pyrox.dev / nixpkgs
lol
fork atom

Merge pull request #295378 from hercules-ci/makeDerivationArgument

make-derivation.nix: Factor out `makeDerivationArgument`

authored by Robert Hensing and committed by GitHub 09364e24 9f26152c

+236 -147
unified split
+30
pkgs/build-support/lib/cmake.nix
···
··· 1 + { stdenv, lib }: 2 + 3 + let 4 + inherit (lib) findFirst isString optional optionals; 5 + 6 + makeCMakeFlags = { cmakeFlags ? [], ... }: 7 + cmakeFlags 8 + ++ optionals (stdenv.hostPlatform != stdenv.buildPlatform) ([ 9 + "-DCMAKE_SYSTEM_NAME=${findFirst isString "Generic" (optional (!stdenv.hostPlatform.isRedox) stdenv.hostPlatform.uname.system)}" 10 + ] ++ optionals (stdenv.hostPlatform.uname.processor != null) [ 11 + "-DCMAKE_SYSTEM_PROCESSOR=${stdenv.hostPlatform.uname.processor}" 12 + ] ++ optionals (stdenv.hostPlatform.uname.release != null) [ 13 + "-DCMAKE_SYSTEM_VERSION=${stdenv.hostPlatform.uname.release}" 14 + ] ++ optionals (stdenv.hostPlatform.isDarwin) [ 15 + "-DCMAKE_OSX_ARCHITECTURES=${stdenv.hostPlatform.darwinArch}" 16 + ] ++ optionals (stdenv.buildPlatform.uname.system != null) [ 17 + "-DCMAKE_HOST_SYSTEM_NAME=${stdenv.buildPlatform.uname.system}" 18 + ] ++ optionals (stdenv.buildPlatform.uname.processor != null) [ 19 + "-DCMAKE_HOST_SYSTEM_PROCESSOR=${stdenv.buildPlatform.uname.processor}" 20 + ] ++ optionals (stdenv.buildPlatform.uname.release != null) [ 21 + "-DCMAKE_HOST_SYSTEM_VERSION=${stdenv.buildPlatform.uname.release}" 22 + ] ++ optionals (stdenv.buildPlatform.canExecute stdenv.hostPlatform) [ 23 + "-DCMAKE_CROSSCOMPILING_EMULATOR=env" 24 + ] ++ optionals stdenv.hostPlatform.isStatic [ 25 + "-DCMAKE_LINK_SEARCH_START_STATIC=ON" 26 + ]); 27 + in 28 + { 29 + inherit makeCMakeFlags; 30 + }
+35
pkgs/build-support/lib/meson.nix
···
··· 1 + { stdenv, lib }: 2 + 3 + let 4 + inherit (lib) boolToString optionals; 5 + 6 + # See https://mesonbuild.com/Reference-tables.html#cpu-families 7 + cpuFamily = platform: with platform; 8 + /**/ if isAarch32 then "arm" 9 + else if isx86_32 then "x86" 10 + else platform.uname.processor; 11 + 12 + makeMesonFlags = { mesonFlags ? [], ... }: 13 + let 14 + crossFile = builtins.toFile "cross-file.conf" '' 15 + [properties] 16 + bindgen_clang_arguments = ['-target', '${stdenv.targetPlatform.config}'] 17 + needs_exe_wrapper = ${boolToString (!stdenv.buildPlatform.canExecute stdenv.hostPlatform)} 18 + 19 + [host_machine] 20 + system = '${stdenv.targetPlatform.parsed.kernel.name}' 21 + cpu_family = '${cpuFamily stdenv.targetPlatform}' 22 + cpu = '${stdenv.targetPlatform.parsed.cpu.name}' 23 + endian = ${if stdenv.targetPlatform.isLittleEndian then "'little'" else "'big'"} 24 + 25 + [binaries] 26 + llvm-config = 'llvm-config-native' 27 + rust = ['rustc', '--target', '${stdenv.targetPlatform.rust.rustcTargetSpec}'] 28 + ''; 29 + crossFlags = optionals (stdenv.hostPlatform != stdenv.buildPlatform) [ "--cross-file=${crossFile}" ]; 30 + in crossFlags ++ mesonFlags; 31 + 32 + in 33 + { 34 + inherit makeMesonFlags; 35 + }
+1 -1
pkgs/stdenv/adapters.nix
··· 6 7 let 8 # N.B. Keep in sync with default arg for stdenv/generic. 9 - defaultMkDerivationFromStdenv = import ./generic/make-derivation.nix { inherit lib config; }; 10 11 # Low level function to help with overriding `mkDerivationFromStdenv`. One 12 # gives it the old stdenv arguments and a "continuation" function, and
··· 6 7 let 8 # N.B. Keep in sync with default arg for stdenv/generic. 9 + defaultMkDerivationFromStdenv = stdenv: (import ./generic/make-derivation.nix { inherit lib config; } stdenv).mkDerivation; 10 11 # Low level function to help with overriding `mkDerivationFromStdenv`. One 12 # gives it the old stdenv arguments and a "continuation" function, and
+1 -1
pkgs/stdenv/generic/default.nix
··· 52 53 , # The implementation of `mkDerivation`, parameterized with the final stdenv so we can tie the knot. 54 # This is convient to have as a parameter so the stdenv "adapters" work better 55 - mkDerivationFromStdenv ? import ./make-derivation.nix { inherit lib config; } 56 }: 57 58 let
··· 52 53 , # The implementation of `mkDerivation`, parameterized with the final stdenv so we can tie the knot. 54 # This is convient to have as a parameter so the stdenv "adapters" work better 55 + mkDerivationFromStdenv ? stdenv: (import ./make-derivation.nix { inherit lib config; } stdenv).mkDerivation 56 }: 57 58 let
+169 -145
pkgs/stdenv/generic/make-derivation.nix
··· 9 assertMsg 10 attrNames 11 boolToString 12 - chooseDevOutputs 13 concatLists 14 concatMap 15 concatMapStrings ··· 19 extendDerivation 20 filter 21 findFirst 22 - flip 23 head 24 imap1 25 isAttrs ··· 39 subtractLists 40 unique 41 ; 42 43 checkMeta = import ./check-meta.nix { 44 inherit lib config; ··· 102 makeDerivationExtensible (self: attrs // (if builtins.isFunction f0 || f0?__functor then f self attrs else f0))) 103 attrs; 104 105 - mkDerivationSimple = overrideAttrs: 106 107 108 - # `mkDerivation` wraps the builtin `derivation` function to 109 - # produce derivations that use this stdenv and its shell. 110 # 111 # See also: 112 # ··· 146 147 # Configure Phase 148 , configureFlags ? [] 149 - , cmakeFlags ? [] 150 - , mesonFlags ? [] 151 , # Target is not included by default because most programs don't care. 152 # Including it then would cause needless mass rebuilds. 153 # ··· 169 170 , enableParallelBuilding ? config.enableParallelBuildingByDefault 171 172 - , meta ? {} 173 - , passthru ? {} 174 - , pos ? # position used in error messages and for meta.position 175 - (if attrs.meta.description or null != null 176 - then builtins.unsafeGetAttrPos "description" attrs.meta 177 - else if attrs.version or null != null 178 - then builtins.unsafeGetAttrPos "version" attrs 179 - else builtins.unsafeGetAttrPos "name" attrs) 180 , separateDebugInfo ? false 181 , outputs ? [ "out" ] 182 , __darwinAllowLocalNetworking ? false ··· 198 # but for anything complex, be prepared to debug if enabling. 199 , __structuredAttrs ? config.structuredAttrsByDefault or false 200 201 - , env ? { } 202 - 203 , ... } @ attrs: 204 205 # Policy on acceptable hash types in nixpkgs ··· 222 separateDebugInfo' = separateDebugInfo && stdenv.hostPlatform.isLinux; 223 outputs' = outputs ++ optional separateDebugInfo' "debug"; 224 225 - # Turn a derivation into its outPath without a string context attached. 226 - # See the comment at the usage site. 227 - unsafeDerivationToUntrackedOutpath = drv: 228 - if isDerivation drv 229 - then builtins.unsafeDiscardStringContext drv.outPath 230 - else drv; 231 - 232 noNonNativeDeps = builtins.length (depsBuildTarget ++ depsBuildTargetPropagated 233 ++ depsHostHost ++ depsHostHostPropagated 234 ++ buildInputs ++ propagatedBuildInputs ··· 239 # disabling fortify implies fortify3 should also be disabled 240 then unique (hardeningDisable ++ [ "fortify3" ]) 241 else hardeningDisable; 242 - knownHardeningFlags = [ 243 - "bindnow" 244 - "format" 245 - "fortify" 246 - "fortify3" 247 - "pic" 248 - "pie" 249 - "relro" 250 - "stackprotector" 251 - "strictoverflow" 252 - "trivialautovarinit" 253 - "zerocallusedregs" 254 - ]; 255 defaultHardeningFlags = 256 (if stdenv.hasCC then stdenv.cc else {}).defaultHardeningFlags or 257 # fallback safe-ish set of flags ··· 264 erroneousHardeningFlags = subtractLists knownHardeningFlags (hardeningEnable ++ remove "all" hardeningDisable); 265 266 checkDependencyList = checkDependencyList' []; 267 - checkDependencyList' = positions: name: deps: flip imap1 deps (index: dep: 268 - if isDerivation dep || dep == null || builtins.isString dep || builtins.isPath dep then dep 269 - else if isList dep then checkDependencyList' ([index] ++ positions) name dep 270 - else throw "Dependency is not of a valid type: ${concatMapStrings (ix: "element ${toString ix} of ") ([index] ++ positions)}${name} for ${attrs.name or attrs.pname}"); 271 in if builtins.length erroneousHardeningFlags != 0 272 then abort ("mkDerivation was called with unsupported hardening flags: " + lib.generators.toPretty {} { 273 inherit erroneousHardeningFlags hardeningDisable hardeningEnable knownHardeningFlags; ··· 286 287 outputs = outputs'; 288 289 - references = nativeBuildInputs ++ buildInputs 290 - ++ propagatedNativeBuildInputs ++ propagatedBuildInputs; 291 - 292 - dependencies = map (map chooseDevOutputs) [ 293 [ 294 - (map (drv: drv.__spliced.buildBuild or drv) (checkDependencyList "depsBuildBuild" depsBuildBuild)) 295 - (map (drv: drv.__spliced.buildHost or drv) (checkDependencyList "nativeBuildInputs" nativeBuildInputs')) 296 - (map (drv: drv.__spliced.buildTarget or drv) (checkDependencyList "depsBuildTarget" depsBuildTarget)) 297 ] 298 [ 299 - (map (drv: drv.__spliced.hostHost or drv) (checkDependencyList "depsHostHost" depsHostHost)) 300 - (map (drv: drv.__spliced.hostTarget or drv) (checkDependencyList "buildInputs" buildInputs')) 301 ] 302 [ 303 - (map (drv: drv.__spliced.targetTarget or drv) (checkDependencyList "depsTargetTarget" depsTargetTarget)) 304 ] 305 ]; 306 - propagatedDependencies = map (map chooseDevOutputs) [ 307 [ 308 - (map (drv: drv.__spliced.buildBuild or drv) (checkDependencyList "depsBuildBuildPropagated" depsBuildBuildPropagated)) 309 - (map (drv: drv.__spliced.buildHost or drv) (checkDependencyList "propagatedNativeBuildInputs" propagatedNativeBuildInputs)) 310 - (map (drv: drv.__spliced.buildTarget or drv) (checkDependencyList "depsBuildTargetPropagated" depsBuildTargetPropagated)) 311 ] 312 [ 313 - (map (drv: drv.__spliced.hostHost or drv) (checkDependencyList "depsHostHostPropagated" depsHostHostPropagated)) 314 - (map (drv: drv.__spliced.hostTarget or drv) (checkDependencyList "propagatedBuildInputs" propagatedBuildInputs)) 315 ] 316 [ 317 - (map (drv: drv.__spliced.targetTarget or drv) (checkDependencyList "depsTargetTargetPropagated" depsTargetTargetPropagated)) 318 ] 319 ]; 320 321 - computedSandboxProfile = 322 - concatMap (input: input.__propagatedSandboxProfile or []) 323 - (stdenv.extraNativeBuildInputs 324 - ++ stdenv.extraBuildInputs 325 - ++ concatLists dependencies); 326 - 327 - computedPropagatedSandboxProfile = 328 - concatMap (input: input.__propagatedSandboxProfile or []) 329 - (concatLists propagatedDependencies); 330 - 331 - computedImpureHostDeps = 332 - unique (concatMap (input: input.__propagatedImpureHostDeps or []) 333 - (stdenv.extraNativeBuildInputs 334 - ++ stdenv.extraBuildInputs 335 - ++ concatLists dependencies)); 336 - 337 - computedPropagatedImpureHostDeps = 338 - unique (concatMap (input: input.__propagatedImpureHostDeps or []) 339 - (concatLists propagatedDependencies)); 340 - 341 - envIsExportable = isAttrs env && !isDerivation env; 342 - 343 derivationArg = 344 - (removeAttrs attrs 345 - (["meta" "passthru" "pos" 346 - "checkInputs" "installCheckInputs" 347 - "nativeCheckInputs" "nativeInstallCheckInputs" 348 - "__contentAddressed" 349 - "__darwinAllowLocalNetworking" 350 - "__impureHostDeps" "__propagatedImpureHostDeps" 351 - "sandboxProfile" "propagatedSandboxProfile"] 352 - ++ optional (__structuredAttrs || envIsExportable) "env")) 353 // (optionalAttrs (attrs ? name || (attrs ? pname && attrs ? version)) { 354 name = 355 let ··· 377 assert assertMsg (attrs ? version && attrs.version != null) "The ‘version’ attribute cannot be null."; 378 "${attrs.pname}${staticMarker}${hostSuffix}-${attrs.version}" 379 ); 380 - }) // optionalAttrs __structuredAttrs { env = checkedEnv; } // { 381 builder = attrs.realBuilder or stdenv.shell; 382 args = attrs.args or ["-e" (attrs.builder or ./default-builder.sh)]; 383 inherit stdenv; ··· 415 ++ optional (elem "host" configurePlatforms) "--host=${stdenv.hostPlatform.config}" 416 ++ optional (elem "target" configurePlatforms) "--target=${stdenv.targetPlatform.config}"; 417 418 - cmakeFlags = 419 - cmakeFlags 420 - ++ optionals (stdenv.hostPlatform != stdenv.buildPlatform) ([ 421 - "-DCMAKE_SYSTEM_NAME=${findFirst isString "Generic" (optional (!stdenv.hostPlatform.isRedox) stdenv.hostPlatform.uname.system)}" 422 - ] ++ optionals (stdenv.hostPlatform.uname.processor != null) [ 423 - "-DCMAKE_SYSTEM_PROCESSOR=${stdenv.hostPlatform.uname.processor}" 424 - ] ++ optionals (stdenv.hostPlatform.uname.release != null) [ 425 - "-DCMAKE_SYSTEM_VERSION=${stdenv.hostPlatform.uname.release}" 426 - ] ++ optionals (stdenv.hostPlatform.isDarwin) [ 427 - "-DCMAKE_OSX_ARCHITECTURES=${stdenv.hostPlatform.darwinArch}" 428 - ] ++ optionals (stdenv.buildPlatform.uname.system != null) [ 429 - "-DCMAKE_HOST_SYSTEM_NAME=${stdenv.buildPlatform.uname.system}" 430 - ] ++ optionals (stdenv.buildPlatform.uname.processor != null) [ 431 - "-DCMAKE_HOST_SYSTEM_PROCESSOR=${stdenv.buildPlatform.uname.processor}" 432 - ] ++ optionals (stdenv.buildPlatform.uname.release != null) [ 433 - "-DCMAKE_HOST_SYSTEM_VERSION=${stdenv.buildPlatform.uname.release}" 434 - ] ++ optionals (stdenv.buildPlatform.canExecute stdenv.hostPlatform) [ 435 - "-DCMAKE_CROSSCOMPILING_EMULATOR=env" 436 - ] ++ lib.optionals stdenv.hostPlatform.isStatic [ 437 - "-DCMAKE_LINK_SEARCH_START_STATIC=ON" 438 - ]); 439 - 440 - mesonFlags = 441 - let 442 - # See https://mesonbuild.com/Reference-tables.html#cpu-families 443 - cpuFamily = platform: with platform; 444 - /**/ if isAarch32 then "arm" 445 - else if isx86_32 then "x86" 446 - else platform.uname.processor; 447 - 448 - crossFile = builtins.toFile "cross-file.conf" '' 449 - [properties] 450 - bindgen_clang_arguments = ['-target', '${stdenv.targetPlatform.config}'] 451 - needs_exe_wrapper = ${boolToString (!stdenv.buildPlatform.canExecute stdenv.hostPlatform)} 452 - 453 - [host_machine] 454 - system = '${stdenv.targetPlatform.parsed.kernel.name}' 455 - cpu_family = '${cpuFamily stdenv.targetPlatform}' 456 - cpu = '${stdenv.targetPlatform.parsed.cpu.name}' 457 - endian = ${if stdenv.targetPlatform.isLittleEndian then "'little'" else "'big'"} 458 - 459 - [binaries] 460 - llvm-config = 'llvm-config-native' 461 - rust = ['rustc', '--target', '${stdenv.targetPlatform.rust.rustcTargetSpec}'] 462 - ''; 463 - crossFlags = optionals (stdenv.hostPlatform != stdenv.buildPlatform) [ "--cross-file=${crossFile}" ]; 464 - in crossFlags ++ mesonFlags; 465 - 466 inherit patches; 467 468 inherit doCheck doInstallCheck; ··· 482 NIX_HARDENING_ENABLE = enabledHardeningOptions; 483 } // optionalAttrs (stdenv.hostPlatform.isx86_64 && stdenv.hostPlatform ? gcc.arch) { 484 requiredSystemFeatures = attrs.requiredSystemFeatures or [] ++ [ "gccarch-${stdenv.hostPlatform.gcc.arch}" ]; 485 - } // optionalAttrs (stdenv.buildPlatform.isDarwin) { 486 inherit __darwinAllowLocalNetworking; 487 # TODO: remove `unique` once nix has a list canonicalization primitive 488 __sandboxProfile = ··· 497 "/bin/sh" 498 ]; 499 __propagatedImpureHostDeps = computedPropagatedImpureHostDeps ++ __propagatedImpureHostDeps; 500 - } // 501 # If we use derivations directly here, they end up as build-time dependencies. 502 # This is especially problematic in the case of disallowed*, since the disallowed 503 # derivations will be built by nix as build-time dependencies, while those ··· 533 mapNullable unsafeDerivationToUntrackedOutpath attrs.allowedRequisites; 534 }; 535 536 - meta = checkMeta.commonMeta { inherit validity attrs pos references; }; 537 validity = checkMeta.assertValidity { inherit meta attrs; }; 538 539 checkedEnv = ··· 603 (derivation (derivationArg // optionalAttrs envIsExportable checkedEnv)); 604 605 in 606 - fnOrAttrs: 607 - if builtins.isFunction fnOrAttrs 608 - then makeDerivationExtensible fnOrAttrs 609 - else makeDerivationExtensibleConst fnOrAttrs
··· 9 assertMsg 10 attrNames 11 boolToString 12 concatLists 13 concatMap 14 concatMapStrings ··· 18 extendDerivation 19 filter 20 findFirst 21 + getDev 22 head 23 imap1 24 isAttrs ··· 38 subtractLists 39 unique 40 ; 41 + 42 + inherit (import ../../build-support/lib/cmake.nix { inherit lib stdenv; }) makeCMakeFlags; 43 + inherit (import ../../build-support/lib/meson.nix { inherit lib stdenv; }) makeMesonFlags; 44 + 45 + mkDerivation = 46 + fnOrAttrs: 47 + if builtins.isFunction fnOrAttrs 48 + then makeDerivationExtensible fnOrAttrs 49 + else makeDerivationExtensibleConst fnOrAttrs; 50 51 checkMeta = import ./check-meta.nix { 52 inherit lib config; ··· 110 makeDerivationExtensible (self: attrs // (if builtins.isFunction f0 || f0?__functor then f self attrs else f0))) 111 attrs; 112 113 + knownHardeningFlags = [ 114 + "bindnow" 115 + "format" 116 + "fortify" 117 + "fortify3" 118 + "pic" 119 + "pie" 120 + "relro" 121 + "stackprotector" 122 + "strictoverflow" 123 + "trivialautovarinit" 124 + "zerocallusedregs" 125 + ]; 126 + 127 + removedOrReplacedAttrNames = [ 128 + "checkInputs" "installCheckInputs" 129 + "nativeCheckInputs" "nativeInstallCheckInputs" 130 + "__contentAddressed" 131 + "__darwinAllowLocalNetworking" 132 + "__impureHostDeps" "__propagatedImpureHostDeps" 133 + "sandboxProfile" "propagatedSandboxProfile" 134 + ]; 135 + 136 + # Turn a derivation into its outPath without a string context attached. 137 + # See the comment at the usage site. 138 + unsafeDerivationToUntrackedOutpath = drv: 139 + if isDerivation drv 140 + then builtins.unsafeDiscardStringContext drv.outPath 141 + else drv; 142 + 143 + makeDerivationArgument = 144 145 146 + # `makeDerivationArgument` is responsible for the `mkDerivation` arguments that 147 + # affect the actual derivation, excluding a few behaviors that are not 148 + # essential, and specific to `mkDerivation`: `env`, `cmakeFlags`, `mesonFlags`. 149 # 150 # See also: 151 # ··· 185 186 # Configure Phase 187 , configureFlags ? [] 188 , # Target is not included by default because most programs don't care. 189 # Including it then would cause needless mass rebuilds. 190 # ··· 206 207 , enableParallelBuilding ? config.enableParallelBuildingByDefault 208 209 , separateDebugInfo ? false 210 , outputs ? [ "out" ] 211 , __darwinAllowLocalNetworking ? false ··· 227 # but for anything complex, be prepared to debug if enabling. 228 , __structuredAttrs ? config.structuredAttrsByDefault or false 229 230 , ... } @ attrs: 231 232 # Policy on acceptable hash types in nixpkgs ··· 249 separateDebugInfo' = separateDebugInfo && stdenv.hostPlatform.isLinux; 250 outputs' = outputs ++ optional separateDebugInfo' "debug"; 251 252 noNonNativeDeps = builtins.length (depsBuildTarget ++ depsBuildTargetPropagated 253 ++ depsHostHost ++ depsHostHostPropagated 254 ++ buildInputs ++ propagatedBuildInputs ··· 259 # disabling fortify implies fortify3 should also be disabled 260 then unique (hardeningDisable ++ [ "fortify3" ]) 261 else hardeningDisable; 262 defaultHardeningFlags = 263 (if stdenv.hasCC then stdenv.cc else {}).defaultHardeningFlags or 264 # fallback safe-ish set of flags ··· 271 erroneousHardeningFlags = subtractLists knownHardeningFlags (hardeningEnable ++ remove "all" hardeningDisable); 272 273 checkDependencyList = checkDependencyList' []; 274 + checkDependencyList' = positions: name: deps: 275 + imap1 276 + (index: dep: 277 + if isDerivation dep || dep == null || builtins.isString dep || builtins.isPath dep then dep 278 + else if isList dep then checkDependencyList' ([index] ++ positions) name dep 279 + else throw "Dependency is not of a valid type: ${concatMapStrings (ix: "element ${toString ix} of ") ([index] ++ positions)}${name} for ${attrs.name or attrs.pname}") 280 + deps; 281 in if builtins.length erroneousHardeningFlags != 0 282 then abort ("mkDerivation was called with unsupported hardening flags: " + lib.generators.toPretty {} { 283 inherit erroneousHardeningFlags hardeningDisable hardeningEnable knownHardeningFlags; ··· 296 297 outputs = outputs'; 298 299 + dependencies = [ 300 [ 301 + (map (drv: getDev drv.__spliced.buildBuild or drv) (checkDependencyList "depsBuildBuild" depsBuildBuild)) 302 + (map (drv: getDev drv.__spliced.buildHost or drv) (checkDependencyList "nativeBuildInputs" nativeBuildInputs')) 303 + (map (drv: getDev drv.__spliced.buildTarget or drv) (checkDependencyList "depsBuildTarget" depsBuildTarget)) 304 ] 305 [ 306 + (map (drv: getDev drv.__spliced.hostHost or drv) (checkDependencyList "depsHostHost" depsHostHost)) 307 + (map (drv: getDev drv.__spliced.hostTarget or drv) (checkDependencyList "buildInputs" buildInputs')) 308 ] 309 [ 310 + (map (drv: getDev drv.__spliced.targetTarget or drv) (checkDependencyList "depsTargetTarget" depsTargetTarget)) 311 ] 312 ]; 313 + propagatedDependencies = [ 314 [ 315 + (map (drv: getDev drv.__spliced.buildBuild or drv) (checkDependencyList "depsBuildBuildPropagated" depsBuildBuildPropagated)) 316 + (map (drv: getDev drv.__spliced.buildHost or drv) (checkDependencyList "propagatedNativeBuildInputs" propagatedNativeBuildInputs)) 317 + (map (drv: getDev drv.__spliced.buildTarget or drv) (checkDependencyList "depsBuildTargetPropagated" depsBuildTargetPropagated)) 318 ] 319 [ 320 + (map (drv: getDev drv.__spliced.hostHost or drv) (checkDependencyList "depsHostHostPropagated" depsHostHostPropagated)) 321 + (map (drv: getDev drv.__spliced.hostTarget or drv) (checkDependencyList "propagatedBuildInputs" propagatedBuildInputs)) 322 ] 323 [ 324 + (map (drv: getDev drv.__spliced.targetTarget or drv) (checkDependencyList "depsTargetTargetPropagated" depsTargetTargetPropagated)) 325 ] 326 ]; 327 328 derivationArg = 329 + removeAttrs attrs removedOrReplacedAttrNames 330 // (optionalAttrs (attrs ? name || (attrs ? pname && attrs ? version)) { 331 name = 332 let ··· 354 assert assertMsg (attrs ? version && attrs.version != null) "The ‘version’ attribute cannot be null."; 355 "${attrs.pname}${staticMarker}${hostSuffix}-${attrs.version}" 356 ); 357 + }) // { 358 builder = attrs.realBuilder or stdenv.shell; 359 args = attrs.args or ["-e" (attrs.builder or ./default-builder.sh)]; 360 inherit stdenv; ··· 392 ++ optional (elem "host" configurePlatforms) "--host=${stdenv.hostPlatform.config}" 393 ++ optional (elem "target" configurePlatforms) "--target=${stdenv.targetPlatform.config}"; 394 395 inherit patches; 396 397 inherit doCheck doInstallCheck; ··· 411 NIX_HARDENING_ENABLE = enabledHardeningOptions; 412 } // optionalAttrs (stdenv.hostPlatform.isx86_64 && stdenv.hostPlatform ? gcc.arch) { 413 requiredSystemFeatures = attrs.requiredSystemFeatures or [] ++ [ "gccarch-${stdenv.hostPlatform.gcc.arch}" ]; 414 + } // optionalAttrs (stdenv.buildPlatform.isDarwin) ( 415 + let 416 + computedSandboxProfile = 417 + concatMap (input: input.__propagatedSandboxProfile or []) 418 + (stdenv.extraNativeBuildInputs 419 + ++ stdenv.extraBuildInputs 420 + ++ concatLists dependencies); 421 + 422 + computedPropagatedSandboxProfile = 423 + concatMap (input: input.__propagatedSandboxProfile or []) 424 + (concatLists propagatedDependencies); 425 + 426 + computedImpureHostDeps = 427 + unique (concatMap (input: input.__propagatedImpureHostDeps or []) 428 + (stdenv.extraNativeBuildInputs 429 + ++ stdenv.extraBuildInputs 430 + ++ concatLists dependencies)); 431 + 432 + computedPropagatedImpureHostDeps = 433 + unique (concatMap (input: input.__propagatedImpureHostDeps or []) 434 + (concatLists propagatedDependencies)); 435 + in { 436 inherit __darwinAllowLocalNetworking; 437 # TODO: remove `unique` once nix has a list canonicalization primitive 438 __sandboxProfile = ··· 447 "/bin/sh" 448 ]; 449 __propagatedImpureHostDeps = computedPropagatedImpureHostDeps ++ __propagatedImpureHostDeps; 450 + }) // 451 # If we use derivations directly here, they end up as build-time dependencies. 452 # This is especially problematic in the case of disallowed*, since the disallowed 453 # derivations will be built by nix as build-time dependencies, while those ··· 483 mapNullable unsafeDerivationToUntrackedOutpath attrs.allowedRequisites; 484 }; 485 486 + in 487 + derivationArg; 488 + 489 + mkDerivationSimple = overrideAttrs: 490 + 491 + # `mkDerivation` wraps the builtin `derivation` function to 492 + # produce derivations that use this stdenv and its shell. 493 + # 494 + # Internally, it delegates most of its behavior to `makeDerivationArgument`, 495 + # except for the `env`, `cmakeFlags`, and `mesonFlags` attributes, as well 496 + # as the attributes `meta` and `passthru` that affect [package attributes], 497 + # and not the derivation itself. 498 + # 499 + # See also: 500 + # 501 + # * https://nixos.org/nixpkgs/manual/#sec-using-stdenv 502 + # Details on how to use this mkDerivation function 503 + # 504 + # * https://nixos.org/manual/nix/stable/expressions/derivations.html#derivations 505 + # Explanation about derivations in general 506 + # 507 + # * [package attributes]: https://nixos.org/manual/nix/stable/glossary#package-attribute-set 508 + { 509 + 510 + # Configure Phase 511 + cmakeFlags ? [] 512 + , mesonFlags ? [] 513 + 514 + , meta ? {} 515 + , passthru ? {} 516 + , pos ? # position used in error messages and for meta.position 517 + (if attrs.meta.description or null != null 518 + then builtins.unsafeGetAttrPos "description" attrs.meta 519 + else if attrs.version or null != null 520 + then builtins.unsafeGetAttrPos "version" attrs 521 + else builtins.unsafeGetAttrPos "name" attrs) 522 + 523 + # Experimental. For simple packages mostly just works, 524 + # but for anything complex, be prepared to debug if enabling. 525 + , __structuredAttrs ? config.structuredAttrsByDefault or false 526 + 527 + , env ? { } 528 + 529 + , ... } @ attrs: 530 + 531 + # Policy on acceptable hash types in nixpkgs 532 + assert attrs ? outputHash -> ( 533 + let algo = 534 + attrs.outputHashAlgo or (head (splitString "-" attrs.outputHash)); 535 + in 536 + if algo == "md5" then 537 + throw "Rejected insecure ${algo} hash '${attrs.outputHash}'" 538 + else 539 + true 540 + ); 541 + 542 + let 543 + envIsExportable = isAttrs env && !isDerivation env; 544 + 545 + derivationArg = makeDerivationArgument 546 + (removeAttrs 547 + attrs 548 + (["meta" "passthru" "pos"] 549 + ++ optional (__structuredAttrs || envIsExportable) "env" 550 + ) 551 + // optionalAttrs __structuredAttrs { env = checkedEnv; } 552 + // { 553 + cmakeFlags = makeCMakeFlags attrs; 554 + mesonFlags = makeMesonFlags attrs; 555 + }); 556 + 557 + meta = checkMeta.commonMeta { 558 + inherit validity attrs pos; 559 + references = attrs.nativeBuildInputs ++ attrs.buildInputs 560 + ++ attrs.propagatedNativeBuildInputs ++ attrs.propagatedBuildInputs; 561 + }; 562 validity = checkMeta.assertValidity { inherit meta attrs; }; 563 564 checkedEnv = ··· 628 (derivation (derivationArg // optionalAttrs envIsExportable checkedEnv)); 629 630 in 631 + { 632 + inherit mkDerivation; 633 + }