doc: explain pull request template #28589
Conversation
doc/submitting-changes.xml
Outdated
| <literal>fetch*</literal> functions and files outside the Nix store. | ||
| Depending on the operating system access to other resources are blocked | ||
| as well (ex. inter process communication is isolated on Linux); see <link | ||
| xlink:href="https://nixos.org/nix/manual/#description-45">build-use-sandbox</link> |
There was a problem hiding this comment.
@other reviewer
Since both documents are in the same documentation, what is the right way to link them in docbook?
There was a problem hiding this comment.
I don't think you can because these are in separate documents. This is linking the nix manual, but this is in the nixpkgs manual. Someone that knows docbook better than me can correct me if I'm wrong here.
doc/submitting-changes.xml
Outdated
| maintainer to verify the functionality of the package. If there are | ||
| existing tests for the package, they should be ran to verify your changes | ||
| do not break the tests. Tests only apply to packages with NixOS modules | ||
| defined and can only be ran on NixOS. For more details on writing and |
There was a problem hiding this comment.
- can be only ran on NixOS
+ can be only ran on Linuxour tests are using qemu so they are not limited to NixOS.
doc/submitting-changes.xml
Outdated
| </para> | ||
| <para> | ||
| Depending if you use NixOS or other platforms you can use one of the | ||
| following methods to enable sandboxing: |
There was a problem hiding this comment.
what I forgot to add here is the following:
- following methods to enable sandboxing.
+ following methods to enable sandboxing <emphasis role="bold">before</emphasis> building the package.
doc/submitting-changes.xml
Outdated
| <itemizedlist> | ||
| <listitem> | ||
| <para><emphasis role="bold">Enable sandboxing for single build</emphasis>: | ||
| <screen>nix-shell -I nixpkgs=/path/to/nixpkgs --option build-use-sandbox true -p hello</screen> |
There was a problem hiding this comment.
append:
(replace <literal>hello</literal> with the package you want to build)
doc/submitting-changes.xml
Outdated
| <itemizedlist> | ||
| <listitem> | ||
| <para><emphasis role="bold">Enable sandboxing for single build</emphasis>: | ||
| <screen>nix-shell -I nixpkgs=/path/to/nixpkgs --option build-use-sandbox true -p hello</screen> |
There was a problem hiding this comment.
The way this is worded gives the impression that an ordinary user can control sandbox usage even if they are using the Nix daemon.
There was a problem hiding this comment.
Are options ignored, when nix-daemon is used? Then we should probably not mention this at all. Otherwise people, will fall into the trap.
There was a problem hiding this comment.
I agree it'd be better to leave this out, or at least add some caveats.
doc/submitting-changes.xml
Outdated
| Packages with automated tests are much more likely to be merged in a | ||
| timely fashion because it doesn't require as much manual testing by the | ||
| maintainer to verify the functionality of the package. If there are | ||
| existing tests for the package, they should be ran to verify your changes |
doc/submitting-changes.xml
Outdated
| maintainer to verify the functionality of the package. If there are | ||
| existing tests for the package, they should be ran to verify your changes | ||
| do not break the tests. Tests only apply to packages with NixOS modules | ||
| defined and can only be ran on NixOS. For more details on writing and |
disassembler
force-pushed
the
doc-pull-request-template
branch
from
8d67106
to
3b5e1e9
Compare
doc/submitting-changes.xml
Outdated
| Depending on the operating system access to other resources are blocked | ||
| as well (ex. inter process communication is isolated on Linux); see <link | ||
| xlink:href="https://nixos.org/nix/manual/#description-45">build-use-sandbox</link> | ||
| in nix manual for details. |
doc/submitting-changes.xml
Outdated
| for each build process. It is used to remove further hidden dependencies | ||
| set by the build environment to improve reproducibility. This includes | ||
| access to the network during the build outside of | ||
| <literal>fetch*</literal> functions and files outside the Nix store. |
There was a problem hiding this comment.
<function> over <literal> I think?
doc/submitting-changes.xml
Outdated
| </para> | ||
| <para> | ||
| Sandboxes are not enabled by default in Nix as there are cases where it | ||
| makes building packages harder (for example <command>npm |
There was a problem hiding this comment.
Sandboxing is disabled by default not because it is harder, but because it is slower: NixOS/nix#179
doc/submitting-changes.xml
Outdated
| <section> | ||
| <title>Built on platform(s)</title> | ||
| <para> | ||
| Many <literal>Nix</literal> packages are designed to run on multiple |
doc/submitting-changes.xml
Outdated
| </para> | ||
| <para> | ||
| review changes from pull request number 12345: | ||
| <screen>nix-shell -p nox --run nox-review 12345</screen> |
There was a problem hiding this comment.
Missing the command pr, should be: nox-review pr 12345
doc/submitting-changes.xml
Outdated
| It's important to test any executables generated by a build when you | ||
| change or create a package in nixpkgs. This can be done by looking in | ||
| <filename>./result/bin</filename> and running any files in there, or at a | ||
| minimum, the main file for the package. For example, if you make a change |
There was a problem hiding this comment.
file is ambiguous, I think you mean the main executable for the package
disassembler
force-pushed
the
doc-pull-request-template
branch
from
3b5e1e9
to
c2d0917
Compare
disassembler
force-pushed
the
doc-pull-request-template
branch
from
c2d0917
to
aae7745
Compare
Motivation for this change
Give detailed sections in nixpkgs contributing section of what the different sections of the PR template are and how to fulfill the requirements for each checkbox. This addresses #28579.
Things done
(nix.useSandbox on NixOS,
or option
build-use-sandboxinnix.confon non-NixOS)
nix-shell -p nox --run "nox-review wip"./result/bin/)