Commit Graph

18353 Commits

Author SHA1 Message Date
Eelco Dolstra
5737d31d4e Test the case hack a bit more 2024-09-12 17:27:41 +02:00
Eelco Dolstra
7aa3e7e3a5 Make the NAR parser much stricter wrt field order
We really want to enforce a canonical representation since NAR
hashing/signing/deduplication depends on that.
2024-09-12 15:57:46 +02:00
Eelco Dolstra
27ec0def74 Typo 2024-09-12 15:33:55 +02:00
Eelco Dolstra
69bf9947c7 Put 'names' in the right scope 2024-09-12 15:29:54 +02:00
Eelco Dolstra
4de9587e50 Improve badArchive() 2024-09-12 15:27:55 +02:00
Eelco Dolstra
421aa1add1 Add tests for invalid file names in NARs
Note: in general, we rely on the OS to tell us if a name is invalid or
if two names normalize in the same way. But for security, we do want
to make sure that we catch '.', '..', slashes and NUL characters. (NUL
characters aren't really a security issue, but since they would be
truncated when we pass them to the OS, it would be canonicity problem.)
2024-09-12 15:02:30 +02:00
Travis A. Everett
48477d4a3e
doc: add admonitions for macOS 15 Sequoia update (#11487)
The impending release of macOS 15 Sequoia will break many existing nix
installs on macOS, which may lead to an increased number of people who
are looking to try to reinstall Nix without noticing the open/pinned
issue (#10892) that explains the problem and outlines how to migrate
existing installs.

These admonitions are a short-term measure until we are over the hump
and support volumes dwindle.
2024-09-11 17:50:47 +00:00
John Ericson
db7c868d24
Merge pull request #11378 from Mic92/nix-dir-errors
builtins.readDir: fix nix error trace on filesystem errors
2024-09-11 13:10:28 -04:00
John Ericson
193dc49097 tweak unpack channel built-in, std::filesystem::path for tarball 2024-09-11 12:29:49 -04:00
Eelco Dolstra
1c2508f176
Merge pull request #11466 from DeterminateSystems/git-mtime-warning
Git fetcher: Don't update mtime of ref file if fetching by rev
2024-09-11 17:34:46 +02:00
Eelco Dolstra
46339db18d
Merge pull request #11471 from zimbatm/hacking-md
doc: add HACKING.md symlink
2024-09-11 14:54:28 +02:00
Eelco Dolstra
9a7c0d8933
Merge pull request #11473 from Artturin/keepfailedreadable
Fix making the build directory kept by `keep-failed` readable
2024-09-11 14:52:50 +02:00
Eelco Dolstra
894da59186
Merge pull request #11447 from DeterminateSystems/nix-flake-metadata-chroot-store
nix flake {metadata,archive}: Fix chroot stores
2024-09-11 14:51:56 +02:00
Noam Yorav-Raphael
38bfbb297c
Use envvars NIX_CACHE_HOME, NIX_CONFIG_HOME, NIX_DATA_HOME, NIX_STATE_HOME if defined (#11351) 2024-09-11 10:36:46 +00:00
Jörg Thalheim
04ce0e648a add release notes for filesystem fixes
Update doc/manual/rl-next/filesystem-errors.md

Co-authored-by: John Ericson <git@JohnEricson.me>
2024-09-11 08:23:18 +02:00
tomberek
c60e1be62c
Merge pull request #11438 from zimbatm/nix-fmt-pwd
fix(nix fmt): remove the default "." argument
2024-09-10 23:44:16 -04:00
tomberek
b30b3b27f8
Merge pull request #11476 from abathur/sequoia_migration_undebug
sequoia-nixbld-user-migration: disable trace mode
2024-09-10 23:35:23 -04:00
Travis A. Everett
f2e7e996da sequoia-nixbld-user-migration: disable trace mode
Was hoping to leave this enabled for a little while as core community
members test this script out, but Apple's aggressive release timeline
for macOS 15 Sequoia has caught us off-guard here.

It's probably not ideal for a general audience if the script spews all
of this output--and people can still force bash to run in trace mode
if we really need to debug a problem.
2024-09-10 20:54:09 -05:00
Artturin
ebebe626ff Fix making the build directory kept by keep-failed readable
Caused by 1d3696f0fb

Without this fix the kept build directory is readable only by root

```
$ sudo ls -ld /comp-temp/nix-build-openssh-static-x86_64-unknown-linux-musl-9.8p1.drv-5
drwx------ root root 60 B Wed Sep 11 00:09:48 2024  /comp-temp/nix-build-openssh-static-x86_64-unknown-linux-musl-9.8p1.drv-5/

$ sudo ls -ld /comp-temp/nix-build-openssh-static-x86_64-unknown-linux-musl-9.8p1.drv-5/build
drwxr-xr-x nixbld1 nixbld 80 B Wed Sep 11 00:09:58 2024  /comp-temp/nix-build-openssh-static-x86_64-unknown-linux-musl-9.8p1.drv-5/build/
```
2024-09-11 00:23:14 +03:00
zimbatm
c4766d7b8b fix(nix fmt): remove the default "." argument
When `nix fmt` is called without an argument, Nix appends the "." argument before calling the formatter. The comment in the code is:
> Format the current flake out of the box

This also happens when formatting sub-folders.

This means that the formatter is now unable to distinguish, as an interface, whether the "." argument is coming from the flake or the user's intent to format the current folder. This decision should be up to the formatter.

Treefmt, for example, will automatically look up the project's root and format all the files. This is the desired behaviour. But because the "." argument is passed, it cannot function as expected.
2024-09-10 22:18:56 +02:00
Eelco Dolstra
b9d3cdfbd2
Merge pull request #11472 from Mic92/darwin-fix
add missing filesystem include (x86_64-darwin fix)
2024-09-10 17:33:09 +02:00
Jörg Thalheim
1ca1439b1f add missing filesystem include (x86_64-darwin fix) 2024-09-10 16:45:39 +02:00
zimbatm
be480971c2 doc: add HACKING.md symlink
As a hacker, I should be able to checkout the repo, and find relevant
information on how to develop in the project somewhere in the top-level.
Either in the README.md, or CONTRIBUTING.md or HACKING.md files.

This PR symlinks the HACKING.md into the right place in the manual.
2024-09-10 15:26:38 +02:00
Eelco Dolstra
9c0e968843
Merge commit from fork
Fix unsafe NAR unpacking
2024-09-10 12:42:55 +02:00
Tom Bereknyei
c55b285cf9 tests: test was re-named 2024-09-09 22:15:45 -04:00
Eelco Dolstra
b80b091bac Git fetcher: Don't update mtime of ref file if fetching by rev
This fixes the warning

  $ nix eval --store /tmp/nix --expr 'builtins.fetchTree { type = "git"; url = "https://github.com/DeterminateSystems/attic"; ref = "fixups-for-magic-nix-cache"; rev = "635753a2069d4b8228e846dc5c09ad361c75cd1a"; }'
  warning: could not update mtime for file '/home/eelco/.cache/nix/gitv3/09788h9zgba5lbfkaa6ija2dvi004jwsqjf5ln21i2njs07cz766/refs/heads/fixups-for-magic-nix-cache': error: changing modification time of '"/home/eelco/.cache/nix/gitv3/09788h9zgba5lbfkaa6ija2dvi004jwsqjf5ln21i2njs07cz766/refs/heads/fixups-for-magic-nix-cache"': No such file or directory

When we're fetching by rev, that file doesn't necessarily exist, and we
don't care about it anyway.
2024-09-09 19:52:21 +02:00
Eelco Dolstra
c5a4dfa660 nix flake {metadata,archive}: Fix chroot stores
Fixes

  $ nix flake metadata --store /tmp/nix nixpkgs
  error: path '/tmp/nix/nix/store/65xpqkz92d9j7k5ric4z8lzhiigxsfbg-source/flake.nix' is not in the Nix store

This has been broken since 598deb2b23.
2024-09-09 15:41:38 +02:00
Eelco Dolstra
5ca2f58798 Improve use-case-hack description slightly 2024-09-09 14:29:05 +02:00
Eelco Dolstra
4cfa59fdb3 Typo 2024-09-09 14:11:35 +02:00
Eelco Dolstra
4c7a6ffee7
Merge pull request #11380 from roberth/eco-friendly-progress-bar
progress-bar: Only write when truly updated
2024-09-09 13:58:42 +02:00
Eelco Dolstra
5e337ee60d
Merge pull request #11412 from parkerhoyes/daemon-cgroup
Move daemon process into sub-cgroup
2024-09-09 13:49:31 +02:00
Robert Hensing
69e925640f
Merge pull request #11432 from fricklerhandwerk/docs-defexpr
docs: small fixups on the default expression
2024-09-08 12:31:23 +02:00
Robert Hensing
c955563b64 fix: Avoid deadlock in ProgressBar::redraw() 2024-09-08 11:44:24 +02:00
Robert Hensing
e10ea78f93 refact: Inline ProgressBar::draw(state, newOutput), inline local output 2024-09-08 01:23:01 +02:00
Robert Hensing
047d9643b5 refact: Extract ProgressBar::redraw(newOutput) 2024-09-08 01:23:01 +02:00
Robert Hensing
9df5236c46 progress-bar: Only write when truly updated 2024-09-08 01:04:14 +02:00
Robert Hensing
9ae7140beb
Merge pull request #11436 from fricklerhandwerk/reword-nix-expr-gloss
docs: reword glossary entry on Nix expression
2024-09-07 22:47:32 +01:00
Robert Hensing
791f943761
Merge pull request #11437 from fricklerhandwerk/default-nix-path-docs
docs: explain provenance of default `nix-path` values
2024-09-07 22:38:50 +01:00
Eelco Dolstra
52ba3cc5ea Test that deserializing regular files / symlinks is exclusive 2024-09-06 16:28:09 +02:00
Eelco Dolstra
f15aef2a79
Merge pull request #11413 from cole-h/fixup-daemon-service
fixup: use the real bindir for systemd unit's bindir
2024-09-06 15:56:44 +02:00
Eelco Dolstra
644a034783
Merge pull request #11440 from fricklerhandwerk/fix-docs-build-instructions
update instructions to build the manual
2024-09-06 15:48:52 +02:00
Eelco Dolstra
bb1af0645e
Merge pull request #11439 from Mic92/revert-warning
Revert "fix: Error on malformed URI query parameter"
2024-09-06 15:48:18 +02:00
Valentin Gagarin
92be107c8e update instructions to build the manual 2024-09-06 10:33:12 +02:00
Eelco Dolstra
9fcb588dd8 RestoreSink::createDirectory(): Use append()
On macOS, `mkdir("x/')` behaves differently than `mkdir("x")` if `x` is
a dangling symlink (the formed succeed while the latter fails). So make
sure we always strip the trailing slash.
2024-09-05 22:21:53 +02:00
Eelco Dolstra
21dcbd7e83 Fix test on macOS 2024-09-05 20:55:24 +02:00
Eelco Dolstra
7a765a6aaf Test that deserializing NARs with names with equal Unicode normal forms fails on macOS
The test is based on the one by @puckipedia but with the file names
swapped to make them sorted.
2024-09-05 20:37:26 +02:00
Eelco Dolstra
3557587381 Detect NAR directory entries that collide with another path after case-hacking
The test was made by @puckipedia.
2024-09-05 19:26:10 +02:00
Eelco Dolstra
77c090cdbd More tests 2024-09-05 16:54:12 +02:00
Eelco Dolstra
da1ad28912 Test that nix-store --restore fails if the output already exists
This restores the behaviour from before the std::filesystem
refactorings.
2024-09-05 16:48:43 +02:00
Eelco Dolstra
83d5b32803 Add test case for NARs with duplicate directory entries
This test was made by @puckipedia.
2024-09-05 16:41:15 +02:00