verifyFileAuthenticity now asserts that the checksums it’s verifying really contain the file to be verified. Also, it now accepts SHA-256 hashes of the checksum files themselves, so that after storing the result of an impurely evaluated versionInfo call, one can build firefoxVersion in pure evaluation mode. This is necessary for flake-firefox-nightly:
verifyFileAuthenticity
now asserts that the checksums it’s verifying really contain the file to be verified. Also, it now accepts SHA-256 hashes of the checksum files themselves, so that after storing the result of an impurely evaluatedversionInfo
call, one can buildfirefoxVersion
in pure evaluation mode. This is necessary for flake-firefox-nightly: