as with glibcxxassertions, we don't yet have a nice mechanism
for deferring support decisions to the c++ library in use, so
for now at least enabling this hardening flag will cause
_LIBCPP_HARDENING_MODE to be defined on all compilers
Add `identifiers` attr to `meta` attribute with following attrs:
* `cpe` with the full CPE string when available
* `possibleCPEs` with the list of potential CPEs when not all
information is provided
* `cpeParts` with the destructured CPE string, allowing to override it
whenever needed
* `v1` attribute set with `cpe` and `cpeParts` from above and a
guarantee of a backwards-compatible interface
Related issue: https://github.com/NixOS/nixpkgs/issues/354012
no platforms "unsupported" because we don't have a nice
mechanism for determining a platform's c++ lib and the flag
should be harmlessly ignored by a other c++ libs
This section has been the subject of too many jokes about nixpkgs and nix
overall being incomprehensible among people I know. In lieu of adding to
the fray I've had a go at correcting the reasons I couldn't read it
myself.
I don't actually think the math is a problem; it's actually probably the
more understandable part of the section once you actually understand the
definitions. The missing definitions and leaving the truth table as an
exercise to the reader really was not working for me though.
I've also added what each dependency group is actually *for*. This
hopefully makes the section easier to understand how it applies in
practice.
I generated the initial version of the table before reformatting it and
removing pointless rows with:
```python
def mapOffset(h, t, i):
return i + (h if i <= 0 else t - 1)
for h0 in (-1, 0, 1):
for t0 in (-1, 0, 1):
if t0 < h0: continue
heading = f'{h0:3} | {t0:3}'
for i in (-1, 0, 1):
if h0 + i not in (-1, 0, 1):
mapped = 'x'
else:
mapped = mapOffset(h0, t0, i)
heading += f' | {mapped:>2}'
print(heading)
```
The no-broken-symlinks hook does not fail if bad links exist out of
store, but /build is also a special directory for nix derivations: the
build directory in the builder mount namespace.
There should be no link to /build in the output derivation, so also
error on these directories (through $TMPDIR which default to that)
Closes#410508
