php.buildComposerProject: warn about outdated vendorHash

2023-10-04 13:42:47 +02:00 · 2023-10-04 13:42:47 +02:00 · dd104a90a8
commit dd104a90a8
parent 7d2c531f28
2 changed files with 25 additions and 2 deletions
--- a/pkgs/build-support/php/hooks/composer-install-hook.sh
+++ b/pkgs/build-support/php/hooks/composer-install-hook.sh
@ -26,6 +26,23 @@ composerInstallConfigureHook() {
        exit 1
    fi

+    echo "Validating consistency between composer.lock and ${composerRepository}/composer.lock"
+    if ! @diff@ composer.lock "${composerRepository}/composer.lock"; then
+        echo
+        echo "ERROR: vendorHash is out of date"
+        echo
+        echo "composer.lock is not the same in $composerRepository"
+        echo
+        echo "To fix the issue:"
+        echo '1. Set vendorHash to an empty string: `vendorHash = "";`'
+        echo '2. Build the derivation and wait for it to fail with a hash mismatch'
+        echo '3. Copy the "got: sha256-..." value back into the vendorHash field'
+        echo '   You should have: vendorHash = "sha256-XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX=";'
+        echo
+
+        exit 1
+    fi
+
    chmod +w composer.json composer.lock

    echo "Finished composerInstallConfigureHook"
--- a/pkgs/build-support/php/hooks/default.nix
+++ b/pkgs/build-support/php/hooks/default.nix
@ -1,9 +1,11 @@
-{ makeSetupHook
+{ lib
+, makeSetupHook
 , jq
 , moreutils
 , makeBinaryWrapper
 , php
 , cacert
+, buildPackages
 }:

 {
@ -18,6 +20,10 @@
    {
      name = "composer-install-hook.sh";
      propagatedBuildInputs = [ jq makeBinaryWrapper moreutils php cacert ];
-      substitutions = { };
+      substitutions = {
+        # Specify the stdenv's `diff` by abspath to ensure that the user's build
+        # inputs do not cause us to find the wrong `diff`.
+        diff = "${lib.getBin buildPackages.diffutils}/bin/diff";
+      };
    } ./composer-install-hook.sh;
 }