[Nix-dev] Proposal: adding fetchapt support to nixpkgs
Roger Qiu
roger.qiu at matrix.ai
Sat Nov 12 11:16:02 CET 2016
I think what we need is a bot that will autosubmit PRs to bump new versions
by tracking some commonly updated widely used applications like chromium.
This shouldn't be too difficult.
On 11/11/2016 11:34 PM, "Profpatsch" <mail at profpatsch.de> wrote:
> On 16-10-25 04:42am, Chuan-kai Lin wrote:
> > Adding support for fetching binary packages in Debian format from an APT
> > repository would solve this problem. I envision that a nixpkg would
> > specify:
> > - the APT repository base URL
> > - the release name (e.g., stable, testing, or unstable),
> > - the binary package name,
> > - repository signing key (for repositories that implement secure APT,
> > https://wiki.debian.org/SecureApt).
> >
> > And the fetchapt derivation would:
> > - Fetch Release and Release.gpg files from the repository
> > - Verify digital signature
> > - Fetch Packages file
> > - Check hash value of Packages file against the hash value listed in
> > Release file
> > - Extract binary package path that correspond to the given package name
> > from Packages file
> > - Fetch the binary package
> > - Check hash value of binary package against the hash value listed in
> > Packages file
>
> That doesn’t work, and it’s by design.
> In order for nix (the package manager) to be able to install something,
> it needs to know the input files *beforehand*, by hash. So nix **cannot**
> evaluate a derivation where the source hash changes.
>
> The one thing that could be done is completely automating the
> version-bumping process, that is write a program that follows debian
> releases, bumps the hashes, tests the functionality of the resulting
> executables (!!) and then commits the new version to nixpkgs.
>
> --
> Proudly written in Mutt with Vim on NixOS.
> Q: Why is this email five sentences or less?
> A: http://five.sentenc.es
> May take up to five days to read your message. If it’s urgent, call me.
> _______________________________________________
> nix-dev mailing list
> nix-dev at lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.science.uu.nl/pipermail/nix-dev/attachments/20161112/eaf4f483/attachment.html>
More information about the nix-dev
mailing list