| 17 Aug 2021 |
 David Arnold (blaggacao) | In reply to @vherrmann:shmerver.de
What relevance has the inherit inputs statement in the devos template? So self.inherits is a 'magic' output of self which is why, when used unduly, results in infinite recursion. @ inputs does not suffer from the same problem. | 12:27:48 |
| David Arnold (blaggacao) | inputs (any of them) on the other hand is the flake's input, next to the 'special' input self. While digga offer a layer of automation, it's intention is not to blur away those flake primitives. This is why they get passed around everywhere and are even available as module args. | 12:31:27 |
| David Arnold (blaggacao) | In reply to @vherrmann:shmerver.de
nrdxp: The function from which the error gets thrown, doesn't exist in the current version of flake-utils-plus, so i don't think it reasonable to search for the bug Does this mean there is a regression w.r.t. new flake-utils-plus versions? digga comes with a locked version and I think we haven't run any tests with a different one. | 12:37:57 |
 @timdeh:matrix.org | In reply to @vherrmann:shmerver.de
nrdxp: On another issue: Why should i trust you (and your gpg key)? Why would you have to trust my gpg-key? | 14:07:24 |
| David Arnold (blaggacao) | The follows patch conflict is solved on the PR, thanks Alex Zero | 14:35:00 |
 @vherrmann:shmerver.de | nrdxp: Hm, its in the default devos template… | 15:20:11 |
| @vherrmann:shmerver.de | So its opt-out and not opt-in | 15:20:29 |
| @timdeh:matrix.org | where exactly? | 15:20:53 |
| @timdeh:matrix.org | (it shouldn't be) | 15:20:58 |
| @vherrmann:shmerver.de | I mean the first key: https://github.com/divnix/devos/blob/079adc4474231d5582fee5574bc5bcc6f133e5ac/flake.nix#L6 | 15:21:46 |
| @vherrmann:shmerver.de | or do i misunderstand the cachix architecture? | 15:22:02 |
| @timdeh:matrix.org | that's not my gpg key | 15:22:10 |
| @timdeh:matrix.org | that's a cache key | 15:22:14 |
| @timdeh:matrix.org | the cache is there to help alleviate building artifacts from the template | 15:22:32 |
| @timdeh:matrix.org | The source for all the packages is right there in the repo so you don't really have to trust me 😉 | 15:22:51 |
| @vherrmann:shmerver.de | In reply to @blaggacao:matrix.org
Does this mean there is a regression w.r.t. new flake-utils-plus versions? digga comes with a locked version and I think we haven't run any tests with a different one. no, i didn't mess with diggas inputs | 15:24:40 |
| @vherrmann:shmerver.de | nrdxp: Well, when i use the cache key, i have to trust you (though i have to that as well, if i just use digga/devos/etc.) | 15:28:52 |
| @vherrmann:shmerver.de | It's just that it's easier to mess with binaries | 15:29:24 |
| @timdeh:matrix.org | Because of the way nix hashes packages, you would only have to trust me if source wasn't available. | 15:29:29 |
| @vherrmann:shmerver.de | but, whatever | 15:29:29 |
| @vherrmann:shmerver.de | hm | 15:29:39 |
| @vherrmann:shmerver.de | yes, with nix it's pretty easy to validate the packages | 15:30:00 |
| @timdeh:matrix.org | if I changed anything, it would change the hash, and it would be a cache miss | 15:30:08 |
| @vherrmann:shmerver.de | But for that i would have to build them, or not? | 15:30:12 |
| @vherrmann:shmerver.de | or no, as long as i trust cachix, i don't have to trust you, am i right? | 15:30:43 |
| @timdeh:matrix.org | no | 15:30:47 |
| @vherrmann:shmerver.de | so, you're saying i have to trust you? | 15:31:25 |
| @vherrmann:shmerver.de | hm | 15:33:15 |
| @vherrmann:shmerver.de | well anyways… | 15:33:33 |
| @vherrmann:shmerver.de | there are millions of other security issues with my setup | 15:34:06 |
