From cb704bf922aac3032a8bd98d73d708197fa661d9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Vladim=C3=ADr=20=C4=8Cun=C3=A1t?= Date: Tue, 26 Jul 2022 12:45:00 +0200 Subject: [PATCH] fetchurl: disallow specifying both `sha256` and `hash` A full check would be more complicated to write - and more importantly - probably also more expensive. Motivation: eval-time catch for errors like in commit 8198636be07e4. --- pkgs/build-support/fetchurl/default.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/pkgs/build-support/fetchurl/default.nix b/pkgs/build-support/fetchurl/default.nix index 7ec831c61ac7..a85d53adb829 100644 --- a/pkgs/build-support/fetchurl/default.nix +++ b/pkgs/build-support/fetchurl/default.nix @@ -117,6 +117,9 @@ let else throw "fetchurl requires either `url` or `urls` to be set"; hash_ = + # Many other combinations don't make sense, but this is the most common one: + if hash != "" && sha256 != "" then throw "multiple hashes passed to fetchurl" else + if hash != "" then { outputHashAlgo = null; outputHash = hash; } else if md5 != "" then throw "fetchurl does not support md5 anymore, please use sha256 or sha512" else if (outputHash != "" && outputHashAlgo != "") then { inherit outputHashAlgo outputHash; }