| 10 Aug 2021 |
 sterni | what were you doing exactly? libcxxabi is in extraPackages of libcxxClang, so it should not fail in this way | 18:01:23 |
 Vladimír Čunát | In reply to @Las:matrix.org
The issue is you can't check commit signatures when using the github fetcher Does it make sense to check git signature unless you have the whole history? (up to that commit; in particular, no --depth stuff) | 18:49:20 |
 Las | In reply to @vcunat:matrix.org
Does it make sense to check git signature unless you have the whole history? (up to that commit; in particular, no --depth stuff) I'm not sure. I found other ways of heavily reducing the time it takes to fetch Nixpkgs, specifically --filter=tree:0, but it still takes 4 times as much time. | 18:56:55 |
| Las | With a shallow repository I can still see that the commit is signed | 18:57:16 |
| Las | But I'm not sure if it can be trusted | 18:57:22 |
| 11 Aug 2021 |
 Kha | In reply to @Las:matrix.org
The issue is you can't check commit signatures when using the github fetcher And also the github fetcher is rate limited (60 requests/h per public IP(!)) while the git fetcher isn't, right? | 09:08:16 |
| Kha | Basically github: works great until it doesn't anymore | 09:08:29 |
| Kha | In reply to @Las:matrix.org
The issue is you can't check commit signatures when using the github fetcher * And also the github fetcher is rate limited (60 requests/h per public IP(!) without GH token) while the git fetcher isn't, right? | 09:09:05 |
| Las | That is very low. With shallow cloning I honestly don't see the need for it anymore. | 11:09:40 |
| sterni | who runs a garbage collect 60 times an hour is the question? | 13:05:34 |
| sterni | I don't think there's any conceivable scenario where this is an issue | 13:05:45 |
 andi- | It isn't about 60 times an hour. Divide that by the number of sources you might require for your build (and perhaps you are changing some). I usually run into that limit when I update my source pinnings of my infra repo twice in the same hour. | 13:09:27 |
| Kha | Then divide that by the number of machines/people behind a single IP, e.g. at an office or university | 13:13:57 |
| andi- | Yeah and all of that because GH doesn't deploy IPv6 :) | 13:14:48 |
 nixinator | rate limiting will get worse. | 13:17:32 |
| nixinator | not better. | 13:17:35 |
| nixinator | In reply to @andi:kack.it
Yeah and all of that because GH doesn't deploy IPv6 :) what has v6 got do with rate limiting? | 13:18:14 |
| andi- | They could either rate limit on per /64 or per unique address on the side of GitHub. Worst case they use a /56 or even a /48 as prefix for common rate limit but best case they'd limit it on a L2 segment and thus allowing multiple customers on e.g. CGNAT do not interfere with each others ratelimits.
In german cable networks CGNAT is very dominant and often you run into ratelimits with GitHub as the outbound IPv4 NAT address might be used by many users within the same area. | 13:20:02 |
| nixinator | that's what i was thinking internally... like 'it can't be a nat state problem'...it is...for my life! | 13:20:43 |
| andi- | Anyway that is rather off-topic for this channel (perhaps a good background information on why ratelimits are an issue). | 13:21:08 |
| nixinator | yeah..i agree!! but damm interesting. | 13:21:26 |
| andi- | Am I missing something or is the nix daemon leaking Loggers after a connection terminates / a new one is established?
https://github.com/NixOS/nix/blob/c000cec27fcb16548606830410be265eb082f777/src/libstore/daemon.cc#L939 | 17:39:01 |
| andi- | (Probably not very dangerous/important as that happens in a forked client anyway) | 17:40:48 |
|  Rev. CornWallace III (novus ordo seclorum) changed their display name from cw (? days since last shower) to cw (not sticky anymore). | 17:56:34 |
 pamplemousse | Is there a way to use an alternative store with nix?
I am trying out --store /something --option build-use-substitutes false (option to not pull down from cache.nixos.org), but I am still having build failures.
In particular:
error: builder for '/nix/store/myfzvw3m2fzg7r3xkzr15c0flbc9mxiq-bash-4.4.tar.gz.drv' failed to produce output path for output 'out' at '/out/nix/store/rv68r40mwx7xa7vrlmanczkkjcnkc452-bash-4.4.tar.gz'
seems strange to me, why is the .drv in /nix/store?
| 18:07:23 |
| pamplemousse | (I am trying to nix develop on https://github.com/nixos/nix (i.e. uses flakes) | 18:08:12 |
| pamplemousse | * (I am trying to nix develop on https://github.com/nixos/nix - i.e. uses flakes) | 18:08:24 |
| Las | に返信 @pamplemouss_:matrix.org
(I am trying to nix develop on https://github.com/nixos/nix - i.e. uses flakes) I remember seeing some recent commit about that and nix develop | 19:37:08 |
| Las | I recommend you try using the latest commit | 19:37:20 |
| pamplemousse | Got the same error popping 😕 | 21:07:57 |
