Commit Graph

1210 Commits

Author SHA1 Message Date
Robert Scott
4a91b3e798 cc-wrapper: add trivialautovarinit hardening flag support
this equates to -ftrivial-auto-var-init=pattern

clang has removed support for -ftrivial-auto-var-init=zero and
are unlikely to re-add it, so use -ftrivial-auto-var-init=pattern
on both compilers if only to make behaviour more consistent
between the two.

add to pkgsExtraHardening's defaultHardeningFlags.
2024-02-24 12:00:09 +00:00
Vladimír Čunát
eff11adc57
Merge #286721: stdenv: fix rare tar.xz decompression issues
...into staging
2024-02-17 08:45:01 +01:00
Isidor Zeuner
11a19109b6 stdenv: disregard xz exit status in order to fix subtle decompression issues
There is a subtle bug with unpacking `tar.xz` archives which seems to happen only on some setups, and sometimes not in a reproducible manner (https://github.com/NixOS/nixpkgs/issues/278130, https://github.com/NixOS/nixpkgs/issues/20950). On the last occurrence, it could be tracked down to `xz` failing from a `SIGPIPE`, which can happen when it's connected to `tar` through a pipe and `tar` exits earlier (see e.g. https://www.linuxquestions.org/questions/slackware-14/%5Bpatch%5D-tar-issuing-a-sigpipe-in-installpkg-4175637923/ or https://bugs.gentoo.org/573642#c5).

Since `tar` should be able by itself to detect whether the archive is complete, I suggest to disregard the exit code from the `xz` invocation, done in this PR.

Fixes  https://github.com/NixOS/nixpkgs/issues/278130 (script tested here: https://github.com/NixOS/nixpkgs/pull/286579)
Probably also fixes https://github.com/NixOS/nixpkgs/issues/20950 (issue not reproduced here, feedback therefore welcome)
2024-02-13 17:00:48 +01:00
Kait Lam
355ab764b4 stdenv: refactor of --replace-{quiet,warn,fail} logic
This is a small simplification of the control flow surrounding these cases. It should make it more obvious when each case happens, and also explicitly defines the current behaviour of --replace.
2024-02-11 10:48:37 +10:00
Rick van Schijndel
2c98eaf597
Merge pull request #286526 from pbsds/fix-replace-quiet-1707148527
stdenv: fix `substituteStream --replace-quiet` deprecation warning
2024-02-07 21:35:19 +01:00
Peder Bergebakken Sundt
cb4c41f93a stdenv: fix substituteStream --replace-quiet deprecation warning 2024-02-05 17:28:02 +01:00
Robert Scott
40868719b0 cc-wrapper: add zerocallusedregs hardening flag
this uses the value `used-gpr` which seems to be a commonly
chosen value for general use
2024-01-20 13:48:33 +00:00
Peder Bergebakken Sundt
4c1b74bac7 stdenv: substituteStream: escape echoed pattern in --replace mismatch warning 2024-01-14 22:08:03 +01:00
Peder Bergebakken Sundt
e07a2fab7f stdenv: substituteStream: deprecate --replace in favor of --replace-{fail,warn,quiet} 2024-01-14 22:07:58 +01:00
sternenseemann
f734056102 stdenv: fix evaluation if !stdenv.cc.hasCC
stdenv.cc may throw, e.g. in the case of pkgsCross.ghcjs where we must
not force it for the purpose of attribute accessing (`or` doesn't
implicitly tryEval…).

Regression introduced in 1a5bd697ad.
2024-01-13 12:45:36 +01:00
K900
bff9ee8862 Merge remote-tracking branch 'origin/master' into staging-next 2024-01-09 13:03:34 +03:00
Ryan Burns
c324705cc3 treewide: simplify exec format conditionals 2024-01-07 17:43:33 -08:00
Weijia Wang
eb5334c27d Merge branch 'master' into staging-next 2024-01-03 03:22:40 +01:00
adisbladis
4a5f2bd6e8 stdenv/check-meta: Use bespoke type checking
Aka `checkMeta` goes brrr.

Using the module system type checking works OK & generates good error messages.
The performance of using it however is terrible because of the value merging it does being very allocation heavy.

By implementing a very minimal type checker we can drastically improve the performance when nixpkgs is evaluated with `checkMeta = true`.
2023-12-26 15:14:42 +13:00
Martin Weinelt
e8dd1cf066 Merge remote-tracking branch 'origin/staging-next' into staging 2023-12-12 14:13:07 +01:00
adisbladis
1e66093cca
Merge pull request #269546 from adisbladis/stdenv-meta-no-intermediate-alloc
stdenv: Avoid allocating intermediate attrset when checking meta validity
2023-12-12 10:57:44 +13:00
adisbladis
6aa414bcfd
Merge pull request #269782 from adisbladis/stdenv-meta-tolist-license-allocations
stdenv: Avoid some list allocations in check-meta when checking licenses
2023-12-12 10:55:58 +13:00
adisbladis
9a0a097a94 stdenv: Avoid allocating intermediate attrset when checking meta validity
This is a small performance optimization. It should be impercetible to most.

Benchmarks:

- Before
``` json
{
  "cpuTime": 0.2777960002422333,
  "envs": {
    "bytes": 3832648,
    "elements": 189513,
    "number": 144784
  },
  "gc": {
    "heapSize": 402915328,
    "totalBytes": 50229344
  },
  "list": {
    "bytes": 655304,
    "concats": 3249,
    "elements": 81913
  },
  "nrAvoided": 218962,
  "nrFunctionCalls": 127718,
  "nrLookups": 40946,
  "nrOpUpdateValuesCopied": 1563978,
  "nrOpUpdates": 8542,
  "nrPrimOpCalls": 113032,
  "nrThunks": 329605,
  "sets": {
    "bytes": 29774864,
    "elements": 1824537,
    "number": 36392
  },
  "sizes": {
    "Attr": 16,
    "Bindings": 16,
    "Env": 16,
    "Value": 24
  },
  "symbols": {
    "bytes": 235909,
    "number": 24432
  },
  "values": {
    "bytes": 9691392,
    "number": 403808
  }
}
```

- After
```
{
  "cpuTime": 0.2615779936313629,
  "envs": {
    "bytes": 3833832,
    "elements": 189661,
    "number": 144784
  },
  "gc": {
    "heapSize": 402915328,
    "totalBytes": 50212960
  },
  "list": {
    "bytes": 655304,
    "concats": 3249,
    "elements": 81913
  },
  "nrAvoided": 218814,
  "nrFunctionCalls": 127718,
  "nrLookups": 40798,
  "nrOpUpdateValuesCopied": 1563978,
  "nrOpUpdates": 8542,
  "nrPrimOpCalls": 113032,
  "nrThunks": 329457,
  "sets": {
    "bytes": 29765392,
    "elements": 1824093,
    "number": 36244
  },
  "sizes": {
    "Attr": 16,
    "Bindings": 16,
    "Env": 16,
    "Value": 24
  },
  "symbols": {
    "bytes": 235909,
    "number": 24432
  },
  "values": {
    "bytes": 9687840,
    "number": 403660
  }
}
```
2023-12-12 00:08:34 +13:00
adisbladis
3b13bd5c84 stdenv: Avoid some list allocations in check-meta when checking licenses 2023-12-12 00:03:20 +13:00
Robert Scott
1a5bd697ad mkDerivation, bintools-wrapper: move defaultHardeningFlags determination to bintools-wrapper
this makes it a lot easier to create a modified stdenv with a
different set of defaultHardeningFlags and as a bonus allows us
to inject the correct defaultHardeningFlags into toolchain wrapper
scripts, reducing repetition.

while most hardening flags are arguably more of a compiler thing,
it works better to put them in bintools-wrapper because cc-wrapper
can easily refer to bintools but not vice-versa.

mkDerivation can still easily refer to either when it is constructed.

this also switches fortran-hook.sh to use the same defaults for
NIX_HARDENING_ENABLE as for C. previously NIX_HARDENING_ENABLE
defaults were apparently used to avoid passing problematic flags
to a fortran compiler, but this falls apart as soon as mkDerivation
sets its own NIX_HARDENING_ENABLE - cc.hardeningUnsupportedFlags
is a more appropriate mechanism for this as it actively filters
out flags from being used by the wrapper, so switch to using that
instead.

this is still an imperfect mechanism because it doesn't handle a
compiler which has both langFortran *and* langC very well - applying
the superset of the two's hardeningUnsupportedFlags to either
compiler's invocation. however this is nothing new - cc-wrapper
already poorly handles a langFortran+langC compiler, applying two
setup hooks that have contradictory options.
2023-12-09 16:30:45 +00:00
Martin Weinelt
570af7d909
Merge pull request #263446 from emilylange/stdenv-xz-multithread
stdenv: enable multithreading for `xz` decompression
2023-12-06 15:41:01 +01:00
Vladimír Čunát
305cd929fd
Merge branch 'staging' into staging-next 2023-12-01 07:33:49 +01:00
Alyssa Ross
0d44b5b773 pkgsStatic.stdenv: fix custom CMake LINKER_LANGUAGE
If a CMake target has a non-default LINKER_LANGUAGE set, CMake will
manually add the libraries it has detected that language's compiler as
linking implicitly.  When it does this, it'll pass -Bstatic and
-Bdynamic options based on the vibes it gets from each such detected
library.  This in itself isn't a problem, because the compiler
toolchain, or our wrapper, or something, seems to be smart enough to
ignore -Bdynamic for those libraries.  But it does create a problem if
the compiler adds extra libraries to the linker command line after
that final -Bdynamic, because those will be linked dynamically.  Since
our compiler is static by default, CMake should reset to -Bstatic
after it's done manually specifying libraries, but CMake didn't
actually know that our compiler is static by default.  The fix for
that is to tell it, like so.

Until recently, this problem was difficult to notice, because it would
result binaries that worked, but that were dynamically linked.  Since
e08ce498f0 ("cc-wrapper: Account for NIX_LDFLAGS and NIX_CFLAGS_LINK
in linkType"), though, -Wl,-dynamic-linker is no longer mistakenly
passed for executables that are supposed to be static, so they end up
created with a /lib interpreter path, and so don't run at all on
NixOS.

This fixes pkgsStatic.graphite2.
2023-11-30 10:46:44 +00:00
github-actions[bot]
e019e7cdb1
Merge staging-next into staging 2023-11-29 12:01:23 +00:00
piegames
cb47f7e108
Merge pull request #267309: check-meta: Improve performance 2023-11-29 12:46:12 +01:00
Artturi
4b27e14f8c
Merge pull request #265738 from Artturin/patchshebangcon
stdenv: run patchShebangs on the configure script when it's a file
2023-11-26 01:28:41 +02:00
Artturin
e68001550d stdenv: run patchShebangs on the configure script when it's a file
if the configure script has a `/usr/bin/env` or some other shebang which
is not in the sandbox then there will be errors such as

`...-stdenv-linux/setup: line 1299: ./configure: cannot execute: required file not found`

There are 250 files which `patchShebangs` `./configure`

https://github.com/search?q=NOT+is%3Afork+lang%3Anix+%2FpatchShebangs+.%5C%2Fconfigure%2F&type=code
2023-11-25 18:16:12 +02:00
Ivan Mincik
3b4b805561 stdenv: consistent phases header
Make phases header consistent for all phases.

`Running phase:` is from an old nix ux doc from 2020

https://github.com/tweag/nix-ux/blob/master/first_steps_with_nix_v2.md

Co-authored-by: Artturin <Artturin@artturin.com>
2023-11-17 03:11:48 +02:00
Artturin
249c6d04b1 check-meta: don't use rec
possible performance improvement
2023-11-14 16:00:42 +02:00
Artturin
0527676bd9 check-meta: don't use with 2023-11-13 23:47:25 +02:00
Artturin
215951e4c8 check-meta: Improve performance
See c3c31aa798
2023-11-13 23:43:03 +02:00
Weijia Wang
74d102ce50 Merge branch 'master' into staging-next 2023-11-12 19:45:20 +01:00
Artturin
c3c31aa798 stdenv: Improve performance
| stat                   | before          | after           | Δ               | Δ%      |
|------------------------|-----------------|-----------------|-----------------|---------|
| cpuTime                | 513.67          | 507.77          | ↘ 5.90          | -1.15%  |
| envs-bytes             | 20,682,847,968  | 20,628,961,616  | ↘ 53,886,352    | -0.26%  |
| envs-elements          | 1,054,735,104   | 1,051,395,620   | ↘ 3,339,484     | -0.32%  |
| envs-number            | 765,310,446     | 763,612,291     | ↘ 1,698,155     | -0.22%  |
| gc-heapSize            | 53,439,602,688  | 51,711,545,344  | ↘ 1,728,057,344 | -3.23%  |
| gc-totalBytes          | 113,062,066,672 | 112,139,998,240 | ↘ 922,068,432   | -0.82%  |
| list-bytes             | 3,118,249,784   | 3,118,249,784   | 0               |         |
| list-concats           | 52,834,140      | 52,834,140      | 0               |         |
| list-elements          | 389,781,223     | 389,781,223     | 0               |         |
| nrAvoided              | 968,097,988     | 991,889,795     | ↗ 23,791,807    | 2.46%   |
| nrFunctionCalls        | 697,259,792     | 697,259,792     | 0               |         |
| nrLookups              | 510,257,062     | 338,275,331     | ↘ 171,981,731   | -33.70% |
| nrOpUpdateValuesCopied | 1,446,690,216   | 1,446,690,216   | 0               |         |
| nrOpUpdates            | 68,504,034      | 68,504,034      | 0               |         |
| nrPrimOpCalls          | 429,464,805     | 429,464,805     | 0               |         |
| nrThunks               | 1,009,240,391   | 982,109,100     | ↘ 27,131,291    | -2.69%  |
| sets-bytes             | 33,524,722,928  | 33,524,722,928  | 0               |         |
| sets-elements          | 1,938,309,212   | 1,938,309,212   | 0               |         |
| sets-number            | 156,985,971     | 156,985,971     | 0               |         |
| sizes-Attr             | 16              | 16              | 0               |         |
| sizes-Bindings         | 16              | 16              | 0               |         |
| sizes-Env              | 16              | 16              | 0               |         |
| sizes-Value            | 24              | 24              | 0               |         |
| symbols-bytes          | 2,151,298       | 2,151,298       | 0               |         |
| symbols-number         | 159,707         | 159,707         | 0               |         |
| values-bytes           | 30,218,194,248  | 29,567,043,264  | ↘ 651,150,984   | -2.15%  |
| values-number          | 1,259,091,427   | 1,231,960,136   | ↘ 27,131,291    | -2.15%  |

> Accessing the lexical scope directly should be more efficient, yes, because it changes from a binary search (many lookups) to just two memory accesses
> correction: one short linked list + one array access
> oh and you had to do the lexical scope lookup anyway for lib itself
> so it really does save a binary search at basically no extra cost

- roberth

after seeing the stats

> Oooh nice. I did not consider that more of the maybeThunk optimization becomes effective (nrAvoided). Those lookups also caused allocations!

- roberth

Left `lib.generators` and `lib.strings` alone because they're only used
once.
2023-11-12 10:42:49 +02:00
Alyssa Ross
506dcaabb4 stdenv: fix meson rust cross compilation 2023-11-09 10:02:24 +01:00
github-actions[bot]
fecd99b105
Merge staging-next into staging 2023-11-09 06:01:40 +00:00
github-actions[bot]
4aad65bfdb
Merge master into staging-next 2023-11-09 06:01:11 +00:00
Artturi
71f42b7f1a
Merge pull request #230874 from Ninlives/runPhase 2023-11-07 20:00:47 +02:00
mlatus
707a5c09db stdenv: wrap phase running actions of genericBuild
Provide a `runPhase` function which wraps the phase running action of
genericBuild. The new function can be used as an interface by `nix
develop`, i.e. `nix develop some#flake --build` may just call `runPhase
build`, which makes its behavior more consistent with `nix build`.
In preparation of fixing https://github.com/NixOS/nix/issues/6202
2023-11-07 03:31:26 +02:00
emilylange
80627bfe8f
stdenv: enable multithreading for xz decompression
(only if the implementation supports it)

This speeds up the decompression of huge tar.xz tarballs (e.g. chromium)
on high core count systems.
2023-10-31 16:14:08 +01:00
Robert Hensing
e143a933f6 check-meta.nix: Fix flake note
- These new-cli commands can be used with `-f`, in which case they're
  evaluated with pure evaluation disabled.
- Nix 2.4+ is not part of the condition; "flakes" is fully descriptive
  and more relatable.
- Don't suggest that it only enables this variable.
- Just don't say too much.
2023-10-31 12:44:36 +01:00
github-actions[bot]
96132a216a
Merge master into staging-next 2023-10-26 18:01:02 +00:00
nicoo
87c22100a6 stdenv.mkDerivation: Reject MD5 hashes
While there is no fetcher or builder (in nixpkgs) that takes an `md5` parameter,
for some inscrutable reason the nix interpreter accepts the following:
```nix
fetchurl {
  url = "https://www.perdu.com";
  hash = "md5-rrdBU2a35b2PM2ZO+n/zGw==";
}
```

Note that neither MD5 nor SHA1 are allowed by the syntax of SRI hashes.
2023-10-25 23:14:15 +00:00
Maximilian Bosch
8bc5104a6e
treewide: refactor .attrs.sh detection
When specifying the `builder` attribute in `stdenv.mkDerivation`, this
will be effectively transformed into

    builtins.derivation {
      builder = stdenv.shell;
      args = [ "-e" builder ];
    }

This also means that `default-builder.sh` is never sourced and as a
result it's not guaranteed that `$NIX_ATTRS_SH_FILE` is set to a correct
location[1].

Also, we need to source `.attrs.sh` to source `$stdenv`. So, the
following is done now:

* If `$NIX_ATTRS_SH_FILE` points to a correct location, then use it.
  Directly using `.attrs.sh` is problematic for `nix-shell(1)` usage
  (see previous commit for more context), so prefer the environment
  variable if possible.

* Otherwise, if `.attrs.sh` exists, then use it. See [1] for when this
  can happen.

* If neither applies, it can be assumed that `__structuredAttrs` is
  turned off and thus nothing needs to be done.

[1] It's possible that it doesn't exist at all - in case of Nix 2.3 or
    it can point to a wrong location on older Nix versions with a bug in
    `__structuredAttrs`.
2023-10-04 18:36:57 +02:00
Maximilian Bosch
53c5f08415
stdenv: refactor .attrs.sh detection
Relying on `.attrs.sh` to exist in `$NIX_BUILD_TOP` is problematic
because that's not compatible with how `nix-shell(1)` behaves. It places
`.attrs.{json,sh}` into a temporary directory and makes them accessible via
`$NIX_ATTRS_{SH,JSON}_FILE` in the environment[1]. The sole reason that
`nix-shell(1)` still works with structured-attrs enabled derivations
is that the contents of `.attrs.sh` are sourced into the
shell before sourcing `$stdenv/setup` (if `$stdenv` exists) by `nix-shell`.

However, the assumption that two files called `.attrs.sh` and
`.attrs.json` exist in `$NIX_BUILD_TOP` is wrong in an interactive shell
session and thus an inconsistency between shell debug session and actual
builds which can lead to unexpected problems.

To be precise, we currently have the following problem: an expression
like

  with import ./. {};
  runCommand "foo" { __structuredAttrs = true; foo.bar = [ 1 2 3 ]; }
    ''
      echo "''${__structuredAttrs@Q}"
      touch $out
    ''

prints `1` in its build-log. However when building interactively in a
`nix-shell`, it doesn't.

Because of that, I'm considering to propose a full deprecation of
`$NIX_BUILD_TOP/.attrs.{json,sh}`. A first step is to only mention the
environment variables, but not the actual paths anymore in Nix's
manual[2]. The second step - this patch - is to fix nixpkgs' stdenv
accordingly.

Please note that we cannot check for `-e "$NIX_ATTRS_JSON_FILE"` because
certain outdated Nix minors (that are still in the range of supported
Nix versions in `nixpkgs`) have a bug where `NIX_ATTRS_JSON_FILE` points
to the wrong file while building[3].

Also, for compatibility with Nix 2.3 which doesn't provide these
environment variables at all we still need to check for the existence of
.attrs.json/.attrs.sh here. As soon as we bump nixpkgs' minver to 2.4,
this can be dropped.

Finally, dropped the check for ATTRS_SH_FILE because that was never
relevant. In nix#4770 the ATTRS_SH_FILE variable was introduced[4] and
in a review iteration prefixed with NIX_[5]. In other words, these
variables were never part of a release and you'd only have this problem
if you'd use a Nix from a git revision of my branch from back then. In
other words, that's dead code.

[1] https://github.com/nixos/nix/pull/4770#issuecomment-834718851
[2] https://github.com/NixOS/nix/pull/9032
[3] https://github.com/NixOS/nix/issues/6736
[4] 3944a120ec
[5] 27ce722638
2023-10-04 18:35:30 +02:00
Artturi
d5139e3017
Merge pull request #245909 from Artturin/setupshchanges2 2023-09-04 20:41:16 +03:00
Artturin
1db1e3c467 stdenv: Fix possible issues discovered with
```
set -o errexit -o nounset -o pipefail
shopt -s inherit_errexit
```

in `stdenv/default-builder.sh`
2023-09-02 03:25:36 +03:00
Artturin
c25f7f894f stdenv: Add hack to fix cmake canExecute cross-compilation
Fixes `pkgsCross.musl64.llvmPackages_16.clang.cc` on `x86_64-linux`,
which used to fail with `/bin/sh: clang-tblgen: not found`.

Same hack is used in other projects:
https://github.com/search?q=%2FCMAKE_CROSSCOMPILING_EMULATOR.%2B%5C%2Fusr%5C%2Fbin%5C%2Fenv%2F+NOT+is%3Afork&type=code

Comment from 30435a9d0f/build/cmake/HostLinuxToolchain.cmake (L64)

> Required to run host Linux executables during the build itself.
> An example would be https://gitub.com/KhronosGroup/Vulkan-Loader and
> its "asm_offset" program.
>
> NOTE: Alternatives have been tried unsuccessfully, i.e.:
>
>  With $(set CMAKE_CROSSCOMPILING_EMULATOR), the build fails because
>  the CMake ninja/Make script tries to find the executable in the current
>  path, as in:
>
>    [3/16] Generating gen_defines.asm
>    FAILED: loader/gen_defines.asm
>    cd /tmp/cc/build-Vulkan-Loader/loader && asm_offset GAS
>    /bin/sh: asm_offset: command not found
>    ninja: build stopped: subcommand failed.
>
> With $(set CMAKE_CROSSCOMPILING_EMULATOR ""), the build fails because
> the shell cannot find the "" program as in:
>
>    [3/16] Generating gen_defines.asm
>    FAILED: loader/gen_defines.asm
>    cd /tmp/cc/build-Vulkan-Loader/loader && "" /tmp/cc/build-Vulkan-Loader/loader/asm_offset GAS
>    /bin/sh: : command not found
>    ninja: build stopped: subcommand failed.
>
> It seems that the root of the problem comes from how the CMake function
> cmCustomCommandGenerator::GetArgc0Location() computes the target
> executable's location. At this point it's unclear whether this is a CMake
> bug or a feature.

Risicle discovered this hack.

Co-authored-by: Robert Scott <code@humanleg.org.uk>
2023-08-29 22:12:06 +03:00
Artturin
87db45704f stdenv: Print _allFlags debug output to stderr
In the default `fixupPhase` the output of `substituteAllStream` is
streamed to setup-hook.

`stdenv.cc.bintools.overrideAttrs { NIX_DEBUG = 6; }`

With `NIX_DEBUG` contains:

```
@expandResponseParams@ -> /nix/store/yl01rd58vp4m8bbhkihpk132cprfmx6f-expand-response-params/bin/expand-response-params
...
```
2023-08-10 17:35:07 +03:00
github-actions[bot]
0031ae7742
Merge staging-next into staging 2023-08-06 00:03:36 +00:00
github-actions[bot]
c90f3611dc
Merge master into staging-next 2023-08-06 00:02:21 +00:00
Jan Malakhovski
85d4248a4f
treewide: fix some comments (#247365)
* pkgs/top-level/splice.nix: fix broken comment

* stdenv: use a value that actually works in the comment there
2023-08-05 23:01:26 +02:00
Vladimír Čunát
2141d9879a
Revert "stdenv: use improved strip.sh for aarch64-linux"
This reverts commit 39919b8f21.
The parent merge resolved this more properly.
2023-07-31 11:20:15 +02:00
Vladimír Čunát
39919b8f21
stdenv: use improved strip.sh for aarch64-linux
Adapted from PR #246164
TODO: clean up / use it everywhere on the next rebuild.
2023-07-30 21:18:30 +02:00
Artturin
9816ca55c2 stdenv: Make condition clearer
-z checks for a empty string
-n checks for a not empty string

It makes more sense to run the chmod if the string is not empty
2023-07-28 04:20:26 +03:00
Vladimír Čunát
58392652f0
Merge #224822: hardening flags: enable fortify3 by default
...into staging
2023-07-06 10:33:24 +02:00
Artturin
42c94d06fd stdenv: fix overriding with attrset when finalAttrs isn't used
```
nix-repl> (pkgs.htop.overrideAttrs { pname = "hello-overriden"; }).pname
error:
       … while evaluating a branch condition

         at /nix/store/phn5cahwacv9wjgalygw62x8l4xbl6x3-source/lib/customisation.nix:86:7:

           85|     in
           86|       if builtins.isAttrs result then
             |       ^
           87|         result // {

       … while calling the 'isAttrs' builtin

         at /nix/store/phn5cahwacv9wjgalygw62x8l4xbl6x3-source/lib/customisation.nix:86:10:

           85|     in
           86|       if builtins.isAttrs result then
             |          ^
           87|         result // {

       (stack trace truncated; use '--show-trace' to show the full trace)

       error: attempt to call something which is not a function but a set

       at /nix/store/phn5cahwacv9wjgalygw62x8l4xbl6x3-source/pkgs/stdenv/generic/make-derivation.nix:58:21:

           57|           f = self: super:
           58|             let x = f0 super;
             |                     ^
           59|             in
```
2023-07-03 21:34:50 +03:00
Robert Hensing
1f5a0b0135
Merge pull request #239005 from Artturin/setorfunoverr
stdenv: let overrideAttrs accept attrset OR function
2023-07-01 15:27:23 +02:00
Artturin
0fdae31531 stdenv: let overrideAttrs accept attrset OR function
Makes overrideAttrs usable in the same way that `override` can be used.
It allows the first argument of `overrideAttrs` to be either a function
or an attrset, instead of only a function:

hello.overrideAttrs (old: { postBuild = "echo hello"; })
hello.overrideAttrs { postBuild = "echo hello"; }

Previously only the first example was possible.

Co-authored-by: adisbladis <adisbladis@gmail.com>
Co-authored-by: matthewcroughan <matt@croughan.sh>
2023-06-30 23:28:00 +03:00
Robert Scott
db3e94c3b2 hardening flags: enable fortify3 by default 2023-06-25 11:50:46 +01:00
Artturin
d88b362808 stdenv: finish removal of deprecated string/null Flags
forgot to do it before 23.05 but it's ok
2023-06-22 20:37:06 +03:00
Artturin
ac031478cb stdenv: use lib.isX instead of typeOf Y == X
more readable
2023-06-22 12:31:52 +03:00
Robert Hensing
dae6b98a90
Merge pull request #234883 from sternenseemann/nix-structured-attrs
stdenv/setup.sh: deal with Nix < 2.4 structured attrs
2023-05-31 19:41:58 +02:00
sternenseemann
1a29857b8a stdenv/setup.sh: deal with Nix < 2.4 structured attrs
Nix does not (as far it is documented) guarantee that NIX_ATTRS_*_FILE
is set, the only [documented] guarantee seems to be:

> […] made available to the builder via the file .attrs.json in the
> builder’s temporary directory.

This guarantee is of course affected by https://github.com/NixOS/nix/issues/6736,
so it seems to be prudent to fall back to the Nix 2.3 style ATTRS_*_FILE
env vars before defaulting to the expected location in case neither is
available.

See also:

- https://github.com/NixOS/nixpkgs/pull/214937#discussion_r1178101895
- https://github.com/nixos/nixpkgs/commit/afef6588e250

[documented]: https://nixos.org/manual/nix/stable/language/advanced-attributes.html#adv-attr-structuredAttrs
2023-05-29 23:12:24 +02:00
Sergei Trofimovich
c3bdae6ce5
Merge pull request #223861 from eliasnaur/no-nix-lib64-in-self-rpath
stdenv: don't set NIX_LIB*_IN_SELF_RPATH by default
2023-05-17 07:08:57 +01:00
Robert Hensing
9524f57dd5
Merge pull request #230666 from alyssais/inputDerivation-passAsFile
stdenv: fix inputDerivation with passAsFile
2023-05-09 20:36:29 +02:00
Alyssa Ross
a295c4566e
stdenv: fix inputDerivation with passAsFile
passAsFile passes the values of Nix bindings to the builder as
files, so if those values contained references, they wouldn't end up
in the inputDerivation output.  To fix that, append the contents of
every such passed file to the output.

We only have shell builtins in this derivation, so we can't use cat.
The only way I know of appending the contents of one file to another
using only shell builtins is as I've done here, but it requires
putting the contents of the file on echo's argv.  This might end up
causing problems with large files.  Regardless, I think we should try
this, as a failure is better than silently producing an incorrect
result like the previous behavior.
2023-05-09 14:00:57 +00:00
Alyssa Ross
cd0bccbbe0
stdenv: fix inputDerivation with allowed refs
Same motivation as for the disallowed references.
2023-05-08 12:02:59 +00:00
Sergei Trofimovich
72d71dd641 stdenv: do not pass __contentAddressed = false as environment variable
`nix-2.4+` automatically filters `__contentAddressed` out of the
environment. But not `nix-2.3`. This make `.drv` to differ between
unset and `__contentAddressed = false` derivations.

This change makes them equal by filtering out `__contentAddressed`
unless it's set to `true`.
2023-05-02 22:57:54 +01:00
Emily Trau
2ad68a7d90 stdenv: factor out meta attr augmentation for reusability
stdenv: check if separating commonMeta from assertValidity fixes laziness issue

```
error: cannot coerce null to a string

at /var/lib/ofborg/checkout/repo/38dca4e3aa6bca43ea96d2fcc04e8229/mr-est/ofborg-evaluator-3/pkgs/development/coq-modules/coq-lsp/default.nix:34:60:

    33|     homepage = "https://github.com/ejgallego/coq-lsp";
    34|     changelog = "https://github.com/ejgallego/coq-lsp/blob/${defaultVersion}/CHANGES.md";
```
2023-05-01 20:18:11 +03:00
Sandro
b04d4bad27
Merge pull request #216992 from SuperSandro2000/stdenvNative-fix-eval
{bintools,cc}-wrapper: don't fallback to version = null
2023-04-14 11:22:20 +02:00
Sandro Jäckel
b0ee79f9fd
mkDerivation: show meaningful error when version is set to null
instead of `Cannot coerce null to string`
2023-04-12 22:08:36 +02:00
Elias Naur
88fd6601d8 stdenv: remove the NIX_LIB*_IN_SELF_RPATH environment variables
The NIX_LIB64|32_IN_SELF_RPATH environment variables control whether
to add lib64 and lib32 to rpaths. However, they're set depending
on the build paltform, not the target platform and thus their values
are incorrect for for cross-builds.

On the other hand, setting them according to the build platform introduce
pointless differences in build outputs; see #221350 for details.

This change fixes the issues by boldly removes the NIX_LIB*_IN_SELF_RPATH
facility altogether, in the hope that it is no longer necessary. They
were introduced in 2009, long before nixpkgs had good support for
cross-builds.

Fixes #221350
2023-03-31 10:47:16 -06:00
Vladimír Čunát
12dd95fbb1
Merge branch 'master' into staging-next 2023-03-24 09:07:41 +01:00
Adam Joseph
13507da345 check-meta.nix: fix self-contradictory error messages
See https://github.com/NixOS/nixpkgs/pull/222792#pullrequestreview-1356114111

You can't just `lib.filter _ lib.systems.all` -- that throws away
important information, leading to nixpkgs disagreeing with itself
like this:

```
$ NIXPKGS_ALLOW_BROKEN=1 nix-instantiate . -A pkgsStatic.systemd
error: Package ‘systemd-252.5’ in ... is only supported on ... x86_64-linux but not on requested x86_64-linux, refusing to evaluate.
```

After:

```
$ NIXPKGS_ALLOW_BROKEN=1 nix-instantiate . -A pkgsStatic.systemd
error: Package ‘systemd-252.5’ in ... is not available on the requested hostPlatform:
         hostPlatform.config = "x86_64-unknown-linux-musl"
         package.meta.platforms = [
           "aarch64-linux"
           "armv5tel-linux"
           "armv6l-linux"
           "armv7a-linux"
           "armv7l-linux"
           "i686-linux"
           "m68k-linux"
           "microblaze-linux"
           "microblazeel-linux"
           "mipsel-linux"
           "mips64el-linux"
           "powerpc64-linux"
           "powerpc64le-linux"
           "riscv32-linux"
           "riscv64-linux"
           "s390-linux"
           "s390x-linux"
           "x86_64-linux"
         ]
         package.meta.badPlatforms = [
           {
             isStatic = true;
             parsed = { };
           }
         ]
       , refusing to evaluate.
```
2023-03-24 00:15:57 -07:00
Weijia Wang
b46c97e1dc stdenv: generalise showPlatforms 2023-03-23 23:47:11 +02:00
github-actions[bot]
307b719414
Merge master into staging-next 2023-03-23 18:01:20 +00:00
Weijia Wang
2a7e1e0228 stdenv: fix error with patterned platforms 2023-03-23 17:27:49 +02:00
Sandro
979c6c1fe4
Merge pull request #213780 from SuperSandro2000/check-meta-platform
stdenv: show supported and requested platforms when check meta fails
2023-03-23 15:01:34 +01:00
github-actions[bot]
455127ad5e
Merge master into staging-next 2023-03-16 18:01:20 +00:00
Bernardo Meurer
6e55733359
Merge pull request #219747 from Stunkymonkey/deprecate-isNull 2023-03-16 11:10:22 -03:00
Martin Weinelt
19680e9902
Merge pull request #217568 from trofi/stdenv-parallel-install
stdenv/generic/setup.sh: enable parallel installs for parallel builds
2023-03-15 17:10:19 +00:00
Felix Buehler
d10e69c86b treewide: deprecate isNull
https://nixos.org/manual/nix/stable/language/builtins.html#builtins-isNull
2023-03-06 22:40:04 +01:00
Sergei Trofimovich
69cf5181c3 stdenv/generic/setup.sh: enable parallel installs by default
The primary motivating example is openssl:

Before the change full package build took 1m54s minutes.
After the change full package build takes 59s.

About a 2x speedup.

The difference is visible because openssl builds hundreds of manpages
spawning a perl process per manual in `install` phase. Such a workload
is very easy to parallelize.

Another example would be `autotools`+`libtool` based build system where
install step requires relinking. The more binaries there are to relink
the more gain it will be to do it in parallel.

The change enables parallel installs by default only for buiilds that
already have parallel builds enabled. There is a high chance those build
systems already handle parallelism well but some packages will fail.

Consistently propagated the enableParallelBuilding to:
- cmake (enabled by default, similar to builds)
- ninja (set parallelism explicitly, don't rely on default)
- bmake (enable when requested)
- scons (enable when requested)
- meson (set parallelism explicitly, don't rely on default)
- waf (set parallelism explicitly, don't rely on default)
- qmake-4/5/6 (enable by default, similar to builds)
- xorg (always enable, similar to builds)
2023-02-26 22:02:09 +00:00
Rahul Butani
d364ee8d13
mkDerivation: do not disable separateDebugInfo on LLVM stdenvs
This was disabled here: b86e62d30d (diff-282a02cc3871874f16401347d8fadc90d59d7ab11f6a99eaa5173c3867e1a160)

h/t to @teh: b86e62d30d (commitcomment-77916294)
for pointing out that the failure that @matthewbauer was
seeing was caused by the `separate-debug-info.sh` `build-id` length
requirement that #146275 will relax

`lld` has had `--build-id` support dating back to LLVM4: https://reviews.llvm.org/D18091

This predates every `llvmPackages_` version currently in nixpkgs (and
certainly every version actually still used in `useLLVM` stdenvs) so
with the previous commit (asking `ld` for sufficiently long SHA1 hashes)
I think we can safely enable `separateDebugInfo` when using LLVM
bintools.
2023-02-25 12:49:40 -06:00
Robert Scott
0eedcfc3f4
Merge pull request #212498 from risicle/ris-fortify3
hardening flags: add `FORTIFY_SOURCE=3` support
2023-02-16 21:19:30 +00:00
github-actions[bot]
c4fe2133de
Merge staging-next into staging 2023-02-15 06:01:44 +00:00
github-actions[bot]
58cfebde3e
Merge staging-next into staging 2023-02-15 00:02:50 +00:00
Felix Buehler
bc3d5934d7 treewide: use lib.optionals 2023-02-14 19:11:59 +01:00
Felix Buehler
cdb39a86e0 treewide: use optionalString 2023-02-13 21:52:34 +01:00
github-actions[bot]
29c2637dda
Merge staging-next into staging 2023-02-13 12:02:05 +00:00
github-actions[bot]
fd8daee7c2
Merge master into staging-next 2023-02-13 12:01:30 +00:00
Artturin
84e37a10ec stdenv: allow propagating propagated dependencies separately from the
fixup phase

for makeSetupHook
2023-02-07 21:00:18 +02:00
Robert Hensing
059bd43546 make-derivation.nix: Support inputDerivation on disallowedReferences 2023-02-07 18:58:13 +01:00
Artturi
aa7d2fe7dc
Merge pull request #214937 from hercules-ci/support-NIX_ATTRS-envs 2023-02-06 20:59:10 +02:00
github-actions[bot]
36822caa75
Merge staging-next into staging 2023-02-06 18:02:09 +00:00
github-actions[bot]
f876e1f1e9
Merge master into staging-next 2023-02-06 18:01:37 +00:00
John Ericson
6d0b3086f7
Merge pull request #214304 from obsidiansystems/pkg-config-meta
meta.pkgConfigModules: Init convention
2023-02-06 11:44:29 -05:00
Robert Hensing
afef6588e2 stdenv/setup.sh: Allow NIX_ATTRS_{JSON,SH}_FILE to be set correctly by Nix 2023-02-06 14:17:59 +01:00
github-actions[bot]
dfee1a3150
Merge staging-next into staging 2023-02-05 00:03:15 +00:00
github-actions[bot]
bc833a50cc
Merge master into staging-next 2023-02-05 00:02:31 +00:00
superherointj
2c77d453e3
Merge pull request #213633 from alyssais/mkDerivation-meson-exotic
stdenv.mkDerivation: fix meson for some archs
2023-02-04 18:43:43 -03:00
John Ericson
6e4a1b18d9 meta.pkgConfigModules: Init convention
See docs.

Follow-up work:

- Existing packages should be converted

- `defaultPkgConfigPackages` should assert on `meta.pkgConfigModules`
  and let `tests.pkg-config` alone test the build results.

CC @sternenseemann

Co-authored-by: Robert Hensing <roberth@users.noreply.github.com>
2023-02-03 09:37:31 -05:00
Artturi
dcc7df7fe6
Merge pull request #211685 from Artturin/splicingstuff1-split 2023-02-03 12:49:08 +02:00
Artturi
fa5f0d6bd0
Merge pull request #211783 from R-VdP/fix_disallowed_references
stdenv: don't include drvs in disallowedRefs as build-time deps.
2023-01-31 20:51:03 +02:00
Sandro Jäckel
0a8e692d29
stdenv: show supported and requested platforms when check meta fails 2023-01-31 14:43:47 +01:00
github-actions[bot]
33d4318fcc
Merge staging-next into staging 2023-01-31 00:03:07 +00:00
github-actions[bot]
dd1ff149da
Merge master into staging-next 2023-01-31 00:02:31 +00:00
Alyssa Ross
b6304bf11d
stdenv.mkDerivation: fix meson for some archs
platform.uname.processor seems to be what we want in many more cases
than what we were using before — it does the right thing for aarch64,
x86_64, riscv32, riscv64, mips, mips64, powerpc, and powerpc64 (the
latter three of which were broken before).

This fixes cross-compilation of systemd for PowerPC/POWER platforms.
2023-01-30 19:42:19 +00:00
R-VdP
51acc6245e
stdenv: don't include drvs in disallowedRefs as build-time deps.
Derivations listed as disallowedReferences or disallowedRequisites,
currently end up as build-time dependencies.
This is problematic since the disallowed derivations will be built by nix as
build-time dependencies, while those derivations might take a very long time
to build, or might not even build successfully on the platform used.
However, in order to scan for disallowed references in the final output,
knowing the out path is sufficient, and the out path can be calculated from
the derivation without needing to build it, saving time and resources.

While the problem is less severe for allowedReferences and allowedRequisites,
since we want the derivation to be built eventually, we would still like to
get the error early and without having to wait while nix builds a derivation
that might not be used (e.g. if we listed the wrong one).
2023-01-30 17:58:05 +01:00
Sergei Trofimovich
b3a97d7eb4
Merge pull request #211910 from tejing1/srcs-name-collision
stdenv: Improve error from `stdenv` when `srcs` is used with colliding directories
2023-01-29 12:04:42 +00:00
Jeff Huffman
183939da54
improve error when srcs is used with directories with the same post-hash name 2023-01-29 04:27:24 -05:00
Adam Joseph
778419b9e6 Revert "lib/meta.nix: platformMatch: allow predicate functions"
This reverts commit b7d097438b.
2023-01-27 01:49:39 -08:00
Robert Scott
3d453e2aee mkDerivation: add support for fortify3 hardening flag 2023-01-24 21:52:10 +00:00
github-actions[bot]
feb2240b37
Merge master into staging-next 2023-01-22 18:01:03 +00:00
Adam Joseph
b7d097438b lib/meta.nix: platformMatch: allow predicate functions 2023-01-22 00:27:19 -08:00
Guillaume Girol
f39abbc350 mkDerivation: introduce native checkInputs and nativeCheckInputs
When strictDeps is set, only nativeCheckInputs are added to PATH and
only checkInputs can be linked against. See https://github.com/NixOS/nixpkgs/issues/161570
2023-01-21 16:42:09 +01:00
Guillaume Girol
90c78aee6c Merge branch 'nativeCheckInputs' into staging-nativeCheckInputs 2023-01-21 12:00:00 +00:00
Andrew Childs
68f1182b65 stdenv: don't clobber useArray and type in {prepend,append}ToVar
Some other packages, for example ruby gems via buildRubyGem, use a
variable called "type" internally, which is overwritten here and
causes failures like:

    failure: $gempkg path unspecified

Fix for changes in 11c3127e38.
2023-01-18 11:59:47 +09:00
Artturin
e525ae1e1e stdenv: disable shellcheck rule SC2068 & SC1091
this is intentional to support both structuredAttrs and non

In pkgs/stdenv/generic/setup.sh line 614:
for pkg in ${depsBuildBuild[@]} ${depsBuildBuildPropagated[@]}; do
           ^------------------^ SC2068 (error): Double quote array expansions to avoid re-splitting elements.

In pkgs/stdenv/generic/setup.sh line 521:
    local varRef="$varVar[$((targetOffset - hostOffset))]"
                  ^-- SC1087 (error): Use braces when expanding arrays, e.g. ${array[idx]} (or ${var}[.. to quiet).
2023-01-16 23:54:14 +02:00
Artturin
f2c27018f0 stdenv: fix SC2242
exit -1 == exit 255 but we don't have a reason to use 255

In pkgs/stdenv/generic/setup.sh line 518:
    (( hostOffset <= targetOffset )) || exit -1
                                             ^-- SC2242 (error): Can only exit with status 0-255. Other data should be wri
tten to stdout/stderr.
2023-01-16 23:03:21 +02:00
Artturin
e58785bf41 stdenv: disable shellcheck rule SC2048
we use [*] to support structuredAttrs and non

In pkgs/stdenv/generic/setup.sh line 1542:
    for curPhase in ${phases[*]}; do
                    ^----------^ SC2048 (warning): Use "${array[@]}" (with quotes) to prevent whitespace problems.
2023-01-16 08:23:04 +02:00
Artturin
4db439c599 stdenv: disable shellcheck rules
In pkgs/stdenv/generic/setup.sh line 101:
        source "$hookName"
               ^---------^ SC1090 (warning): ShellCheck can't follow non-constant source. Use a directive to specify location.

In pkgs/stdenv/generic/setup.sh line 166:
            mkdir -p "$out/nix-support"
                      ^--^ SC2154 (warning): out is referenced but not assigned.

In pkgs/stdenv/generic/setup.sh line 407:
PATH=
^--^ SC2123 (warning): PATH is the shell search path. Use another name.

In pkgs/stdenv/generic/setup.sh line 452:
declare -a pkgBuildAccumVars=(pkgsBuildBuild pkgsBuildHost pkgsBuildTarget)
           ^---------------^ SC2034 (warning): pkgBuildAccumVars appears unused. Verify use (or export if used e
xternally).
because pkgBuildAccumVars is used

In pkgs/stdenv/generic/setup.sh line 235:
        nameref="$* ${nameref-}"
        ^-----^ SC2178 (warning): Variable was used as an array but is now assigned a string.
because we theres a useArray conditional
2023-01-16 08:01:38 +02:00
Artturin
0417f953e2 stdenv: fix SC2004 & SC2086
SC2004 (style): $/${} is unnecessary on arithmetic variables.
SC2086 (info): Double quote to prevent globbing and word splitting.
2023-01-16 07:54:19 +02:00
Artturin
0e8263ce73 stdenv: fix SC2223
In pkgs/stdenv/generic/setup.sh line 36:
    : ${outputs:=out}
      ^-------------^ SC2223 (info): This default assignment may cause DoS due to globbing. Quote it.
2023-01-16 07:54:19 +02:00
Artturin
856f3a46b2 stdenv: drop remove unnecessary env var
and the associated obsolete functions

support for log nesting was removed in 2017 6669a3b477
2023-01-15 23:56:23 +02:00
Robert Hensing
bff126ffbc stdenv.mkDerivation: Make overrideAttrs overridable
(cherry picked from commit 43c8b43f808f48fd5600afcad5503eaeaf6d71b7)
2023-01-15 04:37:14 +02:00
Artturi
f338f1422e
Merge pull request #209371 from Artturin/gziprepro
gzip: make reproducible when GZIP_NO_TIMESTAMPS is set
2023-01-15 00:04:51 +02:00
Artturin
88f36d2694 gzip: make reproducible when GZIP_NO_TIMESTAMPS is set
the logic can be tested with

```
$ GZIP_NO_TIMESTAMPS=1 && echo "${GZIP_NO_TIMESTAMPS:+-n }"
-n
$ unset GZIP_NO_TIMESTAMPS && echo "${GZIP_NO_TIMESTAMPS:+-n }"

```
2023-01-12 01:30:29 +02:00
github-actions[bot]
b3d2428df4
Merge staging-next into staging 2023-01-11 20:59:01 +00:00
github-actions[bot]
a113c6f06f
Merge master into staging-next 2023-01-11 20:58:29 +00:00
Adam Joseph
098c6b0bec check-meta(hasUnsupportedPlatform): use lib.meta.availableOn
`hasUnsupportedPlatform` was not updated with #37395, so it does not
understand attrsets in `meta.[bad]platforms`.  In particular,
attrsets in `meta.badPlatforms` will "fail open" and be ignored.

Let's use `lib.meta.availableOn` instead of duplicating its logic.

Thanks to @alyssais for [noticing][1].

[1][https://github.com/NixOS/nixpkgs/pull/194148#discussion_r990817610]

Co-authored-by: sternenseemann <sternenseemann@systemli.org>
2023-01-11 19:31:52 +00:00
Artturin
314b03125f stdenv: don't fail installPhase on missing makefile
otherwise the build just fails with 'make: *** No rule to make target 'install'.  Stop.'

and update buildPhase message

i don't know if the 'makefile may have been created in buildPhase' is
true but i guess it might be possible
2023-01-06 03:01:39 +02:00
github-actions[bot]
789ae2c93d
Merge staging-next into staging 2023-01-04 18:01:36 +00:00
Adam Joseph
607d59fa9e check-meta.nix: make non-source consistent with documentation
The documentation for `meta.sourceProvenance` in
`doc/stdenv/meta.chapter.md` says: "the `meta.sourceProvenance`
attribute should be a list containing one or more value..."

Let's update check-meta.nix to require that `meta.sourceProvenance` is
a list, as the documentation says, rather than a single element.

Adding two extra keystrokes `[` and `]` when filling out this field is
an insignificant burden for package authors, and being able to assume
that the `meta.sourceProvenance` field is always a list greatly
simplifies any code that acts on the value of this field.

Since `meta.sourceProvenance` was just merged a few hours ago now is
the easiest time to fix this: nobody is using the feature yet.
2023-01-01 18:21:11 -08:00
Jan Tojnar
5810109b42 Merge branch 'staging-next' into staging
- readline6 attribute removed from all-packages.nix in d879125d61
- readline attribute was bumped to readline82 in 50adabdd60
2023-01-02 03:04:32 +01:00
Naïm Favier
4af22aab8e
stdenv/check-meta: do deep type checks
Use a wrapper around `mergeDefinitions` to type-check values deeply, so
that e.g. `maintainers = [ 42 ];` is an error.
2023-01-01 14:10:42 +01:00
github-actions[bot]
dc7ebb0163
Merge staging-next into staging 2022-12-18 18:01:41 +00:00
figsoda
ec8cb34358 treewide: fix typos 2022-12-17 19:39:44 -05:00
Sergei Trofimovich
428107f837 stdenv: set enableParallelBuilding explicitly if enableParallelBuildingByDefault is set
Without the change we don't propagate `enableParallelBuilding = true`
and leave most builds sequential.

Noticed on `mythtv` package which did not specify parallelism and
`config.enableParallelBuildingByDefault = true` had no effect.
2022-12-17 22:23:24 +00:00
Naïm Favier
0b067316d4
stdenv: use intersectAttrs instead of intersectLists
Better complexity.
2022-12-17 12:55:44 +01:00
Naïm Favier
84eebc0fe4
Merge pull request #205944 from ncfavier/structured-attrs-env 2022-12-15 13:27:54 +01:00
Naïm Favier
e14de22618
stdenv: handle env gracefully
Derivations not using `__structuredAttrs` should not attempt to set
environment variables from `env`.

Derivations using `__structuredAttrs` should fail if `env` is not
exportable.
2022-12-15 13:27:11 +01:00
Artturin
630bb71ac5 stdenv: sort defaultNativeBuildInputs alphabetically 2022-12-13 01:12:20 +02:00
Artturin
b3717f6c14 stdenv: remove now unneeded linux conditional 2022-12-13 01:04:29 +02:00
Artturin
7866db71cc stdenv/generic: fix todo 2022-12-13 00:34:48 +02:00
Artturin
11c3127e38 stdenv: detect the type of variable in {prepend,append}ToVar
stdenv: error if using {prepend,append}ToVar on associative array

i don't know how to prepend to associative array
2022-12-10 04:42:36 +02:00
Artturin
bb914d8676 stdenv: export system pname name version for substituteAll
so we don't have to add these to the env attrset
2022-12-08 21:09:02 +02:00
Artturin
734d7df235 allow derivation attributes in env
derivations can be coerced to their output paths
2022-12-08 06:13:19 +02:00
Artturin
8ad0103a34 config.structuredAttrsByDefault: add option 2022-12-08 06:13:19 +02:00
Artturin
1c4820efdd work around a nix bug 2022-12-08 06:13:19 +02:00