b12f/nixpkgs
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

stdenv: take license parameter checks out of mkDerivation path

Browse source
This commit is contained in:
Wout Mertens 2015-01-29 10:38:33 +01:00
parent db75b5d052
commit 0feb19b6b4
1 changed files with 59 additions and 68 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

127
pkgs/stdenv/generic/default.nix
View file

@ -16,11 +16,40 @@ let
allowUnfree = config.allowUnfree or false || builtins.getEnv "NIXPKGS_ALLOW_UNFREE" == "1"; allowUnfree = config.allowUnfree or false || builtins.getEnv "NIXPKGS_ALLOW_UNFREE" == "1";
# Allowed licenses, defaults to no licenses whitelist = config.whitelistedLicenses or [];
whitelistedLicenses = config.whitelistedLicenses or []; blacklist = config.blacklistedLicenses or [];
# Blacklisted licenses, default to no licenses onlyLicenses = list:
blacklistedLicenses = config.blacklistedLicenses or []; lib.lists.all (license:
let l = lib.licenses.${license.shortName or "BROKEN"} or false; in
if license == l then true else
throw ''${builtins.toJSON license} is not an attribute of lib.licenses''
) list;
mutuallyExclusive = a: b:
(builtins.length a) == 0 ||
(!(builtins.elem (builtins.head a) b) &&
mutuallyExclusive (builtins.tail a) b);
areLicenseListsValid =
if mutuallyExclusive whitelist blacklist then
assert onlyLicenses whitelist; assert onlyLicenses blacklist; true
else
throw "whitelistedLicenses and blacklistedLicenses are not mutually exclusive.";
hasLicense = attrs:
builtins.hasAttr "meta" attrs && builtins.hasAttr "license" attrs.meta;
hasWhitelistedLicense = assert areLicenseListsValid; attrs:
hasLicense attrs && builtins.elem attrs.meta.license whitelist;
hasBlacklistedLicense = assert areLicenseListsValid; attrs:
hasLicense attrs && builtins.elem attrs.meta.license blacklist;
allowBroken = config.allowBroken or false || builtins.getEnv "NIXPKGS_ALLOW_BROKEN" == "1";
isUnfree = licenses: lib.lists.any (l:
!l.free or true || l == "unfree" || l == "unfree-redistributable") licenses;
# Alow granular checks to allow only some unfree packages # Alow granular checks to allow only some unfree packages
# Example: # Example:
@ -31,13 +60,17 @@ let
# } # }
allowUnfreePredicate = config.allowUnfreePredicate or (x: false); allowUnfreePredicate = config.allowUnfreePredicate or (x: false);
allowBroken = config.allowBroken or false || builtins.getEnv "NIXPKGS_ALLOW_BROKEN" == "1"; # Check whether unfree packages are allowed and if not, whether the
# package has an unfree license and is not explicitely allowed by the
# `allowUNfreePredicate` function.
hasDeniedUnfreeLicense = attrs:
!allowUnfree &&
hasLicense attrs &&
isUnfree (lib.lists.toList attrs.meta.license) &&
!allowUnfreePredicate attrs;
unsafeGetAttrPos = builtins.unsafeGetAttrPos or (n: as: null); unsafeGetAttrPos = builtins.unsafeGetAttrPos or (n: as: null);
isUnfree = licenses: lib.lists.any (l:
!l.free or true || l == "unfree" || l == "unfree-redistributable") licenses;
defaultNativeBuildInputs = extraBuildInputs ++ defaultNativeBuildInputs = extraBuildInputs ++
[ ../../build-support/setup-hooks/move-docs.sh [ ../../build-support/setup-hooks/move-docs.sh
../../build-support/setup-hooks/compress-man-pages.sh ../../build-support/setup-hooks/compress-man-pages.sh
@ -60,75 +93,33 @@ let
pos' = if pos != null then "" + pos.file + ":" + toString pos.line + "" else "«unknown-file»"; pos' = if pos != null then "" + pos.file + ":" + toString pos.line + "" else "«unknown-file»";
throwEvalHelp = unfreeOrBroken: whatIsWrong: throwEvalHelp = unfreeOrBroken: whatIsWrong:
assert (builtins.elem unfreeOrBroken [ "Unfree" assert builtins.elem unfreeOrBroken ["Unfree" "Broken" "blacklisted"];
"Broken"
"BlacklistedLicense" throw ("Package ${attrs.name or "«name-missing»"} in ${pos'} ${whatIsWrong}, refusing to evaluate."
]); + (lib.strings.optionalString (unfreeOrBroken != "blacklisted") ''
throw ''
Package ${attrs.name} in ${pos'} ${whatIsWrong}, refusing to evaluate.
For `nixos-rebuild` you can set For `nixos-rebuild` you can set
{ nixpkgs.config.allow${unfreeOrBroken} = true; } { nixpkgs.config.allow${unfreeOrBroken} = true; }
in configuration.nix to override this. in configuration.nix to override this.
For `nix-env` you can add For `nix-env` you can add
{ allow${unfreeOrBroken} = true; } { allow${unfreeOrBroken} = true; }
to ~/.nixpkgs/config.nix. to ~/.nixpkgs/config.nix.
''; ''));
# Check whether unfree packages are allowed and if not, whether the licenseAllowed = attrs:
# package has an unfree license and is not explicitely allowed by the if hasDeniedUnfreeLicense attrs && !(hasWhitelistedLicense attrs) then
# `allowUNfreePredicate` function. throwEvalHelp "Unfree" "has an unfree license ${attrs.meta.license.shortName} which is not whitelisted"
hasDeniedUnfreeLicense = attrs: else if hasBlacklistedLicense attrs then
!allowUnfree && throwEvalHelp "blacklisted" "has the ${attrs.meta.license.shortName} license which is blacklisted"
isUnfree (lib.lists.toList attrs.meta.license or []) && else if !allowBroken && attrs.meta.broken or false then
!allowUnfreePredicate attrs; throwEvalHelp "Broken" "is marked as broken"
else if !allowBroken && builtins.hasAttr "platforms" attrs.meta && !lib.lists.elem result.system attrs.meta.platforms then
# Check whether two sets are mutual exclusive throwEvalHelp "Broken" "is not supported on ${result.system}"
mutualExclusive = a: b: else true;
(builtins.length a) == 0 ||
(!(builtins.elem (builtins.head a) b) &&
mutualExclusive (builtins.tail a) b);
# Check whether an package has the license set
licenseCheckable = attr:
builtins.hasAttr "meta" attrs && builtins.hasAttr "license" attrs.meta;
# Check whether the license of the package is whitelisted.
# If the package has no license, print a warning about this and allow the
# package (return that it is actually whitelisted)
hasWhitelistedLicense = attrs:
if licenseCheckable attrs then
builtins.elem attrs.meta.license whitelistedLicenses
else
#builtins.trace "Has no license: ${attrs.name}, allowing installation"
true;
# Check whether the license of the package is blacklisted.
# If the package has no license, print a warning about this and allow the
# package (return that it is actually not blacklisted)
hasBlacklistedLicense = attrs:
if licenseCheckable attrs then
builtins.elem attrs.meta.license blacklistedLicenses
else
#builtins.trace "Has no license: ${attrs.name}, allowing installation"
false;
in in
if !(mutualExclusive whitelistedLicenses blacklistedLicenses) then assert licenseAllowed attrs;
throw ''
Package blacklist (${blacklistedLicenses}) and whitelist
(${whitelistedLicenses}) are not mutual exclusive.
''
else if hasDeniedUnfreeLicense attrs &&
!(hasWhitelistedLicense attrs) then
throwEvalHelp "Unfree" "has an unfree license which is not whitelisted"
else if hasBlacklistedLicense attrs then
throwEvalHelp "BlacklistedLicense"
"has a license which is blacklisted"
else if !allowBroken && attrs.meta.broken or false then
throwEvalHelp "Broken" "is marked as broken"
else if !allowBroken && attrs.meta.platforms or null != null && !lib.lists.elem result.system attrs.meta.platforms then
throwEvalHelp "Broken" "is not supported on ${result.system}"
else
lib.addPassthru (derivation ( lib.addPassthru (derivation (
(removeAttrs attrs ["meta" "passthru" "crossAttrs"]) (removeAttrs attrs ["meta" "passthru" "crossAttrs"])
// (let // (let