hatchet: fix sandboxed build on Darwin

2026-06-05 21:03:40 +00:00 · 2026-01-14 20:37:14 +01:00
parent c88b7058bb
commit 4dfd4d3128
1 changed files with 9 additions and 1 deletions
--- a/pkgs/by-name/ha/hatchet/package.nix
+++ b/pkgs/by-name/ha/hatchet/package.nix
@@ -17,8 +17,16 @@ buildGoModule (finalAttrs: {
    hash = "sha256-TdZ8yKDpphPQnjMHKVICV0vj8FSWlHsAAa6X1p1gqH0=";
  };

-  vendorHash = "sha256-NUGNvyXw07erw6MqJm/VbwCvW59WCeKdMJ1Dq0z5viI=";
+  # Otherwise checks fail with `panic: open /etc/protocols: operation not permitted` when sandboxing is enabled on Darwin
+  # https://github.com/NixOS/nixpkgs/pull/381645#issuecomment-2656211797
+  modPostBuild = ''
+    substituteInPlace vendor/modernc.org/libc/honnef.co/go/netdb/netdb.go \
+      --replace-fail '!os.IsNotExist(err)' '!os.IsNotExist(err) && !os.IsPermission(err)'
+  '';

+  vendorHash = "sha256-2IF6XiZvNZt97NvJc4PdgIG3sc2mw6ezkuMvQb2M3LI=";
+
+  env.CGO_ENABLED = 0;
  ldflags = [
    "-s"
    "-w"