<LnL>
I think that did it, hard to check on a small screen
<LnL>
it should probably be removed from the listif it's causing too much trouble
<LnL>
hydra will give it a shot periodically until it decides the machine is bad again
phreedom_ has joined #nixos-dev
phreedom__ has joined #nixos-dev
phreedom has quit [Ping timeout: 256 seconds]
phreedom_ has quit [Ping timeout: 256 seconds]
jtojnar_ has quit [Ping timeout: 264 seconds]
init_6 has quit [Ping timeout: 272 seconds]
sir_guy_carleton has quit [Quit: WeeChat 2.0]
gchristensen has quit [Ping timeout: 260 seconds]
gchristensen has joined #nixos-dev
<copumpkin>
how wild would it be to automatically add nativeBuildInputs to disallowedRequisites unless you explicitly opt into being able to depend on them
<copumpkin>
(as well as the compiler, which I've proposed before)
<LnL>
yes and no, I think disallowedRequisites is great but it's kind of a pain to debug
<copumpkin>
or disallowedReferences
<copumpkin>
actually
<copumpkin>
agree that it's a pain to debug, but we could improve that in nix itself (have it tell you which files refer to what)
<copumpkin>
I'd much rather get early feedback than accidentally depend on 5GB of crap :) others might disagree though
<copumpkin>
none of those change the hash, right? I guess that means I could make it configurable like config.checkMeta
<copumpkin>
so we could go and do paranoid rebuilds that disallow bad references
<copumpkin>
I wonder when it gets checked
<copumpkin>
it seems like it could get checked independent of a build happening
<copumpkin>
which would allow us to re-evaluate all of nixpkgs without rebuilding anything, to check against bad references... hmm
<copumpkin>
`nix check-disallowed-references` might not even have to fetch the actual nars
<copumpkin>
could just hit a binary cache, download all narinfos, and check against locally evaluated disallowedRequisites/references