From 8f0dd3f450b55e0feb58751d1e2ff701c31f8099 Mon Sep 17 00:00:00 2001 From: Alexander Esgen Date: Thu, 5 Oct 2023 18:55:50 +0200 Subject: [PATCH 1/2] Fix release changelog generation script also, add a fixed index-state to aid reproducibility --- scripts/generate-release-changelog-links.hs | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/scripts/generate-release-changelog-links.hs b/scripts/generate-release-changelog-links.hs index 9d17f79117e..78ef04c0d33 100755 --- a/scripts/generate-release-changelog-links.hs +++ b/scripts/generate-release-changelog-links.hs @@ -1,4 +1,4 @@ -#!/usr/bin/env cabal +#!/usr/bin/env -S cabal run --verbose=1 --index-state=2023-10-04T00:00:00Z {- cabal: build-depends: base, @@ -9,7 +9,8 @@ containers, foldl, github ^>= 0.28, - optparse-applicative, + optparse-applicative ^>= 0.18, + ansi-wl-pprint >= 1, pandoc ^>= 3.1, prettyprinter, req, From 677711db13e9035951d5de750222ebc66dcc82d6 Mon Sep 17 00:00:00 2001 From: Moritz Angermann Date: Wed, 15 Nov 2023 13:29:13 +0800 Subject: [PATCH 2/2] Add darwin.signingUtils And ensure we are re-siging files we potentially mutilated with git-set-rev. --- nix/set-git-rev.nix | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/nix/set-git-rev.nix b/nix/set-git-rev.nix index 8f07b446a20..e1388c32bd7 100644 --- a/nix/set-git-rev.nix +++ b/nix/set-git-rev.nix @@ -1,11 +1,19 @@ { pkgs }: drv: -pkgs.buildPackages.runCommand drv.name +with pkgs; +buildPackages.runCommand drv.name { inherit (drv) exeName exePath meta passthru; -} '' + # this is to ensure we are re-signing macOS binaries that might have been + # mutilated by set-git-rev (e.g. patching in the git revision.) + nativeBuildInputs = lib.optionals hostPlatform.isDarwin [ darwin.signingUtils ]; +} ('' mkdir -p $out cp --no-preserve=timestamps --recursive ${drv}/* $out/ chmod -R +w $out/bin - ${pkgs.pkgsBuildBuild.haskellBuildUtils}/bin/set-git-rev "${pkgs.gitrev}" $out/bin/* -'' + ${pkgsBuildBuild.haskellBuildUtils}/bin/set-git-rev "${gitrev}" $out/bin/* +'' + lib.optionalString hostPlatform.isDarwin '' + for exe in $out/bin/*; do + signIfRequired "$exe" + done +'')