erictapen has quit [Ping timeout: 268 seconds]
pie_ has quit [Remote host closed the connection]
pie__ has joined #nixos-security
<MichaelRaskin> ww
periklis has joined #nixos-security
<ckauhaus> periklis: thank you very much for looking into the security tickets
<ckauhaus> this is very much appreciated
<periklis> ckauhaus: you are welcome
<periklis> ckauhaus:i really like the new ticket approach, e.g. libtiff is nice log on what happens around it's CVEs :)
<ckauhaus> the next thing is to automate it (was a manual experiment in SR51) and provide backlinks to previous issues with the same pkg
<ckauhaus> each CVE get reported only once, but an updated usually solves several of them
<ckauhaus> so multiple tickets could be affected
<ckauhaus> of course, this can easily be done right now by searching github issues with the package name
<periklis> is there any script for the current ticketing? i must have overlooked that in vulnix probably
<ckauhaus> the tooling lives currently in https://github.com/ckauhaus/nixos-vulnerability-roundup
erictapen has joined #nixos-security
<ckauhaus> it's not part of the vulnix code since it's actualy a different kind of thing
<ckauhaus> we'll migrate it probably to github.com/NixOS at some point in the future
<periklis> ah nice, i can hack on the new style tomorrow on my slackday
<ckauhaus> :-)
<periklis> just to get it right, you meant backlinks to the old ticket structure or to older tickets of the new structure?
<ckauhaus> no, forget about the old structure - I'd do that manually if at all
<ckauhaus> the interesting part would be creating github issues through the API
mmercier has joined #nixos-security
<periklis> ckauhaus: ok, any package you can recommend? I am not a pythoneer, but i think i could hack it through
<ckauhaus> well, actually no
<ckauhaus> perhaps I'd better starting to hack on it during the weekend
erictapen has quit [Ping timeout: 244 seconds]
<ckauhaus> when the basic infrastructure is in place, it'll be easier to add features and bug fixes
<ckauhaus> would in summary perhaps a better use of time
<periklis> +1
<periklis> let me know then when i can help on new features :)
<ckauhaus> yes of course
<ckauhaus> I've been thinking of converting the core to Rust since it's JSON handling is so much butter
<ckauhaus> but perhaps not this time
<ckauhaus> Python is great for testing stuff in a quick rate
<periklis> i am fine with Rust. i hack Rust occasionally. in addition it would complete the nix surrounding tool ecosystem like ofborg
__Sander__ has joined #nixos-security
periklis has quit [Remote host closed the connection]
periklis has joined #nixos-security
<ckauhaus> globin: how is the RfC for the core security team going?
<ckauhaus> I'd like to nominate periklis
pie__ has quit [Ping timeout: 252 seconds]
pie_ has joined #nixos-security
pie_ has quit [Ping timeout: 252 seconds]
<periklis> ckauhaus: OMG, what an honor
<ckauhaus> :)
<ckauhaus> it's my impression that you are really caring
MichaelRaskin has quit [Quit: MichaelRaskin]
erictapen has joined #nixos-security
periklis has quit [Remote host closed the connection]
periklis has joined #nixos-security
periklis has quit [*.net *.split]
__Sander__ has quit [*.net *.split]
LnL has quit [*.net *.split]
LnL has joined #nixos-security
periklis has joined #nixos-security
erictapen has quit [Ping timeout: 245 seconds]
mmercier has quit [Quit: mmercier]
johnnyfive has quit [Quit: I go now.]
periklis has quit [Ping timeout: 268 seconds]
mmercier has joined #nixos-security
mmercier has quit [Quit: mmercier]
<tokudan[m]> https://www.postgresql.org/about/news/1905/ postgresql update due to security issue
c0bw3b_ has joined #nixos-security
erictapen has joined #nixos-security
erictapen has quit [Ping timeout: 252 seconds]
erictapen has joined #nixos-security
c0bw3b_ has quit [Remote host closed the connection]