nixpkgs/nixos
Profpatsch 0e444785a1 installer/tools/get-version-suffix: set --git-dir
The `nixos-rebuild` tool calls `get-version-suffix` to figure out the
git revision of the nixpkgs directory if there is a .git.

https://nvd.nist.gov/vuln/detail/CVE-2022-24765 made git throw an
error if the .git search logic is not turned off and a user
tries to access a `.git` directory they don’t own (otherwise a
different user could trick them into setting arbitrary git config).

So from now on we should always explicitely set `--git-dir`, which
turns this search logic (and thus the security check) off.
2022-06-27 14:28:03 +02:00
..
doc Merge pull request #178841 from Madouura/dev/zfs 2022-06-27 10:12:02 +07:00
lib Merge pull request #174460 from hercules-ci/module-docs-Nix-driven-location-links 2022-06-22 15:48:46 +02:00
maintainers maintainers/create-amis.sh: Add more AWS regions 2022-05-17 10:20:30 +01:00
modules installer/tools/get-version-suffix: set --git-dir 2022-06-27 14:28:03 +02:00
tests Merge pull request #179235 from alyssais/virtualbox-test 2022-06-27 14:53:25 +07:00
COPYING
default.nix
README
release-combined.nix nixos/release: add podman, oci-containers.podman to tested 2022-05-03 19:42:33 +10:00
release-small.nix
release.nix nixos/release.nix: expose a kexec.$system attribute 2022-06-09 20:00:26 +02:00

*** NixOS ***

NixOS is a Linux distribution based on the purely functional package
management system Nix.  More information can be found at
https://nixos.org/nixos and in the manual in doc/manual.