| 10 Dec 2023 |
|  @/yvan:matrix.org changed their display name from Yvan Sraka to Yvan Sraka (Old). | 10:55:55 |
| @/yvan:matrix.org changed their display name from Yvan Sraka (Old) to Yvan Sraka (old). | 10:55:58 |
| 12 Dec 2023 |
 Philip Taron (UTC-8) | I'm getting a reproducibility failure on x86_64-darwin on these lines: https://github.com/NixOS/nixpkgs/blob/master/pkgs/development/compilers/clasp/default.nix#L41-L43 | 20:35:51 |
| 27 Dec 2023 |
|  @beamer:phampage.xyz left the room. | 19:54:10 |
| 12 Dec 2023 |
| Philip Taron (UTC-8) | Do I need to do something like https://patch-diff.githubusercontent.com/raw/NixOS/nixpkgs/pull/272125.patch? | 20:36:56 |
 Pol | While you're hacking into that file, you could add the missing hooks phases as well | 20:39:35 |
| Philip Taron (UTC-8) | Tell me more? | 20:39:50 |
| Pol | runHook preInstall
...
runHook postInstall | 20:40:49 |
| Pol | Check in the nixpkgs repository, there's plenty of that :) | 20:41:02 |
| Pol | Regarding tar which is not reproducible, this PR might help: https://github.com/NixOS/nixpkgs/pull/107251/files | 20:41:13 |
| Pol | Sadly it's not merged :( | 20:42:00 |
| Pol | it's weird that tar is used and in the next step it's uncompressed. | 20:47:31 |
| Pol | I wonder why it is really needed. | 20:47:43 |
| Philip Taron (UTC-8) | I think it's pulling from various git repositories. | 20:49:01 |
| Philip Taron (UTC-8) | * I think it's pulling from various git repositories, and exists to "wrap them all up". | 20:49:11 |
| 13 Dec 2023 |
 Rick (Mindavi) | Maybe the source code is too big, exceeding some output limit without compression | 10:55:57 |
| 14 Dec 2023 |
|  @man2dev:fedora.im joined the room. | 09:08:33 |
| 16 Dec 2023 |
|  @oliviacrain:matrix.org joined the room. | 18:28:01 |
| 17 Dec 2023 |
|  @nam3l33ss:matrix.org changed their profile picture. | 04:39:38 |
|  reader_ joined the room. | 14:32:50 |
| 19 Dec 2023 |
|  Martin Schwaighofer joined the room. | 13:35:45 |
| Martin Schwaighofer | I think a good addition for reproducibility tracking would be if the existing signing scheme used by substituters could optionally sign some additional info that "The signer has built this package themselves.".
I also wrote a feature request about that here: https://github.com/NixOS/nix/issues/9644
Not sure if we could find some nice backwards compatible way to actually do this. | 13:51:11 |
| Martin Schwaighofer | * I think a good addition for reproducibility tracking would be if the existing signing scheme used by substituters could optionally sign some additional info that "The signer has built this package themselves.".
I also wrote a feature request for that here: https://github.com/NixOS/nix/issues/9644
Not sure if we could find some nice backwards compatible way to actually do this. | 13:51:48 |
| Rick (Mindavi) | I think the nixpkgs hydra server doesn't build much itself, but it does _sign_ the binaries. So cache.nixos.org doesn't provide this guarantee. But maybe you only want that for your own builds anyway? | 21:51:00 |
| 20 Dec 2023 |
| Martin Schwaighofer | Even if nixpkgs Hydra does not do the building itself the actual builders could produce additional signatures that make this extra guarantee and can be obtained via cache.nixos.org in addition to the existing ones.
I think the more substituters would do this the better.
With this addition you can do reproducibility analysis just by looking at those signatures as offered by different substituters/builders (which is something people want from Trustix I think). | 04:40:09 |
|  bb_wtt.jpeg joined the room. | 11:58:46 |
| 21 Dec 2023 |
|  Meliketoast joined the room. | 16:01:06 |
| 22 Dec 2023 |
|  medliviz joined the room. | 12:31:43 |
| 23 Dec 2023 |
 raboof | generated the Gnome ISO runtime report again: https://reproducible.nixos.org/nixos-iso-gnome-runtime/ | 16:31:35 |
 atemu12 | In reply to @raboof:matrix.org
generated the Gnome ISO runtime report again: https://reproducible.nixos.org/nixos-iso-gnome-runtime/ Just 11 paths remaining?! O.o | 16:46:07 |
bb_wtt.jpeg