| 25 Jan 2025 |
 dotlambda | I'm on it. The webvault update requires some manual work | 16:42:43 |
| dotlambda | https://github.com/NixOS/nixpkgs/pull/376765 | 18:08:26 |
| 27 Jan 2025 |
|  Brisingr05 joined the room. | 02:51:21 |
 Niklas Korz | Backport of a high severity fix, accepted by original PR author a week ago: https://github.com/NixOS/nixpkgs/pull/375532#issuecomment-2605160183 | 16:18:24 |
| 28 Jan 2025 |
|  tomf joined the room. | 00:23:57 |
| tomf | FYI, I see the Woodpecker CI plugin for Nix that's advertised on their site has the author's key in extra-trusted-public-keys. I've raised this as https://github.com/woodpecker-ci/woodpecker/issues/4785 | 00:25:06 |
| tomf | If Woodpecker is popular, it might be nice if that project ends up in nix-community. | 00:26:30 |
 adamcstephens | That’s a third party project and not really something for us to fix. You already reported in their repo so I guess that’s all to be done? It’s a pretty simple plugin if you look through the code, and woodpecker can also run with a local backend allowing access to nix without docker | 00:30:43 |
| tomf | Yes, I mentioned it as an FYI to the channel, rather than email to security team because I see it's outside of the team's control/responsibility. I'll keep on top of the issues. | 00:31:29 |
| adamcstephens | Having woodpecker remove it from their list seems reasonable | 00:31:48 |
 hexa | we don't ship any 3rd party woodpecker plugins? | 00:32:02 |
| adamcstephens | We ship the required git plugin and apparently one for transforming from other CI definitions | 00:33:20 |
| adamcstephens | Most plugins are docker containers that are pulled on demand | 00:34:34 |
| 30 Jan 2025 |
| hexa | https://www.openwall.com/lists/oss-security/2025/01/29/1 bind9 globin | 00:22:28 |
| hexa | globin: you last touched this package in 2019, can you please update your maintainership? | 00:23:52 |
| hexa | https://github.com/NixOS/nixpkgs/pull/377848 | 00:35:06 |
| 31 Jan 2025 |
|  cafkafk changed their profile picture. | 05:06:12 |
|  Jonas Chevalier changed their display name from Jonas Chevalier to Jonas Chevalier (FOSDEM). | 19:12:22 |
|  SomeoneSerge (back on matrix) changed their display name from SomeoneSerge to SomeoneSerge (Bruxelles). | 19:32:15 |
|  raboof changed their display name from raboof to raboof@FOSDEM. | 23:55:21 |
| 1 Feb 2025 |
| hexa | https://github.com/python/cpython/pull/129418 CVE-2025-0938 cpython | 00:50:00 |
|  dan_nrw changed their profile picture. | 20:23:59 |
| dan_nrw changed their profile picture. | 20:29:22 |
| 2 Feb 2025 |
|  pbsds changed their display name from pbsds to pbsds (FOSDEM). | 16:04:10 |
| raboof changed their display name from raboof@FOSDEM to raboof. | 22:16:56 |
 Sandro | https://github.com/hedgedoc/hedgedoc/releases/tag/1.10.1 GHSA-6w39-x2c6-6mpf 5.3 | 22:53:04 |
| Sandro | https://github.com/NixOS/nixpkgs/pull/378965 | 23:02:26 |
| 3 Feb 2025 |
|  quasigod joined the room. | 04:17:44 |
| Jonas Chevalier changed their display name from Jonas Chevalier (FOSDEM) to Jonas Chevalier. | 08:23:55 |
| SomeoneSerge (back on matrix) changed their display name from SomeoneSerge (Bruxelles) to SomeoneSerge (Gand St. Pieters). | 13:38:53 |
