Tom Hubrecht
c299614b50
All checks were successful
Check meta / check_meta (pull_request) Successful in 15s
Check meta / check_dns (pull_request) Successful in 15s
Check workflows / check_workflows (pull_request) Successful in 17s
Run pre-commit on all files / pre-commit (pull_request) Successful in 28s
Build all the nodes / ap01 (pull_request) Successful in 37s
Build all the nodes / bridge01 (pull_request) Successful in 43s
Build all the nodes / cof02 (pull_request) Successful in 47s
Build all the nodes / build01 (pull_request) Successful in 51s
Build all the nodes / geo01 (pull_request) Successful in 51s
Build all the nodes / compute01 (pull_request) Successful in 1m12s
Build all the nodes / geo02 (pull_request) Successful in 45s
Build all the nodes / hypervisor01 (pull_request) Successful in 43s
Build all the nodes / hypervisor02 (pull_request) Successful in 43s
Build all the nodes / hypervisor03 (pull_request) Successful in 42s
Build all the nodes / iso (pull_request) Successful in 52s
Build all the nodes / netaccess01 (pull_request) Successful in 20s
Build all the nodes / lab-router01 (pull_request) Successful in 43s
Build all the nodes / netcore00 (pull_request) Successful in 20s
Build all the nodes / netcore01 (pull_request) Successful in 20s
Build all the nodes / netcore02 (pull_request) Successful in 21s
Build all the nodes / krz01 (pull_request) Successful in 1m28s
Build all the nodes / tower01 (pull_request) Successful in 1m14s
Build all the nodes / rescue01 (pull_request) Successful in 1m25s
Build all the nodes / vault01 (pull_request) Successful in 57s
Build all the nodes / storage01 (pull_request) Successful in 1m24s
Build all the nodes / web02 (pull_request) Successful in 47s
Build all the nodes / web03 (pull_request) Successful in 50s
Build all the nodes / web01 (pull_request) Successful in 1m5s
Build the shell / build-shell (pull_request) Successful in 57s
Run pre-commit on all files / pre-commit (push) Successful in 29s
Build all the nodes / ap01 (push) Successful in 38s
Build all the nodes / bridge01 (push) Successful in 51s
Build all the nodes / geo01 (push) Successful in 51s
Build all the nodes / hypervisor01 (push) Successful in 52s
Build all the nodes / geo02 (push) Successful in 54s
Build all the nodes / cof02 (push) Successful in 57s
Build all the nodes / build01 (push) Successful in 58s
Build all the nodes / compute01 (push) Successful in 1m14s
Build all the nodes / netaccess01 (push) Successful in 21s
Build all the nodes / netcore00 (push) Successful in 22s
Build all the nodes / hypervisor02 (push) Successful in 43s
Build all the nodes / netcore01 (push) Successful in 21s
Build all the nodes / hypervisor03 (push) Successful in 45s
Build all the nodes / netcore02 (push) Successful in 21s
Build all the nodes / lab-router01 (push) Successful in 46s
Build all the nodes / iso (push) Successful in 54s
Build all the nodes / rescue01 (push) Successful in 55s
Build all the nodes / tower01 (push) Successful in 52s
Build all the nodes / krz01 (push) Successful in 1m35s
Build all the nodes / vault01 (push) Successful in 57s
Build all the nodes / web02 (push) Successful in 48s
Build all the nodes / web01 (push) Successful in 1m3s
Build the shell / build-shell (push) Successful in 22s
Build all the nodes / storage01 (push) Successful in 1m38s
Build all the nodes / web03 (push) Successful in 47s
962 lines
30 KiB
Diff
962 lines
30 KiB
Diff
From 6d86eb4b9884f46a38baaafd6a048cbfdc6a6b9b Mon Sep 17 00:00:00 2001
|
|
From: Tom Hubrecht <tom@hubrecht.ovh>
|
|
Date: Tue, 6 May 2025 18:32:31 +0200
|
|
Subject: [PATCH] feat: Use SRI hashes for locking pins
|
|
|
|
Here, we:
|
|
- Switch to using SRI hashes for all locked inputs
|
|
- Add support for narHash in fetchGit
|
|
|
|
It is a follow-up of #87 using snix nix-compat crate for manipulating
|
|
hashes
|
|
|
|
Co-authored-by: Raito Bezarius <masterancpp@gmail.com>
|
|
---
|
|
Cargo.lock | 386 +++++++++++++++++++++++++++++++++++++++++++++++-
|
|
Cargo.toml | 2 +
|
|
npins.nix | 4 +
|
|
src/default.nix | 10 +-
|
|
src/git.rs | 22 +--
|
|
src/nix.rs | 20 ++-
|
|
src/pypi.rs | 20 ++-
|
|
src/versions.rs | 40 +++--
|
|
8 files changed, 466 insertions(+), 38 deletions(-)
|
|
|
|
diff --git a/Cargo.lock b/Cargo.lock
|
|
index fc0b0df..6345d09 100644
|
|
--- a/Cargo.lock
|
|
+++ b/Cargo.lock
|
|
@@ -120,12 +120,38 @@ version = "0.22.1"
|
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
checksum = "72b3254f16251a8381aa12e40e3c4d2f0199f8c6508fbecb9d91f575e0fbb8c6"
|
|
|
|
+[[package]]
|
|
+name = "base64ct"
|
|
+version = "1.7.3"
|
|
+source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
+checksum = "89e25b6adfb930f02d1981565a6e5d9c547ac15a96606256d3b59040e5cd4ca3"
|
|
+
|
|
[[package]]
|
|
name = "bitflags"
|
|
version = "2.9.0"
|
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
checksum = "5c8214115b7bf84099f1309324e63141d4c5d7cc26862f97a0a857dbefe165bd"
|
|
|
|
+[[package]]
|
|
+name = "block-buffer"
|
|
+version = "0.10.4"
|
|
+source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
+checksum = "3078c7629b62d3f0439517fa394996acacc5cbc91c5a20d8c658e77abd503a71"
|
|
+dependencies = [
|
|
+ "generic-array",
|
|
+]
|
|
+
|
|
+[[package]]
|
|
+name = "bstr"
|
|
+version = "1.12.0"
|
|
+source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
+checksum = "234113d19d0d7d613b40e86fb654acf958910802bcceab913a4f9e7cda03b1a4"
|
|
+dependencies = [
|
|
+ "memchr",
|
|
+ "regex-automata",
|
|
+ "serde",
|
|
+]
|
|
+
|
|
[[package]]
|
|
name = "bumpalo"
|
|
version = "3.17.0"
|
|
@@ -205,6 +231,21 @@ version = "1.0.3"
|
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
checksum = "5b63caa9aa9397e2d9480a9b13673856c78d8ac123288526c37d7839f2a86990"
|
|
|
|
+[[package]]
|
|
+name = "const-oid"
|
|
+version = "0.9.6"
|
|
+source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
+checksum = "c2459377285ad874054d797f3ccebf984978aa39129f6eafde5cdc8315b612f8"
|
|
+
|
|
+[[package]]
|
|
+name = "cpufeatures"
|
|
+version = "0.2.17"
|
|
+source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
+checksum = "59ed5838eebb26a2bb2e58f6d5b5316989ae9d08bab10e0e6d103e656d1b0280"
|
|
+dependencies = [
|
|
+ "libc",
|
|
+]
|
|
+
|
|
[[package]]
|
|
name = "crossterm"
|
|
version = "0.28.1"
|
|
@@ -216,6 +257,69 @@ dependencies = [
|
|
"rustix",
|
|
]
|
|
|
|
+[[package]]
|
|
+name = "crypto-common"
|
|
+version = "0.1.6"
|
|
+source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
+checksum = "1bfb12502f3fc46cca1bb51ac28df9d618d813cdc3d2f25b9fe775a34af26bb3"
|
|
+dependencies = [
|
|
+ "generic-array",
|
|
+ "typenum",
|
|
+]
|
|
+
|
|
+[[package]]
|
|
+name = "curve25519-dalek"
|
|
+version = "4.1.3"
|
|
+source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
+checksum = "97fb8b7c4503de7d6ae7b42ab72a5a59857b4c937ec27a3d4539dba95b5ab2be"
|
|
+dependencies = [
|
|
+ "cfg-if",
|
|
+ "cpufeatures",
|
|
+ "curve25519-dalek-derive",
|
|
+ "digest",
|
|
+ "fiat-crypto",
|
|
+ "rustc_version",
|
|
+ "subtle",
|
|
+ "zeroize",
|
|
+]
|
|
+
|
|
+[[package]]
|
|
+name = "curve25519-dalek-derive"
|
|
+version = "0.1.1"
|
|
+source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
+checksum = "f46882e17999c6cc590af592290432be3bce0428cb0d5f8b6715e4dc7b383eb3"
|
|
+dependencies = [
|
|
+ "proc-macro2",
|
|
+ "quote",
|
|
+ "syn",
|
|
+]
|
|
+
|
|
+[[package]]
|
|
+name = "data-encoding"
|
|
+version = "2.9.0"
|
|
+source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
+checksum = "2a2330da5de22e8a3cb63252ce2abb30116bf5265e89c0e01bc17015ce30a476"
|
|
+
|
|
+[[package]]
|
|
+name = "der"
|
|
+version = "0.7.10"
|
|
+source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
+checksum = "e7c1832837b905bbfb5101e07cc24c8deddf52f93225eee6ead5f4d63d53ddcb"
|
|
+dependencies = [
|
|
+ "const-oid",
|
|
+ "zeroize",
|
|
+]
|
|
+
|
|
+[[package]]
|
|
+name = "digest"
|
|
+version = "0.10.7"
|
|
+source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
+checksum = "9ed9a281f7bc9b7576e61468ba615a66a5c8cfdff42420a70aa82701a3b1e292"
|
|
+dependencies = [
|
|
+ "block-buffer",
|
|
+ "crypto-common",
|
|
+]
|
|
+
|
|
[[package]]
|
|
name = "displaydoc"
|
|
version = "0.2.5"
|
|
@@ -227,6 +331,41 @@ dependencies = [
|
|
"syn",
|
|
]
|
|
|
|
+[[package]]
|
|
+name = "ed25519"
|
|
+version = "2.2.3"
|
|
+source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
+checksum = "115531babc129696a58c64a4fef0a8bf9e9698629fb97e9e40767d235cfbcd53"
|
|
+dependencies = [
|
|
+ "pkcs8",
|
|
+ "signature",
|
|
+]
|
|
+
|
|
+[[package]]
|
|
+name = "ed25519-dalek"
|
|
+version = "2.1.1"
|
|
+source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
+checksum = "4a3daa8e81a3963a60642bcc1f90a670680bd4a77535faa384e9d1c79d620871"
|
|
+dependencies = [
|
|
+ "curve25519-dalek",
|
|
+ "ed25519",
|
|
+ "serde",
|
|
+ "sha2",
|
|
+ "subtle",
|
|
+ "zeroize",
|
|
+]
|
|
+
|
|
+[[package]]
|
|
+name = "enum-primitive-derive"
|
|
+version = "0.3.0"
|
|
+source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
+checksum = "ba7795da175654fe16979af73f81f26a8ea27638d8d9823d317016888a63dc4c"
|
|
+dependencies = [
|
|
+ "num-traits",
|
|
+ "quote",
|
|
+ "syn",
|
|
+]
|
|
+
|
|
[[package]]
|
|
name = "env_filter"
|
|
version = "0.1.3"
|
|
@@ -265,6 +404,12 @@ dependencies = [
|
|
"windows-sys 0.59.0",
|
|
]
|
|
|
|
+[[package]]
|
|
+name = "fiat-crypto"
|
|
+version = "0.2.9"
|
|
+source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
+checksum = "28dea519a9695b9977216879a3ebfddf92f1c08c05d984f8996aecd6ecdc811d"
|
|
+
|
|
[[package]]
|
|
name = "fnv"
|
|
version = "1.0.7"
|
|
@@ -369,6 +514,16 @@ dependencies = [
|
|
"slab",
|
|
]
|
|
|
|
+[[package]]
|
|
+name = "generic-array"
|
|
+version = "0.14.7"
|
|
+source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
+checksum = "85649ca51fd72272d7821adaf274ad91c288277713d9c18820d8499a7ff69e9a"
|
|
+dependencies = [
|
|
+ "typenum",
|
|
+ "version_check",
|
|
+]
|
|
+
|
|
[[package]]
|
|
name = "getrandom"
|
|
version = "0.2.15"
|
|
@@ -402,6 +557,12 @@ version = "0.31.1"
|
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
checksum = "07e28edb80900c19c28f1072f2e8aeca7fa06b23cd4169cefe1af5aa3260783f"
|
|
|
|
+[[package]]
|
|
+name = "glob"
|
|
+version = "0.3.2"
|
|
+source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
+checksum = "a8d1add55171497b4705a648c6b583acafb01d58050a51727785f0b2c8e0a2b2"
|
|
+
|
|
[[package]]
|
|
name = "hashbrown"
|
|
version = "0.15.2"
|
|
@@ -719,6 +880,16 @@ version = "0.2.172"
|
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
checksum = "d750af042f7ef4f724306de029d18836c26c1765a54a6a3f094cbd23a7267ffa"
|
|
|
|
+[[package]]
|
|
+name = "libmimalloc-sys"
|
|
+version = "0.1.42"
|
|
+source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
+checksum = "ec9d6fac27761dabcd4ee73571cdb06b7022dc99089acbe5435691edffaac0f4"
|
|
+dependencies = [
|
|
+ "cc",
|
|
+ "libc",
|
|
+]
|
|
+
|
|
[[package]]
|
|
name = "linux-raw-sys"
|
|
version = "0.4.15"
|
|
@@ -753,6 +924,15 @@ version = "2.7.4"
|
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
checksum = "78ca9ab1a0babb1e7d5695e3530886289c18cf2f87ec19a575a0abdce112e3a3"
|
|
|
|
+[[package]]
|
|
+name = "mimalloc"
|
|
+version = "0.1.46"
|
|
+source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
+checksum = "995942f432bbb4822a7e9c3faa87a695185b0d09273ba85f097b54f4e458f2af"
|
|
+dependencies = [
|
|
+ "libmimalloc-sys",
|
|
+]
|
|
+
|
|
[[package]]
|
|
name = "mime"
|
|
version = "0.3.17"
|
|
@@ -779,6 +959,53 @@ dependencies = [
|
|
"windows-sys 0.52.0",
|
|
]
|
|
|
|
+[[package]]
|
|
+name = "nix-compat"
|
|
+version = "0.1.0"
|
|
+source = "git+https://git.snix.dev/snix/snix#4749964f06a7aa20ee19c5f7b3c97079e5c67911"
|
|
+dependencies = [
|
|
+ "bitflags",
|
|
+ "bstr",
|
|
+ "bytes",
|
|
+ "data-encoding",
|
|
+ "ed25519",
|
|
+ "ed25519-dalek",
|
|
+ "enum-primitive-derive",
|
|
+ "futures",
|
|
+ "glob",
|
|
+ "mimalloc",
|
|
+ "nix-compat-derive",
|
|
+ "nom",
|
|
+ "num-traits",
|
|
+ "num_enum",
|
|
+ "pin-project-lite",
|
|
+ "serde",
|
|
+ "serde_json",
|
|
+ "sha2",
|
|
+ "thiserror",
|
|
+ "tokio",
|
|
+ "tracing",
|
|
+]
|
|
+
|
|
+[[package]]
|
|
+name = "nix-compat-derive"
|
|
+version = "0.1.0"
|
|
+source = "git+https://git.snix.dev/snix/snix#4749964f06a7aa20ee19c5f7b3c97079e5c67911"
|
|
+dependencies = [
|
|
+ "proc-macro2",
|
|
+ "quote",
|
|
+ "syn",
|
|
+]
|
|
+
|
|
+[[package]]
|
|
+name = "nom"
|
|
+version = "8.0.0"
|
|
+source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
+checksum = "df9761775871bdef83bee530e60050f7e54b1105350d6884eb0fb4f46c2f9405"
|
|
+dependencies = [
|
|
+ "memchr",
|
|
+]
|
|
+
|
|
[[package]]
|
|
name = "npins"
|
|
version = "0.3.1"
|
|
@@ -787,11 +1014,13 @@ dependencies = [
|
|
"async-trait",
|
|
"clap",
|
|
"crossterm",
|
|
+ "data-encoding",
|
|
"env_logger",
|
|
"futures",
|
|
"lenient_semver_parser",
|
|
"lenient_version",
|
|
"log",
|
|
+ "nix-compat",
|
|
"reqwest",
|
|
"serde",
|
|
"serde_json",
|
|
@@ -799,6 +1028,36 @@ dependencies = [
|
|
"url",
|
|
]
|
|
|
|
+[[package]]
|
|
+name = "num-traits"
|
|
+version = "0.2.19"
|
|
+source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
+checksum = "071dfc062690e90b734c0b2273ce72ad0ffa95f0c74596bc250dcfd960262841"
|
|
+dependencies = [
|
|
+ "autocfg",
|
|
+]
|
|
+
|
|
+[[package]]
|
|
+name = "num_enum"
|
|
+version = "0.7.3"
|
|
+source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
+checksum = "4e613fc340b2220f734a8595782c551f1250e969d87d3be1ae0579e8d4065179"
|
|
+dependencies = [
|
|
+ "num_enum_derive",
|
|
+]
|
|
+
|
|
+[[package]]
|
|
+name = "num_enum_derive"
|
|
+version = "0.7.3"
|
|
+source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
+checksum = "af1844ef2428cc3e1cb900be36181049ef3d3193c63e43026cfe202983b27a56"
|
|
+dependencies = [
|
|
+ "proc-macro-crate",
|
|
+ "proc-macro2",
|
|
+ "quote",
|
|
+ "syn",
|
|
+]
|
|
+
|
|
[[package]]
|
|
name = "object"
|
|
version = "0.36.7"
|
|
@@ -855,6 +1114,16 @@ version = "0.1.0"
|
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
checksum = "8b870d8c151b6f2fb93e84a13146138f05d02ed11c7e7c54f8826aaaf7c9f184"
|
|
|
|
+[[package]]
|
|
+name = "pkcs8"
|
|
+version = "0.10.2"
|
|
+source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
+checksum = "f950b2377845cebe5cf8b5165cb3cc1a5e0fa5cfa3e1f7f55707d8fd82e0a7b7"
|
|
+dependencies = [
|
|
+ "der",
|
|
+ "spki",
|
|
+]
|
|
+
|
|
[[package]]
|
|
name = "ppv-lite86"
|
|
version = "0.2.21"
|
|
@@ -864,6 +1133,15 @@ dependencies = [
|
|
"zerocopy",
|
|
]
|
|
|
|
+[[package]]
|
|
+name = "proc-macro-crate"
|
|
+version = "3.3.0"
|
|
+source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
+checksum = "edce586971a4dfaa28950c6f18ed55e0406c1ab88bbce2c6f6293a7aaba73d35"
|
|
+dependencies = [
|
|
+ "toml_edit",
|
|
+]
|
|
+
|
|
[[package]]
|
|
name = "proc-macro2"
|
|
version = "1.0.94"
|
|
@@ -949,7 +1227,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
checksum = "3779b94aeb87e8bd4e834cee3650289ee9e0d5677f976ecdb6d219e5f4f6cd94"
|
|
dependencies = [
|
|
"rand_chacha",
|
|
- "rand_core",
|
|
+ "rand_core 0.9.3",
|
|
"zerocopy",
|
|
]
|
|
|
|
@@ -960,7 +1238,16 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
checksum = "d3022b5f1df60f26e1ffddd6c66e8aa15de382ae63b3a0c1bfc0e4d3e3f325cb"
|
|
dependencies = [
|
|
"ppv-lite86",
|
|
- "rand_core",
|
|
+ "rand_core 0.9.3",
|
|
+]
|
|
+
|
|
+[[package]]
|
|
+name = "rand_core"
|
|
+version = "0.6.4"
|
|
+source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
+checksum = "ec0be4795e2f6a28069bec0b5ff3e2ac9bafc99e6a9a7dc3547996c5c816922c"
|
|
+dependencies = [
|
|
+ "getrandom 0.2.15",
|
|
]
|
|
|
|
[[package]]
|
|
@@ -1079,6 +1366,15 @@ version = "2.1.1"
|
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
checksum = "357703d41365b4b27c590e3ed91eabb1b663f07c4c084095e60cbed4362dff0d"
|
|
|
|
+[[package]]
|
|
+name = "rustc_version"
|
|
+version = "0.4.1"
|
|
+source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
+checksum = "cfcb3a22ef46e85b45de6ee7e79d063319ebb6594faafcf1c225ea92ab6e9b92"
|
|
+dependencies = [
|
|
+ "semver",
|
|
+]
|
|
+
|
|
[[package]]
|
|
name = "rustix"
|
|
version = "0.38.44"
|
|
@@ -1153,6 +1449,12 @@ version = "1.2.0"
|
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
checksum = "94143f37725109f92c262ed2cf5e59bce7498c01bcc1502d7b9afe439a4e9f49"
|
|
|
|
+[[package]]
|
|
+name = "semver"
|
|
+version = "1.0.26"
|
|
+source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
+checksum = "56e6fa9c48d24d85fb3de5ad847117517440f6beceb7798af16b4a87d616b8d0"
|
|
+
|
|
[[package]]
|
|
name = "serde"
|
|
version = "1.0.219"
|
|
@@ -1198,6 +1500,17 @@ dependencies = [
|
|
"serde",
|
|
]
|
|
|
|
+[[package]]
|
|
+name = "sha2"
|
|
+version = "0.10.9"
|
|
+source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
+checksum = "a7507d819769d01a365ab707794a4084392c824f54a7a6a7862f8c3d0892b283"
|
|
+dependencies = [
|
|
+ "cfg-if",
|
|
+ "cpufeatures",
|
|
+ "digest",
|
|
+]
|
|
+
|
|
[[package]]
|
|
name = "shlex"
|
|
version = "1.3.0"
|
|
@@ -1213,6 +1526,15 @@ dependencies = [
|
|
"libc",
|
|
]
|
|
|
|
+[[package]]
|
|
+name = "signature"
|
|
+version = "2.2.0"
|
|
+source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
+checksum = "77549399552de45a898a580c1b41d445bf730df867cc44e6c0233bbc4b8329de"
|
|
+dependencies = [
|
|
+ "rand_core 0.6.4",
|
|
+]
|
|
+
|
|
[[package]]
|
|
name = "slab"
|
|
version = "0.4.9"
|
|
@@ -1238,6 +1560,16 @@ dependencies = [
|
|
"windows-sys 0.52.0",
|
|
]
|
|
|
|
+[[package]]
|
|
+name = "spki"
|
|
+version = "0.7.3"
|
|
+source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
+checksum = "d91ed6c858b01f942cd56b37a94b3e0a1798290327d1236e4d9cf4eaca44d29d"
|
|
+dependencies = [
|
|
+ "base64ct",
|
|
+ "der",
|
|
+]
|
|
+
|
|
[[package]]
|
|
name = "stable_deref_trait"
|
|
version = "1.2.0"
|
|
@@ -1370,6 +1702,23 @@ dependencies = [
|
|
"tokio",
|
|
]
|
|
|
|
+[[package]]
|
|
+name = "toml_datetime"
|
|
+version = "0.6.9"
|
|
+source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
+checksum = "3da5db5a963e24bc68be8b17b6fa82814bb22ee8660f192bb182771d498f09a3"
|
|
+
|
|
+[[package]]
|
|
+name = "toml_edit"
|
|
+version = "0.22.26"
|
|
+source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
+checksum = "310068873db2c5b3e7659d2cc35d21855dbafa50d1ce336397c666e3cb08137e"
|
|
+dependencies = [
|
|
+ "indexmap",
|
|
+ "toml_datetime",
|
|
+ "winnow",
|
|
+]
|
|
+
|
|
[[package]]
|
|
name = "tower"
|
|
version = "0.5.2"
|
|
@@ -1404,9 +1753,21 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
checksum = "784e0ac535deb450455cbfa28a6f0df145ea1bb7ae51b821cf5e7927fdcfbdd0"
|
|
dependencies = [
|
|
"pin-project-lite",
|
|
+ "tracing-attributes",
|
|
"tracing-core",
|
|
]
|
|
|
|
+[[package]]
|
|
+name = "tracing-attributes"
|
|
+version = "0.1.28"
|
|
+source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
+checksum = "395ae124c09f9e6918a2310af6038fba074bcf474ac352496d5910dd59a2226d"
|
|
+dependencies = [
|
|
+ "proc-macro2",
|
|
+ "quote",
|
|
+ "syn",
|
|
+]
|
|
+
|
|
[[package]]
|
|
name = "tracing-core"
|
|
version = "0.1.33"
|
|
@@ -1422,6 +1783,12 @@ version = "0.2.5"
|
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
checksum = "e421abadd41a4225275504ea4d6566923418b7f05506fbc9c0fe86ba7396114b"
|
|
|
|
+[[package]]
|
|
+name = "typenum"
|
|
+version = "1.18.0"
|
|
+source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
+checksum = "1dccffe3ce07af9386bfd29e80c0ab1a8205a2fc34e4bcd40364df902cfa8f3f"
|
|
+
|
|
[[package]]
|
|
name = "unicode-ident"
|
|
version = "1.0.18"
|
|
@@ -1464,6 +1831,12 @@ version = "0.2.2"
|
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
checksum = "06abde3611657adf66d383f00b093d7faecc7fa57071cce2578660c9f1010821"
|
|
|
|
+[[package]]
|
|
+name = "version_check"
|
|
+version = "0.9.5"
|
|
+source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
+checksum = "0b928f33d975fc6ad9f86c8f283853ad26bdd5b10b7f1542aa2fa15e2289105a"
|
|
+
|
|
[[package]]
|
|
name = "want"
|
|
version = "0.3.1"
|
|
@@ -1769,6 +2142,15 @@ version = "0.53.0"
|
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
checksum = "271414315aff87387382ec3d271b52d7ae78726f5d44ac98b4f4030c91880486"
|
|
|
|
+[[package]]
|
|
+name = "winnow"
|
|
+version = "0.7.10"
|
|
+source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
+checksum = "c06928c8748d81b05c9be96aad92e1b6ff01833332f281e8cfca3be4b35fc9ec"
|
|
+dependencies = [
|
|
+ "memchr",
|
|
+]
|
|
+
|
|
[[package]]
|
|
name = "wit-bindgen-rt"
|
|
version = "0.39.0"
|
|
diff --git a/Cargo.toml b/Cargo.toml
|
|
index b603f77..badbe24 100644
|
|
--- a/Cargo.toml
|
|
+++ b/Cargo.toml
|
|
@@ -32,6 +32,8 @@ futures = "0.3.31"
|
|
clap = { version = "4.5", features = [ "derive", "env" ], optional = true }
|
|
crossterm = { version = "0.28.1", default-features = false, optional = true }
|
|
env_logger = { version = "^0.11.0", features = ["color", "auto-color", "regex"], default-features = false, optional = true }
|
|
+nix-compat = { git = "https://git.snix.dev/snix/snix", version = "0.1.0" }
|
|
+data-encoding = "2.9.0"
|
|
|
|
[dev-dependencies]
|
|
env_logger = { version = "^0.11.0", features = ["color", "auto-color", "regex"], default-features = false }
|
|
diff --git a/npins.nix b/npins.nix
|
|
index 912d431..dfdcda8 100644
|
|
--- a/npins.nix
|
|
+++ b/npins.nix
|
|
@@ -51,6 +51,10 @@ let
|
|
version = cargoToml.package.version;
|
|
cargoLock = {
|
|
lockFile = src + "/Cargo.lock";
|
|
+
|
|
+ outputHashes = {
|
|
+ "nix-compat-0.1.0" = "sha256-U9pAde6R2yoP8ivnoNX/1rve+ALrDk8+4R2BKoGzg24=";
|
|
+ };
|
|
};
|
|
|
|
inherit src;
|
|
diff --git a/src/default.nix b/src/default.nix
|
|
index 6592476..fc9ebc5 100644
|
|
--- a/src/default.nix
|
|
+++ b/src/default.nix
|
|
@@ -82,7 +82,7 @@ let
|
|
if url != null && !submodules then
|
|
builtins.fetchTarball {
|
|
inherit url;
|
|
- sha256 = hash; # FIXME: check nix version & use SRI hashes
|
|
+ sha256 = hash;
|
|
}
|
|
else
|
|
let
|
|
@@ -109,9 +109,9 @@ let
|
|
in
|
|
builtins.fetchGit {
|
|
rev = revision;
|
|
- inherit name;
|
|
- # hash = hash;
|
|
- inherit url submodules;
|
|
+ narHash = hash;
|
|
+
|
|
+ inherit name submodules url;
|
|
};
|
|
|
|
mkPyPiSource =
|
|
@@ -140,7 +140,7 @@ let
|
|
sha256 = hash;
|
|
};
|
|
in
|
|
-if version == 5 then
|
|
+if version == 6 then
|
|
builtins.mapAttrs mkSource data.pins
|
|
else
|
|
throw "Unsupported format version ${toString version} in sources.json. Try running `npins upgrade`"
|
|
diff --git a/src/git.rs b/src/git.rs
|
|
index 334e9d1..c7c5241 100644
|
|
--- a/src/git.rs
|
|
+++ b/src/git.rs
|
|
@@ -852,7 +852,7 @@ mod test {
|
|
pin.fetch(&version).await?,
|
|
OptionalUrlHashes {
|
|
url: None,
|
|
- hash: "17giznxp84h53jsm334dkp1fz6x9ff2yqfkq34ihq0ray1x3yhyd".into(),
|
|
+ hash: "sha256-zUM/evAqAwwjGXg67IVzqZvvwp2NjFG1HAUSdLv98Z0=".into(),
|
|
}
|
|
);
|
|
Ok(())
|
|
@@ -880,7 +880,7 @@ mod test {
|
|
pin.fetch(&version).await?,
|
|
ReleasePinHashes {
|
|
url: None,
|
|
- hash: "0q06gjh6129bfs0x072xicmq0q2psnq6ckf05p1jfdxwl7jljg06".into(),
|
|
+ hash: "sha256-BjxJ5aG8NyfDLcBNZrDVV2CAK4tdHNCBdiuJYKB8BmA=".into(),
|
|
revision: "35be5b2b2c3431de1100996487d53134f658b866".into(),
|
|
}
|
|
);
|
|
@@ -908,7 +908,7 @@ mod test {
|
|
pin.fetch(&version).await?,
|
|
OptionalUrlHashes {
|
|
url: Some("https://github.com/oliverwatkins/swing_library/archive/1edb0a9cebe046cc915a218c57dbf7f40739aeee.tar.gz".parse().unwrap()),
|
|
- hash: "17giznxp84h53jsm334dkp1fz6x9ff2yqfkq34ihq0ray1x3yhyd".into(),
|
|
+ hash: "sha256-zUM/evAqAwwjGXg67IVzqZvvwp2NjFG1HAUSdLv98Z0=".into(),
|
|
}
|
|
);
|
|
Ok(())
|
|
@@ -942,7 +942,7 @@ mod test {
|
|
.parse()
|
|
.unwrap()
|
|
),
|
|
- hash: "0q06gjh6129bfs0x072xicmq0q2psnq6ckf05p1jfdxwl7jljg06".into(),
|
|
+ hash: "sha256-BjxJ5aG8NyfDLcBNZrDVV2CAK4tdHNCBdiuJYKB8BmA=".into(),
|
|
}
|
|
);
|
|
Ok(())
|
|
@@ -976,7 +976,7 @@ mod test {
|
|
.parse()
|
|
.unwrap()
|
|
),
|
|
- hash: "0arqpja90n3yy767x0ckwg4biqm4igcpa0vznvx3daaywjkb1v7v".into(),
|
|
+ hash: "sha256-++ywpuReqTb6tn8DddmLpOK4yOOTgX7M8X5YkJS8OCs=".into(),
|
|
}
|
|
);
|
|
Ok(())
|
|
@@ -1004,7 +1004,7 @@ mod test {
|
|
pin.fetch(&version).await?,
|
|
OptionalUrlHashes {
|
|
url: Some("https://git.lix.systems/lix-project/lix/archive/4bbdb2f5564b9b42bcaf0e1eec28325300f31c72.tar.gz".parse().unwrap()),
|
|
- hash: "03rygh7i9wzl6mhha6cv5q26iyzwy8l59d5cq4r6j5kpss9l1hn3".into(),
|
|
+ hash: "sha256-w8JAk9Z3Fmkyway0VCjy/PtoBC6bGQVhNfTzFA98Pg8=".into(),
|
|
}
|
|
);
|
|
Ok(())
|
|
@@ -1039,7 +1039,7 @@ mod test {
|
|
.parse()
|
|
.unwrap()
|
|
),
|
|
- hash: "1iyylsiv1n6mf6rbi4k4fm5nv24a940cwfz92gk9fx6axh2kxjbz".into(),
|
|
+ hash: "sha256-f8k+BezKdJfmE+k7zgBJiohtS3VkkriycdXYsKOm3sc=".into(),
|
|
}
|
|
);
|
|
Ok(())
|
|
@@ -1067,7 +1067,7 @@ mod test {
|
|
pin.fetch(&version).await?,
|
|
OptionalUrlHashes {
|
|
url: Some("https://gitlab.com/api/v4/projects/maxigaz%2Fgitlab-dark/repository/archive.tar.gz?sha=e7145078163692697b843915a665d4f41139a65c".parse().unwrap()),
|
|
- hash: "0nmcr0g0cms4yx9wsgbyvxyvdlqwa9qdb8179g47rs0y04iylcsv".into(),
|
|
+ hash: "sha256-WzPqIwEe6HzISyeg1XBSHNO2fd9+Pc1T90RXBh7IrFo=".into(),
|
|
}
|
|
);
|
|
Ok(())
|
|
@@ -1100,7 +1100,7 @@ mod test {
|
|
url: Some("https://gitlab.com/api/v4/projects/maxigaz%2Fgitlab-dark/repository/archive.tar.gz?ref=v1.16.0"
|
|
.parse()
|
|
.unwrap()),
|
|
- hash: "0nmcr0g0cms4yx9wsgbyvxyvdlqwa9qdb8179g47rs0y04iylcsv".into(),
|
|
+ hash: "sha256-WzPqIwEe6HzISyeg1XBSHNO2fd9+Pc1T90RXBh7IrFo=".into(),
|
|
}
|
|
);
|
|
Ok(())
|
|
@@ -1128,7 +1128,7 @@ mod test {
|
|
pin.fetch(&version).await?,
|
|
OptionalUrlHashes {
|
|
url: Some("https://gitlab.gnome.org/api/v4/projects/Archive%2Fgnome-games/repository/archive.tar.gz?sha=bca2071b6923d45d9aabac27b3ea1e40f5fa3006".parse().unwrap()),
|
|
- hash: "0pn7mdj56flvvlhm96igx8g833sslzgypfb2a4zv7lj8z3kiikmg".into(),
|
|
+ hash: "sha256-r84Y5/hI0rM/UWK569+nWo+BHuovmlQh3Zs6U2Srx14=".into(),
|
|
}
|
|
);
|
|
Ok(())
|
|
@@ -1159,7 +1159,7 @@ mod test {
|
|
ReleasePinHashes {
|
|
revision: "2c89145d52d072a4ca5da900c2676d890bfab1ff".into(),
|
|
url: Some("https://gitlab.gnome.org/api/v4/projects/Archive%2Fgnome-games/repository/archive.tar.gz?ref=40.0".parse().unwrap()),
|
|
- hash: "0pn7mdj56flvvlhm96igx8g833sslzgypfb2a4zv7lj8z3kiikmg".into(),
|
|
+ hash: "sha256-r84Y5/hI0rM/UWK569+nWo+BHuovmlQh3Zs6U2Srx14=".into(),
|
|
}
|
|
);
|
|
Ok(())
|
|
diff --git a/src/nix.rs b/src/nix.rs
|
|
index 2248079..499e0e7 100644
|
|
--- a/src/nix.rs
|
|
+++ b/src/nix.rs
|
|
@@ -1,5 +1,6 @@
|
|
use crate::check_url;
|
|
use anyhow::{Context, Result};
|
|
+use data_encoding::BASE64;
|
|
use log::debug;
|
|
|
|
#[allow(unused)]
|
|
@@ -8,6 +9,16 @@ pub struct PrefetchInfo {
|
|
hash: String,
|
|
}
|
|
|
|
+pub fn hash_to_sri(s: &str, algo: &str) -> Result<String> {
|
|
+ let hash = nix_compat::nixhash::from_str(s, Some(algo))?;
|
|
+
|
|
+ Ok(format!(
|
|
+ "{}-{}",
|
|
+ hash.algo(),
|
|
+ BASE64.encode(hash.digest_as_bytes())
|
|
+ ))
|
|
+}
|
|
+
|
|
pub async fn nix_prefetch_tarball(url: impl AsRef<str>) -> Result<String> {
|
|
let url = url.as_ref();
|
|
check_url(url).await?;
|
|
@@ -37,8 +48,11 @@ pub async fn nix_prefetch_tarball(url: impl AsRef<str>) -> Result<String> {
|
|
}
|
|
|
|
let stdout = String::from_utf8_lossy(&output.stdout);
|
|
- log::debug!("Got hash: {}", stdout);
|
|
- Ok(String::from(stdout.trim()))
|
|
+ let hash = stdout.trim();
|
|
+
|
|
+ log::debug!("Got sha256: {}", hash);
|
|
+
|
|
+ hash_to_sri(&hash, "sha256")
|
|
}
|
|
|
|
pub async fn nix_prefetch_git(
|
|
@@ -111,5 +125,5 @@ pub async fn nix_prefetch_git(
|
|
let info: NixPrefetchGitResponse = serde_json::from_slice(&output.stdout)
|
|
.context("Failed to deserialize nix-pfetch-git JSON response.")?;
|
|
|
|
- Ok(info.sha256)
|
|
+ hash_to_sri(&info.sha256, "sha256")
|
|
}
|
|
diff --git a/src/pypi.rs b/src/pypi.rs
|
|
index 51191d2..5d744ef 100644
|
|
--- a/src/pypi.rs
|
|
+++ b/src/pypi.rs
|
|
@@ -1,6 +1,6 @@
|
|
//! Pin a PyPi package
|
|
|
|
-use crate::*;
|
|
+use crate::{nix::hash_to_sri, *};
|
|
use anyhow::{Context, Result};
|
|
use lenient_version::Version;
|
|
use serde::{Deserialize, Serialize};
|
|
@@ -125,11 +125,15 @@ impl Updatable for Pin {
|
|
anyhow::format_err!("Unsupported package: must contain some \"source\" download",)
|
|
})?;
|
|
|
|
- let hash = latest_source.digests.remove("sha256").ok_or_else(|| {
|
|
- anyhow::format_err!(
|
|
- "JSON metadata is invalid: must contain a `sha256` entry within `digests`",
|
|
- )
|
|
- })?;
|
|
+ let hash = latest_source
|
|
+ .digests
|
|
+ .remove("sha256")
|
|
+ .ok_or_else(|| {
|
|
+ anyhow::format_err!(
|
|
+ "JSON metadata is invalid: must contain a `sha256` entry within `digests`",
|
|
+ )
|
|
+ })
|
|
+ .and_then(|s| hash_to_sri(&s, "sha256"))?;
|
|
|
|
Ok(GenericUrlHashes {
|
|
hash,
|
|
@@ -190,7 +194,7 @@ mod test {
|
|
assert_eq!(
|
|
pin.fetch(&version).await?,
|
|
GenericUrlHashes {
|
|
- hash: "3953b158b7b690642d68cd6beb1d59f6e10526f2ee10a6fb4636a913cc95e718".into(),
|
|
+ hash: "sha256-OVOxWLe2kGQtaM1r6x1Z9uEFJvLuEKb7RjapE8yV5xg=".into(),
|
|
url: "https://files.pythonhosted.org/packages/d1/d5/0c270c22d61ff6b883d0f24956f13e904b131b5ac2829e0af1cda99d70b1/gaiatest-0.34.tar.gz".parse().unwrap(),
|
|
}
|
|
);
|
|
@@ -216,7 +220,7 @@ mod test {
|
|
assert_eq!(
|
|
pin.fetch(&version).await?,
|
|
GenericUrlHashes {
|
|
- hash: "39d09c6627255fcf39c938937995665b6377799c4fa141f6b481bcb5e6a688ac".into(),
|
|
+ hash: "sha256-OdCcZiclX885yTiTeZVmW2N3eZxPoUH2tIG8teamiKw=".into(),
|
|
url: "https://files.pythonhosted.org/packages/fd/75/6e72889c3b154a179040b94963a50901966ff30b68600271df374b2ded7a/streamlit-0.89.0.tar.gz".parse().unwrap(),
|
|
}
|
|
);
|
|
diff --git a/src/versions.rs b/src/versions.rs
|
|
index 003402f..a65c995 100644
|
|
--- a/src/versions.rs
|
|
+++ b/src/versions.rs
|
|
@@ -1,11 +1,12 @@
|
|
//! Versioning support for the save format
|
|
|
|
use super::*;
|
|
+use crate::nix::hash_to_sri;
|
|
use anyhow::{Context, Result};
|
|
use serde_json::{json, Map, Value};
|
|
|
|
/// The current format version
|
|
-pub const LATEST: u64 = 5;
|
|
+pub const LATEST: u64 = 6;
|
|
|
|
/// Custom manual deserialize wrapper that checks the version
|
|
pub fn from_value_versioned(value: Value) -> Result<NixPins> {
|
|
@@ -83,11 +84,18 @@ pub fn upgrade(mut pins_raw: Map<String, Value>) -> Result<Value> {
|
|
* They are omitted here; Only non-trivial upgrades should be inserted.
|
|
*/
|
|
type Upgrader = Box<dyn Fn(&mut Map<String, Value>) -> Result<()>>;
|
|
- let version_upgraders: BTreeMap<u64, Upgrader> = [(
|
|
- 0,
|
|
- Box::new(|pins_raw: &mut Map<String, Value>| generic_upgrader(pins_raw, upgrade_v0_pin))
|
|
- as Upgrader,
|
|
- )]
|
|
+ let version_upgraders: BTreeMap<u64, Upgrader> = [
|
|
+ (
|
|
+ 0,
|
|
+ Box::new(|pins_raw: &mut Map<String, Value>| generic_upgrader(pins_raw, upgrade_v0_pin))
|
|
+ as Upgrader,
|
|
+ ),
|
|
+ (
|
|
+ 5,
|
|
+ Box::new(|pins_raw: &mut Map<String, Value>| generic_upgrader(pins_raw, upgrade_v5_pin))
|
|
+ as Upgrader,
|
|
+ ),
|
|
+ ]
|
|
.into_iter()
|
|
.collect();
|
|
|
|
@@ -224,6 +232,20 @@ fn upgrade_v0_pin(name: &str, raw_pin: &mut Map<String, Value>) -> Result<()> {
|
|
Ok(())
|
|
}
|
|
|
|
+/* v5→v6. This upgrade changes the hashes of git and git-release pins to use SRI hashes instead of
|
|
+ * raw sha256 hashes.
|
|
+ */
|
|
+fn upgrade_v5_pin(name: &str, raw_pin: &mut Map<String, Value>) -> Result<()> {
|
|
+ log::debug!("Updating {} to v6", name);
|
|
+
|
|
+ if let Some(raw_hash) = raw_pin.remove("hash") {
|
|
+ let hash: String = serde_json::from_value(raw_hash)?;
|
|
+ raw_pin.insert("hash".into(), hash_to_sri(&hash, "sha256")?.into());
|
|
+ }
|
|
+
|
|
+ Ok(())
|
|
+}
|
|
+
|
|
#[cfg(test)]
|
|
mod test {
|
|
use super::*;
|
|
@@ -301,19 +323,19 @@ mod test {
|
|
"nixos-mailserver".into() => Pin::Git {
|
|
input: git::GitPin::new(git::Repository::git("https://gitlab.com/simple-nixos-mailserver/nixos-mailserver.git".parse().unwrap()), "nixos-21.11".into(), false),
|
|
version: Some(git::GitRevision::new("6e3a7b2ea6f0d68b82027b988aa25d3423787303".into()).unwrap()),
|
|
- hashes: Some(git::OptionalUrlHashes { url: None, hash: "1i56llz037x416bw698v8j6arvv622qc0vsycd20lx3yx8n77n44".into() } ),
|
|
+ hashes: Some(git::OptionalUrlHashes { url: None, hash: "sha256-hNhzLOp+dApEY15vwLAQZu+sjEQbJcOXCaSfAT6lpsQ=".into() } ),
|
|
frozen: Frozen::default(),
|
|
},
|
|
"nixpkgs".into() => Pin::Git {
|
|
input: git::GitPin::new(git::Repository::github("nixos", "nixpkgs"), "nixpkgs-unstable".into(), false),
|
|
version: Some(git::GitRevision::new("5c37ad87222cfc1ec36d6cd1364514a9efc2f7f2".into()).unwrap()),
|
|
- hashes: Some(git::OptionalUrlHashes { url: Some("https://github.com/nixos/nixpkgs/archive/5c37ad87222cfc1ec36d6cd1364514a9efc2f7f2.tar.gz".parse().unwrap()), hash: "1r74afnalgcbpv7b9sbdfbnx1kfj0kp1yfa60bbbv27n36vqdhbb".into() }),
|
|
+ hashes: Some(git::OptionalUrlHashes { url: Some("https://github.com/nixos/nixpkgs/archive/5c37ad87222cfc1ec36d6cd1364514a9efc2f7f2.tar.gz".parse().unwrap()), hash: "sha256-a8GGtxn2iL3WAkY5H+4E0s3Q7XJt6bTOvos9qqxT5OQ=".into() }),
|
|
frozen: Frozen::default(),
|
|
},
|
|
"streamlit".into() => Pin::PyPi {
|
|
input: pypi::Pin { name: "streamlit".into(), version_upper_bound: None },
|
|
version: Some(GenericVersion { version: "1.3.1".into() }),
|
|
- hashes: Some(GenericUrlHashes { url: "https://files.pythonhosted.org/packages/c3/9d/ac871992617220442832af12c3808716f4349ab05ff939d695fe8b542f00/streamlit-1.3.1.tar.gz".parse().unwrap(), hash: "adec7935c9cf774b9115b2456cf2f48c4f49b9f67159a97db0fe228357c1afdf".into() } ),
|
|
+ hashes: Some(GenericUrlHashes { url: "https://files.pythonhosted.org/packages/c3/9d/ac871992617220442832af12c3808716f4349ab05ff939d695fe8b542f00/streamlit-1.3.1.tar.gz".parse().unwrap(), hash: "sha256-rex5NcnPd0uRFbJFbPL0jE9JufZxWal9sP4ig1fBr98=".into() } ),
|
|
frozen: Frozen::default(),
|
|
},
|
|
"youtube-dl".into() => Pin::GitRelease {
|