Valentin Gagarin
9bb153acb2
maintainers: add checklist for security releases
...
Co-Authored-By: Robert Hensing <robert@roberthensing.nl
Co-authored-by: Dan Baker <daniel.n.baker@gmail.com>
2024-10-31 18:34:19 +01:00
Jörg Thalheim
0f59c2102e
Merge pull request #11770 from Jaculabilis/shellcheck
...
Expand shellcheck coverage in functional tests
2024-10-31 15:48:57 +01:00
Tim Van Baak
39fe52a126
Replace shebang with shellcheck directive
2024-10-31 06:46:58 -07:00
Tim Van Baak
a530939fe4
Add check for one nix-build-* directory
2024-10-31 06:46:33 -07:00
Emil Petersen
78aedda6bd
Update content-address.md ( #11771 )
...
Correct a few typos. Make explicit that FSO acronym refers to File System Object.
2024-10-30 23:31:03 +00:00
Eelco Dolstra
7362987182
Merge remote-tracking branch 'nix-ghsa-wf4c-57rh-9pjg/advisory-fix-1'
2024-10-30 21:40:14 +01:00
Tim Van Baak
a75b082a28
Expand shellcheck coverage in functional tests
...
Ref NixOS/nix#10795
2024-10-30 08:27:06 -07:00
Jörg Thalheim
a8e600e386
Merge pull request #11641 from a-h/patch-1
...
docs: update distributed-builds.md
2024-10-30 14:17:07 +01:00
Adrian Hesketh
9491abdfec
docs: update distributed-builds.md
2024-10-30 13:28:13 +01:00
Robert Hensing
12e31ab77d
Merge pull request #11766 from NixOS/refactor-import
...
Refactor `import`
2024-10-30 04:19:08 +01:00
Robert Hensing
64744503cc
Tidy
2024-10-30 01:08:01 +01:00
Robert Hensing
760be5fe1e
refact: Extract derivationToValue
2024-10-30 01:06:51 +01:00
Robert Hensing
5f691206ba
refact: Extract scopedImport
2024-10-30 01:06:45 +01:00
John Ericson
63f9159953
Merge pull request #11751 from artemist/nix-utimensat
...
Add support for `utimensat` as an alternative to `lutimes`
2024-10-28 00:32:01 +01:00
Eelco Dolstra
059bdb5a64
Merge pull request #11750 from artemist/nix-openbsd
...
Fix building on OpenBSD
2024-10-27 12:51:38 +01:00
Artemis Tosini
d023202811
Add support for utimensat
as an alternative to lutimes
...
OpenBSD doesn't support `lutimes`, but does support `utimensat` which
subsumes it. In fact, all the BSDs, Linux, and newer macOS all support
it. So lets make this our first choice for the implementation.
In addition, let's get rid of the `lutimes` `ENOSYS` special case. The
Linux manpage says
> ENOSYS
>
> The kernel does not support this call; Linux 2.6.22 or later is
> required.
which I think is the origin of this check, but that's a very old version
of Linux at this point. The code can be simplified a lot of we drop
support for it here (as we've done elsewhere, anyways).
Co-Authored-By: John Ericson <John.Ericson@Obsidian.Systems>
2024-10-26 18:02:24 +00:00
Artemis Tosini
fecc1ca205
package.nix: Disable GC on OpenBSD
...
Nix fails to build on OpenBSD with a linking error due to a non-found
symbol in boehm-gc. Just disable the GC until we can find a proper
workaround.
2024-10-26 16:46:32 +00:00
Artemis Tosini
c49bff2434
Fix OpenBSD build with Makefiles
...
OpenBSD dynamic libraries never link to libc directly.
Instead, they have undefined symbols for all libc functions they use
that ld.so resolves to the libc referred to in the main executable.
Thus, disallowing undefined symbols will always fail
2024-10-24 21:48:19 +00:00
Robert Hensing
3db75b0060
Merge pull request #11729 from emhamm/nix-tests-help-only-if-docu
...
nix/tests: run test help.sh only if nix is built with documentation
2024-10-23 19:41:44 +02:00
Eelco Dolstra
7b7a61b3d7
Merge pull request #11726 from Mic92/warn-large-threshold
...
warn-large-path-threshold: define 0 as number to disable warnings
2024-10-23 13:41:28 +02:00
Eelco Dolstra
28b7ffe5eb
Merge pull request #11739 from DeterminateSystems/test-chroot-store
...
Add a test for chroot stores
2024-10-23 13:38:19 +02:00
Eelco Dolstra
75016c26f9
Add a test for chroot stores
2024-10-22 22:23:40 +02:00
Eelco Dolstra
e09666d314
Fix test name
2024-10-22 22:05:48 +02:00
Jörg Thalheim
e1834f4caa
warn-large-path-threshold: define 0 as number to disable warnings
...
the default int64_t max was still overflowing for me, when this was dumped as json (noticed during building the manual).
So making 0, the default and define it as "no warnings" fixes the situtation.
Also it's much more human-readable in documentation.
2024-10-22 18:23:19 +02:00
Robert Hensing
79bbb4a64c
Merge pull request #11731 from NixOS/fix-meson-darwin
...
Fix meson build on darwin
2024-10-22 17:21:38 +02:00
Robert Hensing
d1e0bae55a
local-derivation-goal: Move builder preparation to non-builtin code path
2024-10-22 15:30:03 +02:00
Robert Hensing
766263d53a
Fix meson build on darwin
...
std::stringbuf is defined in <sstream>
2024-10-22 15:30:03 +02:00
Robert Hensing
06e27042e1
local-derivation-goal: Refactor
...
This works because the `builder` and `args` variables are only used
in the non-builtin code path.
Co-Authored-By: Théophane Hufschmitt <theophane.hufschmitt@tweag.io>
2024-10-22 15:30:03 +02:00
Robert Hensing
14d09e0b55
local-derivation-goal: Print sandbox error detail on darwin
...
Co-Authored-By: Théophane Hufschmitt <theophane.hufschmitt@tweag.io>
2024-10-22 15:30:03 +02:00
Robert Hensing
f733553061
packaging: Add darwin -lsandbox in meson
2024-10-22 15:30:03 +02:00
Puck Meerburg
d2c880b03f
fix: Run all derivation builders inside the sandbox on macOS
2024-10-22 15:30:03 +02:00
Eelco Dolstra
eaae19403d
Merge pull request #11706 from ivan-tkatchev/fix-11704
...
nix shell/run: Use overlayfs
2024-10-22 14:17:28 +02:00
Marian Hammer
85b0cd320a
nix/tests: run test help.sh only if nix is built with documentation
...
tests/functional/help.sh calls nix-* commands with option --help
if nix is built without documentation the option --help throws an error
because the man page it wants to display is missing
2024-10-22 14:15:56 +02:00
Eelco Dolstra
c2cf01a21e
Merge pull request #11713 from Mic92/env-vars
...
fix env-vars beeing written to `/tmp`
2024-10-22 14:12:36 +02:00
Robert Hensing
0941a3a8ac
Merge pull request #11727 from Mic92/doxygen
...
make doxygen build more silent
2024-10-22 12:56:32 +02:00
Jörg Thalheim
2105574702
fix env-vars beeing written to /tmp
...
This overall seems like insecure tmp file handling to me. Because other
users could replace files in /tmp with a symlink and make the nix-shell
override other files.
fixes https://github.com/NixOS/nix/issues/11470
2024-10-22 08:21:18 +00:00
Jörg Thalheim
48a7ac23bc
make doxygen build more silent
...
The buildoutput of doxygen often hides important build warnings and
errors behind a wall of text.
2024-10-22 09:53:49 +02:00
tomberek
1ed166315c
Merge pull request #11717 from llakala/patch-1
...
docs: clarify syntax for escaping dollar curlies
2024-10-21 08:34:39 -04:00
tomberek
63e6672251
Merge pull request #11723 from roberth/doc-tryEval
...
doc: Explain why tryEval does not return the message
2024-10-21 08:33:07 -04:00
Jörg Thalheim
b93b910fec
Merge pull request #11718 from xokdvium/dev/move-create-directory-out-of-assert
...
fix(nix/eval.cc): move call to `fs::create_directory` out of `assert`
2024-10-21 14:22:40 +02:00
Robert Hensing
90d257b771
doc: Explain why tryEval does not return the message
2024-10-20 19:31:16 +02:00
Sergei Zimmerman
8277b50b6f
fix(nix/eval.cc): move call to fs::create_directory
out of assert
...
If the call is inside the assertion, then in non-assert builds
the call would be stripped out. This is highly unexpected.
2024-10-19 00:40:14 +03:00
Eman Resu
defff01a51
docs: clarify syntax for escaping dollar curlies
2024-10-18 13:26:38 -04:00
John Ericson
694c378d14
Merge pull request #11708 from obsidiansystems/move-tests
...
Move unit tests to the location Meson expects them to be
2024-10-17 16:15:34 -04:00
John Ericson
e65510da56
Move unit tests to the location Meson expects them to be
...
Everything that is a separate subproject should live in the subprojects
directory.
Progress on #2503
This reverts commit 451f8a8c19
.
2024-10-17 15:42:16 -04:00
Eelco Dolstra
1cd48008f0
Merge pull request #11710 from NixOS/doc-onboarding
...
maintainers/onboarding: Start documenting
2024-10-17 11:06:23 +02:00
Eelco Dolstra
2e2c7f3b14
Merge pull request #11709 from DeterminateSystems/remove-team-list
...
maintainers/README.md: Remove the list of team members
2024-10-17 11:05:55 +02:00
Robert Hensing
c196011d23
maintainers/onboarding: Start documenting
2024-10-16 22:06:28 +02:00
Eelco Dolstra
7bd0c70b37
maintainers/README.md: Remove the list of team members
...
Let's have one canonical location for the team membership.
2024-10-16 22:03:44 +02:00
Robert Hensing
f51974d698
Merge pull request #11665 from roberth/fix-Interrupted-falling-out-of-thread
...
Fix `Interrupted` falling out of thread crash
2024-10-16 20:09:29 +02:00