Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

1password: Update SHA256 #60316

Merged
merged 1 commit into from Apr 29, 2019
Merged

1password: Update SHA256 #60316

merged 1 commit into from Apr 29, 2019

Conversation

kevingriffin
Copy link
Contributor

@kevingriffin kevingriffin commented Apr 27, 2019
edited

Motivation for this change

AgileBits, the distributor of 1Password, recently started reporting a different SHA256 for their Darwin and 386 Linux builds. Their support person reports the following:

Yes we did indeed rebuild the CLI release as part of upgrades to our release infrastructure. The sig file shipped with the binaries is always re-generated along with those binaries, so validating that signature is the best way to ensure the builds are valid and safe.

Please let me know if you have any further questions!

This would imply all three builds references in the nix package would see their signatures changed, but I could only find different signatures for the i686-linux and x86_64darwin builds.

Edit: I received the changed signature for amd64, so I've updated my commit to include all three new signatures.

My contact is Connor Hicks at support@1password.com

If further action is required to verify these signatures, I'd like to hear about it. It seems odd to me to resign the same version.

A list of builds can be found at https://app-updates.agilebits.com/product_history/CLI

Things done
  • Tested using sandboxing (nix.useSandbox on NixOS, or option sandbox in nix.conf on non-NixOS)
  • Built on platform(s)
    • NixOS
    • macOS
    • other Linux distributions
  • Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
  • Tested compilation of all pkgs that depend on this change using nix-shell -p nix-review --run "nix-review wip"
  • Tested execution of all binary files (usually in ./result/bin/)
  • Determined the impact on package closure size (by running nix path-info -S before and after)
  • Assured whether relevant documentation is up to date
  • Fits CONTRIBUTING.md.

@ofborg ofborg bot added the 6.topic: darwin Running or building packages on Darwin label Apr 27, 2019
@kevingriffin kevingriffin mentioned this pull request Apr 27, 2019
Closed
kevingriffin added a commit to kevingriffin/nix-config that referenced this pull request Apr 28, 2019
@kevingriffin
Adds overlay for 1Password
64e5e89 
Waiting on a fix for NixOS/nixpkgs#60316
@marsam
Copy link
Contributor

marsam commented Apr 28, 2019

LGTM. x86_64-linux also changed, would you mind also updating it?

$ for i in linux_386 linux_amd64 darwin_amd64; do nix-prefetch-url --unpack https://cache.agilebits.com/dist/1P/op/pkg/v0.5.5/op_${i}_v0.5.5.zip; done
unpacking...
[2.3 MiB DL]
path is '/nix/store/rrkbll058zxzi4i4q4gcjkl03fmmz06p-op_linux_386_v0.5.5.zip'
1jwkvj6xxfgn08j6wzwcra3p1dp04vblzr2g5s1y3bj4r7gs4gax
unpacking...
[2.4 MiB DL]
path is '/nix/store/zmffa8hjk1qpa96dz32yspk2pqglk9wb-op_linux_amd64_v0.5.5.zip'
1svic2b2msbwzfx3qxfglxp0jjzy3p3v78273wab942zh822ld8b
unpacking...
[3.5 MiB DL]
path is '/nix/store/dwr2k3prgsy0qkxclb3z34knqcp4a1r6-op_darwin_amd64_v0.5.5.zip'
03bnwn06066hvp0n30260mhvkjr60dl93nj9l7p6a0ndcv7w77r8

@kevingriffin
1password: Update SHA256 hashes
cbf4bea 
Follows upstream re-signing from infrastructure change.
@kevingriffin
Copy link
Contributor Author

Thanks for computing that! I was still seeing the old signature on my machines. I've amended my commit to keep history clean, and will update the PR text as well.

@kevingriffin kevingriffin changed the title 1password: Update SHA256 for Darwin and Linux 386 1password: Update SHA256 Apr 29, 2019
@marsam marsam merged commit 8627346 into NixOS:master Apr 29, 2019
@marsam
Copy link
Contributor

marsam commented Apr 29, 2019

Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@NeQuissimus NeQuissimus NeQuissimus approved these changes

Assignees
No one assigned
Labels
6.topic: darwin Running or building packages on Darwin 10.rebuild-darwin: 1-10 10.rebuild-linux: 1-10 12. first-time contribution
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@kevingriffin @marsam @NeQuissimus @Janik-Haag