| 28 Oct 2025 |
 ekler | yes, that's my point
| 14:28:14 |
 somasis | oops :) | 14:28:35 |
| somasis | today I've been playing around with trying to eliminate impurities from my config without using flakes. I've gotten there by trying nix flake check into doing its thing with a minimal flake.nix ({ outputs = import ./ {}; } and a well-written default.nix), but I wanted to poke around at it some more in nix repl | 14:29:47 |
| somasis | today I've been playing around with trying to eliminate impurities from my config without using flakes. I've gotten there and eliminated impurities by tricking nix flake check into doing its thing with a minimal flake.nix ({ outputs = import ./ {}; } and a well-written default.nix), but I wanted to poke around at it some more in nix repl | 14:30:04 |
| somasis | I guess there's still not reallly a way to actually do pure evaluation on a path from within the repl without flakes then... doing nix store add-path ~/src/puter and trying nix repl --pure-eval and import /nix/store/jldwja0ddd64hawb7qahhgknws11i1iy-puter, despite being a store path, gives the "access to absolute path ... is forbidden in pure eval mode" error | 14:52:11 |
| somasis | I guess there's still not reallly a way to actually do pure evaluation on a path from within the repl without flakes then... doing nix store add-path ~/src/puter and trying nix repl --pure-eval and :l /nix/store/jldwja0ddd64hawb7qahhgknws11i1iy-puter, despite being a store path, gives the "access to absolute path ... is forbidden in pure eval mode" error | 14:52:33 |
 Yureka (she/her) | you can do builtins.fetchGit | 15:05:24 |
| Yureka (she/her) | with a rev | 15:05:26 |
| Yureka (she/her) | on a local repo | 15:05:47 |
| somasis | aha, that does work :) | 15:07:41 |
| Yureka (she/her) | for example:
nix repl --pure-eval --expr "import (builtins.fetchGit { url = ./.; rev = \"$(git rev-parse HEAD)\"; } + "/flake.nix")"
| 15:09:43 |
| Yureka (she/her) | * for example:
nix repl --pure-eval --expr "import (builtins.fetchGit { url = ./.; rev = \"$(git rev-parse HEAD)\"; } + \"/flake.nix\")"
| 15:10:02 |
| Yureka (she/her) | * for example:
nix repl --pure-eval --expr "import (builtins.fetchGit { url = ./.; rev = \"$(git rev-parse HEAD)\"; } + \"/flake.nix\")"
| 15:10:07 |
| Yureka (she/her) | * for example:
nix repl --pure-eval --expr "import (builtins.fetchGit { url = ./.; rev = \"$(git rev-parse HEAD)\"; } + \"/flake.nix\")"
| 15:10:10 |
| Yureka (she/her) | * for example:
nix repl --pure-eval \
--expr "import (builtins.fetchGit { url = ./.; rev = \"$(git rev-parse HEAD)\"; } + \"/flake.nix\")"
| 15:10:19 |
 raitobezarius | another advice is that restricted eval is probably a better start than pure eval | 15:16:40 |
| raitobezarius | restricted eval still let you whitelist filesystem trees | 15:16:46 |
| raitobezarius | so you don't have to do copies to the store | 15:16:49 |
| raitobezarius | * restricted eval still let you allow-list filesystem trees | 15:16:57 |
| somasis | oh, I didn't realize that was a thing | 15:17:11 |
| raitobezarius | you will only find examples of the usage of this feature in TVL fwiw | 15:17:26 |
| raitobezarius | in their CI | 15:17:30 |
| raitobezarius | (tvlfyi) | 15:17:37 |
| somasis | found it: https://code.tvl.fyi/tree/ops/pipelines/static-pipeline.yaml#n73 | 15:25:44 |
| somasis | ah and this is documented in nix.conf... so many obscure little nix options out there | 15:26:54 |
| somasis | ah and this is documented in nix.conf too... so many obscure little nix options out there | 15:26:58 |
| somasis | ah and this is documented in nix.conf too... so many obscure little nix options out there, I swear I've scrolled past the block of text about restrict-eval and never read it lol | 15:27:31 |
| somasis | ah and this is documented in nix.conf too... so many obscure little nix options out there, I swear I've scrolled past the block of text about restrict-eval lots of times and never read it lol | 15:34:28 |
|  @mm_x__:matrix.org left the room. | 16:31:51 |
|  @lonerorz:matrix.org left the room. | 16:39:21 |
