From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from atuin.qyliss.net (localhost [IPv6:::1]) by atuin.qyliss.net (Postfix) with ESMTP id 363945A31; Sun, 09 Nov 2025 11:13:40 +0000 (UTC) Received: by atuin.qyliss.net (Postfix, from userid 993) id 629BC5AC3; Sun, 09 Nov 2025 11:13:37 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on atuin.qyliss.net X-Spam-Level: X-Spam-Status: No, score=-0.8 required=3.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,DMARC_MISSING,RCVD_IN_DNSWL_LOW,SPF_HELO_PASS autolearn=unavailable autolearn_force=no version=4.0.1 Received: from fout-a4-smtp.messagingengine.com (fout-a4-smtp.messagingengine.com [103.168.172.147]) by atuin.qyliss.net (Postfix) with ESMTPS id 613B75A28 for ; Sun, 09 Nov 2025 11:13:35 +0000 (UTC) Received: from phl-compute-11.internal (phl-compute-11.internal [10.202.2.51]) by mailfout.phl.internal (Postfix) with ESMTP id EA8DDEC0068; Sun, 9 Nov 2025 06:13:32 -0500 (EST) Received: from phl-mailfrontend-02 ([10.202.2.163]) by phl-compute-11.internal (MEProxy); Sun, 09 Nov 2025 06:13:32 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alyssa.is; h=cc :cc:content-type:content-type:date:date:from:from:in-reply-to :in-reply-to:message-id:mime-version:references:reply-to:subject :subject:to:to; s=fm2; t=1762686812; x=1762773212; bh=8ftDw4ZvAj ADwLwDSiW71zQRyz3YacqdlP7jtaZFDes=; b=b8zoFJHsXKyXJqm2/76yv7LYnQ y16gmopwIcyH++Om+DyO1vgE83sR0ag3S2BBB3sZtfs93pW6kIYLIzDw7CoZMsgu qTFjuFDmafEKeuoruBydIGmLKu7bfslh+kgLIQ8z6t5+I/rS/nDNwlNoi0DdNIAB bUThHBXUMlwNMSbfepMlr/7AWbgWX3yuWG0/j0DQz8dGXzqmJz9jQZFNRhwkehed N8PuIoNcamX1Fb/RqKvSNl+vhN10dmU5s+fLo0yex8xMMX1oFg4GDRiqUZdF2RsC mSzytzIZ80pINoYMMXlKC5Ei4e6wFhD1xUiQ6+viSLWNLl1nYe3UVqaaO/Uw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-type:content-type:date:date :feedback-id:feedback-id:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:subject:subject:to :to:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm3; t= 1762686812; x=1762773212; bh=8ftDw4ZvAjADwLwDSiW71zQRyz3YacqdlP7 jtaZFDes=; b=uk63jiC7jsHDD4nFoBYZliQ/6+ZyHlkxA8ZTPAaE/yl+EqTfvqq Rnr6kezLeised9r6MriBqojzJjGstubU1ea+9YQihA/JmrG1OhQAjDxBm5y/JM+U n8UV4m2Ny++cKCTFjxwnv213ZAsYb+Vexpo7F6Uc3vlRLnpBbhykbhT0LbdSzB+G 67DWVxbJ8ajEusampYUTa+qIHZLcWQ83QtPuuFG6PuCoJc/TFFj+2UdRjuctz4ol x4qa1vkaoEjZmWWmRCY+j2DqjQIkSuqECwaue8fF+Z2enqNyb9vbT/oOFt+0M9gl LIjXvrSTuDpW116PhvDJqMvUKqfiCmvqwOg== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeeffedrtdeggdduleehvdejucetufdoteggodetrf dotffvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfurfetoffkrfgpnffqhgenuceu rghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmnecujf gurhephffvvefujghffffkgggtsehgtderredttddtnecuhfhrohhmpeetlhihshhsrgcu tfhoshhsuceohhhisegrlhihshhsrgdrihhsqeenucggtffrrghtthgvrhhnpeeiudffue eilefgtefgtddttdekkeehkefgheekudefveetgeefiefftedvteeuveenucevlhhushht vghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehhihesrghlhihsshgrrd hishdpnhgspghrtghpthhtohepvddpmhhouggvpehsmhhtphhouhhtpdhrtghpthhtohep uggvmhhiohgsvghnohhurhesghhmrghilhdrtghomhdprhgtphhtthhopeguvghvvghlse hsphgvtghtrhhumhdqohhsrdhorhhg X-ME-Proxy: Feedback-ID: i12284293:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Sun, 9 Nov 2025 06:13:32 -0500 (EST) Received: by mbp.qyliss.net (Postfix, from userid 1000) id 715516914083; Sun, 09 Nov 2025 12:13:30 +0100 (CET) From: Alyssa Ross To: Demi Marie Obenour Subject: Re: config.nix validation? In-Reply-To: References: Date: Sun, 09 Nov 2025 12:13:29 +0100 Message-ID: <878qgf4fxi.fsf@alyssa.is> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" Message-ID-Hash: RXMYJKKMBRSX7IZ5W2TEX6DKEYBR62XG X-Message-ID-Hash: RXMYJKKMBRSX7IZ5W2TEX6DKEYBR62XG X-MailFrom: hi@alyssa.is X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-devel.spectrum-os.org-0; header-match-devel.spectrum-os.org-1; header-match-devel.spectrum-os.org-2; header-match-devel.spectrum-os.org-3; header-match-devel.spectrum-os.org-4; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: Spectrum OS Development X-Mailman-Version: 3.3.9 Precedence: list List-Id: Patches and low-level development discussion Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: --=-=-= Content-Type: text/plain Demi Marie Obenour writes: > Should the values from config.nix be validated in any way? They are > obviously trusted, but it is very easy for the users to make mistakes > that could cause extremely confusing problems. For instance, the > update patch doesn't support URLs with a query string or a fragment > specifier. In fact, such URLs could get mangled. There are other > URLs that tools like curl will accept but which will break the build. > > Should these be validated with regular expressions before use? > That will result in build-time errors that at least somewhat point > to the source of the problem, rather than mysterious build-time or > runtime misbehavior. Is there a way we could prevent those URLs getting mangled? Assuming no, we don't know of anybody currently using the configuration mechanism, so I wouldn't spend much time on it personally, but that doesn't necessarily mean that you shouldn't. Do it in separate patches at least though so it doesn't hold up higher priority stuff. --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iHUEARYKAB0WIQRV/neXydHjZma5XLJbRZGEIw/wogUCaRB3WQAKCRBbRZGEIw/w oteZAPsENMeYEMENT2NpSB7VdFA9OPdCo+oy7RY34Po5ef0I0QD/bk+G5i+wHEF5 memK8TUyRyf7BetecHf+Txkzd3AhqAw= =L7Oa -----END PGP SIGNATURE----- --=-=-=--