[Nix-dev] Questions about the all-packages fixpoint

Benno Fünfstück benno.fuenfstueck at gmail.com
Sat Mar 18 15:27:34 CET 2017


Nicolas Pierron <nicolas.b.pierron at nbp.name> schrieb am Fr., 17. März 2017
um 22:36 Uhr:

> On Fri, Mar 17, 2017 at 9:38 PM, Benno Fünfstück
> <benno.fuenfstueck at gmail.com> wrote:
> > One thing that is nicer about `self.callPackage` though is that you can
> > follow the rule "whenever taking something from self does not lead
> infinite
> > recursion, take it from self" when writing overrides.
>
> And we should not advertise that, because this would lead to packages
> which are not patched, under the rules of the future security-update
> work.
> So whatever you think this is simpler or not, this is incorrect, I
> guess we could nullify these functions in the latest layer, preventing
> callPackage to ever be used through `self`.
>

Oh, why would that lead to not applying security updates? I'm not very
familar with "future security-update work", but that sounds unexpected to
me. What's so deeply magical about security updates?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.science.uu.nl/pipermail/nix-dev/attachments/20170318/70f4706c/attachment.html>


More information about the nix-dev mailing list