Merge pull request #324526 from Aleksanaa/nugetHash

* `pname` and `version` are required, and will be used to find the NuGet package of the tool

* `nugetName` can be used to override the NuGet package name that will be downloaded, if it's different from `pname`

* `nugetSha256` is the hash of the fetched NuGet package. Set this to `lib.fakeHash256` for the first build, and it will error out, giving you the proper hash. Also remember to update it during version updates (it will not error out if you just change the version while having a fetched package in `/nix/store`)

* `nugetHash` is the hash of the fetched NuGet package. `nugetSha256` is also supported, but not recommended. Set this to `lib.fakeHash` for the first build, and it will error out, giving you the proper hash. Also remember to update it during version updates (it will not error out if you just change the version while having a fetched package in `/nix/store`)

* `dotnet-runtime` is set to `dotnet-sdk` by default. When changing this, remember that .NET tools fetched from NuGet require an SDK.

Here is an example of packaging `pbm`, an unfree binary without source available:

  pname = "pbm";

  version = "1.3.1";

  nugetSha256 = "sha256-ZG2HFyKYhVNVYd2kRlkbAjZJq88OADe3yjxmLuxXDUo=";

  nugetHash = "sha256-ZG2HFyKYhVNVYd2kRlkbAjZJq88OADe3yjxmLuxXDUo=";

  meta = {

    homepage = "https://cmd.petabridge.com/index.html";

Which `nuget-to-nix` will generate an output similar to below

```nix

{ fetchNuGet }: [

  (fetchNuGet { pname = "FosterFramework"; version = "0.1.15-alpha"; sha256 = "0pzsdfbsfx28xfqljcwy100xhbs6wyx0z1d5qxgmv3l60di9xkll"; })

  (fetchNuGet { pname = "Microsoft.AspNetCore.App.Runtime.linux-x64"; version = "8.0.1"; sha256 = "1gjz379y61ag9whi78qxx09bwkwcznkx2mzypgycibxk61g11da1"; })

  (fetchNuGet { pname = "Microsoft.NET.ILLink.Tasks"; version = "8.0.1"; sha256 = "1drbgqdcvbpisjn8mqfgba1pwb6yri80qc4mfvyczqwrcsj5k2ja"; })

  (fetchNuGet { pname = "Microsoft.NETCore.App.Runtime.linux-x64"; version = "8.0.1"; sha256 = "1g5b30f4l8a1zjjr3b8pk9mcqxkxqwa86362f84646xaj4iw3a4d"; })

  (fetchNuGet { pname = "SharpGLTF.Core"; version = "1.0.0-alpha0031"; sha256 = "0ln78mkhbcxqvwnf944hbgg24vbsva2jpih6q3x82d3h7rl1pkh6"; })

  (fetchNuGet { pname = "SharpGLTF.Runtime"; version = "1.0.0-alpha0031"; sha256 = "0lvb3asi3v0n718qf9y367km7qpkb9wci38y880nqvifpzllw0jg"; })

  (fetchNuGet { pname = "Sledge.Formats"; version = "1.2.2"; sha256 = "1y0l66m9rym0p1y4ifjlmg3j9lsmhkvbh38frh40rpvf1axn2dyh"; })

  (fetchNuGet { pname = "Sledge.Formats.Map"; version = "1.1.5"; sha256 = "1bww60hv9xcyxpvkzz5q3ybafdxxkw6knhv97phvpkw84pd0jil6"; })

  (fetchNuGet { pname = "System.Numerics.Vectors"; version = "4.5.0"; sha256 = "1kzrj37yzawf1b19jq0253rcs8hsq1l2q8g69d7ipnhzb0h97m59"; })

  (fetchNuGet { pname = "FosterFramework"; version = "0.1.15-alpha"; hash = "sha256-lM6eYgOGjl1fx6WFD7rnRi/YAQieM0mx60h0p5dr+l8="; })

  (fetchNuGet { pname = "Microsoft.AspNetCore.App.Runtime.linux-x64"; version = "8.0.1"; hash = "sha256-QbUQXjCzr8j8u/5X0af9jE++EugdoxMhT08F49MZX74="; })

  (fetchNuGet { pname = "Microsoft.NET.ILLink.Tasks"; version = "8.0.1"; hash = "sha256-SopZpGaZ48/8dpUwDFDM3ix+g1rP4Yqs1PGuzRp+K7c="; })

  (fetchNuGet { pname = "Microsoft.NETCore.App.Runtime.linux-x64"; version = "8.0.1"; hash = "sha256-jajBI5GqG2IIcsIMgxTHfXbMapoXrZGl/EEhShwYq7w="; })

  (fetchNuGet { pname = "SharpGLTF.Core"; version = "1.0.0-alpha0031"; hash = "sha256-Bs4baD5wNIH6wAbGK4Xaem0i3luQkOQs37izBWdFx1I="; })

  (fetchNuGet { pname = "SharpGLTF.Runtime"; version = "1.0.0-alpha0031"; hash = "sha256-TwJO6b8ubmwBQh6NyHha8+JT5zHDJ4dROBbsEbUaa1M="; })

  (fetchNuGet { pname = "Sledge.Formats"; version = "1.2.2"; hash = "sha256-0Ddhuwpu3wwIzA4NuPaEVdMkx6tUukh8uKD6nKoxFPg="; })

  (fetchNuGet { pname = "Sledge.Formats.Map"; version = "1.1.5"; hash = "sha256-hkYJ2iWIz7vhPWlDOw2fvTenlh+4/D/37Z71tCEwnK8="; })

  (fetchNuGet { pname = "System.Numerics.Vectors"; version = "4.5.0"; hash = "sha256-qdSTIFgf2htPS+YhLGjAGiLN8igCYJnCCo6r78+Q+c8="; })

]

```

  # Name of the nuget package to install, if different from pname

, nugetName ? pname

  # Hash of the nuget package to install, will be given on first build

  # nugetHash uses SRI hash and should be preferred

, nugetHash ? ""

, nugetSha256 ? ""

  # Additional nuget deps needed by the tool package

, nugetDeps ? (_: [])

  nugetDeps = mkNugetDeps {

    name = pname;

    nugetDeps = { fetchNuGet }: [

      (fetchNuGet { pname = nugetName; inherit version; sha256 = nugetSha256; })

      (fetchNuGet { pname = nugetName; inherit version; sha256 = nugetSha256; hash = nugetHash; })

    ] ++ (nugetDeps fetchNuGet);

  };

, version

, url ? "https://www.nuget.org/api/v2/package/${pname}/${version}"

, sha256 ? ""

, hash ? ""

, md5 ? ""

, ...

}:

if md5 != "" then

  throw "fetchnuget does not support md5 anymore, please use sha256"

  throw "fetchnuget does not support md5 anymore, please use 'hash' attribute with SRI hash"

# This is also detected in fetchurl, but we just throw here to avoid confusion

else if (sha256 != "" && hash != "") then

  throw "multiple hashes passed to fetchNuGet"

else

  buildDotnetPackage ({

    src = fetchurl {

      inherit url sha256;

      inherit url sha256 hash;

      name = "${pname}.${version}.zip";

    };

{ linkFarmFromDrvs, fetchurl }:

{ name, nugetDeps ? import sourceFile, sourceFile ? null }:

linkFarmFromDrvs "${name}-nuget-deps" (nugetDeps {

  fetchNuGet = { pname, version, sha256

  fetchNuGet = { pname, version, sha256 ? "", hash ? ""

    , url ? "https://www.nuget.org/api/v2/package/${pname}/${version}" }:

    fetchurl {

      name = "${pname}.${version}.nupkg";

      inherit url sha256;

      # There is no need to verify whether both sha256 and hash are

      # valid here, because nuget-to-nix does not generate a deps.nix

      # containing both.

      inherit url sha256 hash;

    };

}) // {

  inherit sourceFile;

    for source in "${remote_sources[@]}"; do

      url="${base_addresses[$source]}$package/$version/$package.$version.nupkg"

      if [[ "$source" == "$used_source" ]]; then

        sha256="$(nix-hash --type sha256 --flat --base32 "$version/$package.$version".nupkg)"

        hash="$(nix-hash --type sha256 --flat --sri "$version/$package.$version".nupkg)"

        found=true

        break

      else

        if sha256=$(nix-prefetch-url "$url" 2>"$tmp"/error); then

        if hash=$(nix-prefetch-url "$url" 2>"$tmp"/error); then

          # If multiple remote sources are enabled, nuget will try them all

          # concurrently and use the one that responds first. We always use the

          # first source that has the package.

    fi

    if [[ "$source" != https://api.nuget.org/v3/index.json ]]; then

      echo "  (fetchNuGet { pname = \"$id\"; version = \"$version\"; sha256 = \"$sha256\"; url = \"$url\"; })"

      echo "  (fetchNuGet { pname = \"$id\"; version = \"$version\"; hash = \"$hash\"; url = \"$url\"; })"

    else

      echo "  (fetchNuGet { pname = \"$id\"; version = \"$version\"; sha256 = \"$sha256\"; })"

      echo "  (fetchNuGet { pname = \"$id\"; version = \"$version\"; hash = \"$hash\"; })"

    fi

  done

  cd ..