jcrben has quit [Quit: Ping timeout (120 seconds)]
jcrben has joined #nix-darwin
hamishmack has joined #nix-darwin
philr has quit [Quit: WeeChat 2.3]
acowley has joined #nix-darwin
<
acowley>
I'm seeing an error updating where a build of libsecurity_utilities-osx fails. Is that a familiar thing for anybody?
<
acowley>
Do I need to update to Mojave?
<
acowley>
Interesting, so this broke for people on Mojave, a change was made, but now I can't build on High Sierra.
<
acowley>
I don't think I have the sandbox enabled
<
acowley>
Well, I got it building by changing the patch to fix things on Mojave
<
acowley>
That's a bit distressing, but at least it's going now
<
acowley>
Ah, nope it's not so bad afterall. What I changed wasn't touched by the patch.
hamishmack has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
nD5Xjz has quit [Ping timeout: 252 seconds]
hamishmack has joined #nix-darwin
nD5Xjz has joined #nix-darwin
nD5Xjz has quit [Ping timeout: 240 seconds]
<
johnw>
i'm still on HS; hope we get a fix soon that makes it work on both
periklis has joined #nix-darwin
<
periklis>
hi everyone, do we have any documented list of mojave impurities for stdenv-darwin?
<
periklis>
e.g. /System/Library/Frameworks/Security.framework
<
periklis>
sidenote: impurities when building with sandbox=true
<
LnL>
the Security framework isn't part of the stdenv
<
LnL>
yeah, Security.framework (and deps) is because of rust/cargo
<
periklis>
sure and thanks for the hint non-stdenv-impurities. However, this means rust/cargo is impure right?
<
LnL>
anything that depends on frameworks is
<
LnL>
and the problem is that the impure paths are not propagated so the sandbox doesn't get opened up
<
periklis>
ic 299 matches in all-packages
<
LnL>
so a build that pulls in a framework directly will work with sandboxing
<
periklis>
what do mean with directy? (importing darwin.apple_sdk.frameworks.Security)?
<
LnL>
but using a binary that depends on a framework at runtime won't because the dependency gets lost
<
LnL>
hydra builds also don't work, that was one of the main reasons we didn't make more progress pushing it forward last year
<
LnL>
as for propagating frameworks, I'm not sure if our current approach works or if we'd need some changes in nix itseld
<
LnL>
if we're lucky fixing/rewriting the install_name might be enough
<
LnL>
I should try that out
<
periklis>
i am counting also PrivateFrameworks in my list
periklis has quit [Ping timeout: 260 seconds]
cmacrae has joined #nix-darwin
cmacrae has quit [Ping timeout: 252 seconds]
{^_^} has quit [Ping timeout: 250 seconds]
{^_^} has joined #nix-darwin
{^_^} has quit [Ping timeout: 250 seconds]
{^_^} has joined #nix-darwin