|
|
@ -7,6 +7,10 @@ let |
|
|
|
# If we're in hydra, we can dispense with the more verbose error |
|
|
|
# If we're in hydra, we can dispense with the more verbose error |
|
|
|
# messages and make problems easier to spot. |
|
|
|
# messages and make problems easier to spot. |
|
|
|
inHydra = config.inHydra or false; |
|
|
|
inHydra = config.inHydra or false; |
|
|
|
|
|
|
|
# Allow the user to opt-into additional warnings, e.g. |
|
|
|
|
|
|
|
# import <nixpkgs> { config = { showDerivationWarnings = [ "maintainerless" ]; }; } |
|
|
|
|
|
|
|
showWarnings = config.showDerivationWarnings; |
|
|
|
|
|
|
|
|
|
|
|
getName = attrs: attrs.name or ("${attrs.pname or "«name-missing»"}-${attrs.version or "«version-missing»"}"); |
|
|
|
getName = attrs: attrs.name or ("${attrs.pname or "«name-missing»"}-${attrs.version or "«version-missing»"}"); |
|
|
|
|
|
|
|
|
|
|
|
# See discussion at https://github.com/NixOS/nixpkgs/pull/25304#issuecomment-298385426 |
|
|
|
# See discussion at https://github.com/NixOS/nixpkgs/pull/25304#issuecomment-298385426 |
|
|
@ -46,6 +50,9 @@ let |
|
|
|
hasLicense attrs && |
|
|
|
hasLicense attrs && |
|
|
|
isUnfree (lib.lists.toList attrs.meta.license); |
|
|
|
isUnfree (lib.lists.toList attrs.meta.license); |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
hasNoMaintainers = attrs: |
|
|
|
|
|
|
|
attrs ? meta.maintainers && (lib.length attrs.meta.maintainers) == 0; |
|
|
|
|
|
|
|
|
|
|
|
isMarkedBroken = attrs: attrs.meta.broken or false; |
|
|
|
isMarkedBroken = attrs: attrs.meta.broken or false; |
|
|
|
|
|
|
|
|
|
|
|
hasUnsupportedPlatform = attrs: |
|
|
|
hasUnsupportedPlatform = attrs: |
|
|
@ -91,6 +98,7 @@ let |
|
|
|
insecure = remediate_insecure; |
|
|
|
insecure = remediate_insecure; |
|
|
|
broken-outputs = remediateOutputsToInstall; |
|
|
|
broken-outputs = remediateOutputsToInstall; |
|
|
|
unknown-meta = x: ""; |
|
|
|
unknown-meta = x: ""; |
|
|
|
|
|
|
|
maintainerless = x: ""; |
|
|
|
}; |
|
|
|
}; |
|
|
|
remediation_env_var = allow_attr: { |
|
|
|
remediation_env_var = allow_attr: { |
|
|
|
Unfree = "NIXPKGS_ALLOW_UNFREE"; |
|
|
|
Unfree = "NIXPKGS_ALLOW_UNFREE"; |
|
|
@ -199,6 +207,14 @@ let |
|
|
|
else throw; |
|
|
|
else throw; |
|
|
|
in handler msg; |
|
|
|
in handler msg; |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
handleEvalWarning = { meta, attrs }: { reason , errormsg ? "" }: |
|
|
|
|
|
|
|
let |
|
|
|
|
|
|
|
remediationMsg = (builtins.getAttr reason remediation) attrs; |
|
|
|
|
|
|
|
msg = if inHydra then "Warning while evaluating ${getName attrs}: «${reason}»: ${errormsg}" |
|
|
|
|
|
|
|
else "Package ${getName attrs} in ${pos_str meta} ${errormsg}, continuing anyway." |
|
|
|
|
|
|
|
+ (if remediationMsg != "" then "\n${remediationMsg}" else ""); |
|
|
|
|
|
|
|
isEnabled = lib.findFirst (x: x == reason) null showWarnings; |
|
|
|
|
|
|
|
in if isEnabled != null then builtins.trace msg true else true; |
|
|
|
|
|
|
|
|
|
|
|
metaTypes = with lib.types; rec { |
|
|
|
metaTypes = with lib.types; rec { |
|
|
|
# These keys are documented |
|
|
|
# These keys are documented |
|
|
@ -277,28 +293,37 @@ let |
|
|
|
insecure = isMarkedInsecure attrs; |
|
|
|
insecure = isMarkedInsecure attrs; |
|
|
|
} |
|
|
|
} |
|
|
|
// (if hasDeniedUnfreeLicense attrs && !(hasAllowlistedLicense attrs) then |
|
|
|
// (if hasDeniedUnfreeLicense attrs && !(hasAllowlistedLicense attrs) then |
|
|
|
{ valid = false; reason = "unfree"; errormsg = "has an unfree license (‘${showLicense attrs.meta.license}’)"; } |
|
|
|
{ valid = "no"; reason = "unfree"; errormsg = "has an unfree license (‘${showLicense attrs.meta.license}’)"; } |
|
|
|
else if hasBlocklistedLicense attrs then |
|
|
|
else if hasBlocklistedLicense attrs then |
|
|
|
{ valid = false; reason = "blocklisted"; errormsg = "has a blocklisted license (‘${showLicense attrs.meta.license}’)"; } |
|
|
|
{ valid = "no"; reason = "blocklisted"; errormsg = "has a blocklisted license (‘${showLicense attrs.meta.license}’)"; } |
|
|
|
else if !allowBroken && attrs.meta.broken or false then |
|
|
|
else if !allowBroken && attrs.meta.broken or false then |
|
|
|
{ valid = false; reason = "broken"; errormsg = "is marked as broken"; } |
|
|
|
{ valid = "no"; reason = "broken"; errormsg = "is marked as broken"; } |
|
|
|
else if !allowUnsupportedSystem && hasUnsupportedPlatform attrs then |
|
|
|
else if !allowUnsupportedSystem && hasUnsupportedPlatform attrs then |
|
|
|
{ valid = false; reason = "unsupported"; errormsg = "is not supported on ‘${hostPlatform.system}’"; } |
|
|
|
{ valid = "no"; reason = "unsupported"; errormsg = "is not supported on ‘${hostPlatform.system}’"; } |
|
|
|
else if !(hasAllowedInsecure attrs) then |
|
|
|
else if !(hasAllowedInsecure attrs) then |
|
|
|
{ valid = false; reason = "insecure"; errormsg = "is marked as insecure"; } |
|
|
|
{ valid = "no"; reason = "insecure"; errormsg = "is marked as insecure"; } |
|
|
|
else if checkOutputsToInstall attrs then |
|
|
|
else if checkOutputsToInstall attrs then |
|
|
|
{ valid = false; reason = "broken-outputs"; errormsg = "has invalid meta.outputsToInstall"; } |
|
|
|
{ valid = "no"; reason = "broken-outputs"; errormsg = "has invalid meta.outputsToInstall"; } |
|
|
|
else let res = checkMeta (attrs.meta or {}); in if res != [] then |
|
|
|
else let res = checkMeta (attrs.meta or {}); in if res != [] then |
|
|
|
{ valid = false; reason = "unknown-meta"; errormsg = "has an invalid meta attrset:${lib.concatMapStrings (x: "\n\t - " + x) res}"; } |
|
|
|
{ valid = "no"; reason = "unknown-meta"; errormsg = "has an invalid meta attrset:${lib.concatMapStrings (x: "\n\t - " + x) res}"; } |
|
|
|
else { valid = true; }); |
|
|
|
# --- warnings --- |
|
|
|
|
|
|
|
# Please also update the type in /pkgs/top-level/config.nix alongside this. |
|
|
|
|
|
|
|
else if hasNoMaintainers attrs then |
|
|
|
|
|
|
|
{ valid = "warn"; reason = "maintainerless"; errormsg = "has no maintainers"; } |
|
|
|
|
|
|
|
# ----- |
|
|
|
|
|
|
|
else { valid = "yes"; }); |
|
|
|
|
|
|
|
|
|
|
|
assertValidity = { meta, attrs }: let |
|
|
|
assertValidity = { meta, attrs }: let |
|
|
|
validity = checkValidity attrs; |
|
|
|
validity = checkValidity attrs; |
|
|
|
in validity // { |
|
|
|
in validity // { |
|
|
|
# Throw an error if trying to evaluate an non-valid derivation |
|
|
|
# Throw an error if trying to evaluate a non-valid derivation |
|
|
|
handled = if !validity.valid |
|
|
|
# or, alternatively, just output a warning message. |
|
|
|
then handleEvalIssue { inherit meta attrs; } { inherit (validity) reason errormsg; } |
|
|
|
handled = |
|
|
|
else true; |
|
|
|
{ |
|
|
|
|
|
|
|
no = handleEvalIssue { inherit meta attrs; } { inherit (validity) reason errormsg; }; |
|
|
|
|
|
|
|
warn = handleEvalWarning { inherit meta attrs; } { inherit (validity) reason errormsg; }; |
|
|
|
|
|
|
|
yes = true; |
|
|
|
|
|
|
|
}.${validity.valid}; |
|
|
|
}; |
|
|
|
}; |
|
|
|
|
|
|
|
|
|
|
|
in assertValidity |
|
|
|
in assertValidity |
|
|
|