| 22 Nov 2023 |
 hexa | for https://github.com/pyinsteon/insteon-panel/blob/0.4.0/yarn.lock | 15:11:23 |
| hexa | I'm looking for advice on this error | 15:11:47 |
| hexa | src = fetchFromGitHub {
owner = "pyinsteon";
repo = "insteon-panel";
rev = "refs/tags/${version}";
hash = "sha256-jpfRgME6MJdItrOldeN12W+bCeIi9ACH7oQ0GFyFqzo=";
};
nativeBuildInputs = [
nodejs
setuptools
yarn
];
yarnDeps = fetchYarnDeps {
yarnLock = src + "/yarn.lock";
hash = "";
};
| 15:12:13 |
| hexa | this is roughly what I have | 15:12:17 |
 Lily Foster | that fetcher only does v1 lockfiles rn | 15:12:41 |
| Lily Foster | (if i could scam someone to join the nixpkgs node.js team, we could probably make more progress on getting it working with yarn-berry ππ»ππ» ) | 15:14:14 |
| hexa | ah cool | 15:16:41 |
| hexa | that lock file should say version: 2 somewhere | 15:16:50 |
 Wanja Hentze | wait, the stuff in nixpkgs reads lockfiles? | 15:16:54 |
| hexa | instead it says __metadata.version: 6 | 15:17:05 |
| Wanja Hentze | I thought it didn't, and that's why one has to prefetch | 15:17:10 |
 Janne HeΓ | In reply to @hexa:lossy.network
instead it says __metadata.version: 6 Take a look at the hedgedoc package, I hacked it together there as well and it seems to work well enough | 15:18:58 |
| hexa | thanks, but I suddenly lost interest π | 15:19:40 |
| hexa | will keep that in mind, if something worthy comes along | 15:19:50 |
 Marie | In reply to @whentze:matrix.org
I thought it didn't, and that's why one has to prefetch prefetch-npm-deps fetches the dependencies from a package-lock.json and produces the cache format npm uses so npm can do an offline install using the cache | 15:57:55 |
| Wanja Hentze | right but that has to run outside of the sandbox | 16:37:15 |
| Wanja Hentze | I'm looking for a pure solution like npmlock2nix (but with support for more insane bullshit) | 16:37:45 |
| Lily Foster | no? fetchers run in the sandbox in general | 16:37:48 |
| Wanja Hentze | yes but pre fetchers don't | 16:38:05 |
| Lily Foster | for the node ones they are the same | 16:38:18 |
| Lily Foster | https://github.com/NixOS/nixpkgs/blob/612493c63d4e8af96b9747b70f86d83b8b73937a/pkgs/build-support/node/fetch-npm-deps/default.nix#L161 | 16:38:53 |
| Wanja Hentze | does that work if you don't pass in hash? | 16:40:39 |
| Lily Foster | In reply to @whentze:matrix.org
does that work if you don't pass in hash? if you mean the arg that sets the outputHash on the derivation, sure it'll work i guess but nix won't be happy when the hash doesn't match after the builder finishes | 16:44:43 |
| Wanja Hentze | right, and npmlock2nix et al. compute that hash instead | 16:46:15 |
| Lily Foster | i'm not sure i follow but also idk what npmlock2nix is, so i'll take your word for it | 16:47:12 |
| Wanja Hentze | it parses package-lock.json in pure nix code and can thus create its own FODs | 16:48:04 |
| Wanja Hentze | no need to maintain a separate hash out of band | 16:48:13 |
| Lily Foster | oh, yeah i was gonna have that too for the nixpkgs stuff soon. someone called it terrible though so i haven't, uh, come back and pushed it yet | 16:49:13 |
| Wanja Hentze | napalm, floco and the new buildNpmModule stuff do it as well | 16:49:32 |
| Wanja Hentze | as does (I believe) dream2niz | 16:49:51 |
