3v4") server.succeed("mc mb minio/my-cache") server.succeed("${env} nix copy --to '${storeUrl}' ${pkgA}") - client.wait_for_unit("network-online.target") + client.wait_for_unit("network-addresses-eth1.service") # Test fetchurl on s3:// URLs while we're at it. client.succeed("${env} nix eval --impure --expr 'builtins.fetchurl { name = \"foo\"; url = \"s3://my-cache/nix-cache-info?endpoint=http://server:9000®ion=eu-west-1\"; }'") diff --git a/tests/nixos/sourcehut-flakes.nix b/tests/nixos/sourcehut-flakes.nix index bb26b7ebbdc..61670ccf346 100644 --- a/tests/nixos/sourcehut-flakes.nix +++ b/tests/nixos/sourcehut-flakes.nix @@ -139,8 +139,8 @@ in start_all() sourcehut.wait_for_unit("httpd.service") - sourcehut.wait_for_unit("network-online.target") - client.wait_for_unit("network-online.target") + sourcehut.wait_for_unit("network-addresses-eth1.service") + client.wait_for_unit("network-addresses-eth1.service") client.succeed("curl -v https://git.sr.ht/ >&2") client.succeed("nix registry list | grep nixpkgs") From abd5909fb6692d57f991aa1f7412662d8c061755 Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Mon, 31 Mar 2025 15:16:17 +0200 Subject: [PATCH 397/815] packaging: Various improvements Co-authored-by: Mic92 (cherry picked from commit 1172e49a3a1d3debe41845170edc80f79388e3e4) --- flake.nix | 7 ++++ packaging/components.nix | 58 ++++++++++++++++++++++++++---- packaging/everything.nix | 78 ++++++++++++++++++---------------------- 3 files changed, 93 insertions(+), 50 deletions(-) diff --git a/flake.nix b/flake.nix index 302f1304c0e..bfb2c712725 100644 --- a/flake.nix +++ b/flake.nix @@ -156,6 +156,13 @@ inherit officialRelease; pkgs = final; src = self; + maintainers = with lib.maintainers; [ + edolstra + Ericson2314 + Mic92 + roberth + tomberek + ]; }; }; diff --git a/packaging/components.nix b/packaging/components.nix index 991d54241f0..cd1d219b886 100644 --- a/packaging/components.nix +++ b/packaging/components.nix @@ -3,6 +3,7 @@ pkgs, src, officialRelease, + maintainers, }: scope: @@ -110,7 +111,7 @@ let let n = lib.length finalScope.patches; in - if n == 0 then finalAttrs.version else finalAttrs.version + "+${toString n}"; + if n == 0 then prevAttrs.version else prevAttrs.version + "+${toString n}"; # Clear what `derivation` can't/shouldn't serialize; see prevAttrs.workDir. fileset = null; @@ -180,9 +181,24 @@ let mesonFlags = [ (lib.mesonBool "b_asneeded" false) ] ++ prevAttrs.mesonFlags or [ ]; }; - miscGoodPractice = finalAttrs: prevAttrs: { + nixDefaultsLayer = finalAttrs: prevAttrs: { strictDeps = prevAttrs.strictDeps or true; enableParallelBuilding = true; + pos = builtins.unsafeGetAttrPos "pname" prevAttrs; + meta = prevAttrs.meta or { } // { + homepage = prevAttrs.meta.homepage or "https://nixos.org/nix"; + longDescription = + prevAttrs.longDescription or '' + Nix is a powerful package manager for mainly Linux and other Unix systems that + makes package management reliable and reproducible. It provides atomic + upgrades and rollbacks, side-by-side installation of multiple versions of + a package, multi-user package management and easy setup of build + environments. + ''; + license = prevAttrs.meta.license or lib.licenses.lgpl21Plus; + maintainers = prevAttrs.meta.maintainers or [ ] ++ scope.maintainers; + platforms = prevAttrs.meta.platforms or (lib.platforms.unix ++ lib.platforms.windows); + }; }; /** @@ -202,6 +218,7 @@ in { version = baseVersion + versionSuffix; inherit versionSuffix; + inherit maintainers; inherit filesetToSource; @@ -237,6 +254,10 @@ in but it does make the build non-granular; all components will use a complete source. Packaging expressions will be ignored. + + Single argument: the source to use. + + See also `appendPatches` */ overrideSource = src: @@ -265,6 +286,7 @@ in } ); resolvePath = p: finalScope.patchedSrc + "/${resolveRelPath p}"; + filesetToSource = { root, fileset }: finalScope.resolvePath root; appendPatches = appendPatches finalScope; } ); @@ -281,14 +303,14 @@ in (scope.overrideSource "${./..}").appendPatches patches; mkMesonDerivation = mkPackageBuilder [ - miscGoodPractice + nixDefaultsLayer scope.sourceLayer setVersionLayer mesonLayer scope.mesonComponentOverrides ]; mkMesonExecutable = mkPackageBuilder [ - miscGoodPractice + nixDefaultsLayer bsdNoLinkAsNeeded scope.sourceLayer setVersionLayer @@ -297,7 +319,7 @@ in scope.mesonComponentOverrides ]; mkMesonLibrary = mkPackageBuilder [ - miscGoodPractice + nixDefaultsLayer bsdNoLinkAsNeeded scope.sourceLayer mesonLayer @@ -347,7 +369,7 @@ in nix-perl-bindings = callPackage ../src/perl/package.nix { }; nix-everything = callPackage ../packaging/everything.nix { } // { - # Note: no `passthru.overrideAllMesonComponents` + # Note: no `passthru.overrideAllMesonComponents` etc # This would propagate into `nix.overrideAttrs f`, but then discard # `f` when `.overrideAllMesonComponents` is used. # Both "methods" should be views on the same fixpoint overriding mechanism @@ -355,6 +377,8 @@ in # two-fixpoint solution. /** Apply an extension function (i.e. overlay-shaped) to all component derivations, and return the nix package. + + Single argument: the extension function to apply (finalAttrs: prevAttrs: { ... }) */ overrideAllMesonComponents = f: (scope.overrideAllMesonComponents f).nix-everything; @@ -363,6 +387,10 @@ in This affects all components. Changes to the packaging expressions will be ignored. + + Single argument: list of patches to apply + + See also `overrideSource` */ appendPatches = ps: (scope.appendPatches ps).nix-everything; @@ -371,8 +399,26 @@ in but it does make the build non-granular; all components will use a complete source. Packaging expressions will be ignored. + + Filesets in the packaging expressions will be ignored. + + Single argument: the source to use. + + See also `appendPatches` */ overrideSource = src: (scope.overrideSource src).nix-everything; + /** + Override any internals of the Nix package set. + + Single argument: the extension function to apply to the package set (finalScope: prevScope: { ... }) + + Example: + ``` + overrideScope (finalScope: prevScope: { aws-sdk-cpp = null; }) + ``` + */ + overrideScope = f: (scope.overrideScope f).nix-everything; + }; } diff --git a/packaging/everything.nix b/packaging/everything.nix index 2c65f209f31..1835eefb643 100644 --- a/packaging/everything.nix +++ b/packaging/everything.nix @@ -4,6 +4,8 @@ lndir, buildEnv, + maintainers, + nix-util, nix-util-c, nix-util-tests, @@ -39,6 +41,8 @@ nix-perl-bindings, testers, + + patchedSrc ? null, }: let @@ -68,48 +72,6 @@ let ; }; - dev = stdenv.mkDerivation (finalAttrs: { - name = "nix-${nix-cli.version}-dev"; - pname = "nix"; - version = nix-cli.version; - dontUnpack = true; - dontBuild = true; - libs = map lib.getDev (lib.attrValues libs); - installPhase = '' - mkdir -p $out/nix-support - echo $libs >> $out/nix-support/propagated-build-inputs - ''; - passthru = { - tests = { - pkg-config = testers.hasPkgConfigModules { - package = finalAttrs.finalPackage; - }; - }; - - # If we were to fully emulate output selection here, we'd confuse the Nix CLIs, - # because they rely on `drvPath`. - dev = finalAttrs.finalPackage.out; - - libs = throw "`nix.dev.libs` is not meant to be used; use `nix.libs` instead."; - }; - meta = { - mainProgram = "nix"; - pkgConfigModules = [ - "nix-cmd" - "nix-expr" - "nix-expr-c" - "nix-fetchers" - "nix-flake" - "nix-flake-c" - "nix-main" - "nix-main-c" - "nix-store" - "nix-store-c" - "nix-util" - "nix-util-c" - ]; - }; - }); devdoc = buildEnv { name = "nix-${nix-cli.version}-devdoc"; paths = [ @@ -192,10 +154,15 @@ stdenv.mkDerivation (finalAttrs: { devPaths = lib.mapAttrsToList (_k: lib.getDev) finalAttrs.finalPackage.libs; in '' - mkdir -p $out $dev + mkdir -p $out $dev/nix-support + + # Custom files + echo $libs >> $dev/nix-support/propagated-build-inputs + echo ${nix-cli} ${lib.escapeShellArgs devPaths} >> $dev/nix-support/propagated-build-inputs # Merged outputs lndir ${nix-cli} $out + for lib in ${lib.escapeShellArgs devPaths}; do lndir $lib $dev done @@ -207,6 +174,7 @@ stdenv.mkDerivation (finalAttrs: { passthru = { inherit (nix-cli) version; + src = patchedSrc; /** These are the libraries that are part of the Nix project. They are used @@ -248,7 +216,29 @@ stdenv.mkDerivation (finalAttrs: { meta = { mainProgram = "nix"; description = "The Nix package manager"; - pkgConfigModules = dev.meta.pkgConfigModules; + longDescription = nix-cli.meta.longDescription; + homepage = nix-cli.meta.homepage; + license = nix-cli.meta.license; + maintainers = maintainers; + platforms = nix-cli.meta.platforms; + outputsToInstall = [ + "out" + "man" + ]; + pkgConfigModules = [ + "nix-cmd" + "nix-expr" + "nix-expr-c" + "nix-fetchers" + "nix-flake" + "nix-flake-c" + "nix-main" + "nix-main-c" + "nix-store" + "nix-store-c" + "nix-util" + "nix-util-c" + ]; }; }) From c908eef782060c25c2a3e2adb0b3d2f76e5160fc Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Mon, 31 Mar 2025 15:17:32 +0200 Subject: [PATCH 398/815] packaging: `finalAttrs.doCheck` -> `finalAttrs.finalPackage.doCheck` This includes the logic that disables checks on cross appropriately. Co-authored-by: Peder Bergebakken Sundt (cherry picked from commit 27d71b21fc417595b9f9697d8b6cef66dc633121) --- src/perl/package.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/perl/package.nix b/src/perl/package.nix index d95d13aa921..5841570cd09 100644 --- a/src/perl/package.nix +++ b/src/perl/package.nix @@ -31,7 +31,7 @@ perl.pkgs.toPerlModule ( ./meson.build ./meson.options ] - ++ lib.optionals finalAttrs.doCheck [ + ++ lib.optionals finalAttrs.finalPackage.doCheck [ ./.yath.rc.in ./t ] @@ -70,7 +70,7 @@ perl.pkgs.toPerlModule ( mesonFlags = [ (lib.mesonOption "dbi_path" "${perlPackages.DBI}/${perl.libPrefix}") (lib.mesonOption "dbd_sqlite_path" "${perlPackages.DBDSQLite}/${perl.libPrefix}") - (lib.mesonEnable "tests" finalAttrs.doCheck) + (lib.mesonEnable "tests" finalAttrs.finalPackage.doCheck) ]; mesonCheckFlags = [ From 4e0346dcc15d7ffd8795e6364e2b81f29412f201 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Tue, 1 Apr 2025 20:46:26 +0200 Subject: [PATCH 399/815] Restore 'forbidden in restricted mode' errors --- src/libexpr/eval.cc | 10 ++++++++++ tests/functional/restricted.sh | 6 +++--- 2 files changed, 13 insertions(+), 3 deletions(-) diff --git a/src/libexpr/eval.cc b/src/libexpr/eval.cc index 0ad12b9b5be..9b9aabf7e6e 100644 --- a/src/libexpr/eval.cc +++ b/src/libexpr/eval.cc @@ -3073,6 +3073,11 @@ SourcePath EvalState::findFile(const LookupPath & lookupPath, const std::string_ auto res = (r / CanonPath(suffix)).resolveSymlinks(); if (res.pathExists()) return res; + + // Backward compatibility hack: throw an exception if access + // to this path is not allowed. + if (auto accessor = res.accessor.dynamic_pointer_cast()) + accessor->checkAccess(res.path); } if (hasPrefix(path, "nix/")) @@ -3143,6 +3148,11 @@ std::optional EvalState::resolveLookupPathPath(const LookupPath::Pat if (path.resolveSymlinks().pathExists()) return finish(std::move(path)); else { + // Backward compatibility hack: throw an exception if access + // to this path is not allowed. + if (auto accessor = path.accessor.dynamic_pointer_cast()) + accessor->checkAccess(path.path); + logWarning({ .msg = HintFmt("Nix search path entry '%1%' does not exist, ignoring", value) }); diff --git a/tests/functional/restricted.sh b/tests/functional/restricted.sh index bc42ec891d1..00ee4ddc8c2 100755 --- a/tests/functional/restricted.sh +++ b/tests/functional/restricted.sh @@ -23,7 +23,7 @@ nix-instantiate --restrict-eval ./simple.nix -I src1=./simple.nix -I src2=./conf (! nix-instantiate --restrict-eval --eval -E 'builtins.readFile ./simple.nix') nix-instantiate --restrict-eval --eval -E 'builtins.readFile ./simple.nix' -I src=../.. -expectStderr 1 nix-instantiate --restrict-eval --eval -E 'let __nixPath = [ { prefix = "foo"; path = ./.; } ]; in builtins.readFile ' #| grepQuiet "forbidden in restricted mode" +expectStderr 1 nix-instantiate --restrict-eval --eval -E 'let __nixPath = [ { prefix = "foo"; path = ./.; } ]; in builtins.readFile ' | grepQuiet "forbidden in restricted mode" nix-instantiate --restrict-eval --eval -E 'let __nixPath = [ { prefix = "foo"; path = ./.; } ]; in builtins.readFile ' -I src=. p=$(nix eval --raw --expr "builtins.fetchurl file://${_NIX_TEST_SOURCE_DIR}/restricted.sh" --impure --restrict-eval --allowed-uris "file://${_NIX_TEST_SOURCE_DIR}") @@ -53,9 +53,9 @@ mkdir -p $TEST_ROOT/tunnel.d $TEST_ROOT/foo2 ln -sfn .. $TEST_ROOT/tunnel.d/tunnel echo foo > $TEST_ROOT/bar -expectStderr 1 nix-instantiate --restrict-eval --eval -E "let __nixPath = [ { prefix = \"foo\"; path = $TEST_ROOT/tunnel.d; } ]; in builtins.readFile " -I $TEST_ROOT/tunnel.d #| grepQuiet "forbidden in restricted mode" +expectStderr 1 nix-instantiate --restrict-eval --eval -E "let __nixPath = [ { prefix = \"foo\"; path = $TEST_ROOT/tunnel.d; } ]; in builtins.readFile " -I $TEST_ROOT/tunnel.d | grepQuiet "forbidden in restricted mode" -expectStderr 1 nix-instantiate --restrict-eval --eval -E "let __nixPath = [ { prefix = \"foo\"; path = $TEST_ROOT/tunnel.d; } ]; in builtins.readDir " -I $TEST_ROOT/tunnel.d #| grepQuiet "forbidden in restricted mode" +expectStderr 1 nix-instantiate --restrict-eval --eval -E "let __nixPath = [ { prefix = \"foo\"; path = $TEST_ROOT/tunnel.d; } ]; in builtins.readDir " -I $TEST_ROOT/tunnel.d | grepQuiet "forbidden in restricted mode" # Reading the parents of allowed paths should show only the ancestors of the allowed paths. [[ $(nix-instantiate --restrict-eval --eval -E "let __nixPath = [ { prefix = \"foo\"; path = $TEST_ROOT/tunnel.d; } ]; in builtins.readDir " -I $TEST_ROOT/tunnel.d) == '{ "tunnel.d" = "directory"; }' ]] From 25262931711b64b3e5c1067a66b8f6b15872e61d Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Tue, 1 Apr 2025 20:52:27 +0200 Subject: [PATCH 400/815] shellcheck --- tests/functional/flakes/source-paths.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/functional/flakes/source-paths.sh b/tests/functional/flakes/source-paths.sh index e82d27c814d..5318806ceac 100644 --- a/tests/functional/flakes/source-paths.sh +++ b/tests/functional/flakes/source-paths.sh @@ -47,8 +47,8 @@ git -C "$repo" add "$repo/foo" expectStderr 1 nix eval "$repo#b" | grepQuiet "error: path '/dir' does not exist in Git repository \"$repo\"" -mkdir -p $repo/dir -echo 456 > $repo/dir/default.nix +mkdir -p "$repo/dir" +echo 456 > "$repo/dir/default.nix" expectStderr 1 nix eval "$repo#b" | grepQuiet "error: File 'dir' in the repository \"$repo\" is not tracked by Git." From fb7bcdd5543c7deb06cb2e65edd8ca6c895716ec Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Tue, 1 Apr 2025 22:56:14 +0200 Subject: [PATCH 401/815] Make Git error messages more consistent --- src/libfetchers/git.cc | 4 ++-- tests/functional/flakes/source-paths.sh | 14 +++++++------- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/src/libfetchers/git.cc b/src/libfetchers/git.cc index 54c66d151a2..e182740d668 100644 --- a/src/libfetchers/git.cc +++ b/src/libfetchers/git.cc @@ -538,7 +538,7 @@ struct GitInputScheme : InputScheme return [repoPath{std::move(repoPath)}](const CanonPath & path) -> RestrictedPathError { if (nix::pathExists(repoPath / path.rel())) return RestrictedPathError( - "File '%1%' in the repository %2% is not tracked by Git.\n" + "Path '%1%' in the repository %2% is not tracked by Git.\n" "\n" "To make it visible to Nix, run:\n" "\n" @@ -546,7 +546,7 @@ struct GitInputScheme : InputScheme path.rel(), repoPath); else - return RestrictedPathError("path '%s' does not exist in Git repository %s", path, repoPath); + return RestrictedPathError("Path '%s' does not exist in Git repository %s.", path.rel(), repoPath); }; } diff --git a/tests/functional/flakes/source-paths.sh b/tests/functional/flakes/source-paths.sh index 5318806ceac..3aa3683c27c 100644 --- a/tests/functional/flakes/source-paths.sh +++ b/tests/functional/flakes/source-paths.sh @@ -20,7 +20,7 @@ cat > "$repo/flake.nix" < "$repo/foo" -expectStderr 1 nix eval "$repo#z" | grepQuiet "error: File 'foo' in the repository \"$repo\" is not tracked by Git." -expectStderr 1 nix eval "$repo#a" | grepQuiet "error: File 'foo' in the repository \"$repo\" is not tracked by Git." +expectStderr 1 nix eval "$repo#z" | grepQuiet "error: Path 'foo' in the repository \"$repo\" is not tracked by Git." +expectStderr 1 nix eval "$repo#a" | grepQuiet "error: Path 'foo' in the repository \"$repo\" is not tracked by Git." git -C "$repo" add "$repo/foo" [[ $(nix eval --raw "$repo#z") = 123 ]] -expectStderr 1 nix eval "$repo#b" | grepQuiet "error: path '/dir' does not exist in Git repository \"$repo\"" +expectStderr 1 nix eval "$repo#b" | grepQuiet "error: Path 'dir' does not exist in Git repository \"$repo\"." mkdir -p "$repo/dir" echo 456 > "$repo/dir/default.nix" -expectStderr 1 nix eval "$repo#b" | grepQuiet "error: File 'dir' in the repository \"$repo\" is not tracked by Git." +expectStderr 1 nix eval "$repo#b" | grepQuiet "error: Path 'dir' in the repository \"$repo\" is not tracked by Git." git -C "$repo" add "$repo/dir/default.nix" From 2bb85049db815c172a9152f7d22e9f1c16f93271 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Tue, 1 Apr 2025 22:41:41 +0000 Subject: [PATCH 402/815] Prepare release v3.2.0 From 1d65af83fd23214b49772664e22dfab5e3511399 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Tue, 1 Apr 2025 22:41:44 +0000 Subject: [PATCH 403/815] Set .version-determinate to 3.2.0 --- .version-determinate | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.version-determinate b/.version-determinate index 94ff29cc4de..944880fa15e 100644 --- a/.version-determinate +++ b/.version-determinate @@ -1 +1 @@ -3.1.1 +3.2.0 From 8b448c841e15368f060aa9042663aece90d0f170 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 31 Mar 2025 15:03:57 +0200 Subject: [PATCH 404/815] Throw CachedEvalError if a cached value exists but has type "failed" Otherwise you get unhelpful errors like error: 'apps' is not an attribute set Fixes #12762. (cherry picked from commit 8b438fccb4fce1e8c06136ff9f9bae324911c193) --- src/libexpr/eval-cache.cc | 29 ++++++++++++++------------- src/libexpr/include/nix/eval-cache.hh | 8 ++++++++ 2 files changed, 23 insertions(+), 14 deletions(-) diff --git a/src/libexpr/eval-cache.cc b/src/libexpr/eval-cache.cc index f35c332c986..5b238bddb40 100644 --- a/src/libexpr/eval-cache.cc +++ b/src/libexpr/eval-cache.cc @@ -418,6 +418,14 @@ Value & AttrCursor::getValue() return **_value; } +void AttrCursor::fetchCachedValue() +{ + if (!cachedValue) + cachedValue = root->db->getAttr(getKey()); + if (cachedValue && std::get_if(&cachedValue->second) && parent) + throw CachedEvalError(ref(parent->first), parent->second); +} + std::vector AttrCursor::getAttrPath() const { if (parent) { @@ -494,8 +502,7 @@ Suggestions AttrCursor::getSuggestionsForAttr(Symbol name) std::shared_ptr AttrCursor::maybeGetAttr(Symbol name) { if (root->db) { - if (!cachedValue) - cachedValue = root->db->getAttr(getKey()); + fetchCachedValue(); if (cachedValue) { if (auto attrs = std::get_if>(&cachedValue->second)) { @@ -585,8 +592,7 @@ OrSuggestions> AttrCursor::findAlongAttrPath(const std::vectordb) { - if (!cachedValue) - cachedValue = root->db->getAttr(getKey()); + fetchCachedValue(); if (cachedValue && !std::get_if(&cachedValue->second)) { if (auto s = std::get_if(&cachedValue->second)) { debug("using cached string attribute '%s'", getAttrPathStr()); @@ -607,8 +613,7 @@ std::string AttrCursor::getString() string_t AttrCursor::getStringWithContext() { if (root->db) { - if (!cachedValue) - cachedValue = root->db->getAttr(getKey()); + fetchCachedValue(); if (cachedValue && !std::get_if(&cachedValue->second)) { if (auto s = std::get_if(&cachedValue->second)) { bool valid = true; @@ -654,8 +659,7 @@ string_t AttrCursor::getStringWithContext() bool AttrCursor::getBool() { if (root->db) { - if (!cachedValue) - cachedValue = root->db->getAttr(getKey()); + fetchCachedValue(); if (cachedValue && !std::get_if(&cachedValue->second)) { if (auto b = std::get_if(&cachedValue->second)) { debug("using cached Boolean attribute '%s'", getAttrPathStr()); @@ -676,8 +680,7 @@ bool AttrCursor::getBool() NixInt AttrCursor::getInt() { if (root->db) { - if (!cachedValue) - cachedValue = root->db->getAttr(getKey()); + fetchCachedValue(); if (cachedValue && !std::get_if(&cachedValue->second)) { if (auto i = std::get_if(&cachedValue->second)) { debug("using cached integer attribute '%s'", getAttrPathStr()); @@ -698,8 +701,7 @@ NixInt AttrCursor::getInt() std::vector AttrCursor::getListOfStrings() { if (root->db) { - if (!cachedValue) - cachedValue = root->db->getAttr(getKey()); + fetchCachedValue(); if (cachedValue && !std::get_if(&cachedValue->second)) { if (auto l = std::get_if>(&cachedValue->second)) { debug("using cached list of strings attribute '%s'", getAttrPathStr()); @@ -731,8 +733,7 @@ std::vector AttrCursor::getListOfStrings() std::vector AttrCursor::getAttrs() { if (root->db) { - if (!cachedValue) - cachedValue = root->db->getAttr(getKey()); + fetchCachedValue(); if (cachedValue && !std::get_if(&cachedValue->second)) { if (auto attrs = std::get_if>(&cachedValue->second)) { debug("using cached attrset attribute '%s'", getAttrPathStr()); diff --git a/src/libexpr/include/nix/eval-cache.hh b/src/libexpr/include/nix/eval-cache.hh index 899ae715b88..4dd2e0332af 100644 --- a/src/libexpr/include/nix/eval-cache.hh +++ b/src/libexpr/include/nix/eval-cache.hh @@ -99,6 +99,14 @@ class AttrCursor : public std::enable_shared_from_this Value & getValue(); + /** + * If `cachedValue` is unset, try to initialize it from the + * database. It is not an error if it does not exist. Throw a + * `CachedEvalError` exception if it does exist but has type + * `AttrType::Failed`. + */ + void fetchCachedValue(); + public: AttrCursor( From 64fb6ab435cd32b4101c75833f7905d48ebfabfa Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 31 Mar 2025 15:14:10 +0200 Subject: [PATCH 405/815] AttrCursor::Parent: shared_ptr -> ref (cherry picked from commit 5a357459497c5111207fba63af21e5cdd6a945c0) --- src/libexpr/eval-cache.cc | 8 ++++---- src/libexpr/include/nix/eval-cache.hh | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/src/libexpr/eval-cache.cc b/src/libexpr/eval-cache.cc index 5b238bddb40..5491f5d4c0f 100644 --- a/src/libexpr/eval-cache.cc +++ b/src/libexpr/eval-cache.cc @@ -423,7 +423,7 @@ void AttrCursor::fetchCachedValue() if (!cachedValue) cachedValue = root->db->getAttr(getKey()); if (cachedValue && std::get_if(&cachedValue->second) && parent) - throw CachedEvalError(ref(parent->first), parent->second); + throw CachedEvalError(parent->first, parent->second); } std::vector AttrCursor::getAttrPath() const @@ -508,7 +508,7 @@ std::shared_ptr AttrCursor::maybeGetAttr(Symbol name) if (auto attrs = std::get_if>(&cachedValue->second)) { for (auto & attr : *attrs) if (attr == name) - return std::make_shared(root, std::make_pair(shared_from_this(), attr)); + return std::make_shared(root, std::make_pair(ref(shared_from_this()), attr)); return nullptr; } else if (std::get_if(&cachedValue->second)) { auto attr = root->db->getAttr({cachedValue->first, name}); @@ -519,7 +519,7 @@ std::shared_ptr AttrCursor::maybeGetAttr(Symbol name) throw CachedEvalError(ref(shared_from_this()), name); else return std::make_shared(root, - std::make_pair(shared_from_this(), name), nullptr, std::move(attr)); + std::make_pair(ref(shared_from_this()), name), nullptr, std::move(attr)); } // Incomplete attrset, so need to fall thru and // evaluate to see whether 'name' exists @@ -554,7 +554,7 @@ std::shared_ptr AttrCursor::maybeGetAttr(Symbol name) } return make_ref( - root, std::make_pair(shared_from_this(), name), attr->value, std::move(cachedValue2)); + root, std::make_pair(ref(shared_from_this()), name), attr->value, std::move(cachedValue2)); } std::shared_ptr AttrCursor::maybeGetAttr(std::string_view name) diff --git a/src/libexpr/include/nix/eval-cache.hh b/src/libexpr/include/nix/eval-cache.hh index 4dd2e0332af..2d70aa99e37 100644 --- a/src/libexpr/include/nix/eval-cache.hh +++ b/src/libexpr/include/nix/eval-cache.hh @@ -90,7 +90,7 @@ class AttrCursor : public std::enable_shared_from_this friend struct CachedEvalError; ref root; - typedef std::optional, Symbol>> Parent; + using Parent = std::optional, Symbol>>; Parent parent; RootValue _value; std::optional> cachedValue; From 0c677773967caa52ee41fb41d9d4818ff8bae859 Mon Sep 17 00:00:00 2001 From: John Ericson Date: Mon, 31 Mar 2025 16:38:20 -0400 Subject: [PATCH 406/815] Expose the nix component in header include paths For example, instead of doing #include "nix/store-config.hh" #include "nix/derived-path.hh" Now do #include "nix/store/config.hh" #include "nix/store/derived-path.hh" This was originally planned in the issue, and also recent requested by Eelco. Most of the change is purely mechanical. There is just one small additional issue. See how, in the example above, we took this opportunity to also turn `-config.hh` into `/config.hh`. Well, there was already a `nix/util/config.{cc,hh}`. Even though there is not a public configuration header for libutil (which also would be called `nix/util/config.{cc,hh}`) that's still confusing, To avoid any such confusion, we renamed that to `nix/util/configuration.{cc,hh}`. Finally, note that the libflake headers already did this, so we didn't need to do anything to them. We wouldn't want to mistakenly get `nix/flake/flake/flake.hh`! Progress on #7876 (cherry picked from commit cc24766fa6af4eb4ec8c54af6b0990bc25c19715) --- doc/manual/source/development/testing.md | 8 +- maintainers/flake-module.nix | 328 +++++++++--------- src/build-remote/build-remote.cc | 26 +- src/libcmd/built-path.cc | 8 +- src/libcmd/command-installable-value.cc | 2 +- src/libcmd/command.cc | 20 +- src/libcmd/common-eval-args.cc | 30 +- src/libcmd/editor-for.cc | 6 +- .../include/nix/{ => cmd}/built-path.hh | 4 +- .../{ => cmd}/command-installable-value.hh | 4 +- src/libcmd/include/nix/{ => cmd}/command.hh | 8 +- .../include/nix/{ => cmd}/common-eval-args.hh | 8 +- .../nix/{ => cmd}/compatibility-settings.hh | 2 +- .../include/nix/{ => cmd}/editor-for.hh | 4 +- .../nix/{ => cmd}/installable-attr-path.hh | 32 +- .../nix/{ => cmd}/installable-derived-path.hh | 2 +- .../nix/{ => cmd}/installable-flake.hh | 4 +- .../nix/{ => cmd}/installable-value.hh | 2 +- .../include/nix/{ => cmd}/installables.hh | 12 +- src/libcmd/include/nix/{ => cmd}/legacy.hh | 0 src/libcmd/include/nix/{ => cmd}/markdown.hh | 0 src/libcmd/include/nix/{ => cmd}/meson.build | 2 +- .../include/nix/{ => cmd}/misc-store-flags.hh | 4 +- .../include/nix/{ => cmd}/network-proxy.hh | 2 +- .../include/nix/{ => cmd}/repl-interacter.hh | 4 +- src/libcmd/include/nix/{ => cmd}/repl.hh | 2 +- src/libcmd/installable-attr-path.cc | 34 +- src/libcmd/installable-derived-path.cc | 4 +- src/libcmd/installable-flake.cc | 36 +- src/libcmd/installable-value.cc | 6 +- src/libcmd/installables.cc | 46 +-- src/libcmd/legacy.cc | 2 +- src/libcmd/markdown.cc | 10 +- src/libcmd/meson.build | 4 +- src/libcmd/misc-store-flags.cc | 2 +- src/libcmd/network-proxy.cc | 4 +- src/libcmd/package.nix | 2 +- src/libcmd/repl-interacter.cc | 12 +- src/libcmd/repl.cc | 52 +-- src/libexpr-c/nix_api_expr.cc | 10 +- src/libexpr-c/nix_api_expr_internal.h | 10 +- src/libexpr-c/nix_api_external.cc | 12 +- src/libexpr-c/nix_api_value.cc | 16 +- .../include/nix/{ => expr}/tests/libexpr.hh | 20 +- .../include/nix/expr/tests/meson.build | 9 + .../nix/{ => expr}/tests/nix_api_expr.hh | 2 +- .../nix/{ => expr}/tests/value/context.hh | 2 +- .../include/nix/meson.build | 9 - src/libexpr-test-support/meson.build | 4 +- src/libexpr-test-support/package.nix | 2 +- .../tests/value/context.cc | 4 +- src/libexpr-tests/derived-path.cc | 4 +- src/libexpr-tests/error_traces.cc | 2 +- src/libexpr-tests/eval.cc | 4 +- src/libexpr-tests/json.cc | 4 +- src/libexpr-tests/main.cc | 4 +- src/libexpr-tests/nix_api_expr.cc | 6 +- src/libexpr-tests/nix_api_external.cc | 4 +- src/libexpr-tests/nix_api_value.cc | 4 +- src/libexpr-tests/primops.cc | 6 +- src/libexpr-tests/search-path.cc | 2 +- src/libexpr-tests/trivial.cc | 2 +- src/libexpr-tests/value/context.cc | 6 +- src/libexpr-tests/value/print.cc | 6 +- src/libexpr-tests/value/value.cc | 4 +- src/libexpr/attr-path.cc | 4 +- src/libexpr/attr-set.cc | 4 +- src/libexpr/eval-cache.cc | 14 +- src/libexpr/eval-error.cc | 6 +- src/libexpr/eval-gc.cc | 12 +- src/libexpr/eval-settings.cc | 10 +- src/libexpr/eval.cc | 44 +-- src/libexpr/function-trace.cc | 4 +- src/libexpr/get-drvs.cc | 10 +- .../include/nix/{ => expr}/attr-path.hh | 2 +- .../include/nix/{ => expr}/attr-set.hh | 4 +- .../include/nix/{ => expr}/eval-cache.hh | 6 +- .../include/nix/{ => expr}/eval-error.hh | 4 +- src/libexpr/include/nix/{ => expr}/eval-gc.hh | 2 +- .../include/nix/{ => expr}/eval-inline.hh | 10 +- .../include/nix/{ => expr}/eval-settings.hh | 4 +- src/libexpr/include/nix/{ => expr}/eval.hh | 32 +- .../include/nix/{ => expr}/function-trace.hh | 2 +- .../include/nix/{ => expr}/gc-small-vector.hh | 2 +- .../include/nix/{ => expr}/get-drvs.hh | 4 +- .../include/nix/{ => expr}/json-to-value.hh | 2 +- .../include/nix/{ => expr}/lexer-helpers.hh | 0 .../include/nix/{ => expr}/meson.build | 4 +- src/libexpr/include/nix/{ => expr}/nixexpr.hh | 8 +- .../include/nix/{ => expr}/parser-state.hh | 2 +- src/libexpr/include/nix/{ => expr}/primops.hh | 2 +- .../include/nix/{ => expr}/print-ambiguous.hh | 2 +- .../include/nix/{ => expr}/print-options.hh | 0 src/libexpr/include/nix/{ => expr}/print.hh | 4 +- .../nix/{ => expr}/repl-exit-status.hh | 0 .../include/nix/{ => expr}/search-path.hh | 4 +- .../include/nix/{ => expr}/symbol-table.hh | 6 +- .../include/nix/{ => expr}/value-to-json.hh | 4 +- .../include/nix/{ => expr}/value-to-xml.hh | 4 +- src/libexpr/include/nix/{ => expr}/value.hh | 12 +- .../include/nix/{ => expr}/value/context.hh | 6 +- src/libexpr/json-to-value.cc | 6 +- src/libexpr/lexer-helpers.cc | 2 +- src/libexpr/lexer.l | 6 +- src/libexpr/meson.build | 4 +- src/libexpr/nixexpr.cc | 12 +- src/libexpr/package.nix | 2 +- src/libexpr/parser.y | 16 +- src/libexpr/paths.cc | 4 +- src/libexpr/primops.cc | 32 +- src/libexpr/primops/context.cc | 8 +- src/libexpr/primops/fetchClosure.cc | 10 +- src/libexpr/primops/fetchMercurial.cc | 14 +- src/libexpr/primops/fetchTree.cc | 24 +- src/libexpr/primops/fromTOML.cc | 4 +- src/libexpr/print-ambiguous.cc | 8 +- src/libexpr/print.cc | 14 +- src/libexpr/search-path.cc | 2 +- src/libexpr/value-to-json.cc | 8 +- src/libexpr/value-to-xml.cc | 8 +- src/libexpr/value/context.cc | 4 +- src/libfetchers-tests/access-tokens.cc | 8 +- src/libfetchers-tests/git-utils.cc | 10 +- src/libfetchers-tests/public-key.cc | 6 +- src/libfetchers/attrs.cc | 4 +- src/libfetchers/cache.cc | 10 +- src/libfetchers/fetch-settings.cc | 2 +- src/libfetchers/fetch-to-store.cc | 6 +- src/libfetchers/fetchers.cc | 14 +- src/libfetchers/filtering-source-accessor.cc | 2 +- src/libfetchers/git-lfs-fetch.cc | 14 +- src/libfetchers/git-utils.cc | 18 +- src/libfetchers/git.cc | 34 +- src/libfetchers/github.cc | 24 +- .../include/nix/{ => fetchers}/attrs.hh | 4 +- .../include/nix/{ => fetchers}/cache.hh | 4 +- .../nix/{ => fetchers}/fetch-settings.hh | 4 +- .../nix/{ => fetchers}/fetch-to-store.hh | 10 +- .../include/nix/{ => fetchers}/fetchers.hh | 14 +- .../filtering-source-accessor.hh | 2 +- .../nix/{ => fetchers}/git-lfs-fetch.hh | 6 +- .../include/nix/{ => fetchers}/git-utils.hh | 4 +- .../include/nix/{ => fetchers}/meson.build | 2 +- .../include/nix/{ => fetchers}/registry.hh | 4 +- .../nix/{ => fetchers}/store-path-accessor.hh | 2 +- .../include/nix/{ => fetchers}/tarball.hh | 8 +- src/libfetchers/indirect.cc | 6 +- src/libfetchers/mercurial.cc | 20 +- src/libfetchers/meson.build | 4 +- src/libfetchers/package.nix | 2 +- src/libfetchers/path.cc | 8 +- src/libfetchers/registry.cc | 14 +- src/libfetchers/store-path-accessor.cc | 4 +- src/libfetchers/tarball.cc | 22 +- src/libflake-c/nix_api_flake_internal.hh | 2 +- src/libflake-tests/flakeref.cc | 2 +- src/libflake-tests/nix_api_flake.cc | 4 +- src/libflake/flake/config.cc | 4 +- src/libflake/flake/flake-primops.cc | 2 +- src/libflake/flake/flake.cc | 26 +- src/libflake/flake/flakeref.cc | 8 +- src/libflake/flake/lockfile.cc | 6 +- .../include/nix/flake/flake-primops.hh | 2 +- src/libflake/include/nix/flake/flake.hh | 4 +- src/libflake/include/nix/flake/flakeref.hh | 8 +- src/libflake/include/nix/flake/meson.build | 11 + src/libflake/include/nix/flake/settings.hh | 2 +- src/libflake/include/nix/flake/url-name.hh | 8 +- src/libflake/include/nix/meson.build | 11 - src/libflake/meson.build | 4 +- src/libflake/package.nix | 2 +- src/libmain-c/nix_api_main.cc | 2 +- src/libmain/common-args.cc | 16 +- .../include/nix/{ => main}/common-args.hh | 4 +- src/libmain/include/nix/{ => main}/loggers.hh | 2 +- .../include/nix/{ => main}/meson.build | 2 +- src/libmain/include/nix/{ => main}/plugin.hh | 0 .../include/nix/{ => main}/progress-bar.hh | 2 +- src/libmain/include/nix/{ => main}/shared.hh | 14 +- src/libmain/loggers.cc | 6 +- src/libmain/meson.build | 4 +- src/libmain/package.nix | 2 +- src/libmain/plugin.cc | 4 +- src/libmain/progress-bar.cc | 10 +- src/libmain/shared.cc | 21 +- src/libmain/unix/stack.cc | 4 +- src/libstore-c/nix_api_store.cc | 8 +- src/libstore-c/nix_api_store_internal.h | 2 +- src/libstore-test-support/derived-path.cc | 2 +- .../include/nix/meson.build | 12 - .../nix/{ => store}/tests/derived-path.hh | 6 +- .../include/nix/{ => store}/tests/libstore.hh | 2 +- .../include/nix/store/tests/meson.build | 12 + .../nix/{ => store}/tests/nix_api_store.hh | 4 +- .../nix/{ => store}/tests/outputs-spec.hh | 4 +- .../include/nix/{ => store}/tests/path.hh | 2 +- .../include/nix/{ => store}/tests/protocol.hh | 4 +- src/libstore-test-support/meson.build | 4 +- src/libstore-test-support/outputs-spec.cc | 2 +- src/libstore-test-support/package.nix | 2 +- src/libstore-test-support/path.cc | 8 +- src/libstore-tests/common-protocol.cc | 10 +- src/libstore-tests/content-address.cc | 2 +- .../derivation-advanced-attrs.cc | 20 +- src/libstore-tests/derivation.cc | 8 +- src/libstore-tests/derived-path.cc | 4 +- src/libstore-tests/downstream-placeholder.cc | 2 +- src/libstore-tests/http-binary-cache-store.cc | 2 +- src/libstore-tests/legacy-ssh-store.cc | 2 +- .../local-binary-cache-store.cc | 2 +- src/libstore-tests/local-overlay-store.cc | 2 +- src/libstore-tests/local-store.cc | 8 +- src/libstore-tests/machines.cc | 8 +- src/libstore-tests/nar-info-disk-cache.cc | 4 +- src/libstore-tests/nar-info.cc | 8 +- src/libstore-tests/nix_api_store.cc | 4 +- src/libstore-tests/outputs-spec.cc | 2 +- src/libstore-tests/path-info.cc | 6 +- src/libstore-tests/path.cc | 10 +- src/libstore-tests/references.cc | 2 +- src/libstore-tests/s3-binary-cache-store.cc | 2 +- src/libstore-tests/serve-protocol.cc | 14 +- src/libstore-tests/ssh-store.cc | 2 +- src/libstore-tests/store-reference.cc | 8 +- src/libstore-tests/uds-remote-store.cc | 2 +- src/libstore-tests/worker-protocol.cc | 14 +- src/libstore/binary-cache-store.cc | 30 +- src/libstore/build-result.cc | 2 +- src/libstore/build/derivation-goal.cc | 36 +- .../build/drv-output-substitution-goal.cc | 10 +- src/libstore/build/entry-points.cc | 10 +- src/libstore/build/goal.cc | 4 +- src/libstore/build/substitution-goal.cc | 10 +- src/libstore/build/worker.cc | 18 +- src/libstore/builtins/buildenv.cc | 6 +- src/libstore/builtins/fetchurl.cc | 10 +- src/libstore/builtins/unpack-channel.cc | 4 +- src/libstore/common-protocol.cc | 16 +- src/libstore/common-ssh-store-config.cc | 4 +- src/libstore/content-address.cc | 6 +- src/libstore/daemon.cc | 36 +- src/libstore/derivation-options.cc | 10 +- src/libstore/derivations.cc | 22 +- src/libstore/derived-path-map.cc | 4 +- src/libstore/derived-path.cc | 8 +- src/libstore/downstream-placeholder.cc | 4 +- src/libstore/dummy-store.cc | 4 +- src/libstore/export-import.cc | 10 +- src/libstore/filetransfer.cc | 20 +- src/libstore/gc.cc | 16 +- src/libstore/globals.cc | 22 +- src/libstore/http-binary-cache-store.cc | 10 +- .../nix/{ => store}/binary-cache-store.hh | 8 +- .../include/nix/{ => store}/build-result.hh | 4 +- .../nix/{ => store}/build/derivation-goal.hh | 14 +- .../build/drv-output-substitution-goal.hh | 8 +- .../include/nix/{ => store}/build/goal.hh | 4 +- .../{ => store}/build/substitution-goal.hh | 8 +- .../include/nix/{ => store}/build/worker.hh | 10 +- .../include/nix/{ => store}/builtins.hh | 2 +- .../nix/{ => store}/builtins/buildenv.hh | 2 +- .../nix/{ => store}/common-protocol-impl.hh | 4 +- .../nix/{ => store}/common-protocol.hh | 2 +- .../{ => store}/common-ssh-store-config.hh | 2 +- .../nix/{ => store}/content-address.hh | 8 +- .../include/nix/{ => store}/daemon.hh | 4 +- .../nix/{ => store}/derivation-options.hh | 4 +- .../include/nix/{ => store}/derivations.hh | 16 +- .../nix/{ => store}/derived-path-map.hh | 4 +- .../include/nix/{ => store}/derived-path.hh | 8 +- .../nix/{ => store}/downstream-placeholder.hh | 6 +- .../include/nix/{ => store}/filetransfer.hh | 10 +- .../include/nix/{ => store}/gc-store.hh | 2 +- .../include/nix/{ => store}/globals.hh | 12 +- .../{ => store}/http-binary-cache-store.hh | 2 +- .../nix/{ => store}/indirect-root-store.hh | 2 +- src/libstore/include/nix/{ => store}/keys.hh | 2 +- .../nix/{ => store}/legacy-ssh-store.hh | 12 +- .../length-prefixed-protocol-helper.hh | 2 +- .../{ => store}/local-binary-cache-store.hh | 2 +- .../include/nix/{ => store}/local-fs-store.hh | 6 +- .../nix/{ => store}/local-overlay-store.hh | 2 +- .../include/nix/{ => store}/local-store.hh | 10 +- .../include/nix/{ => store}/log-store.hh | 2 +- .../include/nix/{ => store}/machines.hh | 4 +- .../nix/{ => store}/make-content-addressed.hh | 2 +- .../include/nix/{ => store}/meson.build | 4 +- src/libstore/include/nix/{ => store}/names.hh | 2 +- .../include/nix/{ => store}/nar-accessor.hh | 2 +- .../nix/{ => store}/nar-info-disk-cache.hh | 6 +- .../include/nix/{ => store}/nar-info.hh | 6 +- .../include/nix/{ => store}/outputs-spec.hh | 4 +- .../nix/{ => store}/parsed-derivations.hh | 4 +- .../include/nix/{ => store}/path-info.hh | 8 +- .../nix/{ => store}/path-references.hh | 4 +- .../include/nix/{ => store}/path-regex.hh | 0 .../nix/{ => store}/path-with-outputs.hh | 4 +- src/libstore/include/nix/{ => store}/path.hh | 2 +- .../include/nix/{ => store}/pathlocks.hh | 2 +- .../nix/{ => store}/posix-fs-canonicalise.hh | 4 +- .../include/nix/{ => store}/profiles.hh | 4 +- .../include/nix/{ => store}/realisation.hh | 10 +- .../nix/{ => store}/remote-fs-accessor.hh | 6 +- .../{ => store}/remote-store-connection.hh | 8 +- .../include/nix/{ => store}/remote-store.hh | 6 +- .../nix/{ => store}/s3-binary-cache-store.hh | 2 +- src/libstore/include/nix/{ => store}/s3.hh | 2 +- .../{ => store}/serve-protocol-connection.hh | 4 +- .../nix/{ => store}/serve-protocol-impl.hh | 4 +- .../include/nix/{ => store}/serve-protocol.hh | 2 +- .../include/nix/{ => store}/sqlite.hh | 2 +- .../include/nix/{ => store}/ssh-store.hh | 8 +- src/libstore/include/nix/{ => store}/ssh.hh | 6 +- .../include/nix/{ => store}/store-api.hh | 28 +- .../include/nix/{ => store}/store-cast.hh | 2 +- .../nix/{ => store}/store-dir-config.hh | 10 +- .../nix/{ => store}/store-reference.hh | 2 +- .../nix/{ => store}/uds-remote-store.hh | 6 +- .../{ => store}/worker-protocol-connection.hh | 4 +- .../nix/{ => store}/worker-protocol-impl.hh | 4 +- .../nix/{ => store}/worker-protocol.hh | 2 +- src/libstore/indirect-root-store.cc | 2 +- src/libstore/keys.cc | 6 +- src/libstore/legacy-ssh-store.cc | 28 +- .../nix/{ => store}/fchmodat2-compat.hh | 0 .../linux/include/nix/{ => store}/meson.build | 2 +- .../include/nix/{ => store}/personality.hh | 0 src/libstore/linux/meson.build | 2 +- src/libstore/linux/personality.cc | 4 +- src/libstore/local-binary-cache-store.cc | 8 +- src/libstore/local-fs-store.cc | 14 +- src/libstore/local-overlay-store.cc | 10 +- src/libstore/local-store.cc | 40 +-- src/libstore/log-store.cc | 2 +- src/libstore/machines.cc | 6 +- src/libstore/make-content-addressed.cc | 4 +- src/libstore/meson.build | 4 +- src/libstore/misc.cc | 24 +- src/libstore/names.cc | 4 +- src/libstore/nar-accessor.cc | 4 +- src/libstore/nar-info-disk-cache.cc | 12 +- src/libstore/nar-info.cc | 10 +- src/libstore/optimise-store.cc | 10 +- src/libstore/outputs-spec.cc | 10 +- src/libstore/package.nix | 6 +- src/libstore/parsed-derivations.cc | 2 +- src/libstore/path-info.cc | 10 +- src/libstore/path-references.cc | 6 +- src/libstore/path-with-outputs.cc | 6 +- src/libstore/path.cc | 2 +- src/libstore/pathlocks.cc | 8 +- src/libstore/posix-fs-canonicalise.cc | 13 +- src/libstore/profiles.cc | 10 +- src/libstore/realisation.cc | 8 +- src/libstore/remote-fs-accessor.cc | 4 +- src/libstore/remote-store.cc | 40 +-- src/libstore/s3-binary-cache-store.cc | 16 +- src/libstore/serve-protocol-connection.cc | 8 +- src/libstore/serve-protocol.cc | 16 +- src/libstore/sqlite.cc | 10 +- src/libstore/ssh-store.cc | 18 +- src/libstore/ssh.cc | 12 +- src/libstore/store-api.cc | 42 +-- src/libstore/store-reference.cc | 10 +- src/libstore/uds-remote-store.cc | 6 +- src/libstore/unix/build/child.cc | 6 +- src/libstore/unix/build/hook-instance.cc | 14 +- .../unix/build/local-derivation-goal.cc | 58 ++-- .../include/nix/{ => store}/build/child.hh | 0 .../nix/{ => store}/build/hook-instance.hh | 6 +- .../build/local-derivation-goal.hh | 6 +- .../unix/include/nix/{ => store}/meson.build | 2 +- .../unix/include/nix/{ => store}/user-lock.hh | 0 src/libstore/unix/meson.build | 2 +- src/libstore/unix/pathlocks.cc | 8 +- src/libstore/unix/user-lock.cc | 10 +- src/libstore/windows/pathlocks.cc | 10 +- src/libstore/worker-protocol-connection.cc | 8 +- src/libstore/worker-protocol.cc | 16 +- src/libutil-c/nix_api_util.cc | 6 +- src/libutil-c/nix_api_util_internal.h | 2 +- src/libutil-test-support/hash.cc | 4 +- .../include/nix/meson.build | 11 - .../nix/{ => util}/tests/characterization.hh | 6 +- .../nix/{ => util}/tests/gtest-with-params.hh | 0 .../include/nix/{ => util}/tests/hash.hh | 2 +- .../include/nix/util/tests/meson.build | 11 + .../nix/{ => util}/tests/nix_api_util.hh | 0 .../nix/{ => util}/tests/string_callback.hh | 0 .../tests/tracing-file-system-object-sink.hh | 2 +- src/libutil-test-support/meson.build | 4 +- src/libutil-test-support/package.nix | 2 +- src/libutil-test-support/string_callback.cc | 2 +- src/libutil-tests/args.cc | 4 +- src/libutil-tests/canon-path.cc | 2 +- src/libutil-tests/checked-arithmetic.cc | 4 +- src/libutil-tests/chunked-vector.cc | 2 +- src/libutil-tests/closure.cc | 2 +- src/libutil-tests/compression.cc | 2 +- src/libutil-tests/config.cc | 4 +- src/libutil-tests/executable-path.cc | 2 +- src/libutil-tests/file-content-address.cc | 2 +- src/libutil-tests/file-system.cc | 12 +- src/libutil-tests/git.cc | 6 +- src/libutil-tests/hash.cc | 2 +- src/libutil-tests/hilite.cc | 2 +- src/libutil-tests/json-utils.cc | 4 +- src/libutil-tests/logging.cc | 4 +- src/libutil-tests/lru-cache.cc | 2 +- src/libutil-tests/nix_api_util.cc | 8 +- src/libutil-tests/pool.cc | 2 +- src/libutil-tests/position.cc | 2 +- src/libutil-tests/processes.cc | 2 +- src/libutil-tests/references.cc | 2 +- src/libutil-tests/spawn.cc | 2 +- src/libutil-tests/strings.cc | 4 +- src/libutil-tests/suggestions.cc | 2 +- src/libutil-tests/terminal.cc | 8 +- src/libutil-tests/url.cc | 2 +- src/libutil-tests/util.cc | 10 +- src/libutil-tests/xml-writer.cc | 2 +- src/libutil/archive.cc | 12 +- src/libutil/args.cc | 14 +- src/libutil/canon-path.cc | 8 +- src/libutil/compression.cc | 10 +- src/libutil/compute-levels.cc | 2 +- src/libutil/config-global.cc | 2 +- src/libutil/{config.cc => configuration.cc} | 18 +- src/libutil/current-process.cc | 16 +- src/libutil/english.cc | 2 +- src/libutil/environment-variables.cc | 4 +- src/libutil/error.cc | 12 +- src/libutil/executable-path.cc | 10 +- src/libutil/exit.cc | 2 +- src/libutil/experimental-features.cc | 6 +- src/libutil/file-content-address.cc | 8 +- src/libutil/file-descriptor.cc | 6 +- src/libutil/file-system.cc | 18 +- src/libutil/fs-sink.cc | 10 +- src/libutil/git.cc | 10 +- src/libutil/hash.cc | 10 +- src/libutil/hilite.cc | 2 +- .../{ => util}/abstract-setting-to-json.hh | 4 +- .../include/nix/{ => util}/ansicolor.hh | 0 src/libutil/include/nix/{ => util}/archive.hh | 6 +- src/libutil/include/nix/{ => util}/args.hh | 6 +- .../include/nix/{ => util}/args/root.hh | 2 +- .../include/nix/{ => util}/callback.hh | 0 .../include/nix/{ => util}/canon-path.hh | 0 .../nix/{ => util}/checked-arithmetic.hh | 0 .../include/nix/{ => util}/chunked-vector.hh | 2 +- src/libutil/include/nix/{ => util}/closure.hh | 2 +- .../include/nix/{ => util}/comparator.hh | 0 .../include/nix/{ => util}/compression.hh | 6 +- .../include/nix/{ => util}/compute-levels.hh | 2 +- .../include/nix/{ => util}/config-global.hh | 2 +- .../include/nix/{ => util}/config-impl.hh | 4 +- .../nix/{config.hh => util/configuration.hh} | 4 +- .../include/nix/{ => util}/current-process.hh | 2 +- src/libutil/include/nix/{ => util}/english.hh | 0 .../nix/{ => util}/environment-variables.hh | 4 +- src/libutil/include/nix/{ => util}/error.hh | 6 +- src/libutil/include/nix/{ => util}/exec.hh | 2 +- .../include/nix/{ => util}/executable-path.hh | 2 +- src/libutil/include/nix/{ => util}/exit.hh | 0 .../nix/{ => util}/experimental-features.hh | 4 +- .../nix/{ => util}/file-content-address.hh | 2 +- .../include/nix/{ => util}/file-descriptor.hh | 4 +- .../include/nix/{ => util}/file-path-impl.hh | 0 .../include/nix/{ => util}/file-path.hh | 4 +- .../include/nix/{ => util}/file-system.hh | 10 +- src/libutil/include/nix/{ => util}/finally.hh | 0 src/libutil/include/nix/{ => util}/fmt.hh | 2 +- src/libutil/include/nix/{ => util}/fs-sink.hh | 6 +- src/libutil/include/nix/{ => util}/git.hh | 10 +- src/libutil/include/nix/{ => util}/hash.hh | 8 +- src/libutil/include/nix/{ => util}/hilite.hh | 0 .../include/nix/{ => util}/json-impls.hh | 0 .../include/nix/{ => util}/json-utils.hh | 2 +- src/libutil/include/nix/{ => util}/logging.hh | 8 +- .../include/nix/{ => util}/lru-cache.hh | 0 .../nix/{ => util}/memory-source-accessor.hh | 6 +- .../include/nix/{ => util}/meson.build | 4 +- .../include/nix/{ => util}/muxable-pipe.hh | 6 +- .../include/nix/{ => util}/os-string.hh | 0 src/libutil/include/nix/{ => util}/pool.hh | 4 +- src/libutil/include/nix/{ => util}/pos-idx.hh | 0 .../include/nix/{ => util}/pos-table.hh | 6 +- .../include/nix/{ => util}/position.hh | 2 +- .../nix/{ => util}/posix-source-accessor.hh | 2 +- .../include/nix/{ => util}/processes.hh | 10 +- src/libutil/include/nix/{ => util}/ref.hh | 0 .../include/nix/{ => util}/references.hh | 2 +- .../nix/{ => util}/regex-combinators.hh | 0 .../include/nix/{ => util}/repair-flag.hh | 0 .../include/nix/{ => util}/serialise.hh | 6 +- src/libutil/include/nix/{ => util}/signals.hh | 8 +- .../nix/{ => util}/signature/local-keys.hh | 2 +- .../nix/{ => util}/signature/signer.hh | 4 +- .../include/nix/{ => util}/source-accessor.hh | 6 +- .../include/nix/{ => util}/source-path.hh | 8 +- src/libutil/include/nix/{ => util}/split.hh | 2 +- .../include/nix/{ => util}/std-hash.hh | 0 .../include/nix/{ => util}/strings-inline.hh | 2 +- src/libutil/include/nix/{ => util}/strings.hh | 0 .../include/nix/{ => util}/suggestions.hh | 2 +- src/libutil/include/nix/{ => util}/sync.hh | 2 +- src/libutil/include/nix/{ => util}/tarfile.hh | 4 +- .../include/nix/{ => util}/terminal.hh | 0 .../include/nix/{ => util}/thread-pool.hh | 4 +- .../include/nix/{ => util}/topo-sort.hh | 2 +- src/libutil/include/nix/{ => util}/types.hh | 0 .../nix/{ => util}/unix-domain-socket.hh | 4 +- .../include/nix/{ => util}/url-parts.hh | 0 src/libutil/include/nix/{ => util}/url.hh | 2 +- src/libutil/include/nix/{ => util}/users.hh | 2 +- src/libutil/include/nix/{ => util}/util.hh | 8 +- .../include/nix/{ => util}/variant-wrapper.hh | 0 .../include/nix/{ => util}/xml-writer.hh | 0 src/libutil/json-utils.cc | 6 +- src/libutil/linux/cgroup.cc | 10 +- .../linux/include/nix/{ => util}/cgroup.hh | 2 +- .../linux/include/nix/{ => util}/meson.build | 2 +- .../include/nix/{ => util}/namespaces.hh | 2 +- src/libutil/linux/meson.build | 2 +- src/libutil/linux/namespaces.cc | 14 +- src/libutil/logging.cc | 16 +- src/libutil/memory-source-accessor.cc | 2 +- src/libutil/meson.build | 6 +- src/libutil/mounted-source-accessor.cc | 2 +- src/libutil/package.nix | 8 +- src/libutil/pos-table.cc | 2 +- src/libutil/position.cc | 2 +- src/libutil/posix-source-accessor.cc | 8 +- src/libutil/references.cc | 6 +- src/libutil/serialise.cc | 8 +- src/libutil/signature/local-keys.cc | 6 +- src/libutil/signature/signer.cc | 4 +- src/libutil/source-accessor.cc | 4 +- src/libutil/source-path.cc | 2 +- src/libutil/strings.cc | 6 +- src/libutil/suggestions.cc | 6 +- src/libutil/tarfile.cc | 8 +- src/libutil/terminal.cc | 6 +- src/libutil/thread-pool.cc | 6 +- src/libutil/union-source-accessor.cc | 2 +- src/libutil/unix-domain-socket.cc | 8 +- src/libutil/unix/environment-variables.cc | 2 +- src/libutil/unix/file-descriptor.cc | 8 +- src/libutil/unix/file-path.cc | 4 +- src/libutil/unix/file-system.cc | 2 +- .../unix/include/nix/{ => util}/meson.build | 2 +- .../unix/include/nix/{ => util}/monitor-fd.hh | 2 +- .../include/nix/{ => util}/signals-impl.hh | 10 +- src/libutil/unix/meson.build | 2 +- src/libutil/unix/muxable-pipe.cc | 6 +- src/libutil/unix/os-string.cc | 4 +- src/libutil/unix/processes.cc | 14 +- src/libutil/unix/signals.cc | 10 +- src/libutil/unix/users.cc | 8 +- src/libutil/url.cc | 10 +- src/libutil/users.cc | 8 +- src/libutil/util.cc | 8 +- src/libutil/windows/environment-variables.cc | 2 +- src/libutil/windows/file-descriptor.cc | 12 +- src/libutil/windows/file-path.cc | 6 +- src/libutil/windows/file-system.cc | 2 +- .../include/nix/{ => util}/meson.build | 2 +- .../include/nix/{ => util}/signals-impl.hh | 2 +- .../nix/{ => util}/windows-async-pipe.hh | 2 +- .../include/nix/{ => util}/windows-error.hh | 2 +- src/libutil/windows/meson.build | 2 +- src/libutil/windows/muxable-pipe.cc | 8 +- src/libutil/windows/os-string.cc | 6 +- src/libutil/windows/processes.cc | 26 +- src/libutil/windows/users.cc | 10 +- src/libutil/windows/windows-async-pipe.cc | 4 +- src/libutil/windows/windows-error.cc | 2 +- src/libutil/xml-writer.cc | 2 +- src/nix-build/nix-build.cc | 38 +- src/nix-channel/nix-channel.cc | 18 +- .../nix-collect-garbage.cc | 18 +- src/nix-copy-closure/nix-copy-closure.cc | 8 +- src/nix-env/nix-env.cc | 36 +- src/nix-env/user-env.cc | 20 +- src/nix-env/user-env.hh | 2 +- src/nix-instantiate/nix-instantiate.cc | 28 +- src/nix-store/dotgraph.cc | 2 +- src/nix-store/dotgraph.hh | 2 +- src/nix-store/graphml.cc | 4 +- src/nix-store/graphml.hh | 2 +- src/nix-store/nix-store.cc | 36 +- src/nix/add-to-store.cc | 14 +- src/nix/app.cc | 20 +- src/nix/build.cc | 10 +- src/nix/bundle.cc | 14 +- src/nix/cat.cc | 6 +- src/nix/config-check.cc | 18 +- src/nix/config.cc | 10 +- src/nix/copy.cc | 8 +- src/nix/crash-handler.cc | 4 +- src/nix/derivation-add.cc | 10 +- src/nix/derivation-show.cc | 10 +- src/nix/derivation.cc | 2 +- src/nix/develop.cc | 20 +- src/nix/diff-closures.cc | 12 +- src/nix/dump-path.cc | 6 +- src/nix/edit.cc | 12 +- src/nix/env.cc | 8 +- src/nix/eval.cc | 14 +- src/nix/flake.cc | 42 +-- src/nix/fmt.cc | 6 +- src/nix/hash.cc | 20 +- src/nix/log.cc | 10 +- src/nix/ls.cc | 8 +- src/nix/main.cc | 44 +-- src/nix/make-content-addressed.cc | 8 +- src/nix/man-pages.cc | 6 +- src/nix/nar.cc | 2 +- src/nix/optimise-store.cc | 6 +- src/nix/path-from-hash-part.cc | 4 +- src/nix/path-info.cc | 12 +- src/nix/prefetch.cc | 28 +- src/nix/profile.cc | 24 +- src/nix/realisation.cc | 4 +- src/nix/registry.cc | 14 +- src/nix/repl.cc | 16 +- src/nix/run.cc | 24 +- src/nix/run.hh | 2 +- src/nix/search.cc | 28 +- src/nix/self-exe.cc | 6 +- src/nix/sigs.cc | 10 +- src/nix/store-copy-log.cc | 14 +- src/nix/store-delete.cc | 12 +- src/nix/store-gc.cc | 12 +- src/nix/store-info.cc | 8 +- src/nix/store-repair.cc | 4 +- src/nix/store.cc | 2 +- src/nix/unix/daemon.cc | 32 +- src/nix/upgrade-nix.cc | 20 +- src/nix/verify.cc | 14 +- src/nix/why-depends.cc | 8 +- src/perl/lib/Nix/Store.xs | 10 +- tests/functional/plugins/plugintest.cc | 4 +- .../functional/test-libstoreconsumer/main.cc | 6 +- 645 files changed, 2566 insertions(+), 2566 deletions(-) rename src/libcmd/include/nix/{ => cmd}/built-path.hh (97%) rename src/libcmd/include/nix/{ => cmd}/command-installable-value.hh (85%) rename src/libcmd/include/nix/{ => cmd}/command.hh (98%) rename src/libcmd/include/nix/{ => cmd}/common-eval-args.hh (91%) rename src/libcmd/include/nix/{ => cmd}/compatibility-settings.hh (97%) rename src/libcmd/include/nix/{ => cmd}/editor-for.hh (74%) rename src/libcmd/include/nix/{ => cmd}/installable-attr-path.hh (61%) rename src/libcmd/include/nix/{ => cmd}/installable-derived-path.hh (94%) rename src/libcmd/include/nix/{ => cmd}/installable-flake.hh (96%) rename src/libcmd/include/nix/{ => cmd}/installable-value.hh (98%) rename src/libcmd/include/nix/{ => cmd}/installables.hh (95%) rename src/libcmd/include/nix/{ => cmd}/legacy.hh (100%) rename src/libcmd/include/nix/{ => cmd}/markdown.hh (100%) rename src/libcmd/include/nix/{ => cmd}/meson.build (90%) rename src/libcmd/include/nix/{ => cmd}/misc-store-flags.hh (90%) rename src/libcmd/include/nix/{ => cmd}/network-proxy.hh (93%) rename src/libcmd/include/nix/{ => cmd}/repl-interacter.hh (94%) rename src/libcmd/include/nix/{ => cmd}/repl.hh (97%) rename src/libexpr-test-support/include/nix/{ => expr}/tests/libexpr.hh (93%) create mode 100644 src/libexpr-test-support/include/nix/expr/tests/meson.build rename src/libexpr-test-support/include/nix/{ => expr}/tests/nix_api_expr.hh (92%) rename src/libexpr-test-support/include/nix/{ => expr}/tests/value/context.hh (93%) delete mode 100644 src/libexpr-test-support/include/nix/meson.build rename src/libexpr/include/nix/{ => expr}/attr-path.hh (95%) rename src/libexpr/include/nix/{ => expr}/attr-set.hh (98%) rename src/libexpr/include/nix/{ => expr}/eval-cache.hh (97%) rename src/libexpr/include/nix/{ => expr}/eval-error.hh (98%) rename src/libexpr/include/nix/{ => expr}/eval-gc.hh (96%) rename src/libexpr/include/nix/{ => expr}/eval-inline.hh (96%) rename src/libexpr/include/nix/{ => expr}/eval-settings.hh (99%) rename src/libexpr/include/nix/{ => expr}/eval.hh (98%) rename src/libexpr/include/nix/{ => expr}/function-trace.hh (86%) rename src/libexpr/include/nix/{ => expr}/gc-small-vector.hh (95%) rename src/libexpr/include/nix/{ => expr}/get-drvs.hh (97%) rename src/libexpr/include/nix/{ => expr}/json-to-value.hh (87%) rename src/libexpr/include/nix/{ => expr}/lexer-helpers.hh (100%) rename src/libexpr/include/nix/{ => expr}/meson.build (90%) rename src/libexpr/include/nix/{ => expr}/nixexpr.hh (99%) rename src/libexpr/include/nix/{ => expr}/parser-state.hh (99%) rename src/libexpr/include/nix/{ => expr}/primops.hh (98%) rename src/libexpr/include/nix/{ => expr}/print-ambiguous.hh (95%) rename src/libexpr/include/nix/{ => expr}/print-options.hh (100%) rename src/libexpr/include/nix/{ => expr}/print.hh (97%) rename src/libexpr/include/nix/{ => expr}/repl-exit-status.hh (100%) rename src/libexpr/include/nix/{ => expr}/search-path.hh (97%) rename src/libexpr/include/nix/{ => expr}/symbol-table.hh (97%) rename src/libexpr/include/nix/{ => expr}/value-to-json.hh (88%) rename src/libexpr/include/nix/{ => expr}/value-to-xml.hh (79%) rename src/libexpr/include/nix/{ => expr}/value.hh (98%) rename src/libexpr/include/nix/{ => expr}/value/context.hh (94%) rename src/libfetchers/include/nix/{ => fetchers}/attrs.hh (95%) rename src/libfetchers/include/nix/{ => fetchers}/cache.hh (97%) rename src/libfetchers/include/nix/{ => fetchers}/fetch-settings.hh (98%) rename src/libfetchers/include/nix/{ => fetchers}/fetch-to-store.hh (68%) rename src/libfetchers/include/nix/{ => fetchers}/fetchers.hh (97%) rename src/libfetchers/include/nix/{ => fetchers}/filtering-source-accessor.hh (98%) rename src/libfetchers/include/nix/{ => fetchers}/git-lfs-fetch.hh (90%) rename src/libfetchers/include/nix/{ => fetchers}/git-utils.hh (97%) rename src/libfetchers/include/nix/{ => fetchers}/meson.build (84%) rename src/libfetchers/include/nix/{ => fetchers}/registry.hh (96%) rename src/libfetchers/include/nix/{ => fetchers}/store-path-accessor.hh (85%) rename src/libfetchers/include/nix/{ => fetchers}/tarball.hh (88%) create mode 100644 src/libflake/include/nix/flake/meson.build delete mode 100644 src/libflake/include/nix/meson.build rename src/libmain/include/nix/{ => main}/common-args.hh (96%) rename src/libmain/include/nix/{ => main}/loggers.hh (88%) rename src/libmain/include/nix/{ => main}/meson.build (74%) rename src/libmain/include/nix/{ => main}/plugin.hh (100%) rename src/libmain/include/nix/{ => main}/progress-bar.hh (73%) rename src/libmain/include/nix/{ => main}/shared.hh (94%) delete mode 100644 src/libstore-test-support/include/nix/meson.build rename src/libstore-test-support/include/nix/{ => store}/tests/derived-path.hh (84%) rename src/libstore-test-support/include/nix/{ => store}/tests/libstore.hh (93%) create mode 100644 src/libstore-test-support/include/nix/store/tests/meson.build rename src/libstore-test-support/include/nix/{ => store}/tests/nix_api_store.hh (96%) rename src/libstore-test-support/include/nix/{ => store}/tests/outputs-spec.hh (72%) rename src/libstore-test-support/include/nix/{ => store}/tests/path.hh (93%) rename src/libstore-test-support/include/nix/{ => store}/tests/protocol.hh (96%) rename src/libstore/include/nix/{ => store}/binary-cache-store.hh (97%) rename src/libstore/include/nix/{ => store}/build-result.hh (98%) rename src/libstore/include/nix/{ => store}/build/derivation-goal.hh (97%) rename src/libstore/include/nix/{ => store}/build/drv-output-substitution-goal.hh (88%) rename src/libstore/include/nix/{ => store}/build/goal.hh (99%) rename src/libstore/include/nix/{ => store}/build/substitution-goal.hh (93%) rename src/libstore/include/nix/{ => store}/build/worker.hh (98%) rename src/libstore/include/nix/{ => store}/builtins.hh (90%) rename src/libstore/include/nix/{ => store}/builtins/buildenv.hh (96%) rename src/libstore/include/nix/{ => store}/common-protocol-impl.hh (92%) rename src/libstore/include/nix/{ => store}/common-protocol.hh (98%) rename src/libstore/include/nix/{ => store}/common-ssh-store-config.hh (98%) rename src/libstore/include/nix/{ => store}/content-address.hh (98%) rename src/libstore/include/nix/{ => store}/daemon.hh (79%) rename src/libstore/include/nix/{ => store}/derivation-options.hh (98%) rename src/libstore/include/nix/{ => store}/derivations.hh (98%) rename src/libstore/include/nix/{ => store}/derived-path-map.hh (98%) rename src/libstore/include/nix/{ => store}/derived-path.hh (98%) rename src/libstore/include/nix/{ => store}/downstream-placeholder.hh (97%) rename src/libstore/include/nix/{ => store}/filetransfer.hh (96%) rename src/libstore/include/nix/{ => store}/gc-store.hh (99%) rename src/libstore/include/nix/{ => store}/globals.hh (99%) rename src/libstore/include/nix/{ => store}/http-binary-cache-store.hh (93%) rename src/libstore/include/nix/{ => store}/indirect-root-store.hh (98%) rename src/libstore/include/nix/{ => store}/keys.hh (64%) rename src/libstore/include/nix/{ => store}/legacy-ssh-store.hh (96%) rename src/libstore/include/nix/{ => store}/length-prefixed-protocol-helper.hh (99%) rename src/libstore/include/nix/{ => store}/local-binary-cache-store.hh (91%) rename src/libstore/include/nix/{ => store}/local-fs-store.hh (96%) rename src/libstore/include/nix/{ => store}/local-overlay-store.hh (99%) rename src/libstore/include/nix/{ => store}/local-store.hh (98%) rename src/libstore/include/nix/{ => store}/log-store.hh (94%) rename src/libstore/include/nix/{ => store}/machines.hh (97%) rename src/libstore/include/nix/{ => store}/make-content-addressed.hh (93%) rename src/libstore/include/nix/{ => store}/meson.build (96%) rename src/libstore/include/nix/{ => store}/names.hh (95%) rename src/libstore/include/nix/{ => store}/nar-accessor.hh (95%) rename src/libstore/include/nix/{ => store}/nar-info-disk-cache.hh (93%) rename src/libstore/include/nix/{ => store}/nar-info.hh (92%) rename src/libstore/include/nix/{ => store}/outputs-spec.hh (97%) rename src/libstore/include/nix/{ => store}/parsed-derivations.hh (94%) rename src/libstore/include/nix/{ => store}/path-info.hh (97%) rename src/libstore/include/nix/{ => store}/path-references.hh (89%) rename src/libstore/include/nix/{ => store}/path-regex.hh (100%) rename src/libstore/include/nix/{ => store}/path-with-outputs.hh (95%) rename src/libstore/include/nix/{ => store}/path.hh (98%) rename src/libstore/include/nix/{ => store}/pathlocks.hh (96%) rename src/libstore/include/nix/{ => store}/posix-fs-canonicalise.hh (95%) rename src/libstore/include/nix/{ => store}/profiles.hh (99%) rename src/libstore/include/nix/{ => store}/realisation.hh (96%) rename src/libstore/include/nix/{ => store}/remote-fs-accessor.hh (90%) rename src/libstore/include/nix/{ => store}/remote-store-connection.hh (90%) rename src/libstore/include/nix/{ => store}/remote-store.hh (98%) rename src/libstore/include/nix/{ => store}/s3-binary-cache-store.hh (98%) rename src/libstore/include/nix/{ => store}/s3.hh (96%) rename src/libstore/include/nix/{ => store}/serve-protocol-connection.hh (97%) rename src/libstore/include/nix/{ => store}/serve-protocol-impl.hh (94%) rename src/libstore/include/nix/{ => store}/serve-protocol.hh (99%) rename src/libstore/include/nix/{ => store}/sqlite.hh (99%) rename src/libstore/include/nix/{ => store}/ssh-store.hh (89%) rename src/libstore/include/nix/{ => store}/ssh.hh (95%) rename src/libstore/include/nix/{ => store}/store-api.hh (98%) rename src/libstore/include/nix/{ => store}/store-cast.hh (93%) rename src/libstore/include/nix/{ => store}/store-dir-config.hh (94%) rename src/libstore/include/nix/{ => store}/store-reference.hh (98%) rename src/libstore/include/nix/{ => store}/uds-remote-store.hh (94%) rename src/libstore/include/nix/{ => store}/worker-protocol-connection.hh (98%) rename src/libstore/include/nix/{ => store}/worker-protocol-impl.hh (94%) rename src/libstore/include/nix/{ => store}/worker-protocol.hh (99%) rename src/libstore/linux/include/nix/{ => store}/fchmodat2-compat.hh (100%) rename src/libstore/linux/include/nix/{ => store}/meson.build (59%) rename src/libstore/linux/include/nix/{ => store}/personality.hh (100%) rename src/libstore/unix/include/nix/{ => store}/build/child.hh (100%) rename src/libstore/unix/include/nix/{ => store}/build/hook-instance.hh (83%) rename src/libstore/unix/include/nix/{ => store}/build/local-derivation-goal.hh (98%) rename src/libstore/unix/include/nix/{ => store}/meson.build (73%) rename src/libstore/unix/include/nix/{ => store}/user-lock.hh (100%) delete mode 100644 src/libutil-test-support/include/nix/meson.build rename src/libutil-test-support/include/nix/{ => util}/tests/characterization.hh (95%) rename src/libutil-test-support/include/nix/{ => util}/tests/gtest-with-params.hh (100%) rename src/libutil-test-support/include/nix/{ => util}/tests/hash.hh (86%) create mode 100644 src/libutil-test-support/include/nix/util/tests/meson.build rename src/libutil-test-support/include/nix/{ => util}/tests/nix_api_util.hh (100%) rename src/libutil-test-support/include/nix/{ => util}/tests/string_callback.hh (100%) rename src/libutil-test-support/include/nix/{ => util}/tests/tracing-file-system-object-sink.hh (97%) rename src/libutil/{config.cc => configuration.cc} (97%) rename src/libutil/include/nix/{ => util}/abstract-setting-to-json.hh (83%) rename src/libutil/include/nix/{ => util}/ansicolor.hh (100%) rename src/libutil/include/nix/{ => util}/archive.hh (95%) rename src/libutil/include/nix/{ => util}/args.hh (99%) rename src/libutil/include/nix/{ => util}/args/root.hh (98%) rename src/libutil/include/nix/{ => util}/callback.hh (100%) rename src/libutil/include/nix/{ => util}/canon-path.hh (100%) rename src/libutil/include/nix/{ => util}/checked-arithmetic.hh (100%) rename src/libutil/include/nix/{ => util}/chunked-vector.hh (98%) rename src/libutil/include/nix/{ => util}/closure.hh (98%) rename src/libutil/include/nix/{ => util}/comparator.hh (100%) rename src/libutil/include/nix/{ => util}/compression.hh (89%) rename src/libutil/include/nix/{ => util}/compute-levels.hh (71%) rename src/libutil/include/nix/{ => util}/config-global.hh (94%) rename src/libutil/include/nix/{ => util}/config-impl.hh (98%) rename src/libutil/include/nix/{config.hh => util/configuration.hh} (99%) rename src/libutil/include/nix/{ => util}/current-process.hh (96%) rename src/libutil/include/nix/{ => util}/english.hh (100%) rename src/libutil/include/nix/{ => util}/environment-variables.hh (95%) rename src/libutil/include/nix/{ => util}/error.hh (98%) rename src/libutil/include/nix/{ => util}/exec.hh (89%) rename src/libutil/include/nix/{ => util}/executable-path.hh (98%) rename src/libutil/include/nix/{ => util}/exit.hh (100%) rename src/libutil/include/nix/{ => util}/experimental-features.hh (97%) rename src/libutil/include/nix/{ => util}/file-content-address.hh (99%) rename src/libutil/include/nix/{ => util}/file-descriptor.hh (98%) rename src/libutil/include/nix/{ => util}/file-path-impl.hh (100%) rename src/libutil/include/nix/{ => util}/file-path.hh (93%) rename src/libutil/include/nix/{ => util}/file-system.hh (98%) rename src/libutil/include/nix/{ => util}/finally.hh (100%) rename src/libutil/include/nix/{ => util}/fmt.hh (99%) rename src/libutil/include/nix/{ => util}/fs-sink.hh (96%) rename src/libutil/include/nix/{ => util}/git.hh (97%) rename src/libutil/include/nix/{ => util}/hash.hh (97%) rename src/libutil/include/nix/{ => util}/hilite.hh (100%) rename src/libutil/include/nix/{ => util}/json-impls.hh (100%) rename src/libutil/include/nix/{ => util}/json-utils.hh (99%) rename src/libutil/include/nix/{ => util}/logging.hh (98%) rename src/libutil/include/nix/{ => util}/lru-cache.hh (100%) rename src/libutil/include/nix/{ => util}/memory-source-accessor.hh (97%) rename src/libutil/include/nix/{ => util}/meson.build (95%) rename src/libutil/include/nix/{ => util}/muxable-pipe.hh (93%) rename src/libutil/include/nix/{ => util}/os-string.hh (100%) rename src/libutil/include/nix/{ => util}/pool.hh (98%) rename src/libutil/include/nix/{ => util}/pos-idx.hh (100%) rename src/libutil/include/nix/{ => util}/pos-table.hh (96%) rename src/libutil/include/nix/{ => util}/position.hh (98%) rename src/libutil/include/nix/{ => util}/posix-source-accessor.hh (98%) rename src/libutil/include/nix/{ => util}/processes.hh (94%) rename src/libutil/include/nix/{ => util}/ref.hh (100%) rename src/libutil/include/nix/{ => util}/references.hh (97%) rename src/libutil/include/nix/{ => util}/regex-combinators.hh (100%) rename src/libutil/include/nix/{ => util}/repair-flag.hh (100%) rename src/libutil/include/nix/{ => util}/serialise.hh (99%) rename src/libutil/include/nix/{ => util}/signals.hh (89%) rename src/libutil/include/nix/{ => util}/signature/local-keys.hh (98%) rename src/libutil/include/nix/{ => util}/signature/signer.hh (94%) rename src/libutil/include/nix/{ => util}/source-accessor.hh (98%) rename src/libutil/include/nix/{ => util}/source-path.hh (96%) rename src/libutil/include/nix/{ => util}/split.hh (97%) rename src/libutil/include/nix/{ => util}/std-hash.hh (100%) rename src/libutil/include/nix/{ => util}/strings-inline.hh (98%) rename src/libutil/include/nix/{ => util}/strings.hh (100%) rename src/libutil/include/nix/{ => util}/suggestions.hh (98%) rename src/libutil/include/nix/{ => util}/sync.hh (99%) rename src/libutil/include/nix/{ => util}/tarfile.hh (95%) rename src/libutil/include/nix/{ => util}/terminal.hh (100%) rename src/libutil/include/nix/{ => util}/thread-pool.hh (98%) rename src/libutil/include/nix/{ => util}/topo-sort.hh (97%) rename src/libutil/include/nix/{ => util}/types.hh (100%) rename src/libutil/include/nix/{ => util}/unix-domain-socket.hh (95%) rename src/libutil/include/nix/{ => util}/url-parts.hh (100%) rename src/libutil/include/nix/{ => util}/url.hh (98%) rename src/libutil/include/nix/{ => util}/users.hh (97%) rename src/libutil/include/nix/{ => util}/util.hh (98%) rename src/libutil/include/nix/{ => util}/variant-wrapper.hh (100%) rename src/libutil/include/nix/{ => util}/xml-writer.hh (100%) rename src/libutil/linux/include/nix/{ => util}/cgroup.hh (96%) rename src/libutil/linux/include/nix/{ => util}/meson.build (64%) rename src/libutil/linux/include/nix/{ => util}/namespaces.hh (95%) rename src/libutil/unix/include/nix/{ => util}/meson.build (66%) rename src/libutil/unix/include/nix/{ => util}/monitor-fd.hh (99%) rename src/libutil/unix/include/nix/{ => util}/signals-impl.hh (94%) rename src/libutil/windows/include/nix/{ => util}/meson.build (72%) rename src/libutil/windows/include/nix/{ => util}/signals-impl.hh (94%) rename src/libutil/windows/include/nix/{ => util}/windows-async-pipe.hh (92%) rename src/libutil/windows/include/nix/{ => util}/windows-error.hh (97%) diff --git a/doc/manual/source/development/testing.md b/doc/manual/source/development/testing.md index ebc0e27d2d4..c0b13015562 100644 --- a/doc/manual/source/development/testing.md +++ b/doc/manual/source/development/testing.md @@ -30,8 +30,8 @@ The unit tests are defined using the [googletest] and [rapidcheck] frameworks. > src > ├── libexpr > │ ├── meson.build -> │ ├── value/context.hh -> │ ├── include/nix/value/context.cc +> │ ├── include/nix/expr/value/context.hh +> │ ├── value/context.cc > │ … > │ > ├── tests @@ -46,7 +46,7 @@ The unit tests are defined using the [googletest] and [rapidcheck] frameworks. > │ │ > │ ├── libexpr-test-support > │ │ ├── meson.build -> │ │ ├── include/nix +> │ │ ├── include/nix/expr > │ │ │ ├── meson.build > │ │ │ └── tests > │ │ │ ├── value/context.hh @@ -63,7 +63,7 @@ The unit tests are defined using the [googletest] and [rapidcheck] frameworks. > ``` The tests for each Nix library (`libnixexpr`, `libnixstore`, etc..) live inside a directory `src/${library_name_without-nix}-test`. -Given an interface (header) and implementation pair in the original library, say, `src/libexpr/include/nix/value/context.hh` and `src/libexpr/value/context.cc`, we write tests for it in `src/libexpr-tests/value/context.cc`, and (possibly) declare/define additional interfaces for testing purposes in `src/libexpr-test-support/include/nix/tests/value/context.hh` and `src/libexpr-test-support/tests/value/context.cc`. +Given an interface (header) and implementation pair in the original library, say, `src/libexpr/include/nix/expr/value/context.hh` and `src/libexpr/value/context.cc`, we write tests for it in `src/libexpr-tests/value/context.cc`, and (possibly) declare/define additional interfaces for testing purposes in `src/libexpr-test-support/include/nix/expr/tests/value/context.hh` and `src/libexpr-test-support/tests/value/context.cc`. Data for unit tests is stored in a `data` subdir of the directory for each unit test executable. For example, `libnixstore` code is in `src/libstore`, and its test data is in `src/libstore-tests/data`. diff --git a/maintainers/flake-module.nix b/maintainers/flake-module.nix index 87dc1e18a04..a8c52eb4672 100644 --- a/maintainers/flake-module.nix +++ b/maintainers/flake-module.nix @@ -84,92 +84,92 @@ ''^precompiled-headers\.h$'' ''^src/build-remote/build-remote\.cc$'' ''^src/libcmd/built-path\.cc$'' - ''^src/libcmd/include/nix/built-path\.hh$'' + ''^src/libcmd/include/nix/cmd/built-path\.hh$'' ''^src/libcmd/common-eval-args\.cc$'' - ''^src/libcmd/include/nix/common-eval-args\.hh$'' + ''^src/libcmd/include/nix/cmd/common-eval-args\.hh$'' ''^src/libcmd/editor-for\.cc$'' ''^src/libcmd/installable-attr-path\.cc$'' - ''^src/libcmd/include/nix/installable-attr-path\.hh$'' + ''^src/libcmd/include/nix/cmd/installable-attr-path\.hh$'' ''^src/libcmd/installable-derived-path\.cc$'' - ''^src/libcmd/include/nix/installable-derived-path\.hh$'' + ''^src/libcmd/include/nix/cmd/installable-derived-path\.hh$'' ''^src/libcmd/installable-flake\.cc$'' - ''^src/libcmd/include/nix/installable-flake\.hh$'' + ''^src/libcmd/include/nix/cmd/installable-flake\.hh$'' ''^src/libcmd/installable-value\.cc$'' - ''^src/libcmd/include/nix/installable-value\.hh$'' + ''^src/libcmd/include/nix/cmd/installable-value\.hh$'' ''^src/libcmd/installables\.cc$'' - ''^src/libcmd/include/nix/installables\.hh$'' - ''^src/libcmd/include/nix/legacy\.hh$'' + ''^src/libcmd/include/nix/cmd/installables\.hh$'' + ''^src/libcmd/include/nix/cmd/legacy\.hh$'' ''^src/libcmd/markdown\.cc$'' ''^src/libcmd/misc-store-flags\.cc$'' ''^src/libcmd/repl-interacter\.cc$'' - ''^src/libcmd/include/nix/repl-interacter\.hh$'' + ''^src/libcmd/include/nix/cmd/repl-interacter\.hh$'' ''^src/libcmd/repl\.cc$'' - ''^src/libcmd/include/nix/repl\.hh$'' + ''^src/libcmd/include/nix/cmd/repl\.hh$'' ''^src/libexpr-c/nix_api_expr\.cc$'' ''^src/libexpr-c/nix_api_external\.cc$'' ''^src/libexpr/attr-path\.cc$'' - ''^src/libexpr/include/nix/attr-path\.hh$'' + ''^src/libexpr/include/nix/expr/attr-path\.hh$'' ''^src/libexpr/attr-set\.cc$'' - ''^src/libexpr/include/nix/attr-set\.hh$'' + ''^src/libexpr/include/nix/expr/attr-set\.hh$'' ''^src/libexpr/eval-cache\.cc$'' - ''^src/libexpr/include/nix/eval-cache\.hh$'' + ''^src/libexpr/include/nix/expr/eval-cache\.hh$'' ''^src/libexpr/eval-error\.cc$'' - ''^src/libexpr/include/nix/eval-inline\.hh$'' + ''^src/libexpr/include/nix/expr/eval-inline\.hh$'' ''^src/libexpr/eval-settings\.cc$'' - ''^src/libexpr/include/nix/eval-settings\.hh$'' + ''^src/libexpr/include/nix/expr/eval-settings\.hh$'' ''^src/libexpr/eval\.cc$'' - ''^src/libexpr/include/nix/eval\.hh$'' + ''^src/libexpr/include/nix/expr/eval\.hh$'' ''^src/libexpr/function-trace\.cc$'' - ''^src/libexpr/include/nix/gc-small-vector\.hh$'' + ''^src/libexpr/include/nix/expr/gc-small-vector\.hh$'' ''^src/libexpr/get-drvs\.cc$'' - ''^src/libexpr/include/nix/get-drvs\.hh$'' + ''^src/libexpr/include/nix/expr/get-drvs\.hh$'' ''^src/libexpr/json-to-value\.cc$'' ''^src/libexpr/nixexpr\.cc$'' - ''^src/libexpr/include/nix/nixexpr\.hh$'' - ''^src/libexpr/include/nix/parser-state\.hh$'' + ''^src/libexpr/include/nix/expr/nixexpr\.hh$'' + ''^src/libexpr/include/nix/expr/parser-state\.hh$'' ''^src/libexpr/primops\.cc$'' - ''^src/libexpr/include/nix/primops\.hh$'' + ''^src/libexpr/include/nix/expr/primops\.hh$'' ''^src/libexpr/primops/context\.cc$'' ''^src/libexpr/primops/fetchClosure\.cc$'' ''^src/libexpr/primops/fetchMercurial\.cc$'' ''^src/libexpr/primops/fetchTree\.cc$'' ''^src/libexpr/primops/fromTOML\.cc$'' ''^src/libexpr/print-ambiguous\.cc$'' - ''^src/libexpr/include/nix/print-ambiguous\.hh$'' - ''^src/libexpr/include/nix/print-options\.hh$'' + ''^src/libexpr/include/nix/expr/print-ambiguous\.hh$'' + ''^src/libexpr/include/nix/expr/print-options\.hh$'' ''^src/libexpr/print\.cc$'' - ''^src/libexpr/include/nix/print\.hh$'' + ''^src/libexpr/include/nix/expr/print\.hh$'' ''^src/libexpr/search-path\.cc$'' - ''^src/libexpr/include/nix/symbol-table\.hh$'' + ''^src/libexpr/include/nix/expr/symbol-table\.hh$'' ''^src/libexpr/value-to-json\.cc$'' - ''^src/libexpr/include/nix/value-to-json\.hh$'' + ''^src/libexpr/include/nix/expr/value-to-json\.hh$'' ''^src/libexpr/value-to-xml\.cc$'' - ''^src/libexpr/include/nix/value-to-xml\.hh$'' - ''^src/libexpr/include/nix/value\.hh$'' + ''^src/libexpr/include/nix/expr/value-to-xml\.hh$'' + ''^src/libexpr/include/nix/expr/value\.hh$'' ''^src/libexpr/value/context\.cc$'' - ''^src/libexpr/include/nix/value/context\.hh$'' + ''^src/libexpr/include/nix/expr/value/context\.hh$'' ''^src/libfetchers/attrs\.cc$'' ''^src/libfetchers/cache\.cc$'' - ''^src/libfetchers/include/nix/cache\.hh$'' + ''^src/libfetchers/include/nix/fetchers/cache\.hh$'' ''^src/libfetchers/fetch-settings\.cc$'' - ''^src/libfetchers/include/nix/fetch-settings\.hh$'' + ''^src/libfetchers/include/nix/fetchers/fetch-settings\.hh$'' ''^src/libfetchers/fetch-to-store\.cc$'' ''^src/libfetchers/fetchers\.cc$'' - ''^src/libfetchers/include/nix/fetchers\.hh$'' + ''^src/libfetchers/include/nix/fetchers/fetchers\.hh$'' ''^src/libfetchers/filtering-source-accessor\.cc$'' - ''^src/libfetchers/include/nix/filtering-source-accessor\.hh$'' + ''^src/libfetchers/include/nix/fetchers/filtering-source-accessor\.hh$'' ''^src/libfetchers/fs-source-accessor\.cc$'' ''^src/libfetchers/include/nix/fs-source-accessor\.hh$'' ''^src/libfetchers/git-utils\.cc$'' - ''^src/libfetchers/include/nix/git-utils\.hh$'' + ''^src/libfetchers/include/nix/fetchers/git-utils\.hh$'' ''^src/libfetchers/github\.cc$'' ''^src/libfetchers/indirect\.cc$'' ''^src/libfetchers/memory-source-accessor\.cc$'' ''^src/libfetchers/path\.cc$'' ''^src/libfetchers/registry\.cc$'' - ''^src/libfetchers/include/nix/registry\.hh$'' + ''^src/libfetchers/include/nix/fetchers/registry\.hh$'' ''^src/libfetchers/tarball\.cc$'' - ''^src/libfetchers/include/nix/tarball\.hh$'' + ''^src/libfetchers/include/nix/fetchers/tarball\.hh$'' ''^src/libfetchers/git\.cc$'' ''^src/libfetchers/mercurial\.cc$'' ''^src/libflake/flake/config\.cc$'' @@ -181,243 +181,243 @@ ''^src/libflake/include/nix/flake/lockfile\.hh$'' ''^src/libflake/flake/url-name\.cc$'' ''^src/libmain/common-args\.cc$'' - ''^src/libmain/include/nix/common-args\.hh$'' + ''^src/libmain/include/nix/main/common-args\.hh$'' ''^src/libmain/loggers\.cc$'' - ''^src/libmain/include/nix/loggers\.hh$'' + ''^src/libmain/include/nix/main/loggers\.hh$'' ''^src/libmain/progress-bar\.cc$'' ''^src/libmain/shared\.cc$'' - ''^src/libmain/include/nix/shared\.hh$'' + ''^src/libmain/include/nix/main/shared\.hh$'' ''^src/libmain/unix/stack\.cc$'' ''^src/libstore/binary-cache-store\.cc$'' - ''^src/libstore/include/nix/binary-cache-store\.hh$'' - ''^src/libstore/include/nix/build-result\.hh$'' - ''^src/libstore/include/nix/builtins\.hh$'' + ''^src/libstore/include/nix/store/binary-cache-store\.hh$'' + ''^src/libstore/include/nix/store/build-result\.hh$'' + ''^src/libstore/include/nix/store/builtins\.hh$'' ''^src/libstore/builtins/buildenv\.cc$'' - ''^src/libstore/include/nix/builtins/buildenv\.hh$'' - ''^src/libstore/include/nix/common-protocol-impl\.hh$'' + ''^src/libstore/include/nix/store/builtins/buildenv\.hh$'' + ''^src/libstore/include/nix/store/common-protocol-impl\.hh$'' ''^src/libstore/common-protocol\.cc$'' - ''^src/libstore/include/nix/common-protocol\.hh$'' - ''^src/libstore/include/nix/common-ssh-store-config\.hh$'' + ''^src/libstore/include/nix/store/common-protocol\.hh$'' + ''^src/libstore/include/nix/store/common-ssh-store-config\.hh$'' ''^src/libstore/content-address\.cc$'' - ''^src/libstore/include/nix/content-address\.hh$'' + ''^src/libstore/include/nix/store/content-address\.hh$'' ''^src/libstore/daemon\.cc$'' - ''^src/libstore/include/nix/daemon\.hh$'' + ''^src/libstore/include/nix/store/daemon\.hh$'' ''^src/libstore/derivations\.cc$'' - ''^src/libstore/include/nix/derivations\.hh$'' + ''^src/libstore/include/nix/store/derivations\.hh$'' ''^src/libstore/derived-path-map\.cc$'' - ''^src/libstore/include/nix/derived-path-map\.hh$'' + ''^src/libstore/include/nix/store/derived-path-map\.hh$'' ''^src/libstore/derived-path\.cc$'' - ''^src/libstore/include/nix/derived-path\.hh$'' + ''^src/libstore/include/nix/store/derived-path\.hh$'' ''^src/libstore/downstream-placeholder\.cc$'' - ''^src/libstore/include/nix/downstream-placeholder\.hh$'' + ''^src/libstore/include/nix/store/downstream-placeholder\.hh$'' ''^src/libstore/dummy-store\.cc$'' ''^src/libstore/export-import\.cc$'' ''^src/libstore/filetransfer\.cc$'' - ''^src/libstore/include/nix/filetransfer\.hh$'' - ''^src/libstore/include/nix/gc-store\.hh$'' + ''^src/libstore/include/nix/store/filetransfer\.hh$'' + ''^src/libstore/include/nix/store/gc-store\.hh$'' ''^src/libstore/globals\.cc$'' - ''^src/libstore/include/nix/globals\.hh$'' + ''^src/libstore/include/nix/store/globals\.hh$'' ''^src/libstore/http-binary-cache-store\.cc$'' ''^src/libstore/legacy-ssh-store\.cc$'' - ''^src/libstore/include/nix/legacy-ssh-store\.hh$'' - ''^src/libstore/include/nix/length-prefixed-protocol-helper\.hh$'' + ''^src/libstore/include/nix/store/legacy-ssh-store\.hh$'' + ''^src/libstore/include/nix/store/length-prefixed-protocol-helper\.hh$'' ''^src/libstore/linux/personality\.cc$'' - ''^src/libstore/linux/include/nix/personality\.hh$'' + ''^src/libstore/linux/include/nix/store/personality\.hh$'' ''^src/libstore/local-binary-cache-store\.cc$'' ''^src/libstore/local-fs-store\.cc$'' - ''^src/libstore/include/nix/local-fs-store\.hh$'' + ''^src/libstore/include/nix/store/local-fs-store\.hh$'' ''^src/libstore/log-store\.cc$'' - ''^src/libstore/include/nix/log-store\.hh$'' + ''^src/libstore/include/nix/store/log-store\.hh$'' ''^src/libstore/machines\.cc$'' - ''^src/libstore/include/nix/machines\.hh$'' + ''^src/libstore/include/nix/store/machines\.hh$'' ''^src/libstore/make-content-addressed\.cc$'' - ''^src/libstore/include/nix/make-content-addressed\.hh$'' + ''^src/libstore/include/nix/store/make-content-addressed\.hh$'' ''^src/libstore/misc\.cc$'' ''^src/libstore/names\.cc$'' - ''^src/libstore/include/nix/names\.hh$'' + ''^src/libstore/include/nix/store/names\.hh$'' ''^src/libstore/nar-accessor\.cc$'' - ''^src/libstore/include/nix/nar-accessor\.hh$'' + ''^src/libstore/include/nix/store/nar-accessor\.hh$'' ''^src/libstore/nar-info-disk-cache\.cc$'' - ''^src/libstore/include/nix/nar-info-disk-cache\.hh$'' + ''^src/libstore/include/nix/store/nar-info-disk-cache\.hh$'' ''^src/libstore/nar-info\.cc$'' - ''^src/libstore/include/nix/nar-info\.hh$'' + ''^src/libstore/include/nix/store/nar-info\.hh$'' ''^src/libstore/outputs-spec\.cc$'' - ''^src/libstore/include/nix/outputs-spec\.hh$'' + ''^src/libstore/include/nix/store/outputs-spec\.hh$'' ''^src/libstore/parsed-derivations\.cc$'' ''^src/libstore/path-info\.cc$'' - ''^src/libstore/include/nix/path-info\.hh$'' + ''^src/libstore/include/nix/store/path-info\.hh$'' ''^src/libstore/path-references\.cc$'' - ''^src/libstore/include/nix/path-regex\.hh$'' + ''^src/libstore/include/nix/store/path-regex\.hh$'' ''^src/libstore/path-with-outputs\.cc$'' ''^src/libstore/path\.cc$'' - ''^src/libstore/include/nix/path\.hh$'' + ''^src/libstore/include/nix/store/path\.hh$'' ''^src/libstore/pathlocks\.cc$'' - ''^src/libstore/include/nix/pathlocks\.hh$'' + ''^src/libstore/include/nix/store/pathlocks\.hh$'' ''^src/libstore/profiles\.cc$'' - ''^src/libstore/include/nix/profiles\.hh$'' + ''^src/libstore/include/nix/store/profiles\.hh$'' ''^src/libstore/realisation\.cc$'' - ''^src/libstore/include/nix/realisation\.hh$'' + ''^src/libstore/include/nix/store/realisation\.hh$'' ''^src/libstore/remote-fs-accessor\.cc$'' - ''^src/libstore/include/nix/remote-fs-accessor\.hh$'' - ''^src/libstore/include/nix/remote-store-connection\.hh$'' + ''^src/libstore/include/nix/store/remote-fs-accessor\.hh$'' + ''^src/libstore/include/nix/store/remote-store-connection\.hh$'' ''^src/libstore/remote-store\.cc$'' - ''^src/libstore/include/nix/remote-store\.hh$'' + ''^src/libstore/include/nix/store/remote-store\.hh$'' ''^src/libstore/s3-binary-cache-store\.cc$'' - ''^src/libstore/include/nix/s3\.hh$'' + ''^src/libstore/include/nix/store/s3\.hh$'' ''^src/libstore/serve-protocol-impl\.cc$'' - ''^src/libstore/include/nix/serve-protocol-impl\.hh$'' + ''^src/libstore/include/nix/store/serve-protocol-impl\.hh$'' ''^src/libstore/serve-protocol\.cc$'' - ''^src/libstore/include/nix/serve-protocol\.hh$'' + ''^src/libstore/include/nix/store/serve-protocol\.hh$'' ''^src/libstore/sqlite\.cc$'' - ''^src/libstore/include/nix/sqlite\.hh$'' + ''^src/libstore/include/nix/store/sqlite\.hh$'' ''^src/libstore/ssh-store\.cc$'' ''^src/libstore/ssh\.cc$'' - ''^src/libstore/include/nix/ssh\.hh$'' + ''^src/libstore/include/nix/store/ssh\.hh$'' ''^src/libstore/store-api\.cc$'' - ''^src/libstore/include/nix/store-api\.hh$'' - ''^src/libstore/include/nix/store-dir-config\.hh$'' + ''^src/libstore/include/nix/store/store-api\.hh$'' + ''^src/libstore/include/nix/store/store-dir-config\.hh$'' ''^src/libstore/build/derivation-goal\.cc$'' - ''^src/libstore/include/nix/build/derivation-goal\.hh$'' + ''^src/libstore/include/nix/store/build/derivation-goal\.hh$'' ''^src/libstore/build/drv-output-substitution-goal\.cc$'' - ''^src/libstore/include/nix/build/drv-output-substitution-goal\.hh$'' + ''^src/libstore/include/nix/store/build/drv-output-substitution-goal\.hh$'' ''^src/libstore/build/entry-points\.cc$'' ''^src/libstore/build/goal\.cc$'' - ''^src/libstore/include/nix/build/goal\.hh$'' + ''^src/libstore/include/nix/store/build/goal\.hh$'' ''^src/libstore/unix/build/hook-instance\.cc$'' ''^src/libstore/unix/build/local-derivation-goal\.cc$'' - ''^src/libstore/unix/include/nix/build/local-derivation-goal\.hh$'' + ''^src/libstore/unix/include/nix/store/build/local-derivation-goal\.hh$'' ''^src/libstore/build/substitution-goal\.cc$'' - ''^src/libstore/include/nix/build/substitution-goal\.hh$'' + ''^src/libstore/include/nix/store/build/substitution-goal\.hh$'' ''^src/libstore/build/worker\.cc$'' - ''^src/libstore/include/nix/build/worker\.hh$'' + ''^src/libstore/include/nix/store/build/worker\.hh$'' ''^src/libstore/builtins/fetchurl\.cc$'' ''^src/libstore/builtins/unpack-channel\.cc$'' ''^src/libstore/gc\.cc$'' ''^src/libstore/local-overlay-store\.cc$'' - ''^src/libstore/include/nix/local-overlay-store\.hh$'' + ''^src/libstore/include/nix/store/local-overlay-store\.hh$'' ''^src/libstore/local-store\.cc$'' - ''^src/libstore/include/nix/local-store\.hh$'' + ''^src/libstore/include/nix/store/local-store\.hh$'' ''^src/libstore/unix/user-lock\.cc$'' - ''^src/libstore/unix/include/nix/user-lock\.hh$'' + ''^src/libstore/unix/include/nix/store/user-lock\.hh$'' ''^src/libstore/optimise-store\.cc$'' ''^src/libstore/unix/pathlocks\.cc$'' ''^src/libstore/posix-fs-canonicalise\.cc$'' - ''^src/libstore/include/nix/posix-fs-canonicalise\.hh$'' + ''^src/libstore/include/nix/store/posix-fs-canonicalise\.hh$'' ''^src/libstore/uds-remote-store\.cc$'' - ''^src/libstore/include/nix/uds-remote-store\.hh$'' + ''^src/libstore/include/nix/store/uds-remote-store\.hh$'' ''^src/libstore/windows/build\.cc$'' - ''^src/libstore/include/nix/worker-protocol-impl\.hh$'' + ''^src/libstore/include/nix/store/worker-protocol-impl\.hh$'' ''^src/libstore/worker-protocol\.cc$'' - ''^src/libstore/include/nix/worker-protocol\.hh$'' + ''^src/libstore/include/nix/store/worker-protocol\.hh$'' ''^src/libutil-c/nix_api_util_internal\.h$'' ''^src/libutil/archive\.cc$'' - ''^src/libutil/include/nix/archive\.hh$'' + ''^src/libutil/include/nix/util/archive\.hh$'' ''^src/libutil/args\.cc$'' - ''^src/libutil/include/nix/args\.hh$'' - ''^src/libutil/include/nix/args/root\.hh$'' - ''^src/libutil/include/nix/callback\.hh$'' + ''^src/libutil/include/nix/util/args\.hh$'' + ''^src/libutil/include/nix/util/args/root\.hh$'' + ''^src/libutil/include/nix/util/callback\.hh$'' ''^src/libutil/canon-path\.cc$'' - ''^src/libutil/include/nix/canon-path\.hh$'' - ''^src/libutil/include/nix/chunked-vector\.hh$'' - ''^src/libutil/include/nix/closure\.hh$'' - ''^src/libutil/include/nix/comparator\.hh$'' + ''^src/libutil/include/nix/util/canon-path\.hh$'' + ''^src/libutil/include/nix/util/chunked-vector\.hh$'' + ''^src/libutil/include/nix/util/closure\.hh$'' + ''^src/libutil/include/nix/util/comparator\.hh$'' ''^src/libutil/compute-levels\.cc$'' - ''^src/libutil/include/nix/config-impl\.hh$'' - ''^src/libutil/config\.cc$'' - ''^src/libutil/include/nix/config\.hh$'' + ''^src/libutil/include/nix/util/config-impl\.hh$'' + ''^src/libutil/configuration\.cc$'' + ''^src/libutil/include/nix/util/configuration\.hh$'' ''^src/libutil/current-process\.cc$'' - ''^src/libutil/include/nix/current-process\.hh$'' + ''^src/libutil/include/nix/util/current-process\.hh$'' ''^src/libutil/english\.cc$'' - ''^src/libutil/include/nix/english\.hh$'' + ''^src/libutil/include/nix/util/english\.hh$'' ''^src/libutil/error\.cc$'' - ''^src/libutil/include/nix/error\.hh$'' - ''^src/libutil/include/nix/exit\.hh$'' + ''^src/libutil/include/nix/util/error\.hh$'' + ''^src/libutil/include/nix/util/exit\.hh$'' ''^src/libutil/experimental-features\.cc$'' - ''^src/libutil/include/nix/experimental-features\.hh$'' + ''^src/libutil/include/nix/util/experimental-features\.hh$'' ''^src/libutil/file-content-address\.cc$'' - ''^src/libutil/include/nix/file-content-address\.hh$'' + ''^src/libutil/include/nix/util/file-content-address\.hh$'' ''^src/libutil/file-descriptor\.cc$'' - ''^src/libutil/include/nix/file-descriptor\.hh$'' - ''^src/libutil/include/nix/file-path-impl\.hh$'' - ''^src/libutil/include/nix/file-path\.hh$'' + ''^src/libutil/include/nix/util/file-descriptor\.hh$'' + ''^src/libutil/include/nix/util/file-path-impl\.hh$'' + ''^src/libutil/include/nix/util/file-path\.hh$'' ''^src/libutil/file-system\.cc$'' - ''^src/libutil/include/nix/file-system\.hh$'' - ''^src/libutil/include/nix/finally\.hh$'' - ''^src/libutil/include/nix/fmt\.hh$'' + ''^src/libutil/include/nix/util/file-system\.hh$'' + ''^src/libutil/include/nix/util/finally\.hh$'' + ''^src/libutil/include/nix/util/fmt\.hh$'' ''^src/libutil/fs-sink\.cc$'' - ''^src/libutil/include/nix/fs-sink\.hh$'' + ''^src/libutil/include/nix/util/fs-sink\.hh$'' ''^src/libutil/git\.cc$'' - ''^src/libutil/include/nix/git\.hh$'' + ''^src/libutil/include/nix/util/git\.hh$'' ''^src/libutil/hash\.cc$'' - ''^src/libutil/include/nix/hash\.hh$'' + ''^src/libutil/include/nix/util/hash\.hh$'' ''^src/libutil/hilite\.cc$'' - ''^src/libutil/include/nix/hilite\.hh$'' + ''^src/libutil/include/nix/util/hilite\.hh$'' ''^src/libutil/source-accessor\.hh$'' - ''^src/libutil/include/nix/json-impls\.hh$'' + ''^src/libutil/include/nix/util/json-impls\.hh$'' ''^src/libutil/json-utils\.cc$'' - ''^src/libutil/include/nix/json-utils\.hh$'' + ''^src/libutil/include/nix/util/json-utils\.hh$'' ''^src/libutil/linux/cgroup\.cc$'' ''^src/libutil/linux/namespaces\.cc$'' ''^src/libutil/logging\.cc$'' - ''^src/libutil/include/nix/logging\.hh$'' - ''^src/libutil/include/nix/lru-cache\.hh$'' + ''^src/libutil/include/nix/util/logging\.hh$'' + ''^src/libutil/include/nix/util/lru-cache\.hh$'' ''^src/libutil/memory-source-accessor\.cc$'' - ''^src/libutil/include/nix/memory-source-accessor\.hh$'' - ''^src/libutil/include/nix/pool\.hh$'' + ''^src/libutil/include/nix/util/memory-source-accessor\.hh$'' + ''^src/libutil/include/nix/util/pool\.hh$'' ''^src/libutil/position\.cc$'' - ''^src/libutil/include/nix/position\.hh$'' + ''^src/libutil/include/nix/util/position\.hh$'' ''^src/libutil/posix-source-accessor\.cc$'' - ''^src/libutil/include/nix/posix-source-accessor\.hh$'' - ''^src/libutil/include/nix/processes\.hh$'' - ''^src/libutil/include/nix/ref\.hh$'' + ''^src/libutil/include/nix/util/posix-source-accessor\.hh$'' + ''^src/libutil/include/nix/util/processes\.hh$'' + ''^src/libutil/include/nix/util/ref\.hh$'' ''^src/libutil/references\.cc$'' - ''^src/libutil/include/nix/references\.hh$'' + ''^src/libutil/include/nix/util/references\.hh$'' ''^src/libutil/regex-combinators\.hh$'' ''^src/libutil/serialise\.cc$'' - ''^src/libutil/include/nix/serialise\.hh$'' - ''^src/libutil/include/nix/signals\.hh$'' + ''^src/libutil/include/nix/util/serialise\.hh$'' + ''^src/libutil/include/nix/util/signals\.hh$'' ''^src/libutil/signature/local-keys\.cc$'' - ''^src/libutil/include/nix/signature/local-keys\.hh$'' + ''^src/libutil/include/nix/util/signature/local-keys\.hh$'' ''^src/libutil/signature/signer\.cc$'' - ''^src/libutil/include/nix/signature/signer\.hh$'' + ''^src/libutil/include/nix/util/signature/signer\.hh$'' ''^src/libutil/source-accessor\.cc$'' - ''^src/libutil/include/nix/source-accessor\.hh$'' + ''^src/libutil/include/nix/util/source-accessor\.hh$'' ''^src/libutil/source-path\.cc$'' - ''^src/libutil/include/nix/source-path\.hh$'' - ''^src/libutil/include/nix/split\.hh$'' + ''^src/libutil/include/nix/util/source-path\.hh$'' + ''^src/libutil/include/nix/util/split\.hh$'' ''^src/libutil/suggestions\.cc$'' - ''^src/libutil/include/nix/suggestions\.hh$'' - ''^src/libutil/include/nix/sync\.hh$'' + ''^src/libutil/include/nix/util/suggestions\.hh$'' + ''^src/libutil/include/nix/util/sync\.hh$'' ''^src/libutil/terminal\.cc$'' - ''^src/libutil/include/nix/terminal\.hh$'' + ''^src/libutil/include/nix/util/terminal\.hh$'' ''^src/libutil/thread-pool\.cc$'' - ''^src/libutil/include/nix/thread-pool\.hh$'' - ''^src/libutil/include/nix/topo-sort\.hh$'' - ''^src/libutil/include/nix/types\.hh$'' + ''^src/libutil/include/nix/util/thread-pool\.hh$'' + ''^src/libutil/include/nix/util/topo-sort\.hh$'' + ''^src/libutil/include/nix/util/types\.hh$'' ''^src/libutil/unix/file-descriptor\.cc$'' ''^src/libutil/unix/file-path\.cc$'' ''^src/libutil/unix/processes\.cc$'' - ''^src/libutil/unix/include/nix/signals-impl\.hh$'' + ''^src/libutil/unix/include/nix/util/signals-impl\.hh$'' ''^src/libutil/unix/signals\.cc$'' ''^src/libutil/unix-domain-socket\.cc$'' ''^src/libutil/unix/users\.cc$'' - ''^src/libutil/include/nix/url-parts\.hh$'' + ''^src/libutil/include/nix/util/url-parts\.hh$'' ''^src/libutil/url\.cc$'' - ''^src/libutil/include/nix/url\.hh$'' + ''^src/libutil/include/nix/util/url\.hh$'' ''^src/libutil/users\.cc$'' - ''^src/libutil/include/nix/users\.hh$'' + ''^src/libutil/include/nix/util/users\.hh$'' ''^src/libutil/util\.cc$'' - ''^src/libutil/include/nix/util\.hh$'' - ''^src/libutil/include/nix/variant-wrapper\.hh$'' + ''^src/libutil/include/nix/util/util\.hh$'' + ''^src/libutil/include/nix/util/variant-wrapper\.hh$'' ''^src/libutil/widecharwidth/widechar_width\.h$'' # vendored source ''^src/libutil/windows/file-descriptor\.cc$'' ''^src/libutil/windows/file-path\.cc$'' ''^src/libutil/windows/processes\.cc$'' ''^src/libutil/windows/users\.cc$'' ''^src/libutil/windows/windows-error\.cc$'' - ''^src/libutil/windows/include/nix/windows-error\.hh$'' + ''^src/libutil/windows/include/nix/util/windows-error\.hh$'' ''^src/libutil/xml-writer\.cc$'' - ''^src/libutil/include/nix/xml-writer\.hh$'' + ''^src/libutil/include/nix/util/xml-writer\.hh$'' ''^src/nix-build/nix-build\.cc$'' ''^src/nix-channel/nix-channel\.cc$'' ''^src/nix-collect-garbage/nix-collect-garbage\.cc$'' @@ -481,9 +481,9 @@ ''^tests/nixos/ca-fd-leak/sender\.c'' ''^tests/nixos/ca-fd-leak/smuggler\.c'' ''^tests/nixos/user-sandboxing/attacker\.c'' - ''^src/libexpr-test-support/include/nix/tests/libexpr\.hh'' + ''^src/libexpr-test-support/include/nix/expr/tests/libexpr\.hh'' ''^src/libexpr-test-support/tests/value/context\.cc'' - ''^src/libexpr-test-support/include/nix/tests/value/context\.hh'' + ''^src/libexpr-test-support/include/nix/expr/tests/value/context\.hh'' ''^src/libexpr-tests/derived-path\.cc'' ''^src/libexpr-tests/error_traces\.cc'' ''^src/libexpr-tests/eval\.cc'' @@ -498,13 +498,13 @@ ''^src/libflake-tests/flakeref\.cc'' ''^src/libflake-tests/url-name\.cc'' ''^src/libstore-test-support/tests/derived-path\.cc'' - ''^src/libstore-test-support/include/nix/tests/derived-path\.hh'' - ''^src/libstore-test-support/include/nix/tests/nix_api_store\.hh'' + ''^src/libstore-test-support/include/nix/store/tests/derived-path\.hh'' + ''^src/libstore-test-support/include/nix/store/tests/nix_api_store\.hh'' ''^src/libstore-test-support/tests/outputs-spec\.cc'' - ''^src/libstore-test-support/include/nix/tests/outputs-spec\.hh'' + ''^src/libstore-test-support/include/nix/store/tests/outputs-spec\.hh'' ''^src/libstore-test-support/path\.cc'' - ''^src/libstore-test-support/include/nix/tests/path\.hh'' - ''^src/libstore-test-support/include/nix/tests/protocol\.hh'' + ''^src/libstore-test-support/include/nix/store/tests/path\.hh'' + ''^src/libstore-test-support/include/nix/store/tests/protocol\.hh'' ''^src/libstore-tests/common-protocol\.cc'' ''^src/libstore-tests/content-address\.cc'' ''^src/libstore-tests/derivation\.cc'' @@ -518,9 +518,9 @@ ''^src/libstore-tests/path\.cc'' ''^src/libstore-tests/serve-protocol\.cc'' ''^src/libstore-tests/worker-protocol\.cc'' - ''^src/libutil-test-support/include/nix/tests/characterization\.hh'' + ''^src/libutil-test-support/include/nix/util/tests/characterization\.hh'' ''^src/libutil-test-support/hash\.cc'' - ''^src/libutil-test-support/include/nix/tests/hash\.hh'' + ''^src/libutil-test-support/include/nix/util/tests/hash\.hh'' ''^src/libutil-tests/args\.cc'' ''^src/libutil-tests/canon-path\.cc'' ''^src/libutil-tests/chunked-vector\.cc'' diff --git a/src/build-remote/build-remote.cc b/src/build-remote/build-remote.cc index 56eb248a5d4..b4eaa389b7f 100644 --- a/src/build-remote/build-remote.cc +++ b/src/build-remote/build-remote.cc @@ -9,19 +9,19 @@ #include #endif -#include "nix/machines.hh" -#include "nix/shared.hh" -#include "nix/plugin.hh" -#include "nix/pathlocks.hh" -#include "nix/globals.hh" -#include "nix/serialise.hh" -#include "nix/build-result.hh" -#include "nix/store-api.hh" -#include "nix/strings.hh" -#include "nix/derivations.hh" -#include "nix/local-store.hh" -#include "nix/legacy.hh" -#include "nix/experimental-features.hh" +#include "nix/store/machines.hh" +#include "nix/main/shared.hh" +#include "nix/main/plugin.hh" +#include "nix/store/pathlocks.hh" +#include "nix/store/globals.hh" +#include "nix/util/serialise.hh" +#include "nix/store/build-result.hh" +#include "nix/store/store-api.hh" +#include "nix/util/strings.hh" +#include "nix/store/derivations.hh" +#include "nix/store/local-store.hh" +#include "nix/cmd/legacy.hh" +#include "nix/util/experimental-features.hh" using namespace nix; using std::cin; diff --git a/src/libcmd/built-path.cc b/src/libcmd/built-path.cc index 21b52cea5f2..1238f942254 100644 --- a/src/libcmd/built-path.cc +++ b/src/libcmd/built-path.cc @@ -1,7 +1,7 @@ -#include "nix/built-path.hh" -#include "nix/derivations.hh" -#include "nix/store-api.hh" -#include "nix/comparator.hh" +#include "nix/cmd/built-path.hh" +#include "nix/store/derivations.hh" +#include "nix/store/store-api.hh" +#include "nix/util/comparator.hh" #include diff --git a/src/libcmd/command-installable-value.cc b/src/libcmd/command-installable-value.cc index 52fa610916a..0884f17e927 100644 --- a/src/libcmd/command-installable-value.cc +++ b/src/libcmd/command-installable-value.cc @@ -1,4 +1,4 @@ -#include "nix/command-installable-value.hh" +#include "nix/cmd/command-installable-value.hh" namespace nix { diff --git a/src/libcmd/command.cc b/src/libcmd/command.cc index efcdb799de0..565f424dde7 100644 --- a/src/libcmd/command.cc +++ b/src/libcmd/command.cc @@ -1,16 +1,16 @@ #include #include -#include "nix/command.hh" -#include "nix/markdown.hh" -#include "nix/store-api.hh" -#include "nix/local-fs-store.hh" -#include "nix/derivations.hh" -#include "nix/nixexpr.hh" -#include "nix/profiles.hh" -#include "nix/repl.hh" -#include "nix/strings.hh" -#include "nix/environment-variables.hh" +#include "nix/cmd/command.hh" +#include "nix/cmd/markdown.hh" +#include "nix/store/store-api.hh" +#include "nix/store/local-fs-store.hh" +#include "nix/store/derivations.hh" +#include "nix/expr/nixexpr.hh" +#include "nix/store/profiles.hh" +#include "nix/cmd/repl.hh" +#include "nix/util/strings.hh" +#include "nix/util/environment-variables.hh" namespace nix { diff --git a/src/libcmd/common-eval-args.cc b/src/libcmd/common-eval-args.cc index 805701749e2..c051792f3d3 100644 --- a/src/libcmd/common-eval-args.cc +++ b/src/libcmd/common-eval-args.cc @@ -1,20 +1,20 @@ -#include "nix/fetch-settings.hh" -#include "nix/eval-settings.hh" -#include "nix/common-eval-args.hh" -#include "nix/shared.hh" -#include "nix/config-global.hh" -#include "nix/filetransfer.hh" -#include "nix/eval.hh" -#include "nix/fetchers.hh" -#include "nix/registry.hh" +#include "nix/fetchers/fetch-settings.hh" +#include "nix/expr/eval-settings.hh" +#include "nix/cmd/common-eval-args.hh" +#include "nix/main/shared.hh" +#include "nix/util/config-global.hh" +#include "nix/store/filetransfer.hh" +#include "nix/expr/eval.hh" +#include "nix/fetchers/fetchers.hh" +#include "nix/fetchers/registry.hh" #include "nix/flake/flakeref.hh" #include "nix/flake/settings.hh" -#include "nix/store-api.hh" -#include "nix/command.hh" -#include "nix/tarball.hh" -#include "nix/fetch-to-store.hh" -#include "nix/compatibility-settings.hh" -#include "nix/eval-settings.hh" +#include "nix/store/store-api.hh" +#include "nix/cmd/command.hh" +#include "nix/fetchers/tarball.hh" +#include "nix/fetchers/fetch-to-store.hh" +#include "nix/cmd/compatibility-settings.hh" +#include "nix/expr/eval-settings.hh" namespace nix { diff --git a/src/libcmd/editor-for.cc b/src/libcmd/editor-for.cc index b82f41d2b8f..a5d635859a0 100644 --- a/src/libcmd/editor-for.cc +++ b/src/libcmd/editor-for.cc @@ -1,6 +1,6 @@ -#include "nix/editor-for.hh" -#include "nix/environment-variables.hh" -#include "nix/source-path.hh" +#include "nix/cmd/editor-for.hh" +#include "nix/util/environment-variables.hh" +#include "nix/util/source-path.hh" namespace nix { diff --git a/src/libcmd/include/nix/built-path.hh b/src/libcmd/include/nix/cmd/built-path.hh similarity index 97% rename from src/libcmd/include/nix/built-path.hh rename to src/libcmd/include/nix/cmd/built-path.hh index bd8f685e005..c885876a79d 100644 --- a/src/libcmd/include/nix/built-path.hh +++ b/src/libcmd/include/nix/cmd/built-path.hh @@ -1,8 +1,8 @@ #pragma once ///@file -#include "nix/derived-path.hh" -#include "nix/realisation.hh" +#include "nix/store/derived-path.hh" +#include "nix/store/realisation.hh" namespace nix { diff --git a/src/libcmd/include/nix/command-installable-value.hh b/src/libcmd/include/nix/cmd/command-installable-value.hh similarity index 85% rename from src/libcmd/include/nix/command-installable-value.hh rename to src/libcmd/include/nix/cmd/command-installable-value.hh index 5ce352a6345..b171d9f738d 100644 --- a/src/libcmd/include/nix/command-installable-value.hh +++ b/src/libcmd/include/nix/cmd/command-installable-value.hh @@ -1,8 +1,8 @@ #pragma once ///@file -#include "nix/installable-value.hh" -#include "nix/command.hh" +#include "nix/cmd/installable-value.hh" +#include "nix/cmd/command.hh" namespace nix { diff --git a/src/libcmd/include/nix/command.hh b/src/libcmd/include/nix/cmd/command.hh similarity index 98% rename from src/libcmd/include/nix/command.hh rename to src/libcmd/include/nix/cmd/command.hh index 9d3c8e343d4..6b6418f51e5 100644 --- a/src/libcmd/include/nix/command.hh +++ b/src/libcmd/include/nix/cmd/command.hh @@ -1,10 +1,10 @@ #pragma once ///@file -#include "nix/installable-value.hh" -#include "nix/args.hh" -#include "nix/common-eval-args.hh" -#include "nix/path.hh" +#include "nix/cmd/installable-value.hh" +#include "nix/util/args.hh" +#include "nix/cmd/common-eval-args.hh" +#include "nix/store/path.hh" #include "nix/flake/lockfile.hh" #include diff --git a/src/libcmd/include/nix/common-eval-args.hh b/src/libcmd/include/nix/cmd/common-eval-args.hh similarity index 91% rename from src/libcmd/include/nix/common-eval-args.hh rename to src/libcmd/include/nix/cmd/common-eval-args.hh index e7217589162..6f3367e58e9 100644 --- a/src/libcmd/include/nix/common-eval-args.hh +++ b/src/libcmd/include/nix/cmd/common-eval-args.hh @@ -1,10 +1,10 @@ #pragma once ///@file -#include "nix/args.hh" -#include "nix/canon-path.hh" -#include "nix/common-args.hh" -#include "nix/search-path.hh" +#include "nix/util/args.hh" +#include "nix/util/canon-path.hh" +#include "nix/main/common-args.hh" +#include "nix/expr/search-path.hh" #include diff --git a/src/libcmd/include/nix/compatibility-settings.hh b/src/libcmd/include/nix/cmd/compatibility-settings.hh similarity index 97% rename from src/libcmd/include/nix/compatibility-settings.hh rename to src/libcmd/include/nix/cmd/compatibility-settings.hh index 18319c1f2d2..c7061a0a14d 100644 --- a/src/libcmd/include/nix/compatibility-settings.hh +++ b/src/libcmd/include/nix/cmd/compatibility-settings.hh @@ -1,5 +1,5 @@ #pragma once -#include "nix/config.hh" +#include "nix/util/configuration.hh" namespace nix { struct CompatibilitySettings : public Config diff --git a/src/libcmd/include/nix/editor-for.hh b/src/libcmd/include/nix/cmd/editor-for.hh similarity index 74% rename from src/libcmd/include/nix/editor-for.hh rename to src/libcmd/include/nix/cmd/editor-for.hh index 0a8aa48bc6c..11414e82382 100644 --- a/src/libcmd/include/nix/editor-for.hh +++ b/src/libcmd/include/nix/cmd/editor-for.hh @@ -1,8 +1,8 @@ #pragma once ///@file -#include "nix/types.hh" -#include "nix/source-path.hh" +#include "nix/util/types.hh" +#include "nix/util/source-path.hh" namespace nix { diff --git a/src/libcmd/include/nix/installable-attr-path.hh b/src/libcmd/include/nix/cmd/installable-attr-path.hh similarity index 61% rename from src/libcmd/include/nix/installable-attr-path.hh rename to src/libcmd/include/nix/cmd/installable-attr-path.hh index ceb2eca616c..5a0dc993c9f 100644 --- a/src/libcmd/include/nix/installable-attr-path.hh +++ b/src/libcmd/include/nix/cmd/installable-attr-path.hh @@ -1,22 +1,22 @@ #pragma once ///@file -#include "nix/globals.hh" -#include "nix/installable-value.hh" -#include "nix/outputs-spec.hh" -#include "nix/command.hh" -#include "nix/attr-path.hh" -#include "nix/common-eval-args.hh" -#include "nix/derivations.hh" -#include "nix/eval-inline.hh" -#include "nix/eval.hh" -#include "nix/get-drvs.hh" -#include "nix/store-api.hh" -#include "nix/shared.hh" -#include "nix/eval-cache.hh" -#include "nix/url.hh" -#include "nix/registry.hh" -#include "nix/build-result.hh" +#include "nix/store/globals.hh" +#include "nix/cmd/installable-value.hh" +#include "nix/store/outputs-spec.hh" +#include "nix/cmd/command.hh" +#include "nix/expr/attr-path.hh" +#include "nix/cmd/common-eval-args.hh" +#include "nix/store/derivations.hh" +#include "nix/expr/eval-inline.hh" +#include "nix/expr/eval.hh" +#include "nix/expr/get-drvs.hh" +#include "nix/store/store-api.hh" +#include "nix/main/shared.hh" +#include "nix/expr/eval-cache.hh" +#include "nix/util/url.hh" +#include "nix/fetchers/registry.hh" +#include "nix/store/build-result.hh" #include #include diff --git a/src/libcmd/include/nix/installable-derived-path.hh b/src/libcmd/include/nix/cmd/installable-derived-path.hh similarity index 94% rename from src/libcmd/include/nix/installable-derived-path.hh rename to src/libcmd/include/nix/cmd/installable-derived-path.hh index 8f86e6c4cdf..daa6ba86867 100644 --- a/src/libcmd/include/nix/installable-derived-path.hh +++ b/src/libcmd/include/nix/cmd/installable-derived-path.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "nix/installables.hh" +#include "nix/cmd/installables.hh" namespace nix { diff --git a/src/libcmd/include/nix/installable-flake.hh b/src/libcmd/include/nix/cmd/installable-flake.hh similarity index 96% rename from src/libcmd/include/nix/installable-flake.hh rename to src/libcmd/include/nix/cmd/installable-flake.hh index 5bbe4beb5b2..8699031b5b5 100644 --- a/src/libcmd/include/nix/installable-flake.hh +++ b/src/libcmd/include/nix/cmd/installable-flake.hh @@ -1,8 +1,8 @@ #pragma once ///@file -#include "nix/common-eval-args.hh" -#include "nix/installable-value.hh" +#include "nix/cmd/common-eval-args.hh" +#include "nix/cmd/installable-value.hh" namespace nix { diff --git a/src/libcmd/include/nix/installable-value.hh b/src/libcmd/include/nix/cmd/installable-value.hh similarity index 98% rename from src/libcmd/include/nix/installable-value.hh rename to src/libcmd/include/nix/cmd/installable-value.hh index f8840103f7c..9c8f1a9fb2c 100644 --- a/src/libcmd/include/nix/installable-value.hh +++ b/src/libcmd/include/nix/cmd/installable-value.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "nix/installables.hh" +#include "nix/cmd/installables.hh" #include "nix/flake/flake.hh" namespace nix { diff --git a/src/libcmd/include/nix/installables.hh b/src/libcmd/include/nix/cmd/installables.hh similarity index 95% rename from src/libcmd/include/nix/installables.hh rename to src/libcmd/include/nix/cmd/installables.hh index 2393cbcffe6..84941278a44 100644 --- a/src/libcmd/include/nix/installables.hh +++ b/src/libcmd/include/nix/cmd/installables.hh @@ -1,12 +1,12 @@ #pragma once ///@file -#include "nix/path.hh" -#include "nix/outputs-spec.hh" -#include "nix/derived-path.hh" -#include "nix/built-path.hh" -#include "nix/store-api.hh" -#include "nix/build-result.hh" +#include "nix/store/path.hh" +#include "nix/store/outputs-spec.hh" +#include "nix/store/derived-path.hh" +#include "nix/cmd/built-path.hh" +#include "nix/store/store-api.hh" +#include "nix/store/build-result.hh" #include diff --git a/src/libcmd/include/nix/legacy.hh b/src/libcmd/include/nix/cmd/legacy.hh similarity index 100% rename from src/libcmd/include/nix/legacy.hh rename to src/libcmd/include/nix/cmd/legacy.hh diff --git a/src/libcmd/include/nix/markdown.hh b/src/libcmd/include/nix/cmd/markdown.hh similarity index 100% rename from src/libcmd/include/nix/markdown.hh rename to src/libcmd/include/nix/cmd/markdown.hh diff --git a/src/libcmd/include/nix/meson.build b/src/libcmd/include/nix/cmd/meson.build similarity index 90% rename from src/libcmd/include/nix/meson.build rename to src/libcmd/include/nix/cmd/meson.build index debe4a60522..368edb28e5b 100644 --- a/src/libcmd/include/nix/meson.build +++ b/src/libcmd/include/nix/cmd/meson.build @@ -1,6 +1,6 @@ # Public headers directory -include_dirs = [include_directories('..')] +include_dirs = [include_directories('../..')] headers = files( 'built-path.hh', diff --git a/src/libcmd/include/nix/misc-store-flags.hh b/src/libcmd/include/nix/cmd/misc-store-flags.hh similarity index 90% rename from src/libcmd/include/nix/misc-store-flags.hh rename to src/libcmd/include/nix/cmd/misc-store-flags.hh index b8579e90fb1..c9467ad8e3a 100644 --- a/src/libcmd/include/nix/misc-store-flags.hh +++ b/src/libcmd/include/nix/cmd/misc-store-flags.hh @@ -1,5 +1,5 @@ -#include "nix/args.hh" -#include "nix/content-address.hh" +#include "nix/util/args.hh" +#include "nix/store/content-address.hh" namespace nix::flag { diff --git a/src/libcmd/include/nix/network-proxy.hh b/src/libcmd/include/nix/cmd/network-proxy.hh similarity index 93% rename from src/libcmd/include/nix/network-proxy.hh rename to src/libcmd/include/nix/cmd/network-proxy.hh index ca797f465ec..255597a6109 100644 --- a/src/libcmd/include/nix/network-proxy.hh +++ b/src/libcmd/include/nix/cmd/network-proxy.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "nix/types.hh" +#include "nix/util/types.hh" namespace nix { diff --git a/src/libcmd/include/nix/repl-interacter.hh b/src/libcmd/include/nix/cmd/repl-interacter.hh similarity index 94% rename from src/libcmd/include/nix/repl-interacter.hh rename to src/libcmd/include/nix/cmd/repl-interacter.hh index 463ba68184c..eb58563b2ec 100644 --- a/src/libcmd/include/nix/repl-interacter.hh +++ b/src/libcmd/include/nix/cmd/repl-interacter.hh @@ -1,8 +1,8 @@ #pragma once /// @file -#include "nix/finally.hh" -#include "nix/types.hh" +#include "nix/util/finally.hh" +#include "nix/util/types.hh" #include #include diff --git a/src/libcmd/include/nix/repl.hh b/src/libcmd/include/nix/cmd/repl.hh similarity index 97% rename from src/libcmd/include/nix/repl.hh rename to src/libcmd/include/nix/cmd/repl.hh index b22fb9438a6..83e39727f81 100644 --- a/src/libcmd/include/nix/repl.hh +++ b/src/libcmd/include/nix/cmd/repl.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "nix/eval.hh" +#include "nix/expr/eval.hh" namespace nix { diff --git a/src/libcmd/installable-attr-path.cc b/src/libcmd/installable-attr-path.cc index dfd7bdd65b2..fcbfe148226 100644 --- a/src/libcmd/installable-attr-path.cc +++ b/src/libcmd/installable-attr-path.cc @@ -1,21 +1,21 @@ -#include "nix/globals.hh" -#include "nix/installable-attr-path.hh" -#include "nix/outputs-spec.hh" -#include "nix/util.hh" -#include "nix/command.hh" -#include "nix/attr-path.hh" -#include "nix/common-eval-args.hh" -#include "nix/derivations.hh" -#include "nix/eval-inline.hh" -#include "nix/eval.hh" -#include "nix/get-drvs.hh" -#include "nix/store-api.hh" -#include "nix/shared.hh" +#include "nix/store/globals.hh" +#include "nix/cmd/installable-attr-path.hh" +#include "nix/store/outputs-spec.hh" +#include "nix/util/util.hh" +#include "nix/cmd/command.hh" +#include "nix/expr/attr-path.hh" +#include "nix/cmd/common-eval-args.hh" +#include "nix/store/derivations.hh" +#include "nix/expr/eval-inline.hh" +#include "nix/expr/eval.hh" +#include "nix/expr/get-drvs.hh" +#include "nix/store/store-api.hh" +#include "nix/main/shared.hh" #include "nix/flake/flake.hh" -#include "nix/eval-cache.hh" -#include "nix/url.hh" -#include "nix/registry.hh" -#include "nix/build-result.hh" +#include "nix/expr/eval-cache.hh" +#include "nix/util/url.hh" +#include "nix/fetchers/registry.hh" +#include "nix/store/build-result.hh" #include #include diff --git a/src/libcmd/installable-derived-path.cc b/src/libcmd/installable-derived-path.cc index 2e53f61982e..5a92f81c7d4 100644 --- a/src/libcmd/installable-derived-path.cc +++ b/src/libcmd/installable-derived-path.cc @@ -1,5 +1,5 @@ -#include "nix/installable-derived-path.hh" -#include "nix/derivations.hh" +#include "nix/cmd/installable-derived-path.hh" +#include "nix/store/derivations.hh" namespace nix { diff --git a/src/libcmd/installable-flake.cc b/src/libcmd/installable-flake.cc index f4c27251529..83285b739f6 100644 --- a/src/libcmd/installable-flake.cc +++ b/src/libcmd/installable-flake.cc @@ -1,22 +1,22 @@ -#include "nix/globals.hh" -#include "nix/installable-flake.hh" -#include "nix/installable-derived-path.hh" -#include "nix/outputs-spec.hh" -#include "nix/util.hh" -#include "nix/command.hh" -#include "nix/attr-path.hh" -#include "nix/common-eval-args.hh" -#include "nix/derivations.hh" -#include "nix/eval-inline.hh" -#include "nix/eval.hh" -#include "nix/get-drvs.hh" -#include "nix/store-api.hh" -#include "nix/shared.hh" +#include "nix/store/globals.hh" +#include "nix/cmd/installable-flake.hh" +#include "nix/cmd/installable-derived-path.hh" +#include "nix/store/outputs-spec.hh" +#include "nix/util/util.hh" +#include "nix/cmd/command.hh" +#include "nix/expr/attr-path.hh" +#include "nix/cmd/common-eval-args.hh" +#include "nix/store/derivations.hh" +#include "nix/expr/eval-inline.hh" +#include "nix/expr/eval.hh" +#include "nix/expr/get-drvs.hh" +#include "nix/store/store-api.hh" +#include "nix/main/shared.hh" #include "nix/flake/flake.hh" -#include "nix/eval-cache.hh" -#include "nix/url.hh" -#include "nix/registry.hh" -#include "nix/build-result.hh" +#include "nix/expr/eval-cache.hh" +#include "nix/util/url.hh" +#include "nix/fetchers/registry.hh" +#include "nix/store/build-result.hh" #include #include diff --git a/src/libcmd/installable-value.cc b/src/libcmd/installable-value.cc index ac2da0ed20c..d9ac3a29e7a 100644 --- a/src/libcmd/installable-value.cc +++ b/src/libcmd/installable-value.cc @@ -1,6 +1,6 @@ -#include "nix/installable-value.hh" -#include "nix/eval-cache.hh" -#include "nix/fetch-to-store.hh" +#include "nix/cmd/installable-value.hh" +#include "nix/expr/eval-cache.hh" +#include "nix/fetchers/fetch-to-store.hh" namespace nix { diff --git a/src/libcmd/installables.cc b/src/libcmd/installables.cc index f1eaa71e9b0..c010887fa00 100644 --- a/src/libcmd/installables.cc +++ b/src/libcmd/installables.cc @@ -1,33 +1,33 @@ -#include "nix/globals.hh" -#include "nix/installables.hh" -#include "nix/installable-derived-path.hh" -#include "nix/installable-attr-path.hh" -#include "nix/installable-flake.hh" -#include "nix/outputs-spec.hh" -#include "nix/users.hh" -#include "nix/util.hh" -#include "nix/command.hh" -#include "nix/attr-path.hh" -#include "nix/common-eval-args.hh" -#include "nix/derivations.hh" -#include "nix/eval-inline.hh" -#include "nix/eval.hh" -#include "nix/eval-settings.hh" -#include "nix/get-drvs.hh" -#include "nix/store-api.hh" -#include "nix/shared.hh" +#include "nix/store/globals.hh" +#include "nix/cmd/installables.hh" +#include "nix/cmd/installable-derived-path.hh" +#include "nix/cmd/installable-attr-path.hh" +#include "nix/cmd/installable-flake.hh" +#include "nix/store/outputs-spec.hh" +#include "nix/util/users.hh" +#include "nix/util/util.hh" +#include "nix/cmd/command.hh" +#include "nix/expr/attr-path.hh" +#include "nix/cmd/common-eval-args.hh" +#include "nix/store/derivations.hh" +#include "nix/expr/eval-inline.hh" +#include "nix/expr/eval.hh" +#include "nix/expr/eval-settings.hh" +#include "nix/expr/get-drvs.hh" +#include "nix/store/store-api.hh" +#include "nix/main/shared.hh" #include "nix/flake/flake.hh" -#include "nix/eval-cache.hh" -#include "nix/url.hh" -#include "nix/registry.hh" -#include "nix/build-result.hh" +#include "nix/expr/eval-cache.hh" +#include "nix/util/url.hh" +#include "nix/fetchers/registry.hh" +#include "nix/store/build-result.hh" #include #include #include -#include "nix/strings-inline.hh" +#include "nix/util/strings-inline.hh" namespace nix { diff --git a/src/libcmd/legacy.cc b/src/libcmd/legacy.cc index 25da75d3fb4..69b06683141 100644 --- a/src/libcmd/legacy.cc +++ b/src/libcmd/legacy.cc @@ -1,4 +1,4 @@ -#include "nix/legacy.hh" +#include "nix/cmd/legacy.hh" namespace nix { diff --git a/src/libcmd/markdown.cc b/src/libcmd/markdown.cc index 5670b590bcb..41da73c7af8 100644 --- a/src/libcmd/markdown.cc +++ b/src/libcmd/markdown.cc @@ -1,8 +1,8 @@ -#include "nix/markdown.hh" -#include "nix/environment-variables.hh" -#include "nix/error.hh" -#include "nix/finally.hh" -#include "nix/terminal.hh" +#include "nix/cmd/markdown.hh" +#include "nix/util/environment-variables.hh" +#include "nix/util/error.hh" +#include "nix/util/finally.hh" +#include "nix/util/terminal.hh" #include "cmd-config-private.hh" diff --git a/src/libcmd/meson.build b/src/libcmd/meson.build index 07747e0a316..32f44697d6b 100644 --- a/src/libcmd/meson.build +++ b/src/libcmd/meson.build @@ -79,7 +79,7 @@ sources = files( 'repl.cc', ) -subdir('include/nix') +subdir('include/nix/cmd') subdir('nix-meson-build-support/export-all-symbols') subdir('nix-meson-build-support/windows-version') @@ -95,7 +95,7 @@ this_library = library( install : true, ) -install_headers(headers, subdir : 'nix', preserve_path : true) +install_headers(headers, subdir : 'nix/cmd', preserve_path : true) libraries_private = [] diff --git a/src/libcmd/misc-store-flags.cc b/src/libcmd/misc-store-flags.cc index 70933648ff0..a57ad35ffb3 100644 --- a/src/libcmd/misc-store-flags.cc +++ b/src/libcmd/misc-store-flags.cc @@ -1,4 +1,4 @@ -#include "nix/misc-store-flags.hh" +#include "nix/cmd/misc-store-flags.hh" namespace nix::flag { diff --git a/src/libcmd/network-proxy.cc b/src/libcmd/network-proxy.cc index 31e9eb8ddb7..a4a89685c4d 100644 --- a/src/libcmd/network-proxy.cc +++ b/src/libcmd/network-proxy.cc @@ -1,8 +1,8 @@ -#include "nix/network-proxy.hh" +#include "nix/cmd/network-proxy.hh" #include -#include "nix/environment-variables.hh" +#include "nix/util/environment-variables.hh" namespace nix { diff --git a/src/libcmd/package.nix b/src/libcmd/package.nix index 5cfe550a332..be5054f6403 100644 --- a/src/libcmd/package.nix +++ b/src/libcmd/package.nix @@ -46,7 +46,7 @@ mkMesonLibrary (finalAttrs: { ./.version ./meson.build ./meson.options - ./include/nix/meson.build + ./include/nix/cmd/meson.build (fileset.fileFilter (file: file.hasExt "cc") ./.) (fileset.fileFilter (file: file.hasExt "hh") ./.) ]; diff --git a/src/libcmd/repl-interacter.cc b/src/libcmd/repl-interacter.cc index 093cc2b29b5..0da2cc615b1 100644 --- a/src/libcmd/repl-interacter.cc +++ b/src/libcmd/repl-interacter.cc @@ -16,12 +16,12 @@ extern "C" { } #endif -#include "nix/signals.hh" -#include "nix/finally.hh" -#include "nix/repl-interacter.hh" -#include "nix/file-system.hh" -#include "nix/repl.hh" -#include "nix/environment-variables.hh" +#include "nix/util/signals.hh" +#include "nix/util/finally.hh" +#include "nix/cmd/repl-interacter.hh" +#include "nix/util/file-system.hh" +#include "nix/cmd/repl.hh" +#include "nix/util/environment-variables.hh" namespace nix { diff --git a/src/libcmd/repl.cc b/src/libcmd/repl.cc index 8bd5417d7fb..c5a95268b50 100644 --- a/src/libcmd/repl.cc +++ b/src/libcmd/repl.cc @@ -2,34 +2,34 @@ #include #include -#include "nix/error.hh" -#include "nix/repl-interacter.hh" -#include "nix/repl.hh" - -#include "nix/ansicolor.hh" -#include "nix/shared.hh" -#include "nix/eval.hh" -#include "nix/eval-settings.hh" -#include "nix/attr-path.hh" -#include "nix/signals.hh" -#include "nix/store-api.hh" -#include "nix/log-store.hh" -#include "nix/common-eval-args.hh" -#include "nix/get-drvs.hh" -#include "nix/derivations.hh" -#include "nix/globals.hh" +#include "nix/util/error.hh" +#include "nix/cmd/repl-interacter.hh" +#include "nix/cmd/repl.hh" + +#include "nix/util/ansicolor.hh" +#include "nix/main/shared.hh" +#include "nix/expr/eval.hh" +#include "nix/expr/eval-settings.hh" +#include "nix/expr/attr-path.hh" +#include "nix/util/signals.hh" +#include "nix/store/store-api.hh" +#include "nix/store/log-store.hh" +#include "nix/cmd/common-eval-args.hh" +#include "nix/expr/get-drvs.hh" +#include "nix/store/derivations.hh" +#include "nix/store/globals.hh" #include "nix/flake/flake.hh" #include "nix/flake/lockfile.hh" -#include "nix/users.hh" -#include "nix/editor-for.hh" -#include "nix/finally.hh" -#include "nix/markdown.hh" -#include "nix/local-fs-store.hh" -#include "nix/print.hh" -#include "nix/ref.hh" -#include "nix/value.hh" - -#include "nix/strings.hh" +#include "nix/util/users.hh" +#include "nix/cmd/editor-for.hh" +#include "nix/util/finally.hh" +#include "nix/cmd/markdown.hh" +#include "nix/store/local-fs-store.hh" +#include "nix/expr/print.hh" +#include "nix/util/ref.hh" +#include "nix/expr/value.hh" + +#include "nix/util/strings.hh" namespace nix { diff --git a/src/libexpr-c/nix_api_expr.cc b/src/libexpr-c/nix_api_expr.cc index 47eca4e65ca..f34b1b77f25 100644 --- a/src/libexpr-c/nix_api_expr.cc +++ b/src/libexpr-c/nix_api_expr.cc @@ -2,11 +2,11 @@ #include #include -#include "nix/eval.hh" -#include "nix/eval-gc.hh" -#include "nix/globals.hh" -#include "nix/eval-settings.hh" -#include "nix/ref.hh" +#include "nix/expr/eval.hh" +#include "nix/expr/eval-gc.hh" +#include "nix/store/globals.hh" +#include "nix/expr/eval-settings.hh" +#include "nix/util/ref.hh" #include "nix_api_expr.h" #include "nix_api_expr_internal.h" diff --git a/src/libexpr-c/nix_api_expr_internal.h b/src/libexpr-c/nix_api_expr_internal.h index 205a2ee6240..a26595cec5d 100644 --- a/src/libexpr-c/nix_api_expr_internal.h +++ b/src/libexpr-c/nix_api_expr_internal.h @@ -1,12 +1,12 @@ #ifndef NIX_API_EXPR_INTERNAL_H #define NIX_API_EXPR_INTERNAL_H -#include "nix/fetch-settings.hh" -#include "nix/eval.hh" -#include "nix/eval-settings.hh" -#include "nix/attr-set.hh" +#include "nix/fetchers/fetch-settings.hh" +#include "nix/expr/eval.hh" +#include "nix/expr/eval-settings.hh" +#include "nix/expr/attr-set.hh" #include "nix_api_value.h" -#include "nix/search-path.hh" +#include "nix/expr/search-path.hh" struct nix_eval_state_builder { diff --git a/src/libexpr-c/nix_api_external.cc b/src/libexpr-c/nix_api_external.cc index ab124b73b17..04d2e52b564 100644 --- a/src/libexpr-c/nix_api_external.cc +++ b/src/libexpr-c/nix_api_external.cc @@ -1,8 +1,8 @@ -#include "nix/attr-set.hh" -#include "nix/config.hh" -#include "nix/eval.hh" -#include "nix/globals.hh" -#include "nix/value.hh" +#include "nix/expr/attr-set.hh" +#include "nix/util/configuration.hh" +#include "nix/expr/eval.hh" +#include "nix/store/globals.hh" +#include "nix/expr/value.hh" #include "nix_api_expr.h" #include "nix_api_expr_internal.h" @@ -10,7 +10,7 @@ #include "nix_api_util.h" #include "nix_api_util_internal.h" #include "nix_api_value.h" -#include "nix/value/context.hh" +#include "nix/expr/value/context.hh" #include diff --git a/src/libexpr-c/nix_api_value.cc b/src/libexpr-c/nix_api_value.cc index 4c2fdee4209..298d9484598 100644 --- a/src/libexpr-c/nix_api_value.cc +++ b/src/libexpr-c/nix_api_value.cc @@ -1,10 +1,10 @@ -#include "nix/attr-set.hh" -#include "nix/config.hh" -#include "nix/eval.hh" -#include "nix/globals.hh" -#include "nix/path.hh" -#include "nix/primops.hh" -#include "nix/value.hh" +#include "nix/expr/attr-set.hh" +#include "nix/util/configuration.hh" +#include "nix/expr/eval.hh" +#include "nix/store/globals.hh" +#include "nix/store/path.hh" +#include "nix/expr/primops.hh" +#include "nix/expr/value.hh" #include "nix_api_expr.h" #include "nix_api_expr_internal.h" @@ -12,7 +12,7 @@ #include "nix_api_util_internal.h" #include "nix_api_store_internal.h" #include "nix_api_value.h" -#include "nix/value/context.hh" +#include "nix/expr/value/context.hh" // Internal helper functions to check [in] and [out] `Value *` parameters static const nix::Value & check_value_not_null(const nix_value * value) diff --git a/src/libexpr-test-support/include/nix/tests/libexpr.hh b/src/libexpr-test-support/include/nix/expr/tests/libexpr.hh similarity index 93% rename from src/libexpr-test-support/include/nix/tests/libexpr.hh rename to src/libexpr-test-support/include/nix/expr/tests/libexpr.hh index dfd5fbd3d2a..48c96ae2cdf 100644 --- a/src/libexpr-test-support/include/nix/tests/libexpr.hh +++ b/src/libexpr-test-support/include/nix/expr/tests/libexpr.hh @@ -4,16 +4,16 @@ #include #include -#include "nix/fetch-settings.hh" -#include "nix/value.hh" -#include "nix/nixexpr.hh" -#include "nix/nixexpr.hh" -#include "nix/eval.hh" -#include "nix/eval-gc.hh" -#include "nix/eval-inline.hh" -#include "nix/eval-settings.hh" - -#include "nix/tests/libstore.hh" +#include "nix/fetchers/fetch-settings.hh" +#include "nix/expr/value.hh" +#include "nix/expr/nixexpr.hh" +#include "nix/expr/nixexpr.hh" +#include "nix/expr/eval.hh" +#include "nix/expr/eval-gc.hh" +#include "nix/expr/eval-inline.hh" +#include "nix/expr/eval-settings.hh" + +#include "nix/store/tests/libstore.hh" namespace nix { class LibExprTest : public LibStoreTest { diff --git a/src/libexpr-test-support/include/nix/expr/tests/meson.build b/src/libexpr-test-support/include/nix/expr/tests/meson.build new file mode 100644 index 00000000000..710bd8d4e3e --- /dev/null +++ b/src/libexpr-test-support/include/nix/expr/tests/meson.build @@ -0,0 +1,9 @@ +# Public headers directory + +include_dirs = [include_directories('../../..')] + +headers = files( + 'libexpr.hh', + 'nix_api_expr.hh', + 'value/context.hh', +) diff --git a/src/libexpr-test-support/include/nix/tests/nix_api_expr.hh b/src/libexpr-test-support/include/nix/expr/tests/nix_api_expr.hh similarity index 92% rename from src/libexpr-test-support/include/nix/tests/nix_api_expr.hh rename to src/libexpr-test-support/include/nix/expr/tests/nix_api_expr.hh index e5960b177a5..3e5aec31369 100644 --- a/src/libexpr-test-support/include/nix/tests/nix_api_expr.hh +++ b/src/libexpr-test-support/include/nix/expr/tests/nix_api_expr.hh @@ -2,7 +2,7 @@ ///@file #include "nix_api_expr.h" #include "nix_api_value.h" -#include "nix/tests/nix_api_store.hh" +#include "nix/store/tests/nix_api_store.hh" #include diff --git a/src/libexpr-test-support/include/nix/tests/value/context.hh b/src/libexpr-test-support/include/nix/expr/tests/value/context.hh similarity index 93% rename from src/libexpr-test-support/include/nix/tests/value/context.hh rename to src/libexpr-test-support/include/nix/expr/tests/value/context.hh index d98e722421a..a6a851d3ac7 100644 --- a/src/libexpr-test-support/include/nix/tests/value/context.hh +++ b/src/libexpr-test-support/include/nix/expr/tests/value/context.hh @@ -3,7 +3,7 @@ #include -#include "nix/value/context.hh" +#include "nix/expr/value/context.hh" namespace rc { using namespace nix; diff --git a/src/libexpr-test-support/include/nix/meson.build b/src/libexpr-test-support/include/nix/meson.build deleted file mode 100644 index 9e517c7f6c5..00000000000 --- a/src/libexpr-test-support/include/nix/meson.build +++ /dev/null @@ -1,9 +0,0 @@ -# Public headers directory - -include_dirs = [include_directories('..')] - -headers = files( - 'tests/libexpr.hh', - 'tests/nix_api_expr.hh', - 'tests/value/context.hh', -) diff --git a/src/libexpr-test-support/meson.build b/src/libexpr-test-support/meson.build index 3409dbf2095..b97f94362fd 100644 --- a/src/libexpr-test-support/meson.build +++ b/src/libexpr-test-support/meson.build @@ -35,7 +35,7 @@ sources = files( 'tests/value/context.cc', ) -subdir('include/nix') +subdir('include/nix/expr/tests') subdir('nix-meson-build-support/export-all-symbols') subdir('nix-meson-build-support/windows-version') @@ -52,7 +52,7 @@ this_library = library( install : true, ) -install_headers(headers, subdir : 'nix', preserve_path : true) +install_headers(headers, subdir : 'nix/expr/tests', preserve_path : true) libraries_private = [] diff --git a/src/libexpr-test-support/package.nix b/src/libexpr-test-support/package.nix index 5d4af1088d9..5cb4adaa8c4 100644 --- a/src/libexpr-test-support/package.nix +++ b/src/libexpr-test-support/package.nix @@ -29,7 +29,7 @@ mkMesonLibrary (finalAttrs: { ./.version ./meson.build # ./meson.options - ./include/nix/meson.build + ./include/nix/expr/tests/meson.build (fileset.fileFilter (file: file.hasExt "cc") ./.) (fileset.fileFilter (file: file.hasExt "hh") ./.) ]; diff --git a/src/libexpr-test-support/tests/value/context.cc b/src/libexpr-test-support/tests/value/context.cc index 7b2d60269a8..51ff1b2ae61 100644 --- a/src/libexpr-test-support/tests/value/context.cc +++ b/src/libexpr-test-support/tests/value/context.cc @@ -1,7 +1,7 @@ #include -#include "nix/tests/path.hh" -#include "nix/tests/value/context.hh" +#include "nix/store/tests/path.hh" +#include "nix/expr/tests/value/context.hh" namespace rc { using namespace nix; diff --git a/src/libexpr-tests/derived-path.cc b/src/libexpr-tests/derived-path.cc index 1e427ffa527..9cc5d53714b 100644 --- a/src/libexpr-tests/derived-path.cc +++ b/src/libexpr-tests/derived-path.cc @@ -2,8 +2,8 @@ #include #include -#include "nix/tests/derived-path.hh" -#include "nix/tests/libexpr.hh" +#include "nix/store/tests/derived-path.hh" +#include "nix/expr/tests/libexpr.hh" namespace nix { diff --git a/src/libexpr-tests/error_traces.cc b/src/libexpr-tests/error_traces.cc index abba15db8cd..d0ccd970a65 100644 --- a/src/libexpr-tests/error_traces.cc +++ b/src/libexpr-tests/error_traces.cc @@ -1,7 +1,7 @@ #include #include -#include "nix/tests/libexpr.hh" +#include "nix/expr/tests/libexpr.hh" namespace nix { diff --git a/src/libexpr-tests/eval.cc b/src/libexpr-tests/eval.cc index 3bc672746ab..e9664dc5892 100644 --- a/src/libexpr-tests/eval.cc +++ b/src/libexpr-tests/eval.cc @@ -1,8 +1,8 @@ #include #include -#include "nix/eval.hh" -#include "nix/tests/libexpr.hh" +#include "nix/expr/eval.hh" +#include "nix/expr/tests/libexpr.hh" namespace nix { diff --git a/src/libexpr-tests/json.cc b/src/libexpr-tests/json.cc index 67fdcf209a6..11f31d05851 100644 --- a/src/libexpr-tests/json.cc +++ b/src/libexpr-tests/json.cc @@ -1,5 +1,5 @@ -#include "nix/tests/libexpr.hh" -#include "nix/value-to-json.hh" +#include "nix/expr/tests/libexpr.hh" +#include "nix/expr/value-to-json.hh" namespace nix { // Testing the conversion to JSON diff --git a/src/libexpr-tests/main.cc b/src/libexpr-tests/main.cc index 719b5a727b1..6fdaa91782b 100644 --- a/src/libexpr-tests/main.cc +++ b/src/libexpr-tests/main.cc @@ -1,7 +1,7 @@ #include #include -#include "nix/globals.hh" -#include "nix/logging.hh" +#include "nix/store/globals.hh" +#include "nix/util/logging.hh" using namespace nix; diff --git a/src/libexpr-tests/nix_api_expr.cc b/src/libexpr-tests/nix_api_expr.cc index 55893488f8e..e2eeace6c74 100644 --- a/src/libexpr-tests/nix_api_expr.cc +++ b/src/libexpr-tests/nix_api_expr.cc @@ -5,9 +5,9 @@ #include "nix_api_expr.h" #include "nix_api_value.h" -#include "nix/tests/nix_api_expr.hh" -#include "nix/tests/string_callback.hh" -#include "nix/file-system.hh" +#include "nix/expr/tests/nix_api_expr.hh" +#include "nix/util/tests/string_callback.hh" +#include "nix/util/file-system.hh" #include #include diff --git a/src/libexpr-tests/nix_api_external.cc b/src/libexpr-tests/nix_api_external.cc index f3f4771c733..b32326f9e32 100644 --- a/src/libexpr-tests/nix_api_external.cc +++ b/src/libexpr-tests/nix_api_external.cc @@ -7,8 +7,8 @@ #include "nix_api_value.h" #include "nix_api_external.h" -#include "nix/tests/nix_api_expr.hh" -#include "nix/tests/string_callback.hh" +#include "nix/expr/tests/nix_api_expr.hh" +#include "nix/util/tests/string_callback.hh" #include diff --git a/src/libexpr-tests/nix_api_value.cc b/src/libexpr-tests/nix_api_value.cc index 0f86ba6502a..14f8bd0b0a3 100644 --- a/src/libexpr-tests/nix_api_value.cc +++ b/src/libexpr-tests/nix_api_value.cc @@ -6,8 +6,8 @@ #include "nix_api_value.h" #include "nix_api_expr_internal.h" -#include "nix/tests/nix_api_expr.hh" -#include "nix/tests/string_callback.hh" +#include "nix/expr/tests/nix_api_expr.hh" +#include "nix/util/tests/string_callback.hh" #include #include diff --git a/src/libexpr-tests/primops.cc b/src/libexpr-tests/primops.cc index 4114f08f6f9..66850d78b49 100644 --- a/src/libexpr-tests/primops.cc +++ b/src/libexpr-tests/primops.cc @@ -1,10 +1,10 @@ #include #include -#include "nix/eval-settings.hh" -#include "nix/memory-source-accessor.hh" +#include "nix/expr/eval-settings.hh" +#include "nix/util/memory-source-accessor.hh" -#include "nix/tests/libexpr.hh" +#include "nix/expr/tests/libexpr.hh" namespace nix { class CaptureLogger : public Logger diff --git a/src/libexpr-tests/search-path.cc b/src/libexpr-tests/search-path.cc index 72f2335971f..792bb0812ff 100644 --- a/src/libexpr-tests/search-path.cc +++ b/src/libexpr-tests/search-path.cc @@ -1,7 +1,7 @@ #include #include -#include "nix/search-path.hh" +#include "nix/expr/search-path.hh" namespace nix { diff --git a/src/libexpr-tests/trivial.cc b/src/libexpr-tests/trivial.cc index 4ddd24d12f3..50a8f29f83d 100644 --- a/src/libexpr-tests/trivial.cc +++ b/src/libexpr-tests/trivial.cc @@ -1,4 +1,4 @@ -#include "nix/tests/libexpr.hh" +#include "nix/expr/tests/libexpr.hh" namespace nix { // Testing of trivial expressions diff --git a/src/libexpr-tests/value/context.cc b/src/libexpr-tests/value/context.cc index bf3b501f433..97cd50f7554 100644 --- a/src/libexpr-tests/value/context.cc +++ b/src/libexpr-tests/value/context.cc @@ -2,9 +2,9 @@ #include #include -#include "nix/tests/path.hh" -#include "nix/tests/libexpr.hh" -#include "nix/tests/value/context.hh" +#include "nix/store/tests/path.hh" +#include "nix/expr/tests/libexpr.hh" +#include "nix/expr/tests/value/context.hh" namespace nix { diff --git a/src/libexpr-tests/value/print.cc b/src/libexpr-tests/value/print.cc index 8590f9aac68..d337a29a38d 100644 --- a/src/libexpr-tests/value/print.cc +++ b/src/libexpr-tests/value/print.cc @@ -1,7 +1,7 @@ -#include "nix/tests/libexpr.hh" +#include "nix/expr/tests/libexpr.hh" -#include "nix/value.hh" -#include "nix/print.hh" +#include "nix/expr/value.hh" +#include "nix/expr/print.hh" namespace nix { diff --git a/src/libexpr-tests/value/value.cc b/src/libexpr-tests/value/value.cc index 9f91f8ff5ae..63501dd4995 100644 --- a/src/libexpr-tests/value/value.cc +++ b/src/libexpr-tests/value/value.cc @@ -1,6 +1,6 @@ -#include "nix/value.hh" +#include "nix/expr/value.hh" -#include "nix/tests/libstore.hh" +#include "nix/store/tests/libstore.hh" namespace nix { diff --git a/src/libexpr/attr-path.cc b/src/libexpr/attr-path.cc index 8dde6479066..cee805d14af 100644 --- a/src/libexpr/attr-path.cc +++ b/src/libexpr/attr-path.cc @@ -1,5 +1,5 @@ -#include "nix/attr-path.hh" -#include "nix/eval-inline.hh" +#include "nix/expr/attr-path.hh" +#include "nix/expr/eval-inline.hh" namespace nix { diff --git a/src/libexpr/attr-set.cc b/src/libexpr/attr-set.cc index c6fc9f32a50..06e245aea6b 100644 --- a/src/libexpr/attr-set.cc +++ b/src/libexpr/attr-set.cc @@ -1,5 +1,5 @@ -#include "nix/attr-set.hh" -#include "nix/eval-inline.hh" +#include "nix/expr/attr-set.hh" +#include "nix/expr/eval-inline.hh" #include diff --git a/src/libexpr/eval-cache.cc b/src/libexpr/eval-cache.cc index 5491f5d4c0f..30aa6076a21 100644 --- a/src/libexpr/eval-cache.cc +++ b/src/libexpr/eval-cache.cc @@ -1,11 +1,11 @@ -#include "nix/users.hh" -#include "nix/eval-cache.hh" -#include "nix/sqlite.hh" -#include "nix/eval.hh" -#include "nix/eval-inline.hh" -#include "nix/store-api.hh" +#include "nix/util/users.hh" +#include "nix/expr/eval-cache.hh" +#include "nix/store/sqlite.hh" +#include "nix/expr/eval.hh" +#include "nix/expr/eval-inline.hh" +#include "nix/store/store-api.hh" // Need specialization involving `SymbolStr` just in this one module. -#include "nix/strings-inline.hh" +#include "nix/util/strings-inline.hh" namespace nix::eval_cache { diff --git a/src/libexpr/eval-error.cc b/src/libexpr/eval-error.cc index f983107a3b3..2c8b6e325fb 100644 --- a/src/libexpr/eval-error.cc +++ b/src/libexpr/eval-error.cc @@ -1,6 +1,6 @@ -#include "nix/eval-error.hh" -#include "nix/eval.hh" -#include "nix/value.hh" +#include "nix/expr/eval-error.hh" +#include "nix/expr/eval.hh" +#include "nix/expr/value.hh" namespace nix { diff --git a/src/libexpr/eval-gc.cc b/src/libexpr/eval-gc.cc index 1166548f625..6fc5ac334b3 100644 --- a/src/libexpr/eval-gc.cc +++ b/src/libexpr/eval-gc.cc @@ -1,9 +1,9 @@ -#include "nix/error.hh" -#include "nix/environment-variables.hh" -#include "nix/eval-settings.hh" -#include "nix/config-global.hh" -#include "nix/serialise.hh" -#include "nix/eval-gc.hh" +#include "nix/util/error.hh" +#include "nix/util/environment-variables.hh" +#include "nix/expr/eval-settings.hh" +#include "nix/util/config-global.hh" +#include "nix/util/serialise.hh" +#include "nix/expr/eval-gc.hh" #include "expr-config-private.hh" diff --git a/src/libexpr/eval-settings.cc b/src/libexpr/eval-settings.cc index 458507db813..659c01a9e63 100644 --- a/src/libexpr/eval-settings.cc +++ b/src/libexpr/eval-settings.cc @@ -1,8 +1,8 @@ -#include "nix/users.hh" -#include "nix/globals.hh" -#include "nix/profiles.hh" -#include "nix/eval.hh" -#include "nix/eval-settings.hh" +#include "nix/util/users.hh" +#include "nix/store/globals.hh" +#include "nix/store/profiles.hh" +#include "nix/expr/eval.hh" +#include "nix/expr/eval-settings.hh" namespace nix { diff --git a/src/libexpr/eval.cc b/src/libexpr/eval.cc index 41b64a90a65..624d7d4aad8 100644 --- a/src/libexpr/eval.cc +++ b/src/libexpr/eval.cc @@ -1,24 +1,24 @@ -#include "nix/eval.hh" -#include "nix/eval-settings.hh" -#include "nix/primops.hh" -#include "nix/print-options.hh" -#include "nix/exit.hh" -#include "nix/types.hh" -#include "nix/util.hh" -#include "nix/store-api.hh" -#include "nix/derivations.hh" -#include "nix/downstream-placeholder.hh" -#include "nix/eval-inline.hh" -#include "nix/filetransfer.hh" -#include "nix/function-trace.hh" -#include "nix/profiles.hh" -#include "nix/print.hh" -#include "nix/filtering-source-accessor.hh" -#include "nix/memory-source-accessor.hh" -#include "nix/gc-small-vector.hh" -#include "nix/url.hh" -#include "nix/fetch-to-store.hh" -#include "nix/tarball.hh" +#include "nix/expr/eval.hh" +#include "nix/expr/eval-settings.hh" +#include "nix/expr/primops.hh" +#include "nix/expr/print-options.hh" +#include "nix/util/exit.hh" +#include "nix/util/types.hh" +#include "nix/util/util.hh" +#include "nix/store/store-api.hh" +#include "nix/store/derivations.hh" +#include "nix/store/downstream-placeholder.hh" +#include "nix/expr/eval-inline.hh" +#include "nix/store/filetransfer.hh" +#include "nix/expr/function-trace.hh" +#include "nix/store/profiles.hh" +#include "nix/expr/print.hh" +#include "nix/fetchers/filtering-source-accessor.hh" +#include "nix/util/memory-source-accessor.hh" +#include "nix/expr/gc-small-vector.hh" +#include "nix/util/url.hh" +#include "nix/fetchers/fetch-to-store.hh" +#include "nix/fetchers/tarball.hh" #include "parser-tab.hh" @@ -39,7 +39,7 @@ # include #endif -#include "nix/strings-inline.hh" +#include "nix/util/strings-inline.hh" using json = nlohmann::json; diff --git a/src/libexpr/function-trace.cc b/src/libexpr/function-trace.cc index 9c6e54e4b51..1dce5172688 100644 --- a/src/libexpr/function-trace.cc +++ b/src/libexpr/function-trace.cc @@ -1,5 +1,5 @@ -#include "nix/function-trace.hh" -#include "nix/logging.hh" +#include "nix/expr/function-trace.hh" +#include "nix/util/logging.hh" namespace nix { diff --git a/src/libexpr/get-drvs.cc b/src/libexpr/get-drvs.cc index 61b44aa1768..f15ad4d7304 100644 --- a/src/libexpr/get-drvs.cc +++ b/src/libexpr/get-drvs.cc @@ -1,8 +1,8 @@ -#include "nix/get-drvs.hh" -#include "nix/eval-inline.hh" -#include "nix/derivations.hh" -#include "nix/store-api.hh" -#include "nix/path-with-outputs.hh" +#include "nix/expr/get-drvs.hh" +#include "nix/expr/eval-inline.hh" +#include "nix/store/derivations.hh" +#include "nix/store/store-api.hh" +#include "nix/store/path-with-outputs.hh" #include #include diff --git a/src/libexpr/include/nix/attr-path.hh b/src/libexpr/include/nix/expr/attr-path.hh similarity index 95% rename from src/libexpr/include/nix/attr-path.hh rename to src/libexpr/include/nix/expr/attr-path.hh index 06d00efc268..66a3f4e00ef 100644 --- a/src/libexpr/include/nix/attr-path.hh +++ b/src/libexpr/include/nix/expr/attr-path.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "nix/eval.hh" +#include "nix/expr/eval.hh" #include #include diff --git a/src/libexpr/include/nix/attr-set.hh b/src/libexpr/include/nix/expr/attr-set.hh similarity index 98% rename from src/libexpr/include/nix/attr-set.hh rename to src/libexpr/include/nix/expr/attr-set.hh index 93360e4e3df..283786f4daa 100644 --- a/src/libexpr/include/nix/attr-set.hh +++ b/src/libexpr/include/nix/expr/attr-set.hh @@ -1,8 +1,8 @@ #pragma once ///@file -#include "nix/nixexpr.hh" -#include "nix/symbol-table.hh" +#include "nix/expr/nixexpr.hh" +#include "nix/expr/symbol-table.hh" #include diff --git a/src/libexpr/include/nix/eval-cache.hh b/src/libexpr/include/nix/expr/eval-cache.hh similarity index 97% rename from src/libexpr/include/nix/eval-cache.hh rename to src/libexpr/include/nix/expr/eval-cache.hh index 2d70aa99e37..31873f7a33c 100644 --- a/src/libexpr/include/nix/eval-cache.hh +++ b/src/libexpr/include/nix/expr/eval-cache.hh @@ -1,9 +1,9 @@ #pragma once ///@file -#include "nix/sync.hh" -#include "nix/hash.hh" -#include "nix/eval.hh" +#include "nix/util/sync.hh" +#include "nix/util/hash.hh" +#include "nix/expr/eval.hh" #include #include diff --git a/src/libexpr/include/nix/eval-error.hh b/src/libexpr/include/nix/expr/eval-error.hh similarity index 98% rename from src/libexpr/include/nix/eval-error.hh rename to src/libexpr/include/nix/expr/eval-error.hh index 3dee88fa4da..ae4f4068953 100644 --- a/src/libexpr/include/nix/eval-error.hh +++ b/src/libexpr/include/nix/expr/eval-error.hh @@ -1,7 +1,7 @@ #pragma once -#include "nix/error.hh" -#include "nix/pos-idx.hh" +#include "nix/util/error.hh" +#include "nix/util/pos-idx.hh" namespace nix { diff --git a/src/libexpr/include/nix/eval-gc.hh b/src/libexpr/include/nix/expr/eval-gc.hh similarity index 96% rename from src/libexpr/include/nix/eval-gc.hh rename to src/libexpr/include/nix/expr/eval-gc.hh index 8f28fe0e2e0..25144d40c1d 100644 --- a/src/libexpr/include/nix/eval-gc.hh +++ b/src/libexpr/include/nix/expr/eval-gc.hh @@ -4,7 +4,7 @@ #include // For `NIX_USE_BOEHMGC`, and if that's set, `GC_THREADS` -#include "nix/expr-config.hh" +#include "nix/expr/config.hh" #if NIX_USE_BOEHMGC diff --git a/src/libexpr/include/nix/eval-inline.hh b/src/libexpr/include/nix/expr/eval-inline.hh similarity index 96% rename from src/libexpr/include/nix/eval-inline.hh rename to src/libexpr/include/nix/expr/eval-inline.hh index 09a85db060c..6e5759c0b44 100644 --- a/src/libexpr/include/nix/eval-inline.hh +++ b/src/libexpr/include/nix/expr/eval-inline.hh @@ -1,13 +1,13 @@ #pragma once ///@file -#include "nix/print.hh" -#include "nix/eval.hh" -#include "nix/eval-error.hh" -#include "nix/eval-settings.hh" +#include "nix/expr/print.hh" +#include "nix/expr/eval.hh" +#include "nix/expr/eval-error.hh" +#include "nix/expr/eval-settings.hh" // For `NIX_USE_BOEHMGC`, and if that's set, `GC_THREADS` -#include "nix/expr-config.hh" +#include "nix/expr/config.hh" namespace nix { diff --git a/src/libexpr/include/nix/eval-settings.hh b/src/libexpr/include/nix/expr/eval-settings.hh similarity index 99% rename from src/libexpr/include/nix/eval-settings.hh rename to src/libexpr/include/nix/expr/eval-settings.hh index 48d8a544b35..8d3db59b3bb 100644 --- a/src/libexpr/include/nix/eval-settings.hh +++ b/src/libexpr/include/nix/expr/eval-settings.hh @@ -1,8 +1,8 @@ #pragma once ///@file -#include "nix/config.hh" -#include "nix/source-path.hh" +#include "nix/util/configuration.hh" +#include "nix/util/source-path.hh" namespace nix { diff --git a/src/libexpr/include/nix/eval.hh b/src/libexpr/include/nix/expr/eval.hh similarity index 98% rename from src/libexpr/include/nix/eval.hh rename to src/libexpr/include/nix/expr/eval.hh index 7a3ec065d24..0933c6e893e 100644 --- a/src/libexpr/include/nix/eval.hh +++ b/src/libexpr/include/nix/expr/eval.hh @@ -1,23 +1,23 @@ #pragma once ///@file -#include "nix/attr-set.hh" -#include "nix/eval-error.hh" -#include "nix/types.hh" -#include "nix/value.hh" -#include "nix/nixexpr.hh" -#include "nix/symbol-table.hh" -#include "nix/config.hh" -#include "nix/experimental-features.hh" -#include "nix/position.hh" -#include "nix/pos-table.hh" -#include "nix/source-accessor.hh" -#include "nix/search-path.hh" -#include "nix/repl-exit-status.hh" -#include "nix/ref.hh" +#include "nix/expr/attr-set.hh" +#include "nix/expr/eval-error.hh" +#include "nix/util/types.hh" +#include "nix/expr/value.hh" +#include "nix/expr/nixexpr.hh" +#include "nix/expr/symbol-table.hh" +#include "nix/util/configuration.hh" +#include "nix/util/experimental-features.hh" +#include "nix/util/position.hh" +#include "nix/util/pos-table.hh" +#include "nix/util/source-accessor.hh" +#include "nix/expr/search-path.hh" +#include "nix/expr/repl-exit-status.hh" +#include "nix/util/ref.hh" // For `NIX_USE_BOEHMGC`, and if that's set, `GC_THREADS` -#include "nix/expr-config.hh" +#include "nix/expr/config.hh" #include #include @@ -947,4 +947,4 @@ bool isAllowedURI(std::string_view uri, const Strings & allowedPaths); } -#include "nix/eval-inline.hh" +#include "nix/expr/eval-inline.hh" diff --git a/src/libexpr/include/nix/function-trace.hh b/src/libexpr/include/nix/expr/function-trace.hh similarity index 86% rename from src/libexpr/include/nix/function-trace.hh rename to src/libexpr/include/nix/expr/function-trace.hh index 59743fe79e9..dc92d4b5ca2 100644 --- a/src/libexpr/include/nix/function-trace.hh +++ b/src/libexpr/include/nix/expr/function-trace.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "nix/eval.hh" +#include "nix/expr/eval.hh" #include diff --git a/src/libexpr/include/nix/gc-small-vector.hh b/src/libexpr/include/nix/expr/gc-small-vector.hh similarity index 95% rename from src/libexpr/include/nix/gc-small-vector.hh rename to src/libexpr/include/nix/expr/gc-small-vector.hh index 2becffe7ca1..ad4503de72a 100644 --- a/src/libexpr/include/nix/gc-small-vector.hh +++ b/src/libexpr/include/nix/expr/gc-small-vector.hh @@ -2,7 +2,7 @@ #include -#include "nix/value.hh" +#include "nix/expr/value.hh" namespace nix { diff --git a/src/libexpr/include/nix/get-drvs.hh b/src/libexpr/include/nix/expr/get-drvs.hh similarity index 97% rename from src/libexpr/include/nix/get-drvs.hh rename to src/libexpr/include/nix/expr/get-drvs.hh index aeb70c79e2b..0787c44a8b4 100644 --- a/src/libexpr/include/nix/get-drvs.hh +++ b/src/libexpr/include/nix/expr/get-drvs.hh @@ -1,8 +1,8 @@ #pragma once ///@file -#include "nix/eval.hh" -#include "nix/path.hh" +#include "nix/expr/eval.hh" +#include "nix/store/path.hh" #include #include diff --git a/src/libexpr/include/nix/json-to-value.hh b/src/libexpr/include/nix/expr/json-to-value.hh similarity index 87% rename from src/libexpr/include/nix/json-to-value.hh rename to src/libexpr/include/nix/expr/json-to-value.hh index a2e0d303d13..b01d63bfe63 100644 --- a/src/libexpr/include/nix/json-to-value.hh +++ b/src/libexpr/include/nix/expr/json-to-value.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "nix/error.hh" +#include "nix/util/error.hh" #include diff --git a/src/libexpr/include/nix/lexer-helpers.hh b/src/libexpr/include/nix/expr/lexer-helpers.hh similarity index 100% rename from src/libexpr/include/nix/lexer-helpers.hh rename to src/libexpr/include/nix/expr/lexer-helpers.hh diff --git a/src/libexpr/include/nix/meson.build b/src/libexpr/include/nix/expr/meson.build similarity index 90% rename from src/libexpr/include/nix/meson.build rename to src/libexpr/include/nix/expr/meson.build index 89422004a7f..01275e52ee1 100644 --- a/src/libexpr/include/nix/meson.build +++ b/src/libexpr/include/nix/expr/meson.build @@ -1,10 +1,10 @@ # Public headers directory -include_dirs = [include_directories('..')] +include_dirs = [include_directories('../..')] config_pub_h = configure_file( configuration : configdata_pub, - output : 'expr-config.hh', + output : 'config.hh', ) headers = [config_pub_h] + files( diff --git a/src/libexpr/include/nix/nixexpr.hh b/src/libexpr/include/nix/expr/nixexpr.hh similarity index 99% rename from src/libexpr/include/nix/nixexpr.hh rename to src/libexpr/include/nix/expr/nixexpr.hh index deb26dd29f8..9409bdca86b 100644 --- a/src/libexpr/include/nix/nixexpr.hh +++ b/src/libexpr/include/nix/expr/nixexpr.hh @@ -4,10 +4,10 @@ #include #include -#include "nix/value.hh" -#include "nix/symbol-table.hh" -#include "nix/eval-error.hh" -#include "nix/pos-idx.hh" +#include "nix/expr/value.hh" +#include "nix/expr/symbol-table.hh" +#include "nix/expr/eval-error.hh" +#include "nix/util/pos-idx.hh" namespace nix { diff --git a/src/libexpr/include/nix/parser-state.hh b/src/libexpr/include/nix/expr/parser-state.hh similarity index 99% rename from src/libexpr/include/nix/parser-state.hh rename to src/libexpr/include/nix/expr/parser-state.hh index aa3c2455dd1..0505913d087 100644 --- a/src/libexpr/include/nix/parser-state.hh +++ b/src/libexpr/include/nix/expr/parser-state.hh @@ -3,7 +3,7 @@ #include -#include "nix/eval.hh" +#include "nix/expr/eval.hh" namespace nix { diff --git a/src/libexpr/include/nix/primops.hh b/src/libexpr/include/nix/expr/primops.hh similarity index 98% rename from src/libexpr/include/nix/primops.hh rename to src/libexpr/include/nix/expr/primops.hh index 75c6f0d4668..f0742a13804 100644 --- a/src/libexpr/include/nix/primops.hh +++ b/src/libexpr/include/nix/expr/primops.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "nix/eval.hh" +#include "nix/expr/eval.hh" #include #include diff --git a/src/libexpr/include/nix/print-ambiguous.hh b/src/libexpr/include/nix/expr/print-ambiguous.hh similarity index 95% rename from src/libexpr/include/nix/print-ambiguous.hh rename to src/libexpr/include/nix/expr/print-ambiguous.hh index 06f4e805c9d..09a849c498b 100644 --- a/src/libexpr/include/nix/print-ambiguous.hh +++ b/src/libexpr/include/nix/expr/print-ambiguous.hh @@ -1,6 +1,6 @@ #pragma once -#include "nix/value.hh" +#include "nix/expr/value.hh" namespace nix { diff --git a/src/libexpr/include/nix/print-options.hh b/src/libexpr/include/nix/expr/print-options.hh similarity index 100% rename from src/libexpr/include/nix/print-options.hh rename to src/libexpr/include/nix/expr/print-options.hh diff --git a/src/libexpr/include/nix/print.hh b/src/libexpr/include/nix/expr/print.hh similarity index 97% rename from src/libexpr/include/nix/print.hh rename to src/libexpr/include/nix/expr/print.hh index 09405e8f00b..ac9bf23a431 100644 --- a/src/libexpr/include/nix/print.hh +++ b/src/libexpr/include/nix/expr/print.hh @@ -9,8 +9,8 @@ #include -#include "nix/fmt.hh" -#include "nix/print-options.hh" +#include "nix/util/fmt.hh" +#include "nix/expr/print-options.hh" namespace nix { diff --git a/src/libexpr/include/nix/repl-exit-status.hh b/src/libexpr/include/nix/expr/repl-exit-status.hh similarity index 100% rename from src/libexpr/include/nix/repl-exit-status.hh rename to src/libexpr/include/nix/expr/repl-exit-status.hh diff --git a/src/libexpr/include/nix/search-path.hh b/src/libexpr/include/nix/expr/search-path.hh similarity index 97% rename from src/libexpr/include/nix/search-path.hh rename to src/libexpr/include/nix/expr/search-path.hh index 22a97b5f362..202527fd2fa 100644 --- a/src/libexpr/include/nix/search-path.hh +++ b/src/libexpr/include/nix/expr/search-path.hh @@ -3,8 +3,8 @@ #include -#include "nix/types.hh" -#include "nix/comparator.hh" +#include "nix/util/types.hh" +#include "nix/util/comparator.hh" namespace nix { diff --git a/src/libexpr/include/nix/symbol-table.hh b/src/libexpr/include/nix/expr/symbol-table.hh similarity index 97% rename from src/libexpr/include/nix/symbol-table.hh rename to src/libexpr/include/nix/expr/symbol-table.hh index b55674b1239..018465bf56a 100644 --- a/src/libexpr/include/nix/symbol-table.hh +++ b/src/libexpr/include/nix/expr/symbol-table.hh @@ -5,9 +5,9 @@ #include #include -#include "nix/types.hh" -#include "nix/chunked-vector.hh" -#include "nix/error.hh" +#include "nix/util/types.hh" +#include "nix/util/chunked-vector.hh" +#include "nix/util/error.hh" namespace nix { diff --git a/src/libexpr/include/nix/value-to-json.hh b/src/libexpr/include/nix/expr/value-to-json.hh similarity index 88% rename from src/libexpr/include/nix/value-to-json.hh rename to src/libexpr/include/nix/expr/value-to-json.hh index 9875c83c6bb..1a691134705 100644 --- a/src/libexpr/include/nix/value-to-json.hh +++ b/src/libexpr/include/nix/expr/value-to-json.hh @@ -1,8 +1,8 @@ #pragma once ///@file -#include "nix/nixexpr.hh" -#include "nix/eval.hh" +#include "nix/expr/nixexpr.hh" +#include "nix/expr/eval.hh" #include #include diff --git a/src/libexpr/include/nix/value-to-xml.hh b/src/libexpr/include/nix/expr/value-to-xml.hh similarity index 79% rename from src/libexpr/include/nix/value-to-xml.hh rename to src/libexpr/include/nix/expr/value-to-xml.hh index 3e9dce4d69b..e22325de5e4 100644 --- a/src/libexpr/include/nix/value-to-xml.hh +++ b/src/libexpr/include/nix/expr/value-to-xml.hh @@ -1,8 +1,8 @@ #pragma once ///@file -#include "nix/nixexpr.hh" -#include "nix/eval.hh" +#include "nix/expr/nixexpr.hh" +#include "nix/expr/eval.hh" #include #include diff --git a/src/libexpr/include/nix/value.hh b/src/libexpr/include/nix/expr/value.hh similarity index 98% rename from src/libexpr/include/nix/value.hh rename to src/libexpr/include/nix/expr/value.hh index 45155b3d446..e9cc1cd3ffa 100644 --- a/src/libexpr/include/nix/value.hh +++ b/src/libexpr/include/nix/expr/value.hh @@ -4,12 +4,12 @@ #include #include -#include "nix/eval-gc.hh" -#include "nix/symbol-table.hh" -#include "nix/value/context.hh" -#include "nix/source-path.hh" -#include "nix/print-options.hh" -#include "nix/checked-arithmetic.hh" +#include "nix/expr/eval-gc.hh" +#include "nix/expr/symbol-table.hh" +#include "nix/expr/value/context.hh" +#include "nix/util/source-path.hh" +#include "nix/expr/print-options.hh" +#include "nix/util/checked-arithmetic.hh" #include diff --git a/src/libexpr/include/nix/value/context.hh b/src/libexpr/include/nix/expr/value/context.hh similarity index 94% rename from src/libexpr/include/nix/value/context.hh rename to src/libexpr/include/nix/expr/value/context.hh index f996cce42e1..f2de184ea1f 100644 --- a/src/libexpr/include/nix/value/context.hh +++ b/src/libexpr/include/nix/expr/value/context.hh @@ -1,9 +1,9 @@ #pragma once ///@file -#include "nix/comparator.hh" -#include "nix/derived-path.hh" -#include "nix/variant-wrapper.hh" +#include "nix/util/comparator.hh" +#include "nix/store/derived-path.hh" +#include "nix/util/variant-wrapper.hh" #include diff --git a/src/libexpr/json-to-value.cc b/src/libexpr/json-to-value.cc index d5da3f2b119..e38ac7db40c 100644 --- a/src/libexpr/json-to-value.cc +++ b/src/libexpr/json-to-value.cc @@ -1,6 +1,6 @@ -#include "nix/json-to-value.hh" -#include "nix/value.hh" -#include "nix/eval.hh" +#include "nix/expr/json-to-value.hh" +#include "nix/expr/value.hh" +#include "nix/expr/eval.hh" #include #include diff --git a/src/libexpr/lexer-helpers.cc b/src/libexpr/lexer-helpers.cc index 9eb4502fc97..4b27393bbac 100644 --- a/src/libexpr/lexer-helpers.cc +++ b/src/libexpr/lexer-helpers.cc @@ -1,7 +1,7 @@ #include "lexer-tab.hh" #include "parser-tab.hh" -#include "nix/lexer-helpers.hh" +#include "nix/expr/lexer-helpers.hh" void nix::lexer::internal::initLoc(YYLTYPE * loc) { diff --git a/src/libexpr/lexer.l b/src/libexpr/lexer.l index c8a5ec9fdd0..511c8e47bbf 100644 --- a/src/libexpr/lexer.l +++ b/src/libexpr/lexer.l @@ -16,7 +16,7 @@ %top { #include "parser-tab.hh" // YYSTYPE -#include "nix/parser-state.hh" +#include "nix/expr/parser-state.hh" } %{ @@ -24,9 +24,9 @@ #pragma clang diagnostic ignored "-Wunneeded-internal-declaration" #endif -#include "nix/nixexpr.hh" +#include "nix/expr/nixexpr.hh" #include "parser-tab.hh" -#include "nix/lexer-helpers.hh" +#include "nix/expr/lexer-helpers.hh" namespace nix { struct LexerState; diff --git a/src/libexpr/meson.build b/src/libexpr/meson.build index 02873f4dbc5..2e773938da0 100644 --- a/src/libexpr/meson.build +++ b/src/libexpr/meson.build @@ -156,7 +156,7 @@ sources = files( 'value/context.cc', ) -subdir('include/nix') +subdir('include/nix/expr') subdir('primops') @@ -177,7 +177,7 @@ this_library = library( install : true, ) -install_headers(headers, subdir : 'nix', preserve_path : true) +install_headers(headers, subdir : 'nix/expr', preserve_path : true) libraries_private = [] diff --git a/src/libexpr/nixexpr.cc b/src/libexpr/nixexpr.cc index e5289de6aae..1a71096d41e 100644 --- a/src/libexpr/nixexpr.cc +++ b/src/libexpr/nixexpr.cc @@ -1,13 +1,13 @@ -#include "nix/nixexpr.hh" -#include "nix/eval.hh" -#include "nix/symbol-table.hh" -#include "nix/util.hh" -#include "nix/print.hh" +#include "nix/expr/nixexpr.hh" +#include "nix/expr/eval.hh" +#include "nix/expr/symbol-table.hh" +#include "nix/util/util.hh" +#include "nix/expr/print.hh" #include #include -#include "nix/strings-inline.hh" +#include "nix/util/strings-inline.hh" namespace nix { diff --git a/src/libexpr/package.nix b/src/libexpr/package.nix index 8f309b14ebb..50161c58ba2 100644 --- a/src/libexpr/package.nix +++ b/src/libexpr/package.nix @@ -48,7 +48,7 @@ mkMesonLibrary (finalAttrs: { ./meson.build ./meson.options ./primops/meson.build - ./include/nix/meson.build + ./include/nix/expr/meson.build (fileset.fileFilter (file: file.hasExt "cc") ./.) (fileset.fileFilter (file: file.hasExt "hh") ./.) ./lexer.l diff --git a/src/libexpr/parser.y b/src/libexpr/parser.y index c90bafa059a..99cc687cc79 100644 --- a/src/libexpr/parser.y +++ b/src/libexpr/parser.y @@ -17,14 +17,14 @@ #include -#include "nix/finally.hh" -#include "nix/util.hh" -#include "nix/users.hh" +#include "nix/util/finally.hh" +#include "nix/util/util.hh" +#include "nix/util/users.hh" -#include "nix/nixexpr.hh" -#include "nix/eval.hh" -#include "nix/eval-settings.hh" -#include "nix/parser-state.hh" +#include "nix/expr/nixexpr.hh" +#include "nix/expr/eval.hh" +#include "nix/expr/eval-settings.hh" +#include "nix/expr/parser-state.hh" // Bison seems to have difficulty growing the parser stack when using C++ with // a custom location type. This undocumented macro tells Bison that our @@ -514,7 +514,7 @@ formal %% -#include "nix/eval.hh" +#include "nix/expr/eval.hh" namespace nix { diff --git a/src/libexpr/paths.cc b/src/libexpr/paths.cc index 5aae69f9da5..c5107de3a5e 100644 --- a/src/libexpr/paths.cc +++ b/src/libexpr/paths.cc @@ -1,5 +1,5 @@ -#include "nix/store-api.hh" -#include "nix/eval.hh" +#include "nix/store/store-api.hh" +#include "nix/expr/eval.hh" namespace nix { diff --git a/src/libexpr/primops.cc b/src/libexpr/primops.cc index a790076fe5e..47f048aef27 100644 --- a/src/libexpr/primops.cc +++ b/src/libexpr/primops.cc @@ -1,19 +1,19 @@ -#include "nix/derivations.hh" -#include "nix/downstream-placeholder.hh" -#include "nix/eval-inline.hh" -#include "nix/eval.hh" -#include "nix/eval-settings.hh" -#include "nix/gc-small-vector.hh" -#include "nix/json-to-value.hh" -#include "nix/names.hh" -#include "nix/path-references.hh" -#include "nix/store-api.hh" -#include "nix/util.hh" -#include "nix/processes.hh" -#include "nix/value-to-json.hh" -#include "nix/value-to-xml.hh" -#include "nix/primops.hh" -#include "nix/fetch-to-store.hh" +#include "nix/store/derivations.hh" +#include "nix/store/downstream-placeholder.hh" +#include "nix/expr/eval-inline.hh" +#include "nix/expr/eval.hh" +#include "nix/expr/eval-settings.hh" +#include "nix/expr/gc-small-vector.hh" +#include "nix/expr/json-to-value.hh" +#include "nix/store/names.hh" +#include "nix/store/path-references.hh" +#include "nix/store/store-api.hh" +#include "nix/util/util.hh" +#include "nix/util/processes.hh" +#include "nix/expr/value-to-json.hh" +#include "nix/expr/value-to-xml.hh" +#include "nix/expr/primops.hh" +#include "nix/fetchers/fetch-to-store.hh" #include #include diff --git a/src/libexpr/primops/context.cc b/src/libexpr/primops/context.cc index 832d17cbb90..6a7284e051f 100644 --- a/src/libexpr/primops/context.cc +++ b/src/libexpr/primops/context.cc @@ -1,7 +1,7 @@ -#include "nix/primops.hh" -#include "nix/eval-inline.hh" -#include "nix/derivations.hh" -#include "nix/store-api.hh" +#include "nix/expr/primops.hh" +#include "nix/expr/eval-inline.hh" +#include "nix/store/derivations.hh" +#include "nix/store/store-api.hh" namespace nix { diff --git a/src/libexpr/primops/fetchClosure.cc b/src/libexpr/primops/fetchClosure.cc index fc48c54eea3..d28680ae51b 100644 --- a/src/libexpr/primops/fetchClosure.cc +++ b/src/libexpr/primops/fetchClosure.cc @@ -1,8 +1,8 @@ -#include "nix/primops.hh" -#include "nix/store-api.hh" -#include "nix/realisation.hh" -#include "nix/make-content-addressed.hh" -#include "nix/url.hh" +#include "nix/expr/primops.hh" +#include "nix/store/store-api.hh" +#include "nix/store/realisation.hh" +#include "nix/store/make-content-addressed.hh" +#include "nix/util/url.hh" namespace nix { diff --git a/src/libexpr/primops/fetchMercurial.cc b/src/libexpr/primops/fetchMercurial.cc index 59698552e8a..189bd1f73d7 100644 --- a/src/libexpr/primops/fetchMercurial.cc +++ b/src/libexpr/primops/fetchMercurial.cc @@ -1,10 +1,10 @@ -#include "nix/primops.hh" -#include "nix/eval-inline.hh" -#include "nix/eval-settings.hh" -#include "nix/store-api.hh" -#include "nix/fetchers.hh" -#include "nix/url.hh" -#include "nix/url-parts.hh" +#include "nix/expr/primops.hh" +#include "nix/expr/eval-inline.hh" +#include "nix/expr/eval-settings.hh" +#include "nix/store/store-api.hh" +#include "nix/fetchers/fetchers.hh" +#include "nix/util/url.hh" +#include "nix/util/url-parts.hh" namespace nix { diff --git a/src/libexpr/primops/fetchTree.cc b/src/libexpr/primops/fetchTree.cc index b14d5411315..0be9f4bdc7d 100644 --- a/src/libexpr/primops/fetchTree.cc +++ b/src/libexpr/primops/fetchTree.cc @@ -1,15 +1,15 @@ -#include "nix/attrs.hh" -#include "nix/primops.hh" -#include "nix/eval-inline.hh" -#include "nix/eval-settings.hh" -#include "nix/store-api.hh" -#include "nix/fetchers.hh" -#include "nix/filetransfer.hh" -#include "nix/registry.hh" -#include "nix/tarball.hh" -#include "nix/url.hh" -#include "nix/value-to-json.hh" -#include "nix/fetch-to-store.hh" +#include "nix/fetchers/attrs.hh" +#include "nix/expr/primops.hh" +#include "nix/expr/eval-inline.hh" +#include "nix/expr/eval-settings.hh" +#include "nix/store/store-api.hh" +#include "nix/fetchers/fetchers.hh" +#include "nix/store/filetransfer.hh" +#include "nix/fetchers/registry.hh" +#include "nix/fetchers/tarball.hh" +#include "nix/util/url.hh" +#include "nix/expr/value-to-json.hh" +#include "nix/fetchers/fetch-to-store.hh" #include diff --git a/src/libexpr/primops/fromTOML.cc b/src/libexpr/primops/fromTOML.cc index 05fe2e7bdaa..2a29e042420 100644 --- a/src/libexpr/primops/fromTOML.cc +++ b/src/libexpr/primops/fromTOML.cc @@ -1,5 +1,5 @@ -#include "nix/primops.hh" -#include "nix/eval-inline.hh" +#include "nix/expr/primops.hh" +#include "nix/expr/eval-inline.hh" #include diff --git a/src/libexpr/print-ambiguous.cc b/src/libexpr/print-ambiguous.cc index b275e1e5c4b..0646783c268 100644 --- a/src/libexpr/print-ambiguous.cc +++ b/src/libexpr/print-ambiguous.cc @@ -1,7 +1,7 @@ -#include "nix/print-ambiguous.hh" -#include "nix/print.hh" -#include "nix/signals.hh" -#include "nix/eval.hh" +#include "nix/expr/print-ambiguous.hh" +#include "nix/expr/print.hh" +#include "nix/util/signals.hh" +#include "nix/expr/eval.hh" namespace nix { diff --git a/src/libexpr/print.cc b/src/libexpr/print.cc index 39f97e68b76..06bae9c5c3a 100644 --- a/src/libexpr/print.cc +++ b/src/libexpr/print.cc @@ -2,13 +2,13 @@ #include #include -#include "nix/print.hh" -#include "nix/ansicolor.hh" -#include "nix/signals.hh" -#include "nix/store-api.hh" -#include "nix/terminal.hh" -#include "nix/english.hh" -#include "nix/eval.hh" +#include "nix/expr/print.hh" +#include "nix/util/ansicolor.hh" +#include "nix/util/signals.hh" +#include "nix/store/store-api.hh" +#include "nix/util/terminal.hh" +#include "nix/util/english.hh" +#include "nix/expr/eval.hh" namespace nix { diff --git a/src/libexpr/search-path.cc b/src/libexpr/search-path.cc index 8c33430f1bb..76aecd4e5eb 100644 --- a/src/libexpr/search-path.cc +++ b/src/libexpr/search-path.cc @@ -1,4 +1,4 @@ -#include "nix/search-path.hh" +#include "nix/expr/search-path.hh" namespace nix { diff --git a/src/libexpr/value-to-json.cc b/src/libexpr/value-to-json.cc index 846776aed15..51652db1f04 100644 --- a/src/libexpr/value-to-json.cc +++ b/src/libexpr/value-to-json.cc @@ -1,7 +1,7 @@ -#include "nix/value-to-json.hh" -#include "nix/eval-inline.hh" -#include "nix/store-api.hh" -#include "nix/signals.hh" +#include "nix/expr/value-to-json.hh" +#include "nix/expr/eval-inline.hh" +#include "nix/store/store-api.hh" +#include "nix/util/signals.hh" #include #include diff --git a/src/libexpr/value-to-xml.cc b/src/libexpr/value-to-xml.cc index e4df226a433..e26fff71ba4 100644 --- a/src/libexpr/value-to-xml.cc +++ b/src/libexpr/value-to-xml.cc @@ -1,7 +1,7 @@ -#include "nix/value-to-xml.hh" -#include "nix/xml-writer.hh" -#include "nix/eval-inline.hh" -#include "nix/signals.hh" +#include "nix/expr/value-to-xml.hh" +#include "nix/util/xml-writer.hh" +#include "nix/expr/eval-inline.hh" +#include "nix/util/signals.hh" #include diff --git a/src/libexpr/value/context.cc b/src/libexpr/value/context.cc index 2052e193aab..40d08da59ec 100644 --- a/src/libexpr/value/context.cc +++ b/src/libexpr/value/context.cc @@ -1,5 +1,5 @@ -#include "nix/util.hh" -#include "nix/value/context.hh" +#include "nix/util/util.hh" +#include "nix/expr/value/context.hh" #include diff --git a/src/libfetchers-tests/access-tokens.cc b/src/libfetchers-tests/access-tokens.cc index 25c3e6b5f92..93043ba3efd 100644 --- a/src/libfetchers-tests/access-tokens.cc +++ b/src/libfetchers-tests/access-tokens.cc @@ -1,10 +1,10 @@ #include #include -#include "nix/fetchers.hh" -#include "nix/fetch-settings.hh" -#include "nix/json-utils.hh" -#include "nix/tests/characterization.hh" +#include "nix/fetchers/fetchers.hh" +#include "nix/fetchers/fetch-settings.hh" +#include "nix/util/json-utils.hh" +#include "nix/util/tests/characterization.hh" namespace nix::fetchers { diff --git a/src/libfetchers-tests/git-utils.cc b/src/libfetchers-tests/git-utils.cc index e41db0b5b34..ceac809de34 100644 --- a/src/libfetchers-tests/git-utils.cc +++ b/src/libfetchers-tests/git-utils.cc @@ -1,13 +1,13 @@ -#include "nix/git-utils.hh" -#include "nix/file-system.hh" +#include "nix/fetchers/git-utils.hh" +#include "nix/util/file-system.hh" #include #include #include #include #include -#include "nix/fs-sink.hh" -#include "nix/serialise.hh" -#include "nix/git-lfs-fetch.hh" +#include "nix/util/fs-sink.hh" +#include "nix/util/serialise.hh" +#include "nix/fetchers/git-lfs-fetch.hh" namespace nix { diff --git a/src/libfetchers-tests/public-key.cc b/src/libfetchers-tests/public-key.cc index 98965cf79f9..39a7cf4bd09 100644 --- a/src/libfetchers-tests/public-key.cc +++ b/src/libfetchers-tests/public-key.cc @@ -1,8 +1,8 @@ #include -#include "nix/fetchers.hh" -#include "nix/json-utils.hh" +#include "nix/fetchers/fetchers.hh" +#include "nix/util/json-utils.hh" #include -#include "nix/tests/characterization.hh" +#include "nix/util/tests/characterization.hh" namespace nix { diff --git a/src/libfetchers/attrs.cc b/src/libfetchers/attrs.cc index 68e5e932b13..47f6aa8c55c 100644 --- a/src/libfetchers/attrs.cc +++ b/src/libfetchers/attrs.cc @@ -1,5 +1,5 @@ -#include "nix/attrs.hh" -#include "nix/fetchers.hh" +#include "nix/fetchers/attrs.hh" +#include "nix/fetchers/fetchers.hh" #include diff --git a/src/libfetchers/cache.cc b/src/libfetchers/cache.cc index 089c8d6f3fb..d369d213f51 100644 --- a/src/libfetchers/cache.cc +++ b/src/libfetchers/cache.cc @@ -1,8 +1,8 @@ -#include "nix/cache.hh" -#include "nix/users.hh" -#include "nix/sqlite.hh" -#include "nix/sync.hh" -#include "nix/store-api.hh" +#include "nix/fetchers/cache.hh" +#include "nix/util/users.hh" +#include "nix/store/sqlite.hh" +#include "nix/util/sync.hh" +#include "nix/store/store-api.hh" #include diff --git a/src/libfetchers/fetch-settings.cc b/src/libfetchers/fetch-settings.cc index bdd09553865..4b4e4e29d98 100644 --- a/src/libfetchers/fetch-settings.cc +++ b/src/libfetchers/fetch-settings.cc @@ -1,4 +1,4 @@ -#include "nix/fetch-settings.hh" +#include "nix/fetchers/fetch-settings.hh" namespace nix::fetchers { diff --git a/src/libfetchers/fetch-to-store.cc b/src/libfetchers/fetch-to-store.cc index 2be08feaf49..ea33922b63c 100644 --- a/src/libfetchers/fetch-to-store.cc +++ b/src/libfetchers/fetch-to-store.cc @@ -1,6 +1,6 @@ -#include "nix/fetch-to-store.hh" -#include "nix/fetchers.hh" -#include "nix/cache.hh" +#include "nix/fetchers/fetch-to-store.hh" +#include "nix/fetchers/fetchers.hh" +#include "nix/fetchers/cache.hh" namespace nix { diff --git a/src/libfetchers/fetchers.cc b/src/libfetchers/fetchers.cc index 068a6722f83..8b1b2b0cbc5 100644 --- a/src/libfetchers/fetchers.cc +++ b/src/libfetchers/fetchers.cc @@ -1,10 +1,10 @@ -#include "nix/fetchers.hh" -#include "nix/store-api.hh" -#include "nix/source-path.hh" -#include "nix/fetch-to-store.hh" -#include "nix/json-utils.hh" -#include "nix/store-path-accessor.hh" -#include "nix/fetch-settings.hh" +#include "nix/fetchers/fetchers.hh" +#include "nix/store/store-api.hh" +#include "nix/util/source-path.hh" +#include "nix/fetchers/fetch-to-store.hh" +#include "nix/util/json-utils.hh" +#include "nix/fetchers/store-path-accessor.hh" +#include "nix/fetchers/fetch-settings.hh" #include diff --git a/src/libfetchers/filtering-source-accessor.cc b/src/libfetchers/filtering-source-accessor.cc index 1a9c8ae6bde..b1ba841403a 100644 --- a/src/libfetchers/filtering-source-accessor.cc +++ b/src/libfetchers/filtering-source-accessor.cc @@ -1,4 +1,4 @@ -#include "nix/filtering-source-accessor.hh" +#include "nix/fetchers/filtering-source-accessor.hh" namespace nix { diff --git a/src/libfetchers/git-lfs-fetch.cc b/src/libfetchers/git-lfs-fetch.cc index f90ab8a1fd6..97f10f0c6ec 100644 --- a/src/libfetchers/git-lfs-fetch.cc +++ b/src/libfetchers/git-lfs-fetch.cc @@ -1,10 +1,10 @@ -#include "nix/git-lfs-fetch.hh" -#include "nix/git-utils.hh" -#include "nix/filetransfer.hh" -#include "nix/processes.hh" -#include "nix/url.hh" -#include "nix/users.hh" -#include "nix/hash.hh" +#include "nix/fetchers/git-lfs-fetch.hh" +#include "nix/fetchers/git-utils.hh" +#include "nix/store/filetransfer.hh" +#include "nix/util/processes.hh" +#include "nix/util/url.hh" +#include "nix/util/users.hh" +#include "nix/util/hash.hh" #include #include diff --git a/src/libfetchers/git-utils.cc b/src/libfetchers/git-utils.cc index ad8a6e89cd2..3ffefc94006 100644 --- a/src/libfetchers/git-utils.cc +++ b/src/libfetchers/git-utils.cc @@ -1,12 +1,12 @@ -#include "nix/git-utils.hh" -#include "nix/git-lfs-fetch.hh" -#include "nix/cache.hh" -#include "nix/finally.hh" -#include "nix/processes.hh" -#include "nix/signals.hh" -#include "nix/users.hh" -#include "nix/fs-sink.hh" -#include "nix/sync.hh" +#include "nix/fetchers/git-utils.hh" +#include "nix/fetchers/git-lfs-fetch.hh" +#include "nix/fetchers/cache.hh" +#include "nix/util/finally.hh" +#include "nix/util/processes.hh" +#include "nix/util/signals.hh" +#include "nix/util/users.hh" +#include "nix/util/fs-sink.hh" +#include "nix/util/sync.hh" #include #include diff --git a/src/libfetchers/git.cc b/src/libfetchers/git.cc index fa310c370ba..fb91f98a32d 100644 --- a/src/libfetchers/git.cc +++ b/src/libfetchers/git.cc @@ -1,20 +1,20 @@ -#include "nix/error.hh" -#include "nix/fetchers.hh" -#include "nix/users.hh" -#include "nix/cache.hh" -#include "nix/globals.hh" -#include "nix/tarfile.hh" -#include "nix/store-api.hh" -#include "nix/url-parts.hh" -#include "nix/pathlocks.hh" -#include "nix/processes.hh" -#include "nix/git.hh" -#include "nix/git-utils.hh" -#include "nix/logging.hh" -#include "nix/finally.hh" -#include "nix/fetch-settings.hh" -#include "nix/json-utils.hh" -#include "nix/archive.hh" +#include "nix/util/error.hh" +#include "nix/fetchers/fetchers.hh" +#include "nix/util/users.hh" +#include "nix/fetchers/cache.hh" +#include "nix/store/globals.hh" +#include "nix/util/tarfile.hh" +#include "nix/store/store-api.hh" +#include "nix/util/url-parts.hh" +#include "nix/store/pathlocks.hh" +#include "nix/util/processes.hh" +#include "nix/util/git.hh" +#include "nix/fetchers/git-utils.hh" +#include "nix/util/logging.hh" +#include "nix/util/finally.hh" +#include "nix/fetchers/fetch-settings.hh" +#include "nix/util/json-utils.hh" +#include "nix/util/archive.hh" #include #include diff --git a/src/libfetchers/github.cc b/src/libfetchers/github.cc index 3459c0b3d30..9202904e065 100644 --- a/src/libfetchers/github.cc +++ b/src/libfetchers/github.cc @@ -1,15 +1,15 @@ -#include "nix/filetransfer.hh" -#include "nix/cache.hh" -#include "nix/globals.hh" -#include "nix/store-api.hh" -#include "nix/types.hh" -#include "nix/url-parts.hh" -#include "nix/git.hh" -#include "nix/fetchers.hh" -#include "nix/fetch-settings.hh" -#include "nix/tarball.hh" -#include "nix/tarfile.hh" -#include "nix/git-utils.hh" +#include "nix/store/filetransfer.hh" +#include "nix/fetchers/cache.hh" +#include "nix/store/globals.hh" +#include "nix/store/store-api.hh" +#include "nix/util/types.hh" +#include "nix/util/url-parts.hh" +#include "nix/util/git.hh" +#include "nix/fetchers/fetchers.hh" +#include "nix/fetchers/fetch-settings.hh" +#include "nix/fetchers/tarball.hh" +#include "nix/util/tarfile.hh" +#include "nix/fetchers/git-utils.hh" #include #include diff --git a/src/libfetchers/include/nix/attrs.hh b/src/libfetchers/include/nix/fetchers/attrs.hh similarity index 95% rename from src/libfetchers/include/nix/attrs.hh rename to src/libfetchers/include/nix/fetchers/attrs.hh index f1fdee35f05..1b757d71215 100644 --- a/src/libfetchers/include/nix/attrs.hh +++ b/src/libfetchers/include/nix/fetchers/attrs.hh @@ -1,8 +1,8 @@ #pragma once ///@file -#include "nix/types.hh" -#include "nix/hash.hh" +#include "nix/util/types.hh" +#include "nix/util/hash.hh" #include diff --git a/src/libfetchers/include/nix/cache.hh b/src/libfetchers/include/nix/fetchers/cache.hh similarity index 97% rename from src/libfetchers/include/nix/cache.hh rename to src/libfetchers/include/nix/fetchers/cache.hh index 5924017858d..5b9319d774b 100644 --- a/src/libfetchers/include/nix/cache.hh +++ b/src/libfetchers/include/nix/fetchers/cache.hh @@ -1,8 +1,8 @@ #pragma once ///@file -#include "nix/fetchers.hh" -#include "nix/path.hh" +#include "nix/fetchers/fetchers.hh" +#include "nix/store/path.hh" namespace nix::fetchers { diff --git a/src/libfetchers/include/nix/fetch-settings.hh b/src/libfetchers/include/nix/fetchers/fetch-settings.hh similarity index 98% rename from src/libfetchers/include/nix/fetch-settings.hh rename to src/libfetchers/include/nix/fetchers/fetch-settings.hh index 811e27b30f9..54c42084344 100644 --- a/src/libfetchers/include/nix/fetch-settings.hh +++ b/src/libfetchers/include/nix/fetchers/fetch-settings.hh @@ -1,8 +1,8 @@ #pragma once ///@file -#include "nix/types.hh" -#include "nix/config.hh" +#include "nix/util/types.hh" +#include "nix/util/configuration.hh" #include #include diff --git a/src/libfetchers/include/nix/fetch-to-store.hh b/src/libfetchers/include/nix/fetchers/fetch-to-store.hh similarity index 68% rename from src/libfetchers/include/nix/fetch-to-store.hh rename to src/libfetchers/include/nix/fetchers/fetch-to-store.hh index 7ef809c1cdf..a0144cb7672 100644 --- a/src/libfetchers/include/nix/fetch-to-store.hh +++ b/src/libfetchers/include/nix/fetchers/fetch-to-store.hh @@ -1,10 +1,10 @@ #pragma once -#include "nix/source-path.hh" -#include "nix/store-api.hh" -#include "nix/file-system.hh" -#include "nix/repair-flag.hh" -#include "nix/file-content-address.hh" +#include "nix/util/source-path.hh" +#include "nix/store/store-api.hh" +#include "nix/util/file-system.hh" +#include "nix/util/repair-flag.hh" +#include "nix/util/file-content-address.hh" namespace nix { diff --git a/src/libfetchers/include/nix/fetchers.hh b/src/libfetchers/include/nix/fetchers/fetchers.hh similarity index 97% rename from src/libfetchers/include/nix/fetchers.hh rename to src/libfetchers/include/nix/fetchers/fetchers.hh index 07a9adfbeaf..3288ecc5ea5 100644 --- a/src/libfetchers/include/nix/fetchers.hh +++ b/src/libfetchers/include/nix/fetchers/fetchers.hh @@ -1,17 +1,17 @@ #pragma once ///@file -#include "nix/types.hh" -#include "nix/hash.hh" -#include "nix/canon-path.hh" -#include "nix/json-impls.hh" -#include "nix/attrs.hh" -#include "nix/url.hh" +#include "nix/util/types.hh" +#include "nix/util/hash.hh" +#include "nix/util/canon-path.hh" +#include "nix/util/json-impls.hh" +#include "nix/fetchers/attrs.hh" +#include "nix/util/url.hh" #include #include -#include "nix/ref.hh" +#include "nix/util/ref.hh" namespace nix { class Store; class StorePath; struct SourceAccessor; } diff --git a/src/libfetchers/include/nix/filtering-source-accessor.hh b/src/libfetchers/include/nix/fetchers/filtering-source-accessor.hh similarity index 98% rename from src/libfetchers/include/nix/filtering-source-accessor.hh rename to src/libfetchers/include/nix/fetchers/filtering-source-accessor.hh index 04855c070fd..0e6b71e9ada 100644 --- a/src/libfetchers/include/nix/filtering-source-accessor.hh +++ b/src/libfetchers/include/nix/fetchers/filtering-source-accessor.hh @@ -1,6 +1,6 @@ #pragma once -#include "nix/source-path.hh" +#include "nix/util/source-path.hh" namespace nix { diff --git a/src/libfetchers/include/nix/git-lfs-fetch.hh b/src/libfetchers/include/nix/fetchers/git-lfs-fetch.hh similarity index 90% rename from src/libfetchers/include/nix/git-lfs-fetch.hh rename to src/libfetchers/include/nix/fetchers/git-lfs-fetch.hh index cd7c86a828f..e701288cf3c 100644 --- a/src/libfetchers/include/nix/git-lfs-fetch.hh +++ b/src/libfetchers/include/nix/fetchers/git-lfs-fetch.hh @@ -1,6 +1,6 @@ -#include "nix/canon-path.hh" -#include "nix/serialise.hh" -#include "nix/url.hh" +#include "nix/util/canon-path.hh" +#include "nix/util/serialise.hh" +#include "nix/util/url.hh" #include diff --git a/src/libfetchers/include/nix/git-utils.hh b/src/libfetchers/include/nix/fetchers/git-utils.hh similarity index 97% rename from src/libfetchers/include/nix/git-utils.hh rename to src/libfetchers/include/nix/fetchers/git-utils.hh index 65c86a7c4d0..1506f8509e4 100644 --- a/src/libfetchers/include/nix/git-utils.hh +++ b/src/libfetchers/include/nix/fetchers/git-utils.hh @@ -1,7 +1,7 @@ #pragma once -#include "nix/filtering-source-accessor.hh" -#include "nix/fs-sink.hh" +#include "nix/fetchers/filtering-source-accessor.hh" +#include "nix/util/fs-sink.hh" namespace nix { diff --git a/src/libfetchers/include/nix/meson.build b/src/libfetchers/include/nix/fetchers/meson.build similarity index 84% rename from src/libfetchers/include/nix/meson.build rename to src/libfetchers/include/nix/fetchers/meson.build index eb02be43cc1..3a752d9cbb6 100644 --- a/src/libfetchers/include/nix/meson.build +++ b/src/libfetchers/include/nix/fetchers/meson.build @@ -1,4 +1,4 @@ -include_dirs = [include_directories('..')] +include_dirs = [include_directories('../..')] headers = files( 'attrs.hh', diff --git a/src/libfetchers/include/nix/registry.hh b/src/libfetchers/include/nix/fetchers/registry.hh similarity index 96% rename from src/libfetchers/include/nix/registry.hh rename to src/libfetchers/include/nix/fetchers/registry.hh index 7c091ea12c9..47ff9e86f67 100644 --- a/src/libfetchers/include/nix/registry.hh +++ b/src/libfetchers/include/nix/fetchers/registry.hh @@ -1,8 +1,8 @@ #pragma once ///@file -#include "nix/types.hh" -#include "nix/fetchers.hh" +#include "nix/util/types.hh" +#include "nix/fetchers/fetchers.hh" namespace nix { class Store; } diff --git a/src/libfetchers/include/nix/store-path-accessor.hh b/src/libfetchers/include/nix/fetchers/store-path-accessor.hh similarity index 85% rename from src/libfetchers/include/nix/store-path-accessor.hh rename to src/libfetchers/include/nix/fetchers/store-path-accessor.hh index 8e65fda1160..021df5a628f 100644 --- a/src/libfetchers/include/nix/store-path-accessor.hh +++ b/src/libfetchers/include/nix/fetchers/store-path-accessor.hh @@ -1,6 +1,6 @@ #pragma once -#include "nix/source-path.hh" +#include "nix/util/source-path.hh" namespace nix { diff --git a/src/libfetchers/include/nix/tarball.hh b/src/libfetchers/include/nix/fetchers/tarball.hh similarity index 88% rename from src/libfetchers/include/nix/tarball.hh rename to src/libfetchers/include/nix/fetchers/tarball.hh index 63a21712496..691142091fa 100644 --- a/src/libfetchers/include/nix/tarball.hh +++ b/src/libfetchers/include/nix/fetchers/tarball.hh @@ -2,10 +2,10 @@ #include -#include "nix/hash.hh" -#include "nix/path.hh" -#include "nix/ref.hh" -#include "nix/types.hh" +#include "nix/util/hash.hh" +#include "nix/store/path.hh" +#include "nix/util/ref.hh" +#include "nix/util/types.hh" namespace nix { class Store; diff --git a/src/libfetchers/indirect.cc b/src/libfetchers/indirect.cc index 7e5eb0be348..47cb7587cf7 100644 --- a/src/libfetchers/indirect.cc +++ b/src/libfetchers/indirect.cc @@ -1,6 +1,6 @@ -#include "nix/fetchers.hh" -#include "nix/url-parts.hh" -#include "nix/path.hh" +#include "nix/fetchers/fetchers.hh" +#include "nix/util/url-parts.hh" +#include "nix/store/path.hh" namespace nix::fetchers { diff --git a/src/libfetchers/mercurial.cc b/src/libfetchers/mercurial.cc index 73e677f447b..eb6bdd1ebdc 100644 --- a/src/libfetchers/mercurial.cc +++ b/src/libfetchers/mercurial.cc @@ -1,13 +1,13 @@ -#include "nix/fetchers.hh" -#include "nix/processes.hh" -#include "nix/users.hh" -#include "nix/cache.hh" -#include "nix/globals.hh" -#include "nix/tarfile.hh" -#include "nix/store-api.hh" -#include "nix/url-parts.hh" -#include "nix/store-path-accessor.hh" -#include "nix/fetch-settings.hh" +#include "nix/fetchers/fetchers.hh" +#include "nix/util/processes.hh" +#include "nix/util/users.hh" +#include "nix/fetchers/cache.hh" +#include "nix/store/globals.hh" +#include "nix/util/tarfile.hh" +#include "nix/store/store-api.hh" +#include "nix/util/url-parts.hh" +#include "nix/fetchers/store-path-accessor.hh" +#include "nix/fetchers/fetch-settings.hh" #include diff --git a/src/libfetchers/meson.build b/src/libfetchers/meson.build index 14a2647d5c1..6e7129f4c1b 100644 --- a/src/libfetchers/meson.build +++ b/src/libfetchers/meson.build @@ -51,7 +51,7 @@ sources = files( 'tarball.cc', ) -subdir('include/nix') +subdir('include/nix/fetchers') subdir('nix-meson-build-support/export-all-symbols') subdir('nix-meson-build-support/windows-version') @@ -66,7 +66,7 @@ this_library = library( install : true, ) -install_headers(headers, subdir : 'nix', preserve_path : true) +install_headers(headers, subdir : 'nix/fetchers', preserve_path : true) libraries_private = [] diff --git a/src/libfetchers/package.nix b/src/libfetchers/package.nix index aaeaa4b5def..14592087999 100644 --- a/src/libfetchers/package.nix +++ b/src/libfetchers/package.nix @@ -27,7 +27,7 @@ mkMesonLibrary (finalAttrs: { ../../.version ./.version ./meson.build - ./include/nix/meson.build + ./include/nix/fetchers/meson.build (fileset.fileFilter (file: file.hasExt "cc") ./.) (fileset.fileFilter (file: file.hasExt "hh") ./.) ]; diff --git a/src/libfetchers/path.cc b/src/libfetchers/path.cc index 95bc2ce5021..173368dccf4 100644 --- a/src/libfetchers/path.cc +++ b/src/libfetchers/path.cc @@ -1,7 +1,7 @@ -#include "nix/fetchers.hh" -#include "nix/store-api.hh" -#include "nix/archive.hh" -#include "nix/store-path-accessor.hh" +#include "nix/fetchers/fetchers.hh" +#include "nix/store/store-api.hh" +#include "nix/util/archive.hh" +#include "nix/fetchers/store-path-accessor.hh" namespace nix::fetchers { diff --git a/src/libfetchers/registry.cc b/src/libfetchers/registry.cc index ec470159bc0..e9b55f7f2d8 100644 --- a/src/libfetchers/registry.cc +++ b/src/libfetchers/registry.cc @@ -1,10 +1,10 @@ -#include "nix/fetch-settings.hh" -#include "nix/registry.hh" -#include "nix/tarball.hh" -#include "nix/users.hh" -#include "nix/globals.hh" -#include "nix/store-api.hh" -#include "nix/local-fs-store.hh" +#include "nix/fetchers/fetch-settings.hh" +#include "nix/fetchers/registry.hh" +#include "nix/fetchers/tarball.hh" +#include "nix/util/users.hh" +#include "nix/store/globals.hh" +#include "nix/store/store-api.hh" +#include "nix/store/local-fs-store.hh" #include diff --git a/src/libfetchers/store-path-accessor.cc b/src/libfetchers/store-path-accessor.cc index 997582b577c..bed51541ec3 100644 --- a/src/libfetchers/store-path-accessor.cc +++ b/src/libfetchers/store-path-accessor.cc @@ -1,5 +1,5 @@ -#include "nix/store-path-accessor.hh" -#include "nix/store-api.hh" +#include "nix/fetchers/store-path-accessor.hh" +#include "nix/store/store-api.hh" namespace nix { diff --git a/src/libfetchers/tarball.cc b/src/libfetchers/tarball.cc index 01bff82f720..ef91d6b2553 100644 --- a/src/libfetchers/tarball.cc +++ b/src/libfetchers/tarball.cc @@ -1,14 +1,14 @@ -#include "nix/tarball.hh" -#include "nix/fetchers.hh" -#include "nix/cache.hh" -#include "nix/filetransfer.hh" -#include "nix/store-api.hh" -#include "nix/archive.hh" -#include "nix/tarfile.hh" -#include "nix/types.hh" -#include "nix/store-path-accessor.hh" -#include "nix/store-api.hh" -#include "nix/git-utils.hh" +#include "nix/fetchers/tarball.hh" +#include "nix/fetchers/fetchers.hh" +#include "nix/fetchers/cache.hh" +#include "nix/store/filetransfer.hh" +#include "nix/store/store-api.hh" +#include "nix/util/archive.hh" +#include "nix/util/tarfile.hh" +#include "nix/util/types.hh" +#include "nix/fetchers/store-path-accessor.hh" +#include "nix/store/store-api.hh" +#include "nix/fetchers/git-utils.hh" namespace nix::fetchers { diff --git a/src/libflake-c/nix_api_flake_internal.hh b/src/libflake-c/nix_api_flake_internal.hh index 4565b4f5dca..f7c5e78387a 100644 --- a/src/libflake-c/nix_api_flake_internal.hh +++ b/src/libflake-c/nix_api_flake_internal.hh @@ -1,6 +1,6 @@ #pragma once -#include "nix/ref.hh" +#include "nix/util/ref.hh" #include "nix/flake/settings.hh" struct nix_flake_settings diff --git a/src/libflake-tests/flakeref.cc b/src/libflake-tests/flakeref.cc index f378ba6d6e8..1abaffb96a5 100644 --- a/src/libflake-tests/flakeref.cc +++ b/src/libflake-tests/flakeref.cc @@ -1,6 +1,6 @@ #include -#include "nix/fetch-settings.hh" +#include "nix/fetchers/fetch-settings.hh" #include "nix/flake/flakeref.hh" namespace nix { diff --git a/src/libflake-tests/nix_api_flake.cc b/src/libflake-tests/nix_api_flake.cc index 0d9e2a91f91..b72342e4de3 100644 --- a/src/libflake-tests/nix_api_flake.cc +++ b/src/libflake-tests/nix_api_flake.cc @@ -6,8 +6,8 @@ #include "nix_api_value.h" #include "nix_api_flake.h" -#include "nix/tests/nix_api_expr.hh" -#include "nix/tests/string_callback.hh" +#include "nix/expr/tests/nix_api_expr.hh" +#include "nix/util/tests/string_callback.hh" #include #include diff --git a/src/libflake/flake/config.cc b/src/libflake/flake/config.cc index a0ddf0387f5..a67f7884c32 100644 --- a/src/libflake/flake/config.cc +++ b/src/libflake/flake/config.cc @@ -1,5 +1,5 @@ -#include "nix/users.hh" -#include "nix/config-global.hh" +#include "nix/util/users.hh" +#include "nix/util/config-global.hh" #include "nix/flake/settings.hh" #include "nix/flake/flake.hh" diff --git a/src/libflake/flake/flake-primops.cc b/src/libflake/flake/flake-primops.cc index 508274dbd0f..7c5ce01b269 100644 --- a/src/libflake/flake/flake-primops.cc +++ b/src/libflake/flake/flake-primops.cc @@ -1,5 +1,5 @@ #include "nix/flake/flake-primops.hh" -#include "nix/eval.hh" +#include "nix/expr/eval.hh" #include "nix/flake/flake.hh" #include "nix/flake/flakeref.hh" #include "nix/flake/settings.hh" diff --git a/src/libflake/flake/flake.cc b/src/libflake/flake/flake.cc index 4ff48967fbb..1cce0c9784d 100644 --- a/src/libflake/flake/flake.cc +++ b/src/libflake/flake/flake.cc @@ -1,19 +1,19 @@ -#include "nix/terminal.hh" +#include "nix/util/terminal.hh" #include "nix/flake/flake.hh" -#include "nix/eval.hh" -#include "nix/eval-settings.hh" +#include "nix/expr/eval.hh" +#include "nix/expr/eval-settings.hh" #include "nix/flake/lockfile.hh" -#include "nix/primops.hh" -#include "nix/eval-inline.hh" -#include "nix/store-api.hh" -#include "nix/fetchers.hh" -#include "nix/finally.hh" -#include "nix/fetch-settings.hh" +#include "nix/expr/primops.hh" +#include "nix/expr/eval-inline.hh" +#include "nix/store/store-api.hh" +#include "nix/fetchers/fetchers.hh" +#include "nix/util/finally.hh" +#include "nix/fetchers/fetch-settings.hh" #include "nix/flake/settings.hh" -#include "nix/value-to-json.hh" -#include "nix/local-fs-store.hh" -#include "nix/fetch-to-store.hh" -#include "nix/memory-source-accessor.hh" +#include "nix/expr/value-to-json.hh" +#include "nix/store/local-fs-store.hh" +#include "nix/fetchers/fetch-to-store.hh" +#include "nix/util/memory-source-accessor.hh" #include diff --git a/src/libflake/flake/flakeref.cc b/src/libflake/flake/flakeref.cc index 340fe4dc73c..6e95eb76759 100644 --- a/src/libflake/flake/flakeref.cc +++ b/src/libflake/flake/flakeref.cc @@ -1,8 +1,8 @@ #include "nix/flake/flakeref.hh" -#include "nix/store-api.hh" -#include "nix/url.hh" -#include "nix/url-parts.hh" -#include "nix/fetchers.hh" +#include "nix/store/store-api.hh" +#include "nix/util/url.hh" +#include "nix/util/url-parts.hh" +#include "nix/fetchers/fetchers.hh" namespace nix { diff --git a/src/libflake/flake/lockfile.cc b/src/libflake/flake/lockfile.cc index 08a3843668a..ba6f18c57dd 100644 --- a/src/libflake/flake/lockfile.cc +++ b/src/libflake/flake/lockfile.cc @@ -1,10 +1,10 @@ #include -#include "nix/fetch-settings.hh" +#include "nix/fetchers/fetch-settings.hh" #include "nix/flake/settings.hh" #include "nix/flake/lockfile.hh" -#include "nix/store-api.hh" -#include "nix/strings.hh" +#include "nix/store/store-api.hh" +#include "nix/util/strings.hh" #include #include diff --git a/src/libflake/include/nix/flake/flake-primops.hh b/src/libflake/include/nix/flake/flake-primops.hh index 07be7512319..e7b86b9b31d 100644 --- a/src/libflake/include/nix/flake/flake-primops.hh +++ b/src/libflake/include/nix/flake/flake-primops.hh @@ -1,6 +1,6 @@ #pragma once -#include "nix/eval.hh" +#include "nix/expr/eval.hh" #include "nix/flake/settings.hh" namespace nix::flake::primops { diff --git a/src/libflake/include/nix/flake/flake.hh b/src/libflake/include/nix/flake/flake.hh index 2fa3850604c..3336f8557d9 100644 --- a/src/libflake/include/nix/flake/flake.hh +++ b/src/libflake/include/nix/flake/flake.hh @@ -1,10 +1,10 @@ #pragma once ///@file -#include "nix/types.hh" +#include "nix/util/types.hh" #include "nix/flake/flakeref.hh" #include "nix/flake/lockfile.hh" -#include "nix/value.hh" +#include "nix/expr/value.hh" namespace nix { diff --git a/src/libflake/include/nix/flake/flakeref.hh b/src/libflake/include/nix/flake/flakeref.hh index 93ebaa497bf..0fd1fec4dcf 100644 --- a/src/libflake/include/nix/flake/flakeref.hh +++ b/src/libflake/include/nix/flake/flakeref.hh @@ -3,10 +3,10 @@ #include -#include "nix/types.hh" -#include "nix/fetchers.hh" -#include "nix/outputs-spec.hh" -#include "nix/registry.hh" +#include "nix/util/types.hh" +#include "nix/fetchers/fetchers.hh" +#include "nix/store/outputs-spec.hh" +#include "nix/fetchers/registry.hh" namespace nix { diff --git a/src/libflake/include/nix/flake/meson.build b/src/libflake/include/nix/flake/meson.build new file mode 100644 index 00000000000..ece1ad4ea33 --- /dev/null +++ b/src/libflake/include/nix/flake/meson.build @@ -0,0 +1,11 @@ +# Public headers directory + +include_dirs = [include_directories('../..')] + +headers = files( + 'flake.hh', + 'flakeref.hh', + 'lockfile.hh', + 'settings.hh', + 'url-name.hh', +) diff --git a/src/libflake/include/nix/flake/settings.hh b/src/libflake/include/nix/flake/settings.hh index 54f501e1196..b3bffad4ccf 100644 --- a/src/libflake/include/nix/flake/settings.hh +++ b/src/libflake/include/nix/flake/settings.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "nix/config.hh" +#include "nix/util/configuration.hh" #include diff --git a/src/libflake/include/nix/flake/url-name.hh b/src/libflake/include/nix/flake/url-name.hh index 4577e8f38d6..d295ca8f8d4 100644 --- a/src/libflake/include/nix/flake/url-name.hh +++ b/src/libflake/include/nix/flake/url-name.hh @@ -1,7 +1,7 @@ -#include "nix/url.hh" -#include "nix/url-parts.hh" -#include "nix/util.hh" -#include "nix/split.hh" +#include "nix/util/url.hh" +#include "nix/util/url-parts.hh" +#include "nix/util/util.hh" +#include "nix/util/split.hh" namespace nix { diff --git a/src/libflake/include/nix/meson.build b/src/libflake/include/nix/meson.build deleted file mode 100644 index 023bd64bdbc..00000000000 --- a/src/libflake/include/nix/meson.build +++ /dev/null @@ -1,11 +0,0 @@ -# Public headers directory - -include_dirs = [include_directories('..')] - -headers = files( - 'flake/flake.hh', - 'flake/flakeref.hh', - 'flake/lockfile.hh', - 'flake/settings.hh', - 'flake/url-name.hh', -) diff --git a/src/libflake/meson.build b/src/libflake/meson.build index de880c28d04..f4c034490fd 100644 --- a/src/libflake/meson.build +++ b/src/libflake/meson.build @@ -48,7 +48,7 @@ sources = files( 'flake/url-name.cc', ) -subdir('include/nix') +subdir('include/nix/flake') subdir('nix-meson-build-support/export-all-symbols') subdir('nix-meson-build-support/windows-version') @@ -64,7 +64,7 @@ this_library = library( install : true, ) -install_headers(headers, subdir : 'nix', preserve_path : true) +install_headers(headers, subdir : 'nix/flake', preserve_path : true) libraries_private = [] diff --git a/src/libflake/package.nix b/src/libflake/package.nix index 683880b20d0..dd442a44ec9 100644 --- a/src/libflake/package.nix +++ b/src/libflake/package.nix @@ -28,7 +28,7 @@ mkMesonLibrary (finalAttrs: { ../../.version ./.version ./meson.build - ./include/nix/meson.build + ./include/nix/flake/meson.build ./call-flake.nix (fileset.fileFilter (file: file.hasExt "cc") ./.) (fileset.fileFilter (file: file.hasExt "hh") ./.) diff --git a/src/libmain-c/nix_api_main.cc b/src/libmain-c/nix_api_main.cc index 61dbceff8c4..eacb804554c 100644 --- a/src/libmain-c/nix_api_main.cc +++ b/src/libmain-c/nix_api_main.cc @@ -3,7 +3,7 @@ #include "nix_api_util.h" #include "nix_api_util_internal.h" -#include "nix/plugin.hh" +#include "nix/main/plugin.hh" nix_err nix_init_plugins(nix_c_context * context) { diff --git a/src/libmain/common-args.cc b/src/libmain/common-args.cc index 8d531bbcbd7..c3338996c4b 100644 --- a/src/libmain/common-args.cc +++ b/src/libmain/common-args.cc @@ -1,11 +1,11 @@ -#include "nix/common-args.hh" -#include "nix/args/root.hh" -#include "nix/config-global.hh" -#include "nix/globals.hh" -#include "nix/logging.hh" -#include "nix/loggers.hh" -#include "nix/util.hh" -#include "nix/plugin.hh" +#include "nix/main/common-args.hh" +#include "nix/util/args/root.hh" +#include "nix/util/config-global.hh" +#include "nix/store/globals.hh" +#include "nix/util/logging.hh" +#include "nix/main/loggers.hh" +#include "nix/util/util.hh" +#include "nix/main/plugin.hh" namespace nix { diff --git a/src/libmain/include/nix/common-args.hh b/src/libmain/include/nix/main/common-args.hh similarity index 96% rename from src/libmain/include/nix/common-args.hh rename to src/libmain/include/nix/main/common-args.hh index 5622115b84f..ae0f3c6c58f 100644 --- a/src/libmain/include/nix/common-args.hh +++ b/src/libmain/include/nix/main/common-args.hh @@ -1,8 +1,8 @@ #pragma once ///@file -#include "nix/args.hh" -#include "nix/repair-flag.hh" +#include "nix/util/args.hh" +#include "nix/util/repair-flag.hh" namespace nix { diff --git a/src/libmain/include/nix/loggers.hh b/src/libmain/include/nix/main/loggers.hh similarity index 88% rename from src/libmain/include/nix/loggers.hh rename to src/libmain/include/nix/main/loggers.hh index dabdae83c40..061b4a32afe 100644 --- a/src/libmain/include/nix/loggers.hh +++ b/src/libmain/include/nix/main/loggers.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "nix/types.hh" +#include "nix/util/types.hh" namespace nix { diff --git a/src/libmain/include/nix/meson.build b/src/libmain/include/nix/main/meson.build similarity index 74% rename from src/libmain/include/nix/meson.build rename to src/libmain/include/nix/main/meson.build index e29981d3f81..992a5ff0ece 100644 --- a/src/libmain/include/nix/meson.build +++ b/src/libmain/include/nix/main/meson.build @@ -1,6 +1,6 @@ # Public headers directory -include_dirs = [include_directories('..')] +include_dirs = [include_directories('../..')] headers = files( 'common-args.hh', diff --git a/src/libmain/include/nix/plugin.hh b/src/libmain/include/nix/main/plugin.hh similarity index 100% rename from src/libmain/include/nix/plugin.hh rename to src/libmain/include/nix/main/plugin.hh diff --git a/src/libmain/include/nix/progress-bar.hh b/src/libmain/include/nix/main/progress-bar.hh similarity index 73% rename from src/libmain/include/nix/progress-bar.hh rename to src/libmain/include/nix/main/progress-bar.hh index 195c5ceeeba..f49fb2198c9 100644 --- a/src/libmain/include/nix/progress-bar.hh +++ b/src/libmain/include/nix/main/progress-bar.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "nix/logging.hh" +#include "nix/util/logging.hh" namespace nix { diff --git a/src/libmain/include/nix/shared.hh b/src/libmain/include/nix/main/shared.hh similarity index 94% rename from src/libmain/include/nix/shared.hh rename to src/libmain/include/nix/main/shared.hh index 8144ad84528..2ff57135b1b 100644 --- a/src/libmain/include/nix/shared.hh +++ b/src/libmain/include/nix/main/shared.hh @@ -1,13 +1,13 @@ #pragma once ///@file -#include "nix/file-descriptor.hh" -#include "nix/processes.hh" -#include "nix/args.hh" -#include "nix/args/root.hh" -#include "nix/common-args.hh" -#include "nix/path.hh" -#include "nix/derived-path.hh" +#include "nix/util/file-descriptor.hh" +#include "nix/util/processes.hh" +#include "nix/util/args.hh" +#include "nix/util/args/root.hh" +#include "nix/main/common-args.hh" +#include "nix/store/path.hh" +#include "nix/store/derived-path.hh" #include diff --git a/src/libmain/loggers.cc b/src/libmain/loggers.cc index 1cf7c6dcf27..c78e49b6326 100644 --- a/src/libmain/loggers.cc +++ b/src/libmain/loggers.cc @@ -1,6 +1,6 @@ -#include "nix/loggers.hh" -#include "nix/environment-variables.hh" -#include "nix/progress-bar.hh" +#include "nix/main/loggers.hh" +#include "nix/util/environment-variables.hh" +#include "nix/main/progress-bar.hh" namespace nix { diff --git a/src/libmain/meson.build b/src/libmain/meson.build index f7ff93b664c..414fc679fb6 100644 --- a/src/libmain/meson.build +++ b/src/libmain/meson.build @@ -63,7 +63,7 @@ if host_machine.system() != 'windows' ) endif -subdir('include/nix') +subdir('include/nix/main') subdir('nix-meson-build-support/export-all-symbols') subdir('nix-meson-build-support/windows-version') @@ -79,7 +79,7 @@ this_library = library( install : true, ) -install_headers(headers, subdir : 'nix', preserve_path : true) +install_headers(headers, subdir : 'nix/main', preserve_path : true) libraries_private = [] diff --git a/src/libmain/package.nix b/src/libmain/package.nix index 31b36dbcf90..9496034649c 100644 --- a/src/libmain/package.nix +++ b/src/libmain/package.nix @@ -27,7 +27,7 @@ mkMesonLibrary (finalAttrs: { ../../.version ./.version ./meson.build - ./include/nix/meson.build + ./include/nix/main/meson.build (fileset.fileFilter (file: file.hasExt "cc") ./.) (fileset.fileFilter (file: file.hasExt "hh") ./.) ]; diff --git a/src/libmain/plugin.cc b/src/libmain/plugin.cc index db1067c1a10..63ed650a786 100644 --- a/src/libmain/plugin.cc +++ b/src/libmain/plugin.cc @@ -4,8 +4,8 @@ #include -#include "nix/config-global.hh" -#include "nix/signals.hh" +#include "nix/util/config-global.hh" +#include "nix/util/signals.hh" namespace nix { diff --git a/src/libmain/progress-bar.cc b/src/libmain/progress-bar.cc index eb4db83e636..23f5ff8f745 100644 --- a/src/libmain/progress-bar.cc +++ b/src/libmain/progress-bar.cc @@ -1,8 +1,8 @@ -#include "nix/progress-bar.hh" -#include "nix/terminal.hh" -#include "nix/sync.hh" -#include "nix/store-api.hh" -#include "nix/names.hh" +#include "nix/main/progress-bar.hh" +#include "nix/util/terminal.hh" +#include "nix/util/sync.hh" +#include "nix/store/store-api.hh" +#include "nix/store/names.hh" #include #include diff --git a/src/libmain/shared.cc b/src/libmain/shared.cc index 0643e20ed1c..65bfcfbd57f 100644 --- a/src/libmain/shared.cc +++ b/src/libmain/shared.cc @@ -1,11 +1,11 @@ -#include "nix/globals.hh" -#include "nix/current-process.hh" -#include "nix/shared.hh" -#include "nix/store-api.hh" -#include "nix/gc-store.hh" -#include "nix/loggers.hh" -#include "nix/progress-bar.hh" -#include "nix/signals.hh" +#include "nix/store/globals.hh" +#include "nix/util/current-process.hh" +#include "nix/main/shared.hh" +#include "nix/store/store-api.hh" +#include "nix/store/gc-store.hh" +#include "nix/main/loggers.hh" +#include "nix/main/progress-bar.hh" +#include "nix/util/signals.hh" #include #include @@ -22,11 +22,12 @@ #include -#include "nix/exit.hh" -#include "nix/strings.hh" +#include "nix/util/exit.hh" +#include "nix/util/strings.hh" #include "main-config-private.hh" + namespace nix { char * * savedArgv; diff --git a/src/libmain/unix/stack.cc b/src/libmain/unix/stack.cc index b4ec5967e15..cee21d2a21c 100644 --- a/src/libmain/unix/stack.cc +++ b/src/libmain/unix/stack.cc @@ -1,5 +1,5 @@ -#include "nix/error.hh" -#include "nix/shared.hh" +#include "nix/util/error.hh" +#include "nix/main/shared.hh" #include #include diff --git a/src/libstore-c/nix_api_store.cc b/src/libstore-c/nix_api_store.cc index ab0af1f5219..92aed918703 100644 --- a/src/libstore-c/nix_api_store.cc +++ b/src/libstore-c/nix_api_store.cc @@ -3,11 +3,11 @@ #include "nix_api_util.h" #include "nix_api_util_internal.h" -#include "nix/path.hh" -#include "nix/store-api.hh" -#include "nix/build-result.hh" +#include "nix/store/path.hh" +#include "nix/store/store-api.hh" +#include "nix/store/build-result.hh" -#include "nix/globals.hh" +#include "nix/store/globals.hh" nix_err nix_libstore_init(nix_c_context * context) { diff --git a/src/libstore-c/nix_api_store_internal.h b/src/libstore-c/nix_api_store_internal.h index e32cdfcca96..b0194bfd3ad 100644 --- a/src/libstore-c/nix_api_store_internal.h +++ b/src/libstore-c/nix_api_store_internal.h @@ -1,6 +1,6 @@ #ifndef NIX_API_STORE_INTERNAL_H #define NIX_API_STORE_INTERNAL_H -#include "nix/store-api.hh" +#include "nix/store/store-api.hh" struct Store { diff --git a/src/libstore-test-support/derived-path.cc b/src/libstore-test-support/derived-path.cc index 4c04facce8a..c7714449c03 100644 --- a/src/libstore-test-support/derived-path.cc +++ b/src/libstore-test-support/derived-path.cc @@ -2,7 +2,7 @@ #include -#include "nix/tests/derived-path.hh" +#include "nix/store/tests/derived-path.hh" namespace rc { using namespace nix; diff --git a/src/libstore-test-support/include/nix/meson.build b/src/libstore-test-support/include/nix/meson.build deleted file mode 100644 index ed3e4f2ff90..00000000000 --- a/src/libstore-test-support/include/nix/meson.build +++ /dev/null @@ -1,12 +0,0 @@ -# Public headers directory - -include_dirs = [include_directories('..')] - -headers = files( - 'tests/derived-path.hh', - 'tests/libstore.hh', - 'tests/nix_api_store.hh', - 'tests/outputs-spec.hh', - 'tests/path.hh', - 'tests/protocol.hh', -) diff --git a/src/libstore-test-support/include/nix/tests/derived-path.hh b/src/libstore-test-support/include/nix/store/tests/derived-path.hh similarity index 84% rename from src/libstore-test-support/include/nix/tests/derived-path.hh rename to src/libstore-test-support/include/nix/store/tests/derived-path.hh index 57cad487c3a..642ce557ce8 100644 --- a/src/libstore-test-support/include/nix/tests/derived-path.hh +++ b/src/libstore-test-support/include/nix/store/tests/derived-path.hh @@ -3,10 +3,10 @@ #include -#include "nix/derived-path.hh" +#include "nix/store/derived-path.hh" -#include "nix/tests/path.hh" -#include "nix/tests/outputs-spec.hh" +#include "nix/store/tests/path.hh" +#include "nix/store/tests/outputs-spec.hh" namespace rc { using namespace nix; diff --git a/src/libstore-test-support/include/nix/tests/libstore.hh b/src/libstore-test-support/include/nix/store/tests/libstore.hh similarity index 93% rename from src/libstore-test-support/include/nix/tests/libstore.hh rename to src/libstore-test-support/include/nix/store/tests/libstore.hh index 02e818f9768..466b6f9b10a 100644 --- a/src/libstore-test-support/include/nix/tests/libstore.hh +++ b/src/libstore-test-support/include/nix/store/tests/libstore.hh @@ -4,7 +4,7 @@ #include #include -#include "nix/store-api.hh" +#include "nix/store/store-api.hh" namespace nix { diff --git a/src/libstore-test-support/include/nix/store/tests/meson.build b/src/libstore-test-support/include/nix/store/tests/meson.build new file mode 100644 index 00000000000..ae5db049e0a --- /dev/null +++ b/src/libstore-test-support/include/nix/store/tests/meson.build @@ -0,0 +1,12 @@ +# Public headers directory + +include_dirs = [include_directories('../../..')] + +headers = files( + 'derived-path.hh', + 'libstore.hh', + 'nix_api_store.hh', + 'outputs-spec.hh', + 'path.hh', + 'protocol.hh', +) diff --git a/src/libstore-test-support/include/nix/tests/nix_api_store.hh b/src/libstore-test-support/include/nix/store/tests/nix_api_store.hh similarity index 96% rename from src/libstore-test-support/include/nix/tests/nix_api_store.hh rename to src/libstore-test-support/include/nix/store/tests/nix_api_store.hh index f418b563d76..bc0f31d05fa 100644 --- a/src/libstore-test-support/include/nix/tests/nix_api_store.hh +++ b/src/libstore-test-support/include/nix/store/tests/nix_api_store.hh @@ -1,8 +1,8 @@ #pragma once ///@file -#include "nix/tests/nix_api_util.hh" +#include "nix/util/tests/nix_api_util.hh" -#include "nix/file-system.hh" +#include "nix/util/file-system.hh" #include #include "nix_api_store.h" diff --git a/src/libstore-test-support/include/nix/tests/outputs-spec.hh b/src/libstore-test-support/include/nix/store/tests/outputs-spec.hh similarity index 72% rename from src/libstore-test-support/include/nix/tests/outputs-spec.hh rename to src/libstore-test-support/include/nix/store/tests/outputs-spec.hh index 14a74d2e4ad..c13c992b6f8 100644 --- a/src/libstore-test-support/include/nix/tests/outputs-spec.hh +++ b/src/libstore-test-support/include/nix/store/tests/outputs-spec.hh @@ -3,9 +3,9 @@ #include -#include "nix/outputs-spec.hh" +#include "nix/store/outputs-spec.hh" -#include "nix/tests/path.hh" +#include "nix/store/tests/path.hh" namespace rc { using namespace nix; diff --git a/src/libstore-test-support/include/nix/tests/path.hh b/src/libstore-test-support/include/nix/store/tests/path.hh similarity index 93% rename from src/libstore-test-support/include/nix/tests/path.hh rename to src/libstore-test-support/include/nix/store/tests/path.hh index eebcda28e9a..59ff604d7ca 100644 --- a/src/libstore-test-support/include/nix/tests/path.hh +++ b/src/libstore-test-support/include/nix/store/tests/path.hh @@ -3,7 +3,7 @@ #include -#include "nix/path.hh" +#include "nix/store/path.hh" namespace nix { diff --git a/src/libstore-test-support/include/nix/tests/protocol.hh b/src/libstore-test-support/include/nix/store/tests/protocol.hh similarity index 96% rename from src/libstore-test-support/include/nix/tests/protocol.hh rename to src/libstore-test-support/include/nix/store/tests/protocol.hh index 6c7d69adb9e..acd10bf9d8c 100644 --- a/src/libstore-test-support/include/nix/tests/protocol.hh +++ b/src/libstore-test-support/include/nix/store/tests/protocol.hh @@ -4,8 +4,8 @@ #include #include -#include "nix/tests/libstore.hh" -#include "nix/tests/characterization.hh" +#include "nix/store/tests/libstore.hh" +#include "nix/util/tests/characterization.hh" namespace nix { diff --git a/src/libstore-test-support/meson.build b/src/libstore-test-support/meson.build index a1f6777e454..779b122fa29 100644 --- a/src/libstore-test-support/meson.build +++ b/src/libstore-test-support/meson.build @@ -35,7 +35,7 @@ sources = files( 'path.cc', ) -subdir('include/nix') +subdir('include/nix/store/tests') subdir('nix-meson-build-support/export-all-symbols') subdir('nix-meson-build-support/windows-version') @@ -52,7 +52,7 @@ this_library = library( install : true, ) -install_headers(headers, subdir : 'nix', preserve_path : true) +install_headers(headers, subdir : 'nix/store/tests', preserve_path : true) libraries_private = [] diff --git a/src/libstore-test-support/outputs-spec.cc b/src/libstore-test-support/outputs-spec.cc index 04b24373896..5b5251361d4 100644 --- a/src/libstore-test-support/outputs-spec.cc +++ b/src/libstore-test-support/outputs-spec.cc @@ -1,4 +1,4 @@ -#include "nix/tests/outputs-spec.hh" +#include "nix/store/tests/outputs-spec.hh" #include diff --git a/src/libstore-test-support/package.nix b/src/libstore-test-support/package.nix index c223ad1166b..391ddeefda2 100644 --- a/src/libstore-test-support/package.nix +++ b/src/libstore-test-support/package.nix @@ -29,7 +29,7 @@ mkMesonLibrary (finalAttrs: { ./.version ./meson.build # ./meson.options - ./include/nix/meson.build + ./include/nix/store/tests/meson.build (fileset.fileFilter (file: file.hasExt "cc") ./.) (fileset.fileFilter (file: file.hasExt "hh") ./.) ]; diff --git a/src/libstore-test-support/path.cc b/src/libstore-test-support/path.cc index 945230187c2..47c1d693b7d 100644 --- a/src/libstore-test-support/path.cc +++ b/src/libstore-test-support/path.cc @@ -3,11 +3,11 @@ #include -#include "nix/path-regex.hh" -#include "nix/store-api.hh" +#include "nix/store/path-regex.hh" +#include "nix/store/store-api.hh" -#include "nix/tests/hash.hh" -#include "nix/tests/path.hh" +#include "nix/util/tests/hash.hh" +#include "nix/store/tests/path.hh" namespace nix { diff --git a/src/libstore-tests/common-protocol.cc b/src/libstore-tests/common-protocol.cc index 39293b0c0c6..6bfb8bd80e2 100644 --- a/src/libstore-tests/common-protocol.cc +++ b/src/libstore-tests/common-protocol.cc @@ -3,11 +3,11 @@ #include #include -#include "nix/common-protocol.hh" -#include "nix/common-protocol-impl.hh" -#include "nix/build-result.hh" -#include "nix/tests/protocol.hh" -#include "nix/tests/characterization.hh" +#include "nix/store/common-protocol.hh" +#include "nix/store/common-protocol-impl.hh" +#include "nix/store/build-result.hh" +#include "nix/store/tests/protocol.hh" +#include "nix/util/tests/characterization.hh" namespace nix { diff --git a/src/libstore-tests/content-address.cc b/src/libstore-tests/content-address.cc index 428ebcd7679..c208c944d50 100644 --- a/src/libstore-tests/content-address.cc +++ b/src/libstore-tests/content-address.cc @@ -1,6 +1,6 @@ #include -#include "nix/content-address.hh" +#include "nix/store/content-address.hh" namespace nix { diff --git a/src/libstore-tests/derivation-advanced-attrs.cc b/src/libstore-tests/derivation-advanced-attrs.cc index d8f9642ab16..57b2268262f 100644 --- a/src/libstore-tests/derivation-advanced-attrs.cc +++ b/src/libstore-tests/derivation-advanced-attrs.cc @@ -1,16 +1,16 @@ #include #include -#include "nix/experimental-features.hh" -#include "nix/derivations.hh" -#include "nix/derivations.hh" -#include "nix/derivation-options.hh" -#include "nix/parsed-derivations.hh" -#include "nix/types.hh" -#include "nix/json-utils.hh" - -#include "nix/tests/libstore.hh" -#include "nix/tests/characterization.hh" +#include "nix/util/experimental-features.hh" +#include "nix/store/derivations.hh" +#include "nix/store/derivations.hh" +#include "nix/store/derivation-options.hh" +#include "nix/store/parsed-derivations.hh" +#include "nix/util/types.hh" +#include "nix/util/json-utils.hh" + +#include "nix/store/tests/libstore.hh" +#include "nix/util/tests/characterization.hh" namespace nix { diff --git a/src/libstore-tests/derivation.cc b/src/libstore-tests/derivation.cc index 5ef1c0094d3..fa6711d400d 100644 --- a/src/libstore-tests/derivation.cc +++ b/src/libstore-tests/derivation.cc @@ -1,11 +1,11 @@ #include #include -#include "nix/experimental-features.hh" -#include "nix/derivations.hh" +#include "nix/util/experimental-features.hh" +#include "nix/store/derivations.hh" -#include "nix/tests/libstore.hh" -#include "nix/tests/characterization.hh" +#include "nix/store/tests/libstore.hh" +#include "nix/util/tests/characterization.hh" namespace nix { diff --git a/src/libstore-tests/derived-path.cc b/src/libstore-tests/derived-path.cc index e6a2fcacee9..51df2519871 100644 --- a/src/libstore-tests/derived-path.cc +++ b/src/libstore-tests/derived-path.cc @@ -3,8 +3,8 @@ #include #include -#include "nix/tests/derived-path.hh" -#include "nix/tests/libstore.hh" +#include "nix/store/tests/derived-path.hh" +#include "nix/store/tests/libstore.hh" namespace nix { diff --git a/src/libstore-tests/downstream-placeholder.cc b/src/libstore-tests/downstream-placeholder.cc index 76c6410ad60..604c8001726 100644 --- a/src/libstore-tests/downstream-placeholder.cc +++ b/src/libstore-tests/downstream-placeholder.cc @@ -1,6 +1,6 @@ #include -#include "nix/downstream-placeholder.hh" +#include "nix/store/downstream-placeholder.hh" namespace nix { diff --git a/src/libstore-tests/http-binary-cache-store.cc b/src/libstore-tests/http-binary-cache-store.cc index bc4e5293662..f4a3408b587 100644 --- a/src/libstore-tests/http-binary-cache-store.cc +++ b/src/libstore-tests/http-binary-cache-store.cc @@ -1,6 +1,6 @@ #include -#include "nix/http-binary-cache-store.hh" +#include "nix/store/http-binary-cache-store.hh" namespace nix { diff --git a/src/libstore-tests/legacy-ssh-store.cc b/src/libstore-tests/legacy-ssh-store.cc index 5a23cf5b28a..158da2831ac 100644 --- a/src/libstore-tests/legacy-ssh-store.cc +++ b/src/libstore-tests/legacy-ssh-store.cc @@ -1,6 +1,6 @@ #include -#include "nix/legacy-ssh-store.hh" +#include "nix/store/legacy-ssh-store.hh" namespace nix { diff --git a/src/libstore-tests/local-binary-cache-store.cc b/src/libstore-tests/local-binary-cache-store.cc index 8adc22202ae..01f514e89aa 100644 --- a/src/libstore-tests/local-binary-cache-store.cc +++ b/src/libstore-tests/local-binary-cache-store.cc @@ -1,6 +1,6 @@ #include -#include "nix/local-binary-cache-store.hh" +#include "nix/store/local-binary-cache-store.hh" namespace nix { diff --git a/src/libstore-tests/local-overlay-store.cc b/src/libstore-tests/local-overlay-store.cc index 8e9d25bc320..fe064c3a51c 100644 --- a/src/libstore-tests/local-overlay-store.cc +++ b/src/libstore-tests/local-overlay-store.cc @@ -3,7 +3,7 @@ #if 0 # include -# include "nix/local-overlay-store.hh" +# include "nix/store/local-overlay-store.hh" namespace nix { diff --git a/src/libstore-tests/local-store.cc b/src/libstore-tests/local-store.cc index 8977234a398..ece277609ec 100644 --- a/src/libstore-tests/local-store.cc +++ b/src/libstore-tests/local-store.cc @@ -3,13 +3,13 @@ #if 0 # include -# include "nix/local-store.hh" +# include "nix/store/local-store.hh" // Needed for template specialisations. This is not good! When we // overhaul how store configs work, this should be fixed. -# include "nix/args.hh" -# include "nix/config-impl.hh" -# include "nix/abstract-setting-to-json.hh" +# include "nix/util/args.hh" +# include "nix/util/config-impl.hh" +# include "nix/util/abstract-setting-to-json.hh" namespace nix { diff --git a/src/libstore-tests/machines.cc b/src/libstore-tests/machines.cc index 219494f16a8..1d574ceeb77 100644 --- a/src/libstore-tests/machines.cc +++ b/src/libstore-tests/machines.cc @@ -1,8 +1,8 @@ -#include "nix/machines.hh" -#include "nix/file-system.hh" -#include "nix/util.hh" +#include "nix/store/machines.hh" +#include "nix/util/file-system.hh" +#include "nix/util/util.hh" -#include "nix/tests/characterization.hh" +#include "nix/util/tests/characterization.hh" #include #include diff --git a/src/libstore-tests/nar-info-disk-cache.cc b/src/libstore-tests/nar-info-disk-cache.cc index b15ee351a54..4c7354c0c1f 100644 --- a/src/libstore-tests/nar-info-disk-cache.cc +++ b/src/libstore-tests/nar-info-disk-cache.cc @@ -1,8 +1,8 @@ -#include "nix/nar-info-disk-cache.hh" +#include "nix/store/nar-info-disk-cache.hh" #include #include -#include "nix/sqlite.hh" +#include "nix/store/sqlite.hh" #include diff --git a/src/libstore-tests/nar-info.cc b/src/libstore-tests/nar-info.cc index 54468091422..1979deef81d 100644 --- a/src/libstore-tests/nar-info.cc +++ b/src/libstore-tests/nar-info.cc @@ -1,11 +1,11 @@ #include #include -#include "nix/path-info.hh" -#include "nix/nar-info.hh" +#include "nix/store/path-info.hh" +#include "nix/store/nar-info.hh" -#include "nix/tests/characterization.hh" -#include "nix/tests/libstore.hh" +#include "nix/util/tests/characterization.hh" +#include "nix/store/tests/libstore.hh" namespace nix { diff --git a/src/libstore-tests/nix_api_store.cc b/src/libstore-tests/nix_api_store.cc index 293547c95b4..4eb95360a6a 100644 --- a/src/libstore-tests/nix_api_store.cc +++ b/src/libstore-tests/nix_api_store.cc @@ -3,8 +3,8 @@ #include "nix_api_store.h" #include "nix_api_store_internal.h" -#include "nix/tests/nix_api_store.hh" -#include "nix/tests/string_callback.hh" +#include "nix/store/tests/nix_api_store.hh" +#include "nix/util/tests/string_callback.hh" #include "store-tests-config.hh" diff --git a/src/libstore-tests/outputs-spec.cc b/src/libstore-tests/outputs-spec.cc index 007e5a9353b..a17922c46a1 100644 --- a/src/libstore-tests/outputs-spec.cc +++ b/src/libstore-tests/outputs-spec.cc @@ -1,4 +1,4 @@ -#include "nix/tests/outputs-spec.hh" +#include "nix/store/tests/outputs-spec.hh" #include #include diff --git a/src/libstore-tests/path-info.cc b/src/libstore-tests/path-info.cc index df3b60f1309..9cd98a3d9ef 100644 --- a/src/libstore-tests/path-info.cc +++ b/src/libstore-tests/path-info.cc @@ -1,10 +1,10 @@ #include #include -#include "nix/path-info.hh" +#include "nix/store/path-info.hh" -#include "nix/tests/characterization.hh" -#include "nix/tests/libstore.hh" +#include "nix/util/tests/characterization.hh" +#include "nix/store/tests/libstore.hh" namespace nix { diff --git a/src/libstore-tests/path.cc b/src/libstore-tests/path.cc index bcfce2c9f47..4da73a0ad6c 100644 --- a/src/libstore-tests/path.cc +++ b/src/libstore-tests/path.cc @@ -4,12 +4,12 @@ #include #include -#include "nix/path-regex.hh" -#include "nix/store-api.hh" +#include "nix/store/path-regex.hh" +#include "nix/store/store-api.hh" -#include "nix/tests/hash.hh" -#include "nix/tests/libstore.hh" -#include "nix/tests/path.hh" +#include "nix/util/tests/hash.hh" +#include "nix/store/tests/libstore.hh" +#include "nix/store/tests/path.hh" namespace nix { diff --git a/src/libstore-tests/references.cc b/src/libstore-tests/references.cc index da4b7af3943..59993727d77 100644 --- a/src/libstore-tests/references.cc +++ b/src/libstore-tests/references.cc @@ -1,4 +1,4 @@ -#include "nix/references.hh" +#include "nix/util/references.hh" #include diff --git a/src/libstore-tests/s3-binary-cache-store.cc b/src/libstore-tests/s3-binary-cache-store.cc index 99db360ce6a..be338084ff1 100644 --- a/src/libstore-tests/s3-binary-cache-store.cc +++ b/src/libstore-tests/s3-binary-cache-store.cc @@ -2,7 +2,7 @@ # include -# include "nix/s3-binary-cache-store.hh" +# include "nix/store/s3-binary-cache-store.hh" namespace nix { diff --git a/src/libstore-tests/serve-protocol.cc b/src/libstore-tests/serve-protocol.cc index dd53b80d6ca..9297d46ea1c 100644 --- a/src/libstore-tests/serve-protocol.cc +++ b/src/libstore-tests/serve-protocol.cc @@ -4,13 +4,13 @@ #include #include -#include "nix/serve-protocol.hh" -#include "nix/serve-protocol-impl.hh" -#include "nix/serve-protocol-connection.hh" -#include "nix/build-result.hh" -#include "nix/file-descriptor.hh" -#include "nix/tests/protocol.hh" -#include "nix/tests/characterization.hh" +#include "nix/store/serve-protocol.hh" +#include "nix/store/serve-protocol-impl.hh" +#include "nix/store/serve-protocol-connection.hh" +#include "nix/store/build-result.hh" +#include "nix/util/file-descriptor.hh" +#include "nix/store/tests/protocol.hh" +#include "nix/util/tests/characterization.hh" namespace nix { diff --git a/src/libstore-tests/ssh-store.cc b/src/libstore-tests/ssh-store.cc index 1c54a229eeb..ccb87b767a9 100644 --- a/src/libstore-tests/ssh-store.cc +++ b/src/libstore-tests/ssh-store.cc @@ -3,7 +3,7 @@ #if 0 # include -# include "nix/ssh-store.hh" +# include "nix/store/ssh-store.hh" namespace nix { diff --git a/src/libstore-tests/store-reference.cc b/src/libstore-tests/store-reference.cc index f8e533fa088..dd1b8309072 100644 --- a/src/libstore-tests/store-reference.cc +++ b/src/libstore-tests/store-reference.cc @@ -1,11 +1,11 @@ #include #include -#include "nix/file-system.hh" -#include "nix/store-reference.hh" +#include "nix/util/file-system.hh" +#include "nix/store/store-reference.hh" -#include "nix/tests/characterization.hh" -#include "nix/tests/libstore.hh" +#include "nix/util/tests/characterization.hh" +#include "nix/store/tests/libstore.hh" namespace nix { diff --git a/src/libstore-tests/uds-remote-store.cc b/src/libstore-tests/uds-remote-store.cc index 7157bfbfdbe..c6a92666831 100644 --- a/src/libstore-tests/uds-remote-store.cc +++ b/src/libstore-tests/uds-remote-store.cc @@ -3,7 +3,7 @@ #if 0 # include -# include "nix/uds-remote-store.hh" +# include "nix/store/uds-remote-store.hh" namespace nix { diff --git a/src/libstore-tests/worker-protocol.cc b/src/libstore-tests/worker-protocol.cc index 0a417ed3e54..091cf8a0ede 100644 --- a/src/libstore-tests/worker-protocol.cc +++ b/src/libstore-tests/worker-protocol.cc @@ -4,13 +4,13 @@ #include #include -#include "nix/worker-protocol.hh" -#include "nix/worker-protocol-connection.hh" -#include "nix/worker-protocol-impl.hh" -#include "nix/derived-path.hh" -#include "nix/build-result.hh" -#include "nix/tests/protocol.hh" -#include "nix/tests/characterization.hh" +#include "nix/store/worker-protocol.hh" +#include "nix/store/worker-protocol-connection.hh" +#include "nix/store/worker-protocol-impl.hh" +#include "nix/store/derived-path.hh" +#include "nix/store/build-result.hh" +#include "nix/store/tests/protocol.hh" +#include "nix/util/tests/characterization.hh" namespace nix { diff --git a/src/libstore/binary-cache-store.cc b/src/libstore/binary-cache-store.cc index 48c449e797f..60bd680260f 100644 --- a/src/libstore/binary-cache-store.cc +++ b/src/libstore/binary-cache-store.cc @@ -1,18 +1,18 @@ -#include "nix/archive.hh" -#include "nix/binary-cache-store.hh" -#include "nix/compression.hh" -#include "nix/derivations.hh" -#include "nix/source-accessor.hh" -#include "nix/globals.hh" -#include "nix/nar-info.hh" -#include "nix/sync.hh" -#include "nix/remote-fs-accessor.hh" -#include "nix/nar-info-disk-cache.hh" -#include "nix/nar-accessor.hh" -#include "nix/thread-pool.hh" -#include "nix/callback.hh" -#include "nix/signals.hh" -#include "nix/archive.hh" +#include "nix/util/archive.hh" +#include "nix/store/binary-cache-store.hh" +#include "nix/util/compression.hh" +#include "nix/store/derivations.hh" +#include "nix/util/source-accessor.hh" +#include "nix/store/globals.hh" +#include "nix/store/nar-info.hh" +#include "nix/util/sync.hh" +#include "nix/store/remote-fs-accessor.hh" +#include "nix/store/nar-info-disk-cache.hh" +#include "nix/store/nar-accessor.hh" +#include "nix/util/thread-pool.hh" +#include "nix/util/callback.hh" +#include "nix/util/signals.hh" +#include "nix/util/archive.hh" #include #include diff --git a/src/libstore/build-result.cc b/src/libstore/build-result.cc index 72ad11faea5..09166133786 100644 --- a/src/libstore/build-result.cc +++ b/src/libstore/build-result.cc @@ -1,4 +1,4 @@ -#include "nix/build-result.hh" +#include "nix/store/build-result.hh" namespace nix { diff --git a/src/libstore/build/derivation-goal.cc b/src/libstore/build/derivation-goal.cc index c2858bd34b1..00906eed450 100644 --- a/src/libstore/build/derivation-goal.cc +++ b/src/libstore/build/derivation-goal.cc @@ -1,22 +1,22 @@ -#include "nix/build/derivation-goal.hh" +#include "nix/store/build/derivation-goal.hh" #ifndef _WIN32 // TODO enable build hook on Windows -# include "nix/build/hook-instance.hh" +# include "nix/store/build/hook-instance.hh" #endif -#include "nix/processes.hh" -#include "nix/config-global.hh" -#include "nix/build/worker.hh" -#include "nix/builtins.hh" -#include "nix/builtins/buildenv.hh" -#include "nix/references.hh" -#include "nix/finally.hh" -#include "nix/util.hh" -#include "nix/archive.hh" -#include "nix/compression.hh" -#include "nix/common-protocol.hh" -#include "nix/common-protocol-impl.hh" -#include "nix/topo-sort.hh" -#include "nix/callback.hh" -#include "nix/local-store.hh" // TODO remove, along with remaining downcasts +#include "nix/util/processes.hh" +#include "nix/util/config-global.hh" +#include "nix/store/build/worker.hh" +#include "nix/store/builtins.hh" +#include "nix/store/builtins/buildenv.hh" +#include "nix/util/references.hh" +#include "nix/util/finally.hh" +#include "nix/util/util.hh" +#include "nix/util/archive.hh" +#include "nix/util/compression.hh" +#include "nix/store/common-protocol.hh" +#include "nix/store/common-protocol-impl.hh" +#include "nix/util/topo-sort.hh" +#include "nix/util/callback.hh" +#include "nix/store/local-store.hh" // TODO remove, along with remaining downcasts #include #include @@ -32,7 +32,7 @@ #include -#include "nix/strings.hh" +#include "nix/util/strings.hh" namespace nix { diff --git a/src/libstore/build/drv-output-substitution-goal.cc b/src/libstore/build/drv-output-substitution-goal.cc index 18853e5310d..bc2030fa53c 100644 --- a/src/libstore/build/drv-output-substitution-goal.cc +++ b/src/libstore/build/drv-output-substitution-goal.cc @@ -1,8 +1,8 @@ -#include "nix/build/drv-output-substitution-goal.hh" -#include "nix/finally.hh" -#include "nix/build/worker.hh" -#include "nix/build/substitution-goal.hh" -#include "nix/callback.hh" +#include "nix/store/build/drv-output-substitution-goal.hh" +#include "nix/util/finally.hh" +#include "nix/store/build/worker.hh" +#include "nix/store/build/substitution-goal.hh" +#include "nix/util/callback.hh" namespace nix { diff --git a/src/libstore/build/entry-points.cc b/src/libstore/build/entry-points.cc index 70b32d3ad49..c934b0704ce 100644 --- a/src/libstore/build/entry-points.cc +++ b/src/libstore/build/entry-points.cc @@ -1,10 +1,10 @@ -#include "nix/build/worker.hh" -#include "nix/build/substitution-goal.hh" +#include "nix/store/build/worker.hh" +#include "nix/store/build/substitution-goal.hh" #ifndef _WIN32 // TODO Enable building on Windows -# include "nix/build/derivation-goal.hh" +# include "nix/store/build/derivation-goal.hh" #endif -#include "nix/local-store.hh" -#include "nix/strings.hh" +#include "nix/store/local-store.hh" +#include "nix/util/strings.hh" namespace nix { diff --git a/src/libstore/build/goal.cc b/src/libstore/build/goal.cc index baee4ff16d3..aaa42679390 100644 --- a/src/libstore/build/goal.cc +++ b/src/libstore/build/goal.cc @@ -1,5 +1,5 @@ -#include "nix/build/goal.hh" -#include "nix/build/worker.hh" +#include "nix/store/build/goal.hh" +#include "nix/store/build/worker.hh" namespace nix { diff --git a/src/libstore/build/substitution-goal.cc b/src/libstore/build/substitution-goal.cc index 6794fe73fb3..72bdfa6327e 100644 --- a/src/libstore/build/substitution-goal.cc +++ b/src/libstore/build/substitution-goal.cc @@ -1,8 +1,8 @@ -#include "nix/build/worker.hh" -#include "nix/build/substitution-goal.hh" -#include "nix/nar-info.hh" -#include "nix/finally.hh" -#include "nix/signals.hh" +#include "nix/store/build/worker.hh" +#include "nix/store/build/substitution-goal.hh" +#include "nix/store/nar-info.hh" +#include "nix/util/finally.hh" +#include "nix/util/signals.hh" #include namespace nix { diff --git a/src/libstore/build/worker.cc b/src/libstore/build/worker.cc index 38e965d354d..87710e9ee4e 100644 --- a/src/libstore/build/worker.cc +++ b/src/libstore/build/worker.cc @@ -1,14 +1,14 @@ -#include "nix/local-store.hh" -#include "nix/machines.hh" -#include "nix/build/worker.hh" -#include "nix/build/substitution-goal.hh" -#include "nix/build/drv-output-substitution-goal.hh" -#include "nix/build/derivation-goal.hh" +#include "nix/store/local-store.hh" +#include "nix/store/machines.hh" +#include "nix/store/build/worker.hh" +#include "nix/store/build/substitution-goal.hh" +#include "nix/store/build/drv-output-substitution-goal.hh" +#include "nix/store/build/derivation-goal.hh" #ifndef _WIN32 // TODO Enable building on Windows -# include "nix/build/local-derivation-goal.hh" -# include "nix/build/hook-instance.hh" +# include "nix/store/build/local-derivation-goal.hh" +# include "nix/store/build/hook-instance.hh" #endif -#include "nix/signals.hh" +#include "nix/util/signals.hh" namespace nix { diff --git a/src/libstore/builtins/buildenv.cc b/src/libstore/builtins/buildenv.cc index 4145593cf3a..c3b80bb0b9b 100644 --- a/src/libstore/builtins/buildenv.cc +++ b/src/libstore/builtins/buildenv.cc @@ -1,6 +1,6 @@ -#include "nix/builtins/buildenv.hh" -#include "nix/derivations.hh" -#include "nix/signals.hh" +#include "nix/store/builtins/buildenv.hh" +#include "nix/store/derivations.hh" +#include "nix/util/signals.hh" #include #include diff --git a/src/libstore/builtins/fetchurl.cc b/src/libstore/builtins/fetchurl.cc index 28af8427c65..82f268d807d 100644 --- a/src/libstore/builtins/fetchurl.cc +++ b/src/libstore/builtins/fetchurl.cc @@ -1,8 +1,8 @@ -#include "nix/builtins.hh" -#include "nix/filetransfer.hh" -#include "nix/store-api.hh" -#include "nix/archive.hh" -#include "nix/compression.hh" +#include "nix/store/builtins.hh" +#include "nix/store/filetransfer.hh" +#include "nix/store/store-api.hh" +#include "nix/util/archive.hh" +#include "nix/util/compression.hh" namespace nix { diff --git a/src/libstore/builtins/unpack-channel.cc b/src/libstore/builtins/unpack-channel.cc index 9e76ee7d382..f6be21e356b 100644 --- a/src/libstore/builtins/unpack-channel.cc +++ b/src/libstore/builtins/unpack-channel.cc @@ -1,5 +1,5 @@ -#include "nix/builtins.hh" -#include "nix/tarfile.hh" +#include "nix/store/builtins.hh" +#include "nix/util/tarfile.hh" namespace nix { diff --git a/src/libstore/common-protocol.cc b/src/libstore/common-protocol.cc index 4845d587351..311f4888c66 100644 --- a/src/libstore/common-protocol.cc +++ b/src/libstore/common-protocol.cc @@ -1,11 +1,11 @@ -#include "nix/serialise.hh" -#include "nix/path-with-outputs.hh" -#include "nix/store-api.hh" -#include "nix/build-result.hh" -#include "nix/common-protocol.hh" -#include "nix/common-protocol-impl.hh" -#include "nix/archive.hh" -#include "nix/derivations.hh" +#include "nix/util/serialise.hh" +#include "nix/store/path-with-outputs.hh" +#include "nix/store/store-api.hh" +#include "nix/store/build-result.hh" +#include "nix/store/common-protocol.hh" +#include "nix/store/common-protocol-impl.hh" +#include "nix/util/archive.hh" +#include "nix/store/derivations.hh" #include diff --git a/src/libstore/common-ssh-store-config.cc b/src/libstore/common-ssh-store-config.cc index d4123e326be..7cfbc5f98ab 100644 --- a/src/libstore/common-ssh-store-config.cc +++ b/src/libstore/common-ssh-store-config.cc @@ -1,7 +1,7 @@ #include -#include "nix/common-ssh-store-config.hh" -#include "nix/ssh.hh" +#include "nix/store/common-ssh-store-config.hh" +#include "nix/store/ssh.hh" namespace nix { diff --git a/src/libstore/content-address.cc b/src/libstore/content-address.cc index a3745b4ef31..5d27c41367f 100644 --- a/src/libstore/content-address.cc +++ b/src/libstore/content-address.cc @@ -1,6 +1,6 @@ -#include "nix/args.hh" -#include "nix/content-address.hh" -#include "nix/split.hh" +#include "nix/util/args.hh" +#include "nix/store/content-address.hh" +#include "nix/util/split.hh" namespace nix { diff --git a/src/libstore/daemon.cc b/src/libstore/daemon.cc index 6de8447483a..8f751427342 100644 --- a/src/libstore/daemon.cc +++ b/src/libstore/daemon.cc @@ -1,23 +1,23 @@ -#include "nix/daemon.hh" -#include "nix/signals.hh" -#include "nix/worker-protocol.hh" -#include "nix/worker-protocol-connection.hh" -#include "nix/worker-protocol-impl.hh" -#include "nix/build-result.hh" -#include "nix/store-api.hh" -#include "nix/store-cast.hh" -#include "nix/gc-store.hh" -#include "nix/log-store.hh" -#include "nix/indirect-root-store.hh" -#include "nix/path-with-outputs.hh" -#include "nix/finally.hh" -#include "nix/archive.hh" -#include "nix/derivations.hh" -#include "nix/args.hh" -#include "nix/git.hh" +#include "nix/store/daemon.hh" +#include "nix/util/signals.hh" +#include "nix/store/worker-protocol.hh" +#include "nix/store/worker-protocol-connection.hh" +#include "nix/store/worker-protocol-impl.hh" +#include "nix/store/build-result.hh" +#include "nix/store/store-api.hh" +#include "nix/store/store-cast.hh" +#include "nix/store/gc-store.hh" +#include "nix/store/log-store.hh" +#include "nix/store/indirect-root-store.hh" +#include "nix/store/path-with-outputs.hh" +#include "nix/util/finally.hh" +#include "nix/util/archive.hh" +#include "nix/store/derivations.hh" +#include "nix/util/args.hh" +#include "nix/util/git.hh" #ifndef _WIN32 // TODO need graceful async exit support on Windows? -# include "nix/monitor-fd.hh" +# include "nix/util/monitor-fd.hh" #endif #include diff --git a/src/libstore/derivation-options.cc b/src/libstore/derivation-options.cc index 8683fd8ada3..962222f6d54 100644 --- a/src/libstore/derivation-options.cc +++ b/src/libstore/derivation-options.cc @@ -1,8 +1,8 @@ -#include "nix/derivation-options.hh" -#include "nix/json-utils.hh" -#include "nix/parsed-derivations.hh" -#include "nix/types.hh" -#include "nix/util.hh" +#include "nix/store/derivation-options.hh" +#include "nix/util/json-utils.hh" +#include "nix/store/parsed-derivations.hh" +#include "nix/util/types.hh" +#include "nix/util/util.hh" #include #include #include diff --git a/src/libstore/derivations.cc b/src/libstore/derivations.cc index 4c027d64b75..360d19afee2 100644 --- a/src/libstore/derivations.cc +++ b/src/libstore/derivations.cc @@ -1,14 +1,14 @@ -#include "nix/derivations.hh" -#include "nix/downstream-placeholder.hh" -#include "nix/store-api.hh" -#include "nix/globals.hh" -#include "nix/types.hh" -#include "nix/util.hh" -#include "nix/split.hh" -#include "nix/common-protocol.hh" -#include "nix/common-protocol-impl.hh" -#include "nix/strings-inline.hh" -#include "nix/json-utils.hh" +#include "nix/store/derivations.hh" +#include "nix/store/downstream-placeholder.hh" +#include "nix/store/store-api.hh" +#include "nix/store/globals.hh" +#include "nix/util/types.hh" +#include "nix/util/util.hh" +#include "nix/util/split.hh" +#include "nix/store/common-protocol.hh" +#include "nix/store/common-protocol-impl.hh" +#include "nix/util/strings-inline.hh" +#include "nix/util/json-utils.hh" #include #include diff --git a/src/libstore/derived-path-map.cc b/src/libstore/derived-path-map.cc index cb6d98d5a66..d4234d92ccf 100644 --- a/src/libstore/derived-path-map.cc +++ b/src/libstore/derived-path-map.cc @@ -1,5 +1,5 @@ -#include "nix/derived-path-map.hh" -#include "nix/util.hh" +#include "nix/store/derived-path-map.hh" +#include "nix/util/util.hh" namespace nix { diff --git a/src/libstore/derived-path.cc b/src/libstore/derived-path.cc index 94f8d93f7d0..950ac1c1aff 100644 --- a/src/libstore/derived-path.cc +++ b/src/libstore/derived-path.cc @@ -1,7 +1,7 @@ -#include "nix/derived-path.hh" -#include "nix/derivations.hh" -#include "nix/store-api.hh" -#include "nix/comparator.hh" +#include "nix/store/derived-path.hh" +#include "nix/store/derivations.hh" +#include "nix/store/store-api.hh" +#include "nix/util/comparator.hh" #include diff --git a/src/libstore/downstream-placeholder.cc b/src/libstore/downstream-placeholder.cc index 52c46ddee60..24ce2ad997a 100644 --- a/src/libstore/downstream-placeholder.cc +++ b/src/libstore/downstream-placeholder.cc @@ -1,5 +1,5 @@ -#include "nix/downstream-placeholder.hh" -#include "nix/derivations.hh" +#include "nix/store/downstream-placeholder.hh" +#include "nix/store/derivations.hh" namespace nix { diff --git a/src/libstore/dummy-store.cc b/src/libstore/dummy-store.cc index b922b30a641..7252e1d332d 100644 --- a/src/libstore/dummy-store.cc +++ b/src/libstore/dummy-store.cc @@ -1,5 +1,5 @@ -#include "nix/store-api.hh" -#include "nix/callback.hh" +#include "nix/store/store-api.hh" +#include "nix/util/callback.hh" namespace nix { diff --git a/src/libstore/export-import.cc b/src/libstore/export-import.cc index efec2a40996..5bbdd1e5cf5 100644 --- a/src/libstore/export-import.cc +++ b/src/libstore/export-import.cc @@ -1,8 +1,8 @@ -#include "nix/serialise.hh" -#include "nix/store-api.hh" -#include "nix/archive.hh" -#include "nix/common-protocol.hh" -#include "nix/common-protocol-impl.hh" +#include "nix/util/serialise.hh" +#include "nix/store/store-api.hh" +#include "nix/util/archive.hh" +#include "nix/store/common-protocol.hh" +#include "nix/store/common-protocol-impl.hh" #include diff --git a/src/libstore/filetransfer.cc b/src/libstore/filetransfer.cc index fc77b61507e..9d83bfa132b 100644 --- a/src/libstore/filetransfer.cc +++ b/src/libstore/filetransfer.cc @@ -1,19 +1,19 @@ -#include "nix/filetransfer.hh" -#include "nix/globals.hh" -#include "nix/config-global.hh" -#include "nix/store-api.hh" -#include "nix/s3.hh" -#include "nix/compression.hh" -#include "nix/finally.hh" -#include "nix/callback.hh" -#include "nix/signals.hh" +#include "nix/store/filetransfer.hh" +#include "nix/store/globals.hh" +#include "nix/util/config-global.hh" +#include "nix/store/store-api.hh" +#include "nix/store/s3.hh" +#include "nix/util/compression.hh" +#include "nix/util/finally.hh" +#include "nix/util/callback.hh" +#include "nix/util/signals.hh" #if ENABLE_S3 #include #endif #if __linux__ -# include "nix/namespaces.hh" +# include "nix/util/namespaces.hh" #endif #include diff --git a/src/libstore/gc.cc b/src/libstore/gc.cc index 43b5c7891c3..cb3a3c1cdb9 100644 --- a/src/libstore/gc.cc +++ b/src/libstore/gc.cc @@ -1,16 +1,16 @@ -#include "nix/derivations.hh" -#include "nix/globals.hh" -#include "nix/local-store.hh" -#include "nix/finally.hh" -#include "nix/unix-domain-socket.hh" -#include "nix/signals.hh" -#include "nix/posix-fs-canonicalise.hh" +#include "nix/store/derivations.hh" +#include "nix/store/globals.hh" +#include "nix/store/local-store.hh" +#include "nix/util/finally.hh" +#include "nix/util/unix-domain-socket.hh" +#include "nix/util/signals.hh" +#include "nix/store/posix-fs-canonicalise.hh" #include "store-config-private.hh" #if !defined(__linux__) // For shelling out to lsof -# include "nix/processes.hh" +# include "nix/util/processes.hh" #endif #include diff --git a/src/libstore/globals.cc b/src/libstore/globals.cc index 70feaf311a1..a3633b08442 100644 --- a/src/libstore/globals.cc +++ b/src/libstore/globals.cc @@ -1,12 +1,11 @@ -#include "nix/globals.hh" -#include "nix/config-global.hh" -#include "nix/current-process.hh" -#include "nix/archive.hh" -#include "nix/args.hh" -#include "nix/abstract-setting-to-json.hh" -#include "nix/compute-levels.hh" -#include "nix/signals.hh" -#include "nix/strings.hh" +#include "nix/store/globals.hh" +#include "nix/util/config-global.hh" +#include "nix/util/current-process.hh" +#include "nix/util/archive.hh" +#include "nix/util/args.hh" +#include "nix/util/abstract-setting-to-json.hh" +#include "nix/util/compute-levels.hh" +#include "nix/util/signals.hh" #include #include @@ -27,10 +26,10 @@ #endif #if __APPLE__ -# include "nix/processes.hh" +# include "nix/util/processes.hh" #endif -#include "nix/config-impl.hh" +#include "nix/util/config-impl.hh" #ifdef __APPLE__ #include @@ -38,7 +37,6 @@ #include "store-config-private.hh" - namespace nix { diff --git a/src/libstore/http-binary-cache-store.cc b/src/libstore/http-binary-cache-store.cc index a8d77f753ea..4c13d5c7394 100644 --- a/src/libstore/http-binary-cache-store.cc +++ b/src/libstore/http-binary-cache-store.cc @@ -1,8 +1,8 @@ -#include "nix/http-binary-cache-store.hh" -#include "nix/filetransfer.hh" -#include "nix/globals.hh" -#include "nix/nar-info-disk-cache.hh" -#include "nix/callback.hh" +#include "nix/store/http-binary-cache-store.hh" +#include "nix/store/filetransfer.hh" +#include "nix/store/globals.hh" +#include "nix/store/nar-info-disk-cache.hh" +#include "nix/util/callback.hh" namespace nix { diff --git a/src/libstore/include/nix/binary-cache-store.hh b/src/libstore/include/nix/store/binary-cache-store.hh similarity index 97% rename from src/libstore/include/nix/binary-cache-store.hh rename to src/libstore/include/nix/store/binary-cache-store.hh index ec012cda8d7..da4906d3fa7 100644 --- a/src/libstore/include/nix/binary-cache-store.hh +++ b/src/libstore/include/nix/store/binary-cache-store.hh @@ -1,11 +1,11 @@ #pragma once ///@file -#include "nix/signature/local-keys.hh" -#include "nix/store-api.hh" -#include "nix/log-store.hh" +#include "nix/util/signature/local-keys.hh" +#include "nix/store/store-api.hh" +#include "nix/store/log-store.hh" -#include "nix/pool.hh" +#include "nix/util/pool.hh" #include diff --git a/src/libstore/include/nix/build-result.hh b/src/libstore/include/nix/store/build-result.hh similarity index 98% rename from src/libstore/include/nix/build-result.hh rename to src/libstore/include/nix/store/build-result.hh index 20d72634660..edc77a52350 100644 --- a/src/libstore/include/nix/build-result.hh +++ b/src/libstore/include/nix/store/build-result.hh @@ -1,8 +1,8 @@ #pragma once ///@file -#include "nix/realisation.hh" -#include "nix/derived-path.hh" +#include "nix/store/realisation.hh" +#include "nix/store/derived-path.hh" #include #include diff --git a/src/libstore/include/nix/build/derivation-goal.hh b/src/libstore/include/nix/store/build/derivation-goal.hh similarity index 97% rename from src/libstore/include/nix/build/derivation-goal.hh rename to src/libstore/include/nix/store/build/derivation-goal.hh index 6e51956fd8e..8a1c6f33bc1 100644 --- a/src/libstore/include/nix/build/derivation-goal.hh +++ b/src/libstore/include/nix/store/build/derivation-goal.hh @@ -1,15 +1,15 @@ #pragma once ///@file -#include "nix/parsed-derivations.hh" -#include "nix/derivation-options.hh" +#include "nix/store/parsed-derivations.hh" +#include "nix/store/derivation-options.hh" #ifndef _WIN32 -# include "nix/user-lock.hh" +# include "nix/store/user-lock.hh" #endif -#include "nix/outputs-spec.hh" -#include "nix/store-api.hh" -#include "nix/pathlocks.hh" -#include "nix/build/goal.hh" +#include "nix/store/outputs-spec.hh" +#include "nix/store/store-api.hh" +#include "nix/store/pathlocks.hh" +#include "nix/store/build/goal.hh" namespace nix { diff --git a/src/libstore/include/nix/build/drv-output-substitution-goal.hh b/src/libstore/include/nix/store/build/drv-output-substitution-goal.hh similarity index 88% rename from src/libstore/include/nix/build/drv-output-substitution-goal.hh rename to src/libstore/include/nix/store/build/drv-output-substitution-goal.hh index 94db4fbbc5c..81d66fe1eec 100644 --- a/src/libstore/include/nix/build/drv-output-substitution-goal.hh +++ b/src/libstore/include/nix/store/build/drv-output-substitution-goal.hh @@ -4,10 +4,10 @@ #include #include -#include "nix/store-api.hh" -#include "nix/build/goal.hh" -#include "nix/realisation.hh" -#include "nix/muxable-pipe.hh" +#include "nix/store/store-api.hh" +#include "nix/store/build/goal.hh" +#include "nix/store/realisation.hh" +#include "nix/util/muxable-pipe.hh" namespace nix { diff --git a/src/libstore/include/nix/build/goal.hh b/src/libstore/include/nix/store/build/goal.hh similarity index 99% rename from src/libstore/include/nix/build/goal.hh rename to src/libstore/include/nix/store/build/goal.hh index 53e1f4ba222..7c3873012e7 100644 --- a/src/libstore/include/nix/build/goal.hh +++ b/src/libstore/include/nix/store/build/goal.hh @@ -1,8 +1,8 @@ #pragma once ///@file -#include "nix/store-api.hh" -#include "nix/build-result.hh" +#include "nix/store/store-api.hh" +#include "nix/store/build-result.hh" #include diff --git a/src/libstore/include/nix/build/substitution-goal.hh b/src/libstore/include/nix/store/build/substitution-goal.hh similarity index 93% rename from src/libstore/include/nix/build/substitution-goal.hh rename to src/libstore/include/nix/store/build/substitution-goal.hh index c8139025c8d..7b68b08219e 100644 --- a/src/libstore/include/nix/build/substitution-goal.hh +++ b/src/libstore/include/nix/store/build/substitution-goal.hh @@ -1,10 +1,10 @@ #pragma once ///@file -#include "nix/build/worker.hh" -#include "nix/store-api.hh" -#include "nix/build/goal.hh" -#include "nix/muxable-pipe.hh" +#include "nix/store/build/worker.hh" +#include "nix/store/store-api.hh" +#include "nix/store/build/goal.hh" +#include "nix/util/muxable-pipe.hh" #include #include #include diff --git a/src/libstore/include/nix/build/worker.hh b/src/libstore/include/nix/store/build/worker.hh similarity index 98% rename from src/libstore/include/nix/build/worker.hh rename to src/libstore/include/nix/store/build/worker.hh index 467e258dfab..7e03a0c2fe6 100644 --- a/src/libstore/include/nix/build/worker.hh +++ b/src/libstore/include/nix/store/build/worker.hh @@ -1,11 +1,11 @@ #pragma once ///@file -#include "nix/types.hh" -#include "nix/store-api.hh" -#include "nix/build/goal.hh" -#include "nix/realisation.hh" -#include "nix/muxable-pipe.hh" +#include "nix/util/types.hh" +#include "nix/store/store-api.hh" +#include "nix/store/build/goal.hh" +#include "nix/store/realisation.hh" +#include "nix/util/muxable-pipe.hh" #include #include diff --git a/src/libstore/include/nix/builtins.hh b/src/libstore/include/nix/store/builtins.hh similarity index 90% rename from src/libstore/include/nix/builtins.hh rename to src/libstore/include/nix/store/builtins.hh index 5943ae5073b..004e9ef64a2 100644 --- a/src/libstore/include/nix/builtins.hh +++ b/src/libstore/include/nix/store/builtins.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "nix/derivations.hh" +#include "nix/store/derivations.hh" namespace nix { diff --git a/src/libstore/include/nix/builtins/buildenv.hh b/src/libstore/include/nix/store/builtins/buildenv.hh similarity index 96% rename from src/libstore/include/nix/builtins/buildenv.hh rename to src/libstore/include/nix/store/builtins/buildenv.hh index 00fc3bf902a..a0a26203716 100644 --- a/src/libstore/include/nix/builtins/buildenv.hh +++ b/src/libstore/include/nix/store/builtins/buildenv.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "nix/store-api.hh" +#include "nix/store/store-api.hh" namespace nix { diff --git a/src/libstore/include/nix/common-protocol-impl.hh b/src/libstore/include/nix/store/common-protocol-impl.hh similarity index 92% rename from src/libstore/include/nix/common-protocol-impl.hh rename to src/libstore/include/nix/store/common-protocol-impl.hh index 71d5fc015c0..171b4c6a5b3 100644 --- a/src/libstore/include/nix/common-protocol-impl.hh +++ b/src/libstore/include/nix/store/common-protocol-impl.hh @@ -8,8 +8,8 @@ * contributing guide. */ -#include "nix/common-protocol.hh" -#include "nix/length-prefixed-protocol-helper.hh" +#include "nix/store/common-protocol.hh" +#include "nix/store/length-prefixed-protocol-helper.hh" namespace nix { diff --git a/src/libstore/include/nix/common-protocol.hh b/src/libstore/include/nix/store/common-protocol.hh similarity index 98% rename from src/libstore/include/nix/common-protocol.hh rename to src/libstore/include/nix/store/common-protocol.hh index 260f192568a..b464cda67d0 100644 --- a/src/libstore/include/nix/common-protocol.hh +++ b/src/libstore/include/nix/store/common-protocol.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "nix/serialise.hh" +#include "nix/util/serialise.hh" namespace nix { diff --git a/src/libstore/include/nix/common-ssh-store-config.hh b/src/libstore/include/nix/store/common-ssh-store-config.hh similarity index 98% rename from src/libstore/include/nix/common-ssh-store-config.hh rename to src/libstore/include/nix/store/common-ssh-store-config.hh index 54aa8cb5e39..f82124c6661 100644 --- a/src/libstore/include/nix/common-ssh-store-config.hh +++ b/src/libstore/include/nix/store/common-ssh-store-config.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "nix/store-api.hh" +#include "nix/store/store-api.hh" namespace nix { diff --git a/src/libstore/include/nix/content-address.hh b/src/libstore/include/nix/store/content-address.hh similarity index 98% rename from src/libstore/include/nix/content-address.hh rename to src/libstore/include/nix/store/content-address.hh index 6a2cbb1efe5..8442fabb27e 100644 --- a/src/libstore/include/nix/content-address.hh +++ b/src/libstore/include/nix/store/content-address.hh @@ -2,10 +2,10 @@ ///@file #include -#include "nix/hash.hh" -#include "nix/path.hh" -#include "nix/file-content-address.hh" -#include "nix/variant-wrapper.hh" +#include "nix/util/hash.hh" +#include "nix/store/path.hh" +#include "nix/util/file-content-address.hh" +#include "nix/util/variant-wrapper.hh" namespace nix { diff --git a/src/libstore/include/nix/daemon.hh b/src/libstore/include/nix/store/daemon.hh similarity index 79% rename from src/libstore/include/nix/daemon.hh rename to src/libstore/include/nix/store/daemon.hh index 38df5796733..d14541df761 100644 --- a/src/libstore/include/nix/daemon.hh +++ b/src/libstore/include/nix/store/daemon.hh @@ -1,8 +1,8 @@ #pragma once ///@file -#include "nix/serialise.hh" -#include "nix/store-api.hh" +#include "nix/util/serialise.hh" +#include "nix/store/store-api.hh" namespace nix::daemon { diff --git a/src/libstore/include/nix/derivation-options.hh b/src/libstore/include/nix/store/derivation-options.hh similarity index 98% rename from src/libstore/include/nix/derivation-options.hh rename to src/libstore/include/nix/store/derivation-options.hh index 459b7de78cc..8f549b737ed 100644 --- a/src/libstore/include/nix/derivation-options.hh +++ b/src/libstore/include/nix/store/derivation-options.hh @@ -6,8 +6,8 @@ #include #include -#include "nix/types.hh" -#include "nix/json-impls.hh" +#include "nix/util/types.hh" +#include "nix/util/json-impls.hh" namespace nix { diff --git a/src/libstore/include/nix/derivations.hh b/src/libstore/include/nix/store/derivations.hh similarity index 98% rename from src/libstore/include/nix/derivations.hh rename to src/libstore/include/nix/store/derivations.hh index 997cead4f90..df490dc7b85 100644 --- a/src/libstore/include/nix/derivations.hh +++ b/src/libstore/include/nix/store/derivations.hh @@ -1,14 +1,14 @@ #pragma once ///@file -#include "nix/path.hh" -#include "nix/types.hh" -#include "nix/hash.hh" -#include "nix/content-address.hh" -#include "nix/repair-flag.hh" -#include "nix/derived-path-map.hh" -#include "nix/sync.hh" -#include "nix/variant-wrapper.hh" +#include "nix/store/path.hh" +#include "nix/util/types.hh" +#include "nix/util/hash.hh" +#include "nix/store/content-address.hh" +#include "nix/util/repair-flag.hh" +#include "nix/store/derived-path-map.hh" +#include "nix/util/sync.hh" +#include "nix/util/variant-wrapper.hh" #include #include diff --git a/src/libstore/include/nix/derived-path-map.hh b/src/libstore/include/nix/store/derived-path-map.hh similarity index 98% rename from src/libstore/include/nix/derived-path-map.hh rename to src/libstore/include/nix/store/derived-path-map.hh index 24c5ca3d7cb..956f8bb0b77 100644 --- a/src/libstore/include/nix/derived-path-map.hh +++ b/src/libstore/include/nix/store/derived-path-map.hh @@ -1,8 +1,8 @@ #pragma once ///@file -#include "nix/types.hh" -#include "nix/derived-path.hh" +#include "nix/util/types.hh" +#include "nix/store/derived-path.hh" namespace nix { diff --git a/src/libstore/include/nix/derived-path.hh b/src/libstore/include/nix/store/derived-path.hh similarity index 98% rename from src/libstore/include/nix/derived-path.hh rename to src/libstore/include/nix/store/derived-path.hh index 719ae035097..2cf06c9b7f7 100644 --- a/src/libstore/include/nix/derived-path.hh +++ b/src/libstore/include/nix/store/derived-path.hh @@ -1,10 +1,10 @@ #pragma once ///@file -#include "nix/path.hh" -#include "nix/outputs-spec.hh" -#include "nix/config.hh" -#include "nix/ref.hh" +#include "nix/store/path.hh" +#include "nix/store/outputs-spec.hh" +#include "nix/util/configuration.hh" +#include "nix/util/ref.hh" #include diff --git a/src/libstore/include/nix/downstream-placeholder.hh b/src/libstore/include/nix/store/downstream-placeholder.hh similarity index 97% rename from src/libstore/include/nix/downstream-placeholder.hh rename to src/libstore/include/nix/store/downstream-placeholder.hh index eb6662d3b09..da03cd9a61b 100644 --- a/src/libstore/include/nix/downstream-placeholder.hh +++ b/src/libstore/include/nix/store/downstream-placeholder.hh @@ -1,9 +1,9 @@ #pragma once ///@file -#include "nix/hash.hh" -#include "nix/path.hh" -#include "nix/derived-path.hh" +#include "nix/util/hash.hh" +#include "nix/store/path.hh" +#include "nix/store/derived-path.hh" namespace nix { diff --git a/src/libstore/include/nix/filetransfer.hh b/src/libstore/include/nix/store/filetransfer.hh similarity index 96% rename from src/libstore/include/nix/filetransfer.hh rename to src/libstore/include/nix/store/filetransfer.hh index 31ad1aabdb6..217c52d77f6 100644 --- a/src/libstore/include/nix/filetransfer.hh +++ b/src/libstore/include/nix/store/filetransfer.hh @@ -4,11 +4,11 @@ #include #include -#include "nix/logging.hh" -#include "nix/types.hh" -#include "nix/ref.hh" -#include "nix/config.hh" -#include "nix/serialise.hh" +#include "nix/util/logging.hh" +#include "nix/util/types.hh" +#include "nix/util/ref.hh" +#include "nix/util/configuration.hh" +#include "nix/util/serialise.hh" namespace nix { diff --git a/src/libstore/include/nix/gc-store.hh b/src/libstore/include/nix/store/gc-store.hh similarity index 99% rename from src/libstore/include/nix/gc-store.hh rename to src/libstore/include/nix/store/gc-store.hh index f5f6855409a..cef6e8776e6 100644 --- a/src/libstore/include/nix/gc-store.hh +++ b/src/libstore/include/nix/store/gc-store.hh @@ -3,7 +3,7 @@ #include -#include "nix/store-api.hh" +#include "nix/store/store-api.hh" namespace nix { diff --git a/src/libstore/include/nix/globals.hh b/src/libstore/include/nix/store/globals.hh similarity index 99% rename from src/libstore/include/nix/globals.hh rename to src/libstore/include/nix/store/globals.hh index 1630c0ae769..4c4395e05e4 100644 --- a/src/libstore/include/nix/globals.hh +++ b/src/libstore/include/nix/store/globals.hh @@ -6,13 +6,13 @@ #include -#include "nix/types.hh" -#include "nix/config.hh" -#include "nix/environment-variables.hh" -#include "nix/experimental-features.hh" -#include "nix/users.hh" +#include "nix/util/types.hh" +#include "nix/util/configuration.hh" +#include "nix/util/environment-variables.hh" +#include "nix/util/experimental-features.hh" +#include "nix/util/users.hh" -#include "nix/store-config.hh" +#include "nix/store/config.hh" namespace nix { diff --git a/src/libstore/include/nix/http-binary-cache-store.hh b/src/libstore/include/nix/store/http-binary-cache-store.hh similarity index 93% rename from src/libstore/include/nix/http-binary-cache-store.hh rename to src/libstore/include/nix/store/http-binary-cache-store.hh index 9dadda4d3d8..aaec3116ddb 100644 --- a/src/libstore/include/nix/http-binary-cache-store.hh +++ b/src/libstore/include/nix/store/http-binary-cache-store.hh @@ -1,4 +1,4 @@ -#include "nix/binary-cache-store.hh" +#include "nix/store/binary-cache-store.hh" namespace nix { diff --git a/src/libstore/include/nix/indirect-root-store.hh b/src/libstore/include/nix/store/indirect-root-store.hh similarity index 98% rename from src/libstore/include/nix/indirect-root-store.hh rename to src/libstore/include/nix/store/indirect-root-store.hh index de4de138b95..bbdad83f309 100644 --- a/src/libstore/include/nix/indirect-root-store.hh +++ b/src/libstore/include/nix/store/indirect-root-store.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "nix/local-fs-store.hh" +#include "nix/store/local-fs-store.hh" namespace nix { diff --git a/src/libstore/include/nix/keys.hh b/src/libstore/include/nix/store/keys.hh similarity index 64% rename from src/libstore/include/nix/keys.hh rename to src/libstore/include/nix/store/keys.hh index ae0fa8d0217..77aec6bb201 100644 --- a/src/libstore/include/nix/keys.hh +++ b/src/libstore/include/nix/store/keys.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "nix/signature/local-keys.hh" +#include "nix/util/signature/local-keys.hh" namespace nix { diff --git a/src/libstore/include/nix/legacy-ssh-store.hh b/src/libstore/include/nix/store/legacy-ssh-store.hh similarity index 96% rename from src/libstore/include/nix/legacy-ssh-store.hh rename to src/libstore/include/nix/store/legacy-ssh-store.hh index 9c4a9230da1..a1fbf3f1e45 100644 --- a/src/libstore/include/nix/legacy-ssh-store.hh +++ b/src/libstore/include/nix/store/legacy-ssh-store.hh @@ -1,12 +1,12 @@ #pragma once ///@file -#include "nix/common-ssh-store-config.hh" -#include "nix/store-api.hh" -#include "nix/ssh.hh" -#include "nix/callback.hh" -#include "nix/pool.hh" -#include "nix/serve-protocol.hh" +#include "nix/store/common-ssh-store-config.hh" +#include "nix/store/store-api.hh" +#include "nix/store/ssh.hh" +#include "nix/util/callback.hh" +#include "nix/util/pool.hh" +#include "nix/store/serve-protocol.hh" namespace nix { diff --git a/src/libstore/include/nix/length-prefixed-protocol-helper.hh b/src/libstore/include/nix/store/length-prefixed-protocol-helper.hh similarity index 99% rename from src/libstore/include/nix/length-prefixed-protocol-helper.hh rename to src/libstore/include/nix/store/length-prefixed-protocol-helper.hh index ad7b32793e4..664841aae6f 100644 --- a/src/libstore/include/nix/length-prefixed-protocol-helper.hh +++ b/src/libstore/include/nix/store/length-prefixed-protocol-helper.hh @@ -8,7 +8,7 @@ * Used by both the Worker and Serve protocols. */ -#include "nix/types.hh" +#include "nix/util/types.hh" namespace nix { diff --git a/src/libstore/include/nix/local-binary-cache-store.hh b/src/libstore/include/nix/store/local-binary-cache-store.hh similarity index 91% rename from src/libstore/include/nix/local-binary-cache-store.hh rename to src/libstore/include/nix/store/local-binary-cache-store.hh index acff6621d6d..dde4701da07 100644 --- a/src/libstore/include/nix/local-binary-cache-store.hh +++ b/src/libstore/include/nix/store/local-binary-cache-store.hh @@ -1,4 +1,4 @@ -#include "nix/binary-cache-store.hh" +#include "nix/store/binary-cache-store.hh" namespace nix { diff --git a/src/libstore/include/nix/local-fs-store.hh b/src/libstore/include/nix/store/local-fs-store.hh similarity index 96% rename from src/libstore/include/nix/local-fs-store.hh rename to src/libstore/include/nix/store/local-fs-store.hh index 2a5f6e3e7cd..6d5afcb080b 100644 --- a/src/libstore/include/nix/local-fs-store.hh +++ b/src/libstore/include/nix/store/local-fs-store.hh @@ -1,9 +1,9 @@ #pragma once ///@file -#include "nix/store-api.hh" -#include "nix/gc-store.hh" -#include "nix/log-store.hh" +#include "nix/store/store-api.hh" +#include "nix/store/gc-store.hh" +#include "nix/store/log-store.hh" namespace nix { diff --git a/src/libstore/include/nix/local-overlay-store.hh b/src/libstore/include/nix/store/local-overlay-store.hh similarity index 99% rename from src/libstore/include/nix/local-overlay-store.hh rename to src/libstore/include/nix/store/local-overlay-store.hh index 1cee3cc9f9f..825214cb645 100644 --- a/src/libstore/include/nix/local-overlay-store.hh +++ b/src/libstore/include/nix/store/local-overlay-store.hh @@ -1,4 +1,4 @@ -#include "nix/local-store.hh" +#include "nix/store/local-store.hh" namespace nix { diff --git a/src/libstore/include/nix/local-store.hh b/src/libstore/include/nix/store/local-store.hh similarity index 98% rename from src/libstore/include/nix/local-store.hh rename to src/libstore/include/nix/store/local-store.hh index 2e1fcdfcff2..3691fb4b6d9 100644 --- a/src/libstore/include/nix/local-store.hh +++ b/src/libstore/include/nix/store/local-store.hh @@ -1,12 +1,12 @@ #pragma once ///@file -#include "nix/sqlite.hh" +#include "nix/store/sqlite.hh" -#include "nix/pathlocks.hh" -#include "nix/store-api.hh" -#include "nix/indirect-root-store.hh" -#include "nix/sync.hh" +#include "nix/store/pathlocks.hh" +#include "nix/store/store-api.hh" +#include "nix/store/indirect-root-store.hh" +#include "nix/util/sync.hh" #include #include diff --git a/src/libstore/include/nix/log-store.hh b/src/libstore/include/nix/store/log-store.hh similarity index 94% rename from src/libstore/include/nix/log-store.hh rename to src/libstore/include/nix/store/log-store.hh index 5cd8a9f885c..fc12b0c479a 100644 --- a/src/libstore/include/nix/log-store.hh +++ b/src/libstore/include/nix/store/log-store.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "nix/store-api.hh" +#include "nix/store/store-api.hh" namespace nix { diff --git a/src/libstore/include/nix/machines.hh b/src/libstore/include/nix/store/machines.hh similarity index 97% rename from src/libstore/include/nix/machines.hh rename to src/libstore/include/nix/store/machines.hh index 6cd1853a5d5..f07d6b63b21 100644 --- a/src/libstore/include/nix/machines.hh +++ b/src/libstore/include/nix/store/machines.hh @@ -1,8 +1,8 @@ #pragma once ///@file -#include "nix/ref.hh" -#include "nix/store-reference.hh" +#include "nix/util/ref.hh" +#include "nix/store/store-reference.hh" namespace nix { diff --git a/src/libstore/include/nix/make-content-addressed.hh b/src/libstore/include/nix/store/make-content-addressed.hh similarity index 93% rename from src/libstore/include/nix/make-content-addressed.hh rename to src/libstore/include/nix/store/make-content-addressed.hh index 75fe4462f4f..3881b6d40c2 100644 --- a/src/libstore/include/nix/make-content-addressed.hh +++ b/src/libstore/include/nix/store/make-content-addressed.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "nix/store-api.hh" +#include "nix/store/store-api.hh" namespace nix { diff --git a/src/libstore/include/nix/meson.build b/src/libstore/include/nix/store/meson.build similarity index 96% rename from src/libstore/include/nix/meson.build rename to src/libstore/include/nix/store/meson.build index d29efe50e45..312fd5e8736 100644 --- a/src/libstore/include/nix/meson.build +++ b/src/libstore/include/nix/store/meson.build @@ -1,12 +1,12 @@ # Public headers directory include_dirs = [ - include_directories('..'), + include_directories('../..'), ] config_pub_h = configure_file( configuration : configdata_pub, - output : 'store-config.hh', + output : 'config.hh', ) headers = [config_pub_h] + files( diff --git a/src/libstore/include/nix/names.hh b/src/libstore/include/nix/store/names.hh similarity index 95% rename from src/libstore/include/nix/names.hh rename to src/libstore/include/nix/store/names.hh index f11c22b1c9b..ab315de6398 100644 --- a/src/libstore/include/nix/names.hh +++ b/src/libstore/include/nix/store/names.hh @@ -3,7 +3,7 @@ #include -#include "nix/types.hh" +#include "nix/util/types.hh" namespace nix { diff --git a/src/libstore/include/nix/nar-accessor.hh b/src/libstore/include/nix/store/nar-accessor.hh similarity index 95% rename from src/libstore/include/nix/nar-accessor.hh rename to src/libstore/include/nix/store/nar-accessor.hh index b64330547be..199d525cbf3 100644 --- a/src/libstore/include/nix/nar-accessor.hh +++ b/src/libstore/include/nix/store/nar-accessor.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "nix/source-accessor.hh" +#include "nix/util/source-accessor.hh" #include diff --git a/src/libstore/include/nix/nar-info-disk-cache.hh b/src/libstore/include/nix/store/nar-info-disk-cache.hh similarity index 93% rename from src/libstore/include/nix/nar-info-disk-cache.hh rename to src/libstore/include/nix/store/nar-info-disk-cache.hh index 3a301f7e858..a7fde1fbf9d 100644 --- a/src/libstore/include/nix/nar-info-disk-cache.hh +++ b/src/libstore/include/nix/store/nar-info-disk-cache.hh @@ -1,9 +1,9 @@ #pragma once ///@file -#include "nix/ref.hh" -#include "nix/nar-info.hh" -#include "nix/realisation.hh" +#include "nix/util/ref.hh" +#include "nix/store/nar-info.hh" +#include "nix/store/realisation.hh" namespace nix { diff --git a/src/libstore/include/nix/nar-info.hh b/src/libstore/include/nix/store/nar-info.hh similarity index 92% rename from src/libstore/include/nix/nar-info.hh rename to src/libstore/include/nix/store/nar-info.hh index 117be878f29..d66b6e05838 100644 --- a/src/libstore/include/nix/nar-info.hh +++ b/src/libstore/include/nix/store/nar-info.hh @@ -1,9 +1,9 @@ #pragma once ///@file -#include "nix/types.hh" -#include "nix/hash.hh" -#include "nix/path-info.hh" +#include "nix/util/types.hh" +#include "nix/util/hash.hh" +#include "nix/store/path-info.hh" namespace nix { diff --git a/src/libstore/include/nix/outputs-spec.hh b/src/libstore/include/nix/store/outputs-spec.hh similarity index 97% rename from src/libstore/include/nix/outputs-spec.hh rename to src/libstore/include/nix/store/outputs-spec.hh index 324d3a33461..b89f425c25b 100644 --- a/src/libstore/include/nix/outputs-spec.hh +++ b/src/libstore/include/nix/store/outputs-spec.hh @@ -6,8 +6,8 @@ #include #include -#include "nix/json-impls.hh" -#include "nix/variant-wrapper.hh" +#include "nix/util/json-impls.hh" +#include "nix/util/variant-wrapper.hh" namespace nix { diff --git a/src/libstore/include/nix/parsed-derivations.hh b/src/libstore/include/nix/store/parsed-derivations.hh similarity index 94% rename from src/libstore/include/nix/parsed-derivations.hh rename to src/libstore/include/nix/store/parsed-derivations.hh index 34e254e0d05..d65db6133ba 100644 --- a/src/libstore/include/nix/parsed-derivations.hh +++ b/src/libstore/include/nix/store/parsed-derivations.hh @@ -1,8 +1,8 @@ #pragma once ///@file -#include "nix/derivations.hh" -#include "nix/store-api.hh" +#include "nix/store/derivations.hh" +#include "nix/store/store-api.hh" #include diff --git a/src/libstore/include/nix/path-info.hh b/src/libstore/include/nix/store/path-info.hh similarity index 97% rename from src/libstore/include/nix/path-info.hh rename to src/libstore/include/nix/store/path-info.hh index 45c411ddd81..9bd4934225a 100644 --- a/src/libstore/include/nix/path-info.hh +++ b/src/libstore/include/nix/store/path-info.hh @@ -1,10 +1,10 @@ #pragma once ///@file -#include "nix/signature/signer.hh" -#include "nix/path.hh" -#include "nix/hash.hh" -#include "nix/content-address.hh" +#include "nix/util/signature/signer.hh" +#include "nix/store/path.hh" +#include "nix/util/hash.hh" +#include "nix/store/content-address.hh" #include #include diff --git a/src/libstore/include/nix/path-references.hh b/src/libstore/include/nix/store/path-references.hh similarity index 89% rename from src/libstore/include/nix/path-references.hh rename to src/libstore/include/nix/store/path-references.hh index 0b5e427646b..b8d0b4dd0f7 100644 --- a/src/libstore/include/nix/path-references.hh +++ b/src/libstore/include/nix/store/path-references.hh @@ -1,8 +1,8 @@ #pragma once ///@file -#include "nix/references.hh" -#include "nix/path.hh" +#include "nix/util/references.hh" +#include "nix/store/path.hh" namespace nix { diff --git a/src/libstore/include/nix/path-regex.hh b/src/libstore/include/nix/store/path-regex.hh similarity index 100% rename from src/libstore/include/nix/path-regex.hh rename to src/libstore/include/nix/store/path-regex.hh diff --git a/src/libstore/include/nix/path-with-outputs.hh b/src/libstore/include/nix/store/path-with-outputs.hh similarity index 95% rename from src/libstore/include/nix/path-with-outputs.hh rename to src/libstore/include/nix/store/path-with-outputs.hh index e2ff303f274..76c1f9f8f37 100644 --- a/src/libstore/include/nix/path-with-outputs.hh +++ b/src/libstore/include/nix/store/path-with-outputs.hh @@ -1,8 +1,8 @@ #pragma once ///@file -#include "nix/path.hh" -#include "nix/derived-path.hh" +#include "nix/store/path.hh" +#include "nix/store/derived-path.hh" namespace nix { diff --git a/src/libstore/include/nix/path.hh b/src/libstore/include/nix/store/path.hh similarity index 98% rename from src/libstore/include/nix/path.hh rename to src/libstore/include/nix/store/path.hh index 56cd5aeb724..279e9dba4fa 100644 --- a/src/libstore/include/nix/path.hh +++ b/src/libstore/include/nix/store/path.hh @@ -3,7 +3,7 @@ #include -#include "nix/types.hh" +#include "nix/util/types.hh" namespace nix { diff --git a/src/libstore/include/nix/pathlocks.hh b/src/libstore/include/nix/store/pathlocks.hh similarity index 96% rename from src/libstore/include/nix/pathlocks.hh rename to src/libstore/include/nix/store/pathlocks.hh index 68f5a026238..33cad786865 100644 --- a/src/libstore/include/nix/pathlocks.hh +++ b/src/libstore/include/nix/store/pathlocks.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "nix/file-descriptor.hh" +#include "nix/util/file-descriptor.hh" namespace nix { diff --git a/src/libstore/include/nix/posix-fs-canonicalise.hh b/src/libstore/include/nix/store/posix-fs-canonicalise.hh similarity index 95% rename from src/libstore/include/nix/posix-fs-canonicalise.hh rename to src/libstore/include/nix/store/posix-fs-canonicalise.hh index 1309db098e9..1d669602375 100644 --- a/src/libstore/include/nix/posix-fs-canonicalise.hh +++ b/src/libstore/include/nix/store/posix-fs-canonicalise.hh @@ -4,8 +4,8 @@ #include #include -#include "nix/types.hh" -#include "nix/error.hh" +#include "nix/util/types.hh" +#include "nix/util/error.hh" namespace nix { diff --git a/src/libstore/include/nix/profiles.hh b/src/libstore/include/nix/store/profiles.hh similarity index 99% rename from src/libstore/include/nix/profiles.hh rename to src/libstore/include/nix/store/profiles.hh index 85f45cb73d4..804c6e2b799 100644 --- a/src/libstore/include/nix/profiles.hh +++ b/src/libstore/include/nix/store/profiles.hh @@ -7,8 +7,8 @@ * See the manual for additional information. */ -#include "nix/types.hh" -#include "nix/pathlocks.hh" +#include "nix/util/types.hh" +#include "nix/store/pathlocks.hh" #include #include diff --git a/src/libstore/include/nix/realisation.hh b/src/libstore/include/nix/store/realisation.hh similarity index 96% rename from src/libstore/include/nix/realisation.hh rename to src/libstore/include/nix/store/realisation.hh index 2d868980c63..b93ae37b652 100644 --- a/src/libstore/include/nix/realisation.hh +++ b/src/libstore/include/nix/store/realisation.hh @@ -3,12 +3,12 @@ #include -#include "nix/hash.hh" -#include "nix/path.hh" -#include "nix/derived-path.hh" +#include "nix/util/hash.hh" +#include "nix/store/path.hh" +#include "nix/store/derived-path.hh" #include -#include "nix/comparator.hh" -#include "nix/signature/signer.hh" +#include "nix/util/comparator.hh" +#include "nix/util/signature/signer.hh" namespace nix { diff --git a/src/libstore/include/nix/remote-fs-accessor.hh b/src/libstore/include/nix/store/remote-fs-accessor.hh similarity index 90% rename from src/libstore/include/nix/remote-fs-accessor.hh rename to src/libstore/include/nix/store/remote-fs-accessor.hh index 5abb195ee00..75a840fb0d6 100644 --- a/src/libstore/include/nix/remote-fs-accessor.hh +++ b/src/libstore/include/nix/store/remote-fs-accessor.hh @@ -1,9 +1,9 @@ #pragma once ///@file -#include "nix/source-accessor.hh" -#include "nix/ref.hh" -#include "nix/store-api.hh" +#include "nix/util/source-accessor.hh" +#include "nix/util/ref.hh" +#include "nix/store/store-api.hh" namespace nix { diff --git a/src/libstore/include/nix/remote-store-connection.hh b/src/libstore/include/nix/store/remote-store-connection.hh similarity index 90% rename from src/libstore/include/nix/remote-store-connection.hh rename to src/libstore/include/nix/store/remote-store-connection.hh index 5b11a04f770..33ec265c2ac 100644 --- a/src/libstore/include/nix/remote-store-connection.hh +++ b/src/libstore/include/nix/store/remote-store-connection.hh @@ -1,10 +1,10 @@ #pragma once ///@file -#include "nix/remote-store.hh" -#include "nix/worker-protocol.hh" -#include "nix/worker-protocol-connection.hh" -#include "nix/pool.hh" +#include "nix/store/remote-store.hh" +#include "nix/store/worker-protocol.hh" +#include "nix/store/worker-protocol-connection.hh" +#include "nix/util/pool.hh" namespace nix { diff --git a/src/libstore/include/nix/remote-store.hh b/src/libstore/include/nix/store/remote-store.hh similarity index 98% rename from src/libstore/include/nix/remote-store.hh rename to src/libstore/include/nix/store/remote-store.hh index ebc9b2a814e..ecf18bd7659 100644 --- a/src/libstore/include/nix/remote-store.hh +++ b/src/libstore/include/nix/store/remote-store.hh @@ -4,9 +4,9 @@ #include #include -#include "nix/store-api.hh" -#include "nix/gc-store.hh" -#include "nix/log-store.hh" +#include "nix/store/store-api.hh" +#include "nix/store/gc-store.hh" +#include "nix/store/log-store.hh" namespace nix { diff --git a/src/libstore/include/nix/s3-binary-cache-store.hh b/src/libstore/include/nix/store/s3-binary-cache-store.hh similarity index 98% rename from src/libstore/include/nix/s3-binary-cache-store.hh rename to src/libstore/include/nix/store/s3-binary-cache-store.hh index a0ca22bbbe5..eec2dc6eec3 100644 --- a/src/libstore/include/nix/s3-binary-cache-store.hh +++ b/src/libstore/include/nix/store/s3-binary-cache-store.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "nix/binary-cache-store.hh" +#include "nix/store/binary-cache-store.hh" #include diff --git a/src/libstore/include/nix/s3.hh b/src/libstore/include/nix/store/s3.hh similarity index 96% rename from src/libstore/include/nix/s3.hh rename to src/libstore/include/nix/store/s3.hh index 367c41d3682..c49fa3fb8b2 100644 --- a/src/libstore/include/nix/s3.hh +++ b/src/libstore/include/nix/store/s3.hh @@ -3,7 +3,7 @@ #if ENABLE_S3 -#include "nix/ref.hh" +#include "nix/util/ref.hh" #include #include diff --git a/src/libstore/include/nix/serve-protocol-connection.hh b/src/libstore/include/nix/store/serve-protocol-connection.hh similarity index 97% rename from src/libstore/include/nix/serve-protocol-connection.hh rename to src/libstore/include/nix/store/serve-protocol-connection.hh index f1a9e1edee4..5822b499099 100644 --- a/src/libstore/include/nix/serve-protocol-connection.hh +++ b/src/libstore/include/nix/store/serve-protocol-connection.hh @@ -1,8 +1,8 @@ #pragma once ///@file -#include "nix/serve-protocol.hh" -#include "nix/store-api.hh" +#include "nix/store/serve-protocol.hh" +#include "nix/store/store-api.hh" namespace nix { diff --git a/src/libstore/include/nix/serve-protocol-impl.hh b/src/libstore/include/nix/store/serve-protocol-impl.hh similarity index 94% rename from src/libstore/include/nix/serve-protocol-impl.hh rename to src/libstore/include/nix/store/serve-protocol-impl.hh index 2621d3b428e..769b9ae2b99 100644 --- a/src/libstore/include/nix/serve-protocol-impl.hh +++ b/src/libstore/include/nix/store/serve-protocol-impl.hh @@ -8,8 +8,8 @@ * contributing guide. */ -#include "nix/serve-protocol.hh" -#include "nix/length-prefixed-protocol-helper.hh" +#include "nix/store/serve-protocol.hh" +#include "nix/store/length-prefixed-protocol-helper.hh" namespace nix { diff --git a/src/libstore/include/nix/serve-protocol.hh b/src/libstore/include/nix/store/serve-protocol.hh similarity index 99% rename from src/libstore/include/nix/serve-protocol.hh rename to src/libstore/include/nix/store/serve-protocol.hh index a8587f6183a..76f0ecd49c3 100644 --- a/src/libstore/include/nix/serve-protocol.hh +++ b/src/libstore/include/nix/store/serve-protocol.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "nix/common-protocol.hh" +#include "nix/store/common-protocol.hh" namespace nix { diff --git a/src/libstore/include/nix/sqlite.hh b/src/libstore/include/nix/store/sqlite.hh similarity index 99% rename from src/libstore/include/nix/sqlite.hh rename to src/libstore/include/nix/store/sqlite.hh index 4143fa8a4e4..266930d75a8 100644 --- a/src/libstore/include/nix/sqlite.hh +++ b/src/libstore/include/nix/store/sqlite.hh @@ -4,7 +4,7 @@ #include #include -#include "nix/error.hh" +#include "nix/util/error.hh" struct sqlite3; struct sqlite3_stmt; diff --git a/src/libstore/include/nix/ssh-store.hh b/src/libstore/include/nix/store/ssh-store.hh similarity index 89% rename from src/libstore/include/nix/ssh-store.hh rename to src/libstore/include/nix/store/ssh-store.hh index 34ec4f79eca..76e8e33a467 100644 --- a/src/libstore/include/nix/ssh-store.hh +++ b/src/libstore/include/nix/store/ssh-store.hh @@ -1,10 +1,10 @@ #pragma once ///@file -#include "nix/common-ssh-store-config.hh" -#include "nix/store-api.hh" -#include "nix/local-fs-store.hh" -#include "nix/remote-store.hh" +#include "nix/store/common-ssh-store-config.hh" +#include "nix/store/store-api.hh" +#include "nix/store/local-fs-store.hh" +#include "nix/store/remote-store.hh" namespace nix { diff --git a/src/libstore/include/nix/ssh.hh b/src/libstore/include/nix/store/ssh.hh similarity index 95% rename from src/libstore/include/nix/ssh.hh rename to src/libstore/include/nix/store/ssh.hh index fa046d6de19..40f2189d872 100644 --- a/src/libstore/include/nix/ssh.hh +++ b/src/libstore/include/nix/store/ssh.hh @@ -1,9 +1,9 @@ #pragma once ///@file -#include "nix/sync.hh" -#include "nix/processes.hh" -#include "nix/file-system.hh" +#include "nix/util/sync.hh" +#include "nix/util/processes.hh" +#include "nix/util/file-system.hh" namespace nix { diff --git a/src/libstore/include/nix/store-api.hh b/src/libstore/include/nix/store/store-api.hh similarity index 98% rename from src/libstore/include/nix/store-api.hh rename to src/libstore/include/nix/store/store-api.hh index 8e297dab2f9..cee1dba6e80 100644 --- a/src/libstore/include/nix/store-api.hh +++ b/src/libstore/include/nix/store/store-api.hh @@ -1,20 +1,20 @@ #pragma once ///@file -#include "nix/path.hh" -#include "nix/derived-path.hh" -#include "nix/hash.hh" -#include "nix/content-address.hh" -#include "nix/serialise.hh" -#include "nix/lru-cache.hh" -#include "nix/sync.hh" -#include "nix/globals.hh" -#include "nix/config.hh" -#include "nix/path-info.hh" -#include "nix/repair-flag.hh" -#include "nix/store-dir-config.hh" -#include "nix/store-reference.hh" -#include "nix/source-path.hh" +#include "nix/store/path.hh" +#include "nix/store/derived-path.hh" +#include "nix/util/hash.hh" +#include "nix/store/content-address.hh" +#include "nix/util/serialise.hh" +#include "nix/util/lru-cache.hh" +#include "nix/util/sync.hh" +#include "nix/store/globals.hh" +#include "nix/util/configuration.hh" +#include "nix/store/path-info.hh" +#include "nix/util/repair-flag.hh" +#include "nix/store/store-dir-config.hh" +#include "nix/store/store-reference.hh" +#include "nix/util/source-path.hh" #include #include diff --git a/src/libstore/include/nix/store-cast.hh b/src/libstore/include/nix/store/store-cast.hh similarity index 93% rename from src/libstore/include/nix/store-cast.hh rename to src/libstore/include/nix/store/store-cast.hh index 4e6691016fb..0bf61bb7733 100644 --- a/src/libstore/include/nix/store-cast.hh +++ b/src/libstore/include/nix/store/store-cast.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "nix/store-api.hh" +#include "nix/store/store-api.hh" namespace nix { diff --git a/src/libstore/include/nix/store-dir-config.hh b/src/libstore/include/nix/store/store-dir-config.hh similarity index 94% rename from src/libstore/include/nix/store-dir-config.hh rename to src/libstore/include/nix/store/store-dir-config.hh index 66e084a2494..845a003f5b8 100644 --- a/src/libstore/include/nix/store-dir-config.hh +++ b/src/libstore/include/nix/store/store-dir-config.hh @@ -1,10 +1,10 @@ #pragma once -#include "nix/path.hh" -#include "nix/hash.hh" -#include "nix/content-address.hh" -#include "nix/globals.hh" -#include "nix/config.hh" +#include "nix/store/path.hh" +#include "nix/util/hash.hh" +#include "nix/store/content-address.hh" +#include "nix/store/globals.hh" +#include "nix/util/configuration.hh" #include #include diff --git a/src/libstore/include/nix/store-reference.hh b/src/libstore/include/nix/store/store-reference.hh similarity index 98% rename from src/libstore/include/nix/store-reference.hh rename to src/libstore/include/nix/store/store-reference.hh index 922640fe002..433a347aaca 100644 --- a/src/libstore/include/nix/store-reference.hh +++ b/src/libstore/include/nix/store/store-reference.hh @@ -3,7 +3,7 @@ #include -#include "nix/types.hh" +#include "nix/util/types.hh" namespace nix { diff --git a/src/libstore/include/nix/uds-remote-store.hh b/src/libstore/include/nix/store/uds-remote-store.hh similarity index 94% rename from src/libstore/include/nix/uds-remote-store.hh rename to src/libstore/include/nix/store/uds-remote-store.hh index 0a2e3fe9f57..f7ef760580d 100644 --- a/src/libstore/include/nix/uds-remote-store.hh +++ b/src/libstore/include/nix/store/uds-remote-store.hh @@ -1,9 +1,9 @@ #pragma once ///@file -#include "nix/remote-store.hh" -#include "nix/remote-store-connection.hh" -#include "nix/indirect-root-store.hh" +#include "nix/store/remote-store.hh" +#include "nix/store/remote-store-connection.hh" +#include "nix/store/indirect-root-store.hh" namespace nix { diff --git a/src/libstore/include/nix/worker-protocol-connection.hh b/src/libstore/include/nix/store/worker-protocol-connection.hh similarity index 98% rename from src/libstore/include/nix/worker-protocol-connection.hh rename to src/libstore/include/nix/store/worker-protocol-connection.hh index a1a4668f254..df2fe0ec29e 100644 --- a/src/libstore/include/nix/worker-protocol-connection.hh +++ b/src/libstore/include/nix/store/worker-protocol-connection.hh @@ -1,8 +1,8 @@ #pragma once ///@file -#include "nix/worker-protocol.hh" -#include "nix/store-api.hh" +#include "nix/store/worker-protocol.hh" +#include "nix/store/store-api.hh" namespace nix { diff --git a/src/libstore/include/nix/worker-protocol-impl.hh b/src/libstore/include/nix/store/worker-protocol-impl.hh similarity index 94% rename from src/libstore/include/nix/worker-protocol-impl.hh rename to src/libstore/include/nix/store/worker-protocol-impl.hh index 902d21542b6..337c245e292 100644 --- a/src/libstore/include/nix/worker-protocol-impl.hh +++ b/src/libstore/include/nix/store/worker-protocol-impl.hh @@ -8,8 +8,8 @@ * contributing guide. */ -#include "nix/worker-protocol.hh" -#include "nix/length-prefixed-protocol-helper.hh" +#include "nix/store/worker-protocol.hh" +#include "nix/store/length-prefixed-protocol-helper.hh" namespace nix { diff --git a/src/libstore/include/nix/worker-protocol.hh b/src/libstore/include/nix/store/worker-protocol.hh similarity index 99% rename from src/libstore/include/nix/worker-protocol.hh rename to src/libstore/include/nix/store/worker-protocol.hh index 175ddf01f68..3060681b8ea 100644 --- a/src/libstore/include/nix/worker-protocol.hh +++ b/src/libstore/include/nix/store/worker-protocol.hh @@ -3,7 +3,7 @@ #include -#include "nix/common-protocol.hh" +#include "nix/store/common-protocol.hh" namespace nix { diff --git a/src/libstore/indirect-root-store.cc b/src/libstore/indirect-root-store.cc index 1b51cbe153a..e23c01e5de5 100644 --- a/src/libstore/indirect-root-store.cc +++ b/src/libstore/indirect-root-store.cc @@ -1,4 +1,4 @@ -#include "nix/indirect-root-store.hh" +#include "nix/store/indirect-root-store.hh" namespace nix { diff --git a/src/libstore/keys.cc b/src/libstore/keys.cc index 1b2a612a2be..9abea952043 100644 --- a/src/libstore/keys.cc +++ b/src/libstore/keys.cc @@ -1,6 +1,6 @@ -#include "nix/file-system.hh" -#include "nix/globals.hh" -#include "nix/keys.hh" +#include "nix/util/file-system.hh" +#include "nix/store/globals.hh" +#include "nix/store/keys.hh" namespace nix { diff --git a/src/libstore/legacy-ssh-store.cc b/src/libstore/legacy-ssh-store.cc index bc2794499de..1512a7944a9 100644 --- a/src/libstore/legacy-ssh-store.cc +++ b/src/libstore/legacy-ssh-store.cc @@ -1,17 +1,17 @@ -#include "nix/legacy-ssh-store.hh" -#include "nix/common-ssh-store-config.hh" -#include "nix/archive.hh" -#include "nix/pool.hh" -#include "nix/remote-store.hh" -#include "nix/serve-protocol.hh" -#include "nix/serve-protocol-connection.hh" -#include "nix/serve-protocol-impl.hh" -#include "nix/build-result.hh" -#include "nix/store-api.hh" -#include "nix/path-with-outputs.hh" -#include "nix/ssh.hh" -#include "nix/derivations.hh" -#include "nix/callback.hh" +#include "nix/store/legacy-ssh-store.hh" +#include "nix/store/common-ssh-store-config.hh" +#include "nix/util/archive.hh" +#include "nix/util/pool.hh" +#include "nix/store/remote-store.hh" +#include "nix/store/serve-protocol.hh" +#include "nix/store/serve-protocol-connection.hh" +#include "nix/store/serve-protocol-impl.hh" +#include "nix/store/build-result.hh" +#include "nix/store/store-api.hh" +#include "nix/store/path-with-outputs.hh" +#include "nix/store/ssh.hh" +#include "nix/store/derivations.hh" +#include "nix/util/callback.hh" namespace nix { diff --git a/src/libstore/linux/include/nix/fchmodat2-compat.hh b/src/libstore/linux/include/nix/store/fchmodat2-compat.hh similarity index 100% rename from src/libstore/linux/include/nix/fchmodat2-compat.hh rename to src/libstore/linux/include/nix/store/fchmodat2-compat.hh diff --git a/src/libstore/linux/include/nix/meson.build b/src/libstore/linux/include/nix/store/meson.build similarity index 59% rename from src/libstore/linux/include/nix/meson.build rename to src/libstore/linux/include/nix/store/meson.build index f37370c6fb7..fd05fcaea62 100644 --- a/src/libstore/linux/include/nix/meson.build +++ b/src/libstore/linux/include/nix/store/meson.build @@ -1,4 +1,4 @@ -include_dirs += include_directories('..') +include_dirs += include_directories('../..') headers += files( 'fchmodat2-compat.hh', diff --git a/src/libstore/linux/include/nix/personality.hh b/src/libstore/linux/include/nix/store/personality.hh similarity index 100% rename from src/libstore/linux/include/nix/personality.hh rename to src/libstore/linux/include/nix/store/personality.hh diff --git a/src/libstore/linux/meson.build b/src/libstore/linux/meson.build index b9a2aed2168..6fc193cf898 100644 --- a/src/libstore/linux/meson.build +++ b/src/libstore/linux/meson.build @@ -2,4 +2,4 @@ sources += files( 'personality.cc', ) -subdir('include/nix') +subdir('include/nix/store') diff --git a/src/libstore/linux/personality.cc b/src/libstore/linux/personality.cc index 452bd3e4b50..e87006d86f1 100644 --- a/src/libstore/linux/personality.cc +++ b/src/libstore/linux/personality.cc @@ -1,5 +1,5 @@ -#include "nix/personality.hh" -#include "nix/globals.hh" +#include "nix/store/personality.hh" +#include "nix/store/globals.hh" #include #include diff --git a/src/libstore/local-binary-cache-store.cc b/src/libstore/local-binary-cache-store.cc index 90a770ab0c1..212eacc8c0a 100644 --- a/src/libstore/local-binary-cache-store.cc +++ b/src/libstore/local-binary-cache-store.cc @@ -1,7 +1,7 @@ -#include "nix/local-binary-cache-store.hh" -#include "nix/globals.hh" -#include "nix/nar-info-disk-cache.hh" -#include "nix/signals.hh" +#include "nix/store/local-binary-cache-store.hh" +#include "nix/store/globals.hh" +#include "nix/store/nar-info-disk-cache.hh" +#include "nix/util/signals.hh" #include diff --git a/src/libstore/local-fs-store.cc b/src/libstore/local-fs-store.cc index 2798899faaa..599765ced2c 100644 --- a/src/libstore/local-fs-store.cc +++ b/src/libstore/local-fs-store.cc @@ -1,10 +1,10 @@ -#include "nix/archive.hh" -#include "nix/posix-source-accessor.hh" -#include "nix/store-api.hh" -#include "nix/local-fs-store.hh" -#include "nix/globals.hh" -#include "nix/compression.hh" -#include "nix/derivations.hh" +#include "nix/util/archive.hh" +#include "nix/util/posix-source-accessor.hh" +#include "nix/store/store-api.hh" +#include "nix/store/local-fs-store.hh" +#include "nix/store/globals.hh" +#include "nix/util/compression.hh" +#include "nix/store/derivations.hh" namespace nix { diff --git a/src/libstore/local-overlay-store.cc b/src/libstore/local-overlay-store.cc index c2cc329b4d2..38fa634ca2b 100644 --- a/src/libstore/local-overlay-store.cc +++ b/src/libstore/local-overlay-store.cc @@ -1,8 +1,8 @@ -#include "nix/local-overlay-store.hh" -#include "nix/callback.hh" -#include "nix/realisation.hh" -#include "nix/processes.hh" -#include "nix/url.hh" +#include "nix/store/local-overlay-store.hh" +#include "nix/util/callback.hh" +#include "nix/store/realisation.hh" +#include "nix/util/processes.hh" +#include "nix/util/url.hh" #include namespace nix { diff --git a/src/libstore/local-store.cc b/src/libstore/local-store.cc index 60c20bd65b8..e0699fac02b 100644 --- a/src/libstore/local-store.cc +++ b/src/libstore/local-store.cc @@ -1,22 +1,22 @@ -#include "nix/local-store.hh" -#include "nix/globals.hh" -#include "nix/git.hh" -#include "nix/archive.hh" -#include "nix/pathlocks.hh" -#include "nix/worker-protocol.hh" -#include "nix/derivations.hh" -#include "nix/realisation.hh" -#include "nix/nar-info.hh" -#include "nix/references.hh" -#include "nix/callback.hh" -#include "nix/topo-sort.hh" -#include "nix/finally.hh" -#include "nix/compression.hh" -#include "nix/signals.hh" -#include "nix/posix-fs-canonicalise.hh" -#include "nix/posix-source-accessor.hh" -#include "nix/keys.hh" -#include "nix/users.hh" +#include "nix/store/local-store.hh" +#include "nix/store/globals.hh" +#include "nix/util/git.hh" +#include "nix/util/archive.hh" +#include "nix/store/pathlocks.hh" +#include "nix/store/worker-protocol.hh" +#include "nix/store/derivations.hh" +#include "nix/store/realisation.hh" +#include "nix/store/nar-info.hh" +#include "nix/util/references.hh" +#include "nix/util/callback.hh" +#include "nix/util/topo-sort.hh" +#include "nix/util/finally.hh" +#include "nix/util/compression.hh" +#include "nix/util/signals.hh" +#include "nix/store/posix-fs-canonicalise.hh" +#include "nix/util/posix-source-accessor.hh" +#include "nix/store/keys.hh" +#include "nix/util/users.hh" #include #include @@ -52,7 +52,7 @@ #include -#include "nix/strings.hh" +#include "nix/util/strings.hh" #include "store-config-private.hh" diff --git a/src/libstore/log-store.cc b/src/libstore/log-store.cc index b2c2ff16a9d..2ef791e19a0 100644 --- a/src/libstore/log-store.cc +++ b/src/libstore/log-store.cc @@ -1,4 +1,4 @@ -#include "nix/log-store.hh" +#include "nix/store/log-store.hh" namespace nix { diff --git a/src/libstore/machines.cc b/src/libstore/machines.cc index 7710ae99b75..7c077239d69 100644 --- a/src/libstore/machines.cc +++ b/src/libstore/machines.cc @@ -1,6 +1,6 @@ -#include "nix/machines.hh" -#include "nix/globals.hh" -#include "nix/store-api.hh" +#include "nix/store/machines.hh" +#include "nix/store/globals.hh" +#include "nix/store/store-api.hh" #include diff --git a/src/libstore/make-content-addressed.cc b/src/libstore/make-content-addressed.cc index c7d44b1a935..606d72866c6 100644 --- a/src/libstore/make-content-addressed.cc +++ b/src/libstore/make-content-addressed.cc @@ -1,5 +1,5 @@ -#include "nix/make-content-addressed.hh" -#include "nix/references.hh" +#include "nix/store/make-content-addressed.hh" +#include "nix/util/references.hh" namespace nix { diff --git a/src/libstore/meson.build b/src/libstore/meson.build index b558c3bc923..1ee11ec11f7 100644 --- a/src/libstore/meson.build +++ b/src/libstore/meson.build @@ -251,7 +251,7 @@ sources = files( 'worker-protocol.cc', ) -subdir('include/nix') +subdir('include/nix/store') if host_machine.system() == 'linux' subdir('linux') @@ -362,7 +362,7 @@ this_library = library( install : true, ) -install_headers(headers, subdir : 'nix', preserve_path : true) +install_headers(headers, subdir : 'nix/store', preserve_path : true) libraries_private = [] diff --git a/src/libstore/misc.cc b/src/libstore/misc.cc index ef08f4af7b4..0e2b62db511 100644 --- a/src/libstore/misc.cc +++ b/src/libstore/misc.cc @@ -1,17 +1,17 @@ #include -#include "nix/derivations.hh" -#include "nix/parsed-derivations.hh" -#include "nix/derivation-options.hh" -#include "nix/globals.hh" -#include "nix/store-api.hh" -#include "nix/thread-pool.hh" -#include "nix/realisation.hh" -#include "nix/topo-sort.hh" -#include "nix/callback.hh" -#include "nix/closure.hh" -#include "nix/filetransfer.hh" -#include "nix/strings.hh" +#include "nix/store/derivations.hh" +#include "nix/store/parsed-derivations.hh" +#include "nix/store/derivation-options.hh" +#include "nix/store/globals.hh" +#include "nix/store/store-api.hh" +#include "nix/util/thread-pool.hh" +#include "nix/store/realisation.hh" +#include "nix/util/topo-sort.hh" +#include "nix/util/callback.hh" +#include "nix/util/closure.hh" +#include "nix/store/filetransfer.hh" +#include "nix/util/strings.hh" namespace nix { diff --git a/src/libstore/names.cc b/src/libstore/names.cc index 2842bf3fb83..998b9356a2a 100644 --- a/src/libstore/names.cc +++ b/src/libstore/names.cc @@ -1,5 +1,5 @@ -#include "nix/names.hh" -#include "nix/util.hh" +#include "nix/store/names.hh" +#include "nix/util/util.hh" #include diff --git a/src/libstore/nar-accessor.cc b/src/libstore/nar-accessor.cc index 7fe2e7ecbff..6aba68a368b 100644 --- a/src/libstore/nar-accessor.cc +++ b/src/libstore/nar-accessor.cc @@ -1,5 +1,5 @@ -#include "nix/nar-accessor.hh" -#include "nix/archive.hh" +#include "nix/store/nar-accessor.hh" +#include "nix/util/archive.hh" #include #include diff --git a/src/libstore/nar-info-disk-cache.cc b/src/libstore/nar-info-disk-cache.cc index acb7bd3bfbc..5d72ba8aea2 100644 --- a/src/libstore/nar-info-disk-cache.cc +++ b/src/libstore/nar-info-disk-cache.cc @@ -1,13 +1,13 @@ -#include "nix/nar-info-disk-cache.hh" -#include "nix/users.hh" -#include "nix/sync.hh" -#include "nix/sqlite.hh" -#include "nix/globals.hh" +#include "nix/store/nar-info-disk-cache.hh" +#include "nix/util/users.hh" +#include "nix/util/sync.hh" +#include "nix/store/sqlite.hh" +#include "nix/store/globals.hh" #include #include -#include "nix/strings.hh" +#include "nix/util/strings.hh" namespace nix { diff --git a/src/libstore/nar-info.cc b/src/libstore/nar-info.cc index 176332a4ada..ba80652d088 100644 --- a/src/libstore/nar-info.cc +++ b/src/libstore/nar-info.cc @@ -1,8 +1,8 @@ -#include "nix/globals.hh" -#include "nix/nar-info.hh" -#include "nix/store-api.hh" -#include "nix/strings.hh" -#include "nix/json-utils.hh" +#include "nix/store/globals.hh" +#include "nix/store/nar-info.hh" +#include "nix/store/store-api.hh" +#include "nix/util/strings.hh" +#include "nix/util/json-utils.hh" namespace nix { diff --git a/src/libstore/optimise-store.cc b/src/libstore/optimise-store.cc index c2cda58e7cc..17e13758b6e 100644 --- a/src/libstore/optimise-store.cc +++ b/src/libstore/optimise-store.cc @@ -1,8 +1,8 @@ -#include "nix/local-store.hh" -#include "nix/globals.hh" -#include "nix/signals.hh" -#include "nix/posix-fs-canonicalise.hh" -#include "nix/posix-source-accessor.hh" +#include "nix/store/local-store.hh" +#include "nix/store/globals.hh" +#include "nix/util/signals.hh" +#include "nix/store/posix-fs-canonicalise.hh" +#include "nix/util/posix-source-accessor.hh" #include #include diff --git a/src/libstore/outputs-spec.cc b/src/libstore/outputs-spec.cc index 7d56a7afdbe..28fe45de91e 100644 --- a/src/libstore/outputs-spec.cc +++ b/src/libstore/outputs-spec.cc @@ -1,11 +1,11 @@ #include #include -#include "nix/util.hh" -#include "nix/regex-combinators.hh" -#include "nix/outputs-spec.hh" -#include "nix/path-regex.hh" -#include "nix/strings-inline.hh" +#include "nix/util/util.hh" +#include "nix/util/regex-combinators.hh" +#include "nix/store/outputs-spec.hh" +#include "nix/store/path-regex.hh" +#include "nix/util/strings-inline.hh" namespace nix { diff --git a/src/libstore/package.nix b/src/libstore/package.nix index 553bc043e53..775776139ae 100644 --- a/src/libstore/package.nix +++ b/src/libstore/package.nix @@ -43,11 +43,11 @@ mkMesonLibrary (finalAttrs: { ./.version ./meson.build ./meson.options - ./include/nix/meson.build + ./include/nix/store/meson.build ./linux/meson.build - ./linux/include/nix/meson.build + ./linux/include/nix/store/meson.build ./unix/meson.build - ./unix/include/nix/meson.build + ./unix/include/nix/store/meson.build ./windows/meson.build (fileset.fileFilter (file: file.hasExt "cc") ./.) (fileset.fileFilter (file: file.hasExt "hh") ./.) diff --git a/src/libstore/parsed-derivations.cc b/src/libstore/parsed-derivations.cc index 0e8f9ba9518..cc7203c6b26 100644 --- a/src/libstore/parsed-derivations.cc +++ b/src/libstore/parsed-derivations.cc @@ -1,4 +1,4 @@ -#include "nix/parsed-derivations.hh" +#include "nix/store/parsed-derivations.hh" #include #include diff --git a/src/libstore/path-info.cc b/src/libstore/path-info.cc index 574ada7ac28..df20edb3b62 100644 --- a/src/libstore/path-info.cc +++ b/src/libstore/path-info.cc @@ -1,10 +1,10 @@ #include -#include "nix/path-info.hh" -#include "nix/store-api.hh" -#include "nix/json-utils.hh" -#include "nix/comparator.hh" -#include "nix/strings.hh" +#include "nix/store/path-info.hh" +#include "nix/store/store-api.hh" +#include "nix/util/json-utils.hh" +#include "nix/util/comparator.hh" +#include "nix/util/strings.hh" namespace nix { diff --git a/src/libstore/path-references.cc b/src/libstore/path-references.cc index a5aa8f48f59..c06647eb1e3 100644 --- a/src/libstore/path-references.cc +++ b/src/libstore/path-references.cc @@ -1,6 +1,6 @@ -#include "nix/path-references.hh" -#include "nix/hash.hh" -#include "nix/archive.hh" +#include "nix/store/path-references.hh" +#include "nix/util/hash.hh" +#include "nix/util/archive.hh" #include #include diff --git a/src/libstore/path-with-outputs.cc b/src/libstore/path-with-outputs.cc index 87f7c6a726c..9fbbc8f46f9 100644 --- a/src/libstore/path-with-outputs.cc +++ b/src/libstore/path-with-outputs.cc @@ -1,8 +1,8 @@ #include -#include "nix/path-with-outputs.hh" -#include "nix/store-api.hh" -#include "nix/strings.hh" +#include "nix/store/path-with-outputs.hh" +#include "nix/store/store-api.hh" +#include "nix/util/strings.hh" namespace nix { diff --git a/src/libstore/path.cc b/src/libstore/path.cc index d1eb02e709a..5dd1a169981 100644 --- a/src/libstore/path.cc +++ b/src/libstore/path.cc @@ -1,4 +1,4 @@ -#include "nix/store-dir-config.hh" +#include "nix/store/store-dir-config.hh" namespace nix { diff --git a/src/libstore/pathlocks.cc b/src/libstore/pathlocks.cc index 36bee67416e..34acfb02d19 100644 --- a/src/libstore/pathlocks.cc +++ b/src/libstore/pathlocks.cc @@ -1,7 +1,7 @@ -#include "nix/pathlocks.hh" -#include "nix/util.hh" -#include "nix/sync.hh" -#include "nix/signals.hh" +#include "nix/store/pathlocks.hh" +#include "nix/util/util.hh" +#include "nix/util/sync.hh" +#include "nix/util/signals.hh" #include #include diff --git a/src/libstore/posix-fs-canonicalise.cc b/src/libstore/posix-fs-canonicalise.cc index c1b45132460..df51ba307cf 100644 --- a/src/libstore/posix-fs-canonicalise.cc +++ b/src/libstore/posix-fs-canonicalise.cc @@ -1,10 +1,9 @@ -#include "nix/posix-fs-canonicalise.hh" -#include "nix/file-system.hh" -#include "nix/signals.hh" -#include "nix/util.hh" -#include "nix/globals.hh" -#include "nix/store-api.hh" -#include "nix/store-config.hh" +#include "nix/store/posix-fs-canonicalise.hh" +#include "nix/util/file-system.hh" +#include "nix/util/signals.hh" +#include "nix/util/util.hh" +#include "nix/store/globals.hh" +#include "nix/store/store-api.hh" #include "store-config-private.hh" diff --git a/src/libstore/profiles.cc b/src/libstore/profiles.cc index 19358f1360e..bd24332cbac 100644 --- a/src/libstore/profiles.cc +++ b/src/libstore/profiles.cc @@ -1,8 +1,8 @@ -#include "nix/profiles.hh" -#include "nix/signals.hh" -#include "nix/store-api.hh" -#include "nix/local-fs-store.hh" -#include "nix/users.hh" +#include "nix/store/profiles.hh" +#include "nix/util/signals.hh" +#include "nix/store/store-api.hh" +#include "nix/store/local-fs-store.hh" +#include "nix/util/users.hh" #include #include diff --git a/src/libstore/realisation.cc b/src/libstore/realisation.cc index 63b156b30a2..635fb6946bf 100644 --- a/src/libstore/realisation.cc +++ b/src/libstore/realisation.cc @@ -1,7 +1,7 @@ -#include "nix/realisation.hh" -#include "nix/store-api.hh" -#include "nix/closure.hh" -#include "nix/signature/local-keys.hh" +#include "nix/store/realisation.hh" +#include "nix/store/store-api.hh" +#include "nix/util/closure.hh" +#include "nix/util/signature/local-keys.hh" #include namespace nix { diff --git a/src/libstore/remote-fs-accessor.cc b/src/libstore/remote-fs-accessor.cc index 2b3f0675d04..340e7ee2ed4 100644 --- a/src/libstore/remote-fs-accessor.cc +++ b/src/libstore/remote-fs-accessor.cc @@ -1,6 +1,6 @@ #include -#include "nix/remote-fs-accessor.hh" -#include "nix/nar-accessor.hh" +#include "nix/store/remote-fs-accessor.hh" +#include "nix/store/nar-accessor.hh" #include #include diff --git a/src/libstore/remote-store.cc b/src/libstore/remote-store.cc index bae03e5d049..0533b7c8a53 100644 --- a/src/libstore/remote-store.cc +++ b/src/libstore/remote-store.cc @@ -1,23 +1,23 @@ -#include "nix/serialise.hh" -#include "nix/util.hh" -#include "nix/path-with-outputs.hh" -#include "nix/gc-store.hh" -#include "nix/remote-fs-accessor.hh" -#include "nix/build-result.hh" -#include "nix/remote-store.hh" -#include "nix/remote-store-connection.hh" -#include "nix/worker-protocol.hh" -#include "nix/worker-protocol-impl.hh" -#include "nix/archive.hh" -#include "nix/globals.hh" -#include "nix/derivations.hh" -#include "nix/pool.hh" -#include "nix/finally.hh" -#include "nix/git.hh" -#include "nix/logging.hh" -#include "nix/callback.hh" -#include "nix/filetransfer.hh" -#include "nix/signals.hh" +#include "nix/util/serialise.hh" +#include "nix/util/util.hh" +#include "nix/store/path-with-outputs.hh" +#include "nix/store/gc-store.hh" +#include "nix/store/remote-fs-accessor.hh" +#include "nix/store/build-result.hh" +#include "nix/store/remote-store.hh" +#include "nix/store/remote-store-connection.hh" +#include "nix/store/worker-protocol.hh" +#include "nix/store/worker-protocol-impl.hh" +#include "nix/util/archive.hh" +#include "nix/store/globals.hh" +#include "nix/store/derivations.hh" +#include "nix/util/pool.hh" +#include "nix/util/finally.hh" +#include "nix/util/git.hh" +#include "nix/util/logging.hh" +#include "nix/util/callback.hh" +#include "nix/store/filetransfer.hh" +#include "nix/util/signals.hh" #include diff --git a/src/libstore/s3-binary-cache-store.cc b/src/libstore/s3-binary-cache-store.cc index 69ebad75b63..e76a508ba73 100644 --- a/src/libstore/s3-binary-cache-store.cc +++ b/src/libstore/s3-binary-cache-store.cc @@ -2,14 +2,14 @@ #include -#include "nix/s3.hh" -#include "nix/s3-binary-cache-store.hh" -#include "nix/nar-info.hh" -#include "nix/nar-info-disk-cache.hh" -#include "nix/globals.hh" -#include "nix/compression.hh" -#include "nix/filetransfer.hh" -#include "nix/signals.hh" +#include "nix/store/s3.hh" +#include "nix/store/s3-binary-cache-store.hh" +#include "nix/store/nar-info.hh" +#include "nix/store/nar-info-disk-cache.hh" +#include "nix/store/globals.hh" +#include "nix/util/compression.hh" +#include "nix/store/filetransfer.hh" +#include "nix/util/signals.hh" #include #include diff --git a/src/libstore/serve-protocol-connection.cc b/src/libstore/serve-protocol-connection.cc index 577297af820..276086f6f31 100644 --- a/src/libstore/serve-protocol-connection.cc +++ b/src/libstore/serve-protocol-connection.cc @@ -1,7 +1,7 @@ -#include "nix/serve-protocol-connection.hh" -#include "nix/serve-protocol-impl.hh" -#include "nix/build-result.hh" -#include "nix/derivations.hh" +#include "nix/store/serve-protocol-connection.hh" +#include "nix/store/serve-protocol-impl.hh" +#include "nix/store/build-result.hh" +#include "nix/store/derivations.hh" namespace nix { diff --git a/src/libstore/serve-protocol.cc b/src/libstore/serve-protocol.cc index 0e2a3bc9d13..520c3795193 100644 --- a/src/libstore/serve-protocol.cc +++ b/src/libstore/serve-protocol.cc @@ -1,11 +1,11 @@ -#include "nix/serialise.hh" -#include "nix/path-with-outputs.hh" -#include "nix/store-api.hh" -#include "nix/build-result.hh" -#include "nix/serve-protocol.hh" -#include "nix/serve-protocol-impl.hh" -#include "nix/archive.hh" -#include "nix/path-info.hh" +#include "nix/util/serialise.hh" +#include "nix/store/path-with-outputs.hh" +#include "nix/store/store-api.hh" +#include "nix/store/build-result.hh" +#include "nix/store/serve-protocol.hh" +#include "nix/store/serve-protocol-impl.hh" +#include "nix/util/archive.hh" +#include "nix/store/path-info.hh" #include diff --git a/src/libstore/sqlite.cc b/src/libstore/sqlite.cc index 1f9622255d5..55b967ed679 100644 --- a/src/libstore/sqlite.cc +++ b/src/libstore/sqlite.cc @@ -1,8 +1,8 @@ -#include "nix/sqlite.hh" -#include "nix/globals.hh" -#include "nix/util.hh" -#include "nix/url.hh" -#include "nix/signals.hh" +#include "nix/store/sqlite.hh" +#include "nix/store/globals.hh" +#include "nix/util/util.hh" +#include "nix/util/url.hh" +#include "nix/util/signals.hh" #include diff --git a/src/libstore/ssh-store.cc b/src/libstore/ssh-store.cc index dc889cb3901..45ea05ffca5 100644 --- a/src/libstore/ssh-store.cc +++ b/src/libstore/ssh-store.cc @@ -1,12 +1,12 @@ -#include "nix/ssh-store.hh" -#include "nix/local-fs-store.hh" -#include "nix/remote-store-connection.hh" -#include "nix/source-accessor.hh" -#include "nix/archive.hh" -#include "nix/worker-protocol.hh" -#include "nix/worker-protocol-impl.hh" -#include "nix/pool.hh" -#include "nix/ssh.hh" +#include "nix/store/ssh-store.hh" +#include "nix/store/local-fs-store.hh" +#include "nix/store/remote-store-connection.hh" +#include "nix/util/source-accessor.hh" +#include "nix/util/archive.hh" +#include "nix/store/worker-protocol.hh" +#include "nix/store/worker-protocol-impl.hh" +#include "nix/util/pool.hh" +#include "nix/store/ssh.hh" namespace nix { diff --git a/src/libstore/ssh.cc b/src/libstore/ssh.cc index 86b6eda7c4b..97b75cba10a 100644 --- a/src/libstore/ssh.cc +++ b/src/libstore/ssh.cc @@ -1,9 +1,9 @@ -#include "nix/ssh.hh" -#include "nix/finally.hh" -#include "nix/current-process.hh" -#include "nix/environment-variables.hh" -#include "nix/util.hh" -#include "nix/exec.hh" +#include "nix/store/ssh.hh" +#include "nix/util/finally.hh" +#include "nix/util/current-process.hh" +#include "nix/util/environment-variables.hh" +#include "nix/util/util.hh" +#include "nix/util/exec.hh" namespace nix { diff --git a/src/libstore/store-api.cc b/src/libstore/store-api.cc index 52a962553aa..a0104b96a07 100644 --- a/src/libstore/store-api.cc +++ b/src/libstore/store-api.cc @@ -1,28 +1,28 @@ -#include "nix/signature/local-keys.hh" -#include "nix/source-accessor.hh" -#include "nix/globals.hh" -#include "nix/derived-path.hh" -#include "nix/realisation.hh" -#include "nix/derivations.hh" -#include "nix/store-api.hh" -#include "nix/util.hh" -#include "nix/nar-info-disk-cache.hh" -#include "nix/thread-pool.hh" -#include "nix/references.hh" -#include "nix/archive.hh" -#include "nix/callback.hh" -#include "nix/git.hh" -#include "nix/posix-source-accessor.hh" +#include "nix/util/signature/local-keys.hh" +#include "nix/util/source-accessor.hh" +#include "nix/store/globals.hh" +#include "nix/store/derived-path.hh" +#include "nix/store/realisation.hh" +#include "nix/store/derivations.hh" +#include "nix/store/store-api.hh" +#include "nix/util/util.hh" +#include "nix/store/nar-info-disk-cache.hh" +#include "nix/util/thread-pool.hh" +#include "nix/util/references.hh" +#include "nix/util/archive.hh" +#include "nix/util/callback.hh" +#include "nix/util/git.hh" +#include "nix/util/posix-source-accessor.hh" // FIXME this should not be here, see TODO below on // `addMultipleToStore`. -#include "nix/worker-protocol.hh" -#include "nix/signals.hh" -#include "nix/users.hh" +#include "nix/store/worker-protocol.hh" +#include "nix/util/signals.hh" +#include "nix/util/users.hh" #include #include -#include "nix/strings.hh" +#include "nix/util/strings.hh" using json = nlohmann::json; @@ -1277,8 +1277,8 @@ Derivation Store::readInvalidDerivation(const StorePath & drvPath) } -#include "nix/local-store.hh" -#include "nix/uds-remote-store.hh" +#include "nix/store/local-store.hh" +#include "nix/store/uds-remote-store.hh" namespace nix { diff --git a/src/libstore/store-reference.cc b/src/libstore/store-reference.cc index 610e70f9902..cb4e2cfb8eb 100644 --- a/src/libstore/store-reference.cc +++ b/src/libstore/store-reference.cc @@ -1,10 +1,10 @@ #include -#include "nix/error.hh" -#include "nix/url.hh" -#include "nix/store-reference.hh" -#include "nix/file-system.hh" -#include "nix/util.hh" +#include "nix/util/error.hh" +#include "nix/util/url.hh" +#include "nix/store/store-reference.hh" +#include "nix/util/file-system.hh" +#include "nix/util/util.hh" namespace nix { diff --git a/src/libstore/uds-remote-store.cc b/src/libstore/uds-remote-store.cc index b41eae39c8e..3c1657d1522 100644 --- a/src/libstore/uds-remote-store.cc +++ b/src/libstore/uds-remote-store.cc @@ -1,6 +1,6 @@ -#include "nix/uds-remote-store.hh" -#include "nix/unix-domain-socket.hh" -#include "nix/worker-protocol.hh" +#include "nix/store/uds-remote-store.hh" +#include "nix/util/unix-domain-socket.hh" +#include "nix/store/worker-protocol.hh" #include #include diff --git a/src/libstore/unix/build/child.cc b/src/libstore/unix/build/child.cc index c19d1e64618..a21fddf5176 100644 --- a/src/libstore/unix/build/child.cc +++ b/src/libstore/unix/build/child.cc @@ -1,6 +1,6 @@ -#include "nix/build/child.hh" -#include "nix/current-process.hh" -#include "nix/logging.hh" +#include "nix/store/build/child.hh" +#include "nix/util/current-process.hh" +#include "nix/util/logging.hh" #include #include diff --git a/src/libstore/unix/build/hook-instance.cc b/src/libstore/unix/build/hook-instance.cc index 5407bef14c3..3713f7c86e6 100644 --- a/src/libstore/unix/build/hook-instance.cc +++ b/src/libstore/unix/build/hook-instance.cc @@ -1,10 +1,10 @@ -#include "nix/globals.hh" -#include "nix/config-global.hh" -#include "nix/build/hook-instance.hh" -#include "nix/file-system.hh" -#include "nix/build/child.hh" -#include "nix/strings.hh" -#include "nix/executable-path.hh" +#include "nix/store/globals.hh" +#include "nix/util/config-global.hh" +#include "nix/store/build/hook-instance.hh" +#include "nix/util/file-system.hh" +#include "nix/store/build/child.hh" +#include "nix/util/strings.hh" +#include "nix/util/executable-path.hh" namespace nix { diff --git a/src/libstore/unix/build/local-derivation-goal.cc b/src/libstore/unix/build/local-derivation-goal.cc index afffe8e7183..302569ac6d8 100644 --- a/src/libstore/unix/build/local-derivation-goal.cc +++ b/src/libstore/unix/build/local-derivation-goal.cc @@ -1,25 +1,27 @@ -#include "nix/build/local-derivation-goal.hh" -#include "nix/indirect-root-store.hh" -#include "nix/build/hook-instance.hh" -#include "nix/build/worker.hh" -#include "nix/builtins.hh" -#include "nix/builtins/buildenv.hh" -#include "nix/path-references.hh" -#include "nix/finally.hh" -#include "nix/util.hh" -#include "nix/archive.hh" -#include "nix/git.hh" -#include "nix/compression.hh" -#include "nix/daemon.hh" -#include "nix/topo-sort.hh" -#include "nix/callback.hh" -#include "nix/json-utils.hh" -#include "nix/current-process.hh" -#include "nix/build/child.hh" -#include "nix/unix-domain-socket.hh" -#include "nix/posix-fs-canonicalise.hh" -#include "nix/posix-source-accessor.hh" -#include "nix/store-config.hh" +#include "nix/store/build/local-derivation-goal.hh" +#include "nix/store/local-store.hh" +#include "nix/util/processes.hh" +#include "nix/store/indirect-root-store.hh" +#include "nix/store/build/hook-instance.hh" +#include "nix/store/build/worker.hh" +#include "nix/store/builtins.hh" +#include "nix/store/builtins/buildenv.hh" +#include "nix/store/path-references.hh" +#include "nix/util/finally.hh" +#include "nix/util/util.hh" +#include "nix/util/archive.hh" +#include "nix/util/git.hh" +#include "nix/util/compression.hh" +#include "nix/store/daemon.hh" +#include "nix/util/topo-sort.hh" +#include "nix/util/callback.hh" +#include "nix/util/json-utils.hh" +#include "nix/util/current-process.hh" +#include "nix/store/build/child.hh" +#include "nix/util/unix-domain-socket.hh" +#include "nix/store/posix-fs-canonicalise.hh" +#include "nix/util/posix-source-accessor.hh" +#include "nix/store/config.hh" #include #include @@ -40,7 +42,7 @@ /* Includes required for chroot support. */ #if __linux__ -# include "nix/fchmodat2-compat.hh" +# include "nix/store/fchmodat2-compat.hh" # include # include # include @@ -49,13 +51,13 @@ # include # include # include -# include "nix/namespaces.hh" +# include "nix/util/namespaces.hh" # if HAVE_SECCOMP # include # endif # define pivot_root(new_root, put_old) (syscall(SYS_pivot_root, new_root, put_old)) -# include "nix/cgroup.hh" -# include "nix/personality.hh" +# include "nix/util/cgroup.hh" +# include "nix/store/personality.hh" #endif #if __APPLE__ @@ -71,8 +73,8 @@ extern "C" int sandbox_init_with_parameters(const char *profile, uint64_t flags, #include #include -#include "nix/strings.hh" -#include "nix/signals.hh" +#include "nix/util/strings.hh" +#include "nix/util/signals.hh" namespace nix { diff --git a/src/libstore/unix/include/nix/build/child.hh b/src/libstore/unix/include/nix/store/build/child.hh similarity index 100% rename from src/libstore/unix/include/nix/build/child.hh rename to src/libstore/unix/include/nix/store/build/child.hh diff --git a/src/libstore/unix/include/nix/build/hook-instance.hh b/src/libstore/unix/include/nix/store/build/hook-instance.hh similarity index 83% rename from src/libstore/unix/include/nix/build/hook-instance.hh rename to src/libstore/unix/include/nix/store/build/hook-instance.hh index b82a5118370..ff205ff7698 100644 --- a/src/libstore/unix/include/nix/build/hook-instance.hh +++ b/src/libstore/unix/include/nix/store/build/hook-instance.hh @@ -1,9 +1,9 @@ #pragma once ///@file -#include "nix/logging.hh" -#include "nix/serialise.hh" -#include "nix/processes.hh" +#include "nix/util/logging.hh" +#include "nix/util/serialise.hh" +#include "nix/util/processes.hh" namespace nix { diff --git a/src/libstore/unix/include/nix/build/local-derivation-goal.hh b/src/libstore/unix/include/nix/store/build/local-derivation-goal.hh similarity index 98% rename from src/libstore/unix/include/nix/build/local-derivation-goal.hh rename to src/libstore/unix/include/nix/store/build/local-derivation-goal.hh index 1a14211be3b..795286a0189 100644 --- a/src/libstore/unix/include/nix/build/local-derivation-goal.hh +++ b/src/libstore/unix/include/nix/store/build/local-derivation-goal.hh @@ -1,9 +1,9 @@ #pragma once ///@file -#include "nix/build/derivation-goal.hh" -#include "nix/local-store.hh" -#include "nix/processes.hh" +#include "nix/store/build/derivation-goal.hh" +#include "nix/store/local-store.hh" +#include "nix/util/processes.hh" namespace nix { diff --git a/src/libstore/unix/include/nix/meson.build b/src/libstore/unix/include/nix/store/meson.build similarity index 73% rename from src/libstore/unix/include/nix/meson.build rename to src/libstore/unix/include/nix/store/meson.build index b07787c0aac..9f12440cdea 100644 --- a/src/libstore/unix/include/nix/meson.build +++ b/src/libstore/unix/include/nix/store/meson.build @@ -1,4 +1,4 @@ -include_dirs += include_directories('..') +include_dirs += include_directories('../..') headers += files( 'build/child.hh', diff --git a/src/libstore/unix/include/nix/user-lock.hh b/src/libstore/unix/include/nix/store/user-lock.hh similarity index 100% rename from src/libstore/unix/include/nix/user-lock.hh rename to src/libstore/unix/include/nix/store/user-lock.hh diff --git a/src/libstore/unix/meson.build b/src/libstore/unix/meson.build index 7c80aa1a1f7..f06c9aa95ea 100644 --- a/src/libstore/unix/meson.build +++ b/src/libstore/unix/meson.build @@ -6,4 +6,4 @@ sources += files( 'user-lock.cc', ) -subdir('include/nix') +subdir('include/nix/store') diff --git a/src/libstore/unix/pathlocks.cc b/src/libstore/unix/pathlocks.cc index 3cc24c85973..58d047f4e00 100644 --- a/src/libstore/unix/pathlocks.cc +++ b/src/libstore/unix/pathlocks.cc @@ -1,7 +1,7 @@ -#include "nix/pathlocks.hh" -#include "nix/util.hh" -#include "nix/sync.hh" -#include "nix/signals.hh" +#include "nix/store/pathlocks.hh" +#include "nix/util/util.hh" +#include "nix/util/sync.hh" +#include "nix/util/signals.hh" #include #include diff --git a/src/libstore/unix/user-lock.cc b/src/libstore/unix/user-lock.cc index 4426f07689e..770b00e2de3 100644 --- a/src/libstore/unix/user-lock.cc +++ b/src/libstore/unix/user-lock.cc @@ -2,11 +2,11 @@ #include #include -#include "nix/user-lock.hh" -#include "nix/file-system.hh" -#include "nix/globals.hh" -#include "nix/pathlocks.hh" -#include "nix/users.hh" +#include "nix/store/user-lock.hh" +#include "nix/util/file-system.hh" +#include "nix/store/globals.hh" +#include "nix/store/pathlocks.hh" +#include "nix/util/users.hh" namespace nix { diff --git a/src/libstore/windows/pathlocks.cc b/src/libstore/windows/pathlocks.cc index 0161a8c322e..0ba75853b3f 100644 --- a/src/libstore/windows/pathlocks.cc +++ b/src/libstore/windows/pathlocks.cc @@ -1,13 +1,13 @@ -#include "nix/logging.hh" -#include "nix/pathlocks.hh" -#include "nix/signals.hh" -#include "nix/util.hh" +#include "nix/util/logging.hh" +#include "nix/store/pathlocks.hh" +#include "nix/util/signals.hh" +#include "nix/util/util.hh" #ifdef _WIN32 # include # include # include -# include "nix/windows-error.hh" +# include "nix/util/windows-error.hh" namespace nix { diff --git a/src/libstore/worker-protocol-connection.cc b/src/libstore/worker-protocol-connection.cc index a30e808a7cd..d83be10e6b6 100644 --- a/src/libstore/worker-protocol-connection.cc +++ b/src/libstore/worker-protocol-connection.cc @@ -1,7 +1,7 @@ -#include "nix/worker-protocol-connection.hh" -#include "nix/worker-protocol-impl.hh" -#include "nix/build-result.hh" -#include "nix/derivations.hh" +#include "nix/store/worker-protocol-connection.hh" +#include "nix/store/worker-protocol-impl.hh" +#include "nix/store/build-result.hh" +#include "nix/store/derivations.hh" namespace nix { diff --git a/src/libstore/worker-protocol.cc b/src/libstore/worker-protocol.cc index e9972365205..21b21a3478d 100644 --- a/src/libstore/worker-protocol.cc +++ b/src/libstore/worker-protocol.cc @@ -1,11 +1,11 @@ -#include "nix/serialise.hh" -#include "nix/path-with-outputs.hh" -#include "nix/store-api.hh" -#include "nix/build-result.hh" -#include "nix/worker-protocol.hh" -#include "nix/worker-protocol-impl.hh" -#include "nix/archive.hh" -#include "nix/path-info.hh" +#include "nix/util/serialise.hh" +#include "nix/store/path-with-outputs.hh" +#include "nix/store/store-api.hh" +#include "nix/store/build-result.hh" +#include "nix/store/worker-protocol.hh" +#include "nix/store/worker-protocol-impl.hh" +#include "nix/util/archive.hh" +#include "nix/store/path-info.hh" #include #include diff --git a/src/libutil-c/nix_api_util.cc b/src/libutil-c/nix_api_util.cc index 483c5484a33..2254f18fa97 100644 --- a/src/libutil-c/nix_api_util.cc +++ b/src/libutil-c/nix_api_util.cc @@ -1,8 +1,8 @@ #include "nix_api_util.h" -#include "nix/config-global.hh" -#include "nix/error.hh" +#include "nix/util/config-global.hh" +#include "nix/util/error.hh" #include "nix_api_util_internal.h" -#include "nix/util.hh" +#include "nix/util/util.hh" #include #include diff --git a/src/libutil-c/nix_api_util_internal.h b/src/libutil-c/nix_api_util_internal.h index 362d8c59a02..8fbf3d91a06 100644 --- a/src/libutil-c/nix_api_util_internal.h +++ b/src/libutil-c/nix_api_util_internal.h @@ -4,7 +4,7 @@ #include #include -#include "nix/error.hh" +#include "nix/util/error.hh" #include "nix_api_util.h" struct nix_c_context diff --git a/src/libutil-test-support/hash.cc b/src/libutil-test-support/hash.cc index 3614b42b3aa..d047f4073df 100644 --- a/src/libutil-test-support/hash.cc +++ b/src/libutil-test-support/hash.cc @@ -2,9 +2,9 @@ #include -#include "nix/hash.hh" +#include "nix/util/hash.hh" -#include "nix/tests/hash.hh" +#include "nix/util/tests/hash.hh" namespace rc { using namespace nix; diff --git a/src/libutil-test-support/include/nix/meson.build b/src/libutil-test-support/include/nix/meson.build deleted file mode 100644 index 6490d19ace4..00000000000 --- a/src/libutil-test-support/include/nix/meson.build +++ /dev/null @@ -1,11 +0,0 @@ -# Public headers directory - -include_dirs = [include_directories('..')] - -headers = files( - 'tests/characterization.hh', - 'tests/gtest-with-params.hh', - 'tests/hash.hh', - 'tests/nix_api_util.hh', - 'tests/string_callback.hh', -) diff --git a/src/libutil-test-support/include/nix/tests/characterization.hh b/src/libutil-test-support/include/nix/util/tests/characterization.hh similarity index 95% rename from src/libutil-test-support/include/nix/tests/characterization.hh rename to src/libutil-test-support/include/nix/util/tests/characterization.hh index f9079363323..3e8effe8b61 100644 --- a/src/libutil-test-support/include/nix/tests/characterization.hh +++ b/src/libutil-test-support/include/nix/util/tests/characterization.hh @@ -3,9 +3,9 @@ #include -#include "nix/types.hh" -#include "nix/environment-variables.hh" -#include "nix/file-system.hh" +#include "nix/util/types.hh" +#include "nix/util/environment-variables.hh" +#include "nix/util/file-system.hh" namespace nix { diff --git a/src/libutil-test-support/include/nix/tests/gtest-with-params.hh b/src/libutil-test-support/include/nix/util/tests/gtest-with-params.hh similarity index 100% rename from src/libutil-test-support/include/nix/tests/gtest-with-params.hh rename to src/libutil-test-support/include/nix/util/tests/gtest-with-params.hh diff --git a/src/libutil-test-support/include/nix/tests/hash.hh b/src/libutil-test-support/include/nix/util/tests/hash.hh similarity index 86% rename from src/libutil-test-support/include/nix/tests/hash.hh rename to src/libutil-test-support/include/nix/util/tests/hash.hh index b965ac1a24e..de832c12f86 100644 --- a/src/libutil-test-support/include/nix/tests/hash.hh +++ b/src/libutil-test-support/include/nix/util/tests/hash.hh @@ -3,7 +3,7 @@ #include -#include "nix/hash.hh" +#include "nix/util/hash.hh" namespace rc { using namespace nix; diff --git a/src/libutil-test-support/include/nix/util/tests/meson.build b/src/libutil-test-support/include/nix/util/tests/meson.build new file mode 100644 index 00000000000..f77dedff7e4 --- /dev/null +++ b/src/libutil-test-support/include/nix/util/tests/meson.build @@ -0,0 +1,11 @@ +# Public headers directory + +include_dirs = [include_directories('../../..')] + +headers = files( + 'characterization.hh', + 'gtest-with-params.hh', + 'hash.hh', + 'nix_api_util.hh', + 'string_callback.hh', +) diff --git a/src/libutil-test-support/include/nix/tests/nix_api_util.hh b/src/libutil-test-support/include/nix/util/tests/nix_api_util.hh similarity index 100% rename from src/libutil-test-support/include/nix/tests/nix_api_util.hh rename to src/libutil-test-support/include/nix/util/tests/nix_api_util.hh diff --git a/src/libutil-test-support/include/nix/tests/string_callback.hh b/src/libutil-test-support/include/nix/util/tests/string_callback.hh similarity index 100% rename from src/libutil-test-support/include/nix/tests/string_callback.hh rename to src/libutil-test-support/include/nix/util/tests/string_callback.hh diff --git a/src/libutil-test-support/include/nix/tests/tracing-file-system-object-sink.hh b/src/libutil-test-support/include/nix/util/tests/tracing-file-system-object-sink.hh similarity index 97% rename from src/libutil-test-support/include/nix/tests/tracing-file-system-object-sink.hh rename to src/libutil-test-support/include/nix/util/tests/tracing-file-system-object-sink.hh index f5d38d0f811..d721c13af05 100644 --- a/src/libutil-test-support/include/nix/tests/tracing-file-system-object-sink.hh +++ b/src/libutil-test-support/include/nix/util/tests/tracing-file-system-object-sink.hh @@ -1,5 +1,5 @@ #pragma once -#include "nix/fs-sink.hh" +#include "nix/util/fs-sink.hh" namespace nix::test { diff --git a/src/libutil-test-support/meson.build b/src/libutil-test-support/meson.build index 265bdc24902..ec6bc15d9ac 100644 --- a/src/libutil-test-support/meson.build +++ b/src/libutil-test-support/meson.build @@ -32,7 +32,7 @@ sources = files( 'string_callback.cc', ) -subdir('include/nix') +subdir('include/nix/util/tests') subdir('nix-meson-build-support/export-all-symbols') subdir('nix-meson-build-support/windows-version') @@ -49,7 +49,7 @@ this_library = library( install : true, ) -install_headers(headers, subdir : 'nix', preserve_path : true) +install_headers(headers, subdir : 'nix/util/tests', preserve_path : true) libraries_private = [] diff --git a/src/libutil-test-support/package.nix b/src/libutil-test-support/package.nix index 033758d7b5a..f8e92c27113 100644 --- a/src/libutil-test-support/package.nix +++ b/src/libutil-test-support/package.nix @@ -28,7 +28,7 @@ mkMesonLibrary (finalAttrs: { ./.version ./meson.build # ./meson.options - ./include/nix/meson.build + ./include/nix/util/tests/meson.build (fileset.fileFilter (file: file.hasExt "cc") ./.) (fileset.fileFilter (file: file.hasExt "hh") ./.) ]; diff --git a/src/libutil-test-support/string_callback.cc b/src/libutil-test-support/string_callback.cc index 25781dc60ce..4f6a9cf40fd 100644 --- a/src/libutil-test-support/string_callback.cc +++ b/src/libutil-test-support/string_callback.cc @@ -1,4 +1,4 @@ -#include "nix/tests/string_callback.hh" +#include "nix/util/tests/string_callback.hh" namespace nix::testing { diff --git a/src/libutil-tests/args.cc b/src/libutil-tests/args.cc index abcc8564175..2cc1a34386e 100644 --- a/src/libutil-tests/args.cc +++ b/src/libutil-tests/args.cc @@ -1,5 +1,5 @@ -#include "nix/args.hh" -#include "nix/fs-sink.hh" +#include "nix/util/args.hh" +#include "nix/util/fs-sink.hh" #include #include diff --git a/src/libutil-tests/canon-path.cc b/src/libutil-tests/canon-path.cc index 6ef6d3c994b..c6808bf6673 100644 --- a/src/libutil-tests/canon-path.cc +++ b/src/libutil-tests/canon-path.cc @@ -1,4 +1,4 @@ -#include "nix/canon-path.hh" +#include "nix/util/canon-path.hh" #include diff --git a/src/libutil-tests/checked-arithmetic.cc b/src/libutil-tests/checked-arithmetic.cc index 4d98344fb33..8056a430a33 100644 --- a/src/libutil-tests/checked-arithmetic.cc +++ b/src/libutil-tests/checked-arithmetic.cc @@ -5,9 +5,9 @@ #include #include -#include "nix/checked-arithmetic.hh" +#include "nix/util/checked-arithmetic.hh" -#include "nix/tests/gtest-with-params.hh" +#include "nix/util/tests/gtest-with-params.hh" namespace rc { using namespace nix; diff --git a/src/libutil-tests/chunked-vector.cc b/src/libutil-tests/chunked-vector.cc index 16dedc63f53..658581c2af8 100644 --- a/src/libutil-tests/chunked-vector.cc +++ b/src/libutil-tests/chunked-vector.cc @@ -1,4 +1,4 @@ -#include "nix/chunked-vector.hh" +#include "nix/util/chunked-vector.hh" #include diff --git a/src/libutil-tests/closure.cc b/src/libutil-tests/closure.cc index b6b777bcc43..6bbc128c24e 100644 --- a/src/libutil-tests/closure.cc +++ b/src/libutil-tests/closure.cc @@ -1,4 +1,4 @@ -#include "nix/closure.hh" +#include "nix/util/closure.hh" #include namespace nix { diff --git a/src/libutil-tests/compression.cc b/src/libutil-tests/compression.cc index 7c7dfbd7bb4..de0c7cdb653 100644 --- a/src/libutil-tests/compression.cc +++ b/src/libutil-tests/compression.cc @@ -1,4 +1,4 @@ -#include "nix/compression.hh" +#include "nix/util/compression.hh" #include namespace nix { diff --git a/src/libutil-tests/config.cc b/src/libutil-tests/config.cc index aae410d2b5a..bc7db251b87 100644 --- a/src/libutil-tests/config.cc +++ b/src/libutil-tests/config.cc @@ -1,5 +1,5 @@ -#include "nix/config.hh" -#include "nix/args.hh" +#include "nix/util/configuration.hh" +#include "nix/util/args.hh" #include #include diff --git a/src/libutil-tests/executable-path.cc b/src/libutil-tests/executable-path.cc index 041209882cc..7229b14e6b3 100644 --- a/src/libutil-tests/executable-path.cc +++ b/src/libutil-tests/executable-path.cc @@ -1,6 +1,6 @@ #include -#include "nix/executable-path.hh" +#include "nix/util/executable-path.hh" namespace nix { diff --git a/src/libutil-tests/file-content-address.cc b/src/libutil-tests/file-content-address.cc index 686114a9fc1..5cdf94edcff 100644 --- a/src/libutil-tests/file-content-address.cc +++ b/src/libutil-tests/file-content-address.cc @@ -1,6 +1,6 @@ #include -#include "nix/file-content-address.hh" +#include "nix/util/file-content-address.hh" namespace nix { diff --git a/src/libutil-tests/file-system.cc b/src/libutil-tests/file-system.cc index 71e671a698a..8c9eccc1123 100644 --- a/src/libutil-tests/file-system.cc +++ b/src/libutil-tests/file-system.cc @@ -1,9 +1,9 @@ -#include "nix/util.hh" -#include "nix/types.hh" -#include "nix/file-system.hh" -#include "nix/processes.hh" -#include "nix/terminal.hh" -#include "nix/strings.hh" +#include "nix/util/util.hh" +#include "nix/util/types.hh" +#include "nix/util/file-system.hh" +#include "nix/util/processes.hh" +#include "nix/util/terminal.hh" +#include "nix/util/strings.hh" #include #include diff --git a/src/libutil-tests/git.cc b/src/libutil-tests/git.cc index b91d5019b53..91432b76bcb 100644 --- a/src/libutil-tests/git.cc +++ b/src/libutil-tests/git.cc @@ -1,9 +1,9 @@ #include -#include "nix/git.hh" -#include "nix/memory-source-accessor.hh" +#include "nix/util/git.hh" +#include "nix/util/memory-source-accessor.hh" -#include "nix/tests/characterization.hh" +#include "nix/util/tests/characterization.hh" namespace nix { diff --git a/src/libutil-tests/hash.cc b/src/libutil-tests/hash.cc index 1ba69a57337..3c71b04864f 100644 --- a/src/libutil-tests/hash.cc +++ b/src/libutil-tests/hash.cc @@ -2,7 +2,7 @@ #include -#include "nix/hash.hh" +#include "nix/util/hash.hh" namespace nix { diff --git a/src/libutil-tests/hilite.cc b/src/libutil-tests/hilite.cc index e571a9bf65f..98773afcf58 100644 --- a/src/libutil-tests/hilite.cc +++ b/src/libutil-tests/hilite.cc @@ -1,4 +1,4 @@ -#include "nix/hilite.hh" +#include "nix/util/hilite.hh" #include diff --git a/src/libutil-tests/json-utils.cc b/src/libutil-tests/json-utils.cc index b8722bd304d..051d86ec7f1 100644 --- a/src/libutil-tests/json-utils.cc +++ b/src/libutil-tests/json-utils.cc @@ -3,8 +3,8 @@ #include -#include "nix/error.hh" -#include "nix/json-utils.hh" +#include "nix/util/error.hh" +#include "nix/util/json-utils.hh" namespace nix { diff --git a/src/libutil-tests/logging.cc b/src/libutil-tests/logging.cc index ca89ee02ff8..494e9ce4cc8 100644 --- a/src/libutil-tests/logging.cc +++ b/src/libutil-tests/logging.cc @@ -1,7 +1,7 @@ #if 0 -#include "nix/logging.hh" -#include "nix/nixexpr.hh" +#include "nix/util/logging.hh" +#include "nix/expr/nixexpr.hh" #include #include diff --git a/src/libutil-tests/lru-cache.cc b/src/libutil-tests/lru-cache.cc index 98763588af3..daa2a91fe87 100644 --- a/src/libutil-tests/lru-cache.cc +++ b/src/libutil-tests/lru-cache.cc @@ -1,4 +1,4 @@ -#include "nix/lru-cache.hh" +#include "nix/util/lru-cache.hh" #include namespace nix { diff --git a/src/libutil-tests/nix_api_util.cc b/src/libutil-tests/nix_api_util.cc index f2d198aacf1..baaaa81fc3a 100644 --- a/src/libutil-tests/nix_api_util.cc +++ b/src/libutil-tests/nix_api_util.cc @@ -1,9 +1,9 @@ -#include "nix/config-global.hh" -#include "nix/args.hh" +#include "nix/util/config-global.hh" +#include "nix/util/args.hh" #include "nix_api_util.h" #include "nix_api_util_internal.h" -#include "nix/tests/nix_api_util.hh" -#include "nix/tests/string_callback.hh" +#include "nix/util/tests/nix_api_util.hh" +#include "nix/util/tests/string_callback.hh" #include diff --git a/src/libutil-tests/pool.cc b/src/libutil-tests/pool.cc index 8402768d345..c9f31f9a086 100644 --- a/src/libutil-tests/pool.cc +++ b/src/libutil-tests/pool.cc @@ -1,4 +1,4 @@ -#include "nix/pool.hh" +#include "nix/util/pool.hh" #include namespace nix { diff --git a/src/libutil-tests/position.cc b/src/libutil-tests/position.cc index 0726b89c08d..fd65acd039c 100644 --- a/src/libutil-tests/position.cc +++ b/src/libutil-tests/position.cc @@ -1,6 +1,6 @@ #include -#include "nix/position.hh" +#include "nix/util/position.hh" namespace nix { diff --git a/src/libutil-tests/processes.cc b/src/libutil-tests/processes.cc index 5d1435e3a4a..eb7561393ce 100644 --- a/src/libutil-tests/processes.cc +++ b/src/libutil-tests/processes.cc @@ -1,4 +1,4 @@ -#include "nix/processes.hh" +#include "nix/util/processes.hh" #include diff --git a/src/libutil-tests/references.cc b/src/libutil-tests/references.cc index 362629b553e..622b3c35a43 100644 --- a/src/libutil-tests/references.cc +++ b/src/libutil-tests/references.cc @@ -1,4 +1,4 @@ -#include "nix/references.hh" +#include "nix/util/references.hh" #include namespace nix { diff --git a/src/libutil-tests/spawn.cc b/src/libutil-tests/spawn.cc index 502d4e90b32..594bced592c 100644 --- a/src/libutil-tests/spawn.cc +++ b/src/libutil-tests/spawn.cc @@ -1,6 +1,6 @@ #include -#include "nix/processes.hh" +#include "nix/util/processes.hh" namespace nix { diff --git a/src/libutil-tests/strings.cc b/src/libutil-tests/strings.cc index 26b99263b7f..f5af4e0ff77 100644 --- a/src/libutil-tests/strings.cc +++ b/src/libutil-tests/strings.cc @@ -1,8 +1,8 @@ #include #include -#include "nix/strings.hh" -#include "nix/error.hh" +#include "nix/util/strings.hh" +#include "nix/util/error.hh" namespace nix { diff --git a/src/libutil-tests/suggestions.cc b/src/libutil-tests/suggestions.cc index 36d0b7169b8..c58f033da83 100644 --- a/src/libutil-tests/suggestions.cc +++ b/src/libutil-tests/suggestions.cc @@ -1,4 +1,4 @@ -#include "nix/suggestions.hh" +#include "nix/util/suggestions.hh" #include namespace nix { diff --git a/src/libutil-tests/terminal.cc b/src/libutil-tests/terminal.cc index 3d3296cc3b9..329c1a18696 100644 --- a/src/libutil-tests/terminal.cc +++ b/src/libutil-tests/terminal.cc @@ -1,7 +1,7 @@ -#include "nix/util.hh" -#include "nix/types.hh" -#include "nix/terminal.hh" -#include "nix/strings.hh" +#include "nix/util/util.hh" +#include "nix/util/types.hh" +#include "nix/util/terminal.hh" +#include "nix/util/strings.hh" #include #include diff --git a/src/libutil-tests/url.cc b/src/libutil-tests/url.cc index 89a461c2cba..4c089c10622 100644 --- a/src/libutil-tests/url.cc +++ b/src/libutil-tests/url.cc @@ -1,4 +1,4 @@ -#include "nix/url.hh" +#include "nix/util/url.hh" #include namespace nix { diff --git a/src/libutil-tests/util.cc b/src/libutil-tests/util.cc index 53b7cd208f4..954867be8f2 100644 --- a/src/libutil-tests/util.cc +++ b/src/libutil-tests/util.cc @@ -1,8 +1,8 @@ -#include "nix/util.hh" -#include "nix/types.hh" -#include "nix/file-system.hh" -#include "nix/terminal.hh" -#include "nix/strings.hh" +#include "nix/util/util.hh" +#include "nix/util/types.hh" +#include "nix/util/file-system.hh" +#include "nix/util/terminal.hh" +#include "nix/util/strings.hh" #include #include diff --git a/src/libutil-tests/xml-writer.cc b/src/libutil-tests/xml-writer.cc index 7fc1f3154a3..000af700c3a 100644 --- a/src/libutil-tests/xml-writer.cc +++ b/src/libutil-tests/xml-writer.cc @@ -1,4 +1,4 @@ -#include "nix/xml-writer.hh" +#include "nix/util/xml-writer.hh" #include #include diff --git a/src/libutil/archive.cc b/src/libutil/archive.cc index 2c7c91dd05d..143d0108511 100644 --- a/src/libutil/archive.cc +++ b/src/libutil/archive.cc @@ -5,12 +5,12 @@ #include // for strcasecmp -#include "nix/archive.hh" -#include "nix/config-global.hh" -#include "nix/posix-source-accessor.hh" -#include "nix/source-path.hh" -#include "nix/file-system.hh" -#include "nix/signals.hh" +#include "nix/util/archive.hh" +#include "nix/util/config-global.hh" +#include "nix/util/posix-source-accessor.hh" +#include "nix/util/source-path.hh" +#include "nix/util/file-system.hh" +#include "nix/util/signals.hh" namespace nix { diff --git a/src/libutil/args.cc b/src/libutil/args.cc index 184318cc49f..b4177bf9326 100644 --- a/src/libutil/args.cc +++ b/src/libutil/args.cc @@ -1,10 +1,10 @@ -#include "nix/args.hh" -#include "nix/args/root.hh" -#include "nix/hash.hh" -#include "nix/environment-variables.hh" -#include "nix/signals.hh" -#include "nix/users.hh" -#include "nix/json-utils.hh" +#include "nix/util/args.hh" +#include "nix/util/args/root.hh" +#include "nix/util/hash.hh" +#include "nix/util/environment-variables.hh" +#include "nix/util/signals.hh" +#include "nix/util/users.hh" +#include "nix/util/json-utils.hh" #include #include diff --git a/src/libutil/canon-path.cc b/src/libutil/canon-path.cc index c6f48ac32ee..33ac700f013 100644 --- a/src/libutil/canon-path.cc +++ b/src/libutil/canon-path.cc @@ -1,7 +1,7 @@ -#include "nix/canon-path.hh" -#include "nix/util.hh" -#include "nix/file-path-impl.hh" -#include "nix/strings-inline.hh" +#include "nix/util/canon-path.hh" +#include "nix/util/util.hh" +#include "nix/util/file-path-impl.hh" +#include "nix/util/strings-inline.hh" namespace nix { diff --git a/src/libutil/compression.cc b/src/libutil/compression.cc index 788ad7109b2..0e38620d413 100644 --- a/src/libutil/compression.cc +++ b/src/libutil/compression.cc @@ -1,8 +1,8 @@ -#include "nix/compression.hh" -#include "nix/signals.hh" -#include "nix/tarfile.hh" -#include "nix/finally.hh" -#include "nix/logging.hh" +#include "nix/util/compression.hh" +#include "nix/util/signals.hh" +#include "nix/util/tarfile.hh" +#include "nix/util/finally.hh" +#include "nix/util/logging.hh" #include #include diff --git a/src/libutil/compute-levels.cc b/src/libutil/compute-levels.cc index 2e3c8440456..c80b994044c 100644 --- a/src/libutil/compute-levels.cc +++ b/src/libutil/compute-levels.cc @@ -1,4 +1,4 @@ -#include "nix/types.hh" +#include "nix/util/types.hh" #include "util-config-private.hh" diff --git a/src/libutil/config-global.cc b/src/libutil/config-global.cc index b325d09e7ba..10d176c5141 100644 --- a/src/libutil/config-global.cc +++ b/src/libutil/config-global.cc @@ -1,4 +1,4 @@ -#include "nix/config-global.hh" +#include "nix/util/config-global.hh" #include diff --git a/src/libutil/config.cc b/src/libutil/configuration.cc similarity index 97% rename from src/libutil/config.cc rename to src/libutil/configuration.cc index b108dd58a44..0f5a6a43216 100644 --- a/src/libutil/config.cc +++ b/src/libutil/configuration.cc @@ -1,16 +1,16 @@ -#include "nix/config.hh" -#include "nix/args.hh" -#include "nix/abstract-setting-to-json.hh" -#include "nix/environment-variables.hh" -#include "nix/experimental-features.hh" -#include "nix/util.hh" -#include "nix/file-system.hh" +#include "nix/util/configuration.hh" +#include "nix/util/args.hh" +#include "nix/util/abstract-setting-to-json.hh" +#include "nix/util/environment-variables.hh" +#include "nix/util/experimental-features.hh" +#include "nix/util/util.hh" +#include "nix/util/file-system.hh" -#include "nix/config-impl.hh" +#include "nix/util/config-impl.hh" #include -#include "nix/strings.hh" +#include "nix/util/strings.hh" namespace nix { diff --git a/src/libutil/current-process.cc b/src/libutil/current-process.cc index 11655c55cd0..4103c0515d2 100644 --- a/src/libutil/current-process.cc +++ b/src/libutil/current-process.cc @@ -1,12 +1,12 @@ #include #include -#include "nix/current-process.hh" -#include "nix/util.hh" -#include "nix/finally.hh" -#include "nix/file-system.hh" -#include "nix/processes.hh" -#include "nix/signals.hh" +#include "nix/util/current-process.hh" +#include "nix/util/util.hh" +#include "nix/util/finally.hh" +#include "nix/util/file-system.hh" +#include "nix/util/processes.hh" +#include "nix/util/signals.hh" #include #ifdef __APPLE__ @@ -15,8 +15,8 @@ #if __linux__ # include -# include "nix/cgroup.hh" -# include "nix/namespaces.hh" +# include "nix/util/cgroup.hh" +# include "nix/util/namespaces.hh" #endif namespace nix { diff --git a/src/libutil/english.cc b/src/libutil/english.cc index 9ccc7ed3b58..e697b8c3051 100644 --- a/src/libutil/english.cc +++ b/src/libutil/english.cc @@ -1,4 +1,4 @@ -#include "nix/english.hh" +#include "nix/util/english.hh" namespace nix { diff --git a/src/libutil/environment-variables.cc b/src/libutil/environment-variables.cc index f2948807a69..0b668f125c1 100644 --- a/src/libutil/environment-variables.cc +++ b/src/libutil/environment-variables.cc @@ -1,5 +1,5 @@ -#include "nix/util.hh" -#include "nix/environment-variables.hh" +#include "nix/util/util.hh" +#include "nix/util/environment-variables.hh" extern char ** environ __attribute__((weak)); diff --git a/src/libutil/error.cc b/src/libutil/error.cc index bd0baaeff21..0ceaa4e76da 100644 --- a/src/libutil/error.cc +++ b/src/libutil/error.cc @@ -1,14 +1,14 @@ #include -#include "nix/error.hh" -#include "nix/environment-variables.hh" -#include "nix/signals.hh" -#include "nix/terminal.hh" -#include "nix/position.hh" +#include "nix/util/error.hh" +#include "nix/util/environment-variables.hh" +#include "nix/util/signals.hh" +#include "nix/util/terminal.hh" +#include "nix/util/position.hh" #include #include -#include "nix/serialise.hh" +#include "nix/util/serialise.hh" #include namespace nix { diff --git a/src/libutil/executable-path.cc b/src/libutil/executable-path.cc index 24e3484f2fd..ed1ac49ce11 100644 --- a/src/libutil/executable-path.cc +++ b/src/libutil/executable-path.cc @@ -1,8 +1,8 @@ -#include "nix/environment-variables.hh" -#include "nix/executable-path.hh" -#include "nix/strings-inline.hh" -#include "nix/util.hh" -#include "nix/file-path-impl.hh" +#include "nix/util/environment-variables.hh" +#include "nix/util/executable-path.hh" +#include "nix/util/strings-inline.hh" +#include "nix/util/util.hh" +#include "nix/util/file-path-impl.hh" namespace nix { diff --git a/src/libutil/exit.cc b/src/libutil/exit.cc index e177cfa31a7..3c59e46af20 100644 --- a/src/libutil/exit.cc +++ b/src/libutil/exit.cc @@ -1,4 +1,4 @@ -#include "nix/exit.hh" +#include "nix/util/exit.hh" namespace nix { diff --git a/src/libutil/experimental-features.cc b/src/libutil/experimental-features.cc index c05c3e9ec35..348caa44ef3 100644 --- a/src/libutil/experimental-features.cc +++ b/src/libutil/experimental-features.cc @@ -1,6 +1,6 @@ -#include "nix/experimental-features.hh" -#include "nix/fmt.hh" -#include "nix/util.hh" +#include "nix/util/experimental-features.hh" +#include "nix/util/fmt.hh" +#include "nix/util/util.hh" #include diff --git a/src/libutil/file-content-address.cc b/src/libutil/file-content-address.cc index 71eb34611ab..673e1dff1fc 100644 --- a/src/libutil/file-content-address.cc +++ b/src/libutil/file-content-address.cc @@ -1,7 +1,7 @@ -#include "nix/file-content-address.hh" -#include "nix/archive.hh" -#include "nix/git.hh" -#include "nix/source-path.hh" +#include "nix/util/file-content-address.hh" +#include "nix/util/archive.hh" +#include "nix/util/git.hh" +#include "nix/util/source-path.hh" namespace nix { diff --git a/src/libutil/file-descriptor.cc b/src/libutil/file-descriptor.cc index 2af1364b165..042edbf551d 100644 --- a/src/libutil/file-descriptor.cc +++ b/src/libutil/file-descriptor.cc @@ -1,12 +1,12 @@ -#include "nix/serialise.hh" -#include "nix/util.hh" +#include "nix/util/serialise.hh" +#include "nix/util/util.hh" #include #include #ifdef _WIN32 # include # include -# include "nix/windows-error.hh" +# include "nix/util/windows-error.hh" #endif namespace nix { diff --git a/src/libutil/file-system.cc b/src/libutil/file-system.cc index 8a309d12045..ebc9a9663d8 100644 --- a/src/libutil/file-system.cc +++ b/src/libutil/file-system.cc @@ -1,11 +1,11 @@ -#include "nix/environment-variables.hh" -#include "nix/file-system.hh" -#include "nix/file-path.hh" -#include "nix/file-path-impl.hh" -#include "nix/signals.hh" -#include "nix/finally.hh" -#include "nix/serialise.hh" -#include "nix/util.hh" +#include "nix/util/environment-variables.hh" +#include "nix/util/file-system.hh" +#include "nix/util/file-path.hh" +#include "nix/util/file-path-impl.hh" +#include "nix/util/signals.hh" +#include "nix/util/finally.hh" +#include "nix/util/serialise.hh" +#include "nix/util/util.hh" #include #include @@ -25,7 +25,7 @@ # include #endif -#include "nix/strings-inline.hh" +#include "nix/util/strings-inline.hh" #include "util-config-private.hh" diff --git a/src/libutil/fs-sink.cc b/src/libutil/fs-sink.cc index 7b8ba11893c..aa46b3cd2af 100644 --- a/src/libutil/fs-sink.cc +++ b/src/libutil/fs-sink.cc @@ -1,13 +1,13 @@ #include -#include "nix/error.hh" -#include "nix/config-global.hh" -#include "nix/fs-sink.hh" +#include "nix/util/error.hh" +#include "nix/util/config-global.hh" +#include "nix/util/fs-sink.hh" #if _WIN32 # include -# include "nix/file-path.hh" -# include "nix/windows-error.hh" +# include "nix/util/file-path.hh" +# include "nix/util/windows-error.hh" #endif #include "util-config-private.hh" diff --git a/src/libutil/git.cc b/src/libutil/git.cc index c6466bddaa8..45cda1c2c3e 100644 --- a/src/libutil/git.cc +++ b/src/libutil/git.cc @@ -5,12 +5,12 @@ #include #include // for strcasecmp -#include "nix/signals.hh" -#include "nix/config.hh" -#include "nix/hash.hh" +#include "nix/util/signals.hh" +#include "nix/util/configuration.hh" +#include "nix/util/hash.hh" -#include "nix/git.hh" -#include "nix/serialise.hh" +#include "nix/util/git.hh" +#include "nix/util/serialise.hh" namespace nix::git { diff --git a/src/libutil/hash.cc b/src/libutil/hash.cc index 22eca6014e4..0a654b9144f 100644 --- a/src/libutil/hash.cc +++ b/src/libutil/hash.cc @@ -6,11 +6,11 @@ #include #include -#include "nix/args.hh" -#include "nix/hash.hh" -#include "nix/archive.hh" -#include "nix/config.hh" -#include "nix/split.hh" +#include "nix/util/args.hh" +#include "nix/util/hash.hh" +#include "nix/util/archive.hh" +#include "nix/util/configuration.hh" +#include "nix/util/split.hh" #include #include diff --git a/src/libutil/hilite.cc b/src/libutil/hilite.cc index 6d843e091bc..cfadd6af9c9 100644 --- a/src/libutil/hilite.cc +++ b/src/libutil/hilite.cc @@ -1,4 +1,4 @@ -#include "nix/hilite.hh" +#include "nix/util/hilite.hh" namespace nix { diff --git a/src/libutil/include/nix/abstract-setting-to-json.hh b/src/libutil/include/nix/util/abstract-setting-to-json.hh similarity index 83% rename from src/libutil/include/nix/abstract-setting-to-json.hh rename to src/libutil/include/nix/util/abstract-setting-to-json.hh index 313b18fafb2..2848f8afe4f 100644 --- a/src/libutil/include/nix/abstract-setting-to-json.hh +++ b/src/libutil/include/nix/util/abstract-setting-to-json.hh @@ -2,8 +2,8 @@ ///@file #include -#include "nix/config.hh" -#include "nix/json-utils.hh" +#include "nix/util/configuration.hh" +#include "nix/util/json-utils.hh" namespace nix { template diff --git a/src/libutil/include/nix/ansicolor.hh b/src/libutil/include/nix/util/ansicolor.hh similarity index 100% rename from src/libutil/include/nix/ansicolor.hh rename to src/libutil/include/nix/util/ansicolor.hh diff --git a/src/libutil/include/nix/archive.hh b/src/libutil/include/nix/util/archive.hh similarity index 95% rename from src/libutil/include/nix/archive.hh rename to src/libutil/include/nix/util/archive.hh index 9131f49fa2b..ae3274fa68b 100644 --- a/src/libutil/include/nix/archive.hh +++ b/src/libutil/include/nix/util/archive.hh @@ -1,9 +1,9 @@ #pragma once ///@file -#include "nix/types.hh" -#include "nix/serialise.hh" -#include "nix/fs-sink.hh" +#include "nix/util/types.hh" +#include "nix/util/serialise.hh" +#include "nix/util/fs-sink.hh" namespace nix { diff --git a/src/libutil/include/nix/args.hh b/src/libutil/include/nix/util/args.hh similarity index 99% rename from src/libutil/include/nix/args.hh rename to src/libutil/include/nix/util/args.hh index 987d14f9e21..77c4fb5b62f 100644 --- a/src/libutil/include/nix/args.hh +++ b/src/libutil/include/nix/util/args.hh @@ -9,9 +9,9 @@ #include -#include "nix/types.hh" -#include "nix/experimental-features.hh" -#include "nix/ref.hh" +#include "nix/util/types.hh" +#include "nix/util/experimental-features.hh" +#include "nix/util/ref.hh" namespace nix { diff --git a/src/libutil/include/nix/args/root.hh b/src/libutil/include/nix/util/args/root.hh similarity index 98% rename from src/libutil/include/nix/args/root.hh rename to src/libutil/include/nix/util/args/root.hh index bb83b85a50c..cdc9be61331 100644 --- a/src/libutil/include/nix/args/root.hh +++ b/src/libutil/include/nix/util/args/root.hh @@ -1,6 +1,6 @@ #pragma once -#include "nix/args.hh" +#include "nix/util/args.hh" namespace nix { diff --git a/src/libutil/include/nix/callback.hh b/src/libutil/include/nix/util/callback.hh similarity index 100% rename from src/libutil/include/nix/callback.hh rename to src/libutil/include/nix/util/callback.hh diff --git a/src/libutil/include/nix/canon-path.hh b/src/libutil/include/nix/util/canon-path.hh similarity index 100% rename from src/libutil/include/nix/canon-path.hh rename to src/libutil/include/nix/util/canon-path.hh diff --git a/src/libutil/include/nix/checked-arithmetic.hh b/src/libutil/include/nix/util/checked-arithmetic.hh similarity index 100% rename from src/libutil/include/nix/checked-arithmetic.hh rename to src/libutil/include/nix/util/checked-arithmetic.hh diff --git a/src/libutil/include/nix/chunked-vector.hh b/src/libutil/include/nix/util/chunked-vector.hh similarity index 98% rename from src/libutil/include/nix/chunked-vector.hh rename to src/libutil/include/nix/util/chunked-vector.hh index 34d5bbb1da5..96a7175566e 100644 --- a/src/libutil/include/nix/chunked-vector.hh +++ b/src/libutil/include/nix/util/chunked-vector.hh @@ -6,7 +6,7 @@ #include #include -#include "nix/error.hh" +#include "nix/util/error.hh" namespace nix { diff --git a/src/libutil/include/nix/closure.hh b/src/libutil/include/nix/util/closure.hh similarity index 98% rename from src/libutil/include/nix/closure.hh rename to src/libutil/include/nix/util/closure.hh index c8fc7c9a4d7..54b18ab3dbe 100644 --- a/src/libutil/include/nix/closure.hh +++ b/src/libutil/include/nix/util/closure.hh @@ -3,7 +3,7 @@ #include #include -#include "nix/sync.hh" +#include "nix/util/sync.hh" using std::set; diff --git a/src/libutil/include/nix/comparator.hh b/src/libutil/include/nix/util/comparator.hh similarity index 100% rename from src/libutil/include/nix/comparator.hh rename to src/libutil/include/nix/util/comparator.hh diff --git a/src/libutil/include/nix/compression.hh b/src/libutil/include/nix/util/compression.hh similarity index 89% rename from src/libutil/include/nix/compression.hh rename to src/libutil/include/nix/util/compression.hh index 25f479e48fb..15d869e88f0 100644 --- a/src/libutil/include/nix/compression.hh +++ b/src/libutil/include/nix/util/compression.hh @@ -1,9 +1,9 @@ #pragma once ///@file -#include "nix/ref.hh" -#include "nix/types.hh" -#include "nix/serialise.hh" +#include "nix/util/ref.hh" +#include "nix/util/types.hh" +#include "nix/util/serialise.hh" #include diff --git a/src/libutil/include/nix/compute-levels.hh b/src/libutil/include/nix/util/compute-levels.hh similarity index 71% rename from src/libutil/include/nix/compute-levels.hh rename to src/libutil/include/nix/util/compute-levels.hh index d77eece931f..4015477939a 100644 --- a/src/libutil/include/nix/compute-levels.hh +++ b/src/libutil/include/nix/util/compute-levels.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "nix/types.hh" +#include "nix/util/types.hh" namespace nix { diff --git a/src/libutil/include/nix/config-global.hh b/src/libutil/include/nix/util/config-global.hh similarity index 94% rename from src/libutil/include/nix/config-global.hh rename to src/libutil/include/nix/util/config-global.hh index b0e8ad2ce6a..b47ee0ad1c2 100644 --- a/src/libutil/include/nix/config-global.hh +++ b/src/libutil/include/nix/util/config-global.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "nix/config.hh" +#include "nix/util/configuration.hh" namespace nix { diff --git a/src/libutil/include/nix/config-impl.hh b/src/libutil/include/nix/util/config-impl.hh similarity index 98% rename from src/libutil/include/nix/config-impl.hh rename to src/libutil/include/nix/util/config-impl.hh index b02e27f50f9..15e0c955483 100644 --- a/src/libutil/include/nix/config-impl.hh +++ b/src/libutil/include/nix/util/config-impl.hh @@ -12,8 +12,8 @@ * instantiation. */ -#include "nix/config.hh" -#include "nix/args.hh" +#include "nix/util/configuration.hh" +#include "nix/util/args.hh" namespace nix { diff --git a/src/libutil/include/nix/config.hh b/src/libutil/include/nix/util/configuration.hh similarity index 99% rename from src/libutil/include/nix/config.hh rename to src/libutil/include/nix/util/configuration.hh index f4135af64cc..34cefd73b6a 100644 --- a/src/libutil/include/nix/config.hh +++ b/src/libutil/include/nix/util/configuration.hh @@ -7,8 +7,8 @@ #include -#include "nix/types.hh" -#include "nix/experimental-features.hh" +#include "nix/util/types.hh" +#include "nix/util/experimental-features.hh" namespace nix { diff --git a/src/libutil/include/nix/current-process.hh b/src/libutil/include/nix/util/current-process.hh similarity index 96% rename from src/libutil/include/nix/current-process.hh rename to src/libutil/include/nix/util/current-process.hh index d98f4e75201..b2c92a34ca6 100644 --- a/src/libutil/include/nix/current-process.hh +++ b/src/libutil/include/nix/util/current-process.hh @@ -7,7 +7,7 @@ # include #endif -#include "nix/types.hh" +#include "nix/util/types.hh" namespace nix { diff --git a/src/libutil/include/nix/english.hh b/src/libutil/include/nix/util/english.hh similarity index 100% rename from src/libutil/include/nix/english.hh rename to src/libutil/include/nix/util/english.hh diff --git a/src/libutil/include/nix/environment-variables.hh b/src/libutil/include/nix/util/environment-variables.hh similarity index 95% rename from src/libutil/include/nix/environment-variables.hh rename to src/libutil/include/nix/util/environment-variables.hh index 9a5f364a3f0..d6c7472fcf4 100644 --- a/src/libutil/include/nix/environment-variables.hh +++ b/src/libutil/include/nix/util/environment-variables.hh @@ -8,8 +8,8 @@ #include -#include "nix/types.hh" -#include "nix/file-path.hh" +#include "nix/util/types.hh" +#include "nix/util/file-path.hh" namespace nix { diff --git a/src/libutil/include/nix/error.hh b/src/libutil/include/nix/util/error.hh similarity index 98% rename from src/libutil/include/nix/error.hh rename to src/libutil/include/nix/util/error.hh index 6ac4497cbd5..fa60d4c61a3 100644 --- a/src/libutil/include/nix/error.hh +++ b/src/libutil/include/nix/util/error.hh @@ -15,8 +15,8 @@ * See libutil/tests/logging.cc for usage examples. */ -#include "nix/suggestions.hh" -#include "nix/fmt.hh" +#include "nix/util/suggestions.hh" +#include "nix/util/fmt.hh" #include #include @@ -51,7 +51,7 @@ struct LinesOfCode { }; /* NOTE: position.hh recursively depends on source-path.hh -> source-accessor.hh - -> hash.hh -> config.hh -> experimental-features.hh -> error.hh -> Pos. + -> hash.hh -> configuration.hh -> experimental-features.hh -> error.hh -> Pos. There are other such cycles. Thus, Pos has to be an incomplete type in this header. But since ErrorInfo/Trace have to refer to Pos, they have to use pointer indirection via std::shared_ptr diff --git a/src/libutil/include/nix/exec.hh b/src/libutil/include/nix/util/exec.hh similarity index 89% rename from src/libutil/include/nix/exec.hh rename to src/libutil/include/nix/util/exec.hh index dc14691e27c..a362cef35c9 100644 --- a/src/libutil/include/nix/exec.hh +++ b/src/libutil/include/nix/util/exec.hh @@ -1,6 +1,6 @@ #pragma once -#include "nix/os-string.hh" +#include "nix/util/os-string.hh" namespace nix { diff --git a/src/libutil/include/nix/executable-path.hh b/src/libutil/include/nix/util/executable-path.hh similarity index 98% rename from src/libutil/include/nix/executable-path.hh rename to src/libutil/include/nix/util/executable-path.hh index 3af4a24cf17..700d296d52d 100644 --- a/src/libutil/include/nix/executable-path.hh +++ b/src/libutil/include/nix/util/executable-path.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "nix/file-system.hh" +#include "nix/util/file-system.hh" namespace nix { diff --git a/src/libutil/include/nix/exit.hh b/src/libutil/include/nix/util/exit.hh similarity index 100% rename from src/libutil/include/nix/exit.hh rename to src/libutil/include/nix/util/exit.hh diff --git a/src/libutil/include/nix/experimental-features.hh b/src/libutil/include/nix/util/experimental-features.hh similarity index 97% rename from src/libutil/include/nix/experimental-features.hh rename to src/libutil/include/nix/util/experimental-features.hh index 946bb65b32f..06dd7062bd3 100644 --- a/src/libutil/include/nix/experimental-features.hh +++ b/src/libutil/include/nix/util/experimental-features.hh @@ -1,8 +1,8 @@ #pragma once ///@file -#include "nix/error.hh" -#include "nix/types.hh" +#include "nix/util/error.hh" +#include "nix/util/types.hh" #include diff --git a/src/libutil/include/nix/file-content-address.hh b/src/libutil/include/nix/util/file-content-address.hh similarity index 99% rename from src/libutil/include/nix/file-content-address.hh rename to src/libutil/include/nix/util/file-content-address.hh index c56debd2b10..0922604f8c9 100644 --- a/src/libutil/include/nix/file-content-address.hh +++ b/src/libutil/include/nix/util/file-content-address.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "nix/source-accessor.hh" +#include "nix/util/source-accessor.hh" namespace nix { diff --git a/src/libutil/include/nix/file-descriptor.hh b/src/libutil/include/nix/util/file-descriptor.hh similarity index 98% rename from src/libutil/include/nix/file-descriptor.hh rename to src/libutil/include/nix/util/file-descriptor.hh index 785756a0f74..2e8b4ce105f 100644 --- a/src/libutil/include/nix/file-descriptor.hh +++ b/src/libutil/include/nix/util/file-descriptor.hh @@ -1,8 +1,8 @@ #pragma once ///@file -#include "nix/types.hh" -#include "nix/error.hh" +#include "nix/util/types.hh" +#include "nix/util/error.hh" #ifdef _WIN32 # define WIN32_LEAN_AND_MEAN diff --git a/src/libutil/include/nix/file-path-impl.hh b/src/libutil/include/nix/util/file-path-impl.hh similarity index 100% rename from src/libutil/include/nix/file-path-impl.hh rename to src/libutil/include/nix/util/file-path-impl.hh diff --git a/src/libutil/include/nix/file-path.hh b/src/libutil/include/nix/util/file-path.hh similarity index 93% rename from src/libutil/include/nix/file-path.hh rename to src/libutil/include/nix/util/file-path.hh index 15bceac1311..deff076f1f2 100644 --- a/src/libutil/include/nix/file-path.hh +++ b/src/libutil/include/nix/util/file-path.hh @@ -3,8 +3,8 @@ #include -#include "nix/types.hh" -#include "nix/os-string.hh" +#include "nix/util/types.hh" +#include "nix/util/os-string.hh" namespace nix { diff --git a/src/libutil/include/nix/file-system.hh b/src/libutil/include/nix/util/file-system.hh similarity index 98% rename from src/libutil/include/nix/file-system.hh rename to src/libutil/include/nix/util/file-system.hh index 1981d8d4da4..78b1cb46cab 100644 --- a/src/libutil/include/nix/file-system.hh +++ b/src/libutil/include/nix/util/file-system.hh @@ -5,11 +5,11 @@ * Utiltities for working with the file sytem and file paths. */ -#include "nix/types.hh" -#include "nix/error.hh" -#include "nix/logging.hh" -#include "nix/file-descriptor.hh" -#include "nix/file-path.hh" +#include "nix/util/types.hh" +#include "nix/util/error.hh" +#include "nix/util/logging.hh" +#include "nix/util/file-descriptor.hh" +#include "nix/util/file-path.hh" #include #include diff --git a/src/libutil/include/nix/finally.hh b/src/libutil/include/nix/util/finally.hh similarity index 100% rename from src/libutil/include/nix/finally.hh rename to src/libutil/include/nix/util/finally.hh diff --git a/src/libutil/include/nix/fmt.hh b/src/libutil/include/nix/util/fmt.hh similarity index 99% rename from src/libutil/include/nix/fmt.hh rename to src/libutil/include/nix/util/fmt.hh index 45d9f43b7df..5435a4ebf20 100644 --- a/src/libutil/include/nix/fmt.hh +++ b/src/libutil/include/nix/util/fmt.hh @@ -3,7 +3,7 @@ #include #include -#include "nix/ansicolor.hh" +#include "nix/util/ansicolor.hh" namespace nix { diff --git a/src/libutil/include/nix/fs-sink.hh b/src/libutil/include/nix/util/fs-sink.hh similarity index 96% rename from src/libutil/include/nix/fs-sink.hh rename to src/libutil/include/nix/util/fs-sink.hh index 30803e63ed2..1c34fba9356 100644 --- a/src/libutil/include/nix/fs-sink.hh +++ b/src/libutil/include/nix/util/fs-sink.hh @@ -1,9 +1,9 @@ #pragma once ///@file -#include "nix/serialise.hh" -#include "nix/source-accessor.hh" -#include "nix/file-system.hh" +#include "nix/util/serialise.hh" +#include "nix/util/source-accessor.hh" +#include "nix/util/file-system.hh" namespace nix { diff --git a/src/libutil/include/nix/git.hh b/src/libutil/include/nix/util/git.hh similarity index 97% rename from src/libutil/include/nix/git.hh rename to src/libutil/include/nix/util/git.hh index 2dc1bb79686..9bdb30bb9c5 100644 --- a/src/libutil/include/nix/git.hh +++ b/src/libutil/include/nix/util/git.hh @@ -5,11 +5,11 @@ #include #include -#include "nix/types.hh" -#include "nix/serialise.hh" -#include "nix/hash.hh" -#include "nix/source-path.hh" -#include "nix/fs-sink.hh" +#include "nix/util/types.hh" +#include "nix/util/serialise.hh" +#include "nix/util/hash.hh" +#include "nix/util/source-path.hh" +#include "nix/util/fs-sink.hh" namespace nix::git { diff --git a/src/libutil/include/nix/hash.hh b/src/libutil/include/nix/util/hash.hh similarity index 97% rename from src/libutil/include/nix/hash.hh rename to src/libutil/include/nix/util/hash.hh index 3c9adebac1e..f3cc4cc6c84 100644 --- a/src/libutil/include/nix/hash.hh +++ b/src/libutil/include/nix/util/hash.hh @@ -1,10 +1,10 @@ #pragma once ///@file -#include "nix/config.hh" -#include "nix/types.hh" -#include "nix/serialise.hh" -#include "nix/file-system.hh" +#include "nix/util/configuration.hh" +#include "nix/util/types.hh" +#include "nix/util/serialise.hh" +#include "nix/util/file-system.hh" namespace nix { diff --git a/src/libutil/include/nix/hilite.hh b/src/libutil/include/nix/util/hilite.hh similarity index 100% rename from src/libutil/include/nix/hilite.hh rename to src/libutil/include/nix/util/hilite.hh diff --git a/src/libutil/include/nix/json-impls.hh b/src/libutil/include/nix/util/json-impls.hh similarity index 100% rename from src/libutil/include/nix/json-impls.hh rename to src/libutil/include/nix/util/json-impls.hh diff --git a/src/libutil/include/nix/json-utils.hh b/src/libutil/include/nix/util/json-utils.hh similarity index 99% rename from src/libutil/include/nix/json-utils.hh rename to src/libutil/include/nix/util/json-utils.hh index 96ffcd3c018..9308d43928a 100644 --- a/src/libutil/include/nix/json-utils.hh +++ b/src/libutil/include/nix/util/json-utils.hh @@ -4,7 +4,7 @@ #include #include -#include "nix/types.hh" +#include "nix/util/types.hh" namespace nix { diff --git a/src/libutil/include/nix/logging.hh b/src/libutil/include/nix/util/logging.hh similarity index 98% rename from src/libutil/include/nix/logging.hh rename to src/libutil/include/nix/util/logging.hh index c83ad2316c7..9210229bf26 100644 --- a/src/libutil/include/nix/logging.hh +++ b/src/libutil/include/nix/util/logging.hh @@ -1,10 +1,10 @@ #pragma once ///@file -#include "nix/error.hh" -#include "nix/config.hh" -#include "nix/file-descriptor.hh" -#include "nix/finally.hh" +#include "nix/util/error.hh" +#include "nix/util/configuration.hh" +#include "nix/util/file-descriptor.hh" +#include "nix/util/finally.hh" #include diff --git a/src/libutil/include/nix/lru-cache.hh b/src/libutil/include/nix/util/lru-cache.hh similarity index 100% rename from src/libutil/include/nix/lru-cache.hh rename to src/libutil/include/nix/util/lru-cache.hh diff --git a/src/libutil/include/nix/memory-source-accessor.hh b/src/libutil/include/nix/util/memory-source-accessor.hh similarity index 97% rename from src/libutil/include/nix/memory-source-accessor.hh rename to src/libutil/include/nix/util/memory-source-accessor.hh index 08ab3f2d496..d09ba153d70 100644 --- a/src/libutil/include/nix/memory-source-accessor.hh +++ b/src/libutil/include/nix/util/memory-source-accessor.hh @@ -1,6 +1,6 @@ -#include "nix/source-path.hh" -#include "nix/fs-sink.hh" -#include "nix/variant-wrapper.hh" +#include "nix/util/source-path.hh" +#include "nix/util/fs-sink.hh" +#include "nix/util/variant-wrapper.hh" namespace nix { diff --git a/src/libutil/include/nix/meson.build b/src/libutil/include/nix/util/meson.build similarity index 95% rename from src/libutil/include/nix/meson.build rename to src/libutil/include/nix/util/meson.build index 3da9837ed49..e30b8dacd48 100644 --- a/src/libutil/include/nix/meson.build +++ b/src/libutil/include/nix/util/meson.build @@ -1,6 +1,6 @@ # Public headers directory -include_dirs = [include_directories('..')] +include_dirs = [include_directories('../..')] headers = files( 'abstract-setting-to-json.hh', @@ -18,7 +18,7 @@ headers = files( 'compute-levels.hh', 'config-global.hh', 'config-impl.hh', - 'config.hh', + 'configuration.hh', 'current-process.hh', 'english.hh', 'environment-variables.hh', diff --git a/src/libutil/include/nix/muxable-pipe.hh b/src/libutil/include/nix/util/muxable-pipe.hh similarity index 93% rename from src/libutil/include/nix/muxable-pipe.hh rename to src/libutil/include/nix/util/muxable-pipe.hh index e4d6a74a370..d912627fbcf 100644 --- a/src/libutil/include/nix/muxable-pipe.hh +++ b/src/libutil/include/nix/util/muxable-pipe.hh @@ -1,16 +1,16 @@ #pragma once ///@file -#include "nix/file-descriptor.hh" +#include "nix/util/file-descriptor.hh" #ifdef _WIN32 -# include "nix/windows-async-pipe.hh" +# include "nix/util/windows-async-pipe.hh" #endif #ifndef _WIN32 # include #else # include -# include "nix/windows-error.hh" +# include "nix/util/windows-error.hh" #endif namespace nix { diff --git a/src/libutil/include/nix/os-string.hh b/src/libutil/include/nix/util/os-string.hh similarity index 100% rename from src/libutil/include/nix/os-string.hh rename to src/libutil/include/nix/util/os-string.hh diff --git a/src/libutil/include/nix/pool.hh b/src/libutil/include/nix/util/pool.hh similarity index 98% rename from src/libutil/include/nix/pool.hh rename to src/libutil/include/nix/util/pool.hh index 65b789ba052..a63db50deb5 100644 --- a/src/libutil/include/nix/pool.hh +++ b/src/libutil/include/nix/util/pool.hh @@ -7,8 +7,8 @@ #include #include -#include "nix/sync.hh" -#include "nix/ref.hh" +#include "nix/util/sync.hh" +#include "nix/util/ref.hh" namespace nix { diff --git a/src/libutil/include/nix/pos-idx.hh b/src/libutil/include/nix/util/pos-idx.hh similarity index 100% rename from src/libutil/include/nix/pos-idx.hh rename to src/libutil/include/nix/util/pos-idx.hh diff --git a/src/libutil/include/nix/pos-table.hh b/src/libutil/include/nix/util/pos-table.hh similarity index 96% rename from src/libutil/include/nix/pos-table.hh rename to src/libutil/include/nix/util/pos-table.hh index 9f4ff2e0b55..ef170e0f14b 100644 --- a/src/libutil/include/nix/pos-table.hh +++ b/src/libutil/include/nix/util/pos-table.hh @@ -4,9 +4,9 @@ #include #include -#include "nix/pos-idx.hh" -#include "nix/position.hh" -#include "nix/sync.hh" +#include "nix/util/pos-idx.hh" +#include "nix/util/position.hh" +#include "nix/util/sync.hh" namespace nix { diff --git a/src/libutil/include/nix/position.hh b/src/libutil/include/nix/util/position.hh similarity index 98% rename from src/libutil/include/nix/position.hh rename to src/libutil/include/nix/util/position.hh index 34457a8241c..f9c98497695 100644 --- a/src/libutil/include/nix/position.hh +++ b/src/libutil/include/nix/util/position.hh @@ -9,7 +9,7 @@ #include #include -#include "nix/source-path.hh" +#include "nix/util/source-path.hh" namespace nix { diff --git a/src/libutil/include/nix/posix-source-accessor.hh b/src/libutil/include/nix/util/posix-source-accessor.hh similarity index 98% rename from src/libutil/include/nix/posix-source-accessor.hh rename to src/libutil/include/nix/util/posix-source-accessor.hh index d81e9246c4d..ea65b148f7d 100644 --- a/src/libutil/include/nix/posix-source-accessor.hh +++ b/src/libutil/include/nix/util/posix-source-accessor.hh @@ -1,6 +1,6 @@ #pragma once -#include "nix/source-accessor.hh" +#include "nix/util/source-accessor.hh" namespace nix { diff --git a/src/libutil/include/nix/processes.hh b/src/libutil/include/nix/util/processes.hh similarity index 94% rename from src/libutil/include/nix/processes.hh rename to src/libutil/include/nix/util/processes.hh index 80ea14223a5..ef7bddf2fef 100644 --- a/src/libutil/include/nix/processes.hh +++ b/src/libutil/include/nix/util/processes.hh @@ -1,11 +1,11 @@ #pragma once ///@file -#include "nix/types.hh" -#include "nix/error.hh" -#include "nix/file-descriptor.hh" -#include "nix/logging.hh" -#include "nix/ansicolor.hh" +#include "nix/util/types.hh" +#include "nix/util/error.hh" +#include "nix/util/file-descriptor.hh" +#include "nix/util/logging.hh" +#include "nix/util/ansicolor.hh" #include #include diff --git a/src/libutil/include/nix/ref.hh b/src/libutil/include/nix/util/ref.hh similarity index 100% rename from src/libutil/include/nix/ref.hh rename to src/libutil/include/nix/util/ref.hh diff --git a/src/libutil/include/nix/references.hh b/src/libutil/include/nix/util/references.hh similarity index 97% rename from src/libutil/include/nix/references.hh rename to src/libutil/include/nix/util/references.hh index b608f701574..89a42e00948 100644 --- a/src/libutil/include/nix/references.hh +++ b/src/libutil/include/nix/util/references.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "nix/hash.hh" +#include "nix/util/hash.hh" namespace nix { diff --git a/src/libutil/include/nix/regex-combinators.hh b/src/libutil/include/nix/util/regex-combinators.hh similarity index 100% rename from src/libutil/include/nix/regex-combinators.hh rename to src/libutil/include/nix/util/regex-combinators.hh diff --git a/src/libutil/include/nix/repair-flag.hh b/src/libutil/include/nix/util/repair-flag.hh similarity index 100% rename from src/libutil/include/nix/repair-flag.hh rename to src/libutil/include/nix/util/repair-flag.hh diff --git a/src/libutil/include/nix/serialise.hh b/src/libutil/include/nix/util/serialise.hh similarity index 99% rename from src/libutil/include/nix/serialise.hh rename to src/libutil/include/nix/util/serialise.hh index ef49a43b65c..d28c8e9a6b3 100644 --- a/src/libutil/include/nix/serialise.hh +++ b/src/libutil/include/nix/util/serialise.hh @@ -4,9 +4,9 @@ #include #include -#include "nix/types.hh" -#include "nix/util.hh" -#include "nix/file-descriptor.hh" +#include "nix/util/types.hh" +#include "nix/util/util.hh" +#include "nix/util/file-descriptor.hh" namespace boost::context { struct stack_context; } diff --git a/src/libutil/include/nix/signals.hh b/src/libutil/include/nix/util/signals.hh similarity index 89% rename from src/libutil/include/nix/signals.hh rename to src/libutil/include/nix/util/signals.hh index b4953525e8d..45130a90cc4 100644 --- a/src/libutil/include/nix/signals.hh +++ b/src/libutil/include/nix/util/signals.hh @@ -1,9 +1,9 @@ #pragma once ///@file -#include "nix/types.hh" -#include "nix/error.hh" -#include "nix/logging.hh" +#include "nix/util/types.hh" +#include "nix/util/error.hh" +#include "nix/util/logging.hh" #include @@ -62,4 +62,4 @@ struct ReceiveInterrupts; } -#include "nix/signals-impl.hh" +#include "nix/util/signals-impl.hh" diff --git a/src/libutil/include/nix/signature/local-keys.hh b/src/libutil/include/nix/util/signature/local-keys.hh similarity index 98% rename from src/libutil/include/nix/signature/local-keys.hh rename to src/libutil/include/nix/util/signature/local-keys.hh index 368976b111e..85918f90602 100644 --- a/src/libutil/include/nix/signature/local-keys.hh +++ b/src/libutil/include/nix/util/signature/local-keys.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "nix/types.hh" +#include "nix/util/types.hh" #include diff --git a/src/libutil/include/nix/signature/signer.hh b/src/libutil/include/nix/util/signature/signer.hh similarity index 94% rename from src/libutil/include/nix/signature/signer.hh rename to src/libutil/include/nix/util/signature/signer.hh index 3eeb75608e1..ca2905eefcd 100644 --- a/src/libutil/include/nix/signature/signer.hh +++ b/src/libutil/include/nix/util/signature/signer.hh @@ -1,7 +1,7 @@ #pragma once -#include "nix/types.hh" -#include "nix/signature/local-keys.hh" +#include "nix/util/types.hh" +#include "nix/util/signature/local-keys.hh" #include #include diff --git a/src/libutil/include/nix/source-accessor.hh b/src/libutil/include/nix/util/source-accessor.hh similarity index 98% rename from src/libutil/include/nix/source-accessor.hh rename to src/libutil/include/nix/util/source-accessor.hh index 5efc177fca9..3a28b2c2b43 100644 --- a/src/libutil/include/nix/source-accessor.hh +++ b/src/libutil/include/nix/util/source-accessor.hh @@ -2,9 +2,9 @@ #include -#include "nix/canon-path.hh" -#include "nix/hash.hh" -#include "nix/ref.hh" +#include "nix/util/canon-path.hh" +#include "nix/util/hash.hh" +#include "nix/util/ref.hh" namespace nix { diff --git a/src/libutil/include/nix/source-path.hh b/src/libutil/include/nix/util/source-path.hh similarity index 96% rename from src/libutil/include/nix/source-path.hh rename to src/libutil/include/nix/util/source-path.hh index 119a67016ee..c0cba024103 100644 --- a/src/libutil/include/nix/source-path.hh +++ b/src/libutil/include/nix/util/source-path.hh @@ -5,10 +5,10 @@ * @brief SourcePath */ -#include "nix/ref.hh" -#include "nix/canon-path.hh" -#include "nix/source-accessor.hh" -#include "nix/std-hash.hh" +#include "nix/util/ref.hh" +#include "nix/util/canon-path.hh" +#include "nix/util/source-accessor.hh" +#include "nix/util/std-hash.hh" namespace nix { diff --git a/src/libutil/include/nix/split.hh b/src/libutil/include/nix/util/split.hh similarity index 97% rename from src/libutil/include/nix/split.hh rename to src/libutil/include/nix/util/split.hh index 2d7c490b11a..24a73fea85f 100644 --- a/src/libutil/include/nix/split.hh +++ b/src/libutil/include/nix/util/split.hh @@ -4,7 +4,7 @@ #include #include -#include "nix/util.hh" +#include "nix/util/util.hh" namespace nix { diff --git a/src/libutil/include/nix/std-hash.hh b/src/libutil/include/nix/util/std-hash.hh similarity index 100% rename from src/libutil/include/nix/std-hash.hh rename to src/libutil/include/nix/util/std-hash.hh diff --git a/src/libutil/include/nix/strings-inline.hh b/src/libutil/include/nix/util/strings-inline.hh similarity index 98% rename from src/libutil/include/nix/strings-inline.hh rename to src/libutil/include/nix/util/strings-inline.hh index 38cf285e08c..d99b686fc13 100644 --- a/src/libutil/include/nix/strings-inline.hh +++ b/src/libutil/include/nix/util/strings-inline.hh @@ -1,6 +1,6 @@ #pragma once -#include "nix/strings.hh" +#include "nix/util/strings.hh" namespace nix { diff --git a/src/libutil/include/nix/strings.hh b/src/libutil/include/nix/util/strings.hh similarity index 100% rename from src/libutil/include/nix/strings.hh rename to src/libutil/include/nix/util/strings.hh diff --git a/src/libutil/include/nix/suggestions.hh b/src/libutil/include/nix/util/suggestions.hh similarity index 98% rename from src/libutil/include/nix/suggestions.hh rename to src/libutil/include/nix/util/suggestions.hh index 5517c20a610..16496379caa 100644 --- a/src/libutil/include/nix/suggestions.hh +++ b/src/libutil/include/nix/util/suggestions.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "nix/types.hh" +#include "nix/util/types.hh" #include namespace nix { diff --git a/src/libutil/include/nix/sync.hh b/src/libutil/include/nix/util/sync.hh similarity index 99% rename from src/libutil/include/nix/sync.hh rename to src/libutil/include/nix/util/sync.hh index 25c062ac848..0c3e1f52836 100644 --- a/src/libutil/include/nix/sync.hh +++ b/src/libutil/include/nix/util/sync.hh @@ -7,7 +7,7 @@ #include #include -#include "nix/error.hh" +#include "nix/util/error.hh" namespace nix { diff --git a/src/libutil/include/nix/tarfile.hh b/src/libutil/include/nix/util/tarfile.hh similarity index 95% rename from src/libutil/include/nix/tarfile.hh rename to src/libutil/include/nix/util/tarfile.hh index aea91f90eff..2005d13ca36 100644 --- a/src/libutil/include/nix/tarfile.hh +++ b/src/libutil/include/nix/util/tarfile.hh @@ -1,8 +1,8 @@ #pragma once ///@file -#include "nix/serialise.hh" -#include "nix/fs-sink.hh" +#include "nix/util/serialise.hh" +#include "nix/util/fs-sink.hh" #include namespace nix { diff --git a/src/libutil/include/nix/terminal.hh b/src/libutil/include/nix/util/terminal.hh similarity index 100% rename from src/libutil/include/nix/terminal.hh rename to src/libutil/include/nix/util/terminal.hh diff --git a/src/libutil/include/nix/thread-pool.hh b/src/libutil/include/nix/util/thread-pool.hh similarity index 98% rename from src/libutil/include/nix/thread-pool.hh rename to src/libutil/include/nix/util/thread-pool.hh index e3b2a29b96f..92009e396ce 100644 --- a/src/libutil/include/nix/thread-pool.hh +++ b/src/libutil/include/nix/util/thread-pool.hh @@ -1,8 +1,8 @@ #pragma once ///@file -#include "nix/error.hh" -#include "nix/sync.hh" +#include "nix/util/error.hh" +#include "nix/util/sync.hh" #include #include diff --git a/src/libutil/include/nix/topo-sort.hh b/src/libutil/include/nix/util/topo-sort.hh similarity index 97% rename from src/libutil/include/nix/topo-sort.hh rename to src/libutil/include/nix/util/topo-sort.hh index ed37ca01e8b..77a9ce421e7 100644 --- a/src/libutil/include/nix/topo-sort.hh +++ b/src/libutil/include/nix/util/topo-sort.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "nix/error.hh" +#include "nix/util/error.hh" namespace nix { diff --git a/src/libutil/include/nix/types.hh b/src/libutil/include/nix/util/types.hh similarity index 100% rename from src/libutil/include/nix/types.hh rename to src/libutil/include/nix/util/types.hh diff --git a/src/libutil/include/nix/unix-domain-socket.hh b/src/libutil/include/nix/util/unix-domain-socket.hh similarity index 95% rename from src/libutil/include/nix/unix-domain-socket.hh rename to src/libutil/include/nix/util/unix-domain-socket.hh index 87508f9e4a6..704999ec1d8 100644 --- a/src/libutil/include/nix/unix-domain-socket.hh +++ b/src/libutil/include/nix/util/unix-domain-socket.hh @@ -1,8 +1,8 @@ #pragma once ///@file -#include "nix/types.hh" -#include "nix/file-descriptor.hh" +#include "nix/util/types.hh" +#include "nix/util/file-descriptor.hh" #ifdef _WIN32 # include diff --git a/src/libutil/include/nix/url-parts.hh b/src/libutil/include/nix/util/url-parts.hh similarity index 100% rename from src/libutil/include/nix/url-parts.hh rename to src/libutil/include/nix/util/url-parts.hh diff --git a/src/libutil/include/nix/url.hh b/src/libutil/include/nix/util/url.hh similarity index 98% rename from src/libutil/include/nix/url.hh rename to src/libutil/include/nix/util/url.hh index 071d5092fef..ced846787b3 100644 --- a/src/libutil/include/nix/url.hh +++ b/src/libutil/include/nix/util/url.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "nix/error.hh" +#include "nix/util/error.hh" namespace nix { diff --git a/src/libutil/include/nix/users.hh b/src/libutil/include/nix/util/users.hh similarity index 97% rename from src/libutil/include/nix/users.hh rename to src/libutil/include/nix/util/users.hh index d48b8b9bf76..1d467173cd0 100644 --- a/src/libutil/include/nix/users.hh +++ b/src/libutil/include/nix/util/users.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "nix/types.hh" +#include "nix/util/types.hh" #ifndef _WIN32 # include diff --git a/src/libutil/include/nix/util.hh b/src/libutil/include/nix/util/util.hh similarity index 98% rename from src/libutil/include/nix/util.hh rename to src/libutil/include/nix/util/util.hh index 7ece2bd7b76..5a453079809 100644 --- a/src/libutil/include/nix/util.hh +++ b/src/libutil/include/nix/util/util.hh @@ -1,9 +1,9 @@ #pragma once ///@file -#include "nix/types.hh" -#include "nix/error.hh" -#include "nix/logging.hh" +#include "nix/util/types.hh" +#include "nix/util/error.hh" +#include "nix/util/logging.hh" #include @@ -11,7 +11,7 @@ #include #include -#include "nix/strings.hh" +#include "nix/util/strings.hh" namespace nix { diff --git a/src/libutil/include/nix/variant-wrapper.hh b/src/libutil/include/nix/util/variant-wrapper.hh similarity index 100% rename from src/libutil/include/nix/variant-wrapper.hh rename to src/libutil/include/nix/util/variant-wrapper.hh diff --git a/src/libutil/include/nix/xml-writer.hh b/src/libutil/include/nix/util/xml-writer.hh similarity index 100% rename from src/libutil/include/nix/xml-writer.hh rename to src/libutil/include/nix/util/xml-writer.hh diff --git a/src/libutil/json-utils.cc b/src/libutil/json-utils.cc index aff8abb9ac0..2c8edfce898 100644 --- a/src/libutil/json-utils.cc +++ b/src/libutil/json-utils.cc @@ -1,6 +1,6 @@ -#include "nix/json-utils.hh" -#include "nix/error.hh" -#include "nix/types.hh" +#include "nix/util/json-utils.hh" +#include "nix/util/error.hh" +#include "nix/util/types.hh" #include #include #include diff --git a/src/libutil/linux/cgroup.cc b/src/libutil/linux/cgroup.cc index 7b3c3fa3b3b..890797c91c9 100644 --- a/src/libutil/linux/cgroup.cc +++ b/src/libutil/linux/cgroup.cc @@ -1,8 +1,8 @@ -#include "nix/cgroup.hh" -#include "nix/signals.hh" -#include "nix/util.hh" -#include "nix/file-system.hh" -#include "nix/finally.hh" +#include "nix/util/cgroup.hh" +#include "nix/util/signals.hh" +#include "nix/util/util.hh" +#include "nix/util/file-system.hh" +#include "nix/util/finally.hh" #include #include diff --git a/src/libutil/linux/include/nix/cgroup.hh b/src/libutil/linux/include/nix/util/cgroup.hh similarity index 96% rename from src/libutil/linux/include/nix/cgroup.hh rename to src/libutil/linux/include/nix/util/cgroup.hh index 91c7de9d173..6a41c6b4457 100644 --- a/src/libutil/linux/include/nix/cgroup.hh +++ b/src/libutil/linux/include/nix/util/cgroup.hh @@ -4,7 +4,7 @@ #include #include -#include "nix/types.hh" +#include "nix/util/types.hh" namespace nix { diff --git a/src/libutil/linux/include/nix/meson.build b/src/libutil/linux/include/nix/util/meson.build similarity index 64% rename from src/libutil/linux/include/nix/meson.build rename to src/libutil/linux/include/nix/util/meson.build index 285c1489bd8..9587aa9166e 100644 --- a/src/libutil/linux/include/nix/meson.build +++ b/src/libutil/linux/include/nix/util/meson.build @@ -1,6 +1,6 @@ # Public headers directory -include_dirs += include_directories('..') +include_dirs += include_directories('../..') headers += files( 'cgroup.hh', diff --git a/src/libutil/linux/include/nix/namespaces.hh b/src/libutil/linux/include/nix/util/namespaces.hh similarity index 95% rename from src/libutil/linux/include/nix/namespaces.hh rename to src/libutil/linux/include/nix/util/namespaces.hh index 3eb5f6a14a8..59db745d3d6 100644 --- a/src/libutil/linux/include/nix/namespaces.hh +++ b/src/libutil/linux/include/nix/util/namespaces.hh @@ -3,7 +3,7 @@ #include -#include "nix/types.hh" +#include "nix/util/types.hh" namespace nix { diff --git a/src/libutil/linux/meson.build b/src/libutil/linux/meson.build index 40907ed0d6c..bfda8b1a6ac 100644 --- a/src/libutil/linux/meson.build +++ b/src/libutil/linux/meson.build @@ -3,4 +3,4 @@ sources += files( 'namespaces.cc', ) -subdir('include/nix') +subdir('include/nix/util') diff --git a/src/libutil/linux/namespaces.cc b/src/libutil/linux/namespaces.cc index a53734a2ff1..405866c0b56 100644 --- a/src/libutil/linux/namespaces.cc +++ b/src/libutil/linux/namespaces.cc @@ -1,13 +1,13 @@ -#include "nix/current-process.hh" -#include "nix/util.hh" -#include "nix/finally.hh" -#include "nix/file-system.hh" -#include "nix/processes.hh" -#include "nix/signals.hh" +#include "nix/util/current-process.hh" +#include "nix/util/util.hh" +#include "nix/util/finally.hh" +#include "nix/util/file-system.hh" +#include "nix/util/processes.hh" +#include "nix/util/signals.hh" #include #include -#include "nix/cgroup.hh" +#include "nix/util/cgroup.hh" #include diff --git a/src/libutil/logging.cc b/src/libutil/logging.cc index 39cacc22ad1..b26694d2d49 100644 --- a/src/libutil/logging.cc +++ b/src/libutil/logging.cc @@ -1,11 +1,11 @@ -#include "nix/logging.hh" -#include "nix/file-descriptor.hh" -#include "nix/environment-variables.hh" -#include "nix/terminal.hh" -#include "nix/util.hh" -#include "nix/config-global.hh" -#include "nix/source-path.hh" -#include "nix/position.hh" +#include "nix/util/logging.hh" +#include "nix/util/file-descriptor.hh" +#include "nix/util/environment-variables.hh" +#include "nix/util/terminal.hh" +#include "nix/util/util.hh" +#include "nix/util/config-global.hh" +#include "nix/util/source-path.hh" +#include "nix/util/position.hh" #include #include diff --git a/src/libutil/memory-source-accessor.cc b/src/libutil/memory-source-accessor.cc index 7c8414fb08c..7764ff946a2 100644 --- a/src/libutil/memory-source-accessor.cc +++ b/src/libutil/memory-source-accessor.cc @@ -1,4 +1,4 @@ -#include "nix/memory-source-accessor.hh" +#include "nix/util/memory-source-accessor.hh" namespace nix { diff --git a/src/libutil/meson.build b/src/libutil/meson.build index c7509f030b4..2a07e4a9117 100644 --- a/src/libutil/meson.build +++ b/src/libutil/meson.build @@ -113,7 +113,7 @@ sources = [config_priv_h] + files( 'canon-path.cc', 'compression.cc', 'compute-levels.cc', - 'config.cc', + 'configuration.cc', 'config-global.cc', 'current-process.cc', 'english.cc', @@ -155,7 +155,7 @@ sources = [config_priv_h] + files( 'xml-writer.cc', ) -subdir('include/nix') +subdir('include/nix/util') if not cxx.has_header('widechar_width.h', required : false) # use vendored widechar_width.h @@ -185,7 +185,7 @@ this_library = library( install : true, ) -install_headers(headers, subdir : 'nix', preserve_path : true) +install_headers(headers, subdir : 'nix/util', preserve_path : true) libraries_private = [] if host_machine.system() == 'windows' diff --git a/src/libutil/mounted-source-accessor.cc b/src/libutil/mounted-source-accessor.cc index aa00cbd8e74..b7de2afbf03 100644 --- a/src/libutil/mounted-source-accessor.cc +++ b/src/libutil/mounted-source-accessor.cc @@ -1,4 +1,4 @@ -#include "nix/source-accessor.hh" +#include "nix/util/source-accessor.hh" namespace nix { diff --git a/src/libutil/package.nix b/src/libutil/package.nix index 0c410dfab28..17c84ff1850 100644 --- a/src/libutil/package.nix +++ b/src/libutil/package.nix @@ -34,13 +34,13 @@ mkMesonLibrary (finalAttrs: { ./widecharwidth ./meson.build ./meson.options - ./include/nix/meson.build + ./include/nix/util/meson.build ./linux/meson.build - ./linux/include/nix/meson.build + ./linux/include/nix/util/meson.build ./unix/meson.build - ./unix/include/nix/meson.build + ./unix/include/nix/util/meson.build ./windows/meson.build - ./windows/include/nix/meson.build + ./windows/include/nix/util/meson.build (fileset.fileFilter (file: file.hasExt "cc") ./.) (fileset.fileFilter (file: file.hasExt "hh") ./.) ]; diff --git a/src/libutil/pos-table.cc b/src/libutil/pos-table.cc index 59234e3fc18..5a61ffbc5e7 100644 --- a/src/libutil/pos-table.cc +++ b/src/libutil/pos-table.cc @@ -1,4 +1,4 @@ -#include "nix/pos-table.hh" +#include "nix/util/pos-table.hh" #include diff --git a/src/libutil/position.cc b/src/libutil/position.cc index 515be245b14..dfe0e2abb80 100644 --- a/src/libutil/position.cc +++ b/src/libutil/position.cc @@ -1,4 +1,4 @@ -#include "nix/position.hh" +#include "nix/util/position.hh" namespace nix { diff --git a/src/libutil/posix-source-accessor.cc b/src/libutil/posix-source-accessor.cc index 5da9fa6237f..5c7b4654b45 100644 --- a/src/libutil/posix-source-accessor.cc +++ b/src/libutil/posix-source-accessor.cc @@ -1,7 +1,7 @@ -#include "nix/posix-source-accessor.hh" -#include "nix/source-path.hh" -#include "nix/signals.hh" -#include "nix/sync.hh" +#include "nix/util/posix-source-accessor.hh" +#include "nix/util/source-path.hh" +#include "nix/util/signals.hh" +#include "nix/util/sync.hh" #include diff --git a/src/libutil/references.cc b/src/libutil/references.cc index 46c22c09cda..66ad9d37cca 100644 --- a/src/libutil/references.cc +++ b/src/libutil/references.cc @@ -1,6 +1,6 @@ -#include "nix/references.hh" -#include "nix/hash.hh" -#include "nix/archive.hh" +#include "nix/util/references.hh" +#include "nix/util/hash.hh" +#include "nix/util/archive.hh" #include #include diff --git a/src/libutil/serialise.cc b/src/libutil/serialise.cc index 415ccf3a0d0..55397c6d49c 100644 --- a/src/libutil/serialise.cc +++ b/src/libutil/serialise.cc @@ -1,6 +1,6 @@ -#include "nix/serialise.hh" -#include "nix/signals.hh" -#include "nix/util.hh" +#include "nix/util/serialise.hh" +#include "nix/util/signals.hh" +#include "nix/util/util.hh" #include #include @@ -11,7 +11,7 @@ #ifdef _WIN32 # include # include -# include "nix/windows-error.hh" +# include "nix/util/windows-error.hh" #else # include #endif diff --git a/src/libutil/signature/local-keys.cc b/src/libutil/signature/local-keys.cc index 86d3dfe3c24..1f7f2c7de14 100644 --- a/src/libutil/signature/local-keys.cc +++ b/src/libutil/signature/local-keys.cc @@ -1,7 +1,7 @@ -#include "nix/signature/local-keys.hh" +#include "nix/util/signature/local-keys.hh" -#include "nix/file-system.hh" -#include "nix/util.hh" +#include "nix/util/file-system.hh" +#include "nix/util/util.hh" #include namespace nix { diff --git a/src/libutil/signature/signer.cc b/src/libutil/signature/signer.cc index 4a61b67ebb6..46445e9e983 100644 --- a/src/libutil/signature/signer.cc +++ b/src/libutil/signature/signer.cc @@ -1,5 +1,5 @@ -#include "nix/signature/signer.hh" -#include "nix/error.hh" +#include "nix/util/signature/signer.hh" +#include "nix/util/error.hh" #include diff --git a/src/libutil/source-accessor.cc b/src/libutil/source-accessor.cc index 738d7f2f195..fc0d6cff181 100644 --- a/src/libutil/source-accessor.cc +++ b/src/libutil/source-accessor.cc @@ -1,5 +1,5 @@ -#include "nix/source-accessor.hh" -#include "nix/archive.hh" +#include "nix/util/source-accessor.hh" +#include "nix/util/archive.hh" namespace nix { diff --git a/src/libutil/source-path.cc b/src/libutil/source-path.cc index 12150c22398..6d42fa95fe5 100644 --- a/src/libutil/source-path.cc +++ b/src/libutil/source-path.cc @@ -1,4 +1,4 @@ -#include "nix/source-path.hh" +#include "nix/util/source-path.hh" namespace nix { diff --git a/src/libutil/strings.cc b/src/libutil/strings.cc index 43c9a0815ca..7ce37d73c1e 100644 --- a/src/libutil/strings.cc +++ b/src/libutil/strings.cc @@ -2,9 +2,9 @@ #include #include -#include "nix/strings-inline.hh" -#include "nix/os-string.hh" -#include "nix/error.hh" +#include "nix/util/strings-inline.hh" +#include "nix/util/os-string.hh" +#include "nix/util/error.hh" namespace nix { diff --git a/src/libutil/suggestions.cc b/src/libutil/suggestions.cc index 0f593ada0c7..0105c30e7ed 100644 --- a/src/libutil/suggestions.cc +++ b/src/libutil/suggestions.cc @@ -1,6 +1,6 @@ -#include "nix/suggestions.hh" -#include "nix/ansicolor.hh" -#include "nix/terminal.hh" +#include "nix/util/suggestions.hh" +#include "nix/util/ansicolor.hh" +#include "nix/util/terminal.hh" #include #include diff --git a/src/libutil/tarfile.cc b/src/libutil/tarfile.cc index aec05e09287..eb5cd82884e 100644 --- a/src/libutil/tarfile.cc +++ b/src/libutil/tarfile.cc @@ -1,10 +1,10 @@ #include #include -#include "nix/finally.hh" -#include "nix/serialise.hh" -#include "nix/tarfile.hh" -#include "nix/file-system.hh" +#include "nix/util/finally.hh" +#include "nix/util/serialise.hh" +#include "nix/util/tarfile.hh" +#include "nix/util/file-system.hh" namespace nix { diff --git a/src/libutil/terminal.cc b/src/libutil/terminal.cc index 233edabb48d..77766fae1f6 100644 --- a/src/libutil/terminal.cc +++ b/src/libutil/terminal.cc @@ -1,6 +1,6 @@ -#include "nix/terminal.hh" -#include "nix/environment-variables.hh" -#include "nix/sync.hh" +#include "nix/util/terminal.hh" +#include "nix/util/environment-variables.hh" +#include "nix/util/sync.hh" #if _WIN32 # include diff --git a/src/libutil/thread-pool.cc b/src/libutil/thread-pool.cc index 6b7f2d01771..8958bc5509a 100644 --- a/src/libutil/thread-pool.cc +++ b/src/libutil/thread-pool.cc @@ -1,6 +1,6 @@ -#include "nix/thread-pool.hh" -#include "nix/signals.hh" -#include "nix/util.hh" +#include "nix/util/thread-pool.hh" +#include "nix/util/signals.hh" +#include "nix/util/util.hh" namespace nix { diff --git a/src/libutil/union-source-accessor.cc b/src/libutil/union-source-accessor.cc index e24d6f2bd5b..9950f604960 100644 --- a/src/libutil/union-source-accessor.cc +++ b/src/libutil/union-source-accessor.cc @@ -1,4 +1,4 @@ -#include "nix/source-accessor.hh" +#include "nix/util/source-accessor.hh" namespace nix { diff --git a/src/libutil/unix-domain-socket.cc b/src/libutil/unix-domain-socket.cc index 831dd666c9f..8722c8f0557 100644 --- a/src/libutil/unix-domain-socket.cc +++ b/src/libutil/unix-domain-socket.cc @@ -1,6 +1,6 @@ -#include "nix/file-system.hh" -#include "nix/unix-domain-socket.hh" -#include "nix/util.hh" +#include "nix/util/file-system.hh" +#include "nix/util/unix-domain-socket.hh" +#include "nix/util/util.hh" #ifdef _WIN32 # include @@ -8,7 +8,7 @@ #else # include # include -# include "nix/processes.hh" +# include "nix/util/processes.hh" #endif #include diff --git a/src/libutil/unix/environment-variables.cc b/src/libutil/unix/environment-variables.cc index 9814cbcc28f..0e1ed279490 100644 --- a/src/libutil/unix/environment-variables.cc +++ b/src/libutil/unix/environment-variables.cc @@ -1,6 +1,6 @@ #include -#include "nix/environment-variables.hh" +#include "nix/util/environment-variables.hh" namespace nix { diff --git a/src/libutil/unix/file-descriptor.cc b/src/libutil/unix/file-descriptor.cc index 2911df54f88..6ce307252ba 100644 --- a/src/libutil/unix/file-descriptor.cc +++ b/src/libutil/unix/file-descriptor.cc @@ -1,7 +1,7 @@ -#include "nix/file-system.hh" -#include "nix/signals.hh" -#include "nix/finally.hh" -#include "nix/serialise.hh" +#include "nix/util/file-system.hh" +#include "nix/util/signals.hh" +#include "nix/util/finally.hh" +#include "nix/util/serialise.hh" #include #include diff --git a/src/libutil/unix/file-path.cc b/src/libutil/unix/file-path.cc index 3dd61397225..0fb1f468ca3 100644 --- a/src/libutil/unix/file-path.cc +++ b/src/libutil/unix/file-path.cc @@ -3,8 +3,8 @@ #include #include -#include "nix/file-path.hh" -#include "nix/util.hh" +#include "nix/util/file-path.hh" +#include "nix/util/util.hh" namespace nix { diff --git a/src/libutil/unix/file-system.cc b/src/libutil/unix/file-system.cc index d79f4c64c35..e62b7d1c2e2 100644 --- a/src/libutil/unix/file-system.cc +++ b/src/libutil/unix/file-system.cc @@ -8,7 +8,7 @@ #include #include -#include "nix/file-system.hh" +#include "nix/util/file-system.hh" #include "util-unix-config-private.hh" diff --git a/src/libutil/unix/include/nix/meson.build b/src/libutil/unix/include/nix/util/meson.build similarity index 66% rename from src/libutil/unix/include/nix/meson.build rename to src/libutil/unix/include/nix/util/meson.build index 5f3095ab117..b6f1c40d3ad 100644 --- a/src/libutil/unix/include/nix/meson.build +++ b/src/libutil/unix/include/nix/util/meson.build @@ -1,6 +1,6 @@ # Public headers directory -include_dirs += include_directories('..') +include_dirs += include_directories('../..') headers += files( 'monitor-fd.hh', diff --git a/src/libutil/unix/include/nix/monitor-fd.hh b/src/libutil/unix/include/nix/util/monitor-fd.hh similarity index 99% rename from src/libutil/unix/include/nix/monitor-fd.hh rename to src/libutil/unix/include/nix/util/monitor-fd.hh index 720cbb937e8..c10ad96bd96 100644 --- a/src/libutil/unix/include/nix/monitor-fd.hh +++ b/src/libutil/unix/include/nix/util/monitor-fd.hh @@ -10,7 +10,7 @@ #include #include -#include "nix/signals.hh" +#include "nix/util/signals.hh" namespace nix { diff --git a/src/libutil/unix/include/nix/signals-impl.hh b/src/libutil/unix/include/nix/util/signals-impl.hh similarity index 94% rename from src/libutil/unix/include/nix/signals-impl.hh rename to src/libutil/unix/include/nix/util/signals-impl.hh index a63e0372599..ffa96734409 100644 --- a/src/libutil/unix/include/nix/signals-impl.hh +++ b/src/libutil/unix/include/nix/util/signals-impl.hh @@ -10,11 +10,11 @@ * downstream code.) */ -#include "nix/types.hh" -#include "nix/error.hh" -#include "nix/logging.hh" -#include "nix/ansicolor.hh" -#include "nix/signals.hh" +#include "nix/util/types.hh" +#include "nix/util/error.hh" +#include "nix/util/logging.hh" +#include "nix/util/ansicolor.hh" +#include "nix/util/signals.hh" #include #include diff --git a/src/libutil/unix/meson.build b/src/libutil/unix/meson.build index ee0c19affe3..ea2391d0555 100644 --- a/src/libutil/unix/meson.build +++ b/src/libutil/unix/meson.build @@ -60,4 +60,4 @@ sources += files( 'users.cc', ) -subdir('include/nix') +subdir('include/nix/util') diff --git a/src/libutil/unix/muxable-pipe.cc b/src/libutil/unix/muxable-pipe.cc index e81f47bc09d..57bcdb0ad50 100644 --- a/src/libutil/unix/muxable-pipe.cc +++ b/src/libutil/unix/muxable-pipe.cc @@ -1,8 +1,8 @@ #include -#include "nix/logging.hh" -#include "nix/util.hh" -#include "nix/muxable-pipe.hh" +#include "nix/util/logging.hh" +#include "nix/util/util.hh" +#include "nix/util/muxable-pipe.hh" namespace nix { diff --git a/src/libutil/unix/os-string.cc b/src/libutil/unix/os-string.cc index e97308a4a4c..1a2be1554e3 100644 --- a/src/libutil/unix/os-string.cc +++ b/src/libutil/unix/os-string.cc @@ -3,8 +3,8 @@ #include #include -#include "nix/file-path.hh" -#include "nix/util.hh" +#include "nix/util/file-path.hh" +#include "nix/util/util.hh" namespace nix { diff --git a/src/libutil/unix/processes.cc b/src/libutil/unix/processes.cc index 06beacb8790..c436076ee49 100644 --- a/src/libutil/unix/processes.cc +++ b/src/libutil/unix/processes.cc @@ -1,10 +1,10 @@ -#include "nix/current-process.hh" -#include "nix/environment-variables.hh" -#include "nix/executable-path.hh" -#include "nix/signals.hh" -#include "nix/processes.hh" -#include "nix/finally.hh" -#include "nix/serialise.hh" +#include "nix/util/current-process.hh" +#include "nix/util/environment-variables.hh" +#include "nix/util/executable-path.hh" +#include "nix/util/signals.hh" +#include "nix/util/processes.hh" +#include "nix/util/finally.hh" +#include "nix/util/serialise.hh" #include #include diff --git a/src/libutil/unix/signals.cc b/src/libutil/unix/signals.cc index 168b33bfb90..f1cb28527b5 100644 --- a/src/libutil/unix/signals.cc +++ b/src/libutil/unix/signals.cc @@ -1,8 +1,8 @@ -#include "nix/signals.hh" -#include "nix/util.hh" -#include "nix/error.hh" -#include "nix/sync.hh" -#include "nix/terminal.hh" +#include "nix/util/signals.hh" +#include "nix/util/util.hh" +#include "nix/util/error.hh" +#include "nix/util/sync.hh" +#include "nix/util/terminal.hh" #include diff --git a/src/libutil/unix/users.cc b/src/libutil/unix/users.cc index 1ba194d7185..18df7fdf25c 100644 --- a/src/libutil/unix/users.cc +++ b/src/libutil/unix/users.cc @@ -1,7 +1,7 @@ -#include "nix/util.hh" -#include "nix/users.hh" -#include "nix/environment-variables.hh" -#include "nix/file-system.hh" +#include "nix/util/util.hh" +#include "nix/util/users.hh" +#include "nix/util/environment-variables.hh" +#include "nix/util/file-system.hh" #include #include diff --git a/src/libutil/url.cc b/src/libutil/url.cc index f042d3b0f59..eaa2b0682a8 100644 --- a/src/libutil/url.cc +++ b/src/libutil/url.cc @@ -1,8 +1,8 @@ -#include "nix/url.hh" -#include "nix/url-parts.hh" -#include "nix/util.hh" -#include "nix/split.hh" -#include "nix/canon-path.hh" +#include "nix/util/url.hh" +#include "nix/util/url-parts.hh" +#include "nix/util/util.hh" +#include "nix/util/split.hh" +#include "nix/util/canon-path.hh" namespace nix { diff --git a/src/libutil/users.cc b/src/libutil/users.cc index d4fb08ab569..5a5d740c687 100644 --- a/src/libutil/users.cc +++ b/src/libutil/users.cc @@ -1,7 +1,7 @@ -#include "nix/util.hh" -#include "nix/users.hh" -#include "nix/environment-variables.hh" -#include "nix/file-system.hh" +#include "nix/util/util.hh" +#include "nix/util/users.hh" +#include "nix/util/environment-variables.hh" +#include "nix/util/file-system.hh" namespace nix { diff --git a/src/libutil/util.cc b/src/libutil/util.cc index 37f30d91f26..ffd85ffbb5d 100644 --- a/src/libutil/util.cc +++ b/src/libutil/util.cc @@ -1,7 +1,7 @@ -#include "nix/util.hh" -#include "nix/fmt.hh" -#include "nix/file-path.hh" -#include "nix/signals.hh" +#include "nix/util/util.hh" +#include "nix/util/fmt.hh" +#include "nix/util/file-path.hh" +#include "nix/util/signals.hh" #include #include diff --git a/src/libutil/windows/environment-variables.cc b/src/libutil/windows/environment-variables.cc index a6fadc627a5..f9f384a5b20 100644 --- a/src/libutil/windows/environment-variables.cc +++ b/src/libutil/windows/environment-variables.cc @@ -1,4 +1,4 @@ -#include "nix/environment-variables.hh" +#include "nix/util/environment-variables.hh" #ifdef _WIN32 # include "processenv.h" diff --git a/src/libutil/windows/file-descriptor.cc b/src/libutil/windows/file-descriptor.cc index 7f77cae89f6..f451bc0d3ae 100644 --- a/src/libutil/windows/file-descriptor.cc +++ b/src/libutil/windows/file-descriptor.cc @@ -1,9 +1,9 @@ -#include "nix/file-system.hh" -#include "nix/signals.hh" -#include "nix/finally.hh" -#include "nix/serialise.hh" -#include "nix/windows-error.hh" -#include "nix/file-path.hh" +#include "nix/util/file-system.hh" +#include "nix/util/signals.hh" +#include "nix/util/finally.hh" +#include "nix/util/serialise.hh" +#include "nix/util/windows-error.hh" +#include "nix/util/file-path.hh" #ifdef _WIN32 #include diff --git a/src/libutil/windows/file-path.cc b/src/libutil/windows/file-path.cc index 5079bcbcd4e..03cc5afe5e4 100644 --- a/src/libutil/windows/file-path.cc +++ b/src/libutil/windows/file-path.cc @@ -3,9 +3,9 @@ #include #include -#include "nix/file-path.hh" -#include "nix/file-path-impl.hh" -#include "nix/util.hh" +#include "nix/util/file-path.hh" +#include "nix/util/file-path-impl.hh" +#include "nix/util/util.hh" namespace nix { diff --git a/src/libutil/windows/file-system.cc b/src/libutil/windows/file-system.cc index 3c2a57bcdc6..1dac7e75424 100644 --- a/src/libutil/windows/file-system.cc +++ b/src/libutil/windows/file-system.cc @@ -1,4 +1,4 @@ -#include "nix/file-system.hh" +#include "nix/util/file-system.hh" #ifdef _WIN32 namespace nix { diff --git a/src/libutil/windows/include/nix/meson.build b/src/libutil/windows/include/nix/util/meson.build similarity index 72% rename from src/libutil/windows/include/nix/meson.build rename to src/libutil/windows/include/nix/util/meson.build index 898b7db8963..1bd56c4bd17 100644 --- a/src/libutil/windows/include/nix/meson.build +++ b/src/libutil/windows/include/nix/util/meson.build @@ -1,6 +1,6 @@ # Public headers directory -include_dirs += include_directories('..') +include_dirs += include_directories('../..') headers += files( 'signals-impl.hh', diff --git a/src/libutil/windows/include/nix/signals-impl.hh b/src/libutil/windows/include/nix/util/signals-impl.hh similarity index 94% rename from src/libutil/windows/include/nix/signals-impl.hh rename to src/libutil/windows/include/nix/util/signals-impl.hh index fcdf18276eb..043f39100ac 100644 --- a/src/libutil/windows/include/nix/signals-impl.hh +++ b/src/libutil/windows/include/nix/util/signals-impl.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "nix/types.hh" +#include "nix/util/types.hh" namespace nix { diff --git a/src/libutil/windows/include/nix/windows-async-pipe.hh b/src/libutil/windows/include/nix/util/windows-async-pipe.hh similarity index 92% rename from src/libutil/windows/include/nix/windows-async-pipe.hh rename to src/libutil/windows/include/nix/util/windows-async-pipe.hh index 55f6ea31d0a..5bb0c35185d 100644 --- a/src/libutil/windows/include/nix/windows-async-pipe.hh +++ b/src/libutil/windows/include/nix/util/windows-async-pipe.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "nix/file-descriptor.hh" +#include "nix/util/file-descriptor.hh" #ifdef _WIN32 namespace nix::windows { diff --git a/src/libutil/windows/include/nix/windows-error.hh b/src/libutil/windows/include/nix/util/windows-error.hh similarity index 97% rename from src/libutil/windows/include/nix/windows-error.hh rename to src/libutil/windows/include/nix/util/windows-error.hh index c07d61609a1..abf979c6b71 100644 --- a/src/libutil/windows/include/nix/windows-error.hh +++ b/src/libutil/windows/include/nix/util/windows-error.hh @@ -4,7 +4,7 @@ #ifdef _WIN32 #include -#include "nix/error.hh" +#include "nix/util/error.hh" namespace nix::windows { diff --git a/src/libutil/windows/meson.build b/src/libutil/windows/meson.build index 2423c77eac6..0c1cec49cac 100644 --- a/src/libutil/windows/meson.build +++ b/src/libutil/windows/meson.build @@ -11,4 +11,4 @@ sources += files( 'windows-error.cc', ) -subdir('include/nix') +subdir('include/nix/util') diff --git a/src/libutil/windows/muxable-pipe.cc b/src/libutil/windows/muxable-pipe.cc index d9a3e2ca536..82ef4066556 100644 --- a/src/libutil/windows/muxable-pipe.cc +++ b/src/libutil/windows/muxable-pipe.cc @@ -1,10 +1,10 @@ #ifdef _WIN32 # include -# include "nix/windows-error.hh" +# include "nix/util/windows-error.hh" -# include "nix/logging.hh" -# include "nix/util.hh" -# include "nix/muxable-pipe.hh" +# include "nix/util/logging.hh" +# include "nix/util/util.hh" +# include "nix/util/muxable-pipe.hh" namespace nix { diff --git a/src/libutil/windows/os-string.cc b/src/libutil/windows/os-string.cc index b9aff210bb0..8c8a27a9f10 100644 --- a/src/libutil/windows/os-string.cc +++ b/src/libutil/windows/os-string.cc @@ -3,9 +3,9 @@ #include #include -#include "nix/file-path.hh" -#include "nix/file-path-impl.hh" -#include "nix/util.hh" +#include "nix/util/file-path.hh" +#include "nix/util/file-path-impl.hh" +#include "nix/util/util.hh" #ifdef _WIN32 diff --git a/src/libutil/windows/processes.cc b/src/libutil/windows/processes.cc index cdb659a79c9..099dff31b0b 100644 --- a/src/libutil/windows/processes.cc +++ b/src/libutil/windows/processes.cc @@ -1,16 +1,16 @@ -#include "nix/current-process.hh" -#include "nix/environment-variables.hh" -#include "nix/error.hh" -#include "nix/executable-path.hh" -#include "nix/file-descriptor.hh" -#include "nix/file-path.hh" -#include "nix/signals.hh" -#include "nix/processes.hh" -#include "nix/finally.hh" -#include "nix/serialise.hh" -#include "nix/file-system.hh" -#include "nix/util.hh" -#include "nix/windows-error.hh" +#include "nix/util/current-process.hh" +#include "nix/util/environment-variables.hh" +#include "nix/util/error.hh" +#include "nix/util/executable-path.hh" +#include "nix/util/file-descriptor.hh" +#include "nix/util/file-path.hh" +#include "nix/util/signals.hh" +#include "nix/util/processes.hh" +#include "nix/util/finally.hh" +#include "nix/util/serialise.hh" +#include "nix/util/file-system.hh" +#include "nix/util/util.hh" +#include "nix/util/windows-error.hh" #include #include diff --git a/src/libutil/windows/users.cc b/src/libutil/windows/users.cc index 1d49e667bab..90da0281f23 100644 --- a/src/libutil/windows/users.cc +++ b/src/libutil/windows/users.cc @@ -1,8 +1,8 @@ -#include "nix/util.hh" -#include "nix/users.hh" -#include "nix/environment-variables.hh" -#include "nix/file-system.hh" -#include "nix/windows-error.hh" +#include "nix/util/util.hh" +#include "nix/util/users.hh" +#include "nix/util/environment-variables.hh" +#include "nix/util/file-system.hh" +#include "nix/util/windows-error.hh" #ifdef _WIN32 #define WIN32_LEAN_AND_MEAN diff --git a/src/libutil/windows/windows-async-pipe.cc b/src/libutil/windows/windows-async-pipe.cc index 77ccd9e3f3f..d47930a1b84 100644 --- a/src/libutil/windows/windows-async-pipe.cc +++ b/src/libutil/windows/windows-async-pipe.cc @@ -1,5 +1,5 @@ -#include "nix/windows-async-pipe.hh" -#include "nix/windows-error.hh" +#include "nix/util/windows-async-pipe.hh" +#include "nix/util/windows-error.hh" #ifdef _WIN32 diff --git a/src/libutil/windows/windows-error.cc b/src/libutil/windows/windows-error.cc index 8c523e4033b..1e7aff830cd 100644 --- a/src/libutil/windows/windows-error.cc +++ b/src/libutil/windows/windows-error.cc @@ -1,4 +1,4 @@ -#include "nix/windows-error.hh" +#include "nix/util/windows-error.hh" #ifdef _WIN32 #include diff --git a/src/libutil/xml-writer.cc b/src/libutil/xml-writer.cc index 78a40ef64b3..e460dd169cb 100644 --- a/src/libutil/xml-writer.cc +++ b/src/libutil/xml-writer.cc @@ -1,6 +1,6 @@ #include -#include "nix/xml-writer.hh" +#include "nix/util/xml-writer.hh" namespace nix { diff --git a/src/nix-build/nix-build.cc b/src/nix-build/nix-build.cc index 065a3b3e8c0..45f89180885 100644 --- a/src/nix-build/nix-build.cc +++ b/src/nix-build/nix-build.cc @@ -9,25 +9,25 @@ #include -#include "nix/current-process.hh" -#include "nix/parsed-derivations.hh" -#include "nix/derivation-options.hh" -#include "nix/store-api.hh" -#include "nix/local-fs-store.hh" -#include "nix/globals.hh" -#include "nix/realisation.hh" -#include "nix/derivations.hh" -#include "nix/shared.hh" -#include "nix/path-with-outputs.hh" -#include "nix/eval.hh" -#include "nix/eval-inline.hh" -#include "nix/get-drvs.hh" -#include "nix/common-eval-args.hh" -#include "nix/attr-path.hh" -#include "nix/legacy.hh" -#include "nix/users.hh" -#include "nix/network-proxy.hh" -#include "nix/compatibility-settings.hh" +#include "nix/util/current-process.hh" +#include "nix/store/parsed-derivations.hh" +#include "nix/store/derivation-options.hh" +#include "nix/store/store-api.hh" +#include "nix/store/local-fs-store.hh" +#include "nix/store/globals.hh" +#include "nix/store/realisation.hh" +#include "nix/store/derivations.hh" +#include "nix/main/shared.hh" +#include "nix/store/path-with-outputs.hh" +#include "nix/expr/eval.hh" +#include "nix/expr/eval-inline.hh" +#include "nix/expr/get-drvs.hh" +#include "nix/cmd/common-eval-args.hh" +#include "nix/expr/attr-path.hh" +#include "nix/cmd/legacy.hh" +#include "nix/util/users.hh" +#include "nix/cmd/network-proxy.hh" +#include "nix/cmd/compatibility-settings.hh" #include "man-pages.hh" using namespace nix; diff --git a/src/nix-channel/nix-channel.cc b/src/nix-channel/nix-channel.cc index 33efb891858..c0baa4aa2a4 100644 --- a/src/nix-channel/nix-channel.cc +++ b/src/nix-channel/nix-channel.cc @@ -1,12 +1,12 @@ -#include "nix/profiles.hh" -#include "nix/shared.hh" -#include "nix/globals.hh" -#include "nix/filetransfer.hh" -#include "nix/store-api.hh" -#include "nix/legacy.hh" -#include "nix/eval-settings.hh" // for defexpr -#include "nix/users.hh" -#include "nix/tarball.hh" +#include "nix/store/profiles.hh" +#include "nix/main/shared.hh" +#include "nix/store/globals.hh" +#include "nix/store/filetransfer.hh" +#include "nix/store/store-api.hh" +#include "nix/cmd/legacy.hh" +#include "nix/expr/eval-settings.hh" // for defexpr +#include "nix/util/users.hh" +#include "nix/fetchers/tarball.hh" #include "self-exe.hh" #include "man-pages.hh" diff --git a/src/nix-collect-garbage/nix-collect-garbage.cc b/src/nix-collect-garbage/nix-collect-garbage.cc index c6f996f20fe..3a84d97aaea 100644 --- a/src/nix-collect-garbage/nix-collect-garbage.cc +++ b/src/nix-collect-garbage/nix-collect-garbage.cc @@ -1,12 +1,12 @@ -#include "nix/file-system.hh" -#include "nix/signals.hh" -#include "nix/store-api.hh" -#include "nix/store-cast.hh" -#include "nix/gc-store.hh" -#include "nix/profiles.hh" -#include "nix/shared.hh" -#include "nix/globals.hh" -#include "nix/legacy.hh" +#include "nix/util/file-system.hh" +#include "nix/util/signals.hh" +#include "nix/store/store-api.hh" +#include "nix/store/store-cast.hh" +#include "nix/store/gc-store.hh" +#include "nix/store/profiles.hh" +#include "nix/main/shared.hh" +#include "nix/store/globals.hh" +#include "nix/cmd/legacy.hh" #include "man-pages.hh" #include diff --git a/src/nix-copy-closure/nix-copy-closure.cc b/src/nix-copy-closure/nix-copy-closure.cc index 8094925dc58..6d0db100877 100644 --- a/src/nix-copy-closure/nix-copy-closure.cc +++ b/src/nix-copy-closure/nix-copy-closure.cc @@ -1,7 +1,7 @@ -#include "nix/shared.hh" -#include "nix/realisation.hh" -#include "nix/store-api.hh" -#include "nix/legacy.hh" +#include "nix/main/shared.hh" +#include "nix/store/realisation.hh" +#include "nix/store/store-api.hh" +#include "nix/cmd/legacy.hh" #include "man-pages.hh" using namespace nix; diff --git a/src/nix-env/nix-env.cc b/src/nix-env/nix-env.cc index c02c27d3678..021619adad7 100644 --- a/src/nix-env/nix-env.cc +++ b/src/nix-env/nix-env.cc @@ -1,22 +1,22 @@ -#include "nix/users.hh" -#include "nix/attr-path.hh" -#include "nix/common-eval-args.hh" -#include "nix/derivations.hh" -#include "nix/eval.hh" -#include "nix/get-drvs.hh" -#include "nix/globals.hh" -#include "nix/names.hh" -#include "nix/profiles.hh" -#include "nix/path-with-outputs.hh" -#include "nix/shared.hh" -#include "nix/store-api.hh" -#include "nix/local-fs-store.hh" +#include "nix/util/users.hh" +#include "nix/expr/attr-path.hh" +#include "nix/cmd/common-eval-args.hh" +#include "nix/store/derivations.hh" +#include "nix/expr/eval.hh" +#include "nix/expr/get-drvs.hh" +#include "nix/store/globals.hh" +#include "nix/store/names.hh" +#include "nix/store/profiles.hh" +#include "nix/store/path-with-outputs.hh" +#include "nix/main/shared.hh" +#include "nix/store/store-api.hh" +#include "nix/store/local-fs-store.hh" #include "user-env.hh" -#include "nix/value-to-json.hh" -#include "nix/xml-writer.hh" -#include "nix/legacy.hh" -#include "nix/eval-settings.hh" // for defexpr -#include "nix/terminal.hh" +#include "nix/expr/value-to-json.hh" +#include "nix/util/xml-writer.hh" +#include "nix/cmd/legacy.hh" +#include "nix/expr/eval-settings.hh" // for defexpr +#include "nix/util/terminal.hh" #include "man-pages.hh" #include diff --git a/src/nix-env/user-env.cc b/src/nix-env/user-env.cc index 81abefc2fda..e149b6aeb7f 100644 --- a/src/nix-env/user-env.cc +++ b/src/nix-env/user-env.cc @@ -1,14 +1,14 @@ #include "user-env.hh" -#include "nix/derivations.hh" -#include "nix/store-api.hh" -#include "nix/path-with-outputs.hh" -#include "nix/local-fs-store.hh" -#include "nix/globals.hh" -#include "nix/shared.hh" -#include "nix/eval.hh" -#include "nix/eval-inline.hh" -#include "nix/profiles.hh" -#include "nix/print-ambiguous.hh" +#include "nix/store/derivations.hh" +#include "nix/store/store-api.hh" +#include "nix/store/path-with-outputs.hh" +#include "nix/store/local-fs-store.hh" +#include "nix/store/globals.hh" +#include "nix/main/shared.hh" +#include "nix/expr/eval.hh" +#include "nix/expr/eval-inline.hh" +#include "nix/store/profiles.hh" +#include "nix/expr/print-ambiguous.hh" #include #include diff --git a/src/nix-env/user-env.hh b/src/nix-env/user-env.hh index 8ec124d07c6..0a19b8f3214 100644 --- a/src/nix-env/user-env.hh +++ b/src/nix-env/user-env.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "nix/get-drvs.hh" +#include "nix/expr/get-drvs.hh" namespace nix { diff --git a/src/nix-instantiate/nix-instantiate.cc b/src/nix-instantiate/nix-instantiate.cc index d4765952ba8..c1b6cc66a4b 100644 --- a/src/nix-instantiate/nix-instantiate.cc +++ b/src/nix-instantiate/nix-instantiate.cc @@ -1,17 +1,17 @@ -#include "nix/globals.hh" -#include "nix/print-ambiguous.hh" -#include "nix/shared.hh" -#include "nix/eval.hh" -#include "nix/eval-inline.hh" -#include "nix/get-drvs.hh" -#include "nix/attr-path.hh" -#include "nix/signals.hh" -#include "nix/value-to-xml.hh" -#include "nix/value-to-json.hh" -#include "nix/store-api.hh" -#include "nix/local-fs-store.hh" -#include "nix/common-eval-args.hh" -#include "nix/legacy.hh" +#include "nix/store/globals.hh" +#include "nix/expr/print-ambiguous.hh" +#include "nix/main/shared.hh" +#include "nix/expr/eval.hh" +#include "nix/expr/eval-inline.hh" +#include "nix/expr/get-drvs.hh" +#include "nix/expr/attr-path.hh" +#include "nix/util/signals.hh" +#include "nix/expr/value-to-xml.hh" +#include "nix/expr/value-to-json.hh" +#include "nix/store/store-api.hh" +#include "nix/store/local-fs-store.hh" +#include "nix/cmd/common-eval-args.hh" +#include "nix/cmd/legacy.hh" #include "man-pages.hh" #include diff --git a/src/nix-store/dotgraph.cc b/src/nix-store/dotgraph.cc index 0cab4665601..f8054b554c2 100644 --- a/src/nix-store/dotgraph.cc +++ b/src/nix-store/dotgraph.cc @@ -1,5 +1,5 @@ #include "dotgraph.hh" -#include "nix/store-api.hh" +#include "nix/store/store-api.hh" #include diff --git a/src/nix-store/dotgraph.hh b/src/nix-store/dotgraph.hh index cb4041f8e34..b8e0721ab6f 100644 --- a/src/nix-store/dotgraph.hh +++ b/src/nix-store/dotgraph.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "nix/store-api.hh" +#include "nix/store/store-api.hh" namespace nix { diff --git a/src/nix-store/graphml.cc b/src/nix-store/graphml.cc index 1eb2ccdf68c..3b3188a4126 100644 --- a/src/nix-store/graphml.cc +++ b/src/nix-store/graphml.cc @@ -1,6 +1,6 @@ #include "graphml.hh" -#include "nix/store-api.hh" -#include "nix/derivations.hh" +#include "nix/store/store-api.hh" +#include "nix/store/derivations.hh" #include diff --git a/src/nix-store/graphml.hh b/src/nix-store/graphml.hh index 2989733d775..afcedb58eff 100644 --- a/src/nix-store/graphml.hh +++ b/src/nix-store/graphml.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "nix/store-api.hh" +#include "nix/store/store-api.hh" namespace nix { diff --git a/src/nix-store/nix-store.cc b/src/nix-store/nix-store.cc index 7bdf3b1a336..fbbb57f43d1 100644 --- a/src/nix-store/nix-store.cc +++ b/src/nix-store/nix-store.cc @@ -1,23 +1,23 @@ -#include "nix/archive.hh" -#include "nix/derivations.hh" +#include "nix/util/archive.hh" +#include "nix/store/derivations.hh" #include "dotgraph.hh" -#include "nix/globals.hh" -#include "nix/store-cast.hh" -#include "nix/local-fs-store.hh" -#include "nix/log-store.hh" -#include "nix/serve-protocol.hh" -#include "nix/serve-protocol-connection.hh" -#include "nix/shared.hh" +#include "nix/store/globals.hh" +#include "nix/store/store-cast.hh" +#include "nix/store/local-fs-store.hh" +#include "nix/store/log-store.hh" +#include "nix/store/serve-protocol.hh" +#include "nix/store/serve-protocol-connection.hh" +#include "nix/main/shared.hh" #include "graphml.hh" -#include "nix/legacy.hh" -#include "nix/posix-source-accessor.hh" -#include "nix/path-with-outputs.hh" +#include "nix/cmd/legacy.hh" +#include "nix/util/posix-source-accessor.hh" +#include "nix/store/path-with-outputs.hh" #include "man-pages.hh" #ifndef _WIN32 // TODO implement on Windows or provide allowed-to-noop interface -# include "nix/local-store.hh" -# include "nix/monitor-fd.hh" -# include "nix/posix-fs-canonicalise.hh" +# include "nix/store/local-store.hh" +# include "nix/util/monitor-fd.hh" +# include "nix/store/posix-fs-canonicalise.hh" #endif #include @@ -27,9 +27,9 @@ #include #include -#include "nix/build-result.hh" -#include "nix/exit.hh" -#include "nix/serve-protocol-impl.hh" +#include "nix/store/build-result.hh" +#include "nix/util/exit.hh" +#include "nix/store/serve-protocol-impl.hh" namespace nix_store { diff --git a/src/nix/add-to-store.cc b/src/nix/add-to-store.cc index 6c71dc69fb4..9b7306fdd5d 100644 --- a/src/nix/add-to-store.cc +++ b/src/nix/add-to-store.cc @@ -1,10 +1,10 @@ -#include "nix/command.hh" -#include "nix/common-args.hh" -#include "nix/store-api.hh" -#include "nix/archive.hh" -#include "nix/git.hh" -#include "nix/posix-source-accessor.hh" -#include "nix/misc-store-flags.hh" +#include "nix/cmd/command.hh" +#include "nix/main/common-args.hh" +#include "nix/store/store-api.hh" +#include "nix/util/archive.hh" +#include "nix/util/git.hh" +#include "nix/util/posix-source-accessor.hh" +#include "nix/cmd/misc-store-flags.hh" using namespace nix; diff --git a/src/nix/app.cc b/src/nix/app.cc index 2b6c222697e..75ef874baac 100644 --- a/src/nix/app.cc +++ b/src/nix/app.cc @@ -1,13 +1,13 @@ -#include "nix/installables.hh" -#include "nix/installable-derived-path.hh" -#include "nix/installable-value.hh" -#include "nix/store-api.hh" -#include "nix/eval-inline.hh" -#include "nix/eval-cache.hh" -#include "nix/names.hh" -#include "nix/command.hh" -#include "nix/derivations.hh" -#include "nix/downstream-placeholder.hh" +#include "nix/cmd/installables.hh" +#include "nix/cmd/installable-derived-path.hh" +#include "nix/cmd/installable-value.hh" +#include "nix/store/store-api.hh" +#include "nix/expr/eval-inline.hh" +#include "nix/expr/eval-cache.hh" +#include "nix/store/names.hh" +#include "nix/cmd/command.hh" +#include "nix/store/derivations.hh" +#include "nix/store/downstream-placeholder.hh" namespace nix { diff --git a/src/nix/build.cc b/src/nix/build.cc index 9a99832b477..7cd3c7fbeb4 100644 --- a/src/nix/build.cc +++ b/src/nix/build.cc @@ -1,8 +1,8 @@ -#include "nix/command.hh" -#include "nix/common-args.hh" -#include "nix/shared.hh" -#include "nix/store-api.hh" -#include "nix/local-fs-store.hh" +#include "nix/cmd/command.hh" +#include "nix/main/common-args.hh" +#include "nix/main/shared.hh" +#include "nix/store/store-api.hh" +#include "nix/store/local-fs-store.hh" #include diff --git a/src/nix/bundle.cc b/src/nix/bundle.cc index 61338393933..30b3003e7e6 100644 --- a/src/nix/bundle.cc +++ b/src/nix/bundle.cc @@ -1,10 +1,10 @@ -#include "nix/installable-flake.hh" -#include "nix/command-installable-value.hh" -#include "nix/common-args.hh" -#include "nix/shared.hh" -#include "nix/store-api.hh" -#include "nix/local-fs-store.hh" -#include "nix/eval-inline.hh" +#include "nix/cmd/installable-flake.hh" +#include "nix/cmd/command-installable-value.hh" +#include "nix/main/common-args.hh" +#include "nix/main/shared.hh" +#include "nix/store/store-api.hh" +#include "nix/store/local-fs-store.hh" +#include "nix/expr/eval-inline.hh" namespace nix::fs { using namespace std::filesystem; } diff --git a/src/nix/cat.cc b/src/nix/cat.cc index 11de32b403a..a790c0301dc 100644 --- a/src/nix/cat.cc +++ b/src/nix/cat.cc @@ -1,6 +1,6 @@ -#include "nix/command.hh" -#include "nix/store-api.hh" -#include "nix/nar-accessor.hh" +#include "nix/cmd/command.hh" +#include "nix/store/store-api.hh" +#include "nix/store/nar-accessor.hh" using namespace nix; diff --git a/src/nix/config-check.cc b/src/nix/config-check.cc index bc23fd7be38..deac8e56060 100644 --- a/src/nix/config-check.cc +++ b/src/nix/config-check.cc @@ -1,14 +1,14 @@ #include -#include "nix/command.hh" -#include "nix/exit.hh" -#include "nix/logging.hh" -#include "nix/serve-protocol.hh" -#include "nix/shared.hh" -#include "nix/store-api.hh" -#include "nix/local-fs-store.hh" -#include "nix/worker-protocol.hh" -#include "nix/executable-path.hh" +#include "nix/cmd/command.hh" +#include "nix/util/exit.hh" +#include "nix/util/logging.hh" +#include "nix/store/serve-protocol.hh" +#include "nix/main/shared.hh" +#include "nix/store/store-api.hh" +#include "nix/store/local-fs-store.hh" +#include "nix/store/worker-protocol.hh" +#include "nix/util/executable-path.hh" namespace nix::fs { using namespace std::filesystem; } diff --git a/src/nix/config.cc b/src/nix/config.cc index 5d9330f0339..1dc2bed208c 100644 --- a/src/nix/config.cc +++ b/src/nix/config.cc @@ -1,8 +1,8 @@ -#include "nix/command.hh" -#include "nix/common-args.hh" -#include "nix/shared.hh" -#include "nix/store-api.hh" -#include "nix/config-global.hh" +#include "nix/cmd/command.hh" +#include "nix/main/common-args.hh" +#include "nix/main/shared.hh" +#include "nix/store/store-api.hh" +#include "nix/util/config-global.hh" #include diff --git a/src/nix/copy.cc b/src/nix/copy.cc index 0ed99df53bc..0702215fdf6 100644 --- a/src/nix/copy.cc +++ b/src/nix/copy.cc @@ -1,7 +1,7 @@ -#include "nix/command.hh" -#include "nix/shared.hh" -#include "nix/store-api.hh" -#include "nix/local-fs-store.hh" +#include "nix/cmd/command.hh" +#include "nix/main/shared.hh" +#include "nix/store/store-api.hh" +#include "nix/store/local-fs-store.hh" using namespace nix; diff --git a/src/nix/crash-handler.cc b/src/nix/crash-handler.cc index 65687f79ee3..17d346ecce8 100644 --- a/src/nix/crash-handler.cc +++ b/src/nix/crash-handler.cc @@ -1,7 +1,7 @@ #include "crash-handler.hh" -#include "nix/fmt.hh" -#include "nix/logging.hh" +#include "nix/util/fmt.hh" +#include "nix/util/logging.hh" #include #include diff --git a/src/nix/derivation-add.cc b/src/nix/derivation-add.cc index da52ac14c05..e99c44deb2d 100644 --- a/src/nix/derivation-add.cc +++ b/src/nix/derivation-add.cc @@ -1,10 +1,10 @@ // FIXME: rename to 'nix plan add' or 'nix derivation add'? -#include "nix/command.hh" -#include "nix/common-args.hh" -#include "nix/store-api.hh" -#include "nix/archive.hh" -#include "nix/derivations.hh" +#include "nix/cmd/command.hh" +#include "nix/main/common-args.hh" +#include "nix/store/store-api.hh" +#include "nix/util/archive.hh" +#include "nix/store/derivations.hh" #include using namespace nix; diff --git a/src/nix/derivation-show.cc b/src/nix/derivation-show.cc index daabdb4d674..050144ccf8b 100644 --- a/src/nix/derivation-show.cc +++ b/src/nix/derivation-show.cc @@ -1,11 +1,11 @@ // FIXME: integrate this with `nix path-info`? // FIXME: rename to 'nix store derivation show'? -#include "nix/command.hh" -#include "nix/common-args.hh" -#include "nix/store-api.hh" -#include "nix/archive.hh" -#include "nix/derivations.hh" +#include "nix/cmd/command.hh" +#include "nix/main/common-args.hh" +#include "nix/store/store-api.hh" +#include "nix/util/archive.hh" +#include "nix/store/derivations.hh" #include using namespace nix; diff --git a/src/nix/derivation.cc b/src/nix/derivation.cc index 6e0d28d9abf..ee62ab4dc69 100644 --- a/src/nix/derivation.cc +++ b/src/nix/derivation.cc @@ -1,4 +1,4 @@ -#include "nix/command.hh" +#include "nix/cmd/command.hh" using namespace nix; diff --git a/src/nix/develop.cc b/src/nix/develop.cc index 7a1e751070d..e88134a78a5 100644 --- a/src/nix/develop.cc +++ b/src/nix/develop.cc @@ -1,12 +1,12 @@ -#include "nix/config-global.hh" -#include "nix/eval.hh" -#include "nix/installable-flake.hh" -#include "nix/command-installable-value.hh" -#include "nix/common-args.hh" -#include "nix/shared.hh" -#include "nix/store-api.hh" -#include "nix/outputs-spec.hh" -#include "nix/derivations.hh" +#include "nix/util/config-global.hh" +#include "nix/expr/eval.hh" +#include "nix/cmd/installable-flake.hh" +#include "nix/cmd/command-installable-value.hh" +#include "nix/main/common-args.hh" +#include "nix/main/shared.hh" +#include "nix/store/store-api.hh" +#include "nix/store/outputs-spec.hh" +#include "nix/store/derivations.hh" #ifndef _WIN32 // TODO re-enable on Windows # include "run.hh" @@ -18,7 +18,7 @@ #include #include -#include "nix/strings.hh" +#include "nix/util/strings.hh" namespace nix::fs { using namespace std::filesystem; } diff --git a/src/nix/diff-closures.cc b/src/nix/diff-closures.cc index 042da8d3ada..c4d21db6f4c 100644 --- a/src/nix/diff-closures.cc +++ b/src/nix/diff-closures.cc @@ -1,12 +1,12 @@ -#include "nix/command.hh" -#include "nix/shared.hh" -#include "nix/store-api.hh" -#include "nix/common-args.hh" -#include "nix/names.hh" +#include "nix/cmd/command.hh" +#include "nix/main/shared.hh" +#include "nix/store/store-api.hh" +#include "nix/main/common-args.hh" +#include "nix/store/names.hh" #include -#include "nix/strings.hh" +#include "nix/util/strings.hh" namespace nix { diff --git a/src/nix/dump-path.cc b/src/nix/dump-path.cc index bf82de84679..c883630b1fd 100644 --- a/src/nix/dump-path.cc +++ b/src/nix/dump-path.cc @@ -1,6 +1,6 @@ -#include "nix/command.hh" -#include "nix/store-api.hh" -#include "nix/archive.hh" +#include "nix/cmd/command.hh" +#include "nix/store/store-api.hh" +#include "nix/util/archive.hh" using namespace nix; diff --git a/src/nix/edit.cc b/src/nix/edit.cc index 770bbfc7129..cfb9eb74a87 100644 --- a/src/nix/edit.cc +++ b/src/nix/edit.cc @@ -1,9 +1,9 @@ -#include "nix/current-process.hh" -#include "nix/command-installable-value.hh" -#include "nix/shared.hh" -#include "nix/eval.hh" -#include "nix/attr-path.hh" -#include "nix/editor-for.hh" +#include "nix/util/current-process.hh" +#include "nix/cmd/command-installable-value.hh" +#include "nix/main/shared.hh" +#include "nix/expr/eval.hh" +#include "nix/expr/attr-path.hh" +#include "nix/cmd/editor-for.hh" #include diff --git a/src/nix/env.cc b/src/nix/env.cc index 982120252fa..4b00dbc7c93 100644 --- a/src/nix/env.cc +++ b/src/nix/env.cc @@ -1,11 +1,11 @@ #include #include -#include "nix/command.hh" -#include "nix/eval.hh" +#include "nix/cmd/command.hh" +#include "nix/expr/eval.hh" #include "run.hh" -#include "nix/strings.hh" -#include "nix/executable-path.hh" +#include "nix/util/strings.hh" +#include "nix/util/executable-path.hh" using namespace nix; diff --git a/src/nix/eval.cc b/src/nix/eval.cc index 8d48ddbeb29..24a87f14049 100644 --- a/src/nix/eval.cc +++ b/src/nix/eval.cc @@ -1,10 +1,10 @@ -#include "nix/command-installable-value.hh" -#include "nix/common-args.hh" -#include "nix/shared.hh" -#include "nix/store-api.hh" -#include "nix/eval.hh" -#include "nix/eval-inline.hh" -#include "nix/value-to-json.hh" +#include "nix/cmd/command-installable-value.hh" +#include "nix/main/common-args.hh" +#include "nix/main/shared.hh" +#include "nix/store/store-api.hh" +#include "nix/expr/eval.hh" +#include "nix/expr/eval-inline.hh" +#include "nix/expr/value-to-json.hh" #include diff --git a/src/nix/flake.cc b/src/nix/flake.cc index f86b0c4a176..a7b6000e7fb 100644 --- a/src/nix/flake.cc +++ b/src/nix/flake.cc @@ -1,30 +1,30 @@ -#include "nix/command.hh" -#include "nix/installable-flake.hh" -#include "nix/common-args.hh" -#include "nix/shared.hh" -#include "nix/eval.hh" -#include "nix/eval-inline.hh" -#include "nix/eval-settings.hh" +#include "nix/cmd/command.hh" +#include "nix/cmd/installable-flake.hh" +#include "nix/main/common-args.hh" +#include "nix/main/shared.hh" +#include "nix/expr/eval.hh" +#include "nix/expr/eval-inline.hh" +#include "nix/expr/eval-settings.hh" #include "nix/flake/flake.hh" -#include "nix/get-drvs.hh" -#include "nix/signals.hh" -#include "nix/store-api.hh" -#include "nix/derivations.hh" -#include "nix/outputs-spec.hh" -#include "nix/attr-path.hh" -#include "nix/fetchers.hh" -#include "nix/registry.hh" -#include "nix/eval-cache.hh" -#include "nix/markdown.hh" -#include "nix/users.hh" -#include "nix/fetch-to-store.hh" -#include "nix/local-fs-store.hh" +#include "nix/expr/get-drvs.hh" +#include "nix/util/signals.hh" +#include "nix/store/store-api.hh" +#include "nix/store/derivations.hh" +#include "nix/store/outputs-spec.hh" +#include "nix/expr/attr-path.hh" +#include "nix/fetchers/fetchers.hh" +#include "nix/fetchers/registry.hh" +#include "nix/expr/eval-cache.hh" +#include "nix/cmd/markdown.hh" +#include "nix/util/users.hh" +#include "nix/fetchers/fetch-to-store.hh" +#include "nix/store/local-fs-store.hh" #include #include #include -#include "nix/strings-inline.hh" +#include "nix/util/strings-inline.hh" namespace nix::fs { using namespace std::filesystem; } diff --git a/src/nix/fmt.cc b/src/nix/fmt.cc index e49f7608418..dc270fb8c04 100644 --- a/src/nix/fmt.cc +++ b/src/nix/fmt.cc @@ -1,6 +1,6 @@ -#include "nix/command.hh" -#include "nix/installable-value.hh" -#include "nix/eval.hh" +#include "nix/cmd/command.hh" +#include "nix/cmd/installable-value.hh" +#include "nix/expr/eval.hh" #include "run.hh" using namespace nix; diff --git a/src/nix/hash.cc b/src/nix/hash.cc index db937283acf..510cfa59270 100644 --- a/src/nix/hash.cc +++ b/src/nix/hash.cc @@ -1,13 +1,13 @@ -#include "nix/command.hh" -#include "nix/hash.hh" -#include "nix/content-address.hh" -#include "nix/legacy.hh" -#include "nix/shared.hh" -#include "nix/references.hh" -#include "nix/archive.hh" -#include "nix/git.hh" -#include "nix/posix-source-accessor.hh" -#include "nix/misc-store-flags.hh" +#include "nix/cmd/command.hh" +#include "nix/util/hash.hh" +#include "nix/store/content-address.hh" +#include "nix/cmd/legacy.hh" +#include "nix/main/shared.hh" +#include "nix/util/references.hh" +#include "nix/util/archive.hh" +#include "nix/util/git.hh" +#include "nix/util/posix-source-accessor.hh" +#include "nix/cmd/misc-store-flags.hh" #include "man-pages.hh" using namespace nix; diff --git a/src/nix/log.cc b/src/nix/log.cc index e43f32829d3..00ab74ea6ba 100644 --- a/src/nix/log.cc +++ b/src/nix/log.cc @@ -1,8 +1,8 @@ -#include "nix/command.hh" -#include "nix/common-args.hh" -#include "nix/shared.hh" -#include "nix/store-api.hh" -#include "nix/log-store.hh" +#include "nix/cmd/command.hh" +#include "nix/main/common-args.hh" +#include "nix/main/shared.hh" +#include "nix/store/store-api.hh" +#include "nix/store/log-store.hh" using namespace nix; diff --git a/src/nix/ls.cc b/src/nix/ls.cc index c5a1c450485..1a90ed074ee 100644 --- a/src/nix/ls.cc +++ b/src/nix/ls.cc @@ -1,7 +1,7 @@ -#include "nix/command.hh" -#include "nix/store-api.hh" -#include "nix/nar-accessor.hh" -#include "nix/common-args.hh" +#include "nix/cmd/command.hh" +#include "nix/store/store-api.hh" +#include "nix/store/nar-accessor.hh" +#include "nix/main/common-args.hh" #include using namespace nix; diff --git a/src/nix/main.cc b/src/nix/main.cc index 330cafce6a2..6470213a296 100644 --- a/src/nix/main.cc +++ b/src/nix/main.cc @@ -1,25 +1,25 @@ -#include "nix/args/root.hh" -#include "nix/current-process.hh" -#include "nix/command.hh" -#include "nix/common-args.hh" -#include "nix/eval.hh" -#include "nix/eval-settings.hh" -#include "nix/globals.hh" -#include "nix/legacy.hh" -#include "nix/shared.hh" -#include "nix/store-api.hh" -#include "nix/filetransfer.hh" -#include "nix/finally.hh" -#include "nix/loggers.hh" -#include "nix/markdown.hh" -#include "nix/memory-source-accessor.hh" -#include "nix/terminal.hh" -#include "nix/users.hh" -#include "nix/network-proxy.hh" -#include "nix/eval-cache.hh" +#include "nix/util/args/root.hh" +#include "nix/util/current-process.hh" +#include "nix/cmd/command.hh" +#include "nix/main/common-args.hh" +#include "nix/expr/eval.hh" +#include "nix/expr/eval-settings.hh" +#include "nix/store/globals.hh" +#include "nix/cmd/legacy.hh" +#include "nix/main/shared.hh" +#include "nix/store/store-api.hh" +#include "nix/store/filetransfer.hh" +#include "nix/util/finally.hh" +#include "nix/main/loggers.hh" +#include "nix/cmd/markdown.hh" +#include "nix/util/memory-source-accessor.hh" +#include "nix/util/terminal.hh" +#include "nix/util/users.hh" +#include "nix/cmd/network-proxy.hh" +#include "nix/expr/eval-cache.hh" #include "nix/flake/flake.hh" #include "nix/flake/settings.hh" -#include "nix/json-utils.hh" +#include "nix/util/json-utils.hh" #include "self-exe.hh" #include "crash-handler.hh" @@ -37,7 +37,7 @@ #endif #if __linux__ -# include "nix/namespaces.hh" +# include "nix/util/namespaces.hh" #endif #ifndef _WIN32 @@ -46,7 +46,7 @@ extern std::string chrootHelperName; void chrootHelper(int argc, char * * argv); #endif -#include "nix/strings.hh" +#include "nix/util/strings.hh" namespace nix { diff --git a/src/nix/make-content-addressed.cc b/src/nix/make-content-addressed.cc index 0426dd5d642..f8f588ae992 100644 --- a/src/nix/make-content-addressed.cc +++ b/src/nix/make-content-addressed.cc @@ -1,7 +1,7 @@ -#include "nix/command.hh" -#include "nix/store-api.hh" -#include "nix/make-content-addressed.hh" -#include "nix/common-args.hh" +#include "nix/cmd/command.hh" +#include "nix/store/store-api.hh" +#include "nix/store/make-content-addressed.hh" +#include "nix/main/common-args.hh" #include diff --git a/src/nix/man-pages.cc b/src/nix/man-pages.cc index 993ef28e1be..8da439e7b03 100644 --- a/src/nix/man-pages.cc +++ b/src/nix/man-pages.cc @@ -1,7 +1,7 @@ #include "man-pages.hh" -#include "nix/file-system.hh" -#include "nix/current-process.hh" -#include "nix/environment-variables.hh" +#include "nix/util/file-system.hh" +#include "nix/util/current-process.hh" +#include "nix/util/environment-variables.hh" namespace nix { diff --git a/src/nix/nar.cc b/src/nix/nar.cc index ba815551d59..debb6b95e4e 100644 --- a/src/nix/nar.cc +++ b/src/nix/nar.cc @@ -1,4 +1,4 @@ -#include "nix/command.hh" +#include "nix/cmd/command.hh" using namespace nix; diff --git a/src/nix/optimise-store.cc b/src/nix/optimise-store.cc index ac1b03f60a5..e319f5c9081 100644 --- a/src/nix/optimise-store.cc +++ b/src/nix/optimise-store.cc @@ -1,6 +1,6 @@ -#include "nix/command.hh" -#include "nix/shared.hh" -#include "nix/store-api.hh" +#include "nix/cmd/command.hh" +#include "nix/main/shared.hh" +#include "nix/store/store-api.hh" #include diff --git a/src/nix/path-from-hash-part.cc b/src/nix/path-from-hash-part.cc index 060231d025a..814b723f9b0 100644 --- a/src/nix/path-from-hash-part.cc +++ b/src/nix/path-from-hash-part.cc @@ -1,5 +1,5 @@ -#include "nix/command.hh" -#include "nix/store-api.hh" +#include "nix/cmd/command.hh" +#include "nix/store/store-api.hh" using namespace nix; diff --git a/src/nix/path-info.cc b/src/nix/path-info.cc index 994c7e7dc6b..329e1583031 100644 --- a/src/nix/path-info.cc +++ b/src/nix/path-info.cc @@ -1,15 +1,15 @@ -#include "nix/command.hh" -#include "nix/shared.hh" -#include "nix/store-api.hh" -#include "nix/common-args.hh" -#include "nix/nar-info.hh" +#include "nix/cmd/command.hh" +#include "nix/main/shared.hh" +#include "nix/store/store-api.hh" +#include "nix/main/common-args.hh" +#include "nix/store/nar-info.hh" #include #include #include -#include "nix/strings.hh" +#include "nix/util/strings.hh" using namespace nix; using nlohmann::json; diff --git a/src/nix/prefetch.cc b/src/nix/prefetch.cc index f7acd601792..397134b0304 100644 --- a/src/nix/prefetch.cc +++ b/src/nix/prefetch.cc @@ -1,17 +1,17 @@ -#include "nix/command.hh" -#include "nix/common-args.hh" -#include "nix/shared.hh" -#include "nix/store-api.hh" -#include "nix/filetransfer.hh" -#include "nix/finally.hh" -#include "nix/loggers.hh" -#include "nix/tarfile.hh" -#include "nix/attr-path.hh" -#include "nix/eval-inline.hh" -#include "nix/legacy.hh" -#include "nix/posix-source-accessor.hh" -#include "nix/misc-store-flags.hh" -#include "nix/terminal.hh" +#include "nix/cmd/command.hh" +#include "nix/main/common-args.hh" +#include "nix/main/shared.hh" +#include "nix/store/store-api.hh" +#include "nix/store/filetransfer.hh" +#include "nix/util/finally.hh" +#include "nix/main/loggers.hh" +#include "nix/util/tarfile.hh" +#include "nix/expr/attr-path.hh" +#include "nix/expr/eval-inline.hh" +#include "nix/cmd/legacy.hh" +#include "nix/util/posix-source-accessor.hh" +#include "nix/cmd/misc-store-flags.hh" +#include "nix/util/terminal.hh" #include "man-pages.hh" diff --git a/src/nix/profile.cc b/src/nix/profile.cc index 2ba3a82682b..1a129d0c530 100644 --- a/src/nix/profile.cc +++ b/src/nix/profile.cc @@ -1,23 +1,23 @@ -#include "nix/command.hh" -#include "nix/installable-flake.hh" -#include "nix/common-args.hh" -#include "nix/shared.hh" -#include "nix/store-api.hh" -#include "nix/derivations.hh" -#include "nix/archive.hh" -#include "nix/builtins/buildenv.hh" +#include "nix/cmd/command.hh" +#include "nix/cmd/installable-flake.hh" +#include "nix/main/common-args.hh" +#include "nix/main/shared.hh" +#include "nix/store/store-api.hh" +#include "nix/store/derivations.hh" +#include "nix/util/archive.hh" +#include "nix/store/builtins/buildenv.hh" #include "nix/flake/flakeref.hh" #include "../nix-env/user-env.hh" -#include "nix/profiles.hh" -#include "nix/names.hh" -#include "nix/url.hh" +#include "nix/store/profiles.hh" +#include "nix/store/names.hh" +#include "nix/util/url.hh" #include "nix/flake/url-name.hh" #include #include #include -#include "nix/strings.hh" +#include "nix/util/strings.hh" using namespace nix; diff --git a/src/nix/realisation.cc b/src/nix/realisation.cc index 32e5442652c..77465e0b702 100644 --- a/src/nix/realisation.cc +++ b/src/nix/realisation.cc @@ -1,5 +1,5 @@ -#include "nix/command.hh" -#include "nix/common-args.hh" +#include "nix/cmd/command.hh" +#include "nix/main/common-args.hh" #include diff --git a/src/nix/registry.cc b/src/nix/registry.cc index f464ab02f6a..340d10ec42e 100644 --- a/src/nix/registry.cc +++ b/src/nix/registry.cc @@ -1,11 +1,11 @@ -#include "nix/command.hh" -#include "nix/common-args.hh" -#include "nix/shared.hh" -#include "nix/eval.hh" +#include "nix/cmd/command.hh" +#include "nix/main/common-args.hh" +#include "nix/main/shared.hh" +#include "nix/expr/eval.hh" #include "nix/flake/flake.hh" -#include "nix/store-api.hh" -#include "nix/fetchers.hh" -#include "nix/registry.hh" +#include "nix/store/store-api.hh" +#include "nix/fetchers/fetchers.hh" +#include "nix/fetchers/registry.hh" using namespace nix; using namespace nix::flake; diff --git a/src/nix/repl.cc b/src/nix/repl.cc index fb895445587..fcce43b8f4e 100644 --- a/src/nix/repl.cc +++ b/src/nix/repl.cc @@ -1,11 +1,11 @@ -#include "nix/eval.hh" -#include "nix/eval-settings.hh" -#include "nix/config-global.hh" -#include "nix/globals.hh" -#include "nix/command.hh" -#include "nix/installable-value.hh" -#include "nix/repl.hh" -#include "nix/processes.hh" +#include "nix/expr/eval.hh" +#include "nix/expr/eval-settings.hh" +#include "nix/util/config-global.hh" +#include "nix/store/globals.hh" +#include "nix/cmd/command.hh" +#include "nix/cmd/installable-value.hh" +#include "nix/cmd/repl.hh" +#include "nix/util/processes.hh" #include "self-exe.hh" namespace nix { diff --git a/src/nix/run.cc b/src/nix/run.cc index 0345fab9aa4..64eab3ff3de 100644 --- a/src/nix/run.cc +++ b/src/nix/run.cc @@ -1,20 +1,20 @@ -#include "nix/current-process.hh" +#include "nix/util/current-process.hh" #include "run.hh" -#include "nix/command-installable-value.hh" -#include "nix/common-args.hh" -#include "nix/shared.hh" -#include "nix/signals.hh" -#include "nix/store-api.hh" -#include "nix/derivations.hh" -#include "nix/local-fs-store.hh" -#include "nix/finally.hh" -#include "nix/source-accessor.hh" -#include "nix/eval.hh" +#include "nix/cmd/command-installable-value.hh" +#include "nix/main/common-args.hh" +#include "nix/main/shared.hh" +#include "nix/util/signals.hh" +#include "nix/store/store-api.hh" +#include "nix/store/derivations.hh" +#include "nix/store/local-fs-store.hh" +#include "nix/util/finally.hh" +#include "nix/util/source-accessor.hh" +#include "nix/expr/eval.hh" #include #if __linux__ # include -# include "nix/personality.hh" +# include "nix/store/personality.hh" #endif #include diff --git a/src/nix/run.hh b/src/nix/run.hh index eb670319ca5..9d95b8e7c64 100644 --- a/src/nix/run.hh +++ b/src/nix/run.hh @@ -1,7 +1,7 @@ #pragma once ///@file -#include "nix/store-api.hh" +#include "nix/store/store-api.hh" namespace nix { diff --git a/src/nix/search.cc b/src/nix/search.cc index 6a2ee1aa6c6..a27891c93e8 100644 --- a/src/nix/search.cc +++ b/src/nix/search.cc @@ -1,22 +1,22 @@ -#include "nix/command-installable-value.hh" -#include "nix/globals.hh" -#include "nix/eval.hh" -#include "nix/eval-inline.hh" -#include "nix/eval-settings.hh" -#include "nix/names.hh" -#include "nix/get-drvs.hh" -#include "nix/common-args.hh" -#include "nix/shared.hh" -#include "nix/eval-cache.hh" -#include "nix/attr-path.hh" -#include "nix/hilite.hh" -#include "nix/strings-inline.hh" +#include "nix/cmd/command-installable-value.hh" +#include "nix/store/globals.hh" +#include "nix/expr/eval.hh" +#include "nix/expr/eval-inline.hh" +#include "nix/expr/eval-settings.hh" +#include "nix/store/names.hh" +#include "nix/expr/get-drvs.hh" +#include "nix/main/common-args.hh" +#include "nix/main/shared.hh" +#include "nix/expr/eval-cache.hh" +#include "nix/expr/attr-path.hh" +#include "nix/util/hilite.hh" +#include "nix/util/strings-inline.hh" #include #include #include -#include "nix/strings.hh" +#include "nix/util/strings.hh" using namespace nix; using json = nlohmann::json; diff --git a/src/nix/self-exe.cc b/src/nix/self-exe.cc index f9439dfd985..5cc2326be3f 100644 --- a/src/nix/self-exe.cc +++ b/src/nix/self-exe.cc @@ -1,6 +1,6 @@ -#include "nix/current-process.hh" -#include "nix/file-system.hh" -#include "nix/globals.hh" +#include "nix/util/current-process.hh" +#include "nix/util/file-system.hh" +#include "nix/store/globals.hh" #include "self-exe.hh" #include "cli-config-private.hh" diff --git a/src/nix/sigs.cc b/src/nix/sigs.cc index bbdc330026c..87d0e1edbfb 100644 --- a/src/nix/sigs.cc +++ b/src/nix/sigs.cc @@ -1,8 +1,8 @@ -#include "nix/signals.hh" -#include "nix/command.hh" -#include "nix/shared.hh" -#include "nix/store-api.hh" -#include "nix/thread-pool.hh" +#include "nix/util/signals.hh" +#include "nix/cmd/command.hh" +#include "nix/main/shared.hh" +#include "nix/store/store-api.hh" +#include "nix/util/thread-pool.hh" #include diff --git a/src/nix/store-copy-log.cc b/src/nix/store-copy-log.cc index 7dde15dfa43..599b40edc00 100644 --- a/src/nix/store-copy-log.cc +++ b/src/nix/store-copy-log.cc @@ -1,10 +1,10 @@ -#include "nix/command.hh" -#include "nix/shared.hh" -#include "nix/store-api.hh" -#include "nix/store-cast.hh" -#include "nix/log-store.hh" -#include "nix/sync.hh" -#include "nix/thread-pool.hh" +#include "nix/cmd/command.hh" +#include "nix/main/shared.hh" +#include "nix/store/store-api.hh" +#include "nix/store/store-cast.hh" +#include "nix/store/log-store.hh" +#include "nix/util/sync.hh" +#include "nix/util/thread-pool.hh" #include diff --git a/src/nix/store-delete.cc b/src/nix/store-delete.cc index 3d73b7b9a2a..f71a56bc7b0 100644 --- a/src/nix/store-delete.cc +++ b/src/nix/store-delete.cc @@ -1,9 +1,9 @@ -#include "nix/command.hh" -#include "nix/common-args.hh" -#include "nix/shared.hh" -#include "nix/store-api.hh" -#include "nix/store-cast.hh" -#include "nix/gc-store.hh" +#include "nix/cmd/command.hh" +#include "nix/main/common-args.hh" +#include "nix/main/shared.hh" +#include "nix/store/store-api.hh" +#include "nix/store/store-cast.hh" +#include "nix/store/gc-store.hh" using namespace nix; diff --git a/src/nix/store-gc.cc b/src/nix/store-gc.cc index a8ea3f2fa0f..e6a303874f4 100644 --- a/src/nix/store-gc.cc +++ b/src/nix/store-gc.cc @@ -1,9 +1,9 @@ -#include "nix/command.hh" -#include "nix/common-args.hh" -#include "nix/shared.hh" -#include "nix/store-api.hh" -#include "nix/store-cast.hh" -#include "nix/gc-store.hh" +#include "nix/cmd/command.hh" +#include "nix/main/common-args.hh" +#include "nix/main/shared.hh" +#include "nix/store/store-api.hh" +#include "nix/store/store-cast.hh" +#include "nix/store/gc-store.hh" using namespace nix; diff --git a/src/nix/store-info.cc b/src/nix/store-info.cc index 656be0d41c3..8b4ac9b308f 100644 --- a/src/nix/store-info.cc +++ b/src/nix/store-info.cc @@ -1,7 +1,7 @@ -#include "nix/command.hh" -#include "nix/shared.hh" -#include "nix/store-api.hh" -#include "nix/finally.hh" +#include "nix/cmd/command.hh" +#include "nix/main/shared.hh" +#include "nix/store/store-api.hh" +#include "nix/util/finally.hh" #include diff --git a/src/nix/store-repair.cc b/src/nix/store-repair.cc index cd63a836a1a..edd6999815c 100644 --- a/src/nix/store-repair.cc +++ b/src/nix/store-repair.cc @@ -1,5 +1,5 @@ -#include "nix/command.hh" -#include "nix/store-api.hh" +#include "nix/cmd/command.hh" +#include "nix/store/store-api.hh" using namespace nix; diff --git a/src/nix/store.cc b/src/nix/store.cc index ccf02c22e1d..b40b6d06847 100644 --- a/src/nix/store.cc +++ b/src/nix/store.cc @@ -1,4 +1,4 @@ -#include "nix/command.hh" +#include "nix/cmd/command.hh" using namespace nix; diff --git a/src/nix/unix/daemon.cc b/src/nix/unix/daemon.cc index 5da068a7007..4e60ba1024c 100644 --- a/src/nix/unix/daemon.cc +++ b/src/nix/unix/daemon.cc @@ -1,20 +1,20 @@ ///@file -#include "nix/signals.hh" -#include "nix/unix-domain-socket.hh" -#include "nix/command.hh" -#include "nix/shared.hh" -#include "nix/local-store.hh" -#include "nix/remote-store.hh" -#include "nix/remote-store-connection.hh" -#include "nix/serialise.hh" -#include "nix/archive.hh" -#include "nix/globals.hh" -#include "nix/config-global.hh" -#include "nix/derivations.hh" -#include "nix/finally.hh" -#include "nix/legacy.hh" -#include "nix/daemon.hh" +#include "nix/util/signals.hh" +#include "nix/util/unix-domain-socket.hh" +#include "nix/cmd/command.hh" +#include "nix/main/shared.hh" +#include "nix/store/local-store.hh" +#include "nix/store/remote-store.hh" +#include "nix/store/remote-store-connection.hh" +#include "nix/util/serialise.hh" +#include "nix/util/archive.hh" +#include "nix/store/globals.hh" +#include "nix/util/config-global.hh" +#include "nix/store/derivations.hh" +#include "nix/util/finally.hh" +#include "nix/cmd/legacy.hh" +#include "nix/store/daemon.hh" #include "man-pages.hh" #include @@ -35,7 +35,7 @@ #include #if __linux__ -#include "nix/cgroup.hh" +#include "nix/util/cgroup.hh" #endif #if __APPLE__ || __FreeBSD__ diff --git a/src/nix/upgrade-nix.cc b/src/nix/upgrade-nix.cc index 2852858569d..c0a6e68276d 100644 --- a/src/nix/upgrade-nix.cc +++ b/src/nix/upgrade-nix.cc @@ -1,13 +1,13 @@ -#include "nix/processes.hh" -#include "nix/command.hh" -#include "nix/common-args.hh" -#include "nix/store-api.hh" -#include "nix/filetransfer.hh" -#include "nix/eval.hh" -#include "nix/eval-settings.hh" -#include "nix/attr-path.hh" -#include "nix/names.hh" -#include "nix/executable-path.hh" +#include "nix/util/processes.hh" +#include "nix/cmd/command.hh" +#include "nix/main/common-args.hh" +#include "nix/store/store-api.hh" +#include "nix/store/filetransfer.hh" +#include "nix/expr/eval.hh" +#include "nix/expr/eval-settings.hh" +#include "nix/expr/attr-path.hh" +#include "nix/store/names.hh" +#include "nix/util/executable-path.hh" #include "self-exe.hh" using namespace nix; diff --git a/src/nix/verify.cc b/src/nix/verify.cc index 0adfec89527..734387ee7e0 100644 --- a/src/nix/verify.cc +++ b/src/nix/verify.cc @@ -1,13 +1,13 @@ -#include "nix/command.hh" -#include "nix/shared.hh" -#include "nix/store-api.hh" -#include "nix/thread-pool.hh" -#include "nix/signals.hh" -#include "nix/keys.hh" +#include "nix/cmd/command.hh" +#include "nix/main/shared.hh" +#include "nix/store/store-api.hh" +#include "nix/util/thread-pool.hh" +#include "nix/util/signals.hh" +#include "nix/store/keys.hh" #include -#include "nix/exit.hh" +#include "nix/util/exit.hh" using namespace nix; diff --git a/src/nix/why-depends.cc b/src/nix/why-depends.cc index fe8f3ecc37c..8dfd8343fc9 100644 --- a/src/nix/why-depends.cc +++ b/src/nix/why-depends.cc @@ -1,7 +1,7 @@ -#include "nix/command.hh" -#include "nix/store-api.hh" -#include "nix/source-accessor.hh" -#include "nix/shared.hh" +#include "nix/cmd/command.hh" +#include "nix/store/store-api.hh" +#include "nix/util/source-accessor.hh" +#include "nix/main/shared.hh" #include diff --git a/src/perl/lib/Nix/Store.xs b/src/perl/lib/Nix/Store.xs index 49bf8bd7973..34ed8b5f0cc 100644 --- a/src/perl/lib/Nix/Store.xs +++ b/src/perl/lib/Nix/Store.xs @@ -6,11 +6,11 @@ #undef do_open #undef do_close -#include "nix/derivations.hh" -#include "nix/realisation.hh" -#include "nix/globals.hh" -#include "nix/store-api.hh" -#include "nix/posix-source-accessor.hh" +#include "nix/store/derivations.hh" +#include "nix/store/realisation.hh" +#include "nix/store/globals.hh" +#include "nix/store/store-api.hh" +#include "nix/util/posix-source-accessor.hh" #include #include diff --git a/tests/functional/plugins/plugintest.cc b/tests/functional/plugins/plugintest.cc index e3343bcbc2d..0b1a01a6e3a 100644 --- a/tests/functional/plugins/plugintest.cc +++ b/tests/functional/plugins/plugintest.cc @@ -1,5 +1,5 @@ -#include "nix/config-global.hh" -#include "nix/primops.hh" +#include "nix/util/config-global.hh" +#include "nix/expr/primops.hh" using namespace nix; diff --git a/tests/functional/test-libstoreconsumer/main.cc b/tests/functional/test-libstoreconsumer/main.cc index 7cb0da944c1..2c0402094cb 100644 --- a/tests/functional/test-libstoreconsumer/main.cc +++ b/tests/functional/test-libstoreconsumer/main.cc @@ -1,6 +1,6 @@ -#include "nix/globals.hh" -#include "nix/store-api.hh" -#include "nix/build-result.hh" +#include "nix/store/globals.hh" +#include "nix/store/store-api.hh" +#include "nix/store/build-result.hh" #include using namespace nix; From ce8b1eb2c4735b0bb6e65760c935daf0b8605a8b Mon Sep 17 00:00:00 2001 From: oldshensheep Date: Tue, 18 Mar 2025 18:01:40 +0800 Subject: [PATCH 407/815] Improve the documentation of store path # Conflicts: # doc/manual/source/protocols/store-path.md (cherry picked from commit 355a923e812f07cb6ab72776114e4d1ad2c7dacd) --- doc/manual/source/protocols/store-path.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/manual/source/protocols/store-path.md b/doc/manual/source/protocols/store-path.md index ee7fb3a1296..5be2355015f 100644 --- a/doc/manual/source/protocols/store-path.md +++ b/doc/manual/source/protocols/store-path.md @@ -7,7 +7,7 @@ The format of this specification is close to [Extended Backus–Naur form](https Regular users do *not* need to know this information --- store paths can be treated as black boxes computed from the properties of the store objects they refer to. But for those interested in exactly how Nix works, e.g. if they are reimplementing it, this information can be useful. -[store path](@docroot@/store/store-path.md) +[store path]: @docroot@/store/store-path.md ## Store path proper @@ -30,7 +30,7 @@ the end, while base-16 processes in from the beginning. ## Fingerprint - ```ebnf - fingerprint = type ":" sha256 ":" inner-digest ":" store ":" name + fingerprint = type ":sha256:" inner-digest ":" store ":" name ``` Note that it includes the location of the store as well as the name to make sure that changes to either of those are reflected in the hash From 9fd8f5ef04f19248aa4f394264abc463e2ecfee5 Mon Sep 17 00:00:00 2001 From: Valentin Gagarin Date: Thu, 10 Oct 2024 22:40:37 +0200 Subject: [PATCH 408/815] doc: note that function bindings are accessible in default values Co-authored-by: Robert Hensing (cherry picked from commit 9c3dd34cfedeb1f7ec5fb2aacdbf855e0f8e82a6) --- doc/manual/source/language/syntax.md | 41 +++++++++++++++++++++++++++- 1 file changed, 40 insertions(+), 1 deletion(-) diff --git a/doc/manual/source/language/syntax.md b/doc/manual/source/language/syntax.md index 506afbea130..08a64f68421 100644 --- a/doc/manual/source/language/syntax.md +++ b/doc/manual/source/language/syntax.md @@ -443,7 +443,7 @@ three kinds of patterns: This works on any set that contains at least the three named attributes. - It is possible to provide *default values* for attributes, in + - It is possible to provide *default values* for attributes, in which case they are allowed to be missing. A default value is specified by writing `name ? e`, where *e* is an arbitrary expression. For example, @@ -503,6 +503,45 @@ three kinds of patterns: > [ 23 {} ] > ``` + - All bindings introduced by the function are in scope in the entire function expression; not just in the body. + It can therefore be used in default values. + + > **Example** + > + > A parameter (`x`), is used in the default value for another parameter (`y`): + > + > ```nix + > let + > f = { x, y ? [x] }: { inherit y; }; + > in + > f { x = 3; } + > ``` + > + > This evaluates to: + > + > ```nix + > { + > y = [ 3 ]; + > } + > ``` + + > **Example** + > + > The binding of an `@` pattern, `args`, is used in the default value for a parameter, `x`: + > + > ```nix + > let + > f = args@{ x ? args.a, ... }: x; + > in + > f { a = 1; } + > ``` + > + > This evaluates to: + > + > ```nix + > 1 + > ``` + Note that functions do not have names. If you want to give them a name, you can bind them to an attribute, e.g., From 5f74cf9b7a60a26ce6695e316ab2e574186c5c0a Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Tue, 1 Apr 2025 15:19:46 +0200 Subject: [PATCH 409/815] Apply makeNotAllowedError to empty repos (cherry picked from commit 67e957b636d7e038c58bb21febd3493984c61d04) --- src/libexpr/eval.cc | 2 +- src/libfetchers/filtering-source-accessor.cc | 14 +++++++++-- src/libfetchers/git-utils.cc | 12 ++++------ .../nix/fetchers/filtering-source-accessor.hh | 3 +++ tests/functional/flakes/meson.build | 3 ++- tests/functional/flakes/source-paths.sh | 23 +++++++++++++++++++ 6 files changed, 45 insertions(+), 12 deletions(-) create mode 100644 tests/functional/flakes/source-paths.sh diff --git a/src/libexpr/eval.cc b/src/libexpr/eval.cc index 624d7d4aad8..36f2cd7d743 100644 --- a/src/libexpr/eval.cc +++ b/src/libexpr/eval.cc @@ -273,7 +273,7 @@ EvalState::EvalState( /* Apply access control if needed. */ if (settings.restrictEval || settings.pureEval) - accessor = AllowListSourceAccessor::create(accessor, {}, + accessor = AllowListSourceAccessor::create(accessor, {}, {}, [&settings](const CanonPath & path) -> RestrictedPathError { auto modeInformation = settings.pureEval ? "in pure evaluation mode (use '--impure' to override)" diff --git a/src/libfetchers/filtering-source-accessor.cc b/src/libfetchers/filtering-source-accessor.cc index b1ba841403a..72a3fb4ebad 100644 --- a/src/libfetchers/filtering-source-accessor.cc +++ b/src/libfetchers/filtering-source-accessor.cc @@ -58,18 +58,23 @@ void FilteringSourceAccessor::checkAccess(const CanonPath & path) struct AllowListSourceAccessorImpl : AllowListSourceAccessor { std::set allowedPrefixes; + std::unordered_set allowedPaths; AllowListSourceAccessorImpl( ref next, std::set && allowedPrefixes, + std::unordered_set && allowedPaths, MakeNotAllowedError && makeNotAllowedError) : AllowListSourceAccessor(SourcePath(next), std::move(makeNotAllowedError)) , allowedPrefixes(std::move(allowedPrefixes)) + , allowedPaths(std::move(allowedPaths)) { } bool isAllowed(const CanonPath & path) override { - return path.isAllowed(allowedPrefixes); + return + allowedPaths.contains(path) + || path.isAllowed(allowedPrefixes); } void allowPrefix(CanonPath prefix) override @@ -81,9 +86,14 @@ struct AllowListSourceAccessorImpl : AllowListSourceAccessor ref AllowListSourceAccessor::create( ref next, std::set && allowedPrefixes, + std::unordered_set && allowedPaths, MakeNotAllowedError && makeNotAllowedError) { - return make_ref(next, std::move(allowedPrefixes), std::move(makeNotAllowedError)); + return make_ref( + next, + std::move(allowedPrefixes), + std::move(allowedPaths), + std::move(makeNotAllowedError)); } bool CachingFilteringSourceAccessor::isAllowed(const CanonPath & path) diff --git a/src/libfetchers/git-utils.cc b/src/libfetchers/git-utils.cc index 3ffefc94006..a1131af9144 100644 --- a/src/libfetchers/git-utils.cc +++ b/src/libfetchers/git-utils.cc @@ -1215,16 +1215,12 @@ ref GitRepoImpl::getAccessor( ref GitRepoImpl::getAccessor(const WorkdirInfo & wd, bool exportIgnore, MakeNotAllowedError makeNotAllowedError) { auto self = ref(shared_from_this()); - /* In case of an empty workdir, return an empty in-memory tree. We - cannot use AllowListSourceAccessor because it would return an - error for the root (and we can't add the root to the allow-list - since that would allow access to all its children). */ ref fileAccessor = - wd.files.empty() - ? makeEmptySourceAccessor() - : AllowListSourceAccessor::create( + AllowListSourceAccessor::create( makeFSSourceAccessor(path), - std::set { wd.files }, + std::set{ wd.files }, + // Always allow access to the root, but not its children. + std::unordered_set{CanonPath::root}, std::move(makeNotAllowedError)).cast(); if (exportIgnore) return make_ref(self, fileAccessor, std::nullopt); diff --git a/src/libfetchers/include/nix/fetchers/filtering-source-accessor.hh b/src/libfetchers/include/nix/fetchers/filtering-source-accessor.hh index 0e6b71e9ada..2b59f03ca22 100644 --- a/src/libfetchers/include/nix/fetchers/filtering-source-accessor.hh +++ b/src/libfetchers/include/nix/fetchers/filtering-source-accessor.hh @@ -2,6 +2,8 @@ #include "nix/util/source-path.hh" +#include + namespace nix { /** @@ -70,6 +72,7 @@ struct AllowListSourceAccessor : public FilteringSourceAccessor static ref create( ref next, std::set && allowedPrefixes, + std::unordered_set && allowedPaths, MakeNotAllowedError && makeNotAllowedError); using FilteringSourceAccessor::FilteringSourceAccessor; diff --git a/tests/functional/flakes/meson.build b/tests/functional/flakes/meson.build index 74ff3d91d80..b8c650db403 100644 --- a/tests/functional/flakes/meson.build +++ b/tests/functional/flakes/meson.build @@ -29,7 +29,8 @@ suites += { 'non-flake-inputs.sh', 'relative-paths.sh', 'symlink-paths.sh', - 'debugger.sh' + 'debugger.sh', + 'source-paths.sh', ], 'workdir': meson.current_source_dir(), } diff --git a/tests/functional/flakes/source-paths.sh b/tests/functional/flakes/source-paths.sh new file mode 100644 index 00000000000..4709bf2fcec --- /dev/null +++ b/tests/functional/flakes/source-paths.sh @@ -0,0 +1,23 @@ +#!/usr/bin/env bash + +source ./common.sh + +requireGit + +repo=$TEST_ROOT/repo + +createGitRepo "$repo" + +cat > "$repo/flake.nix" < Date: Mon, 31 Mar 2025 21:35:15 -0400 Subject: [PATCH 410/815] Improve and fix the error message when a file is not tracked by Git (cherry picked from commit 62e2304891375f642ac7b52358d36455ce99171a) --- src/libfetchers/git.cc | 20 +++++++++++++++----- 1 file changed, 15 insertions(+), 5 deletions(-) diff --git a/src/libfetchers/git.cc b/src/libfetchers/git.cc index fb91f98a32d..e9dc17df379 100644 --- a/src/libfetchers/git.cc +++ b/src/libfetchers/git.cc @@ -534,11 +534,21 @@ struct GitInputScheme : InputScheme static MakeNotAllowedError makeNotAllowedError(std::string url) { - return [url{std::move(url)}](const CanonPath & path) -> RestrictedPathError - { - if (nix::pathExists(path.abs())) - return RestrictedPathError("access to path '%s' is forbidden because it is not under Git control; maybe you should 'git add' it to the repository '%s'?", path, url); - else + return [url{std::move(url)}](const CanonPath & path) -> RestrictedPathError { + if (nix::pathExists(url + "/" + path.abs())) { + auto relativePath = path.rel(); // .makeRelative(CanonPath("/")); + + return RestrictedPathError( + "'%s' is not tracked by Git.\n" + "\n" + "To use '%s', stage it in the Git repository at '%s':\n" + "\n" + "git add %s", + relativePath, + relativePath, + url, + relativePath); + } else return RestrictedPathError("path '%s' does not exist in Git repository '%s'", path, url); }; } From b4813a1b559100cc8af5a40c067d2cc8551ffef5 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Tue, 1 Apr 2025 15:14:20 +0200 Subject: [PATCH 411/815] Tweak error message (cherry picked from commit 277c29a64b379d66fe17a0c68260481a63fdcdd2) --- src/libfetchers/git.cc | 26 +++++++++++--------------- 1 file changed, 11 insertions(+), 15 deletions(-) diff --git a/src/libfetchers/git.cc b/src/libfetchers/git.cc index e9dc17df379..849fa7abe8a 100644 --- a/src/libfetchers/git.cc +++ b/src/libfetchers/git.cc @@ -532,24 +532,20 @@ struct GitInputScheme : InputScheme return *head; } - static MakeNotAllowedError makeNotAllowedError(std::string url) + static MakeNotAllowedError makeNotAllowedError(std::filesystem::path repoPath) { - return [url{std::move(url)}](const CanonPath & path) -> RestrictedPathError { - if (nix::pathExists(url + "/" + path.abs())) { - auto relativePath = path.rel(); // .makeRelative(CanonPath("/")); - + return [repoPath{std::move(repoPath)}](const CanonPath & path) -> RestrictedPathError { + if (nix::pathExists(repoPath / path.rel())) return RestrictedPathError( - "'%s' is not tracked by Git.\n" + "File '%1%' in the repository %2% is not tracked by Git.\n" "\n" - "To use '%s', stage it in the Git repository at '%s':\n" + "To make it visible to Nix, run:\n" "\n" - "git add %s", - relativePath, - relativePath, - url, - relativePath); - } else - return RestrictedPathError("path '%s' does not exist in Git repository '%s'", path, url); + "git -C %2% add \"%1%\"", + path.rel(), + repoPath); + else + return RestrictedPathError("path '%s' does not exist in Git repository %s", path, repoPath); }; } @@ -757,7 +753,7 @@ struct GitInputScheme : InputScheme ref accessor = repo->getAccessor(repoInfo.workdirInfo, exportIgnore, - makeNotAllowedError(repoInfo.locationToArg())); + makeNotAllowedError(repoPath)); /* If the repo has submodules, return a mounted input accessor consisting of the accessor for the top-level repo and the From c45f97b9f44c4207bb7e3d553051cdd573a50965 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Tue, 1 Apr 2025 22:56:14 +0200 Subject: [PATCH 412/815] Make Git error messages more consistent (cherry picked from commit f15681df26bbbf246c226530d1ab814a172a7e87) --- src/libfetchers/git.cc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/libfetchers/git.cc b/src/libfetchers/git.cc index 849fa7abe8a..4cc7260768d 100644 --- a/src/libfetchers/git.cc +++ b/src/libfetchers/git.cc @@ -537,7 +537,7 @@ struct GitInputScheme : InputScheme return [repoPath{std::move(repoPath)}](const CanonPath & path) -> RestrictedPathError { if (nix::pathExists(repoPath / path.rel())) return RestrictedPathError( - "File '%1%' in the repository %2% is not tracked by Git.\n" + "Path '%1%' in the repository %2% is not tracked by Git.\n" "\n" "To make it visible to Nix, run:\n" "\n" @@ -545,7 +545,7 @@ struct GitInputScheme : InputScheme path.rel(), repoPath); else - return RestrictedPathError("path '%s' does not exist in Git repository %s", path, repoPath); + return RestrictedPathError("Path '%s' does not exist in Git repository %s.", path.rel(), repoPath); }; } From 086058d17c83c9e55226d252e4236482ebccc74a Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Wed, 2 Apr 2025 19:26:12 +0000 Subject: [PATCH 413/815] Prepare release v3.2.1 From 3ad67d1a0369923b4161870d8486a4bd961e9461 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Wed, 2 Apr 2025 19:26:15 +0000 Subject: [PATCH 414/815] Set .version-determinate to 3.2.1 --- .version-determinate | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.version-determinate b/.version-determinate index 944880fa15e..e4604e3afd0 100644 --- a/.version-determinate +++ b/.version-determinate @@ -1 +1 @@ -3.2.0 +3.2.1 From 0b66c182213aa2e6fe8b28ae23ad3800989f6719 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 2 Apr 2025 21:39:02 +0200 Subject: [PATCH 415/815] Update meta.maintainers field for nixos-unstable (cherry picked from commit 7eb76186ba79387a5757b2e2e3f1b0d62e218221) --- flake.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.nix b/flake.nix index bfb2c712725..84cbd127fd0 100644 --- a/flake.nix +++ b/flake.nix @@ -157,9 +157,9 @@ pkgs = final; src = self; maintainers = with lib.maintainers; [ - edolstra - Ericson2314 - Mic92 + eelco + ericson2314 + mic92 roberth tomberek ]; From b3b4fc21dae59d36dcf59c3905f84d2a6bd6f51f Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 2 Apr 2025 21:40:03 +0200 Subject: [PATCH 416/815] Remove meta.maintainers Some of the maintainer attribute names got changed in nixos-unstable (e.g. "edolstra" is now "eelco") but we want this flake to work on nixos-24.11. So just get rid of them. (cherry picked from commit 93d8f620575cb6e5d5403b2654af81f31f16b338) --- flake.nix | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/flake.nix b/flake.nix index 84cbd127fd0..32c9975f11f 100644 --- a/flake.nix +++ b/flake.nix @@ -156,13 +156,7 @@ inherit officialRelease; pkgs = final; src = self; - maintainers = with lib.maintainers; [ - eelco - ericson2314 - mic92 - roberth - tomberek - ]; + maintainers = [ ]; }; }; From 9c7f662586c437a361f062d58a9cf99a85b6fd81 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Tue, 1 Apr 2025 19:04:45 +0200 Subject: [PATCH 417/815] libgit2: use upstream version if possible we don't seem to use libgit2 for fetching via ssh, hence it shouldn't matter if it's using libssh or the ssh binary. (cherry picked from commit 0b61b758fb6c26f0cd3052ccbd442247c0bbb86d) --- packaging/dependencies.nix | 68 ++++++++++++++++++-------------------- 1 file changed, 33 insertions(+), 35 deletions(-) diff --git a/packaging/dependencies.nix b/packaging/dependencies.nix index 535b3ff3739..0af670bfb09 100644 --- a/packaging/dependencies.nix +++ b/packaging/dependencies.nix @@ -65,39 +65,37 @@ scope: { installPhase = lib.replaceStrings [ "--without-python" ] [ "" ] old.installPhase; }); - libgit2 = pkgs.libgit2.overrideAttrs ( - attrs: - { - cmakeFlags = attrs.cmakeFlags or [ ] ++ [ "-DUSE_SSH=exec" ]; - } - # libgit2: Nixpkgs 24.11 has < 1.9.0, which needs our patches - // lib.optionalAttrs (!lib.versionAtLeast pkgs.libgit2.version "1.9.0") { - nativeBuildInputs = - attrs.nativeBuildInputs or [ ] - # gitMinimal does not build on Windows. See packbuilder patch. - ++ lib.optionals (!stdenv.hostPlatform.isWindows) [ - # Needed for `git apply`; see `prePatch` - pkgs.buildPackages.gitMinimal - ]; - # Only `git apply` can handle git binary patches - prePatch = - attrs.prePatch or "" - + lib.optionalString (!stdenv.hostPlatform.isWindows) '' - patch() { - git apply - } - ''; - patches = - attrs.patches or [ ] - ++ [ - ./patches/libgit2-mempack-thin-packfile.patch - ] - # gitMinimal does not build on Windows, but fortunately this patch only - # impacts interruptibility - ++ lib.optionals (!stdenv.hostPlatform.isWindows) [ - # binary patch; see `prePatch` - ./patches/libgit2-packbuilder-callback-interruptible.patch - ]; - } - ); + libgit2 = + if lib.versionAtLeast pkgs.libgit2.version "1.9.0" then + pkgs.libgit2 + else + pkgs.libgit2.overrideAttrs (attrs: { + # libgit2: Nixpkgs 24.11 has < 1.9.0, which needs our patches + nativeBuildInputs = + attrs.nativeBuildInputs or [ ] + # gitMinimal does not build on Windows. See packbuilder patch. + ++ lib.optionals (!stdenv.hostPlatform.isWindows) [ + # Needed for `git apply`; see `prePatch` + pkgs.buildPackages.gitMinimal + ]; + # Only `git apply` can handle git binary patches + prePatch = + attrs.prePatch or "" + + lib.optionalString (!stdenv.hostPlatform.isWindows) '' + patch() { + git apply + } + ''; + patches = + attrs.patches or [ ] + ++ [ + ./patches/libgit2-mempack-thin-packfile.patch + ] + # gitMinimal does not build on Windows, but fortunately this patch only + # impacts interruptibility + ++ lib.optionals (!stdenv.hostPlatform.isWindows) [ + # binary patch; see `prePatch` + ./patches/libgit2-packbuilder-callback-interruptible.patch + ]; + }); } From 9f488312985f59bfc00e0f5a5697298f6517cdd2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Tue, 1 Apr 2025 19:17:05 +0200 Subject: [PATCH 418/815] remove obsolete stdenv darwinMinVersion override we are more up-to-date now: nix-repl> stdenv.hostPlatform.darwinMinVersion "11.3" (cherry picked from commit d91310bb32b9efca2f1e1a6a767cbe5b0a7f072c) --- flake.nix | 2 +- packaging/dependencies.nix | 19 ------------------- 2 files changed, 1 insertion(+), 20 deletions(-) diff --git a/flake.nix b/flake.nix index bfb2c712725..f956646b77b 100644 --- a/flake.nix +++ b/flake.nix @@ -177,7 +177,7 @@ { otherSplices = final.generateSplicesForMkScope "nixDependencies"; f = import ./packaging/dependencies.nix { - inherit inputs stdenv; + inherit stdenv; pkgs = final; }; }; diff --git a/packaging/dependencies.nix b/packaging/dependencies.nix index 0af670bfb09..f06b65dee3e 100644 --- a/packaging/dependencies.nix +++ b/packaging/dependencies.nix @@ -1,33 +1,14 @@ # These overrides are applied to the dependencies of the Nix components. { - # Flake inputs; used for sources - inputs, - # The raw Nixpkgs, not affected by this scope pkgs, stdenv, }: -let - prevStdenv = stdenv; -in - let inherit (pkgs) lib; - - stdenv = if prevStdenv.isDarwin && prevStdenv.isx86_64 then darwinStdenv else prevStdenv; - - # Fix the following error with the default x86_64-darwin SDK: - # - # error: aligned allocation function of type 'void *(std::size_t, std::align_val_t)' is only available on macOS 10.13 or newer - # - # Despite the use of the 10.13 deployment target here, the aligned - # allocation function Clang uses with this setting actually works - # all the way back to 10.6. - darwinStdenv = pkgs.overrideSDK prevStdenv { darwinMinVersion = "10.13"; }; - in scope: { inherit stdenv; From 703f0fbe74bbc54532d19895bb32932b6fd77eb4 Mon Sep 17 00:00:00 2001 From: John Ericson Date: Wed, 2 Apr 2025 15:20:47 -0400 Subject: [PATCH 419/815] release notes: 2.28.0 --- doc/manual/rl-next/c-api-flake-init.md | 20 ----- doc/manual/source/SUMMARY.md.in | 1 + doc/manual/source/release-notes/rl-2.28.md | 91 ++++++++++++++++++++++ 3 files changed, 92 insertions(+), 20 deletions(-) delete mode 100644 doc/manual/rl-next/c-api-flake-init.md create mode 100644 doc/manual/source/release-notes/rl-2.28.md diff --git a/doc/manual/rl-next/c-api-flake-init.md b/doc/manual/rl-next/c-api-flake-init.md deleted file mode 100644 index d6e7c3890c0..00000000000 --- a/doc/manual/rl-next/c-api-flake-init.md +++ /dev/null @@ -1,20 +0,0 @@ ---- -synopsis: C API `nix_flake_init_global` removed -prs: 12759 -issues: 5638 ---- - -In order to improve the modularity of the code base, we are removing a use of global state, and therefore the `nix_flake_init_global` function. - -Instead, use `nix_flake_settings_add_to_eval_state_builder`. For example: - -```diff -- nix_flake_init_global(ctx, settings); -- HANDLE_ERROR(ctx); -- - nix_eval_state_builder * builder = nix_eval_state_builder_new(ctx, store); - HANDLE_ERROR(ctx); - -+ nix_flake_settings_add_to_eval_state_builder(ctx, settings, builder); -+ HANDLE_ERROR(ctx); -``` diff --git a/doc/manual/source/SUMMARY.md.in b/doc/manual/source/SUMMARY.md.in index 3e7e961cbb5..5932e0999d5 100644 --- a/doc/manual/source/SUMMARY.md.in +++ b/doc/manual/source/SUMMARY.md.in @@ -135,6 +135,7 @@ - [Contributing](development/contributing.md) - [Releases](release-notes/index.md) {{#include ./SUMMARY-rl-next.md}} + - [Release 2.28 (2025-04-02)](release-notes/rl-2.28.md) - [Release 2.27 (2025-03-03)](release-notes/rl-2.27.md) - [Release 2.26 (2025-01-22)](release-notes/rl-2.26.md) - [Release 2.25 (2024-11-07)](release-notes/rl-2.25.md) diff --git a/doc/manual/source/release-notes/rl-2.28.md b/doc/manual/source/release-notes/rl-2.28.md new file mode 100644 index 00000000000..701b405908c --- /dev/null +++ b/doc/manual/source/release-notes/rl-2.28.md @@ -0,0 +1,91 @@ +# Release 2.28.0 (2025-04-02) + +This is an atypical release -- instead of being branched off from `master`, it is branched off from the 2.27.x maintenance branch. +The purpose of this is to satisfy both these goals: + +- Release with number of API-breaking changes that are not suitable to backport to 2.27 + +- Do not Release with arbitrary new commits from master + +The reason for the combinations of these goals is that we would like this version of Nix to the default in Nixpkgs 25.05, yet, we are getting close to the Nixpkgs 25.05 version freeze. +These API changes complete the big infrastructure rework that accompanies the switch to Meson --- we want to batch all these changes together so there is one round of breakage. +But we don't want to to release with arbitrary new changes form master, so close to a major release, before those changes have had time to "incubate". + +## Major changes + +- Unstable C++ API reworked + [#12836](https://github.com/NixOS/nix/pull/12836) + [#12798](https://github.com/NixOS/nix/pull/12798) + [#12773](https://github.com/NixOS/nix/pull/12773) + + Now the C++ interface confirms to common conventions much better than before: + + - All headers are expected to be included with the initial `nix/`, e.g. as `#include "nix/....hh"` (what Nix's headers now do) or `#include ` (what downstream projects may choose to do). + Likewise, the pkg-config files have `-I${includedir}` not `-I${includedir}/nix` or similar. + + Including without the `nix/` like before sometimes worked because of how for `#include` C pre-process checks the directory containing the current file, not just the lookup path, but this was not reliable. + + - All configuration headers are included explicitly by the (regular) headers that need them. + There is no more need to pass `-include` to force additional files to be included. + + - The public, installed configuration headers no longer contain implementation-specific details that are not relevant to the API. + The vast majority of definitions that were previously in there are now moved to new private, non-installed configuration headers. + The renaming definitions now all start with `NIX_`. + + - The name of the Nix component the header comes from + (e.g. `util`, `store`, `expr`, `flake`, etc.) + is now part of the path to the header, coming after `nix` and before the header name + (or rest of the header path, if it is already in a directory). + + Here is a contrived diff showing a few of these changes at once: + + ```diff + @@ @@ + -#include "derived-path.hh" + +#include "nix/store/derived-path.hh" + @@ @@ + +// Would include for the variables used before. But when other headers + +// need these variables. those will include these config themselves. + +#include "nix/store/config.hh" + +#include "nix/expr/config.hh" + @@ @@ + -#include "config.hh" + +// Additionally renamed to distinguish from components' config headers. + +#include "nix/util/configuration.hh" + @@ @@ + -#if HAVE_ACL_SUPPORT + +#if NIX_SUPPORT_ACL + @@ @@ + -#if HAVE_BOEHMGC + +#if NIX_USE_BOEHMGC + @@ @@ + #endif + #endif + @@ @@ + -const char *s = "hi from " SYSTEM; + +const char *s = "hi from " NIX_LOCAL_SYSTEM; + ``` + +- C API `nix_flake_init_global` removed [#5638](https://github.com/NixOS/nix/issues/5638) [#12759](https://github.com/NixOS/nix/pull/12759) + + In order to improve the modularity of the code base, we are removing a use of global state, and therefore the `nix_flake_init_global` function. + + Instead, use `nix_flake_settings_add_to_eval_state_builder`. + For example: + + ```diff + - nix_flake_init_global(ctx, settings); + - HANDLE_ERROR(ctx); + - + nix_eval_state_builder * builder = nix_eval_state_builder_new(ctx, store); + HANDLE_ERROR(ctx); + + + nix_flake_settings_add_to_eval_state_builder(ctx, settings, builder); + + HANDLE_ERROR(ctx); + ``` + + We figured it would be good to do this API change at the same time, also. + +# Contributors + +Querying GitHub API for ce8b1eb2c4735b0bb6e65760c935daf0b8605a8b, to get handle for oldshensheep@gmail.com From 6687ce2a6dcddda457438228ffdc84f300393759 Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Wed, 2 Apr 2025 22:59:58 +0200 Subject: [PATCH 420/815] chore: Update contributor handle caches --- maintainers/data/release-credits-email-to-handle.json | 9 ++++++++- maintainers/data/release-credits-handle-to-name.json | 6 +++++- 2 files changed, 13 insertions(+), 2 deletions(-) diff --git a/maintainers/data/release-credits-email-to-handle.json b/maintainers/data/release-credits-email-to-handle.json index 8f503147486..977555278bd 100644 --- a/maintainers/data/release-credits-email-to-handle.json +++ b/maintainers/data/release-credits-email-to-handle.json @@ -145,5 +145,12 @@ "thebenmachine+git@gmail.com": "bmillwood", "leandro@kip93.net": "kip93", "hello@briancamacho.me": "b-camacho", - "bcamacho@anduril.com": "bcamacho2" + "bcamacho@anduril.com": "bcamacho2", + "oldshensheep@gmail.com": "oldshensheep", + "thomasmiedema@gmail.com": "thomie", + "xokdvium@proton.me": "xokdvium", + "kaction@disroot.org": "KAction", + "serenity@kaction.cc": null, + "dev@erik.work": "Kirens", + "felix@alternativebit.fr": "picnoir" } \ No newline at end of file diff --git a/maintainers/data/release-credits-handle-to-name.json b/maintainers/data/release-credits-handle-to-name.json index 7149149c045..a03a811d474 100644 --- a/maintainers/data/release-credits-handle-to-name.json +++ b/maintainers/data/release-credits-handle-to-name.json @@ -129,5 +129,9 @@ "SomeoneSerge": "Someone", "b-camacho": "Brian Camacho", "MaxHearnden": null, - "kip93": "Leandro Emmanuel Reina Kiperman" + "kip93": "Leandro Emmanuel Reina Kiperman", + "oldshensheep": "Ruby Rose", + "KAction": "Dmitry Bogatov", + "thomie": "Thomas Miedema", + "Kirens": "Erik Nygren" } \ No newline at end of file From fea87a94e61e15c8939f912c9ac3647e4947bf64 Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Wed, 2 Apr 2025 23:02:27 +0200 Subject: [PATCH 421/815] doc/rl-2.28: Add contributors --- doc/manual/source/release-notes/rl-2.28.md | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/doc/manual/source/release-notes/rl-2.28.md b/doc/manual/source/release-notes/rl-2.28.md index 701b405908c..90f4f1d68bb 100644 --- a/doc/manual/source/release-notes/rl-2.28.md +++ b/doc/manual/source/release-notes/rl-2.28.md @@ -88,4 +88,22 @@ But we don't want to to release with arbitrary new changes form master, so close # Contributors -Querying GitHub API for ce8b1eb2c4735b0bb6e65760c935daf0b8605a8b, to get handle for oldshensheep@gmail.com +This earlier-than-usual release was made possible by the following 16 contributors: + +- Farid Zakaria [**(@fzakaria)**](https://github.com/fzakaria) +- Jörg Thalheim [**(@Mic92)**](https://github.com/Mic92) +- Eelco Dolstra [**(@edolstra)**](https://github.com/edolstra) +- Graham Christensen [**(@grahamc)**](https://github.com/grahamc) +- Thomas Miedema [**(@thomie)**](https://github.com/thomie) +- Brian McKenna [**(@puffnfresh)**](https://github.com/puffnfresh) +- Sergei Trofimovich [**(@trofi)**](https://github.com/trofi) +- Dmitry Bogatov [**(@KAction)**](https://github.com/KAction) +- Erik Nygren [**(@Kirens)**](https://github.com/Kirens) +- John Ericson [**(@Ericson2314)**](https://github.com/Ericson2314) +- Sergei Zimmerman [**(@xokdvium)**](https://github.com/xokdvium) +- Ruby Rose [**(@oldshensheep)**](https://github.com/oldshensheep) +- Robert Hensing [**(@roberth)**](https://github.com/roberth) +- jade [**(@lf-)**](https://github.com/lf-) +- Félix [**(@picnoir)**](https://github.com/picnoir) +- Valentin Gagarin [**(@fricklerhandwerk)**](https://github.com/fricklerhandwerk) +- Dmitry Bogatov From b87b3d79f24581ef11cbdc0f09aab14d1cdd62e7 Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Wed, 2 Apr 2025 23:05:37 +0200 Subject: [PATCH 422/815] Fix maintainers/release-credits output --- maintainers/release-credits | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/maintainers/release-credits b/maintainers/release-credits index 7a5c87d7dfb..10ffd48b586 100755 --- a/maintainers/release-credits +++ b/maintainers/release-credits @@ -109,15 +109,15 @@ for sample in samples: s = samples[sample] email = s["email"] if not email in email_to_handle_cache.values: - print(f"Querying GitHub API for {s['hash']}, to get handle for {s['email']}") + print(f"Querying GitHub API for {s['hash']}, to get handle for {s['email']}", file=sys.stderr) ghc = get_github_commit(samples[sample]) gha = ghc["author"] if gha and gha["login"]: handle = gha["login"] - print(f"Handle: {handle}") + print(f"Handle: {handle}", file=sys.stderr) email_to_handle_cache.values[email] = handle else: - print(f"Found no handle for {s['email']}") + print(f"Found no handle for {s['email']}", file=sys.stderr) email_to_handle_cache.values[email] = None handle = email_to_handle_cache.values[email] if handle is not None: From 1ca3ee12873cf19579fbecd264c8bca4fee251df Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Wed, 2 Apr 2025 23:44:30 +0200 Subject: [PATCH 423/815] Edit rl-2.28 --- doc/manual/source/release-notes/rl-2.28.md | 18 +++++++----------- 1 file changed, 7 insertions(+), 11 deletions(-) diff --git a/doc/manual/source/release-notes/rl-2.28.md b/doc/manual/source/release-notes/rl-2.28.md index 90f4f1d68bb..6da09546efe 100644 --- a/doc/manual/source/release-notes/rl-2.28.md +++ b/doc/manual/source/release-notes/rl-2.28.md @@ -1,15 +1,10 @@ # Release 2.28.0 (2025-04-02) -This is an atypical release -- instead of being branched off from `master`, it is branched off from the 2.27.x maintenance branch. -The purpose of this is to satisfy both these goals: +This is an atypical release, and for almost all intents and purposes, it is just a continuation of 2.27; not a feature release. -- Release with number of API-breaking changes that are not suitable to backport to 2.27 +We had originally set the goal of making 2.27 the Nixpkgs default for NixOS 25.05, but dependents that link to Nix need certain _interface breaking_ changes in the C++ headers. This is not something we should do in a patch release, so this is why we branched 2.28 right off 2.27 instead of `master`. -- Do not Release with arbitrary new commits from master - -The reason for the combinations of these goals is that we would like this version of Nix to the default in Nixpkgs 25.05, yet, we are getting close to the Nixpkgs 25.05 version freeze. -These API changes complete the big infrastructure rework that accompanies the switch to Meson --- we want to batch all these changes together so there is one round of breakage. -But we don't want to to release with arbitrary new changes form master, so close to a major release, before those changes have had time to "incubate". +This completes the infrastructure overhaul for the [RFC 132](https://github.com/NixOS/rfcs/blob/master/rfcs/0132-meson-builds-nix.md) switchover to meson as our build system. ## Major changes @@ -29,8 +24,8 @@ But we don't want to to release with arbitrary new changes form master, so close There is no more need to pass `-include` to force additional files to be included. - The public, installed configuration headers no longer contain implementation-specific details that are not relevant to the API. - The vast majority of definitions that were previously in there are now moved to new private, non-installed configuration headers. - The renaming definitions now all start with `NIX_`. + The vast majority of definitions that were previously in there are now moved to new headers that are not installed, but used during Nix's own compilation only. + The remaining macro definitions are renamed to have `NIX_` as a prefix. - The name of the Nix component the header comes from (e.g. `util`, `store`, `expr`, `flake`, etc.) @@ -84,7 +79,8 @@ But we don't want to to release with arbitrary new changes form master, so close + HANDLE_ERROR(ctx); ``` - We figured it would be good to do this API change at the same time, also. + Although this change is not as critical, we figured it would be good to do this API change at the same time, also. + Also note that we try to keep the C API compatible, but we decided to break this function because it was young and likely not in widespread use yet. This frees up time to make important progress on the rest of the C API. # Contributors From d73ed6f3106ef035a17b0fa6bbe4580707663c64 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Wed, 2 Apr 2025 21:22:43 +0200 Subject: [PATCH 424/815] symlink_exists: wrap exceptions into nix exception (cherry picked from commit 779687854f62adfdf448f4ccb37b33887f368621) --- src/libutil/file-system.cc | 12 +++++++++++- src/libutil/include/nix/util/file-system.hh | 5 ++--- 2 files changed, 13 insertions(+), 4 deletions(-) diff --git a/src/libutil/file-system.cc b/src/libutil/file-system.cc index ebc9a9663d8..c8161d270ea 100644 --- a/src/libutil/file-system.cc +++ b/src/libutil/file-system.cc @@ -31,7 +31,17 @@ namespace nix { -namespace fs { using namespace std::filesystem; } +namespace fs { + using namespace std::filesystem; + + bool symlink_exists(const std::filesystem::path & path) { + try { + return std::filesystem::exists(std::filesystem::symlink_status(path)); + } catch (const std::filesystem::filesystem_error & e) { + throw SysError("cannot check existence of %1%", path); + } + } +} bool isAbsolute(PathView path) { diff --git a/src/libutil/include/nix/util/file-system.hh b/src/libutil/include/nix/util/file-system.hh index 78b1cb46cab..acae8830667 100644 --- a/src/libutil/include/nix/util/file-system.hh +++ b/src/libutil/include/nix/util/file-system.hh @@ -134,6 +134,7 @@ bool pathExists(const Path & path); namespace fs { /** + * TODO: we may actually want to use pathExists instead of this function * ``` * symlink_exists(p) = std::filesystem::exists(std::filesystem::symlink_status(p)) * ``` @@ -142,9 +143,7 @@ namespace fs { * std::filesystem::exists(p) = std::filesystem::exists(std::filesystem::status(p)) * ``` */ -inline bool symlink_exists(const std::filesystem::path & path) { - return std::filesystem::exists(std::filesystem::symlink_status(path)); -} +bool symlink_exists(const std::filesystem::path & path); } // namespace fs From f48a72afc5da3d502a258e47042460f8d4b77d5b Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 3 Apr 2025 10:05:58 +0200 Subject: [PATCH 425/815] Revert "Merge pull request #12862 from NixOS/mergify/bp/2.28-maintenance/pr-12853" This reverts commit aff0058b8225fdcd58f45b787dca65ca71a5f657, reversing changes made to cb50eb0370f02ac21c17c5334249366b13bee3fd. --- flake.lock | 8 ++++---- flake.nix | 2 +- src/libfetchers/git-lfs-fetch.cc | 9 ++++----- src/libstore-test-support/outputs-spec.cc | 5 ++--- tests/nixos/git-submodules.nix | 6 +++--- tests/nixos/github-flakes.nix | 4 ++-- tests/nixos/nix-copy-closure.nix | 4 ++-- tests/nixos/nix-copy.nix | 4 ++-- tests/nixos/nix-docker.nix | 2 +- tests/nixos/nss-preload.nix | 4 ++-- tests/nixos/remote-builds-ssh-ng.nix | 4 ++-- tests/nixos/remote-builds.nix | 4 ++-- tests/nixos/s3-binary-cache-store.nix | 4 ++-- tests/nixos/sourcehut-flakes.nix | 4 ++-- 14 files changed, 31 insertions(+), 33 deletions(-) diff --git a/flake.lock b/flake.lock index 7e008fadcfa..ce484a67a2a 100644 --- a/flake.lock +++ b/flake.lock @@ -63,16 +63,16 @@ }, "nixpkgs": { "locked": { - "lastModified": 1743315132, - "narHash": "sha256-6hl6L/tRnwubHcA4pfUUtk542wn2Om+D4UnDhlDW9BE=", + "lastModified": 1734359947, + "narHash": "sha256-1Noao/H+N8nFB4Beoy8fgwrcOQLVm9o4zKW1ODaqK9E=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "52faf482a3889b7619003c0daec593a1912fddc1", + "rev": "48d12d5e70ee91fe8481378e540433a7303dbf6a", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-unstable", + "ref": "release-24.11", "repo": "nixpkgs", "type": "github" } diff --git a/flake.nix b/flake.nix index 41bcf726321..f2fac4f43e0 100644 --- a/flake.nix +++ b/flake.nix @@ -1,7 +1,7 @@ { description = "The purely functional package manager"; - inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; + inputs.nixpkgs.url = "github:NixOS/nixpkgs/release-24.11"; inputs.nixpkgs-regression.url = "github:NixOS/nixpkgs/215d4d0fd80ca5163643b03a33fde804a29cc1e2"; inputs.nixpkgs-23-11.url = "github:NixOS/nixpkgs/a62e6edd6d5e1fa0329b8653c801147986f8d446"; diff --git a/src/libfetchers/git-lfs-fetch.cc b/src/libfetchers/git-lfs-fetch.cc index 97f10f0c6ec..dbf4b1eb9f4 100644 --- a/src/libfetchers/git-lfs-fetch.cc +++ b/src/libfetchers/git-lfs-fetch.cc @@ -44,11 +44,10 @@ static void downloadToSink( static std::string getLfsApiToken(const ParsedURL & url) { - auto [status, output] = runProgram( - RunOptions{ - .program = "ssh", - .args = {*url.authority, "git-lfs-authenticate", url.path, "download"}, - }); + auto [status, output] = runProgram(RunOptions{ + .program = "ssh", + .args = {*url.authority, "git-lfs-authenticate", url.path, "download"}, + }); if (output.empty()) throw Error( diff --git a/src/libstore-test-support/outputs-spec.cc b/src/libstore-test-support/outputs-spec.cc index 5b5251361d4..e186ad8aede 100644 --- a/src/libstore-test-support/outputs-spec.cc +++ b/src/libstore-test-support/outputs-spec.cc @@ -14,9 +14,8 @@ Gen Arbitrary::arbitrary() return gen::just((OutputsSpec) OutputsSpec::All{}); case 1: return gen::map( - gen::nonEmpty( - gen::container( - gen::map(gen::arbitrary(), [](StorePathName n) { return n.name; }))), + gen::nonEmpty(gen::container( + gen::map(gen::arbitrary(), [](StorePathName n) { return n.name; }))), [](StringSet names) { return (OutputsSpec) OutputsSpec::Names{names}; }); default: assert(false); diff --git a/tests/nixos/git-submodules.nix b/tests/nixos/git-submodules.nix index c6f53ada2dc..5b1d9ed5f5f 100644 --- a/tests/nixos/git-submodules.nix +++ b/tests/nixos/git-submodules.nix @@ -45,14 +45,14 @@ client.succeed("chmod 600 /root/.ssh/id_ed25519") # Install the SSH key on the builders. - client.wait_for_unit("network-addresses-eth1.service") + client.wait_for_unit("network-online.target") remote.succeed("mkdir -p -m 700 /root/.ssh") remote.copy_from_host("key.pub", "/root/.ssh/authorized_keys") remote.wait_for_unit("sshd") remote.wait_for_unit("multi-user.target") - remote.wait_for_unit("network-addresses-eth1.service") - client.wait_for_unit("network-addresses-eth1.service") + remote.wait_for_unit("network-online.target") + client.wait_for_unit("network-online.target") client.succeed(f"ssh -o StrictHostKeyChecking=no {remote.name} 'echo hello world'") remote.succeed(""" diff --git a/tests/nixos/github-flakes.nix b/tests/nixos/github-flakes.nix index 30ab1f3331d..dcba464a34d 100644 --- a/tests/nixos/github-flakes.nix +++ b/tests/nixos/github-flakes.nix @@ -187,9 +187,9 @@ in github.succeed("cat /var/log/httpd/*.log >&2") github.wait_for_unit("httpd.service") - github.wait_for_unit("network-addresses-eth1.service") + github.wait_for_unit("network-online.target") - client.wait_for_unit("network-addresses-eth1.service") + client.wait_for_unit("network-online.target") client.succeed("curl -v https://github.com/ >&2") out = client.succeed("nix registry list") print(out) diff --git a/tests/nixos/nix-copy-closure.nix b/tests/nixos/nix-copy-closure.nix index 34e3a2c7de7..b6ec856e0e4 100644 --- a/tests/nixos/nix-copy-closure.nix +++ b/tests/nixos/nix-copy-closure.nix @@ -70,9 +70,9 @@ in server.copy_from_host("key.pub", "/root/.ssh/authorized_keys") server.wait_for_unit("sshd") server.wait_for_unit("multi-user.target") - server.wait_for_unit("network-addresses-eth1.service") + server.wait_for_unit("network-online.target") - client.wait_for_unit("network-addresses-eth1.service") + client.wait_for_unit("network-online.target") client.succeed(f"ssh -o StrictHostKeyChecking=no {server.name} 'echo hello world'") # Copy the closure of package A from the client to the server. diff --git a/tests/nixos/nix-copy.nix b/tests/nixos/nix-copy.nix index 64de622de76..3565e83e71a 100644 --- a/tests/nixos/nix-copy.nix +++ b/tests/nixos/nix-copy.nix @@ -79,9 +79,9 @@ in server.wait_for_unit("sshd") server.wait_for_unit("multi-user.target") - server.wait_for_unit("network-addresses-eth1.service") + server.wait_for_unit("network-online.target") - client.wait_for_unit("network-addresses-eth1.service") + client.wait_for_unit("network-online.target") client.wait_for_unit("getty@tty1.service") # Either the prompt: ]# # or an OCR misreading of it: 1# diff --git a/tests/nixos/nix-docker.nix b/tests/nixos/nix-docker.nix index c58a00cddbb..bd77b25c8b2 100644 --- a/tests/nixos/nix-docker.nix +++ b/tests/nixos/nix-docker.nix @@ -61,7 +61,7 @@ in { nodes }: '' cache.wait_for_unit("harmonia.service") - cache.wait_for_unit("network-addresses-eth1.service") + cache.wait_for_unit("network-online.target") machine.succeed("mkdir -p /etc/containers") machine.succeed("""echo '{"default":[{"type":"insecureAcceptAnything"}]}' > /etc/containers/policy.json""") diff --git a/tests/nixos/nss-preload.nix b/tests/nixos/nss-preload.nix index d99f22208cb..29cd5e6a296 100644 --- a/tests/nixos/nss-preload.nix +++ b/tests/nixos/nss-preload.nix @@ -145,7 +145,7 @@ in testScript = { nodes, ... }: '' - http_dns.wait_for_unit("network-addresses-eth1.service") + http_dns.wait_for_unit("network-online.target") http_dns.wait_for_unit("nginx") http_dns.wait_for_open_port(80) http_dns.wait_for_unit("unbound") @@ -153,7 +153,7 @@ in client.start() client.wait_for_unit('multi-user.target') - client.wait_for_unit('network-addresses-eth1.service') + client.wait_for_unit('network-online.target') with subtest("can fetch data from a remote server outside sandbox"): client.succeed("nix --version >&2") diff --git a/tests/nixos/remote-builds-ssh-ng.nix b/tests/nixos/remote-builds-ssh-ng.nix index c298ab92d46..72652202932 100644 --- a/tests/nixos/remote-builds-ssh-ng.nix +++ b/tests/nixos/remote-builds-ssh-ng.nix @@ -102,12 +102,12 @@ in client.succeed("chmod 600 /root/.ssh/id_ed25519") # Install the SSH key on the builder. - client.wait_for_unit("network-addresses-eth1.service") + client.wait_for_unit("network-online.target") builder.succeed("mkdir -p -m 700 /root/.ssh") builder.copy_from_host("key.pub", "/root/.ssh/authorized_keys") builder.wait_for_unit("sshd") builder.wait_for_unit("multi-user.target") - builder.wait_for_unit("network-addresses-eth1.service") + builder.wait_for_unit("network-online.target") client.succeed(f"ssh -o StrictHostKeyChecking=no {builder.name} 'echo hello world'") diff --git a/tests/nixos/remote-builds.nix b/tests/nixos/remote-builds.nix index fbfff9a7dc7..3251984db5e 100644 --- a/tests/nixos/remote-builds.nix +++ b/tests/nixos/remote-builds.nix @@ -123,12 +123,12 @@ in client.succeed("chmod 600 /root/.ssh/id_ed25519") # Install the SSH key on the builders. - client.wait_for_unit("network-addresses-eth1.service") + client.wait_for_unit("network-online.target") for builder in [builder1, builder2]: builder.succeed("mkdir -p -m 700 /root/.ssh") builder.copy_from_host("key.pub", "/root/.ssh/authorized_keys") builder.wait_for_unit("sshd") - builder.wait_for_unit("network-addresses-eth1.service") + builder.wait_for_unit("network-online.target") # Make sure the builder can handle our login correctly builder.wait_for_unit("multi-user.target") # Make sure there's no funny business on the client either diff --git a/tests/nixos/s3-binary-cache-store.nix b/tests/nixos/s3-binary-cache-store.nix index fc55a27ae14..8e480866070 100644 --- a/tests/nixos/s3-binary-cache-store.nix +++ b/tests/nixos/s3-binary-cache-store.nix @@ -67,14 +67,14 @@ in # Create a binary cache. server.wait_for_unit("minio") - server.wait_for_unit("network-addresses-eth1.service") + server.wait_for_unit("network-online.target") server.succeed("mc config host add minio http://localhost:9000 ${accessKey} ${secretKey} --api s3v4") server.succeed("mc mb minio/my-cache") server.succeed("${env} nix copy --to '${storeUrl}' ${pkgA}") - client.wait_for_unit("network-addresses-eth1.service") + client.wait_for_unit("network-online.target") # Test fetchurl on s3:// URLs while we're at it. client.succeed("${env} nix eval --impure --expr 'builtins.fetchurl { name = \"foo\"; url = \"s3://my-cache/nix-cache-info?endpoint=http://server:9000®ion=eu-west-1\"; }'") diff --git a/tests/nixos/sourcehut-flakes.nix b/tests/nixos/sourcehut-flakes.nix index 61670ccf346..bb26b7ebbdc 100644 --- a/tests/nixos/sourcehut-flakes.nix +++ b/tests/nixos/sourcehut-flakes.nix @@ -139,8 +139,8 @@ in start_all() sourcehut.wait_for_unit("httpd.service") - sourcehut.wait_for_unit("network-addresses-eth1.service") - client.wait_for_unit("network-addresses-eth1.service") + sourcehut.wait_for_unit("network-online.target") + client.wait_for_unit("network-online.target") client.succeed("curl -v https://git.sr.ht/ >&2") client.succeed("nix registry list | grep nixpkgs") From 994c8b6a7aa5ac303d651a5bd882c6bde1cfa21c Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 20 Feb 2025 01:42:29 +0100 Subject: [PATCH 426/815] Set path display for substituted inputs (cherry picked from commit 4a397cfb808c6e4112ae670589ce10d36239bc7d) --- src/libfetchers/fetchers.cc | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/libfetchers/fetchers.cc b/src/libfetchers/fetchers.cc index 8b1b2b0cbc5..3ae45dcf821 100644 --- a/src/libfetchers/fetchers.cc +++ b/src/libfetchers/fetchers.cc @@ -323,6 +323,8 @@ std::pair, Input> Input::getAccessorUnchecked(ref sto accessor->fingerprint = getFingerprint(store); + accessor->setPathDisplay("«" + to_string() + "»"); + return {accessor, *this}; } catch (Error & e) { debug("substitution of input '%s' failed: %s", to_string(), e.what()); From 36ce86dfb6cb2ebfdefa209483638360799c79d4 Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Thu, 3 Apr 2025 23:15:24 +0200 Subject: [PATCH 427/815] Revert "remove obsolete stdenv darwinMinVersion override" This reverts commit d91310bb32b9efca2f1e1a6a767cbe5b0a7f072c. > Some packages require setting a non-default deployment target > (or minimum version) to gain access to certain APIs. You do > that using the darwinMinVersionHook, which takes the deployment > target version as a parameter. -- https://github.com/NixOS/nixpkgs/blob/60b54c7aee3c0cefde72d1a151bb7d3a46361ca2/doc/stdenv/platform-notes.chapter.md#what-is-a-deployment-target-or-minimum-version-sec-darwin-troubleshooting-using-deployment-targets This will again solve error: ../nix_api_expr.cc:38:18: error: aligned allocation function of type 'void *(std::size_t, std::align_val_t)' is only available on macOS 10.13 or newer -- https://hydra.nixos.org/build/294088946 (cherry picked from commit 5c4a4aeed7aeb808b5c3c6edc89b8f35d640f40b) --- flake.nix | 2 +- packaging/dependencies.nix | 19 +++++++++++++++++++ 2 files changed, 20 insertions(+), 1 deletion(-) diff --git a/flake.nix b/flake.nix index f2fac4f43e0..674326925ba 100644 --- a/flake.nix +++ b/flake.nix @@ -171,7 +171,7 @@ { otherSplices = final.generateSplicesForMkScope "nixDependencies"; f = import ./packaging/dependencies.nix { - inherit stdenv; + inherit inputs stdenv; pkgs = final; }; }; diff --git a/packaging/dependencies.nix b/packaging/dependencies.nix index f06b65dee3e..0af670bfb09 100644 --- a/packaging/dependencies.nix +++ b/packaging/dependencies.nix @@ -1,14 +1,33 @@ # These overrides are applied to the dependencies of the Nix components. { + # Flake inputs; used for sources + inputs, + # The raw Nixpkgs, not affected by this scope pkgs, stdenv, }: +let + prevStdenv = stdenv; +in + let inherit (pkgs) lib; + + stdenv = if prevStdenv.isDarwin && prevStdenv.isx86_64 then darwinStdenv else prevStdenv; + + # Fix the following error with the default x86_64-darwin SDK: + # + # error: aligned allocation function of type 'void *(std::size_t, std::align_val_t)' is only available on macOS 10.13 or newer + # + # Despite the use of the 10.13 deployment target here, the aligned + # allocation function Clang uses with this setting actually works + # all the way back to 10.6. + darwinStdenv = pkgs.overrideSDK prevStdenv { darwinMinVersion = "10.13"; }; + in scope: { inherit stdenv; From b9fc326a9ab4c5bd1cdc112157c627d564ed0d46 Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Thu, 3 Apr 2025 23:21:11 +0200 Subject: [PATCH 428/815] packaging/dependency: Clarify darwinMinVersion (cherry picked from commit 4be92e7b82376a76e78622d61c7db047f6bbf402) --- packaging/dependencies.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/packaging/dependencies.nix b/packaging/dependencies.nix index 0af670bfb09..ed05843c786 100644 --- a/packaging/dependencies.nix +++ b/packaging/dependencies.nix @@ -26,6 +26,9 @@ let # Despite the use of the 10.13 deployment target here, the aligned # allocation function Clang uses with this setting actually works # all the way back to 10.6. + # NOTE: this is not just a version constraint, but a request to make Darwin + # provide this version level of support. Removing this minimum version + # request will regress the above error. darwinStdenv = pkgs.overrideSDK prevStdenv { darwinMinVersion = "10.13"; }; in From 651df5099608e19bbbaa739c1843bd6211700a7b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Thu, 3 Apr 2025 13:27:39 +0200 Subject: [PATCH 429/815] create cache entry for paths already in the nix store This allows path:/nix/store/* paths to not be copied twice to the nix store. (cherry picked from commit 61c6210dbf2096b89d1c4bc963bc3a044042fed4) --- src/libfetchers/fetch-to-store.cc | 23 +++++++++++++------ .../include/nix/fetchers/fetch-to-store.hh | 4 ++++ src/libfetchers/path.cc | 10 ++++++++ 3 files changed, 30 insertions(+), 7 deletions(-) diff --git a/src/libfetchers/fetch-to-store.cc b/src/libfetchers/fetch-to-store.cc index ea33922b63c..f1b02f4e0a8 100644 --- a/src/libfetchers/fetch-to-store.cc +++ b/src/libfetchers/fetch-to-store.cc @@ -1,9 +1,23 @@ #include "nix/fetchers/fetch-to-store.hh" #include "nix/fetchers/fetchers.hh" -#include "nix/fetchers/cache.hh" namespace nix { +fetchers::Cache::Key makeFetchToStoreCacheKey( + const std::string &name, + const std::string &fingerprint, + ContentAddressMethod method, + const std::string &path) +{ + return fetchers::Cache::Key{"fetchToStore", { + {"name", name}, + {"fingerprint", fingerprint}, + {"method", std::string{method.render()}}, + {"path", path} + }}; + +} + StorePath fetchToStore( Store & store, const SourcePath & path, @@ -19,12 +33,7 @@ StorePath fetchToStore( std::optional cacheKey; if (!filter && path.accessor->fingerprint) { - cacheKey = fetchers::Cache::Key{"fetchToStore", { - {"name", std::string{name}}, - {"fingerprint", *path.accessor->fingerprint}, - {"method", std::string{method.render()}}, - {"path", path.path.abs()} - }}; + cacheKey = makeFetchToStoreCacheKey(std::string{name}, *path.accessor->fingerprint, method, path.path.abs()); if (auto res = fetchers::getCache()->lookupStorePath(*cacheKey, store)) { debug("store path cache hit for '%s'", path); return res->storePath; diff --git a/src/libfetchers/include/nix/fetchers/fetch-to-store.hh b/src/libfetchers/include/nix/fetchers/fetch-to-store.hh index a0144cb7672..44c33c147ed 100644 --- a/src/libfetchers/include/nix/fetchers/fetch-to-store.hh +++ b/src/libfetchers/include/nix/fetchers/fetch-to-store.hh @@ -5,6 +5,7 @@ #include "nix/util/file-system.hh" #include "nix/util/repair-flag.hh" #include "nix/util/file-content-address.hh" +#include "nix/fetchers/cache.hh" namespace nix { @@ -22,4 +23,7 @@ StorePath fetchToStore( PathFilter * filter = nullptr, RepairFlag repair = NoRepair); +fetchers::Cache::Key makeFetchToStoreCacheKey( + const std::string & name, const std::string & fingerprint, ContentAddressMethod method, const std::string & path); + } diff --git a/src/libfetchers/path.cc b/src/libfetchers/path.cc index 173368dccf4..670397cb6b1 100644 --- a/src/libfetchers/path.cc +++ b/src/libfetchers/path.cc @@ -2,6 +2,8 @@ #include "nix/store/store-api.hh" #include "nix/util/archive.hh" #include "nix/fetchers/store-path-accessor.hh" +#include "nix/fetchers/cache.hh" +#include "nix/fetchers/fetch-to-store.hh" namespace nix::fetchers { @@ -142,6 +144,14 @@ struct PathInputScheme : InputScheme storePath = store->addToStoreFromDump(*src, "source"); } + // To avoid copying the path again to the /nix/store, we need to add a cache entry. + ContentAddressMethod method = ContentAddressMethod::Raw::NixArchive; + auto fp = getFingerprint(store, input); + if (fp) { + auto cacheKey = makeFetchToStoreCacheKey(input.getName(), *fp, method, "/"); + fetchers::getCache()->upsert(cacheKey, *store, {}, *storePath); + } + /* Trust the lastModified value supplied by the user, if any. It's not a "secure" attribute so we don't care. */ if (!input.getLastModified()) From 0b4fea787232ab009dac7e6eeda46a967df64730 Mon Sep 17 00:00:00 2001 From: John Ericson Date: Wed, 2 Apr 2025 15:17:26 -0400 Subject: [PATCH 430/815] Fix windows build (cherry picked from commit 652a628d1c49c4ec11018a4cce775a48383ca307) --- src/libfetchers/git.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libfetchers/git.cc b/src/libfetchers/git.cc index 4cc7260768d..71bb8c0b751 100644 --- a/src/libfetchers/git.cc +++ b/src/libfetchers/git.cc @@ -535,7 +535,7 @@ struct GitInputScheme : InputScheme static MakeNotAllowedError makeNotAllowedError(std::filesystem::path repoPath) { return [repoPath{std::move(repoPath)}](const CanonPath & path) -> RestrictedPathError { - if (nix::pathExists(repoPath / path.rel())) + if (fs::symlink_exists(repoPath / path.rel())) return RestrictedPathError( "Path '%1%' in the repository %2% is not tracked by Git.\n" "\n" From d81cd04d232aef91e0c367c2de52a79272d77272 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 4 Apr 2025 18:03:19 +0200 Subject: [PATCH 431/815] Bump version --- .version | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.version b/.version index 90efbd4e31e..9738a24f699 100644 --- a/.version +++ b/.version @@ -1 +1 @@ -2.28.0 +2.28.1 From 5c90b41715261120f69f7dd171bc2e6691ceab10 Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Sat, 5 Apr 2025 00:45:19 +0200 Subject: [PATCH 432/815] Add -Wundef to make #if FOO an error if not defined This commit has all the straightforward stuff. --- nix-meson-build-support/common/meson.build | 1 + src/build-remote/build-remote.cc | 4 ++-- src/libexpr-tests/main.cc | 2 +- src/libexpr/eval-gc.cc | 2 +- src/libmain/shared.cc | 4 ++-- src/libstore-tests/s3-binary-cache-store.cc | 1 + src/libstore/filetransfer.cc | 1 + src/libstore/globals.cc | 10 +++++----- src/libstore/include/nix/store/globals.hh | 2 +- src/libstore/include/nix/store/s3.hh | 2 +- src/libstore/optimise-store.cc | 3 ++- src/libstore/posix-fs-canonicalise.cc | 2 +- src/libstore/s3-binary-cache-store.cc | 1 + .../unix/build/local-derivation-goal.cc | 18 ++++++++++-------- src/libutil/archive.cc | 2 +- src/libutil/file-descriptor.cc | 2 +- src/libutil/file-system.cc | 2 +- src/libutil/fs-sink.cc | 2 +- .../include/nix/util/file-descriptor.hh | 4 ++-- src/libutil/terminal.cc | 2 +- src/libutil/unix/processes.cc | 2 +- src/nix/crash-handler.cc | 2 +- src/nix/unix/daemon.cc | 2 +- 23 files changed, 40 insertions(+), 33 deletions(-) diff --git a/nix-meson-build-support/common/meson.build b/nix-meson-build-support/common/meson.build index 67b6658f594..9d77831b3d1 100644 --- a/nix-meson-build-support/common/meson.build +++ b/nix-meson-build-support/common/meson.build @@ -10,6 +10,7 @@ add_project_arguments( '-Werror=suggest-override', '-Werror=switch', '-Werror=switch-enum', + '-Werror=undef', '-Werror=unused-result', '-Wignored-qualifiers', '-Wimplicit-fallthrough', diff --git a/src/build-remote/build-remote.cc b/src/build-remote/build-remote.cc index b4eaa389b7f..60247b73592 100644 --- a/src/build-remote/build-remote.cc +++ b/src/build-remote/build-remote.cc @@ -5,7 +5,7 @@ #include #include #include -#if __APPLE__ +#ifdef __APPLE__ #include #endif @@ -225,7 +225,7 @@ static int main_build_remote(int argc, char * * argv) break; } -#if __APPLE__ +#ifdef __APPLE__ futimes(bestSlotLock.get(), NULL); #else futimens(bestSlotLock.get(), NULL); diff --git a/src/libexpr-tests/main.cc b/src/libexpr-tests/main.cc index 6fdaa91782b..66afc227246 100644 --- a/src/libexpr-tests/main.cc +++ b/src/libexpr-tests/main.cc @@ -27,7 +27,7 @@ int main (int argc, char **argv) { settings.sandboxBuildDir = "/test-build-dir-instead-of-usual-build-dir"; #endif - #if __APPLE__ + #ifdef __APPLE__ // Avoid this error, when already running in a sandbox: // sandbox-exec: sandbox_apply: Operation not permitted settings.sandboxMode = smDisabled; diff --git a/src/libexpr/eval-gc.cc b/src/libexpr/eval-gc.cc index 6fc5ac334b3..bec6680017e 100644 --- a/src/libexpr/eval-gc.cc +++ b/src/libexpr/eval-gc.cc @@ -10,7 +10,7 @@ #if NIX_USE_BOEHMGC # include -# if __FreeBSD__ +# ifdef __FreeBSD__ # include # endif diff --git a/src/libmain/shared.cc b/src/libmain/shared.cc index 65bfcfbd57f..7ff93f6d9c7 100644 --- a/src/libmain/shared.cc +++ b/src/libmain/shared.cc @@ -26,7 +26,7 @@ #include "nix/util/strings.hh" #include "main-config-private.hh" - +#include "nix/expr/config.hh" namespace nix { @@ -144,7 +144,7 @@ void initNix(bool loadConfig) if (sigaction(SIGUSR1, &act, 0)) throw SysError("handling SIGUSR1"); #endif -#if __APPLE__ +#ifdef __APPLE__ /* HACK: on darwin, we need can’t use sigprocmask with SIGWINCH. * Instead, add a dummy sigaction handler, and signalHandlerThread * can handle the rest. */ diff --git a/src/libstore-tests/s3-binary-cache-store.cc b/src/libstore-tests/s3-binary-cache-store.cc index be338084ff1..dbb414f2b2a 100644 --- a/src/libstore-tests/s3-binary-cache-store.cc +++ b/src/libstore-tests/s3-binary-cache-store.cc @@ -1,3 +1,4 @@ +#include "store-tests-config.hh" #if ENABLE_S3 # include diff --git a/src/libstore/filetransfer.cc b/src/libstore/filetransfer.cc index 9d83bfa132b..2851ab04818 100644 --- a/src/libstore/filetransfer.cc +++ b/src/libstore/filetransfer.cc @@ -8,6 +8,7 @@ #include "nix/util/callback.hh" #include "nix/util/signals.hh" +#include "store-config-private.hh" #if ENABLE_S3 #include #endif diff --git a/src/libstore/globals.cc b/src/libstore/globals.cc index a3633b08442..6b93e34bb08 100644 --- a/src/libstore/globals.cc +++ b/src/libstore/globals.cc @@ -25,7 +25,7 @@ # include #endif -#if __APPLE__ +#ifdef __APPLE__ # include "nix/util/processes.hh" #endif @@ -90,7 +90,7 @@ Settings::Settings() #endif /* chroot-like behavior from Apple's sandbox */ -#if __APPLE__ +#ifdef __APPLE__ sandboxPaths = tokenizeString("/System/Library/Frameworks /System/Library/PrivateFrameworks /bin/sh /bin/bash /private/tmp /private/var/tmp /usr/lib"); allowedImpureHostPrefixes = tokenizeString("/System/Library /usr/lib /dev /bin/sh"); #endif @@ -151,7 +151,7 @@ unsigned int Settings::getDefaultCores() return concurrency; } -#if __APPLE__ +#ifdef __APPLE__ static bool hasVirt() { int hasVMM; @@ -190,7 +190,7 @@ StringSet Settings::getDefaultSystemFeatures() features.insert("kvm"); #endif - #if __APPLE__ + #ifdef __APPLE__ if (hasVirt()) features.insert("apple-virt"); #endif @@ -374,7 +374,7 @@ void initLibStore(bool loadConfig) { [1] https://github.com/apple-oss-distributions/objc4/blob/01edf1705fbc3ff78a423cd21e03dfc21eb4d780/runtime/objc-initialize.mm#L614-L636 */ curl_global_init(CURL_GLOBAL_ALL); -#if __APPLE__ +#ifdef __APPLE__ /* On macOS, don't use the per-session TMPDIR (as set e.g. by sshd). This breaks build users because they don't have access to the TMPDIR, in particular in ‘nix-store --serve’. */ diff --git a/src/libstore/include/nix/store/globals.hh b/src/libstore/include/nix/store/globals.hh index 4c4395e05e4..38757bcd40f 100644 --- a/src/libstore/include/nix/store/globals.hh +++ b/src/libstore/include/nix/store/globals.hh @@ -708,7 +708,7 @@ public: Setting allowedImpureHostPrefixes{this, {}, "allowed-impure-host-deps", "Which prefixes to allow derivations to ask for access to (primarily for Darwin)."}; -#if __APPLE__ +#ifdef __APPLE__ Setting darwinLogSandboxViolations{this, false, "darwin-log-sandbox-violations", "Whether to log Darwin sandbox access violations to the system log."}; #endif diff --git a/src/libstore/include/nix/store/s3.hh b/src/libstore/include/nix/store/s3.hh index c49fa3fb8b2..5ac5b9a9f75 100644 --- a/src/libstore/include/nix/store/s3.hh +++ b/src/libstore/include/nix/store/s3.hh @@ -1,6 +1,6 @@ #pragma once ///@file - +#include "store-config-private.hh" #if ENABLE_S3 #include "nix/util/ref.hh" diff --git a/src/libstore/optimise-store.cc b/src/libstore/optimise-store.cc index 17e13758b6e..27779505354 100644 --- a/src/libstore/optimise-store.cc +++ b/src/libstore/optimise-store.cc @@ -13,6 +13,7 @@ #include #include +#include "store-config-private.hh" namespace nix { @@ -96,7 +97,7 @@ void LocalStore::optimisePath_(Activity * act, OptimiseStats & stats, auto st = lstat(path); -#if __APPLE__ +#ifdef __APPLE__ /* HFS/macOS has some undocumented security feature disabling hardlinking for special files within .app dirs. Known affected paths include *.app/Contents/{PkgInfo,Resources/\*.lproj,_CodeSignature} and .DS_Store. diff --git a/src/libstore/posix-fs-canonicalise.cc b/src/libstore/posix-fs-canonicalise.cc index df51ba307cf..aeb35eab5f4 100644 --- a/src/libstore/posix-fs-canonicalise.cc +++ b/src/libstore/posix-fs-canonicalise.cc @@ -58,7 +58,7 @@ static void canonicalisePathMetaData_( { checkInterrupt(); -#if __APPLE__ +#ifdef __APPLE__ /* Remove flags, in particular UF_IMMUTABLE which would prevent the file from being garbage-collected. FIXME: Use setattrlist() to remove other attributes as well. */ diff --git a/src/libstore/s3-binary-cache-store.cc b/src/libstore/s3-binary-cache-store.cc index e76a508ba73..4e51e728ae7 100644 --- a/src/libstore/s3-binary-cache-store.cc +++ b/src/libstore/s3-binary-cache-store.cc @@ -1,3 +1,4 @@ +#include "store-config-private.hh" #if ENABLE_S3 #include diff --git a/src/libstore/unix/build/local-derivation-goal.cc b/src/libstore/unix/build/local-derivation-goal.cc index 302569ac6d8..c7a0e3ccb31 100644 --- a/src/libstore/unix/build/local-derivation-goal.cc +++ b/src/libstore/unix/build/local-derivation-goal.cc @@ -60,7 +60,7 @@ # include "nix/store/personality.hh" #endif -#if __APPLE__ +#ifdef __APPLE__ #include #include #include @@ -76,6 +76,8 @@ extern "C" int sandbox_init_with_parameters(const char *profile, uint64_t flags, #include "nix/util/strings.hh" #include "nix/util/signals.hh" +#include "store-config-private.hh" + namespace nix { void handleDiffHook( @@ -205,7 +207,7 @@ Goal::Co LocalDerivationGoal::tryLocalBuild() if (drvOptions->noChroot) throw Error("derivation '%s' has '__noChroot' set, " "but that's not allowed when 'sandbox' is 'true'", worker.store.printStorePath(drvPath)); -#if __APPLE__ +#ifdef __APPLE__ if (drvOptions->additionalSandboxProfile != "") throw Error("derivation '%s' specifies a sandbox profile, " "but this is only allowed when 'sandbox' is 'relaxed'", worker.store.printStorePath(drvPath)); @@ -548,7 +550,7 @@ void LocalDerivationGoal::startBuilder() /* Create a temporary directory where the build will take place. */ topTmpDir = createTempDir(settings.buildDir.get().value_or(""), "nix-build-" + std::string(drvPath.name()), false, false, 0700); -#if __APPLE__ +#ifdef __APPLE__ if (false) { #else if (useChroot) { @@ -826,7 +828,7 @@ void LocalDerivationGoal::startBuilder() #else if (drvOptions->useUidRange(*drv)) throw Error("feature 'uid-range' is not supported on this platform"); - #if __APPLE__ + #ifdef __APPLE__ /* We don't really have any parent prep work to do (yet?) All work happens in the child, instead. */ #else @@ -906,7 +908,7 @@ void LocalDerivationGoal::startBuilder() if (chown(slaveName.c_str(), buildUser->getUID(), 0)) throw SysError("changing owner of pseudoterminal slave"); } -#if __APPLE__ +#ifdef __APPLE__ else { if (grantpt(builderOut.get())) throw SysError("granting access to pseudoterminal slave"); @@ -1933,7 +1935,7 @@ void LocalDerivationGoal::runChild() for (auto & i : pathsInChroot) { if (i.second.source == "/proc") continue; // backwards compatibility - #if HAVE_EMBEDDED_SANDBOX_SHELL + #ifdef HAVE_EMBEDDED_SANDBOX_SHELL if (i.second.source == "__embedded_sandbox_shell__") { static unsigned char sh[] = { #include "embedded-sandbox-shell.gen.hh" @@ -2087,7 +2089,7 @@ void LocalDerivationGoal::runChild() throw SysError("setuid failed"); } -#if __APPLE__ +#ifdef __APPLE__ /* This has to appear before import statements. */ std::string sandboxProfile = "(version 1)\n"; @@ -2258,7 +2260,7 @@ void LocalDerivationGoal::runChild() for (auto & i : drv->args) args.push_back(rewriteStrings(i, inputRewrites)); -#if __APPLE__ +#ifdef __APPLE__ posix_spawnattr_t attrp; if (posix_spawnattr_init(&attrp)) diff --git a/src/libutil/archive.cc b/src/libutil/archive.cc index 143d0108511..487873ce606 100644 --- a/src/libutil/archive.cc +++ b/src/libutil/archive.cc @@ -17,7 +17,7 @@ namespace nix { struct ArchiveSettings : Config { Setting useCaseHack{this, - #if __APPLE__ + #ifdef __APPLE__ true, #else false, diff --git a/src/libutil/file-descriptor.cc b/src/libutil/file-descriptor.cc index 042edbf551d..4fc0f06cd42 100644 --- a/src/libutil/file-descriptor.cc +++ b/src/libutil/file-descriptor.cc @@ -98,7 +98,7 @@ void AutoCloseFD::fsync() const result = #ifdef _WIN32 ::FlushFileBuffers(fd) -#elif __APPLE__ +#elif defined(__APPLE__) ::fcntl(fd, F_FULLFSYNC) #else ::fsync(fd) diff --git a/src/libutil/file-system.cc b/src/libutil/file-system.cc index c8161d270ea..c7cea4b589a 100644 --- a/src/libutil/file-system.cc +++ b/src/libutil/file-system.cc @@ -574,7 +574,7 @@ Path createTempDir(const Path & tmpRoot, const Path & prefix, , mode #endif ) == 0) { -#if __FreeBSD__ +#ifdef __FreeBSD__ /* Explicitly set the group of the directory. This is to work around around problems caused by BSD's group ownership semantics (directories inherit the group of diff --git a/src/libutil/fs-sink.cc b/src/libutil/fs-sink.cc index aa46b3cd2af..7b8fc3b2a31 100644 --- a/src/libutil/fs-sink.cc +++ b/src/libutil/fs-sink.cc @@ -4,7 +4,7 @@ #include "nix/util/config-global.hh" #include "nix/util/fs-sink.hh" -#if _WIN32 +#ifdef _WIN32 # include # include "nix/util/file-path.hh" # include "nix/util/windows-error.hh" diff --git a/src/libutil/include/nix/util/file-descriptor.hh b/src/libutil/include/nix/util/file-descriptor.hh index 2e8b4ce105f..4f13a9a8fda 100644 --- a/src/libutil/include/nix/util/file-descriptor.hh +++ b/src/libutil/include/nix/util/file-descriptor.hh @@ -18,7 +18,7 @@ struct Source; * Operating System capability */ using Descriptor = -#if _WIN32 +#ifdef _WIN32 HANDLE #else int @@ -26,7 +26,7 @@ using Descriptor = ; const Descriptor INVALID_DESCRIPTOR = -#if _WIN32 +#ifdef _WIN32 INVALID_HANDLE_VALUE #else -1 diff --git a/src/libutil/terminal.cc b/src/libutil/terminal.cc index 77766fae1f6..fa0f7e87143 100644 --- a/src/libutil/terminal.cc +++ b/src/libutil/terminal.cc @@ -2,7 +2,7 @@ #include "nix/util/environment-variables.hh" #include "nix/util/sync.hh" -#if _WIN32 +#ifdef _WIN32 # include # define WIN32_LEAN_AND_MEAN # include diff --git a/src/libutil/unix/processes.cc b/src/libutil/unix/processes.cc index c436076ee49..4df0a777787 100644 --- a/src/libutil/unix/processes.cc +++ b/src/libutil/unix/processes.cc @@ -78,7 +78,7 @@ int Pid::kill() /* On BSDs, killing a process group will return EPERM if all processes in the group are zombies (or something like that). So try to detect and ignore that situation. */ -#if __FreeBSD__ || __APPLE__ +#if defined(__FreeBSD__) || defined(__APPLE__) if (errno != EPERM || ::kill(pid, 0) != 0) #endif logError(SysError("killing process %d", pid).info()); diff --git a/src/nix/crash-handler.cc b/src/nix/crash-handler.cc index 17d346ecce8..d65773fa0d5 100644 --- a/src/nix/crash-handler.cc +++ b/src/nix/crash-handler.cc @@ -8,7 +8,7 @@ #include // Darwin and FreeBSD stdenv do not define _GNU_SOURCE but do have _Unwind_Backtrace. -#if __APPLE__ || __FreeBSD__ +#if defined(__APPLE__) || defined(__FreeBSD__) # define BOOST_STACKTRACE_GNU_SOURCE_NOT_REQUIRED #endif diff --git a/src/nix/unix/daemon.cc b/src/nix/unix/daemon.cc index 4e60ba1024c..1acf2bd5bfa 100644 --- a/src/nix/unix/daemon.cc +++ b/src/nix/unix/daemon.cc @@ -38,7 +38,7 @@ #include "nix/util/cgroup.hh" #endif -#if __APPLE__ || __FreeBSD__ +#if defined(__APPLE__) || defined(__FreeBSD__) #include #endif From bd2d5b7335ea1c3e756bf27b775729e580b0b27b Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Sat, 5 Apr 2025 00:46:06 +0200 Subject: [PATCH 433/815] Hack together a fix for the public headers Please fix this. --- src/libexpr/expr-config.hh | 3 +++ src/libexpr/include/nix/expr/config.hh | 1 + src/libexpr/include/nix/expr/meson.build | 1 + src/libexpr/meson.build | 11 +++++++++++ src/libmain/meson.build | 2 ++ src/libmain/package.nix | 5 +++++ src/libstore-tests/meson.build | 3 +++ src/libstore/meson.build | 8 +++++++- 8 files changed, 33 insertions(+), 1 deletion(-) create mode 100644 src/libexpr/expr-config.hh create mode 120000 src/libexpr/include/nix/expr/config.hh diff --git a/src/libexpr/expr-config.hh b/src/libexpr/expr-config.hh new file mode 100644 index 00000000000..e28b461c018 --- /dev/null +++ b/src/libexpr/expr-config.hh @@ -0,0 +1,3 @@ +// TODO: Remove this damn file while keeping public config headers working +#error \ + "This file is a placeholder. It only exists so that meson accepts the symbolic link include/nix/expr/config.hh to this file, but we expect meson to overwrite it with the real file. Apparently that did not happen. I deeply apologize for this mess." diff --git a/src/libexpr/include/nix/expr/config.hh b/src/libexpr/include/nix/expr/config.hh new file mode 120000 index 00000000000..45d3ca29d23 --- /dev/null +++ b/src/libexpr/include/nix/expr/config.hh @@ -0,0 +1 @@ +../../../expr-config.hh \ No newline at end of file diff --git a/src/libexpr/include/nix/expr/meson.build b/src/libexpr/include/nix/expr/meson.build index 01275e52ee1..3eb80de6836 100644 --- a/src/libexpr/include/nix/expr/meson.build +++ b/src/libexpr/include/nix/expr/meson.build @@ -10,6 +10,7 @@ config_pub_h = configure_file( headers = [config_pub_h] + files( 'attr-path.hh', 'attr-set.hh', + 'config.hh', 'eval-cache.hh', 'eval-error.hh', 'eval-gc.hh', diff --git a/src/libexpr/meson.build b/src/libexpr/meson.build index 2e773938da0..402bca0e19a 100644 --- a/src/libexpr/meson.build +++ b/src/libexpr/meson.build @@ -79,6 +79,11 @@ config_priv_h = configure_file( output : 'expr-config-private.hh', ) +config_pub_h = configure_file( + configuration : configdata_pub, + output : 'expr-config.hh', +) + subdir('nix-meson-build-support/common') parser_tab = custom_target( @@ -163,6 +168,8 @@ subdir('primops') subdir('nix-meson-build-support/export-all-symbols') subdir('nix-meson-build-support/windows-version') +headers += [config_pub_h] + this_library = library( 'nixexpr', sources, @@ -181,4 +188,8 @@ install_headers(headers, subdir : 'nix/expr', preserve_path : true) libraries_private = [] +nixexpr_dep = declare_dependency( + include_directories : include_directories('.'), + link_with : this_library, +) subdir('nix-meson-build-support/export') diff --git a/src/libmain/meson.build b/src/libmain/meson.build index 414fc679fb6..4f78d265b85 100644 --- a/src/libmain/meson.build +++ b/src/libmain/meson.build @@ -17,6 +17,8 @@ subdir('nix-meson-build-support/deps-lists') configdata = configuration_data() deps_private_maybe_subproject = [ + # This dependency may be very limited; was introduced for NIX_USE_BOEHMGC macro dependency + dependency('nix-expr'), ] deps_public_maybe_subproject = [ dependency('nix-util'), diff --git a/src/libmain/package.nix b/src/libmain/package.nix index 9496034649c..7b0a4dee7da 100644 --- a/src/libmain/package.nix +++ b/src/libmain/package.nix @@ -6,6 +6,7 @@ nix-util, nix-store, + nix-expr, # Configuration Options @@ -33,6 +34,10 @@ mkMesonLibrary (finalAttrs: { ]; propagatedBuildInputs = [ + # FIXME: This is only here for the NIX_USE_BOEHMGC macro dependency + # Removing nix-expr will make the build more concurrent and is + # architecturally nice, perhaps. + nix-expr nix-util nix-store openssl diff --git a/src/libstore-tests/meson.build b/src/libstore-tests/meson.build index 1822a352067..eb3d145309c 100644 --- a/src/libstore-tests/meson.build +++ b/src/libstore-tests/meson.build @@ -40,6 +40,9 @@ deps_private += gtest configdata = configuration_data() configdata.set_quoted('PACKAGE_VERSION', meson.project_version()) +aws_s3 = dependency('aws-cpp-sdk-s3', required : false) +configdata.set('ENABLE_S3', aws_s3.found().to_int()) + config_priv_h = configure_file( configuration : configdata, output : 'store-tests-config.hh', diff --git a/src/libstore/meson.build b/src/libstore/meson.build index 1ee11ec11f7..fecf2f449d4 100644 --- a/src/libstore/meson.build +++ b/src/libstore/meson.build @@ -158,6 +158,7 @@ if get_option('embedded-sandbox-shell') # The path to busybox is passed as a -D flag when compiling this_library. # This solution is inherited from the old make buildsystem # TODO: do this differently? + # TODO: at least define it unconditionally, so we get checking from -Wundef configdata_priv.set('HAVE_EMBEDDED_SANDBOX_SHELL', 1) hexdump = find_program('hexdump', native : true) embedded_sandbox_shell_gen = custom_target( @@ -181,6 +182,11 @@ config_priv_h = configure_file( output : 'store-config-private.hh', ) +config_pub_h = configure_file( + configuration : configdata_pub, + output : 'store-config.hh', +) + subdir('nix-meson-build-support/common') sources = files( @@ -362,7 +368,7 @@ this_library = library( install : true, ) -install_headers(headers, subdir : 'nix/store', preserve_path : true) +install_headers(headers + [ config_pub_h ], subdir : 'nix/store', preserve_path : true) libraries_private = [] From 615344fdf05334ffc25a85f30080ee970f0e1426 Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Sat, 5 Apr 2025 00:58:07 +0200 Subject: [PATCH 434/815] Fix more -Wundef, in darwin context --- src/libexpr-tests/main.cc | 2 +- src/libstore/filetransfer.cc | 4 +-- src/libstore/gc.cc | 4 +-- src/libstore/globals.cc | 8 ++--- src/libstore/include/nix/store/globals.hh | 14 ++++----- src/libstore/local-store.cc | 4 +-- src/libstore/store-api.cc | 2 +- .../unix/build/local-derivation-goal.cc | 30 +++++++++---------- src/libstore/unix/user-lock.cc | 6 ++-- src/libutil/current-process.cc | 8 ++--- src/libutil/file-descriptor.cc | 2 +- src/libutil/unix/file-descriptor.cc | 6 ++-- src/libutil/unix/processes.cc | 4 +-- src/libutil/unix/signals.cc | 2 +- src/nix/main.cc | 4 +-- src/nix/run.cc | 8 ++--- src/nix/unix/daemon.cc | 4 +-- 17 files changed, 56 insertions(+), 56 deletions(-) diff --git a/src/libexpr-tests/main.cc b/src/libexpr-tests/main.cc index 66afc227246..52cca53c407 100644 --- a/src/libexpr-tests/main.cc +++ b/src/libexpr-tests/main.cc @@ -14,7 +14,7 @@ int main (int argc, char **argv) { // Disable build hook. We won't be testing remote builds in these unit tests. If we do, fix the above build hook. settings.buildHook = {}; - #if __linux__ // should match the conditional around sandboxBuildDir declaration. + #ifdef __linux__ // should match the conditional around sandboxBuildDir declaration. // When building and testing nix within the host's Nix sandbox, our store dir will be located in the host's sandboxBuildDir, e.g.: // Host diff --git a/src/libstore/filetransfer.cc b/src/libstore/filetransfer.cc index 2851ab04818..e858962246d 100644 --- a/src/libstore/filetransfer.cc +++ b/src/libstore/filetransfer.cc @@ -13,7 +13,7 @@ #include #endif -#if __linux__ +#ifdef __linux__ # include "nix/util/namespaces.hh" #endif @@ -622,7 +622,7 @@ struct curlFileTransfer : public FileTransfer }); #endif - #if __linux__ + #ifdef __linux__ try { tryUnshareFilesystem(); } catch (nix::Error & e) { diff --git a/src/libstore/gc.cc b/src/libstore/gc.cc index cb3a3c1cdb9..dabfa4a5f16 100644 --- a/src/libstore/gc.cc +++ b/src/libstore/gc.cc @@ -335,7 +335,7 @@ static std::string quoteRegexChars(const std::string & raw) return std::regex_replace(raw, specialRegex, R"(\$&)"); } -#if __linux__ +#ifdef __linux__ static void readFileRoots(const std::filesystem::path & path, UncheckedRoots & roots) { try { @@ -427,7 +427,7 @@ void LocalStore::findRuntimeRoots(Roots & roots, bool censor) } #endif -#if __linux__ +#ifdef __linux__ readFileRoots("/proc/sys/kernel/modprobe", unchecked); readFileRoots("/proc/sys/kernel/fbsplash", unchecked); readFileRoots("/proc/sys/kernel/poweroff_cmd", unchecked); diff --git a/src/libstore/globals.cc b/src/libstore/globals.cc index 6b93e34bb08..1df0a846ea4 100644 --- a/src/libstore/globals.cc +++ b/src/libstore/globals.cc @@ -181,11 +181,11 @@ StringSet Settings::getDefaultSystemFeatures() actually require anything special on the machines. */ StringSet features{"nixos-test", "benchmark", "big-parallel"}; - #if __linux__ + #ifdef __linux__ features.insert("uid-range"); #endif - #if __linux__ + #ifdef __linux__ if (access("/dev/kvm", R_OK | W_OK) == 0) features.insert("kvm"); #endif @@ -205,7 +205,7 @@ StringSet Settings::getDefaultExtraPlatforms() if (std::string{NIX_LOCAL_SYSTEM} == "x86_64-linux" && !isWSL1()) extraPlatforms.insert("i686-linux"); -#if __linux__ +#ifdef __linux__ StringSet levels = computeLevels(); for (auto iter = levels.begin(); iter != levels.end(); ++iter) extraPlatforms.insert(*iter + "-linux"); @@ -224,7 +224,7 @@ StringSet Settings::getDefaultExtraPlatforms() bool Settings::isWSL1() { -#if __linux__ +#ifdef __linux__ struct utsname utsbuf; uname(&utsbuf); // WSL1 uses -Microsoft suffix diff --git a/src/libstore/include/nix/store/globals.hh b/src/libstore/include/nix/store/globals.hh index 38757bcd40f..82211d8dc17 100644 --- a/src/libstore/include/nix/store/globals.hh +++ b/src/libstore/include/nix/store/globals.hh @@ -34,7 +34,7 @@ struct MaxBuildJobsSetting : public BaseSetting }; const uint32_t maxIdsPerBuild = - #if __linux__ + #ifdef __linux__ 1 << 16 #else 1 @@ -467,7 +467,7 @@ public: )", {}, true, Xp::AutoAllocateUids}; Setting startId{this, - #if __linux__ + #ifdef __linux__ 0x34000000, #else 56930, @@ -476,7 +476,7 @@ public: "The first UID and GID to use for dynamic ID allocation."}; Setting uidCount{this, - #if __linux__ + #ifdef __linux__ maxIdsPerBuild * 128, #else 128, @@ -484,7 +484,7 @@ public: "id-count", "The number of UIDs/GIDs to use for dynamic ID allocation."}; - #if __linux__ + #ifdef __linux__ Setting useCgroups{ this, false, "use-cgroups", R"( @@ -596,7 +596,7 @@ public: Setting sandboxMode{ this, - #if __linux__ + #ifdef __linux__ smEnabled #else smDisabled @@ -671,7 +671,7 @@ public: )"}; #endif -#if __linux__ +#ifdef __linux__ Setting sandboxShmSize{ this, "50%", "sandbox-dev-shm-size", R"( @@ -1066,7 +1066,7 @@ public: // Don't document the machine-specific default value false}; -#if __linux__ +#ifdef __linux__ Setting filterSyscalls{ this, true, "filter-syscalls", R"( diff --git a/src/libstore/local-store.cc b/src/libstore/local-store.cc index e0699fac02b..949f0f74f1b 100644 --- a/src/libstore/local-store.cc +++ b/src/libstore/local-store.cc @@ -38,7 +38,7 @@ # include #endif -#if __linux__ +#ifdef __linux__ # include # include # include @@ -575,7 +575,7 @@ void LocalStore::upgradeDBSchema(State & state) bind mount. So make the Nix store writable for this process. */ void LocalStore::makeStoreWritable() { -#if __linux__ +#ifdef __linux__ if (!isRootUser()) return; /* Check if /nix/store is on a read-only mount. */ struct statvfs stat; diff --git a/src/libstore/store-api.cc b/src/libstore/store-api.cc index a0104b96a07..d3bccd7afc7 100644 --- a/src/libstore/store-api.cc +++ b/src/libstore/store-api.cc @@ -1300,7 +1300,7 @@ ref openStore(StoreReference && storeURI) return std::make_shared(params); else if (pathExists(settings.nixDaemonSocketFile)) return std::make_shared(params); - #if __linux__ + #ifdef __linux__ else if (!pathExists(stateDir) && params.empty() && !isRootUser() diff --git a/src/libstore/unix/build/local-derivation-goal.cc b/src/libstore/unix/build/local-derivation-goal.cc index c7a0e3ccb31..b521e23bb9f 100644 --- a/src/libstore/unix/build/local-derivation-goal.cc +++ b/src/libstore/unix/build/local-derivation-goal.cc @@ -41,7 +41,7 @@ #endif /* Includes required for chroot support. */ -#if __linux__ +#ifdef __linux__ # include "nix/store/fchmodat2-compat.hh" # include # include @@ -129,7 +129,7 @@ LocalDerivationGoal::~LocalDerivationGoal() inline bool LocalDerivationGoal::needsHashRewrite() { -#if __linux__ +#ifdef __linux__ return !useChroot; #else /* Darwin requires hash rewriting even when sandboxing is enabled. */ @@ -170,7 +170,7 @@ void LocalDerivationGoal::killChild() void LocalDerivationGoal::killSandbox(bool getStats) { if (cgroup) { - #if __linux__ + #ifdef __linux__ auto stats = destroyCgroup(*cgroup); if (getStats) { buildResult.cpuUser = stats.cpuUser; @@ -222,14 +222,14 @@ Goal::Co LocalDerivationGoal::tryLocalBuild() auto & localStore = getLocalStore(); if (localStore.storeDir != localStore.realStoreDir.get()) { - #if __linux__ + #ifdef __linux__ useChroot = true; #else throw Error("building using a diverted store is not supported on this platform"); #endif } - #if __linux__ + #ifdef __linux__ if (useChroot) { if (!mountAndPidNamespacesSupported()) { if (!settings.sandboxFallback) @@ -405,7 +405,7 @@ void LocalDerivationGoal::cleanupPostOutputsRegisteredModeNonCheck() cleanupPostOutputsRegisteredModeCheck(); } -#if __linux__ +#ifdef __linux__ static void doBind(const Path & source, const Path & target, bool optional = false) { debug("bind mounting '%1%' to '%2%'", source, target); @@ -478,12 +478,12 @@ static void handleChildException(bool sendException) void LocalDerivationGoal::startBuilder() { if ((buildUser && buildUser->getUIDCount() != 1) - #if __linux__ + #ifdef __linux__ || settings.useCgroups #endif ) { - #if __linux__ + #ifdef __linux__ experimentalFeatureSettings.require(Xp::Cgroups); /* If we're running from the daemon, then this will return the @@ -729,7 +729,7 @@ void LocalDerivationGoal::startBuilder() pathsInChroot[i] = {i, true}; } -#if __linux__ +#ifdef __linux__ /* Create a temporary directory in which we set up the chroot environment using bind-mounts. We put it in the Nix store so that the build outputs can be moved efficiently from the @@ -943,7 +943,7 @@ void LocalDerivationGoal::startBuilder() /* Fork a child to build the package. */ -#if __linux__ +#ifdef __linux__ if (useChroot) { /* Set up private namespaces for the build: @@ -1143,7 +1143,7 @@ void LocalDerivationGoal::initTmpDir() { /* In a sandbox, for determinism, always use the same temporary directory. */ -#if __linux__ +#ifdef __linux__ tmpDirInSandbox = useChroot ? settings.sandboxBuildDir : tmpDir; #else tmpDirInSandbox = tmpDir; @@ -1646,7 +1646,7 @@ void LocalDerivationGoal::addDependency(const StorePath & path) debug("materialising '%s' in the sandbox", worker.store.printStorePath(path)); - #if __linux__ + #ifdef __linux__ Path source = worker.store.Store::toRealPath(path); Path target = chrootRootDir + worker.store.printStorePath(path); @@ -1696,7 +1696,7 @@ void LocalDerivationGoal::chownToBuilder(const Path & path) void setupSeccomp() { -#if __linux__ +#ifdef __linux__ if (!settings.filterSyscalls) return; #if HAVE_SECCOMP scmp_filter_ctx ctx; @@ -1816,7 +1816,7 @@ void LocalDerivationGoal::runChild() } catch (SystemError &) { } } -#if __linux__ +#ifdef __linux__ if (useChroot) { userNamespaceSync.writeSide = -1; @@ -2050,7 +2050,7 @@ void LocalDerivationGoal::runChild() /* Close all other file descriptors. */ unix::closeExtraFDs(); -#if __linux__ +#ifdef __linux__ linux::setPersonality(drv->platform); #endif diff --git a/src/libstore/unix/user-lock.cc b/src/libstore/unix/user-lock.cc index 770b00e2de3..eb0bac88755 100644 --- a/src/libstore/unix/user-lock.cc +++ b/src/libstore/unix/user-lock.cc @@ -10,7 +10,7 @@ namespace nix { -#if __linux__ +#ifdef __linux__ static std::vector get_group_list(const char *username, gid_t group_id) { @@ -94,7 +94,7 @@ struct SimpleUserLock : UserLock if (lock->uid == getuid() || lock->uid == geteuid()) throw Error("the Nix user should not be a member of '%s'", settings.buildUsersGroup); - #if __linux__ + #ifdef __linux__ /* Get the list of supplementary groups of this user. This is * usually either empty or contains a group such as "kvm". */ @@ -193,7 +193,7 @@ std::unique_ptr acquireUserLock(uid_t nrIds, bool useUserNamespace) bool useBuildUsers() { - #if __linux__ + #ifdef __linux__ static bool b = (settings.buildUsersGroup != "" || settings.autoAllocateUids) && isRootUser(); return b; #elif __APPLE__ diff --git a/src/libutil/current-process.cc b/src/libutil/current-process.cc index 4103c0515d2..8aef4714610 100644 --- a/src/libutil/current-process.cc +++ b/src/libutil/current-process.cc @@ -13,7 +13,7 @@ # include #endif -#if __linux__ +#ifdef __linux__ # include # include "nix/util/cgroup.hh" # include "nix/util/namespaces.hh" @@ -23,7 +23,7 @@ namespace nix { unsigned int getMaxCPU() { - #if __linux__ + #ifdef __linux__ try { auto cgroupFS = getCgroupFS(); if (!cgroupFS) return 0; @@ -82,7 +82,7 @@ void restoreProcessContext(bool restoreMounts) unix::restoreSignals(); #endif if (restoreMounts) { - #if __linux__ + #ifdef __linux__ restoreMountNamespace(); #endif } @@ -106,7 +106,7 @@ std::optional getSelfExe() { static auto cached = []() -> std::optional { - #if __linux__ || __GNU__ + #if defined(__linux__) || defined(__GNU__) return readLink("/proc/self/exe"); #elif __APPLE__ char buf[1024]; diff --git a/src/libutil/file-descriptor.cc b/src/libutil/file-descriptor.cc index 4fc0f06cd42..9e0827442a1 100644 --- a/src/libutil/file-descriptor.cc +++ b/src/libutil/file-descriptor.cc @@ -113,7 +113,7 @@ void AutoCloseFD::fsync() const void AutoCloseFD::startFsync() const { -#if __linux__ +#ifdef __linux__ if (fd != -1) { /* Ignore failure, since fsync must be run later anyway. This is just a performance optimization. */ ::sync_file_range(fd, 0, 0, SYNC_FILE_RANGE_WRITE); diff --git a/src/libutil/unix/file-descriptor.cc b/src/libutil/unix/file-descriptor.cc index 6ce307252ba..73ee4998214 100644 --- a/src/libutil/unix/file-descriptor.cc +++ b/src/libutil/unix/file-descriptor.cc @@ -163,7 +163,7 @@ void Pipe::create() ////////////////////////////////////////////////////////////////////// -#if __linux__ || __FreeBSD__ +#if defined(__linux__) || defined(__FreeBSD__) static int unix_close_range(unsigned int first, unsigned int last, int flags) { #if !HAVE_CLOSE_RANGE @@ -179,7 +179,7 @@ void unix::closeExtraFDs() constexpr int MAX_KEPT_FD = 2; static_assert(std::max({STDIN_FILENO, STDOUT_FILENO, STDERR_FILENO}) == MAX_KEPT_FD); -#if __linux__ || __FreeBSD__ +#if defined(__linux__) || defined(__FreeBSD__) // first try to close_range everything we don't care about. if this // returns an error with these parameters we're running on a kernel // that does not implement close_range (i.e. pre 5.9) and fall back @@ -189,7 +189,7 @@ void unix::closeExtraFDs() } #endif -#if __linux__ +#ifdef __linux__ try { for (auto & s : std::filesystem::directory_iterator{"/proc/self/fd"}) { checkInterrupt(); diff --git a/src/libutil/unix/processes.cc b/src/libutil/unix/processes.cc index 4df0a777787..198243c2076 100644 --- a/src/libutil/unix/processes.cc +++ b/src/libutil/unix/processes.cc @@ -190,7 +190,7 @@ static pid_t doFork(bool allowVfork, ChildWrapperFunction & fun) } -#if __linux__ +#ifdef __linux__ static int childEntry(void * arg) { auto & fun = *reinterpret_cast(arg); @@ -213,7 +213,7 @@ pid_t startProcess(std::function fun, const ProcessOptions & options) logger = makeSimpleLogger(); } try { -#if __linux__ +#ifdef __linux__ if (options.dieWithParent && prctl(PR_SET_PDEATHSIG, SIGKILL) == -1) throw SysError("setting death signal"); #endif diff --git a/src/libutil/unix/signals.cc b/src/libutil/unix/signals.cc index f1cb28527b5..665b9b096e1 100644 --- a/src/libutil/unix/signals.cc +++ b/src/libutil/unix/signals.cc @@ -105,7 +105,7 @@ void unix::setChildSignalMask(sigset_t * sigs) { assert(sigs); // C style function, but think of sigs as a reference -#if _POSIX_C_SOURCE >= 1 || _XOPEN_SOURCE || _POSIX_SOURCE +#if (defined(_POSIX_C_SOURCE) && _POSIX_C_SOURCE >= 1) || (defined(_XOPEN_SOURCE) && _XOPEN_SOURCE) || (defined(_POSIX_SOURCE) && _POSIX_SOURCE) sigemptyset(&savedSignalMask); // There's no "assign" or "copy" function, so we rely on (math) idempotence // of the or operator: a or a = a. diff --git a/src/nix/main.cc b/src/nix/main.cc index 6470213a296..a2c9dcf68da 100644 --- a/src/nix/main.cc +++ b/src/nix/main.cc @@ -36,7 +36,7 @@ # include #endif -#if __linux__ +#ifdef __linux__ # include "nix/util/namespaces.hh" #endif @@ -384,7 +384,7 @@ void mainWrapped(int argc, char * * argv) "__build-remote", }); - #if __linux__ + #ifdef __linux__ if (isRootUser()) { try { saveMountNamespace(); diff --git a/src/nix/run.cc b/src/nix/run.cc index 64eab3ff3de..146ae9ec933 100644 --- a/src/nix/run.cc +++ b/src/nix/run.cc @@ -12,7 +12,7 @@ #include "nix/expr/eval.hh" #include -#if __linux__ +#ifdef __linux__ # include # include "nix/store/personality.hh" #endif @@ -59,7 +59,7 @@ void execProgramInStore(ref store, throw SysError("could not execute chroot helper"); } -#if __linux__ +#ifdef __linux__ if (system) linux::setPersonality(*system); #endif @@ -153,7 +153,7 @@ void chrootHelper(int argc, char * * argv) while (p < argc) args.push_back(argv[p++]); -#if __linux__ +#ifdef __linux__ uid_t uid = getuid(); uid_t gid = getgid(); @@ -212,7 +212,7 @@ void chrootHelper(int argc, char * * argv) writeFile(fs::path{"/proc/self/uid_map"}, fmt("%d %d %d", uid, uid, 1)); writeFile(fs::path{"/proc/self/gid_map"}, fmt("%d %d %d", gid, gid, 1)); -#if __linux__ +#ifdef __linux__ if (system != "") linux::setPersonality(system); #endif diff --git a/src/nix/unix/daemon.cc b/src/nix/unix/daemon.cc index 1acf2bd5bfa..607a7bb0197 100644 --- a/src/nix/unix/daemon.cc +++ b/src/nix/unix/daemon.cc @@ -34,7 +34,7 @@ #include #include -#if __linux__ +#ifdef __linux__ #include "nix/util/cgroup.hh" #endif @@ -317,7 +317,7 @@ static void daemonLoop(std::optional forceTrustClientOpt) // Get rid of children automatically; don't let them become zombies. setSigChldAction(true); - #if __linux__ + #ifdef __linux__ if (settings.useCgroups) { experimentalFeatureSettings.require(Xp::Cgroups); From 3bb46b73a80cebc4f66086505cc2cb4abe33b89b Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Sun, 6 Apr 2025 17:43:10 +0200 Subject: [PATCH 435/815] Fix undefined macro errors (cherry picked from commit 77b4bb74d54edf1597cad73a49b024ff82a30ee8) --- src/libstore/globals.cc | 2 +- src/libstore/unix/user-lock.cc | 2 +- src/libutil/current-process.cc | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/src/libstore/globals.cc b/src/libstore/globals.cc index 1df0a846ea4..c590ccf28b5 100644 --- a/src/libstore/globals.cc +++ b/src/libstore/globals.cc @@ -209,7 +209,7 @@ StringSet Settings::getDefaultExtraPlatforms() StringSet levels = computeLevels(); for (auto iter = levels.begin(); iter != levels.end(); ++iter) extraPlatforms.insert(*iter + "-linux"); -#elif __APPLE__ +#elif defined(__APPLE__) // Rosetta 2 emulation layer can run x86_64 binaries on aarch64 // machines. Note that we can’t force processes from executing // x86_64 in aarch64 environments or vice versa since they can diff --git a/src/libstore/unix/user-lock.cc b/src/libstore/unix/user-lock.cc index eb0bac88755..2bee277f9db 100644 --- a/src/libstore/unix/user-lock.cc +++ b/src/libstore/unix/user-lock.cc @@ -196,7 +196,7 @@ bool useBuildUsers() #ifdef __linux__ static bool b = (settings.buildUsersGroup != "" || settings.autoAllocateUids) && isRootUser(); return b; - #elif __APPLE__ + #elif defined(__APPLE__) static bool b = settings.buildUsersGroup != "" && isRootUser(); return b; #else diff --git a/src/libutil/current-process.cc b/src/libutil/current-process.cc index 8aef4714610..926714ae803 100644 --- a/src/libutil/current-process.cc +++ b/src/libutil/current-process.cc @@ -108,7 +108,7 @@ std::optional getSelfExe() { #if defined(__linux__) || defined(__GNU__) return readLink("/proc/self/exe"); - #elif __APPLE__ + #elif defined(__APPLE__) char buf[1024]; uint32_t size = sizeof(buf); if (_NSGetExecutablePath(buf, &size) == 0) From 49b6766332e7754cd8cc2ee1dd2ccc958b284e54 Mon Sep 17 00:00:00 2001 From: Alexander Romanov Date: Sun, 6 Apr 2025 22:52:46 +0300 Subject: [PATCH 436/815] libflake: add lock file path to invalid json error Previously, when lock file contained invalid JSON nix reported a parser error without specifying the file it came from. This change adds flake.lock file path to the error message to avoid confusion. (cherry picked from commit e3873aa1a0b1881f4380dd53ceb5dbd49c69e2c4) --- src/libflake/flake/lockfile.cc | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/src/libflake/flake/lockfile.cc b/src/libflake/flake/lockfile.cc index ba6f18c57dd..646516caf2a 100644 --- a/src/libflake/flake/lockfile.cc +++ b/src/libflake/flake/lockfile.cc @@ -108,8 +108,13 @@ LockFile::LockFile( const fetchers::Settings & fetchSettings, std::string_view contents, std::string_view path) { - auto json = nlohmann::json::parse(contents); - + auto json = [=] { + try { + return nlohmann::json::parse(contents); + } catch (const nlohmann::json::parse_error & e) { + throw Error("Could not parse '%s': %s", path, e.what()); + } + }(); auto version = json.value("version", 0); if (version < 5 || version > 7) throw Error("lock file '%s' has unsupported version %d", path, version); From 7e96f317536605882388a4ec507ef761ff490e51 Mon Sep 17 00:00:00 2001 From: John Ericson Date: Sun, 6 Apr 2025 17:17:54 -0400 Subject: [PATCH 437/815] Clean some header related things. Revert most of "Hack together a fix for the public headers" - The `libmain` change is kept, and one more libmain change is made. (Need to update Meson and Nix per the package alike). - The S3 situation is fixed in a different way: the variable is public now, used in the header, and fixed accordingly. - Fix TODO for `HAVE_EMBEDDED_SANDBOX_SHELL` This reverts commit 2b51250534899329906273ae80463ccfe8455d08. (cherry picked from commit 3294b22a6845f08daf095ed425f16877da8ab040) --- src/libexpr/expr-config.hh | 3 --- src/libexpr/include/nix/expr/config.hh | 1 - src/libexpr/include/nix/expr/meson.build | 1 - src/libexpr/meson.build | 11 ---------- src/libmain/meson.build | 6 +++-- src/libstore-tests/meson.build | 3 --- src/libstore-tests/s3-binary-cache-store.cc | 7 +++--- src/libstore/filetransfer.cc | 6 ++--- .../nix/store/s3-binary-cache-store.hh | 10 +++++++-- src/libstore/include/nix/store/s3.hh | 2 +- src/libstore/meson.build | 22 ++++++++----------- src/libstore/s3-binary-cache-store.cc | 6 ++--- .../unix/build/local-derivation-goal.cc | 2 +- 13 files changed, 32 insertions(+), 48 deletions(-) delete mode 100644 src/libexpr/expr-config.hh delete mode 120000 src/libexpr/include/nix/expr/config.hh diff --git a/src/libexpr/expr-config.hh b/src/libexpr/expr-config.hh deleted file mode 100644 index e28b461c018..00000000000 --- a/src/libexpr/expr-config.hh +++ /dev/null @@ -1,3 +0,0 @@ -// TODO: Remove this damn file while keeping public config headers working -#error \ - "This file is a placeholder. It only exists so that meson accepts the symbolic link include/nix/expr/config.hh to this file, but we expect meson to overwrite it with the real file. Apparently that did not happen. I deeply apologize for this mess." diff --git a/src/libexpr/include/nix/expr/config.hh b/src/libexpr/include/nix/expr/config.hh deleted file mode 120000 index 45d3ca29d23..00000000000 --- a/src/libexpr/include/nix/expr/config.hh +++ /dev/null @@ -1 +0,0 @@ -../../../expr-config.hh \ No newline at end of file diff --git a/src/libexpr/include/nix/expr/meson.build b/src/libexpr/include/nix/expr/meson.build index 3eb80de6836..01275e52ee1 100644 --- a/src/libexpr/include/nix/expr/meson.build +++ b/src/libexpr/include/nix/expr/meson.build @@ -10,7 +10,6 @@ config_pub_h = configure_file( headers = [config_pub_h] + files( 'attr-path.hh', 'attr-set.hh', - 'config.hh', 'eval-cache.hh', 'eval-error.hh', 'eval-gc.hh', diff --git a/src/libexpr/meson.build b/src/libexpr/meson.build index 402bca0e19a..2e773938da0 100644 --- a/src/libexpr/meson.build +++ b/src/libexpr/meson.build @@ -79,11 +79,6 @@ config_priv_h = configure_file( output : 'expr-config-private.hh', ) -config_pub_h = configure_file( - configuration : configdata_pub, - output : 'expr-config.hh', -) - subdir('nix-meson-build-support/common') parser_tab = custom_target( @@ -168,8 +163,6 @@ subdir('primops') subdir('nix-meson-build-support/export-all-symbols') subdir('nix-meson-build-support/windows-version') -headers += [config_pub_h] - this_library = library( 'nixexpr', sources, @@ -188,8 +181,4 @@ install_headers(headers, subdir : 'nix/expr', preserve_path : true) libraries_private = [] -nixexpr_dep = declare_dependency( - include_directories : include_directories('.'), - link_with : this_library, -) subdir('nix-meson-build-support/export') diff --git a/src/libmain/meson.build b/src/libmain/meson.build index 4f78d265b85..65fcb6239a2 100644 --- a/src/libmain/meson.build +++ b/src/libmain/meson.build @@ -17,12 +17,14 @@ subdir('nix-meson-build-support/deps-lists') configdata = configuration_data() deps_private_maybe_subproject = [ - # This dependency may be very limited; was introduced for NIX_USE_BOEHMGC macro dependency - dependency('nix-expr'), ] deps_public_maybe_subproject = [ dependency('nix-util'), dependency('nix-store'), + # FIXME: This is only here for the NIX_USE_BOEHMGC macro dependency + # Removing nix-expr will make the build more concurrent and is + # architecturally nice, perhaps. + dependency('nix-expr'), ] subdir('nix-meson-build-support/subprojects') diff --git a/src/libstore-tests/meson.build b/src/libstore-tests/meson.build index eb3d145309c..1822a352067 100644 --- a/src/libstore-tests/meson.build +++ b/src/libstore-tests/meson.build @@ -40,9 +40,6 @@ deps_private += gtest configdata = configuration_data() configdata.set_quoted('PACKAGE_VERSION', meson.project_version()) -aws_s3 = dependency('aws-cpp-sdk-s3', required : false) -configdata.set('ENABLE_S3', aws_s3.found().to_int()) - config_priv_h = configure_file( configuration : configdata, output : 'store-tests-config.hh', diff --git a/src/libstore-tests/s3-binary-cache-store.cc b/src/libstore-tests/s3-binary-cache-store.cc index dbb414f2b2a..251e96172b6 100644 --- a/src/libstore-tests/s3-binary-cache-store.cc +++ b/src/libstore-tests/s3-binary-cache-store.cc @@ -1,9 +1,8 @@ -#include "store-tests-config.hh" -#if ENABLE_S3 +#include "nix/store/s3-binary-cache-store.hh" -# include +#if NIX_WITH_S3_SUPPORT -# include "nix/store/s3-binary-cache-store.hh" +# include namespace nix { diff --git a/src/libstore/filetransfer.cc b/src/libstore/filetransfer.cc index e858962246d..49453f6dfdf 100644 --- a/src/libstore/filetransfer.cc +++ b/src/libstore/filetransfer.cc @@ -9,7 +9,7 @@ #include "nix/util/signals.hh" #include "store-config-private.hh" -#if ENABLE_S3 +#if NIX_WITH_S3_SUPPORT #include #endif @@ -756,7 +756,7 @@ struct curlFileTransfer : public FileTransfer #endif } -#if ENABLE_S3 +#if NIX_WITH_S3_SUPPORT std::tuple parseS3Uri(std::string uri) { auto [path, params] = splitUriAndParams(uri); @@ -779,7 +779,7 @@ struct curlFileTransfer : public FileTransfer if (hasPrefix(request.uri, "s3://")) { // FIXME: do this on a worker thread try { -#if ENABLE_S3 +#if NIX_WITH_S3_SUPPORT auto [bucketName, key, params] = parseS3Uri(request.uri); std::string profile = getOr(params, "profile", ""); diff --git a/src/libstore/include/nix/store/s3-binary-cache-store.hh b/src/libstore/include/nix/store/s3-binary-cache-store.hh index eec2dc6eec3..7bc04aa4acb 100644 --- a/src/libstore/include/nix/store/s3-binary-cache-store.hh +++ b/src/libstore/include/nix/store/s3-binary-cache-store.hh @@ -1,9 +1,13 @@ #pragma once ///@file -#include "nix/store/binary-cache-store.hh" +#include "nix/store/config.hh" -#include +#if NIX_WITH_S3_SUPPORT + +# include "nix/store/binary-cache-store.hh" + +# include namespace nix { @@ -125,3 +129,5 @@ public: }; } + +#endif diff --git a/src/libstore/include/nix/store/s3.hh b/src/libstore/include/nix/store/s3.hh index 5ac5b9a9f75..9c159ba0f4c 100644 --- a/src/libstore/include/nix/store/s3.hh +++ b/src/libstore/include/nix/store/s3.hh @@ -1,7 +1,7 @@ #pragma once ///@file #include "store-config-private.hh" -#if ENABLE_S3 +#if NIX_WITH_S3_SUPPORT #include "nix/util/ref.hh" diff --git a/src/libstore/meson.build b/src/libstore/meson.build index fecf2f449d4..66785e31174 100644 --- a/src/libstore/meson.build +++ b/src/libstore/meson.build @@ -126,7 +126,8 @@ deps_private += sqlite # AWS C++ SDK has bad pkg-config. See # https://github.com/aws/aws-sdk-cpp/issues/2673 for details. aws_s3 = dependency('aws-cpp-sdk-s3', required : false) -configdata_priv.set('ENABLE_S3', aws_s3.found().to_int()) +# The S3 store definitions in the header will be hidden based on this variables. +configdata_pub.set('NIX_WITH_S3_SUPPORT', aws_s3.found().to_int()) if aws_s3.found() aws_s3 = declare_dependency( include_directories: include_directories(aws_s3.get_variable('includedir')), @@ -153,13 +154,13 @@ endforeach busybox = find_program(get_option('sandbox-shell'), required : false) +# This one goes in config.h +# The path to busybox is passed as a -D flag when compiling this_library. +# This solution is inherited from the old make buildsystem +# TODO: do this differently? +configdata_priv.set('HAVE_EMBEDDED_SANDBOX_SHELL', get_option('embedded-sandbox-shell').to_int()) + if get_option('embedded-sandbox-shell') - # This one goes in config.h - # The path to busybox is passed as a -D flag when compiling this_library. - # This solution is inherited from the old make buildsystem - # TODO: do this differently? - # TODO: at least define it unconditionally, so we get checking from -Wundef - configdata_priv.set('HAVE_EMBEDDED_SANDBOX_SHELL', 1) hexdump = find_program('hexdump', native : true) embedded_sandbox_shell_gen = custom_target( 'embedded-sandbox-shell.gen.hh', @@ -182,11 +183,6 @@ config_priv_h = configure_file( output : 'store-config-private.hh', ) -config_pub_h = configure_file( - configuration : configdata_pub, - output : 'store-config.hh', -) - subdir('nix-meson-build-support/common') sources = files( @@ -368,7 +364,7 @@ this_library = library( install : true, ) -install_headers(headers + [ config_pub_h ], subdir : 'nix/store', preserve_path : true) +install_headers(headers, subdir : 'nix/store', preserve_path : true) libraries_private = [] diff --git a/src/libstore/s3-binary-cache-store.cc b/src/libstore/s3-binary-cache-store.cc index 4e51e728ae7..87f5feb45a6 100644 --- a/src/libstore/s3-binary-cache-store.cc +++ b/src/libstore/s3-binary-cache-store.cc @@ -1,10 +1,10 @@ -#include "store-config-private.hh" -#if ENABLE_S3 +#include "nix/store/s3-binary-cache-store.hh" + +#if NIX_WITH_S3_SUPPORT #include #include "nix/store/s3.hh" -#include "nix/store/s3-binary-cache-store.hh" #include "nix/store/nar-info.hh" #include "nix/store/nar-info-disk-cache.hh" #include "nix/store/globals.hh" diff --git a/src/libstore/unix/build/local-derivation-goal.cc b/src/libstore/unix/build/local-derivation-goal.cc index b521e23bb9f..4d3813dc59b 100644 --- a/src/libstore/unix/build/local-derivation-goal.cc +++ b/src/libstore/unix/build/local-derivation-goal.cc @@ -1935,7 +1935,7 @@ void LocalDerivationGoal::runChild() for (auto & i : pathsInChroot) { if (i.second.source == "/proc") continue; // backwards compatibility - #ifdef HAVE_EMBEDDED_SANDBOX_SHELL + #if HAVE_EMBEDDED_SANDBOX_SHELL if (i.second.source == "__embedded_sandbox_shell__") { static unsigned char sh[] = { #include "embedded-sandbox-shell.gen.hh" From efb0feb22b8121a6d36157764373e478db3e3968 Mon Sep 17 00:00:00 2001 From: John Ericson Date: Sun, 6 Apr 2025 17:57:43 -0400 Subject: [PATCH 438/815] Get rid of raw `-D` defines, always use private config files Now that we have the private vs public distinction, we can do this without leaking information downstream. (cherry picked from commit 7a7fe350d55803e3ff73bc0645b0c498b0a0eff9) --- src/libstore-tests/meson.build | 3 +- src/libstore/meson.build | 154 ++++++++++++++------------------- src/nix/man-pages.cc | 1 + src/nix/meson.build | 20 ++--- 4 files changed, 75 insertions(+), 103 deletions(-) diff --git a/src/libstore-tests/meson.build b/src/libstore-tests/meson.build index 1822a352067..8a1ff40f074 100644 --- a/src/libstore-tests/meson.build +++ b/src/libstore-tests/meson.build @@ -40,6 +40,8 @@ deps_private += gtest configdata = configuration_data() configdata.set_quoted('PACKAGE_VERSION', meson.project_version()) +configdata.set_quoted('NIX_STORE_DIR', nix_store.get_variable('storedir')) + config_priv_h = configure_file( configuration : configdata, output : 'store-tests-config.hh', @@ -89,7 +91,6 @@ this_exe = executable( include_directories : include_dirs, # TODO: -lrapidcheck, see ../libutil-support/build.meson link_args: linker_export_flags + ['-lrapidcheck'], - cpp_args : [ '-DNIX_STORE_DIR="' + nix_store.get_variable('storedir') + '"' ], # get main from gtest install : true, ) diff --git a/src/libstore/meson.build b/src/libstore/meson.build index 66785e31174..d35cc2c0bd9 100644 --- a/src/libstore/meson.build +++ b/src/libstore/meson.build @@ -154,12 +154,14 @@ endforeach busybox = find_program(get_option('sandbox-shell'), required : false) -# This one goes in config.h -# The path to busybox is passed as a -D flag when compiling this_library. -# This solution is inherited from the old make buildsystem -# TODO: do this differently? configdata_priv.set('HAVE_EMBEDDED_SANDBOX_SHELL', get_option('embedded-sandbox-shell').to_int()) +if get_option('embedded-sandbox-shell') + configdata_priv.set_quoted('SANDBOX_SHELL', '__embedded_sandbox_shell__') +elif busybox.found() + configdata_priv.set_quoted('SANDBOX_SHELL', busybox.full_path()) +endif + if get_option('embedded-sandbox-shell') hexdump = find_program('hexdump', native : true) embedded_sandbox_shell_gen = custom_target( @@ -178,6 +180,66 @@ if get_option('embedded-sandbox-shell') generated_headers += embedded_sandbox_shell_gen endif +fs = import('fs') + +prefix = get_option('prefix') +# For each of these paths, assume that it is relative to the prefix unless +# it is already an absolute path (which is the default for store-dir, localstatedir, and log-dir). +path_opts = [ + # Meson built-ins. + 'datadir', + 'mandir', + 'libdir', + 'includedir', + 'libexecdir', + # Homecooked Nix directories. + 'store-dir', + 'localstatedir', + 'log-dir', +] +# For your grepping pleasure, this loop sets the following variables that aren't mentioned +# literally above: +# store_dir +# localstatedir +# log_dir +# profile_dir +foreach optname : path_opts + varname = optname.replace('-', '_') + path = get_option(optname) + if fs.is_absolute(path) + set_variable(varname, path) + else + set_variable(varname, prefix / path) + endif +endforeach + +# sysconfdir doesn't get anything installed to directly, and is only used to +# tell Nix where to look for nix.conf, so it doesn't get appended to prefix. +sysconfdir = get_option('sysconfdir') +if not fs.is_absolute(sysconfdir) + sysconfdir = '/' / sysconfdir +endif + +# Aside from prefix itself, each of these was made into an absolute path +# by joining it with prefix, unless it was already an absolute path +# (which is the default for store-dir, localstatedir, and log-dir). +configdata_priv.set_quoted('NIX_PREFIX', prefix) +configdata_priv.set_quoted('NIX_STORE_DIR', store_dir) +configdata_priv.set_quoted('NIX_DATA_DIR', datadir) +configdata_priv.set_quoted('NIX_STATE_DIR', localstatedir / 'nix') +configdata_priv.set_quoted('NIX_LOG_DIR', log_dir) +configdata_priv.set_quoted('NIX_CONF_DIR', sysconfdir / 'nix') +configdata_priv.set_quoted('NIX_MAN_DIR', mandir) + +lsof = find_program('lsof', required : false) +configdata_priv.set_quoted( + 'LSOF', + lsof.found() + ? lsof.full_path() + # Just look up on the PATH + : 'lsof', +) + config_priv_h = configure_file( configuration : configdata_priv, output : 'store-config-private.hh', @@ -265,89 +327,6 @@ else subdir('unix') endif -fs = import('fs') - -prefix = get_option('prefix') -# For each of these paths, assume that it is relative to the prefix unless -# it is already an absolute path (which is the default for store-dir, localstatedir, and log-dir). -path_opts = [ - # Meson built-ins. - 'datadir', - 'mandir', - 'libdir', - 'includedir', - 'libexecdir', - # Homecooked Nix directories. - 'store-dir', - 'localstatedir', - 'log-dir', -] -# For your grepping pleasure, this loop sets the following variables that aren't mentioned -# literally above: -# store_dir -# localstatedir -# log_dir -# profile_dir -foreach optname : path_opts - varname = optname.replace('-', '_') - path = get_option(optname) - if fs.is_absolute(path) - set_variable(varname, path) - else - set_variable(varname, prefix / path) - endif -endforeach - -# sysconfdir doesn't get anything installed to directly, and is only used to -# tell Nix where to look for nix.conf, so it doesn't get appended to prefix. -sysconfdir = get_option('sysconfdir') -if not fs.is_absolute(sysconfdir) - sysconfdir = '/' / sysconfdir -endif - -lsof = find_program('lsof', required : false) - -# Aside from prefix itself, each of these was made into an absolute path -# by joining it with prefix, unless it was already an absolute path -# (which is the default for store-dir, localstatedir, and log-dir). -cpp_str_defines = { - 'NIX_PREFIX': prefix, - 'NIX_STORE_DIR': store_dir, - 'NIX_DATA_DIR': datadir, - 'NIX_STATE_DIR': localstatedir / 'nix', - 'NIX_LOG_DIR': log_dir, - 'NIX_CONF_DIR': sysconfdir / 'nix', - 'NIX_MAN_DIR': mandir, -} - -if lsof.found() - lsof_path = lsof.full_path() -else - # Just look up on the PATH - lsof_path = 'lsof' -endif -cpp_str_defines += { - 'LSOF': lsof_path -} - -if get_option('embedded-sandbox-shell') - cpp_str_defines += { - 'SANDBOX_SHELL': '__embedded_sandbox_shell__' - } -elif busybox.found() - cpp_str_defines += { - 'SANDBOX_SHELL': busybox.full_path() - } -endif - -cpp_args = [] - -foreach name, value : cpp_str_defines - cpp_args += [ - '-D' + name + '=' + '"' + value + '"' - ] -endforeach - subdir('nix-meson-build-support/export-all-symbols') subdir('nix-meson-build-support/windows-version') @@ -358,7 +337,6 @@ this_library = library( config_priv_h, dependencies : deps_public + deps_private + deps_other, include_directories : include_dirs, - cpp_args : cpp_args, link_args: linker_export_flags, prelink : true, # For C++ static initializers install : true, diff --git a/src/nix/man-pages.cc b/src/nix/man-pages.cc index 8da439e7b03..8585c164c44 100644 --- a/src/nix/man-pages.cc +++ b/src/nix/man-pages.cc @@ -1,4 +1,5 @@ #include "man-pages.hh" +#include "cli-config-private.hh" #include "nix/util/file-system.hh" #include "nix/util/current-process.hh" #include "nix/util/environment-variables.hh" diff --git a/src/nix/meson.build b/src/nix/meson.build index b258778ccae..3cb45f1f56d 100644 --- a/src/nix/meson.build +++ b/src/nix/meson.build @@ -39,13 +39,16 @@ configdata = configuration_data() configdata.set_quoted('NIX_CLI_VERSION', meson.project_version()) fs = import('fs') +prefix = get_option('prefix') bindir = get_option('bindir') -if not fs.is_absolute(bindir) - bindir = get_option('prefix') / bindir -endif +bindir = fs.is_absolute(bindir) ? bindir : prefix / bindir configdata.set_quoted('NIX_BIN_DIR', bindir) +mandir = get_option('mandir') +mandir = fs.is_absolute(mandir) ? mandir : prefix / mandir +configdata.set_quoted('NIX_MAN_DIR', mandir) + config_priv_h = configure_file( configuration : configdata, output : 'cli-config-private.hh', @@ -174,16 +177,6 @@ if host_machine.system() != 'windows' ] endif -fs = import('fs') -prefix = get_option('prefix') - -mandir = get_option('mandir') -mandir = fs.is_absolute(mandir) ? mandir : prefix / mandir - -cpp_args= [ - '-DNIX_MAN_DIR="@0@"'.format(mandir) -] - include_dirs = [include_directories('.')] this_exe = executable( @@ -191,7 +184,6 @@ this_exe = executable( sources, dependencies : deps_private_subproject + deps_private + deps_other, include_directories : include_dirs, - cpp_args : cpp_args, link_args: linker_export_flags, install : true, ) From e7dbf0fc0a4cbfc4da89d5306d85948fd1d29fc5 Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Mon, 7 Apr 2025 01:43:26 +0200 Subject: [PATCH 439/815] maintainers/release-notes: Let it fail Fail when a command fails. Basic error handling was missing, which would lead to errors getting obscured a bit by subsequent successful logging. (cherry picked from commit da36c34db7fb389440f9c25bb7fcd7253c069cb7) --- maintainers/release-notes | 2 ++ 1 file changed, 2 insertions(+) diff --git a/maintainers/release-notes b/maintainers/release-notes index 0cdcd517bda..6586b22dc27 100755 --- a/maintainers/release-notes +++ b/maintainers/release-notes @@ -2,6 +2,8 @@ # vim: set filetype=bash: #!nix shell .#changelog-d --command bash +set -euo pipefail + # --- CONFIGURATION --- # This does double duty for From e0778c2796b5c184b1e23ee5c3eee9b5ec10b784 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 7 Apr 2025 10:55:37 +0200 Subject: [PATCH 440/815] Bump version --- .version | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.version b/.version index 9738a24f699..0bd6cbc1ef5 100644 --- a/.version +++ b/.version @@ -1 +1 @@ -2.28.1 +2.28.2 From 288fee2d14e481c337ef33a879ef78c9c0dd013d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Mon, 7 Apr 2025 13:07:30 +0200 Subject: [PATCH 441/815] tests/functional/repl: fix race condition the sleep 1 is not enough in some circumstances. Switching to a fifo helps. (cherry picked from commit 1de951d31d2683c6f401cc96d918ff052342037f) --- tests/functional/repl.sh | 33 +++++++++++++++++++++++++-------- 1 file changed, 25 insertions(+), 8 deletions(-) diff --git a/tests/functional/repl.sh b/tests/functional/repl.sh index 5d99fbb0276..762636e446e 100755 --- a/tests/functional/repl.sh +++ b/tests/functional/repl.sh @@ -162,15 +162,32 @@ foo + baz # - Modify the flake # - Re-eval it # - Check that the result has changed -replResult=$( ( -echo "changingThing" -sleep 1 # Leave the repl the time to eval 'foo' +mkfifo repl_fifo +nix repl ./flake --experimental-features 'flakes' < repl_fifo > repl_output 2>&1 & +repl_pid=$! +exec 3>repl_fifo # Open fifo for writing +echo "changingThing" >&3 +for i in $(seq 1 1000); do + if grep -q "beforeChange" repl_output; then + break + fi + cat repl_output + sleep 0.1 +done +if [[ "$i" -eq 100 ]]; then + echo "Timed out waiting for beforeChange" + exit 1 +fi + sed -i 's/beforeChange/afterChange/' flake/flake.nix -echo ":reload" -echo "changingThing" -) | nix repl ./flake --experimental-features 'flakes') -echo "$replResult" | grepQuiet -s beforeChange -echo "$replResult" | grepQuiet -s afterChange + +# Send reload and second command +echo ":reload" >&3 +echo "changingThing" >&3 +echo "exit" >&3 +exec 3>&- # Close fifo +wait $repl_pid # Wait for process to finish +grep -q "afterChange" repl_output # Test recursive printing and formatting # Normal output should print attributes in lexicographical order non-recursively From 8443f01536e1a8f3c13c2a038e56c4b7ad9651b1 Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Mon, 7 Apr 2025 09:19:58 -0400 Subject: [PATCH 442/815] Rename `nix profile install` to `nix profile add`. --- src/libcmd/installables.cc | 2 +- src/nix/profile-add.md | 37 ++++++++++++++++++++++++++++++ src/nix/profile-install.md | 34 ---------------------------- src/nix/profile.cc | 34 ++++++++++++++-------------- tests/functional/nix-profile.sh | 40 ++++++++++++++++----------------- 5 files changed, 75 insertions(+), 72 deletions(-) create mode 100644 src/nix/profile-add.md delete mode 100644 src/nix/profile-install.md diff --git a/src/libcmd/installables.cc b/src/libcmd/installables.cc index 2fde59e8b02..e4a1d0a42d3 100644 --- a/src/libcmd/installables.cc +++ b/src/libcmd/installables.cc @@ -844,7 +844,7 @@ RawInstallablesCommand::RawInstallablesCommand() void RawInstallablesCommand::applyDefaultInstallables(std::vector & rawInstallables) { if (rawInstallables.empty()) { - // FIXME: commands like "nix profile install" should not have a + // FIXME: commands like "nix profile add" should not have a // default, probably. rawInstallables.push_back("."); } diff --git a/src/nix/profile-add.md b/src/nix/profile-add.md new file mode 100644 index 00000000000..0bb65d8e696 --- /dev/null +++ b/src/nix/profile-add.md @@ -0,0 +1,37 @@ +R""( + +# Examples + +- Add a package from Nixpkgs: + + ```console + # nix profile add nixpkgs#hello + ``` + +- Add a package from a specific branch of Nixpkgs: + + ```console + # nix profile add nixpkgs/release-20.09#hello + ``` + +- Add a package from a specific revision of Nixpkgs: + + ```console + # nix profile add nixpkgs/d73407e8e6002646acfdef0e39ace088bacc83da#hello + ``` + +- Add a specific output of a package: + + ```console + # nix profile add nixpkgs#bash^man + ``` + +# Description + +This command adds [_installables_](./nix.md#installables) to a Nix profile. + +> **Note** +> +> `nix profile install` is an alias for `nix profile add` in Determinate Nix. + +)"" diff --git a/src/nix/profile-install.md b/src/nix/profile-install.md deleted file mode 100644 index 4c0f82c09e5..00000000000 --- a/src/nix/profile-install.md +++ /dev/null @@ -1,34 +0,0 @@ -R""( - -# Examples - -* Install a package from Nixpkgs: - - ```console - # nix profile install nixpkgs#hello - ``` - -* Install a package from a specific branch of Nixpkgs: - - ```console - # nix profile install nixpkgs/release-20.09#hello - ``` - -* Install a package from a specific revision of Nixpkgs: - - ```console - # nix profile install nixpkgs/d73407e8e6002646acfdef0e39ace088bacc83da#hello - ``` - -* Install a specific output of a package: - - ```console - # nix profile install nixpkgs#bash^man - ``` - - -# Description - -This command adds [*installables*](./nix.md#installables) to a Nix profile. - -)"" diff --git a/src/nix/profile.cc b/src/nix/profile.cc index 1a129d0c530..b22421a6069 100644 --- a/src/nix/profile.cc +++ b/src/nix/profile.cc @@ -338,14 +338,14 @@ builtPathsPerInstallable( return res; } -struct CmdProfileInstall : InstallablesCommand, MixDefaultProfile +struct CmdProfileAdd : InstallablesCommand, MixDefaultProfile { std::optional priority; - CmdProfileInstall() { + CmdProfileAdd() { addFlag({ .longName = "priority", - .description = "The priority of the package to install.", + .description = "The priority of the package to add.", .labels = {"priority"}, .handler = {&priority}, }); @@ -353,13 +353,13 @@ struct CmdProfileInstall : InstallablesCommand, MixDefaultProfile std::string description() override { - return "install a package into a profile"; + return "add a package to a profile"; } std::string doc() override { return - #include "profile-install.md" + #include "profile-add.md" ; } @@ -415,7 +415,7 @@ struct CmdProfileInstall : InstallablesCommand, MixDefaultProfile && existingSource->originalRef == elementSource->originalRef && existingSource->attrPath == elementSource->attrPath ) { - warn("'%s' is already installed", elementName); + warn("'%s' is already added", elementName); continue; } } @@ -462,15 +462,15 @@ struct CmdProfileInstall : InstallablesCommand, MixDefaultProfile "\n" " nix profile remove %3%\n" "\n" - "The new package can also be installed next to the existing one by assigning a different priority.\n" + "The new package can also be added next to the existing one by assigning a different priority.\n" "The conflicting packages have a priority of %5%.\n" "To prioritise the new package:\n" "\n" - " nix profile install %4% --priority %6%\n" + " nix profile add %4% --priority %6%\n" "\n" "To prioritise the existing package:\n" "\n" - " nix profile install %4% --priority %7%\n", + " nix profile add %4% --priority %7%\n", originalConflictingFilePath, newConflictingFilePath, originalEntryName, @@ -708,16 +708,14 @@ struct CmdProfileUpgrade : virtual SourceExprCommand, MixDefaultProfile, MixProf if (!element.source) { warn( - "Found package '%s', but it was not installed from a flake, so it can't be checked for upgrades!", - element.identifier() - ); + "Found package '%s', but it was not added from a flake, so it can't be checked for upgrades!", + element.identifier()); continue; } if (element.source->originalRef.input.isLocked()) { warn( - "Found package '%s', but it was installed from a locked flake reference so it can't be upgraded!", - element.identifier() - ); + "Found package '%s', but it was added from a locked flake reference so it can't be upgraded!", + element.identifier()); continue; } @@ -787,7 +785,7 @@ struct CmdProfileList : virtual EvalCommand, virtual StoreCommand, MixDefaultPro { std::string description() override { - return "list installed packages"; + return "list packages in the profile"; } std::string doc() override @@ -978,7 +976,7 @@ struct CmdProfile : NixMultiCommand : NixMultiCommand( "profile", { - {"install", []() { return make_ref(); }}, + {"add", []() { return make_ref(); }}, {"remove", []() { return make_ref(); }}, {"upgrade", []() { return make_ref(); }}, {"list", []() { return make_ref(); }}, @@ -986,6 +984,8 @@ struct CmdProfile : NixMultiCommand {"history", []() { return make_ref(); }}, {"rollback", []() { return make_ref(); }}, {"wipe-history", []() { return make_ref(); }}, + // 2025-04-05 Deprecated in favor of "add" + {"install", []() { return make_ref(); }}, }) { } diff --git a/tests/functional/nix-profile.sh b/tests/functional/nix-profile.sh index 7cf5fcb7456..b1cfef6b0b2 100755 --- a/tests/functional/nix-profile.sh +++ b/tests/functional/nix-profile.sh @@ -52,7 +52,7 @@ cp "${config_nix}" $flake1Dir/ # Test upgrading from nix-env. nix-env -f ./user-envs.nix -i foo-1.0 nix profile list | grep -A2 'Name:.*foo' | grep 'Store paths:.*foo-1.0' -nix profile install $flake1Dir -L +nix profile add $flake1Dir -L nix profile list | grep -A4 'Name:.*flake1' | grep 'Locked flake URL:.*narHash' [[ $($TEST_HOME/.nix-profile/bin/hello) = "Hello World" ]] [ -e $TEST_HOME/.nix-profile/share/man ] @@ -64,12 +64,12 @@ nix profile diff-closures | grep 'env-manifest.nix: ε → ∅' # Test XDG Base Directories support export NIX_CONFIG="use-xdg-base-directories = true" nix profile remove flake1 2>&1 | grep 'removed 1 packages' -nix profile install $flake1Dir +nix profile add $flake1Dir [[ $($TEST_HOME/.local/state/nix/profile/bin/hello) = "Hello World" ]] unset NIX_CONFIG -# Test conflicting package install. -nix profile install $flake1Dir 2>&1 | grep "warning: 'flake1' is already installed" +# Test conflicting package add. +nix profile add $flake1Dir 2>&1 | grep "warning: 'flake1' is already added" # Test upgrading a package. printf NixOS > $flake1Dir/who @@ -132,16 +132,16 @@ nix profile history | grep 'foo: 1.0 -> ∅' nix profile diff-closures | grep 'Version 3 -> 4' # Test installing a non-flake package. -nix profile install --file ./simple.nix '' +nix profile add --file ./simple.nix '' [[ $(cat $TEST_HOME/.nix-profile/hello) = "Hello World!" ]] nix profile remove simple 2>&1 | grep 'removed 1 packages' -nix profile install $(nix-build --no-out-link ./simple.nix) +nix profile add $(nix-build --no-out-link ./simple.nix) [[ $(cat $TEST_HOME/.nix-profile/hello) = "Hello World!" ]] # Test packages with same name from different sources mkdir $TEST_ROOT/simple-too cp ./simple.nix "${config_nix}" simple.builder.sh $TEST_ROOT/simple-too -nix profile install --file $TEST_ROOT/simple-too/simple.nix '' +nix profile add --file $TEST_ROOT/simple-too/simple.nix '' nix profile list | grep -A4 'Name:.*simple' | grep 'Name:.*simple-1' nix profile remove simple 2>&1 | grep 'removed 1 packages' nix profile remove simple-1 2>&1 | grep 'removed 1 packages' @@ -160,13 +160,13 @@ nix profile history | grep "packages.$system.default: 1.0, 1.0-man -> 3.0, 3.0-m nix profile remove flake1 2>&1 | grep 'removed 1 packages' printf 4.0 > $flake1Dir/version printf Utrecht > $flake1Dir/who -nix profile install $flake1Dir +nix profile add $flake1Dir [[ $($TEST_HOME/.nix-profile/bin/hello) = "Hello Utrecht" ]] [[ $(nix path-info --json $(realpath $TEST_HOME/.nix-profile/bin/hello) | jq -r .[].ca) =~ fixed:r:sha256: ]] # Override the outputs. nix profile remove simple flake1 -nix profile install "$flake1Dir^*" +nix profile add "$flake1Dir^*" [[ $($TEST_HOME/.nix-profile/bin/hello) = "Hello Utrecht" ]] [ -e $TEST_HOME/.nix-profile/share/man ] [ -e $TEST_HOME/.nix-profile/include ] @@ -179,7 +179,7 @@ nix profile upgrade flake1 [ -e $TEST_HOME/.nix-profile/include ] nix profile remove flake1 2>&1 | grep 'removed 1 packages' -nix profile install "$flake1Dir^man" +nix profile add "$flake1Dir^man" (! [ -e $TEST_HOME/.nix-profile/bin/hello ]) [ -e $TEST_HOME/.nix-profile/share/man ] (! [ -e $TEST_HOME/.nix-profile/include ]) @@ -193,9 +193,9 @@ printf World > $flake1Dir/who cp -r $flake1Dir $flake2Dir printf World2 > $flake2Dir/who -nix profile install $flake1Dir +nix profile add $flake1Dir [[ $($TEST_HOME/.nix-profile/bin/hello) = "Hello World" ]] -expect 1 nix profile install $flake2Dir +expect 1 nix profile add $flake2Dir diff -u <( nix --offline profile install $flake2Dir 2>&1 1> /dev/null \ | grep -vE "^warning: " \ @@ -214,31 +214,31 @@ error: An existing package already provides the following file: nix profile remove flake1 - The new package can also be installed next to the existing one by assigning a different priority. + The new package can also be added next to the existing one by assigning a different priority. The conflicting packages have a priority of 5. To prioritise the new package: - nix profile install path:${flake2Dir}#packages.${system}.default --priority 4 + nix profile add path:${flake2Dir}#packages.${system}.default --priority 4 To prioritise the existing package: - nix profile install path:${flake2Dir}#packages.${system}.default --priority 6 + nix profile add path:${flake2Dir}#packages.${system}.default --priority 6 EOF ) [[ $($TEST_HOME/.nix-profile/bin/hello) = "Hello World" ]] -nix profile install $flake2Dir --priority 100 +nix profile add $flake2Dir --priority 100 [[ $($TEST_HOME/.nix-profile/bin/hello) = "Hello World" ]] -nix profile install $flake2Dir --priority 0 +nix profile add $flake2Dir --priority 0 [[ $($TEST_HOME/.nix-profile/bin/hello) = "Hello World2" ]] -# nix profile install $flake1Dir --priority 100 +# nix profile add $flake1Dir --priority 100 # [[ $($TEST_HOME/.nix-profile/bin/hello) = "Hello World" ]] # Ensure that conflicts are handled properly even when the installables aren't # flake references. # Regression test for https://github.com/NixOS/nix/issues/8284 clearProfiles -nix profile install $(nix build $flake1Dir --no-link --print-out-paths) -expect 1 nix profile install --impure --expr "(builtins.getFlake ''$flake2Dir'').packages.$system.default" +nix profile add $(nix build $flake1Dir --no-link --print-out-paths) +expect 1 nix profile add --impure --expr "(builtins.getFlake ''$flake2Dir'').packages.$system.default" # Test upgrading from profile version 2. clearProfiles From 74bcfbe10c11359e42761b086828d11e7355eeef Mon Sep 17 00:00:00 2001 From: Cole Helbling Date: Mon, 7 Apr 2025 09:15:51 -0700 Subject: [PATCH 443/815] ci: manual: don't try to comment on the perpetual PR --- .github/workflows/ci.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index be68de76485..87a14b4bca2 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -136,7 +136,10 @@ jobs: production-branch: detsys-main github-token: ${{ secrets.GITHUB_TOKEN }} deploy-message: "Deploy from GitHub Actions" - enable-pull-request-comment: true + # NOTE(cole-h): We have a perpetual PR displaying our changes against upstream open, but + # its conversation is locked, so this PR comment can never be posted. + # https://github.com/DeterminateSystems/nix-src/pull/4 + enable-pull-request-comment: ${{ github.event.pull_request.number != 4 }} enable-commit-comment: true enable-commit-status: true overwrites-pull-request-comment: true From 5b21c94fabe9a57ed15f0682554c537f31c808db Mon Sep 17 00:00:00 2001 From: Sandro Date: Mon, 7 Apr 2025 15:06:10 +0200 Subject: [PATCH 444/815] Fix meson warnings on minimum version nix> meson.build:216: WARNING: Project targets '>= 1.1' but uses feature introduced in '1.4.0': fs.name with build_tgt, custom_tgt, and custom_idx. nix> meson.build:222: WARNING: Project targets '>= 1.1' but uses feature introduced in '1.4.0': fs.name with build_tgt, custom_tgt, and custom_idx. nix> meson.build:235: WARNING: Project targets '>= 1.1' but uses feature introduced in '1.4.0': fs.name with build_tgt, custom_tgt, and custom_idx. nix> meson.build:236: WARNING: Project targets '>= 1.1' but uses feature introduced in '1.4.0': fs.name with build_tgt, custom_tgt, and custom_idx. nix> meson.build:242: WARNING: Project targets '>= 1.1' but uses feature introduced in '1.4.0': fs.name with build_tgt, custom_tgt, and custom_idx. (cherry picked from commit 14a829acbbbc0c8373abbb1d744228047e2fc141) --- src/nix/meson.build | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/nix/meson.build b/src/nix/meson.build index 3cb45f1f56d..90102133034 100644 --- a/src/nix/meson.build +++ b/src/nix/meson.build @@ -7,7 +7,7 @@ project('nix', 'cpp', 'errorlogs=true', # Please print logs for tests that fail 'localstatedir=/nix/var', ], - meson_version : '>= 1.1', + meson_version : '>= 1.4', license : 'LGPL-2.1-or-later', ) From 17de9dd2755f3ffcd90083a062e73aba4cc3ff2c Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 7 Apr 2025 17:54:39 +0200 Subject: [PATCH 445/815] Make lexer-helpers.hh internal to fix a clang-tidy error (cherry picked from commit 8be24f58f2bc3ccbb85570378022673cb8b36b27) --- src/libexpr/include/nix/expr/meson.build | 1 - src/libexpr/lexer-helpers.cc | 5 +---- src/libexpr/{include/nix/expr => }/lexer-helpers.hh | 0 src/libexpr/lexer.l | 3 +-- 4 files changed, 2 insertions(+), 7 deletions(-) rename src/libexpr/{include/nix/expr => }/lexer-helpers.hh (100%) diff --git a/src/libexpr/include/nix/expr/meson.build b/src/libexpr/include/nix/expr/meson.build index 01275e52ee1..50ea8f3c22c 100644 --- a/src/libexpr/include/nix/expr/meson.build +++ b/src/libexpr/include/nix/expr/meson.build @@ -20,7 +20,6 @@ headers = [config_pub_h] + files( 'gc-small-vector.hh', 'get-drvs.hh', 'json-to-value.hh', - # internal: 'lexer-helpers.hh', 'nixexpr.hh', 'parser-state.hh', 'primops.hh', diff --git a/src/libexpr/lexer-helpers.cc b/src/libexpr/lexer-helpers.cc index 4b27393bbac..927e3cc7324 100644 --- a/src/libexpr/lexer-helpers.cc +++ b/src/libexpr/lexer-helpers.cc @@ -1,7 +1,4 @@ -#include "lexer-tab.hh" -#include "parser-tab.hh" - -#include "nix/expr/lexer-helpers.hh" +#include "lexer-helpers.hh" void nix::lexer::internal::initLoc(YYLTYPE * loc) { diff --git a/src/libexpr/include/nix/expr/lexer-helpers.hh b/src/libexpr/lexer-helpers.hh similarity index 100% rename from src/libexpr/include/nix/expr/lexer-helpers.hh rename to src/libexpr/lexer-helpers.hh diff --git a/src/libexpr/lexer.l b/src/libexpr/lexer.l index 511c8e47bbf..1e196741d21 100644 --- a/src/libexpr/lexer.l +++ b/src/libexpr/lexer.l @@ -25,8 +25,7 @@ #endif #include "nix/expr/nixexpr.hh" -#include "parser-tab.hh" -#include "nix/expr/lexer-helpers.hh" +#include "lexer-helpers.hh" namespace nix { struct LexerState; From aa1c690ebf4c7d229f8ac4138fcf929c1b645206 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 7 Apr 2025 18:10:03 +0200 Subject: [PATCH 446/815] Keep fchmodat2-compat.hh private Since it references store-config-private.hh. (cherry picked from commit 04e9dc27ac6a0ebcb4163581a208aeb9837164c3) --- src/libstore/linux/{include/nix/store => }/fchmodat2-compat.hh | 0 src/libstore/linux/include/nix/store/meson.build | 1 - src/libstore/unix/build/local-derivation-goal.cc | 2 +- 3 files changed, 1 insertion(+), 2 deletions(-) rename src/libstore/linux/{include/nix/store => }/fchmodat2-compat.hh (100%) diff --git a/src/libstore/linux/include/nix/store/fchmodat2-compat.hh b/src/libstore/linux/fchmodat2-compat.hh similarity index 100% rename from src/libstore/linux/include/nix/store/fchmodat2-compat.hh rename to src/libstore/linux/fchmodat2-compat.hh diff --git a/src/libstore/linux/include/nix/store/meson.build b/src/libstore/linux/include/nix/store/meson.build index fd05fcaea62..a664aefa9f4 100644 --- a/src/libstore/linux/include/nix/store/meson.build +++ b/src/libstore/linux/include/nix/store/meson.build @@ -1,6 +1,5 @@ include_dirs += include_directories('../..') headers += files( - 'fchmodat2-compat.hh', 'personality.hh', ) diff --git a/src/libstore/unix/build/local-derivation-goal.cc b/src/libstore/unix/build/local-derivation-goal.cc index 4d3813dc59b..9edb6fb0f96 100644 --- a/src/libstore/unix/build/local-derivation-goal.cc +++ b/src/libstore/unix/build/local-derivation-goal.cc @@ -42,7 +42,7 @@ /* Includes required for chroot support. */ #ifdef __linux__ -# include "nix/store/fchmodat2-compat.hh" +# include "linux/fchmodat2-compat.hh" # include # include # include From 85902fad588c259a9b2a8bb7aee4efb355f64ac4 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 7 Apr 2025 17:55:20 +0200 Subject: [PATCH 447/815] Fix some clang-tidy warnings (cherry picked from commit c0ad5d36c451f3fa22f28d91ee814bcc3bc50dbf) --- src/libexpr/include/nix/expr/nixexpr.hh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/libexpr/include/nix/expr/nixexpr.hh b/src/libexpr/include/nix/expr/nixexpr.hh index 9409bdca86b..a5ce0fd8922 100644 --- a/src/libexpr/include/nix/expr/nixexpr.hh +++ b/src/libexpr/include/nix/expr/nixexpr.hh @@ -65,7 +65,7 @@ struct DocComment { struct AttrName { Symbol symbol; - Expr * expr; + Expr * expr = nullptr; AttrName(Symbol s) : symbol(s) {}; AttrName(Expr * e) : expr(e) {}; }; @@ -159,7 +159,7 @@ struct ExprVar : Expr `nullptr`: Not from a `with`. Valid pointer: the nearest, innermost `with` expression to query first. */ - ExprWith * fromWith; + ExprWith * fromWith = nullptr; /* In the former case, the value is obtained by going `level` levels up from the current environment and getting the @@ -167,7 +167,7 @@ struct ExprVar : Expr value is obtained by getting the attribute named `name` from the set stored in the environment that is `level` levels up from the current one.*/ - Level level; + Level level = 0; Displacement displ = 0; ExprVar(Symbol name) : name(name) { }; From f0ed61bb4e24cbf957c8472879429229d22a9e5a Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 7 Apr 2025 17:09:42 +0200 Subject: [PATCH 448/815] Fix/run monitorfdhup test (cherry picked from commit 340fa00d5243beb0d2c69596e6e890970e5a03ec) --- src/libutil-tests/meson.build | 1 + src/libutil-tests/monitorfdhup.cc | 4 ++-- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/src/libutil-tests/meson.build b/src/libutil-tests/meson.build index 8f9c18eedb4..f2552550d3b 100644 --- a/src/libutil-tests/meson.build +++ b/src/libutil-tests/meson.build @@ -59,6 +59,7 @@ sources = files( 'json-utils.cc', 'logging.cc', 'lru-cache.cc', + 'monitorfdhup.cc', 'nix_api_util.cc', 'pool.cc', 'position.cc', diff --git a/src/libutil-tests/monitorfdhup.cc b/src/libutil-tests/monitorfdhup.cc index 01ecb92d96c..f9da4022da1 100644 --- a/src/libutil-tests/monitorfdhup.cc +++ b/src/libutil-tests/monitorfdhup.cc @@ -1,5 +1,5 @@ -#include "util.hh" -#include "monitor-fd.hh" +#include "nix/util/util.hh" +#include "nix/util/monitor-fd.hh" #include #include From 3a4dc47c22be4bed2614b7b10ee301332338d1ed Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 7 Apr 2025 17:10:28 +0200 Subject: [PATCH 449/815] Remove unused tracing-file-system-object-sink.{hh,cc} (cherry picked from commit 611fd806cbcee3a0c9ae89df5d26a24769e75ed0) --- .../tests/tracing-file-system-object-sink.hh | 41 ------------------- .../tracing-file-system-object-sink.cc | 34 --------------- 2 files changed, 75 deletions(-) delete mode 100644 src/libutil-test-support/include/nix/util/tests/tracing-file-system-object-sink.hh delete mode 100644 src/libutil-test-support/tracing-file-system-object-sink.cc diff --git a/src/libutil-test-support/include/nix/util/tests/tracing-file-system-object-sink.hh b/src/libutil-test-support/include/nix/util/tests/tracing-file-system-object-sink.hh deleted file mode 100644 index d721c13af05..00000000000 --- a/src/libutil-test-support/include/nix/util/tests/tracing-file-system-object-sink.hh +++ /dev/null @@ -1,41 +0,0 @@ -#pragma once -#include "nix/util/fs-sink.hh" - -namespace nix::test { - -/** - * A `FileSystemObjectSink` that traces calls, writing to stderr. - */ -class TracingFileSystemObjectSink : public virtual FileSystemObjectSink -{ - FileSystemObjectSink & sink; -public: - TracingFileSystemObjectSink(FileSystemObjectSink & sink) - : sink(sink) - { - } - - void createDirectory(const CanonPath & path) override; - - void createRegularFile(const CanonPath & path, std::function fn) override; - - void createSymlink(const CanonPath & path, const std::string & target) override; -}; - -/** - * A `ExtendedFileSystemObjectSink` that traces calls, writing to stderr. - */ -class TracingExtendedFileSystemObjectSink : public TracingFileSystemObjectSink, public ExtendedFileSystemObjectSink -{ - ExtendedFileSystemObjectSink & sink; -public: - TracingExtendedFileSystemObjectSink(ExtendedFileSystemObjectSink & sink) - : TracingFileSystemObjectSink(sink) - , sink(sink) - { - } - - void createHardlink(const CanonPath & path, const CanonPath & target) override; -}; - -} diff --git a/src/libutil-test-support/tracing-file-system-object-sink.cc b/src/libutil-test-support/tracing-file-system-object-sink.cc deleted file mode 100644 index 52b081fb8fa..00000000000 --- a/src/libutil-test-support/tracing-file-system-object-sink.cc +++ /dev/null @@ -1,34 +0,0 @@ -#include -#include "nix/tracing-file-system-object-sink.hh" - -namespace nix::test { - -void TracingFileSystemObjectSink::createDirectory(const CanonPath & path) -{ - std::cerr << "createDirectory(" << path << ")\n"; - sink.createDirectory(path); -} - -void TracingFileSystemObjectSink::createRegularFile( - const CanonPath & path, std::function fn) -{ - std::cerr << "createRegularFile(" << path << ")\n"; - sink.createRegularFile(path, [&](CreateRegularFileSink & crf) { - // We could wrap this and trace about the chunks of data and such - fn(crf); - }); -} - -void TracingFileSystemObjectSink::createSymlink(const CanonPath & path, const std::string & target) -{ - std::cerr << "createSymlink(" << path << ", target: " << target << ")\n"; - sink.createSymlink(path, target); -} - -void TracingExtendedFileSystemObjectSink::createHardlink(const CanonPath & path, const CanonPath & target) -{ - std::cerr << "createHardlink(" << path << ", target: " << target << ")\n"; - sink.createHardlink(path, target); -} - -} // namespace nix::test From 16a2cddfb9ae2218759a004f8e86cd7f5acfdc81 Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Mon, 7 Apr 2025 17:18:15 -0400 Subject: [PATCH 450/815] Add trailing commas on addFlag incantations (cherry picked from commit 06acbd37bdbfb6287b882d0464372e6f71259014) --- src/libcmd/command.cc | 7 ++++--- src/libcmd/common-eval-args.cc | 8 ++++---- src/libcmd/installables.cc | 26 +++++++++++++------------- src/libmain/common-args.cc | 4 ++-- src/libmain/shared.cc | 2 +- src/libstore/globals.cc | 6 +++--- src/nix/build.cc | 2 +- src/nix/bundle.cc | 4 ++-- src/nix/copy.cc | 2 +- src/nix/derivation-show.cc | 2 +- src/nix/develop.cc | 4 ++-- src/nix/env.cc | 21 +++++++++++---------- src/nix/flake.cc | 20 ++++++++++---------- src/nix/prefetch.cc | 4 ++-- src/nix/sigs.cc | 2 +- src/nix/store-delete.cc | 2 +- src/nix/store-gc.cc | 2 +- src/nix/upgrade-nix.cc | 4 ++-- src/nix/verify.cc | 4 ++-- 19 files changed, 64 insertions(+), 62 deletions(-) diff --git a/src/libcmd/command.cc b/src/libcmd/command.cc index 565f424dde7..ce93833cb54 100644 --- a/src/libcmd/command.cc +++ b/src/libcmd/command.cc @@ -237,12 +237,13 @@ void StorePathCommand::run(ref store, StorePaths && storePaths) MixProfile::MixProfile() { - addFlag( - {.longName = "profile", + addFlag({ + .longName = "profile", .description = "The profile to operate on.", .labels = {"path"}, .handler = {&profile}, - .completer = completePath}); + .completer = completePath, + }); } void MixProfile::updateProfile(const StorePath & storePath) diff --git a/src/libcmd/common-eval-args.cc b/src/libcmd/common-eval-args.cc index c051792f3d3..1c7c70a3080 100644 --- a/src/libcmd/common-eval-args.cc +++ b/src/libcmd/common-eval-args.cc @@ -63,7 +63,7 @@ MixEvalArgs::MixEvalArgs() .description = "Pass the value *expr* as the argument *name* to Nix functions.", .category = category, .labels = {"name", "expr"}, - .handler = {[&](std::string name, std::string expr) { autoArgs.insert_or_assign(name, AutoArg{AutoArgExpr{expr}}); }} + .handler = {[&](std::string name, std::string expr) { autoArgs.insert_or_assign(name, AutoArg{AutoArgExpr{expr}}); }}, }); addFlag({ @@ -80,7 +80,7 @@ MixEvalArgs::MixEvalArgs() .category = category, .labels = {"name", "path"}, .handler = {[&](std::string name, std::string path) { autoArgs.insert_or_assign(name, AutoArg{AutoArgFile{path}}); }}, - .completer = completePath + .completer = completePath, }); addFlag({ @@ -105,7 +105,7 @@ MixEvalArgs::MixEvalArgs() .labels = {"path"}, .handler = {[&](std::string s) { lookupPath.elements.emplace_back(LookupPath::Elem::parse(s)); - }} + }}, }); addFlag({ @@ -131,7 +131,7 @@ MixEvalArgs::MixEvalArgs() }}, .completer = {[&](AddCompletions & completions, size_t, std::string_view prefix) { completeFlakeRef(completions, openStore(), prefix); - }} + }}, }); addFlag({ diff --git a/src/libcmd/installables.cc b/src/libcmd/installables.cc index c010887fa00..2ebfac3e667 100644 --- a/src/libcmd/installables.cc +++ b/src/libcmd/installables.cc @@ -64,21 +64,21 @@ MixFlakeOptions::MixFlakeOptions() .handler = {[&]() { lockFlags.recreateLockFile = true; warn("'--recreate-lock-file' is deprecated and will be removed in a future version; use 'nix flake update' instead."); - }} + }}, }); addFlag({ .longName = "no-update-lock-file", .description = "Do not allow any updates to the flake's lock file.", .category = category, - .handler = {&lockFlags.updateLockFile, false} + .handler = {&lockFlags.updateLockFile, false}, }); addFlag({ .longName = "no-write-lock-file", .description = "Do not write the flake's newly generated lock file.", .category = category, - .handler = {&lockFlags.writeLockFile, false} + .handler = {&lockFlags.writeLockFile, false}, }); addFlag({ @@ -94,14 +94,14 @@ MixFlakeOptions::MixFlakeOptions() .handler = {[&]() { lockFlags.useRegistries = false; warn("'--no-registries' is deprecated; use '--no-use-registries'"); - }} + }}, }); addFlag({ .longName = "commit-lock-file", .description = "Commit changes to the flake's lock file.", .category = category, - .handler = {&lockFlags.commitLockFile, true} + .handler = {&lockFlags.commitLockFile, true}, }); addFlag({ @@ -121,7 +121,7 @@ MixFlakeOptions::MixFlakeOptions() }}, .completer = {[&](AddCompletions & completions, size_t, std::string_view prefix) { completeFlakeInputAttrPath(completions, getEvalState(), getFlakeRefsForCompletion(), prefix); - }} + }}, }); addFlag({ @@ -141,7 +141,7 @@ MixFlakeOptions::MixFlakeOptions() } else if (n == 1) { completeFlakeRef(completions, getEvalState()->store, prefix); } - }} + }}, }); addFlag({ @@ -152,7 +152,7 @@ MixFlakeOptions::MixFlakeOptions() .handler = {[&](std::string lockFilePath) { lockFlags.referenceLockFilePath = {getFSSourceAccessor(), CanonPath(absPath(lockFilePath))}; }}, - .completer = completePath + .completer = completePath, }); addFlag({ @@ -163,7 +163,7 @@ MixFlakeOptions::MixFlakeOptions() .handler = {[&](std::string lockFilePath) { lockFlags.outputLockFilePath = lockFilePath; }}, - .completer = completePath + .completer = completePath, }); addFlag({ @@ -190,7 +190,7 @@ MixFlakeOptions::MixFlakeOptions() }}, .completer = {[&](AddCompletions & completions, size_t, std::string_view prefix) { completeFlakeRef(completions, getEvalState()->store, prefix); - }} + }}, }); } @@ -206,7 +206,7 @@ SourceExprCommand::SourceExprCommand() .category = installablesCategory, .labels = {"file"}, .handler = {&file}, - .completer = completePath + .completer = completePath, }); addFlag({ @@ -214,7 +214,7 @@ SourceExprCommand::SourceExprCommand() .description = "Interpret [*installables*](@docroot@/command-ref/new-cli/nix.md#installables) as attribute paths relative to the Nix expression *expr*.", .category = installablesCategory, .labels = {"expr"}, - .handler = {&expr} + .handler = {&expr}, }); } @@ -834,7 +834,7 @@ RawInstallablesCommand::RawInstallablesCommand() addFlag({ .longName = "stdin", .description = "Read installables from the standard input. No default installable applied.", - .handler = {&readFromStdIn, true} + .handler = {&readFromStdIn, true}, }); expectArgs({ diff --git a/src/libmain/common-args.cc b/src/libmain/common-args.cc index c3338996c4b..13b85e54456 100644 --- a/src/libmain/common-args.cc +++ b/src/libmain/common-args.cc @@ -57,7 +57,7 @@ MixCommonArgs::MixCommonArgs(const std::string & programName) if (hasPrefix(s.first, prefix)) completions.add(s.first, fmt("Set the `%s` setting.", s.first)); } - } + }, }); addFlag({ @@ -75,7 +75,7 @@ MixCommonArgs::MixCommonArgs(const std::string & programName) .labels = Strings{"jobs"}, .handler = {[=](std::string s) { settings.set("max-jobs", s); - }} + }}, }); std::string cat = "Options to override configuration settings"; diff --git a/src/libmain/shared.cc b/src/libmain/shared.cc index 7ff93f6d9c7..50d4991be8b 100644 --- a/src/libmain/shared.cc +++ b/src/libmain/shared.cc @@ -231,7 +231,7 @@ LegacyArgs::LegacyArgs(const std::string & programName, .handler = {[=](std::string s) { auto n = string2IntWithUnitPrefix(s); settings.set(dest, std::to_string(n)); - }} + }}, }); }; diff --git a/src/libstore/globals.cc b/src/libstore/globals.cc index c590ccf28b5..c2ecc496494 100644 --- a/src/libstore/globals.cc +++ b/src/libstore/globals.cc @@ -278,21 +278,21 @@ template<> void BaseSetting::convertToArg(Args & args, const std::s .aliases = aliases, .description = "Enable sandboxing.", .category = category, - .handler = {[this]() { override(smEnabled); }} + .handler = {[this]() { override(smEnabled); }}, }); args.addFlag({ .longName = "no-" + name, .aliases = aliases, .description = "Disable sandboxing.", .category = category, - .handler = {[this]() { override(smDisabled); }} + .handler = {[this]() { override(smDisabled); }}, }); args.addFlag({ .longName = "relaxed-" + name, .aliases = aliases, .description = "Enable sandboxing, but allow builds to disable it.", .category = category, - .handler = {[this]() { override(smRelaxed); }} + .handler = {[this]() { override(smRelaxed); }}, }); } diff --git a/src/nix/build.cc b/src/nix/build.cc index 7cd3c7fbeb4..8db831240b8 100644 --- a/src/nix/build.cc +++ b/src/nix/build.cc @@ -55,7 +55,7 @@ struct CmdBuild : InstallablesCommand, MixDryRun, MixJSON, MixProfile .description = "Use *path* as prefix for the symlinks to the build results. It defaults to `result`.", .labels = {"path"}, .handler = {&outLink}, - .completer = completePath + .completer = completePath, }); addFlag({ diff --git a/src/nix/bundle.cc b/src/nix/bundle.cc index 30b3003e7e6..c334469b5ad 100644 --- a/src/nix/bundle.cc +++ b/src/nix/bundle.cc @@ -24,7 +24,7 @@ struct CmdBundle : InstallableValueCommand .handler = {&bundler}, .completer = {[&](AddCompletions & completions, size_t, std::string_view prefix) { completeFlakeRef(completions, getStore(), prefix); - }} + }}, }); addFlag({ @@ -33,7 +33,7 @@ struct CmdBundle : InstallableValueCommand .description = "Override the name of the symlink to the build result. It defaults to the base name of the app.", .labels = {"path"}, .handler = {&outLink}, - .completer = completePath + .completer = completePath, }); } diff --git a/src/nix/copy.cc b/src/nix/copy.cc index 0702215fdf6..013f2a7e393 100644 --- a/src/nix/copy.cc +++ b/src/nix/copy.cc @@ -21,7 +21,7 @@ struct CmdCopy : virtual CopyCommand, virtual BuiltPathsCommand, MixProfile .description = "Create symlinks prefixed with *path* to the top-level store paths fetched from the source store.", .labels = {"path"}, .handler = {&outLink}, - .completer = completePath + .completer = completePath, }); addFlag({ diff --git a/src/nix/derivation-show.cc b/src/nix/derivation-show.cc index 050144ccf8b..86755c3e81d 100644 --- a/src/nix/derivation-show.cc +++ b/src/nix/derivation-show.cc @@ -21,7 +21,7 @@ struct CmdShowDerivation : InstallablesCommand .longName = "recursive", .shortName = 'r', .description = "Include the dependencies of the specified derivations.", - .handler = {&recursive, true} + .handler = {&recursive, true}, }); } diff --git a/src/nix/develop.cc b/src/nix/develop.cc index e88134a78a5..00572697aee 100644 --- a/src/nix/develop.cc +++ b/src/nix/develop.cc @@ -334,7 +334,7 @@ struct Common : InstallableCommand, MixProfile .labels = {"installable", "outputs-dir"}, .handler = {[&](std::string installable, std::string outputsDir) { redirects.push_back({installable, outputsDir}); - }} + }}, }); } @@ -524,7 +524,7 @@ struct CmdDevelop : Common, MixEnvironment .handler = {[&](std::vector ss) { if (ss.empty()) throw UsageError("--command requires at least one argument"); command = ss; - }} + }}, }); addFlag({ diff --git a/src/nix/env.cc b/src/nix/env.cc index 4b00dbc7c93..f6b12f21c02 100644 --- a/src/nix/env.cc +++ b/src/nix/env.cc @@ -38,16 +38,17 @@ struct CmdShell : InstallablesCommand, MixEnvironment CmdShell() { - addFlag( - {.longName = "command", - .shortName = 'c', - .description = "Command and arguments to be executed, defaulting to `$SHELL`", - .labels = {"command", "args"}, - .handler = {[&](std::vector ss) { - if (ss.empty()) - throw UsageError("--command requires at least one argument"); - command = ss; - }}}); + addFlag({ + .longName = "command", + .shortName = 'c', + .description = "Command and arguments to be executed, defaulting to `$SHELL`", + .labels = {"command", "args"}, + .handler = {[&](std::vector ss) { + if (ss.empty()) + throw UsageError("--command requires at least one argument"); + command = ss; + }}, + }); } std::string description() override diff --git a/src/nix/flake.cc b/src/nix/flake.cc index a7b6000e7fb..3a33db8f219 100644 --- a/src/nix/flake.cc +++ b/src/nix/flake.cc @@ -90,7 +90,7 @@ struct CmdFlakeUpdate : FlakeCommand .handler={&flakeUrl}, .completer = {[&](AddCompletions & completions, size_t, std::string_view prefix) { completeFlakeRef(completions, getStore(), prefix); - }} + }}, }); expectArgs({ .label="inputs", @@ -111,7 +111,7 @@ struct CmdFlakeUpdate : FlakeCommand }}, .completer = {[&](AddCompletions & completions, size_t, std::string_view prefix) { completeFlakeInputAttrPath(completions, getEvalState(), getFlakeRefsForCompletion(), prefix); - }} + }}, }); /* Remove flags that don't make sense. */ @@ -336,12 +336,12 @@ struct CmdFlakeCheck : FlakeCommand addFlag({ .longName = "no-build", .description = "Do not build checks.", - .handler = {&build, false} + .handler = {&build, false}, }); addFlag({ .longName = "all-systems", .description = "Check the outputs for all systems.", - .handler = {&checkAllSystems, true} + .handler = {&checkAllSystems, true}, }); } @@ -874,7 +874,7 @@ struct CmdFlakeInitCommon : virtual Args, EvalCommand defaultTemplateAttrPathsPrefixes, defaultTemplateAttrPaths, prefix); - }} + }}, }); } @@ -1034,7 +1034,7 @@ struct CmdFlakeClone : FlakeCommand .shortName = 'f', .description = "Clone the flake to path *dest*.", .labels = {"path"}, - .handler = {&destDir} + .handler = {&destDir}, }); } @@ -1057,7 +1057,7 @@ struct CmdFlakeArchive : FlakeCommand, MixJSON, MixDryRun .longName = "to", .description = "URI of the destination Nix store", .labels = {"store-uri"}, - .handler = {&dstUri} + .handler = {&dstUri}, }); } @@ -1137,12 +1137,12 @@ struct CmdFlakeShow : FlakeCommand, MixJSON addFlag({ .longName = "legacy", .description = "Show the contents of the `legacyPackages` output.", - .handler = {&showLegacy, true} + .handler = {&showLegacy, true}, }); addFlag({ .longName = "all-systems", .description = "Show the contents of outputs for all systems.", - .handler = {&showAllSystems, true} + .handler = {&showAllSystems, true}, }); } @@ -1443,7 +1443,7 @@ struct CmdFlakePrefetch : FlakeCommand, MixJSON .description = "Create symlink named *path* to the resulting store path.", .labels = {"path"}, .handler = {&outLink}, - .completer = completePath + .completer = completePath, }); } diff --git a/src/nix/prefetch.cc b/src/nix/prefetch.cc index 397134b0304..4495a148994 100644 --- a/src/nix/prefetch.cc +++ b/src/nix/prefetch.cc @@ -275,7 +275,7 @@ struct CmdStorePrefetchFile : StoreCommand, MixJSON .longName = "name", .description = "Override the name component of the resulting store path. It defaults to the base name of *url*.", .labels = {"name"}, - .handler = {&name} + .handler = {&name}, }); addFlag({ @@ -284,7 +284,7 @@ struct CmdStorePrefetchFile : StoreCommand, MixJSON .labels = {"hash"}, .handler = {[&](std::string s) { expectedHash = Hash::parseAny(s, hashAlgo); - }} + }}, }); addFlag(flag::hashAlgo("hash-type", &hashAlgo)); diff --git a/src/nix/sigs.cc b/src/nix/sigs.cc index 87d0e1edbfb..9ef54a414a5 100644 --- a/src/nix/sigs.cc +++ b/src/nix/sigs.cc @@ -104,7 +104,7 @@ struct CmdSign : StorePathsCommand .description = "File containing the secret signing key.", .labels = {"file"}, .handler = {&secretKeyFile}, - .completer = completePath + .completer = completePath, }); } diff --git a/src/nix/store-delete.cc b/src/nix/store-delete.cc index f71a56bc7b0..fae960c9013 100644 --- a/src/nix/store-delete.cc +++ b/src/nix/store-delete.cc @@ -16,7 +16,7 @@ struct CmdStoreDelete : StorePathsCommand addFlag({ .longName = "ignore-liveness", .description = "Do not check whether the paths are reachable from a root.", - .handler = {&options.ignoreLiveness, true} + .handler = {&options.ignoreLiveness, true}, }); } diff --git a/src/nix/store-gc.cc b/src/nix/store-gc.cc index e6a303874f4..c71e89233b9 100644 --- a/src/nix/store-gc.cc +++ b/src/nix/store-gc.cc @@ -17,7 +17,7 @@ struct CmdStoreGC : StoreCommand, MixDryRun .longName = "max", .description = "Stop after freeing *n* bytes of disk space.", .labels = {"n"}, - .handler = {&options.maxFreed} + .handler = {&options.maxFreed}, }); } diff --git a/src/nix/upgrade-nix.cc b/src/nix/upgrade-nix.cc index c0a6e68276d..64824110460 100644 --- a/src/nix/upgrade-nix.cc +++ b/src/nix/upgrade-nix.cc @@ -23,14 +23,14 @@ struct CmdUpgradeNix : MixDryRun, StoreCommand .shortName = 'p', .description = "The path to the Nix profile to upgrade.", .labels = {"profile-dir"}, - .handler = {&profileDir} + .handler = {&profileDir}, }); addFlag({ .longName = "nix-store-paths-url", .description = "The URL of the file that contains the store paths of the latest Nix release.", .labels = {"url"}, - .handler = {&(std::string&) settings.upgradeNixStorePathUrl} + .handler = {&(std::string&) settings.upgradeNixStorePathUrl}, }); } diff --git a/src/nix/verify.cc b/src/nix/verify.cc index 734387ee7e0..ff81d78b6d1 100644 --- a/src/nix/verify.cc +++ b/src/nix/verify.cc @@ -37,7 +37,7 @@ struct CmdVerify : StorePathsCommand .shortName = 's', .description = "Use signatures from the specified store.", .labels = {"store-uri"}, - .handler = {[&](std::string s) { substituterUris.push_back(s); }} + .handler = {[&](std::string s) { substituterUris.push_back(s); }}, }); addFlag({ @@ -45,7 +45,7 @@ struct CmdVerify : StorePathsCommand .shortName = 'n', .description = "Require that each path is signed by at least *n* different keys.", .labels = {"n"}, - .handler = {&sigsNeeded} + .handler = {&sigsNeeded}, }); } From cd7e01526ea3a4256f0d0862e3d4a6b7fe13bd07 Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Mon, 7 Apr 2025 17:24:41 -0400 Subject: [PATCH 451/815] format as required (cherry picked from commit 9b47b2b21703a4c7cadf95f05bfc32b5146d8327) --- src/libcmd/command.cc | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/libcmd/command.cc b/src/libcmd/command.cc index ce93833cb54..56541fa5755 100644 --- a/src/libcmd/command.cc +++ b/src/libcmd/command.cc @@ -239,10 +239,10 @@ MixProfile::MixProfile() { addFlag({ .longName = "profile", - .description = "The profile to operate on.", - .labels = {"path"}, - .handler = {&profile}, - .completer = completePath, + .description = "The profile to operate on.", + .labels = {"path"}, + .handler = {&profile}, + .completer = completePath, }); } From febd28db87bbd7bfac97a58ff54a00c5da93a1be Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Tue, 8 Apr 2025 23:32:52 +0200 Subject: [PATCH 452/815] Lazily copy trees to the store We now mount lazy accessors on top of /nix/store without materializing them, and only materialize them to the real store if needed (e.g. in the `derivation` primop). --- src/libcmd/installable-value.cc | 3 +- src/libexpr/eval.cc | 8 ++--- src/libexpr/include/nix/expr/eval.hh | 12 +++++++ src/libexpr/paths.cc | 34 +++++++++++++++++++ src/libexpr/primops.cc | 13 +++++-- src/libexpr/primops/fetchTree.cc | 7 ++-- src/libflake/flake/flake.cc | 34 ++++++++----------- src/libflake/include/nix/flake/flake.hh | 8 ++--- .../nix/util/mounted-source-accessor.hh | 6 ++++ src/libutil/mounted-source-accessor.cc | 9 +++++ src/nix/eval.cc | 6 +++- src/nix/flake.cc | 7 ++-- tests/functional/fetchGit.sh | 9 ++--- .../lang/eval-fail-hashfile-missing.err.exp | 2 +- 14 files changed, 115 insertions(+), 43 deletions(-) diff --git a/src/libcmd/installable-value.cc b/src/libcmd/installable-value.cc index d9ac3a29e7a..4eb4993b14e 100644 --- a/src/libcmd/installable-value.cc +++ b/src/libcmd/installable-value.cc @@ -57,7 +57,8 @@ std::optional InstallableValue::trySinglePathToDerivedPaths else if (v.type() == nString) { return {{ .path = DerivedPath::fromSingle( - state->coerceToSingleDerivedPath(pos, v, errorCtx)), + state->devirtualize( + state->coerceToSingleDerivedPath(pos, v, errorCtx))), .info = make_ref(), }}; } diff --git a/src/libexpr/eval.cc b/src/libexpr/eval.cc index 1597fea7a1c..bb68e684c93 100644 --- a/src/libexpr/eval.cc +++ b/src/libexpr/eval.cc @@ -267,11 +267,9 @@ EvalState::EvalState( auto accessor = getFSSourceAccessor(); auto realStoreDir = dirOf(store->toRealPath(StorePath::dummy)); - if (settings.pureEval || store->storeDir != realStoreDir) { - accessor = settings.pureEval - ? storeFS.cast() - : makeUnionSourceAccessor({accessor, storeFS}); - } + accessor = settings.pureEval + ? storeFS.cast() + : makeUnionSourceAccessor({accessor, storeFS}); /* Apply access control if needed. */ if (settings.restrictEval || settings.pureEval) diff --git a/src/libexpr/include/nix/expr/eval.hh b/src/libexpr/include/nix/expr/eval.hh index 9623c2a9cc6..056fd98d39f 100644 --- a/src/libexpr/include/nix/expr/eval.hh +++ b/src/libexpr/include/nix/expr/eval.hh @@ -554,6 +554,18 @@ public: std::optional tryAttrsToString(const PosIdx pos, Value & v, NixStringContext & context, bool coerceMore = false, bool copyToStore = true); + StorePath devirtualize( + const StorePath & path, + StringMap * rewrites = nullptr); + + SingleDerivedPath devirtualize( + const SingleDerivedPath & path, + StringMap * rewrites = nullptr); + + std::string devirtualize( + std::string_view s, + const NixStringContext & context); + /** * String coercion. * diff --git a/src/libexpr/paths.cc b/src/libexpr/paths.cc index c5107de3a5e..f4c4de5fae7 100644 --- a/src/libexpr/paths.cc +++ b/src/libexpr/paths.cc @@ -1,5 +1,7 @@ #include "nix/store/store-api.hh" #include "nix/expr/eval.hh" +#include "nix/util/mounted-source-accessor.hh" +#include "nix/fetchers/fetch-to-store.hh" namespace nix { @@ -18,4 +20,36 @@ SourcePath EvalState::storePath(const StorePath & path) return {rootFS, CanonPath{store->printStorePath(path)}}; } +StorePath EvalState::devirtualize(const StorePath & path, StringMap * rewrites) +{ + if (auto mount = storeFS->getMount(CanonPath(store->printStorePath(path)))) { + auto storePath = fetchToStore( + *store, SourcePath{ref(mount)}, settings.readOnlyMode ? FetchMode::DryRun : FetchMode::Copy, path.name()); + assert(storePath.name() == path.name()); + if (rewrites) + rewrites->emplace(path.hashPart(), storePath.hashPart()); + return storePath; + } else + return path; +} + +SingleDerivedPath EvalState::devirtualize(const SingleDerivedPath & path, StringMap * rewrites) +{ + if (auto o = std::get_if(&path.raw())) + return SingleDerivedPath::Opaque{devirtualize(o->path, rewrites)}; + else + return path; +} + +std::string EvalState::devirtualize(std::string_view s, const NixStringContext & context) +{ + StringMap rewrites; + + for (auto & c : context) + if (auto o = std::get_if(&c.raw)) + devirtualize(o->path, &rewrites); + + return rewriteStrings(std::string(s), rewrites); +} + } diff --git a/src/libexpr/primops.cc b/src/libexpr/primops.cc index 47f048aef27..34677f9a3a1 100644 --- a/src/libexpr/primops.cc +++ b/src/libexpr/primops.cc @@ -14,6 +14,7 @@ #include "nix/expr/value-to-xml.hh" #include "nix/expr/primops.hh" #include "nix/fetchers/fetch-to-store.hh" +#include "nix/util/mounted-source-accessor.hh" #include #include @@ -75,7 +76,10 @@ StringMap EvalState::realiseContext(const NixStringContext & context, StorePathS ensureValid(b.drvPath->getBaseStorePath()); }, [&](const NixStringContextElem::Opaque & o) { - ensureValid(o.path); + // We consider virtual store paths valid here. They'll + // be devirtualized if needed elsewhere. + if (!storeFS->getMount(CanonPath(store->printStorePath(o.path)))) + ensureValid(o.path); if (maybePathsOut) maybePathsOut->emplace(o.path); }, @@ -1408,6 +1412,8 @@ static void derivationStrictInternal( /* Everything in the context of the strings in the derivation attributes should be added as dependencies of the resulting derivation. */ + StringMap rewrites; + for (auto & c : context) { std::visit(overloaded { /* Since this allows the builder to gain access to every @@ -1430,11 +1436,13 @@ static void derivationStrictInternal( drv.inputDrvs.ensureSlot(*b.drvPath).value.insert(b.output); }, [&](const NixStringContextElem::Opaque & o) { - drv.inputSrcs.insert(o.path); + drv.inputSrcs.insert(state.devirtualize(o.path, &rewrites)); }, }, c.raw); } + drv.applyRewrites(rewrites); + /* Do we have all required attributes? */ if (drv.builder == "") state.error("required attribute 'builder' missing") @@ -2500,6 +2508,7 @@ static void addPath( {})); if (!expectedHash || !state.store->isValidPath(*expectedStorePath)) { + // FIXME: make this lazy? auto dstPath = fetchToStore( *state.store, path.resolveSymlinks(), diff --git a/src/libexpr/primops/fetchTree.cc b/src/libexpr/primops/fetchTree.cc index e16dde12c07..424343ffc77 100644 --- a/src/libexpr/primops/fetchTree.cc +++ b/src/libexpr/primops/fetchTree.cc @@ -201,13 +201,16 @@ static void fetchTree( throw Error("input '%s' is not allowed to use the '__final' attribute", input.to_string()); } - auto [storePath, accessor, input2] = input.fetchToStore(state.store); + // FIXME: use fetchOrSubstituteTree(). + auto [accessor, lockedInput] = input.getAccessor(state.store); + + auto storePath = StorePath::random(input.getName()); state.allowPath(storePath); state.storeFS->mount(CanonPath(state.store->printStorePath(storePath)), accessor); - emitTreeAttrs(state, storePath, input2, v, params.emptyRevFallback, false); + emitTreeAttrs(state, storePath, lockedInput, v, params.emptyRevFallback, false); } static void prim_fetchTree(EvalState & state, const PosIdx pos, Value * * args, Value & v) diff --git a/src/libflake/flake/flake.cc b/src/libflake/flake/flake.cc index f578d375eaa..8880ee45340 100644 --- a/src/libflake/flake/flake.cc +++ b/src/libflake/flake/flake.cc @@ -84,39 +84,33 @@ static std::tuple, FlakeRef, FlakeRef> fetchOrSubstituteTree return {fetched->accessor, resolvedRef, fetched->lockedRef}; } -static StorePath copyInputToStore( +static StorePath mountInput( EvalState & state, fetchers::Input & input, const fetchers::Input & originalInput, - ref accessor) + ref accessor, + CopyMode copyMode) { - auto storePath = fetchToStore(*state.store, accessor, FetchMode::Copy, input.getName()); + auto storePath = StorePath::random(input.getName()); state.allowPath(storePath); // FIXME: should just whitelist the entire virtual store state.storeFS->mount(CanonPath(state.store->printStorePath(storePath)), accessor); - auto narHash = state.store->queryPathInfo(storePath)->narHash; - input.attrs.insert_or_assign("narHash", narHash.to_string(HashFormat::SRI, true)); + if (copyMode == CopyMode::RequireLockable && !input.isLocked() && !input.getNarHash()) { + auto narHash = accessor->hashPath(CanonPath::root); + input.attrs.insert_or_assign("narHash", narHash.to_string(HashFormat::SRI, true)); + } + + // FIXME: check NAR hash + #if 0 assert(!originalInput.getNarHash() || storePath == originalInput.computeStorePath(*state.store)); + #endif return storePath; } -static SourcePath maybeCopyInputToStore( - EvalState & state, - fetchers::Input & input, - const fetchers::Input & originalInput, - ref accessor, - CopyMode copyMode) -{ - return copyMode == CopyMode::Lazy || (copyMode == CopyMode::RequireLockable && (input.isLocked() || input.getNarHash())) - ? SourcePath(accessor) - : state.storePath( - copyInputToStore(state, input, originalInput, accessor)); -} - static void forceTrivialValue(EvalState & state, Value & value, const PosIdx pos) { if (value.isThunk() && value.isTrivial()) @@ -440,7 +434,7 @@ static Flake getFlake( // Re-parse flake.nix from the store. return readFlake( state, originalRef, resolvedRef, lockedRef, - maybeCopyInputToStore(state, lockedRef.input, originalRef.input, accessor, copyMode), + state.storePath(mountInput(state, lockedRef.input, originalRef.input, accessor, copyMode)), lockRootAttrPath); } @@ -805,7 +799,7 @@ LockedFlake lockFlake( state, *input.ref, useRegistries, flakeCache); return { - maybeCopyInputToStore(state, lockedRef.input, input.ref->input, accessor, inputCopyMode), + state.storePath(mountInput(state, lockedRef.input, input.ref->input, accessor, inputCopyMode)), lockedRef }; } diff --git a/src/libflake/include/nix/flake/flake.hh b/src/libflake/include/nix/flake/flake.hh index d4f206b87ed..35398a306a6 100644 --- a/src/libflake/include/nix/flake/flake.hh +++ b/src/libflake/include/nix/flake/flake.hh @@ -116,8 +116,6 @@ struct Flake }; enum struct CopyMode { - //! Copy the input to the store. - RequireStorePath, //! Ensure that the input is locked or has a NAR hash. RequireLockable, //! Just return a lazy source accessor. @@ -128,7 +126,7 @@ Flake getFlake( EvalState & state, const FlakeRef & flakeRef, bool useRegistries, - CopyMode copyMode = CopyMode::RequireStorePath); + CopyMode copyMode = CopyMode::RequireLockable); /** * Fingerprint of a locked flake; used as a cache key. @@ -228,9 +226,9 @@ struct LockFlags std::set inputUpdates; /** - * If set, do not copy the flake to the Nix store. + * Whether to require a locked input. */ - CopyMode copyMode = CopyMode::RequireStorePath; + CopyMode copyMode = CopyMode::RequireLockable; }; LockedFlake lockFlake( diff --git a/src/libutil/include/nix/util/mounted-source-accessor.hh b/src/libutil/include/nix/util/mounted-source-accessor.hh index 4e75edfafff..2e8d45dd69b 100644 --- a/src/libutil/include/nix/util/mounted-source-accessor.hh +++ b/src/libutil/include/nix/util/mounted-source-accessor.hh @@ -7,6 +7,12 @@ namespace nix { struct MountedSourceAccessor : SourceAccessor { virtual void mount(CanonPath mountPoint, ref accessor) = 0; + + /** + * Return the accessor mounted on `mountPoint`, or `nullptr` if + * there is no such mount point. + */ + virtual std::shared_ptr getMount(CanonPath mountPoint) = 0; }; ref makeMountedSourceAccessor(std::map> mounts); diff --git a/src/libutil/mounted-source-accessor.cc b/src/libutil/mounted-source-accessor.cc index 89063b10f1f..28e799e4c92 100644 --- a/src/libutil/mounted-source-accessor.cc +++ b/src/libutil/mounted-source-accessor.cc @@ -81,6 +81,15 @@ struct MountedSourceAccessorImpl : MountedSourceAccessor // FIXME: thread-safety mounts.insert_or_assign(std::move(mountPoint), accessor); } + + std::shared_ptr getMount(CanonPath mountPoint) override + { + auto i = mounts.find(mountPoint); + if (i != mounts.end()) + return i->second; + else + return nullptr; + } }; ref makeMountedSourceAccessor(std::map> mounts) diff --git a/src/nix/eval.cc b/src/nix/eval.cc index 24a87f14049..d03d099160d 100644 --- a/src/nix/eval.cc +++ b/src/nix/eval.cc @@ -114,7 +114,11 @@ struct CmdEval : MixJSON, InstallableValueCommand, MixReadOnlyOption else if (raw) { logger->stop(); - writeFull(getStandardOutput(), *state->coerceToString(noPos, *v, context, "while generating the eval command output")); + writeFull( + getStandardOutput(), + state->devirtualize( + *state->coerceToString(noPos, *v, context, "while generating the eval command output"), + context)); } else if (json) { diff --git a/src/nix/flake.cc b/src/nix/flake.cc index bd89184f5df..6533b329698 100644 --- a/src/nix/flake.cc +++ b/src/nix/flake.cc @@ -1085,7 +1085,10 @@ struct CmdFlakeArchive : FlakeCommand, MixJSON, MixDryRun StorePathSet sources; - auto storePath = store->toStorePath(flake.flake.path.path.abs()).first; + auto storePath = + dryRun + ? flake.flake.lockedRef.input.computeStorePath(*store) + : std::get(flake.flake.lockedRef.input.fetchToStore(store)); sources.insert(storePath); @@ -1101,7 +1104,7 @@ struct CmdFlakeArchive : FlakeCommand, MixJSON, MixDryRun storePath = dryRun ? (*inputNode)->lockedRef.input.computeStorePath(*store) - : std::get<0>((*inputNode)->lockedRef.input.fetchToStore(store)); + : std::get((*inputNode)->lockedRef.input.fetchToStore(store)); sources.insert(*storePath); } if (json) { diff --git a/tests/functional/fetchGit.sh b/tests/functional/fetchGit.sh index 5e5e8e61fb6..283833e580e 100755 --- a/tests/functional/fetchGit.sh +++ b/tests/functional/fetchGit.sh @@ -142,13 +142,14 @@ path4=$(nix eval --impure --refresh --raw --expr "(builtins.fetchGit file://$rep [[ $(nix eval --impure --expr "builtins.hasAttr \"dirtyRev\" (builtins.fetchGit $repo)") == "false" ]] [[ $(nix eval --impure --expr "builtins.hasAttr \"dirtyShortRev\" (builtins.fetchGit $repo)") == "false" ]] -expect 102 nix eval --raw --expr "(builtins.fetchGit { url = $repo; rev = \"$rev2\"; narHash = \"sha256-B5yIPHhEm0eysJKEsO7nqxprh9vcblFxpJG11gXJus1=\"; }).outPath" +# FIXME: check narHash +#expect 102 nix eval --raw --expr "(builtins.fetchGit { url = $repo; rev = \"$rev2\"; narHash = \"sha256-B5yIPHhEm0eysJKEsO7nqxprh9vcblFxpJG11gXJus1=\"; }).outPath" path5=$(nix eval --raw --expr "(builtins.fetchGit { url = $repo; rev = \"$rev2\"; narHash = \"sha256-Hr8g6AqANb3xqX28eu1XnjK/3ab8Gv6TJSnkb1LezG9=\"; }).outPath") [[ $path = $path5 ]] # Ensure that NAR hashes are checked. -expectStderr 102 nix eval --raw --expr "(builtins.fetchGit { url = $repo; rev = \"$rev2\"; narHash = \"sha256-Hr8g6AqANb4xqX28eu1XnjK/3ab8Gv6TJSnkb1LezG9=\"; }).outPath" | grepQuiet "error: NAR hash mismatch" +#expectStderr 102 nix eval --raw --expr "(builtins.fetchGit { url = $repo; rev = \"$rev2\"; narHash = \"sha256-Hr8g6AqANb4xqX28eu1XnjK/3ab8Gv6TJSnkb1LezG9=\"; }).outPath" | grepQuiet "error: NAR hash mismatch" # It's allowed to use only a narHash, but you should get a warning. expectStderr 0 nix eval --raw --expr "(builtins.fetchGit { url = $repo; ref = \"tag2\"; narHash = \"sha256-Hr8g6AqANb3xqX28eu1XnjK/3ab8Gv6TJSnkb1LezG9=\"; }).outPath" | grepQuiet "warning: Input .* is unlocked" @@ -292,7 +293,7 @@ path11=$(nix eval --impure --raw --expr "(builtins.fetchGit ./.).outPath") empty="$TEST_ROOT/empty" git init "$empty" -emptyAttrs='{ lastModified = 0; lastModifiedDate = "19700101000000"; narHash = "sha256-pQpattmS9VmO3ZIQUFn66az8GSmB4IvYhTTCFn6SUmo="; rev = "0000000000000000000000000000000000000000"; revCount = 0; shortRev = "0000000"; submodules = false; }' +emptyAttrs='{ lastModified = 0; lastModifiedDate = "19700101000000"; rev = "0000000000000000000000000000000000000000"; revCount = 0; shortRev = "0000000"; submodules = false; }' [[ $(nix eval --impure --expr "builtins.removeAttrs (builtins.fetchGit $empty) [\"outPath\"]") = $emptyAttrs ]] @@ -302,7 +303,7 @@ echo foo > "$empty/x" git -C "$empty" add x -[[ $(nix eval --impure --expr "builtins.removeAttrs (builtins.fetchGit $empty) [\"outPath\"]") = '{ lastModified = 0; lastModifiedDate = "19700101000000"; narHash = "sha256-wzlAGjxKxpaWdqVhlq55q5Gxo4Bf860+kLeEa/v02As="; rev = "0000000000000000000000000000000000000000"; revCount = 0; shortRev = "0000000"; submodules = false; }' ]] +[[ $(nix eval --impure --expr "builtins.removeAttrs (builtins.fetchGit $empty) [\"outPath\"]") = '{ lastModified = 0; lastModifiedDate = "19700101000000"; rev = "0000000000000000000000000000000000000000"; revCount = 0; shortRev = "0000000"; submodules = false; }' ]] # Test a repo with an empty commit. git -C "$empty" rm -f x diff --git a/tests/functional/lang/eval-fail-hashfile-missing.err.exp b/tests/functional/lang/eval-fail-hashfile-missing.err.exp index 0d3747a6d57..901dea2b544 100644 --- a/tests/functional/lang/eval-fail-hashfile-missing.err.exp +++ b/tests/functional/lang/eval-fail-hashfile-missing.err.exp @@ -10,4 +10,4 @@ error: … while calling the 'hashFile' builtin - error: opening file '/pwd/lang/this-file-is-definitely-not-there-7392097': No such file or directory + error: path '/pwd/lang/this-file-is-definitely-not-there-7392097' does not exist From fa5cb626046dec4d10bc47d51f0cdab5ce08334f Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Tue, 8 Apr 2025 23:41:00 +0200 Subject: [PATCH 453/815] Revert unneeded test change --- tests/functional/flakes/follow-paths.sh | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/tests/functional/flakes/follow-paths.sh b/tests/functional/flakes/follow-paths.sh index c654e0650a7..a71d4c6d706 100755 --- a/tests/functional/flakes/follow-paths.sh +++ b/tests/functional/flakes/follow-paths.sh @@ -118,23 +118,20 @@ nix flake lock $flakeFollowsA jq -r -c '.nodes | keys | .[]' $flakeFollowsA/flake.lock | grep "^foobar$" # Check that path: inputs cannot escape from their root. -# FIXME: this test is wonky because with lazy trees, ../flakeB at the root is equivalent to /flakeB and not an error. cat > $flakeFollowsA/flake.nix <&1 | grep '/flakeB.*is forbidden in pure evaluation mode' -expect 1 nix eval --impure $flakeFollowsA#x 2>&1 | grep '/flakeB.*does not exist' +expect 1 nix flake lock $flakeFollowsA 2>&1 | grep '/flakeB.*is forbidden in pure evaluation mode' +expect 1 nix flake lock --impure $flakeFollowsA 2>&1 | grep '/flakeB.*does not exist' # Test relative non-flake inputs. cat > $flakeFollowsA/flake.nix < Date: Wed, 9 Apr 2025 00:15:08 +0200 Subject: [PATCH 454/815] Fix printAmbiguous() / printValueAsJSON() --- .../include/nix/expr/print-ambiguous.hh | 8 +++---- src/libexpr/print-ambiguous.cc | 24 +++++++++++-------- src/libexpr/value-to-json.cc | 4 +++- src/nix-env/user-env.cc | 2 +- src/nix-instantiate/nix-instantiate.cc | 7 ++++-- 5 files changed, 27 insertions(+), 18 deletions(-) diff --git a/src/libexpr/include/nix/expr/print-ambiguous.hh b/src/libexpr/include/nix/expr/print-ambiguous.hh index 09a849c498b..1dafd5d566a 100644 --- a/src/libexpr/include/nix/expr/print-ambiguous.hh +++ b/src/libexpr/include/nix/expr/print-ambiguous.hh @@ -15,10 +15,10 @@ namespace nix { * See: https://github.com/NixOS/nix/issues/9730 */ void printAmbiguous( - Value &v, - const SymbolTable &symbols, - std::ostream &str, - std::set *seen, + EvalState & state, + Value & v, + std::ostream & str, + std::set * seen, int depth); } diff --git a/src/libexpr/print-ambiguous.cc b/src/libexpr/print-ambiguous.cc index 0646783c268..e5bfe3ccd07 100644 --- a/src/libexpr/print-ambiguous.cc +++ b/src/libexpr/print-ambiguous.cc @@ -7,10 +7,10 @@ namespace nix { // See: https://github.com/NixOS/nix/issues/9730 void printAmbiguous( - Value &v, - const SymbolTable &symbols, - std::ostream &str, - std::set *seen, + EvalState & state, + Value & v, + std::ostream & str, + std::set * seen, int depth) { checkInterrupt(); @@ -26,9 +26,13 @@ void printAmbiguous( case nBool: printLiteralBool(str, v.boolean()); break; - case nString: - printLiteralString(str, v.string_view()); + case nString: { + NixStringContext context; + copyContext(v, context); + // FIXME: make devirtualization configurable? + printLiteralString(str, state.devirtualize(v.string_view(), context)); break; + } case nPath: str << v.path().to_string(); // !!! escaping? break; @@ -40,9 +44,9 @@ void printAmbiguous( str << "«repeated»"; else { str << "{ "; - for (auto & i : v.attrs()->lexicographicOrder(symbols)) { - str << symbols[i->name] << " = "; - printAmbiguous(*i->value, symbols, str, seen, depth - 1); + for (auto & i : v.attrs()->lexicographicOrder(state.symbols)) { + str << state.symbols[i->name] << " = "; + printAmbiguous(state, *i->value, str, seen, depth - 1); str << "; "; } str << "}"; @@ -56,7 +60,7 @@ void printAmbiguous( str << "[ "; for (auto v2 : v.listItems()) { if (v2) - printAmbiguous(*v2, symbols, str, seen, depth - 1); + printAmbiguous(state, *v2, str, seen, depth - 1); else str << "(nullptr)"; str << " "; diff --git a/src/libexpr/value-to-json.cc b/src/libexpr/value-to-json.cc index 51652db1f04..6230fa58541 100644 --- a/src/libexpr/value-to-json.cc +++ b/src/libexpr/value-to-json.cc @@ -31,7 +31,9 @@ json printValueAsJSON(EvalState & state, bool strict, case nString: copyContext(v, context); - out = v.c_str(); + // FIXME: only use the context from `v`. + // FIXME: make devirtualization configurable? + out = state.devirtualize(v.c_str(), context); break; case nPath: diff --git a/src/nix-env/user-env.cc b/src/nix-env/user-env.cc index e149b6aeb7f..c49f2885d22 100644 --- a/src/nix-env/user-env.cc +++ b/src/nix-env/user-env.cc @@ -110,7 +110,7 @@ bool createUserEnv(EvalState & state, PackageInfos & elems, environment. */ auto manifestFile = ({ std::ostringstream str; - printAmbiguous(manifest, state.symbols, str, nullptr, std::numeric_limits::max()); + printAmbiguous(state, manifest, str, nullptr, std::numeric_limits::max()); StringSource source { toView(str) }; state.store->addToStoreFromDump( source, "env-manifest.nix", FileSerialisationMethod::Flat, ContentAddressMethod::Raw::Text, HashAlgorithm::SHA256, references); diff --git a/src/nix-instantiate/nix-instantiate.cc b/src/nix-instantiate/nix-instantiate.cc index c1b6cc66a4b..4ae82b2bf6a 100644 --- a/src/nix-instantiate/nix-instantiate.cc +++ b/src/nix-instantiate/nix-instantiate.cc @@ -52,7 +52,10 @@ void processExpr(EvalState & state, const Strings & attrPaths, else state.autoCallFunction(autoArgs, v, vRes); if (output == okRaw) - std::cout << *state.coerceToString(noPos, vRes, context, "while generating the nix-instantiate output"); + std::cout << + state.devirtualize( + *state.coerceToString(noPos, vRes, context, "while generating the nix-instantiate output"), + context); // We intentionally don't output a newline here. The default PS1 for Bash in NixOS starts with a newline // and other interactive shells like Zsh are smart enough to print a missing newline before the prompt. else if (output == okXML) @@ -63,7 +66,7 @@ void processExpr(EvalState & state, const Strings & attrPaths, } else { if (strict) state.forceValueDeep(vRes); std::set seen; - printAmbiguous(vRes, state.symbols, std::cout, &seen, std::numeric_limits::max()); + printAmbiguous(state, vRes, std::cout, &seen, std::numeric_limits::max()); std::cout << std::endl; } } else { From a08477975d90dc0d2c9f89d2a417bedb5b266931 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 9 Apr 2025 17:59:51 +0200 Subject: [PATCH 455/815] Actually ignore system/user registries during locking Something went wrong in #12068 so this didn't work. Also added a test. (cherry picked from commit 77d4316353deaf8f429025738891b625eb0b5d8a) --- src/libflake/flake/flakeref.cc | 2 +- tests/functional/flakes/flakes.sh | 7 +++++++ 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/src/libflake/flake/flakeref.cc b/src/libflake/flake/flakeref.cc index 6e95eb76759..1580c284641 100644 --- a/src/libflake/flake/flakeref.cc +++ b/src/libflake/flake/flakeref.cc @@ -39,7 +39,7 @@ FlakeRef FlakeRef::resolve( ref store, const fetchers::RegistryFilter & filter) const { - auto [input2, extraAttrs] = lookupInRegistries(store, input); + auto [input2, extraAttrs] = lookupInRegistries(store, input, filter); return FlakeRef(std::move(input2), fetchers::maybeGetStrAttr(extraAttrs, "dir").value_or(subdir)); } diff --git a/tests/functional/flakes/flakes.sh b/tests/functional/flakes/flakes.sh index d8c9f254d15..b67a0964aef 100755 --- a/tests/functional/flakes/flakes.sh +++ b/tests/functional/flakes/flakes.sh @@ -220,6 +220,13 @@ nix store gc nix registry list --flake-registry "file://$registry" --refresh | grepQuiet flake3 mv "$registry.tmp" "$registry" +# Ensure that locking ignores the user registry. +mkdir -p "$TEST_HOME/.config/nix" +ln -sfn "$registry" "$TEST_HOME/.config/nix/registry.json" +nix flake metadata flake1 +expectStderr 1 nix flake update --flake-registry '' --flake "$flake3Dir" | grepQuiet "cannot find flake 'flake:flake1' in the flake registries" +rm "$TEST_HOME/.config/nix/registry.json" + # Test whether flakes are registered as GC roots for offline use. # FIXME: use tarballs rather than git. rm -rf "$TEST_HOME/.cache" From 080950b0fea8df7377f84254728a049149b895d5 Mon Sep 17 00:00:00 2001 From: Rodney Lorrimar Date: Thu, 20 Mar 2025 13:28:05 +0800 Subject: [PATCH 456/815] tests/functional/flakes: Add test case for subflake locking This adds a test case where the lockfile of a relative path flake dependency is updated. It was reported by a user here: https://discourse.nixos.org/t/updating-local-subflakes-inputs-when-building-root-flake/61682 I think this test case relates to issue #7730. Because the issue is not resolved, this test case would fail without the `|| true` clause. (cherry picked from commit 1bc82d1c867463bc1973991c6819912c391013de) --- tests/functional/flakes/meson.build | 1 + .../flakes/relative-paths-lockfile.sh | 73 +++++++++++++++++++ 2 files changed, 74 insertions(+) create mode 100644 tests/functional/flakes/relative-paths-lockfile.sh diff --git a/tests/functional/flakes/meson.build b/tests/functional/flakes/meson.build index b8c650db403..368c43876e5 100644 --- a/tests/functional/flakes/meson.build +++ b/tests/functional/flakes/meson.build @@ -28,6 +28,7 @@ suites += { 'commit-lock-file-summary.sh', 'non-flake-inputs.sh', 'relative-paths.sh', + 'relative-paths-lockfile.sh', 'symlink-paths.sh', 'debugger.sh', 'source-paths.sh', diff --git a/tests/functional/flakes/relative-paths-lockfile.sh b/tests/functional/flakes/relative-paths-lockfile.sh new file mode 100644 index 00000000000..d91aedd16cd --- /dev/null +++ b/tests/functional/flakes/relative-paths-lockfile.sh @@ -0,0 +1,73 @@ +#!/usr/bin/env bash + +source ./common.sh + +requireGit + +# Test a "vendored" subflake dependency. This is a relative path flake +# which doesn't reference the root flake and has its own lock file. +# +# This might occur in a monorepo for example. The root flake.lock is +# populated from the dependency's flake.lock. + +rootFlake="$TEST_ROOT/flake1" +subflake="$rootFlake/sub" +depFlakeA="$TEST_ROOT/depFlakeA" +depFlakeB="$TEST_ROOT/depFlakeB" + +rm -rf "$rootFlake" +mkdir -p "$rootFlake" "$subflake" "$depFlakeA" "$depFlakeB" + +cat > "$depFlakeA/flake.nix" < "$depFlakeB/flake.nix" < "$subflake/flake.nix" < "$rootFlake/flake.nix" < Date: Wed, 9 Apr 2025 12:31:33 -0400 Subject: [PATCH 457/815] Fix `;` and `#` bug in machine file parsing Comments go to the end of the line, not merely the next ; *or* \n. Fix by splitting on `;` *within* lines, and test. (cherry picked from commit f8b13cce19538796a881cc30fe449436d45cdbb6) --- src/libstore-tests/machines.cc | 12 +++++++++++ src/libstore/machines.cc | 38 ++++++++++++++++++---------------- 2 files changed, 32 insertions(+), 18 deletions(-) diff --git a/src/libstore-tests/machines.cc b/src/libstore-tests/machines.cc index 1d574ceeb77..3d857094614 100644 --- a/src/libstore-tests/machines.cc +++ b/src/libstore-tests/machines.cc @@ -73,6 +73,18 @@ TEST(machines, getMachinesWithSemicolonSeparator) { EXPECT_THAT(actual, Contains(Field(&Machine::storeUri, AuthorityMatches("nix@itchy.labs.cs.uu.nl")))); } +TEST(machines, getMachinesWithCommentsAndSemicolonSeparator) { + auto actual = Machine::parseConfig({}, + "# This is a comment ; this is still that comment\n" + "nix@scratchy.labs.cs.uu.nl ; nix@itchy.labs.cs.uu.nl\n" + "# This is also a comment ; this also is still that comment\n" + "nix@scabby.labs.cs.uu.nl\n"); + EXPECT_THAT(actual, SizeIs(3)); + EXPECT_THAT(actual, Contains(Field(&Machine::storeUri, AuthorityMatches("nix@scratchy.labs.cs.uu.nl")))); + EXPECT_THAT(actual, Contains(Field(&Machine::storeUri, AuthorityMatches("nix@itchy.labs.cs.uu.nl")))); + EXPECT_THAT(actual, Contains(Field(&Machine::storeUri, AuthorityMatches("nix@scabby.labs.cs.uu.nl")))); +} + TEST(machines, getMachinesWithCorrectCompleteSingleBuilder) { auto actual = Machine::parseConfig({}, "nix@scratchy.labs.cs.uu.nl i686-linux " diff --git a/src/libstore/machines.cc b/src/libstore/machines.cc index 7c077239d69..6ed4ac8b650 100644 --- a/src/libstore/machines.cc +++ b/src/libstore/machines.cc @@ -105,28 +105,30 @@ ref Machine::openStore() const static std::vector expandBuilderLines(const std::string & builders) { std::vector result; - for (auto line : tokenizeString>(builders, "\n;")) { + for (auto line : tokenizeString>(builders, "\n")) { trim(line); line.erase(std::find(line.begin(), line.end(), '#'), line.end()); - if (line.empty()) continue; - - if (line[0] == '@') { - const std::string path = trim(std::string(line, 1)); - std::string text; - try { - text = readFile(path); - } catch (const SysError & e) { - if (e.errNo != ENOENT) - throw; - debug("cannot find machines file '%s'", path); + for (auto entry : tokenizeString>(line, ";")) { + if (entry.empty()) continue; + + if (entry[0] == '@') { + const std::string path = trim(std::string(entry, 1)); + std::string text; + try { + text = readFile(path); + } catch (const SysError & e) { + if (e.errNo != ENOENT) + throw; + debug("cannot find machines file '%s'", path); + continue; + } + + const auto entrys = expandBuilderLines(text); + result.insert(end(result), begin(entrys), end(entrys)); + } else { + result.emplace_back(entry); } - - const auto lines = expandBuilderLines(text); - result.insert(end(result), begin(lines), end(lines)); - continue; } - - result.emplace_back(line); } return result; } From f45db85887295973659a4c1e0a787b629d12e1fb Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 9 Apr 2025 17:59:51 +0200 Subject: [PATCH 458/815] Actually ignore system/user registries during locking Something went wrong in #12068 so this didn't work. Also added a test. --- src/libflake/flake/flakeref.cc | 2 +- tests/functional/flakes/flakes.sh | 7 +++++++ 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/src/libflake/flake/flakeref.cc b/src/libflake/flake/flakeref.cc index 6e95eb76759..1580c284641 100644 --- a/src/libflake/flake/flakeref.cc +++ b/src/libflake/flake/flakeref.cc @@ -39,7 +39,7 @@ FlakeRef FlakeRef::resolve( ref store, const fetchers::RegistryFilter & filter) const { - auto [input2, extraAttrs] = lookupInRegistries(store, input); + auto [input2, extraAttrs] = lookupInRegistries(store, input, filter); return FlakeRef(std::move(input2), fetchers::maybeGetStrAttr(extraAttrs, "dir").value_or(subdir)); } diff --git a/tests/functional/flakes/flakes.sh b/tests/functional/flakes/flakes.sh index f55d3a04d14..0fcdf0b30c7 100755 --- a/tests/functional/flakes/flakes.sh +++ b/tests/functional/flakes/flakes.sh @@ -219,6 +219,13 @@ nix store gc nix registry list --flake-registry "file://$registry" --refresh | grepQuiet flake3 mv "$registry.tmp" "$registry" +# Ensure that locking ignores the user registry. +mkdir -p "$TEST_HOME/.config/nix" +ln -sfn "$registry" "$TEST_HOME/.config/nix/registry.json" +nix flake metadata flake1 +expectStderr 1 nix flake update --flake-registry '' --flake "$flake3Dir" | grepQuiet "cannot find flake 'flake:flake1' in the flake registries" +rm "$TEST_HOME/.config/nix/registry.json" + # Test whether flakes are registered as GC roots for offline use. # FIXME: use tarballs rather than git. rm -rf "$TEST_HOME/.cache" From 0cb06d7edace35c73e77cc32b7a53d4dafbe242f Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 9 Apr 2025 21:38:08 +0200 Subject: [PATCH 459/815] Rename FlakeCache -> InputCache and key it on Inputs instead of FlakeRefs --- src/libflake/flake/flake.cc | 88 ++++++++++++++++++++----------------- 1 file changed, 47 insertions(+), 41 deletions(-) diff --git a/src/libflake/flake/flake.cc b/src/libflake/flake/flake.cc index 8880ee45340..7f9fbab98b7 100644 --- a/src/libflake/flake/flake.cc +++ b/src/libflake/flake/flake.cc @@ -21,67 +21,68 @@ namespace nix { using namespace flake; +using namespace fetchers; namespace flake { -struct FetchedFlake +struct CachedInput { - FlakeRef lockedRef; + Input lockedInput; ref accessor; }; -typedef std::map FlakeCache; +typedef std::map InputCache; -static std::optional lookupInFlakeCache( - const FlakeCache & flakeCache, - const FlakeRef & flakeRef) +static std::optional lookupInInputCache( + const InputCache & inputCache, + const Input & originalInput) { - auto i = flakeCache.find(flakeRef); - if (i == flakeCache.end()) return std::nullopt; + auto i = inputCache.find(originalInput); + if (i == inputCache.end()) return std::nullopt; debug("mapping '%s' to previously seen input '%s' -> '%s", - flakeRef, i->first, i->second.lockedRef); + originalInput.to_string(), i->first.to_string(), i->second.lockedInput.to_string()); return i->second; } -static std::tuple, FlakeRef, FlakeRef> fetchOrSubstituteTree( +static std::tuple, Input, Input> getAccessorCached( EvalState & state, - const FlakeRef & originalRef, + const Input & originalInput, bool useRegistries, - FlakeCache & flakeCache) + InputCache & inputCache) { - auto fetched = lookupInFlakeCache(flakeCache, originalRef); - FlakeRef resolvedRef = originalRef; + auto fetched = lookupInInputCache(inputCache, originalInput); + Input resolvedInput = originalInput; if (!fetched) { - if (originalRef.input.isDirect()) { - auto [accessor, lockedRef] = originalRef.lazyFetch(state.store); - fetched.emplace(FetchedFlake{.lockedRef = lockedRef, .accessor = accessor}); + if (originalInput.isDirect()) { + auto [accessor, lockedInput] = originalInput.getAccessor(state.store); + fetched.emplace(CachedInput{.lockedInput = lockedInput, .accessor = accessor}); } else { if (useRegistries) { - resolvedRef = originalRef.resolve( - state.store, + auto [res, extraAttrs] = lookupInRegistries(state.store, originalInput, [](fetchers::Registry::RegistryType type) { /* Only use the global registry and CLI flags to resolve indirect flakerefs. */ return type == fetchers::Registry::Flag || type == fetchers::Registry::Global; }); - fetched = lookupInFlakeCache(flakeCache, originalRef); + resolvedInput = std::move(res); + fetched = lookupInInputCache(inputCache, originalInput); if (!fetched) { - auto [accessor, lockedRef] = resolvedRef.lazyFetch(state.store); - fetched.emplace(FetchedFlake{.lockedRef = lockedRef, .accessor = accessor}); + auto [accessor, lockedInput] = resolvedInput.getAccessor(state.store); + fetched.emplace(CachedInput{.lockedInput = lockedInput, .accessor = accessor}); } - flakeCache.insert_or_assign(resolvedRef, *fetched); + inputCache.insert_or_assign(resolvedInput, *fetched); } else { - throw Error("'%s' is an indirect flake reference, but registry lookups are not allowed", originalRef); + throw Error("'%s' is an indirect flake reference, but registry lookups are not allowed", originalInput.to_string()); } } - flakeCache.insert_or_assign(originalRef, *fetched); + inputCache.insert_or_assign(originalInput, *fetched); } - debug("got tree '%s' from '%s'", fetched->accessor, fetched->lockedRef); + debug("got tree '%s' from '%s'", fetched->accessor, fetched->lockedInput.to_string()); - return {fetched->accessor, resolvedRef, fetched->lockedRef}; + return {fetched->accessor, resolvedInput, fetched->lockedInput}; } static StorePath mountInput( @@ -136,7 +137,7 @@ static std::pair, fetchers::Attrs> parseFlakeInput static void parseFlakeInputAttr( EvalState & state, - const Attr & attr, + const nix::Attr & attr, fetchers::Attrs & attrs) { // Allow selecting a subset of enum values @@ -407,13 +408,16 @@ static Flake getFlake( EvalState & state, const FlakeRef & originalRef, bool useRegistries, - FlakeCache & flakeCache, + InputCache & inputCache, const InputAttrPath & lockRootAttrPath, CopyMode copyMode) { // Fetch a lazy tree first. - auto [accessor, resolvedRef, lockedRef] = fetchOrSubstituteTree( - state, originalRef, useRegistries, flakeCache); + auto [accessor, resolvedInput, lockedInput] = getAccessorCached( + state, originalRef.input, useRegistries, inputCache); + + auto resolvedRef = FlakeRef(std::move(resolvedInput), originalRef.subdir); + auto lockedRef = FlakeRef(std::move(lockedInput), originalRef.subdir); // Parse/eval flake.nix to get at the input.self attributes. auto flake = readFlake(state, originalRef, resolvedRef, lockedRef, {accessor}, lockRootAttrPath); @@ -425,10 +429,10 @@ static Flake getFlake( debug("refetching input '%s' due to self attribute", newLockedRef); // FIXME: need to remove attrs that are invalidated by the changed input attrs, such as 'narHash'. newLockedRef.input.attrs.erase("narHash"); - auto [accessor2, resolvedRef2, lockedRef2] = fetchOrSubstituteTree( - state, newLockedRef, false, flakeCache); + auto [accessor2, resolvedInput2, lockedInput2] = getAccessorCached( + state, newLockedRef.input, false, inputCache); accessor = accessor2; - lockedRef = lockedRef2; + lockedRef = FlakeRef(std::move(lockedInput2), newLockedRef.subdir); } // Re-parse flake.nix from the store. @@ -440,8 +444,8 @@ static Flake getFlake( Flake getFlake(EvalState & state, const FlakeRef & originalRef, bool useRegistries, CopyMode copyMode) { - FlakeCache flakeCache; - return getFlake(state, originalRef, useRegistries, flakeCache, {}, copyMode); + InputCache inputCache; + return getFlake(state, originalRef, useRegistries, inputCache, {}, copyMode); } static LockFile readLockFile( @@ -461,11 +465,11 @@ LockedFlake lockFlake( const FlakeRef & topRef, const LockFlags & lockFlags) { - FlakeCache flakeCache; + InputCache inputCache; auto useRegistries = lockFlags.useRegistries.value_or(settings.useRegistries); - auto flake = getFlake(state, topRef, useRegistries, flakeCache, {}, lockFlags.copyMode); + auto flake = getFlake(state, topRef, useRegistries, inputCache, {}, lockFlags.copyMode); if (lockFlags.applyNixConfig) { flake.config.apply(settings); @@ -647,7 +651,7 @@ LockedFlake lockFlake( if (auto resolvedPath = resolveRelativePath()) { return readFlake(state, ref, ref, ref, *resolvedPath, inputAttrPath); } else { - return getFlake(state, ref, useRegistries, flakeCache, inputAttrPath, inputCopyMode); + return getFlake(state, ref, useRegistries, inputCache, inputAttrPath, inputCopyMode); } }; @@ -795,8 +799,10 @@ LockedFlake lockFlake( if (auto resolvedPath = resolveRelativePath()) { return {*resolvedPath, *input.ref}; } else { - auto [accessor, resolvedRef, lockedRef] = fetchOrSubstituteTree( - state, *input.ref, useRegistries, flakeCache); + auto [accessor, resolvedInput, lockedInput] = getAccessorCached( + state, input.ref->input, useRegistries, inputCache); + + auto lockedRef = FlakeRef(std::move(lockedInput), input.ref->subdir); return { state.storePath(mountInput(state, lockedRef.input, input.ref->input, accessor, inputCopyMode)), From 3bbf91770701bb6d6ad791755f0b997553b810cb Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 9 Apr 2025 22:11:36 +0200 Subject: [PATCH 460/815] Move the input cache into libfetchers --- src/libcmd/repl.cc | 3 ++ .../include/nix/fetchers/input-cache.hh | 22 +++++++++ .../include/nix/fetchers/meson.build | 1 + src/libfetchers/input-cache.cc | 41 ++++++++++++++++ src/libfetchers/meson.build | 1 + src/libflake/flake/flake.cc | 49 ++++++------------- 6 files changed, 82 insertions(+), 35 deletions(-) create mode 100644 src/libfetchers/include/nix/fetchers/input-cache.hh create mode 100644 src/libfetchers/input-cache.cc diff --git a/src/libcmd/repl.cc b/src/libcmd/repl.cc index c5a95268b50..3805942cef7 100644 --- a/src/libcmd/repl.cc +++ b/src/libcmd/repl.cc @@ -28,6 +28,7 @@ #include "nix/expr/print.hh" #include "nix/util/ref.hh" #include "nix/expr/value.hh" +#include "nix/fetchers/input-cache.hh" #include "nix/util/strings.hh" @@ -458,6 +459,7 @@ ProcessLineResult NixRepl::processLine(std::string line) else if (command == ":l" || command == ":load") { state->resetFileCache(); + fetchers::InputCache::getCache()->clear(); loadFile(arg); } @@ -467,6 +469,7 @@ ProcessLineResult NixRepl::processLine(std::string line) else if (command == ":r" || command == ":reload") { state->resetFileCache(); + fetchers::InputCache::getCache()->clear(); reloadFiles(); } diff --git a/src/libfetchers/include/nix/fetchers/input-cache.hh b/src/libfetchers/include/nix/fetchers/input-cache.hh new file mode 100644 index 00000000000..62092baef74 --- /dev/null +++ b/src/libfetchers/include/nix/fetchers/input-cache.hh @@ -0,0 +1,22 @@ +#include "fetchers.hh" + +namespace nix::fetchers { + +struct CachedInput +{ + Input lockedInput; + ref accessor; +}; + +struct InputCache +{ + virtual std::optional lookup(const Input & originalInput) const = 0; + + virtual void upsert(Input key, CachedInput cachedInput) = 0; + + virtual void clear() = 0; + + static ref getCache(); +}; + +} diff --git a/src/libfetchers/include/nix/fetchers/meson.build b/src/libfetchers/include/nix/fetchers/meson.build index 3a752d9cbb6..e6ddedd97c4 100644 --- a/src/libfetchers/include/nix/fetchers/meson.build +++ b/src/libfetchers/include/nix/fetchers/meson.build @@ -9,6 +9,7 @@ headers = files( 'filtering-source-accessor.hh', 'git-lfs-fetch.hh', 'git-utils.hh', + 'input-cache.hh', 'registry.hh', 'store-path-accessor.hh', 'tarball.hh', diff --git a/src/libfetchers/input-cache.cc b/src/libfetchers/input-cache.cc new file mode 100644 index 00000000000..44d33428dc7 --- /dev/null +++ b/src/libfetchers/input-cache.cc @@ -0,0 +1,41 @@ +#include "nix/fetchers/input-cache.hh" +#include "nix/util/sync.hh" + +namespace nix::fetchers { + +struct InputCacheImpl : InputCache +{ + Sync> cache_; + + std::optional lookup(const Input & originalInput) const override + { + auto cache(cache_.readLock()); + auto i = cache->find(originalInput); + if (i == cache->end()) + return std::nullopt; + debug( + "mapping '%s' to previously seen input '%s' -> '%s", + originalInput.to_string(), + i->first.to_string(), + i->second.lockedInput.to_string()); + return i->second; + } + + void upsert(Input key, CachedInput cachedInput) override + { + cache_.lock()->insert_or_assign(std::move(key), std::move(cachedInput)); + } + + void clear() override + { + cache_.lock()->clear(); + } +}; + +ref InputCache::getCache() +{ + static auto cache = make_ref(); + return cache; +} + +} diff --git a/src/libfetchers/meson.build b/src/libfetchers/meson.build index 6e7129f4c1b..321146ca4ed 100644 --- a/src/libfetchers/meson.build +++ b/src/libfetchers/meson.build @@ -44,6 +44,7 @@ sources = files( 'git.cc', 'github.cc', 'indirect.cc', + 'input-cache.cc', 'mercurial.cc', 'path.cc', 'registry.cc', diff --git a/src/libflake/flake/flake.cc b/src/libflake/flake/flake.cc index 7f9fbab98b7..6214ca57d70 100644 --- a/src/libflake/flake/flake.cc +++ b/src/libflake/flake/flake.cc @@ -15,6 +15,7 @@ #include "nix/fetchers/fetch-to-store.hh" #include "nix/util/memory-source-accessor.hh" #include "nix/util/mounted-source-accessor.hh" +#include "nix/fetchers/input-cache.hh" #include @@ -25,32 +26,14 @@ using namespace fetchers; namespace flake { -struct CachedInput -{ - Input lockedInput; - ref accessor; -}; - -typedef std::map InputCache; - -static std::optional lookupInInputCache( - const InputCache & inputCache, - const Input & originalInput) -{ - auto i = inputCache.find(originalInput); - if (i == inputCache.end()) return std::nullopt; - debug("mapping '%s' to previously seen input '%s' -> '%s", - originalInput.to_string(), i->first.to_string(), i->second.lockedInput.to_string()); - return i->second; -} - static std::tuple, Input, Input> getAccessorCached( EvalState & state, const Input & originalInput, - bool useRegistries, - InputCache & inputCache) + bool useRegistries) { - auto fetched = lookupInInputCache(inputCache, originalInput); + auto inputCache = InputCache::getCache(); + + auto fetched = inputCache->lookup(originalInput); Input resolvedInput = originalInput; if (!fetched) { @@ -66,18 +49,18 @@ static std::tuple, Input, Input> getAccessorCached( return type == fetchers::Registry::Flag || type == fetchers::Registry::Global; }); resolvedInput = std::move(res); - fetched = lookupInInputCache(inputCache, originalInput); + fetched = inputCache->lookup(resolvedInput); if (!fetched) { auto [accessor, lockedInput] = resolvedInput.getAccessor(state.store); fetched.emplace(CachedInput{.lockedInput = lockedInput, .accessor = accessor}); } - inputCache.insert_or_assign(resolvedInput, *fetched); + inputCache->upsert(resolvedInput, *fetched); } else { throw Error("'%s' is an indirect flake reference, but registry lookups are not allowed", originalInput.to_string()); } } - inputCache.insert_or_assign(originalInput, *fetched); + inputCache->upsert(originalInput, *fetched); } debug("got tree '%s' from '%s'", fetched->accessor, fetched->lockedInput.to_string()); @@ -408,13 +391,12 @@ static Flake getFlake( EvalState & state, const FlakeRef & originalRef, bool useRegistries, - InputCache & inputCache, const InputAttrPath & lockRootAttrPath, CopyMode copyMode) { // Fetch a lazy tree first. auto [accessor, resolvedInput, lockedInput] = getAccessorCached( - state, originalRef.input, useRegistries, inputCache); + state, originalRef.input, useRegistries); auto resolvedRef = FlakeRef(std::move(resolvedInput), originalRef.subdir); auto lockedRef = FlakeRef(std::move(lockedInput), originalRef.subdir); @@ -430,7 +412,7 @@ static Flake getFlake( // FIXME: need to remove attrs that are invalidated by the changed input attrs, such as 'narHash'. newLockedRef.input.attrs.erase("narHash"); auto [accessor2, resolvedInput2, lockedInput2] = getAccessorCached( - state, newLockedRef.input, false, inputCache); + state, newLockedRef.input, false); accessor = accessor2; lockedRef = FlakeRef(std::move(lockedInput2), newLockedRef.subdir); } @@ -444,8 +426,7 @@ static Flake getFlake( Flake getFlake(EvalState & state, const FlakeRef & originalRef, bool useRegistries, CopyMode copyMode) { - InputCache inputCache; - return getFlake(state, originalRef, useRegistries, inputCache, {}, copyMode); + return getFlake(state, originalRef, useRegistries, {}, copyMode); } static LockFile readLockFile( @@ -465,11 +446,9 @@ LockedFlake lockFlake( const FlakeRef & topRef, const LockFlags & lockFlags) { - InputCache inputCache; - auto useRegistries = lockFlags.useRegistries.value_or(settings.useRegistries); - auto flake = getFlake(state, topRef, useRegistries, inputCache, {}, lockFlags.copyMode); + auto flake = getFlake(state, topRef, useRegistries, {}, lockFlags.copyMode); if (lockFlags.applyNixConfig) { flake.config.apply(settings); @@ -651,7 +630,7 @@ LockedFlake lockFlake( if (auto resolvedPath = resolveRelativePath()) { return readFlake(state, ref, ref, ref, *resolvedPath, inputAttrPath); } else { - return getFlake(state, ref, useRegistries, inputCache, inputAttrPath, inputCopyMode); + return getFlake(state, ref, useRegistries, inputAttrPath, inputCopyMode); } }; @@ -800,7 +779,7 @@ LockedFlake lockFlake( return {*resolvedPath, *input.ref}; } else { auto [accessor, resolvedInput, lockedInput] = getAccessorCached( - state, input.ref->input, useRegistries, inputCache); + state, input.ref->input, useRegistries); auto lockedRef = FlakeRef(std::move(lockedInput), input.ref->subdir); From f9c262c3d5a2d795625ef723b4f08fd08f653781 Mon Sep 17 00:00:00 2001 From: John Ericson Date: Wed, 9 Apr 2025 15:23:12 -0400 Subject: [PATCH 461/815] Fix another machine config parsing bug We were ignorning the result of `trim`, and after my last change we were also trimmming too early. (cherry picked from commit b74b0f4e1c4efe5e278a1a9b9c59f08688af9115) --- src/libstore-tests/machines.cc | 14 ++++++++++++++ src/libstore/machines.cc | 9 +++++---- 2 files changed, 19 insertions(+), 4 deletions(-) diff --git a/src/libstore-tests/machines.cc b/src/libstore-tests/machines.cc index 3d857094614..084807130d9 100644 --- a/src/libstore-tests/machines.cc +++ b/src/libstore-tests/machines.cc @@ -85,6 +85,20 @@ TEST(machines, getMachinesWithCommentsAndSemicolonSeparator) { EXPECT_THAT(actual, Contains(Field(&Machine::storeUri, AuthorityMatches("nix@scabby.labs.cs.uu.nl")))); } +TEST(machines, getMachinesWithFunnyWhitespace) { + auto actual = Machine::parseConfig({}, + " # commment ; comment\n" + " nix@scratchy.labs.cs.uu.nl ; nix@itchy.labs.cs.uu.nl \n" + "\n \n" + "\n ;;; \n" + "\n ; ; \n" + "nix@scabby.labs.cs.uu.nl\n\n"); + EXPECT_THAT(actual, SizeIs(3)); + EXPECT_THAT(actual, Contains(Field(&Machine::storeUri, AuthorityMatches("nix@scratchy.labs.cs.uu.nl")))); + EXPECT_THAT(actual, Contains(Field(&Machine::storeUri, AuthorityMatches("nix@itchy.labs.cs.uu.nl")))); + EXPECT_THAT(actual, Contains(Field(&Machine::storeUri, AuthorityMatches("nix@scabby.labs.cs.uu.nl")))); +} + TEST(machines, getMachinesWithCorrectCompleteSingleBuilder) { auto actual = Machine::parseConfig({}, "nix@scratchy.labs.cs.uu.nl i686-linux " diff --git a/src/libstore/machines.cc b/src/libstore/machines.cc index 6ed4ac8b650..d98d06651e5 100644 --- a/src/libstore/machines.cc +++ b/src/libstore/machines.cc @@ -106,13 +106,14 @@ static std::vector expandBuilderLines(const std::string & builders) { std::vector result; for (auto line : tokenizeString>(builders, "\n")) { - trim(line); line.erase(std::find(line.begin(), line.end(), '#'), line.end()); for (auto entry : tokenizeString>(line, ";")) { - if (entry.empty()) continue; + entry = trim(entry); - if (entry[0] == '@') { - const std::string path = trim(std::string(entry, 1)); + if (entry.empty()) { + // skip blank entries + } else if (entry[0] == '@') { + const std::string path = trim(std::string_view{entry}.substr(1)); std::string text; try { text = readFile(path); From dd15c8a20d5d825723e720da300762d6f03f89a6 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 9 Apr 2025 23:06:03 +0200 Subject: [PATCH 462/815] Move getAccessorCached() to InputCache Also, make fetchTree use InputCache. --- src/libexpr/primops/fetchTree.cc | 8 +-- .../include/nix/fetchers/input-cache.hh | 21 ++++-- src/libfetchers/input-cache.cc | 40 +++++++++++ src/libflake/flake/flake.cc | 67 +++---------------- 4 files changed, 70 insertions(+), 66 deletions(-) diff --git a/src/libexpr/primops/fetchTree.cc b/src/libexpr/primops/fetchTree.cc index 424343ffc77..c5cb70b44a1 100644 --- a/src/libexpr/primops/fetchTree.cc +++ b/src/libexpr/primops/fetchTree.cc @@ -10,6 +10,7 @@ #include "nix/util/url.hh" #include "nix/expr/value-to-json.hh" #include "nix/fetchers/fetch-to-store.hh" +#include "nix/fetchers/input-cache.hh" #include "nix/util/mounted-source-accessor.hh" #include @@ -201,16 +202,15 @@ static void fetchTree( throw Error("input '%s' is not allowed to use the '__final' attribute", input.to_string()); } - // FIXME: use fetchOrSubstituteTree(). - auto [accessor, lockedInput] = input.getAccessor(state.store); + auto cachedInput = fetchers::InputCache::getCache()->getAccessor(state.store, input, false); auto storePath = StorePath::random(input.getName()); state.allowPath(storePath); - state.storeFS->mount(CanonPath(state.store->printStorePath(storePath)), accessor); + state.storeFS->mount(CanonPath(state.store->printStorePath(storePath)), cachedInput.accessor); - emitTreeAttrs(state, storePath, lockedInput, v, params.emptyRevFallback, false); + emitTreeAttrs(state, storePath, cachedInput.lockedInput, v, params.emptyRevFallback, false); } static void prim_fetchTree(EvalState & state, const PosIdx pos, Value * * args, Value & v) diff --git a/src/libfetchers/include/nix/fetchers/input-cache.hh b/src/libfetchers/include/nix/fetchers/input-cache.hh index 62092baef74..6a71947410b 100644 --- a/src/libfetchers/include/nix/fetchers/input-cache.hh +++ b/src/libfetchers/include/nix/fetchers/input-cache.hh @@ -2,14 +2,23 @@ namespace nix::fetchers { -struct CachedInput -{ - Input lockedInput; - ref accessor; -}; - struct InputCache { + struct CachedResult + { + ref accessor; + Input resolvedInput; + Input lockedInput; + }; + + CachedResult getAccessor(ref store, const Input & originalInput, bool useRegistries); + + struct CachedInput + { + Input lockedInput; + ref accessor; + }; + virtual std::optional lookup(const Input & originalInput) const = 0; virtual void upsert(Input key, CachedInput cachedInput) = 0; diff --git a/src/libfetchers/input-cache.cc b/src/libfetchers/input-cache.cc index 44d33428dc7..6772d67c7f1 100644 --- a/src/libfetchers/input-cache.cc +++ b/src/libfetchers/input-cache.cc @@ -1,8 +1,48 @@ #include "nix/fetchers/input-cache.hh" +#include "nix/fetchers/registry.hh" #include "nix/util/sync.hh" +#include "nix/util/source-path.hh" namespace nix::fetchers { +InputCache::CachedResult InputCache::getAccessor(ref store, const Input & originalInput, bool useRegistries) +{ + auto fetched = lookup(originalInput); + Input resolvedInput = originalInput; + + if (!fetched) { + if (originalInput.isDirect()) { + auto [accessor, lockedInput] = originalInput.getAccessor(store); + fetched.emplace(CachedInput{.lockedInput = lockedInput, .accessor = accessor}); + } else { + if (useRegistries) { + auto [res, extraAttrs] = + lookupInRegistries(store, originalInput, [](fetchers::Registry::RegistryType type) { + /* Only use the global registry and CLI flags + to resolve indirect flakerefs. */ + return type == fetchers::Registry::Flag || type == fetchers::Registry::Global; + }); + resolvedInput = std::move(res); + fetched = lookup(resolvedInput); + if (!fetched) { + auto [accessor, lockedInput] = resolvedInput.getAccessor(store); + fetched.emplace(CachedInput{.lockedInput = lockedInput, .accessor = accessor}); + } + upsert(resolvedInput, *fetched); + } else { + throw Error( + "'%s' is an indirect flake reference, but registry lookups are not allowed", + originalInput.to_string()); + } + } + upsert(originalInput, *fetched); + } + + debug("got tree '%s' from '%s'", fetched->accessor, fetched->lockedInput.to_string()); + + return {fetched->accessor, resolvedInput, fetched->lockedInput}; +} + struct InputCacheImpl : InputCache { Sync> cache_; diff --git a/src/libflake/flake/flake.cc b/src/libflake/flake/flake.cc index 6214ca57d70..34eab755a0b 100644 --- a/src/libflake/flake/flake.cc +++ b/src/libflake/flake/flake.cc @@ -26,48 +26,6 @@ using namespace fetchers; namespace flake { -static std::tuple, Input, Input> getAccessorCached( - EvalState & state, - const Input & originalInput, - bool useRegistries) -{ - auto inputCache = InputCache::getCache(); - - auto fetched = inputCache->lookup(originalInput); - Input resolvedInput = originalInput; - - if (!fetched) { - if (originalInput.isDirect()) { - auto [accessor, lockedInput] = originalInput.getAccessor(state.store); - fetched.emplace(CachedInput{.lockedInput = lockedInput, .accessor = accessor}); - } else { - if (useRegistries) { - auto [res, extraAttrs] = lookupInRegistries(state.store, originalInput, - [](fetchers::Registry::RegistryType type) { - /* Only use the global registry and CLI flags - to resolve indirect flakerefs. */ - return type == fetchers::Registry::Flag || type == fetchers::Registry::Global; - }); - resolvedInput = std::move(res); - fetched = inputCache->lookup(resolvedInput); - if (!fetched) { - auto [accessor, lockedInput] = resolvedInput.getAccessor(state.store); - fetched.emplace(CachedInput{.lockedInput = lockedInput, .accessor = accessor}); - } - inputCache->upsert(resolvedInput, *fetched); - } - else { - throw Error("'%s' is an indirect flake reference, but registry lookups are not allowed", originalInput.to_string()); - } - } - inputCache->upsert(originalInput, *fetched); - } - - debug("got tree '%s' from '%s'", fetched->accessor, fetched->lockedInput.to_string()); - - return {fetched->accessor, resolvedInput, fetched->lockedInput}; -} - static StorePath mountInput( EvalState & state, fetchers::Input & input, @@ -395,14 +353,13 @@ static Flake getFlake( CopyMode copyMode) { // Fetch a lazy tree first. - auto [accessor, resolvedInput, lockedInput] = getAccessorCached( - state, originalRef.input, useRegistries); + auto cachedInput = fetchers::InputCache::getCache()->getAccessor(state.store, originalRef.input, useRegistries); - auto resolvedRef = FlakeRef(std::move(resolvedInput), originalRef.subdir); - auto lockedRef = FlakeRef(std::move(lockedInput), originalRef.subdir); + auto resolvedRef = FlakeRef(std::move(cachedInput.resolvedInput), originalRef.subdir); + auto lockedRef = FlakeRef(std::move(cachedInput.lockedInput), originalRef.subdir); // Parse/eval flake.nix to get at the input.self attributes. - auto flake = readFlake(state, originalRef, resolvedRef, lockedRef, {accessor}, lockRootAttrPath); + auto flake = readFlake(state, originalRef, resolvedRef, lockedRef, {cachedInput.accessor}, lockRootAttrPath); // Re-fetch the tree if necessary. auto newLockedRef = applySelfAttrs(lockedRef, flake); @@ -411,16 +368,15 @@ static Flake getFlake( debug("refetching input '%s' due to self attribute", newLockedRef); // FIXME: need to remove attrs that are invalidated by the changed input attrs, such as 'narHash'. newLockedRef.input.attrs.erase("narHash"); - auto [accessor2, resolvedInput2, lockedInput2] = getAccessorCached( - state, newLockedRef.input, false); - accessor = accessor2; - lockedRef = FlakeRef(std::move(lockedInput2), newLockedRef.subdir); + auto cachedInput2 = fetchers::InputCache::getCache()->getAccessor(state.store, newLockedRef.input, useRegistries); + cachedInput.accessor = cachedInput2.accessor; + lockedRef = FlakeRef(std::move(cachedInput2.lockedInput), newLockedRef.subdir); } // Re-parse flake.nix from the store. return readFlake( state, originalRef, resolvedRef, lockedRef, - state.storePath(mountInput(state, lockedRef.input, originalRef.input, accessor, copyMode)), + state.storePath(mountInput(state, lockedRef.input, originalRef.input, cachedInput.accessor, copyMode)), lockRootAttrPath); } @@ -778,13 +734,12 @@ LockedFlake lockFlake( if (auto resolvedPath = resolveRelativePath()) { return {*resolvedPath, *input.ref}; } else { - auto [accessor, resolvedInput, lockedInput] = getAccessorCached( - state, input.ref->input, useRegistries); + auto cachedInput = fetchers::InputCache::getCache()->getAccessor(state.store, input.ref->input, useRegistries); - auto lockedRef = FlakeRef(std::move(lockedInput), input.ref->subdir); + auto lockedRef = FlakeRef(std::move(cachedInput.lockedInput), input.ref->subdir); return { - state.storePath(mountInput(state, lockedRef.input, input.ref->input, accessor, inputCopyMode)), + state.storePath(mountInput(state, lockedRef.input, input.ref->input, cachedInput.accessor, inputCopyMode)), lockedRef }; } From 62565ce7cec2949a16ac5f8c03a2282ab6e5431b Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 10 Apr 2025 13:10:20 +0200 Subject: [PATCH 463/815] Remove unused variable --- src/libexpr/eval.cc | 1 - 1 file changed, 1 deletion(-) diff --git a/src/libexpr/eval.cc b/src/libexpr/eval.cc index bb68e684c93..d6e01c028cc 100644 --- a/src/libexpr/eval.cc +++ b/src/libexpr/eval.cc @@ -266,7 +266,6 @@ EvalState::EvalState( /nix/store while using a chroot store. */ auto accessor = getFSSourceAccessor(); - auto realStoreDir = dirOf(store->toRealPath(StorePath::dummy)); accessor = settings.pureEval ? storeFS.cast() : makeUnionSourceAccessor({accessor, storeFS}); From 666aa20da8aa00dc3eb5b99e761085976fb399f0 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 10 Apr 2025 18:40:27 +0200 Subject: [PATCH 464/815] Move alias support from NixArgs to MultiCommand This allows subcommands to declare aliases, e.g. `nix store ping` is now a proper alias of `nix store info`. --- doc/manual/meson.build | 1 - src/libutil/args.cc | 21 +++++++ src/libutil/include/nix/util/args.hh | 22 ++++++++ src/nix/main.cc | 83 +++++++++------------------- src/nix/store-info.cc | 15 +---- src/nix/store.cc | 6 +- 6 files changed, 75 insertions(+), 73 deletions(-) diff --git a/doc/manual/meson.build b/doc/manual/meson.build index c251fadb15f..33dea3a2c62 100644 --- a/doc/manual/meson.build +++ b/doc/manual/meson.build @@ -283,7 +283,6 @@ nix3_manpages = [ 'nix3-store', 'nix3-store-optimise', 'nix3-store-path-from-hash-part', - 'nix3-store-ping', 'nix3-store-prefetch-file', 'nix3-store-repair', 'nix3-store-sign', diff --git a/src/libutil/args.cc b/src/libutil/args.cc index 39d66b3ec0f..0541291ad3e 100644 --- a/src/libutil/args.cc +++ b/src/libutil/args.cc @@ -647,4 +647,25 @@ nlohmann::json MultiCommand::toJSON() return res; } +Strings::iterator MultiCommand::rewriteArgs(Strings & args, Strings::iterator pos) +{ + if (command) + return command->second->rewriteArgs(args, pos); + + if (aliasUsed || pos == args.end()) return pos; + auto arg = *pos; + auto i = aliases.find(arg); + if (i == aliases.end()) return pos; + auto & info = i->second; + if (info.status == AliasStatus::Deprecated) { + warn("'%s' is a deprecated alias for '%s'", + arg, concatStringsSep(" ", info.replacement)); + } + pos = args.erase(pos); + for (auto j = info.replacement.rbegin(); j != info.replacement.rend(); ++j) + pos = args.insert(pos, *j); + aliasUsed = true; + return pos; +} + } diff --git a/src/libutil/include/nix/util/args.hh b/src/libutil/include/nix/util/args.hh index 77c4fb5b62f..4632703741d 100644 --- a/src/libutil/include/nix/util/args.hh +++ b/src/libutil/include/nix/util/args.hh @@ -393,8 +393,30 @@ public: nlohmann::json toJSON() override; + enum struct AliasStatus { + /** Aliases that don't go away */ + AcceptedShorthand, + /** Aliases that will go away */ + Deprecated, + }; + + /** An alias, except for the original syntax, which is in the map key. */ + struct AliasInfo { + AliasStatus status; + std::vector replacement; + }; + + /** + * A list of aliases (remapping a deprecated/shorthand subcommand + * to something else). + */ + std::map aliases; + + Strings::iterator rewriteArgs(Strings & args, Strings::iterator pos) override; + protected: std::string commandName = ""; + bool aliasUsed = false; }; Strings argvToStrings(int argc, char * * argv); diff --git a/src/nix/main.cc b/src/nix/main.cc index 580be09928f..098d461a31e 100644 --- a/src/nix/main.cc +++ b/src/nix/main.cc @@ -51,19 +51,6 @@ void chrootHelper(int argc, char * * argv); namespace nix { -enum struct AliasStatus { - /** Aliases that don't go away */ - AcceptedShorthand, - /** Aliases that will go away */ - Deprecated, -}; - -/** An alias, except for the original syntax, which is in the map key. */ -struct AliasInfo { - AliasStatus status; - std::vector replacement; -}; - /* Check if we have a non-loopback/link-local network interface. */ static bool haveInternet() { @@ -151,54 +138,34 @@ struct NixArgs : virtual MultiCommand, virtual MixCommonArgs, virtual RootArgs .category = miscCategory, .handler = {[&]() { refresh = true; }}, }); - } - std::map aliases = { - {"add-to-store", { AliasStatus::Deprecated, {"store", "add-path"}}}, - {"cat-nar", { AliasStatus::Deprecated, {"nar", "cat"}}}, - {"cat-store", { AliasStatus::Deprecated, {"store", "cat"}}}, - {"copy-sigs", { AliasStatus::Deprecated, {"store", "copy-sigs"}}}, - {"dev-shell", { AliasStatus::Deprecated, {"develop"}}}, - {"diff-closures", { AliasStatus::Deprecated, {"store", "diff-closures"}}}, - {"dump-path", { AliasStatus::Deprecated, {"store", "dump-path"}}}, - {"hash-file", { AliasStatus::Deprecated, {"hash", "file"}}}, - {"hash-path", { AliasStatus::Deprecated, {"hash", "path"}}}, - {"ls-nar", { AliasStatus::Deprecated, {"nar", "ls"}}}, - {"ls-store", { AliasStatus::Deprecated, {"store", "ls"}}}, - {"make-content-addressable", { AliasStatus::Deprecated, {"store", "make-content-addressed"}}}, - {"optimise-store", { AliasStatus::Deprecated, {"store", "optimise"}}}, - {"ping-store", { AliasStatus::Deprecated, {"store", "info"}}}, - {"sign-paths", { AliasStatus::Deprecated, {"store", "sign"}}}, - {"shell", { AliasStatus::AcceptedShorthand, {"env", "shell"}}}, - {"show-derivation", { AliasStatus::Deprecated, {"derivation", "show"}}}, - {"show-config", { AliasStatus::Deprecated, {"config", "show"}}}, - {"to-base16", { AliasStatus::Deprecated, {"hash", "to-base16"}}}, - {"to-base32", { AliasStatus::Deprecated, {"hash", "to-base32"}}}, - {"to-base64", { AliasStatus::Deprecated, {"hash", "to-base64"}}}, - {"verify", { AliasStatus::Deprecated, {"store", "verify"}}}, - {"doctor", { AliasStatus::Deprecated, {"config", "check"}}}, + aliases = { + {"add-to-store", { AliasStatus::Deprecated, {"store", "add-path"}}}, + {"cat-nar", { AliasStatus::Deprecated, {"nar", "cat"}}}, + {"cat-store", { AliasStatus::Deprecated, {"store", "cat"}}}, + {"copy-sigs", { AliasStatus::Deprecated, {"store", "copy-sigs"}}}, + {"dev-shell", { AliasStatus::Deprecated, {"develop"}}}, + {"diff-closures", { AliasStatus::Deprecated, {"store", "diff-closures"}}}, + {"dump-path", { AliasStatus::Deprecated, {"store", "dump-path"}}}, + {"hash-file", { AliasStatus::Deprecated, {"hash", "file"}}}, + {"hash-path", { AliasStatus::Deprecated, {"hash", "path"}}}, + {"ls-nar", { AliasStatus::Deprecated, {"nar", "ls"}}}, + {"ls-store", { AliasStatus::Deprecated, {"store", "ls"}}}, + {"make-content-addressable", { AliasStatus::Deprecated, {"store", "make-content-addressed"}}}, + {"optimise-store", { AliasStatus::Deprecated, {"store", "optimise"}}}, + {"ping-store", { AliasStatus::Deprecated, {"store", "info"}}}, + {"sign-paths", { AliasStatus::Deprecated, {"store", "sign"}}}, + {"shell", { AliasStatus::AcceptedShorthand, {"env", "shell"}}}, + {"show-derivation", { AliasStatus::Deprecated, {"derivation", "show"}}}, + {"show-config", { AliasStatus::Deprecated, {"config", "show"}}}, + {"to-base16", { AliasStatus::Deprecated, {"hash", "to-base16"}}}, + {"to-base32", { AliasStatus::Deprecated, {"hash", "to-base32"}}}, + {"to-base64", { AliasStatus::Deprecated, {"hash", "to-base64"}}}, + {"verify", { AliasStatus::Deprecated, {"store", "verify"}}}, + {"doctor", { AliasStatus::Deprecated, {"config", "check"}}}, + }; }; - bool aliasUsed = false; - - Strings::iterator rewriteArgs(Strings & args, Strings::iterator pos) override - { - if (aliasUsed || command || pos == args.end()) return pos; - auto arg = *pos; - auto i = aliases.find(arg); - if (i == aliases.end()) return pos; - auto & info = i->second; - if (info.status == AliasStatus::Deprecated) { - warn("'%s' is a deprecated alias for '%s'", - arg, concatStringsSep(" ", info.replacement)); - } - pos = args.erase(pos); - for (auto j = info.replacement.rbegin(); j != info.replacement.rend(); ++j) - pos = args.insert(pos, *j); - aliasUsed = true; - return pos; - } - std::string description() override { return "a tool for reproducible and declarative configuration management"; diff --git a/src/nix/store-info.cc b/src/nix/store-info.cc index 8b4ac9b308f..9402e82281a 100644 --- a/src/nix/store-info.cc +++ b/src/nix/store-info.cc @@ -7,7 +7,7 @@ using namespace nix; -struct CmdPingStore : StoreCommand, MixJSON +struct CmdInfoStore : StoreCommand, MixJSON { std::string description() override { @@ -46,15 +46,4 @@ struct CmdPingStore : StoreCommand, MixJSON } }; -struct CmdInfoStore : CmdPingStore -{ - void run(nix::ref store) override - { - warn("'nix store ping' is a deprecated alias for 'nix store info'"); - CmdPingStore::run(store); - } -}; - - -static auto rCmdPingStore = registerCommand2({"store", "info"}); -static auto rCmdInfoStore = registerCommand2({"store", "ping"}); +static auto rCmdInfoStore = registerCommand2({"store", "info"}); diff --git a/src/nix/store.cc b/src/nix/store.cc index b40b6d06847..80f9363cade 100644 --- a/src/nix/store.cc +++ b/src/nix/store.cc @@ -5,7 +5,11 @@ using namespace nix; struct CmdStore : NixMultiCommand { CmdStore() : NixMultiCommand("store", RegisterCommand::getCommandsFor({"store"})) - { } + { + aliases = { + {"ping", { AliasStatus::Deprecated, {"info"}}}, + }; + } std::string description() override { From 497fe6dd3182f75771667a350a7dcd1ad1018299 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 10 Apr 2025 18:42:04 +0200 Subject: [PATCH 465/815] Make `nix profile install` an alias of `nix profile add` --- doc/manual/meson.build | 1 - src/nix/profile.cc | 8 +++++--- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/doc/manual/meson.build b/doc/manual/meson.build index 33dea3a2c62..f7d3f44c59d 100644 --- a/doc/manual/meson.build +++ b/doc/manual/meson.build @@ -250,7 +250,6 @@ nix3_manpages = [ 'nix3-print-dev-env', 'nix3-profile-diff-closures', 'nix3-profile-history', - 'nix3-profile-install', 'nix3-profile-list', 'nix3-profile', 'nix3-profile-remove', diff --git a/src/nix/profile.cc b/src/nix/profile.cc index b22421a6069..13ab0f659fe 100644 --- a/src/nix/profile.cc +++ b/src/nix/profile.cc @@ -984,10 +984,12 @@ struct CmdProfile : NixMultiCommand {"history", []() { return make_ref(); }}, {"rollback", []() { return make_ref(); }}, {"wipe-history", []() { return make_ref(); }}, - // 2025-04-05 Deprecated in favor of "add" - {"install", []() { return make_ref(); }}, }) - { } + { + aliases = { + {"install", { AliasStatus::Deprecated, {"add"}}}, + }; + } std::string description() override { From 2596288f8800e088721559889cc15926eff25772 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Fri, 11 Apr 2025 20:56:51 +0000 Subject: [PATCH 466/815] Prepare release v3.3.0 From 454e0f798db5b4976280557c8d11c57fa1f50f62 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Fri, 11 Apr 2025 20:56:54 +0000 Subject: [PATCH 467/815] Set .version-determinate to 3.3.0 --- .version-determinate | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.version-determinate b/.version-determinate index e4604e3afd0..15a27998172 100644 --- a/.version-determinate +++ b/.version-determinate @@ -1 +1 @@ -3.2.1 +3.3.0 From 8bd8f5a869575b570913979e42bd1b13b5a1c150 Mon Sep 17 00:00:00 2001 From: Cole Helbling Date: Fri, 11 Apr 2025 14:00:26 -0700 Subject: [PATCH 468/815] Add Determinate Nix 3.3.0 release notes --- doc/manual/source/SUMMARY.md.in | 1 + doc/manual/source/release-notes-determinate/changes.md | 4 +++- doc/manual/source/release-notes-determinate/rl-3.3.0.md | 5 +++++ 3 files changed, 9 insertions(+), 1 deletion(-) create mode 100644 doc/manual/source/release-notes-determinate/rl-3.3.0.md diff --git a/doc/manual/source/SUMMARY.md.in b/doc/manual/source/SUMMARY.md.in index e2e2ec48cd7..0e1ff7f8455 100644 --- a/doc/manual/source/SUMMARY.md.in +++ b/doc/manual/source/SUMMARY.md.in @@ -128,6 +128,7 @@ - [Contributing](development/contributing.md) - [Determinate Nix Release Notes](release-notes-determinate/index.md) - [Changes between Nix and Determinate Nix](release-notes-determinate/changes.md) + - [Release 3.3.0 (2025-04-11)](release-notes-determinate/rl-3.3.0.md) - [Release 3.1.0 (2025-03-27)](release-notes-determinate/rl-3.1.0.md) - [Release 3.0.0 (2025-03-04)](release-notes-determinate/rl-3.0.0.md) - [Nix Release Notes](release-notes/index.md) diff --git a/doc/manual/source/release-notes-determinate/changes.md b/doc/manual/source/release-notes-determinate/changes.md index 8e6d053d0f6..4e5316708af 100644 --- a/doc/manual/source/release-notes-determinate/changes.md +++ b/doc/manual/source/release-notes-determinate/changes.md @@ -1,9 +1,11 @@ # Changes between Nix and Determinate Nix -This section lists the differences between upstream Nix 2.24 and Determinate Nix 3.1.0. +This section lists the differences between upstream Nix 2.24 and Determinate Nix 3.3.0. * In Determinate Nix, flakes are stable. You no longer need to enable the `flakes` experimental feature. * In Determinate Nix, the new Nix CLI (i.e. the `nix` command) is stable. You no longer need to enable the `nix-command` experimental feature. * Determinate Nix has a setting [`json-log-path`](@docroot@/command-ref/conf-file.md#conf-json-log-path) to send a copy of all Nix log messages (in JSON format) to a file or Unix domain socket. + +* Determinate Nix has made `nix profile install` an alias to `nix profile add`, a more symmetrical antonym of `nix profile remove`. diff --git a/doc/manual/source/release-notes-determinate/rl-3.3.0.md b/doc/manual/source/release-notes-determinate/rl-3.3.0.md new file mode 100644 index 00000000000..badf96415df --- /dev/null +++ b/doc/manual/source/release-notes-determinate/rl-3.3.0.md @@ -0,0 +1,5 @@ +# Release 3.3.0 (2025-04-11) + +* Based on [upstream Nix 2.28.1](../release-notes/rl-2.28.md). + +* The `nix profile install` command is now an alias to `nix profile add`, a more symmetrical antonym of `nix profile remove`. From beab9eb978105cccafd0710f06408b41d872395e Mon Sep 17 00:00:00 2001 From: Philipp Otterbein Date: Wed, 19 Feb 2025 18:51:02 +0100 Subject: [PATCH 469/815] libstore S3: fix progress bar and make file transfers interruptible (cherry picked from commit 9da01e69f96346d73c2d1c03adce109f3e57a9a4) --- src/libstore/filetransfer.cc | 4 - src/libstore/s3-binary-cache-store.cc | 117 ++++++++++++++++++++++---- 2 files changed, 102 insertions(+), 19 deletions(-) diff --git a/src/libstore/filetransfer.cc b/src/libstore/filetransfer.cc index 49453f6dfdf..485250a6bf7 100644 --- a/src/libstore/filetransfer.cc +++ b/src/libstore/filetransfer.cc @@ -789,10 +789,6 @@ struct curlFileTransfer : public FileTransfer S3Helper s3Helper(profile, region, scheme, endpoint); - Activity act(*logger, lvlTalkative, actFileTransfer, - fmt("downloading '%s'", request.uri), - {request.uri}, request.parentAct); - // FIXME: implement ETag auto s3Res = s3Helper.getObject(bucketName, key); FileTransferResult res; diff --git a/src/libstore/s3-binary-cache-store.cc b/src/libstore/s3-binary-cache-store.cc index 87f5feb45a6..ca03c7cd8a7 100644 --- a/src/libstore/s3-binary-cache-store.cc +++ b/src/libstore/s3-binary-cache-store.cc @@ -160,7 +160,10 @@ ref S3Helper::makeConfig( S3Helper::FileTransferResult S3Helper::getObject( const std::string & bucketName, const std::string & key) { - debug("fetching 's3://%s/%s'...", bucketName, key); + std::string uri = "s3://" + bucketName + "/" + key; + Activity act(*logger, lvlTalkative, actFileTransfer, + fmt("downloading '%s'", uri), + Logger::Fields{uri}, getCurActivity()); auto request = Aws::S3::Model::GetObjectRequest() @@ -171,6 +174,26 @@ S3Helper::FileTransferResult S3Helper::getObject( return Aws::New("STRINGSTREAM"); }); + size_t bytesDone = 0; + size_t bytesExpected = 0; + request.SetDataReceivedEventHandler([&](const Aws::Http::HttpRequest * req, Aws::Http::HttpResponse * resp, long long l) { + if (!bytesExpected && resp->HasHeader("Content-Length")) { + if (auto length = string2Int(resp->GetHeader("Content-Length"))) { + bytesExpected = *length; + } + } + bytesDone += l; + act.progress(bytesDone, bytesExpected); + }); + + request.SetContinueRequestHandler([](const Aws::Http::HttpRequest*) { + try { + checkInterrupt(); + return true; + } catch(...) {} + return false; + }); + FileTransferResult res; auto now1 = std::chrono::steady_clock::now(); @@ -180,6 +203,8 @@ S3Helper::FileTransferResult S3Helper::getObject( auto result = checkAws(fmt("AWS error fetching '%s'", key), client->GetObject(request)); + act.progress(result.GetContentLength(), result.GetContentLength()); + res.data = decompress(result.GetContentEncoding(), dynamic_cast(result.GetBody()).str()); @@ -307,11 +332,35 @@ struct S3BinaryCacheStoreImpl : virtual S3BinaryCacheStoreConfig, public virtual std::shared_ptr transferManager; std::once_flag transferManagerCreated; + struct AsyncContext : public Aws::Client::AsyncCallerContext + { + mutable std::mutex mutex; + mutable std::condition_variable cv; + const Activity & act; + + void notify() const + { + cv.notify_one(); + } + + void wait() const + { + std::unique_lock lk(mutex); + cv.wait(lk); + } + + AsyncContext(const Activity & act) : act(act) {} + }; + void uploadFile(const std::string & path, std::shared_ptr> istream, const std::string & mimeType, const std::string & contentEncoding) { + std::string uri = "s3://" + bucketName + "/" + path; + Activity act(*logger, lvlTalkative, actFileTransfer, + fmt("uploading '%s'", uri), + Logger::Fields{uri}, getCurActivity()); istream->seekg(0, istream->end); auto size = istream->tellg(); istream->seekg(0, istream->beg); @@ -330,16 +379,25 @@ struct S3BinaryCacheStoreImpl : virtual S3BinaryCacheStoreConfig, public virtual transferConfig.bufferSize = bufferSize; transferConfig.uploadProgressCallback = - [](const TransferManager *transferManager, - const std::shared_ptr - &transferHandle) + [](const TransferManager * transferManager, + const std::shared_ptr & transferHandle) + { + auto context = std::dynamic_pointer_cast(transferHandle->GetContext()); + size_t bytesDone = transferHandle->GetBytesTransferred(); + size_t bytesTotal = transferHandle->GetBytesTotalSize(); + try { + checkInterrupt(); + context->act.progress(bytesDone, bytesTotal); + } catch (...) { + context->notify(); + } + }; + transferConfig.transferStatusUpdatedCallback = + [](const TransferManager * transferManager, + const std::shared_ptr & transferHandle) { - //FIXME: find a way to properly abort the multipart upload. - //checkInterrupt(); - debug("upload progress ('%s'): '%d' of '%d' bytes", - transferHandle->GetKey(), - transferHandle->GetBytesTransferred(), - transferHandle->GetBytesTotalSize()); + auto context = std::dynamic_pointer_cast(transferHandle->GetContext()); + context->notify(); }; transferManager = TransferManager::Create(transferConfig); @@ -353,29 +411,56 @@ struct S3BinaryCacheStoreImpl : virtual S3BinaryCacheStoreConfig, public virtual if (contentEncoding != "") throw Error("setting a content encoding is not supported with S3 multi-part uploads"); + auto context = std::make_shared(act); std::shared_ptr transferHandle = transferManager->UploadFile( istream, bucketName, path, mimeType, Aws::Map(), - nullptr /*, contentEncoding */); - - transferHandle->WaitUntilFinished(); + context /*, contentEncoding */); + + TransferStatus status = transferHandle->GetStatus(); + while (status == TransferStatus::IN_PROGRESS || status == TransferStatus::NOT_STARTED) { + try { + checkInterrupt(); + context->wait(); + } catch (...) { + transferHandle->Cancel(); + transferHandle->WaitUntilFinished(); + } + status = transferHandle->GetStatus(); + } + act.progress(transferHandle->GetBytesTransferred(), transferHandle->GetBytesTotalSize()); - if (transferHandle->GetStatus() == TransferStatus::FAILED) + if (status == TransferStatus::FAILED) throw Error("AWS error: failed to upload 's3://%s/%s': %s", bucketName, path, transferHandle->GetLastError().GetMessage()); - if (transferHandle->GetStatus() != TransferStatus::COMPLETED) + if (status != TransferStatus::COMPLETED) throw Error("AWS error: transfer status of 's3://%s/%s' in unexpected state", bucketName, path); } else { + act.progress(0, size); auto request = Aws::S3::Model::PutObjectRequest() .WithBucket(bucketName) .WithKey(path); + size_t bytesSent = 0; + request.SetDataSentEventHandler([&](const Aws::Http::HttpRequest * req, long long l) { + bytesSent += l; + act.progress(bytesSent, size); + }); + + request.SetContinueRequestHandler([](const Aws::Http::HttpRequest*) { + try { + checkInterrupt(); + return true; + } catch(...) {} + return false; + }); + request.SetContentType(mimeType); if (contentEncoding != "") @@ -385,6 +470,8 @@ struct S3BinaryCacheStoreImpl : virtual S3BinaryCacheStoreConfig, public virtual auto result = checkAws(fmt("AWS error uploading '%s'", path), s3Helper.client->PutObject(request)); + + act.progress(size, size); } auto now2 = std::chrono::steady_clock::now(); From c53bd8905b239bf341df39d6488008f36abd6f8d Mon Sep 17 00:00:00 2001 From: Philipp Otterbein Date: Wed, 12 Mar 2025 00:50:20 +0100 Subject: [PATCH 470/815] libstore: same progress bar behavior for PUT and POST requests - no differentiation between uploads and downloads in CLI (cherry picked from commit db297d3dda12306459341da01e9892b4df2d6d37) --- src/libstore/filetransfer.cc | 24 +++++-------------- .../include/nix/store/filetransfer.hh | 2 +- 2 files changed, 7 insertions(+), 19 deletions(-) diff --git a/src/libstore/filetransfer.cc b/src/libstore/filetransfer.cc index 485250a6bf7..08c78213914 100644 --- a/src/libstore/filetransfer.cc +++ b/src/libstore/filetransfer.cc @@ -95,7 +95,7 @@ struct curlFileTransfer : public FileTransfer : fileTransfer(fileTransfer) , request(request) , act(*logger, lvlTalkative, actFileTransfer, - request.post ? "" : fmt(request.data ? "uploading '%s'" : "downloading '%s'", request.uri), + fmt("%sing '%s'", request.verb(), request.uri), {request.uri}, request.parentAct) , callback(std::move(callback)) , finalSink([this](std::string_view data) { @@ -272,19 +272,11 @@ struct curlFileTransfer : public FileTransfer return getInterrupted(); } - int silentProgressCallback(curl_off_t dltotal, curl_off_t dlnow) - { - return getInterrupted(); - } - static int progressCallbackWrapper(void * userp, curl_off_t dltotal, curl_off_t dlnow, curl_off_t ultotal, curl_off_t ulnow) { - return ((TransferItem *) userp)->progressCallback(dltotal, dlnow); - } - - static int silentProgressCallbackWrapper(void * userp, curl_off_t dltotal, curl_off_t dlnow, curl_off_t ultotal, curl_off_t ulnow) - { - return ((TransferItem *) userp)->silentProgressCallback(dltotal, dlnow); + auto & item = *static_cast(userp); + auto isUpload = bool(item.request.data); + return item.progressCallback(isUpload ? ultotal : dltotal, isUpload ? ulnow : dlnow); } static int debugCallback(CURL * handle, curl_infotype type, char * data, size_t size, void * userptr) @@ -351,10 +343,7 @@ struct curlFileTransfer : public FileTransfer curl_easy_setopt(req, CURLOPT_HEADERFUNCTION, TransferItem::headerCallbackWrapper); curl_easy_setopt(req, CURLOPT_HEADERDATA, this); - if (request.post) - curl_easy_setopt(req, CURLOPT_XFERINFOFUNCTION, silentProgressCallbackWrapper); - else - curl_easy_setopt(req, CURLOPT_XFERINFOFUNCTION, progressCallbackWrapper); + curl_easy_setopt(req, CURLOPT_XFERINFOFUNCTION, progressCallbackWrapper); curl_easy_setopt(req, CURLOPT_XFERINFODATA, this); curl_easy_setopt(req, CURLOPT_NOPROGRESS, 0); @@ -447,8 +436,7 @@ struct curlFileTransfer : public FileTransfer if (httpStatus == 304 && result.etag == "") result.etag = request.expectedETag; - if (!request.post) - act.progress(result.bodySize, result.bodySize); + act.progress(result.bodySize, result.bodySize); done = true; callback(std::move(result)); } diff --git a/src/libstore/include/nix/store/filetransfer.hh b/src/libstore/include/nix/store/filetransfer.hh index 217c52d77f6..f87f68e7fc8 100644 --- a/src/libstore/include/nix/store/filetransfer.hh +++ b/src/libstore/include/nix/store/filetransfer.hh @@ -77,7 +77,7 @@ struct FileTransferRequest FileTransferRequest(std::string_view uri) : uri(uri), parentAct(getCurActivity()) { } - std::string verb() + std::string verb() const { return data ? "upload" : "download"; } From 61bb40583987ccc2738f488de4f2e24b7cab0c2a Mon Sep 17 00:00:00 2001 From: Philipp Otterbein Date: Fri, 11 Apr 2025 22:34:15 +0200 Subject: [PATCH 471/815] add isInterrupted() call and replace some checkInterrupt() occurrences (cherry picked from commit 49f757c24ae10e6d32c19e27fd646fc21aca7679) --- src/libstore/s3-binary-cache-store.cc | 17 ++++------------- src/libutil/include/nix/util/signals.hh | 5 +++++ .../unix/include/nix/util/signals-impl.hh | 13 +++++++++---- .../windows/include/nix/util/signals-impl.hh | 7 ++++++- 4 files changed, 24 insertions(+), 18 deletions(-) diff --git a/src/libstore/s3-binary-cache-store.cc b/src/libstore/s3-binary-cache-store.cc index ca03c7cd8a7..f9e5833077e 100644 --- a/src/libstore/s3-binary-cache-store.cc +++ b/src/libstore/s3-binary-cache-store.cc @@ -187,11 +187,7 @@ S3Helper::FileTransferResult S3Helper::getObject( }); request.SetContinueRequestHandler([](const Aws::Http::HttpRequest*) { - try { - checkInterrupt(); - return true; - } catch(...) {} - return false; + return !isInterrupted(); }); FileTransferResult res; @@ -420,10 +416,9 @@ struct S3BinaryCacheStoreImpl : virtual S3BinaryCacheStoreConfig, public virtual TransferStatus status = transferHandle->GetStatus(); while (status == TransferStatus::IN_PROGRESS || status == TransferStatus::NOT_STARTED) { - try { - checkInterrupt(); + if (!isInterrupted()) { context->wait(); - } catch (...) { + } else { transferHandle->Cancel(); transferHandle->WaitUntilFinished(); } @@ -454,11 +449,7 @@ struct S3BinaryCacheStoreImpl : virtual S3BinaryCacheStoreConfig, public virtual }); request.SetContinueRequestHandler([](const Aws::Http::HttpRequest*) { - try { - checkInterrupt(); - return true; - } catch(...) {} - return false; + return !isInterrupted(); }); request.SetContentType(mimeType); diff --git a/src/libutil/include/nix/util/signals.hh b/src/libutil/include/nix/util/signals.hh index 45130a90cc4..5a2ba8e75b7 100644 --- a/src/libutil/include/nix/util/signals.hh +++ b/src/libutil/include/nix/util/signals.hh @@ -26,6 +26,11 @@ static inline bool getInterrupted(); */ void setInterruptThrown(); +/** + * @note Does nothing on Windows + */ +static inline bool isInterrupted(); + /** * @note Does nothing on Windows */ diff --git a/src/libutil/unix/include/nix/util/signals-impl.hh b/src/libutil/unix/include/nix/util/signals-impl.hh index ffa96734409..7397744b2ae 100644 --- a/src/libutil/unix/include/nix/util/signals-impl.hh +++ b/src/libutil/unix/include/nix/util/signals-impl.hh @@ -85,17 +85,22 @@ static inline bool getInterrupted() return unix::_isInterrupted; } +static inline bool isInterrupted() +{ + using namespace unix; + return _isInterrupted || (interruptCheck && interruptCheck()); +} + /** * Throw `Interrupted` exception if the process has been interrupted. * * Call this in long-running loops and between slow operations to terminate * them as needed. */ -void inline checkInterrupt() +inline void checkInterrupt() { - using namespace unix; - if (_isInterrupted || (interruptCheck && interruptCheck())) - _interrupted(); + if (isInterrupted()) + unix::_interrupted(); } /** diff --git a/src/libutil/windows/include/nix/util/signals-impl.hh b/src/libutil/windows/include/nix/util/signals-impl.hh index 043f39100ac..f716ffd1a68 100644 --- a/src/libutil/windows/include/nix/util/signals-impl.hh +++ b/src/libutil/windows/include/nix/util/signals-impl.hh @@ -22,7 +22,12 @@ inline void setInterruptThrown() /* Do nothing for now */ } -void inline checkInterrupt() +static inline bool isInterrupted() +{ + /* Do nothing for now */ +} + +inline void checkInterrupt() { /* Do nothing for now */ } From c1c0e20f2ec713951e223c950695ed8f7d068f68 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Sat, 12 Apr 2025 02:34:34 +0000 Subject: [PATCH 472/815] Prepare release v3.3.1 From 398104dcbfa4ae55bcb73c048b86444b7a3edacb Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Sat, 12 Apr 2025 02:34:37 +0000 Subject: [PATCH 473/815] Set .version-determinate to 3.3.1 --- .version-determinate | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.version-determinate b/.version-determinate index 15a27998172..bea438e9ade 100644 --- a/.version-determinate +++ b/.version-determinate @@ -1 +1 @@ -3.3.0 +3.3.1 From 9156550493929be0e49776a4f478fb8b1ae4ee25 Mon Sep 17 00:00:00 2001 From: Anthony Wang Date: Sat, 12 Apr 2025 19:17:27 -0400 Subject: [PATCH 474/815] Fix typo in string context docs (cherry picked from commit f64b8957c7fcedb5d819c6912a5236a1b5fe8433) --- doc/manual/source/language/string-context.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/manual/source/language/string-context.md b/doc/manual/source/language/string-context.md index 6a3482cfd95..979bbf37197 100644 --- a/doc/manual/source/language/string-context.md +++ b/doc/manual/source/language/string-context.md @@ -115,7 +115,7 @@ It creates an [attribute set] representing the string context, which can be insp ## Clearing string contexts -[`buitins.unsafeDiscardStringContext`](./builtins.md#builtins-unsafeDiscardStringContext) will make a copy of a string, but with an empty string context. +[`builtins.unsafeDiscardStringContext`](./builtins.md#builtins-unsafeDiscardStringContext) will make a copy of a string, but with an empty string context. The returned string can be used in more ways, e.g. by operators that require the string context to be empty. The requirement to explicitly discard the string context in such use cases helps ensure that string context elements are not lost by mistake. The "unsafe" marker is only there to remind that Nix normally guarantees that dependencies are tracked, whereas the returned string has lost them. From e099a5bc678a7bba0b2c99fbe667c08d4a7cc0f7 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 14 Apr 2025 14:29:14 +0200 Subject: [PATCH 475/815] Move the InputCache to EvalState --- src/libcmd/repl.cc | 3 --- src/libexpr/eval.cc | 3 +++ src/libexpr/include/nix/expr/eval.hh | 7 ++++++- src/libexpr/primops/fetchTree.cc | 2 +- src/libfetchers/include/nix/fetchers/input-cache.hh | 2 +- src/libfetchers/input-cache.cc | 5 ++--- src/libflake/flake/flake.cc | 6 +++--- 7 files changed, 16 insertions(+), 12 deletions(-) diff --git a/src/libcmd/repl.cc b/src/libcmd/repl.cc index 3805942cef7..c5a95268b50 100644 --- a/src/libcmd/repl.cc +++ b/src/libcmd/repl.cc @@ -28,7 +28,6 @@ #include "nix/expr/print.hh" #include "nix/util/ref.hh" #include "nix/expr/value.hh" -#include "nix/fetchers/input-cache.hh" #include "nix/util/strings.hh" @@ -459,7 +458,6 @@ ProcessLineResult NixRepl::processLine(std::string line) else if (command == ":l" || command == ":load") { state->resetFileCache(); - fetchers::InputCache::getCache()->clear(); loadFile(arg); } @@ -469,7 +467,6 @@ ProcessLineResult NixRepl::processLine(std::string line) else if (command == ":r" || command == ":reload") { state->resetFileCache(); - fetchers::InputCache::getCache()->clear(); reloadFiles(); } diff --git a/src/libexpr/eval.cc b/src/libexpr/eval.cc index d6e01c028cc..0212162dd2d 100644 --- a/src/libexpr/eval.cc +++ b/src/libexpr/eval.cc @@ -20,6 +20,7 @@ #include "nix/util/url.hh" #include "nix/fetchers/fetch-to-store.hh" #include "nix/fetchers/tarball.hh" +#include "nix/fetchers/input-cache.hh" #include "parser-tab.hh" @@ -290,6 +291,7 @@ EvalState::EvalState( )} , store(store) , buildStore(buildStore ? buildStore : store) + , inputCache(fetchers::InputCache::create()) , debugRepl(nullptr) , debugStop(false) , trylevel(0) @@ -1132,6 +1134,7 @@ void EvalState::resetFileCache() { fileEvalCache.clear(); fileParseCache.clear(); + inputCache->clear(); } diff --git a/src/libexpr/include/nix/expr/eval.hh b/src/libexpr/include/nix/expr/eval.hh index 056fd98d39f..505a7d1e7e1 100644 --- a/src/libexpr/include/nix/expr/eval.hh +++ b/src/libexpr/include/nix/expr/eval.hh @@ -33,7 +33,10 @@ namespace nix { constexpr size_t maxPrimOpArity = 8; class Store; -namespace fetchers { struct Settings; } +namespace fetchers { +struct Settings; +struct InputCache; +} struct EvalSettings; class EvalState; class StorePath; @@ -301,6 +304,8 @@ public: RootValue vImportedDrvToDerivation = nullptr; + ref inputCache; + /** * Debugger */ diff --git a/src/libexpr/primops/fetchTree.cc b/src/libexpr/primops/fetchTree.cc index c5cb70b44a1..5d41d65c11b 100644 --- a/src/libexpr/primops/fetchTree.cc +++ b/src/libexpr/primops/fetchTree.cc @@ -202,7 +202,7 @@ static void fetchTree( throw Error("input '%s' is not allowed to use the '__final' attribute", input.to_string()); } - auto cachedInput = fetchers::InputCache::getCache()->getAccessor(state.store, input, false); + auto cachedInput = state.inputCache->getAccessor(state.store, input, false); auto storePath = StorePath::random(input.getName()); diff --git a/src/libfetchers/include/nix/fetchers/input-cache.hh b/src/libfetchers/include/nix/fetchers/input-cache.hh index 6a71947410b..a7ca34487f2 100644 --- a/src/libfetchers/include/nix/fetchers/input-cache.hh +++ b/src/libfetchers/include/nix/fetchers/input-cache.hh @@ -25,7 +25,7 @@ struct InputCache virtual void clear() = 0; - static ref getCache(); + static ref create(); }; } diff --git a/src/libfetchers/input-cache.cc b/src/libfetchers/input-cache.cc index 6772d67c7f1..716143899ec 100644 --- a/src/libfetchers/input-cache.cc +++ b/src/libfetchers/input-cache.cc @@ -72,10 +72,9 @@ struct InputCacheImpl : InputCache } }; -ref InputCache::getCache() +ref InputCache::create() { - static auto cache = make_ref(); - return cache; + return make_ref(); } } diff --git a/src/libflake/flake/flake.cc b/src/libflake/flake/flake.cc index 34eab755a0b..299a7464090 100644 --- a/src/libflake/flake/flake.cc +++ b/src/libflake/flake/flake.cc @@ -353,7 +353,7 @@ static Flake getFlake( CopyMode copyMode) { // Fetch a lazy tree first. - auto cachedInput = fetchers::InputCache::getCache()->getAccessor(state.store, originalRef.input, useRegistries); + auto cachedInput = state.inputCache->getAccessor(state.store, originalRef.input, useRegistries); auto resolvedRef = FlakeRef(std::move(cachedInput.resolvedInput), originalRef.subdir); auto lockedRef = FlakeRef(std::move(cachedInput.lockedInput), originalRef.subdir); @@ -368,7 +368,7 @@ static Flake getFlake( debug("refetching input '%s' due to self attribute", newLockedRef); // FIXME: need to remove attrs that are invalidated by the changed input attrs, such as 'narHash'. newLockedRef.input.attrs.erase("narHash"); - auto cachedInput2 = fetchers::InputCache::getCache()->getAccessor(state.store, newLockedRef.input, useRegistries); + auto cachedInput2 = state.inputCache->getAccessor(state.store, newLockedRef.input, useRegistries); cachedInput.accessor = cachedInput2.accessor; lockedRef = FlakeRef(std::move(cachedInput2.lockedInput), newLockedRef.subdir); } @@ -734,7 +734,7 @@ LockedFlake lockFlake( if (auto resolvedPath = resolveRelativePath()) { return {*resolvedPath, *input.ref}; } else { - auto cachedInput = fetchers::InputCache::getCache()->getAccessor(state.store, input.ref->input, useRegistries); + auto cachedInput = state.inputCache->getAccessor(state.store, input.ref->input, useRegistries); auto lockedRef = FlakeRef(std::move(cachedInput.lockedInput), input.ref->subdir); From b1a1f4bd2f4113b5b95280072fb3bec6ea77490a Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 14 Apr 2025 15:18:29 +0200 Subject: [PATCH 476/815] Mention BLAKE3 in the Nix 2.27 release notes (cherry picked from commit c0ed07755a409660ca0a4aad40cfe3d1a0ad2162) --- doc/manual/source/release-notes/rl-2.27.md | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/doc/manual/source/release-notes/rl-2.27.md b/doc/manual/source/release-notes/rl-2.27.md index b4918029aa0..3643f747638 100644 --- a/doc/manual/source/release-notes/rl-2.27.md +++ b/doc/manual/source/release-notes/rl-2.27.md @@ -38,6 +38,15 @@ Curl created sockets without setting `FD_CLOEXEC`/`SOCK_CLOEXEC`. This could previously cause connections to remain open forever when using commands like `nix shell`. This change sets the `FD_CLOEXEC` flag using a `CURLOPT_SOCKOPTFUNCTION` callback. +- Add BLAKE3 hash algorithm [#12379](https://github.com/NixOS/nix/pull/12379) + + Nix now supports the BLAKE3 hash algorithm as an experimental feature (`blake3-hashes`): + + ```console + # nix hash file ./file --type blake3 --extra-experimental-features blake3-hashes + blake3-34P4p+iZXcbbyB1i4uoF7eWCGcZHjmaRn6Y7QdynLwU= + ``` + # Contributors This release was made possible by the following 21 contributors: From a603401cddd4db3f19c27a7f3078dcd3e600074e Mon Sep 17 00:00:00 2001 From: Philipp Otterbein Date: Tue, 4 Mar 2025 18:05:33 +0100 Subject: [PATCH 477/815] libstore: curl retry: reset content-encoding and don't use string after move (cherry picked from commit b129fc8237edea8bf2f55816ac90efd15befb216) --- src/libstore/filetransfer.cc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/libstore/filetransfer.cc b/src/libstore/filetransfer.cc index 08c78213914..a917188d92f 100644 --- a/src/libstore/filetransfer.cc +++ b/src/libstore/filetransfer.cc @@ -22,10 +22,8 @@ #include -#include #include #include -#include #include #include #include @@ -525,6 +523,8 @@ struct curlFileTransfer : public FileTransfer warn("%s; retrying from offset %d in %d ms", exc.what(), writtenToSink, ms); else warn("%s; retrying in %d ms", exc.what(), ms); + decompressionSink.reset(); + errorSink.reset(); embargo = std::chrono::steady_clock::now() + std::chrono::milliseconds(ms); fileTransfer.enqueueItem(shared_from_this()); } From 9a969e29cf24c8bc73331df131af691384026a4c Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Mon, 14 Apr 2025 14:09:30 +0200 Subject: [PATCH 478/815] call-flake.nix: refactor: Bring mapAttrs into scope (cherry picked from commit 674375b021ce9e229e575204395357f8d317bef5) --- src/libflake/call-flake.nix | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/src/libflake/call-flake.nix b/src/libflake/call-flake.nix index 1e9e210481d..03a52c87cfb 100644 --- a/src/libflake/call-flake.nix +++ b/src/libflake/call-flake.nix @@ -14,6 +14,7 @@ overrides: fetchTreeFinal: let + inherit (builtins) mapAttrs; lockFile = builtins.fromJSON lockFileStr; @@ -35,7 +36,7 @@ let (resolveInput lockFile.nodes.${nodeName}.inputs.${builtins.head path}) (builtins.tail path); - allNodes = builtins.mapAttrs ( + allNodes = mapAttrs ( key: node: let @@ -60,9 +61,7 @@ let flake = import (outPath + "/flake.nix"); - inputs = builtins.mapAttrs (inputName: inputSpec: allNodes.${resolveInput inputSpec}) ( - node.inputs or { } - ); + inputs = mapAttrs (inputName: inputSpec: allNodes.${resolveInput inputSpec}) (node.inputs or { }); outputs = flake.outputs (inputs // { self = result; }); From 671364748c97a47c7aa5cbef025c752a3c79a788 Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Tue, 15 Apr 2025 09:10:18 +0200 Subject: [PATCH 479/815] call-flake.nix: allNodes.${key} -> allNodes.${key}.result (cherry picked from commit 9de9410f295a3daf5c97ea9fcbdcb0d3c5aafd5d) --- src/libflake/call-flake.nix | 21 +++++++++++++-------- 1 file changed, 13 insertions(+), 8 deletions(-) diff --git a/src/libflake/call-flake.nix b/src/libflake/call-flake.nix index 03a52c87cfb..430dfabddca 100644 --- a/src/libflake/call-flake.nix +++ b/src/libflake/call-flake.nix @@ -48,7 +48,7 @@ let else if node.locked.type == "path" && builtins.substring 0 1 node.locked.path != "/" then parentNode.sourceInfo // { - outPath = parentNode.outPath + ("/" + node.locked.path); + outPath = parentNode.result.outPath + ("/" + node.locked.path); } else # FIXME: remove obsolete node.info. @@ -61,7 +61,9 @@ let flake = import (outPath + "/flake.nix"); - inputs = mapAttrs (inputName: inputSpec: allNodes.${resolveInput inputSpec}) (node.inputs or { }); + inputs = mapAttrs (inputName: inputSpec: allNodes.${resolveInput inputSpec}.result) ( + node.inputs or { } + ); outputs = flake.outputs (inputs // { self = result; }); @@ -84,12 +86,15 @@ let }; in - if node.flake or true then - assert builtins.isFunction flake.outputs; - result - else - sourceInfo + { + result = + if node.flake or true then + assert builtins.isFunction flake.outputs; + result + else + sourceInfo; + } ) lockFile.nodes; in -allNodes.${lockFile.root} +allNodes.${lockFile.root}.result From 818fc68db687ce3bc769760629967eb340ed931d Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Tue, 15 Apr 2025 09:28:23 +0200 Subject: [PATCH 480/815] fix: Evaluate flake parent source without evaluating its outputs This requires that we refer to the `sourceInfo` instead of the `result`. However, `sourceInfo` does not create a chain of basedir resolution, so we add that back with `flakeDir`. (cherry picked from commit 2109a5a2066d0d49a1bcc5b44b2a4d84b5d313bd) --- src/libflake/call-flake.nix | 11 ++++++++++- tests/functional/flakes/relative-paths.sh | 21 +++++++++++++++++++++ 2 files changed, 31 insertions(+), 1 deletion(-) diff --git a/src/libflake/call-flake.nix b/src/libflake/call-flake.nix index 430dfabddca..fe326291f1f 100644 --- a/src/libflake/call-flake.nix +++ b/src/libflake/call-flake.nix @@ -42,13 +42,20 @@ let parentNode = allNodes.${getInputByPath lockFile.root node.parent}; + flakeDir = + let + dir = overrides.${key}.dir or node.locked.path or ""; + parentDir = parentNode.flakeDir; + in + if node ? parent then parentDir + ("/" + dir) else dir; + sourceInfo = if overrides ? ${key} then overrides.${key}.sourceInfo else if node.locked.type == "path" && builtins.substring 0 1 node.locked.path != "/" then parentNode.sourceInfo // { - outPath = parentNode.result.outPath + ("/" + node.locked.path); + outPath = parentNode.sourceInfo.outPath + ("/" + flakeDir); } else # FIXME: remove obsolete node.info. @@ -93,6 +100,8 @@ let result else sourceInfo; + + inherit flakeDir sourceInfo; } ) lockFile.nodes; diff --git a/tests/functional/flakes/relative-paths.sh b/tests/functional/flakes/relative-paths.sh index 3f7ca3f4618..4648ba98c63 100644 --- a/tests/functional/flakes/relative-paths.sh +++ b/tests/functional/flakes/relative-paths.sh @@ -108,3 +108,24 @@ EOF [[ $(nix eval "$rootFlake#z") = 90 ]] fi + +# https://github.com/NixOS/nix/pull/10089#discussion_r2041984987 +# https://github.com/NixOS/nix/issues/13018 +mkdir -p "$TEST_ROOT/issue-13018/example" +( + cd "$TEST_ROOT/issue-13018" + git init + echo '{ outputs = _: { }; }' >flake.nix + cat >example/flake.nix < Date: Mon, 14 Apr 2025 11:18:33 -0400 Subject: [PATCH 481/815] Use the same variable for content addressing in functional tests `CONTENT_ADDRESSED` -> `NIX_TESTS_CA_BY_DEFAULT` (cherry picked from commit 7acc229c8fd5c41c460a5b7aa28debf168cbce3d) --- tests/functional/build-remote-content-addressed-floating.sh | 2 +- tests/functional/build-remote.sh | 2 +- tests/functional/ca/nix-shell.sh | 2 +- tests/functional/nix-shell.sh | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/tests/functional/build-remote-content-addressed-floating.sh b/tests/functional/build-remote-content-addressed-floating.sh index 33d667f9211..37091590573 100755 --- a/tests/functional/build-remote-content-addressed-floating.sh +++ b/tests/functional/build-remote-content-addressed-floating.sh @@ -6,6 +6,6 @@ file=build-hook-ca-floating.nix enableFeatures "ca-derivations" -CONTENT_ADDRESSED=true +NIX_TESTS_CA_BY_DEFAULT=true source build-remote.sh diff --git a/tests/functional/build-remote.sh b/tests/functional/build-remote.sh index 3231341cbf6..62cc8588840 100644 --- a/tests/functional/build-remote.sh +++ b/tests/functional/build-remote.sh @@ -13,7 +13,7 @@ unset NIX_STATE_DIR function join_by { local d=$1; shift; echo -n "$1"; shift; printf "%s" "${@/#/$d}"; } EXTRA_SYSTEM_FEATURES=() -if [[ -n "${CONTENT_ADDRESSED-}" ]]; then +if [[ -n "${NIX_TESTS_CA_BY_DEFAULT-}" ]]; then EXTRA_SYSTEM_FEATURES=("ca-derivations") fi diff --git a/tests/functional/ca/nix-shell.sh b/tests/functional/ca/nix-shell.sh index d1fbe54d19d..7b30b2ac858 100755 --- a/tests/functional/ca/nix-shell.sh +++ b/tests/functional/ca/nix-shell.sh @@ -2,6 +2,6 @@ source common.sh -CONTENT_ADDRESSED=true +NIX_TESTS_CA_BY_DEFAULT=true cd .. source ./nix-shell.sh diff --git a/tests/functional/nix-shell.sh b/tests/functional/nix-shell.sh index b054b7f7519..bc49333b505 100755 --- a/tests/functional/nix-shell.sh +++ b/tests/functional/nix-shell.sh @@ -4,7 +4,7 @@ source common.sh clearStoreIfPossible -if [[ -n ${CONTENT_ADDRESSED:-} ]]; then +if [[ -n ${NIX_TESTS_CA_BY_DEFAULT:-} ]]; then shellDotNix="$PWD/ca-shell.nix" else shellDotNix="$PWD/shell.nix" From f19184191eecaa5e02090ac07260245dffabb472 Mon Sep 17 00:00:00 2001 From: John Ericson Date: Mon, 14 Apr 2025 11:15:56 -0400 Subject: [PATCH 482/815] Test derivation options with content-addressing too Now, both the unit and functional tests relating to derivation options are tested both ways -- with input addressing and content-addressing derivations. (cherry picked from commit 307dbe991415404b12992d6bd73bd293f0b743e1) --- .../advanced-attributes-defaults.drv | 1 - ...d-attributes-structured-attrs-defaults.drv | 1 - .../advanced-attributes-structured-attrs.drv | 1 - .../data/derivation/advanced-attributes.drv | 1 - .../ca/advanced-attributes-defaults.drv | 1 + .../ca/advanced-attributes-defaults.json | 25 ++ ...d-attributes-structured-attrs-defaults.drv | 1 + ...-attributes-structured-attrs-defaults.json | 26 ++ .../advanced-attributes-structured-attrs.drv | 1 + .../advanced-attributes-structured-attrs.json | 44 +++ .../derivation/ca/advanced-attributes.drv | 1 + .../derivation/ca/advanced-attributes.json | 50 +++ .../ia/advanced-attributes-defaults.drv | 1 + .../advanced-attributes-defaults.json | 0 ...d-attributes-structured-attrs-defaults.drv | 1 + ...-attributes-structured-attrs-defaults.json | 0 .../advanced-attributes-structured-attrs.drv | 1 + .../advanced-attributes-structured-attrs.json | 0 .../derivation/ia/advanced-attributes.drv | 1 + .../derivation/ia/advanced-attributes.json | 47 +++ .../derivation-advanced-attrs.cc | 333 ++++++++++++++---- src/libstore/derivations.cc | 2 +- .../ca/derivation-advanced-attributes.sh | 6 + tests/functional/ca/meson.build | 3 +- .../derivation-advanced-attributes.sh | 12 +- .../advanced-attributes-defaults.nix | 22 +- ...d-attributes-structured-attrs-defaults.nix | 22 +- .../advanced-attributes-structured-attrs.nix | 23 +- .../derivation/advanced-attributes.nix | 23 +- .../ca/advanced-attributes-defaults.drv | 1 + ...d-attributes-structured-attrs-defaults.drv | 1 + .../advanced-attributes-structured-attrs.drv | 1 + .../derivation/ca/advanced-attributes.drv | 1 + .../{ => ia}/advanced-attributes-defaults.drv | 0 ...d-attributes-structured-attrs-defaults.drv | 0 .../advanced-attributes-structured-attrs.drv | 0 .../{ => ia}/advanced-attributes.drv | 0 37 files changed, 560 insertions(+), 94 deletions(-) delete mode 120000 src/libstore-tests/data/derivation/advanced-attributes-defaults.drv delete mode 120000 src/libstore-tests/data/derivation/advanced-attributes-structured-attrs-defaults.drv delete mode 120000 src/libstore-tests/data/derivation/advanced-attributes-structured-attrs.drv delete mode 120000 src/libstore-tests/data/derivation/advanced-attributes.drv create mode 120000 src/libstore-tests/data/derivation/ca/advanced-attributes-defaults.drv create mode 100644 src/libstore-tests/data/derivation/ca/advanced-attributes-defaults.json create mode 120000 src/libstore-tests/data/derivation/ca/advanced-attributes-structured-attrs-defaults.drv create mode 100644 src/libstore-tests/data/derivation/ca/advanced-attributes-structured-attrs-defaults.json create mode 120000 src/libstore-tests/data/derivation/ca/advanced-attributes-structured-attrs.drv create mode 100644 src/libstore-tests/data/derivation/ca/advanced-attributes-structured-attrs.json create mode 120000 src/libstore-tests/data/derivation/ca/advanced-attributes.drv create mode 100644 src/libstore-tests/data/derivation/ca/advanced-attributes.json create mode 120000 src/libstore-tests/data/derivation/ia/advanced-attributes-defaults.drv rename src/libstore-tests/data/derivation/{ => ia}/advanced-attributes-defaults.json (100%) create mode 120000 src/libstore-tests/data/derivation/ia/advanced-attributes-structured-attrs-defaults.drv rename src/libstore-tests/data/derivation/{ => ia}/advanced-attributes-structured-attrs-defaults.json (100%) create mode 120000 src/libstore-tests/data/derivation/ia/advanced-attributes-structured-attrs.drv rename src/libstore-tests/data/derivation/{ => ia}/advanced-attributes-structured-attrs.json (100%) create mode 120000 src/libstore-tests/data/derivation/ia/advanced-attributes.drv create mode 100644 src/libstore-tests/data/derivation/ia/advanced-attributes.json create mode 100755 tests/functional/ca/derivation-advanced-attributes.sh create mode 100644 tests/functional/derivation/ca/advanced-attributes-defaults.drv create mode 100644 tests/functional/derivation/ca/advanced-attributes-structured-attrs-defaults.drv create mode 100644 tests/functional/derivation/ca/advanced-attributes-structured-attrs.drv create mode 100644 tests/functional/derivation/ca/advanced-attributes.drv rename tests/functional/derivation/{ => ia}/advanced-attributes-defaults.drv (100%) rename tests/functional/derivation/{ => ia}/advanced-attributes-structured-attrs-defaults.drv (100%) rename tests/functional/derivation/{ => ia}/advanced-attributes-structured-attrs.drv (100%) rename tests/functional/derivation/{ => ia}/advanced-attributes.drv (100%) diff --git a/src/libstore-tests/data/derivation/advanced-attributes-defaults.drv b/src/libstore-tests/data/derivation/advanced-attributes-defaults.drv deleted file mode 120000 index f8f30ac321c..00000000000 --- a/src/libstore-tests/data/derivation/advanced-attributes-defaults.drv +++ /dev/null @@ -1 +0,0 @@ -../../../../tests/functional/derivation/advanced-attributes-defaults.drv \ No newline at end of file diff --git a/src/libstore-tests/data/derivation/advanced-attributes-structured-attrs-defaults.drv b/src/libstore-tests/data/derivation/advanced-attributes-structured-attrs-defaults.drv deleted file mode 120000 index 837e9a0e437..00000000000 --- a/src/libstore-tests/data/derivation/advanced-attributes-structured-attrs-defaults.drv +++ /dev/null @@ -1 +0,0 @@ -../../../../tests/functional/derivation/advanced-attributes-structured-attrs-defaults.drv \ No newline at end of file diff --git a/src/libstore-tests/data/derivation/advanced-attributes-structured-attrs.drv b/src/libstore-tests/data/derivation/advanced-attributes-structured-attrs.drv deleted file mode 120000 index e08bb573791..00000000000 --- a/src/libstore-tests/data/derivation/advanced-attributes-structured-attrs.drv +++ /dev/null @@ -1 +0,0 @@ -../../../../tests/functional/derivation/advanced-attributes-structured-attrs.drv \ No newline at end of file diff --git a/src/libstore-tests/data/derivation/advanced-attributes.drv b/src/libstore-tests/data/derivation/advanced-attributes.drv deleted file mode 120000 index 1dc394a0a4f..00000000000 --- a/src/libstore-tests/data/derivation/advanced-attributes.drv +++ /dev/null @@ -1 +0,0 @@ -../../../../tests/functional/derivation/advanced-attributes.drv \ No newline at end of file diff --git a/src/libstore-tests/data/derivation/ca/advanced-attributes-defaults.drv b/src/libstore-tests/data/derivation/ca/advanced-attributes-defaults.drv new file mode 120000 index 00000000000..a9b4f7fa745 --- /dev/null +++ b/src/libstore-tests/data/derivation/ca/advanced-attributes-defaults.drv @@ -0,0 +1 @@ +../../../../../tests/functional/derivation/ca/advanced-attributes-defaults.drv \ No newline at end of file diff --git a/src/libstore-tests/data/derivation/ca/advanced-attributes-defaults.json b/src/libstore-tests/data/derivation/ca/advanced-attributes-defaults.json new file mode 100644 index 00000000000..bc67236b54f --- /dev/null +++ b/src/libstore-tests/data/derivation/ca/advanced-attributes-defaults.json @@ -0,0 +1,25 @@ +{ + "args": [ + "-c", + "echo hello > $out" + ], + "builder": "/bin/bash", + "env": { + "builder": "/bin/bash", + "name": "advanced-attributes-defaults", + "out": "/1rz4g4znpzjwh1xymhjpm42vipw92pr73vdgl6xs1hycac8kf2n9", + "outputHashAlgo": "sha256", + "outputHashMode": "recursive", + "system": "my-system" + }, + "inputDrvs": {}, + "inputSrcs": [], + "name": "advanced-attributes-defaults", + "outputs": { + "out": { + "hashAlgo": "sha256", + "method": "nar" + } + }, + "system": "my-system" +} diff --git a/src/libstore-tests/data/derivation/ca/advanced-attributes-structured-attrs-defaults.drv b/src/libstore-tests/data/derivation/ca/advanced-attributes-structured-attrs-defaults.drv new file mode 120000 index 00000000000..61da0470a77 --- /dev/null +++ b/src/libstore-tests/data/derivation/ca/advanced-attributes-structured-attrs-defaults.drv @@ -0,0 +1 @@ +../../../../../tests/functional/derivation/ca/advanced-attributes-structured-attrs-defaults.drv \ No newline at end of file diff --git a/src/libstore-tests/data/derivation/ca/advanced-attributes-structured-attrs-defaults.json b/src/libstore-tests/data/derivation/ca/advanced-attributes-structured-attrs-defaults.json new file mode 100644 index 00000000000..7d3c932b213 --- /dev/null +++ b/src/libstore-tests/data/derivation/ca/advanced-attributes-structured-attrs-defaults.json @@ -0,0 +1,26 @@ +{ + "args": [ + "-c", + "echo hello > $out" + ], + "builder": "/bin/bash", + "env": { + "__json": "{\"builder\":\"/bin/bash\",\"name\":\"advanced-attributes-structured-attrs-defaults\",\"outputHashAlgo\":\"sha256\",\"outputHashMode\":\"recursive\",\"outputs\":[\"out\",\"dev\"],\"system\":\"my-system\"}", + "dev": "/02qcpld1y6xhs5gz9bchpxaw0xdhmsp5dv88lh25r2ss44kh8dxz", + "out": "/1rz4g4znpzjwh1xymhjpm42vipw92pr73vdgl6xs1hycac8kf2n9" + }, + "inputDrvs": {}, + "inputSrcs": [], + "name": "advanced-attributes-structured-attrs-defaults", + "outputs": { + "dev": { + "hashAlgo": "sha256", + "method": "nar" + }, + "out": { + "hashAlgo": "sha256", + "method": "nar" + } + }, + "system": "my-system" +} diff --git a/src/libstore-tests/data/derivation/ca/advanced-attributes-structured-attrs.drv b/src/libstore-tests/data/derivation/ca/advanced-attributes-structured-attrs.drv new file mode 120000 index 00000000000..c396ee85363 --- /dev/null +++ b/src/libstore-tests/data/derivation/ca/advanced-attributes-structured-attrs.drv @@ -0,0 +1 @@ +../../../../../tests/functional/derivation/ca/advanced-attributes-structured-attrs.drv \ No newline at end of file diff --git a/src/libstore-tests/data/derivation/ca/advanced-attributes-structured-attrs.json b/src/libstore-tests/data/derivation/ca/advanced-attributes-structured-attrs.json new file mode 100644 index 00000000000..584fd211385 --- /dev/null +++ b/src/libstore-tests/data/derivation/ca/advanced-attributes-structured-attrs.json @@ -0,0 +1,44 @@ +{ + "args": [ + "-c", + "echo hello > $out" + ], + "builder": "/bin/bash", + "env": { + "__json": "{\"__darwinAllowLocalNetworking\":true,\"__impureHostDeps\":[\"/usr/bin/ditto\"],\"__noChroot\":true,\"__sandboxProfile\":\"sandcastle\",\"allowSubstitutes\":false,\"builder\":\"/bin/bash\",\"impureEnvVars\":[\"UNICORN\"],\"name\":\"advanced-attributes-structured-attrs\",\"outputChecks\":{\"bin\":{\"disallowedReferences\":[\"/05pdic30acaypbz73ivw4wlsi9whq08jxsimml2h0inwqya2hn99\"],\"disallowedRequisites\":[\"/05pdic30acaypbz73ivw4wlsi9whq08jxsimml2h0inwqya2hn99\"]},\"dev\":{\"maxClosureSize\":5909,\"maxSize\":789},\"out\":{\"allowedReferences\":[\"/08cr1k2yfw44g21w1h850285vqhsciy7y3siqjdzz1m9yvwlqfm8\"],\"allowedRequisites\":[\"/08cr1k2yfw44g21w1h850285vqhsciy7y3siqjdzz1m9yvwlqfm8\"]}},\"outputHashAlgo\":\"sha256\",\"outputHashMode\":\"recursive\",\"outputs\":[\"out\",\"bin\",\"dev\"],\"preferLocalBuild\":true,\"requiredSystemFeatures\":[\"rainbow\",\"uid-range\"],\"system\":\"my-system\"}", + "bin": "/04f3da1kmbr67m3gzxikmsl4vjz5zf777sv6m14ahv22r65aac9m", + "dev": "/02qcpld1y6xhs5gz9bchpxaw0xdhmsp5dv88lh25r2ss44kh8dxz", + "out": "/1rz4g4znpzjwh1xymhjpm42vipw92pr73vdgl6xs1hycac8kf2n9" + }, + "inputDrvs": { + "/nix/store/spfzlnkwb1v8s62yvh8vj1apd1kwjr5f-foo.drv": { + "dynamicOutputs": {}, + "outputs": [ + "out" + ] + }, + "/nix/store/x1vpzav565aqr7ccmkn0wv0svkm1qrbl-bar.drv": { + "dynamicOutputs": {}, + "outputs": [ + "out" + ] + } + }, + "inputSrcs": [], + "name": "advanced-attributes-structured-attrs", + "outputs": { + "bin": { + "hashAlgo": "sha256", + "method": "nar" + }, + "dev": { + "hashAlgo": "sha256", + "method": "nar" + }, + "out": { + "hashAlgo": "sha256", + "method": "nar" + } + }, + "system": "my-system" +} diff --git a/src/libstore-tests/data/derivation/ca/advanced-attributes.drv b/src/libstore-tests/data/derivation/ca/advanced-attributes.drv new file mode 120000 index 00000000000..acba9064d10 --- /dev/null +++ b/src/libstore-tests/data/derivation/ca/advanced-attributes.drv @@ -0,0 +1 @@ +../../../../../tests/functional/derivation/ca/advanced-attributes.drv \ No newline at end of file diff --git a/src/libstore-tests/data/derivation/ca/advanced-attributes.json b/src/libstore-tests/data/derivation/ca/advanced-attributes.json new file mode 100644 index 00000000000..69d40b135a6 --- /dev/null +++ b/src/libstore-tests/data/derivation/ca/advanced-attributes.json @@ -0,0 +1,50 @@ +{ + "args": [ + "-c", + "echo hello > $out" + ], + "builder": "/bin/bash", + "env": { + "__darwinAllowLocalNetworking": "1", + "__impureHostDeps": "/usr/bin/ditto", + "__noChroot": "1", + "__sandboxProfile": "sandcastle", + "allowSubstitutes": "", + "allowedReferences": "/08cr1k2yfw44g21w1h850285vqhsciy7y3siqjdzz1m9yvwlqfm8", + "allowedRequisites": "/08cr1k2yfw44g21w1h850285vqhsciy7y3siqjdzz1m9yvwlqfm8", + "builder": "/bin/bash", + "disallowedReferences": "/05pdic30acaypbz73ivw4wlsi9whq08jxsimml2h0inwqya2hn99", + "disallowedRequisites": "/05pdic30acaypbz73ivw4wlsi9whq08jxsimml2h0inwqya2hn99", + "impureEnvVars": "UNICORN", + "name": "advanced-attributes", + "out": "/1rz4g4znpzjwh1xymhjpm42vipw92pr73vdgl6xs1hycac8kf2n9", + "outputHashAlgo": "sha256", + "outputHashMode": "recursive", + "preferLocalBuild": "1", + "requiredSystemFeatures": "rainbow uid-range", + "system": "my-system" + }, + "inputDrvs": { + "/nix/store/spfzlnkwb1v8s62yvh8vj1apd1kwjr5f-foo.drv": { + "dynamicOutputs": {}, + "outputs": [ + "out" + ] + }, + "/nix/store/x1vpzav565aqr7ccmkn0wv0svkm1qrbl-bar.drv": { + "dynamicOutputs": {}, + "outputs": [ + "out" + ] + } + }, + "inputSrcs": [], + "name": "advanced-attributes", + "outputs": { + "out": { + "hashAlgo": "sha256", + "method": "nar" + } + }, + "system": "my-system" +} diff --git a/src/libstore-tests/data/derivation/ia/advanced-attributes-defaults.drv b/src/libstore-tests/data/derivation/ia/advanced-attributes-defaults.drv new file mode 120000 index 00000000000..7f1aa367ed2 --- /dev/null +++ b/src/libstore-tests/data/derivation/ia/advanced-attributes-defaults.drv @@ -0,0 +1 @@ +../../../../../tests/functional/derivation/ia/advanced-attributes-defaults.drv \ No newline at end of file diff --git a/src/libstore-tests/data/derivation/advanced-attributes-defaults.json b/src/libstore-tests/data/derivation/ia/advanced-attributes-defaults.json similarity index 100% rename from src/libstore-tests/data/derivation/advanced-attributes-defaults.json rename to src/libstore-tests/data/derivation/ia/advanced-attributes-defaults.json diff --git a/src/libstore-tests/data/derivation/ia/advanced-attributes-structured-attrs-defaults.drv b/src/libstore-tests/data/derivation/ia/advanced-attributes-structured-attrs-defaults.drv new file mode 120000 index 00000000000..77aa67353a3 --- /dev/null +++ b/src/libstore-tests/data/derivation/ia/advanced-attributes-structured-attrs-defaults.drv @@ -0,0 +1 @@ +../../../../../tests/functional/derivation/ia/advanced-attributes-structured-attrs-defaults.drv \ No newline at end of file diff --git a/src/libstore-tests/data/derivation/advanced-attributes-structured-attrs-defaults.json b/src/libstore-tests/data/derivation/ia/advanced-attributes-structured-attrs-defaults.json similarity index 100% rename from src/libstore-tests/data/derivation/advanced-attributes-structured-attrs-defaults.json rename to src/libstore-tests/data/derivation/ia/advanced-attributes-structured-attrs-defaults.json diff --git a/src/libstore-tests/data/derivation/ia/advanced-attributes-structured-attrs.drv b/src/libstore-tests/data/derivation/ia/advanced-attributes-structured-attrs.drv new file mode 120000 index 00000000000..a4e25feba34 --- /dev/null +++ b/src/libstore-tests/data/derivation/ia/advanced-attributes-structured-attrs.drv @@ -0,0 +1 @@ +../../../../../tests/functional/derivation/ia/advanced-attributes-structured-attrs.drv \ No newline at end of file diff --git a/src/libstore-tests/data/derivation/advanced-attributes-structured-attrs.json b/src/libstore-tests/data/derivation/ia/advanced-attributes-structured-attrs.json similarity index 100% rename from src/libstore-tests/data/derivation/advanced-attributes-structured-attrs.json rename to src/libstore-tests/data/derivation/ia/advanced-attributes-structured-attrs.json diff --git a/src/libstore-tests/data/derivation/ia/advanced-attributes.drv b/src/libstore-tests/data/derivation/ia/advanced-attributes.drv new file mode 120000 index 00000000000..ecc2f5f3822 --- /dev/null +++ b/src/libstore-tests/data/derivation/ia/advanced-attributes.drv @@ -0,0 +1 @@ +../../../../../tests/functional/derivation/ia/advanced-attributes.drv \ No newline at end of file diff --git a/src/libstore-tests/data/derivation/ia/advanced-attributes.json b/src/libstore-tests/data/derivation/ia/advanced-attributes.json new file mode 100644 index 00000000000..d51524e2056 --- /dev/null +++ b/src/libstore-tests/data/derivation/ia/advanced-attributes.json @@ -0,0 +1,47 @@ +{ + "args": [ + "-c", + "echo hello > $out" + ], + "builder": "/bin/bash", + "env": { + "__darwinAllowLocalNetworking": "1", + "__impureHostDeps": "/usr/bin/ditto", + "__noChroot": "1", + "__sandboxProfile": "sandcastle", + "allowSubstitutes": "", + "allowedReferences": "/nix/store/3c08bzb71z4wiag719ipjxr277653ynp-foo", + "allowedRequisites": "/nix/store/3c08bzb71z4wiag719ipjxr277653ynp-foo", + "builder": "/bin/bash", + "disallowedReferences": "/nix/store/7rhsm8i393hm1wcsmph782awg1hi2f7x-bar", + "disallowedRequisites": "/nix/store/7rhsm8i393hm1wcsmph782awg1hi2f7x-bar", + "impureEnvVars": "UNICORN", + "name": "advanced-attributes", + "out": "/nix/store/33a6fdmn8q9ih9d7npbnrxn2q56a4l8q-advanced-attributes", + "preferLocalBuild": "1", + "requiredSystemFeatures": "rainbow uid-range", + "system": "my-system" + }, + "inputDrvs": { + "/nix/store/4xm4wccqsvagz9gjksn24s7rip2fdy7v-foo.drv": { + "dynamicOutputs": {}, + "outputs": [ + "out" + ] + }, + "/nix/store/plsq5jbr5nhgqwcgb2qxw7jchc09dnl8-bar.drv": { + "dynamicOutputs": {}, + "outputs": [ + "out" + ] + } + }, + "inputSrcs": [], + "name": "advanced-attributes", + "outputs": { + "out": { + "path": "/nix/store/33a6fdmn8q9ih9d7npbnrxn2q56a4l8q-advanced-attributes" + } + }, + "system": "my-system" +} diff --git a/src/libstore-tests/derivation-advanced-attrs.cc b/src/libstore-tests/derivation-advanced-attrs.cc index 57b2268262f..e135b8106d2 100644 --- a/src/libstore-tests/derivation-advanced-attrs.cc +++ b/src/libstore-tests/derivation-advanced-attrs.cc @@ -18,68 +18,93 @@ using nlohmann::json; class DerivationAdvancedAttrsTest : public CharacterizationTest, public LibStoreTest { - std::filesystem::path unitTestData = getUnitTestData() / "derivation"; +protected: + std::filesystem::path unitTestData = getUnitTestData() / "derivation" / "ia"; public: std::filesystem::path goldenMaster(std::string_view testStem) const override { return unitTestData / testStem; } + + /** + * We set these in tests rather than the regular globals so we don't have + * to worry about race conditions if the tests run concurrently. + */ + ExperimentalFeatureSettings mockXpSettings; +}; + +class CaDerivationAdvancedAttrsTest : public DerivationAdvancedAttrsTest +{ + void SetUp() override + { + unitTestData = getUnitTestData() / "derivation" / "ca"; + mockXpSettings.set("experimental-features", "ca-derivations"); + } }; -#define TEST_ATERM_JSON(STEM, NAME) \ - TEST_F(DerivationAdvancedAttrsTest, Derivation_##STEM##_from_json) \ - { \ - readTest(NAME ".json", [&](const auto & encoded_) { \ - auto encoded = json::parse(encoded_); \ - /* Use DRV file instead of C++ literal as source of truth. */ \ - auto aterm = readFile(goldenMaster(NAME ".drv")); \ - auto expected = parseDerivation(*store, std::move(aterm), NAME); \ - Derivation got = Derivation::fromJSON(*store, encoded); \ - EXPECT_EQ(got, expected); \ - }); \ - } \ - \ - TEST_F(DerivationAdvancedAttrsTest, Derivation_##STEM##_to_json) \ - { \ - writeTest( \ - NAME ".json", \ - [&]() -> json { \ - /* Use DRV file instead of C++ literal as source of truth. */ \ - auto aterm = readFile(goldenMaster(NAME ".drv")); \ - return parseDerivation(*store, std::move(aterm), NAME).toJSON(*store); \ - }, \ - [](const auto & file) { return json::parse(readFile(file)); }, \ - [](const auto & file, const auto & got) { return writeFile(file, got.dump(2) + "\n"); }); \ - } \ - \ - TEST_F(DerivationAdvancedAttrsTest, Derivation_##STEM##_from_aterm) \ - { \ - readTest(NAME ".drv", [&](auto encoded) { \ - /* Use JSON file instead of C++ literal as source of truth. */ \ - auto json = json::parse(readFile(goldenMaster(NAME ".json"))); \ - auto expected = Derivation::fromJSON(*store, json); \ - auto got = parseDerivation(*store, std::move(encoded), NAME); \ - EXPECT_EQ(got.toJSON(*store), expected.toJSON(*store)); \ - EXPECT_EQ(got, expected); \ - }); \ - } \ - \ +template +class DerivationAdvancedAttrsBothTest : public Fixture +{}; + +using BothFixtures = ::testing::Types; + +TYPED_TEST_SUITE(DerivationAdvancedAttrsBothTest, BothFixtures); + +#define TEST_ATERM_JSON(STEM, NAME) \ + TYPED_TEST(DerivationAdvancedAttrsBothTest, Derivation_##STEM##_from_json) \ + { \ + this->readTest(NAME ".json", [&](const auto & encoded_) { \ + auto encoded = json::parse(encoded_); \ + /* Use DRV file instead of C++ literal as source of truth. */ \ + auto aterm = readFile(this->goldenMaster(NAME ".drv")); \ + auto expected = parseDerivation(*this->store, std::move(aterm), NAME, this->mockXpSettings); \ + Derivation got = Derivation::fromJSON(*this->store, encoded, this->mockXpSettings); \ + EXPECT_EQ(got, expected); \ + }); \ + } \ + \ + TYPED_TEST(DerivationAdvancedAttrsBothTest, Derivation_##STEM##_to_json) \ + { \ + this->writeTest( \ + NAME ".json", \ + [&]() -> json { \ + /* Use DRV file instead of C++ literal as source of truth. */ \ + auto aterm = readFile(this->goldenMaster(NAME ".drv")); \ + return parseDerivation(*this->store, std::move(aterm), NAME, this->mockXpSettings) \ + .toJSON(*this->store); \ + }, \ + [](const auto & file) { return json::parse(readFile(file)); }, \ + [](const auto & file, const auto & got) { return writeFile(file, got.dump(2) + "\n"); }); \ + } \ + \ + TYPED_TEST(DerivationAdvancedAttrsBothTest, Derivation_##STEM##_from_aterm) \ + { \ + this->readTest(NAME ".drv", [&](auto encoded) { \ + /* Use JSON file instead of C++ literal as source of truth. */ \ + auto json = json::parse(readFile(this->goldenMaster(NAME ".json"))); \ + auto expected = Derivation::fromJSON(*this->store, json, this->mockXpSettings); \ + auto got = parseDerivation(*this->store, std::move(encoded), NAME, this->mockXpSettings); \ + EXPECT_EQ(got.toJSON(*this->store), expected.toJSON(*this->store)); \ + EXPECT_EQ(got, expected); \ + }); \ + } \ + \ /* No corresponding write test, because we need to read the drv to write the json file */ -TEST_ATERM_JSON(advancedAttributes_defaults, "advanced-attributes-defaults"); TEST_ATERM_JSON(advancedAttributes, "advanced-attributes-defaults"); -TEST_ATERM_JSON(advancedAttributes_structuredAttrs_defaults, "advanced-attributes-structured-attrs"); +TEST_ATERM_JSON(advancedAttributes_defaults, "advanced-attributes"); TEST_ATERM_JSON(advancedAttributes_structuredAttrs, "advanced-attributes-structured-attrs-defaults"); +TEST_ATERM_JSON(advancedAttributes_structuredAttrs_defaults, "advanced-attributes-structured-attrs"); #undef TEST_ATERM_JSON -TEST_F(DerivationAdvancedAttrsTest, Derivation_advancedAttributes_defaults) +TYPED_TEST(DerivationAdvancedAttrsBothTest, advancedAttributes_defaults) { - readTest("advanced-attributes-defaults.drv", [&](auto encoded) { - auto got = parseDerivation(*store, std::move(encoded), "foo"); + this->readTest("advanced-attributes-defaults.drv", [&](auto encoded) { + auto got = parseDerivation(*this->store, std::move(encoded), "foo", this->mockXpSettings); - auto drvPath = writeDerivation(*store, got, NoRepair, true); + auto drvPath = writeDerivation(*this->store, got, NoRepair, true); ParsedDerivation parsedDrv(drvPath, got); DerivationOptions options = DerivationOptions::fromParsedDerivation(parsedDrv); @@ -101,25 +126,50 @@ TEST_F(DerivationAdvancedAttrsTest, Derivation_advancedAttributes_defaults) EXPECT_EQ(checksForAllOutputs.disallowedReferences, StringSet{}); EXPECT_EQ(checksForAllOutputs.disallowedRequisites, StringSet{}); } - EXPECT_EQ(options.getRequiredSystemFeatures(got), StringSet()); - EXPECT_EQ(options.canBuildLocally(*store, got), false); - EXPECT_EQ(options.willBuildLocally(*store, got), false); + EXPECT_EQ(options.canBuildLocally(*this->store, got), false); + EXPECT_EQ(options.willBuildLocally(*this->store, got), false); EXPECT_EQ(options.substitutesAllowed(), true); EXPECT_EQ(options.useUidRange(got), false); }); }; -TEST_F(DerivationAdvancedAttrsTest, Derivation_advancedAttributes) +TEST_F(DerivationAdvancedAttrsTest, advancedAttributes_defaults) { - readTest("advanced-attributes.drv", [&](auto encoded) { - auto got = parseDerivation(*store, std::move(encoded), "foo"); + this->readTest("advanced-attributes-defaults.drv", [&](auto encoded) { + auto got = parseDerivation(*this->store, std::move(encoded), "foo", this->mockXpSettings); - auto drvPath = writeDerivation(*store, got, NoRepair, true); + auto drvPath = writeDerivation(*this->store, got, NoRepair, true); ParsedDerivation parsedDrv(drvPath, got); DerivationOptions options = DerivationOptions::fromParsedDerivation(parsedDrv); - StringSet systemFeatures{"rainbow", "uid-range"}; + EXPECT_EQ(options.getRequiredSystemFeatures(got), StringSet{}); + }); +}; + +TEST_F(CaDerivationAdvancedAttrsTest, advancedAttributes_defaults) +{ + this->readTest("advanced-attributes-defaults.drv", [&](auto encoded) { + auto got = parseDerivation(*this->store, std::move(encoded), "foo", this->mockXpSettings); + + auto drvPath = writeDerivation(*this->store, got, NoRepair, true); + + ParsedDerivation parsedDrv(drvPath, got); + DerivationOptions options = DerivationOptions::fromParsedDerivation(parsedDrv); + + EXPECT_EQ(options.getRequiredSystemFeatures(got), StringSet{"ca-derivations"}); + }); +}; + +TYPED_TEST(DerivationAdvancedAttrsBothTest, advancedAttributes) +{ + this->readTest("advanced-attributes.drv", [&](auto encoded) { + auto got = parseDerivation(*this->store, std::move(encoded), "foo", this->mockXpSettings); + + auto drvPath = writeDerivation(*this->store, got, NoRepair, true); + + ParsedDerivation parsedDrv(drvPath, got); + DerivationOptions options = DerivationOptions::fromParsedDerivation(parsedDrv); EXPECT_TRUE(!parsedDrv.hasStructuredAttrs()); @@ -128,6 +178,23 @@ TEST_F(DerivationAdvancedAttrsTest, Derivation_advancedAttributes) EXPECT_EQ(options.impureHostDeps, StringSet{"/usr/bin/ditto"}); EXPECT_EQ(options.impureEnvVars, StringSet{"UNICORN"}); EXPECT_EQ(options.allowLocalNetworking, true); + EXPECT_EQ(options.canBuildLocally(*this->store, got), false); + EXPECT_EQ(options.willBuildLocally(*this->store, got), false); + EXPECT_EQ(options.substitutesAllowed(), false); + EXPECT_EQ(options.useUidRange(got), true); + }); +}; + +TEST_F(DerivationAdvancedAttrsTest, advancedAttributes) +{ + this->readTest("advanced-attributes.drv", [&](auto encoded) { + auto got = parseDerivation(*this->store, std::move(encoded), "foo", this->mockXpSettings); + + auto drvPath = writeDerivation(*this->store, got, NoRepair, true); + + ParsedDerivation parsedDrv(drvPath, got); + DerivationOptions options = DerivationOptions::fromParsedDerivation(parsedDrv); + { auto * checksForAllOutputs_ = std::get_if<0>(&options.outputChecks); ASSERT_TRUE(checksForAllOutputs_ != nullptr); @@ -142,20 +209,55 @@ TEST_F(DerivationAdvancedAttrsTest, Derivation_advancedAttributes) EXPECT_EQ( checksForAllOutputs.disallowedRequisites, StringSet{"/nix/store/7rhsm8i393hm1wcsmph782awg1hi2f7x-bar"}); } + + StringSet systemFeatures{"rainbow", "uid-range"}; + + EXPECT_EQ(options.getRequiredSystemFeatures(got), systemFeatures); + }); +}; + +TEST_F(CaDerivationAdvancedAttrsTest, advancedAttributes) +{ + this->readTest("advanced-attributes.drv", [&](auto encoded) { + auto got = parseDerivation(*this->store, std::move(encoded), "foo", this->mockXpSettings); + + auto drvPath = writeDerivation(*this->store, got, NoRepair, true); + + ParsedDerivation parsedDrv(drvPath, got); + DerivationOptions options = DerivationOptions::fromParsedDerivation(parsedDrv); + + { + auto * checksForAllOutputs_ = std::get_if<0>(&options.outputChecks); + ASSERT_TRUE(checksForAllOutputs_ != nullptr); + auto & checksForAllOutputs = *checksForAllOutputs_; + + EXPECT_EQ( + checksForAllOutputs.allowedReferences, + StringSet{"/08cr1k2yfw44g21w1h850285vqhsciy7y3siqjdzz1m9yvwlqfm8"}); + EXPECT_EQ( + checksForAllOutputs.allowedRequisites, + StringSet{"/08cr1k2yfw44g21w1h850285vqhsciy7y3siqjdzz1m9yvwlqfm8"}); + EXPECT_EQ( + checksForAllOutputs.disallowedReferences, + StringSet{"/05pdic30acaypbz73ivw4wlsi9whq08jxsimml2h0inwqya2hn99"}); + EXPECT_EQ( + checksForAllOutputs.disallowedRequisites, + StringSet{"/05pdic30acaypbz73ivw4wlsi9whq08jxsimml2h0inwqya2hn99"}); + } + + StringSet systemFeatures{"rainbow", "uid-range"}; + systemFeatures.insert("ca-derivations"); + EXPECT_EQ(options.getRequiredSystemFeatures(got), systemFeatures); - EXPECT_EQ(options.canBuildLocally(*store, got), false); - EXPECT_EQ(options.willBuildLocally(*store, got), false); - EXPECT_EQ(options.substitutesAllowed(), false); - EXPECT_EQ(options.useUidRange(got), true); }); }; -TEST_F(DerivationAdvancedAttrsTest, Derivation_advancedAttributes_structuredAttrs_defaults) +TYPED_TEST(DerivationAdvancedAttrsBothTest, advancedAttributes_structuredAttrs_defaults) { - readTest("advanced-attributes-structured-attrs-defaults.drv", [&](auto encoded) { - auto got = parseDerivation(*store, std::move(encoded), "foo"); + this->readTest("advanced-attributes-structured-attrs-defaults.drv", [&](auto encoded) { + auto got = parseDerivation(*this->store, std::move(encoded), "foo", this->mockXpSettings); - auto drvPath = writeDerivation(*store, got, NoRepair, true); + auto drvPath = writeDerivation(*this->store, got, NoRepair, true); ParsedDerivation parsedDrv(drvPath, got); DerivationOptions options = DerivationOptions::fromParsedDerivation(parsedDrv); @@ -176,25 +278,50 @@ TEST_F(DerivationAdvancedAttrsTest, Derivation_advancedAttributes_structuredAttr EXPECT_EQ(checksPerOutput.size(), 0); } - EXPECT_EQ(options.getRequiredSystemFeatures(got), StringSet()); - EXPECT_EQ(options.canBuildLocally(*store, got), false); - EXPECT_EQ(options.willBuildLocally(*store, got), false); + EXPECT_EQ(options.canBuildLocally(*this->store, got), false); + EXPECT_EQ(options.willBuildLocally(*this->store, got), false); EXPECT_EQ(options.substitutesAllowed(), true); EXPECT_EQ(options.useUidRange(got), false); }); }; -TEST_F(DerivationAdvancedAttrsTest, Derivation_advancedAttributes_structuredAttrs) +TEST_F(DerivationAdvancedAttrsTest, advancedAttributes_structuredAttrs_defaults) { - readTest("advanced-attributes-structured-attrs.drv", [&](auto encoded) { - auto got = parseDerivation(*store, std::move(encoded), "foo"); + this->readTest("advanced-attributes-structured-attrs-defaults.drv", [&](auto encoded) { + auto got = parseDerivation(*this->store, std::move(encoded), "foo", this->mockXpSettings); - auto drvPath = writeDerivation(*store, got, NoRepair, true); + auto drvPath = writeDerivation(*this->store, got, NoRepair, true); ParsedDerivation parsedDrv(drvPath, got); DerivationOptions options = DerivationOptions::fromParsedDerivation(parsedDrv); - StringSet systemFeatures{"rainbow", "uid-range"}; + EXPECT_EQ(options.getRequiredSystemFeatures(got), StringSet{}); + }); +}; + +TEST_F(CaDerivationAdvancedAttrsTest, advancedAttributes_structuredAttrs_defaults) +{ + this->readTest("advanced-attributes-structured-attrs-defaults.drv", [&](auto encoded) { + auto got = parseDerivation(*this->store, std::move(encoded), "foo", this->mockXpSettings); + + auto drvPath = writeDerivation(*this->store, got, NoRepair, true); + + ParsedDerivation parsedDrv(drvPath, got); + DerivationOptions options = DerivationOptions::fromParsedDerivation(parsedDrv); + + EXPECT_EQ(options.getRequiredSystemFeatures(got), StringSet{"ca-derivations"}); + }); +}; + +TYPED_TEST(DerivationAdvancedAttrsBothTest, advancedAttributes_structuredAttrs) +{ + this->readTest("advanced-attributes-structured-attrs.drv", [&](auto encoded) { + auto got = parseDerivation(*this->store, std::move(encoded), "foo", this->mockXpSettings); + + auto drvPath = writeDerivation(*this->store, got, NoRepair, true); + + ParsedDerivation parsedDrv(drvPath, got); + DerivationOptions options = DerivationOptions::fromParsedDerivation(parsedDrv); EXPECT_TRUE(parsedDrv.hasStructuredAttrs()); @@ -204,6 +331,32 @@ TEST_F(DerivationAdvancedAttrsTest, Derivation_advancedAttributes_structuredAttr EXPECT_EQ(options.impureEnvVars, StringSet{"UNICORN"}); EXPECT_EQ(options.allowLocalNetworking, true); + { + auto output_ = get(std::get<1>(options.outputChecks), "dev"); + ASSERT_TRUE(output_); + auto & output = *output_; + + EXPECT_EQ(output.maxSize, 789); + EXPECT_EQ(output.maxClosureSize, 5909); + } + + EXPECT_EQ(options.canBuildLocally(*this->store, got), false); + EXPECT_EQ(options.willBuildLocally(*this->store, got), false); + EXPECT_EQ(options.substitutesAllowed(), false); + EXPECT_EQ(options.useUidRange(got), true); + }); +}; + +TEST_F(DerivationAdvancedAttrsTest, advancedAttributes_structuredAttrs) +{ + this->readTest("advanced-attributes-structured-attrs.drv", [&](auto encoded) { + auto got = parseDerivation(*this->store, std::move(encoded), "foo", this->mockXpSettings); + + auto drvPath = writeDerivation(*this->store, got, NoRepair, true); + + ParsedDerivation parsedDrv(drvPath, got); + DerivationOptions options = DerivationOptions::fromParsedDerivation(parsedDrv); + { { auto output_ = get(std::get<1>(options.outputChecks), "out"); @@ -222,22 +375,50 @@ TEST_F(DerivationAdvancedAttrsTest, Derivation_advancedAttributes_structuredAttr EXPECT_EQ(output.disallowedReferences, StringSet{"/nix/store/7rhsm8i393hm1wcsmph782awg1hi2f7x-bar"}); EXPECT_EQ(output.disallowedRequisites, StringSet{"/nix/store/7rhsm8i393hm1wcsmph782awg1hi2f7x-bar"}); } + } + + StringSet systemFeatures{"rainbow", "uid-range"}; + EXPECT_EQ(options.getRequiredSystemFeatures(got), systemFeatures); + }); +}; + +TEST_F(CaDerivationAdvancedAttrsTest, advancedAttributes_structuredAttrs) +{ + this->readTest("advanced-attributes-structured-attrs.drv", [&](auto encoded) { + auto got = parseDerivation(*this->store, std::move(encoded), "foo", this->mockXpSettings); + + auto drvPath = writeDerivation(*this->store, got, NoRepair, true); + + ParsedDerivation parsedDrv(drvPath, got); + DerivationOptions options = DerivationOptions::fromParsedDerivation(parsedDrv); + + { { - auto output_ = get(std::get<1>(options.outputChecks), "dev"); + auto output_ = get(std::get<1>(options.outputChecks), "out"); ASSERT_TRUE(output_); auto & output = *output_; - EXPECT_EQ(output.maxSize, 789); - EXPECT_EQ(output.maxClosureSize, 5909); + EXPECT_EQ(output.allowedReferences, StringSet{"/08cr1k2yfw44g21w1h850285vqhsciy7y3siqjdzz1m9yvwlqfm8"}); + EXPECT_EQ(output.allowedRequisites, StringSet{"/08cr1k2yfw44g21w1h850285vqhsciy7y3siqjdzz1m9yvwlqfm8"}); + } + + { + auto output_ = get(std::get<1>(options.outputChecks), "bin"); + ASSERT_TRUE(output_); + auto & output = *output_; + + EXPECT_EQ( + output.disallowedReferences, StringSet{"/05pdic30acaypbz73ivw4wlsi9whq08jxsimml2h0inwqya2hn99"}); + EXPECT_EQ( + output.disallowedRequisites, StringSet{"/05pdic30acaypbz73ivw4wlsi9whq08jxsimml2h0inwqya2hn99"}); } } + StringSet systemFeatures{"rainbow", "uid-range"}; + systemFeatures.insert("ca-derivations"); + EXPECT_EQ(options.getRequiredSystemFeatures(got), systemFeatures); - EXPECT_EQ(options.canBuildLocally(*store, got), false); - EXPECT_EQ(options.willBuildLocally(*store, got), false); - EXPECT_EQ(options.substitutesAllowed(), false); - EXPECT_EQ(options.useUidRange(got), true); }); }; diff --git a/src/libstore/derivations.cc b/src/libstore/derivations.cc index 360d19afee2..fdfdc37b41f 100644 --- a/src/libstore/derivations.cc +++ b/src/libstore/derivations.cc @@ -1368,7 +1368,7 @@ Derivation Derivation::fromJSON( for (auto & [outputName, output] : getObject(valueAt(json, "outputs"))) { res.outputs.insert_or_assign( outputName, - DerivationOutput::fromJSON(store, res.name, outputName, output)); + DerivationOutput::fromJSON(store, res.name, outputName, output, xpSettings)); } } catch (Error & e) { e.addTrace({}, "while reading key 'outputs'"); diff --git a/tests/functional/ca/derivation-advanced-attributes.sh b/tests/functional/ca/derivation-advanced-attributes.sh new file mode 100755 index 00000000000..b70463e5c48 --- /dev/null +++ b/tests/functional/ca/derivation-advanced-attributes.sh @@ -0,0 +1,6 @@ +#!/usr/bin/env bash + +export NIX_TESTS_CA_BY_DEFAULT=1 + +cd .. +source derivation-advanced-attributes.sh diff --git a/tests/functional/ca/meson.build b/tests/functional/ca/meson.build index 7a7fcc5cf6f..a4611ca4200 100644 --- a/tests/functional/ca/meson.build +++ b/tests/functional/ca/meson.build @@ -8,10 +8,11 @@ suites += { 'name': 'ca', 'deps': [], 'tests': [ + 'build-cache.sh', 'build-with-garbage-path.sh', 'build.sh', - 'build-cache.sh', 'concurrent-builds.sh', + 'derivation-advanced-attributes.sh', 'derivation-json.sh', 'duplicate-realisation-in-closure.sh', 'eval-store.sh', diff --git a/tests/functional/derivation-advanced-attributes.sh b/tests/functional/derivation-advanced-attributes.sh index 6707b345cc3..a7530e11c67 100755 --- a/tests/functional/derivation-advanced-attributes.sh +++ b/tests/functional/derivation-advanced-attributes.sh @@ -12,11 +12,19 @@ badExitCode=0 store="$TEST_ROOT/store" +if [[ -z "${NIX_TESTS_CA_BY_DEFAULT:-}" ]]; then + drvDir=ia + flags=(--arg contentAddress false) +else + drvDir=ca + flags=(--arg contentAddress true --extra-experimental-features ca-derivations) +fi + for nixFile in derivation/*.nix; do - drvPath=$(env -u NIX_STORE nix-instantiate --store "$store" --pure-eval --expr "$(< "$nixFile")") + drvPath=$(env -u NIX_STORE nix-instantiate --store "$store" --pure-eval "${flags[@]}" --expr "$(< "$nixFile")") testName=$(basename "$nixFile" .nix) got="${store}${drvPath}" - expected="derivation/$testName.drv" + expected="derivation/${drvDir}/${testName}.drv" diffAndAcceptInner "$testName" "$got" "$expected" done diff --git a/tests/functional/derivation/advanced-attributes-defaults.nix b/tests/functional/derivation/advanced-attributes-defaults.nix index d466003b00d..51f359cf042 100644 --- a/tests/functional/derivation/advanced-attributes-defaults.nix +++ b/tests/functional/derivation/advanced-attributes-defaults.nix @@ -1,6 +1,24 @@ -derivation { - name = "advanced-attributes-defaults"; +{ contentAddress }: + +let + caArgs = + if contentAddress then + { + __contentAddressed = true; + outputHashMode = "recursive"; + outputHashAlgo = "sha256"; + } + else + { }; + + derivation' = args: derivation (caArgs // args); + system = "my-system"; + +in +derivation' { + inherit system; + name = "advanced-attributes-defaults"; builder = "/bin/bash"; args = [ "-c" diff --git a/tests/functional/derivation/advanced-attributes-structured-attrs-defaults.nix b/tests/functional/derivation/advanced-attributes-structured-attrs-defaults.nix index 3c6ad4900d6..ec51f0e288f 100644 --- a/tests/functional/derivation/advanced-attributes-structured-attrs-defaults.nix +++ b/tests/functional/derivation/advanced-attributes-structured-attrs-defaults.nix @@ -1,6 +1,24 @@ -derivation { - name = "advanced-attributes-structured-attrs-defaults"; +{ contentAddress }: + +let + caArgs = + if contentAddress then + { + __contentAddressed = true; + outputHashMode = "recursive"; + outputHashAlgo = "sha256"; + } + else + { }; + + derivation' = args: derivation (caArgs // args); + system = "my-system"; + +in +derivation' { + inherit system; + name = "advanced-attributes-structured-attrs-defaults"; builder = "/bin/bash"; args = [ "-c" diff --git a/tests/functional/derivation/advanced-attributes-structured-attrs.nix b/tests/functional/derivation/advanced-attributes-structured-attrs.nix index 4c596be45e9..b789cdaa720 100644 --- a/tests/functional/derivation/advanced-attributes-structured-attrs.nix +++ b/tests/functional/derivation/advanced-attributes-structured-attrs.nix @@ -1,6 +1,21 @@ +{ contentAddress }: + let + caArgs = + if contentAddress then + { + __contentAddressed = true; + outputHashMode = "recursive"; + outputHashAlgo = "sha256"; + } + else + { }; + + derivation' = args: derivation (caArgs // args); + system = "my-system"; - foo = derivation { + + foo = derivation' { inherit system; name = "foo"; builder = "/bin/bash"; @@ -9,7 +24,8 @@ let "echo foo > $out" ]; }; - bar = derivation { + + bar = derivation' { inherit system; name = "bar"; builder = "/bin/bash"; @@ -18,8 +34,9 @@ let "echo bar > $out" ]; }; + in -derivation { +derivation' { inherit system; name = "advanced-attributes-structured-attrs"; builder = "/bin/bash"; diff --git a/tests/functional/derivation/advanced-attributes.nix b/tests/functional/derivation/advanced-attributes.nix index 7f365ce65e2..52786783faa 100644 --- a/tests/functional/derivation/advanced-attributes.nix +++ b/tests/functional/derivation/advanced-attributes.nix @@ -1,6 +1,21 @@ +{ contentAddress }: + let + caArgs = + if contentAddress then + { + __contentAddressed = true; + outputHashMode = "recursive"; + outputHashAlgo = "sha256"; + } + else + { }; + + derivation' = args: derivation (caArgs // args); + system = "my-system"; - foo = derivation { + + foo = derivation' { inherit system; name = "foo"; builder = "/bin/bash"; @@ -9,7 +24,8 @@ let "echo foo > $out" ]; }; - bar = derivation { + + bar = derivation' { inherit system; name = "bar"; builder = "/bin/bash"; @@ -18,8 +34,9 @@ let "echo bar > $out" ]; }; + in -derivation { +derivation' { inherit system; name = "advanced-attributes"; builder = "/bin/bash"; diff --git a/tests/functional/derivation/ca/advanced-attributes-defaults.drv b/tests/functional/derivation/ca/advanced-attributes-defaults.drv new file mode 100644 index 00000000000..2c81609639b --- /dev/null +++ b/tests/functional/derivation/ca/advanced-attributes-defaults.drv @@ -0,0 +1 @@ +Derive([("out","","r:sha256","")],[],[],"my-system","/bin/bash",["-c","echo hello > $out"],[("builder","/bin/bash"),("name","advanced-attributes-defaults"),("out","/1rz4g4znpzjwh1xymhjpm42vipw92pr73vdgl6xs1hycac8kf2n9"),("outputHashAlgo","sha256"),("outputHashMode","recursive"),("system","my-system")]) \ No newline at end of file diff --git a/tests/functional/derivation/ca/advanced-attributes-structured-attrs-defaults.drv b/tests/functional/derivation/ca/advanced-attributes-structured-attrs-defaults.drv new file mode 100644 index 00000000000..bf56e05d600 --- /dev/null +++ b/tests/functional/derivation/ca/advanced-attributes-structured-attrs-defaults.drv @@ -0,0 +1 @@ +Derive([("dev","","r:sha256",""),("out","","r:sha256","")],[],[],"my-system","/bin/bash",["-c","echo hello > $out"],[("__json","{\"builder\":\"/bin/bash\",\"name\":\"advanced-attributes-structured-attrs-defaults\",\"outputHashAlgo\":\"sha256\",\"outputHashMode\":\"recursive\",\"outputs\":[\"out\",\"dev\"],\"system\":\"my-system\"}"),("dev","/02qcpld1y6xhs5gz9bchpxaw0xdhmsp5dv88lh25r2ss44kh8dxz"),("out","/1rz4g4znpzjwh1xymhjpm42vipw92pr73vdgl6xs1hycac8kf2n9")]) \ No newline at end of file diff --git a/tests/functional/derivation/ca/advanced-attributes-structured-attrs.drv b/tests/functional/derivation/ca/advanced-attributes-structured-attrs.drv new file mode 100644 index 00000000000..307beb53e62 --- /dev/null +++ b/tests/functional/derivation/ca/advanced-attributes-structured-attrs.drv @@ -0,0 +1 @@ +Derive([("bin","","r:sha256",""),("dev","","r:sha256",""),("out","","r:sha256","")],[("/nix/store/spfzlnkwb1v8s62yvh8vj1apd1kwjr5f-foo.drv",["out"]),("/nix/store/x1vpzav565aqr7ccmkn0wv0svkm1qrbl-bar.drv",["out"])],[],"my-system","/bin/bash",["-c","echo hello > $out"],[("__json","{\"__darwinAllowLocalNetworking\":true,\"__impureHostDeps\":[\"/usr/bin/ditto\"],\"__noChroot\":true,\"__sandboxProfile\":\"sandcastle\",\"allowSubstitutes\":false,\"builder\":\"/bin/bash\",\"impureEnvVars\":[\"UNICORN\"],\"name\":\"advanced-attributes-structured-attrs\",\"outputChecks\":{\"bin\":{\"disallowedReferences\":[\"/05pdic30acaypbz73ivw4wlsi9whq08jxsimml2h0inwqya2hn99\"],\"disallowedRequisites\":[\"/05pdic30acaypbz73ivw4wlsi9whq08jxsimml2h0inwqya2hn99\"]},\"dev\":{\"maxClosureSize\":5909,\"maxSize\":789},\"out\":{\"allowedReferences\":[\"/08cr1k2yfw44g21w1h850285vqhsciy7y3siqjdzz1m9yvwlqfm8\"],\"allowedRequisites\":[\"/08cr1k2yfw44g21w1h850285vqhsciy7y3siqjdzz1m9yvwlqfm8\"]}},\"outputHashAlgo\":\"sha256\",\"outputHashMode\":\"recursive\",\"outputs\":[\"out\",\"bin\",\"dev\"],\"preferLocalBuild\":true,\"requiredSystemFeatures\":[\"rainbow\",\"uid-range\"],\"system\":\"my-system\"}"),("bin","/04f3da1kmbr67m3gzxikmsl4vjz5zf777sv6m14ahv22r65aac9m"),("dev","/02qcpld1y6xhs5gz9bchpxaw0xdhmsp5dv88lh25r2ss44kh8dxz"),("out","/1rz4g4znpzjwh1xymhjpm42vipw92pr73vdgl6xs1hycac8kf2n9")]) \ No newline at end of file diff --git a/tests/functional/derivation/ca/advanced-attributes.drv b/tests/functional/derivation/ca/advanced-attributes.drv new file mode 100644 index 00000000000..343f895ca7a --- /dev/null +++ b/tests/functional/derivation/ca/advanced-attributes.drv @@ -0,0 +1 @@ +Derive([("out","","r:sha256","")],[("/nix/store/spfzlnkwb1v8s62yvh8vj1apd1kwjr5f-foo.drv",["out"]),("/nix/store/x1vpzav565aqr7ccmkn0wv0svkm1qrbl-bar.drv",["out"])],[],"my-system","/bin/bash",["-c","echo hello > $out"],[("__darwinAllowLocalNetworking","1"),("__impureHostDeps","/usr/bin/ditto"),("__noChroot","1"),("__sandboxProfile","sandcastle"),("allowSubstitutes",""),("allowedReferences","/08cr1k2yfw44g21w1h850285vqhsciy7y3siqjdzz1m9yvwlqfm8"),("allowedRequisites","/08cr1k2yfw44g21w1h850285vqhsciy7y3siqjdzz1m9yvwlqfm8"),("builder","/bin/bash"),("disallowedReferences","/05pdic30acaypbz73ivw4wlsi9whq08jxsimml2h0inwqya2hn99"),("disallowedRequisites","/05pdic30acaypbz73ivw4wlsi9whq08jxsimml2h0inwqya2hn99"),("impureEnvVars","UNICORN"),("name","advanced-attributes"),("out","/1rz4g4znpzjwh1xymhjpm42vipw92pr73vdgl6xs1hycac8kf2n9"),("outputHashAlgo","sha256"),("outputHashMode","recursive"),("preferLocalBuild","1"),("requiredSystemFeatures","rainbow uid-range"),("system","my-system")]) \ No newline at end of file diff --git a/tests/functional/derivation/advanced-attributes-defaults.drv b/tests/functional/derivation/ia/advanced-attributes-defaults.drv similarity index 100% rename from tests/functional/derivation/advanced-attributes-defaults.drv rename to tests/functional/derivation/ia/advanced-attributes-defaults.drv diff --git a/tests/functional/derivation/advanced-attributes-structured-attrs-defaults.drv b/tests/functional/derivation/ia/advanced-attributes-structured-attrs-defaults.drv similarity index 100% rename from tests/functional/derivation/advanced-attributes-structured-attrs-defaults.drv rename to tests/functional/derivation/ia/advanced-attributes-structured-attrs-defaults.drv diff --git a/tests/functional/derivation/advanced-attributes-structured-attrs.drv b/tests/functional/derivation/ia/advanced-attributes-structured-attrs.drv similarity index 100% rename from tests/functional/derivation/advanced-attributes-structured-attrs.drv rename to tests/functional/derivation/ia/advanced-attributes-structured-attrs.drv diff --git a/tests/functional/derivation/advanced-attributes.drv b/tests/functional/derivation/ia/advanced-attributes.drv similarity index 100% rename from tests/functional/derivation/advanced-attributes.drv rename to tests/functional/derivation/ia/advanced-attributes.drv From 0c0dda3b297de33e810f177627bc2ff62de60704 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Tue, 15 Apr 2025 17:44:56 +0200 Subject: [PATCH 483/815] Devirtualize double-copied paths Borrowed from the original lazy-trees branch. --- src/libexpr/eval.cc | 5 ++++- src/libexpr/include/nix/expr/eval.hh | 13 +++++++++++++ src/libexpr/paths.cc | 15 +++++++++++++++ src/libexpr/primops.cc | 2 +- 4 files changed, 33 insertions(+), 2 deletions(-) diff --git a/src/libexpr/eval.cc b/src/libexpr/eval.cc index 0212162dd2d..12b11f1ac89 100644 --- a/src/libexpr/eval.cc +++ b/src/libexpr/eval.cc @@ -2317,6 +2317,9 @@ BackedStringView EvalState::coerceToString( } if (v.type() == nPath) { + // FIXME: instead of copying the path to the store, we could + // return a virtual store path that lazily copies the path to + // the store in devirtualize(). return !canonicalizePath && !copyToStore ? // FIXME: hack to preserve path literals that end in a @@ -2406,7 +2409,7 @@ StorePath EvalState::copyPathToStore(NixStringContext & context, const SourcePat *store, path.resolveSymlinks(SymlinkResolution::Ancestors), settings.readOnlyMode ? FetchMode::DryRun : FetchMode::Copy, - path.baseName(), + computeBaseName(path), ContentAddressMethod::Raw::NixArchive, nullptr, repair); diff --git a/src/libexpr/include/nix/expr/eval.hh b/src/libexpr/include/nix/expr/eval.hh index 505a7d1e7e1..3249b50a0ea 100644 --- a/src/libexpr/include/nix/expr/eval.hh +++ b/src/libexpr/include/nix/expr/eval.hh @@ -586,6 +586,19 @@ public: StorePath copyPathToStore(NixStringContext & context, const SourcePath & path); + + /** + * Compute the base name for a `SourcePath`. For non-store paths, + * this is just `SourcePath::baseName()`. But for store paths, for + * backwards compatibility, it needs to be `-source`, + * i.e. as if the path were copied to the Nix store. This results + * in a "double-copied" store path like + * `/nix/store/--source`. We don't need to + * materialize /nix/store/-source though. Still, this + * requires reading/hashing the path twice. + */ + std::string computeBaseName(const SourcePath & path); + /** * Path coercion. * diff --git a/src/libexpr/paths.cc b/src/libexpr/paths.cc index f4c4de5fae7..a27ebcae24d 100644 --- a/src/libexpr/paths.cc +++ b/src/libexpr/paths.cc @@ -52,4 +52,19 @@ std::string EvalState::devirtualize(std::string_view s, const NixStringContext & return rewriteStrings(std::string(s), rewrites); } +std::string EvalState::computeBaseName(const SourcePath & path) +{ + if (path.accessor == rootFS) { + if (auto storePath = store->maybeParseStorePath(path.path.abs())) { + warn( + "Performing inefficient double copy of path '%s' to the store. " + "This can typically be avoided by rewriting an attribute like `src = ./.` " + "to `src = builtins.path { path = ./.; name = \"source\"; }`.", + path); + return std::string(fetchToStore(*store, path, FetchMode::DryRun).to_string()); + } + } + return std::string(path.baseName()); +} + } diff --git a/src/libexpr/primops.cc b/src/libexpr/primops.cc index 34677f9a3a1..7243f09ce5a 100644 --- a/src/libexpr/primops.cc +++ b/src/libexpr/primops.cc @@ -2539,7 +2539,7 @@ static void prim_filterSource(EvalState & state, const PosIdx pos, Value * * arg "while evaluating the second argument (the path to filter) passed to 'builtins.filterSource'"); state.forceFunction(*args[0], pos, "while evaluating the first argument passed to builtins.filterSource"); - addPath(state, pos, path.baseName(), path, args[0], ContentAddressMethod::Raw::NixArchive, std::nullopt, v, context); + addPath(state, pos, state.computeBaseName(path), path, args[0], ContentAddressMethod::Raw::NixArchive, std::nullopt, v, context); } static RegisterPrimOp primop_filterSource({ From 30d900b313b9dad3b78ec05d07368c8e83811dc5 Mon Sep 17 00:00:00 2001 From: John Ericson Date: Tue, 15 Apr 2025 11:53:17 -0400 Subject: [PATCH 484/815] Derivation "advanced attrs" test: Ensure fields are set to distinct values We had fields set to the same values before in our test data. This is not a problem per-se, but does mean we wouldn't catch certain mixups. Now, the fields are set to distinct values (where possible), which makes the test more robust. (cherry picked from commit a0b2b75f59496ff4e199dd28eb932f181659c1f0) --- .../advanced-attributes-structured-attrs.json | 8 +++-- .../derivation/ca/advanced-attributes.json | 14 ++++---- .../advanced-attributes-structured-attrs.json | 20 ++++++----- .../derivation/ia/advanced-attributes.json | 18 +++++----- .../derivation-advanced-attrs.cc | 35 ++++++++++--------- .../advanced-attributes-structured-attrs.nix | 12 +++++-- .../derivation/advanced-attributes.nix | 12 +++++-- .../advanced-attributes-structured-attrs.drv | 2 +- .../derivation/ca/advanced-attributes.drv | 2 +- .../advanced-attributes-structured-attrs.drv | 2 +- .../derivation/ia/advanced-attributes.drv | 2 +- 11 files changed, 77 insertions(+), 50 deletions(-) diff --git a/src/libstore-tests/data/derivation/ca/advanced-attributes-structured-attrs.json b/src/libstore-tests/data/derivation/ca/advanced-attributes-structured-attrs.json index 584fd211385..f6cdc1f1602 100644 --- a/src/libstore-tests/data/derivation/ca/advanced-attributes-structured-attrs.json +++ b/src/libstore-tests/data/derivation/ca/advanced-attributes-structured-attrs.json @@ -5,21 +5,23 @@ ], "builder": "/bin/bash", "env": { - "__json": "{\"__darwinAllowLocalNetworking\":true,\"__impureHostDeps\":[\"/usr/bin/ditto\"],\"__noChroot\":true,\"__sandboxProfile\":\"sandcastle\",\"allowSubstitutes\":false,\"builder\":\"/bin/bash\",\"impureEnvVars\":[\"UNICORN\"],\"name\":\"advanced-attributes-structured-attrs\",\"outputChecks\":{\"bin\":{\"disallowedReferences\":[\"/05pdic30acaypbz73ivw4wlsi9whq08jxsimml2h0inwqya2hn99\"],\"disallowedRequisites\":[\"/05pdic30acaypbz73ivw4wlsi9whq08jxsimml2h0inwqya2hn99\"]},\"dev\":{\"maxClosureSize\":5909,\"maxSize\":789},\"out\":{\"allowedReferences\":[\"/08cr1k2yfw44g21w1h850285vqhsciy7y3siqjdzz1m9yvwlqfm8\"],\"allowedRequisites\":[\"/08cr1k2yfw44g21w1h850285vqhsciy7y3siqjdzz1m9yvwlqfm8\"]}},\"outputHashAlgo\":\"sha256\",\"outputHashMode\":\"recursive\",\"outputs\":[\"out\",\"bin\",\"dev\"],\"preferLocalBuild\":true,\"requiredSystemFeatures\":[\"rainbow\",\"uid-range\"],\"system\":\"my-system\"}", + "__json": "{\"__darwinAllowLocalNetworking\":true,\"__impureHostDeps\":[\"/usr/bin/ditto\"],\"__noChroot\":true,\"__sandboxProfile\":\"sandcastle\",\"allowSubstitutes\":false,\"builder\":\"/bin/bash\",\"impureEnvVars\":[\"UNICORN\"],\"name\":\"advanced-attributes-structured-attrs\",\"outputChecks\":{\"bin\":{\"disallowedReferences\":[\"/0nyw57wm2iicnm9rglvjmbci3ikmcp823czdqdzdcgsnnwqps71g\"],\"disallowedRequisites\":[\"/07f301yqyz8c6wf6bbbavb2q39j4n8kmcly1s09xadyhgy6x2wr8\"]},\"dev\":{\"maxClosureSize\":5909,\"maxSize\":789},\"out\":{\"allowedReferences\":[\"/164j69y6zir9z0339n8pjigg3rckinlr77bxsavzizdaaljb7nh9\"],\"allowedRequisites\":[\"/0nr45p69vn6izw9446wsh9bng9nndhvn19kpsm4n96a5mycw0s4z\"]}},\"outputHashAlgo\":\"sha256\",\"outputHashMode\":\"recursive\",\"outputs\":[\"out\",\"bin\",\"dev\"],\"preferLocalBuild\":true,\"requiredSystemFeatures\":[\"rainbow\",\"uid-range\"],\"system\":\"my-system\"}", "bin": "/04f3da1kmbr67m3gzxikmsl4vjz5zf777sv6m14ahv22r65aac9m", "dev": "/02qcpld1y6xhs5gz9bchpxaw0xdhmsp5dv88lh25r2ss44kh8dxz", "out": "/1rz4g4znpzjwh1xymhjpm42vipw92pr73vdgl6xs1hycac8kf2n9" }, "inputDrvs": { - "/nix/store/spfzlnkwb1v8s62yvh8vj1apd1kwjr5f-foo.drv": { + "/nix/store/j56sf12rxpcv5swr14vsjn5cwm6bj03h-foo.drv": { "dynamicOutputs": {}, "outputs": [ + "dev", "out" ] }, - "/nix/store/x1vpzav565aqr7ccmkn0wv0svkm1qrbl-bar.drv": { + "/nix/store/qnml92yh97a6fbrs2m5qg5cqlc8vni58-bar.drv": { "dynamicOutputs": {}, "outputs": [ + "dev", "out" ] } diff --git a/src/libstore-tests/data/derivation/ca/advanced-attributes.json b/src/libstore-tests/data/derivation/ca/advanced-attributes.json index 69d40b135a6..2105c6256c0 100644 --- a/src/libstore-tests/data/derivation/ca/advanced-attributes.json +++ b/src/libstore-tests/data/derivation/ca/advanced-attributes.json @@ -10,11 +10,11 @@ "__noChroot": "1", "__sandboxProfile": "sandcastle", "allowSubstitutes": "", - "allowedReferences": "/08cr1k2yfw44g21w1h850285vqhsciy7y3siqjdzz1m9yvwlqfm8", - "allowedRequisites": "/08cr1k2yfw44g21w1h850285vqhsciy7y3siqjdzz1m9yvwlqfm8", + "allowedReferences": "/164j69y6zir9z0339n8pjigg3rckinlr77bxsavzizdaaljb7nh9", + "allowedRequisites": "/0nr45p69vn6izw9446wsh9bng9nndhvn19kpsm4n96a5mycw0s4z", "builder": "/bin/bash", - "disallowedReferences": "/05pdic30acaypbz73ivw4wlsi9whq08jxsimml2h0inwqya2hn99", - "disallowedRequisites": "/05pdic30acaypbz73ivw4wlsi9whq08jxsimml2h0inwqya2hn99", + "disallowedReferences": "/0nyw57wm2iicnm9rglvjmbci3ikmcp823czdqdzdcgsnnwqps71g", + "disallowedRequisites": "/07f301yqyz8c6wf6bbbavb2q39j4n8kmcly1s09xadyhgy6x2wr8", "impureEnvVars": "UNICORN", "name": "advanced-attributes", "out": "/1rz4g4znpzjwh1xymhjpm42vipw92pr73vdgl6xs1hycac8kf2n9", @@ -25,15 +25,17 @@ "system": "my-system" }, "inputDrvs": { - "/nix/store/spfzlnkwb1v8s62yvh8vj1apd1kwjr5f-foo.drv": { + "/nix/store/j56sf12rxpcv5swr14vsjn5cwm6bj03h-foo.drv": { "dynamicOutputs": {}, "outputs": [ + "dev", "out" ] }, - "/nix/store/x1vpzav565aqr7ccmkn0wv0svkm1qrbl-bar.drv": { + "/nix/store/qnml92yh97a6fbrs2m5qg5cqlc8vni58-bar.drv": { "dynamicOutputs": {}, "outputs": [ + "dev", "out" ] } diff --git a/src/libstore-tests/data/derivation/ia/advanced-attributes-structured-attrs.json b/src/libstore-tests/data/derivation/ia/advanced-attributes-structured-attrs.json index 32442812467..b45a0d62453 100644 --- a/src/libstore-tests/data/derivation/ia/advanced-attributes-structured-attrs.json +++ b/src/libstore-tests/data/derivation/ia/advanced-attributes-structured-attrs.json @@ -5,21 +5,23 @@ ], "builder": "/bin/bash", "env": { - "__json": "{\"__darwinAllowLocalNetworking\":true,\"__impureHostDeps\":[\"/usr/bin/ditto\"],\"__noChroot\":true,\"__sandboxProfile\":\"sandcastle\",\"allowSubstitutes\":false,\"builder\":\"/bin/bash\",\"impureEnvVars\":[\"UNICORN\"],\"name\":\"advanced-attributes-structured-attrs\",\"outputChecks\":{\"bin\":{\"disallowedReferences\":[\"/nix/store/7rhsm8i393hm1wcsmph782awg1hi2f7x-bar\"],\"disallowedRequisites\":[\"/nix/store/7rhsm8i393hm1wcsmph782awg1hi2f7x-bar\"]},\"dev\":{\"maxClosureSize\":5909,\"maxSize\":789},\"out\":{\"allowedReferences\":[\"/nix/store/3c08bzb71z4wiag719ipjxr277653ynp-foo\"],\"allowedRequisites\":[\"/nix/store/3c08bzb71z4wiag719ipjxr277653ynp-foo\"]}},\"outputs\":[\"out\",\"bin\",\"dev\"],\"preferLocalBuild\":true,\"requiredSystemFeatures\":[\"rainbow\",\"uid-range\"],\"system\":\"my-system\"}", - "bin": "/nix/store/pbzb48v0ycf80jgligcp4n8z0rblna4n-advanced-attributes-structured-attrs-bin", - "dev": "/nix/store/7xapi8jv7flcz1qq8jhw55ar8ag8hldh-advanced-attributes-structured-attrs-dev", - "out": "/nix/store/mpq3l1l1qc2yr50q520g08kprprwv79f-advanced-attributes-structured-attrs" + "__json": "{\"__darwinAllowLocalNetworking\":true,\"__impureHostDeps\":[\"/usr/bin/ditto\"],\"__noChroot\":true,\"__sandboxProfile\":\"sandcastle\",\"allowSubstitutes\":false,\"builder\":\"/bin/bash\",\"impureEnvVars\":[\"UNICORN\"],\"name\":\"advanced-attributes-structured-attrs\",\"outputChecks\":{\"bin\":{\"disallowedReferences\":[\"/nix/store/r5cff30838majxk5mp3ip2diffi8vpaj-bar\"],\"disallowedRequisites\":[\"/nix/store/9b61w26b4avv870dw0ymb6rw4r1hzpws-bar-dev\"]},\"dev\":{\"maxClosureSize\":5909,\"maxSize\":789},\"out\":{\"allowedReferences\":[\"/nix/store/p0hax2lzvjpfc2gwkk62xdglz0fcqfzn-foo\"],\"allowedRequisites\":[\"/nix/store/z0rjzy29v9k5qa4nqpykrbzirj7sd43v-foo-dev\"]}},\"outputs\":[\"out\",\"bin\",\"dev\"],\"preferLocalBuild\":true,\"requiredSystemFeatures\":[\"rainbow\",\"uid-range\"],\"system\":\"my-system\"}", + "bin": "/nix/store/qjjj3zrlimpjbkk686m052b3ks9iz2sl-advanced-attributes-structured-attrs-bin", + "dev": "/nix/store/lpz5grl48v93pdadavyg5is1rqvfdipf-advanced-attributes-structured-attrs-dev", + "out": "/nix/store/nzvz1bmh1g89a5dkpqcqan0av7q3hgv3-advanced-attributes-structured-attrs" }, "inputDrvs": { - "/nix/store/4xm4wccqsvagz9gjksn24s7rip2fdy7v-foo.drv": { + "/nix/store/afc3vbjbzql750v2lp8gxgaxsajphzih-foo.drv": { "dynamicOutputs": {}, "outputs": [ + "dev", "out" ] }, - "/nix/store/plsq5jbr5nhgqwcgb2qxw7jchc09dnl8-bar.drv": { + "/nix/store/vj2i49jm2868j2fmqvxm70vlzmzvgv14-bar.drv": { "dynamicOutputs": {}, "outputs": [ + "dev", "out" ] } @@ -28,13 +30,13 @@ "name": "advanced-attributes-structured-attrs", "outputs": { "bin": { - "path": "/nix/store/pbzb48v0ycf80jgligcp4n8z0rblna4n-advanced-attributes-structured-attrs-bin" + "path": "/nix/store/qjjj3zrlimpjbkk686m052b3ks9iz2sl-advanced-attributes-structured-attrs-bin" }, "dev": { - "path": "/nix/store/7xapi8jv7flcz1qq8jhw55ar8ag8hldh-advanced-attributes-structured-attrs-dev" + "path": "/nix/store/lpz5grl48v93pdadavyg5is1rqvfdipf-advanced-attributes-structured-attrs-dev" }, "out": { - "path": "/nix/store/mpq3l1l1qc2yr50q520g08kprprwv79f-advanced-attributes-structured-attrs" + "path": "/nix/store/nzvz1bmh1g89a5dkpqcqan0av7q3hgv3-advanced-attributes-structured-attrs" } }, "system": "my-system" diff --git a/src/libstore-tests/data/derivation/ia/advanced-attributes.json b/src/libstore-tests/data/derivation/ia/advanced-attributes.json index d51524e2056..1eb8de86e7c 100644 --- a/src/libstore-tests/data/derivation/ia/advanced-attributes.json +++ b/src/libstore-tests/data/derivation/ia/advanced-attributes.json @@ -10,28 +10,30 @@ "__noChroot": "1", "__sandboxProfile": "sandcastle", "allowSubstitutes": "", - "allowedReferences": "/nix/store/3c08bzb71z4wiag719ipjxr277653ynp-foo", - "allowedRequisites": "/nix/store/3c08bzb71z4wiag719ipjxr277653ynp-foo", + "allowedReferences": "/nix/store/p0hax2lzvjpfc2gwkk62xdglz0fcqfzn-foo", + "allowedRequisites": "/nix/store/z0rjzy29v9k5qa4nqpykrbzirj7sd43v-foo-dev", "builder": "/bin/bash", - "disallowedReferences": "/nix/store/7rhsm8i393hm1wcsmph782awg1hi2f7x-bar", - "disallowedRequisites": "/nix/store/7rhsm8i393hm1wcsmph782awg1hi2f7x-bar", + "disallowedReferences": "/nix/store/r5cff30838majxk5mp3ip2diffi8vpaj-bar", + "disallowedRequisites": "/nix/store/9b61w26b4avv870dw0ymb6rw4r1hzpws-bar-dev", "impureEnvVars": "UNICORN", "name": "advanced-attributes", - "out": "/nix/store/33a6fdmn8q9ih9d7npbnrxn2q56a4l8q-advanced-attributes", + "out": "/nix/store/swkj0mrq0cq3dfli95v4am0427mi2hxf-advanced-attributes", "preferLocalBuild": "1", "requiredSystemFeatures": "rainbow uid-range", "system": "my-system" }, "inputDrvs": { - "/nix/store/4xm4wccqsvagz9gjksn24s7rip2fdy7v-foo.drv": { + "/nix/store/afc3vbjbzql750v2lp8gxgaxsajphzih-foo.drv": { "dynamicOutputs": {}, "outputs": [ + "dev", "out" ] }, - "/nix/store/plsq5jbr5nhgqwcgb2qxw7jchc09dnl8-bar.drv": { + "/nix/store/vj2i49jm2868j2fmqvxm70vlzmzvgv14-bar.drv": { "dynamicOutputs": {}, "outputs": [ + "dev", "out" ] } @@ -40,7 +42,7 @@ "name": "advanced-attributes", "outputs": { "out": { - "path": "/nix/store/33a6fdmn8q9ih9d7npbnrxn2q56a4l8q-advanced-attributes" + "path": "/nix/store/swkj0mrq0cq3dfli95v4am0427mi2hxf-advanced-attributes" } }, "system": "my-system" diff --git a/src/libstore-tests/derivation-advanced-attrs.cc b/src/libstore-tests/derivation-advanced-attrs.cc index e135b8106d2..f82cea026b6 100644 --- a/src/libstore-tests/derivation-advanced-attrs.cc +++ b/src/libstore-tests/derivation-advanced-attrs.cc @@ -201,13 +201,15 @@ TEST_F(DerivationAdvancedAttrsTest, advancedAttributes) auto & checksForAllOutputs = *checksForAllOutputs_; EXPECT_EQ( - checksForAllOutputs.allowedReferences, StringSet{"/nix/store/3c08bzb71z4wiag719ipjxr277653ynp-foo"}); + checksForAllOutputs.allowedReferences, StringSet{"/nix/store/p0hax2lzvjpfc2gwkk62xdglz0fcqfzn-foo"}); EXPECT_EQ( - checksForAllOutputs.allowedRequisites, StringSet{"/nix/store/3c08bzb71z4wiag719ipjxr277653ynp-foo"}); + checksForAllOutputs.allowedRequisites, + StringSet{"/nix/store/z0rjzy29v9k5qa4nqpykrbzirj7sd43v-foo-dev"}); EXPECT_EQ( - checksForAllOutputs.disallowedReferences, StringSet{"/nix/store/7rhsm8i393hm1wcsmph782awg1hi2f7x-bar"}); + checksForAllOutputs.disallowedReferences, StringSet{"/nix/store/r5cff30838majxk5mp3ip2diffi8vpaj-bar"}); EXPECT_EQ( - checksForAllOutputs.disallowedRequisites, StringSet{"/nix/store/7rhsm8i393hm1wcsmph782awg1hi2f7x-bar"}); + checksForAllOutputs.disallowedRequisites, + StringSet{"/nix/store/9b61w26b4avv870dw0ymb6rw4r1hzpws-bar-dev"}); } StringSet systemFeatures{"rainbow", "uid-range"}; @@ -233,16 +235,16 @@ TEST_F(CaDerivationAdvancedAttrsTest, advancedAttributes) EXPECT_EQ( checksForAllOutputs.allowedReferences, - StringSet{"/08cr1k2yfw44g21w1h850285vqhsciy7y3siqjdzz1m9yvwlqfm8"}); + StringSet{"/164j69y6zir9z0339n8pjigg3rckinlr77bxsavzizdaaljb7nh9"}); EXPECT_EQ( checksForAllOutputs.allowedRequisites, - StringSet{"/08cr1k2yfw44g21w1h850285vqhsciy7y3siqjdzz1m9yvwlqfm8"}); + StringSet{"/0nr45p69vn6izw9446wsh9bng9nndhvn19kpsm4n96a5mycw0s4z"}); EXPECT_EQ( checksForAllOutputs.disallowedReferences, - StringSet{"/05pdic30acaypbz73ivw4wlsi9whq08jxsimml2h0inwqya2hn99"}); + StringSet{"/0nyw57wm2iicnm9rglvjmbci3ikmcp823czdqdzdcgsnnwqps71g"}); EXPECT_EQ( checksForAllOutputs.disallowedRequisites, - StringSet{"/05pdic30acaypbz73ivw4wlsi9whq08jxsimml2h0inwqya2hn99"}); + StringSet{"/07f301yqyz8c6wf6bbbavb2q39j4n8kmcly1s09xadyhgy6x2wr8"}); } StringSet systemFeatures{"rainbow", "uid-range"}; @@ -363,8 +365,8 @@ TEST_F(DerivationAdvancedAttrsTest, advancedAttributes_structuredAttrs) ASSERT_TRUE(output_); auto & output = *output_; - EXPECT_EQ(output.allowedReferences, StringSet{"/nix/store/3c08bzb71z4wiag719ipjxr277653ynp-foo"}); - EXPECT_EQ(output.allowedRequisites, StringSet{"/nix/store/3c08bzb71z4wiag719ipjxr277653ynp-foo"}); + EXPECT_EQ(output.allowedReferences, StringSet{"/nix/store/p0hax2lzvjpfc2gwkk62xdglz0fcqfzn-foo"}); + EXPECT_EQ(output.allowedRequisites, StringSet{"/nix/store/z0rjzy29v9k5qa4nqpykrbzirj7sd43v-foo-dev"}); } { @@ -372,8 +374,9 @@ TEST_F(DerivationAdvancedAttrsTest, advancedAttributes_structuredAttrs) ASSERT_TRUE(output_); auto & output = *output_; - EXPECT_EQ(output.disallowedReferences, StringSet{"/nix/store/7rhsm8i393hm1wcsmph782awg1hi2f7x-bar"}); - EXPECT_EQ(output.disallowedRequisites, StringSet{"/nix/store/7rhsm8i393hm1wcsmph782awg1hi2f7x-bar"}); + EXPECT_EQ(output.disallowedReferences, StringSet{"/nix/store/r5cff30838majxk5mp3ip2diffi8vpaj-bar"}); + EXPECT_EQ( + output.disallowedRequisites, StringSet{"/nix/store/9b61w26b4avv870dw0ymb6rw4r1hzpws-bar-dev"}); } } @@ -399,8 +402,8 @@ TEST_F(CaDerivationAdvancedAttrsTest, advancedAttributes_structuredAttrs) ASSERT_TRUE(output_); auto & output = *output_; - EXPECT_EQ(output.allowedReferences, StringSet{"/08cr1k2yfw44g21w1h850285vqhsciy7y3siqjdzz1m9yvwlqfm8"}); - EXPECT_EQ(output.allowedRequisites, StringSet{"/08cr1k2yfw44g21w1h850285vqhsciy7y3siqjdzz1m9yvwlqfm8"}); + EXPECT_EQ(output.allowedReferences, StringSet{"/164j69y6zir9z0339n8pjigg3rckinlr77bxsavzizdaaljb7nh9"}); + EXPECT_EQ(output.allowedRequisites, StringSet{"/0nr45p69vn6izw9446wsh9bng9nndhvn19kpsm4n96a5mycw0s4z"}); } { @@ -409,9 +412,9 @@ TEST_F(CaDerivationAdvancedAttrsTest, advancedAttributes_structuredAttrs) auto & output = *output_; EXPECT_EQ( - output.disallowedReferences, StringSet{"/05pdic30acaypbz73ivw4wlsi9whq08jxsimml2h0inwqya2hn99"}); + output.disallowedReferences, StringSet{"/0nyw57wm2iicnm9rglvjmbci3ikmcp823czdqdzdcgsnnwqps71g"}); EXPECT_EQ( - output.disallowedRequisites, StringSet{"/05pdic30acaypbz73ivw4wlsi9whq08jxsimml2h0inwqya2hn99"}); + output.disallowedRequisites, StringSet{"/07f301yqyz8c6wf6bbbavb2q39j4n8kmcly1s09xadyhgy6x2wr8"}); } } diff --git a/tests/functional/derivation/advanced-attributes-structured-attrs.nix b/tests/functional/derivation/advanced-attributes-structured-attrs.nix index b789cdaa720..27d9e7cf938 100644 --- a/tests/functional/derivation/advanced-attributes-structured-attrs.nix +++ b/tests/functional/derivation/advanced-attributes-structured-attrs.nix @@ -23,6 +23,10 @@ let "-c" "echo foo > $out" ]; + outputs = [ + "out" + "dev" + ]; }; bar = derivation' { @@ -33,6 +37,10 @@ let "-c" "echo bar > $out" ]; + outputs = [ + "out" + "dev" + ]; }; in @@ -58,11 +66,11 @@ derivation' { outputChecks = { out = { allowedReferences = [ foo ]; - allowedRequisites = [ foo ]; + allowedRequisites = [ foo.dev ]; }; bin = { disallowedReferences = [ bar ]; - disallowedRequisites = [ bar ]; + disallowedRequisites = [ bar.dev ]; }; dev = { maxSize = 789; diff --git a/tests/functional/derivation/advanced-attributes.nix b/tests/functional/derivation/advanced-attributes.nix index 52786783faa..e988e0a70c1 100644 --- a/tests/functional/derivation/advanced-attributes.nix +++ b/tests/functional/derivation/advanced-attributes.nix @@ -23,6 +23,10 @@ let "-c" "echo foo > $out" ]; + outputs = [ + "out" + "dev" + ]; }; bar = derivation' { @@ -33,6 +37,10 @@ let "-c" "echo bar > $out" ]; + outputs = [ + "out" + "dev" + ]; }; in @@ -50,9 +58,9 @@ derivation' { impureEnvVars = [ "UNICORN" ]; __darwinAllowLocalNetworking = true; allowedReferences = [ foo ]; - allowedRequisites = [ foo ]; + allowedRequisites = [ foo.dev ]; disallowedReferences = [ bar ]; - disallowedRequisites = [ bar ]; + disallowedRequisites = [ bar.dev ]; requiredSystemFeatures = [ "rainbow" "uid-range" diff --git a/tests/functional/derivation/ca/advanced-attributes-structured-attrs.drv b/tests/functional/derivation/ca/advanced-attributes-structured-attrs.drv index 307beb53e62..a81e74d4195 100644 --- a/tests/functional/derivation/ca/advanced-attributes-structured-attrs.drv +++ b/tests/functional/derivation/ca/advanced-attributes-structured-attrs.drv @@ -1 +1 @@ -Derive([("bin","","r:sha256",""),("dev","","r:sha256",""),("out","","r:sha256","")],[("/nix/store/spfzlnkwb1v8s62yvh8vj1apd1kwjr5f-foo.drv",["out"]),("/nix/store/x1vpzav565aqr7ccmkn0wv0svkm1qrbl-bar.drv",["out"])],[],"my-system","/bin/bash",["-c","echo hello > $out"],[("__json","{\"__darwinAllowLocalNetworking\":true,\"__impureHostDeps\":[\"/usr/bin/ditto\"],\"__noChroot\":true,\"__sandboxProfile\":\"sandcastle\",\"allowSubstitutes\":false,\"builder\":\"/bin/bash\",\"impureEnvVars\":[\"UNICORN\"],\"name\":\"advanced-attributes-structured-attrs\",\"outputChecks\":{\"bin\":{\"disallowedReferences\":[\"/05pdic30acaypbz73ivw4wlsi9whq08jxsimml2h0inwqya2hn99\"],\"disallowedRequisites\":[\"/05pdic30acaypbz73ivw4wlsi9whq08jxsimml2h0inwqya2hn99\"]},\"dev\":{\"maxClosureSize\":5909,\"maxSize\":789},\"out\":{\"allowedReferences\":[\"/08cr1k2yfw44g21w1h850285vqhsciy7y3siqjdzz1m9yvwlqfm8\"],\"allowedRequisites\":[\"/08cr1k2yfw44g21w1h850285vqhsciy7y3siqjdzz1m9yvwlqfm8\"]}},\"outputHashAlgo\":\"sha256\",\"outputHashMode\":\"recursive\",\"outputs\":[\"out\",\"bin\",\"dev\"],\"preferLocalBuild\":true,\"requiredSystemFeatures\":[\"rainbow\",\"uid-range\"],\"system\":\"my-system\"}"),("bin","/04f3da1kmbr67m3gzxikmsl4vjz5zf777sv6m14ahv22r65aac9m"),("dev","/02qcpld1y6xhs5gz9bchpxaw0xdhmsp5dv88lh25r2ss44kh8dxz"),("out","/1rz4g4znpzjwh1xymhjpm42vipw92pr73vdgl6xs1hycac8kf2n9")]) \ No newline at end of file +Derive([("bin","","r:sha256",""),("dev","","r:sha256",""),("out","","r:sha256","")],[("/nix/store/j56sf12rxpcv5swr14vsjn5cwm6bj03h-foo.drv",["dev","out"]),("/nix/store/qnml92yh97a6fbrs2m5qg5cqlc8vni58-bar.drv",["dev","out"])],[],"my-system","/bin/bash",["-c","echo hello > $out"],[("__json","{\"__darwinAllowLocalNetworking\":true,\"__impureHostDeps\":[\"/usr/bin/ditto\"],\"__noChroot\":true,\"__sandboxProfile\":\"sandcastle\",\"allowSubstitutes\":false,\"builder\":\"/bin/bash\",\"impureEnvVars\":[\"UNICORN\"],\"name\":\"advanced-attributes-structured-attrs\",\"outputChecks\":{\"bin\":{\"disallowedReferences\":[\"/0nyw57wm2iicnm9rglvjmbci3ikmcp823czdqdzdcgsnnwqps71g\"],\"disallowedRequisites\":[\"/07f301yqyz8c6wf6bbbavb2q39j4n8kmcly1s09xadyhgy6x2wr8\"]},\"dev\":{\"maxClosureSize\":5909,\"maxSize\":789},\"out\":{\"allowedReferences\":[\"/164j69y6zir9z0339n8pjigg3rckinlr77bxsavzizdaaljb7nh9\"],\"allowedRequisites\":[\"/0nr45p69vn6izw9446wsh9bng9nndhvn19kpsm4n96a5mycw0s4z\"]}},\"outputHashAlgo\":\"sha256\",\"outputHashMode\":\"recursive\",\"outputs\":[\"out\",\"bin\",\"dev\"],\"preferLocalBuild\":true,\"requiredSystemFeatures\":[\"rainbow\",\"uid-range\"],\"system\":\"my-system\"}"),("bin","/04f3da1kmbr67m3gzxikmsl4vjz5zf777sv6m14ahv22r65aac9m"),("dev","/02qcpld1y6xhs5gz9bchpxaw0xdhmsp5dv88lh25r2ss44kh8dxz"),("out","/1rz4g4znpzjwh1xymhjpm42vipw92pr73vdgl6xs1hycac8kf2n9")]) \ No newline at end of file diff --git a/tests/functional/derivation/ca/advanced-attributes.drv b/tests/functional/derivation/ca/advanced-attributes.drv index 343f895ca7a..dded6c62086 100644 --- a/tests/functional/derivation/ca/advanced-attributes.drv +++ b/tests/functional/derivation/ca/advanced-attributes.drv @@ -1 +1 @@ -Derive([("out","","r:sha256","")],[("/nix/store/spfzlnkwb1v8s62yvh8vj1apd1kwjr5f-foo.drv",["out"]),("/nix/store/x1vpzav565aqr7ccmkn0wv0svkm1qrbl-bar.drv",["out"])],[],"my-system","/bin/bash",["-c","echo hello > $out"],[("__darwinAllowLocalNetworking","1"),("__impureHostDeps","/usr/bin/ditto"),("__noChroot","1"),("__sandboxProfile","sandcastle"),("allowSubstitutes",""),("allowedReferences","/08cr1k2yfw44g21w1h850285vqhsciy7y3siqjdzz1m9yvwlqfm8"),("allowedRequisites","/08cr1k2yfw44g21w1h850285vqhsciy7y3siqjdzz1m9yvwlqfm8"),("builder","/bin/bash"),("disallowedReferences","/05pdic30acaypbz73ivw4wlsi9whq08jxsimml2h0inwqya2hn99"),("disallowedRequisites","/05pdic30acaypbz73ivw4wlsi9whq08jxsimml2h0inwqya2hn99"),("impureEnvVars","UNICORN"),("name","advanced-attributes"),("out","/1rz4g4znpzjwh1xymhjpm42vipw92pr73vdgl6xs1hycac8kf2n9"),("outputHashAlgo","sha256"),("outputHashMode","recursive"),("preferLocalBuild","1"),("requiredSystemFeatures","rainbow uid-range"),("system","my-system")]) \ No newline at end of file +Derive([("out","","r:sha256","")],[("/nix/store/j56sf12rxpcv5swr14vsjn5cwm6bj03h-foo.drv",["dev","out"]),("/nix/store/qnml92yh97a6fbrs2m5qg5cqlc8vni58-bar.drv",["dev","out"])],[],"my-system","/bin/bash",["-c","echo hello > $out"],[("__darwinAllowLocalNetworking","1"),("__impureHostDeps","/usr/bin/ditto"),("__noChroot","1"),("__sandboxProfile","sandcastle"),("allowSubstitutes",""),("allowedReferences","/164j69y6zir9z0339n8pjigg3rckinlr77bxsavzizdaaljb7nh9"),("allowedRequisites","/0nr45p69vn6izw9446wsh9bng9nndhvn19kpsm4n96a5mycw0s4z"),("builder","/bin/bash"),("disallowedReferences","/0nyw57wm2iicnm9rglvjmbci3ikmcp823czdqdzdcgsnnwqps71g"),("disallowedRequisites","/07f301yqyz8c6wf6bbbavb2q39j4n8kmcly1s09xadyhgy6x2wr8"),("impureEnvVars","UNICORN"),("name","advanced-attributes"),("out","/1rz4g4znpzjwh1xymhjpm42vipw92pr73vdgl6xs1hycac8kf2n9"),("outputHashAlgo","sha256"),("outputHashMode","recursive"),("preferLocalBuild","1"),("requiredSystemFeatures","rainbow uid-range"),("system","my-system")]) \ No newline at end of file diff --git a/tests/functional/derivation/ia/advanced-attributes-structured-attrs.drv b/tests/functional/derivation/ia/advanced-attributes-structured-attrs.drv index e47a41ad525..1560bca6645 100644 --- a/tests/functional/derivation/ia/advanced-attributes-structured-attrs.drv +++ b/tests/functional/derivation/ia/advanced-attributes-structured-attrs.drv @@ -1 +1 @@ -Derive([("bin","/nix/store/pbzb48v0ycf80jgligcp4n8z0rblna4n-advanced-attributes-structured-attrs-bin","",""),("dev","/nix/store/7xapi8jv7flcz1qq8jhw55ar8ag8hldh-advanced-attributes-structured-attrs-dev","",""),("out","/nix/store/mpq3l1l1qc2yr50q520g08kprprwv79f-advanced-attributes-structured-attrs","","")],[("/nix/store/4xm4wccqsvagz9gjksn24s7rip2fdy7v-foo.drv",["out"]),("/nix/store/plsq5jbr5nhgqwcgb2qxw7jchc09dnl8-bar.drv",["out"])],[],"my-system","/bin/bash",["-c","echo hello > $out"],[("__json","{\"__darwinAllowLocalNetworking\":true,\"__impureHostDeps\":[\"/usr/bin/ditto\"],\"__noChroot\":true,\"__sandboxProfile\":\"sandcastle\",\"allowSubstitutes\":false,\"builder\":\"/bin/bash\",\"impureEnvVars\":[\"UNICORN\"],\"name\":\"advanced-attributes-structured-attrs\",\"outputChecks\":{\"bin\":{\"disallowedReferences\":[\"/nix/store/7rhsm8i393hm1wcsmph782awg1hi2f7x-bar\"],\"disallowedRequisites\":[\"/nix/store/7rhsm8i393hm1wcsmph782awg1hi2f7x-bar\"]},\"dev\":{\"maxClosureSize\":5909,\"maxSize\":789},\"out\":{\"allowedReferences\":[\"/nix/store/3c08bzb71z4wiag719ipjxr277653ynp-foo\"],\"allowedRequisites\":[\"/nix/store/3c08bzb71z4wiag719ipjxr277653ynp-foo\"]}},\"outputs\":[\"out\",\"bin\",\"dev\"],\"preferLocalBuild\":true,\"requiredSystemFeatures\":[\"rainbow\",\"uid-range\"],\"system\":\"my-system\"}"),("bin","/nix/store/pbzb48v0ycf80jgligcp4n8z0rblna4n-advanced-attributes-structured-attrs-bin"),("dev","/nix/store/7xapi8jv7flcz1qq8jhw55ar8ag8hldh-advanced-attributes-structured-attrs-dev"),("out","/nix/store/mpq3l1l1qc2yr50q520g08kprprwv79f-advanced-attributes-structured-attrs")]) \ No newline at end of file +Derive([("bin","/nix/store/qjjj3zrlimpjbkk686m052b3ks9iz2sl-advanced-attributes-structured-attrs-bin","",""),("dev","/nix/store/lpz5grl48v93pdadavyg5is1rqvfdipf-advanced-attributes-structured-attrs-dev","",""),("out","/nix/store/nzvz1bmh1g89a5dkpqcqan0av7q3hgv3-advanced-attributes-structured-attrs","","")],[("/nix/store/afc3vbjbzql750v2lp8gxgaxsajphzih-foo.drv",["dev","out"]),("/nix/store/vj2i49jm2868j2fmqvxm70vlzmzvgv14-bar.drv",["dev","out"])],[],"my-system","/bin/bash",["-c","echo hello > $out"],[("__json","{\"__darwinAllowLocalNetworking\":true,\"__impureHostDeps\":[\"/usr/bin/ditto\"],\"__noChroot\":true,\"__sandboxProfile\":\"sandcastle\",\"allowSubstitutes\":false,\"builder\":\"/bin/bash\",\"impureEnvVars\":[\"UNICORN\"],\"name\":\"advanced-attributes-structured-attrs\",\"outputChecks\":{\"bin\":{\"disallowedReferences\":[\"/nix/store/r5cff30838majxk5mp3ip2diffi8vpaj-bar\"],\"disallowedRequisites\":[\"/nix/store/9b61w26b4avv870dw0ymb6rw4r1hzpws-bar-dev\"]},\"dev\":{\"maxClosureSize\":5909,\"maxSize\":789},\"out\":{\"allowedReferences\":[\"/nix/store/p0hax2lzvjpfc2gwkk62xdglz0fcqfzn-foo\"],\"allowedRequisites\":[\"/nix/store/z0rjzy29v9k5qa4nqpykrbzirj7sd43v-foo-dev\"]}},\"outputs\":[\"out\",\"bin\",\"dev\"],\"preferLocalBuild\":true,\"requiredSystemFeatures\":[\"rainbow\",\"uid-range\"],\"system\":\"my-system\"}"),("bin","/nix/store/qjjj3zrlimpjbkk686m052b3ks9iz2sl-advanced-attributes-structured-attrs-bin"),("dev","/nix/store/lpz5grl48v93pdadavyg5is1rqvfdipf-advanced-attributes-structured-attrs-dev"),("out","/nix/store/nzvz1bmh1g89a5dkpqcqan0av7q3hgv3-advanced-attributes-structured-attrs")]) \ No newline at end of file diff --git a/tests/functional/derivation/ia/advanced-attributes.drv b/tests/functional/derivation/ia/advanced-attributes.drv index ec3112ab2b1..2c5d5a6929c 100644 --- a/tests/functional/derivation/ia/advanced-attributes.drv +++ b/tests/functional/derivation/ia/advanced-attributes.drv @@ -1 +1 @@ -Derive([("out","/nix/store/33a6fdmn8q9ih9d7npbnrxn2q56a4l8q-advanced-attributes","","")],[("/nix/store/4xm4wccqsvagz9gjksn24s7rip2fdy7v-foo.drv",["out"]),("/nix/store/plsq5jbr5nhgqwcgb2qxw7jchc09dnl8-bar.drv",["out"])],[],"my-system","/bin/bash",["-c","echo hello > $out"],[("__darwinAllowLocalNetworking","1"),("__impureHostDeps","/usr/bin/ditto"),("__noChroot","1"),("__sandboxProfile","sandcastle"),("allowSubstitutes",""),("allowedReferences","/nix/store/3c08bzb71z4wiag719ipjxr277653ynp-foo"),("allowedRequisites","/nix/store/3c08bzb71z4wiag719ipjxr277653ynp-foo"),("builder","/bin/bash"),("disallowedReferences","/nix/store/7rhsm8i393hm1wcsmph782awg1hi2f7x-bar"),("disallowedRequisites","/nix/store/7rhsm8i393hm1wcsmph782awg1hi2f7x-bar"),("impureEnvVars","UNICORN"),("name","advanced-attributes"),("out","/nix/store/33a6fdmn8q9ih9d7npbnrxn2q56a4l8q-advanced-attributes"),("preferLocalBuild","1"),("requiredSystemFeatures","rainbow uid-range"),("system","my-system")]) \ No newline at end of file +Derive([("out","/nix/store/swkj0mrq0cq3dfli95v4am0427mi2hxf-advanced-attributes","","")],[("/nix/store/afc3vbjbzql750v2lp8gxgaxsajphzih-foo.drv",["dev","out"]),("/nix/store/vj2i49jm2868j2fmqvxm70vlzmzvgv14-bar.drv",["dev","out"])],[],"my-system","/bin/bash",["-c","echo hello > $out"],[("__darwinAllowLocalNetworking","1"),("__impureHostDeps","/usr/bin/ditto"),("__noChroot","1"),("__sandboxProfile","sandcastle"),("allowSubstitutes",""),("allowedReferences","/nix/store/p0hax2lzvjpfc2gwkk62xdglz0fcqfzn-foo"),("allowedRequisites","/nix/store/z0rjzy29v9k5qa4nqpykrbzirj7sd43v-foo-dev"),("builder","/bin/bash"),("disallowedReferences","/nix/store/r5cff30838majxk5mp3ip2diffi8vpaj-bar"),("disallowedRequisites","/nix/store/9b61w26b4avv870dw0ymb6rw4r1hzpws-bar-dev"),("impureEnvVars","UNICORN"),("name","advanced-attributes"),("out","/nix/store/swkj0mrq0cq3dfli95v4am0427mi2hxf-advanced-attributes"),("preferLocalBuild","1"),("requiredSystemFeatures","rainbow uid-range"),("system","my-system")]) \ No newline at end of file From 29ae14114e825fc563434e7a2c2e0445d7e2f50b Mon Sep 17 00:00:00 2001 From: John Ericson Date: Tue, 15 Apr 2025 11:54:11 -0400 Subject: [PATCH 485/815] Remove stray assignment side affect in lambda This was almost a bug! It wasn't simply because another assignment would clobber it later. (cherry picked from commit 32409dd7d750576153657beb075bb303840c0c3a) --- src/libstore/derivation-options.cc | 1 - 1 file changed, 1 deletion(-) diff --git a/src/libstore/derivation-options.cc b/src/libstore/derivation-options.cc index 962222f6d54..af3a319e978 100644 --- a/src/libstore/derivation-options.cc +++ b/src/libstore/derivation-options.cc @@ -68,7 +68,6 @@ DerivationOptions DerivationOptions::fromParsedDerivation(const ParsedDerivation throw Error("attribute '%s' must be a list of strings", name); res.insert(j->get()); } - checks.disallowedRequisites = res; return res; } return {}; From e5552070483866a6fe6bcca63b60450f8247106d Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 17 Apr 2025 14:00:24 +0200 Subject: [PATCH 486/815] Bump version --- .version | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.version b/.version index 0bd6cbc1ef5..1eb56ea3a72 100644 --- a/.version +++ b/.version @@ -1 +1 @@ -2.28.2 +2.28.3 From 43a26916c25fff151698a1721793e0097251d07b Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 18 Apr 2025 16:01:19 +0200 Subject: [PATCH 487/815] unsafeGetAttrPos: Set string context on store paths This is needed to devirtualize them when they get passed to a derivation or builtins.toFile. Arguably, since this builtin is unsafe, we could just ignore this, but we may as well do the correct thing. --- src/libexpr/eval.cc | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/src/libexpr/eval.cc b/src/libexpr/eval.cc index 12b11f1ac89..b898d8ef5ff 100644 --- a/src/libexpr/eval.cc +++ b/src/libexpr/eval.cc @@ -948,7 +948,16 @@ void EvalState::mkPos(Value & v, PosIdx p) auto origin = positions.originOf(p); if (auto path = std::get_if(&origin)) { auto attrs = buildBindings(3); - attrs.alloc(sFile).mkString(path->path.abs()); + if (path->accessor == rootFS && store->isInStore(path->path.abs())) + // FIXME: only do this for virtual store paths? + attrs.alloc(sFile).mkString(path->path.abs(), + { + NixStringContextElem::Opaque{ + .path = store->toStorePath(path->path.abs()).first + } + }); + else + attrs.alloc(sFile).mkString(path->path.abs()); makePositionThunks(*this, p, attrs.alloc(sLine), attrs.alloc(sColumn)); v.mkAttrs(attrs); } else From ff85b347b8bde159d91938b6c5ee3eb62274e360 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 23 Apr 2025 12:27:25 +0200 Subject: [PATCH 488/815] Temporarily run all flake regression tests --- .github/workflows/ci.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 87a14b4bca2..32ef50090dd 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -89,7 +89,7 @@ jobs: | ".#hydraJobs.tests." + .') flake_regressions: - if: github.event_name == 'merge_group' + #if: github.event_name == 'merge_group' needs: build_x86_64-linux runs-on: blacksmith-32vcpu-ubuntu-2204 steps: @@ -109,7 +109,7 @@ jobs: with: determinate: true - uses: DeterminateSystems/flakehub-cache-action@main - - run: nix build -L --out-link ./new-nix && PATH=$(pwd)/new-nix/bin:$PATH MAX_FLAKES=50 flake-regressions/eval-all.sh + - run: nix build -L --out-link ./new-nix && PATH=$(pwd)/new-nix/bin:$PATH flake-regressions/eval-all.sh manual: if: github.event_name != 'merge_group' From 182edb4dee637f37edfc1a027f1b95f30c66bc00 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 23 Apr 2025 13:52:22 +0200 Subject: [PATCH 489/815] Move mountInput into EvalState --- src/libexpr/include/nix/expr/eval.hh | 10 +++++ src/libexpr/paths.cc | 23 ++++++++++++ src/libexpr/primops/fetchTree.cc | 6 +-- src/libflake/flake/flake.cc | 50 ++++--------------------- src/libflake/include/nix/flake/flake.hh | 11 +----- src/nix/flake.cc | 6 +-- tests/functional/fetchGit.sh | 2 +- 7 files changed, 48 insertions(+), 60 deletions(-) diff --git a/src/libexpr/include/nix/expr/eval.hh b/src/libexpr/include/nix/expr/eval.hh index 3249b50a0ea..d82baddb153 100644 --- a/src/libexpr/include/nix/expr/eval.hh +++ b/src/libexpr/include/nix/expr/eval.hh @@ -36,6 +36,7 @@ class Store; namespace fetchers { struct Settings; struct InputCache; +struct Input; } struct EvalSettings; class EvalState; @@ -450,6 +451,15 @@ public: void checkURI(const std::string & uri); + /** + * Mount an input on the Nix store. + */ + StorePath mountInput( + fetchers::Input & input, + const fetchers::Input & originalInput, + ref accessor, + bool requireLockable); + /** * Parse a Nix expression from the specified file. */ diff --git a/src/libexpr/paths.cc b/src/libexpr/paths.cc index a27ebcae24d..8e1c68e9af8 100644 --- a/src/libexpr/paths.cc +++ b/src/libexpr/paths.cc @@ -67,4 +67,27 @@ std::string EvalState::computeBaseName(const SourcePath & path) return std::string(path.baseName()); } +StorePath EvalState::mountInput( + fetchers::Input & input, const fetchers::Input & originalInput, ref accessor, bool requireLockable) +{ + auto storePath = StorePath::random(input.getName()); + + allowPath(storePath); // FIXME: should just whitelist the entire virtual store + + storeFS->mount(CanonPath(store->printStorePath(storePath)), accessor); + + if (requireLockable && !input.isLocked() && !input.getNarHash()) { + auto narHash = accessor->hashPath(CanonPath::root); + input.attrs.insert_or_assign("narHash", narHash.to_string(HashFormat::SRI, true)); + } + + // FIXME: check NAR hash + +#if 0 + assert(!originalInput.getNarHash() || storePath == originalInput.computeStorePath(*store)); +#endif + + return storePath; +} + } diff --git a/src/libexpr/primops/fetchTree.cc b/src/libexpr/primops/fetchTree.cc index 5d41d65c11b..7dae30b6fe5 100644 --- a/src/libexpr/primops/fetchTree.cc +++ b/src/libexpr/primops/fetchTree.cc @@ -204,11 +204,7 @@ static void fetchTree( auto cachedInput = state.inputCache->getAccessor(state.store, input, false); - auto storePath = StorePath::random(input.getName()); - - state.allowPath(storePath); - - state.storeFS->mount(CanonPath(state.store->printStorePath(storePath)), cachedInput.accessor); + auto storePath = state.mountInput(cachedInput.lockedInput, input, cachedInput.accessor, true); emitTreeAttrs(state, storePath, cachedInput.lockedInput, v, params.emptyRevFallback, false); } diff --git a/src/libflake/flake/flake.cc b/src/libflake/flake/flake.cc index 299a7464090..2d3fd4e07c3 100644 --- a/src/libflake/flake/flake.cc +++ b/src/libflake/flake/flake.cc @@ -26,33 +26,6 @@ using namespace fetchers; namespace flake { -static StorePath mountInput( - EvalState & state, - fetchers::Input & input, - const fetchers::Input & originalInput, - ref accessor, - CopyMode copyMode) -{ - auto storePath = StorePath::random(input.getName()); - - state.allowPath(storePath); // FIXME: should just whitelist the entire virtual store - - state.storeFS->mount(CanonPath(state.store->printStorePath(storePath)), accessor); - - if (copyMode == CopyMode::RequireLockable && !input.isLocked() && !input.getNarHash()) { - auto narHash = accessor->hashPath(CanonPath::root); - input.attrs.insert_or_assign("narHash", narHash.to_string(HashFormat::SRI, true)); - } - - // FIXME: check NAR hash - - #if 0 - assert(!originalInput.getNarHash() || storePath == originalInput.computeStorePath(*state.store)); - #endif - - return storePath; -} - static void forceTrivialValue(EvalState & state, Value & value, const PosIdx pos) { if (value.isThunk() && value.isTrivial()) @@ -350,7 +323,7 @@ static Flake getFlake( const FlakeRef & originalRef, bool useRegistries, const InputAttrPath & lockRootAttrPath, - CopyMode copyMode) + bool requireLockable) { // Fetch a lazy tree first. auto cachedInput = state.inputCache->getAccessor(state.store, originalRef.input, useRegistries); @@ -376,13 +349,13 @@ static Flake getFlake( // Re-parse flake.nix from the store. return readFlake( state, originalRef, resolvedRef, lockedRef, - state.storePath(mountInput(state, lockedRef.input, originalRef.input, cachedInput.accessor, copyMode)), + state.storePath(state.mountInput(lockedRef.input, originalRef.input, cachedInput.accessor, requireLockable)), lockRootAttrPath); } -Flake getFlake(EvalState & state, const FlakeRef & originalRef, bool useRegistries, CopyMode copyMode) +Flake getFlake(EvalState & state, const FlakeRef & originalRef, bool useRegistries, bool requireLockable) { - return getFlake(state, originalRef, useRegistries, {}, copyMode); + return getFlake(state, originalRef, useRegistries, {}, requireLockable); } static LockFile readLockFile( @@ -404,7 +377,7 @@ LockedFlake lockFlake( { auto useRegistries = lockFlags.useRegistries.value_or(settings.useRegistries); - auto flake = getFlake(state, topRef, useRegistries, {}, lockFlags.copyMode); + auto flake = getFlake(state, topRef, useRegistries, {}, lockFlags.requireLockable); if (lockFlags.applyNixConfig) { flake.config.apply(settings); @@ -449,13 +422,6 @@ LockedFlake lockFlake( explicitCliOverrides.insert(i.first); } - /* For locking of inputs, we require at least a NAR - hash. I.e. we can't be fully lazy. */ - auto inputCopyMode = - lockFlags.copyMode == CopyMode::Lazy - ? CopyMode::RequireLockable - : lockFlags.copyMode; - LockFile newLockFile; std::vector parents; @@ -586,7 +552,7 @@ LockedFlake lockFlake( if (auto resolvedPath = resolveRelativePath()) { return readFlake(state, ref, ref, ref, *resolvedPath, inputAttrPath); } else { - return getFlake(state, ref, useRegistries, inputAttrPath, inputCopyMode); + return getFlake(state, ref, useRegistries, inputAttrPath, true); } }; @@ -739,7 +705,7 @@ LockedFlake lockFlake( auto lockedRef = FlakeRef(std::move(cachedInput.lockedInput), input.ref->subdir); return { - state.storePath(mountInput(state, lockedRef.input, input.ref->input, cachedInput.accessor, inputCopyMode)), + state.storePath(state.mountInput(lockedRef.input, input.ref->input, cachedInput.accessor, true)), lockedRef }; } @@ -851,7 +817,7 @@ LockedFlake lockFlake( repo, so we should re-read it. FIXME: we could also just clear the 'rev' field... */ auto prevLockedRef = flake.lockedRef; - flake = getFlake(state, topRef, useRegistries, lockFlags.copyMode); + flake = getFlake(state, topRef, useRegistries, lockFlags.requireLockable); if (lockFlags.commitLockFile && flake.lockedRef.input.getRev() && diff --git a/src/libflake/include/nix/flake/flake.hh b/src/libflake/include/nix/flake/flake.hh index 35398a306a6..1dd55d10768 100644 --- a/src/libflake/include/nix/flake/flake.hh +++ b/src/libflake/include/nix/flake/flake.hh @@ -115,18 +115,11 @@ struct Flake } }; -enum struct CopyMode { - //! Ensure that the input is locked or has a NAR hash. - RequireLockable, - //! Just return a lazy source accessor. - Lazy, -}; - Flake getFlake( EvalState & state, const FlakeRef & flakeRef, bool useRegistries, - CopyMode copyMode = CopyMode::RequireLockable); + bool requireLockable = true); /** * Fingerprint of a locked flake; used as a cache key. @@ -228,7 +221,7 @@ struct LockFlags /** * Whether to require a locked input. */ - CopyMode copyMode = CopyMode::RequireLockable; + bool requireLockable = true; }; LockedFlake lockFlake( diff --git a/src/nix/flake.cc b/src/nix/flake.cc index 26626b020f1..9f63fabc4a7 100644 --- a/src/nix/flake.cc +++ b/src/nix/flake.cc @@ -134,7 +134,7 @@ struct CmdFlakeUpdate : FlakeCommand lockFlags.recreateLockFile = updateAll; lockFlags.writeLockFile = true; lockFlags.applyNixConfig = true; - lockFlags.copyMode = CopyMode::Lazy; + lockFlags.requireLockable = false; lockFlake(); } @@ -167,7 +167,7 @@ struct CmdFlakeLock : FlakeCommand lockFlags.writeLockFile = true; lockFlags.failOnUnlocked = true; lockFlags.applyNixConfig = true; - lockFlags.copyMode = CopyMode::Lazy; + lockFlags.requireLockable = false; lockFlake(); } @@ -214,7 +214,7 @@ struct CmdFlakeMetadata : FlakeCommand, MixJSON void run(nix::ref store) override { - lockFlags.copyMode = CopyMode::Lazy; + lockFlags.requireLockable = false; auto lockedFlake = lockFlake(); auto & flake = lockedFlake.flake; diff --git a/tests/functional/fetchGit.sh b/tests/functional/fetchGit.sh index 283833e580e..baa09b60ba5 100755 --- a/tests/functional/fetchGit.sh +++ b/tests/functional/fetchGit.sh @@ -303,7 +303,7 @@ echo foo > "$empty/x" git -C "$empty" add x -[[ $(nix eval --impure --expr "builtins.removeAttrs (builtins.fetchGit $empty) [\"outPath\"]") = '{ lastModified = 0; lastModifiedDate = "19700101000000"; rev = "0000000000000000000000000000000000000000"; revCount = 0; shortRev = "0000000"; submodules = false; }' ]] +[[ $(nix eval --impure --expr "builtins.removeAttrs (builtins.fetchGit $empty) [\"outPath\"]") = '{ lastModified = 0; lastModifiedDate = "19700101000000"; narHash = "sha256-wzlAGjxKxpaWdqVhlq55q5Gxo4Bf860+kLeEa/v02As="; rev = "0000000000000000000000000000000000000000"; revCount = 0; shortRev = "0000000"; submodules = false; }' ]] # Test a repo with an empty commit. git -C "$empty" rm -f x From ba22a85a3592897272e9783227d0e3f539e76018 Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Sun, 20 Apr 2025 22:20:52 +0200 Subject: [PATCH 490/815] Fix pkgs.nixVersions and installTests ... by moving our stuff out of the way from upstream's `nixComponents` and `nixDependencies` attrsets. (I prefer not to use overlays, but let's make it work this way first) (cherry picked from commit b257ea94e32652b2f822f85e5b8e6a9524c47fe1) --- flake.nix | 36 +++++++++++----------- packaging/dev-shell.nix | 50 +++++++++++++++---------------- packaging/hydra.nix | 26 ++++++++-------- tests/nixos/default.nix | 2 +- tests/nixos/functional/common.nix | 4 +-- 5 files changed, 59 insertions(+), 59 deletions(-) diff --git a/flake.nix b/flake.nix index 674326925ba..a993648f259 100644 --- a/flake.nix +++ b/flake.nix @@ -143,14 +143,14 @@ # without "polluting" the top level "`pkgs`" attrset. # This also has the benefit of providing us with a distinct set of packages # we can iterate over. - nixComponents = + nixComponents2 = lib.makeScopeWithSplicing' { inherit (final) splicePackages; - inherit (final.nixDependencies) newScope; + inherit (final.nixDependencies2) newScope; } { - otherSplices = final.generateSplicesForMkScope "nixComponents"; + otherSplices = final.generateSplicesForMkScope "nixComponents2"; f = import ./packaging/components.nix { inherit (final) lib; inherit officialRelease; @@ -161,22 +161,22 @@ }; # The dependencies are in their own scope, so that they don't have to be - # in Nixpkgs top level `pkgs` or `nixComponents`. - nixDependencies = + # in Nixpkgs top level `pkgs` or `nixComponents2`. + nixDependencies2 = lib.makeScopeWithSplicing' { inherit (final) splicePackages; - inherit (final) newScope; # layered directly on pkgs, unlike nixComponents above + inherit (final) newScope; # layered directly on pkgs, unlike nixComponents2 above } { - otherSplices = final.generateSplicesForMkScope "nixDependencies"; + otherSplices = final.generateSplicesForMkScope "nixDependencies2"; f = import ./packaging/dependencies.nix { inherit inputs stdenv; pkgs = final; }; }; - nix = final.nixComponents.nix-cli; + nix = final.nixComponents2.nix-cli; # See https://github.com/NixOS/nixpkgs/pull/214409 # Remove when fixed in this flake's nixpkgs @@ -277,7 +277,7 @@ # memory leaks with detect_leaks=0. "" = rec { nixpkgs = nixpkgsFor.${system}.native; - nixComponents = nixpkgs.nixComponents.overrideScope ( + nixComponents = nixpkgs.nixComponents2.overrideScope ( nixCompFinal: nixCompPrev: { mesonComponentOverrides = _finalAttrs: prevAttrs: { mesonFlags = @@ -305,7 +305,7 @@ nixpkgsPrefix: { nixpkgs, - nixComponents ? nixpkgs.nixComponents, + nixComponents ? nixpkgs.nixComponents2, }: flatMapAttrs nixComponents ( pkgName: pkg: @@ -335,9 +335,9 @@ binaryTarball = self.hydraJobs.binaryTarball.${system}; # TODO probably should be `nix-cli` nix = self.packages.${system}.nix-everything; - nix-manual = nixpkgsFor.${system}.native.nixComponents.nix-manual; - nix-internal-api-docs = nixpkgsFor.${system}.native.nixComponents.nix-internal-api-docs; - nix-external-api-docs = nixpkgsFor.${system}.native.nixComponents.nix-external-api-docs; + nix-manual = nixpkgsFor.${system}.native.nixComponents2.nix-manual; + nix-internal-api-docs = nixpkgsFor.${system}.native.nixComponents2.nix-internal-api-docs; + nix-external-api-docs = nixpkgsFor.${system}.native.nixComponents2.nix-external-api-docs; } # We need to flatten recursive attribute sets of derivations to pass `flake check`. // @@ -389,9 +389,9 @@ }: { # These attributes go right into `packages.`. - "${pkgName}" = nixpkgsFor.${system}.native.nixComponents.${pkgName}; - "${pkgName}-static" = nixpkgsFor.${system}.native.pkgsStatic.nixComponents.${pkgName}; - "${pkgName}-llvm" = nixpkgsFor.${system}.native.pkgsLLVM.nixComponents.${pkgName}; + "${pkgName}" = nixpkgsFor.${system}.native.nixComponents2.${pkgName}; + "${pkgName}-static" = nixpkgsFor.${system}.native.pkgsStatic.nixComponents2.${pkgName}; + "${pkgName}-llvm" = nixpkgsFor.${system}.native.pkgsLLVM.nixComponents2.${pkgName}; } // lib.optionalAttrs supportsCross ( flatMapAttrs (lib.genAttrs crossSystems (_: { })) ( @@ -399,7 +399,7 @@ { }: { # These attributes go right into `packages.`. - "${pkgName}-${crossSystem}" = nixpkgsFor.${system}.cross.${crossSystem}.nixComponents.${pkgName}; + "${pkgName}-${crossSystem}" = nixpkgsFor.${system}.cross.${crossSystem}.nixComponents2.${pkgName}; } ) ) @@ -409,7 +409,7 @@ { # These attributes go right into `packages.`. "${pkgName}-${stdenvName}" = - nixpkgsFor.${system}.nativeForStdenv.${stdenvName}.nixComponents.${pkgName}; + nixpkgsFor.${system}.nativeForStdenv.${stdenvName}.nixComponents2.${pkgName}; } ) ) diff --git a/packaging/dev-shell.nix b/packaging/dev-shell.nix index e824ebf71b4..f9b19c3c428 100644 --- a/packaging/dev-shell.nix +++ b/packaging/dev-shell.nix @@ -5,11 +5,11 @@ { pkgs }: -pkgs.nixComponents.nix-util.overrideAttrs ( +pkgs.nixComponents2.nix-util.overrideAttrs ( attrs: let - stdenv = pkgs.nixDependencies.stdenv; + stdenv = pkgs.nixDependencies2.stdenv; buildCanExecuteHost = stdenv.buildPlatform.canExecute stdenv.hostPlatform; modular = devFlake.getSystem stdenv.buildPlatform.system; transformFlag = @@ -79,26 +79,26 @@ pkgs.nixComponents.nix-util.overrideAttrs ( }; mesonFlags = - map (transformFlag "libutil") (ignoreCrossFile pkgs.nixComponents.nix-util.mesonFlags) - ++ map (transformFlag "libstore") (ignoreCrossFile pkgs.nixComponents.nix-store.mesonFlags) - ++ map (transformFlag "libfetchers") (ignoreCrossFile pkgs.nixComponents.nix-fetchers.mesonFlags) + map (transformFlag "libutil") (ignoreCrossFile pkgs.nixComponents2.nix-util.mesonFlags) + ++ map (transformFlag "libstore") (ignoreCrossFile pkgs.nixComponents2.nix-store.mesonFlags) + ++ map (transformFlag "libfetchers") (ignoreCrossFile pkgs.nixComponents2.nix-fetchers.mesonFlags) ++ lib.optionals havePerl ( - map (transformFlag "perl") (ignoreCrossFile pkgs.nixComponents.nix-perl-bindings.mesonFlags) + map (transformFlag "perl") (ignoreCrossFile pkgs.nixComponents2.nix-perl-bindings.mesonFlags) ) - ++ map (transformFlag "libexpr") (ignoreCrossFile pkgs.nixComponents.nix-expr.mesonFlags) - ++ map (transformFlag "libcmd") (ignoreCrossFile pkgs.nixComponents.nix-cmd.mesonFlags); + ++ map (transformFlag "libexpr") (ignoreCrossFile pkgs.nixComponents2.nix-expr.mesonFlags) + ++ map (transformFlag "libcmd") (ignoreCrossFile pkgs.nixComponents2.nix-cmd.mesonFlags); nativeBuildInputs = attrs.nativeBuildInputs or [ ] - ++ pkgs.nixComponents.nix-util.nativeBuildInputs - ++ pkgs.nixComponents.nix-store.nativeBuildInputs - ++ pkgs.nixComponents.nix-fetchers.nativeBuildInputs - ++ pkgs.nixComponents.nix-expr.nativeBuildInputs - ++ lib.optionals havePerl pkgs.nixComponents.nix-perl-bindings.nativeBuildInputs - ++ lib.optionals buildCanExecuteHost pkgs.nixComponents.nix-manual.externalNativeBuildInputs - ++ pkgs.nixComponents.nix-internal-api-docs.nativeBuildInputs - ++ pkgs.nixComponents.nix-external-api-docs.nativeBuildInputs - ++ pkgs.nixComponents.nix-functional-tests.externalNativeBuildInputs + ++ pkgs.nixComponents2.nix-util.nativeBuildInputs + ++ pkgs.nixComponents2.nix-store.nativeBuildInputs + ++ pkgs.nixComponents2.nix-fetchers.nativeBuildInputs + ++ pkgs.nixComponents2.nix-expr.nativeBuildInputs + ++ lib.optionals havePerl pkgs.nixComponents2.nix-perl-bindings.nativeBuildInputs + ++ lib.optionals buildCanExecuteHost pkgs.nixComponents2.nix-manual.externalNativeBuildInputs + ++ pkgs.nixComponents2.nix-internal-api-docs.nativeBuildInputs + ++ pkgs.nixComponents2.nix-external-api-docs.nativeBuildInputs + ++ pkgs.nixComponents2.nix-functional-tests.externalNativeBuildInputs ++ lib.optional ( !buildCanExecuteHost # Hack around https://github.com/nixos/nixpkgs/commit/bf7ad8cfbfa102a90463433e2c5027573b462479 @@ -123,14 +123,14 @@ pkgs.nixComponents.nix-util.overrideAttrs ( buildInputs = attrs.buildInputs or [ ] - ++ pkgs.nixComponents.nix-util.buildInputs - ++ pkgs.nixComponents.nix-store.buildInputs - ++ pkgs.nixComponents.nix-store-tests.externalBuildInputs - ++ pkgs.nixComponents.nix-fetchers.buildInputs - ++ pkgs.nixComponents.nix-expr.buildInputs - ++ pkgs.nixComponents.nix-expr.externalPropagatedBuildInputs - ++ pkgs.nixComponents.nix-cmd.buildInputs - ++ lib.optionals havePerl pkgs.nixComponents.nix-perl-bindings.externalBuildInputs + ++ pkgs.nixComponents2.nix-util.buildInputs + ++ pkgs.nixComponents2.nix-store.buildInputs + ++ pkgs.nixComponents2.nix-store-tests.externalBuildInputs + ++ pkgs.nixComponents2.nix-fetchers.buildInputs + ++ pkgs.nixComponents2.nix-expr.buildInputs + ++ pkgs.nixComponents2.nix-expr.externalPropagatedBuildInputs + ++ pkgs.nixComponents2.nix-cmd.buildInputs + ++ lib.optionals havePerl pkgs.nixComponents2.nix-perl-bindings.externalBuildInputs ++ lib.optional havePerl pkgs.perl; } ) diff --git a/packaging/hydra.nix b/packaging/hydra.nix index 74e245f26c5..fa126115fde 100644 --- a/packaging/hydra.nix +++ b/packaging/hydra.nix @@ -19,14 +19,14 @@ let testNixVersions = pkgs: daemon: - pkgs.nixComponents.nix-functional-tests.override { + pkgs.nixComponents2.nix-functional-tests.override { pname = "nix-daemon-compat-tests"; version = "${pkgs.nix.version}-with-daemon-${daemon.version}"; test-daemon = daemon; }; - # Technically we could just return `pkgs.nixComponents`, but for Hydra it's + # Technically we could just return `pkgs.nixComponents2`, but for Hydra it's # convention to transpose it, and to transpose it efficiently, we need to # enumerate them manually, so that we don't evaluate unnecessary package sets. # See listingIsComplete below. @@ -85,7 +85,7 @@ in } (_: null); actualPkgs = lib.concatMapAttrs ( k: v: if lib.strings.hasPrefix "nix-" k then { ${k} = null; } else { } - ) nixpkgsFor.${arbitrarySystem}.native.nixComponents; + ) nixpkgsFor.${arbitrarySystem}.native.nixComponents2; diff = lib.concatStringsSep "\n" ( lib.concatLists ( lib.mapAttrsToList ( @@ -111,7 +111,7 @@ in # Binary package for various platforms. build = forAllPackages ( - pkgName: forAllSystems (system: nixpkgsFor.${system}.native.nixComponents.${pkgName}) + pkgName: forAllSystems (system: nixpkgsFor.${system}.native.nixComponents2.${pkgName}) ); shellInputs = removeAttrs (forAllSystems ( @@ -121,7 +121,7 @@ in buildStatic = forAllPackages ( pkgName: lib.genAttrs linux64BitSystems ( - system: nixpkgsFor.${system}.native.pkgsStatic.nixComponents.${pkgName} + system: nixpkgsFor.${system}.native.pkgsStatic.nixComponents2.${pkgName} ) ); @@ -138,7 +138,7 @@ in forAllCrossSystems ( crossSystem: lib.genAttrs [ "x86_64-linux" ] ( - system: nixpkgsFor.${system}.cross.${crossSystem}.nixComponents.${pkgName} + system: nixpkgsFor.${system}.cross.${crossSystem}.nixComponents2.${pkgName} ) ) ) @@ -148,7 +148,7 @@ in let components = forAllSystems ( system: - nixpkgsFor.${system}.native.nixComponents.overrideScope ( + nixpkgsFor.${system}.native.nixComponents2.overrideScope ( self: super: { nix-expr = super.nix-expr.override { enableGC = false; }; } @@ -157,7 +157,7 @@ in in forAllPackages (pkgName: forAllSystems (system: components.${system}.${pkgName})); - buildNoTests = forAllSystems (system: nixpkgsFor.${system}.native.nixComponents.nix-cli); + buildNoTests = forAllSystems (system: nixpkgsFor.${system}.native.nixComponents2.nix-cli); # Toggles some settings for better coverage. Windows needs these # library combinations, and Debian build Nix with GNU readline too. @@ -165,7 +165,7 @@ in let components = forAllSystems ( system: - nixpkgsFor.${system}.native.nixComponents.overrideScope ( + nixpkgsFor.${system}.native.nixComponents2.overrideScope ( self: super: { nix-cmd = super.nix-cmd.override { enableMarkdown = false; @@ -178,7 +178,7 @@ in forAllPackages (pkgName: forAllSystems (system: components.${system}.${pkgName})); # Perl bindings for various platforms. - perlBindings = forAllSystems (system: nixpkgsFor.${system}.native.nixComponents.nix-perl-bindings); + perlBindings = forAllSystems (system: nixpkgsFor.${system}.native.nixComponents2.nix-perl-bindings); # Binary tarball for various platforms, containing a Nix store # with the closure of 'nix' package, and the second half of @@ -228,13 +228,13 @@ in # }; # Nix's manual - manual = nixpkgsFor.x86_64-linux.native.nixComponents.nix-manual; + manual = nixpkgsFor.x86_64-linux.native.nixComponents2.nix-manual; # API docs for Nix's unstable internal C++ interfaces. - internal-api-docs = nixpkgsFor.x86_64-linux.native.nixComponents.nix-internal-api-docs; + internal-api-docs = nixpkgsFor.x86_64-linux.native.nixComponents2.nix-internal-api-docs; # API docs for Nix's C bindings. - external-api-docs = nixpkgsFor.x86_64-linux.native.nixComponents.nix-external-api-docs; + external-api-docs = nixpkgsFor.x86_64-linux.native.nixComponents2.nix-external-api-docs; # System tests. tests = diff --git a/tests/nixos/default.nix b/tests/nixos/default.nix index 92f89d8dbca..3e2d20a715f 100644 --- a/tests/nixos/default.nix +++ b/tests/nixos/default.nix @@ -31,7 +31,7 @@ let nixpkgs.pkgs = nixpkgsFor.${system}.native; nix.checkAllErrors = false; # TODO: decide which packaging stage to use. `nix-cli` is efficient, but not the same as the user-facing `everything.nix` package (`default`). Perhaps a good compromise is `everything.nix` + `noTests` defined above? - nix.package = nixpkgsFor.${system}.native.nixComponents.nix-cli; + nix.package = nixpkgsFor.${system}.native.nixComponents2.nix-cli; # Evaluate VMs faster documentation.enable = false; diff --git a/tests/nixos/functional/common.nix b/tests/nixos/functional/common.nix index f3cab47259b..a2067c07dfb 100644 --- a/tests/nixos/functional/common.nix +++ b/tests/nixos/functional/common.nix @@ -49,11 +49,11 @@ in cd ~ - cp -r ${pkgs.nixComponents.nix-functional-tests.src} nix + cp -r ${pkgs.nixComponents2.nix-functional-tests.src} nix chmod -R +w nix chmod u+w nix/.version - echo ${pkgs.nixComponents.version} > nix/.version + echo ${pkgs.nixComponents2.version} > nix/.version export isTestOnNixOS=1 From f666ec3837a8f4f079843213c2e23eec7d4a941f Mon Sep 17 00:00:00 2001 From: John Ericson Date: Sun, 20 Apr 2025 17:20:54 -0400 Subject: [PATCH 491/815] Explain the use of "2" in the overlay Co-authored-by: Robert Hensing (cherry picked from commit ef368068984feb73bae4fef5ecef5c9419a5a4de) --- flake.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/flake.nix b/flake.nix index a993648f259..4177595c3ff 100644 --- a/flake.nix +++ b/flake.nix @@ -143,6 +143,7 @@ # without "polluting" the top level "`pkgs`" attrset. # This also has the benefit of providing us with a distinct set of packages # we can iterate over. + # The `2` suffix is here because otherwise it interferes with `nixVersions.latest`, which is used in daemon compat tests. nixComponents2 = lib.makeScopeWithSplicing' { @@ -162,6 +163,7 @@ # The dependencies are in their own scope, so that they don't have to be # in Nixpkgs top level `pkgs` or `nixComponents2`. + # The `2` suffix is here because otherwise it interferes with `nixVersions.latest`, which is used in daemon compat tests. nixDependencies2 = lib.makeScopeWithSplicing' { From d3c79e2b1379ad747a61d708b780d0daec11da32 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 23 Apr 2025 17:50:45 +0200 Subject: [PATCH 492/815] Don't build MonitorFdHup on Windows https://hydra.nixos.org/build/295398462 (cherry picked from commit a9b62132210beadbd3905e42260b85bec7205de1) --- src/libutil-tests/monitorfdhup.cc | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/src/libutil-tests/monitorfdhup.cc b/src/libutil-tests/monitorfdhup.cc index f9da4022da1..8e6fed6f07c 100644 --- a/src/libutil-tests/monitorfdhup.cc +++ b/src/libutil-tests/monitorfdhup.cc @@ -1,8 +1,10 @@ -#include "nix/util/util.hh" -#include "nix/util/monitor-fd.hh" +#ifndef _WIN32 -#include -#include +# include "nix/util/util.hh" +# include "nix/util/monitor-fd.hh" + +# include +# include namespace nix { TEST(MonitorFdHup, shouldNotBlock) @@ -16,3 +18,5 @@ TEST(MonitorFdHup, shouldNotBlock) } } } + +#endif From 5a2ee1b9520ebb6fbb033a033558b181bcb8f411 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 23 Apr 2025 17:11:55 +0200 Subject: [PATCH 493/815] Move libflake/flake/* to libflake (cherry picked from commit bc67e47298022d6d0bcc270421b01e0697d63030) --- maintainers/flake-module.nix | 10 +++++----- src/libflake/{flake => }/config.cc | 0 src/libflake/{flake => }/flake-primops.cc | 0 src/libflake/{flake => }/flake.cc | 0 src/libflake/{flake => }/flakeref.cc | 0 src/libflake/{flake => }/lockfile.cc | 0 src/libflake/meson.build | 14 +++++++------- src/libflake/{flake => }/settings.cc | 0 src/libflake/{flake => }/url-name.cc | 0 9 files changed, 12 insertions(+), 12 deletions(-) rename src/libflake/{flake => }/config.cc (100%) rename src/libflake/{flake => }/flake-primops.cc (100%) rename src/libflake/{flake => }/flake.cc (100%) rename src/libflake/{flake => }/flakeref.cc (100%) rename src/libflake/{flake => }/lockfile.cc (100%) rename src/libflake/{flake => }/settings.cc (100%) rename src/libflake/{flake => }/url-name.cc (100%) diff --git a/maintainers/flake-module.nix b/maintainers/flake-module.nix index a8c52eb4672..ff40b09d1d3 100644 --- a/maintainers/flake-module.nix +++ b/maintainers/flake-module.nix @@ -172,14 +172,14 @@ ''^src/libfetchers/include/nix/fetchers/tarball\.hh$'' ''^src/libfetchers/git\.cc$'' ''^src/libfetchers/mercurial\.cc$'' - ''^src/libflake/flake/config\.cc$'' - ''^src/libflake/flake/flake\.cc$'' + ''^src/libflake/config\.cc$'' + ''^src/libflake/flake\.cc$'' ''^src/libflake/include/nix/flake/flake\.hh$'' - ''^src/libflake/flake/flakeref\.cc$'' + ''^src/libflake/flakeref\.cc$'' ''^src/libflake/include/nix/flake/flakeref\.hh$'' - ''^src/libflake/flake/lockfile\.cc$'' + ''^src/libflake/lockfile\.cc$'' ''^src/libflake/include/nix/flake/lockfile\.hh$'' - ''^src/libflake/flake/url-name\.cc$'' + ''^src/libflake/url-name\.cc$'' ''^src/libmain/common-args\.cc$'' ''^src/libmain/include/nix/main/common-args\.hh$'' ''^src/libmain/loggers\.cc$'' diff --git a/src/libflake/flake/config.cc b/src/libflake/config.cc similarity index 100% rename from src/libflake/flake/config.cc rename to src/libflake/config.cc diff --git a/src/libflake/flake/flake-primops.cc b/src/libflake/flake-primops.cc similarity index 100% rename from src/libflake/flake/flake-primops.cc rename to src/libflake/flake-primops.cc diff --git a/src/libflake/flake/flake.cc b/src/libflake/flake.cc similarity index 100% rename from src/libflake/flake/flake.cc rename to src/libflake/flake.cc diff --git a/src/libflake/flake/flakeref.cc b/src/libflake/flakeref.cc similarity index 100% rename from src/libflake/flake/flakeref.cc rename to src/libflake/flakeref.cc diff --git a/src/libflake/flake/lockfile.cc b/src/libflake/lockfile.cc similarity index 100% rename from src/libflake/flake/lockfile.cc rename to src/libflake/lockfile.cc diff --git a/src/libflake/meson.build b/src/libflake/meson.build index f4c034490fd..bc8533e1518 100644 --- a/src/libflake/meson.build +++ b/src/libflake/meson.build @@ -39,13 +39,13 @@ foreach header : [ endforeach sources = files( - 'flake/config.cc', - 'flake/flake.cc', - 'flake/flakeref.cc', - 'flake/lockfile.cc', - 'flake/flake-primops.cc', - 'flake/settings.cc', - 'flake/url-name.cc', + 'config.cc', + 'flake.cc', + 'flakeref.cc', + 'lockfile.cc', + 'flake-primops.cc', + 'settings.cc', + 'url-name.cc', ) subdir('include/nix/flake') diff --git a/src/libflake/flake/settings.cc b/src/libflake/settings.cc similarity index 100% rename from src/libflake/flake/settings.cc rename to src/libflake/settings.cc diff --git a/src/libflake/flake/url-name.cc b/src/libflake/url-name.cc similarity index 100% rename from src/libflake/flake/url-name.cc rename to src/libflake/url-name.cc From d74acf195427c9d28a0beaa070d0320b185489d7 Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Wed, 23 Apr 2025 20:54:53 -0400 Subject: [PATCH 494/815] Hide the "dirty" notice when running nix develop In the common case, nix develop is running against a dirty checkout of a project. This patch removes the warning about a dirty tree on nix develop only. Close FH-736 --- src/libcmd/include/nix/cmd/command.hh | 2 ++ src/libcmd/installables.cc | 5 +++++ src/nix/develop.cc | 6 ++++++ 3 files changed, 13 insertions(+) diff --git a/src/libcmd/include/nix/cmd/command.hh b/src/libcmd/include/nix/cmd/command.hh index 6b6418f51e5..11981a76995 100644 --- a/src/libcmd/include/nix/cmd/command.hh +++ b/src/libcmd/include/nix/cmd/command.hh @@ -214,6 +214,8 @@ struct InstallableCommand : virtual Args, SourceExprCommand { InstallableCommand(); + virtual void preRun(ref store); + virtual void run(ref store, ref installable) = 0; void run(ref store) override; diff --git a/src/libcmd/installables.cc b/src/libcmd/installables.cc index edfe8c15ad0..1047f94f1f9 100644 --- a/src/libcmd/installables.cc +++ b/src/libcmd/installables.cc @@ -903,8 +903,13 @@ InstallableCommand::InstallableCommand() }); } +void InstallableCommand::preRun(ref store) +{ +} + void InstallableCommand::run(ref store) { + preRun(store); auto installable = parseInstallable(store, _installable); run(store, std::move(installable)); } diff --git a/src/nix/develop.cc b/src/nix/develop.cc index 00572697aee..02947ff4181 100644 --- a/src/nix/develop.cc +++ b/src/nix/develop.cc @@ -1,5 +1,6 @@ #include "nix/util/config-global.hh" #include "nix/expr/eval.hh" +#include "nix/fetchers/fetch-settings.hh" #include "nix/cmd/installable-flake.hh" #include "nix/cmd/command-installable-value.hh" #include "nix/main/common-args.hh" @@ -583,6 +584,11 @@ struct CmdDevelop : Common, MixEnvironment ; } + void preRun(ref store) override + { + fetchSettings.warnDirty = false; + } + void run(ref store, ref installable) override { auto [buildEnvironment, gcroot] = getBuildEnvironment(store, installable); From 04fcc879e6b13373a144b68df1c035e7adf53226 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Thu, 24 Apr 2025 11:28:02 +0200 Subject: [PATCH 495/815] Revert "Actually ignore system/user registries during locking" This reverts commit 77d4316353deaf8f429025738891b625eb0b5d8a. (cherry picked from commit 3b5f0d9fb3af870b832bdcadcf8080649bcd0cd5) --- src/libflake/flakeref.cc | 2 +- tests/functional/flakes/flakes.sh | 7 ------- 2 files changed, 1 insertion(+), 8 deletions(-) diff --git a/src/libflake/flakeref.cc b/src/libflake/flakeref.cc index 1580c284641..6e95eb76759 100644 --- a/src/libflake/flakeref.cc +++ b/src/libflake/flakeref.cc @@ -39,7 +39,7 @@ FlakeRef FlakeRef::resolve( ref store, const fetchers::RegistryFilter & filter) const { - auto [input2, extraAttrs] = lookupInRegistries(store, input, filter); + auto [input2, extraAttrs] = lookupInRegistries(store, input); return FlakeRef(std::move(input2), fetchers::maybeGetStrAttr(extraAttrs, "dir").value_or(subdir)); } diff --git a/tests/functional/flakes/flakes.sh b/tests/functional/flakes/flakes.sh index b67a0964aef..d8c9f254d15 100755 --- a/tests/functional/flakes/flakes.sh +++ b/tests/functional/flakes/flakes.sh @@ -220,13 +220,6 @@ nix store gc nix registry list --flake-registry "file://$registry" --refresh | grepQuiet flake3 mv "$registry.tmp" "$registry" -# Ensure that locking ignores the user registry. -mkdir -p "$TEST_HOME/.config/nix" -ln -sfn "$registry" "$TEST_HOME/.config/nix/registry.json" -nix flake metadata flake1 -expectStderr 1 nix flake update --flake-registry '' --flake "$flake3Dir" | grepQuiet "cannot find flake 'flake:flake1' in the flake registries" -rm "$TEST_HOME/.config/nix/registry.json" - # Test whether flakes are registered as GC roots for offline use. # FIXME: use tarballs rather than git. rm -rf "$TEST_HOME/.cache" From cecbb2b22c22aaf53251631cb929900c5b24312a Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Wed, 23 Apr 2025 20:38:59 -0400 Subject: [PATCH 496/815] Improve the "dirty" message, by clarifying what the jargon means FH-735 --- src/libfetchers/git.cc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/libfetchers/git.cc b/src/libfetchers/git.cc index 9a0b8c65a35..ef74397ff90 100644 --- a/src/libfetchers/git.cc +++ b/src/libfetchers/git.cc @@ -393,10 +393,10 @@ struct GitInputScheme : InputScheme { if (workdirInfo.isDirty) { if (!settings.allowDirty) - throw Error("Git tree '%s' is dirty", locationToArg()); + throw Error("Git tree '%s' has uncommitted changes", locationToArg()); if (settings.warnDirty) - warn("Git tree '%s' is dirty", locationToArg()); + warn("Git tree '%s' has uncommitted changes", locationToArg()); } } From 9d87ab1dc8b3e200c01e04e5fb6c8381b9a04301 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 24 Apr 2025 16:03:49 +0200 Subject: [PATCH 497/815] Add a setting to enable lazy trees --- src/libexpr/include/nix/expr/eval-settings.hh | 5 +++++ src/libexpr/paths.cc | 11 +++++------ tests/functional/flakes/flakes.sh | 3 ++- tests/functional/flakes/unlocked-override.sh | 3 ++- 4 files changed, 14 insertions(+), 8 deletions(-) diff --git a/src/libexpr/include/nix/expr/eval-settings.hh b/src/libexpr/include/nix/expr/eval-settings.hh index fb482568a57..6e5bbca202e 100644 --- a/src/libexpr/include/nix/expr/eval-settings.hh +++ b/src/libexpr/include/nix/expr/eval-settings.hh @@ -247,6 +247,11 @@ struct EvalSettings : Config This option can be enabled by setting `NIX_ABORT_ON_WARN=1` in the environment. )"}; + + Setting lazyTrees{this, false, "lazy-trees", + R"( + If set to true, flakes and trees fetched by [`builtins.fetchTree`](@docroot@/language/builtins.md#builtins-fetchTree) are only copied to the Nix store when they're used as a dependency of a derivation. This avoids copying (potentially large) source trees unnecessarily. + )"}; }; /** diff --git a/src/libexpr/paths.cc b/src/libexpr/paths.cc index 8e1c68e9af8..4519626362e 100644 --- a/src/libexpr/paths.cc +++ b/src/libexpr/paths.cc @@ -70,7 +70,8 @@ std::string EvalState::computeBaseName(const SourcePath & path) StorePath EvalState::mountInput( fetchers::Input & input, const fetchers::Input & originalInput, ref accessor, bool requireLockable) { - auto storePath = StorePath::random(input.getName()); + auto storePath = settings.lazyTrees ? StorePath::random(input.getName()) + : fetchToStore(*store, accessor, FetchMode::Copy, input.getName()); allowPath(storePath); // FIXME: should just whitelist the entire virtual store @@ -81,11 +82,9 @@ StorePath EvalState::mountInput( input.attrs.insert_or_assign("narHash", narHash.to_string(HashFormat::SRI, true)); } - // FIXME: check NAR hash - -#if 0 - assert(!originalInput.getNarHash() || storePath == originalInput.computeStorePath(*store)); -#endif + // FIXME: what to do with the NAR hash in lazy mode? + if (!settings.lazyTrees) + assert(!originalInput.getNarHash() || storePath == originalInput.computeStorePath(*store)); return storePath; } diff --git a/tests/functional/flakes/flakes.sh b/tests/functional/flakes/flakes.sh index 0fcdf0b30c7..c8cd5f13829 100755 --- a/tests/functional/flakes/flakes.sh +++ b/tests/functional/flakes/flakes.sh @@ -75,7 +75,8 @@ hash1=$(echo "$json" | jq -r .revision) echo foo > "$flake1Dir/foo" git -C "$flake1Dir" add $flake1Dir/foo -[[ $(_NIX_TEST_FAIL_ON_LARGE_PATH=1 nix flake metadata flake1 --json --refresh --warn-large-path-threshold 1 | jq -r .dirtyRevision) == "$hash1-dirty" ]] +[[ $(nix flake metadata flake1 --json --refresh | jq -r .dirtyRevision) == "$hash1-dirty" ]] +#[[ $(_NIX_TEST_FAIL_ON_LARGE_PATH=1 nix flake metadata flake1 --json --refresh --warn-large-path-threshold 1 | jq -r .dirtyRevision) == "$hash1-dirty" ]] [[ "$(nix flake metadata flake1 --json | jq -r .fingerprint)" != null ]] echo -n '# foo' >> "$flake1Dir/flake.nix" diff --git a/tests/functional/flakes/unlocked-override.sh b/tests/functional/flakes/unlocked-override.sh index 9d8d569f1cf..73784b4e818 100755 --- a/tests/functional/flakes/unlocked-override.sh +++ b/tests/functional/flakes/unlocked-override.sh @@ -35,7 +35,8 @@ echo 456 > "$flake1Dir"/x.nix expectStderr 1 nix flake lock "$flake2Dir" --override-input flake1 "$TEST_ROOT/flake1" | grepQuiet "Will not write lock file.*because it has an unlocked input" -_NIX_TEST_FAIL_ON_LARGE_PATH=1 nix flake lock "$flake2Dir" --override-input flake1 "$TEST_ROOT/flake1" --allow-dirty-locks --warn-large-path-threshold 1 +nix flake lock "$flake2Dir" --override-input flake1 "$TEST_ROOT/flake1" --allow-dirty-locks +#_NIX_TEST_FAIL_ON_LARGE_PATH=1 nix flake lock "$flake2Dir" --override-input flake1 "$TEST_ROOT/flake1" --allow-dirty-locks --warn-large-path-threshold 1 # Using a lock file with a dirty lock does not require --allow-dirty-locks, but should print a warning. expectStderr 0 nix eval "$flake2Dir#x" | From 2aa36551660b78bb70b9910fd524909298f3cf19 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 24 Apr 2025 17:08:33 +0200 Subject: [PATCH 498/815] computeBaseName(): Respect the original store path name --- src/libexpr/paths.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libexpr/paths.cc b/src/libexpr/paths.cc index 4519626362e..826a738a660 100644 --- a/src/libexpr/paths.cc +++ b/src/libexpr/paths.cc @@ -61,7 +61,7 @@ std::string EvalState::computeBaseName(const SourcePath & path) "This can typically be avoided by rewriting an attribute like `src = ./.` " "to `src = builtins.path { path = ./.; name = \"source\"; }`.", path); - return std::string(fetchToStore(*store, path, FetchMode::DryRun).to_string()); + return std::string(fetchToStore(*store, path, FetchMode::DryRun, storePath->name()).to_string()); } } return std::string(path.baseName()); From 6390b8b7cfd4e6f41328fd881f4583e462a19168 Mon Sep 17 00:00:00 2001 From: Cole Helbling Date: Thu, 24 Apr 2025 07:56:11 -0700 Subject: [PATCH 499/815] nix-cli: restore binary-dist artifact to Hydra static builds (cherry picked from commit e1b68244ade89a0e3ad9ea5da3e41eb77aba1b15) --- src/nix/package.nix | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/nix/package.nix b/src/nix/package.nix index 40a28043785..3d4f6f40b4f 100644 --- a/src/nix/package.nix +++ b/src/nix/package.nix @@ -1,4 +1,5 @@ { + stdenv, lib, mkMesonExecutable, @@ -94,6 +95,11 @@ mkMesonExecutable (finalAttrs: { mesonFlags = [ ]; + postInstall = lib.optionalString stdenv.hostPlatform.isStatic '' + mkdir -p $out/nix-support + echo "file binary-dist $out/bin/nix" >> $out/nix-support/hydra-build-products + ''; + meta = { mainProgram = "nix"; platforms = lib.platforms.unix ++ lib.platforms.windows; From d97d311ddfbb656bc4ccd1e81f9059d0ddea8c8d Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Thu, 24 Apr 2025 20:10:54 -0400 Subject: [PATCH 500/815] Emit a warning about channel deprecation. --- doc/manual/source/command-ref/nix-channel.md | 6 ++++++ src/nix-channel/nix-channel.cc | 5 +++++ 2 files changed, 11 insertions(+) diff --git a/doc/manual/source/command-ref/nix-channel.md b/doc/manual/source/command-ref/nix-channel.md index 8b58392b7b5..bc0a90b11c4 100644 --- a/doc/manual/source/command-ref/nix-channel.md +++ b/doc/manual/source/command-ref/nix-channel.md @@ -8,6 +8,12 @@ # Description +> **Warning** +> +> nix-channel is deprecated in favor of flakes in Determinate Nix. +> For a guide on Nix flakes, see: . +> For details and to offer feedback on the deprecation process, see: . + Channels are a mechanism for referencing remote Nix expressions and conveniently retrieving their latest version. The moving parts of channels are: diff --git a/src/nix-channel/nix-channel.cc b/src/nix-channel/nix-channel.cc index c0baa4aa2a4..a6ca6f711c1 100644 --- a/src/nix-channel/nix-channel.cc +++ b/src/nix-channel/nix-channel.cc @@ -164,6 +164,11 @@ static void update(const StringSet & channelNames) static int main_nix_channel(int argc, char ** argv) { + warn( + "nix-channel is deprecated in favor of flakes in Determinate Nix. \ +For a guide on Nix flakes, see: https://zero-to-nix.com/. \ +For details and to offer feedback on the deprecation process, see: https://github.com/DeterminateSystems/nix-src/issues/34."); + { // Figure out the name of the `.nix-channels' file to use auto home = getHome(); From b179259d6ff6344570e4c3de0c3b55d280547e62 Mon Sep 17 00:00:00 2001 From: Sergei Zimmerman Date: Thu, 24 Apr 2025 22:27:03 +0000 Subject: [PATCH 501/815] libutil: Use correct argument to Error format ctor It seems that the intention was to format a number in base 8 (as suggested by the %o format specifier), but `perms` is a `std::string` and not a number. Looks like `rawMode` is the correct thing to use here. (cherry picked from commit 1b5c8aac123d96b907972a9cbb67891ff17caf7a) --- src/libutil/git.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libutil/git.cc b/src/libutil/git.cc index 45cda1c2c3e..edeef71b7fb 100644 --- a/src/libutil/git.cc +++ b/src/libutil/git.cc @@ -134,7 +134,7 @@ void parseTree( RawMode rawMode = std::stoi(perms, 0, 8); auto modeOpt = decodeMode(rawMode); if (!modeOpt) - throw Error("Unknown Git permission: %o", perms); + throw Error("Unknown Git permission: %o", rawMode); auto mode = std::move(*modeOpt); std::string name = getStringUntil(source, '\0'); From 10350537b1010862dc3a2ac116699948e70cf5c8 Mon Sep 17 00:00:00 2001 From: Sergei Zimmerman Date: Thu, 24 Apr 2025 21:00:24 +0000 Subject: [PATCH 502/815] libutil: Fix invalid boost format string in infinite symlink recursion error Found while working on an automated migration to `std::format`. (cherry picked from commit bfb357c40b289490ad841cc7271f2afa92081d34) --- src/libutil/file-system.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libutil/file-system.cc b/src/libutil/file-system.cc index c7cea4b589a..6fb797103c3 100644 --- a/src/libutil/file-system.cc +++ b/src/libutil/file-system.cc @@ -111,7 +111,7 @@ Path canonPath(PathView path, bool resolveSymlinks) (std::string & result, std::string_view & remaining) { if (resolveSymlinks && fs::is_symlink(result)) { if (++followCount >= maxFollow) - throw Error("infinite symlink recursion in path '%0%'", remaining); + throw Error("infinite symlink recursion in path '%1%'", remaining); remaining = (temp = concatStrings(readLink(result), remaining)); if (isAbsolute(remaining)) { /* restart for symlinks pointing to absolute path */ From 17a40e5195705316468fd795ec78b5ec38496911 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 25 Apr 2025 11:22:21 +0200 Subject: [PATCH 503/815] Warn about the use of channel URLs --- src/libexpr/eval-settings.cc | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/src/libexpr/eval-settings.cc b/src/libexpr/eval-settings.cc index 659c01a9e63..85ec9881669 100644 --- a/src/libexpr/eval-settings.cc +++ b/src/libexpr/eval-settings.cc @@ -84,9 +84,14 @@ bool EvalSettings::isPseudoUrl(std::string_view s) std::string EvalSettings::resolvePseudoUrl(std::string_view url) { - if (hasPrefix(url, "channel:")) + if (hasPrefix(url, "channel:")) { + static bool haveWarned = false; + warnOnce(haveWarned, + "Channels are deprecated in favor of flakes in Determinate Nix. " + "For a guide on Nix flakes, see: https://zero-to-nix.com/. " + "For details and to offer feedback on the deprecation process, see: https://github.com/DeterminateSystems/nix-src/issues/34."); return "https://nixos.org/channels/" + std::string(url.substr(8)) + "/nixexprs.tar.xz"; - else + } else return std::string(url); } @@ -103,4 +108,4 @@ Path getNixDefExpr() : getHome() + "/.nix-defexpr"; } -} // namespace nix \ No newline at end of file +} // namespace nix From dfbb52e6bd037cd8c25d00a7f40a688ddcfe9dca Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 24 Apr 2025 18:54:16 +0200 Subject: [PATCH 504/815] lockFlake(): Allow registry lookups for the top-level flake Fixes #13050. (cherry picked from commit 68de26d38afea6b87460afec77c85e1642a269ff) --- src/libcmd/installables.cc | 2 +- src/libexpr/primops/fetchTree.cc | 2 +- .../include/nix/fetchers/registry.hh | 8 +++- src/libfetchers/registry.cc | 13 +++++- src/libflake/flake.cc | 41 +++++++++++-------- src/libflake/flakeref.cc | 4 +- src/libflake/include/nix/flake/flake.hh | 2 +- src/libflake/include/nix/flake/flakeref.hh | 2 +- tests/functional/flakes/flakes.sh | 7 ++++ 9 files changed, 55 insertions(+), 26 deletions(-) diff --git a/src/libcmd/installables.cc b/src/libcmd/installables.cc index 2ebfac3e667..1c414e9e27e 100644 --- a/src/libcmd/installables.cc +++ b/src/libcmd/installables.cc @@ -40,7 +40,7 @@ void completeFlakeInputAttrPath( std::string_view prefix) { for (auto & flakeRef : flakeRefs) { - auto flake = flake::getFlake(*evalState, flakeRef, true); + auto flake = flake::getFlake(*evalState, flakeRef, fetchers::UseRegistries::All); for (auto & input : flake.inputs) if (hasPrefix(input.first, prefix)) completions.add(input.first); diff --git a/src/libexpr/primops/fetchTree.cc b/src/libexpr/primops/fetchTree.cc index 0be9f4bdc7d..745705e04c1 100644 --- a/src/libexpr/primops/fetchTree.cc +++ b/src/libexpr/primops/fetchTree.cc @@ -181,7 +181,7 @@ static void fetchTree( } if (!state.settings.pureEval && !input.isDirect() && experimentalFeatureSettings.isEnabled(Xp::Flakes)) - input = lookupInRegistries(state.store, input).first; + input = lookupInRegistries(state.store, input, fetchers::UseRegistries::Limited).first; if (state.settings.pureEval && !input.isLocked()) { if (input.getNarHash()) diff --git a/src/libfetchers/include/nix/fetchers/registry.hh b/src/libfetchers/include/nix/fetchers/registry.hh index 47ff9e86f67..efbfe07c849 100644 --- a/src/libfetchers/include/nix/fetchers/registry.hh +++ b/src/libfetchers/include/nix/fetchers/registry.hh @@ -65,7 +65,11 @@ void overrideRegistry( const Input & to, const Attrs & extraAttrs); -using RegistryFilter = std::function; +enum class UseRegistries : int { + No, + All, + Limited, // global and flag registry only +}; /** * Rewrite a flakeref using the registries. If `filter` is set, only @@ -74,6 +78,6 @@ using RegistryFilter = std::function; std::pair lookupInRegistries( ref store, const Input & input, - const RegistryFilter & filter = {}); + UseRegistries useRegistries); } diff --git a/src/libfetchers/registry.cc b/src/libfetchers/registry.cc index e9b55f7f2d8..bfaf9569a4e 100644 --- a/src/libfetchers/registry.cc +++ b/src/libfetchers/registry.cc @@ -14,6 +14,8 @@ std::shared_ptr Registry::read( const Settings & settings, const Path & path, RegistryType type) { + debug("reading registry '%s'", path); + auto registry = std::make_shared(settings, type); if (!pathExists(path)) @@ -179,29 +181,36 @@ Registries getRegistries(const Settings & settings, ref store) std::pair lookupInRegistries( ref store, const Input & _input, - const RegistryFilter & filter) + UseRegistries useRegistries) { Attrs extraAttrs; int n = 0; Input input(_input); + if (useRegistries == UseRegistries::No) + return {input, extraAttrs}; + restart: n++; if (n > 100) throw Error("cycle detected in flake registry for '%s'", input.to_string()); for (auto & registry : getRegistries(*input.settings, store)) { - if (filter && !filter(registry->type)) continue; + if (useRegistries == UseRegistries::Limited + && !(registry->type == fetchers::Registry::Flag || registry->type == fetchers::Registry::Global)) + continue; // FIXME: O(n) for (auto & entry : registry->entries) { if (entry.exact) { if (entry.from == input) { + debug("resolved flakeref '%s' against registry %d exactly", input.to_string(), registry->type); input = entry.to; extraAttrs = entry.extraAttrs; goto restart; } } else { if (entry.from.contains(input)) { + debug("resolved flakeref '%s' against registry %d", input.to_string(), registry->type); input = entry.to.applyOverrides( !entry.from.getRef() && input.getRef() ? input.getRef() : std::optional(), !entry.from.getRev() && input.getRev() ? input.getRev() : std::optional()); diff --git a/src/libflake/flake.cc b/src/libflake/flake.cc index 1cce0c9784d..89cf3a7fd3c 100644 --- a/src/libflake/flake.cc +++ b/src/libflake/flake.cc @@ -45,7 +45,7 @@ static std::optional lookupInFlakeCache( static std::tuple, FlakeRef, FlakeRef> fetchOrSubstituteTree( EvalState & state, const FlakeRef & originalRef, - bool useRegistries, + fetchers::UseRegistries useRegistries, FlakeCache & flakeCache) { auto fetched = lookupInFlakeCache(flakeCache, originalRef); @@ -56,14 +56,8 @@ static std::tuple, FlakeRef, FlakeRef> fetchOrSubstituteTree auto [accessor, lockedRef] = originalRef.lazyFetch(state.store); fetched.emplace(FetchedFlake{.lockedRef = lockedRef, .accessor = accessor}); } else { - if (useRegistries) { - resolvedRef = originalRef.resolve( - state.store, - [](fetchers::Registry::RegistryType type) { - /* Only use the global registry and CLI flags - to resolve indirect flakerefs. */ - return type == fetchers::Registry::Flag || type == fetchers::Registry::Global; - }); + if (useRegistries != fetchers::UseRegistries::No) { + resolvedRef = originalRef.resolve(state.store, useRegistries); fetched = lookupInFlakeCache(flakeCache, originalRef); if (!fetched) { auto [accessor, lockedRef] = resolvedRef.lazyFetch(state.store); @@ -396,7 +390,7 @@ static FlakeRef applySelfAttrs( static Flake getFlake( EvalState & state, const FlakeRef & originalRef, - bool useRegistries, + fetchers::UseRegistries useRegistries, FlakeCache & flakeCache, const InputAttrPath & lockRootAttrPath) { @@ -415,7 +409,7 @@ static Flake getFlake( // FIXME: need to remove attrs that are invalidated by the changed input attrs, such as 'narHash'. newLockedRef.input.attrs.erase("narHash"); auto [accessor2, resolvedRef2, lockedRef2] = fetchOrSubstituteTree( - state, newLockedRef, false, flakeCache); + state, newLockedRef, fetchers::UseRegistries::No, flakeCache); accessor = accessor2; lockedRef = lockedRef2; } @@ -427,7 +421,7 @@ static Flake getFlake( return readFlake(state, originalRef, resolvedRef, lockedRef, state.storePath(storePath), lockRootAttrPath); } -Flake getFlake(EvalState & state, const FlakeRef & originalRef, bool useRegistries) +Flake getFlake(EvalState & state, const FlakeRef & originalRef, fetchers::UseRegistries useRegistries) { FlakeCache flakeCache; return getFlake(state, originalRef, useRegistries, flakeCache, {}); @@ -455,8 +449,15 @@ LockedFlake lockFlake( FlakeCache flakeCache; auto useRegistries = lockFlags.useRegistries.value_or(settings.useRegistries); + auto useRegistriesTop = useRegistries ? fetchers::UseRegistries::All : fetchers::UseRegistries::No; + auto useRegistriesInputs = useRegistries ? fetchers::UseRegistries::Limited : fetchers::UseRegistries::No; - auto flake = getFlake(state, topRef, useRegistries, flakeCache, {}); + auto flake = getFlake( + state, + topRef, + useRegistriesTop, + flakeCache, + {}); if (lockFlags.applyNixConfig) { flake.config.apply(settings); @@ -631,7 +632,12 @@ LockedFlake lockFlake( if (auto resolvedPath = resolveRelativePath()) { return readFlake(state, ref, ref, ref, *resolvedPath, inputAttrPath); } else { - return getFlake(state, ref, useRegistries, flakeCache, inputAttrPath); + return getFlake( + state, + ref, + useRegistriesInputs, + flakeCache, + inputAttrPath); } }; @@ -780,7 +786,7 @@ LockedFlake lockFlake( return {*resolvedPath, *input.ref}; } else { auto [accessor, resolvedRef, lockedRef] = fetchOrSubstituteTree( - state, *input.ref, useRegistries, flakeCache); + state, *input.ref, useRegistriesInputs, flakeCache); // FIXME: allow input to be lazy. auto storePath = copyInputToStore(state, lockedRef.input, input.ref->input, accessor); @@ -895,7 +901,10 @@ LockedFlake lockFlake( repo, so we should re-read it. FIXME: we could also just clear the 'rev' field... */ auto prevLockedRef = flake.lockedRef; - flake = getFlake(state, topRef, useRegistries); + flake = getFlake( + state, + topRef, + useRegistriesTop); if (lockFlags.commitLockFile && flake.lockedRef.input.getRev() && diff --git a/src/libflake/flakeref.cc b/src/libflake/flakeref.cc index 6e95eb76759..a8b139d654f 100644 --- a/src/libflake/flakeref.cc +++ b/src/libflake/flakeref.cc @@ -37,9 +37,9 @@ std::ostream & operator << (std::ostream & str, const FlakeRef & flakeRef) FlakeRef FlakeRef::resolve( ref store, - const fetchers::RegistryFilter & filter) const + fetchers::UseRegistries useRegistries) const { - auto [input2, extraAttrs] = lookupInRegistries(store, input); + auto [input2, extraAttrs] = lookupInRegistries(store, input, useRegistries); return FlakeRef(std::move(input2), fetchers::maybeGetStrAttr(extraAttrs, "dir").value_or(subdir)); } diff --git a/src/libflake/include/nix/flake/flake.hh b/src/libflake/include/nix/flake/flake.hh index 3336f8557d9..ef0bb349ba5 100644 --- a/src/libflake/include/nix/flake/flake.hh +++ b/src/libflake/include/nix/flake/flake.hh @@ -115,7 +115,7 @@ struct Flake } }; -Flake getFlake(EvalState & state, const FlakeRef & flakeRef, bool useRegistries); +Flake getFlake(EvalState & state, const FlakeRef & flakeRef, fetchers::UseRegistries useRegistries); /** * Fingerprint of a locked flake; used as a cache key. diff --git a/src/libflake/include/nix/flake/flakeref.hh b/src/libflake/include/nix/flake/flakeref.hh index 0fd1fec4dcf..8c15f9d9523 100644 --- a/src/libflake/include/nix/flake/flakeref.hh +++ b/src/libflake/include/nix/flake/flakeref.hh @@ -65,7 +65,7 @@ struct FlakeRef FlakeRef resolve( ref store, - const fetchers::RegistryFilter & filter = {}) const; + fetchers::UseRegistries useRegistries = fetchers::UseRegistries::All) const; static FlakeRef fromAttrs( const fetchers::Settings & fetchSettings, diff --git a/tests/functional/flakes/flakes.sh b/tests/functional/flakes/flakes.sh index d8c9f254d15..aac505d418f 100755 --- a/tests/functional/flakes/flakes.sh +++ b/tests/functional/flakes/flakes.sh @@ -220,6 +220,13 @@ nix store gc nix registry list --flake-registry "file://$registry" --refresh | grepQuiet flake3 mv "$registry.tmp" "$registry" +# Ensure that locking ignores the user registry. +mkdir -p "$TEST_HOME/.config/nix" +ln -sfn "$registry" "$TEST_HOME/.config/nix/registry.json" +nix flake metadata --flake-registry '' flake1 +expectStderr 1 nix flake update --flake-registry '' --flake "$flake3Dir" | grepQuiet "cannot find flake 'flake:flake1' in the flake registries" +rm "$TEST_HOME/.config/nix/registry.json" + # Test whether flakes are registered as GC roots for offline use. # FIXME: use tarballs rather than git. rm -rf "$TEST_HOME/.cache" From 709f05989d0d89598e37591474387b16b03bb674 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Fri, 25 Apr 2025 10:10:06 +0200 Subject: [PATCH 505/815] tests/flakes: add regression test for resolving user flakes (cherry picked from commit 6405d6822d0139ea02123919eb40d0b57786b7f9) --- tests/functional/flakes/flakes.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/functional/flakes/flakes.sh b/tests/functional/flakes/flakes.sh index aac505d418f..72fe798380e 100755 --- a/tests/functional/flakes/flakes.sh +++ b/tests/functional/flakes/flakes.sh @@ -266,6 +266,7 @@ nix registry add user-flake2 "git+file://$percentEncodedFlake2Dir" [[ $(nix --flake-registry "" registry list | wc -l) == 2 ]] nix --flake-registry "" registry list | grepQuietInverse '^global' # nothing in global registry nix --flake-registry "" registry list | grepQuiet '^user' +nix flake metadata --flake-registry "" user-flake1 | grepQuiet 'URL:.*flake1.*' nix registry remove user-flake1 nix registry remove user-flake2 [[ $(nix registry list | wc -l) == 4 ]] From 1c9e94789e6a4791674711479e07ab171c473315 Mon Sep 17 00:00:00 2001 From: Sergei Zimmerman Date: Fri, 25 Apr 2025 13:35:16 +0300 Subject: [PATCH 506/815] libutil: Add missing format arguments to UsageError ctor Once again found by an automated migration to `std::format`. I've tested that boost::format works fine with `std::string_view` arguments. (cherry picked from commit 9fff868e39ddbeeee4c1aece452cf0d9c9cc8019) --- src/libutil-tests/file-content-address.cc | 15 +++++++++++---- src/libutil/file-content-address.cc | 4 ++-- 2 files changed, 13 insertions(+), 6 deletions(-) diff --git a/src/libutil-tests/file-content-address.cc b/src/libutil-tests/file-content-address.cc index 5cdf94edcff..92c6059a499 100644 --- a/src/libutil-tests/file-content-address.cc +++ b/src/libutil-tests/file-content-address.cc @@ -1,3 +1,4 @@ +#include #include #include "nix/util/file-content-address.hh" @@ -26,8 +27,11 @@ TEST(FileSerialisationMethod, testRoundTripPrintParse_2) { } } -TEST(FileSerialisationMethod, testParseFileSerialisationMethodOptException) { - EXPECT_THROW(parseFileSerialisationMethod("narwhal"), UsageError); +TEST(FileSerialisationMethod, testParseFileSerialisationMethodOptException) +{ + EXPECT_THAT( + []() { parseFileSerialisationMethod("narwhal"); }, + testing::ThrowsMessage(testing::HasSubstr("narwhal"))); } /* ---------------------------------------------------------------------------- @@ -54,8 +58,11 @@ TEST(FileIngestionMethod, testRoundTripPrintParse_2) { } } -TEST(FileIngestionMethod, testParseFileIngestionMethodOptException) { - EXPECT_THROW(parseFileIngestionMethod("narwhal"), UsageError); +TEST(FileIngestionMethod, testParseFileIngestionMethodOptException) +{ + EXPECT_THAT( + []() { parseFileIngestionMethod("narwhal"); }, + testing::ThrowsMessage(testing::HasSubstr("narwhal"))); } } diff --git a/src/libutil/file-content-address.cc b/src/libutil/file-content-address.cc index 673e1dff1fc..142bc70d534 100644 --- a/src/libutil/file-content-address.cc +++ b/src/libutil/file-content-address.cc @@ -22,7 +22,7 @@ FileSerialisationMethod parseFileSerialisationMethod(std::string_view input) if (ret) return *ret; else - throw UsageError("Unknown file serialiation method '%s', expect `flat` or `nar`"); + throw UsageError("Unknown file serialiation method '%s', expect `flat` or `nar`", input); } @@ -35,7 +35,7 @@ FileIngestionMethod parseFileIngestionMethod(std::string_view input) if (ret) return static_cast(*ret); else - throw UsageError("Unknown file ingestion method '%s', expect `flat`, `nar`, or `git`"); + throw UsageError("Unknown file ingestion method '%s', expect `flat`, `nar`, or `git`", input); } } From 797c716f746fe1474600a5836042b598b8e6f20d Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 25 Apr 2025 16:05:17 +0200 Subject: [PATCH 507/815] Suggest fix --- src/libexpr/eval-settings.cc | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/src/libexpr/eval-settings.cc b/src/libexpr/eval-settings.cc index 85ec9881669..8fbe94aef19 100644 --- a/src/libexpr/eval-settings.cc +++ b/src/libexpr/eval-settings.cc @@ -85,12 +85,15 @@ bool EvalSettings::isPseudoUrl(std::string_view s) std::string EvalSettings::resolvePseudoUrl(std::string_view url) { if (hasPrefix(url, "channel:")) { + auto realUrl = "https://nixos.org/channels/" + std::string(url.substr(8)) + "/nixexprs.tar.xz"; static bool haveWarned = false; warnOnce(haveWarned, "Channels are deprecated in favor of flakes in Determinate Nix. " + "Instead of '%s', use '%s'. " "For a guide on Nix flakes, see: https://zero-to-nix.com/. " - "For details and to offer feedback on the deprecation process, see: https://github.com/DeterminateSystems/nix-src/issues/34."); - return "https://nixos.org/channels/" + std::string(url.substr(8)) + "/nixexprs.tar.xz"; + "For details and to offer feedback on the deprecation process, see: https://github.com/DeterminateSystems/nix-src/issues/34.", + url, realUrl); + return realUrl; } else return std::string(url); } From 88cd82239e81687d67fad72541f71fefa494b56d Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 25 Apr 2025 16:50:02 +0200 Subject: [PATCH 508/815] Fix the nix-community/patsh/0.2.1 flake regression test (again) --- src/libfetchers/fetchers.cc | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/libfetchers/fetchers.cc b/src/libfetchers/fetchers.cc index 9693f1773b0..33301933ca5 100644 --- a/src/libfetchers/fetchers.cc +++ b/src/libfetchers/fetchers.cc @@ -228,6 +228,9 @@ void Input::checkLocks(Input specified, Input & result) if (auto prevNarHash = specified.getNarHash()) specified.attrs.insert_or_assign("narHash", prevNarHash->to_string(HashFormat::SRI, true)); + if (auto narHash = result.getNarHash()) + result.attrs.insert_or_assign("narHash", narHash->to_string(HashFormat::SRI, true)); + for (auto & field : specified.attrs) { auto field2 = result.attrs.find(field.first); if (field2 != result.attrs.end() && field.second != field2->second) From ca1b2dc6179f0a4d04f5ed117df9df1f04b38274 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 25 Apr 2025 21:16:27 +0200 Subject: [PATCH 509/815] Warn against the use of indirect flakerefs in flake inputs --- src/libflake/flake/flake.cc | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/src/libflake/flake/flake.cc b/src/libflake/flake/flake.cc index 6ea9626b900..0c219e26787 100644 --- a/src/libflake/flake/flake.cc +++ b/src/libflake/flake/flake.cc @@ -740,6 +740,27 @@ LockedFlake lockFlake( use --no-write-lock-file. */ auto ref = (input2.ref && explicitCliOverrides.contains(inputAttrPath)) ? *input2.ref : *input.ref; + /* Warn against the use of indirect flakerefs + (but only at top-level since we don't want + to annoy users about flakes that are not + under their control). */ + auto warnRegistry = [&](const FlakeRef & resolvedRef) + { + if (inputAttrPath.size() == 1 && !input.ref->input.isDirect()) { + std::ostringstream s; + printLiteralString(s, resolvedRef.to_string()); + warn( + "Flake input '%1%' uses the flake registry. " + "Using the registry in flake inputs is deprecated. " + "To make your flake future-proof, add the following to '%2%':\n" + "\n" + " inputs.%1%.url = %3%;", + inputAttrPathS, + flake.path, + s.str()); + } + }; + if (input.isFlake) { auto inputFlake = getInputFlake(*input.ref); @@ -771,6 +792,8 @@ LockedFlake lockFlake( oldLock ? followsPrefix : inputAttrPath, inputFlake.path, false); + + warnRegistry(inputFlake.resolvedRef); } else { @@ -783,6 +806,8 @@ LockedFlake lockFlake( auto [accessor, resolvedRef, lockedRef] = fetchOrSubstituteTree( state, *input.ref, useRegistries, flakeCache); + warnRegistry(resolvedRef); + // FIXME: allow input to be lazy. auto storePath = copyInputToStore(state, lockedRef.input, input.ref->input, accessor); From ae5ac8acc115de6235aeba97c5912e0fb142f14f Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 25 Apr 2025 21:39:05 +0200 Subject: [PATCH 510/815] Limit parallelism --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 32ef50090dd..9df6b00a52e 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -109,7 +109,7 @@ jobs: with: determinate: true - uses: DeterminateSystems/flakehub-cache-action@main - - run: nix build -L --out-link ./new-nix && PATH=$(pwd)/new-nix/bin:$PATH flake-regressions/eval-all.sh + - run: lscpu && nix build -L --out-link ./new-nix && PATH=$(pwd)/new-nix/bin:$PATH PARALLEL="-P 16" flake-regressions/eval-all.sh manual: if: github.event_name != 'merge_group' From a9c1751e2f9d52304db452de86466892aa4fad03 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 25 Apr 2025 21:51:32 +0200 Subject: [PATCH 511/815] Update src/libflake/flake/flake.cc Co-authored-by: Graham Christensen --- src/libflake/flake/flake.cc | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/libflake/flake/flake.cc b/src/libflake/flake/flake.cc index 0c219e26787..3eb1333d5c6 100644 --- a/src/libflake/flake/flake.cc +++ b/src/libflake/flake/flake.cc @@ -751,10 +751,12 @@ LockedFlake lockFlake( printLiteralString(s, resolvedRef.to_string()); warn( "Flake input '%1%' uses the flake registry. " - "Using the registry in flake inputs is deprecated. " + "Using the registry in flake inputs is deprecated in Determinate Nix. " "To make your flake future-proof, add the following to '%2%':\n" "\n" - " inputs.%1%.url = %3%;", + " inputs.%1%.url = %3%;\n" + "\n" + "For more information, see: https://github.com/DeterminateSystems/nix-src/issues/37", inputAttrPathS, flake.path, s.str()); From 050e2e07bc147e7a3f1901569ea16c5278d5c482 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Fri, 25 Apr 2025 20:35:32 +0000 Subject: [PATCH 512/815] Prepare release v3.4.0 From 48e976af6314609df071b28847bf2d4d5aa7f4c2 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Fri, 25 Apr 2025 20:35:35 +0000 Subject: [PATCH 513/815] Set .version-determinate to 3.4.0 --- .version-determinate | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.version-determinate b/.version-determinate index bea438e9ade..18091983f59 100644 --- a/.version-determinate +++ b/.version-determinate @@ -1 +1 @@ -3.3.1 +3.4.0 From 173c742afcd96e621a83abd08480e78a56692ad0 Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Fri, 25 Apr 2025 16:56:57 -0400 Subject: [PATCH 514/815] Prep 3.4.0 release notes (#40) --- doc/manual/source/SUMMARY.md.in | 1 + .../release-notes-determinate/changes.md | 8 ++- .../release-notes-determinate/rl-3.4.0.md | 50 +++++++++++++++++++ 3 files changed, 58 insertions(+), 1 deletion(-) create mode 100644 doc/manual/source/release-notes-determinate/rl-3.4.0.md diff --git a/doc/manual/source/SUMMARY.md.in b/doc/manual/source/SUMMARY.md.in index 0e1ff7f8455..1492abb62d9 100644 --- a/doc/manual/source/SUMMARY.md.in +++ b/doc/manual/source/SUMMARY.md.in @@ -128,6 +128,7 @@ - [Contributing](development/contributing.md) - [Determinate Nix Release Notes](release-notes-determinate/index.md) - [Changes between Nix and Determinate Nix](release-notes-determinate/changes.md) + - [Release 3.4.0 (2025-04-25)](release-notes-determinate/rl-3.4.0.md) - [Release 3.3.0 (2025-04-11)](release-notes-determinate/rl-3.3.0.md) - [Release 3.1.0 (2025-03-27)](release-notes-determinate/rl-3.1.0.md) - [Release 3.0.0 (2025-03-04)](release-notes-determinate/rl-3.0.0.md) diff --git a/doc/manual/source/release-notes-determinate/changes.md b/doc/manual/source/release-notes-determinate/changes.md index 4e5316708af..f0cc1af5463 100644 --- a/doc/manual/source/release-notes-determinate/changes.md +++ b/doc/manual/source/release-notes-determinate/changes.md @@ -1,6 +1,6 @@ # Changes between Nix and Determinate Nix -This section lists the differences between upstream Nix 2.24 and Determinate Nix 3.3.0. +This section lists the differences between upstream Nix 2.24 and Determinate Nix 3.4.0. * In Determinate Nix, flakes are stable. You no longer need to enable the `flakes` experimental feature. @@ -9,3 +9,9 @@ This section lists the differences between upstream Nix 2.24 and Determinate Nix * Determinate Nix has a setting [`json-log-path`](@docroot@/command-ref/conf-file.md#conf-json-log-path) to send a copy of all Nix log messages (in JSON format) to a file or Unix domain socket. * Determinate Nix has made `nix profile install` an alias to `nix profile add`, a more symmetrical antonym of `nix profile remove`. + +* `nix-channel` and `channel:` url syntax (like `channel:nixos-24.11`) is deprecated, see: https://github.com/DeterminateSystems/nix-src/issues/34 + +* Using indirect flake references and implicit inputs is deprecated, see: https://github.com/DeterminateSystems/nix-src/issues/37 + +* Warnings around "dirty trees" are updated to reduce "dirty" jargon, and now refers to "uncommitted changes". diff --git a/doc/manual/source/release-notes-determinate/rl-3.4.0.md b/doc/manual/source/release-notes-determinate/rl-3.4.0.md new file mode 100644 index 00000000000..24ae03ca554 --- /dev/null +++ b/doc/manual/source/release-notes-determinate/rl-3.4.0.md @@ -0,0 +1,50 @@ +# Release 3.4.0 (2025-04-25) + +* Based on [upstream Nix 2.28.2](../release-notes/rl-2.28.md). + +* **Warn users that `nix-channel` is deprecated.** + +This is the first change accomplishing our roadmap item of deprecating Nix channels: https://github.com/DeterminateSystems/nix-src/issues/34 + +This is due to user confusion and surprising behavior of channels, especially in the context of user vs. root channels. + +The goal of this change is to make the user experience of Nix more predictable. +In particular, these changes are to support users with lower levels of experience who are following guides that focus on channels as the mechanism of distribution. + +Users will now see this message: + +> nix-channel is deprecated in favor of flakes in Determinate Nix. For a guide on Nix flakes, see: https://zero-to-nix.com/. or details and to offer feedback on the deprecation process, see: https://github.com/DeterminateSystems/nix-src/issues/34. + + +* **Warn users that `channel:` URLs are deprecated.** + +This is the second change regarding our deprecation of Nix channels. +Using a `channel:` URL (like `channel:nixos-24.11`) will yield a warning like this: + +> Channels are deprecated in favor of flakes in Determinate Nix. Instead of 'channel:nixos-24.11', use 'https://nixos.org/channels/nixos-24.11/nixexprs.tar.xz'. For a guide on Nix flakes, see: https://zero-to-nix.com/. For details and to offer feedback on the deprecation process, see: https://github.com/DeterminateSystems/nix-src/issues/34. + +* **Warn users against indirect flake references in `flake.nix` inputs** + +This is the first change accomplishing our roadmap item of deprecating implicit and indirect flake inputs: https://github.com/DeterminateSystems/nix-src/issues/37 + +The flake registry provides an important UX affordance for using Nix flakes and remote sources in command line uses. +For that reason, the registry is not being deprecated entirely and will still be used for command-line incantations, like nix run. + +This move will eliminate user confusion and surprising behavior around global and local registries during flake input resolution. + +The goal of this change is to make the user experience of Nix more predictable. +We have seen a pattern of confusion when using automatic flake inputs and local registries. +Specifically, users' flake inputs resolving and locking inconsistently depending on the configuration of the host system. + +Users will now see the following warning if their flake.nix uses an implicit or indirect Flake reference input: + +> Flake input 'nixpkgs' uses the flake registry. Using the registry in flake inputs is deprecated in Determinate Nix. To make your flake future-proof, add the following to 'xxx/flake.nix': +> +> inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.11"; +> +> For more information, see: https://github.com/DeterminateSystems/nix-src/issues/37 + + +### Other updates: +* Improve the "dirty tree" message. Determinate Nix will now say `Git tree '...' has uncommitted changes` instead of `Git tree '...' is dirty` +* Stop warning about uncommitted changes in a Git repository when using `nix develop` From 3c5d7822c5c8f9bbbf903de3e38f82f882aed1ef Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Sun, 27 Apr 2025 16:25:50 -0400 Subject: [PATCH 515/815] Add a couple markers for injecting new updated content --- doc/manual/source/SUMMARY.md.in | 2 +- doc/manual/source/release-notes-determinate/changes.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/manual/source/SUMMARY.md.in b/doc/manual/source/SUMMARY.md.in index 1492abb62d9..8cce1113c32 100644 --- a/doc/manual/source/SUMMARY.md.in +++ b/doc/manual/source/SUMMARY.md.in @@ -127,7 +127,7 @@ - [Experimental Features](development/experimental-features.md) - [Contributing](development/contributing.md) - [Determinate Nix Release Notes](release-notes-determinate/index.md) - - [Changes between Nix and Determinate Nix](release-notes-determinate/changes.md) + - [Changes between Nix and Determinate Nix](release-notes-determinate/changes.md) - [Release 3.4.0 (2025-04-25)](release-notes-determinate/rl-3.4.0.md) - [Release 3.3.0 (2025-04-11)](release-notes-determinate/rl-3.3.0.md) - [Release 3.1.0 (2025-03-27)](release-notes-determinate/rl-3.1.0.md) diff --git a/doc/manual/source/release-notes-determinate/changes.md b/doc/manual/source/release-notes-determinate/changes.md index f0cc1af5463..5816ef87157 100644 --- a/doc/manual/source/release-notes-determinate/changes.md +++ b/doc/manual/source/release-notes-determinate/changes.md @@ -1,6 +1,6 @@ # Changes between Nix and Determinate Nix -This section lists the differences between upstream Nix 2.24 and Determinate Nix 3.4.0. +This section lists the differences between upstream Nix 2.24 and Determinate Nix 3.4.0. * In Determinate Nix, flakes are stable. You no longer need to enable the `flakes` experimental feature. From 25ef7a19566aff71d12640cfcf2cbdae068ffe34 Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Sun, 27 Apr 2025 17:08:41 -0400 Subject: [PATCH 516/815] Automatically generate release notes draft during proposal --- .github/release-notes.sh | 63 +++++++++++++++++++++++++++ .github/workflows/propose-release.yml | 2 + 2 files changed, 65 insertions(+) create mode 100755 .github/release-notes.sh diff --git a/.github/release-notes.sh b/.github/release-notes.sh new file mode 100755 index 00000000000..641426b3641 --- /dev/null +++ b/.github/release-notes.sh @@ -0,0 +1,63 @@ +#!/bin/sh + +scratch=$(mktemp -d -t tmp.XXXXXXXXXX) +finish() { + rm -rf "$scratch" +} +trap finish EXIT + +DATE=$(date +%Y-%m-%d) +DETERMINATE_NIX_VERSION=$(cat .version-determinate) +TAG_NAME="v${DETERMINATE_NIX_VERSION}" +NIX_VERSION=$(cat .version) +NIX_VERSION_MAJOR_MINOR=$(echo "$NIX_VERSION" | cut -d. -f1,2) +GITHUB_REPOSITORY="${GITHUB_REPOSITORY:-DeterminateSystems/nix-src}" + +gh api "/repos/${GITHUB_REPOSITORY}/releases/generate-notes" \ + -f "tag_name=${TAG_NAME}" > "$scratch/notes.json" + +trim_trailing_newlines() { + tac \ + | awk 'flag {print} {if(NF) flag=1}' \ + | tac +} + +linkify_gh() { + sed \ + -e 's#\(https://github.com/DeterminateSystems/nix-src/\(pull\|issue\)/\([[:digit:]]\+\)\)#[dnix\#\3](\1)#' \ + -e 's#\(https://github.com/DeterminateSystems/nix-src/compare/\([^ ]\+\)\)#[\2](\1)#' +} + +( + cat doc/manual/source/release-notes-determinate/changes.md \ + | sed 's/^.*\(\)$/This section lists the differences between upstream Nix '"$NIX_VERSION_MAJOR_MINOR"' and Determinate Nix '"$DETERMINATE_NIX_VERSION"'.\1/' \ + + printf "\n\n" "$DETERMINATE_NIX_VERSION" + cat "$scratch/notes.json" \ + | jq -r .body \ + | grep -v '^#' \ + | grep -v "Full Changelog" \ + | trim_trailing_newlines \ + | sed -e 's/^\* /\n* /' \ + | linkify_gh +) > "$scratch/changes.md" + +( + printf "# Release %s (%s)\n\n" \ + "$DETERMINATE_NIX_VERSION" \ + "$DATE" + printf "* Based on [upstream Nix %s](../release-notes/rl-%s.md).\n\n" \ + "$NIX_VERSION" \ + "$NIX_VERSION_MAJOR_MINOR" + + cat "$scratch/notes.json" | jq -r .body | linkify_gh +) > "$scratch/rl.md" + +( + cat doc/manual/source/SUMMARY.md.in \ + | sed 's/\(\)$/\1\n - [Release '"$DETERMINATE_NIX_VERSION"' ('"$DATE"')](release-notes-determinate\/rl-'"$DETERMINATE_NIX_VERSION"'.md)/' +) > "$scratch/summary.md" + +mv "$scratch/changes.md" doc/manual/source/release-notes-determinate/changes.md +mv "$scratch/rl.md" "doc/manual/source/release-notes-determinate/rl-${DETERMINATE_NIX_VERSION}.md" +mv "$scratch/summary.md" doc/manual/source/SUMMARY.md.in diff --git a/.github/workflows/propose-release.yml b/.github/workflows/propose-release.yml index 8b897072cc7..c01167994f2 100644 --- a/.github/workflows/propose-release.yml +++ b/.github/workflows/propose-release.yml @@ -26,4 +26,6 @@ jobs: extra-commands-early: | echo ${{ inputs.version }} > .version-determinate git add .version-determinate + ./.github/release-notes.sh + git add doc git commit -m "Set .version-determinate to ${{ inputs.version }}" || true From e057d0d67c08193e7854056f5631c9f1c86c123e Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Sun, 27 Apr 2025 17:08:48 -0400 Subject: [PATCH 517/815] Drop upstream CODEOWNERS --- .github/CODEOWNERS | 26 -------------------------- 1 file changed, 26 deletions(-) delete mode 100644 .github/CODEOWNERS diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS deleted file mode 100644 index a9ca74c17cc..00000000000 --- a/.github/CODEOWNERS +++ /dev/null @@ -1,26 +0,0 @@ -# Pull requests concerning the listed files will automatically invite the respective maintainers as reviewers. -# This file is not used for denoting any kind of ownership, but is merely a tool for handling notifications. -# -# Merge permissions are required for maintaining an entry in this file. -# For documentation on this mechanism, see https://help.github.com/articles/about-codeowners/ - -# Default reviewers if nothing else matches -* @edolstra - -# This file -.github/CODEOWNERS @edolstra - -# Documentation of built-in functions -src/libexpr/primops.cc @roberth @fricklerhandwerk - -# Documentation of settings -src/libexpr/eval-settings.hh @fricklerhandwerk -src/libstore/globals.hh @fricklerhandwerk - -# Documentation -doc/manual @fricklerhandwerk -maintainers/*.md @fricklerhandwerk -src/**/*.md @fricklerhandwerk - -# Libstore layer -/src/libstore @ericson2314 From 81350e1ffccc4ce543dc78bf248f9d3ae41dcbb2 Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Sun, 27 Apr 2025 17:08:48 -0400 Subject: [PATCH 518/815] Update our issue and PR templates to be "us" --- .github/ISSUE_TEMPLATE/bug_report.md | 21 +++++++--------- .github/ISSUE_TEMPLATE/feature_request.md | 19 ++++++-------- .github/ISSUE_TEMPLATE/installer.md | 23 +++++++---------- .../ISSUE_TEMPLATE/missing_documentation.md | 19 ++++++-------- .github/PULL_REQUEST_TEMPLATE.md | 25 ------------------- .github/STALE-BOT.md | 25 +++++-------------- 6 files changed, 38 insertions(+), 94 deletions(-) diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md index a5005f8a002..58ef1690feb 100644 --- a/.github/ISSUE_TEMPLATE/bug_report.md +++ b/.github/ISSUE_TEMPLATE/bug_report.md @@ -1,10 +1,9 @@ --- name: Bug report about: Report unexpected or incorrect behaviour -title: '' +title: "" labels: bug -assignees: '' - +assignees: "" --- ## Describe the bug @@ -32,7 +31,9 @@ assignees: '' ## Metadata - + + + ## Additional context @@ -42,13 +43,9 @@ assignees: '' -- [ ] checked [latest Nix manual] \([source]) +- [ ] checked [latest Determinate Nix manual] \([source]) - [ ] checked [open bug issues and pull requests] for possible duplicates -[latest Nix manual]: https://nixos.org/manual/nix/unstable/ -[source]: https://github.com/NixOS/nix/tree/master/doc/manual/source -[open bug issues and pull requests]: https://github.com/NixOS/nix/labels/bug - ---- - -Add :+1: to [issues you find important](https://github.com/NixOS/nix/issues?q=is%3Aissue+is%3Aopen+sort%3Areactions-%2B1-desc). +[latest Determinate Nix manual]: https://manual.determinate.systems/ +[source]: https://github.com/DeterminateSystems/nix-src/tree/detsys-main/doc/manual/source +[open bug issues and pull requests]: https://github.com/DeterminateSystems/nix-src/labels/bug diff --git a/.github/ISSUE_TEMPLATE/feature_request.md b/.github/ISSUE_TEMPLATE/feature_request.md index c75a4695170..345a05c533e 100644 --- a/.github/ISSUE_TEMPLATE/feature_request.md +++ b/.github/ISSUE_TEMPLATE/feature_request.md @@ -1,10 +1,9 @@ --- name: Feature request about: Suggest a new feature -title: '' +title: "" labels: feature -assignees: '' - +assignees: "" --- ## Is your feature request related to a problem? @@ -27,13 +26,9 @@ assignees: '' -- [ ] checked [latest Nix manual] \([source]) -- [ ] checked [open feature issues and pull requests] for possible duplicates - -[latest Nix manual]: https://nixos.org/manual/nix/unstable/ -[source]: https://github.com/NixOS/nix/tree/master/doc/manual/source -[open feature issues and pull requests]: https://github.com/NixOS/nix/labels/feature - ---- +- [ ] checked [latest Determinate Nix manual] \([source]) +- [ ] checked [open bug issues and pull requests] for possible duplicates -Add :+1: to [issues you find important](https://github.com/NixOS/nix/issues?q=is%3Aissue+is%3Aopen+sort%3Areactions-%2B1-desc). +[latest Determinate Nix manual]: https://manual.determinate.systems/ +[source]: https://github.com/DeterminateSystems/nix-src/tree/detsys-main/doc/manual/source +[open bug issues and pull requests]: https://github.com/DeterminateSystems/nix-src/labels/bug diff --git a/.github/ISSUE_TEMPLATE/installer.md b/.github/ISSUE_TEMPLATE/installer.md index ed5e1ce87b9..9bf6541c78e 100644 --- a/.github/ISSUE_TEMPLATE/installer.md +++ b/.github/ISSUE_TEMPLATE/installer.md @@ -1,18 +1,17 @@ --- name: Installer issue about: Report problems with installation -title: '' +title: "" labels: installer -assignees: '' - +assignees: "" --- ## Platform - + -- [ ] Linux: - [ ] macOS +- [ ] Linux: - [ ] WSL ## Additional information @@ -35,13 +34,9 @@ assignees: '' -- [ ] checked [latest Nix manual] \([source]) -- [ ] checked [open installer issues and pull requests] for possible duplicates - -[latest Nix manual]: https://nixos.org/manual/nix/unstable/ -[source]: https://github.com/NixOS/nix/tree/master/doc/manual/source -[open installer issues and pull requests]: https://github.com/NixOS/nix/labels/installer - ---- +- [ ] checked [latest Determinate Nix manual] \([source]) +- [ ] checked [open bug issues and pull requests] for possible duplicates -Add :+1: to [issues you find important](https://github.com/NixOS/nix/issues?q=is%3Aissue+is%3Aopen+sort%3Areactions-%2B1-desc). +[latest Determinate Nix manual]: https://manual.determinate.systems/ +[source]: https://github.com/DeterminateSystems/nix-src/tree/detsys-main/doc/manual/source +[open bug issues and pull requests]: https://github.com/DeterminateSystems/nix-src/labels/bug diff --git a/.github/ISSUE_TEMPLATE/missing_documentation.md b/.github/ISSUE_TEMPLATE/missing_documentation.md index 6c334b72206..eaa6b11709a 100644 --- a/.github/ISSUE_TEMPLATE/missing_documentation.md +++ b/.github/ISSUE_TEMPLATE/missing_documentation.md @@ -1,10 +1,9 @@ --- name: Missing or incorrect documentation about: Help us improve the reference manual -title: '' +title: "" labels: documentation -assignees: '' - +assignees: "" --- ## Problem @@ -19,13 +18,9 @@ assignees: '' -- [ ] checked [latest Nix manual] \([source]) -- [ ] checked [open documentation issues and pull requests] for possible duplicates - -[latest Nix manual]: https://nixos.org/manual/nix/unstable/ -[source]: https://github.com/NixOS/nix/tree/master/doc/manual/source -[open documentation issues and pull requests]: https://github.com/NixOS/nix/labels/documentation - ---- +- [ ] checked [latest Determinate Nix manual] \([source]) +- [ ] checked [open bug issues and pull requests] for possible duplicates -Add :+1: to [issues you find important](https://github.com/NixOS/nix/issues?q=is%3Aissue+is%3Aopen+sort%3Areactions-%2B1-desc). +[latest Determinate Nix manual]: https://manual.determinate.systems/ +[source]: https://github.com/DeterminateSystems/nix-src/tree/detsys-main/doc/manual/source +[open bug issues and pull requests]: https://github.com/DeterminateSystems/nix-src/labels/bug diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md index c6843d86fa7..d3e1f817736 100644 --- a/.github/PULL_REQUEST_TEMPLATE.md +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -1,22 +1,3 @@ - - ## Motivation @@ -30,9 +11,3 @@ so you understand the process and the expectations. - ---- - -Add :+1: to [pull requests you find important](https://github.com/NixOS/nix/pulls?q=is%3Aopen+sort%3Areactions-%2B1-desc). - -The Nix maintainer team uses a [GitHub project board](https://github.com/orgs/NixOS/projects/19) to [schedule and track reviews](https://github.com/NixOS/nix/tree/master/maintainers#project-board-protocol). diff --git a/.github/STALE-BOT.md b/.github/STALE-BOT.md index 383717bfc1d..281d0f79a8b 100644 --- a/.github/STALE-BOT.md +++ b/.github/STALE-BOT.md @@ -2,34 +2,21 @@ - Thanks for your contribution! - To remove the stale label, just leave a new comment. -- _How to find the right people to ping?_ → [`git blame`](https://git-scm.com/docs/git-blame) to the rescue! (or GitHub's history and blame buttons.) -- You can always ask for help on [our Discourse Forum](https://discourse.nixos.org/) or on [Matrix - #nix:nixos.org](https://matrix.to/#/#nix:nixos.org). +- You can always ask for help on [Discord](https://determinate.systems/discord). ## Suggestions for PRs -1. GitHub sometimes doesn't notify people who commented / reviewed a PR previously, when you (force) push commits. If you have addressed the reviews you can [officially ask for a review](https://docs.github.com/en/free-pro-team@latest/github/collaborating-with-issues-and-pull-requests/requesting-a-pull-request-review) from those who commented to you or anyone else. -2. If it is unfinished but you plan to finish it, please mark it as a draft. -3. If you don't expect to work on it any time soon, closing it with a short comment may encourage someone else to pick up your work. -4. To get things rolling again, rebase the PR against the target branch and address valid comments. -5. If you need a review to move forward, ask in [the Discourse thread for PRs that need help](https://discourse.nixos.org/t/prs-in-distress/3604). -6. If all you need is a merge, check the git history to find and [request reviews](https://docs.github.com/en/github/collaborating-with-issues-and-pull-requests/requesting-a-pull-request-review) from people who usually merge related contributions. +1. If it is unfinished but you plan to finish it, please mark it as a draft. +1. If you don't expect to work on it any time soon, closing it with a short comment may encourage someone else to pick up your work. +1. To get things rolling again, rebase the PR against the target branch and address valid comments. +1. If you need a review to move forward, ask in [Discord](https://determinate.systems/discord). ## Suggestions for issues 1. If it is resolved (either for you personally, or in general), please consider closing it. 2. If this might still be an issue, but you are not interested in promoting its resolution, please consider closing it while encouraging others to take over and reopen an issue if they care enough. -3. If you still have interest in resolving it, try to ping somebody who you believe might have an interest in the topic. Consider discussing the problem in [our Discourse Forum](https://discourse.nixos.org/). -4. As with all open source projects, your best option is to submit a Pull Request that addresses this issue. We :heart: this attitude! +3. If you still have interest in resolving it, try to ping somebody who you believe might have an interest in the topic. Consider discussing the problem in [Discord](https://determinate.systems/discord). **Memorandum on closing issues** Don't be afraid to close an issue that holds valuable information. Closed issues stay in the system for people to search, read, cross-reference, or even reopen--nothing is lost! Closing obsolete issues is an important way to help maintainers focus their time and effort. - -## Useful GitHub search queries - -- [Open PRs with any stale-bot interaction](https://github.com/NixOS/nix/pulls?q=is%3Apr+is%3Aopen+commenter%3Aapp%2Fstale+) -- [Open PRs with any stale-bot interaction and `stale`](https://github.com/NixOS/nix/pulls?q=is%3Apr+is%3Aopen+commenter%3Aapp%2Fstale+label%3A%22stale%22) -- [Open PRs with any stale-bot interaction and NOT `stale`](https://github.com/NixOS/nix/pulls?q=is%3Apr+is%3Aopen+commenter%3Aapp%2Fstale+-label%3A%22stale%22+) -- [Open Issues with any stale-bot interaction](https://github.com/NixOS/nix/issues?q=is%3Aissue+is%3Aopen+commenter%3Aapp%2Fstale+) -- [Open Issues with any stale-bot interaction and `stale`](https://github.com/NixOS/nix/issues?q=is%3Aissue+is%3Aopen+commenter%3Aapp%2Fstale+label%3A%22stale%22+) -- [Open Issues with any stale-bot interaction and NOT `stale`](https://github.com/NixOS/nix/issues?q=is%3Aissue+is%3Aopen+commenter%3Aapp%2Fstale+-label%3A%22stale%22+) From ce1cca8ebdc6433c30a0150e71352ec6b496a188 Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Sun, 27 Apr 2025 17:08:48 -0400 Subject: [PATCH 519/815] Allow useless cat. --- .github/release-notes.sh | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/release-notes.sh b/.github/release-notes.sh index 641426b3641..e567e0225d7 100755 --- a/.github/release-notes.sh +++ b/.github/release-notes.sh @@ -1,5 +1,10 @@ #!/bin/sh +# SC2002 disables "useless cat" warnings. +# I prefer pipelines that start with an explicit input, and go from there. +# Overly fussy. +# shellcheck disable=SC2002 + scratch=$(mktemp -d -t tmp.XXXXXXXXXX) finish() { rm -rf "$scratch" From 9ba32a29817a10de103b0e30c4840eec5e0c0ae1 Mon Sep 17 00:00:00 2001 From: Philipp Otterbein Date: Mon, 28 Apr 2025 00:46:44 +0200 Subject: [PATCH 520/815] allocate SimpleLogger before forking (cherry picked from commit 4e95f662db38d219609361697ae48a2b02352c20) --- src/libutil/unix/processes.cc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/libutil/unix/processes.cc b/src/libutil/unix/processes.cc index 198243c2076..0d50fc303e1 100644 --- a/src/libutil/unix/processes.cc +++ b/src/libutil/unix/processes.cc @@ -202,6 +202,7 @@ static int childEntry(void * arg) pid_t startProcess(std::function fun, const ProcessOptions & options) { + auto newLogger = makeSimpleLogger(); ChildWrapperFunction wrapper = [&] { if (!options.allowVfork) { /* Set a simple logger, while releasing (not destroying) @@ -210,7 +211,7 @@ pid_t startProcess(std::function fun, const ProcessOptions & options) ~ProgressBar() tries to join a thread that doesn't exist. */ logger.release(); - logger = makeSimpleLogger(); + logger = std::move(newLogger); } try { #ifdef __linux__ From 5a87809b25f862084aaf4ed43483c49aebf86899 Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Mon, 28 Apr 2025 10:29:49 -0400 Subject: [PATCH 521/815] Update .github/release-notes.sh Co-authored-by: gustavderdrache --- .github/release-notes.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/release-notes.sh b/.github/release-notes.sh index e567e0225d7..18dc7ea2f12 100755 --- a/.github/release-notes.sh +++ b/.github/release-notes.sh @@ -29,7 +29,7 @@ trim_trailing_newlines() { linkify_gh() { sed \ - -e 's#\(https://github.com/DeterminateSystems/nix-src/\(pull\|issue\)/\([[:digit:]]\+\)\)#[dnix\#\3](\1)#' \ + -e 's!\(https://github.com/DeterminateSystems/nix-src/\(pull\|issue\)/\([[:digit:]]\+\)\)![DeterminateSystems/nix-src#\3](\1)!' \ -e 's#\(https://github.com/DeterminateSystems/nix-src/compare/\([^ ]\+\)\)#[\2](\1)#' } From e2cce0e02645b8a4d6822786efe979dbe71e0971 Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Mon, 28 Apr 2025 12:42:48 -0400 Subject: [PATCH 522/815] Update .github/release-notes.sh Co-authored-by: gustavderdrache --- .github/release-notes.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/release-notes.sh b/.github/release-notes.sh index 18dc7ea2f12..558f06030e0 100755 --- a/.github/release-notes.sh +++ b/.github/release-notes.sh @@ -22,9 +22,9 @@ gh api "/repos/${GITHUB_REPOSITORY}/releases/generate-notes" \ -f "tag_name=${TAG_NAME}" > "$scratch/notes.json" trim_trailing_newlines() { - tac \ - | awk 'flag {print} {if(NF) flag=1}' \ - | tac + local text + text="$(cat)" + echo -n "${text//$'\n'}" } linkify_gh() { From e44d4b7ec0b335eb39c292dcbdab0be68e9e8819 Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Mon, 28 Apr 2025 12:59:02 -0400 Subject: [PATCH 523/815] Update .github/release-notes.sh --- .github/release-notes.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/release-notes.sh b/.github/release-notes.sh index 558f06030e0..3fe3f6b17b2 100755 --- a/.github/release-notes.sh +++ b/.github/release-notes.sh @@ -1,4 +1,4 @@ -#!/bin/sh +#!/usr/bin/env bash # SC2002 disables "useless cat" warnings. # I prefer pipelines that start with an explicit input, and go from there. From 2e2d795b46e5373f16590406c104523a3e1d0fa0 Mon Sep 17 00:00:00 2001 From: Luc Perkins Date: Mon, 28 Apr 2025 14:52:01 -0300 Subject: [PATCH 524/815] Remove trailing slash in Zero to Nix URL --- src/nix-channel/nix-channel.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/nix-channel/nix-channel.cc b/src/nix-channel/nix-channel.cc index a6ca6f711c1..3d708898b89 100644 --- a/src/nix-channel/nix-channel.cc +++ b/src/nix-channel/nix-channel.cc @@ -166,7 +166,7 @@ static int main_nix_channel(int argc, char ** argv) { warn( "nix-channel is deprecated in favor of flakes in Determinate Nix. \ -For a guide on Nix flakes, see: https://zero-to-nix.com/. \ +For a guide on Nix flakes, see: https://zero-to-nix.com. \ For details and to offer feedback on the deprecation process, see: https://github.com/DeterminateSystems/nix-src/issues/34."); { From 506f489dae5279257893ee9b8735a2ad49ac1e65 Mon Sep 17 00:00:00 2001 From: Luc Perkins Date: Mon, 28 Apr 2025 15:04:29 -0300 Subject: [PATCH 525/815] Remove other trailing slash --- src/libexpr/eval-settings.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libexpr/eval-settings.cc b/src/libexpr/eval-settings.cc index 8fbe94aef19..2676c7b80fb 100644 --- a/src/libexpr/eval-settings.cc +++ b/src/libexpr/eval-settings.cc @@ -90,7 +90,7 @@ std::string EvalSettings::resolvePseudoUrl(std::string_view url) warnOnce(haveWarned, "Channels are deprecated in favor of flakes in Determinate Nix. " "Instead of '%s', use '%s'. " - "For a guide on Nix flakes, see: https://zero-to-nix.com/. " + "For a guide on Nix flakes, see: https://zero-to-nix.com. " "For details and to offer feedback on the deprecation process, see: https://github.com/DeterminateSystems/nix-src/issues/34.", url, realUrl); return realUrl; From 71e735385a7696103610891020fde9c6205f4391 Mon Sep 17 00:00:00 2001 From: Luc Perkins Date: Mon, 28 Apr 2025 15:39:38 -0300 Subject: [PATCH 526/815] Change language around guide --- src/libexpr/eval-settings.cc | 2 +- src/nix-channel/nix-channel.cc | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/libexpr/eval-settings.cc b/src/libexpr/eval-settings.cc index 2676c7b80fb..dd498fdf2dd 100644 --- a/src/libexpr/eval-settings.cc +++ b/src/libexpr/eval-settings.cc @@ -90,7 +90,7 @@ std::string EvalSettings::resolvePseudoUrl(std::string_view url) warnOnce(haveWarned, "Channels are deprecated in favor of flakes in Determinate Nix. " "Instead of '%s', use '%s'. " - "For a guide on Nix flakes, see: https://zero-to-nix.com. " + "See https://zero-to-nix.com for a guide to Nix flakes. " "For details and to offer feedback on the deprecation process, see: https://github.com/DeterminateSystems/nix-src/issues/34.", url, realUrl); return realUrl; diff --git a/src/nix-channel/nix-channel.cc b/src/nix-channel/nix-channel.cc index 3d708898b89..2ad88dbbea3 100644 --- a/src/nix-channel/nix-channel.cc +++ b/src/nix-channel/nix-channel.cc @@ -166,7 +166,7 @@ static int main_nix_channel(int argc, char ** argv) { warn( "nix-channel is deprecated in favor of flakes in Determinate Nix. \ -For a guide on Nix flakes, see: https://zero-to-nix.com. \ +See https://zero-to-nix.com for a guide to Nix flakes. \ For details and to offer feedback on the deprecation process, see: https://github.com/DeterminateSystems/nix-src/issues/34."); { From de24714a909054167956ceb6324d6f98d2eacc34 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Mon, 28 Apr 2025 21:54:52 +0000 Subject: [PATCH 527/815] Prepare release v3.4.1 From 7cf6869f98cd38e08c1331e634ab3a2351f9ec18 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Mon, 28 Apr 2025 21:54:55 +0000 Subject: [PATCH 528/815] Set .version-determinate to 3.4.1 --- .version-determinate | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.version-determinate b/.version-determinate index 18091983f59..47b322c971c 100644 --- a/.version-determinate +++ b/.version-determinate @@ -1 +1 @@ -3.4.0 +3.4.1 From dc7d270df4db780fe3e334412e7867bd533165d2 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Mon, 5 May 2025 13:24:57 +0000 Subject: [PATCH 529/815] Prepare release v3.4.2 From 21ff15bb2ef7996c2d5e299a93ca8908987b5822 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Mon, 5 May 2025 13:25:03 +0000 Subject: [PATCH 530/815] Set .version-determinate to 3.4.2 --- .version-determinate | 2 +- doc/manual/source/SUMMARY.md.in | 1 + doc/manual/source/release-notes-determinate/changes.md | 4 +++- doc/manual/source/release-notes-determinate/rl-3.4.2.md | 4 ++++ 4 files changed, 9 insertions(+), 2 deletions(-) create mode 100644 doc/manual/source/release-notes-determinate/rl-3.4.2.md diff --git a/.version-determinate b/.version-determinate index 47b322c971c..4d9d11cf505 100644 --- a/.version-determinate +++ b/.version-determinate @@ -1 +1 @@ -3.4.1 +3.4.2 diff --git a/doc/manual/source/SUMMARY.md.in b/doc/manual/source/SUMMARY.md.in index 8cce1113c32..7b9831734f1 100644 --- a/doc/manual/source/SUMMARY.md.in +++ b/doc/manual/source/SUMMARY.md.in @@ -128,6 +128,7 @@ - [Contributing](development/contributing.md) - [Determinate Nix Release Notes](release-notes-determinate/index.md) - [Changes between Nix and Determinate Nix](release-notes-determinate/changes.md) + - [Release 3.4.2 (2025-05-05)](release-notes-determinate/rl-3.4.2.md) - [Release 3.4.0 (2025-04-25)](release-notes-determinate/rl-3.4.0.md) - [Release 3.3.0 (2025-04-11)](release-notes-determinate/rl-3.3.0.md) - [Release 3.1.0 (2025-03-27)](release-notes-determinate/rl-3.1.0.md) diff --git a/doc/manual/source/release-notes-determinate/changes.md b/doc/manual/source/release-notes-determinate/changes.md index 5816ef87157..b88ef57c5ea 100644 --- a/doc/manual/source/release-notes-determinate/changes.md +++ b/doc/manual/source/release-notes-determinate/changes.md @@ -1,6 +1,6 @@ # Changes between Nix and Determinate Nix -This section lists the differences between upstream Nix 2.24 and Determinate Nix 3.4.0. +This section lists the differences between upstream Nix 2.28 and Determinate Nix 3.4.2. * In Determinate Nix, flakes are stable. You no longer need to enable the `flakes` experimental feature. @@ -15,3 +15,5 @@ This section lists the differences between upstream Nix 2.24 and Determinate Nix * Using indirect flake references and implicit inputs is deprecated, see: https://github.com/DeterminateSystems/nix-src/issues/37 * Warnings around "dirty trees" are updated to reduce "dirty" jargon, and now refers to "uncommitted changes". + + diff --git a/doc/manual/source/release-notes-determinate/rl-3.4.2.md b/doc/manual/source/release-notes-determinate/rl-3.4.2.md new file mode 100644 index 00000000000..8acabd4425f --- /dev/null +++ b/doc/manual/source/release-notes-determinate/rl-3.4.2.md @@ -0,0 +1,4 @@ +# Release 3.4.2 (2025-05-05) + +* Based on [upstream Nix 2.28.3](../release-notes/rl-2.28.md). + From eea5988e6d0db3f2f40acca97a23a01510589c80 Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Mon, 5 May 2025 10:23:25 -0400 Subject: [PATCH 531/815] Only run the test step after build completes This prevents the test step from duplicating work from the build step. This minimizes contention on our macOS build infra most significantly, but the others too. --- .github/workflows/build.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 607a31a6b0f..437be278aa5 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -37,6 +37,7 @@ jobs: path: ./tarball/*.xz test: if: ${{ inputs.if && inputs.run_tests}} + needs: build strategy: fail-fast: false runs-on: ${{ inputs.os }} From d9839cc92283aa1529d2aa39f0a49f136dd6354d Mon Sep 17 00:00:00 2001 From: Luc Perkins Date: Mon, 5 May 2025 14:15:20 -0300 Subject: [PATCH 532/815] Remove flake-compat input --- default.nix | 9 --------- flake.nix | 5 ----- shell.nix | 3 --- 3 files changed, 17 deletions(-) delete mode 100644 default.nix delete mode 100644 shell.nix diff --git a/default.nix b/default.nix deleted file mode 100644 index 6466507b714..00000000000 --- a/default.nix +++ /dev/null @@ -1,9 +0,0 @@ -(import ( - let - lock = builtins.fromJSON (builtins.readFile ./flake.lock); - in - fetchTarball { - url = "https://github.com/edolstra/flake-compat/archive/${lock.nodes.flake-compat.locked.rev}.tar.gz"; - sha256 = lock.nodes.flake-compat.locked.narHash; - } -) { src = ./.; }).defaultNix diff --git a/flake.nix b/flake.nix index 03c25204e42..8fe6a031f41 100644 --- a/flake.nix +++ b/flake.nix @@ -5,10 +5,6 @@ inputs.nixpkgs-regression.url = "github:NixOS/nixpkgs/215d4d0fd80ca5163643b03a33fde804a29cc1e2"; inputs.nixpkgs-23-11.url = "github:NixOS/nixpkgs/a62e6edd6d5e1fa0329b8653c801147986f8d446"; - inputs.flake-compat = { - url = "github:edolstra/flake-compat"; - flake = false; - }; # dev tooling inputs.flake-parts.url = "github:hercules-ci/flake-parts"; @@ -18,7 +14,6 @@ inputs.git-hooks-nix.inputs.nixpkgs.follows = "nixpkgs"; inputs.git-hooks-nix.inputs.nixpkgs-stable.follows = "nixpkgs"; # work around 7730 and https://github.com/NixOS/nix/issues/7807 - inputs.git-hooks-nix.inputs.flake-compat.follows = ""; inputs.git-hooks-nix.inputs.gitignore.follows = ""; outputs = diff --git a/shell.nix b/shell.nix deleted file mode 100644 index 918f4bbd9e9..00000000000 --- a/shell.nix +++ /dev/null @@ -1,3 +0,0 @@ -(import (fetchTarball "https://github.com/edolstra/flake-compat/archive/master.tar.gz") { - src = ./.; -}).shellNix From fef193fbc4fa83abdb82db91cf4c79cff41f5f17 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Tue, 6 May 2025 18:42:32 +0200 Subject: [PATCH 533/815] Try namespace runner --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 9df6b00a52e..b3efeca79c7 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -91,7 +91,7 @@ jobs: flake_regressions: #if: github.event_name == 'merge_group' needs: build_x86_64-linux - runs-on: blacksmith-32vcpu-ubuntu-2204 + runs-on: namespace-profile-x86-32cpu-64gb steps: - name: Checkout nix uses: actions/checkout@v4 From 6f5cfafe0d5f62a9f554b236db09ef7762396988 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Tue, 6 May 2025 19:11:49 +0200 Subject: [PATCH 534/815] Run flake-regressions with --lazy-trees --- .github/workflows/ci.yml | 25 ++++++++++++++++++++++++- 1 file changed, 24 insertions(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index b3efeca79c7..0bb4083fb80 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -109,7 +109,30 @@ jobs: with: determinate: true - uses: DeterminateSystems/flakehub-cache-action@main - - run: lscpu && nix build -L --out-link ./new-nix && PATH=$(pwd)/new-nix/bin:$PATH PARALLEL="-P 16" flake-regressions/eval-all.sh + - run: lscpu && nix build -L --out-link ./new-nix && PATH=$(pwd)/new-nix/bin:$PATH PARALLEL="-P 50%" flake-regressions/eval-all.sh + + flake_regressions_lazy: + #if: github.event_name == 'merge_group' + needs: build_x86_64-linux + runs-on: namespace-profile-x86-32cpu-64gb + steps: + - name: Checkout nix + uses: actions/checkout@v4 + - name: Checkout flake-regressions + uses: actions/checkout@v4 + with: + repository: DeterminateSystems/flake-regressions + path: flake-regressions + - name: Checkout flake-regressions-data + uses: actions/checkout@v4 + with: + repository: DeterminateSystems/flake-regressions-data + path: flake-regressions/tests + - uses: DeterminateSystems/nix-installer-action@main + with: + determinate: true + - uses: DeterminateSystems/flakehub-cache-action@main + - run: lscpu && nix build -L --out-link ./new-nix && PATH=$(pwd)/new-nix/bin:$PATH PARALLEL="-P 50%" NIX_CONFIG="lazy-trees = true" flake-regressions/eval-all.sh manual: if: github.event_name != 'merge_group' From 5a7555f4aa71844491fdbf086596c42780918954 Mon Sep 17 00:00:00 2001 From: Luc Perkins Date: Tue, 6 May 2025 15:41:23 -0300 Subject: [PATCH 535/815] Update flake.lock in light of recent change --- flake.lock | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/flake.lock b/flake.lock index ce484a67a2a..47cab9510c8 100644 --- a/flake.lock +++ b/flake.lock @@ -38,7 +38,7 @@ }, "git-hooks-nix": { "inputs": { - "flake-compat": [], + "flake-compat": "flake-compat", "gitignore": [], "nixpkgs": [ "nixpkgs" @@ -111,7 +111,6 @@ }, "root": { "inputs": { - "flake-compat": "flake-compat", "flake-parts": "flake-parts", "git-hooks-nix": "git-hooks-nix", "nixpkgs": "nixpkgs", From 49da034ecdb0cbac2939c6134cc0d3d55003a704 Mon Sep 17 00:00:00 2001 From: gustavderdrache Date: Tue, 6 May 2025 14:41:09 -0400 Subject: [PATCH 536/815] Deprecate upgrade-nix command --- src/libstore/include/nix/store/globals.hh | 7 +- src/nix/upgrade-nix.cc | 118 +--------------------- src/nix/upgrade-nix.md | 31 +----- 3 files changed, 11 insertions(+), 145 deletions(-) diff --git a/src/libstore/include/nix/store/globals.hh b/src/libstore/include/nix/store/globals.hh index c35b911cf82..10a7f7ca7e4 100644 --- a/src/libstore/include/nix/store/globals.hh +++ b/src/libstore/include/nix/store/globals.hh @@ -1217,11 +1217,12 @@ public: Setting upgradeNixStorePathUrl{ this, - "https://github.com/NixOS/nixpkgs/raw/master/nixos/modules/installer/tools/nix-fallback-paths.nix", + "", "upgrade-nix-store-path-url", R"( - Used by `nix upgrade-nix`, the URL of the file that contains the - store paths of the latest Nix release. + Deprecated. This option was used to configure how `nix upgrade-nix` operated. + + Using this setting has no effect. It will be removed in a future release of Determinate Nix. )" }; diff --git a/src/nix/upgrade-nix.cc b/src/nix/upgrade-nix.cc index 64824110460..3fca0c6e9df 100644 --- a/src/nix/upgrade-nix.cc +++ b/src/nix/upgrade-nix.cc @@ -14,26 +14,6 @@ using namespace nix; struct CmdUpgradeNix : MixDryRun, StoreCommand { - std::filesystem::path profileDir; - - CmdUpgradeNix() - { - addFlag({ - .longName = "profile", - .shortName = 'p', - .description = "The path to the Nix profile to upgrade.", - .labels = {"profile-dir"}, - .handler = {&profileDir}, - }); - - addFlag({ - .longName = "nix-store-paths-url", - .description = "The URL of the file that contains the store paths of the latest Nix release.", - .labels = {"url"}, - .handler = {&(std::string&) settings.upgradeNixStorePathUrl}, - }); - } - /** * This command is stable before the others */ @@ -44,7 +24,7 @@ struct CmdUpgradeNix : MixDryRun, StoreCommand std::string description() override { - return "upgrade Nix to the latest stable version"; + return "(deprecated) upgrade Nix to the latest stable version"; } std::string doc() override @@ -58,101 +38,7 @@ struct CmdUpgradeNix : MixDryRun, StoreCommand void run(ref store) override { - evalSettings.pureEval = true; - - if (profileDir == "") - profileDir = getProfileDir(store); - - printInfo("upgrading Nix in profile %s", profileDir); - - auto storePath = getLatestNix(store); - - auto version = DrvName(storePath.name()).version; - - if (dryRun) { - logger->stop(); - warn("would upgrade to version %s", version); - return; - } - - { - Activity act(*logger, lvlInfo, actUnknown, fmt("downloading '%s'...", store->printStorePath(storePath))); - store->ensurePath(storePath); - } - - { - Activity act(*logger, lvlInfo, actUnknown, fmt("verifying that '%s' works...", store->printStorePath(storePath))); - auto program = store->printStorePath(storePath) + "/bin/nix-env"; - auto s = runProgram(program, false, {"--version"}); - if (s.find("Nix") == std::string::npos) - throw Error("could not verify that '%s' works", program); - } - - logger->stop(); - - { - Activity act(*logger, lvlInfo, actUnknown, - fmt("installing '%s' into profile %s...", store->printStorePath(storePath), profileDir)); - - // FIXME: don't call an external process. - runProgram(getNixBin("nix-env").string(), false, - {"--profile", profileDir.string(), "-i", store->printStorePath(storePath), "--no-sandbox"}); - } - - printInfo(ANSI_GREEN "upgrade to version %s done" ANSI_NORMAL, version); - } - - /* Return the profile in which Nix is installed. */ - std::filesystem::path getProfileDir(ref store) - { - auto whereOpt = ExecutablePath::load().findName(OS_STR("nix-env")); - if (!whereOpt) - throw Error("couldn't figure out how Nix is installed, so I can't upgrade it"); - const auto & where = whereOpt->parent_path(); - - printInfo("found Nix in %s", where); - - if (hasPrefix(where.string(), "/run/current-system")) - throw Error("Nix on NixOS must be upgraded via 'nixos-rebuild'"); - - auto profileDir = where.parent_path(); - - // Resolve profile to /nix/var/nix/profiles/ link. - while (canonPath(profileDir.string()).find("/profiles/") == std::string::npos && std::filesystem::is_symlink(profileDir)) - profileDir = readLink(profileDir.string()); - - printInfo("found profile %s", profileDir); - - Path userEnv = canonPath(profileDir.string(), true); - - if (std::filesystem::exists(profileDir / "manifest.json")) - throw Error("directory %s is managed by 'nix profile' and currently cannot be upgraded by 'nix upgrade-nix'", profileDir); - - if (!std::filesystem::exists(profileDir / "manifest.nix")) - throw Error("directory %s does not appear to be part of a Nix profile", profileDir); - - if (!store->isValidPath(store->parseStorePath(userEnv))) - throw Error("directory '%s' is not in the Nix store", userEnv); - - return profileDir; - } - - /* Return the store path of the latest stable Nix. */ - StorePath getLatestNix(ref store) - { - Activity act(*logger, lvlInfo, actUnknown, "querying latest Nix version"); - - // FIXME: use nixos.org? - auto req = FileTransferRequest((std::string&) settings.upgradeNixStorePathUrl); - auto res = getFileTransfer()->download(req); - - auto state = std::make_unique(LookupPath{}, store, fetchSettings, evalSettings); - auto v = state->allocValue(); - state->eval(state->parseExprFromString(res.data, state->rootPath(CanonPath("/no-such-path"))), *v); - Bindings & bindings(*state->allocBindings(0)); - auto v2 = findAlongAttrPath(*state, settings.thisSystem, bindings, *v).first; - - return store->parseStorePath(state->forceString(*v2, noPos, "while evaluating the path tho latest nix version")); + throw Error("The upgrade-nix command isn't available in Determinate Nix; use %s instead", "sudo determinate-nixd upgrade"); } }; diff --git a/src/nix/upgrade-nix.md b/src/nix/upgrade-nix.md index 3a3bf61b9b0..3bbcfc9b08f 100644 --- a/src/nix/upgrade-nix.md +++ b/src/nix/upgrade-nix.md @@ -1,33 +1,12 @@ R""( -# Examples - -* Upgrade Nix to the stable version declared in Nixpkgs: - - ```console - # nix upgrade-nix - ``` - -* Upgrade Nix in a specific profile: - - ```console - # nix upgrade-nix --profile ~alice/.local/state/nix/profiles/profile - ``` - # Description -This command upgrades Nix to the stable version. - -By default, the latest stable version is defined by Nixpkgs, in -[nix-fallback-paths.nix](https://github.com/NixOS/nixpkgs/raw/master/nixos/modules/installer/tools/nix-fallback-paths.nix) -and updated manually. It may not always be the latest tagged release. - -By default, it locates the directory containing the `nix` binary in the `$PATH` -environment variable. If that directory is a Nix profile, it will -upgrade the `nix` package in that profile to the latest stable binary -release. +This command isn't available in Determinate Nix but is present in order to guide +users to the new upgrade path. -You cannot use this command to upgrade Nix in the system profile of a -NixOS system (that is, if `nix` is found in `/run/current-system`). +Use `sudo determinate-nixd upgrade` to upgrade Determinate Nix on systems that +manage it imperatively. In practice, this is any system that isn't running +NixOS. )"" From d4eb6059c9d078498761e3ece06f71151fa257b6 Mon Sep 17 00:00:00 2001 From: gustavderdrache Date: Tue, 6 May 2025 15:11:34 -0400 Subject: [PATCH 537/815] Update src/nix/upgrade-nix.cc Co-authored-by: Graham Christensen --- src/nix/upgrade-nix.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/nix/upgrade-nix.cc b/src/nix/upgrade-nix.cc index 3fca0c6e9df..3f05622e15b 100644 --- a/src/nix/upgrade-nix.cc +++ b/src/nix/upgrade-nix.cc @@ -24,7 +24,7 @@ struct CmdUpgradeNix : MixDryRun, StoreCommand std::string description() override { - return "(deprecated) upgrade Nix to the latest stable version"; + return "deprecated in favor of determinate-nixd upgrade"; } std::string doc() override From fb01b8c5c9347714fbbedc0d68518cca4618c346 Mon Sep 17 00:00:00 2001 From: gustavderdrache Date: Tue, 6 May 2025 15:30:33 -0400 Subject: [PATCH 538/815] Nits: formatting --- src/nix/upgrade-nix.md | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/src/nix/upgrade-nix.md b/src/nix/upgrade-nix.md index 3bbcfc9b08f..bb515717582 100644 --- a/src/nix/upgrade-nix.md +++ b/src/nix/upgrade-nix.md @@ -5,8 +5,7 @@ R""( This command isn't available in Determinate Nix but is present in order to guide users to the new upgrade path. -Use `sudo determinate-nixd upgrade` to upgrade Determinate Nix on systems that -manage it imperatively. In practice, this is any system that isn't running -NixOS. +Use `sudo determinate-nixd upgrade` to upgrade Determinate Nix on systems that manage it imperatively. +In practice, this is any system that isn't running NixOS. )"" From 630bdff7e9d9d1585d61d3b5f2ceb24e553708fb Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 7 May 2025 12:49:11 +0200 Subject: [PATCH 539/815] Re-enable _NIX_TEST_FAIL_ON_LARGE_PATH tests --- tests/functional/flakes/flakes.sh | 2 +- tests/functional/flakes/unlocked-override.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/functional/flakes/flakes.sh b/tests/functional/flakes/flakes.sh index 78ad833e5be..611e8626d6c 100755 --- a/tests/functional/flakes/flakes.sh +++ b/tests/functional/flakes/flakes.sh @@ -76,7 +76,7 @@ hash1=$(echo "$json" | jq -r .revision) echo foo > "$flake1Dir/foo" git -C "$flake1Dir" add $flake1Dir/foo [[ $(nix flake metadata flake1 --json --refresh | jq -r .dirtyRevision) == "$hash1-dirty" ]] -#[[ $(_NIX_TEST_FAIL_ON_LARGE_PATH=1 nix flake metadata flake1 --json --refresh --warn-large-path-threshold 1 | jq -r .dirtyRevision) == "$hash1-dirty" ]] +[[ $(_NIX_TEST_FAIL_ON_LARGE_PATH=1 nix flake metadata flake1 --json --refresh --warn-large-path-threshold 1 --lazy-trees | jq -r .dirtyRevision) == "$hash1-dirty" ]] [[ "$(nix flake metadata flake1 --json | jq -r .fingerprint)" != null ]] echo -n '# foo' >> "$flake1Dir/flake.nix" diff --git a/tests/functional/flakes/unlocked-override.sh b/tests/functional/flakes/unlocked-override.sh index 73784b4e818..bd73929dcf7 100755 --- a/tests/functional/flakes/unlocked-override.sh +++ b/tests/functional/flakes/unlocked-override.sh @@ -36,7 +36,7 @@ expectStderr 1 nix flake lock "$flake2Dir" --override-input flake1 "$TEST_ROOT/f grepQuiet "Will not write lock file.*because it has an unlocked input" nix flake lock "$flake2Dir" --override-input flake1 "$TEST_ROOT/flake1" --allow-dirty-locks -#_NIX_TEST_FAIL_ON_LARGE_PATH=1 nix flake lock "$flake2Dir" --override-input flake1 "$TEST_ROOT/flake1" --allow-dirty-locks --warn-large-path-threshold 1 +_NIX_TEST_FAIL_ON_LARGE_PATH=1 nix flake lock "$flake2Dir" --override-input flake1 "$TEST_ROOT/flake1" --allow-dirty-locks --warn-large-path-threshold 1 --lazy-trees # Using a lock file with a dirty lock does not require --allow-dirty-locks, but should print a warning. expectStderr 0 nix eval "$flake2Dir#x" | From 91cde8c79d318a1adb0f2e3dfa8670e4964ff3b4 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 7 May 2025 13:31:04 +0200 Subject: [PATCH 540/815] EvalState::mountInput(): Throw an error if there is a NAR hash mismatch --- src/libexpr/paths.cc | 12 ++++++++++-- tests/functional/fetchGit.sh | 5 ++--- 2 files changed, 12 insertions(+), 5 deletions(-) diff --git a/src/libexpr/paths.cc b/src/libexpr/paths.cc index 826a738a660..da1408e9b34 100644 --- a/src/libexpr/paths.cc +++ b/src/libexpr/paths.cc @@ -83,8 +83,16 @@ StorePath EvalState::mountInput( } // FIXME: what to do with the NAR hash in lazy mode? - if (!settings.lazyTrees) - assert(!originalInput.getNarHash() || storePath == originalInput.computeStorePath(*store)); + if (!settings.lazyTrees && originalInput.getNarHash()) { + auto expected = originalInput.computeStorePath(*store); + if (storePath != expected) + throw Error( + (unsigned int) 102, + "NAR hash mismatch in input '%s', expected '%s' but got '%s'", + originalInput.to_string(), + store->printStorePath(storePath), + store->printStorePath(expected)); + } return storePath; } diff --git a/tests/functional/fetchGit.sh b/tests/functional/fetchGit.sh index baa09b60ba5..6fc8ca8b0c4 100755 --- a/tests/functional/fetchGit.sh +++ b/tests/functional/fetchGit.sh @@ -142,14 +142,13 @@ path4=$(nix eval --impure --refresh --raw --expr "(builtins.fetchGit file://$rep [[ $(nix eval --impure --expr "builtins.hasAttr \"dirtyRev\" (builtins.fetchGit $repo)") == "false" ]] [[ $(nix eval --impure --expr "builtins.hasAttr \"dirtyShortRev\" (builtins.fetchGit $repo)") == "false" ]] -# FIXME: check narHash -#expect 102 nix eval --raw --expr "(builtins.fetchGit { url = $repo; rev = \"$rev2\"; narHash = \"sha256-B5yIPHhEm0eysJKEsO7nqxprh9vcblFxpJG11gXJus1=\"; }).outPath" +expect 102 nix eval --raw --expr "(builtins.fetchGit { url = $repo; rev = \"$rev2\"; narHash = \"sha256-B5yIPHhEm0eysJKEsO7nqxprh9vcblFxpJG11gXJus1=\"; }).outPath" path5=$(nix eval --raw --expr "(builtins.fetchGit { url = $repo; rev = \"$rev2\"; narHash = \"sha256-Hr8g6AqANb3xqX28eu1XnjK/3ab8Gv6TJSnkb1LezG9=\"; }).outPath") [[ $path = $path5 ]] # Ensure that NAR hashes are checked. -#expectStderr 102 nix eval --raw --expr "(builtins.fetchGit { url = $repo; rev = \"$rev2\"; narHash = \"sha256-Hr8g6AqANb4xqX28eu1XnjK/3ab8Gv6TJSnkb1LezG9=\"; }).outPath" | grepQuiet "error: NAR hash mismatch" +expectStderr 102 nix eval --raw --expr "(builtins.fetchGit { url = $repo; rev = \"$rev2\"; narHash = \"sha256-Hr8g6AqANb4xqX28eu1XnjK/3ab8Gv6TJSnkb1LezG9=\"; }).outPath" | grepQuiet "error: NAR hash mismatch" # It's allowed to use only a narHash, but you should get a warning. expectStderr 0 nix eval --raw --expr "(builtins.fetchGit { url = $repo; ref = \"tag2\"; narHash = \"sha256-Hr8g6AqANb3xqX28eu1XnjK/3ab8Gv6TJSnkb1LezG9=\"; }).outPath" | grepQuiet "warning: Input .* is unlocked" From 9bab483196e79d66fbb7527f6f68816632931c45 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 7 May 2025 13:37:36 +0200 Subject: [PATCH 541/815] Improve error message Co-authored-by: Cole Helbling --- src/libexpr/eval.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libexpr/eval.cc b/src/libexpr/eval.cc index b898d8ef5ff..6505de7bc4f 100644 --- a/src/libexpr/eval.cc +++ b/src/libexpr/eval.cc @@ -2473,7 +2473,7 @@ StorePath EvalState::coerceToStorePath(const PosIdx pos, Value & v, NixStringCon auto path = coerceToString(pos, v, context, errorCtx, false, false, true).toOwned(); if (auto storePath = store->maybeParseStorePath(path)) return *storePath; - error("cannot coerce '%s' to a store path because it does not denote a subpath of the Nix store", path).withTrace(pos, errorCtx).debugThrow(); + error("cannot coerce '%s' to a store path because it is not a subpath of the Nix store", path).withTrace(pos, errorCtx).debugThrow(); } From d0a89fa03fbfef6ee32485fb39a1844a1cb9c4f6 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 7 May 2025 15:30:13 +0200 Subject: [PATCH 542/815] Put flake_regressions back in the merge queue --- .github/workflows/ci.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 0bb4083fb80..13d91151800 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -89,7 +89,7 @@ jobs: | ".#hydraJobs.tests." + .') flake_regressions: - #if: github.event_name == 'merge_group' + if: github.event_name == 'merge_group' needs: build_x86_64-linux runs-on: namespace-profile-x86-32cpu-64gb steps: @@ -109,10 +109,10 @@ jobs: with: determinate: true - uses: DeterminateSystems/flakehub-cache-action@main - - run: lscpu && nix build -L --out-link ./new-nix && PATH=$(pwd)/new-nix/bin:$PATH PARALLEL="-P 50%" flake-regressions/eval-all.sh + - run: nix build -L --out-link ./new-nix && PATH=$(pwd)/new-nix/bin:$PATH PARALLEL="-P 50%" flake-regressions/eval-all.sh flake_regressions_lazy: - #if: github.event_name == 'merge_group' + if: github.event_name == 'merge_group' needs: build_x86_64-linux runs-on: namespace-profile-x86-32cpu-64gb steps: @@ -132,7 +132,7 @@ jobs: with: determinate: true - uses: DeterminateSystems/flakehub-cache-action@main - - run: lscpu && nix build -L --out-link ./new-nix && PATH=$(pwd)/new-nix/bin:$PATH PARALLEL="-P 50%" NIX_CONFIG="lazy-trees = true" flake-regressions/eval-all.sh + - run: nix build -L --out-link ./new-nix && PATH=$(pwd)/new-nix/bin:$PATH PARALLEL="-P 50%" NIX_CONFIG="lazy-trees = true" flake-regressions/eval-all.sh manual: if: github.event_name != 'merge_group' From f6ad6291ab17048146af88695cb732c70fcc4481 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 7 May 2025 15:56:35 +0200 Subject: [PATCH 543/815] nix flake metadata: Show store path if available --- src/nix/flake.cc | 8 ++++++-- tests/functional/flakes/flakes.sh | 1 + 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/src/nix/flake.cc b/src/nix/flake.cc index 9f63fabc4a7..4782cbb290f 100644 --- a/src/nix/flake.cc +++ b/src/nix/flake.cc @@ -218,9 +218,13 @@ struct CmdFlakeMetadata : FlakeCommand, MixJSON auto lockedFlake = lockFlake(); auto & flake = lockedFlake.flake; + /* Hack to show the store path if available. */ std::optional storePath; - if (flake.lockedRef.input.getNarHash()) - storePath = flake.lockedRef.input.computeStorePath(*store); + if (store->isInStore(flake.path.path.abs())) { + auto path = store->toStorePath(flake.path.path.abs()).first; + if (store->isValidPath(path)) + storePath = path; + } if (json) { nlohmann::json j; diff --git a/tests/functional/flakes/flakes.sh b/tests/functional/flakes/flakes.sh index 611e8626d6c..7ec438d744d 100755 --- a/tests/functional/flakes/flakes.sh +++ b/tests/functional/flakes/flakes.sh @@ -69,6 +69,7 @@ nix flake metadata "$flake1Dir" | grepQuiet 'URL:.*flake1.*' # Test 'nix flake metadata --json'. json=$(nix flake metadata flake1 --json | jq .) [[ $(echo "$json" | jq -r .description) = 'Bla bla' ]] +[[ -d $(echo "$json" | jq -r .path) ]] [[ $(echo "$json" | jq -r .lastModified) = $(git -C "$flake1Dir" log -n1 --format=%ct) ]] hash1=$(echo "$json" | jq -r .revision) [[ -n $(echo "$json" | jq -r .fingerprint) ]] From 8c568277fdb3ce6fbf9df845582d8c5bbf0a79a4 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 7 May 2025 18:24:45 +0200 Subject: [PATCH 544/815] Run flake-regressions --- .github/workflows/ci.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 13d91151800..6feef451b0b 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -89,7 +89,7 @@ jobs: | ".#hydraJobs.tests." + .') flake_regressions: - if: github.event_name == 'merge_group' + #if: github.event_name == 'merge_group' needs: build_x86_64-linux runs-on: namespace-profile-x86-32cpu-64gb steps: @@ -112,7 +112,7 @@ jobs: - run: nix build -L --out-link ./new-nix && PATH=$(pwd)/new-nix/bin:$PATH PARALLEL="-P 50%" flake-regressions/eval-all.sh flake_regressions_lazy: - if: github.event_name == 'merge_group' + #if: github.event_name == 'merge_group' needs: build_x86_64-linux runs-on: namespace-profile-x86-32cpu-64gb steps: From 2a35d8f800542853f426c351f5cf1bb760e341da Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 7 May 2025 18:53:39 +0200 Subject: [PATCH 545/815] Add a special type of context for the result of toString When you apply `builtins.toString` to a path value representing a path in the Nix store (as is the case with flake inputs), historically you got a string without context (e.g. `/nix/store/...-source`). This is broken, since it allows you to pass a store path to a derivation/toFile without a proper store reference. This is especially a problem with lazy trees, since the store path is a virtual path that doesn't exist and can be different every time. For backwards compatibility, and to warn users about this unsafe use of `toString`, we now keep track of such strings as a special type of context. --- .../include/nix/expr/tests/value/context.hh | 5 +++ .../tests/value/context.cc | 12 +++++++ src/libexpr/eval-cache.cc | 3 ++ src/libexpr/eval.cc | 23 ++++++++++--- src/libexpr/include/nix/expr/value/context.hh | 33 ++++++++++++++++++- src/libexpr/primops.cc | 19 +++++++++++ src/libexpr/primops/context.cc | 27 ++++++++++++--- src/libexpr/value-to-json.cc | 5 ++- src/libexpr/value/context.cc | 9 +++++ src/nix/app.cc | 3 ++ 10 files changed, 129 insertions(+), 10 deletions(-) diff --git a/src/libexpr-test-support/include/nix/expr/tests/value/context.hh b/src/libexpr-test-support/include/nix/expr/tests/value/context.hh index a6a851d3ac7..a473f6f12f8 100644 --- a/src/libexpr-test-support/include/nix/expr/tests/value/context.hh +++ b/src/libexpr-test-support/include/nix/expr/tests/value/context.hh @@ -23,6 +23,11 @@ struct Arbitrary { static Gen arbitrary(); }; +template<> +struct Arbitrary { + static Gen arbitrary(); +}; + template<> struct Arbitrary { static Gen arbitrary(); diff --git a/src/libexpr-test-support/tests/value/context.cc b/src/libexpr-test-support/tests/value/context.cc index 51ff1b2ae61..9a27f87309d 100644 --- a/src/libexpr-test-support/tests/value/context.cc +++ b/src/libexpr-test-support/tests/value/context.cc @@ -15,6 +15,15 @@ Gen Arbitrary::arb }); } +Gen Arbitrary::arbitrary() +{ + return gen::map(gen::arbitrary(), [](StorePath storePath) { + return NixStringContextElem::Path{ + .storePath = storePath, + }; + }); +} + Gen Arbitrary::arbitrary() { return gen::mapcat( @@ -30,6 +39,9 @@ Gen Arbitrary::arbitrary() case 2: return gen::map( gen::arbitrary(), [](NixStringContextElem a) { return a; }); + case 3: + return gen::map( + gen::arbitrary(), [](NixStringContextElem a) { return a; }); default: assert(false); } diff --git a/src/libexpr/eval-cache.cc b/src/libexpr/eval-cache.cc index 30aa6076a21..a23d4eb80fe 100644 --- a/src/libexpr/eval-cache.cc +++ b/src/libexpr/eval-cache.cc @@ -628,6 +628,9 @@ string_t AttrCursor::getStringWithContext() [&](const NixStringContextElem::Opaque & o) -> const StorePath & { return o.path; }, + [&](const NixStringContextElem::Path & p) -> const StorePath & { + abort(); // FIXME + }, }, c.raw); if (!root->state.store->isValidPath(path)) { valid = false; diff --git a/src/libexpr/eval.cc b/src/libexpr/eval.cc index 6505de7bc4f..d44ec53c479 100644 --- a/src/libexpr/eval.cc +++ b/src/libexpr/eval.cc @@ -952,8 +952,8 @@ void EvalState::mkPos(Value & v, PosIdx p) // FIXME: only do this for virtual store paths? attrs.alloc(sFile).mkString(path->path.abs(), { - NixStringContextElem::Opaque{ - .path = store->toStorePath(path->path.abs()).first + NixStringContextElem::Path{ + .storePath = store->toStorePath(path->path.abs()).first } }); else @@ -2277,7 +2277,10 @@ std::string_view EvalState::forceStringNoCtx(Value & v, const PosIdx pos, std::s { auto s = forceString(v, pos, errorCtx); if (v.context()) { - error("the string '%1%' is not allowed to refer to a store path (such as '%2%')", v.string_view(), v.context()[0]).withTrace(pos, errorCtx).debugThrow(); + NixStringContext context; + copyContext(v, context); + if (hasContext(context)) + error("the string '%1%' is not allowed to refer to a store path (such as '%2%')", v.string_view(), v.context()[0]).withTrace(pos, errorCtx).debugThrow(); } return s; } @@ -2336,7 +2339,16 @@ BackedStringView EvalState::coerceToString( v.payload.path.path : copyToStore ? store->printStorePath(copyPathToStore(context, v.path())) - : std::string(v.path().path.abs()); + : ({ + auto path = v.path(); + if (path.accessor == rootFS && store->isInStore(path.path.abs())) { + context.insert( + NixStringContextElem::Path{ + .storePath = store->toStorePath(path.path.abs()).first + }); + } + std::string(path.path.abs()); + }); } if (v.type() == nAttrs) { @@ -2499,6 +2511,9 @@ std::pair EvalState::coerceToSingleDerivedP [&](NixStringContextElem::Built && b) -> SingleDerivedPath { return std::move(b); }, + [&](NixStringContextElem::Path && p) -> SingleDerivedPath { + abort(); // FIXME + }, }, ((NixStringContextElem &&) *context.begin()).raw); return { std::move(derivedPath), diff --git a/src/libexpr/include/nix/expr/value/context.hh b/src/libexpr/include/nix/expr/value/context.hh index f2de184ea1f..f53c9b99762 100644 --- a/src/libexpr/include/nix/expr/value/context.hh +++ b/src/libexpr/include/nix/expr/value/context.hh @@ -54,10 +54,35 @@ struct NixStringContextElem { */ using Built = SingleDerivedPath::Built; + /** + * A store path that will not result in a store reference when + * used in a derivation or toFile. + * + * When you apply `builtins.toString` to a path value representing + * a path in the Nix store (as is the case with flake inputs), + * historically you got a string without context + * (e.g. `/nix/store/...-source`). This is broken, since it allows + * you to pass a store path to a derivation/toFile without a + * proper store reference. This is especially a problem with lazy + * trees, since the store path is a virtual path that doesn't + * exist. + * + * For backwards compatibility, and to warn users about this + * unsafe use of `toString`, we keep track of such strings as a + * special type of context. + */ + struct Path + { + StorePath storePath; + + GENERATE_CMP(Path, me->storePath); + }; + using Raw = std::variant< Opaque, DrvDeep, - Built + Built, + Path >; Raw raw; @@ -82,4 +107,10 @@ struct NixStringContextElem { typedef std::set NixStringContext; +/** + * Returns false if `context` has no elements other than + * `NixStringContextElem::Path`. + */ +bool hasContext(const NixStringContext & context); + } diff --git a/src/libexpr/primops.cc b/src/libexpr/primops.cc index 7243f09ce5a..886a581bcfb 100644 --- a/src/libexpr/primops.cc +++ b/src/libexpr/primops.cc @@ -89,6 +89,9 @@ StringMap EvalState::realiseContext(const NixStringContext & context, StorePathS if (maybePathsOut) maybePathsOut->emplace(d.drvPath); }, + [&](const NixStringContextElem::Path & p) { + // FIXME + }, }, c.raw); } @@ -1438,6 +1441,9 @@ static void derivationStrictInternal( [&](const NixStringContextElem::Opaque & o) { drv.inputSrcs.insert(state.devirtualize(o.path, &rewrites)); }, + [&](const NixStringContextElem::Path & p) { + // FIXME: do something + }, }, c.raw); } @@ -2346,10 +2352,21 @@ static void prim_toFile(EvalState & state, const PosIdx pos, Value * * args, Val std::string contents(state.forceString(*args[1], context, pos, "while evaluating the second argument passed to builtins.toFile")); StorePathSet refs; + StringMap rewrites; for (auto c : context) { if (auto p = std::get_if(&c.raw)) refs.insert(p->path); + else if (auto p = std::get_if(&c.raw)) { + if (contents.find(p->storePath.to_string()) != contents.npos) { + warn( + "Using 'builtins.toFile' to create a file named '%s' that references the store path '%s' without a proper context. " + "The resulting file will not have a correct store reference, so this is unreliable and may stop working in the future.", + name, + state.store->printStorePath(p->storePath)); + state.devirtualize(p->storePath, &rewrites); + } + } else state.error( "files created by %1% may not reference derivations, but %2% references %3%", @@ -2359,6 +2376,8 @@ static void prim_toFile(EvalState & state, const PosIdx pos, Value * * args, Val ).atPos(pos).debugThrow(); } + contents = rewriteStrings(contents, rewrites); + auto storePath = settings.readOnlyMode ? state.store->makeFixedOutputPathFromCA(name, TextInfo { .hash = hashString(HashAlgorithm::SHA256, contents), diff --git a/src/libexpr/primops/context.cc b/src/libexpr/primops/context.cc index 6a7284e051f..d8fd0373752 100644 --- a/src/libexpr/primops/context.cc +++ b/src/libexpr/primops/context.cc @@ -7,9 +7,15 @@ namespace nix { static void prim_unsafeDiscardStringContext(EvalState & state, const PosIdx pos, Value * * args, Value & v) { - NixStringContext context; + NixStringContext context, filtered; + auto s = state.coerceToString(pos, *args[0], context, "while evaluating the argument passed to builtins.unsafeDiscardStringContext"); - v.mkString(*s); + + for (auto & c : context) + if (auto * p = std::get_if(&c.raw)) + filtered.insert(*p); + + v.mkString(*s, filtered); } static RegisterPrimOp primop_unsafeDiscardStringContext({ @@ -21,12 +27,19 @@ static RegisterPrimOp primop_unsafeDiscardStringContext({ .fun = prim_unsafeDiscardStringContext, }); +bool hasContext(const NixStringContext & context) +{ + for (auto & c : context) + if (!std::get_if(&c.raw)) + return true; + return false; +} static void prim_hasContext(EvalState & state, const PosIdx pos, Value * * args, Value & v) { NixStringContext context; state.forceString(*args[0], context, pos, "while evaluating the argument passed to builtins.hasContext"); - v.mkBool(!context.empty()); + v.mkBool(hasContext(context)); } static RegisterPrimOp primop_hasContext({ @@ -103,7 +116,7 @@ static void prim_addDrvOutputDependencies(EvalState & state, const PosIdx pos, V NixStringContext context; auto s = state.coerceToString(pos, *args[0], context, "while evaluating the argument passed to builtins.addDrvOutputDependencies"); - auto contextSize = context.size(); + auto contextSize = context.size(); if (contextSize != 1) { state.error( "context of string '%s' must have exactly one element, but has %d", @@ -136,6 +149,10 @@ static void prim_addDrvOutputDependencies(EvalState & state, const PosIdx pos, V above does not make much sense. */ return std::move(c); }, + [&](const NixStringContextElem::Path & p) -> NixStringContextElem::DrvDeep { + // FIXME: don't know what to do here. + abort(); + }, }, context.begin()->raw) }), }; @@ -206,6 +223,8 @@ static void prim_getContext(EvalState & state, const PosIdx pos, Value * * args, [&](NixStringContextElem::Opaque && o) { contextInfos[std::move(o.path)].path = true; }, + [&](NixStringContextElem::Path && p) { + }, }, ((NixStringContextElem &&) i).raw); } diff --git a/src/libexpr/value-to-json.cc b/src/libexpr/value-to-json.cc index 6230fa58541..e4e29e2c513 100644 --- a/src/libexpr/value-to-json.cc +++ b/src/libexpr/value-to-json.cc @@ -7,9 +7,10 @@ #include #include - namespace nix { + using json = nlohmann::json; + json printValueAsJSON(EvalState & state, bool strict, Value & v, const PosIdx pos, NixStringContext & context, bool copyToStore) { @@ -33,6 +34,8 @@ json printValueAsJSON(EvalState & state, bool strict, copyContext(v, context); // FIXME: only use the context from `v`. // FIXME: make devirtualization configurable? + // FIXME: don't devirtualize here? It's redundant if + // 'toFile' or 'derivation' also do it. out = state.devirtualize(v.c_str(), context); break; diff --git a/src/libexpr/value/context.cc b/src/libexpr/value/context.cc index 40d08da59ec..cb3e6b691e8 100644 --- a/src/libexpr/value/context.cc +++ b/src/libexpr/value/context.cc @@ -57,6 +57,11 @@ NixStringContextElem NixStringContextElem::parse( .drvPath = StorePath { s.substr(1) }, }; } + case '@': { + return NixStringContextElem::Path { + .storePath = StorePath { s.substr(1) }, + }; + } default: { // Ensure no '!' if (s.find("!") != std::string_view::npos) { @@ -100,6 +105,10 @@ std::string NixStringContextElem::to_string() const res += '='; res += d.drvPath.to_string(); }, + [&](const NixStringContextElem::Path & p) { + res += '@'; + res += p.storePath.to_string(); + }, }, raw); return res; diff --git a/src/nix/app.cc b/src/nix/app.cc index 75ef874baac..568c5457243 100644 --- a/src/nix/app.cc +++ b/src/nix/app.cc @@ -92,6 +92,9 @@ UnresolvedApp InstallableValue::toApp(EvalState & state) .path = o.path, }; }, + [&](const NixStringContextElem::Path & p) -> DerivedPath { + abort(); // FIXME + }, }, c.raw)); } From 8739d35529d27310ae51c6f2de682f17ed93de03 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 7 May 2025 19:22:14 +0200 Subject: [PATCH 546/815] Fix tests/NixOS/nix/2.18.1 --- src/libexpr/eval.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libexpr/eval.cc b/src/libexpr/eval.cc index d44ec53c479..2c295047193 100644 --- a/src/libexpr/eval.cc +++ b/src/libexpr/eval.cc @@ -2078,7 +2078,7 @@ void ExprConcatStrings::eval(EvalState & state, Env & env, Value & v) else if (firstType == nFloat) v.mkFloat(nf); else if (firstType == nPath) { - if (!context.empty()) + if (hasContext(context)) state.error("a string that refers to a store path cannot be appended to a path").atPos(pos).withFrame(env, *this).debugThrow(); v.mkPath(state.rootPath(CanonPath(str()))); } else From 0f48a152ddcb5b8d3698f1614bb810bf2d46a1d6 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 7 May 2025 20:56:41 +0200 Subject: [PATCH 547/815] Handle derivation --- src/libexpr/primops.cc | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) diff --git a/src/libexpr/primops.cc b/src/libexpr/primops.cc index 886a581bcfb..c6a97fdaee0 100644 --- a/src/libexpr/primops.cc +++ b/src/libexpr/primops.cc @@ -90,7 +90,7 @@ StringMap EvalState::realiseContext(const NixStringContext & context, StorePathS maybePathsOut->emplace(d.drvPath); }, [&](const NixStringContextElem::Path & p) { - // FIXME + // FIXME: do something? }, }, c.raw); } @@ -1417,6 +1417,8 @@ static void derivationStrictInternal( derivation. */ StringMap rewrites; + std::optional drvS; + for (auto & c : context) { std::visit(overloaded { /* Since this allows the builder to gain access to every @@ -1442,7 +1444,15 @@ static void derivationStrictInternal( drv.inputSrcs.insert(state.devirtualize(o.path, &rewrites)); }, [&](const NixStringContextElem::Path & p) { - // FIXME: do something + if (!drvS) drvS = drv.unparse(*state.store, true); + if (drvS->find(p.storePath.to_string()) != drvS->npos) { + auto devirtualized = state.devirtualize(p.storePath, &rewrites); + warn( + "Using 'builtins.derivation' to create a derivation named '%s' that references the store path '%s' without a proper context. " + "The resulting derivation will not have a correct store reference, so this is unreliable and may stop working in the future.", + drvName, + state.store->printStorePath(devirtualized)); + } }, }, c.raw); } @@ -2359,12 +2369,12 @@ static void prim_toFile(EvalState & state, const PosIdx pos, Value * * args, Val refs.insert(p->path); else if (auto p = std::get_if(&c.raw)) { if (contents.find(p->storePath.to_string()) != contents.npos) { + auto devirtualized = state.devirtualize(p->storePath, &rewrites); warn( "Using 'builtins.toFile' to create a file named '%s' that references the store path '%s' without a proper context. " "The resulting file will not have a correct store reference, so this is unreliable and may stop working in the future.", name, - state.store->printStorePath(p->storePath)); - state.devirtualize(p->storePath, &rewrites); + state.store->printStorePath(devirtualized)); } } else From 2bbf755bee0df5bfb86e1c19f15c9925641234af Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 7 May 2025 21:36:13 +0200 Subject: [PATCH 548/815] Handle FIXMEs --- src/libexpr/eval-cache.cc | 20 ++++++++++---------- src/libexpr/eval.cc | 4 +++- src/libexpr/primops/context.cc | 5 +++-- src/nix/app.cc | 2 +- 4 files changed, 17 insertions(+), 14 deletions(-) diff --git a/src/libexpr/eval-cache.cc b/src/libexpr/eval-cache.cc index a23d4eb80fe..4e44e68cfbf 100644 --- a/src/libexpr/eval-cache.cc +++ b/src/libexpr/eval-cache.cc @@ -618,21 +618,21 @@ string_t AttrCursor::getStringWithContext() if (auto s = std::get_if(&cachedValue->second)) { bool valid = true; for (auto & c : s->second) { - const StorePath & path = std::visit(overloaded { - [&](const NixStringContextElem::DrvDeep & d) -> const StorePath & { - return d.drvPath; + const StorePath * path = std::visit(overloaded { + [&](const NixStringContextElem::DrvDeep & d) -> const StorePath * { + return &d.drvPath; }, - [&](const NixStringContextElem::Built & b) -> const StorePath & { - return b.drvPath->getBaseStorePath(); + [&](const NixStringContextElem::Built & b) -> const StorePath * { + return &b.drvPath->getBaseStorePath(); }, - [&](const NixStringContextElem::Opaque & o) -> const StorePath & { - return o.path; + [&](const NixStringContextElem::Opaque & o) -> const StorePath * { + return &o.path; }, - [&](const NixStringContextElem::Path & p) -> const StorePath & { - abort(); // FIXME + [&](const NixStringContextElem::Path & p) -> const StorePath * { + return nullptr; }, }, c.raw); - if (!root->state.store->isValidPath(path)) { + if (!path || !root->state.store->isValidPath(*path)) { valid = false; break; } diff --git a/src/libexpr/eval.cc b/src/libexpr/eval.cc index 2c295047193..85c044c2fa9 100644 --- a/src/libexpr/eval.cc +++ b/src/libexpr/eval.cc @@ -2512,7 +2512,9 @@ std::pair EvalState::coerceToSingleDerivedP return std::move(b); }, [&](NixStringContextElem::Path && p) -> SingleDerivedPath { - abort(); // FIXME + error( + "string '%s' has no context", + s).withTrace(pos, errorCtx).debugThrow(); }, }, ((NixStringContextElem &&) *context.begin()).raw); return { diff --git a/src/libexpr/primops/context.cc b/src/libexpr/primops/context.cc index d8fd0373752..28153c778a4 100644 --- a/src/libexpr/primops/context.cc +++ b/src/libexpr/primops/context.cc @@ -150,8 +150,9 @@ static void prim_addDrvOutputDependencies(EvalState & state, const PosIdx pos, V return std::move(c); }, [&](const NixStringContextElem::Path & p) -> NixStringContextElem::DrvDeep { - // FIXME: don't know what to do here. - abort(); + state.error( + "`addDrvOutputDependencies` does not work on a string without context" + ).atPos(pos).debugThrow(); }, }, context.begin()->raw) }), }; diff --git a/src/nix/app.cc b/src/nix/app.cc index 568c5457243..0ba231c414b 100644 --- a/src/nix/app.cc +++ b/src/nix/app.cc @@ -93,7 +93,7 @@ UnresolvedApp InstallableValue::toApp(EvalState & state) }; }, [&](const NixStringContextElem::Path & p) -> DerivedPath { - abort(); // FIXME + throw Error("'program' attribute of an 'app' output cannot have no context"); }, }, c.raw)); } From 6023688c6c4c3e104ac32866163dd171d300f3a4 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 8 May 2025 15:33:14 +0200 Subject: [PATCH 549/815] printValueAsJSON(): Don't devirtualize This is already done by consumers of builtins.toJSON (like builtins.toFile or builtins.derivation), so we can delay this until it's actually needed. --- src/libexpr/print.cc | 6 +++++- src/libexpr/value-to-json.cc | 6 +----- src/nix/eval.cc | 5 ++++- 3 files changed, 10 insertions(+), 7 deletions(-) diff --git a/src/libexpr/print.cc b/src/libexpr/print.cc index 06bae9c5c3a..2badbb1bbb3 100644 --- a/src/libexpr/print.cc +++ b/src/libexpr/print.cc @@ -249,7 +249,11 @@ class Printer void printString(Value & v) { - printLiteralString(output, v.string_view(), options.maxStringLength, options.ansiColors); + NixStringContext context; + copyContext(v, context); + std::ostringstream s; + printLiteralString(s, v.string_view(), options.maxStringLength, options.ansiColors); + output << state.devirtualize(s.str(), context); } void printPath(Value & v) diff --git a/src/libexpr/value-to-json.cc b/src/libexpr/value-to-json.cc index e4e29e2c513..a50687f3799 100644 --- a/src/libexpr/value-to-json.cc +++ b/src/libexpr/value-to-json.cc @@ -32,11 +32,7 @@ json printValueAsJSON(EvalState & state, bool strict, case nString: copyContext(v, context); - // FIXME: only use the context from `v`. - // FIXME: make devirtualization configurable? - // FIXME: don't devirtualize here? It's redundant if - // 'toFile' or 'derivation' also do it. - out = state.devirtualize(v.c_str(), context); + out = v.c_str(); break; case nPath: diff --git a/src/nix/eval.cc b/src/nix/eval.cc index d03d099160d..bd58ba01093 100644 --- a/src/nix/eval.cc +++ b/src/nix/eval.cc @@ -122,7 +122,10 @@ struct CmdEval : MixJSON, InstallableValueCommand, MixReadOnlyOption } else if (json) { - logger->cout("%s", printValueAsJSON(*state, true, *v, pos, context, false)); + logger->cout("%s", + state->devirtualize( + printValueAsJSON(*state, true, *v, pos, context, false).dump(), + context)); } else { From 508b7a705f2a619d2b1fe1e69d88779e3b3342f6 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 8 May 2025 18:12:58 +0200 Subject: [PATCH 550/815] Trigger flake_regressions from a label Co-authored-by: Graham Christensen --- .github/workflows/ci.yml | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 6feef451b0b..95e87e01303 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -89,7 +89,14 @@ jobs: | ".#hydraJobs.tests." + .') flake_regressions: - #if: github.event_name == 'merge_group' + if: | + github.event_name == 'merge_group' + || ( + github.event.pull_request.head.repo.full_name == 'DeterminateSystems/nix-src' + && ( + (github.event.action == 'labeled' && github.event.label.name == 'flake-regression-test') + || (github.event.action != 'labeled' && contains(github.event.pull_request.labels.*.name, 'flake-regression-test')) + ) needs: build_x86_64-linux runs-on: namespace-profile-x86-32cpu-64gb steps: @@ -112,7 +119,14 @@ jobs: - run: nix build -L --out-link ./new-nix && PATH=$(pwd)/new-nix/bin:$PATH PARALLEL="-P 50%" flake-regressions/eval-all.sh flake_regressions_lazy: - #if: github.event_name == 'merge_group' + if: | + github.event_name == 'merge_group' + || ( + github.event.pull_request.head.repo.full_name == 'DeterminateSystems/nix-src' + && ( + (github.event.action == 'labeled' && github.event.label.name == 'flake-regression-test') + || (github.event.action != 'labeled' && contains(github.event.pull_request.labels.*.name, 'flake-regression-test')) + ) needs: build_x86_64-linux runs-on: namespace-profile-x86-32cpu-64gb steps: From 8eee061eb2a67c697c23287eb9d215d485cb7fe7 Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Thu, 8 May 2025 12:42:04 -0400 Subject: [PATCH 551/815] Fixup the actions ci yml label check --- .github/workflows/ci.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 95e87e01303..539a90e5d2c 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -97,6 +97,7 @@ jobs: (github.event.action == 'labeled' && github.event.label.name == 'flake-regression-test') || (github.event.action != 'labeled' && contains(github.event.pull_request.labels.*.name, 'flake-regression-test')) ) + ) needs: build_x86_64-linux runs-on: namespace-profile-x86-32cpu-64gb steps: @@ -127,6 +128,7 @@ jobs: (github.event.action == 'labeled' && github.event.label.name == 'flake-regression-test') || (github.event.action != 'labeled' && contains(github.event.pull_request.labels.*.name, 'flake-regression-test')) ) + ) needs: build_x86_64-linux runs-on: namespace-profile-x86-32cpu-64gb steps: From bf1c0072f60842d9a5d4f32801d99d1c6779946c Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 8 May 2025 19:01:34 +0200 Subject: [PATCH 552/815] Backward compatibility hack for dealing with `dir` in URL-style flakerefs --- src/libflake/flake.cc | 2 +- src/libflake/flakeref.cc | 49 ++++++++++++++++++ src/libflake/include/nix/flake/flakeref.hh | 6 +++ tests/functional/flakes/meson.build | 1 + tests/functional/flakes/old-lockfiles.sh | 60 ++++++++++++++++++++++ 5 files changed, 117 insertions(+), 1 deletion(-) create mode 100644 tests/functional/flakes/old-lockfiles.sh diff --git a/src/libflake/flake.cc b/src/libflake/flake.cc index f503541cec7..a85acf4b282 100644 --- a/src/libflake/flake.cc +++ b/src/libflake/flake.cc @@ -580,7 +580,7 @@ LockedFlake lockFlake( oldLock = *oldLock3; if (oldLock - && oldLock->originalRef == *input.ref + && oldLock->originalRef.canonicalize() == input.ref->canonicalize() && oldLock->parentInputAttrPath == overridenParentPath && !hasCliOverride) { diff --git a/src/libflake/flakeref.cc b/src/libflake/flakeref.cc index a8b139d654f..12bddf57852 100644 --- a/src/libflake/flakeref.cc +++ b/src/libflake/flakeref.cc @@ -289,6 +289,55 @@ std::pair, FlakeRef> FlakeRef::lazyFetch(ref store) c return {accessor, FlakeRef(std::move(lockedInput), subdir)}; } +FlakeRef FlakeRef::canonicalize() const +{ + auto flakeRef(*this); + + /* Backward compatibility hack: In old versions of Nix, if you had + a flake input like + + inputs.foo.url = "git+https://foo/bar?dir=subdir"; + + it would result in a lock file entry like + + "original": { + "dir": "subdir", + "type": "git", + "url": "https://foo/bar?dir=subdir" + } + + New versions of Nix remove `?dir=subdir` from the `url` field, + since the subdirectory is intended for `FlakeRef`, not the + fetcher (and specifically the remote server), that is, the + flakeref is parsed into + + "original": { + "dir": "subdir", + "type": "git", + "url": "https://foo/bar" + } + + However, this causes new versions of Nix to consider the lock + file entry to be stale since the `original` ref no longer + matches exactly. + + For this reason, we canonicalise the `original` ref by + filtering the `dir` query parameter from the URL. */ + if (auto url = fetchers::maybeGetStrAttr(flakeRef.input.attrs, "url")) { + try { + auto parsed = parseURL(*url); + if (auto dir2 = get(parsed.query, "dir")) { + if (flakeRef.subdir != "" && flakeRef.subdir == *dir2) + parsed.query.erase("dir"); + } + flakeRef.input.attrs.insert_or_assign("url", parsed.to_string()); + } catch (BadURL &) { + } + } + + return flakeRef; +} + std::tuple parseFlakeRefWithFragmentAndExtendedOutputsSpec( const fetchers::Settings & fetchSettings, const std::string & url, diff --git a/src/libflake/include/nix/flake/flakeref.hh b/src/libflake/include/nix/flake/flakeref.hh index 8c15f9d9523..6184d2363c4 100644 --- a/src/libflake/include/nix/flake/flakeref.hh +++ b/src/libflake/include/nix/flake/flakeref.hh @@ -72,6 +72,12 @@ struct FlakeRef const fetchers::Attrs & attrs); std::pair, FlakeRef> lazyFetch(ref store) const; + + /** + * Canonicalize a flakeref for the purpose of comparing "old" and + * "new" `original` fields in lock files. + */ + FlakeRef canonicalize() const; }; std::ostream & operator << (std::ostream & str, const FlakeRef & flakeRef); diff --git a/tests/functional/flakes/meson.build b/tests/functional/flakes/meson.build index 368c43876e5..213c388a6d9 100644 --- a/tests/functional/flakes/meson.build +++ b/tests/functional/flakes/meson.build @@ -32,6 +32,7 @@ suites += { 'symlink-paths.sh', 'debugger.sh', 'source-paths.sh', + 'old-lockfiles.sh', ], 'workdir': meson.current_source_dir(), } diff --git a/tests/functional/flakes/old-lockfiles.sh b/tests/functional/flakes/old-lockfiles.sh new file mode 100644 index 00000000000..fd36abdcc8d --- /dev/null +++ b/tests/functional/flakes/old-lockfiles.sh @@ -0,0 +1,60 @@ +#!/usr/bin/env bash + +source ./common.sh + +requireGit + +repo="$TEST_ROOT/repo" + +createGitRepo "$repo" + +cat > "$repo/flake.nix" < "$repo/flake.lock" < Date: Fri, 9 May 2025 00:32:41 +0200 Subject: [PATCH 553/815] Improve build failure error messages --- src/libstore/build/derivation-goal.cc | 35 +++++++++++++++++++++++---- tests/functional/build.sh | 6 +++-- 2 files changed, 34 insertions(+), 7 deletions(-) diff --git a/src/libstore/build/derivation-goal.cc b/src/libstore/build/derivation-goal.cc index d7f8846bd11..33a4af7f000 100644 --- a/src/libstore/build/derivation-goal.cc +++ b/src/libstore/build/derivation-goal.cc @@ -322,6 +322,22 @@ Goal::Co DerivationGoal::haveDerivation() } +static std::string showKnownOutputs(Store & store, const Derivation & drv) +{ + std::string msg; + StorePathSet expectedOutputPaths; + for (auto & i : drv.outputsAndOptPaths(store)) + if (i.second.second) + expectedOutputPaths.insert(*i.second.second); + if (!expectedOutputPaths.empty()) { + msg += "\nOutput paths:"; + for (auto & p : expectedOutputPaths) + msg += fmt("\n %s", Magenta(store.printStorePath(p))); + } + return msg; +} + + /* At least one of the output paths could not be produced using a substitute. So we have to build instead. */ Goal::Co DerivationGoal::gaveUpOnSubstitution() @@ -392,9 +408,14 @@ Goal::Co DerivationGoal::gaveUpOnSubstitution() if (nrFailed != 0) { if (!useDerivation) throw Error("some dependencies of '%s' are missing", worker.store.printStorePath(drvPath)); - co_return done(BuildResult::DependencyFailed, {}, Error( - "%s dependencies of derivation '%s' failed to build", - nrFailed, worker.store.printStorePath(drvPath))); + auto msg = fmt( + "Cannot build '%s'.\n" + "Reason: " ANSI_RED "%d %s failed" ANSI_NORMAL ".", + Magenta(worker.store.printStorePath(drvPath)), + nrFailed, + nrFailed == 1 ? "dependency" : "dependencies"); + msg += showKnownOutputs(worker.store, *drv); + co_return done(BuildResult::DependencyFailed, {}, Error(msg)); } if (retrySubstitution == RetrySubstitution::YesNeed) { @@ -955,12 +976,16 @@ Goal::Co DerivationGoal::buildDone() diskFull |= cleanupDecideWhetherDiskFull(); - auto msg = fmt("builder for '%s' %s", + auto msg = fmt( + "Cannot build '%s'.\n" + "Reason: " ANSI_RED "builder %s" ANSI_NORMAL ".", Magenta(worker.store.printStorePath(drvPath)), statusToString(status)); + msg += showKnownOutputs(worker.store, *drv); + if (!logger->isVerbose() && !logTail.empty()) { - msg += fmt(";\nlast %d log lines:\n", logTail.size()); + msg += fmt("\nLast %d log lines:\n", logTail.size()); for (auto & line : logTail) { msg += "> "; msg += line; diff --git a/tests/functional/build.sh b/tests/functional/build.sh index 3f65a7c2cc0..d65ac68543f 100755 --- a/tests/functional/build.sh +++ b/tests/functional/build.sh @@ -179,12 +179,14 @@ test "$(<<<"$out" grep -cE '^error:')" = 4 out="$(nix build -f fod-failing.nix -L x4 2>&1)" && status=0 || status=$? test "$status" = 1 test "$(<<<"$out" grep -cE '^error:')" = 2 -<<<"$out" grepQuiet -E "error: 1 dependencies of derivation '.*-x4\\.drv' failed to build" +<<<"$out" grepQuiet -E "error: Cannot build '.*-x4\\.drv'" +<<<"$out" grepQuiet -E "Reason: 1 dependency failed." <<<"$out" grepQuiet -E "hash mismatch in fixed-output derivation '.*-x2\\.drv'" out="$(nix build -f fod-failing.nix -L x4 --keep-going 2>&1)" && status=0 || status=$? test "$status" = 1 test "$(<<<"$out" grep -cE '^error:')" = 3 -<<<"$out" grepQuiet -E "error: 2 dependencies of derivation '.*-x4\\.drv' failed to build" +<<<"$out" grepQuiet -E "error: Cannot build '.*-x4\\.drv'" +<<<"$out" grepQuiet -E "Reason: 2 dependencies failed." <<<"$out" grepQuiet -vE "hash mismatch in fixed-output derivation '.*-x3\\.drv'" <<<"$out" grepQuiet -vE "hash mismatch in fixed-output derivation '.*-x2\\.drv'" From 1342041312e56e7ab5839a8dac63f54d11f13122 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Fri, 9 May 2025 16:11:42 +0000 Subject: [PATCH 554/815] Prepare release v3.5.0 From 83f92cfd044153e8cd62f351f1b8fbd4bfd390f0 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Fri, 9 May 2025 16:11:48 +0000 Subject: [PATCH 555/815] Set .version-determinate to 3.5.0 --- .version-determinate | 2 +- doc/manual/source/SUMMARY.md.in | 1 + doc/manual/source/release-notes-determinate/changes.md | 4 +++- doc/manual/source/release-notes-determinate/rl-3.5.0.md | 4 ++++ 4 files changed, 9 insertions(+), 2 deletions(-) create mode 100644 doc/manual/source/release-notes-determinate/rl-3.5.0.md diff --git a/.version-determinate b/.version-determinate index 4d9d11cf505..1545d966571 100644 --- a/.version-determinate +++ b/.version-determinate @@ -1 +1 @@ -3.4.2 +3.5.0 diff --git a/doc/manual/source/SUMMARY.md.in b/doc/manual/source/SUMMARY.md.in index 7b9831734f1..222b5d632b6 100644 --- a/doc/manual/source/SUMMARY.md.in +++ b/doc/manual/source/SUMMARY.md.in @@ -128,6 +128,7 @@ - [Contributing](development/contributing.md) - [Determinate Nix Release Notes](release-notes-determinate/index.md) - [Changes between Nix and Determinate Nix](release-notes-determinate/changes.md) + - [Release 3.5.0 (2025-05-09)](release-notes-determinate/rl-3.5.0.md) - [Release 3.4.2 (2025-05-05)](release-notes-determinate/rl-3.4.2.md) - [Release 3.4.0 (2025-04-25)](release-notes-determinate/rl-3.4.0.md) - [Release 3.3.0 (2025-04-11)](release-notes-determinate/rl-3.3.0.md) diff --git a/doc/manual/source/release-notes-determinate/changes.md b/doc/manual/source/release-notes-determinate/changes.md index b88ef57c5ea..e88ca89fd25 100644 --- a/doc/manual/source/release-notes-determinate/changes.md +++ b/doc/manual/source/release-notes-determinate/changes.md @@ -1,6 +1,6 @@ # Changes between Nix and Determinate Nix -This section lists the differences between upstream Nix 2.28 and Determinate Nix 3.4.2. +This section lists the differences between upstream Nix 2.28 and Determinate Nix 3.5.0. * In Determinate Nix, flakes are stable. You no longer need to enable the `flakes` experimental feature. @@ -17,3 +17,5 @@ This section lists the differences between upstream Nix 2.28 and Determinate Nix * Warnings around "dirty trees" are updated to reduce "dirty" jargon, and now refers to "uncommitted changes". + + diff --git a/doc/manual/source/release-notes-determinate/rl-3.5.0.md b/doc/manual/source/release-notes-determinate/rl-3.5.0.md new file mode 100644 index 00000000000..d5b26b9419e --- /dev/null +++ b/doc/manual/source/release-notes-determinate/rl-3.5.0.md @@ -0,0 +1,4 @@ +# Release 3.5.0 (2025-05-09) + +* Based on [upstream Nix 2.28.3](../release-notes/rl-2.28.md). + From 619b496317b81dd8c3979621a6fe4485c7b88cd6 Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Fri, 9 May 2025 14:31:58 -0400 Subject: [PATCH 556/815] Fix release notes * Stop aggressively deleting all the newlines --- .github/release-notes.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/release-notes.sh b/.github/release-notes.sh index 3fe3f6b17b2..9937c18cfcd 100755 --- a/.github/release-notes.sh +++ b/.github/release-notes.sh @@ -24,7 +24,7 @@ gh api "/repos/${GITHUB_REPOSITORY}/releases/generate-notes" \ trim_trailing_newlines() { local text text="$(cat)" - echo -n "${text//$'\n'}" + echo -n "${text}" } linkify_gh() { From 220fa1e4e486e859d11bbd8936d03f0c64ad18a8 Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Fri, 9 May 2025 16:02:18 -0400 Subject: [PATCH 557/815] Split the release notes into another commit --- .github/workflows/propose-release.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/propose-release.yml b/.github/workflows/propose-release.yml index c01167994f2..82407abe7fe 100644 --- a/.github/workflows/propose-release.yml +++ b/.github/workflows/propose-release.yml @@ -26,6 +26,7 @@ jobs: extra-commands-early: | echo ${{ inputs.version }} > .version-determinate git add .version-determinate + git commit -m "Set .version-determinate to ${{ inputs.version }}" || true ./.github/release-notes.sh git add doc - git commit -m "Set .version-determinate to ${{ inputs.version }}" || true + git commit -m "Generare release notes for ${{ inputs.version }}" || true From 13d712bd759a8d058bdd4353b7da890fa9f99927 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Fri, 9 May 2025 20:50:18 +0000 Subject: [PATCH 558/815] Prepare release v3.5.1 From 50e9583fb385e7b8e23d31a6ffea840275fd8e96 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Fri, 9 May 2025 20:50:21 +0000 Subject: [PATCH 559/815] Set .version-determinate to 3.5.1 --- .version-determinate | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.version-determinate b/.version-determinate index 1545d966571..d5c0c991428 100644 --- a/.version-determinate +++ b/.version-determinate @@ -1 +1 @@ -3.5.0 +3.5.1 From 7a4871755e0fb17d6e271b510b6d979754cbea92 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Fri, 9 May 2025 20:50:26 +0000 Subject: [PATCH 560/815] Generare release notes for 3.5.1 --- doc/manual/source/SUMMARY.md.in | 1 + doc/manual/source/release-notes-determinate/changes.md | 6 +++++- doc/manual/source/release-notes-determinate/rl-3.5.1.md | 9 +++++++++ 3 files changed, 15 insertions(+), 1 deletion(-) create mode 100644 doc/manual/source/release-notes-determinate/rl-3.5.1.md diff --git a/doc/manual/source/SUMMARY.md.in b/doc/manual/source/SUMMARY.md.in index 222b5d632b6..fc7c6844538 100644 --- a/doc/manual/source/SUMMARY.md.in +++ b/doc/manual/source/SUMMARY.md.in @@ -128,6 +128,7 @@ - [Contributing](development/contributing.md) - [Determinate Nix Release Notes](release-notes-determinate/index.md) - [Changes between Nix and Determinate Nix](release-notes-determinate/changes.md) + - [Release 3.5.1 (2025-05-09)](release-notes-determinate/rl-3.5.1.md) - [Release 3.5.0 (2025-05-09)](release-notes-determinate/rl-3.5.0.md) - [Release 3.4.2 (2025-05-05)](release-notes-determinate/rl-3.4.2.md) - [Release 3.4.0 (2025-04-25)](release-notes-determinate/rl-3.4.0.md) diff --git a/doc/manual/source/release-notes-determinate/changes.md b/doc/manual/source/release-notes-determinate/changes.md index e88ca89fd25..05c55ba7e82 100644 --- a/doc/manual/source/release-notes-determinate/changes.md +++ b/doc/manual/source/release-notes-determinate/changes.md @@ -1,6 +1,6 @@ # Changes between Nix and Determinate Nix -This section lists the differences between upstream Nix 2.28 and Determinate Nix 3.5.0. +This section lists the differences between upstream Nix 2.28 and Determinate Nix 3.5.1. * In Determinate Nix, flakes are stable. You no longer need to enable the `flakes` experimental feature. @@ -19,3 +19,7 @@ This section lists the differences between upstream Nix 2.28 and Determinate Nix + + + +* Dispatch release notes with a gh token by @grahamc in [DeterminateSystems/nix-src#61](https://github.com/DeterminateSystems/nix-src/pull/61) \ No newline at end of file diff --git a/doc/manual/source/release-notes-determinate/rl-3.5.1.md b/doc/manual/source/release-notes-determinate/rl-3.5.1.md new file mode 100644 index 00000000000..598587c47cf --- /dev/null +++ b/doc/manual/source/release-notes-determinate/rl-3.5.1.md @@ -0,0 +1,9 @@ +# Release 3.5.1 (2025-05-09) + +* Based on [upstream Nix 2.28.3](../release-notes/rl-2.28.md). + +## What's Changed +* Dispatch release notes with a gh token by @grahamc in [DeterminateSystems/nix-src#61](https://github.com/DeterminateSystems/nix-src/pull/61) + + +**Full Changelog**: [v3.5.0...v3.5.1](https://github.com/DeterminateSystems/nix-src/compare/v3.5.0...v3.5.1) From c0fdf690fe94fefa082c3a1294ce5767f6d1a2b6 Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Fri, 9 May 2025 16:54:09 -0400 Subject: [PATCH 561/815] Apply suggestions from code review --- doc/manual/source/SUMMARY.md.in | 2 +- .../release-notes-determinate/changes.md | 21 +++++++++++++++++++ .../release-notes-determinate/rl-3.5.1.md | 14 +++++++++++-- 3 files changed, 34 insertions(+), 3 deletions(-) diff --git a/doc/manual/source/SUMMARY.md.in b/doc/manual/source/SUMMARY.md.in index fc7c6844538..ecdcebcf4fb 100644 --- a/doc/manual/source/SUMMARY.md.in +++ b/doc/manual/source/SUMMARY.md.in @@ -129,7 +129,7 @@ - [Determinate Nix Release Notes](release-notes-determinate/index.md) - [Changes between Nix and Determinate Nix](release-notes-determinate/changes.md) - [Release 3.5.1 (2025-05-09)](release-notes-determinate/rl-3.5.1.md) - - [Release 3.5.0 (2025-05-09)](release-notes-determinate/rl-3.5.0.md) + - [~~Release 3.5.0 (2025-05-09)~~](release-notes-determinate/rl-3.5.0.md) - [Release 3.4.2 (2025-05-05)](release-notes-determinate/rl-3.4.2.md) - [Release 3.4.0 (2025-04-25)](release-notes-determinate/rl-3.4.0.md) - [Release 3.3.0 (2025-04-11)](release-notes-determinate/rl-3.3.0.md) diff --git a/doc/manual/source/release-notes-determinate/changes.md b/doc/manual/source/release-notes-determinate/changes.md index 05c55ba7e82..7a00fb83a3f 100644 --- a/doc/manual/source/release-notes-determinate/changes.md +++ b/doc/manual/source/release-notes-determinate/changes.md @@ -22,4 +22,25 @@ This section lists the differences between upstream Nix 2.28 and Determinate Nix +* Only run the test step after build completes by @grahamc in [DeterminateSystems/nix-src#51](https://github.com/DeterminateSystems/nix-src/pull/51) + +* Remove flake-compat input by @lucperkins in [DeterminateSystems/nix-src#52](https://github.com/DeterminateSystems/nix-src/pull/52) + +* Deprecate upgrade-nix command by @gustavderdrache in [DeterminateSystems/nix-src#55](https://github.com/DeterminateSystems/nix-src/pull/55) + +* Update flake.lock in light of recent change by @lucperkins in [DeterminateSystems/nix-src#54](https://github.com/DeterminateSystems/nix-src/pull/54) + +* Lazy trees v2 by @edolstra in [DeterminateSystems/nix-src#27](https://github.com/DeterminateSystems/nix-src/pull/27) + +* Improve lazy trees backward compatibility by @edolstra in [DeterminateSystems/nix-src#56](https://github.com/DeterminateSystems/nix-src/pull/56) + +* Canonicalize flake input URLs before checking flake.lock file staleness, for dealing with `dir` in URL-style flakerefs by @edolstra in [DeterminateSystems/nix-src#57](https://github.com/DeterminateSystems/nix-src/pull/57) + +* Improve build failure error messages by @edolstra in [DeterminateSystems/nix-src#58](https://github.com/DeterminateSystems/nix-src/pull/58) + +* Release v3.5.0 by @github-actions in [DeterminateSystems/nix-src#59](https://github.com/DeterminateSystems/nix-src/pull/59) + + +* @gustavderdrache made their first contribution in [DeterminateSystems/nix-src#55](https://github.com/DeterminateSystems/nix-src/pull/55) + * Dispatch release notes with a gh token by @grahamc in [DeterminateSystems/nix-src#61](https://github.com/DeterminateSystems/nix-src/pull/61) \ No newline at end of file diff --git a/doc/manual/source/release-notes-determinate/rl-3.5.1.md b/doc/manual/source/release-notes-determinate/rl-3.5.1.md index 598587c47cf..bb62cd5898a 100644 --- a/doc/manual/source/release-notes-determinate/rl-3.5.1.md +++ b/doc/manual/source/release-notes-determinate/rl-3.5.1.md @@ -3,7 +3,17 @@ * Based on [upstream Nix 2.28.3](../release-notes/rl-2.28.md). ## What's Changed -* Dispatch release notes with a gh token by @grahamc in [DeterminateSystems/nix-src#61](https://github.com/DeterminateSystems/nix-src/pull/61) +* Only run the test step after build completes by @grahamc in [DeterminateSystems/nix-src#51](https://github.com/DeterminateSystems/nix-src/pull/51) +* Remove flake-compat input by @lucperkins in [DeterminateSystems/nix-src#52](https://github.com/DeterminateSystems/nix-src/pull/52) +* Deprecate upgrade-nix command by @gustavderdrache in [DeterminateSystems/nix-src#55](https://github.com/DeterminateSystems/nix-src/pull/55) +* Update flake.lock in light of recent change by @lucperkins in [DeterminateSystems/nix-src#54](https://github.com/DeterminateSystems/nix-src/pull/54) +* Lazy trees v2 by @edolstra in [DeterminateSystems/nix-src#27](https://github.com/DeterminateSystems/nix-src/pull/27) +* Improve lazy trees backward compatibility by @edolstra in [DeterminateSystems/nix-src#56](https://github.com/DeterminateSystems/nix-src/pull/56) +* Canonicalize flake input URLs before checking flake.lock file staleness, for dealing with `dir` in URL-style flakerefs by @edolstra in [DeterminateSystems/nix-src#57](https://github.com/DeterminateSystems/nix-src/pull/57) +* Improve build failure error messages by @edolstra in [DeterminateSystems/nix-src#58](https://github.com/DeterminateSystems/nix-src/pull/58) +* Release v3.5.0 by @github-actions in [DeterminateSystems/nix-src#59](https://github.com/DeterminateSystems/nix-src/pull/59) +## New Contributors +* @gustavderdrache made their first contribution in [DeterminateSystems/nix-src#55](https://github.com/DeterminateSystems/nix-src/pull/55) -**Full Changelog**: [v3.5.0...v3.5.1](https://github.com/DeterminateSystems/nix-src/compare/v3.5.0...v3.5.1) +**Full Changelog**: [v3.4.2...v3.5.1](https://github.com/DeterminateSystems/nix-src/compare/v3.4.2...v3.5.1) From bd4b27c37731f0a3aa5867318abeaa65f2aaada6 Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Fri, 9 May 2025 16:56:42 -0400 Subject: [PATCH 562/815] Apply suggestions from code review --- .../source/release-notes-determinate/changes.md | 13 ------------- .../source/release-notes-determinate/rl-3.5.1.md | 6 ------ 2 files changed, 19 deletions(-) diff --git a/doc/manual/source/release-notes-determinate/changes.md b/doc/manual/source/release-notes-determinate/changes.md index 7a00fb83a3f..7f9322936e5 100644 --- a/doc/manual/source/release-notes-determinate/changes.md +++ b/doc/manual/source/release-notes-determinate/changes.md @@ -22,14 +22,8 @@ This section lists the differences between upstream Nix 2.28 and Determinate Nix -* Only run the test step after build completes by @grahamc in [DeterminateSystems/nix-src#51](https://github.com/DeterminateSystems/nix-src/pull/51) - -* Remove flake-compat input by @lucperkins in [DeterminateSystems/nix-src#52](https://github.com/DeterminateSystems/nix-src/pull/52) - * Deprecate upgrade-nix command by @gustavderdrache in [DeterminateSystems/nix-src#55](https://github.com/DeterminateSystems/nix-src/pull/55) -* Update flake.lock in light of recent change by @lucperkins in [DeterminateSystems/nix-src#54](https://github.com/DeterminateSystems/nix-src/pull/54) - * Lazy trees v2 by @edolstra in [DeterminateSystems/nix-src#27](https://github.com/DeterminateSystems/nix-src/pull/27) * Improve lazy trees backward compatibility by @edolstra in [DeterminateSystems/nix-src#56](https://github.com/DeterminateSystems/nix-src/pull/56) @@ -37,10 +31,3 @@ This section lists the differences between upstream Nix 2.28 and Determinate Nix * Canonicalize flake input URLs before checking flake.lock file staleness, for dealing with `dir` in URL-style flakerefs by @edolstra in [DeterminateSystems/nix-src#57](https://github.com/DeterminateSystems/nix-src/pull/57) * Improve build failure error messages by @edolstra in [DeterminateSystems/nix-src#58](https://github.com/DeterminateSystems/nix-src/pull/58) - -* Release v3.5.0 by @github-actions in [DeterminateSystems/nix-src#59](https://github.com/DeterminateSystems/nix-src/pull/59) - - -* @gustavderdrache made their first contribution in [DeterminateSystems/nix-src#55](https://github.com/DeterminateSystems/nix-src/pull/55) - -* Dispatch release notes with a gh token by @grahamc in [DeterminateSystems/nix-src#61](https://github.com/DeterminateSystems/nix-src/pull/61) \ No newline at end of file diff --git a/doc/manual/source/release-notes-determinate/rl-3.5.1.md b/doc/manual/source/release-notes-determinate/rl-3.5.1.md index bb62cd5898a..49f8f92218d 100644 --- a/doc/manual/source/release-notes-determinate/rl-3.5.1.md +++ b/doc/manual/source/release-notes-determinate/rl-3.5.1.md @@ -3,17 +3,11 @@ * Based on [upstream Nix 2.28.3](../release-notes/rl-2.28.md). ## What's Changed -* Only run the test step after build completes by @grahamc in [DeterminateSystems/nix-src#51](https://github.com/DeterminateSystems/nix-src/pull/51) -* Remove flake-compat input by @lucperkins in [DeterminateSystems/nix-src#52](https://github.com/DeterminateSystems/nix-src/pull/52) * Deprecate upgrade-nix command by @gustavderdrache in [DeterminateSystems/nix-src#55](https://github.com/DeterminateSystems/nix-src/pull/55) * Update flake.lock in light of recent change by @lucperkins in [DeterminateSystems/nix-src#54](https://github.com/DeterminateSystems/nix-src/pull/54) * Lazy trees v2 by @edolstra in [DeterminateSystems/nix-src#27](https://github.com/DeterminateSystems/nix-src/pull/27) * Improve lazy trees backward compatibility by @edolstra in [DeterminateSystems/nix-src#56](https://github.com/DeterminateSystems/nix-src/pull/56) * Canonicalize flake input URLs before checking flake.lock file staleness, for dealing with `dir` in URL-style flakerefs by @edolstra in [DeterminateSystems/nix-src#57](https://github.com/DeterminateSystems/nix-src/pull/57) * Improve build failure error messages by @edolstra in [DeterminateSystems/nix-src#58](https://github.com/DeterminateSystems/nix-src/pull/58) -* Release v3.5.0 by @github-actions in [DeterminateSystems/nix-src#59](https://github.com/DeterminateSystems/nix-src/pull/59) - -## New Contributors -* @gustavderdrache made their first contribution in [DeterminateSystems/nix-src#55](https://github.com/DeterminateSystems/nix-src/pull/55) **Full Changelog**: [v3.4.2...v3.5.1](https://github.com/DeterminateSystems/nix-src/compare/v3.4.2...v3.5.1) From cef22abacd2af923eab68faf84072b16bfbeac6c Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Fri, 9 May 2025 17:00:30 -0400 Subject: [PATCH 563/815] Apply suggestions from code review --- doc/manual/source/release-notes-determinate/changes.md | 4 ++-- doc/manual/source/release-notes-determinate/rl-3.5.1.md | 3 +-- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/doc/manual/source/release-notes-determinate/changes.md b/doc/manual/source/release-notes-determinate/changes.md index 7f9322936e5..b0960449154 100644 --- a/doc/manual/source/release-notes-determinate/changes.md +++ b/doc/manual/source/release-notes-determinate/changes.md @@ -22,7 +22,7 @@ This section lists the differences between upstream Nix 2.28 and Determinate Nix -* Deprecate upgrade-nix command by @gustavderdrache in [DeterminateSystems/nix-src#55](https://github.com/DeterminateSystems/nix-src/pull/55) +* Deprecate upgrade-nix command in favor of `determinate-nixd upgrade`, by @gustavderdrache in [DeterminateSystems/nix-src#55](https://github.com/DeterminateSystems/nix-src/pull/55) * Lazy trees v2 by @edolstra in [DeterminateSystems/nix-src#27](https://github.com/DeterminateSystems/nix-src/pull/27) @@ -30,4 +30,4 @@ This section lists the differences between upstream Nix 2.28 and Determinate Nix * Canonicalize flake input URLs before checking flake.lock file staleness, for dealing with `dir` in URL-style flakerefs by @edolstra in [DeterminateSystems/nix-src#57](https://github.com/DeterminateSystems/nix-src/pull/57) -* Improve build failure error messages by @edolstra in [DeterminateSystems/nix-src#58](https://github.com/DeterminateSystems/nix-src/pull/58) +* Improved the build failure and dependency failure error messages to include output paths, by @edolstra in [DeterminateSystems/nix-src#58](https://github.com/DeterminateSystems/nix-src/pull/58) diff --git a/doc/manual/source/release-notes-determinate/rl-3.5.1.md b/doc/manual/source/release-notes-determinate/rl-3.5.1.md index 49f8f92218d..0ebd7625abe 100644 --- a/doc/manual/source/release-notes-determinate/rl-3.5.1.md +++ b/doc/manual/source/release-notes-determinate/rl-3.5.1.md @@ -3,8 +3,7 @@ * Based on [upstream Nix 2.28.3](../release-notes/rl-2.28.md). ## What's Changed -* Deprecate upgrade-nix command by @gustavderdrache in [DeterminateSystems/nix-src#55](https://github.com/DeterminateSystems/nix-src/pull/55) -* Update flake.lock in light of recent change by @lucperkins in [DeterminateSystems/nix-src#54](https://github.com/DeterminateSystems/nix-src/pull/54) +* Deprecate upgrade-nix command in favor of `determinate-nixd upgrade`, by @gustavderdrache in [DeterminateSystems/nix-src#55](https://github.com/DeterminateSystems/nix-src/pull/55) * Lazy trees v2 by @edolstra in [DeterminateSystems/nix-src#27](https://github.com/DeterminateSystems/nix-src/pull/27) * Improve lazy trees backward compatibility by @edolstra in [DeterminateSystems/nix-src#56](https://github.com/DeterminateSystems/nix-src/pull/56) * Canonicalize flake input URLs before checking flake.lock file staleness, for dealing with `dir` in URL-style flakerefs by @edolstra in [DeterminateSystems/nix-src#57](https://github.com/DeterminateSystems/nix-src/pull/57) From d2d6f9e72664e9f98c1cc11532436a785f746705 Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Fri, 9 May 2025 17:09:46 -0400 Subject: [PATCH 564/815] Update changes.md --- doc/manual/source/release-notes-determinate/changes.md | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/doc/manual/source/release-notes-determinate/changes.md b/doc/manual/source/release-notes-determinate/changes.md index b0960449154..a54852443a0 100644 --- a/doc/manual/source/release-notes-determinate/changes.md +++ b/doc/manual/source/release-notes-determinate/changes.md @@ -22,12 +22,6 @@ This section lists the differences between upstream Nix 2.28 and Determinate Nix -* Deprecate upgrade-nix command in favor of `determinate-nixd upgrade`, by @gustavderdrache in [DeterminateSystems/nix-src#55](https://github.com/DeterminateSystems/nix-src/pull/55) +* `nix upgrade-nix` is now inert, and suggests using `determinate-nixd upgrade` -- [DeterminateSystems/nix-src#55](https://github.com/DeterminateSystems/nix-src/pull/55) -* Lazy trees v2 by @edolstra in [DeterminateSystems/nix-src#27](https://github.com/DeterminateSystems/nix-src/pull/27) - -* Improve lazy trees backward compatibility by @edolstra in [DeterminateSystems/nix-src#56](https://github.com/DeterminateSystems/nix-src/pull/56) - -* Canonicalize flake input URLs before checking flake.lock file staleness, for dealing with `dir` in URL-style flakerefs by @edolstra in [DeterminateSystems/nix-src#57](https://github.com/DeterminateSystems/nix-src/pull/57) - -* Improved the build failure and dependency failure error messages to include output paths, by @edolstra in [DeterminateSystems/nix-src#58](https://github.com/DeterminateSystems/nix-src/pull/58) +* Initial Lazy Trees support has been merged, but remains off by default. ([DeterminateSystems/nix-src#27](https://github.com/DeterminateSystems/nix-src/pull/27), [DeterminateSystems/nix-src#56](https://github.com/DeterminateSystems/nix-src/pull/56)) From 52f51b17fb5bfdbf25324efc612f9e3440a621f5 Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Fri, 9 May 2025 17:22:29 -0400 Subject: [PATCH 565/815] Update rl-3.5.1.md --- .../release-notes-determinate/rl-3.5.1.md | 51 +++++++++++++++++-- 1 file changed, 48 insertions(+), 3 deletions(-) diff --git a/doc/manual/source/release-notes-determinate/rl-3.5.1.md b/doc/manual/source/release-notes-determinate/rl-3.5.1.md index 0ebd7625abe..b0813ca59c9 100644 --- a/doc/manual/source/release-notes-determinate/rl-3.5.1.md +++ b/doc/manual/source/release-notes-determinate/rl-3.5.1.md @@ -3,10 +3,55 @@ * Based on [upstream Nix 2.28.3](../release-notes/rl-2.28.md). ## What's Changed -* Deprecate upgrade-nix command in favor of `determinate-nixd upgrade`, by @gustavderdrache in [DeterminateSystems/nix-src#55](https://github.com/DeterminateSystems/nix-src/pull/55) + +Most notably, Lazy Trees has merged in to Determinate Nix and is in Feature Preview status, but remains disabled by default. +Lazy trees massively improves performance in virtually all scenarios because it enables Nix to avoid making unnecessary copies of files into the Nix store. +In testing, we saw iteration times on Nixpkgs **drop from over 12 seconds to 3.5 seconds**. + +After upgrading to Determinate Nix 3.5.1 with `sudo determinate-nixd upgrade`, enable lazy trees by adding this to `/etc/nix/nix.custom.conf`: + +``` +lazy-trees = true +``` + +Please note that our full flake regression test suite passes with no changes with lazy trees, and please report compatibility issues. + +Read [this GitHub comment](https://github.com/DeterminateSystems/nix-src/pull/27#pullrequestreview-2822153088) for further details and next steps. +We'll be publishing an update on the [Determinate Systems blog](https://determinate.systems/posts/) in the next few days with more information as well. + +Relevant PRs: * Lazy trees v2 by @edolstra in [DeterminateSystems/nix-src#27](https://github.com/DeterminateSystems/nix-src/pull/27) * Improve lazy trees backward compatibility by @edolstra in [DeterminateSystems/nix-src#56](https://github.com/DeterminateSystems/nix-src/pull/56) -* Canonicalize flake input URLs before checking flake.lock file staleness, for dealing with `dir` in URL-style flakerefs by @edolstra in [DeterminateSystems/nix-src#57](https://github.com/DeterminateSystems/nix-src/pull/57) -* Improve build failure error messages by @edolstra in [DeterminateSystems/nix-src#58](https://github.com/DeterminateSystems/nix-src/pull/58) + + +### Additional changes in this release: +* Bug fix: Flake input URLs are canonicalized before checking flake.lock file staleness, avoiding needlessly regenerating flake.lock files with `dir` in URL-style flakerefs by @edolstra in [DeterminateSystems/nix-src#57](https://github.com/DeterminateSystems/nix-src/pull/57) +* `nix upgrade-nix` is deprecated in favor of `determinate-nixd upgrade`, by @gustavderdrache in [DeterminateSystems/nix-src#55](https://github.com/DeterminateSystems/nix-src/pull/55) +* UX: Improved build failure and dependency failure error messages to include needed output paths by @edolstra in [DeterminateSystems/nix-src#58](https://github.com/DeterminateSystems/nix-src/pull/58). + +Previously: + +``` +error: builder for '/nix/store/[...]-nested-failure-bottom.drv' failed with exit code 1 +error: 1 dependencies of derivation '/nix/store/[...]-nested-failure-middle.drv' failed to build +error: 1 dependencies of derivation '/nix/store/[...]-nested-failure-top.drv' failed to build +``` + +Now: + +``` +error: Cannot build '/nix/store/w37gflm9wz9dcnsgy3sfrmnlvm8qigaj-nested-failure-bottom.drv'. + Reason: builder failed with exit code 1. + Output paths: + /nix/store/yzybs8kp35dfipbzdlqcc6lxz62hax04-nested-failure-bottom +error: Cannot build '/nix/store/00gr5hlxfc03x2675w6nn3pwfrz2fr62-nested-failure-middle.drv'. + Reason: 1 dependency failed. + Output paths: + /nix/store/h781j5h4bdchmb4c2lvy8qzh8733azhz-nested-failure-middle +error: Cannot build '/nix/store/8am0ng1gyx8sbzyr0yx6jd5ix3yy5szc-nested-failure-top.drv'. + Reason: 1 dependency failed. + Output paths: + /nix/store/fh12637kgvp906s9yhi9w2dc7ghfwxs1-nested-failure-top +``` **Full Changelog**: [v3.4.2...v3.5.1](https://github.com/DeterminateSystems/nix-src/compare/v3.4.2...v3.5.1) From 4ea5cb38325c728bb8f96f57b185f3c25275b3a0 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 12 May 2025 17:27:05 +0200 Subject: [PATCH 566/815] Fix emitting narHash in lock files when lazy trees are disabled --- src/libexpr/paths.cc | 2 +- tests/functional/fetchGit.sh | 2 +- tests/functional/flakes/flakes.sh | 1 + 3 files changed, 3 insertions(+), 2 deletions(-) diff --git a/src/libexpr/paths.cc b/src/libexpr/paths.cc index da1408e9b34..3aaca232829 100644 --- a/src/libexpr/paths.cc +++ b/src/libexpr/paths.cc @@ -77,7 +77,7 @@ StorePath EvalState::mountInput( storeFS->mount(CanonPath(store->printStorePath(storePath)), accessor); - if (requireLockable && !input.isLocked() && !input.getNarHash()) { + if (requireLockable && (!settings.lazyTrees || !input.isLocked()) && !input.getNarHash()) { auto narHash = accessor->hashPath(CanonPath::root); input.attrs.insert_or_assign("narHash", narHash.to_string(HashFormat::SRI, true)); } diff --git a/tests/functional/fetchGit.sh b/tests/functional/fetchGit.sh index 6fc8ca8b0c4..5e5e8e61fb6 100755 --- a/tests/functional/fetchGit.sh +++ b/tests/functional/fetchGit.sh @@ -292,7 +292,7 @@ path11=$(nix eval --impure --raw --expr "(builtins.fetchGit ./.).outPath") empty="$TEST_ROOT/empty" git init "$empty" -emptyAttrs='{ lastModified = 0; lastModifiedDate = "19700101000000"; rev = "0000000000000000000000000000000000000000"; revCount = 0; shortRev = "0000000"; submodules = false; }' +emptyAttrs='{ lastModified = 0; lastModifiedDate = "19700101000000"; narHash = "sha256-pQpattmS9VmO3ZIQUFn66az8GSmB4IvYhTTCFn6SUmo="; rev = "0000000000000000000000000000000000000000"; revCount = 0; shortRev = "0000000"; submodules = false; }' [[ $(nix eval --impure --expr "builtins.removeAttrs (builtins.fetchGit $empty) [\"outPath\"]") = $emptyAttrs ]] diff --git a/tests/functional/flakes/flakes.sh b/tests/functional/flakes/flakes.sh index 7ec438d744d..fd31c4c4f19 100755 --- a/tests/functional/flakes/flakes.sh +++ b/tests/functional/flakes/flakes.sh @@ -161,6 +161,7 @@ expect 1 nix build -o "$TEST_ROOT/result" "$flake2Dir#bar" --no-update-lock-file nix build -o "$TEST_ROOT/result" "$flake2Dir#bar" --commit-lock-file [[ -e "$flake2Dir/flake.lock" ]] [[ -z $(git -C "$flake2Dir" diff main || echo failed) ]] +[[ -n $(jq .nodes.flake1.locked.narHash < "$flake2Dir/flake.lock") ]] # Rerunning the build should not change the lockfile. nix build -o "$TEST_ROOT/result" "$flake2Dir#bar" From 51349ca37a8cb69f7d6bf819d7aa7deefcdef4da Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 12 May 2025 17:54:41 +0200 Subject: [PATCH 567/815] Test lock file contents more precisely --- tests/functional/flakes/flakes.sh | 2 +- tests/functional/flakes/relative-paths.sh | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/tests/functional/flakes/flakes.sh b/tests/functional/flakes/flakes.sh index fd31c4c4f19..0a52ba08c4a 100755 --- a/tests/functional/flakes/flakes.sh +++ b/tests/functional/flakes/flakes.sh @@ -161,7 +161,7 @@ expect 1 nix build -o "$TEST_ROOT/result" "$flake2Dir#bar" --no-update-lock-file nix build -o "$TEST_ROOT/result" "$flake2Dir#bar" --commit-lock-file [[ -e "$flake2Dir/flake.lock" ]] [[ -z $(git -C "$flake2Dir" diff main || echo failed) ]] -[[ -n $(jq .nodes.flake1.locked.narHash < "$flake2Dir/flake.lock") ]] +[[ $(jq --indent 0 . < "$flake2Dir/flake.lock") =~ ^'{"nodes":{"flake1":{"locked":{"lastModified":'.*',"narHash":"sha256-'.*'","ref":"refs/heads/master","rev":"'.*'","revCount":2,"type":"git","url":"file:///'.*'"},"original":{"id":"flake1","type":"indirect"}},"root":{"inputs":{"flake1":"flake1"}}},"root":"root","version":7}'$ ]] # Rerunning the build should not change the lockfile. nix build -o "$TEST_ROOT/result" "$flake2Dir#bar" diff --git a/tests/functional/flakes/relative-paths.sh b/tests/functional/flakes/relative-paths.sh index 4648ba98c63..9d31da0ad01 100644 --- a/tests/functional/flakes/relative-paths.sh +++ b/tests/functional/flakes/relative-paths.sh @@ -69,6 +69,8 @@ git -C "$rootFlake" add flake.nix sub2/flake.nix git -C "$rootFlake" add sub2/flake.lock [[ $(nix eval "$subflake2#y") = 15 ]] +[[ $(jq --indent 0 . < "$subflake2/flake.lock") =~ ^'{"nodes":{"root":{"inputs":{"root":"root_2","sub1":"sub1"}},"root_2":{"inputs":{"sub0":"sub0"},"locked":{"path":"..","type":"path"},"original":{"path":"..","type":"path"},"parent":[]},"root_3":{"inputs":{"sub0":"sub0_2"},"locked":{"path":"../","type":"path"},"original":{"path":"../","type":"path"},"parent":["sub1"]},"sub0":{"locked":{"path":"sub0","type":"path"},"original":{"path":"sub0","type":"path"},"parent":["root"]},"sub0_2":{"locked":{"path":"sub0","type":"path"},"original":{"path":"sub0","type":"path"},"parent":["sub1","root"]},"sub1":{"inputs":{"root":"root_3"},"locked":{"path":"../sub1","type":"path"},"original":{"path":"../sub1","type":"path"},"parent":[]}},"root":"root","version":7}'$ ]] + # Make sure there are no content locks for relative path flakes. (! grep "$TEST_ROOT" "$subflake2/flake.lock") if ! isTestOnNixOS; then From da4efbd2fe4c6206f671b9471e0b05e2f60a3d7e Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 12 May 2025 22:08:17 +0200 Subject: [PATCH 568/815] Improve 'cannot read file from tarball' error It now says e.g. error: cannot read file from tarball: Truncated tar archive detected while reading data --- src/libutil/tarfile.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libutil/tarfile.cc b/src/libutil/tarfile.cc index eb5cd82884e..5f21bc0d50a 100644 --- a/src/libutil/tarfile.cc +++ b/src/libutil/tarfile.cc @@ -219,7 +219,7 @@ time_t unpackTarfileToSink(TarArchive & archive, ExtendedFileSystemObjectSink & std::vector buf(128 * 1024); auto n = archive_read_data(archive.archive, buf.data(), buf.size()); if (n < 0) - throw Error("cannot read file '%s' from tarball", path); + checkLibArchive(archive.archive, n, "cannot read file from tarball: %s"); if (n == 0) break; crf(std::string_view{ From 9095520b781c9e91e305a136eec3c59344e600e5 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Mon, 12 May 2025 22:31:39 +0000 Subject: [PATCH 569/815] Prepare release v3.5.2 From 2e8f1052ccc8b33f4da646f4bc722209f712435c Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Mon, 12 May 2025 22:31:42 +0000 Subject: [PATCH 570/815] Set .version-determinate to 3.5.2 --- .version-determinate | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.version-determinate b/.version-determinate index d5c0c991428..87ce492908a 100644 --- a/.version-determinate +++ b/.version-determinate @@ -1 +1 @@ -3.5.1 +3.5.2 From 8dab2737329912261c8d0eb73622eeba1eb3d29f Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Mon, 12 May 2025 22:31:47 +0000 Subject: [PATCH 571/815] Generare release notes for 3.5.2 --- doc/manual/source/SUMMARY.md.in | 1 + doc/manual/source/release-notes-determinate/changes.md | 8 +++++++- .../source/release-notes-determinate/rl-3.5.2.md | 10 ++++++++++ 3 files changed, 18 insertions(+), 1 deletion(-) create mode 100644 doc/manual/source/release-notes-determinate/rl-3.5.2.md diff --git a/doc/manual/source/SUMMARY.md.in b/doc/manual/source/SUMMARY.md.in index ecdcebcf4fb..a7ed52a2334 100644 --- a/doc/manual/source/SUMMARY.md.in +++ b/doc/manual/source/SUMMARY.md.in @@ -128,6 +128,7 @@ - [Contributing](development/contributing.md) - [Determinate Nix Release Notes](release-notes-determinate/index.md) - [Changes between Nix and Determinate Nix](release-notes-determinate/changes.md) + - [Release 3.5.2 (2025-05-12)](release-notes-determinate/rl-3.5.2.md) - [Release 3.5.1 (2025-05-09)](release-notes-determinate/rl-3.5.1.md) - [~~Release 3.5.0 (2025-05-09)~~](release-notes-determinate/rl-3.5.0.md) - [Release 3.4.2 (2025-05-05)](release-notes-determinate/rl-3.4.2.md) diff --git a/doc/manual/source/release-notes-determinate/changes.md b/doc/manual/source/release-notes-determinate/changes.md index a54852443a0..023e506e649 100644 --- a/doc/manual/source/release-notes-determinate/changes.md +++ b/doc/manual/source/release-notes-determinate/changes.md @@ -1,6 +1,6 @@ # Changes between Nix and Determinate Nix -This section lists the differences between upstream Nix 2.28 and Determinate Nix 3.5.1. +This section lists the differences between upstream Nix 2.28 and Determinate Nix 3.5.2. * In Determinate Nix, flakes are stable. You no longer need to enable the `flakes` experimental feature. @@ -25,3 +25,9 @@ This section lists the differences between upstream Nix 2.28 and Determinate Nix * `nix upgrade-nix` is now inert, and suggests using `determinate-nixd upgrade` -- [DeterminateSystems/nix-src#55](https://github.com/DeterminateSystems/nix-src/pull/55) * Initial Lazy Trees support has been merged, but remains off by default. ([DeterminateSystems/nix-src#27](https://github.com/DeterminateSystems/nix-src/pull/27), [DeterminateSystems/nix-src#56](https://github.com/DeterminateSystems/nix-src/pull/56)) + + + +* Fix emitting narHash in lock files when lazy trees are disabled by @edolstra in [DeterminateSystems/nix-src#63](https://github.com/DeterminateSystems/nix-src/pull/63) + +* Improve 'cannot read file from tarball' error by @edolstra in [DeterminateSystems/nix-src#64](https://github.com/DeterminateSystems/nix-src/pull/64) \ No newline at end of file diff --git a/doc/manual/source/release-notes-determinate/rl-3.5.2.md b/doc/manual/source/release-notes-determinate/rl-3.5.2.md new file mode 100644 index 00000000000..108a270df88 --- /dev/null +++ b/doc/manual/source/release-notes-determinate/rl-3.5.2.md @@ -0,0 +1,10 @@ +# Release 3.5.2 (2025-05-12) + +* Based on [upstream Nix 2.28.3](../release-notes/rl-2.28.md). + +## What's Changed +* Fix emitting narHash in lock files when lazy trees are disabled by @edolstra in [DeterminateSystems/nix-src#63](https://github.com/DeterminateSystems/nix-src/pull/63) +* Improve 'cannot read file from tarball' error by @edolstra in [DeterminateSystems/nix-src#64](https://github.com/DeterminateSystems/nix-src/pull/64) + + +**Full Changelog**: [v3.5.1...v3.5.2](https://github.com/DeterminateSystems/nix-src/compare/v3.5.1...v3.5.2) From deb57afda40aed54c43d27f1046b7998b19f6fcc Mon Sep 17 00:00:00 2001 From: gustavderdrache Date: Mon, 12 May 2025 18:56:59 -0400 Subject: [PATCH 572/815] Apply suggestions from code review Co-authored-by: Graham Christensen --- doc/manual/source/release-notes-determinate/changes.md | 4 +--- doc/manual/source/release-notes-determinate/rl-3.5.2.md | 5 +++-- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/doc/manual/source/release-notes-determinate/changes.md b/doc/manual/source/release-notes-determinate/changes.md index 023e506e649..757fcbbb08d 100644 --- a/doc/manual/source/release-notes-determinate/changes.md +++ b/doc/manual/source/release-notes-determinate/changes.md @@ -28,6 +28,4 @@ This section lists the differences between upstream Nix 2.28 and Determinate Nix -* Fix emitting narHash in lock files when lazy trees are disabled by @edolstra in [DeterminateSystems/nix-src#63](https://github.com/DeterminateSystems/nix-src/pull/63) - -* Improve 'cannot read file from tarball' error by @edolstra in [DeterminateSystems/nix-src#64](https://github.com/DeterminateSystems/nix-src/pull/64) \ No newline at end of file +* Tell users a source is corrupted ("cannot read file from tarball: Truncated tar archive detected while reading data"), improving over the previous 'cannot read file from tarball' error by @edolstra in [DeterminateSystems/nix-src#64](https://github.com/DeterminateSystems/nix-src/pull/64) \ No newline at end of file diff --git a/doc/manual/source/release-notes-determinate/rl-3.5.2.md b/doc/manual/source/release-notes-determinate/rl-3.5.2.md index 108a270df88..bc5396c255b 100644 --- a/doc/manual/source/release-notes-determinate/rl-3.5.2.md +++ b/doc/manual/source/release-notes-determinate/rl-3.5.2.md @@ -3,8 +3,9 @@ * Based on [upstream Nix 2.28.3](../release-notes/rl-2.28.md). ## What's Changed -* Fix emitting narHash in lock files when lazy trees are disabled by @edolstra in [DeterminateSystems/nix-src#63](https://github.com/DeterminateSystems/nix-src/pull/63) -* Improve 'cannot read file from tarball' error by @edolstra in [DeterminateSystems/nix-src#64](https://github.com/DeterminateSystems/nix-src/pull/64) +* Fix a regression where narHash was not added to lock files when lazy trees were disabled by @edolstra in [DeterminateSystems/nix-src#63](https://github.com/DeterminateSystems/nix-src/pull/63) + +* Tell users a source is corrupted ("cannot read file from tarball: Truncated tar archive detected while reading data"), improving over the previous 'cannot read file from tarball' error by @edolstra in [DeterminateSystems/nix-src#64](https://github.com/DeterminateSystems/nix-src/pull/64) **Full Changelog**: [v3.5.1...v3.5.2](https://github.com/DeterminateSystems/nix-src/compare/v3.5.1...v3.5.2) From ff24751bddf8ebfcd676adaa8a6afb46fca49333 Mon Sep 17 00:00:00 2001 From: John Ericson Date: Wed, 14 May 2025 19:29:50 -0400 Subject: [PATCH 573/815] Mark official release --- flake.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flake.nix b/flake.nix index a8759d04257..713207c2cb8 100644 --- a/flake.nix +++ b/flake.nix @@ -32,7 +32,7 @@ let inherit (nixpkgs) lib; - officialRelease = false; + officialRelease = true; linux32BitSystems = [ "i686-linux" ]; linux64BitSystems = [ From 1b2e88effdb8027441da7ba83b183ace051deb40 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 15 May 2025 11:10:21 +0200 Subject: [PATCH 574/815] Remove otherNixes.nix_2_18 Nixpkgs no longer has Nix 2.18, so this fails to evaluate. (cherry picked from commit bc85e20fb98a4170b2f832692298f57fe30dffd5) --- tests/nixos/default.nix | 7 ------- 1 file changed, 7 deletions(-) diff --git a/tests/nixos/default.nix b/tests/nixos/default.nix index 3e2d20a715f..f0b1a886565 100644 --- a/tests/nixos/default.nix +++ b/tests/nixos/default.nix @@ -94,13 +94,6 @@ let ); }; - otherNixes.nix_2_18.setNixPackage = - { lib, pkgs, ... }: - { - imports = [ checkOverrideNixVersion ]; - nix.package = lib.mkForce pkgs.nixVersions.nix_2_18; - }; - in { From 7f488dc7d3511bc9afb2852d5926c37d66906c91 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Thu, 15 May 2025 11:22:37 +0200 Subject: [PATCH 575/815] rename StoreDirConfigItself to StoreDirConfigBase context: https://github.com/NixOS/nix/pull/13154#discussion_r2081904653 (cherry picked from commit 2dd214275459b52994941867df185d425ec6a4c7) --- src/libstore/include/nix/store/store-dir-config.hh | 8 ++++---- src/libstore/store-dir-config.cc | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/src/libstore/include/nix/store/store-dir-config.hh b/src/libstore/include/nix/store/store-dir-config.hh index 40a71e446c2..6bf9ebf1431 100644 --- a/src/libstore/include/nix/store/store-dir-config.hh +++ b/src/libstore/include/nix/store/store-dir-config.hh @@ -104,7 +104,7 @@ struct MixStoreDirMethods * Need to make this a separate class so I can get the right * initialization order in the constructor for `StoreDirConfig`. */ -struct StoreDirConfigItself : Config +struct StoreDirConfigBase : Config { using Config::Config; @@ -118,12 +118,12 @@ struct StoreDirConfigItself : Config }; /** - * The order of `StoreDirConfigItself` and then `MixStoreDirMethods` is - * very important. This ensures that `StoreDirConfigItself::storeDir_` + * The order of `StoreDirConfigBase` and then `MixStoreDirMethods` is + * very important. This ensures that `StoreDirConfigBase::storeDir_` * is initialized before we have our one chance (because references are * immutable) to initialize `MixStoreDirMethods::storeDir`. */ -struct StoreDirConfig : StoreDirConfigItself, MixStoreDirMethods +struct StoreDirConfig : StoreDirConfigBase, MixStoreDirMethods { using Params = std::map; diff --git a/src/libstore/store-dir-config.cc b/src/libstore/store-dir-config.cc index 191926be638..ec65013ef2a 100644 --- a/src/libstore/store-dir-config.cc +++ b/src/libstore/store-dir-config.cc @@ -5,7 +5,7 @@ namespace nix { StoreDirConfig::StoreDirConfig(const Params & params) - : StoreDirConfigItself(params) + : StoreDirConfigBase(params) , MixStoreDirMethods{storeDir_} { } From 4f03bfebd9e2a06c4dc64157d277c4871f0c9e38 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 15 May 2025 11:31:34 +0200 Subject: [PATCH 576/815] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/f02fddb8acef29a8b32f10a335d44828d7825b78?narHash=sha256-IgBWhX7A2oJmZFIrpRuMnw5RAufVnfvOgHWgIdds%2Bhc%3D' (2025-05-01) → 'github:NixOS/nixpkgs/adaa24fbf46737f3f1b5497bf64bae750f82942e?narHash=sha256-qhFMmDkeJX9KJwr5H32f1r7Prs7XbQWtO0h3V0a0rFY%3D' (2025-05-13) (cherry picked from commit 3ba49d7ec204c2985ef0cffd6e8ceefab448e475) --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index b8ff29a0c83..3075eabc233 100644 --- a/flake.lock +++ b/flake.lock @@ -63,11 +63,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1746141548, - "narHash": "sha256-IgBWhX7A2oJmZFIrpRuMnw5RAufVnfvOgHWgIdds+hc=", + "lastModified": 1747179050, + "narHash": "sha256-qhFMmDkeJX9KJwr5H32f1r7Prs7XbQWtO0h3V0a0rFY=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "f02fddb8acef29a8b32f10a335d44828d7825b78", + "rev": "adaa24fbf46737f3f1b5497bf64bae750f82942e", "type": "github" }, "original": { From dc238ba1029732aa87f7056b0f741c99a10b936e Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 15 May 2025 12:55:08 +0200 Subject: [PATCH 577/815] Fix nix-copy-closure VM test https://hydra.nixos.org/build/297112538 (cherry picked from commit d626348f42c60a9a3192b43b13dd27ebb6252ad8) --- tests/nixos/nix-copy-closure.nix | 2 -- 1 file changed, 2 deletions(-) diff --git a/tests/nixos/nix-copy-closure.nix b/tests/nixos/nix-copy-closure.nix index 34e3a2c7de7..d24930de060 100644 --- a/tests/nixos/nix-copy-closure.nix +++ b/tests/nixos/nix-copy-closure.nix @@ -61,12 +61,10 @@ in "${pkgs.openssh}/bin/ssh-keygen", "-t", "ed25519", "-f", "key", "-N", "" ], capture_output=True, check=True) - client.succeed("mkdir -m 700 /root/.ssh") client.copy_from_host("key", "/root/.ssh/id_ed25519") client.succeed("chmod 600 /root/.ssh/id_ed25519") # Install the SSH key on the server. - server.succeed("mkdir -m 700 /root/.ssh") server.copy_from_host("key.pub", "/root/.ssh/authorized_keys") server.wait_for_unit("sshd") server.wait_for_unit("multi-user.target") From 2b7e3e9b817c3e7ab072b33b397b9ced42c17891 Mon Sep 17 00:00:00 2001 From: Sergei Zimmerman Date: Thu, 15 May 2025 21:13:13 +0000 Subject: [PATCH 578/815] dev-shell: Drop bear dependency Since the autotools-based build system has been removed and meson already generates compile database there's no need to have it in the devshell. (cherry picked from commit 67535263a577699002b9b0d05c2eea3f9615dd73) --- packaging/dev-shell.nix | 3 --- 1 file changed, 3 deletions(-) diff --git a/packaging/dev-shell.nix b/packaging/dev-shell.nix index be760496af3..8d3fa38527a 100644 --- a/packaging/dev-shell.nix +++ b/packaging/dev-shell.nix @@ -119,9 +119,6 @@ pkgs.nixComponents2.nix-util.overrideAttrs ( (pkgs.writeScriptBin "pre-commit-hooks-install" modular.pre-commit.settings.installationScript) pkgs.buildPackages.nixfmt-rfc-style ] - # TODO: Remove the darwin check once - # https://github.com/NixOS/nixpkgs/pull/291814 is available - ++ lib.optional (stdenv.cc.isClang && !stdenv.buildPlatform.isDarwin) pkgs.buildPackages.bear ++ lib.optional (stdenv.cc.isClang && stdenv.hostPlatform == stdenv.buildPlatform) ( lib.hiPrio pkgs.buildPackages.clang-tools ) From ca0bde35784564cc44ff1d154526dc76c4d5cdf6 Mon Sep 17 00:00:00 2001 From: Peder Bergebakken Sundt Date: Fri, 16 May 2025 09:20:55 +0200 Subject: [PATCH 579/815] docs: remove repeated "allowedReferences" This is what write-good lints as a "lexical illusion" (cherry picked from commit cb16cd707c17db7179d1bad6efb08d92ed8cc7fd) --- doc/manual/source/language/advanced-attributes.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/manual/source/language/advanced-attributes.md b/doc/manual/source/language/advanced-attributes.md index 4031f763a7f..a939847e1aa 100644 --- a/doc/manual/source/language/advanced-attributes.md +++ b/doc/manual/source/language/advanced-attributes.md @@ -73,7 +73,7 @@ Derivations can declare some infrequently used optional attributes. > **Warning** > - > If set to `true`, other advanced attributes such as [`allowedReferences`](#adv-attr-allowedReferences), [`allowedReferences`](#adv-attr-allowedReferences), [`allowedRequisites`](#adv-attr-allowedRequisites), + > If set to `true`, other advanced attributes such as [`allowedReferences`](#adv-attr-allowedReferences), [`allowedRequisites`](#adv-attr-allowedRequisites), [`disallowedReferences`](#adv-attr-disallowedReferences) and [`disallowedRequisites`](#adv-attr-disallowedRequisites), maxSize, and maxClosureSize. will have no effect. From 6fc6db34964beb3b036be60e0b758ebd0320352a Mon Sep 17 00:00:00 2001 From: Peder Bergebakken Sundt Date: Fri, 16 May 2025 09:52:03 +0200 Subject: [PATCH 580/815] docs: remove lexical illusions detected with write-good I made this this non-markdown aware tool somewhat behave with some cursed fd+pandoc invocations (cherry picked from commit ea5302c4a28e254d6c72b842a6dd469c929f7f94) --- .../source/store/derivation/outputs/content-address.md | 6 +++--- doc/manual/source/store/derivation/outputs/index.md | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/doc/manual/source/store/derivation/outputs/content-address.md b/doc/manual/source/store/derivation/outputs/content-address.md index 7fc689fb318..4d51303480d 100644 --- a/doc/manual/source/store/derivation/outputs/content-address.md +++ b/doc/manual/source/store/derivation/outputs/content-address.md @@ -23,7 +23,7 @@ The output spec for an output with a fixed content addresses additionally contai > **Design note** > > In principle, the output spec could also specify the references the store object should have, since the references and file system objects are equally parts of a content-addressed store object proper that contribute to its content-addressed. -> However, at this time, the references are not not done because all fixed content-addressed outputs are required to have no references (including no self-reference). +> However, at this time, the references are not done because all fixed content-addressed outputs are required to have no references (including no self-reference). > > Also in principle, rather than specifying the references and file system object data with separate hashes, a single hash that constraints both could be used. > This could be done with the final store path's digest, or better yet, the hash that will become the store path's digest before it is truncated. @@ -116,7 +116,7 @@ Because the derivation output is not fixed (just like with [input addressing]), > (The "environment", in this case, consists of attributes such as the Operating System Nix runs atop, along with the operating-system-specific privileges that Nix has been granted. > Because of how conventional operating systems like macos, Linux, etc. work, granting builders *fewer* privileges may ironically require that Nix be run with *more* privileges.) -That said, derivations producing floating content-addressed outputs may declare their builders as impure (like the builders of derivations producing producing fixed outputs). +That said, derivations producing floating content-addressed outputs may declare their builders as impure (like the builders of derivations producing fixed outputs). This is provisionally supported as part of the [`impure-derivations`][xp-feature-impure-derivations] experimental feature. ### Compatibility negotiation @@ -144,7 +144,7 @@ A *deterministic* content-addressing derivation should produce outputs with the The choice of provisional store path can be thought of as an impurity, since it is an arbitrary choice. If provisional outputs paths are deterministically chosen, we are in the first branch of part (1). - The builder the data it produces based on it in arbitrary ways, but this gets us closer to to [input addressing]. + The builder the data it produces based on it in arbitrary ways, but this gets us closer to [input addressing]. Deterministically choosing the provisional path may be considered "complete sandboxing" by removing an impurity, but this is unsatisfactory Significant changes should add the following header, which moves them to the top. diff --git a/doc/manual/substitute.py b/doc/manual/substitute.py index a8b11d93250..6e27c338818 100644 --- a/doc/manual/substitute.py +++ b/doc/manual/substitute.py @@ -57,6 +57,9 @@ def recursive_replace(data: dict[str, t.Any], book_root: Path, search_path: Path ).replace( '@docroot@', ("../" * len(path_to_chapter.parent.parts) or "./")[:-1] + ).replace( + '@_at_', + '@' ), sub_items = [ recursive_replace(sub_item, book_root, search_path) From 83fa99844b6369a1cb6105a5333a7913ed61ba49 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Sat, 17 May 2025 21:18:04 +0200 Subject: [PATCH 584/815] Install 'nix profile add' manpage --- doc/manual/meson.build | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/doc/manual/meson.build b/doc/manual/meson.build index f7d3f44c59d..2146d73ef45 100644 --- a/doc/manual/meson.build +++ b/doc/manual/meson.build @@ -248,10 +248,11 @@ nix3_manpages = [ 'nix3-nar', 'nix3-path-info', 'nix3-print-dev-env', + 'nix3-profile', + 'nix3-profile-add', 'nix3-profile-diff-closures', 'nix3-profile-history', 'nix3-profile-list', - 'nix3-profile', 'nix3-profile-remove', 'nix3-profile-rollback', 'nix3-profile-upgrade', From f50117ba4c2f2441c526c69c19119c2bcfe5e922 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Sun, 18 May 2025 10:01:57 +0200 Subject: [PATCH 585/815] Revert storeFS to use makeFSSourceAccessor() Need to investigate why store->getFSAccessor() breaks a test. --- src/libexpr/eval.cc | 2 +- tests/functional/flakes/follow-paths.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/libexpr/eval.cc b/src/libexpr/eval.cc index 531a932bd08..868933b9525 100644 --- a/src/libexpr/eval.cc +++ b/src/libexpr/eval.cc @@ -270,7 +270,7 @@ EvalState::EvalState( exception, and make union source accessor catch it, so we don't need to do this hack. */ - {CanonPath(store->storeDir), store->getFSAccessor(settings.pureEval)}, + {CanonPath(store->storeDir), makeFSSourceAccessor(dirOf(store->toRealPath(StorePath::dummy)))} })) , rootFS( ({ diff --git a/tests/functional/flakes/follow-paths.sh b/tests/functional/flakes/follow-paths.sh index 8abbf323315..25f26137b27 100755 --- a/tests/functional/flakes/follow-paths.sh +++ b/tests/functional/flakes/follow-paths.sh @@ -131,7 +131,7 @@ EOF git -C $flakeFollowsA add flake.nix expect 1 nix flake lock $flakeFollowsA 2>&1 | grep '/flakeB.*is forbidden in pure evaluation mode' -#expect 1 nix flake lock --impure $flakeFollowsA 2>&1 | grep '/flakeB.*does not exist' # FIXME +expect 1 nix flake lock --impure $flakeFollowsA 2>&1 | grep '/flakeB.*does not exist' # FIXME # Test relative non-flake inputs. cat > $flakeFollowsA/flake.nix < Date: Sun, 18 May 2025 13:10:08 +0200 Subject: [PATCH 586/815] Restore the hash mismatch activity --- src/libstore/build/derivation-goal.cc | 1 + src/libstore/unix/build/derivation-builder.cc | 2 -- .../unix/include/nix/store/build/derivation-builder.hh | 9 ++++++++- 3 files changed, 9 insertions(+), 3 deletions(-) diff --git a/src/libstore/build/derivation-goal.cc b/src/libstore/build/derivation-goal.cc index 81215eacf20..850d21bca26 100644 --- a/src/libstore/build/derivation-goal.cc +++ b/src/libstore/build/derivation-goal.cc @@ -872,6 +872,7 @@ Goal::Co DerivationGoal::tryToBuild() *drvOptions, inputPaths, initialOutputs, + act }); } diff --git a/src/libstore/unix/build/derivation-builder.cc b/src/libstore/unix/build/derivation-builder.cc index abfe9b2b10b..688f4311e92 100644 --- a/src/libstore/unix/build/derivation-builder.cc +++ b/src/libstore/unix/build/derivation-builder.cc @@ -2709,14 +2709,12 @@ SingleDrvOutputs DerivationBuilderImpl::registerOutputs() store.printStorePath(drvPath), wanted.to_string(HashFormat::SRI, true), got.to_string(HashFormat::SRI, true))); -#if 0 // FIXME act->result(resHashMismatch, { {"storePath", store.printStorePath(drvPath)}, {"wanted", wanted}, {"got", got}, }); -#endif } if (!newInfo0.references.empty()) { auto numViolations = newInfo.references.size(); diff --git a/src/libstore/unix/include/nix/store/build/derivation-builder.hh b/src/libstore/unix/include/nix/store/build/derivation-builder.hh index d6c40060a48..81a574fd0a3 100644 --- a/src/libstore/unix/include/nix/store/build/derivation-builder.hh +++ b/src/libstore/unix/include/nix/store/build/derivation-builder.hh @@ -58,6 +58,11 @@ struct DerivationBuilderParams const BuildMode & buildMode; + /** + * The activity corresponding to the build. + */ + std::unique_ptr & act; + DerivationBuilderParams( const StorePath & drvPath, const BuildMode & buildMode, @@ -66,7 +71,8 @@ struct DerivationBuilderParams const StructuredAttrs * parsedDrv, const DerivationOptions & drvOptions, const StorePathSet & inputPaths, - std::map & initialOutputs) + std::map & initialOutputs, + std::unique_ptr & act) : drvPath{drvPath} , buildResult{buildResult} , drv{drv} @@ -75,6 +81,7 @@ struct DerivationBuilderParams , inputPaths{inputPaths} , initialOutputs{initialOutputs} , buildMode{buildMode} + , act{act} { } DerivationBuilderParams(DerivationBuilderParams &&) = default; From b33fd1e4fb9c28d0b67a2a80819d69e88c442d8f Mon Sep 17 00:00:00 2001 From: Sergei Zimmerman Date: Tue, 6 May 2025 21:58:52 +0000 Subject: [PATCH 587/815] libstore: Use `boost::regex` for GC root discovery MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit As it turns out using `std::regex` is actually the bottleneck for root discovery. Just substituting `std::` -> `boost::` makes root discovery twice as fast (3x if counting only userspace time). Some rather ad-hoc measurements to motivate the switch: (On master) ``` nix build github:nixos/nix/1e822bd4149a8bce1da81ee2ad9404986b07914c#nix-cli --out-link result-1e822bd4149a8bce1da81ee2ad9404986b07914c taskset -c 2,3 hyperfine "result-1e822bd4149a8bce1da81ee2ad9404986b07914c/bin/nix store gc --dry-run --max 0" Benchmark 1: result-1e822bd4149a8bce1da81ee2ad9404986b07914c/bin/nix store gc --dry-run --max 0 Time (mean ± σ): 481.6 ms ± 3.9 ms [User: 336.2 ms, System: 142.0 ms] Range (min … max): 474.6 ms … 487.7 ms 10 runs ``` (After this patch) ``` taskset -c 2,3 hyperfine "result/bin/nix store gc --dry-run --max 0" Benchmark 1: result/bin/nix store gc --dry-run --max 0 Time (mean ± σ): 254.7 ms ± 9.7 ms [User: 111.1 ms, System: 141.3 ms] Range (min … max): 246.5 ms … 281.3 ms 10 runs ``` `boost::regex` is a drop-in replacement for `std::regex`, but much faster. Doing a simple before/after comparison doesn't surface any change in behavior: ``` result/bin/nix store gc --dry-run -vvvvv --max 0 |& grep "got additional" | wc -l result-1e822bd4149a8bce1da81ee2ad9404986b07914c/bin/nix store gc --dry-run -vvvvv --max 0 |& grep "got additional" | wc -l ``` (cherry picked from commit 3a1301cd6db698a212a0c036e40ad402bd8a2a12) --- src/libstore/gc.cc | 29 +++++++++++++++-------------- 1 file changed, 15 insertions(+), 14 deletions(-) diff --git a/src/libstore/gc.cc b/src/libstore/gc.cc index 8fad9661c9c..1469db3eca4 100644 --- a/src/libstore/gc.cc +++ b/src/libstore/gc.cc @@ -13,10 +13,11 @@ # include "nix/util/processes.hh" #endif +#include + #include #include #include -#include #include #include @@ -331,8 +332,8 @@ static void readProcLink(const std::filesystem::path & file, UncheckedRoots & ro static std::string quoteRegexChars(const std::string & raw) { - static auto specialRegex = std::regex(R"([.^$\\*+?()\[\]{}|])"); - return std::regex_replace(raw, specialRegex, R"(\$&)"); + static auto specialRegex = boost::regex(R"([.^$\\*+?()\[\]{}|])"); + return boost::regex_replace(raw, specialRegex, R"(\$&)"); } #ifdef __linux__ @@ -354,12 +355,12 @@ void LocalStore::findRuntimeRoots(Roots & roots, bool censor) auto procDir = AutoCloseDir{opendir("/proc")}; if (procDir) { struct dirent * ent; - auto digitsRegex = std::regex(R"(^\d+$)"); - auto mapRegex = std::regex(R"(^\s*\S+\s+\S+\s+\S+\s+\S+\s+\S+\s+(/\S+)\s*$)"); - auto storePathRegex = std::regex(quoteRegexChars(storeDir) + R"(/[0-9a-z]+[0-9a-zA-Z\+\-\._\?=]*)"); + static const auto digitsRegex = boost::regex(R"(^\d+$)"); + static const auto mapRegex = boost::regex(R"(^\s*\S+\s+\S+\s+\S+\s+\S+\s+\S+\s+(/\S+)\s*$)"); + auto storePathRegex = boost::regex(quoteRegexChars(storeDir) + R"(/[0-9a-z]+[0-9a-zA-Z\+\-\._\?=]*)"); while (errno = 0, ent = readdir(procDir.get())) { checkInterrupt(); - if (std::regex_match(ent->d_name, digitsRegex)) { + if (boost::regex_match(ent->d_name, digitsRegex)) { try { readProcLink(fmt("/proc/%s/exe" ,ent->d_name), unchecked); readProcLink(fmt("/proc/%s/cwd", ent->d_name), unchecked); @@ -386,15 +387,15 @@ void LocalStore::findRuntimeRoots(Roots & roots, bool censor) std::filesystem::path mapFile = fmt("/proc/%s/maps", ent->d_name); auto mapLines = tokenizeString>(readFile(mapFile.string()), "\n"); for (const auto & line : mapLines) { - auto match = std::smatch{}; - if (std::regex_match(line, match, mapRegex)) + auto match = boost::smatch{}; + if (boost::regex_match(line, match, mapRegex)) unchecked[match[1]].emplace(mapFile.string()); } auto envFile = fmt("/proc/%s/environ", ent->d_name); auto envString = readFile(envFile); - auto env_end = std::sregex_iterator{}; - for (auto i = std::sregex_iterator{envString.begin(), envString.end(), storePathRegex}; i != env_end; ++i) + auto env_end = boost::sregex_iterator{}; + for (auto i = boost::sregex_iterator{envString.begin(), envString.end(), storePathRegex}; i != env_end; ++i) unchecked[i->str()].emplace(envFile); } catch (SystemError & e) { if (errno == ENOENT || errno == EACCES || errno == ESRCH) @@ -413,12 +414,12 @@ void LocalStore::findRuntimeRoots(Roots & roots, bool censor) // Because of this we disable lsof when running the tests. if (getEnv("_NIX_TEST_NO_LSOF") != "1") { try { - std::regex lsofRegex(R"(^n(/.*)$)"); + boost::regex lsofRegex(R"(^n(/.*)$)"); auto lsofLines = tokenizeString>(runProgram(LSOF, true, { "-n", "-w", "-F", "n" }), "\n"); for (const auto & line : lsofLines) { - std::smatch match; - if (std::regex_match(line, match, lsofRegex)) + boost::smatch match; + if (boost::regex_match(line, match, lsofRegex)) unchecked[match[1].str()].emplace("{lsof}"); } } catch (ExecError & e) { From 91dc6e7fa0fba0b8b875b135c7904ecc3423ad9a Mon Sep 17 00:00:00 2001 From: Sergei Zimmerman Date: Tue, 13 May 2025 08:47:24 +0000 Subject: [PATCH 588/815] packaging/dependencies: Use boost without enableIcu This reduces the closure size on master by 40MiB. ``` $ nix build github:nixos/nix/1e822bd4149a8bce1da81ee2ad9404986b07914c#nix-store --out-link closure-on-master $ nix build .#nix-store -L --out-link closure-without-icu $ nix path-info --closure-size -h ./closure-on-master /nix/store/8gwr38m5h6p7245ji9jv28a2a11w1isx-nix-store-2.29.0pre 124.4 MiB $ nix path-info --closure-size -h ./closure-without-icu /nix/store/k0gwfykjqpnmaqbwh23nk55lhanc9g24-nix-store-2.29.0pre 86.6 MiB ``` (cherry picked from commit f3090ef7033c9bdc04beacfbb128c688cfa40fee) --- packaging/dependencies.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/packaging/dependencies.nix b/packaging/dependencies.nix index a90ef1b4ab7..7ce3bf1259c 100644 --- a/packaging/dependencies.nix +++ b/packaging/dependencies.nix @@ -63,6 +63,7 @@ scope: { "--with-coroutine" "--with-iostreams" ]; + enableIcu = false; }).overrideAttrs (old: { # Need to remove `--with-*` to use `--with-libraries=...` From 29d98da6363aa8c6a796550ed27618b1a25dcf75 Mon Sep 17 00:00:00 2001 From: Sergei Zimmerman Date: Tue, 13 May 2025 08:51:46 +0000 Subject: [PATCH 589/815] libstore: Depend on boost_regex explicitly (cherry picked from commit 18a5589f9a6d710fe1f70e694cee513589c1c11c) --- src/libstore/meson.build | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libstore/meson.build b/src/libstore/meson.build index 9681a38abde..672993bf05e 100644 --- a/src/libstore/meson.build +++ b/src/libstore/meson.build @@ -94,7 +94,7 @@ subdir('nix-meson-build-support/libatomic') boost = dependency( 'boost', - modules : ['container'], + modules : ['container', 'regex'], include_type: 'system', ) # boost is a public dependency, but not a pkg-config dependency unfortunately, so we From 90eb2f759c76ce538b2eed676a5648edeba751c2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Mon, 19 May 2025 09:25:34 +0200 Subject: [PATCH 590/815] libutil-tests/json-utils: fix -Werror=sign-compare error I am on a newer different nixpkgs branch, so I am getting this error (cherry picked from commit 1290b7e53d03cc8b084aaa8e58baff177711ccb0) --- src/libutil-tests/json-utils.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libutil-tests/json-utils.cc b/src/libutil-tests/json-utils.cc index eae67b4b316..211f8bf1ee4 100644 --- a/src/libutil-tests/json-utils.cc +++ b/src/libutil-tests/json-utils.cc @@ -131,7 +131,7 @@ TEST(getString, wrongAssertions) { TEST(getIntegralNumber, rightAssertions) { auto simple = R"({ "int": 0, "signed": -1 })"_json; - ASSERT_EQ(getUnsigned(valueAt(getObject(simple), "int")), 0); + ASSERT_EQ(getUnsigned(valueAt(getObject(simple), "int")), 0u); ASSERT_EQ(getInteger(valueAt(getObject(simple), "int")), 0); ASSERT_EQ(getInteger(valueAt(getObject(simple), "signed")), -1); } From 607be58a80203306b6132b87dce099750c524ec7 Mon Sep 17 00:00:00 2001 From: Luc Perkins Date: Mon, 19 May 2025 11:20:40 -0400 Subject: [PATCH 591/815] Update CI badge URLs --- README.md | 35 ++++++++++++++++++++++------------- 1 file changed, 22 insertions(+), 13 deletions(-) diff --git a/README.md b/README.md index 54a6fcc3949..35c0bcfb342 100644 --- a/README.md +++ b/README.md @@ -1,11 +1,11 @@ -# Nix +# Determinate Nix -[![Open Collective supporters](https://opencollective.com/nixos/tiers/supporter/badge.svg?label=Supporters&color=brightgreen)](https://opencollective.com/nixos) -[![CI](https://github.com/NixOS/nix/workflows/CI/badge.svg)](https://github.com/NixOS/nix/actions/workflows/ci.yml) +[![CI](https://github.com/DeterminateSystems/nix-src/workflows/CI/badge.svg)](https://github.com/DeterminateSystems/nix-src/actions/workflows/ci.yml) -Nix is a powerful package manager for Linux and other Unix systems that makes package -management reliable and reproducible. Please refer to the [Nix manual](https://nix.dev/reference/nix-manual) -for more details. +This repository houses the source for [Determinate Nix][det-nix], a downstream distribution of [Nix][upstream]. +Nix is a powerful language, package manager, and CLI for Linux and other Unix systems that makes package management reliable and reproducible. + +--- ## Installation and first steps @@ -26,13 +26,22 @@ Check the [contributing guide](./CONTRIBUTING.md) if you want to get involved wi Nix was created by Eelco Dolstra and developed as the subject of his PhD thesis [The Purely Functional Software Deployment Model](https://edolstra.github.io/pubs/phd-thesis.pdf), published 2006. Today, a world-wide developer community contributes to Nix and the ecosystem that has grown around it. -- [The Nix, Nixpkgs, NixOS Community on nixos.org](https://nixos.org/) -- [Official documentation on nix.dev](https://nix.dev) -- [Nixpkgs](https://github.com/NixOS/nixpkgs) is [the largest, most up-to-date free software repository in the world](https://repology.org/repositories/graphs) -- [NixOS](https://github.com/NixOS/nixpkgs/tree/master/nixos) is a Linux distribution that can be configured fully declaratively -- [Discourse](https://discourse.nixos.org/) -- [Matrix](https://matrix.to/#/#nix:nixos.org) +- [The Nix, Nixpkgs, NixOS Community on nixos.org][website] +- [Official documentation on nix.dev][nix.dev] +- [NixOS] is a Linux distribution that can be configured fully declaratively +- [Discourse] +- [Matrix] ## License -Nix is released under the [LGPL v2.1](./COPYING). +[Upstream Nix][upstream] is released under the [LGPL v2.1][license] license. +[Determinate Nix][det-nix] is also released under LGPL v2.1 based on the terms of that license. + +[det-nix]: https://docs.determinate.systems/determinate-nix +[discourse]: https://discourse.nixos.org +[license]: ./COPYING +[matrix]: https://matrix.to/#/#nix:nixos.org +[nix.dev]: https://nix.dev +[nixos]: https://github.com/NixOS/nixpkgs/tree/master/nixos +[upstream]: https://github.com/NixOS/nix +[website]: https://nixos.org From a56ecb5302ef9be3c0ece8b89f12b5da62fb72a2 Mon Sep 17 00:00:00 2001 From: Luc Perkins Date: Tue, 20 May 2025 10:20:14 -0400 Subject: [PATCH 592/815] Add logos --- README.md | 55 +++++++++++++++++++++++++++++++++++++++++++++++-------- 1 file changed, 47 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index 35c0bcfb342..9b1390c9ffe 100644 --- a/README.md +++ b/README.md @@ -1,10 +1,44 @@ +

+ +

+

+  Discord  +  Bluesky  +  Mastodon  +  Twitter  +  LinkedIn  +

+ # Determinate Nix [![CI](https://github.com/DeterminateSystems/nix-src/workflows/CI/badge.svg)](https://github.com/DeterminateSystems/nix-src/actions/workflows/ci.yml) -This repository houses the source for [Determinate Nix][det-nix], a downstream distribution of [Nix][upstream]. +This repository houses the source for [**Determinate Nix**][det-nix], a downstream distribution of [Nix][upstream] created and maintained by [Determinate Systems][detsys]. Nix is a powerful language, package manager, and CLI for Linux and other Unix systems that makes package management reliable and reproducible. +Determinate Nix is + +[Determinate] +[FlakeHub] + +## Installing Determinate + +You can install Determinate on [macOS](#macos), non-NixOS [Linux](#linux), and [NixOS](#nixos). + +### macOS + +On macOS, we recommend using the graphical installer from Determinate Systems. +Click [here][gui] to download and run it. + +### Linux + +On Linux, including Windows Subsystem for Linux (WSL), we recommend installing Determinate using [Determinate Nix Installer][installer]: + +```shell +curl -fsSL https://install.determinate.systems/nix | sh -s -- install --determinate +``` + + --- ## Installation and first steps @@ -19,29 +53,34 @@ Follow instructions in the Nix reference manual to [set up a development environ ## Contributing -Check the [contributing guide](./CONTRIBUTING.md) if you want to get involved with developing Nix. +Check the [contributing guide][contributing] if you want to get involved with developing Nix. ## Additional resources -Nix was created by Eelco Dolstra and developed as the subject of his PhD thesis [The Purely Functional Software Deployment Model](https://edolstra.github.io/pubs/phd-thesis.pdf), published 2006. +Nix was created by [Eelco Dolstra][eelco] and developed as the subject of his 2006 PhD thesis, [The Purely Functional Software Deployment Model](https://edolstra.github.io/pubs/phd-thesis.pdf). Today, a world-wide developer community contributes to Nix and the ecosystem that has grown around it. - [The Nix, Nixpkgs, NixOS Community on nixos.org][website] +- [Nixpkgs], a collection of well over 100,000 software packages that can be built and managed using Nix - [Official documentation on nix.dev][nix.dev] - [NixOS] is a Linux distribution that can be configured fully declaratively -- [Discourse] -- [Matrix] ## License [Upstream Nix][upstream] is released under the [LGPL v2.1][license] license. [Determinate Nix][det-nix] is also released under LGPL v2.1 based on the terms of that license. +[contributing]: ./CONTRIBUTING.md [det-nix]: https://docs.determinate.systems/determinate-nix -[discourse]: https://discourse.nixos.org +[determinate]: https://docs.determinate.systems +[detsys]: https://determinate.systems +[dnixd]: https://docs.determinate.systems/determinate-nix#determinate-nixd +[eelco]: https://determinate.systems/people/eelco-dolstra +[flakehub]: https://flakehub.com +[gui]: https://install.determinate.systems/determinate-pkg/stable/Universal [license]: ./COPYING -[matrix]: https://matrix.to/#/#nix:nixos.org [nix.dev]: https://nix.dev -[nixos]: https://github.com/NixOS/nixpkgs/tree/master/nixos +[nixpkgs]: https://github.com/NixOS/nixpkgs +[thesis]: https://edolstra.github.io/pubs/phd-thesis.pdf [upstream]: https://github.com/NixOS/nix [website]: https://nixos.org From c4813b8cbc3f8559c60d1a387036c64e2649734c Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 22 May 2025 14:48:51 +0200 Subject: [PATCH 593/815] Bump version --- .version | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.version b/.version index f01356823fd..69886179f91 100644 --- a/.version +++ b/.version @@ -1 +1 @@ -2.29.0 +2.29.1 From 8825cd56b5ed294091b6ed4abe94d44df2fe7f5d Mon Sep 17 00:00:00 2001 From: gustavderdrache Date: Tue, 20 May 2025 13:46:19 -0400 Subject: [PATCH 594/815] Log warnings on IFD with new option --- src/libexpr/include/nix/expr/eval-settings.hh | 10 ++++++++++ src/libexpr/primops.cc | 18 +++++++++++++----- 2 files changed, 23 insertions(+), 5 deletions(-) diff --git a/src/libexpr/include/nix/expr/eval-settings.hh b/src/libexpr/include/nix/expr/eval-settings.hh index 6e5bbca202e..3ad2e9d2d38 100644 --- a/src/libexpr/include/nix/expr/eval-settings.hh +++ b/src/libexpr/include/nix/expr/eval-settings.hh @@ -151,6 +151,16 @@ struct EvalSettings : Config )" }; + Setting traceImportFromDerivation{ + this, false, "trace-import-from-derivation", + R"( + By default, Nix allows [Import from Derivation](@docroot@/language/import-from-derivation.md). + + When this setting is `true`, Nix will log a warning indicating that it performed such an import. + The `allow-import-from-derivation` setting takes precedence, and no warnings will be logged if that setting is also enabled. + )" + }; + Setting enableImportFromDerivation{ this, true, "allow-import-from-derivation", R"( diff --git a/src/libexpr/primops.cc b/src/libexpr/primops.cc index 44f7833e08e..58695238600 100644 --- a/src/libexpr/primops.cc +++ b/src/libexpr/primops.cc @@ -97,11 +97,19 @@ StringMap EvalState::realiseContext(const NixStringContext & context, StorePathS if (drvs.empty()) return {}; - if (isIFD && !settings.enableImportFromDerivation) - error( - "cannot build '%1%' during evaluation because the option 'allow-import-from-derivation' is disabled", - drvs.begin()->to_string(*store) - ).debugThrow(); + if (isIFD) { + if (!settings.enableImportFromDerivation) + error( + "cannot build '%1%' during evaluation because the option 'allow-import-from-derivation' is disabled", + drvs.begin()->to_string(*store) + ).debugThrow(); + + if (settings.traceImportFromDerivation) + warn( + "built '%1%' during evaluation due to an import from derivation", + drvs.begin()->to_string(*store) + ); + } /* Build/substitute the context. */ std::vector buildReqs; From 4355b7cbd5664364433abc64607b784fbe8c7979 Mon Sep 17 00:00:00 2001 From: gustavderdrache Date: Wed, 21 May 2025 11:11:09 -0400 Subject: [PATCH 595/815] Add test for output warning to ensure stability --- tests/functional/flakes/meson.build | 1 + tests/functional/flakes/trace-ifd.sh | 33 ++++++++++++++++++++++++++++ 2 files changed, 34 insertions(+) create mode 100644 tests/functional/flakes/trace-ifd.sh diff --git a/tests/functional/flakes/meson.build b/tests/functional/flakes/meson.build index 213c388a6d9..801fefc6f9a 100644 --- a/tests/functional/flakes/meson.build +++ b/tests/functional/flakes/meson.build @@ -33,6 +33,7 @@ suites += { 'debugger.sh', 'source-paths.sh', 'old-lockfiles.sh', + 'trace-ifd.sh', ], 'workdir': meson.current_source_dir(), } diff --git a/tests/functional/flakes/trace-ifd.sh b/tests/functional/flakes/trace-ifd.sh new file mode 100644 index 00000000000..f5c54f65152 --- /dev/null +++ b/tests/functional/flakes/trace-ifd.sh @@ -0,0 +1,33 @@ +#!/usr/bin/env bash + +source ./common.sh + +requireGit + +flake1Dir="$TEST_ROOT/flake" + +createGitRepo "$flake1Dir" +createSimpleGitFlake "$flake1Dir" + +cat > "$flake1Dir/flake.nix" <<'EOF' +{ + outputs = { self }: let inherit (import ./config.nix) mkDerivation; in { + drv = mkDerivation { + name = "drv"; + buildCommand = '' + echo drv >$out + ''; + }; + + ifd = mkDerivation { + name = "ifd"; + buildCommand = '' + echo ${builtins.readFile self.drv} >$out + ''; + }; + }; +} +EOF + +nix build "$flake1Dir#ifd" --option trace-import-from-derivation true 2>&1 \ + | grepQuiet 'warning: built .* during evaluation due to an import from derivation' From 0b66fd3c34f7a5f07629b7c4bc68d8bae9f0ad06 Mon Sep 17 00:00:00 2001 From: gustavderdrache Date: Thu, 22 May 2025 15:28:02 -0400 Subject: [PATCH 596/815] Update src/libexpr/include/nix/expr/eval-settings.hh Co-authored-by: Eelco Dolstra --- src/libexpr/include/nix/expr/eval-settings.hh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libexpr/include/nix/expr/eval-settings.hh b/src/libexpr/include/nix/expr/eval-settings.hh index 3ad2e9d2d38..6a58377e1dc 100644 --- a/src/libexpr/include/nix/expr/eval-settings.hh +++ b/src/libexpr/include/nix/expr/eval-settings.hh @@ -157,7 +157,7 @@ struct EvalSettings : Config By default, Nix allows [Import from Derivation](@docroot@/language/import-from-derivation.md). When this setting is `true`, Nix will log a warning indicating that it performed such an import. - The `allow-import-from-derivation` setting takes precedence, and no warnings will be logged if that setting is also enabled. + This option has no effect if `allow-import-from-derivation` is disabled. )" }; From 90cb816511d7f358bdf6acb83d8911b7a4e1d1cf Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Thu, 22 May 2025 23:28:56 +0000 Subject: [PATCH 597/815] Prepare release v3.6.0 From a43997cce4078f919f26d619291aee37cf9cb0b1 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Thu, 22 May 2025 23:28:59 +0000 Subject: [PATCH 598/815] Set .version-determinate to 3.6.0 --- .version-determinate | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.version-determinate b/.version-determinate index 87ce492908a..40c341bdcdb 100644 --- a/.version-determinate +++ b/.version-determinate @@ -1 +1 @@ -3.5.2 +3.6.0 From e5e7c2797c03732164ac84869b0c1aa1ccd77862 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Thu, 22 May 2025 23:29:04 +0000 Subject: [PATCH 599/815] Generare release notes for 3.6.0 --- doc/manual/source/SUMMARY.md.in | 1 + .../source/release-notes-determinate/changes.md | 13 +++++++++++-- .../source/release-notes-determinate/rl-3.6.0.md | 12 ++++++++++++ 3 files changed, 24 insertions(+), 2 deletions(-) create mode 100644 doc/manual/source/release-notes-determinate/rl-3.6.0.md diff --git a/doc/manual/source/SUMMARY.md.in b/doc/manual/source/SUMMARY.md.in index 45b56438f9e..4a792c5df7d 100644 --- a/doc/manual/source/SUMMARY.md.in +++ b/doc/manual/source/SUMMARY.md.in @@ -129,6 +129,7 @@ - [Contributing](development/contributing.md) - [Determinate Nix Release Notes](release-notes-determinate/index.md) - [Changes between Nix and Determinate Nix](release-notes-determinate/changes.md) + - [Release 3.6.0 (2025-05-22)](release-notes-determinate/rl-3.6.0.md) - [Release 3.5.2 (2025-05-12)](release-notes-determinate/rl-3.5.2.md) - [Release 3.5.1 (2025-05-09)](release-notes-determinate/rl-3.5.1.md) - [~~Release 3.5.0 (2025-05-09)~~](release-notes-determinate/rl-3.5.0.md) diff --git a/doc/manual/source/release-notes-determinate/changes.md b/doc/manual/source/release-notes-determinate/changes.md index 757fcbbb08d..5a6d518330c 100644 --- a/doc/manual/source/release-notes-determinate/changes.md +++ b/doc/manual/source/release-notes-determinate/changes.md @@ -1,6 +1,6 @@ # Changes between Nix and Determinate Nix -This section lists the differences between upstream Nix 2.28 and Determinate Nix 3.5.2. +This section lists the differences between upstream Nix 2.29 and Determinate Nix 3.6.0. * In Determinate Nix, flakes are stable. You no longer need to enable the `flakes` experimental feature. @@ -28,4 +28,13 @@ This section lists the differences between upstream Nix 2.28 and Determinate Nix -* Tell users a source is corrupted ("cannot read file from tarball: Truncated tar archive detected while reading data"), improving over the previous 'cannot read file from tarball' error by @edolstra in [DeterminateSystems/nix-src#64](https://github.com/DeterminateSystems/nix-src/pull/64) \ No newline at end of file +* Tell users a source is corrupted ("cannot read file from tarball: Truncated tar archive detected while reading data"), improving over the previous 'cannot read file from tarball' error by @edolstra in [DeterminateSystems/nix-src#64](https://github.com/DeterminateSystems/nix-src/pull/64) + + +* Switch to determinate-nix-action by @lucperkins in [DeterminateSystems/nix-src#68](https://github.com/DeterminateSystems/nix-src/pull/68) + +* Install 'nix profile add' manpage by @edolstra in [DeterminateSystems/nix-src#69](https://github.com/DeterminateSystems/nix-src/pull/69) + +* Sync with upstream 2.29.0 by @edolstra in [DeterminateSystems/nix-src#67](https://github.com/DeterminateSystems/nix-src/pull/67) + +* Emit warnings when using import-from-derivation by setting the `trace-import-from-derivation` option to `true` by @gustavderdrache in [DeterminateSystems/nix-src#70](https://github.com/DeterminateSystems/nix-src/pull/70) \ No newline at end of file diff --git a/doc/manual/source/release-notes-determinate/rl-3.6.0.md b/doc/manual/source/release-notes-determinate/rl-3.6.0.md new file mode 100644 index 00000000000..61cd0232c12 --- /dev/null +++ b/doc/manual/source/release-notes-determinate/rl-3.6.0.md @@ -0,0 +1,12 @@ +# Release 3.6.0 (2025-05-22) + +* Based on [upstream Nix 2.29.0](../release-notes/rl-2.29.md). + +## What's Changed +* Switch to determinate-nix-action by @lucperkins in [DeterminateSystems/nix-src#68](https://github.com/DeterminateSystems/nix-src/pull/68) +* Install 'nix profile add' manpage by @edolstra in [DeterminateSystems/nix-src#69](https://github.com/DeterminateSystems/nix-src/pull/69) +* Sync with upstream 2.29.0 by @edolstra in [DeterminateSystems/nix-src#67](https://github.com/DeterminateSystems/nix-src/pull/67) +* Emit warnings when using import-from-derivation by setting the `trace-import-from-derivation` option to `true` by @gustavderdrache in [DeterminateSystems/nix-src#70](https://github.com/DeterminateSystems/nix-src/pull/70) + + +**Full Changelog**: [v3.5.2...v3.6.0](https://github.com/DeterminateSystems/nix-src/compare/v3.5.2...v3.6.0) From 486fca34bcc97cf2f3070772e4f381c03d6782b8 Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Thu, 22 May 2025 19:36:08 -0400 Subject: [PATCH 600/815] Apply suggestions from code review --- doc/manual/source/release-notes-determinate/changes.md | 6 ------ doc/manual/source/release-notes-determinate/rl-3.6.0.md | 1 - 2 files changed, 7 deletions(-) diff --git a/doc/manual/source/release-notes-determinate/changes.md b/doc/manual/source/release-notes-determinate/changes.md index 5a6d518330c..26538effb7c 100644 --- a/doc/manual/source/release-notes-determinate/changes.md +++ b/doc/manual/source/release-notes-determinate/changes.md @@ -31,10 +31,4 @@ This section lists the differences between upstream Nix 2.29 and Determinate Nix * Tell users a source is corrupted ("cannot read file from tarball: Truncated tar archive detected while reading data"), improving over the previous 'cannot read file from tarball' error by @edolstra in [DeterminateSystems/nix-src#64](https://github.com/DeterminateSystems/nix-src/pull/64) -* Switch to determinate-nix-action by @lucperkins in [DeterminateSystems/nix-src#68](https://github.com/DeterminateSystems/nix-src/pull/68) - -* Install 'nix profile add' manpage by @edolstra in [DeterminateSystems/nix-src#69](https://github.com/DeterminateSystems/nix-src/pull/69) - -* Sync with upstream 2.29.0 by @edolstra in [DeterminateSystems/nix-src#67](https://github.com/DeterminateSystems/nix-src/pull/67) - * Emit warnings when using import-from-derivation by setting the `trace-import-from-derivation` option to `true` by @gustavderdrache in [DeterminateSystems/nix-src#70](https://github.com/DeterminateSystems/nix-src/pull/70) \ No newline at end of file diff --git a/doc/manual/source/release-notes-determinate/rl-3.6.0.md b/doc/manual/source/release-notes-determinate/rl-3.6.0.md index 61cd0232c12..453ab6c301d 100644 --- a/doc/manual/source/release-notes-determinate/rl-3.6.0.md +++ b/doc/manual/source/release-notes-determinate/rl-3.6.0.md @@ -3,7 +3,6 @@ * Based on [upstream Nix 2.29.0](../release-notes/rl-2.29.md). ## What's Changed -* Switch to determinate-nix-action by @lucperkins in [DeterminateSystems/nix-src#68](https://github.com/DeterminateSystems/nix-src/pull/68) * Install 'nix profile add' manpage by @edolstra in [DeterminateSystems/nix-src#69](https://github.com/DeterminateSystems/nix-src/pull/69) * Sync with upstream 2.29.0 by @edolstra in [DeterminateSystems/nix-src#67](https://github.com/DeterminateSystems/nix-src/pull/67) * Emit warnings when using import-from-derivation by setting the `trace-import-from-derivation` option to `true` by @gustavderdrache in [DeterminateSystems/nix-src#70](https://github.com/DeterminateSystems/nix-src/pull/70) From 61c3efb4f44bee31e4acdecd8168e034da069995 Mon Sep 17 00:00:00 2001 From: gustavderdrache Date: Fri, 23 May 2025 16:49:23 -0400 Subject: [PATCH 601/815] Make platform checks throw BuildError like other failures --- src/libstore/unix/build/derivation-builder.cc | 25 +++++++++++-------- 1 file changed, 15 insertions(+), 10 deletions(-) diff --git a/src/libstore/unix/build/derivation-builder.cc b/src/libstore/unix/build/derivation-builder.cc index 688f4311e92..d4862108c0a 100644 --- a/src/libstore/unix/build/derivation-builder.cc +++ b/src/libstore/unix/build/derivation-builder.cc @@ -862,17 +862,22 @@ void DerivationBuilderImpl::startBuilder() /* Right platform? */ if (!drvOptions.canBuildLocally(store, drv)) { + auto msg = fmt( + "Cannot build '%s'.\n" + "Reason: " ANSI_RED "unmet system or feature dependency" ANSI_NORMAL "\n" + "Required system: '%s' with features {%s}\n" + "Current system: '%s' with features {%s}", + Magenta(store.printStorePath(drvPath)), + Magenta(drv.platform), + concatStringsSep(", ", drvOptions.getRequiredSystemFeatures(drv)), + Magenta(settings.thisSystem), + concatStringsSep(", ", store.config.systemFeatures)); + // since aarch64-darwin has Rosetta 2, this user can actually run x86_64-darwin on their hardware - we should tell them to run the command to install Darwin 2 - if (drv.platform == "x86_64-darwin" && settings.thisSystem == "aarch64-darwin") { - throw Error("run `/usr/sbin/softwareupdate --install-rosetta` to enable your %s to run programs for %s", settings.thisSystem, drv.platform); - } else { - throw Error("a '%s' with features {%s} is required to build '%s', but I am a '%s' with features {%s}", - drv.platform, - concatStringsSep(", ", drvOptions.getRequiredSystemFeatures(drv)), - store.printStorePath(drvPath), - settings.thisSystem, - concatStringsSep(", ", store.config.systemFeatures)); - } + if (drv.platform == "x86_64-darwin" && settings.thisSystem == "aarch64-darwin") + msg += fmt("\nNote: run `%s` to run programs for x86_64-darwin", Magenta("/usr/sbin/softwareupdate --install-rosetta")); + + throw BuildError(msg); } /* Create a temporary directory where the build will take From 09d46ad93a197030c56d5793cde907100f4cbd81 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 23 May 2025 23:33:59 +0200 Subject: [PATCH 602/815] Don't use 'callback' object that we may have moved out of --- src/libstore/http-binary-cache-store.cc | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/libstore/http-binary-cache-store.cc b/src/libstore/http-binary-cache-store.cc index 2b591dda96e..e44d146b9ee 100644 --- a/src/libstore/http-binary-cache-store.cc +++ b/src/libstore/http-binary-cache-store.cc @@ -176,13 +176,13 @@ class HttpBinaryCacheStore : void getFile(const std::string & path, Callback> callback) noexcept override { + auto callbackPtr = std::make_shared(std::move(callback)); + try { checkEnabled(); auto request(makeRequest(path)); - auto callbackPtr = std::make_shared(std::move(callback)); - getFileTransfer()->enqueueFileTransfer(request, {[callbackPtr, this](std::future result) { try { @@ -198,7 +198,7 @@ class HttpBinaryCacheStore : }}); } catch (...) { - callback.rethrow(); + callbackPtr->rethrow(); return; } } From af7bfe7827da0467b1432b76d9b93f5c50149f6d Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Sat, 24 May 2025 00:14:32 +0200 Subject: [PATCH 603/815] fromStructuredAttrs(): Don't crash if exportReferencesGraph is a string Fixes error: [json.exception.type_error.302] type must be array, but is string and other crashes. Fixes #13254. --- src/libstore/derivation-options.cc | 9 +++++++-- src/libstore/misc.cc | 2 ++ 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/src/libstore/derivation-options.cc b/src/libstore/derivation-options.cc index e031f844757..f6bac2868fd 100644 --- a/src/libstore/derivation-options.cc +++ b/src/libstore/derivation-options.cc @@ -211,8 +211,13 @@ DerivationOptions::fromStructuredAttrs(const StringMap & env, const StructuredAt auto e = optionalValueAt(parsed->structuredAttrs, "exportReferencesGraph"); if (!e || !e->is_object()) return ret; - for (auto & [key, storePathsJson] : getObject(*e)) { - ret.insert_or_assign(key, storePathsJson); + for (auto & [key, value] : getObject(*e)) { + if (value.is_array()) + ret.insert_or_assign(key, value); + else if (value.is_string()) + ret.insert_or_assign(key, StringSet{value}); + else + throw Error("'exportReferencesGraph' value is not an array or a string"); } } else { auto s = getOr(env, "exportReferencesGraph", ""); diff --git a/src/libstore/misc.cc b/src/libstore/misc.cc index 967c91d72d3..dabae647fbb 100644 --- a/src/libstore/misc.cc +++ b/src/libstore/misc.cc @@ -225,6 +225,8 @@ void Store::queryMissing(const std::vector & targets, auto parsedDrv = StructuredAttrs::tryParse(drv->env); DerivationOptions drvOptions; try { + // FIXME: this is a lot of work just to get the value + // of `allowSubstitutes`. drvOptions = DerivationOptions::fromStructuredAttrs( drv->env, parsedDrv ? &*parsedDrv : nullptr); From 4bc1043ae466ab40cad6cbe89a6fe0f8e45e0bba Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Sat, 24 May 2025 00:40:06 +0200 Subject: [PATCH 604/815] Add test --- tests/functional/structured-attrs-shell.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/functional/structured-attrs-shell.nix b/tests/functional/structured-attrs-shell.nix index a819e39cdae..e9b9f1e3937 100644 --- a/tests/functional/structured-attrs-shell.nix +++ b/tests/functional/structured-attrs-shell.nix @@ -21,7 +21,7 @@ mkDerivation { "b" "c" ]; - exportReferencesGraph.refs = [ dep ]; + exportReferencesGraph.refs = dep; buildCommand = '' touch ''${outputs[out]}; touch ''${outputs[dev]} ''; From 562ed80bb7f4619adb640e2195ab1271c4542cb4 Mon Sep 17 00:00:00 2001 From: gustavderdrache Date: Fri, 23 May 2025 18:58:37 -0400 Subject: [PATCH 605/815] Update src/libstore/unix/build/derivation-builder.cc Co-authored-by: Cole Helbling --- src/libstore/unix/build/derivation-builder.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libstore/unix/build/derivation-builder.cc b/src/libstore/unix/build/derivation-builder.cc index d4862108c0a..0ef18966ca0 100644 --- a/src/libstore/unix/build/derivation-builder.cc +++ b/src/libstore/unix/build/derivation-builder.cc @@ -864,7 +864,7 @@ void DerivationBuilderImpl::startBuilder() if (!drvOptions.canBuildLocally(store, drv)) { auto msg = fmt( "Cannot build '%s'.\n" - "Reason: " ANSI_RED "unmet system or feature dependency" ANSI_NORMAL "\n" + "Reason: " ANSI_RED "required system or feature not available" ANSI_NORMAL "\n" "Required system: '%s' with features {%s}\n" "Current system: '%s' with features {%s}", Magenta(store.printStorePath(drvPath)), From 8e4f7984d196265cdc5513a2b02d31a4cfd78e8f Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Sat, 24 May 2025 02:11:02 +0000 Subject: [PATCH 606/815] Prepare release v3.6.1 From 20a79d9a73ae55c15eae37e2735a875ad422ce67 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Sat, 24 May 2025 02:11:05 +0000 Subject: [PATCH 607/815] Set .version-determinate to 3.6.1 --- .version-determinate | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.version-determinate b/.version-determinate index 40c341bdcdb..9575d51bad2 100644 --- a/.version-determinate +++ b/.version-determinate @@ -1 +1 @@ -3.6.0 +3.6.1 From 3e0433b65dd674d4f30b1ecbe89d012db87eafc4 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Sat, 24 May 2025 02:11:10 +0000 Subject: [PATCH 608/815] Generare release notes for 3.6.1 --- doc/manual/source/SUMMARY.md.in | 1 + doc/manual/source/release-notes-determinate/changes.md | 7 +++++-- doc/manual/source/release-notes-determinate/rl-3.6.1.md | 9 +++++++++ 3 files changed, 15 insertions(+), 2 deletions(-) create mode 100644 doc/manual/source/release-notes-determinate/rl-3.6.1.md diff --git a/doc/manual/source/SUMMARY.md.in b/doc/manual/source/SUMMARY.md.in index 4a792c5df7d..addcd106b07 100644 --- a/doc/manual/source/SUMMARY.md.in +++ b/doc/manual/source/SUMMARY.md.in @@ -129,6 +129,7 @@ - [Contributing](development/contributing.md) - [Determinate Nix Release Notes](release-notes-determinate/index.md) - [Changes between Nix and Determinate Nix](release-notes-determinate/changes.md) + - [Release 3.6.1 (2025-05-24)](release-notes-determinate/rl-3.6.1.md) - [Release 3.6.0 (2025-05-22)](release-notes-determinate/rl-3.6.0.md) - [Release 3.5.2 (2025-05-12)](release-notes-determinate/rl-3.5.2.md) - [Release 3.5.1 (2025-05-09)](release-notes-determinate/rl-3.5.1.md) diff --git a/doc/manual/source/release-notes-determinate/changes.md b/doc/manual/source/release-notes-determinate/changes.md index 26538effb7c..5323b3150d8 100644 --- a/doc/manual/source/release-notes-determinate/changes.md +++ b/doc/manual/source/release-notes-determinate/changes.md @@ -1,6 +1,6 @@ # Changes between Nix and Determinate Nix -This section lists the differences between upstream Nix 2.29 and Determinate Nix 3.6.0. +This section lists the differences between upstream Nix 2.29 and Determinate Nix 3.6.1. * In Determinate Nix, flakes are stable. You no longer need to enable the `flakes` experimental feature. @@ -31,4 +31,7 @@ This section lists the differences between upstream Nix 2.29 and Determinate Nix * Tell users a source is corrupted ("cannot read file from tarball: Truncated tar archive detected while reading data"), improving over the previous 'cannot read file from tarball' error by @edolstra in [DeterminateSystems/nix-src#64](https://github.com/DeterminateSystems/nix-src/pull/64) -* Emit warnings when using import-from-derivation by setting the `trace-import-from-derivation` option to `true` by @gustavderdrache in [DeterminateSystems/nix-src#70](https://github.com/DeterminateSystems/nix-src/pull/70) \ No newline at end of file +* Emit warnings when using import-from-derivation by setting the `trace-import-from-derivation` option to `true` by @gustavderdrache in [DeterminateSystems/nix-src#70](https://github.com/DeterminateSystems/nix-src/pull/70) + + +* Fix nlohmann error in fromStructuredAttrs() by @edolstra in [DeterminateSystems/nix-src#73](https://github.com/DeterminateSystems/nix-src/pull/73) \ No newline at end of file diff --git a/doc/manual/source/release-notes-determinate/rl-3.6.1.md b/doc/manual/source/release-notes-determinate/rl-3.6.1.md new file mode 100644 index 00000000000..12505afee27 --- /dev/null +++ b/doc/manual/source/release-notes-determinate/rl-3.6.1.md @@ -0,0 +1,9 @@ +# Release 3.6.1 (2025-05-24) + +* Based on [upstream Nix 2.29.0](../release-notes/rl-2.29.md). + +## What's Changed +* Fix nlohmann error in fromStructuredAttrs() by @edolstra in [DeterminateSystems/nix-src#73](https://github.com/DeterminateSystems/nix-src/pull/73) + + +**Full Changelog**: [v3.6.0...v3.6.1](https://github.com/DeterminateSystems/nix-src/compare/v3.6.0...v3.6.1) From acc3cd460d8968b6a90bf8f9076280b4aa7a6961 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 23 May 2025 23:33:59 +0200 Subject: [PATCH 609/815] Don't use 'callback' object that we may have moved out of (cherry picked from commit fa6e10ea6a87127ae813a708ccc97e708982f93f) --- src/libstore/http-binary-cache-store.cc | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/libstore/http-binary-cache-store.cc b/src/libstore/http-binary-cache-store.cc index 2b591dda96e..e44d146b9ee 100644 --- a/src/libstore/http-binary-cache-store.cc +++ b/src/libstore/http-binary-cache-store.cc @@ -176,13 +176,13 @@ class HttpBinaryCacheStore : void getFile(const std::string & path, Callback> callback) noexcept override { + auto callbackPtr = std::make_shared(std::move(callback)); + try { checkEnabled(); auto request(makeRequest(path)); - auto callbackPtr = std::make_shared(std::move(callback)); - getFileTransfer()->enqueueFileTransfer(request, {[callbackPtr, this](std::future result) { try { @@ -198,7 +198,7 @@ class HttpBinaryCacheStore : }}); } catch (...) { - callback.rethrow(); + callbackPtr->rethrow(); return; } } From 8ca4d2ef08e8e19c893ec186cfe8aeee91e94041 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Sat, 24 May 2025 00:14:32 +0200 Subject: [PATCH 610/815] fromStructuredAttrs(): Don't crash if exportReferencesGraph is a string Fixes error: [json.exception.type_error.302] type must be array, but is string and other crashes. Fixes #13254. (cherry picked from commit d877b0c0cc4795d17d10b9b9039f2de828152c55) --- src/libstore/derivation-options.cc | 9 +++++++-- src/libstore/misc.cc | 2 ++ 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/src/libstore/derivation-options.cc b/src/libstore/derivation-options.cc index e031f844757..f6bac2868fd 100644 --- a/src/libstore/derivation-options.cc +++ b/src/libstore/derivation-options.cc @@ -211,8 +211,13 @@ DerivationOptions::fromStructuredAttrs(const StringMap & env, const StructuredAt auto e = optionalValueAt(parsed->structuredAttrs, "exportReferencesGraph"); if (!e || !e->is_object()) return ret; - for (auto & [key, storePathsJson] : getObject(*e)) { - ret.insert_or_assign(key, storePathsJson); + for (auto & [key, value] : getObject(*e)) { + if (value.is_array()) + ret.insert_or_assign(key, value); + else if (value.is_string()) + ret.insert_or_assign(key, StringSet{value}); + else + throw Error("'exportReferencesGraph' value is not an array or a string"); } } else { auto s = getOr(env, "exportReferencesGraph", ""); diff --git a/src/libstore/misc.cc b/src/libstore/misc.cc index 967c91d72d3..dabae647fbb 100644 --- a/src/libstore/misc.cc +++ b/src/libstore/misc.cc @@ -225,6 +225,8 @@ void Store::queryMissing(const std::vector & targets, auto parsedDrv = StructuredAttrs::tryParse(drv->env); DerivationOptions drvOptions; try { + // FIXME: this is a lot of work just to get the value + // of `allowSubstitutes`. drvOptions = DerivationOptions::fromStructuredAttrs( drv->env, parsedDrv ? &*parsedDrv : nullptr); From d068b82c2f27d4105f54b43dde34a67dbd7d6db9 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Sat, 24 May 2025 00:40:06 +0200 Subject: [PATCH 611/815] Add test (cherry picked from commit c66eb9cef77c3462d0324b258d0c5e0b8e4f4e7f) --- tests/functional/structured-attrs-shell.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/functional/structured-attrs-shell.nix b/tests/functional/structured-attrs-shell.nix index a819e39cdae..e9b9f1e3937 100644 --- a/tests/functional/structured-attrs-shell.nix +++ b/tests/functional/structured-attrs-shell.nix @@ -21,7 +21,7 @@ mkDerivation { "b" "c" ]; - exportReferencesGraph.refs = [ dep ]; + exportReferencesGraph.refs = dep; buildCommand = '' touch ''${outputs[out]}; touch ''${outputs[dev]} ''; From 5f13d13f78e74f8cf70a95b5e2dabfde0a3b8906 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 26 May 2025 13:56:38 +0200 Subject: [PATCH 612/815] Fix trace-ifd test failure in dev shell Fixes error: cannot create symlink '/home/eelco/Dev/nix/tests/functional/flakes/result'; already exists running the test multiple times in a dev shell. --- tests/functional/flakes/trace-ifd.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/functional/flakes/trace-ifd.sh b/tests/functional/flakes/trace-ifd.sh index f5c54f65152..4879b97322e 100644 --- a/tests/functional/flakes/trace-ifd.sh +++ b/tests/functional/flakes/trace-ifd.sh @@ -29,5 +29,5 @@ cat > "$flake1Dir/flake.nix" <<'EOF' } EOF -nix build "$flake1Dir#ifd" --option trace-import-from-derivation true 2>&1 \ +nix build --no-link "$flake1Dir#ifd" --option trace-import-from-derivation true 2>&1 \ | grepQuiet 'warning: built .* during evaluation due to an import from derivation' From 3e45b40d6646f9298a6810998124b90d500117c3 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 30 May 2025 17:31:34 +0200 Subject: [PATCH 613/815] Add position info to path values (Actually, this adds a position field to *all* values.) This allows improving the "inefficient double copy" warning by showing where the source path came from in the source, e.g. warning: Performing inefficient double copy of path '/home/eelco/Dev/patchelf/' to the store at /home/eelco/Dev/patchelf/flake.nix:30:17. This can typically be avoided by rewriting an attribute like `src = ./.` to `src = builtins.path { path = ./.; name = "source"; }`. --- src/libexpr/eval.cc | 10 ++++++---- src/libexpr/include/nix/expr/eval.hh | 4 ++-- src/libexpr/include/nix/expr/nixexpr.hh | 4 ++-- src/libexpr/include/nix/expr/value.hh | 11 ++++++++--- src/libexpr/parser.y | 6 +++--- src/libexpr/paths.cc | 7 ++++--- src/libexpr/primops.cc | 2 +- src/libexpr/value-to-json.cc | 2 +- src/libutil/include/nix/util/pos-idx.hh | 7 ++++++- 9 files changed, 33 insertions(+), 20 deletions(-) diff --git a/src/libexpr/eval.cc b/src/libexpr/eval.cc index 868933b9525..fcc935add1d 100644 --- a/src/libexpr/eval.cc +++ b/src/libexpr/eval.cc @@ -149,6 +149,8 @@ PosIdx Value::determinePos(const PosIdx pos) const // Allow selecting a subset of enum values #pragma GCC diagnostic push #pragma GCC diagnostic ignored "-Wswitch-enum" + if (this->pos != 0) + return PosIdx(this->pos); switch (internalType) { case tAttrs: return attrs()->pos; case tLambda: return payload.lambda.fun->pos; @@ -906,7 +908,7 @@ void Value::mkStringMove(const char * s, const NixStringContext & context) void Value::mkPath(const SourcePath & path) { - mkPath(&*path.accessor, makeImmutableString(path.path.abs())); + mkPath(&*path.accessor, makeImmutableString(path.path.abs()), noPos.get()); } @@ -2356,7 +2358,7 @@ BackedStringView EvalState::coerceToString( // slash, as in /foo/${x}. v.payload.path.path : copyToStore - ? store->printStorePath(copyPathToStore(context, v.path())) + ? store->printStorePath(copyPathToStore(context, v.path(), v.determinePos(pos))) : ({ auto path = v.path(); if (path.accessor == rootFS && store->isInStore(path.path.abs())) { @@ -2434,7 +2436,7 @@ BackedStringView EvalState::coerceToString( } -StorePath EvalState::copyPathToStore(NixStringContext & context, const SourcePath & path) +StorePath EvalState::copyPathToStore(NixStringContext & context, const SourcePath & path, PosIdx pos) { if (nix::isDerivation(path.path.abs())) error("file names are not allowed to end in '%1%'", drvExtension).debugThrow(); @@ -2448,7 +2450,7 @@ StorePath EvalState::copyPathToStore(NixStringContext & context, const SourcePat *store, path.resolveSymlinks(SymlinkResolution::Ancestors), settings.readOnlyMode ? FetchMode::DryRun : FetchMode::Copy, - computeBaseName(path), + computeBaseName(path, pos), ContentAddressMethod::Raw::NixArchive, nullptr, repair); diff --git a/src/libexpr/include/nix/expr/eval.hh b/src/libexpr/include/nix/expr/eval.hh index d82baddb153..58f88a5a3de 100644 --- a/src/libexpr/include/nix/expr/eval.hh +++ b/src/libexpr/include/nix/expr/eval.hh @@ -594,7 +594,7 @@ public: bool coerceMore = false, bool copyToStore = true, bool canonicalizePath = true); - StorePath copyPathToStore(NixStringContext & context, const SourcePath & path); + StorePath copyPathToStore(NixStringContext & context, const SourcePath & path, PosIdx pos); /** @@ -607,7 +607,7 @@ public: * materialize /nix/store/-source though. Still, this * requires reading/hashing the path twice. */ - std::string computeBaseName(const SourcePath & path); + std::string computeBaseName(const SourcePath & path, PosIdx pos); /** * Path coercion. diff --git a/src/libexpr/include/nix/expr/nixexpr.hh b/src/libexpr/include/nix/expr/nixexpr.hh index a5ce0fd8922..0906814704a 100644 --- a/src/libexpr/include/nix/expr/nixexpr.hh +++ b/src/libexpr/include/nix/expr/nixexpr.hh @@ -138,9 +138,9 @@ struct ExprPath : Expr ref accessor; std::string s; Value v; - ExprPath(ref accessor, std::string s) : accessor(accessor), s(std::move(s)) + ExprPath(ref accessor, std::string s, PosIdx pos) : accessor(accessor), s(std::move(s)) { - v.mkPath(&*accessor, this->s.c_str()); + v.mkPath(&*accessor, this->s.c_str(), pos.get()); } Value * maybeThunk(EvalState & state, Env & env) override; COMMON_METHODS diff --git a/src/libexpr/include/nix/expr/value.hh b/src/libexpr/include/nix/expr/value.hh index e9cc1cd3ffa..6fe9b6b6f49 100644 --- a/src/libexpr/include/nix/expr/value.hh +++ b/src/libexpr/include/nix/expr/value.hh @@ -167,6 +167,7 @@ struct Value { private: InternalType internalType = tUninitialized; + uint32_t pos{0}; friend std::string showType(const Value & v); @@ -289,10 +290,11 @@ public: unreachable(); } - inline void finishValue(InternalType newType, Payload newPayload) + inline void finishValue(InternalType newType, Payload newPayload, uint32_t newPos = 0) { payload = newPayload; internalType = newType; + pos = newPos; } /** @@ -339,9 +341,9 @@ public: void mkPath(const SourcePath & path); void mkPath(std::string_view path); - inline void mkPath(SourceAccessor * accessor, const char * path) + inline void mkPath(SourceAccessor * accessor, const char * path, uint32_t pos) { - finishValue(tPath, { .path = { .accessor = accessor, .path = path } }); + finishValue(tPath, { .path = { .accessor = accessor, .path = path } }, pos); } inline void mkNull() @@ -482,6 +484,9 @@ public: NixFloat fpoint() const { return payload.fpoint; } + + inline uint32_t getPos() const + { return pos; } }; diff --git a/src/libexpr/parser.y b/src/libexpr/parser.y index 8878b86c290..e9be2837c0e 100644 --- a/src/libexpr/parser.y +++ b/src/libexpr/parser.y @@ -374,8 +374,8 @@ path_start root filesystem accessor, rather than the accessor of the current Nix expression. */ literal.front() == '/' - ? new ExprPath(state->rootFS, std::move(path)) - : new ExprPath(state->basePath.accessor, std::move(path)); + ? new ExprPath(state->rootFS, std::move(path), CUR_POS) + : new ExprPath(state->basePath.accessor, std::move(path), CUR_POS); } | HPATH { if (state->settings.pureEval) { @@ -385,7 +385,7 @@ path_start ); } Path path(getHome() + std::string($1.p + 1, $1.l - 1)); - $$ = new ExprPath(ref(state->rootFS), std::move(path)); + $$ = new ExprPath(ref(state->rootFS), std::move(path), CUR_POS); } ; diff --git a/src/libexpr/paths.cc b/src/libexpr/paths.cc index 3aaca232829..e7dfa549cb4 100644 --- a/src/libexpr/paths.cc +++ b/src/libexpr/paths.cc @@ -52,15 +52,16 @@ std::string EvalState::devirtualize(std::string_view s, const NixStringContext & return rewriteStrings(std::string(s), rewrites); } -std::string EvalState::computeBaseName(const SourcePath & path) +std::string EvalState::computeBaseName(const SourcePath & path, PosIdx pos) { if (path.accessor == rootFS) { if (auto storePath = store->maybeParseStorePath(path.path.abs())) { warn( - "Performing inefficient double copy of path '%s' to the store. " + "Performing inefficient double copy of path '%s' to the store at %s. " "This can typically be avoided by rewriting an attribute like `src = ./.` " "to `src = builtins.path { path = ./.; name = \"source\"; }`.", - path); + path, + positions[pos]); return std::string(fetchToStore(*store, path, FetchMode::DryRun, storePath->name()).to_string()); } } diff --git a/src/libexpr/primops.cc b/src/libexpr/primops.cc index 58695238600..bd4168a448c 100644 --- a/src/libexpr/primops.cc +++ b/src/libexpr/primops.cc @@ -2620,7 +2620,7 @@ static void prim_filterSource(EvalState & state, const PosIdx pos, Value * * arg "while evaluating the second argument (the path to filter) passed to 'builtins.filterSource'"); state.forceFunction(*args[0], pos, "while evaluating the first argument passed to builtins.filterSource"); - addPath(state, pos, state.computeBaseName(path), path, args[0], ContentAddressMethod::Raw::NixArchive, std::nullopt, v, context); + addPath(state, pos, state.computeBaseName(path, pos), path, args[0], ContentAddressMethod::Raw::NixArchive, std::nullopt, v, context); } static RegisterPrimOp primop_filterSource({ diff --git a/src/libexpr/value-to-json.cc b/src/libexpr/value-to-json.cc index f51108459ff..e05d526932b 100644 --- a/src/libexpr/value-to-json.cc +++ b/src/libexpr/value-to-json.cc @@ -39,7 +39,7 @@ json printValueAsJSON(EvalState & state, bool strict, case nPath: if (copyToStore) out = state.store->printStorePath( - state.copyPathToStore(context, v.path())); + state.copyPathToStore(context, v.path(), v.determinePos(pos))); else out = v.path().path.abs(); break; diff --git a/src/libutil/include/nix/util/pos-idx.hh b/src/libutil/include/nix/util/pos-idx.hh index c1749ba6935..4f305bdd8f1 100644 --- a/src/libutil/include/nix/util/pos-idx.hh +++ b/src/libutil/include/nix/util/pos-idx.hh @@ -15,12 +15,12 @@ class PosIdx private: uint32_t id; +public: explicit PosIdx(uint32_t id) : id(id) { } -public: PosIdx() : id(0) { @@ -45,6 +45,11 @@ public: { return std::hash{}(id); } + + uint32_t get() const + { + return id; + } }; inline PosIdx noPos = {}; From 0278b9e1801f64b2586fbb857d6ad2da4f6b7d09 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 2 Jun 2025 11:41:02 +0200 Subject: [PATCH 614/815] nix store copy-sigs: Use http-connections setting to control parallelism Previously it used the `ThreadPool` default, i.e. `std::thread::hardware_concurrency()`. But copying signatures is not primarily CPU-bound so it makes more sense to use the `http-connections` setting (since we're typically copying from/to a binary cache). --- src/nix/sigs.cc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/nix/sigs.cc b/src/nix/sigs.cc index fb868baa1f2..802c093cbd8 100644 --- a/src/nix/sigs.cc +++ b/src/nix/sigs.cc @@ -3,6 +3,7 @@ #include "nix/main/shared.hh" #include "nix/store/store-open.hh" #include "nix/util/thread-pool.hh" +#include "nix/store/filetransfer.hh" #include @@ -38,7 +39,7 @@ struct CmdCopySigs : StorePathsCommand for (auto & s : substituterUris) substituters.push_back(openStore(s)); - ThreadPool pool; + ThreadPool pool{fileTransferSettings.httpConnections}; std::atomic added{0}; From b16fa06ff1dc8a2bac101a3daf1839b65f09bfbd Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 2 Jun 2025 12:06:21 +0200 Subject: [PATCH 615/815] nix store copy-sigs: Add docs --- src/nix/sigs.cc | 7 +++++++ src/nix/store-copy-sigs.md | 30 ++++++++++++++++++++++++++++++ 2 files changed, 37 insertions(+) create mode 100644 src/nix/store-copy-sigs.md diff --git a/src/nix/sigs.cc b/src/nix/sigs.cc index 802c093cbd8..89ed7b91d56 100644 --- a/src/nix/sigs.cc +++ b/src/nix/sigs.cc @@ -29,6 +29,13 @@ struct CmdCopySigs : StorePathsCommand return "copy store path signatures from substituters"; } + std::string doc() override + { + return + #include "store-copy-sigs.md" + ; + } + void run(ref store, StorePaths && storePaths) override { if (substituterUris.empty()) diff --git a/src/nix/store-copy-sigs.md b/src/nix/store-copy-sigs.md new file mode 100644 index 00000000000..67875622156 --- /dev/null +++ b/src/nix/store-copy-sigs.md @@ -0,0 +1,30 @@ +R""( + +# Examples + +* To copy signatures from a binary cache to the local store: + + ```console + # nix store copy-sigs --substituter https://cache.nixos.org \ + --recursive /nix/store/y1x7ng5bmc9s8lqrf98brcpk1a7lbcl5-hello-2.12.1 + ``` + +* To copy signatures from one binary cache to another: + + ```console + # nix store copy-sigs --substituter https://cache.nixos.org \ + --store file:///tmp/binary-cache \ + --recursive -v \ + /nix/store/y1x7ng5bmc9s8lqrf98brcpk1a7lbcl5-hello-2.12.1 + imported 2 signatures + ``` + +# Description + +`nix store copy-sigs` copies store path signatures from one store to another. + +It is not advised to copy signatures to binary cache stores. Binary cache signatures are stored in `.narinfo` files. Since these are cached aggressively, clients may not see the new signatures quickly. It is therefore better to set any required signatures when the paths are first uploaded to the binary cache. + +Store paths are processed in parallel. The amount of parallelism is controlled by the [`http-connections`](@docroot@/command-ref/conf-file.md#conf-http-connections) settings. + +)"" From 7d2dbbd3aa6166927b6c5ad38ab19c4c4e810433 Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Mon, 2 Jun 2025 09:21:34 -0400 Subject: [PATCH 616/815] =?UTF-8?q?Rename=20=CE=B5=20to=20"(no=20version)"?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- doc/manual/source/glossary.md | 4 ---- src/nix/diff-closures.cc | 2 +- src/nix/diff-closures.md | 2 +- tests/functional/nix-profile.sh | 2 +- 4 files changed, 3 insertions(+), 7 deletions(-) diff --git a/doc/manual/source/glossary.md b/doc/manual/source/glossary.md index 94a6b58253d..592317c1261 100644 --- a/doc/manual/source/glossary.md +++ b/doc/manual/source/glossary.md @@ -347,10 +347,6 @@ The empty set symbol. In the context of profile history, this denotes a package is not present in a particular version of the profile. -- [`ε`]{#gloss-epsilon} - - The epsilon symbol. In the context of a package, this means the version is empty. More precisely, the derivation does not have a version attribute. - - [package]{#package} A software package; files that belong together for a particular purpose, and metadata. diff --git a/src/nix/diff-closures.cc b/src/nix/diff-closures.cc index ff9f9db4098..98419039121 100644 --- a/src/nix/diff-closures.cc +++ b/src/nix/diff-closures.cc @@ -52,7 +52,7 @@ std::string showVersions(const StringSet & versions) if (versions.empty()) return "∅"; StringSet versions2; for (auto & version : versions) - versions2.insert(version.empty() ? "ε" : version); + versions2.insert(version.empty() ? "(no version)" : version); return concatStringsSep(", ", versions2); } diff --git a/src/nix/diff-closures.md b/src/nix/diff-closures.md index 0294c0d8def..dfacb6ab0e3 100644 --- a/src/nix/diff-closures.md +++ b/src/nix/diff-closures.md @@ -36,7 +36,7 @@ No size change is shown if it's below the threshold. If the package does not exist in either the *before* or *after* closures, it is represented using `∅` (empty set) on the appropriate side of the arrow. If a package has an empty version string, the version is -rendered as `ε` (epsilon). +rendered as `(no version)`. There may be multiple versions of a package in each closure. In that case, only the changed versions are shown. Thus, diff --git a/tests/functional/nix-profile.sh b/tests/functional/nix-profile.sh index b1cfef6b0b2..dc56752ee01 100755 --- a/tests/functional/nix-profile.sh +++ b/tests/functional/nix-profile.sh @@ -59,7 +59,7 @@ nix profile list | grep -A4 'Name:.*flake1' | grep 'Locked flake URL:.*narHash' (! [ -e $TEST_HOME/.nix-profile/include ]) nix profile history nix profile history | grep "packages.$system.default: ∅ -> 1.0" -nix profile diff-closures | grep 'env-manifest.nix: ε → ∅' +nix profile diff-closures | grep 'env-manifest.nix: (no version) → ∅' # Test XDG Base Directories support export NIX_CONFIG="use-xdg-base-directories = true" From 039d19159f36975bb0bb4d08bed738ac09a94690 Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Mon, 2 Jun 2025 09:28:59 -0400 Subject: [PATCH 617/815] =?UTF-8?q?Replace=20=E2=88=85=20with=20(absent)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- doc/manual/source/glossary.md | 4 ---- src/nix/diff-closures.cc | 2 +- 2 files changed, 1 insertion(+), 5 deletions(-) diff --git a/doc/manual/source/glossary.md b/doc/manual/source/glossary.md index 592317c1261..e18324ad9a6 100644 --- a/doc/manual/source/glossary.md +++ b/doc/manual/source/glossary.md @@ -343,10 +343,6 @@ See [Nix Archive](store/file-system-object/content-address.html#serial-nix-archive) for details. -- [`∅`]{#gloss-empty-set} - - The empty set symbol. In the context of profile history, this denotes a package is not present in a particular version of the profile. - - [package]{#package} A software package; files that belong together for a particular purpose, and metadata. diff --git a/src/nix/diff-closures.cc b/src/nix/diff-closures.cc index 98419039121..ecfc907bed5 100644 --- a/src/nix/diff-closures.cc +++ b/src/nix/diff-closures.cc @@ -49,7 +49,7 @@ GroupedPaths getClosureInfo(ref store, const StorePath & toplevel) std::string showVersions(const StringSet & versions) { - if (versions.empty()) return "∅"; + if (versions.empty()) return "(absent)"; StringSet versions2; for (auto & version : versions) versions2.insert(version.empty() ? "(no version)" : version); From 724d552b6432d8cf8fc23450c924430e69b917cb Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Mon, 2 Jun 2025 09:28:59 -0400 Subject: [PATCH 618/815] Use words like added / removed --- src/nix/diff-closures.md | 8 ++++---- src/nix/profile-history.md | 6 +++--- src/nix/profile.cc | 4 ++-- tests/functional/nix-profile.sh | 6 +++--- 4 files changed, 12 insertions(+), 12 deletions(-) diff --git a/src/nix/diff-closures.md b/src/nix/diff-closures.md index dfacb6ab0e3..6b07af28f95 100644 --- a/src/nix/diff-closures.md +++ b/src/nix/diff-closures.md @@ -11,8 +11,8 @@ R""( baloo-widgets: 20.08.1 → 20.08.2 bluez-qt: +12.6 KiB dolphin: 20.08.1 → 20.08.2, +13.9 KiB - kdeconnect: 20.08.2 → ∅, -6597.8 KiB - kdeconnect-kde: ∅ → 20.08.2, +6599.7 KiB + kdeconnect: 20.08.2 removed, -6597.8 KiB + kdeconnect-kde: 20.08.2 added, +6599.7 KiB … ``` @@ -34,8 +34,8 @@ dolphin: 20.08.1 → 20.08.2, +13.9 KiB No size change is shown if it's below the threshold. If the package does not exist in either the *before* or *after* closures, it is -represented using `∅` (empty set) on the appropriate side of the -arrow. If a package has an empty version string, the version is +represented using `added` or `removed`. +If a package has an empty version string, the version is rendered as `(no version)`. There may be multiple versions of a package in each closure. In that diff --git a/src/nix/profile-history.md b/src/nix/profile-history.md index f0bfe503791..0c9a340ddf0 100644 --- a/src/nix/profile-history.md +++ b/src/nix/profile-history.md @@ -7,7 +7,7 @@ R""( ```console # nix profile history Version 508 (2020-04-10): - flake:nixpkgs#legacyPackages.x86_64-linux.awscli: ∅ -> 1.17.13 + flake:nixpkgs#legacyPackages.x86_64-linux.awscli: 1.17.13 added Version 509 (2020-05-16) <- 508: flake:nixpkgs#legacyPackages.x86_64-linux.awscli: 1.17.13 -> 1.18.211 @@ -20,7 +20,7 @@ between subsequent versions of a profile. It only shows top-level packages, not dependencies; for that, use [`nix profile diff-closures`](./nix3-profile-diff-closures.md). -The addition of a package to a profile is denoted by the string `∅ ->` -*version*, whereas the removal is denoted by *version* `-> ∅`. +The addition of a package to a profile is denoted by the string +*version* `added`, whereas the removal is denoted by *version* ` removed`. )"" diff --git a/src/nix/profile.cc b/src/nix/profile.cc index 2c593729f49..5aa7013c532 100644 --- a/src/nix/profile.cc +++ b/src/nix/profile.cc @@ -289,12 +289,12 @@ struct ProfileManifest while (i != prev.elements.end() || j != cur.elements.end()) { if (j != cur.elements.end() && (i == prev.elements.end() || i->first > j->first)) { - logger->cout("%s%s: ∅ -> %s", indent, j->second.identifier(), j->second.versions()); + logger->cout("%s%s: %s added", indent, j->second.identifier(), j->second.versions()); changes = true; ++j; } else if (i != prev.elements.end() && (j == cur.elements.end() || i->first < j->first)) { - logger->cout("%s%s: %s -> ∅", indent, i->second.identifier(), i->second.versions()); + logger->cout("%s%s: %s removed", indent, i->second.identifier(), i->second.versions()); changes = true; ++i; } diff --git a/tests/functional/nix-profile.sh b/tests/functional/nix-profile.sh index dc56752ee01..7afde40a700 100755 --- a/tests/functional/nix-profile.sh +++ b/tests/functional/nix-profile.sh @@ -58,8 +58,8 @@ nix profile list | grep -A4 'Name:.*flake1' | grep 'Locked flake URL:.*narHash' [ -e $TEST_HOME/.nix-profile/share/man ] (! [ -e $TEST_HOME/.nix-profile/include ]) nix profile history -nix profile history | grep "packages.$system.default: ∅ -> 1.0" -nix profile diff-closures | grep 'env-manifest.nix: (no version) → ∅' +nix profile history | grep "packages.$system.default: 1.0 added" +nix profile diff-closures | grep 'env-manifest.nix: (no version) removed' # Test XDG Base Directories support export NIX_CONFIG="use-xdg-base-directories = true" @@ -128,7 +128,7 @@ nix profile rollback [ -e $TEST_HOME/.nix-profile/bin/foo ] nix profile remove foo 2>&1 | grep 'removed 1 packages' (! [ -e $TEST_HOME/.nix-profile/bin/foo ]) -nix profile history | grep 'foo: 1.0 -> ∅' +nix profile history | grep 'foo: 1.0 removed' nix profile diff-closures | grep 'Version 3 -> 4' # Test installing a non-flake package. From 1647cb56c18850d61d0b12bd7c90e77facc27ebf Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Mon, 2 Jun 2025 10:37:57 -0400 Subject: [PATCH 619/815] Document how to replicate nix-store --query --deriver with the nix command --- doc/manual/source/command-ref/nix-store/query.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/doc/manual/source/command-ref/nix-store/query.md b/doc/manual/source/command-ref/nix-store/query.md index b5ba63adae2..94eee05b8a8 100644 --- a/doc/manual/source/command-ref/nix-store/query.md +++ b/doc/manual/source/command-ref/nix-store/query.md @@ -103,6 +103,13 @@ symlink. example when *paths* were substituted from a binary cache. Use `--valid-derivers` instead to obtain valid paths only. + > **Note** + > + > `nix-store --query --deriver` is replaced with the following `nix` command: + > + > nix path-info --json ... | jq -r '.[].deriver' + + [deriver]: @docroot@/glossary.md#gloss-deriver - `--valid-derivers` From 665e76f2e5a02c18f9d54bc2e0867e2890fac2a7 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 30 May 2025 14:24:59 +0200 Subject: [PATCH 620/815] deletePath(): Keep going when encountering an undeletable file This should reduce the impact of #5207. --- src/libutil/file-system.cc | 20 ++++++++++++++++---- 1 file changed, 16 insertions(+), 4 deletions(-) diff --git a/src/libutil/file-system.cc b/src/libutil/file-system.cc index 90ec5eda53b..f63a5a4c3f2 100644 --- a/src/libutil/file-system.cc +++ b/src/libutil/file-system.cc @@ -414,7 +414,7 @@ void recursiveSync(const Path & path) } -static void _deletePath(Descriptor parentfd, const std::filesystem::path & path, uint64_t & bytesFreed) +static void _deletePath(Descriptor parentfd, const std::filesystem::path & path, uint64_t & bytesFreed, std::exception_ptr & ex) { #ifndef _WIN32 checkInterrupt(); @@ -472,7 +472,7 @@ static void _deletePath(Descriptor parentfd, const std::filesystem::path & path, checkInterrupt(); std::string childName = dirent->d_name; if (childName == "." || childName == "..") continue; - _deletePath(dirfd(dir.get()), path + "/" + childName, bytesFreed); + _deletePath(dirfd(dir.get()), path + "/" + childName, bytesFreed, ex); } if (errno) throw SysError("reading directory %1%", path); } @@ -480,7 +480,14 @@ static void _deletePath(Descriptor parentfd, const std::filesystem::path & path, int flags = S_ISDIR(st.st_mode) ? AT_REMOVEDIR : 0; if (unlinkat(parentfd, name.c_str(), flags) == -1) { if (errno == ENOENT) return; - throw SysError("cannot unlink %1%", path); + try { + throw SysError("cannot unlink %1%", path); + } catch (...) { + if (!ex) + ex = std::current_exception(); + else + ignoreExceptionExceptInterrupt(); + } } #else // TODO implement @@ -500,7 +507,12 @@ static void _deletePath(const std::filesystem::path & path, uint64_t & bytesFree throw SysError("opening directory '%1%'", path); } - _deletePath(dirfd.get(), path, bytesFreed); + std::exception_ptr ex; + + _deletePath(dirfd.get(), path, bytesFreed, ex); + + if (ex) + std::rethrow_exception(ex); } From 1500e541f2cfab89e2fb847411e056df1e8e50fb Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Mon, 2 Jun 2025 11:13:03 -0400 Subject: [PATCH 621/815] diff-closures: use removed / added words --- src/nix/diff-closures.cc | 7 ++++++- tests/functional/nix-profile.sh | 2 +- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/src/nix/diff-closures.cc b/src/nix/diff-closures.cc index ecfc907bed5..fa3d51ae7b3 100644 --- a/src/nix/diff-closures.cc +++ b/src/nix/diff-closures.cc @@ -97,8 +97,13 @@ void printClosureDiff( if (showDelta || !removed.empty() || !added.empty()) { std::vector items; - if (!removed.empty() || !added.empty()) + if (!removed.empty() && !added.empty()) { items.push_back(fmt("%s → %s", showVersions(removed), showVersions(added))); + } else if (!removed.empty()) { + items.push_back(fmt("%s removed", showVersions(removed))); + } else if (!added.empty()) { + items.push_back(fmt("%s added", showVersions(added))); + } if (showDelta) items.push_back(fmt("%s%+.1f KiB" ANSI_NORMAL, sizeDelta > 0 ? ANSI_RED : ANSI_GREEN, sizeDelta / 1024.0)); logger->cout("%s%s: %s", indent, name, concatStringsSep(", ", items)); diff --git a/tests/functional/nix-profile.sh b/tests/functional/nix-profile.sh index 7afde40a700..a96abbbdff5 100755 --- a/tests/functional/nix-profile.sh +++ b/tests/functional/nix-profile.sh @@ -58,7 +58,7 @@ nix profile list | grep -A4 'Name:.*flake1' | grep 'Locked flake URL:.*narHash' [ -e $TEST_HOME/.nix-profile/share/man ] (! [ -e $TEST_HOME/.nix-profile/include ]) nix profile history -nix profile history | grep "packages.$system.default: 1.0 added" +nix profile history | grep "packages.$system.default: 1.0, 1.0-man added" nix profile diff-closures | grep 'env-manifest.nix: (no version) removed' # Test XDG Base Directories support From 7ef76196579885f82fe0fb29b7f46ea1ebc0569d Mon Sep 17 00:00:00 2001 From: Luc Perkins Date: Mon, 2 Jun 2025 10:45:23 -0700 Subject: [PATCH 622/815] Finish initial draft --- README.md | 61 ++++++++++++++++++++++++++++++------------------------- 1 file changed, 33 insertions(+), 28 deletions(-) diff --git a/README.md b/README.md index 9b1390c9ffe..241164e5d6d 100644 --- a/README.md +++ b/README.md @@ -14,12 +14,9 @@ [![CI](https://github.com/DeterminateSystems/nix-src/workflows/CI/badge.svg)](https://github.com/DeterminateSystems/nix-src/actions/workflows/ci.yml) This repository houses the source for [**Determinate Nix**][det-nix], a downstream distribution of [Nix][upstream] created and maintained by [Determinate Systems][detsys]. -Nix is a powerful language, package manager, and CLI for Linux and other Unix systems that makes package management reliable and reproducible. +Nix is a powerful [language], [package manager][package-management], and [CLI] for [macOS](#macos), [Linux](linux), and other Unix systems that enables you to create fully reproducible [development environments][envs], to build [packages] in sandboxed environments, to build entire Linux systems using [NixOS], and much more. -Determinate Nix is - -[Determinate] -[FlakeHub] +Determinate Nix is part of the [Determinate platform][determinate], which also includes [FlakeHub], a secure flake repository with features like [FlakeHub Cache][cache], [private flakes][private-flakes], and [semantic versioning][semver] (SemVer) for [flakes]. ## Installing Determinate @@ -32,55 +29,63 @@ Click [here][gui] to download and run it. ### Linux -On Linux, including Windows Subsystem for Linux (WSL), we recommend installing Determinate using [Determinate Nix Installer][installer]: +On Linux, including Windows Subsystem for Linux (WSL), we recommend installing Determinate Nix using [Determinate Nix Installer][installer]: ```shell curl -fsSL https://install.determinate.systems/nix | sh -s -- install --determinate ``` +### NixOS ---- - -## Installation and first steps - -Visit [nix.dev](https://nix.dev) for [installation instructions](https://nix.dev/tutorials/install-nix) and [beginner tutorials](https://nix.dev/tutorials/first-steps). - -Full reference documentation can be found in the [Nix manual](https://nix.dev/reference/nix-manual). +On [NixOS], we recommend following our [dedicated installation guide][nixos-install]. -## Building and developing - -Follow instructions in the Nix reference manual to [set up a development environment and build Nix from source](https://nix.dev/manual/nix/development/development/building.html). - -## Contributing +## Other resources -Check the [contributing guide][contributing] if you want to get involved with developing Nix. +Nix was created by [Eelco Dolstra][eelco] and developed as the subject of his 2006 PhD thesis, [The Purely Functional Software Deployment Model][thesis]. +Today, a worldwide developer community contributes to Nix and the ecosystem that has grown around it. -## Additional resources +- [Zero to Nix][z2n], Determinate Systems' guide to Nix and [flakes] for beginners +- [Nixpkgs], a collection of well over 100,000 software packages that you can build and manage using Nix +- [NixOS] is a Linux distribution that can be configured fully declaratively +- The Nix, Nixpkgs, and NixOS community on [nixos.org][website] -Nix was created by [Eelco Dolstra][eelco] and developed as the subject of his 2006 PhD thesis, [The Purely Functional Software Deployment Model](https://edolstra.github.io/pubs/phd-thesis.pdf). -Today, a world-wide developer community contributes to Nix and the ecosystem that has grown around it. +## Reference -- [The Nix, Nixpkgs, NixOS Community on nixos.org][website] -- [Nixpkgs], a collection of well over 100,000 software packages that can be built and managed using Nix -- [Official documentation on nix.dev][nix.dev] -- [NixOS] is a Linux distribution that can be configured fully declaratively +You can find full reference documentation in the [Determinate Nix manual][manual]. +This resource is a work in progress. ## License [Upstream Nix][upstream] is released under the [LGPL v2.1][license] license. -[Determinate Nix][det-nix] is also released under LGPL v2.1 based on the terms of that license. +[Determinate Nix][det-nix] is also released under LGPL v2.1 in accordance with the terms of the upstream license. + +## Contributing + +Check the [contributing guide][contributing] if you want to get involved with developing Nix. +[cache]: https://docs.determinate.systems/flakehub/cache +[cli]: https://manual.determinate.systems/command-ref/new-cli/nix.html [contributing]: ./CONTRIBUTING.md [det-nix]: https://docs.determinate.systems/determinate-nix [determinate]: https://docs.determinate.systems [detsys]: https://determinate.systems [dnixd]: https://docs.determinate.systems/determinate-nix#determinate-nixd [eelco]: https://determinate.systems/people/eelco-dolstra +[envs]: https://zero-to-nix.com/concepts/dev-env [flakehub]: https://flakehub.com +[flakes]: https://zero-to-nix.com/concepts/flakes [gui]: https://install.determinate.systems/determinate-pkg/stable/Universal +[language]: https://zero-to-nix.com/concepts/nix-language [license]: ./COPYING -[nix.dev]: https://nix.dev +[manual]: https://manual.determinate.systems [nixpkgs]: https://github.com/NixOS/nixpkgs +[nixos]: https://github.com/NixOS/nixpkgs/tree/master/nixos +[nixos-install]: https://docs.determinate.systems/guides/advanced-installation#nixos +[packages]: https://zero-to-nix.com/concepts/packages +[package-management]: https://zero-to-nix.com/concepts/package-management +[private-flakes]: https://docs.determinate.systems/flakehub/private-flakes +[semver]: https://docs.determinate.systems/flakehub/concepts/semver [thesis]: https://edolstra.github.io/pubs/phd-thesis.pdf [upstream]: https://github.com/NixOS/nix [website]: https://nixos.org +[z2n]: https://zero-to-nix.com From d7c2bcbab67142b8763dc9729e0e20db88a0171c Mon Sep 17 00:00:00 2001 From: Luc Perkins Date: Mon, 2 Jun 2025 10:56:51 -0700 Subject: [PATCH 623/815] Add WSL to list Co-authored-by: Graham Christensen --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 241164e5d6d..abdc5305cb8 100644 --- a/README.md +++ b/README.md @@ -20,7 +20,7 @@ Determinate Nix is part of the [Determinate platform][determinate], which also i ## Installing Determinate -You can install Determinate on [macOS](#macos), non-NixOS [Linux](#linux), and [NixOS](#nixos). +You can install Determinate on [macOS](#macos), non-NixOS [Linux](#linux) and WSL, and [NixOS](#nixos). ### macOS From 7bab53af66847ce8541e57e8ad99db654d6ca8b9 Mon Sep 17 00:00:00 2001 From: Luc Perkins Date: Mon, 2 Jun 2025 11:01:06 -0700 Subject: [PATCH 624/815] Fix dangling link reference --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index abdc5305cb8..300fb379207 100644 --- a/README.md +++ b/README.md @@ -75,6 +75,7 @@ Check the [contributing guide][contributing] if you want to get involved with de [flakehub]: https://flakehub.com [flakes]: https://zero-to-nix.com/concepts/flakes [gui]: https://install.determinate.systems/determinate-pkg/stable/Universal +[installer]: https://github.com/DeterminateSystems/nix-installer [language]: https://zero-to-nix.com/concepts/nix-language [license]: ./COPYING [manual]: https://manual.determinate.systems From e6bcbacadfa69dd9ad0d654551c65aa50e96aebb Mon Sep 17 00:00:00 2001 From: Luc Perkins Date: Mon, 2 Jun 2025 11:01:33 -0700 Subject: [PATCH 625/815] Rework language around the manual Co-authored-by: Graham Christensen --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index abdc5305cb8..2bbc3f3d10e 100644 --- a/README.md +++ b/README.md @@ -51,8 +51,8 @@ Today, a worldwide developer community contributes to Nix and the ecosystem that ## Reference -You can find full reference documentation in the [Determinate Nix manual][manual]. -This resource is a work in progress. +The primary documentation for Determinate and Determinate Nix is available at [docs.determinate.systems][determinate]. +For deeply technical reference material, see the [Determinate Nix manual][manual] which is based on the upstream Nix manual. ## License From 7a450a8ba97bc7521b850de66366c7202d45a111 Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Mon, 2 Jun 2025 14:08:42 -0400 Subject: [PATCH 626/815] Update src/libexpr/paths.cc --- src/libexpr/paths.cc | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/src/libexpr/paths.cc b/src/libexpr/paths.cc index e7dfa549cb4..cbe55703339 100644 --- a/src/libexpr/paths.cc +++ b/src/libexpr/paths.cc @@ -57,9 +57,10 @@ std::string EvalState::computeBaseName(const SourcePath & path, PosIdx pos) if (path.accessor == rootFS) { if (auto storePath = store->maybeParseStorePath(path.path.abs())) { warn( - "Performing inefficient double copy of path '%s' to the store at %s. " - "This can typically be avoided by rewriting an attribute like `src = ./.` " - "to `src = builtins.path { path = ./.; name = \"source\"; }`.", + "Copying '%s' to the store again\n" + "You can make Nix evaluate faster and copy fewer files by replacing `./.` with the `self` flake input, " + "or `builtins.path { path = ./.; name = \"source\"; }`\n\n" + "Location: %s\n", path, positions[pos]); return std::string(fetchToStore(*store, path, FetchMode::DryRun, storePath->name()).to_string()); From 242719cffb9508f7d816d19adcd54aec179b15fb Mon Sep 17 00:00:00 2001 From: Cole Helbling Date: Mon, 2 Jun 2025 14:28:43 -0700 Subject: [PATCH 627/815] `--keep-failed` with remote builders will keep the failed build directory on that builder --- src/build-remote/build-remote.cc | 9 ++++++++- tests/functional/build-remote.sh | 1 + 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/src/build-remote/build-remote.cc b/src/build-remote/build-remote.cc index a5268bce657..49570d7cd47 100644 --- a/src/build-remote/build-remote.cc +++ b/src/build-remote/build-remote.cc @@ -329,8 +329,15 @@ static int main_build_remote(int argc, char * * argv) drv.inputSrcs = store->parseStorePathSet(inputs); optResult = sshStore->buildDerivation(*drvPath, (const BasicDerivation &) drv); auto & result = *optResult; - if (!result.success()) + if (!result.success()) { + if (settings.keepFailed) { + warn( + "The failed build directory was kept on the remote builder due to `--keep-failed`. " + "If the build's architecture matches your host, you can re-run the command with `--builders ''` to disable remote building for this invocation." + ); + } throw Error("build of '%s' on '%s' failed: %s", store->printStorePath(*drvPath), storeUri, result.errorMsg); + } } else { copyClosure(*store, *sshStore, StorePathSet {*drvPath}, NoRepair, NoCheckSigs, substitute); auto res = sshStore->buildPathsWithResults({ diff --git a/tests/functional/build-remote.sh b/tests/functional/build-remote.sh index 62cc8588840..765cd71b420 100644 --- a/tests/functional/build-remote.sh +++ b/tests/functional/build-remote.sh @@ -85,6 +85,7 @@ out="$(nix-build 2>&1 failing.nix \ --arg busybox "$busybox")" || true [[ "$out" =~ .*"note: keeping build directory".* ]] +[[ "$out" =~ .*"The failed build directory was kept on the remote builder due to".* ]] build_dir="$(grep "note: keeping build" <<< "$out" | sed -E "s/^(.*)note: keeping build directory '(.*)'(.*)$/\2/")" [[ "foo" = $(<"$build_dir"/bar) ]] From 419b5e0599bd0a3ed81f5e4d7a12cc86409fa652 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Mon, 2 Jun 2025 23:30:55 +0000 Subject: [PATCH 628/815] Prepare release v3.6.2 From bb77bf0e3b901ee0108b2efff14b4d1b421442da Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Mon, 2 Jun 2025 23:30:58 +0000 Subject: [PATCH 629/815] Set .version-determinate to 3.6.2 --- .version-determinate | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.version-determinate b/.version-determinate index 9575d51bad2..b72762837ea 100644 --- a/.version-determinate +++ b/.version-determinate @@ -1 +1 @@ -3.6.1 +3.6.2 From 49b472604a15d7de7e02b6f29e225236cf02aabf Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Mon, 2 Jun 2025 23:31:03 +0000 Subject: [PATCH 630/815] Generare release notes for 3.6.2 --- doc/manual/source/SUMMARY.md.in | 1 + .../release-notes-determinate/changes.md | 21 +++++++++++++++++-- .../release-notes-determinate/rl-3.6.2.md | 16 ++++++++++++++ 3 files changed, 36 insertions(+), 2 deletions(-) create mode 100644 doc/manual/source/release-notes-determinate/rl-3.6.2.md diff --git a/doc/manual/source/SUMMARY.md.in b/doc/manual/source/SUMMARY.md.in index addcd106b07..8efc016122d 100644 --- a/doc/manual/source/SUMMARY.md.in +++ b/doc/manual/source/SUMMARY.md.in @@ -129,6 +129,7 @@ - [Contributing](development/contributing.md) - [Determinate Nix Release Notes](release-notes-determinate/index.md) - [Changes between Nix and Determinate Nix](release-notes-determinate/changes.md) + - [Release 3.6.2 (2025-06-02)](release-notes-determinate/rl-3.6.2.md) - [Release 3.6.1 (2025-05-24)](release-notes-determinate/rl-3.6.1.md) - [Release 3.6.0 (2025-05-22)](release-notes-determinate/rl-3.6.0.md) - [Release 3.5.2 (2025-05-12)](release-notes-determinate/rl-3.5.2.md) diff --git a/doc/manual/source/release-notes-determinate/changes.md b/doc/manual/source/release-notes-determinate/changes.md index 5323b3150d8..cad822e10f1 100644 --- a/doc/manual/source/release-notes-determinate/changes.md +++ b/doc/manual/source/release-notes-determinate/changes.md @@ -1,6 +1,6 @@ # Changes between Nix and Determinate Nix -This section lists the differences between upstream Nix 2.29 and Determinate Nix 3.6.1. +This section lists the differences between upstream Nix 2.29 and Determinate Nix 3.6.2. * In Determinate Nix, flakes are stable. You no longer need to enable the `flakes` experimental feature. @@ -34,4 +34,21 @@ This section lists the differences between upstream Nix 2.29 and Determinate Nix * Emit warnings when using import-from-derivation by setting the `trace-import-from-derivation` option to `true` by @gustavderdrache in [DeterminateSystems/nix-src#70](https://github.com/DeterminateSystems/nix-src/pull/70) -* Fix nlohmann error in fromStructuredAttrs() by @edolstra in [DeterminateSystems/nix-src#73](https://github.com/DeterminateSystems/nix-src/pull/73) \ No newline at end of file +* Fix nlohmann error in fromStructuredAttrs() by @edolstra in [DeterminateSystems/nix-src#73](https://github.com/DeterminateSystems/nix-src/pull/73) + + +* Fix trace-ifd test failure in dev shell by @edolstra in [DeterminateSystems/nix-src#76](https://github.com/DeterminateSystems/nix-src/pull/76) + +* nix store copy-sigs: Use http-connections setting to control parallelism by @edolstra in [DeterminateSystems/nix-src#80](https://github.com/DeterminateSystems/nix-src/pull/80) + +* Document how to replicate nix-store --query --deriver with the nix cli by @grahamc in [DeterminateSystems/nix-src#82](https://github.com/DeterminateSystems/nix-src/pull/82) + +* Garbage collector: Keep going even when encountering an undeletable file by @edolstra in [DeterminateSystems/nix-src#83](https://github.com/DeterminateSystems/nix-src/pull/83) + +* nix profile: Replace ε and ∅ with descriptive English words by @grahamc in [DeterminateSystems/nix-src#81](https://github.com/DeterminateSystems/nix-src/pull/81) + +* Rework README by @lucperkins in [DeterminateSystems/nix-src#84](https://github.com/DeterminateSystems/nix-src/pull/84) + +* Include the source location when warning about inefficient double copies by @edolstra in [DeterminateSystems/nix-src#79](https://github.com/DeterminateSystems/nix-src/pull/79) + +* Call out that `--keep-failed` with remote builders will keep the failed build directory on that builder by @cole-h in [DeterminateSystems/nix-src#85](https://github.com/DeterminateSystems/nix-src/pull/85) \ No newline at end of file diff --git a/doc/manual/source/release-notes-determinate/rl-3.6.2.md b/doc/manual/source/release-notes-determinate/rl-3.6.2.md new file mode 100644 index 00000000000..022394cfa0d --- /dev/null +++ b/doc/manual/source/release-notes-determinate/rl-3.6.2.md @@ -0,0 +1,16 @@ +# Release 3.6.2 (2025-06-02) + +* Based on [upstream Nix 2.29.0](../release-notes/rl-2.29.md). + +## What's Changed +* Fix trace-ifd test failure in dev shell by @edolstra in [DeterminateSystems/nix-src#76](https://github.com/DeterminateSystems/nix-src/pull/76) +* nix store copy-sigs: Use http-connections setting to control parallelism by @edolstra in [DeterminateSystems/nix-src#80](https://github.com/DeterminateSystems/nix-src/pull/80) +* Document how to replicate nix-store --query --deriver with the nix cli by @grahamc in [DeterminateSystems/nix-src#82](https://github.com/DeterminateSystems/nix-src/pull/82) +* Garbage collector: Keep going even when encountering an undeletable file by @edolstra in [DeterminateSystems/nix-src#83](https://github.com/DeterminateSystems/nix-src/pull/83) +* nix profile: Replace ε and ∅ with descriptive English words by @grahamc in [DeterminateSystems/nix-src#81](https://github.com/DeterminateSystems/nix-src/pull/81) +* Rework README by @lucperkins in [DeterminateSystems/nix-src#84](https://github.com/DeterminateSystems/nix-src/pull/84) +* Include the source location when warning about inefficient double copies by @edolstra in [DeterminateSystems/nix-src#79](https://github.com/DeterminateSystems/nix-src/pull/79) +* Call out that `--keep-failed` with remote builders will keep the failed build directory on that builder by @cole-h in [DeterminateSystems/nix-src#85](https://github.com/DeterminateSystems/nix-src/pull/85) + + +**Full Changelog**: [v3.6.1...v3.6.2](https://github.com/DeterminateSystems/nix-src/compare/v3.6.1...v3.6.2) From 03aac2a873e3096c66619a3fc3c78892d83b8c5c Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Mon, 2 Jun 2025 19:34:55 -0400 Subject: [PATCH 631/815] Apply suggestions from code review --- doc/manual/source/release-notes-determinate/changes.md | 9 +-------- doc/manual/source/release-notes-determinate/rl-3.6.2.md | 7 +++---- 2 files changed, 4 insertions(+), 12 deletions(-) diff --git a/doc/manual/source/release-notes-determinate/changes.md b/doc/manual/source/release-notes-determinate/changes.md index cad822e10f1..f4ea707473a 100644 --- a/doc/manual/source/release-notes-determinate/changes.md +++ b/doc/manual/source/release-notes-determinate/changes.md @@ -34,12 +34,9 @@ This section lists the differences between upstream Nix 2.29 and Determinate Nix * Emit warnings when using import-from-derivation by setting the `trace-import-from-derivation` option to `true` by @gustavderdrache in [DeterminateSystems/nix-src#70](https://github.com/DeterminateSystems/nix-src/pull/70) -* Fix nlohmann error in fromStructuredAttrs() by @edolstra in [DeterminateSystems/nix-src#73](https://github.com/DeterminateSystems/nix-src/pull/73) -* Fix trace-ifd test failure in dev shell by @edolstra in [DeterminateSystems/nix-src#76](https://github.com/DeterminateSystems/nix-src/pull/76) - -* nix store copy-sigs: Use http-connections setting to control parallelism by @edolstra in [DeterminateSystems/nix-src#80](https://github.com/DeterminateSystems/nix-src/pull/80) +* Faster `nix store copy-sigs` by @edolstra in [DeterminateSystems/nix-src#80](https://github.com/DeterminateSystems/nix-src/pull/80) * Document how to replicate nix-store --query --deriver with the nix cli by @grahamc in [DeterminateSystems/nix-src#82](https://github.com/DeterminateSystems/nix-src/pull/82) @@ -47,8 +44,4 @@ This section lists the differences between upstream Nix 2.29 and Determinate Nix * nix profile: Replace ε and ∅ with descriptive English words by @grahamc in [DeterminateSystems/nix-src#81](https://github.com/DeterminateSystems/nix-src/pull/81) -* Rework README by @lucperkins in [DeterminateSystems/nix-src#84](https://github.com/DeterminateSystems/nix-src/pull/84) - -* Include the source location when warning about inefficient double copies by @edolstra in [DeterminateSystems/nix-src#79](https://github.com/DeterminateSystems/nix-src/pull/79) - * Call out that `--keep-failed` with remote builders will keep the failed build directory on that builder by @cole-h in [DeterminateSystems/nix-src#85](https://github.com/DeterminateSystems/nix-src/pull/85) \ No newline at end of file diff --git a/doc/manual/source/release-notes-determinate/rl-3.6.2.md b/doc/manual/source/release-notes-determinate/rl-3.6.2.md index 022394cfa0d..882c142f00c 100644 --- a/doc/manual/source/release-notes-determinate/rl-3.6.2.md +++ b/doc/manual/source/release-notes-determinate/rl-3.6.2.md @@ -3,12 +3,11 @@ * Based on [upstream Nix 2.29.0](../release-notes/rl-2.29.md). ## What's Changed -* Fix trace-ifd test failure in dev shell by @edolstra in [DeterminateSystems/nix-src#76](https://github.com/DeterminateSystems/nix-src/pull/76) -* nix store copy-sigs: Use http-connections setting to control parallelism by @edolstra in [DeterminateSystems/nix-src#80](https://github.com/DeterminateSystems/nix-src/pull/80) +* Dramatically improve the performance of nix store copy-sigs: Use http-connections setting to control parallelism by @edolstra in [DeterminateSystems/nix-src#80](https://github.com/DeterminateSystems/nix-src/pull/80) * Document how to replicate nix-store --query --deriver with the nix cli by @grahamc in [DeterminateSystems/nix-src#82](https://github.com/DeterminateSystems/nix-src/pull/82) -* Garbage collector: Keep going even when encountering an undeletable file by @edolstra in [DeterminateSystems/nix-src#83](https://github.com/DeterminateSystems/nix-src/pull/83) +* The garbage collector no longer gives up if it encounters an undeletable file, by @edolstra in [DeterminateSystems/nix-src#83](https://github.com/DeterminateSystems/nix-src/pull/83) * nix profile: Replace ε and ∅ with descriptive English words by @grahamc in [DeterminateSystems/nix-src#81](https://github.com/DeterminateSystems/nix-src/pull/81) -* Rework README by @lucperkins in [DeterminateSystems/nix-src#84](https://github.com/DeterminateSystems/nix-src/pull/84) +* Rework README to clarify that this distribution is our distribution, by @lucperkins in [DeterminateSystems/nix-src#84](https://github.com/DeterminateSystems/nix-src/pull/84) * Include the source location when warning about inefficient double copies by @edolstra in [DeterminateSystems/nix-src#79](https://github.com/DeterminateSystems/nix-src/pull/79) * Call out that `--keep-failed` with remote builders will keep the failed build directory on that builder by @cole-h in [DeterminateSystems/nix-src#85](https://github.com/DeterminateSystems/nix-src/pull/85) From cfba4b3bf41ed01a30a98e6bc5db96c909d2e73d Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 26 May 2025 23:30:16 +0200 Subject: [PATCH 632/815] Drop magic-nix-cache This no longer works, see https://determinate.systems/posts/magic-nix-cache-free-tier-eol/. (cherry picked from commit 9cc8be26747a0206613421a1ba1c3b1f54212e8b) --- .github/workflows/ci.yml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 29cb33f56af..fb70fae871e 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -40,7 +40,6 @@ jobs: extra_nix_config: | sandbox = true max-jobs = 1 - - uses: DeterminateSystems/magic-nix-cache-action@main # Since ubuntu 22.30, unprivileged usernamespaces are no longer allowed to map to the root user: # https://ubuntu.com/blog/ubuntu-23-10-restricted-unprivileged-user-namespaces - run: sudo sysctl -w kernel.apparmor_restrict_unprivileged_userns=0 @@ -134,7 +133,6 @@ jobs: - uses: cachix/install-nix-action@v31 with: install_url: https://releases.nixos.org/nix/nix-2.20.3/install - - uses: DeterminateSystems/magic-nix-cache-action@main - run: echo NIX_VERSION="$(nix --experimental-features 'nix-command flakes' eval .\#nix.version | tr -d \")" >> $GITHUB_ENV - run: nix --experimental-features 'nix-command flakes' build .#dockerImage -L - run: docker load -i ./result/image.tar.gz @@ -176,7 +174,6 @@ jobs: steps: - uses: actions/checkout@v4 - uses: DeterminateSystems/nix-installer-action@main - - uses: DeterminateSystems/magic-nix-cache-action@main - run: | nix build -L \ .#hydraJobs.tests.functional_user \ @@ -202,5 +199,4 @@ jobs: repository: NixOS/flake-regressions-data path: flake-regressions/tests - uses: DeterminateSystems/nix-installer-action@main - - uses: DeterminateSystems/magic-nix-cache-action@main - run: nix build -L --out-link ./new-nix && PATH=$(pwd)/new-nix/bin:$PATH MAX_FLAKES=25 flake-regressions/eval-all.sh From a2567f6d7ae9bcd7771a8790c0a9196e90ce097d Mon Sep 17 00:00:00 2001 From: Sergei Zimmerman Date: Thu, 29 May 2025 19:35:12 +0000 Subject: [PATCH 633/815] Clear `displayPrefix` in `makeEmptySourceAccessor` Judging by the comment for `makeEmptySourceAccessor` the prefix has to be empty: > Return a source accessor that contains only an empty root directory. Fixes #13295. (cherry picked from commit fba1bb0c137036adc5127afe4183f45ab3dde61d) --- src/libutil/memory-source-accessor.cc | 4 ++++ tests/functional/pure-eval.sh | 12 ++++++++++++ 2 files changed, 16 insertions(+) diff --git a/src/libutil/memory-source-accessor.cc b/src/libutil/memory-source-accessor.cc index 7764ff946a2..5612c9454f0 100644 --- a/src/libutil/memory-source-accessor.cc +++ b/src/libutil/memory-source-accessor.cc @@ -187,6 +187,10 @@ void MemorySink::createSymlink(const CanonPath & path, const std::string & targe ref makeEmptySourceAccessor() { static auto empty = make_ref().cast(); + /* Don't forget to clear the display prefix, as the default constructed + SourceAccessor has the «unknown» prefix. Since this accessor is supposed + to mimic an empty root directory the prefix needs to be empty. */ + empty->setPathDisplay(""); return empty; } diff --git a/tests/functional/pure-eval.sh b/tests/functional/pure-eval.sh index 25038109982..45a65f9ab8f 100755 --- a/tests/functional/pure-eval.sh +++ b/tests/functional/pure-eval.sh @@ -34,3 +34,15 @@ rm -rf $TEST_ROOT/eval-out (! nix eval --store dummy:// --write-to $TEST_ROOT/eval-out --expr '{ "." = "bla"; }') (! nix eval --expr '~/foo') + +expectStderr 0 nix eval --expr "/some/absolute/path" \ + | grepQuiet "/some/absolute/path" + +expectStderr 0 nix eval --expr "/some/absolute/path" --impure \ + | grepQuiet "/some/absolute/path" + +expectStderr 0 nix eval --expr "some/relative/path" \ + | grepQuiet "$PWD/some/relative/path" + +expectStderr 0 nix eval --expr "some/relative/path" --impure \ + | grepQuiet "$PWD/some/relative/path" From 63e9e9df3767a9c77a44200b0f02e2c92a0d8917 Mon Sep 17 00:00:00 2001 From: Cole Helbling Date: Tue, 3 Jun 2025 08:38:04 -0700 Subject: [PATCH 634/815] fixup: only show "you can rerun" message if the derivation's platform is supported on this machine --- src/build-remote/build-remote.cc | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/build-remote/build-remote.cc b/src/build-remote/build-remote.cc index 49570d7cd47..cd13e66706d 100644 --- a/src/build-remote/build-remote.cc +++ b/src/build-remote/build-remote.cc @@ -332,8 +332,10 @@ static int main_build_remote(int argc, char * * argv) if (!result.success()) { if (settings.keepFailed) { warn( - "The failed build directory was kept on the remote builder due to `--keep-failed`. " - "If the build's architecture matches your host, you can re-run the command with `--builders ''` to disable remote building for this invocation." + "The failed build directory was kept on the remote builder due to `--keep-failed`.%s", + (settings.thisSystem == drv.platform || settings.extraPlatforms.get().count(drv.platform) > 0) + ? " You can re-run the command with `--builders ''` to disable remote building for this invocation." + : "" ); } throw Error("build of '%s' on '%s' failed: %s", store->printStorePath(*drvPath), storeUri, result.errorMsg); From dfa7b2a288963ec046c35807476318e355f4a87d Mon Sep 17 00:00:00 2001 From: Cole Helbling Date: Wed, 4 Jun 2025 10:30:29 -0700 Subject: [PATCH 635/815] libstore/unix/derivation-builder: error earlier when sandbox path is inaccessible --- src/libstore/unix/build/derivation-builder.cc | 19 +++++++++++++++---- tests/functional/linux-sandbox.sh | 5 +++++ 2 files changed, 20 insertions(+), 4 deletions(-) diff --git a/src/libstore/unix/build/derivation-builder.cc b/src/libstore/unix/build/derivation-builder.cc index 0ef18966ca0..e84e2db6edc 100644 --- a/src/libstore/unix/build/derivation-builder.cc +++ b/src/libstore/unix/build/derivation-builder.cc @@ -992,10 +992,21 @@ void DerivationBuilderImpl::startBuilder() i.pop_back(); } size_t p = i.find('='); - if (p == std::string::npos) - pathsInChroot[i] = {i, optional}; - else - pathsInChroot[i.substr(0, p)] = {i.substr(p + 1), optional}; + + std::string inside, outside; + if (p == std::string::npos) { + inside = i; + outside = i; + } else { + inside = i.substr(0, p); + outside = i.substr(p + 1); + } + + if (!optional && !maybeLstat(outside)) { + throw SysError("path '%s' is configured as part of the `sandbox-paths` option, but is inaccessible", outside); + } + + pathsInChroot[inside] = {outside, optional}; } if (hasPrefix(store.storeDir, tmpDirInSandbox)) { diff --git a/tests/functional/linux-sandbox.sh b/tests/functional/linux-sandbox.sh index abb635f1195..e02ff5326a2 100755 --- a/tests/functional/linux-sandbox.sh +++ b/tests/functional/linux-sandbox.sh @@ -96,3 +96,8 @@ nix-sandbox-build symlink-derivation.nix -A test_sandbox_paths \ --option extra-sandbox-paths "/dir=$TEST_ROOT" \ --option extra-sandbox-paths "/symlinkDir=$symlinkDir" \ --option extra-sandbox-paths "/symlink=$symlinkcert" + +# Nonexistent sandbox paths should error early in the build process +expectStderr 1 nix-sandbox-build --option extra-sandbox-paths '/does-not-exist' \ + -E 'with import '"${config_nix}"'; mkDerivation { name = "trivial"; buildCommand = "echo > $out"; }' | + grepQuiet "path '/does-not-exist' is configured as part of the \`sandbox-paths\` option, but is inaccessible" From 268bef8cdf88f670449564da525d57c5a2fd784f Mon Sep 17 00:00:00 2001 From: Luc Perkins Date: Wed, 4 Jun 2025 23:04:13 -0700 Subject: [PATCH 636/815] Use FlakeHub inputs --- flake.lock | 55 ++++++++++++++++++++++++------------------------------ flake.nix | 6 +++--- 2 files changed, 27 insertions(+), 34 deletions(-) diff --git a/flake.lock b/flake.lock index 36921dc2e65..100204408e1 100644 --- a/flake.lock +++ b/flake.lock @@ -23,17 +23,16 @@ ] }, "locked": { - "lastModified": 1733312601, - "narHash": "sha256-4pDvzqnegAfRkPwO3wmwBhVi/Sye1mzps0zHWYnP88c=", - "owner": "hercules-ci", - "repo": "flake-parts", - "rev": "205b12d8b7cd4802fbcb8e8ef6a0f1408781a4f9", - "type": "github" + "lastModified": 1748821116, + "narHash": "sha256-F82+gS044J1APL0n4hH50GYdPRv/5JWm34oCJYmVKdE=", + "rev": "49f0870db23e8c1ca0b5259734a02cd9e1e371a1", + "revCount": 377, + "type": "tarball", + "url": "https://api.flakehub.com/f/pinned/hercules-ci/flake-parts/0.1.377%2Brev-49f0870db23e8c1ca0b5259734a02cd9e1e371a1/01972f28-554a-73f8-91f4-d488cc502f08/source.tar.gz" }, "original": { - "owner": "hercules-ci", - "repo": "flake-parts", - "type": "github" + "type": "tarball", + "url": "https://flakehub.com/f/hercules-ci/flake-parts/0.1" } }, "git-hooks-nix": { @@ -42,39 +41,33 @@ "gitignore": [], "nixpkgs": [ "nixpkgs" - ], - "nixpkgs-stable": [ - "nixpkgs" ] }, "locked": { - "lastModified": 1734279981, - "narHash": "sha256-NdaCraHPp8iYMWzdXAt5Nv6sA3MUzlCiGiR586TCwo0=", - "owner": "cachix", - "repo": "git-hooks.nix", - "rev": "aa9f40c906904ebd83da78e7f328cd8aeaeae785", - "type": "github" + "lastModified": 1747372754, + "narHash": "sha256-2Y53NGIX2vxfie1rOW0Qb86vjRZ7ngizoo+bnXU9D9k=", + "rev": "80479b6ec16fefd9c1db3ea13aeb038c60530f46", + "revCount": 1026, + "type": "tarball", + "url": "https://api.flakehub.com/f/pinned/cachix/git-hooks.nix/0.1.1026%2Brev-80479b6ec16fefd9c1db3ea13aeb038c60530f46/0196d79a-1b35-7b8e-a021-c894fb62163d/source.tar.gz" }, "original": { - "owner": "cachix", - "repo": "git-hooks.nix", - "type": "github" + "type": "tarball", + "url": "https://flakehub.com/f/cachix/git-hooks.nix/0.1" } }, "nixpkgs": { "locked": { - "lastModified": 1747179050, - "narHash": "sha256-qhFMmDkeJX9KJwr5H32f1r7Prs7XbQWtO0h3V0a0rFY=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "adaa24fbf46737f3f1b5497bf64bae750f82942e", - "type": "github" + "lastModified": 1748929857, + "narHash": "sha256-lcZQ8RhsmhsK8u7LIFsJhsLh/pzR9yZ8yqpTzyGdj+Q=", + "rev": "c2a03962b8e24e669fb37b7df10e7c79531ff1a4", + "revCount": 810143, + "type": "tarball", + "url": "https://api.flakehub.com/f/pinned/NixOS/nixpkgs/0.1.810143%2Brev-c2a03962b8e24e669fb37b7df10e7c79531ff1a4/01973914-8b42-7168-9ee2-4d6ea6946695/source.tar.gz" }, "original": { - "owner": "NixOS", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" + "type": "tarball", + "url": "https://flakehub.com/f/NixOS/nixpkgs/0.1" } }, "nixpkgs-23-11": { diff --git a/flake.nix b/flake.nix index ee98ce15503..60888920300 100644 --- a/flake.nix +++ b/flake.nix @@ -1,14 +1,14 @@ { description = "The purely functional package manager"; - inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; + inputs.nixpkgs.url = "https://flakehub.com/f/NixOS/nixpkgs/0.1"; inputs.nixpkgs-regression.url = "github:NixOS/nixpkgs/215d4d0fd80ca5163643b03a33fde804a29cc1e2"; inputs.nixpkgs-23-11.url = "github:NixOS/nixpkgs/a62e6edd6d5e1fa0329b8653c801147986f8d446"; # dev tooling - inputs.flake-parts.url = "github:hercules-ci/flake-parts"; - inputs.git-hooks-nix.url = "github:cachix/git-hooks.nix"; + inputs.flake-parts.url = "https://flakehub.com/f/hercules-ci/flake-parts/0.1"; + inputs.git-hooks-nix.url = "https://flakehub.com/f/cachix/git-hooks.nix/0.1"; # work around https://github.com/NixOS/nix/issues/7730 inputs.flake-parts.inputs.nixpkgs-lib.follows = "nixpkgs"; inputs.git-hooks-nix.inputs.nixpkgs.follows = "nixpkgs"; From aed1e025ff68c42126e870446565ab9d8c9c0db8 Mon Sep 17 00:00:00 2001 From: gustavderdrache Date: Thu, 5 Jun 2025 17:12:35 -0400 Subject: [PATCH 637/815] Use 'published' release type to avoid double uploads --- .github/workflows/upload-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/upload-release.yml b/.github/workflows/upload-release.yml index aef57a5beb7..e8c5344ce12 100644 --- a/.github/workflows/upload-release.yml +++ b/.github/workflows/upload-release.yml @@ -18,7 +18,7 @@ on: - labeled release: types: - - released + - published permissions: id-token: "write" From fcdffffa37ab99b15490bb633698ee9fe03e7056 Mon Sep 17 00:00:00 2001 From: Seth Flynn Date: Tue, 27 May 2025 22:20:53 -0400 Subject: [PATCH 638/815] lockFlake(): Allow registry lookups for overridden inputs Fixes #13144 (cherry picked from commit d0a23238294198f6702e13d117f75af89dbeac62) --- src/libflake/flake.cc | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/src/libflake/flake.cc b/src/libflake/flake.cc index 987c9f610af..d5dafff7ad2 100644 --- a/src/libflake/flake.cc +++ b/src/libflake/flake.cc @@ -570,7 +570,7 @@ LockedFlake lockFlake( /* Get the input flake, resolve 'path:./...' flakerefs relative to the parent flake. */ - auto getInputFlake = [&](const FlakeRef & ref) + auto getInputFlake = [&](const FlakeRef & ref, const fetchers::UseRegistries useRegistries) { if (auto resolvedPath = resolveRelativePath()) { return readFlake(state, ref, ref, ref, *resolvedPath, inputAttrPath); @@ -578,7 +578,7 @@ LockedFlake lockFlake( return getFlake( state, ref, - useRegistriesInputs, + useRegistries, inputAttrPath); } }; @@ -660,7 +660,7 @@ LockedFlake lockFlake( } if (mustRefetch) { - auto inputFlake = getInputFlake(oldLock->lockedRef); + auto inputFlake = getInputFlake(oldLock->lockedRef, useRegistriesInputs); nodePaths.emplace(childNode, inputFlake.path.parent()); computeLocks(inputFlake.inputs, childNode, inputAttrPath, oldLock, followsPrefix, inputFlake.path, false); @@ -685,10 +685,11 @@ LockedFlake lockFlake( nuked the next time we update the lock file. That is, overrides are sticky unless you use --no-write-lock-file. */ - auto ref = (input2.ref && explicitCliOverrides.contains(inputAttrPath)) ? *input2.ref : *input.ref; + auto inputIsOverride = explicitCliOverrides.contains(inputAttrPath); + auto ref = (input2.ref && inputIsOverride) ? *input2.ref : *input.ref; if (input.isFlake) { - auto inputFlake = getInputFlake(*input.ref); + auto inputFlake = getInputFlake(*input.ref, inputIsOverride ? fetchers::UseRegistries::All : useRegistriesInputs); auto childNode = make_ref( inputFlake.lockedRef, From 214654d91fc7b9dcb7195fe46847a462d6b9c444 Mon Sep 17 00:00:00 2001 From: Luc Perkins Date: Fri, 6 Jun 2025 08:14:36 -0700 Subject: [PATCH 639/815] Remove unnecessary follows directive --- flake.lock | 6 +++--- flake.nix | 1 - 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/flake.lock b/flake.lock index 100204408e1..1a3c943e5d7 100644 --- a/flake.lock +++ b/flake.lock @@ -3,11 +3,11 @@ "flake-compat": { "flake": false, "locked": { - "lastModified": 1733328505, - "narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=", + "lastModified": 1696426674, + "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", "owner": "edolstra", "repo": "flake-compat", - "rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec", + "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 60888920300..e4e08a64972 100644 --- a/flake.nix +++ b/flake.nix @@ -12,7 +12,6 @@ # work around https://github.com/NixOS/nix/issues/7730 inputs.flake-parts.inputs.nixpkgs-lib.follows = "nixpkgs"; inputs.git-hooks-nix.inputs.nixpkgs.follows = "nixpkgs"; - inputs.git-hooks-nix.inputs.nixpkgs-stable.follows = "nixpkgs"; # work around 7730 and https://github.com/NixOS/nix/issues/7807 inputs.git-hooks-nix.inputs.gitignore.follows = ""; From 112ff5094427f215f1fec444663af2cd07017510 Mon Sep 17 00:00:00 2001 From: Luc Perkins Date: Fri, 6 Jun 2025 09:04:15 -0700 Subject: [PATCH 640/815] Use specific revision for git-hooks --- flake.lock | 2 +- flake.nix | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/flake.lock b/flake.lock index 1a3c943e5d7..bf35f616c3d 100644 --- a/flake.lock +++ b/flake.lock @@ -53,7 +53,7 @@ }, "original": { "type": "tarball", - "url": "https://flakehub.com/f/cachix/git-hooks.nix/0.1" + "url": "https://flakehub.com/f/cachix/git-hooks.nix/0.1.941" } }, "nixpkgs": { diff --git a/flake.nix b/flake.nix index e4e08a64972..52232facd5e 100644 --- a/flake.nix +++ b/flake.nix @@ -8,7 +8,7 @@ # dev tooling inputs.flake-parts.url = "https://flakehub.com/f/hercules-ci/flake-parts/0.1"; - inputs.git-hooks-nix.url = "https://flakehub.com/f/cachix/git-hooks.nix/0.1"; + inputs.git-hooks-nix.url = "https://flakehub.com/f/cachix/git-hooks.nix/0.1.941"; # work around https://github.com/NixOS/nix/issues/7730 inputs.flake-parts.inputs.nixpkgs-lib.follows = "nixpkgs"; inputs.git-hooks-nix.inputs.nixpkgs.follows = "nixpkgs"; From a69b99ade04482fe8580e9a9f87172dbb9e0bee9 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 6 Jun 2025 19:40:57 +0200 Subject: [PATCH 641/815] Add ForwardingSourceAccessor --- .../nix/util/forwarding-source-accessor.hh | 57 +++++++++++++++++++ src/libutil/include/nix/util/meson.build | 1 + 2 files changed, 58 insertions(+) create mode 100644 src/libutil/include/nix/util/forwarding-source-accessor.hh diff --git a/src/libutil/include/nix/util/forwarding-source-accessor.hh b/src/libutil/include/nix/util/forwarding-source-accessor.hh new file mode 100644 index 00000000000..bdba2addcb0 --- /dev/null +++ b/src/libutil/include/nix/util/forwarding-source-accessor.hh @@ -0,0 +1,57 @@ +#pragma once + +#include "source-accessor.hh" + +namespace nix { + +/** + * A source accessor that just forwards every operation to another + * accessor. This is not useful in itself but can be used as a + * superclass for accessors that do change some operations. + */ +struct ForwardingSourceAccessor : SourceAccessor +{ + ref next; + + ForwardingSourceAccessor(ref next) + : next(next) + { + } + + std::string readFile(const CanonPath & path) override + { + return next->readFile(path); + } + + void readFile(const CanonPath & path, Sink & sink, std::function sizeCallback) override + { + next->readFile(path, sink, sizeCallback); + } + + std::optional maybeLstat(const CanonPath & path) override + { + return next->maybeLstat(path); + } + + DirEntries readDirectory(const CanonPath & path) override + { + return next->readDirectory(path); + } + + std::string readLink(const CanonPath & path) override + { + return next->readLink(path); + } + + std::string showPath(const CanonPath & path) override + { + return next->showPath(path); + } + + std::optional getPhysicalPath(const CanonPath & path) override + { + return next->getPhysicalPath(path); + } +}; + +} diff --git a/src/libutil/include/nix/util/meson.build b/src/libutil/include/nix/util/meson.build index 329d4061218..3dacfafc6d9 100644 --- a/src/libutil/include/nix/util/meson.build +++ b/src/libutil/include/nix/util/meson.build @@ -34,6 +34,7 @@ headers = files( 'file-system.hh', 'finally.hh', 'fmt.hh', + 'forwarding-source-accessor.hh', 'fs-sink.hh', 'git.hh', 'hash.hh', From e18b1637dc7311724b264000556a94fd65766492 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 6 Jun 2025 19:41:12 +0200 Subject: [PATCH 642/815] Fix display of paths in substituted source trees MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit These got displayed as e.g. «github:NixOS/nixpkgs/adaa24fbf46737f3f1b5497bf64bae750f82942e?narHash=sha256-qhFMmDkeJX9KJwr5H32f1r7Prs7XbQWtO0h3V0a0rFY%3D»/nix/store/x9wnkly3k1gkq580m90jjn32q9f05q2v-source/pkgs/stdenv/generic/source-stdenv.sh Now we get «github:NixOS/nixpkgs/adaa24fbf46737f3f1b5497bf64bae750f82942e?narHash=sha256-qhFMmDkeJX9KJwr5H32f1r7Prs7XbQWtO0h3V0a0rFY%3D»/pkgs/stdenv/generic/source-stdenv.sh --- src/libfetchers/fetchers.cc | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/src/libfetchers/fetchers.cc b/src/libfetchers/fetchers.cc index 614b3c90e69..9beef69f075 100644 --- a/src/libfetchers/fetchers.cc +++ b/src/libfetchers/fetchers.cc @@ -5,6 +5,7 @@ #include "nix/util/json-utils.hh" #include "nix/fetchers/store-path-accessor.hh" #include "nix/fetchers/fetch-settings.hh" +#include "nix/util/forwarding-source-accessor.hh" #include @@ -293,6 +294,21 @@ std::pair, Input> Input::getAccessor(ref store) const } } +/** + * Helper class that ensures that paths in substituted source trees + * are rendered as `«input»/path` rather than + * `«input»/nix/store/-source/path`. + */ +struct SubstitutedSourceAccessor : ForwardingSourceAccessor +{ + using ForwardingSourceAccessor::ForwardingSourceAccessor; + + std::string showPath(const CanonPath & path) override + { + return displayPrefix + path.abs() + displaySuffix;; + } +}; + std::pair, Input> Input::getAccessorUnchecked(ref store) const { // FIXME: cache the accessor @@ -320,10 +336,12 @@ std::pair, Input> Input::getAccessorUnchecked(ref sto debug("using substituted/cached input '%s' in '%s'", to_string(), store->printStorePath(storePath)); - auto accessor = makeStorePathAccessor(store, storePath); + auto accessor = make_ref(makeStorePathAccessor(store, storePath)); accessor->fingerprint = getFingerprint(store); + // FIXME: ideally we would use the `showPath()` of the + // "real" accessor for this fetcher type. accessor->setPathDisplay("«" + to_string() + "»"); return {accessor, *this}; From a989a23d1aecafb34d4c56e98b5c7e763e3a92b1 Mon Sep 17 00:00:00 2001 From: Luc Perkins Date: Fri, 6 Jun 2025 10:51:58 -0700 Subject: [PATCH 643/815] Fix some instances of 'will' --- src/libcmd/installables.cc | 2 +- src/libexpr/include/nix/expr/eval-settings.hh | 24 ++-- src/libexpr/primops.cc | 58 ++++---- src/libexpr/primops/context.cc | 2 +- src/libexpr/primops/fetchClosure.cc | 2 +- src/libexpr/primops/fetchTree.cc | 18 +-- .../include/nix/fetchers/fetch-settings.hh | 6 +- src/libflake/flake.cc | 4 +- src/libmain/plugin.cc | 8 +- .../include/nix/store/filetransfer.hh | 2 +- src/libstore/include/nix/store/globals.hh | 125 +++++++++--------- .../include/nix/store/local-fs-store.hh | 4 +- src/libstore/include/nix/store/local-store.hh | 2 +- .../nix/store/s3-binary-cache-store.hh | 6 +- src/libstore/store-api.cc | 2 +- src/libutil/experimental-features.cc | 4 +- src/libutil/include/nix/util/logging.hh | 2 +- src/nix-build/nix-build.cc | 2 +- src/nix/unix/daemon.cc | 2 +- 19 files changed, 137 insertions(+), 138 deletions(-) diff --git a/src/libcmd/installables.cc b/src/libcmd/installables.cc index 85fb3eabd59..713fe2f929b 100644 --- a/src/libcmd/installables.cc +++ b/src/libcmd/installables.cc @@ -199,7 +199,7 @@ SourceExprCommand::SourceExprCommand() .shortName = 'f', .description = "Interpret [*installables*](@docroot@/command-ref/new-cli/nix.md#installables) as attribute paths relative to the Nix expression stored in *file*. " - "If *file* is the character -, then a Nix expression will be read from standard input. " + "If *file* is the character -, then a Nix expression is read from standard input. " "Implies `--impure`.", .category = installablesCategory, .labels = {"file"}, diff --git a/src/libexpr/include/nix/expr/eval-settings.hh b/src/libexpr/include/nix/expr/eval-settings.hh index 6a58377e1dc..782f5f9e1e5 100644 --- a/src/libexpr/include/nix/expr/eval-settings.hh +++ b/src/libexpr/include/nix/expr/eval-settings.hh @@ -131,9 +131,9 @@ struct EvalSettings : Config Setting restrictEval{ this, false, "restrict-eval", R"( - If set to `true`, the Nix evaluator will not allow access to any + If set to `true`, the Nix evaluator doesn't allow access to any files outside of - [`builtins.nixPath`](@docroot@/language/builtins.md#builtins-nixPath), + [`builtins.nixPath`](@docroot@/language/builtins.md#builtins-nixPath) or to URIs outside of [`allowed-uris`](@docroot@/command-ref/conf-file.md#conf-allowed-uris). )"}; @@ -156,7 +156,7 @@ struct EvalSettings : Config R"( By default, Nix allows [Import from Derivation](@docroot@/language/import-from-derivation.md). - When this setting is `true`, Nix will log a warning indicating that it performed such an import. + When this setting is `true`, Nix logs a warning indicating that it performed such an import. This option has no effect if `allow-import-from-derivation` is disabled. )" }; @@ -166,9 +166,9 @@ struct EvalSettings : Config R"( By default, Nix allows [Import from Derivation](@docroot@/language/import-from-derivation.md). - With this option set to `false`, Nix will throw an error when evaluating an expression that uses this feature, + With this option set to `false`, Nix throws an error when evaluating an expression that uses this feature, even when the required store object is readily available. - This ensures that evaluation will not require any builds to take place, + This ensures that evaluation doesn't require any builds to take place, regardless of the state of the store. )"}; @@ -187,8 +187,8 @@ struct EvalSettings : Config Setting traceFunctionCalls{this, false, "trace-function-calls", R"( - If set to `true`, the Nix evaluator will trace every function call. - Nix will print a log message at the "vomit" level for every function + If set to `true`, the Nix evaluator traces every function call. + Nix prints a log message at the "vomit" level for every function entrance and function exit. function-trace entered undefined position at 1565795816999559622 @@ -213,7 +213,7 @@ struct EvalSettings : Config Setting ignoreExceptionsDuringTry{this, false, "ignore-try", R"( If set to true, ignore exceptions inside 'tryEval' calls when evaluating nix expressions in - debug mode (using the --debugger flag). By default the debugger will pause on all exceptions. + debug mode (using the --debugger flag). By default, the debugger pauses on all exceptions. )"}; Setting traceVerbose{this, false, "trace-verbose", @@ -225,7 +225,7 @@ struct EvalSettings : Config Setting builtinsTraceDebugger{this, false, "debugger-on-trace", R"( If set to true and the `--debugger` flag is given, the following functions - will enter the debugger like [`builtins.break`](@docroot@/language/builtins.md#builtins-break). + enter the debugger like [`builtins.break`](@docroot@/language/builtins.md#builtins-break). * [`builtins.trace`](@docroot@/language/builtins.md#builtins-trace) * [`builtins.traceVerbose`](@docroot@/language/builtins.md#builtins-traceVerbose) @@ -238,7 +238,7 @@ struct EvalSettings : Config Setting builtinsDebuggerOnWarn{this, false, "debugger-on-warn", R"( If set to true and the `--debugger` flag is given, [`builtins.warn`](@docroot@/language/builtins.md#builtins-warn) - will enter the debugger like [`builtins.break`](@docroot@/language/builtins.md#builtins-break). + enter the debugger like [`builtins.break`](@docroot@/language/builtins.md#builtins-break). This is useful for debugging warnings in third-party Nix code. @@ -247,9 +247,9 @@ struct EvalSettings : Config Setting builtinsAbortOnWarn{this, false, "abort-on-warn", R"( - If set to true, [`builtins.warn`](@docroot@/language/builtins.md#builtins-warn) will throw an error when logging a warning. + If set to true, [`builtins.warn`](@docroot@/language/builtins.md#builtins-warn) throws an error when logging a warning. - This will give you a stack trace that leads to the location of the warning. + This gives you a stack trace that leads to the location of the warning. This is useful for finding information about warnings in third-party Nix code when you can not start the interactive debugger, such as when Nix is called from a non-interactive script. See [`debugger-on-warn`](#conf-debugger-on-warn). diff --git a/src/libexpr/primops.cc b/src/libexpr/primops.cc index bd4168a448c..16f39c64afb 100644 --- a/src/libexpr/primops.cc +++ b/src/libexpr/primops.cc @@ -352,7 +352,7 @@ static RegisterPrimOp primop_import({ > } > ``` > - > then the following `foo.nix` will give an error: + > then the following `foo.nix` throws an error: > > ```nix > # foo.nix @@ -936,7 +936,7 @@ static RegisterPrimOp primop_ceil({ a NixInt and if `*number* < -9007199254740992` or `*number* > 9007199254740992`. If the datatype of *number* is neither a NixInt (signed 64-bit integer) nor a NixFloat - (IEEE-754 double-precision floating-point number), an evaluation error will be thrown. + (IEEE-754 double-precision floating-point number), an evaluation error is thrown. )", .fun = prim_ceil, }); @@ -977,7 +977,7 @@ static RegisterPrimOp primop_floor({ a NixInt and if `*number* < -9007199254740992` or `*number* > 9007199254740992`. If the datatype of *number* is neither a NixInt (signed 64-bit integer) nor a NixFloat - (IEEE-754 double-precision floating-point number), an evaluation error will be thrown. + (IEEE-754 double-precision floating-point number), an evaluation error is thrown. )", .fun = prim_floor, }); @@ -1023,15 +1023,15 @@ static RegisterPrimOp primop_tryEval({ Try to shallowly evaluate *e*. Return a set containing the attributes `success` (`true` if *e* evaluated successfully, `false` if an error was thrown) and `value`, equalling *e* if - successful and `false` otherwise. `tryEval` will only prevent + successful and `false` otherwise. `tryEval` only prevents errors created by `throw` or `assert` from being thrown. - Errors `tryEval` will not catch are for example those created + Errors that `tryEval` doesn't catch are, for example, those created by `abort` and type errors generated by builtins. Also note that this doesn't evaluate *e* deeply, so `let e = { x = throw ""; }; - in (builtins.tryEval e).success` will be `true`. Using + in (builtins.tryEval e).success` is `true`. Using `builtins.deepSeq` one can get the expected result: `let e = { x = throw ""; }; in - (builtins.tryEval (builtins.deepSeq e e)).success` will be + (builtins.tryEval (builtins.deepSeq e e)).success` is `false`. `tryEval` intentionally does not return the error message, because that risks bringing non-determinism into the evaluation result, and it would become very difficult to improve error reporting without breaking existing expressions. @@ -1129,7 +1129,7 @@ static RegisterPrimOp primop_trace({ If the [`debugger-on-trace`](@docroot@/command-ref/conf-file.md#conf-debugger-on-trace) option is set to `true` and the `--debugger` flag is given, the - interactive debugger will be started when `trace` is called (like + interactive debugger is started when `trace` is called (like [`break`](@docroot@/language/builtins.md#builtins-break)). )", .fun = prim_trace, @@ -1173,12 +1173,12 @@ static RegisterPrimOp primop_warn({ [`debugger-on-trace`](@docroot@/command-ref/conf-file.md#conf-debugger-on-trace) or [`debugger-on-warn`](@docroot@/command-ref/conf-file.md#conf-debugger-on-warn) option is set to `true` and the `--debugger` flag is given, the - interactive debugger will be started when `warn` is called (like + interactive debugger is started when `warn` is called (like [`break`](@docroot@/language/builtins.md#builtins-break)). If the [`abort-on-warn`](@docroot@/command-ref/conf-file.md#conf-abort-on-warn) - option is set, the evaluation will be aborted after the warning is printed. + option is set, the evaluation is aborted after the warning is printed. This is useful to reveal the stack trace of the warning, when the context is non-interactive and a debugger can not be launched. )", .fun = prim_warn, @@ -1670,7 +1670,7 @@ static RegisterPrimOp primop_placeholder({ .name = "placeholder", .args = {"output"}, .doc = R"( - Return at + Return an [output placeholder string](@docroot@/store/derivation/index.md#output-placeholder) for the specified *output* that will be substituted by the corresponding [output path](@docroot@/glossary.md#gloss-output-path) @@ -1835,7 +1835,7 @@ static RegisterPrimOp primop_baseNameOf({ After this, the *base name* is returned as previously described, assuming `/` as the directory separator. (Note that evaluation must be platform independent.) - This is somewhat similar to the [GNU `basename`](https://www.gnu.org/software/coreutils/manual/html_node/basename-invocation.html) command, but GNU `basename` will strip any number of trailing slashes. + This is somewhat similar to the [GNU `basename`](https://www.gnu.org/software/coreutils/manual/html_node/basename-invocation.html) command, but GNU `basename` strips any number of trailing slashes. )", .fun = prim_baseNameOf, }); @@ -2034,9 +2034,9 @@ static RegisterPrimOp primop_findFile(PrimOp { > ] > ``` > - > and a *lookup-path* value `"nixos-config"` will cause Nix to try `/home/eelco/Dev/nixos-config` and `/etc/nixos` in that order and return the first path that exists. + > and a *lookup-path* value `"nixos-config"` causes Nix to try `/home/eelco/Dev/nixos-config` and `/etc/nixos` in that order and return the first path that exists. - If `path` starts with `http://` or `https://`, it is interpreted as the URL of a tarball that will be downloaded and unpacked to a temporary location. + If `path` starts with `http://` or `https://`, it is interpreted as the URL of a tarball to be downloaded and unpacked to a temporary location. The tarball must consist of a single top-level directory. The URLs of the tarballs from the official `nixos.org` channels can be abbreviated as `channel:`. @@ -2183,7 +2183,7 @@ static RegisterPrimOp primop_readDir({ Return the contents of the directory *path* as a set mapping directory entries to the corresponding file type. For instance, if directory `A` contains a regular file `B` and another directory - `C`, then `builtins.readDir ./A` will return the set + `C`, then `builtins.readDir ./A` returns the set ```nix { B = "regular"; C = "directory"; } @@ -2218,8 +2218,8 @@ static RegisterPrimOp primop_outputOf({ [input placeholder string](@docroot@/store/derivation/index.md#input-placeholder) if needed. - If the derivation has a statically-known output path (i.e. the derivation output is input-addressed, or fixed content-addresed), the output path will just be returned. - But if the derivation is content-addressed or if the derivation is itself not-statically produced (i.e. is the output of another derivation), an input placeholder will be returned instead. + If the derivation has a statically-known output path (i.e. the derivation output is input-addressed, or fixed content-addresed), the output path is returned. + But if the derivation is content-addressed or if the derivation is itself not-statically produced (i.e. is the output of another derivation), an input placeholder is returned instead. *`derivation reference`* must be a string that may contain a regular store path to a derivation, or may be an input placeholder reference. If the derivation is produced by a derivation, you must explicitly select `drv.outPath`. @@ -2232,7 +2232,7 @@ static RegisterPrimOp primop_outputOf({ "out" ``` - will return a input placeholder for the output of the output of `myDrv`. + returns an input placeholder for the output of the output of `myDrv`. This primop corresponds to the `^` sigil for [deriving paths](@docroot@/glossary.md#gloss-deriving-paths), e.g. as part of installable syntax on the command line. )", @@ -2631,12 +2631,12 @@ static RegisterPrimOp primop_filterSource({ > > `filterSource` should not be used to filter store paths. Since > `filterSource` uses the name of the input directory while naming - > the output directory, doing so will produce a directory name in + > the output directory, doing so produces a directory name in > the form of `--`, where `-` is > the name of the input directory. Since `` depends on the - > unfiltered directory, the name of the output directory will - > indirectly depend on files that are filtered out by the - > function. This will trigger a rebuild even when a filtered out + > unfiltered directory, the name of the output directory + > indirectly depends on files that are filtered out by the + > function. This triggers a rebuild even when a filtered-out > file is changed. Use `builtins.path` instead, which allows > specifying the name of the output directory. @@ -2651,8 +2651,8 @@ static RegisterPrimOp primop_filterSource({ } ``` - However, if `source-dir` is a Subversion working copy, then all - those annoying `.svn` subdirectories will also be copied to the + However, if `source-dir` is a Subversion working copy, then all of + those annoying `.svn` subdirectories are also copied to the store. Worse, the contents of those directories may change a lot, causing lots of spurious rebuilds. With `filterSource` you can filter out the `.svn` directories: @@ -2672,8 +2672,8 @@ static RegisterPrimOp primop_filterSource({ `"regular"`, `"directory"`, `"symlink"` or `"unknown"` (for other kinds of files such as device nodes or fifos — but note that those cannot be copied to the Nix store, so if the predicate returns - `true` for them, the copy will fail). If you exclude a directory, - the entire corresponding subtree of *e2* will be excluded. + `true` for them, the copy fails). If you exclude a directory, + the entire corresponding subtree of *e2* is excluded. )", .fun = prim_filterSource, }); @@ -2747,7 +2747,7 @@ static RegisterPrimOp primop_path({ - sha256\ When provided, this is the expected hash of the file at the - path. Evaluation will fail if the hash is incorrect, and + path. Evaluation fails if the hash is incorrect, and providing a hash allows `builtins.path` to be used even when the `pure-eval` nix config option is on. )", @@ -4849,7 +4849,7 @@ void EvalState::createBaseEnv(const EvalSettings & evalSettings) .type = nInt, .doc = R"( Return the [Unix time](https://en.wikipedia.org/wiki/Unix_time) at first evaluation. - Repeated references to that name will re-use the initially obtained value. + Repeated references to that name re-use the initially obtained value. Example: @@ -4864,7 +4864,7 @@ void EvalState::createBaseEnv(const EvalSettings & evalSettings) 1683705525 ``` - The [store path](@docroot@/store/store-path.md) of a derivation depending on `currentTime` will differ for each evaluation, unless both evaluate `builtins.currentTime` in the same second. + The [store path](@docroot@/store/store-path.md) of a derivation depending on `currentTime` differs for each evaluation unless both evaluate `builtins.currentTime` in the same second. )", .impureOnly = true, }); diff --git a/src/libexpr/primops/context.cc b/src/libexpr/primops/context.cc index 28153c778a4..7145353b05c 100644 --- a/src/libexpr/primops/context.cc +++ b/src/libexpr/primops/context.cc @@ -260,7 +260,7 @@ static RegisterPrimOp primop_getContext({ The string context tracks references to derivations within a string. It is represented as an attribute set of [store derivation](@docroot@/glossary.md#gloss-store-derivation) paths mapping to output names. - Using [string interpolation](@docroot@/language/string-interpolation.md) on a derivation will add that derivation to the string context. + Using [string interpolation](@docroot@/language/string-interpolation.md) on a derivation adds that derivation to the string context. For example, ```nix diff --git a/src/libexpr/primops/fetchClosure.cc b/src/libexpr/primops/fetchClosure.cc index 4dd8b2606ca..ea6145f6f9e 100644 --- a/src/libexpr/primops/fetchClosure.cc +++ b/src/libexpr/primops/fetchClosure.cc @@ -214,7 +214,7 @@ static RegisterPrimOp primop_fetchClosure({ .doc = R"( Fetch a store path [closure](@docroot@/glossary.md#gloss-closure) from a binary cache, and return the store path as a string with context. - This function can be invoked in three ways, that we will discuss in order of preference. + This function can be invoked in three ways that we will discuss in order of preference. **Fetch a content-addressed store path** diff --git a/src/libexpr/primops/fetchTree.cc b/src/libexpr/primops/fetchTree.cc index c82fb82c5f7..38eac6a8a02 100644 --- a/src/libexpr/primops/fetchTree.cc +++ b/src/libexpr/primops/fetchTree.cc @@ -189,7 +189,7 @@ static void fetchTree( input.to_string()); else state.error( - "in pure evaluation mode, '%s' will not fetch unlocked input '%s'", + "in pure evaluation mode, '%s' doesn't fetch unlocked input '%s'", fetcher, input.to_string()).atPos(pos).debugThrow(); } @@ -241,7 +241,7 @@ static RegisterPrimOp primop_fetchTree({ That is, `fetchTree` is idempotent. Downloads are cached in `$XDG_CACHE_HOME/nix`. - The remote source will be fetched from the network if both are true: + The remote source is fetched from the network if both are true: - A NAR hash is supplied and the corresponding store path is not [valid](@docroot@/glossary.md#gloss-validity), that is, not available in the store > **Note** @@ -336,7 +336,7 @@ static RegisterPrimOp primop_fetchTree({ > **Note** > - > If the URL points to a local directory, and no `ref` or `rev` is given, Nix will only consider files added to the Git index, as listed by `git ls-files` but use the *current file contents* of the Git working directory. + > If the URL points to a local directory, and no `ref` or `rev` is given, Nix only considers files added to the Git index, as listed by `git ls-files` but use the *current file contents* of the Git working directory. - `ref` (String, optional) @@ -676,7 +676,7 @@ static RegisterPrimOp primop_fetchGit({ This option has no effect once `shallow` cloning is enabled. By default, the `ref` value is prefixed with `refs/heads/`. - As of 2.3.0, Nix will not prefix `refs/heads/` if `ref` starts with `refs/`. + As of 2.3.0, Nix doesn't prefix `refs/heads/` if `ref` starts with `refs/`. - `submodules` (default: `false`) @@ -772,7 +772,7 @@ static RegisterPrimOp primop_fetchGit({ name in the `ref` attribute. However, if the revision you're looking for is in a future - branch for the non-default branch you will need to specify the + branch for the non-default branch you need to specify the the `ref` attribute as well. ```nix @@ -835,7 +835,7 @@ static RegisterPrimOp primop_fetchGit({ } ``` - Nix will refetch the branch according to the [`tarball-ttl`](@docroot@/command-ref/conf-file.md#conf-tarball-ttl) setting. + Nix refetches the branch according to the [`tarball-ttl`](@docroot@/command-ref/conf-file.md#conf-tarball-ttl) setting. This behavior is disabled in [pure evaluation mode](@docroot@/command-ref/conf-file.md#conf-pure-eval). @@ -846,9 +846,9 @@ static RegisterPrimOp primop_fetchGit({ ``` If the URL points to a local directory, and no `ref` or `rev` is - given, `fetchGit` will use the current content of the checked-out - files, even if they are not committed or added to Git's index. It will - only consider files added to the Git repository, as listed by `git ls-files`. + given, `fetchGit` uses the current content of the checked-out + files, even if they are not committed or added to Git's index. It + only considers files added to the Git repository, as listed by `git ls-files`. )", .fun = prim_fetchGit, }); diff --git a/src/libfetchers/include/nix/fetchers/fetch-settings.hh b/src/libfetchers/include/nix/fetchers/fetch-settings.hh index 831a18bf0cd..e4fe92d5d3b 100644 --- a/src/libfetchers/include/nix/fetchers/fetch-settings.hh +++ b/src/libfetchers/include/nix/fetchers/fetch-settings.hh @@ -24,7 +24,7 @@ struct Settings : public Config space-separated `host=token` values. The specific token used is selected by matching the `host` portion against the "host" specification of the input. The `host` portion may - contain a path element which will match against the prefix + contain a path element which matches against the prefix URL for the input. (eg: `github.com/org=token`). The actual use of the `token` value is determined by the type of resource being accessed: @@ -88,11 +88,11 @@ struct Settings : public Config Setting trustTarballsFromGitForges{ this, true, "trust-tarballs-from-git-forges", R"( - If enabled (the default), Nix will consider tarballs from + If enabled (the default), Nix considers tarballs from GitHub and similar Git forges to be locked if a Git revision is specified, e.g. `github:NixOS/patchelf/7c2f768bf9601268a4e71c2ebe91e2011918a70f`. - This requires Nix to trust that the provider will return the + This requires Nix to trust that the provider returns the correct contents for the specified Git revision. If disabled, such tarballs are only considered locked if a diff --git a/src/libflake/flake.cc b/src/libflake/flake.cc index 06c81325bd9..31328abde23 100644 --- a/src/libflake/flake.cc +++ b/src/libflake/flake.cc @@ -803,10 +803,10 @@ LockedFlake lockFlake( if (auto unlockedInput = newLockFile.isUnlocked(state.fetchSettings)) { if (lockFlags.failOnUnlocked) throw Error( - "Will not write lock file of flake '%s' because it has an unlocked input ('%s'). " + "Not writing lock file of flake '%s' because it has an unlocked input ('%s'). " "Use '--allow-dirty-locks' to allow this anyway.", topRef, *unlockedInput); if (state.fetchSettings.warnDirty) - warn("will not write lock file of flake '%s' because it has an unlocked input ('%s')", topRef, *unlockedInput); + warn("Not writing lock file of flake '%s' because it has an unlocked input ('%s')", topRef, *unlockedInput); } else { if (!lockFlags.updateLockFile) throw Error("flake '%s' requires lock file changes but they're not allowed due to '--no-update-lock-file'", topRef); diff --git a/src/libmain/plugin.cc b/src/libmain/plugin.cc index db686a251ba..5edfd11bb06 100644 --- a/src/libmain/plugin.cc +++ b/src/libmain/plugin.cc @@ -43,9 +43,9 @@ struct PluginSettings : Config {}, "plugin-files", R"( - A list of plugin files to be loaded by Nix. Each of these files will - be dlopened by Nix. If they contain the symbol `nix_plugin_entry()`, - this symbol will be called. Alternatively, they can affect execution + A list of plugin files to be loaded by Nix. Each of these files is + dlopened by Nix. If they contain the symbol `nix_plugin_entry()`, + this symbol is called. Alternatively, they can affect execution through static initialization. In particular, these plugins may construct static instances of RegisterPrimOp to add new primops or constants to the expression language, RegisterStoreImplementation to add new store @@ -60,7 +60,7 @@ struct PluginSettings : Config itself, they must be DSOs compatible with the instance of Nix running at the time (i.e. compiled against the same headers, not linked to any incompatible libraries). They should not be linked to - any Nix libs directly, as those will be available already at load + any Nix libs directly, as those are already already at load time. If an entry in the list is a directory, all files in the directory diff --git a/src/libstore/include/nix/store/filetransfer.hh b/src/libstore/include/nix/store/filetransfer.hh index 10c3ec7ef9b..259af7640d9 100644 --- a/src/libstore/include/nix/store/filetransfer.hh +++ b/src/libstore/include/nix/store/filetransfer.hh @@ -46,7 +46,7 @@ struct FileTransferSettings : Config )"}; Setting tries{this, 5, "download-attempts", - "How often Nix will attempt to download a file before giving up."}; + "The number of times Nix will attempt to download a file before giving up."}; Setting downloadBufferSize{this, 64 * 1024 * 1024, "download-buffer-size", R"( diff --git a/src/libstore/include/nix/store/globals.hh b/src/libstore/include/nix/store/globals.hh index ee7e9e6235f..179d5cde03a 100644 --- a/src/libstore/include/nix/store/globals.hh +++ b/src/libstore/include/nix/store/globals.hh @@ -109,7 +109,7 @@ public: Setting tryFallback{ this, false, "fallback", R"( - If set to `true`, Nix will fall back to building from source if a + If set to `true`, Nix falls back to building from source if a binary substitute fails. This is equivalent to the `--fallback` flag. The default is `false`. )", @@ -127,11 +127,11 @@ public: MaxBuildJobsSetting maxBuildJobs{ this, 1, "max-jobs", R"( - Maximum number of jobs that Nix will try to build locally in parallel. + Maximum number of jobs that Nix tries to build locally in parallel. The special value `auto` causes Nix to use the number of CPUs in your system. Use `0` to disable local builds and directly use the remote machines specified in [`builders`](#conf-builders). - This will not affect derivations that have [`preferLocalBuild = true`](@docroot@/language/advanced-attributes.md#adv-attr-preferLocalBuild), which are always built locally. + This doesn't affect derivations that have [`preferLocalBuild = true`](@docroot@/language/advanced-attributes.md#adv-attr-preferLocalBuild), which are always built locally. > **Note** > @@ -146,8 +146,8 @@ public: this, 16, "max-substitution-jobs", R"( This option defines the maximum number of substitution jobs that Nix - will try to run in parallel. The default is `16`. The minimum value - one can choose is `1` and lower values will be interpreted as `1`. + tries to run in parallel. The default is `16`. The minimum value + one can choose is `1` and lower values are interpreted as `1`. )", {"substitution-max-jobs"}}; @@ -164,7 +164,7 @@ public: A very generic example using `derivation` and `xargs` may be more appropriate to explain the mechanism. Using `mkDerivation` as an example requires being aware of that there are multiple independent layers that are completely opaque here. --> - For instance, in Nixpkgs, if the attribute `enableParallelBuilding` for the `mkDerivation` build helper is set to `true`, it will pass the `-j${NIX_BUILD_CORES}` flag to GNU Make. + For instance, in Nixpkgs, if the attribute `enableParallelBuilding` for the `mkDerivation` build helper is set to `true`, it passes the `-j${NIX_BUILD_CORES}` flag to GNU Make. The value `0` means that the `builder` should use all available CPU cores in the system. @@ -186,7 +186,7 @@ public: this, NIX_LOCAL_SYSTEM, "system", R"( The system type of the current Nix installation. - Nix will only build a given [store derivation](@docroot@/glossary.md#gloss-store-derivation) locally when its `system` attribute equals any of the values specified here or in [`extra-platforms`](#conf-extra-platforms). + Nix only builds a given [store derivation](@docroot@/glossary.md#gloss-store-derivation) locally when its `system` attribute equals any of the values specified here or in [`extra-platforms`](#conf-extra-platforms). The default value is set when Nix itself is compiled for the system it will run on. The following system types are widely used, as Nix is actively supported on these platforms: @@ -292,28 +292,28 @@ public: > `i686-linux,x86_64-linux` 3. The SSH identity file to be used to log in to the remote machine. - If omitted, SSH will use its regular identities. + If omitted, SSH uses its regular identities. > **Example** > > `/home/user/.ssh/id_mac` - 4. The maximum number of builds that Nix will execute in parallel on the machine. + 4. The maximum number of builds that Nix executes in parallel on the machine. Typically this should be equal to the number of CPU cores. 5. The “speed factor”, indicating the relative speed of the machine as a positive integer. - If there are multiple machines of the right type, Nix will prefer the fastest, taking load into account. + If there are multiple machines of the right type, Nix prefers the fastest, taking load into account. 6. A comma-separated list of supported [system features](#conf-system-features). - A machine will only be used to build a derivation if all the features in the derivation's [`requiredSystemFeatures`](@docroot@/language/advanced-attributes.html#adv-attr-requiredSystemFeatures) attribute are supported by that machine. + A machine is only used to build a derivation if all the features in the derivation's [`requiredSystemFeatures`](@docroot@/language/advanced-attributes.html#adv-attr-requiredSystemFeatures) attribute are supported by that machine. 7. A comma-separated list of required [system features](#conf-system-features). - A machine will only be used to build a derivation if all of the machine’s required features appear in the derivation’s [`requiredSystemFeatures`](@docroot@/language/advanced-attributes.html#adv-attr-requiredSystemFeatures) attribute. + A machine is only used to build a derivation if all of the machine’s required features appear in the derivation’s [`requiredSystemFeatures`](@docroot@/language/advanced-attributes.html#adv-attr-requiredSystemFeatures) attribute. 8. The (base64-encoded) public host key of the remote machine. - If omitted, SSH will use its regular `known_hosts` file. + If omitted, SSH uses its regular `known_hosts` file. The value for this field can be obtained via `base64 -w0`. @@ -335,7 +335,7 @@ public: > nix@poochie.labs.cs.uu.nl i686-linux /home/nix/.ssh/id_scratchy 1 2 kvm benchmark > ``` > - > However, `poochie` will only build derivations that have the attribute + > However, `poochie` only builds derivations that have the attribute > > ```nix > requiredSystemFeatures = [ "benchmark" ]; @@ -348,7 +348,7 @@ public: > ``` > > `itchy` cannot do builds that require `kvm`, but `scratchy` does support such builds. - > For regular builds, `itchy` will be preferred over `scratchy` because it has a higher speed factor. + > For regular builds, `itchy` is preferred over `scratchy` because it has a higher speed factor. For Nix to use substituters, the calling user must be in the [`trusted-users`](#conf-trusted-users) list. @@ -372,15 +372,15 @@ public: Setting alwaysAllowSubstitutes{ this, false, "always-allow-substitutes", R"( - If set to `true`, Nix will ignore the [`allowSubstitutes`](@docroot@/language/advanced-attributes.md) attribute in derivations and always attempt to use [available substituters](#conf-substituters). + If set to `true`, Nix ignores the [`allowSubstitutes`](@docroot@/language/advanced-attributes.md) attribute in derivations and always attempt to use [available substituters](#conf-substituters). )"}; Setting buildersUseSubstitutes{ this, false, "builders-use-substitutes", R"( - If set to `true`, Nix will instruct [remote build machines](#conf-builders) to use their own [`substituters`](#conf-substituters) if available. + If set to `true`, Nix instructs [remote build machines](#conf-builders) to use their own [`substituters`](#conf-substituters) if available. - It means that remote build hosts will fetch as many dependencies as possible from their own substituters (e.g, from `cache.nixos.org`) instead of waiting for the local machine to upload them all. + It means that remote build hosts fetch as many dependencies as possible from their own substituters (e.g, from `cache.nixos.org`) instead of waiting for the local machine to upload them all. This can drastically reduce build times if the network connection between the local machine and the remote build host is slow. )"}; @@ -415,7 +415,7 @@ public: Setting useSubstitutes{ this, true, "substitute", R"( - If set to `true` (default), Nix will use binary substitutes if + If set to `true` (default), Nix uses binary substitutes if available. This option can be disabled to force building from source. )", @@ -432,11 +432,11 @@ public: since that would allow him/her to influence the build result. Therefore, if this option is non-empty and specifies a valid group, - builds will be performed under the user accounts that are a member + builds are performed under the user accounts that are a member of the group specified here (as listed in `/etc/group`). Those user accounts should not be used for any other purpose\! - Nix will never run two builds under the same user account at the + Nix never runs two builds under the same user account at the same time. This is to prevent an obvious security hole: a malicious user writing a Nix expression that modifies the build result of a legitimate Nix expression being built by another user. Therefore it @@ -448,7 +448,7 @@ public: by the Nix account, its group should be the group specified here, and its mode should be `1775`. - If the build users group is empty, builds will be performed under + If the build users group is empty, builds are performed under the uid of the Nix process (that is, the uid of the caller if `NIX_REMOTE` is empty, the uid under which the Nix daemon runs if `NIX_REMOTE` is `daemon`). Obviously, this should not be used @@ -503,7 +503,7 @@ public: Setting keepLog{ this, true, "keep-build-log", R"( - If set to `true` (the default), Nix will write the build log of a + If set to `true` (the default), Nix writes the build log of a derivation (i.e. the standard output and error of its builder) to the directory `/nix/var/log/nix/drvs`. The build log can be retrieved using the command `nix-store -l path`. @@ -514,8 +514,8 @@ public: this, true, "compress-build-log", R"( If set to `true` (the default), build logs written to - `/nix/var/log/nix/drvs` will be compressed on the fly using bzip2. - Otherwise, they will not be compressed. + `/nix/var/log/nix/drvs` are compressed on the fly using bzip2. + Otherwise, they aren't compressed. )", {"build-compress-log"}}; @@ -534,14 +534,14 @@ public: Setting gcKeepOutputs{ this, false, "keep-outputs", R"( - If `true`, the garbage collector will keep the outputs of - non-garbage derivations. If `false` (default), outputs will be + If `true`, the garbage collector keeps the outputs of + non-garbage derivations. If `false` (default), outputs are deleted unless they are GC roots themselves (or reachable from other roots). In general, outputs must be registered as roots separately. However, even if the output of a derivation is registered as a root, the - collector will still delete store paths that are used only at build + collector still deletes store paths that are used only at build time (e.g., the C compiler, or source tarballs downloaded from the network). To prevent it from doing so, set this option to `true`. )", @@ -550,9 +550,9 @@ public: Setting gcKeepDerivations{ this, true, "keep-derivations", R"( - If `true` (default), the garbage collector will keep the derivations - from which non-garbage store paths were built. If `false`, they will - be deleted unless explicitly registered as a root (or reachable from + If `true` (default), the garbage collector keeps the derivations + from which non-garbage store paths were built. If `false`, they are + deleted unless explicitly registered as a root (or reachable from other roots). Keeping derivation around is useful for querying and traceability @@ -582,7 +582,7 @@ public: If `true`, when you add a Nix derivation to a user environment, the path of the derivation is stored in the user environment. Thus, the - derivation will not be garbage-collected until the user environment + derivation isn't garbage-collected until the user environment generation is deleted (`nix-env --delete-generations`). To prevent build-time-only dependencies from being collected, you should also turn on `keep-outputs`. @@ -603,9 +603,9 @@ public: #endif , "sandbox", R"( - If set to `true`, builds will be performed in a *sandboxed + If set to `true`, builds are performed in a *sandboxed environment*, i.e., they’re isolated from the normal file system - hierarchy and will only see their dependencies in the Nix store, + hierarchy and only see their dependencies in the Nix store, the temporary build directory, private versions of `/proc`, `/dev`, `/dev/shm` and `/dev/pts` (on Linux), and the paths configured with the `sandbox-paths` option. This is useful to @@ -634,13 +634,13 @@ public: R"( A list of paths bind-mounted into Nix sandbox environments. You can use the syntax `target=source` to mount a path in a different - location in the sandbox; for instance, `/bin=/nix-bin` will mount + location in the sandbox; for instance, `/bin=/nix-bin` mounts the path `/nix-bin` as `/bin` inside the sandbox. If *source* is followed by `?`, then it is not an error if *source* does not exist; - for example, `/dev/nvidiactl?` specifies that `/dev/nvidiactl` will - only be mounted in the sandbox if it exists in the host filesystem. + for example, `/dev/nvidiactl?` specifies that `/dev/nvidiactl` only + be mounted in the sandbox if it exists in the host filesystem. - If the source is in the Nix store, then its closure will be added to + If the source is in the Nix store, then its closure is added to the sandbox as well. Depending on how Nix was built, the default value for this option @@ -655,15 +655,15 @@ public: Setting requireDropSupplementaryGroups{this, isRootUser(), "require-drop-supplementary-groups", R"( Following the principle of least privilege, - Nix will attempt to drop supplementary groups when building with sandboxing. + Nix attempts to drop supplementary groups when building with sandboxing. However this can fail under some circumstances. For example, if the user lacks the `CAP_SETGID` capability. Search `setgroups(2)` for `EPERM` to find more detailed information on this. - If you encounter such a failure, setting this option to `false` will let you ignore it and continue. + If you encounter such a failure, setting this option to `false` enables you to ignore it and continue. But before doing so, you should consider the security implications carefully. - Not dropping supplementary groups means the build sandbox will be less restricted than intended. + Not dropping supplementary groups means the build sandbox is less restricted than intended. This option defaults to `true` when the user is root (since `root` usually has permissions to call setgroups) @@ -697,12 +697,12 @@ public: R"( The directory on the host, in which derivations' temporary build directories are created. - If not set, Nix will use the system temporary directory indicated by the `TMPDIR` environment variable. + If not set, Nix uses the system temporary directory indicated by the `TMPDIR` environment variable. Note that builds are often performed by the Nix daemon, so its `TMPDIR` is used, and not that of the Nix command line interface. This is also the location where [`--keep-failed`](@docroot@/command-ref/opt-common.md#opt-keep-failed) leaves its files. - If Nix runs without sandbox, or if the platform does not support sandboxing with bind mounts (e.g. macOS), then the [`builder`](@docroot@/language/derivations.md#attr-builder)'s environment will contain this directory, instead of the virtual location [`sandbox-build-dir`](#conf-sandbox-build-dir). + If Nix runs without sandbox, or if the platform does not support sandboxing with bind mounts (e.g. macOS), then the [`builder`](@docroot@/language/derivations.md#attr-builder)'s environment contains this directory instead of the virtual location [`sandbox-build-dir`](#conf-sandbox-build-dir). )"}; Setting allowedImpureHostPrefixes{this, {}, "allowed-impure-host-deps", @@ -743,12 +743,11 @@ public: 3. The path to the build's derivation - 4. The path to the build's scratch directory. This directory will - exist only if the build was run with `--keep-failed`. + 4. The path to the build's scratch directory. This directory + exists only if the build was run with `--keep-failed`. - The stderr and stdout output from the diff hook will not be - displayed to the user. Instead, it will print to the nix-daemon's - log. + The stderr and stdout output from the diff hook isn't displayed + to the user. Instead, it prints to the nix-daemon's log. When using the Nix daemon, `diff-hook` must be set in the `nix.conf` configuration file, and cannot be passed at the command line. @@ -786,8 +785,8 @@ public: this, 60 * 60, "tarball-ttl", R"( The number of seconds a downloaded tarball is considered fresh. If - the cached tarball is stale, Nix will check whether it is still up - to date using the ETag header. Nix will download a new version if + the cached tarball is stale, Nix checks whether it is still up + to date using the ETag header. Nix downloads a new version if the ETag header is unsupported, or the cached ETag doesn't match. Setting the TTL to `0` forces Nix to always check if the tarball is @@ -822,7 +821,7 @@ public: R"( System types of executables that can be run on this machine. - Nix will only build a given [store derivation](@docroot@/glossary.md#gloss-store-derivation) locally when its `system` attribute equals any of the values specified here or in the [`system` option](#conf-system). + Nix only builds a given [store derivation](@docroot@/glossary.md#gloss-store-derivation) locally when its `system` attribute equals any of the values specified here or in the [`system` option](#conf-system). Setting this can be useful to build derivations locally on compatible machines: - `i686-linux` executables can be run on `x86_64-linux` machines (set by default) @@ -832,7 +831,7 @@ public: - `qemu-user` may be used to support non-native platforms (though this may be slow and buggy) - Build systems will usually detect the target platform to be the current physical system and therefore produce machine code incompatible with what may be intended in the derivation. + Build systems usually detect the target platform to be the current physical system and therefore produce machine code incompatible with what may be intended in the derivation. You should design your derivation's `builder` accordingly and cross-check the results when using this option against natively-built versions of your derivation. )", {}, @@ -922,7 +921,7 @@ public: this, 3600, "narinfo-cache-negative-ttl", R"( The TTL in seconds for negative lookups. - If a store path is queried from a [substituter](#conf-substituters) but was not found, there will be a negative lookup cached in the local disk cache database for the specified duration. + If a store path is queried from a [substituter](#conf-substituters) but was not found, a negative lookup is cached in the local disk cache database for the specified duration. Set to `0` to force updating the lookup cache. @@ -938,7 +937,7 @@ public: this, 30 * 24 * 3600, "narinfo-cache-positive-ttl", R"( The TTL in seconds for positive lookups. If a store path is queried - from a substituter, the result of the query will be cached in the + from a substituter, the result of the query is cached in the local disk cache database including some of the NAR metadata. The default TTL is a month, setting a shorter TTL for positive lookups can be useful for binary caches that have frequent garbage @@ -1024,7 +1023,7 @@ public: Setting netrcFile{ this, fmt("%s/%s", nixConfDir, "netrc"), "netrc-file", R"( - If set to an absolute path to a `netrc` file, Nix will use the HTTP + If set to an absolute path to a `netrc` file, Nix uses the HTTP authentication credentials in this file when trying to download from a remote host through HTTP or HTTPS. Defaults to `$NIX_CONF_DIR/netrc`. @@ -1050,7 +1049,7 @@ public: this, getDefaultSSLCertFile(), "ssl-cert-file", R"( The path of a file containing CA certificates used to - authenticate `https://` downloads. Nix by default will use + authenticate `https://` downloads. Nix by default uses the first of the following files that exists: 1. `/etc/ssl/certs/ca-certificates.crt` @@ -1082,7 +1081,7 @@ public: (Linux-specific.) By default, builders on Linux cannot acquire new privileges by calling setuid/setgid programs or programs that have file capabilities. For example, programs such as `sudo` or `ping` - will fail. (Note that in sandbox builds, no such programs are + should fail. (Note that in sandbox builds, no such programs are available unless you bind-mount them into the sandbox via the `sandbox-paths` option.) You can allow the use of such programs by enabling this option. This is impure and usually undesirable, but @@ -1106,7 +1105,7 @@ public: this, {}, "hashed-mirrors", R"( A list of web servers used by `builtins.fetchurl` to obtain files by - hash. Given a hash algorithm *ha* and a base-16 hash *h*, Nix will try to + hash. Given a hash algorithm *ha* and a base-16 hash *h*, Nix tries to download the file from *hashed-mirror*/*ha*/*h*. This allows files to be downloaded even if they have disappeared from their original URI. For example, given an example mirror `http://tarballs.nixos.org/`, @@ -1121,7 +1120,7 @@ public: Nix will attempt to download this file from `http://tarballs.nixos.org/sha256/2c26b46b68ffc68ff99b453c1d30413413422d706483bfa0f98a5e886266e7ae` - first. If it is not available there, if will try the original URI. + first. If it is not available there, it tries the original URI. )"}; Setting minFree{ @@ -1153,8 +1152,8 @@ public: Setting allowSymlinkedStore{ this, false, "allow-symlinked-store", R"( - If set to `true`, Nix will stop complaining if the store directory - (typically /nix/store) contains symlink components. + If set to `true`, Nix stops complaining if the store directory + (typically `/nix/store`) contains symlink components. This risks making some builds "impure" because builders sometimes "canonicalise" paths by resolving all symlink components. Problems @@ -1166,7 +1165,7 @@ public: Setting useXDGBaseDirectories{ this, false, "use-xdg-base-directories", R"( - If set to `true`, Nix will conform to the [XDG Base Directory Specification] for files in `$HOME`. + If set to `true`, Nix conforms to the [XDG Base Directory Specification] for files in `$HOME`. The environment variables used to implement this are documented in the [Environment Variables section](@docroot@/command-ref/env-common.md). [XDG Base Directory Specification]: https://specifications.freedesktop.org/basedir-spec/basedir-spec-latest.html @@ -1204,7 +1203,7 @@ public: If the user is trusted (see `trusted-users` option), when building a fixed-output derivation, environment variables set in this option - will be passed to the builder if they are listed in [`impureEnvVars`](@docroot@/language/advanced-attributes.md#adv-attr-impureEnvVars). + is passed to the builder if they are listed in [`impureEnvVars`](@docroot@/language/advanced-attributes.md#adv-attr-impureEnvVars). This option is useful for, e.g., setting `https_proxy` for fixed-output derivations and in a multi-user Nix installation, or diff --git a/src/libstore/include/nix/store/local-fs-store.hh b/src/libstore/include/nix/store/local-fs-store.hh index f9421b7febc..d5fafb0c61b 100644 --- a/src/libstore/include/nix/store/local-fs-store.hh +++ b/src/libstore/include/nix/store/local-fs-store.hh @@ -27,12 +27,12 @@ struct LocalFSStoreConfig : virtual StoreConfig PathSetting stateDir{this, rootDir.get() ? *rootDir.get() + "/nix/var/nix" : settings.nixStateDir, "state", - "Directory where Nix will store state."}; + "Directory where Nix stores state."}; PathSetting logDir{this, rootDir.get() ? *rootDir.get() + "/nix/var/log/nix" : settings.nixLogDir, "log", - "directory where Nix will store log files."}; + "directory where Nix stores log files."}; PathSetting realStoreDir{this, rootDir.get() ? *rootDir.get() + "/nix/store" : storeDir, "real", diff --git a/src/libstore/include/nix/store/local-store.hh b/src/libstore/include/nix/store/local-store.hh index efc59dc8cb7..9a118fcc517 100644 --- a/src/libstore/include/nix/store/local-store.hh +++ b/src/libstore/include/nix/store/local-store.hh @@ -54,7 +54,7 @@ struct LocalStoreConfig : std::enable_shared_from_this, virtua R"( Allow this store to be opened when its [database](@docroot@/glossary.md#gloss-nix-database) is on a read-only filesystem. - Normally Nix will attempt to open the store database in read-write mode, even for querying (when write access is not needed), causing it to fail if the database is on a read-only filesystem. + Normally Nix attempts to open the store database in read-write mode, even for querying (when write access is not needed), causing it to fail if the database is on a read-only filesystem. Enable read-only mode to disable locking and open the SQLite database with the [`immutable` parameter](https://www.sqlite.org/c3ref/open.html) set. diff --git a/src/libstore/include/nix/store/s3-binary-cache-store.hh b/src/libstore/include/nix/store/s3-binary-cache-store.hh index 9a123602e41..c38591e60f3 100644 --- a/src/libstore/include/nix/store/s3-binary-cache-store.hh +++ b/src/libstore/include/nix/store/s3-binary-cache-store.hh @@ -25,7 +25,7 @@ struct S3BinaryCacheStoreConfig : std::enable_shared_from_this **Note** > - > This endpoint must support HTTPS and will use path-based + > This endpoint must support HTTPS and uses path-based > addressing instead of virtual host based addressing. )"}; diff --git a/src/libstore/store-api.cc b/src/libstore/store-api.cc index c9ccc69fc78..e8988127e33 100644 --- a/src/libstore/store-api.cc +++ b/src/libstore/store-api.cc @@ -218,7 +218,7 @@ StorePath Store::addToStore( if (settings.warnLargePathThreshold && lengthSource.total >= settings.warnLargePathThreshold) { static bool failOnLargePath = getEnv("_NIX_TEST_FAIL_ON_LARGE_PATH").value_or("") == "1"; if (failOnLargePath) - throw Error("won't copy large path '%s' to the store (%d)", path, renderSize(lengthSource.total)); + throw Error("doesn't copy large path '%s' to the store (%d)", path, renderSize(lengthSource.total)); warn("copied large path '%s' to the store (%d)", path, renderSize(lengthSource.total)); } }); diff --git a/src/libutil/experimental-features.cc b/src/libutil/experimental-features.cc index be829b92f64..04e8705e5a3 100644 --- a/src/libutil/experimental-features.cc +++ b/src/libutil/experimental-features.cc @@ -91,7 +91,7 @@ constexpr std::array xpFeatureDetails .name = "git-hashing", .description = R"( Allow creating (content-addressed) store objects which are hashed via Git's hashing algorithm. - These store objects will not be understandable by older versions of Nix. + These store objects aren't understandable by older versions of Nix. )", .trackingUrl = "https://github.com/NixOS/nix/milestone/41", }, @@ -154,7 +154,7 @@ constexpr std::array xpFeatureDetails "http://foo" ``` - But enabling this experimental feature will cause the Nix parser to + But enabling this experimental feature causes the Nix parser to throw an error when encountering a URL literal: ``` diff --git a/src/libutil/include/nix/util/logging.hh b/src/libutil/include/nix/util/logging.hh index 1cb4161d151..920e9fb20c0 100644 --- a/src/libutil/include/nix/util/logging.hh +++ b/src/libutil/include/nix/util/logging.hh @@ -57,7 +57,7 @@ struct LoggerSettings : Config Setting jsonLogPath{ this, "", "json-log-path", R"( - A path to which JSON records of Nix's log output will be + A path to which JSON records of Nix's log output are written, in the same format as `--log-format internal-json` (without the `@nix ` prefixes on each line). )"}; diff --git a/src/nix-build/nix-build.cc b/src/nix-build/nix-build.cc index 80ebf6bfaba..3313c02aa61 100644 --- a/src/nix-build/nix-build.cc +++ b/src/nix-build/nix-build.cc @@ -474,7 +474,7 @@ static void main_nix_build(int argc, char * * argv) } catch (Error & e) { logError(e.info()); - notice("will use bash from your environment"); + notice("uses bash from your environment"); shell = "bash"; } } diff --git a/src/nix/unix/daemon.cc b/src/nix/unix/daemon.cc index 301f8aa50ca..115a0a1e98c 100644 --- a/src/nix/unix/daemon.cc +++ b/src/nix/unix/daemon.cc @@ -572,7 +572,7 @@ struct CmdDaemon : Command addFlag({ .longName = "force-untrusted", - .description = "Force the daemon to not trust connecting clients. The connection will be processed by the receiving daemon before forwarding commands.", + .description = "Force the daemon to not trust connecting clients. The connection is processed by the receiving daemon before forwarding commands.", .handler = {[&]() { isTrustedOpt = NotTrusted; }}, From 74af43ee9151fa71345f0dc980527fa2ece14728 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 6 Jun 2025 20:03:33 +0200 Subject: [PATCH 644/815] Remove superfluous semicolon Co-authored-by: Cole Helbling --- src/libfetchers/fetchers.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libfetchers/fetchers.cc b/src/libfetchers/fetchers.cc index 9beef69f075..5764f310d40 100644 --- a/src/libfetchers/fetchers.cc +++ b/src/libfetchers/fetchers.cc @@ -305,7 +305,7 @@ struct SubstitutedSourceAccessor : ForwardingSourceAccessor std::string showPath(const CanonPath & path) override { - return displayPrefix + path.abs() + displaySuffix;; + return displayPrefix + path.abs() + displaySuffix; } }; From f8ef941c04422a067e8a8c6896dc4ee3db36c32d Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 6 Jun 2025 21:50:55 +0200 Subject: [PATCH 645/815] fetchToStore(): Cache in dry-run mode --- src/libfetchers/fetch-to-store.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libfetchers/fetch-to-store.cc b/src/libfetchers/fetch-to-store.cc index f1b02f4e0a8..d7e38835a27 100644 --- a/src/libfetchers/fetch-to-store.cc +++ b/src/libfetchers/fetch-to-store.cc @@ -55,7 +55,7 @@ StorePath fetchToStore( debug(mode == FetchMode::DryRun ? "hashed '%s'" : "copied '%s' to '%s'", path, store.printStorePath(storePath)); - if (cacheKey && mode == FetchMode::Copy) + if (cacheKey) fetchers::getCache()->upsert(*cacheKey, store, {}, storePath); return storePath; From 86785fd9d1e8f2ed5d670e4c8bd64189af9b94a7 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 6 Jun 2025 22:02:45 +0200 Subject: [PATCH 646/815] fetchToStore(): Fix caching This was broken because MountedSourceAccessor did not return a fingerprint. Previously fingerprints were global to an accessor, but with a MountedSourceAccessor the fingerprint can be different for each mount point. --- src/libexpr/paths.cc | 1 + src/libfetchers/fetch-to-store.cc | 7 +++--- src/libfetchers/fetchers.cc | 9 +++++--- src/libfetchers/filtering-source-accessor.cc | 16 +++++++++++++ .../nix/fetchers/filtering-source-accessor.hh | 6 +++++ .../nix/util/forwarding-source-accessor.hh | 10 ++++++++ .../include/nix/util/source-accessor.hh | 23 ++++++++++++++++--- src/libutil/mounted-source-accessor.cc | 9 ++++++++ 8 files changed, 72 insertions(+), 9 deletions(-) diff --git a/src/libexpr/paths.cc b/src/libexpr/paths.cc index cbe55703339..40c0a23b637 100644 --- a/src/libexpr/paths.cc +++ b/src/libexpr/paths.cc @@ -80,6 +80,7 @@ StorePath EvalState::mountInput( storeFS->mount(CanonPath(store->printStorePath(storePath)), accessor); if (requireLockable && (!settings.lazyTrees || !input.isLocked()) && !input.getNarHash()) { + // FIXME: use fetchToStore to make it cache this auto narHash = accessor->hashPath(CanonPath::root); input.attrs.insert_or_assign("narHash", narHash.to_string(HashFormat::SRI, true)); } diff --git a/src/libfetchers/fetch-to-store.cc b/src/libfetchers/fetch-to-store.cc index d7e38835a27..d00c2edfbdc 100644 --- a/src/libfetchers/fetch-to-store.cc +++ b/src/libfetchers/fetch-to-store.cc @@ -31,15 +31,16 @@ StorePath fetchToStore( // a `PosixSourceAccessor` pointing to a store path. std::optional cacheKey; + std::optional fingerprint; - if (!filter && path.accessor->fingerprint) { - cacheKey = makeFetchToStoreCacheKey(std::string{name}, *path.accessor->fingerprint, method, path.path.abs()); + if (!filter && (fingerprint = path.accessor->getFingerprint(path.path))) { + cacheKey = makeFetchToStoreCacheKey(std::string{name}, *fingerprint, method, path.path.abs()); if (auto res = fetchers::getCache()->lookupStorePath(*cacheKey, store)) { debug("store path cache hit for '%s'", path); return res->storePath; } } else - debug("source path '%s' is uncacheable", path); + debug("source path '%s' is uncacheable (%d, %d)", path, filter, (bool) fingerprint); Activity act(*logger, lvlChatty, actUnknown, fmt(mode == FetchMode::DryRun ? "hashing '%s'" : "copying '%s' to the store", path)); diff --git a/src/libfetchers/fetchers.cc b/src/libfetchers/fetchers.cc index 5764f310d40..6d73daa1ae9 100644 --- a/src/libfetchers/fetchers.cc +++ b/src/libfetchers/fetchers.cc @@ -338,7 +338,8 @@ std::pair, Input> Input::getAccessorUnchecked(ref sto auto accessor = make_ref(makeStorePathAccessor(store, storePath)); - accessor->fingerprint = getFingerprint(store); + if (auto fingerprint = getFingerprint(store)) + accessor->setFingerprint(*fingerprint); // FIXME: ideally we would use the `showPath()` of the // "real" accessor for this fetcher type. @@ -352,8 +353,10 @@ std::pair, Input> Input::getAccessorUnchecked(ref sto auto [accessor, result] = scheme->getAccessor(store, *this); - assert(!accessor->fingerprint); - accessor->fingerprint = result.getFingerprint(store); + assert(!accessor->getFingerprint(CanonPath::root)); + + if (auto fingerprint = getFingerprint(store)) + accessor->setFingerprint(*fingerprint); return {accessor, std::move(result)}; } diff --git a/src/libfetchers/filtering-source-accessor.cc b/src/libfetchers/filtering-source-accessor.cc index 97f230c7ea4..12e4a688b70 100644 --- a/src/libfetchers/filtering-source-accessor.cc +++ b/src/libfetchers/filtering-source-accessor.cc @@ -14,6 +14,12 @@ std::string FilteringSourceAccessor::readFile(const CanonPath & path) return next->readFile(prefix / path); } +void FilteringSourceAccessor::readFile(const CanonPath & path, Sink & sink, std::function sizeCallback) +{ + checkAccess(path); + return next->readFile(prefix / path, sink, sizeCallback); +} + bool FilteringSourceAccessor::pathExists(const CanonPath & path) { return isAllowed(path) && next->pathExists(prefix / path); @@ -52,6 +58,16 @@ std::string FilteringSourceAccessor::showPath(const CanonPath & path) return displayPrefix + next->showPath(prefix / path) + displaySuffix; } +std::optional FilteringSourceAccessor::getFingerprint(const CanonPath & path) +{ + return next->getFingerprint(prefix / path); +} + +void FilteringSourceAccessor::setFingerprint(std::string fingerprint) +{ + next->setFingerprint(std::move(fingerprint)); +} + void FilteringSourceAccessor::checkAccess(const CanonPath & path) { if (!isAllowed(path)) diff --git a/src/libfetchers/include/nix/fetchers/filtering-source-accessor.hh b/src/libfetchers/include/nix/fetchers/filtering-source-accessor.hh index 1a90fe9ef10..391cd371b49 100644 --- a/src/libfetchers/include/nix/fetchers/filtering-source-accessor.hh +++ b/src/libfetchers/include/nix/fetchers/filtering-source-accessor.hh @@ -36,6 +36,8 @@ struct FilteringSourceAccessor : SourceAccessor std::string readFile(const CanonPath & path) override; + void readFile(const CanonPath & path, Sink & sink, std::function sizeCallback) override; + bool pathExists(const CanonPath & path) override; Stat lstat(const CanonPath & path) override; @@ -48,6 +50,10 @@ struct FilteringSourceAccessor : SourceAccessor std::string showPath(const CanonPath & path) override; + std::optional getFingerprint(const CanonPath & path) override; + + void setFingerprint(std::string fingerprint) override; + /** * Call `makeNotAllowedError` to throw a `RestrictedPathError` * exception if `isAllowed()` returns `false` for `path`. diff --git a/src/libutil/include/nix/util/forwarding-source-accessor.hh b/src/libutil/include/nix/util/forwarding-source-accessor.hh index bdba2addcb0..cfa5ff9b8ce 100644 --- a/src/libutil/include/nix/util/forwarding-source-accessor.hh +++ b/src/libutil/include/nix/util/forwarding-source-accessor.hh @@ -52,6 +52,16 @@ struct ForwardingSourceAccessor : SourceAccessor { return next->getPhysicalPath(path); } + + std::optional getFingerprint(const CanonPath & path) override + { + return next->getFingerprint(path); + } + + void setFingerprint(std::string fingerprint) override + { + next->setFingerprint(std::move(fingerprint)); + } }; } diff --git a/src/libutil/include/nix/util/source-accessor.hh b/src/libutil/include/nix/util/source-accessor.hh index f5ec0464644..560e1fda015 100644 --- a/src/libutil/include/nix/util/source-accessor.hh +++ b/src/libutil/include/nix/util/source-accessor.hh @@ -177,10 +177,27 @@ struct SourceAccessor : std::enable_shared_from_this SymlinkResolution mode = SymlinkResolution::Full); /** - * A string that uniquely represents the contents of this - * accessor. This is used for caching lookups (see `fetchToStore()`). + * Return a string that uniquely represents the contents of this + * accessor. This is used for caching lookups (see + * `fetchToStore()`). + * + * Fingerprints are generally for the entire accessor, but this + * method takes a `path` argument to support accessors like + * `MountedSourceAccessor` that combine multiple underlying + * accessors. A fingerprint should only be returned if it uniquely + * represents everything under `path`. */ - std::optional fingerprint; + virtual std::optional getFingerprint(const CanonPath & path) + { + return _fingerprint; + } + + virtual void setFingerprint(std::string fingerprint) + { + _fingerprint = std::move(fingerprint); + } + + std::optional _fingerprint; /** * Return the maximum last-modified time of the files in this diff --git a/src/libutil/mounted-source-accessor.cc b/src/libutil/mounted-source-accessor.cc index 28e799e4c92..9292291c165 100644 --- a/src/libutil/mounted-source-accessor.cc +++ b/src/libutil/mounted-source-accessor.cc @@ -90,6 +90,15 @@ struct MountedSourceAccessorImpl : MountedSourceAccessor else return nullptr; } + + std::optional getFingerprint(const CanonPath & path) override + { + auto [accessor, subpath] = resolve(path); + // FIXME: check that there are no mounts underneath the mount + // point of `accessor`, since that would invalidate the + // fingerprint. (However we don't have such at the moment.) + return accessor->getFingerprint(subpath); + } }; ref makeMountedSourceAccessor(std::map> mounts) From cbb635159cfa55401fdc311e31e32efb57b79782 Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Fri, 6 Jun 2025 17:28:17 -0400 Subject: [PATCH 647/815] Fixup checks around the error message 'will not fetch unlocked input' --- tests/functional/fetchGit.sh | 4 ++-- tests/nixos/github-flakes.nix | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/functional/fetchGit.sh b/tests/functional/fetchGit.sh index 5e5e8e61fb6..219c4f0da0f 100755 --- a/tests/functional/fetchGit.sh +++ b/tests/functional/fetchGit.sh @@ -81,7 +81,7 @@ path2=$(nix eval --raw --expr "(builtins.fetchGit { url = file://$repo; rev = \" [[ $(nix eval --raw --expr "builtins.readFile (fetchGit { url = file://$repo; rev = \"$rev2\"; } + \"/hello\")") = world ]] # But without a hash, it fails. -expectStderr 1 nix eval --expr 'builtins.fetchGit "file:///foo"' | grepQuiet "'fetchGit' will not fetch unlocked input" +expectStderr 1 nix eval --expr 'builtins.fetchGit "file:///foo"' | grepQuiet "'fetchGit' doesn't fetch unlocked input" # Fetch again. This should be cached. mv $repo ${repo}-tmp @@ -226,7 +226,7 @@ path6=$(nix eval --impure --raw --expr "(builtins.fetchTree { type = \"git\"; ur [[ $path3 = $path6 ]] [[ $(nix eval --impure --expr "(builtins.fetchTree { type = \"git\"; url = \"file://$TEST_ROOT/shallow\"; ref = \"dev\"; shallow = true; }).revCount or 123") == 123 ]] -expectStderr 1 nix eval --expr 'builtins.fetchTree { type = "git"; url = "file:///foo"; }' | grepQuiet "'fetchTree' will not fetch unlocked input" +expectStderr 1 nix eval --expr 'builtins.fetchTree { type = "git"; url = "file:///foo"; }' | grepQuiet "'fetchTree' doesn't fetch unlocked input" # Explicit ref = "HEAD" should work, and produce the same outPath as without ref path7=$(nix eval --impure --raw --expr "(builtins.fetchGit { url = \"file://$repo\"; ref = \"HEAD\"; }).outPath") diff --git a/tests/nixos/github-flakes.nix b/tests/nixos/github-flakes.nix index ac1fb93a76a..b93e35074cd 100644 --- a/tests/nixos/github-flakes.nix +++ b/tests/nixos/github-flakes.nix @@ -230,7 +230,7 @@ in # Fetching without a narHash should succeed if trust-github is set and fail otherwise. client.succeed(f"nix eval --raw --expr 'builtins.fetchTree github:github:fancy-enterprise/private-flake/{info['revision']}'") out = client.fail(f"nix eval --no-trust-tarballs-from-git-forges --raw --expr 'builtins.fetchTree github:github:fancy-enterprise/private-flake/{info['revision']}' 2>&1") - assert "will not fetch unlocked input" in out, "--no-trust-tarballs-from-git-forges did not fail with the expected error" + assert "doesn't fetch unlocked input" in out, "--no-trust-tarballs-from-git-forges did not fail with the expected error" # Shut down the web server. The flake should be cached on the client. github.succeed("systemctl stop httpd.service") From 62029df300e9cbf75b1eb3ecdc3baf35eb82d0cf Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Fri, 6 Jun 2025 17:29:11 -0400 Subject: [PATCH 648/815] Fixup checks around the error message 'Will not write lock file of flake' --- tests/functional/flakes/unlocked-override.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/functional/flakes/unlocked-override.sh b/tests/functional/flakes/unlocked-override.sh index bd73929dcf7..ed4d131b7ad 100755 --- a/tests/functional/flakes/unlocked-override.sh +++ b/tests/functional/flakes/unlocked-override.sh @@ -33,7 +33,7 @@ echo 456 > "$flake1Dir"/x.nix # Dirty overrides require --allow-dirty-locks. expectStderr 1 nix flake lock "$flake2Dir" --override-input flake1 "$TEST_ROOT/flake1" | - grepQuiet "Will not write lock file.*because it has an unlocked input" + grepQuiet "Not writing lock file.*because it has an unlocked input" nix flake lock "$flake2Dir" --override-input flake1 "$TEST_ROOT/flake1" --allow-dirty-locks _NIX_TEST_FAIL_ON_LARGE_PATH=1 nix flake lock "$flake2Dir" --override-input flake1 "$TEST_ROOT/flake1" --allow-dirty-locks --warn-large-path-threshold 1 --lazy-trees From c81596180ab97de478a6b226a0005ca869b8529a Mon Sep 17 00:00:00 2001 From: Luc Perkins Date: Tue, 10 Jun 2025 18:38:58 -0700 Subject: [PATCH 649/815] Make Nixpkgs hash match current hash --- flake.lock | 12 ++++++------ flake.nix | 2 +- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/flake.lock b/flake.lock index bf35f616c3d..0b4c2ad5e94 100644 --- a/flake.lock +++ b/flake.lock @@ -58,16 +58,16 @@ }, "nixpkgs": { "locked": { - "lastModified": 1748929857, - "narHash": "sha256-lcZQ8RhsmhsK8u7LIFsJhsLh/pzR9yZ8yqpTzyGdj+Q=", - "rev": "c2a03962b8e24e669fb37b7df10e7c79531ff1a4", - "revCount": 810143, + "lastModified": 1749285348, + "narHash": "sha256-frdhQvPbmDYaScPFiCnfdh3B/Vh81Uuoo0w5TkWmmjU=", + "rev": "3e3afe5174c561dee0df6f2c2b2236990146329f", + "revCount": 811950, "type": "tarball", - "url": "https://api.flakehub.com/f/pinned/NixOS/nixpkgs/0.1.810143%2Brev-c2a03962b8e24e669fb37b7df10e7c79531ff1a4/01973914-8b42-7168-9ee2-4d6ea6946695/source.tar.gz" + "url": "https://api.flakehub.com/f/pinned/NixOS/nixpkgs/0.1.811950%2Brev-3e3afe5174c561dee0df6f2c2b2236990146329f/01975008-746d-7ca5-8c32-00c92d5cbcdb/source.tar.gz" }, "original": { "type": "tarball", - "url": "https://flakehub.com/f/NixOS/nixpkgs/0.1" + "url": "https://flakehub.com/f/NixOS/nixpkgs/0.1.799423" } }, "nixpkgs-23-11": { diff --git a/flake.nix b/flake.nix index 52232facd5e..0cda283d49a 100644 --- a/flake.nix +++ b/flake.nix @@ -1,7 +1,7 @@ { description = "The purely functional package manager"; - inputs.nixpkgs.url = "https://flakehub.com/f/NixOS/nixpkgs/0.1"; + inputs.nixpkgs.url = "https://flakehub.com/f/NixOS/nixpkgs/0.1.799423"; inputs.nixpkgs-regression.url = "github:NixOS/nixpkgs/215d4d0fd80ca5163643b03a33fde804a29cc1e2"; inputs.nixpkgs-23-11.url = "github:NixOS/nixpkgs/a62e6edd6d5e1fa0329b8653c801147986f8d446"; From 054cab01e125c606f56258f043ebf72d027bc04f Mon Sep 17 00:00:00 2001 From: Luc Perkins Date: Tue, 10 Jun 2025 18:42:40 -0700 Subject: [PATCH 650/815] Provide strict version constraint for Nixpkgs --- flake.lock | 12 ++++++------ flake.nix | 2 +- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/flake.lock b/flake.lock index 0b4c2ad5e94..a9639166b05 100644 --- a/flake.lock +++ b/flake.lock @@ -58,16 +58,16 @@ }, "nixpkgs": { "locked": { - "lastModified": 1749285348, - "narHash": "sha256-frdhQvPbmDYaScPFiCnfdh3B/Vh81Uuoo0w5TkWmmjU=", - "rev": "3e3afe5174c561dee0df6f2c2b2236990146329f", - "revCount": 811950, + "lastModified": 1747179050, + "narHash": "sha256-qhFMmDkeJX9KJwr5H32f1r7Prs7XbQWtO0h3V0a0rFY=", + "rev": "adaa24fbf46737f3f1b5497bf64bae750f82942e", + "revCount": 799423, "type": "tarball", - "url": "https://api.flakehub.com/f/pinned/NixOS/nixpkgs/0.1.811950%2Brev-3e3afe5174c561dee0df6f2c2b2236990146329f/01975008-746d-7ca5-8c32-00c92d5cbcdb/source.tar.gz" + "url": "https://api.flakehub.com/f/pinned/NixOS/nixpkgs/0.1.799423%2Brev-adaa24fbf46737f3f1b5497bf64bae750f82942e/0196d1c3-1974-7bf1-bcf6-06620ac40c8c/source.tar.gz" }, "original": { "type": "tarball", - "url": "https://flakehub.com/f/NixOS/nixpkgs/0.1.799423" + "url": "https://flakehub.com/f/NixOS/nixpkgs/%3D0.1.799423" } }, "nixpkgs-23-11": { diff --git a/flake.nix b/flake.nix index 0cda283d49a..b5fa93e58c8 100644 --- a/flake.nix +++ b/flake.nix @@ -1,7 +1,7 @@ { description = "The purely functional package manager"; - inputs.nixpkgs.url = "https://flakehub.com/f/NixOS/nixpkgs/0.1.799423"; + inputs.nixpkgs.url = "https://flakehub.com/f/NixOS/nixpkgs/=0.1.799423"; inputs.nixpkgs-regression.url = "github:NixOS/nixpkgs/215d4d0fd80ca5163643b03a33fde804a29cc1e2"; inputs.nixpkgs-23-11.url = "github:NixOS/nixpkgs/a62e6edd6d5e1fa0329b8653c801147986f8d446"; From 7f6efe93e434501bd7743dd9b2358a7de557914e Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 11 Jun 2025 13:06:14 +0200 Subject: [PATCH 651/815] Don't register extra primops twice This was the result of a bad merge. --- src/libexpr/primops.cc | 6 ------ 1 file changed, 6 deletions(-) diff --git a/src/libexpr/primops.cc b/src/libexpr/primops.cc index bd4168a448c..6b5c338068d 100644 --- a/src/libexpr/primops.cc +++ b/src/libexpr/primops.cc @@ -5028,12 +5028,6 @@ void EvalState::createBaseEnv(const EvalSettings & evalSettings) addPrimOp(std::move(primOpAdjusted)); } - for (auto & primOp : evalSettings.extraPrimOps) { - auto primOpAdjusted = primOp; - primOpAdjusted.arity = std::max(primOp.args.size(), primOp.arity); - addPrimOp(std::move(primOpAdjusted)); - } - /* Add a wrapper around the derivation primop that computes the `drvPath' and `outPath' attributes lazily. From c6f87378dbd0f69fdee334c053c9f9c768e20074 Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Wed, 11 Jun 2025 10:02:27 -0400 Subject: [PATCH 652/815] Update src/libmain/plugin.cc Co-authored-by: Eelco Dolstra --- src/libmain/plugin.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libmain/plugin.cc b/src/libmain/plugin.cc index 5edfd11bb06..f5eddabdd6c 100644 --- a/src/libmain/plugin.cc +++ b/src/libmain/plugin.cc @@ -60,7 +60,7 @@ struct PluginSettings : Config itself, they must be DSOs compatible with the instance of Nix running at the time (i.e. compiled against the same headers, not linked to any incompatible libraries). They should not be linked to - any Nix libs directly, as those are already already at load + any Nix libraries directly, as those are already at load time. If an entry in the list is a directory, all files in the directory From 2f5a545997034c531f136e794d0f55eaa0269c07 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 11 Jun 2025 16:13:40 +0200 Subject: [PATCH 653/815] fetchToStore(): Improve caching in dry-run mode In dry-run mode, we don't need to require a valid path. --- src/libfetchers/cache.cc | 7 ++++--- src/libfetchers/fetch-to-store.cc | 2 +- src/libfetchers/include/nix/fetchers/cache.hh | 5 +++-- 3 files changed, 8 insertions(+), 6 deletions(-) diff --git a/src/libfetchers/cache.cc b/src/libfetchers/cache.cc index d369d213f51..9e339134ba3 100644 --- a/src/libfetchers/cache.cc +++ b/src/libfetchers/cache.cc @@ -122,7 +122,8 @@ struct CacheImpl : Cache std::optional lookupStorePath( Key key, - Store & store) override + Store & store, + bool allowInvalid) override { key.second.insert_or_assign("store", store.storeDir); @@ -135,7 +136,7 @@ struct CacheImpl : Cache ResultWithStorePath res2(*res, StorePath(storePathS)); store.addTempRoot(res2.storePath); - if (!store.isValidPath(res2.storePath)) { + if (!allowInvalid && !store.isValidPath(res2.storePath)) { // FIXME: we could try to substitute 'storePath'. debug("ignoring disappeared cache entry '%s:%s' -> '%s'", key.first, @@ -157,7 +158,7 @@ struct CacheImpl : Cache Key key, Store & store) override { - auto res = lookupStorePath(std::move(key), store); + auto res = lookupStorePath(std::move(key), store, false); return res && !res->expired ? res : std::nullopt; } }; diff --git a/src/libfetchers/fetch-to-store.cc b/src/libfetchers/fetch-to-store.cc index d00c2edfbdc..9a861a11d4f 100644 --- a/src/libfetchers/fetch-to-store.cc +++ b/src/libfetchers/fetch-to-store.cc @@ -35,7 +35,7 @@ StorePath fetchToStore( if (!filter && (fingerprint = path.accessor->getFingerprint(path.path))) { cacheKey = makeFetchToStoreCacheKey(std::string{name}, *fingerprint, method, path.path.abs()); - if (auto res = fetchers::getCache()->lookupStorePath(*cacheKey, store)) { + if (auto res = fetchers::getCache()->lookupStorePath(*cacheKey, store, mode == FetchMode::DryRun)) { debug("store path cache hit for '%s'", path); return res->storePath; } diff --git a/src/libfetchers/include/nix/fetchers/cache.hh b/src/libfetchers/include/nix/fetchers/cache.hh index 5b9319d774b..4be6b2095b6 100644 --- a/src/libfetchers/include/nix/fetchers/cache.hh +++ b/src/libfetchers/include/nix/fetchers/cache.hh @@ -76,11 +76,12 @@ struct Cache /** * Look up a store path in the cache. The returned store path will - * be valid, but it may be expired. + * be valid (unless `allowInvalid` is true), but it may be expired. */ virtual std::optional lookupStorePath( Key key, - Store & store) = 0; + Store & store, + bool allowInvalid = false) = 0; /** * Look up a store path in the cache. Return nothing if its TTL From de793b73248223a5dbb37a9f54c77f5a925d8722 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Sat, 24 May 2025 01:28:30 +0200 Subject: [PATCH 654/815] Make the S3 test more robust Waiting for the minio unit is apparently not reliable enough, so let's also wait for the port. --- tests/nixos/s3-binary-cache-store.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/nixos/s3-binary-cache-store.nix b/tests/nixos/s3-binary-cache-store.nix index 136193c113b..1f79e8cf969 100644 --- a/tests/nixos/s3-binary-cache-store.nix +++ b/tests/nixos/s3-binary-cache-store.nix @@ -66,6 +66,7 @@ in # Create a binary cache. server.wait_for_unit("minio") server.wait_for_unit("network-addresses-eth1.service") + server.wait_for_open_port(9000) server.succeed("mc config host add minio http://localhost:9000 ${accessKey} ${secretKey} --api s3v4") server.succeed("mc mb minio/my-cache") From 7bafc99f200064b4efec56cc6112c23feff59f40 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 11 Jun 2025 16:34:36 +0200 Subject: [PATCH 655/815] Run nixpkgsLibTests in lazy trees mode --- packaging/hydra.nix | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/packaging/hydra.nix b/packaging/hydra.nix index 664ee18caef..6df8782393d 100644 --- a/packaging/hydra.nix +++ b/packaging/hydra.nix @@ -187,6 +187,19 @@ in pkgs = nixpkgsFor.${system}.native; } ); + + nixpkgsLibTestsLazy = forAllSystems ( + system: + lib.overrideDerivation + (import (nixpkgs + "/lib/tests/test-with-nix.nix") { + lib = nixpkgsFor.${system}.native.lib; + nix = self.packages.${system}.nix-cli; + pkgs = nixpkgsFor.${system}.native; + }) + (_: { + "NIX_CONFIG" = "lazy-trees = true"; + }) + ); }; metrics.nixpkgs = import "${nixpkgs-regression}/pkgs/top-level/metrics.nix" { From df7a2a1bed5af129f6f192bf30cdfdd022c62f1c Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 11 Jun 2025 17:14:33 +0200 Subject: [PATCH 656/815] nix-instantiate --eval --json: Devirtualize the output --- src/nix-instantiate/nix-instantiate.cc | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/nix-instantiate/nix-instantiate.cc b/src/nix-instantiate/nix-instantiate.cc index 89a8505bb79..6f386a5d8d1 100644 --- a/src/nix-instantiate/nix-instantiate.cc +++ b/src/nix-instantiate/nix-instantiate.cc @@ -17,6 +17,7 @@ #include #include +#include using namespace nix; @@ -61,8 +62,8 @@ void processExpr(EvalState & state, const Strings & attrPaths, else if (output == okXML) printValueAsXML(state, strict, location, vRes, std::cout, context, noPos); else if (output == okJSON) { - printValueAsJSON(state, strict, vRes, v.determinePos(noPos), std::cout, context); - std::cout << std::endl; + auto j = printValueAsJSON(state, strict, vRes, v.determinePos(noPos), context); + std::cout << state.devirtualize(j.dump(), context) << std::endl; } else { if (strict) state.forceValueDeep(vRes); std::set seen; From 31e58dcb92b944a54a834d9b85a573a78b19acc5 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 11 Jun 2025 17:18:42 +0200 Subject: [PATCH 657/815] nix-instantiate --eval --xml: Devirtualize the output --- src/nix-instantiate/nix-instantiate.cc | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/src/nix-instantiate/nix-instantiate.cc b/src/nix-instantiate/nix-instantiate.cc index 6f386a5d8d1..f327454ec91 100644 --- a/src/nix-instantiate/nix-instantiate.cc +++ b/src/nix-instantiate/nix-instantiate.cc @@ -59,12 +59,16 @@ void processExpr(EvalState & state, const Strings & attrPaths, context); // We intentionally don't output a newline here. The default PS1 for Bash in NixOS starts with a newline // and other interactive shells like Zsh are smart enough to print a missing newline before the prompt. - else if (output == okXML) - printValueAsXML(state, strict, location, vRes, std::cout, context, noPos); + else if (output == okXML) { + std::ostringstream s; + printValueAsXML(state, strict, location, vRes, s, context, noPos); + std::cout << state.devirtualize(s.str(), context); + } else if (output == okJSON) { auto j = printValueAsJSON(state, strict, vRes, v.determinePos(noPos), context); std::cout << state.devirtualize(j.dump(), context) << std::endl; - } else { + } + else { if (strict) state.forceValueDeep(vRes); std::set seen; printAmbiguous(state, vRes, std::cout, &seen, std::numeric_limits::max()); From 42c50aafade209dc87a3083fbdd8426142515463 Mon Sep 17 00:00:00 2001 From: Luc Perkins Date: Wed, 11 Jun 2025 08:55:46 -0700 Subject: [PATCH 658/815] Fix broken link in configuration description --- src/libstore/include/nix/store/globals.hh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libstore/include/nix/store/globals.hh b/src/libstore/include/nix/store/globals.hh index ee7e9e6235f..3f564740c19 100644 --- a/src/libstore/include/nix/store/globals.hh +++ b/src/libstore/include/nix/store/globals.hh @@ -365,7 +365,7 @@ public: To build only on remote machines and disable local builds, set [`max-jobs`](#conf-max-jobs) to 0. - If you want the remote machines to use substituters, set [`builders-use-substitutes`](#conf-builders-use-substituters) to `true`. + If you want the remote machines to use substituters, set [`builders-use-substitutes`](#conf-builders-use-substitutes) to `true`. )", {}, false}; From 87fb81a6249532c3ef1a3293a45c14e9df1ff209 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 11 Jun 2025 19:14:31 +0200 Subject: [PATCH 659/815] Make the repl test more robust Seen in https://github.com/DeterminateSystems/nix-src/actions/runs/15590867877/job/43909540271: nix-functional-tests> grep: repl_output: No such file or directory nix-functional-tests> +(repl.sh:174) cat repl_output This is because there is a small possibility that the `nix repl` child process hasn't created `repl_output` yet. So make sure it exists. --- tests/functional/repl.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tests/functional/repl.sh b/tests/functional/repl.sh index af59a612ccf..15846bb7f04 100755 --- a/tests/functional/repl.sh +++ b/tests/functional/repl.sh @@ -163,7 +163,8 @@ foo + baz # - Re-eval it # - Check that the result has changed mkfifo repl_fifo -nix repl ./flake < repl_fifo > repl_output 2>&1 & +touch repl_output +nix repl ./flake < repl_fifo >> repl_output 2>&1 & repl_pid=$! exec 3>repl_fifo # Open fifo for writing echo "changingThing" >&3 From 7051591b13046731dd9a5f24e36c2e1026483556 Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Wed, 11 Jun 2025 15:01:04 -0400 Subject: [PATCH 660/815] Go back to x86 native macOS builds It seems that rosetta is sometimes faster, and sometimes WAY slower. --- .github/workflows/ci.yml | 2 +- .github/workflows/upload-release.yml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 60b6b10d2fa..2fcbf9360ad 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -40,7 +40,7 @@ jobs: uses: ./.github/workflows/build.yml with: if: ${{ github.event_name == 'merge_group' }} - os: namespace-profile-mac-m2-12c28g + os: macos-latest-large system: x86_64-darwin build_aarch64-darwin: diff --git a/.github/workflows/upload-release.yml b/.github/workflows/upload-release.yml index e8c5344ce12..9e173c34fa3 100644 --- a/.github/workflows/upload-release.yml +++ b/.github/workflows/upload-release.yml @@ -42,14 +42,14 @@ jobs: build-x86_64-darwin: uses: ./.github/workflows/build.yml with: - os: macos-13 + os: macos-latest-large system: x86_64-darwin run_tests: false build-aarch64-darwin: uses: ./.github/workflows/build.yml with: - os: macos-latest + os: macos-latest-xlarge system: aarch64-darwin run_tests: false From db3cecdbe04b34b7fd12d11e4b9014d323288a1c Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Thu, 12 Jun 2025 14:02:05 +0000 Subject: [PATCH 661/815] Prepare release v3.6.3 From c36fc11bc6655d448d35f2ae0019521b684b2d71 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Thu, 12 Jun 2025 14:02:08 +0000 Subject: [PATCH 662/815] Set .version-determinate to 3.6.3 --- .version-determinate | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.version-determinate b/.version-determinate index b72762837ea..4a788a01dad 100644 --- a/.version-determinate +++ b/.version-determinate @@ -1 +1 @@ -3.6.2 +3.6.3 From f4a3894ec92c3f4a82d2aecd288a65f4666ec011 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Thu, 12 Jun 2025 14:02:13 +0000 Subject: [PATCH 663/815] Generare release notes for 3.6.3 --- doc/manual/source/SUMMARY.md.in | 1 + .../release-notes-determinate/changes.md | 33 +++++++++++++++++-- .../release-notes-determinate/rl-3.6.3.md | 22 +++++++++++++ 3 files changed, 54 insertions(+), 2 deletions(-) create mode 100644 doc/manual/source/release-notes-determinate/rl-3.6.3.md diff --git a/doc/manual/source/SUMMARY.md.in b/doc/manual/source/SUMMARY.md.in index 8efc016122d..3bc62b9c122 100644 --- a/doc/manual/source/SUMMARY.md.in +++ b/doc/manual/source/SUMMARY.md.in @@ -129,6 +129,7 @@ - [Contributing](development/contributing.md) - [Determinate Nix Release Notes](release-notes-determinate/index.md) - [Changes between Nix and Determinate Nix](release-notes-determinate/changes.md) + - [Release 3.6.3 (2025-06-12)](release-notes-determinate/rl-3.6.3.md) - [Release 3.6.2 (2025-06-02)](release-notes-determinate/rl-3.6.2.md) - [Release 3.6.1 (2025-05-24)](release-notes-determinate/rl-3.6.1.md) - [Release 3.6.0 (2025-05-22)](release-notes-determinate/rl-3.6.0.md) diff --git a/doc/manual/source/release-notes-determinate/changes.md b/doc/manual/source/release-notes-determinate/changes.md index f4ea707473a..2aed260697b 100644 --- a/doc/manual/source/release-notes-determinate/changes.md +++ b/doc/manual/source/release-notes-determinate/changes.md @@ -1,6 +1,6 @@ # Changes between Nix and Determinate Nix -This section lists the differences between upstream Nix 2.29 and Determinate Nix 3.6.2. +This section lists the differences between upstream Nix 2.29 and Determinate Nix 3.6.3. * In Determinate Nix, flakes are stable. You no longer need to enable the `flakes` experimental feature. @@ -44,4 +44,33 @@ This section lists the differences between upstream Nix 2.29 and Determinate Nix * nix profile: Replace ε and ∅ with descriptive English words by @grahamc in [DeterminateSystems/nix-src#81](https://github.com/DeterminateSystems/nix-src/pull/81) -* Call out that `--keep-failed` with remote builders will keep the failed build directory on that builder by @cole-h in [DeterminateSystems/nix-src#85](https://github.com/DeterminateSystems/nix-src/pull/85) \ No newline at end of file +* Call out that `--keep-failed` with remote builders will keep the failed build directory on that builder by @cole-h in [DeterminateSystems/nix-src#85](https://github.com/DeterminateSystems/nix-src/pull/85) + + +* When remote building with --keep-failed, only show "you can rerun" message if the derivation's platform is supported on this machine by @cole-h in [DeterminateSystems/nix-src#87](https://github.com/DeterminateSystems/nix-src/pull/87) + +* Indicate that sandbox-paths specifies a missing file in the corresponding error message. by @cole-h in [DeterminateSystems/nix-src#88](https://github.com/DeterminateSystems/nix-src/pull/88) + +* Use 'published' release type to avoid double uploads by @gustavderdrache in [DeterminateSystems/nix-src#90](https://github.com/DeterminateSystems/nix-src/pull/90) + +* Render lazy tree paths in messages withouth the/nix/store/hash... prefix in substituted source trees by @edolstra in [DeterminateSystems/nix-src#91](https://github.com/DeterminateSystems/nix-src/pull/91) + +* Use FlakeHub inputs by @lucperkins in [DeterminateSystems/nix-src#89](https://github.com/DeterminateSystems/nix-src/pull/89) + +* Proactively cache more flake inputs and fetches by @edolstra in [DeterminateSystems/nix-src#93](https://github.com/DeterminateSystems/nix-src/pull/93) + +* Fix: register extra builtins just once by @edolstra in [DeterminateSystems/nix-src#97](https://github.com/DeterminateSystems/nix-src/pull/97) + +* Fix: Make the S3 test more robust by @gustavderdrache in [DeterminateSystems/nix-src#101](https://github.com/DeterminateSystems/nix-src/pull/101) + +* Fix the link to `builders-use-substitutes` documentation for `builders` by @lucperkins in [DeterminateSystems/nix-src#102](https://github.com/DeterminateSystems/nix-src/pull/102) + +* Improve error messages that use the hypothetical future tense of "will" by @lucperkins in [DeterminateSystems/nix-src#92](https://github.com/DeterminateSystems/nix-src/pull/92) + +* Make the `nix repl` test more stable by @edolstra in [DeterminateSystems/nix-src#103](https://github.com/DeterminateSystems/nix-src/pull/103) + +* Run nixpkgsLibTests against lazy trees by @edolstra in [DeterminateSystems/nix-src#100](https://github.com/DeterminateSystems/nix-src/pull/100) + +* Go back to x86 native macOS builds by @grahamc in [DeterminateSystems/nix-src#104](https://github.com/DeterminateSystems/nix-src/pull/104) + +* Improve caching of inputs in dry-run mode by @edolstra in [DeterminateSystems/nix-src#98](https://github.com/DeterminateSystems/nix-src/pull/98) \ No newline at end of file diff --git a/doc/manual/source/release-notes-determinate/rl-3.6.3.md b/doc/manual/source/release-notes-determinate/rl-3.6.3.md new file mode 100644 index 00000000000..7f0068e6a86 --- /dev/null +++ b/doc/manual/source/release-notes-determinate/rl-3.6.3.md @@ -0,0 +1,22 @@ +# Release 3.6.3 (2025-06-12) + +* Based on [upstream Nix 2.29.0](../release-notes/rl-2.29.md). + +## What's Changed +* When remote building with --keep-failed, only show "you can rerun" message if the derivation's platform is supported on this machine by @cole-h in [DeterminateSystems/nix-src#87](https://github.com/DeterminateSystems/nix-src/pull/87) +* Indicate that sandbox-paths specifies a missing file in the corresponding error message. by @cole-h in [DeterminateSystems/nix-src#88](https://github.com/DeterminateSystems/nix-src/pull/88) +* Use 'published' release type to avoid double uploads by @gustavderdrache in [DeterminateSystems/nix-src#90](https://github.com/DeterminateSystems/nix-src/pull/90) +* Render lazy tree paths in messages withouth the/nix/store/hash... prefix in substituted source trees by @edolstra in [DeterminateSystems/nix-src#91](https://github.com/DeterminateSystems/nix-src/pull/91) +* Use FlakeHub inputs by @lucperkins in [DeterminateSystems/nix-src#89](https://github.com/DeterminateSystems/nix-src/pull/89) +* Proactively cache more flake inputs and fetches by @edolstra in [DeterminateSystems/nix-src#93](https://github.com/DeterminateSystems/nix-src/pull/93) +* Fix: register extra builtins just once by @edolstra in [DeterminateSystems/nix-src#97](https://github.com/DeterminateSystems/nix-src/pull/97) +* Fix: Make the S3 test more robust by @gustavderdrache in [DeterminateSystems/nix-src#101](https://github.com/DeterminateSystems/nix-src/pull/101) +* Fix the link to `builders-use-substitutes` documentation for `builders` by @lucperkins in [DeterminateSystems/nix-src#102](https://github.com/DeterminateSystems/nix-src/pull/102) +* Improve error messages that use the hypothetical future tense of "will" by @lucperkins in [DeterminateSystems/nix-src#92](https://github.com/DeterminateSystems/nix-src/pull/92) +* Make the `nix repl` test more stable by @edolstra in [DeterminateSystems/nix-src#103](https://github.com/DeterminateSystems/nix-src/pull/103) +* Run nixpkgsLibTests against lazy trees by @edolstra in [DeterminateSystems/nix-src#100](https://github.com/DeterminateSystems/nix-src/pull/100) +* Go back to x86 native macOS builds by @grahamc in [DeterminateSystems/nix-src#104](https://github.com/DeterminateSystems/nix-src/pull/104) +* Improve caching of inputs in dry-run mode by @edolstra in [DeterminateSystems/nix-src#98](https://github.com/DeterminateSystems/nix-src/pull/98) + + +**Full Changelog**: [v3.6.2...v3.6.3](https://github.com/DeterminateSystems/nix-src/compare/v3.6.2...v3.6.3) From 92d90e2aebd75648afaf379750969dd882d59a62 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 11 Jun 2025 22:23:28 +0200 Subject: [PATCH 664/815] Run the Nix test suite with lazy trees enabled --- flake.nix | 6 ++++++ tests/functional/common/init.sh | 1 + tests/functional/package.nix | 5 +++++ 3 files changed, 12 insertions(+) diff --git a/flake.nix b/flake.nix index b5fa93e58c8..451068f5dda 100644 --- a/flake.nix +++ b/flake.nix @@ -220,6 +220,12 @@ ''; repl-completion = nixpkgsFor.${system}.native.callPackage ./tests/repl-completion.nix { }; + lazyTrees = + nixpkgsFor.${system}.native.nixComponents2.nix-functional-tests.override { + pname = "nix-lazy-trees-tests"; + lazyTrees = true; + }; + /** Checks for our packaging expressions. This shouldn't build anything significant; just check that things diff --git a/tests/functional/common/init.sh b/tests/functional/common/init.sh index 6e9bffec56d..7f28a09d753 100755 --- a/tests/functional/common/init.sh +++ b/tests/functional/common/init.sh @@ -54,6 +54,7 @@ flake-registry = $TEST_ROOT/registry.json show-trace = true include nix.conf.extra trusted-users = $(whoami) +${_NIX_TEST_EXTRA_CONFIG:-} EOF cat > "$NIX_CONF_DIR"/nix.conf.extra < Date: Wed, 11 Jun 2025 22:30:57 +0200 Subject: [PATCH 665/815] Fix flakes test with lazy trees enabled --- tests/functional/flakes/flakes.sh | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/tests/functional/flakes/flakes.sh b/tests/functional/flakes/flakes.sh index 0a52ba08c4a..e335fe6f3a2 100755 --- a/tests/functional/flakes/flakes.sh +++ b/tests/functional/flakes/flakes.sh @@ -69,7 +69,9 @@ nix flake metadata "$flake1Dir" | grepQuiet 'URL:.*flake1.*' # Test 'nix flake metadata --json'. json=$(nix flake metadata flake1 --json | jq .) [[ $(echo "$json" | jq -r .description) = 'Bla bla' ]] -[[ -d $(echo "$json" | jq -r .path) ]] +if [[ $(nix config show lazy-trees) = false ]]; then + [[ -d $(echo "$json" | jq -r .path) ]] +fi [[ $(echo "$json" | jq -r .lastModified) = $(git -C "$flake1Dir" log -n1 --format=%ct) ]] hash1=$(echo "$json" | jq -r .revision) [[ -n $(echo "$json" | jq -r .fingerprint) ]] @@ -161,7 +163,11 @@ expect 1 nix build -o "$TEST_ROOT/result" "$flake2Dir#bar" --no-update-lock-file nix build -o "$TEST_ROOT/result" "$flake2Dir#bar" --commit-lock-file [[ -e "$flake2Dir/flake.lock" ]] [[ -z $(git -C "$flake2Dir" diff main || echo failed) ]] -[[ $(jq --indent 0 . < "$flake2Dir/flake.lock") =~ ^'{"nodes":{"flake1":{"locked":{"lastModified":'.*',"narHash":"sha256-'.*'","ref":"refs/heads/master","rev":"'.*'","revCount":2,"type":"git","url":"file:///'.*'"},"original":{"id":"flake1","type":"indirect"}},"root":{"inputs":{"flake1":"flake1"}}},"root":"root","version":7}'$ ]] +if [[ $(nix config show lazy-trees) = false ]]; then + [[ $(jq --indent 0 . < "$flake2Dir/flake.lock") =~ ^'{"nodes":{"flake1":{"locked":{"lastModified":'.*',"narHash":"sha256-'.*'","ref":"refs/heads/master","rev":"'.*'","revCount":2,"type":"git","url":"file:///'.*'"},"original":{"id":"flake1","type":"indirect"}},"root":{"inputs":{"flake1":"flake1"}}},"root":"root","version":7}'$ ]] +else + [[ $(jq --indent 0 . < "$flake2Dir/flake.lock") =~ ^'{"nodes":{"flake1":{"locked":{"lastModified":'.*',"ref":"refs/heads/master","rev":"'.*'","revCount":2,"type":"git","url":"file:///'.*'"},"original":{"id":"flake1","type":"indirect"}},"root":{"inputs":{"flake1":"flake1"}}},"root":"root","version":7}'$ ]] +fi # Rerunning the build should not change the lockfile. nix build -o "$TEST_ROOT/result" "$flake2Dir#bar" From b067e6566f97c3b01f7321a19c317e6909a5380c Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 12 Jun 2025 15:54:34 +0200 Subject: [PATCH 666/815] Git fetcher: Do not consider a null revision (i.e. workdir) to be locked --- src/libfetchers/git.cc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/libfetchers/git.cc b/src/libfetchers/git.cc index 7730e0db42d..2825b72ab09 100644 --- a/src/libfetchers/git.cc +++ b/src/libfetchers/git.cc @@ -882,7 +882,8 @@ struct GitInputScheme : InputScheme bool isLocked(const Input & input) const override { - return (bool) input.getRev(); + auto rev = input.getRev(); + return rev && rev != nullRev; } }; From fca291afc358e4f1c9565dd236db1d0cc87fef24 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 12 Jun 2025 16:00:29 +0200 Subject: [PATCH 667/815] Fix NAR hash checking for fetchGit with lazy tees If a NAR hash is specified, we should probably check it. Unfortunately, for now this has the side effect of forcing NAR hash checking of any input that has a NAR hash. --- src/libexpr/paths.cc | 35 +++++++++++++++++++---------------- 1 file changed, 19 insertions(+), 16 deletions(-) diff --git a/src/libexpr/paths.cc b/src/libexpr/paths.cc index 40c0a23b637..d85f00470ba 100644 --- a/src/libexpr/paths.cc +++ b/src/libexpr/paths.cc @@ -77,25 +77,28 @@ StorePath EvalState::mountInput( allowPath(storePath); // FIXME: should just whitelist the entire virtual store + std::optional _narHash; + + auto getNarHash = [&]() + { + if (!_narHash) + // FIXME: use fetchToStore to make it cache this + _narHash = accessor->hashPath(CanonPath::root); + return _narHash; + }; + storeFS->mount(CanonPath(store->printStorePath(storePath)), accessor); - if (requireLockable && (!settings.lazyTrees || !input.isLocked()) && !input.getNarHash()) { - // FIXME: use fetchToStore to make it cache this - auto narHash = accessor->hashPath(CanonPath::root); - input.attrs.insert_or_assign("narHash", narHash.to_string(HashFormat::SRI, true)); - } + if (requireLockable && (!settings.lazyTrees || !input.isLocked()) && !input.getNarHash()) + input.attrs.insert_or_assign("narHash", getNarHash()->to_string(HashFormat::SRI, true)); - // FIXME: what to do with the NAR hash in lazy mode? - if (!settings.lazyTrees && originalInput.getNarHash()) { - auto expected = originalInput.computeStorePath(*store); - if (storePath != expected) - throw Error( - (unsigned int) 102, - "NAR hash mismatch in input '%s', expected '%s' but got '%s'", - originalInput.to_string(), - store->printStorePath(storePath), - store->printStorePath(expected)); - } + if (originalInput.getNarHash() && *getNarHash() != *originalInput.getNarHash()) + throw Error( + (unsigned int) 102, + "NAR hash mismatch in input '%s', expected '%s' but got '%s'", + originalInput.to_string(), + getNarHash()->to_string(HashFormat::SRI, true), + originalInput.getNarHash()->to_string(HashFormat::SRI, true)); return storePath; } From f6b612135d2593d5a31e5bfd33347591c1f95eb1 Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Thu, 12 Jun 2025 10:08:42 -0400 Subject: [PATCH 668/815] Update doc/manual/source/release-notes-determinate/changes.md --- doc/manual/source/release-notes-determinate/changes.md | 6 ------ 1 file changed, 6 deletions(-) diff --git a/doc/manual/source/release-notes-determinate/changes.md b/doc/manual/source/release-notes-determinate/changes.md index 2aed260697b..a5b9383e3e2 100644 --- a/doc/manual/source/release-notes-determinate/changes.md +++ b/doc/manual/source/release-notes-determinate/changes.md @@ -67,10 +67,4 @@ This section lists the differences between upstream Nix 2.29 and Determinate Nix * Improve error messages that use the hypothetical future tense of "will" by @lucperkins in [DeterminateSystems/nix-src#92](https://github.com/DeterminateSystems/nix-src/pull/92) -* Make the `nix repl` test more stable by @edolstra in [DeterminateSystems/nix-src#103](https://github.com/DeterminateSystems/nix-src/pull/103) - -* Run nixpkgsLibTests against lazy trees by @edolstra in [DeterminateSystems/nix-src#100](https://github.com/DeterminateSystems/nix-src/pull/100) - -* Go back to x86 native macOS builds by @grahamc in [DeterminateSystems/nix-src#104](https://github.com/DeterminateSystems/nix-src/pull/104) - * Improve caching of inputs in dry-run mode by @edolstra in [DeterminateSystems/nix-src#98](https://github.com/DeterminateSystems/nix-src/pull/98) \ No newline at end of file From 4921297695527b82570612721eb8734804243431 Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Thu, 12 Jun 2025 10:08:59 -0400 Subject: [PATCH 669/815] Update doc/manual/source/release-notes-determinate/rl-3.6.3.md --- doc/manual/source/release-notes-determinate/rl-3.6.3.md | 1 - 1 file changed, 1 deletion(-) diff --git a/doc/manual/source/release-notes-determinate/rl-3.6.3.md b/doc/manual/source/release-notes-determinate/rl-3.6.3.md index 7f0068e6a86..07d7ccaa563 100644 --- a/doc/manual/source/release-notes-determinate/rl-3.6.3.md +++ b/doc/manual/source/release-notes-determinate/rl-3.6.3.md @@ -5,7 +5,6 @@ ## What's Changed * When remote building with --keep-failed, only show "you can rerun" message if the derivation's platform is supported on this machine by @cole-h in [DeterminateSystems/nix-src#87](https://github.com/DeterminateSystems/nix-src/pull/87) * Indicate that sandbox-paths specifies a missing file in the corresponding error message. by @cole-h in [DeterminateSystems/nix-src#88](https://github.com/DeterminateSystems/nix-src/pull/88) -* Use 'published' release type to avoid double uploads by @gustavderdrache in [DeterminateSystems/nix-src#90](https://github.com/DeterminateSystems/nix-src/pull/90) * Render lazy tree paths in messages withouth the/nix/store/hash... prefix in substituted source trees by @edolstra in [DeterminateSystems/nix-src#91](https://github.com/DeterminateSystems/nix-src/pull/91) * Use FlakeHub inputs by @lucperkins in [DeterminateSystems/nix-src#89](https://github.com/DeterminateSystems/nix-src/pull/89) * Proactively cache more flake inputs and fetches by @edolstra in [DeterminateSystems/nix-src#93](https://github.com/DeterminateSystems/nix-src/pull/93) From 829d3f85438d7ba1b6e48151a87ea1f7ec2e2295 Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Thu, 12 Jun 2025 10:09:10 -0400 Subject: [PATCH 670/815] Apply suggestions from code review --- doc/manual/source/release-notes-determinate/rl-3.6.3.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/doc/manual/source/release-notes-determinate/rl-3.6.3.md b/doc/manual/source/release-notes-determinate/rl-3.6.3.md index 07d7ccaa563..b24037b7441 100644 --- a/doc/manual/source/release-notes-determinate/rl-3.6.3.md +++ b/doc/manual/source/release-notes-determinate/rl-3.6.3.md @@ -9,12 +9,10 @@ * Use FlakeHub inputs by @lucperkins in [DeterminateSystems/nix-src#89](https://github.com/DeterminateSystems/nix-src/pull/89) * Proactively cache more flake inputs and fetches by @edolstra in [DeterminateSystems/nix-src#93](https://github.com/DeterminateSystems/nix-src/pull/93) * Fix: register extra builtins just once by @edolstra in [DeterminateSystems/nix-src#97](https://github.com/DeterminateSystems/nix-src/pull/97) -* Fix: Make the S3 test more robust by @gustavderdrache in [DeterminateSystems/nix-src#101](https://github.com/DeterminateSystems/nix-src/pull/101) * Fix the link to `builders-use-substitutes` documentation for `builders` by @lucperkins in [DeterminateSystems/nix-src#102](https://github.com/DeterminateSystems/nix-src/pull/102) * Improve error messages that use the hypothetical future tense of "will" by @lucperkins in [DeterminateSystems/nix-src#92](https://github.com/DeterminateSystems/nix-src/pull/92) * Make the `nix repl` test more stable by @edolstra in [DeterminateSystems/nix-src#103](https://github.com/DeterminateSystems/nix-src/pull/103) * Run nixpkgsLibTests against lazy trees by @edolstra in [DeterminateSystems/nix-src#100](https://github.com/DeterminateSystems/nix-src/pull/100) -* Go back to x86 native macOS builds by @grahamc in [DeterminateSystems/nix-src#104](https://github.com/DeterminateSystems/nix-src/pull/104) * Improve caching of inputs in dry-run mode by @edolstra in [DeterminateSystems/nix-src#98](https://github.com/DeterminateSystems/nix-src/pull/98) From 6477d7c2ca3ff84f9d1b502d4d62bddfe3b77b0f Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 12 Jun 2025 16:11:54 +0200 Subject: [PATCH 671/815] mountInput(): Optimize getting the NAR hash for real store paths --- src/libexpr/paths.cc | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/src/libexpr/paths.cc b/src/libexpr/paths.cc index d85f00470ba..bdf817e3b84 100644 --- a/src/libexpr/paths.cc +++ b/src/libexpr/paths.cc @@ -81,9 +81,13 @@ StorePath EvalState::mountInput( auto getNarHash = [&]() { - if (!_narHash) - // FIXME: use fetchToStore to make it cache this - _narHash = accessor->hashPath(CanonPath::root); + if (!_narHash) { + if (store->isValidPath(storePath)) + _narHash = store->queryPathInfo(storePath)->narHash; + else + // FIXME: use fetchToStore to make it cache this + _narHash = accessor->hashPath(CanonPath::root); + } return _narHash; }; From 279a6b18dba633a63afd69c8917833845db0c204 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 12 Jun 2025 16:13:28 +0200 Subject: [PATCH 672/815] Formatting --- flake.nix | 9 ++++----- src/libexpr/paths.cc | 3 +-- tests/functional/package.nix | 2 +- 3 files changed, 6 insertions(+), 8 deletions(-) diff --git a/flake.nix b/flake.nix index 451068f5dda..0207134cd7c 100644 --- a/flake.nix +++ b/flake.nix @@ -220,11 +220,10 @@ ''; repl-completion = nixpkgsFor.${system}.native.callPackage ./tests/repl-completion.nix { }; - lazyTrees = - nixpkgsFor.${system}.native.nixComponents2.nix-functional-tests.override { - pname = "nix-lazy-trees-tests"; - lazyTrees = true; - }; + lazyTrees = nixpkgsFor.${system}.native.nixComponents2.nix-functional-tests.override { + pname = "nix-lazy-trees-tests"; + lazyTrees = true; + }; /** Checks for our packaging expressions. diff --git a/src/libexpr/paths.cc b/src/libexpr/paths.cc index bdf817e3b84..65b8212e150 100644 --- a/src/libexpr/paths.cc +++ b/src/libexpr/paths.cc @@ -79,8 +79,7 @@ StorePath EvalState::mountInput( std::optional _narHash; - auto getNarHash = [&]() - { + auto getNarHash = [&]() { if (!_narHash) { if (store->isValidPath(storePath)) _narHash = store->queryPathInfo(storePath)->narHash; diff --git a/tests/functional/package.nix b/tests/functional/package.nix index 3185cdf9a52..799026ebe62 100644 --- a/tests/functional/package.nix +++ b/tests/functional/package.nix @@ -28,7 +28,7 @@ test-daemon ? null, # Whether to run tests with lazy trees enabled. - lazyTrees ? false + lazyTrees ? false, }: let From e565571f694d4e2c87ecef0b41a01e5eae67e55e Mon Sep 17 00:00:00 2001 From: Luc Perkins Date: Thu, 12 Jun 2025 08:25:10 -0700 Subject: [PATCH 673/815] Re-supply inadvertently deleted word --- src/libmain/plugin.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libmain/plugin.cc b/src/libmain/plugin.cc index f5eddabdd6c..760a096ad21 100644 --- a/src/libmain/plugin.cc +++ b/src/libmain/plugin.cc @@ -60,7 +60,7 @@ struct PluginSettings : Config itself, they must be DSOs compatible with the instance of Nix running at the time (i.e. compiled against the same headers, not linked to any incompatible libraries). They should not be linked to - any Nix libraries directly, as those are already at load + any Nix libraries directly, as those are already available at load time. If an entry in the list is a directory, all files in the directory From b8e8214d5f706dec6189b4d31385ab5a5873a8cc Mon Sep 17 00:00:00 2001 From: Luc Perkins Date: Thu, 12 Jun 2025 08:28:01 -0700 Subject: [PATCH 674/815] Fix one more 'will' --- src/libstore/include/nix/store/filetransfer.hh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libstore/include/nix/store/filetransfer.hh b/src/libstore/include/nix/store/filetransfer.hh index 259af7640d9..745aeb29ee3 100644 --- a/src/libstore/include/nix/store/filetransfer.hh +++ b/src/libstore/include/nix/store/filetransfer.hh @@ -46,7 +46,7 @@ struct FileTransferSettings : Config )"}; Setting tries{this, 5, "download-attempts", - "The number of times Nix will attempt to download a file before giving up."}; + "The number of times Nix attempts to download a file before giving up."}; Setting downloadBufferSize{this, 64 * 1024 * 1024, "download-buffer-size", R"( From 642d1bdfb2ba55a475784c801733117acbcc2c02 Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Thu, 12 Jun 2025 13:23:39 -0400 Subject: [PATCH 675/815] Update doc/manual/source/release-notes-determinate/rl-3.6.3.md --- doc/manual/source/release-notes-determinate/rl-3.6.3.md | 1 + 1 file changed, 1 insertion(+) diff --git a/doc/manual/source/release-notes-determinate/rl-3.6.3.md b/doc/manual/source/release-notes-determinate/rl-3.6.3.md index b24037b7441..1989a8c8e6c 100644 --- a/doc/manual/source/release-notes-determinate/rl-3.6.3.md +++ b/doc/manual/source/release-notes-determinate/rl-3.6.3.md @@ -13,6 +13,7 @@ * Improve error messages that use the hypothetical future tense of "will" by @lucperkins in [DeterminateSystems/nix-src#92](https://github.com/DeterminateSystems/nix-src/pull/92) * Make the `nix repl` test more stable by @edolstra in [DeterminateSystems/nix-src#103](https://github.com/DeterminateSystems/nix-src/pull/103) * Run nixpkgsLibTests against lazy trees by @edolstra in [DeterminateSystems/nix-src#100](https://github.com/DeterminateSystems/nix-src/pull/100) +* Run the Nix test suite against lazy trees by @edolstra in [DeterminateSystems/nix-src#105](https://github.com/DeterminateSystems/nix-src/pull/105) * Improve caching of inputs in dry-run mode by @edolstra in [DeterminateSystems/nix-src#98](https://github.com/DeterminateSystems/nix-src/pull/98) From a572c9433330ea307a3b5c83db2357d6ca55f8e0 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 12 Jun 2025 20:19:19 +0200 Subject: [PATCH 676/815] Fix deep overrides An override like inputs.foo.inputs.bar.inputs.nixpkgs.follows = "nixpkgs"; implicitly set `inputs.foo.inputs.bar` to `flake:bar`, which led to an unexpected error like error: cannot find flake 'flake:bar' in the flake registries We now no longer create a parent override (like for `foo.bar` in the example above) if it doesn't set an explicit ref or follows attribute. We only recursively apply its child overrides. Fixes https://github.com/NixOS/nix/issues/8325, https://github.com/DeterminateSystems/nix-src/issues/95, https://github.com/NixOS/nix/issues/12083, https://github.com/NixOS/nix/issues/5790. --- src/libflake/flake.cc | 35 ++++++++++++++++++++--------------- 1 file changed, 20 insertions(+), 15 deletions(-) diff --git a/src/libflake/flake.cc b/src/libflake/flake.cc index 31328abde23..5570422a359 100644 --- a/src/libflake/flake.cc +++ b/src/libflake/flake.cc @@ -85,7 +85,6 @@ static void parseFlakeInputAttr( static FlakeInput parseFlakeInput( EvalState & state, - std::string_view inputName, Value * value, const PosIdx pos, const InputAttrPath & lockRootAttrPath, @@ -155,9 +154,6 @@ static FlakeInput parseFlakeInput( input.ref = parseFlakeRef(state.fetchSettings, *url, {}, true, input.isFlake, true); } - if (!input.follows && !input.ref) - input.ref = FlakeRef::fromAttrs(state.fetchSettings, {{"type", "indirect"}, {"id", std::string(inputName)}}); - return input; } @@ -185,7 +181,6 @@ static std::pair, fetchers::Attrs> parseFlakeInput } else { inputs.emplace(inputName, parseFlakeInput(state, - inputName, inputAttr.value, inputAttr.pos, lockRootAttrPath, @@ -467,18 +462,27 @@ LockedFlake lockFlake( /* Get the overrides (i.e. attributes of the form 'inputs.nixops.inputs.nixpkgs.url = ...'). */ - for (auto & [id, input] : flakeInputs) { + std::function addOverrides; + addOverrides = [&](const FlakeInput & input, const InputAttrPath & prefix) + { for (auto & [idOverride, inputOverride] : input.overrides) { - auto inputAttrPath(inputAttrPathPrefix); - inputAttrPath.push_back(id); + auto inputAttrPath(prefix); inputAttrPath.push_back(idOverride); - overrides.emplace(inputAttrPath, - OverrideTarget { - .input = inputOverride, - .sourcePath = sourcePath, - .parentInputAttrPath = inputAttrPathPrefix - }); + if (inputOverride.ref || inputOverride.follows) + overrides.emplace(inputAttrPath, + OverrideTarget { + .input = inputOverride, + .sourcePath = sourcePath, + .parentInputAttrPath = inputAttrPathPrefix + }); + addOverrides(inputOverride, inputAttrPath); } + }; + + for (auto & [id, input] : flakeInputs) { + auto inputAttrPath(inputAttrPathPrefix); + inputAttrPath.push_back(id); + addOverrides(input, inputAttrPath); } /* Check whether this input has overrides for a @@ -534,7 +538,8 @@ LockedFlake lockFlake( continue; } - assert(input.ref); + if (!input.ref) + input.ref = FlakeRef::fromAttrs(state.fetchSettings, {{"type", "indirect"}, {"id", std::string(id)}}); auto overridenParentPath = input.ref->input.isRelative() From 9a18a11d7d8bd4c0b606cd16452eba6819464a6d Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 12 Jun 2025 20:33:28 +0200 Subject: [PATCH 677/815] Add tests for deep overrides Taken from https://github.com/NixOS/nix/pull/6621. Co-authored-by: Sebastian Ullrich --- tests/functional/flakes/follow-paths.sh | 60 +++++++++++++++++++++++++ 1 file changed, 60 insertions(+) diff --git a/tests/functional/flakes/follow-paths.sh b/tests/functional/flakes/follow-paths.sh index 25f26137b27..9ee8e738ea9 100755 --- a/tests/functional/flakes/follow-paths.sh +++ b/tests/functional/flakes/follow-paths.sh @@ -359,3 +359,63 @@ rm "$flakeFollowsCustomUrlA"/flake.lock json=$(nix flake metadata "$flakeFollowsCustomUrlA" --override-input B/C "$flakeFollowsCustomUrlD" --json) echo "$json" | jq .locks.nodes.C.original [[ $(echo "$json" | jq -r .locks.nodes.C.original.path) = './flakeC' ]] + +# Test deep overrides, e.g. `inputs.B.inputs.C.inputs.D.follows = ...`. + +cat < $flakeFollowsD/flake.nix +{ outputs = _: {}; } +EOF +cat < $flakeFollowsC/flake.nix +{ + inputs.D.url = "path:nosuchflake"; + outputs = _: {}; +} +EOF +cat < $flakeFollowsB/flake.nix +{ + inputs.C.url = "path:$flakeFollowsC"; + outputs = _: {}; +} +EOF +cat < $flakeFollowsA/flake.nix +{ + inputs.B.url = "path:$flakeFollowsB"; + inputs.D.url = "path:$flakeFollowsD"; + inputs.B.inputs.C.inputs.D.follows = "D"; + outputs = _: {}; +} +EOF + +nix flake lock $flakeFollowsA + +[[ $(jq -c .nodes.C.inputs.D $flakeFollowsA/flake.lock) = '["D"]' ]] + +# Test overlapping flake follows: B has D follow C/D, while A has B/C follow C + +cat < $flakeFollowsC/flake.nix +{ + inputs.D.url = "path:$flakeFollowsD"; + outputs = _: {}; +} +EOF +cat < $flakeFollowsB/flake.nix +{ + inputs.C.url = "path:nosuchflake"; + inputs.D.url = "path:nosuchflake"; + inputs.D.follows = "C/D"; + outputs = _: {}; +} +EOF +cat < $flakeFollowsA/flake.nix +{ + inputs.B.url = "path:$flakeFollowsB"; + inputs.C.url = "path:$flakeFollowsC"; + inputs.B.inputs.C.follows = "C"; + outputs = _: {}; +} +EOF + +# bug was not triggered without recreating the lockfile +nix flake lock $flakeFollowsA --recreate-lock-file + +[[ $(jq -c .nodes.B.inputs.D $flakeFollowsA/flake.lock) = '["B","C","D"]' ]] From 6999183956d360c1b91251f3628e7377f2751009 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 12 Jun 2025 20:38:51 +0200 Subject: [PATCH 678/815] Don't allow flake inputs to have both a flakeref and a follows Having both doesn't make sense so it's best to disallow it. If this causes issues we could turn into a warning. --- src/libflake/flake.cc | 3 +++ tests/functional/flakes/follow-paths.sh | 13 ++++++++++++- 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/src/libflake/flake.cc b/src/libflake/flake.cc index 5570422a359..d9f042953ed 100644 --- a/src/libflake/flake.cc +++ b/src/libflake/flake.cc @@ -154,6 +154,9 @@ static FlakeInput parseFlakeInput( input.ref = parseFlakeRef(state.fetchSettings, *url, {}, true, input.isFlake, true); } + if (input.ref && input.follows) + throw Error("flake input has both a flake reference and a follows attribute, at %s", state.positions[pos]); + return input; } diff --git a/tests/functional/flakes/follow-paths.sh b/tests/functional/flakes/follow-paths.sh index 9ee8e738ea9..952aed0405e 100755 --- a/tests/functional/flakes/follow-paths.sh +++ b/tests/functional/flakes/follow-paths.sh @@ -401,7 +401,6 @@ EOF cat < $flakeFollowsB/flake.nix { inputs.C.url = "path:nosuchflake"; - inputs.D.url = "path:nosuchflake"; inputs.D.follows = "C/D"; outputs = _: {}; } @@ -419,3 +418,15 @@ EOF nix flake lock $flakeFollowsA --recreate-lock-file [[ $(jq -c .nodes.B.inputs.D $flakeFollowsA/flake.lock) = '["B","C","D"]' ]] + +# Check that you can't have both a flakeref and a follows attribute on an input. +cat < $flakeFollowsB/flake.nix +{ + inputs.C.url = "path:nosuchflake"; + inputs.D.url = "path:nosuchflake"; + inputs.D.follows = "C/D"; + outputs = _: {}; +} +EOF + +expectStderr 1 nix flake lock $flakeFollowsA --recreate-lock-file | grepQuiet "flake input has both a flake reference and a follows attribute" From 760e6e5f1e561c3b105a17aefcfba7efbf168d1c Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Thu, 12 Jun 2025 23:23:24 +0000 Subject: [PATCH 679/815] Prepare release v3.6.4 From 17de8fd29c4cd8f3673d159582be7efbdcf50b87 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Thu, 12 Jun 2025 23:23:27 +0000 Subject: [PATCH 680/815] Set .version-determinate to 3.6.4 --- .version-determinate | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.version-determinate b/.version-determinate index 4a788a01dad..0f44168a4d5 100644 --- a/.version-determinate +++ b/.version-determinate @@ -1 +1 @@ -3.6.3 +3.6.4 From ac5cbe7c888ab6f63f91a3a9f3fa22fb763d81c9 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Thu, 12 Jun 2025 23:23:32 +0000 Subject: [PATCH 681/815] Generare release notes for 3.6.4 --- doc/manual/source/SUMMARY.md.in | 1 + .../release-notes-determinate/changes.md | 39 ++++++++++++++++++- .../release-notes-determinate/rl-3.6.4.md | 25 ++++++++++++ 3 files changed, 63 insertions(+), 2 deletions(-) create mode 100644 doc/manual/source/release-notes-determinate/rl-3.6.4.md diff --git a/doc/manual/source/SUMMARY.md.in b/doc/manual/source/SUMMARY.md.in index 3bc62b9c122..efee2213da9 100644 --- a/doc/manual/source/SUMMARY.md.in +++ b/doc/manual/source/SUMMARY.md.in @@ -129,6 +129,7 @@ - [Contributing](development/contributing.md) - [Determinate Nix Release Notes](release-notes-determinate/index.md) - [Changes between Nix and Determinate Nix](release-notes-determinate/changes.md) + - [Release 3.6.4 (2025-06-12)](release-notes-determinate/rl-3.6.4.md) - [Release 3.6.3 (2025-06-12)](release-notes-determinate/rl-3.6.3.md) - [Release 3.6.2 (2025-06-02)](release-notes-determinate/rl-3.6.2.md) - [Release 3.6.1 (2025-05-24)](release-notes-determinate/rl-3.6.1.md) diff --git a/doc/manual/source/release-notes-determinate/changes.md b/doc/manual/source/release-notes-determinate/changes.md index a5b9383e3e2..9a08e163161 100644 --- a/doc/manual/source/release-notes-determinate/changes.md +++ b/doc/manual/source/release-notes-determinate/changes.md @@ -1,6 +1,6 @@ # Changes between Nix and Determinate Nix -This section lists the differences between upstream Nix 2.29 and Determinate Nix 3.6.3. +This section lists the differences between upstream Nix 2.29 and Determinate Nix 3.6.4. * In Determinate Nix, flakes are stable. You no longer need to enable the `flakes` experimental feature. @@ -67,4 +67,39 @@ This section lists the differences between upstream Nix 2.29 and Determinate Nix * Improve error messages that use the hypothetical future tense of "will" by @lucperkins in [DeterminateSystems/nix-src#92](https://github.com/DeterminateSystems/nix-src/pull/92) -* Improve caching of inputs in dry-run mode by @edolstra in [DeterminateSystems/nix-src#98](https://github.com/DeterminateSystems/nix-src/pull/98) \ No newline at end of file +* Improve caching of inputs in dry-run mode by @edolstra in [DeterminateSystems/nix-src#98](https://github.com/DeterminateSystems/nix-src/pull/98) + + +* When remote building with --keep-failed, only show "you can rerun" message if the derivation's platform is supported on this machine by @cole-h in [DeterminateSystems/nix-src#87](https://github.com/DeterminateSystems/nix-src/pull/87) + +* Indicate that sandbox-paths specifies a missing file in the corresponding error message. by @cole-h in [DeterminateSystems/nix-src#88](https://github.com/DeterminateSystems/nix-src/pull/88) + +* Use 'published' release type to avoid double uploads by @gustavderdrache in [DeterminateSystems/nix-src#90](https://github.com/DeterminateSystems/nix-src/pull/90) + +* Render lazy tree paths in messages withouth the/nix/store/hash... prefix in substituted source trees by @edolstra in [DeterminateSystems/nix-src#91](https://github.com/DeterminateSystems/nix-src/pull/91) + +* Use FlakeHub inputs by @lucperkins in [DeterminateSystems/nix-src#89](https://github.com/DeterminateSystems/nix-src/pull/89) + +* Proactively cache more flake inputs and fetches by @edolstra in [DeterminateSystems/nix-src#93](https://github.com/DeterminateSystems/nix-src/pull/93) + +* Fix: register extra builtins just once by @edolstra in [DeterminateSystems/nix-src#97](https://github.com/DeterminateSystems/nix-src/pull/97) + +* Fix: Make the S3 test more robust by @gustavderdrache in [DeterminateSystems/nix-src#101](https://github.com/DeterminateSystems/nix-src/pull/101) + +* Fix the link to `builders-use-substitutes` documentation for `builders` by @lucperkins in [DeterminateSystems/nix-src#102](https://github.com/DeterminateSystems/nix-src/pull/102) + +* Improve error messages that use the hypothetical future tense of "will" by @lucperkins in [DeterminateSystems/nix-src#92](https://github.com/DeterminateSystems/nix-src/pull/92) + +* Make the `nix repl` test more stable by @edolstra in [DeterminateSystems/nix-src#103](https://github.com/DeterminateSystems/nix-src/pull/103) + +* Run nixpkgsLibTests against lazy trees by @edolstra in [DeterminateSystems/nix-src#100](https://github.com/DeterminateSystems/nix-src/pull/100) + +* Go back to x86 native macOS builds by @grahamc in [DeterminateSystems/nix-src#104](https://github.com/DeterminateSystems/nix-src/pull/104) + +* Improve caching of inputs in dry-run mode by @edolstra in [DeterminateSystems/nix-src#98](https://github.com/DeterminateSystems/nix-src/pull/98) + +* Run the Nix test suite with lazy trees enabled by @edolstra in [DeterminateSystems/nix-src#105](https://github.com/DeterminateSystems/nix-src/pull/105) + +* Re-supply inadvertently deleted word by @lucperkins in [DeterminateSystems/nix-src#107](https://github.com/DeterminateSystems/nix-src/pull/107) + +* Release v3.6.3 by @github-actions in [DeterminateSystems/nix-src#106](https://github.com/DeterminateSystems/nix-src/pull/106) \ No newline at end of file diff --git a/doc/manual/source/release-notes-determinate/rl-3.6.4.md b/doc/manual/source/release-notes-determinate/rl-3.6.4.md new file mode 100644 index 00000000000..5cd4d28e446 --- /dev/null +++ b/doc/manual/source/release-notes-determinate/rl-3.6.4.md @@ -0,0 +1,25 @@ +# Release 3.6.4 (2025-06-12) + +* Based on [upstream Nix 2.29.0](../release-notes/rl-2.29.md). + +## What's Changed +* When remote building with --keep-failed, only show "you can rerun" message if the derivation's platform is supported on this machine by @cole-h in [DeterminateSystems/nix-src#87](https://github.com/DeterminateSystems/nix-src/pull/87) +* Indicate that sandbox-paths specifies a missing file in the corresponding error message. by @cole-h in [DeterminateSystems/nix-src#88](https://github.com/DeterminateSystems/nix-src/pull/88) +* Use 'published' release type to avoid double uploads by @gustavderdrache in [DeterminateSystems/nix-src#90](https://github.com/DeterminateSystems/nix-src/pull/90) +* Render lazy tree paths in messages withouth the/nix/store/hash... prefix in substituted source trees by @edolstra in [DeterminateSystems/nix-src#91](https://github.com/DeterminateSystems/nix-src/pull/91) +* Use FlakeHub inputs by @lucperkins in [DeterminateSystems/nix-src#89](https://github.com/DeterminateSystems/nix-src/pull/89) +* Proactively cache more flake inputs and fetches by @edolstra in [DeterminateSystems/nix-src#93](https://github.com/DeterminateSystems/nix-src/pull/93) +* Fix: register extra builtins just once by @edolstra in [DeterminateSystems/nix-src#97](https://github.com/DeterminateSystems/nix-src/pull/97) +* Fix: Make the S3 test more robust by @gustavderdrache in [DeterminateSystems/nix-src#101](https://github.com/DeterminateSystems/nix-src/pull/101) +* Fix the link to `builders-use-substitutes` documentation for `builders` by @lucperkins in [DeterminateSystems/nix-src#102](https://github.com/DeterminateSystems/nix-src/pull/102) +* Improve error messages that use the hypothetical future tense of "will" by @lucperkins in [DeterminateSystems/nix-src#92](https://github.com/DeterminateSystems/nix-src/pull/92) +* Make the `nix repl` test more stable by @edolstra in [DeterminateSystems/nix-src#103](https://github.com/DeterminateSystems/nix-src/pull/103) +* Run nixpkgsLibTests against lazy trees by @edolstra in [DeterminateSystems/nix-src#100](https://github.com/DeterminateSystems/nix-src/pull/100) +* Go back to x86 native macOS builds by @grahamc in [DeterminateSystems/nix-src#104](https://github.com/DeterminateSystems/nix-src/pull/104) +* Improve caching of inputs in dry-run mode by @edolstra in [DeterminateSystems/nix-src#98](https://github.com/DeterminateSystems/nix-src/pull/98) +* Run the Nix test suite with lazy trees enabled by @edolstra in [DeterminateSystems/nix-src#105](https://github.com/DeterminateSystems/nix-src/pull/105) +* Re-supply inadvertently deleted word by @lucperkins in [DeterminateSystems/nix-src#107](https://github.com/DeterminateSystems/nix-src/pull/107) +* Release v3.6.3 by @github-actions in [DeterminateSystems/nix-src#106](https://github.com/DeterminateSystems/nix-src/pull/106) + + +**Full Changelog**: [v3.6.2...v3.6.4](https://github.com/DeterminateSystems/nix-src/compare/v3.6.2...v3.6.4) From da67f596de63afc567bdeb14891ba68ab3b990ac Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Thu, 12 Jun 2025 19:51:56 -0400 Subject: [PATCH 682/815] Mark 3.6.3 as revoked, and use its notes for 3.6.4 --- doc/manual/source/SUMMARY.md.in | 2 +- .../release-notes-determinate/changes.md | 36 ++----------------- .../release-notes-determinate/rl-3.6.3.md | 20 ----------- .../release-notes-determinate/rl-3.6.4.md | 7 +--- 4 files changed, 4 insertions(+), 61 deletions(-) delete mode 100644 doc/manual/source/release-notes-determinate/rl-3.6.3.md diff --git a/doc/manual/source/SUMMARY.md.in b/doc/manual/source/SUMMARY.md.in index efee2213da9..24d6a9cd5fe 100644 --- a/doc/manual/source/SUMMARY.md.in +++ b/doc/manual/source/SUMMARY.md.in @@ -130,7 +130,7 @@ - [Determinate Nix Release Notes](release-notes-determinate/index.md) - [Changes between Nix and Determinate Nix](release-notes-determinate/changes.md) - [Release 3.6.4 (2025-06-12)](release-notes-determinate/rl-3.6.4.md) - - [Release 3.6.3 (2025-06-12)](release-notes-determinate/rl-3.6.3.md) + - ~~Release 3.6.3 (2025-06-12) (revoked)~~ - [Release 3.6.2 (2025-06-02)](release-notes-determinate/rl-3.6.2.md) - [Release 3.6.1 (2025-05-24)](release-notes-determinate/rl-3.6.1.md) - [Release 3.6.0 (2025-05-22)](release-notes-determinate/rl-3.6.0.md) diff --git a/doc/manual/source/release-notes-determinate/changes.md b/doc/manual/source/release-notes-determinate/changes.md index 9a08e163161..37ff16592fc 100644 --- a/doc/manual/source/release-notes-determinate/changes.md +++ b/doc/manual/source/release-notes-determinate/changes.md @@ -45,31 +45,11 @@ This section lists the differences between upstream Nix 2.29 and Determinate Nix * nix profile: Replace ε and ∅ with descriptive English words by @grahamc in [DeterminateSystems/nix-src#81](https://github.com/DeterminateSystems/nix-src/pull/81) * Call out that `--keep-failed` with remote builders will keep the failed build directory on that builder by @cole-h in [DeterminateSystems/nix-src#85](https://github.com/DeterminateSystems/nix-src/pull/85) - + -* When remote building with --keep-failed, only show "you can rerun" message if the derivation's platform is supported on this machine by @cole-h in [DeterminateSystems/nix-src#87](https://github.com/DeterminateSystems/nix-src/pull/87) - -* Indicate that sandbox-paths specifies a missing file in the corresponding error message. by @cole-h in [DeterminateSystems/nix-src#88](https://github.com/DeterminateSystems/nix-src/pull/88) - -* Use 'published' release type to avoid double uploads by @gustavderdrache in [DeterminateSystems/nix-src#90](https://github.com/DeterminateSystems/nix-src/pull/90) - -* Render lazy tree paths in messages withouth the/nix/store/hash... prefix in substituted source trees by @edolstra in [DeterminateSystems/nix-src#91](https://github.com/DeterminateSystems/nix-src/pull/91) - -* Use FlakeHub inputs by @lucperkins in [DeterminateSystems/nix-src#89](https://github.com/DeterminateSystems/nix-src/pull/89) - -* Proactively cache more flake inputs and fetches by @edolstra in [DeterminateSystems/nix-src#93](https://github.com/DeterminateSystems/nix-src/pull/93) - -* Fix: register extra builtins just once by @edolstra in [DeterminateSystems/nix-src#97](https://github.com/DeterminateSystems/nix-src/pull/97) - -* Fix: Make the S3 test more robust by @gustavderdrache in [DeterminateSystems/nix-src#101](https://github.com/DeterminateSystems/nix-src/pull/101) - -* Fix the link to `builders-use-substitutes` documentation for `builders` by @lucperkins in [DeterminateSystems/nix-src#102](https://github.com/DeterminateSystems/nix-src/pull/102) - -* Improve error messages that use the hypothetical future tense of "will" by @lucperkins in [DeterminateSystems/nix-src#92](https://github.com/DeterminateSystems/nix-src/pull/92) - -* Improve caching of inputs in dry-run mode by @edolstra in [DeterminateSystems/nix-src#98](https://github.com/DeterminateSystems/nix-src/pull/98) + * When remote building with --keep-failed, only show "you can rerun" message if the derivation's platform is supported on this machine by @cole-h in [DeterminateSystems/nix-src#87](https://github.com/DeterminateSystems/nix-src/pull/87) * Indicate that sandbox-paths specifies a missing file in the corresponding error message. by @cole-h in [DeterminateSystems/nix-src#88](https://github.com/DeterminateSystems/nix-src/pull/88) @@ -90,16 +70,4 @@ This section lists the differences between upstream Nix 2.29 and Determinate Nix * Improve error messages that use the hypothetical future tense of "will" by @lucperkins in [DeterminateSystems/nix-src#92](https://github.com/DeterminateSystems/nix-src/pull/92) -* Make the `nix repl` test more stable by @edolstra in [DeterminateSystems/nix-src#103](https://github.com/DeterminateSystems/nix-src/pull/103) - -* Run nixpkgsLibTests against lazy trees by @edolstra in [DeterminateSystems/nix-src#100](https://github.com/DeterminateSystems/nix-src/pull/100) - -* Go back to x86 native macOS builds by @grahamc in [DeterminateSystems/nix-src#104](https://github.com/DeterminateSystems/nix-src/pull/104) - * Improve caching of inputs in dry-run mode by @edolstra in [DeterminateSystems/nix-src#98](https://github.com/DeterminateSystems/nix-src/pull/98) - -* Run the Nix test suite with lazy trees enabled by @edolstra in [DeterminateSystems/nix-src#105](https://github.com/DeterminateSystems/nix-src/pull/105) - -* Re-supply inadvertently deleted word by @lucperkins in [DeterminateSystems/nix-src#107](https://github.com/DeterminateSystems/nix-src/pull/107) - -* Release v3.6.3 by @github-actions in [DeterminateSystems/nix-src#106](https://github.com/DeterminateSystems/nix-src/pull/106) \ No newline at end of file diff --git a/doc/manual/source/release-notes-determinate/rl-3.6.3.md b/doc/manual/source/release-notes-determinate/rl-3.6.3.md deleted file mode 100644 index 1989a8c8e6c..00000000000 --- a/doc/manual/source/release-notes-determinate/rl-3.6.3.md +++ /dev/null @@ -1,20 +0,0 @@ -# Release 3.6.3 (2025-06-12) - -* Based on [upstream Nix 2.29.0](../release-notes/rl-2.29.md). - -## What's Changed -* When remote building with --keep-failed, only show "you can rerun" message if the derivation's platform is supported on this machine by @cole-h in [DeterminateSystems/nix-src#87](https://github.com/DeterminateSystems/nix-src/pull/87) -* Indicate that sandbox-paths specifies a missing file in the corresponding error message. by @cole-h in [DeterminateSystems/nix-src#88](https://github.com/DeterminateSystems/nix-src/pull/88) -* Render lazy tree paths in messages withouth the/nix/store/hash... prefix in substituted source trees by @edolstra in [DeterminateSystems/nix-src#91](https://github.com/DeterminateSystems/nix-src/pull/91) -* Use FlakeHub inputs by @lucperkins in [DeterminateSystems/nix-src#89](https://github.com/DeterminateSystems/nix-src/pull/89) -* Proactively cache more flake inputs and fetches by @edolstra in [DeterminateSystems/nix-src#93](https://github.com/DeterminateSystems/nix-src/pull/93) -* Fix: register extra builtins just once by @edolstra in [DeterminateSystems/nix-src#97](https://github.com/DeterminateSystems/nix-src/pull/97) -* Fix the link to `builders-use-substitutes` documentation for `builders` by @lucperkins in [DeterminateSystems/nix-src#102](https://github.com/DeterminateSystems/nix-src/pull/102) -* Improve error messages that use the hypothetical future tense of "will" by @lucperkins in [DeterminateSystems/nix-src#92](https://github.com/DeterminateSystems/nix-src/pull/92) -* Make the `nix repl` test more stable by @edolstra in [DeterminateSystems/nix-src#103](https://github.com/DeterminateSystems/nix-src/pull/103) -* Run nixpkgsLibTests against lazy trees by @edolstra in [DeterminateSystems/nix-src#100](https://github.com/DeterminateSystems/nix-src/pull/100) -* Run the Nix test suite against lazy trees by @edolstra in [DeterminateSystems/nix-src#105](https://github.com/DeterminateSystems/nix-src/pull/105) -* Improve caching of inputs in dry-run mode by @edolstra in [DeterminateSystems/nix-src#98](https://github.com/DeterminateSystems/nix-src/pull/98) - - -**Full Changelog**: [v3.6.2...v3.6.3](https://github.com/DeterminateSystems/nix-src/compare/v3.6.2...v3.6.3) diff --git a/doc/manual/source/release-notes-determinate/rl-3.6.4.md b/doc/manual/source/release-notes-determinate/rl-3.6.4.md index 5cd4d28e446..64086bfba46 100644 --- a/doc/manual/source/release-notes-determinate/rl-3.6.4.md +++ b/doc/manual/source/release-notes-determinate/rl-3.6.4.md @@ -5,21 +5,16 @@ ## What's Changed * When remote building with --keep-failed, only show "you can rerun" message if the derivation's platform is supported on this machine by @cole-h in [DeterminateSystems/nix-src#87](https://github.com/DeterminateSystems/nix-src/pull/87) * Indicate that sandbox-paths specifies a missing file in the corresponding error message. by @cole-h in [DeterminateSystems/nix-src#88](https://github.com/DeterminateSystems/nix-src/pull/88) -* Use 'published' release type to avoid double uploads by @gustavderdrache in [DeterminateSystems/nix-src#90](https://github.com/DeterminateSystems/nix-src/pull/90) * Render lazy tree paths in messages withouth the/nix/store/hash... prefix in substituted source trees by @edolstra in [DeterminateSystems/nix-src#91](https://github.com/DeterminateSystems/nix-src/pull/91) * Use FlakeHub inputs by @lucperkins in [DeterminateSystems/nix-src#89](https://github.com/DeterminateSystems/nix-src/pull/89) * Proactively cache more flake inputs and fetches by @edolstra in [DeterminateSystems/nix-src#93](https://github.com/DeterminateSystems/nix-src/pull/93) * Fix: register extra builtins just once by @edolstra in [DeterminateSystems/nix-src#97](https://github.com/DeterminateSystems/nix-src/pull/97) -* Fix: Make the S3 test more robust by @gustavderdrache in [DeterminateSystems/nix-src#101](https://github.com/DeterminateSystems/nix-src/pull/101) * Fix the link to `builders-use-substitutes` documentation for `builders` by @lucperkins in [DeterminateSystems/nix-src#102](https://github.com/DeterminateSystems/nix-src/pull/102) * Improve error messages that use the hypothetical future tense of "will" by @lucperkins in [DeterminateSystems/nix-src#92](https://github.com/DeterminateSystems/nix-src/pull/92) * Make the `nix repl` test more stable by @edolstra in [DeterminateSystems/nix-src#103](https://github.com/DeterminateSystems/nix-src/pull/103) * Run nixpkgsLibTests against lazy trees by @edolstra in [DeterminateSystems/nix-src#100](https://github.com/DeterminateSystems/nix-src/pull/100) -* Go back to x86 native macOS builds by @grahamc in [DeterminateSystems/nix-src#104](https://github.com/DeterminateSystems/nix-src/pull/104) +* Run the Nix test suite against lazy trees by @edolstra in [DeterminateSystems/nix-src#105](https://github.com/DeterminateSystems/nix-src/pull/105) * Improve caching of inputs in dry-run mode by @edolstra in [DeterminateSystems/nix-src#98](https://github.com/DeterminateSystems/nix-src/pull/98) -* Run the Nix test suite with lazy trees enabled by @edolstra in [DeterminateSystems/nix-src#105](https://github.com/DeterminateSystems/nix-src/pull/105) -* Re-supply inadvertently deleted word by @lucperkins in [DeterminateSystems/nix-src#107](https://github.com/DeterminateSystems/nix-src/pull/107) -* Release v3.6.3 by @github-actions in [DeterminateSystems/nix-src#106](https://github.com/DeterminateSystems/nix-src/pull/106) **Full Changelog**: [v3.6.2...v3.6.4](https://github.com/DeterminateSystems/nix-src/compare/v3.6.2...v3.6.4) From 37ab15a9f399d482904cdd90994539c61de0b356 Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Fri, 13 Jun 2025 09:29:42 -0400 Subject: [PATCH 683/815] Drop the complainy 3.6.3 line --- doc/manual/source/SUMMARY.md.in | 1 - 1 file changed, 1 deletion(-) diff --git a/doc/manual/source/SUMMARY.md.in b/doc/manual/source/SUMMARY.md.in index 24d6a9cd5fe..781dba88c3b 100644 --- a/doc/manual/source/SUMMARY.md.in +++ b/doc/manual/source/SUMMARY.md.in @@ -130,7 +130,6 @@ - [Determinate Nix Release Notes](release-notes-determinate/index.md) - [Changes between Nix and Determinate Nix](release-notes-determinate/changes.md) - [Release 3.6.4 (2025-06-12)](release-notes-determinate/rl-3.6.4.md) - - ~~Release 3.6.3 (2025-06-12) (revoked)~~ - [Release 3.6.2 (2025-06-02)](release-notes-determinate/rl-3.6.2.md) - [Release 3.6.1 (2025-05-24)](release-notes-determinate/rl-3.6.1.md) - [Release 3.6.0 (2025-05-22)](release-notes-determinate/rl-3.6.0.md) From 802f58540618ced207c31822af8feb7f2e67853b Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 13 Jun 2025 16:56:13 +0200 Subject: [PATCH 684/815] Add lazy-locks setting This determines whether lock file entries omit a NAR hash. They're included by default to make lazy trees compatible with older clients. --- src/libexpr/include/nix/expr/eval-settings.hh | 13 +++++++++++++ src/libexpr/paths.cc | 2 +- tests/functional/flakes/flakes.sh | 9 +++++---- 3 files changed, 19 insertions(+), 5 deletions(-) diff --git a/src/libexpr/include/nix/expr/eval-settings.hh b/src/libexpr/include/nix/expr/eval-settings.hh index 782f5f9e1e5..cb472683796 100644 --- a/src/libexpr/include/nix/expr/eval-settings.hh +++ b/src/libexpr/include/nix/expr/eval-settings.hh @@ -262,6 +262,19 @@ struct EvalSettings : Config R"( If set to true, flakes and trees fetched by [`builtins.fetchTree`](@docroot@/language/builtins.md#builtins-fetchTree) are only copied to the Nix store when they're used as a dependency of a derivation. This avoids copying (potentially large) source trees unnecessarily. )"}; + + // FIXME: this setting should really be in libflake, but it's + // currently needed in mountInput(). + Setting lazyLocks{ + this, + false, + "lazy-locks", + R"( + If enabled, Nix will only include NAR hashes in lock file entries if they're necessary to lock the input (i.e. when there is no other attribute that allows the content to be verified, like a Git revision). + This is not backward compatible with older versions of Nix. + If disabled, lock file entries will always contain a NAR hash. + )" + }; }; /** diff --git a/src/libexpr/paths.cc b/src/libexpr/paths.cc index 65b8212e150..7bac317d929 100644 --- a/src/libexpr/paths.cc +++ b/src/libexpr/paths.cc @@ -92,7 +92,7 @@ StorePath EvalState::mountInput( storeFS->mount(CanonPath(store->printStorePath(storePath)), accessor); - if (requireLockable && (!settings.lazyTrees || !input.isLocked()) && !input.getNarHash()) + if (requireLockable && (!settings.lazyTrees || !settings.lazyLocks || !input.isLocked()) && !input.getNarHash()) input.attrs.insert_or_assign("narHash", getNarHash()->to_string(HashFormat::SRI, true)); if (originalInput.getNarHash() && *getNarHash() != *originalInput.getNarHash()) diff --git a/tests/functional/flakes/flakes.sh b/tests/functional/flakes/flakes.sh index e335fe6f3a2..261d65d6917 100755 --- a/tests/functional/flakes/flakes.sh +++ b/tests/functional/flakes/flakes.sh @@ -163,10 +163,11 @@ expect 1 nix build -o "$TEST_ROOT/result" "$flake2Dir#bar" --no-update-lock-file nix build -o "$TEST_ROOT/result" "$flake2Dir#bar" --commit-lock-file [[ -e "$flake2Dir/flake.lock" ]] [[ -z $(git -C "$flake2Dir" diff main || echo failed) ]] -if [[ $(nix config show lazy-trees) = false ]]; then - [[ $(jq --indent 0 . < "$flake2Dir/flake.lock") =~ ^'{"nodes":{"flake1":{"locked":{"lastModified":'.*',"narHash":"sha256-'.*'","ref":"refs/heads/master","rev":"'.*'","revCount":2,"type":"git","url":"file:///'.*'"},"original":{"id":"flake1","type":"indirect"}},"root":{"inputs":{"flake1":"flake1"}}},"root":"root","version":7}'$ ]] -else - [[ $(jq --indent 0 . < "$flake2Dir/flake.lock") =~ ^'{"nodes":{"flake1":{"locked":{"lastModified":'.*',"ref":"refs/heads/master","rev":"'.*'","revCount":2,"type":"git","url":"file:///'.*'"},"original":{"id":"flake1","type":"indirect"}},"root":{"inputs":{"flake1":"flake1"}}},"root":"root","version":7}'$ ]] +[[ $(jq --indent 0 . < "$flake2Dir/flake.lock") =~ ^'{"nodes":{"flake1":{"locked":{"lastModified":'[0-9]*',"narHash":"sha256-'.*'","ref":"refs/heads/master","rev":"'.*'","revCount":2,"type":"git","url":"file:///'.*'"},"original":{"id":"flake1","type":"indirect"}},"root":{"inputs":{"flake1":"flake1"}}},"root":"root","version":7}'$ ]] +if [[ $(nix config show lazy-trees) = true ]]; then + # Test that `lazy-locks` causes NAR hashes to be omitted from the lock file. + nix flake update --flake "$flake2Dir" --commit-lock-file --lazy-locks + [[ $(jq --indent 0 . < "$flake2Dir/flake.lock") =~ ^'{"nodes":{"flake1":{"locked":{"lastModified":'[0-9]*',"ref":"refs/heads/master","rev":"'.*'","revCount":2,"type":"git","url":"file:///'.*'"},"original":{"id":"flake1","type":"indirect"}},"root":{"inputs":{"flake1":"flake1"}}},"root":"root","version":7}'$ ]] fi # Rerunning the build should not change the lockfile. From ff5f65dac85217ed0218f98a7cc25dd597b97795 Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Fri, 13 Jun 2025 09:55:17 -0400 Subject: [PATCH 685/815] Move the actual vm tests / flake regressions into the generic build phase This lets these steps run in maximal parallelism. This also uses a success job to "combine" all the component jobs into a single signal. This also collapses the publish step into the ci job so we don't double-run --- .github/workflows/build.yml | 168 +++++++++++++++++++++++- .github/workflows/ci.yml | 189 +++++++++++---------------- .github/workflows/upload-release.yml | 113 ---------------- 3 files changed, 239 insertions(+), 231 deletions(-) delete mode 100644 .github/workflows/upload-release.yml diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 8baa6127fa4..97187473382 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -1,10 +1,13 @@ on: workflow_call: inputs: - os: + system: required: true type: string - system: + runner: + required: true + type: string + runner_small: required: true type: string if: @@ -15,13 +18,21 @@ on: required: false default: true type: boolean + run_vm_tests: + required: false + default: false + type: boolean + run_regression_tests: + required: false + default: false + type: boolean jobs: build: if: ${{ inputs.if }} strategy: fail-fast: false - runs-on: ${{ inputs.os }} + runs-on: ${{ inputs.runner }} timeout-minutes: 60 steps: - uses: actions/checkout@v4 @@ -33,15 +44,164 @@ jobs: with: name: ${{ inputs.system }} path: ./tarball/*.xz + test: if: ${{ inputs.if && inputs.run_tests}} needs: build strategy: fail-fast: false - runs-on: ${{ inputs.os }} + runs-on: ${{ inputs.runner }} timeout-minutes: 60 steps: - uses: actions/checkout@v4 - uses: DeterminateSystems/determinate-nix-action@main - uses: DeterminateSystems/flakehub-cache-action@main - run: nix flake check -L --system ${{ inputs.system }} + + vm_tests_smoke: + if: inputs.run_vm_tests && github.event_name != 'merge_group' + needs: build + runs-on: ${{ inputs.runner }} + steps: + - uses: actions/checkout@v4 + - uses: DeterminateSystems/determinate-nix-action@main + - uses: DeterminateSystems/flakehub-cache-action@main + - run: | + nix build -L \ + .#hydraJobs.tests.functional_user \ + .#hydraJobs.tests.githubFlakes \ + .#hydraJobs.tests.nix-docker \ + .#hydraJobs.tests.tarballFlakes \ + ; + + vm_tests_all: + if: inputs.run_vm_tests && github.event_name == 'merge_group' + needs: build + runs-on: ${{ inputs.runner }} + steps: + - uses: actions/checkout@v4 + - uses: DeterminateSystems/determinate-nix-action@main + - uses: DeterminateSystems/flakehub-cache-action@main + - run: | + nix build -L --keep-going \ + $(nix flake show --json \ + | jq -r ' + .hydraJobs.tests + | with_entries(select(.value.type == "derivation")) + | keys[] + | ".#hydraJobs.tests." + .') + + flake_regressions: + if: | + (inputs.run_regression_tests && github.event_name == 'merge_group') + || ( + github.event.pull_request.head.repo.full_name == 'DeterminateSystems/nix-src' + && ( + (github.event.action == 'labeled' && github.event.label.name == 'flake-regression-test') + || (github.event.action != 'labeled' && contains(github.event.pull_request.labels.*.name, 'flake-regression-test')) + ) + ) + needs: build + runs-on: ${{ inputs.runner }} + steps: + - name: Checkout nix + uses: actions/checkout@v4 + - name: Checkout flake-regressions + uses: actions/checkout@v4 + with: + repository: DeterminateSystems/flake-regressions + path: flake-regressions + - name: Checkout flake-regressions-data + uses: actions/checkout@v4 + with: + repository: DeterminateSystems/flake-regressions-data + path: flake-regressions/tests + - uses: DeterminateSystems/determinate-nix-action@main + - uses: DeterminateSystems/flakehub-cache-action@main + - run: nix build -L --out-link ./new-nix && PATH=$(pwd)/new-nix/bin:$PATH PARALLEL="-P 50%" flake-regressions/eval-all.sh + + flake_regressions_lazy: + if: | + (inputs.run_regression_tests && github.event_name == 'merge_group') + || ( + github.event.pull_request.head.repo.full_name == 'DeterminateSystems/nix-src' + && ( + (github.event.action == 'labeled' && github.event.label.name == 'flake-regression-test') + || (github.event.action != 'labeled' && contains(github.event.pull_request.labels.*.name, 'flake-regression-test')) + ) + ) + needs: build + runs-on: ${{ inputs.runner }} + steps: + - name: Checkout nix + uses: actions/checkout@v4 + - name: Checkout flake-regressions + uses: actions/checkout@v4 + with: + repository: DeterminateSystems/flake-regressions + path: flake-regressions + - name: Checkout flake-regressions-data + uses: actions/checkout@v4 + with: + repository: DeterminateSystems/flake-regressions-data + path: flake-regressions/tests + - uses: DeterminateSystems/determinate-nix-action@main + - uses: DeterminateSystems/flakehub-cache-action@main + - run: nix build -L --out-link ./new-nix && PATH=$(pwd)/new-nix/bin:$PATH PARALLEL="-P 50%" NIX_CONFIG="lazy-trees = true" flake-regressions/eval-all.sh + + manual: + if: github.event_name != 'merge_group' + needs: build + runs-on: ${{ inputs.runner_small }} + permissions: + id-token: "write" + contents: "read" + pull-requests: "write" + statuses: "write" + deployments: "write" + steps: + - name: Checkout nix + uses: actions/checkout@v4 + - uses: DeterminateSystems/determinate-nix-action@main + - uses: DeterminateSystems/flakehub-cache-action@main + - name: Build manual + run: nix build .#hydraJobs.manual + - uses: nwtgck/actions-netlify@v3.0 + with: + publish-dir: "./result/share/doc/nix/manual" + production-branch: detsys-main + github-token: ${{ secrets.GITHUB_TOKEN }} + deploy-message: "Deploy from GitHub Actions" + # NOTE(cole-h): We have a perpetual PR displaying our changes against upstream open, but + # its conversation is locked, so this PR comment can never be posted. + # https://github.com/DeterminateSystems/nix-src/pull/4 + enable-pull-request-comment: ${{ github.event.pull_request.number != 4 }} + enable-commit-comment: true + enable-commit-status: true + overwrites-pull-request-comment: true + env: + NETLIFY_AUTH_TOKEN: ${{ secrets.NETLIFY_AUTH_TOKEN }} + NETLIFY_SITE_ID: ${{ secrets.NETLIFY_SITE_ID }} + + success: + needs: + - build + - test + - vm_tests_smoke + - vm_tests_all + - flake_regressions + - flake_regressions_lazy + - manual + if: ${{ always() }} + runs-on: ubuntu-latest + steps: + - run: "true" + - run: | + echo "A dependent in the build matrix failed:" + echo "$needs" + exit 1 + env: + needs: ${{ toJSON(needs) }} + if: | + contains(needs.*.result, 'failure') || + contains(needs.*.result, 'cancelled') diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 2fcbf9360ad..7507d377e5f 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -4,14 +4,22 @@ on: pull_request: push: branches: + # NOTE: make sure any branches here are also valid directory names, + # otherwise creating the directory and uploading to s3 will fail - detsys-main - main - master merge_group: + release: + types: + - published permissions: id-token: "write" contents: "read" + pull-requests: "write" + statuses: "write" + deployments: "write" jobs: eval: @@ -26,150 +34,103 @@ jobs: build_x86_64-linux: uses: ./.github/workflows/build.yml with: - os: blacksmith-32vcpu-ubuntu-2204 system: x86_64-linux + runner: blacksmith-32vcpu-ubuntu-2204 + runner_small: ubuntu-latest + run_tests: true + run_vm_tests: true + run_regression_tests: true build_aarch64-linux: uses: ./.github/workflows/build.yml with: if: ${{ github.event_name == 'merge_group' }} - os: blacksmith-32vcpu-ubuntu-2204-arm system: aarch64-linux + runner: blacksmith-32vcpu-ubuntu-2204-arm + runner_small: blacksmith-32vcpu-ubuntu-2204-arm build_x86_64-darwin: uses: ./.github/workflows/build.yml with: if: ${{ github.event_name == 'merge_group' }} - os: macos-latest-large system: x86_64-darwin + runner: macos-latest-large + runner_small: macos-latest-large build_aarch64-darwin: uses: ./.github/workflows/build.yml with: - os: namespace-profile-mac-m2-12c28g system: aarch64-darwin + runner: namespace-profile-mac-m2-12c28g + runner_small: macos-latest-xlarge - vm_tests_smoke: - if: github.event_name != 'merge_group' - needs: build_x86_64-linux - runs-on: blacksmith-32vcpu-ubuntu-2204 + success: + runs-on: ubuntu-latest + needs: + - eval + - build_x86_64-linux + - build_aarch64-linux + - build_x86_64-darwin + - build_aarch64-darwin + if: ${{ always() }} steps: - - uses: actions/checkout@v4 - - uses: DeterminateSystems/determinate-nix-action@main - - uses: DeterminateSystems/flakehub-cache-action@main + - run: "true" - run: | - nix build -L \ - .#hydraJobs.tests.functional_user \ - .#hydraJobs.tests.githubFlakes \ - .#hydraJobs.tests.nix-docker \ - .#hydraJobs.tests.tarballFlakes \ - ; + echo "A dependent in the build matrix failed:" + echo "$needs" + exit 1 + env: + needs: ${{ toJSON(needs) }} + if: | + contains(needs.*.result, 'failure') || + contains(needs.*.result, 'cancelled') - vm_tests_all: - if: github.event_name == 'merge_group' - needs: build_x86_64-linux - runs-on: blacksmith-32vcpu-ubuntu-2204 - steps: - uses: actions/checkout@v4 - uses: DeterminateSystems/determinate-nix-action@main - - uses: DeterminateSystems/flakehub-cache-action@main - - run: | - nix build -L --keep-going \ - $(nix flake show --json \ - | jq -r ' - .hydraJobs.tests - | with_entries(select(.value.type == "derivation")) - | keys[] - | ".#hydraJobs.tests." + .') - flake_regressions: - if: | - github.event_name == 'merge_group' - || ( - github.event.pull_request.head.repo.full_name == 'DeterminateSystems/nix-src' - && ( - (github.event.action == 'labeled' && github.event.label.name == 'flake-regression-test') - || (github.event.action != 'labeled' && contains(github.event.pull_request.labels.*.name, 'flake-regression-test')) - ) - ) - needs: build_x86_64-linux - runs-on: namespace-profile-x86-32cpu-64gb - steps: - - name: Checkout nix - uses: actions/checkout@v4 - - name: Checkout flake-regressions - uses: actions/checkout@v4 - with: - repository: DeterminateSystems/flake-regressions - path: flake-regressions - - name: Checkout flake-regressions-data - uses: actions/checkout@v4 - with: - repository: DeterminateSystems/flake-regressions-data - path: flake-regressions/tests - - uses: DeterminateSystems/determinate-nix-action@main - - uses: DeterminateSystems/flakehub-cache-action@main - - run: nix build -L --out-link ./new-nix && PATH=$(pwd)/new-nix/bin:$PATH PARALLEL="-P 50%" flake-regressions/eval-all.sh + - name: Create artifacts directory + run: mkdir -p ./artifacts - flake_regressions_lazy: - if: | - github.event_name == 'merge_group' - || ( - github.event.pull_request.head.repo.full_name == 'DeterminateSystems/nix-src' - && ( - (github.event.action == 'labeled' && github.event.label.name == 'flake-regression-test') - || (github.event.action != 'labeled' && contains(github.event.pull_request.labels.*.name, 'flake-regression-test')) - ) - ) - needs: build_x86_64-linux - runs-on: namespace-profile-x86-32cpu-64gb - steps: - - name: Checkout nix - uses: actions/checkout@v4 - - name: Checkout flake-regressions - uses: actions/checkout@v4 + - name: Fetch artifacts + uses: actions/download-artifact@v4 with: - repository: DeterminateSystems/flake-regressions - path: flake-regressions - - name: Checkout flake-regressions-data - uses: actions/checkout@v4 + path: downloaded + - name: Move downloaded artifacts to artifacts directory + run: | + for dir in ./downloaded/*; do + arch="$(basename "$dir")" + mv "$dir"/*.xz ./artifacts/"${arch}" + done + + - name: Build fallback-paths.nix + run: | + nix build .#fallbackPathsNix --out-link fallback + cat fallback > ./artifacts/fallback-paths.nix + + - uses: DeterminateSystems/push-artifact-ids@main with: - repository: DeterminateSystems/flake-regressions-data - path: flake-regressions/tests - - uses: DeterminateSystems/determinate-nix-action@main - - uses: DeterminateSystems/flakehub-cache-action@main - - run: nix build -L --out-link ./new-nix && PATH=$(pwd)/new-nix/bin:$PATH PARALLEL="-P 50%" NIX_CONFIG="lazy-trees = true" flake-regressions/eval-all.sh + s3_upload_role: ${{ secrets.AWS_S3_UPLOAD_ROLE_ARN }} + bucket: ${{ secrets.AWS_S3_UPLOAD_BUCKET_NAME }} + directory: ./artifacts + ids_project_name: determinate-nix + ids_binary_prefix: determinate-nix + skip_acl: true + allowed_branches: '["detsys-main"]' - manual: - if: github.event_name != 'merge_group' - needs: build_x86_64-linux - runs-on: blacksmith + publish: + needs: + - success + if: (!github.repository.fork && (github.ref == format('refs/heads/{0}', github.event.repository.default_branch) || startsWith(github.ref, 'refs/tags/'))) + environment: ${{ github.event_name == 'release' && 'production' || '' }} + runs-on: ubuntu-latest permissions: - id-token: "write" - contents: "read" - pull-requests: "write" - statuses: "write" - deployments: "write" + contents: read + id-token: write steps: - - name: Checkout nix - uses: actions/checkout@v4 + - uses: actions/checkout@v4 - uses: DeterminateSystems/determinate-nix-action@main - - uses: DeterminateSystems/flakehub-cache-action@main - - name: Build manual - run: nix build .#hydraJobs.manual - - uses: nwtgck/actions-netlify@v3.0 + - uses: DeterminateSystems/flakehub-push@main with: - publish-dir: "./result/share/doc/nix/manual" - production-branch: detsys-main - github-token: ${{ secrets.GITHUB_TOKEN }} - deploy-message: "Deploy from GitHub Actions" - # NOTE(cole-h): We have a perpetual PR displaying our changes against upstream open, but - # its conversation is locked, so this PR comment can never be posted. - # https://github.com/DeterminateSystems/nix-src/pull/4 - enable-pull-request-comment: ${{ github.event.pull_request.number != 4 }} - enable-commit-comment: true - enable-commit-status: true - overwrites-pull-request-comment: true - env: - NETLIFY_AUTH_TOKEN: ${{ secrets.NETLIFY_AUTH_TOKEN }} - NETLIFY_SITE_ID: ${{ secrets.NETLIFY_SITE_ID }} + rolling: ${{ github.ref == format('refs/heads/{0}', github.event.repository.default_branch) }} + visibility: "public" + tag: "${{ github.ref_name }}" diff --git a/.github/workflows/upload-release.yml b/.github/workflows/upload-release.yml deleted file mode 100644 index 9e173c34fa3..00000000000 --- a/.github/workflows/upload-release.yml +++ /dev/null @@ -1,113 +0,0 @@ -name: Upload release - -concurrency: - group: upload-release - -on: - workflow_call: - push: - branches: - # NOTE: make sure any branches here are also valid directory names, - # otherwise creating the directory and uploading to s3 will fail - - "detsys-main" - pull_request: - types: - - opened - - reopened - - synchronize - - labeled - release: - types: - - published - -permissions: - id-token: "write" - contents: "read" - -jobs: - build-x86_64-linux: - uses: ./.github/workflows/build.yml - with: - os: blacksmith-32vcpu-ubuntu-2204 - system: x86_64-linux - run_tests: false - - build-aarch64-linux: - uses: ./.github/workflows/build.yml - with: - os: blacksmith-32vcpu-ubuntu-2204-arm - system: aarch64-linux - run_tests: false - - build-x86_64-darwin: - uses: ./.github/workflows/build.yml - with: - os: macos-latest-large - system: x86_64-darwin - run_tests: false - - build-aarch64-darwin: - uses: ./.github/workflows/build.yml - with: - os: macos-latest-xlarge - system: aarch64-darwin - run_tests: false - - release: - runs-on: ubuntu-latest - needs: - - build-x86_64-linux - - build-aarch64-linux - - build-x86_64-darwin - - build-aarch64-darwin - steps: - - name: Checkout - uses: actions/checkout@v4 - - uses: DeterminateSystems/determinate-nix-action@main - - - name: Create artifacts directory - run: mkdir -p ./artifacts - - - name: Fetch artifacts - uses: actions/download-artifact@v4 - with: - path: downloaded - - name: Move downloaded artifacts to artifacts directory - run: | - for dir in ./downloaded/*; do - arch="$(basename "$dir")" - mv "$dir"/*.xz ./artifacts/"${arch}" - done - - - name: Build fallback-paths.nix - run: | - nix build .#fallbackPathsNix --out-link fallback - cat fallback > ./artifacts/fallback-paths.nix - - - uses: DeterminateSystems/push-artifact-ids@main - with: - s3_upload_role: ${{ secrets.AWS_S3_UPLOAD_ROLE_ARN }} - bucket: ${{ secrets.AWS_S3_UPLOAD_BUCKET_NAME }} - directory: ./artifacts - ids_project_name: determinate-nix - ids_binary_prefix: determinate-nix - skip_acl: true - allowed_branches: '["detsys-main"]' - - publish: - needs: - - release - if: (!github.repository.fork && (github.ref == format('refs/heads/{0}', github.event.repository.default_branch) || startsWith(github.ref, 'refs/tags/'))) - environment: ${{ github.event_name == 'release' && 'production' || '' }} - runs-on: ubuntu-latest - permissions: - contents: read - id-token: write - steps: - - uses: actions/checkout@v4 - - uses: DeterminateSystems/determinate-nix-action@main - - uses: DeterminateSystems/flakehub-push@main - with: - rolling: ${{ github.ref == format('refs/heads/{0}', github.event.repository.default_branch) }} - visibility: "public" - tag: "${{ github.ref_name }}" From b2c762cd2f204624cb1e6ee9df8495942db28742 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 13 Jun 2025 21:03:58 +0200 Subject: [PATCH 686/815] Apply suggestions from code review Co-authored-by: Luc Perkins --- src/libexpr/include/nix/expr/eval-settings.hh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/libexpr/include/nix/expr/eval-settings.hh b/src/libexpr/include/nix/expr/eval-settings.hh index cb472683796..9b7573b2025 100644 --- a/src/libexpr/include/nix/expr/eval-settings.hh +++ b/src/libexpr/include/nix/expr/eval-settings.hh @@ -270,9 +270,9 @@ struct EvalSettings : Config false, "lazy-locks", R"( - If enabled, Nix will only include NAR hashes in lock file entries if they're necessary to lock the input (i.e. when there is no other attribute that allows the content to be verified, like a Git revision). + If enabled, Nix only includes NAR hashes in lock file entries if they're necessary to lock the input (i.e. when there is no other attribute that allows the content to be verified, like a Git revision). This is not backward compatible with older versions of Nix. - If disabled, lock file entries will always contain a NAR hash. + If disabled, lock file entries always contain a NAR hash. )" }; }; From 8aa7d7d5cc010170771f53995e580cef19af0e0f Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Fri, 13 Jun 2025 15:27:12 -0400 Subject: [PATCH 687/815] Go back to github hosted runners... blacksmith's keep dying --- .github/workflows/ci.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 7507d377e5f..82f54ddf57c 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -23,7 +23,7 @@ permissions: jobs: eval: - runs-on: blacksmith-32vcpu-ubuntu-2204 + runs-on: UbuntuLatest32Cores128G steps: - uses: actions/checkout@v4 with: @@ -35,7 +35,7 @@ jobs: uses: ./.github/workflows/build.yml with: system: x86_64-linux - runner: blacksmith-32vcpu-ubuntu-2204 + runner: UbuntuLatest32Cores128G runner_small: ubuntu-latest run_tests: true run_vm_tests: true @@ -46,8 +46,8 @@ jobs: with: if: ${{ github.event_name == 'merge_group' }} system: aarch64-linux - runner: blacksmith-32vcpu-ubuntu-2204-arm - runner_small: blacksmith-32vcpu-ubuntu-2204-arm + runner: UbuntuLatest32Cores128GArm + runner_small: UbuntuLatest32Cores128GArm build_x86_64-darwin: uses: ./.github/workflows/build.yml From cbedb8e19a0c85747526900f184d368d4b36cdaa Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 13 Jun 2025 15:21:31 +0200 Subject: [PATCH 688/815] Fix broken fetchToStore() caching on unlocked inputs --- src/libfetchers/fetchers.cc | 2 +- tests/functional/flakes/flakes.sh | 6 ++++++ 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/src/libfetchers/fetchers.cc b/src/libfetchers/fetchers.cc index 6d73daa1ae9..7ab1f567a78 100644 --- a/src/libfetchers/fetchers.cc +++ b/src/libfetchers/fetchers.cc @@ -355,7 +355,7 @@ std::pair, Input> Input::getAccessorUnchecked(ref sto assert(!accessor->getFingerprint(CanonPath::root)); - if (auto fingerprint = getFingerprint(store)) + if (auto fingerprint = result.getFingerprint(store)) accessor->setFingerprint(*fingerprint); return {accessor, std::move(result)}; diff --git a/tests/functional/flakes/flakes.sh b/tests/functional/flakes/flakes.sh index e335fe6f3a2..51f1909a248 100755 --- a/tests/functional/flakes/flakes.sh +++ b/tests/functional/flakes/flakes.sh @@ -112,6 +112,12 @@ nix build -o "$TEST_ROOT/result" "git+file://$flake1Dir#default" nix build -o "$TEST_ROOT/result" "$flake1Dir?ref=HEAD#default" nix build -o "$TEST_ROOT/result" "git+file://$flake1Dir?ref=HEAD#default" +# Check that the fetcher cache works. +if [[ $(nix config show lazy-trees) = false ]]; then + nix build -o "$TEST_ROOT/result" "git+file://$flake1Dir?ref=HEAD#default" -vvvvv 2>&1 | grepQuietInverse "source path.*is uncacheable" + nix build -o "$TEST_ROOT/result" "git+file://$flake1Dir?ref=HEAD#default" -vvvvv 2>&1 | grepQuiet "store path cache hit" +fi + # Check that relative paths are allowed for git flakes. # This may change in the future once git submodule support is refined. # See: https://discourse.nixos.org/t/57783 and #9708. From 8b9cb382e97a2e60cbfe3d5df1bca0230dbc9c07 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 13 Jun 2025 20:38:26 +0200 Subject: [PATCH 689/815] Fix `path` field in fetcher cache 86785fd9d1e8f2ed5d670e4c8bd64189af9b94a7 was broken because it was storing the full path in the MountedSourceAccessor as the `path` field in the fetcher cache key (i.e. including the /nix/store/... prefix). Especially in the case of lazy (virtual) store paths, this didn't work at all because those paths are different every time. --- src/libfetchers/fetch-to-store.cc | 10 +++-- src/libfetchers/fetchers.cc | 9 ++--- src/libfetchers/filtering-source-accessor.cc | 9 ++--- .../nix/fetchers/filtering-source-accessor.hh | 4 +- .../nix/util/forwarding-source-accessor.hh | 10 ----- .../include/nix/util/source-accessor.hh | 38 ++++++++++--------- src/libutil/mounted-source-accessor.cc | 7 ++-- 7 files changed, 38 insertions(+), 49 deletions(-) diff --git a/src/libfetchers/fetch-to-store.cc b/src/libfetchers/fetch-to-store.cc index 9a861a11d4f..618f32caeba 100644 --- a/src/libfetchers/fetch-to-store.cc +++ b/src/libfetchers/fetch-to-store.cc @@ -31,10 +31,14 @@ StorePath fetchToStore( // a `PosixSourceAccessor` pointing to a store path. std::optional cacheKey; - std::optional fingerprint; - if (!filter && (fingerprint = path.accessor->getFingerprint(path.path))) { - cacheKey = makeFetchToStoreCacheKey(std::string{name}, *fingerprint, method, path.path.abs()); + auto [subpath, fingerprint] = + filter + ? std::pair>{path.path, std::nullopt} + : path.accessor->getFingerprint(path.path); + + if (fingerprint) { + cacheKey = makeFetchToStoreCacheKey(std::string{name}, *fingerprint, method, subpath.abs()); if (auto res = fetchers::getCache()->lookupStorePath(*cacheKey, store, mode == FetchMode::DryRun)) { debug("store path cache hit for '%s'", path); return res->storePath; diff --git a/src/libfetchers/fetchers.cc b/src/libfetchers/fetchers.cc index 7ab1f567a78..5764f310d40 100644 --- a/src/libfetchers/fetchers.cc +++ b/src/libfetchers/fetchers.cc @@ -338,8 +338,7 @@ std::pair, Input> Input::getAccessorUnchecked(ref sto auto accessor = make_ref(makeStorePathAccessor(store, storePath)); - if (auto fingerprint = getFingerprint(store)) - accessor->setFingerprint(*fingerprint); + accessor->fingerprint = getFingerprint(store); // FIXME: ideally we would use the `showPath()` of the // "real" accessor for this fetcher type. @@ -353,10 +352,8 @@ std::pair, Input> Input::getAccessorUnchecked(ref sto auto [accessor, result] = scheme->getAccessor(store, *this); - assert(!accessor->getFingerprint(CanonPath::root)); - - if (auto fingerprint = result.getFingerprint(store)) - accessor->setFingerprint(*fingerprint); + assert(!accessor->fingerprint); + accessor->fingerprint = result.getFingerprint(store); return {accessor, std::move(result)}; } diff --git a/src/libfetchers/filtering-source-accessor.cc b/src/libfetchers/filtering-source-accessor.cc index 12e4a688b70..c339cdbdb48 100644 --- a/src/libfetchers/filtering-source-accessor.cc +++ b/src/libfetchers/filtering-source-accessor.cc @@ -58,16 +58,13 @@ std::string FilteringSourceAccessor::showPath(const CanonPath & path) return displayPrefix + next->showPath(prefix / path) + displaySuffix; } -std::optional FilteringSourceAccessor::getFingerprint(const CanonPath & path) +std::pair> FilteringSourceAccessor::getFingerprint(const CanonPath & path) { + if (fingerprint) + return {path, fingerprint}; return next->getFingerprint(prefix / path); } -void FilteringSourceAccessor::setFingerprint(std::string fingerprint) -{ - next->setFingerprint(std::move(fingerprint)); -} - void FilteringSourceAccessor::checkAccess(const CanonPath & path) { if (!isAllowed(path)) diff --git a/src/libfetchers/include/nix/fetchers/filtering-source-accessor.hh b/src/libfetchers/include/nix/fetchers/filtering-source-accessor.hh index 391cd371b49..e0228ad9bb6 100644 --- a/src/libfetchers/include/nix/fetchers/filtering-source-accessor.hh +++ b/src/libfetchers/include/nix/fetchers/filtering-source-accessor.hh @@ -50,9 +50,7 @@ struct FilteringSourceAccessor : SourceAccessor std::string showPath(const CanonPath & path) override; - std::optional getFingerprint(const CanonPath & path) override; - - void setFingerprint(std::string fingerprint) override; + std::pair> getFingerprint(const CanonPath & path) override; /** * Call `makeNotAllowedError` to throw a `RestrictedPathError` diff --git a/src/libutil/include/nix/util/forwarding-source-accessor.hh b/src/libutil/include/nix/util/forwarding-source-accessor.hh index cfa5ff9b8ce..bdba2addcb0 100644 --- a/src/libutil/include/nix/util/forwarding-source-accessor.hh +++ b/src/libutil/include/nix/util/forwarding-source-accessor.hh @@ -52,16 +52,6 @@ struct ForwardingSourceAccessor : SourceAccessor { return next->getPhysicalPath(path); } - - std::optional getFingerprint(const CanonPath & path) override - { - return next->getFingerprint(path); - } - - void setFingerprint(std::string fingerprint) override - { - next->setFingerprint(std::move(fingerprint)); - } }; } diff --git a/src/libutil/include/nix/util/source-accessor.hh b/src/libutil/include/nix/util/source-accessor.hh index 560e1fda015..4084b3bdcf7 100644 --- a/src/libutil/include/nix/util/source-accessor.hh +++ b/src/libutil/include/nix/util/source-accessor.hh @@ -177,28 +177,32 @@ struct SourceAccessor : std::enable_shared_from_this SymlinkResolution mode = SymlinkResolution::Full); /** - * Return a string that uniquely represents the contents of this - * accessor. This is used for caching lookups (see - * `fetchToStore()`). - * - * Fingerprints are generally for the entire accessor, but this - * method takes a `path` argument to support accessors like - * `MountedSourceAccessor` that combine multiple underlying - * accessors. A fingerprint should only be returned if it uniquely - * represents everything under `path`. + * A string that uniquely represents the contents of this + * accessor. This is used for caching lookups (see `fetchToStore()`). */ - virtual std::optional getFingerprint(const CanonPath & path) - { - return _fingerprint; - } + std::optional fingerprint; - virtual void setFingerprint(std::string fingerprint) + /** + * Return the fingerprint for `path`. This is usually the + * fingerprint of the current accessor, but for composite + * accessors (like `MountedSourceAccessor`), we want to return the + * fingerprint of the "inner" accessor if the current one lacks a + * fingerprint. + * + * So this method is intended to return the most-outer accessor + * that has a fingerprint for `path`. It also returns the path that `path` + * corresponds to in that accessor. + * + * For example: in a `MountedSourceAccessor` that has + * `/nix/store/foo` mounted, + * `getFingerprint("/nix/store/foo/bar")` will return the path + * `/bar` and the fingerprint of the `/nix/store/foo` accessor. + */ + virtual std::pair> getFingerprint(const CanonPath & path) { - _fingerprint = std::move(fingerprint); + return {path, fingerprint}; } - std::optional _fingerprint; - /** * Return the maximum last-modified time of the files in this * tree, if available. diff --git a/src/libutil/mounted-source-accessor.cc b/src/libutil/mounted-source-accessor.cc index 9292291c165..ed62fd2a37d 100644 --- a/src/libutil/mounted-source-accessor.cc +++ b/src/libutil/mounted-source-accessor.cc @@ -91,12 +91,11 @@ struct MountedSourceAccessorImpl : MountedSourceAccessor return nullptr; } - std::optional getFingerprint(const CanonPath & path) override + std::pair> getFingerprint(const CanonPath & path) override { + if (fingerprint) + return {path, fingerprint}; auto [accessor, subpath] = resolve(path); - // FIXME: check that there are no mounts underneath the mount - // point of `accessor`, since that would invalidate the - // fingerprint. (However we don't have such at the moment.) return accessor->getFingerprint(subpath); } }; From c7d80871accebd87495aa8432b21bdd88fc0c827 Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Fri, 13 Jun 2025 13:46:31 -0400 Subject: [PATCH 690/815] Parallelize the flake regression suite --- .github/workflows/build.yml | 52 ++++++++++++++----------------------- 1 file changed, 20 insertions(+), 32 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 97187473382..8ab836a36f2 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -95,36 +95,8 @@ jobs: if: | (inputs.run_regression_tests && github.event_name == 'merge_group') || ( - github.event.pull_request.head.repo.full_name == 'DeterminateSystems/nix-src' - && ( - (github.event.action == 'labeled' && github.event.label.name == 'flake-regression-test') - || (github.event.action != 'labeled' && contains(github.event.pull_request.labels.*.name, 'flake-regression-test')) - ) - ) - needs: build - runs-on: ${{ inputs.runner }} - steps: - - name: Checkout nix - uses: actions/checkout@v4 - - name: Checkout flake-regressions - uses: actions/checkout@v4 - with: - repository: DeterminateSystems/flake-regressions - path: flake-regressions - - name: Checkout flake-regressions-data - uses: actions/checkout@v4 - with: - repository: DeterminateSystems/flake-regressions-data - path: flake-regressions/tests - - uses: DeterminateSystems/determinate-nix-action@main - - uses: DeterminateSystems/flakehub-cache-action@main - - run: nix build -L --out-link ./new-nix && PATH=$(pwd)/new-nix/bin:$PATH PARALLEL="-P 50%" flake-regressions/eval-all.sh - - flake_regressions_lazy: - if: | - (inputs.run_regression_tests && github.event_name == 'merge_group') - || ( - github.event.pull_request.head.repo.full_name == 'DeterminateSystems/nix-src' + inputs.run_regression_tests + && github.event.pull_request.head.repo.full_name == 'DeterminateSystems/nix-src' && ( (github.event.action == 'labeled' && github.event.label.name == 'flake-regression-test') || (github.event.action != 'labeled' && contains(github.event.pull_request.labels.*.name, 'flake-regression-test')) @@ -132,6 +104,16 @@ jobs: ) needs: build runs-on: ${{ inputs.runner }} + strategy: + matrix: + nix_config: + - "lazy-trees = true" + - "lazy-trees = false" + glob: + - "[0-d]*" + - "[e-l]*" + - "[m-r]*" + - "[s-z]*" steps: - name: Checkout nix uses: actions/checkout@v4 @@ -147,7 +129,14 @@ jobs: path: flake-regressions/tests - uses: DeterminateSystems/determinate-nix-action@main - uses: DeterminateSystems/flakehub-cache-action@main - - run: nix build -L --out-link ./new-nix && PATH=$(pwd)/new-nix/bin:$PATH PARALLEL="-P 50%" NIX_CONFIG="lazy-trees = true" flake-regressions/eval-all.sh + - env: + PARALLEL: "-P 50%" + FLAKE_REGRESSION_GLOB: ${{ matrix.glob }} + NIX_CONFIG: ${{ matrix.nix_config }} + run: | + nix build -L --out-link ./new-nix + export PATH=$(pwd)/new-nix/bin:$PATH + flake-regressions/eval-all.sh manual: if: github.event_name != 'merge_group' @@ -190,7 +179,6 @@ jobs: - vm_tests_smoke - vm_tests_all - flake_regressions - - flake_regressions_lazy - manual if: ${{ always() }} runs-on: ubuntu-latest From f764c9eae37c1d31133b7ff209e544d3381ec803 Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Fri, 13 Jun 2025 14:58:00 -0400 Subject: [PATCH 691/815] Add retry to the eval steps, split out m since it takes a while on its own --- .github/workflows/build.yml | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 8ab836a36f2..c3ae8fce1f9 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -112,7 +112,8 @@ jobs: glob: - "[0-d]*" - "[e-l]*" - - "[m-r]*" + - "[m]*" + - "[n-r]*" - "[s-z]*" steps: - name: Checkout nix @@ -136,7 +137,12 @@ jobs: run: | nix build -L --out-link ./new-nix export PATH=$(pwd)/new-nix/bin:$PATH - flake-regressions/eval-all.sh + + if ! flake-regressions/eval-all.sh; then + echo "Some failed, trying again" + printf "\n\n\n\n\n\n\n\n" + flake-regressions/eval-all.sh + fi manual: if: github.event_name != 'merge_group' From b0a325d8db1adc89f2b66ee75e0bd162ce0643da Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Fri, 13 Jun 2025 15:18:04 -0400 Subject: [PATCH 692/815] Run on GHA runners, not blacksmith due to timeouts From 6185afef92cda34416d4ad97251b2e4ad8141cbb Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Fri, 13 Jun 2025 15:24:01 -0400 Subject: [PATCH 693/815] Run onnamespace, use their cache --- .github/workflows/build.yml | 5 +++++ .github/workflows/ci.yml | 2 +- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index c3ae8fce1f9..24f0c30c16f 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -135,6 +135,11 @@ jobs: FLAKE_REGRESSION_GLOB: ${{ matrix.glob }} NIX_CONFIG: ${{ matrix.nix_config }} run: | + set -x + if [ ! -z "${NSC_CACHE_PATH:-}" ]; then + mkdir -p "${NSC_CACHE_PATH}/nix/xdg-cache" + export XDG_CACHE_HOME="${NSC_CACHE_PATH}/nix/xdg-cache" + fi nix build -L --out-link ./new-nix export PATH=$(pwd)/new-nix/bin:$PATH diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 82f54ddf57c..8322282965f 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -35,7 +35,7 @@ jobs: uses: ./.github/workflows/build.yml with: system: x86_64-linux - runner: UbuntuLatest32Cores128G + runner: namespace-profile-linuxamd32c64g-cache runner_small: ubuntu-latest run_tests: true run_vm_tests: true From 97dc226cae99c5c4573dd706c4dc5137e64adcc8 Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Fri, 13 Jun 2025 16:43:55 -0400 Subject: [PATCH 694/815] Use fewer runners --- .github/workflows/build.yml | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 24f0c30c16f..36dcab93020 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -110,11 +110,8 @@ jobs: - "lazy-trees = true" - "lazy-trees = false" glob: - - "[0-d]*" - - "[e-l]*" - - "[m]*" - - "[n-r]*" - - "[s-z]*" + - "[0-l]*" + - "[m-z]*" steps: - name: Checkout nix uses: actions/checkout@v4 From cf11e27047a418a42004493a8f18ab50ef1e424a Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Fri, 13 Jun 2025 18:05:15 -0400 Subject: [PATCH 695/815] Don't stall on a stuck nixos vm test build forever --- .github/workflows/build.yml | 30 +++++++++++++++++++++--------- 1 file changed, 21 insertions(+), 9 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 36dcab93020..ef6d9072e2b 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -83,13 +83,21 @@ jobs: - uses: DeterminateSystems/determinate-nix-action@main - uses: DeterminateSystems/flakehub-cache-action@main - run: | - nix build -L --keep-going \ - $(nix flake show --json \ - | jq -r ' - .hydraJobs.tests - | with_entries(select(.value.type == "derivation")) - | keys[] - | ".#hydraJobs.tests." + .') + cmd() { + nix build -L --keep-going --timeout 300 \ + $(nix flake show --json \ + | jq -r ' + .hydraJobs.tests + | with_entries(select(.value.type == "derivation")) + | keys[] + | ".#hydraJobs.tests." + .') + } + + if ! cmd; then + echo "failed, retrying once ..." + printf "\n\n\n\n\n\n\n\n" + cmd + fi flake_regressions: if: | @@ -110,8 +118,12 @@ jobs: - "lazy-trees = true" - "lazy-trees = false" glob: - - "[0-l]*" - - "[m-z]*" + - "[0-d]*" + - "[e-l]*" + - "[m]*" + - "[n-r]*" + - "[s-z]*" + steps: - name: Checkout nix uses: actions/checkout@v4 From 151456a999de3c32d86b4091fc0cff4b8a2255a5 Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Mon, 16 Jun 2025 09:54:06 -0400 Subject: [PATCH 696/815] Change the aarch64 linux / x86 darwin condition to exclude pull request, since we do want to build them on every other trigger --- .github/workflows/ci.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 8322282965f..4aa9ed29635 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -44,7 +44,7 @@ jobs: build_aarch64-linux: uses: ./.github/workflows/build.yml with: - if: ${{ github.event_name == 'merge_group' }} + if: ${{ github.event_name != 'pull_request' }} system: aarch64-linux runner: UbuntuLatest32Cores128GArm runner_small: UbuntuLatest32Cores128GArm @@ -52,7 +52,7 @@ jobs: build_x86_64-darwin: uses: ./.github/workflows/build.yml with: - if: ${{ github.event_name == 'merge_group' }} + if: ${{ github.event_name != 'pull_request' }} system: x86_64-darwin runner: macos-latest-large runner_small: macos-latest-large From eba6cd8488f5a502fd52ea5ffa38bb22c6ec91e9 Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Mon, 16 Jun 2025 09:55:46 -0400 Subject: [PATCH 697/815] Don't build fallback-paths if we didn't build aarch64-linux and x86 darwin --- .github/workflows/ci.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 4aa9ed29635..4eea8759d25 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -103,6 +103,7 @@ jobs: done - name: Build fallback-paths.nix + if: ${{ github.event_name != 'pull_request' }} run: | nix build .#fallbackPathsNix --out-link fallback cat fallback > ./artifacts/fallback-paths.nix From dc5e6200325ad5c8f380de8777e4d4f24e0032ae Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 13 Jun 2025 22:19:53 +0200 Subject: [PATCH 698/815] fetchToStore() cache: Use content hashes instead of store paths We can always compute the store path from the content hash, but not vice versa. Storing the content hash allows `hashPath()` to be replaced by `fetchToStore(...FetchMode::DryRun...)`, which gets us caching in lazy-trees mode. --- src/libexpr/paths.cc | 3 +- src/libfetchers/fetch-to-store.cc | 73 ++++++++++++------- src/libfetchers/fetchers.cc | 4 +- .../include/nix/fetchers/fetch-to-store.hh | 13 +++- src/libfetchers/path.cc | 35 +++------ tests/functional/flakes/flakes.sh | 2 +- 6 files changed, 72 insertions(+), 58 deletions(-) diff --git a/src/libexpr/paths.cc b/src/libexpr/paths.cc index 65b8212e150..b6a372fb2c9 100644 --- a/src/libexpr/paths.cc +++ b/src/libexpr/paths.cc @@ -84,8 +84,7 @@ StorePath EvalState::mountInput( if (store->isValidPath(storePath)) _narHash = store->queryPathInfo(storePath)->narHash; else - // FIXME: use fetchToStore to make it cache this - _narHash = accessor->hashPath(CanonPath::root); + _narHash = fetchToStore2(*store, accessor, FetchMode::DryRun, input.getName()).second; } return _narHash; }; diff --git a/src/libfetchers/fetch-to-store.cc b/src/libfetchers/fetch-to-store.cc index 618f32caeba..5595f7594d3 100644 --- a/src/libfetchers/fetch-to-store.cc +++ b/src/libfetchers/fetch-to-store.cc @@ -3,19 +3,16 @@ namespace nix { -fetchers::Cache::Key makeFetchToStoreCacheKey( - const std::string &name, - const std::string &fingerprint, +fetchers::Cache::Key makeSourcePathToHashCacheKey( + const std::string & fingerprint, ContentAddressMethod method, - const std::string &path) + const std::string & path) { - return fetchers::Cache::Key{"fetchToStore", { - {"name", name}, + return fetchers::Cache::Key{"sourcePathToHash", { {"fingerprint", fingerprint}, {"method", std::string{method.render()}}, {"path", path} }}; - } StorePath fetchToStore( @@ -27,9 +24,18 @@ StorePath fetchToStore( PathFilter * filter, RepairFlag repair) { - // FIXME: add an optimisation for the case where the accessor is - // a `PosixSourceAccessor` pointing to a store path. + return fetchToStore2(store, path, mode, name, method, filter, repair).first; +} +std::pair fetchToStore2( + Store & store, + const SourcePath & path, + FetchMode mode, + std::string_view name, + ContentAddressMethod method, + PathFilter * filter, + RepairFlag repair) +{ std::optional cacheKey; auto [subpath, fingerprint] = @@ -38,32 +44,47 @@ StorePath fetchToStore( : path.accessor->getFingerprint(path.path); if (fingerprint) { - cacheKey = makeFetchToStoreCacheKey(std::string{name}, *fingerprint, method, subpath.abs()); - if (auto res = fetchers::getCache()->lookupStorePath(*cacheKey, store, mode == FetchMode::DryRun)) { - debug("store path cache hit for '%s'", path); - return res->storePath; + cacheKey = makeSourcePathToHashCacheKey(*fingerprint, method, subpath.abs()); + if (auto res = fetchers::getCache()->lookup(*cacheKey)) { + debug("source path hash cache hit for '%s'", path); + auto hash = Hash::parseSRI(fetchers::getStrAttr(*res, "hash")); + auto storePath = store.makeFixedOutputPathFromCA(name, + ContentAddressWithReferences::fromParts(method, hash, {})); + if (store.isValidPath(storePath)) { + debug("source path '%s' has valid store path '%s'", path, store.printStorePath(storePath)); + return {storePath, hash}; + } + debug("source path '%s' not in store", path); } } else - debug("source path '%s' is uncacheable (%d, %d)", path, filter, (bool) fingerprint); + // FIXME: could still provide in-memory caching keyed on `SourcePath`. + debug("source path '%s' is uncacheable (%d, %d)", path, (bool) filter, (bool) fingerprint); Activity act(*logger, lvlChatty, actUnknown, fmt(mode == FetchMode::DryRun ? "hashing '%s'" : "copying '%s' to the store", path)); auto filter2 = filter ? *filter : defaultPathFilter; - auto storePath = - mode == FetchMode::DryRun - ? store.computeStorePath( - name, path, method, HashAlgorithm::SHA256, {}, filter2).first - : store.addToStore( + if (mode == FetchMode::DryRun) { + auto [storePath, hash] = store.computeStorePath( + name, path, method, HashAlgorithm::SHA256, {}, filter2); + debug("hashed '%s' to '%s'", path, store.printStorePath(storePath)); + if (cacheKey) + fetchers::getCache()->upsert(*cacheKey, {{"hash", hash.to_string(HashFormat::SRI, true)}}); + return {storePath, hash}; + } else { + auto storePath = store.addToStore( name, path, method, HashAlgorithm::SHA256, {}, filter2, repair); - - debug(mode == FetchMode::DryRun ? "hashed '%s'" : "copied '%s' to '%s'", path, store.printStorePath(storePath)); - - if (cacheKey) - fetchers::getCache()->upsert(*cacheKey, store, {}, storePath); - - return storePath; + debug("copied '%s' to '%s'", path, store.printStorePath(storePath)); + // FIXME: this is the wrong hash when method != + // ContentAddressMethod::Raw::NixArchive. Doesn't matter at + // the moment since the only place where that's the case + // doesn't use the hash. + auto hash = store.queryPathInfo(storePath)->narHash; + if (cacheKey) + fetchers::getCache()->upsert(*cacheKey, {{"hash", hash.to_string(HashFormat::SRI, true)}}); + return {storePath, hash}; + } } } diff --git a/src/libfetchers/fetchers.cc b/src/libfetchers/fetchers.cc index 5764f310d40..d91f24b6a0d 100644 --- a/src/libfetchers/fetchers.cc +++ b/src/libfetchers/fetchers.cc @@ -352,8 +352,8 @@ std::pair, Input> Input::getAccessorUnchecked(ref sto auto [accessor, result] = scheme->getAccessor(store, *this); - assert(!accessor->fingerprint); - accessor->fingerprint = result.getFingerprint(store); + if (!accessor->fingerprint) + accessor->fingerprint = result.getFingerprint(store); return {accessor, std::move(result)}; } diff --git a/src/libfetchers/include/nix/fetchers/fetch-to-store.hh b/src/libfetchers/include/nix/fetchers/fetch-to-store.hh index 44c33c147ed..364d253753e 100644 --- a/src/libfetchers/include/nix/fetchers/fetch-to-store.hh +++ b/src/libfetchers/include/nix/fetchers/fetch-to-store.hh @@ -23,7 +23,16 @@ StorePath fetchToStore( PathFilter * filter = nullptr, RepairFlag repair = NoRepair); -fetchers::Cache::Key makeFetchToStoreCacheKey( - const std::string & name, const std::string & fingerprint, ContentAddressMethod method, const std::string & path); +std::pair fetchToStore2( + Store & store, + const SourcePath & path, + FetchMode mode, + std::string_view name = "source", + ContentAddressMethod method = ContentAddressMethod::Raw::NixArchive, + PathFilter * filter = nullptr, + RepairFlag repair = NoRepair); + +fetchers::Cache::Key +makeSourcePathToHashCacheKey(const std::string & fingerprint, ContentAddressMethod method, const std::string & path); } diff --git a/src/libfetchers/path.cc b/src/libfetchers/path.cc index ff39cb02f9d..0de81ae430b 100644 --- a/src/libfetchers/path.cc +++ b/src/libfetchers/path.cc @@ -144,37 +144,22 @@ struct PathInputScheme : InputScheme storePath = store->addToStoreFromDump(*src, "source"); } - // To avoid copying the path again to the /nix/store, we need to add a cache entry. - ContentAddressMethod method = ContentAddressMethod::Raw::NixArchive; - auto fp = getFingerprint(store, input); - if (fp) { - auto cacheKey = makeFetchToStoreCacheKey(input.getName(), *fp, method, "/"); - fetchers::getCache()->upsert(cacheKey, *store, {}, *storePath); - } + auto accessor = makeStorePathAccessor(store, *storePath); + + // To prevent `fetchToStore()` copying the path again to Nix + // store, pre-create an entry in the fetcher cache. + auto info = store->queryPathInfo(*storePath); + accessor->fingerprint = fmt("path:%s", store->queryPathInfo(*storePath)->narHash.to_string(HashFormat::SRI, true)); + fetchers::getCache()->upsert( + makeSourcePathToHashCacheKey(*accessor->fingerprint, ContentAddressMethod::Raw::NixArchive, "/"), + {{"hash", info->narHash.to_string(HashFormat::SRI, true)}}); /* Trust the lastModified value supplied by the user, if any. It's not a "secure" attribute so we don't care. */ if (!input.getLastModified()) input.attrs.insert_or_assign("lastModified", uint64_t(mtime)); - return {makeStorePathAccessor(store, *storePath), std::move(input)}; - } - - std::optional getFingerprint(ref store, const Input & input) const override - { - if (isRelative(input)) - return std::nullopt; - - /* If this path is in the Nix store, use the hash of the - store object and the subpath. */ - auto path = getAbsPath(input); - try { - auto [storePath, subPath] = store->toStorePath(path.string()); - auto info = store->queryPathInfo(storePath); - return fmt("path:%s:%s", info->narHash.to_string(HashFormat::Base16, false), subPath); - } catch (Error &) { - return std::nullopt; - } + return {accessor, std::move(input)}; } }; diff --git a/tests/functional/flakes/flakes.sh b/tests/functional/flakes/flakes.sh index 51f1909a248..878e02682c8 100755 --- a/tests/functional/flakes/flakes.sh +++ b/tests/functional/flakes/flakes.sh @@ -115,7 +115,7 @@ nix build -o "$TEST_ROOT/result" "git+file://$flake1Dir?ref=HEAD#default" # Check that the fetcher cache works. if [[ $(nix config show lazy-trees) = false ]]; then nix build -o "$TEST_ROOT/result" "git+file://$flake1Dir?ref=HEAD#default" -vvvvv 2>&1 | grepQuietInverse "source path.*is uncacheable" - nix build -o "$TEST_ROOT/result" "git+file://$flake1Dir?ref=HEAD#default" -vvvvv 2>&1 | grepQuiet "store path cache hit" + nix build -o "$TEST_ROOT/result" "git+file://$flake1Dir?ref=HEAD#default" -vvvvv 2>&1 | grepQuiet "source path hash cache hit" fi # Check that relative paths are allowed for git flakes. From af5815fd540d4bde68f93526e1bf23e0f8b2cff1 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 16 Jun 2025 12:09:43 +0200 Subject: [PATCH 699/815] Give unit tests access to a $HOME directory Also, don't try to access cache.nixos.org in the libstore unit tests. --- src/libflake-tests/meson.build | 1 + src/libflake-tests/package.nix | 18 +++++++----------- src/libstore-tests/meson.build | 1 + src/libstore-tests/nix_api_store.cc | 16 +--------------- src/libstore-tests/package.nix | 18 +++++++----------- 5 files changed, 17 insertions(+), 37 deletions(-) diff --git a/src/libflake-tests/meson.build b/src/libflake-tests/meson.build index 80c94bd77ca..b7a48b89e56 100644 --- a/src/libflake-tests/meson.build +++ b/src/libflake-tests/meson.build @@ -59,6 +59,7 @@ test( this_exe, env : { '_NIX_TEST_UNIT_DATA': meson.current_source_dir() / 'data', + 'HOME': meson.current_build_dir() / 'test-home', }, protocol : 'gtest', ) diff --git a/src/libflake-tests/package.nix b/src/libflake-tests/package.nix index db507fc3a54..8344d98d75c 100644 --- a/src/libflake-tests/package.nix +++ b/src/libflake-tests/package.nix @@ -56,17 +56,13 @@ mkMesonExecutable (finalAttrs: { { meta.broken = !stdenv.hostPlatform.emulatorAvailable buildPackages; } - ( - lib.optionalString stdenv.hostPlatform.isWindows '' - export HOME="$PWD/home-dir" - mkdir -p "$HOME" - '' - + '' - export _NIX_TEST_UNIT_DATA=${resolvePath ./data} - ${stdenv.hostPlatform.emulator buildPackages} ${lib.getExe finalAttrs.finalPackage} - touch $out - '' - ); + ('' + export _NIX_TEST_UNIT_DATA=${resolvePath ./data} + export HOME="$TMPDIR/home" + mkdir -p "$HOME" + ${stdenv.hostPlatform.emulator buildPackages} ${lib.getExe finalAttrs.finalPackage} + touch $out + ''); }; }; diff --git a/src/libstore-tests/meson.build b/src/libstore-tests/meson.build index 8a1ff40f074..8b9893b2335 100644 --- a/src/libstore-tests/meson.build +++ b/src/libstore-tests/meson.build @@ -100,6 +100,7 @@ test( this_exe, env : { '_NIX_TEST_UNIT_DATA': meson.current_source_dir() / 'data', + 'HOME': meson.current_build_dir() / 'test-home', }, protocol : 'gtest', ) diff --git a/src/libstore-tests/nix_api_store.cc b/src/libstore-tests/nix_api_store.cc index 4eb95360a6a..b7495e0ab8f 100644 --- a/src/libstore-tests/nix_api_store.cc +++ b/src/libstore-tests/nix_api_store.cc @@ -28,10 +28,6 @@ TEST_F(nix_api_store_test, nix_store_get_uri) TEST_F(nix_api_util_context, nix_store_get_storedir_default) { - if (nix::getEnv("HOME").value_or("") == "/homeless-shelter") { - // skipping test in sandbox because nix_store_open tries to create /nix/var/nix/profiles - GTEST_SKIP(); - } nix_libstore_init(ctx); Store * store = nix_store_open(ctx, nullptr, nullptr); assert_ctx_ok(); @@ -136,10 +132,6 @@ TEST_F(nix_api_store_test, nix_store_real_path) TEST_F(nix_api_util_context, nix_store_real_path_relocated) { - if (nix::getEnv("HOME").value_or("") == "/homeless-shelter") { - // Can't open default store from within sandbox - GTEST_SKIP(); - } auto tmp = nix::createTempDir(); std::string storeRoot = tmp + "/store"; std::string stateDir = tmp + "/state"; @@ -179,13 +171,7 @@ TEST_F(nix_api_util_context, nix_store_real_path_relocated) TEST_F(nix_api_util_context, nix_store_real_path_binary_cache) { - if (nix::getEnv("HOME").value_or("") == "/homeless-shelter") { - // TODO: override NIX_CACHE_HOME? - // skipping test in sandbox because narinfo cache can't be written - GTEST_SKIP(); - } - - Store * store = nix_store_open(ctx, "https://cache.nixos.org", nullptr); + Store * store = nix_store_open(ctx, nix::fmt("file://%s/binary-cache", nix::createTempDir()).c_str(), nullptr); assert_ctx_ok(); ASSERT_NE(store, nullptr); diff --git a/src/libstore-tests/package.nix b/src/libstore-tests/package.nix index b39ee7fa73c..1f3701c7fc6 100644 --- a/src/libstore-tests/package.nix +++ b/src/libstore-tests/package.nix @@ -73,17 +73,13 @@ mkMesonExecutable (finalAttrs: { { meta.broken = !stdenv.hostPlatform.emulatorAvailable buildPackages; } - ( - lib.optionalString stdenv.hostPlatform.isWindows '' - export HOME="$PWD/home-dir" - mkdir -p "$HOME" - '' - + '' - export _NIX_TEST_UNIT_DATA=${data + "/src/libstore-tests/data"} - ${stdenv.hostPlatform.emulator buildPackages} ${lib.getExe finalAttrs.finalPackage} - touch $out - '' - ); + ('' + export _NIX_TEST_UNIT_DATA=${data + "/src/libstore-tests/data"} + export HOME="$TMPDIR/home" + mkdir -p "$HOME" + ${stdenv.hostPlatform.emulator buildPackages} ${lib.getExe finalAttrs.finalPackage} + touch $out + ''); }; }; From e3fa4faff92e6769f77fd067177336e8f74629a0 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 16 Jun 2025 16:04:26 +0200 Subject: [PATCH 700/815] fetchToStore(): Don't require a valid path in dry run mode --- src/libfetchers/fetch-to-store.cc | 5 ++--- tests/functional/flakes/flakes.sh | 2 +- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/src/libfetchers/fetch-to-store.cc b/src/libfetchers/fetch-to-store.cc index 5595f7594d3..31de2b1e168 100644 --- a/src/libfetchers/fetch-to-store.cc +++ b/src/libfetchers/fetch-to-store.cc @@ -46,12 +46,11 @@ std::pair fetchToStore2( if (fingerprint) { cacheKey = makeSourcePathToHashCacheKey(*fingerprint, method, subpath.abs()); if (auto res = fetchers::getCache()->lookup(*cacheKey)) { - debug("source path hash cache hit for '%s'", path); auto hash = Hash::parseSRI(fetchers::getStrAttr(*res, "hash")); auto storePath = store.makeFixedOutputPathFromCA(name, ContentAddressWithReferences::fromParts(method, hash, {})); - if (store.isValidPath(storePath)) { - debug("source path '%s' has valid store path '%s'", path, store.printStorePath(storePath)); + if (mode == FetchMode::DryRun || store.isValidPath(storePath)) { + debug("source path '%s' cache hit in '%s' (hash '%s')", path, store.printStorePath(storePath), hash.to_string(HashFormat::SRI, true)); return {storePath, hash}; } debug("source path '%s' not in store", path); diff --git a/tests/functional/flakes/flakes.sh b/tests/functional/flakes/flakes.sh index 878e02682c8..ddfd7052f2e 100755 --- a/tests/functional/flakes/flakes.sh +++ b/tests/functional/flakes/flakes.sh @@ -115,7 +115,7 @@ nix build -o "$TEST_ROOT/result" "git+file://$flake1Dir?ref=HEAD#default" # Check that the fetcher cache works. if [[ $(nix config show lazy-trees) = false ]]; then nix build -o "$TEST_ROOT/result" "git+file://$flake1Dir?ref=HEAD#default" -vvvvv 2>&1 | grepQuietInverse "source path.*is uncacheable" - nix build -o "$TEST_ROOT/result" "git+file://$flake1Dir?ref=HEAD#default" -vvvvv 2>&1 | grepQuiet "source path hash cache hit" + nix build -o "$TEST_ROOT/result" "git+file://$flake1Dir?ref=HEAD#default" -vvvvv 2>&1 | grepQuiet "source path.*cache hit" fi # Check that relative paths are allowed for git flakes. From b2905dc08e87bfb9b3d5f238ba731d958d9b0cbd Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 16 Jun 2025 16:05:08 +0200 Subject: [PATCH 701/815] fetchToStore(): Address a FIXME --- src/libfetchers/fetch-to-store.cc | 51 +++++++++++++++++++------------ 1 file changed, 31 insertions(+), 20 deletions(-) diff --git a/src/libfetchers/fetch-to-store.cc b/src/libfetchers/fetch-to-store.cc index 31de2b1e168..877e49c1413 100644 --- a/src/libfetchers/fetch-to-store.cc +++ b/src/libfetchers/fetch-to-store.cc @@ -64,26 +64,37 @@ std::pair fetchToStore2( auto filter2 = filter ? *filter : defaultPathFilter; - if (mode == FetchMode::DryRun) { - auto [storePath, hash] = store.computeStorePath( - name, path, method, HashAlgorithm::SHA256, {}, filter2); - debug("hashed '%s' to '%s'", path, store.printStorePath(storePath)); - if (cacheKey) - fetchers::getCache()->upsert(*cacheKey, {{"hash", hash.to_string(HashFormat::SRI, true)}}); - return {storePath, hash}; - } else { - auto storePath = store.addToStore( - name, path, method, HashAlgorithm::SHA256, {}, filter2, repair); - debug("copied '%s' to '%s'", path, store.printStorePath(storePath)); - // FIXME: this is the wrong hash when method != - // ContentAddressMethod::Raw::NixArchive. Doesn't matter at - // the moment since the only place where that's the case - // doesn't use the hash. - auto hash = store.queryPathInfo(storePath)->narHash; - if (cacheKey) - fetchers::getCache()->upsert(*cacheKey, {{"hash", hash.to_string(HashFormat::SRI, true)}}); - return {storePath, hash}; - } + auto [storePath, hash] = + mode == FetchMode::DryRun + ? ({ + auto [storePath, hash] = store.computeStorePath( + name, path, method, HashAlgorithm::SHA256, {}, filter2); + debug("hashed '%s' to '%s' (hash '%s')", path, store.printStorePath(storePath), hash.to_string(HashFormat::SRI, true)); + std::make_pair(storePath, hash); + }) + : ({ + // FIXME: ideally addToStore() would return the hash + // right away (like computeStorePath()). + auto storePath = store.addToStore( + name, path, method, HashAlgorithm::SHA256, {}, filter2, repair); + auto info = store.queryPathInfo(storePath); + assert(info->references.empty()); + auto hash = + method == ContentAddressMethod::Raw::NixArchive + ? info->narHash + : ({ + if (!info->ca || info->ca->method != method) + throw Error("path '%s' lacks a CA field", store.printStorePath(storePath)); + info->ca->hash; + }); + debug("copied '%s' to '%s' (hash '%s')", path, store.printStorePath(storePath), hash.to_string(HashFormat::SRI, true)); + std::make_pair(storePath, hash); + }); + + if (cacheKey) + fetchers::getCache()->upsert(*cacheKey, {{"hash", hash.to_string(HashFormat::SRI, true)}}); + + return {storePath, hash}; } } From 1aadf1e96ccf1d7aa966cdac66dfb39bd3f22b10 Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Mon, 16 Jun 2025 13:29:47 -0400 Subject: [PATCH 702/815] Increase the nixos test timeout to 10 minutes, up from 5 Most tests complete within 4m, one test -- the docker test -- takes approximately 6m45s. Ten gives us plenty of room ...? --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index ef6d9072e2b..a0d6d9f98a5 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -84,7 +84,7 @@ jobs: - uses: DeterminateSystems/flakehub-cache-action@main - run: | cmd() { - nix build -L --keep-going --timeout 300 \ + nix build -L --keep-going --timeout 600 \ $(nix flake show --json \ | jq -r ' .hydraJobs.tests From 20742e63e2dbe47f330e4d67ff49e93e6b9ae458 Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Mon, 16 Jun 2025 16:07:28 -0400 Subject: [PATCH 703/815] Use GHA runners for VMs since they have KVM --- .github/workflows/build.yml | 7 +++++-- .github/workflows/ci.yml | 4 ++++ 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index ef6d9072e2b..b8844c60d04 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -7,6 +7,9 @@ on: runner: required: true type: string + runner_for_virt: + required: true + type: string runner_small: required: true type: string @@ -61,7 +64,7 @@ jobs: vm_tests_smoke: if: inputs.run_vm_tests && github.event_name != 'merge_group' needs: build - runs-on: ${{ inputs.runner }} + runs-on: ${{ inputs.runner_for_virt }} steps: - uses: actions/checkout@v4 - uses: DeterminateSystems/determinate-nix-action@main @@ -77,7 +80,7 @@ jobs: vm_tests_all: if: inputs.run_vm_tests && github.event_name == 'merge_group' needs: build - runs-on: ${{ inputs.runner }} + runs-on: ${{ inputs.runner_for_virt }} steps: - uses: actions/checkout@v4 - uses: DeterminateSystems/determinate-nix-action@main diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 4eea8759d25..c002d0b66bd 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -36,6 +36,7 @@ jobs: with: system: x86_64-linux runner: namespace-profile-linuxamd32c64g-cache + runner_for_virt: UbuntuLatest32Cores128G runner_small: ubuntu-latest run_tests: true run_vm_tests: true @@ -47,6 +48,7 @@ jobs: if: ${{ github.event_name != 'pull_request' }} system: aarch64-linux runner: UbuntuLatest32Cores128GArm + runner_for_virt: UbuntuLatest32Cores128GArm runner_small: UbuntuLatest32Cores128GArm build_x86_64-darwin: @@ -55,6 +57,7 @@ jobs: if: ${{ github.event_name != 'pull_request' }} system: x86_64-darwin runner: macos-latest-large + runner_for_virt: macos-latest-large runner_small: macos-latest-large build_aarch64-darwin: @@ -62,6 +65,7 @@ jobs: with: system: aarch64-darwin runner: namespace-profile-mac-m2-12c28g + runner_for_virt: namespace-profile-mac-m2-12c28g runner_small: macos-latest-xlarge success: From 2190f6ce6686817acdea467f3e3324b62de1152d Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Mon, 16 Jun 2025 21:08:34 +0000 Subject: [PATCH 704/815] Prepare release v3.6.5 From 11d72504486c7ec8b1cd749e7c077a418a4d95ec Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Mon, 16 Jun 2025 21:08:37 +0000 Subject: [PATCH 705/815] Set .version-determinate to 3.6.5 --- .version-determinate | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.version-determinate b/.version-determinate index 0f44168a4d5..d15b8b06fa3 100644 --- a/.version-determinate +++ b/.version-determinate @@ -1 +1 @@ -3.6.4 +3.6.5 From fd4ed4c9f56d9444caf73280979a9c11111397e5 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Mon, 16 Jun 2025 21:08:42 +0000 Subject: [PATCH 706/815] Generare release notes for 3.6.5 --- doc/manual/source/SUMMARY.md.in | 1 + .../release-notes-determinate/changes.md | 20 ++++++++++++++++++- .../release-notes-determinate/rl-3.6.5.md | 16 +++++++++++++++ 3 files changed, 36 insertions(+), 1 deletion(-) create mode 100644 doc/manual/source/release-notes-determinate/rl-3.6.5.md diff --git a/doc/manual/source/SUMMARY.md.in b/doc/manual/source/SUMMARY.md.in index 781dba88c3b..18d8c13b005 100644 --- a/doc/manual/source/SUMMARY.md.in +++ b/doc/manual/source/SUMMARY.md.in @@ -129,6 +129,7 @@ - [Contributing](development/contributing.md) - [Determinate Nix Release Notes](release-notes-determinate/index.md) - [Changes between Nix and Determinate Nix](release-notes-determinate/changes.md) + - [Release 3.6.5 (2025-06-16)](release-notes-determinate/rl-3.6.5.md) - [Release 3.6.4 (2025-06-12)](release-notes-determinate/rl-3.6.4.md) - [Release 3.6.2 (2025-06-02)](release-notes-determinate/rl-3.6.2.md) - [Release 3.6.1 (2025-05-24)](release-notes-determinate/rl-3.6.1.md) diff --git a/doc/manual/source/release-notes-determinate/changes.md b/doc/manual/source/release-notes-determinate/changes.md index 37ff16592fc..ca75f9fd548 100644 --- a/doc/manual/source/release-notes-determinate/changes.md +++ b/doc/manual/source/release-notes-determinate/changes.md @@ -1,6 +1,6 @@ # Changes between Nix and Determinate Nix -This section lists the differences between upstream Nix 2.29 and Determinate Nix 3.6.4. +This section lists the differences between upstream Nix 2.29 and Determinate Nix 3.6.5. * In Determinate Nix, flakes are stable. You no longer need to enable the `flakes` experimental feature. @@ -71,3 +71,21 @@ This section lists the differences between upstream Nix 2.29 and Determinate Nix * Improve error messages that use the hypothetical future tense of "will" by @lucperkins in [DeterminateSystems/nix-src#92](https://github.com/DeterminateSystems/nix-src/pull/92) * Improve caching of inputs in dry-run mode by @edolstra in [DeterminateSystems/nix-src#98](https://github.com/DeterminateSystems/nix-src/pull/98) + + + +* Release v3.6.4 by @github-actions in [DeterminateSystems/nix-src#109](https://github.com/DeterminateSystems/nix-src/pull/109) + +* Fixup the complainy docs line by @grahamc in [DeterminateSystems/nix-src#111](https://github.com/DeterminateSystems/nix-src/pull/111) + +* Move the actual vm tests / flake regressions into the generic build phase by @grahamc in [DeterminateSystems/nix-src#112](https://github.com/DeterminateSystems/nix-src/pull/112) + +* Fix broken fetchToStore() caching by @edolstra in [DeterminateSystems/nix-src#110](https://github.com/DeterminateSystems/nix-src/pull/110) + +* Parallelize the flake regression suite by @grahamc in [DeterminateSystems/nix-src#114](https://github.com/DeterminateSystems/nix-src/pull/114) + +* Don't build fallback-paths if we didn't build aarch64-linux and x86 d… …arwin by @grahamc in [DeterminateSystems/nix-src#116](https://github.com/DeterminateSystems/nix-src/pull/116) + +* Use GHA runners for VMs since they have KVM by @grahamc in [DeterminateSystems/nix-src#118](https://github.com/DeterminateSystems/nix-src/pull/118) + +* fetchToStore() cache: Use content hashes instead of store paths by @edolstra in [DeterminateSystems/nix-src#115](https://github.com/DeterminateSystems/nix-src/pull/115) \ No newline at end of file diff --git a/doc/manual/source/release-notes-determinate/rl-3.6.5.md b/doc/manual/source/release-notes-determinate/rl-3.6.5.md new file mode 100644 index 00000000000..d7e7b8c0727 --- /dev/null +++ b/doc/manual/source/release-notes-determinate/rl-3.6.5.md @@ -0,0 +1,16 @@ +# Release 3.6.5 (2025-06-16) + +* Based on [upstream Nix 2.29.0](../release-notes/rl-2.29.md). + +## What's Changed +* Release v3.6.4 by @github-actions in [DeterminateSystems/nix-src#109](https://github.com/DeterminateSystems/nix-src/pull/109) +* Fixup the complainy docs line by @grahamc in [DeterminateSystems/nix-src#111](https://github.com/DeterminateSystems/nix-src/pull/111) +* Move the actual vm tests / flake regressions into the generic build phase by @grahamc in [DeterminateSystems/nix-src#112](https://github.com/DeterminateSystems/nix-src/pull/112) +* Fix broken fetchToStore() caching by @edolstra in [DeterminateSystems/nix-src#110](https://github.com/DeterminateSystems/nix-src/pull/110) +* Parallelize the flake regression suite by @grahamc in [DeterminateSystems/nix-src#114](https://github.com/DeterminateSystems/nix-src/pull/114) +* Don't build fallback-paths if we didn't build aarch64-linux and x86 d… …arwin by @grahamc in [DeterminateSystems/nix-src#116](https://github.com/DeterminateSystems/nix-src/pull/116) +* Use GHA runners for VMs since they have KVM by @grahamc in [DeterminateSystems/nix-src#118](https://github.com/DeterminateSystems/nix-src/pull/118) +* fetchToStore() cache: Use content hashes instead of store paths by @edolstra in [DeterminateSystems/nix-src#115](https://github.com/DeterminateSystems/nix-src/pull/115) + + +**Full Changelog**: [v3.6.3...v3.6.5](https://github.com/DeterminateSystems/nix-src/compare/v3.6.3...v3.6.5) From fe6972f6f0b030ffccc20f6fb203911550dd2254 Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Mon, 16 Jun 2025 17:16:14 -0400 Subject: [PATCH 707/815] Fixup type (generare) --- .github/workflows/propose-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/propose-release.yml b/.github/workflows/propose-release.yml index 82407abe7fe..ea01e4b7afe 100644 --- a/.github/workflows/propose-release.yml +++ b/.github/workflows/propose-release.yml @@ -29,4 +29,4 @@ jobs: git commit -m "Set .version-determinate to ${{ inputs.version }}" || true ./.github/release-notes.sh git add doc - git commit -m "Generare release notes for ${{ inputs.version }}" || true + git commit -m "Generate release notes for ${{ inputs.version }}" || true From 97e2e9159b6217a33b96df58f8edce8f6e03a408 Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Mon, 16 Jun 2025 17:17:42 -0400 Subject: [PATCH 708/815] Fixup generar->te in commit automation From c0e53f3312f9a743f6997a83e9dddf21aaaf853f Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Mon, 16 Jun 2025 17:17:55 -0400 Subject: [PATCH 709/815] Move the 3.6.4 notes over --- doc/manual/source/SUMMARY.md.in | 1 - .../release-notes-determinate/changes.md | 21 ++-------------- .../release-notes-determinate/rl-3.6.4.md | 20 --------------- .../release-notes-determinate/rl-3.6.5.md | 25 +++++++++++-------- 4 files changed, 16 insertions(+), 51 deletions(-) delete mode 100644 doc/manual/source/release-notes-determinate/rl-3.6.4.md diff --git a/doc/manual/source/SUMMARY.md.in b/doc/manual/source/SUMMARY.md.in index 18d8c13b005..374aacb594e 100644 --- a/doc/manual/source/SUMMARY.md.in +++ b/doc/manual/source/SUMMARY.md.in @@ -130,7 +130,6 @@ - [Determinate Nix Release Notes](release-notes-determinate/index.md) - [Changes between Nix and Determinate Nix](release-notes-determinate/changes.md) - [Release 3.6.5 (2025-06-16)](release-notes-determinate/rl-3.6.5.md) - - [Release 3.6.4 (2025-06-12)](release-notes-determinate/rl-3.6.4.md) - [Release 3.6.2 (2025-06-02)](release-notes-determinate/rl-3.6.2.md) - [Release 3.6.1 (2025-05-24)](release-notes-determinate/rl-3.6.1.md) - [Release 3.6.0 (2025-05-22)](release-notes-determinate/rl-3.6.0.md) diff --git a/doc/manual/source/release-notes-determinate/changes.md b/doc/manual/source/release-notes-determinate/changes.md index ca75f9fd548..30a68f6e91d 100644 --- a/doc/manual/source/release-notes-determinate/changes.md +++ b/doc/manual/source/release-notes-determinate/changes.md @@ -47,8 +47,9 @@ This section lists the differences between upstream Nix 2.29 and Determinate Nix * Call out that `--keep-failed` with remote builders will keep the failed build directory on that builder by @cole-h in [DeterminateSystems/nix-src#85](https://github.com/DeterminateSystems/nix-src/pull/85) - + + * When remote building with --keep-failed, only show "you can rerun" message if the derivation's platform is supported on this machine by @cole-h in [DeterminateSystems/nix-src#87](https://github.com/DeterminateSystems/nix-src/pull/87) @@ -71,21 +72,3 @@ This section lists the differences between upstream Nix 2.29 and Determinate Nix * Improve error messages that use the hypothetical future tense of "will" by @lucperkins in [DeterminateSystems/nix-src#92](https://github.com/DeterminateSystems/nix-src/pull/92) * Improve caching of inputs in dry-run mode by @edolstra in [DeterminateSystems/nix-src#98](https://github.com/DeterminateSystems/nix-src/pull/98) - - - -* Release v3.6.4 by @github-actions in [DeterminateSystems/nix-src#109](https://github.com/DeterminateSystems/nix-src/pull/109) - -* Fixup the complainy docs line by @grahamc in [DeterminateSystems/nix-src#111](https://github.com/DeterminateSystems/nix-src/pull/111) - -* Move the actual vm tests / flake regressions into the generic build phase by @grahamc in [DeterminateSystems/nix-src#112](https://github.com/DeterminateSystems/nix-src/pull/112) - -* Fix broken fetchToStore() caching by @edolstra in [DeterminateSystems/nix-src#110](https://github.com/DeterminateSystems/nix-src/pull/110) - -* Parallelize the flake regression suite by @grahamc in [DeterminateSystems/nix-src#114](https://github.com/DeterminateSystems/nix-src/pull/114) - -* Don't build fallback-paths if we didn't build aarch64-linux and x86 d… …arwin by @grahamc in [DeterminateSystems/nix-src#116](https://github.com/DeterminateSystems/nix-src/pull/116) - -* Use GHA runners for VMs since they have KVM by @grahamc in [DeterminateSystems/nix-src#118](https://github.com/DeterminateSystems/nix-src/pull/118) - -* fetchToStore() cache: Use content hashes instead of store paths by @edolstra in [DeterminateSystems/nix-src#115](https://github.com/DeterminateSystems/nix-src/pull/115) \ No newline at end of file diff --git a/doc/manual/source/release-notes-determinate/rl-3.6.4.md b/doc/manual/source/release-notes-determinate/rl-3.6.4.md deleted file mode 100644 index 64086bfba46..00000000000 --- a/doc/manual/source/release-notes-determinate/rl-3.6.4.md +++ /dev/null @@ -1,20 +0,0 @@ -# Release 3.6.4 (2025-06-12) - -* Based on [upstream Nix 2.29.0](../release-notes/rl-2.29.md). - -## What's Changed -* When remote building with --keep-failed, only show "you can rerun" message if the derivation's platform is supported on this machine by @cole-h in [DeterminateSystems/nix-src#87](https://github.com/DeterminateSystems/nix-src/pull/87) -* Indicate that sandbox-paths specifies a missing file in the corresponding error message. by @cole-h in [DeterminateSystems/nix-src#88](https://github.com/DeterminateSystems/nix-src/pull/88) -* Render lazy tree paths in messages withouth the/nix/store/hash... prefix in substituted source trees by @edolstra in [DeterminateSystems/nix-src#91](https://github.com/DeterminateSystems/nix-src/pull/91) -* Use FlakeHub inputs by @lucperkins in [DeterminateSystems/nix-src#89](https://github.com/DeterminateSystems/nix-src/pull/89) -* Proactively cache more flake inputs and fetches by @edolstra in [DeterminateSystems/nix-src#93](https://github.com/DeterminateSystems/nix-src/pull/93) -* Fix: register extra builtins just once by @edolstra in [DeterminateSystems/nix-src#97](https://github.com/DeterminateSystems/nix-src/pull/97) -* Fix the link to `builders-use-substitutes` documentation for `builders` by @lucperkins in [DeterminateSystems/nix-src#102](https://github.com/DeterminateSystems/nix-src/pull/102) -* Improve error messages that use the hypothetical future tense of "will" by @lucperkins in [DeterminateSystems/nix-src#92](https://github.com/DeterminateSystems/nix-src/pull/92) -* Make the `nix repl` test more stable by @edolstra in [DeterminateSystems/nix-src#103](https://github.com/DeterminateSystems/nix-src/pull/103) -* Run nixpkgsLibTests against lazy trees by @edolstra in [DeterminateSystems/nix-src#100](https://github.com/DeterminateSystems/nix-src/pull/100) -* Run the Nix test suite against lazy trees by @edolstra in [DeterminateSystems/nix-src#105](https://github.com/DeterminateSystems/nix-src/pull/105) -* Improve caching of inputs in dry-run mode by @edolstra in [DeterminateSystems/nix-src#98](https://github.com/DeterminateSystems/nix-src/pull/98) - - -**Full Changelog**: [v3.6.2...v3.6.4](https://github.com/DeterminateSystems/nix-src/compare/v3.6.2...v3.6.4) diff --git a/doc/manual/source/release-notes-determinate/rl-3.6.5.md b/doc/manual/source/release-notes-determinate/rl-3.6.5.md index d7e7b8c0727..8ef5be0fd0d 100644 --- a/doc/manual/source/release-notes-determinate/rl-3.6.5.md +++ b/doc/manual/source/release-notes-determinate/rl-3.6.5.md @@ -1,16 +1,19 @@ -# Release 3.6.5 (2025-06-16) +# Release 3.6.5 (2025-06-12) * Based on [upstream Nix 2.29.0](../release-notes/rl-2.29.md). ## What's Changed -* Release v3.6.4 by @github-actions in [DeterminateSystems/nix-src#109](https://github.com/DeterminateSystems/nix-src/pull/109) -* Fixup the complainy docs line by @grahamc in [DeterminateSystems/nix-src#111](https://github.com/DeterminateSystems/nix-src/pull/111) -* Move the actual vm tests / flake regressions into the generic build phase by @grahamc in [DeterminateSystems/nix-src#112](https://github.com/DeterminateSystems/nix-src/pull/112) -* Fix broken fetchToStore() caching by @edolstra in [DeterminateSystems/nix-src#110](https://github.com/DeterminateSystems/nix-src/pull/110) -* Parallelize the flake regression suite by @grahamc in [DeterminateSystems/nix-src#114](https://github.com/DeterminateSystems/nix-src/pull/114) -* Don't build fallback-paths if we didn't build aarch64-linux and x86 d… …arwin by @grahamc in [DeterminateSystems/nix-src#116](https://github.com/DeterminateSystems/nix-src/pull/116) -* Use GHA runners for VMs since they have KVM by @grahamc in [DeterminateSystems/nix-src#118](https://github.com/DeterminateSystems/nix-src/pull/118) -* fetchToStore() cache: Use content hashes instead of store paths by @edolstra in [DeterminateSystems/nix-src#115](https://github.com/DeterminateSystems/nix-src/pull/115) +* When remote building with --keep-failed, only show "you can rerun" message if the derivation's platform is supported on this machine by @cole-h in [DeterminateSystems/nix-src#87](https://github.com/DeterminateSystems/nix-src/pull/87) +* Indicate that sandbox-paths specifies a missing file in the corresponding error message. by @cole-h in [DeterminateSystems/nix-src#88](https://github.com/DeterminateSystems/nix-src/pull/88) +* Render lazy tree paths in messages withouth the/nix/store/hash... prefix in substituted source trees by @edolstra in [DeterminateSystems/nix-src#91](https://github.com/DeterminateSystems/nix-src/pull/91) +* Use FlakeHub inputs by @lucperkins in [DeterminateSystems/nix-src#89](https://github.com/DeterminateSystems/nix-src/pull/89) +* Proactively cache more flake inputs and fetches by @edolstra in [DeterminateSystems/nix-src#93](https://github.com/DeterminateSystems/nix-src/pull/93) +* Fix: register extra builtins just once by @edolstra in [DeterminateSystems/nix-src#97](https://github.com/DeterminateSystems/nix-src/pull/97) +* Fix the link to `builders-use-substitutes` documentation for `builders` by @lucperkins in [DeterminateSystems/nix-src#102](https://github.com/DeterminateSystems/nix-src/pull/102) +* Improve error messages that use the hypothetical future tense of "will" by @lucperkins in [DeterminateSystems/nix-src#92](https://github.com/DeterminateSystems/nix-src/pull/92) +* Make the `nix repl` test more stable by @edolstra in [DeterminateSystems/nix-src#103](https://github.com/DeterminateSystems/nix-src/pull/103) +* Run nixpkgsLibTests against lazy trees by @edolstra in [DeterminateSystems/nix-src#100](https://github.com/DeterminateSystems/nix-src/pull/100) +* Run the Nix test suite against lazy trees by @edolstra in [DeterminateSystems/nix-src#105](https://github.com/DeterminateSystems/nix-src/pull/105) +* Improve caching of inputs by @edolstra in [DeterminateSystems/nix-src#98](https://github.com/DeterminateSystems/nix-src/pull/98), [DeterminateSystems/nix-src#110](https://github.com/DeterminateSystems/nix-src/pull/110), and [DeterminateSystems/nix-src#115](https://github.com/DeterminateSystems/nix-src/pull/115) - -**Full Changelog**: [v3.6.3...v3.6.5](https://github.com/DeterminateSystems/nix-src/compare/v3.6.3...v3.6.5) +**Full Changelog**: [v3.6.2...v3.6.5](https://github.com/DeterminateSystems/nix-src/compare/v3.6.2...v3.6.4) From 0f3892185d00165cb0d326e8ba0bc13da4b65db4 Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Mon, 16 Jun 2025 17:20:58 -0400 Subject: [PATCH 710/815] Add a final newline in the generated release notes --- .github/release-notes.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/release-notes.sh b/.github/release-notes.sh index 9937c18cfcd..19836116126 100755 --- a/.github/release-notes.sh +++ b/.github/release-notes.sh @@ -45,6 +45,7 @@ linkify_gh() { | trim_trailing_newlines \ | sed -e 's/^\* /\n* /' \ | linkify_gh + echo "" # final newline ) > "$scratch/changes.md" ( From 5329a45ade7fd94c180a538e0e7832fbff1220e7 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 16 Jun 2025 18:16:30 +0200 Subject: [PATCH 711/815] Git fetcher: Make dirty repos with no commits cacheable --- src/libfetchers/git.cc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/libfetchers/git.cc b/src/libfetchers/git.cc index 2825b72ab09..4a00d4e3443 100644 --- a/src/libfetchers/git.cc +++ b/src/libfetchers/git.cc @@ -860,7 +860,7 @@ struct GitInputScheme : InputScheme return makeFingerprint(*rev); else { auto repoInfo = getRepoInfo(input); - if (auto repoPath = repoInfo.getPath(); repoPath && repoInfo.workdirInfo.headRev && repoInfo.workdirInfo.submodules.empty()) { + if (auto repoPath = repoInfo.getPath(); repoPath && repoInfo.workdirInfo.submodules.empty()) { /* Calculate a fingerprint that takes into account the deleted and modified/added files. */ HashSink hashSink{HashAlgorithm::SHA512}; @@ -873,7 +873,7 @@ struct GitInputScheme : InputScheme writeString("deleted:", hashSink); writeString(file.abs(), hashSink); } - return makeFingerprint(*repoInfo.workdirInfo.headRev) + return makeFingerprint(repoInfo.workdirInfo.headRev.value_or(nullRev)) + ";d=" + hashSink.finish().first.to_string(HashFormat::Base16, false); } return std::nullopt; From a175c67def61f68b8b1ac860ea7b0672badd1d6e Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 16 Jun 2025 19:34:28 +0200 Subject: [PATCH 712/815] Fix rootFS fingerprint in the impure case --- src/libutil/union-source-accessor.cc | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/src/libutil/union-source-accessor.cc b/src/libutil/union-source-accessor.cc index 9950f604960..69cf04c186b 100644 --- a/src/libutil/union-source-accessor.cc +++ b/src/libutil/union-source-accessor.cc @@ -72,6 +72,18 @@ struct UnionSourceAccessor : SourceAccessor } return std::nullopt; } + + std::pair> getFingerprint(const CanonPath & path) override + { + if (fingerprint) + return {path, fingerprint}; + for (auto & accessor : accessors) { + auto [subpath, fingerprint] = accessor->getFingerprint(path); + if (fingerprint) + return {subpath, fingerprint}; + } + return {path, std::nullopt}; + } }; ref makeUnionSourceAccessor(std::vector> && accessors) From 3a4e6cadebacba2723306f2da7f9bdd12ccdf5ff Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 16 Jun 2025 18:25:55 +0200 Subject: [PATCH 713/815] Improve regression testing for uncachable source paths These now throw an error by default in the test suite. --- src/libfetchers/fetch-to-store.cc | 8 ++++++-- tests/functional/flakes/common.sh | 2 ++ tests/functional/flakes/flake-in-submodule.sh | 6 +++--- tests/functional/flakes/flakes.sh | 1 - tests/functional/flakes/mercurial.sh | 4 ++-- tests/functional/flakes/non-flake-inputs.sh | 8 ++++---- tests/functional/flakes/relative-paths-lockfile.sh | 2 ++ 7 files changed, 19 insertions(+), 12 deletions(-) diff --git a/src/libfetchers/fetch-to-store.cc b/src/libfetchers/fetch-to-store.cc index 877e49c1413..e6b9430a271 100644 --- a/src/libfetchers/fetch-to-store.cc +++ b/src/libfetchers/fetch-to-store.cc @@ -55,9 +55,13 @@ std::pair fetchToStore2( } debug("source path '%s' not in store", path); } - } else + } else { + static auto barf = getEnv("_NIX_TEST_BARF_ON_UNCACHEABLE").value_or("") == "1"; + if (barf) + throw Error("source path '%s' is uncacheable (filter=%d)", path, (bool) filter); // FIXME: could still provide in-memory caching keyed on `SourcePath`. - debug("source path '%s' is uncacheable (%d, %d)", path, (bool) filter, (bool) fingerprint); + debug("source path '%s' is uncacheable", path); + } Activity act(*logger, lvlChatty, actUnknown, fmt(mode == FetchMode::DryRun ? "hashing '%s'" : "copying '%s' to the store", path)); diff --git a/tests/functional/flakes/common.sh b/tests/functional/flakes/common.sh index 422cab96cc2..77bc030605f 100644 --- a/tests/functional/flakes/common.sh +++ b/tests/functional/flakes/common.sh @@ -2,6 +2,8 @@ source ../common.sh +export _NIX_TEST_BARF_ON_UNCACHEABLE=1 + # shellcheck disable=SC2034 # this variable is used by tests that source this file registry=$TEST_ROOT/registry.json diff --git a/tests/functional/flakes/flake-in-submodule.sh b/tests/functional/flakes/flake-in-submodule.sh index fe5acf26dec..a7d86698de8 100755 --- a/tests/functional/flakes/flake-in-submodule.sh +++ b/tests/functional/flakes/flake-in-submodule.sh @@ -62,8 +62,8 @@ flakeref=git+file://$rootRepo\?submodules=1\&dir=submodule # Check that dirtying a submodule makes the entire thing dirty. [[ $(nix flake metadata --json "$flakeref" | jq -r .locked.rev) != null ]] echo '"foo"' > "$rootRepo"/submodule/sub.nix -[[ $(nix eval --json "$flakeref#sub" ) = '"foo"' ]] -[[ $(nix flake metadata --json "$flakeref" | jq -r .locked.rev) = null ]] +[[ $(_NIX_TEST_BARF_ON_UNCACHEABLE='' nix eval --json "$flakeref#sub" ) = '"foo"' ]] +[[ $(_NIX_TEST_BARF_ON_UNCACHEABLE='' nix flake metadata --json "$flakeref" | jq -r .locked.rev) = null ]] # Test that `nix flake metadata` parses `submodule` correctly. cat > "$rootRepo"/flake.nix <&1 | grepQuietInverse "source path.*is uncacheable" nix build -o "$TEST_ROOT/result" "git+file://$flake1Dir?ref=HEAD#default" -vvvvv 2>&1 | grepQuiet "source path.*cache hit" fi diff --git a/tests/functional/flakes/mercurial.sh b/tests/functional/flakes/mercurial.sh index b9045bf6bad..b6c14fc2605 100755 --- a/tests/functional/flakes/mercurial.sh +++ b/tests/functional/flakes/mercurial.sh @@ -27,9 +27,9 @@ nix build -o "$TEST_ROOT/result" "hg+file://$flake2Dir" (! nix flake metadata --json "hg+file://$flake2Dir" | jq -e -r .revision) -nix eval "hg+file://$flake2Dir"#expr +_NIX_TEST_BARF_ON_UNCACHEABLE='' nix eval "hg+file://$flake2Dir"#expr -nix eval "hg+file://$flake2Dir"#expr +_NIX_TEST_BARF_ON_UNCACHEABLE='' nix eval "hg+file://$flake2Dir"#expr (! nix eval "hg+file://$flake2Dir"#expr --no-allow-dirty) diff --git a/tests/functional/flakes/non-flake-inputs.sh b/tests/functional/flakes/non-flake-inputs.sh index f5e12cd0141..7e55aca20bb 100644 --- a/tests/functional/flakes/non-flake-inputs.sh +++ b/tests/functional/flakes/non-flake-inputs.sh @@ -72,7 +72,7 @@ nix build -o "$TEST_ROOT/result" "$flake3Dir#sth" --commit-lock-file nix registry add --registry "$registry" flake3 "git+file://$flake3Dir" -nix build -o "$TEST_ROOT/result" flake3#fnord +_NIX_TEST_BARF_ON_UNCACHEABLE='' nix build -o "$TEST_ROOT/result" flake3#fnord [[ $(cat "$TEST_ROOT/result") = FNORD ]] # Check whether flake input fetching is lazy: flake3#sth does not @@ -82,11 +82,11 @@ clearStore mv "$flake2Dir" "$flake2Dir.tmp" mv "$nonFlakeDir" "$nonFlakeDir.tmp" nix build -o "$TEST_ROOT/result" flake3#sth -(! nix build -o "$TEST_ROOT/result" flake3#xyzzy) -(! nix build -o "$TEST_ROOT/result" flake3#fnord) +(! _NIX_TEST_BARF_ON_UNCACHEABLE='' nix build -o "$TEST_ROOT/result" flake3#xyzzy) +(! _NIX_TEST_BARF_ON_UNCACHEABLE='' nix build -o "$TEST_ROOT/result" flake3#fnord) mv "$flake2Dir.tmp" "$flake2Dir" mv "$nonFlakeDir.tmp" "$nonFlakeDir" -nix build -o "$TEST_ROOT/result" flake3#xyzzy flake3#fnord +_NIX_TEST_BARF_ON_UNCACHEABLE='' nix build -o "$TEST_ROOT/result" flake3#xyzzy flake3#fnord # Make branch "removeXyzzy" where flake3 doesn't have xyzzy anymore git -C "$flake3Dir" checkout -b removeXyzzy diff --git a/tests/functional/flakes/relative-paths-lockfile.sh b/tests/functional/flakes/relative-paths-lockfile.sh index d91aedd16cd..662c9329ca7 100644 --- a/tests/functional/flakes/relative-paths-lockfile.sh +++ b/tests/functional/flakes/relative-paths-lockfile.sh @@ -4,6 +4,8 @@ source ./common.sh requireGit +unset _NIX_TEST_BARF_ON_UNCACHEABLE + # Test a "vendored" subflake dependency. This is a relative path flake # which doesn't reference the root flake and has its own lock file. # From c6617d6f2e206436bb3f3717d38dedabe1836ff7 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 26 May 2025 15:53:05 +0200 Subject: [PATCH 714/815] Remove `buildUser` from `DerivationBuilder` The use of a `buildUser` is an implementation detail of some types of sandboxes that shouldn't exposed. --- src/libstore/build/derivation-goal.cc | 2 +- src/libstore/unix/build/derivation-builder.cc | 7 ++++++- .../unix/include/nix/store/build/derivation-builder.hh | 5 ----- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/src/libstore/build/derivation-goal.cc b/src/libstore/build/derivation-goal.cc index 850d21bca26..02f80b65e0a 100644 --- a/src/libstore/build/derivation-goal.cc +++ b/src/libstore/build/derivation-goal.cc @@ -895,8 +895,8 @@ Goal::Co DerivationGoal::tryToBuild() builder->startBuilder(); } catch (BuildError & e) { + builder.reset(); outputLocks.unlock(); - builder->buildUser.reset(); worker.permanentFailure = true; co_return done(BuildResult::InputRejected, {}, std::move(e)); } diff --git a/src/libstore/unix/build/derivation-builder.cc b/src/libstore/unix/build/derivation-builder.cc index e84e2db6edc..a086f68ca7e 100644 --- a/src/libstore/unix/build/derivation-builder.cc +++ b/src/libstore/unix/build/derivation-builder.cc @@ -113,6 +113,11 @@ class DerivationBuilderImpl : public DerivationBuilder, DerivationBuilderParams private: + /** + * User selected for running the builder. + */ + std::unique_ptr buildUser; + /** * The cgroup of the builder, if any. */ @@ -271,7 +276,7 @@ class DerivationBuilderImpl : public DerivationBuilder, DerivationBuilderParams /** * Start building a derivation. */ - void startBuilder() override;; + void startBuilder() override; /** * Tear down build environment after the builder exits (either on diff --git a/src/libstore/unix/include/nix/store/build/derivation-builder.hh b/src/libstore/unix/include/nix/store/build/derivation-builder.hh index 81a574fd0a3..e16162b7a8c 100644 --- a/src/libstore/unix/include/nix/store/build/derivation-builder.hh +++ b/src/libstore/unix/include/nix/store/build/derivation-builder.hh @@ -145,11 +145,6 @@ struct DerivationBuilderCallbacks */ struct DerivationBuilder : RestrictionContext { - /** - * User selected for running the builder. - */ - std::unique_ptr buildUser; - /** * The process ID of the builder. */ From 189fdfa7762a925b20e4eba030c125cc7b81a276 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 26 May 2025 15:55:58 +0200 Subject: [PATCH 715/815] Remove duplicate comments on DerivationBuilderImpl overriden methods Having the exact same doc comments isn't very useful/maintainable. --- src/libstore/unix/build/derivation-builder.cc | 31 ------------------- 1 file changed, 31 deletions(-) diff --git a/src/libstore/unix/build/derivation-builder.cc b/src/libstore/unix/build/derivation-builder.cc index a086f68ca7e..7903fe5df02 100644 --- a/src/libstore/unix/build/derivation-builder.cc +++ b/src/libstore/unix/build/derivation-builder.cc @@ -263,30 +263,10 @@ class DerivationBuilderImpl : public DerivationBuilder, DerivationBuilderParams public: - /** - * Set up build environment / sandbox, acquiring resources (e.g. - * locks as needed). After this is run, the builder should be - * started. - * - * @returns true if successful, false if we could not acquire a build - * user. In that case, the caller must wait and then try again. - */ bool prepareBuild() override; - /** - * Start building a derivation. - */ void startBuilder() override; - /** - * Tear down build environment after the builder exits (either on - * its own or if it is killed). - * - * @returns The first case indicates failure during output - * processing. A status code and exception are returned, providing - * more information. The second case indicates success, and - * realisations for each output of the derivation are returned. - */ std::variant, SingleDrvOutputs> unprepareBuild() override; private: @@ -318,10 +298,6 @@ class DerivationBuilderImpl : public DerivationBuilder, DerivationBuilderParams public: - /** - * Stop the in-process nix daemon thread. - * @see startDaemon - */ void stopDaemon() override; private: @@ -353,15 +329,8 @@ class DerivationBuilderImpl : public DerivationBuilder, DerivationBuilderParams public: - /** - * Delete the temporary directory, if we have one. - */ void deleteTmpDir(bool force) override; - /** - * Kill any processes running under the build user UID or in the - * cgroup of the build. - */ void killSandbox(bool getStats) override; private: From af1b580ff6bce3166246ee9dc5c5197a0182e31e Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 26 May 2025 17:12:54 +0200 Subject: [PATCH 716/815] DerivationBuilderImpl: Drop std::optional from derivationType No point in computing this lazily, since it's pretty much the first thing the DerivationBuilder does. --- src/libstore/unix/build/derivation-builder.cc | 25 ++++++++----------- 1 file changed, 11 insertions(+), 14 deletions(-) diff --git a/src/libstore/unix/build/derivation-builder.cc b/src/libstore/unix/build/derivation-builder.cc index 7903fe5df02..027c4aa3bf2 100644 --- a/src/libstore/unix/build/derivation-builder.cc +++ b/src/libstore/unix/build/derivation-builder.cc @@ -107,6 +107,7 @@ class DerivationBuilderImpl : public DerivationBuilder, DerivationBuilderParams : DerivationBuilderParams{std::move(params)} , store{store} , miscMethods{std::move(miscMethods)} + , derivationType(drv.type()) { } LocalStore & getLocalStore(); @@ -175,9 +176,9 @@ class DerivationBuilderImpl : public DerivationBuilder, DerivationBuilderParams /** * The sort of derivation we are building. * - * Just a cached value, can be recomputed from `drv`. + * Just a cached value, computed from `drv`. */ - std::optional derivationType; + const DerivationType derivationType; /** * Stuff we need to pass to initChild(). @@ -445,9 +446,6 @@ void DerivationBuilderImpl::killSandbox(bool getStats) bool DerivationBuilderImpl::prepareBuild() { - /* Cache this */ - derivationType = drv.type(); - /* Are we doing a chroot build? */ { if (settings.sandboxMode == smEnabled) { @@ -464,7 +462,7 @@ bool DerivationBuilderImpl::prepareBuild() else if (settings.sandboxMode == smDisabled) useChroot = false; else if (settings.sandboxMode == smRelaxed) - useChroot = derivationType->isSandboxed() && !drvOptions.noChroot; + useChroot = derivationType.isSandboxed() && !drvOptions.noChroot; } auto & localStore = getLocalStore(); @@ -601,11 +599,10 @@ std::variant, SingleDrvOutputs> Derivation return std::move(builtOutputs); } catch (BuildError & e) { - assert(derivationType); BuildResult::Status st = dynamic_cast(&e) ? BuildResult::NotDeterministic : statusOk(status) ? BuildResult::OutputRejected : - !derivationType->isSandboxed() || diskFull ? BuildResult::TransientFailure : + !derivationType.isSandboxed() || diskFull ? BuildResult::TransientFailure : BuildResult::PermanentFailure; return std::pair{std::move(st), std::move(e)}; @@ -1081,7 +1078,7 @@ void DerivationBuilderImpl::startBuilder() "nogroup:x:65534:\n", sandboxGid())); /* Create /etc/hosts with localhost entry. */ - if (derivationType->isSandboxed()) + if (derivationType.isSandboxed()) writeFile(chrootRootDir + "/etc/hosts", "127.0.0.1 localhost\n::1 localhost\n"); /* Make the closure of the inputs available in the chroot, @@ -1309,7 +1306,7 @@ void DerivationBuilderImpl::startBuilder() ProcessOptions options; options.cloneFlags = CLONE_NEWPID | CLONE_NEWNS | CLONE_NEWIPC | CLONE_NEWUTS | CLONE_PARENT | SIGCHLD; - if (derivationType->isSandboxed()) + if (derivationType.isSandboxed()) options.cloneFlags |= CLONE_NEWNET; if (usingUserNamespace) options.cloneFlags |= CLONE_NEWUSER; @@ -1515,7 +1512,7 @@ void DerivationBuilderImpl::initEnv() derivation, tell the builder, so that for instance `fetchurl' can skip checking the output. On older Nixes, this environment variable won't be set, so `fetchurl' will do the check. */ - if (derivationType->isFixed()) env["NIX_OUTPUT_CHECKED"] = "1"; + if (derivationType.isFixed()) env["NIX_OUTPUT_CHECKED"] = "1"; /* *Only* if this is a fixed-output derivation, propagate the values of the environment variables specified in the @@ -1526,7 +1523,7 @@ void DerivationBuilderImpl::initEnv() to the builder is generally impure, but the output of fixed-output derivations is by definition pure (since we already know the cryptographic hash of the output). */ - if (!derivationType->isSandboxed()) { + if (!derivationType.isSandboxed()) { auto & impureEnv = settings.impureEnv.get(); if (!impureEnv.empty()) experimentalFeatureSettings.require(Xp::ConfigurableImpureEnv); @@ -1876,7 +1873,7 @@ void DerivationBuilderImpl::runChild() userNamespaceSync.readSide = -1; - if (derivationType->isSandboxed()) { + if (derivationType.isSandboxed()) { /* Initialise the loopback interface. */ AutoCloseFD fd(socket(PF_INET, SOCK_DGRAM, IPPROTO_IP)); @@ -1952,7 +1949,7 @@ void DerivationBuilderImpl::runChild() /* Fixed-output derivations typically need to access the network, so give them access to /etc/resolv.conf and so on. */ - if (!derivationType->isSandboxed()) { + if (!derivationType.isSandboxed()) { // Only use nss functions to resolve hosts and // services. Don’t use it for anything else that may // be configured for this system. This limits the From 3733f95ae5b6731af01e311fcee8a2e4d655986a Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 26 May 2025 19:42:07 +0200 Subject: [PATCH 717/815] DerivationBuilder: Move Linux/Darwin-specific code into subclasses --- .../unix/build/darwin-derivation-builder.cc | 181 +++ src/libstore/unix/build/derivation-builder.cc | 1046 ++++------------- .../unix/build/linux-derivation-builder.cc | 568 +++++++++ 3 files changed, 952 insertions(+), 843 deletions(-) create mode 100644 src/libstore/unix/build/darwin-derivation-builder.cc create mode 100644 src/libstore/unix/build/linux-derivation-builder.cc diff --git a/src/libstore/unix/build/darwin-derivation-builder.cc b/src/libstore/unix/build/darwin-derivation-builder.cc new file mode 100644 index 00000000000..3366403a76f --- /dev/null +++ b/src/libstore/unix/build/darwin-derivation-builder.cc @@ -0,0 +1,181 @@ +#ifdef __APPLE__ + +struct DarwinDerivationBuilder : DerivationBuilderImpl +{ + DarwinDerivationBuilder( + Store & store, std::unique_ptr miscMethods, DerivationBuilderParams params) + : DerivationBuilderImpl(store, std::move(miscMethods), std::move(params)) + { + useChroot = true; + } + + void execBuilder(const Strings & args, const Strings & envStrs) override + { + posix_spawnattr_t attrp; + + if (posix_spawnattr_init(&attrp)) + throw SysError("failed to initialize builder"); + + if (posix_spawnattr_setflags(&attrp, POSIX_SPAWN_SETEXEC)) + throw SysError("failed to initialize builder"); + + if (drv.platform == "aarch64-darwin") { + // Unset kern.curproc_arch_affinity so we can escape Rosetta + int affinity = 0; + sysctlbyname("kern.curproc_arch_affinity", NULL, NULL, &affinity, sizeof(affinity)); + + cpu_type_t cpu = CPU_TYPE_ARM64; + posix_spawnattr_setbinpref_np(&attrp, 1, &cpu, NULL); + } else if (drv.platform == "x86_64-darwin") { + cpu_type_t cpu = CPU_TYPE_X86_64; + posix_spawnattr_setbinpref_np(&attrp, 1, &cpu, NULL); + } + + posix_spawn( + NULL, drv.builder.c_str(), NULL, &attrp, stringsToCharPtrs(args).data(), stringsToCharPtrs(envStrs).data()); + } + + void setUser() override + { + DerivationBuilderImpl::setUser(); + + /* This has to appear before import statements. */ + std::string sandboxProfile = "(version 1)\n"; + + if (useChroot) { + + /* Lots and lots and lots of file functions freak out if they can't stat their full ancestry */ + PathSet ancestry; + + /* We build the ancestry before adding all inputPaths to the store because we know they'll + all have the same parents (the store), and there might be lots of inputs. This isn't + particularly efficient... I doubt it'll be a bottleneck in practice */ + for (auto & i : pathsInChroot) { + Path cur = i.first; + while (cur.compare("/") != 0) { + cur = dirOf(cur); + ancestry.insert(cur); + } + } + + /* And we want the store in there regardless of how empty pathsInChroot. We include the innermost + path component this time, since it's typically /nix/store and we care about that. */ + Path cur = store.storeDir; + while (cur.compare("/") != 0) { + ancestry.insert(cur); + cur = dirOf(cur); + } + + /* Add all our input paths to the chroot */ + for (auto & i : inputPaths) { + auto p = store.printStorePath(i); + pathsInChroot[p] = p; + } + + /* Violations will go to the syslog if you set this. Unfortunately the destination does not appear to be + * configurable */ + if (settings.darwinLogSandboxViolations) { + sandboxProfile += "(deny default)\n"; + } else { + sandboxProfile += "(deny default (with no-log))\n"; + } + + sandboxProfile += +# include "sandbox-defaults.sb" + ; + + if (!derivationType->isSandboxed()) + sandboxProfile += +# include "sandbox-network.sb" + ; + + /* Add the output paths we'll use at build-time to the chroot */ + sandboxProfile += "(allow file-read* file-write* process-exec\n"; + for (auto & [_, path] : scratchOutputs) + sandboxProfile += fmt("\t(subpath \"%s\")\n", store.printStorePath(path)); + + sandboxProfile += ")\n"; + + /* Our inputs (transitive dependencies and any impurities computed above) + + without file-write* allowed, access() incorrectly returns EPERM + */ + sandboxProfile += "(allow file-read* file-write* process-exec\n"; + + // We create multiple allow lists, to avoid exceeding a limit in the darwin sandbox interpreter. + // See https://github.com/NixOS/nix/issues/4119 + // We split our allow groups approximately at half the actual limit, 1 << 16 + const size_t breakpoint = sandboxProfile.length() + (1 << 14); + for (auto & i : pathsInChroot) { + + if (sandboxProfile.length() >= breakpoint) { + debug("Sandbox break: %d %d", sandboxProfile.length(), breakpoint); + sandboxProfile += ")\n(allow file-read* file-write* process-exec\n"; + } + + if (i.first != i.second.source) + throw Error( + "can't map '%1%' to '%2%': mismatched impure paths not supported on Darwin", + i.first, + i.second.source); + + std::string path = i.first; + auto optSt = maybeLstat(path.c_str()); + if (!optSt) { + if (i.second.optional) + continue; + throw SysError("getting attributes of required path '%s", path); + } + if (S_ISDIR(optSt->st_mode)) + sandboxProfile += fmt("\t(subpath \"%s\")\n", path); + else + sandboxProfile += fmt("\t(literal \"%s\")\n", path); + } + sandboxProfile += ")\n"; + + /* Allow file-read* on full directory hierarchy to self. Allows realpath() */ + sandboxProfile += "(allow file-read*\n"; + for (auto & i : ancestry) { + sandboxProfile += fmt("\t(literal \"%s\")\n", i); + } + sandboxProfile += ")\n"; + + sandboxProfile += drvOptions.additionalSandboxProfile; + } else + sandboxProfile += +# include "sandbox-minimal.sb" + ; + + debug("Generated sandbox profile:"); + debug(sandboxProfile); + + /* The tmpDir in scope points at the temporary build directory for our derivation. Some packages try different + mechanisms to find temporary directories, so we want to open up a broader place for them to put their files, + if needed. */ + Path globalTmpDir = canonPath(defaultTempDir(), true); + + /* They don't like trailing slashes on subpath directives */ + while (!globalTmpDir.empty() && globalTmpDir.back() == '/') + globalTmpDir.pop_back(); + + if (getEnv("_NIX_TEST_NO_SANDBOX") != "1") { + Strings sandboxArgs; + sandboxArgs.push_back("_GLOBAL_TMP_DIR"); + sandboxArgs.push_back(globalTmpDir); + if (drvOptions.allowLocalNetworking) { + sandboxArgs.push_back("_ALLOW_LOCAL_NETWORKING"); + sandboxArgs.push_back("1"); + } + char * sandbox_errbuf = nullptr; + if (sandbox_init_with_parameters( + sandboxProfile.c_str(), 0, stringsToCharPtrs(sandboxArgs).data(), &sandbox_errbuf)) { + writeFull( + STDERR_FILENO, + fmt("failed to configure sandbox: %s\n", sandbox_errbuf ? sandbox_errbuf : "(null)")); + _exit(1); + } + } + } +} + +#endif diff --git a/src/libstore/unix/build/derivation-builder.cc b/src/libstore/unix/build/derivation-builder.cc index 027c4aa3bf2..8b1a2e0ff37 100644 --- a/src/libstore/unix/build/derivation-builder.cc +++ b/src/libstore/unix/build/derivation-builder.cc @@ -92,8 +92,11 @@ MakeError(NotDeterministic, BuildError); * rather than incoming call edges that either should be removed, or * become (higher order) function parameters. */ -class DerivationBuilderImpl : public DerivationBuilder, DerivationBuilderParams +// FIXME: rename this to UnixDerivationBuilder or something like that. +class DerivationBuilderImpl : public DerivationBuilder, public DerivationBuilderParams { +protected: + Store & store; std::unique_ptr miscMethods; @@ -110,9 +113,7 @@ class DerivationBuilderImpl : public DerivationBuilder, DerivationBuilderParams , derivationType(drv.type()) { } - LocalStore & getLocalStore(); - -private: +protected: /** * User selected for running the builder. @@ -140,32 +141,16 @@ class DerivationBuilderImpl : public DerivationBuilder, DerivationBuilderParams */ Path tmpDirInSandbox; - /** - * Pipe for synchronising updates to the builder namespaces. - */ - Pipe userNamespaceSync; - - /** - * The mount namespace and user namespace of the builder, used to add additional - * paths to the sandbox as a result of recursive Nix calls. - */ - AutoCloseFD sandboxMountNamespace; - AutoCloseFD sandboxUserNamespace; - - /** - * On Linux, whether we're doing the build in its own user - * namespace. - */ - bool usingUserNamespace = true; - /** * Whether we're currently doing a chroot build. */ + // FIXME: remove bool useChroot = false; /** * The root of the chroot environment. */ + // FIXME: move Path chrootRootDir; /** @@ -219,9 +204,6 @@ class DerivationBuilderImpl : public DerivationBuilder, DerivationBuilderParams */ OutputPathMap scratchOutputs; - uid_t sandboxUid() { return usingUserNamespace ? (!buildUser || buildUser->getUIDCount() == 1 ? 1000 : 0) : buildUser->getUID(); } - gid_t sandboxGid() { return usingUserNamespace ? (!buildUser || buildUser->getUIDCount() == 1 ? 100 : 0) : buildUser->getGID(); } - const static Path homeDir; /** @@ -260,7 +242,10 @@ class DerivationBuilderImpl : public DerivationBuilder, DerivationBuilderParams /** * Whether we need to perform hash rewriting if there are valid output paths. */ - bool needsHashRewrite(); + virtual bool needsHashRewrite() + { + return true; + } public: @@ -270,6 +255,25 @@ class DerivationBuilderImpl : public DerivationBuilder, DerivationBuilderParams std::variant, SingleDrvOutputs> unprepareBuild() override; +protected: + + /** + * Called by prepareBuild() to do any setup in the parent to + * prepare for a sandboxed build. + */ + virtual void prepareSandbox(); + + /** + * Open the slave side of the pseudoterminal and use it as stderr. + */ + void openSlave(); + + /** + * Called by prepareBuild() to start the child process for the + * build. Must set `pid`. The child must call runChild(). + */ + virtual void startChild(); + private: /** @@ -277,11 +281,15 @@ class DerivationBuilderImpl : public DerivationBuilder, DerivationBuilderParams */ void initEnv(); +protected: + /** * Process messages send by the sandbox initialization. */ void processSandboxSetupMessages(); +private: + /** * Setup tmp dir location. */ @@ -305,6 +313,8 @@ class DerivationBuilderImpl : public DerivationBuilder, DerivationBuilderParams void addDependency(const StorePath & path) override; +protected: + /** * Make a file owned by the builder. */ @@ -315,6 +325,28 @@ class DerivationBuilderImpl : public DerivationBuilder, DerivationBuilderParams */ void runChild(); +private: + + /** + * Move the current process into the chroot, if any. Called early + * by runChild(). + */ + virtual void enterChroot() + { + } + + /** + * Change the current process's uid/gid to the build user, if + * any. Called by runChild(). + */ + virtual void setUser(); + + /** + * Execute the derivation builder process. Called by runChild() as + * its final step. Should not return unless there is an error. + */ + virtual void execBuilder(const Strings & args, const Strings & envStrs); + /** * Check that the derivation outputs all exist and register them * as valid. @@ -355,17 +387,6 @@ class DerivationBuilderImpl : public DerivationBuilder, DerivationBuilderParams StorePath makeFallbackPath(OutputNameView outputName); }; -std::unique_ptr makeDerivationBuilder( - Store & store, - std::unique_ptr miscMethods, - DerivationBuilderParams params) -{ - return std::make_unique( - store, - std::move(miscMethods), - std::move(params)); -} - void handleDiffHook( uid_t uid, uid_t gid, const Path & tryA, const Path & tryB, @@ -403,18 +424,7 @@ void handleDiffHook( const Path DerivationBuilderImpl::homeDir = "/homeless-shelter"; -inline bool DerivationBuilderImpl::needsHashRewrite() -{ -#ifdef __linux__ - return !useChroot; -#else - /* Darwin requires hash rewriting even when sandboxing is enabled. */ - return true; -#endif -} - - -LocalStore & DerivationBuilderImpl::getLocalStore() +static LocalStore & getLocalStore(Store & store) { auto p = dynamic_cast(&store); assert(p); @@ -446,45 +456,6 @@ void DerivationBuilderImpl::killSandbox(bool getStats) bool DerivationBuilderImpl::prepareBuild() { - /* Are we doing a chroot build? */ - { - if (settings.sandboxMode == smEnabled) { - if (drvOptions.noChroot) - throw Error("derivation '%s' has '__noChroot' set, " - "but that's not allowed when 'sandbox' is 'true'", store.printStorePath(drvPath)); -#ifdef __APPLE__ - if (drvOptions.additionalSandboxProfile != "") - throw Error("derivation '%s' specifies a sandbox profile, " - "but this is only allowed when 'sandbox' is 'relaxed'", store.printStorePath(drvPath)); -#endif - useChroot = true; - } - else if (settings.sandboxMode == smDisabled) - useChroot = false; - else if (settings.sandboxMode == smRelaxed) - useChroot = derivationType.isSandboxed() && !drvOptions.noChroot; - } - - auto & localStore = getLocalStore(); - if (localStore.storeDir != localStore.config->realStoreDir.get()) { - #ifdef __linux__ - useChroot = true; - #else - throw Error("building using a diverted store is not supported on this platform"); - #endif - } - - #ifdef __linux__ - if (useChroot) { - if (!mountAndPidNamespacesSupported()) { - if (!settings.sandboxFallback) - throw Error("this system does not support the kernel namespaces that are required for sandboxing; use '--no-sandbox' to disable sandboxing"); - debug("auto-disabling sandboxing because the prerequisite namespaces are not available"); - useChroot = false; - } - } - #endif - if (useBuildUsers()) { if (!buildUser) buildUser = acquireUserLock(drvOptions.useUidRange(drv) ? 65536 : 1, useChroot); @@ -500,6 +471,7 @@ bool DerivationBuilderImpl::prepareBuild() std::variant, SingleDrvOutputs> DerivationBuilderImpl::unprepareBuild() { + // FIXME: get rid of this, rely on RAII. Finally releaseBuildUser([&](){ /* Release the build user at the end of this function. We don't do it right away because we don't want another build grabbing this @@ -507,9 +479,6 @@ std::variant, SingleDrvOutputs> Derivation buildUser.reset(); }); - sandboxMountNamespace = -1; - sandboxUserNamespace = -1; - /* Since we got an EOF on the logger pipe, the builder is presumed to have terminated. In fact, the builder could also have simply have closed its end of the pipe, so just to be sure, @@ -675,7 +644,7 @@ bool DerivationBuilderImpl::cleanupDecideWhetherDiskFull() so, we don't mark this build as a permanent failure. */ #if HAVE_STATVFS { - auto & localStore = getLocalStore(); + auto & localStore = getLocalStore(store); uint64_t required = 8ULL * 1024 * 1024; // FIXME: make configurable struct statvfs st; if (statvfs(localStore.config->realStoreDir.get().c_str(), &st) == 0 && @@ -1028,118 +997,13 @@ void DerivationBuilderImpl::startBuilder() macOS 11+ has no /usr/lib/libSystem*.dylib */ pathsInChroot[i] = {i, true}; } - -#ifdef __linux__ - /* Create a temporary directory in which we set up the chroot - environment using bind-mounts. We put it in the Nix store - so that the build outputs can be moved efficiently from the - chroot to their final location. */ - auto chrootParentDir = store.Store::toRealPath(drvPath) + ".chroot"; - deletePath(chrootParentDir); - - /* Clean up the chroot directory automatically. */ - autoDelChroot = std::make_shared(chrootParentDir); - - printMsg(lvlChatty, "setting up chroot environment in '%1%'", chrootParentDir); - - if (mkdir(chrootParentDir.c_str(), 0700) == -1) - throw SysError("cannot create '%s'", chrootRootDir); - - chrootRootDir = chrootParentDir + "/root"; - - if (mkdir(chrootRootDir.c_str(), buildUser && buildUser->getUIDCount() != 1 ? 0755 : 0750) == -1) - throw SysError("cannot create '%1%'", chrootRootDir); - - if (buildUser && chown(chrootRootDir.c_str(), buildUser->getUIDCount() != 1 ? buildUser->getUID() : 0, buildUser->getGID()) == -1) - throw SysError("cannot change ownership of '%1%'", chrootRootDir); - - /* Create a writable /tmp in the chroot. Many builders need - this. (Of course they should really respect $TMPDIR - instead.) */ - Path chrootTmpDir = chrootRootDir + "/tmp"; - createDirs(chrootTmpDir); - chmod_(chrootTmpDir, 01777); - - /* Create a /etc/passwd with entries for the build user and the - nobody account. The latter is kind of a hack to support - Samba-in-QEMU. */ - createDirs(chrootRootDir + "/etc"); - if (drvOptions.useUidRange(drv)) - chownToBuilder(chrootRootDir + "/etc"); - - if (drvOptions.useUidRange(drv) && (!buildUser || buildUser->getUIDCount() < 65536)) - throw Error("feature 'uid-range' requires the setting '%s' to be enabled", settings.autoAllocateUids.name); - - /* Declare the build user's group so that programs get a consistent - view of the system (e.g., "id -gn"). */ - writeFile(chrootRootDir + "/etc/group", - fmt("root:x:0:\n" - "nixbld:!:%1%:\n" - "nogroup:x:65534:\n", sandboxGid())); - - /* Create /etc/hosts with localhost entry. */ - if (derivationType.isSandboxed()) - writeFile(chrootRootDir + "/etc/hosts", "127.0.0.1 localhost\n::1 localhost\n"); - - /* Make the closure of the inputs available in the chroot, - rather than the whole Nix store. This prevents any access - to undeclared dependencies. Directories are bind-mounted, - while other inputs are hard-linked (since only directories - can be bind-mounted). !!! As an extra security - precaution, make the fake Nix store only writable by the - build user. */ - Path chrootStoreDir = chrootRootDir + store.storeDir; - createDirs(chrootStoreDir); - chmod_(chrootStoreDir, 01775); - - if (buildUser && chown(chrootStoreDir.c_str(), 0, buildUser->getGID()) == -1) - throw SysError("cannot change ownership of '%1%'", chrootStoreDir); - - for (auto & i : inputPaths) { - auto p = store.printStorePath(i); - Path r = store.toRealPath(p); - pathsInChroot.insert_or_assign(p, r); - } - - /* If we're repairing, checking or rebuilding part of a - multiple-outputs derivation, it's possible that we're - rebuilding a path that is in settings.sandbox-paths - (typically the dependencies of /bin/sh). Throw them - out. */ - for (auto & i : drv.outputsAndOptPaths(store)) { - /* If the name isn't known a priori (i.e. floating - content-addressing derivation), the temporary location we use - should be fresh. Freshness means it is impossible that the path - is already in the sandbox, so we don't need to worry about - removing it. */ - if (i.second.second) - pathsInChroot.erase(store.printStorePath(*i.second.second)); - } - - if (cgroup) { - if (mkdir(cgroup->c_str(), 0755) != 0) - throw SysError("creating cgroup '%s'", *cgroup); - chownToBuilder(*cgroup); - chownToBuilder(*cgroup + "/cgroup.procs"); - chownToBuilder(*cgroup + "/cgroup.threads"); - //chownToBuilder(*cgroup + "/cgroup.subtree_control"); - } - -#else - if (drvOptions.useUidRange(drv)) - throw Error("feature 'uid-range' is not supported on this platform"); - #ifdef __APPLE__ - /* We don't really have any parent prep work to do (yet?) - All work happens in the child, instead. */ - #else - throw Error("sandboxing builds is not supported on this platform"); - #endif -#endif } else { if (drvOptions.useUidRange(drv)) throw Error("feature 'uid-range' is only supported in sandboxed builds"); } + prepareSandbox(); + if (needsHashRewrite() && pathExists(homeDir)) throw Error("home directory '%1%' exists; please remove it to assure purity of builds without sandboxing", homeDir); @@ -1218,194 +1082,52 @@ void DerivationBuilderImpl::startBuilder() if (unlockpt(builderOut.get())) throw SysError("unlocking pseudoterminal"); - /* Open the slave side of the pseudoterminal and use it as stderr. */ - auto openSlave = [&]() - { - AutoCloseFD builderOut = open(slaveName.c_str(), O_RDWR | O_NOCTTY); - if (!builderOut) - throw SysError("opening pseudoterminal slave"); - - // Put the pt into raw mode to prevent \n -> \r\n translation. - struct termios term; - if (tcgetattr(builderOut.get(), &term)) - throw SysError("getting pseudoterminal attributes"); - - cfmakeraw(&term); - - if (tcsetattr(builderOut.get(), TCSANOW, &term)) - throw SysError("putting pseudoterminal into raw mode"); - - if (dup2(builderOut.get(), STDERR_FILENO) == -1) - throw SysError("cannot pipe standard error into log file"); - }; - buildResult.startTime = time(0); - /* Fork a child to build the package. */ + /* Start a child process to build the derivation. */ + startChild(); -#ifdef __linux__ - if (useChroot) { - /* Set up private namespaces for the build: - - - The PID namespace causes the build to start as PID 1. - Processes outside of the chroot are not visible to those - on the inside, but processes inside the chroot are - visible from the outside (though with different PIDs). - - - The private mount namespace ensures that all the bind - mounts we do will only show up in this process and its - children, and will disappear automatically when we're - done. - - - The private network namespace ensures that the builder - cannot talk to the outside world (or vice versa). It - only has a private loopback interface. (Fixed-output - derivations are not run in a private network namespace - to allow functions like fetchurl to work.) - - - The IPC namespace prevents the builder from communicating - with outside processes using SysV IPC mechanisms (shared - memory, message queues, semaphores). It also ensures - that all IPC objects are destroyed when the builder - exits. - - - The UTS namespace ensures that builders see a hostname of - localhost rather than the actual hostname. - - We use a helper process to do the clone() to work around - clone() being broken in multi-threaded programs due to - at-fork handlers not being run. Note that we use - CLONE_PARENT to ensure that the real builder is parented to - us. - */ - - userNamespaceSync.create(); - - usingUserNamespace = userNamespacesSupported(); - - Pipe sendPid; - sendPid.create(); - - Pid helper = startProcess([&]() { - sendPid.readSide.close(); - - /* We need to open the slave early, before - CLONE_NEWUSER. Otherwise we get EPERM when running as - root. */ - openSlave(); - - try { - /* Drop additional groups here because we can't do it - after we've created the new user namespace. */ - if (setgroups(0, 0) == -1) { - if (errno != EPERM) - throw SysError("setgroups failed"); - if (settings.requireDropSupplementaryGroups) - throw Error("setgroups failed. Set the require-drop-supplementary-groups option to false to skip this step."); - } - - ProcessOptions options; - options.cloneFlags = CLONE_NEWPID | CLONE_NEWNS | CLONE_NEWIPC | CLONE_NEWUTS | CLONE_PARENT | SIGCHLD; - if (derivationType.isSandboxed()) - options.cloneFlags |= CLONE_NEWNET; - if (usingUserNamespace) - options.cloneFlags |= CLONE_NEWUSER; - - pid_t child = startProcess([&]() { runChild(); }, options); - - writeFull(sendPid.writeSide.get(), fmt("%d\n", child)); - _exit(0); - } catch (...) { - handleChildException(true); - _exit(1); - } - }); - - sendPid.writeSide.close(); - - if (helper.wait() != 0) { - processSandboxSetupMessages(); - // Only reached if the child process didn't send an exception. - throw Error("unable to start build process"); - } - - userNamespaceSync.readSide = -1; - - /* Close the write side to prevent runChild() from hanging - reading from this. */ - Finally cleanup([&]() { - userNamespaceSync.writeSide = -1; - }); - - auto ss = tokenizeString>(readLine(sendPid.readSide.get())); - assert(ss.size() == 1); - pid = string2Int(ss[0]).value(); - - if (usingUserNamespace) { - /* Set the UID/GID mapping of the builder's user namespace - such that the sandbox user maps to the build user, or to - the calling user (if build users are disabled). */ - uid_t hostUid = buildUser ? buildUser->getUID() : getuid(); - uid_t hostGid = buildUser ? buildUser->getGID() : getgid(); - uid_t nrIds = buildUser ? buildUser->getUIDCount() : 1; - - writeFile("/proc/" + std::to_string(pid) + "/uid_map", - fmt("%d %d %d", sandboxUid(), hostUid, nrIds)); + pid.setSeparatePG(true); + miscMethods->childStarted(builderOut.get()); - if (!buildUser || buildUser->getUIDCount() == 1) - writeFile("/proc/" + std::to_string(pid) + "/setgroups", "deny"); + processSandboxSetupMessages(); +} - writeFile("/proc/" + std::to_string(pid) + "/gid_map", - fmt("%d %d %d", sandboxGid(), hostGid, nrIds)); - } else { - debug("note: not using a user namespace"); - if (!buildUser) - throw Error("cannot perform a sandboxed build because user namespaces are not enabled; check /proc/sys/user/max_user_namespaces"); - } +void DerivationBuilderImpl::prepareSandbox() +{ + if (drvOptions.useUidRange(drv)) + throw Error("feature 'uid-range' is not supported on this platform"); +} - /* Now that we now the sandbox uid, we can write - /etc/passwd. */ - writeFile(chrootRootDir + "/etc/passwd", fmt( - "root:x:0:0:Nix build user:%3%:/noshell\n" - "nixbld:x:%1%:%2%:Nix build user:%3%:/noshell\n" - "nobody:x:65534:65534:Nobody:/:/noshell\n", - sandboxUid(), sandboxGid(), settings.sandboxBuildDir)); - - /* Save the mount- and user namespace of the child. We have to do this - *before* the child does a chroot. */ - sandboxMountNamespace = open(fmt("/proc/%d/ns/mnt", (pid_t) pid).c_str(), O_RDONLY); - if (sandboxMountNamespace.get() == -1) - throw SysError("getting sandbox mount namespace"); - - if (usingUserNamespace) { - sandboxUserNamespace = open(fmt("/proc/%d/ns/user", (pid_t) pid).c_str(), O_RDONLY); - if (sandboxUserNamespace.get() == -1) - throw SysError("getting sandbox user namespace"); - } +void DerivationBuilderImpl::openSlave() +{ + std::string slaveName = ptsname(builderOut.get()); - /* Move the child into its own cgroup. */ - if (cgroup) - writeFile(*cgroup + "/cgroup.procs", fmt("%d", (pid_t) pid)); + AutoCloseFD builderOut = open(slaveName.c_str(), O_RDWR | O_NOCTTY); + if (!builderOut) + throw SysError("opening pseudoterminal slave"); - /* Signal the builder that we've updated its user namespace. */ - writeFull(userNamespaceSync.writeSide.get(), "1"); + // Put the pt into raw mode to prevent \n -> \r\n translation. + struct termios term; + if (tcgetattr(builderOut.get(), &term)) + throw SysError("getting pseudoterminal attributes"); - } else -#endif - { - pid = startProcess([&]() { - openSlave(); - runChild(); - }); - } + cfmakeraw(&term); - /* parent */ - pid.setSeparatePG(true); - miscMethods->childStarted(builderOut.get()); + if (tcsetattr(builderOut.get(), TCSANOW, &term)) + throw SysError("putting pseudoterminal into raw mode"); - processSandboxSetupMessages(); + if (dup2(builderOut.get(), STDERR_FILENO) == -1) + throw SysError("cannot pipe standard error into log file"); } +void DerivationBuilderImpl::startChild() +{ + pid = startProcess([&]() { + openSlave(); + runChild(); + }); +} void DerivationBuilderImpl::processSandboxSetupMessages() { @@ -1583,7 +1305,7 @@ void DerivationBuilderImpl::startDaemon() auto store = makeRestrictedStore( [&]{ - auto config = make_ref(*getLocalStore().config); + auto config = make_ref(*getLocalStore(this->store).config); config->pathInfoCacheSize = 0; config->stateDir = "/no-such-path"; config->logDir = "/no-such-path"; @@ -1683,51 +1405,6 @@ void DerivationBuilderImpl::addDependency(const StorePath & path) if (isAllowed(path)) return; addedPaths.insert(path); - - /* If we're doing a sandbox build, then we have to make the path - appear in the sandbox. */ - if (useChroot) { - - debug("materialising '%s' in the sandbox", store.printStorePath(path)); - - #ifdef __linux__ - - Path source = store.Store::toRealPath(path); - Path target = chrootRootDir + store.printStorePath(path); - - if (pathExists(target)) { - // There is a similar debug message in doBind, so only run it in this block to not have double messages. - debug("bind-mounting %s -> %s", target, source); - throw Error("store path '%s' already exists in the sandbox", store.printStorePath(path)); - } - - /* Bind-mount the path into the sandbox. This requires - entering its mount namespace, which is not possible - in multithreaded programs. So we do this in a - child process.*/ - Pid child(startProcess([&]() { - - if (usingUserNamespace && (setns(sandboxUserNamespace.get(), 0) == -1)) - throw SysError("entering sandbox user namespace"); - - if (setns(sandboxMountNamespace.get(), 0) == -1) - throw SysError("entering sandbox mount namespace"); - - doBind(source, target); - - _exit(0); - })); - - int status = child.wait(); - if (status != 0) - throw Error("could not add path '%s' to sandbox", store.printStorePath(path)); - - #else - throw Error("don't know how to make path '%s' (produced by a recursive Nix call) appear in the sandbox", - store.printStorePath(path)); - #endif - - } } void DerivationBuilderImpl::chownToBuilder(const Path & path) @@ -1843,8 +1520,6 @@ void DerivationBuilderImpl::runChild() if (buildUser) throw; } - bool setUser = true; - /* Make the contents of netrc and the CA certificate bundle available to builtin:fetchurl (which may run under a different uid and/or in a sandbox). */ @@ -1863,234 +1538,7 @@ void DerivationBuilderImpl::runChild() } catch (SystemError &) { } } -#ifdef __linux__ - if (useChroot) { - - userNamespaceSync.writeSide = -1; - - if (drainFD(userNamespaceSync.readSide.get()) != "1") - throw Error("user namespace initialisation failed"); - - userNamespaceSync.readSide = -1; - - if (derivationType.isSandboxed()) { - - /* Initialise the loopback interface. */ - AutoCloseFD fd(socket(PF_INET, SOCK_DGRAM, IPPROTO_IP)); - if (!fd) throw SysError("cannot open IP socket"); - - struct ifreq ifr; - strcpy(ifr.ifr_name, "lo"); - ifr.ifr_flags = IFF_UP | IFF_LOOPBACK | IFF_RUNNING; - if (ioctl(fd.get(), SIOCSIFFLAGS, &ifr) == -1) - throw SysError("cannot set loopback interface flags"); - } - - /* Set the hostname etc. to fixed values. */ - char hostname[] = "localhost"; - if (sethostname(hostname, sizeof(hostname)) == -1) - throw SysError("cannot set host name"); - char domainname[] = "(none)"; // kernel default - if (setdomainname(domainname, sizeof(domainname)) == -1) - throw SysError("cannot set domain name"); - - /* Make all filesystems private. This is necessary - because subtrees may have been mounted as "shared" - (MS_SHARED). (Systemd does this, for instance.) Even - though we have a private mount namespace, mounting - filesystems on top of a shared subtree still propagates - outside of the namespace. Making a subtree private is - local to the namespace, though, so setting MS_PRIVATE - does not affect the outside world. */ - if (mount(0, "/", 0, MS_PRIVATE | MS_REC, 0) == -1) - throw SysError("unable to make '/' private"); - - /* Bind-mount chroot directory to itself, to treat it as a - different filesystem from /, as needed for pivot_root. */ - if (mount(chrootRootDir.c_str(), chrootRootDir.c_str(), 0, MS_BIND, 0) == -1) - throw SysError("unable to bind mount '%1%'", chrootRootDir); - - /* Bind-mount the sandbox's Nix store onto itself so that - we can mark it as a "shared" subtree, allowing bind - mounts made in *this* mount namespace to be propagated - into the child namespace created by the - unshare(CLONE_NEWNS) call below. - - Marking chrootRootDir as MS_SHARED causes pivot_root() - to fail with EINVAL. Don't know why. */ - Path chrootStoreDir = chrootRootDir + store.storeDir; - - if (mount(chrootStoreDir.c_str(), chrootStoreDir.c_str(), 0, MS_BIND, 0) == -1) - throw SysError("unable to bind mount the Nix store", chrootStoreDir); - - if (mount(0, chrootStoreDir.c_str(), 0, MS_SHARED, 0) == -1) - throw SysError("unable to make '%s' shared", chrootStoreDir); - - /* Set up a nearly empty /dev, unless the user asked to - bind-mount the host /dev. */ - Strings ss; - if (pathsInChroot.find("/dev") == pathsInChroot.end()) { - createDirs(chrootRootDir + "/dev/shm"); - createDirs(chrootRootDir + "/dev/pts"); - ss.push_back("/dev/full"); - if (store.config.systemFeatures.get().count("kvm") && pathExists("/dev/kvm")) - ss.push_back("/dev/kvm"); - ss.push_back("/dev/null"); - ss.push_back("/dev/random"); - ss.push_back("/dev/tty"); - ss.push_back("/dev/urandom"); - ss.push_back("/dev/zero"); - createSymlink("/proc/self/fd", chrootRootDir + "/dev/fd"); - createSymlink("/proc/self/fd/0", chrootRootDir + "/dev/stdin"); - createSymlink("/proc/self/fd/1", chrootRootDir + "/dev/stdout"); - createSymlink("/proc/self/fd/2", chrootRootDir + "/dev/stderr"); - } - - /* Fixed-output derivations typically need to access the - network, so give them access to /etc/resolv.conf and so - on. */ - if (!derivationType.isSandboxed()) { - // Only use nss functions to resolve hosts and - // services. Don’t use it for anything else that may - // be configured for this system. This limits the - // potential impurities introduced in fixed-outputs. - writeFile(chrootRootDir + "/etc/nsswitch.conf", "hosts: files dns\nservices: files\n"); - - /* N.B. it is realistic that these paths might not exist. It - happens when testing Nix building fixed-output derivations - within a pure derivation. */ - for (auto & path : { "/etc/resolv.conf", "/etc/services", "/etc/hosts" }) - if (pathExists(path)) - ss.push_back(path); - - if (settings.caFile != "") { - Path caFile = settings.caFile; - if (pathExists(caFile)) - pathsInChroot.try_emplace("/etc/ssl/certs/ca-certificates.crt", canonPath(caFile, true), true); - } - } - - for (auto & i : ss) { - // For backwards-compatibiliy, resolve all the symlinks in the - // chroot paths - auto canonicalPath = canonPath(i, true); - pathsInChroot.emplace(i, canonicalPath); - } - - /* Bind-mount all the directories from the "host" - filesystem that we want in the chroot - environment. */ - for (auto & i : pathsInChroot) { - if (i.second.source == "/proc") continue; // backwards compatibility - - #if HAVE_EMBEDDED_SANDBOX_SHELL - if (i.second.source == "__embedded_sandbox_shell__") { - static unsigned char sh[] = { - #include "embedded-sandbox-shell.gen.hh" - }; - auto dst = chrootRootDir + i.first; - createDirs(dirOf(dst)); - writeFile(dst, std::string_view((const char *) sh, sizeof(sh))); - chmod_(dst, 0555); - } else - #endif - doBind(i.second.source, chrootRootDir + i.first, i.second.optional); - } - - /* Bind a new instance of procfs on /proc. */ - createDirs(chrootRootDir + "/proc"); - if (mount("none", (chrootRootDir + "/proc").c_str(), "proc", 0, 0) == -1) - throw SysError("mounting /proc"); - - /* Mount sysfs on /sys. */ - if (buildUser && buildUser->getUIDCount() != 1) { - createDirs(chrootRootDir + "/sys"); - if (mount("none", (chrootRootDir + "/sys").c_str(), "sysfs", 0, 0) == -1) - throw SysError("mounting /sys"); - } - - /* Mount a new tmpfs on /dev/shm to ensure that whatever - the builder puts in /dev/shm is cleaned up automatically. */ - if (pathExists("/dev/shm") && mount("none", (chrootRootDir + "/dev/shm").c_str(), "tmpfs", 0, - fmt("size=%s", settings.sandboxShmSize).c_str()) == -1) - throw SysError("mounting /dev/shm"); - - /* Mount a new devpts on /dev/pts. Note that this - requires the kernel to be compiled with - CONFIG_DEVPTS_MULTIPLE_INSTANCES=y (which is the case - if /dev/ptx/ptmx exists). */ - if (pathExists("/dev/pts/ptmx") && - !pathExists(chrootRootDir + "/dev/ptmx") - && !pathsInChroot.count("/dev/pts")) - { - if (mount("none", (chrootRootDir + "/dev/pts").c_str(), "devpts", 0, "newinstance,mode=0620") == 0) - { - createSymlink("/dev/pts/ptmx", chrootRootDir + "/dev/ptmx"); - - /* Make sure /dev/pts/ptmx is world-writable. With some - Linux versions, it is created with permissions 0. */ - chmod_(chrootRootDir + "/dev/pts/ptmx", 0666); - } else { - if (errno != EINVAL) - throw SysError("mounting /dev/pts"); - doBind("/dev/pts", chrootRootDir + "/dev/pts"); - doBind("/dev/ptmx", chrootRootDir + "/dev/ptmx"); - } - } - - /* Make /etc unwritable */ - if (!drvOptions.useUidRange(drv)) - chmod_(chrootRootDir + "/etc", 0555); - - /* Unshare this mount namespace. This is necessary because - pivot_root() below changes the root of the mount - namespace. This means that the call to setns() in - addDependency() would hide the host's filesystem, - making it impossible to bind-mount paths from the host - Nix store into the sandbox. Therefore, we save the - pre-pivot_root namespace in - sandboxMountNamespace. Since we made /nix/store a - shared subtree above, this allows addDependency() to - make paths appear in the sandbox. */ - if (unshare(CLONE_NEWNS) == -1) - throw SysError("unsharing mount namespace"); - - /* Unshare the cgroup namespace. This means - /proc/self/cgroup will show the child's cgroup as '/' - rather than whatever it is in the parent. */ - if (cgroup && unshare(CLONE_NEWCGROUP) == -1) - throw SysError("unsharing cgroup namespace"); - - /* Do the chroot(). */ - if (chdir(chrootRootDir.c_str()) == -1) - throw SysError("cannot change directory to '%1%'", chrootRootDir); - - if (mkdir("real-root", 0500) == -1) - throw SysError("cannot create real-root directory"); - - if (pivot_root(".", "real-root") == -1) - throw SysError("cannot pivot old root directory onto '%1%'", (chrootRootDir + "/real-root")); - - if (chroot(".") == -1) - throw SysError("cannot change root directory to '%1%'", chrootRootDir); - - if (umount2("real-root", MNT_DETACH) == -1) - throw SysError("cannot unmount real root filesystem"); - - if (rmdir("real-root") == -1) - throw SysError("cannot remove real-root directory"); - - /* Switch to the sandbox uid/gid in the user namespace, - which corresponds to the build user or calling user in - the parent namespace. */ - if (setgid(sandboxGid()) == -1) - throw SysError("setgid failed"); - if (setuid(sandboxUid()) == -1) - throw SysError("setuid failed"); - - setUser = false; - } -#endif + enterChroot(); if (chdir(tmpDirInSandbox.c_str()) == -1) throw SysError("changing into '%1%'", tmpDir); @@ -2098,184 +1546,20 @@ void DerivationBuilderImpl::runChild() /* Close all other file descriptors. */ unix::closeExtraFDs(); -#ifdef __linux__ - linux::setPersonality(drv.platform); -#endif - /* Disable core dumps by default. */ struct rlimit limit = { 0, RLIM_INFINITY }; setrlimit(RLIMIT_CORE, &limit); // FIXME: set other limits to deterministic values? - /* Fill in the environment. */ - Strings envStrs; - for (auto & i : env) - envStrs.push_back(rewriteStrings(i.first + "=" + i.second, inputRewrites)); - - /* If we are running in `build-users' mode, then switch to the - user we allocated above. Make sure that we drop all root - privileges. Note that above we have closed all file - descriptors except std*, so that's safe. Also note that - setuid() when run as root sets the real, effective and - saved UIDs. */ - if (setUser && buildUser) { - /* Preserve supplementary groups of the build user, to allow - admins to specify groups such as "kvm". */ - auto gids = buildUser->getSupplementaryGIDs(); - if (setgroups(gids.size(), gids.data()) == -1) - throw SysError("cannot set supplementary groups of build user"); - - if (setgid(buildUser->getGID()) == -1 || - getgid() != buildUser->getGID() || - getegid() != buildUser->getGID()) - throw SysError("setgid failed"); - - if (setuid(buildUser->getUID()) == -1 || - getuid() != buildUser->getUID() || - geteuid() != buildUser->getUID()) - throw SysError("setuid failed"); - } - -#ifdef __APPLE__ - /* This has to appear before import statements. */ - std::string sandboxProfile = "(version 1)\n"; - - if (useChroot) { - - /* Lots and lots and lots of file functions freak out if they can't stat their full ancestry */ - PathSet ancestry; - - /* We build the ancestry before adding all inputPaths to the store because we know they'll - all have the same parents (the store), and there might be lots of inputs. This isn't - particularly efficient... I doubt it'll be a bottleneck in practice */ - for (auto & i : pathsInChroot) { - Path cur = i.first; - while (cur.compare("/") != 0) { - cur = dirOf(cur); - ancestry.insert(cur); - } - } - - /* And we want the store in there regardless of how empty pathsInChroot. We include the innermost - path component this time, since it's typically /nix/store and we care about that. */ - Path cur = store.storeDir; - while (cur.compare("/") != 0) { - ancestry.insert(cur); - cur = dirOf(cur); - } - - /* Add all our input paths to the chroot */ - for (auto & i : inputPaths) { - auto p = store.printStorePath(i); - pathsInChroot[p] = p; - } - - /* Violations will go to the syslog if you set this. Unfortunately the destination does not appear to be configurable */ - if (settings.darwinLogSandboxViolations) { - sandboxProfile += "(deny default)\n"; - } else { - sandboxProfile += "(deny default (with no-log))\n"; - } - - sandboxProfile += - #include "sandbox-defaults.sb" - ; - - if (!derivationType->isSandboxed()) - sandboxProfile += - #include "sandbox-network.sb" - ; - - /* Add the output paths we'll use at build-time to the chroot */ - sandboxProfile += "(allow file-read* file-write* process-exec\n"; - for (auto & [_, path] : scratchOutputs) - sandboxProfile += fmt("\t(subpath \"%s\")\n", store.printStorePath(path)); - - sandboxProfile += ")\n"; - - /* Our inputs (transitive dependencies and any impurities computed above) - - without file-write* allowed, access() incorrectly returns EPERM - */ - sandboxProfile += "(allow file-read* file-write* process-exec\n"; - - // We create multiple allow lists, to avoid exceeding a limit in the darwin sandbox interpreter. - // See https://github.com/NixOS/nix/issues/4119 - // We split our allow groups approximately at half the actual limit, 1 << 16 - const size_t breakpoint = sandboxProfile.length() + (1 << 14); - for (auto & i : pathsInChroot) { - - if (sandboxProfile.length() >= breakpoint) { - debug("Sandbox break: %d %d", sandboxProfile.length(), breakpoint); - sandboxProfile += ")\n(allow file-read* file-write* process-exec\n"; - } - - if (i.first != i.second.source) - throw Error( - "can't map '%1%' to '%2%': mismatched impure paths not supported on Darwin", - i.first, i.second.source); - - std::string path = i.first; - auto optSt = maybeLstat(path.c_str()); - if (!optSt) { - if (i.second.optional) - continue; - throw SysError("getting attributes of required path '%s", path); - } - if (S_ISDIR(optSt->st_mode)) - sandboxProfile += fmt("\t(subpath \"%s\")\n", path); - else - sandboxProfile += fmt("\t(literal \"%s\")\n", path); - } - sandboxProfile += ")\n"; - - /* Allow file-read* on full directory hierarchy to self. Allows realpath() */ - sandboxProfile += "(allow file-read*\n"; - for (auto & i : ancestry) { - sandboxProfile += fmt("\t(literal \"%s\")\n", i); - } - sandboxProfile += ")\n"; - - sandboxProfile += drvOptions.additionalSandboxProfile; - } else - sandboxProfile += - #include "sandbox-minimal.sb" - ; - - debug("Generated sandbox profile:"); - debug(sandboxProfile); - - /* The tmpDir in scope points at the temporary build directory for our derivation. Some packages try different mechanisms - to find temporary directories, so we want to open up a broader place for them to put their files, if needed. */ - Path globalTmpDir = canonPath(defaultTempDir(), true); - - /* They don't like trailing slashes on subpath directives */ - while (!globalTmpDir.empty() && globalTmpDir.back() == '/') - globalTmpDir.pop_back(); - - if (getEnv("_NIX_TEST_NO_SANDBOX") != "1") { - Strings sandboxArgs; - sandboxArgs.push_back("_GLOBAL_TMP_DIR"); - sandboxArgs.push_back(globalTmpDir); - if (drvOptions.allowLocalNetworking) { - sandboxArgs.push_back("_ALLOW_LOCAL_NETWORKING"); - sandboxArgs.push_back("1"); - } - char * sandbox_errbuf = nullptr; - if (sandbox_init_with_parameters(sandboxProfile.c_str(), 0, stringsToCharPtrs(sandboxArgs).data(), &sandbox_errbuf)) { - writeFull(STDERR_FILENO, fmt("failed to configure sandbox: %s\n", sandbox_errbuf ? sandbox_errbuf : "(null)")); - _exit(1); - } - } -#endif + setUser(); /* Indicate that we managed to set up the build environment. */ writeFull(STDERR_FILENO, std::string("\2\n")); sendException = false; - /* Execute the program. This should not return. */ + /* If this is a builtin builder, call it now. This should not return. */ if (drv.isBuiltin()) { try { logger = makeJSONLogger(getStandardError()); @@ -2297,7 +1581,7 @@ void DerivationBuilderImpl::runChild() } } - // Now builder is not builtin + /* It's not a builtin builder, so execute the program. */ Strings args; args.push_back(std::string(baseNameOf(drv.builder))); @@ -2305,31 +1589,11 @@ void DerivationBuilderImpl::runChild() for (auto & i : drv.args) args.push_back(rewriteStrings(i, inputRewrites)); -#ifdef __APPLE__ - posix_spawnattr_t attrp; - - if (posix_spawnattr_init(&attrp)) - throw SysError("failed to initialize builder"); - - if (posix_spawnattr_setflags(&attrp, POSIX_SPAWN_SETEXEC)) - throw SysError("failed to initialize builder"); - - if (drv.platform == "aarch64-darwin") { - // Unset kern.curproc_arch_affinity so we can escape Rosetta - int affinity = 0; - sysctlbyname("kern.curproc_arch_affinity", NULL, NULL, &affinity, sizeof(affinity)); - - cpu_type_t cpu = CPU_TYPE_ARM64; - posix_spawnattr_setbinpref_np(&attrp, 1, &cpu, NULL); - } else if (drv.platform == "x86_64-darwin") { - cpu_type_t cpu = CPU_TYPE_X86_64; - posix_spawnattr_setbinpref_np(&attrp, 1, &cpu, NULL); - } + Strings envStrs; + for (auto & i : env) + envStrs.push_back(rewriteStrings(i.first + "=" + i.second, inputRewrites)); - posix_spawn(NULL, drv.builder.c_str(), NULL, &attrp, stringsToCharPtrs(args).data(), stringsToCharPtrs(envStrs).data()); -#else - execve(drv.builder.c_str(), stringsToCharPtrs(args).data(), stringsToCharPtrs(envStrs).data()); -#endif + execBuilder(args, envStrs); throw SysError("executing '%1%'", drv.builder); @@ -2339,6 +1603,37 @@ void DerivationBuilderImpl::runChild() } } +void DerivationBuilderImpl::setUser() +{ + /* If we are running in `build-users' mode, then switch to the + user we allocated above. Make sure that we drop all root + privileges. Note that above we have closed all file + descriptors except std*, so that's safe. Also note that + setuid() when run as root sets the real, effective and + saved UIDs. */ + if (buildUser) { + /* Preserve supplementary groups of the build user, to allow + admins to specify groups such as "kvm". */ + auto gids = buildUser->getSupplementaryGIDs(); + if (setgroups(gids.size(), gids.data()) == -1) + throw SysError("cannot set supplementary groups of build user"); + + if (setgid(buildUser->getGID()) == -1 || + getgid() != buildUser->getGID() || + getegid() != buildUser->getGID()) + throw SysError("setgid failed"); + + if (setuid(buildUser->getUID()) == -1 || + getuid() != buildUser->getUID() || + geteuid() != buildUser->getUID()) + throw SysError("setuid failed"); + } +} + +void DerivationBuilderImpl::execBuilder(const Strings & args, const Strings & envStrs) +{ + execve(drv.builder.c_str(), stringsToCharPtrs(args).data(), stringsToCharPtrs(envStrs).data()); +} SingleDrvOutputs DerivationBuilderImpl::registerOutputs() { @@ -2777,7 +2072,7 @@ SingleDrvOutputs DerivationBuilderImpl::registerOutputs() } } - auto & localStore = getLocalStore(); + auto & localStore = getLocalStore(store); if (buildMode == bmCheck) { @@ -2854,7 +2149,7 @@ SingleDrvOutputs DerivationBuilderImpl::registerOutputs() paths referenced by each of them. If there are cycles in the outputs, this will fail. */ { - auto & localStore = getLocalStore(); + auto & localStore = getLocalStore(store); ValidPathInfos infos2; for (auto & [outputName, newInfo] : infos) { @@ -3075,5 +2370,70 @@ StorePath DerivationBuilderImpl::makeFallbackPath(const StorePath & path) Hash(HashAlgorithm::SHA256), path.name()); } +// FIXME: do this properly +#include "linux-derivation-builder.cc" +#include "darwin-derivation-builder.cc" + +std::unique_ptr makeDerivationBuilder( + Store & store, + std::unique_ptr miscMethods, + DerivationBuilderParams params) +{ + bool useSandbox = false; + + /* Are we doing a sandboxed build? */ + { + if (settings.sandboxMode == smEnabled) { + if (params.drvOptions.noChroot) + throw Error("derivation '%s' has '__noChroot' set, " + "but that's not allowed when 'sandbox' is 'true'", store.printStorePath(params.drvPath)); +#ifdef __APPLE__ + if (drvOptions.additionalSandboxProfile != "") + throw Error("derivation '%s' specifies a sandbox profile, " + "but this is only allowed when 'sandbox' is 'relaxed'", store.printStorePath(params.drvPath)); +#endif + useSandbox = true; + } + else if (settings.sandboxMode == smDisabled) + useSandbox = false; + else if (settings.sandboxMode == smRelaxed) + // FIXME: cache derivationType + useSandbox = params.drv.type().isSandboxed() && !params.drvOptions.noChroot; + } + + auto & localStore = getLocalStore(store); + if (localStore.storeDir != localStore.config->realStoreDir.get()) { + #ifdef __linux__ + useSandbox = true; + #else + throw Error("building using a diverted store is not supported on this platform"); + #endif + } + + #ifdef __linux__ + if (useSandbox) { + if (!mountAndPidNamespacesSupported()) { + if (!settings.sandboxFallback) + throw Error("this system does not support the kernel namespaces that are required for sandboxing; use '--no-sandbox' to disable sandboxing"); + debug("auto-disabling sandboxing because the prerequisite namespaces are not available"); + useSandbox = false; + } + } + + if (useSandbox) + return std::make_unique( + store, + std::move(miscMethods), + std::move(params)); + #endif + + if (useSandbox) + throw Error("sandboxing builds is not supported on this platform"); + + return std::make_unique( + store, + std::move(miscMethods), + std::move(params)); +} } diff --git a/src/libstore/unix/build/linux-derivation-builder.cc b/src/libstore/unix/build/linux-derivation-builder.cc new file mode 100644 index 00000000000..59c55411964 --- /dev/null +++ b/src/libstore/unix/build/linux-derivation-builder.cc @@ -0,0 +1,568 @@ +#ifdef __linux__ + +struct LinuxDerivationBuilder : DerivationBuilderImpl +{ + /** + * Pipe for synchronising updates to the builder namespaces. + */ + Pipe userNamespaceSync; + + /** + * The mount namespace and user namespace of the builder, used to add additional + * paths to the sandbox as a result of recursive Nix calls. + */ + AutoCloseFD sandboxMountNamespace; + AutoCloseFD sandboxUserNamespace; + + /** + * On Linux, whether we're doing the build in its own user + * namespace. + */ + bool usingUserNamespace = true; + + LinuxDerivationBuilder( + Store & store, std::unique_ptr miscMethods, DerivationBuilderParams params) + : DerivationBuilderImpl(store, std::move(miscMethods), std::move(params)) + { + useChroot = true; + } + + uid_t sandboxUid() { return usingUserNamespace ? (!buildUser || buildUser->getUIDCount() == 1 ? 1000 : 0) : buildUser->getUID(); } + gid_t sandboxGid() { return usingUserNamespace ? (!buildUser || buildUser->getUIDCount() == 1 ? 100 : 0) : buildUser->getGID(); } + + bool needsHashRewrite() override + { + return false; + } + + void prepareSandbox() override + { + /* Create a temporary directory in which we set up the chroot + environment using bind-mounts. We put it in the Nix store + so that the build outputs can be moved efficiently from the + chroot to their final location. */ + auto chrootParentDir = store.Store::toRealPath(drvPath) + ".chroot"; + deletePath(chrootParentDir); + + /* Clean up the chroot directory automatically. */ + autoDelChroot = std::make_shared(chrootParentDir); + + printMsg(lvlChatty, "setting up chroot environment in '%1%'", chrootParentDir); + + if (mkdir(chrootParentDir.c_str(), 0700) == -1) + throw SysError("cannot create '%s'", chrootRootDir); + + chrootRootDir = chrootParentDir + "/root"; + + if (mkdir(chrootRootDir.c_str(), buildUser && buildUser->getUIDCount() != 1 ? 0755 : 0750) == -1) + throw SysError("cannot create '%1%'", chrootRootDir); + + if (buildUser && chown(chrootRootDir.c_str(), buildUser->getUIDCount() != 1 ? buildUser->getUID() : 0, buildUser->getGID()) == -1) + throw SysError("cannot change ownership of '%1%'", chrootRootDir); + + /* Create a writable /tmp in the chroot. Many builders need + this. (Of course they should really respect $TMPDIR + instead.) */ + Path chrootTmpDir = chrootRootDir + "/tmp"; + createDirs(chrootTmpDir); + chmod_(chrootTmpDir, 01777); + + /* Create a /etc/passwd with entries for the build user and the + nobody account. The latter is kind of a hack to support + Samba-in-QEMU. */ + createDirs(chrootRootDir + "/etc"); + if (drvOptions.useUidRange(drv)) + chownToBuilder(chrootRootDir + "/etc"); + + if (drvOptions.useUidRange(drv) && (!buildUser || buildUser->getUIDCount() < 65536)) + throw Error("feature 'uid-range' requires the setting '%s' to be enabled", settings.autoAllocateUids.name); + + /* Declare the build user's group so that programs get a consistent + view of the system (e.g., "id -gn"). */ + writeFile(chrootRootDir + "/etc/group", + fmt("root:x:0:\n" + "nixbld:!:%1%:\n" + "nogroup:x:65534:\n", sandboxGid())); + + /* Create /etc/hosts with localhost entry. */ + if (derivationType.isSandboxed()) + writeFile(chrootRootDir + "/etc/hosts", "127.0.0.1 localhost\n::1 localhost\n"); + + /* Make the closure of the inputs available in the chroot, + rather than the whole Nix store. This prevents any access + to undeclared dependencies. Directories are bind-mounted, + while other inputs are hard-linked (since only directories + can be bind-mounted). !!! As an extra security + precaution, make the fake Nix store only writable by the + build user. */ + Path chrootStoreDir = chrootRootDir + store.storeDir; + createDirs(chrootStoreDir); + chmod_(chrootStoreDir, 01775); + + if (buildUser && chown(chrootStoreDir.c_str(), 0, buildUser->getGID()) == -1) + throw SysError("cannot change ownership of '%1%'", chrootStoreDir); + + for (auto & i : inputPaths) { + auto p = store.printStorePath(i); + Path r = store.toRealPath(p); + pathsInChroot.insert_or_assign(p, r); + } + + /* If we're repairing, checking or rebuilding part of a + multiple-outputs derivation, it's possible that we're + rebuilding a path that is in settings.sandbox-paths + (typically the dependencies of /bin/sh). Throw them + out. */ + for (auto & i : drv.outputsAndOptPaths(store)) { + /* If the name isn't known a priori (i.e. floating + content-addressing derivation), the temporary location we use + should be fresh. Freshness means it is impossible that the path + is already in the sandbox, so we don't need to worry about + removing it. */ + if (i.second.second) + pathsInChroot.erase(store.printStorePath(*i.second.second)); + } + + if (cgroup) { + if (mkdir(cgroup->c_str(), 0755) != 0) + throw SysError("creating cgroup '%s'", *cgroup); + chownToBuilder(*cgroup); + chownToBuilder(*cgroup + "/cgroup.procs"); + chownToBuilder(*cgroup + "/cgroup.threads"); + //chownToBuilder(*cgroup + "/cgroup.subtree_control"); + } + } + + void startChild() override + { + /* Set up private namespaces for the build: + + - The PID namespace causes the build to start as PID 1. + Processes outside of the chroot are not visible to those + on the inside, but processes inside the chroot are + visible from the outside (though with different PIDs). + + - The private mount namespace ensures that all the bind + mounts we do will only show up in this process and its + children, and will disappear automatically when we're + done. + + - The private network namespace ensures that the builder + cannot talk to the outside world (or vice versa). It + only has a private loopback interface. (Fixed-output + derivations are not run in a private network namespace + to allow functions like fetchurl to work.) + + - The IPC namespace prevents the builder from communicating + with outside processes using SysV IPC mechanisms (shared + memory, message queues, semaphores). It also ensures + that all IPC objects are destroyed when the builder + exits. + + - The UTS namespace ensures that builders see a hostname of + localhost rather than the actual hostname. + + We use a helper process to do the clone() to work around + clone() being broken in multi-threaded programs due to + at-fork handlers not being run. Note that we use + CLONE_PARENT to ensure that the real builder is parented to + us. + */ + + userNamespaceSync.create(); + + usingUserNamespace = userNamespacesSupported(); + + Pipe sendPid; + sendPid.create(); + + Pid helper = startProcess([&]() { + sendPid.readSide.close(); + + /* We need to open the slave early, before + CLONE_NEWUSER. Otherwise we get EPERM when running as + root. */ + openSlave(); + + try { + /* Drop additional groups here because we can't do it + after we've created the new user namespace. */ + if (setgroups(0, 0) == -1) { + if (errno != EPERM) + throw SysError("setgroups failed"); + if (settings.requireDropSupplementaryGroups) + throw Error("setgroups failed. Set the require-drop-supplementary-groups option to false to skip this step."); + } + + ProcessOptions options; + options.cloneFlags = CLONE_NEWPID | CLONE_NEWNS | CLONE_NEWIPC | CLONE_NEWUTS | CLONE_PARENT | SIGCHLD; + if (derivationType.isSandboxed()) + options.cloneFlags |= CLONE_NEWNET; + if (usingUserNamespace) + options.cloneFlags |= CLONE_NEWUSER; + + pid_t child = startProcess([&]() { runChild(); }, options); + + writeFull(sendPid.writeSide.get(), fmt("%d\n", child)); + _exit(0); + } catch (...) { + handleChildException(true); + _exit(1); + } + }); + + sendPid.writeSide.close(); + + if (helper.wait() != 0) { + processSandboxSetupMessages(); + // Only reached if the child process didn't send an exception. + throw Error("unable to start build process"); + } + + userNamespaceSync.readSide = -1; + + /* Close the write side to prevent runChild() from hanging + reading from this. */ + Finally cleanup([&]() { + userNamespaceSync.writeSide = -1; + }); + + auto ss = tokenizeString>(readLine(sendPid.readSide.get())); + assert(ss.size() == 1); + pid = string2Int(ss[0]).value(); + + if (usingUserNamespace) { + /* Set the UID/GID mapping of the builder's user namespace + such that the sandbox user maps to the build user, or to + the calling user (if build users are disabled). */ + uid_t hostUid = buildUser ? buildUser->getUID() : getuid(); + uid_t hostGid = buildUser ? buildUser->getGID() : getgid(); + uid_t nrIds = buildUser ? buildUser->getUIDCount() : 1; + + writeFile("/proc/" + std::to_string(pid) + "/uid_map", + fmt("%d %d %d", sandboxUid(), hostUid, nrIds)); + + if (!buildUser || buildUser->getUIDCount() == 1) + writeFile("/proc/" + std::to_string(pid) + "/setgroups", "deny"); + + writeFile("/proc/" + std::to_string(pid) + "/gid_map", + fmt("%d %d %d", sandboxGid(), hostGid, nrIds)); + } else { + debug("note: not using a user namespace"); + if (!buildUser) + throw Error("cannot perform a sandboxed build because user namespaces are not enabled; check /proc/sys/user/max_user_namespaces"); + } + + /* Now that we now the sandbox uid, we can write + /etc/passwd. */ + writeFile(chrootRootDir + "/etc/passwd", fmt( + "root:x:0:0:Nix build user:%3%:/noshell\n" + "nixbld:x:%1%:%2%:Nix build user:%3%:/noshell\n" + "nobody:x:65534:65534:Nobody:/:/noshell\n", + sandboxUid(), sandboxGid(), settings.sandboxBuildDir)); + + /* Save the mount- and user namespace of the child. We have to do this + *before* the child does a chroot. */ + sandboxMountNamespace = open(fmt("/proc/%d/ns/mnt", (pid_t) pid).c_str(), O_RDONLY); + if (sandboxMountNamespace.get() == -1) + throw SysError("getting sandbox mount namespace"); + + if (usingUserNamespace) { + sandboxUserNamespace = open(fmt("/proc/%d/ns/user", (pid_t) pid).c_str(), O_RDONLY); + if (sandboxUserNamespace.get() == -1) + throw SysError("getting sandbox user namespace"); + } + + /* Move the child into its own cgroup. */ + if (cgroup) + writeFile(*cgroup + "/cgroup.procs", fmt("%d", (pid_t) pid)); + + /* Signal the builder that we've updated its user namespace. */ + writeFull(userNamespaceSync.writeSide.get(), "1"); + } + + void enterChroot() override + { + userNamespaceSync.writeSide = -1; + + if (drainFD(userNamespaceSync.readSide.get()) != "1") + throw Error("user namespace initialisation failed"); + + userNamespaceSync.readSide = -1; + + if (derivationType.isSandboxed()) { + + /* Initialise the loopback interface. */ + AutoCloseFD fd(socket(PF_INET, SOCK_DGRAM, IPPROTO_IP)); + if (!fd) + throw SysError("cannot open IP socket"); + + struct ifreq ifr; + strcpy(ifr.ifr_name, "lo"); + ifr.ifr_flags = IFF_UP | IFF_LOOPBACK | IFF_RUNNING; + if (ioctl(fd.get(), SIOCSIFFLAGS, &ifr) == -1) + throw SysError("cannot set loopback interface flags"); + } + + /* Set the hostname etc. to fixed values. */ + char hostname[] = "localhost"; + if (sethostname(hostname, sizeof(hostname)) == -1) + throw SysError("cannot set host name"); + char domainname[] = "(none)"; // kernel default + if (setdomainname(domainname, sizeof(domainname)) == -1) + throw SysError("cannot set domain name"); + + /* Make all filesystems private. This is necessary + because subtrees may have been mounted as "shared" + (MS_SHARED). (Systemd does this, for instance.) Even + though we have a private mount namespace, mounting + filesystems on top of a shared subtree still propagates + outside of the namespace. Making a subtree private is + local to the namespace, though, so setting MS_PRIVATE + does not affect the outside world. */ + if (mount(0, "/", 0, MS_PRIVATE | MS_REC, 0) == -1) + throw SysError("unable to make '/' private"); + + /* Bind-mount chroot directory to itself, to treat it as a + different filesystem from /, as needed for pivot_root. */ + if (mount(chrootRootDir.c_str(), chrootRootDir.c_str(), 0, MS_BIND, 0) == -1) + throw SysError("unable to bind mount '%1%'", chrootRootDir); + + /* Bind-mount the sandbox's Nix store onto itself so that + we can mark it as a "shared" subtree, allowing bind + mounts made in *this* mount namespace to be propagated + into the child namespace created by the + unshare(CLONE_NEWNS) call below. + + Marking chrootRootDir as MS_SHARED causes pivot_root() + to fail with EINVAL. Don't know why. */ + Path chrootStoreDir = chrootRootDir + store.storeDir; + + if (mount(chrootStoreDir.c_str(), chrootStoreDir.c_str(), 0, MS_BIND, 0) == -1) + throw SysError("unable to bind mount the Nix store", chrootStoreDir); + + if (mount(0, chrootStoreDir.c_str(), 0, MS_SHARED, 0) == -1) + throw SysError("unable to make '%s' shared", chrootStoreDir); + + /* Set up a nearly empty /dev, unless the user asked to + bind-mount the host /dev. */ + Strings ss; + if (pathsInChroot.find("/dev") == pathsInChroot.end()) { + createDirs(chrootRootDir + "/dev/shm"); + createDirs(chrootRootDir + "/dev/pts"); + ss.push_back("/dev/full"); + if (store.config.systemFeatures.get().count("kvm") && pathExists("/dev/kvm")) + ss.push_back("/dev/kvm"); + ss.push_back("/dev/null"); + ss.push_back("/dev/random"); + ss.push_back("/dev/tty"); + ss.push_back("/dev/urandom"); + ss.push_back("/dev/zero"); + createSymlink("/proc/self/fd", chrootRootDir + "/dev/fd"); + createSymlink("/proc/self/fd/0", chrootRootDir + "/dev/stdin"); + createSymlink("/proc/self/fd/1", chrootRootDir + "/dev/stdout"); + createSymlink("/proc/self/fd/2", chrootRootDir + "/dev/stderr"); + } + + /* Fixed-output derivations typically need to access the + network, so give them access to /etc/resolv.conf and so + on. */ + if (!derivationType.isSandboxed()) { + // Only use nss functions to resolve hosts and + // services. Don’t use it for anything else that may + // be configured for this system. This limits the + // potential impurities introduced in fixed-outputs. + writeFile(chrootRootDir + "/etc/nsswitch.conf", "hosts: files dns\nservices: files\n"); + + /* N.B. it is realistic that these paths might not exist. It + happens when testing Nix building fixed-output derivations + within a pure derivation. */ + for (auto & path : {"/etc/resolv.conf", "/etc/services", "/etc/hosts"}) + if (pathExists(path)) + ss.push_back(path); + + if (settings.caFile != "") { + Path caFile = settings.caFile; + if (pathExists(caFile)) + pathsInChroot.try_emplace("/etc/ssl/certs/ca-certificates.crt", canonPath(caFile, true), true); + } + } + + for (auto & i : ss) { + // For backwards-compatibiliy, resolve all the symlinks in the + // chroot paths + auto canonicalPath = canonPath(i, true); + pathsInChroot.emplace(i, canonicalPath); + } + + /* Bind-mount all the directories from the "host" + filesystem that we want in the chroot + environment. */ + for (auto & i : pathsInChroot) { + if (i.second.source == "/proc") + continue; // backwards compatibility + +# if HAVE_EMBEDDED_SANDBOX_SHELL + if (i.second.source == "__embedded_sandbox_shell__") { + static unsigned char sh[] = { +# include "embedded-sandbox-shell.gen.hh" + }; + auto dst = chrootRootDir + i.first; + createDirs(dirOf(dst)); + writeFile(dst, std::string_view((const char *) sh, sizeof(sh))); + chmod_(dst, 0555); + } else +# endif + doBind(i.second.source, chrootRootDir + i.first, i.second.optional); + } + + /* Bind a new instance of procfs on /proc. */ + createDirs(chrootRootDir + "/proc"); + if (mount("none", (chrootRootDir + "/proc").c_str(), "proc", 0, 0) == -1) + throw SysError("mounting /proc"); + + /* Mount sysfs on /sys. */ + if (buildUser && buildUser->getUIDCount() != 1) { + createDirs(chrootRootDir + "/sys"); + if (mount("none", (chrootRootDir + "/sys").c_str(), "sysfs", 0, 0) == -1) + throw SysError("mounting /sys"); + } + + /* Mount a new tmpfs on /dev/shm to ensure that whatever + the builder puts in /dev/shm is cleaned up automatically. */ + if (pathExists("/dev/shm") + && mount( + "none", + (chrootRootDir + "/dev/shm").c_str(), + "tmpfs", + 0, + fmt("size=%s", settings.sandboxShmSize).c_str()) + == -1) + throw SysError("mounting /dev/shm"); + + /* Mount a new devpts on /dev/pts. Note that this + requires the kernel to be compiled with + CONFIG_DEVPTS_MULTIPLE_INSTANCES=y (which is the case + if /dev/ptx/ptmx exists). */ + if (pathExists("/dev/pts/ptmx") && !pathExists(chrootRootDir + "/dev/ptmx") + && !pathsInChroot.count("/dev/pts")) { + if (mount("none", (chrootRootDir + "/dev/pts").c_str(), "devpts", 0, "newinstance,mode=0620") == 0) { + createSymlink("/dev/pts/ptmx", chrootRootDir + "/dev/ptmx"); + + /* Make sure /dev/pts/ptmx is world-writable. With some + Linux versions, it is created with permissions 0. */ + chmod_(chrootRootDir + "/dev/pts/ptmx", 0666); + } else { + if (errno != EINVAL) + throw SysError("mounting /dev/pts"); + doBind("/dev/pts", chrootRootDir + "/dev/pts"); + doBind("/dev/ptmx", chrootRootDir + "/dev/ptmx"); + } + } + + /* Make /etc unwritable */ + if (!drvOptions.useUidRange(drv)) + chmod_(chrootRootDir + "/etc", 0555); + + /* Unshare this mount namespace. This is necessary because + pivot_root() below changes the root of the mount + namespace. This means that the call to setns() in + addDependency() would hide the host's filesystem, + making it impossible to bind-mount paths from the host + Nix store into the sandbox. Therefore, we save the + pre-pivot_root namespace in + sandboxMountNamespace. Since we made /nix/store a + shared subtree above, this allows addDependency() to + make paths appear in the sandbox. */ + if (unshare(CLONE_NEWNS) == -1) + throw SysError("unsharing mount namespace"); + + /* Unshare the cgroup namespace. This means + /proc/self/cgroup will show the child's cgroup as '/' + rather than whatever it is in the parent. */ + if (cgroup && unshare(CLONE_NEWCGROUP) == -1) + throw SysError("unsharing cgroup namespace"); + + /* Do the chroot(). */ + if (chdir(chrootRootDir.c_str()) == -1) + throw SysError("cannot change directory to '%1%'", chrootRootDir); + + if (mkdir("real-root", 0500) == -1) + throw SysError("cannot create real-root directory"); + + if (pivot_root(".", "real-root") == -1) + throw SysError("cannot pivot old root directory onto '%1%'", (chrootRootDir + "/real-root")); + + if (chroot(".") == -1) + throw SysError("cannot change root directory to '%1%'", chrootRootDir); + + if (umount2("real-root", MNT_DETACH) == -1) + throw SysError("cannot unmount real root filesystem"); + + if (rmdir("real-root") == -1) + throw SysError("cannot remove real-root directory"); + + // FIXME: move to LinuxDerivationBuilder + linux::setPersonality(drv.platform); + } + + void setUser() override + { + /* Switch to the sandbox uid/gid in the user namespace, + which corresponds to the build user or calling user in + the parent namespace. */ + if (setgid(sandboxGid()) == -1) + throw SysError("setgid failed"); + if (setuid(sandboxUid()) == -1) + throw SysError("setuid failed"); + } + + std::variant, SingleDrvOutputs> unprepareBuild() override + { + sandboxMountNamespace = -1; + sandboxUserNamespace = -1; + + return DerivationBuilderImpl::unprepareBuild(); + } + + void addDependency(const StorePath & path) override + { + if (isAllowed(path)) + return; + + addedPaths.insert(path); + + debug("materialising '%s' in the sandbox", store.printStorePath(path)); + + Path source = store.Store::toRealPath(path); + Path target = chrootRootDir + store.printStorePath(path); + + if (pathExists(target)) { + // There is a similar debug message in doBind, so only run it in this block to not have double messages. + debug("bind-mounting %s -> %s", target, source); + throw Error("store path '%s' already exists in the sandbox", store.printStorePath(path)); + } + + /* Bind-mount the path into the sandbox. This requires + entering its mount namespace, which is not possible + in multithreaded programs. So we do this in a + child process.*/ + Pid child(startProcess([&]() { + if (usingUserNamespace && (setns(sandboxUserNamespace.get(), 0) == -1)) + throw SysError("entering sandbox user namespace"); + + if (setns(sandboxMountNamespace.get(), 0) == -1) + throw SysError("entering sandbox mount namespace"); + + doBind(source, target); + + _exit(0); + })); + + int status = child.wait(); + if (status != 0) + throw Error("could not add path '%s' to sandbox", store.printStorePath(path)); + } +}; + +#endif From 2d5d3e44ddf843ec57b03d425a6617af95a9b34b Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 26 May 2025 20:30:36 +0200 Subject: [PATCH 718/815] Move pathsInChroot --- .../unix/build/darwin-derivation-builder.cc | 9 +- src/libstore/unix/build/derivation-builder.cc | 255 +++++++++--------- .../unix/build/linux-derivation-builder.cc | 15 +- 3 files changed, 151 insertions(+), 128 deletions(-) diff --git a/src/libstore/unix/build/darwin-derivation-builder.cc b/src/libstore/unix/build/darwin-derivation-builder.cc index 3366403a76f..cc23643902a 100644 --- a/src/libstore/unix/build/darwin-derivation-builder.cc +++ b/src/libstore/unix/build/darwin-derivation-builder.cc @@ -2,6 +2,8 @@ struct DarwinDerivationBuilder : DerivationBuilderImpl { + PathsInChroot pathsInChroot; + DarwinDerivationBuilder( Store & store, std::unique_ptr miscMethods, DerivationBuilderParams params) : DerivationBuilderImpl(store, std::move(miscMethods), std::move(params)) @@ -9,6 +11,11 @@ struct DarwinDerivationBuilder : DerivationBuilderImpl useChroot = true; } + void prepareSandbox() override + { + pathsInChroot = getPathsInSandbox(); + } + void execBuilder(const Strings & args, const Strings & envStrs) override { posix_spawnattr_t attrp; @@ -69,7 +76,7 @@ struct DarwinDerivationBuilder : DerivationBuilderImpl /* Add all our input paths to the chroot */ for (auto & i : inputPaths) { auto p = store.printStorePath(i); - pathsInChroot[p] = p; + pathsInChroot.insert_or_assign(p, p); } /* Violations will go to the syslog if you set this. Unfortunately the destination does not appear to be diff --git a/src/libstore/unix/build/derivation-builder.cc b/src/libstore/unix/build/derivation-builder.cc index 8b1a2e0ff37..a2bca3a5987 100644 --- a/src/libstore/unix/build/derivation-builder.cc +++ b/src/libstore/unix/build/derivation-builder.cc @@ -156,6 +156,7 @@ class DerivationBuilderImpl : public DerivationBuilder, public DerivationBuilder /** * RAII object to delete the chroot directory. */ + // FIXME: move std::shared_ptr autoDelChroot; /** @@ -176,7 +177,6 @@ class DerivationBuilderImpl : public DerivationBuilder, public DerivationBuilder { } }; typedef std::map PathsInChroot; // maps target path to source path - PathsInChroot pathsInChroot; typedef std::map Environment; Environment env; @@ -257,6 +257,17 @@ class DerivationBuilderImpl : public DerivationBuilder, public DerivationBuilder protected: + /** + * Return the paths that should be made available in the sandbox. + * This includes: + * + * * The paths specified by the `sandbox-paths` setting, and their closure in the Nix store. + * * The contents of the `__impureHostDeps` derivation attribute, if the sandbox is in relaxed mode. + * * The paths returned by the `pre-build-hook`. + * * The paths in the input closure of the derivation. + */ + PathsInChroot getPathsInSandbox(); + /** * Called by prepareBuild() to do any setup in the parent to * prepare for a sandboxed build. @@ -918,131 +929,11 @@ void DerivationBuilderImpl::startBuilder() } } - if (useChroot) { - - /* Allow a user-configurable set of directories from the - host file system. */ - pathsInChroot.clear(); - - for (auto i : settings.sandboxPaths.get()) { - if (i.empty()) continue; - bool optional = false; - if (i[i.size() - 1] == '?') { - optional = true; - i.pop_back(); - } - size_t p = i.find('='); - - std::string inside, outside; - if (p == std::string::npos) { - inside = i; - outside = i; - } else { - inside = i.substr(0, p); - outside = i.substr(p + 1); - } - - if (!optional && !maybeLstat(outside)) { - throw SysError("path '%s' is configured as part of the `sandbox-paths` option, but is inaccessible", outside); - } - - pathsInChroot[inside] = {outside, optional}; - } - if (hasPrefix(store.storeDir, tmpDirInSandbox)) - { - throw Error("`sandbox-build-dir` must not contain the storeDir"); - } - pathsInChroot[tmpDirInSandbox] = tmpDir; - - /* Add the closure of store paths to the chroot. */ - StorePathSet closure; - for (auto & i : pathsInChroot) - try { - if (store.isInStore(i.second.source)) - store.computeFSClosure(store.toStorePath(i.second.source).first, closure); - } catch (InvalidPath & e) { - } catch (Error & e) { - e.addTrace({}, "while processing 'sandbox-paths'"); - throw; - } - for (auto & i : closure) { - auto p = store.printStorePath(i); - pathsInChroot.insert_or_assign(p, p); - } - - PathSet allowedPaths = settings.allowedImpureHostPrefixes; - - /* This works like the above, except on a per-derivation level */ - auto impurePaths = drvOptions.impureHostDeps; - - for (auto & i : impurePaths) { - bool found = false; - /* Note: we're not resolving symlinks here to prevent - giving a non-root user info about inaccessible - files. */ - Path canonI = canonPath(i); - /* If only we had a trie to do this more efficiently :) luckily, these are generally going to be pretty small */ - for (auto & a : allowedPaths) { - Path canonA = canonPath(a); - if (isDirOrInDir(canonI, canonA)) { - found = true; - break; - } - } - if (!found) - throw Error("derivation '%s' requested impure path '%s', but it was not in allowed-impure-host-deps", - store.printStorePath(drvPath), i); - - /* Allow files in drvOptions.impureHostDeps to be missing; e.g. - macOS 11+ has no /usr/lib/libSystem*.dylib */ - pathsInChroot[i] = {i, true}; - } - } else { - if (drvOptions.useUidRange(drv)) - throw Error("feature 'uid-range' is only supported in sandboxed builds"); - } - prepareSandbox(); if (needsHashRewrite() && pathExists(homeDir)) throw Error("home directory '%1%' exists; please remove it to assure purity of builds without sandboxing", homeDir); - if (useChroot && settings.preBuildHook != "") { - printMsg(lvlChatty, "executing pre-build hook '%1%'", settings.preBuildHook); - auto args = useChroot ? Strings({store.printStorePath(drvPath), chrootRootDir}) : - Strings({ store.printStorePath(drvPath) }); - enum BuildHookState { - stBegin, - stExtraChrootDirs - }; - auto state = stBegin; - auto lines = runProgram(settings.preBuildHook, false, args); - auto lastPos = std::string::size_type{0}; - for (auto nlPos = lines.find('\n'); nlPos != std::string::npos; - nlPos = lines.find('\n', lastPos)) - { - auto line = lines.substr(lastPos, nlPos - lastPos); - lastPos = nlPos + 1; - if (state == stBegin) { - if (line == "extra-sandbox-paths" || line == "extra-chroot-dirs") { - state = stExtraChrootDirs; - } else { - throw Error("unknown pre-build hook command '%1%'", line); - } - } else if (state == stExtraChrootDirs) { - if (line == "") { - state = stBegin; - } else { - auto p = line.find('='); - if (p == std::string::npos) - pathsInChroot[line] = line; - else - pathsInChroot[line.substr(0, p)] = line.substr(p + 1); - } - } - } - } - /* Fire up a Nix daemon to process recursive Nix calls from the builder. */ if (drvOptions.getRequiredSystemFeatures(drv).count("recursive-nix")) @@ -1093,6 +984,125 @@ void DerivationBuilderImpl::startBuilder() processSandboxSetupMessages(); } +DerivationBuilderImpl::PathsInChroot DerivationBuilderImpl::getPathsInSandbox() +{ + PathsInChroot pathsInChroot; + + /* Allow a user-configurable set of directories from the + host file system. */ + for (auto i : settings.sandboxPaths.get()) { + if (i.empty()) continue; + bool optional = false; + if (i[i.size() - 1] == '?') { + optional = true; + i.pop_back(); + } + size_t p = i.find('='); + + std::string inside, outside; + if (p == std::string::npos) { + inside = i; + outside = i; + } else { + inside = i.substr(0, p); + outside = i.substr(p + 1); + } + + if (!optional && !maybeLstat(outside)) { + throw SysError("path '%s' is configured as part of the `sandbox-paths` option, but is inaccessible", outside); + } + + pathsInChroot[inside] = {outside, optional}; + } + if (hasPrefix(store.storeDir, tmpDirInSandbox)) + { + throw Error("`sandbox-build-dir` must not contain the storeDir"); + } + pathsInChroot[tmpDirInSandbox] = tmpDir; + + /* Add the closure of store paths to the chroot. */ + StorePathSet closure; + for (auto & i : pathsInChroot) + try { + if (store.isInStore(i.second.source)) + store.computeFSClosure(store.toStorePath(i.second.source).first, closure); + } catch (InvalidPath & e) { + } catch (Error & e) { + e.addTrace({}, "while processing 'sandbox-paths'"); + throw; + } + for (auto & i : closure) { + auto p = store.printStorePath(i); + pathsInChroot.insert_or_assign(p, p); + } + + PathSet allowedPaths = settings.allowedImpureHostPrefixes; + + /* This works like the above, except on a per-derivation level */ + auto impurePaths = drvOptions.impureHostDeps; + + for (auto & i : impurePaths) { + bool found = false; + /* Note: we're not resolving symlinks here to prevent + giving a non-root user info about inaccessible + files. */ + Path canonI = canonPath(i); + /* If only we had a trie to do this more efficiently :) luckily, these are generally going to be pretty small */ + for (auto & a : allowedPaths) { + Path canonA = canonPath(a); + if (isDirOrInDir(canonI, canonA)) { + found = true; + break; + } + } + if (!found) + throw Error("derivation '%s' requested impure path '%s', but it was not in allowed-impure-host-deps", + store.printStorePath(drvPath), i); + + /* Allow files in drvOptions.impureHostDeps to be missing; e.g. + macOS 11+ has no /usr/lib/libSystem*.dylib */ + pathsInChroot[i] = {i, true}; + } + + if (settings.preBuildHook != "") { + printMsg(lvlChatty, "executing pre-build hook '%1%'", settings.preBuildHook); + auto args = useChroot ? Strings({store.printStorePath(drvPath), chrootRootDir}) : + Strings({ store.printStorePath(drvPath) }); + enum BuildHookState { + stBegin, + stExtraChrootDirs + }; + auto state = stBegin; + auto lines = runProgram(settings.preBuildHook, false, args); + auto lastPos = std::string::size_type{0}; + for (auto nlPos = lines.find('\n'); nlPos != std::string::npos; + nlPos = lines.find('\n', lastPos)) + { + auto line = lines.substr(lastPos, nlPos - lastPos); + lastPos = nlPos + 1; + if (state == stBegin) { + if (line == "extra-sandbox-paths" || line == "extra-chroot-dirs") { + state = stExtraChrootDirs; + } else { + throw Error("unknown pre-build hook command '%1%'", line); + } + } else if (state == stExtraChrootDirs) { + if (line == "") { + state = stBegin; + } else { + auto p = line.find('='); + if (p == std::string::npos) + pathsInChroot[line] = line; + else + pathsInChroot[line.substr(0, p)] = line.substr(p + 1); + } + } + } + } + + return pathsInChroot; +} + void DerivationBuilderImpl::prepareSandbox() { if (drvOptions.useUidRange(drv)) @@ -2430,6 +2440,9 @@ std::unique_ptr makeDerivationBuilder( if (useSandbox) throw Error("sandboxing builds is not supported on this platform"); + if (params.drvOptions.useUidRange(params.drv)) + throw Error("feature 'uid-range' is only supported in sandboxed builds"); + return std::make_unique( store, std::move(miscMethods), diff --git a/src/libstore/unix/build/linux-derivation-builder.cc b/src/libstore/unix/build/linux-derivation-builder.cc index 59c55411964..1e33056ea8e 100644 --- a/src/libstore/unix/build/linux-derivation-builder.cc +++ b/src/libstore/unix/build/linux-derivation-builder.cc @@ -20,6 +20,8 @@ struct LinuxDerivationBuilder : DerivationBuilderImpl */ bool usingUserNamespace = true; + PathsInChroot pathsInChroot; + LinuxDerivationBuilder( Store & store, std::unique_ptr miscMethods, DerivationBuilderParams params) : DerivationBuilderImpl(store, std::move(miscMethods), std::move(params)) @@ -102,12 +104,6 @@ struct LinuxDerivationBuilder : DerivationBuilderImpl if (buildUser && chown(chrootStoreDir.c_str(), 0, buildUser->getGID()) == -1) throw SysError("cannot change ownership of '%1%'", chrootStoreDir); - for (auto & i : inputPaths) { - auto p = store.printStorePath(i); - Path r = store.toRealPath(p); - pathsInChroot.insert_or_assign(p, r); - } - /* If we're repairing, checking or rebuilding part of a multiple-outputs derivation, it's possible that we're rebuilding a path that is in settings.sandbox-paths @@ -131,6 +127,13 @@ struct LinuxDerivationBuilder : DerivationBuilderImpl chownToBuilder(*cgroup + "/cgroup.threads"); //chownToBuilder(*cgroup + "/cgroup.subtree_control"); } + + pathsInChroot = getPathsInSandbox(); + + for (auto & i : inputPaths) { + auto p = store.printStorePath(i); + pathsInChroot.insert_or_assign(p, store.toRealPath(p)); + } } void startChild() override From 305a9680e419bcf1858c4c886bf959dd1841e72b Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 26 May 2025 21:25:56 +0200 Subject: [PATCH 719/815] Eliminate useChroot --- .../unix/build/darwin-derivation-builder.cc | 12 ++ src/libstore/unix/build/derivation-builder.cc | 131 +++++++----------- .../unix/build/linux-derivation-builder.cc | 113 ++++++++++++--- 3 files changed, 155 insertions(+), 101 deletions(-) diff --git a/src/libstore/unix/build/darwin-derivation-builder.cc b/src/libstore/unix/build/darwin-derivation-builder.cc index cc23643902a..2ba54ad97d1 100644 --- a/src/libstore/unix/build/darwin-derivation-builder.cc +++ b/src/libstore/unix/build/darwin-derivation-builder.cc @@ -1,5 +1,15 @@ #ifdef __APPLE__ +# include +# include +# include + +/* This definition is undocumented but depended upon by all major browsers. */ +extern "C" int +sandbox_init_with_parameters(const char * profile, uint64_t flags, const char * const parameters[], char ** errorbuf); + +namespace nix { + struct DarwinDerivationBuilder : DerivationBuilderImpl { PathsInChroot pathsInChroot; @@ -185,4 +195,6 @@ struct DarwinDerivationBuilder : DerivationBuilderImpl } } +} + #endif diff --git a/src/libstore/unix/build/derivation-builder.cc b/src/libstore/unix/build/derivation-builder.cc index a2bca3a5987..65e4799e7c5 100644 --- a/src/libstore/unix/build/derivation-builder.cc +++ b/src/libstore/unix/build/derivation-builder.cc @@ -59,15 +59,6 @@ # include "nix/store/personality.hh" #endif -#ifdef __APPLE__ -# include -# include -# include - -/* This definition is undocumented but depended upon by all major browsers. */ -extern "C" int sandbox_init_with_parameters(const char *profile, uint64_t flags, const char *const parameters[], char **errorbuf); -#endif - #include #include #include @@ -123,6 +114,7 @@ class DerivationBuilderImpl : public DerivationBuilder, public DerivationBuilder /** * The cgroup of the builder, if any. */ + // FIXME: move std::optional cgroup; /** @@ -141,18 +133,6 @@ class DerivationBuilderImpl : public DerivationBuilder, public DerivationBuilder */ Path tmpDirInSandbox; - /** - * Whether we're currently doing a chroot build. - */ - // FIXME: remove - bool useChroot = false; - - /** - * The root of the chroot environment. - */ - // FIXME: move - Path chrootRootDir; - /** * RAII object to delete the chroot directory. */ @@ -257,6 +237,14 @@ class DerivationBuilderImpl : public DerivationBuilder, public DerivationBuilder protected: + /** + * Acquire a build user lock. Return nullptr if no lock is available. + */ + virtual std::unique_ptr getBuildUser() + { + return acquireUserLock(1, false); + } + /** * Return the paths that should be made available in the sandbox. * This includes: @@ -268,12 +256,28 @@ class DerivationBuilderImpl : public DerivationBuilder, public DerivationBuilder */ PathsInChroot getPathsInSandbox(); + virtual void setBuildTmpDir() + { + tmpDir = topTmpDir; + tmpDirInSandbox = topTmpDir; + } + /** * Called by prepareBuild() to do any setup in the parent to * prepare for a sandboxed build. */ virtual void prepareSandbox(); + virtual Strings getPreBuildHookArgs() + { + return Strings({store.printStorePath(drvPath)}); + } + + virtual Path realPathInSandbox(const Path & p) + { + return store.toRealPath(p); + } + /** * Open the slave side of the pseudoterminal and use it as stderr. */ @@ -377,9 +381,13 @@ class DerivationBuilderImpl : public DerivationBuilder, public DerivationBuilder void killSandbox(bool getStats) override; +protected: + + virtual void cleanupBuild(); + private: - bool cleanupDecideWhetherDiskFull(); + bool decideWhetherDiskFull(); /** * Create alternative path calculated from but distinct from the @@ -469,11 +477,10 @@ bool DerivationBuilderImpl::prepareBuild() { if (useBuildUsers()) { if (!buildUser) - buildUser = acquireUserLock(drvOptions.useUidRange(drv) ? 65536 : 1, useChroot); + buildUser = getBuildUser(); - if (!buildUser) { + if (!buildUser) return false; - } } return true; @@ -535,7 +542,9 @@ std::variant, SingleDrvOutputs> Derivation /* Check the exit status. */ if (!statusOk(status)) { - diskFull |= cleanupDecideWhetherDiskFull(); + diskFull |= decideWhetherDiskFull(); + + cleanupBuild(); auto msg = fmt( "Cannot build '%s'.\n" @@ -589,6 +598,10 @@ std::variant, SingleDrvOutputs> Derivation } } +void DerivationBuilderImpl::cleanupBuild() +{ + deleteTmpDir(false); +} static void chmod_(const Path & path, mode_t mode) { @@ -641,10 +654,7 @@ static void replaceValidPath(const Path & storePath, const Path & tmpPath) deletePath(oldPath); } - - - -bool DerivationBuilderImpl::cleanupDecideWhetherDiskFull() +bool DerivationBuilderImpl::decideWhetherDiskFull() { bool diskFull = false; @@ -667,19 +677,6 @@ bool DerivationBuilderImpl::cleanupDecideWhetherDiskFull() } #endif - deleteTmpDir(false); - - /* Move paths out of the chroot for easier debugging of - build failures. */ - if (useChroot && buildMode == bmNormal) - for (auto & [_, status] : initialOutputs) { - if (!status.known) continue; - if (buildMode != bmCheck && status.known->isValid()) continue; - auto p = store.toRealPath(status.known->path); - if (pathExists(chrootRootDir + p)) - std::filesystem::rename((chrootRootDir + p), p); - } - return diskFull; } @@ -834,23 +831,9 @@ void DerivationBuilderImpl::startBuilder() /* Create a temporary directory where the build will take place. */ topTmpDir = createTempDir(settings.buildDir.get().value_or(""), "nix-build-" + std::string(drvPath.name()), false, false, 0700); -#ifdef __APPLE__ - if (false) { -#else - if (useChroot) { -#endif - /* If sandboxing is enabled, put the actual TMPDIR underneath - an inaccessible root-owned directory, to prevent outside - access. - - On macOS, we don't use an actual chroot, so this isn't - possible. Any mitigation along these lines would have to be - done directly in the sandbox profile. */ - tmpDir = topTmpDir + "/build"; - createDir(tmpDir, 0700); - } else { - tmpDir = topTmpDir; - } + setBuildTmpDir(); + assert(!tmpDir.empty()); + assert(!tmpDirInSandbox.empty()); chownToBuilder(tmpDir); for (auto & [outputName, status] : initialOutputs) { @@ -1066,14 +1049,12 @@ DerivationBuilderImpl::PathsInChroot DerivationBuilderImpl::getPathsInSandbox() if (settings.preBuildHook != "") { printMsg(lvlChatty, "executing pre-build hook '%1%'", settings.preBuildHook); - auto args = useChroot ? Strings({store.printStorePath(drvPath), chrootRootDir}) : - Strings({ store.printStorePath(drvPath) }); enum BuildHookState { stBegin, stExtraChrootDirs }; auto state = stBegin; - auto lines = runProgram(settings.preBuildHook, false, args); + auto lines = runProgram(settings.preBuildHook, false, getPreBuildHookArgs()); auto lastPos = std::string::size_type{0}; for (auto nlPos = lines.find('\n'); nlPos != std::string::npos; nlPos = lines.find('\n', lastPos)) @@ -1170,14 +1151,6 @@ void DerivationBuilderImpl::processSandboxSetupMessages() void DerivationBuilderImpl::initTmpDir() { - /* In a sandbox, for determinism, always use the same temporary - directory. */ -#ifdef __linux__ - tmpDirInSandbox = useChroot ? settings.sandboxBuildDir : tmpDir; -#else - tmpDirInSandbox = tmpDir; -#endif - /* In non-structured mode, set all bindings either directory in the environment or via a file, as specified by `DerivationOptions::passAsFile`. */ @@ -1666,14 +1639,6 @@ SingleDrvOutputs DerivationBuilderImpl::registerOutputs() for (auto & i : scratchOutputs) referenceablePaths.insert(i.second); for (auto & p : addedPaths) referenceablePaths.insert(p); - /* FIXME `needsHashRewrite` should probably be removed and we get to the - real reason why we aren't using the chroot dir */ - auto toRealPathChroot = [&](const Path & p) -> Path { - return useChroot && !needsHashRewrite() - ? chrootRootDir + p - : store.toRealPath(p); - }; - /* Check whether the output paths were created, and make all output paths read-only. Then get the references of each output (that we might need to register), so we can topologically sort them. For the ones @@ -1690,7 +1655,7 @@ SingleDrvOutputs DerivationBuilderImpl::registerOutputs() throw BuildError( "builder for '%s' has no scratch output for '%s'", store.printStorePath(drvPath), outputName); - auto actualPath = toRealPathChroot(store.printStorePath(*scratchOutput)); + auto actualPath = realPathInSandbox(store.printStorePath(*scratchOutput)); outputsToSort.insert(outputName); @@ -1799,7 +1764,7 @@ SingleDrvOutputs DerivationBuilderImpl::registerOutputs() auto output = get(drv.outputs, outputName); auto scratchPath = get(scratchOutputs, outputName); assert(output && scratchPath); - auto actualPath = toRealPathChroot(store.printStorePath(*scratchPath)); + auto actualPath = realPathInSandbox(store.printStorePath(*scratchPath)); auto finish = [&](StorePath finalStorePath) { /* Store the final path */ @@ -2380,10 +2345,14 @@ StorePath DerivationBuilderImpl::makeFallbackPath(const StorePath & path) Hash(HashAlgorithm::SHA256), path.name()); } +} + // FIXME: do this properly #include "linux-derivation-builder.cc" #include "darwin-derivation-builder.cc" +namespace nix { + std::unique_ptr makeDerivationBuilder( Store & store, std::unique_ptr miscMethods, diff --git a/src/libstore/unix/build/linux-derivation-builder.cc b/src/libstore/unix/build/linux-derivation-builder.cc index 1e33056ea8e..c5283116664 100644 --- a/src/libstore/unix/build/linux-derivation-builder.cc +++ b/src/libstore/unix/build/linux-derivation-builder.cc @@ -1,5 +1,7 @@ #ifdef __linux__ +namespace nix { + struct LinuxDerivationBuilder : DerivationBuilderImpl { /** @@ -20,23 +22,56 @@ struct LinuxDerivationBuilder : DerivationBuilderImpl */ bool usingUserNamespace = true; + /** + * The root of the chroot environment. + */ + Path chrootRootDir; + PathsInChroot pathsInChroot; LinuxDerivationBuilder( Store & store, std::unique_ptr miscMethods, DerivationBuilderParams params) : DerivationBuilderImpl(store, std::move(miscMethods), std::move(params)) { - useChroot = true; } - uid_t sandboxUid() { return usingUserNamespace ? (!buildUser || buildUser->getUIDCount() == 1 ? 1000 : 0) : buildUser->getUID(); } - gid_t sandboxGid() { return usingUserNamespace ? (!buildUser || buildUser->getUIDCount() == 1 ? 100 : 0) : buildUser->getGID(); } + uid_t sandboxUid() + { + return usingUserNamespace ? (!buildUser || buildUser->getUIDCount() == 1 ? 1000 : 0) : buildUser->getUID(); + } + + gid_t sandboxGid() + { + return usingUserNamespace ? (!buildUser || buildUser->getUIDCount() == 1 ? 100 : 0) : buildUser->getGID(); + } bool needsHashRewrite() override { return false; } + std::unique_ptr getBuildUser() override + { + return acquireUserLock(drvOptions.useUidRange(drv) ? 65536 : 1, true); + } + + void setBuildTmpDir() override + { + /* If sandboxing is enabled, put the actual TMPDIR underneath + an inaccessible root-owned directory, to prevent outside + access. + + On macOS, we don't use an actual chroot, so this isn't + possible. Any mitigation along these lines would have to be + done directly in the sandbox profile. */ + tmpDir = topTmpDir + "/build"; + createDir(tmpDir, 0700); + + /* In a sandbox, for determinism, always use the same temporary + directory. */ + tmpDirInSandbox = settings.sandboxBuildDir; + } + void prepareSandbox() override { /* Create a temporary directory in which we set up the chroot @@ -59,7 +94,10 @@ struct LinuxDerivationBuilder : DerivationBuilderImpl if (mkdir(chrootRootDir.c_str(), buildUser && buildUser->getUIDCount() != 1 ? 0755 : 0750) == -1) throw SysError("cannot create '%1%'", chrootRootDir); - if (buildUser && chown(chrootRootDir.c_str(), buildUser->getUIDCount() != 1 ? buildUser->getUID() : 0, buildUser->getGID()) == -1) + if (buildUser + && chown( + chrootRootDir.c_str(), buildUser->getUIDCount() != 1 ? buildUser->getUID() : 0, buildUser->getGID()) + == -1) throw SysError("cannot change ownership of '%1%'", chrootRootDir); /* Create a writable /tmp in the chroot. Many builders need @@ -81,10 +119,12 @@ struct LinuxDerivationBuilder : DerivationBuilderImpl /* Declare the build user's group so that programs get a consistent view of the system (e.g., "id -gn"). */ - writeFile(chrootRootDir + "/etc/group", + writeFile( + chrootRootDir + "/etc/group", fmt("root:x:0:\n" "nixbld:!:%1%:\n" - "nogroup:x:65534:\n", sandboxGid())); + "nogroup:x:65534:\n", + sandboxGid())); /* Create /etc/hosts with localhost entry. */ if (derivationType.isSandboxed()) @@ -125,7 +165,7 @@ struct LinuxDerivationBuilder : DerivationBuilderImpl chownToBuilder(*cgroup); chownToBuilder(*cgroup + "/cgroup.procs"); chownToBuilder(*cgroup + "/cgroup.threads"); - //chownToBuilder(*cgroup + "/cgroup.subtree_control"); + // chownToBuilder(*cgroup + "/cgroup.subtree_control"); } pathsInChroot = getPathsInSandbox(); @@ -136,6 +176,18 @@ struct LinuxDerivationBuilder : DerivationBuilderImpl } } + Strings getPreBuildHookArgs() override + { + assert(!chrootRootDir.empty()); + return Strings({store.printStorePath(drvPath), chrootRootDir}); + } + + Path realPathInSandbox(const Path & p) override + { + // FIXME: why the needsHashRewrite() conditional? + return !needsHashRewrite() ? chrootRootDir + p : store.toRealPath(p); + } + void startChild() override { /* Set up private namespaces for the build: @@ -194,7 +246,8 @@ struct LinuxDerivationBuilder : DerivationBuilderImpl if (errno != EPERM) throw SysError("setgroups failed"); if (settings.requireDropSupplementaryGroups) - throw Error("setgroups failed. Set the require-drop-supplementary-groups option to false to skip this step."); + throw Error( + "setgroups failed. Set the require-drop-supplementary-groups option to false to skip this step."); } ProcessOptions options; @@ -226,9 +279,7 @@ struct LinuxDerivationBuilder : DerivationBuilderImpl /* Close the write side to prevent runChild() from hanging reading from this. */ - Finally cleanup([&]() { - userNamespaceSync.writeSide = -1; - }); + Finally cleanup([&]() { userNamespaceSync.writeSide = -1; }); auto ss = tokenizeString>(readLine(sendPid.readSide.get())); assert(ss.size() == 1); @@ -242,30 +293,32 @@ struct LinuxDerivationBuilder : DerivationBuilderImpl uid_t hostGid = buildUser ? buildUser->getGID() : getgid(); uid_t nrIds = buildUser ? buildUser->getUIDCount() : 1; - writeFile("/proc/" + std::to_string(pid) + "/uid_map", - fmt("%d %d %d", sandboxUid(), hostUid, nrIds)); + writeFile("/proc/" + std::to_string(pid) + "/uid_map", fmt("%d %d %d", sandboxUid(), hostUid, nrIds)); if (!buildUser || buildUser->getUIDCount() == 1) writeFile("/proc/" + std::to_string(pid) + "/setgroups", "deny"); - writeFile("/proc/" + std::to_string(pid) + "/gid_map", - fmt("%d %d %d", sandboxGid(), hostGid, nrIds)); + writeFile("/proc/" + std::to_string(pid) + "/gid_map", fmt("%d %d %d", sandboxGid(), hostGid, nrIds)); } else { debug("note: not using a user namespace"); if (!buildUser) - throw Error("cannot perform a sandboxed build because user namespaces are not enabled; check /proc/sys/user/max_user_namespaces"); + throw Error( + "cannot perform a sandboxed build because user namespaces are not enabled; check /proc/sys/user/max_user_namespaces"); } /* Now that we now the sandbox uid, we can write /etc/passwd. */ - writeFile(chrootRootDir + "/etc/passwd", fmt( - "root:x:0:0:Nix build user:%3%:/noshell\n" + writeFile( + chrootRootDir + "/etc/passwd", + fmt("root:x:0:0:Nix build user:%3%:/noshell\n" "nixbld:x:%1%:%2%:Nix build user:%3%:/noshell\n" "nobody:x:65534:65534:Nobody:/:/noshell\n", - sandboxUid(), sandboxGid(), settings.sandboxBuildDir)); + sandboxUid(), + sandboxGid(), + settings.sandboxBuildDir)); /* Save the mount- and user namespace of the child. We have to do this - *before* the child does a chroot. */ + *before* the child does a chroot. */ sandboxMountNamespace = open(fmt("/proc/%d/ns/mnt", (pid_t) pid).c_str(), O_RDONLY); if (sandboxMountNamespace.get() == -1) throw SysError("getting sandbox mount namespace"); @@ -528,6 +581,24 @@ struct LinuxDerivationBuilder : DerivationBuilderImpl return DerivationBuilderImpl::unprepareBuild(); } + void cleanupBuild() override + { + DerivationBuilderImpl::cleanupBuild(); + + /* Move paths out of the chroot for easier debugging of + build failures. */ + if (buildMode == bmNormal) + for (auto & [_, status] : initialOutputs) { + if (!status.known) + continue; + if (buildMode != bmCheck && status.known->isValid()) + continue; + auto p = store.toRealPath(status.known->path); + if (pathExists(chrootRootDir + p)) + std::filesystem::rename((chrootRootDir + p), p); + } + } + void addDependency(const StorePath & path) override { if (isAllowed(path)) @@ -568,4 +639,6 @@ struct LinuxDerivationBuilder : DerivationBuilderImpl } }; +} + #endif From 1acdb9168d6295599f2974467608c7d3f635f004 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 26 May 2025 21:36:13 +0200 Subject: [PATCH 720/815] Move doBind() --- src/libstore/unix/build/derivation-builder.cc | 47 ----------------- .../unix/build/linux-derivation-builder.cc | 50 +++++++++++++++++++ 2 files changed, 50 insertions(+), 47 deletions(-) diff --git a/src/libstore/unix/build/derivation-builder.cc b/src/libstore/unix/build/derivation-builder.cc index 65e4799e7c5..ee9c893907a 100644 --- a/src/libstore/unix/build/derivation-builder.cc +++ b/src/libstore/unix/build/derivation-builder.cc @@ -39,24 +39,13 @@ # include #endif -/* Includes required for chroot support. */ #ifdef __linux__ # include "linux/fchmodat2-compat.hh" -# include -# include -# include -# include -# include -# include -# include # include -# include "nix/util/namespaces.hh" # if HAVE_SECCOMP # include # endif -# define pivot_root(new_root, put_old) (syscall(SYS_pivot_root, new_root, put_old)) # include "nix/util/cgroup.hh" -# include "nix/store/personality.hh" #endif #include @@ -680,42 +669,6 @@ bool DerivationBuilderImpl::decideWhetherDiskFull() return diskFull; } - -#ifdef __linux__ -static void doBind(const Path & source, const Path & target, bool optional = false) { - debug("bind mounting '%1%' to '%2%'", source, target); - - auto bindMount = [&]() { - if (mount(source.c_str(), target.c_str(), "", MS_BIND | MS_REC, 0) == -1) - throw SysError("bind mount from '%1%' to '%2%' failed", source, target); - }; - - auto maybeSt = maybeLstat(source); - if (!maybeSt) { - if (optional) - return; - else - throw SysError("getting attributes of path '%1%'", source); - } - auto st = *maybeSt; - - if (S_ISDIR(st.st_mode)) { - createDirs(target); - bindMount(); - } else if (S_ISLNK(st.st_mode)) { - // Symlinks can (apparently) not be bind-mounted, so just copy it - createDirs(dirOf(target)); - copyFile( - std::filesystem::path(source), - std::filesystem::path(target), false); - } else { - createDirs(dirOf(target)); - writeFile(target, ""); - bindMount(); - } -}; -#endif - /** * Rethrow the current exception as a subclass of `Error`. */ diff --git a/src/libstore/unix/build/linux-derivation-builder.cc b/src/libstore/unix/build/linux-derivation-builder.cc index c5283116664..7e2aed1c89c 100644 --- a/src/libstore/unix/build/linux-derivation-builder.cc +++ b/src/libstore/unix/build/linux-derivation-builder.cc @@ -1,7 +1,57 @@ #ifdef __linux__ +# ifdef __linux__ +# include +# include +# include +# include +# include +# include +# include +# include +# include "nix/util/namespaces.hh" +# if HAVE_SECCOMP +# include +# endif +# define pivot_root(new_root, put_old) (syscall(SYS_pivot_root, new_root, put_old)) +# include "nix/util/cgroup.hh" +# include "nix/store/personality.hh" +# endif + namespace nix { +static void doBind(const Path & source, const Path & target, bool optional = false) +{ + debug("bind mounting '%1%' to '%2%'", source, target); + + auto bindMount = [&]() { + if (mount(source.c_str(), target.c_str(), "", MS_BIND | MS_REC, 0) == -1) + throw SysError("bind mount from '%1%' to '%2%' failed", source, target); + }; + + auto maybeSt = maybeLstat(source); + if (!maybeSt) { + if (optional) + return; + else + throw SysError("getting attributes of path '%1%'", source); + } + auto st = *maybeSt; + + if (S_ISDIR(st.st_mode)) { + createDirs(target); + bindMount(); + } else if (S_ISLNK(st.st_mode)) { + // Symlinks can (apparently) not be bind-mounted, so just copy it + createDirs(dirOf(target)); + copyFile(std::filesystem::path(source), std::filesystem::path(target), false); + } else { + createDirs(dirOf(target)); + writeFile(target, ""); + bindMount(); + } +} + struct LinuxDerivationBuilder : DerivationBuilderImpl { /** From 5d96e55e91bd2ccf586f0757952b52f2b19f7186 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 26 May 2025 21:44:51 +0200 Subject: [PATCH 721/815] Move seccomp code --- src/libstore/unix/build/derivation-builder.cc | 100 ------------- .../unix/build/linux-derivation-builder.cc | 133 +++++++++++++++--- 2 files changed, 117 insertions(+), 116 deletions(-) diff --git a/src/libstore/unix/build/derivation-builder.cc b/src/libstore/unix/build/derivation-builder.cc index ee9c893907a..b40511111f4 100644 --- a/src/libstore/unix/build/derivation-builder.cc +++ b/src/libstore/unix/build/derivation-builder.cc @@ -40,11 +40,6 @@ #endif #ifdef __linux__ -# include "linux/fchmodat2-compat.hh" -# include -# if HAVE_SECCOMP -# include -# endif # include "nix/util/cgroup.hh" #endif @@ -1350,95 +1345,6 @@ void DerivationBuilderImpl::chownToBuilder(const Path & path) throw SysError("cannot change ownership of '%1%'", path); } - -void setupSeccomp() -{ -#ifdef __linux__ - if (!settings.filterSyscalls) return; -#if HAVE_SECCOMP - scmp_filter_ctx ctx; - - if (!(ctx = seccomp_init(SCMP_ACT_ALLOW))) - throw SysError("unable to initialize seccomp mode 2"); - - Finally cleanup([&]() { - seccomp_release(ctx); - }); - - constexpr std::string_view nativeSystem = NIX_LOCAL_SYSTEM; - - if (nativeSystem == "x86_64-linux" && - seccomp_arch_add(ctx, SCMP_ARCH_X86) != 0) - throw SysError("unable to add 32-bit seccomp architecture"); - - if (nativeSystem == "x86_64-linux" && - seccomp_arch_add(ctx, SCMP_ARCH_X32) != 0) - throw SysError("unable to add X32 seccomp architecture"); - - if (nativeSystem == "aarch64-linux" && - seccomp_arch_add(ctx, SCMP_ARCH_ARM) != 0) - printError("unable to add ARM seccomp architecture; this may result in spurious build failures if running 32-bit ARM processes"); - - if (nativeSystem == "mips64-linux" && - seccomp_arch_add(ctx, SCMP_ARCH_MIPS) != 0) - printError("unable to add mips seccomp architecture"); - - if (nativeSystem == "mips64-linux" && - seccomp_arch_add(ctx, SCMP_ARCH_MIPS64N32) != 0) - printError("unable to add mips64-*abin32 seccomp architecture"); - - if (nativeSystem == "mips64el-linux" && - seccomp_arch_add(ctx, SCMP_ARCH_MIPSEL) != 0) - printError("unable to add mipsel seccomp architecture"); - - if (nativeSystem == "mips64el-linux" && - seccomp_arch_add(ctx, SCMP_ARCH_MIPSEL64N32) != 0) - printError("unable to add mips64el-*abin32 seccomp architecture"); - - /* Prevent builders from creating setuid/setgid binaries. */ - for (int perm : { S_ISUID, S_ISGID }) { - if (seccomp_rule_add(ctx, SCMP_ACT_ERRNO(EPERM), SCMP_SYS(chmod), 1, - SCMP_A1(SCMP_CMP_MASKED_EQ, (scmp_datum_t) perm, (scmp_datum_t) perm)) != 0) - throw SysError("unable to add seccomp rule"); - - if (seccomp_rule_add(ctx, SCMP_ACT_ERRNO(EPERM), SCMP_SYS(fchmod), 1, - SCMP_A1(SCMP_CMP_MASKED_EQ, (scmp_datum_t) perm, (scmp_datum_t) perm)) != 0) - throw SysError("unable to add seccomp rule"); - - if (seccomp_rule_add(ctx, SCMP_ACT_ERRNO(EPERM), SCMP_SYS(fchmodat), 1, - SCMP_A2(SCMP_CMP_MASKED_EQ, (scmp_datum_t) perm, (scmp_datum_t) perm)) != 0) - throw SysError("unable to add seccomp rule"); - - if (seccomp_rule_add(ctx, SCMP_ACT_ERRNO(EPERM), NIX_SYSCALL_FCHMODAT2, 1, - SCMP_A2(SCMP_CMP_MASKED_EQ, (scmp_datum_t) perm, (scmp_datum_t) perm)) != 0) - throw SysError("unable to add seccomp rule"); - } - - /* Prevent builders from using EAs or ACLs. Not all filesystems - support these, and they're not allowed in the Nix store because - they're not representable in the NAR serialisation. */ - if (seccomp_rule_add(ctx, SCMP_ACT_ERRNO(ENOTSUP), SCMP_SYS(getxattr), 0) != 0 || - seccomp_rule_add(ctx, SCMP_ACT_ERRNO(ENOTSUP), SCMP_SYS(lgetxattr), 0) != 0 || - seccomp_rule_add(ctx, SCMP_ACT_ERRNO(ENOTSUP), SCMP_SYS(fgetxattr), 0) != 0 || - seccomp_rule_add(ctx, SCMP_ACT_ERRNO(ENOTSUP), SCMP_SYS(setxattr), 0) != 0 || - seccomp_rule_add(ctx, SCMP_ACT_ERRNO(ENOTSUP), SCMP_SYS(lsetxattr), 0) != 0 || - seccomp_rule_add(ctx, SCMP_ACT_ERRNO(ENOTSUP), SCMP_SYS(fsetxattr), 0) != 0) - throw SysError("unable to add seccomp rule"); - - if (seccomp_attr_set(ctx, SCMP_FLTATR_CTL_NNP, settings.allowNewPrivileges ? 0 : 1) != 0) - throw SysError("unable to set 'no new privileges' seccomp attribute"); - - if (seccomp_load(ctx) != 0) - throw SysError("unable to load seccomp BPF program"); -#else - throw Error( - "seccomp is not supported on this platform; " - "you can bypass this error by setting the option 'filter-syscalls' to false, but note that untrusted builds can then create setuid binaries!"); -#endif -#endif -} - - void DerivationBuilderImpl::runChild() { /* Warning: in the child we should absolutely not make any SQLite @@ -1450,12 +1356,6 @@ void DerivationBuilderImpl::runChild() commonChildInit(); - try { - setupSeccomp(); - } catch (...) { - if (buildUser) throw; - } - /* Make the contents of netrc and the CA certificate bundle available to builtin:fetchurl (which may run under a different uid and/or in a sandbox). */ diff --git a/src/libstore/unix/build/linux-derivation-builder.cc b/src/libstore/unix/build/linux-derivation-builder.cc index 7e2aed1c89c..bfda1e33a48 100644 --- a/src/libstore/unix/build/linux-derivation-builder.cc +++ b/src/libstore/unix/build/linux-derivation-builder.cc @@ -1,25 +1,123 @@ #ifdef __linux__ -# ifdef __linux__ -# include -# include -# include -# include -# include -# include -# include -# include -# include "nix/util/namespaces.hh" -# if HAVE_SECCOMP -# include -# endif -# define pivot_root(new_root, put_old) (syscall(SYS_pivot_root, new_root, put_old)) -# include "nix/util/cgroup.hh" -# include "nix/store/personality.hh" +# include "linux/fchmodat2-compat.hh" +# include +# include +# include +# include +# include +# include +# include +# include +# include "nix/util/namespaces.hh" +# if HAVE_SECCOMP +# include # endif +# define pivot_root(new_root, put_old) (syscall(SYS_pivot_root, new_root, put_old)) +# include "nix/util/cgroup.hh" +# include "nix/store/personality.hh" namespace nix { +static void setupSeccomp() +{ + if (!settings.filterSyscalls) + return; + +# if HAVE_SECCOMP + scmp_filter_ctx ctx; + + if (!(ctx = seccomp_init(SCMP_ACT_ALLOW))) + throw SysError("unable to initialize seccomp mode 2"); + + Finally cleanup([&]() { seccomp_release(ctx); }); + + constexpr std::string_view nativeSystem = NIX_LOCAL_SYSTEM; + + if (nativeSystem == "x86_64-linux" && seccomp_arch_add(ctx, SCMP_ARCH_X86) != 0) + throw SysError("unable to add 32-bit seccomp architecture"); + + if (nativeSystem == "x86_64-linux" && seccomp_arch_add(ctx, SCMP_ARCH_X32) != 0) + throw SysError("unable to add X32 seccomp architecture"); + + if (nativeSystem == "aarch64-linux" && seccomp_arch_add(ctx, SCMP_ARCH_ARM) != 0) + printError( + "unable to add ARM seccomp architecture; this may result in spurious build failures if running 32-bit ARM processes"); + + if (nativeSystem == "mips64-linux" && seccomp_arch_add(ctx, SCMP_ARCH_MIPS) != 0) + printError("unable to add mips seccomp architecture"); + + if (nativeSystem == "mips64-linux" && seccomp_arch_add(ctx, SCMP_ARCH_MIPS64N32) != 0) + printError("unable to add mips64-*abin32 seccomp architecture"); + + if (nativeSystem == "mips64el-linux" && seccomp_arch_add(ctx, SCMP_ARCH_MIPSEL) != 0) + printError("unable to add mipsel seccomp architecture"); + + if (nativeSystem == "mips64el-linux" && seccomp_arch_add(ctx, SCMP_ARCH_MIPSEL64N32) != 0) + printError("unable to add mips64el-*abin32 seccomp architecture"); + + /* Prevent builders from creating setuid/setgid binaries. */ + for (int perm : {S_ISUID, S_ISGID}) { + if (seccomp_rule_add( + ctx, + SCMP_ACT_ERRNO(EPERM), + SCMP_SYS(chmod), + 1, + SCMP_A1(SCMP_CMP_MASKED_EQ, (scmp_datum_t) perm, (scmp_datum_t) perm)) + != 0) + throw SysError("unable to add seccomp rule"); + + if (seccomp_rule_add( + ctx, + SCMP_ACT_ERRNO(EPERM), + SCMP_SYS(fchmod), + 1, + SCMP_A1(SCMP_CMP_MASKED_EQ, (scmp_datum_t) perm, (scmp_datum_t) perm)) + != 0) + throw SysError("unable to add seccomp rule"); + + if (seccomp_rule_add( + ctx, + SCMP_ACT_ERRNO(EPERM), + SCMP_SYS(fchmodat), + 1, + SCMP_A2(SCMP_CMP_MASKED_EQ, (scmp_datum_t) perm, (scmp_datum_t) perm)) + != 0) + throw SysError("unable to add seccomp rule"); + + if (seccomp_rule_add( + ctx, + SCMP_ACT_ERRNO(EPERM), + NIX_SYSCALL_FCHMODAT2, + 1, + SCMP_A2(SCMP_CMP_MASKED_EQ, (scmp_datum_t) perm, (scmp_datum_t) perm)) + != 0) + throw SysError("unable to add seccomp rule"); + } + + /* Prevent builders from using EAs or ACLs. Not all filesystems + support these, and they're not allowed in the Nix store because + they're not representable in the NAR serialisation. */ + if (seccomp_rule_add(ctx, SCMP_ACT_ERRNO(ENOTSUP), SCMP_SYS(getxattr), 0) != 0 + || seccomp_rule_add(ctx, SCMP_ACT_ERRNO(ENOTSUP), SCMP_SYS(lgetxattr), 0) != 0 + || seccomp_rule_add(ctx, SCMP_ACT_ERRNO(ENOTSUP), SCMP_SYS(fgetxattr), 0) != 0 + || seccomp_rule_add(ctx, SCMP_ACT_ERRNO(ENOTSUP), SCMP_SYS(setxattr), 0) != 0 + || seccomp_rule_add(ctx, SCMP_ACT_ERRNO(ENOTSUP), SCMP_SYS(lsetxattr), 0) != 0 + || seccomp_rule_add(ctx, SCMP_ACT_ERRNO(ENOTSUP), SCMP_SYS(fsetxattr), 0) != 0) + throw SysError("unable to add seccomp rule"); + + if (seccomp_attr_set(ctx, SCMP_FLTATR_CTL_NNP, settings.allowNewPrivileges ? 0 : 1) != 0) + throw SysError("unable to set 'no new privileges' seccomp attribute"); + + if (seccomp_load(ctx) != 0) + throw SysError("unable to load seccomp BPF program"); +# else + throw Error( + "seccomp is not supported on this platform; " + "you can bypass this error by setting the option 'filter-syscalls' to false, but note that untrusted builds can then create setuid binaries!"); +# endif +} + static void doBind(const Path & source, const Path & target, bool optional = false) { debug("bind mounting '%1%' to '%2%'", source, target); @@ -608,6 +706,9 @@ struct LinuxDerivationBuilder : DerivationBuilderImpl if (rmdir("real-root") == -1) throw SysError("cannot remove real-root directory"); + // FIXME: move to LinuxDerivationBuilder + setupSeccomp(); + // FIXME: move to LinuxDerivationBuilder linux::setPersonality(drv.platform); } From f5176500be9644fe771528ad780b8245fb8aa0fe Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 26 May 2025 22:23:59 +0200 Subject: [PATCH 722/815] Move autoDelChroot --- src/libstore/unix/build/derivation-builder.cc | 9 --------- src/libstore/unix/build/linux-derivation-builder.cc | 12 ++++++++++++ 2 files changed, 12 insertions(+), 9 deletions(-) diff --git a/src/libstore/unix/build/derivation-builder.cc b/src/libstore/unix/build/derivation-builder.cc index b40511111f4..459b294f5da 100644 --- a/src/libstore/unix/build/derivation-builder.cc +++ b/src/libstore/unix/build/derivation-builder.cc @@ -117,12 +117,6 @@ class DerivationBuilderImpl : public DerivationBuilder, public DerivationBuilder */ Path tmpDirInSandbox; - /** - * RAII object to delete the chroot directory. - */ - // FIXME: move - std::shared_ptr autoDelChroot; - /** * The sort of derivation we are building. * @@ -564,9 +558,6 @@ std::variant, SingleDrvOutputs> Derivation for (auto & i : redirectedOutputs) deletePath(store.Store::toRealPath(i.second)); - /* Delete the chroot (if we were using one). */ - autoDelChroot.reset(); /* this runs the destructor */ - deleteTmpDir(true); return std::move(builtOutputs); diff --git a/src/libstore/unix/build/linux-derivation-builder.cc b/src/libstore/unix/build/linux-derivation-builder.cc index bfda1e33a48..48c605ca3b0 100644 --- a/src/libstore/unix/build/linux-derivation-builder.cc +++ b/src/libstore/unix/build/linux-derivation-builder.cc @@ -175,6 +175,11 @@ struct LinuxDerivationBuilder : DerivationBuilderImpl */ Path chrootRootDir; + /** + * RAII object to delete the chroot directory. + */ + std::shared_ptr autoDelChroot; + PathsInChroot pathsInChroot; LinuxDerivationBuilder( @@ -183,6 +188,13 @@ struct LinuxDerivationBuilder : DerivationBuilderImpl { } + void deleteTmpDir(bool force) override + { + autoDelChroot.reset(); /* this runs the destructor */ + + DerivationBuilderImpl::deleteTmpDir(force); + } + uid_t sandboxUid() { return usingUserNamespace ? (!buildUser || buildUser->getUIDCount() == 1 ? 1000 : 0) : buildUser->getUID(); From 492b684b9ecd08259703f30596e28ece975db191 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 26 May 2025 22:29:08 +0200 Subject: [PATCH 723/815] Get rid of tmpDirInSandbox variable --- src/libstore/unix/build/derivation-builder.cc | 38 ++++++++++--------- .../unix/build/linux-derivation-builder.cc | 5 ++- 2 files changed, 24 insertions(+), 19 deletions(-) diff --git a/src/libstore/unix/build/derivation-builder.cc b/src/libstore/unix/build/derivation-builder.cc index 459b294f5da..b8fc9b1788c 100644 --- a/src/libstore/unix/build/derivation-builder.cc +++ b/src/libstore/unix/build/derivation-builder.cc @@ -112,11 +112,6 @@ class DerivationBuilderImpl : public DerivationBuilder, public DerivationBuilder */ Path topTmpDir; - /** - * The path of the temporary directory in the sandbox. - */ - Path tmpDirInSandbox; - /** * The sort of derivation we are building. * @@ -237,7 +232,15 @@ class DerivationBuilderImpl : public DerivationBuilder, public DerivationBuilder virtual void setBuildTmpDir() { tmpDir = topTmpDir; - tmpDirInSandbox = topTmpDir; + } + + /** + * Return the path of the temporary directory in the sandbox. + */ + virtual Path tmpDirInSandbox() + { + assert(!topTmpDir.empty()); + return topTmpDir; } /** @@ -772,7 +775,6 @@ void DerivationBuilderImpl::startBuilder() topTmpDir = createTempDir(settings.buildDir.get().value_or(""), "nix-build-" + std::string(drvPath.name()), false, false, 0700); setBuildTmpDir(); assert(!tmpDir.empty()); - assert(!tmpDirInSandbox.empty()); chownToBuilder(tmpDir); for (auto & [outputName, status] : initialOutputs) { @@ -936,11 +938,11 @@ DerivationBuilderImpl::PathsInChroot DerivationBuilderImpl::getPathsInSandbox() pathsInChroot[inside] = {outside, optional}; } - if (hasPrefix(store.storeDir, tmpDirInSandbox)) + if (hasPrefix(store.storeDir, tmpDirInSandbox())) { throw Error("`sandbox-build-dir` must not contain the storeDir"); } - pathsInChroot[tmpDirInSandbox] = tmpDir; + pathsInChroot[tmpDirInSandbox()] = tmpDir; /* Add the closure of store paths to the chroot. */ StorePathSet closure; @@ -1103,7 +1105,7 @@ void DerivationBuilderImpl::initTmpDir() Path p = tmpDir + "/" + fn; writeFile(p, rewriteStrings(i.second, inputRewrites)); chownToBuilder(p); - env[i.first + "Path"] = tmpDirInSandbox + "/" + fn; + env[i.first + "Path"] = tmpDirInSandbox() + "/" + fn; } } @@ -1111,16 +1113,16 @@ void DerivationBuilderImpl::initTmpDir() /* For convenience, set an environment pointing to the top build directory. */ - env["NIX_BUILD_TOP"] = tmpDirInSandbox; + env["NIX_BUILD_TOP"] = tmpDirInSandbox(); /* Also set TMPDIR and variants to point to this directory. */ - env["TMPDIR"] = env["TEMPDIR"] = env["TMP"] = env["TEMP"] = tmpDirInSandbox; + env["TMPDIR"] = env["TEMPDIR"] = env["TMP"] = env["TEMP"] = tmpDirInSandbox(); /* Explicitly set PWD to prevent problems with chroot builds. In particular, dietlibc cannot figure out the cwd because the inode of the current directory doesn't appear in .. (because getdents returns the inode of the mount point). */ - env["PWD"] = tmpDirInSandbox; + env["PWD"] = tmpDirInSandbox(); } @@ -1213,10 +1215,10 @@ void DerivationBuilderImpl::writeStructuredAttrs() writeFile(tmpDir + "/.attrs.sh", rewriteStrings(jsonSh, inputRewrites)); chownToBuilder(tmpDir + "/.attrs.sh"); - env["NIX_ATTRS_SH_FILE"] = tmpDirInSandbox + "/.attrs.sh"; + env["NIX_ATTRS_SH_FILE"] = tmpDirInSandbox() + "/.attrs.sh"; writeFile(tmpDir + "/.attrs.json", rewriteStrings(json.dump(), inputRewrites)); chownToBuilder(tmpDir + "/.attrs.json"); - env["NIX_ATTRS_JSON_FILE"] = tmpDirInSandbox + "/.attrs.json"; + env["NIX_ATTRS_JSON_FILE"] = tmpDirInSandbox() + "/.attrs.json"; } } @@ -1240,7 +1242,7 @@ void DerivationBuilderImpl::startDaemon() auto socketName = ".nix-socket"; Path socketPath = tmpDir + "/" + socketName; - env["NIX_REMOTE"] = "unix://" + tmpDirInSandbox + "/" + socketName; + env["NIX_REMOTE"] = "unix://" + tmpDirInSandbox() + "/" + socketName; daemonSocket = createUnixDomainSocket(socketPath, 0600); @@ -1352,7 +1354,7 @@ void DerivationBuilderImpl::runChild() different uid and/or in a sandbox). */ BuiltinBuilderContext ctx{ .drv = drv, - .tmpDirInSandbox = tmpDirInSandbox, + .tmpDirInSandbox = tmpDirInSandbox(), }; if (drv.isBuiltin() && drv.builder == "builtin:fetchurl") { @@ -1367,7 +1369,7 @@ void DerivationBuilderImpl::runChild() enterChroot(); - if (chdir(tmpDirInSandbox.c_str()) == -1) + if (chdir(tmpDirInSandbox().c_str()) == -1) throw SysError("changing into '%1%'", tmpDir); /* Close all other file descriptors. */ diff --git a/src/libstore/unix/build/linux-derivation-builder.cc b/src/libstore/unix/build/linux-derivation-builder.cc index 48c605ca3b0..57298c91f26 100644 --- a/src/libstore/unix/build/linux-derivation-builder.cc +++ b/src/libstore/unix/build/linux-derivation-builder.cc @@ -226,10 +226,13 @@ struct LinuxDerivationBuilder : DerivationBuilderImpl done directly in the sandbox profile. */ tmpDir = topTmpDir + "/build"; createDir(tmpDir, 0700); + } + Path tmpDirInSandbox() override + { /* In a sandbox, for determinism, always use the same temporary directory. */ - tmpDirInSandbox = settings.sandboxBuildDir; + return settings.sandboxBuildDir; } void prepareSandbox() override From c9bb16a7410d621f988344321fb1000ddc83a47e Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 26 May 2025 22:35:47 +0200 Subject: [PATCH 724/815] Inline initTmpDir() --- src/libstore/unix/build/derivation-builder.cc | 62 ++++++++----------- 1 file changed, 25 insertions(+), 37 deletions(-) diff --git a/src/libstore/unix/build/derivation-builder.cc b/src/libstore/unix/build/derivation-builder.cc index b8fc9b1788c..fc0e4d7eb3d 100644 --- a/src/libstore/unix/build/derivation-builder.cc +++ b/src/libstore/unix/build/derivation-builder.cc @@ -286,11 +286,6 @@ class DerivationBuilderImpl : public DerivationBuilder, public DerivationBuilder private: - /** - * Setup tmp dir location. - */ - void initTmpDir(); - /** * Write a JSON file containing the derivation attributes. */ @@ -1089,9 +1084,32 @@ void DerivationBuilderImpl::processSandboxSetupMessages() } } - -void DerivationBuilderImpl::initTmpDir() +void DerivationBuilderImpl::initEnv() { + env.clear(); + + /* Most shells initialise PATH to some default (/bin:/usr/bin:...) when + PATH is not set. We don't want this, so we fill it in with some dummy + value. */ + env["PATH"] = "/path-not-set"; + + /* Set HOME to a non-existing path to prevent certain programs from using + /etc/passwd (or NIS, or whatever) to locate the home directory (for + example, wget looks for ~/.wgetrc). I.e., these tools use /etc/passwd + if HOME is not set, but they will just assume that the settings file + they are looking for does not exist if HOME is set but points to some + non-existing path. */ + env["HOME"] = homeDir; + + /* Tell the builder where the Nix store is. Usually they + shouldn't care, but this is useful for purity checking (e.g., + the compiler or linker might only want to accept paths to files + in the store or in the build directory). */ + env["NIX_STORE"] = store.storeDir; + + /* The maximum number of cores to utilize for parallel building. */ + env["NIX_BUILD_CORES"] = fmt("%d", settings.buildCores); + /* In non-structured mode, set all bindings either directory in the environment or via a file, as specified by `DerivationOptions::passAsFile`. */ @@ -1123,36 +1141,6 @@ void DerivationBuilderImpl::initTmpDir() inode of the current directory doesn't appear in .. (because getdents returns the inode of the mount point). */ env["PWD"] = tmpDirInSandbox(); -} - - -void DerivationBuilderImpl::initEnv() -{ - env.clear(); - - /* Most shells initialise PATH to some default (/bin:/usr/bin:...) when - PATH is not set. We don't want this, so we fill it in with some dummy - value. */ - env["PATH"] = "/path-not-set"; - - /* Set HOME to a non-existing path to prevent certain programs from using - /etc/passwd (or NIS, or whatever) to locate the home directory (for - example, wget looks for ~/.wgetrc). I.e., these tools use /etc/passwd - if HOME is not set, but they will just assume that the settings file - they are looking for does not exist if HOME is set but points to some - non-existing path. */ - env["HOME"] = homeDir; - - /* Tell the builder where the Nix store is. Usually they - shouldn't care, but this is useful for purity checking (e.g., - the compiler or linker might only want to accept paths to files - in the store or in the build directory). */ - env["NIX_STORE"] = store.storeDir; - - /* The maximum number of cores to utilize for parallel building. */ - env["NIX_BUILD_CORES"] = fmt("%d", settings.buildCores); - - initTmpDir(); /* Compatibility hack with Nix <= 0.7: if this is a fixed-output derivation, tell the builder, so that for instance `fetchurl' From ab18d8ca5fe90391a12d0f26ed301ff52068dbce Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 26 May 2025 23:51:24 +0200 Subject: [PATCH 725/815] Move cgroup support --- src/libstore/build/derivation-goal.cc | 2 + src/libstore/unix/build/derivation-builder.cc | 85 +++---------------- .../unix/build/linux-derivation-builder.cc | 73 +++++++++++++++- 3 files changed, 83 insertions(+), 77 deletions(-) diff --git a/src/libstore/build/derivation-goal.cc b/src/libstore/build/derivation-goal.cc index 02f80b65e0a..fb06670fba4 100644 --- a/src/libstore/build/derivation-goal.cc +++ b/src/libstore/build/derivation-goal.cc @@ -99,6 +99,8 @@ void DerivationGoal::killChild() if (builder && builder->pid != -1) { worker.childTerminated(this); + // FIXME: move this into DerivationBuilder. + /* If we're using a build user, then there is a tricky race condition: if we kill the build user before the child has done its setuid() to the build user uid, then it won't be diff --git a/src/libstore/unix/build/derivation-builder.cc b/src/libstore/unix/build/derivation-builder.cc index fc0e4d7eb3d..9c63e3cbb84 100644 --- a/src/libstore/unix/build/derivation-builder.cc +++ b/src/libstore/unix/build/derivation-builder.cc @@ -39,10 +39,6 @@ # include #endif -#ifdef __linux__ -# include "nix/util/cgroup.hh" -#endif - #include #include #include @@ -95,12 +91,6 @@ class DerivationBuilderImpl : public DerivationBuilder, public DerivationBuilder */ std::unique_ptr buildUser; - /** - * The cgroup of the builder, if any. - */ - // FIXME: move - std::optional cgroup; - /** * The temporary directory used for the build. */ @@ -243,6 +233,15 @@ class DerivationBuilderImpl : public DerivationBuilder, public DerivationBuilder return topTmpDir; } + /** + * Ensure that there are no processes running that conflict with + * `buildUser`. + */ + virtual void prepareUser() + { + killSandbox(false); + } + /** * Called by prepareBuild() to do any setup in the parent to * prepare for a sandboxed build. @@ -429,19 +428,7 @@ static LocalStore & getLocalStore(Store & store) void DerivationBuilderImpl::killSandbox(bool getStats) { - if (cgroup) { - #ifdef __linux__ - auto stats = destroyCgroup(*cgroup); - if (getStats) { - buildResult.cpuUser = stats.cpuUser; - buildResult.cpuSystem = stats.cpuSystem; - } - #else - unreachable(); - #endif - } - - else if (buildUser) { + if (buildUser) { auto uid = buildUser->getUID(); assert(uid != 0); killUser(uid); @@ -690,60 +677,10 @@ static void handleChildException(bool sendException) void DerivationBuilderImpl::startBuilder() { - if ((buildUser && buildUser->getUIDCount() != 1) - #ifdef __linux__ - || settings.useCgroups - #endif - ) - { - #ifdef __linux__ - experimentalFeatureSettings.require(Xp::Cgroups); - - /* If we're running from the daemon, then this will return the - root cgroup of the service. Otherwise, it will return the - current cgroup. */ - auto rootCgroup = getRootCgroup(); - auto cgroupFS = getCgroupFS(); - if (!cgroupFS) - throw Error("cannot determine the cgroups file system"); - auto rootCgroupPath = canonPath(*cgroupFS + "/" + rootCgroup); - if (!pathExists(rootCgroupPath)) - throw Error("expected cgroup directory '%s'", rootCgroupPath); - - static std::atomic counter{0}; - - cgroup = buildUser - ? fmt("%s/nix-build-uid-%d", rootCgroupPath, buildUser->getUID()) - : fmt("%s/nix-build-pid-%d-%d", rootCgroupPath, getpid(), counter++); - - debug("using cgroup '%s'", *cgroup); - - /* When using a build user, record the cgroup we used for that - user so that if we got interrupted previously, we can kill - any left-over cgroup first. */ - if (buildUser) { - auto cgroupsDir = settings.nixStateDir + "/cgroups"; - createDirs(cgroupsDir); - - auto cgroupFile = fmt("%s/%d", cgroupsDir, buildUser->getUID()); - - if (pathExists(cgroupFile)) { - auto prevCgroup = readFile(cgroupFile); - destroyCgroup(prevCgroup); - } - - writeFile(cgroupFile, *cgroup); - } - - #else - throw Error("cgroups are not supported on this platform"); - #endif - } - /* Make sure that no other processes are executing under the sandbox uids. This must be done before any chownToBuilder() calls. */ - killSandbox(false); + prepareUser(); /* Right platform? */ if (!drvOptions.canBuildLocally(store, drv)) { diff --git a/src/libstore/unix/build/linux-derivation-builder.cc b/src/libstore/unix/build/linux-derivation-builder.cc index 57298c91f26..5dfd468a368 100644 --- a/src/libstore/unix/build/linux-derivation-builder.cc +++ b/src/libstore/unix/build/linux-derivation-builder.cc @@ -1,6 +1,10 @@ #ifdef __linux__ +# include "nix/store/personality.hh" +# include "nix/util/cgroup.hh" +# include "nix/util/namespaces.hh" # include "linux/fchmodat2-compat.hh" + # include # include # include @@ -9,13 +13,12 @@ # include # include # include -# include "nix/util/namespaces.hh" + # if HAVE_SECCOMP # include # endif + # define pivot_root(new_root, put_old) (syscall(SYS_pivot_root, new_root, put_old)) -# include "nix/util/cgroup.hh" -# include "nix/store/personality.hh" namespace nix { @@ -182,6 +185,11 @@ struct LinuxDerivationBuilder : DerivationBuilderImpl PathsInChroot pathsInChroot; + /** + * The cgroup of the builder, if any. + */ + std::optional cgroup; + LinuxDerivationBuilder( Store & store, std::unique_ptr miscMethods, DerivationBuilderParams params) : DerivationBuilderImpl(store, std::move(miscMethods), std::move(params)) @@ -235,6 +243,51 @@ struct LinuxDerivationBuilder : DerivationBuilderImpl return settings.sandboxBuildDir; } + void prepareUser() override + { + if ((buildUser && buildUser->getUIDCount() != 1) || settings.useCgroups) { + experimentalFeatureSettings.require(Xp::Cgroups); + + /* If we're running from the daemon, then this will return the + root cgroup of the service. Otherwise, it will return the + current cgroup. */ + auto rootCgroup = getRootCgroup(); + auto cgroupFS = getCgroupFS(); + if (!cgroupFS) + throw Error("cannot determine the cgroups file system"); + auto rootCgroupPath = canonPath(*cgroupFS + "/" + rootCgroup); + if (!pathExists(rootCgroupPath)) + throw Error("expected cgroup directory '%s'", rootCgroupPath); + + static std::atomic counter{0}; + + cgroup = buildUser ? fmt("%s/nix-build-uid-%d", rootCgroupPath, buildUser->getUID()) + : fmt("%s/nix-build-pid-%d-%d", rootCgroupPath, getpid(), counter++); + + debug("using cgroup '%s'", *cgroup); + + /* When using a build user, record the cgroup we used for that + user so that if we got interrupted previously, we can kill + any left-over cgroup first. */ + if (buildUser) { + auto cgroupsDir = settings.nixStateDir + "/cgroups"; + createDirs(cgroupsDir); + + auto cgroupFile = fmt("%s/%d", cgroupsDir, buildUser->getUID()); + + if (pathExists(cgroupFile)) { + auto prevCgroup = readFile(cgroupFile); + destroyCgroup(prevCgroup); + } + + writeFile(cgroupFile, *cgroup); + } + } + + // Kill any processes left in the cgroup or build user. + DerivationBuilderImpl::prepareUser(); + } + void prepareSandbox() override { /* Create a temporary directory in which we set up the chroot @@ -747,6 +800,20 @@ struct LinuxDerivationBuilder : DerivationBuilderImpl return DerivationBuilderImpl::unprepareBuild(); } + void killSandbox(bool getStats) override + { + if (cgroup) { + auto stats = destroyCgroup(*cgroup); + if (getStats) { + buildResult.cpuUser = stats.cpuUser; + buildResult.cpuSystem = stats.cpuSystem; + } + return; + } + + DerivationBuilderImpl::killSandbox(getStats); + } + void cleanupBuild() override { DerivationBuilderImpl::cleanupBuild(); From 21fd15227917b795154cfe5f2858659da5fe9119 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Tue, 27 May 2025 15:25:51 +0200 Subject: [PATCH 726/815] Fix macOS build --- .../unix/build/darwin-derivation-builder.cc | 71 +++++++++++-------- src/libstore/unix/build/derivation-builder.cc | 20 ++++-- 2 files changed, 54 insertions(+), 37 deletions(-) diff --git a/src/libstore/unix/build/darwin-derivation-builder.cc b/src/libstore/unix/build/darwin-derivation-builder.cc index 2ba54ad97d1..5e06dbe5563 100644 --- a/src/libstore/unix/build/darwin-derivation-builder.cc +++ b/src/libstore/unix/build/darwin-derivation-builder.cc @@ -14,11 +14,20 @@ struct DarwinDerivationBuilder : DerivationBuilderImpl { PathsInChroot pathsInChroot; + /** + * Whether full sandboxing is enabled. Note that macOS builds + * always have *some* sandboxing (see sandbox-minimal.sb). + */ + bool useSandbox; + DarwinDerivationBuilder( - Store & store, std::unique_ptr miscMethods, DerivationBuilderParams params) + Store & store, + std::unique_ptr miscMethods, + DerivationBuilderParams params, + bool useSandbox) : DerivationBuilderImpl(store, std::move(miscMethods), std::move(params)) + , useSandbox(useSandbox) { - useChroot = true; } void prepareSandbox() override @@ -26,32 +35,6 @@ struct DarwinDerivationBuilder : DerivationBuilderImpl pathsInChroot = getPathsInSandbox(); } - void execBuilder(const Strings & args, const Strings & envStrs) override - { - posix_spawnattr_t attrp; - - if (posix_spawnattr_init(&attrp)) - throw SysError("failed to initialize builder"); - - if (posix_spawnattr_setflags(&attrp, POSIX_SPAWN_SETEXEC)) - throw SysError("failed to initialize builder"); - - if (drv.platform == "aarch64-darwin") { - // Unset kern.curproc_arch_affinity so we can escape Rosetta - int affinity = 0; - sysctlbyname("kern.curproc_arch_affinity", NULL, NULL, &affinity, sizeof(affinity)); - - cpu_type_t cpu = CPU_TYPE_ARM64; - posix_spawnattr_setbinpref_np(&attrp, 1, &cpu, NULL); - } else if (drv.platform == "x86_64-darwin") { - cpu_type_t cpu = CPU_TYPE_X86_64; - posix_spawnattr_setbinpref_np(&attrp, 1, &cpu, NULL); - } - - posix_spawn( - NULL, drv.builder.c_str(), NULL, &attrp, stringsToCharPtrs(args).data(), stringsToCharPtrs(envStrs).data()); - } - void setUser() override { DerivationBuilderImpl::setUser(); @@ -59,7 +42,7 @@ struct DarwinDerivationBuilder : DerivationBuilderImpl /* This has to appear before import statements. */ std::string sandboxProfile = "(version 1)\n"; - if (useChroot) { + if (useSandbox) { /* Lots and lots and lots of file functions freak out if they can't stat their full ancestry */ PathSet ancestry; @@ -101,7 +84,7 @@ struct DarwinDerivationBuilder : DerivationBuilderImpl # include "sandbox-defaults.sb" ; - if (!derivationType->isSandboxed()) + if (!derivationType.isSandboxed()) sandboxProfile += # include "sandbox-network.sb" ; @@ -193,7 +176,33 @@ struct DarwinDerivationBuilder : DerivationBuilderImpl } } } -} + + void execBuilder(const Strings & args, const Strings & envStrs) override + { + posix_spawnattr_t attrp; + + if (posix_spawnattr_init(&attrp)) + throw SysError("failed to initialize builder"); + + if (posix_spawnattr_setflags(&attrp, POSIX_SPAWN_SETEXEC)) + throw SysError("failed to initialize builder"); + + if (drv.platform == "aarch64-darwin") { + // Unset kern.curproc_arch_affinity so we can escape Rosetta + int affinity = 0; + sysctlbyname("kern.curproc_arch_affinity", NULL, NULL, &affinity, sizeof(affinity)); + + cpu_type_t cpu = CPU_TYPE_ARM64; + posix_spawnattr_setbinpref_np(&attrp, 1, &cpu, NULL); + } else if (drv.platform == "x86_64-darwin") { + cpu_type_t cpu = CPU_TYPE_X86_64; + posix_spawnattr_setbinpref_np(&attrp, 1, &cpu, NULL); + } + + posix_spawn( + NULL, drv.builder.c_str(), NULL, &attrp, stringsToCharPtrs(args).data(), stringsToCharPtrs(envStrs).data()); + } +}; } diff --git a/src/libstore/unix/build/derivation-builder.cc b/src/libstore/unix/build/derivation-builder.cc index 9c63e3cbb84..8c64d31e82b 100644 --- a/src/libstore/unix/build/derivation-builder.cc +++ b/src/libstore/unix/build/derivation-builder.cc @@ -315,8 +315,6 @@ class DerivationBuilderImpl : public DerivationBuilder, public DerivationBuilder */ void runChild(); -private: - /** * Move the current process into the chroot, if any. Called early * by runChild(). @@ -337,6 +335,8 @@ class DerivationBuilderImpl : public DerivationBuilder, public DerivationBuilder */ virtual void execBuilder(const Strings & args, const Strings & envStrs); +private: + /** * Check that the derivation outputs all exist and register them * as valid. @@ -2138,7 +2138,7 @@ std::unique_ptr makeDerivationBuilder( throw Error("derivation '%s' has '__noChroot' set, " "but that's not allowed when 'sandbox' is 'true'", store.printStorePath(params.drvPath)); #ifdef __APPLE__ - if (drvOptions.additionalSandboxProfile != "") + if (params.drvOptions.additionalSandboxProfile != "") throw Error("derivation '%s' specifies a sandbox profile, " "but this is only allowed when 'sandbox' is 'relaxed'", store.printStorePath(params.drvPath)); #endif @@ -2177,16 +2177,24 @@ std::unique_ptr makeDerivationBuilder( std::move(params)); #endif - if (useSandbox) - throw Error("sandboxing builds is not supported on this platform"); - if (params.drvOptions.useUidRange(params.drv)) throw Error("feature 'uid-range' is only supported in sandboxed builds"); + #ifdef __APPLE__ + return std::make_unique( + store, + std::move(miscMethods), + std::move(params), + useSandbox); + #else + if (useSandbox) + throw Error("sandboxing builds is not supported on this platform"); + return std::make_unique( store, std::move(miscMethods), std::move(params)); + #endif } } From d0a263711aab8fa54afc3cb166374ab0a6853448 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Tue, 27 May 2025 17:53:56 +0200 Subject: [PATCH 727/815] Remove unused variable --- src/libstore/unix/build/derivation-builder.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libstore/unix/build/derivation-builder.cc b/src/libstore/unix/build/derivation-builder.cc index 8c64d31e82b..daa19c38067 100644 --- a/src/libstore/unix/build/derivation-builder.cc +++ b/src/libstore/unix/build/derivation-builder.cc @@ -802,7 +802,7 @@ void DerivationBuilderImpl::startBuilder() printMsg(lvlVomit, "setting builder env variable '%1%'='%2%'", i.first, i.second); /* Create the log file. */ - [[maybe_unused]] Path logFile = miscMethods->openLogFile(); + miscMethods->openLogFile(); /* Create a pseudoterminal to get the output of the builder. */ builderOut = posix_openpt(O_RDWR | O_NOCTTY); From 95f87abf66f658b628e56b871f33de52798ee978 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 28 May 2025 13:04:09 +0200 Subject: [PATCH 728/815] Cleanup --- src/libstore/unix/build/linux-derivation-builder.cc | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/src/libstore/unix/build/linux-derivation-builder.cc b/src/libstore/unix/build/linux-derivation-builder.cc index 5dfd468a368..0d7d94b87b4 100644 --- a/src/libstore/unix/build/linux-derivation-builder.cc +++ b/src/libstore/unix/build/linux-derivation-builder.cc @@ -190,11 +190,7 @@ struct LinuxDerivationBuilder : DerivationBuilderImpl */ std::optional cgroup; - LinuxDerivationBuilder( - Store & store, std::unique_ptr miscMethods, DerivationBuilderParams params) - : DerivationBuilderImpl(store, std::move(miscMethods), std::move(params)) - { - } + using DerivationBuilderImpl::DerivationBuilderImpl; void deleteTmpDir(bool force) override { From 803d461e956b64187a079805352380b286a0c788 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 28 May 2025 19:02:38 +0200 Subject: [PATCH 729/815] Add external builders These are helper programs that execute derivations for specified system types (e.g. using QEMU to emulate another system type). To use, set `external-builders`: external-builders = [{"systems": ["aarch64-linux"], "program": "/path/to/external-builder.py"}] The external builder gets one command line argument, the path to a JSON file containing all necessary information about the derivation: { "args": [...], "builder": "/nix/store/kwcyvgdg98n98hqapaz8sw92pc2s78x6-bash-5.2p37/bin/bash", "env": { "HOME": "/homeless-shelter", ... }, "realStoreDir": "/tmp/nix/nix/store", "storeDir": "/nix/store", "tmpDir": "/tmp/nix-shell.dzQ2hE/nix-build-patchelf-0.14.3.drv-46/build", "tmpDirInSandbox": "/build" } --- src/libstore/globals.cc | 11 ++ src/libstore/include/nix/store/globals.hh | 17 +++ src/libstore/unix/build/derivation-builder.cc | 27 ++++- .../unix/build/external-derivation-builder.cc | 107 ++++++++++++++++++ 4 files changed, 156 insertions(+), 6 deletions(-) create mode 100644 src/libstore/unix/build/external-derivation-builder.cc diff --git a/src/libstore/globals.cc b/src/libstore/globals.cc index e4c1f881987..89f2ee7d0f6 100644 --- a/src/libstore/globals.cc +++ b/src/libstore/globals.cc @@ -309,6 +309,17 @@ unsigned int MaxBuildJobsSetting::parse(const std::string & str) const } } +NLOHMANN_DEFINE_TYPE_NON_INTRUSIVE(Settings::ExternalBuilder, systems, program); + +template<> Settings::ExternalBuilders BaseSetting::parse(const std::string & str) const +{ + return nlohmann::json::parse(str).template get(); +} + +template<> std::string BaseSetting::to_string() const +{ + return nlohmann::json(value).dump(); +} static void preloadNSS() { diff --git a/src/libstore/include/nix/store/globals.hh b/src/libstore/include/nix/store/globals.hh index 00d7dcd6b74..7f3c9f38884 100644 --- a/src/libstore/include/nix/store/globals.hh +++ b/src/libstore/include/nix/store/globals.hh @@ -1236,6 +1236,23 @@ public: Set it to 1 to warn on all paths. )" }; + + struct ExternalBuilder + { + std::vector systems; + Path program; + }; + + using ExternalBuilders = std::vector; + + Setting externalBuilders{ + this, + {}, + "external-builders", + R"( + Helper programs that execute derivations. + )" + }; }; diff --git a/src/libstore/unix/build/derivation-builder.cc b/src/libstore/unix/build/derivation-builder.cc index daa19c38067..ff06acfbb71 100644 --- a/src/libstore/unix/build/derivation-builder.cc +++ b/src/libstore/unix/build/derivation-builder.cc @@ -208,6 +208,12 @@ class DerivationBuilderImpl : public DerivationBuilder, public DerivationBuilder return acquireUserLock(1, false); } + /** + * Throw an exception if we can't do this derivation because of + * missing system features. + */ + virtual void checkSystem(); + /** * Return the paths that should be made available in the sandbox. * This includes: @@ -675,13 +681,8 @@ static void handleChildException(bool sendException) } } -void DerivationBuilderImpl::startBuilder() +void DerivationBuilderImpl::checkSystem() { - /* Make sure that no other processes are executing under the - sandbox uids. This must be done before any chownToBuilder() - calls. */ - prepareUser(); - /* Right platform? */ if (!drvOptions.canBuildLocally(store, drv)) { auto msg = fmt( @@ -701,6 +702,16 @@ void DerivationBuilderImpl::startBuilder() throw BuildError(msg); } +} + +void DerivationBuilderImpl::startBuilder() +{ + checkSystem(); + + /* Make sure that no other processes are executing under the + sandbox uids. This must be done before any chownToBuilder() + calls. */ + prepareUser(); /* Create a temporary directory where the build will take place. */ @@ -2121,6 +2132,7 @@ StorePath DerivationBuilderImpl::makeFallbackPath(const StorePath & path) // FIXME: do this properly #include "linux-derivation-builder.cc" #include "darwin-derivation-builder.cc" +#include "external-derivation-builder.cc" namespace nix { @@ -2129,6 +2141,9 @@ std::unique_ptr makeDerivationBuilder( std::unique_ptr miscMethods, DerivationBuilderParams params) { + if (auto builder = ExternalDerivationBuilder::newIfSupported(store, miscMethods, params)) + return builder; + bool useSandbox = false; /* Are we doing a sandboxed build? */ diff --git a/src/libstore/unix/build/external-derivation-builder.cc b/src/libstore/unix/build/external-derivation-builder.cc new file mode 100644 index 00000000000..0f32392a5ff --- /dev/null +++ b/src/libstore/unix/build/external-derivation-builder.cc @@ -0,0 +1,107 @@ +namespace nix { + +struct ExternalDerivationBuilder : DerivationBuilderImpl +{ + Settings::ExternalBuilder externalBuilder; + + ExternalDerivationBuilder( + Store & store, + std::unique_ptr miscMethods, + DerivationBuilderParams params, + Settings::ExternalBuilder externalBuilder) + : DerivationBuilderImpl(store, std::move(miscMethods), std::move(params)) + , externalBuilder(std::move(externalBuilder)) + { + } + + static std::unique_ptr newIfSupported( + Store & store, std::unique_ptr & miscMethods, DerivationBuilderParams & params) + { + for (auto & handler : settings.externalBuilders.get()) { + for (auto & system : handler.systems) + if (params.drv.platform == system) + return std::make_unique( + store, std::move(miscMethods), std::move(params), std::move(handler)); + } + return {}; + } + + bool prepareBuild() override + { + // External builds don't use build users, so this always + // succeeds. + return true; + } + + Path tmpDirInSandbox() override + { + /* In a sandbox, for determinism, always use the same temporary + directory. */ + return "/build"; + } + + void setBuildTmpDir() override + { + tmpDir = topTmpDir + "/build"; + createDir(tmpDir, 0700); + } + + void prepareUser() override + { + // Nothing to do here since we don't have a build user. + } + + void checkSystem() override + { + // FIXME: should check system features. + } + + void startChild() override + { + if (drvOptions.getRequiredSystemFeatures(drv).count("recursive-nix")) + throw Error("'recursive-nix' is not supported yet by external derivation builders"); + + auto json = nlohmann::json::object(); + + json.emplace("builder", drv.builder); + { + auto l = nlohmann::json::array(); + for (auto & i : drv.args) + l.push_back(rewriteStrings(i, inputRewrites)); + json.emplace("args", std::move(l)); + } + { + auto j = nlohmann::json::object(); + for (auto & [name, value] : env) + j.emplace(name, rewriteStrings(value, inputRewrites)); + json.emplace("env", std::move(j)); + } + json.emplace("topTmpDir", topTmpDir); + json.emplace("tmpDir", tmpDir); + json.emplace("tmpDirInSandbox", tmpDirInSandbox()); + json.emplace("storeDir", store.storeDir); + json.emplace("realStoreDir", getLocalStore(store).config->realStoreDir.get()); + json.emplace("system", drv.platform); + + auto jsonFile = topTmpDir + "/build.json"; + writeFile(jsonFile, json.dump()); + + pid = startProcess([&]() { + openSlave(); + try { + commonChildInit(); + + Strings args = {externalBuilder.program, jsonFile}; + + execv(externalBuilder.program.c_str(), stringsToCharPtrs(args).data()); + + throw SysError("executing '%s'", externalBuilder.program); + } catch (...) { + handleChildException(true); + _exit(1); + } + }); + } +}; + +} From a0fb93f09bac64ea21888034a0ef619b1fabcb86 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 30 May 2025 20:56:51 +0200 Subject: [PATCH 730/815] Make sandbox error messages more readable --- src/libstore/unix/build/derivation-builder.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libstore/unix/build/derivation-builder.cc b/src/libstore/unix/build/derivation-builder.cc index ff06acfbb71..6baf6112516 100644 --- a/src/libstore/unix/build/derivation-builder.cc +++ b/src/libstore/unix/build/derivation-builder.cc @@ -1016,7 +1016,7 @@ void DerivationBuilderImpl::processSandboxSetupMessages() e.addTrace({}, "while waiting for the build environment for '%s' to initialize (%s, previous messages: %s)", store.printStorePath(drvPath), statusToString(status), - concatStringsSep("|", msgs)); + concatStringsSep("\n", msgs)); throw; } }(); From 5842d54ceea46542763a1466e018360e3a71545b Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 11 Jun 2025 10:17:58 +0200 Subject: [PATCH 731/815] Drop bad std::move Co-authored-by: Cole Helbling --- src/libstore/unix/build/external-derivation-builder.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libstore/unix/build/external-derivation-builder.cc b/src/libstore/unix/build/external-derivation-builder.cc index 0f32392a5ff..8efdf8ff950 100644 --- a/src/libstore/unix/build/external-derivation-builder.cc +++ b/src/libstore/unix/build/external-derivation-builder.cc @@ -21,7 +21,7 @@ struct ExternalDerivationBuilder : DerivationBuilderImpl for (auto & system : handler.systems) if (params.drv.platform == system) return std::make_unique( - store, std::move(miscMethods), std::move(params), std::move(handler)); + store, std::move(miscMethods), std::move(params), handler); } return {}; } From 1eab4236d482a9bfaf0042377928a300d8ac3f69 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Tue, 17 Jun 2025 22:15:52 +0000 Subject: [PATCH 732/815] Prepare release v3.6.6 From 97af07180c1a2841de37c0bda9c33b37be9dad3a Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Tue, 17 Jun 2025 22:15:55 +0000 Subject: [PATCH 733/815] Set .version-determinate to 3.6.6 --- .version-determinate | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.version-determinate b/.version-determinate index d15b8b06fa3..4f2c1d15f6d 100644 --- a/.version-determinate +++ b/.version-determinate @@ -1 +1 @@ -3.6.5 +3.6.6 From f9b88e3229ee36e6f07e6277d4859e6d09f2693c Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Tue, 17 Jun 2025 22:16:00 +0000 Subject: [PATCH 734/815] Generate release notes for 3.6.6 --- doc/manual/source/SUMMARY.md.in | 1 + .../release-notes-determinate/changes.md | 22 ++++++++++++++++++- .../release-notes-determinate/rl-3.6.6.md | 17 ++++++++++++++ 3 files changed, 39 insertions(+), 1 deletion(-) create mode 100644 doc/manual/source/release-notes-determinate/rl-3.6.6.md diff --git a/doc/manual/source/SUMMARY.md.in b/doc/manual/source/SUMMARY.md.in index 374aacb594e..dd3218d2f12 100644 --- a/doc/manual/source/SUMMARY.md.in +++ b/doc/manual/source/SUMMARY.md.in @@ -129,6 +129,7 @@ - [Contributing](development/contributing.md) - [Determinate Nix Release Notes](release-notes-determinate/index.md) - [Changes between Nix and Determinate Nix](release-notes-determinate/changes.md) + - [Release 3.6.6 (2025-06-17)](release-notes-determinate/rl-3.6.6.md) - [Release 3.6.5 (2025-06-16)](release-notes-determinate/rl-3.6.5.md) - [Release 3.6.2 (2025-06-02)](release-notes-determinate/rl-3.6.2.md) - [Release 3.6.1 (2025-05-24)](release-notes-determinate/rl-3.6.1.md) diff --git a/doc/manual/source/release-notes-determinate/changes.md b/doc/manual/source/release-notes-determinate/changes.md index 30a68f6e91d..a86b16a7008 100644 --- a/doc/manual/source/release-notes-determinate/changes.md +++ b/doc/manual/source/release-notes-determinate/changes.md @@ -1,6 +1,6 @@ # Changes between Nix and Determinate Nix -This section lists the differences between upstream Nix 2.29 and Determinate Nix 3.6.5. +This section lists the differences between upstream Nix 2.29 and Determinate Nix 3.6.6. * In Determinate Nix, flakes are stable. You no longer need to enable the `flakes` experimental feature. @@ -72,3 +72,23 @@ This section lists the differences between upstream Nix 2.29 and Determinate Nix * Improve error messages that use the hypothetical future tense of "will" by @lucperkins in [DeterminateSystems/nix-src#92](https://github.com/DeterminateSystems/nix-src/pull/92) * Improve caching of inputs in dry-run mode by @edolstra in [DeterminateSystems/nix-src#98](https://github.com/DeterminateSystems/nix-src/pull/98) + + + +* Release v3.6.4 by @github-actions in [DeterminateSystems/nix-src#109](https://github.com/DeterminateSystems/nix-src/pull/109) + +* Fixup the complainy docs line by @grahamc in [DeterminateSystems/nix-src#111](https://github.com/DeterminateSystems/nix-src/pull/111) + +* Move the actual vm tests / flake regressions into the generic build phase by @grahamc in [DeterminateSystems/nix-src#112](https://github.com/DeterminateSystems/nix-src/pull/112) + +* Fix broken fetchToStore() caching by @edolstra in [DeterminateSystems/nix-src#110](https://github.com/DeterminateSystems/nix-src/pull/110) + +* Parallelize the flake regression suite by @grahamc in [DeterminateSystems/nix-src#114](https://github.com/DeterminateSystems/nix-src/pull/114) + +* Don't build fallback-paths if we didn't build aarch64-linux and x86 d… …arwin by @grahamc in [DeterminateSystems/nix-src#116](https://github.com/DeterminateSystems/nix-src/pull/116) + +* Use GHA runners for VMs since they have KVM by @grahamc in [DeterminateSystems/nix-src#118](https://github.com/DeterminateSystems/nix-src/pull/118) + +* fetchToStore() cache: Use content hashes instead of store paths by @edolstra in [DeterminateSystems/nix-src#115](https://github.com/DeterminateSystems/nix-src/pull/115) + +* Release v3.6.5 by @github-actions in [DeterminateSystems/nix-src#119](https://github.com/DeterminateSystems/nix-src/pull/119) diff --git a/doc/manual/source/release-notes-determinate/rl-3.6.6.md b/doc/manual/source/release-notes-determinate/rl-3.6.6.md new file mode 100644 index 00000000000..55e903d7c9e --- /dev/null +++ b/doc/manual/source/release-notes-determinate/rl-3.6.6.md @@ -0,0 +1,17 @@ +# Release 3.6.6 (2025-06-17) + +* Based on [upstream Nix 2.29.0](../release-notes/rl-2.29.md). + +## What's Changed +* Release v3.6.4 by @github-actions in [DeterminateSystems/nix-src#109](https://github.com/DeterminateSystems/nix-src/pull/109) +* Fixup the complainy docs line by @grahamc in [DeterminateSystems/nix-src#111](https://github.com/DeterminateSystems/nix-src/pull/111) +* Move the actual vm tests / flake regressions into the generic build phase by @grahamc in [DeterminateSystems/nix-src#112](https://github.com/DeterminateSystems/nix-src/pull/112) +* Fix broken fetchToStore() caching by @edolstra in [DeterminateSystems/nix-src#110](https://github.com/DeterminateSystems/nix-src/pull/110) +* Parallelize the flake regression suite by @grahamc in [DeterminateSystems/nix-src#114](https://github.com/DeterminateSystems/nix-src/pull/114) +* Don't build fallback-paths if we didn't build aarch64-linux and x86 d… …arwin by @grahamc in [DeterminateSystems/nix-src#116](https://github.com/DeterminateSystems/nix-src/pull/116) +* Use GHA runners for VMs since they have KVM by @grahamc in [DeterminateSystems/nix-src#118](https://github.com/DeterminateSystems/nix-src/pull/118) +* fetchToStore() cache: Use content hashes instead of store paths by @edolstra in [DeterminateSystems/nix-src#115](https://github.com/DeterminateSystems/nix-src/pull/115) +* Release v3.6.5 by @github-actions in [DeterminateSystems/nix-src#119](https://github.com/DeterminateSystems/nix-src/pull/119) + + +**Full Changelog**: [v3.6.3...v3.6.6](https://github.com/DeterminateSystems/nix-src/compare/v3.6.3...v3.6.6) From cd0128796a9462beb3c9db13db6409c9aa491fd4 Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Tue, 17 Jun 2025 18:21:01 -0400 Subject: [PATCH 735/815] Apply suggestions from code review --- .../release-notes-determinate/changes.md | 18 ------------------ .../release-notes-determinate/rl-3.6.6.md | 12 +----------- 2 files changed, 1 insertion(+), 29 deletions(-) diff --git a/doc/manual/source/release-notes-determinate/changes.md b/doc/manual/source/release-notes-determinate/changes.md index a86b16a7008..6f27f7f6b6f 100644 --- a/doc/manual/source/release-notes-determinate/changes.md +++ b/doc/manual/source/release-notes-determinate/changes.md @@ -74,21 +74,3 @@ This section lists the differences between upstream Nix 2.29 and Determinate Nix * Improve caching of inputs in dry-run mode by @edolstra in [DeterminateSystems/nix-src#98](https://github.com/DeterminateSystems/nix-src/pull/98) - -* Release v3.6.4 by @github-actions in [DeterminateSystems/nix-src#109](https://github.com/DeterminateSystems/nix-src/pull/109) - -* Fixup the complainy docs line by @grahamc in [DeterminateSystems/nix-src#111](https://github.com/DeterminateSystems/nix-src/pull/111) - -* Move the actual vm tests / flake regressions into the generic build phase by @grahamc in [DeterminateSystems/nix-src#112](https://github.com/DeterminateSystems/nix-src/pull/112) - -* Fix broken fetchToStore() caching by @edolstra in [DeterminateSystems/nix-src#110](https://github.com/DeterminateSystems/nix-src/pull/110) - -* Parallelize the flake regression suite by @grahamc in [DeterminateSystems/nix-src#114](https://github.com/DeterminateSystems/nix-src/pull/114) - -* Don't build fallback-paths if we didn't build aarch64-linux and x86 d… …arwin by @grahamc in [DeterminateSystems/nix-src#116](https://github.com/DeterminateSystems/nix-src/pull/116) - -* Use GHA runners for VMs since they have KVM by @grahamc in [DeterminateSystems/nix-src#118](https://github.com/DeterminateSystems/nix-src/pull/118) - -* fetchToStore() cache: Use content hashes instead of store paths by @edolstra in [DeterminateSystems/nix-src#115](https://github.com/DeterminateSystems/nix-src/pull/115) - -* Release v3.6.5 by @github-actions in [DeterminateSystems/nix-src#119](https://github.com/DeterminateSystems/nix-src/pull/119) diff --git a/doc/manual/source/release-notes-determinate/rl-3.6.6.md b/doc/manual/source/release-notes-determinate/rl-3.6.6.md index 55e903d7c9e..bf4e3690afa 100644 --- a/doc/manual/source/release-notes-determinate/rl-3.6.6.md +++ b/doc/manual/source/release-notes-determinate/rl-3.6.6.md @@ -3,15 +3,5 @@ * Based on [upstream Nix 2.29.0](../release-notes/rl-2.29.md). ## What's Changed -* Release v3.6.4 by @github-actions in [DeterminateSystems/nix-src#109](https://github.com/DeterminateSystems/nix-src/pull/109) -* Fixup the complainy docs line by @grahamc in [DeterminateSystems/nix-src#111](https://github.com/DeterminateSystems/nix-src/pull/111) -* Move the actual vm tests / flake regressions into the generic build phase by @grahamc in [DeterminateSystems/nix-src#112](https://github.com/DeterminateSystems/nix-src/pull/112) -* Fix broken fetchToStore() caching by @edolstra in [DeterminateSystems/nix-src#110](https://github.com/DeterminateSystems/nix-src/pull/110) -* Parallelize the flake regression suite by @grahamc in [DeterminateSystems/nix-src#114](https://github.com/DeterminateSystems/nix-src/pull/114) -* Don't build fallback-paths if we didn't build aarch64-linux and x86 d… …arwin by @grahamc in [DeterminateSystems/nix-src#116](https://github.com/DeterminateSystems/nix-src/pull/116) -* Use GHA runners for VMs since they have KVM by @grahamc in [DeterminateSystems/nix-src#118](https://github.com/DeterminateSystems/nix-src/pull/118) -* fetchToStore() cache: Use content hashes instead of store paths by @edolstra in [DeterminateSystems/nix-src#115](https://github.com/DeterminateSystems/nix-src/pull/115) -* Release v3.6.5 by @github-actions in [DeterminateSystems/nix-src#119](https://github.com/DeterminateSystems/nix-src/pull/119) - -**Full Changelog**: [v3.6.3...v3.6.6](https://github.com/DeterminateSystems/nix-src/compare/v3.6.3...v3.6.6) +* No-op release on the nix-src side, due to a regression on nix-darwin in determinate-nixd. From 86fbaf3b14f5c18fa35a015d958149c06575a0c7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Vladim=C3=ADr=20=C4=8Cun=C3=A1t?= Date: Wed, 18 Jun 2025 10:05:02 +0200 Subject: [PATCH 736/815] tests: fixup with jq-1.8.0 (cherry picked from commit 77f6b6532f582a9db2bd6317f4fd272c32a05c7d) --- tests/functional/flakes/flakes.sh | 2 +- tests/functional/flakes/relative-paths.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/functional/flakes/flakes.sh b/tests/functional/flakes/flakes.sh index e8b051198fd..ce695a6cbcd 100755 --- a/tests/functional/flakes/flakes.sh +++ b/tests/functional/flakes/flakes.sh @@ -160,7 +160,7 @@ expect 1 nix build -o "$TEST_ROOT/result" "$flake2Dir#bar" --no-update-lock-file nix build -o "$TEST_ROOT/result" "$flake2Dir#bar" --commit-lock-file [[ -e "$flake2Dir/flake.lock" ]] [[ -z $(git -C "$flake2Dir" diff main || echo failed) ]] -[[ $(jq --indent 0 . < "$flake2Dir/flake.lock") =~ ^'{"nodes":{"flake1":{"locked":{"lastModified":'.*',"narHash":"sha256-'.*'","ref":"refs/heads/master","rev":"'.*'","revCount":2,"type":"git","url":"file:///'.*'"},"original":{"id":"flake1","type":"indirect"}},"root":{"inputs":{"flake1":"flake1"}}},"root":"root","version":7}'$ ]] +[[ $(jq --indent 0 --compact-output . < "$flake2Dir/flake.lock") =~ ^'{"nodes":{"flake1":{"locked":{"lastModified":'.*',"narHash":"sha256-'.*'","ref":"refs/heads/master","rev":"'.*'","revCount":2,"type":"git","url":"file:///'.*'"},"original":{"id":"flake1","type":"indirect"}},"root":{"inputs":{"flake1":"flake1"}}},"root":"root","version":7}'$ ]] # Rerunning the build should not change the lockfile. nix build -o "$TEST_ROOT/result" "$flake2Dir#bar" diff --git a/tests/functional/flakes/relative-paths.sh b/tests/functional/flakes/relative-paths.sh index 9d31da0ad01..7a76bee1b47 100644 --- a/tests/functional/flakes/relative-paths.sh +++ b/tests/functional/flakes/relative-paths.sh @@ -69,7 +69,7 @@ git -C "$rootFlake" add flake.nix sub2/flake.nix git -C "$rootFlake" add sub2/flake.lock [[ $(nix eval "$subflake2#y") = 15 ]] -[[ $(jq --indent 0 . < "$subflake2/flake.lock") =~ ^'{"nodes":{"root":{"inputs":{"root":"root_2","sub1":"sub1"}},"root_2":{"inputs":{"sub0":"sub0"},"locked":{"path":"..","type":"path"},"original":{"path":"..","type":"path"},"parent":[]},"root_3":{"inputs":{"sub0":"sub0_2"},"locked":{"path":"../","type":"path"},"original":{"path":"../","type":"path"},"parent":["sub1"]},"sub0":{"locked":{"path":"sub0","type":"path"},"original":{"path":"sub0","type":"path"},"parent":["root"]},"sub0_2":{"locked":{"path":"sub0","type":"path"},"original":{"path":"sub0","type":"path"},"parent":["sub1","root"]},"sub1":{"inputs":{"root":"root_3"},"locked":{"path":"../sub1","type":"path"},"original":{"path":"../sub1","type":"path"},"parent":[]}},"root":"root","version":7}'$ ]] +[[ $(jq --indent 0 --compact-output . < "$subflake2/flake.lock") =~ ^'{"nodes":{"root":{"inputs":{"root":"root_2","sub1":"sub1"}},"root_2":{"inputs":{"sub0":"sub0"},"locked":{"path":"..","type":"path"},"original":{"path":"..","type":"path"},"parent":[]},"root_3":{"inputs":{"sub0":"sub0_2"},"locked":{"path":"../","type":"path"},"original":{"path":"../","type":"path"},"parent":["sub1"]},"sub0":{"locked":{"path":"sub0","type":"path"},"original":{"path":"sub0","type":"path"},"parent":["root"]},"sub0_2":{"locked":{"path":"sub0","type":"path"},"original":{"path":"sub0","type":"path"},"parent":["sub1","root"]},"sub1":{"inputs":{"root":"root_3"},"locked":{"path":"../sub1","type":"path"},"original":{"path":"../sub1","type":"path"},"parent":[]}},"root":"root","version":7}'$ ]] # Make sure there are no content locks for relative path flakes. (! grep "$TEST_ROOT" "$subflake2/flake.lock") From 2f6c758d3d9452271948740b1ca2a4cdab9643c6 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 18 Jun 2025 18:06:24 +0200 Subject: [PATCH 737/815] Revert "Drop magic-nix-cache" This reverts commit 9cc8be26747a0206613421a1ba1c3b1f54212e8b since magic-nix-cache works again (thanks @jchv). (cherry picked from commit 9b57573baea5abd242c5f62f537c7582c0097c3b) --- .github/workflows/ci.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index fb70fae871e..29cb33f56af 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -40,6 +40,7 @@ jobs: extra_nix_config: | sandbox = true max-jobs = 1 + - uses: DeterminateSystems/magic-nix-cache-action@main # Since ubuntu 22.30, unprivileged usernamespaces are no longer allowed to map to the root user: # https://ubuntu.com/blog/ubuntu-23-10-restricted-unprivileged-user-namespaces - run: sudo sysctl -w kernel.apparmor_restrict_unprivileged_userns=0 @@ -133,6 +134,7 @@ jobs: - uses: cachix/install-nix-action@v31 with: install_url: https://releases.nixos.org/nix/nix-2.20.3/install + - uses: DeterminateSystems/magic-nix-cache-action@main - run: echo NIX_VERSION="$(nix --experimental-features 'nix-command flakes' eval .\#nix.version | tr -d \")" >> $GITHUB_ENV - run: nix --experimental-features 'nix-command flakes' build .#dockerImage -L - run: docker load -i ./result/image.tar.gz @@ -174,6 +176,7 @@ jobs: steps: - uses: actions/checkout@v4 - uses: DeterminateSystems/nix-installer-action@main + - uses: DeterminateSystems/magic-nix-cache-action@main - run: | nix build -L \ .#hydraJobs.tests.functional_user \ @@ -199,4 +202,5 @@ jobs: repository: NixOS/flake-regressions-data path: flake-regressions/tests - uses: DeterminateSystems/nix-installer-action@main + - uses: DeterminateSystems/magic-nix-cache-action@main - run: nix build -L --out-link ./new-nix && PATH=$(pwd)/new-nix/bin:$PATH MAX_FLAKES=25 flake-regressions/eval-all.sh From 5d2986d3c52b49ea82f9e2ea4d9a86929b55121a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Vladim=C3=ADr=20=C4=8Cun=C3=A1t?= Date: Wed, 18 Jun 2025 10:05:02 +0200 Subject: [PATCH 738/815] tests: fixup with jq-1.8.0 --- tests/functional/flakes/flakes.sh | 4 ++-- tests/functional/flakes/relative-paths.sh | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/functional/flakes/flakes.sh b/tests/functional/flakes/flakes.sh index 261d65d6917..a433cf71fab 100755 --- a/tests/functional/flakes/flakes.sh +++ b/tests/functional/flakes/flakes.sh @@ -163,11 +163,11 @@ expect 1 nix build -o "$TEST_ROOT/result" "$flake2Dir#bar" --no-update-lock-file nix build -o "$TEST_ROOT/result" "$flake2Dir#bar" --commit-lock-file [[ -e "$flake2Dir/flake.lock" ]] [[ -z $(git -C "$flake2Dir" diff main || echo failed) ]] -[[ $(jq --indent 0 . < "$flake2Dir/flake.lock") =~ ^'{"nodes":{"flake1":{"locked":{"lastModified":'[0-9]*',"narHash":"sha256-'.*'","ref":"refs/heads/master","rev":"'.*'","revCount":2,"type":"git","url":"file:///'.*'"},"original":{"id":"flake1","type":"indirect"}},"root":{"inputs":{"flake1":"flake1"}}},"root":"root","version":7}'$ ]] +[[ $(jq --indent 0 --compact-output . < "$flake2Dir/flake.lock") =~ ^'{"nodes":{"flake1":{"locked":{"lastModified":'[0-9]*',"narHash":"sha256-'.*'","ref":"refs/heads/master","rev":"'.*'","revCount":2,"type":"git","url":"file:///'.*'"},"original":{"id":"flake1","type":"indirect"}},"root":{"inputs":{"flake1":"flake1"}}},"root":"root","version":7}'$ ]] if [[ $(nix config show lazy-trees) = true ]]; then # Test that `lazy-locks` causes NAR hashes to be omitted from the lock file. nix flake update --flake "$flake2Dir" --commit-lock-file --lazy-locks - [[ $(jq --indent 0 . < "$flake2Dir/flake.lock") =~ ^'{"nodes":{"flake1":{"locked":{"lastModified":'[0-9]*',"ref":"refs/heads/master","rev":"'.*'","revCount":2,"type":"git","url":"file:///'.*'"},"original":{"id":"flake1","type":"indirect"}},"root":{"inputs":{"flake1":"flake1"}}},"root":"root","version":7}'$ ]] + [[ $(jq --indent 0 --compact-output . < "$flake2Dir/flake.lock") =~ ^'{"nodes":{"flake1":{"locked":{"lastModified":'[0-9]*',"ref":"refs/heads/master","rev":"'.*'","revCount":2,"type":"git","url":"file:///'.*'"},"original":{"id":"flake1","type":"indirect"}},"root":{"inputs":{"flake1":"flake1"}}},"root":"root","version":7}'$ ]] fi # Rerunning the build should not change the lockfile. diff --git a/tests/functional/flakes/relative-paths.sh b/tests/functional/flakes/relative-paths.sh index 9d31da0ad01..7a76bee1b47 100644 --- a/tests/functional/flakes/relative-paths.sh +++ b/tests/functional/flakes/relative-paths.sh @@ -69,7 +69,7 @@ git -C "$rootFlake" add flake.nix sub2/flake.nix git -C "$rootFlake" add sub2/flake.lock [[ $(nix eval "$subflake2#y") = 15 ]] -[[ $(jq --indent 0 . < "$subflake2/flake.lock") =~ ^'{"nodes":{"root":{"inputs":{"root":"root_2","sub1":"sub1"}},"root_2":{"inputs":{"sub0":"sub0"},"locked":{"path":"..","type":"path"},"original":{"path":"..","type":"path"},"parent":[]},"root_3":{"inputs":{"sub0":"sub0_2"},"locked":{"path":"../","type":"path"},"original":{"path":"../","type":"path"},"parent":["sub1"]},"sub0":{"locked":{"path":"sub0","type":"path"},"original":{"path":"sub0","type":"path"},"parent":["root"]},"sub0_2":{"locked":{"path":"sub0","type":"path"},"original":{"path":"sub0","type":"path"},"parent":["sub1","root"]},"sub1":{"inputs":{"root":"root_3"},"locked":{"path":"../sub1","type":"path"},"original":{"path":"../sub1","type":"path"},"parent":[]}},"root":"root","version":7}'$ ]] +[[ $(jq --indent 0 --compact-output . < "$subflake2/flake.lock") =~ ^'{"nodes":{"root":{"inputs":{"root":"root_2","sub1":"sub1"}},"root_2":{"inputs":{"sub0":"sub0"},"locked":{"path":"..","type":"path"},"original":{"path":"..","type":"path"},"parent":[]},"root_3":{"inputs":{"sub0":"sub0_2"},"locked":{"path":"../","type":"path"},"original":{"path":"../","type":"path"},"parent":["sub1"]},"sub0":{"locked":{"path":"sub0","type":"path"},"original":{"path":"sub0","type":"path"},"parent":["root"]},"sub0_2":{"locked":{"path":"sub0","type":"path"},"original":{"path":"sub0","type":"path"},"parent":["sub1","root"]},"sub1":{"inputs":{"root":"root_3"},"locked":{"path":"../sub1","type":"path"},"original":{"path":"../sub1","type":"path"},"parent":[]}},"root":"root","version":7}'$ ]] # Make sure there are no content locks for relative path flakes. (! grep "$TEST_ROOT" "$subflake2/flake.lock") From 833406121cb65c42de8e0c4fad62be140b1b7978 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 11 Jun 2025 19:14:31 +0200 Subject: [PATCH 739/815] Make the repl test more robust Seen in https://github.com/DeterminateSystems/nix-src/actions/runs/15590867877/job/43909540271: nix-functional-tests> grep: repl_output: No such file or directory nix-functional-tests> +(repl.sh:174) cat repl_output This is because there is a small possibility that the `nix repl` child process hasn't created `repl_output` yet. So make sure it exists. (cherry picked from commit 9eb46e9cc030016b1f4a073474a836bac1de3615) --- tests/functional/repl.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tests/functional/repl.sh b/tests/functional/repl.sh index 762636e446e..82a932e2b1e 100755 --- a/tests/functional/repl.sh +++ b/tests/functional/repl.sh @@ -163,7 +163,8 @@ foo + baz # - Re-eval it # - Check that the result has changed mkfifo repl_fifo -nix repl ./flake --experimental-features 'flakes' < repl_fifo > repl_output 2>&1 & +touch repl_output +nix repl ./flake --experimental-features 'flakes' < repl_fifo >> repl_output 2>&1 & repl_pid=$! exec 3>repl_fifo # Open fifo for writing echo "changingThing" >&3 From 58a878d846ffadd016595e9ed9d07fceac2199a1 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Tue, 24 Jun 2025 13:18:05 +0000 Subject: [PATCH 740/815] Prepare release v3.6.7 From ff05659f8bc5c84568e0ead4dbee1a8eb9705ee2 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Tue, 24 Jun 2025 13:18:08 +0000 Subject: [PATCH 741/815] Set .version-determinate to 3.6.7 --- .version-determinate | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.version-determinate b/.version-determinate index 4f2c1d15f6d..5b3413147c9 100644 --- a/.version-determinate +++ b/.version-determinate @@ -1 +1 @@ -3.6.6 +3.6.7 From 098be10e285b05e6b04d3d7feb14270a9daefba1 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Tue, 24 Jun 2025 13:18:13 +0000 Subject: [PATCH 742/815] Generate release notes for 3.6.7 --- doc/manual/source/SUMMARY.md.in | 1 + .../source/release-notes-determinate/changes.md | 10 +++++++++- .../source/release-notes-determinate/rl-3.6.7.md | 11 +++++++++++ 3 files changed, 21 insertions(+), 1 deletion(-) create mode 100644 doc/manual/source/release-notes-determinate/rl-3.6.7.md diff --git a/doc/manual/source/SUMMARY.md.in b/doc/manual/source/SUMMARY.md.in index dd3218d2f12..b4458fc8c7e 100644 --- a/doc/manual/source/SUMMARY.md.in +++ b/doc/manual/source/SUMMARY.md.in @@ -129,6 +129,7 @@ - [Contributing](development/contributing.md) - [Determinate Nix Release Notes](release-notes-determinate/index.md) - [Changes between Nix and Determinate Nix](release-notes-determinate/changes.md) + - [Release 3.6.7 (2025-06-24)](release-notes-determinate/rl-3.6.7.md) - [Release 3.6.6 (2025-06-17)](release-notes-determinate/rl-3.6.6.md) - [Release 3.6.5 (2025-06-16)](release-notes-determinate/rl-3.6.5.md) - [Release 3.6.2 (2025-06-02)](release-notes-determinate/rl-3.6.2.md) diff --git a/doc/manual/source/release-notes-determinate/changes.md b/doc/manual/source/release-notes-determinate/changes.md index 6f27f7f6b6f..f3183883c6b 100644 --- a/doc/manual/source/release-notes-determinate/changes.md +++ b/doc/manual/source/release-notes-determinate/changes.md @@ -1,6 +1,6 @@ # Changes between Nix and Determinate Nix -This section lists the differences between upstream Nix 2.29 and Determinate Nix 3.6.6. +This section lists the differences between upstream Nix 2.29 and Determinate Nix 3.6.7. * In Determinate Nix, flakes are stable. You no longer need to enable the `flakes` experimental feature. @@ -74,3 +74,11 @@ This section lists the differences between upstream Nix 2.29 and Determinate Nix * Improve caching of inputs in dry-run mode by @edolstra in [DeterminateSystems/nix-src#98](https://github.com/DeterminateSystems/nix-src/pull/98) + + + +* Fix fetchToStore() caching with --impure, improve testing by @edolstra in [DeterminateSystems/nix-src#117](https://github.com/DeterminateSystems/nix-src/pull/117) + +* Add lazy-locks setting by @edolstra in [DeterminateSystems/nix-src#113](https://github.com/DeterminateSystems/nix-src/pull/113) + +* Sync 2.29.1 by @edolstra in [DeterminateSystems/nix-src#124](https://github.com/DeterminateSystems/nix-src/pull/124) diff --git a/doc/manual/source/release-notes-determinate/rl-3.6.7.md b/doc/manual/source/release-notes-determinate/rl-3.6.7.md new file mode 100644 index 00000000000..6ce42521703 --- /dev/null +++ b/doc/manual/source/release-notes-determinate/rl-3.6.7.md @@ -0,0 +1,11 @@ +# Release 3.6.7 (2025-06-24) + +* Based on [upstream Nix 2.29.1](../release-notes/rl-2.29.md). + +## What's Changed +* Fix fetchToStore() caching with --impure, improve testing by @edolstra in [DeterminateSystems/nix-src#117](https://github.com/DeterminateSystems/nix-src/pull/117) +* Add lazy-locks setting by @edolstra in [DeterminateSystems/nix-src#113](https://github.com/DeterminateSystems/nix-src/pull/113) +* Sync 2.29.1 by @edolstra in [DeterminateSystems/nix-src#124](https://github.com/DeterminateSystems/nix-src/pull/124) + + +**Full Changelog**: [v3.6.6...v3.6.7](https://github.com/DeterminateSystems/nix-src/compare/v3.6.6...v3.6.7) From 731b63032161d3712ae26825230048dc5875eef4 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 19 Jun 2025 16:20:34 +0200 Subject: [PATCH 743/815] Fixes for GHSA-g948-229j-48j3 Squashed commit of the following: commit 04fff3a637d455cbb1d75937a235950e43008db9 Author: Eelco Dolstra Date: Thu Jun 12 12:30:32 2025 +0200 Chown structured attr files safely commit 5417ad445e414c649d0cfc71a05661c7bf8f3ef5 Author: Eelco Dolstra Date: Thu Jun 12 12:14:04 2025 +0200 Replace 'bool sync' with an enum for clarity And drop writeFileAndSync(). commit 7ae0141f328d8e8e1094be24665789c05f974ba6 Author: Eelco Dolstra Date: Thu Jun 12 11:35:28 2025 +0200 Drop guessOrInventPathFromFD() No need to do hacky stuff like that when we already know the original path. commit 45b05098bd019da7c57cd4227a89bfd0fa65bb08 Author: Eelco Dolstra Date: Thu Jun 12 11:15:58 2025 +0200 Tweak comment commit 0af15b31209d1b7ec8addfae9a1a6b60d8f35848 Author: Raito Bezarius Date: Thu Mar 27 12:22:26 2025 +0100 libstore: ensure that temporary directory is always 0o000 before deletion In the case the deletion fails, we should ensure that the temporary directory cannot be used for nefarious purposes. Change-Id: I498a2dd0999a74195d13642f44a5de1e69d46120 Signed-off-by: Raito Bezarius commit 2c20fa37b15cfa03ac6a1a6a47cdb2ed66c0827e Author: Raito Bezarius Date: Wed Mar 26 12:42:55 2025 +0100 libutil: ensure that `_deletePath` does NOT use absolute paths with dirfds When calling `_deletePath` with a parent file descriptor, `openat` is made effective by using relative paths to the directory file descriptor. To avoid the problem, the signature is changed to resist misuse with an assert in the prologue of the function. Change-Id: I6b3fc766bad2afe54dc27d47d1df3873e188de96 Signed-off-by: Raito Bezarius commit d3c370bbcae48bb825ce19fd0f73bb4eefd2c9ea Author: Raito Bezarius Date: Wed Mar 26 01:07:47 2025 +0100 libstore: ensure that `passAsFile` is created in the original temp dir This ensures that `passAsFile` data is created inside the expected temporary build directory by `openat()` from the parent directory file descriptor. This avoids a TOCTOU which is part of the attack chain of CVE-????. Change-Id: Ie5273446c4a19403088d0389ae8e3f473af8879a Signed-off-by: Raito Bezarius commit 45d3598724f932d024ef6bc2ffb00c1bb90e6018 Author: Raito Bezarius Date: Wed Mar 26 01:06:03 2025 +0100 libutil: writeFile variant for file descriptors `writeFile` lose its `sync` boolean flag to make things simpler. A new `writeFileAndSync` function is created and all call sites are converted to it. Change-Id: Ib871a5283a9c047db1e4fe48a241506e4aab9192 Signed-off-by: Raito Bezarius commit 732bd9b98cabf4aaf95a01fd318923de303f9996 Author: Raito Bezarius Date: Wed Mar 26 01:05:34 2025 +0100 libstore: chown to builder variant for file descriptors We use it immediately for the build temporary directory. Change-Id: I180193c63a2b98721f5fb8e542c4e39c099bb947 Signed-off-by: Raito Bezarius commit 962c65f8dcd5570dd92c72370a862c7b38942e0d Author: Raito Bezarius Date: Wed Mar 26 01:04:59 2025 +0100 libstore: open build directory as a dirfd as well We now keep around a proper AutoCloseFD around the temporary directory which we plan to use for openat operations and avoiding the build directory being swapped out while we are doing something else. Change-Id: I18d387b0f123ebf2d20c6405cd47ebadc5505f2a Signed-off-by: Raito Bezarius commit c9b42462b75b5a37ee6564c2b53cff186c8323da Author: Raito Bezarius Date: Wed Mar 26 01:04:12 2025 +0100 libutil: guess or invent a path from file descriptors This is useful for certain error recovery paths (no pun intended) that does not thread through the original path name. Change-Id: I2d800740cb4f9912e64c923120d3f977c58ccb7e Signed-off-by: Raito Bezarius --- src/libstore/local-store.cc | 4 +- src/libstore/unix/build/derivation-builder.cc | 66 ++++++++++++++++--- src/libutil/file-content-address.cc | 2 +- src/libutil/file-system.cc | 47 +++++++------ src/libutil/include/nix/util/file-system.hh | 14 ++-- 5 files changed, 98 insertions(+), 35 deletions(-) diff --git a/src/libstore/local-store.cc b/src/libstore/local-store.cc index 76fadba8649..1ab3ed13aea 100644 --- a/src/libstore/local-store.cc +++ b/src/libstore/local-store.cc @@ -247,7 +247,7 @@ LocalStore::LocalStore(ref config) else if (curSchema == 0) { /* new store */ curSchema = nixSchemaVersion; openDB(*state, true); - writeFile(schemaPath, fmt("%1%", curSchema), 0666, true); + writeFile(schemaPath, fmt("%1%", curSchema), 0666, FsSync::Yes); } else if (curSchema < nixSchemaVersion) { @@ -298,7 +298,7 @@ LocalStore::LocalStore(ref config) txn.commit(); } - writeFile(schemaPath, fmt("%1%", nixSchemaVersion), 0666, true); + writeFile(schemaPath, fmt("%1%", nixSchemaVersion), 0666, FsSync::Yes); lockFile(globalLock.get(), ltRead, true); } diff --git a/src/libstore/unix/build/derivation-builder.cc b/src/libstore/unix/build/derivation-builder.cc index e84e2db6edc..43dfe1832f4 100644 --- a/src/libstore/unix/build/derivation-builder.cc +++ b/src/libstore/unix/build/derivation-builder.cc @@ -129,6 +129,11 @@ class DerivationBuilderImpl : public DerivationBuilder, DerivationBuilderParams */ Path topTmpDir; + /** + * The file descriptor of the temporary directory. + */ + AutoCloseFD tmpDirFd; + /** * The path of the temporary directory in the sandbox. */ @@ -325,9 +330,24 @@ class DerivationBuilderImpl : public DerivationBuilder, DerivationBuilderParams /** * Make a file owned by the builder. + * + * SAFETY: this function is prone to TOCTOU as it receives a path and not a descriptor. + * It's only safe to call in a child of a directory only visible to the owner. */ void chownToBuilder(const Path & path); + /** + * Make a file owned by the builder addressed by its file descriptor. + */ + void chownToBuilder(int fd, const Path & path); + + /** + * Create a file in `tmpDir` owned by the builder. + */ + void writeBuilderFile( + const std::string & name, + std::string_view contents); + /** * Run the builder's process. */ @@ -900,7 +920,14 @@ void DerivationBuilderImpl::startBuilder() } else { tmpDir = topTmpDir; } - chownToBuilder(tmpDir); + + /* The TOCTOU between the previous mkdir call and this open call is unavoidable due to + POSIX semantics.*/ + tmpDirFd = AutoCloseFD{open(tmpDir.c_str(), O_RDONLY | O_NOFOLLOW | O_DIRECTORY)}; + if (!tmpDirFd) + throw SysError("failed to open the build temporary directory descriptor '%1%'", tmpDir); + + chownToBuilder(tmpDirFd.get(), tmpDir); for (auto & [outputName, status] : initialOutputs) { /* Set scratch path we'll actually use during the build. @@ -1485,9 +1512,7 @@ void DerivationBuilderImpl::initTmpDir() } else { auto hash = hashString(HashAlgorithm::SHA256, i.first); std::string fn = ".attr-" + hash.to_string(HashFormat::Nix32, false); - Path p = tmpDir + "/" + fn; - writeFile(p, rewriteStrings(i.second, inputRewrites)); - chownToBuilder(p); + writeBuilderFile(fn, rewriteStrings(i.second, inputRewrites)); env[i.first + "Path"] = tmpDirInSandbox + "/" + fn; } } @@ -1596,11 +1621,9 @@ void DerivationBuilderImpl::writeStructuredAttrs() auto jsonSh = StructuredAttrs::writeShell(json); - writeFile(tmpDir + "/.attrs.sh", rewriteStrings(jsonSh, inputRewrites)); - chownToBuilder(tmpDir + "/.attrs.sh"); + writeBuilderFile(".attrs.sh", rewriteStrings(jsonSh, inputRewrites)); env["NIX_ATTRS_SH_FILE"] = tmpDirInSandbox + "/.attrs.sh"; - writeFile(tmpDir + "/.attrs.json", rewriteStrings(json.dump(), inputRewrites)); - chownToBuilder(tmpDir + "/.attrs.json"); + writeBuilderFile(".attrs.json", rewriteStrings(json.dump(), inputRewrites)); env["NIX_ATTRS_JSON_FILE"] = tmpDirInSandbox + "/.attrs.json"; } } @@ -1854,6 +1877,24 @@ void setupSeccomp() #endif } +void DerivationBuilderImpl::chownToBuilder(int fd, const Path & path) +{ + if (!buildUser) return; + if (fchown(fd, buildUser->getUID(), buildUser->getGID()) == -1) + throw SysError("cannot change ownership of file '%1%'", path); +} + +void DerivationBuilderImpl::writeBuilderFile( + const std::string & name, + std::string_view contents) +{ + auto path = std::filesystem::path(tmpDir) / name; + AutoCloseFD fd{openat(tmpDirFd.get(), name.c_str(), O_WRONLY | O_TRUNC | O_CREAT | O_CLOEXEC | O_EXCL | O_NOFOLLOW, 0666)}; + if (!fd) + throw SysError("creating file %s", path); + writeFile(fd, path, contents); + chownToBuilder(fd.get(), path); +} void DerivationBuilderImpl::runChild() { @@ -3065,6 +3106,15 @@ void DerivationBuilderImpl::checkOutputs(const std::mapd_name; if (childName == "." || childName == "..") continue; - _deletePath(dirfd(dir.get()), path + "/" + childName, bytesFreed, ex); + _deletePath(dirfd(dir.get()), path / childName, bytesFreed, ex); } if (errno) throw SysError("reading directory %1%", path); } @@ -497,14 +505,13 @@ static void _deletePath(Descriptor parentfd, const std::filesystem::path & path, static void _deletePath(const std::filesystem::path & path, uint64_t & bytesFreed) { - Path dir = dirOf(path.string()); - if (dir == "") - dir = "/"; + assert(path.is_absolute()); + assert(path.parent_path() != path); - AutoCloseFD dirfd = toDescriptor(open(dir.c_str(), O_RDONLY)); + AutoCloseFD dirfd = toDescriptor(open(path.parent_path().string().c_str(), O_RDONLY)); if (!dirfd) { if (errno == ENOENT) return; - throw SysError("opening directory '%1%'", path); + throw SysError("opening directory %s", path.parent_path()); } std::exception_ptr ex; diff --git a/src/libutil/include/nix/util/file-system.hh b/src/libutil/include/nix/util/file-system.hh index b8fa4cfa0a7..a9a6e43bfd9 100644 --- a/src/libutil/include/nix/util/file-system.hh +++ b/src/libutil/include/nix/util/file-system.hh @@ -175,21 +175,27 @@ std::string readFile(const Path & path); std::string readFile(const std::filesystem::path & path); void readFile(const Path & path, Sink & sink, bool memory_map = true); +enum struct FsSync { Yes, No }; + /** * Write a string to a file. */ -void writeFile(const Path & path, std::string_view s, mode_t mode = 0666, bool sync = false); -static inline void writeFile(const std::filesystem::path & path, std::string_view s, mode_t mode = 0666, bool sync = false) +void writeFile(const Path & path, std::string_view s, mode_t mode = 0666, FsSync sync = FsSync::No); + +static inline void writeFile(const std::filesystem::path & path, std::string_view s, mode_t mode = 0666, FsSync sync = FsSync::No) { return writeFile(path.string(), s, mode, sync); } -void writeFile(const Path & path, Source & source, mode_t mode = 0666, bool sync = false); -static inline void writeFile(const std::filesystem::path & path, Source & source, mode_t mode = 0666, bool sync = false) +void writeFile(const Path & path, Source & source, mode_t mode = 0666, FsSync sync = FsSync::No); + +static inline void writeFile(const std::filesystem::path & path, Source & source, mode_t mode = 0666, FsSync sync = FsSync::No) { return writeFile(path.string(), source, mode, sync); } +void writeFile(AutoCloseFD & fd, const Path & origPath, std::string_view s, mode_t mode = 0666, FsSync sync = FsSync::No); + /** * Flush a path's parent directory to disk. */ From e8f145ae691802498d30fbf7c4bcbaaefbe6946a Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Tue, 24 Jun 2025 15:14:40 +0200 Subject: [PATCH 744/815] nix flake prefetch-inputs: Add This command fetches all inputs of a flake in parallel. Example runtime for $ chmod -R u+w /tmp/nix2; rm -rf /tmp/nix2; rm ~/.cache/nix/fetcher-cache-v3.sqlite*; rm -rf ~/.cache/nix/tarball-cache/ ~/.cache/nix/gitv3/; time nix flake prefetch-inputs --store /tmp/nix2 https://api.flakehub.com/f/pinned/informalsystems/cosmos.nix/0.3.0/018ce9ed-d0be-7ce5-81b6-a3c6e3ae1187/source.tar.gz with http-connections = 1: real 4m11.859s user 2m6.931s sys 0m25.619s and http-connections = 25 (the default): real 0m57.146s user 2m49.506s sys 0m36.008s --- src/nix/flake-prefetch-inputs.md | 17 ++++++++++ src/nix/flake.cc | 56 ++++++++++++++++++++++++++++++++ 2 files changed, 73 insertions(+) create mode 100644 src/nix/flake-prefetch-inputs.md diff --git a/src/nix/flake-prefetch-inputs.md b/src/nix/flake-prefetch-inputs.md new file mode 100644 index 00000000000..a69f7d36791 --- /dev/null +++ b/src/nix/flake-prefetch-inputs.md @@ -0,0 +1,17 @@ +R""( + +# Examples + +* Fetch the inputs of the `hydra` flake: + + ```console + # nix flake prefetch-inputs github:NixOS/hydra + ``` + +# Description + +Fetch the inputs of a flake. This ensures that they are already available for any subsequent evaluation of the flake. + +This operation is recursive: it will fetch not just the direct inputs of the top-level flake, but also transitive inputs. + +)"" diff --git a/src/nix/flake.cc b/src/nix/flake.cc index 48e2ae392d2..c2aa442bc15 100644 --- a/src/nix/flake.cc +++ b/src/nix/flake.cc @@ -19,6 +19,8 @@ #include "nix/util/users.hh" #include "nix/fetchers/fetch-to-store.hh" #include "nix/store/local-fs-store.hh" +#include "nix/util/thread-pool.hh" +#include "nix/store/filetransfer.hh" #include #include @@ -1140,6 +1142,59 @@ struct CmdFlakeArchive : FlakeCommand, MixJSON, MixDryRun } }; +struct CmdFlakePrefetchInputs : FlakeCommand +{ + std::string description() override + { + return "fetch the inputs of a flake"; + } + + std::string doc() override + { + return + #include "flake-prefetch-inputs.md" + ; + } + + void run(nix::ref store) override + { + auto flake = lockFlake(); + + ThreadPool pool{fileTransferSettings.httpConnections}; + + struct State + { + std::set done; + }; + + Sync state_; + + std::function visit; + visit = [&](const Node & node) + { + if (!state_.lock()->done.insert(&node).second) + return; + + if (auto lockedNode = dynamic_cast(&node)) { + Activity act(*logger, lvlInfo, actUnknown, + fmt("fetching '%s'", lockedNode->lockedRef)); + auto accessor = lockedNode->lockedRef.input.getAccessor(store).first; + if (!evalSettings.lazyTrees) + fetchToStore(*store, accessor, FetchMode::Copy, lockedNode->lockedRef.input.getName()); + } + + for (auto & [inputName, input] : node.inputs) { + if (auto inputNode = std::get_if<0>(&input)) + pool.enqueue(std::bind(visit, **inputNode)); + } + }; + + pool.enqueue(std::bind(visit, *flake.lockFile.root)); + + pool.process(); + } +}; + struct CmdFlakeShow : FlakeCommand, MixJSON { bool showLegacy = false; @@ -1543,6 +1598,7 @@ struct CmdFlake : NixMultiCommand {"new", []() { return make_ref(); }}, {"clone", []() { return make_ref(); }}, {"archive", []() { return make_ref(); }}, + {"prefetch-inputs", []() { return make_ref(); }}, {"show", []() { return make_ref(); }}, {"prefetch", []() { return make_ref(); }}, }) From 404d82419405c31dd27a2fb27b387f0497fb26c4 Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Tue, 24 Jun 2025 09:29:07 -0400 Subject: [PATCH 745/815] Update changelogs --- .../source/release-notes-determinate/changes.md | 6 ------ .../source/release-notes-determinate/rl-3.6.7.md | 12 +++++++++--- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/doc/manual/source/release-notes-determinate/changes.md b/doc/manual/source/release-notes-determinate/changes.md index f3183883c6b..95374dcb649 100644 --- a/doc/manual/source/release-notes-determinate/changes.md +++ b/doc/manual/source/release-notes-determinate/changes.md @@ -76,9 +76,3 @@ This section lists the differences between upstream Nix 2.29 and Determinate Nix - -* Fix fetchToStore() caching with --impure, improve testing by @edolstra in [DeterminateSystems/nix-src#117](https://github.com/DeterminateSystems/nix-src/pull/117) - -* Add lazy-locks setting by @edolstra in [DeterminateSystems/nix-src#113](https://github.com/DeterminateSystems/nix-src/pull/113) - -* Sync 2.29.1 by @edolstra in [DeterminateSystems/nix-src#124](https://github.com/DeterminateSystems/nix-src/pull/124) diff --git a/doc/manual/source/release-notes-determinate/rl-3.6.7.md b/doc/manual/source/release-notes-determinate/rl-3.6.7.md index 6ce42521703..197587f1b3a 100644 --- a/doc/manual/source/release-notes-determinate/rl-3.6.7.md +++ b/doc/manual/source/release-notes-determinate/rl-3.6.7.md @@ -3,9 +3,15 @@ * Based on [upstream Nix 2.29.1](../release-notes/rl-2.29.md). ## What's Changed -* Fix fetchToStore() caching with --impure, improve testing by @edolstra in [DeterminateSystems/nix-src#117](https://github.com/DeterminateSystems/nix-src/pull/117) -* Add lazy-locks setting by @edolstra in [DeterminateSystems/nix-src#113](https://github.com/DeterminateSystems/nix-src/pull/113) -* Sync 2.29.1 by @edolstra in [DeterminateSystems/nix-src#124](https://github.com/DeterminateSystems/nix-src/pull/124) + +### Security contents + +* Patched against GHSA-g948-229j-48j3 + +### Lazy trees: + +* Lazy trees now produces `flake.lock` files with NAR hashes unless `lazy-locks` is set to `true` by @edolstra in [DeterminateSystems/nix-src#113](https://github.com/DeterminateSystems/nix-src/pull/113) +* Improved caching with lazy-trees when using --impure, with enhanced testing by @edolstra in [DeterminateSystems/nix-src#117](https://github.com/DeterminateSystems/nix-src/pull/117) **Full Changelog**: [v3.6.6...v3.6.7](https://github.com/DeterminateSystems/nix-src/compare/v3.6.6...v3.6.7) From a20a7fa1eae3d65cbf3e1fca866028bedf6e17e0 Mon Sep 17 00:00:00 2001 From: Cole Helbling Date: Tue, 17 Jun 2025 12:59:48 -0700 Subject: [PATCH 746/815] Allow specifying args to external builder program --- src/libstore/globals.cc | 2 +- src/libstore/include/nix/store/globals.hh | 63 +++++++++++++++++++ .../unix/build/external-derivation-builder.cc | 10 ++- 3 files changed, 73 insertions(+), 2 deletions(-) diff --git a/src/libstore/globals.cc b/src/libstore/globals.cc index 89f2ee7d0f6..997d72b99b8 100644 --- a/src/libstore/globals.cc +++ b/src/libstore/globals.cc @@ -309,7 +309,7 @@ unsigned int MaxBuildJobsSetting::parse(const std::string & str) const } } -NLOHMANN_DEFINE_TYPE_NON_INTRUSIVE(Settings::ExternalBuilder, systems, program); +NLOHMANN_DEFINE_TYPE_NON_INTRUSIVE(Settings::ExternalBuilder, systems, program, args); template<> Settings::ExternalBuilders BaseSetting::parse(const std::string & str) const { diff --git a/src/libstore/include/nix/store/globals.hh b/src/libstore/include/nix/store/globals.hh index 7f3c9f38884..2976ee57ae3 100644 --- a/src/libstore/include/nix/store/globals.hh +++ b/src/libstore/include/nix/store/globals.hh @@ -1241,6 +1241,7 @@ public: { std::vector systems; Path program; + std::optional> args; }; using ExternalBuilders = std::vector; @@ -1251,6 +1252,68 @@ public: "external-builders", R"( Helper programs that execute derivations. + + The program is passed a JSON document that describes the build environment as the final argument. + The JSON document looks like this: + + { + "args": [ + "-e", + "/nix/store/vj1c3wf9c11a0qs6p3ymfvrnsdgsdcbq-source-stdenv.sh", + "/nix/store/shkw4qm9qcw5sc5n1k5jznc83ny02r39-default-builder.sh" + ], + "builder": "/nix/store/s1qkj0ph0ma64a6743mvkwnabrbw1hsc-bash-5.2p37/bin/bash", + "env": { + "HOME": "/homeless-shelter", + "NIX_BUILD_CORES": "14", + "NIX_BUILD_TOP": "/build", + "NIX_LOG_FD": "2", + "NIX_STORE": "/nix/store", + "PATH": "/path-not-set", + "PWD": "/build", + "TEMP": "/build", + "TEMPDIR": "/build", + "TERM": "xterm-256color", + "TMP": "/build", + "TMPDIR": "/build", + "__structuredAttrs": "", + "buildInputs": "", + "builder": "/nix/store/s1qkj0ph0ma64a6743mvkwnabrbw1hsc-bash-5.2p37/bin/bash", + "cmakeFlags": "", + "configureFlags": "", + "depsBuildBuild": "", + "depsBuildBuildPropagated": "", + "depsBuildTarget": "", + "depsBuildTargetPropagated": "", + "depsHostHost": "", + "depsHostHostPropagated": "", + "depsTargetTarget": "", + "depsTargetTargetPropagated": "", + "doCheck": "1", + "doInstallCheck": "1", + "mesonFlags": "", + "name": "hello-2.12.2", + "nativeBuildInputs": "/nix/store/l31j72f1h33hsa4nq4iyhsmsqjyndq9f-version-check-hook", + "out": "/nix/store/2yx2prgxmzbkrnbb4liy6n4zkzb1cqai-hello-2.12.2", + "outputs": "out", + "patches": "", + "pname": "hello", + "postInstallCheck": "stat \"${!outputBin}/bin/hello\"\n", + "propagatedBuildInputs": "", + "propagatedNativeBuildInputs": "", + "src": "/nix/store/dw402azxjrgrzrk6j0p66wkqrab5mwgw-hello-2.12.2.tar.gz", + "stdenv": "/nix/store/i8bw5nqg1225m281zr6lgsz42bw04z7g-stdenv-linux", + "strictDeps": "", + "system": "aarch64-linux", + "version": "2.12.2" + }, + "realStoreDir": "/nix/store", + "storeDir": "/nix/store", + "system": "aarch64-linux", + "tmpDir": "/private/tmp/nix-build-hello-2.12.2.drv-0/build", + "tmpDirInSandbox": "/build", + "topTmpDir": "/private/tmp/nix-build-hello-2.12.2.drv-0" + } )" }; }; diff --git a/src/libstore/unix/build/external-derivation-builder.cc b/src/libstore/unix/build/external-derivation-builder.cc index 8efdf8ff950..0757ed51f9f 100644 --- a/src/libstore/unix/build/external-derivation-builder.cc +++ b/src/libstore/unix/build/external-derivation-builder.cc @@ -83,6 +83,7 @@ struct ExternalDerivationBuilder : DerivationBuilderImpl json.emplace("realStoreDir", getLocalStore(store).config->realStoreDir.get()); json.emplace("system", drv.platform); + // FIXME: maybe write this JSON into the builder's stdin instead....? auto jsonFile = topTmpDir + "/build.json"; writeFile(jsonFile, json.dump()); @@ -91,8 +92,15 @@ struct ExternalDerivationBuilder : DerivationBuilderImpl try { commonChildInit(); - Strings args = {externalBuilder.program, jsonFile}; + Strings args = {externalBuilder.program}; + if (externalBuilder.args) { + args.insert(args.end(), externalBuilder.args->begin(), externalBuilder.args->end()); + } + + args.insert(args.end(), jsonFile); + + debug("executing external builder: %s", concatStringsSep(" ", args)); execv(externalBuilder.program.c_str(), stringsToCharPtrs(args).data()); throw SysError("executing '%s'", externalBuilder.program); From c2baff64f7f9d0c6a5135acfdca483c9c9f41712 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Wed, 25 Jun 2025 03:32:32 +0000 Subject: [PATCH 747/815] Prepare release v3.6.8 From fd8b3270602406aa492af4d32ee47ccc3a9d6f03 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Wed, 25 Jun 2025 03:32:35 +0000 Subject: [PATCH 748/815] Set .version-determinate to 3.6.8 --- .version-determinate | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.version-determinate b/.version-determinate index 5b3413147c9..424e1794de6 100644 --- a/.version-determinate +++ b/.version-determinate @@ -1 +1 @@ -3.6.7 +3.6.8 From 4ba66db9f66297412be45385d6ed1654fda0408f Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Wed, 25 Jun 2025 03:32:40 +0000 Subject: [PATCH 749/815] Generate release notes for 3.6.8 --- doc/manual/source/SUMMARY.md.in | 1 + .../source/release-notes-determinate/changes.md | 12 +++++++++++- .../source/release-notes-determinate/rl-3.6.8.md | 12 ++++++++++++ 3 files changed, 24 insertions(+), 1 deletion(-) create mode 100644 doc/manual/source/release-notes-determinate/rl-3.6.8.md diff --git a/doc/manual/source/SUMMARY.md.in b/doc/manual/source/SUMMARY.md.in index b4458fc8c7e..ebcb7b95605 100644 --- a/doc/manual/source/SUMMARY.md.in +++ b/doc/manual/source/SUMMARY.md.in @@ -129,6 +129,7 @@ - [Contributing](development/contributing.md) - [Determinate Nix Release Notes](release-notes-determinate/index.md) - [Changes between Nix and Determinate Nix](release-notes-determinate/changes.md) + - [Release 3.6.8 (2025-06-25)](release-notes-determinate/rl-3.6.8.md) - [Release 3.6.7 (2025-06-24)](release-notes-determinate/rl-3.6.7.md) - [Release 3.6.6 (2025-06-17)](release-notes-determinate/rl-3.6.6.md) - [Release 3.6.5 (2025-06-16)](release-notes-determinate/rl-3.6.5.md) diff --git a/doc/manual/source/release-notes-determinate/changes.md b/doc/manual/source/release-notes-determinate/changes.md index 95374dcb649..3a38378e01e 100644 --- a/doc/manual/source/release-notes-determinate/changes.md +++ b/doc/manual/source/release-notes-determinate/changes.md @@ -1,6 +1,6 @@ # Changes between Nix and Determinate Nix -This section lists the differences between upstream Nix 2.29 and Determinate Nix 3.6.7. +This section lists the differences between upstream Nix 2.29 and Determinate Nix 3.6.8. * In Determinate Nix, flakes are stable. You no longer need to enable the `flakes` experimental feature. @@ -76,3 +76,13 @@ This section lists the differences between upstream Nix 2.29 and Determinate Nix + + + +* Fix fetchToStore() caching with --impure, improve testing by @edolstra in [DeterminateSystems/nix-src#117](https://github.com/DeterminateSystems/nix-src/pull/117) + +* Add lazy-locks setting by @edolstra in [DeterminateSystems/nix-src#113](https://github.com/DeterminateSystems/nix-src/pull/113) + +* Sync 2.29.1 by @edolstra in [DeterminateSystems/nix-src#124](https://github.com/DeterminateSystems/nix-src/pull/124) + +* Release v3.6.7 by @github-actions in [DeterminateSystems/nix-src#126](https://github.com/DeterminateSystems/nix-src/pull/126) diff --git a/doc/manual/source/release-notes-determinate/rl-3.6.8.md b/doc/manual/source/release-notes-determinate/rl-3.6.8.md new file mode 100644 index 00000000000..c4b4b96c9e7 --- /dev/null +++ b/doc/manual/source/release-notes-determinate/rl-3.6.8.md @@ -0,0 +1,12 @@ +# Release 3.6.8 (2025-06-25) + +* Based on [upstream Nix 2.29.1](../release-notes/rl-2.29.md). + +## What's Changed +* Fix fetchToStore() caching with --impure, improve testing by @edolstra in [DeterminateSystems/nix-src#117](https://github.com/DeterminateSystems/nix-src/pull/117) +* Add lazy-locks setting by @edolstra in [DeterminateSystems/nix-src#113](https://github.com/DeterminateSystems/nix-src/pull/113) +* Sync 2.29.1 by @edolstra in [DeterminateSystems/nix-src#124](https://github.com/DeterminateSystems/nix-src/pull/124) +* Release v3.6.7 by @github-actions in [DeterminateSystems/nix-src#126](https://github.com/DeterminateSystems/nix-src/pull/126) + + +**Full Changelog**: [v3.6.6...v3.6.8](https://github.com/DeterminateSystems/nix-src/compare/v3.6.6...v3.6.8) From e04aa2b13b48418f443b74984f3d32df0ffabe05 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 26 Jun 2025 17:04:34 +0200 Subject: [PATCH 750/815] Move FlakeCommand into a header, allow separate registration of subcommands This allows us to start splitting up src/nix/flake.cc. --- .../include/nix/cmd/common-eval-args.hh | 3 +- src/nix/flake-command.hh | 27 ++++ src/nix/flake-prefetch-inputs.cc | 62 ++++++++ src/nix/flake.cc | 146 +++++------------- src/nix/meson.build | 1 + 5 files changed, 130 insertions(+), 109 deletions(-) create mode 100644 src/nix/flake-command.hh create mode 100644 src/nix/flake-prefetch-inputs.cc diff --git a/src/libcmd/include/nix/cmd/common-eval-args.hh b/src/libcmd/include/nix/cmd/common-eval-args.hh index 6f3367e58e9..62af64230ff 100644 --- a/src/libcmd/include/nix/cmd/common-eval-args.hh +++ b/src/libcmd/include/nix/cmd/common-eval-args.hh @@ -5,6 +5,7 @@ #include "nix/util/canon-path.hh" #include "nix/main/common-args.hh" #include "nix/expr/search-path.hh" +#include "nix/expr/eval-settings.hh" #include @@ -15,10 +16,8 @@ class Store; namespace fetchers { struct Settings; } class EvalState; -struct EvalSettings; struct CompatibilitySettings; class Bindings; -struct SourcePath; namespace flake { struct Settings; } diff --git a/src/nix/flake-command.hh b/src/nix/flake-command.hh new file mode 100644 index 00000000000..36dfe44c632 --- /dev/null +++ b/src/nix/flake-command.hh @@ -0,0 +1,27 @@ +#pragma once + +#include "nix/cmd/command.hh" +#include "nix/cmd/installable-flake.hh" +#include "nix/flake/flake.hh" + +namespace nix { + +using namespace nix::flake; + +class FlakeCommand : virtual Args, public MixFlakeOptions +{ +protected: + std::string flakeUrl = "."; + +public: + + FlakeCommand(); + + FlakeRef getFlakeRef(); + + LockedFlake lockFlake(); + + std::vector getFlakeRefsForCompletion() override; +}; + +} diff --git a/src/nix/flake-prefetch-inputs.cc b/src/nix/flake-prefetch-inputs.cc new file mode 100644 index 00000000000..fe676726c72 --- /dev/null +++ b/src/nix/flake-prefetch-inputs.cc @@ -0,0 +1,62 @@ +#include "flake-command.hh" +#include "nix/fetchers/fetch-to-store.hh" +#include "nix/util/thread-pool.hh" +#include "nix/store/filetransfer.hh" + +#include + +using namespace nix; +using namespace nix::flake; + +struct CmdFlakePrefetchInputs : FlakeCommand +{ + std::string description() override + { + return "fetch the inputs of a flake"; + } + + std::string doc() override + { + return +#include "flake-prefetch-inputs.md" + ; + } + + void run(nix::ref store) override + { + auto flake = lockFlake(); + + ThreadPool pool{fileTransferSettings.httpConnections}; + + struct State + { + std::set done; + }; + + Sync state_; + + std::function visit; + visit = [&](const Node & node) { + if (!state_.lock()->done.insert(&node).second) + return; + + if (auto lockedNode = dynamic_cast(&node)) { + Activity act(*logger, lvlInfo, actUnknown, fmt("fetching '%s'", lockedNode->lockedRef)); + auto accessor = lockedNode->lockedRef.input.getAccessor(store).first; + if (!evalSettings.lazyTrees) + fetchToStore(*store, accessor, FetchMode::Copy, lockedNode->lockedRef.input.getName()); + } + + for (auto & [inputName, input] : node.inputs) { + if (auto inputNode = std::get_if<0>(&input)) + pool.enqueue(std::bind(visit, **inputNode)); + } + }; + + pool.enqueue(std::bind(visit, *flake.lockFile.root)); + + pool.process(); + } +}; + +static auto rCmdFlakePrefetchInputs = registerCommand2({"flake", "prefetch-inputs"}); diff --git a/src/nix/flake.cc b/src/nix/flake.cc index c2aa442bc15..35e96e493fd 100644 --- a/src/nix/flake.cc +++ b/src/nix/flake.cc @@ -1,11 +1,9 @@ -#include "nix/cmd/command.hh" -#include "nix/cmd/installable-flake.hh" +#include "flake-command.hh" #include "nix/main/common-args.hh" #include "nix/main/shared.hh" #include "nix/expr/eval.hh" #include "nix/expr/eval-inline.hh" #include "nix/expr/eval-settings.hh" -#include "nix/flake/flake.hh" #include "nix/expr/get-drvs.hh" #include "nix/util/signals.hh" #include "nix/store/store-open.hh" @@ -19,8 +17,6 @@ #include "nix/util/users.hh" #include "nix/fetchers/fetch-to-store.hh" #include "nix/store/local-fs-store.hh" -#include "nix/util/thread-pool.hh" -#include "nix/store/filetransfer.hh" #include #include @@ -35,43 +31,36 @@ using namespace nix::flake; using json = nlohmann::json; struct CmdFlakeUpdate; -class FlakeCommand : virtual Args, public MixFlakeOptions -{ -protected: - std::string flakeUrl = "."; - -public: - FlakeCommand() - { - expectArgs({ - .label = "flake-url", - .optional = true, - .handler = {&flakeUrl}, - .completer = {[&](AddCompletions & completions, size_t, std::string_view prefix) { - completeFlakeRef(completions, getStore(), prefix); - }} - }); - } +FlakeCommand::FlakeCommand() +{ + expectArgs({ + .label = "flake-url", + .optional = true, + .handler = {&flakeUrl}, + .completer = {[&](AddCompletions & completions, size_t, std::string_view prefix) { + completeFlakeRef(completions, getStore(), prefix); + }} + }); +} - FlakeRef getFlakeRef() - { - return parseFlakeRef(fetchSettings, flakeUrl, std::filesystem::current_path().string()); //FIXME - } +FlakeRef FlakeCommand::getFlakeRef() +{ + return parseFlakeRef(fetchSettings, flakeUrl, std::filesystem::current_path().string()); //FIXME +} - LockedFlake lockFlake() - { - return flake::lockFlake(flakeSettings, *getEvalState(), getFlakeRef(), lockFlags); - } +LockedFlake FlakeCommand::lockFlake() +{ + return flake::lockFlake(flakeSettings, *getEvalState(), getFlakeRef(), lockFlags); +} - std::vector getFlakeRefsForCompletion() override - { - return { - // Like getFlakeRef but with expandTilde calld first - parseFlakeRef(fetchSettings, expandTilde(flakeUrl), std::filesystem::current_path().string()) - }; - } -}; +std::vector FlakeCommand::getFlakeRefsForCompletion() +{ + return { + // Like getFlakeRef but with expandTilde calld first + parseFlakeRef(fetchSettings, expandTilde(flakeUrl), std::filesystem::current_path().string()) + }; +} struct CmdFlakeUpdate : FlakeCommand { @@ -1142,59 +1131,6 @@ struct CmdFlakeArchive : FlakeCommand, MixJSON, MixDryRun } }; -struct CmdFlakePrefetchInputs : FlakeCommand -{ - std::string description() override - { - return "fetch the inputs of a flake"; - } - - std::string doc() override - { - return - #include "flake-prefetch-inputs.md" - ; - } - - void run(nix::ref store) override - { - auto flake = lockFlake(); - - ThreadPool pool{fileTransferSettings.httpConnections}; - - struct State - { - std::set done; - }; - - Sync state_; - - std::function visit; - visit = [&](const Node & node) - { - if (!state_.lock()->done.insert(&node).second) - return; - - if (auto lockedNode = dynamic_cast(&node)) { - Activity act(*logger, lvlInfo, actUnknown, - fmt("fetching '%s'", lockedNode->lockedRef)); - auto accessor = lockedNode->lockedRef.input.getAccessor(store).first; - if (!evalSettings.lazyTrees) - fetchToStore(*store, accessor, FetchMode::Copy, lockedNode->lockedRef.input.getName()); - } - - for (auto & [inputName, input] : node.inputs) { - if (auto inputNode = std::get_if<0>(&input)) - pool.enqueue(std::bind(visit, **inputNode)); - } - }; - - pool.enqueue(std::bind(visit, *flake.lockFile.root)); - - pool.process(); - } -}; - struct CmdFlakeShow : FlakeCommand, MixJSON { bool showLegacy = false; @@ -1586,22 +1522,7 @@ struct CmdFlakePrefetch : FlakeCommand, MixJSON struct CmdFlake : NixMultiCommand { CmdFlake() - : NixMultiCommand( - "flake", - { - {"update", []() { return make_ref(); }}, - {"lock", []() { return make_ref(); }}, - {"metadata", []() { return make_ref(); }}, - {"info", []() { return make_ref(); }}, - {"check", []() { return make_ref(); }}, - {"init", []() { return make_ref(); }}, - {"new", []() { return make_ref(); }}, - {"clone", []() { return make_ref(); }}, - {"archive", []() { return make_ref(); }}, - {"prefetch-inputs", []() { return make_ref(); }}, - {"show", []() { return make_ref(); }}, - {"prefetch", []() { return make_ref(); }}, - }) + : NixMultiCommand("flake", RegisterCommand::getCommandsFor({"flake"})) { } @@ -1619,3 +1540,14 @@ struct CmdFlake : NixMultiCommand }; static auto rCmdFlake = registerCommand("flake"); +static auto rCmdFlakeArchive = registerCommand2({"flake", "archive"}); +static auto rCmdFlakeCheck = registerCommand2({"flake", "check"}); +static auto rCmdFlakeClone = registerCommand2({"flake", "clone"}); +static auto rCmdFlakeInfo = registerCommand2({"flake", "info"}); +static auto rCmdFlakeInit = registerCommand2({"flake", "init"}); +static auto rCmdFlakeLock = registerCommand2({"flake", "lock"}); +static auto rCmdFlakeMetadata = registerCommand2({"flake", "metadata"}); +static auto rCmdFlakeNew = registerCommand2({"flake", "new"}); +static auto rCmdFlakePrefetch = registerCommand2({"flake", "prefetch"}); +static auto rCmdFlakeShow = registerCommand2({"flake", "show"}); +static auto rCmdFlakeUpdate = registerCommand2({"flake", "update"}); diff --git a/src/nix/meson.build b/src/nix/meson.build index 11c30914ba1..0273b6f51cb 100644 --- a/src/nix/meson.build +++ b/src/nix/meson.build @@ -78,6 +78,7 @@ nix_sources = [config_priv_h] + files( 'env.cc', 'eval.cc', 'flake.cc', + 'flake-prefetch-inputs.cc', 'formatter.cc', 'hash.cc', 'log.cc', From 9f4d80519f22e54f685c6bf46f2aad1977056323 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 27 Jun 2025 14:33:18 +0200 Subject: [PATCH 751/815] nix store delete: Give a more specific error message --- src/libstore/gc.cc | 27 ++++++++++++++++----------- 1 file changed, 16 insertions(+), 11 deletions(-) diff --git a/src/libstore/gc.cc b/src/libstore/gc.cc index 1469db3eca4..f05269fef98 100644 --- a/src/libstore/gc.cc +++ b/src/libstore/gc.cc @@ -622,10 +622,8 @@ void LocalStore::collectGarbage(const GCOptions & options, GCResults & results) GC root. Any new roots will be sent to our socket. */ Roots tempRoots; findTempRoots(tempRoots, true); - for (auto & root : tempRoots) { + for (auto & root : tempRoots) _shared.lock()->tempRoots.insert(std::string(root.first.hashPart())); - roots.insert(root.first); - } /* Synchronisation point for testing, see tests/functional/gc-non-blocking.sh. */ if (auto p = getEnv("_NIX_TEST_GC_SYNC_2")) @@ -718,19 +716,31 @@ void LocalStore::collectGarbage(const GCOptions & options, GCResults & results) /* If this is a root, bail out. */ if (roots.count(*path)) { + if (options.action == GCOptions::gcDeleteSpecific) + throw Error( + "Cannot delete path '%s' because it's a GC root.", + printStorePath(start)); debug("cannot delete '%s' because it's a root", printStorePath(*path)); return markAlive(); } if (options.action == GCOptions::gcDeleteSpecific && !options.pathsToDelete.count(*path)) - return; + { + throw Error( + "Cannot delete path '%s' because it's referenced by path '%s'.", + printStorePath(start), + printStorePath(*path)); + } { auto hashPart = std::string(path->hashPart()); auto shared(_shared.lock()); if (shared->tempRoots.count(hashPart)) { - debug("cannot delete '%s' because it's a temporary root", printStorePath(*path)); + if (options.action == GCOptions::gcDeleteSpecific) + throw Error( + "Cannot delete path '%s' because it's in use by a Nix process.", + printStorePath(start)); return markAlive(); } shared->pending = hashPart; @@ -789,12 +799,7 @@ void LocalStore::collectGarbage(const GCOptions & options, GCResults & results) for (auto & i : options.pathsToDelete) { deleteReferrersClosure(i); - if (!dead.count(i)) - throw Error( - "Cannot delete path '%1%' since it is still alive. " - "To find out why, use: " - "nix-store --query --roots and nix-store --query --referrers", - printStorePath(i)); + assert(dead.count(i)); } } else if (options.maxFreed > 0) { From 83a9b9287d2611c73fd171415cc8ed5bcb270f54 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 27 Jun 2025 15:08:17 +0200 Subject: [PATCH 752/815] nix store delete: Show the first root that prevents deletion Examples: error: Cannot delete path '/nix/store/6fcrjgfjip2ww3sx51rrmmghfsf60jvi-patchelf-0.14.3' because it's referenced by the GC root '/home/eelco/Dev/nix-master/build/result'. error: Cannot delete path '/nix/store/rn0qyn3kmky26xgpr2n10vr787g57lff-cowsay-3.8.4' because it's referenced by the GC root '/proc/3600568/environ'. --- src/libstore/gc.cc | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/src/libstore/gc.cc b/src/libstore/gc.cc index f05269fef98..b66f037319a 100644 --- a/src/libstore/gc.cc +++ b/src/libstore/gc.cc @@ -458,7 +458,8 @@ void LocalStore::collectGarbage(const GCOptions & options, GCResults & results) bool gcKeepOutputs = settings.gcKeepOutputs; bool gcKeepDerivations = settings.gcKeepDerivations; - std::unordered_set roots, dead, alive; + Roots roots; + std::unordered_set dead, alive; struct Shared { @@ -612,11 +613,8 @@ void LocalStore::collectGarbage(const GCOptions & options, GCResults & results) /* Find the roots. Since we've grabbed the GC lock, the set of permanent roots cannot increase now. */ printInfo("finding garbage collector roots..."); - Roots rootMap; if (!options.ignoreLiveness) - findRootsNoTemp(rootMap, true); - - for (auto & i : rootMap) roots.insert(i.first); + findRootsNoTemp(roots, true); /* Read the temporary roots created before we acquired the global GC root. Any new roots will be sent to our socket. */ @@ -715,11 +713,12 @@ void LocalStore::collectGarbage(const GCOptions & options, GCResults & results) }; /* If this is a root, bail out. */ - if (roots.count(*path)) { + if (auto i = roots.find(*path); i != roots.end()) { if (options.action == GCOptions::gcDeleteSpecific) throw Error( - "Cannot delete path '%s' because it's a GC root.", - printStorePath(start)); + "Cannot delete path '%s' because it's referenced by the GC root '%s'.", + printStorePath(start), + *i->second.begin()); debug("cannot delete '%s' because it's a root", printStorePath(*path)); return markAlive(); } From cae732f7a1d63e042e5c4392ff62be1251f7a0cc Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 27 Jun 2025 15:09:19 +0200 Subject: [PATCH 753/815] Don't censor root info for trusted users --- src/libstore/daemon.cc | 1 + src/libstore/gc.cc | 4 ++-- src/libstore/include/nix/store/gc-store.hh | 6 ++++++ 3 files changed, 9 insertions(+), 2 deletions(-) diff --git a/src/libstore/daemon.cc b/src/libstore/daemon.cc index dfc068bc775..4bca7522876 100644 --- a/src/libstore/daemon.cc +++ b/src/libstore/daemon.cc @@ -730,6 +730,7 @@ static void performOp(TunnelLogger * logger, ref store, options.action = (GCOptions::GCAction) readInt(conn.from); options.pathsToDelete = WorkerProto::Serialise::read(*store, rconn); conn.from >> options.ignoreLiveness >> options.maxFreed; + options.censor = !trusted; // obsolete fields readInt(conn.from); readInt(conn.from); diff --git a/src/libstore/gc.cc b/src/libstore/gc.cc index b66f037319a..91f2ba43f08 100644 --- a/src/libstore/gc.cc +++ b/src/libstore/gc.cc @@ -614,12 +614,12 @@ void LocalStore::collectGarbage(const GCOptions & options, GCResults & results) permanent roots cannot increase now. */ printInfo("finding garbage collector roots..."); if (!options.ignoreLiveness) - findRootsNoTemp(roots, true); + findRootsNoTemp(roots, options.censor); /* Read the temporary roots created before we acquired the global GC root. Any new roots will be sent to our socket. */ Roots tempRoots; - findTempRoots(tempRoots, true); + findTempRoots(tempRoots, options.censor); for (auto & root : tempRoots) _shared.lock()->tempRoots.insert(std::string(root.first.hashPart())); diff --git a/src/libstore/include/nix/store/gc-store.hh b/src/libstore/include/nix/store/gc-store.hh index cef6e8776e6..6b73ffc6559 100644 --- a/src/libstore/include/nix/store/gc-store.hh +++ b/src/libstore/include/nix/store/gc-store.hh @@ -53,6 +53,12 @@ struct GCOptions * Stop after at least `maxFreed` bytes have been freed. */ uint64_t maxFreed{std::numeric_limits::max()}; + + /** + * Whether to hide potentially sensitive information about GC + * roots (such as PIDs). + */ + bool censor = false; }; From 31b00218fe2d330f76e270ae9bcb07206522cd55 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 27 Jun 2025 16:50:48 +0200 Subject: [PATCH 754/815] Show which PID is causing a temp root Example: error: Cannot delete path '/nix/store/klyng5rpdkwi5kbxkncy4gjwb490dlhb-foo.drv' because it's in use by Nix process '{nix-process:3605324}'. --- src/libstore/gc.cc | 26 ++++++++++++------- src/libstore/include/nix/store/gc-store.hh | 5 +++- tests/functional/gc-runtime.nix | 1 + tests/functional/gc-runtime.sh | 9 +++++-- tests/functional/gc.sh | 4 +-- .../local-overlay-store/delete-refs-inner.sh | 10 +++---- 6 files changed, 35 insertions(+), 20 deletions(-) diff --git a/src/libstore/gc.cc b/src/libstore/gc.cc index 91f2ba43f08..3f5c2b39e77 100644 --- a/src/libstore/gc.cc +++ b/src/libstore/gc.cc @@ -208,7 +208,7 @@ void LocalStore::findTempRoots(Roots & tempRoots, bool censor) while ((end = contents.find((char) 0, pos)) != std::string::npos) { Path root(contents, pos, end - pos); debug("got temporary root '%s'", root); - tempRoots[parseStorePath(root)].emplace(censor ? censored : fmt("{temp:%d}", pid)); + tempRoots[parseStorePath(root)].emplace(censor ? censored : fmt("{nix-process:%d}", pid)); pos = end + 1; } } @@ -465,7 +465,7 @@ void LocalStore::collectGarbage(const GCOptions & options, GCResults & results) { // The temp roots only store the hash part to make it easier to // ignore suffixes like '.lock', '.chroot' and '.check'. - std::unordered_set tempRoots; + std::unordered_map tempRoots; // Hash part of the store path currently being deleted, if // any. @@ -574,7 +574,8 @@ void LocalStore::collectGarbage(const GCOptions & options, GCResults & results) debug("got new GC root '%s'", path); auto hashPart = std::string(storePath->hashPart()); auto shared(_shared.lock()); - shared->tempRoots.insert(hashPart); + // FIXME: could get the PID from the socket. + shared->tempRoots.insert_or_assign(hashPart, "{nix-process:unknown}"); /* If this path is currently being deleted, then we have to wait until deletion is finished to ensure that @@ -618,10 +619,14 @@ void LocalStore::collectGarbage(const GCOptions & options, GCResults & results) /* Read the temporary roots created before we acquired the global GC root. Any new roots will be sent to our socket. */ - Roots tempRoots; - findTempRoots(tempRoots, options.censor); - for (auto & root : tempRoots) - _shared.lock()->tempRoots.insert(std::string(root.first.hashPart())); + { + Roots tempRoots; + findTempRoots(tempRoots, options.censor); + for (auto & root : tempRoots) + _shared.lock()->tempRoots.insert_or_assign( + std::string(root.first.hashPart()), + *root.second.begin()); + } /* Synchronisation point for testing, see tests/functional/gc-non-blocking.sh. */ if (auto p = getEnv("_NIX_TEST_GC_SYNC_2")) @@ -735,11 +740,12 @@ void LocalStore::collectGarbage(const GCOptions & options, GCResults & results) { auto hashPart = std::string(path->hashPart()); auto shared(_shared.lock()); - if (shared->tempRoots.count(hashPart)) { + if (auto i = shared->tempRoots.find(hashPart); i != shared->tempRoots.end()) { if (options.action == GCOptions::gcDeleteSpecific) throw Error( - "Cannot delete path '%s' because it's in use by a Nix process.", - printStorePath(start)); + "Cannot delete path '%s' because it's in use by '%s'.", + printStorePath(start), + i->second); return markAlive(); } shared->pending = hashPart; diff --git a/src/libstore/include/nix/store/gc-store.hh b/src/libstore/include/nix/store/gc-store.hh index 6b73ffc6559..23261f576c8 100644 --- a/src/libstore/include/nix/store/gc-store.hh +++ b/src/libstore/include/nix/store/gc-store.hh @@ -7,8 +7,11 @@ namespace nix { +// FIXME: should turn this into an std::variant to represent the +// several root types. +using GcRootInfo = std::string; -typedef std::unordered_map> Roots; +typedef std::unordered_map> Roots; struct GCOptions diff --git a/tests/functional/gc-runtime.nix b/tests/functional/gc-runtime.nix index ee5980bdff9..df7f8ad1647 100644 --- a/tests/functional/gc-runtime.nix +++ b/tests/functional/gc-runtime.nix @@ -9,6 +9,7 @@ mkDerivation { cat > $out/program < \$TEST_ROOT/fifo sleep 10000 EOF diff --git a/tests/functional/gc-runtime.sh b/tests/functional/gc-runtime.sh index 0cccaaf16ab..34e99415d5c 100755 --- a/tests/functional/gc-runtime.sh +++ b/tests/functional/gc-runtime.sh @@ -21,11 +21,16 @@ nix-env -p "$profiles/test" -f ./gc-runtime.nix -i gc-runtime outPath=$(nix-env -p "$profiles/test" -q --no-name --out-path gc-runtime) echo "$outPath" +fifo="$TEST_ROOT/fifo" +mkfifo "$fifo" + echo "backgrounding program..." -"$profiles"/test/program & -sleep 2 # hack - wait for the program to get started +"$profiles"/test/program "$fifo" & child=$! echo PID=$child +cat "$fifo" + +expectStderr 1 nix-store --delete "$outPath" | grepQuiet "Cannot delete path.*because it's referenced by the GC root '/proc/" nix-env -p "$profiles/test" -e gc-runtime nix-env -p "$profiles/test" --delete-generations old diff --git a/tests/functional/gc.sh b/tests/functional/gc.sh index c58f47021f8..66dd12eac7e 100755 --- a/tests/functional/gc.sh +++ b/tests/functional/gc.sh @@ -23,10 +23,10 @@ if nix-store --gc --print-dead | grep -E "$outPath"$; then false; fi nix-store --gc --print-dead inUse=$(readLink "$outPath/reference-to-input-2") -if nix-store --delete "$inUse"; then false; fi +expectStderr 1 nix-store --delete "$inUse" | grepQuiet "Cannot delete path.*because it's referenced by the GC root " test -e "$inUse" -if nix-store --delete "$outPath"; then false; fi +expectStderr 1 nix-store --delete "$outPath" | grepQuiet "Cannot delete path.*because it's referenced by the GC root " test -e "$outPath" for i in "$NIX_STORE_DIR"/*; do diff --git a/tests/functional/local-overlay-store/delete-refs-inner.sh b/tests/functional/local-overlay-store/delete-refs-inner.sh index 385eeadc923..01b6162c529 100644 --- a/tests/functional/local-overlay-store/delete-refs-inner.sh +++ b/tests/functional/local-overlay-store/delete-refs-inner.sh @@ -22,14 +22,14 @@ input2=$(nix-build ../hermetic.nix --no-out-link --arg busybox "$busybox" --arg input3=$(nix-build ../hermetic.nix --no-out-link --arg busybox "$busybox" --arg withFinalRefs true --arg seed 2 -A passthru.input3 -j0) # Can't delete because referenced -expectStderr 1 nix-store --delete $input1 | grepQuiet "Cannot delete path" -expectStderr 1 nix-store --delete $input2 | grepQuiet "Cannot delete path" -expectStderr 1 nix-store --delete $input3 | grepQuiet "Cannot delete path" +expectStderr 1 nix-store --delete $input1 | grepQuiet "Cannot delete path.*because it's referenced by path" +expectStderr 1 nix-store --delete $input2 | grepQuiet "Cannot delete path.*because it's referenced by path" +expectStderr 1 nix-store --delete $input3 | grepQuiet "Cannot delete path.*because it's referenced by path" # These same paths are referenced in the lower layer (by the seed 1 # build done in `initLowerStore`). -expectStderr 1 nix-store --store "$storeA" --delete $input2 | grepQuiet "Cannot delete path" -expectStderr 1 nix-store --store "$storeA" --delete $input3 | grepQuiet "Cannot delete path" +expectStderr 1 nix-store --store "$storeA" --delete $input2 | grepQuiet "Cannot delete path.*because it's referenced by path" +expectStderr 1 nix-store --store "$storeA" --delete $input3 | grepQuiet "Cannot delete path.*because it's referenced by path" # Can delete nix-store --delete $hermetic From 51acb1d4bc5ac16a593dc171e8debedd5ffe7f73 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 27 Jun 2025 17:59:15 +0200 Subject: [PATCH 755/815] Path fetcher: Only show "copying to store" when actually copying --- src/libfetchers/path.cc | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/libfetchers/path.cc b/src/libfetchers/path.cc index 0de81ae430b..c199957eb6a 100644 --- a/src/libfetchers/path.cc +++ b/src/libfetchers/path.cc @@ -127,8 +127,6 @@ struct PathInputScheme : InputScheme auto absPath = getAbsPath(input); - Activity act(*logger, lvlTalkative, actUnknown, fmt("copying %s to the store", absPath)); - // FIXME: check whether access to 'path' is allowed. auto storePath = store->maybeParseStorePath(absPath.string()); @@ -137,6 +135,7 @@ struct PathInputScheme : InputScheme time_t mtime = 0; if (!storePath || storePath->name() != "source" || !store->isValidPath(*storePath)) { + Activity act(*logger, lvlTalkative, actUnknown, fmt("copying %s to the store", absPath)); // FIXME: try to substitute storePath. auto src = sinkToSource([&](Sink & sink) { mtime = dumpPathAndGetMtime(absPath.string(), sink, defaultPathFilter); From 38a73203a4b304cb0987d4b32a17f7d2137575a4 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 27 Jun 2025 20:02:18 +0200 Subject: [PATCH 756/815] Fix eval caching for path flakes This fix is somewhat hacky since the accessor/input fingerprint situation is a bit of a mess. --- src/libfetchers/fetchers.cc | 2 ++ tests/functional/flakes/flakes.sh | 1 + 2 files changed, 3 insertions(+) diff --git a/src/libfetchers/fetchers.cc b/src/libfetchers/fetchers.cc index d91f24b6a0d..4d2d66a72aa 100644 --- a/src/libfetchers/fetchers.cc +++ b/src/libfetchers/fetchers.cc @@ -354,6 +354,8 @@ std::pair, Input> Input::getAccessorUnchecked(ref sto if (!accessor->fingerprint) accessor->fingerprint = result.getFingerprint(store); + else + result.cachedFingerprint = accessor->fingerprint; return {accessor, std::move(result)}; } diff --git a/tests/functional/flakes/flakes.sh b/tests/functional/flakes/flakes.sh index ec5cc9c5358..cfd2045694e 100755 --- a/tests/functional/flakes/flakes.sh +++ b/tests/functional/flakes/flakes.sh @@ -374,6 +374,7 @@ nix build -o $TEST_ROOT/result git+file://$flakeGitBare mkdir -p $flake5Dir writeDependentFlake $flake5Dir nix flake lock path://$flake5Dir +[[ "$(nix flake metadata path://$flake5Dir --json | jq -r .fingerprint)" != null ]] # Test tarball flakes. tar cfz $TEST_ROOT/flake.tar.gz -C $TEST_ROOT flake5 From 71aecfc481ca19c91dee4536f1acd8b8718532a3 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 30 Jun 2025 11:30:24 +0200 Subject: [PATCH 757/815] Fix test --- src/libstore/gc.cc | 18 +++++++++--------- tests/functional/gc.sh | 2 +- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/src/libstore/gc.cc b/src/libstore/gc.cc index 3f5c2b39e77..75773d6c1e8 100644 --- a/src/libstore/gc.cc +++ b/src/libstore/gc.cc @@ -717,6 +717,15 @@ void LocalStore::collectGarbage(const GCOptions & options, GCResults & results) } catch (InvalidPath &) { } }; + if (options.action == GCOptions::gcDeleteSpecific + && !options.pathsToDelete.count(*path)) + { + throw Error( + "Cannot delete path '%s' because it's referenced by path '%s'.", + printStorePath(start), + printStorePath(*path)); + } + /* If this is a root, bail out. */ if (auto i = roots.find(*path); i != roots.end()) { if (options.action == GCOptions::gcDeleteSpecific) @@ -728,15 +737,6 @@ void LocalStore::collectGarbage(const GCOptions & options, GCResults & results) return markAlive(); } - if (options.action == GCOptions::gcDeleteSpecific - && !options.pathsToDelete.count(*path)) - { - throw Error( - "Cannot delete path '%s' because it's referenced by path '%s'.", - printStorePath(start), - printStorePath(*path)); - } - { auto hashPart = std::string(path->hashPart()); auto shared(_shared.lock()); diff --git a/tests/functional/gc.sh b/tests/functional/gc.sh index 66dd12eac7e..92ac7fac41d 100755 --- a/tests/functional/gc.sh +++ b/tests/functional/gc.sh @@ -23,7 +23,7 @@ if nix-store --gc --print-dead | grep -E "$outPath"$; then false; fi nix-store --gc --print-dead inUse=$(readLink "$outPath/reference-to-input-2") -expectStderr 1 nix-store --delete "$inUse" | grepQuiet "Cannot delete path.*because it's referenced by the GC root " +expectStderr 1 nix-store --delete "$inUse" | grepQuiet "Cannot delete path.*because it's referenced by path '" test -e "$inUse" expectStderr 1 nix-store --delete "$outPath" | grepQuiet "Cannot delete path.*because it's referenced by the GC root " From 572c938a55d8cae847c26f5c075fb8d7cc13623d Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 30 Jun 2025 14:52:25 +0200 Subject: [PATCH 758/815] nix flake prefetch-inputs: Keep going if an input fails --- src/nix/flake-prefetch-inputs.cc | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) diff --git a/src/nix/flake-prefetch-inputs.cc b/src/nix/flake-prefetch-inputs.cc index fe676726c72..1d4209d4d4a 100644 --- a/src/nix/flake-prefetch-inputs.cc +++ b/src/nix/flake-prefetch-inputs.cc @@ -2,6 +2,7 @@ #include "nix/fetchers/fetch-to-store.hh" #include "nix/util/thread-pool.hh" #include "nix/store/filetransfer.hh" +#include "nix/util/exit.hh" #include @@ -35,16 +36,23 @@ struct CmdFlakePrefetchInputs : FlakeCommand Sync state_; + std::atomic nrFailed{0}; + std::function visit; visit = [&](const Node & node) { if (!state_.lock()->done.insert(&node).second) return; if (auto lockedNode = dynamic_cast(&node)) { - Activity act(*logger, lvlInfo, actUnknown, fmt("fetching '%s'", lockedNode->lockedRef)); - auto accessor = lockedNode->lockedRef.input.getAccessor(store).first; - if (!evalSettings.lazyTrees) - fetchToStore(*store, accessor, FetchMode::Copy, lockedNode->lockedRef.input.getName()); + try { + Activity act(*logger, lvlInfo, actUnknown, fmt("fetching '%s'", lockedNode->lockedRef)); + auto accessor = lockedNode->lockedRef.input.getAccessor(store).first; + if (!evalSettings.lazyTrees) + fetchToStore(*store, accessor, FetchMode::Copy, lockedNode->lockedRef.input.getName()); + } catch (Error & e) { + printError("%s", e.what()); + nrFailed++; + } } for (auto & [inputName, input] : node.inputs) { @@ -56,6 +64,8 @@ struct CmdFlakePrefetchInputs : FlakeCommand pool.enqueue(std::bind(visit, *flake.lockFile.root)); pool.process(); + + throw Exit(nrFailed ? 1 : 0); } }; From b64a310eb261118bcf5196761f685af3e44c2561 Mon Sep 17 00:00:00 2001 From: John Ericson Date: Wed, 28 May 2025 12:49:13 -0400 Subject: [PATCH 759/815] Fix warning when `HAVE_EMBEDDED_SANDBOX_SHELL` is not set Clang doesn't like the double indent that is needed for the `if...else` that is CPP'd away. Adding braces is fine in the `if...else...` case, and fine as a naked block in the CPP'd away case, and properly-indented both ways. --- src/libstore/unix/build/linux-derivation-builder.cc | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/libstore/unix/build/linux-derivation-builder.cc b/src/libstore/unix/build/linux-derivation-builder.cc index 0d7d94b87b4..dbd98ab3d7c 100644 --- a/src/libstore/unix/build/linux-derivation-builder.cc +++ b/src/libstore/unix/build/linux-derivation-builder.cc @@ -681,7 +681,9 @@ struct LinuxDerivationBuilder : DerivationBuilderImpl chmod_(dst, 0555); } else # endif + { doBind(i.second.source, chrootRootDir + i.first, i.second.optional); + } } /* Bind a new instance of procfs on /proc. */ From 1521a819b75810e9c0f0450745d66b4620fff3da Mon Sep 17 00:00:00 2001 From: Cole Helbling Date: Mon, 30 Jun 2025 10:18:10 -0700 Subject: [PATCH 760/815] external-derivation-builder: `args` must always be specified I don't want to figure out how to make nlohmann treat std::optional<> the same way Rust's serde_json treats Option<> (i.e. skip it if it's not there). --- src/libstore/include/nix/store/globals.hh | 2 +- src/libstore/unix/build/external-derivation-builder.cc | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/src/libstore/include/nix/store/globals.hh b/src/libstore/include/nix/store/globals.hh index 2976ee57ae3..f7c71477740 100644 --- a/src/libstore/include/nix/store/globals.hh +++ b/src/libstore/include/nix/store/globals.hh @@ -1241,7 +1241,7 @@ public: { std::vector systems; Path program; - std::optional> args; + std::vector args; }; using ExternalBuilders = std::vector; diff --git a/src/libstore/unix/build/external-derivation-builder.cc b/src/libstore/unix/build/external-derivation-builder.cc index 0757ed51f9f..1906ddd700a 100644 --- a/src/libstore/unix/build/external-derivation-builder.cc +++ b/src/libstore/unix/build/external-derivation-builder.cc @@ -94,8 +94,8 @@ struct ExternalDerivationBuilder : DerivationBuilderImpl Strings args = {externalBuilder.program}; - if (externalBuilder.args) { - args.insert(args.end(), externalBuilder.args->begin(), externalBuilder.args->end()); + if (!externalBuilder.args.empty()) { + args.insert(args.end(), externalBuilder.args.begin(), externalBuilder.args.end()); } args.insert(args.end(), jsonFile); From 87dccde0aa905c22ab5d336137de258fc381ab35 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Thu, 3 Jul 2025 17:41:35 +0000 Subject: [PATCH 761/815] Prepare release v3.7.0 From ab327e7fd68ccbe88bca66fc99985e1ffbedf6eb Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Thu, 3 Jul 2025 17:41:38 +0000 Subject: [PATCH 762/815] Set .version-determinate to 3.7.0 --- .version-determinate | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.version-determinate b/.version-determinate index 424e1794de6..7c69a55dbb1 100644 --- a/.version-determinate +++ b/.version-determinate @@ -1 +1 @@ -3.6.8 +3.7.0 From 103b09b767e1dc1759090ae88e62382a175dd0ef Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Thu, 3 Jul 2025 17:41:43 +0000 Subject: [PATCH 763/815] Generate release notes for 3.7.0 --- doc/manual/source/SUMMARY.md.in | 1 + .../source/release-notes-determinate/changes.md | 12 +++++++++++- .../source/release-notes-determinate/rl-3.7.0.md | 12 ++++++++++++ 3 files changed, 24 insertions(+), 1 deletion(-) create mode 100644 doc/manual/source/release-notes-determinate/rl-3.7.0.md diff --git a/doc/manual/source/SUMMARY.md.in b/doc/manual/source/SUMMARY.md.in index ebcb7b95605..6c5aa16d5f3 100644 --- a/doc/manual/source/SUMMARY.md.in +++ b/doc/manual/source/SUMMARY.md.in @@ -129,6 +129,7 @@ - [Contributing](development/contributing.md) - [Determinate Nix Release Notes](release-notes-determinate/index.md) - [Changes between Nix and Determinate Nix](release-notes-determinate/changes.md) + - [Release 3.7.0 (2025-07-03)](release-notes-determinate/rl-3.7.0.md) - [Release 3.6.8 (2025-06-25)](release-notes-determinate/rl-3.6.8.md) - [Release 3.6.7 (2025-06-24)](release-notes-determinate/rl-3.6.7.md) - [Release 3.6.6 (2025-06-17)](release-notes-determinate/rl-3.6.6.md) diff --git a/doc/manual/source/release-notes-determinate/changes.md b/doc/manual/source/release-notes-determinate/changes.md index 3a38378e01e..8058a18c6d8 100644 --- a/doc/manual/source/release-notes-determinate/changes.md +++ b/doc/manual/source/release-notes-determinate/changes.md @@ -1,6 +1,6 @@ # Changes between Nix and Determinate Nix -This section lists the differences between upstream Nix 2.29 and Determinate Nix 3.6.8. +This section lists the differences between upstream Nix 2.29 and Determinate Nix 3.7.0. * In Determinate Nix, flakes are stable. You no longer need to enable the `flakes` experimental feature. @@ -86,3 +86,13 @@ This section lists the differences between upstream Nix 2.29 and Determinate Nix * Sync 2.29.1 by @edolstra in [DeterminateSystems/nix-src#124](https://github.com/DeterminateSystems/nix-src/pull/124) * Release v3.6.7 by @github-actions in [DeterminateSystems/nix-src#126](https://github.com/DeterminateSystems/nix-src/pull/126) + + + +* Fix deep overrides by @edolstra in [DeterminateSystems/nix-src#108](https://github.com/DeterminateSystems/nix-src/pull/108) + +* Fix eval caching for path flakes by @edolstra in [DeterminateSystems/nix-src#131](https://github.com/DeterminateSystems/nix-src/pull/131) + +* nix store delete: Show why deletion fails by @edolstra in [DeterminateSystems/nix-src#130](https://github.com/DeterminateSystems/nix-src/pull/130) + +* nix flake prefetch-inputs: Add by @edolstra in [DeterminateSystems/nix-src#127](https://github.com/DeterminateSystems/nix-src/pull/127) diff --git a/doc/manual/source/release-notes-determinate/rl-3.7.0.md b/doc/manual/source/release-notes-determinate/rl-3.7.0.md new file mode 100644 index 00000000000..4259df157c6 --- /dev/null +++ b/doc/manual/source/release-notes-determinate/rl-3.7.0.md @@ -0,0 +1,12 @@ +# Release 3.7.0 (2025-07-03) + +* Based on [upstream Nix 2.29.1](../release-notes/rl-2.29.md). + +## What's Changed +* Fix deep overrides by @edolstra in [DeterminateSystems/nix-src#108](https://github.com/DeterminateSystems/nix-src/pull/108) +* Fix eval caching for path flakes by @edolstra in [DeterminateSystems/nix-src#131](https://github.com/DeterminateSystems/nix-src/pull/131) +* nix store delete: Show why deletion fails by @edolstra in [DeterminateSystems/nix-src#130](https://github.com/DeterminateSystems/nix-src/pull/130) +* nix flake prefetch-inputs: Add by @edolstra in [DeterminateSystems/nix-src#127](https://github.com/DeterminateSystems/nix-src/pull/127) + + +**Full Changelog**: [v3.6.8...v3.7.0](https://github.com/DeterminateSystems/nix-src/compare/v3.6.8...v3.7.0) From a6ad4a5d23a4d45742754ee54b6f50671782ed03 Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Thu, 3 Jul 2025 13:48:36 -0400 Subject: [PATCH 764/815] Clean up changelogs --- .../release-notes-determinate/changes.md | 8 +-- .../release-notes-determinate/rl-3.7.0.md | 61 +++++++++++++++++-- 2 files changed, 59 insertions(+), 10 deletions(-) diff --git a/doc/manual/source/release-notes-determinate/changes.md b/doc/manual/source/release-notes-determinate/changes.md index 8058a18c6d8..5bcd2788b07 100644 --- a/doc/manual/source/release-notes-determinate/changes.md +++ b/doc/manual/source/release-notes-determinate/changes.md @@ -89,10 +89,8 @@ This section lists the differences between upstream Nix 2.29 and Determinate Nix -* Fix deep overrides by @edolstra in [DeterminateSystems/nix-src#108](https://github.com/DeterminateSystems/nix-src/pull/108) +* Overriding deeply transitive flake inputs now works, by @edolstra in [DeterminateSystems/nix-src#108](https://github.com/DeterminateSystems/nix-src/pull/108) -* Fix eval caching for path flakes by @edolstra in [DeterminateSystems/nix-src#131](https://github.com/DeterminateSystems/nix-src/pull/131) +* `nix store delete` now exlpains why deletion fails by @edolstra in [DeterminateSystems/nix-src#130](https://github.com/DeterminateSystems/nix-src/pull/130) -* nix store delete: Show why deletion fails by @edolstra in [DeterminateSystems/nix-src#130](https://github.com/DeterminateSystems/nix-src/pull/130) - -* nix flake prefetch-inputs: Add by @edolstra in [DeterminateSystems/nix-src#127](https://github.com/DeterminateSystems/nix-src/pull/127) +* New command: `nix flake prefetch-inputs` for improved CI performance, by @edolstra in [DeterminateSystems/nix-src#127](https://github.com/DeterminateSystems/nix-src/pull/127) diff --git a/doc/manual/source/release-notes-determinate/rl-3.7.0.md b/doc/manual/source/release-notes-determinate/rl-3.7.0.md index 4259df157c6..8e5fc9ca6a1 100644 --- a/doc/manual/source/release-notes-determinate/rl-3.7.0.md +++ b/doc/manual/source/release-notes-determinate/rl-3.7.0.md @@ -1,12 +1,63 @@ # Release 3.7.0 (2025-07-03) -* Based on [upstream Nix 2.29.1](../release-notes/rl-2.29.md). +- Based on [upstream Nix 2.29.1](../release-notes/rl-2.29.md). ## What's Changed -* Fix deep overrides by @edolstra in [DeterminateSystems/nix-src#108](https://github.com/DeterminateSystems/nix-src/pull/108) -* Fix eval caching for path flakes by @edolstra in [DeterminateSystems/nix-src#131](https://github.com/DeterminateSystems/nix-src/pull/131) -* nix store delete: Show why deletion fails by @edolstra in [DeterminateSystems/nix-src#130](https://github.com/DeterminateSystems/nix-src/pull/130) -* nix flake prefetch-inputs: Add by @edolstra in [DeterminateSystems/nix-src#127](https://github.com/DeterminateSystems/nix-src/pull/127) +### Prefetch flake inputs in parallel + +By @edolstra in [DeterminateSystems/nix-src#127](https://github.com/DeterminateSystems/nix-src/pull/127) + +This release brings the command `nix flake prefetch-inputs`. + +Flake inputs are typically fetched "just in time." +That means Nix fetches a flake input when the evaluator needs it, and not before. +When the evaluator needs an input, evaluation is paused until the source is available. + +This causes a significant slow-down on projects with lots of flake inputs. + +The new command `nix flake prefetch-inputs` fetches all flake inputs in parallel. +We expect running this new command before building will dramatically improve evaluation performance for most projects, especially in CI. +Note that projects which with many unused flake inputs may not benefit from this change, since the new command fetches every input whether they're used or not. + +### Deep flake input overrides now work as expected + +By @edolstra in [DeterminateSystems/nix-src#108](https://github.com/DeterminateSystems/nix-src/pull/108) + +An override like: + +``` +inputs.foo.inputs.bar.inputs.nixpkgs.follows = "nixpkgs"; +``` + +implicitly set `inputs.foo.inputs.bar` to `flake:bar`, which led to an unexpected error like: + +``` +error: cannot find flake 'flake:bar' in the flake registries +``` + +We now no longer create a parent override (like for `foo.bar` in the example above) if it doesn't set an explicit ref or follows attribute. +We only recursively apply its child overrides. + +### `nix store delete` now shows you why deletion was not possible + +By @edolstra in [DeterminateSystems/nix-src#130](https://github.com/DeterminateSystems/nix-src/pull/130) + +For example: + +``` +error: Cannot delete path '/nix/store/6fcrjgfjip2ww3sx51rrmmghfsf60jvi-patchelf-0.14.3' + because it's referenced by the GC root '/home/eelco/Dev/nix-master/build/result'. + +error: Cannot delete path '/nix/store/rn0qyn3kmky26xgpr2n10vr787g57lff-cowsay-3.8.4' + because it's referenced by the GC root '/proc/3600568/environ'. + +error: Cannot delete path '/nix/store/klyng5rpdkwi5kbxkncy4gjwb490dlhb-foo.drv' + because it's in use by '{nix-process:3605324}'. +``` + +### Lazy-tree improvements + +- Improved lazy-tree evaluation caching for flakes accessed with a `path` flakeref by @edolstra in [DeterminateSystems/nix-src#131](https://github.com/DeterminateSystems/nix-src/pull/131) **Full Changelog**: [v3.6.8...v3.7.0](https://github.com/DeterminateSystems/nix-src/compare/v3.6.8...v3.7.0) From d9541eba2327919279fe9eccc8c83008f930ae8a Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Thu, 3 Jul 2025 14:36:51 -0400 Subject: [PATCH 765/815] Apply suggestions from code review Co-authored-by: gustavderdrache --- doc/manual/source/release-notes-determinate/changes.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/manual/source/release-notes-determinate/changes.md b/doc/manual/source/release-notes-determinate/changes.md index 5bcd2788b07..0d4b2b1ad34 100644 --- a/doc/manual/source/release-notes-determinate/changes.md +++ b/doc/manual/source/release-notes-determinate/changes.md @@ -89,8 +89,8 @@ This section lists the differences between upstream Nix 2.29 and Determinate Nix -* Overriding deeply transitive flake inputs now works, by @edolstra in [DeterminateSystems/nix-src#108](https://github.com/DeterminateSystems/nix-src/pull/108) +* Overriding deeply-nested transitive flake inputs now works, by @edolstra in [DeterminateSystems/nix-src#108](https://github.com/DeterminateSystems/nix-src/pull/108) -* `nix store delete` now exlpains why deletion fails by @edolstra in [DeterminateSystems/nix-src#130](https://github.com/DeterminateSystems/nix-src/pull/130) +* `nix store delete` now explains why deletion fails by @edolstra in [DeterminateSystems/nix-src#130](https://github.com/DeterminateSystems/nix-src/pull/130) * New command: `nix flake prefetch-inputs` for improved CI performance, by @edolstra in [DeterminateSystems/nix-src#127](https://github.com/DeterminateSystems/nix-src/pull/127) From 53a743b8c52fbef715d8c6830bb4f1b6667bff62 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 4 Jul 2025 15:39:47 +0200 Subject: [PATCH 766/815] queryMissing(): Return a struct ...instead of having a bunch of pass-by-reference arguments. --- src/libmain/shared.cc | 6 ++--- src/libstore/build/worker.cc | 4 +-- src/libstore/daemon.cc | 12 ++++----- .../include/nix/store/remote-store.hh | 4 +-- src/libstore/include/nix/store/store-api.hh | 16 +++++++++--- src/libstore/misc.cc | 26 ++++++++----------- src/libstore/remote-store.cc | 18 ++++++------- src/libstore/restricted-store.cc | 24 +++++++---------- src/libstore/store-api.cc | 9 +++---- src/nix-build/nix-build.cc | 7 ++--- src/nix-store/nix-store.cc | 12 +++------ 11 files changed, 59 insertions(+), 79 deletions(-) diff --git a/src/libmain/shared.cc b/src/libmain/shared.cc index d9e8059f7b5..fa6b0668262 100644 --- a/src/libmain/shared.cc +++ b/src/libmain/shared.cc @@ -46,10 +46,8 @@ void printGCWarning() void printMissing(ref store, const std::vector & paths, Verbosity lvl) { - uint64_t downloadSize, narSize; - StorePathSet willBuild, willSubstitute, unknown; - store->queryMissing(paths, willBuild, willSubstitute, unknown, downloadSize, narSize); - printMissing(store, willBuild, willSubstitute, unknown, downloadSize, narSize, lvl); + auto missing = store->queryMissing(paths); + printMissing(store, missing.willBuild, missing.willSubstitute, missing.unknown, missing.downloadSize, missing.narSize, lvl); } diff --git a/src/libstore/build/worker.cc b/src/libstore/build/worker.cc index dd3692f4179..bab31acf992 100644 --- a/src/libstore/build/worker.cc +++ b/src/libstore/build/worker.cc @@ -289,9 +289,7 @@ void Worker::run(const Goals & _topGoals) } /* Call queryMissing() to efficiently query substitutes. */ - StorePathSet willBuild, willSubstitute, unknown; - uint64_t downloadSize, narSize; - store.queryMissing(topPaths, willBuild, willSubstitute, unknown, downloadSize, narSize); + store.queryMissing(topPaths); debug("entered goal loop"); diff --git a/src/libstore/daemon.cc b/src/libstore/daemon.cc index 4bca7522876..b946ccbb519 100644 --- a/src/libstore/daemon.cc +++ b/src/libstore/daemon.cc @@ -949,14 +949,12 @@ static void performOp(TunnelLogger * logger, ref store, case WorkerProto::Op::QueryMissing: { auto targets = WorkerProto::Serialise::read(*store, rconn); logger->startWork(); - StorePathSet willBuild, willSubstitute, unknown; - uint64_t downloadSize, narSize; - store->queryMissing(targets, willBuild, willSubstitute, unknown, downloadSize, narSize); + auto missing = store->queryMissing(targets); logger->stopWork(); - WorkerProto::write(*store, wconn, willBuild); - WorkerProto::write(*store, wconn, willSubstitute); - WorkerProto::write(*store, wconn, unknown); - conn.to << downloadSize << narSize; + WorkerProto::write(*store, wconn, missing.willBuild); + WorkerProto::write(*store, wconn, missing.willSubstitute); + WorkerProto::write(*store, wconn, missing.unknown); + conn.to << missing.downloadSize << missing.narSize; break; } diff --git a/src/libstore/include/nix/store/remote-store.hh b/src/libstore/include/nix/store/remote-store.hh index dd2396fe32b..18c02456f4c 100644 --- a/src/libstore/include/nix/store/remote-store.hh +++ b/src/libstore/include/nix/store/remote-store.hh @@ -149,9 +149,7 @@ struct RemoteStore : void addSignatures(const StorePath & storePath, const StringSet & sigs) override; - void queryMissing(const std::vector & targets, - StorePathSet & willBuild, StorePathSet & willSubstitute, StorePathSet & unknown, - uint64_t & downloadSize, uint64_t & narSize) override; + MissingPaths queryMissing(const std::vector & targets) override; void addBuildLog(const StorePath & drvPath, std::string_view log) override; diff --git a/src/libstore/include/nix/store/store-api.hh b/src/libstore/include/nix/store/store-api.hh index 1648b13c1b2..0933caa68f4 100644 --- a/src/libstore/include/nix/store/store-api.hh +++ b/src/libstore/include/nix/store/store-api.hh @@ -71,6 +71,18 @@ struct KeyedBuildResult; typedef std::map> StorePathCAMap; +/** + * Information about what paths will be built or substituted, returned + * by Store::queryMissing(). + */ +struct MissingPaths +{ + StorePathSet willBuild; + StorePathSet willSubstitute; + StorePathSet unknown; + uint64_t downloadSize{0}; + uint64_t narSize{0}; +}; /** * About the class hierarchy of the store types: @@ -694,9 +706,7 @@ public: * derivations that will be built, and the set of output paths that * will be substituted. */ - virtual void queryMissing(const std::vector & targets, - StorePathSet & willBuild, StorePathSet & willSubstitute, StorePathSet & unknown, - uint64_t & downloadSize, uint64_t & narSize); + virtual MissingPaths queryMissing(const std::vector & targets); /** * Sort a set of paths topologically under the references diff --git a/src/libstore/misc.cc b/src/libstore/misc.cc index dabae647fbb..7c97dbc5717 100644 --- a/src/libstore/misc.cc +++ b/src/libstore/misc.cc @@ -98,23 +98,17 @@ const ContentAddress * getDerivationCA(const BasicDerivation & drv) return nullptr; } -void Store::queryMissing(const std::vector & targets, - StorePathSet & willBuild_, StorePathSet & willSubstitute_, StorePathSet & unknown_, - uint64_t & downloadSize_, uint64_t & narSize_) +MissingPaths Store::queryMissing(const std::vector & targets) { Activity act(*logger, lvlDebug, actUnknown, "querying info about missing paths"); - downloadSize_ = narSize_ = 0; - // FIXME: make async. ThreadPool pool(fileTransferSettings.httpConnections); struct State { std::unordered_set done; - StorePathSet & unknown, & willSubstitute, & willBuild; - uint64_t & downloadSize; - uint64_t & narSize; + MissingPaths res; }; struct DrvState @@ -125,7 +119,7 @@ void Store::queryMissing(const std::vector & targets, DrvState(size_t left) : left(left) { } }; - Sync state_(State{{}, unknown_, willSubstitute_, willBuild_, downloadSize_, narSize_}); + Sync state_; std::function doPath; @@ -143,7 +137,7 @@ void Store::queryMissing(const std::vector & targets, auto mustBuildDrv = [&](const StorePath & drvPath, const Derivation & drv) { { auto state(state_.lock()); - state->willBuild.insert(drvPath); + state->res.willBuild.insert(drvPath); } for (const auto & [inputDrv, inputNode] : drv.inputDrvs.map) { @@ -203,7 +197,7 @@ void Store::queryMissing(const std::vector & targets, if (!isValidPath(drvPath)) { // FIXME: we could try to substitute the derivation. auto state(state_.lock()); - state->unknown.insert(drvPath); + state->res.unknown.insert(drvPath); return; } @@ -282,7 +276,7 @@ void Store::queryMissing(const std::vector & targets, if (infos.empty()) { auto state(state_.lock()); - state->unknown.insert(bo.path); + state->res.unknown.insert(bo.path); return; } @@ -291,9 +285,9 @@ void Store::queryMissing(const std::vector & targets, { auto state(state_.lock()); - state->willSubstitute.insert(bo.path); - state->downloadSize += info->second.downloadSize; - state->narSize += info->second.narSize; + state->res.willSubstitute.insert(bo.path); + state->res.downloadSize += info->second.downloadSize; + state->res.narSize += info->second.narSize; } for (auto & ref : info->second.references) @@ -306,6 +300,8 @@ void Store::queryMissing(const std::vector & targets, pool.enqueue(std::bind(doPath, path)); pool.process(); + + return std::move(state_.lock()->res); } diff --git a/src/libstore/remote-store.cc b/src/libstore/remote-store.cc index 3151f319c00..1b8bad04807 100644 --- a/src/libstore/remote-store.cc +++ b/src/libstore/remote-store.cc @@ -855,9 +855,7 @@ void RemoteStore::addSignatures(const StorePath & storePath, const StringSet & s } -void RemoteStore::queryMissing(const std::vector & targets, - StorePathSet & willBuild, StorePathSet & willSubstitute, StorePathSet & unknown, - uint64_t & downloadSize, uint64_t & narSize) +MissingPaths RemoteStore::queryMissing(const std::vector & targets) { { auto conn(getConnection()); @@ -868,16 +866,16 @@ void RemoteStore::queryMissing(const std::vector & targets, conn->to << WorkerProto::Op::QueryMissing; WorkerProto::write(*this, *conn, targets); conn.processStderr(); - willBuild = WorkerProto::Serialise::read(*this, *conn); - willSubstitute = WorkerProto::Serialise::read(*this, *conn); - unknown = WorkerProto::Serialise::read(*this, *conn); - conn->from >> downloadSize >> narSize; - return; + MissingPaths res; + res.willBuild = WorkerProto::Serialise::read(*this, *conn); + res.willSubstitute = WorkerProto::Serialise::read(*this, *conn); + res.unknown = WorkerProto::Serialise::read(*this, *conn); + conn->from >> res.downloadSize >> res.narSize; + return res; } fallback: - return Store::queryMissing(targets, willBuild, willSubstitute, - unknown, downloadSize, narSize); + return Store::queryMissing(targets); } diff --git a/src/libstore/restricted-store.cc b/src/libstore/restricted-store.cc index 0485f558473..69435122a24 100644 --- a/src/libstore/restricted-store.cc +++ b/src/libstore/restricted-store.cc @@ -143,13 +143,7 @@ struct RestrictedStore : public virtual IndirectRootStore, public virtual GcStor unsupported("addSignatures"); } - void queryMissing( - const std::vector & targets, - StorePathSet & willBuild, - StorePathSet & willSubstitute, - StorePathSet & unknown, - uint64_t & downloadSize, - uint64_t & narSize) override; + MissingPaths queryMissing(const std::vector & targets) override; virtual std::optional getBuildLogExact(const StorePath & path) override { @@ -306,19 +300,14 @@ std::vector RestrictedStore::buildPathsWithResults( return results; } -void RestrictedStore::queryMissing( - const std::vector & targets, - StorePathSet & willBuild, - StorePathSet & willSubstitute, - StorePathSet & unknown, - uint64_t & downloadSize, - uint64_t & narSize) +MissingPaths RestrictedStore::queryMissing(const std::vector & targets) { /* This is slightly impure since it leaks information to the client about what paths will be built/substituted or are already present. Probably not a big deal. */ std::vector allowed; + StorePathSet unknown; for (auto & req : targets) { if (goal.isAllowed(req)) allowed.emplace_back(req); @@ -326,7 +315,12 @@ void RestrictedStore::queryMissing( unknown.insert(pathPartOfReq(req)); } - next->queryMissing(allowed, willBuild, willSubstitute, unknown, downloadSize, narSize); + auto res = next->queryMissing(allowed); + + for (auto & p : unknown) + res.unknown.insert(p); + + return res; } } diff --git a/src/libstore/store-api.cc b/src/libstore/store-api.cc index e8988127e33..730a2259384 100644 --- a/src/libstore/store-api.cc +++ b/src/libstore/store-api.cc @@ -794,15 +794,12 @@ void Store::substitutePaths(const StorePathSet & paths) for (auto & path : paths) if (!path.isDerivation()) paths2.emplace_back(DerivedPath::Opaque{path}); - uint64_t downloadSize, narSize; - StorePathSet willBuild, willSubstitute, unknown; - queryMissing(paths2, - willBuild, willSubstitute, unknown, downloadSize, narSize); + auto missing = queryMissing(paths2); - if (!willSubstitute.empty()) + if (!missing.willSubstitute.empty()) try { std::vector subs; - for (auto & p : willSubstitute) subs.emplace_back(DerivedPath::Opaque{p}); + for (auto & p : missing.willSubstitute) subs.emplace_back(DerivedPath::Opaque{p}); buildPaths(subs); } catch (Error & e) { logWarning(e.info()); diff --git a/src/nix-build/nix-build.cc b/src/nix-build/nix-build.cc index 3313c02aa61..120fd4af67d 100644 --- a/src/nix-build/nix-build.cc +++ b/src/nix-build/nix-build.cc @@ -422,13 +422,10 @@ static void main_nix_build(int argc, char * * argv) auto buildPaths = [&](const std::vector & paths) { /* Note: we do this even when !printMissing to efficiently fetch binary cache data. */ - uint64_t downloadSize, narSize; - StorePathSet willBuild, willSubstitute, unknown; - store->queryMissing(paths, - willBuild, willSubstitute, unknown, downloadSize, narSize); + auto missing = store->queryMissing(paths); if (settings.printMissing) - printMissing(ref(store), willBuild, willSubstitute, unknown, downloadSize, narSize); + printMissing(ref(store), missing.willBuild, missing.willSubstitute, missing.unknown, missing.downloadSize, missing.narSize); if (!dryRun) store->buildPaths(paths, buildMode, evalStore); diff --git a/src/nix-store/nix-store.cc b/src/nix-store/nix-store.cc index 9acdf455448..ad921f2278e 100644 --- a/src/nix-store/nix-store.cc +++ b/src/nix-store/nix-store.cc @@ -146,23 +146,19 @@ static void opRealise(Strings opFlags, Strings opArgs) for (auto & i : opArgs) paths.push_back(followLinksToStorePathWithOutputs(*store, i)); - uint64_t downloadSize, narSize; - StorePathSet willBuild, willSubstitute, unknown; - store->queryMissing( - toDerivedPaths(paths), - willBuild, willSubstitute, unknown, downloadSize, narSize); + auto missing = store->queryMissing(toDerivedPaths(paths)); /* Filter out unknown paths from `paths`. */ if (ignoreUnknown) { std::vector paths2; for (auto & i : paths) - if (!unknown.count(i.path)) paths2.push_back(i); + if (!missing.unknown.count(i.path)) paths2.push_back(i); paths = std::move(paths2); - unknown = StorePathSet(); + missing.unknown = StorePathSet(); } if (settings.printMissing) - printMissing(ref(store), willBuild, willSubstitute, unknown, downloadSize, narSize); + printMissing(ref(store), missing.willBuild, missing.willSubstitute, missing.unknown, missing.downloadSize, missing.narSize); if (dryRun) return; From 3a636205c59415addef1be8d85662e2f82794005 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 4 Jul 2025 16:27:08 +0200 Subject: [PATCH 767/815] printMissing(): Take a MissingPaths argument --- src/libmain/include/nix/main/shared.hh | 8 +++--- src/libmain/shared.cc | 34 +++++++++++++------------- src/nix-build/nix-build.cc | 2 +- src/nix-store/nix-store.cc | 2 +- 4 files changed, 24 insertions(+), 22 deletions(-) diff --git a/src/libmain/include/nix/main/shared.hh b/src/libmain/include/nix/main/shared.hh index 2ff57135b1b..4d4b816e714 100644 --- a/src/libmain/include/nix/main/shared.hh +++ b/src/libmain/include/nix/main/shared.hh @@ -35,15 +35,17 @@ void printVersion(const std::string & programName); void printGCWarning(); class Store; +struct MissingPaths; void printMissing( ref store, const std::vector & paths, Verbosity lvl = lvlInfo); -void printMissing(ref store, const StorePathSet & willBuild, - const StorePathSet & willSubstitute, const StorePathSet & unknown, - uint64_t downloadSize, uint64_t narSize, Verbosity lvl = lvlInfo); +void printMissing( + ref store, + const MissingPaths & missing, + Verbosity lvl = lvlInfo); std::string getArg(const std::string & opt, Strings::iterator & i, const Strings::iterator & end); diff --git a/src/libmain/shared.cc b/src/libmain/shared.cc index fa6b0668262..1472345a444 100644 --- a/src/libmain/shared.cc +++ b/src/libmain/shared.cc @@ -46,41 +46,41 @@ void printGCWarning() void printMissing(ref store, const std::vector & paths, Verbosity lvl) { - auto missing = store->queryMissing(paths); - printMissing(store, missing.willBuild, missing.willSubstitute, missing.unknown, missing.downloadSize, missing.narSize, lvl); + printMissing(store, store->queryMissing(paths), lvl); } -void printMissing(ref store, const StorePathSet & willBuild, - const StorePathSet & willSubstitute, const StorePathSet & unknown, - uint64_t downloadSize, uint64_t narSize, Verbosity lvl) +void printMissing( + ref store, + const MissingPaths & missing, + Verbosity lvl) { - if (!willBuild.empty()) { - if (willBuild.size() == 1) + if (!missing.willBuild.empty()) { + if (missing.willBuild.size() == 1) printMsg(lvl, "this derivation will be built:"); else - printMsg(lvl, "these %d derivations will be built:", willBuild.size()); - auto sorted = store->topoSortPaths(willBuild); + printMsg(lvl, "these %d derivations will be built:", missing.willBuild.size()); + auto sorted = store->topoSortPaths(missing.willBuild); reverse(sorted.begin(), sorted.end()); for (auto & i : sorted) printMsg(lvl, " %s", store->printStorePath(i)); } - if (!willSubstitute.empty()) { - const float downloadSizeMiB = downloadSize / (1024.f * 1024.f); - const float narSizeMiB = narSize / (1024.f * 1024.f); - if (willSubstitute.size() == 1) { + if (!missing.willSubstitute.empty()) { + const float downloadSizeMiB = missing.downloadSize / (1024.f * 1024.f); + const float narSizeMiB = missing.narSize / (1024.f * 1024.f); + if (missing.willSubstitute.size() == 1) { printMsg(lvl, "this path will be fetched (%.2f MiB download, %.2f MiB unpacked):", downloadSizeMiB, narSizeMiB); } else { printMsg(lvl, "these %d paths will be fetched (%.2f MiB download, %.2f MiB unpacked):", - willSubstitute.size(), + missing.willSubstitute.size(), downloadSizeMiB, narSizeMiB); } std::vector willSubstituteSorted = {}; - std::for_each(willSubstitute.begin(), willSubstitute.end(), + std::for_each(missing.willSubstitute.begin(), missing.willSubstitute.end(), [&](const StorePath &p) { willSubstituteSorted.push_back(&p); }); std::sort(willSubstituteSorted.begin(), willSubstituteSorted.end(), [](const StorePath *lhs, const StorePath *rhs) { @@ -93,10 +93,10 @@ void printMissing(ref store, const StorePathSet & willBuild, printMsg(lvl, " %s", store->printStorePath(*p)); } - if (!unknown.empty()) { + if (!missing.unknown.empty()) { printMsg(lvl, "don't know how to build these paths%s:", (settings.readOnlyMode ? " (may be caused by read-only store access)" : "")); - for (auto & i : unknown) + for (auto & i : missing.unknown) printMsg(lvl, " %s", store->printStorePath(i)); } } diff --git a/src/nix-build/nix-build.cc b/src/nix-build/nix-build.cc index 120fd4af67d..98f12e3cd60 100644 --- a/src/nix-build/nix-build.cc +++ b/src/nix-build/nix-build.cc @@ -425,7 +425,7 @@ static void main_nix_build(int argc, char * * argv) auto missing = store->queryMissing(paths); if (settings.printMissing) - printMissing(ref(store), missing.willBuild, missing.willSubstitute, missing.unknown, missing.downloadSize, missing.narSize); + printMissing(ref(store), missing); if (!dryRun) store->buildPaths(paths, buildMode, evalStore); diff --git a/src/nix-store/nix-store.cc b/src/nix-store/nix-store.cc index ad921f2278e..faa02a6999f 100644 --- a/src/nix-store/nix-store.cc +++ b/src/nix-store/nix-store.cc @@ -158,7 +158,7 @@ static void opRealise(Strings opFlags, Strings opArgs) } if (settings.printMissing) - printMissing(ref(store), missing.willBuild, missing.willSubstitute, missing.unknown, missing.downloadSize, missing.narSize); + printMissing(ref(store), missing); if (dryRun) return; From 1df17735f569932b1dd167fb3d14c3706b487eb8 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 4 Jul 2025 16:32:37 +0200 Subject: [PATCH 768/815] nix-build: Drop unnecessary call to queryMissing() This is already done by Worker::run(). --- src/nix-build/nix-build.cc | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/src/nix-build/nix-build.cc b/src/nix-build/nix-build.cc index 98f12e3cd60..185188e8384 100644 --- a/src/nix-build/nix-build.cc +++ b/src/nix-build/nix-build.cc @@ -420,12 +420,8 @@ static void main_nix_build(int argc, char * * argv) state->maybePrintStats(); auto buildPaths = [&](const std::vector & paths) { - /* Note: we do this even when !printMissing to efficiently - fetch binary cache data. */ - auto missing = store->queryMissing(paths); - if (settings.printMissing) - printMissing(ref(store), missing); + printMissing(ref(store), paths); if (!dryRun) store->buildPaths(paths, buildMode, evalStore); From 5c9592194c3824b8d1f9da1ddc4d6b1c099bbc89 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 4 Jul 2025 17:07:18 +0200 Subject: [PATCH 769/815] nix flake check: Skip substitutable derivations Since `nix flake check` doesn't produce a `result` symlink, it doesn't actually need to build/substitute derivations that are already known to have succeeded, i.e. that are substitutable. This can speed up CI jobs in cases where the derivations have already been built by other jobs. For instance, a command like nix flake check github:NixOS/hydra/aa62c7f7db31753f0cde690f8654dd1907fc0ce2 should no longer build anything because the outputs are already in cache.nixos.org. --- src/nix/flake.cc | 25 ++++++++++++++++++++++++- 1 file changed, 24 insertions(+), 1 deletion(-) diff --git a/src/nix/flake.cc b/src/nix/flake.cc index 35e96e493fd..444d5707bd2 100644 --- a/src/nix/flake.cc +++ b/src/nix/flake.cc @@ -833,8 +833,31 @@ struct CmdFlakeCheck : FlakeCommand if (build && !drvPaths.empty()) { Activity act(*logger, lvlInfo, actUnknown, fmt("running %d flake checks", drvPaths.size())); - store->buildPaths(drvPaths); + + auto missing = store->queryMissing(drvPaths); + + /* This command doesn't need to actually substitute + derivation outputs if they're missing but + substitutable. So filter out derivations that are + substitutable or already built. */ + std::vector toBuild; + for (auto & path : drvPaths) { + std::visit(overloaded { + [&](const DerivedPath::Built & bfd) { + auto drvPathP = std::get_if(&*bfd.drvPath); + if (!drvPathP || missing.willBuild.contains(drvPathP->path)) + toBuild.push_back(path); + }, + [&](const DerivedPath::Opaque & bo) { + if (!missing.willSubstitute.contains(bo.path)) + toBuild.push_back(path); + }, + }, path.raw()); + } + + store->buildPaths(toBuild); } + if (hasErrors) throw Error("some errors were encountered during the evaluation"); From f7c95fde8880ce28662de9ff0dd3de0cdcc3877c Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Tue, 8 Jul 2025 16:14:06 +0200 Subject: [PATCH 770/815] Bump version --- .version | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.version b/.version index 6a6900382e2..bcec02eeb96 100644 --- a/.version +++ b/.version @@ -1 +1 @@ -2.30.0 +2.30.1 From 48c7e5e14fc341e859a7cbace67cd6849c369591 Mon Sep 17 00:00:00 2001 From: John Soo Date: Mon, 7 Jul 2025 11:14:12 -0600 Subject: [PATCH 771/815] installers, tests: remove --preserve=mode from cp invocations -p preserves xattrs and acls which can be incompatible between filesystems Unfortunately keep -p on darwin because the bsd coreutils do not support --preserve. Fixes #13426 (cherry picked from commit 87299e466daca97fd48d3d446bb587e4f9d46d9a) --- scripts/install-multi-user.sh | 9 +++++++-- scripts/install-nix-from-tarball.sh | 6 +++++- tests/nixos/github-flakes.nix | 2 +- tests/nixos/sourcehut-flakes.nix | 2 +- tests/nixos/tarball-flakes.nix | 2 +- 5 files changed, 15 insertions(+), 6 deletions(-) diff --git a/scripts/install-multi-user.sh b/scripts/install-multi-user.sh index f051ccc46b9..e9ddfc0140d 100644 --- a/scripts/install-multi-user.sh +++ b/scripts/install-multi-user.sh @@ -834,8 +834,13 @@ install_from_extracted_nix() { ( cd "$EXTRACTED_NIX_PATH" - _sudo "to copy the basic Nix files to the new store at $NIX_ROOT/store" \ - cp -RPp ./store/* "$NIX_ROOT/store/" + if is_os_darwin; then + _sudo "to copy the basic Nix files to the new store at $NIX_ROOT/store" \ + cp -RPp ./store/* "$NIX_ROOT/store/" + else + _sudo "to copy the basic Nix files to the new store at $NIX_ROOT/store" \ + cp -RP --preserve=ownership,timestamps ./store/* "$NIX_ROOT/store/" + fi _sudo "to make the new store non-writable at $NIX_ROOT/store" \ chmod -R ugo-w "$NIX_ROOT/store/" diff --git a/scripts/install-nix-from-tarball.sh b/scripts/install-nix-from-tarball.sh index 8d127a9c52c..ec326479323 100644 --- a/scripts/install-nix-from-tarball.sh +++ b/scripts/install-nix-from-tarball.sh @@ -167,7 +167,11 @@ for i in $(cd "$self/store" >/dev/null && echo ./*); do rm -rf "$i_tmp" fi if ! [ -e "$dest/store/$i" ]; then - cp -RPp "$self/store/$i" "$i_tmp" + if [ "$(uname -s)" = "Darwin" ]; then + cp -RPp "$self/store/$i" "$i_tmp" + else + cp -RP --preserve=ownership,timestamps "$self/store/$i" "$i_tmp" + fi chmod -R a-w "$i_tmp" chmod +w "$i_tmp" mv "$i_tmp" "$dest/store/$i" diff --git a/tests/nixos/github-flakes.nix b/tests/nixos/github-flakes.nix index 06142c2efda..91fd6b06234 100644 --- a/tests/nixos/github-flakes.nix +++ b/tests/nixos/github-flakes.nix @@ -81,7 +81,7 @@ let mkdir -p $out/archive dir=NixOS-nixpkgs-${nixpkgs.shortRev} - cp -prd ${nixpkgs} $dir + cp -rd --preserve=ownership,timestamps ${nixpkgs} $dir # Set the correct timestamp in the tarball. find $dir -print0 | xargs -0 touch -h -t ${builtins.substring 0 12 nixpkgs.lastModifiedDate}.${ builtins.substring 12 2 nixpkgs.lastModifiedDate diff --git a/tests/nixos/sourcehut-flakes.nix b/tests/nixos/sourcehut-flakes.nix index 61670ccf346..3f05130d6aa 100644 --- a/tests/nixos/sourcehut-flakes.nix +++ b/tests/nixos/sourcehut-flakes.nix @@ -48,7 +48,7 @@ let nixpkgs-repo = pkgs.runCommand "nixpkgs-flake" { } '' dir=NixOS-nixpkgs-${nixpkgs.shortRev} - cp -prd ${nixpkgs} $dir + cp -rd --preserve=ownership,timestamps ${nixpkgs} $dir # Set the correct timestamp in the tarball. find $dir -print0 | xargs -0 touch -h -t ${builtins.substring 0 12 nixpkgs.lastModifiedDate}.${ diff --git a/tests/nixos/tarball-flakes.nix b/tests/nixos/tarball-flakes.nix index 7b3638b64b8..26c20cb1aef 100644 --- a/tests/nixos/tarball-flakes.nix +++ b/tests/nixos/tarball-flakes.nix @@ -13,7 +13,7 @@ let set -x dir=nixpkgs-${nixpkgs.shortRev} - cp -prd ${nixpkgs} $dir + cp -rd --preserve=ownership,timestamps ${nixpkgs} $dir # Set the correct timestamp in the tarball. find $dir -print0 | xargs -0 touch -h -t ${builtins.substring 0 12 nixpkgs.lastModifiedDate}.${ builtins.substring 12 2 nixpkgs.lastModifiedDate From dcc4b7c6fd9b382b3aa43c452729794ad26e5bec Mon Sep 17 00:00:00 2001 From: h0nIg Date: Wed, 9 Jul 2025 09:30:11 +0200 Subject: [PATCH 772/815] docker: fix nixConf (cherry picked from commit 8a1f471b6607e4626e2cd8ca1e02401578e0044d) --- docker.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docker.nix b/docker.nix index c6e8e478e7e..2addd04589f 100644 --- a/docker.nix +++ b/docker.nix @@ -184,11 +184,11 @@ let } " = "; }; - nixConfContents = toConf { + nixConfContents = toConf ({ sandbox = false; build-users-group = "nixbld"; trusted-public-keys = [ "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" ]; - }; + } // nixConf); userHome = if uid == 0 then "/root" else "/home/${uname}"; From 8b0cfaed9b347b8b132aaadd3f56abd3e2f31ed4 Mon Sep 17 00:00:00 2001 From: h0nIg Date: Wed, 9 Jul 2025 09:34:50 +0200 Subject: [PATCH 773/815] docker: fix nixConf - fmt (cherry picked from commit 9857c0bb52cfb62f324ce598214f20cc3521e3a8) --- docker.nix | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/docker.nix b/docker.nix index 2addd04589f..f594920258e 100644 --- a/docker.nix +++ b/docker.nix @@ -184,11 +184,14 @@ let } " = "; }; - nixConfContents = toConf ({ - sandbox = false; - build-users-group = "nixbld"; - trusted-public-keys = [ "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" ]; - } // nixConf); + nixConfContents = toConf ( + { + sandbox = false; + build-users-group = "nixbld"; + trusted-public-keys = [ "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" ]; + } + // nixConf + ); userHome = if uid == 0 then "/root" else "/home/${uname}"; From 2ecc5156f47767fcf06504b97c38ad494dc3f924 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 9 Jul 2025 17:00:49 +0200 Subject: [PATCH 774/815] lockFlake(): When updating a lock, respect the input's lock file --- src/libflake/flake.cc | 10 +++----- tests/functional/flakes/flakes.sh | 38 +++++++++++++++++++++++++++++++ 2 files changed, 41 insertions(+), 7 deletions(-) diff --git a/src/libflake/flake.cc b/src/libflake/flake.cc index 07570823488..34d094d523b 100644 --- a/src/libflake/flake.cc +++ b/src/libflake/flake.cc @@ -723,16 +723,12 @@ LockedFlake lockFlake( Finally cleanup([&]() { parents.pop_back(); }); /* Recursively process the inputs of this - flake. Also, unless we already have this flake - in the top-level lock file, use this flake's - own lock file. */ + flake, using its own lock file. */ nodePaths.emplace(childNode, inputFlake.path.parent()); computeLocks( inputFlake.inputs, childNode, inputAttrPath, - oldLock - ? std::dynamic_pointer_cast(oldLock) - : readLockFile(state.fetchSettings, inputFlake.lockFilePath()).root.get_ptr(), - oldLock ? followsPrefix : inputAttrPath, + readLockFile(state.fetchSettings, inputFlake.lockFilePath()).root.get_ptr(), + inputAttrPath, inputFlake.path, false); diff --git a/tests/functional/flakes/flakes.sh b/tests/functional/flakes/flakes.sh index cfd2045694e..35b6558ff44 100755 --- a/tests/functional/flakes/flakes.sh +++ b/tests/functional/flakes/flakes.sh @@ -446,3 +446,41 @@ nix flake metadata "$flake2Dir" --reference-lock-file $TEST_ROOT/flake2-overridd # reference-lock-file can only be used if allow-dirty is set. expectStderr 1 nix flake metadata "$flake2Dir" --no-allow-dirty --reference-lock-file $TEST_ROOT/flake2-overridden.lock + +# After changing an input (flake2 from newFlake2Rev to prevFlake2Rev), we should have the transitive inputs locked by revision $prevFlake2Rev of flake2. +prevFlake1Rev=$(nix flake metadata --json "$flake1Dir" | jq -r .revision) +prevFlake2Rev=$(nix flake metadata --json "$flake2Dir" | jq -r .revision) + +echo "# bla" >> "$flake1Dir/flake.nix" +git -C "$flake1Dir" commit flake.nix -m 'bla' + +nix flake update --flake "$flake2Dir" +git -C "$flake2Dir" commit flake.lock -m 'bla' + +newFlake1Rev=$(nix flake metadata --json "$flake1Dir" | jq -r .revision) +newFlake2Rev=$(nix flake metadata --json "$flake2Dir" | jq -r .revision) + +cat > "$flake3Dir/flake.nix" < "$flake3Dir/flake.nix" < Date: Wed, 9 Jul 2025 21:52:47 +0200 Subject: [PATCH 775/815] Hide double copy warning --- src/libexpr/paths.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libexpr/paths.cc b/src/libexpr/paths.cc index 438de1d887b..64b6f80d48d 100644 --- a/src/libexpr/paths.cc +++ b/src/libexpr/paths.cc @@ -60,7 +60,7 @@ std::string EvalState::computeBaseName(const SourcePath & path, PosIdx pos) { if (path.accessor == rootFS) { if (auto storePath = store->maybeParseStorePath(path.path.abs())) { - warn( + debug( "Copying '%s' to the store again.\n" "You can make Nix evaluate faster and copy fewer files by replacing `./.` with the `self` flake input, " "or `builtins.path { path = ./.; name = \"source\"; }`.\n", From 47081aa94c10b36794b3e6e5593505f7f0c1afca Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 9 Jul 2025 22:12:05 +0200 Subject: [PATCH 776/815] Remove some dead code to minimize the upstream diff --- src/libutil/unix/file-system.cc | 4 ---- 1 file changed, 4 deletions(-) diff --git a/src/libutil/unix/file-system.cc b/src/libutil/unix/file-system.cc index a1941db0508..7865de2e9f4 100644 --- a/src/libutil/unix/file-system.cc +++ b/src/libutil/unix/file-system.cc @@ -14,10 +14,6 @@ namespace nix { -namespace fs { -using namespace std::filesystem; -} - Descriptor openDirectory(const std::filesystem::path & path) { return open(path.c_str(), O_RDONLY | O_DIRECTORY); From 37487eec8e40e04aa4091669537386ff87bc20c1 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 9 Jul 2025 17:00:49 +0200 Subject: [PATCH 777/815] lockFlake(): When updating a lock, respect the input's lock file (cherry picked from commit 95437b90fc68bd3fff5a47bd4ac6e5186eb51a00) --- src/libflake/flake.cc | 10 +++----- tests/functional/flakes/flakes.sh | 38 +++++++++++++++++++++++++++++++ 2 files changed, 41 insertions(+), 7 deletions(-) diff --git a/src/libflake/flake.cc b/src/libflake/flake.cc index 322abaa4a52..7a11e604788 100644 --- a/src/libflake/flake.cc +++ b/src/libflake/flake.cc @@ -715,16 +715,12 @@ LockedFlake lockFlake( Finally cleanup([&]() { parents.pop_back(); }); /* Recursively process the inputs of this - flake. Also, unless we already have this flake - in the top-level lock file, use this flake's - own lock file. */ + flake, using its own lock file. */ nodePaths.emplace(childNode, inputFlake.path.parent()); computeLocks( inputFlake.inputs, childNode, inputAttrPath, - oldLock - ? std::dynamic_pointer_cast(oldLock) - : readLockFile(state.fetchSettings, inputFlake.lockFilePath()).root.get_ptr(), - oldLock ? followsPrefix : inputAttrPath, + readLockFile(state.fetchSettings, inputFlake.lockFilePath()).root.get_ptr(), + inputAttrPath, inputFlake.path, false); } diff --git a/tests/functional/flakes/flakes.sh b/tests/functional/flakes/flakes.sh index ce695a6cbcd..7fd9dc9b58b 100755 --- a/tests/functional/flakes/flakes.sh +++ b/tests/functional/flakes/flakes.sh @@ -432,3 +432,41 @@ nix flake metadata "$flake2Dir" --reference-lock-file $TEST_ROOT/flake2-overridd # reference-lock-file can only be used if allow-dirty is set. expectStderr 1 nix flake metadata "$flake2Dir" --no-allow-dirty --reference-lock-file $TEST_ROOT/flake2-overridden.lock + +# After changing an input (flake2 from newFlake2Rev to prevFlake2Rev), we should have the transitive inputs locked by revision $prevFlake2Rev of flake2. +prevFlake1Rev=$(nix flake metadata --json "$flake1Dir" | jq -r .revision) +prevFlake2Rev=$(nix flake metadata --json "$flake2Dir" | jq -r .revision) + +echo "# bla" >> "$flake1Dir/flake.nix" +git -C "$flake1Dir" commit flake.nix -m 'bla' + +nix flake update --flake "$flake2Dir" +git -C "$flake2Dir" commit flake.lock -m 'bla' + +newFlake1Rev=$(nix flake metadata --json "$flake1Dir" | jq -r .revision) +newFlake2Rev=$(nix flake metadata --json "$flake2Dir" | jq -r .revision) + +cat > "$flake3Dir/flake.nix" < "$flake3Dir/flake.nix" < Date: Thu, 10 Jul 2025 15:11:32 +0000 Subject: [PATCH 778/815] Prepare release v3.8.0 From a78a2fdea1767702653d3626dc92a2afcc9584c3 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Thu, 10 Jul 2025 15:11:35 +0000 Subject: [PATCH 779/815] Set .version-determinate to 3.8.0 --- .version-determinate | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.version-determinate b/.version-determinate index 7c69a55dbb1..19811903a7f 100644 --- a/.version-determinate +++ b/.version-determinate @@ -1 +1 @@ -3.7.0 +3.8.0 From c0dfe87d1dfb2ebc801267ea97370f9a028476ad Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Thu, 10 Jul 2025 15:11:40 +0000 Subject: [PATCH 780/815] Generate release notes for 3.8.0 --- doc/manual/source/SUMMARY.md.in | 1 + .../source/release-notes-determinate/changes.md | 14 +++++++++++++- .../source/release-notes-determinate/rl-3.8.0.md | 13 +++++++++++++ 3 files changed, 27 insertions(+), 1 deletion(-) create mode 100644 doc/manual/source/release-notes-determinate/rl-3.8.0.md diff --git a/doc/manual/source/SUMMARY.md.in b/doc/manual/source/SUMMARY.md.in index 00f231a6aac..391a9ec935c 100644 --- a/doc/manual/source/SUMMARY.md.in +++ b/doc/manual/source/SUMMARY.md.in @@ -130,6 +130,7 @@ - [Contributing](development/contributing.md) - [Determinate Nix Release Notes](release-notes-determinate/index.md) - [Changes between Nix and Determinate Nix](release-notes-determinate/changes.md) + - [Release 3.8.0 (2025-07-10)](release-notes-determinate/rl-3.8.0.md) - [Release 3.7.0 (2025-07-03)](release-notes-determinate/rl-3.7.0.md) - [Release 3.6.8 (2025-06-25)](release-notes-determinate/rl-3.6.8.md) - [Release 3.6.7 (2025-06-24)](release-notes-determinate/rl-3.6.7.md) diff --git a/doc/manual/source/release-notes-determinate/changes.md b/doc/manual/source/release-notes-determinate/changes.md index 0d4b2b1ad34..c231e140ef5 100644 --- a/doc/manual/source/release-notes-determinate/changes.md +++ b/doc/manual/source/release-notes-determinate/changes.md @@ -1,6 +1,6 @@ # Changes between Nix and Determinate Nix -This section lists the differences between upstream Nix 2.29 and Determinate Nix 3.7.0. +This section lists the differences between upstream Nix 2.30 and Determinate Nix 3.8.0. * In Determinate Nix, flakes are stable. You no longer need to enable the `flakes` experimental feature. @@ -94,3 +94,15 @@ This section lists the differences between upstream Nix 2.29 and Determinate Nix * `nix store delete` now explains why deletion fails by @edolstra in [DeterminateSystems/nix-src#130](https://github.com/DeterminateSystems/nix-src/pull/130) * New command: `nix flake prefetch-inputs` for improved CI performance, by @edolstra in [DeterminateSystems/nix-src#127](https://github.com/DeterminateSystems/nix-src/pull/127) + + + +* Sync with upstream 2.30.0 by @edolstra in [DeterminateSystems/nix-src#135](https://github.com/DeterminateSystems/nix-src/pull/135) + +* nix flake check: Skip substitutable derivations by @edolstra in [DeterminateSystems/nix-src#134](https://github.com/DeterminateSystems/nix-src/pull/134) + +* lockFlake(): When updating a lock, respect the input's lock file by @edolstra in [DeterminateSystems/nix-src#137](https://github.com/DeterminateSystems/nix-src/pull/137) + +* Hide double copy warning by @edolstra in [DeterminateSystems/nix-src#138](https://github.com/DeterminateSystems/nix-src/pull/138) + +* Remove some dead code to minimize the upstream diff by @edolstra in [DeterminateSystems/nix-src#139](https://github.com/DeterminateSystems/nix-src/pull/139) diff --git a/doc/manual/source/release-notes-determinate/rl-3.8.0.md b/doc/manual/source/release-notes-determinate/rl-3.8.0.md new file mode 100644 index 00000000000..01438bf2be0 --- /dev/null +++ b/doc/manual/source/release-notes-determinate/rl-3.8.0.md @@ -0,0 +1,13 @@ +# Release 3.8.0 (2025-07-10) + +* Based on [upstream Nix 2.30.0](../release-notes/rl-2.30.md). + +## What's Changed +* Sync with upstream 2.30.0 by @edolstra in [DeterminateSystems/nix-src#135](https://github.com/DeterminateSystems/nix-src/pull/135) +* nix flake check: Skip substitutable derivations by @edolstra in [DeterminateSystems/nix-src#134](https://github.com/DeterminateSystems/nix-src/pull/134) +* lockFlake(): When updating a lock, respect the input's lock file by @edolstra in [DeterminateSystems/nix-src#137](https://github.com/DeterminateSystems/nix-src/pull/137) +* Hide double copy warning by @edolstra in [DeterminateSystems/nix-src#138](https://github.com/DeterminateSystems/nix-src/pull/138) +* Remove some dead code to minimize the upstream diff by @edolstra in [DeterminateSystems/nix-src#139](https://github.com/DeterminateSystems/nix-src/pull/139) + + +**Full Changelog**: [v3.7.0...v3.8.0](https://github.com/DeterminateSystems/nix-src/compare/v3.7.0...v3.8.0) From 8f31e84247240cd931592062a27146330fac3c48 Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Thu, 10 Jul 2025 11:26:10 -0400 Subject: [PATCH 781/815] Update release notes --- .../release-notes-determinate/changes.md | 6 ----- .../release-notes-determinate/rl-3.8.0.md | 26 +++++++++++++++---- 2 files changed, 21 insertions(+), 11 deletions(-) diff --git a/doc/manual/source/release-notes-determinate/changes.md b/doc/manual/source/release-notes-determinate/changes.md index c231e140ef5..cd5cce49646 100644 --- a/doc/manual/source/release-notes-determinate/changes.md +++ b/doc/manual/source/release-notes-determinate/changes.md @@ -97,12 +97,6 @@ This section lists the differences between upstream Nix 2.30 and Determinate Nix -* Sync with upstream 2.30.0 by @edolstra in [DeterminateSystems/nix-src#135](https://github.com/DeterminateSystems/nix-src/pull/135) - * nix flake check: Skip substitutable derivations by @edolstra in [DeterminateSystems/nix-src#134](https://github.com/DeterminateSystems/nix-src/pull/134) * lockFlake(): When updating a lock, respect the input's lock file by @edolstra in [DeterminateSystems/nix-src#137](https://github.com/DeterminateSystems/nix-src/pull/137) - -* Hide double copy warning by @edolstra in [DeterminateSystems/nix-src#138](https://github.com/DeterminateSystems/nix-src/pull/138) - -* Remove some dead code to minimize the upstream diff by @edolstra in [DeterminateSystems/nix-src#139](https://github.com/DeterminateSystems/nix-src/pull/139) diff --git a/doc/manual/source/release-notes-determinate/rl-3.8.0.md b/doc/manual/source/release-notes-determinate/rl-3.8.0.md index 01438bf2be0..4103d6df94e 100644 --- a/doc/manual/source/release-notes-determinate/rl-3.8.0.md +++ b/doc/manual/source/release-notes-determinate/rl-3.8.0.md @@ -3,11 +3,27 @@ * Based on [upstream Nix 2.30.0](../release-notes/rl-2.30.md). ## What's Changed -* Sync with upstream 2.30.0 by @edolstra in [DeterminateSystems/nix-src#135](https://github.com/DeterminateSystems/nix-src/pull/135) -* nix flake check: Skip substitutable derivations by @edolstra in [DeterminateSystems/nix-src#134](https://github.com/DeterminateSystems/nix-src/pull/134) -* lockFlake(): When updating a lock, respect the input's lock file by @edolstra in [DeterminateSystems/nix-src#137](https://github.com/DeterminateSystems/nix-src/pull/137) -* Hide double copy warning by @edolstra in [DeterminateSystems/nix-src#138](https://github.com/DeterminateSystems/nix-src/pull/138) -* Remove some dead code to minimize the upstream diff by @edolstra in [DeterminateSystems/nix-src#139](https://github.com/DeterminateSystems/nix-src/pull/139) +### Faster CI with `nix flake check` + +`nix flake check` no longer downloads flake outputs if no building is necessary. + +This command is intended to validate that a flake can fully evaluate and all outputs can build. +If the outputs are available in a binary cache then both properties are confirmed to be true. +Notably, downloading the output from the binary cache is not strictly necessary for the validation. + +Previously, `nix flake check` would download a flake output if the full build is available in a binary cache. + +Some users will find this change significantly reduces costly bandwidth and CI workflow time. + +PR: [DeterminateSystems/nix-src#134](https://github.com/DeterminateSystems/nix-src/pull/134) + +### Improved flake locking of transitive dependencies + +Determinate Nix now re-locks all transitive dependencies when changing a flake input's source URL. + +This fixes an issue where in some scenarios Nix would not re-lock those inputs and incorrectly use the old inputs' dependencies. + +PR: [DeterminateSystems/nix-src#137](https://github.com/DeterminateSystems/nix-src/pull/137) **Full Changelog**: [v3.7.0...v3.8.0](https://github.com/DeterminateSystems/nix-src/compare/v3.7.0...v3.8.0) From 7119d594fc2251f78caca969c4657f9154ccfa0a Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 10 Jul 2025 11:41:32 +0200 Subject: [PATCH 782/815] fetchClosure: Fix gcc warning MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Fixes: [261/394] Linking target src/libexpr/libnixexpr.so In function ‘copy’, inlined from ‘__ct ’ at /nix/store/24sdvjs6rfqs69d21gdn437mb3vc0svh-gcc-14.2.1.20250322/include/c++/14.2.1.20250322/bits/basic_string.h:688:23, inlined from ‘operator+’ at /nix/store/24sdvjs6rfqs69d21gdn437mb3vc0svh-gcc-14.2.1.20250322/include/c++/14.2.1.20250322/bits/basic_string.h:3735:43, inlined from ‘operator()’ at ../src/libexpr/primops/fetchClosure.cc:127:58, inlined from ‘prim_fetchClosure’ at ../src/libexpr/primops/fetchClosure.cc:132:88: /nix/store/24sdvjs6rfqs69d21gdn437mb3vc0svh-gcc-14.2.1.20250322/include/c++/14.2.1.20250322/bits/char_traits.h:427:56: warning: ‘__builtin_memcpy’ writing 74 bytes into a region of size 16 overflows the destination [-Wstringop-overflow=] 427 | return static_cast(__builtin_memcpy(__s1, __s2, __n)); | ^ ../src/libexpr/primops/fetchClosure.cc: In function ‘prim_fetchClosure’: ../src/libexpr/primops/fetchClosure.cc:132:88: note: at offset 16 into destination object ‘’ of size 32 132 | fromPath = state.coerceToStorePath(attr.pos, *attr.value, context, attrHint()); | ^ (cherry picked from commit aa18dc54dc76102b9f568b4db5d75a5a122e1302) --- src/libexpr/primops/fetchClosure.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libexpr/primops/fetchClosure.cc b/src/libexpr/primops/fetchClosure.cc index ea6145f6f9e..4be4dac8f15 100644 --- a/src/libexpr/primops/fetchClosure.cc +++ b/src/libexpr/primops/fetchClosure.cc @@ -124,7 +124,7 @@ static void prim_fetchClosure(EvalState & state, const PosIdx pos, Value * * arg for (auto & attr : *args[0]->attrs()) { const auto & attrName = state.symbols[attr.name]; auto attrHint = [&]() -> std::string { - return "while evaluating the '" + attrName + "' attribute passed to builtins.fetchClosure"; + return fmt("while evaluating the attribute '%s' passed to builtins.fetchClosure", attrName); }; if (attrName == "fromPath") { From d1f57c5dae43468d331a7fdb4c5a5e44eff28f1c Mon Sep 17 00:00:00 2001 From: Cole Helbling Date: Mon, 30 Jun 2025 13:56:04 -0700 Subject: [PATCH 783/815] external-derivation-builder: write the json doc into builder's stdin --- src/libstore/include/nix/store/globals.hh | 2 +- .../unix/build/external-derivation-builder.cc | 17 ++++++++++++----- 2 files changed, 13 insertions(+), 6 deletions(-) diff --git a/src/libstore/include/nix/store/globals.hh b/src/libstore/include/nix/store/globals.hh index fcfc2e94ab0..041300bed5a 100644 --- a/src/libstore/include/nix/store/globals.hh +++ b/src/libstore/include/nix/store/globals.hh @@ -1248,7 +1248,7 @@ public: R"( Helper programs that execute derivations. - The program is passed a JSON document that describes the build environment as the final argument. + The program is passed a JSON document that describes the build environment on standard input. The JSON document looks like this: { diff --git a/src/libstore/unix/build/external-derivation-builder.cc b/src/libstore/unix/build/external-derivation-builder.cc index 1906ddd700a..9fe0eb19f07 100644 --- a/src/libstore/unix/build/external-derivation-builder.cc +++ b/src/libstore/unix/build/external-derivation-builder.cc @@ -4,6 +4,11 @@ struct ExternalDerivationBuilder : DerivationBuilderImpl { Settings::ExternalBuilder externalBuilder; + /** + * Pipe for talking to the spawned builder. + */ + Pipe toBuilder; + ExternalDerivationBuilder( Store & store, std::unique_ptr miscMethods, @@ -83,23 +88,22 @@ struct ExternalDerivationBuilder : DerivationBuilderImpl json.emplace("realStoreDir", getLocalStore(store).config->realStoreDir.get()); json.emplace("system", drv.platform); - // FIXME: maybe write this JSON into the builder's stdin instead....? - auto jsonFile = topTmpDir + "/build.json"; - writeFile(jsonFile, json.dump()); + toBuilder.create(); pid = startProcess([&]() { openSlave(); try { commonChildInit(); + if (dup2(toBuilder.readSide.get(), STDIN_FILENO) == -1) + throw SysError("duping to-builder read side to builder's stdin"); + Strings args = {externalBuilder.program}; if (!externalBuilder.args.empty()) { args.insert(args.end(), externalBuilder.args.begin(), externalBuilder.args.end()); } - args.insert(args.end(), jsonFile); - debug("executing external builder: %s", concatStringsSep(" ", args)); execv(externalBuilder.program.c_str(), stringsToCharPtrs(args).data()); @@ -109,6 +113,9 @@ struct ExternalDerivationBuilder : DerivationBuilderImpl _exit(1); } }); + + writeFull(toBuilder.writeSide.get(), json.dump()); + toBuilder.close(); } }; From 382e25405aed7913ebc679df5820be53876899b5 Mon Sep 17 00:00:00 2001 From: Sergei Zimmerman Date: Fri, 11 Jul 2025 20:20:48 +0300 Subject: [PATCH 784/815] libexpr: Fix invalid handling of errors for imported functions c39cc004043b95d55a0c2c2bdba58d6d3e0db846 has added assertions for all Value accesses and the following case has started failing with an `unreachable`: (/tmp/fun.nix): ```nix {a}: a ``` ``` $ nix eval --impure --expr 'import /tmp/fun.nix {a="a";b="b";}' ``` This would crash: ``` terminating due to unexpected unrecoverable internal error: Unexpected condition in getStorage at ../include/nix/expr/value.hh:844 ``` This is not a regression, but rather surfaces an existing problem, which previously was left undiagnosed. In the case of an import `fun` is the `import` primOp, so that read is invalid and previously this resulted in an access into an inactive union member, which is UB. The correct thing to use is `vCur`. Identical problem also affected the case of a missing argument. Add previously failing test cases to the functional/lang test suite. Fixes #13448. (cherry picked from commit 6e78cc90d3415694ec15bd273b47d21bb1be96ad) --- src/libexpr/eval.cc | 4 ++-- .../lang/eval-fail-missing-arg-import.err.exp | 12 ++++++++++++ .../lang/eval-fail-missing-arg-import.nix | 1 + .../lang/eval-fail-undeclared-arg-import.err.exp | 13 +++++++++++++ .../lang/eval-fail-undeclared-arg-import.nix | 4 ++++ .../lang/non-eval-trivial-lambda-formals.nix | 1 + 6 files changed, 33 insertions(+), 2 deletions(-) create mode 100644 tests/functional/lang/eval-fail-missing-arg-import.err.exp create mode 100644 tests/functional/lang/eval-fail-missing-arg-import.nix create mode 100644 tests/functional/lang/eval-fail-undeclared-arg-import.err.exp create mode 100644 tests/functional/lang/eval-fail-undeclared-arg-import.nix create mode 100644 tests/functional/lang/non-eval-trivial-lambda-formals.nix diff --git a/src/libexpr/eval.cc b/src/libexpr/eval.cc index 1321e00a5a5..47cc35daa8c 100644 --- a/src/libexpr/eval.cc +++ b/src/libexpr/eval.cc @@ -1602,7 +1602,7 @@ void EvalState::callFunction(Value & fun, std::span args, Value & vRes, symbols[i.name]) .atPos(lambda.pos) .withTrace(pos, "from call site") - .withFrame(*fun.lambda().env, lambda) + .withFrame(*vCur.lambda().env, lambda) .debugThrow(); } env2.values[displ++] = i.def->maybeThunk(*this, env2); @@ -1629,7 +1629,7 @@ void EvalState::callFunction(Value & fun, std::span args, Value & vRes, .atPos(lambda.pos) .withTrace(pos, "from call site") .withSuggestions(suggestions) - .withFrame(*fun.lambda().env, lambda) + .withFrame(*vCur.lambda().env, lambda) .debugThrow(); } unreachable(); diff --git a/tests/functional/lang/eval-fail-missing-arg-import.err.exp b/tests/functional/lang/eval-fail-missing-arg-import.err.exp new file mode 100644 index 00000000000..45774f0032d --- /dev/null +++ b/tests/functional/lang/eval-fail-missing-arg-import.err.exp @@ -0,0 +1,12 @@ +error: + … from call site + at /pwd/lang/eval-fail-missing-arg-import.nix:1:1: + 1| import ./non-eval-trivial-lambda-formals.nix { } + | ^ + 2| + + error: function 'anonymous lambda' called without required argument 'a' + at /pwd/lang/non-eval-trivial-lambda-formals.nix:1:1: + 1| { a }: a + | ^ + 2| diff --git a/tests/functional/lang/eval-fail-missing-arg-import.nix b/tests/functional/lang/eval-fail-missing-arg-import.nix new file mode 100644 index 00000000000..7cb33f2b516 --- /dev/null +++ b/tests/functional/lang/eval-fail-missing-arg-import.nix @@ -0,0 +1 @@ +import ./non-eval-trivial-lambda-formals.nix { } diff --git a/tests/functional/lang/eval-fail-undeclared-arg-import.err.exp b/tests/functional/lang/eval-fail-undeclared-arg-import.err.exp new file mode 100644 index 00000000000..ca797d3eca2 --- /dev/null +++ b/tests/functional/lang/eval-fail-undeclared-arg-import.err.exp @@ -0,0 +1,13 @@ +error: + … from call site + at /pwd/lang/eval-fail-undeclared-arg-import.nix:1:1: + 1| import ./non-eval-trivial-lambda-formals.nix { + | ^ + 2| a = "a"; + + error: function 'anonymous lambda' called with unexpected argument 'b' + at /pwd/lang/non-eval-trivial-lambda-formals.nix:1:1: + 1| { a }: a + | ^ + 2| + Did you mean a? diff --git a/tests/functional/lang/eval-fail-undeclared-arg-import.nix b/tests/functional/lang/eval-fail-undeclared-arg-import.nix new file mode 100644 index 00000000000..e8454c725a7 --- /dev/null +++ b/tests/functional/lang/eval-fail-undeclared-arg-import.nix @@ -0,0 +1,4 @@ +import ./non-eval-trivial-lambda-formals.nix { + a = "a"; + b = "b"; +} diff --git a/tests/functional/lang/non-eval-trivial-lambda-formals.nix b/tests/functional/lang/non-eval-trivial-lambda-formals.nix new file mode 100644 index 00000000000..46a7ea4f494 --- /dev/null +++ b/tests/functional/lang/non-eval-trivial-lambda-formals.nix @@ -0,0 +1 @@ +{ a }: a From 8e21e61a51036d4ad624f174a2e5078d19c671a4 Mon Sep 17 00:00:00 2001 From: gustavderdrache Date: Fri, 11 Jul 2025 18:00:26 -0400 Subject: [PATCH 785/815] Address ifdef problem with macOS/BSD sandboxing --- src/libstore/unix/user-lock.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libstore/unix/user-lock.cc b/src/libstore/unix/user-lock.cc index 6a07cb7cc83..f5d164e5b18 100644 --- a/src/libstore/unix/user-lock.cc +++ b/src/libstore/unix/user-lock.cc @@ -197,7 +197,7 @@ bool useBuildUsers() #ifdef __linux__ static bool b = (settings.buildUsersGroup != "" || settings.autoAllocateUids) && isRootUser(); return b; - #elif defined(__APPLE__) && defined(__FreeBSD__) + #elif defined(__APPLE__) || defined(__FreeBSD__) static bool b = settings.buildUsersGroup != "" && isRootUser(); return b; #else From 861b196bdc3cb79f4a9df8cf2c15b8b13949959c Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Fri, 11 Jul 2025 23:07:21 +0000 Subject: [PATCH 786/815] Prepare release v3.8.1 From fd3e326fbf8987043f0d398554372610f159162e Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Fri, 11 Jul 2025 23:07:24 +0000 Subject: [PATCH 787/815] Set .version-determinate to 3.8.1 --- .version-determinate | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.version-determinate b/.version-determinate index 19811903a7f..f2807196747 100644 --- a/.version-determinate +++ b/.version-determinate @@ -1 +1 @@ -3.8.0 +3.8.1 From e6350604baae77214427d1bb4fac460960fcc87d Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Fri, 11 Jul 2025 23:07:29 +0000 Subject: [PATCH 788/815] Generate release notes for 3.8.1 --- doc/manual/source/SUMMARY.md.in | 1 + doc/manual/source/release-notes-determinate/changes.md | 6 +++++- doc/manual/source/release-notes-determinate/rl-3.8.1.md | 9 +++++++++ 3 files changed, 15 insertions(+), 1 deletion(-) create mode 100644 doc/manual/source/release-notes-determinate/rl-3.8.1.md diff --git a/doc/manual/source/SUMMARY.md.in b/doc/manual/source/SUMMARY.md.in index 391a9ec935c..a0f62fbbc37 100644 --- a/doc/manual/source/SUMMARY.md.in +++ b/doc/manual/source/SUMMARY.md.in @@ -130,6 +130,7 @@ - [Contributing](development/contributing.md) - [Determinate Nix Release Notes](release-notes-determinate/index.md) - [Changes between Nix and Determinate Nix](release-notes-determinate/changes.md) + - [Release 3.8.1 (2025-07-11)](release-notes-determinate/rl-3.8.1.md) - [Release 3.8.0 (2025-07-10)](release-notes-determinate/rl-3.8.0.md) - [Release 3.7.0 (2025-07-03)](release-notes-determinate/rl-3.7.0.md) - [Release 3.6.8 (2025-06-25)](release-notes-determinate/rl-3.6.8.md) diff --git a/doc/manual/source/release-notes-determinate/changes.md b/doc/manual/source/release-notes-determinate/changes.md index cd5cce49646..ab7ec98e6b1 100644 --- a/doc/manual/source/release-notes-determinate/changes.md +++ b/doc/manual/source/release-notes-determinate/changes.md @@ -1,6 +1,6 @@ # Changes between Nix and Determinate Nix -This section lists the differences between upstream Nix 2.30 and Determinate Nix 3.8.0. +This section lists the differences between upstream Nix 2.30 and Determinate Nix 3.8.1. * In Determinate Nix, flakes are stable. You no longer need to enable the `flakes` experimental feature. @@ -100,3 +100,7 @@ This section lists the differences between upstream Nix 2.30 and Determinate Nix * nix flake check: Skip substitutable derivations by @edolstra in [DeterminateSystems/nix-src#134](https://github.com/DeterminateSystems/nix-src/pull/134) * lockFlake(): When updating a lock, respect the input's lock file by @edolstra in [DeterminateSystems/nix-src#137](https://github.com/DeterminateSystems/nix-src/pull/137) + + + +* Address ifdef problem with macOS/BSD sandboxing by @gustavderdrache in [DeterminateSystems/nix-src#142](https://github.com/DeterminateSystems/nix-src/pull/142) diff --git a/doc/manual/source/release-notes-determinate/rl-3.8.1.md b/doc/manual/source/release-notes-determinate/rl-3.8.1.md new file mode 100644 index 00000000000..90dc328f6ec --- /dev/null +++ b/doc/manual/source/release-notes-determinate/rl-3.8.1.md @@ -0,0 +1,9 @@ +# Release 3.8.1 (2025-07-11) + +* Based on [upstream Nix 2.30.0](../release-notes/rl-2.30.md). + +## What's Changed +* Address ifdef problem with macOS/BSD sandboxing by @gustavderdrache in [DeterminateSystems/nix-src#142](https://github.com/DeterminateSystems/nix-src/pull/142) + + +**Full Changelog**: [v3.8.0...v3.8.1](https://github.com/DeterminateSystems/nix-src/compare/v3.8.0...v3.8.1) From 1cf202650aa664960093ee33475f8cb4cc4fce11 Mon Sep 17 00:00:00 2001 From: gustavderdrache Date: Fri, 11 Jul 2025 18:00:26 -0400 Subject: [PATCH 789/815] Address ifdef problem with macOS/BSD sandboxing (cherry picked from commit e2ef2cfcbc83ea01308ee64c38a58707ab23dec3) --- src/libstore/unix/user-lock.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libstore/unix/user-lock.cc b/src/libstore/unix/user-lock.cc index 6a07cb7cc83..f5d164e5b18 100644 --- a/src/libstore/unix/user-lock.cc +++ b/src/libstore/unix/user-lock.cc @@ -197,7 +197,7 @@ bool useBuildUsers() #ifdef __linux__ static bool b = (settings.buildUsersGroup != "" || settings.autoAllocateUids) && isRootUser(); return b; - #elif defined(__APPLE__) && defined(__FreeBSD__) + #elif defined(__APPLE__) || defined(__FreeBSD__) static bool b = settings.buildUsersGroup != "" && isRootUser(); return b; #else From 9497b593c685bfb40fd684fe4c21207c9fdf0c66 Mon Sep 17 00:00:00 2001 From: gustavderdrache Date: Fri, 11 Jul 2025 18:38:51 -0400 Subject: [PATCH 790/815] CI: Roll nix version to 2.29.1 This works around the macOS issue that the prior commit addresses. (cherry picked from commit 8e5814d972642def9842fba3f8a6116f6b9e5c96) --- .github/workflows/ci.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 29cb33f56af..ac749bc3f83 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -14,6 +14,8 @@ jobs: with: fetch-depth: 0 - uses: cachix/install-nix-action@v31 + with: + install_url: "https://releases.nixos.org/nix/nix-2.29.1/install" - run: nix --experimental-features 'nix-command flakes' flake show --all-systems --json tests: @@ -36,6 +38,7 @@ jobs: fetch-depth: 0 - uses: cachix/install-nix-action@v31 with: + install_url: "https://releases.nixos.org/nix/nix-2.29.1/install" # The sandbox would otherwise be disabled by default on Darwin extra_nix_config: | sandbox = true From bbc9d6c4f5dc3c288c594fed3e46dbf52b9585ed Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Fri, 11 Jul 2025 20:01:40 -0400 Subject: [PATCH 791/815] ci: don't run the full test suite for x86_64-darwin Since this platform represents a tiny fraction of our users and causes considerable delays in our release flow, let's disable the more extensive test suite on that platform. --- .github/workflows/ci.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index c002d0b66bd..f2b7728859f 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -59,6 +59,7 @@ jobs: runner: macos-latest-large runner_for_virt: macos-latest-large runner_small: macos-latest-large + run_tests: false build_aarch64-darwin: uses: ./.github/workflows/build.yml From 37071b2d2d0b78703960392ee1b74d15a0c8b700 Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Fri, 11 Jul 2025 20:13:00 -0400 Subject: [PATCH 792/815] Try publishing the manual again --- .github/workflows/build.yml | 17 +++++++++++++++-- .github/workflows/ci.yml | 3 +++ 2 files changed, 18 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index b195acd8f71..185efcdb759 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -29,6 +29,18 @@ on: required: false default: false type: boolean + publish_manual: + required: false + default: false + type: boolean + manual_netlify_auth_token: + required: false + default: "" + type: string + manual_netlify_site_id: + required: false + default: "" + type: string jobs: build: @@ -179,6 +191,7 @@ jobs: - name: Build manual run: nix build .#hydraJobs.manual - uses: nwtgck/actions-netlify@v3.0 + if: inputs.publish_manual with: publish-dir: "./result/share/doc/nix/manual" production-branch: detsys-main @@ -192,8 +205,8 @@ jobs: enable-commit-status: true overwrites-pull-request-comment: true env: - NETLIFY_AUTH_TOKEN: ${{ secrets.NETLIFY_AUTH_TOKEN }} - NETLIFY_SITE_ID: ${{ secrets.NETLIFY_SITE_ID }} + NETLIFY_AUTH_TOKEN: ${{ inputs.manual_netlify_auth_token }} + NETLIFY_SITE_ID: ${{ inputs.manual_netlify_site_id }} success: needs: diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index c002d0b66bd..b36c15cb6d5 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -41,6 +41,9 @@ jobs: run_tests: true run_vm_tests: true run_regression_tests: true + publish_manual: true + manual_netlify_auth_token: ${{ secrets.NETLIFY_AUTH_TOKEN }} + manual_netlify_site_id: ${{ secrets.NETLIFY_SITE_ID }} build_aarch64-linux: uses: ./.github/workflows/build.yml From b96c3e46574e6461402e935c723142c3873525d3 Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Fri, 11 Jul 2025 20:26:32 -0400 Subject: [PATCH 793/815] Maybe this helps --- .github/workflows/build.yml | 9 +++------ .github/workflows/ci.yml | 1 + 2 files changed, 4 insertions(+), 6 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 185efcdb759..dec7ddbc962 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -33,14 +33,11 @@ on: required: false default: false type: boolean + secrets: manual_netlify_auth_token: required: false - default: "" - type: string manual_netlify_site_id: required: false - default: "" - type: string jobs: build: @@ -205,8 +202,8 @@ jobs: enable-commit-status: true overwrites-pull-request-comment: true env: - NETLIFY_AUTH_TOKEN: ${{ inputs.manual_netlify_auth_token }} - NETLIFY_SITE_ID: ${{ inputs.manual_netlify_site_id }} + NETLIFY_AUTH_TOKEN: ${{ secrets.manual_netlify_auth_token }} + NETLIFY_SITE_ID: ${{ secrets.manual_netlify_site_id }} success: needs: diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index b36c15cb6d5..23eac95350b 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -42,6 +42,7 @@ jobs: run_vm_tests: true run_regression_tests: true publish_manual: true + secrets: manual_netlify_auth_token: ${{ secrets.NETLIFY_AUTH_TOKEN }} manual_netlify_site_id: ${{ secrets.NETLIFY_SITE_ID }} From e25be4a49cbc1565358f0d0afb9c73b0c62b69b1 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Sat, 12 Jul 2025 13:51:13 +0000 Subject: [PATCH 794/815] Prepare release v3.8.2 From 86fe0053f8a944f522dbcafe0eb15166130829c2 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Sat, 12 Jul 2025 13:51:16 +0000 Subject: [PATCH 795/815] Set .version-determinate to 3.8.2 --- .version-determinate | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.version-determinate b/.version-determinate index f2807196747..a08ffae0cae 100644 --- a/.version-determinate +++ b/.version-determinate @@ -1 +1 @@ -3.8.1 +3.8.2 From db0c2efeb46add050a501e9b524f28f5a799d577 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Sat, 12 Jul 2025 13:51:21 +0000 Subject: [PATCH 796/815] Generate release notes for 3.8.2 --- doc/manual/source/SUMMARY.md.in | 1 + doc/manual/source/release-notes-determinate/changes.md | 8 +++++++- .../source/release-notes-determinate/rl-3.8.2.md | 10 ++++++++++ 3 files changed, 18 insertions(+), 1 deletion(-) create mode 100644 doc/manual/source/release-notes-determinate/rl-3.8.2.md diff --git a/doc/manual/source/SUMMARY.md.in b/doc/manual/source/SUMMARY.md.in index a0f62fbbc37..03a18f3313c 100644 --- a/doc/manual/source/SUMMARY.md.in +++ b/doc/manual/source/SUMMARY.md.in @@ -130,6 +130,7 @@ - [Contributing](development/contributing.md) - [Determinate Nix Release Notes](release-notes-determinate/index.md) - [Changes between Nix and Determinate Nix](release-notes-determinate/changes.md) + - [Release 3.8.2 (2025-07-12)](release-notes-determinate/rl-3.8.2.md) - [Release 3.8.1 (2025-07-11)](release-notes-determinate/rl-3.8.1.md) - [Release 3.8.0 (2025-07-10)](release-notes-determinate/rl-3.8.0.md) - [Release 3.7.0 (2025-07-03)](release-notes-determinate/rl-3.7.0.md) diff --git a/doc/manual/source/release-notes-determinate/changes.md b/doc/manual/source/release-notes-determinate/changes.md index ab7ec98e6b1..8c5f3077005 100644 --- a/doc/manual/source/release-notes-determinate/changes.md +++ b/doc/manual/source/release-notes-determinate/changes.md @@ -1,6 +1,6 @@ # Changes between Nix and Determinate Nix -This section lists the differences between upstream Nix 2.30 and Determinate Nix 3.8.1. +This section lists the differences between upstream Nix 2.30 and Determinate Nix 3.8.2. * In Determinate Nix, flakes are stable. You no longer need to enable the `flakes` experimental feature. @@ -104,3 +104,9 @@ This section lists the differences between upstream Nix 2.30 and Determinate Nix * Address ifdef problem with macOS/BSD sandboxing by @gustavderdrache in [DeterminateSystems/nix-src#142](https://github.com/DeterminateSystems/nix-src/pull/142) + + + +* ci: don't run the full test suite for x86_64-darwin by @grahamc in [DeterminateSystems/nix-src#144](https://github.com/DeterminateSystems/nix-src/pull/144) + +* Try publishing the manual again by @grahamc in [DeterminateSystems/nix-src#145](https://github.com/DeterminateSystems/nix-src/pull/145) diff --git a/doc/manual/source/release-notes-determinate/rl-3.8.2.md b/doc/manual/source/release-notes-determinate/rl-3.8.2.md new file mode 100644 index 00000000000..638d90f6841 --- /dev/null +++ b/doc/manual/source/release-notes-determinate/rl-3.8.2.md @@ -0,0 +1,10 @@ +# Release 3.8.2 (2025-07-12) + +* Based on [upstream Nix 2.30.0](../release-notes/rl-2.30.md). + +## What's Changed +* ci: don't run the full test suite for x86_64-darwin by @grahamc in [DeterminateSystems/nix-src#144](https://github.com/DeterminateSystems/nix-src/pull/144) +* Try publishing the manual again by @grahamc in [DeterminateSystems/nix-src#145](https://github.com/DeterminateSystems/nix-src/pull/145) + + +**Full Changelog**: [v3.8.1...v3.8.2](https://github.com/DeterminateSystems/nix-src/compare/v3.8.1...v3.8.2) From efa239875b772544e6650aee57452d108d29acbe Mon Sep 17 00:00:00 2001 From: Cole Helbling Date: Mon, 14 Jul 2025 07:32:11 -0700 Subject: [PATCH 797/815] Add an `external-builders` experimental feature --- src/libstore/include/nix/store/globals.hh | 20 ++++++++++++++++++- .../unix/build/external-derivation-builder.cc | 1 + src/libutil/experimental-features.cc | 8 ++++++++ .../include/nix/util/experimental-features.hh | 1 + 4 files changed, 29 insertions(+), 1 deletion(-) diff --git a/src/libstore/include/nix/store/globals.hh b/src/libstore/include/nix/store/globals.hh index 041300bed5a..2dfd187c1e2 100644 --- a/src/libstore/include/nix/store/globals.hh +++ b/src/libstore/include/nix/store/globals.hh @@ -1309,7 +1309,25 @@ public: "tmpDirInSandbox": "/build", "topTmpDir": "/private/tmp/nix-build-hello-2.12.2.drv-0" } - )" + )", + {}, // aliases + true, // document default + // NOTE(cole-h): even though we can make the experimental feature required here, the errors + // are not as good (it just becomes a warning if you try to use this setting without the + // experimental feature) + // + // With this commented out: + // + // error: experimental Nix feature 'external-builders' is disabled; add '--extra-experimental-features external-builders' to enable it + // + // With this uncommented: + // + // warning: Ignoring setting 'external-builders' because experimental feature 'external-builders' is not enabled + // error: Cannot build '/nix/store/vwsp4qd8a62jqa36p26d15hin4xnj949-opentofu-1.10.2.drv'. + // Reason: required system or feature not available + // Required system: 'aarch64-linux' with features {} + // Current system: 'aarch64-darwin' with features {apple-virt, benchmark, big-parallel, nixos-test} + // Xp::ExternalBuilders }; }; diff --git a/src/libstore/unix/build/external-derivation-builder.cc b/src/libstore/unix/build/external-derivation-builder.cc index 9fe0eb19f07..20919187cbb 100644 --- a/src/libstore/unix/build/external-derivation-builder.cc +++ b/src/libstore/unix/build/external-derivation-builder.cc @@ -17,6 +17,7 @@ struct ExternalDerivationBuilder : DerivationBuilderImpl : DerivationBuilderImpl(store, std::move(miscMethods), std::move(params)) , externalBuilder(std::move(externalBuilder)) { + experimentalFeatureSettings.require(Xp::ExternalBuilders); } static std::unique_ptr newIfSupported( diff --git a/src/libutil/experimental-features.cc b/src/libutil/experimental-features.cc index 04e8705e5a3..075b90ec58e 100644 --- a/src/libutil/experimental-features.cc +++ b/src/libutil/experimental-features.cc @@ -288,6 +288,14 @@ constexpr std::array xpFeatureDetails )", .trackingUrl = "https://github.com/NixOS/nix/milestone/55", }, + { + .tag = Xp::ExternalBuilders, + .name = "external-builders", + .description = R"( + Enables support for external builders / sandbox providers. + )", + .trackingUrl = "", + }, { .tag = Xp::BLAKE3Hashes, .name = "blake3-hashes", diff --git a/src/libutil/include/nix/util/experimental-features.hh b/src/libutil/include/nix/util/experimental-features.hh index d7bc56f27d9..5a01d960ca4 100644 --- a/src/libutil/include/nix/util/experimental-features.hh +++ b/src/libutil/include/nix/util/experimental-features.hh @@ -35,6 +35,7 @@ enum struct ExperimentalFeature MountedSSHStore, VerifiedFetches, PipeOperators, + ExternalBuilders, BLAKE3Hashes, }; From b029442553ecc545eab7a9823b00c72bbe0fa374 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 14 Jul 2025 19:46:10 +0200 Subject: [PATCH 798/815] Only build the manual on x86_64-linux Otherwise the build will randomly fail on other platforms depending on whether the result is already in the binary cache. --- .github/workflows/build.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index dec7ddbc962..e34a03bd0b2 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -186,9 +186,10 @@ jobs: - uses: DeterminateSystems/determinate-nix-action@main - uses: DeterminateSystems/flakehub-cache-action@main - name: Build manual + if: inputs.system == 'x86_64-linux' run: nix build .#hydraJobs.manual - uses: nwtgck/actions-netlify@v3.0 - if: inputs.publish_manual + if: inputs.publish_manual && inputs.system == 'x86_64-linux' with: publish-dir: "./result/share/doc/nix/manual" production-branch: detsys-main From 5b27325bc23472862ece37cd5883ebb65f206959 Mon Sep 17 00:00:00 2001 From: Cole Helbling Date: Mon, 14 Jul 2025 11:00:13 -0700 Subject: [PATCH 799/815] Revert "external-derivation-builder: write the json doc into builder's stdin" This reverts commit d1f57c5dae43468d331a7fdb4c5a5e44eff28f1c. --- src/libstore/include/nix/store/globals.hh | 2 +- .../unix/build/external-derivation-builder.cc | 17 +++++------------ 2 files changed, 6 insertions(+), 13 deletions(-) diff --git a/src/libstore/include/nix/store/globals.hh b/src/libstore/include/nix/store/globals.hh index 2dfd187c1e2..fdc0c0827a5 100644 --- a/src/libstore/include/nix/store/globals.hh +++ b/src/libstore/include/nix/store/globals.hh @@ -1248,7 +1248,7 @@ public: R"( Helper programs that execute derivations. - The program is passed a JSON document that describes the build environment on standard input. + The program is passed a JSON document that describes the build environment as the final argument. The JSON document looks like this: { diff --git a/src/libstore/unix/build/external-derivation-builder.cc b/src/libstore/unix/build/external-derivation-builder.cc index 20919187cbb..e71cd71198e 100644 --- a/src/libstore/unix/build/external-derivation-builder.cc +++ b/src/libstore/unix/build/external-derivation-builder.cc @@ -4,11 +4,6 @@ struct ExternalDerivationBuilder : DerivationBuilderImpl { Settings::ExternalBuilder externalBuilder; - /** - * Pipe for talking to the spawned builder. - */ - Pipe toBuilder; - ExternalDerivationBuilder( Store & store, std::unique_ptr miscMethods, @@ -89,22 +84,23 @@ struct ExternalDerivationBuilder : DerivationBuilderImpl json.emplace("realStoreDir", getLocalStore(store).config->realStoreDir.get()); json.emplace("system", drv.platform); - toBuilder.create(); + // FIXME: maybe write this JSON into the builder's stdin instead....? + auto jsonFile = topTmpDir + "/build.json"; + writeFile(jsonFile, json.dump()); pid = startProcess([&]() { openSlave(); try { commonChildInit(); - if (dup2(toBuilder.readSide.get(), STDIN_FILENO) == -1) - throw SysError("duping to-builder read side to builder's stdin"); - Strings args = {externalBuilder.program}; if (!externalBuilder.args.empty()) { args.insert(args.end(), externalBuilder.args.begin(), externalBuilder.args.end()); } + args.insert(args.end(), jsonFile); + debug("executing external builder: %s", concatStringsSep(" ", args)); execv(externalBuilder.program.c_str(), stringsToCharPtrs(args).data()); @@ -114,9 +110,6 @@ struct ExternalDerivationBuilder : DerivationBuilderImpl _exit(1); } }); - - writeFull(toBuilder.writeSide.get(), json.dump()); - toBuilder.close(); } }; From de158c335c97b4728856311d6cdacb2eaac920dd Mon Sep 17 00:00:00 2001 From: Cole Helbling Date: Mon, 14 Jul 2025 11:01:46 -0700 Subject: [PATCH 800/815] fixup: document why we're not writing through stdin right now --- src/libstore/unix/build/external-derivation-builder.cc | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/libstore/unix/build/external-derivation-builder.cc b/src/libstore/unix/build/external-derivation-builder.cc index e71cd71198e..508ad45a3e0 100644 --- a/src/libstore/unix/build/external-derivation-builder.cc +++ b/src/libstore/unix/build/external-derivation-builder.cc @@ -84,8 +84,10 @@ struct ExternalDerivationBuilder : DerivationBuilderImpl json.emplace("realStoreDir", getLocalStore(store).config->realStoreDir.get()); json.emplace("system", drv.platform); - // FIXME: maybe write this JSON into the builder's stdin instead....? - auto jsonFile = topTmpDir + "/build.json"; + // TODO(cole-h): writing this to stdin is too much effort right now, if we want to revisit + // that, see this comment by Eelco about how to make it not suck: + // https://github.com/DeterminateSystems/nix-src/pull/141#discussion_r2205493257 + auto jsonFile = std::filesystem::path{topTmpDir} / "build.json"; writeFile(jsonFile, json.dump()); pid = startProcess([&]() { From de560da7457b077ecca7456d39773ac88e337080 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Tue, 15 Jul 2025 18:09:06 +0200 Subject: [PATCH 801/815] Improve rendering of ignored exceptions Instead of error (ignored): error: SQLite database '...' is busy we now get error (ignored): SQLite database '...' is busy --- src/libutil/util.cc | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/src/libutil/util.cc b/src/libutil/util.cc index c9cc80fef6c..23dafe8c9f4 100644 --- a/src/libutil/util.cc +++ b/src/libutil/util.cc @@ -190,8 +190,10 @@ void ignoreExceptionInDestructor(Verbosity lvl) try { try { throw; + } catch (Error & e) { + printMsg(lvl, ANSI_RED "error (ignored):" ANSI_NORMAL " %s", e.info().msg); } catch (std::exception & e) { - printMsg(lvl, "error (ignored): %1%", e.what()); + printMsg(lvl, ANSI_RED "error (ignored):" ANSI_NORMAL " %s", e.what()); } } catch (...) { } } @@ -202,8 +204,10 @@ void ignoreExceptionExceptInterrupt(Verbosity lvl) throw; } catch (const Interrupted & e) { throw; + } catch (Error & e) { + printMsg(lvl, ANSI_RED "error (ignored):" ANSI_NORMAL " %s", e.info().msg); } catch (std::exception & e) { - printMsg(lvl, "error (ignored): %1%", e.what()); + printMsg(lvl, ANSI_RED "error (ignored):" ANSI_NORMAL " %s", e.what()); } } From dc77357e571135952aea899603b0c862fa3cd608 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Tue, 15 Jul 2025 18:10:07 +0200 Subject: [PATCH 802/815] Improve handleSQLiteBusy() message Closes https://github.com/NixOS/nix/pull/10319. --- src/libstore/sqlite.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libstore/sqlite.cc b/src/libstore/sqlite.cc index 55b967ed679..c3fb1f4138b 100644 --- a/src/libstore/sqlite.cc +++ b/src/libstore/sqlite.cc @@ -250,7 +250,7 @@ void handleSQLiteBusy(const SQLiteBusy & e, time_t & nextWarning) if (now > nextWarning) { nextWarning = now + 10; logWarning({ - .msg = HintFmt(e.what()) + .msg = e.info().msg }); } From aff4ccd1a42c8bf54f93f863458bbdcb27a61238 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Tue, 15 Jul 2025 18:21:29 +0200 Subject: [PATCH 803/815] Use WAL mode for SQLite cache databases With "truncate" mode, if we try to write to the database while another process has an active write transaction, we'll block until the other transaction finishes. This is a problem for the evaluation cache in particular, since it uses long-running transactions. WAL mode does not have this issue: it just returns "busy" right away, so Nix will print error (ignored): SQLite database '/home/eelco/.cache/nix/eval-cache-v5/...' is busy and stop trying to write to the evaluation cache. (This was the intended/original behaviour, see AttrDb::doSQLite().) --- src/libstore/sqlite.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libstore/sqlite.cc b/src/libstore/sqlite.cc index c3fb1f4138b..04f514d66b0 100644 --- a/src/libstore/sqlite.cc +++ b/src/libstore/sqlite.cc @@ -93,7 +93,7 @@ SQLite::~SQLite() void SQLite::isCache() { exec("pragma synchronous = off"); - exec("pragma main.journal_mode = truncate"); + exec("pragma main.journal_mode = wal"); } void SQLite::exec(const std::string & stmt) From 51449d7a5197ee66a647d2e0cf4374aa6e850c4b Mon Sep 17 00:00:00 2001 From: Cole Helbling Date: Tue, 15 Jul 2025 09:56:07 -0700 Subject: [PATCH 804/815] external-derivation-builder: run under build user, chown topTmpDir to builder The chown to builder is necessary for granting the builder the ability to access its entire ancestry (which is required on macOS for things like mounting the build directory into a VM to work) while running under a build user. Eelco mentioned that the reason topTmpDir is generally 700 is because of how the Linux chroot is setup, but since we do not use a chroot on macOS, it's fine to make the build dir readable to the build user. --- .../unix/build/external-derivation-builder.cc | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/src/libstore/unix/build/external-derivation-builder.cc b/src/libstore/unix/build/external-derivation-builder.cc index 508ad45a3e0..79ce0ba4536 100644 --- a/src/libstore/unix/build/external-derivation-builder.cc +++ b/src/libstore/unix/build/external-derivation-builder.cc @@ -29,9 +29,7 @@ struct ExternalDerivationBuilder : DerivationBuilderImpl bool prepareBuild() override { - // External builds don't use build users, so this always - // succeeds. - return true; + return DerivationBuilderImpl::prepareBuild(); } Path tmpDirInSandbox() override @@ -49,7 +47,12 @@ struct ExternalDerivationBuilder : DerivationBuilderImpl void prepareUser() override { - // Nothing to do here since we don't have a build user. + DerivationBuilderImpl::prepareUser(); + } + + void setUser() override + { + DerivationBuilderImpl::setUser(); } void checkSystem() override @@ -103,6 +106,10 @@ struct ExternalDerivationBuilder : DerivationBuilderImpl args.insert(args.end(), jsonFile); + chownToBuilder(topTmpDir); + + setUser(); + debug("executing external builder: %s", concatStringsSep(" ", args)); execv(externalBuilder.program.c_str(), stringsToCharPtrs(args).data()); From d3dc64b81138417290ac31f6fb9171d3778f1ad3 Mon Sep 17 00:00:00 2001 From: Cole Helbling Date: Tue, 15 Jul 2025 09:56:07 -0700 Subject: [PATCH 805/815] external-derivation-builder: chdir into tmpdir --- src/libstore/unix/build/external-derivation-builder.cc | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/libstore/unix/build/external-derivation-builder.cc b/src/libstore/unix/build/external-derivation-builder.cc index 79ce0ba4536..a393d75d9d1 100644 --- a/src/libstore/unix/build/external-derivation-builder.cc +++ b/src/libstore/unix/build/external-derivation-builder.cc @@ -106,6 +106,9 @@ struct ExternalDerivationBuilder : DerivationBuilderImpl args.insert(args.end(), jsonFile); + if (chdir(tmpDir.c_str()) == -1) + throw SysError("changing into '%1%'", tmpDir); + chownToBuilder(topTmpDir); setUser(); From 3cabd4ff2ee5fd8caa098cad87e0f6764cd22bf9 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 17 Jul 2025 17:35:15 +0200 Subject: [PATCH 806/815] Improve error message parsing external-builders setting --- src/libstore/globals.cc | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/src/libstore/globals.cc b/src/libstore/globals.cc index 23c844e3f40..9f51d90d92f 100644 --- a/src/libstore/globals.cc +++ b/src/libstore/globals.cc @@ -313,7 +313,11 @@ NLOHMANN_DEFINE_TYPE_NON_INTRUSIVE(Settings::ExternalBuilder, systems, program, template<> Settings::ExternalBuilders BaseSetting::parse(const std::string & str) const { - return nlohmann::json::parse(str).template get(); + try { + return nlohmann::json::parse(str).template get(); + } catch (std::exception & e) { + throw UsageError("parsing setting '%s': %s", name, e.what()); + } } template<> std::string BaseSetting::to_string() const From 7fb7e7ca686969319d322972a0776c1f9f6b6cf2 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Fri, 18 Jul 2025 18:17:25 +0000 Subject: [PATCH 807/815] Prepare release v3.8.3 From e4a1c332a3833fabf38511a91fc7b45ed568d51b Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Fri, 18 Jul 2025 18:17:27 +0000 Subject: [PATCH 808/815] Set .version-determinate to 3.8.3 --- .version-determinate | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.version-determinate b/.version-determinate index a08ffae0cae..269aa9c86de 100644 --- a/.version-determinate +++ b/.version-determinate @@ -1 +1 @@ -3.8.2 +3.8.3 From 8d478340a6279e8a8b2b35e93eb71b203016a577 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Fri, 18 Jul 2025 18:17:32 +0000 Subject: [PATCH 809/815] Generate release notes for 3.8.3 --- doc/manual/source/SUMMARY.md.in | 1 + .../source/release-notes-determinate/changes.md | 14 +++++++++++++- .../source/release-notes-determinate/rl-3.8.3.md | 13 +++++++++++++ 3 files changed, 27 insertions(+), 1 deletion(-) create mode 100644 doc/manual/source/release-notes-determinate/rl-3.8.3.md diff --git a/doc/manual/source/SUMMARY.md.in b/doc/manual/source/SUMMARY.md.in index 03a18f3313c..0f90b2c6ea1 100644 --- a/doc/manual/source/SUMMARY.md.in +++ b/doc/manual/source/SUMMARY.md.in @@ -130,6 +130,7 @@ - [Contributing](development/contributing.md) - [Determinate Nix Release Notes](release-notes-determinate/index.md) - [Changes between Nix and Determinate Nix](release-notes-determinate/changes.md) + - [Release 3.8.3 (2025-07-18)](release-notes-determinate/rl-3.8.3.md) - [Release 3.8.2 (2025-07-12)](release-notes-determinate/rl-3.8.2.md) - [Release 3.8.1 (2025-07-11)](release-notes-determinate/rl-3.8.1.md) - [Release 3.8.0 (2025-07-10)](release-notes-determinate/rl-3.8.0.md) diff --git a/doc/manual/source/release-notes-determinate/changes.md b/doc/manual/source/release-notes-determinate/changes.md index 8c5f3077005..e9f7303e13d 100644 --- a/doc/manual/source/release-notes-determinate/changes.md +++ b/doc/manual/source/release-notes-determinate/changes.md @@ -1,6 +1,6 @@ # Changes between Nix and Determinate Nix -This section lists the differences between upstream Nix 2.30 and Determinate Nix 3.8.2. +This section lists the differences between upstream Nix 2.30 and Determinate Nix 3.8.3. * In Determinate Nix, flakes are stable. You no longer need to enable the `flakes` experimental feature. @@ -110,3 +110,15 @@ This section lists the differences between upstream Nix 2.30 and Determinate Nix * ci: don't run the full test suite for x86_64-darwin by @grahamc in [DeterminateSystems/nix-src#144](https://github.com/DeterminateSystems/nix-src/pull/144) * Try publishing the manual again by @grahamc in [DeterminateSystems/nix-src#145](https://github.com/DeterminateSystems/nix-src/pull/145) + + + +* Only build the manual on x86_64-linux by @edolstra in [DeterminateSystems/nix-src#148](https://github.com/DeterminateSystems/nix-src/pull/148) + +* Add an `external-builders` experimental feature by @cole-h in [DeterminateSystems/nix-src#141](https://github.com/DeterminateSystems/nix-src/pull/141) + +* Use WAL mode for SQLite cache databases by @edolstra in [DeterminateSystems/nix-src#150](https://github.com/DeterminateSystems/nix-src/pull/150) + +* external-derivation-builder: run under build user by @cole-h in [DeterminateSystems/nix-src#152](https://github.com/DeterminateSystems/nix-src/pull/152) + +* Add support for external builders by @edolstra in [DeterminateSystems/nix-src#78](https://github.com/DeterminateSystems/nix-src/pull/78) diff --git a/doc/manual/source/release-notes-determinate/rl-3.8.3.md b/doc/manual/source/release-notes-determinate/rl-3.8.3.md new file mode 100644 index 00000000000..42e01c7b0d1 --- /dev/null +++ b/doc/manual/source/release-notes-determinate/rl-3.8.3.md @@ -0,0 +1,13 @@ +# Release 3.8.3 (2025-07-18) + +* Based on [upstream Nix 2.30.1](../release-notes/rl-2.30.md). + +## What's Changed +* Only build the manual on x86_64-linux by @edolstra in [DeterminateSystems/nix-src#148](https://github.com/DeterminateSystems/nix-src/pull/148) +* Add an `external-builders` experimental feature by @cole-h in [DeterminateSystems/nix-src#141](https://github.com/DeterminateSystems/nix-src/pull/141) +* Use WAL mode for SQLite cache databases by @edolstra in [DeterminateSystems/nix-src#150](https://github.com/DeterminateSystems/nix-src/pull/150) +* external-derivation-builder: run under build user by @cole-h in [DeterminateSystems/nix-src#152](https://github.com/DeterminateSystems/nix-src/pull/152) +* Add support for external builders by @edolstra in [DeterminateSystems/nix-src#78](https://github.com/DeterminateSystems/nix-src/pull/78) + + +**Full Changelog**: [v3.8.2...v3.8.3](https://github.com/DeterminateSystems/nix-src/compare/v3.8.2...v3.8.3) From 082ffc37452012a0ff246a1fd9629dd58337be3b Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Fri, 18 Jul 2025 14:34:01 -0400 Subject: [PATCH 810/815] Tweak the release notes --- .../release-notes-determinate/changes.md | 6 ----- .../release-notes-determinate/rl-3.8.3.md | 23 +++++++++++++++---- 2 files changed, 18 insertions(+), 11 deletions(-) diff --git a/doc/manual/source/release-notes-determinate/changes.md b/doc/manual/source/release-notes-determinate/changes.md index e9f7303e13d..7273196ee7b 100644 --- a/doc/manual/source/release-notes-determinate/changes.md +++ b/doc/manual/source/release-notes-determinate/changes.md @@ -113,12 +113,6 @@ This section lists the differences between upstream Nix 2.30 and Determinate Nix -* Only build the manual on x86_64-linux by @edolstra in [DeterminateSystems/nix-src#148](https://github.com/DeterminateSystems/nix-src/pull/148) - * Add an `external-builders` experimental feature by @cole-h in [DeterminateSystems/nix-src#141](https://github.com/DeterminateSystems/nix-src/pull/141) -* Use WAL mode for SQLite cache databases by @edolstra in [DeterminateSystems/nix-src#150](https://github.com/DeterminateSystems/nix-src/pull/150) - -* external-derivation-builder: run under build user by @cole-h in [DeterminateSystems/nix-src#152](https://github.com/DeterminateSystems/nix-src/pull/152) - * Add support for external builders by @edolstra in [DeterminateSystems/nix-src#78](https://github.com/DeterminateSystems/nix-src/pull/78) diff --git a/doc/manual/source/release-notes-determinate/rl-3.8.3.md b/doc/manual/source/release-notes-determinate/rl-3.8.3.md index 42e01c7b0d1..fb589817294 100644 --- a/doc/manual/source/release-notes-determinate/rl-3.8.3.md +++ b/doc/manual/source/release-notes-determinate/rl-3.8.3.md @@ -3,11 +3,24 @@ * Based on [upstream Nix 2.30.1](../release-notes/rl-2.30.md). ## What's Changed -* Only build the manual on x86_64-linux by @edolstra in [DeterminateSystems/nix-src#148](https://github.com/DeterminateSystems/nix-src/pull/148) -* Add an `external-builders` experimental feature by @cole-h in [DeterminateSystems/nix-src#141](https://github.com/DeterminateSystems/nix-src/pull/141) -* Use WAL mode for SQLite cache databases by @edolstra in [DeterminateSystems/nix-src#150](https://github.com/DeterminateSystems/nix-src/pull/150) -* external-derivation-builder: run under build user by @cole-h in [DeterminateSystems/nix-src#152](https://github.com/DeterminateSystems/nix-src/pull/152) -* Add support for external builders by @edolstra in [DeterminateSystems/nix-src#78](https://github.com/DeterminateSystems/nix-src/pull/78) +### Non-blocking evaluation caching + +Users reporting evaluation would occasionally block other evaluation processes. + +The evaluation cache database is now opened in write-ahead mode to prevent delaying evaluations. + +PR: [DeterminateSystems/nix-src#150](https://github.com/DeterminateSystems/nix-src/pull/150) + +### New experimental feature: `external-builders` + +This experimental feature allows Nix to call an external program for the build environment. + +The interface and behavior of this feature may change at any moment without a correspondingly major semver version change. + +PRs: +- [DeterminateSystems/nix-src#141](https://github.com/DeterminateSystems/nix-src/pull/141) +- [DeterminateSystems/nix-src#152](https://github.com/DeterminateSystems/nix-src/pull/152) +- [DeterminateSystems/nix-src#78](https://github.com/DeterminateSystems/nix-src/pull/78) **Full Changelog**: [v3.8.2...v3.8.3](https://github.com/DeterminateSystems/nix-src/compare/v3.8.2...v3.8.3) From e1c2853f9797c79d05360e285f40cadb5b9059f6 Mon Sep 17 00:00:00 2001 From: Cole Helbling Date: Fri, 18 Jul 2025 11:41:48 -0700 Subject: [PATCH 811/815] fixup release note wording --- doc/manual/source/release-notes-determinate/rl-3.8.3.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/manual/source/release-notes-determinate/rl-3.8.3.md b/doc/manual/source/release-notes-determinate/rl-3.8.3.md index fb589817294..d3eb02bc7ea 100644 --- a/doc/manual/source/release-notes-determinate/rl-3.8.3.md +++ b/doc/manual/source/release-notes-determinate/rl-3.8.3.md @@ -6,7 +6,7 @@ ### Non-blocking evaluation caching -Users reporting evaluation would occasionally block other evaluation processes. +Users reported evaluation would occasionally block other evaluation processes. The evaluation cache database is now opened in write-ahead mode to prevent delaying evaluations. From 2b676c6e13684f92b29a4f71308a4f305db9ec6a Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Sun, 20 Jul 2025 17:54:52 -0700 Subject: [PATCH 812/815] Revert "Use WAL mode for SQLite cache databases" --- src/libstore/sqlite.cc | 4 ++-- src/libutil/util.cc | 8 ++------ 2 files changed, 4 insertions(+), 8 deletions(-) diff --git a/src/libstore/sqlite.cc b/src/libstore/sqlite.cc index 04f514d66b0..55b967ed679 100644 --- a/src/libstore/sqlite.cc +++ b/src/libstore/sqlite.cc @@ -93,7 +93,7 @@ SQLite::~SQLite() void SQLite::isCache() { exec("pragma synchronous = off"); - exec("pragma main.journal_mode = wal"); + exec("pragma main.journal_mode = truncate"); } void SQLite::exec(const std::string & stmt) @@ -250,7 +250,7 @@ void handleSQLiteBusy(const SQLiteBusy & e, time_t & nextWarning) if (now > nextWarning) { nextWarning = now + 10; logWarning({ - .msg = e.info().msg + .msg = HintFmt(e.what()) }); } diff --git a/src/libutil/util.cc b/src/libutil/util.cc index 23dafe8c9f4..c9cc80fef6c 100644 --- a/src/libutil/util.cc +++ b/src/libutil/util.cc @@ -190,10 +190,8 @@ void ignoreExceptionInDestructor(Verbosity lvl) try { try { throw; - } catch (Error & e) { - printMsg(lvl, ANSI_RED "error (ignored):" ANSI_NORMAL " %s", e.info().msg); } catch (std::exception & e) { - printMsg(lvl, ANSI_RED "error (ignored):" ANSI_NORMAL " %s", e.what()); + printMsg(lvl, "error (ignored): %1%", e.what()); } } catch (...) { } } @@ -204,10 +202,8 @@ void ignoreExceptionExceptInterrupt(Verbosity lvl) throw; } catch (const Interrupted & e) { throw; - } catch (Error & e) { - printMsg(lvl, ANSI_RED "error (ignored):" ANSI_NORMAL " %s", e.info().msg); } catch (std::exception & e) { - printMsg(lvl, ANSI_RED "error (ignored):" ANSI_NORMAL " %s", e.what()); + printMsg(lvl, "error (ignored): %1%", e.what()); } } From 0813dc03101854bf4c6aabfa0c38c43819bf641d Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Mon, 21 Jul 2025 02:37:04 +0000 Subject: [PATCH 813/815] Prepare release v3.8.4 From fcf69d18095c9c770fd3791baa25afc3202f8e51 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Mon, 21 Jul 2025 02:37:07 +0000 Subject: [PATCH 814/815] Set .version-determinate to 3.8.4 --- .version-determinate | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.version-determinate b/.version-determinate index 269aa9c86de..ff313b8c212 100644 --- a/.version-determinate +++ b/.version-determinate @@ -1 +1 @@ -3.8.3 +3.8.4 From 9c25491a158e4f8eb30bb917139be58d5de12fca Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Mon, 21 Jul 2025 02:37:12 +0000 Subject: [PATCH 815/815] Generate release notes for 3.8.4 --- doc/manual/source/SUMMARY.md.in | 1 + doc/manual/source/release-notes-determinate/changes.md | 6 +++++- doc/manual/source/release-notes-determinate/rl-3.8.4.md | 9 +++++++++ 3 files changed, 15 insertions(+), 1 deletion(-) create mode 100644 doc/manual/source/release-notes-determinate/rl-3.8.4.md diff --git a/doc/manual/source/SUMMARY.md.in b/doc/manual/source/SUMMARY.md.in index 0f90b2c6ea1..ea0a63dcb28 100644 --- a/doc/manual/source/SUMMARY.md.in +++ b/doc/manual/source/SUMMARY.md.in @@ -130,6 +130,7 @@ - [Contributing](development/contributing.md) - [Determinate Nix Release Notes](release-notes-determinate/index.md) - [Changes between Nix and Determinate Nix](release-notes-determinate/changes.md) + - [Release 3.8.4 (2025-07-21)](release-notes-determinate/rl-3.8.4.md) - [Release 3.8.3 (2025-07-18)](release-notes-determinate/rl-3.8.3.md) - [Release 3.8.2 (2025-07-12)](release-notes-determinate/rl-3.8.2.md) - [Release 3.8.1 (2025-07-11)](release-notes-determinate/rl-3.8.1.md) diff --git a/doc/manual/source/release-notes-determinate/changes.md b/doc/manual/source/release-notes-determinate/changes.md index 7273196ee7b..42ceb85a2ad 100644 --- a/doc/manual/source/release-notes-determinate/changes.md +++ b/doc/manual/source/release-notes-determinate/changes.md @@ -1,6 +1,6 @@ # Changes between Nix and Determinate Nix -This section lists the differences between upstream Nix 2.30 and Determinate Nix 3.8.3. +This section lists the differences between upstream Nix 2.30 and Determinate Nix 3.8.4. * In Determinate Nix, flakes are stable. You no longer need to enable the `flakes` experimental feature. @@ -116,3 +116,7 @@ This section lists the differences between upstream Nix 2.30 and Determinate Nix * Add an `external-builders` experimental feature by @cole-h in [DeterminateSystems/nix-src#141](https://github.com/DeterminateSystems/nix-src/pull/141) * Add support for external builders by @edolstra in [DeterminateSystems/nix-src#78](https://github.com/DeterminateSystems/nix-src/pull/78) + + + +* Revert "Use WAL mode for SQLite cache databases" by @grahamc in [DeterminateSystems/nix-src#155](https://github.com/DeterminateSystems/nix-src/pull/155) diff --git a/doc/manual/source/release-notes-determinate/rl-3.8.4.md b/doc/manual/source/release-notes-determinate/rl-3.8.4.md new file mode 100644 index 00000000000..7c73e75ca02 --- /dev/null +++ b/doc/manual/source/release-notes-determinate/rl-3.8.4.md @@ -0,0 +1,9 @@ +# Release 3.8.4 (2025-07-21) + +* Based on [upstream Nix 2.30.1](../release-notes/rl-2.30.md). + +## What's Changed +* Revert "Use WAL mode for SQLite cache databases" by @grahamc in [DeterminateSystems/nix-src#155](https://github.com/DeterminateSystems/nix-src/pull/155) + + +**Full Changelog**: [v3.8.3...v3.8.4](https://github.com/DeterminateSystems/nix-src/compare/v3.8.3...v3.8.4)