Unverified Commit b3981c08 authored by Adam Dinwoodie's avatar Adam Dinwoodie Committed by Philip Taron
Browse files

requireFile: don't perform Bash expansion 

When printing the error message with instructions to manually obtain a
fixed-output derivation using requireFile, print the string as escaped
using `escapeShellArg`, rather than using a here-doc where Bash
expansion will be performed.

This permits passing instructions that contain characters that Bash
would normally expand without needing to escape them (or even know that
they need escaping from Bash), for example instructions referencing
`$PWD`.

Document this in the current release notes, and update existing
requireFile calls that perform this now-unnecessary escaping.  In
passing, fix up a couple of minor message errors.
parent a3db0218

doc/release-notes/rl-2605.section.md

+2 −0
Original line number Diff line number Diff line
@@ -105,6 +105,8 @@ 


- `nodePackages.wavedrom-cli` has been removed, as it was unmaintained within nixpkgs.



- `requireFile` now treats any `message` or `url` argument as a literal string, rather than subjecting it to Bash here-doc expansion.  This allows including strings like `$PWD` in the message without needing to know about and handle the undocumented Bash expansion.



- `nodePackages.browserify` has been removed, as it was unmaintained within nixpkgs.



- `nodePackages.sass` has been removed, as it was unmaintained within nixpkgs.

nixos/modules/services/games/quake3-server.nix

+2 −2
Original line number Diff line number Diff line
@@ -34,8 +34,8 @@ let 
      cp baseq3/pak*.pk3 /tmp/baseq3

      nix-store --add-fixed sha256 --recursive /tmp/baseq3



      Alternatively you can set services.quake3-server.baseq3 to a path and copy the baseq3 directory into

      $services.quake3-server.baseq3/.q3a/

      Alternatively you can set services.quake3-server.baseq3 to a path and

      copy the baseq3 directory into the .q3a subdirectory of that path.

    '';

  };

pkgs/applications/networking/remote/citrix-workspace/generic.nix

+1 −1
Original line number Diff line number Diff line
@@ -139,7 +139,7 @@ stdenv.mkDerivation rec { 
      Once you have downloaded the file, please use the following command and re-run the

      installation:



      nix-prefetch-url file://\$PWD/${name}

      nix-prefetch-url file://$PWD/${name}

    '';

  };

pkgs/build-support/trivial-builders/default.nix

+1 −8
Original line number Diff line number Diff line
@@ -928,14 +928,7 @@ rec { 
        outputHash = hash_;

        preferLocalBuild = true;

        builder = writeScript "restrict-message" ''

          source ${stdenvNoCC}/setup

          cat <<_EOF_



          ***

          ${msg}

          ***



          _EOF_

          printf '%s' ${lib.escapeShellArg msg}

          exit 1

        '';

      }

pkgs/by-name/an/andyetitmoves/package.nix

+2 −2
Original line number Diff line number Diff line
@@ -33,7 +33,7 @@ stdenv.mkDerivation rec { 
          message = ''

            We cannot download the commercial version automatically, as you require a license.

            Once you bought a license, you need to add your downloaded version to the nix store.

            You can do this by using "nix-prefetch-url file:///\$PWD/${commercialName}" in the

            You can do this by using "nix-prefetch-url file:///$PWD/${commercialName}" in the

            directory where you saved it.

          '';

          name = commercialName;