Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

nixos/security.acme: remove with lib; #339101

Merged
merged 1 commit into from
Sep 5, 2024
Merged

nixos/security.acme: remove with lib; #339101

merged 1 commit into from
Sep 5, 2024
+137 −138

Conversation

Stunkymonkey
Copy link
Contributor

@Stunkymonkey Stunkymonkey commented Sep 2, 2024
edited
Loading

Description of changes

part of #208242

Things done

  • Built on platform(s)
    • x86_64-linux
    • aarch64-linux
    • x86_64-darwin
    • aarch64-darwin
  • For non-Linux: Is sandboxing enabled in nix.conf? (See Nix manual)
    • sandbox = relaxed
    • sandbox = true
  • Tested, as applicable:
  • Tested compilation of all packages that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage
  • Tested basic functionality of all binary files (usually in ./result/bin/)
  • 24.11 Release Notes (or backporting 23.11 and 24.05 Release notes)
    • (Package updates) Added a release notes entry if the change is major or breaking
    • (Module updates) Added a release notes entry if the change is significant
    • (Module addition) Added a release notes entry if adding a new NixOS module
  • Fits CONTRIBUTING.md.

Add a 👍 reaction to pull requests you find important.

@github-actions github-actions bot added 6.topic: nixos Issues or PRs affecting NixOS modules, or package usability issues specific to NixOS 8.has: module (update) This PR changes an existing module in `nixos/` labels Sep 2, 2024
@Stunkymonkey Stunkymonkey marked this pull request as ready for review September 2, 2024 20:39
@emilazy
Copy link
Member

emilazy commented Sep 2, 2024

@ofborg test acme

@emilazy emilazy requested a review from m1cr0man September 2, 2024 20:42
@m1cr0man
Copy link
Contributor

m1cr0man commented Sep 2, 2024

Correct me if I'm wrong but builtins.lib is not a thing? It seems some mass replace was done across the file.

@emilazy
Copy link
Member

emilazy commented Sep 2, 2024

Yeah, this needs fixing.

@Stunkymonkey
Copy link
Contributor Author

@emilazy & @m1cr0man should be fixed.

@Stunkymonkey
Copy link
Contributor Author

@ofborg test acme

@ofborg ofborg bot added 10.rebuild-darwin: 0 This PR does not cause any packages to rebuild on Darwin 10.rebuild-linux: 1-10 labels Sep 2, 2024
@m1cr0man
Copy link
Contributor

m1cr0man commented Sep 2, 2024

Question (non blockers just my own curiosity): what's the value of removing "with lib" entirely as per the parent ticket? I also wonder if a "let inherit (lib) ...” pattern is worth considering to preserve the blame on the lines/keep common values in scope?

@emilazy
Copy link
Member

emilazy commented Sep 3, 2024
edited
Loading

with disables static scope checking for its whole body (i.e. with lib; if complicatedCondition then … varaible … else … is a runtime error waiting to happen), and has very unintuitive behaviour around variable shadowing. It’s controversial in general but there’s more‐or‐less consensus to avoid whole file bodies being inside a with at this point. (And insofar as my vote as someone who hasn’t touched the ACME code in a few years counts, I’m definitely in favour of dropping it.)

I am personally agnostic to explicit lib vs. let inherit. I write the former, but the latter is fine too. Opinions seem generally divided on the matter.

@m1cr0man
Copy link
Contributor

m1cr0man commented Sep 3, 2024

Thanks for the explanation 🙂 this change makes a lot of sense now.

@Stunkymonkey Stunkymonkey marked this pull request as draft September 4, 2024 20:38
@Stunkymonkey
Copy link
Contributor Author

@ofborg test acme

philiptaron
philiptaron approved these changes Sep 5, 2024
View reviewed changes
Copy link
Contributor

@philiptaron philiptaron left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nix-build -A nixosTests.acme passes.

m1cr0man
m1cr0man approved these changes Sep 5, 2024
View reviewed changes
Copy link
Contributor

@m1cr0man m1cr0man left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good 🙂

@Stunkymonkey Stunkymonkey marked this pull request as ready for review September 5, 2024 22:08
@Stunkymonkey Stunkymonkey merged commit d7a1080 into NixOS:master Sep 5, 2024
26 of 27 checks passed
@Stunkymonkey Stunkymonkey deleted the acme-remove-with-lib branch September 5, 2024 22:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@emilazy emilazy emilazy left review comments

@m1cr0man m1cr0man m1cr0man approved these changes

@philiptaron philiptaron philiptaron approved these changes

@arianvp arianvp Awaiting requested review from arianvp

@flokli flokli Awaiting requested review from flokli

@aanderse aanderse Awaiting requested review from aanderse

Assignees
No one assigned
Labels
6.topic: nixos Issues or PRs affecting NixOS modules, or package usability issues specific to NixOS 8.has: module (update) This PR changes an existing module in `nixos/` 10.rebuild-darwin: 0 This PR does not cause any packages to rebuild on Darwin 10.rebuild-linux: 1-10
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@Stunkymonkey @emilazy @m1cr0man @philiptaron