#912 allow leading period #9867
Conversation
This reverts commit 24bda0c.
|
I think this sets a bad precedent of having to support bugs that accidentally snuck in forever. Also, flip-flopping on this behaviour again just makes the situation even more confusing. |
It was requested as a feature, #912
What if denying
Since when do we make decisions based on precedent? The author of #9095 has shown no interest in helping users with the consequences of their PR. I don't blame them for that; they can have all sorts of reasons, and it's a risk I took when accepting their PR. If I were to hand responsibility to you, how would you deal with the problem? We have users with broken stores now, who can't upgrade their Nix. Do you plan to fix the problem in a different way? What about #912? |
roberth
requested review from
Ericson2314
and removed request for
edolstra and
thufschmitt
|
@Ericson2314 this fixes two Arbitrary instances. Some more still remain. |
|
Glad to hear it! |
roberth
added
backport 2.19-maintenance
src/libstore/path-regex.hh
Outdated
| @@ -3,6 +3,6 @@ | |||
|
|
|||
| namespace nix { | |||
|
|
|||
| static constexpr std::string_view nameRegexStr = R"([0-9a-zA-Z\+\-_\?=][0-9a-zA-Z\+\-\._\?=]*)"; | |||
| static constexpr std::string_view nameRegexStr = R"((?!\.\.?(-|$))[0-9a-zA-Z\+\-\._\?=]+)"; | |||
There was a problem hiding this comment.
I don't quite understand this one. Maybe it needs some comments?
| if (name.size() == 1) | ||
| throw BadStorePath("store path '%s' has invalid name '%s'", path, name); | ||
| if (name[1] == '-') | ||
| throw BadStorePath("store path '%s' has invalid name '%s': first dash-separated component must not be '%s'", path, name, "."); |
There was a problem hiding this comment.
Could pull this out into a lambda (with param for . or ..) and use twice
There was a problem hiding this comment.
They're slightly different though, because of the second error message.
I don't think the lambda would help with understanding or reuse.
Gen::just is the constant generator. Don't just return that!
Gen::just is the constant generator. Don't just return that!
As discussed in the maintainer meeting on 2024-01-29. Mainly this is to avoid a situation where the name is parsed and treated as a file name, mostly to protect users. .-* and ..-* are also considered invalid because they might strip on that separator to remove versions. Doesn't really work, but that's what we decided, and I won't argue with it, because .-* probably doesn't seem to have a real world application anyway. We do still permit a 1-character name that's just "-", which still poses a similar risk in such a situation. We can't start disallowing trailing -, because a non-zero number of users will need it and we've seen how annoying and painful such a change is. What matters most is preventing a situation where . or .. can be injected, and to just get this done.
|
Backport failed for Please cherry-pick the changes locally and resolve any conflicts. git fetch origin 2.19-maintenance
git worktree add -d .worktree/backport-9867-to-2.19-maintenance origin/2.19-maintenance
cd .worktree/backport-9867-to-2.19-maintenance
git switch --create backport-9867-to-2.19-maintenance
git cherry-pick -x 9ddd0f2af8fd95e1380027a70d0aa650ea2fd5e4 b13e6a76b4f289c6db69ffaa7bd35b7e44f2a391 69bbd5852af9b2f0b794162bd1debcdf64fc6648 8406da28773f050e00a006e4812e3ecbf919a2a9 f1b4663805a9dbcb1ace64ec110092d17c9155e0 |
|
Successfully created backport PR for |
|
(bit late, but): Discussed during the Nix maintainers meeting on 2024-01-30.
Agreement |
|
This pull request has been mentioned on NixOS Discourse. There might be relevant details there: https://discourse.nixos.org/t/2024-01-30-nix-team-meeting-minutes-119/39185/1 |
|
Did this get rolled back? I'm seeing when running |
|
@ryantm It didn't get reverted. Maybe you're getting this from a daemon or remote builder? |
|
@roberth Thanks for the quick reply, that was a good hint. I had: then I updated my NixOS nix to be and garbage collection worked fine. |
|
This pull request has been mentioned on NixOS Discourse. There might be relevant details there: https://discourse.nixos.org/t/store-path-starts-with-illegal-character/42050/2 |
|
This pull request has been mentioned on NixOS Discourse. There might be relevant details there: https://discourse.nixos.org/t/store-path-starts-with-illegal-character/42050/3 |
thufschmitt
added
the
backport 2.18-maintenance
|
Backport failed for Please cherry-pick the changes locally and resolve any conflicts. git fetch origin 2.18-maintenance
git worktree add -d .worktree/backport-9867-to-2.18-maintenance origin/2.18-maintenance
cd .worktree/backport-9867-to-2.18-maintenance
git switch --create backport-9867-to-2.18-maintenance
git cherry-pick -x 9ddd0f2af8fd95e1380027a70d0aa650ea2fd5e4 b13e6a76b4f289c6db69ffaa7bd35b7e44f2a391 69bbd5852af9b2f0b794162bd1debcdf64fc6648 8406da28773f050e00a006e4812e3ecbf919a2a9 f1b4663805a9dbcb1ace64ec110092d17c9155e0 |
|
Backport failed for Please cherry-pick the changes locally and resolve any conflicts. git fetch origin 2.19-maintenance
git worktree add -d .worktree/backport-9867-to-2.19-maintenance origin/2.19-maintenance
cd .worktree/backport-9867-to-2.19-maintenance
git switch --create backport-9867-to-2.19-maintenance
git cherry-pick -x 9ddd0f2af8fd95e1380027a70d0aa650ea2fd5e4 b13e6a76b4f289c6db69ffaa7bd35b7e44f2a391 69bbd5852af9b2f0b794162bd1debcdf64fc6648 8406da28773f050e00a006e4812e3ecbf919a2a9 f1b4663805a9dbcb1ace64ec110092d17c9155e0 |
|
Backport failed for Please cherry-pick the changes locally and resolve any conflicts. git fetch origin 2.20-maintenance
git worktree add -d .worktree/backport-9867-to-2.20-maintenance origin/2.20-maintenance
cd .worktree/backport-9867-to-2.20-maintenance
git switch --create backport-9867-to-2.20-maintenance
git cherry-pick -x 9ddd0f2af8fd95e1380027a70d0aa650ea2fd5e4 b13e6a76b4f289c6db69ffaa7bd35b7e44f2a391 69bbd5852af9b2f0b794162bd1debcdf64fc6648 8406da28773f050e00a006e4812e3ecbf919a2a9 f1b4663805a9dbcb1ace64ec110092d17c9155e0 |
|
This doesn't seem to have been backported to 2.18? We need to |
To be clear, my initial proposal (#9091) was to document and codify the change in behaviour, rather than revert it, given that it was likely to have snuck into real-world use already, as experience has now indeed borne out. I can't spend all my time glued to GitHub currently, so this is the first time I'm seeing the fallout. It seemed like a perhaps risky but worthwhile experiment, that you endorsed as a maintainer (before code for the stricter validation was even written), and I'm fine with how this has concluded. We don't have an "ecosystem test run" environment like Rust's Crater, so I would not (and could not) have undertaken a live-fire test like this without a maintainer taking responsibility for it. Building a Crater equivalent seems abstractly worthwhile, but right now I don't have the bandwidth for such an undertaking, and I don't particularly expect anyone to volunteer. As far as I can tell, the only alternative unexplored was making it a warning and treating it as an explicitly deprecated behaviour, but I don't think that would have done much good. My sole goal here was to ensure that there is clear agreement on what constitutes in-spec Nix behaviour, so that other implementers (such as the TVL nix-compat Rust library, which I co-maintain) can match it in behaviour exactly, since we lack a formal specification. |
|
Hi @edef1c and thank you for your response. You're making good points about the ecosystem test run and a formal specification. We're trying to improve both, but for the formal specification, that takes a different form. Making a separate spec document is an effort that's hard to justify (for the Nix team), but we are making the documentation more precise. A spec is also reference documentation, so I think there's a lot that can be done about this issue, just by improving the Nix manual. So, contributions are welcomed; especially small and incremental ones. |
Nix 2.4 accidentally permitted this behaviour, but the revert came too late to beat Hyrum's law. It is now considered permissible. Link: NixOS/nix#9867 Change-Id: Ie97777af6765fe1c12c8aa593afe1c9b69125775 Reviewed-on: https://cl.tvl.fyi/c/depot/+/11553 Tested-by: BuildkiteCI Reviewed-by: flokli <[email protected]>
|
This pull request has been mentioned on NixOS Discourse. There might be relevant details there: https://discourse.nixos.org/t/broken-nix-store-path-starts-with-illegal-character/47776/1 |
|
I believe this hasn't been applied to 2.19 (yet). Though 9ddd0f2 would at least apply cleanly. |
|
We don't actively support 2.19, but feel free to open a PR |
|
Sad that the current Hydra is based on 2.19. |
Motivation
#9095 seems to have caused more harm than good. See #9095 (comment) for argumentation.
Context
Preceding
Backports of this
Priorities and Process
Add 👍 to pull requests you find important.
The Nix maintainer team uses a GitHub project board to schedule and track reviews.