| Commit message (Collapse) | Author | Age |
| |
|
| |
|
| |
|
| |
|
|\ |
|
| | |
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| | |
- CryptX: 0.036 -> 0.037
- DBIxClass: 0.082821 -> 0.082840
- MathBigInt: 1.999723 -> 1.999724
- Moo: 2.001001 -> 2.002002
- MooseXGetopt: 0.70 -> 0.71
|
|\ \
| | |
| | | |
graylog: 2.0.2 -> 2.0.3
|
| | | |
|
|\ \ \
| |/ /
|/| | |
trojita: init at 0.7
|
| | | |
|
|\ \ \
| | | |
| | | | |
INGInious: provide a NixOS module
|
| | | | |
|
| | | | |
|
| | | | |
|
|\ \ \ \
| | | | |
| | | | | |
lib: Make escapeShellArg more robust
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Quoting various characters that the shell *may* interpret specially is a
very fragile thing to do.
I've used something more robust all over the place in various Nix
expression I've written just because I didn't trust escapeShellArg.
Here is a proof of concept showing that I was indeed right in
distrusting escapeShellArg:
with import <nixpkgs> {};
let
payload = runCommand "payload" {} ''
# \x00 is not allowed for Nix strings, so let's begin at 1
for i in $(seq 1 255); do
echo -en "\\x$(printf %02x $i)"
done > "$out"
'';
escapers = with lib; {
current = escapeShellArg;
better = arg: let
backslashEscapes = stringToCharacters "\"\\ ';$`()|<>\r\t*[]&!~#";
search = backslashEscapes ++ [ "\n" ];
replace = map (c: "\\${c}") backslashEscapes ++ [ "'\n'" ];
in replaceStrings search replace (toString arg);
best = arg: "'${replaceStrings ["'"] ["'\\''"] (toString arg)}'";
};
testWith = escaper: let
escaped = escaper (builtins.readFile payload);
in runCommand "test" {} ''
if ! r="$(bash -c ${escapers.best "echo -nE ${escaped}"} 2> /dev/null)"
then
echo bash eval error > "$out"
exit 0
fi
if echo -n "$r" | cmp -s "${payload}"; then
echo success > "$out"
else
echo failed > "$out"
fi
'';
in runCommand "results" {} ''
echo "Test results:"
${lib.concatStrings (lib.mapAttrsToList (name: impl: ''
echo " ${name}: $(< "${testWith impl}")"
'') escapers)}
exit 1
''
The resulting output is the following:
Test results:
best: success
better: success
current: bash eval error
I did the "better" implementation just to illustrate that the method of
quoting only "harmful" characters results in madness in terms of
implementation and performance.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Cc: @edolstra, @zimbatm
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
A shell script for extracting revision information useful in
release/build scripting from repositories.
|
|\ \ \ \ \
| | | | | |
| | | | | | |
wolfssl: 3.9.0 -> 3.9.6, split package
|
| | | | | | |
|
|\ \ \ \ \ \
| | | | | | |
| | | | | | | |
top-level: builtins.toPath no longer needed
|
| | | | | | | |
|
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Signed-off-by: Edward Tjörnhammar <ed@cflags.cc>
|
|\ \ \ \ \ \ \
| | | | | | | |
| | | | | | | | |
Update several python packages
|
| | | | | | | | |
|
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Also removing twisted test to avoid pulling in twisted just for one
test case.
|
| | | | | | | | |
|
| | | | | | | | |
|
| | | | | | | | |
|
| | | | | | | | |
|
|\ \ \ \ \ \ \ \
| | | | | | | | |
| | | | | | | | | |
matrix-synapse: 0.14 -> 0.16
|
| | | | | | | | | |
|
| | | | | | | | | |
|
|\ \ \ \ \ \ \ \ \
| | | | | | | | | |
| | | | | | | | | | |
Theano-cuda: init at 0.8.2
|
| | | | | | | | | | |
|
| | | | | | | | | | |
|
| | | | | | | | | | |
|
| | | | | | | | | | |
|
| | | | | | | | | | |
|
|\ \ \ \ \ \ \ \ \ \
| | | | | | | | | | |
| | | | | | | | | | | |
Remove misc dead code
|
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | | |
Superseded by `/pkgs/development/haskell-modules/with-packages-wrapper.nix`
|
| | | | | | | | | | | |
|
| | |_|_|/ / / / / /
| |/| | | | | | | | |
|
| |_|_|_|/ / / / /
|/| | | | | | | |
| | | | | | | | |
| | | | | | | | | |
Signed-off-by: Edward Tjörnhammar <ed@cflags.cc>
|
| | | | | | | | | |
|
|\ \ \ \ \ \ \ \ \
| | | | | | | | | |
| | | | | | | | | | |
screen: 4.3.1 -> 4.4.0
|
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
Removed the patches which were specific to 4.3, and redundant configure flags
The darwin specific utmp patch seems to have been accepted too, with
`u->ut_time = now` the default.
|
|\ \ \ \ \ \ \ \ \ \
| | | | | | | | | | |
| | | | | | | | | | | |
factorio: Bump to 0.12.35
|
| | | | | | | | | | | |
|