| 3 Apr 2023 |
 vcunat | I wonder if it would ping the right people if you opened master against release-22.11 or something like that. | 12:20:45 |
 Janne HeΓ | In reply to @raitobezarius:matrix.org
This would probably be helpful towards fail-safe auto-rollbacks (which is also an open issue somewhere) Should be trivial in nixos-rebuild. We have something similar in our homegrown deployment solution | 12:22:14 |
 raitobezarius | In reply to @janne.hess:helsinki-systems.de
Should be trivial in nixos-rebuild. We have something similar in our homegrown deployment solution Feel free to chime in https://github.com/NixOS/nixpkgs/issues/65477 | 12:22:49 |
| raitobezarius | Doing it in a sustainable way probably requires some refactors :> | 12:23:01 |
| raitobezarius | riotbib: another heads-up on https://github.com/NixOS/nixpkgs/pull/207382#issuecomment-1371303817 which will probably be complicated to detail | 12:30:46 |
| raitobezarius | hexa: what do you think of using https://gist.github.com/gador/a740144a6949b1272991cda5e35b8457 as a way to upgrade? | 12:31:28 |
 @linus:schreibt.jetzt | (late to the party, but) Stoat is an excellent choice of animal, they're adorable! | 12:47:48 |
| raitobezarius | I think we should also have a rule | 13:21:51 |
| raitobezarius | where we have to choose something that is represented by the current emoji standard | 13:21:58 |
| raitobezarius | riotbib: tapir is not there yet afaik :p | 13:22:09 |
|  nki β‘οΈ joined the room. | 14:13:20 |
 Ilan Joselevich (Kranzes) | In reply to @raitobezarius:matrix.org
riotbib: tapir is not there yet afaik :p Then it's a bad rule. | 14:50:53 |
 hexa | re https://github.com/NixOS/nixpkgs/issues/215571 wondering if we should relax knownVulnerabilities for 23.05 | 15:29:51 |
| hexa | knownVulnerabilities = lib.optional (withClient || withRelay) "The client and relay component of the dhcp package have reached their end of life";
| 15:30:07 |
| hexa | * re https://github.com/NixOS/nixpkgs/issues/215571 wondering if we should relax knownVulnerabilities for dhclient 23.05 | 15:30:18 |
| hexa | not aware of any concrete security issues | 15:30:38 |
| hexa | * not aware of any concrete security issues π€· | 15:30:45 |
| hexa | like a one time deal for 23.05, not for unstable | 15:31:30 |
| hexa | * like a one time deal for 23.05, not for unstable, not for 23.11 | 15:31:36 |
| raitobezarius | Sounds good to me | 15:48:39 |
| raitobezarius | Though, if udhcpc gets through and fixes the issue, I'm more in favor of this | 15:49:00 |
| hexa | I don't see any manifestation of the required code yet, so π | 15:50:19 |
| raitobezarius | https://github.com/NixOS/nixpkgs/pull/224489/files#diff-9538c800780031db3dfa7746f5a36fbbc895c60fdc896385bedd36940927427dR27 | 15:58:30 |
| raitobezarius | Is it a good thing to add links to downstream users of bootspec such as lanzaboote or detsys/bootspec ? | 15:58:44 |
| raitobezarius | riotbib: we should check for all references to nixos-option in our NixOS manual and kill it with fire | 16:54:22 |
| raitobezarius | it's broken at the moment | 16:54:25 |
| raitobezarius | better fix it for our release as I see this is a problem in 22.11 | 16:54:34 |
| Janne HeΓ | In reply to @raitobezarius:matrix.org
https://github.com/NixOS/nixpkgs/pull/224489/files#diff-9538c800780031db3dfa7746f5a36fbbc895c60fdc896385bedd36940927427dR27 Is the issue fixed where 1970-01-01 shows up as the build time in the bootloader? π | 19:34:46 |
| raitobezarius | In reply to @janne.hess:helsinki-systems.de
Is the issue fixed where 1970-01-01 shows up as the build time in the bootloader? π The fix is here: https://github.com/nix-community/lanzaboote/pull/139 :) | 19:46:20 |
| raitobezarius | We need to merge it honestly | 19:46:24 |
