rustPlatform.importCargoLock: add an assert for old Cargo.locks

near the end of 2019, the default Cargo.lock format was changed to
[[package]]
checksum = ...

This is what importCargoLock assumes. If the crate had not been `cargo
update`'d with a more recent toolchain than the one with the new
format as default, importCargoLock would fail when trying to access
pkg.checksum.

I ran into such a case (shamefully, in my own crate) and it took me a
while to figure out what was going on, so here is an assert with a
more user friendly message and a hint.

1 files changed, 13 insertions, 5 deletions

diff --git a/pkgs/build-support/rust/import-cargo-lock.nix b/pkgs/build-support/rust/import-cargo-lock.nix
index 244572f79e8..83f4e0df4f2 100644
--- a/pkgs/build-support/rust/import-cargo-lock.nix
+++ b/pkgs/build-support/rust/import-cargo-lock.nix
@@ -63,11 +63,19 @@ let
 
   # We can't use the existing fetchCrate function, since it uses a
   # recursive hash of the unpacked crate.
-  fetchCrate = pkg: fetchurl {
-    name = "crate-${pkg.name}-${pkg.version}.tar.gz";
-    url = "https://crates.io/api/v1/crates/${pkg.name}/${pkg.version}/download";
-    sha256 = pkg.checksum;
-  };
+  fetchCrate = pkg:
+    assert lib.assertMsg (pkg ? checksum) ''
+      Package ${pkg.name} does not have a checksum.
+      Please note that the Cargo.lock format where checksums used to be listed
+      under [metadata] is not supported.
+      If that is the case, running `cargo update` with a recent toolchain will
+      automatically update the format along with the crate's depenendencies.
+    '';
+    fetchurl {
+      name = "crate-${pkg.name}-${pkg.version}.tar.gz";
+      url = "https://crates.io/api/v1/crates/${pkg.name}/${pkg.version}/download";
+      sha256 = pkg.checksum;
+    };
 
   # Fetch and unpack a crate.
   mkCrate = pkg: