| 23 Jul 2023 |
 @qbit:tapenet.org | are you getting an error ? | 18:33:43 |
 @atalii:matrix.org | no; just trying to understand the build process so i can do something like it for a different language. my understanding is that first go-modules is built, which runs go mod vendor or go mod download, and that output is then linked into the main derivation? | 18:35:21 |
| @atalii:matrix.org | ^oh, and, if this is correct... how is that possible? go mod vendor downloads the sources for deps (right?), which shouldn't be able to happen in the sandbox? | 18:41:26 |
| @qbit:tapenet.org | i am not sure on the download side of things | 21:48:06 |
 Artturin | In reply to @atalii:matrix.org
^oh, and, if this is correct... how is that possible? go mod vendor downloads the sources for deps (right?), which shouldn't be able to happen in the sandbox? It uses a fixed output derivation which can access network | 22:26:57 |
| Artturin | In reply to @atalii:matrix.org
^oh, and, if this is correct... how is that possible? go mod vendor downloads the sources for deps (right?), which shouldn't be able to happen in the sandbox? * go-modules uses a fixed output derivation which can access network | 22:27:25 |
| Artturin | * go-modules is a fixed output derivation which can access network | 22:27:30 |
| @qbit:tapenet.org | ah, so FOD works because we know what the hash will be? | 22:40:28 |
| @qbit:tapenet.org | so network access is .. ok-ish | 22:40:40 |
| @qbit:tapenet.org | ? | 22:40:59 |
| @qbit:tapenet.org | what denotes that it's FOD? | 22:44:02 |
| @qbit:tapenet.org | or.. i guess.. how would one know it was FOD? | 22:44:53 |
| @atalii:matrix.org | In reply to @artturin:matrix.org
go-modules is a fixed output derivation which can access network ah, thank you - same question as qbit, how does nix 'know' its fixed? | 22:45:51 |
