infinisil/all-hies
1
1
Fork 0
mirror of https://github.com/infinisil/all-hies.git synced 2024-11-22 04:43:27 +03:00
Code Issues Projects Releases Wiki Activity

Merge pull request #28 from expipiplus1/joe-nix-path

Browse Source 
Prevent User's overlays and config tainting the build
This commit is contained in:
Silvan Mosberger 2019-10-14 11:52:19 +02:00 committed by GitHub
commit 971421b6c4
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/Main.hs
View File

@ -139,8 +139,12 @@ genBaseLibraries :: FilePath -> Version -> String -> App ()
genBaseLibraries root version@(Version major minor patch) nixpkgsRev = do
contents <- Cache.get Cache.ExpiresNever ("per-ghcMinor" </> show major ++ show minor) $ do
git nixpkgs [ "checkout", nixpkgsRev ]
let -- Arguments to set config and overlays to nothing so
-- that they aren't sourced from the user's configuration
-- files in ~/.config/nixpkgs
purePkgs = [ "--arg", "config", "{}", "--arg", "overlays", "[]" ]
ghcPath <- liftIO $ init <$> readProcess "nix-build"
[ "--no-out-link", "<nixpkgs>", "-A", "haskell.compiler." ++ nixVersion version ] ""
([ "--no-out-link", "<nixpkgs>", "-A", "haskell.compiler." ++ nixVersion version ] ++ purePkgs) ""
libs <- liftIO $ readProcess (ghcPath </> "bin/ghc-pkg")
[ "list", "--no-user-package-db", "--simple" ] ""
return $ BS.pack libs