This was originally added in #4770 to support structured attrs in
`nix-shell` & `nix develop`: the issue was that it was somewhat awkward
to just write those files into a project directory, especially since
it'd break in case of multiple `nix-shell` invocations from the same
directory. Now the files are written to another, temporary
location when using `nix-shell`/`nix develop` and the correct path is
referenced by NIX_ATTRS_*_FILE.
In `nixpkgs`, it's now common to use these environment variables,
however we still fall back to checking to `.attrs.sh` & `.attrs.json`
since the minimum Nix version we support is 2.3.17[1] which doesn't have
this change.
This however makes implementing structured attrs support more
complicated than needed[2] and in fact we have a few places where the
check for `.attrs.sh`/`.attrs.json` isn't made, so these only break with
Nix 2.3[3].
The idea is now to
* get this into 2.3.18
* bump minver once again to 2.3.18 in nixpkgs
* remove all occurrences of `.attrs.sh`/`.attrs.json` from nixpkgs.
[1] f4bd97b8fa/lib/minver.nix
[2] https://github.com/NixOS/nixpkgs/pull/357053/files#diff-791a01ef89c157eb74d9c87ab8cbc3b81e2cf082cab70b8fec3472cd75ce860dR3-R5
[3] https://github.com/NixOS/nixpkgs/pull/357053#discussion_r1857362490
It is possible to exfiltrate a file descriptor out of the build sandbox
of FODs, and use it to modify the store path after it has been
registered.
To avoid that issue, don't register the output of the build, but a copy
of it (that will be free of any leaked file descriptor).
Otherwise the result of the printing can't be parsed back correctly by
Nix (because the unescaped `${` will be parsed as the begining of an
anti-quotation).
Fix#3989
(cherry picked from commit 250f8a4bba)
Without the change llvm build fails on this week's gcc-13 snapshot as:
src/libutil/json.cc: In function 'void nix::toJSON(std::ostream&, const char*, const char*)':
src/libutil/json.cc:33:22: error: 'uint16_t' was not declared in this scope
33 | put(hex[(uint16_t(*i) >> 12) & 0xf]);
| ^~~~~~~~
src/libutil/json.cc:5:1: note: 'uint16_t' is defined in header '<cstdint>'; did you forget to '#include <cstdint>'?
4 | #include <cstring>
+++ |+#include <cstdint>
5 |
(cherry picked from commit b36d5172cb)
At least on OpenBSD, tar(1) reads from /dev/rst0 not stdin by default
options must specififed consistently with or without dashes, not mixed.
Specify standard input explicitly to not rely on implementation details.
Use either option style consistently.
If there were many top-level goals (which are not destroyed until the
very end), commands like
$ nix copy --to 'ssh://localhost?remote-store=/tmp/nix' \
/run/current-system --no-check-sigs --substitute-on-destination
could fail with "Too many open files". So now we do some explicit
cleanup from amDone(). It would be cleaner to separate goals from
their temporary internal state, but that would be a bigger refactor.
Backport 8a29052cb2
