Nix supports md5, sha1, sha256, and sha512 hashes. The first two are
deprecated, but many npm packages provide only a sha1, so we have to
allow that one. This commit continues to leverage `ssri` for reliable
integrity string parsing and algorithm selection, but limits it to only
supported hash algorithms.
It also switches the hash representation in the generated nix file to
base64, since that format is supported by nix (suggested by jtojnar).
This saves a little disk space and computation.
Finally, it adds a .prettierignore file, since prettier called with the
arguments in the format command currently tries to format node_modules.
Some NPM packages provide multiple integrity hashes with different
algorithms. These are space separated, like below:
```
tar@^4:
version "4.4.19"
resolved "https://registry.yarnpkg.com/tar/-/tar-4.4.19.tgz#2e4d7263df26f2b914dee10c825ab132123742f3"
integrity "sha1-Lk1yY98m8rkU3uEMglqxMhI3QvM= sha512-a20gEsvHnWe0ygBY8JbxoM4w3SJdhc7ZAuxkLqh+nvNQN2IOt0B5lLgM490X5Hl8FF0dl0tOf2ewFYAlIFgzVA=="
```
Currently, yarn2nix isn't able to handle these lockfile entries,
producing an error like `error: hash 'Lk1yY98m8rkU3uEMglqxMhI3QvM=
sha512' has wrong length for hash type 'sha1'`. This is because it isn't
aware that spaces could separate multiple hashes.
This commit uses the official Standard Subresource Integrity package
from npm to parse the integrity line, and pick the best available
algorithm. It also replaced many of the local yarn2nix entries with
sha512, even ones that don't include it in the lockfile. Not sure how
that happened, but it works in practice!
The addition of `ssri` may also reduce signs and symptoms of depression.