From ce89c8c114254aa558c314a19b730a53cfe17785 Mon Sep 17 00:00:00 2001 From: gustavderdrache Date: Tue, 20 May 2025 13:46:19 -0400 Subject: [PATCH 1/2] Log warnings on IFD with new option Co-authored-by: Eelco Dolstra --- src/libexpr/include/nix/expr/eval-settings.hh | 10 ++++++++++ src/libexpr/primops.cc | 18 +++++++++++++----- 2 files changed, 23 insertions(+), 5 deletions(-) diff --git a/src/libexpr/include/nix/expr/eval-settings.hh b/src/libexpr/include/nix/expr/eval-settings.hh index 284e02a9b..9ff73138a 100644 --- a/src/libexpr/include/nix/expr/eval-settings.hh +++ b/src/libexpr/include/nix/expr/eval-settings.hh @@ -152,6 +152,16 @@ struct EvalSettings : Config )" }; + Setting traceImportFromDerivation{ + this, false, "trace-import-from-derivation", + R"( + By default, Nix allows [Import from Derivation](@docroot@/language/import-from-derivation.md). + + When this setting is `true`, Nix will log a warning indicating that it performed such an import. + This option has no effect if `allow-import-from-derivation` is disabled. + )" + }; + Setting enableImportFromDerivation{ this, true, "allow-import-from-derivation", R"( diff --git a/src/libexpr/primops.cc b/src/libexpr/primops.cc index c4e6feb28..f3e3e1290 100644 --- a/src/libexpr/primops.cc +++ b/src/libexpr/primops.cc @@ -90,11 +90,19 @@ StringMap EvalState::realiseContext(const NixStringContext & context, StorePathS if (drvs.empty()) return {}; - if (isIFD && !settings.enableImportFromDerivation) - error( - "cannot build '%1%' during evaluation because the option 'allow-import-from-derivation' is disabled", - drvs.begin()->to_string(*store) - ).debugThrow(); + if (isIFD) { + if (!settings.enableImportFromDerivation) + error( + "cannot build '%1%' during evaluation because the option 'allow-import-from-derivation' is disabled", + drvs.begin()->to_string(*store) + ).debugThrow(); + + if (settings.traceImportFromDerivation) + warn( + "built '%1%' during evaluation due to an import from derivation", + drvs.begin()->to_string(*store) + ); + } /* Build/substitute the context. */ std::vector buildReqs; From d80f0fb15ac2c6970af22b226d645137a0702236 Mon Sep 17 00:00:00 2001 From: gustavderdrache Date: Wed, 21 May 2025 11:11:09 -0400 Subject: [PATCH 2/2] Add test for output warning to ensure stability Co-authored-by: Eelco Dolstra --- tests/functional/flakes/meson.build | 1 + tests/functional/flakes/trace-ifd.sh | 33 ++++++++++++++++++++++++++++ 2 files changed, 34 insertions(+) create mode 100644 tests/functional/flakes/trace-ifd.sh diff --git a/tests/functional/flakes/meson.build b/tests/functional/flakes/meson.build index 213c388a6..801fefc6f 100644 --- a/tests/functional/flakes/meson.build +++ b/tests/functional/flakes/meson.build @@ -33,6 +33,7 @@ suites += { 'debugger.sh', 'source-paths.sh', 'old-lockfiles.sh', + 'trace-ifd.sh', ], 'workdir': meson.current_source_dir(), } diff --git a/tests/functional/flakes/trace-ifd.sh b/tests/functional/flakes/trace-ifd.sh new file mode 100644 index 000000000..4879b9732 --- /dev/null +++ b/tests/functional/flakes/trace-ifd.sh @@ -0,0 +1,33 @@ +#!/usr/bin/env bash + +source ./common.sh + +requireGit + +flake1Dir="$TEST_ROOT/flake" + +createGitRepo "$flake1Dir" +createSimpleGitFlake "$flake1Dir" + +cat > "$flake1Dir/flake.nix" <<'EOF' +{ + outputs = { self }: let inherit (import ./config.nix) mkDerivation; in { + drv = mkDerivation { + name = "drv"; + buildCommand = '' + echo drv >$out + ''; + }; + + ifd = mkDerivation { + name = "ifd"; + buildCommand = '' + echo ${builtins.readFile self.drv} >$out + ''; + }; + }; +} +EOF + +nix build --no-link "$flake1Dir#ifd" --option trace-import-from-derivation true 2>&1 \ + | grepQuiet 'warning: built .* during evaluation due to an import from derivation'