gchristensen changed the topic of #nixos-dev to: NixOS Development (#nixos for questions) | https://hydra.nixos.org/jobset/nixos/trunk-combined https://channels.nix.gsc.io/graph.html | 18.09 release managers: vcunat and samueldr | https://logs.nix.samueldr.com/nixos-dev
drakonis has joined #nixos-dev
Synthetica has quit [Quit: Connection closed for inactivity]
LnL has quit [Ping timeout: 268 seconds]
eadwu has joined #nixos-dev
drakonis has quit [Read error: Connection reset by peer]
sir_guy_carleton has joined #nixos-dev
lassulus_ has joined #nixos-dev
lassulus has quit [Ping timeout: 244 seconds]
lassulus_ is now known as lassulus
<yl[m]> Hey guys, at work we're re-defining our entire workflow and currently Nix is responsible for the dev environments and the CI. We are moving towards a mono repo and we have decided to use Bazel (choice was between Bazel and nix-build). There's one question that I was not able to answer that pushed Bazel forward. Consider two binaries A and B both dependent on a library C and a commit that touches on C, can nix figure out that
<yl[m]> we have to compile A and B (obviously yes)? But can we somehow get a printed list of A and B so we can build docker images for both and push them out?
eadwu has quit [Ping timeout: 252 seconds]
<lopsided98> yl[m]: you'll probably get a better response in #nixos
sir_guy_carleton has quit [Quit: WeeChat 2.2]
<yl[m]> I'll try there
jtojnar has quit [Quit: jtojnar]
worldofpeace has quit [Ping timeout: 245 seconds]
tilpner has quit [Ping timeout: 250 seconds]
pie_ has quit [Remote host closed the connection]
pie_ has joined #nixos-dev
<Profpatsch> yl[m]: yeah, for a monorepo bazel is usually what you want.
<Profpatsch> yl[m]: Out of interest, what languages are you working with?
__Sander__ has joined #nixos-dev
<domenkozar> more content for https://github.com/NixOS/nixos-weekly/pull/74 :)
<{^_^}> nixos-weekly#74 (by domenkozar, 3 weeks ago, open): Call for Content: 2018/15
<domenkozar> MOAR
__Sander__ has quit [Ping timeout: 258 seconds]
v0|d has quit [Remote host closed the connection]
__Sander__ has joined #nixos-dev
<Profpatsch> domenkozar: Thanks for keeping up the newsletter!
<domenkozar> \m/
orivej has quit [Ping timeout: 272 seconds]
init_6 has joined #nixos-dev
Synthetica has joined #nixos-dev
orivej has joined #nixos-dev
jtojnar has joined #nixos-dev
orivej has quit [Ping timeout: 246 seconds]
hedning has joined #nixos-dev
<globin> ping shlevy Mic92
<Profpatsch> gchristensen: Is ofborg working right now? It hasn’t reacted to my query two hours ago: https://github.com/NixOS/nixpkgs/pull/53412#issuecomment-453060318
<gchristensen> let's see
<gchristensen> https://github.com/NixOS/nixpkgs/pull/53412/checks it sure looks like it did
<Profpatsch> gchristensen: oooh, I’m sorry. I haven’t done a PR since you introduced the checks, so I’ve been waiting for the comments to appear. :DDD
<gchristensen> ah!
<Profpatsch> Huh, and I love that the output is five times better than what CircleCI provides.
<gchristensen> it is?
<Profpatsch> Even though the CirciCI people do it to earn money with their product …
<Profpatsch> CircleCI doesn’t display *any* status info on checks pages, so the checks just added yet another useless page load.
<gchristensen> ...nice.
<Profpatsch> Just so you can wait for their horribly slow website to load afterwards.
<gchristensen> oy
<Profpatsch> And if you click on the build-linux link, it takes about 10 seconds before it shows the log …
<gchristensen> maybe someday I can sell ofborg as a product and make enough money where it can also be horribly slow with a sucky checks result :P
<Profpatsch> I wish you were more than half-joking.
<gchristensen> ;)
init_6 has quit [Ping timeout: 258 seconds]
init_6 has joined #nixos-dev
orivej has joined #nixos-dev
orivej has quit [Ping timeout: 246 seconds]
LnL has joined #nixos-dev
orivej has joined #nixos-dev
orivej has quit [Ping timeout: 258 seconds]
__Sander__ has quit [Ping timeout: 246 seconds]
__Sander__ has joined #nixos-dev
<yl[m]> Profpatsch: we have a quite old ruby app to move over but for any new code it's going to be a combo of Go and Java and/or scala.
pie_ has quit [Remote host closed the connection]
pie_ has joined #nixos-dev
<Profpatsch> yl[m]: I’m not sure about the state of the ruby rules, go and java should be fine.
<Profpatsch> If you need help for Scala, we could lend you a hand, just ping me.
<yl[m]> Profpatsch: that's good to know, I will let the team that's using it know that
<yl[m]> I'm not too worried about the Ruby app just yet, it's low priority to move it over
ixxie has joined #nixos-dev
init_6 has quit [Ping timeout: 258 seconds]
carter has joined #nixos-dev
tilpner has joined #nixos-dev
<Mic92> yl[m]: bundix works fine for ruby
__Sander__ has quit [Quit: Konversation terminated!]
<yl[m]> Mic92: I tried it, it works great for releasing but not for development
<Mic92> true
<Mic92> Then again I don't think there is anything wrong with using bundle for this use case.
<Mic92> direnv is neat for that: https://github.com/direnv/direnv/wiki/Ruby
<yl[m]> yea I use direnv extensively
pie_ has quit [Remote host closed the connection]
pie_ has joined #nixos-dev
orivej has joined #nixos-dev
drakonis has joined #nixos-dev
<yorick> sounds like we should compile systemd with `-fstack-clash-protection`
<Synthetica> Baughn_ (in #nixos) "gcc8 + some compiler flags. But IME it's a bad idea to mix and match compiler versions for core software."
<Synthetica> Suggested the same
<Synthetica> yorick: But some patches were pushed to nixos/systemd, that should fix the problem: https://git.io/fhZMy
<globin> work on stack clash protection is in progress, fpletz is currently updating gcc to 8.2 and then continuing with that
<{^_^}> #53760 (by fpletz, 2 hours ago, open): [WIP] Build nixpkgs with gcc 8 by default
<ckauhaus> see #nixos-security for details
philipp[m] has joined #nixos-dev
<philipp[m]> There is a critical security issue in all versions of matrix-synapse. How is the procedure to getting that into stable? https://matrix.org/blog/2019/01/10/critical-security-update-synapse-0-34-0-1-synapse-0-34-1-1/
<Synthetica> philipp[m]: Other than update-backport?
orivej has quit [Ping timeout: 250 seconds]
<philipp[m]> Synthetica: they are not shipping the upgrade for the version currently in stable, so it either needs to be patched in by nixos (might be pretty hard) or stable needs to be upgraded to at least
orivej has joined #nixos-dev
<Mic92> yorick: I was about to say the same
<Mic92> philipp[m]: if there are patches, you can add it to the patches = [] list to apply them.
<Synthetica> philipp[m]: I had a quick look, and the patch seems to mostly apply cleanly.
<Synthetica> We could probably make this work with relatively little effort
<ekleog> philipp[m]: matrix-synapse's version in stable has already been bumped in case of security issue
<ekleog> its development is unstable enough for this to be possible
<ekleog> now, if the backport is possible, it's likely best
symphorien has joined #nixos-dev
<ekleog> … ok that'll be some vuln around macaroon handling, so something around authentication
drakonis_ has joined #nixos-dev
Drakonis__ has joined #nixos-dev
<ekleog> philipp[m]: if you open a PR for the (backport of the) update feel free to ping me
<philipp[m]> ekleog: currently afk but it's the first thing I'll do when I'm able. The backport shouldn't be a problem. I'm currently running my own version of 34 on stable.
drakonis has quit [Ping timeout: 258 seconds]
drakonis_ has quit [Ping timeout: 240 seconds]
<ekleog> great! :)
nwspk has quit [Quit: Quit: *.banana *.split]
nwspk has joined #nixos-dev
gchristensen is now known as c
c is now known as gchristensen
Drakonis__ has quit [Read error: Connection reset by peer]
<joko> Anyone with Hydra access? This job https://hydra.nixos.org/build/86902287 is finishing correctly on my machine, could anyone clear the failed builds cache?
<gchristensen> I restarted it
orivej has quit [Ping timeout: 246 seconds]
<joko> gchristensen: thank you!
<gchristensen> yep!
<joko> gchristensen: could you also restart this: https://hydra.nixos.org/build/86932300 in case the former works?
orivej has joined #nixos-dev
orivej has quit [Ping timeout: 258 seconds]
drakonis has joined #nixos-dev
genesis has quit [Remote host closed the connection]
ixxie has quit [Ping timeout: 250 seconds]
orivej has joined #nixos-dev
Cale has joined #nixos-dev
eadwu has joined #nixos-dev
obadz has quit [Quit: WeeChat 2.3]
orivej has quit [Ping timeout: 272 seconds]
<thoughtpolice> dtz: asking out of curiosity since you might know -- with the new pkgsMusl/pkgsStatic framework, can I just use e.g. pkgs.pkgsStatic.llvmPackages.stdenv and get a magical LLVM-based toolchain for my projects that can static link? Does that work yet?
worldofpeace has joined #nixos-dev
<thoughtpolice> Oh, it does! I thought I had this worked out before (I did!) but I can't remember why I was asking. I even wrote about it. Busy holidays.
hedning has quit [Quit: hedning]
tilpner has quit [Ping timeout: 268 seconds]
<dtz> **does** that work?? There are likely bits that don't yet AFAIK but glad that does!
<dtz> busy indeed :)
orivej has joined #nixos-dev
<gchristensen> wow..!
eadwu has quit [Ping timeout: 252 seconds]
init_6 has joined #nixos-dev
<thoughtpolice> If what I wrote a month ago is accurate then yes but I think it might have broken recently somehow.
<thoughtpolice> Luckily I included a nixpkgs hash in my notes.