| 17 Aug 2021 |
 @vherrmann:shmerver.de | (Just like most setups have millions of security issues) | 15:37:57 |
 @timdeh:matrix.org | no I'm not | 15:38:10 |
| @timdeh:matrix.org | I'm saying if I changed anything, it would be a cache miss | 15:38:23 |
| @timdeh:matrix.org | (for you) | 15:38:33 |
| @timdeh:matrix.org | so if I take package A from DevOS and secretly modify a line, and upload the result in cachix, and then you come and download package A from DevOS, you will not download my modified version, because my version has a different hash, which without the source, you can't even calculate. | 15:39:32 |
| 18 Aug 2021 |
 David Arnold (blaggacao) | In reply to @vherrmann:shmerver.de
So its opt-out and not opt-in The config settings you refer to are opt-in. You will be explicitly asked by the cli if you trust them, and if you want to record that decision for future invokations. | 00:02:55 |
 ultranix | that would be.. opt in | 04:41:28 |
| @vherrmann:shmerver.de | lol, i forgot that | 05:17:58 |
| @vherrmann:shmerver.de | :S | 05:27:45 |
| @timdeh:matrix.org | no worries 😅 | 17:28:54 |
| 19 Aug 2021 |
|  @gromzly:fullthese.website joined the room. | 14:40:59 |
| David Arnold (blaggacao) | I made the nix-patch overlay use the latest version of nix & that also should save us for a while w.r.t. the follows patch.... | 23:29:24 |
| David Arnold (blaggacao) | https://github.com/divnix/digga/commit/2c5953f284690a89bfd472418141e3afea2dcf5d | 23:29:25 |
| 20 Aug 2021 |
| David Arnold (blaggacao) | So do we abolish the all profile tests then? | 01:17:20 |
| David Arnold (blaggacao) | [Poll] Agree
0. yes
1. maybe | 01:17:45 |
| David Arnold (blaggacao) | 😁 | 01:17:48 |
| David Arnold (blaggacao) | 0. yes | 01:18:00 |
 @gtrunsec:matrix.org | 0 | 01:18:19 |
| David Arnold (blaggacao) | (you see I'm completely neutral) 😂😎 | 01:18:25 |
 yusdacra | 1. maybe | 01:19:18 |
| @gtrunsec:matrix.org | Extending the custom test experience is what we need to do | 01:23:30 |
 @danielphan.2003:matrix.org | 0. yes | 03:48:11 |
 @kraftnix:matrix.org | 1. maybe | 11:25:41 |
| @timdeh:matrix.org | It was my original intention to create some mechanism to replace it with something which pulls in a single profile into a test environment, to avoid potential conflicts. I'd rather see something like that 👍️ | 12:39:38 |
| @kraftnix:matrix.org | i continue to use the profiles tests for simple configs like my laptops but have disabled for all my servers which have much more complex configurations, and instead use the custom tests for those servers. | 15:32:21 |
| @timdeh:matrix.org | yubikey finally works with agenix in a reasonable fashion | 15:54:47 |
| @kraftnix:matrix.org | niice, i had the nasty moment a week ago when i had to rekey 50 secrets 😬, took a while... | 15:55:33 |
| @timdeh:matrix.org | hmm, it even asked for pin on rekey? I never had that problem, it was only decrypt that was the issue for me | 15:56:16 |
| @kraftnix:matrix.org | although it looks like "once" still isnt supported 😥 | 15:56:48 |
| @timdeh:matrix.org | The only caveat (which I outlined in the updated instructions) is that to get it to be ergonomic a PIN policy of 'never' is needed until proper agent support is implemented somehow | 15:56:55 |
