| 16 Oct 2023 |
 Artturin | Not exactly sure what it's testing | 07:48:10 |
 l0b0 | It's checking that my configuration conforms to best practices as recommended by ssh-audit. I'm no SSH/security expert, but at least some of the recommendations make sense. | 07:49:19 |
| l0b0 | It might be useful as a demo for what could be considered a secure configuration (at least by some segment of users) "right now", rather than just using the OpenSSH defaults like NixOS does. | 07:50:41 |
| l0b0 | Just waiting for a giant 23.05 upgrade (for some reason), will have a look afterwards. | 07:51:16 |
| l0b0 | * It's checking that my configuration conforms to best practices as recommended by ssh-audit. I'm no SSH/security expert, but at least some of the recommendations (like not allowing SHA-1 algos) make sense. | 07:51:46 |
| Artturin | In reply to @vengmark2:matrix.org
Just waiting for a giant 23.05 upgrade (for some reason), will have a look afterwards. staging-next-23.05 was merged a few days ago with security fixes (curl etc) | 07:53:54 |
| l0b0 | https://github.com/NixOS/nixpkgs/pull/261356 - a bit quick, but I gotta sleep. | 08:57:20 |
| 18 Oct 2023 |
|  Alex S changed their display name from ultra (NixOS integrated with PackageKit wen) to Alex S. | 10:00:58 |
| 23 Oct 2023 |
 raitobezarius | I'm adopting https://github.com/NixOS/nixpkgs/pull/157161/files | 12:48:35 |
| raitobezarius | to try to get it sync with the timeout PR | 12:48:43 |
| raitobezarius | so we can have super nice tests | 12:48:46 |
| raitobezarius | nikstur: help me | 12:51:07 |
| raitobezarius | and get blitz to help me too | 12:51:16 |
| 24 Oct 2023 |
| raitobezarius | Robert Hensing (roberth): I see that you recommended testBuildFailure but it relies on drv.overrideAttrs to perform the inversion of success internally | 01:00:50 |
| raitobezarius | The issue is that you also introduced lib.lazyDerivation for the test itself | 01:00:59 |
| raitobezarius | So if I do something like testBuildFailure (runTest ./timeout.nix) I will be in trouble | 01:01:12 |
| raitobezarius | * So if I do something like testBuildFailure (callTest (runTest ./timeout.nix)) I will be in trouble | 01:01:20 |
| raitobezarius | Because lazyDerivation never offers overrideAttrs I suppose | 01:01:29 |
| raitobezarius | and I'm not so sure about | 01:02:24 |
| raitobezarius | (a) adding overrideAttrs to lazyDerivation | 01:02:29 |
| raitobezarius | (b) making lazyDerivation overridable | 01:02:33 |
| raitobezarius | (c) removing lazyDerivation from test | 01:02:37 |
| raitobezarius | I feel like this defeat the whole purpose of lazyDerivation to override it | 01:03:31 |
| raitobezarius | Maybe I should hack a way to do "test build failure" inside of the test itself directly… | 01:03:54 |
 Robert Hensing (roberth) | raitobezarius: lazyDerivation has a passthru argument where you can put more stuff if really needed, but I think it'd be cleaner to expose it through the config attribute. ie create a new option that contains the raw test driver without lazyDerivation | 10:03:36 |
| Robert Hensing (roberth) | that way we keep all the internals behind a single attribute, config | 10:03:51 |
| raitobezarius | In this instance I only need a drv that can have overrideAttrs for the test itself | 10:05:11 |
| raitobezarius | So should I do raw test to be the drv and test to be the lazy derivation? | 10:05:36 |
| Robert Hensing (roberth) | https://github.com/hercules-ci/nixpkgs/commit/fbe79d17fb5fdea4777640f353a80b5f1196c1cc | 10:10:49 |
| Robert Hensing (roberth) | is what I had in mind | 10:10:52 |
