search

nmattia / niv

Easy dependency management for Nix projects
https://github.com/nmattia/niv
MIT License
1.55k stars 77 forks source link

"niv add" does not follow redirects #291

Closed BrianHicks closed 3 years ago

BrianHicks commented 3 years ago

I'm running this command in Niv 0.2.18:

niv add geckodriver-darwin -t 'https://github.com/mozilla/geckodriver/releases/download/<version>/geckodriver-<version>-macos.tar.gz' -v 'v0.26.0'

The response from GitHub is a 302 pointing to a S3 bucket with the actual release file, but it seems like niv is hashing the HTML response instead of the .tar.gz after the redirect.

nmattia commented 3 years ago

Hi, what makes you think it hashes the HTML response? I get the following locally:

# adding geckodriver
~/niv$ niv add geckodriver -t https://github.com/mozilla/geckodriver/releases/download/v0.26.0/geckodriver-v0.26.0-macos.tar.gz
Adding package geckodriver
  Writing new sources file
Done: Adding package geckodriver
# checking the sha256, 1s91y...
~/niv$ niv show geckodriver
geckodriver
  url: https://github.com/mozilla/geckodriver/releases/download/v0.26.0/geckodriver-v0.26.0-macos.tar.gz
  url_template: https://github.com/mozilla/geckodriver/releases/download/v0.26.0/geckodriver-v0.26.0-macos.tar.gz
  type: tarball
  sha256: 1s91y0ca24y0ybzcg29haz8lhx7lrg7xqiz76v5f5avfa72ra7qw
# calling nix-prefetch-url, as we can see it's the same hash (1s91y...)
~/niv$ nix-prefetch-url --print-path --unpack https://github.com/mozilla/geckodriver/releases/download/v0.26.0/geckodriver-v0.26.0-macos.tar.gz
unpacking...
[1.9 MiB DL]
1s91y0ca24y0ybzcg29haz8lhx7lrg7xqiz76v5f5avfa72ra7qw
/nix/store/4ck13xdf2fkdhh5a8mz0833fvdykc8n1-geckodriver-v0.26.0-macos.tar.gz
# turns out the unpacked archive is an exe, which we can run (I'm assuming that's geckodriver)
~/niv$ /nix/store/4ck13xdf2fkdhh5a8mz0833fvdykc8n1-geckodriver-v0.26.0-macos.tar.gz --help
geckodriver 0.26.0 (e9783a644016 2019-10-10 13:38 +0000)
WebDriver implementation for Firefox

USAGE:
    4ck13xdf2fkdhh5a8mz0833fvdykc8n1-geckodriver-v0.26.0-macos.tar.gz [FLAGS] [OPTIONS]

FLAGS:
        --connect-existing    Connect to an existing Firefox instance
    -h, --help                Prints this message
        --jsdebugger          Attach browser toolbox debugger for Firefox
    -v                        Log level verbosity (-v for debug and -vv for trace level)
    -V, --version             Prints version and copying information

OPTIONS:
    -b, --binary <BINARY>           Path to the Firefox binary
        --log <LEVEL>               Set Gecko log level [possible values: fatal, error, warn, info, config, debug, trace]
        --marionette-host <HOST>    Host to use to connect to Gecko [default: 127.0.0.1]
        --marionette-port <PORT>    Port to use to connect to Gecko [default: system-allocated port]
        --host <HOST>               Host IP to use for WebDriver server [default: 127.0.0.1]
    -p, --port <PORT>               Port to use for WebDriver server [default: 4444]
~/niv$ niv --version
0.2.18

I double checked, and curling the URL does return a 302, but it looks like nix-prefetch-url/niv does follow it. What did you try that made you think it's hashing the response, and what's the version of nix-prefetch-url?

BrianHicks commented 3 years ago

ahhhhhh, I think I see what happened—I saw that there was a redirect and assumed the HTML there was being hashed. That was a bad assumption on my part, sorry!

After seeing the output of your commands, I dug a little deeper, and it turns out that this is happening because of the strange filename of the executable. Since it's not a real .tar.gz, the hash needs to be 0iqr4v… instead of 1s91y0… where I'm using it. Switching the type to "file" and asking Niv to recalculate the hash got around it.

So thank you for shedding some light here, and for the excellent tool. 👍 This was the last of our big ol' list of dependencies, so now we're 100% on Niv for managing things in our monorepo!