From 8438114399ce025b6977215dbaedc05697a6d958 Mon Sep 17 00:00:00 2001
From: Magic_RB <magic_rb@redalder.org>
Date: Mon, 3 May 2021 09:54:31 +0200
Subject: Add ignored_acls setting

Signed-off-by: Magic_RB <magic_rb@redalder.org>
---
 src/libstore/globals.hh | 9 +++++++++
 1 file changed, 9 insertions(+)

(limited to 'src/libstore/globals.hh')

diff --git a/src/libstore/globals.hh b/src/libstore/globals.hh
index 8784d5faf..7e01b4960 100644
--- a/src/libstore/globals.hh
+++ b/src/libstore/globals.hh
@@ -805,6 +805,15 @@ public:
           may be useful in certain scenarios (e.g. to spin up containers or
           set up userspace network interfaces in tests).
         )"};
+
+    Setting<StringSet> ignoredAcls{
+        this, {"security.selinux"}, "ignored-acls",
+        R"(
+          A list of ACLs that should be ignored, normally Nix attempts to
+          remove all ACLs from files and directories in the Nix store, but
+          some ACLs like `security.selinux` or `system.nfs4_acl` can't be
+          removed even by root. Therefore it's best to just ignore them.
+        )"};
 #endif
 
     Setting<Strings> hashedMirrors{
-- 
cgit v1.2.3


From af99941279b80c962ec9cae3e5fa32976a3f5744 Mon Sep 17 00:00:00 2001
From: regnat <rg@regnat.ovh>
Date: Mon, 25 Oct 2021 15:53:01 +0200
Subject: Make experimental-features a proper type
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Rather than having them plain strings scattered through the whole
codebase, create an enum containing all the known experimental features.

This means that
- Nix can now `warn` when an unkwown experimental feature is passed
  (making it much nicer to spot typos and spot deprecated features)
- It’s now easy to remove a feature altogether (once the feature isn’t
  experimental anymore or is dropped) by just removing the field for the
  enum and letting the compiler point us to all the now invalid usages
  of it.
---
 src/libstore/globals.hh | 16 ++++------------
 1 file changed, 4 insertions(+), 12 deletions(-)

(limited to 'src/libstore/globals.hh')

diff --git a/src/libstore/globals.hh b/src/libstore/globals.hh
index 8784d5faf..165639261 100644
--- a/src/libstore/globals.hh
+++ b/src/libstore/globals.hh
@@ -3,6 +3,7 @@
 #include "types.hh"
 #include "config.hh"
 #include "util.hh"
+#include "experimental-features.hh"
 
 #include <map>
 #include <limits>
@@ -45,15 +46,6 @@ struct PluginFilesSetting : public BaseSetting<Paths>
     void set(const std::string & str, bool append = false) override;
 };
 
-class MissingExperimentalFeature: public Error
-{
-public:
-    std::string missingFeature;
-
-    MissingExperimentalFeature(std::string feature);
-    virtual const char* sname() const override { return "MissingExperimentalFeature"; }
-};
-
 class Settings : public Config {
 
     unsigned int getDefaultCores();
@@ -925,12 +917,12 @@ public:
           value.
           )"};
 
-    Setting<Strings> experimentalFeatures{this, {}, "experimental-features",
+    Setting<std::set<ExperimentalFeature>> experimentalFeatures{this, {}, "experimental-features",
         "Experimental Nix features to enable."};
 
-    bool isExperimentalFeatureEnabled(const std::string & name);
+    bool isExperimentalFeatureEnabled(const ExperimentalFeature &);
 
-    void requireExperimentalFeature(const std::string & name);
+    void requireExperimentalFeature(const ExperimentalFeature &);
 
     Setting<bool> allowDirty{this, true, "allow-dirty",
         "Whether to allow dirty Git/Mercurial trees."};
-- 
cgit v1.2.3


From 30496af5980fd03706f587eef014e630e9d9d318 Mon Sep 17 00:00:00 2001
From: Tom Bereknyei <tomberek@gmail.com>
Date: Fri, 12 Nov 2021 09:50:07 -0500
Subject: Adds an accept-flake-config flag

---
 src/libstore/globals.hh | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'src/libstore/globals.hh')

diff --git a/src/libstore/globals.hh b/src/libstore/globals.hh
index 165639261..a50eb6803 100644
--- a/src/libstore/globals.hh
+++ b/src/libstore/globals.hh
@@ -951,6 +951,9 @@ public:
 
     Setting<bool> useRegistries{this, true, "use-registries",
         "Whether to use flake registries to resolve flake references."};
+
+    Setting<bool> acceptFlakeConfig{this, false, "accept-flake-config",
+        "Whether to accept nix configuration from a flake without prompting."};
 };
 
 
-- 
cgit v1.2.3


From 21520297dad8a198004e4551808a4818a8de7ddd Mon Sep 17 00:00:00 2001
From: Arthur Gautier <arthur.gautier@arista.com>
Date: Wed, 1 Dec 2021 16:08:23 +0100
Subject: reproducibility: hide non-reproducible settings from manual

Because the manual is generated from default values which are themselves
generated from various sources (cpuid, bios settings (kvm), number of
cores). This commit hides non-reproducible settings from the manual
output.
---
 src/libstore/globals.hh | 17 ++++++++++-------
 1 file changed, 10 insertions(+), 7 deletions(-)

(limited to 'src/libstore/globals.hh')

diff --git a/src/libstore/globals.hh b/src/libstore/globals.hh
index a50eb6803..e9eeffe8c 100644
--- a/src/libstore/globals.hh
+++ b/src/libstore/globals.hh
@@ -21,7 +21,7 @@ struct MaxBuildJobsSetting : public BaseSetting<unsigned int>
         const std::string & name,
         const std::string & description,
         const std::set<std::string> & aliases = {})
-        : BaseSetting<unsigned int>(def, name, description, aliases)
+        : BaseSetting<unsigned int>(def, true, name, description, aliases)
     {
         options->addSetting(this);
     }
@@ -38,7 +38,7 @@ struct PluginFilesSetting : public BaseSetting<Paths>
         const std::string & name,
         const std::string & description,
         const std::set<std::string> & aliases = {})
-        : BaseSetting<Paths>(def, name, description, aliases)
+        : BaseSetting<Paths>(def, true, name, description, aliases)
     {
         options->addSetting(this);
     }
@@ -130,7 +130,9 @@ public:
         {"build-max-jobs"}};
 
     Setting<unsigned int> buildCores{
-        this, getDefaultCores(), "cores",
+        this,
+        getDefaultCores(),
+        "cores",
         R"(
           Sets the value of the `NIX_BUILD_CORES` environment variable in the
           invocation of builders. Builders can use this variable at their
@@ -141,7 +143,7 @@ public:
           command line switch and defaults to `1`. The value `0` means that
           the builder should use all available CPU cores in the system.
         )",
-        {"build-cores"}};
+        {"build-cores"}, false};
 
     /* Read-only mode.  Don't copy stuff to the store, don't change
        the database. */
@@ -583,10 +585,11 @@ public:
           platform and generate incompatible code, so you may wish to
           cross-check the results of using this option against proper
           natively-built versions of your derivations.
-        )"};
+        )", {}, false};
 
     Setting<StringSet> systemFeatures{
-        this, getDefaultSystemFeatures(),
+        this,
+        getDefaultSystemFeatures(),
         "system-features",
         R"(
           A set of system “features” supported by this machine, e.g. `kvm`.
@@ -602,7 +605,7 @@ public:
           This setting by default includes `kvm` if `/dev/kvm` is accessible,
           and the pseudo-features `nixos-test`, `benchmark` and `big-parallel`
           that are used in Nixpkgs to route builds to specific machines.
-        )"};
+        )", {}, false};
 
     Setting<Strings> substituters{
         this,
-- 
cgit v1.2.3


From 20b1290103f23e40614518291b8d4847e37fea05 Mon Sep 17 00:00:00 2001
From: Eelco Dolstra <edolstra@gmail.com>
Date: Fri, 10 Dec 2021 15:12:55 +0100
Subject: Ignore system.nfs4_acl

Closes #1584.
---
 src/libstore/globals.hh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src/libstore/globals.hh')

diff --git a/src/libstore/globals.hh b/src/libstore/globals.hh
index 2f9e8c6e8..433deaf0f 100644
--- a/src/libstore/globals.hh
+++ b/src/libstore/globals.hh
@@ -799,7 +799,7 @@ public:
         )"};
 
     Setting<StringSet> ignoredAcls{
-        this, {"security.selinux"}, "ignored-acls",
+        this, {"security.selinux", "system.nfs4_acl"}, "ignored-acls",
         R"(
           A list of ACLs that should be ignored, normally Nix attempts to
           remove all ACLs from files and directories in the Nix store, but
-- 
cgit v1.2.3


From 3e5a9ad7ff15e5263d8b31288095ebd2e489b8e1 Mon Sep 17 00:00:00 2001
From: "lincoln auster [they/them]" <lincolnauster@gmail.com>
Date: Thu, 13 Jan 2022 13:01:04 -0700
Subject: allow modifying lockfile commit msg with nix config option

This allows setting the commit-lockfile-summary option to a non-empty
string to override the commit summary while leaving the body unchanged.
---
 src/libstore/globals.hh | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'src/libstore/globals.hh')

diff --git a/src/libstore/globals.hh b/src/libstore/globals.hh
index 1911ec855..f65893b10 100644
--- a/src/libstore/globals.hh
+++ b/src/libstore/globals.hh
@@ -966,6 +966,13 @@ public:
 
     Setting<bool> acceptFlakeConfig{this, false, "accept-flake-config",
         "Whether to accept nix configuration from a flake without prompting."};
+
+    Setting<std::string> commitLockFileSummary{
+        this, "", "commit-lockfile-summary",
+        R"(
+          The commit summary to use when commiting changed flake lock files. If
+          empty, the summary is generated based on the action performed.
+        )"};
 };
 
 
-- 
cgit v1.2.3


From 85b1427662979c6f4fe765839ff7a742216f70f9 Mon Sep 17 00:00:00 2001
From: Thomas Koch <thomas@koch.ro>
Date: Sun, 30 Jan 2022 10:51:39 +0200
Subject: fix spelling mistakes reported by Debian's lintian tool

---
 src/libstore/globals.hh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src/libstore/globals.hh')

diff --git a/src/libstore/globals.hh b/src/libstore/globals.hh
index f65893b10..893c95bd6 100644
--- a/src/libstore/globals.hh
+++ b/src/libstore/globals.hh
@@ -970,7 +970,7 @@ public:
     Setting<std::string> commitLockFileSummary{
         this, "", "commit-lockfile-summary",
         R"(
-          The commit summary to use when commiting changed flake lock files. If
+          The commit summary to use when committing changed flake lock files. If
           empty, the summary is generated based on the action performed.
         )"};
 };
-- 
cgit v1.2.3


From b312d4d09699fc7681b20a956a95c6964cef73e3 Mon Sep 17 00:00:00 2001
From: Kevin Amado <kamadorueda@gmail.com>
Date: Fri, 25 Feb 2022 09:16:16 -0500
Subject: refactor: remove verbose-build from docs

- From what I see it is an implementation detail
  but is no longer configurable from the settings
---
 src/libstore/globals.hh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src/libstore/globals.hh')

diff --git a/src/libstore/globals.hh b/src/libstore/globals.hh
index 893c95bd6..4a78729e9 100644
--- a/src/libstore/globals.hh
+++ b/src/libstore/globals.hh
@@ -113,7 +113,7 @@ public:
     bool verboseBuild = true;
 
     Setting<size_t> logLines{this, 10, "log-lines",
-        "If `verbose-build` is false, the number of lines of the tail of "
+        "The number of lines of the tail of "
         "the log to show if a build fails."};
 
     MaxBuildJobsSetting maxBuildJobs{
-- 
cgit v1.2.3


From df552ff53e68dff8ca360adbdbea214ece1d08ee Mon Sep 17 00:00:00 2001
From: Eelco Dolstra <edolstra@gmail.com>
Date: Fri, 25 Feb 2022 16:00:00 +0100
Subject: Remove std::string alias (for real this time)

Also use std::string_view in a few more places.
---
 src/libstore/globals.hh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src/libstore/globals.hh')

diff --git a/src/libstore/globals.hh b/src/libstore/globals.hh
index 4a78729e9..b31a2e8dc 100644
--- a/src/libstore/globals.hh
+++ b/src/libstore/globals.hh
@@ -988,6 +988,6 @@ void loadConfFile();
 // Used by the Settings constructor
 std::vector<Path> getUserConfigFiles();
 
-extern const string nixVersion;
+extern const std::string nixVersion;
 
 }
-- 
cgit v1.2.3