From b61229ffe858b04ac02324c78f8a07355d92fb0f Mon Sep 17 00:00:00 2001
From: "Neubauer, Sebastian" <Sebastian.Neubauer@amd.com>
Date: Wed, 6 Oct 2021 14:39:58 +0200
Subject: [PATCH] arcanist: Update certs to fix letsencrypt

Due to the old root certificate used by letsencrypt expiring, arcanist
could not connect anymore to servers using letsencrypt (like
reviews.llvm.org).

Fix it by using the default nix certificates.

(cherry picked from commit 93eb7786c9365981854a98e508d5b1cae5ee2fcf)
---
 pkgs/development/tools/misc/arcanist/default.nix | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/pkgs/development/tools/misc/arcanist/default.nix b/pkgs/development/tools/misc/arcanist/default.nix
index a5a9d724a79..31cc32de8c8 100644
--- a/pkgs/development/tools/misc/arcanist/default.nix
+++ b/pkgs/development/tools/misc/arcanist/default.nix
@@ -1,4 +1,5 @@
 { bison
+, cacert
 , fetchFromGitHub
 , flex
 , php
@@ -46,6 +47,7 @@ stdenv.mkDerivation {
     make install -C support/xhpast
     make cleanall -C support/xhpast
     cp -R . $out/libexec/arcanist
+    ln -sf ${cacert}/etc/ssl/certs/ca-bundle.crt $out/libexec/arcanist/resources/ssl/default.pem
 
     ${makeArcWrapper "arc"}
     ${makeArcWrapper "phage"}