Commit Graph

18170 Commits

Author SHA1 Message Date
Eelco Dolstra
a6ad5565ef Improve use-case-hack description slightly
(cherry picked from commit 5ca2f58798)
2024-09-10 09:51:50 +02:00
Eelco Dolstra
2e1cb495c1 Typo
(cherry picked from commit 4cfa59fdb3)
2024-09-10 09:51:50 +02:00
Eelco Dolstra
e25410c788 Test that deserializing regular files / symlinks is exclusive
(cherry picked from commit 52ba3cc5ea)
2024-09-10 09:51:50 +02:00
Eelco Dolstra
25510ba66f RestoreSink::createDirectory(): Use append()
On macOS, `mkdir("x/')` behaves differently than `mkdir("x")` if `x` is
a dangling symlink (the formed succeed while the latter fails). So make
sure we always strip the trailing slash.

(cherry picked from commit 9fcb588dd8)
2024-09-10 09:51:50 +02:00
Eelco Dolstra
d9b60b3902 Fix test on macOS
(cherry picked from commit 21dcbd7e83)
2024-09-10 09:51:50 +02:00
Eelco Dolstra
a041688133 Test that deserializing NARs with names with equal Unicode normal forms fails on macOS
The test is based on the one by @puckipedia but with the file names
swapped to make them sorted.

(cherry picked from commit 7a765a6aaf)
2024-09-10 09:51:50 +02:00
Eelco Dolstra
1288970496 Detect NAR directory entries that collide with another path after case-hacking
The test was made by @puckipedia.

(cherry picked from commit 3557587381)
2024-09-10 09:51:50 +02:00
Eelco Dolstra
0cfc9bf133 More tests
(cherry picked from commit 77c090cdbd)
2024-09-10 09:51:50 +02:00
Eelco Dolstra
f160d3ac68 Test that nix-store --restore fails if the output already exists
This restores the behaviour from before the std::filesystem
refactorings.

(cherry picked from commit da1ad28912)
2024-09-10 09:51:50 +02:00
Eelco Dolstra
6187ee468f Add test case for NARs with duplicate directory entries
This test was made by @puckipedia.

(cherry picked from commit 83d5b32803)
2024-09-10 09:51:50 +02:00
Eelco Dolstra
12fa019ae5 NAR parser: Fix check for duplicate / incorrectly sorted entries
"prevName" was always empty because it was declared in the wrong scope.

(cherry picked from commit 495d32e1b8)
2024-09-10 09:51:50 +02:00
Jörg Thalheim
f0cffa7300 replace backport github action with mergify
The current backport action cannot automerge because
the github action bot does not trigger github CI actions.
Mergify instead does not have this limitation and can also
use a merge queue.

On top we have now a declarative configuration to allow
contributers to add new tests to required without having access
to the github org.

An example pull request and backport can be seen here:

https://github.com/Mic92/nix-1/pull/4

and here:

https://github.com/Mic92/nix-1/pull/5

To complete the setup the mergify app must be enabled for this repository.
It's already installed in the nixos organization for nixos-hardware and
other repositories.

(cherry picked from commit 80f20fa4cb)
2024-09-09 16:12:24 +00:00
Robert Hensing
ae486b2910
Merge pull request #11446 from NixOS/mergify/bp/2.24-maintenance/pr-11285
fetchers::downloadTarball(): Return a cacheable accessor (backport #11285)
2024-09-09 18:05:32 +02:00
Eelco Dolstra
437f7a0042 fetchers::downloadTarball(): Return a cacheable accessor
downloadTarball() is used by `-I foo=<url>` etc. fetchToStore() needs
the accessor to have a fingerprint to enable caching.

Fixes #11271.

(cherry picked from commit 9f6ee93f48)
2024-09-09 12:46:07 +00:00
Eelco Dolstra
b53b07b30b
Merge pull request #11421 from NixOS/mergify/bp/2.24-maintenance/pr-10919
install-darwin: fix _nixbld uids for macOS sequoia (backport #10919)
2024-09-04 18:55:18 +02:00
Emily
8d0414d682 install-darwin: increment base UID by 1 (#15)
(cherry picked from commit 11cf29b15c)
2024-09-03 23:59:16 +00:00
Travis A. Everett
c5a0e624d9 install-darwin: move nixbld gid to match first UID
(cherry picked from commit 75567423fb)
2024-09-03 23:59:15 +00:00
Travis A. Everett
0679505d8c install-darwin: fix _nixbld uids for macOS sequoia
Starting in macOS 15 Sequoia, macOS daemon UIDs are encroaching on our
default UIDs of 301-332. This commit relocates our range up to avoid
clashing with the current UIDs of 301-304 and buy us a little time
while still leaving headroom for people installing more than 32 users.

(cherry picked from commit df36ff0d1e)
2024-09-03 23:59:15 +00:00
Eelco Dolstra
ea7abb58b5 Bump version 2024-09-03 16:51:36 +02:00
Eelco Dolstra
f1ab41b2bc
Merge pull request #11408 from NixOS/mergify/bp/2.24-maintenance/pr-11402
Respect max-substitution-jobs again (backport #11402)
2024-09-03 14:23:49 +02:00
Eelco Dolstra
c21f664e82 "unsigned" -> size_t
Slight cleanup.

(cherry picked from commit b7acd1c414)
2024-09-03 11:36:40 +00:00
Eelco Dolstra
0c25bea7cc Respect max-substitution-jobs again
This broke in #11005. Any number of PathSubstitutionGoals would
be woken up by a single build slot becoming available. If there
are a lot of substitution goals active, this could lead to us
running out of file descriptors (especially on macOS where the
default limit is 256).

(cherry picked from commit a33cb8af56)
2024-09-03 11:36:39 +00:00
Eelco Dolstra
9d8669b14a Bump version 2024-08-23 16:15:11 +02:00
Eelco Dolstra
cb0439f0c2
Merge pull request #11360 from DeterminateSystems/backport-11152
[Backport 2.24-maintenance] addToStore(): Evaluate on the main stack
2024-08-23 15:08:56 +02:00
Eelco Dolstra
30a57328d2 Backport https://github.com/NixOS/nix/pull/11152 2024-08-23 13:15:30 +02:00
Robert Hensing
79a43160ca
Merge pull request #11334 from NixOS/backport-11329-to-2.24-maintenance
[Backport 2.24-maintenance] fix: check to see if there are any lines before
2024-08-19 16:38:44 +02:00
Tom Bereknyei
7befd60c01 fix: check to see if there are any lines before
(cherry picked from commit 59db8fd62b)
2024-08-19 13:40:38 +00:00
Eelco Dolstra
90fb4e8890 Bump version 2024-08-19 12:46:17 +02:00
tomberek
3ac5d736e2
Merge pull request #11319 from NixOS/backport-11270-to-2.24-maintenance
[Backport 2.24-maintenance] libstore: fix port binding in __darwinAllowLocalNetworking sandbox
2024-08-17 03:17:29 -04:00
Andrew Marshall
4e707b8e57 libstore: fix port binding in __darwinAllowLocalNetworking sandbox
In d60c3f7f7c, this was changed to close a
hole in the sandbox. Unfortunately, this was too restrictive such that it
made local port binding fail, thus making derivations that needed
`__darwinAllowLocalNetworking` gain nearly nothing, and thus largely
fail (as the primary use for it is to enable port binding).

This unfortunately does mean that a sandboxed build process can, in
coordination with an actor outside the sandbox, escape the sandbox by
binding a port and connecting to it externally to send data. I do not
see a way around this with my experimentation and understanding of the
(quite undocumented) macOS sandbox profile API. Notably it seems not
possible to use the sandbox to do any of:

- Restrict the remote IP of inbound network requests
- Restrict the address being bound to

As such, the `(local ip "*:*")` here appears to be functionally no
different than `(local ip "localhost:*")` (however it *should* be
different than removing the filter entirely, as that would make it also
apply to non-IP networking). Doing `(allow network-inbound (require-all
(local ip "localhost:*") (remote ip "localhost:*")))` causes listening
to fail.

Note that `network-inbound` implies `network-bind`.

(cherry picked from commit 00f6db36fd)
2024-08-17 03:17:45 +00:00
Eelco Dolstra
20cae372f4
Merge pull request #11314 from cole-h/backport-2.24-update-nixpkgs-input-fix-darwin
[2.24] Update nixpkgs input to fix darwin ccache evaluation, have CI check that all outputs on all systems evaluate
2024-08-16 20:48:49 +02:00
Cole Helbling
d550139191 ci: check that all outputs for all systems can evaluate
(cherry picked from commit aa3d35c1f4)
2024-08-16 11:46:29 -07:00
Cole Helbling
5b62a1dbd6 flake.lock: Update
Flake lock file updates:

• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/63d37ccd2d178d54e7fb691d7ec76000740ea24a?narHash=sha256-7cCC8%2BTdq1%2B3OPyc3%2BgVo9dzUNkNIQfwSDJ2HSi2u3o%3D' (2024-07-21)
  → 'github:NixOS/nixpkgs/c3d4ac725177c030b1e289015989da2ad9d56af0?narHash=sha256-sqLwJcHYeWLOeP/XoLwAtYjr01TISlkOfz%2BNG82pbdg%3D' (2024-08-15)

(cherry picked from commit 8866d2cd83)
2024-08-16 11:46:24 -07:00
Eelco Dolstra
450252c92c Bump version 2024-08-08 17:21:00 +02:00
Eelco Dolstra
4036c3aafb Bump version 2024-08-08 15:02:48 +02:00
Robert Hensing
935bf1157d
Merge pull request #11267 from NixOS/backport-11244-to-2.24-maintenance
[Backport 2.24-maintenance] allow to c api with older c versions
2024-08-08 01:43:24 +02:00
Jörg Thalheim
b1941c9f8a allow to c api with older c versions
In the FFI world we have many tools that are not gcc/clang and therefore
not always support the latest C standard. This fixes support with cffi
i.e. used in https://github.com/tweag/python-nix

(cherry picked from commit 739418504c)
2024-08-07 23:12:17 +00:00
Eelco Dolstra
40832b0a95
Merge pull request #11262 from NixOS/backport-11257-to-2.24-maintenance
[Backport 2.24-maintenance] PathSubstitutionGoal: Fix spurious "failed" count in the progress bar
2024-08-06 11:20:31 +02:00
Eelco Dolstra
fa78d7f72f PathSubstitutionGoal: Fix spurious "failed" count in the progress bar
It is not an error if queryPathInfo() indicates that a path does not
exist in the substituter.

Fixes #11198. This was broken in 846869da0e.

(cherry picked from commit 0a00bd07b2)
2024-08-06 08:33:46 +00:00
Eelco Dolstra
2382a52c84
Merge pull request #11239 from NixOS/backport-11237-to-2.24-maintenance
[Backport 2.24-maintenance] Fix the S3 store
2024-08-01 17:56:18 +02:00
Eelco Dolstra
fe6a7c805c Fix the S3 store
It was failing with:

   error: AWS error fetching 'nix-cache-info': The specified bucket does not exist

because `S3BinaryCacheStoreImpl` had a `bucketName` field that
shadowed the inherited `bucketName from `S3BinaryCacheStoreConfig`.

(cherry picked from commit 9b5b7b7963)
2024-08-01 15:46:45 +00:00
Eelco Dolstra
0a167ffd1f Bump version 2024-08-01 10:41:11 +02:00
Eelco Dolstra
206e32e2d7 Mark release 2024-07-31 23:37:43 +02:00
Eelco Dolstra
b24757f08a
Merge pull request #11231 from DeterminateSystems/release-notes
2.24 release notes
2024-07-31 23:24:39 +02:00
Eelco Dolstra
794a50065b base32 -> nix32 2024-07-31 22:33:41 +02:00
Qyriad
cb5a5dd4f3 docs: clarify how ^ works for -E/-f installables
We didn't even realize you *could* use this syntax with -E and -f, much
less that the attribute path could be *empty*.

Change-Id: Id1a6715609f3a76a5ce477bd43a7832effbbe07b
2024-07-31 22:27:58 +02:00
Qyriad
8ff169715d docs: clarify how the different kinds of installables are selected
Change-Id: I146736bb97ebe035e04be69ce9fb60a557e38c6c
2024-07-31 22:27:58 +02:00
Eelco Dolstra
f136ec5290 Add contributors 2024-07-31 22:16:44 +02:00
Eelco Dolstra
22ad0e653f Edit release notes 2024-07-31 22:14:27 +02:00
John Ericson
733c816d34
Small windows cross fixes (#11230) 2024-07-31 20:04:18 +00:00