Closed milahu closed 2 years ago
trace
githubSourceHashMap is empty, so sourceHashFunc
returns null, so hash
is null in buildTgzFromGitHub
buildTgzFromGitHub = { name, org, repo, rev, ref, hash ? null }:
let
src =
if hash != null then
fetchFromGitHub
{
owner = org;
inherit repo;
inherit rev;
sha256 = hash; # FIXME: what if sha3?
} else
fetchGitWrapped {
url = "https://github.com/${org}/${repo}";
inherit rev ref;
allRefs = true;
};
... which is a variant of https://discourse.nixos.org/t/nix-sha256-is-bug-not-feature-solution-a-global-cas-filesystem/15791 → fetchGit should be able to verify the files by the git commit hash, and not require a (redundant) sha256 hash
→ closing as wontfix / out of scope
actual
expected
the actual call is produced by
npmlock2nix
from this package-lock.json