| 10 Aug 2023 |
 countoren | is'nt it kinda defeat the purpose ? | 19:09:56 |
| countoren | well I guess it is better then being in nix store... | 19:10:17 |
| countoren | Actually should'nt the rust just read npmrc if exists? | 19:11:15 |
 Lily Foster | Not necessarily. Unpriveleged users can't read the environment of a privileged process (which all system services probably are. Or at least not running as the interactive user I mean) and it's really easy for stuff that gets into the store to accidentally make it other places (and store is world-readable by default) | 19:11:30 |
| Lily Foster | In reply to @countoren:matrix.org
Actually should'nt the rust just read npmrc if exists? It won't exist in the nix sandbox and I'd have to add npmrc parsing code for that 😅 | 19:11:56 |
| Lily Foster | * It won't exist in the nix sandbox and I'd have to add npmrc parsing code for that anyway 😅 | 19:12:13 |
| Lily Foster | * Not necessarily. Unprivileged users can't read the environment of a privileged process (which all system services probably are. Or at least not running as the interactive user I mean) and it's really easy for stuff that gets into the store to accidentally make it other places (and store is world-readable by default) | 19:12:24 |
| countoren | Well I guess user can just writeShellScript wrapping the nix build itself exporting the env var reading npmrc | 19:13:35 |
| Lily Foster | If you really want it in the derivation and don't mind it being in the store, you'll be able to set postPatch = "export NPM_TOKENS=..." with it how it is | 19:14:07 |
| Lily Foster | As well | 19:14:12 |
| Lily Foster | Since it doesn't care where the env var comes from, it just cares that it exists | 19:14:25 |
| countoren | Yes but the script way it wont be on store | 19:14:33 |
| Lily Foster | (And postPatch is one of the hooks that gets propagated to the fetcher) | 19:14:48 |
| Lily Foster | In reply to @countoren:matrix.org
Yes but the script way it wont be on store Correct. I'm just saying you have another option if you don't want to do the builder environment thing and don't mind it going to the store for simpler threat models (e.g. testing keys) | 19:15:29 |
| Lily Foster | Script should be fine to avoid leaking secrets to nix store | 19:15:54 |
| countoren | Make sense | 19:15:52 |
| countoren | we can add util for that maybe. | 19:16:26 |
| countoren | kinda meta tho :) | 19:16:31 |
| countoren | Thank very much Lily Foster , if you get a chance to let me know when you got the PR in. I will update my flake. | 19:18:32 |
| Lily Foster | Will do! Thanks for helping test and I'm glad you got your thing working :) | 19:19:15 |
| 13 Aug 2023 |
|  @10leej:matrix.org joined the room. | 01:27:15 |
| 15 Aug 2023 |
| @10leej:matrix.org left the room. | 19:34:36 |
| 16 Aug 2023 |
|  israelss joined the room. | 15:47:08 |
| 19 Aug 2023 |
 dotlambda | I'm trying to package dl-librescore but get
Error: Git dependency node_modules/pdfkit contains install scripts, but has no lockfile, which is something that will probably break.
What can I do?
| 17:37:56 |
| Lily Foster | https://github.com/NixOS/nixpkgs/issues/244285
:( | 17:47:48 |
| dotlambda | Can someone explain why I get
npm ERR! request to https://registry.npmjs.org/tap failed: cache mode is 'only-if-cached' but no cached response is available.
in https://github.com/NixOS/nixpkgs/pull/250265 ? It's during Installing dependencies and ignoring scripts doesn't fix it.
| 22:50:03 |
| dotlambda | Is there a policy regarding having libraries in nodePackages that don't provide any executables and aren't used elsewhere in nixpkgs? I feel like they are pretty much useless. | 23:12:44 |
| 20 Aug 2023 |
| Lily Foster | In reply to @robert:funklause.de
Can someone explain why I get
npm ERR! request to https://registry.npmjs.org/tap failed: cache mode is 'only-if-cached' but no cached response is available.
in https://github.com/NixOS/nixpkgs/pull/250265 ? It's during Installing dependencies and ignoring scripts doesn't fix it.
I'll try to take a look today | 11:57:57 |
| Lily Foster | In reply to @robert:funklause.de
Is there a policy regarding having libraries in nodePackages that don't provide any executables and aren't used elsewhere in nixpkgs? I feel like they are pretty much useless. There is no policy on nodePackages other than I wish it would just eventually go away (or be replaced by something actually composable) 🫠| 11:58:35 |
| dotlambda | But since it's not composable we might as well get rid of libraries | 14:14:51 |
