Suppose we have the following C code file:
#include <stdio.h>
int main() {
char str[] = "Hello, World!";
printf(str);
return 0;
}
It can be successfully compiled by installing gcc locally. But in nix-shell, it will fail:
1.c: In function ‘main’:
1.c:5:10: error: format not a string literal and no format arguments [-Werror=format-security]
5 | printf(str);
| ^~~
cc1: some warnings being treated as errors
My local here refers to installation through configuration.nix or home-manager. The same as the default version in nix-shell, both are 10.3.0.
In order to avoid compilation failure in nix-shell, I will deliberately append the parameters in the NIX_CFLAGS_COMPILE variable, for example:
mkShell {
# ......
shellHook =''
export NIX_CFLAGS_COMPILE="-Wno-format-security $NIX_CFLAGS_COMPILE"
'';
}
Can anyone tell me why this is?
