StorePath: reject names starting with '.'

[edef1c]

Motivation

This has been the behaviour before Nix 2.4. It was dropped in a rewrite in 759947b, allowing the creation of store paths that aren't considered valid by older Nix versions or other Nix tooling.

Context

Nix 2.4 didn't ship in NixOS until 22.05, and stdenv.mkDerivation in nixpkgs drops leading periods since April 2022, so it's unlikely anyone is relying on the current lax behaviour.

[Ericson2314]

Can you update Arbitrary<StorePathName> too? It didn't fail because all the property testing is kinda borked right now.

---

To be honest, I am not mustering much enthusiasm for this issue either way, because me wishing store paths didn't have names at all is drowning out any feelings on what those names should look like.

[edef1c]

Can you update Arbitrary<StorePathName> too? It didn't fail because all the property testing is kinda borked right now.

Done.

[Ericson2314]

Hmm I am surprised we didn't need the attribute explicit fall-through thing to appease a -Werror=....

[Ericson2314]

@roberth said

This makes actual use of the "feature" rather unlikely albeit not entirely impossible.

Considering also there's a tiny but non-zero chance that someone's code relies on the rejection behavior for security, I'd rather treat it as a bug.

Tidy chance of security issue from relaxation > slightly less tiny chance of breakage retightening is fine enough reasoning for me. +1 on this approach then.

[edef1c]

Looks like I forgot to update the name regex, which the tests fortunately also check. Fixed.

[edef1c]

Do we want to backport this to releases that shipped with the broken check?
cc @roberth

[github-actions]

Backport failed for 2.13-maintenance, because it was unable to cherry-pick the commit(s).

Please cherry-pick the changes locally.

git fetch origin 2.13-maintenance
git worktree add -d .worktree/backport-9095-to-2.13-maintenance origin/2.13-maintenance
cd .worktree/backport-9095-to-2.13-maintenance
git checkout -b backport-9095-to-2.13-maintenance
ancref=$(git merge-base 2f1c16dfa2378fd8616bff1b9b7cd0b4d42af69b 24bda0c7b381e1a017023c6f7cb9661fae8560bd)
git cherry-pick -x $ancref..24bda0c7b381e1a017023c6f7cb9661fae8560bd

[github-actions]

Backport failed for 2.13-maintenance, because it was unable to cherry-pick the commit(s).

Please cherry-pick the changes locally.

git fetch origin 2.13-maintenance
git worktree add -d .worktree/backport-9095-to-2.13-maintenance origin/2.13-maintenance
cd .worktree/backport-9095-to-2.13-maintenance
git checkout -b backport-9095-to-2.13-maintenance
ancref=$(git merge-base 2f1c16dfa2378fd8616bff1b9b7cd0b4d42af69b 24bda0c7b381e1a017023c6f7cb9661fae8560bd)
git cherry-pick -x $ancref..24bda0c7b381e1a017023c6f7cb9661fae8560bd

[github-actions]

Backport failed for 2.14-maintenance, because it was unable to cherry-pick the commit(s).

Please cherry-pick the changes locally.

git fetch origin 2.14-maintenance
git worktree add -d .worktree/backport-9095-to-2.14-maintenance origin/2.14-maintenance
cd .worktree/backport-9095-to-2.14-maintenance
git checkout -b backport-9095-to-2.14-maintenance
ancref=$(git merge-base 2f1c16dfa2378fd8616bff1b9b7cd0b4d42af69b 24bda0c7b381e1a017023c6f7cb9661fae8560bd)
git cherry-pick -x $ancref..24bda0c7b381e1a017023c6f7cb9661fae8560bd

[github-actions]

Backport failed for 2.14-maintenance, because it was unable to cherry-pick the commit(s).

Please cherry-pick the changes locally.

git fetch origin 2.14-maintenance
git worktree add -d .worktree/backport-9095-to-2.14-maintenance origin/2.14-maintenance
cd .worktree/backport-9095-to-2.14-maintenance
git checkout -b backport-9095-to-2.14-maintenance
ancref=$(git merge-base 2f1c16dfa2378fd8616bff1b9b7cd0b4d42af69b 24bda0c7b381e1a017023c6f7cb9661fae8560bd)
git cherry-pick -x $ancref..24bda0c7b381e1a017023c6f7cb9661fae8560bd

[github-actions]

Backport failed for 2.13-maintenance, because it was unable to cherry-pick the commit(s).

Please cherry-pick the changes locally.

git fetch origin 2.13-maintenance
git worktree add -d .worktree/backport-9095-to-2.13-maintenance origin/2.13-maintenance
cd .worktree/backport-9095-to-2.13-maintenance
git checkout -b backport-9095-to-2.13-maintenance
ancref=$(git merge-base 2f1c16dfa2378fd8616bff1b9b7cd0b4d42af69b 24bda0c7b381e1a017023c6f7cb9661fae8560bd)
git cherry-pick -x $ancref..24bda0c7b381e1a017023c6f7cb9661fae8560bd

[github-actions]

Backport failed for 2.15-maintenance, because it was unable to cherry-pick the commit(s).

Please cherry-pick the changes locally.

git fetch origin 2.15-maintenance
git worktree add -d .worktree/backport-9095-to-2.15-maintenance origin/2.15-maintenance
cd .worktree/backport-9095-to-2.15-maintenance
git checkout -b backport-9095-to-2.15-maintenance
ancref=$(git merge-base 2f1c16dfa2378fd8616bff1b9b7cd0b4d42af69b 24bda0c7b381e1a017023c6f7cb9661fae8560bd)
git cherry-pick -x $ancref..24bda0c7b381e1a017023c6f7cb9661fae8560bd

[github-actions]

Backport failed for 2.15-maintenance, because it was unable to cherry-pick the commit(s).

Please cherry-pick the changes locally.

git fetch origin 2.15-maintenance
git worktree add -d .worktree/backport-9095-to-2.15-maintenance origin/2.15-maintenance
cd .worktree/backport-9095-to-2.15-maintenance
git checkout -b backport-9095-to-2.15-maintenance
ancref=$(git merge-base 2f1c16dfa2378fd8616bff1b9b7cd0b4d42af69b 24bda0c7b381e1a017023c6f7cb9661fae8560bd)
git cherry-pick -x $ancref..24bda0c7b381e1a017023c6f7cb9661fae8560bd

[github-actions]

Backport failed for 2.14-maintenance, because it was unable to cherry-pick the commit(s).

Please cherry-pick the changes locally.

git fetch origin 2.14-maintenance
git worktree add -d .worktree/backport-9095-to-2.14-maintenance origin/2.14-maintenance
cd .worktree/backport-9095-to-2.14-maintenance
git checkout -b backport-9095-to-2.14-maintenance
ancref=$(git merge-base 2f1c16dfa2378fd8616bff1b9b7cd0b4d42af69b 24bda0c7b381e1a017023c6f7cb9661fae8560bd)
git cherry-pick -x $ancref..24bda0c7b381e1a017023c6f7cb9661fae8560bd

[github-actions]

Git push to origin failed for 2.16-maintenance with exitcode 1

[github-actions]

Backport failed for 2.14-maintenance, because it was unable to cherry-pick the commit(s).

Please cherry-pick the changes locally.

git fetch origin 2.14-maintenance
git worktree add -d .worktree/backport-9095-to-2.14-maintenance origin/2.14-maintenance
cd .worktree/backport-9095-to-2.14-maintenance
git checkout -b backport-9095-to-2.14-maintenance
ancref=$(git merge-base 2f1c16dfa2378fd8616bff1b9b7cd0b4d42af69b 24bda0c7b381e1a017023c6f7cb9661fae8560bd)
git cherry-pick -x $ancref..24bda0c7b381e1a017023c6f7cb9661fae8560bd

[github-actions]

Backport failed for 2.15-maintenance, because it was unable to cherry-pick the commit(s).

Please cherry-pick the changes locally.

git fetch origin 2.15-maintenance
git worktree add -d .worktree/backport-9095-to-2.15-maintenance origin/2.15-maintenance
cd .worktree/backport-9095-to-2.15-maintenance
git checkout -b backport-9095-to-2.15-maintenance
ancref=$(git merge-base 2f1c16dfa2378fd8616bff1b9b7cd0b4d42af69b 24bda0c7b381e1a017023c6f7cb9661fae8560bd)
git cherry-pick -x $ancref..24bda0c7b381e1a017023c6f7cb9661fae8560bd

[github-actions]

Git push to origin failed for 2.16-maintenance with exitcode 1

[github-actions]

Git push to origin failed for 2.17-maintenance with exitcode 1

[github-actions]

Git push to origin failed for 2.18-maintenance with exitcode 1

[roberth]

Sorry for the spam. Looks the action did n² or something. Haven't seen it do that before.

I'd like to have backports back to 2.13 which is in the NixOS release. Beyond that I don't think we can (or should) support anything.

We might want to decide on a backport policy...

[nixos-discourse]

This pull request has been mentioned on NixOS Discourse. There might be relevant details there:

https://discourse.nixos.org/t/2023-10-06-nix-team-meeting-minutes-92/34001/1

[PetarKirov]

@edef1c This change broke the evaluation of my home-manager configuration. This happened while upgrading the CI of my config to Nix 2.19.1 (via cachix/install-nix-action@v24). I had no idea that my configuration was somehow depending on the lax path validation. Any idea how users like me can workaround this issue?

error:
       … while calling the 'derivationStrict' builtin

         at /derivation-internal.nix:9:12:

            8|
            9|   strict = derivationStrict drvAttrs;
             |            ^
           10|

       … while evaluating derivation 'home-manager-generation'
[... stack trace partially omitted]

       … while evaluating derivation 'home-manager-files'
         whose name attribute is located at /nix/store/gjd1iiwgwv7x29b21ng2dpysbgjp6kxr-source/pkgs/stdenv/generic/make-derivation.nix:348:7

[... long stack trace partially omitted]

       error: store path 'g6yc5a3ibnqwvs1ijxxwiij758384xg3-.gitconfig' starts with illegal character '.'

[ailocam]

This change breaks interpolating hidden file paths such as ${./.test.env} in strings on 2.19.1.
I did find a workaround ${builtins.path {path = ./.test.env; name = "test.env";} }

[jaen]

I've already had paths with dots in my store and this change breaks basic commands such as nix-collect-garbage or nix-store --delete, so I can't even reliably get rid of those paths from my store now (other than downgrading nix).

I think at the very least this change shouldn't break basic commands like those.

[nixos-discourse]

This pull request has been mentioned on NixOS Discourse. There might be relevant details there:

https://discourse.nixos.org/t/2023-12-18-nix-team-meeting-minutes-113/37050/1

[accelbread]

This change causes evaluation failures for existing Nix expressions that used paths to files starting with '.'. I've had to have others downgrade to 2.18 due to this. Should reverting this change be considered?

[roberth]

@edef1c How would you feel about changing - to call it that way - the Nix Specification to just allow names to start with a .?

It turns out that people have actually come to rely on it, so we might just call this an experiment with a negative outcome.

Furthermore it's causing real issues with Nix rejecting its store, and I feel like implementing a workaround is just a waste of time.

Also there's some utility to it: #912.

Considering also there's a tiny but non-zero chance that someone's code relies on the rejection behavior for security

And this does seem far fetched.

If you agree, I'll take care of reverting this, and communicating the change in the release notes.

[adrian-gierakowski]

This change broke my builds. Unless there is good reason not to support the dot I’d love to see this reverted.

[roberth]

I'd like to move ahead with #9095 (comment) in the form of

• #912 allow leading period #9867

[nixos-discourse]

This pull request has been mentioned on NixOS Discourse. There might be relevant details there:

https://discourse.nixos.org/t/store-path-starts-with-illegal-character/42050/2