Commit 89e5b47c authored by Andrew Marshall's avatar Andrew Marshall
Browse files

check-meta: add allowBrokenPredicate 

Similar to allowUnfreePredicate, sometimes users may want to only allow
specific broken packages to avoid unexpectedly building others.

Some packages may be marked broken for policy reasons (lack of upstream
support) or due to broken or unsupported functionality that the user may
not care about. An example might be forcing ZFS to build on a newer,
unsupported Kernel where compilation succeeds and the user is willing to
take the risk of being unsupported.
parent adaa24fb

doc/using/configuration.chapter.md

+10 −2
Original line number Diff line number Diff line
@@ -33,7 +33,7 @@ Most unfree licenses prohibit either executing or distributing the software. 


## Installing broken packages {#sec-allow-broken}



There are two ways to try compiling a package which has been marked as broken.

There are several ways to try compiling a package which has been marked as broken.



-   For allowing the build of a broken package once, you can use an environment variable for a single invocation of the nix tools:
@@ -41,7 +41,15 @@ There are two ways to try compiling a package which has been marked as broken. 
    $ export NIXPKGS_ALLOW_BROKEN=1

    ```



-   For permanently allowing broken packages to be built, you may add `allowBroken = true;` to your user's configuration file, like this:

-   For permanently allowing broken packages that match some condition to be built, you may add `allowBrokenPredicate` to your user's configuration file with the desired condition, for example:



    ```nix

    {

      allowBrokenPredicate = pkg: builtins.elem (pkgs.lib.getName pkg) [ "hello" ];

    }

    ```



-   For permanently allowing all broken packages to be built, you may add `allowBroken = true;` to your user's configuration file, like this:



    ```nix

    {

pkgs/stdenv/generic/check-meta.nix

+13 −1
Original line number Diff line number Diff line
@@ -116,6 +116,18 @@ let 


  isMarkedBroken = attrs: attrs.meta.broken or false;



  # Allow granular checks to allow only some broken packages

  # Example:

  # { pkgs, ... }:

  # {

  #   allowBroken = false;

  #   allowBrokenPredicate = pkg: builtins.elem (pkgs.lib.getName pkg) [ "hello" ];

  # }

  allowBrokenPredicate = config.allowBrokenPredicate or (x: false);



  hasDeniedBroken =

    attrs: (attrs.meta.broken or false) && !allowBroken && !allowBrokenPredicate attrs;



  hasUnsupportedPlatform = pkg: !(availableOn hostPlatform pkg);



  isMarkedInsecure = attrs: (attrs.meta.knownVulnerabilities or [ ]) != [ ];
@@ -507,7 +519,7 @@ let 
        reason = "non-source";

        errormsg = "contains elements not built from source (‘${showSourceType attrs.meta.sourceProvenance}’)";

      }

    else if !allowBroken && attrs.meta.broken or false then

    else if hasDeniedBroken attrs then

      {

        valid = "no";

        reason = "broken";