| 1 Dec 2025 |
 niko ⚡️ | Well, trying to call { __functor = x: 1; } will always error in normal nix code with integer is not a function | 00:51:39 |
| niko ⚡️ | So while not strictly invalid nix code, since you can still do { __functor = x: 1; }.__functor {} and get a valid result, it's not a valid functor per se | 00:52:54 |
|  @georgyo:nycr.chat left the room. | 02:57:38 |
 WeetHet | For CLI I think a blocking API should be enough? On that note, it could also be noexcept as well I guess | 06:29:31 |
|  @acidbong:envs.net left the room. | 06:43:48 |
 aloisw | You don't need delegation for the sandbox to work, just working user, PID and mount namespaces. | 06:44:30 |
| aloisw | (Yes working mount namespaces includes that you can actually mount things, Ubuntu.) | 06:44:43 |
| aloisw | root:nogroup is very weird, are you sure you have the UID and GID mapping set up properly? | 06:46:13 |
| aloisw | I think it should work if the store is owned by your user and your current UID and GID are identity-mapped. | 06:46:42 |
 piegames | In reply to @niko:nrab.lol
Like, how does that even work in the first place? __functor has to always at least be a function which returns a function? At least in normal nix code, then how the hell does nix-instantiate apply that This is a good question, could just be that the autocaller simply is ass here | 07:35:04 |
| piegames | In reply to @raitobezarius:matrix.org
Where does it say that functors has to return a function? But they really should, right? If a functor doesn't return a function, then how does one kniw how to call it? Only the autocaller could call that, and that is weird | 07:36:37 |
 thubrecht | I mean, technically __functor is just an attrset element that sometimes has different semantics | 07:45:30 |
| thubrecht | Which is well.... | 07:45:39 |
| thubrecht | Also you could build oneshot functors | 07:46:24 |
 Jules Lamur | In reply to @aloisw:julia0815.de
root:nogroup is very weird, are you sure you have the UID and GID mapping set up properly? Yes, you're right, map-{users,groups}=all fixes that issue. I then had a problem with sethostname being filtered by the default podman policy which prevent the sandbox from starting. My goal initially was to make the sandbox work on default podman containers, so this is not going to work at all, sadly! | 07:52:26 |
| niko ⚡️ | Am I the one in the wrong here? It doesn't matter what functor returns, it's fine if it returns an int, another attrset, or whatever else! My point is, __functor = x: 1; is not a functor. Same as __functor = 1; isn't. A valid functor is at least __functor = _: _: 1. The first argument takes self, the attrset being called, and then we return a function. If we don't do that, evaluating this nix code and trying to call the functor will error! Always! | 08:03:53 |
| niko ⚡️ | A valid functor could also be __functor = _: _: _: _: _: _: 1. That's whatever, but if it's a function that does not return a function, like __functor = _: {}, you can't call it! | 08:04:33 |
| piegames | I'd say the theory agrees with you, but I wouldn't bet on the code doing the sane thing until I've seen it | 08:53:39 |
| piegames | https://git.lix.systems/lix-project/lix/src/branch/main/lix/libexpr/eval.cc#L1762 at last callFunction requires the functor to take to arguments, so any deviation from that must come from some autocall jank | 09:02:55 |
| piegames | https://git.lix.systems/lix-project/lix/src/branch/main/lix/libexpr/eval.cc#L1820 indeed, autoCallFunction only calls __functor with one single argument | 09:05:32 |
| piegames | @niko:nrab.lol can you please file an issue for your finding? So that I don't forget it when I'll come around to sanitizing the autocaller | 09:06:42 |
| piegames | In reply to @piegames:flausch.social
https://git.lix.systems/lix-project/lix/src/branch/main/lix/libexpr/eval.cc#L1820 indeed, autoCallFunction only calls __functor with one single argument Well, it does the right thing in spirit, because it directly recurses so if the functor takes two arguments as usual then the code will behave correctly. It's just that if it isn't, there is an early return from the recursion which prevents the code path that would be inspecting the inner function | 09:08:10 |
| piegames | One interesting question is what to do with a functor like { __functor = self: b: 1; }, where the inner lambda does not destructure its attributes and thus cannot be autocalled. The probably correct result would be b: 1, which might be confusing. The alternative would be to only treat the functor as a function when it applies and thus leave the attrset unchanged, but that might be another can of worms | 09:11:31 |
| niko ⚡️ | In reply to @piegames:flausch.social
One interesting question is what to do with a functor like { __functor = self: b: 1; }, where the inner lambda does not destructure its attributes and thus cannot be autocalled. The probably correct result would be b: 1, which might be confusing. The alternative would be to only treat the functor as a function when it applies and thus leave the attrset unchanged, but that might be another can of worms I really don’t like how __functor = _: _: 1 and __functor = _: {...}@_: 1 have different auto-call semantics | 09:15:58 |
| niko ⚡️ | Can we like, not auto-call functors in the first place? And kill deep auto-calls while we’re at it? :^) | 09:17:25 |
| niko ⚡️ | In reply to @piegames:flausch.social
@niko:nrab.lol can you please file an issue for your finding? So that I don't forget it when I'll come around to sanitizing the autocaller It is done | 09:45:35 |
| piegames | In reply to @niko:nrab.lol
I really don’t like how __functor = _: _: 1 and __functor = _: {...}@_: 1 have different auto-call semantics To be fair these have subtly different semantics even outside of auto-calling, so I would argue that bit not to be an auto-call issue | 09:53:59 |
| niko ⚡️ | In reply to @piegames:flausch.social
To be fair these have subtly different semantics even outside of auto-calling, so I would argue that bit not to be an auto-call issue I think asserting an argument is an attrset is on a different level to whether autocalling takes place or not | 09:54:53 |
| niko ⚡️ | At least I’d personally expect all functions to be auto-called, or none | 09:55:17 |
| piegames | In reply to @niko:nrab.lol
At least I’d personally expect all functions to be auto-called, or none Well that's already not the case unfortunately https://git.lix.systems/lix-project/lix/src/branch/main/lix/libexpr/eval.cc#L1831 | 10:05:20 |
