nordic-dev.net/nixpkgs
nordic-dev.net/nixpkgs
2
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-01-30 08:44:31 +00:00
Code Issues Packages Projects Releases Wiki Activity

electrs/update.sh: ensure tag is checked out

Browse Source 
Cloning a tag-named branch introduced a supply chain attack vector,
because branch and tag contents might differ.
Now the hashed worktree always corresponds to the tag that is GPG-verified.
This commit is contained in:
Erik Arvstedt 2021-10-20 21:57:40 +02:00
parent 806535d54f
commit 6b7aa566ef
No known key found for this signature in database
GPG Key ID: 33312B944DD97846
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
pkgs/applications/blockchains/electrs/update.sh
View File

@ -21,6 +21,7 @@ repo=$tmpdir/repo
trap "rm -rf $tmpdir" EXIT
git clone --depth 1 --branch v${version} -c advice.detachedHead=false https://github.com/romanz/electrs $repo
git -C $repo checkout tags/v${version}
export GNUPGHOME=$tmpdir
echo