maurice/snix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

chore(3p/sources): bump to OpenSSH vulnerability hotfix

Browse source 
See https://github.com/NixOS/nixpkgs/pull/323753 for details.

Changes:

* git: temporarily comment out dottime patch (it doesn't apply, but it's not critical)
* third-party/cgit: use an older git version where dottime patch still applies
* 3p/crate2nix: remove crate2nix patches included in latest release
* tvix: remove unneeded defaultCrateOverrides (upstreamed to nixpkgs)
* tvix: regenerate Cargo.nix
* tvix/nix-compat: remove unnused AtermWriteable::aterm_bytes pub(crate) function
* tvix/nix-compat: remove redundant trait bounds
* tvix/glue: use clone_into() to set drv.{builder,system}
* tools/crate2nix: apply workaround for https://github.com/numtide/treefmt/issues/327
* toold/depotfmt: expose treefmt config as passthru
* tools/crate2nix: undo some more hacks in the crate2nix-check drv

Change-Id: Ifbcedeb3e8f81b2f6ec1dbf10189bfa6dfd9c75c
Co-Authored-By: Florian Klink <flokli@flokli.de>
Reviewed-on: https://cl.tvl.fyi/c/depot/+/11907
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
Reviewed-by: flokli <flokli@flokli.de>
This commit is contained in:
Vincent Ambo 2024-07-01 12:47:15 +03:00 committed by tazjin
parent 17bdf9a574
commit 4b2f3c5454
15 changed files with 124 additions and 230 deletions
Download patch file Download diff file Expand all files Collapse all files

105
tvix/Cargo.nix
View file

@ -1,4 +1,4 @@
# This file was @generated by crate2nix 0.14.0 with the command:
# This file was @generated by crate2nix 0.14.1 with the command:
# "generate" "--all-features"
# See https://github.com/kolloch/crate2nix for more info.
@ -13,6 +13,8 @@
, rootFeatures ? [ "default" ]
# If true, throw errors instead of issueing deprecation warnings.
, strictDeprecation ? false
# Elements to add to the `-C target-feature=` argument passed to `rustc`
# (separated by `,`, prefixed with `+`).
# Used for conditional compilation based on CPU feature detection.
, targetFeatures ? [ ]
# Whether to perform release builds: longer compile times, faster binaries.
@ -2281,7 +2283,7 @@ rec {
{
name = "libc";
packageId = "libc";
target = { target, features }: (pkgs.rust.lib.toRustTarget stdenv.hostPlatform == "aarch64-linux-android");
target = { target, features }: (stdenv.hostPlatform.rust.rustcTarget == "aarch64-linux-android");
}
{
name = "libc";
@ -6385,12 +6387,7 @@ rec {
requiredFeatures = [ ];
}
];
# We can't filter paths with references in Nix 2.4
# See https://github.com/NixOS/nix/issues/5410
src =
if ((lib.versionOlder builtins.nixVersion "2.4pre20211007") || (lib.versionOlder "2.5" builtins.nixVersion))
then lib.cleanSourceWith { filter = sourceFilter; src = ./nix-compat; }
else ./nix-compat;
src = lib.cleanSourceWith { filter = sourceFilter; src = ./nix-compat; };
dependencies = [
{
name = "bitflags";
@ -13284,12 +13281,7 @@ rec {
requiredFeatures = [ ];
}
];
# We can't filter paths with references in Nix 2.4
# See https://github.com/NixOS/nix/issues/5410
src =
if ((lib.versionOlder builtins.nixVersion "2.4pre20211007") || (lib.versionOlder "2.5" builtins.nixVersion))
then lib.cleanSourceWith { filter = sourceFilter; src = ./build; }
else ./build;
src = lib.cleanSourceWith { filter = sourceFilter; src = ./build; };
dependencies = [
{
name = "bytes";
@ -13373,12 +13365,7 @@ rec {
crateName = "tvix-castore";
version = "0.1.0";
edition = "2021";
# We can't filter paths with references in Nix 2.4
# See https://github.com/NixOS/nix/issues/5410
src =
if ((lib.versionOlder builtins.nixVersion "2.4pre20211007") || (lib.versionOlder "2.5" builtins.nixVersion))
then lib.cleanSourceWith { filter = sourceFilter; src = ./castore; }
else ./castore;
src = lib.cleanSourceWith { filter = sourceFilter; src = ./castore; };
dependencies = [
{
name = "async-compression";
@ -13638,12 +13625,7 @@ rec {
requiredFeatures = [ ];
}
];
# We can't filter paths with references in Nix 2.4
# See https://github.com/NixOS/nix/issues/5410
src =
if ((lib.versionOlder builtins.nixVersion "2.4pre20211007") || (lib.versionOlder "2.5" builtins.nixVersion))
then lib.cleanSourceWith { filter = sourceFilter; src = ./cli; }
else ./cli;
src = lib.cleanSourceWith { filter = sourceFilter; src = ./cli; };
dependencies = [
{
name = "bytes";
@ -13730,12 +13712,7 @@ rec {
crateName = "tvix-eval";
version = "0.1.0";
edition = "2021";
# We can't filter paths with references in Nix 2.4
# See https://github.com/NixOS/nix/issues/5410
src =
if ((lib.versionOlder builtins.nixVersion "2.4pre20211007") || (lib.versionOlder "2.5" builtins.nixVersion))
then lib.cleanSourceWith { filter = sourceFilter; src = ./eval; }
else ./eval;
src = lib.cleanSourceWith { filter = sourceFilter; src = ./eval; };
libName = "tvix_eval";
dependencies = [
{
@ -13897,12 +13874,7 @@ rec {
crateName = "tvix-eval-builtin-macros";
version = "0.0.1";
edition = "2021";
# We can't filter paths with references in Nix 2.4
# See https://github.com/NixOS/nix/issues/5410
src =
if ((lib.versionOlder builtins.nixVersion "2.4pre20211007") || (lib.versionOlder "2.5" builtins.nixVersion))
then lib.cleanSourceWith { filter = sourceFilter; src = ./eval/builtin-macros; }
else ./eval/builtin-macros;
src = lib.cleanSourceWith { filter = sourceFilter; src = ./eval/builtin-macros; };
procMacro = true;
authors = [
"Griffin Smith <root@gws.fyi>"
@ -13934,12 +13906,7 @@ rec {
crateName = "tvix-glue";
version = "0.1.0";
edition = "2021";
# We can't filter paths with references in Nix 2.4
# See https://github.com/NixOS/nix/issues/5410
src =
if ((lib.versionOlder builtins.nixVersion "2.4pre20211007") || (lib.versionOlder "2.5" builtins.nixVersion))
then lib.cleanSourceWith { filter = sourceFilter; src = ./glue; }
else ./glue;
src = lib.cleanSourceWith { filter = sourceFilter; src = ./glue; };
dependencies = [
{
name = "async-compression";
@ -14106,12 +14073,7 @@ rec {
crateName = "tvix-serde";
version = "0.1.0";
edition = "2021";
# We can't filter paths with references in Nix 2.4
# See https://github.com/NixOS/nix/issues/5410
src =
if ((lib.versionOlder builtins.nixVersion "2.4pre20211007") || (lib.versionOlder "2.5" builtins.nixVersion))
then lib.cleanSourceWith { filter = sourceFilter; src = ./serde; }
else ./serde;
src = lib.cleanSourceWith { filter = sourceFilter; src = ./serde; };
dependencies = [
{
name = "bstr";
@ -14141,12 +14103,7 @@ rec {
requiredFeatures = [ ];
}
];
# We can't filter paths with references in Nix 2.4
# See https://github.com/NixOS/nix/issues/5410
src =
if ((lib.versionOlder builtins.nixVersion "2.4pre20211007") || (lib.versionOlder "2.5" builtins.nixVersion))
then lib.cleanSourceWith { filter = sourceFilter; src = ./store; }
else ./store;
src = lib.cleanSourceWith { filter = sourceFilter; src = ./store; };
dependencies = [
{
name = "anyhow";
@ -14368,12 +14325,7 @@ rec {
crateName = "tvix-tracing";
version = "0.1.0";
edition = "2021";
# We can't filter paths with references in Nix 2.4
# See https://github.com/NixOS/nix/issues/5410
src =
if ((lib.versionOlder builtins.nixVersion "2.4pre20211007") || (lib.versionOlder "2.5" builtins.nixVersion))
then lib.cleanSourceWith { filter = sourceFilter; src = ./tracing; }
else ./tracing;
src = lib.cleanSourceWith { filter = sourceFilter; src = ./tracing; };
dependencies = [
{
name = "http";
@ -15940,12 +15892,12 @@ rec {
{
name = "winapi-i686-pc-windows-gnu";
packageId = "winapi-i686-pc-windows-gnu";
target = { target, features }: (pkgs.rust.lib.toRustTarget stdenv.hostPlatform == "i686-pc-windows-gnu");
target = { target, features }: (stdenv.hostPlatform.rust.rustcTarget == "i686-pc-windows-gnu");
}
{
name = "winapi-x86_64-pc-windows-gnu";
packageId = "winapi-x86_64-pc-windows-gnu";
target = { target, features }: (pkgs.rust.lib.toRustTarget stdenv.hostPlatform == "x86_64-pc-windows-gnu");
target = { target, features }: (stdenv.hostPlatform.rust.rustcTarget == "x86_64-pc-windows-gnu");
}
];
features = {
@ -17311,7 +17263,7 @@ rec {
{
name = "windows_aarch64_gnullvm";
packageId = "windows_aarch64_gnullvm 0.48.5";
target = { target, features }: (pkgs.rust.lib.toRustTarget stdenv.hostPlatform == "aarch64-pc-windows-gnullvm");
target = { target, features }: (stdenv.hostPlatform.rust.rustcTarget == "aarch64-pc-windows-gnullvm");
}
{
name = "windows_aarch64_msvc";
@ -17336,7 +17288,7 @@ rec {
{
name = "windows_x86_64_gnullvm";
packageId = "windows_x86_64_gnullvm 0.48.5";
target = { target, features }: (pkgs.rust.lib.toRustTarget stdenv.hostPlatform == "x86_64-pc-windows-gnullvm");
target = { target, features }: (stdenv.hostPlatform.rust.rustcTarget == "x86_64-pc-windows-gnullvm");
}
{
name = "windows_x86_64_msvc";
@ -17358,7 +17310,7 @@ rec {
{
name = "windows_aarch64_gnullvm";
packageId = "windows_aarch64_gnullvm 0.52.5";
target = { target, features }: (pkgs.rust.lib.toRustTarget stdenv.hostPlatform == "aarch64-pc-windows-gnullvm");
target = { target, features }: (stdenv.hostPlatform.rust.rustcTarget == "aarch64-pc-windows-gnullvm");
}
{
name = "windows_aarch64_msvc";
@ -17373,7 +17325,7 @@ rec {
{
name = "windows_i686_gnullvm";
packageId = "windows_i686_gnullvm";
target = { target, features }: (pkgs.rust.lib.toRustTarget stdenv.hostPlatform == "i686-pc-windows-gnullvm");
target = { target, features }: (stdenv.hostPlatform.rust.rustcTarget == "i686-pc-windows-gnullvm");
}
{
name = "windows_i686_msvc";
@ -17388,7 +17340,7 @@ rec {
{
name = "windows_x86_64_gnullvm";
packageId = "windows_x86_64_gnullvm 0.52.5";
target = { target, features }: (pkgs.rust.lib.toRustTarget stdenv.hostPlatform == "x86_64-pc-windows-gnullvm");
target = { target, features }: (stdenv.hostPlatform.rust.rustcTarget == "x86_64-pc-windows-gnullvm");
}
{
name = "windows_x86_64_msvc";
@ -17844,14 +17796,11 @@ rec {
fuchsia = true;
test = false;
/* We are choosing an arbitrary rust version to grab `lib` from,
which is unfortunate, but `lib` has been version-agnostic the
whole time so this is good enough for now.
*/
os = pkgs.rust.lib.toTargetOs platform;
arch = pkgs.rust.lib.toTargetArch platform;
family = pkgs.rust.lib.toTargetFamily platform;
vendor = pkgs.rust.lib.toTargetVendor platform;
inherit (platform.rust.platform)
arch
os
vendor;
family = platform.rust.platform.target-family;
env = "gnu";
endian =
if platform.parsed.cpu.significantByte.name == "littleEndian"
@ -18095,7 +18044,7 @@ rec {
let
self = {
crates = lib.mapAttrs (packageId: value: buildByPackageIdForPkgsImpl self pkgs packageId) crateConfigs;
target = makeTarget pkgs.stdenv.hostPlatform;
target = makeTarget stdenv.hostPlatform;
build = mkBuiltByPackageIdByPkgs pkgs.buildPackages;
};
in

37
tvix/default.nix
View file

@ -14,22 +14,12 @@ let
# Load the crate2nix crate tree.
crates = pkgs.callPackage ./Cargo.nix {
defaultCrateOverrides = pkgs.defaultCrateOverrides // {
opentelemetry-proto = prev: {
nativeBuildInputs = protobufDep prev;
nix-compat = prev: {
src = depot.tvix.utils.filterRustCrateSrc rec {
root = prev.src.origSrc;
extraFileset = (root + "/testdata");
};
};
prost-build = prev: {
nativeBuildInputs = protobufDep prev;
};
prost-wkt-types = prev: {
nativeBuildInputs = protobufDep prev;
};
tonic-reflection = prev: {
nativeBuildInputs = protobufDep prev;
};
tvix-build = prev: {
src = depot.tvix.utils.filterRustCrateSrc rec {
root = prev.src.origSrc;
@ -91,13 +81,6 @@ let
tvix-tracing = prev: {
src = depot.tvix.utils.filterRustCrateSrc { root = prev.src.origSrc; };
};
nix-compat = prev: {
src = depot.tvix.utils.filterRustCrateSrc rec {
root = prev.src.origSrc;
extraFileset = (root + "/testdata");
};
};
};
};
@ -166,10 +149,12 @@ in
# minute or two.
cargo metadata > /dev/null
# running this command counteracts depotfmt brokenness
git init
${depot.tools.crate2nix-generate}/bin/crate2nix-generate
${pkgs.crate2nix}/bin/crate2nix generate --all-features
${pkgs.treefmt}/bin/treefmt Cargo.nix \
--no-cache \
--on-unmatched=debug \
--config-file=${depot.tools.depotfmt.config} \
--tree-root=.
# technically unnecessary, but provides more-helpful output in case of error
diff -ur Cargo.nix ${src}/Cargo.nix

4
tvix/glue/src/builtins/derivation.rs
View file

@ -347,9 +347,9 @@ pub(crate) mod derivation_builtins {
input_context.mimic(&val_str);
if arg_name == "builder" {
drv.builder = val_str.to_str()?.to_owned();
val_str.to_str()?.clone_into(&mut drv.builder);
} else {
drv.system = val_str.to_str()?.to_owned();
val_str.to_str()?.clone_into(&mut drv.system);
}
// Either populate drv.environment or structured_attrs.

7
tvix/nix-compat/src/derivation/write.rs
View file

@ -32,13 +32,6 @@ pub const QUOTE: char = '"';
/// the context a lot.
pub(crate) trait AtermWriteable {
fn aterm_write(&self, writer: &mut impl Write) -> std::io::Result<()>;
fn aterm_bytes(&self) -> Vec<u8> {
let mut bytes = Vec::new();
self.aterm_write(&mut bytes)
.expect("unexpected write errors to Vec");
bytes
}
}
impl AtermWriteable for StorePathRef<'_> {

11
tvix/nix-compat/src/wire/bytes/mod.rs
View file

@ -33,12 +33,9 @@ const LEN_SIZE: usize = 8;
///
/// This buffers the entire payload into memory,
/// a streaming version is available at [crate::wire::bytes::BytesReader].
pub async fn read_bytes<R: ?Sized>(
r: &mut R,
allowed_size: RangeInclusive<usize>,
) -> io::Result<Vec<u8>>
pub async fn read_bytes<R>(r: &mut R, allowed_size: RangeInclusive<usize>) -> io::Result<Vec<u8>>
where
R: AsyncReadExt + Unpin,
R: AsyncReadExt + Unpin + ?Sized,
{
// read the length field
let len = r.read_u64_le().await?;
@ -82,13 +79,13 @@ where
Ok(buf)
}
pub(crate) async fn read_bytes_buf<'a, const N: usize, R: ?Sized>(
pub(crate) async fn read_bytes_buf<'a, const N: usize, R>(
reader: &mut R,
buf: &'a mut [MaybeUninit<u8>; N],
allowed_size: RangeInclusive<usize>,
) -> io::Result<&'a [u8]>
where
R: AsyncReadExt + Unpin,
R: AsyncReadExt + Unpin + ?Sized,
{
assert_eq!(N % 8, 0);
assert!(*allowed_size.end() <= N);