Skip to content

fetchGit should fail if rev and ref don't matchΒ #12974

New issue
New issue
Open
#13440
Open
fetchGit should fail if rev and ref don't match#12974
#13440
Labels
bugfetchingNetworking with the outside (non-Nix) world, input locking
Milestone
fetch-tree stabilisation
@l0b0

Description

@l0b0
l0b0
opened on Apr 8, 2025

Describe the bug

It seems that ref is ignored when rev is specified, which could lead to problematic situations. If someone thinks they are using version X.Y.Z, when in reality someone forgot to update the ref when updating the rev, they might spend a lot of time investigating why the software isn't behaving as expected for version X.Y.Z. Even worse would be if someone updated a ref to a new version of a broken or compromised package, but forgot to update rev, leading users to believe they are running a fixed/safe version.

Steps To Reproduce

Example shell session, downloading Nix with a non-existing ref:

$ nix store delete /nix/store/g1pkhqamigraik4f1fvd34g7ss0xqrv7-source
1 store paths deleted, 6.13 MiB freed
$ nix eval --expr 'builtins.fetchGit {url = "https://github.com/NixOS/nix"; rev = "e76bbe413e86e3208bb9824e339d59af25327101"; ref = "no-such-ref";}'
{ lastModified = 1744095711; lastModifiedDate = "20250408070151"; narHash = "sha256-Aqnj5+sA7B4ZRympuyfWPPK83iomKHEHMYhlwslI8iA="; outPath = "/nix/store/g1pkhqamigraik4f1fvd34g7ss0xqrv7-source"; rev = "e76bbe413e86e3208bb9824e339d59af25327101"; revCount = 19748; shortRev = "e76bbe4"; submodules = false; }

Expected behavior

Some alternatives:

  • Treat it like most linters treat unused variables: if the ref is meant to be ignored when rev is specified, Nix should emit a warning about this. That way Nix authors can choose whether to keep or remove a ref which is not actually used by Nix, and which may at any time be out of sync with the rev. This has the advantage of avoiding any kind of slow-down because of expensive checks.
  • Treat it like deadnix, such that specifying both ref and rev is an error. This also avoids expensive checks at build time, with the cost of losing useful metadata for developers.
  • Treat it like an additional safety measure: Nix should verify that ref points to rev when downloading, and emit an error message and return with a non-zero exit code if not. This has the advantage of safety, but could be an expensive check, so it might be necessary to include a flag to disable it in performance-sensitive situations.

Metadata

nix-env (Nix) 2.24.13

Additional context

Checklist

Add πŸ‘ to issues you find important.

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugfetchingNetworking with the outside (non-Nix) world, input locking

    Type

    No type

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions