[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[TIL] guix doesn't check hash when uri starts with file:///
From: |
Rodrigo Morales |
Subject: |
[TIL] guix doesn't check hash when uri starts with file:/// |
Date: |
Wed, 20 Sep 2023 19:18:57 +0000 |
I've opened this thread to share something which I've learned with
other Guix users.
I'm currently making some modifications to the source code of zathura
, which is a PDF viewer. The original Guix package is called
=zathura=. In that direction, I've defined the following package
definition.
#+BEGIN_SRC scheme
(define-module (my packages experiments-zathura-custom)
#:use-module (guix packages)
#:use-module (guix download)
#:use-module (gnu packages pdf)
#:use-module (gnu packages gnome))
(define-public zathura-custom
(package
(inherit zathura)
(name "zathura-custom")
(version "4.0")
(source
(origin
(method url-fetch)
(uri "file:///home/rdrg/my/git-repos/zathura")
(sha256
(base32
"0000000000000000000000000000000000000000000000000000"))))
(native-inputs
(modify-inputs
(package-native-inputs zathura)
(prepend json-glib)))))
#+END_SRC
The actual hash of the directory =file:///home/rdrg/my/git-repos/zathura= is
=0jc8iivcahq7izbcxr1kf3gjxlzkmf8ccrq54pv6v13h5wjk56jk2=, but I wrote
=0000000000000000000000000000000000000000000000000000= and I can still
the package by executing the following command (see proof below).
#+BEGIN_SRC sh
guix package --no-substitutes -L ~/my/git-repos/guix-packages/ -i zathura-custom
#+END_SRC
#+RESULTS:
#+BEGIN_EXAMPLE
The following package will be upgraded:
zathura-custom 3.0 → my-version-1
The following derivation will be built:
/gnu/store/nbqq72vkrjjw4vpdsbckyvk5cxk4add6-zathura-custom-my-version-1.drv
building
/gnu/store/nbqq72vkrjjw4vpdsbckyvk5cxk4add6-zathura-custom-my-version-1.drv...
The following derivation will be built:
/gnu/store/9sasyz1dp9qj2gaz9i2qrjzvnhyrl7pj-profile.drv
applying 19 grafts for zathura-custom-my-version-1 ...
building CA certificate bundle...
listing Emacs sub-directories...
building fonts directory...
generating GdkPixbuf loaders cache...
generating GLib schema cache...
creating GTK+ icon theme cache...
building cache files for GTK+ input methods...
building directory of Info manuals...
building XDG desktop file cache...
building XDG MIME database...
building profile with 6 packages...
hint: Consider setting the necessary environment variables by running:
GUIX_PROFILE="/home/rdrg/.guix-profile"
. "$GUIX_PROFILE/etc/profile"
Alternately, see `guix package --search-paths -p "/home/rdrg/.guix-profile"'.
#+END_EXAMPLE
#+BEGIN_SRC sh
echo $?
#+END_SRC
#+RESULTS:
#+BEGIN_EXAMPLE
0
#+END_EXAMPLE
Now when I change the =uri= so that it starts with =https= (please see
below) and I try to install the package, I get the error shown below.
#+BEGIN_SRC scheme
(define-module (my packages experiments-zathura-custom)
#:use-module (guix packages)
#:use-module (guix download)
#:use-module (gnu packages pdf)
#:use-module (gnu packages gnome))
(define-public zathura-custom
(package
(inherit zathura)
(name "zathura-custom")
(version "my-version-3")
(source
(origin
(method url-fetch)
(uri "https://pwmt.org/projects/zathura/download/zathura-0.5.2.tar.xz")
(sha256
(base32
"0000000000000000000000000000000000000000000000000000"))))
(native-inputs
(modify-inputs
(package-native-inputs zathura)
(prepend json-glib)))))
#+END_SRC
#+BEGIN_SRC sh
guix package --no-substitutes -L ~/my/git-repos/guix-packages/ -i zathura-custom
#+END_SRC
#+RESULTS:
#+BEGIN_EXAMPLE
The following package will be upgraded:
zathura-custom my-version-2 → my-version-3
The following derivations will be built:
/gnu/store/32prmnm2f65wv3vg645c321884qz6991-zathura-custom-my-version-3.drv
/gnu/store/1lk541cdiv7q1zfwzjql4ail5dhvrzc6-zathura-0.5.2.tar.xz.drv
building /gnu/store/1lk541cdiv7q1zfwzjql4ail5dhvrzc6-zathura-0.5.2.tar.xz.drv...
\sha256 hash mismatch for
/gnu/store/3y83i49y4inc7iclg8x3pv1nnchvsjlx-zathura-0.5.2.tar.xz:
expected hash: 0000000000000000000000000000000000000000000000000000
actual hash: 15314m9chmh5jkrd9vk2h2gwcwkcffv2kjcxkd4v3wmckz5sfjy6
hash mismatch for store item
'/gnu/store/3y83i49y4inc7iclg8x3pv1nnchvsjlx-zathura-0.5.2.tar.xz'
build of /gnu/store/1lk541cdiv7q1zfwzjql4ail5dhvrzc6-zathura-0.5.2.tar.xz.drv
failed
View build log at
'/var/log/guix/drvs/1l/k541cdiv7q1zfwzjql4ail5dhvrzc6-zathura-0.5.2.tar.xz.drv.gz'.
cannot build derivation
`/gnu/store/32prmnm2f65wv3vg645c321884qz6991-zathura-custom-my-version-3.drv':
1 dependencies couldn't be built
guix package: error: build of
`/gnu/store/32prmnm2f65wv3vg645c321884qz6991-zathura-custom-my-version-3.drv'
failed
#+END_EXAMPLE
#+BEGIN_SRC sh
$ echo $?
#+END_SRC
#+RESULTS:
#+BEGIN_EXAMPLE
1
#+END_EXAMPLE
>From the information shown above, I conclude that =guix= doesn't check
hash correctness when a URI starts with =file:///= but it does when it
starts with =https://=. (Please, correct me if I'm wrong.)
I personally like this behavior because I'm currently editing the
source code of Zathura and I wouldn't like to edit the package
definition to insert the correct hash whenever I make a change in any
of the files of the project directory.
This is not mentioned in the Info manual, but I think it should be
mentioned. The Info node that documents =url-fetch= is "(guix) origin
Reference".
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [TIL] guix doesn't check hash when uri starts with file:///,
Rodrigo Morales <=