#nixos-security on 2018-08-12

00:15 <andi-> Making some progress \o/ Got some API up and running... past 2am so lets see how productive the next few hours will be..

00:15 <gchristensen> !!!

00:17 * andi- bets that the second I try carnix again it will explode..

01:39 <pie_> car-nage

01:44 pie__ has joined #nixos-security

01:44 pie_ has quit [Read error: Connection reset by peer]

01:58 <andi-> Yay, importhing all the unstable things.. Lets see if that works out better then the old file based appraoch.. API is a bit rough around the corners but at least it does work on some endpoints. Will check it in the morning :) http://boolean.h4ck.space:8082/reports/91/issues Is an example of one variant that is currently implemented. Affected commit range is still a bit foggy but I'll get there...

10:42 <andi-> Still a few rough edges and features missing but I started to deploy it to https://broken.sh :) Feedback welcome.

13:06 <ekleog> wow looks great!

13:08 <ekleog> I'm just wondering, do you think for /reports/*/issues it would be better with eg. { report = …, channel = …, issues = { "CVE-…-…" = … } } , ie. hoisting “identifier” one level up? (and similarly in /packages hoist attribute_name up)

13:09 <gchristensen> awesome domin

13:16 <andi-> ekleog: i can change that, thats a minor detail for now :-)

13:16 <andi-> I am currently trying to optimise the channel import.. e.g. a parser for gchristensen's channel bump history etc..

13:17 <gchristensen> I can also send you webhooks or rabbitmq messages

13:17 <andi-> I know... but for now that is easier.. I had a bash script for a while (which broke, thus the domain)

13:17 <gchristensen> lol

13:17 <gchristensen> sure, no worries

13:21 <ekleog> andi-: yeah, I don't have any big-picture thing that looks wrong from my pov :D

13:21 <andi-> ekleog: yay \o/

13:21 <andi-> As soon as I start working on this for a few days in a row it also goes a lot smoother.. I should get on vacation to finish this..

16:38 <andi-> Next up: issue lists/details/patches and classification.. And also thinking about UI...

21:19 gchristensen has quit [Ping timeout: 268 seconds]

21:23 gchristensen has joined #nixos-security

22:11 <andi-> So, got a preliminary endpoint for each known issue (e.g. https://broken.sh/issues/CVE-2016-9296 ) & finished the nixops deployment.. Lets see if it runs successful in an unattended fashion..

22:18 <gchristensen> wwow

22:18 <gchristensen> !

22:30 <andi-> the current source is here: https://github.com/andir/nix-update-tracker I feel kind of bad for having abused the project to get into rust (again).. needs refactoring :/

22:32 <gchristensen> haha you need some excuse to learn a lang