Wroclaw/nixos-configuration
1
0
Fork 0
Code Issues Pull requests Activity

pkgs/den-http-get-updater: assert no path is located in nix store

Browse source
This commit is contained in:
Wroclaw 2025-05-18 19:35:34 +02:00
parent cb05ce5b44
commit 595c2828b0
1 changed files with 11 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

13
pkgs/by-name/de/den-http-get-updater/package.nix
View file

@ -44,7 +44,16 @@
}:
let
realFileLocation = builtins.toString fileLocation;
assertNoStorePathPrefix = path:
assert lib.assertMsg (!lib.hasPrefix builtins.storeDir path) ''
The path '${path}' is a store path.
den-http-get-updater must be evaluated in impure mode,
in order to modify target files, and this cannot be done
with files in the store.
''; path;
realFileLocation = assertNoStorePathPrefix (builtins.toString fileLocation);
prefetchList' = lib.map (x:
assert builtins.isNull x.prefetchUrlLocation || lib.isAttrs x.prefetchUrlLocation;
@ -58,7 +67,7 @@ let
name = if x.unpack or unpack then "source" else null;
mark = builtins.hashString "sha256" x.previousHash;
markRegexEscape = lib.escapeRegex mark;
realFileLocation = builtins.toString x.fileLocation or fileLocation;
realFileLocation = assertNoStorePathPrefix (builtins.toString x.realFileLocation or fileLocation);
realFileLocationShellEscape = lib.escapeShellArg realFileLocation;
prefetchUrlLocationShellEscape = lib.mapAttrs (_: lib.escapeShellArg) x.prefetchUrlLocation;
previousHashRegexEscape = lib.escapeRegex x.previousHash;