| 23 Jun 2021 |
 abueide | ok thanks i have some ideas of things to try now | 17:01:13 |
| abueide | finally a new error to try solving, so exciting haha
In file included from /nix/store/b9g4wkdn7gz0qyc8x4ihb3y6p9ykyr3w-Libsystem-1238.60.2/include/alloca.h:27:
/nix/store/b9g4wkdn7gz0qyc8x4ihb3y6p9ykyr3w-Libsystem-1238.60.2/include/sys/cdefs.h:761:2: error: Unsupported architecture
#error Unsupported architecture
| 18:02:22 |
 Sandro | are you on aarch64? | 18:03:53 |
| abueide | yeah i guess apparently this whole time i was running in rosetta | 18:05:07 |
| abueide | when i try to build x86_64 I still get the header files not found problem | 18:05:38 |
| abueide | but when i try building with arm64 i get this issue | 18:05:50 |
| abueide | but now i'm learning that it looks like nix doesn't support aarch64 yet | 18:06:34 |
| abueide | so maybe i'm still on the same error | 18:06:41 |
| Sandro | Nix on m1 is flaky. | 18:09:05 |
| Sandro | Support could be better | 18:09:10 |
| abueide | would you recommend to keep trying to build x86_64 on m1 or should i just wait until aarch64 support is ready? | 18:13:28 |
 abathur | I imagine it depend a bit on your timeline, though I'm not up on that effort... some others (perhaps toonn and thefloweringash ?) may have a better sense of where it stands | 18:35:36 |
 toonn | I'm not sure I'd say flaky? | 18:59:24 |
| toonn | Support could definitely be better though. | 18:59:31 |
| Sandro | In reply to @toonn:matrix.org
I'm not sure I'd say flaky? It is not consistently good across the board and time | 21:20:53 |
| toonn | Flaky to me means more that things work when the stars align but are fragile. Afaik once you get the bits that are there set up they just work. I'm not familiar with Aarch64 hardware though. | 21:27:19 |
 magpi | Hello :) I'm very curious: how come none of the software involved with nix seems to be code signed, yet runs with no complaints from GateKeeper? | 23:12:23 |
| abathur | not sure if you're fishing for something specific, but AFAIK there's no One Weird Trick here; a technical blog post like https://eclecticlight.co/2020/11/16/checks-on-executable-code-in-catalina-and-big-sur-a-first-draft/ should lay it out well enough | 23:33:22 |
 emily | afaik there's no verification done when you run command-line stuff in terminal since it's not spawning an app or whatever | 23:42:12 |
| emily | that would make too much sense, macOS code signing features are there to annoy you, not to protect your system :P | 23:42:31 |
| emily | Apple Silicon requires signatures on all binaries afaik but the "signature" can just be a hash for anonymous stuff | 23:42:49 |
| emily | oh hm I guess going by that article I'm wrong | 23:43:14 |
| emily | oh, I see, the flowchart shows it pretty much unconditionally works even for unsigned binaries | 23:43:44 |
| emily | something has to be different for .apps at least since you do get a warning opening Nix-built app bundles | 23:44:11 |
| magpi | The other day I compiled a CLI tool and sent it to someone else and they had to accept gatekeeper warnings before it would run; considering everything published by Apple says you need to sign things before they will run, I wondered how nix gets away with it. (My app loads some path-relative dylibs so maybe my situation is different) | 23:47:53 |
| abathur | mmm, maybe quarantine depending on how it was sent? I'm not certain whether that applies at all on the CLI or not | 23:48:46 |
| abathur | similar post for that https://eclecticlight.co/2020/10/29/quarantine-and-the-quarantine-flag/ | 23:49:35 |
| abathur | I think that mostly comes down to what is downloading it? like, I think safari will set it, probably Mail, etc. | 23:50:04 |
| magpi | Good grief, that website is a goldmine! | 23:51:07 |
| abathur | lapcatsoftware and mrmacintosh are good as well hmm | 23:52:11 |
