Browse files

fetchgit: Require a content hash

Without this, the result will not be a fixed-output derivation and
won't work in general.
  • Loading branch information...
1 parent 3c7aa5a commit a8ded9d5d36ddbf7200a1693c74bd83d1403a8c1 @edolstra edolstra committed Feb 18, 2014
Showing with 2 additions and 0 deletions.
  1. +2 −0 pkgs/build-support/fetchgit/default.nix
2 pkgs/build-support/fetchgit/default.nix
@@ -23,6 +23,8 @@
server admins start using the new version?
+assert md5 != "" || sha256 != "";
stdenv.mkDerivation {
name = "git-export";
builder = ./;

3 comments on commit a8ded9d


There's no way to use the actual git hash? :(

Official Nix/Nixpkgs/NixOS member

No, because Nix needs to be able to verify the output, and it doesn't know about git hashes.

Official Nix/Nixpkgs/NixOS member

The problem is that to verify git hash you need the whole history of selected branch. That isn't fetched by default, as it would be much more expensive in most cases.

Please sign in to comment.