fractalcat has joined #nixos-security
pie__ has quit [Ping timeout: 264 seconds]
fractalcat has quit [Quit: WeeChat 2.1]
mmercier_ has joined #nixos-security
pie__ has joined #nixos-security
mmercier_ has quit [Ping timeout: 264 seconds]
mmercier_ has joined #nixos-security
pie__ has quit [Read error: Connection reset by peer]
pie_ has joined #nixos-security
mmercier_ has quit [Quit: mmercier_]
pie_ has quit [Remote host closed the connection]
pie_ has joined #nixos-security
<andi-> nothing fancy but this will proably the basic structure I'll generate https://epsilon.rammhold.de/andi/test-formatted.json (look at electron for an good example...). I am not yet sure I want the `notes` section in there. That potentially belongs to a file that is more or less append only..
<gchristensen> cool!!
<andi-> Anything missng?
<pie_> btw dont people like to hate on json as an interchange format for some reason?
<gchristensen> sure
<andi-> pie_: what would you prefer?
<gchristensen> who cares :P
<gchristensen> people will hate on things for any number of reasons
<gchristensen> but the most important part is it works
<gchristensen> well
<gchristensen> THE most important part is andi is _DOING_ it
<pie_> andi-, no idea, just asking
<andi-> as long there is a serde crate for it I can use it ;)
<pie_> :D >>> <gchristensen> THE most important part is andi is _DOING_ it
mmercier_ has joined #nixos-security
mmercier_ has quit [Ping timeout: 244 seconds]
pie__ has joined #nixos-security
pie_ has quit [Ping timeout: 244 seconds]
<andi-> Scouting for some inspiration... I am a bit hammered with the amount of (unreadable?) python people produce: https://salsa.debian.org/security-tracker-team/security-tracker/blob/master/lib/python/security_db.py
<gchristensen> lol good luck
<andi-> I mean they hold they CVE data in one large test file.. and somehow that works for them :-)
<andi-> I was also thinking about something like a list of "affected packages"
<andi-> that would basically be everything that depenends on it.. not sure how much value that would be for things like a gcc issue vs libssl
<andi-> fun fact their "security master server" (whatever that means) is 2km away from me o.O
<andi-> I am actually (still) hopeing to get some inspiration to get away without a proper database.. (not even sqlite)
<gchristensen> you should prob use a db
<gchristensen> lol
<andi-> sigh... maybe you are right
<gchristensen> I mean, I know the temptation
<gchristensen> I really do
<andi-> The complexity of computing everything I want to know on-the-fly is probably way too high
<andi-> and merging that stuff "manually" later on is also not fun
<LnL> talking about sqlite, I don't like the rust library I'm for my thing but it's the only one I could find...
<andi-> is there any alternative to diesel in Rust?
<andi-> I really like the concept of diesel but I dislike writing the schemas by hand again :/
<LnL> oh, does that support sqlite?
<andi-> yes
<andi-> mysql, postgres & sqlite IIRC
<LnL> I'm probably going to switch to that then
pie___ has joined #nixos-security
<LnL> google pointed me at rusqlite
pie__ has quit [Ping timeout: 268 seconds]
<andi-> yay, looks like I can think about nix packaging for the tool again.. lets soo how much success carnix give me today
pie___ has quit [Ping timeout: 240 seconds]
pie___ has joined #nixos-security
<andi-> software archaeology: from todays for nixos-13.10 is a security minefield almost 1000 unfixed issues :)
<andi-> Lets see how this will look like in the morning when the entire channel history has been processed
pie___ has quit [Ping timeout: 244 seconds]
pie___ has joined #nixos-security