diff options
| author | Robert Hensing <robert@roberthensing.nl> | 2024-03-12 18:41:18 +0100 |
|---|---|---|
| committer | Robert Hensing <robert@roberthensing.nl> | 2024-03-12 18:41:18 +0100 |
| commit | 464d8c4a6c6282ea51e80b695f4d0eb39dd24b96 (patch) | |
| tree | 8592fb77b967796c487ead2f0cedf1e58bb67abe /pkgs/stdenv | |
| parent | 2fb7255cc03e83eb9c860e03218fdf3644208e98 (diff) | |
make-derivation.nix: Float inward darwin-specific derivation attributes
Diffstat (limited to 'pkgs/stdenv')
| -rw-r--r-- | pkgs/stdenv/generic/make-derivation.nix | 45 |
1 files changed, 23 insertions, 22 deletions
diff --git a/pkgs/stdenv/generic/make-derivation.nix b/pkgs/stdenv/generic/make-derivation.nix index c3230a27b42c4..36d34b796f907 100644 --- a/pkgs/stdenv/generic/make-derivation.nix +++ b/pkgs/stdenv/generic/make-derivation.nix @@ -314,26 +314,6 @@ else let ] ]; - computedSandboxProfile = - concatMap (input: input.__propagatedSandboxProfile or []) - (stdenv.extraNativeBuildInputs - ++ stdenv.extraBuildInputs - ++ concatLists dependencies); - - computedPropagatedSandboxProfile = - concatMap (input: input.__propagatedSandboxProfile or []) - (concatLists propagatedDependencies); - - computedImpureHostDeps = - unique (concatMap (input: input.__propagatedImpureHostDeps or []) - (stdenv.extraNativeBuildInputs - ++ stdenv.extraBuildInputs - ++ concatLists dependencies)); - - computedPropagatedImpureHostDeps = - unique (concatMap (input: input.__propagatedImpureHostDeps or []) - (concatLists propagatedDependencies)); - derivationArg = removeAttrs attrs [ "checkInputs" "installCheckInputs" @@ -426,7 +406,28 @@ else let NIX_HARDENING_ENABLE = enabledHardeningOptions; } // optionalAttrs (stdenv.hostPlatform.isx86_64 && stdenv.hostPlatform ? gcc.arch) { requiredSystemFeatures = attrs.requiredSystemFeatures or [] ++ [ "gccarch-${stdenv.hostPlatform.gcc.arch}" ]; - } // optionalAttrs (stdenv.buildPlatform.isDarwin) { + } // optionalAttrs (stdenv.buildPlatform.isDarwin) ( + let + computedSandboxProfile = + concatMap (input: input.__propagatedSandboxProfile or []) + (stdenv.extraNativeBuildInputs + ++ stdenv.extraBuildInputs + ++ concatLists dependencies); + + computedPropagatedSandboxProfile = + concatMap (input: input.__propagatedSandboxProfile or []) + (concatLists propagatedDependencies); + + computedImpureHostDeps = + unique (concatMap (input: input.__propagatedImpureHostDeps or []) + (stdenv.extraNativeBuildInputs + ++ stdenv.extraBuildInputs + ++ concatLists dependencies)); + + computedPropagatedImpureHostDeps = + unique (concatMap (input: input.__propagatedImpureHostDeps or []) + (concatLists propagatedDependencies)); + in { inherit __darwinAllowLocalNetworking; # TODO: remove `unique` once nix has a list canonicalization primitive __sandboxProfile = @@ -441,7 +442,7 @@ else let "/bin/sh" ]; __propagatedImpureHostDeps = computedPropagatedImpureHostDeps ++ __propagatedImpureHostDeps; - } // + }) // # If we use derivations directly here, they end up as build-time dependencies. # This is especially problematic in the case of disallowed*, since the disallowed # derivations will be built by nix as build-time dependencies, while those |