| 18 Aug 2025 |
 emily | yeah, but no guarantee the fixes are public AIUI :( | 01:14:01 |
| emily | and JavaFX contains an entire WebKit | 01:14:11 |
 msgilligan | Yes, there's that too. | 01:14:13 |
| msgilligan | Yep, and WebKit oh my! | 01:14:27 |
| emily | (and from what I saw they don't seem to be fantastic at backporting upstream security fixes) | 01:14:32 |
| msgilligan | FX WebKit is separate (Java) module. I wonder if we have any packages that use it? | 01:16:17 |
| msgilligan | But since we seem to have consensus on merging the Gradle 9 PR as is, can we get some reviews? | 01:18:47 |
| msgilligan | Yes, thanks I would like to. I'm still have a lot to learn, but the best way to do that is to try to help out people who know more than me. And I have found the community to be very suppotive. | 01:21:35 |
| msgilligan | * Yes, thanks I would like to. I'm still have a lot to learn, but the best way to do that is to try to help out people who know more than me. And I have found the community to be very supportive. | 01:21:52 |
| msgilligan | * Yes, thanks I would like to. I still have a lot to learn, but the best way to do that is to try to help out people who know more than me. And I have found the community to be very supportive. | 01:22:02 |
| 21 Aug 2025 |
| msgilligan | https://github.com/NixOS/nixpkgs/pull/426903
This one fixes several CVEs and is over a month old. I tried to run nixpkgs-review pr 426903 against it locally but ran out of disk space. I don't yet understand the details of nixpkgs-review but I think it might help if the PR is rebased.
Can someone rebase and or review this PR?
| 19:46:56 |
| emily | nixpkgs-review on packages with that many dependencies is hopeless; it'll try to build too much stuff | 19:50:19 |
| emily | ofborg is happy though, so I'll merge | 19:50:37 |
| emily | I've spent several minutes trying to apply a backport label and been stymied by GitHub's UI being incredibly laggy. amazing. | 19:56:43 |
| msgilligan | Yeah, that been hitting me too. | 19:57:26 |
| msgilligan | I haven’t tried it on smaller repos yet today so I don’t know if it’s because of Nixpkgs’ size | 19:58:41 |
 Infinidoge 🏳️⚧️ | Fair warning: I'll be more absent than usual the next couple days while moving back to university | 20:03:31 |
| emily | if someone could test just the build of github:NixOS/nixpkgs/pull/435652/merge#jdk itself that would be great | 20:04:07 |
| emily | for the backport | 20:04:08 |
| emily | err, should be /head I guess | 20:04:19 |
| emily | but it'll probably be based on a staging commit so you'd want to cherry-pick it… | 20:04:28 |
| emily | so this is no longer a super simple request, oh well | 20:04:33 |
| msgilligan | I can try to do this on aarch64-darwin and/or aarch64-linux. I'm not sure what I need to do, though. | 20:44:25 |
| emily | check out release-25.05 and apply the commit on top | 20:44:58 |
| emily | (e.g. via curl ….patch | git apply or by fancy gh command) | 20:45:12 |
| emily | (or fetching the PR branch / pulls/N/head commit and git cherry-picking that) | 20:45:26 |
| emily | and then build jdk | 20:45:28 |
| msgilligan | OK, I'll do it after I change location. | 20:45:51 |
 PROgrm_JARvis | Running nixpkgs-review on it just now (x86_64-linux) | 20:47:13 |
| emily | that will never terminate | 20:47:36 |
