pkgs/tools/package-management/nix/default.nix at devShellTools-shell · tjh.dev/nixpkgs

tjh.dev / nixpkgs
Clone of https://github.com/NixOS/nixpkgs.git (to stress-test knotserver)
nixpkgs / pkgs / tools / package-management / nix / default.nix
at devShellTools-shell 276 lines 8.8 kB view raw
  1{
  2  lib,
  3  config,
  4  stdenv,
  5  nixDependencies,
  6  generateSplicesForMkScope,
  7  fetchFromGitHub,
  8  fetchpatch2,
  9  runCommand,
 10  pkgs,
 11  pkgsi686Linux,
 12  pkgsStatic,
 13  nixosTests,
 14
 15  storeDir ? "/nix/store",
 16  stateDir ? "/nix/var",
 17  confDir ? "/etc",
 18}:
 19let
 20
 21  # Called for Nix < 2.26
 22  commonAutoconf =
 23    args:
 24    nixDependencies.callPackage
 25      (import ./common-autoconf.nix ({ inherit lib fetchFromGitHub; } // args))
 26      {
 27        inherit
 28          storeDir
 29          stateDir
 30          confDir
 31          ;
 32        aws-sdk-cpp =
 33          if lib.versionAtLeast args.version "2.12pre" then
 34            nixDependencies.aws-sdk-cpp
 35          else
 36            nixDependencies.aws-sdk-cpp-old;
 37      };
 38
 39  # Called for Nix == 2.28. Transitional until we always use
 40  # per-component packages.
 41  commonMeson =
 42    args:
 43    nixDependencies.callPackage (import ./common-meson.nix ({ inherit lib fetchFromGitHub; } // args)) {
 44      inherit
 45        storeDir
 46        stateDir
 47        confDir
 48        ;
 49    };
 50
 51  # https://github.com/NixOS/nix/pull/7585
 52  patch-monitorfdhup = fetchpatch2 {
 53    name = "nix-7585-monitor-fd-hup.patch";
 54    url = "https://github.com/NixOS/nix/commit/1df3d62c769dc68c279e89f68fdd3723ed3bcb5a.patch";
 55    hash = "sha256-f+F0fUO+bqyPXjt+IXJtISVr589hdc3y+Cdrxznb+Nk=";
 56  };
 57
 58  # Intentionally does not support overrideAttrs etc
 59  # Use only for tests that are about the package relation to `pkgs` and/or NixOS.
 60  addTestsShallowly =
 61    tests: pkg:
 62    pkg
 63    // {
 64      tests = pkg.tests // tests;
 65      # In case someone reads the wrong attribute
 66      passthru.tests = pkg.tests // tests;
 67    };
 68
 69  addFallbackPathsCheck =
 70    pkg:
 71    addTestsShallowly {
 72      nix-fallback-paths =
 73        runCommand "test-nix-fallback-paths-version-equals-nix-stable"
 74          {
 75            paths = lib.concatStringsSep "\n" (
 76              builtins.attrValues (import ../../../../nixos/modules/installer/tools/nix-fallback-paths.nix)
 77            );
 78          }
 79          ''
 80            # NOTE: name may contain cross compilation details between the pname
 81            #       and version this is permitted thanks to ([^-]*-)*
 82            if [[ "" != $(grep -vE 'nix-([^-]*-)*${
 83              lib.strings.replaceStrings [ "." ] [ "\\." ] pkg.version
 84            }$' <<< "$paths") ]]; then
 85              echo "nix-fallback-paths not up to date with nixVersions.stable (nix-${pkg.version})"
 86              echo "The following paths are not up to date:"
 87              grep -v 'nix-${pkg.version}$' <<< "$paths"
 88              echo
 89              echo "Fix it by running in nixpkgs:"
 90              echo
 91              echo "curl https://releases.nixos.org/nix/nix-${pkg.version}/fallback-paths.nix >nixos/modules/installer/tools/nix-fallback-paths.nix"
 92              echo
 93              exit 1
 94            else
 95              echo "nix-fallback-paths versions up to date"
 96              touch $out
 97            fi
 98          '';
 99    } pkg;
100
101  # (meson based packaging)
102  # Add passthru tests to the package, and re-expose package set overriding
103  # functions. This will not incorporate the tests into the package set.
104  # TODO (roberth): add package-set level overriding to the "everything" package.
105  addTests =
106    selfAttributeName: pkg:
107    let
108      tests =
109        pkg.tests or { }
110        // import ./tests.nix {
111          inherit
112            runCommand
113            lib
114            stdenv
115            pkgs
116            pkgsi686Linux
117            pkgsStatic
118            nixosTests
119            ;
120          inherit (pkg) version src;
121          nix = pkg;
122          self_attribute_name = selfAttributeName;
123        };
124    in
125    # preserve old pkg, including overrideSource, etc
126    pkg
127    // {
128      tests = pkg.tests or { } // tests;
129      passthru = pkg.passthru or { } // {
130        tests =
131          lib.warn "nix.passthru.tests is deprecated. Use nix.tests instead." pkg.passthru.tests or { }
132          // tests;
133      };
134    };
135
136  # Factored out for when we have package sets for multiple versions of
137  # Nix.
138  #
139  # `nixPackages_*` would be the most regular name, analogous to
140  # `linuxPackages_*`, especially if we put other 3rd-party software in
141  # here, but `nixPackages_*` would also be *very* confusing to humans!
142  generateSplicesForNixComponents =
143    nixComponentsAttributeName:
144    generateSplicesForMkScope [
145      "nixVersions"
146      nixComponentsAttributeName
147    ];
148
149in
150lib.makeExtensible (
151  self:
152  (
153    {
154      nix_2_3 =
155        (commonAutoconf {
156          version = "2.3.18";
157          hash = "sha256-jBz2Ub65eFYG+aWgSI3AJYvLSghio77fWQiIW1svA9U=";
158          patches = [
159            patch-monitorfdhup
160          ];
161          self_attribute_name = "nix_2_3";
162          knownVulnerabilities = [
163            "CVE-2024-38531"
164            "CVE-2024-47174"
165            "CVE-2025-46415"
166            "CVE-2025-46416"
167            "CVE-2025-52991"
168            "CVE-2025-52992"
169            "CVE-2025-52993"
170          ];
171          maintainers = with lib.maintainers; [ flokli ];
172          teams = [ ];
173        }).overrideAttrs
174          {
175            # https://github.com/NixOS/nix/issues/10222
176            # spurious test/add.sh failures
177            enableParallelChecking = false;
178          };
179
180      nix_2_24 = commonAutoconf {
181        version = "2.24.15";
182        hash = "sha256-GHqFHLxvRID2IEPUwIfRMp8epYQMFcvG9ogLzfWRbPc=";
183        self_attribute_name = "nix_2_24";
184      };
185
186      nix_2_28 = commonMeson {
187        version = "2.28.4";
188        hash = "sha256-V1tPrBkPteqF8VWUgpotNFYJ2Xm6WmB3aMPexuEHl9I=";
189        self_attribute_name = "nix_2_28";
190      };
191
192      nixComponents_2_29 = nixDependencies.callPackage ./modular/packages.nix {
193        version = "2.29.1";
194        inherit (self.nix_2_24.meta) maintainers teams;
195        otherSplices = generateSplicesForNixComponents "nixComponents_2_29";
196        src = fetchFromGitHub {
197          owner = "NixOS";
198          repo = "nix";
199          rev = "2.29.1";
200          hash = "sha256-rCL3l4t20jtMeNjCq6fMaTzWvBKgj+qw1zglLrniRfY=";
201        };
202      };
203
204      nix_2_29 = addTests "nix_2_29" self.nixComponents_2_29.nix-everything;
205
206      nixComponents_2_30 = nixDependencies.callPackage ./modular/packages.nix rec {
207        version = "2.30.2";
208        inherit (self.nix_2_24.meta) maintainers teams;
209        otherSplices = generateSplicesForNixComponents "nixComponents_2_30";
210        src = fetchFromGitHub {
211          owner = "NixOS";
212          repo = "nix";
213          tag = version;
214          hash = "sha256-U46fAs+j2PfWWqP1zNi1odhnV4030SQ0RoEC8Eah1OQ=";
215        };
216      };
217
218      nix_2_30 = addTests "nix_2_30" self.nixComponents_2_30.nix-everything;
219
220      nixComponents_git = nixDependencies.callPackage ./modular/packages.nix rec {
221        version = "2.31pre20250712_${lib.substring 0 8 src.rev}";
222        inherit (self.nix_2_24.meta) maintainers teams;
223        otherSplices = generateSplicesForNixComponents "nixComponents_git";
224        src = fetchFromGitHub {
225          owner = "NixOS";
226          repo = "nix";
227          rev = "b124512388378cd38c4e353ddb387905d296e877";
228          hash = "sha256-asBUtSonedNfMO0/Z6HUi8RK/y/7I1qBDHv2UryichA=";
229        };
230      };
231
232      git = addTests "git" self.nixComponents_git.nix-everything;
233
234      latest = self.nix_2_30;
235
236      # The minimum Nix version supported by Nixpkgs
237      # Note that some functionality *might* have been backported into this Nix version,
238      # making this package an inaccurate representation of what features are available
239      # in the actual lowest minver.nix *patch* version.
240      minimum =
241        let
242          minver = import ../../../../lib/minver.nix;
243          major = lib.versions.major minver;
244          minor = lib.versions.minor minver;
245          attribute = "nix_${major}_${minor}";
246          nix = self.${attribute};
247        in
248        if !self ? ${attribute} then
249          throw "The minimum supported Nix version is ${minver} (declared in lib/minver.nix), but pkgs.nixVersions.${attribute} does not exist."
250        else
251          nix;
252
253      # Read ./README.md before bumping a major release
254      stable = addFallbackPathsCheck self.nix_2_28;
255    }
256    // lib.optionalAttrs config.allowAliases (
257      lib.listToAttrs (
258        map (
259          minor:
260          let
261            attr = "nix_2_${toString minor}";
262          in
263          lib.nameValuePair attr (throw "${attr} has been removed")
264        ) (lib.range 4 23)
265      )
266      // {
267        nixComponents_2_27 = throw "nixComponents_2_27 has been removed. use nixComponents_git.";
268        nix_2_26 = throw "nix_2_26 has been removed. use nix_2_28.";
269        nix_2_27 = throw "nix_2_27 has been removed. use nix_2_28.";
270        nix_2_25 = throw "nix_2_25 has been removed. use nix_2_28.";
271
272        unstable = throw "nixVersions.unstable has been removed. use nixVersions.latest or the nix flake.";
273      }
274    )
275  )
276)