| 29 Jun 2023 |
|  kirillrdy left the room. | 08:45:34 |
| kirillrdy joined the room. | 08:50:35 |
| 5 Jul 2023 |
 Fabián Heredia | https://github.com/NixOS/nixpkgs/pull/241776 | 22:56:07 |
| 7 Jul 2023 |
|  @bootstrapper:matrix.org left the room. | 05:02:20 |
| 10 Jul 2023 |
|  @achnazoor:matrix.org joined the room. | 09:08:27 |
|  @rz_mj:freiburg.social joined the room. | 19:06:34 |
| 13 Jul 2023 |
 @qbit:tapenet.org | https://go.dev/blog/govulncheck - it would be neat if we had some sorta integration with this.. like a checkphase or something | 15:49:51 |
| @qbit:tapenet.org | probably would be tough though.. because the db is remote | 15:50:25 |
| @qbit:tapenet.org | oh
An experimental tool to generate your own vulnerability database index is provided at golang.org/x/vulndb/cmd/indexdb.
maybe not :D
| 15:50:43 |
 j-k | oh, 1.0.0, time to update | 15:51:21 |
| @qbit:tapenet.org | j-k i created a pr already :D | 15:51:34 |
| j-k | ty | 15:51:42 |
| @qbit:tapenet.org | https://github.com/NixOS/nixpkgs/pull/243297 | 15:52:14 |
 eyJhb | In reply to @qbit:tapenet.org
https://go.dev/blog/govulncheck - it would be neat if we had some sorta integration with this.. like a checkphase or something Thanks for sharing, didn't even know about this | 15:55:08 |
| j-k | I was very excited when it was announced. I was fed up of explaining no this critical k8s vuln doesn't affect my linter that transitively imports k8s stuff. pretty much every single week. | 15:57:42 |
| @qbit:tapenet.org | heh | 15:58:30 |
| @qbit:tapenet.org | i have been using it for a bit now, it seems to do a really good job | 15:58:48 |
| @qbit:tapenet.org | really low false positive rate (not sure i have seen one.. ) | 15:59:07 |
| j-k | I'm surprised they didn't bump the modules for 1.0.0, I doubt none of these have updated since | 15:59:52 |
| @qbit:tapenet.org | oh, hah - i didn't even notice the vendorHash didn't change | 16:02:47 |
| @qbit:tapenet.org | https://github.com/golang/vuln/compare/v0.2.0...v1.0.0.patch i had to double check (make sure i didn't mess up :D) | 16:05:48 |
| @qbit:tapenet.org | (also ... and .diff/.patch are one of my fav features of gh) | 16:06:39 |
| eyJhb | Whops https://pkg.go.dev/vuln/GO-2023-1878 | 18:09:03 |
| eyJhb | Found in my code | 18:09:06 |
| 15 Jul 2023 |
|  @jarkad:tchncs.de joined the room. | 19:27:28 |
| 18 Jul 2023 |
| kirillrdy set a profile picture. | 12:22:39 |
| 22 Jul 2023 |
| @jarkad:tchncs.de left the room. | 02:13:30 |
| 23 Jul 2023 |
|  vcunat joined the room. | 11:52:46 |
 Artturin | https://github.com/NixOS/nixpkgs/pull/242905#issuecomment-1646877937 | 16:17:05 |
| Artturin | the last message from go mod vendor is
k2tf> go: replacement path ./vendor/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/transformer inside vendor directory
| 16:19:10 |
