aboutsummaryrefslogtreecommitdiff
path: root/front/default.nix
diff options
context:
space:
mode:
authorstuebinm2021-02-18 15:51:08 +0100
committerstuebinm2021-02-18 15:51:08 +0100
commitbfae9d9bfa90a0189d943ca865fa046f510b9922 (patch)
treea4acce736d20be7cb9694a3a8fe860bd06224adc /front/default.nix
parent8788bba867874725439a76dc94891e4438568650 (diff)
Safer option injection to build scripts
Nix isn't very typesafe, but apparently there is at least a `escapeShellArg` function which makes things safe for shell execution.
Diffstat (limited to 'front/default.nix')
-rw-r--r--front/default.nix4
1 files changed, 2 insertions, 2 deletions
diff --git a/front/default.nix b/front/default.nix
index dc3f115..5385de3 100644
--- a/front/default.nix
+++ b/front/default.nix
@@ -86,8 +86,8 @@ in
replace-literal -efsr '"@types/quill": "^1.3.7",' ' ';
replace-literal -efsr '"quill": "^1.3.7",' ' ';
''
- + (if envVars ? DEFAULT_MAP_URL then ''replace-literal -efs -r -x .ts "/Floor0/floor0.json" "${envVars.DEFAULT_MAP_URL}";'' else "")
- + (if envVars ? STUN_SERVER then ''replace-literal -efs -r -x .ts "stun:stun.l.google.com:19302" "${envVars.STUN_SERVER}";'' else "");
+ + (if envVars ? DEFAULT_MAP_URL then ''replace-literal -efs -r -x .ts "/Floor0/floor0.json" ${lib.escapeShellArg envVars.DEFAULT_MAP_URL};'' else "")
+ + (if envVars ? STUN_SERVER then ''replace-literal -efs -r -x .ts "stun:stun.l.google.com:19302" ${lib.escapeShellArg envVars.STUN_SERVER};'' else "");
buildPhase = ''
mkdir -p $out