title: evil-nix: download files without requiring a hash summary: A Nix library that allows downloading files without requiring a hash, even in pure-eval mode tags: nixos draft: false

I recently released a Nix library called evil-nix. It allows downloading files without requiring a hash on the file. It even works in Nix's pure-eval mode.

evil-nix exploits Nix support for unsafe hash functions (like SHA1) in fixed-output derivations. It uses SHA1 hash collisions to sneak data from the internet out of fixed-output derivations.

Due to the implementation, evil-nix is extremely inefficient with downloading files. I don't recommend the library to actually be used in practice, but it is a neat trick.

Take a look at the README.md for more information.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

2023-06-28-evil-nix.md

2023-06-28-evil-nix.md

title: evil-nix: download files without requiring a hash summary: A Nix library that allows downloading files without requiring a hash, even in pure-eval mode tags: nixos draft: false

Files

2023-06-28-evil-nix.md

Latest commit

History

2023-06-28-evil-nix.md

File metadata and controls

title: evil-nix: download files without requiring a hash summary: A Nix library that allows downloading files without requiring a hash, even in pure-eval mode tags: nixos draft: false