-
Notifications
You must be signed in to change notification settings - Fork 39
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
solidity binaries always redownloaded on nixos #94
Comments
does this change the binary: ? if so then this would explain a hash mismatch |
yes that modifies the binary. We could perhaps precompute the expected hashes on nixos and ship them as part of svm-rs? Or instead of patching the binaries locally, we could detect that we're running on nixos and pull from some trusted nix respository of solc binaries (e.g. https://github.com/dapphub/dapptools/blob/master/nix/solc-versions.nix, or https://github.com/hellwolf/solc.nix), in this case we would skip hash checks in svm and delegate integrity checking and so on to nix. Happy to make a pr here, but would appreciate some guidance on what your prefered solution is. |
I like that. one concern I have re additional solc bins, is that this makes adding new binaries more complex, but https://github.com/hellwolf/solc.nix looks well maintained and we could just use this for nix, so pulling from https://github.com/hellwolf/solc.nix would be easier to impl and the update overhead is still manageable. but I'm fine with either solution. |
Using an external nix repo is probably the easiest to implement, but I'm a bit worried about supply chain risk and introducing additional trusted parties between the solidity team and the end user. |
On nixos solidity binaries are always downloaded on every invocation of a
forge
command. I'm guessing this is due to some hash check failure as a result of the patching performed since: #48.I'm wondering what the best way to fix this is?
The text was updated successfully, but these errors were encountered: