-
-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow use of path and filterSource in flakes #5163
Conversation
As filterSource and path perform work, add paths to allowedPaths.
I have made a simple repo to test I do not really know Nix codebase well, although the code looks good to me. The |
I think the problems in linked/mentioned issues/topics can be categorized into three: 1. Usage of
|
There are several motivating use-cases. One significant one is when developing an "internal flake" (ie: one where the flake.nix is in the same repo as the source code, and someone is probably using Both path and filterSource use the same underlying mechanism: Problem # 1Some of the issues with filterSource is why path was introduced. But i'm not clear on exactly which impurity you (@ilkecan) are talking about. The baseNameOf default is present in both, but path allows you to set it to remove that impurity. One possibility is to have the default for a directory to use something like "source" instead of baseNameOf? Problem # 2Likely the difference is between using a path and string-with-context, common idioms being:
Both use baseNameOf(path) by default. Both path and filterSource check if context is empty: Should this check also check if the context's paths are in state.allowedPaths rather than just checking if it is empty? (@edolstra ?) Problem # 3If this fixes it: 🎉 |
The impurity of # 2 is about not being able to filter a string with contexts in general. Nix complains since the flake input contains a context. That check might normally be necessary for other cases but I think we should be able to filter a nix input. Your idea to check |
Source filtering isn't possible right now, due to npmlock2nix reading the lock file. Follow up on how NixOS/nix#5163 will be resolved.
Source filtering isn't possible right now, due to npmlock2nix reading the lock file. Follow up on how NixOS/nix#5163 will be resolved.
Source filtering isn't possible right now, due to npmlock2nix reading the lock file. Follow up on how NixOS/nix#5163 will be resolved.
Even with this PR, trying to import a file accessed through This can be tested by doing
Expected error Note that
|
Thanks, I've merged this without the |
Using
builtins.filterSource
and/orbuiltins.path
inside of flakes doesn't quite work as expected at the moment. Is this fundamentally a bad idea? There are a few issues about this, but nothing conclusive. This patch allows it, but i have no idea if this is breaking some invariant.This part seems odd, but seems to be needed:
Discourse
Discourse2
Fixes #3732
Fixes #2538