pyrox.dev / nixpkgs
lol
fork atom

boostrap fetchurl: Add SRI support

Janne Heß 0b3e7f06 f8594cd4

options
unified split
Changed files
+15 -3
lib
minver.nix
nixos
doc
manual
from_md
release-notes
rl-2211.section.xml
release-notes
rl-2211.section.md
pkgs
build-support
fetchurl
boot.nix
+1 -1
lib/minver.nix 
···

       
1

       
 

       
# Expose the minimum required version for evaluating Nixpkgs


     

       
2

       
-

       
"2.2"


     
···

       
1

       
 

       
# Expose the minimum required version for evaluating Nixpkgs


     

       
2

       
+

       
"2.3"
+5
nixos/doc/manual/from_md/release-notes/rl-2211.section.xml 
···

       
257

       
 

       
    <itemizedlist>


     

       
258

       
 

       
      <listitem>


     

       
259

       
 

       
        <para>


     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       
260

       
 

       
          The <literal>isCompatible</literal> predicate checking CPU


     

       
261

       
 

       
          compatibility is no longer exposed by the platform sets


     

       
262

       
 

       
          generated using <literal>lib.systems.elaborate</literal>. In


     
···

       
257

       
 

       
    <itemizedlist>


     

       
258

       
 

       
      <listitem>


     

       
259

       
 

       
        <para>


     

       
260

       
+

       
          Nixpkgs now requires Nix 2.3 or newer.


     

       
261

       
+

       
        </para>


     

       
262

       
+

       
      </listitem>


     

       
263

       
+

       
      <listitem>


     

       
264

       
+

       
        <para>


     

       
265

       
 

       
          The <literal>isCompatible</literal> predicate checking CPU


     

       
266

       
 

       
          compatibility is no longer exposed by the platform sets


     

       
267

       
 

       
          generated using <literal>lib.systems.elaborate</literal>. In
+2
nixos/doc/manual/release-notes/rl-2211.section.md 
···

       
94

       
 

       



     

       
95

       
 

       
## Backward Incompatibilities {#sec-release-22.11-incompatibilities}


     

       
96

       
 

       



     

       

       

       
     

       

       

       
     

       
97

       
 

       
- The `isCompatible` predicate checking CPU compatibility is no longer exposed


     

       
98

       
 

       
  by the platform sets generated using `lib.systems.elaborate`. In most cases


     

       
99

       
 

       
  you will want to use the new `canExecute` predicate instead which also


     
···

       
94

       
 

       



     

       
95

       
 

       
## Backward Incompatibilities {#sec-release-22.11-incompatibilities}


     

       
96

       
 

       



     

       
97

       
+

       
- Nixpkgs now requires Nix 2.3 or newer.


     

       
98

       
+

       



     

       
99

       
 

       
- The `isCompatible` predicate checking CPU compatibility is no longer exposed


     

       
100

       
 

       
  by the platform sets generated using `lib.systems.elaborate`. In most cases


     

       
101

       
 

       
  you will want to use the new `canExecute` predicate instead which also
+7 -2
pkgs/build-support/fetchurl/boot.nix 
···

       
4

       
 

       



     

       
5

       
 

       
{ url ? builtins.head urls


     

       
6

       
 

       
, urls ? []


     

       
7

       
-

       
, sha256


     

       

       

       
     

       
8

       
 

       
, name ? baseNameOf (toString url)


     

       
9

       
 

       
}:


     

       
10

       
 

       



     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       
11

       
 

       
import <nix/fetchurl.nix> {


     

       
12

       
-

       
  inherit system sha256 name;


     

       
13

       
 

       



     

       
14

       
 

       
  url =


     

       
15

       
 

       
    # Handle mirror:// URIs. Since <nix/fetchurl.nix> currently


     
···

       
4

       
 

       



     

       
5

       
 

       
{ url ? builtins.head urls


     

       
6

       
 

       
, urls ? []


     

       
7

       
+

       
, sha256 ? ""


     

       
8

       
+

       
, hash ? ""


     

       
9

       
 

       
, name ? baseNameOf (toString url)


     

       
10

       
 

       
}:


     

       
11

       
 

       



     

       
12

       
+

       
# assert exactly one hash is set


     

       
13

       
+

       
assert hash != "" || sha256 != "";


     

       
14

       
+

       
assert hash != "" -> sha256 == "";


     

       
15

       
+

       



     

       
16

       
 

       
import <nix/fetchurl.nix> {


     

       
17

       
+

       
  inherit system hash sha256 name;


     

       
18

       
 

       



     

       
19

       
 

       
  url =


     

       
20

       
 

       
    # Handle mirror:// URIs. Since <nix/fetchurl.nix> currently