| 8 Apr 2026 |
 emily | this seems confused. since nix-build --check clobbers signatures by itself. | 11:06:59 |
 ankarhem | Idk I know nothing about this but maybe?
ankarhem@mbp:~/ > codesign -vvv --verify $(which fish)
/etc/profiles/per-user/ankarhem/bin/fish: invalid signature (code or signature have been modified)
In architecture: arm64
| 11:07:40 |
| emily | and then the fix is a dreadful layering violation that probably has nothing to do with the fish thing. | 11:07:40 |
| emily | if it "fixes" the transient Hydra code signing issues then it's just going to fix them because rebuilds usually fix them | 11:08:11 |
| emily | left a comment on the PR for Claude to read ๐ | 11:13:06 |
| ankarhem | So should i just disable fish -> clean store -> rebuild until it works? | 11:19:03 |
| emily | nah, you'll pick up the broken build from Hydra :/ | 11:28:25 |
| emily | what will probably work is making a trivial change to fish in Nixpkgs | 11:28:37 |
| emily | like adding an unused environment variable to force a rebuild | 11:28:49 |
| emily | it'll also get fixed by the upcoming staging cycle | 11:28:57 |
| emily | this can also be done as a local override | 11:29:08 |
| emily | we really need to fix that code signing bug but it's deeply mysterious :/ | 11:29:20 |
 Randy Eckenrode | I sudo codesign the broken binaries in the store and go about my business. ๐ซ | 11:30:43 |
| ankarhem | Thanks for the help ๐ | 11:34:24 |
 viraptor | Has anyone gone through bootstrap successfully recently? I've got a really weird failure where ld64/objcimageinfo gets built and then... It's not there to install ๐ญ https://gist.github.com/viraptor/9d54036ed43fe23e80ff6966a204d7df | 16:26:43 |
| viraptor | Are there any samples uploaded? I've seen people running into this but no details. | 16:27:39 |
| Randy Eckenrode | I do this weekly. | 16:33:47 |
| Randy Eckenrode | Thatโs a weird error because the objcimageinfo binary is clearly linked earlier in the build process. | 16:35:28 |
| viraptor | Ok... I guess I'll rebase on latest and try again tomorrow before I start digging. | 16:37:09 |
| viraptor | Nope, same issue on master. | 16:47:46 |
| Randy Eckenrode | Do you happen to have running any kind of end point protection software? I once had that happen where it would delete files from the store, which would break things. | 23:47:58 |
| viraptor | Funny you mentioned it - I JUST got pinged by our security people. Crowdstrike messed it up ๐คฆโโ๏ธ | 23:57:38 |
| 9 Apr 2026 |
| emily | I believe Zhaofeng Li had a reproduction setup that you might be able to find if you search the history of this channel | 00:00:37 |
| emily | otherwise there are various store paths in the cache that exhibit it | 00:00:43 |
| emily | the bad outputs are just the same as the good outputs but with a different code signature though | 00:00:58 |
