| 17 Dec 2024 |
 GGG | well, they have a commit updating it to .NET 9, you could try building from that: https://github.com/aaru-dps/Aaru/commit/3d8ba7df385a43fccfee5b16cb90532197b8931d | 22:53:22 |
 Corngood | I would be very surprised if Microsoft didn't patch a serious vulnerability if it was found in the next couple years. And I think at the very least we'd be likely to hear about it. | 22:53:29 |
 Whovian9369 | I do that in the same flake and normally use it in my day to day NixOS-WSL environment (though as of yesterday seems broken on my machine, need to check on that), but again 🤷 | 22:53:34 |
| Whovian9369 | {
packages = {
x86_64-linux = {
default = self.packages.x86_64-linux.prerelease;
git = nixpkgs.legacyPackages.x86_64-linux.callPackage ./git.nix {};
lts = pkgs.callPackage ./lts.nix {};
prerelease = pkgs.callPackage ./prerelease.nix {};
};
};
};
| 22:54:04 |
| GGG | they won't, they'll just tell people to upgrade, if you bought into the whole new .NET scheme you also bought into the release cadency.
if you want stability then just stick with .NET Framework | 22:54:06 |
| GGG | they did this exactly so they didn't have to maintain a billion versions of .NET | 22:54:18 |
| Corngood | Yeah, I know they aren't planning on fixing anything, but I still think they'd do it if it was bad enough. I don't object to it being marked insecure though, because I can make that call myself. | 22:56:28 |
| GGG | if you do know of something in nixpkgs that is insecure though, I'd argue for making a PR marking it insecure | 22:59:01 |
| GGG | and then see people's arguments if they argue against it | 22:59:10 |
| Corngood | Of course, but when does EOL == insecure? Like is llvm 12 going to get fixes? | 22:59:41 |
| GGG | though I guess you're talking about things that haven't been officially dropped but are kind of dropped | 22:59:48 |
| GGG | that's the standard afaik, it has been done with openssl iirc | 23:00:16 |
| GGG | I'll check if this is the right mechanism though | 23:01:11 |
| Corngood | Yeah, and I actually have openssl 1.1 in my permitted list too :|
I just carefully use it for compatibility with certain things. | 23:01:52 |
| GGG | Xen seems to do the same as well | 23:02:11 |
| Whovian9369 | I have openssl 1.1 in my premitted list because of Sublime Text 4. (Curse you, Sublime!) | 23:02:24 |
 6pak | me too for ancient unity | 23:02:53 |
| 6pak | is there really no openssl1->3 shim? | 23:03:01 |
| Corngood |
me too for ancient unity
me too for modern unity ðŸ˜
actually I'm not 100% sure I still need it on unity 6
| 23:03:56 |
| Whovian9369 | By the way, thank you all again for the time and thoughts with my issues on aaru. I'll leave them as config.permittedInsecurePackages entries and call it a day, if not making them throw and complain later. | 23:04:11 |
| 6pak | unity 6 should be fine | 23:04:23 |
| GGG | does this mean that you plan to keep .NET 6 around even for the next release then? | 23:08:28 |
| GGG | until now we've been keeping them deprecated for one release then removing on the next | 23:08:43 |
| Corngood | I have no problem with removing it once it's unused in nixpkgs, and assuming nobody makes a good case to keep it. I can always resurrect it locally if I need to, and hopefully I won't by then. | 23:17:26 |
| GGG | Fair enough, I was afraid we'd have to keep a dead version of .NET around | 23:19:43 |
| Whovian9369 | ($ rg -il --sort=path sdk_6 in my local checkout shows a number of packages that still appear to use it) | 23:19:43 |
| GGG | yeah, there's an open issue to get rid of it in nixpkgs | 23:19:57 |
| Whovian9369 | Ah wasn't familiar - Whoops! | 23:20:53 |
| GGG | https://github.com/NixOS/nixpkgs/issues/326335 | 23:21:07 |
| GGG | might jump into a few of them myself to speed it up honestly | 23:21:24 |
