search

NixOS / nix

Nix, the purely functional package manager
https://nixos.org/
GNU Lesser General Public License v2.1
12.28k stars 1.48k forks source link

Restrict supported tarball formats to actual Tarballs #10918

Closed andir closed 3 months ago

andir commented 3 months ago

Motivation

The documentation is clear about the supported formats (with at least builtins.fetchTarball). The way the code was written previously it supported all the formats that libarchive supported. That is a surprisingly large amount of formats that are likely not on the radar of the Nix developers and users. Before people end up relying on this (or if they do) it is better to break it now before it becomes a widespread "feature".

Zip file support has been retained as (at least to my knowledge) historically that has been used to fetch nixpkgs in some shell expressions many years back.

Fixes https://github.com/NixOS/nix/issues/10917

Context

See https://github.com/NixOS/nix/issues/10917

Priorities and Process

Add :+1: to pull requests you find important.

The Nix maintainer team uses a GitHub project board to schedule and track reviews.

lf- commented 3 months ago

I think this is likely to cause regressions no matter how you cut it. The thing we should actually do here is to figure out how to ensure all the archive formats don't change behaviour over versions.