Nix commit
787469c7b66aec12ab6847e7db2cdc8aef5c325e removed
<nix/unpack-channel.nix>, preferring to stuff its contents into the nix
binary & write it out to a temp file to use it.
Pinch unpacks channels. So to retain access to unpack-channel.nix,
pinch pinned its nix dependency to nix 2.3.
This is no longer viable. The 2.3 branch is no longer maintained.
It now has known security vulnerabilities, noted in knownVulnerabilities
(which causes it to refuse to build).
So now pinch does it the same way as nix, holding its own little
unpack-channel.nix and writing it out to a temp file to use it.
This lets us go back to not caring about the version of the nix
dependency.
## [Unreleased]
+- Stop using ancient nix_2_3
## [3.1.0] - 2024-06-29
checkPhase = "./test.sh";
};
-in pkgs.python3Packages.callPackage ({ lib, buildPythonPackage, nix_2_3, git
+in pkgs.python3Packages.callPackage ({ lib, buildPythonPackage, nix, git
, autopep8, makeWrapper, mypy, pylint, git-cache, }:
buildPythonPackage rec {
pname = "pinch";
src = lib.cleanSource ./.;
buildInputs = [ makeWrapper ];
propagatedBuildInputs = [ git-cache ];
- "${checkInputsName}" = [ nix_2_3 git mypy ]
+ "${checkInputsName}" = [ nix git mypy ]
++ lib.optionals lint [ autopep8 pylint ];
postInstall = ''
- wrapProgram "$out/bin/pinch" --prefix PATH : ${nix_2_3}/bin
+ wrapProgram "$out/bin/pinch" --prefix PATH : ${nix}/bin
'';
doCheck = true;
checkPhase = "./test.sh";
git-cache =
pkgs.python3Packages.git-cache or (pkgs.python3Packages.callPackage
git-cache-fallback { });
- nix_2_3 = pkgs.nix_2_3 or pkgs.nix;
}
assert isinstance(sp, AliasSearchPath) # For mypy
exprs[section] = exprs[sp.alias_of]
- command = [
- 'nix-env',
- '--profile',
- args.profile,
- '--show-trace',
- '--file',
- '<nix/unpack-channel.nix>',
- '--install',
- '--remove-all',
- ] + search_paths + ['--from-expression'] + [
- exprs[name] % name for name in sorted(exprs.keys())]
- if args.dry_run:
- print(' '.join(map(shlex.quote, command)))
- else:
- v.status('Installing channels with nix-env')
- process = subprocess.run(command)
- v.result(process.returncode == 0)
+ with tempfile.NamedTemporaryFile() as unpack_channel_nix:
+ unpack_channel_nix.write(b'''
+ { name, channelName, src, }:
+ derivation {
+ inherit name channelName src;
+ builder = "builtin:unpack-channel";
+ system = "builtin";
+ preferLocalBuild = true;
+ }
+ ''')
+ unpack_channel_nix.flush()
+
+ command = [
+ 'nix-env',
+ '--profile',
+ args.profile,
+ '--show-trace',
+ '--file',
+ unpack_channel_nix.name,
+ '--install',
+ '--remove-all',
+ ] + search_paths + ['--from-expression'] + [
+ exprs[name] % name for name in sorted(exprs.keys())]
+ if args.dry_run:
+ print(' '.join(map(shlex.quote, command)))
+ else:
+ v.status('Installing channels with nix-env')
+ process = subprocess.run(command)
+ v.result(process.returncode == 0)
def main() -> None:
actual_env_command=`python3 ./pinch.py update --dry-run "$conf"`
-expected_env_command_RE='^nix-env --profile /nix/var/nix/profiles/per-user/[^/]+/channels --show-trace --file '\''<nix/unpack-channel.nix>'\'' --install --remove-all (-I pinch_profile=/nix/var/nix/profiles/per-user/[^/]+/channels -I pinch_profile_manifest=/nix/store/.{32}-env-manifest.nix )?-I pinch_tarball_for_(repo-[0-9]{10}-[0-9a-f]{11})=('"$NIX_STORE_DIR"'/.{32}-\2.tar.xz) --from-expression '\''f: f \{ name = "\2"; channelName = "bar"; src = builtins.storePath "\3"; \}'\'' '\''f: f \{ name = "\2"; channelName = "foo"; src = builtins.storePath "\3"; \}'\''$'
+expected_env_command_RE='^nix-env --profile /nix/var/nix/profiles/per-user/[^/]+/channels --show-trace --file [^ ]+ --install --remove-all (-I pinch_profile=/nix/var/nix/profiles/per-user/[^/]+/channels -I pinch_profile_manifest=/nix/store/.{32}-env-manifest.nix )?-I pinch_tarball_for_(repo-[0-9]{10}-[0-9a-f]{11})=('"$NIX_STORE_DIR"'/.{32}-\2.tar.xz) --from-expression '\''f: f \{ name = "\2"; channelName = "bar"; src = builtins.storePath "\3"; \}'\'' '\''f: f \{ name = "\2"; channelName = "foo"; src = builtins.storePath "\3"; \}'\''$'
if echo "$actual_env_command" | egrep "$expected_env_command_RE" > /dev/null;then
echo PASS
actual_env_command=`python3 ./pinch.py update --dry-run "$conf"`
-expected_env_command_RE='^nix-env --profile /nix/var/nix/profiles/per-user/[^/]+/channels --show-trace --file '\''<nix/unpack-channel.nix>'\'' --install --remove-all (-I pinch_profile=/nix/var/nix/profiles/per-user/[^/]+/channels -I pinch_profile_manifest=/nix/store/.{32}-env-manifest.nix )?-I pinch_tarball_for_(repo-[0-9]{10}-[0-9a-f]{11})=('"$NIX_STORE_DIR"'/.{32}-\2.tar.xz) --from-expression '\''f: f \{ name = "\2"; channelName = "foo"; src = builtins.storePath "\3"; \}'\''$'
+expected_env_command_RE='^nix-env --profile /nix/var/nix/profiles/per-user/[^/]+/channels --show-trace --file [^ ]+ --install --remove-all (-I pinch_profile=/nix/var/nix/profiles/per-user/[^/]+/channels -I pinch_profile_manifest=/nix/store/.{32}-env-manifest.nix )?-I pinch_tarball_for_(repo-[0-9]{10}-[0-9a-f]{11})=('"$NIX_STORE_DIR"'/.{32}-\2.tar.xz) --from-expression '\''f: f \{ name = "\2"; channelName = "foo"; src = builtins.storePath "\3"; \}'\''$'
if echo "$actual_env_command" | egrep "$expected_env_command_RE" > /dev/null;then
echo PASS
rm -rf "$conf2"
-expected_env_command_RE='^nix-env --profile /nix/var/nix/profiles/per-user/[^/]+/channels --show-trace --file '\''<nix/unpack-channel.nix>'\'' --install --remove-all (-I pinch_profile=/nix/var/nix/profiles/per-user/[^/]+/channels -I pinch_profile_manifest=/nix/store/.{32}-env-manifest.nix )?-I pinch_tarball_for_(repo-[0-9]{10}-[0-9a-f]{11})=('"$NIX_STORE_DIR"'/.{32}-\2.tar.xz) --from-expression '\''f: f \{ name = "\2"; channelName = "bar"; src = builtins.storePath "\3"; \}'\'' '\''f: f \{ name = "\2"; channelName = "foo"; src = builtins.storePath "\3"; \}'\''$'
+expected_env_command_RE='^nix-env --profile /nix/var/nix/profiles/per-user/[^/]+/channels --show-trace --file [^ ]+ --install --remove-all (-I pinch_profile=/nix/var/nix/profiles/per-user/[^/]+/channels -I pinch_profile_manifest=/nix/store/.{32}-env-manifest.nix )?-I pinch_tarball_for_(repo-[0-9]{10}-[0-9a-f]{11})=('"$NIX_STORE_DIR"'/.{32}-\2.tar.xz) --from-expression '\''f: f \{ name = "\2"; channelName = "bar"; src = builtins.storePath "\3"; \}'\'' '\''f: f \{ name = "\2"; channelName = "foo"; src = builtins.storePath "\3"; \}'\''$'
if echo "$actual_env_command" | egrep "$expected_env_command_RE" > /dev/null;then
echo PASS
actual_env_command=`python3 ./pinch.py update --dry-run "$conf"`
-expected_env_command_RE='^nix-env --profile /nix/var/nix/profiles/per-user/[^/]+/channels --show-trace --file '\''<nix/unpack-channel.nix>'\'' --install --remove-all (-I pinch_profile=/nix/var/nix/profiles/per-user/[^/]+/channels -I pinch_profile_manifest=/nix/store/.{32}-env-manifest.nix )?-I pinch_tarball_for_(repo-[0-9]{10}-[0-9a-f]{11})=('"$NIX_STORE_DIR"'/.{32}-\2.tar.xz) --from-expression '\''f: f \{ name = "\2"; channelName = "foo"; src = builtins.storePath "\3"; \}'\''$'
+expected_env_command_RE='^nix-env --profile /nix/var/nix/profiles/per-user/[^/]+/channels --show-trace --file [^ ]+ --install --remove-all (-I pinch_profile=/nix/var/nix/profiles/per-user/[^/]+/channels -I pinch_profile_manifest=/nix/store/.{32}-env-manifest.nix )?-I pinch_tarball_for_(repo-[0-9]{10}-[0-9a-f]{11})=('"$NIX_STORE_DIR"'/.{32}-\2.tar.xz) --from-expression '\''f: f \{ name = "\2"; channelName = "foo"; src = builtins.storePath "\3"; \}'\''$'
if echo "$actual_env_command" | egrep "$expected_env_command_RE" > /dev/null;then
echo PASS
actual_env_command=`python3 ./pinch.py update --dry-run --profile /path/to/profile "$conf"`
-expected_env_command_RE='^nix-env --profile /path/to/profile --show-trace --file '\''<nix/unpack-channel.nix>'\'' --install --remove-all -I pinch_tarball_for_(repo-[0-9]{10}-[0-9a-f]{11})=('"$NIX_STORE_DIR"'/.{32}-\1.tar.xz) --from-expression '\''f: f \{ name = "\1"; channelName = "foo"; src = builtins.storePath "\2"; \}'\''$'
+expected_env_command_RE='^nix-env --profile /path/to/profile --show-trace --file [^ ]+ --install --remove-all -I pinch_tarball_for_(repo-[0-9]{10}-[0-9a-f]{11})=('"$NIX_STORE_DIR"'/.{32}-\1.tar.xz) --from-expression '\''f: f \{ name = "\1"; channelName = "foo"; src = builtins.storePath "\2"; \}'\''$'
if echo "$actual_env_command" | egrep "$expected_env_command_RE" > /dev/null;then
echo PASS
actual_env_command=`python3 ./pinch.py update --dry-run "$conf"`
-expected_env_command_RE='^nix-env --profile /nix/var/nix/profiles/per-user/[^/]+/channels --show-trace --file '\''<nix/unpack-channel.nix>'\'' --install --remove-all (-I pinch_profile=/nix/var/nix/profiles/per-user/[^/]+/channels -I pinch_profile_manifest=/nix/store/.{32}-env-manifest.nix )?-I pinch_tarball_for_link=('"$NIX_STORE_DIR"'/.{32}-link.tar.gz) -I pinch_tarball_for_(repo-[0-9]{10}-[0-9a-f]{11})=('"$NIX_STORE_DIR"'/.{32}-\3.tar.xz) --from-expression '\''f: f \{ name = "link"; channelName = "bar"; src = builtins.storePath "\2"; \}'\'' '\''f: f \{ name = "\3"; channelName = "foo"; src = builtins.storePath "\4"; \}'\''$'
+expected_env_command_RE='^nix-env --profile /nix/var/nix/profiles/per-user/[^/]+/channels --show-trace --file [^ ]+ --install --remove-all (-I pinch_profile=/nix/var/nix/profiles/per-user/[^/]+/channels -I pinch_profile_manifest=/nix/store/.{32}-env-manifest.nix )?-I pinch_tarball_for_link=('"$NIX_STORE_DIR"'/.{32}-link.tar.gz) -I pinch_tarball_for_(repo-[0-9]{10}-[0-9a-f]{11})=('"$NIX_STORE_DIR"'/.{32}-\3.tar.xz) --from-expression '\''f: f \{ name = "link"; channelName = "bar"; src = builtins.storePath "\2"; \}'\'' '\''f: f \{ name = "\3"; channelName = "foo"; src = builtins.storePath "\4"; \}'\''$'
if echo "$actual_env_command" | egrep "$expected_env_command_RE" > /dev/null;then
echo PASS
projects / pinch / commitdiff