New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
treewide: http -> https sources #42676
Conversation
This updates the source urls of all top-level packages from http to https where possible.
@@ -6,7 +6,7 @@ stdenv.mkDerivation rec { | |||
name = "buildtorrent-${version}"; | |||
|
|||
src = fetchurl { | |||
url = "http://mathr.co.uk/blog/code/${name}.tar.gz"; | |||
url = "http://mathr.https://mathr.co.uk/blog/code/z";.tar.gz |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It somehow messed up here.. Not sure what happened
I figured it out, that file used tabs instead of spaces, which apparently can trip up hnix, ping @jwiegley @GrahamcOfBorg eval |
Success on aarch64-linux (full log) Attempted: buildtorrent Partial log (click to expand)
|
Success on x86_64-linux (full log) Attempted: buildtorrent Partial log (click to expand)
|
Success on x86_64-linux (full log) Attempted: buildtorrent Partial log (click to expand)
|
Success on aarch64-linux (full log) Attempted: buildtorrent Partial log (click to expand)
|
Thanks! |
@LnL7 asks a great question -- can the bootstrap fetchurl (ie: pre-stdenv) support HTTPS URLs? |
We can just close all of @r-ryantm's conflicted PRs and re-make them. |
I resolved the conflicts as well now. |
Success on aarch64-linux (full log) Attempted: buildtorrent Partial log (click to expand)
|
Success on x86_64-linux (full log) Attempted: buildtorrent Partial log (click to expand)
|
Let's merge before new conflicts come up, and take it from there. |
Alright, nice :D |
* treewide: http -> https sources This updates the source urls of all top-level packages from http to https where possible. * buildtorrent: fix url and tab -> spaces
This reverts commit 57bccb3.
Fixes CVE-2018-14912. (cherry picked from commit 970d5ef) Trivial conflict from commit 57bccb3 ("treewide: http -> https sources (#42676)") on master branch.
Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools. This update was made based on information from https://repology.org/metapackage/lighttpd/versions. (cherry picked from commit 6e1d3cb) Fix trivial conflict from commit 57bccb3 ("treewide: http -> https sources (#42676)") on master branch.
This updates the source urls of all top-level packages from http to https where possible. This is done using https://github.com/Infinisil/nix-url-verify which is a mess right now, but the basic functionality works. While it will be able to change urls in regards to redirects too, I think http -> https is a good start. This is in the sense of the recent #42665 by @ryantm
What my program does is:
This does not verify the hashes, which shouldn't be needed anyways. Because the hashes stay the same, this also shouldn't trigger any builds.
Here is a list of all attributes whose source url has been changed: https://gist.github.com/d64724f7c284ce8dd4fed9bb0748dde6
Things done
sandbox
innix.conf
on non-NixOS)nix-shell -p nox --run "nox-review wip"
./result/bin/
)nix path-info -S
before and after)