22 Oct 2024 |
| niko ⚡️ changed their profile picture. | 11:49:17 |
KFears (tragedy arc) | In reply to @esperlily:matrix.org all this stuff is deprecated because third-parties are supposed to use the App Sandbox now (which is controlled with code-signing entitlements), though fundamentally it's the same sandbox implementation So basically, to work with App Sandbox, we gotta obtain a license and pay money? And even then, we'll just suffer immensely? | 11:56:42 |
KFears (tragedy arc) | Any opportunities to, like, use Docker or bwrap or something to not suffer quite as much? | 11:57:11 |
EsperLily [she/her] | In reply to @kfears:matrix.org So basically, to work with App Sandbox, we gotta obtain a license and pay money? And even then, we'll just suffer immensely? no, the App Sandbox is fundamentally the same thing as what we're using, and you can use ad-hoc signing too for it, but switching to it just actually makes things harder because specifying a custom sandbox profile (as opposed to the default) requires entitlements (and I'm not sure if it requires Apple to bless that entitlement but maybe?) and of course we're changing the sandbox profile for every build we do but the process we're invoking for the build is typically the same, so the App Sandbox just doesn't work for us at all | 11:58:53 |
EsperLily [she/her] | the App Sandbox is really just meant for apps distributed through the App Store or (for macOS) distributed as a signed downloadable app, it's not meant for something like what we're doing, sandbox_init() is the right API there | 11:59:55 |
EsperLily [she/her] | the fact that sandbox_init() is deprecated is annoying but Apple can't actually get rid of it without breaking too much stuff (including their own apps, a bunch of system apps use that for their own security) | 12:00:46 |
KFears (tragedy arc) | Jesus... | 12:07:58 |
| aktaboot changed their profile picture. | 12:11:09 |
| heph joined the room. | 14:40:39 |
WeetHet | Redacted or Malformed Event | 14:54:53 |
WeetHet | Redacted or Malformed Event | 14:54:53 |
WeetHet | Redacted or Malformed Event | 14:54:53 |
raitobezarius | jade_ with pennae, we might have found an issue with the buildbot deployment and i applied postgresql optimizations | 14:56:41 |
raitobezarius | and the instance seems faster | 14:56:44 |
raitobezarius | to everyfew using the buildbot and finding it "really slow", please report if you notice significant improvements | 14:56:58 |
raitobezarius | also, you can review our Grafana on buildbot here: https://grafana.forkos.org/?orgId=1&refresh=5s | 14:58:16 |
raitobezarius | * also, you can review our Grafana on buildbot here: https://grafana.forkos.org/?orgId=1&refresh=5s&var-datasource=mimir&var-tenant=lix&var-hostname=buildbot&var-diskdevices=%5Ba-z%5D%2B%7Cnvme%5B0-9%5D%2Bn%5B0-9%5D%2B%7Cmmcblk%5B0-9%5D%2B | 14:58:43 |
raitobezarius | pyroscoping is still in order but will take my soul to package | 15:01:31 |
raitobezarius | ok performance regressed again | 15:13:32 |
raitobezarius | https://git.lix.systems/lix-project/buildbot-nix/pulls/31 i'm trying to push the needle with bbprofiler | 15:14:06 |
raitobezarius | (untested) | 15:14:14 |
9999years | only tangentially related but check out my git worktree manager!
https://becca.ooo/blog/announcing-git-prole/ | 16:44:28 |
LordKekz | This is epic, thanks for sharing! | 16:52:57 |
9999years | yw! | 17:42:29 |
9999years | more relevant for this chat is my gerrit helper, which makes it easy to check out CLs (git gr checkout 2034 ), rebase a stack of CLs (git gr restack && git gr restack push ), list CLs (git gr query ), open CLs in your browser (git gr view ), and more! https://github.com/9999years/git-gr | 17:45:49 |
KFears (tragedy arc) | This looks interesting | 17:46:10 |
KFears (tragedy arc) | I'm not sure if I'll actually use it, I kinda want to try out jj and other git alternatives to get rid of my bad git habits in a more systematic way | 17:46:47 |
KFears (tragedy arc) | Gerrit CLI is quite nice even now, though! | 17:47:14 |
9999years | i don't use jj much myself, although i've been meaning to take another look at it now that they sort of have support for branches, but i suspect it would work nicely with git gr ; the workflow it encourages where you check out commits directly in the detached HEAD state is not based on branches | 17:48:43 |
9999years | git gr automates a bunch of tasks that otherwise require copying urls/commands from the gerrit web interface | 17:49:48 |