jcrben has quit [Quit: Ping timeout (120 seconds)]
jcrben has joined #nix-darwin
hamishmack has joined #nix-darwin
philr has quit [Quit: WeeChat 2.3]
acowley has joined #nix-darwin
<acowley> I'm seeing an error updating where a build of libsecurity_utilities-osx fails. Is that a familiar thing for anybody?
<acowley> Do I need to update to Mojave?
<acowley> Interesting, so this broke for people on Mojave, a change was made, but now I can't build on High Sierra.
<acowley> I don't think I have the sandbox enabled
<acowley> Well, I got it building by changing the patch to fix things on Mojave
<acowley> That's a bit distressing, but at least it's going now
<acowley> Ah, nope it's not so bad afterall. What I changed wasn't touched by the patch.
hamishmack has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
nD5Xjz has quit [Ping timeout: 252 seconds]
hamishmack has joined #nix-darwin
nD5Xjz has joined #nix-darwin
nD5Xjz has quit [Ping timeout: 240 seconds]
<johnw> i'm still on HS; hope we get a fix soon that makes it work on both
periklis has joined #nix-darwin
<periklis> hi everyone, do we have any documented list of mojave impurities for stdenv-darwin?
<periklis> e.g. /System/Library/Frameworks/Security.framework
<periklis> sidenote: impurities when building with sandbox=true
<LnL> the Security framework isn't part of the stdenv
<periklis> LnL: i am hitting on following impurities when i try to build alacritty: https://gist.github.com/periklis/0213c26079616097ba102f415b6279d5
<LnL> yeah, Security.framework (and deps) is because of rust/cargo
<periklis> sure and thanks for the hint non-stdenv-impurities. However, this means rust/cargo is impure right?
<LnL> anything that depends on frameworks is
<LnL> and the problem is that the impure paths are not propagated so the sandbox doesn't get opened up
<periklis> ic 299 matches in all-packages
<LnL> so a build that pulls in a framework directly will work with sandboxing
<periklis> what do mean with directy? (importing darwin.apple_sdk.frameworks.Security)?
<LnL> but using a binary that depends on a framework at runtime won't because the dependency gets lost
<LnL> hydra builds also don't work, that was one of the main reasons we didn't make more progress pushing it forward last year
<LnL> as for propagating frameworks, I'm not sure if our current approach works or if we'd need some changes in nix itseld
<LnL> if we're lucky fixing/rewriting the install_name might be enough
<LnL> I should try that out
<periklis> i am counting also PrivateFrameworks in my list
periklis has quit [Ping timeout: 260 seconds]
cmacrae has joined #nix-darwin
cmacrae has quit [Ping timeout: 252 seconds]
{^_^} has quit [Ping timeout: 250 seconds]
{^_^} has joined #nix-darwin
{^_^} has quit [Ping timeout: 250 seconds]
{^_^} has joined #nix-darwin