diff --git a/doc/.gitignore b/doc/.gitignore index cb07135e6858..b5c58be03d15 100644 --- a/doc/.gitignore +++ b/doc/.gitignore @@ -1,7 +1,8 @@ *.chapter.xml *.section.xml .version -out -manual-full.xml -highlightjs +functions/library/generated functions/library/locations.xml +highlightjs +manual-full.xml +out diff --git a/doc/coding-conventions.xml b/doc/coding-conventions.xml index d2c7a1baae9c..58ce9c7e627c 100644 --- a/doc/coding-conventions.xml +++ b/doc/coding-conventions.xml @@ -197,20 +197,14 @@ args.stdenv.mkDerivation (args // { Package naming - The key words - must, - must not, - required, - shall, - shall not, - should, - should not, - recommended, - may, - and optional in this section - are to be interpreted as described in - RFC 2119. - Only emphasized words are to be interpreted in this way. + The key words must, must not, + required, shall, shall + not, should, should + not, recommended, may, + and optional in this section are to be interpreted as + described in RFC + 2119. Only emphasized words are to be + interpreted in this way. @@ -253,15 +247,15 @@ args.stdenv.mkDerivation (args // { - The name attribute should - be identical to the upstream package name. + The name attribute should be + identical to the upstream package name. - The name attribute must not - contain uppercase letters — e.g., "mplayer-1.0rc2" - instead of "MPlayer-1.0rc2". + The name attribute must not + contain uppercase letters — e.g., "mplayer-1.0rc2" + instead of "MPlayer-1.0rc2". @@ -275,28 +269,29 @@ args.stdenv.mkDerivation (args // { If a package is not a release but a commit from a repository, then the version part of the name must be the date of that - (fetched) commit. The date must be in "YYYY-MM-DD" - format. Also append "unstable" to the name - e.g., + (fetched) commit. The date must be in + "YYYY-MM-DD" format. Also append + "unstable" to the name - e.g., "pkgname-unstable-2014-09-23". - Dashes in the package name should be preserved in new variable names, - rather than converted to underscores or camel cased — e.g., - http-parser instead of http_parser - or httpParser. The hyphenated style is preferred in - all three package names. + Dashes in the package name should be preserved in + new variable names, rather than converted to underscores or camel cased + — e.g., http-parser instead of + http_parser or httpParser. The + hyphenated style is preferred in all three package names. - If there are multiple versions of a package, this should be reflected in - the variable names in all-packages.nix, e.g. - json-c-0-9 and json-c-0-11. If - there is an obvious “default” version, make an attribute like - json-c = json-c-0-9;. See also - + If there are multiple versions of a package, this + should be reflected in the variable names in + all-packages.nix, e.g. json-c-0-9 + and json-c-0-11. If there is an obvious “default” + version, make an attribute like json-c = json-c-0-9;. + See also @@ -814,8 +809,8 @@ args.stdenv.mkDerivation (args // { There are multiple ways to fetch a package source in nixpkgs. The general - guideline is that you should package reproducible sources with a high degree of - availability. Right now there is only one fetcher which has mirroring + guideline is that you should package reproducible sources with a high degree + of availability. Right now there is only one fetcher which has mirroring support and that is fetchurl. Note that you should also prefer protocols which have a corresponding proxy environment variable. @@ -869,8 +864,10 @@ src = fetchFromGitHub { } Find the value to put as sha256 by running - nix run -f '<nixpkgs>' nix-prefetch-github -c nix-prefetch-github --rev 1f795f9f44607cc5bec70d1300150bfefcef2aae NixOS nix - or nix-prefetch-url --unpack https://github.com/NixOS/nix/archive/1f795f9f44607cc5bec70d1300150bfefcef2aae.tar.gz. + nix run -f '<nixpkgs>' nix-prefetch-github -c + nix-prefetch-github --rev 1f795f9f44607cc5bec70d1300150bfefcef2aae NixOS + nix or nix-prefetch-url --unpack + https://github.com/NixOS/nix/archive/1f795f9f44607cc5bec70d1300150bfefcef2aae.tar.gz. @@ -953,17 +950,23 @@ $ nix-hash --type sha256 --to-base32 HASH would be replace hash with a fake one and rebuild. Nix build will fail and error message will contain desired hash. - This method has security problems. Check below for details. + + + This method has security problems. Check below for details. + +
Obtaining hashes securely + - Let's say Man-in-the-Middle (MITM) sits close to your network. Then instead of fetching - source you can fetch malware, and instead of source hash you get hash of malware. Here are - security considerations for this scenario: + Let's say Man-in-the-Middle (MITM) sits close to your network. Then instead + of fetching source you can fetch malware, and instead of source hash you + get hash of malware. Here are security considerations for this scenario: + @@ -972,7 +975,8 @@ $ nix-hash --type sha256 --to-base32 HASH - hashes from upstream (in method 3) should be obtained via secure protocol; + hashes from upstream (in method 3) should be obtained via secure + protocol; @@ -982,12 +986,12 @@ $ nix-hash --type sha256 --to-base32 HASH - https:// URLs are not secure in method 5. When obtaining hashes - with fake hash method, TLS checks are disabled. So - refetch source hash from several different networks to exclude MITM scenario. - Alternatively, use fake hash method to make Nix error, but instead of extracting - hash from error, extract https:// URL and prefetch it - with method 1. + https:// URLs are not secure in method 5. When + obtaining hashes with fake hash method, TLS checks are disabled. So + refetch source hash from several different networks to exclude MITM + scenario. Alternatively, use fake hash method to make Nix error, but + instead of extracting hash from error, extract + https:// URL and prefetch it with method 1. diff --git a/doc/configuration.xml b/doc/configuration.xml index 8a5ff8dcb8e0..b497fa4e2722 100644 --- a/doc/configuration.xml +++ b/doc/configuration.xml @@ -132,13 +132,13 @@ - The difference between a package being unsupported on some system and - being broken is admittedly a bit fuzzy. If a program - ought to work on a certain platform, but doesn't, the - platform should be included in meta.platforms, but marked - as broken with e.g. meta.broken = - !hostPlatform.isWindows. Of course, this begs the question of what - "ought" means exactly. That is left to the package maintainer. + The difference between a package being unsupported on some system and being + broken is admittedly a bit fuzzy. If a program ought to + work on a certain platform, but doesn't, the platform should be included in + meta.platforms, but marked as broken with e.g. + meta.broken = !hostPlatform.isWindows. Of course, this + begs the question of what "ought" means exactly. That is left to the package + maintainer.
@@ -175,9 +175,8 @@ - For a more useful example, try the following. This configuration - only allows unfree packages named flash player and visual studio - code: + For a more useful example, try the following. This configuration only + allows unfree packages named flash player and visual studio code: { allowUnfreePredicate = (pkg: builtins.elem diff --git a/doc/cross-compilation.xml b/doc/cross-compilation.xml index 324fe5bdd02a..dbaf6f104ec0 100644 --- a/doc/cross-compilation.xml +++ b/doc/cross-compilation.xml @@ -6,17 +6,17 @@ Introduction - "Cross-compilation" means compiling a program on one machine for another type - of machine. For example, a typical use of cross-compilation is to compile - programs for embedded devices. These devices often don't have the computing - power and memory to compile their own programs. One might think that - cross-compilation is a fairly niche concern. However, there are significant - advantages to rigorously distinguishing between build-time and run-time - environments! This applies even when one is developing and deploying on the - same machine. Nixpkgs is increasingly adopting the opinion that packages - should be written with cross-compilation in mind, and nixpkgs should evaluate - in a similar way (by minimizing cross-compilation-specific special cases) - whether or not one is cross-compiling. + "Cross-compilation" means compiling a program on one machine for another + type of machine. For example, a typical use of cross-compilation is to + compile programs for embedded devices. These devices often don't have the + computing power and memory to compile their own programs. One might think + that cross-compilation is a fairly niche concern. However, there are + significant advantages to rigorously distinguishing between build-time and + run-time environments! This applies even when one is developing and + deploying on the same machine. Nixpkgs is increasingly adopting the opinion + that packages should be written with cross-compilation in mind, and nixpkgs + should evaluate in a similar way (by minimizing cross-compilation-specific + special cases) whether or not one is cross-compiling. @@ -34,15 +34,16 @@ Platform parameters - Nixpkgs follows the conventions - of GNU autoconf. We distinguish between 3 types of platforms when - building a derivation: build, - host, and target. In - summary, build is the platform on which a package - is being built, host is the platform on which it - will run. The third attribute, target, is relevant - only for certain specific compilers and build tools. + of GNU autoconf. We distinguish between 3 types of platforms when + building a derivation: build, + host, and target. In + summary, build is the platform on which a package + is being built, host is the platform on which it + will run. The third attribute, target, is relevant + only for certain specific compilers and build tools. @@ -95,10 +96,10 @@ The build process of certain compilers is written in such a way that the compiler resulting from a single build can itself only produce binaries for a single platform. The task of specifying this single "target - platform" is thus pushed to build time of the compiler. The root cause of - this is that the compiler (which will be run on the host) and the standard - library/runtime (which will be run on the target) are built by a single - build process. + platform" is thus pushed to build time of the compiler. The root cause + of this is that the compiler (which will be run on the host) and the + standard library/runtime (which will be run on the target) are built by + a single build process. There is no fundamental need to think about a single target ahead of @@ -136,9 +137,9 @@ This is a two-component shorthand for the platform. Examples of this would be "x86_64-darwin" and "i686-linux"; see lib.systems.doubles for more. The first component - corresponds to the CPU architecture of the platform and the second to the - operating system of the platform ([cpu]-[os]). This - format has built-in support in Nix, such as the + corresponds to the CPU architecture of the platform and the second to + the operating system of the platform ([cpu]-[os]). + This format has built-in support in Nix, such as the builtins.currentSystem impure string. @@ -149,14 +150,14 @@ - This is a 3- or 4- component shorthand for the platform. Examples of this - would be x86_64-unknown-linux-gnu and + This is a 3- or 4- component shorthand for the platform. Examples of + this would be x86_64-unknown-linux-gnu and aarch64-apple-darwin14. This is a standard format called the "LLVM target triple", as they are pioneered by LLVM. In the 4-part form, this corresponds to [cpu]-[vendor]-[os]-[abi]. This format is strictly - more informative than the "Nix host double", as the previous format could - analogously be termed. This needs a better name than + more informative than the "Nix host double", as the previous format + could analogously be termed. This needs a better name than config! @@ -167,11 +168,10 @@ - This is a Nix representation of a parsed LLVM target triple - with white-listed components. This can be specified directly, - or actually parsed from the config. See - lib.systems.parse for the exact - representation. + This is a Nix representation of a parsed LLVM target triple with + white-listed components. This can be specified directly, or actually + parsed from the config. See + lib.systems.parse for the exact representation. @@ -253,15 +253,15 @@ Some examples will make this clearer. If a package is being built with a (build, host, target) platform triple of (foo, - bar, bar), then its build-time dependencies would have a triple of - (foo, foo, bar), and those packages' - build-time dependencies would have a triple of (foo, foo, - foo). In other words, it should take two "rounds" of following - build-time dependency edges before one reaches a fixed point where, by the - sliding window principle, the platform triple no longer changes. Indeed, - this happens with cross-compilation, where only rounds of native - dependencies starting with the second necessarily coincide with native - packages. + bar, bar), then its build-time dependencies would have a triple + of (foo, foo, bar), and those + packages' build-time dependencies would have a triple of + (foo, foo, foo). In other words, it should take two + "rounds" of following build-time dependency edges before one reaches a + fixed point where, by the sliding window principle, the platform triple no + longer changes. Indeed, this happens with cross-compilation, where only + rounds of native dependencies starting with the second necessarily coincide + with native packages. @@ -273,23 +273,24 @@ - How does this work in practice? Nixpkgs is now structured so that build-time - dependencies are taken from buildPackages, whereas - run-time dependencies are taken from the top level attribute set. For - example, buildPackages.gcc should be used at build-time, - while gcc should be used at run-time. Now, for most of - Nixpkgs's history, there was no buildPackages, and most - packages have not been refactored to use it explicitly. Instead, one can use - the six (gasp) attributes used for specifying - dependencies as documented in . We - "splice" together the run-time and build-time package sets with - callPackage, and then mkDerivation for - each of four attributes pulls the right derivation out. This splicing can be - skipped when not cross-compiling as the package sets are the same, but is a - bit slow for cross-compiling. Because of this, a best-of-both-worlds - solution is in the works with no splicing or explicit access of - buildPackages needed. For now, feel free to use either - method. + How does this work in practice? Nixpkgs is now structured so that + build-time dependencies are taken from buildPackages, + whereas run-time dependencies are taken from the top level attribute set. + For example, buildPackages.gcc should be used at + build-time, while gcc should be used at run-time. Now, + for most of Nixpkgs's history, there was no + buildPackages, and most packages have not been + refactored to use it explicitly. Instead, one can use the six + (gasp) attributes used for specifying dependencies as + documented in . We "splice" + together the run-time and build-time package sets with + callPackage, and then mkDerivation + for each of four attributes pulls the right derivation out. This splicing + can be skipped when not cross-compiling as the package sets are the same, + but is a bit slow for cross-compiling. Because of this, a + best-of-both-worlds solution is in the works with no splicing or explicit + access of buildPackages needed. For now, feel free to + use either method. @@ -311,8 +312,8 @@ should be answered here. Ideally, the information above is exhaustive, so this section cannot provide any new information, but it is ludicrous and cruel to expect everyone to spend effort working through the interaction of - many features just to figure out the same answer to the same common problem. - Feel free to add to this list! + many features just to figure out the same answer to the same common + problem. Feel free to add to this list! @@ -434,14 +435,15 @@ nix-build <nixpkgs> --arg crossSystem '{ config = "<arch>-<os> build plan or package set. A simple "build vs deploy" dichotomy is adequate: the sliding window principle described in the previous section shows how to interpolate between the these two "end points" to get the 3 platform triple - for each bootstrapping stage. That means for any package a given package set, - even those not bound on the top level but only reachable via dependencies or - buildPackages, the three platforms will be defined as one - of localSystem or crossSystem, with the - former replacing the latter as one traverses build-time dependencies. A last - simple difference is that crossSystem should be null when - one doesn't want to cross-compile, while the *Platforms - are always non-null. localSystem is always non-null. + for each bootstrapping stage. That means for any package a given package + set, even those not bound on the top level but only reachable via + dependencies or buildPackages, the three platforms will + be defined as one of localSystem or + crossSystem, with the former replacing the latter as one + traverses build-time dependencies. A last simple difference is that + crossSystem should be null when one doesn't want to + cross-compile, while the *Platforms are always non-null. + localSystem is always non-null.
@@ -455,13 +457,13 @@ nix-build <nixpkgs> --arg crossSystem '{ config = "<arch>-<os> If one explores Nixpkgs, they will see derivations with names like - gccCross. Such *Cross derivations is a - holdover from before we properly distinguished between the host and target - platforms—the derivation with "Cross" in the name covered the build - = host != target case, while the other covered the host = - target, with build platform the same or not based on whether one - was using its .nativeDrv or .crossDrv. - This ugliness will disappear soon. + gccCross. Such *Cross derivations is + a holdover from before we properly distinguished between the host and + target platforms—the derivation with "Cross" in the name covered the + build = host != target case, while the other covered the + host = target, with build platform the same or not based + on whether one was using its .nativeDrv or + .crossDrv. This ugliness will disappear soon. diff --git a/doc/functions/appimagetools.xml b/doc/functions/appimagetools.xml index 270ab067bc39..4205c6da3851 100644 --- a/doc/functions/appimagetools.xml +++ b/doc/functions/appimagetools.xml @@ -5,11 +5,11 @@ pkgs.appimageTools - pkgs.appimageTools is a set of functions for extracting and wrapping - AppImage files. - - They are meant to be used if traditional packaging from source is infeasible, or it would take too long. - To quickly run an AppImage file, pkgs.appimage-run can be used as well. + pkgs.appimageTools is a set of functions for extracting + and wrapping AppImage files. + They are meant to be used if traditional packaging from source is infeasible, + or it would take too long. To quickly run an AppImage file, + pkgs.appimage-run can be used as well. @@ -19,13 +19,13 @@ -
AppImage formats There are different formats for AppImages, see - the specification for details. + the + specification for details. @@ -34,7 +34,6 @@ Type 1 images are ISO 9660 files that are also ELF executables. - Type 2 images are ELF executables with an appended filesystem. @@ -46,7 +45,7 @@ They can be told apart with file -k: - + $ file -k type1.AppImage type1.AppImage: ELF 64-bit LSB executable, x86-64, version 1 (SYSV) ISO 9660 CD-ROM filesystem data 'AppImage' (Lepton 3.x), scale 0-0, spot sensor temperature 0.000000, unit celsius, color scheme 0, calibration: offset 0.000000, slope 0.000000, dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 2.6.18, BuildID[sha1]=d629f6099d2344ad82818172add1d38c5e11bc6d, stripped\012- data @@ -56,7 +55,8 @@ type2.AppImage: ELF 64-bit LSB executable, x86-64, version 1 (SYSV) (Lepton 3.x) - Note how the type 1 AppImage is described as an ISO 9660 CD-ROM filesystem, and the type 2 AppImage is not. + Note how the type 1 AppImage is described as an ISO 9660 CD-ROM + filesystem, and the type 2 AppImage is not.
@@ -64,12 +64,11 @@ type2.AppImage: ELF 64-bit LSB executable, x86-64, version 1 (SYSV) (Lepton 3.x) Wrapping - Depending on the type of AppImage you're wrapping, you'll have to use - wrapType1 or wrapType2. + Depending on the type of AppImage you're wrapping, you'll have to use + wrapType1 or wrapType2. - - + appimageTools.wrapType2 { # or wrapType1 name = "patchwork"; src = fetchurl { @@ -79,7 +78,6 @@ appimageTools.wrapType2 { # or wrapType1 extraPkgs = pkgs: with pkgs; [ ]; } - @@ -93,29 +91,28 @@ appimageTools.wrapType2 { # or wrapType1 - extraPkgs allows you to pass a function to include additional packages - inside the FHS environment your AppImage is going to run in. - - There are a few ways to learn which dependencies an application needs: - - - - - Looking through the extracted AppImage files, reading its scripts and running patchelf and ldd on its executables. - This can also be done in appimage-run, by setting APPIMAGE_DEBUG_EXEC=bash. - - - - - - Running strace -vfefile on the wrapped executable, looking for libraries that can't be found. - - - - + extraPkgs allows you to pass a function to include + additional packages inside the FHS environment your AppImage is going to + run in. There are a few ways to learn which dependencies an application + needs: + + + + Looking through the extracted AppImage files, reading its scripts and + running patchelf and ldd on its + executables. This can also be done in appimage-run, + by setting APPIMAGE_DEBUG_EXEC=bash. + + + + + Running strace -vfefile on the wrapped executable, + looking for libraries that can't be found. + + + - diff --git a/doc/functions/dockertools.xml b/doc/functions/dockertools.xml index 2c8eb2cb7743..75db0bd3918c 100644 --- a/doc/functions/dockertools.xml +++ b/doc/functions/dockertools.xml @@ -24,9 +24,9 @@ This function is analogous to the docker build command, - in that it can be used to build a Docker-compatible repository tarball containing - a single image with one or multiple layers. As such, the result is suitable - for being loaded in Docker with docker load. + in that it can be used to build a Docker-compatible repository tarball + containing a single image with one or multiple layers. As such, the result + is suitable for being loaded in Docker with docker load. @@ -190,8 +190,8 @@ buildImage { By default buildImage will use a static date of one second past the UNIX Epoch. This allows buildImage to produce binary reproducible images. When listing images with - docker images, the newly created images will be - listed like this: + docker images, the newly created images will be listed + like this: This function is analogous to the docker pull command, in - that it can be used to pull a Docker image from a Docker registry. By default - Docker Hub is used to pull - images. + that it can be used to pull a Docker image from a Docker registry. By + default Docker Hub is used + to pull images. @@ -484,10 +484,10 @@ sha256:20d9485b25ecfd89204e843a962c1bd70e9cc6858d65d7f5fadc340246e2116b This function is analogous to the docker export command, - in that it can be used to flatten a Docker image that contains multiple layers. It - is in fact the result of the merge of all the layers of the image. As such, - the result is suitable for being imported in Docker with docker - import. + in that it can be used to flatten a Docker image that contains multiple + layers. It is in fact the result of the merge of all the layers of the + image. As such, the result is suitable for being imported in Docker with + docker import. diff --git a/doc/functions/fetchers.xml b/doc/functions/fetchers.xml index b3bd2fe0f45e..a736008c9d41 100644 --- a/doc/functions/fetchers.xml +++ b/doc/functions/fetchers.xml @@ -5,24 +5,21 @@ Fetcher functions - When using Nix, you will frequently need to download source code - and other files from the internet. Nixpkgs comes with a few helper - functions that allow you to fetch fixed-output derivations in a - structured way. + When using Nix, you will frequently need to download source code and other + files from the internet. Nixpkgs comes with a few helper functions that allow + you to fetch fixed-output derivations in a structured way. - The two fetcher primitives are fetchurl and - fetchzip. Both of these have two required - arguments, a URL and a hash. The hash is typically - sha256, although many more hash algorithms are - supported. Nixpkgs contributors are currently recommended to use - sha256. This hash will be used by Nix to - identify your source. A typical usage of fetchurl is provided - below. + The two fetcher primitives are fetchurl and + fetchzip. Both of these have two required arguments, a + URL and a hash. The hash is typically sha256, although + many more hash algorithms are supported. Nixpkgs contributors are currently + recommended to use sha256. This hash will be used by Nix + to identify your source. A typical usage of fetchurl is provided below. - - The main difference between fetchurl and - fetchzip is in how they store the contents. - fetchurl will store the unaltered contents of - the URL within the Nix store. fetchzip on the - other hand will decompress the archive for you, making files and - directories directly accessible in the future. - fetchzip can only be used with archives. - Despite the name, fetchzip is not limited to - .zip files and can also be used with any tarball. + The main difference between fetchurl and + fetchzip is in how they store the contents. + fetchurl will store the unaltered contents of the URL + within the Nix store. fetchzip on the other hand will + decompress the archive for you, making files and directories directly + accessible in the future. fetchzip can only be used with + archives. Despite the name, fetchzip is not limited to + .zip files and can also be used with any tarball. - fetchpatch works very similarly to - fetchurl with the same arguments expected. It - expects patch files as a source and and performs normalization on - them before computing the checksum. For example it will remove - comments or other unstable parts that are sometimes added by - version control systems and can change over time. + fetchpatch works very similarly to + fetchurl with the same arguments expected. It expects + patch files as a source and and performs normalization on them before + computing the checksum. For example it will remove comments or other unstable + parts that are sometimes added by version control systems and can change over + time. - Other fetcher functions allow you to add source code directly from - a VCS such as subversion or git. These are mostly straightforward - names based on the name of the command used with the VCS system. - Because they give you a working repository, they act most like - fetchzip. + Other fetcher functions allow you to add source code directly from a VCS such + as subversion or git. These are mostly straightforward names based on the + name of the command used with the VCS system. Because they give you a working + repository, they act most like fetchzip. - - - fetchsvn - - - - Used with Subversion. Expects url to a - Subversion directory, rev, and - sha256. - - - - - - fetchgit - - - - Used with Git. Expects url to a Git repo, - rev, and sha256. - rev in this case can be full the git commit - id (SHA1 hash) or a tag name like - refs/tags/v1.0. - - - - - - fetchfossil - - - - Used with Fossil. Expects url to a Fossil - archive, rev, and sha256. - - - - - - fetchcvs - - - - Used with CVS. Expects cvsRoot, - tag, and sha256. - - - - - - fetchhg - - - - Used with Mercurial. Expects url, - rev, and sha256. - - - + + + fetchsvn + + + + Used with Subversion. Expects url to a Subversion + directory, rev, and sha256. + + + + + + fetchgit + + + + Used with Git. Expects url to a Git repo, + rev, and sha256. + rev in this case can be full the git commit id (SHA1 + hash) or a tag name like refs/tags/v1.0. + + + + + + fetchfossil + + + + Used with Fossil. Expects url to a Fossil archive, + rev, and sha256. + + + + + + fetchcvs + + + + Used with CVS. Expects cvsRoot, tag, + and sha256. + + + + + + fetchhg + + + + Used with Mercurial. Expects url, + rev, and sha256. + + + - A number of fetcher functions wrap part of - fetchurl and fetchzip. - They are mainly convenience functions intended for commonly used - destinations of source code in Nixpkgs. These wrapper fetchers are - listed below. + A number of fetcher functions wrap part of fetchurl and + fetchzip. They are mainly convenience functions intended + for commonly used destinations of source code in Nixpkgs. These wrapper + fetchers are listed below. - - - fetchFromGitHub - - - - fetchFromGitHub expects four arguments. - owner is a string corresponding to the - GitHub user or organization that controls this repository. - repo corresponds to the name of the - software repository. These are located at the top of every - GitHub HTML page as - owner/repo. - rev corresponds to the Git commit hash or - tag (e.g v1.0) that will be downloaded from - Git. Finally, sha256 corresponds to the - hash of the extracted directory. Again, other hash algorithms - are also available but sha256 is currently - preferred. - - - - - - fetchFromGitLab - - - - This is used with GitLab repositories. The arguments expected - are very similar to fetchFromGitHub above. - - - - - - fetchFromBitbucket - - - - This is used with BitBucket repositories. The arguments expected - are very similar to fetchFromGitHub above. - - - - - - fetchFromSavannah - - - - This is used with Savannah repositories. The arguments expected - are very similar to fetchFromGitHub above. - - - - - - fetchFromRepoOrCz - - - - This is used with repo.or.cz repositories. The arguments - expected are very similar to fetchFromGitHub above. - - - + + + fetchFromGitHub + + + + fetchFromGitHub expects four arguments. + owner is a string corresponding to the GitHub user or + organization that controls this repository. repo + corresponds to the name of the software repository. These are located at + the top of every GitHub HTML page as + owner/repo. rev + corresponds to the Git commit hash or tag (e.g v1.0) + that will be downloaded from Git. Finally, sha256 + corresponds to the hash of the extracted directory. Again, other hash + algorithms are also available but sha256 is currently + preferred. + + + + + + fetchFromGitLab + + + + This is used with GitLab repositories. The arguments expected are very + similar to fetchFromGitHub above. + + + + + + fetchFromBitbucket + + + + This is used with BitBucket repositories. The arguments expected are very + similar to fetchFromGitHub above. + + + + + + fetchFromSavannah + + + + This is used with Savannah repositories. The arguments expected are very + similar to fetchFromGitHub above. + + + + + + fetchFromRepoOrCz + + + + This is used with repo.or.cz repositories. The arguments expected are very + similar to fetchFromGitHub above. + + + - - diff --git a/doc/functions/library.xml b/doc/functions/library.xml index b01de3c6e413..e6aedaa6efdd 100644 --- a/doc/functions/library.xml +++ b/doc/functions/library.xml @@ -13,12 +13,17 @@ - + + + + + diff --git a/doc/functions/nix-gitignore.xml b/doc/functions/nix-gitignore.xml index 465b38e0bf1d..9011570d1eae 100644 --- a/doc/functions/nix-gitignore.xml +++ b/doc/functions/nix-gitignore.xml @@ -14,15 +14,15 @@ Usage - pkgs.nix-gitignore exports a number of functions, but - you'll most likely need either gitignoreSource or - gitignoreSourcePure. As their first argument, they both - accept either 1. a file with gitignore lines or 2. a string - with gitignore lines, or 3. a list of either of the two. They will be - concatenated into a single big string. + pkgs.nix-gitignore exports a number of functions, but + you'll most likely need either gitignoreSource or + gitignoreSourcePure. As their first argument, they both + accept either 1. a file with gitignore lines or 2. a string with gitignore + lines, or 3. a list of either of the two. They will be concatenated into a + single big string. - {} }: nix-gitignore.gitignoreSource [] ./source @@ -40,24 +40,29 @@ ]]> - These functions are derived from the Filter functions - by setting the first filter argument to (_: _: true): + These functions are derived from the Filter functions by + setting the first filter argument to (_: _: true): - - Those filter functions accept the same arguments the builtins.filterSource function would pass to its filters, thus fn: gitignoreFilterSourcePure fn "" should be extensionally equivalent to filterSource. The file is blacklisted iff it's blacklisted by either your filter or the gitignoreFilter. + Those filter functions accept the same arguments the + builtins.filterSource function would pass to its filters, + thus fn: gitignoreFilterSourcePure fn "" should be + extensionally equivalent to filterSource. The file is + blacklisted iff it's blacklisted by either your filter or the + gitignoreFilter. - If you want to make your own filter from scratch, you may use - + If you want to make your own filter from scratch, you may use + - @@ -66,10 +71,11 @@ gitignoreFilter = ign: root: filterPattern (gitignoreToPatterns ign) root; gitignore files in subdirectories - If you wish to use a filter that would search for .gitignore files in subdirectories, just like git does by default, use this function: - + If you wish to use a filter that would search for .gitignore files in + subdirectories, just like git does by default, use this function: + - prefer-remote-fetch is an overlay that download sources on remote builder. This is useful when the evaluating machine has a slow - upload while the builder can fetch faster directly from the source. - To use it, put the following snippet as a new overlay: - + upload while the builder can fetch faster directly from the source. To use + it, put the following snippet as a new overlay: + self: super: (super.prefer-remote-fetch self super) - - A full configuration example for that sets the overlay up for your own account, - could look like this - - + A full configuration example for that sets the overlay up for your own + account, could look like this + $ mkdir ~/.config/nixpkgs/overlays/ $ cat > ~/.config/nixpkgs/overlays/prefer-remote-fetch.nix <<EOF self: super: super.prefer-remote-fetch self super diff --git a/doc/functions/trivial-builders.xml b/doc/functions/trivial-builders.xml index 92a07aedb5b9..1fd92ecfe262 100644 --- a/doc/functions/trivial-builders.xml +++ b/doc/functions/trivial-builders.xml @@ -5,12 +5,11 @@ Trivial builders - Nixpkgs provides a couple of functions that help with building - derivations. The most important one, - stdenv.mkDerivation, has already been - documented above. The following functions wrap - stdenv.mkDerivation, making it easier to use - in certain cases. + Nixpkgs provides a couple of functions that help with building derivations. + The most important one, stdenv.mkDerivation, has already + been documented above. The following functions wrap + stdenv.mkDerivation, making it easier to use in certain + cases. @@ -19,26 +18,23 @@ runCommand - - This takes three arguments, name, - env, and buildCommand. - name is just the name that Nix will append - to the store path in the same way that - stdenv.mkDerivation uses its - name attribute. env is an - attribute set specifying environment variables that will be set - for this derivation. These attributes are then passed to the - wrapped stdenv.mkDerivation. - buildCommand specifies the commands that - will be run to create this derivation. Note that you will need - to create $out for Nix to register the - command as successful. - - - An example of using runCommand is provided - below. - - + + This takes three arguments, name, + env, and buildCommand. + name is just the name that Nix will append to the store + path in the same way that stdenv.mkDerivation uses its + name attribute. env is an attribute + set specifying environment variables that will be set for this derivation. + These attributes are then passed to the wrapped + stdenv.mkDerivation. buildCommand + specifies the commands that will be run to create this derivation. Note + that you will need to create $out for Nix to register + the command as successful. + + + An example of using runCommand is provided below. + + (import <nixpkgs> {}).runCommand "my-example" {} '' echo My example command is running @@ -65,41 +61,35 @@ runCommandCC - - This works just like runCommand. The only - difference is that it also provides a C compiler in - buildCommand’s environment. To minimize your - dependencies, you should only use this if you are sure you will - need a C compiler as part of running your command. + + This works just like runCommand. The only difference is + that it also provides a C compiler in buildCommand’s + environment. To minimize your dependencies, you should only use this if + you are sure you will need a C compiler as part of running your command. - writeTextFile, writeText, - writeTextDir, writeScript, - writeScriptBin + writeTextFile, writeText, writeTextDir, writeScript, writeScriptBin - - These functions write text to the Nix store. - This is useful for creating scripts from Nix expressions. - writeTextFile takes an attribute set and - expects two arguments, name and - text. name corresponds to - the name used in the Nix store path. text - will be the contents of the file. You can also set - executable to true to make this file have - the executable bit set. - - - Many more commands wrap writeTextFile - including writeText, - writeTextDir, - writeScript, and - writeScriptBin. These are convenience - functions over writeTextFile. - + + These functions write text to the Nix store. This is + useful for creating scripts from Nix expressions. + writeTextFile takes an attribute set and expects two + arguments, name and text. + name corresponds to the name used in the Nix store + path. text will be the contents of the file. You can + also set executable to true to make this file have the + executable bit set. + + + Many more commands wrap writeTextFile including + writeText, writeTextDir, + writeScript, and writeScriptBin. + These are convenience functions over writeTextFile. + @@ -109,16 +99,15 @@ This can be used to put many derivations into the same directory - structure. It works by creating a new derivation and adding - symlinks to each of the paths listed. It expects two arguments, + structure. It works by creating a new derivation and adding symlinks to + each of the paths listed. It expects two arguments, name, and paths. - name is the name used in the Nix store path - for the created derivation. paths is a list of - paths that will be symlinked. These paths can be to Nix store - derivations or any other subdirectory contained within. + name is the name used in the Nix store path for the + created derivation. paths is a list of paths that will + be symlinked. These paths can be to Nix store derivations or any other + subdirectory contained within. - diff --git a/doc/languages-frameworks/ocaml.xml b/doc/languages-frameworks/ocaml.xml index ea0770616802..0deadf2edd03 100644 --- a/doc/languages-frameworks/ocaml.xml +++ b/doc/languages-frameworks/ocaml.xml @@ -4,39 +4,38 @@ OCaml - OCaml libraries should be installed in - $(out)/lib/ocaml/${ocaml.version}/site-lib/. Such - directories are automatically added to the $OCAMLPATH - environment variable when building another package that depends on them - or when opening a nix-shell. + OCaml libraries should be installed in + $(out)/lib/ocaml/${ocaml.version}/site-lib/. Such + directories are automatically added to the $OCAMLPATH + environment variable when building another package that depends on them or + when opening a nix-shell. - Given that most of the OCaml ecosystem is now built with dune, - nixpkgs includes a convenience build support function called - buildDunePackage that will build an OCaml package - using dune, OCaml and findlib and any additional dependencies provided - as buildInputs or propagatedBuildInputs. + Given that most of the OCaml ecosystem is now built with dune, nixpkgs + includes a convenience build support function called + buildDunePackage that will build an OCaml package using + dune, OCaml and findlib and any additional dependencies provided as + buildInputs or propagatedBuildInputs. - Here is a simple package example. It defines an (optional) attribute - minimumOCamlVersion that will be used to throw a - descriptive evaluation error if building with an older OCaml is attempted. - It uses the fetchFromGitHub fetcher to get its source. - It sets the doCheck (optional) attribute to - true which means that tests will be run with - dune runtest -p angstrom after the build - (dune build -p angstrom) is complete. - It uses alcotest as a build input (because it is needed - to run the tests) and bigstringaf and - result as propagated build inputs (thus they will also - be available to libraries depending on this library). - The library will be installed using the angstrom.install - file that dune generates. + Here is a simple package example. It defines an (optional) attribute + minimumOCamlVersion that will be used to throw a + descriptive evaluation error if building with an older OCaml is attempted. It + uses the fetchFromGitHub fetcher to get its source. It + sets the doCheck (optional) attribute to + true which means that tests will be run with dune + runtest -p angstrom after the build (dune build -p + angstrom) is complete. It uses alcotest as a + build input (because it is needed to run the tests) and + bigstringaf and result as propagated + build inputs (thus they will also be available to libraries depending on this + library). The library will be installed using the + angstrom.install file that dune generates. - + { stdenv, fetchFromGitHub, buildDunePackage, alcotest, result, bigstringaf }: buildDunePackage rec { @@ -66,14 +65,14 @@ buildDunePackage rec { - Here is a second example, this time using a source archive generated with - dune-release. It is a good idea to use this archive when - it is available as it will usually contain substituted variables such as a - %%VERSION%% field. This library does not depend - on any other OCaml library and no tests are run after building it. + Here is a second example, this time using a source archive generated with + dune-release. It is a good idea to use this archive when + it is available as it will usually contain substituted variables such as a + %%VERSION%% field. This library does not depend on any + other OCaml library and no tests are run after building it. - + { stdenv, fetchurl, buildDunePackage }: buildDunePackage rec { @@ -95,5 +94,4 @@ buildDunePackage rec { }; } - diff --git a/doc/package-notes.xml b/doc/package-notes.xml index e23593107d8d..dfdada3d28c2 100644 --- a/doc/package-notes.xml +++ b/doc/package-notes.xml @@ -307,19 +307,20 @@ packageOverrides = pkgs: { -
Elm - To update Elm compiler, see nixpkgs/pkgs/development/compilers/elm/README.md. + To update Elm compiler, see + nixpkgs/pkgs/development/compilers/elm/README.md. - To package Elm applications, read about elm2nix. + To package Elm applications, + read about + elm2nix.
-
Interactive shell helpers diff --git a/doc/platform-notes.xml b/doc/platform-notes.xml index 6050271dbf6f..b75b50dbb962 100644 --- a/doc/platform-notes.xml +++ b/doc/platform-notes.xml @@ -96,8 +96,8 @@ The package xcbuild can be used to build projects that - really depend on Xcode. However, this replacement is not 100% - compatible with Xcode and can occasionally cause issues. + really depend on Xcode. However, this replacement is not 100% compatible + with Xcode and can occasionally cause issues. diff --git a/doc/quick-start.xml b/doc/quick-start.xml index 8dd673ed2733..86c17ca4e9fa 100644 --- a/doc/quick-start.xml +++ b/doc/quick-start.xml @@ -148,8 +148,8 @@ $ git add pkgs/development/libraries/libfoo/default.nix You can use nix-prefetch-url - url to get the - SHA-256 hash of source distributions. There are similar commands as + url to get the SHA-256 hash of source + distributions. There are similar commands as nix-prefetch-git and nix-prefetch-hg available in nix-prefetch-scripts package. diff --git a/doc/reviewing-contributions.xml b/doc/reviewing-contributions.xml index f541b7f22daa..d31c6deb4909 100644 --- a/doc/reviewing-contributions.xml +++ b/doc/reviewing-contributions.xml @@ -24,11 +24,13 @@ The high change rate of Nixpkgs makes any pull request that remains open for too long subject to conflicts that will require extra work from the submitter - or the merger. Reviewing pull requests in a timely manner and being responsive - to the comments is the key to avoid this issue. GitHub provides sort filters - that can be used to see the most - recently and the and the + least recently updated pull requests. We highly encourage looking at @@ -609,8 +611,8 @@ policy. create an issue or post on Discourse with - references of packages and modules they maintain so the maintainership can be - taken over by other contributors. + references of packages and modules they maintain so the maintainership can + be taken over by other contributors.
diff --git a/doc/stdenv.xml b/doc/stdenv.xml index 81bd4556193f..68a3282d7d68 100644 --- a/doc/stdenv.xml +++ b/doc/stdenv.xml @@ -228,18 +228,17 @@ genericBuild - The extension of PATH with dependencies, alluded to - above, proceeds according to the relative platforms alone. The - process is carried out only for dependencies whose host platform - matches the new derivation's build platform i.e. dependencies which - run on the platform where the new derivation will be built. + The extension of PATH with dependencies, alluded to above, + proceeds according to the relative platforms alone. The process is carried + out only for dependencies whose host platform matches the new derivation's + build platform i.e. dependencies which run on the platform where the new + derivation will be built. - Currently, this means for native builds all dependencies are put - on the PATH. But in the future that may not be the - case for sake of matching cross: the platforms would be assumed - to be unique for native and cross builds alike, so only the - depsBuild* and + Currently, this means for native builds all dependencies are put on the + PATH. But in the future that may not be the case for sake + of matching cross: the platforms would be assumed to be unique for native + and cross builds alike, so only the depsBuild* and nativeBuildInputs would be added to the PATH. @@ -252,9 +251,10 @@ genericBuild The dependency is propagated when it forces some of its other-transitive (non-immediate) downstream dependencies to also take it on as an immediate - dependency. Nix itself already takes a package's transitive dependencies into - account, but this propagation ensures nixpkgs-specific infrastructure like - setup hooks (mentioned above) also are run as if the propagated dependency. + dependency. Nix itself already takes a package's transitive dependencies + into account, but this propagation ensures nixpkgs-specific infrastructure + like setup hooks (mentioned above) also are run as if the propagated + dependency. @@ -270,9 +270,9 @@ genericBuild described by the current dependency's platform offsets. This results in sort a transitive closure of the dependency relation, with the offsets being approximately summed when two dependency links are combined. We also prune - transitive dependencies whose combined offsets go out-of-bounds, which can be - viewed as a filter over that transitive closure removing dependencies that - are blatantly absurd. + transitive dependencies whose combined offsets go out-of-bounds, which can + be viewed as a filter over that transitive closure removing dependencies + that are blatantly absurd. @@ -287,8 +287,8 @@ genericBuild propagation logic. - They're confusing in very different ways so... hopefully if something doesn't - make sense in one presentation, it will in the other! + They're confusing in very different ways so... hopefully if something + doesn't make sense in one presentation, it will in the other! let mapOffset(h, t, i) = i + (if i <= 0 then h else t - 1) @@ -324,31 +324,31 @@ let f(h, h + 1, i) = i + (if i <= 0 then h else (h + 1) - 1) let f(h, h + 1, i) = i + (if i <= 0 then h else h) let f(h, h + 1, i) = i + h - This is where "sum-like" comes in from above: We can just sum all of the host - offsets to get the host offset of the transitive dependency. The target - offset is the transitive dependency is simply the host offset + 1, just as it - was with the dependencies composed to make this transitive one; it can be + This is where "sum-like" comes in from above: We can just sum all of the + host offsets to get the host offset of the transitive dependency. The target + offset is the transitive dependency is simply the host offset + 1, just as + it was with the dependencies composed to make this transitive one; it can be ignored as it doesn't add any new information. - Because of the bounds checks, the uncommon cases are h = t - and h + 2 = t. In the former case, the motivation for - mapOffset is that since its host and target platforms - are the same, no transitive dependency of it should be able to "discover" an - offset greater than its reduced target offsets. + Because of the bounds checks, the uncommon cases are h = + t and h + 2 = t. In the former case, the + motivation for mapOffset is that since its host and + target platforms are the same, no transitive dependency of it should be able + to "discover" an offset greater than its reduced target offsets. mapOffset effectively "squashes" all its transitive dependencies' offsets so that none will ever be greater than the target offset of the original h = t package. In the other case, - h + 1 is skipped over between the host and target offsets. - Instead of squashing the offsets, we need to "rip" them apart so no + h + 1 is skipped over between the host and target + offsets. Instead of squashing the offsets, we need to "rip" them apart so no transitive dependencies' offset is that one. - Overall, the unifying theme here is that propagation shouldn't be introducing - transitive dependencies involving platforms the depending package is unaware - of. The offset bounds checking and definition of + Overall, the unifying theme here is that propagation shouldn't be + introducing transitive dependencies involving platforms the depending + package is unaware of. The offset bounds checking and definition of mapOffset together ensure that this is the case. Discovering a new offset is discovering a new platform, and since those platforms weren't in the derivation "spec" of the needing package, they @@ -381,8 +381,8 @@ let f(h, h + 1, i) = i + h Since these packages are able to be run at build-time, they are always added to the PATH, as described above. But since these packages are only guaranteed to be able to run then, they shouldn't - persist as run-time dependencies. This isn't currently enforced, but could - be in the future. + persist as run-time dependencies. This isn't currently enforced, but + could be in the future. @@ -396,10 +396,10 @@ let f(h, h + 1, i) = i + h platform, and target platform is the new derivation's host platform. This means a -1 host offset and 0 target offset from the new derivation's platforms. These are programs and - libraries used at build-time that, if they are a compiler or similar tool, - produce code to run at run-time—i.e. tools used to build the new - derivation. If the dependency doesn't care about the target platform (i.e. - isn't a compiler or similar tool), put it here, rather than in + libraries used at build-time that, if they are a compiler or similar + tool, produce code to run at run-time—i.e. tools used to build the new + derivation. If the dependency doesn't care about the target platform + (i.e. isn't a compiler or similar tool), put it here, rather than in depsBuildBuild or depsBuildTarget. This could be called depsBuildHost but nativeBuildInputs is used for historical continuity. @@ -407,8 +407,9 @@ let f(h, h + 1, i) = i + h Since these packages are able to be run at build-time, they are added to the PATH, as described above. But since these packages are - only guaranteed to be able to run then, they shouldn't persist as run-time - dependencies. This isn't currently enforced, but could be in the future. + only guaranteed to be able to run then, they shouldn't persist as + run-time dependencies. This isn't currently enforced, but could be in the + future. @@ -421,33 +422,36 @@ let f(h, h + 1, i) = i + h A list of dependencies whose host platform is the new derivation's build platform, and target platform is the new derivation's target platform. This means a -1 host offset and 1 - target offset from the new derivation's platforms. These are programs used - at build time that produce code to run with code produced by the depending - package. Most commonly, these are tools used to build the runtime or - standard library that the currently-being-built compiler will inject into - any code it compiles. In many cases, the currently-being-built-compiler is - itself employed for that task, but when that compiler won't run (i.e. its - build and host platform differ) this is not possible. Other times, the - compiler relies on some other tool, like binutils, that is always built - separately so that the dependency is unconditional. + target offset from the new derivation's platforms. These are programs + used at build time that produce code to run with code produced by the + depending package. Most commonly, these are tools used to build the + runtime or standard library that the currently-being-built compiler will + inject into any code it compiles. In many cases, the + currently-being-built-compiler is itself employed for that task, but when + that compiler won't run (i.e. its build and host platform differ) this is + not possible. Other times, the compiler relies on some other tool, like + binutils, that is always built separately so that the dependency is + unconditional. This is a somewhat confusing concept to wrap one’s head around, and for good reason. As the only dependency type where the platform offsets are not adjacent integers, it requires thinking of a bootstrapping stage - two away from the current one. It and its use-case go - hand in hand and are both considered poor form: try to not need this sort - of dependency, and try to avoid building standard libraries and runtimes - in the same derivation as the compiler produces code using them. Instead - strive to build those like a normal library, using the newly-built - compiler just as a normal library would. In short, do not use this - attribute unless you are packaging a compiler and are sure it is needed. + two away from the current one. It and its use-case + go hand in hand and are both considered poor form: try to not need this + sort of dependency, and try to avoid building standard libraries and + runtimes in the same derivation as the compiler produces code using them. + Instead strive to build those like a normal library, using the + newly-built compiler just as a normal library would. In short, do not use + this attribute unless you are packaging a compiler and are sure it is + needed. Since these packages are able to run at build time, they are added to the - PATH, as described above. But since these packages are only - guaranteed to be able to run then, they shouldn't persist as run-time - dependencies. This isn't currently enforced, but could be in the future. + PATH, as described above. But since these packages are + only guaranteed to be able to run then, they shouldn't persist as + run-time dependencies. This isn't currently enforced, but could be in the + future. @@ -462,11 +466,11 @@ let f(h, h + 1, i) = i + h and 0 target offset from the new derivation's host platform. These are packages used at run-time to generate code also used at run-time. In practice, this would usually be tools used by compilers - for macros or a metaprogramming system, or libraries used by the macros or - metaprogramming code itself. It's always preferable to use a - depsBuildBuild dependency in the derivation being built - over a depsHostHost on the tool doing the building for - this purpose. + for macros or a metaprogramming system, or libraries used by the macros + or metaprogramming code itself. It's always preferable to use a + depsBuildBuild dependency in the derivation being + built over a depsHostHost on the tool doing the + building for this purpose. @@ -481,8 +485,8 @@ let f(h, h + 1, i) = i + h 1 target offset from the new derivation's host platform. This would be called depsHostTarget but for historical continuity. If the dependency doesn't care about the target - platform (i.e. isn't a compiler or similar tool), put it here, rather than - in depsBuildBuild. + platform (i.e. isn't a compiler or similar tool), put it here, rather + than in depsBuildBuild. These are often programs and libraries used by the new derivation at @@ -664,10 +668,11 @@ passthru = { hello.baz.value1. We don't specify any usage or schema of passthru - it is meant for values that would be useful outside the derivation in other parts of a Nix expression (e.g. in - other derivations). An example would be to convey some specific dependency - of your derivation which contains a program with plugins support. Later, - others who make derivations with plugins can use passed-through dependency - to ensure that their plugin would be binary-compatible with built program. + other derivations). An example would be to convey some specific + dependency of your derivation which contains a program with plugins + support. Later, others who make derivations with plugins can use + passed-through dependency to ensure that their plugin would be + binary-compatible with built program. @@ -677,9 +682,9 @@ passthru = { - A script to be run by maintainers/scripts/update.nix when - the package is matched. It needs to be an executable file, either on the file - system: + A script to be run by maintainers/scripts/update.nix + when the package is matched. It needs to be an executable file, either on + the file system: passthru.updateScript = ./update.sh; @@ -695,16 +700,24 @@ passthru.updateScript = writeScript "update-zoom-us" '' update-source-version zoom-us "$version" '';
- The attribute can also contain a list, a script followed by arguments to be passed to it: + The attribute can also contain a list, a script followed by arguments to + be passed to it: passthru.updateScript = [ ../../update.sh pname "--requested-release=unstable" ]; - Note that the update scripts will be run in parallel by default; you should avoid running git commit or any other commands that cannot handle that. + Note that the update scripts will be run in parallel by default; you + should avoid running git commit or any other commands + that cannot handle that. - For information about how to run the updates, execute - nix-shell maintainers/scripts/update.nix. + + nix-shell + + maintainers/scripts/update.nix + + + . @@ -1178,8 +1191,8 @@ passthru.updateScript = [ ../../update.sh pname "--requested-release=unstable" ] By default, when cross compiling, the configure script has and passed. Packages can instead pass [ "build" "host" "target" ] - or a subset to control exactly which platform flags are passed. Compilers - and other tools can use this to also pass the target platform. + or a subset to control exactly which platform flags are passed. + Compilers and other tools can use this to also pass the target platform. Eventually these will be passed building natively as well, to improve @@ -1694,10 +1707,11 @@ installTargets = "install-bin install-doc"; - A package can export a setup hook - by setting this variable. The setup hook, if defined, is copied to - $out/nix-support/setup-hook. Environment variables - are then substituted in it using setup + hook by setting this variable. The setup hook, if defined, is + copied to $out/nix-support/setup-hook. Environment + variables are then substituted in it using + substituteAll. @@ -1812,8 +1826,8 @@ set debug-file-directory ~/.nix-profile/lib/debug A list of dependencies used by the phase. This gets included in - nativeBuildInputs when doInstallCheck is - set. + nativeBuildInputs when + doInstallCheck is set. @@ -2160,10 +2174,11 @@ someVar=$(stripHash $name) dependency derivation is already built just the same—depending is just needing something to exist, and needing is idempotent. However, a dependency specified twice will have its setup hook run twice, and that could easily - change the build environment (though a well-written setup hook will therefore - strive to be idempotent so this is in fact not observable). More broadly, - setup hooks are anti-modular in that multiple dependencies, whether the same - or different, should not interfere and yet their setup hooks may well do so. + change the build environment (though a well-written setup hook will + therefore strive to be idempotent so this is in fact not observable). More + broadly, setup hooks are anti-modular in that multiple dependencies, whether + the same or different, should not interfere and yet their setup hooks may + well do so. @@ -2185,11 +2200,12 @@ someVar=$(stripHash $name) Returning to the C compiler wrapper example, if the wrapper itself is an n dependency, then it only wants to accumulate flags from n + 1 dependencies, as only those ones match the - compiler's target platform. The hostOffset variable is defined - with the current dependency's host offset targetOffset with - its target offset, before its setup hook is sourced. Additionally, since most - environment hooks don't care about the target platform, that means the setup - hook can append to the right bash array by doing something like + compiler's target platform. The hostOffset variable is + defined with the current dependency's host offset + targetOffset with its target offset, before its setup hook is + sourced. Additionally, since most environment hooks don't care about the + target platform, that means the setup hook can append to the right bash + array by doing something like addEnvHooks "$hostOffset" myBashFunction @@ -2204,24 +2220,22 @@ addEnvHooks "$hostOffset" myBashFunction - First, let’s cover some setup hooks that are part of Nixpkgs - default stdenv. This means that they are run for every package - built using stdenv.mkDerivation. Some of - these are platform specific, so they may run on Linux but not - Darwin or vice-versa. - + First, let’s cover some setup hooks that are part of Nixpkgs default + stdenv. This means that they are run for every package built using + stdenv.mkDerivation. Some of these are platform + specific, so they may run on Linux but not Darwin or vice-versa. + move-docs.sh - + This setup hook moves any installed documentation to the - /share subdirectory directory. This includes - the man, doc and info directories. This is needed for legacy - programs that do not know how to use the - share subdirectory. - + /share subdirectory directory. This includes the man, + doc and info directories. This is needed for legacy programs that do not + know how to use the share subdirectory. + @@ -2229,11 +2243,11 @@ addEnvHooks "$hostOffset" myBashFunction compress-man-pages.sh - - This setup hook compresses any man pages that have been - installed. The compression is done using the gzip program. This - helps to reduce the installed size of packages. - + + This setup hook compresses any man pages that have been installed. The + compression is done using the gzip program. This helps to reduce the + installed size of packages. + @@ -2241,12 +2255,11 @@ addEnvHooks "$hostOffset" myBashFunction strip.sh - - This runs the strip command on installed binaries and - libraries. This removes unnecessary information like debug - symbols when they are not needed. This also helps to reduce the - installed size of packages. - + + This runs the strip command on installed binaries and libraries. This + removes unnecessary information like debug symbols when they are not + needed. This also helps to reduce the installed size of packages. + @@ -2254,15 +2267,14 @@ addEnvHooks "$hostOffset" myBashFunction patch-shebangs.sh - - This setup hook patches installed scripts to use the full path - to the shebang interpreter. A shebang interpreter is the first - commented line of a script telling the operating system which - program will run the script (e.g #!/bin/bash). In - Nix, we want an exact path to that interpreter to be used. This - often replaces /bin/sh with a path in the - Nix store. - + + This setup hook patches installed scripts to use the full path to the + shebang interpreter. A shebang interpreter is the first commented line + of a script telling the operating system which program will run the + script (e.g #!/bin/bash). In Nix, we want an exact + path to that interpreter to be used. This often replaces + /bin/sh with a path in the Nix store. + @@ -2270,12 +2282,12 @@ addEnvHooks "$hostOffset" myBashFunction audit-tmpdir.sh - - This verifies that no references are left from the install - binaries to the directory used to build those binaries. This - ensures that the binaries do not need things outside the Nix - store. This is currently supported in Linux only. - + + This verifies that no references are left from the install binaries to + the directory used to build those binaries. This ensures that the + binaries do not need things outside the Nix store. This is currently + supported in Linux only. + @@ -2283,14 +2295,14 @@ addEnvHooks "$hostOffset" myBashFunction multiple-outputs.sh - - This setup hook adds configure flags that tell packages to - install files into any one of the proper outputs listed in - outputs. This behavior can be turned off by setting + + This setup hook adds configure flags that tell packages to install files + into any one of the proper outputs listed in outputs. + This behavior can be turned off by setting setOutputFlags to false in the derivation - environment. See for - more information. - + environment. See for more + information. + @@ -2298,11 +2310,11 @@ addEnvHooks "$hostOffset" myBashFunction move-sbin.sh - - This setup hook moves any binaries installed in the sbin - subdirectory into bin. In addition, a link is provided from - sbin to bin for compatibility. - + + This setup hook moves any binaries installed in the sbin subdirectory + into bin. In addition, a link is provided from sbin to bin for + compatibility. + @@ -2310,11 +2322,11 @@ addEnvHooks "$hostOffset" myBashFunction move-lib64.sh - - This setup hook moves any libraries installed in the lib64 - subdirectory into lib. In addition, a link is provided from - lib64 to lib for compatibility. - + + This setup hook moves any libraries installed in the lib64 subdirectory + into lib. In addition, a link is provided from lib64 to lib for + compatibility. + @@ -2322,10 +2334,10 @@ addEnvHooks "$hostOffset" myBashFunction set-source-date-epoch-to-latest.sh - - This sets SOURCE_DATE_EPOCH to the - modification time of the most recent file. - + + This sets SOURCE_DATE_EPOCH to the modification time + of the most recent file. + @@ -2335,19 +2347,19 @@ addEnvHooks "$hostOffset" myBashFunction The Bintools Wrapper wraps the binary utilities for a bunch of - miscellaneous purposes. These are GNU Binutils when targetting Linux, and - a mix of cctools and GNU binutils for Darwin. [The "Bintools" name is - supposed to be a compromise between "Binutils" and "cctools" not denoting - any specific implementation.] Specifically, the underlying bintools - package, and a C standard library (glibc or Darwin's libSystem, just for - the dynamic loader) are all fed in, and dependency finding, hardening - (see below), and purity checks for each are handled by the Bintools - Wrapper. Packages typically depend on CC Wrapper, which in turn (at run - time) depends on the Bintools Wrapper. + miscellaneous purposes. These are GNU Binutils when targetting Linux, + and a mix of cctools and GNU binutils for Darwin. [The "Bintools" name + is supposed to be a compromise between "Binutils" and "cctools" not + denoting any specific implementation.] Specifically, the underlying + bintools package, and a C standard library (glibc or Darwin's libSystem, + just for the dynamic loader) are all fed in, and dependency finding, + hardening (see below), and purity checks for each are handled by the + Bintools Wrapper. Packages typically depend on CC Wrapper, which in turn + (at run time) depends on the Bintools Wrapper. - The Bintools Wrapper was only just recently split off from CC Wrapper, so - the division of labor is still being worked out. For example, it + The Bintools Wrapper was only just recently split off from CC Wrapper, + so the division of labor is still being worked out. For example, it shouldn't care about about the C standard library, but just take a derivation with the dynamic loader (which happens to be the glibc on linux). Dependency finding however is a task both wrappers will continue @@ -2357,11 +2369,12 @@ addEnvHooks "$hostOffset" myBashFunction nativeBuildInputs) in environment variables. The Bintools Wrapper's setup hook causes any lib and lib64 subdirectories to be added to - NIX_LDFLAGS. Since the CC Wrapper and the Bintools Wrapper - use the same strategy, most of the Bintools Wrapper code is sparsely - commented and refers to the CC Wrapper. But the CC Wrapper's code, by - contrast, has quite lengthy comments. The Bintools Wrapper merely cites - those, rather than repeating them, to avoid falling out of sync. + NIX_LDFLAGS. Since the CC Wrapper and the Bintools + Wrapper use the same strategy, most of the Bintools Wrapper code is + sparsely commented and refers to the CC Wrapper. But the CC Wrapper's + code, by contrast, has quite lengthy comments. The Bintools Wrapper + merely cites those, rather than repeating them, to avoid falling out of + sync. A final task of the setup hook is defining a number of standard @@ -2370,8 +2383,8 @@ addEnvHooks "$hostOffset" myBashFunction under the assumption that the Bintools Wrapper's binaries will be on the path. Firstly, this helps poorly-written packages, e.g. ones that look for just gcc when CC isn't defined yet - clang is to be used. Secondly, this helps packages not - get confused when cross-compiling, in which case multiple Bintools + clang is to be used. Secondly, this helps packages + not get confused when cross-compiling, in which case multiple Bintools Wrappers may simultaneously be in use. @@ -2387,16 +2400,16 @@ addEnvHooks "$hostOffset" myBashFunction Wrappers, properly disambiguating them. - A problem with this final task is that the Bintools Wrapper is honest and - defines LD as ld. Most packages, + A problem with this final task is that the Bintools Wrapper is honest + and defines LD as ld. Most packages, however, firstly use the C compiler for linking, secondly use LD anyways, defining it as the C compiler, and thirdly, - only so define LD when it is undefined as a fallback. This - triple-threat means Bintools Wrapper will break those packages, as LD is - already defined as the actual linker which the package won't override yet - doesn't want to use. The workaround is to define, just for the - problematic package, LD as the C compiler. A good way to - do this would be preConfigure = "LD=$CC". + only so define LD when it is undefined as a fallback. + This triple-threat means Bintools Wrapper will break those packages, as + LD is already defined as the actual linker which the package won't + override yet doesn't want to use. The workaround is to define, just for + the problematic package, LD as the C compiler. A good way + to do this would be preConfigure = "LD=$CC". @@ -2406,13 +2419,13 @@ addEnvHooks "$hostOffset" myBashFunction - The CC Wrapper wraps a C toolchain for a bunch of miscellaneous purposes. - Specifically, a C compiler (GCC or Clang), wrapped binary tools, and a C - standard library (glibc or Darwin's libSystem, just for the dynamic - loader) are all fed in, and dependency finding, hardening (see below), - and purity checks for each are handled by the CC Wrapper. Packages - typically depend on the CC Wrapper, which in turn (at run-time) depends - on the Bintools Wrapper. + The CC Wrapper wraps a C toolchain for a bunch of miscellaneous + purposes. Specifically, a C compiler (GCC or Clang), wrapped binary + tools, and a C standard library (glibc or Darwin's libSystem, just for + the dynamic loader) are all fed in, and dependency finding, hardening + (see below), and purity checks for each are handled by the CC Wrapper. + Packages typically depend on the CC Wrapper, which in turn (at run-time) + depends on the Bintools Wrapper. Dependency finding is undoubtedly the main task of the CC Wrapper. This @@ -2434,14 +2447,13 @@ addEnvHooks "$hostOffset" myBashFunction - + - Here are some more packages that provide a setup hook. Since the - list of hooks is extensible, this is not an exhaustive list the - mechanism is only to be used as a last resort, it might cover most - uses. + Here are some more packages that provide a setup hook. Since the list of + hooks is extensible, this is not an exhaustive list the mechanism is only to + be used as a last resort, it might cover most uses. @@ -2499,11 +2511,11 @@ addEnvHooks "$hostOffset" myBashFunction The autoreconfHook derivation adds - autoreconfPhase, which runs autoreconf, libtoolize and - automake, essentially preparing the configure script in autotools-based - builds. Most autotools-based packages come with the configure script - pre-generated, but this hook is necessary for a few packages and when you - need to patch the package’s configure scripts. + autoreconfPhase, which runs autoreconf, libtoolize + and automake, essentially preparing the configure script in + autotools-based builds. Most autotools-based packages come with the + configure script pre-generated, but this hook is necessary for a few + packages and when you need to patch the package’s configure scripts. @@ -2547,9 +2559,9 @@ addEnvHooks "$hostOffset" myBashFunction - Exports GDK_PIXBUF_MODULE_FILE environment variable to the - builder. Add librsvg package to buildInputs to get svg - support. + Exports GDK_PIXBUF_MODULE_FILE environment variable to + the builder. Add librsvg package to buildInputs to + get svg support. @@ -2594,21 +2606,20 @@ addEnvHooks "$hostOffset" myBashFunction This is useful for programs that use - dlopen - 3 - to load libraries at runtime. + dlopen + 3 to load libraries at runtime. - In certain situations you may want to run the main command - (autoPatchelf) of the setup hook on a file or a set - of directories instead of unconditionally patching all outputs. This - can be done by setting the dontAutoPatchelf environment - variable to a non-empty value. + In certain situations you may want to run the main command + (autoPatchelf) of the setup hook on a file or a set + of directories instead of unconditionally patching all outputs. This can + be done by setting the dontAutoPatchelf environment + variable to a non-empty value. - The autoPatchelf command also recognizes a - --no-recurse command line flag, - which prevents it from recursing into subdirectories. + The autoPatchelf command also recognizes a + --no-recurse command line flag, + which prevents it from recursing into subdirectories. @@ -2619,22 +2630,22 @@ addEnvHooks "$hostOffset" myBashFunction This hook will make a build pause instead of stopping when a failure - happens. It prevents nix from cleaning up the build environment immediately and - allows the user to attach to a build environment using the - cntr command. Upon build error it will print - instructions on how to use cntr. Installing - cntr and running the command will provide shell access to the build - sandbox of failed build. At /var/lib/cntr the - sandboxed filesystem is mounted. All commands and files of the system are - still accessible within the shell. To execute commands from the sandbox - use the cntr exec subcommand. Note that cntr also - needs to be executed on the machine that is doing the build, which might - not be the case when remote builders are enabled. - cntr is only supported on Linux-based platforms. To - use it first add cntr to your - environment.systemPackages on NixOS or alternatively to - the root user on non-NixOS systems. Then in the package that is supposed - to be inspected, add breakpointHook to + happens. It prevents nix from cleaning up the build environment + immediately and allows the user to attach to a build environment using + the cntr command. Upon build error it will print + instructions on how to use cntr. Installing cntr and + running the command will provide shell access to the build sandbox of + failed build. At /var/lib/cntr the sandboxed + filesystem is mounted. All commands and files of the system are still + accessible within the shell. To execute commands from the sandbox use + the cntr exec subcommand. Note that cntr also needs + to be executed on the machine that is doing the build, which might not + be the case when remote builders are enabled. cntr is + only supported on Linux-based platforms. To use it first add + cntr to your + environment.systemPackages on NixOS or alternatively + to the root user on non-NixOS systems. Then in the package that is + supposed to be inspected, add breakpointHook to nativeBuildInputs. nativeBuildInputs = [ breakpointHook ]; @@ -2649,16 +2660,15 @@ addEnvHooks "$hostOffset" myBashFunction libiconv, libintl - - A few libraries automatically add to - NIX_LDFLAGS their library, making their - symbols automatically available to the linker. This includes - libiconv and libintl (gettext). This is done to provide - compatibility between GNU Linux, where libiconv and libintl - are bundled in, and other systems where that might not be the - case. Sometimes, this behavior is not desired. To disable - this behavior, set dontAddExtraLibs. - + + A few libraries automatically add to NIX_LDFLAGS + their library, making their symbols automatically available to the + linker. This includes libiconv and libintl (gettext). This is done to + provide compatibility between GNU Linux, where libiconv and libintl are + bundled in, and other systems where that might not be the case. + Sometimes, this behavior is not desired. To disable this behavior, set + dontAddExtraLibs. + @@ -2666,17 +2676,17 @@ addEnvHooks "$hostOffset" myBashFunction cmake - - Overrides the default configure phase to run the CMake command. By - default, we use the Make generator of CMake. In - addition, dependencies are added automatically to CMAKE_PREFIX_PATH so - that packages are correctly detected by CMake. Some additional flags - are passed in to give similar behavior to configure-based packages. You - can disable this hook’s behavior by setting configurePhase to a custom - value, or by setting dontUseCmakeConfigure. cmakeFlags controls flags - passed only to CMake. By default, parallel building is enabled as CMake - supports parallel building almost everywhere. When Ninja is also in - use, CMake will detect that and use the ninja generator. + + Overrides the default configure phase to run the CMake command. By + default, we use the Make generator of CMake. In addition, dependencies + are added automatically to CMAKE_PREFIX_PATH so that packages are + correctly detected by CMake. Some additional flags are passed in to give + similar behavior to configure-based packages. You can disable this + hook’s behavior by setting configurePhase to a custom value, or by + setting dontUseCmakeConfigure. cmakeFlags controls flags passed only to + CMake. By default, parallel building is enabled as CMake supports + parallel building almost everywhere. When Ninja is also in use, CMake + will detect that and use the ninja generator. @@ -2685,12 +2695,12 @@ addEnvHooks "$hostOffset" myBashFunction xcbuildHook - - Overrides the build and install phases to run the “xcbuild” command. - This hook is needed when a project only comes with build files for the - XCode build system. You can disable this behavior by setting buildPhase - and configurePhase to a custom value. xcbuildFlags controls flags - passed only to xcbuild. + + Overrides the build and install phases to run the “xcbuild” command. + This hook is needed when a project only comes with build files for the + XCode build system. You can disable this behavior by setting buildPhase + and configurePhase to a custom value. xcbuildFlags controls flags passed + only to xcbuild. @@ -2699,13 +2709,13 @@ addEnvHooks "$hostOffset" myBashFunction meson - - Overrides the configure phase to run meson to generate Ninja files. You - can disable this behavior by setting configurePhase to a custom value, - or by setting dontUseMesonConfigure. To run these files, you should - accompany meson with ninja. mesonFlags controls only the flags passed - to meson. By default, parallel building is enabled as Meson supports - parallel building almost everywhere. + + Overrides the configure phase to run meson to generate Ninja files. You + can disable this behavior by setting configurePhase to a custom value, + or by setting dontUseMesonConfigure. To run these files, you should + accompany meson with ninja. mesonFlags controls only the flags passed to + meson. By default, parallel building is enabled as Meson supports + parallel building almost everywhere. @@ -2714,11 +2724,11 @@ addEnvHooks "$hostOffset" myBashFunction ninja - - Overrides the build, install, and check phase to run ninja instead of - make. You can disable this behavior with the dontUseNinjaBuild, - dontUseNinjaInstall, and dontUseNinjaCheck, respectively. Parallel - building is enabled by default in Ninja. + + Overrides the build, install, and check phase to run ninja instead of + make. You can disable this behavior with the dontUseNinjaBuild, + dontUseNinjaInstall, and dontUseNinjaCheck, respectively. Parallel + building is enabled by default in Ninja. @@ -2727,9 +2737,9 @@ addEnvHooks "$hostOffset" myBashFunction unzip - - This setup hook will allow you to unzip .zip files specified in $src. - There are many similar packages like unrar, undmg, etc. + + This setup hook will allow you to unzip .zip files specified in $src. + There are many similar packages like unrar, undmg, etc. @@ -2738,11 +2748,11 @@ addEnvHooks "$hostOffset" myBashFunction wafHook - - Overrides the configure, build, and install phases. This will run the - "waf" script used by many projects. If waf doesn’t exist, it will copy - the version of waf available in Nixpkgs wafFlags can be used to pass - flags to the waf script. + + Overrides the configure, build, and install phases. This will run the + "waf" script used by many projects. If waf doesn’t exist, it will copy + the version of waf available in Nixpkgs wafFlags can be used to pass + flags to the waf script. @@ -2751,14 +2761,14 @@ addEnvHooks "$hostOffset" myBashFunction scons - - Overrides the build, install, and check phases. This uses the scons - build system as a replacement for make. scons does not provide a - configure phase, so everything is managed at build and install time. + + Overrides the build, install, and check phases. This uses the scons + build system as a replacement for make. scons does not provide a + configure phase, so everything is managed at build and install time. - +