diff --git a/doc/stdenv/meta.chapter.md b/doc/stdenv/meta.chapter.md index 475006b1259b6..639ff572bd035 100644 --- a/doc/stdenv/meta.chapter.md +++ b/doc/stdenv/meta.chapter.md @@ -258,14 +258,10 @@ If a package contains elements that are not built from the original source by a Adding this information helps users who have needs related to build transparency and supply-chain security to gain some visibility into their installed software or set policy to allow or disallow installation based on source provenance. -The presence of a particular `sourceType` in a package's `meta.sourceProvenance` list indicates that the package contains some components falling into that category, though the *absence* of that `sourceType` does not *guarantee* the absence of that category of `sourceType` in the package's contents. A package with no `meta.sourceProvenance` set implies it has no *known* `sourceType`s other than `fromSource`. +The presence of a particular `sourceType` in a package's `meta.sourceProvenance` list indicates that the package contains some components falling into that category, though the *absence* of that `sourceType` does not *guarantee* the absence of that category of `sourceType` in the package's contents. A package with no `meta.sourceProvenance` set implies it has no *known* components with any of the `sourceTypes` below. The meaning of the `meta.sourceProvenance` attribute does not depend on the value of the `meta.license` attribute. -### `lib.sourceTypes.fromSource` {#lib.sourceTypes.fromSource} - -Package elements which are produced by a nixpkgs derivation which builds them from source code. - ### `lib.sourceTypes.binaryNativeCode` {#lib.sourceTypes.binaryNativeCode} Native code to be executed on the target system's CPU, built by a third party. This includes packages which wrap a downloaded AppImage or Debian package. diff --git a/lib/source-types.nix b/lib/source-types.nix index c4f263dcf4643..c119fc9cbb829 100644 --- a/lib/source-types.nix +++ b/lib/source-types.nix @@ -3,14 +3,9 @@ let defaultSourceType = tname: { shortName = tname; - isSource = false; }; in lib.mapAttrs (tname: tset: defaultSourceType tname // tset) { - fromSource = { - isSource = true; - }; - binaryNativeCode = {}; binaryBytecode = {}; diff --git a/pkgs/stdenv/generic/check-meta.nix b/pkgs/stdenv/generic/check-meta.nix index 4e5db210637a6..747f8ac098c04 100644 --- a/pkgs/stdenv/generic/check-meta.nix +++ b/pkgs/stdenv/generic/check-meta.nix @@ -89,8 +89,7 @@ let allowInsecurePredicate attrs || builtins.getEnv "NIXPKGS_ALLOW_INSECURE" == "1"; - - isNonSource = sourceTypes: lib.lists.any (t: !t.isSource) sourceTypes; + isNonSource = sourceTypes: sourceTypes != []; hasNonSourceProvenance = attrs: (attrs ? meta.sourceProvenance) && @@ -101,7 +100,7 @@ let # {pkgs, ...}: # { # allowNonSource = false; - # allowNonSourcePredicate = with lib.lists; pkg: !(any (p: !p.isSource && p!=lib.sourceTypes.binaryFirmware) (toList pkg.meta.sourceProvenance)); + # allowNonSourcePredicate = with lib.lists; pkg: any (p: p!=lib.sourceTypes.binaryFirmware) (toList pkg.meta.sourceProvenance); # } allowNonSourcePredicate = config.allowNonSourcePredicate or (x: false);