[Nix-commits] [NixOS/nixpkgs] 634f5f: json-server: init at 0.10.1 (#26266)
Branch: refs/heads/master Home: https://github.com/NixOS/nixpkgs Commit: 634f5f0d0f680b820484baa04ff94c23786df97b https://github.com/NixOS/nixpkgs/commit/634f5f0d0f680b820484baa04ff94c23786df97b Author: Stefhen HovlandDate: 2017-06-01 (Thu, 01 Jun 2017) Changed paths: M pkgs/development/node-packages/composition-v4.nix M pkgs/development/node-packages/composition-v6.nix M pkgs/development/node-packages/node-env.nix M pkgs/development/node-packages/node-packages-v4.nix M pkgs/development/node-packages/node-packages-v6.json M pkgs/development/node-packages/node-packages-v6.nix Log Message: --- json-server: init at 0.10.1 (#26266) json-server: init a 0.10.1 ___ nix-commits mailing list nix-comm...@lists.science.uu.nl https://mailman.science.uu.nl/mailman/listinfo/nix-commits
[Nix-commits] [NixOS/nixpkgs] 371b13: pythonPackages.ldap: only set environment variable...
Branch: refs/heads/master Home: https://github.com/NixOS/nixpkgs Commit: 371b136ba8bd1bb92098044e2111c3410283aae5 https://github.com/NixOS/nixpkgs/commit/371b136ba8bd1bb92098044e2111c3410283aae5 Author: risicleDate: 2017-06-01 (Thu, 01 Jun 2017) Changed paths: M pkgs/development/python-modules/ldap.nix Log Message: --- pythonPackages.ldap: only set environment variables for tests during check phase (#26285) ___ nix-commits mailing list nix-comm...@lists.science.uu.nl https://mailman.science.uu.nl/mailman/listinfo/nix-commits
[Nix-commits] [NixOS/nixpkgs] a0a618: pythonPackages.txaio: disable test_chained_callbac...
Branch: refs/heads/master Home: https://github.com/NixOS/nixpkgs Commit: a0a6187a186532da89fa4306db37d9c8fd381c0a https://github.com/NixOS/nixpkgs/commit/a0a6187a186532da89fa4306db37d9c8fd381c0a Author: risicleDate: 2017-06-01 (Thu, 01 Jun 2017) Changed paths: M pkgs/development/python-modules/txaio/default.nix Log Message: --- pythonPackages.txaio: disable test_chained_callback test as it is removed upstream (#26288) because it breaks under python3.6 ___ nix-commits mailing list nix-comm...@lists.science.uu.nl https://mailman.science.uu.nl/mailman/listinfo/nix-commits
[Nix-commits] [NixOS/nixpkgs] 7b4acc: pythonPackages.hidapi: 0.7.99.post15 -> 0.7.99.pos...
Branch: refs/heads/master Home: https://github.com/NixOS/nixpkgs Commit: 7b4acc6626c631645b29e1486e81c5683fa82c7c https://github.com/NixOS/nixpkgs/commit/7b4acc6626c631645b29e1486e81c5683fa82c7c Author: rnhmjojDate: 2017-05-31 (Wed, 31 May 2017) Changed paths: A pkgs/development/python-modules/hidapi/default.nix M pkgs/top-level/python-packages.nix Log Message: --- pythonPackages.hidapi: 0.7.99.post15 -> 0.7.99.post20 Commit: 9e61a82ab388be7b46a780ac999109cc9cc69478 https://github.com/NixOS/nixpkgs/commit/9e61a82ab388be7b46a780ac999109cc9cc69478 Author: rnhmjoj Date: 2017-06-01 (Thu, 01 Jun 2017) Changed paths: A pkgs/development/python-modules/ecpy/default.nix M pkgs/top-level/python-packages.nix Log Message: --- pythonPackages.ecpy: init at 0.8.1 Commit: 6c0e6eeb58f6047a8c13754568e631f8e5a8e451 https://github.com/NixOS/nixpkgs/commit/6c0e6eeb58f6047a8c13754568e631f8e5a8e451 Author: rnhmjoj Date: 2017-06-01 (Thu, 01 Jun 2017) Changed paths: A pkgs/development/python-modules/ledgerblue/default.nix M pkgs/top-level/python-packages.nix Log Message: --- pythonPackages.ledgerblue: init at 0.1.13 Commit: b236fa54aa87f87145ac291e7e5a380a23e2e6a0 https://github.com/NixOS/nixpkgs/commit/b236fa54aa87f87145ac291e7e5a380a23e2e6a0 Author: rnhmjoj Date: 2017-06-01 (Thu, 01 Jun 2017) Changed paths: A pkgs/development/python-modules/keepkey/default.nix M pkgs/top-level/python-packages.nix Log Message: --- pythonPackages.keepkey: fix impossible constraint Commit: 93ff334d6d2f6d65b17dfd44f3eb9b66c2383abc https://github.com/NixOS/nixpkgs/commit/93ff334d6d2f6d65b17dfd44f3eb9b66c2383abc Author: rnhmjoj Date: 2017-06-01 (Thu, 01 Jun 2017) Changed paths: R pkgs/development/python-modules/trezor.nix A pkgs/development/python-modules/trezor/default.nix M pkgs/top-level/python-packages.nix Log Message: --- pythonPackages.trezor: move expression to trezor/default.nix Commit: 6217233531ef824f0fa34a55108a1e4dcc84741c https://github.com/NixOS/nixpkgs/commit/6217233531ef824f0fa34a55108a1e4dcc84741c Author: rnhmjoj Date: 2017-06-01 (Thu, 01 Jun 2017) Changed paths: A pkgs/development/python-modules/libagent/default.nix M pkgs/top-level/python-packages.nix Log Message: --- pythonPackages.libagent: init at 0.9.1 Commit: e693d5f9863a6ebe29ebce3fea79433465f1256a https://github.com/NixOS/nixpkgs/commit/e693d5f9863a6ebe29ebce3fea79433465f1256a Author: rnhmjoj Date: 2017-06-01 (Thu, 01 Jun 2017) Changed paths: M pkgs/top-level/python-packages.nix Log Message: --- pythonPackages.trezor_agent: 0.7.0 -> 0.9.0 Commit: f93dfd52594bf53889456f7797dd199bca2292ad https://github.com/NixOS/nixpkgs/commit/f93dfd52594bf53889456f7797dd199bca2292ad Author: rnhmjoj Date: 2017-06-01 (Thu, 01 Jun 2017) Changed paths: A pkgs/development/python-modules/semver/default.nix M pkgs/top-level/python-packages.nix Log Message: --- pythonPackages.semver: move to pkgs/development/python-modules Commit: 3463dd1c7bf50adbe8f45f28ced706c7f165edd1 https://github.com/NixOS/nixpkgs/commit/3463dd1c7bf50adbe8f45f28ced706c7f165edd1 Author: rnhmjoj Date: 2017-06-01 (Thu, 01 Jun 2017) Changed paths: A pkgs/development/python-modules/ed25519/default.nix M pkgs/top-level/python-packages.nix Log Message: --- pythonPackages.ed25519: move to pkgs/development/python-modules Commit: b3c91274811aad00d3efed81bf27c740fdf86785 https://github.com/NixOS/nixpkgs/commit/b3c91274811aad00d3efed81bf27c740fdf86785 Author: rnhmjoj Date: 2017-06-01 (Thu, 01 Jun 2017) Changed paths: A pkgs/development/python-modules/mnemonic/default.nix M pkgs/top-level/python-packages.nix Log Message: --- pythonPackages.mnemonic: move expression to mnemonic/default.nix Commit: 4414ac84489c1c96fa0284541c60655c4e6be074 https://github.com/NixOS/nixpkgs/commit/4414ac84489c1c96fa0284541c60655c4e6be074 Author: Jörg Thalheim Date: 2017-06-01 (Thu, 01 Jun 2017) Changed paths: A pkgs/development/python-modules/ecpy/default.nix A pkgs/development/python-modules/ed25519/default.nix A pkgs/development/python-modules/hidapi/default.nix A pkgs/development/python-modules/keepkey/default.nix A pkgs/development/python-modules/ledgerblue/default.nix A pkgs/development/python-modules/libagent/default.nix A
[Nix-commits] [NixOS/nixpkgs] c14bf4: irrlicht: link to X11 libs explicitly
Branch: refs/heads/master Home: https://github.com/NixOS/nixpkgs Commit: c14bf4f2b19d64e2cc4ed70fa2bc4f08b4328745 https://github.com/NixOS/nixpkgs/commit/c14bf4f2b19d64e2cc4ed70fa2bc4f08b4328745 Author: Linus HeckemannDate: 2017-05-29 (Mon, 29 May 2017) Changed paths: M pkgs/development/libraries/irrlicht/default.nix Log Message: --- irrlicht: link to X11 libs explicitly This allows applications that require irrlicht to depend on the X libraries implicitly rather than explicitly. Commit: 427f5bcba127f78bb2fabd6b9f625e752229acf3 https://github.com/NixOS/nixpkgs/commit/427f5bcba127f78bb2fabd6b9f625e752229acf3 Author: Mateusz Kowalczyk Date: 2017-06-01 (Thu, 01 Jun 2017) Changed paths: M pkgs/development/libraries/irrlicht/default.nix Log Message: --- Merge pull request #26265 from lheckemann/irrlicht-libs irrlicht: link to X11 libs explicitly Compare: https://github.com/NixOS/nixpkgs/compare/120275fd6e6c...427f5bcba127___ nix-commits mailing list nix-comm...@lists.science.uu.nl https://mailman.science.uu.nl/mailman/listinfo/nix-commits
[Nix-commits] [NixOS/nixpkgs] 0b0ea4: pythonPackages.nbxmpp: 0.5.3 -> 0.5.5
Branch: refs/heads/release-17.03 Home: https://github.com/NixOS/nixpkgs Commit: 0b0ea40ac3055a8deb69d049c12cce778b433ff3 https://github.com/NixOS/nixpkgs/commit/0b0ea40ac3055a8deb69d049c12cce778b433ff3 Author: Nikolay AmiantovDate: 2017-06-01 (Thu, 01 Jun 2017) Changed paths: M pkgs/top-level/python-packages.nix Log Message: --- pythonPackages.nbxmpp: 0.5.3 -> 0.5.5 Fix annoying bug with messages being resent on reconnection. (cherry picked from commit 120275fd6e6c83f73ce6465abc895462a38eb82b) ___ nix-commits mailing list nix-comm...@lists.science.uu.nl https://mailman.science.uu.nl/mailman/listinfo/nix-commits
[Nix-commits] [NixOS/nixpkgs] 120275: pythonPackages.nbxmpp: 0.5.3 -> 0.5.5
Branch: refs/heads/master Home: https://github.com/NixOS/nixpkgs Commit: 120275fd6e6c83f73ce6465abc895462a38eb82b https://github.com/NixOS/nixpkgs/commit/120275fd6e6c83f73ce6465abc895462a38eb82b Author: Nikolay AmiantovDate: 2017-06-01 (Thu, 01 Jun 2017) Changed paths: M pkgs/top-level/python-packages.nix Log Message: --- pythonPackages.nbxmpp: 0.5.3 -> 0.5.5 Fix annoying bug with messages being resent on reconnection. ___ nix-commits mailing list nix-comm...@lists.science.uu.nl https://mailman.science.uu.nl/mailman/listinfo/nix-commits
[Nix-commits] [NixOS/nixpkgs] d7f636: daemontools: fix build
Branch: refs/heads/master Home: https://github.com/NixOS/nixpkgs Commit: d7f6367471f69f3bf14e1c846bd031bf918783f4 https://github.com/NixOS/nixpkgs/commit/d7f6367471f69f3bf14e1c846bd031bf918783f4 Author: Jörg ThalheimDate: 2017-05-31 (Wed, 31 May 2017) Changed paths: M pkgs/tools/admin/daemontools/default.nix A pkgs/tools/admin/daemontools/fix-nix-usernamespace-build.patch Log Message: --- daemontools: fix build ___ nix-commits mailing list nix-comm...@lists.science.uu.nl https://mailman.science.uu.nl/mailman/listinfo/nix-commits
[Nix-commits] [NixOS/nixpkgs] bef0b6: pythonPackages.treq: fix build
Branch: refs/heads/master Home: https://github.com/NixOS/nixpkgs Commit: bef0b67a84ea847cc0c07143bc7cbf7a06ea7b9f https://github.com/NixOS/nixpkgs/commit/bef0b67a84ea847cc0c07143bc7cbf7a06ea7b9f Author: Jörg ThalheimDate: 2017-05-31 (Wed, 31 May 2017) Changed paths: M pkgs/development/python-modules/treq/default.nix Log Message: --- pythonPackages.treq: fix build ___ nix-commits mailing list nix-comm...@lists.science.uu.nl https://mailman.science.uu.nl/mailman/listinfo/nix-commits
[Nix-commits] [NixOS/nixpkgs] 859267: systemd-resolved: fix case when dnsmasq is used as...
Branch: refs/heads/master Home: https://github.com/NixOS/nixpkgs Commit: 859267f627aefa12a9180e1c821fa4fbed7ed188 https://github.com/NixOS/nixpkgs/commit/859267f627aefa12a9180e1c821fa4fbed7ed188 Author: Jörg ThalheimDate: 2017-05-31 (Wed, 31 May 2017) Changed paths: M nixos/modules/config/networking.nix Log Message: --- systemd-resolved: fix case when dnsmasq is used as local resolver fixes #25706 Commit: d842a382c3ea6c2794308720d25ec4e8cdbdffa1 https://github.com/NixOS/nixpkgs/commit/d842a382c3ea6c2794308720d25ec4e8cdbdffa1 Author: Jörg Thalheim Date: 2017-05-31 (Wed, 31 May 2017) Changed paths: M pkgs/applications/networking/instant-messengers/dino/default.nix Log Message: --- dino: unstable-2017-05-11 -> unstable-2017-05-31 Compare: https://github.com/NixOS/nixpkgs/compare/5604dbe8785c...d842a382c3ea___ nix-commits mailing list nix-comm...@lists.science.uu.nl https://mailman.science.uu.nl/mailman/listinfo/nix-commits
[Nix-commits] [NixOS/nixpkgs] 0146f1: google-app-engine-go-sdk: fix error on macOS
Branch: refs/heads/master Home: https://github.com/NixOS/nixpkgs Commit: 0146f18390d8619db97178771297fb04136cdb7b https://github.com/NixOS/nixpkgs/commit/0146f18390d8619db97178771297fb04136cdb7b Author: lufiaDate: 2017-05-31 (Wed, 31 May 2017) Changed paths: M pkgs/development/tools/google-app-engine-go-sdk/default.nix Log Message: --- google-app-engine-go-sdk: fix error on macOS Commit: 682b0ec0e1013ebd0703c56994aa57610ce31580 https://github.com/NixOS/nixpkgs/commit/682b0ec0e1013ebd0703c56994aa57610ce31580 Author: Jörg Thalheim Date: 2017-05-31 (Wed, 31 May 2017) Changed paths: M pkgs/development/tools/google-app-engine-go-sdk/default.nix Log Message: --- google-app-engine-go-sdk: remove platform assert Commit: 5604dbe8785c607dbdbc35ade531194e82ca3f3e https://github.com/NixOS/nixpkgs/commit/5604dbe8785c607dbdbc35ade531194e82ca3f3e Author: Jörg Thalheim Date: 2017-05-31 (Wed, 31 May 2017) Changed paths: M pkgs/development/tools/google-app-engine-go-sdk/default.nix Log Message: --- Merge pull request #26276 from lufia/fix-appengine-go-darwin google-app-engine-go-sdk: fix error on macOS Compare: https://github.com/NixOS/nixpkgs/compare/a57a726f895a...5604dbe8785c___ nix-commits mailing list nix-comm...@lists.science.uu.nl https://mailman.science.uu.nl/mailman/listinfo/nix-commits
Re: [Nix-dev] Evaluation time vs build time
Hi Judson, I am not entirely sure whether I understand your thoughts correctly, but if I did then it might be interesting for you to store the following file as "default.nix": | { nixpkgs ? import {} }: | | with nixpkgs.pkgs; | | let | | random = stdenv.mkDerivation { | name = "random-0"; | buildCommand = "mkdir $out; echo $RANDOM >$out/default.nix"; |}; | | randomValue = import random; | | in | stdenv.mkDerivation { | | name = "test-0"; | | buildCommand = '' | mkdir $out | touch $out/${toString randomValue} | ''; | | } Then run: $ ls -l $(nix-build --no-out-link default.nix) Best regards, Peter ___ nix-dev mailing list nix-dev@lists.science.uu.nl https://mailman.science.uu.nl/mailman/listinfo/nix-dev
[Nix-commits] [NixOS/nixpkgs] 728ddb: vagrant: 1.9.1 -> 1.9.5
Branch: refs/heads/master Home: https://github.com/NixOS/nixpkgs Commit: 728ddbd95fa71c30ddb84cad72dc02b34873b330 https://github.com/NixOS/nixpkgs/commit/728ddbd95fa71c30ddb84cad72dc02b34873b330 Author: Aaron Bull SchaeferDate: 2017-05-30 (Tue, 30 May 2017) Changed paths: M pkgs/development/tools/vagrant/default.nix Log Message: --- vagrant: 1.9.1 -> 1.9.5 Commit: a57a726f895a6d0a391e74dc02333b64b7d66958 https://github.com/NixOS/nixpkgs/commit/a57a726f895a6d0a391e74dc02333b64b7d66958 Author: Pascal Wittmann Date: 2017-05-31 (Wed, 31 May 2017) Changed paths: M pkgs/development/tools/vagrant/default.nix Log Message: --- Merge pull request #26244 from elasticdog/vagrant vagrant: 1.9.1 -> 1.9.5 Compare: https://github.com/NixOS/nixpkgs/compare/31b3832ec268...a57a726f895a___ nix-commits mailing list nix-comm...@lists.science.uu.nl https://mailman.science.uu.nl/mailman/listinfo/nix-commits
[Nix-commits] [NixOS/nixpkgs] a5f12a: insync: 1.3.13.36129 -> 1.3.16.36155
Branch: refs/heads/master Home: https://github.com/NixOS/nixpkgs Commit: a5f12abfd3c61cad8dc28ad65db2cc28db39db12 https://github.com/NixOS/nixpkgs/commit/a5f12abfd3c61cad8dc28ad65db2cc28db39db12 Author: Alexandre PeyrouxDate: 2017-05-31 (Wed, 31 May 2017) Changed paths: M pkgs/applications/networking/insync/default.nix Log Message: --- insync: 1.3.13.36129 -> 1.3.16.36155 Commit: 31b3832ec268eebc6d159eb5dae7645126a98158 https://github.com/NixOS/nixpkgs/commit/31b3832ec268eebc6d159eb5dae7645126a98158 Author: Pascal Wittmann Date: 2017-05-31 (Wed, 31 May 2017) Changed paths: M pkgs/applications/networking/insync/default.nix Log Message: --- Merge pull request #26278 from apeyroux/up-insync insync: 1.3.13.36129 -> 1.3.16.36155 Compare: https://github.com/NixOS/nixpkgs/compare/0cbcb95e1437...31b3832ec268___ nix-commits mailing list nix-comm...@lists.science.uu.nl https://mailman.science.uu.nl/mailman/listinfo/nix-commits
Re: [Nix-dev] Evaluation time vs build time
Op 31-5-2017 om 21:07 schreef Linus Heckemann: On 31/05/17 18:01, Judson Lester wrote: nix expressions cannot 'makedepend' In other words, values in a nix expression can't be computed from the sources used to build an application. My question is, basically, is that true? Do I understand this correctly? Even if I do, I'm sure there's details an nuances that could be expanded on. As far as I understand it, it's mostly true — I believe it *is* actually possible, just strongly discouraged and absolutely not accepted in nixpkgs because (iiuc) of the mess of dependencies it can create. However, I don't fully understand all the ins and outs of this and may be wrong. It is nice to do all package management (except building) without downloading sources. Using the sources in nix-expressions would compromise that. Greetings, Frank (BTW, makedepend changes the makefile: autogenerating nix-files is possible) ___ nix-dev mailing list nix-dev@lists.science.uu.nl https://mailman.science.uu.nl/mailman/listinfo/nix-dev
Re: [Nix-dev] Evaluation time vs build time
On 31/05/17 18:01, Judson Lester wrote: > All, > > Please take this with a grain of salt. I'm trying to clarify my > understanding of Nix, and I've started to develop a kind of precept that > I don't know that I've seen documented anywhere. It may well be a > sophomore misunderstanding, and if such I don't want it to be taken up > as gospel. I think the most succinct way to put it would be: > > nix expressions cannot 'makedepend' > > In other words, values in a nix expression can't be computed from the > sources used to build an application. > > This is because (and here I'm sketchier) nix-build (upon which `nix-env > --install` /et al/ are based) evaluates the expressions, and calls to > 'derivation' that are executed, as a side effect, "queue up" builds. > Once a derivation is actually produced (iow, when the evaluation > completes), the queue of derivation builds are run. Since the > expression's evaluation is complete before the derivation builds happen, > the sources aren't available at evaluation time. > > One of the consequences of this are the family of *2nix tools that > exist: per-language library dependency manifests (like a Gemfile or > package.json) wouldn't be available if the corresponding builder > function just said "gitfetch this repo and build from it", so setting > those packages up requires the extra step of getting the appropriate > manifest files, running a simple tool on them, and pointing the > expression to the tool's results. > > Another, more profound consequence, is that the set of expressions is in > some sense "complete" - they fully describe where to get and how to > build packages, where a solution that admitted "makedepend" would blur > that line and allow code to determine at packaging time what to include > in the store. > > My question is, basically, is that true? Do I understand this correctly? > Even if I do, I'm sure there's details an nuances that could be expanded on. As far as I understand it, it's mostly true — I believe it *is* actually possible, just strongly discouraged and absolutely not accepted in nixpkgs because (iiuc) of the mess of dependencies it can create. However, I don't fully understand all the ins and outs of this and may be wrong. ___ nix-dev mailing list nix-dev@lists.science.uu.nl https://mailman.science.uu.nl/mailman/listinfo/nix-dev
[Nix-commits] [NixOS/nix] 52fec8: Remove listxattr assertion
Branch: refs/heads/master Home: https://github.com/NixOS/nix Commit: 52fec8dde862264874a4f19be329124ac46adb81 https://github.com/NixOS/nix/commit/52fec8dde862264874a4f19be329124ac46adb81 Author: Eelco DolstraDate: 2017-05-31 (Wed, 31 May 2017) Changed paths: M src/libstore/local-store.cc Log Message: --- Remove listxattr assertion It appears that sometimes, listxattr() returns a different value for the query case (i.e. when the buffer size is 0). ___ nix-commits mailing list nix-comm...@lists.science.uu.nl https://mailman.science.uu.nl/mailman/listinfo/nix-commits
Re: [Nix-dev] Auto-generated expressions for applications
On Wed, 31 May 2017, 17:23 Benno Fünfstück,wrote: > Profpatsch schrieb am Mi., 31. Mai 2017 um 16:01 Uhr: > >> On 17-05-31 08:25am, Benno Fünfstück wrote: >> > A package set >> > is a consistent set of packages of a given language. >> >> exactly that is not possible with e.g. npm or golang packages. >> > > Yes, those should be dealth with differently. Is sharing of deps between > different applications in these languages common? (sorry, i'm not very > familar with either) > With npm, a single application might contain multiple versions of the same library. There is no forcing function that nudges developers to deal with API compatibilities. With golang, each project dependency is usually pinned to a single commit ID. There is no notion of semver that can help build a constraint solver. > ___ nix-dev mailing list nix-dev@lists.science.uu.nl https://mailman.science.uu.nl/mailman/listinfo/nix-dev
[Nix-dev] Evaluation time vs build time
All, Please take this with a grain of salt. I'm trying to clarify my understanding of Nix, and I've started to develop a kind of precept that I don't know that I've seen documented anywhere. It may well be a sophomore misunderstanding, and if such I don't want it to be taken up as gospel. I think the most succinct way to put it would be: nix expressions cannot 'makedepend' In other words, values in a nix expression can't be computed from the sources used to build an application. This is because (and here I'm sketchier) nix-build (upon which `nix-env --install` *et al* are based) evaluates the expressions, and calls to 'derivation' that are executed, as a side effect, "queue up" builds. Once a derivation is actually produced (iow, when the evaluation completes), the queue of derivation builds are run. Since the expression's evaluation is complete before the derivation builds happen, the sources aren't available at evaluation time. One of the consequences of this are the family of *2nix tools that exist: per-language library dependency manifests (like a Gemfile or package.json) wouldn't be available if the corresponding builder function just said "gitfetch this repo and build from it", so setting those packages up requires the extra step of getting the appropriate manifest files, running a simple tool on them, and pointing the expression to the tool's results. Another, more profound consequence, is that the set of expressions is in some sense "complete" - they fully describe where to get and how to build packages, where a solution that admitted "makedepend" would blur that line and allow code to determine at packaging time what to include in the store. My question is, basically, is that true? Do I understand this correctly? Even if I do, I'm sure there's details an nuances that could be expanded on. Judson ___ nix-dev mailing list nix-dev@lists.science.uu.nl https://mailman.science.uu.nl/mailman/listinfo/nix-dev
Re: [Nix-dev] Auto-generated expressions for applications
Profpatschschrieb am Mi., 31. Mai 2017 um 16:01 Uhr: > On 17-05-31 08:25am, Benno Fünfstück wrote: > > A package set > > is a consistent set of packages of a given language. > > exactly that is not possible with e.g. npm or golang packages. > Yes, those should be dealth with differently. Is sharing of deps between different applications in these languages common? (sorry, i'm not very familar with either) Otherwise, I think a rust-like approach is best for these langs: split the build phase of applications into "fetch" and "build", where "fetch" has network access and produces some deterministic output, and "build" then uses "fetch" to build the package. Dependencies are built in the same derivation as the application. This means that our build process does not need any upstream-unsupported solutions. If the package manager does not support this two-way build, then we should work with upstream to get that feature supported. ___ nix-dev mailing list nix-dev@lists.science.uu.nl https://mailman.science.uu.nl/mailman/listinfo/nix-dev
[Nix-commits] [NixOS/nixpkgs] 784842: xnu: Depend on python
Branch: refs/heads/darwin-sandbox Home: https://github.com/NixOS/nixpkgs Commit: 7848422d71f000dbb6e0cfd594b7afb9d5281ace https://github.com/NixOS/nixpkgs/commit/7848422d71f000dbb6e0cfd594b7afb9d5281ace Author: Eelco DolstraDate: 2017-05-31 (Wed, 31 May 2017) Changed paths: M pkgs/development/interpreters/python/cpython/2.7/default.nix M pkgs/os-specific/darwin/apple-source-releases/xnu/default.nix M pkgs/stdenv/darwin/default.nix Log Message: --- xnu: Depend on python Before, it used /usr/bin/python, which breaks when sandboxing is enabled. Commit: 961e7ef71d2b6575f6fd69f3d6554d485a733ae5 https://github.com/NixOS/nixpkgs/commit/961e7ef71d2b6575f6fd69f3d6554d485a733ae5 Author: Eelco Dolstra Date: 2017-05-31 (Wed, 31 May 2017) Changed paths: M pkgs/development/interpreters/perl/default.nix M pkgs/os-specific/darwin/apple-source-releases/adv_cmds/default.nix M pkgs/os-specific/darwin/apple-source-releases/configd/default.nix M pkgs/stdenv/darwin/default.nix R pkgs/stdenv/darwin/standard-sandbox.sb M pkgs/top-level/python-packages.nix Log Message: --- stdenvDarwin: Remove need for sandboxProfile magic The required sandbox rules are now builtin in Nix (https://github.com/NixOS/nix/commit/c96e8cd097ce0d181467fddd92acad4341ca566a). https://github.com/NixOS/nix/issues/759 Compare: https://github.com/NixOS/nixpkgs/compare/7848422d71f0^...961e7ef71d2b___ nix-commits mailing list nix-comm...@lists.science.uu.nl https://mailman.science.uu.nl/mailman/listinfo/nix-commits
[Nix-commits] [NixOS/nix] 6cc6c1: Add a seccomp filter to prevent creating setuid/se...
Branch: refs/heads/master Home: https://github.com/NixOS/nix Commit: 6cc6c15a2d50d0021d7242e9806ed6d54538de17 https://github.com/NixOS/nix/commit/6cc6c15a2d50d0021d7242e9806ed6d54538de17 Author: Eelco DolstraDate: 2017-05-29 (Mon, 29 May 2017) Changed paths: M configure.ac M release.nix M shell.nix M src/libstore/build.cc M src/libstore/local.mk Log Message: --- Add a seccomp filter to prevent creating setuid/setgid binaries This prevents builders from setting the S_ISUID or S_ISGID bits, preventing users from using a nixbld* user to create a setuid/setgid binary to interfere with subsequent builds under the same nixbld* uid. This is based on aszlig's seccomp code (47f587700d646f5b03a42f2fa57c28875a31efbe). Reported by Linus Heckemann. Commit: cf93397d3f1d2a8165a100482d07b7f4b7e5bf7f https://github.com/NixOS/nix/commit/cf93397d3f1d2a8165a100482d07b7f4b7e5bf7f Author: Eelco Dolstra Date: 2017-05-29 (Mon, 29 May 2017) Changed paths: M src/libstore/build.cc Log Message: --- Fix seccomp initialisation on i686-linux Commit: 1d9ab273bad34b004dfcfd486273d0df5fed1eca https://github.com/NixOS/nix/commit/1d9ab273bad34b004dfcfd486273d0df5fed1eca Author: Eelco Dolstra Date: 2017-05-29 (Mon, 29 May 2017) Changed paths: M release.nix A tests/setuid.nix Log Message: --- Add test for setuid seccomp filter Commit: ff6becafa8efc2f7e6f2b9b889ba4adf20b8d524 https://github.com/NixOS/nix/commit/ff6becafa8efc2f7e6f2b9b889ba4adf20b8d524 Author: Eelco Dolstra Date: 2017-05-30 (Tue, 30 May 2017) Changed paths: M src/libstore/build.cc Log Message: --- Require seccomp only in multi-user setups Commit: d798349ede3d6eb6e92a2e4f95f6b2179407ceb9 https://github.com/NixOS/nix/commit/d798349ede3d6eb6e92a2e4f95f6b2179407ceb9 Author: Eelco Dolstra Date: 2017-05-30 (Tue, 30 May 2017) Changed paths: M src/libstore/local-store.cc Log Message: --- canonicalisePathMetaData(): Remove extended attributes / ACLs EAs/ACLs are not part of the NAR canonicalisation. Worse, setting an ACL allows a builder to create writable files in the Nix store. So get rid of them. Closes #185. Commit: 2ac99a32dab0d2ea59cb9e926f6d6d5b7ef638c6 https://github.com/NixOS/nix/commit/2ac99a32dab0d2ea59cb9e926f6d6d5b7ef638c6 Author: Eelco Dolstra Date: 2017-05-30 (Tue, 30 May 2017) Changed paths: M src/libstore/build.cc Log Message: --- Add a seccomp rule to disallow setxattr() Commit: d552d387585840f68fcc7507fca83feb6f937a10 https://github.com/NixOS/nix/commit/d552d387585840f68fcc7507fca83feb6f937a10 Author: Eelco Dolstra Date: 2017-05-30 (Tue, 30 May 2017) Changed paths: M src/libstore/build.cc Log Message: --- Shut up some clang warnings Commit: fe08d17934e6abe3e8566706f53063166b881f8c https://github.com/NixOS/nix/commit/fe08d17934e6abe3e8566706f53063166b881f8c Author: Eelco Dolstra Date: 2017-05-30 (Tue, 30 May 2017) Changed paths: M src/libstore/build.cc Log Message: --- Fix seccomp build failure on clang Fixes src/libstore/build.cc:2321:45: error: non-constant-expression cannot be narrowed from type 'int' to 'scmp_datum_t' (aka 'unsigned long') in initializer list [-Wc++11-narrowing] Commit: 9bdb88ea6e833ad61d6833aa09560d32c9bc39df https://github.com/NixOS/nix/commit/9bdb88ea6e833ad61d6833aa09560d32c9bc39df Author: Eelco Dolstra Date: 2017-05-30 (Tue, 30 May 2017) Changed paths: M release-common.nix Log Message: --- Only pass --with-sandbox-shell on Linux Commit: 83eec5a997cd121158b7adb32a688dc5a63d6c9c https://github.com/NixOS/nix/commit/83eec5a997cd121158b7adb32a688dc5a63d6c9c Author: Eelco Dolstra Date: 2017-05-30 (Tue, 30 May 2017) Changed paths: M src/resolve-system-dependencies/resolve-system-dependencies.cc Log Message: --- resolve-system-dependencies: Several fixes This fixes error: getting attributes of path ‘Versions/Current/CoreFoundation’: No such file or directory when /System/Library/Frameworks/CoreFoundation.framework/CoreFoundation is a symlink. Also fixes a segfault when encounting a file that is not a MACH binary (such as /dev/null, which is included in __impureHostDeps in Nixpkgs). Possibly fixes #786. Commit: 53a16441878ebd4a5ac6ef8a95a649bfd521da3d https://github.com/NixOS/nix/commit/53a16441878ebd4a5ac6ef8a95a649bfd521da3d Author: Eelco Dolstra Date: 2017-05-30 (Tue, 30 May 2017) Changed paths: M src/libstore/build.cc Log Message: --- Darwin sandbox:
[Nix-commits] [NixOS/nixpkgs] 0cbcb9: bundler: 1.14.6 -> 1.15.0
Branch: refs/heads/master Home: https://github.com/NixOS/nixpkgs Commit: 0cbcb95e1437ecd92592094aeb3f4fc516780c2a https://github.com/NixOS/nixpkgs/commit/0cbcb95e1437ecd92592094aeb3f4fc516780c2a Author: Peter HoegDate: 2017-05-31 (Wed, 31 May 2017) Changed paths: M pkgs/development/ruby-modules/bundler/default.nix Log Message: --- bundler: 1.14.6 -> 1.15.0 ___ nix-commits mailing list nix-comm...@lists.science.uu.nl https://mailman.science.uu.nl/mailman/listinfo/nix-commits
Re: [Nix-dev] logstash-5.4.0 ruby issue
FYI: I fixed the issue. On 30 May 2017 at 20:56, Bas van Dijkwrote: > Hi Nixers, are there any Ruby devs on this list who can help me package > logstash-5.4.0. See: > > https://github.com/NixOS/nixpkgs/pull/26252 > > Reproducing the issue is as easy as checking out the elk5 branch of > > g...@github.com:LumiGuide/nixpkgs.git > > and running: > > nix-build nixos/tests/elk.nix. > > Thanks, > > Bas > ___ nix-dev mailing list nix-dev@lists.science.uu.nl https://mailman.science.uu.nl/mailman/listinfo/nix-dev
[Nix-commits] [NixOS/nixpkgs] 047a5a: pgpdump: 0.31 -> 0.32
Branch: refs/heads/master Home: https://github.com/NixOS/nixpkgs Commit: 047a5a18df7a61ba66bdf171cbcb37cb9bc01845 https://github.com/NixOS/nixpkgs/commit/047a5a18df7a61ba66bdf171cbcb37cb9bc01845 Author: Michael WeissDate: 2017-05-31 (Wed, 31 May 2017) Changed paths: M pkgs/tools/security/pgpdump/default.nix Log Message: --- pgpdump: 0.31 -> 0.32 ___ nix-commits mailing list nix-comm...@lists.science.uu.nl https://mailman.science.uu.nl/mailman/listinfo/nix-commits
Re: [Nix-dev] Auto-generated expressions for applications
On 17-05-31 08:25am, Benno Fünfstück wrote: > A package set > is a consistent set of packages of a given language. exactly that is not possible with e.g. npm or golang packages. -- Proudly written in Mutt with Vim on NixOS. Q: Why is this email five sentences or less? A: http://five.sentenc.es May take up to five days to read your message. If it’s urgent, call me. ___ nix-dev mailing list nix-dev@lists.science.uu.nl https://mailman.science.uu.nl/mailman/listinfo/nix-dev
[Nix-commits] [NixOS/nixpkgs] 7b4178: linuxPackages.nvidia_x11: move patches to specific...
Branch: refs/heads/master Home: https://github.com/NixOS/nixpkgs Commit: 7b41780a0e4defe29e2bf9a17511b521db01c67d https://github.com/NixOS/nixpkgs/commit/7b41780a0e4defe29e2bf9a17511b521db01c67d Author: Nikolay AmiantovDate: 2017-05-31 (Wed, 31 May 2017) Changed paths: M pkgs/os-specific/linux/nvidia-x11/default.nix M pkgs/os-specific/linux/nvidia-x11/generic.nix Log Message: --- linuxPackages.nvidia_x11: move patches to specific versions ___ nix-commits mailing list nix-comm...@lists.science.uu.nl https://mailman.science.uu.nl/mailman/listinfo/nix-commits
[Nix-commits] [NixOS/nixpkgs] e67c1b: nvidia module: link proper output as OpenGL driver...
Branch: refs/heads/release-17.03 Home: https://github.com/NixOS/nixpkgs Commit: e67c1b7d9a6b051cd17aaa81255c600ef3830ba4 https://github.com/NixOS/nixpkgs/commit/e67c1b7d9a6b051cd17aaa81255c600ef3830ba4 Author: Nikolay AmiantovDate: 2017-05-31 (Wed, 31 May 2017) Changed paths: M nixos/modules/hardware/video/nvidia.nix Log Message: --- nvidia module: link proper output as OpenGL drivers (cherry picked from commit d09e3535f5263add321ef0607be8a75d76b2376c) Commit: 0dfad6720349edb5936ede74e368f74a234594b3 https://github.com/NixOS/nixpkgs/commit/0dfad6720349edb5936ede74e368f74a234594b3 Author: Vladimír Čunát Date: 2017-05-31 (Wed, 31 May 2017) Changed paths: M pkgs/os-specific/linux/nvidia-x11/default.nix Log Message: --- nvidia_x11_legacy304: 304.134 -> 304.135 (cherry picked from commit af58f8de55d836ddd266bc99be10251ae3703c99) Commit: 05126bc8503a37bfd2fe80867eb5b0bea287c633 https://github.com/NixOS/nixpkgs/commit/05126bc8503a37bfd2fe80867eb5b0bea287c633 Author: Vladimír Čunát Date: 2017-05-31 (Wed, 31 May 2017) Changed paths: M pkgs/os-specific/linux/nvidia-x11/generic.nix Log Message: --- nvidia_x11_legacy304: apply patches from Debian The drivers would build but probably wouldn't work without them. See #26250. (cherry picked from commit 0c4b91505ed6f5ec6475468cb07c3ef8018eed34) Compare: https://github.com/NixOS/nixpkgs/compare/21a8239452ad...05126bc8503a___ nix-commits mailing list nix-comm...@lists.science.uu.nl https://mailman.science.uu.nl/mailman/listinfo/nix-commits
[Nix-commits] [NixOS/nixpkgs] af58f8: nvidia_x11_legacy304: 304.134 -> 304.135
Branch: refs/heads/master Home: https://github.com/NixOS/nixpkgs Commit: af58f8de55d836ddd266bc99be10251ae3703c99 https://github.com/NixOS/nixpkgs/commit/af58f8de55d836ddd266bc99be10251ae3703c99 Author: Vladimír ČunátDate: 2017-05-31 (Wed, 31 May 2017) Changed paths: M pkgs/os-specific/linux/nvidia-x11/default.nix Log Message: --- nvidia_x11_legacy304: 304.134 -> 304.135 Commit: 0c4b91505ed6f5ec6475468cb07c3ef8018eed34 https://github.com/NixOS/nixpkgs/commit/0c4b91505ed6f5ec6475468cb07c3ef8018eed34 Author: Vladimír Čunát Date: 2017-05-31 (Wed, 31 May 2017) Changed paths: M pkgs/os-specific/linux/nvidia-x11/generic.nix Log Message: --- nvidia_x11_legacy304: apply patches from Debian The drivers would build but probably wouldn't work without them. See #26250. Commit: 3b4ef34fa0e8963db3df4ae58271d1298a5d87a9 https://github.com/NixOS/nixpkgs/commit/3b4ef34fa0e8963db3df4ae58271d1298a5d87a9 Author: Nikolay Amiantov Date: 2017-05-31 (Wed, 31 May 2017) Changed paths: M pkgs/os-specific/linux/nvidia-x11/default.nix M pkgs/os-specific/linux/nvidia-x11/generic.nix Log Message: --- Merge pull request #26272 from vcunat/p/nvidia-304 nvidia 304 fixes Compare: https://github.com/NixOS/nixpkgs/compare/d09e3535f526...3b4ef34fa0e8___ nix-commits mailing list nix-comm...@lists.science.uu.nl https://mailman.science.uu.nl/mailman/listinfo/nix-commits
[Nix-commits] [NixOS/nixpkgs] d09e35: nvidia module: link proper output as OpenGL driver...
Branch: refs/heads/master Home: https://github.com/NixOS/nixpkgs Commit: d09e3535f5263add321ef0607be8a75d76b2376c https://github.com/NixOS/nixpkgs/commit/d09e3535f5263add321ef0607be8a75d76b2376c Author: Nikolay AmiantovDate: 2017-05-31 (Wed, 31 May 2017) Changed paths: M nixos/modules/hardware/video/nvidia.nix Log Message: --- nvidia module: link proper output as OpenGL drivers ___ nix-commits mailing list nix-comm...@lists.science.uu.nl https://mailman.science.uu.nl/mailman/listinfo/nix-commits
Re: [Nix-dev] Node example?
On 17-05-31 08:29am, Benno Fünfstück wrote: > the reason it works on your test machine but doesn't work on CI is probably > because of build sandboxing (see `build-use-sandbox` nix option: that > disables network access & access to certain FS paths for nix builders). btw can we please finally enable sandboxing by default? That would be nice thx. -- Proudly written in Mutt with Vim on NixOS. Q: Why is this email five sentences or less? A: http://five.sentenc.es May take up to five days to read your message. If it’s urgent, call me. ___ nix-dev mailing list nix-dev@lists.science.uu.nl https://mailman.science.uu.nl/mailman/listinfo/nix-dev
[Nix-commits] [NixOS/nixpkgs] 1c0b50: quilt: take dependencies as explicit function argu...
Branch: refs/heads/master Home: https://github.com/NixOS/nixpkgs Commit: 1c0b50c91821dcf62176e1931bd06e15db2eec99 https://github.com/NixOS/nixpkgs/commit/1c0b50c91821dcf62176e1931bd06e15db2eec99 Author: Peter SimonsDate: 2017-05-31 (Wed, 31 May 2017) Changed paths: M pkgs/development/tools/quilt/default.nix Log Message: --- quilt: take dependencies as explicit function arguments Commit: e25ab373db8382f33ae2095c47acd1402a4e4be5 https://github.com/NixOS/nixpkgs/commit/e25ab373db8382f33ae2095c47acd1402a4e4be5 Author: Peter Simons Date: 2017-05-31 (Wed, 31 May 2017) Changed paths: A pkgs/development/tools/wiggle/default.nix M pkgs/top-level/all-packages.nix Log Message: --- wiggle: initial version 1.0 Wiggle is a tool for applying patches with conflicts. Compare: https://github.com/NixOS/nixpkgs/compare/b116a1c65c34...e25ab373db83___ nix-commits mailing list nix-comm...@lists.science.uu.nl https://mailman.science.uu.nl/mailman/listinfo/nix-commits
[Nix-commits] [NixOS/nixpkgs] b116a1: quilt: update to version 0.65
Branch: refs/heads/master Home: https://github.com/NixOS/nixpkgs Commit: b116a1c65c344e868924e327324ae3ac1e0626cd https://github.com/NixOS/nixpkgs/commit/b116a1c65c344e868924e327324ae3ac1e0626cd Author: Peter SimonsDate: 2017-05-31 (Wed, 31 May 2017) Changed paths: M pkgs/development/tools/quilt/default.nix Log Message: --- quilt: update to version 0.65 ___ nix-commits mailing list nix-comm...@lists.science.uu.nl https://mailman.science.uu.nl/mailman/listinfo/nix-commits
[Nix-commits] [NixOS/nixpkgs] 935792: mutt: 1.8.2 -> 1.8.3
Branch: refs/heads/master Home: https://github.com/NixOS/nixpkgs Commit: 9357927a4d13e578c4006e4dfdef7531eb1d15c0 https://github.com/NixOS/nixpkgs/commit/9357927a4d13e578c4006e4dfdef7531eb1d15c0 Author: Matthias BeyerDate: 2017-05-31 (Wed, 31 May 2017) Changed paths: M pkgs/applications/networking/mailreaders/mutt/default.nix Log Message: --- mutt: 1.8.2 -> 1.8.3 >From the Release-Mail: This is a bug-fix release. Of note to Gmail users is a potential crash fix when copy/moving messages to its Trash folder. Commit: dab99832e1270b445f3d42dd75ba412394a11e45 https://github.com/NixOS/nixpkgs/commit/dab99832e1270b445f3d42dd75ba412394a11e45 Author: Pascal Wittmann Date: 2017-05-31 (Wed, 31 May 2017) Changed paths: M pkgs/applications/networking/mailreaders/mutt/default.nix Log Message: --- Merge pull request #26271 from matthiasbeyer/update-mutt mutt: 1.8.2 -> 1.8.3 Compare: https://github.com/NixOS/nixpkgs/compare/8aff7c0508d3...dab99832e127___ nix-commits mailing list nix-comm...@lists.science.uu.nl https://mailman.science.uu.nl/mailman/listinfo/nix-commits
[Nix-commits] [NixOS/nixpkgs] 149b02: sudo: 1.8.19p2 -> 1.8.20p1, fixes CVE-2017-1000367
Branch: refs/heads/release-16.09 Home: https://github.com/NixOS/nixpkgs Commit: 149b025544cf9dbdb099a32ad670394fd76cd5b5 https://github.com/NixOS/nixpkgs/commit/149b025544cf9dbdb099a32ad670394fd76cd5b5 Author: Daiderd JordanDate: 2017-05-31 (Wed, 31 May 2017) Changed paths: M pkgs/tools/security/sudo/default.nix Log Message: --- sudo: 1.8.19p2 -> 1.8.20p1, fixes CVE-2017-1000367 (cherry picked from commit 3c0114d4728aff4158730ccaf89cc1d9115c83ee) ___ nix-commits mailing list nix-comm...@lists.science.uu.nl https://mailman.science.uu.nl/mailman/listinfo/nix-commits
[Nix-commits] [NixOS/nixpkgs] 53748b: Upgrade to python-consul-0.7.0.
Branch: refs/heads/master Home: https://github.com/NixOS/nixpkgs Commit: 53748b7e178aa380bcbbfa41ec6cdcd6a4eda852 https://github.com/NixOS/nixpkgs/commit/53748b7e178aa380bcbbfa41ec6cdcd6a4eda852 Author: Niklas HambüchenDate: 2017-05-30 (Tue, 30 May 2017) Changed paths: M pkgs/top-level/python-packages.nix Log Message: --- Upgrade to python-consul-0.7.0. Fixes https://github.com/cablehead/python-consul/issues/152 Commit: 8aff7c0508d38aaef1693d59991de1ca58fe9f16 https://github.com/NixOS/nixpkgs/commit/8aff7c0508d38aaef1693d59991de1ca58fe9f16 Author: Frederik Rietdijk Date: 2017-05-31 (Wed, 31 May 2017) Changed paths: M pkgs/top-level/python-packages.nix Log Message: --- Merge pull request #26258 from nh2/python-consul-0.7.0 Upgrade to python-consul-0.7.0. Compare: https://github.com/NixOS/nixpkgs/compare/3488c65b2b02...8aff7c0508d3___ nix-commits mailing list nix-comm...@lists.science.uu.nl https://mailman.science.uu.nl/mailman/listinfo/nix-commits
Re: [Nix-dev] Node example?
On Wed, May 31, 2017 at 08:29:03AM +, Benno Fünfstück wrote: > Hi Harmen, > > the reason it works on your test machine but doesn't work on CI is probably > because of build sandboxing (see `build-use-sandbox` nix option: that > disables network access & access to certain FS paths for nix builders). That fixed it! I'm still not happy with the nix expression, but at least I have something to work with now. Thanks! ___ nix-dev mailing list nix-dev@lists.science.uu.nl https://mailman.science.uu.nl/mailman/listinfo/nix-dev
Re: [Nix-dev] Node example?
Hi Harmen, the reason it works on your test machine but doesn't work on CI is probably because of build sandboxing (see `build-use-sandbox` nix option: that disables network access & access to certain FS paths for nix builders). Regards, Benno Harmenschrieb am Di., 30. Mai 2017 um 21:33 Uhr: > > (I got a reply offlist, I'll just answer here hoping the sender doesn't > mind) > > node2nix works fine, but I do indeed need to build some frontend, using > webpack. > > Currently I have two errors: > > Npm can't download the precompiled node-webpack binary, but rebuilds it > from > source every time I run nix. Downloading works fine on my laptop, but not > on my > CI machine (gitlab builder, nix-daemon). The error is 'getaddrinfo > ENOTFOUND > github.com github.com:443'. Should not be fatal (npm will build it from > source), but looks fishy to me. > > The other, final, error is: > sh: > /nix/store/qvrv30xb597zr1ryw9d3n700pywxz3q9-node-my-dashboard-0.0.1/lib/node_modules/my-dashboard/node_modules/.bin/webpack: > /usr/bin/env: bad interpreter: No such file or directory > which, again, works fine on my test machine(s). Same nix version, same > unstable > nixpkgs nix-channel version. > > > Thanks! > ___ > nix-dev mailing list > nix-dev@lists.science.uu.nl > https://mailman.science.uu.nl/mailman/listinfo/nix-dev > ___ nix-dev mailing list nix-dev@lists.science.uu.nl https://mailman.science.uu.nl/mailman/listinfo/nix-dev
Re: [Nix-dev] Auto-generated expressions for applications
I think that as a first step, we have to separate two use cases for nixpkgs: * creating development environments to use with nix-shell etc * installing applications Package sets are key here. An application is built against a specific package set, and a development environment is based on a package set. A package set is a consistent set of packages of a given language. For nixpkgs itself, we should focus on providing access to *applications*. It is not necessary to provide the latest and greatest of every library on the planet, as long as we have no application that requires it. Developers can use the tools we use for nixpkgs to generate package sets to get access to the libraries they need. We may also have some "presets", like for example "all of stackage" for Haskell. The abstraction of a "package set" should be unified for all languages that require consistent package sets (= no more than one version of the same package in the dep chain. This includes Python, Haskell, .. but not for example NodeJS, as npm supports "private" dependencies). There should be *no* differences in how the functions are called, as this creates confusion. They should use the same technique. IMO, it is fine if each application uses is build against a package set that is generated just for this application, and includes just the dependencies for this app. However, if we find that there is much duplication here, we could also adopt the haskell approach which is: * have one "superset" that includes all the needed package expressions. this is not a package set by itself, as it may include multiple versions of a dependencies * then, for each application, take a consistent subset of packages out of this set. * we may also have a default package set if many packages share the same versions of some dependencies. each application would then only need to override a small number of dependencies in this default set. Note that overrides on package sets must be deep overrides, so that if I replace `foo-x` with `foo-y`, then all libraries previously depending on `foo-x` should now also depend on `foo-y`. This ensures consistency. If we had proper support for import-from-derivation, we could even support the following syntax (as used in the haskell set): packageSet.override { overrides = self: super: { some-package = self.callHackage "some-package" "1.2.43" }}; so the needed non-default packages can be generated on the fly. My opinion is that for the future, we should strive to auto-generate as much as possible in nixpkgs. I view `nix` more as a assembly language, a common format that auto-generators can use. Wouldn't it be nice if we could, for each package, just `anything2nix package-version` and it would spit out a derivation for that package? Then we can focus more on the composition of those packages. In a way, I believe that security could even be better with such an approach as we have more time to focus on package versions and don't need to do as much "grunt" work like figuring out easy dependencies of packages etc I hope this wasn't too long of an email :), Benno Profpatschschrieb am Mi., 31. Mai 2017 um 06:03 Uhr: > On 17-05-30 08:02am, Wout Mertens wrote: > > This actually ties into my question about nodePackages. It seems to me > that > > for these large packaging systems, we should have separate repos that > > update from their source, and you can then include them into your nixpkgs > > configuration. > > nodePackages is a bad example, because “node dependencies” > make no sense on their own. Each application brings with > it its own set of dependencies. > > > > > Only packages that are useful by themselves should get a derivation in > > nixpkgs, the rest would be in these add-on repos. For nodejs, that would > be > > e.g. yarn. > > No idea how to accomplish this though. > > Exactly. > As long as we keep generated formats in nice, diffable formats > they shouldn’t impose too much noise to the system. > Unfortunalely, the current output of node2nix is quite verbose. > > As far as CVEs go, one would have to integrate sites like > https://snyk.io/vuln somehow. > > > -- > Proudly written in Mutt with Vim on NixOS. > Q: Why is this email five sentences or less? > A: http://five.sentenc.es > May take up to five days to read your message. If it’s urgent, call me. > ___ > nix-dev mailing list > nix-dev@lists.science.uu.nl > https://mailman.science.uu.nl/mailman/listinfo/nix-dev > ___ nix-dev mailing list nix-dev@lists.science.uu.nl https://mailman.science.uu.nl/mailman/listinfo/nix-dev
Re: [Nix-dev] Polkit action files installed via nix-env don't appear to be recognised by Polkit/Pkexec/Pkaction
On 31/05/17 08:42, Roger Qiu wrote: > Good response! This would be a great info in a wiki somewhere. Thank you! Maybe I'll add it to the nixos-users wiki. >> To allow nix-env as root to install polkit actions, you could probably > add /nix/var/nix/profiles/default to polkit's search path. > > Disregarding it being a bad idea, how is this possible? Are you > suggesting overriding the derivation during package build of polkit? I'm suggesting not adding it to the search path and using systemPackages instead ;) As for how to add it to the search path, I really don't know. In the best case, you can do this in a configuration file somewhere; in the worst case this would require a patch to polkit. Linus ___ nix-dev mailing list nix-dev@lists.science.uu.nl https://mailman.science.uu.nl/mailman/listinfo/nix-dev
Re: [Nix-dev] Polkit action files installed via nix-env don't appear to be recognised by Polkit/Pkexec/Pkaction
Hi Linus, Good response! This would be a great info in a wiki somewhere. I have a question: > To allow nix-env as root to install polkit actions, you could probably add /nix/var/nix/profiles/default to polkit's search path. Disregarding it being a bad idea, how is this possible? Are you suggesting overriding the derivation during package build of polkit? Thanks, Roger On 31/05/2017 5:35 PM, Linus Heckemann wrote: On 31/05/17 07:47, Roger Qiu wrote: Yea that seems right, allowing users to nix-env install things, everything must be unprivileged, allowing the usage of such polkit files in nix-env means the users can make use of pkexec to elevate to root when executing anything. However in non-package manager use cases, installing such a package with `make install` would require super user privileges to install the action policy file into /usr/share/polkit-1/actions. Therefore nix-env could make use of such a fact, and instead suggest the user to install using `sudo nix-env` if the package has a polkit policy file. This would prevent such a security hole, since the user must be root to be able to install such a package. Such suggestions could be encoded in the nix expression file. Which brings up the next question, would installing via `sudo nix-env` setup the polkit policy files properly such that polkit will know about it? No. nix-env modifies the default, not the system profile (when running as root) because modifying the system profile requires activating it. What you'd want in this case is usually to add the package in question to environment.systemPackages and use nixos-rebuild switch to switch to the new generation. This results in the policy files ending up in /run/current-system/sw/share/polkit-1/actions, providing the security.polkit.enable option is set to true. That way the configuration is declarative which is more consistent with "The NixOS way". To allow nix-env as root to install polkit actions, you could probably add /nix/var/nix/profiles/default to polkit's search path. This is a bad idea compared to using the systemwide declarative configuration for several reasons though: - The changes won't be picked up automatically, you would have to restart polkit.service yourself. When using the system configuration, this is done by the activation script. - The packages won't be updated together with the rest of the system. This could be a security issue depending on whether you remember to run nix-env -u as root as frequently as nixos-rebuild. - The configuration isn't declarative and there's no single source of truth for where rules come from! This is the norm on most other distributions of course, but who really wants a less transparent system? So overall I recommend adding any packages whose polkit actions you want available to systemPackages rather than using nix-env to manage them. Best regards, Linus ___ nix-dev mailing list nix-dev@lists.science.uu.nl https://mailman.science.uu.nl/mailman/listinfo/nix-dev -- Founder of Matrix AI https://matrix.ai/ +61420925975 ___ nix-dev mailing list nix-dev@lists.science.uu.nl https://mailman.science.uu.nl/mailman/listinfo/nix-dev
Re: [Nix-dev] Polkit action files installed via nix-env don't appear to be recognised by Polkit/Pkexec/Pkaction
On 31/05/17 07:47, Roger Qiu wrote: > Yea that seems right, allowing users to nix-env install things, > everything must be unprivileged, allowing the usage of such polkit files > in nix-env means the users can make use of pkexec to elevate to root > when executing anything. > > However in non-package manager use cases, installing such a package with > `make install` would require super user privileges to install the action > policy file into /usr/share/polkit-1/actions. Therefore nix-env could > make use of such a fact, and instead suggest the user to install using > `sudo nix-env` if the package has a polkit policy file. This would > prevent such a security hole, since the user must be root to be able to > install such a package. Such suggestions could be encoded in the nix > expression file. > > Which brings up the next question, would installing via `sudo nix-env` > setup the polkit policy files properly such that polkit will know about it? No. nix-env modifies the default, not the system profile (when running as root) because modifying the system profile requires activating it. What you'd want in this case is usually to add the package in question to environment.systemPackages and use nixos-rebuild switch to switch to the new generation. This results in the policy files ending up in /run/current-system/sw/share/polkit-1/actions, providing the security.polkit.enable option is set to true. That way the configuration is declarative which is more consistent with "The NixOS way". To allow nix-env as root to install polkit actions, you could probably add /nix/var/nix/profiles/default to polkit's search path. This is a bad idea compared to using the systemwide declarative configuration for several reasons though: - The changes won't be picked up automatically, you would have to restart polkit.service yourself. When using the system configuration, this is done by the activation script. - The packages won't be updated together with the rest of the system. This could be a security issue depending on whether you remember to run nix-env -u as root as frequently as nixos-rebuild. - The configuration isn't declarative and there's no single source of truth for where rules come from! This is the norm on most other distributions of course, but who really wants a less transparent system? So overall I recommend adding any packages whose polkit actions you want available to systemPackages rather than using nix-env to manage them. Best regards, Linus ___ nix-dev mailing list nix-dev@lists.science.uu.nl https://mailman.science.uu.nl/mailman/listinfo/nix-dev
Re: [Nix-dev] Polkit action files installed via nix-env don't appear to be recognised by Polkit/Pkexec/Pkaction
Yea that seems right, allowing users to nix-env install things, everything must be unprivileged, allowing the usage of such polkit files in nix-env means the users can make use of pkexec to elevate to root when executing anything. However in non-package manager use cases, installing such a package with `make install` would require super user privileges to install the action policy file into /usr/share/polkit-1/actions. Therefore nix-env could make use of such a fact, and instead suggest the user to install using `sudo nix-env` if the package has a polkit policy file. This would prevent such a security hole, since the user must be root to be able to install such a package. Such suggestions could be encoded in the nix expression file. Which brings up the next question, would installing via `sudo nix-env` setup the polkit policy files properly such that polkit will know about it? Thanks, Roger On 31/05/2017 4:34 PM, Bjørn Forsman wrote: On 31 May 2017 at 07:44, Roger Qiuwrote: Hi all, Normally a polkit action file on a non-NixOS system would be installed in /usr/share/polkit-1/actions. On NixOS this location is instead at /run/current-system/sw/share/polkit-1/actions. The action files stored here are recognised by polkit, which can be demonstrated by running `pkaction`, this results in showing the titles of each action id. However some packages may supply action files, and are installed via nix-env. The action files in this case are instead stored in ~/.nix-profile/share/polkit-1/actions. My tests show that these action files are not being recognised by polkit. Running pkaction does not show any package the action files that are inside ~/.nix-profile/... Is there a work around here? Browsing the polkit docs doesn't mention anything about looking up user-specific action files, they all just say action files are to be at /usr/share/polkit-1/actions. If polkit only looks up 1 location, then should nix-env be symlinking action files into /run/current/system/sw/share/polkit-1/actions? Wouldn't that mean unprivileged users are allowed to raise their own permissions? (That doesn't sound like a good idea.) Best regards, Bjørn Forsman -- Founder of Matrix AI https://matrix.ai/ +61420925975 ___ nix-dev mailing list nix-dev@lists.science.uu.nl https://mailman.science.uu.nl/mailman/listinfo/nix-dev
[Nix-commits] [NixOS/nixpkgs] 0697dd: pythonPackages.rarfile: use free libarchive by def...
Branch: refs/heads/master Home: https://github.com/NixOS/nixpkgs Commit: 0697dd8b8105714a3acecc431954072492a66383 https://github.com/NixOS/nixpkgs/commit/0697dd8b8105714a3acecc431954072492a66383 Author: ProfpatschDate: 2017-05-31 (Wed, 31 May 2017) Changed paths: M pkgs/development/python-modules/rarfile/default.nix M pkgs/top-level/python-packages.nix Log Message: --- pythonPackages.rarfile: use free libarchive by default. `unrar` is a non-free package, so it should only be used on request. rarfile can use the rar-mode of `libarchive` instead, which should work well enough for most cases. Commit: 3488c65b2b02349276c87ae858ece19111f772aa https://github.com/NixOS/nixpkgs/commit/3488c65b2b02349276c87ae858ece19111f772aa Author: Frederik Rietdijk Date: 2017-05-31 (Wed, 31 May 2017) Changed paths: M pkgs/development/python-modules/rarfile/default.nix M pkgs/top-level/python-packages.nix Log Message: --- Merge pull request #26268 from Profpatsch/rarfile-unrar-libarchive pythonPackages.rarfile: use free libarchive by default. Compare: https://github.com/NixOS/nixpkgs/compare/98d584c8d935...3488c65b2b02___ nix-commits mailing list nix-comm...@lists.science.uu.nl https://mailman.science.uu.nl/mailman/listinfo/nix-commits
[Nix-commits] [NixOS/nixpkgs]
Branch: refs/heads/revert-26251-hidapi Home: https://github.com/NixOS/nixpkgs ___ nix-commits mailing list nix-comm...@lists.science.uu.nl https://mailman.science.uu.nl/mailman/listinfo/nix-commits
[Nix-commits] [NixOS/nixpkgs] 62dbc7: Revert "fix electrum dependencies"
Branch: refs/heads/master Home: https://github.com/NixOS/nixpkgs Commit: 62dbc738c570a3583e714cd48b389b4f4a130872 https://github.com/NixOS/nixpkgs/commit/62dbc738c570a3583e714cd48b389b4f4a130872 Author: Frederik RietdijkDate: 2017-05-31 (Wed, 31 May 2017) Changed paths: R pkgs/development/python-modules/ecpy.nix R pkgs/development/python-modules/ed25519.nix R pkgs/development/python-modules/hidapi.nix R pkgs/development/python-modules/keepkey.nix R pkgs/development/python-modules/ledgerblue.nix R pkgs/development/python-modules/libagent.nix R pkgs/development/python-modules/semver.nix M pkgs/development/python-modules/trezor.nix M pkgs/top-level/python-packages.nix Log Message: --- Revert "fix electrum dependencies" Commit: 98d584c8d9355a0e218e102365742d5d37d2e075 https://github.com/NixOS/nixpkgs/commit/98d584c8d9355a0e218e102365742d5d37d2e075 Author: Frederik Rietdijk Date: 2017-05-31 (Wed, 31 May 2017) Changed paths: R pkgs/development/python-modules/ecpy.nix R pkgs/development/python-modules/ed25519.nix R pkgs/development/python-modules/hidapi.nix R pkgs/development/python-modules/keepkey.nix R pkgs/development/python-modules/ledgerblue.nix R pkgs/development/python-modules/libagent.nix R pkgs/development/python-modules/semver.nix M pkgs/development/python-modules/trezor.nix M pkgs/top-level/python-packages.nix Log Message: --- Merge pull request #26270 from NixOS/revert-26251-hidapi Revert "fix electrum dependencies" Compare: https://github.com/NixOS/nixpkgs/compare/d4aecb35bd25...98d584c8d935___ nix-commits mailing list nix-comm...@lists.science.uu.nl https://mailman.science.uu.nl/mailman/listinfo/nix-commits
Re: [Nix-dev] Polkit action files installed via nix-env don't appear to be recognised by Polkit/Pkexec/Pkaction
On 31 May 2017 at 07:44, Roger Qiuwrote: > Hi all, > > Normally a polkit action file on a non-NixOS system would be installed in > /usr/share/polkit-1/actions. On NixOS this location is instead at > /run/current-system/sw/share/polkit-1/actions. The action files stored here > are recognised by polkit, which can be demonstrated by running `pkaction`, > this results in showing the titles of each action id. > > However some packages may supply action files, and are installed via > nix-env. The action files in this case are instead stored in > ~/.nix-profile/share/polkit-1/actions. My tests show that these action files > are not being recognised by polkit. Running pkaction does not show any > package the action files that are inside ~/.nix-profile/... > > Is there a work around here? > > Browsing the polkit docs doesn't mention anything about looking up > user-specific action files, they all just say action files are to be at > /usr/share/polkit-1/actions. If polkit only looks up 1 location, then should > nix-env be symlinking action files into > /run/current/system/sw/share/polkit-1/actions? Wouldn't that mean unprivileged users are allowed to raise their own permissions? (That doesn't sound like a good idea.) Best regards, Bjørn Forsman ___ nix-dev mailing list nix-dev@lists.science.uu.nl https://mailman.science.uu.nl/mailman/listinfo/nix-dev
[Nix-commits] [NixOS/nixpkgs] 62dbc7: Revert "fix electrum dependencies"
Branch: refs/heads/revert-26251-hidapi Home: https://github.com/NixOS/nixpkgs Commit: 62dbc738c570a3583e714cd48b389b4f4a130872 https://github.com/NixOS/nixpkgs/commit/62dbc738c570a3583e714cd48b389b4f4a130872 Author: Frederik RietdijkDate: 2017-05-31 (Wed, 31 May 2017) Changed paths: R pkgs/development/python-modules/ecpy.nix R pkgs/development/python-modules/ed25519.nix R pkgs/development/python-modules/hidapi.nix R pkgs/development/python-modules/keepkey.nix R pkgs/development/python-modules/ledgerblue.nix R pkgs/development/python-modules/libagent.nix R pkgs/development/python-modules/semver.nix M pkgs/development/python-modules/trezor.nix M pkgs/top-level/python-packages.nix Log Message: --- Revert "fix electrum dependencies" ___ nix-commits mailing list nix-comm...@lists.science.uu.nl https://mailman.science.uu.nl/mailman/listinfo/nix-commits
[Nix-commits] [NixOS/nixpkgs] 9cf5b9: haskell-modules: refactor package set
Branch: refs/heads/release-17.03 Home: https://github.com/NixOS/nixpkgs Commit: 9cf5b90374395d61357b89327a92eebcf0f8476c https://github.com/NixOS/nixpkgs/commit/9cf5b90374395d61357b89327a92eebcf0f8476c Author: Jacob MitchellDate: 2017-05-30 (Tue, 30 May 2017) Changed paths: M pkgs/development/haskell-modules/default.nix Log Message: --- haskell-modules: refactor package set This change is effectively a no-op to nixpkgs. However, it gives users the flexibility to create and maintain their own package sets per project, while benefiting from nix's Haskell configurations. I would make immediate use of this change in stack2nix, a project that generates nix expressions for all the dependencies of a given Haskell project. @domenkozar is familiar with the motivations and helped refine this change (cherry picked from commit ed6ecacf6430e4331b2b56a4324c2e6d349bd30b) Reason: enable faster builds for current users of the stack2nix project. Commit: 21a8239452adae3a4717772f4e490575586b2755 https://github.com/NixOS/nixpkgs/commit/21a8239452adae3a4717772f4e490575586b2755 Author: Domen Kožar Date: 2017-05-31 (Wed, 31 May 2017) Changed paths: M pkgs/development/haskell-modules/default.nix Log Message: --- Merge pull request #26267 from jmitchell/fix/haskell-modules-refactoring haskell-modules: refactor package set Compare: https://github.com/NixOS/nixpkgs/compare/083b2c89d469...21a8239452ad___ nix-commits mailing list nix-comm...@lists.science.uu.nl https://mailman.science.uu.nl/mailman/listinfo/nix-commits
[Nix-commits] [NixOS/nixpkgs] 91a56e: pythonPackages.hidapi: 0.7.99.post15 -> 0.7.99.pos...
Branch: refs/heads/master Home: https://github.com/NixOS/nixpkgs Commit: 91a56e1be0f0f84b7bbcac39b4636011911f3ed6 https://github.com/NixOS/nixpkgs/commit/91a56e1be0f0f84b7bbcac39b4636011911f3ed6 Author: rnhmjojDate: 2017-05-30 (Tue, 30 May 2017) Changed paths: M pkgs/top-level/python-packages.nix Log Message: --- pythonPackages.hidapi: 0.7.99.post15 -> 0.7.99.post20 Commit: 26fbe2634545608f39e0db96476c0c9973928cfd https://github.com/NixOS/nixpkgs/commit/26fbe2634545608f39e0db96476c0c9973928cfd Author: rnhmjoj Date: 2017-05-30 (Tue, 30 May 2017) Changed paths: M pkgs/top-level/python-packages.nix Log Message: --- pythonPackages.libagent: init at 0.9.1 Commit: fe98f01da352fe09b6df11797941d4c6439d7e05 https://github.com/NixOS/nixpkgs/commit/fe98f01da352fe09b6df11797941d4c6439d7e05 Author: rnhmjoj Date: 2017-05-30 (Tue, 30 May 2017) Changed paths: M pkgs/top-level/python-packages.nix Log Message: --- pythonPackages.trezor_agent: 0.7.0 -> 0.9.1 Commit: b2a8b7df59225edadb64e5376a4517ef44b34400 https://github.com/NixOS/nixpkgs/commit/b2a8b7df59225edadb64e5376a4517ef44b34400 Author: rnhmjoj Date: 2017-05-30 (Tue, 30 May 2017) Changed paths: M pkgs/top-level/python-packages.nix Log Message: --- pythonPackages.keepkey: fix impossible constraint Commit: 0db82856898d3828a3eb0370dd4ba0428146828b https://github.com/NixOS/nixpkgs/commit/0db82856898d3828a3eb0370dd4ba0428146828b Author: rnhmjoj Date: 2017-05-30 (Tue, 30 May 2017) Changed paths: M pkgs/top-level/python-packages.nix Log Message: --- pythonPackages.ecpy: init at 0.8.1 Commit: 3f9b6ddbf52386259b09d1697c1637b635463e96 https://github.com/NixOS/nixpkgs/commit/3f9b6ddbf52386259b09d1697c1637b635463e96 Author: rnhmjoj Date: 2017-05-30 (Tue, 30 May 2017) Changed paths: M pkgs/top-level/python-packages.nix Log Message: --- pythonPackages.ledgerblue: init at 0.1.13 Commit: e73f9953af03f9cbc3878108ea44197fecb9d488 https://github.com/NixOS/nixpkgs/commit/e73f9953af03f9cbc3878108ea44197fecb9d488 Author: rnhmjoj Date: 2017-05-30 (Tue, 30 May 2017) Changed paths: A pkgs/development/python-modules/ecpy.nix A pkgs/development/python-modules/ed25519.nix A pkgs/development/python-modules/hidapi.nix A pkgs/development/python-modules/keepkey.nix A pkgs/development/python-modules/ledgerblue.nix A pkgs/development/python-modules/libagent.nix A pkgs/development/python-modules/semver.nix M pkgs/development/python-modules/trezor.nix M pkgs/top-level/python-packages.nix Log Message: --- move libraries to pkgs/development/python-modules Commit: d4aecb35bd252ac948a397dfb9b34bffa8f8f3d0 https://github.com/NixOS/nixpkgs/commit/d4aecb35bd252ac948a397dfb9b34bffa8f8f3d0 Author: Frederik Rietdijk Date: 2017-05-31 (Wed, 31 May 2017) Changed paths: A pkgs/development/python-modules/ecpy.nix A pkgs/development/python-modules/ed25519.nix A pkgs/development/python-modules/hidapi.nix A pkgs/development/python-modules/keepkey.nix A pkgs/development/python-modules/ledgerblue.nix A pkgs/development/python-modules/libagent.nix A pkgs/development/python-modules/semver.nix M pkgs/development/python-modules/trezor.nix M pkgs/top-level/python-packages.nix Log Message: --- Merge pull request #26251 from rnhmjoj/hidapi fix electrum dependencies Compare: https://github.com/NixOS/nixpkgs/compare/4e376cce7ecc...d4aecb35bd25___ nix-commits mailing list nix-comm...@lists.science.uu.nl https://mailman.science.uu.nl/mailman/listinfo/nix-commits