| 10 Dec 2024 |
 puck | hm? | 13:19:32 |
 piegames | because given that overriding __nixPath is also forbidden now, simply forcing the path to be empty via environment variables is sufficient to forbid <> all imports | 13:19:56 |
| puck | mhm, yeah, i guess? | 13:21:57 |
| piegames | * because given that overriding __nixPath is also forbidden now, simply forcing the path to be empty via environment variables is sufficient to forbid all <> imports | 13:22:01 |
| puck | it'd be cool to have a way to unset findFile/etc thru scopedImport, but that would've broken the niv code too | 13:22:20 |
| piegames | what do you mean? | 13:22:47 |
| puck | like, what if you just couldn't <foo> because __findFile doesn't exist | 13:23:14 |
| piegames | What's the difference from not being able to use <foo> because the path is empty? | 13:27:17 |
| puck | uhhhh, static vs dynamic erroring :p | 13:27:49 |
 raitobezarius | not necessarily | 14:50:41 |
| raitobezarius | this implies you control properly the environment variable | 14:50:50 |
| raitobezarius | but if someone bypasses the local development shell and do something weird | 14:50:58 |
| raitobezarius | they will still end up overriding nixpath | 14:51:02 |
| raitobezarius | (so yes they can put it in many of their wrappers, but this doesn't guarantee you anything) | 14:51:15 |
| piegames | I mean people can also still override __findPath to something useful again, can't they? | 14:51:19 |
| raitobezarius | well if you really really care hard about no one being able to override to prevent complicated to debug errors because of divergent nix paths | 14:51:47 |
| raitobezarius | that override solution is useful because no matter your wrapper you will get an error | 14:52:04 |
| piegames | Is it this more useful than alternative workarounds to be worthwhile keeping around with only a warning for now? | 14:53:28 |
| piegames | I'd operate under the assumption that this is just about protecting from dumb users, and not any actual threat model? i.e. not having to assume malice | 14:54:02 |
| raitobezarius | yeah just dumbness | 15:14:53 |
| raitobezarius | it happened to me very recently | 15:14:57 |
| raitobezarius | on another project | 15:14:59 |
| raitobezarius | hard to say for me | 15:34:54 |
| raitobezarius | it's a userspace breaking change per se | 15:34:59 |
| raitobezarius | so i'd be inclined to revert it to a warning | 15:35:06 |
| piegames | Hm, need to figure out how to propagate the information about the symbol being checked | 15:50:27 |
| piegames | Because I'm fine with a warning for __findFile, but not for the others like __sub | 15:50:44 |
| raitobezarius | oh yes absolutely | 15:50:58 |
| piegames | raitobezarius: Proposal to allow overriding __nixPath, but keep __findFile as is. | 17:39:41 |
| piegames | https://gerrit.lix.systems/c/lix/+/2295 | 18:04:45 |
