justanotheruser has quit [Ping timeout: 246 seconds]
justanotheruser has joined #nixos-security
justan0theruser has joined #nixos-security
justanotheruser has quit [Ping timeout: 245 seconds]
justan0theruser is now known as justanotheruser
erictapen has quit [Ping timeout: 255 seconds]
tv has quit [Ping timeout: 250 seconds]
tv has joined #nixos-security
erictapen has joined #nixos-security
pie__ has joined #nixos-security
periklis has joined #nixos-security
pietranera has joined #nixos-security
justanotheruser has quit [Ping timeout: 250 seconds]
justanotheruser has joined #nixos-security
<pie__>
I dont think anyone commented on my uncertainty about the visibility of using malicious unmerged commits revs (since everything is one repo under the hood) when fetching stuff from github in nixpkgs
<pie__>
am I worried unnecesarily? do people that do merges actually check the provenance of things?
erictapen has quit [Ping timeout: 264 seconds]
erictapen has joined #nixos-security
periklis has quit [Ping timeout: 245 seconds]
erictapen has quit [Ping timeout: 240 seconds]
erictapen has joined #nixos-security
erictapen has quit [Ping timeout: 250 seconds]
pie__ has quit [Remote host closed the connection]