pyrox.dev
+1
-1
.github/workflows/backport.yml
+1
-1
.github/workflows/backport.yml
···
···
+371
-13
doc/build-helpers/fetchers.chapter.md
+371
-13
doc/build-helpers/fetchers.chapter.md
···In more concrete terms, if you use any other hash, the [`--insecure` flag](https://curl.se/docs/manpage.html#-k) will be passed to the underlying call to `curl` when downloading content.-Two basic fetchers are `fetchurl` and `fetchzip`. Both of these have two required arguments, a URL and a hash. The hash is typically `hash`, although many more hash algorithms are supported. Nixpkgs contributors are currently recommended to use `hash`. This hash will be used by Nix to identify your source. A typical usage of `fetchurl` is provided below.-The main difference between `fetchurl` and `fetchzip` is in how they store the contents. `fetchurl` will store the unaltered contents of the URL within the Nix store. `fetchzip` on the other hand, will decompress the archive for you, making files and directories directly accessible in the future. `fetchzip` can only be used with archives. Despite the name, `fetchzip` is not limited to .zip files and can also be used with any tarball.-- `downloadToTemp`: Defaults to `false`. If `true`, saves the source to `$downloadedFile`, to be used in conjunction with `postFetch`-- `postFetch`: Shell code executed after the file has been fetched successfully. Use it for postprocessing, to check or transform the file.
···In more concrete terms, if you use any other hash, the [`--insecure` flag](https://curl.se/docs/manpage.html#-k) will be passed to the underlying call to `curl` when downloading content.+`fetchurl` returns a [fixed-output derivation](https://nixos.org/manual/nix/stable/glossary.html#gloss-fixed-output-derivation) which downloads content from a given URL and stores the unaltered contents within the Nix store.+It uses {manpage}`curl(1)` internally, and allows its behaviour to be modified by specifying a few attributes in the argument to `fetchurl` (see the documentation for attributes `curlOpts`, `curlOptsList`, and `netrcPhase`).+The resulting [store path](https://nixos.org/manual/nix/stable/store/store-path) is determined by the hash given to `fetchurl`, and also the `name` (or `pname` and `version`) values.+If neither `name` nor `pname` and `version` are specified when calling `fetchurl`, it will default to using the [basename](https://nixos.org/manual/nix/stable/language/builtins.html#builtins-baseNameOf) of `url` or the first element of `urls`.+If `pname` and `version` are specified, `fetchurl` will use those values and will ignore `name`, even if it is also specified.+All URLs of the format [specified here](https://curl.se/docs/url-syntax.html#rfc-3986-plus) are supported.+Each URL will be tried in order until one of them succeeds with some content or all of them fail.+See [](#ex-fetchers-fetchurl-nixpkgs-version-multiple-urls) to understand how this attribute affects the behaviour of `fetchurl`.+: Hash of the derivation output of `fetchurl`, following the format for integrity metadata as defined by [SRI](https://www.w3.org/TR/SRI/).+It is recommended that you use the `hash` attribute instead of the other hash-specific attributes that exist for backwards compatibility.+If `hash` is not specified, you must specify `outputHash` and `outputHashAlgo`, or one of `sha512`, `sha256`, or `sha1`.+See [the documentation on the Nix manual](https://nixos.org/manual/nix/stable/language/advanced-attributes.html#adv-attr-outputHash) for more information about its format.+See [the documentation on the Nix manual](https://nixos.org/manual/nix/stable/language/advanced-attributes.html#adv-attr-outputHashAlgo) for more information about the values it supports.+See [the documentation on the Nix manual](https://nixos.org/manual/nix/stable/language/advanced-attributes.html#adv-attr-outputHash) for more information about its format.+See [the documentation on the Nix manual](https://nixos.org/manual/nix/stable/language/advanced-attributes.html#adv-attr-outputHash) for more information about its format.+See [the documentation on the Nix manual](https://nixos.org/manual/nix/stable/language/advanced-attributes.html#adv-attr-outputHash) for more information about its format.+See [the `fetchurl` overview](#sec-pkgs-fetchers-fetchurl) for details on how the name of the file is decided.+: A base name, which will be combined with `version` to form the symbolic name of the downloaded file when saved in the Nix store.+See [the `fetchurl` overview](#sec-pkgs-fetchers-fetchurl) for details on how the name of the file is decided.+If `pname` is specified, you must also specify `version`, otherwise `fetchurl` will ignore the value of `pname`.+: A version, which will be combined with `pname` to form the symbolic name of the downloaded file when saved in the Nix store.+See [the `fetchurl` overview](#sec-pkgs-fetchers-fetchurl) for details on how the name of the file is decided.+: If set to `true`, will signal to Nix that the hash given to `fetchurl` was calculated using the `"recursive"` mode.+See [the documentation on the Nix manual](https://nixos.org/manual/nix/stable/language/advanced-attributes.html#adv-attr-outputHashMode) for more information about the existing modes.+By default, `fetchurl` uses `"recursive"` mode when the `executable` attribute is set to `true`, so you don't need to specify `recursiveHash` in this case.+: If `true`, saves the downloaded file to a temporary location instead of the expected Nix store location.+This is useful when used in conjunction with `postFetch` attribute, otherwise `fetchurl` will not produce any meaningful output.+The location of the downloaded file will be set in the `$downloadedFile` variable, which should be used by the script in the `postFetch` attribute.+See [](#ex-fetchers-fetchurl-nixpkgs-version-postfetch) to understand how to work with this attribute.+: Script executed after the file has been downloaded successfully, and before `fetchurl` finishes running.+See [](#ex-fetchers-fetchurl-nixpkgs-version-postfetch) to understand how to work with this attribute.+The script should create the `netrc` file (note that it does not begin with a ".") in the directory it's currently running in (`$PWD`).+The script is executed during the setup done by `fetchurl` before it runs any of its code to download the specified content.+If specified, `fetchurl` will automatically alter its invocation of {manpage}`curl(1)` to use the `netrc` file, so you don't need to add anything to `curlOpts` or `curlOptsList`.+Since `netrcPhase` needs to be specified in your source Nix code, any secrets that you put directly in it will be world-readable by design (both in your source code, and when the derivation gets created in the Nix store).+If you want to avoid this behaviour, see the documentation of `netrcImpureEnvVars` for an alternative way of dealing with these secrets.+: If specified, `fetchurl` will add these environment variable names to the list of [impure environment variables](https://nixos.org/manual/nix/stable/language/advanced-attributes.html#adv-attr-impureEnvVars), which will be passed from the environment of the calling user to the builder running the `fetchurl` code.+This is useful when used with `netrcPhase` to hide any secrets that are used in it, because the script in `netrcPhase` only needs to reference the environment variables with the secrets in them instead.+the environment that starts the build needs to have these variables declared for everything to work properly, which means that additional setup is required outside what Nix controls.+: If specified, this value will be appended to the invocation of {manpage}`curl(1)` when downloading the URL(s) given to `fetchurl`.+Multiple arguments can be separated by spaces normally, but values with whitespaces will be interpreted as multiple arguments (instead of a single value), even if the value is escaped.+: If specified, each element of this list will be passed as an argument to the invocation of {manpage}`curl(1)` when downloading the URL(s) given to `fetchurl`.+Instead, it will output a list of all the URLs it would've used to download the content (after resolving `mirror://` URLs, for example).+: Specifies any extra [passthru](#var-stdenv-passthru) attributes for the derivation returned by `fetchurl`.+Note that `fetchurl` defines [passthru attributes of its own](#ssec-pkgs-fetchers-fetchurl-passthru-outputs).+Attributes specified in `passthru` can override the default attributes returned by `fetchurl`.+: This is the same attribute as [defined in the Nix manual](https://nixos.org/manual/nix/stable/language/advanced-attributes.html#adv-attr-preferLocalBuild).+It is `true` by default because making a remote machine download the content just duplicates network traffic (since the local machine might download the results from the derivation anyway), but this could be useful in cases where network access is restricted on local machines.+See [](#ex-fetchers-fetchurl-nixpkgs-version-postfetch) to understand how this can be used with `postFetch`.+The following package downloads a small file from a URL and shows the most common way to use `fetchurl`:+The first URL was crafted to intentionally return an error to illustrate how `fetchurl` will try multiple URLs until it finds one that works (or all URLs fail).+However, note that the name of the file was derived from the first URL (this is further explained in [the `fetchurl` overview](#sec-pkgs-fetchers-fetchurl)).+To ensure the result will have the same name regardless of which URLs are used, we can modify the package:+It might be useful to manipulate the content downloaded by `fetchurl` directly in its derivation.+In this example, we'll adapt [](#ex-fetchers-fetchurl-nixpkgs-version) to append the result of running the `hello` package to the contents we download, purely to illustrate how to manipulate the content.+Note that the `hash` specified in the package is different than the hash specified in [](#ex-fetchers-fetchurl-nixpkgs-version), because the contents of the output have changed (even though the actual file that was downloaded is the same).+See [](#chap-pkgs-fetchers-caveats) for more details on how to work with the `hash` attribute when the output changes.+Downloads content from a given URL (which is assumed to be an archive), and decompresses the archive for you, making files and directories directly accessible.+Despite its name, `fetchzip` is not limited to `.zip` files and can also be used with any tarball.
+25
doc/style.css
+25
doc/style.css
······+For more details, see https://highlightjs.readthedocs.io/en/latest/css-classes-reference.html#stylable-scopes
+5
-4
lib/deprecated.nix
+5
-4
lib/deprecated.nix
+2
-3
lib/kernel.nix
+2
-3
lib/kernel.nix
···
···
+7
-4
lib/systems/default.nix
+7
-4
lib/systems/default.nix
······
······
+19
-15
lib/tests/misc.nix
+19
-15
lib/tests/misc.nix
···-Since these tests are implemented with Nix evaluation, error checking is limited to what `builtins.tryEval` can detect, which is `throw`'s and `abort`'s, without error messages.-If you need to test error messages or more complex evaluations, see ./modules.sh, ./sources.sh or ./filesystem.sh as examples.·········
············
+2
-2
lib/tests/modules/doRename-condition.nix
+2
-2
lib/tests/modules/doRename-condition.nix
······
······
+18
-9
lib/types.nix
+18
-9
lib/types.nix
···
···
+3
nixos/doc/manual/release-notes/rl-2405.section.md
+3
nixos/doc/manual/release-notes/rl-2405.section.md
···- `buildGoModule` now throws error when `vendorHash` is not specified. `vendorSha256`, deprecated in Nixpkgs 23.11, is now ignored and is no longer a `vendorHash` alias.- Invidious has changed its default database username from `kemal` to `invidious`. Setups involving an externally provisioned database (i.e. `services.invidious.database.createLocally == false`) should adjust their configuration accordingly. The old `kemal` user will not be removed automatically even when the database is provisioned automatically.(https://github.com/NixOS/nixpkgs/pull/265857)
···+- `openssh`, `openssh_hpn` and `openssh_gssapi` are now compiled without support for the DSA signature algorithm as it is being deprecated upstream. Users still relying on DSA keys should consider upgrading+to another signature algorithm. It is however possible, for the time being, to restore the DSA keys support using `override` to set `dsaKeysSupport = true`.- `buildGoModule` now throws error when `vendorHash` is not specified. `vendorSha256`, deprecated in Nixpkgs 23.11, is now ignored and is no longer a `vendorHash` alias.- Invidious has changed its default database username from `kemal` to `invidious`. Setups involving an externally provisioned database (i.e. `services.invidious.database.createLocally == false`) should adjust their configuration accordingly. The old `kemal` user will not be removed automatically even when the database is provisioned automatically.(https://github.com/NixOS/nixpkgs/pull/265857)
+2
-2
nixos/modules/security/sudo.nix
+2
-2
nixos/modules/security/sudo.nix
···-type = with types; listOf (enum [ "NOPASSWD" "PASSWD" "NOEXEC" "EXEC" "SETENV" "NOSETENV" "LOG_INPUT" "NOLOG_INPUT" "LOG_OUTPUT" "NOLOG_OUTPUT" ]);-Options for running the command. Refer to the [sudo manual](https://www.sudo.ws/man/1.7.10/sudoers.man.html).
···+type = with types; listOf (enum [ "NOPASSWD" "PASSWD" "NOEXEC" "EXEC" "SETENV" "NOSETENV" "LOG_INPUT" "NOLOG_INPUT" "LOG_OUTPUT" "NOLOG_OUTPUT" "MAIL" "NOMAIL" "FOLLOW" "NOFLLOW" "INTERCEPT" "NOINTERCEPT"]);+Options for running the command. Refer to the [sudo manual](https://www.sudo.ws/docs/man/1.9.15/sudoers.man/#Tag_Spec).
+6
-7
nixos/modules/services/misc/mbpfan.nix
+6
-7
nixos/modules/services/misc/mbpfan.nix
·········
·········
+4
-4
pkgs/applications/editors/android-studio/default.nix
+4
-4
pkgs/applications/editors/android-studio/default.nix
···
···
+6
-2
pkgs/applications/editors/vscode/extensions/default.nix
+6
-2
pkgs/applications/editors/vscode/extensions/default.nix
······jq '.contributes.configuration.properties."shellcheck.executablePath".default = "${shellcheck}/bin/shellcheck"' package.json | sponge package.json
······jq '.contributes.configuration.properties."shellcheck.executablePath".default = "${shellcheck}/bin/shellcheck"' package.json | sponge package.json
+3
-3
pkgs/applications/misc/typioca/default.nix
+3
-3
pkgs/applications/misc/typioca/default.nix
···
···
+2
-2
pkgs/applications/office/planify/default.nix
+2
-2
pkgs/applications/office/planify/default.nix
+3
-3
pkgs/applications/version-management/jujutsu/default.nix
+3
-3
pkgs/applications/version-management/jujutsu/default.nix
···useNextest = false; # nextest is the upstream integration framework, but is problematic for test skipping
···useNextest = false; # nextest is the upstream integration framework, but is problematic for test skipping
+2
-2
pkgs/by-name/_6/_64gram/package.nix
+2
-2
pkgs/by-name/_6/_64gram/package.nix
······
······
+74
pkgs/by-name/an/anyrun/package.nix
+74
pkgs/by-name/an/anyrun/package.nix
···
···
+33
pkgs/by-name/ce/cero/package.nix
+33
pkgs/by-name/ce/cero/package.nix
···
···
+61
pkgs/by-name/gi/git-gr/package.nix
+61
pkgs/by-name/gi/git-gr/package.nix
···
···
+3
-3
pkgs/by-name/go/go-camo/package.nix
+3
-3
pkgs/by-name/go/go-camo/package.nix
···
···
+2
-2
pkgs/by-name/mo/monophony/package.nix
+2
-2
pkgs/by-name/mo/monophony/package.nix
······
······
+3
-3
pkgs/by-name/te/tenv/package.nix
+3
-3
pkgs/by-name/te/tenv/package.nix
···
···
+2
-2
pkgs/by-name/ti/tippecanoe/package.nix
+2
-2
pkgs/by-name/ti/tippecanoe/package.nix
+2
-2
pkgs/development/compilers/intel-graphics-compiler/default.nix
+2
-2
pkgs/development/compilers/intel-graphics-compiler/default.nix
···
···
+3
-3
pkgs/development/compilers/spirv-llvm-translator/default.nix
+3
-3
pkgs/development/compilers/spirv-llvm-translator/default.nix
···
···
+2
-2
pkgs/development/interpreters/yaegi/default.nix
+2
-2
pkgs/development/interpreters/yaegi/default.nix
+16
-4
pkgs/development/libraries/level-zero/default.nix
+16
-4
pkgs/development/libraries/level-zero/default.nix
···
···
+66
pkgs/development/libraries/level-zero/system-spdlog.diff
+66
pkgs/development/libraries/level-zero/system-spdlog.diff
···
···+set(PROJECT_VERSION "${PROJECT_VERSION_MAJOR}.${PROJECT_VERSION_MINOR}.${PROJECT_VERSION_PATCH}")
+2
-2
pkgs/development/libraries/libwpe/default.nix
+2
-2
pkgs/development/libraries/libwpe/default.nix
+2
-2
pkgs/development/libraries/quarto/default.nix
+2
-2
pkgs/development/libraries/quarto/default.nix
···url = "https://github.com/quarto-dev/quarto-cli/releases/download/v${final.version}/quarto-${final.version}-linux-amd64.tar.gz";
···url = "https://github.com/quarto-dev/quarto-cli/releases/download/v${final.version}/quarto-${final.version}-linux-amd64.tar.gz";
+37
pkgs/development/ocaml-modules/ocaml-lua/default.nix
+37
pkgs/development/ocaml-modules/ocaml-lua/default.nix
···
···
+28
-29
pkgs/development/python-modules/arsenic/default.nix
+28
-29
pkgs/development/python-modules/arsenic/default.nix
······
······+url = "https://github.com/HENNGE/arsenic/commit/440faed7d2a8fbd635a135c007051ea494e72873.patch";
+6
-6
pkgs/development/python-modules/asn1crypto/default.nix
+6
-6
pkgs/development/python-modules/asn1crypto/default.nix
······
······
+20
-25
pkgs/development/python-modules/extract-msg/default.nix
+20
-25
pkgs/development/python-modules/extract-msg/default.nix
·········
·········
+23
-29
pkgs/development/python-modules/flask-session-captcha/default.nix
+23
-29
pkgs/development/python-modules/flask-session-captcha/default.nix
···
···
+16
-21
pkgs/development/python-modules/glances-api/default.nix
+16
-21
pkgs/development/python-modules/glances-api/default.nix
······
······
+16
-21
pkgs/development/python-modules/opower/default.nix
+16
-21
pkgs/development/python-modules/opower/default.nix
·········description = "Module for getting historical and forecasted usage/cost from utilities that use opower.com";
·········description = "Module for getting historical and forecasted usage/cost from utilities that use opower.com";
+2
-2
pkgs/development/python-modules/psygnal/default.nix
+2
-2
pkgs/development/python-modules/psygnal/default.nix
······
······
+10
-11
pkgs/development/python-modules/pygobject-stubs/default.nix
+10
-11
pkgs/development/python-modules/pygobject-stubs/default.nix
······
······
+76
-96
pkgs/development/python-modules/python-lsp-server/default.nix
+76
-96
pkgs/development/python-modules/python-lsp-server/default.nix
·········
·········
+2
-2
pkgs/development/python-modules/pyvista/default.nix
+2
-2
pkgs/development/python-modules/pyvista/default.nix
······
······
+12
-17
pkgs/development/python-modules/romy/default.nix
+12
-17
pkgs/development/python-modules/romy/default.nix
······
······
+28
-29
pkgs/development/python-modules/rstcheck-core/default.nix
+28
-29
pkgs/development/python-modules/rstcheck-core/default.nix
·········
·········
+26
-39
pkgs/development/python-modules/rstcheck/default.nix
+26
-39
pkgs/development/python-modules/rstcheck/default.nix
·········
·········
+2
-2
pkgs/development/tools/analysis/flow/default.nix
+2
-2
pkgs/development/tools/analysis/flow/default.nix
+3
-3
pkgs/development/tools/earthly/default.nix
+3
-3
pkgs/development/tools/earthly/default.nix
···
···
+3
-3
pkgs/development/tools/semantic-release/default.nix
+3
-3
pkgs/development/tools/semantic-release/default.nix
···
···
+2
-2
pkgs/os-specific/linux/intel-compute-runtime/default.nix
+2
-2
pkgs/os-specific/linux/intel-compute-runtime/default.nix
···
···
+3
-3
pkgs/servers/misc/gobgpd/default.nix
+3
-3
pkgs/servers/misc/gobgpd/default.nix
···
···
+3
-3
pkgs/servers/monitoring/prometheus/pushgateway.nix
+3
-3
pkgs/servers/monitoring/prometheus/pushgateway.nix
···
···
+3
-3
pkgs/servers/monitoring/unpoller/default.nix
+3
-3
pkgs/servers/monitoring/unpoller/default.nix
···
···
+2
-8
pkgs/servers/wsdd/default.nix
+2
-8
pkgs/servers/wsdd/default.nix
······
······
-13
pkgs/servers/wsdd/increase_timeout.patch
-13
pkgs/servers/wsdd/increase_timeout.patch
···
···
+2
-2
pkgs/tools/admin/stripe-cli/default.nix
+2
-2
pkgs/tools/admin/stripe-cli/default.nix
···
···
+3
-3
pkgs/tools/graphics/deqp-runner/default.nix
+3
-3
pkgs/tools/graphics/deqp-runner/default.nix
···description = "A VK-GL-CTS/dEQP wrapper program to parallelize it across CPUs and report results against a baseline";
···description = "A VK-GL-CTS/dEQP wrapper program to parallelize it across CPUs and report results against a baseline";
+3
-3
pkgs/tools/networking/gobgp/default.nix
+3
-3
pkgs/tools/networking/gobgp/default.nix
···
···
+2
pkgs/tools/networking/openssh/common.nix
+2
pkgs/tools/networking/openssh/common.nix
······
······
+4
-4
pkgs/tools/nix/nixos-render-docs/src/nixos_render_docs/html.py
+4
-4
pkgs/tools/nix/nixos-render-docs/src/nixos_render_docs/html.py
···
···
+2
-2
pkgs/tools/security/quark-engine/default.nix
+2
-2
pkgs/tools/security/quark-engine/default.nix
···
···
+2
pkgs/tools/security/sudo/default.nix
+2
pkgs/tools/security/sudo/default.nix
+2
pkgs/top-level/ocaml-packages.nix
+2
pkgs/top-level/ocaml-packages.nix