| 11 May 2023 |
 raitobezarius | Would you be interesting into getting that hash collection infra first? | 17:14:58 |
| raitobezarius | Then we can build Trustix on the top of that IMHO | 17:15:02 |
 Julien | I would need to read more on what you mean by "hash collection infra" | 17:15:30 |
| raitobezarius | Go to Security Discussion | 17:15:39 |
| raitobezarius | There's a bit of discussion there | 17:15:44 |
| raitobezarius | Expanding what it is | 17:15:50 |
| Julien | But yes, it fits my research interests to help nix get better in terms of software supply chain security | 17:16:00 |
| Julien | In reply to @raitobezarius:matrix.org
Go to Security Discussion Sure, but each time I join a new matrix channel I get a little bit more sick | 17:16:35 |
| raitobezarius | don't worry I will do a RFC for IRC | 17:16:44 |
| Julien | Where should I sign ? | 17:17:06 |
| Julien | Ah yes, the "hash collection infra" looks like something I had in mind actually | 17:19:08 |
| Julien | Well I'd be ready to work on that kind of solution and could probably even have that be part of my PhD when I start it | 17:20:22 |
| raitobezarius | stop giving hope to this channel's people | 17:20:55 |
 davidak | In reply to @raitobezarius:matrix.org
Would you be interesting into getting that hash collection infra first? i think trustix has hash collection infra, but no one knows if and how it works (except adisbladis who is unresponsive to the questions)
https://github.com/nix-community/trustix/issues/90 | 19:36:58 |
| davidak | i have collected thousands of hashes on my computer from reviewing PRs and would like to share them, so we can get a broader picture of unreproducible packages | 19:41:11 |
| raitobezarius | Someone needs to investigate this properly | 19:53:20 |
