diff options
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/default.nix | 3 | ||||
| -rw-r--r-- | lib/deprecated.nix | 2 | ||||
| -rw-r--r-- | lib/licenses.nix | 5 | ||||
| -rw-r--r-- | lib/maintainers.nix | 12 | ||||
| -rw-r--r-- | lib/sandbox.nix | 47 | ||||
| -rw-r--r-- | lib/strings.nix | 8 | ||||
| -rw-r--r-- | lib/tests.nix | 22 | ||||
| -rw-r--r-- | lib/trivial.nix | 42 |
8 files changed, 131 insertions, 10 deletions
diff --git a/lib/default.nix b/lib/default.nix index cd0d8161c8cb..32ac0c58af6c 100644 --- a/lib/default.nix +++ b/lib/default.nix @@ -17,10 +17,11 @@ let systems = import ./systems.nix; customisation = import ./customisation.nix; licenses = import ./licenses.nix; + sandbox = import ./sandbox.nix; in { inherit trivial lists strings stringsWithDeps attrsets sources options - modules types meta debug maintainers licenses platforms systems; + modules types meta debug maintainers licenses platforms systems sandbox; } # !!! don't include everything at top-level; perhaps only the most # commonly used functions. diff --git a/lib/deprecated.nix b/lib/deprecated.nix index 3646f9e032a1..3729197f48bc 100644 --- a/lib/deprecated.nix +++ b/lib/deprecated.nix @@ -411,7 +411,7 @@ rec { nixType = x: if isAttrs x then if x ? outPath then "derivation" - else "aattrs" + else "attrs" else if isFunction x then "function" else if isList x then "list" else if x == true then "bool" diff --git a/lib/licenses.nix b/lib/licenses.nix index 107296089d0a..ebd7d56d7618 100644 --- a/lib/licenses.nix +++ b/lib/licenses.nix @@ -402,6 +402,11 @@ lib.mapAttrs (n: v: v // { shortName = n; }) rec { fullName = "TCL/TK License"; }; + ufl = { + fullName = "Ubuntu Font License 1.0"; + url = http://font.ubuntu.com/ufl/ubuntu-font-licence-1.0.txt; + }; + unfree = { fullName = "Unfree"; free = false; diff --git a/lib/maintainers.nix b/lib/maintainers.nix index cf275376145c..54e10e5cf8cb 100644 --- a/lib/maintainers.nix +++ b/lib/maintainers.nix @@ -96,6 +96,7 @@ enolan = "Echo Nolan <echo@echonolan.net>"; epitrochoid = "Mabry Cervin <mpcervin@uncg.edu>"; ericbmerritt = "Eric Merritt <eric@afiniate.com>"; + ericsagnes = "Eric Sagnes <eric.sagnes@gmail.com>"; erikryb = "Erik Rybakken <erik.rybakken@math.ntnu.no>"; ertes = "Ertugrul Söylemez <ertesx@gmx.de>"; exlevan = "Alexey Levan <exlevan@gmail.com>"; @@ -103,6 +104,7 @@ flosse = "Markus Kohlhase <mail@markus-kohlhase.de>"; fluffynukeit = "Daniel Austin <dan@fluffynukeit.com>"; forkk = "Andrew Okin <forkk@forkk.net>"; + fornever = "Friedrich von Never <friedrich@fornever.me>"; fpletz = "Franz Pletz <fpletz@fnordicwalking.de>"; fps = "Florian Paul Schmidt <mista.tapas@gmx.net>"; fridh = "Frederik Rietdijk <fridh@fridh.nl>"; @@ -172,6 +174,7 @@ lsix = "Lancelot SIX <lsix@lancelotsix.com>"; ludo = "Ludovic Courtès <ludo@gnu.org>"; lukego = "Luke Gorrie <luke@snabb.co>"; + lw = "Sergey Sofeychuk <lw@fmap.me>"; madjar = "Georges Dubus <georges.dubus@compiletoi.net>"; magnetophon = "Bart Brouns <bart@magnetophon.nl>"; mahe = "Matthias Herrmann <matthias.mh.herrmann@gmail.com>"; @@ -179,12 +182,14 @@ malyn = "Michael Alyn Miller <malyn@strangeGizmo.com>"; manveru = "Michael Fellinger <m.fellinger@gmail.com>"; marcweber = "Marc Weber <marco-oweber@gmx.de>"; + markWot = "Markus Wotringer <markus@wotringer.de"; maurer = "Matthew Maurer <matthew.r.maurer+nix@gmail.com>"; matejc = "Matej Cotman <cotman.matej@gmail.com>"; mathnerd314 = "Mathnerd314 <mathnerd314.gph+hs@gmail.com>"; matthiasbeyer = "Matthias Beyer <mail@beyermatthias.de>"; mbakke = "Marius Bakke <ymse@tuta.io>"; mbe = "Brandon Edens <brandonedens@gmail.com>"; + mcmtroffaes = "Matthias C. M. Troffaes <matthias.troffaes@gmail.com>"; meditans = "Carlo Nucera <meditans@gmail.com>"; meisternu = "Matt Miemiec <meister@krutt.org>"; michelk = "Michel Kuhlmann <michel@kuhlmanns.info>"; @@ -192,6 +197,7 @@ mirdhyn = "Merlin Gaillard <mirdhyn@gmail.com>"; mschristiansen = "Mikkel Christiansen <mikkel@rheosystems.com>"; modulistic = "Pablo Costa <modulistic@gmail.com>"; + mog = "Matthew O'Gorman <mog-lists@rldn.net>"; mornfall = "Petr Ročkai <me@mornfall.net>"; MP2E = "Cray Elliott <MP2E@archlinux.us>"; msackman = "Matthew Sackman <matthew@wellquite.org>"; @@ -227,6 +233,7 @@ pjones = "Peter Jones <pjones@devalot.com>"; pkmx = "Chih-Mao Chen <pkmx.tw@gmail.com>"; plcplc = "Philip Lykke Carlsen <plcplc@gmail.com>"; + Phlogistique = "Noé Rubinstein <noe.rubinstein@gmail.com>"; pmahoney = "Patrick Mahoney <pat@polycrystal.org>"; pmiddend = "Philipp Middendorf <pmidden@secure.mailbox.org>"; prikhi = "Pavan Rikhi <pavan.rikhi@gmail.com>"; @@ -242,14 +249,17 @@ renzo = "Renzo Carbonara <renzocarbonara@gmail.com>"; rick68 = "Wei-Ming Yang <rick68@gmail.com>"; rickynils = "Rickard Nilsson <rickynils@gmail.com>"; + rnhmjoj = "Michele Guerini Rocco <micheleguerinirocco@me.com>"; rob = "Rob Vermaas <rob.vermaas@gmail.com>"; robberer = "Longrin Wischnewski <robberer@freakmail.de>"; robbinch = "Robbin C. <robbinch33@gmail.com>"; + robgssp = "Rob Glossop <robgssp@gmail.com>"; roconnor = "Russell O'Connor <roconnor@theorem.ca>"; roelof = "Roelof Wobben <rwobben@hotmail.com>"; romildo = "José Romildo Malaquias <malaquias@gmail.com>"; rszibele = "Richard Szibele <richard_szibele@hotmail.com>"; rushmorem = "Rushmore Mushambi <rushmore@webenchanter.com>"; + rvl = "Rodney Lorrimar <dev+nix@rodney.id.au>"; rycee = "Robert Helgesson <robert@rycee.net>"; samuelrivas = "Samuel Rivas <samuelrivas@gmail.com>"; sander = "Sander van der Burg <s.vanderburg@tudelft.nl>"; @@ -263,6 +273,7 @@ simonvandel = "Simon Vandel Sillesen <simon.vandel@gmail.com>"; sjagoe = "Simon Jagoe <simon@simonjagoe.com>"; sjmackenzie = "Stewart Mackenzie <setori88@gmail.com>"; + sjourdois = "Stéphane ‘kwisatz’ Jourdois <sjourdois@gmail.com>"; skeidel = "Sven Keidel <svenkeidel@gmail.com>"; smironov = "Sergey Mironov <ierton@gmail.com>"; spacefrogg = "Michael Raitza <spacefrogg-nixos@meterriblecrew.net>"; @@ -281,6 +292,7 @@ theuni = "Christian Theune <ct@flyingcircus.io>"; thoughtpolice = "Austin Seipp <aseipp@pobox.com>"; titanous = "Jonathan Rudenberg <jonathan@titanous.com>"; + tohl = "Tomas Hlavaty <tom@logand.com>"; tokudan = "Daniel Frank <git@danielfrank.net>"; tomberek = "Thomas Bereknyei <tomberek@gmail.com>"; travisbhartwell = "Travis B. Hartwell <nafai@travishartwell.net>"; diff --git a/lib/sandbox.nix b/lib/sandbox.nix new file mode 100644 index 000000000000..414bf36f779f --- /dev/null +++ b/lib/sandbox.nix @@ -0,0 +1,47 @@ +with import ./strings.nix; + +/* Helpers for creating lisp S-exprs for the Apple sandbox + +lib.sandbox.allowFileRead [ "/usr/bin/file" ]; + # => "(allow file-read* (literal \"/usr/bin/file\"))"; + +lib.sandbox.allowFileRead { + literal = [ "/usr/bin/file" ]; + subpath = [ "/usr/lib/system" ]; +} + # => "(allow file-read* (literal \"/usr/bin/file\") (subpath \"/usr/lib/system\"))" +*/ + +let + +sexp = tokens: "(" + builtins.concatStringsSep " " tokens + ")"; +generateFileList = files: + if builtins.isList files + then concatMapStringsSep " " (x: sexp [ "literal" ''"${x}"'' ]) files + else if builtins.isString files + then generateFileList [ files ] + else concatStringsSep " " ( + (map (x: sexp [ "literal" ''"${x}"'' ]) (files.literal or [])) ++ + (map (x: sexp [ "subpath" ''"${x}"'' ]) (files.subpath or [])) + ); +applyToFiles = f: act: files: f "${act} ${generateFileList files}"; +genActions = actionName: let + action = feature: sexp [ actionName feature ]; + self = { + "${actionName}" = action; + "${actionName}File" = applyToFiles action "file*"; + "${actionName}FileRead" = applyToFiles action "file-read*"; + "${actionName}FileReadMetadata" = applyToFiles action "file-read-metadata"; + "${actionName}DirectoryList" = self."${actionName}FileReadMetadata"; + "${actionName}FileWrite" = applyToFiles action "file-write*"; + "${actionName}FileWriteMetadata" = applyToFiles action "file-write-metadata"; + }; + in self; + +in + +genActions "allow" // genActions "deny" // { + importProfile = derivation: '' + (import "${derivation}") + ''; +} diff --git a/lib/strings.nix b/lib/strings.nix index e72bdc6d968c..bf6cbd2cbfa8 100644 --- a/lib/strings.nix +++ b/lib/strings.nix @@ -223,4 +223,12 @@ rec { # Check whether a value is a store path. isStorePath = x: builtins.substring 0 1 (toString x) == "/" && dirOf (builtins.toPath x) == builtins.storeDir; + # Convert string to int + # Obviously, it is a bit hacky to use fromJSON that way. + toInt = str: + let may_be_int = builtins.fromJSON str; in + if builtins.isInt may_be_int + then may_be_int + else throw "Could not convert ${str} to int."; + } diff --git a/lib/tests.nix b/lib/tests.nix index 298bdffc3790..1fb2cbf5b536 100644 --- a/lib/tests.nix +++ b/lib/tests.nix @@ -7,7 +7,7 @@ runTests { expr = id 1; expected = 1; }; - + testConst = { expr = const 2 3; expected = 2; @@ -19,12 +19,12 @@ runTests { expected = true; }; */ - + testAnd = { expr = and true false; expected = false; }; - + testFix = { expr = fix (x: {a = if x ? a then "a" else "b";}); expected = {a = "a";}; @@ -67,7 +67,7 @@ runTests { }; testOverridableDelayableArgsTest = { - expr = + expr = let res1 = defaultOverridableDelayableArgs id {}; res2 = defaultOverridableDelayableArgs id { a = 7; }; res3 = let x = defaultOverridableDelayableArgs id { a = 7; }; @@ -87,7 +87,7 @@ runTests { in (x2.replace) { a = 10; }; # and override the value by 10 # fixed tests (delayed args): (when using them add some comments, please) - resFixed1 = + resFixed1 = let x = defaultOverridableDelayableArgs id ( x : { a = 7; c = x.fixed.b; }); y = x.merge (x : { name = "name-${builtins.toString x.fixed.c}"; }); in (y.merge) { b = 10; }; @@ -109,5 +109,15 @@ runTests { expr = sort builtins.lessThan [ 40 2 30 42 ]; expected = [2 30 40 42]; }; - + + testToIntShouldConvertStringToInt = { + expr = toInt "27"; + expected = 27; + }; + + testToIntShouldThrowErrorIfItCouldNotConvertToInt = { + expr = builtins.tryEval (toInt "\"foo\""); + expected = { success = false; value = false; }; + }; + } diff --git a/lib/trivial.nix b/lib/trivial.nix index 9fd5a7e1c57c..cda8aa08a205 100644 --- a/lib/trivial.nix +++ b/lib/trivial.nix @@ -12,8 +12,46 @@ rec { and = x: y: x && y; mergeAttrs = x: y: x // y; - # Take a function and evaluate it with its own returned value. - fix = f: let result = f result; in result; + # Compute the fixed point of the given function `f`, which is usually an + # attribute set that expects its final, non-recursive representation as an + # argument: + # + # f = self: { foo = "foo"; bar = "bar"; foobar = self.foo + self.bar; } + # + # Nix evaluates this recursion until all references to `self` have been + # resolved. At that point, the final result is returned and `f x = x` holds: + # + # nix-repl> fix f + # { bar = "bar"; foo = "foo"; foobar = "foobar"; } + # + # See https://en.wikipedia.org/wiki/Fixed-point_combinator for further + # details. + fix = f: let x = f x; in x; + + # A variant of `fix` that records the original recursive attribute set in the + # result. This is useful in combination with the `extends` function to + # implement deep overriding. See pkgs/development/haskell-modules/default.nix + # for a concrete example. + fix' = f: let x = f x // { __unfix__ = f; }; in x; + + # Modify the contents of an explicitly recursive attribute set in a way that + # honors `self`-references. This is accomplished with a function + # + # g = self: super: { foo = super.foo + " + "; } + # + # that has access to the unmodified input (`super`) as well as the final + # non-recursive representation of the attribute set (`self`). `extends` + # differs from the native `//` operator insofar as that it's applied *before* + # references to `self` are resolved: + # + # nix-repl> fix (extends g f) + # { bar = "bar"; foo = "foo + "; foobar = "foo + bar"; } + # + # The name of the function is inspired by object-oriented inheritance, i.e. + # think of it as an infix operator `g extends f` that mimics the syntax from + # Java. It may seem counter-intuitive to have the "base class" as the second + # argument, but it's nice this way if several uses of `extends` are cascaded. + extends = f: rattrs: self: let super = rattrs self; in super // f self super; # Flip the order of the arguments of a binary function. flip = f: a: b: f b a; |