aboutsummaryrefslogtreecommitdiff
path: root/doc/manual/rl-next
AgeCommit message (Collapse)Author
2024-10-23libstore: restrict curl protocolseldritch horrors
previously it was possible to fetchurl a dict server, or an ldap server, or an imap server. this is a bit of a problem, both because rare schemes may not be available on all systems, and because some schemes (e.g. scp) are inherently insecure in potentially surprising ways we needn't allow. Change-Id: I18fc567c6f58c3221b5ea8ce927f4da780057828
2024-10-09testsuite: use xdist for parallel test runningJade Lovelace
This is capped at 12 because 3.7 seconds of startup is painful enough and 5.5 seconds with 24 was more annoying. Change-Id: I327db40fd98deaa5330cd9cf6de99fb07b2c1cb0
2024-10-05Add release note for CTRL-C improvementsRebecca Turner
I'm very excited for cl/2016, so others will probably be excited also! Let's add a release note. Change-Id: Ic84a4444241aafce4cb6d5a6d1dddb47e7a7dd7b
2024-09-30Merge "fix(nix fmt): remove the default "." argument" into mainJonas Chevalier
2024-09-28libfetchers/git: restore compat with `builtins.fetchGit` from 2.3Maximilian Bosch
Since fb38459d6e58508245553380cccc03c0dbaa1542, each `ref` is appended with `refs/heads` unless it starts with `refs/` already. This regressed two use-cases that worked fine before: * Specifying a commit hash as `ref`: now, if `ref` looks like a commit hash it will be directly passed to `git fetch`. * Specifying a tag without `refs/tags` as prefix: now, the fetcher prepends `refs/*` to a ref that doesn't start with `refs/` and doesn't look like a commit hash. That way, both a branch and a tag specified in `ref` can be fetched. The order of preference in git is * file in `refs/` (e.g. `HEAD`) * file in `refs/tags/` * file in `refs/heads` (i.e. a branch) After fetching `refs/*`, ref is resolved the same way as git does. Change-Id: Idd49b97cbdc8c6fdc8faa5a48bef3dec25e4ccc3
2024-09-26fix(nix fmt): remove the default "." argumentzimbatm
When `nix fmt` is called without an argument, Nix appends the "." argument before calling the formatter. The comment in the code is: > Format the current flake out of the box This also happens when formatting sub-folders. This means that the formatter is now unable to distinguish, as an interface, whether the "." argument is coming from the flake or the user's intent to format the current folder. This decision should be up to the formatter. Treefmt, for example, will automatically look up the project's root and format all the files. This is the desired behaviour. But because the "." argument is passed, it cannot function as expected. Upstream-PR: https://github.com/nixos/nix/pull/11438 Change-Id: I60fb6b3ed4ec1b24f81b5f0d76c0be98470817ce
2024-09-26Merge changes Iaa2e0e9d,Ia973420f into mainjade
* changes: Fix passing custom CA files into the builtin:fetchurl sandbox [security] builtin:fetchurl: Enable TLS verification
2024-09-25[security] builtin:fetchurl: Enable TLS verificationEelco Dolstra
This is better for privacy and to avoid leaking netrc credentials in a MITM attack, but also the assumption that we check the hash no longer holds in some cases (in particular for impure derivations). Partially reverts https://github.com/NixOS/nix/commit/5db358d4d78aea7204a8f22c5bf2a309267ee038. (cherry picked from commit c04bc17a5a0fdcb725a11ef6541f94730112e7b6) (cherry picked from commit f2f47fa725fc87bfb536de171a2ea81f2789c9fb) (cherry picked from commit 7b39cd631e0d3c3d238015c6f450c59bbc9cbc5b) Upstream-PR: https://github.com/NixOS/nix/pull/11585 Change-Id: Ia973420f6098113da05a594d48394ce1fe41fbb9
2024-09-25main: log stack traces for std::terminateJade Lovelace
These stack traces kind of suck for the reasons mentioned on the CppTrace page here (no symbols for inline functions is a major one): https://github.com/jeremy-rifkin/cpptrace I would consider using CppTrace if it were packaged, but to be honest, I think that the more reasonable option is actually to move entirely to out-of-process crash handling and symbolization. The reason for this is that if you want to generate anything of substance on SIGSEGV or really any deadly signal, you are stuck in async-signal-safe land, which is not a place to be trying to run a symbolizer. LLVM does it anyway, probably carefully, and chromium *can* do it on debug builds but in general uses crashpad: https://source.chromium.org/chromium/chromium/src/+/main:base/debug/stack_trace_posix.cc;l=974;drc=82dff63dbf9db05e9274e11d9128af7b9f51ceaa;bpv=1;bpt=1 However, some stack traces are better than *no* stack traces when we get mystery exceptions falling out the bottom of the program. I've also promoted the path for "mystery exceptions falling out the bottom of the program" to hard crash and generate a core dump because although there's been some months since the last one of these, these are nonetheless always *atrociously* diagnosed. We can't improve the crash handling further until either we use Crashpad (which involves more C++ deps, no thanks) or we put in the ostensibly work in progress Rust minidump infrastructure, in which case we need to finish full support for Rust in libutil first. Sample report: Lix crashed. This is a bug. We would appreciate if you report it at https://git.lix.systems/lix-project/lix/issues with the following information included: Exception: std::runtime_error: lol Stack trace: 0# nix::printStackTrace() in /home/jade/lix/lix3/build/src/nix/../libutil/liblixutil.so 1# 0x000073C9862331F2 in /home/jade/lix/lix3/build/src/nix/../libmain/liblixmain.so 2# 0x000073C985F2E21A in /nix/store/p44qan69linp3ii0xrviypsw2j4qdcp2-gcc-13.2.0-lib/lib/libstdc++.so.6 3# 0x000073C985F2E285 in /nix/store/p44qan69linp3ii0xrviypsw2j4qdcp2-gcc-13.2.0-lib/lib/libstdc++.so.6 4# nix::handleExceptions(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, std::function<void ()>) in /home/jade/lix/lix3/build/src/nix/../libmain/liblixmain.so 5# 0x00005CF65B6B048B in /home/jade/lix/lix3/build/src/nix/nix 6# 0x000073C985C8810E in /nix/store/dbcw19dshdwnxdv5q2g6wldj6syyvq7l-glibc-2.39-52/lib/libc.so.6 7# __libc_start_main in /nix/store/dbcw19dshdwnxdv5q2g6wldj6syyvq7l-glibc-2.39-52/lib/libc.so.6 8# 0x00005CF65B610335 in /home/jade/lix/lix3/build/src/nix/nix Change-Id: I1a9f6d349b617fd7145a37159b78ecb9382cb4e9
2024-09-17Merge "Remove readline support" into mainrebecca “wiggles” turner
2024-09-16Remove readline supportRebecca Turner
Lix cannot be built with GNU readline, and we would "rather not" be GPL. Change-Id: I0e86f0f10dab966ab1d1d467fb61fd2de50c00de
2024-09-09repl: Patch editline to recognize Meta-Left & Meta-RightRebecca Turner
This applies https://github.com/troglobit/editline/pull/70 to our build of editline, which translates `meta-left` and `meta-right` into `fd_word` and `bk_word`. This makes `nix repl` soooo much nicer to use! Note: My terminal renders `meta-left` as `\e\e[C` and `meta-right` as `\e\e[D`. Closes https://git.lix.systems/lix-project/lix/issues/501 Change-Id: I048b10cf17231bbf4e6bf38e1d1d8572cedaa194
2024-08-25Support relative and `~/` paths in config settingsRebecca Turner
Change-Id: I5566a9858ba255f4ac5051d1368c7dfb24460f0a
2024-08-25Merge "fix: good errors for failures caused by allowSubstitutes" into mainjade
2024-08-23fix: good errors for failures caused by allowSubstitutesJade Lovelace
This caused an absolute saga which I would not like anyone else to have to experience. Let's put in a laser targeted error message that diagnoses this exact problem. Fixes: https://git.lix.systems/lix-project/lix/issues/484 Change-Id: I2a79f04aeb4a1b67c10115e5e39501d958836298
2024-08-23fix: use http proxy for s3 accessJade Lovelace
I don't know why the AWS sdk disabled it by default. It would be nice to have test coverage of the s3 store or proxies, but neither currently exist. Fixes: https://git.lix.systems/lix-project/lix/issues/433 Change-Id: If1e76169a3d66dbec2e926af0d0d0eccf983b97b
2024-08-22Merge "Revert "libexpr: Replace regex engine with boost::regex"" into mainjade
2024-08-22Revert "libexpr: Replace regex engine with boost::regex"jade
This reverts commit 447212fa65a80180150b265411924cc638a2c52c. Reason for revert: Regression in eval behaviour bug-compatibility. Expected behaviour (Nix 2.18.5, macOS and Linux [libstdc++/libc++]): ``` nix-repl> builtins.match "\\.*(.*)" ".keep" [ "keep" ] nix-repl> builtins.match "(\\.*)(.*)" ".keep" [ "." "keep" ] ``` Actual behaviour (boost::regex): ``` nix-repl> builtins.match "\\.*(.*)" ".keep" [ ".keep" ] nix-repl> builtins.match "(\\.*)(.*)" ".keep" [ "." "keep" ] ``` Bug: https://git.lix.systems/lix-project/lix/issues/483 Change-Id: Id462eb8586dcd54856cf095f09b3e3a216955b60
2024-08-22Merge "libexpr: Replace regex engine with boost::regex" into mainsugar🍬🍭🏳️‍⚧️
2024-08-22libexpr: Replace regex engine with boost::regexsugar
This avoids C++'s standard library regexes, which aren't the same across platforms, and have many other issues, like using stack so much that they stack overflow when processing a lot of data. To avoid backwards and forward compatibility issues, regexes are processed using a function converting libstdc++ regexes into Boost regexes, escaping characters that Boost needs to have escaped, and rejecting features that Boost has and libstdc++ doesn't. Related context: - Original failed attempt to use `boost::regex` in CppNix, failed due to boost icu dependency being large (disabling ICU is no longer necessary because linking ICU requires using a different header file, `boost/regex/icu.hpp`): https://github.com/NixOS/nix/pull/3826 - An attempt to use PCRE, rejected due to providing less backwards compatibility with `std::regex` than `boost::regex`: https://github.com/NixOS/nix/pull/7336 - Second attempt to use `boost::regex`, failed due to `}` regex failing to compile (dealt with by writing a wrapper that parses a regular expression and escapes `}` characters): https://github.com/NixOS/nix/pull/7762 Closes #34. Closes #476. Change-Id: Ieb0eb9e270a93e4c7eed412ba4f9f96cb00a5fa4
2024-08-21libexpr: Soft-deprecate ancient let syntaxpiegames
Change-Id: I6802b26f038578870ea1fa1ed298f0c4b1f29c4a
2024-08-21libexpr: Soft-deprecate __overridespiegames
Change-Id: I787e69e1dad6edc5ccdb747b74a9ccd6e8e13bb3
2024-08-17libexpr: Deprecate URL literalspiegames
Closes #437. Change-Id: I9f67fc965bb4a7e7fd849e5067ac1cb3bab064cd
2024-08-12release: release notes for 2.91.0Jade Lovelace
Release created with releng/create_release.xsh Change-Id: Ieb6ca02d3cf986b28440fce3792e8c38ce80a33e
2024-08-09rl-next: add extra context to a few release notesJade Lovelace
This was found while writing the release blog post. Change-Id: Ifd55f308d4d4c831273cbe6ea35d29a38e134783
2024-08-09rl-next: fix incorrect CL list syntaxJade Lovelace
This also fixes the script to not pass pre-commit by failing to parse an int if this mistake is made again. Change-Id: I714369f515dc9987cf0c600d54a2ac745ba56830
2024-08-09libstore: deprecate the build-hook settingeldritch horrors
implementing a build hook is pretty much impossible without either being a nix, or blindly forwarding the important bits of all build requests to some kind of nix. we've found no uses of build-hook in the wild, and the build-hook protocol (apart from being entirely undocumented) is not able to convey any kind of versioning information between hook and daemon. if we want to upgrade this infrastructure (which we do), this must not stay Change-Id: I1ec4976a35adf8105b8ca9240b7984f8b91e147e
2024-08-09Merge changes Ib7c80826,I636f8a71,I67669b98 into mainjade
* changes: perl: un-autos your conf build: declare all the deps as -isystem darwin: workaround PROC_PIDLISTFDS on processes with no fds
2024-08-08libexpr: Add experimental pipe operatorpiegames
The |> operator is a reverse function operator with low binding strength to replace lib.pipe. Implements RFC 148, see the RFC text for more details. Closes #438. Change-Id: I21df66e8014e0d4dd9753dd038560a2b0b7fd805
2024-08-07Merge "src/libcmd/repl.cc: allow :log /path/to/store.drv" into mainMax Siling
2024-08-07src/libcmd/repl.cc: allow :log /path/to/store.drvGoldstein
This adds a second form to the `:log` command: it now can accept a derivation path in addition to a derivation expression. As derivation store paths start with `/nix/store`, this is not ambiguous. Resolves: https://git.lix.systems/lix-project/lix/issues/51 Change-Id: Iebc7b011537e7012fae8faed4024ea1b8fdc81c3
2024-08-07darwin: workaround PROC_PIDLISTFDS on processes with no fdsJade Lovelace
This has been causing various seemingly spurious CI failures as well as some failures on people running tests on beta builds. lix> ++(nix-collect-garbage-dry-run.sh:20) nix-store --gc --print-dead lix> ++(nix-collect-garbage-dry-run.sh:20) wc -l lix> finding garbage collector roots... lix> error: Listing pid 87261 file descriptors: Undefined error: 0 There is no real way to write a proper test for this, other than to start a process like the following: int main(void) { for (int i = 0; i < 1000; ++i) { close(i); } sleep(10000); } and then let Lix's gc look at it. I have a relatively high confidence this *will* fix the problem since I have manually confirmed the behaviour of the libproc call is as-unexpected, and it would perfectly explain the observed symptom. Fixes: https://git.lix.systems/lix-project/lix/issues/446 Change-Id: I67669b98377af17895644b3bafdf42fc33abd076
2024-08-04nix flake metadata: print modified dates for input flakesJade Lovelace
This was always in the lock file and we can simply actually print it. The test for this is a little bit silly but it should correctly control for my daring to exercise timezone code *and* locale code in a test, which I strongly suspect nobody dared do before. Sample (abridged): ``` Path: /nix/store/gaxb42z68bcr8lch467shvmnhjjzgd8b-source Last modified: 1970-01-01 00:16:40 Inputs: ├───flake-compat: github:edolstra/flake-compat/0f9255e01c2351cc7d116c072cb317785dd33b33 │ Last modified: 2023-10-04 13:37:54 ├───flake-utils: github:numtide/flake-utils/b1d9ab70662946ef0850d488da1c9019f3a9752a │ Last modified: 2024-03-11 08:33:50 │ └───systems: github:nix-systems/default/da67096a3b9bf56a91d16901293e51ba5b49a27e │ Last modified: 2023-04-09 08:27:08 ``` Change-Id: I355f82cb4b633974295375ebad646fb6e2107f9b
2024-08-04cli: eat terminal codes from stdout alsoJade Lovelace
This *should* be sound, plus or minus the amount that the terminal code eating code is messed up already. This is useful for testing CLI output because it will strip the escapes enough to just shove the expected output in a file. Change-Id: I8a9b58fafb918466ac76e9ab585fc32fb9294819
2024-08-04build: implement clang-tidy using our pluginJade Lovelace
The principle of this is that you can either externally build it with Nix (actual implementation will be in a future commit), or it can be built with meson if the Nix one is not passed in. The idea I have is that dev shells don't receive the one from Nix to avoid having to build it, but CI can use the one from Nix and save some gratuitous rebuilds. The design of this is that you can run `ninja -C build clang-tidy` and it will simply correctly clang-tidy the codebase in spite of PCH bullshit caused by the cc-wrapper. This is a truly horrendous number of hacks in a ball, caused by bugs in several pieces of software, and I am not even getting started. I don't consider this to fix the clang-tidy issue filing, since we still have a fair number of issues to fix even on the existing minimal configuration, and I have not yet implemented it in CI. Realistically we will need to do something like https://github.com/Ericsson/codechecker to be able to silence warnings without physically touching the code, or at least *diff* reports between versions. Also, the run-clang-tidy output design is rather atrocious and must not be inflicted upon anyone I have respect for, since it buries the diagnostics in a pile of invocation logs. We would do really well to integrate with the Gerrit SARIF stuff so we can dump the reports on people in a user-friendly manner. Related: https://git.lix.systems/lix-project/lix/issues/147 Change-Id: Ifefe533f3b56874795de231667046b2da6ff2461
2024-08-02Merge "nix flake show: add the description if it exists" into mainIsabel
2024-07-30src/libcmd/repl.cc: avoid unneeded reload after :eGoldstein
If `:edit`ing a store path, don't reload repl afterwards to avoid losing local variables: store is immutable, so "editing" a store path is always just viewing it. Resolves: https://git.lix.systems/lix-project/lix/issues/341 Change-Id: I3747f75ce26e0595e953069c39ddc3ee80699718
2024-07-25libstore/build: block io_uringAlois Wohlschlager
Unfortunately, io_uring is totally opaque to seccomp, and while currently there are no dangerous operations implemented, there is no guarantee that it remains this way. This means that io_uring should be blocked entirely to ensure that the sandbox is future-proof. This has not been observed to cause issues in practice. Change-Id: I45d3895f95abe1bc103a63969f444c334dbbf50d
2024-07-23nix flake show: add the description if it existsisabel
(cherry picked from commit 8cd1d02f90eb9915e640c5d370d919fad9833c65) nix flake show: Only print up to the first new line if it exists. (cherry picked from commit 5281a44927bdb51bfe6e5de12262d815c98f6fe7) add tests (cherry picked from commit 74ae0fbdc70a5079a527fe143c4832d1357011f7) Handle long strings, embedded new lines and empty descriptions (cherry picked from commit 2ca7b3afdbbd983173a17fa0a822cf7623601367) Account for total length of 80 (cherry picked from commit 1cc808c18cbaaf26aaae42bb1d7f7223f25dd364) docs: add nix flake show description release note fix: remove white space nix flake show: trim length based on terminal size test: account for terminal size docs(flake-description): before and after commands; add myself to credits Upstream-PR: https://github.com/NixOS/nix/pull/10980 Change-Id: Ie1c667dc816b3dd81e65a1f5395e57ea48ee0362
2024-07-19Merge changes Id8b3d289,Ib75ab5b8,I3792eeb3 into mainjade
* changes: Fixup a bunch of references to nixos.org manuals Add release notes for removing overflow from Nix language expr: fix a compiler warning about different signs in comparison
2024-07-18Add release notes for removing overflow from Nix languageJade Lovelace
Change-Id: Ib75ab5b8b4d879035d7ee7678f9cd0c491a39c0a
2024-07-18doc/release-notes: add for pretty printing improvementsAlois Wohlschlager
Change-Id: I829581a3f5b8b742e6c866dcdbbc635f91afceb5
2024-07-09Fix dry-run flag for nix-collect-garbageQuantum Jump
`nix-collect-garbage --dry-run` previously elided the entire garbage collection check, meaning that it would just exit the script without printing anything. This change makes the dry run flag instead set the GC action to `gcReturnDead` rather than `gcDeleteDead`, and then continue with the script. So if you set `--dry-run`, it will print the paths it *would* have garbage collected, but not actually delete them. I filed a bug for this: https://git.lix.systems/lix-project/lix/issues/432 but then realised I could give fixing it a go myself. Change-Id: I062dbf1a80bbab192b5fd0b3a453a0b555ad16f2
2024-07-04distinguish between throws & errors during throwQyriad
Turns errors like this: let throwMsg = a: throw (a + " invalid bar"); in throwMsg "bullshit" error: … from call site at «string»:3:4: 2| throwMsg = a: throw (a + " invalid bar"); 3| in throwMsg "bullshit" | ^ … while calling 'throwMsg' at «string»:2:14: 1| let 2| throwMsg = a: throw (a + " invalid bar"); | ^ 3| in throwMsg "bullshit" … while calling the 'throw' builtin at «string»:2:17: 1| let 2| throwMsg = a: throw (a + " invalid bar"); | ^ 3| in throwMsg "bullshit" error: bullshit invalid bar into errors like this: let throwMsg = a: throw (a + " invalid bar"); in throwMsg "bullshit" error: … from call site at «string»:3:4: 2| throwMsg = a: throw (a + " invalid bar"); 3| in throwMsg "bullshit" | ^ … while calling 'throwMsg' at «string»:2:14: 1| let 2| throwMsg = a: throw (a + " invalid bar"); | ^ 3| in throwMsg "bullshit" … caused by explicit throw at «string»:2:17: 1| let 2| throwMsg = a: throw (a + " invalid bar"); | ^ 3| in throwMsg "bullshit" error: bullshit invalid bar Change-Id: I593688928ece20f97999d1bf03b2b46d9ac338cb
2024-07-04trace which part of `foo.bar.baz` errorsQyriad
Turns errors like: let somepkg.src = throw "invalid foobar"; in somepkg.src.meta error: … while evaluating the attribute 'src.meta' at «string»:2:3: 1| let 2| somepkg.src = throw "invalid foobar"; | ^ 3| in somepkg.src.meta … while calling the 'throw' builtin at «string»:2:17: 1| let 2| somepkg.src = throw "invalid foobar"; | ^ 3| in somepkg.src.meta error: invalid foobar into errors like: let somepkg.src = throw "invalid foobar"; in somepkg.src.meta error: … while evaluating the attribute 'src.meta' at «string»:2:3: 1| let 2| somepkg.src = throw "invalid foobar"; | ^ 3| in somepkg.src.meta … while evaluating 'somepkg.src' to select 'meta' on it at «string»:3:4: 2| somepkg.src = throw "invalid foobar"; 3| in somepkg.src.meta | ^ … while calling the 'throw' builtin at «string»:2:17: 1| let 2| somepkg.src = throw "invalid foobar"; | ^ 3| in somepkg.src.meta error: invalid foobar And for type errors, from: let somepkg.src = "I'm not an attrset"; in somepkg.src.meta error: … while evaluating the attribute 'src.meta' at «string»:2:3: 1| let 2| somepkg.src = "I'm not an attrset"; | ^ 3| in somepkg.src.meta … while selecting an attribute at «string»:3:4: 2| somepkg.src = "I'm not an attrset"; 3| in somepkg.src.meta | ^ error: expected a set but found a string: "I'm not an attrset" into: let somepkg.src = "I'm not an attrset"; in somepkg.src.meta error: … while evaluating the attribute 'src.meta' at «string»:2:3: 1| let 2| somepkg.src = "I'm not an attrset"; | ^ 3| in somepkg.src.meta … while selecting 'meta' on 'somepkg.src' at «string»:3:4: 2| somepkg.src = "I'm not an attrset"; 3| in somepkg.src.meta | ^ error: expected a set but found a string: "I'm not an attrset" For the low price of an enumerate() and a lambda you too can have the incorrect line of code actually show up in the trace! Change-Id: Ic1491c86e33c167891bdac9adad6224784760bd6
2024-07-04trace when the `foo` part of `foo.bar.baz` errorsQyriad
Turns errors like: let errpkg = throw "invalid foobar"; in errpkg.meta error: … while calling the 'throw' builtin at «string»:2:12: 1| let 2| errpkg = throw "invalid foobar"; | ^ 3| in errpkg.meta error: invalid foobar into errors like: let errpkg = throw "invalid foobar"; in errpkg.meta error: … while evaluating 'errpkg' to select 'meta' on it at «string»:3:4: 2| errpkg = throw "invalid foobar"; 3| in errpkg.meta | ^ … while calling the 'throw' builtin at «string»:2:12: 1| let 2| errpkg = throw "invalid foobar"; | ^ 3| in errpkg.meta error: invalid foobar For the low price of one try/catch, you too can have the incorrect line of code actually show up in the trace! Change-Id: If8d6200ec1567706669d405c34adcd7e2d2cd29d
2024-07-02Merge "Reject fully-qualified URLs in 'from' argument of `nix registry add`" ↵Delan Azabani
into main
2024-07-01Merge changes Ie29a8a89,I873eedcf into mainjade
* changes: store: delete obsolete lsof-disabling code store: guess the URL of failing fixed-output derivations
2024-06-30libexpr/flake: allow automatic rejection of configuration options from flakesAlois Wohlschlager
The `allow-flake-configuration` option allows the user to control whether to accept configuration options supplied by flakes. Unfortunately, setting this to false really meant "ask each time" (with an option to remember the choice for each specific option encountered). Let no mean no, and introduce (and default to) a separate value for the "ask each time" behaviour. Co-Authored-By: Jade Lovelace <lix@jade.fyi> Change-Id: I7ccd67a95bfc92cffc1ebdc972d243f5191cc1b4
2024-06-29Reject fully-qualified URLs in 'from' argument of `nix registry add`Delan Azabani
We previously allowed you to map any flake URL to any other flake URL, including shorthand flakerefs, indirect flake URLs like `flake:nixpkgs`, direct flake URLs like `github:NixOS/nixpkgs`, or local paths. But flake registry entries mapping from direct flake URLs often come from swapping the 'from' and 'to' arguments by accident, and even when created intentionally, they may not actually work correctly. This patch rejects those URLs (and fully-qualified flake: URLs), making it harder to swap the arguments by accident. Fixes #181. Change-Id: I24713643a534166c052719b8770a4edfcfdb8cf3