Unverified Commit 80013356 authored by rnhmjoj's avatar rnhmjoj
Browse files

firefox wrapper: fix merging of policies files 

If multiple extraPolicies or extraPoliciesFiles are given, the JSON
objects are merged using `jq` with the `a + b` operator, which simply
combines all the unique keys of `a`, `b` with the duplicated keys from
`b`, without recursion.
This strategy is completely wrong in this case: as policy files consists
of a single key, "policies", all that happens is that `b` takes over, in
other words:

    $(jq -s '.[0] + .[1]' a b) == $(cat b)

So there is no merging at all, the final policies.json file is simply
the last file in the list.

The `a * b` operation should be used instead, which performs the merge
by recursing in each key.
parent f9967a1d

pkgs/applications/networking/browsers/firefox/wrapper.nix

+1 −1
Original line number Diff line number Diff line
@@ -362,7 +362,7 @@ let 


        extraPoliciesFiles=(${builtins.toString extraPoliciesFiles})

        for extraPoliciesFile in "''${extraPoliciesFiles[@]}"; do

          jq -s '.[0] + .[1]' "$POL_PATH" $extraPoliciesFile > .tmp.json

          jq -s '.[0] * .[1]' "$POL_PATH" $extraPoliciesFile > .tmp.json

          mv .tmp.json "$POL_PATH"

        done