 | Nixpkgs Stdenv | 221 Members |
| 71 Servers |
| Nixpkgs Stdenv | 221 Members |
| 71 Servers |
| Sender | Message | Time |
|---|---|---|
| 15 Sep 2025 | ||
 Randy Eckenrode | If the SBOM info is a derivation, it can be built from the same FOD source using fetchCargoSBOM or whatever is written to support that. Including that as meta information would have storage costs the FODs avoid (e.g., fetchCargoVendor can use the Cargo.toml from the package’s src). | 22:43:54 |
| Randy Eckenrode | * If the SBOM info is a derivation, it can be built from the same FOD source using fetchCargoSBOM or whatever is written to support that. Including that as meta information would have storage costs the FODs can avoid (e.g., fetchCargoVendor can use the Cargo.toml from the package’s src). | 22:44:42 |
 Tristan Ross | That sounds good, can't really comment on it since idk much about SBOM's and security things. | 22:47:31 |
| Randy Eckenrode | I assume that’s the goal, but I don’t actually know based on the PR’s description. | 22:52:24 |
| Tristan Ross | Yeah, I think it's a decent start at least | 22:52:51 |
| Tristan Ross | At where I work, there's a good change we be needing it so I might be able to work on expanding it after this PR. | 22:54:14 |
| Randy Eckenrode | To simplify down my concern, it’s about maintenance burden. If companies are going to use this for supply chain purposes, are we at risk of getting a bunch of ‘my company’s vulnerability scanner says this package has a CVE’ issues that may actually be fixed in nixpkgs? | 22:54:39 |
| Tristan Ross | I'd like for the CVE stuff to go through review of the security team | 22:55:13 |
| Tristan Ross | Whether that's this or a company trying to upstream a fix. | 22:55:31 |
| 16 Sep 2025 | ||
 rosssmyth | SBOM stuff is generally falling of companies trying to comply with the EU's CRA. When I read the CRA I don't remember there being specific requirements for the SBOM, but once EU states start implementing it there might be. | 16:08:28 |
| rosssmyth | * SBOM stuff is generally falling out of of companies trying to comply with the EU's CRA. When I read the CRA I don't remember there being specific requirements for the SBOM, but once EU states start implementing it there might be. | 16:11:31 |
 Alyssa Ross | SBOM was actually mostly driven by USG after Solarwinds, as I recall… | 16:11:38 |
| rosssmyth | I see, I don't interact with that space so I wouldn't know. | 16:12:42 |
| Alyssa Ross | I don't either, I just know that I'd heard of SBOMs long before I'd heard of the CRA, and been asked for one for the first time before the CRA was even proposed. | 16:13:06 |
| 22 Sep 2025 | ||
 Philip Taron (UTC-8) | For https://github.com/NixOS/nixpkgs/issues/444721, I don't believe that there's anything to report under stdenv. | 18:38:33 |
| Tristan Ross | Yeah, we're good for now I believe | 18:46:48 |
| 23 Sep 2025 | ||
 kenji changed their display name from a-kenji to kenji. | 10:42:49 | |
| 30 Sep 2025 | ||
 dish [Fox/It/She] | Howdy stdenv folks. Progress on the minimal-bootstrap is going okay, but I'm hitting an error(which I'm pretty sure is the same one that the current minimal bootstrap hits) and I'm having issues getting it solved. Current branch with all of my work is https://github.com/pyrox0/nixpkgs/tree/bump/minimal-bootstrap , any help or suggestions on how to resolve this would be helpful. I'll post the tail of my build logs here in a second so that you can see the logs too. | 15:21:07 |
| dish [Fox/It/She] | Download gcc-4.6.4.log | 15:23:25 |
| dish [Fox/It/She] | the issue is on line 103 of the log | 15:23:37 |
 17lifers (at mikuplushfarm) joined the room. | 16:05:33 | |
| 17lifers (at mikuplushfarm) left the room. | 18:41:39 | |
| 1 Oct 2025 | ||
 frontear | I've been trying to compile a C program that uses a few random libs and headers from some packages, which I've correctly declared in Keep in mind this project has no Makefile or CMakeFiles, it's just a bunch of *.h and *.cpp files from an instructor, hence why I need to manually run compilation commands. I'm able to get it to compile by writing the flags myself, but I'm a little confused as to why this isn't working OOTB like the Nixpkgs manual suggests. Is there something I'm missing? | 01:01:28 |
| frontear | * I've been trying to compile a C program that uses a few random libs and headers from some packages, which I've correctly declared in Keep in mind this project has no Makefile or CMakeFiles, it's just a bunch of *.h and *.cpp files from an instructor, hence why I need to manually run compilation commands. I'm able to get it to compile by writing the flags myself, but I'm a little confused as to why this isn't working OOTB like the Nixpkgs manual suggests. Is there something I'm missing? I did check both aforementioned environment variables and they do seem to be populated, so I'm confused. | 01:02:21 |
| rosssmyth | NIX_CFLAGS_COMPILE doesn't do that everything automatically. It's mainly for stdlib stuff. You still need to provide the -I and -L flags for your build inputs, possibly using pkg-config if they supply it. | 03:46:41 |
| frontear | hm I see, I guess what also confused me was seeing that both NIX_CFLAGS_COMPILE and NIX_LDFLAGS were populated with the correct flags to include all the headers and libs respectively, for all of my declared build inputs. That, and the explanation in the Nixpkgs manual suggested that these flags were populated by the stdenv and were used by the CC wrapper and LD wrapper respectively. | 03:58:01 |
| frontear | I’m able to reuse the CFLAGS that are created, I just went ahead and threw pkg-config —libs package1 package2 … and this seems to work | 03:58:47 |
| frontear | Found it: https://github.com/NixOS/nixpkgs/blob/master/pkgs/build-support/cc-wrapper/default.nix#L37 | 05:29:38 |
| frontear | by default link flags aren’t given to NIX_CFLAGS_COMPILE, which matches what I was seeing | 05:29:55 |
| frontear | now the weird thing is that since the CC wrapper should be using the LD wrapper, I’d have expected NIX_LDFLAGS to be relevant for it | 05:30:24 |