In combination with lazy-trees, this reduces the disk space required for flakes (e.g. different revisions of nixpkgs) by a lot.
We have two kinds of tree hashes:
- tree hashes from git commits, which do not correspond to fetched trees in general
- tree hashes from file system objects returned by fetchTree
Which one is this, and what is the purpose of exposing it to the expression language?
### Packages from unknown registries
js2nix relies on the tarball URLs in the `yarn.lock` file being able to contain a SHA1 sum of the tarball content in the URL fragment. That is the case for `registry.yarnpkg.com` and `registry.npmjs.org` hosts, but not for other registries. In an average `yarn.lock` file, the majority of the URLs will point to those first two registries. However, for example, if a dependency is defined as a direct Github one:
```json
{
"dependencies": {
"chimp": "hacker/chimp#dfa9125b498297f848e6a5f9eabbf55bf3eb1318"
}
}
```
yarn won't provide a SHA1 sum for that URL, which makes it impossible to construct a Nix expression for that package since Nix requires SHA sums because of reproducibility. Similar to the local packages approach, js2nix doesn't make assumptions here and doesn't fetch these packages internally and infer such SHAs somehow. Rather, it relies on the user to provide such SHAs.
git already is a content-addressed store so for fixed output derivations in nix, there should be an
outputHashAlgo = "git"https://github.com/NixOS/rfcs/pull/133
https://discourse.nixos.org/t/nix-sha256-is-bug-not-feature-solution-a-global-cas-filesystem/15791
https://github.com/NixOS/nix/pull/10068
https://github.com/NixOS/nix/pull/10344
https://discourse.nixos.org/t/2024-03-25-nix-team-meeting-minutes-133/42167
https://github.com/NixOS/nix/pull/9485
https://github.com/NixOS/nix/pull/8918
https://github.com/canva-public/js2nix/blob/main/docs/implementation_details.md