diff --git a/CHANGELOG.md b/CHANGELOG.md index 3b637e6e..b0d39abe 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -236,6 +236,8 @@ - *(static)* Update build configs - ([3ab0dda](https://github.com/JayRovacsek/nix-config/commit/3ab0ddaa8eb135235b02bf9988379926476bead2)) - *(tooling)* Add scopes to conform configuration - ([99a07f5](https://github.com/JayRovacsek/nix-config/commit/99a07f59513cfd6824a8d21875d4c8f95356f88d)) +- Add zsh as user shell - ([dd6f4fd](https://github.com/JayRovacsek/nix-config/commit/dd6f4fdd605474c2bf221109f3256903c90fba68)) + - Remove system level zsh - ([b3a0f0b](https://github.com/JayRovacsek/nix-config/commit/b3a0f0b68b422d266f45ea76bd98f355d0d21b68)) - Resolve eval issues - ([54773ee](https://github.com/JayRovacsek/nix-config/commit/54773eeeed0ba9e5bd530a78916e3c327479bb7d)) diff --git a/flake.lock b/flake.lock index 63684bd1..9fffaad6 100644 --- a/flake.lock +++ b/flake.lock @@ -121,11 +121,11 @@ }, "bleeding-edge": { "locked": { - "lastModified": 1728336163, - "narHash": "sha256-rISnMC117SHUI19jwOyoBpeH1lg0JkNUwDS2khhEXzc=", + "lastModified": 1727909070, + "narHash": "sha256-Rbpd5w1rYli5eSjedKaGRDkcIsIInhuqBYniuhJGQ40=", "owner": "nixos", "repo": "nixpkgs", - "rev": "df8a060c473cf49d3d3b0480f892ffcbea7bba41", + "rev": "3569a56280e8afba7c10f9171dac71ff882ff1c1", "type": "github" }, "original": { @@ -173,11 +173,11 @@ "nixpkgs": ["nixpkgs"] }, "locked": { - "lastModified": 1728330715, - "narHash": "sha256-xRJ2nPOXb//u1jaBnDP56M7v5ldavjbtR6lfGqSvcKg=", + "lastModified": 1722113426, + "narHash": "sha256-Yo/3loq572A8Su6aY5GP56knpuKYRvM2a1meP9oJZCw=", "owner": "numtide", "repo": "devshell", - "rev": "dd6b80932022cea34a019e2bb32f6fa9e494dfef", + "rev": "67cce7359e4cd3c45296fb4aaf6a19e2a9c757ae", "type": "github" }, "original": { @@ -191,11 +191,11 @@ "nixpkgs": ["nixpkgs"] }, "locked": { - "lastModified": 1728334376, - "narHash": "sha256-CTKEKPzD/j8FK6H4DO3EjyixZd3HHvgAgfnCwpGFP5c=", + "lastModified": 1727872461, + "narHash": "sha256-4Pw3fVhN6xey5+2gUBm9nQJAjBqivffr+a5ZsXYjzJ8=", "owner": "nix-community", "repo": "disko", - "rev": "d39ee334984fcdae6244f5a8e6ab857479cbaefe", + "rev": "568727a884ae7cd9f266bd19aea655def8cafd78", "type": "github" }, "original": { @@ -209,11 +209,11 @@ "nixpkgs": ["nixpkgs"] }, "locked": { - "lastModified": 1728262669, - "narHash": "sha256-NvRB9cZLOBXa++7AOp5TB9orwLLT1g1XDB7DnGB9TtM=", + "lastModified": 1727830562, + "narHash": "sha256-Pqh/Y1qPzTyJPGniSU2E5nAqNMIU5ijOgLUqQZX4ono=", "owner": "bandithedoge", "repo": "nixpkgs-firefox-darwin", - "rev": "9d057bf04e8845f60aa27d0cd55984f6908a109f", + "rev": "554716216b8d33c6192939d01ee1f43bed49f584", "type": "github" }, "original": { @@ -271,21 +271,6 @@ "type": "github" } }, - "flake-schemas": { - "locked": { - "lastModified": 1721999734, - "narHash": "sha256-G5CxYeJVm4lcEtaO87LKzOsVnWeTcHGKbKxNamNWgOw=", - "owner": "DeterminateSystems", - "repo": "flake-schemas", - "rev": "0a5c42297d870156d9c57d8f99e476b738dcd982", - "type": "github" - }, - "original": { - "owner": "DeterminateSystems", - "repo": "flake-schemas", - "type": "github" - } - }, "flake-utils": { "inputs": { "systems": ["systems"] @@ -343,11 +328,11 @@ "nixpkgs-stable": ["stable"] }, "locked": { - "lastModified": 1728092656, - "narHash": "sha256-eMeCTJZ5xBeQ0f9Os7K8DThNVSo9gy4umZLDfF5q6OM=", + "lastModified": 1727854478, + "narHash": "sha256-/odH2nUMAwkMgOS2nG2z0exLQNJS4S2LfMW0teqU7co=", "owner": "cachix", "repo": "git-hooks.nix", - "rev": "1211305a5b237771e13fcca0c51e60ad47326a9a", + "rev": "5f58871c9657b5fc0a7f65670fe2ba99c26c1d79", "type": "github" }, "original": { @@ -396,11 +381,11 @@ "nixpkgs": ["nixpkgs"] }, "locked": { - "lastModified": 1728337164, - "narHash": "sha256-VdRTjJFyq4Q9U7Z/UoC2Q5jK8vSo6E86lHc2OanXtvc=", + "lastModified": 1727817100, + "narHash": "sha256-dlyV9/eiWkm/Y/t2+k4CFZ29tBvCANmJogEYaHeAOTw=", "owner": "nix-community", "repo": "home-manager", - "rev": "038630363e7de57c36c417fd2f5d7c14773403e4", + "rev": "437ec62009fa8ceb684eb447d455ffba25911cf9", "type": "github" }, "original": { @@ -472,11 +457,11 @@ "nixpkgs-lib": ["nixpkgs"] }, "locked": { - "lastModified": 1728216729, - "narHash": "sha256-HsisE2yMld0LckvQ3v/00bXFg11E5Q2XI8taPUewDPA=", + "lastModified": 1727710043, + "narHash": "sha256-NpTnTg8oOVvntlTi/t8BUe5msrMmkiZFiOW22fc7B+g=", "owner": "nix-community", "repo": "lib-aggregate", - "rev": "6c4cf448d33ce86bcc06c6d50bcecc33666105ee", + "rev": "d03a5f88a345d26ca13918071d42dcc960233183", "type": "github" }, "original": { @@ -573,11 +558,11 @@ "nixpkgs": ["nixpkgs"] }, "locked": { - "lastModified": 1727999297, - "narHash": "sha256-LTJuQPCsSItZ/8TieFeP30iY+uaLoD0mT0tAj1gLeyQ=", + "lastModified": 1727707210, + "narHash": "sha256-8XZp5XO2FC6INZEZ2WlwErtvFVpl45ACn8CJ2hfTA0Y=", "owner": "lnl7", "repo": "nix-darwin", - "rev": "8c8388ade72e58efdeae71b4cbb79e872c23a56b", + "rev": "f61d5f2051a387a15817007220e9fb3bbead57b3", "type": "github" }, "original": { @@ -595,11 +580,11 @@ "treefmt-nix": ["treefmt-nix"] }, "locked": { - "lastModified": 1727953523, - "narHash": "sha256-cT8fN56OHCqTajmj2JwDL5uhTIEFvVSnBRvypXfZ9f4=", + "lastModified": 1727739181, + "narHash": "sha256-eAj9tUieMA3L6MSd52jyrBfygAgxmADdr4fq3IhnTLo=", "owner": "nix-community", "repo": "nix-eval-jobs", - "rev": "7ae693d28c5922533ce86f348ddb6709a2beffbf", + "rev": "b07a613e07beb57cc06c86d313e6761bc255f38c", "type": "github" }, "original": { @@ -703,11 +688,11 @@ }, "nixlib": { "locked": { - "lastModified": 1728176478, - "narHash": "sha256-px3Q0W//c+mZ4kPMXq4poztsjtXM1Ja1rN+825YMDUQ=", + "lastModified": 1727571693, + "narHash": "sha256-b7sFVeqMtz8xntCL3tBY3O8suTg5PeF53LTL3eCcKyc=", "owner": "nix-community", "repo": "nixpkgs.lib", - "rev": "b61309c3c1b6013d36299bc8285612865b3b9e4c", + "rev": "bb58a3bf239e03fca9d51062e2fe028a4ea5a3d1", "type": "github" }, "original": { @@ -722,11 +707,11 @@ "nixpkgs": ["nixpkgs"] }, "locked": { - "lastModified": 1728308313, - "narHash": "sha256-GThSJ4OcPOOtf8j8ge7ik4141BHVbBALu0N7Ju+Nw18=", + "lastModified": 1727702862, + "narHash": "sha256-4ai7yRN8b2i43gNTAXfAuOw/uIzGqMLON1IXtIRrwOM=", "owner": "nix-community", "repo": "nixos-generators", - "rev": "71f9c8bcc87f15dba12515e94e40de243b5db103", + "rev": "f7eb021d9dfd61f0e0075e483f3579c6f8453bb3", "type": "github" }, "original": { @@ -737,11 +722,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1728269138, - "narHash": "sha256-oKxDImsOvgUZMY4NwXVyUc/c1HiU2qInX+b5BU0yXls=", + "lastModified": 1727665282, + "narHash": "sha256-oKtfbQB1MBypqIyzkC8QCQcVGOa1soaXaGgcBIoh14o=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "ecfcd787f373f43307d764762e139a7cdeb9c22b", + "rev": "11c43c830e533dad1be527ecce379fcf994fbbb5", "type": "github" }, "original": { @@ -774,11 +759,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1728249353, - "narHash": "sha256-7NBJm1jfMeAowE1J2oljYqWVvI9X7FyyxBY4O8uB/Os=", + "lastModified": 1727811607, + "narHash": "sha256-2ByOBflaIUJKeF9q6efVcYHljZXGZ7MnCWtseRvmpm8=", "owner": "nixos", "repo": "nixpkgs", - "rev": "c8a17040be4a20b29589cb4043a9e0c36af1930e", + "rev": "1839883cd0068572aed75fb9442b508bbd9ef09c", "type": "github" }, "original": { @@ -824,11 +809,11 @@ "nixpkgs": ["nixpkgs"] }, "locked": { - "lastModified": 1728219351, - "narHash": "sha256-FVXtRvS0IJCvIadkz/ULFKKceNY/d6hhcNZO73E51/A=", + "lastModified": 1727812556, + "narHash": "sha256-U9cEs2W0eLvIS0kEMBGP8eZMdrpoHqynByth/mu2Nvc=", "owner": "nix-community", "repo": "nixpkgs-wayland", - "rev": "9463b5d319bc79665db902a1007d1846d4218f62", + "rev": "a40e6b047b6166aed5fab801e99a8d6b980d4680", "type": "github" }, "original": { @@ -850,11 +835,11 @@ "treefmt-nix": ["treefmt-nix"] }, "locked": { - "lastModified": 1728336850, - "narHash": "sha256-2RcPY41+UopyGwrPmsAFJC6CCobuuz4sNemC5cMb5GY=", + "lastModified": 1727871072, + "narHash": "sha256-t+YLQwBB1soQnVjT6d7nQq4Tidaw7tpB8i6Zvpc+Zbs=", "owner": "nix-community", "repo": "nixvim", - "rev": "abc7f450adc3b12d66c451972b1876d5194644bb", + "rev": "0ca98d02104f7f0a703787a7a080a570b7f1bedd", "type": "github" }, "original": { @@ -865,11 +850,11 @@ }, "nur": { "locked": { - "lastModified": 1728337514, - "narHash": "sha256-zP4nAUaZUA07Ao9pqvpSzhQ1QKUJ+dig468bLukahsg=", + "lastModified": 1727908773, + "narHash": "sha256-HooWlKtBqLXFmtjYECCmybm6WAITyjTbE0WFeK0YFS4=", "owner": "nix-community", "repo": "NUR", - "rev": "de0a8a6deff95923791acc00cf76f90003de627d", + "rev": "1a6583200877cbbc9b64a5cd2b1fc9b93553ec65", "type": "github" }, "original": { @@ -884,11 +869,11 @@ "nixpkgs": ["nixpkgs"] }, "locked": { - "lastModified": 1728335476, - "narHash": "sha256-be/noaRSTdgjk1bbu2ofbEC3Tr5nDCsUttn+mwfDdpc=", + "lastModified": 1727599661, + "narHash": "sha256-0R+1ih0Rfqrz/lcduvpNSnUw3uthUHiaGh0aWPyIqeQ=", "owner": "NuschtOS", "repo": "search", - "rev": "2865c073858af03bc015ea045d2fd496d3f8b574", + "rev": "c3c3928b8de7d300c34e9d90fdc19febd1a32062", "type": "github" }, "original": { @@ -907,7 +892,6 @@ "flake-compat": "flake-compat", "flake-parts": "flake-parts", "flake-root": "flake-root", - "flake-schemas": "flake-schemas", "flake-utils": "flake-utils", "git-hooks": "git-hooks", "gitignore": "gitignore", @@ -936,6 +920,7 @@ "nuschtosSearch": "nuschtosSearch", "rust-overlay": "rust-overlay", "sandro-nixos-modules": "sandro-nixos-modules", + "sbomnix": "sbomnix", "stable": "stable", "stylix": "stylix", "systems": "systems", @@ -948,11 +933,11 @@ "nixpkgs": ["nixpkgs"] }, "locked": { - "lastModified": 1728268235, - "narHash": "sha256-lJMFnMO4maJuNO6PQ5fZesrTmglze3UFTTBuKGwR1Nw=", + "lastModified": 1727836133, + "narHash": "sha256-JE0zciM5IGWvK8J/pE2VldNBf7oyMH5WrU8tZArefbg=", "owner": "oxalica", "repo": "rust-overlay", - "rev": "25685cc2c7054efc31351c172ae77b21814f2d42", + "rev": "02321540b0c8000b36889b1b974d1fec585b25a4", "type": "github" }, "original": { @@ -968,11 +953,11 @@ "search": "search" }, "locked": { - "lastModified": 1728328232, - "narHash": "sha256-A1C9vQL6G/SPb1gRBBEffaSnYUmLCdXsnjun5QD5r2Y=", + "lastModified": 1727853178, + "narHash": "sha256-7T3y5BwRhEfsmrFm8HuZknqs/ZxLk3ZmoOD8YFKO5aE=", "owner": "SuperSandro2000", "repo": "nixos-modules", - "rev": "5283720988f2af2839cf8a80379d36d417e8a02f", + "rev": "b1747bbf72f08dae218766cf3ac5852dd15e8ebf", "type": "github" }, "original": { @@ -981,17 +966,39 @@ "type": "github" } }, + "sbomnix": { + "inputs": { + "flake-compat": ["flake-compat"], + "flake-parts": ["flake-parts"], + "flake-root": ["flake-root"], + "nixpkgs": ["nixpkgs"], + "treefmt-nix": ["treefmt-nix"] + }, + "locked": { + "lastModified": 1728364154, + "narHash": "sha256-Qsn6TM1DUgz4EJiDXu1uo3WVQO6SFH/SsQrGGccChrU=", + "owner": "tiiuae", + "repo": "sbomnix", + "rev": "2e910af78378b1d87c3af6eb8aeeefd3c6684bf9", + "type": "github" + }, + "original": { + "owner": "tiiuae", + "repo": "sbomnix", + "type": "github" + } + }, "search": { "inputs": { "flake-utils": ["sandro-nixos-modules", "flake-utils"], "nixpkgs": ["sandro-nixos-modules", "nixpkgs"] }, "locked": { - "lastModified": 1728017046, - "narHash": "sha256-ofWYux/uUAv8wq7sWw8XWke0sh8p4qYxSOn8d+EaJ8c=", + "lastModified": 1727452028, + "narHash": "sha256-ehl/A4HQFRyqj1Fk7cl+dgSf/2Fb1jLwWJtZaMU6RfU=", "owner": "nuschtos", "repo": "search", - "rev": "ba81d9c1eae20fc3a1cd066062a05ac2e799e629", + "rev": "9f7426e532ef8dfc839c4a3fcc567b13a20a70d3", "type": "github" }, "original": { @@ -1018,11 +1025,11 @@ }, "stable": { "locked": { - "lastModified": 1728328465, - "narHash": "sha256-a0a0M1TmXMK34y3M0cugsmpJ4FJPT/xsblhpiiX1CXo=", + "lastModified": 1727907660, + "narHash": "sha256-QftbyPoieM5M50WKUMzQmWtBWib/ZJbHo7mhj5riQec=", "owner": "nixos", "repo": "nixpkgs", - "rev": "1bfbbbe5bbf888d675397c66bfdb275d0b99361c", + "rev": "5966581aa04be7eff830b9e1457d56dc70a0b798", "type": "github" }, "original": { @@ -1049,11 +1056,11 @@ "tinted-tmux": "tinted-tmux" }, "locked": { - "lastModified": 1728312564, - "narHash": "sha256-z01cTK5VeLFOUekhAXrJHLDzE74uAxxMwE2p6+Wp9Sg=", + "lastModified": 1727723275, + "narHash": "sha256-k4HrG8TJQ0RqDS1tlDz71kvWFBNQ7qZI9T5Z0qLR85Y=", "owner": "danth", "repo": "stylix", - "rev": "63426a59e714c4389c5a8e559dee05a0087a3043", + "rev": "e7e97059776da7e34b739415a7bc8f80f606b803", "type": "github" }, "original": { @@ -1167,11 +1174,11 @@ "nixpkgs": ["nixpkgs"] }, "locked": { - "lastModified": 1727984844, - "narHash": "sha256-xpRqITAoD8rHlXQafYZOLvUXCF6cnZkPfoq67ThN0Hc=", + "lastModified": 1727431250, + "narHash": "sha256-uGRlRT47ecicF9iLD1G3g43jn2e+b5KaMptb59LHnvM=", "owner": "numtide", "repo": "treefmt-nix", - "rev": "4446c7a6fc0775df028c5a3f6727945ba8400e64", + "rev": "879b29ae9a0378904fbbefe0dadaed43c8905754", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index e90774a2..2205f675 100644 --- a/flake.nix +++ b/flake.nix @@ -46,8 +46,6 @@ flake-root.url = "github:srid/flake-root"; - flake-schemas.url = "github:DeterminateSystems/flake-schemas"; - flake-utils = { inputs.systems.follows = "systems"; url = "github:numtide/flake-utils"; @@ -249,6 +247,17 @@ url = "github:SuperSandro2000/nixos-modules"; }; + sbomnix = { + inputs = { + flake-compat.follows = "flake-compat"; + flake-parts.follows = "flake-parts"; + flake-root.follows = "flake-root"; + nixpkgs.follows = "nixpkgs"; + treefmt-nix.follows = "treefmt-nix"; + }; + url = "github:tiiuae/sbomnix"; + }; + # Software bill of materials package stylix = { inputs = { @@ -376,8 +385,6 @@ # Overlays for when stuff really doesn't fit in the round hole overlays = import ./overlays { inherit self; }; - schemas = (import ./schemas) // self.inputs.flake-schemas.schemas; - # System configurations nixosConfigurations = import ./linux { inherit self; }; darwinConfigurations = import ./darwin { inherit self; }; diff --git a/lib/generate-sbom.nix b/lib/generate-sbom.nix deleted file mode 100644 index 305c001c..00000000 --- a/lib/generate-sbom.nix +++ /dev/null @@ -1,154 +0,0 @@ -{ self }: -let - inherit (self.inputs.stable) lib; - # https://github.com/spdx/spdx-spec/blob/386ce342a28f12d31b77a549261857eda16f9304/schemas/spdx-schema.json#L111 - generateExtractedLicensingInfos = - license: - if (builtins.typeOf license) == "list" then - builtins.map (_x: generateExtractedLicensingInfos) license - else - let - inherit (license) fullName shortName; - url = if builtins.hasAttr "url" license then license.url else "NA"; - in - [ - { - # https://github.com/spdx/spdx-spec/blob/386ce342a28f12d31b77a549261857eda16f9304/schemas/spdx-schema.json#L120 - crossRefs = lib.optional (builtins.hasAttr "url" license) [ - { - # https://github.com/spdx/spdx-spec/blob/386ce342a28f12d31b77a549261857eda16f9304/schemas/spdx-schema.json#L126 - isLive = true; - inherit (license) url; - } - ]; - # https://github.com/spdx/spdx-spec/blob/386ce342a28f12d31b77a549261857eda16f9304/schemas/spdx-schema.json#L160 - # We will not parse the detail from derevation content to avoid - # adding a lot of processing time to this function. As nix derivations - # require and/or have a default applied, we can utilise this with confidence. - extractedText = fullName; - # https://github.com/spdx/spdx-spec/blob/386ce342a28f12d31b77a549261857eda16f9304/schemas/spdx-schema.json#L164 - licenseId = shortName; - # https://github.com/spdx/spdx-spec/blob/386ce342a28f12d31b77a549261857eda16f9304/schemas/spdx-schema.json#L168 - name = fullName; - # https://github.com/spdx/spdx-spec/blob/386ce342a28f12d31b77a549261857eda16f9304/schemas/spdx-schema.json#L172 - seeAlsos = lib.optional (builtins.hasAttr "url" license) license.url; - } - ]; - - generateLicenseExpression = - drv: - if (builtins.typeOf drv.meta.license) == "list" then - (builtins.concatStringsSep ", " (builtins.map (x: x.fullName) drv.meta.license)) - else - drv.meta.license.fullName; - - # Recursive function to generate the SBOM for a derivation and its dependencies - generateSbom = - drv: - let - # Generate the SPDX license expression for the derivation - license = - if builtins.hasAttr "license" drv.meta then - generateLicenseExpression drv.meta.license - else - builtins.getAttr "meta" drv.meta.license; - - # Get the derivation's dependencies and their SBOMs - - # DEPENDENCY_OF / BUILD_DEPENDENCY_OF - dependencies = - drv.buildInputs ++ drv.propagatedBuildInputs ++ drv.propagatedNativeBuildInputs; - - generatePackages = builtins.map (drv: { - SPDXID = packageName drv; - checksums = [ - { - algorithm = "NIX"; - # /nix/store/b04fryh003f8amrjcs5fv7i3jldr1vja-ripgrep-13.0.0 - checksumValue = generateNixChecksum drv; - } - ]; - copyrightText = generateLicenseExpression drv; - }); - - packages = generatePackages dependencies; - - # https://github.com/spdx/spdx-spec/blob/386ce342a28f12d31b77a549261857eda16f9304/schemas/spdx-schema.json#L730 - # [ "VARIANT_OF", "COPY_OF", "PATCH_FOR", "TEST_DEPENDENCY_OF", "CONTAINED_BY", "DATA_FILE_OF", "OPTIONAL_COMPONENT_OF", "ANCESTOR_OF", "GENERATES", "CONTAINS", "OPTIONAL_DEPENDENCY_OF", "FILE_ADDED", "REQUIREMENT_DESCRIPTION_FOR", "DEV_DEPENDENCY_OF", "DEPENDENCY_OF", "BUILD_DEPENDENCY_OF", "DESCRIBES", "PREREQUISITE_FOR", "HAS_PREREQUISITE", "PROVIDED_DEPENDENCY_OF", "DYNAMIC_LINK", "DESCRIBED_BY", "METAFILE_OF", "DEPENDENCY_MANIFEST_OF", "PATCH_APPLIED", "RUNTIME_DEPENDENCY_OF", "TEST_OF", "TEST_TOOL_OF", "DEPENDS_ON", "SPECIFICATION_FOR", "FILE_MODIFIED", "DISTRIBUTION_ARTIFACT", "AMENDS", "DOCUMENTATION_OF", "GENERATED_FROM", "STATIC_LINK", "OTHER", "BUILD_TOOL_OF", "TEST_CASE_OF", "PACKAGE_OF", "DESCENDANT_OF", "FILE_DELETED", "EXPANDED_FROM_ARCHIVE", "DEV_TOOL_OF", "EXAMPLE_OF" ] - - # Combine the dependencies into a list - - packageName = - drv: - if builtins.hasAttr "name" drv then - drv.name - else if builtins.hasAttr "pname" drv then - drv.pname - else - drv.outPath; - - spdxVersion = "SPDX 2.3"; - # // SPDX 2.3 - - # https://github.com/spdx/spdx-spec/blob/386ce342a28f12d31b77a549261857eda16f9304/schemas/spdx-schema.json#L42 - - # Pls no :sadpanda: - generateNixChecksum = - drv: - builtins.head ( - builtins.filter (x: (builtins.stringLength x) == 32) ( - builtins.filter (x: (builtins.typeOf x) != "list") ( - builtins.split "[/-]" drv.outPath - ) - ) - ); - - # https://github.com/spdx/spdx-spec/blob/386ce342a28f12d31b77a549261857eda16f9304/schemas/spdx-schema.json#L74 - - SPDXID = packageName drv; - dataLicense = "CC0-1.0"; - documentComment = "Generated by Nix SPDX generator"; - - hasExtractedLicensingInfos = generateExtractedLicensingInfos drv.meta.license; - - name = "${packageName drv}-${drv.version}"; - - # Generate the SPDX document for the derivation - spdxDocument = { - inherit - SPDXID - dataLicense - documentComment - hasExtractedLicensingInfos - spdxVersion - name - packages - ; - - # Packages = [{ - # inherit packageName packageDownloadLocation; - # packageVersion = drv.version; - # packageChecksum = drv.meta.sha256 or ""; - # packageLicenseDeclared = spdxLicense; - # packageLicenseConcluded = spdxLicense; - # packageLicenseInfoFromFiles = [ ]; - # packageLicenseComments = ""; - # packageFilesAnalyzed = false; - # packageVerificationCode = ""; - # packageSupplier = ""; - # packageOriginator = ""; - # packageSourceInfo = ""; - # packageChecksumAlgorithm = "SHA256"; - # packageHomePage = drv.meta.homepage or ""; - # packageSummary = drv.meta.description or ""; - # packageDescription = drv.meta.description or ""; - # packageComment = ""; - # packageAttributionText = ""; - # externalRefs = [ ]; - # relationships = depList; - # }]; - }; - in - spdxDocument; -in -generateSbom diff --git a/modules/hydra/default.nix b/modules/hydra/default.nix index 3d539fe2..86c1a55c 100644 --- a/modules/hydra/default.nix +++ b/modules/hydra/default.nix @@ -27,7 +27,6 @@ let "github:cachix/git-hooks.nix" "github:chriskempson/base16-vim" "github:danth/stylix" - "github:DeterminateSystems/flake-schemas" "github:edolstra/flake-compat" "github:GNOME/gnome-shell" "github:hercules-ci/flake-parts" diff --git a/schemas/default.nix b/schemas/default.nix deleted file mode 100644 index e33c8f00..00000000 --- a/schemas/default.nix +++ /dev/null @@ -1,66 +0,0 @@ -{ - common = { - version = 1; - doc = "The `common` flake output defines common values across other flake outputs."; - inventory = - output: - let - recurse = attrs: { - children = builtins.mapAttrs ( - name: value: - if builtins.isFunction value then - { - # Tell `nix flake show` what this is. - what = "function"; - # Make `nix flake check` enforce our naming convention. - evalChecks.kebab-case = builtins.match "[a-z0-9\\-]+" name == [ ]; - } - else if builtins.isList value then - { - what = "array"; - # Ensure exposed arrays within this space are not empty - # (otherwise they're redundant) - evalChecks.not-empty = (builtins.length value) != 0; - } - else if builtins.isString value then - { - what = "string"; - evalChecks = { }; - } - else if builtins.isAttrs value then - # Recurse into nested sets of functions. - recurse value - else - throw "unsupported 'lib' type" - ) attrs; - }; - in - recurse output; - }; - lib = { - version = 1; - doc = "The `lib` flake output defines Nix functions."; - inventory = - output: - let - recurse = attrs: { - children = builtins.mapAttrs ( - name: value: - if builtins.isFunction value then - { - # Tell `nix flake show` what this is. - what = "library function"; - # Make `nix flake check` enforce our naming convention. - evalChecks.kebab-case = builtins.match "[a-z0-9\\-]+" name == [ ]; - } - else if builtins.isAttrs value then - # Recurse into nested sets of functions. - recurse value - else - throw "unsupported 'lib' type" - ) attrs; - }; - in - recurse output; - }; -}