From 762febafe2694e7e1b2276181c7ec5564fca0b85 Mon Sep 17 00:00:00 2001 From: Benjamin Hipple Date: Sat, 15 Feb 2020 01:37:44 -0500 Subject: [PATCH] doc: mention how to turn on pure evaluation mode in manual The flag is `--pure-eval`, which can be found by looking at the test suite; it should be in the notes describing the feature as well, since otherwise users may assume this is referencing something like `nix-shell --pure`. --- doc/manual/release-notes/rl-2.0.xml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/doc/manual/release-notes/rl-2.0.xml b/doc/manual/release-notes/rl-2.0.xml index fc9a77b08..bf6a679a1 100644 --- a/doc/manual/release-notes/rl-2.0.xml +++ b/doc/manual/release-notes/rl-2.0.xml @@ -503,14 +503,14 @@ - Pure evaluation mode. This is a variant - of the existing restricted evaluation mode. In pure mode, the Nix - evaluator forbids access to anything that could cause different - evaluations of the same command line arguments to produce a + Pure evaluation mode. With the + --pure-eval flag, nix enables a variant of the existing + restricted evaluation mode that forbids access to anything that could cause + different evaluations of the same command line arguments to produce a different result. This includes builtin functions such as builtins.getEnv, but more importantly, - all filesystem or network access unless a - content hash or commit hash is specified. For example, calls to + all filesystem or network access unless a content hash + or commit hash is specified. For example, calls to builtins.fetchGit are only allowed if a rev attribute is specified.