hash mismatch in fixed-output derivation #29
Comments
|
I can find what it is downloading from these logs but I can't find where it is using |
|
well I worked out that the missing hash is just because the hash in the derivation is base32 and the one reported is base16. So this issue is actually about why does mvn2nix produce a lock file with the wrong hash? |
|
@shmish111 sorry for getting back to you late. My life has been a bit hectic (new baby) I actually diagnosed the hash mismatch for another person and unfortunately the solution I am doing here needs work. Maven itself can give you different hashes based on where you fetch the artifacts from!
I spent a long time writing https://github.com/NixOS/nixpkgs/blob/master/doc/languages-frameworks/maven.section.md which works using https://github.com/NixOS/mvn2nix-maven-plugin I'd love to spend some time working on either repository and fixing the known bugs. |
|
Hmm, do you think this is an unsovable problem? I am surprised that the json that mvn2nix produced must have specified a different repository than that which it used? Or is there some repo mirroring or proxying going on or something? |
|
@shmish111 the problem is that the tool first invokes Maven without knowing which repository it's utilizing to download the artifact. After which it walks the repository and checks all the repositories either provided or in the settings.xml/pom.xml; they might not necessarily be the same one. |
|
I would love to tackle and solve this in the https://github.com/NixOS/mvn2nix-maven-plugin as well; I am considering forking it since I can't seem to find the active/current maintainer. |
|
@fzakaria From my observation, it would help to prevent mvn2nix from using the local ~/.m2 repository and instead use only the specified repository, e.g. downloading all artifacts upon calling mvn2nix. How do you intend to tackle the problem? Edit: I'm also interested in a solution, and happy to help. |
|
@chkl I think at this moment, I should focus on fixing https://github.com/NixOS/mvn2nix-maven-plugin Trying to orchestrate Maven itself has provided to be a big PITA; I didn't want to hook into the plugin system but /shrug. |
|
I'm currently encountering this bug, is there any way to work around it? |
|
|
This is a limitation of how it’s designed at the moment and that Maven can
allow multiple SHA256 to exist for the same artifact depending on which
Artifactory it is pulled from….
On Fri, May 20, 2022 at 12:53 AM pasqui23 ***@***.***> wrote:
I'm currently encountering this bug, is there any way to work around it?
mv ~/.m2{,.tmp}
mvn2nix
mv ~/m2{.tmp,}
—
Reply to this email directly, view it on GitHub
<#29 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAETXDRHYM3VS5QME7YQO4TVK5AINANCNFSM4TMRQLZA>
.
You are receiving this because you were mentioned.Message ID:
***@***.***>
--
Farid Zakaria
|
|
@fzakaria can we specify which repository to check? |
|
There is a command line flag to set the repository to check. Try that maybe
🤔
…On Sat, May 21, 2022, 9:48 AM pasqui23 ***@***.***> wrote:
@fzakaria <https://github.com/fzakaria> can we specify which repository
to check?
—
Reply to this email directly, view it on GitHub
<#29 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAETXDRRPKDUH6FJDHW4Q2DVLEHVVANCNFSM4TMRQLZA>
.
You are receiving this because you were mentioned.Message ID:
***@***.***>
|
|
Is there any easy way to codify the maven gen plugin into the build process? Would be nice to see how its run and means we can make adjustments if needed. And thanks for the flake, very handy stuff. |
I'm trying to build https://github.com/kemitix/thorp using a
mvn2nix-lock.jsonfile generated usingmvn2nix pom.xml > mvn2nix-lock.jsonhowever one of the dependencies gives me a hash mismatch when I try tomvn2nix.buildMavenRepositoryFromLockFile {file = ./mvn2nix-lock.json;}. How is this possible? I can't find the incorrect hash mentioned anywhere either so I'm stuck as to where to look to investigate.The text was updated successfully, but these errors were encountered: