-
-
Notifications
You must be signed in to change notification settings - Fork 14k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
*: sha256 = sha256-.. => hash = sha256-.. #112388
Conversation
This breaks easy updates for people not using sri hashes. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hi! The update script expects to find and update sha256
. I suggest keeping sha256
for the two derivations in pkgs/top-level/perl-packages.nix
if that's ok?
@@ -10184,7 +10184,7 @@ let | |||
version = "0.78"; | |||
src = fetchurl { | |||
url = "mirror://cpan/authors/id/P/PE/PEVANS/IO-Async-0.78.tar.gz"; | |||
sha256 = "sha256-P7UYhZd7hiGKiepC84yvvOWCO/SPqqLRhaGGwqNYNmw="; | |||
hash = "sha256-P7UYhZd7hiGKiepC84yvvOWCO/SPqqLRhaGGwqNYNmw="; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
hash = "sha256-P7UYhZd7hiGKiepC84yvvOWCO/SPqqLRhaGGwqNYNmw="; | |
sha256 = "sha256-P7UYhZd7hiGKiepC84yvvOWCO/SPqqLRhaGGwqNYNmw="; |
@@ -23090,7 +23090,7 @@ let | |||
version = "1.01"; | |||
src = fetchurl { | |||
url = "mirror://cpan/authors/id/G/GR/GRANTM/XML-Filter-Sort-1.01.tar.gz"; | |||
sha256 = "sha256-UQWF85pJFszV+o1UXpYXnJHq9vx8l6QBp1aOhBFi+l8="; | |||
hash = "sha256-UQWF85pJFszV+o1UXpYXnJHq9vx8l6QBp1aOhBFi+l8="; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
hash = "sha256-UQWF85pJFszV+o1UXpYXnJHq9vx8l6QBp1aOhBFi+l8="; | |
sha256 = "sha256-UQWF85pJFszV+o1UXpYXnJHq9vx8l6QBp1aOhBFi+l8="; |
@SuperSandro2000 I suppose this PR might possibly be the right time to resolve those issues beforehand and then merge it. I'd say SRI is the future, so we shouldn't let that hold things back. |
This should be done in badges or we can't review it and get frequent merge conflicts. Also right now it does not even eval and what do we do with all the hashes in the old format? If they are recalculated it definitely needs to be done in batches. Does this cause rebuilds? Is there a consensus on this? What do we do with PRs that introduce the old format? |
Anyone can do |
This commit replaces all hashes using the new format and the old variable name (sha256 = "sha256-..") to the new format (hash = "sha256-..") Command used for changes find -iname "*.nix" -type f -exec sed 's|sha256 = "sha256|hash = "sha256|g' -i {} + //cc @worldofpeace
Yea, but it's not a good user experience. At the very least I don't think we should be requesting changes to PR because they have a Once 2.4 is stable, then the changes will mostly be |
Also |
Honestly I fail to see motivation why replace all the hashes. |
I think standardization on a single format is a good idea to reduce the number of things new users need to learn about but it is simply too soon. We need to decide if the attribute name should be |
This commit replaces all hashes using the new format
and the old variable name (sha256 = "sha256-..") to
the new format (hash = "sha256-..")
Command used for changes
find -iname "*.nix" -type f -exec sed 's|sha256 = "sha256|hash = "sha256|g' -i {} +
//cc @worldofpeace
Motivation for this change
Things done
sandbox
innix.conf
on non-NixOS linux)nix-shell -p nixpkgs-review --run "nixpkgs-review wip"
./result/bin/
)nix path-info -S
before and after)