Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

dbeaver: 6.2.2 -> 6.2.3 #71512

Merged
merged 1 commit into from Oct 21, 2019
Merged

dbeaver: 6.2.2 -> 6.2.3 #71512

merged 1 commit into from Oct 21, 2019

Conversation

jojosch
Copy link
Member

@jojosch jojosch commented Oct 21, 2019

Motivation for this change

https://dbeaver.io/2019/10/21/dbeaver-6-2-3/

Things done
  • Tested using sandboxing (nix.useSandbox on NixOS, or option sandbox in nix.conf on non-NixOS)
  • Built on platform(s)
    • NixOS
    • macOS
    • other Linux distributions
  • Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
  • Tested compilation of all pkgs that depend on this change using nix-shell -p nix-review --run "nix-review wip"
  • Tested execution of all binary files (usually in ./result/bin/)
  • Determined the impact on package closure size (by running nix path-info -S before and after)
/nix/store/hlizapvmh2kp5d4h60qil1gpm0fcjr0n-dbeaver-ce-6.2.2	 1167844744
/nix/store/8rl1yhf2fw80vp5miizjx8grn1rvl5ya-dbeaver-ce-6.2.3	 1167811072
Notify maintainers

cc @

@FRidh FRidh merged commit 45ffe82 into NixOS:master Oct 21, 2019
@jojosch jojosch deleted the dbeaver_6.2.3 branch October 21, 2019 16:43
@helinko
Copy link
Contributor

helinko commented Oct 28, 2019
edited

Has the binary changed after this? I'm getting a hash mismatch on nixos-unstable:

hash mismatch in fixed-output derivation '/nix/store/5fpygq6z6nlwn16icsdir50acbp2nx3d-dbeaver-ce-6.2.3-linux.gtk.x86_64.tar.gz':
  wanted: sha256:1v4sllzvaz4fj8s14ddzw11wczlghbdppv8fl5jg6xglg687sgaj
  got:    sha256:0kkfk7j5dqmwzal64qhk8m2qf6cw6xqgqx1s8v2kx0500lw9d39l
cannot build derivation '/nix/store/5yyzl2kb2s92c6b19ngphwkj3dfjm6b6-dbeaver-ce-6.2.3.drv': 1 dependencies couldn't be built

@jojosch
Copy link
Member Author

jojosch commented Oct 28, 2019

hmm, the checksum has indeed changed. But only on the file hosted on https://dbeaver.io/files/6.2.3/ (the asset of the GitHub Release https://github.com/dbeaver/dbeaver/releases/tag/6.2.3 still matches the expected checksum).

~ nix-prefetch-url https://dbeaver.io/files/6.2.3/dbeaver-ce-6.2.3-linux.gtk.x86_64.tar.gz
[52.9 MiB DL]
path is '/nix/store/5fpygq6z6nlwn16icsdir50acbp2nx3d-dbeaver-ce-6.2.3-linux.gtk.x86_64.tar.gz'
0kkfk7j5dqmwzal64qhk8m2qf6cw6xqgqx1s8v2kx0500lw9d39l
~ nix-prefetch-url https://github.com/dbeaver/dbeaver/releases/download/6.2.3/dbeaver-ce-6.2.3-linux.gtk.x86_64.tar.gz
[52.9 MiB DL]
path is '/nix/store/rx6ibc9kai15mmmsv34djgrshgwpk518-dbeaver-ce-6.2.3-linux.gtk.x86_64.tar.gz'
1v4sllzvaz4fj8s14ddzw11wczlghbdppv8fl5jg6xglg687sgaj

When checking the expected checksum from https://dbeaver.io/files/6.2.3/checksum/ the "new" checksum seems to be the "correct" one ...

~ sha256sum *dbeaver*.tar.gz
348d963805a0803ec5463a74fc70379c19874545136262a8fabce256e4996e4e  dbeaver_io_dbeaver-ce-6.2.3-linux.gtk.x86_64.tar.gz
523d7d9079f475f364a10eed7bdb828f7ec643e0bf351234928e7cb53fa59aec  github_dbeaver-ce-6.2.3-linux.gtk.x86_64.tar.gz
~ cat dbeaver-ce-6.2.3-linux.gtk.x86_64.tar.gz.sha256
348d963805a0803ec5463a74fc70379c19874545136262a8fabce256e4996e4e

When comparing the contents of the two archives some of the bundled dependencies have been updated/changed.

@jojosch jojosch mentioned this pull request Oct 28, 2019
Closed
@jonringer
Copy link
Contributor

I would take the original release from github, if they really did need to patch something, then they should release another patch version.

@jojosch jojosch mentioned this pull request Oct 30, 2019
Closed
10 tasks
@c0bw3b
Copy link
Contributor

c0bw3b commented Oct 31, 2019

When comparing the contents of the two archives some of the bundled dependencies have been updated/changed.

If their server got breached and someone was trying to spread a malicious piece of code embedded in legitimate software, it would look exactly like this. 😈

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
10.rebuild-darwin: 0 10.rebuild-linux: 1-10 11.by: package-maintainer
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@jojosch @helinko @jonringer @c0bw3b @FRidh