| 19 Aug 2025 |
 jade_ | if we wanted to kill a dependency by using openssl in place of libsodium that sounds good to me, i am not at all fussed either way. | 18:28:26 |
| jade_ | p low on my concerns priority list in the end | 18:28:38 |
 raitobezarius | In reply to @aloisw:julia0815.de
Libsodium also had quality incidents in the past, like https://github.com/jedisct1/libsodium/commit/ad4584d45590654b9d863ced90d2b2561d5cfbda . hm oof indeed | 18:33:53 |
| jade_ | however, as stated, crypto code breaks very loudly and we are not encrypting anything confidential | 18:34:12 |
| raitobezarius | oh lol vcunat intervening in that commit in the comment area | 18:34:25 |
| jade_ | so it is very hard for them to fuck up in a way that materially affects us | 18:34:30 |
| jade_ | ... besides that | 18:34:54 |
| raitobezarius | yeah, i can review a patch moving to openssl if needed | 18:36:34 |
| raitobezarius | i doubt that openssl can fuck up ed25519 but also it's a bit frightening because i think most people using ed25519 use it via libsodium | 18:38:07 |
| raitobezarius | https://git.lix.systems/lix-project/lix/issues/969 cc Kira as aloisw pointed very good reasons to perform that switch | 18:42:10 |
| jade_ | raitobezarius: is your epyc still available for room-heating (mass scale remote builds)? i um, have a use case for a large scale change by messing with the pytest packaging. | 18:42:58 |
| raitobezarius | yes it is | 18:43:05 |
| jade_ | awesome | 18:43:09 |
 Rutile (Commentator2.0) feel free to ping | is it relevant for me to know what you are (planning to) doing? | 18:45:26 |
 helle (just a stray cat girl) | sweats profusely at this idea oh no jade, I am worried | 18:45:54 |
| jade_ | setting dontWrapPythonPrograms = true on it | 18:47:15 |
| jade_ | globally | 18:47:19 |
| Rutile (Commentator2.0) feel free to ping | raitobezarius: can you punch ci/pipeline for 3992? it just says "verfied -1" without any explenation and doesn't update on push | 18:47:25 |
 emily | I'm pretty sure nixpkgs-review on a pytest change will rebuild most of the package set | 18:47:27 |
| jade_ | i also think this will happen :P | 18:47:36 |
| emily | I would recommend testing direct dependencies only (which will still be a billion things) | 18:47:37 |
| raitobezarius | In reply to @commentator2.0:elia.garden
raitobezarius: can you punch ci/pipeline for 3992? it just says "verfied -1" without any explenation and doesn't update on push it's the ASAN flakiness | 18:48:05 |
| jade_ | hm, is there a way to bazel uquery 'rdeps(//:pytest)' in nix? | 18:48:06 |
| raitobezarius | i kicked it again | 18:48:08 |
| emily | trofi has a script lying around somewhere. you can also just rg | 18:48:29 |
| emily | there is a simple design that could be used to add a --depth argument to nixpkgs-review I cooked up a while ago | 18:48:39 |
| emily | but nobody has offered to get nerd sniped into implementing it | 18:48:45 |
| jade_ | okay, that's fair. hm, i wonder if i can write a treesitter query for it actually | 18:48:48 |
| jade_ | worth learning it | 18:48:51 |
| emily | well the hard part is not finding the files. | 18:48:57 |
