New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
eid-mw: 4.4.16 -> 4.4.27 #92252
eid-mw: 4.4.16 -> 4.4.27 #92252
Conversation
src = fetchFromGitHub { | ||
sha256 = "1q82fw63xzrnrgh1wyh457hal6vfdl6swqfq7l6kviywiwlzx7kd"; | ||
rev = "v${version}"; | ||
repo = "eid-mw"; | ||
owner = "Fedict"; | ||
src = fetchurl { | ||
url = "https://dist.eid.belgium.be/continuous/sources/eid-mw-${version}-v${version}.tar.gz"; | ||
sha256 = "02dbwgnkzpxkc4avs7zcrrwbjn2v59g5ffpb6vcfi80ybimw9hm6"; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why is this moving away from GitHub, since it seems to have this version?
https://github.com/Fedict/eid-mw/releases/tag/v4.4.27
Also, it already seems to have a newer release?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
dist.eid.belgium.be/
is the official release channel, where the releases are also signed. It seemed more appropriate to me. The 5.x releases seem to be unstable releases: they aren't mentioned on https://eid.belgium.be/en and in https://dist.eid.belgium.be/continuous/sources they have a commit hash in the released tarballs. They also failed to build. The AUR also has the same version: https://aur.archlinux.org/packages/eid-mw/ (they also use the official release channel there).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
dist.eid.belgium.be/
is the official release channel, where the releases are also signed. It seemed more appropriate to me.
I see, thanks! For now it would probably be be better to continue using GitHub as an upstream until something like #43233 lands. Someone might forget to GPG-verify the source tarball on version bumps. Until then GitHub gives better accountability (easy to get diffs). For 4.4.27 it doesn't matter anyway, because the git tag is signed by one of the developers.
The 5.x releases seem to be unstable releases: they aren't mentioned on https://eid.belgium.be/en and in https://dist.eid.belgium.be/continuous/sources they have a commit hash in the released tarballs.
Ok, so then we should use 4.4.27.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sure, I'll edit it later tonight.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you for contributing to nixpkgs 👍 . Could you change the src
attribute to use fetchFromGitHub
again? I also added another suggestion to replace a use of sed
by substituteInPlace
.
buildInputs = [ gtk3 pcsclite libxml2 libproxy curl openssl ]; | ||
preConfigure = '' | ||
mkdir openssl | ||
ln -s ${openssl.out}/lib openssl | ||
ln -s ${openssl.bin}/bin openssl | ||
ln -s ${openssl.dev}/include openssl | ||
export SSL_PREFIX=$(realpath openssl) | ||
sed -i "s%c_rehash%openssl rehash%g" plugins_tools/eid-viewer/Makefile.in |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
For simple substitutions that do not rely on regular expressions, substituteInPlace
is more canonical:
sed -i "s%c_rehash%openssl rehash%g" plugins_tools/eid-viewer/Makefile.in | |
substituteInPlace plugins_tools/eid-viewer/Makefile.in \ | |
--replace "c_rehash" "openssl rehash" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM. Thanks a lot!
Result of nixpkgs-review pr 92252
1
1 package built:
- eid-mw
Tested running the application in a sandbox: ✔️
Motivation for this change
Version bump.
Things done
sandbox
innix.conf
on non-NixOS linux)nix-shell -p nixpkgs-review --run "nixpkgs-review wip"
./result/bin/
)nix path-info -S
before and after)