From afad2fc95770e0c7e19d8851cff49c92a7c9d6bd Mon Sep 17 00:00:00 2001 From: Adam Joseph Date: Sun, 28 Aug 2022 02:20:26 -0700 Subject: [PATCH 01/15] patchutils: add forStdenvBootstrap flag --- pkgs/tools/text/patchutils/generic.nix | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/pkgs/tools/text/patchutils/generic.nix b/pkgs/tools/text/patchutils/generic.nix index d1cd4334e1196f9..51628f0c8005f5c 100644 --- a/pkgs/tools/text/patchutils/generic.nix +++ b/pkgs/tools/text/patchutils/generic.nix @@ -1,5 +1,6 @@ { lib, stdenv, fetchurl, perl, makeWrapper , version, sha256, patches ? [], extraBuildInputs ? [] +, forStdenvBootstrap ? false , ... }: stdenv.mkDerivation rec { @@ -11,14 +12,14 @@ stdenv.mkDerivation rec { inherit sha256; }; - nativeBuildInputs = [ makeWrapper ]; + nativeBuildInputs = lib.optionals (!forStdenvBootstrap) [ makeWrapper ]; buildInputs = [ perl ] ++ extraBuildInputs; hardeningDisable = [ "format" ]; # tests fail when building in parallel enableParallelBuilding = false; - postInstall = '' + postInstall = lib.optionalString (!forStdenvBootstrap) '' for bin in $out/bin/{splitdiff,rediff,editdiff,dehtmldiff}; do wrapProgram "$bin" \ --prefix PATH : "$out/bin" From a804503881a189dd932c0e449379132aeb8683a6 Mon Sep 17 00:00:00 2001 From: Adam Joseph Date: Fri, 16 Sep 2022 00:06:47 -0700 Subject: [PATCH 02/15] fetchurl/boot.nix: allow empty/fake hash --- pkgs/build-support/fetchurl/boot.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/build-support/fetchurl/boot.nix b/pkgs/build-support/fetchurl/boot.nix index 8f8c78b7a454a3e..5ca18a56eeb308c 100644 --- a/pkgs/build-support/fetchurl/boot.nix +++ b/pkgs/build-support/fetchurl/boot.nix @@ -9,9 +9,9 @@ let mirrors = import ./mirrors.nix; in , name ? baseNameOf (toString url) }: -# assert exactly one hash is set -assert hash != "" || sha256 != ""; +# assert at most one hash is set assert hash != "" -> sha256 == ""; +assert sha256 != "" -> hash == ""; import { inherit system hash sha256 name; From be7ab3302d665941b1c22fb6947cdc4886338fdc Mon Sep 17 00:00:00 2001 From: Adam Joseph Date: Thu, 15 Sep 2022 23:54:10 -0700 Subject: [PATCH 03/15] nix-fetchurl.nix: copy from nix repository --- pkgs/build-support/fetchurl/nix-fetchurl.nix | 43 ++++++++++++++++++++ 1 file changed, 43 insertions(+) create mode 100644 pkgs/build-support/fetchurl/nix-fetchurl.nix diff --git a/pkgs/build-support/fetchurl/nix-fetchurl.nix b/pkgs/build-support/fetchurl/nix-fetchurl.nix new file mode 100644 index 000000000000000..9e7b5642cbddcb6 --- /dev/null +++ b/pkgs/build-support/fetchurl/nix-fetchurl.nix @@ -0,0 +1,43 @@ +# this file was copied from https://github.com/NixOS/nix + +{ system ? "" # obsolete +, url +, hash ? "" # an SRI hash + +# Legacy hash specification +, md5 ? "", sha1 ? "", sha256 ? "", sha512 ? "" +, outputHash ? + if hash != "" then hash else if sha512 != "" then sha512 else if sha1 != "" then sha1 else if md5 != "" then md5 else sha256 +, outputHashAlgo ? + if hash != "" then "" else if sha512 != "" then "sha512" else if sha1 != "" then "sha1" else if md5 != "" then "md5" else "sha256" + +, executable ? false +, unpack ? false +, name ? baseNameOf (toString url) +}: + +derivation { + builder = "builtin:fetchurl"; + + # New-style output content requirements. + inherit outputHashAlgo outputHash; + outputHashMode = if unpack || executable then "recursive" else "flat"; + + inherit name url executable unpack; + + system = "builtin"; + + # No need to double the amount of network traffic + preferLocalBuild = true; + + impureEnvVars = [ + # We borrow these environment variables from the caller to allow + # easy proxy configuration. This is impure, but a fixed-output + # derivation like fetchurl is allowed to do so since its result is + # by definition pure. + "http_proxy" "https_proxy" "ftp_proxy" "all_proxy" "no_proxy" + ]; + + # To make "nix-prefetch-url" work. + urls = [ url ]; +} From e3e13bfe3a4c56ea7495aa6f45ae7310ff98a7b5 Mon Sep 17 00:00:00 2001 From: Adam Joseph Date: Thu, 15 Sep 2022 23:54:31 -0700 Subject: [PATCH 04/15] nix-fetchurl.nix: add support for __impure --- pkgs/build-support/fetchurl/nix-fetchurl.nix | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/pkgs/build-support/fetchurl/nix-fetchurl.nix b/pkgs/build-support/fetchurl/nix-fetchurl.nix index 9e7b5642cbddcb6..5d64c277326c5d0 100644 --- a/pkgs/build-support/fetchurl/nix-fetchurl.nix +++ b/pkgs/build-support/fetchurl/nix-fetchurl.nix @@ -1,4 +1,5 @@ -# this file was copied from https://github.com/NixOS/nix +# this file was copied from https://github.com/NixOS/nix and modified to +# add support for marking fetches as __impure derivations. { system ? "" # obsolete , url @@ -16,12 +17,12 @@ , name ? baseNameOf (toString url) }: -derivation { +derivation ({ builder = "builtin:fetchurl"; # New-style output content requirements. - inherit outputHashAlgo outputHash; outputHashMode = if unpack || executable then "recursive" else "flat"; + __impure = outputHash==""; inherit name url executable unpack; @@ -40,4 +41,4 @@ derivation { # To make "nix-prefetch-url" work. urls = [ url ]; -} +} // (if outputHash=="" then { } else { inherit outputHashAlgo outputHash; })) From 9d8b7b3e6133e6be6b6145d1532f281876ce67a4 Mon Sep 17 00:00:00 2001 From: Adam Joseph Date: Fri, 16 Sep 2022 00:05:55 -0700 Subject: [PATCH 05/15] fetchurl/boot.nix: accept postFetch parameter --- pkgs/build-support/fetchurl/boot.nix | 28 +++++++++++++++++++++++++--- pkgs/stdenv/darwin/default.nix | 2 ++ pkgs/stdenv/linux/default.nix | 2 ++ 3 files changed, 29 insertions(+), 3 deletions(-) diff --git a/pkgs/build-support/fetchurl/boot.nix b/pkgs/build-support/fetchurl/boot.nix index 5ca18a56eeb308c..c292a13cd5407dc 100644 --- a/pkgs/build-support/fetchurl/boot.nix +++ b/pkgs/build-support/fetchurl/boot.nix @@ -1,19 +1,23 @@ let mirrors = import ./mirrors.nix; in -{ system }: +{ system +, stdenv +, fetchurl }: { url ? builtins.head urls , urls ? [] , sha256 ? "" , hash ? "" , name ? baseNameOf (toString url) -}: +, postFetch ? null +}@args: # assert at most one hash is set assert hash != "" -> sha256 == ""; assert sha256 != "" -> hash == ""; -import { +if postFetch==null +then import ./nix-fetchurl.nix { inherit system hash sha256 name; url = @@ -23,3 +27,21 @@ import { if m == null then url else builtins.head (mirrors.${builtins.elemAt m 0}) + (builtins.elemAt m 1); } +else stdenv.mkDerivation { + inherit name; + srcs = [ ]; + unpackPhase = '' + runHook preUnpack + cp '${fetchurl (args // { postFetch=null; hash=""; sha256=""; })}' $out + chmod +w $out + runHook postUnpack + ''; + installPhase = '' + runHook preInstall + '' + postFetch + '' + runHook postInstall + ''; + outputHash = if hash != "" then hash else sha256; + outputHashAlgo = if hash != "" then "" else "sha256"; + outputHashMode = "flat"; +} diff --git a/pkgs/stdenv/darwin/default.nix b/pkgs/stdenv/darwin/default.nix index ff56f1de02261e6..f06e4c3f079316a 100644 --- a/pkgs/stdenv/darwin/default.nix +++ b/pkgs/stdenv/darwin/default.nix @@ -186,6 +186,8 @@ rec { fetchurlBoot = import ../../build-support/fetchurl { inherit lib; + inherit (prevStage) stdenv; + fetchurl = thisStdenv.fetchurlBoot; stdenvNoCC = stage0.stdenv; curl = bootstrapTools; }; diff --git a/pkgs/stdenv/linux/default.nix b/pkgs/stdenv/linux/default.nix index 6e61b6f12be114f..bfb0f59f70e19fa 100644 --- a/pkgs/stdenv/linux/default.nix +++ b/pkgs/stdenv/linux/default.nix @@ -104,6 +104,8 @@ let fetchurlBoot = import ../../build-support/fetchurl/boot.nix { inherit system; + inherit (prevStage) stdenv; + fetchurl = thisStdenv.fetchurlBoot; }; cc = if prevStage.gcc-unwrapped == null From 42e4382856c16dfd07359ed167f438a129e6bb1a Mon Sep 17 00:00:00 2001 From: Adam Joseph Date: Fri, 16 Sep 2022 00:10:03 -0700 Subject: [PATCH 06/15] stdenv/linux: use fetchpatch in stage0 --- pkgs/stdenv/linux/default.nix | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/pkgs/stdenv/linux/default.nix b/pkgs/stdenv/linux/default.nix index bfb0f59f70e19fa..feb7a01c97ab35d 100644 --- a/pkgs/stdenv/linux/default.nix +++ b/pkgs/stdenv/linux/default.nix @@ -190,6 +190,17 @@ in }; coreutils = bootstrapTools; gnugrep = bootstrapTools; + + fetchpatch = import ../../build-support/fetchpatch/default.nix { + inherit lib; + buildPackages.patchutils_0_3_3 = prevStage.patchutils_0_3_3.override { + forStdenvBootstrap = true; + # the parts of patchutils used by fetchpatch do not + # require perl, so we could eliminate this by patching + # patchutils' build scripts... + perl = bootstrapTools; + }; + }; }; }) From b4b5f50dfb1da8396940843b9c7be3590d1e2bee Mon Sep 17 00:00:00 2001 From: Adam Joseph Date: Fri, 16 Sep 2022 00:10:12 -0700 Subject: [PATCH 07/15] darwin/linux: use fetchpatch in stage0 --- pkgs/stdenv/darwin/default.nix | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/pkgs/stdenv/darwin/default.nix b/pkgs/stdenv/darwin/default.nix index f06e4c3f079316a..cdc4339a2655b98 100644 --- a/pkgs/stdenv/darwin/default.nix +++ b/pkgs/stdenv/darwin/default.nix @@ -210,6 +210,18 @@ rec { stage0 = stageFun 0 null { overrides = self: super: with stage0; { + + fetchpatch = import ../../build-support/fetchpatch/default.nix { + inherit lib; + buildPackages.patchutils_0_3_3 = prevStage.patchutils_0_3_3.override { + forStdenvBootstrap = true; + # the parts of patchutils used by fetchpatch do not + # require perl, so we could eliminate this by patching + # patchutils' build scripts... + perl = bootstrapTools; + }; + }; + coreutils = stdenv.mkDerivation { name = "bootstrap-stage0-coreutils"; buildCommand = '' From b69ff3449ea65a38cce869e6d3a4b2da64d21a9e Mon Sep 17 00:00:00 2001 From: Adam Joseph Date: Fri, 16 Sep 2022 00:11:19 -0700 Subject: [PATCH 08/15] binutils: add demo and regression test for stage0-fetchpatch --- .../tools/misc/binutils/default.nix | 20 +++++++++++++++++-- 1 file changed, 18 insertions(+), 2 deletions(-) diff --git a/pkgs/development/tools/misc/binutils/default.nix b/pkgs/development/tools/misc/binutils/default.nix index e5ecc365d48bf1a..e0941470d29da6e 100644 --- a/pkgs/development/tools/misc/binutils/default.nix +++ b/pkgs/development/tools/misc/binutils/default.nix @@ -9,6 +9,7 @@ in , buildPackages , fetchFromGitHub , fetchurl +, fetchpatch , flex , gettext , lib @@ -68,11 +69,26 @@ stdenv.mkDerivation { # Make binutils output deterministic by default. ./deterministic.patch - # Breaks nm BSD flag detection, heeds an upstream fix: # https://sourceware.org/PR29547 ./0001-Revert-libtool.m4-fix-the-NM-nm-over-here-B-option-w.patch - ./0001-Revert-libtool.m4-fix-nm-BSD-flag-detection.patch + + # If the following patch is ever dropped, please ensure that at + # least one other patch in binutils uses `fetchpatch`, and move + # this comment to that patch. Having a `fetchpatch` in binutils + # serves as a regression test to ensure that there are no + # dependency cycles preventing it from being used in even the + # earliest stages of stdenv bootstrapping. + (fetchpatch { + # Breaks nm BSD flag detection + name = "0001-Revert-libtool.m4-fix-nm-BSD-flag-detection.patch"; + url = "https://sourceware.org/git/?p=binutils-gdb.git;a=patch;h=bef9ef8ca0f941d743c77cc55b5fe7985990b2a7"; + revert = true; + excludes = [ "ChangeLog" ]; + #hash = "sha256-VQyyPmY1P9NT7PYwu0vqocWmQGSyt45tADe6ecTc8fk="; + hash = "sha256-FcTkFK9FfbgDR6iS+H6w7KRpPo/mFJ+0u7v5EvIlecQ="; + }) + #./0001-Revert-libtool.m4-fix-nm-BSD-flag-detection.patch # Required for newer macos versions ./0001-libtool.m4-update-macos-version-detection-block.patch From 30a099f3628b711b734ef9f18cab264061530b74 Mon Sep 17 00:00:00 2001 From: Adam Joseph Date: Fri, 16 Sep 2022 00:54:35 -0700 Subject: [PATCH 09/15] fetchurl: drop vendored fetchurl.nix This commit assumes that https://github.com/NixOS/nix/pull/7052 merges. If it has not yet merged and you did not cherry-pick it into your copy of Nix, revert this commit before testing. --- pkgs/build-support/fetchurl/boot.nix | 7 ++-- pkgs/build-support/fetchurl/nix-fetchurl.nix | 44 -------------------- 2 files changed, 4 insertions(+), 47 deletions(-) delete mode 100644 pkgs/build-support/fetchurl/nix-fetchurl.nix diff --git a/pkgs/build-support/fetchurl/boot.nix b/pkgs/build-support/fetchurl/boot.nix index c292a13cd5407dc..a70dbe4204c470b 100644 --- a/pkgs/build-support/fetchurl/boot.nix +++ b/pkgs/build-support/fetchurl/boot.nix @@ -9,6 +9,7 @@ let mirrors = import ./mirrors.nix; in , sha256 ? "" , hash ? "" , name ? baseNameOf (toString url) +, __impure ? false , postFetch ? null }@args: @@ -17,8 +18,8 @@ assert hash != "" -> sha256 == ""; assert sha256 != "" -> hash == ""; if postFetch==null -then import ./nix-fetchurl.nix { - inherit system hash sha256 name; +then import { + inherit system hash sha256 name __impure; url = # Handle mirror:// URIs. Since currently @@ -32,7 +33,7 @@ else stdenv.mkDerivation { srcs = [ ]; unpackPhase = '' runHook preUnpack - cp '${fetchurl (args // { postFetch=null; hash=""; sha256=""; })}' $out + cp '${fetchurl (args // { postFetch=null; hash=""; sha256=""; __impure=true; })}' $out chmod +w $out runHook postUnpack ''; diff --git a/pkgs/build-support/fetchurl/nix-fetchurl.nix b/pkgs/build-support/fetchurl/nix-fetchurl.nix deleted file mode 100644 index 5d64c277326c5d0..000000000000000 --- a/pkgs/build-support/fetchurl/nix-fetchurl.nix +++ /dev/null @@ -1,44 +0,0 @@ -# this file was copied from https://github.com/NixOS/nix and modified to -# add support for marking fetches as __impure derivations. - -{ system ? "" # obsolete -, url -, hash ? "" # an SRI hash - -# Legacy hash specification -, md5 ? "", sha1 ? "", sha256 ? "", sha512 ? "" -, outputHash ? - if hash != "" then hash else if sha512 != "" then sha512 else if sha1 != "" then sha1 else if md5 != "" then md5 else sha256 -, outputHashAlgo ? - if hash != "" then "" else if sha512 != "" then "sha512" else if sha1 != "" then "sha1" else if md5 != "" then "md5" else "sha256" - -, executable ? false -, unpack ? false -, name ? baseNameOf (toString url) -}: - -derivation ({ - builder = "builtin:fetchurl"; - - # New-style output content requirements. - outputHashMode = if unpack || executable then "recursive" else "flat"; - __impure = outputHash==""; - - inherit name url executable unpack; - - system = "builtin"; - - # No need to double the amount of network traffic - preferLocalBuild = true; - - impureEnvVars = [ - # We borrow these environment variables from the caller to allow - # easy proxy configuration. This is impure, but a fixed-output - # derivation like fetchurl is allowed to do so since its result is - # by definition pure. - "http_proxy" "https_proxy" "ftp_proxy" "all_proxy" "no_proxy" - ]; - - # To make "nix-prefetch-url" work. - urls = [ url ]; -} // (if outputHash=="" then { } else { inherit outputHashAlgo outputHash; })) From 0049f3168ac6ece15eba8f5cf980f0bd92266fc5 Mon Sep 17 00:00:00 2001 From: Adam Joseph <54836058+amjoseph-nixpkgs@users.noreply.github.com> Date: Fri, 16 Sep 2022 17:47:26 +0000 Subject: [PATCH 10/15] Update pkgs/development/tools/misc/binutils/default.nix Co-authored-by: Sandro --- pkgs/development/tools/misc/binutils/default.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/pkgs/development/tools/misc/binutils/default.nix b/pkgs/development/tools/misc/binutils/default.nix index e0941470d29da6e..bc9d617f816b846 100644 --- a/pkgs/development/tools/misc/binutils/default.nix +++ b/pkgs/development/tools/misc/binutils/default.nix @@ -85,7 +85,6 @@ stdenv.mkDerivation { url = "https://sourceware.org/git/?p=binutils-gdb.git;a=patch;h=bef9ef8ca0f941d743c77cc55b5fe7985990b2a7"; revert = true; excludes = [ "ChangeLog" ]; - #hash = "sha256-VQyyPmY1P9NT7PYwu0vqocWmQGSyt45tADe6ecTc8fk="; hash = "sha256-FcTkFK9FfbgDR6iS+H6w7KRpPo/mFJ+0u7v5EvIlecQ="; }) #./0001-Revert-libtool.m4-fix-nm-BSD-flag-detection.patch From c90d17429e0203c8d308a0ec4d7a28d9370fe056 Mon Sep 17 00:00:00 2001 From: Adam Joseph <54836058+amjoseph-nixpkgs@users.noreply.github.com> Date: Fri, 16 Sep 2022 17:47:31 +0000 Subject: [PATCH 11/15] Update pkgs/development/tools/misc/binutils/default.nix Co-authored-by: Sandro --- pkgs/development/tools/misc/binutils/default.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/pkgs/development/tools/misc/binutils/default.nix b/pkgs/development/tools/misc/binutils/default.nix index bc9d617f816b846..3e6938dbaebd1cf 100644 --- a/pkgs/development/tools/misc/binutils/default.nix +++ b/pkgs/development/tools/misc/binutils/default.nix @@ -87,7 +87,6 @@ stdenv.mkDerivation { excludes = [ "ChangeLog" ]; hash = "sha256-FcTkFK9FfbgDR6iS+H6w7KRpPo/mFJ+0u7v5EvIlecQ="; }) - #./0001-Revert-libtool.m4-fix-nm-BSD-flag-detection.patch # Required for newer macos versions ./0001-libtool.m4-update-macos-version-detection-block.patch From 5af5661a3a99a9f54b2bd81678561c1cbbf2a622 Mon Sep 17 00:00:00 2001 From: Adam Joseph <54836058+amjoseph-nixpkgs@users.noreply.github.com> Date: Fri, 16 Sep 2022 17:47:38 +0000 Subject: [PATCH 12/15] Update pkgs/development/tools/misc/binutils/default.nix Co-authored-by: Sandro --- pkgs/development/tools/misc/binutils/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/pkgs/development/tools/misc/binutils/default.nix b/pkgs/development/tools/misc/binutils/default.nix index 3e6938dbaebd1cf..7579eec5769e5e3 100644 --- a/pkgs/development/tools/misc/binutils/default.nix +++ b/pkgs/development/tools/misc/binutils/default.nix @@ -79,6 +79,7 @@ stdenv.mkDerivation { # serves as a regression test to ensure that there are no # dependency cycles preventing it from being used in even the # earliest stages of stdenv bootstrapping. + #./0001-Revert-libtool.m4-fix-nm-BSD-flag-detection.patch (fetchpatch { # Breaks nm BSD flag detection name = "0001-Revert-libtool.m4-fix-nm-BSD-flag-detection.patch"; From 64dc3d007a3ae7c4fb86f44e615b83ef6750e58b Mon Sep 17 00:00:00 2001 From: Adam Joseph <54836058+amjoseph-nixpkgs@users.noreply.github.com> Date: Fri, 16 Sep 2022 17:47:43 +0000 Subject: [PATCH 13/15] Update pkgs/build-support/fetchurl/boot.nix Co-authored-by: Sandro --- pkgs/build-support/fetchurl/boot.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/build-support/fetchurl/boot.nix b/pkgs/build-support/fetchurl/boot.nix index a70dbe4204c470b..4853a20e34afc00 100644 --- a/pkgs/build-support/fetchurl/boot.nix +++ b/pkgs/build-support/fetchurl/boot.nix @@ -33,7 +33,7 @@ else stdenv.mkDerivation { srcs = [ ]; unpackPhase = '' runHook preUnpack - cp '${fetchurl (args // { postFetch=null; hash=""; sha256=""; __impure=true; })}' $out + cp '${fetchurl (args // { postFetch = null; hash = ""; sha256 = ""; __impure=true; })}' $out chmod +w $out runHook postUnpack ''; From 54ec6c5a03ca31ecb10ad63c8f94fe1b1b8667dc Mon Sep 17 00:00:00 2001 From: Adam Joseph Date: Fri, 16 Sep 2022 10:50:00 -0700 Subject: [PATCH 14/15] Revert "fetchurl: drop vendored fetchurl.nix" This reverts commit 30a099f3628b711b734ef9f18cab264061530b74. --- pkgs/build-support/fetchurl/boot.nix | 7 ++-- pkgs/build-support/fetchurl/nix-fetchurl.nix | 44 ++++++++++++++++++++ 2 files changed, 47 insertions(+), 4 deletions(-) create mode 100644 pkgs/build-support/fetchurl/nix-fetchurl.nix diff --git a/pkgs/build-support/fetchurl/boot.nix b/pkgs/build-support/fetchurl/boot.nix index 4853a20e34afc00..57b2f77fd38af9a 100644 --- a/pkgs/build-support/fetchurl/boot.nix +++ b/pkgs/build-support/fetchurl/boot.nix @@ -9,7 +9,6 @@ let mirrors = import ./mirrors.nix; in , sha256 ? "" , hash ? "" , name ? baseNameOf (toString url) -, __impure ? false , postFetch ? null }@args: @@ -18,8 +17,8 @@ assert hash != "" -> sha256 == ""; assert sha256 != "" -> hash == ""; if postFetch==null -then import { - inherit system hash sha256 name __impure; +then import ./nix-fetchurl.nix { + inherit system hash sha256 name; url = # Handle mirror:// URIs. Since currently @@ -33,7 +32,7 @@ else stdenv.mkDerivation { srcs = [ ]; unpackPhase = '' runHook preUnpack - cp '${fetchurl (args // { postFetch = null; hash = ""; sha256 = ""; __impure=true; })}' $out + cp '${fetchurl (args // { postFetch = null; hash = ""; sha256 = ""; })}' $out chmod +w $out runHook postUnpack ''; diff --git a/pkgs/build-support/fetchurl/nix-fetchurl.nix b/pkgs/build-support/fetchurl/nix-fetchurl.nix new file mode 100644 index 000000000000000..5d64c277326c5d0 --- /dev/null +++ b/pkgs/build-support/fetchurl/nix-fetchurl.nix @@ -0,0 +1,44 @@ +# this file was copied from https://github.com/NixOS/nix and modified to +# add support for marking fetches as __impure derivations. + +{ system ? "" # obsolete +, url +, hash ? "" # an SRI hash + +# Legacy hash specification +, md5 ? "", sha1 ? "", sha256 ? "", sha512 ? "" +, outputHash ? + if hash != "" then hash else if sha512 != "" then sha512 else if sha1 != "" then sha1 else if md5 != "" then md5 else sha256 +, outputHashAlgo ? + if hash != "" then "" else if sha512 != "" then "sha512" else if sha1 != "" then "sha1" else if md5 != "" then "md5" else "sha256" + +, executable ? false +, unpack ? false +, name ? baseNameOf (toString url) +}: + +derivation ({ + builder = "builtin:fetchurl"; + + # New-style output content requirements. + outputHashMode = if unpack || executable then "recursive" else "flat"; + __impure = outputHash==""; + + inherit name url executable unpack; + + system = "builtin"; + + # No need to double the amount of network traffic + preferLocalBuild = true; + + impureEnvVars = [ + # We borrow these environment variables from the caller to allow + # easy proxy configuration. This is impure, but a fixed-output + # derivation like fetchurl is allowed to do so since its result is + # by definition pure. + "http_proxy" "https_proxy" "ftp_proxy" "all_proxy" "no_proxy" + ]; + + # To make "nix-prefetch-url" work. + urls = [ url ]; +} // (if outputHash=="" then { } else { inherit outputHashAlgo outputHash; })) From 34f871a527b67ff777a5abb99cda2ee2955de133 Mon Sep 17 00:00:00 2001 From: Adam Joseph Date: Fri, 16 Sep 2022 11:00:34 -0700 Subject: [PATCH 15/15] fetchurl/boot.nix: signal using `impure` rather than `outputHash=""` The method for signaling that `__impure` is desired went through a few minor revisions between this PR being filed and https://github.com/NixOS/nix/pull/7052 being merged. This commit accounts for those changes so the "pre-Nix-2.12 emulation" uses the same interface that Nix 2.12 will use. See also: https://github.com/NixOS/nix/pull/7052#discussion_r972785014 --- pkgs/build-support/fetchurl/boot.nix | 4 +++- pkgs/build-support/fetchurl/nix-fetchurl.nix | 4 ++-- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/pkgs/build-support/fetchurl/boot.nix b/pkgs/build-support/fetchurl/boot.nix index 57b2f77fd38af9a..718e0f164b867b3 100644 --- a/pkgs/build-support/fetchurl/boot.nix +++ b/pkgs/build-support/fetchurl/boot.nix @@ -10,6 +10,7 @@ let mirrors = import ./mirrors.nix; in , hash ? "" , name ? baseNameOf (toString url) , postFetch ? null +, impure ? false }@args: # assert at most one hash is set @@ -19,6 +20,7 @@ assert sha256 != "" -> hash == ""; if postFetch==null then import ./nix-fetchurl.nix { inherit system hash sha256 name; + inherit impure; url = # Handle mirror:// URIs. Since currently @@ -32,7 +34,7 @@ else stdenv.mkDerivation { srcs = [ ]; unpackPhase = '' runHook preUnpack - cp '${fetchurl (args // { postFetch = null; hash = ""; sha256 = ""; })}' $out + cp '${fetchurl (args // { postFetch = null; impure = true; hash = ""; sha256 = ""; })}' $out chmod +w $out runHook postUnpack ''; diff --git a/pkgs/build-support/fetchurl/nix-fetchurl.nix b/pkgs/build-support/fetchurl/nix-fetchurl.nix index 5d64c277326c5d0..ea1a7a402fc3e95 100644 --- a/pkgs/build-support/fetchurl/nix-fetchurl.nix +++ b/pkgs/build-support/fetchurl/nix-fetchurl.nix @@ -15,6 +15,7 @@ , executable ? false , unpack ? false , name ? baseNameOf (toString url) +, impure ? false }: derivation ({ @@ -22,7 +23,6 @@ derivation ({ # New-style output content requirements. outputHashMode = if unpack || executable then "recursive" else "flat"; - __impure = outputHash==""; inherit name url executable unpack; @@ -41,4 +41,4 @@ derivation ({ # To make "nix-prefetch-url" work. urls = [ url ]; -} // (if outputHash=="" then { } else { inherit outputHashAlgo outputHash; })) +} // (if impure then { __impure = true; } else { inherit outputHashAlgo outputHash; }))