Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

treewide: use SRI hash in fetchFromOrCz #326437

Merged
merged 1 commit into from
Jul 12, 2024
Merged

treewide: use SRI hash in fetchFromOrCz #326437

merged 1 commit into from
Jul 12, 2024

Conversation

pyrox0
Copy link
Member

@pyrox0 pyrox0 commented Jul 12, 2024

Per #325892, SRI hashes in the hash field should be used for fetcher instead of sha256, so this fixes it for the one case that it is not correct for fetchFromOrCz calls. This doesn't cause any rebuilds, so there shouldn't be any issues here.

Description of changes

Things done

  • Built on platform(s)
    • x86_64-linux
    • aarch64-linux
    • x86_64-darwin
    • aarch64-darwin
  • For non-Linux: Is sandboxing enabled in nix.conf? (See Nix manual)
    • sandbox = relaxed
    • sandbox = true
  • Tested, as applicable:
  • Tested compilation of all packages that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage
  • Tested basic functionality of all binary files (usually in ./result/bin/)
  • 24.11 Release Notes (or backporting 23.11 and 24.05 Release notes)
    • (Package updates) Added a release notes entry if the change is major or breaking
    • (Module updates) Added a release notes entry if the change is significant
    • (Module addition) Added a release notes entry if adding a new NixOS module
  • Fits CONTRIBUTING.md.

Add a 👍 reaction to pull requests you find important.

@pyrox0
cdimgtools: sha256 -> hash
20ea266 
`sha256 = "...";` is deprecated in favor of SRI hashes, so this replaces
that hash.
@eclairevoyant
Copy link
Contributor

eclairevoyant commented Jul 12, 2024
edited
Loading

PR title and commit message should be something like cdimgtools: use SRI hash to follow the guidelines, otherwise lgtm

Ignore, just saw the commit message

@eclairevoyant eclairevoyant changed the title fetchFromRepoOrCz: no more sha256 treewide: use SRI hash in fetchFromOrCz Jul 12, 2024
eclairevoyant
eclairevoyant approved these changes Jul 12, 2024
View reviewed changes
Copy link
Contributor

@eclairevoyant eclairevoyant left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

cdimgtools.src fetches as expected

@eclairevoyant eclairevoyant merged commit 4f74d5e into NixOS:master Jul 12, 2024
10 of 11 checks passed
@ofborg ofborg bot added 10.rebuild-darwin: 0 This PR does not cause any packages to rebuild on Darwin 10.rebuild-linux: 0 This PR does not cause any packages to rebuild on Linux labels Jul 12, 2024
@pyrox0 pyrox0 deleted the fetchfromrepoorcz-no-sha256 branch August 4, 2024 23:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@eclairevoyant eclairevoyant eclairevoyant approved these changes

Assignees
No one assigned
Labels
10.rebuild-darwin: 0 This PR does not cause any packages to rebuild on Darwin 10.rebuild-linux: 0 This PR does not cause any packages to rebuild on Linux
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@pyrox0 @eclairevoyant