| 2 Jul 2021 |
|  Dee joined the room. | 13:23:11 |
|  zuckerberg joined the room. | 14:57:08 |
|  tristan joined the room. | 15:14:53 |
|  edrex joined the room. | 20:17:57 |
|  Las joined the room. | 21:41:09 |
| 3 Jul 2021 |
|  mvnetbiz joined the room. | 09:12:30 |
|  h4rdstyl3z joined the room. | 21:21:28 |
| 5 Jul 2021 |
| zuckerberg changed their profile picture. | 12:40:45 |
|  vika (she/her) 🏳️⚧️ joined the room. | 13:57:11 |
|  andi- joined the room. | 14:21:27 |
|  niksnut joined the room. | 15:12:00 |
|  spacesbot - keeps a log of public NixOS channels joined the room. | 19:21:09 |
| spacesbot - keeps a log of public NixOS channels | 19:49:33 |
|  lovesegfault joined the room. | 20:21:36 |
|  treed joined the room. | 23:09:24 |
| 6 Jul 2021 |
|  multivariante joined the room. | 02:40:58 |
 David Arnold (blaggacao) | I created https://github.com/divnix/blank/ to semantically void inputs via the input.<name>.follows mechanism. WIth this tick, one can craft flake.lockfiles that acually represents an accurate SBOM (minusdivnix/blank` of course). | 08:21:24 |
| David Arnold (blaggacao) | * I created https://github.com/divnix/blank/ to semantically void inputs via the input.<name>.follows mechanism. With this trick, one can craft flake.lockfiles that actually represents an accurate SBOM (minusdivnix/blank of course). | 08:21:57 |
| David Arnold (blaggacao) | Example:
nixpkgs.url = "github:nixos/nixpkgs/release-21.05";
nixlib.follows = "nixpkgs"; # "github:nix-community/nixpkgs.lib";
blank.url = "github:divnix/blank";
deploy.url = "github:serokell/deploy-rs";
deploy.inputs.nixpkgs.follows = "nixpkgs";
deploy.inputs.utils.follows = "utils/flake-utils";
devshell.url = "github:numtide/devshell";
utils.url = "github:gytis-ivaskevicius/flake-utils-plus/staging";
nixos-generators.url = "github:nix-community/nixos-generators";
nixos-generators.inputs.nixpkgs.follows = "blank";
nixos-generators.inputs.nixlib.follows = "nixlib";
nixos-generators.inputs.utils.follows = "utils/flake-utils";
| 08:22:58 |
|  nurelin joined the room. | 11:43:27 |
 tomberek | David Arnold: perhaps I’m not understanding your goal. If the resulting lock file is what you want, then okay, but something doesn’t smell right. | 19:49:30 |
| spacesbot - keeps a log of public NixOS channels changed their display name from spacesbot to spacesbot - keeps a log of public NixOS channels. | 22:11:39 |
| David Arnold (blaggacao) | In reply to @tomberek:matrix.org
David Arnold: perhaps I’m not understanding your goal. If the resulting lock file is what you want, then okay, but something doesn’t smell right. I'm really just playing around, but yeah my impetus here was to craft a genuinely useful lock file that only holds (transient) dependencies that you actually depend on. I think the lock file could be pretty nice basis for a SBOM, eventually: it has all the info and useful metadata to reconstruct a DAG. This strategy, of course, cannot be right as long as fetch* are allowed outside of inputs, since they would not enter such SBOM. | 23:11:42 |
| David Arnold (blaggacao) | * I'm really just playing around, but yeah my impetus here was to craft a genuinely useful lock file that only holds (transient) dependencies that you actually depend on. I think the lock file could be pretty nice basis for a SBOM, eventually: it has all the info and useful metadata to reconstruct a DAG. This strategy, of course, cannot be right as long as `fetch*` are allowed outside of `inputs`, since they would not enter such SBOMs that are based of the lock file. | 23:12:22 |
| mvnetbiz | Can't you just get a DAG from nix-store --graph | 23:18:08 |
| mvnetbiz | Just what flakes you include doesn't give you a very accurate view on anything you build, especially if you have something like nixpkgs which could be any number of tens of thousands of packages | 23:20:20 |
| David Arnold (blaggacao) | In reply to @mvtva:matrix.org
Can't you just get a DAG from nix-store --graph Yeah that's probably the better idea. 😃 Maybe there is a slight advantage to use a checked in file. | 23:29:23 |
| David Arnold (blaggacao) | In reply to @mvtva:matrix.org
Just what flakes you include doesn't give you a very accurate view on anything you build, especially if you have something like nixpkgs which could be any number of tens of thousands of packages That is currently true, but if the vision is to be held up, I guess any fetching outside of inputs could be forbidden. Then, we'd at least not have to deal with missing items. | 23:30:39 |
| David Arnold (blaggacao) | * That is currently true, but if the vision is to be held up, I understand any fetching outside of inputs could be forbidden. Then, we'd at least not have to deal with missing items. | 23:31:07 |
| David Arnold (blaggacao) | ... that means all of nixpkgs to become a collection of flakes, first, of course. | 23:32:21 |
