From 1ef6bbb16d61067bcfdd30f1c8910afe498cc164 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 29 Jan 2024 16:50:55 +0100 Subject: [PATCH 1/6] Update release-process.md --- maintainers/release-process.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/maintainers/release-process.md b/maintainers/release-process.md index db8b064a5..da6886ea9 100644 --- a/maintainers/release-process.md +++ b/maintainers/release-process.md @@ -27,8 +27,9 @@ release: * Compile the release notes by running ```console + $ export VERSION=X.YY $ git checkout -b release-notes - $ VERSION=X.YY ./maintainers/release-notes + $ ./maintainers/release-notes ``` where `X.YY` is *without* the patch level, e.g. `2.12` rather than ~~`2.12.0`~~. From 007040080977f1a06786fd4cfa7b4b95b18c5713 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 29 Jan 2024 17:10:42 +0100 Subject: [PATCH 2/6] maintainers/release-notes: Include changelog-d Otherwise it quietly generates an empty rl-.md --- doc/manual/src/contributing/hacking.md | 1 - flake.nix | 3 +-- maintainers/release-notes | 6 ++---- package.nix | 12 ------------ 4 files changed, 3 insertions(+), 19 deletions(-) diff --git a/doc/manual/src/contributing/hacking.md b/doc/manual/src/contributing/hacking.md index 9a7623dc9..9e2470859 100644 --- a/doc/manual/src/contributing/hacking.md +++ b/doc/manual/src/contributing/hacking.md @@ -304,7 +304,6 @@ See also the [format documentation](https://github.com/haskell/cabal/blob/master ### Build process Releases have a precomputed `rl-MAJOR.MINOR.md`, and no `rl-next.md`. -Set `buildUnreleasedNotes = true;` in `flake.nix` to build the release notes on the fly. ## Branches diff --git a/flake.nix b/flake.nix index a48e36a2f..0bc70768e 100644 --- a/flake.nix +++ b/flake.nix @@ -190,7 +190,6 @@ boehmgc = final.boehmgc-nix; libgit2 = final.libgit2-nix; busybox-sandbox-shell = final.busybox-sandbox-shell or final.default-busybox-sandbox-shell; - changelog-d = final.changelog-d-nix; } // { # this is a proper separate downstream package, but put # here also for back compat reasons. @@ -363,7 +362,7 @@ }); packages = forAllSystems (system: rec { - inherit (nixpkgsFor.${system}.native) nix; + inherit (nixpkgsFor.${system}.native) nix changelog-d-nix; default = nix; } // (lib.optionalAttrs (builtins.elem system linux64BitSystems) { nix-static = nixpkgsFor.${system}.static.nix; diff --git a/maintainers/release-notes b/maintainers/release-notes index 34cd85a56..2d84485c1 100755 --- a/maintainers/release-notes +++ b/maintainers/release-notes @@ -1,7 +1,5 @@ -#!/usr/bin/env nix-shell -#!nix-shell -i bash ../shell.nix -I nixpkgs=channel:nixos-unstable-small -# ^^^^^^^ -# Only used for bash. shell.nix goes to the flake. +#!/usr/bin/env nix +#!nix shell .#changelog-d-nix --command bash # --- CONFIGURATION --- diff --git a/package.nix b/package.nix index 192df90ab..d1d14d10e 100644 --- a/package.nix +++ b/package.nix @@ -10,7 +10,6 @@ , boost , brotli , bzip2 -, changelog-d , curl , editline , readline @@ -88,11 +87,6 @@ # - readline , readlineFlavor ? if stdenv.hostPlatform.isWindows then "readline" else "editline" -# Whether to compile `rl-next.md`, the release notes for the next -# not-yet-released version of Nix in the manul, from the individual -# change log entries in the directory. -, buildUnreleasedNotes ? false - # Whether to build the internal API docs, can be done separately from # everything else. , enableInternalAPIDocs ? false @@ -218,9 +212,6 @@ in { ] ++ lib.optionals (doInstallCheck || enableManual) [ jq # Also for custom mdBook preprocessor. ] ++ lib.optional stdenv.hostPlatform.isLinux util-linux - # Official releases don't have rl-next, so we don't need to compile a - # changelog - ++ lib.optional (!officialRelease && buildUnreleasedNotes) changelog-d ++ lib.optional enableInternalAPIDocs doxygen ; @@ -378,9 +369,6 @@ in { # Nix proper (which they depend on). (installUnitTests -> doBuild) (doCheck -> doBuild) - # We have to build the manual to build unreleased notes, as those - # are part of the manual - (buildUnreleasedNotes -> enableManual) # The build process for the manual currently requires extracting # data from the Nix executable we are trying to document. (enableManual -> doBuild) From 3089bce41b020fafd3e31034cf9f5dcf33a0b65c Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 29 Jan 2024 17:14:17 +0100 Subject: [PATCH 3/6] release notes: 2.20.0 --- ...llowed-uris-can-now-match-whole-schemes.md | 7 - doc/manual/rl-next/cgroup-stats.md | 8 - doc/manual/rl-next/drv-string-parse-hang.md | 6 - doc/manual/rl-next/empty-search-regex.md | 8 - doc/manual/rl-next/env-size-reduction.md | 7 - doc/manual/rl-next/eval-system.md | 12 - doc/manual/rl-next/git-fetcher.md | 18 - doc/manual/rl-next/hash-format-nix32.md | 23 -- doc/manual/rl-next/ifd-eval-store.md | 8 - doc/manual/rl-next/mounted-ssh-store.md | 8 - doc/manual/rl-next/nix-config-show.md | 7 - doc/manual/rl-next/nix-env-json-drv-path.md | 6 - .../rl-next/nix-flake-check-logs-actions.md | 33 -- doc/manual/rl-next/nix-hash-convert.md | 47 --- doc/manual/rl-next/nix-profile-names.md | 8 - doc/manual/rl-next/nix-store-add.md | 7 - .../rl-next/print-value-in-coercion-error.md | 24 -- .../rl-next/print-value-in-type-error.md | 23 -- .../rl-next/source-positions-in-errors.md | 42 --- .../rl-next/stack-overflow-segfaults.md | 32 -- doc/manual/rl-next/with-error-reporting.md | 31 -- doc/manual/src/SUMMARY.md.in | 1 + doc/manual/src/release-notes/rl-2.20.md | 334 ++++++++++++++++++ 23 files changed, 335 insertions(+), 365 deletions(-) delete mode 100644 doc/manual/rl-next/allowed-uris-can-now-match-whole-schemes.md delete mode 100644 doc/manual/rl-next/cgroup-stats.md delete mode 100644 doc/manual/rl-next/drv-string-parse-hang.md delete mode 100644 doc/manual/rl-next/empty-search-regex.md delete mode 100644 doc/manual/rl-next/env-size-reduction.md delete mode 100644 doc/manual/rl-next/eval-system.md delete mode 100644 doc/manual/rl-next/git-fetcher.md delete mode 100644 doc/manual/rl-next/hash-format-nix32.md delete mode 100644 doc/manual/rl-next/ifd-eval-store.md delete mode 100644 doc/manual/rl-next/mounted-ssh-store.md delete mode 100644 doc/manual/rl-next/nix-config-show.md delete mode 100644 doc/manual/rl-next/nix-env-json-drv-path.md delete mode 100644 doc/manual/rl-next/nix-flake-check-logs-actions.md delete mode 100644 doc/manual/rl-next/nix-hash-convert.md delete mode 100644 doc/manual/rl-next/nix-profile-names.md delete mode 100644 doc/manual/rl-next/nix-store-add.md delete mode 100644 doc/manual/rl-next/print-value-in-coercion-error.md delete mode 100644 doc/manual/rl-next/print-value-in-type-error.md delete mode 100644 doc/manual/rl-next/source-positions-in-errors.md delete mode 100644 doc/manual/rl-next/stack-overflow-segfaults.md delete mode 100644 doc/manual/rl-next/with-error-reporting.md create mode 100644 doc/manual/src/release-notes/rl-2.20.md diff --git a/doc/manual/rl-next/allowed-uris-can-now-match-whole-schemes.md b/doc/manual/rl-next/allowed-uris-can-now-match-whole-schemes.md deleted file mode 100644 index 3cf75a612..000000000 --- a/doc/manual/rl-next/allowed-uris-can-now-match-whole-schemes.md +++ /dev/null @@ -1,7 +0,0 @@ ---- -synopsis: Option `allowed-uris` can now match whole schemes in URIs without slashes -prs: 9547 ---- - -If a scheme, such as `github:` is specified in the `allowed-uris` option, all URIs starting with `github:` are allowed. -Previously this only worked for schemes whose URIs used the `://` syntax. diff --git a/doc/manual/rl-next/cgroup-stats.md b/doc/manual/rl-next/cgroup-stats.md deleted file mode 100644 index 00853a0f8..000000000 --- a/doc/manual/rl-next/cgroup-stats.md +++ /dev/null @@ -1,8 +0,0 @@ ---- -synopsis: Include cgroup stats when building through the daemon -prs: 9598 ---- - -Nix now also reports cgroup statistics when building through the nix daemon and when doing remote builds using ssh-ng, -if both sides of the connection are this version of Nix or newer. - diff --git a/doc/manual/rl-next/drv-string-parse-hang.md b/doc/manual/rl-next/drv-string-parse-hang.md deleted file mode 100644 index 1e041d3e9..000000000 --- a/doc/manual/rl-next/drv-string-parse-hang.md +++ /dev/null @@ -1,6 +0,0 @@ ---- -synopsis: Fix handling of truncated `.drv` files. -prs: 9673 ---- - -Previously a `.drv` that was truncated in the middle of a string would case nix to enter an infinite loop, eventually exhausting all memory and crashing. diff --git a/doc/manual/rl-next/empty-search-regex.md b/doc/manual/rl-next/empty-search-regex.md deleted file mode 100644 index b193f9456..000000000 --- a/doc/manual/rl-next/empty-search-regex.md +++ /dev/null @@ -1,8 +0,0 @@ -synopsis: Disallow empty search regex in `nix search` -prs: #9481 -description: { - -[`nix search`](@docroot@/command-ref/new-cli/nix3-search.md) now requires a search regex to be passed. To show all packages, use `^`. - -} - diff --git a/doc/manual/rl-next/env-size-reduction.md b/doc/manual/rl-next/env-size-reduction.md deleted file mode 100644 index 40a58bc28..000000000 --- a/doc/manual/rl-next/env-size-reduction.md +++ /dev/null @@ -1,7 +0,0 @@ ---- -synopsis: Reduce eval memory usage and wall time -prs: 9658 ---- - -Reduce the size of the `Env` struct used in the evaluator by a pointer, or 8 bytes on most modern machines. -This reduces memory usage during eval by around 2% and wall time by around 3%. diff --git a/doc/manual/rl-next/eval-system.md b/doc/manual/rl-next/eval-system.md deleted file mode 100644 index a4696a56c..000000000 --- a/doc/manual/rl-next/eval-system.md +++ /dev/null @@ -1,12 +0,0 @@ ---- -synopsis: Add new `eval-system` setting -prs: 4093 ---- - -Add a new `eval-system` option. -Unlike `system`, it just overrides the value of `builtins.currentSystem`. -This is more useful than overriding `system`, because you can build these derivations on remote builders which can work on the given system. -In contrast, `system` also effects scheduling which will cause Nix to build those derivations locally even if that doesn't make sense. - -`eval-system` only takes effect if it is non-empty. -If empty (the default) `system` is used as before, so there is no breakage. diff --git a/doc/manual/rl-next/git-fetcher.md b/doc/manual/rl-next/git-fetcher.md deleted file mode 100644 index 54c0d216d..000000000 --- a/doc/manual/rl-next/git-fetcher.md +++ /dev/null @@ -1,18 +0,0 @@ ---- -synopsis: "Nix now uses `libgit2` for Git fetching" -prs: - - 9240 - - 9241 - - 9258 - - 9480 -issues: - - 5313 ---- - -Nix has built-in support for fetching sources from Git, during evaluation and locking; outside the sandbox. -The existing implementation based on the Git CLI had issues regarding reproducibility and performance. - -Most of the original `fetchGit` behavior has been implemented using the `libgit2` library, which gives the fetcher fine-grained control. - -Known issues: -- The `export-subst` behavior has not been reimplemented. [Partial](https://github.com/NixOS/nix/pull/9391#issuecomment-1872503447) support for this Git feature is feasible, but it did not make the release window. diff --git a/doc/manual/rl-next/hash-format-nix32.md b/doc/manual/rl-next/hash-format-nix32.md deleted file mode 100644 index 73e6fbb24..000000000 --- a/doc/manual/rl-next/hash-format-nix32.md +++ /dev/null @@ -1,23 +0,0 @@ ---- -synopsis: Rename hash format `base32` to `nix32` -prs: 9452 ---- - -Hash format `base32` was renamed to `nix32` since it used a special nix-specific character set for -[Base32](https://en.wikipedia.org/wiki/Base32). - -## Deprecation: Use `nix32` instead of `base32` as `toHashFormat` - -For the builtin `convertHash`, the `toHashFormat` parameter now accepts the same hash formats as the `--to`/`--from` -parameters of the `nix hash conert` command: `"base16"`, `"nix32"`, `"base64"`, and `"sri"`. The former `"base32"` value -remains as a deprecated alias for `"base32"`. Please convert your code from: - -```nix -builtins.convertHash { inherit hash hashAlgo; toHashFormat = "base32";} -``` - -to - -```nix -builtins.convertHash { inherit hash hashAlgo; toHashFormat = "nix32";} -``` \ No newline at end of file diff --git a/doc/manual/rl-next/ifd-eval-store.md b/doc/manual/rl-next/ifd-eval-store.md deleted file mode 100644 index 835e7e7a3..000000000 --- a/doc/manual/rl-next/ifd-eval-store.md +++ /dev/null @@ -1,8 +0,0 @@ ---- -synopsis: import-from-derivation builds the derivation in the build store -prs: 9661 ---- - -When using `--eval-store`, `import`ing from a derivation will now result in the derivation being built on the build store, i.e. the store specified in the `store` Nix option. - -Because the resulting Nix expression must be copied back to the eval store in order to be imported, this requires the eval store to trust the build store's signatures. diff --git a/doc/manual/rl-next/mounted-ssh-store.md b/doc/manual/rl-next/mounted-ssh-store.md deleted file mode 100644 index 6df44dbb6..000000000 --- a/doc/manual/rl-next/mounted-ssh-store.md +++ /dev/null @@ -1,8 +0,0 @@ ---- -synopsis: Mounted SSH Store -issues: 7890 -prs: 7912 ---- - -Introduced the store [`mounted-ssh-ng://`](@docroot@/command-ref/new-cli/nix3-help-stores.md). -This store allows full access to a Nix store on a remote machine and additionally requires that the store be mounted in the local filesystem. diff --git a/doc/manual/rl-next/nix-config-show.md b/doc/manual/rl-next/nix-config-show.md deleted file mode 100644 index 26b961b76..000000000 --- a/doc/manual/rl-next/nix-config-show.md +++ /dev/null @@ -1,7 +0,0 @@ ---- -synopsis: Rename to `nix config show` -issues: 7672 -prs: 9477 ---- - -`nix show-config` was renamed to `nix config show`, and `nix doctor` was renamed to `nix config check`, to be more consistent with the rest of the command-line interface. diff --git a/doc/manual/rl-next/nix-env-json-drv-path.md b/doc/manual/rl-next/nix-env-json-drv-path.md deleted file mode 100644 index 734cefd1b..000000000 --- a/doc/manual/rl-next/nix-env-json-drv-path.md +++ /dev/null @@ -1,6 +0,0 @@ ---- -synopsis: Fix `nix-env --query --drv-path --json` -prs: 9257 ---- - -Fixed a bug where `nix-env --query` ignored `--drv-path` when `--json` was set. diff --git a/doc/manual/rl-next/nix-flake-check-logs-actions.md b/doc/manual/rl-next/nix-flake-check-logs-actions.md deleted file mode 100644 index 53a7b35eb..000000000 --- a/doc/manual/rl-next/nix-flake-check-logs-actions.md +++ /dev/null @@ -1,33 +0,0 @@ ---- -synopsis: Some stack overflow segfaults are fixed -issues: 8882 -prs: 8893 ---- - -`nix flake check` now logs the checks it runs and the derivations it evaluates: - -``` -$ nix flake check -v -evaluating flake... -checking flake output 'checks'... -checking derivation 'checks.aarch64-darwin.ghciwatch-tests'... -derivation evaluated to /nix/store/nh7dlvsrhds4cxl91mvgj4h5cbq6skmq-ghciwatch-test-0.3.0.drv -checking derivation 'checks.aarch64-darwin.ghciwatch-clippy'... -derivation evaluated to /nix/store/9cb5a6wmp6kf6hidqw9wphidvb8bshym-ghciwatch-clippy-0.3.0.drv -checking derivation 'checks.aarch64-darwin.ghciwatch-doc'... -derivation evaluated to /nix/store/8brdd3jbawfszpbs7vdpsrhy80as1il8-ghciwatch-doc-0.3.0.drv -checking derivation 'checks.aarch64-darwin.ghciwatch-fmt'... -derivation evaluated to /nix/store/wjhs0l1njl5pyji53xlmfjrlya0wmz8p-ghciwatch-fmt-0.3.0.drv -checking derivation 'checks.aarch64-darwin.ghciwatch-audit'... -derivation evaluated to /nix/store/z0mps8dyj2ds7c0fn0819y5h5611033z-ghciwatch-audit-0.3.0.drv -checking flake output 'packages'... -checking derivation 'packages.aarch64-darwin.default'... -derivation evaluated to /nix/store/41abbdyglw5x9vcsvd89xan3ydjf8d7r-ghciwatch-0.3.0.drv -checking flake output 'apps'... -checking flake output 'devShells'... -checking derivation 'devShells.aarch64-darwin.default'... -derivation evaluated to /nix/store/bc935gz7dylzmcpdb5cczr8gngv8pmdb-nix-shell.drv -running 5 flake checks... -warning: The check omitted these incompatible systems: aarch64-linux, x86_64-darwin, x86_64-linux -Use '--all-systems' to check all. -``` diff --git a/doc/manual/rl-next/nix-hash-convert.md b/doc/manual/rl-next/nix-hash-convert.md deleted file mode 100644 index 69db9508a..000000000 --- a/doc/manual/rl-next/nix-hash-convert.md +++ /dev/null @@ -1,47 +0,0 @@ ---- -synopsis: Add `nix hash convert` -prs: 9452 ---- - -New [`nix hash convert`](https://github.com/NixOS/nix/issues/8876) sub command with a fast track -to stabilization! Examples: - -- Convert the hash to `nix32`. - - ```bash - $ nix hash convert --hash-algo "sha1" --to nix32 "800d59cfcd3c05e900cb4e214be48f6b886a08df" - vw46m23bizj4n8afrc0fj19wrp7mj3c0 - ``` - `nix32` is a base32 encoding with a nix-specific character set. - Explicitly specify the hashing algorithm (optional with SRI hashes) but detect hash format by the length of the input - hash. -- Convert the hash to the `sri` format that includes an algorithm specification: - ```bash - nix hash convert --hash-algo "sha1" "800d59cfcd3c05e900cb4e214be48f6b886a08df" - sha1-gA1Zz808BekAy04hS+SPa4hqCN8= - ``` - or with an explicit `-to` format: - ```bash - nix hash convert --hash-algo "sha1" --to sri "800d59cfcd3c05e900cb4e214be48f6b886a08df" - sha1-gA1Zz808BekAy04hS+SPa4hqCN8= - ``` -- Assert the input format of the hash: - ```bash - nix hash convert --hash-algo "sha256" --from nix32 "ungWv48Bz+pBQUDeXa4iI7ADYaOWF3qctBD/YfIAFa0=" - error: input hash 'ungWv48Bz+pBQUDeXa4iI7ADYaOWF3qctBD/YfIAFa0=' does not have the expected format '--from nix32' - nix hash convert --hash-algo "sha256" --from nix32 "1b8m03r63zqhnjf7l5wnldhh7c134ap5vpj0850ymkq1iyzicy5s" - sha256-ungWv48Bz+pBQUDeXa4iI7ADYaOWF3qctBD/YfIAFa0= - ``` - -The `--to`/`--from`/`--hash-algo` parameters have context-sensitive auto-completion. - -## Related Deprecations - -The following commands are still available but will emit a deprecation warning. Please convert your code to -`nix hash convert`: - -- `nix hash to-base16 $hash1 $hash2`: Use `nix hash convert --to base16 $hash1 $hash2` instead. -- `nix hash to-base32 $hash1 $hash2`: Use `nix hash convert --to nix32 $hash1 $hash2` instead. -- `nix hash to-base64 $hash1 $hash2`: Use `nix hash convert --to base64 $hash1 $hash2` instead. -- `nix hash to-sri $hash1 $hash2`: : Use `nix hash convert --to sri $hash1 $hash2` - or even just `nix hash convert $hash1 $hash2` instead. diff --git a/doc/manual/rl-next/nix-profile-names.md b/doc/manual/rl-next/nix-profile-names.md deleted file mode 100644 index b7ad4b5d7..000000000 --- a/doc/manual/rl-next/nix-profile-names.md +++ /dev/null @@ -1,8 +0,0 @@ ---- -synopsis: "`nix profile` now allows referring to elements by human-readable name" -prs: 8678 ---- - -[`nix profile`](@docroot@/command-ref/new-cli/nix3-profile.md) now uses names to refer to installed packages when running [`list`](@docroot@/command-ref/new-cli/nix3-profile-list.md), [`remove`](@docroot@/command-ref/new-cli/nix3-profile-remove.md) or [`upgrade`](@docroot@/command-ref/new-cli/nix3-profile-upgrade.md) as opposed to indices. Profile element names are generated when a package is installed and remain the same until the package is removed. - -**Warning**: The `manifest.nix` file used to record the contents of profiles has changed. Nix will automatically upgrade profiles to the new version when you modify the profile. After that, the profile can no longer be used by older versions of Nix. diff --git a/doc/manual/rl-next/nix-store-add.md b/doc/manual/rl-next/nix-store-add.md deleted file mode 100644 index 5ef2913b4..000000000 --- a/doc/manual/rl-next/nix-store-add.md +++ /dev/null @@ -1,7 +0,0 @@ ---- -synopsis: Give `nix store add` a `--hash-algo` flag -prs: 9809 ---- - -Adds a missing feature that was present in the old CLI, and matches our -plans to have similar flags for `nix hash convert` and `nix hash path`. diff --git a/doc/manual/rl-next/print-value-in-coercion-error.md b/doc/manual/rl-next/print-value-in-coercion-error.md deleted file mode 100644 index 046e4e3cf..000000000 --- a/doc/manual/rl-next/print-value-in-coercion-error.md +++ /dev/null @@ -1,24 +0,0 @@ ---- -synopsis: Coercion errors include the failing value -issues: #561 -prs: #9754 ---- - -The `error: cannot coerce a to a string` message now includes the value -which caused the error. - -Before: - -``` - error: cannot coerce a set to a string -``` - -After: - -``` - error: cannot coerce a set to a string: { aesSupport = «thunk»; - avx2Support = «thunk»; avx512Support = «thunk»; avxSupport = «thunk»; - canExecute = «thunk»; config = «thunk»; darwinArch = «thunk»; darwinMinVersion - = «thunk»; darwinMinVersionVariable = «thunk»; darwinPlatform = «thunk»; «84 - attributes elided»} -``` diff --git a/doc/manual/rl-next/print-value-in-type-error.md b/doc/manual/rl-next/print-value-in-type-error.md deleted file mode 100644 index aaae22756..000000000 --- a/doc/manual/rl-next/print-value-in-type-error.md +++ /dev/null @@ -1,23 +0,0 @@ ---- -synopsis: Type errors include the failing value -issues: #561 -prs: #9753 ---- - -In errors like `value is an integer while a list was expected`, the message now -includes the failing value. - -Before: - -``` - error: value is a set while a string was expected -``` - -After: - -``` - error: expected a string but found a set: { ghc810 = «thunk»; - ghc8102Binary = «thunk»; ghc8107 = «thunk»; ghc8107Binary = «thunk»; - ghc865Binary = «thunk»; ghc90 = «thunk»; ghc902 = «thunk»; ghc92 = «thunk»; - ghc924Binary = «thunk»; ghc925 = «thunk»; «17 attributes elided»} -``` diff --git a/doc/manual/rl-next/source-positions-in-errors.md b/doc/manual/rl-next/source-positions-in-errors.md deleted file mode 100644 index b1a33d83b..000000000 --- a/doc/manual/rl-next/source-positions-in-errors.md +++ /dev/null @@ -1,42 +0,0 @@ ---- -synopsis: Source locations are printed more consistently in errors -issues: 561 -prs: 9555 ---- - -Source location information is now included in error messages more -consistently. Given this code: - -```nix -let - attr = {foo = "bar";}; - key = {}; -in - attr.${key} -``` - -Previously, Nix would show this unhelpful message when attempting to evaluate -it: - -``` -error: - … while evaluating an attribute name - - error: value is a set while a string was expected -``` - -Now, the error message displays where the problematic value was found: - -``` -error: - … while evaluating an attribute name - - at bad.nix:4:11: - - 3| key = {}; - 4| in attr.${key} - | ^ - 5| - - error: expected a string but found a set -``` diff --git a/doc/manual/rl-next/stack-overflow-segfaults.md b/doc/manual/rl-next/stack-overflow-segfaults.md deleted file mode 100644 index 3d9753248..000000000 --- a/doc/manual/rl-next/stack-overflow-segfaults.md +++ /dev/null @@ -1,32 +0,0 @@ ---- -synopsis: Some stack overflow segfaults are fixed -issues: 9616 -prs: 9617 ---- - -The number of nested function calls has been restricted, to detect and report -infinite function call recursions. The default maximum call depth is 10,000 and -can be set with [the `max-call-depth` -option](@docroot@/command-ref/conf-file.md#conf-max-call-depth). - -This fixes segfaults or the following unhelpful error message in many cases: - - error: stack overflow (possible infinite recursion) - -Before: - -``` -$ nix-instantiate --eval --expr '(x: x x) (x: x x)' -Segmentation fault: 11 -``` - -After: - -``` -$ nix-instantiate --eval --expr '(x: x x) (x: x x)' -error: stack overflow - - at «string»:1:14: - 1| (x: x x) (x: x x) - | ^ -``` diff --git a/doc/manual/rl-next/with-error-reporting.md b/doc/manual/rl-next/with-error-reporting.md deleted file mode 100644 index d9e07df52..000000000 --- a/doc/manual/rl-next/with-error-reporting.md +++ /dev/null @@ -1,31 +0,0 @@ ---- -synopsis: Better error reporting for `with` expressions -prs: 9658 ---- - -`with` expressions using non-attrset values to resolve variables are now reported with proper positions. - -Previously an incorrect `with` expression would report no position at all, making it hard to determine where the error originated: - -``` -nix-repl> with 1; a -error: - … - - at «none»:0: (source not available) - - error: value is an integer while a set was expected -``` - -Now position information is preserved and reported as with most other errors: - -``` -nix-repl> with 1; a -error: - … while evaluating the first subexpression of a with expression - at «string»:1:1: - 1| with 1; a - | ^ - - error: expected a set but found an integer -``` diff --git a/doc/manual/src/SUMMARY.md.in b/doc/manual/src/SUMMARY.md.in index 10fe51fc9..695d63dfc 100644 --- a/doc/manual/src/SUMMARY.md.in +++ b/doc/manual/src/SUMMARY.md.in @@ -120,6 +120,7 @@ - [C++ style guide](contributing/cxx.md) - [Release Notes](release-notes/index.md) {{#include ./SUMMARY-rl-next.md}} + - [Release 2.20 (2024-01-29)](release-notes/rl-2.20.md) - [Release 2.19 (2023-11-17)](release-notes/rl-2.19.md) - [Release 2.18 (2023-09-20)](release-notes/rl-2.18.md) - [Release 2.17 (2023-07-24)](release-notes/rl-2.17.md) diff --git a/doc/manual/src/release-notes/rl-2.20.md b/doc/manual/src/release-notes/rl-2.20.md new file mode 100644 index 000000000..8c9267486 --- /dev/null +++ b/doc/manual/src/release-notes/rl-2.20.md @@ -0,0 +1,334 @@ +# Release 2.20.0 (2024-01-29) + +- Option `allowed-uris` can now match whole schemes in URIs without slashes [#9547](https://github.com/NixOS/nix/pull/9547) + + If a scheme, such as `github:` is specified in the `allowed-uris` option, all URIs starting with `github:` are allowed. + Previously this only worked for schemes whose URIs used the `://` syntax. + +- Make `nix store gc` use the auto-GC policy [#7851](https://github.com/NixOS/nix/pull/7851) + + + +- Include cgroup stats when building through the daemon [#9598](https://github.com/NixOS/nix/pull/9598) + + Nix now also reports cgroup statistics when building through the nix daemon and when doing remote builds using ssh-ng, + if both sides of the connection are this version of Nix or newer. + +- Fix handling of truncated `.drv` files. [#9673](https://github.com/NixOS/nix/pull/9673) + + Previously a `.drv` that was truncated in the middle of a string would case nix to enter an infinite loop, eventually exhausting all memory and crashing. + +- Disallow empty search regex in `nix search` [#9481](https://github.com/NixOS/nix/pull/9481) + + [`nix search`](@docroot@/command-ref/new-cli/nix3-search.md) now requires a search regex to be passed. To show all packages, use `^`. + +- Reduce eval memory usage and wall time [#9658](https://github.com/NixOS/nix/pull/9658) + + Reduce the size of the `Env` struct used in the evaluator by a pointer, or 8 bytes on most modern machines. + This reduces memory usage during eval by around 2% and wall time by around 3%. + +- Add new `eval-system` setting [#4093](https://github.com/NixOS/nix/pull/4093) + + Add a new `eval-system` option. + Unlike `system`, it just overrides the value of `builtins.currentSystem`. + This is more useful than overriding `system`, because you can build these derivations on remote builders which can work on the given system. + In contrast, `system` also effects scheduling which will cause Nix to build those derivations locally even if that doesn't make sense. + + `eval-system` only takes effect if it is non-empty. + If empty (the default) `system` is used as before, so there is no breakage. + +- Nix now uses `libgit2` for Git fetching [#5313](https://github.com/NixOS/nix/issues/5313) [#9240](https://github.com/NixOS/nix/pull/9240) [#9241](https://github.com/NixOS/nix/pull/9241) [#9258](https://github.com/NixOS/nix/pull/9258) [#9480](https://github.com/NixOS/nix/pull/9480) + + Nix has built-in support for fetching sources from Git, during evaluation and locking; outside the sandbox. + The existing implementation based on the Git CLI had issues regarding reproducibility and performance. + + Most of the original `fetchGit` behavior has been implemented using the `libgit2` library, which gives the fetcher fine-grained control. + + Known issues: + - The `export-subst` behavior has not been reimplemented. [Partial](https://github.com/NixOS/nix/pull/9391#issuecomment-1872503447) support for this Git feature is feasible, but it did not make the release window. + +- Rename hash format `base32` to `nix32` [#9452](https://github.com/NixOS/nix/pull/9452) + + Hash format `base32` was renamed to `nix32` since it used a special nix-specific character set for + [Base32](https://en.wikipedia.org/wiki/Base32). + + ## Deprecation: Use `nix32` instead of `base32` as `toHashFormat` + + For the builtin `convertHash`, the `toHashFormat` parameter now accepts the same hash formats as the `--to`/`--from` + parameters of the `nix hash conert` command: `"base16"`, `"nix32"`, `"base64"`, and `"sri"`. The former `"base32"` value + remains as a deprecated alias for `"base32"`. Please convert your code from: + + ```nix + builtins.convertHash { inherit hash hashAlgo; toHashFormat = "base32";} + ``` + + to + + ```nix + builtins.convertHash { inherit hash hashAlgo; toHashFormat = "nix32";} + ``` + +- import-from-derivation builds the derivation in the build store [#9661](https://github.com/NixOS/nix/pull/9661) + + When using `--eval-store`, `import`ing from a derivation will now result in the derivation being built on the build store, i.e. the store specified in the `store` Nix option. + + Because the resulting Nix expression must be copied back to the eval store in order to be imported, this requires the eval store to trust the build store's signatures. + +- Mounted SSH Store [#7890](https://github.com/NixOS/nix/issues/7890) [#7912](https://github.com/NixOS/nix/pull/7912) + + Introduced the store [`mounted-ssh-ng://`](@docroot@/command-ref/new-cli/nix3-help-stores.md). + This store allows full access to a Nix store on a remote machine and additionally requires that the store be mounted in the local filesystem. + +- Rename to `nix config show` [#7672](https://github.com/NixOS/nix/issues/7672) [#9477](https://github.com/NixOS/nix/pull/9477) + + `nix show-config` was renamed to `nix config show`, and `nix doctor` was renamed to `nix config check`, to be more consistent with the rest of the command-line interface. + +- Fix `nix-env --query --drv-path --json` [#9257](https://github.com/NixOS/nix/pull/9257) + + Fixed a bug where `nix-env --query` ignored `--drv-path` when `--json` was set. + +- Some stack overflow segfaults are fixed [#8882](https://github.com/NixOS/nix/issues/8882) [#8893](https://github.com/NixOS/nix/pull/8893) + + `nix flake check` now logs the checks it runs and the derivations it evaluates: + + ``` + $ nix flake check -v + evaluating flake... + checking flake output 'checks'... + checking derivation 'checks.aarch64-darwin.ghciwatch-tests'... + derivation evaluated to /nix/store/nh7dlvsrhds4cxl91mvgj4h5cbq6skmq-ghciwatch-test-0.3.0.drv + checking derivation 'checks.aarch64-darwin.ghciwatch-clippy'... + derivation evaluated to /nix/store/9cb5a6wmp6kf6hidqw9wphidvb8bshym-ghciwatch-clippy-0.3.0.drv + checking derivation 'checks.aarch64-darwin.ghciwatch-doc'... + derivation evaluated to /nix/store/8brdd3jbawfszpbs7vdpsrhy80as1il8-ghciwatch-doc-0.3.0.drv + checking derivation 'checks.aarch64-darwin.ghciwatch-fmt'... + derivation evaluated to /nix/store/wjhs0l1njl5pyji53xlmfjrlya0wmz8p-ghciwatch-fmt-0.3.0.drv + checking derivation 'checks.aarch64-darwin.ghciwatch-audit'... + derivation evaluated to /nix/store/z0mps8dyj2ds7c0fn0819y5h5611033z-ghciwatch-audit-0.3.0.drv + checking flake output 'packages'... + checking derivation 'packages.aarch64-darwin.default'... + derivation evaluated to /nix/store/41abbdyglw5x9vcsvd89xan3ydjf8d7r-ghciwatch-0.3.0.drv + checking flake output 'apps'... + checking flake output 'devShells'... + checking derivation 'devShells.aarch64-darwin.default'... + derivation evaluated to /nix/store/bc935gz7dylzmcpdb5cczr8gngv8pmdb-nix-shell.drv + running 5 flake checks... + warning: The check omitted these incompatible systems: aarch64-linux, x86_64-darwin, x86_64-linux + Use '--all-systems' to check all. + ``` + +- Add `nix hash convert` [#9452](https://github.com/NixOS/nix/pull/9452) + + New [`nix hash convert`](https://github.com/NixOS/nix/issues/8876) sub command with a fast track + to stabilization! Examples: + + - Convert the hash to `nix32`. + + ```bash + $ nix hash convert --hash-algo "sha1" --to nix32 "800d59cfcd3c05e900cb4e214be48f6b886a08df" + vw46m23bizj4n8afrc0fj19wrp7mj3c0 + ``` + `nix32` is a base32 encoding with a nix-specific character set. + Explicitly specify the hashing algorithm (optional with SRI hashes) but detect hash format by the length of the input + hash. + - Convert the hash to the `sri` format that includes an algorithm specification: + ```bash + nix hash convert --hash-algo "sha1" "800d59cfcd3c05e900cb4e214be48f6b886a08df" + sha1-gA1Zz808BekAy04hS+SPa4hqCN8= + ``` + or with an explicit `-to` format: + ```bash + nix hash convert --hash-algo "sha1" --to sri "800d59cfcd3c05e900cb4e214be48f6b886a08df" + sha1-gA1Zz808BekAy04hS+SPa4hqCN8= + ``` + - Assert the input format of the hash: + ```bash + nix hash convert --hash-algo "sha256" --from nix32 "ungWv48Bz+pBQUDeXa4iI7ADYaOWF3qctBD/YfIAFa0=" + error: input hash 'ungWv48Bz+pBQUDeXa4iI7ADYaOWF3qctBD/YfIAFa0=' does not have the expected format '--from nix32' + nix hash convert --hash-algo "sha256" --from nix32 "1b8m03r63zqhnjf7l5wnldhh7c134ap5vpj0850ymkq1iyzicy5s" + sha256-ungWv48Bz+pBQUDeXa4iI7ADYaOWF3qctBD/YfIAFa0= + ``` + + The `--to`/`--from`/`--hash-algo` parameters have context-sensitive auto-completion. + + ## Related Deprecations + + The following commands are still available but will emit a deprecation warning. Please convert your code to + `nix hash convert`: + + - `nix hash to-base16 $hash1 $hash2`: Use `nix hash convert --to base16 $hash1 $hash2` instead. + - `nix hash to-base32 $hash1 $hash2`: Use `nix hash convert --to nix32 $hash1 $hash2` instead. + - `nix hash to-base64 $hash1 $hash2`: Use `nix hash convert --to base64 $hash1 $hash2` instead. + - `nix hash to-sri $hash1 $hash2`: : Use `nix hash convert --to sri $hash1 $hash2` + or even just `nix hash convert $hash1 $hash2` instead. + +- `nix profile` now allows referring to elements by human-readable name [#8678](https://github.com/NixOS/nix/pull/8678) + + [`nix profile`](@docroot@/command-ref/new-cli/nix3-profile.md) now uses names to refer to installed packages when running [`list`](@docroot@/command-ref/new-cli/nix3-profile-list.md), [`remove`](@docroot@/command-ref/new-cli/nix3-profile-remove.md) or [`upgrade`](@docroot@/command-ref/new-cli/nix3-profile-upgrade.md) as opposed to indices. Profile element names are generated when a package is installed and remain the same until the package is removed. + + **Warning**: The `manifest.nix` file used to record the contents of profiles has changed. Nix will automatically upgrade profiles to the new version when you modify the profile. After that, the profile can no longer be used by older versions of Nix. + +- Rename hash format `base32` to `nix32` [#8678](https://github.com/NixOS/nix/pull/8678) + + Hash format `base32` was renamed to `nix32` since it used a special nix-specific character set for + [Base32](https://en.wikipedia.org/wiki/Base32). + + ## Deprecation: Use `nix32` instead of `base32` as `toHashFormat` + + For the builtin `convertHash`, the `toHashFormat` parameter now accepts the same hash formats as the `--to`/`--from` + parameters of the `nix hash conert` command: `"base16"`, `"nix32"`, `"base64"`, and `"sri"`. The former `"base32"` value + remains as a deprecated alias for `"base32"`. Please convert your code from: + + ```nix + builtins.convertHash { inherit hash hashAlgo; toHashFormat = "base32";} + ``` + + to + + ```nix + builtins.convertHash { inherit hash hashAlgo; toHashFormat = "nix32";} + ``` + +- Give `nix store add` a `--hash-algo` flag [#9809](https://github.com/NixOS/nix/pull/9809) + + Adds a missing feature that was present in the old CLI, and matches our + plans to have similar flags for `nix hash convert` and `nix hash path`. + +- Coercion errors include the failing value + + The `error: cannot coerce a to a string` message now includes the value + which caused the error. + + Before: + + ``` + error: cannot coerce a set to a string + ``` + + After: + + ``` + error: cannot coerce a set to a string: { aesSupport = «thunk»; + avx2Support = «thunk»; avx512Support = «thunk»; avxSupport = «thunk»; + canExecute = «thunk»; config = «thunk»; darwinArch = «thunk»; darwinMinVersion + = «thunk»; darwinMinVersionVariable = «thunk»; darwinPlatform = «thunk»; «84 + attributes elided»} + ``` + +- Type errors include the failing value + + In errors like `value is an integer while a list was expected`, the message now + includes the failing value. + + Before: + + ``` + error: value is a set while a string was expected + ``` + + After: + + ``` + error: expected a string but found a set: { ghc810 = «thunk»; + ghc8102Binary = «thunk»; ghc8107 = «thunk»; ghc8107Binary = «thunk»; + ghc865Binary = «thunk»; ghc90 = «thunk»; ghc902 = «thunk»; ghc92 = «thunk»; + ghc924Binary = «thunk»; ghc925 = «thunk»; «17 attributes elided»} + ``` + +- Source locations are printed more consistently in errors [#561](https://github.com/NixOS/nix/issues/561) [#9555](https://github.com/NixOS/nix/pull/9555) + + Source location information is now included in error messages more + consistently. Given this code: + + ```nix + let + attr = {foo = "bar";}; + key = {}; + in + attr.${key} + ``` + + Previously, Nix would show this unhelpful message when attempting to evaluate + it: + + ``` + error: + … while evaluating an attribute name + + error: value is a set while a string was expected + ``` + + Now, the error message displays where the problematic value was found: + + ``` + error: + … while evaluating an attribute name + + at bad.nix:4:11: + + 3| key = {}; + 4| in attr.${key} + | ^ + 5| + + error: expected a string but found a set + ``` + +- Some stack overflow segfaults are fixed [#9616](https://github.com/NixOS/nix/issues/9616) [#9617](https://github.com/NixOS/nix/pull/9617) + + The number of nested function calls has been restricted, to detect and report + infinite function call recursions. The default maximum call depth is 10,000 and + can be set with [the `max-call-depth` + option](@docroot@/command-ref/conf-file.md#conf-max-call-depth). + + This fixes segfaults or the following unhelpful error message in many cases: + + error: stack overflow (possible infinite recursion) + + Before: + + ``` + $ nix-instantiate --eval --expr '(x: x x) (x: x x)' + Segmentation fault: 11 + ``` + + After: + + ``` + $ nix-instantiate --eval --expr '(x: x x) (x: x x)' + error: stack overflow + + at «string»:1:14: + 1| (x: x x) (x: x x) + | ^ + ``` + +- Better error reporting for `with` expressions [#9658](https://github.com/NixOS/nix/pull/9658) + + `with` expressions using non-attrset values to resolve variables are now reported with proper positions. + + Previously an incorrect `with` expression would report no position at all, making it hard to determine where the error originated: + + ``` + nix-repl> with 1; a + error: + … + + at «none»:0: (source not available) + + error: value is an integer while a set was expected + ``` + + Now position information is preserved and reported as with most other errors: + + ``` + nix-repl> with 1; a + error: + … while evaluating the first subexpression of a with expression + at «string»:1:1: + 1| with 1; a + | ^ + + error: expected a set but found an integer + ``` + From 6f86f87043971eb9414a6d63013a1e06af397f3a Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 29 Jan 2024 17:50:25 +0100 Subject: [PATCH 4/6] Fix formatting of hash args --- src/libutil/args.cc | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/libutil/args.cc b/src/libutil/args.cc index 5187e7396..8996cbe5b 100644 --- a/src/libutil/args.cc +++ b/src/libutil/args.cc @@ -557,7 +557,7 @@ Args::Flag Args::Flag::mkHashFormatFlagWithDefault(std::string &&longName, HashF assert(*hf == nix::HashFormat::SRI); return Flag{ .longName = std::move(longName), - .description = "hash format ('base16', 'nix32', 'base64', 'sri'). Default: 'sri'", + .description = "Hash format (`base16`, `nix32`, `base64`, `sri`). Default: `sri`.", .labels = {"hash-format"}, .handler = {[hf](std::string s) { *hf = parseHashFormat(s); @@ -569,7 +569,7 @@ Args::Flag Args::Flag::mkHashFormatFlagWithDefault(std::string &&longName, HashF Args::Flag Args::Flag::mkHashFormatOptFlag(std::string && longName, std::optional * ohf) { return Flag{ .longName = std::move(longName), - .description = "hash format ('base16', 'nix32', 'base64', 'sri').", + .description = "Hash format (`base16`, `nix32`, `base64`, `sri`).", .labels = {"hash-format"}, .handler = {[ohf](std::string s) { *ohf = std::optional{parseHashFormat(s)}; @@ -589,7 +589,7 @@ Args::Flag Args::Flag::mkHashAlgoFlag(std::string && longName, HashAlgorithm * h { return Flag{ .longName = std::move(longName), - .description = "hash algorithm ('md5', 'sha1', 'sha256', or 'sha512')", + .description = "Hash algorithm (`md5`, `sha1`, `sha256`, or `sha512`).", .labels = {"hash-algo"}, .handler = {[ha](std::string s) { *ha = parseHashAlgo(s); @@ -602,7 +602,7 @@ Args::Flag Args::Flag::mkHashAlgoOptFlag(std::string && longName, std::optional< { return Flag{ .longName = std::move(longName), - .description = "hash algorithm ('md5', 'sha1', 'sha256', or 'sha512'). Optional as can also be gotten from SRI hash itself.", + .description = "Hash algorithm (`md5`, `sha1`, `sha256`, or `sha512`). Can be omitted for SRI hashes.", .labels = {"hash-algo"}, .handler = {[oha](std::string s) { *oha = std::optional{parseHashAlgo(s)}; From 9465c8cca133a149c003e9ef4d7e97d513716155 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 29 Jan 2024 17:51:01 +0100 Subject: [PATCH 5/6] nix hash convert: Add manpage --- src/nix/hash-convert.md | 40 ++++++++++++++++++++++++++++++++++++++++ src/nix/hash.cc | 15 +++++++-------- 2 files changed, 47 insertions(+), 8 deletions(-) create mode 100644 src/nix/hash-convert.md diff --git a/src/nix/hash-convert.md b/src/nix/hash-convert.md new file mode 100644 index 000000000..dfb215443 --- /dev/null +++ b/src/nix/hash-convert.md @@ -0,0 +1,40 @@ +R""( + +# Examples + +* Convert a hash to `nix32` (a base-32 encoding with a Nix-specific character set). + + ```console + $ nix hash convert --hash-algo sha1 --to nix32 800d59cfcd3c05e900cb4e214be48f6b886a08df + vw46m23bizj4n8afrc0fj19wrp7mj3c0 + ``` + +* Convert a hash to [the `sri` format](https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity) that includes an algorithm specification: + + ```console + # nix hash convert --hash-algo sha1 800d59cfcd3c05e900cb4e214be48f6b886a08df + sha1-gA1Zz808BekAy04hS+SPa4hqCN8= + ``` + + or with an explicit `--to` format: + + ```console + # nix hash convert --hash-algo sha1 --to sri 800d59cfcd3c05e900cb4e214be48f6b886a08df + sha1-gA1Zz808BekAy04hS+SPa4hqCN8= + ``` + +* Assert the input format of the hash: + + ```console + # nix hash convert --hash-algo sha256 --from nix32 ungWv48Bz+pBQUDeXa4iI7ADYaOWF3qctBD/YfIAFa0= + error: input hash 'ungWv48Bz+pBQUDeXa4iI7ADYaOWF3qctBD/YfIAFa0=' does not have the expected format '--from nix32' + + # nix hash convert --hash-algo sha256 --from nix32 1b8m03r63zqhnjf7l5wnldhh7c134ap5vpj0850ymkq1iyzicy5s + sha256-ungWv48Bz+pBQUDeXa4iI7ADYaOWF3qctBD/YfIAFa0= + ``` + +# Description + +`nix hash convert` converts hashes from one encoding to another. + +)"" diff --git a/src/nix/hash.cc b/src/nix/hash.cc index 8ab89e433..4837891c6 100644 --- a/src/nix/hash.cc +++ b/src/nix/hash.cc @@ -150,15 +150,14 @@ struct CmdHashConvert : Command std::string description() override { - std::string descr( "convert between different hash formats. Choose from: "); - auto iter = hashFormats.begin(); - assert(iter != hashFormats.end()); - descr += *iter++; - while (iter != hashFormats.end()) { - descr += ", " + *iter++; - } + return "convert between hash formats"; + } - return descr; + std::string doc() override + { + return + #include "hash-convert.md" + ; } Category category() override { return catUtility; } From 652f334f879153b1357f92504999d9b0fb951a2b Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 29 Jan 2024 17:51:21 +0100 Subject: [PATCH 6/6] Edit release notes --- doc/manual/src/release-notes/rl-2.20.md | 223 +++--------------------- 1 file changed, 29 insertions(+), 194 deletions(-) diff --git a/doc/manual/src/release-notes/rl-2.20.md b/doc/manual/src/release-notes/rl-2.20.md index 8c9267486..26869e90a 100644 --- a/doc/manual/src/release-notes/rl-2.20.md +++ b/doc/manual/src/release-notes/rl-2.20.md @@ -5,190 +5,60 @@ If a scheme, such as `github:` is specified in the `allowed-uris` option, all URIs starting with `github:` are allowed. Previously this only worked for schemes whose URIs used the `://` syntax. -- Make `nix store gc` use the auto-GC policy [#7851](https://github.com/NixOS/nix/pull/7851) - - - - Include cgroup stats when building through the daemon [#9598](https://github.com/NixOS/nix/pull/9598) - Nix now also reports cgroup statistics when building through the nix daemon and when doing remote builds using ssh-ng, - if both sides of the connection are this version of Nix or newer. - -- Fix handling of truncated `.drv` files. [#9673](https://github.com/NixOS/nix/pull/9673) - - Previously a `.drv` that was truncated in the middle of a string would case nix to enter an infinite loop, eventually exhausting all memory and crashing. + Nix now also reports cgroup statistics when building through the Nix daemon and when doing remote builds using `ssh-ng`, + if both sides of the connection are using Nix 2.20 or newer. - Disallow empty search regex in `nix search` [#9481](https://github.com/NixOS/nix/pull/9481) [`nix search`](@docroot@/command-ref/new-cli/nix3-search.md) now requires a search regex to be passed. To show all packages, use `^`. -- Reduce eval memory usage and wall time [#9658](https://github.com/NixOS/nix/pull/9658) - - Reduce the size of the `Env` struct used in the evaluator by a pointer, or 8 bytes on most modern machines. - This reduces memory usage during eval by around 2% and wall time by around 3%. - - Add new `eval-system` setting [#4093](https://github.com/NixOS/nix/pull/4093) Add a new `eval-system` option. Unlike `system`, it just overrides the value of `builtins.currentSystem`. This is more useful than overriding `system`, because you can build these derivations on remote builders which can work on the given system. - In contrast, `system` also effects scheduling which will cause Nix to build those derivations locally even if that doesn't make sense. + In contrast, `system` also affects scheduling which will cause Nix to build those derivations locally even if that doesn't make sense. `eval-system` only takes effect if it is non-empty. If empty (the default) `system` is used as before, so there is no breakage. -- Nix now uses `libgit2` for Git fetching [#5313](https://github.com/NixOS/nix/issues/5313) [#9240](https://github.com/NixOS/nix/pull/9240) [#9241](https://github.com/NixOS/nix/pull/9241) [#9258](https://github.com/NixOS/nix/pull/9258) [#9480](https://github.com/NixOS/nix/pull/9480) - - Nix has built-in support for fetching sources from Git, during evaluation and locking; outside the sandbox. - The existing implementation based on the Git CLI had issues regarding reproducibility and performance. - - Most of the original `fetchGit` behavior has been implemented using the `libgit2` library, which gives the fetcher fine-grained control. - - Known issues: - - The `export-subst` behavior has not been reimplemented. [Partial](https://github.com/NixOS/nix/pull/9391#issuecomment-1872503447) support for this Git feature is feasible, but it did not make the release window. - -- Rename hash format `base32` to `nix32` [#9452](https://github.com/NixOS/nix/pull/9452) - - Hash format `base32` was renamed to `nix32` since it used a special nix-specific character set for - [Base32](https://en.wikipedia.org/wiki/Base32). - - ## Deprecation: Use `nix32` instead of `base32` as `toHashFormat` - - For the builtin `convertHash`, the `toHashFormat` parameter now accepts the same hash formats as the `--to`/`--from` - parameters of the `nix hash conert` command: `"base16"`, `"nix32"`, `"base64"`, and `"sri"`. The former `"base32"` value - remains as a deprecated alias for `"base32"`. Please convert your code from: - - ```nix - builtins.convertHash { inherit hash hashAlgo; toHashFormat = "base32";} - ``` - - to - - ```nix - builtins.convertHash { inherit hash hashAlgo; toHashFormat = "nix32";} - ``` - -- import-from-derivation builds the derivation in the build store [#9661](https://github.com/NixOS/nix/pull/9661) +- Import-from-derivation builds the derivation in the build store [#9661](https://github.com/NixOS/nix/pull/9661) When using `--eval-store`, `import`ing from a derivation will now result in the derivation being built on the build store, i.e. the store specified in the `store` Nix option. - Because the resulting Nix expression must be copied back to the eval store in order to be imported, this requires the eval store to trust the build store's signatures. + Because the resulting Nix expression must be copied back to the evaluation store in order to be imported, this requires the evaluation store to trust the build store's signatures. - Mounted SSH Store [#7890](https://github.com/NixOS/nix/issues/7890) [#7912](https://github.com/NixOS/nix/pull/7912) Introduced the store [`mounted-ssh-ng://`](@docroot@/command-ref/new-cli/nix3-help-stores.md). This store allows full access to a Nix store on a remote machine and additionally requires that the store be mounted in the local filesystem. -- Rename to `nix config show` [#7672](https://github.com/NixOS/nix/issues/7672) [#9477](https://github.com/NixOS/nix/pull/9477) +- Rename `nix show-config` to `nix config show` [#7672](https://github.com/NixOS/nix/issues/7672) [#9477](https://github.com/NixOS/nix/pull/9477) - `nix show-config` was renamed to `nix config show`, and `nix doctor` was renamed to `nix config check`, to be more consistent with the rest of the command-line interface. + `nix show-config` was renamed to `nix config show`, and `nix doctor` was renamed to `nix config check`, to be more consistent with the rest of the command line interface. -- Fix `nix-env --query --drv-path --json` [#9257](https://github.com/NixOS/nix/pull/9257) +- Add command `nix hash convert` [#9452](https://github.com/NixOS/nix/pull/9452) - Fixed a bug where `nix-env --query` ignored `--drv-path` when `--json` was set. - -- Some stack overflow segfaults are fixed [#8882](https://github.com/NixOS/nix/issues/8882) [#8893](https://github.com/NixOS/nix/pull/8893) - - `nix flake check` now logs the checks it runs and the derivations it evaluates: - - ``` - $ nix flake check -v - evaluating flake... - checking flake output 'checks'... - checking derivation 'checks.aarch64-darwin.ghciwatch-tests'... - derivation evaluated to /nix/store/nh7dlvsrhds4cxl91mvgj4h5cbq6skmq-ghciwatch-test-0.3.0.drv - checking derivation 'checks.aarch64-darwin.ghciwatch-clippy'... - derivation evaluated to /nix/store/9cb5a6wmp6kf6hidqw9wphidvb8bshym-ghciwatch-clippy-0.3.0.drv - checking derivation 'checks.aarch64-darwin.ghciwatch-doc'... - derivation evaluated to /nix/store/8brdd3jbawfszpbs7vdpsrhy80as1il8-ghciwatch-doc-0.3.0.drv - checking derivation 'checks.aarch64-darwin.ghciwatch-fmt'... - derivation evaluated to /nix/store/wjhs0l1njl5pyji53xlmfjrlya0wmz8p-ghciwatch-fmt-0.3.0.drv - checking derivation 'checks.aarch64-darwin.ghciwatch-audit'... - derivation evaluated to /nix/store/z0mps8dyj2ds7c0fn0819y5h5611033z-ghciwatch-audit-0.3.0.drv - checking flake output 'packages'... - checking derivation 'packages.aarch64-darwin.default'... - derivation evaluated to /nix/store/41abbdyglw5x9vcsvd89xan3ydjf8d7r-ghciwatch-0.3.0.drv - checking flake output 'apps'... - checking flake output 'devShells'... - checking derivation 'devShells.aarch64-darwin.default'... - derivation evaluated to /nix/store/bc935gz7dylzmcpdb5cczr8gngv8pmdb-nix-shell.drv - running 5 flake checks... - warning: The check omitted these incompatible systems: aarch64-linux, x86_64-darwin, x86_64-linux - Use '--all-systems' to check all. - ``` - -- Add `nix hash convert` [#9452](https://github.com/NixOS/nix/pull/9452) - - New [`nix hash convert`](https://github.com/NixOS/nix/issues/8876) sub command with a fast track - to stabilization! Examples: - - - Convert the hash to `nix32`. - - ```bash - $ nix hash convert --hash-algo "sha1" --to nix32 "800d59cfcd3c05e900cb4e214be48f6b886a08df" - vw46m23bizj4n8afrc0fj19wrp7mj3c0 - ``` - `nix32` is a base32 encoding with a nix-specific character set. - Explicitly specify the hashing algorithm (optional with SRI hashes) but detect hash format by the length of the input - hash. - - Convert the hash to the `sri` format that includes an algorithm specification: - ```bash - nix hash convert --hash-algo "sha1" "800d59cfcd3c05e900cb4e214be48f6b886a08df" - sha1-gA1Zz808BekAy04hS+SPa4hqCN8= - ``` - or with an explicit `-to` format: - ```bash - nix hash convert --hash-algo "sha1" --to sri "800d59cfcd3c05e900cb4e214be48f6b886a08df" - sha1-gA1Zz808BekAy04hS+SPa4hqCN8= - ``` - - Assert the input format of the hash: - ```bash - nix hash convert --hash-algo "sha256" --from nix32 "ungWv48Bz+pBQUDeXa4iI7ADYaOWF3qctBD/YfIAFa0=" - error: input hash 'ungWv48Bz+pBQUDeXa4iI7ADYaOWF3qctBD/YfIAFa0=' does not have the expected format '--from nix32' - nix hash convert --hash-algo "sha256" --from nix32 "1b8m03r63zqhnjf7l5wnldhh7c134ap5vpj0850ymkq1iyzicy5s" - sha256-ungWv48Bz+pBQUDeXa4iI7ADYaOWF3qctBD/YfIAFa0= - ``` - - The `--to`/`--from`/`--hash-algo` parameters have context-sensitive auto-completion. - - ## Related Deprecations - - The following commands are still available but will emit a deprecation warning. Please convert your code to - `nix hash convert`: + This replaces the old `nix hash to-*` commands, which are still available but will emit a deprecation warning. Please convert as follows: - `nix hash to-base16 $hash1 $hash2`: Use `nix hash convert --to base16 $hash1 $hash2` instead. - `nix hash to-base32 $hash1 $hash2`: Use `nix hash convert --to nix32 $hash1 $hash2` instead. - `nix hash to-base64 $hash1 $hash2`: Use `nix hash convert --to base64 $hash1 $hash2` instead. - - `nix hash to-sri $hash1 $hash2`: : Use `nix hash convert --to sri $hash1 $hash2` - or even just `nix hash convert $hash1 $hash2` instead. + - `nix hash to-sri $hash1 $hash2`: : Use `nix hash convert --to sri $hash1 $hash2` or even just `nix hash convert $hash1 $hash2` instead. -- `nix profile` now allows referring to elements by human-readable name [#8678](https://github.com/NixOS/nix/pull/8678) +- Rename hash format `base32` to `nix32` [#9452](https://github.com/NixOS/nix/pull/9452) + + Hash format `base32` was renamed to `nix32` since it used a special Nix-specific character set for + [Base32](https://en.wikipedia.org/wiki/Base32). + +- `nix profile` now allows referring to elements by human-readable names [#8678](https://github.com/NixOS/nix/pull/8678) [`nix profile`](@docroot@/command-ref/new-cli/nix3-profile.md) now uses names to refer to installed packages when running [`list`](@docroot@/command-ref/new-cli/nix3-profile-list.md), [`remove`](@docroot@/command-ref/new-cli/nix3-profile-remove.md) or [`upgrade`](@docroot@/command-ref/new-cli/nix3-profile-upgrade.md) as opposed to indices. Profile element names are generated when a package is installed and remain the same until the package is removed. **Warning**: The `manifest.nix` file used to record the contents of profiles has changed. Nix will automatically upgrade profiles to the new version when you modify the profile. After that, the profile can no longer be used by older versions of Nix. -- Rename hash format `base32` to `nix32` [#8678](https://github.com/NixOS/nix/pull/8678) - - Hash format `base32` was renamed to `nix32` since it used a special nix-specific character set for - [Base32](https://en.wikipedia.org/wiki/Base32). - - ## Deprecation: Use `nix32` instead of `base32` as `toHashFormat` - - For the builtin `convertHash`, the `toHashFormat` parameter now accepts the same hash formats as the `--to`/`--from` - parameters of the `nix hash conert` command: `"base16"`, `"nix32"`, `"base64"`, and `"sri"`. The former `"base32"` value - remains as a deprecated alias for `"base32"`. Please convert your code from: - - ```nix - builtins.convertHash { inherit hash hashAlgo; toHashFormat = "base32";} - ``` - - to - - ```nix - builtins.convertHash { inherit hash hashAlgo; toHashFormat = "nix32";} - ``` - - Give `nix store add` a `--hash-algo` flag [#9809](https://github.com/NixOS/nix/pull/9809) Adds a missing feature that was present in the old CLI, and matches our @@ -202,17 +72,17 @@ Before: ``` - error: cannot coerce a set to a string + error: cannot coerce a set to a string ``` After: ``` - error: cannot coerce a set to a string: { aesSupport = «thunk»; - avx2Support = «thunk»; avx512Support = «thunk»; avxSupport = «thunk»; - canExecute = «thunk»; config = «thunk»; darwinArch = «thunk»; darwinMinVersion - = «thunk»; darwinMinVersionVariable = «thunk»; darwinPlatform = «thunk»; «84 - attributes elided»} + error: cannot coerce a set to a string: { aesSupport = «thunk»; + avx2Support = «thunk»; avx512Support = «thunk»; avxSupport = «thunk»; + canExecute = «thunk»; config = «thunk»; darwinArch = «thunk»; darwinMinVersion + = «thunk»; darwinMinVersionVariable = «thunk»; darwinPlatform = «thunk»; «84 + attributes elided»} ``` - Type errors include the failing value @@ -223,16 +93,16 @@ Before: ``` - error: value is a set while a string was expected + error: value is a set while a string was expected ``` After: ``` - error: expected a string but found a set: { ghc810 = «thunk»; - ghc8102Binary = «thunk»; ghc8107 = «thunk»; ghc8107Binary = «thunk»; - ghc865Binary = «thunk»; ghc90 = «thunk»; ghc902 = «thunk»; ghc92 = «thunk»; - ghc924Binary = «thunk»; ghc925 = «thunk»; «17 attributes elided»} + error: expected a string but found a set: { ghc810 = «thunk»; + ghc8102Binary = «thunk»; ghc8107 = «thunk»; ghc8107Binary = «thunk»; + ghc865Binary = «thunk»; ghc90 = «thunk»; ghc902 = «thunk»; ghc92 = «thunk»; + ghc924Binary = «thunk»; ghc925 = «thunk»; «17 attributes elided»} ``` - Source locations are printed more consistently in errors [#561](https://github.com/NixOS/nix/issues/561) [#9555](https://github.com/NixOS/nix/pull/9555) @@ -281,45 +151,11 @@ can be set with [the `max-call-depth` option](@docroot@/command-ref/conf-file.md#conf-max-call-depth). - This fixes segfaults or the following unhelpful error message in many cases: - - error: stack overflow (possible infinite recursion) - - Before: - - ``` - $ nix-instantiate --eval --expr '(x: x x) (x: x x)' - Segmentation fault: 11 - ``` - - After: - - ``` - $ nix-instantiate --eval --expr '(x: x x) (x: x x)' - error: stack overflow - - at «string»:1:14: - 1| (x: x x) (x: x x) - | ^ - ``` + This replaces the `stack overflow (possible infinite recursion)` message. - Better error reporting for `with` expressions [#9658](https://github.com/NixOS/nix/pull/9658) - `with` expressions using non-attrset values to resolve variables are now reported with proper positions. - - Previously an incorrect `with` expression would report no position at all, making it hard to determine where the error originated: - - ``` - nix-repl> with 1; a - error: - … - - at «none»:0: (source not available) - - error: value is an integer while a set was expected - ``` - - Now position information is preserved and reported as with most other errors: + `with` expressions using non-attrset values to resolve variables are now reported with proper positions, e.g. ``` nix-repl> with 1; a @@ -331,4 +167,3 @@ error: expected a set but found an integer ``` -