From b110e2aea6858a6a3b12198f432b90dd5a3b7d1a Mon Sep 17 00:00:00 2001
From: Erik Arvstedt <erik.arvstedt@gmail.com>
Date: Sat, 2 Dec 2023 23:26:52 +0100
Subject: [PATCH] fetch-node-modules: provide CA certs

Without this, the `npm ci` command in `fetchNodeModules` hangs.

It seems that npm didn't check certs previously, because these are
not availble in Nix build environments by default.
---
 pkgs/build-support/fetch-node-modules.nix | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/pkgs/build-support/fetch-node-modules.nix b/pkgs/build-support/fetch-node-modules.nix
index 78899da..2376b6f 100644
--- a/pkgs/build-support/fetch-node-modules.nix
+++ b/pkgs/build-support/fetch-node-modules.nix
@@ -1,7 +1,7 @@
 # This is a modified version of
 # https://github.com/NixOS/nixpkgs/pull/128749
 
-{ lib, stdenvNoCC, makeWrapper, nodejs }:
+{ lib, stdenvNoCC, makeWrapper, nodejs, cacert }:
 
 { src
 , hash ? ""
@@ -25,6 +25,9 @@ stdenvNoCC.mkDerivation ({
 
   phases = "unpackPhase patchPhase buildPhase installPhase";
 
+  # npm doesn't support var `SSL_CERT_FILE`.
+  NODE_EXTRA_CA_CERTS = "${cacert}/etc/ssl/certs/ca-bundle.crt";
+
   buildPhase = ''
     runHook preBuild