The following parameters are now available:
* hardeningDisable
To disable specific hardening flags
* hardeningEnable
To enable specific hardening flags
Only the cc-wrapper supports this right now, but these may be reused by
other wrappers, builders or setup hooks.
cc-wrapper supports the following flags:
* fortify
* stackprotector
* pie (disabled by default)
* pic
* strictoverflow
* format
* relro
* bindnow
The config.guess script tries to detect various ARM optimization flags
via /proc/cpuinfo. This is not only impure, but the detection is also
broken on multicore machines; on my quad-core system the machine type is
autodetected as 'neon neon neon neon-unknown-linux-gnueabihf':
checking build system type... Invalid configuration `neon': machine `neon' not recognized
configure: error: /nix/store/bafimhdj1yaxj6m1hvq7wvhwwizc939x-bootstrap-tools/bin/sh ./config.sub neon
neon
neon
neon-unknown-linux-gnueabihf failed
builder for ‘/nix/store/1npm2358bpvclj5w7fqjjwg72vbb0d79-gmp-6.0.0a.drv’ failed with exit code 1
Override the system type with the output of GNU config.guess to avoid
the autodetection.
- there were many easy merge conflicts
- cc-wrapper needed nontrivial changes
Many other problems might've been created by interaction of the branches,
but stdenv and a few other packages build fine now.
Haskell programs depend on gmp to implement the unbounded Integer type. Without
static variants of gmp we cannot build statically linked Haskell programs, what
some users have found desirable in the past. So far, we've used an override to
derive our own copy of gmp in the Haskell ecosystem, but this patch ends the
dichotomy between Haskell and the rest of Nixpkgs by enabling static gmp
libraries in the default build default.
(My OCD kicked in today...)
Remove repeated package names, capitalize first word, remove trailing
periods and move overlong descriptions to longDescription.
I also simplified some descriptions as well, when they were particularly
long or technical, often based on Arch Linux' package descriptions.
I've tried to stay away from generated expressions (and I think I
succeeded).
Some specifics worth mentioning:
* cron, has "Vixie Cron" in its description. The "Vixie" part is not
mentioned anywhere else. I kept it in a parenthesis at the end of the
description.
* ctags description started with "Exuberant Ctags ...", and the
"exuberant" part is not mentioned elsewhere. Kept it in a parenthesis
at the end of description.
* nix has the description "The Nix Deployment System". Since that
doesn't really say much what it is/does (especially after removing
the package name!), I changed that to "Powerful package manager that
makes package management reliable and reproducible" (borrowed from
nixos.org).
* Tons of "GNU Foo, Foo is a [the important bits]" descriptions
is changed to just [the important bits]. If the package name doesn't
contain GNU I don't think it's needed to say it in the description
either.