<copumpkin> just a tad jetlagged here
mbrgm has quit [(Ping timeout: 240 seconds)]
mbrgm has joined joined #nixos-dev
garbas has quit [(Quit: WeeChat 1.9.1)]
JosW has joined joined #nixos-dev
goibhniu has joined joined #nixos-dev
goibhniu has quit [(Ping timeout: 255 seconds)]
goibhniu has joined joined #nixos-dev
FRidh has joined joined #nixos-dev
<MichaelRaskin> disasm: I have a feeling, that there are also many people who would receive commit access if they asked on one-by-one basis, and who we need to help Do Something about the amount of PRs…
<FRidh> disasm: MichaelRaskin: or give them merge rights through a bot: https://github.com/kragniz/nixbot
<MichaelRaskin> FRidh: I am not sure _that_ would help
<MichaelRaskin> I mean, merge rights require vetting anyway.
<MichaelRaskin> So we need to have some policy that makes people aware they should ask.
<MichaelRaskin> Or we should rnu the vanity script periodically and actually invite people.
<FRidh> MichaelRaskin: vetting, why? Have an additional meta attribute, allowBotMerge, which is by default false.
<FRidh> or actually, yes it would still need to be done
<MichaelRaskin> On the rare bursts of attempting to merge PRs (then I burn out for a few months, obviously) basically the only thing I do review carefully is that there is nothing completely unreasonable in the package. If the change looks OK, I may trust the submitter to do the tests they reported, but basic sanity must be checked by hand (questions about design choices in expressions also should deter people who would try to manually patch vulnerabilities int
<MichaelRaskin> I do not believe we have any idea how to automate sanity checks on code.
<MichaelRaskin> Or do you hope to define some Sane Change templates (update version attribute and sha256 without touching anything else) and auto-allow merging those to basically anyone?
<FRidh> It may indeed be good to use such templates to restrict merges by the bot, or any self-merge really.
<MichaelRaskin> I don't believe even Debian has resources to force mandatory-review of all maintainer changes.
<MichaelRaskin> As for safe change templates: adding a patch fetched from Debian via https should also be OK
<MichaelRaskin> Because in practice you can also talk a committer into merging that…
_rvl has joined joined #nixos-dev
jtojnar has quit [(Ping timeout: 260 seconds)]
_rvl has quit [(Ping timeout: 240 seconds)]
<Profpatsch> @nixcon: Can somebody introduce me to https://github.com/Ericson2314 please?
<Profpatsch> :)
<Profpatsch> Can’t find him atm
_rvl has joined joined #nixos-dev
<gchristensen> Profpatsch: I can, come find me at lunch?
znc-user has joined joined #nixos-dev
_rvl has quit [(Ping timeout: 240 seconds)]
FRidh has quit [(Quit: Konversation terminated!)]
<Profpatsch> gchristensen: Sure
FRidh has joined joined #nixos-dev
FRidh has quit [(Remote host closed the connection)]
FRidh has joined joined #nixos-dev
mog has quit [(Ping timeout: 246 seconds)]
zarel has joined joined #nixos-dev
ckauhaus has joined joined #nixos-dev
<ckauhaus> grahamc: poke poke ;-)
taktoa has quit [(Remote host closed the connection)]
mog has joined joined #nixos-dev
zarel has quit [(Ping timeout: 252 seconds)]
<copumpkin> globin: got a log of the xar failure?
<copumpkin> dammit it fails in configure :P
<globin> copumpkin: yep %)
<copumpkin> is there a git branch I can clone for that?
<copumpkin> I'll see if I can fix
<globin> copumpkin: https://github.com/NixOS/nixpkgs/pull/22357 (openssl-1.1 branch on github.com/nixos/nixpkgs)
<copumpkin> building, thanks
<copumpkin> dammit, another LLVM+clang build :)
<copumpkin> Sonarpulse: thought: disallowedReferences automatically populated with (nativeBuildInputs - buildInputs)?
jtojnar has joined joined #nixos-dev
jtojnar has quit [(Remote host closed the connection)]
jtojnar has joined joined #nixos-dev
<LnL> copumpkin: huh, did openssl sneak back into the stdenv?
<copumpkin> I don't think so
<copumpkin> I think the big issue is that apple-sdk depends on xar
<copumpkin> which depends on openssl
<copumpkin> so anything using any frameworks will break with the openssl bump
jtojnar has left #nixos-dev []
<LnL> ah
jtojnar has joined joined #nixos-dev
<copumpkin> although I might be wrong about that, since it's rebuilding llvm too
<copumpkin> but that might just be the base commit not getting built by hydra for some reason
ckauhaus has quit [(Ping timeout: 248 seconds)]
<Dezgeg> I think in general, disallowedReferences would need per-output support first, as .dev of packages with headers for plugins can capure full gcc command lines etc.
<copumpkin> do we really want it to continue doing that though? I usually just patch it out where I notice it
<copumpkin> capturing that stuff seems to cover a lot of the use cases that Nix does better anyway
<copumpkin> globin: fixed xar! what should I do with it?
<globin> copumpkin: nice, just push it to that branch :)
<kragniz> ~.
<copumpkin> globin: lol, I was hoping my fix would apply cleanly to master
<copumpkin> but of course the old way and the new way don't work on the other one
<grahamc> Okay who is goin to make a flame graph generator for nix
<copumpkin> MOAR FLAEM GRAFF
<MichaelRaskin> What is a flame graph?
<copumpkin> a visualization of call stacks and time elapsed: http://www.brendangregg.com/FlameGraphs/cpu-mysql-updated.svg
<MichaelRaskin> Well, a picture identifies the object well enough
<copumpkin> :)
<copumpkin> globin: it ended up being really stupid. Their autoconf was checking for an openssl function that they didn't even use
<MichaelRaskin> I am not sure how that should look for Nix with non-linear dependencies
<MichaelRaskin> Maybe graphviz with different sized nodes.
<MichaelRaskin> (But then the minimal node size becomes a problem)
<globin> copumpkin: wow %)
<copumpkin> I'm especially proud of checking the box
<copumpkin> I love checking boxes
ckauhaus has joined joined #nixos-dev
ckauhaus has quit [(Quit: Leaving.)]
goibhniu has quit [(Ping timeout: 260 seconds)]
zraexy has quit [(Ping timeout: 255 seconds)]
zarel has joined joined #nixos-dev
<globin> <3
<globin> Btw if anyone wants to move on to hacking to our office just ping me somehow and I'll go and open up
<MoreTea> copumpkin: do we already have flamegraphs in nix then?
<gchristensen> I moved grahamcofborg to https://github.com/grahamc/ofborg
<MoreTea> nice.
JosW has quit [(Quit: Konversation terminated!)]
FRidh has quit [(Quit: Konversation terminated!)]
jtojnar_ has joined joined #nixos-dev
jtojnar has quit [(Ping timeout: 248 seconds)]
ckauhaus has joined joined #nixos-dev
gchristensen is now known as GrahamCOfBorg
GrahamCOfBorg is now known as gchristensen
ckauhaus1 has joined joined #nixos-dev
ckauhaus has quit [(Ping timeout: 264 seconds)]
jtojnar has joined joined #nixos-dev
jtojnar_ has quit [(Ping timeout: 240 seconds)]
znc-user has quit [(Quit: ZNC 1.6.5 - http://znc.in)]
ckauhaus1 has quit [(Remote host closed the connection)]
shlevy has quit [(Quit: Quit)]
shlevy has joined joined #nixos-dev
zarel has quit [(Ping timeout: 255 seconds)]
<globin> MoreTea: copumpkin fixed xar (used way down the tree in darwin for unpacking apple open source stuff) with openssl 1.1