Add tests for restricted eval mode
This commit is contained in:
parent
3c1c6b8f00
commit
fc6a032989
2 changed files with 19 additions and 1 deletions
|
@ -11,7 +11,7 @@ nix_tests = \
|
||||||
timeout.sh secure-drv-outputs.sh nix-channel.sh \
|
timeout.sh secure-drv-outputs.sh nix-channel.sh \
|
||||||
multiple-outputs.sh import-derivation.sh fetchurl.sh optimise-store.sh \
|
multiple-outputs.sh import-derivation.sh fetchurl.sh optimise-store.sh \
|
||||||
binary-cache.sh nix-profile.sh repair.sh dump-db.sh case-hack.sh \
|
binary-cache.sh nix-profile.sh repair.sh dump-db.sh case-hack.sh \
|
||||||
check-reqs.sh pass-as-file.sh tarball.sh
|
check-reqs.sh pass-as-file.sh tarball.sh restricted.sh
|
||||||
# parallel.sh
|
# parallel.sh
|
||||||
|
|
||||||
install-tests += $(foreach x, $(nix_tests), tests/$(x))
|
install-tests += $(foreach x, $(nix_tests), tests/$(x))
|
||||||
|
|
18
tests/restricted.sh
Normal file
18
tests/restricted.sh
Normal file
|
@ -0,0 +1,18 @@
|
||||||
|
source common.sh
|
||||||
|
|
||||||
|
clearStore
|
||||||
|
|
||||||
|
nix-instantiate --option restrict-eval true --eval -E '1 + 2'
|
||||||
|
(! nix-instantiate --option restrict-eval true ./simple.nix)
|
||||||
|
nix-instantiate --option restrict-eval true ./simple.nix -I src=.
|
||||||
|
nix-instantiate --option restrict-eval true ./simple.nix -I src1=simple.nix -I src2=config.nix -I src3=./simple.builder.sh
|
||||||
|
|
||||||
|
(! nix-instantiate --option restrict-eval true --eval -E 'builtins.readFile ./simple.nix')
|
||||||
|
nix-instantiate --option restrict-eval true --eval -E 'builtins.readFile ./simple.nix' -I src=..
|
||||||
|
|
||||||
|
(! nix-instantiate --option restrict-eval true --eval -E 'builtins.readDir ../src/boost')
|
||||||
|
nix-instantiate --option restrict-eval true --eval -E 'builtins.readDir ../src/boost' -I src=../src
|
||||||
|
|
||||||
|
(! nix-instantiate --option restrict-eval true --eval -E 'let __nixPath = [ { prefix = "foo"; path = ./.; } ]; in <foo>')
|
||||||
|
nix-instantiate --option restrict-eval true --eval -E 'let __nixPath = [ { prefix = "foo"; path = ./.; } ]; in <foo>' -I src=.
|
||||||
|
|
Loading…
Reference in a new issue