fetchzip is more efficient, because it doesn't do a full git clone, so
it should be preferred where possible.
Where hashes have not been changed, I have verified that they don't
need to be. Where hashes have changed, in all cases this is because
of .gitattributes files that exclude certain files from the tarball,
and in these cases I have verified that the packages still build.
sbsigntool still uses fetchgit because it has a submodule, and ell and
iwd still use fetchgit because git.kernel.org does not provide
snapshot links for them. Apparently this is intentional.
Whenever we create scripts that are installed to $out, we must use runtimeShell
in order to get the shell that can be executed on the machine we create the
package for. This is relevant for cross-compiling. The only use case for
stdenv.shell are scripts that are executed as part of the build system.
Usages in checkPhase are borderline however to decrease the likelyhood
of people copying the wrong examples, I decided to use runtimeShell as well.
* pkgs: refactor needless quoting of homepage meta attribute
A lot of packages are needlessly quoting the homepage meta attribute
(about 1400, 22%), this commit refactors all of those instances.
* pkgs: Fixing some links that were wrongfully unquoted in the previous
commit
* Fixed some instances
The following parameters are now available:
* hardeningDisable
To disable specific hardening flags
* hardeningEnable
To enable specific hardening flags
Only the cc-wrapper supports this right now, but these may be reused by
other wrappers, builders or setup hooks.
cc-wrapper supports the following flags:
* fortify
* stackprotector
* pie (disabled by default)
* pic
* strictoverflow
* format
* relro
* bindnow
