Skip to content

firefox: sha{256, 512} → hash#255518

Closed
nicoonoclaste wants to merge 3 commits intoNixOS:masterfrom
nicoonoclaste:firefox/sha512-to-hash
Closed

firefox: sha{256, 512} → hash#255518
nicoonoclaste wants to merge 3 commits intoNixOS:masterfrom
nicoonoclaste:firefox/sha512-to-hash

Conversation

@nicoonoclaste
Copy link
Copy Markdown
Contributor

@nicoonoclaste nicoonoclaste commented Sep 16, 2023
edited
Loading

Description of changes

  • Convert hexadecimal hashes to SRI format in firefox.updateScript
  • Convert existing hashes in firefox/*.nix

The maintainer script is from #255512, I only included it in the history so as to document how the automatic rewrites were performed.

Things done

  • Built on platform(s)
    • x86_64-linux
    • aarch64-linux
    • x86_64-darwin
    • aarch64-darwin
  • Tested compilation of all packages that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage
  • Fits CONTRIBUTING.md.

@nicoonoclaste
Copy link
Copy Markdown
Contributor Author

nicoonoclaste commented Sep 16, 2023

@mweinelt Does this address the feedback in #255512 ?

@ofborg ofborg bot added 10.rebuild-darwin: 0 This PR does not cause any packages to rebuild on Darwin. 10.rebuild-linux: 0 This PR does not cause any packages to rebuild on Linux. labels Sep 16, 2023
@nicoonoclaste nicoonoclaste mentioned this pull request Sep 16, 2023
Draft
mkg20001
mkg20001 reviewed Oct 27, 2023
View reviewed changes
pkgs/applications/networking/browsers/firefox/update.nix

hash=$(grep '\.source\.tar\.xz$' "$HOME"/shasums | grep '^[^ ]*' -o)
sriHash=$(nix-hash --type sha512 --to-sri "$hash")

Copy link
Copy Markdown
Member

@mkg20001 mkg20001 Oct 27, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

sriHash is not used, maybe you forgot to update the update-source-version expr

@mweinelt
Copy link
Copy Markdown
Member

mweinelt commented Oct 27, 2023

I'm opposed to changing these hashes from the upstream provided ones to SRI.

That just makes them harder to compare for just about anyone.

@nicoonoclaste nicoonoclaste deleted the firefox/sha512-to-hash branch December 3, 2023 18:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mkg20001 mkg20001 mkg20001 left review comments

@mweinelt mweinelt Awaiting requested review from mweinelt

Assignees

No one assigned

Labels

10.rebuild-darwin: 0 This PR does not cause any packages to rebuild on Darwin. 10.rebuild-linux: 0 This PR does not cause any packages to rebuild on Linux.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@nicoonoclaste @mweinelt @mkg20001