| 20 Sep 2025 |
 K900 | And now back to libreoffice mines | 15:02:43 |
 hexa | oh, but for bisect | 15:02:50 |
| hexa | nvm | 15:02:52 |
| K900 | (the entire reason I even noticed this was trying to nixpkgs-review the Plasma bump) | 15:02:56 |
 Grimmauld (any/all) | thats what i ended up doing | 15:03:17 |
 emily | how do we feel about putting https://github.com/NixOS/nixpkgs/pull/435914 on the pile | 16:04:16 |
| emily | should be low-risk | 16:04:18 |
| emily | some question about the appropriate choice of TLS backend on the PR but per my latest comment I don't think that there are actually sensible options other than ngtcp2 + OpenSSL here | 16:04:50 |
| hexa | overdue | 16:05:10 |
| emily | wondering whether nghttp2 will work with the switch | 16:06:30 |
| emily | looks like it builds at least | 16:06:36 |
| emily | oh, enableHttp3 ? false :) | 16:06:58 |
 dish [Fox/It/She] | In reply to @emilazy:matrix.org
some question about the appropriate choice of TLS backend on the PR but per my latest comment I don't think that there are actually sensible options other than ngtcp2 + OpenSSL here agree with this being the best option considering thats what upstream uses | 16:07:05 |
| dish [Fox/It/She] | is there info on closure size differences? | 16:07:20 |
| emily | well, they don't have a super explicit preference | 16:07:25 |
| emily | they support multiple things | 16:07:31 |
| emily | in theory they consider ngtcp2 + any TLS backend to be non-experimental I think | 16:07:41 |
| dish [Fox/It/She] | well yeah but i mean coverage in ci | 16:07:50 |
| dish [Fox/It/She] | as you mentioned in the PR comments | 16:07:57 |
| emily | but it seems like they generally want to converge on ngtcp2 + OpenSSL | 16:08:00 |
| dish [Fox/It/She] | sorry bad wording on my part | 16:08:03 |
| emily | ok, this regresses nghttp2.override { enableHttp3 = true; } | 16:09:17 |
| emily | cc Marie | 16:09:24 |
| emily | it looks like upstream supports OpenSSL backend there but maybe we need to bump version | 16:09:38 |
| emily | oh | 16:09:46 |
| emily | ++ lib.optionals (enableApp && !enableHttp3) [ openssl ]
| 16:09:47 |
| emily | or just fix this | 16:09:51 |
| emily | and drop quictls | 16:10:05 |
| emily | (arguably we should just quictls: drop, only other user than these is HAProxy and HAProxy 3.2 supports QUIC with OpenSSL 3.5 it looks like) | 16:11:27 |
| emily | (though that would be the native OpenSSL QUIC which apparently still has some weirdness, so AWS-LC is another option) | 16:11:51 |
