Merge pull request #5250 from edolstra/censor-flake-lock
Disallow reading flake.lock
This commit is contained in:
commit
2c751c0c00
1 changed files with 5 additions and 0 deletions
|
@ -1412,6 +1412,11 @@ static void prim_readFile(EvalState & state, const Pos & pos, Value * * args, Va
|
|||
{
|
||||
PathSet context;
|
||||
Path path = state.coerceToPath(pos, *args[0], context);
|
||||
if (baseNameOf(path) == "flake.lock")
|
||||
throw Error({
|
||||
.msg = hintfmt("cannot read '%s' because flake lock files can be out of sync", path),
|
||||
.errPos = pos
|
||||
});
|
||||
try {
|
||||
state.realiseContext(context);
|
||||
} catch (InvalidPathError & e) {
|
||||
|
|
Loading…
Reference in a new issue