Use SRI hash (strings) as the official JSON format for Hash after all

The fact that we were introducing a conversion from the output of `nix path-info` into the input of `builtins.fetchTree` was the deciding factor. We want scripting outputs into inputs like that to be easy. Since JSON strings and objects are trivially distinguishable, we still have the option of introducing the JSON format as an alternative input scheme in the future, should we want to. (The output format would still be SRI in that case, presumably.)
2025-12-12 03:51:04 +01:00 · 2025-12-08 15:34:15 -05:00 · 2025-12-08 15:34:15 -05:00 · 61de9222b0
commit 61de9222b0
parent 401e08f839
44 changed files with 78 additions and 348 deletions
--- a/doc/manual/source/protocols/json/hash.md
+++ b/doc/manual/source/protocols/json/hash.md
@ -5,13 +5,13 @@
 ### SHA-256

 ```json
-{{#include schema/hash-v1/sha256-base16.json}}
+{{#include schema/hash-v1/sha256.json}}
 ```

 ### BLAKE3

 ```json
-{{#include schema/hash-v1/blake3-base16.json}}
+{{#include schema/hash-v1/blake3.json}}
 ```

 <!-- need to convert YAML to JSON first
--- a/doc/manual/source/protocols/json/schema/hash-v1.yaml
+++ b/doc/manual/source/protocols/json/schema/hash-v1.yaml
@ -4,36 +4,13 @@ title: Hash
 description: |
  A cryptographic hash value used throughout Nix for content addressing and integrity verification.

-  This schema describes the JSON representation of Nix's `Hash` type.
-type: object
-properties:
-  algorithm:
-    "$ref": "#/$defs/algorithm"
-  format:
-    type: string
-    enum:
-    - base16
-    title: Hash format
-    description: |
-      The encoding format of the hash value.
+  This schema describes the JSON representation of Nix's `Hash` type as an [SRI](https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity) string.
+type: string
+pattern: "^(blake3|md5|sha1|sha256|sha512)-[A-Za-z0-9+/]+=*$"
+examples:
+- "sha256-ungWv48Bz+pBQUDeXa4iI7ADYaOWF3qctBD/YfIAFa0="
+- "sha512-IEqPxt2oLwoM7XvrjgikFlfBbvRosiioJ5vjMacDwzWW/RXBOxsH+aodO+pXeJygMa2Fx6cd1wNU7GMSOMo0RQ=="

-      `base16` (lowercase hexadecimal) is the only format that is currently supported for JSON serialization.
-      This field exists primarily to reduce ambiguity about what the hash means.
-      It would also help us support other formats in the future, but there are no concrete plans to do so at this.
-  hash:
-    type: string
-    title: Hash
-    description: |
-      The encoded hash value, itself.
-
-      It is specified in the format specified by the `format` field.
-      It must be the right length for the hash algorithm specified in the `algorithm` field, also.
-      The hash value does not include any algorithm prefix.
-required:
- algorithm
- format
- hash
-additionalProperties: false
 "$defs":
  algorithm:
    type: string