Rust 1.50.0 incorporated a Cargo change (rust-lang/cargo#8937) in
which cargo vendor erroneously changed permissions of vendored
crates. This was fixed in Rust
1.51.0 (rust-lang/cargo#9131). Unfortunately, this means that all
cargoSha256/cargoHashes produced during the Rust 1.50.0 cycle are
potentially broken.
This change updates cargoSha256/cargoHash tree-wide.
Fixes #121994.
Changes the default fetcher in the Rust Platform to be the newer
`fetchCargoTarball`, and changes every application using the current default to
instead opt out.
This commit does not change any hashes or cause any rebuilds. Once integrated,
we will start deleting the opt-outs and recomputing hashes.
See #79975 for details.
A recent upgrade of cargo-vendor changed its output slightly, which
broke all cargoSha256 hashes in nixpkgs.
See https://github.com/NixOS/nixpkgs/issues/60668 for more information.
Since then, a few hashes have been fixed in master by hand, but there
were a lot still to do, so I did all of the ones left over with some
scripts I wrote.
The one hash I wasn’t able to update was habitat's, because it’s
currently broken and the build doesn’t get far enough to produce a
hash anyway.
This fixes an impurity in nix-index: Previously it would take the nix-env
binary from the users PATH. I discovered this while trying to run nix-index in a
systemd service, which by default doesn't have nix-env in its path. The
errors it threw were not informative at all and it took me hours to
finally figure out the reason.
The biggest benefit is that we no longer have to update the registry
package. This means that just about any cargo package can be built by
nix. No longer does `cargo update` need to be feared because it will
update to packages newer then what is available in nixpkgs.
Instead of fetching the cargo registry this bundles all the source code
into a "vendor/" folder.
This also uses the new --frozen and --locked flags which is nice.
Currently cargo-vendor only provides binaries for Linux and
macOS 64-bit. This can be solved by building it for the other
architectures and uploading it somewhere (like the NixOS cache).
This also has the downside that it requires a change to everyone's deps
hash. And if the old one is used because it was cached it will fail to
build as it will attempt to use the old version. For this reason the
attribute has been renamed to `cargoSha256`.
Authors:
* Kevin Cox <kevincox@kevincox.ca>
* Jörg Thalheim <Mic92@users.noreply.github.com>
* zimbatm <zimbatm@zimbatm.com>