From bacb0969f215faf1ef51ee68bad35b273bc0b418 Mon Sep 17 00:00:00 2001
From: Jan Tojnar <jtojnar@gmail.com>
Date: Tue, 18 Feb 2020 01:04:50 +0100
Subject: [PATCH 1/3] maintainers/scripts/update.nix: allow updating overlays

---
 maintainers/scripts/update.nix | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/maintainers/scripts/update.nix b/maintainers/scripts/update.nix
index bbc3004b1c4..7c45e148e82 100755
--- a/maintainers/scripts/update.nix
+++ b/maintainers/scripts/update.nix
@@ -2,6 +2,7 @@
 , maintainer ? null
 , path ? null
 , max-workers ? null
+, include-overlays ? false
 , keep-going ? null
 }:
 
@@ -20,9 +21,7 @@ let
       in
         [x] ++ nubOn f xs;
 
-  pkgs = import ./../../default.nix {
-    overlays = [];
-  };
+  pkgs = import ./../../default.nix (if include-overlays then { } else { overlays = []; });
 
   packagesWith = cond: return: set:
     nubOn (pkg: pkg.updateScript)

From 2e9eb449eb2ae8b8f699d05817f1a9697953c78e Mon Sep 17 00:00:00 2001
From: Jan Tojnar <jtojnar@gmail.com>
Date: Wed, 19 Feb 2020 21:05:22 +0100
Subject: [PATCH 2/3] common-updater-scripts: Handle errors in src hashing

Previously, when downloading src failed for other reason than hash mismatch,
the error ended up in newHash. This made evaluation fail since the error message
is not valid hash. Now the failure will make newHash empty.

It is also much cleaner than previously since \K is very cool thing
and we no longer grep for legacy messages.
---
 pkgs/common-updater/scripts/update-source-version | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/pkgs/common-updater/scripts/update-source-version b/pkgs/common-updater/scripts/update-source-version
index 7fb5e413a26..a756d5047e8 100755
--- a/pkgs/common-updater/scripts/update-source-version
+++ b/pkgs/common-updater/scripts/update-source-version
@@ -168,12 +168,12 @@ fi
 if [[ -z "$newHash" ]]; then
     nix-build $systemArg --no-out-link -A "$attr.src" 2>"$attr.fetchlog" >/dev/null || true
     # FIXME: use nix-build --hash here once https://github.com/NixOS/nix/issues/1172 is fixed
-    newHash=$(grep --extended-regexp --invert-match "killing process|dependencies couldn't be built|wanted: " "$attr.fetchlog" | tail -n2 | sed "s~output path .* has .* hash ‘\(.*\)’ when .* was expected\|fixed-output derivation produced path '.*' with .* hash '\(.*\)' instead of the expected hash '.*'\|  got:    .*:\(.*\)~\1\2\3~" | head -n1)
-fi
+    newHash=$(sed '1,/hash mismatch in fixed-output derivation/d' "$attr.fetchlog" | grep --perl-regexp --only-matching 'got: +.+[:-]\K.+')
 
-if [[ -n "$sri" ]]; then
-    # nix-build preserves the hashing scheme so we can just convert the result to SRI using the old type
-    newHash="$(nix to-sri --type "$oldHashAlgo" "$newHash")"
+    if [[ -n "$sri" ]]; then
+        # nix-build preserves the hashing scheme so we can just convert the result to SRI using the old type
+        newHash="$(nix to-sri --type "$oldHashAlgo" "$newHash")"
+    fi
 fi
 
 if [[ -z "$newHash" ]]; then

From 09a4a051e88eb0ea62b02fe0970f9c63bb576e57 Mon Sep 17 00:00:00 2001
From: Jan Tojnar <jtojnar@gmail.com>
Date: Thu, 20 Feb 2020 07:18:36 +0100
Subject: [PATCH 3/3] common-updater-scripts: Fix replacing SRI hashes

SRI hashes (base64 encoded) can contain + sign which is a special character
in extended regular expressions so it needs to be escaped.
---
 pkgs/common-updater/scripts/update-source-version | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/pkgs/common-updater/scripts/update-source-version b/pkgs/common-updater/scripts/update-source-version
index a756d5047e8..6a66f94597f 100755
--- a/pkgs/common-updater/scripts/update-source-version
+++ b/pkgs/common-updater/scripts/update-source-version
@@ -144,6 +144,10 @@ if [[ -n "$sri" ]]; then
     tempHash="$(nix to-sri --type "$oldHashAlgo" "$tempHash")"
 fi
 
+# Escape regex metacharacter that are allowed in hashes (+)
+oldHashEscaped=$(echo "$oldHash" | sed -re 's|[+]|\\&|g')
+tempHashEscaped=$(echo "$tempHash" | sed -re 's|[+]|\\&|g')
+
 # Replace new version
 sed -i.bak "$nixFile" -re "$pattern"
 if cmp -s "$nixFile" "$nixFile.bak"; then
@@ -159,7 +163,7 @@ if [[ -n "$newUrl" ]]; then
     fi
 fi
 
-sed -i "$nixFile" -re "s|\"$oldHash\"|\"$tempHash\"|"
+sed -i "$nixFile" -re "s|\"$oldHashEscaped\"|\"$tempHash\"|"
 if cmp -s "$nixFile" "$nixFile.bak"; then
     die "Failed to replace source hash of '$attr' to a temporary hash!"
 fi
@@ -186,7 +190,7 @@ if [[ -z "${ignoreSameHash}" && "$oldVersion" != "$newVersion" && "$oldHash" = "
     die "Both the old and new source hashes of '$attr.src' were equivalent. Please fix the package's source URL to be dependent on '\${version}'!"
 fi
 
-sed -i "$nixFile" -re "s|\"$tempHash\"|\"$newHash\"|"
+sed -i "$nixFile" -re "s|\"$tempHashEscaped\"|\"$newHash\"|"
 if cmp -s "$nixFile" "$nixFile.bak"; then
     die "Failed to replace temporary source hash of '$attr' to the final source hash!"
 fi