Add article on evil-nix

cdepillabout · Jun 28, 2023 · 7402051 · 7402051
1 parent 267f8e5
commit 7402051
Showing 1 changed file with 23 additions and 0 deletions.
diff --git a/2023-06-28-evil-nix.md b/2023-06-28-evil-nix.md
@@ -0,0 +1,23 @@
+------------------------------------------------------
+title: evil-nix: download files without requiring a hash
+summary: A Nix library that allows downloading files without requiring a hash, even in pure-eval mode
+tags: nixos
+draft: false
+------------------------------------------------------
+
+I recently released a Nix library called
+[`evil-nix`](https://github.com/cdepillabout/evil-nix).  It allows downloading
+files without requiring a hash on the file.  It even works in Nix's
+[`pure-eval`](https://nixos.org/manual/nix/stable/command-ref/conf-file.html#conf-pure-eval)
+mode.
+
+`evil-nix` exploits Nix support for unsafe hash functions (like SHA1) in
+fixed-output derivations. It uses SHA1 hash collisions to sneak data from the
+internet out of fixed-output derivations.
+
+Due to the implementation, `evil-nix` is extremely inefficient with downloading
+files. I don't recommend the library to actually be used in practice, but it is
+a neat trick.
+
+Take a look at the [README.md](https://github.com/cdepillabout/evil-nix#readme)
+for more information.