| 31 Oct 2025 |
 Grimmauld (any/all) | AH, networking.firewall.enable = lib.mkDefault false; in bashless profile for that exact reason, and then later enable nftables and kernel modules manually | 23:02:09 |
| Grimmauld (any/all) | so yeah i guess the default minimalism profile does have it twice | 23:02:37 |
 emily | bashless should pretty much guarantee no ShellCheck by definition right? | 23:02:40 |
| Grimmauld (any/all) | well yes, but i still want switching so i don't run full bashless :P | 23:03:05 |
| emily | making it a passthru.tests for nixos-firewall-tool sounds easy at least | 23:03:14 |
| Grimmauld (any/all) | but yeah i guess i am being silly here | 23:03:16 |
| Grimmauld (any/all) | tbh nixos-firewall-tool should be disable-able by itself | 23:03:49 |
| Grimmauld (any/all) | without disabling the rest of the firewall module, i mean | 23:04:13 |
| Grimmauld (any/all) | i mean i guess its just networking.firewall.trustedInterfaces = [ "lo" ]; and adding some stuff to system packages, but still | 23:05:27 |
 ElvishJerricco | so, are we wanting to get shellcheck out of the build closure for these two things? | 23:17:40 |
| emily | it seems very easy to do; we're just missing one conditional and one move to passthru.tests. though perhaps we should check if any of them pull in Pandoc first… | 23:20:16 |
 raboof | I think the reproducible builds report should not be the motivation for such a change, but it seems like reducing the build closure would be nice 'in general' | 23:23:12 |
| emily | yeah, it's just nice to be able to avoid | 23:25:55 |
| emily | sooner you get done with the minimal ISO the sooner you can move on to the graphical one, anyway! | 23:26:03 |
| emily | GHC is unlikely to leave the build closure of that one | 23:26:12 |
 dish [Fox/It/She] | In reply to @raboof:matrix.org
I think the reproducible builds report should not be the motivation for such a change, but it seems like reducing the build closure would be nice 'in general' it's not the primary motivation, but reducing the size of these closures is good for UX | 23:34:06 |
| dish [Fox/It/She] | * <mx-reply><blockquote><a href="https://matrix.to/#/!LemuOOvbWqRXodtSsw:nixos.org/$LnFXblgc5ez1VdRiY-XFljslbIuNrOazet41XF-YfTk?via=pyrox.dev&via=matrix.org&via=nixos.dev">In reply to</a> <a href="https://matrix.to/#/@raboof:matrix.org">@raboof:matrix.org</a><br />I think the reproducible builds report should not be the motivation for such a change, but it seems like reducing the build closure would be nice 'in general'</blockquote></mx-reply>it's not the primary motivation, but reducing the size of these closures(and the resulting ISOs) is good for UX | 23:34:47 |
| ElvishJerricco | Shouldn't reduce the ISO size or the typical NixOS runtime closure size, since it's just a build time dep. | 23:38:51 |
| 2 Nov 2025 |
|  @dawnofmidnight:catgirl.cloud changed their display name from whispers to whispers (it/fae). | 17:58:08 |
|  amadaluzia joined the room. | 22:34:53 |
| 3 Nov 2025 |
| raboof | https://github.com/NixOS/nixpkgs/pull/458035 another one bites the dust (hopefully) ;) | 09:07:20 |
| raboof | a new regression in the minimal iso runtime: why would something XXX out a reference in the RUNPATH? https://github.com/NixOS/nixpkgs/issues/458071 | 11:10:42 |
| raboof | * a new regression in the minimal iso runtime: why would something XXX out a self-reference in the RUNPATH? https://github.com/NixOS/nixpkgs/issues/458071 | 11:11:55 |
| 4 Nov 2025 |
|  Ron Kuris joined the room. | 19:13:12 |
| Ron Kuris | Hey all, new here. We have an effort to use nix for reproducible builds but we're seeing some differences when we use jemalloc in rust. Does anyone know if this is a known problem and is there anything we can do about it? | 19:14:18 |
| @dawnofmidnight:catgirl.cloud | jemalloc has a couple known un-reproducibilities that should be fixed in nixpkgs, see https://github.com/NixOS/nixpkgs/pull/393724 for when some of those fixes were introduced. Using them in your Rust project should just be a matter of having rust-jemalloc-sys in your buildInputs. If you're having issues beyond that, no clue. | 19:27:33 |
| Ron Kuris | Yep, that lines right up. TYVM! | 19:37:02 |
|  whispers (it/fae) joined the room. | 20:04:48 |
| @dawnofmidnight:catgirl.cloud left the room. | 20:05:07 |
|  Alex Stephan joined the room. | 20:21:02 |
