From c5f18c44b14eb9b0834cb4633339c321d1f73223 Mon Sep 17 00:00:00 2001
From: Colin L Rice <colin@daedrum.net>
Date: Thu, 7 May 2020 23:13:49 -0400
Subject: [PATCH] go-modules: Doc updates

---
 doc/languages-frameworks/go.xml            | 14 +++++++-------
 nixos/doc/manual/release-notes/rl-2009.xml |  7 +++++++
 2 files changed, 14 insertions(+), 7 deletions(-)

diff --git a/doc/languages-frameworks/go.xml b/doc/languages-frameworks/go.xml
index 70c135555ea..ff39276f640 100644
--- a/doc/languages-frameworks/go.xml
+++ b/doc/languages-frameworks/go.xml
@@ -36,7 +36,7 @@ pet = buildGoModule rec {
     sha256 = "0m2fzpqxk7hrbxsgqplkg7h2p7gv6s1miymv3gvw0cz039skag0s";
   };
 
-  modSha256 = "1879j77k96684wi554rkjxydrj8g3hpp0kvxz03sd8dmwr3lh83j"; <co xml:id='ex-buildGoModule-1' />
+  vendorSha256 = "1879j77k96684wi554rkjxydrj8g3hpp0kvxz03sd8dmwr3lh83j"; <co xml:id='ex-buildGoModule-1' />
 
   subPackages = [ "." ]; <co xml:id='ex-buildGoModule-2' />
 
@@ -56,7 +56,7 @@ pet = buildGoModule rec {
    <calloutlist>
     <callout arearefs='ex-buildGoModule-1'>
      <para>
-      <varname>modSha256</varname> is the hash of the output of the intermediate fetcher derivation.
+      <varname>vendorSha256</varname> is the hash of the output of the intermediate fetcher derivation.
      </para>
     </callout>
     <callout arearefs='ex-buildGoModule-2'>
@@ -68,12 +68,12 @@ pet = buildGoModule rec {
   </para>
 
   <para>
-    <varname>modSha256</varname> can also take <varname>null</varname> as an input.
+    <varname>vendorSha256</varname> can also take <varname>null</varname> as an input.
 
-    When `null` is used as a value, the derivation won't be a
-    fixed-output derivation but disable the build sandbox instead. This can be useful outside
-    of nixpkgs where re-generating the modSha256 on each mod.sum changes is cumbersome,
-    but will fail to build by Hydra, as builds with a disabled sandbox are discouraged.
+    When `null` is used as a value, rather than fetching the dependencies
+    and vendoring them, we use the vendoring included within the source repo.
+    If you'd like to not have to update this field on dependency changes, 
+    run `go mod vendor` in your source repo and set 'vendorSha256 = null;'
   </para>
  </section>
 
diff --git a/nixos/doc/manual/release-notes/rl-2009.xml b/nixos/doc/manual/release-notes/rl-2009.xml
index 5b1d04e4bc1..315a2eaeacb 100644
--- a/nixos/doc/manual/release-notes/rl-2009.xml
+++ b/nixos/doc/manual/release-notes/rl-2009.xml
@@ -98,6 +98,13 @@
   </para>
 
   <itemizedlist>
+   <listitem>
+    <para>
+     The go-modules builder now uses vendorSha256 instead of modSha256 to pin
+     fetched version data. This is currently a warning, but will be removed in the next release.
+</programlisting>
+    </para>
+   </listitem>
    <listitem>
     <para>
      Grafana is now built without support for phantomjs by default. Phantomjs support has been