| 20 Sep 2025 |
 Marie | As of writing this, the QuicTLS project follows OpenSSL very closely and provides update simultaneously
| 16:25:43 |
| Marie | thats a bit outdated from what I've heard | 16:25:55 |
| Marie | also successfully built nghttp2.override { enableHttp3 = true; } | 16:26:35 |
 emily | fwiw https://github.com/haproxy/haproxy/commit/bbe302087ccc1471a97d88ec1c24fbc55e4d1c51 | 16:27:56 |
| emily | is where they said "OpenSSL 3.5 fine" (and did not change their description of QuicTLS) | 16:28:06 |
 nim65s | zvbi is failing before that | 16:28:17 |
| nim65s | ntsc-cc.c:55:11: fatal error: 'X11/X.h' file not found | 16:28:27 |
| emily | why on earth is thrift pulling in zvbi… | 16:29:18 |
| nim65s | 
Download image.png | 16:30:17 |
| emily | the bumps need moving up above "ngtcp2: use openssl instead of quictls" to avoid intermediate broken states, and I think the curl and nghttp2 changes should be squashed into that. otherwise LGTM. can worry about HAProxy later I suppose, but we should probably get it off QuicTLS… | 16:30:38 |
| emily | aha. well, … we'll need to fix that anyway, because obviously ffmpeg-headless needs to work on Darwin | 16:31:01 |
| emily | so that's just staging noise | 16:31:05 |
| emily | as you can see, ~all of Python is broken there :) | 16:31:20 |
| Marie | alright | 16:31:57 |
| Marie | doing another build right now, since i forgot to rebase | 16:32:27 |
 aloisw | Unless something has changed in the last couple of days and GitHub search is weird, nginx also still uses quictls package. However OpenSSL seems to work there fine as well. | 16:44:58 |
| emily | rg quictls pkgs/servers/http/nginx/ returns nothing for me | 16:47:00 |
| aloisw | It's overridden in all-packages.nix. | 16:47:14 |
| emily | https://github.com/search?q=repo%3ANixOS%2Fnixpkgs%20quictls&type=code doesn't show Nginx for me either, am I missing something? | 16:47:24 |
| aloisw | (do not read the comment) | 16:47:25 |
| emily | aha. only for nginxQuic | 16:47:46 |
| emily | ok, we can punt what to do for that stuff for later. | 16:48:09 |
| emily | OpenSSL 3.5 or AWS-LC seem like the sensible options. | 16:48:17 |
| aloisw | all-packages.nix is excluded from that due to its size I guess? | 16:48:17 |
| emily | it's not even that big any more | 16:48:30 |
| emily | 15k lines | 16:48:32 |
| emily | but yeah I guess | 16:48:34 |
| aloisw | Obviously, because why would you use quictls other than for quic. | 16:48:37 |
 K900 | I do wonder what the limit is | 16:49:36 |
| Marie | pushed now, which changes do you want squashed? | 16:49:56 |
