Commit Graph

1142 Commits

Author SHA1 Message Date
Artturin
e525ae1e1e stdenv: disable shellcheck rule SC2068 & SC1091
this is intentional to support both structuredAttrs and non

In pkgs/stdenv/generic/setup.sh line 614:
for pkg in ${depsBuildBuild[@]} ${depsBuildBuildPropagated[@]}; do
           ^------------------^ SC2068 (error): Double quote array expansions to avoid re-splitting elements.

In pkgs/stdenv/generic/setup.sh line 521:
    local varRef="$varVar[$((targetOffset - hostOffset))]"
                  ^-- SC1087 (error): Use braces when expanding arrays, e.g. ${array[idx]} (or ${var}[.. to quiet).
2023-01-16 23:54:14 +02:00
Artturin
f2c27018f0 stdenv: fix SC2242
exit -1 == exit 255 but we don't have a reason to use 255

In pkgs/stdenv/generic/setup.sh line 518:
    (( hostOffset <= targetOffset )) || exit -1
                                             ^-- SC2242 (error): Can only exit with status 0-255. Other data should be wri
tten to stdout/stderr.
2023-01-16 23:03:21 +02:00
Artturin
e58785bf41 stdenv: disable shellcheck rule SC2048
we use [*] to support structuredAttrs and non

In pkgs/stdenv/generic/setup.sh line 1542:
    for curPhase in ${phases[*]}; do
                    ^----------^ SC2048 (warning): Use "${array[@]}" (with quotes) to prevent whitespace problems.
2023-01-16 08:23:04 +02:00
Artturin
4db439c599 stdenv: disable shellcheck rules
In pkgs/stdenv/generic/setup.sh line 101:
        source "$hookName"
               ^---------^ SC1090 (warning): ShellCheck can't follow non-constant source. Use a directive to specify location.

In pkgs/stdenv/generic/setup.sh line 166:
            mkdir -p "$out/nix-support"
                      ^--^ SC2154 (warning): out is referenced but not assigned.

In pkgs/stdenv/generic/setup.sh line 407:
PATH=
^--^ SC2123 (warning): PATH is the shell search path. Use another name.

In pkgs/stdenv/generic/setup.sh line 452:
declare -a pkgBuildAccumVars=(pkgsBuildBuild pkgsBuildHost pkgsBuildTarget)
           ^---------------^ SC2034 (warning): pkgBuildAccumVars appears unused. Verify use (or export if used e
xternally).
because pkgBuildAccumVars is used

In pkgs/stdenv/generic/setup.sh line 235:
        nameref="$* ${nameref-}"
        ^-----^ SC2178 (warning): Variable was used as an array but is now assigned a string.
because we theres a useArray conditional
2023-01-16 08:01:38 +02:00
Artturin
0417f953e2 stdenv: fix SC2004 & SC2086
SC2004 (style): $/${} is unnecessary on arithmetic variables.
SC2086 (info): Double quote to prevent globbing and word splitting.
2023-01-16 07:54:19 +02:00
Artturin
0e8263ce73 stdenv: fix SC2223
In pkgs/stdenv/generic/setup.sh line 36:
    : ${outputs:=out}
      ^-------------^ SC2223 (info): This default assignment may cause DoS due to globbing. Quote it.
2023-01-16 07:54:19 +02:00
Artturin
856f3a46b2 stdenv: drop remove unnecessary env var
and the associated obsolete functions

support for log nesting was removed in 2017 6669a3b477
2023-01-15 23:56:23 +02:00
Robert Hensing
bff126ffbc stdenv.mkDerivation: Make overrideAttrs overridable
(cherry picked from commit 43c8b43f808f48fd5600afcad5503eaeaf6d71b7)
2023-01-15 04:37:14 +02:00
Artturi
f338f1422e
Merge pull request #209371 from Artturin/gziprepro
gzip: make reproducible when GZIP_NO_TIMESTAMPS is set
2023-01-15 00:04:51 +02:00
Artturin
88f36d2694 gzip: make reproducible when GZIP_NO_TIMESTAMPS is set
the logic can be tested with

```
$ GZIP_NO_TIMESTAMPS=1 && echo "${GZIP_NO_TIMESTAMPS:+-n }"
-n
$ unset GZIP_NO_TIMESTAMPS && echo "${GZIP_NO_TIMESTAMPS:+-n }"

```
2023-01-12 01:30:29 +02:00
github-actions[bot]
b3d2428df4
Merge staging-next into staging 2023-01-11 20:59:01 +00:00
github-actions[bot]
a113c6f06f
Merge master into staging-next 2023-01-11 20:58:29 +00:00
Adam Joseph
098c6b0bec check-meta(hasUnsupportedPlatform): use lib.meta.availableOn
`hasUnsupportedPlatform` was not updated with #37395, so it does not
understand attrsets in `meta.[bad]platforms`.  In particular,
attrsets in `meta.badPlatforms` will "fail open" and be ignored.

Let's use `lib.meta.availableOn` instead of duplicating its logic.

Thanks to @alyssais for [noticing][1].

[1][https://github.com/NixOS/nixpkgs/pull/194148#discussion_r990817610]

Co-authored-by: sternenseemann <sternenseemann@systemli.org>
2023-01-11 19:31:52 +00:00
Artturin
314b03125f stdenv: don't fail installPhase on missing makefile
otherwise the build just fails with 'make: *** No rule to make target 'install'.  Stop.'

and update buildPhase message

i don't know if the 'makefile may have been created in buildPhase' is
true but i guess it might be possible
2023-01-06 03:01:39 +02:00
github-actions[bot]
789ae2c93d
Merge staging-next into staging 2023-01-04 18:01:36 +00:00
Adam Joseph
607d59fa9e check-meta.nix: make non-source consistent with documentation
The documentation for `meta.sourceProvenance` in
`doc/stdenv/meta.chapter.md` says: "the `meta.sourceProvenance`
attribute should be a list containing one or more value..."

Let's update check-meta.nix to require that `meta.sourceProvenance` is
a list, as the documentation says, rather than a single element.

Adding two extra keystrokes `[` and `]` when filling out this field is
an insignificant burden for package authors, and being able to assume
that the `meta.sourceProvenance` field is always a list greatly
simplifies any code that acts on the value of this field.

Since `meta.sourceProvenance` was just merged a few hours ago now is
the easiest time to fix this: nobody is using the feature yet.
2023-01-01 18:21:11 -08:00
Jan Tojnar
5810109b42 Merge branch 'staging-next' into staging
- readline6 attribute removed from all-packages.nix in d879125d61
- readline attribute was bumped to readline82 in 50adabdd60
2023-01-02 03:04:32 +01:00
Naïm Favier
4af22aab8e
stdenv/check-meta: do deep type checks
Use a wrapper around `mergeDefinitions` to type-check values deeply, so
that e.g. `maintainers = [ 42 ];` is an error.
2023-01-01 14:10:42 +01:00
github-actions[bot]
dc7ebb0163
Merge staging-next into staging 2022-12-18 18:01:41 +00:00
figsoda
ec8cb34358 treewide: fix typos 2022-12-17 19:39:44 -05:00
Sergei Trofimovich
428107f837 stdenv: set enableParallelBuilding explicitly if enableParallelBuildingByDefault is set
Without the change we don't propagate `enableParallelBuilding = true`
and leave most builds sequential.

Noticed on `mythtv` package which did not specify parallelism and
`config.enableParallelBuildingByDefault = true` had no effect.
2022-12-17 22:23:24 +00:00
Naïm Favier
0b067316d4
stdenv: use intersectAttrs instead of intersectLists
Better complexity.
2022-12-17 12:55:44 +01:00
Naïm Favier
84eebc0fe4
Merge pull request #205944 from ncfavier/structured-attrs-env 2022-12-15 13:27:54 +01:00
Naïm Favier
e14de22618
stdenv: handle env gracefully
Derivations not using `__structuredAttrs` should not attempt to set
environment variables from `env`.

Derivations using `__structuredAttrs` should fail if `env` is not
exportable.
2022-12-15 13:27:11 +01:00
Artturin
630bb71ac5 stdenv: sort defaultNativeBuildInputs alphabetically 2022-12-13 01:12:20 +02:00
Artturin
b3717f6c14 stdenv: remove now unneeded linux conditional 2022-12-13 01:04:29 +02:00
Artturin
7866db71cc stdenv/generic: fix todo 2022-12-13 00:34:48 +02:00
Artturin
11c3127e38 stdenv: detect the type of variable in {prepend,append}ToVar
stdenv: error if using {prepend,append}ToVar on associative array

i don't know how to prepend to associative array
2022-12-10 04:42:36 +02:00
Artturin
bb914d8676 stdenv: export system pname name version for substituteAll
so we don't have to add these to the env attrset
2022-12-08 21:09:02 +02:00
Artturin
734d7df235 allow derivation attributes in env
derivations can be coerced to their output paths
2022-12-08 06:13:19 +02:00
Artturin
8ad0103a34 config.structuredAttrsByDefault: add option 2022-12-08 06:13:19 +02:00
Artturin
1c4820efdd work around a nix bug 2022-12-08 06:13:19 +02:00
Artturin
238a6053c4 stdenv: support opt-in __structuredAttrs
Co-authored-by: Robin Gloster <mail@glob.in>

stdenv: print message if structuredAttrs is enabled

stdenv: add _append

reduces the chance of a user doing it wrong

fix nix develop issue

output hooks don't work yet in nix develop though

making $outputs be the same on non-structuredAttrs and structuredAttrs
is too much trouble.

lets instead make a function that gets the output names

reading environment file '/nix/store/2x7m69a2sm2kh0r6v0q5s9z1dh41m4xf-xz-5.2.5-env-bin'
nix: src/nix/develop.cc:299: std::string Common::makeRcScript(nix::ref<nix::Store>, const BuildEnvironment&, const Path&): Assertion `outputs != buildEnvironment.vars.end()' failed.

use a function to get all output names instead of using $outputs

copy env functionality from https://github.com/NixOS/nixpkgs/pull/76732/commits
2022-12-08 06:13:19 +02:00
github-actions[bot]
77fbd162df
Merge staging-next into staging 2022-11-20 18:01:45 +00:00
Artturin
341e6fd558 splice.nix: start deprecating nativeDrv and crossDrv 2022-11-19 00:04:54 +02:00
Robert Hensing
51518a5fd3 stdenv.tests: Add succeedOnFailure 2022-11-14 19:03:35 +01:00
Sandro Jäckel
9f4143e964
stdenv: fix succeedOnFailure 2022-11-12 19:25:14 +01:00
piegames
87d738e864
Merge #195120: check-meta.nix: fix checkMetaRecursively option 2022-10-16 15:33:16 +02:00
Robert Scott
692512da6a
Merge pull request #193415 from risicle/ris-nixpkgs-allow-nonsource-fix-1
stdenv/check-meta: fix support for `NIXPKGS_ALLOW_NONSOURCE=1`
2022-10-15 01:25:44 +01:00
arcnmx
466fd1439f check-meta.nix: fix checkMetaRecursively option
In specific cases, combining the `checkMeta` and `checkMetaRecursively`
config options would result in `error: infinite recursion encountered`

fixes #193296
2022-10-13 14:25:57 -07:00
Robert Scott
d02ac63f4f stdenv/check-meta: fix support for NIXPKGS_ALLOW_NONSOURCE=1 2022-09-28 23:18:33 +01:00
github-actions[bot]
f18d801779
Merge staging-next into staging 2022-09-28 18:05:53 +00:00
aszlig
8f98a6d39b check-meta: Add isHydraChannel
This is needed in order to mark a certain derivation containing a Nix
expression tarball to Hydra so that it is recognised as a channel.

When I first got an evaluation error due to using this meta attribute, I
was under the impression that nobody outside of Vuizvui[1] is using this
feature and that we don't have any occurrence of isHydraChannel in
Nixpkgs.

However, when working around[2] the issue I assumed that it's not
something that should be included in Nixpkgs because we're not using it
there.

It turned out that my assumption was wrong and we *do* use the attribute
in Nixpkgs, namely via releaseTools.channel, which is similar to what
we're doing in Vuizvui.

Since we already include a bunch of undocumented attributes in
metaTypes, it only makes sense to add isHydraChannel as well since it's
actually documented in the Hydra documentation[3].

[1]: https://github.com/openlab-aux/vuizvui
[2]: https://github.com/openlab-aux/vuizvui/commit/e0685e81b3fdc43a272f0
[3]: 53335323ae/doc/manual/src/jobs.md (meta-fields)

Signed-off-by: aszlig <aszlig@nix.build>
2022-09-28 14:12:45 +02:00
github-actions[bot]
e0bea8e017
Merge staging-next into staging 2022-09-26 00:03:58 +00:00
piegames
6762de9a28 check-meta.nix: type checking changes
- Enable metadata checking by default, see https://github.com/NixOS/nixpkgs/pull/25304#issuecomment-298385426
- Check metadata before any other package issues, see https://github.com/NixOS/nixpkgs/issues/191124#issuecomment-1246523976
- Document that type checks only apply to the top level of nested values.

Co-authored-by: Valentin Gagarin <valentin.gagarin@tweag.io>
2022-09-25 16:37:15 +02:00
Graham Christensen
c2b898da76 treewide: drop -l$NIX_BUILD_CORES
Passing `-l$NIX_BUILD_CORES` improperly limits the overall system load.

For a build machine which is configured to run `$B` builds where each
build gets `total cores / B` cores (`$C`), passing `-l $C` to make will
improperly limit the load to `$C` instead of `$B * $C`.

This effect becomes quite pronounced on machines with 80 cores, with
40 simultaneous builds and a cores limit of 2. On a machine with this
configuration, Nix will run 40 builds and make will limit the overall
system load to approximately 2. A build machine with this many cores
can happily run with a load approaching 80.

A non-solution is to oversubscribe the machine, by picking a larger
`$C`. However, there is no way to divide the number of cores in a way
which fairly subdivides the available cores when `$B` is greater than
1.

There has been exploration of passing a jobserver in to the sandbox,
or sharing a jobserver between all the builds. This is one option, but
relatively complicated and only supports make. Lots of other software
uses its own implementation of `-j` and doesn't support either `-l` or
the Make jobserver.

For the case of an interactive user machine, the user should limit
overall system load using `$B`, `$C`, and optionally systemd's
cpu/network/io limiting features.

Making this change should significantly improve the utilization of our
build farm, and improve the throughput of Hydra.
2022-09-22 16:01:23 -04:00
Matthew Bauer
ec4019f6dc Set inherit_errexit after bash version check
inherit_errexit wasn’t available in bash 3. We have a check to show a
nice error message, but that check is after we set inherit_errexit in
setup.sh. So we can just move this to below the BASH_VERSINFO check.
2022-08-21 23:01:55 -04:00
Sandro
09cb5e8416
Merge pull request #183507 from Artturin/stdenvmeson1 2022-08-01 23:06:51 +02:00
github-actions[bot]
e8ce2f4a26
Merge master into staging-next 2022-08-01 18:01:20 +00:00
Artturin
9f309c8792 stdenv: mesonFlags: use canExecute in needs_exe_wrapper
this is more accurate
2022-08-01 20:03:47 +03:00
Robert Hensing
12a060dbbc
Merge pull request #183967 from Ericson2314/small-stdenv-cleanup
stdenv: Two small cleanups
2022-08-01 14:37:42 +02:00
github-actions[bot]
15686bdd94
Merge master into staging-next 2022-07-30 18:01:31 +00:00
Alyssa Ross
5330c0a1af
treewide: use isAarch where appropriate 2022-07-30 16:18:27 +00:00
John Ericson
9d59a4df78 stdenv/common-path.nix: move to stdenv/generic/
Do this since it is part of the generic stdenv/`mkDerivation`
infrastructure, rather than being a bootstrapping strategy.
2022-07-29 18:24:00 -04:00
Artturi
79e8669003
Merge pull request #179603 from Artturin/subplacemultiple 2022-07-24 04:14:09 +03:00
Artturi
111abd87ca
Merge pull request #168590 from amjoseph-nixpkgs/stdenv-disallowedReferences
stdenv: use disallowedRequisites to check forbidden requisites
2022-07-18 02:51:23 +03:00
Artturin
ca2ca8b194 stdenv: start deprecating non-list mesonFlags
the motivation for this is to simplify stdenv and ease the job of
reviewers due to them needing to tell contributors about the defacto
rule that mesonFlags should be a list of strings
2022-07-06 15:23:20 +03:00
Artturin
3173c3b6b6 stdenv: start deprecating non-list cmakeFlags
the motivation for this is to simplify stdenv and ease the job of
reviewers due to them needing to tell contributors about the defacto
rule that cmakeFlags should be a list of strings
2022-07-05 04:05:30 +03:00
Artturin
ba1efa71ae stdenv: substituteInPlace: accept multiple filenames
I don't know if getopt is available everywhere, so I did not use it.

in any case, it can be changed to use getopt in the future if
needed.
2022-06-29 22:03:19 +03:00
github-actions[bot]
5b9ee17283
Merge master into staging-next 2022-06-24 00:02:29 +00:00
Sergei Trofimovich
b0f5f5cc96
Merge pull request #178408 from trofi/add-config.enableParallelBuildingByDefault
config.configurePlatformsByDefault: init option
2022-06-23 21:32:59 +00:00
Rick van Schijndel
adafa1cb42
Merge pull request #178626 from a-m-joseph/pr/168413fallout/mktemp
setup.sh: use six `X` characters in `mktemp` invocation
2022-06-23 06:45:40 +02:00
Rick van Schijndel
f104ffc941
Merge pull request #177789 from a-m-joseph/pr/setup/busyboxfind
setup.sh: use -exec rather than -execdir
2022-06-23 06:40:38 +02:00
Adam Joseph
97bf76b3b3 setup.sh: use six X characters in mktemp invocation
Closes #178625

The `busybox` version of `mktemp` requires exactly six `X` characters
in the argument to `mktemp`, unlike the `coreutils` version of `mktemp`.

Let's accomodate packages, like `epson-escpr2`, which fool `setup.sh`
into using the `busybox` version instead of the `stdenv` version.
2022-06-22 12:46:22 -07:00
Sergei Trofimovich
c534d056fe pkgs/stdenv/generic/make-derivation.nix: add a bug reference to strictDepsByDefault TODO 2022-06-21 19:03:43 +01:00
Sergei Trofimovich
db09d70d33 config.configurePlatformsByDefault: init option
Useful to enable tree-wide occasionally to have incremental progress
towards https://github.com/NixOS/nixpkgs/pull/87909 resolution.
2022-06-21 09:23:13 +01:00
Adam Joseph
64fc13ff1d setup.sh: use -exec rather than -execdir
Busybox's `find` does not support `-execdir`, so let's uses `-exec`
instead, in the spirit of requiring the minimum features needed for
the task.
2022-06-15 12:10:44 -07:00
github-actions[bot]
caada97a27
Merge master into staging-next 2022-06-14 00:02:11 +00:00
Robert Schütz
38c776b679 stdenv/check-meta: support NIXPKGS_ALLOW_NONSOURCE=0 2022-06-13 19:08:17 +00:00
github-actions[bot]
a1bbd60cb7
Merge staging-next into staging 2022-06-05 18:01:45 +00:00
Robert Hensing
cd88f8613f pkgs/make-derivation.nix: Refactor, hardcode mkDerivationSimple 2022-06-05 13:36:56 +02:00
Robert Hensing
7e3c80f5b7 pkgs/make-derivation.nix: Refactor, inline makeOverlayable 2022-06-05 13:35:04 +02:00
Robert Hensing
1b00adbad1 pkgs/make-derivation.nix: Refactor, introduce let binding 2022-06-05 13:33:35 +02:00
github-actions[bot]
dc4d841894
Merge staging-next into staging 2022-06-02 00:03:03 +00:00
Sandro
4c3e9f091a
check-meta: fix comment (#175517)
* check-meta: fix comment

* Apply suggestions from code review
2022-06-02 01:38:57 +02:00
github-actions[bot]
2d502cf3a4
Merge staging-next into staging 2022-05-30 12:02:11 +00:00
Robert Scott
5bb9bf4774 meta.sourceProvenance: inline hasSourceProvenance
it may be what the license handling code does, but it's confusing and not very useful

Co-authored-by: Adam Joseph <54836058+a-m-joseph@users.noreply.github.com>
2022-05-30 16:27:34 +08:00
Robert Scott
7906ea6d9d allowNonSourcePredicate: use example of categorical permissivity
Co-authored-by: Adam Joseph <54836058+a-m-joseph@users.noreply.github.com>
2022-05-30 16:27:34 +08:00
Robert Scott
095eb91533 meta.sourceProvenance: disallow string values
strings complicate reasoning about values and may not be needed with `sourceProvenance`

Co-authored-by: Alexander Foremny <aforemny@posteo.de>
2022-05-30 16:27:34 +08:00
Robert Scott
da9162f667 add mechanism for handling meta.sourceProvenance attributes
heavily based on patterns used by licenses infrastructure, so may
appear overengineered for its initial level of use
2022-05-30 16:27:34 +08:00
Adam Joseph
97c43828fb fixLibtool(): patch ./configure, add file to common-path.nix
libtool's libtool.m4 script assumes that `file` is available, and can
be found at `/usr/bin/file` (this path is hardwired).  Furthermore,
the script with this assumption is vendored into the ./configure
scripts of an enormous number of packages.  Without this commit, you
will frequently see errors like this during the configurePhase with
the sandbox enabled:

  ./configure: line 9595: /usr/bin/file: command not found

Due mostly to luck, this error does not affect native compiles on
nixpkgs' two most popular platforms, x86_64-linux and aarch64-linux.
However it will cause incorrect linker flag detection and a failure to
generate shared libraries for sandboxed cross-builds to a x86_64-linux
host as well as any sandboxed build (cross or native) for the following
hosts: x86_64-freebsd, *-hpux, *-irix, mips64*-linux, powerpc*-linux,
s390x-linux, s390x-tpf, sparc-linux, and *-solaris.

This commit fixes the problem by adding an extra line to fixLibtool()
in pkgs/stdenv/generic/setup.sh.  This extra line will scan the
unpacked source code for executable files named "configure" which
contain the following text:

'GNU Libtool is free software; you can redistribute it and/or modify'

This text is taken to be an indicator of a vendored libtool.m4.  When
it is found, the configure script containing it is subjected to `sed
-i s_/usr/bin/file_file_` which replaces all occurrences of
`/usr/bin/file` with `file`.

Additionally, the `file` package is now considered to be part of
`stdenv`.  It has been added to `common-path.nix` so that the `file`
binary will be found in the `$PATH` of every build, except for the
bootstrap-tools and the first few stages of stdenv boostrapping.

Verified no regressions under:

  nix-build --arg pkgs 'import ./. {}' ./lib/tests/release.nix

This commit allows the following commands to complete, which should
enable Hydra to produce bootstrap-files for mips64el:

  nix-build \
    --option sandbox true \
    --option sandbox-fallback false \
    pkgs/top-level/release-cross.nix \
    -A bootstrapTools.mips64el-linux-gnuabi64.build

  nix-build \
    --option sandbox true \
    --option sandbox-fallback false \
    . \
    -A pkgsCross.mips64el-linux-gnuabi64.nix_2_4
2022-05-26 13:53:36 -07:00
sternenseemann
41485e7337 stdenv.mkDerivation: be less strict about check execution for cross
Instead of requiring the platforms be equal, use `isCompatible` to
determine if we can execute tests. The upside of this is that we now
can execute tests for natively cross compiled package sets like
pkgsStatic, pkgsLLVM and pkgsCross.musl64 etc.
2022-05-23 21:25:04 +02:00
Artturin
6d54fe622d stdenv: start deprecating non-list configureFlags
the motivation for this is to simplify stdenv and ease the job of
reviewers due to them needing to tell contributors about the defacto
rule that configureFlags should be a list of strings
2022-05-18 20:32:33 +03:00
Artturi
22f6a17b22
Merge pull request #172570 from Artturin/epbbydefault 2022-05-13 20:46:33 +03:00
Artturin
a17e1b8809 config.enableParallelBuildingByDefault: init option
useful for testing if some builds could be faster
2022-05-11 16:41:30 +03:00
Linus Heckemann
676e4d42d6
Merge pull request #157106 from lheckemann/better-error-for-bad-buildinputs
stdenv/make-derivation: check that all inputs are of an appropriate type
2022-05-11 11:28:11 +02:00
elikoga
04f6a432c4
Update link from old nix manual to current stable one
https://github.com/NixOS/rfcs/pull/72
2022-05-08 05:20:34 +02:00
Linus Heckemann
b3e8855999 make-derivation: allow strings in build input lists 2022-05-07 10:42:50 +02:00
Artturi
f0e48dd98b
Merge pull request #119942 from hercules-ci/mkDerivation-overridable-recursive-attributes 2022-05-04 14:31:50 +03:00
ckie
4def222ea4
stdenv/check-meta: add a "maintainerless" warning
This warning logs when a package has no maintainers. It will stay silent
if `meta.maintainers` is not set at all, only complaining when it is an
empty list. In the future a separate warning could be added to allow for
that stricter behavior. Or this warning could be changed.
2022-05-03 22:29:14 +03:00
ckie
3a34b6c820
stdenv/check-meta: add an eval warning option
This will be used in the next commit in this patch series.
2022-05-03 22:29:12 +03:00
ckie
5e420c2455
stdenv/check-meta: turn validity.valid into a str
This will allow for adding more validity types in the future, such as a
warning type. (which is in the next commit in this series)

This is NOT a breaking change because validity.valid is never exposed
outside of `stdenv.mkDerivation`.
2022-05-03 22:28:25 +03:00
Artturin
9f05fc6661 config.allowUnsupportedSystem: define as option 2022-05-02 20:39:43 +03:00
Artturin
9f473092f8 config.allowBroken: define as option 2022-05-02 17:20:44 +03:00
Artturin
1c49b81263 config.allowUnfree: define as option 2022-05-02 17:20:25 +03:00
Robert Hensing
0e00acafe9 stdenv.mkDerivation: public -> finalPackage 2022-05-02 08:49:33 +02:00
Robert Hensing
37ab5b4396 mkDerivation: Add error hint for infinite recursion 2022-05-02 08:49:32 +02:00
Robert Hensing
41b3688ba1 make-derivation.nix: Remove unnecessary TODO
The goal was to keep the number of calls to a minimum, but that
would come at the cost of clobbering git blame and possibly not
improving readability.
2022-05-02 08:49:31 +02:00
Robert Hensing
6d7efb3a16 stdenv.mkDerivation: Make self more overlay-like; use self.public
`self` is now arguments, like `super`. The final package is in
`self.public`.
2022-05-02 08:49:31 +02:00
Robert Hensing
a4e7085227 stdenv.mkDerivation: Allow overriding of recursive definitions
See updated manual for further explanation.
2022-05-02 08:49:26 +02:00
Artturin
33415135b0 config.contentAddressedByDefault: init option 2022-04-27 23:21:32 +03:00
Artturin
d76021402d config.strictDepsByDefault: init option
so i won't have to change make-derivation.nix when i wan't to make this
true
2022-04-27 23:21:21 +03:00
Adam Joseph
9d60e3dd29 stdenv: use disallowedRequisites to check forbidden requisites 2022-04-13 23:13:33 -07:00
github-actions[bot]
3dc8bd98b9
Merge staging-next into staging 2022-04-06 00:02:41 +00:00
Vladimír Čunát
b4729bad3d
Merge #165406: staging-next 2022-03-23 2022-04-05 20:34:08 +02:00
Linus Heckemann
235fe92e42 make-derivation: allow nested lists in buildInputs
This isn't really desirable in general, but given that Nix itself
currently relies on this behaviour and that we don't want to break
backwards compatibility we should support it for now, maybe
deprecating it in the future.
2022-04-05 12:20:38 +02:00
Linus Heckemann
dbdacbca8e Merge remote-tracking branch 'upstream/nixos-unstable' into better-error-for-bad-buildinputs 2022-04-02 23:12:56 +02:00
Linus Heckemann
93681a52a5 stdenv: check that all inputs are of an appropriate type
Fixes #24462
2022-04-02 19:09:10 +02:00
Artturin
1e2a288f0e stdenv: print the time the phase took if it was longer than 30s
will be useful for finding why a build runs for a long time on hydra
because of tests or the build etc etc
2022-04-02 00:42:02 +03:00
Robert Hensing
7e0ef81015 stdenv.mkDerivation: Always sanitize derivation name 2022-03-30 10:29:19 +02:00
github-actions[bot]
8357b101a5
Merge staging-next into staging 2022-03-25 12:02:05 +00:00
Vladimír Čunát
0a8b4eddd2
Merge branch 'master' into staging-next 2022-03-25 10:16:56 +01:00
Artturin
33cce15e42 treewide: remove meta.repositories
there's no documentation for meta.repositories and its not widely used
2022-03-24 23:56:14 +02:00
sternenseemann
b5cad4d4a4 stdenv/setup.sh: make sure $sourceRoot has +x before cd-ing
This change is prompted by the following, admittedly cursed tarball:

```
> curl https://registry.npmjs.org/char-regex/-/char-regex-1.0.2.tgz 2>/dev/null \
  | tar -ztv
drw-rw-rw- 0/0               0 2020-02-18 10:50 package
-rw-rw-rw- 0/0             297 2020-02-18 10:50 package/index.d.ts
-rw-rw-rw- 0/0            1920 2020-02-18 10:50 package/index.js
-rw-rw-rw- 0/0            1092 2020-01-31 11:31 package/LICENSE
-rw-rw-rw- 0/0             937 2020-02-18 10:51 package/package.json
-rw-rw-rw- 0/0             713 2020-02-18 10:50 package/README.md
```

The minimal reproducer for the issue is the following derivation trying
to work around the uid 0 issue with `dontMakeSourcesWritable = true`:

```nix
{ stdenv, fetchurl }:

stdenv.mkDerivation {
  name = "test";

  src = fetchurl {
    sha1 = "d744358226217f981ed58f479b1d6bcc29545dcf";
    url = "https://registry.npmjs.org/char-regex/-/char-regex-1.0.2.tgz";
  };

  dontMakeSourcesWritable = true;

  installPhase = ''
    cp -R . $out
  '';
}
```

This currently fails in the following way:

```
these derivations will be built:
  /nix/store/pc3jbydl0xcc8nrndf5xkf7hdhpgpb41-test.drv
building '/nix/store/pc3jbydl0xcc8nrndf5xkf7hdhpgpb41-test.drv'...
unpacking sources
unpacking source archive /nix/store/v9p98kqplf4kflmy91p0687xlvr6klb1-char-regex-1.0.2.tgz
source root is package
find: 'package/index.d.ts': Permission denied
find: 'package/index.js': Permission denied
find: 'package/LICENSE': Permission denied
find: 'package/package.json': Permission denied
find: 'package/README.md': Permission denied
/nix/store/6c47azxacncswc1pllzj28zfzqw40d7c-stdenv-linux/setup: line 1311: cd: package: Permission denied
builder for '/nix/store/pc3jbydl0xcc8nrndf5xkf7hdhpgpb41-test.drv' failed with exit code 1
error: build of '/nix/store/pc3jbydl0xcc8nrndf5xkf7hdhpgpb41-test.drv' failed
```

As you can see, the issue is that `$sourceRoot` isn't executable,
prohibiting the call to `cd`. This can be fixed by running
`chmod +x "${sourceRoot}"` before `cd` regardless of
`dontMakeSourcesWritable` in `unpackPhase` since if `chmod` fails, `cd`
would fail as well and we are out of options.

Verified that the workaround works locally.

Another thing to investigate is investigating if we should use
`--no-same-owner` for `tar` and if it helps in this case as well.
See also <https://github.com/Profpatsch/yarn2nix/issues/56>.
2022-03-24 11:13:38 +01:00
github-actions[bot]
c15f51235d
Merge staging-next into staging 2022-03-07 12:02:15 +00:00
Sandro Jäckel
b7da6c7da7
stdenv, dep-licenses.sh: do not skip handling of other exit traps
See https://github.com/akinomyoga/ble.sh/issues/179
2022-02-20 16:27:24 +01:00
Naïm Favier
1ffdf02435
stdenv/check-meta: remove onlyLicenses check 2022-02-17 13:09:24 +01:00
Dmitry Kalinkin
3087088c41
Merge branch 'staging-next' into staging
Conflicts:
	pkgs/top-level/aliases.nix
	pkgs/top-level/python-aliases.nix
2022-02-01 21:37:39 -05:00
matthewcroughan
7bea56b425 stdenv/check-meta: add note for Flake usage
Flake users that use a command like `nix build nixpkgs#hello` on a
broken/insecure package will not be able to use an environment variable
to override that behavior, unless they pass `--impure` to the command.

Co-authored-by: pkharvey <kayharvey@protonmail.com>
2022-02-01 13:23:46 -05:00
Jan Tojnar
2da5ce4ab3 Merge branch 'staging-next' into staging
; Conflicts:
;	pkgs/development/python-modules/fakeredis/default.nix
2022-01-28 14:05:11 +01:00
Sandro
27cccd4e49
Merge pull request #151363 from Stunkymonkey/doc-updateWalker 2022-01-27 14:06:36 +01:00
Felix Buehler
59c55f4558 update-walker: remove because unused 2022-01-26 21:46:59 +01:00
Sandro Jäckel
24880b690b stdenv: fix shellcheck complaining about things not being posix compliant 2022-01-23 03:50:23 +01:00
Sandro Jäckel
37fdba0b4f stdenv: restore bash options -e/-u to the values they where before
Source https://github.com/akinomyoga/ble.sh/issues/169#issuecomment-1019049032

Author: akinomyoga
2022-01-23 03:50:09 +01:00
Naïm Favier
f2065d81ad stdenv/generic: introduce shellDryRun
Add `shellDryRun` to the generic stdenv and substitute it for uses of
`${stdenv.shell} -n`. The point of this layer of abstraction is to add
the flag `-O extglob`, which resolves #126344 in a more direct way.
2021-12-27 20:30:01 -05:00
github-actions[bot]
e38de71da8
Merge master into staging-next 2021-12-25 00:01:28 +00:00
rembo10
eefebccc12 cmake make-derivation: fix hostPlatform uname release when cross compiling 2021-12-24 13:18:42 +05:30
github-actions[bot]
209e8d0932
Merge master into staging-next 2021-12-11 00:01:48 +00:00
Vladimir Serov
523c701c0b
stdenv: move overriden stdenv in closure
Before that, base stdenv passed non-makeOverridable version of itself
inside. This cause it to be lost on package-name.stdenv.
2021-11-27 01:23:32 +03:00
Alyssa Ross
2ebeb02a99 stdenv/setup: tell libtool about library paths
Packages that use libtool run it as a wrapper around the linker.
Before calling the linker, libtool will determine what libraries would
be linked, and check if there's a corresponding libtool
archive (libfoo.la) file in the same directory .  This file
contains extra information about the library.  This is especially
important for static linking, because static archives don't contain
dependency information, so we need libtool to use the .la files to
figure out which libraries actually need to be linked against.

But in Nixpkgs, this has never worked.  libtool isn't able to find any
libraries, because only the compiler wrapper knows how to find them,
and the compiler wrapper is opaque to libtool.  This is why
pkgsStatic.util-linuxMinimal doesn't build prior to this patch — it
depends on libpam, which depends on libaudit, and if libtool can't
find the .la file, nothing will tell the linker to also link against
libaudit when linking libpam.  (It was previously possible to build a
static util-linux, because linux-pam only recently had the audit
dependency added.)

There are a couple of ways we could fix this, so that libtool knows
where to look for .la files.

 * Set LD_LIBRARY_PATH/DYLD_LIBRARY_PATH/whatever, which libtool will
   examine.  This would have major side effects though, because the
   dynamic linker looks at it too.

 * Inject libtool scripts with the appropriate information.  That's
   what I've done here.  It was the obvious choice because we're
   already finding and modifying the libtool scripts, to remove paths
   outside the Nix store that libtool might check in unsandboxed
   builds.  Instead of emptying out the system paths, we can
   repopulate it with our own library paths.

(We can't use a wrapper like we do for other tools in Nixpkgs, because
libtool scripts are often distributed in source tarballs, so we can't
just add a wrapped version of libtool as a dependency.  That's why
there's already the fixLibtool function in stdenv.)

With this change, libtool is able to discover .la files, and
pkgsStatic.util-linuxMinimal can build again, linking correctly
against libpam and libaudit.
2021-11-23 21:33:16 +00:00
Artturi
0809a3a44b
Merge pull request #137209 from milahu/patch-10 2021-10-25 20:32:06 +03:00
Rick van Schijndel
6a848de95d stdenv: add llvm-config to meson cross file
This is e.g. required to get mesa cross-compiling, but is useful for everyone depending on libllvm
2021-10-13 20:44:10 +02:00
happysalada
a634fbe065 stdenv: add shopt inherit_errexit 2021-10-06 00:42:58 +09:00
happysalada
84e4715a14 stdenv: use named ref to clarify intent 2021-10-06 00:42:29 +09:00
Winter
8cff7796d7
stdenv: re-add isMachO helper function (#138334) 2021-09-17 23:09:06 -04:00
Vladimír Čunát
183cd6b09f
Merge #138186: stdenv: remove isMachO helper function
...into staging-next
2021-09-17 18:31:26 +02:00
Winter
f8edf7720d stdenv: remove isMachO helper function
This reverts commit 488395c0f8.

Currently, `nix print-dev-env` fails to execute if this function is present, because of its use of hex literals.
Until this issue (https://github.com/NixOS/nix/issues/5262) is solved, we should revert this to prevent breakage.
2021-09-16 16:56:12 -04:00
happysalada
33518fcb45 stdenv/setup.sh: fix read -N 0 for bash 5
somehow `read -N 0` behavior changed in bash 5. `read -d ''` has identical behavior
the purpose of the function is to read stdin and exit 1 on a null byte (i.e. if stdin is the content of a binary)

(cherry picked from commit 5d0acf20f8)
2021-09-12 09:48:54 +09:00
milahu
5e2f703e83
unpackFile: ignore timestamp warnings 2021-09-09 20:13:21 +02:00
happysalada
4c92bb8bdf stdenv: fix nix_build_cores guess
- use builtin arithmetic instead of external expr
- simplify logic with bash builtins
2021-09-07 00:36:55 +09:00
happysalada
02c142a2dd stdenv: fix showBuildStats
- remove going through another file
- use builtin instead of external cat
- improve echo formatting
2021-09-06 22:51:33 +09:00
Martin Weinelt
7f732aca66 Revert "Merge remote-tracking branch 'origin/python-unstable' into staging-next"
This reverts commit b041b2e1b2, reversing
changes made to 5b6c2380ad.
2021-09-05 15:02:25 +02:00
happysalada
e32bf6f4f2 stdenv setup.sh: remove combined [ in favor of [[
[ ... ] && [ ...] -> [[ ... && ... ]]
2021-08-30 10:27:45 +09:00
happysalada
fd89fb6248 stdenv: remove bash version compatibility hack 2021-08-30 10:26:56 +09:00
happysalada
13049cd33e stdenv: remove combined command conditional 2021-08-30 10:26:14 +09:00
happysalada
2fa9facc49 stdenv: arithmetic fixes 2021-08-30 10:25:40 +09:00
happysalada
1200c8175c stdenv: reduce io 2021-08-30 10:24:30 +09:00
happysalada
54475daa27 stdenv: declare missing variables 2021-08-30 10:24:00 +09:00
Sebastián Mancilla
488395c0f8
stdenv: add isMachO helper function (#133808)
Detect if a binary is a Mach-O file.
2021-08-21 15:33:03 -04:00
John Ericson
221ca6f2ff
Merge pull request #134463 from Ericson2314/stdenv-adapter-latebind
stdenv: Fix overriding + `overrideAttrs`
2021-08-18 19:01:54 -04:00
John Ericson
b4cc2a2479 pkgs/stdenv/make-derivation: Reindent
We previously make it just be the function, not a single-item attrset,
without deindenting to make a readable diff. No we deindent.
2021-08-18 17:22:52 +00:00
John Ericson
f110a182a6 stdenv: Fix overriding + overrideAttrs
The old stdenv adapters were subtly wrong in two ways:

 - `overrideAttrs` leaked the original, unoverridden `mkDerivation`.

 - `stdenv.override` would throw away any manually-set `mkDerivation`
   from a stdenv reverting to the original.

Now, `mkDerivation` is controlled (nearly directly) via an argument, and
always correctly closes over the final ("self") stdenv. This means the
adapters can work entirely via `.override` without any manual `stdenv //
...`, and both those issues are fixed.

Note hashes are changed, because stdenvs no previously overridden like
`stdenvNoCC` and `crossLibcStdenv` now are. I had to add some
`dontDisableStatic = true` accordingly. The flip side however is that
since the overrides compose, we no longer need to override anything but
the default `stdenv` from which all the others are created.
2021-08-18 17:22:50 +00:00
github-actions[bot]
1b4a28fed4
Merge master into staging-next 2021-08-07 12:01:25 +00:00
Artturin
40944bbab7 stdenv/check-meta: add maxSilent
Hydra supports it
https://github.com/NixOS/hydra/blob/master/src/hydra-eval-jobs/hydra-eval-jobs.cc#L172
2021-08-07 02:18:59 +03:00
Alyssa Ross
0901dfb214 stdenv/setup: force libtool to skip dep checks
When we "fix" libtool, we empty out its system library path to avoid
it discovering libraries in e.g. /usr when the sandbox is disabled.
But this also means that the checks libtool does to make sure it can
find the libraries its supposed to be linking to won't work.  On Linux
and Darwin, this isn't a problem, because libtool doesn't actually
perform any checks, but it is on at least NetBSD and Cygwin[1].

So, we force libtool not to do these checks on any platform, bringing
the more exotic platforms into line with the existing behaviour on
Linux and Darwin.

Without this change, lots of library packages produce warnings like
this in their build output on the platforms with checks by default:

    *** Warning: linker path does not have real file for library -lz.
    *** I have the capability to make that library automatically link in when
    *** you link to this library.  But I can only do this if you have a
    *** shared version of the library, which you do not appear to have
    *** because I did check the linker path looking for a file starting
    *** with libz but no candidates were found. (...for regex pattern test)
    *** The inter-library dependencies that have been dropped here will be
    *** automatically added whenever a program is linked with this library
    *** or is declared to -dlopen it.

And dependent packages break because libtool doesn't link their
transitive dependencies.  So making this change fixes _lots_ of
packages on those platforms.

[1]: https://git.savannah.gnu.org/cgit/libtool.git/tree/m4/libtool.m4?id=544fc0e2c2a03129a540aebef41ad32bfb5c06b8#n3445
2021-07-27 20:42:31 +00:00
happysalada
4fc50527f8 stdenv: typo 2021-07-19 14:49:47 +09:00
Niklas Hambüchen
3ac484ef83
Merge pull request #129328 from nh2/manual-fix-hardening-flags-sections
manual: hardening: Fix disabled flags prose being in previous section
2021-07-05 23:11:22 +02:00
Niklas Hambüchen
ac36a0f9eb manual: hardening: Fix disabled flags prose being in previous section
This confused the hell out of me, as I didn't spot the

> The following flags are disabled by default ...

when reading about `pie`, because that sentence was hidden in the
previous hardening flag's section.

Also explain that `pie` hardening is on by default on musl.
2021-07-05 16:32:55 +02:00
Sandro
d871186cdf
Merge pull request #108102 from matthewbauer/bash-version-check
stdenv/setup.sh: Add version check to setup script
2021-06-24 13:06:46 +02:00
Matthew Bauer
8fa084dc0f stdenv/setup.sh: Add version check to setup script
Only bash 4+ works in setup.sh. To make sure this is obvious, we can
check BASH_VERSINFO to get the major version number of Bash.

While Bash 3 is pretty rare, it still comes stock in macOS.

We *could* provide a warning here for non-Bash shells, but it’s not
always clear whether they will work or not. Zsh should have no trouble
while busybox sh, fish, or any others. There’s no great way to detect
what feature set the shell supports.

Fixes #71625
2021-06-23 01:32:58 -05:00
Ben Siraphob
d2c9f816e3 stdenv: remove lib 2021-06-03 19:50:15 +07:00
github-actions[bot]
9cf0393c37
Merge staging-next into staging 2021-04-28 18:14:28 +00:00
John Ericson
50a11f4f43
Merge pull request #120993 from regnat/easy-ca
Make the bootsrap respect the contentAddressedByDefault setting
2021-04-28 11:27:59 -04:00
regnat
14f66d60a7 Make the bootsrap respect the contentAddressedByDefault setting
Patch every `derivation` call in the bootsrap process to add it a
conditional `__contentAddressed` parameter.

That way, passing `contentAddressedByDefault` means that the entire
build closure of a system can be content addressed
2021-04-28 10:25:49 +02:00
github-actions[bot]
489dda0090
Merge staging-next into staging 2021-04-27 00:15:12 +00:00
sternenseemann
b0c26d2c40 pkgs/stdenv/make-derivation: move hostSuffix before the version
Adding the hostSuffix to the end of the derivation's name is problematic
since some stuff, including user facing programs like nix-env rely on
the behavior of parseDrvName instead of pname and version.
builtins.parseDrvName currently thinks that the cross compilation target
added via hostSuffix is part of the version. This has the practical
consequence for example that nix-env would think a cross compiled
derivation would be an updated version of a native derivation of the
same package and version — breaking user's profiles.

We can easily prevent this by moving the hostSuffix in between pname and
version. In case name is passed to mkDerivation this is of course not
possible and we are forced to fall back to the old behavior.

This change could serve as a replacement for the migitation we
introduced with the -static appendix to pname in order to avoid
confusion between nix and nixStatic as outlined in the comment added
with this commit.
2021-04-26 20:40:52 +02:00
github-actions[bot]
f0290a5d27
Merge staging-next into staging 2021-04-26 18:14:28 +00:00
Eelco Dolstra
6b19be4124
Merge pull request #120316 from regnat/easy-ca
Make it easy to try out content-addressed derivations
2021-04-26 16:21:05 +02:00
regnat
559c5792ef Remove the NIXPKGS_CA_BY_DEFAULT env variable
Not really needed, and not desired either
2021-04-26 16:20:13 +02:00
Ana Hobden
acfddd576e stdenv: support mainProgram in meta
Support `mainProgram` as an attribute of `meta` for packages.

This is an attribute used by [`nix
run`](https://nixos.org/manual/nix/unstable/command-ref/new-cli/nix3-run.html#description)
to customize the main program of a package.

For example, `pkgs.neovim` provides a `/bin/nvim` executable which users
would (almost certainly) prefer `nix run` to execute instead of a
non-existing `/bin/neovim`.

Signed-off-by: Ana Hobden <operator@hoverbear.org>
2021-04-25 21:19:49 -07:00
John Ericson
f684c917a6 stdenvNoCC: Fix hasCC attr during cross, remove noCC
`hasCC` was getting overridden in the cross bootstrapping (for GHCJS),
which preventing the default logic from re-triggering for `stdenvNoCC`.

Also remove `stdenv.noCC` which is obseleted by `stdenv.hasCC`.
2021-04-23 21:54:42 +00:00
regnat
cc5b30c6ac Make it easy to build everything as content-addressed
Add a config field `contentAddressedByDefault` and an associated
environment variable `NIXPKGS_CA_BY_DEFAULT` to make every nixpkgs
derivation content-addressed by default
2021-04-23 10:54:38 +02:00
regnat
2f45625673 Allow easily marking a derivation as content-addressed 2021-04-23 10:49:10 +02:00
github-actions[bot]
6ef7c23763
Merge master into staging-next 2021-04-19 18:11:51 +00:00
Alyssa Ross
730a9a04fa
stdenv.isBSD: reinit
This was removed in e29b0da9c7, because
it was felt it was ambiguous whether isBSD should remove Darwin.

I think it should be reintroduced.  Packages sometimes have their own
concepts of "is BSD" e.g. Lua, and these almost never include Darwin,
so let's keep Darwin excluded.

Without a way to say "is this BSD", one has to list all flavours of
BSD seperately, even though fundamentally they're still extremely
similar.  I don't want to have to write the following!

    stdenv.isFreeBSD || stdenv.isNetBSD || stdenv.isOpenBSD || stdenv.isDragonFlyBSD

Additionally, we've had stdenv.hostPlatform.isBSD this whole time, and
it hasn't hurt anything.
2021-04-18 20:12:09 +00:00
Vladimír Čunát
d2eb7a7887
Merge branch 'staging' into staging-next
A few conflicts but relatively clear ones (I think).
2021-04-14 10:08:25 +02:00
sternenseemann
851c0f1cb7 stdenv/make-derivation: add -static to name if building statically 2021-04-13 12:33:00 +02:00
sternenseemann
fe0524cd7d stdenv/make-derivation: unify logic for name modifications
Unify the logic for constructing the name from pname and version and
modifying the name in case a host suffix needs to appended. This allows
us to modify the construction of name from pname and version without
having to duplicate it in two places.
2021-04-13 12:31:26 +02:00
Andrew Childs
44f09ccabf darwin: move deployment target and sdk version to platform config 2021-03-26 15:10:22 +09:00
github-actions[bot]
2417360191
Merge master into staging-next 2021-03-24 00:41:10 +00:00
Samuel Dionne-Riel
76552e95cc
stdenv: Fix regression on ARM+static when enabling hardening (#115363)
4e9dc46dea re-enabled hardening for Musl,
which is good.

Though static builds for ARM fail in various ways

 - cross armv7l static does not build
 - cross aarch64 static produces segfaulting dynamically linked binaries
 - native aarch64 static also produces segfaulting dynamically linked binaries

It seems that for native x86_64-linux, static builds are fine though.

This works around the issue by removing PIE from the hardening flags,
keeping all other hardening flags. This is an improvement (I think) from
before 4e9dc46d.

Fixes #114953
2021-03-23 18:45:48 -04:00
Vincenzo Mantova
6ba632c2a4
stdenv: ignore duplicates in addToSearchPath (#113800) 2021-03-13 13:58:21 -05:00
Andrew Childs
d16a8753d9 stdenv: set CMAKE_OSX_ARCHITECTURES appropriately 2021-03-02 17:21:07 +09:00
WORLDofPEACE
4b10920ed1
stdenv/check-meta: change to allowlist and blocklist (#114127)
* stdenv/check-meta: change to allowlist and blocklist

* Update pkgs/stdenv/generic/check-meta.nix

Co-authored-by: Graham Christensen <graham@grahamc.com>
2021-02-23 10:25:18 -05:00
github-actions[bot]
402b752521
Merge master into staging-next 2021-02-11 18:16:48 +00:00
Ben Siraphob
4da3c5ab1e stdenv/generic: recommend lib instead of pkgs.lib in place of stdenv.lib 2021-02-11 11:34:06 +07:00
github-actions[bot]
30dddce5e8
Merge master into staging-next 2021-02-09 06:16:02 +00:00
Bernardo Meurer
129ec8a4a5
stdenv: remove mention of flashplayer (in comments) 2021-02-08 09:38:43 -08:00
github-actions[bot]
194e4e6f80
Merge master into staging-next 2021-02-07 06:16:10 +00:00
Cole Helbling
c7942b0f8b stdenv/generic: allowAliases should default to true if unset
Since the deprecation is fairly recent, we should warn by default.

Also fix the wording of the comment: stdenv.lib will be removed for the 21.11
release, not just deprecated (as it already is deprecated).
2021-02-06 21:30:34 -08:00
Cole Helbling
afbeed62bb stdenv/generic: allowAliases should default to false if unset
Mostly because config.allowAliases doesn't exist unless it's set.
2021-02-06 19:44:30 -08:00
Edmund Wu
5b278c2f48
stdenv/generic: allowAlises -> allowAliases 2021-02-06 22:15:00 -05:00
Ben Siraphob
66e92385b9 stdenv/generic: throw when using stdenv.lib and disallowing aliases 2021-01-31 18:40:19 +07:00
github-actions[bot]
f92395cf3c
Merge staging-next into staging 2021-01-31 06:19:43 +00:00
John Ericson
6717246373
Merge pull request #111284 from siraben/remove-new-stdenv-lib
stdenv: warn about use of inherited lib
2021-01-30 22:28:05 -05:00
Ben Siraphob
227693ed69
Update pkgs/stdenv/generic/default.nix
Co-authored-by: John Ericson <git@JohnEricson.me>
2021-01-31 03:03:11 +00:00
Matthew Bauer
048e0d3f87
Merge pull request #108518 from 4z3/env-vars
stdenv: mute errors when failing to write env-vars
2021-01-30 18:37:10 -06:00
Guillaume Girol
a6840c55c2
Merge pull request #101606 from utsl42/master
Fix hardening default for pkgsMusl to reenable -pie
2021-01-30 15:19:12 +00:00
Ben Siraphob
32e8cec5d9 stdenv: warn about use of inherited lib 2021-01-30 18:42:48 +07:00
John Ericson
9c213398b3 lib: Clean up how linux and gcc config is specified
Second attempt of 8929989614589ee3acd070a6409b2b9700c92d65; see that
commit for details.

This reverts commit 0bc275e634.
2021-01-23 10:01:28 -05:00