From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp12.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms5.migadu.com with LMTPS id 0DziBiyPo2MpfwEAbAwnHQ (envelope-from ) for ; Wed, 21 Dec 2022 23:56:44 +0100 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp12.migadu.com with LMTPS id SDvfBiyPo2N3WgAAauVa8A (envelope-from ) for ; Wed, 21 Dec 2022 23:56:44 +0100 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 97B4A38DA7 for ; Wed, 21 Dec 2022 23:56:43 +0100 (CET) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1p87ua-00029e-0K; Wed, 21 Dec 2022 17:50:08 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1p87uM-000282-JV for guix-devel@gnu.org; Wed, 21 Dec 2022 17:49:58 -0500 Received: from fencepost.gnu.org ([2001:470:142:3::e]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1p87uM-00022X-31; Wed, 21 Dec 2022 17:49:54 -0500 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=MIME-Version:In-Reply-To:Date:References:Subject:To: From; bh=jXbxT8LGoAMqfyEGYhohMEj5trMsNx7NkPKti9ELPKs=; b=WlEAFSAQ+wF29w5F54uG NJtasKMGep9GhtmlHONngPuNk8aI5j2WWtgnYuteMgmL7OFI8xVjSs1vuQmxP7PukLDZOgyUqR4AK H8aFv9CVqRWfrwedgshSBuqXDivGHtHBVWXSfgy3qEILoRRCsZyIm+q068yBcV2PDr/UWMg2busKr CgUtTzAk+jHVw3atmx8QN7UYLjobmepxCRP3+6FeThWnCABChkI6blK++GaM9THVghmYiB+mRzJpO HOuA6Zi1628nIcIHlaVJ5mHtcV8hJYwgm0DJOzAiz+kQ4uR64KFwz4J7evcV4bCqXCRZOOi7Q691M /xcdB6jNUlDxhA==; Received: from 91-160-117-201.subs.proxad.net ([91.160.117.201] helo=ribbon) by fencepost.gnu.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1p87uH-0002A5-Hv; Wed, 21 Dec 2022 17:49:53 -0500 From: =?utf-8?Q?Ludovic_Court=C3=A8s?= To: Stephen Paul Weber Cc: guix-devel@gnu.org, 0@psycoti.ca Subject: Re: git-fetch without a hash References: X-URL: http://www.fdn.fr/~lcourtes/ X-Revolutionary-Date: Primidi 1 =?utf-8?Q?Niv=C3=B4se?= an 231 de la =?utf-8?Q?R=C3=A9volution=2C?= jour de la Tourbe X-PGP-Key-ID: 0x090B11993D9AEBB5 X-PGP-Key: http://www.fdn.fr/~lcourtes/ludovic.asc X-PGP-Fingerprint: 3CE4 6455 8A84 FDC6 9DB4 0CFB 090B 1199 3D9A EBB5 X-OS: x86_64-pc-linux-gnu Date: Wed, 21 Dec 2022 23:49:47 +0100 In-Reply-To: (Stephen Paul Weber's message of "Tue, 20 Dec 2022 22:04:29 -0500") Message-ID: <87h6xo2wz8.fsf@gnu.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.2 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-BeenThere: guix-devel@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+larch=yhetil.org@gnu.org Sender: guix-devel-bounces+larch=yhetil.org@gnu.org X-Migadu-Country: US X-Migadu-Flow: FLOW_IN ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1671663403; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post:dkim-signature; bh=jXbxT8LGoAMqfyEGYhohMEj5trMsNx7NkPKti9ELPKs=; b=VWztRlaiIT0FM5iJ/6diawjw/KKhQpcyxqqpDk+YIQtxTtKXE5fnb6+6bIGL9PbOJ1jL/z 85W3eWKNLEkv7Vcg9LPmKPf1Mu78LlnI36lCI/WitIwrg5MJ5FFlkN6HGtF/YflhjyZCgw fl1uw+Q5h/Pu5e8UITHrESoM7xQmza6c6fYezISEvWsdavzB+VdqbQZndHN5jBND/mLeg7 buny31lA3qHMRA3ozLRKddHA/NoB/2B/pMPOPQR1pGykyCQW5WDLcI+Q+WZ+hZsUsc9ryT vAlNa3mnJAE5yMGUqrsLSWtKo+eKu9xtNr2xGGykGYXnZUJpxLhQjxKNxBe2zw== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=pass header.d=gnu.org header.s=fencepost-gnu-org header.b=WlEAFSAQ; spf=pass (aspmx1.migadu.com: domain of "guix-devel-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-devel-bounces+larch=yhetil.org@gnu.org"; dmarc=pass (policy=none) header.from=gnu.org ARC-Seal: i=1; s=key1; d=yhetil.org; t=1671663403; a=rsa-sha256; cv=none; b=G5fPtw2fQHAaz+uvWlv7NjejZktlgHASq/Ukk8cRXQ6L4lmj2nnwW8yPzSZhJ/Mbbr5OTZ UkVEYl0XjU1OnynHVKcL62LNHCZNFyl2il9cpe1ucMfv612tVr4rBPoa4fsUJsxMesgsEI JGK9qIO6aVhAGKcVR8x9emiN20hpvZQIdDl+C7qjQeK6hmFW1iF2GCZ4Ty0h5y1UGZSAZq 5+y8p9R8qjo6uVvN5CmoOuLNiLpNGJkylzMe59ac33KcILXWrz1cAf3RrUNGg494Ygjk1d Gzcmxaz4ApcIZ8+I2fGp/jmUNGWtYVyXmkPlruedEWJd2K7RYAMimqGQYXZPmg== X-Spam-Score: -7.41 X-Migadu-Queue-Id: 97B4A38DA7 Authentication-Results: aspmx1.migadu.com; dkim=pass header.d=gnu.org header.s=fencepost-gnu-org header.b=WlEAFSAQ; spf=pass (aspmx1.migadu.com: domain of "guix-devel-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-devel-bounces+larch=yhetil.org@gnu.org"; dmarc=pass (policy=none) header.from=gnu.org X-Migadu-Scanner: scn1.migadu.com X-Migadu-Spam-Score: -7.41 X-TUID: vlbE4FX2at/G Hi, Stephen Paul Weber skribis: > It seem that url-fetch will work without a hash (that is, with (sha256 > #f)) but git-fetch will not. (sha256 #f) is not a documented use case. :-) > As near as I can tell this is because git-fetch uses a fixed > derivation build going via nix/build.cc stuff which contains this > line: > > if (i.second.hash =3D=3D "") fixedOutput =3D false; > > And this results in /etc/resolv.conf not getting written and DNS > resolution failing. > > Now, I *think* by my reading that it is intended for *only* > fixed-output derivations to have network access, because otherwise the > operation would be impure? Yes, exactly. > And then url-fetch is just not actually ending up in a build container > and so it works even when it isn't fixed-output? If an origin has (sha256 #f), it is *not* lowered to a fixed-output derivation; consequently, its build environment lacks network access, etc. > However, there's no real reason that git-fetch *needs* to be > fixed-output in terms of having a hash pre-defined, at least for local > development and other purposes. So is there a way around this? What=E2=80=99s your use case? If you want a package to refer to, say, the tip of the =E2=80=9Cmain=E2=80= =9D branch of some Git repo, then you can: =E2=80=A2 use =E2=80=98--with-branch=3DPKG=3Dmain=E2=80=99, or =E2=80=A2 write (package (source (git-checkout =E2=80=A6)) =E2=80=A6) Both are actually equivalent. =E2=80=98git-checkout=E2=80=99 represents a = checkout made on the client side, without knowing in advance what you=E2=80=99ll get out = of this checkout. (So use with care, too.) > If having a way around it is not desirable should url-fetch consider > this an error as well? I=E2=80=99m not sure; do you have an example where it=E2=80=99s not behavin= g as expected? > Finally, *if* git-fetch should not allow this, the current error > message is beyond confusing (DNS resolution fails during git fetch and > it tries to fall back to SWH). So should git-fetch check for hash of > #f and raise at that point with a better error message in that case? Ideally, =E2=80=98origin=E2=80=99 would prevent a hash of #f altogether. H= owever, there are a couple of weird use cases in (gnu packages =E2=80=A6) that need to be supported. We should probably consider using a different trick there, such as using a computed-file instead of an origin; we=E2=80=99ll have to c= heck what=E2=80=99s feasible. Thanks, Ludo=E2=80=99.