This is done with the following bash script:
```
#!/usr/bin/env bash
process_line() {
local filename=${1%:}
if [[ $4 =~ \"(.*)\"\; ]]; then
local sha256="${BASH_REMATCH[1]}"
fi
[[ -z $sha256 ]] && return 0
local hash=$(nix hash to-sri --type sha256 $sha256)
echo "Processing: $filename"
echo " $sha256 => $hash"
sed -i "s|cargoSha256 = \"$sha256\"|cargoHash = \"$hash\"|"
$filename
}
# split output by line
grep -r 'cargoSha256 = ' . | while IFS= read -r line; do
# split them further by space
read -r -a parts <<< "$line"
process_line "${parts[@]}"
done
```
Rust 1.50.0 incorporated a Cargo change (rust-lang/cargo#8937) in
which cargo vendor erroneously changed permissions of vendored
crates. This was fixed in Rust
1.51.0 (rust-lang/cargo#9131). Unfortunately, this means that all
cargoSha256/cargoHashes produced during the Rust 1.50.0 cycle are
potentially broken.
This change updates cargoSha256/cargoHash tree-wide.
Fixes#121994.
Changes the default fetcher in the Rust Platform to be the newer
`fetchCargoTarball`, and changes every application using the current default to
instead opt out.
This commit does not change any hashes or cause any rebuilds. Once integrated,
we will start deleting the opt-outs and recomputing hashes.
See #79975 for details.
