TakeV/guix
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
1080 commits 102 branches 35 tags 561 MiB
Commit graph

7 commits

Author SHA1 Message Date
Eelco Dolstra d1487d9015 * This is a better location to keep the blacklist, since it can evolve 
separately from Nix or Nixpkgs.
 2005-03-24 14:07:02 +00:00
Eelco Dolstra 009752ca70 * Blacklist Firefox 1.0.1. 2005-03-24 13:44:47 +00:00
Eelco Dolstra 08df443618 * Check for duplicate attributes and formal parameters in Nix 
expressions.
 2005-03-10 11:33:46 +00:00
Eelco Dolstra 97c93526da * In the checker, do traversals of the dependency graph explicitly. A 
conditional expression in the blacklist can specify when to
  continue/stop a traversal.  For example, in

    <condition>
      <within>
        <traverse>
          <not><hasAttr name='outputHash' value='.+' /></not>
        </traverse>
        <hasAttr name='outputHash' value='ef1cb003448b4a53517b8f25adb12452' />
      </within>
    </condition>

  we traverse the dependency graph, not following the dependencies of
  `fetchurl' derivations (as indicated by the presence of an
  `outputHash' attribute - this is a bit ugly).  The resulting set of
  paths is scanned for a fetch of a file with the given hash, in this
  case, the hash of zlib-1.2.1.tar.gz (which has a security bug).  The
  intent is that a dependency on zlib is not a problem if it is in a
  `fetchurl' derivation, since that's build-time only.  (Other
  build-time uses of zlib *might* be a problem, e.g., static linking.)
 2005-03-07 16:26:05 +00:00
Eelco Dolstra bfbc55cbc6 * Use XML::LibXML. 2005-03-07 14:54:52 +00:00
Eelco Dolstra 9a7f95882c * Basic blacklist checker. Each element in a user environment is 
checked against every item in a blacklist.
 2005-03-04 11:12:48 +00:00
Eelco Dolstra 0107fba48e * Concept for a simple blacklist. 2005-03-02 15:57:35 +00:00