nix: use SRI hashes for Gradle dependencies

This way we will use the same format as Nix logs and errors when a hash changes, which avoids confusion. Signed-off-by: Jakub Sokołowski <jakub@status.im>
2023-05-10 15:12:36 +02:00 · 2023-05-10 15:12:36 +02:00 · ac3eb3e660
parent 638ec98db5
commit ac3eb3e660
2 changed files with 1644 additions and 1644 deletions
--- a/nix/deps/gradle/deps.json
+++ b/nix/deps/gradle/deps.json
--- a/nix/deps/gradle/url2json.sh
+++ b/nix/deps/gradle/url2json.sh
@ -14,12 +14,12 @@ declare -a REPOS=(
  "https://jitpack.io"
 )

-function nix_fetch() {
-    nix-prefetch-url --print-path --type sha256 "${1}" 2>/dev/null
+function nix_prefetch() {
+    nix store prefetch-file --json "${1}" 2>/dev/null
 }

-function get_nix_path() { echo "${1}" | tail -n1; }
-function get_nix_sha() { echo "${1}" | head -n1; }
+function get_nix_path() { echo "${1}" | jq -r .storePath; }
+function get_nix_sha() { echo "${1}" | jq -r .hash; }
 function get_sha1() { sha1sum "${1}" | cut -d' ' -f1; }

 # Assumes REPOS from repos.sh is available
@ -44,7 +44,7 @@ function fetch_and_template_file() {
    local OBJ_URL OBJ_NIX_FETCH_OUT OBJ_NAME OBJ_PATH

    OBJ_URL="${REPO_URL}/${PKG_PATH}/${FILENAME}"
-    if ! OBJ_NIX_FETCH_OUT=$(nix_fetch "${OBJ_URL}"); then
+    if ! OBJ_NIX_FETCH_OUT=$(nix_prefetch "${OBJ_URL}"); then
        echo " ! Failed to fetch: ${OBJ_URL}" >&2
        return 1
    fi
@ -85,7 +85,7 @@ PKG_PATH="${PKG_URL_NO_EXT#"${REPO_URL}/"}"
 PKG_PATH="$(dirname "${PKG_PATH}")"

 # Both JARs and AARs have a POM
-POM_NIX_FETCH_OUT=$(nix_fetch "${PKG_URL_NO_EXT}.pom")
+POM_NIX_FETCH_OUT=$(nix_prefetch "${PKG_URL_NO_EXT}.pom")
 POM_PATH=$(get_nix_path "${POM_NIX_FETCH_OUT}")
 POM_NAME=$(basename "${PKG_URL_NO_EXT}.pom")
 if [[ -z "${POM_PATH}" ]]; then