| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
Fixes #1340.
|
|
support multi threaded xz encoder
|
|
https://hydra.nixos.org/build/68827814
|
|
|
|
See:
https://github.com/NixOS/nix/commit/88b5d0c8e89afefbc547b6243c5aa5a3ec8176e9#commitcomment-27406365
|
|
|
|
can be done now from the url e.g s3://nix-cache?parallel-compression=1
instead of nix.conf.
|
|
|
|
by default.
|
|
|
|
All ANSI sequences except color setting are now filtered out. In
particular, terminal resets (such as from NixOS VM tests) are filtered
out.
Also, fix the completely broken tab character handling.
|
|
Add path primop.
|
|
some comments about possible improvements wrt memory usage/threading.
|
|
builtins.path allows specifying the name of a path (which makes paths
with store-illegal names now addable), allows adding paths with flat
instead of recursive hashes, allows specifying a filter (so is a
generalization of filterSource), and allows specifying an expected
hash (enabling safe path adding in pure mode).
|
|
the case of hydra where the overhead of single threaded encoding is more
noticeable e.g most of the time spent in "Sending inputs"/"Receiving outputs"
is due to compression while the actual upload to the binary cache seems
to be negligible.
|
|
Fixes #1834.
|
|
This makes import-from-derivation work in restricted mode again.
|
|
This makes e.g. 'fetchGit ./.' work (assuming that ./. is an allowed
path).
|
|
Say "copying" instead of "fetching" when copying from another local
store. Nice for nixos-install.
|
|
This is needed by nixos-install, which uses the Nix store on the
installation CD as a substituter. We don't want to disable signature
checking entirely because substitutes from cache.nixos.org should
still be checked. So now we can pas "local?trusted=1" to mark only the
Nix store in /nix as not requiring signatures.
Fixes #1819.
|
|
|
|
Instead, if a fixed-output derivation produces has an incorrect output
hash, we now unconditionally move the outputs to the path
corresponding with the actual hash and register it as valid. Thus,
after correcting the hash in the Nix expression (e.g. in a fetchurl
call), the fixed-output derivation doesn't have to be built again.
It would still be good to have a command for reporting the actual hash
of a fixed-output derivation (instead of throwing an error), but
"nix-build --hash" didn't do that.
|
|
|
|
Note that nix-build always creates indirect roots.
Fixes #1830.
|
|
Closes #323.
|
|
|
|
remote_store: register for NIX_REMOTE=unix://path
|
|
|
|
Following discussion with Shea and Graham. It's a big enough change
from the last release. Also, from a semver perspective, 2.0 makes more
sense because we did remove some interfaces (like nix-pull/nix-push).
|
|
This command upgrades Nix to the latest stable version by installing a
store path obtained from
https://github.com/NixOS/nixpkgs/raw/master/nixos/modules/installer/tools/nix-fallback-paths.nix
which is the same store path that the installer at
https://nixos.org/nix/install.sh uses.
The upgrade fails if Nix is not installed in a profile (e.g. on NixOS,
or when installed outside of the Nix store).
|
|
|
|
|
|
|
|
This allows overriding the socket path so the daemon may be listening at
an arbitrary Unix domain socket location.
Fixes #1800
|
|
Some servers, such as Artifactory, allow uploading with PUT and BASIC
auth. This allows nix copy to work to upload binaries to those
servers.
Worked on together with @adelbertc
|
|
This was for backward compatibility. However, with security-related
configuration settings, it's best not to have any confusion.
Issue #495.
|
|
nlohmann-json: 2.1.1 -> 3.0.1
|
|
environments
|
|
|
|
|
|
Also add a test.
Fixes #1803.
Closes #1805.
|
|
|
|
This makes it easier to provide a default, e.g.
system = builtins.currentSystem or "x86_64-linux";
|
|
|
|
Thus --json no longer produces a list.
|
|
|
|
|
|
In this mode, the following restrictions apply:
* The builtins currentTime, currentSystem and storePath throw an
error.
* $NIX_PATH and -I are ignored.
* fetchGit and fetchMercurial require a revision hash.
* fetchurl and fetchTarball require a sha256 attribute.
* No file system access is allowed outside of the paths returned by
fetch{Git,Mercurial,url,Tarball}. Thus 'nix build -f ./foo.nix' is
not allowed.
Thus, the evaluation result is completely reproducible from the
command line arguments. E.g.
nix build --pure-eval '(
let
nix = fetchGit { url = https://github.com/NixOS/nixpkgs.git; rev = "9c927de4b179a6dd210dd88d34bda8af4b575680"; };
nixpkgs = fetchGit { url = https://github.com/NixOS/nixpkgs.git; ref = "release-17.09"; rev = "66b4de79e3841530e6d9c6baf98702aa1f7124e4"; };
in (import (nix + "/release.nix") { inherit nix nixpkgs; }).build.x86_64-linux
)'
The goal is to enable completely reproducible and traceable
evaluation. For example, a NixOS configuration could be fully
described by a single Git commit hash. 'nixos-rebuild' would do
something like
nix build --pure-eval '(
(import (fetchGit { url = file:///my-nixos-config; rev = "..."; })).system
')
where the Git repository /my-nixos-config would use further fetchGit
calls or Git externals to fetch Nixpkgs and whatever other
dependencies it has. Either way, the commit hash would uniquely
identify the NixOS configuration and allow it to reproduced.
|
