nordic-dev.net/nixpkgs
nordic-dev.net/nixpkgs
2
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-12-25 23:23:07 +00:00
Code Issues Packages Projects Releases Wiki Activity
1ec7c81e31
nixpkgs/lib/fetchers.nix
Silvan Mosberger 4f0dadbf38 treewide: format all inactive Nix files 
After final improvements to the official formatter implementation,
this commit now performs the first treewide reformat of Nix files using it.
This is part of the implementation of RFC 166.

Only "inactive" files are reformatted, meaning only files that
aren't being touched by any PR with activity in the past 2 months.
This is to avoid conflicts for PRs that might soon be merged.
Later we can do a full treewide reformat to get the rest,
which should not cause as many conflicts.

A CI check has already been running for some time to ensure that new and
already-formatted files are formatted, so the files being reformatted here
should also stay formatted.

This commit was automatically created and can be verified using

    nix-build a08b3a4d19.tar.gz \
      --argstr baseRev b32a094368
    result/bin/apply-formatting $NIXPKGS_PATH
2024-12-10 20:26:33 +01:00

221 lines
5.8 KiB
Nix
Raw Blame History

# snippets that can be shared by multiple fetchers (pkgs/build-support)
{ lib }:
let
commonH = hashTypes: rec {
hashNames = [ "hash" ] ++ hashTypes;
hashSet = lib.genAttrs hashNames (lib.const { });
};
fakeH = {
hash = lib.fakeHash;
sha256 = lib.fakeSha256;
sha512 = lib.fakeSha512;
};
in
rec {
proxyImpureEnvVars = [
# We borrow these environment variables from the caller to allow
# easy proxy configuration. This is impure, but a fixed-output
# derivation like fetchurl is allowed to do so since its result is
# by definition pure.
"http_proxy"
"https_proxy"
"ftp_proxy"
"all_proxy"
"no_proxy"
"HTTP_PROXY"
"HTTPS_PROXY"
"FTP_PROXY"
"ALL_PROXY"
"NO_PROXY"
# https proxies typically need to inject custom root CAs too
"NIX_SSL_CERT_FILE"
];
/**
Converts an attrset containing one of `hash`, `sha256` or `sha512`,
into one containing `outputHash{,Algo}` as accepted by `mkDerivation`.
An appropriate fake hash is substituted when the hash value is `""`,
as is the [convention for fetchers](#sec-pkgs-fetchers-updating-source-hashes-fakehash-method).
All other attributes in the set remain as-is.
# Example
```nix
normalizeHash { } { hash = ""; foo = "bar"; }
=>
{
outputHash = lib.fakeHash;
outputHashAlgo = null;
foo = "bar";
}
```
```nix
normalizeHash { } { sha256 = lib.fakeSha256; }
=>
{
outputHash = lib.fakeSha256;
outputHashAlgo = "sha256";
}
```
```nix
normalizeHash { } { sha512 = lib.fakeSha512; }
=>
{
outputHash = lib.fakeSha512;
outputHashAlgo = "sha512";
}
```
# Type
```
normalizeHash :: { hashTypes :: List String, required :: Bool } -> AttrSet -> AttrSet
```
# Arguments
hashTypes
: the set of attribute names accepted as hash inputs, in addition to `hash`
required
: whether to throw if no hash was present in the input; otherwise returns the original input, unmodified
*/
normalizeHash =
{
hashTypes ? [ "sha256" ],
required ? true,
}:
let
inherit (lib)
concatMapStringsSep
head
tail
throwIf
;
inherit (lib.attrsets)
attrsToList
intersectAttrs
removeAttrs
optionalAttrs
;
inherit (commonH hashTypes) hashNames hashSet;
in
args:
if args ? "outputHash" then
args
else
let
# The argument hash, as a {name, value} pair
h =
# All hashes passed in arguments (possibly 0 or >1) as a list of {name, value} pairs
let
hashesAsNVPairs = attrsToList (intersectAttrs hashSet args);
in
if hashesAsNVPairs == [ ] then
throwIf required "fetcher called without `hash`" null
else if tail hashesAsNVPairs != [ ] then
throw "fetcher called with mutually-incompatible arguments: ${
concatMapStringsSep ", " (a: a.name) hashesAsNVPairs
}"
else
head hashesAsNVPairs;
in
removeAttrs args hashNames
// (optionalAttrs (h != null) {
outputHashAlgo = if h.name == "hash" then null else h.name;
outputHash =
if h.value == "" then
fakeH.${h.name} or (throw "no fake hash defined for ${h.name}")
else
h.value;
});
/**
Wraps a function which accepts `outputHash{,Algo}` into one which accepts `hash` or `sha{256,512}`
# Example
```nix
withNormalizedHash { hashTypes = [ "sha256" "sha512" ]; } (
{ outputHash, outputHashAlgo, ... }:
...
)
```
is a function which accepts one of `hash`, `sha256`, or `sha512` (or the original's `outputHash` and `outputHashAlgo`).
Its `functionArgs` metadata only lists `hash` as a parameter, optional iff. `outputHash` was an optional parameter of
the original function. `sha256`, `sha512`, `outputHash`, or `outputHashAlgo` are not mentioned in the `functionArgs`
metadata.
# Type
```
withNormalizedHash :: { hashTypes :: List String } -> (AttrSet -> T) -> (AttrSet -> T)
```
# Arguments
hashTypes
: the set of attribute names accepted as hash inputs, in addition to `hash`
: they must correspond to a valid value for `outputHashAlgo`, currently one of: `md5`, `sha1`, `sha256`, or `sha512`.
f
: the function to be wrapped
::: {.note}
In nixpkgs, `mkDerivation` rejects MD5 `outputHash`es, and SHA-1 is being deprecated.
As such, there is no reason to add `md5` to `hashTypes`, and
`sha1` should only ever be included for backwards compatibility.
:::
# Output
`withNormalizedHash { inherit hashTypes; } f` is functionally equivalent to
```nix
args: f (normalizeHash {
inherit hashTypes;
required = !(lib.functionArgs f).outputHash;
} args)
```
However, `withNormalizedHash` preserves `functionArgs` metadata insofar as possible,
and is implemented somewhat more efficiently.
*/
withNormalizedHash =
{
hashTypes ? [ "sha256" ],
}:
fetcher:
let
inherit (lib.attrsets) genAttrs intersectAttrs removeAttrs;
inherit (lib.trivial) const functionArgs setFunctionArgs;
inherit (commonH hashTypes) hashSet;
fArgs = functionArgs fetcher;
normalize = normalizeHash {
inherit hashTypes;
required = !fArgs.outputHash;
};
in
# The o.g. fetcher must *only* accept outputHash and outputHashAlgo
assert fArgs ? outputHash && fArgs ? outputHashAlgo;
assert intersectAttrs fArgs hashSet == { };
setFunctionArgs (args: fetcher (normalize args)) (
removeAttrs fArgs [
"outputHash"
"outputHashAlgo"
]
// {
hash = fArgs.outputHash;
}
);
}
Reference in New Issue View Git Blame Copy Permalink