-
-
Notifications
You must be signed in to change notification settings - Fork 1.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add option disallow-copy-paths
to track down unnecessary copying
#11746
base: master
Are you sure you want to change the base?
Conversation
This allows a bit more control. EvalState can now augment all fetchToStore calls.
disallow-copy-paths
disallow-copy-paths
to track down unnecessary copying
@@ -247,6 +247,17 @@ struct EvalSettings : Config | |||
|
|||
This option can be enabled by setting `NIX_ABORT_ON_WARN=1` in the environment. | |||
)"}; | |||
|
|||
Setting<std::set<std::string>> disallowCopyPaths{this, {}, "disallow-copy-paths", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
std::string
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Like the idea
We chatted a bit that the meaning of these strings may have to change a bit. Currently they're absolute paths, and that's ok for now, but we'll need something else when we have virtual paths. Perhaps easier to use would be an option where you can specify globs of forbidden file names which may be fetched and read, but not copied. A simple An option where you specify substrings of file contents that mustn't be copied would also be interesting, but quickly turns in a security feature that I don't know if we want to support. Maybe later. |
I think this should implement the globbing idea instead. It's a bit more work, requiring something like a nar sink wrapper and some more glue, but digging through logs is bad UX. |
Motivation
To quote the docs:
This is useful for finding expressions which copy sources, which can slow down evaluation.
You may find copied sources by running
nix
commands with increased verbosity, such asnix build -vvvv 2>&1 | grep /nix/store
.After identifying one more more paths, run
nix build --option disallow-copy-paths /nix/store/... --show-trace
to find the expression that copies the path, or add--debugger
.Context
Priorities and Process
Add 👍 to pull requests you find important.
The Nix maintainer team uses a GitHub project board to schedule and track reviews.