Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

forgejo: 1.19.0-2 -> 1.19.0-3, use "predictable URLs" in src.url #224877

Merged
merged 2 commits into from
Apr 9, 2023
Merged

forgejo: 1.19.0-2 -> 1.19.0-3, use "predictable URLs" in src.url #224877

merged 2 commits into from
Apr 9, 2023

Conversation

emilylange
Copy link
Member

Description of changes

release notes: https://codeberg.org/forgejo/forgejo/src/commit/4c132e77ea2cba9a1161f4cfc18b82b9e2e1b35f/RELEASE-NOTES.md#1-19-0-3

The security section in those release notes does not apply to nixpkgs :)
Or rather isn't specific to forgejo, as #224714 hasn't landed in nixos-unstable yet /shrug

Also changed the src.url to use a predictable URL instead of https://codeberg.org/attachments/$uuid.

Not sure how long codeberg.org already supports this.
I only just found out about them after a maintainer mentioned them in https://matrix.to/#/#forgejo-chat:matrix.org
Similar URLs are also used at https://forgejo.org/download/

cc @mweinelt as I've spotted you in https://matrix.to/#/#forgejo-chat:matrix.org 👀

Things done
  • Built on platform(s)
    • x86_64-linux
    • aarch64-linux
    • x86_64-darwin
    • aarch64-darwin
  • For non-Linux: Is sandbox = true set in nix.conf? (See Nix manual)
  • Tested, as applicable:
  • Tested compilation of all packages that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage
  • Tested basic functionality of all binary files (usually in ./result/bin/)
  • 23.05 Release Notes (or backporting 22.11 Release notes)
    • (Package updates) Added a release notes entry if the change is major or breaking
    • (Module updates) Added a release notes entry if the change is significant
    • (Module addition) Added a release notes entry if adding a new NixOS module
  • Fits CONTRIBUTING.md.

@emilylange emilylange changed the title Forgejo forgejo: 1.19.0-2 -> 1.19.0-3, use "predictable URLs" in src.url Apr 5, 2023
@mweinelt
Copy link
Member

mweinelt commented Apr 5, 2023

cc @mweinelt as I've spotted you in matrix.to/#/#forgejo-chat:matrix.org eyes

Yes, I'm a potential user and only took part in that conversation due to my role in the nixpkgs security team.

Note that go 1.20.3 is on staging-next (#224806) right now.

mweinelt
mweinelt reviewed Apr 5, 2023
View reviewed changes
pkgs/applications/version-management/forgejo/default.nix
Comment on lines 30 to 33
src = fetchurl {
name = "${pname}-src-${version}.tar.gz";
# see https://codeberg.org/forgejo/forgejo/releases
url = "https://codeberg.org/attachments/2bf497db-fa91-4260-9c98-5c791b6b397c";
hash = "sha256-neDIT+V3qHR8xgP4iy4TJQ6PCWO3svpSA7FLCacQSMI=";
url = "https://codeberg.org/forgejo/forgejo/releases/download/v${version}/forgejo-src-${version}.tar.gz";
hash = "sha256-u27DDw3JUtVJ2nvkKfaGzpYP8bpRnwc1LUVra8Epkjc=";
};
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We also have fetchFromGitea fwiw.

Copy link
Member Author

@emilylange emilylange Apr 5, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

fetchFromGitea needs a rev, but this URL doesn't. We are using a release artifact/tarball.

I can reach back to explain why, if you are interested.
But the tl;dr; is forgejo provides release tarballs, that already include the frontend.
So we don't need to build everything from source. Similarly to Gitea1.

If you go to https://codeberg.org/forgejo/forgejo/releases/tag/v1.19.0-3 you can compare Source Code (TAR.GZ) with forgejo-src-1.19.0-3.tar.gz

Footnotes

  1. https://github.com/NixOS/nixpkgs/blob/9c8ff8b426a8b07b9e0a131ac3218740dc85ba1e/pkgs/applications/version-management/gitea/default.nix#L24-L28

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ideally, we would build the frontend from source. This could be done using buildNpmPackage, but should probably happen outside a regular update.

@ofborg ofborg bot requested a review from urandom2 April 5, 2023 21:49
@nixos-discourse
Copy link

This pull request has been mentioned on NixOS Discourse. There might be relevant details there:

https://discourse.nixos.org/t/prs-ready-for-review/3032/2042

@SuperSandro2000
Copy link
Member

Also changed the src.url to use a predictable URL instead of https://codeberg.org/attachments/$uuid.

If that would be linked in the web ui...

@SuperSandro2000 SuperSandro2000 merged commit c060b3d into NixOS:master Apr 9, 2023
@emilylange
Copy link
Member Author

If that would be linked in the web ui...

See go-gitea/gitea#23891 and go-gitea/gitea#10919 (comment)

@emilylange emilylange deleted the forgejo branch April 9, 2023 02:04
@emilylange emilylange mentioned this pull request Apr 19, 2023
Merged
12 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mweinelt mweinelt mweinelt left review comments

@urandom2 urandom2 Awaiting requested review from urandom2

Assignees
No one assigned
Labels
10.rebuild-darwin: 1-10 10.rebuild-darwin: 1 10.rebuild-linux: 1-10 10.rebuild-linux: 1 11.by: package-maintainer This PR was created by the maintainer of the package it changes
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@emilylange @mweinelt @nixos-discourse @SuperSandro2000