| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
|
|
Impure derivations are derivations that can produce a different result
every time they're built. Example:
stdenv.mkDerivation {
name = "impure";
__impure = true; # marks this derivation as impure
outputHashAlgo = "sha256";
outputHashMode = "recursive";
buildCommand = "date > $out";
};
Some important characteristics:
* This requires the 'impure-derivations' experimental feature.
* Impure derivations are not "cached". Thus, running "nix-build" on
the example above multiple times will cause a rebuild every time.
* They are implemented similar to CA derivations, i.e. the output is
moved to a content-addressed path in the store. The difference is
that we don't register a realisation in the Nix database.
* Pure derivations are not allowed to depend on impure derivations. In
the future fixed-output derivations will be allowed to depend on
impure derivations, thus forming an "impurity barrier" in the
dependency graph.
* When sandboxing is enabled, impure derivations can access the
network in the same way as fixed-output derivations. In relaxed
sandboxing mode, they can access the local filesystem.
|
|
|
|
|
|
Rather than having four different but very similar types of hashes, make
only one, with a tag indicating whether it corresponds to a regular of
deferred derivation.
This implies a slight logical change: The original Nix+multiple-outputs
model assumed only one hash-modulo per derivation. Adding
multiple-outputs CA derivations changed this as these have one
hash-modulo per output. This change is now treating each derivation as
having one hash modulo per output.
This obviously means that we internally loose the guaranty that
all the outputs of input-addressed derivations have the same hash
modulo. But it turns out that it doesn’t matter because there’s nothing
in the code taking advantage of that fact (and it probably shouldn’t
anyways).
The upside is that it is now much easier to work with these hashes, and
we can get rid of a lot of useless `std::visit{ overloaded`.
Co-authored-by: John Ericson <John.Ericson@Obsidian.Systems>
|
|
nix {run,shell}: Print a better error message if the store is not local
|
|
Closes #6317
|
|
Instead get the outputs from Installable::build(). This will also
allow 'nix profile install' to support impure derivations.
Fixes #6286.
|
|
Only provide builtins is the corresponding experimental feature is enabled
|
|
Make buildPathsWithResults() only return info on wanted outputs
|
|
|
|
Fixes #5523.
|
|
experimental feature is enabled
This allows writing fallback code like
if builtins ? fetchClosure then
builtins.fetchClose { ... }
else
builtins.storePath ...
|
|
`nix log` should also work if the log didn't provide any output
|
|
Co-authored-by: John Ericson <git@JohnEricson.me>
|
|
Before this change, processLine always uses the first character
as the start of the line. This cause whitespaces to matter at the
beginning of the line whereas it does not matter anywhere else.
This commit trims leading white spaces of the string line so that
subsequent operations can be performed on the string without explicitly
tracking starting and ending indices of the string.
|
|
This avoids an infinite loop in the final test in
tests/binary-cache.sh. I think this was only not triggered previously
by accident (because we were clearing wantedOutputs in between).
|
|
|
|
|
|
|
|
This reverts commit 50a35860ee9237d341948437c5f70a7f0987d393.
With this change Nix fails to open bzip2 logfiles that were created from
builds with no stdout/stderr.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
make-content-addressed'
|
|
LocalStore::addToStore() since
79ae9e4558cbefd743f28a5e73110c2303b03a85 expects a regular NAR hash,
rather than a NAR hash modulo self-references. Fixes #6300.
Also, makeContentAddressed() now rewrites the entire closure (so 'nix
store make-content-addressable' no longer needs '-r'). See #6301.
|
|
The advantage is that the resulting closure doesn't need to be signed,
so you don't need to configure any binary cache keys on the client.
|
|
|
|
|
|
This allows closures to be imported at evaluation time, without
requiring the user to configure substituters. E.g.
builtins.fetchClosure {
storePath = /nix/store/f89g6yi63m1ywfxj96whv5sxsm74w5ka-python3.9-sqlparse-0.4.2;
from = "https://cache.ngi0.nixos.org";
}
|
|
docs: genericClosure
|
|
|
|
Fixes #5872
|
|
Before the change lexter errors did not report the location:
$ nix build -f. mc
error: path has a trailing slash
(use '--show-trace' to show detailed location information)
Note that it's not clear what file generates the error.
After the change location is reported:
$ src/nix/nix --extra-experimental-features nix-command build -f ~/nm mc
error: path has a trailing slash
at .../pkgs/development/libraries/glib/default.nix:54:18:
53| };
54| src = /tmp/foo/;
| ^
55|
(use '--show-trace' to show detailed location information)
Here we see both problematic file and the string itself.
|
|
|
|
Fixes #6243.
|
|
This ensures that it doesn't get parsed as a valid Nix expression.
|
|
If a package installs a file named manifest.json, it caused nix-env to
consider the profile a new-style profile created by 'nix
profile'. Fixes #6032.
|
|
Decode string context straight to using StorePaths
|
|
|
|
|
|
I gather decoding happens on demand, so I hope don't think this should
have any perf implications one way or the other.
|
|
|
|
|
|
Easier than using dummy path with input addressed.
|
