Open lheckemann opened 1 year ago
Draft, because:
I think it's OK to do this. People disabling pure evaluation presumably have a good reason to do so.
This does open up access to path
flakes in the local file system (e.g. by having a flake input path:/foo/bar
), see EvalState::checkURI()
.
In that case, I guess fixing https://github.com/NixOS/nix/issues/7098 in Nix is the right approach to solving this problem.
Pure evaluation should cover all the uses for restrict-eval, and restrict-eval currently breaks accessing Git inputs on Flakes1.