| 25 Mar 2022 |
 Jan Tojnar | * sorry, I meant squashing it even with the update commit, since that one is still broken | 14:45:03 |
 Pol | Ok | 14:45:37 |
| Pol | done. | 14:46:42 |
| Jan Tojnar | thanks | 14:50:34 |
| Pol | Thanks ! :) | 14:58:21 |
| 31 Mar 2022 |
|  Daniel Siepmann joined the room. | 17:21:50 |
| 2 Apr 2022 |
| Pol | Composer update to review: https://github.com/NixOS/nixpkgs/pull/166944 | 16:29:16 |
| 6 Apr 2022 |
| Pol | We need some review here: https://github.com/NixOS/nixpkgs/pull/162376 | 08:41:02 |
| 8 Apr 2022 |
| Pol | Rename the symfony-cli binary in symfony: PR to review here: https://github.com/NixOS/nixpkgs/pull/167837 | 08:29:08 |
| Pol | In reply to @drupol:matrix.org
We need some review here: https://github.com/NixOS/nixpkgs/pull/162376 etu: Could you check this PR ? I think it's ready to merge, can you have a look at it? | 08:29:57 |
| Pol | Thanks mate, much appreciated. | 09:11:43 |
| 10 Apr 2022 |
| Pol | etu: Another easy one: https://github.com/NixOS/nixpkgs/pull/167837 | 20:14:12 |
| 12 Apr 2022 |
| Pol | \o/ nixpkgs-unstable is unblocked ! | 19:10:09 |
| 13 Apr 2022 |
| Pol | PHP 7.4.29, 8.1.5 is already in a PR, awaiting for PHP 8.0.18 to remove the DRAFT status from the PR. | 19:28:18 |
| Pol | Link: https://github.com/NixOS/nixpkgs/pull/168514 | 19:28:22 |
| Pol | In reply to @drupol:matrix.org
etu: Another easy one: https://github.com/NixOS/nixpkgs/pull/167837 Thanks ! | 19:28:29 |
| 14 Apr 2022 |
| Pol | PR is ready for review: https://github.com/NixOS/nixpkgs/pull/168514 | 13:45:38 |
| Pol | etu: Ready to merge ^^ | 16:35:36 |
| 15 Apr 2022 |
| Pol | I just created a PR to fix the security vulnerability with Composer: https://github.com/NixOS/nixpkgs/pull/168783 | 12:46:33 |
| Pol | I added the tag severity: security, I hope this is ok. | 12:46:54 |
| Pol | Could be nice to have someone to review/merge this quickly. | 12:47:28 |
 hexa | would be nice to have a link to the release notes and/or advisory in the commit message | 12:51:14 |
| hexa | as well as a Fixes: <CVE-Idenitifer | 12:51:25 |
| hexa |
nix-repl> php.packages.composer.version
"2.1.9"
| 12:52:12 |
| hexa | also, what about release-21.11? | 12:52:18 |
| Pol | I will amend the commit. | 12:52:43 |
| hexa | according to https://github.com/composer/composer/security/advisories/GHSA-x7cr-6qr6-2hh6 the 2.1.9 release is affected | 12:53:02 |
| Pol | For the release notes, which file should I have to edit? | 12:53:07 |
| Pol | yes, everything under 2.3.5. | 12:53:15 |
| hexa | well, actually <1.10.26 || >=2.0,<2.2.12 || >=2.3,<2.3.5 | 12:53:24 |
