diff options
author | Alyssa Ross <hi@alyssa.is> | 2023-09-22 06:59:40 +0000 |
---|---|---|
committer | Alyssa Ross <hi@alyssa.is> | 2023-09-22 06:59:40 +0000 |
commit | 7d40fbbc04cded4adbbcd3e87546d43bdacf47e8 (patch) | |
tree | 6b9339163e4392ec6840acf69d5c112c87ade418 /pkgs/build-support | |
parent | c9a667043fdd65c3511d9b61481240dd56c56f2d (diff) |
nix-prefetch-git: ignore global and user git config
nix-prefetch-git is either run as part of a build, usually sandboxed, or outside a build, unsandboxed, to prefetch something that will later be used in a build. It's important that the latter use produces hashes that can be reproduced by the former. One way that they can differ is if the user's git config does something that changes the result of git clone. I ran into this, because my global git config automatically enables git-lfs, whereas nix-prefetch-git otherwise only uses git-lfs if specifically requested. This led to very confusing hash mismatches.
Diffstat (limited to 'pkgs/build-support')
-rwxr-xr-x | pkgs/build-support/fetchgit/nix-prefetch-git | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/pkgs/build-support/fetchgit/nix-prefetch-git b/pkgs/build-support/fetchgit/nix-prefetch-git index 2a53fd94e7f2b..1194b39dafd74 100755 --- a/pkgs/build-support/fetchgit/nix-prefetch-git +++ b/pkgs/build-support/fetchgit/nix-prefetch-git @@ -293,9 +293,6 @@ clone_user_rev() { local rev="${3:-HEAD}" if [ -n "$fetchLFS" ]; then - tmpHomePath="$(mktemp -d "${TMPDIR:-/tmp}/nix-prefetch-git-tmp-home-XXXXXXXXXX")" - exit_handlers+=(remove_tmpHomePath) - HOME="$tmpHomePath" clean_git lfs install fi @@ -417,6 +414,12 @@ if test -z "$branchName"; then branchName=fetchgit fi +tmpHomePath="$(mktemp -d "${TMPDIR:-/tmp}/nix-prefetch-git-tmp-home-XXXXXXXXXX")" +exit_handlers+=(remove_tmpHomePath) +HOME="$tmpHomePath" +unset XDG_CONFIG_HOME +export GIT_CONFIG_NOSYSTEM=1 + if test -n "$builder"; then test -n "$out" -a -n "$url" -a -n "$rev" || usage mkdir -p "$out" |