libarchive: Don't use github for patches#1983
Closed
wkennington wants to merge 1 commit intoNixOS:masterfrom
Closed
libarchive: Don't use github for patches#1983wkennington wants to merge 1 commit intoNixOS:masterfrom
wkennington wants to merge 1 commit intoNixOS:masterfrom
Conversation
Member
|
Oh, I did this mistake again. Some time ago I resolved to use github's *.diff instead of *.patch for this purpose, as the format seems deterministic. In general, do you (anyone) think it's better to fetch patches or to include them in nixpkgs? |
Contributor
Author
|
Actually, I like the idea of hosting the patches outside of the nixpkgs repo since internal hosting pollutes the repo once the patches are no longer used. I suppose it would be nice to use the *.diff as long as it is deterministic. |
Member
|
Ah, I thought the issue is familiar e2a3fa7 :-D I didn't push it into master at that time, as Hydra has stuff cached and this would make it rebuild (and it was quite overloaded at that time). |
Member
|
So far it looks deterministic, but who knows how it will be in future. For example from cgit I've been unable to get any deterministic patches/diffs, only with cgit version pasted at the end. |
Github dynamically generates patches in the git format-patch style each time they are requested. This is problematic because the version string at the bottom of the patch will change as github updates their version of git, causing a sha256 hash mismatch. This patch adds the CVE-2013-0211 patch to the git repo directly.
vcunat
added a commit
to vcunat/nixpkgs
that referenced
this pull request
May 8, 2014
Applied to github and cgit -looking URLs by default, as the changes are likely to change the patches within a few months. For example see NixOS#1983 and http://comments.gmane.org/gmane.linux.distributions.nixos/12815 Now I'm getting the same sha256 for github's *.diff and *.patch :-)
vcunat
added a commit
to vcunat/nixpkgs
that referenced
this pull request
May 12, 2014
Some parts of generated patches change from time to time, e.g. see NixOS#1983 and http://comments.gmane.org/gmane.linux.distributions.nixos/12815 Using fetchpatch should prevent the hash from changing.
vcunat
added a commit
that referenced
this pull request
May 17, 2014
fetchpatch is fetchurl that determinizes the patch. Some parts of generated patches change from time to time, e.g. see #1983 and http://comments.gmane.org/gmane.linux.distributions.nixos/12815 Using fetchpatch should prevent the hash from changing. Conflicts (auto-solved): pkgs/development/libraries/haskell/gitit/default.nix
vcunat
added a commit
that referenced
this pull request
May 24, 2014
fetchpatch is fetchurl that determinizes the patch. Some parts of generated patches change from time to time, e.g. see #1983 and http://comments.gmane.org/gmane.linux.distributions.nixos/12815 Using fetchpatch should prevent the hash from changing. (cherry picked from commit 137eae0) Conflicts (simple, patchutils version from master): pkgs/development/libraries/haskell/gitit/default.nix pkgs/tools/text/patchutils/default.nix
adrianpk
added a commit
to adrianpk/nixpkgs
that referenced
this pull request
May 31, 2024
fetchpatch is fetchurl that determinizes the patch. Some parts of generated patches change from time to time, e.g. see NixOS#1983 and http://comments.gmane.org/gmane.linux.distributions.nixos/12815 Using fetchpatch should prevent the hash from changing. (cherry picked from commit 137eae0) Conflicts (simple, patchutils version from master): pkgs/development/libraries/haskell/gitit/default.nix pkgs/tools/text/patchutils/default.nix
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Github dynamically generates patches in the git format-patch style each
time they are requested. This is problematic because the version string
at the bottom of the patch will change as github updates their version
of git, causing a sha256 hash mismatch.
This patch adds the CVE-2013-0211 patch to the git repo directly.