New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add commit-lockfile-summary to flake nixConfig whitelist #8220
Add commit-lockfile-summary to flake nixConfig whitelist #8220
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Seems like a sensible setting to always accept.
git commit -m
does not seem unsafe.
Off-topic: the name is a bit weird, commit-lockfile-summary
. Don't we always commit the lockfile summary?
Usually, the lockfile is only staged not committed; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this is worth a drive-by improvement to presentation.
src/nix/flake.md
Outdated
whitelisted options (currently `bash-prompt`, `bash-prompt-prefix`, | ||
`bash-prompt-suffix`, and `flake-registry`) are allowed to be set without | ||
confirmation so long as `accept-flake-config` is not set in the global | ||
configuration. | ||
`bash-prompt-suffix`, `flake-registry`, and `commit-lockfile-summary`) | ||
are allowed to be set without confirmation so long as `accept-flake-config` | ||
is not set in the global configuration. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Given this is a substantial list now, it makes sense to present it as such. It also reveals that the sentence is a bit clumsy and should be reworded:
whitelisted options (currently `bash-prompt`, `bash-prompt-prefix`, | |
`bash-prompt-suffix`, and `flake-registry`) are allowed to be set without | |
confirmation so long as `accept-flake-config` is not set in the global | |
configuration. | |
`bash-prompt-suffix`, `flake-registry`, and `commit-lockfile-summary`) | |
are allowed to be set without confirmation so long as `accept-flake-config` | |
is not set in the global configuration. | |
set of options is allowed to be set without confirmation so long as [`accept-flake-config`](@docroot@/command-ref/conf-file.md#conf-accept-flake-config) is not enabled in the global configuration: | |
- [`bash-prompt`](@docroot@/command-ref/conf-file.md##conf-bash-prompt) | |
- [`bash-prompt-prefix`](@docroot@/command-ref/conf-file.md#conf-bash-prompt-prefix) | |
- [`bash-prompt-suffix`](@docroot@/command-ref/conf-file.md#conf-bash-prompt-suffix) | |
- [`flake-registry`](@docroot@/command-ref/conf-file.md#conf-flake-registry) | |
- [`commit-lockfile-summary`](@docroot@/command-ref/conf-file.md#commit-lockfile-summary) |
This should make those options much more discoverable.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can't commit in GitHub UI: "Applying suggestions on deleted lines is currently not supported."
Fixed two types and committed by hand.
This issue has been mentioned on NixOS Discourse. There might be relevant details there: https://discourse.nixos.org/t/tweag-nix-dev-update-47/27387/1 |
This pull request has been mentioned on NixOS Discourse. There might be relevant details there: https://discourse.nixos.org/t/this-month-in-nix-docs-2-april-2023/27899/1 |
Motivation
Git repos with flakes may have their own commit title conventions. In those cases, when using
nix flake update --commit-lock-file
, the user needs the commit-lockfile-summary nix option set to an appropriate commit title.Using
--commit-lock-file
rather than manually creating a commit is still desirable as it sets an useful commit description. In order to set this setting, a flake can set in in the flakesnixConfig
attribute. However, since this is not a whitelisted option, it will come up with a prompt or warning for most nix commands.Since this option only sets the commit title for
--commit-lock-file
, and setting it in a flake would only affect commits for that repo, it is safe to use. Therefore, it should be whitelisted to make setting it painless for flake authors.Context
Checklist for maintainers
Maintainers: tick if completed or explain if not relevant
tests/**.sh
src/*/tests
tests/nixos/*
Priorities
Add 👍 to pull requests you find important.