doc/contributing/coding-conventions.xml at 20.09 · tjh.dev/nixpkgs

tjh.dev / nixpkgs
Clone of https://github.com/NixOS/nixpkgs.git (to stress-test knotserver)
nixpkgs / doc / contributing / coding-conventions.xml
at 20.09 924 lines 32 kB view raw
  1<chapter xmlns="http://docbook.org/ns/docbook"
  2         xmlns:xlink="http://www.w3.org/1999/xlink"
  3         xml:id="chap-conventions">
  4 <title>Coding conventions</title>
  5 <section xml:id="sec-syntax">
  6  <title>Syntax</title>
  7
  8  <itemizedlist>
  9   <listitem>
 10    <para>
 11     Use 2 spaces of indentation per indentation level in Nix expressions, 4 spaces in shell scripts.
 12    </para>
 13   </listitem>
 14   <listitem>
 15    <para>
 16     Do not use tab characters, i.e. configure your editor to use soft tabs. For instance, use <literal>(setq-default indent-tabs-mode nil)</literal> in Emacs. Everybody has different tab settings so it’s asking for trouble.
 17    </para>
 18   </listitem>
 19   <listitem>
 20    <para>
 21     Use <literal>lowerCamelCase</literal> for variable names, not <literal>UpperCamelCase</literal>. Note, this rule does not apply to package attribute names, which instead follow the rules in <xref linkend="sec-package-naming"/>.
 22    </para>
 23   </listitem>
 24   <listitem>
 25    <para>
 26     Function calls with attribute set arguments are written as
 27<programlisting>
 28foo {
 29  arg = ...;
 30}
 31</programlisting>
 32     not
 33<programlisting>
 34foo
 35{
 36  arg = ...;
 37}
 38</programlisting>
 39     Also fine is
 40<programlisting>
 41foo { arg = ...; }
 42</programlisting>
 43     if it's a short call.
 44    </para>
 45   </listitem>
 46   <listitem>
 47    <para>
 48     In attribute sets or lists that span multiple lines, the attribute names or list elements should be aligned:
 49<programlisting>
 50# A long list.
 51list = [
 52  elem1
 53  elem2
 54  elem3
 55];
 56
 57# A long attribute set.
 58attrs = {
 59  attr1 = short_expr;
 60  attr2 =
 61    if true then big_expr else big_expr;
 62};
 63
 64# Combined
 65listOfAttrs = [
 66  {
 67    attr1 = 3;
 68    attr2 = "fff";
 69  }
 70  {
 71    attr1 = 5;
 72    attr2 = "ggg";
 73  }
 74];
 75</programlisting>
 76    </para>
 77   </listitem>
 78   <listitem>
 79    <para>
 80     Short lists or attribute sets can be written on one line:
 81<programlisting>
 82# A short list.
 83list = [ elem1 elem2 elem3 ];
 84
 85# A short set.
 86attrs = { x = 1280; y = 1024; };
 87</programlisting>
 88    </para>
 89   </listitem>
 90   <listitem>
 91    <para>
 92     Breaking in the middle of a function argument can give hard-to-read code, like
 93<programlisting>
 94someFunction { x = 1280;
 95  y = 1024; } otherArg
 96  yetAnotherArg
 97</programlisting>
 98     (especially if the argument is very large, spanning multiple lines).
 99    </para>
100    <para>
101     Better:
102<programlisting>
103someFunction
104  { x = 1280; y = 1024; }
105  otherArg
106  yetAnotherArg
107</programlisting>
108     or
109<programlisting>
110let res = { x = 1280; y = 1024; };
111in someFunction res otherArg yetAnotherArg
112</programlisting>
113    </para>
114   </listitem>
115   <listitem>
116    <para>
117     The bodies of functions, asserts, and withs are not indented to prevent a lot of superfluous indentation levels, i.e.
118<programlisting>
119{ arg1, arg2 }:
120assert system == "i686-linux";
121stdenv.mkDerivation { ...
122</programlisting>
123     not
124<programlisting>
125{ arg1, arg2 }:
126  assert system == "i686-linux";
127    stdenv.mkDerivation { ...
128</programlisting>
129    </para>
130   </listitem>
131   <listitem>
132    <para>
133     Function formal arguments are written as:
134<programlisting>
135{ arg1, arg2, arg3 }:
136</programlisting>
137     but if they don't fit on one line they're written as:
138<programlisting>
139{ arg1, arg2, arg3
140, arg4, ...
141, # Some comment...
142  argN
143}:
144</programlisting>
145    </para>
146   </listitem>
147   <listitem>
148    <para>
149     Functions should list their expected arguments as precisely as possible. That is, write
150<programlisting>
151{ stdenv, fetchurl, perl }: <replaceable>...</replaceable>
152</programlisting>
153     instead of
154<programlisting>
155args: with args; <replaceable>...</replaceable>
156</programlisting>
157     or
158<programlisting>
159{ stdenv, fetchurl, perl, ... }: <replaceable>...</replaceable>
160</programlisting>
161    </para>
162    <para>
163     For functions that are truly generic in the number of arguments (such as wrappers around <varname>mkDerivation</varname>) that have some required arguments, you should write them using an <literal>@</literal>-pattern:
164<programlisting>
165{ stdenv, doCoverageAnalysis ? false, ... } @ args:
166
167stdenv.mkDerivation (args // {
168  <replaceable>...</replaceable> if doCoverageAnalysis then "bla" else "" <replaceable>...</replaceable>
169})
170</programlisting>
171     instead of
172<programlisting>
173args:
174
175args.stdenv.mkDerivation (args // {
176  <replaceable>...</replaceable> if args ? doCoverageAnalysis &amp;&amp; args.doCoverageAnalysis then "bla" else "" <replaceable>...</replaceable>
177})
178</programlisting>
179    </para>
180   </listitem>
181  </itemizedlist>
182 </section>
183 <section xml:id="sec-package-naming">
184  <title>Package naming</title>
185
186  <para>
187   The key words <emphasis>must</emphasis>, <emphasis>must not</emphasis>, <emphasis>required</emphasis>, <emphasis>shall</emphasis>, <emphasis>shall not</emphasis>, <emphasis>should</emphasis>, <emphasis>should not</emphasis>, <emphasis>recommended</emphasis>, <emphasis>may</emphasis>, and <emphasis>optional</emphasis> in this section are to be interpreted as described in <link xlink:href="https://tools.ietf.org/html/rfc2119">RFC 2119</link>. Only <emphasis>emphasized</emphasis> words are to be interpreted in this way.
188  </para>
189
190  <para>
191   In Nixpkgs, there are generally three different names associated with a package:
192   <itemizedlist>
193    <listitem>
194     <para>
195      The <varname>name</varname> attribute of the derivation (excluding the version part). This is what most users see, in particular when using <command>nix-env</command>.
196     </para>
197    </listitem>
198    <listitem>
199     <para>
200      The variable name used for the instantiated package in <filename>all-packages.nix</filename>, and when passing it as a dependency to other functions. Typically this is called the <emphasis>package attribute name</emphasis>. This is what Nix expression authors see. It can also be used when installing using <command>nix-env -iA</command>.
201     </para>
202    </listitem>
203    <listitem>
204     <para>
205      The filename for (the directory containing) the Nix expression.
206     </para>
207    </listitem>
208   </itemizedlist>
209   Most of the time, these are the same. For instance, the package <literal>e2fsprogs</literal> has a <varname>name</varname> attribute <literal>"e2fsprogs-<replaceable>version</replaceable>"</literal>, is bound to the variable name <varname>e2fsprogs</varname> in <filename>all-packages.nix</filename>, and the Nix expression is in <filename>pkgs/os-specific/linux/e2fsprogs/default.nix</filename>.
210  </para>
211
212  <para>
213   There are a few naming guidelines:
214   <itemizedlist>
215    <listitem>
216     <para>
217      The <literal>name</literal> attribute <emphasis>should</emphasis> be identical to the upstream package name.
218     </para>
219    </listitem>
220    <listitem>
221     <para>
222      The <literal>name</literal> attribute <emphasis>must not</emphasis> contain uppercase letters — e.g., <literal>"mplayer-1.0rc2"</literal> instead of <literal>"MPlayer-1.0rc2"</literal>.
223     </para>
224    </listitem>
225    <listitem>
226     <para>
227      The version part of the <literal>name</literal> attribute <emphasis>must</emphasis> start with a digit (following a dash) — e.g., <literal>"hello-0.3.1rc2"</literal>.
228     </para>
229    </listitem>
230    <listitem>
231     <para>
232      If a package is not a release but a commit from a repository, then the version part of the name <emphasis>must</emphasis> be the date of that (fetched) commit. The date <emphasis>must</emphasis> be in <literal>"YYYY-MM-DD"</literal> format. Also append <literal>"unstable"</literal> to the name - e.g., <literal>"pkgname-unstable-2014-09-23"</literal>.
233     </para>
234    </listitem>
235    <listitem>
236     <para>
237      Dashes in the package name <emphasis>should</emphasis> be preserved in new variable names, rather than converted to underscores or camel cased — e.g., <varname>http-parser</varname> instead of <varname>http_parser</varname> or <varname>httpParser</varname>. The hyphenated style is preferred in all three package names.
238     </para>
239    </listitem>
240    <listitem>
241     <para>
242      If there are multiple versions of a package, this <emphasis>should</emphasis> be reflected in the variable names in <filename>all-packages.nix</filename>, e.g. <varname>json-c-0-9</varname> and <varname>json-c-0-11</varname>. If there is an obvious “default” version, make an attribute like <literal>json-c = json-c-0-9;</literal>. See also <xref linkend="sec-versioning" />
243     </para>
244    </listitem>
245   </itemizedlist>
246  </para>
247 </section>
248 <section xml:id="sec-organisation">
249  <title>File naming and organisation</title>
250
251  <para>
252   Names of files and directories should be in lowercase, with dashes between words — not in camel case. For instance, it should be <filename>all-packages.nix</filename>, not <filename>allPackages.nix</filename> or <filename>AllPackages.nix</filename>.
253  </para>
254
255  <section xml:id="sec-hierarchy">
256   <title>Hierarchy</title>
257
258   <para>
259    Each package should be stored in its own directory somewhere in the <filename>pkgs/</filename> tree, i.e. in <filename>pkgs/<replaceable>category</replaceable>/<replaceable>subcategory</replaceable>/<replaceable>...</replaceable>/<replaceable>pkgname</replaceable></filename>. Below are some rules for picking the right category for a package. Many packages fall under several categories; what matters is the <emphasis>primary</emphasis> purpose of a package. For example, the <literal>libxml2</literal> package builds both a library and some tools; but it’s a library foremost, so it goes under <filename>pkgs/development/libraries</filename>.
260   </para>
261
262   <para>
263    When in doubt, consider refactoring the <filename>pkgs/</filename> tree, e.g. creating new categories or splitting up an existing category.
264   </para>
265
266   <variablelist>
267    <varlistentry>
268     <term>
269      If it’s used to support <emphasis>software development</emphasis>:
270     </term>
271     <listitem>
272      <variablelist>
273       <varlistentry>
274        <term>
275         If it’s a <emphasis>library</emphasis> used by other packages:
276        </term>
277        <listitem>
278         <para>
279          <filename>development/libraries</filename> (e.g. <filename>libxml2</filename>)
280         </para>
281        </listitem>
282       </varlistentry>
283       <varlistentry>
284        <term>
285         If it’s a <emphasis>compiler</emphasis>:
286        </term>
287        <listitem>
288         <para>
289          <filename>development/compilers</filename> (e.g. <filename>gcc</filename>)
290         </para>
291        </listitem>
292       </varlistentry>
293       <varlistentry>
294        <term>
295         If it’s an <emphasis>interpreter</emphasis>:
296        </term>
297        <listitem>
298         <para>
299          <filename>development/interpreters</filename> (e.g. <filename>guile</filename>)
300         </para>
301        </listitem>
302       </varlistentry>
303       <varlistentry>
304        <term>
305         If it’s a (set of) development <emphasis>tool(s)</emphasis>:
306        </term>
307        <listitem>
308         <variablelist>
309          <varlistentry>
310           <term>
311            If it’s a <emphasis>parser generator</emphasis> (including lexers):
312           </term>
313           <listitem>
314            <para>
315             <filename>development/tools/parsing</filename> (e.g. <filename>bison</filename>, <filename>flex</filename>)
316            </para>
317           </listitem>
318          </varlistentry>
319          <varlistentry>
320           <term>
321            If it’s a <emphasis>build manager</emphasis>:
322           </term>
323           <listitem>
324            <para>
325             <filename>development/tools/build-managers</filename> (e.g. <filename>gnumake</filename>)
326            </para>
327           </listitem>
328          </varlistentry>
329          <varlistentry>
330           <term>
331            Else:
332           </term>
333           <listitem>
334            <para>
335             <filename>development/tools/misc</filename> (e.g. <filename>binutils</filename>)
336            </para>
337           </listitem>
338          </varlistentry>
339         </variablelist>
340        </listitem>
341       </varlistentry>
342       <varlistentry>
343        <term>
344         Else:
345        </term>
346        <listitem>
347         <para>
348          <filename>development/misc</filename>
349         </para>
350        </listitem>
351       </varlistentry>
352      </variablelist>
353     </listitem>
354    </varlistentry>
355    <varlistentry>
356     <term>
357      If it’s a (set of) <emphasis>tool(s)</emphasis>:
358     </term>
359     <listitem>
360      <para>
361       (A tool is a relatively small program, especially one intended to be used non-interactively.)
362      </para>
363      <variablelist>
364       <varlistentry>
365        <term>
366         If it’s for <emphasis>networking</emphasis>:
367        </term>
368        <listitem>
369         <para>
370          <filename>tools/networking</filename> (e.g. <filename>wget</filename>)
371         </para>
372        </listitem>
373       </varlistentry>
374       <varlistentry>
375        <term>
376         If it’s for <emphasis>text processing</emphasis>:
377        </term>
378        <listitem>
379         <para>
380          <filename>tools/text</filename> (e.g. <filename>diffutils</filename>)
381         </para>
382        </listitem>
383       </varlistentry>
384       <varlistentry>
385        <term>
386         If it’s a <emphasis>system utility</emphasis>, i.e., something related or essential to the operation of a system:
387        </term>
388        <listitem>
389         <para>
390          <filename>tools/system</filename> (e.g. <filename>cron</filename>)
391         </para>
392        </listitem>
393       </varlistentry>
394       <varlistentry>
395        <term>
396         If it’s an <emphasis>archiver</emphasis> (which may include a compression function):
397        </term>
398        <listitem>
399         <para>
400          <filename>tools/archivers</filename> (e.g. <filename>zip</filename>, <filename>tar</filename>)
401         </para>
402        </listitem>
403       </varlistentry>
404       <varlistentry>
405        <term>
406         If it’s a <emphasis>compression</emphasis> program:
407        </term>
408        <listitem>
409         <para>
410          <filename>tools/compression</filename> (e.g. <filename>gzip</filename>, <filename>bzip2</filename>)
411         </para>
412        </listitem>
413       </varlistentry>
414       <varlistentry>
415        <term>
416         If it’s a <emphasis>security</emphasis>-related program:
417        </term>
418        <listitem>
419         <para>
420          <filename>tools/security</filename> (e.g. <filename>nmap</filename>, <filename>gnupg</filename>)
421         </para>
422        </listitem>
423       </varlistentry>
424       <varlistentry>
425        <term>
426         Else:
427        </term>
428        <listitem>
429         <para>
430          <filename>tools/misc</filename>
431         </para>
432        </listitem>
433       </varlistentry>
434      </variablelist>
435     </listitem>
436    </varlistentry>
437    <varlistentry>
438     <term>
439      If it’s a <emphasis>shell</emphasis>:
440     </term>
441     <listitem>
442      <para>
443       <filename>shells</filename> (e.g. <filename>bash</filename>)
444      </para>
445     </listitem>
446    </varlistentry>
447    <varlistentry>
448     <term>
449      If it’s a <emphasis>server</emphasis>:
450     </term>
451     <listitem>
452      <variablelist>
453       <varlistentry>
454        <term>
455         If it’s a web server:
456        </term>
457        <listitem>
458         <para>
459          <filename>servers/http</filename> (e.g. <filename>apache-httpd</filename>)
460         </para>
461        </listitem>
462       </varlistentry>
463       <varlistentry>
464        <term>
465         If it’s an implementation of the X Windowing System:
466        </term>
467        <listitem>
468         <para>
469          <filename>servers/x11</filename> (e.g. <filename>xorg</filename> — this includes the client libraries and programs)
470         </para>
471        </listitem>
472       </varlistentry>
473       <varlistentry>
474        <term>
475         Else:
476        </term>
477        <listitem>
478         <para>
479          <filename>servers/misc</filename>
480         </para>
481        </listitem>
482       </varlistentry>
483      </variablelist>
484     </listitem>
485    </varlistentry>
486    <varlistentry>
487     <term>
488      If it’s a <emphasis>desktop environment</emphasis>:
489     </term>
490     <listitem>
491      <para>
492       <filename>desktops</filename> (e.g. <filename>kde</filename>, <filename>gnome</filename>, <filename>enlightenment</filename>)
493      </para>
494     </listitem>
495    </varlistentry>
496    <varlistentry>
497     <term>
498      If it’s a <emphasis>window manager</emphasis>:
499     </term>
500     <listitem>
501      <para>
502       <filename>applications/window-managers</filename> (e.g. <filename>awesome</filename>, <filename>stumpwm</filename>)
503      </para>
504     </listitem>
505    </varlistentry>
506    <varlistentry>
507     <term>
508      If it’s an <emphasis>application</emphasis>:
509     </term>
510     <listitem>
511      <para>
512       A (typically large) program with a distinct user interface, primarily used interactively.
513      </para>
514      <variablelist>
515       <varlistentry>
516        <term>
517         If it’s a <emphasis>version management system</emphasis>:
518        </term>
519        <listitem>
520         <para>
521          <filename>applications/version-management</filename> (e.g. <filename>subversion</filename>)
522         </para>
523        </listitem>
524       </varlistentry>
525       <varlistentry>
526        <term>
527         If it’s for <emphasis>video playback / editing</emphasis>:
528        </term>
529        <listitem>
530         <para>
531          <filename>applications/video</filename> (e.g. <filename>vlc</filename>)
532         </para>
533        </listitem>
534       </varlistentry>
535       <varlistentry>
536        <term>
537         If it’s for <emphasis>graphics viewing / editing</emphasis>:
538        </term>
539        <listitem>
540         <para>
541          <filename>applications/graphics</filename> (e.g. <filename>gimp</filename>)
542         </para>
543        </listitem>
544       </varlistentry>
545       <varlistentry>
546        <term>
547         If it’s for <emphasis>networking</emphasis>:
548        </term>
549        <listitem>
550         <variablelist>
551          <varlistentry>
552           <term>
553            If it’s a <emphasis>mailreader</emphasis>:
554           </term>
555           <listitem>
556            <para>
557             <filename>applications/networking/mailreaders</filename> (e.g. <filename>thunderbird</filename>)
558            </para>
559           </listitem>
560          </varlistentry>
561          <varlistentry>
562           <term>
563            If it’s a <emphasis>newsreader</emphasis>:
564           </term>
565           <listitem>
566            <para>
567             <filename>applications/networking/newsreaders</filename> (e.g. <filename>pan</filename>)
568            </para>
569           </listitem>
570          </varlistentry>
571          <varlistentry>
572           <term>
573            If it’s a <emphasis>web browser</emphasis>:
574           </term>
575           <listitem>
576            <para>
577             <filename>applications/networking/browsers</filename> (e.g. <filename>firefox</filename>)
578            </para>
579           </listitem>
580          </varlistentry>
581          <varlistentry>
582           <term>
583            Else:
584           </term>
585           <listitem>
586            <para>
587             <filename>applications/networking/misc</filename>
588            </para>
589           </listitem>
590          </varlistentry>
591         </variablelist>
592        </listitem>
593       </varlistentry>
594       <varlistentry>
595        <term>
596         Else:
597        </term>
598        <listitem>
599         <para>
600          <filename>applications/misc</filename>
601         </para>
602        </listitem>
603       </varlistentry>
604      </variablelist>
605     </listitem>
606    </varlistentry>
607    <varlistentry>
608     <term>
609      If it’s <emphasis>data</emphasis> (i.e., does not have a straight-forward executable semantics):
610     </term>
611     <listitem>
612      <variablelist>
613       <varlistentry>
614        <term>
615         If it’s a <emphasis>font</emphasis>:
616        </term>
617        <listitem>
618         <para>
619          <filename>data/fonts</filename>
620         </para>
621        </listitem>
622       </varlistentry>
623       <varlistentry>
624        <term>
625         If it’s an <emphasis>icon theme</emphasis>:
626        </term>
627        <listitem>
628         <para>
629          <filename>data/icons</filename>
630         </para>
631        </listitem>
632       </varlistentry>
633       <varlistentry>
634        <term>
635         If it’s related to <emphasis>SGML/XML processing</emphasis>:
636        </term>
637        <listitem>
638         <variablelist>
639          <varlistentry>
640           <term>
641            If it’s an <emphasis>XML DTD</emphasis>:
642           </term>
643           <listitem>
644            <para>
645             <filename>data/sgml+xml/schemas/xml-dtd</filename> (e.g. <filename>docbook</filename>)
646            </para>
647           </listitem>
648          </varlistentry>
649          <varlistentry>
650           <term>
651            If it’s an <emphasis>XSLT stylesheet</emphasis>:
652           </term>
653           <listitem>
654            <para>
655             (Okay, these are executable...)
656            </para>
657            <para>
658             <filename>data/sgml+xml/stylesheets/xslt</filename> (e.g. <filename>docbook-xsl</filename>)
659            </para>
660           </listitem>
661          </varlistentry>
662         </variablelist>
663        </listitem>
664       </varlistentry>
665       <varlistentry>
666        <term>
667         If it’s a <emphasis>theme</emphasis> for a <emphasis>desktop environment</emphasis>,
668         a <emphasis>window manager</emphasis> or a <emphasis>display manager</emphasis>:
669        </term>
670        <listitem>
671         <para>
672          <filename>data/themes</filename>
673         </para>
674        </listitem>
675       </varlistentry>
676      </variablelist>
677     </listitem>
678    </varlistentry>
679    <varlistentry>
680     <term>
681      If it’s a <emphasis>game</emphasis>:
682     </term>
683     <listitem>
684      <para>
685       <filename>games</filename>
686      </para>
687     </listitem>
688    </varlistentry>
689    <varlistentry>
690     <term>
691      Else:
692     </term>
693     <listitem>
694      <para>
695       <filename>misc</filename>
696      </para>
697     </listitem>
698    </varlistentry>
699   </variablelist>
700  </section>
701
702  <section xml:id="sec-versioning">
703   <title>Versioning</title>
704
705   <para>
706    Because every version of a package in Nixpkgs creates a potential maintenance burden, old versions of a package should not be kept unless there is a good reason to do so. For instance, Nixpkgs contains several versions of GCC because other packages don’t build with the latest version of GCC. Other examples are having both the latest stable and latest pre-release version of a package, or to keep several major releases of an application that differ significantly in functionality.
707   </para>
708
709   <para>
710    If there is only one version of a package, its Nix expression should be named <filename>e2fsprogs/default.nix</filename>. If there are multiple versions, this should be reflected in the filename, e.g. <filename>e2fsprogs/1.41.8.nix</filename> and <filename>e2fsprogs/1.41.9.nix</filename>. The version in the filename should leave out unnecessary detail. For instance, if we keep the latest Firefox 2.0.x and 3.5.x versions in Nixpkgs, they should be named <filename>firefox/2.0.nix</filename> and <filename>firefox/3.5.nix</filename>, respectively (which, at a given point, might contain versions <literal>2.0.0.20</literal> and <literal>3.5.4</literal>). If a version requires many auxiliary files, you can use a subdirectory for each version, e.g. <filename>firefox/2.0/default.nix</filename> and <filename>firefox/3.5/default.nix</filename>.
711   </para>
712
713   <para>
714    All versions of a package <emphasis>must</emphasis> be included in <filename>all-packages.nix</filename> to make sure that they evaluate correctly.
715   </para>
716  </section>
717 </section>
718 <section xml:id="sec-sources">
719  <title>Fetching Sources</title>
720
721  <para>
722   There are multiple ways to fetch a package source in nixpkgs. The general guideline is that you should package reproducible sources with a high degree of availability. Right now there is only one fetcher which has mirroring support and that is <literal>fetchurl</literal>. Note that you should also prefer protocols which have a corresponding proxy environment variable.
723  </para>
724
725  <para>
726   You can find many source fetch helpers in <literal>pkgs/build-support/fetch*</literal>.
727  </para>
728
729  <para>
730   In the file <literal>pkgs/top-level/all-packages.nix</literal> you can find fetch helpers, these have names on the form <literal>fetchFrom*</literal>. The intention of these are to provide snapshot fetches but using the same api as some of the version controlled fetchers from <literal>pkgs/build-support/</literal>. As an example going from bad to good:
731   <itemizedlist>
732    <listitem>
733     <para>
734      Bad: Uses <literal>git://</literal> which won't be proxied.
735<programlisting>
736src = fetchgit {
737  url = "git://github.com/NixOS/nix.git";
738  rev = "1f795f9f44607cc5bec70d1300150bfefcef2aae";
739  sha256 = "1cw5fszffl5pkpa6s6wjnkiv6lm5k618s32sp60kvmvpy7a2v9kg";
740}
741</programlisting>
742     </para>
743    </listitem>
744    <listitem>
745     <para>
746      Better: This is ok, but an archive fetch will still be faster.
747<programlisting>
748src = fetchgit {
749  url = "https://github.com/NixOS/nix.git";
750  rev = "1f795f9f44607cc5bec70d1300150bfefcef2aae";
751  sha256 = "1cw5fszffl5pkpa6s6wjnkiv6lm5k618s32sp60kvmvpy7a2v9kg";
752}
753</programlisting>
754     </para>
755    </listitem>
756    <listitem>
757     <para>
758      Best: Fetches a snapshot archive and you get the rev you want.
759<programlisting>
760src = fetchFromGitHub {
761  owner = "NixOS";
762  repo = "nix";
763  rev = "1f795f9f44607cc5bec70d1300150bfefcef2aae";
764  sha256 = "1i2yxndxb6yc9l6c99pypbd92lfq5aac4klq7y2v93c9qvx2cgpc";
765}
766</programlisting>
767      Find the value to put as <literal>sha256</literal> by running <literal>nix run -f '&lt;nixpkgs&gt;' nix-prefetch-github -c nix-prefetch-github --rev 1f795f9f44607cc5bec70d1300150bfefcef2aae NixOS nix</literal> or <literal>nix-prefetch-url --unpack https://github.com/NixOS/nix/archive/1f795f9f44607cc5bec70d1300150bfefcef2aae.tar.gz</literal>.
768     </para>
769    </listitem>
770   </itemizedlist>
771  </para>
772 </section>
773 <section xml:id="sec-source-hashes">
774  <title>Obtaining source hash</title>
775
776  <para>
777   Preferred source hash type is sha256. There are several ways to get it.
778  </para>
779
780  <orderedlist>
781   <listitem>
782    <para>
783     Prefetch URL (with <literal>nix-prefetch-<replaceable>XXX</replaceable> <replaceable>URL</replaceable></literal>, where <replaceable>XXX</replaceable> is one of <literal>url</literal>, <literal>git</literal>, <literal>hg</literal>, <literal>cvs</literal>, <literal>bzr</literal>, <literal>svn</literal>). Hash is printed to stdout.
784    </para>
785   </listitem>
786   <listitem>
787    <para>
788     Prefetch by package source (with <literal>nix-prefetch-url '&lt;nixpkgs&gt;' -A <replaceable>PACKAGE</replaceable>.src</literal>, where <replaceable>PACKAGE</replaceable> is package attribute name). Hash is printed to stdout.
789    </para>
790    <para>
791     This works well when you've upgraded existing package version and want to find out new hash, but is useless if package can't be accessed by attribute or package has multiple sources (<literal>.srcs</literal>, architecture-dependent sources, etc).
792    </para>
793   </listitem>
794   <listitem>
795    <para>
796     Upstream provided hash: use it when upstream provides <literal>sha256</literal> or <literal>sha512</literal> (when upstream provides <literal>md5</literal>, don't use it, compute <literal>sha256</literal> instead).
797    </para>
798    <para>
799     A little nuance is that <literal>nix-prefetch-*</literal> tools produce hash encoded with <literal>base32</literal>, but upstream usually provides hexadecimal (<literal>base16</literal>) encoding. Fetchers understand both formats. Nixpkgs does not standardize on any one format.
800    </para>
801    <para>
802     You can convert between formats with nix-hash, for example:
803<screen>
804<prompt>$ </prompt>nix-hash --type sha256 --to-base32 <replaceable>HASH</replaceable>
805</screen>
806    </para>
807   </listitem>
808   <listitem>
809    <para>
810     Extracting hash from local source tarball can be done with <literal>sha256sum</literal>. Use <literal>nix-prefetch-url file:///path/to/tarball </literal> if you want base32 hash.
811    </para>
812   </listitem>
813   <listitem>
814    <para>
815     Fake hash: set fake hash in package expression, perform build and extract correct hash from error Nix prints.
816    </para>
817    <para>
818     For package updates it is enough to change one symbol to make hash fake. For new packages, you can use <literal>lib.fakeSha256</literal>, <literal>lib.fakeSha512</literal> or any other fake hash.
819    </para>
820    <para>
821     This is last resort method when reconstructing source URL is non-trivial and <literal>nix-prefetch-url -A</literal> isn't applicable (for example, <link xlink:href="https://github.com/NixOS/nixpkgs/blob/d2ab091dd308b99e4912b805a5eb088dd536adb9/pkgs/applications/video/kodi/default.nix#L73"> one of <literal>kodi</literal> dependencies</link>). The easiest way then would be replace hash with a fake one and rebuild. Nix build will fail and error message will contain desired hash.
822    </para>
823    <warning>
824     <para>
825      This method has security problems. Check below for details.
826     </para>
827    </warning>
828   </listitem>
829  </orderedlist>
830
831  <section xml:id="sec-source-hashes-security">
832   <title>Obtaining hashes securely</title>
833
834   <para>
835    Let's say Man-in-the-Middle (MITM) sits close to your network. Then instead of fetching source you can fetch malware, and instead of source hash you get hash of malware. Here are security considerations for this scenario:
836   </para>
837
838   <itemizedlist>
839    <listitem>
840     <para>
841      <literal>http://</literal> URLs are not secure to prefetch hash from;
842     </para>
843    </listitem>
844    <listitem>
845     <para>
846      hashes from upstream (in method 3) should be obtained via secure protocol;
847     </para>
848    </listitem>
849    <listitem>
850     <para>
851      <literal>https://</literal> URLs are secure in methods 1, 2, 3;
852     </para>
853    </listitem>
854    <listitem>
855     <para>
856      <literal>https://</literal> URLs are not secure in method 5. When obtaining hashes with fake hash method, TLS checks are disabled. So refetch source hash from several different networks to exclude MITM scenario. Alternatively, use fake hash method to make Nix error, but instead of extracting hash from error, extract <literal>https://</literal> URL and prefetch it with method 1.
857     </para>
858    </listitem>
859   </itemizedlist>
860  </section>
861 </section>
862 <section xml:id="sec-patches">
863  <title>Patches</title>
864
865  <para>
866   Patches available online should be retrieved using <literal>fetchpatch</literal>.
867  </para>
868
869  <para>
870<programlisting>
871patches = [
872  (fetchpatch {
873    name = "fix-check-for-using-shared-freetype-lib.patch";
874    url = "http://git.ghostscript.com/?p=ghostpdl.git;a=patch;h=8f5d285";
875    sha256 = "1f0k043rng7f0rfl9hhb89qzvvksqmkrikmm38p61yfx51l325xr";
876  })
877];
878</programlisting>
879  </para>
880
881  <para>
882   Otherwise, you can add a <literal>.patch</literal> file to the <literal>nixpkgs</literal> repository. In the interest of keeping our maintenance burden to a minimum, only patches that are unique to <literal>nixpkgs</literal> should be added in this way.
883  </para>
884
885  <para>
886<programlisting>
887patches = [ ./0001-changes.patch ];
888</programlisting>
889  </para>
890
891  <para>
892   If you do need to do create this sort of patch file, one way to do so is with git:
893   <orderedlist>
894    <listitem>
895     <para>
896      Move to the root directory of the source code you're patching.
897<screen>
898<prompt>$ </prompt>cd the/program/source</screen>
899     </para>
900    </listitem>
901    <listitem>
902     <para>
903      If a git repository is not already present, create one and stage all of the source files.
904<screen>
905<prompt>$ </prompt>git init
906<prompt>$ </prompt>git add .</screen>
907     </para>
908    </listitem>
909    <listitem>
910     <para>
911      Edit some files to make whatever changes need to be included in the patch.
912     </para>
913    </listitem>
914    <listitem>
915     <para>
916      Use git to create a diff, and pipe the output to a patch file:
917<screen>
918<prompt>$ </prompt>git diff > nixpkgs/pkgs/the/package/0001-changes.patch</screen>
919     </para>
920    </listitem>
921   </orderedlist>
922  </para>
923 </section>
924</chapter>