jtojnar has quit [(Remote host closed the connection)]
ma27 has joined joined #nixos-dev
vcunat has quit [(Quit: Leaving.)]
ma27 has quit [(Ping timeout: 240 seconds)]
ma27 has joined joined #nixos-dev
jtojnar has joined joined #nixos-dev
ma27 has quit [(Ping timeout: 276 seconds)]
<jtojnar>
is there some convenient way to find out which jobs depending on vala failed?
vcunat has joined joined #nixos-dev
vcunat1 has joined joined #nixos-dev
vcunat has quit [(Ping timeout: 250 seconds)]
vcunat1 has quit [(Quit: Leaving.)]
vcunat has joined joined #nixos-dev
jtojnar has quit [(Ping timeout: 248 seconds)]
zraexy has joined joined #nixos-dev
<orivej>
jtojnar: I would have made a branch with the current master + revert of the vala upgrade and compared it to master either with nox-review or with hydra
<vcunat>
orivej: I considered picking the curl bump to master directly, due to stdenv rebuild in there, but the CVEs don't seem critical (no known exploits, two of three issues are 32-bit only, etc.)
<makefu>
adisbladis: i had a pr for curl prepared as well for nss-support .however i have issues due to circular dependencies from nss to curl
<vcunat>
staging is rebuilding stdenv, and curl is "only" thousands of packages (5.9k on x86_64-linux) so we don't need to hurry that much
adisbladis[m] has joined joined #nixos-dev
phreedom has quit [(Quit: No Ping reply in 180 seconds.)]
phreedom has joined joined #nixos-dev
<gchristensen>
"@GrahamcOfBorg GrahamcOfBorg added 10.rebuild-darwin: 0 10.rebuild-linux: 0 and removed 10.rebuild-darwin: 501+ 10.rebuild-linux: 501+ labels 29 minutes ago" this is a funny bug
<vcunat>
gchristensen: are you sure the Borg won't misbehave too badly?
<gchristensen>
misbehave in what way?
<vcunat>
I don't know... it has push rights, doesn't it.
<gchristensen>
oh, tragically, yes it does
<MichaelRaskin>
Was this relabelling after a merge?
<gchristensen>
it was, MichaelRaskin
<vcunat>
Also, we wouldn't want it to destroy all humanity, or something...
<gchristensen>
lol
<makefu>
casualties, at least we have good tests for nixpkgs
<gchristensen>
vcunat: so the only parts that have github creds are parts I control, community-sponsored builders don't have any github credentials
<MichaelRaskin>
Unless they succeed in attacking the host and finding the owner's GitHub credentials somewhere…
<MichaelRaskin>
But that won't be borg-specific.
<vcunat>
Yes, I can't see any other real risk. That's probably safe enough.
<MichaelRaskin>
Well, the evaluator misbehaving would be annoying.
<gchristensen>
IIRC the credentials the borg services use can't push, but let me double check that
<MichaelRaskin>
I guess so far it doesn't have any commit/merge URLs in the code, so it has label rights but not effective commit rights.
<MichaelRaskin>
Eventually we will want to let borg push…
<vcunat>
Then we make bots to automatically create patches for package updates, and we're done :-)
<gchristensen>
vacation!
<MichaelRaskin>
We just need to restart monitor.nixos.org…
<MichaelRaskin>
phreedom's code did create patches for updates.
<vcunat>
and it tested them
<phreedom>
and produced nice build diff logs so that you see new or missing deps :'(
<vcunat>
phreedom: can you remind us why it ended?
<vcunat>
(link is OK)
<phreedom>
a huge disadvantage is that it's impossible to debug this monster on a laptop, so since my number cruncher has been offline most of the time, I can't really do anything :(
<vcunat>
Well, yes - if it was linked with a CVE, cherry-pick into a PR and ping the release maintainers :-)
<gchristensen>
and it cherry-picked then opened a PR
<vcunat>
(after checking it builds)
<MichaelRaskin>
i think commit message should include the requester, both for cherry-picks and for merges
<gchristensen>
cool
<MichaelRaskin>
Committer is clearly the bot.
<MichaelRaskin>
Merges and cherry-picks are now authored by whoever presses the button, so also the bot.
<MichaelRaskin>
And then it can commen in the commit message «grahamc talked me into it», like with the evaluation-failer.
<gchristensen>
lol
<gchristensen>
ok, cool
<phreedom>
vcunat: getting the monitor to use the external build server would take some effort as it also wants to access the build log and build output
<phreedom>
vcunat: also multi-output derivations don't fit the current db schema
<vcunat>
Once we had a discussion about nixpkgs monitor making itself the author of update patches, and Eelco being strongly against that, so this had been changed afterwards...
<vcunat>
phreedom: right, I didn't think it would be without work
<vcunat>
just the maintenance
<vcunat>
isn't free, I guess
<phreedom>
vcunat: cve matcher approach in vulnix I think was the sme as monitor, although I vaguely remember improving it
phreedom has quit [(Ping timeout: 276 seconds)]
phreedom has joined joined #nixos-dev
<phreedom>
sometimes url changes, sometimes they break the scraper/parser
<phreedom>
right now it's too monolithic and a debug run is an expensive thing even without building
<phreedom>
if you have to debug the stuff that comes after the build step, good luck to you ;)
<phreedom>
I would be really glad to revive this, but we'd need a clear understanding as to how to maintain it in a working order
<phreedom>
part of this would be making some of the debug/maintenance work easier/lighter in terms of the hardware, but I guess I there needs to be more than 1 mtaintainer, because such services are only useful when they are reliable
<phreedom>
TLDR: turns out you can't write and forget about it, that's why it folded :/
<phreedom>
this, outside circumstances and my lifestyle :)
<phreedom>
vcunat: so if you find someone prepared to fix scrapers and do it promptly, I think we can revive this
<vcunat>
phreedom: maybe the scraper could be outsourced
<vcunat>
I'm instinctively trying to reuse such stuf as much as possible
<phreedom>
vcunat: and even package list has the same design as nixpkgs-monitor ;)
<vcunat>
Maybe the author got inspired by it :-)
<phreedom>
vcunat: wouldn't be surprised
<phreedom>
the problem is that you have to match packages to nix packages
<vcunat>
it does already
<vcunat>
I mean, repology scans nixpkgs as well
<phreedom>
vcunat: the question is how good is the matching
<phreedom>
I see that it doesn't use github and git sources in general
<vcunat>
no, it uses channels
<phreedom>
and it's one of the most successful update sources for the monitor
<vcunat>
we generate a json
<phreedom>
noo, I don't mean nixpkgs
<vcunat>
I see
<vcunat>
but they do want to do matching, etc, so I think it's better to do it in a distro-neutral place
<phreedom>
vcunat: also I need to look into how much metadata they export. matching packages by name doesn't always work well. matching them using source urls is just so much better
<phreedom>
there are lots of minor, but nontrivial gotchas in this space
<phreedom>
it's more like art than science
<gchristensen>
^ agreed, so hard
<phreedom>
and is the code available?
<phreedom>
yeah it is D:
<vcunat>
I think contributions to repology.org are welcome.
<MichaelRaskin>
phreedom: apparently, reading this code doesn't make you happy?
<gchristensen>
MichaelRaskin: does reading any code make you happy? :P
<phreedom>
MichaelRaskin: reading code takes some time. either way, we can use repology as one of the sources and see
<phreedom>
it's not an either/or situation
<MichaelRaskin>
gchristensen: yes, if I see that I can actually trust this component while using it as-is.
<MichaelRaskin>
Not to mention the case where I am reading the code for the related work and I see that it is easy to explain how my approach is better.
<MichaelRaskin>
(in an article)
<vcunat>
:-D
<phreedom>
ok, so as an absolute minimum we can steal their matching rules and/or use them as a backup for distro-specific scrapers
<phreedom>
but this is a minor detail
<gchristensen>
maybe I'm just tainted after working on a >10yr old PHP app cobbled together by thousands of devs
<phreedom>
the question is: if I fix it and do the heavy lifting in terms of architecture, is it going to be maintained?
<phreedom>
gchristensen: it's still possible to "unsee" it if you change the job quickly enough :)
<phreedom>
gchristensen: and it's hard to beat JS. PHP is tame in comparison, although I guess it depends on the codebase quality
<gchristensen>
:) I didn't change jobs quickly enough.
<phreedom>
I hope you earned enough to heal your wounds afterwards(or retire)
<gchristensen>
the other day I spent a whole day chasing down the argument to a single function to write a single line of documentation about what it means, wrote the line, sent the PR, and I was wrong
<phreedom>
I guess refactoring is not in plans
<MichaelRaskin>
Planning a refactoring is the easy part, actually making sure its scheduled time doesn't get eaten by firefighting is a more interesting task.
<phreedom>
vcunat: actually I have a rather interesting todo for the monitor with cool new features, but i wouldn't do it if it folds in 6 months.
<phreedom>
MichaelRaskin: yeah sometimes it's too late to refactor, everyone is tied up and the thing still kinda sorta works
<gchristensen>
I'm working inside extremely hot code in the center of basically every live path in existence, refactoring is like a 3 year project
<phreedom>
so businesses will ride such a fundamentally broken project for a few years until it either unravels or you can graeatly expand your dev resources
<phreedom>
gchristensen: then as I said, good luck to you, I hope it pays well ;)
<gchristensen>
I mean it works great, but can't be easily extended or updated in any way
jtojnar has quit [(Quit: jtojnar)]
<vcunat>
phreedom: I tied myself to release maintenance for the upcoming year, so I can't promise helping with this as well
jtojnar has joined joined #nixos-dev
<vcunat>
maybe the monitor would be a good google-summer-of-code project
<phreedom>
vcunat: I'm too old for this ;)
<vcunat>
I didn't mean it like that :-)
<MichaelRaskin>
You will be the mentor who has already stepped on all the rakes lying around.
<vcunat>
phreedom: you would be ideal mentor for it, I guess
<vcunat>
but someone else would be doing the work (and paying it), if you don't have enough time
<phreedom>
as I said, I can fix it and even improve it, but I'm pretty sure it will unravel again, because I have no idea where I'm going to be and what I'm going to do in the next 6 month. I can't even tell you which country I'll be living in :)
<phreedom>
better code would mean easier maintenance, but it still has to be done promptly
<gchristensen>
I think we can't beg people to maintain it, someone has to be interested already
<phreedom>
yeah and that's why it's down now, basically :)
<gchristensen>
yeah
<vcunat>
maybe if the tool is given visibility, along with a plea for maintainer, someone will be found
<vcunat>
the community has grown immensely in the past few years
<gchristensen>
yeah it is, almost always >700 people in the channel!!
<vcunat>
and commits from 200-300 people each month
<vcunat>
(for past year or two)
<phreedom>
vcunat: last time I tried this trick: make the code work, show it to everyone, get some "wow" feeback, and hope that someone will miss it enough to fix if it's broken
<MichaelRaskin>
vcunat: I guess the advertisement should say «repository co-ownership», given that growth goes better than de-bottlenecking.
<phreedom>
maybe this time we'll ahve the critical mass for this
<vcunat>
yes, that's what I thought
<phreedom>
but maintaining it was hard. even I was unable to fix anything most of the time simply because I didn't have my box powered on
<globin>
phreedom: is it in the nixos github org?
<phreedom>
globin: no, it's under my account
<globin>
maybe, if in a working state again we should move it over and give a few core people rights to merge, that would give it more visibility and not have a too large bottleneck around reviewing
<vcunat>
the main thing is access to the live instance
<phreedom>
globin: the problem is not repo access rights. the problem is that installing a dev instance and making a test run takes a few days
<srhb>
Does anyone know of a multi-version module that excludes other versions, without merging everything into one big if-statement-blob for compatibility?
<phreedom>
globin: (asssuming you have the hardware to tackle it at all)
<srhb>
I feel like just importing based on packageVersion or something.
<phreedom>
globin: so I guess plenty of people thought about fixing something and gave up shortly
<MichaelRaskin>
srhb: I think window manager modules are pairwise exclusive.
<vcunat>
yes
<srhb>
Hmm, I'll have a look.
<phreedom>
vcunat: accessing the live instance is another problem, but first you have to have your dev instance doing what you want
<vcunat>
and you can do switch-statements like package.${version}
<srhb>
vcunat: Not understood. I'm specifically aiming to duplicate code here. :-P
<vcunat>
one big switch choosing among the duplicates then :-)
<srhb>
vcunat: Good point :P
<MichaelRaskin>
vcunat: why not just set an option of an assign-once type?
<phreedom>
globin: so at least I need to make it easy to fix all steps that go before the build step
<vcunat>
I must say I know little about advance nixos module writing.
<phreedom>
globin: and get buy-in from people to fix minor stuff quickly
<phreedom>
globin: and then hopefully the build and post-build steps won't unravel too quickly and it won't be a problem if it gets love only on a special occasion
<Sonarpulse>
was stuck on a spurious perl failure so I had to restart
<Sonarpulse>
but should be ready soon
<Sonarpulse>
getting like "make: no target for bootstrap"
<Sonarpulse>
basically
<bgamari>
awesome
orivej has quit [(Remote host closed the connection)]
orivej has joined joined #nixos-dev
orivej has quit [(Ping timeout: 240 seconds)]
orivej has joined joined #nixos-dev
Sonarpulse has quit [(Ping timeout: 255 seconds)]
__Sander__ has quit [(Quit: Konversation terminated!)]
goibhniu has quit [(Ping timeout: 260 seconds)]
ma27 has quit [(Ping timeout: 276 seconds)]
<domenkozar>
so with gchristensen we have a plan aobut ABAB alternate personality
<domenkozar>
we hire him/her at apple
<domenkozar>
and we kill two birds
<domenkozar>
no need to maintain that installer
<domenkozar>
and no more banning
<gchristensen>
personally this seems like a really good solution
<gchristensen>
this 0xABAB person really spoils things for me
<domenkozar>
with the persistance I have no doubts in success
<domenkozar>
and we can short stocks
<domenkozar>
omg
<cransom>
mac os been getting more unattractive to me anyway. might as well put the torch to it.
Sonarpulse has joined joined #nixos-dev
<MichaelRaskin>
Wait, is there one more 0xABAB lookalike? I thought the complaints about EU privacy rules were too polite for 0xABAB.
<gchristensen>
they seem to be same tired old "I'm smarter than you and you're lucky I'm taking these seconds to beat you over the head with it"
<MichaelRaskin>
Well, at least this version is more polite (and I am not sure it is the same person). Maybe eventually we can select trolls to bring data and not bring personal attacks? Maybe?
<cransom>
i wonder what kind of comedy would ensue if you reply to his request of taking it up with the owner of cache.nixos.org with "we've opened an aws support ticket and should hear back shortly."
<gchristensen>
lol
<gchristensen>
most of the infra is actually hosted in the US anyway
<gchristensen>
orivej: if I may, I'd recommend not engaging with this pratt person, and I'd move to close the issue
vcunat has quit [(Quit: Leaving.)]
<orivej>
gchristensen: sure. though he seemed less unreasonable at the end
<gchristensen>
yeah, that's okay, vampires aren't worth our time or energy
<Sonarpulse>
happy to answer any questions on it at any time
<niksnut>
okay, will have a look, thanks!
<Sonarpulse>
niksnut: thanks so much!
<Sonarpulse>
niksnut: while the cross stuff depends on this, this change itself isn't so cross-specific. It's basically about separation of concerns in general, and making sure that setup hook gets used for binutils alone in particular
<Sonarpulse>
a lot of the new files can be better understood by comparing the same one in cc-wrapper and bintools-wrapper
<Sonarpulse>
basically i cloned everything and then ripped out the now-unneeded bits in either
_ris has joined joined #nixos-dev
taktoa has quit [(Remote host closed the connection)]