Commit graph

141 commits

Author SHA1 Message Date
Profpatsch
46f908c3c1 docs(users/Profpatsch/netencode): Parser security considerations
Netencode parsers should probably set an upper length limit.

Change-Id: Ibe65f2b59058106b720867a83435bf45660f1adf
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5908
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
2022-07-01 12:37:32 +00:00
Profpatsch
8f55567cf2 feat(users/Profpatsch): add lorri-wait-for-eval
A small exec wrapper which will query the lorri daemon for the last
few events, and if it sees a build running for the current
project (searching upwards for shell.nix), it will wait for the build
to finish before executing the command (in the new direnv
environment).

TODO: should patch lorri so that it can provide this information in a
better digestive format; right now it might have a later evaluation
running, so it’s hard to know which completion to wait for …

Change-Id: I8fa4a10484830a731fe3ec58f2694498f46a496c
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5903
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
2022-06-30 09:09:23 +00:00
Profpatsch
7c0874c228 feat(users/Profpatsch/sync-abfall): caldav vdirsyncer config gen
Gonna have to generate some vdirsyncer config, reusing the toIni
stuff, nice.

Change-Id: I036ce9990f70d3b035e47151f336d0d3971f2c91
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5888
Reviewed-by: Profpatsch <mail@profpatsch.de>
Tested-by: BuildkiteCI
2022-06-19 13:29:02 +00:00
Profpatsch
3c3713c69f refactor(users/Profpatsch/aerc): move ini stuff out
First shot at generating a dhall FFI standard.

Change-Id: I1cdf7eeaa6b2668a49282315f308a8e51abd0cf6
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5887
Reviewed-by: Profpatsch <mail@profpatsch.de>
Tested-by: BuildkiteCI
2022-06-19 13:29:02 +00:00
Profpatsch
4f0750cf90 feat(users/Profpatsch/sync-abfall-ics-aichach-friedberg): init
A small script that fetches calendar files for our local trash
provider. First step towards integrating ics files into my calendar
setup.

Change-Id: I0e8915a00c19349104cb6256e9dc87c17620fcae
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5883
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
Autosubmit: Profpatsch <mail@profpatsch.de>
2022-06-19 04:15:56 +00:00
Vincent Ambo
d10cbc711d refactor(Profpatsch/blog): Prepare for restricted-eval
Change-Id: Ia73db534634b11c6361e4e88a4d73a1512d969ca
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5685
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
2022-05-26 16:09:47 +00:00
Profpatsch
54684f6c34 feat(users/Profpatsch/aerc): use toINI
Uses the list-based toINI, which removes a lot of the complications
caused by the INI DSL (it was fun to write but really not necessary).

Change-Id: Ia6c30a726662416c99ed74f9eb33537573543383
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5530
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
2022-05-05 22:43:08 +00:00
Profpatsch
0c51608f6c feat(users/Profpatsch): add toINI
This is a morph of the `pkgs.lib.generators.toINIWithGlobalSection`
function, which is simplified, inlined, and takes lists instead of
attrsets. This makes the key ordering stable and is easy to generate
from dhall.

Ideally I’d upstream it at one point (in the sense that
`generators.toINI` can also take lists), but that will be a lot more
work that is not necessary atm.

Change-Id: I7d6c129cfee9faedb62f69d479e59a6e05bb7ac6
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5529
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
2022-05-05 22:43:08 +00:00
Profpatsch
9dac448466 feat(users/Profpatsch/importDhall): print dhall command
It’s often not obvious what dhall command to run to (type)-check the
dhall files directly without the nix roundtrip.

Now we just print the command, easy to copy.

Change-Id: I704a647bff13f73d5a1b1d33b00a46bcb1a9de4e
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5528
Reviewed-by: Profpatsch <mail@profpatsch.de>
Tested-by: BuildkiteCI
2022-05-05 22:43:08 +00:00
Profpatsch
2a6928fb4c feat(users/Profpatsch): init initial aerc config
aerc is a mail client. It needs some ini files to work.
This is an initial attempt at generating them.

Change-Id: I087955f19d2c4527275500a1e13eeb071c98a7b9
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5526
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
2022-05-05 20:18:36 +00:00
Profpatsch
f0e52f31cd feat(users/Profpatsch/importDhall): print type annotation
If no type annotation is given, debugging errors gets a lot harder
because there is nothing to compare it against.

But we can tell dhall to print the type first (this means double
evaluation, but that’s an optimization problem to be solved later).

Change-Id: Icf793828070cd6bb8daeb4c07de3162a5e064653
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5525
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
2022-05-05 20:18:36 +00:00
Profpatsch
7406e95954 fix(users/Profpatsch/alacritty): remove stable alacritty
I figured out that the problem came from me installing alacritty in my
home profile, which was out of sync with my system closure’s opengl.

Updating the home profile “fixed” it.

Change-Id: I1e2b3a91da9a3ab8c47182e0e0a8e69b9285c75b
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5522
Reviewed-by: Profpatsch <mail@profpatsch.de>
Reviewed-by: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
2022-05-05 15:18:12 +00:00
Profpatsch
c8ef9fcfa7 fix(users/Profpatsch/alacritty): use alacritty from stable
Change-Id: I8a3f22dd752b5cd70518424335de876210e9bcd4
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5487
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
2022-04-21 10:19:32 +00:00
Profpatsch
535ad8732a feat(users/Profpatsch/blog): Idealized Conflang blogpost
Change-Id: Iec01bc2a1a5ed5d21627ba1f9554ec4b3a8fc4ad
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5480
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
2022-04-20 15:12:56 +00:00
Profpatsch
ea871fdcd7 feat(users/Profpatsch/alacritty): Some more configuration
Change-Id: Ibb2e1892327bd1f27a16dcde1424b8d55c7783d2
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5479
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
2022-04-20 15:12:56 +00:00
Profpatsch
72b46e8fe8 feat(users/Profpatsch/nix-home): add terminal-emulator to ~/bin
This is an ad-hoc way of adding “well known” executables to my
user directory for now. It’s not pretty, it is what it is.

Change-Id: I93ee1d75b48536692da86485f0ac517aa1935ec4
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5335
Reviewed-by: Profpatsch <mail@profpatsch.de>
Tested-by: BuildkiteCI
2022-02-28 14:32:27 +00:00
Profpatsch
fd519c825f feat(users/Profpatsch): Basic alacritty dhall configuration
Change-Id: I73e91a0abeec013445d0b14867e38637b2a9397f
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5334
Reviewed-by: Profpatsch <mail@profpatsch.de>
Tested-by: BuildkiteCI
2022-02-28 14:32:27 +00:00
Profpatsch
9014804e2c feat(users/Profpatsch): add importDhall
Makes it possible to import a dhall file as a nix expression (at IfD
time), embedding dhall into nix.

There’s some setup for adding dhall dependencies as well, but it
hasn’t been really battle-tested yet.

Change-Id: I3e5670f93c612f2eb530d7c65d6bb4b1bf7bd8bd
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5333
Reviewed-by: Profpatsch <mail@profpatsch.de>
Tested-by: BuildkiteCI
2022-02-28 14:32:27 +00:00
Profpatsch
b4d76836b8 feat(users/Profpatsch): add exactSource
This is a little helper that Graham cobbled together at one point, it
will filter an exact list of files.

Change-Id: Iab786abcd4a7a3cce45a20b2950f103defa91998
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5332
Reviewed-by: Profpatsch <mail@profpatsch.de>
Tested-by: BuildkiteCI
2022-02-28 14:32:27 +00:00
Profpatsch
baecea1cbe feat(users/Profpatsch/nix-home): add findia* aliases
Change-Id: I66d3e69ae2cb4cf56a49c970f59f62fa945dd736
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4840
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
Autosubmit: Profpatsch <mail@profpatsch.de>
2022-02-28 14:32:27 +00:00
Profpatsch
ed68ba6751 feat(users/Profpatsch/netencode): ignore earlier record entries
It turns out that the netencode spec requiring to ignore *later*
entries meant that every parser has to do an extra check for each
element, instead of just overriding the key in the hash map.

This leads to a situation where the simple implementation is the wrong
one, which would lead to very subtle problems in parsers (see also the
infamous “json duplicate record entry” problem which has been used for
various exploits in the past).

To be fair, exploits are still possible, but at least a `Map.fromList`
will be the right implementation (provided it folds from the left) now
instead of the wrong one.

Examples of the trivial implementation being now right:

Python:

    > dict([("foo", 1), ("foo", 2)])
    {'foo': 2}

Rust:

    > println!("{:?}", HashMap::from([
      ("foo", 1),
      ("foo", 2)
    ]));
    {"foo": 2}

Haskell:

    > Data.Map.fromList [ ("foo", 1), ("foo", 2) ]
    fromList [("foo",2)]

Change-Id: Ife9593956f4718e5e720f4f348c227e4f3a71e2d
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5108
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
Reviewed-by: sterni <sternenseemann@systemli.org>
Autosubmit: Profpatsch <mail@profpatsch.de>
2022-02-14 14:12:19 +00:00
Vincent Ambo
3d8ee62087 style(rust): Format all Rust code with rustfmt
Change-Id: Iab7e00cc26a4f9727d3ab98691ef379921a33052
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5240
Tested-by: BuildkiteCI
Reviewed-by: kanepyork <rikingcoding@gmail.com>
Reviewed-by: Profpatsch <mail@profpatsch.de>
Reviewed-by: grfn <grfn@gws.fyi>
Reviewed-by: tazjin <tazjin@tvl.su>
2022-02-08 12:06:39 +00:00
Vincent Ambo
aa122cbae7 style: format entire depot with nixpkgs-fmt
This CL can be used to compare the style of nixpkgs-fmt against other
formatters (nixpkgs, alejandra).

Change-Id: I87c6abff6bcb546b02ead15ad0405f81e01b6d9e
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4397
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: lukegb <lukegb@tvl.fyi>
Reviewed-by: wpcarro <wpcarro@gmail.com>
Reviewed-by: Profpatsch <mail@profpatsch.de>
Reviewed-by: kanepyork <rikingcoding@gmail.com>
Reviewed-by: tazjin <tazjin@tvl.su>
Reviewed-by: cynthia <cynthia@tvl.fyi>
Reviewed-by: edef <edef@edef.eu>
Reviewed-by: eta <tvl@eta.st>
Reviewed-by: grfn <grfn@gws.fyi>
2022-01-31 16:11:53 +00:00
Profpatsch
546251678a fix(users/Profpatsch/blog): fix path check assoc
It would left-associate in some nix version, this way it’s clear that
you want to join a path segment.

Change-Id: I82a00de720187d1faf908c842e396301ea435a97
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4886
Reviewed-by: Profpatsch <mail@profpatsch.de>
Reviewed-by: sterni <sternenseemann@systemli.org>
Autosubmit: Profpatsch <mail@profpatsch.de>
Tested-by: BuildkiteCI
2022-01-16 13:51:19 +00:00
Profpatsch
d64b3e9400 feat(users/Profpatsch/nix-home): set up actual home paths
Now baba can start using it to populate config files from depot.

It’s not entirely working as expected, if stow finds a symlink dir
coming from a different stow, it won’t know how to split it up, so
some manual intervention is required in the beginning.

Change-Id: Ia2271308bf7994ea42e6d7c81c2f3fd94ddf63f3
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4838
Reviewed-by: Profpatsch <mail@profpatsch.de>
Tested-by: BuildkiteCI
2022-01-09 15:38:18 +00:00
Profpatsch
71fe30a87c feat(users/Profpatsch): add ytextr, a sandboxed yt-dlp wrapper
Change-Id: Id0992e5c1f52ac2c95444721c7565a66ef484e2b
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4836
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
2022-01-09 12:52:09 +00:00
Profpatsch
052dea774d feat(users/Profpatsch/nix-home): create gc root on stow
Change-Id: Ifda8273502f6f4bef0739005319ee6993cb328c8
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4835
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
2022-01-09 09:32:01 +00:00
Profpatsch
fed41f4959 feat(users/Profpatsch): set up stow for nix-home
nix-home is (hopefully) gonna be a home-manager alternative for my
home directory.

Files are symlinked into the home directory via GNU stow (since that
is a tried and tested tool), so first step is to set up the base code
for that.

Implements a small tool that reads a single environment variable and
prints it to stdout.

Change-Id: Ifa3fd9f9e1cedc52c3002196d3971b02cb840e80
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4832
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
Autosubmit: Profpatsch <mail@profpatsch.de>
2022-01-09 09:32:01 +00:00
Profpatsch
c1d7714a21 feat(users/Profpatsch): add git-db
WIP: currently just a simple setup that creates an empty git repo if
it doesn’t exist yet, and writes a commit to it.

A simple database backed by a bare git repository.

WIP: Will speak a simple interactive protocol to query files and
update them atomically.

It could be made atomic on the git repo level, if a lock is taken
between reading the current commit ref and creating the commit.

Change-Id: I1fd30a046ac977063c3e08c36d96e835b35ff07d
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3046
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
2021-12-26 16:34:51 +00:00
Vincent Ambo
562236085b style: format all Go code
The code in //users/wpcarro/tools/monzo_ynab/ynab/client.go was not
valid Go and has been commented out.

Change-Id: Icb4003607f30294dcbf60132eb7722702c7f0d84
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4400
Tested-by: BuildkiteCI
Reviewed-by: wpcarro <wpcarro@gmail.com>
Reviewed-by: Profpatsch <mail@profpatsch.de>
2021-12-19 18:05:04 +00:00
Vincent Ambo
4f1249e46f refactor(readTree): Move 'drvTargets' into readTree
This function is also generally useful for readTree consumers that
have the concept of subtargets.

Change-Id: Ic7fc03380dec6953fb288763a28e50ab3624d233
2021-11-23 14:42:08 +00:00
Profpatsch
70d01b201f docs(users/profpatsch/blog): rust string conversions: &str -> &OsStr
Change-Id: I215cd311551d54ce42c71d4e80ea18f9a17d4cf8
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3879
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
2021-11-15 00:31:11 +00:00
Profpatsch
e2fbc10ebd feat(users/Profpatsch/lens): add _ as reverse function application
Change-Id: I0bcd997ea469ff55d2170027184fc5bd10b44e00
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3847
Reviewed-by: Profpatsch <mail@profpatsch.de>
Tested-by: BuildkiteCI
2021-11-13 01:22:58 +00:00
Profpatsch
d08fbd79c7 docs(users/Profpatsch/lens): setter inline arrows
Change-Id: I22bed7bc16b69f94556142cad1079e23f3550bb1
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3846
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
2021-11-13 00:57:28 +00:00
Profpatsch
539884f7ad docs(users/Profpatsch/netencode): fix typo
Change-Id: I7edb9027c0a9eb014931033760be5f3d6e734b8a
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3845
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
2021-11-13 00:57:28 +00:00
Profpatsch
8c6bf623b6 feat(users/Profpatsch/blog: inject css into markdown files
Change-Id: I72bba4bd8aa9a9fccab1fd3d618cfcfa7e0507c5
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3844
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
2021-11-13 00:57:28 +00:00
Profpatsch
850dcf615b feat(users/Profpatsch/lens): lens library for nix
Profunctor lenses for nix.

Implemented Profunctor and Strong instances for `(->)`,
and some simple setters.
Next step would be getters, which will need the `Forget` profunctor.

Fairly straightforward implementation of
https://github.com/purescript-contrib/purescript-profunctor-lenses
(with all the types erased and instance dicts passed manually).

```
> :p set (optic [_2 (field "foo") _1]) 42 (tuple 1 { foo = (tuple 1 2); })
{ fst = 1; snd = { foo = { fst = 42; snd = 2; }; }; }
```

Change-Id: Iad145523d1c035187b8b2db9302b840c282d427a
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3295
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
2021-11-13 00:57:28 +00:00
Profpatsch
b48c5c4976 feat(users/Profpatsch/blog): Add posts section
A new section for my awesome website.

Migrates an old blogpost from the github repository.

Change-Id: I5fd0c2b2679a1367015fa098e3e787bbc0cdd973
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3293
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
2021-11-13 00:57:28 +00:00
Profpatsch
81e39b51cd feat(users/Profpatsch/blog): Add projects section
A new section for my awesome website.

Change-Id: I6c624aa0bfaf82aff943431da7499bec1d842c67
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3291
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
2021-11-13 00:57:28 +00:00
Profpatsch
d4f4b0f6d4 docs(users/Profpatsch/blog): document symbols
… and clean up the import list a little.

Change-Id: I7a116e9bbf01731267795b5327fecf98f0c7c3e4
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3286
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
2021-11-13 00:57:28 +00:00
Profpatsch
2835e5ec7e docs(users/Profpatsch/lib): move split-stdin to lib & document
Change-Id: I39e81ed766cb209ded5309ea962a59a6f1c811c9
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3285
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
2021-11-13 00:57:28 +00:00
Profpatsch
4e2879282d chore(users/Profpatsch/blog): me -> depot.users.Profpatsch
Change-Id: I72e38ce4cef109df197eccedac8e67ec423d4996
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3284
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
2021-11-13 00:57:28 +00:00
Profpatsch
dfdb6d8e15 chore(users/Profpatsch): move cdbListToNetencode out of the blog
It’s a small tool that I’ve used before but not anymore, but since it
has a few helpers for dealing with cdb stuff, I’m gonna keep it around
for now I guess.

Change-Id: I83c62fa2194113d021414708b0906350b3f2a222
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3283
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
2021-11-13 00:57:28 +00:00
Profpatsch
33e56abcf2 fix(users/Profpatsch/blog): notes toplevel rendering
The rendering of the notes/ template was done in a very roundabout way
through the routing table before. Now it’s constructed directly.

Change-Id: Iaa6157cc3f9a7e5e0ad81ab843efa988995666b2
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3282
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
2021-11-13 00:57:28 +00:00
Profpatsch
1c8e55b60c docs(users/Profpatsch/netencode): some docstrings
Change-Id: I447113d408cf51f1ed9f9d7571b2229e166e7680
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3281
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
2021-11-13 00:57:28 +00:00
Profpatsch
d41caf2dd6 feat(users/Profpatsch/netstring): add nix toNetstring* functions
We can easily construct netstrings from nix strings, which is super
helpful to inject proper structured data into execline scripts.

Change-Id: Ie8bffed285896223db83652eaea868ece43592b9
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3265
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
2021-11-13 00:57:28 +00:00
Profpatsch
28bed07694 feat(users/Profpatsch): add atomically-write
A little shell script to atomically write stdout to a file.

Change-Id: Icca58909c9ad3f92d69af2f5e20c08d69878a77c
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3264
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
2021-11-13 00:57:28 +00:00
Profpatsch
f25e930ec7 feat(users/Profpatsch): add reverse-haskell-deps
Dis is dumb

Change-Id: If09300eedff7227ed452dcec7a8e80c7ffb24757
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3231
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
2021-08-01 16:40:35 +00:00
Profpatsch
952afb7da9 feat(tools): add rust-crates-advisory
We have a bunch of crates in `third_party/rust-crates`; it would be
great if we could check them for existing CVEs.

This tool does that, it takes the rust security advisory database,
parses the applicable CVEs, and cross-checks them against the actual
crate versions we list in our package database.

The dumb parser we wrote is tested against all entries in the
database, so we will notice when upstream breaks their shit.
Checking the semver stuff is easy enough with the semver crate.

If an advisory matches, it prints the whole thing and fails the build.

Change-Id: I9e912c43d37a685d9d7a4424defc467a171ea3c4
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2818
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Reviewed-by: sterni <sternenseemann@systemli.org>
2021-05-17 23:00:57 +00:00
Profpatsch
72924facae fix(nix/writers/rust): remove args override
We can be closed world, so let’s restrict the arguments to the subset
we need for now.

The existing override was wrong, in that `// args` would use the
arguments we already added, again. So instead of deliberating about
how to make this work right in all cases, we don’t need it, we trim
it.

Change-Id: I6443a0808b8bfd5e4db939b669c6afc741954db8
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3057
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
2021-05-17 23:00:57 +00:00