question
when using nix-prefetch-git
with a --rev
, do we actually really need a sha256 also?
assumption
i understand this requirement when using git
with tags
since tags can be reattached to a different rev.
so my current theory is that we distrust the way git fetches or processes the files, done by passing the additional sha256 hash. following this concept one can compute a hash in a way that git
will never be able to have an influence on.
correct?
nix-prefetch-git example
nix-prefetch-git https://github.com/ugorji/go --rev 9831f2c3ac1068a78f50
Leeres Git-Repository in /tmp/git-checkout-tmp-bPibjanm/go-9831f2c/.git/ initialisiert
remote: Counting objects: 2220, done.
remote: Compressing objects: 100% (10/10), done.
remote: Total 2220 (delta 4), reused 5 (delta 2), pack-reused 2208
Empfange Objekte: 100% (2220/2220), 2.39 MiB | 2.86 MiB/s, Fertig.
Löse Unterschiede auf: 100% (1706/1706), Fertig.
Von https://github.com/ugorji/go
* [neuer Branch] master -> origin/master
* [neues Tag] v.1.1-beta -> v.1.1-beta
* [neues Tag] v1.1 -> v1.1
Zu neuem Branch 'fetchgit' gewechselt
removing `.git'...
git revision is 9831f2c3ac1068a78f50999a30db84270f647af6
path is /nix/store/b0z5c3m25jd60rhdyqdqr8vwjcy3q4gj-go-9831f2c
git human-readable version is v1.1
Commit date is 2018-01-12 09:19:27 -0500
hash is 0qxdq599sjwb03znlxy634mdnmfl90770wf1kk37dhzll6i84vkr
{
"url": "https://github.com/ugorji/go",
"rev": "9831f2c3ac1068a78f50999a30db84270f647af6",
"date": "2018-01-12T09:19:27-05:00",
"sha256": "0qxdq599sjwb03znlxy634mdnmfl90770wf1kk37dhzll6i84vkr",
"fetchSubmodules": true
}