fetchpatch: allow empty hash

Previously, when sha256 either wasn't defined or set to an empty string fetchpatch would error out as follows: ''' warning: found empty hash, assuming 'sha256-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=' ... /nix/store/agwlk2bcfvz2ggrsbvwd7696qj55frbi-stdenv-linux/setup: line 96: /build/: Is a directory sed: couldn't flush stdout: Broken pipe ''' This patch makes it show fetchurl's error message instead: ''' warning: found empty hash, assuming 'sha256-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=' ... error: hash mismatch in fixed-output derivation: specified: sha256-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA= got: sha256-NWGWoyEgT/ztCwbhNgGPvG+nqX4bxtFnD+wds6fklbs= ''' This is very convenient for TOFU. Co-Authored-By: Ivar Scholten <ivar.scholten@protonmail.com>
2024-11-10 08:39:08 +03:00 · 2021-05-11 13:50:02 +07:00 · 2021-05-11 13:50:02 +07:00 · dfcc51def7
commit dfcc51def7
parent 02420e0ca6
1 changed files with 1 additions and 5 deletions
--- a/pkgs/build-support/fetchpatch/default.nix
+++ b/pkgs/build-support/fetchpatch/default.nix
@ -11,13 +11,9 @@ let
 in
 { stripLen ? 0, extraPrefix ? null, excludes ? [], includes ? [], revert ? false, ... }@args:

-let
-  # Make base-64 encoded SRI hash filename-safe using RFC 4648 §5
-  tmpname = lib.replaceStrings [ "+" "/" "=" ] [ "-" "_" "" ] args.sha256;
-in
 fetchurl ({
  postFetch = ''
-    tmpfile="$TMPDIR/${tmpname}"
+    tmpfile="$TMPDIR/patch"
    if [ ! -s "$out" ]; then
      echo "error: Fetched patch file '$out' is empty!" 1>&2
      exit 1