!UNVBThoJtlIiVwiDjU:nixos.org

Staging

401 Members
Staging merges | Find currently open staging-next PRs: https://github.com/NixOS/nixpkgs/pulls?q=is%3Apr+sort%3Aupdated-desc+head%3Astaging-next+head%3Astaging-next-21.05+is%3Aopen128 Servers

Load older messages


SenderMessageTime
1 Jul 2026
@hexa:lossy.networkhexaannoying00:02:23
@emilazy:matrix.orgemily it does give us the chance to pick up Rust 1.96.1 if we do it, since that was rushed out to ship both the libssh2 fixes and fix a miscompilation bug, though AFAICT the miscompilation bug isn't bad enough to be worth the rebuilds unless we're eating them anyway because of libssh2 00:03:35
@emilazy:matrix.orgemilywe are sufficiently ahead of schedule that it feels like it might be worth eating the rebuilds rather than shipping an RCE for weeks on unstable, but don't feel confident enough to make the call myself. worried about a call not happening until it's throwing away even more builds / delaying things longer though00:05:02
@hexa:lossy.networkhexalet's just do it00:07:31
@hexa:lossy.networkhexait's not the stdenv00:07:37
@hexa:lossy.networkhexait will be highly parallel00:07:44
@hexa:lossy.networkhexadarwin looks idle right now00:07:49
@hexa:lossy.networkhexalinux does 35k/25k steps per day00:08:06
@hexa:lossy.networkhexaso probably a two day delay00:08:25
@hexa:lossy.networkhexathe earlier the changes can be landed the better00:08:40
@emilazy:matrix.orgemilynot sure if I will have the time tonight to prepare a PR that picks the patches, the current one bumps to an unstable version with a ~600 commit delta from the release00:09:36
@emilazy:matrix.orgemilywhich scares me00:09:42
@whispers:catgirl.cloudwhispers [& it/fae]just yoinking the three patches from debian seems very low-risk and sane. diffs are small00:11:10
@hexa:lossy.networkhexayeah, could mean nothing is ready for the (breaking?) changes in there00:11:18
@hexa:lossy.networkhexaI'm not super sure about the full scope; do the three patches cover everything relevant?00:11:49
@hexa:lossy.networkhexaRedacted or Malformed Event00:11:58
@whispers:catgirl.cloudwhispers [& it/fae]they cover the three CVEs I'm aware of and that the rust folks patched. i haven't tracked closely enough to know if there are others, though.00:13:25
@whispers:catgirl.cloudwhispers [& it/fae] * 00:14:09
@whispers:catgirl.cloudwhispers [& it/fae]same three posted about on oss-sec too: https://seclists.org/oss-sec/2026/q2/101000:14:52
@hexa:lossy.networkhexacan you quickly check the pr?00:17:41
@hexa:lossy.networkhexa^00:17:48
@hexa:lossy.networkhexaRedacted or Malformed Event00:17:54
@emilazy:matrix.orgemilyhttps://github.com/rust-lang/cargo/pull/17140 has the rust backports00:18:50
@emilazy:matrix.orgemilyfor comparison00:19:04
@emilazy:matrix.orgemily2026-55200 looks correct00:19:40
@emilazy:matrix.orgemilyas does 2026-5519900:19:53
@emilazy:matrix.orgemily2025-15661 makes my eyes glaze over so I'll let someone else assess that one00:20:02
@whispers:catgirl.cloudwhispers [& it/fae] this pr fails to build as-is, patches for 55200 don't apply 00:33:31
@hexa:lossy.networkhexadoes debian apply them to a different version?00:34:01
@emilazy:matrix.orgemilywe could perhaps just pick the ones from Rust00:36:58

Show newer messages


Back to Room ListRoom Version: 6