| 30 May 2021 |
 kunrooted | In reply to @andi:kack.it
I thought about mentioning security of NixOS containers where root in container is root on the host
This was mitigated some time ago IRRC?
it won't be an issue anymore? | 18:39:55 |
 andi- | I vaguely recall someone talking about it months ago | 18:40:10 |
| kunrooted | I was writing a container a while ago and it was mentioned an issue then by some of my collegues | 18:40:14 |
| andi- | perhaps this? https://github.com/NixOS/nixpkgs/pull/67336 | 18:41:05 |
| kunrooted | ah, so it limits a root on the container? | 18:41:36 |
| kunrooted | I think that still not many people might know about this option | 18:42:19 |
| andi- | It wasn't merged yet so who knows what the actual state is :D | 18:42:43 |
| kunrooted | yeah, it's a 'draft', weird | 18:42:53 |
| 31 May 2021 |
|  [0x4A6F] changed their display name from [0x4A6F] to 0x4A6F. | 08:23:41 |
 ris_ | hah. i've heard of squash-merges before but this author squashes their entire releases https://github.com/pgpartman/pg_partman/commit/0b6565ad378c358f8a6cd1d48ddc482eb7f854d3 | 13:01:19 |
| ris_ | luckily the search_path changes are all i need and they are separable by file | 13:01:56 |
| ris_ | nothing fetchpatch can't handle | 13:02:09 |
| ris_ | still | 13:02:12 |
 Synthetica | why | 13:02:42 |
| Synthetica | why would one do that | 13:02:50 |
|  re-ptarmigan❄️🐦️ changed their display name from reptarmigan to re-ptarmigan❄️🐦️. | 21:56:28 |
| 1 Jun 2021 |
| [0x4A6F] changed their display name from 0x4A6F to [0x4A6F]. | 06:35:18 |
|  tilpner joined the room. | 11:01:44 |
|  stigo joined the room. | 13:11:00 |
|  chvp joined the room. | 13:12:26 |
|  Buckley joined the room. | 13:56:15 |
| * ris_ wonders if we should just automatically label all imagemagick PRs security | 15:20:32 |
|  stick changed their display name from stick to prusnak. | 18:04:45 |
| 2 Jun 2021 |
 Sandro | We can't with the current label action because if I recall correctly it would strip the label from all other PRs | 00:47:09 |
| Sandro | Either a label is fully handled by it or it is interfering with human changes | 00:47:30 |
 hexa | dotlambda: did you look into https://github.com/NixOS/nixpkgs/pull/124975#issuecomment-851023573? | 15:02:26 |
| hexa | I just merged cacert updates into staging-20.09, so it would be good time to merge other pull requests with base:staging-20.09 | 15:02:50 |
 dotlambda | I don't have time for that rn, sorry. | 15:04:06 |
| dotlambda | I would suggest asking on upstream mailing list/IRC | 15:04:26 |
| hexa | the changes apply cleanly and seem to make sense | 15:04:58 |
