!UNVBThoJtlIiVwiDjU:nixos.org

Staging

401 Members
Staging merges | Find currently open staging-next PRs: https://github.com/NixOS/nixpkgs/pulls?q=is%3Apr+sort%3Aupdated-desc+head%3Astaging-next+head%3Astaging-next-21.05+is%3Aopen128 Servers

Load older messages


SenderMessageTime
1 Jul 2026
@emilazy:matrix.orgemilywe could perhaps just pick the ones from Rust00:36:58
@emilazy:matrix.orgemilyDebian seems to be on an older version and has a CVE fix from 2023 too and other patches00:37:25
@emilazy:matrix.orgemilyperhaps less likely to apply to our version00:37:30
@whispers:catgirl.cloudwhispers [& it/fae]nah, they're not pulling the 2023 fix at all i think, it's commented here: https://salsa.debian.org/debian/libssh2/-/blob/1d4906e6ebe85a9da2931ba33677ead96a61f07f/debian/patches/series#L6. but yeah it seems like they're still on 1.11.100:38:17
@whispers:catgirl.cloudwhispers [& it/fae]* nah, they're not pulling the 2023 fix at all i think, it's commented here: https://salsa.debian.org/debian/libssh2/-/blob/1d4906e6ebe85a9da2931ba33677ead96a61f07f/debian/patches/series#L6. it seems like they're also on 1.11.100:38:37
@whispers:catgirl.cloudwhispers [& it/fae]just raw pulling the (3 CVE + libssh-unconst-backport.patch) debian patches as-is and applying them builds fine for me (ignoring that pr entirely)00:42:25
@whispers:catgirl.cloudwhispers [& it/fae]some function names are different between the debian patch and the one in #533237, which looks like the cause of patch application failure00:43:08
@hexa:lossy.networkhexagreat00:47:41
@hexa:lossy.networkhexasubmit it :)00:47:45
@whispers:catgirl.cloudwhispers [& it/fae]https://github.com/whispersofthedawn/nixpkgs/commit/221328822354d21491261889713272011e89dbcf builds with the unmodified debian patches00:47:43
@whispers:catgirl.cloudwhispers [& it/fae]* https://github.com/whispersofthedawn/nixpkgs/commit/221328822354d21491261889713272011e89dbcf builds with the patches vendored from debian00:47:53
@emilazy:matrix.orgemilylooks like https://github.com/rust-lang/cargo/pull/17140/changes/353ce102e892a12a2fa04219ed4a6379c7e5031a avoids the macro backports00:48:27
@emilazy:matrix.orgemilybut picking the macro backport should be good too / maybe better00:48:33
@emilazy:matrix.orgemilyyou can fetchurl these directly from salsa00:49:03
@emilazy:matrix.orgemilyother than that LGTM, let's get a PR :)00:49:14
@whispers:catgirl.cloudwhispers [& it/fae]…right, i forgot you didn't need to fetchpatch (which infrecs), will dop00:49:47
@whispers:catgirl.cloudwhispers [& it/fae]* …right, i forgot you didn't need to fetchpatch (which infrecs), will do00:49:48
@emilazy:matrix.orgemily yeah if you're fetching patch files vendored inside a repo from a commit-pinned URL fetchurl is fine 00:51:17
@emilazy:matrix.orgemilysince it's not dynamic00:51:19
@hexa:lossy.networkhexaouch00:52:11
@hexa:lossy.networkhexathat means it it is in the fetchpatch bootstrap chain00:52:20
@hexa:lossy.networkhexawhich explains the rebuild count00:52:23
@emilazy:matrix.orgemilyI wonder why00:52:43
@emilazy:matrix.orgemilymaybe we can break that00:52:57
@emilazy:matrix.orgemilytbh though since it's a Rust rebuild…00:53:01
@hexa:lossy.networkhexain curl00:53:04
@emilazy:matrix.orgemilyit'll still be tons00:53:05
@emilazy:matrix.orgemilyoh, makes sense00:53:10
@hexa:lossy.networkhexayou think?00:53:23
@hexa:lossy.networkhexaI don't think I ever had to fetchpatch over ssh00:53:33

Show newer messages


Back to Room ListRoom Version: 6