| 24 Jul 2025 |
 K900 | Not really? | 15:14:28 |
| K900 | Why? | 15:14:31 |
 just1602 | Just to understand how this nixpkgs minver change is gonna be a mess.: D | 15:16:03 |
| just1602 | * Just to understand how this nixpkgs minver change is gonna be a mess. :D | 15:16:23 |
 emily | the PR title is inaccurate | 15:16:26 |
| emily | it bumps to 2.18, which Lix forked from | 15:16:30 |
| emily | and runs the checks that were done against 2.3 against Lix instead | 15:16:45 |
| emily | so it should be no problem for Lix (or slightly better even) | 15:17:01 |
| emily | however I believe Tvix/Snix are still targeting 2.3 so who knows what will happen | 15:17:27 |
| just1602 | In reply to @emilazy:matrix.org
however I believe Tvix/Snix are still targeting 2.3 so who knows what will happen I'm wondering if they could start to target lix 😅 | 16:22:11 |
 John Ericson | https://github.com/NixOS/nix/issues/13544 do you all do this yet by any chance? | 19:12:25 |
| emily | it's technically a compat break | 19:46:01 |
| emily | since it changes hashes | 19:46:04 |
| emily | what is SHA-1 even used for at this point? seems like it'd be better to try phasing it out? I assume nothing in Nixpkgs is pinned by SHA-1 | 19:46:20 |
| emily | well, actually, for Git they just run it in checking mode and abort if a potentially-colliding input is detected | 19:46:47 |
| emily | which is still a compat break, but at least not silent hash changing | 19:46:52 |
| emily | if it's for Git revs then you want to be doing that but I assume libgit2/git(1) will already handle the hashing there | 19:47:08 |
| emily | pkgs/servers/mx-puppet-discord/node-packages.nix
111: sha1 = "532e01241dbcb0f2769f1b9a7cde313d30101173";
120: sha1 = "68018cab4f59834b3fef2e59fbfd52938403e001";
129: sha1 = "52b0e8bb808a1202602899af67939b049dd42402";
138: sha1 = "0a37a3f9430ff7c29512d29882e25ae738a31283";
🫣
| 19:49:51 |
| emily | apparently these are the only SHA-1 pins left in Nixpkgs | 19:49:55 |
| emily | seems like giving them the URL literals etc. treatment would be the way forward | 19:51:48 |
 jade_ | agreed | 22:10:28 |
| jade_ | i think the correct attitude is just making lix reject those | 22:10:36 |
| jade_ | also surely mx-puppet-discord is unmaintained lol | 22:10:59 |
| jade_ | * also surely mx-puppet-discord is unmaintained cuz that looks like generated code lol | 22:11:09 |
| emily | it's some huge generated Node package blob yeah. no idea about maintenance state | 22:12:58 |
| emily | In reply to @jade_:matrix.org
i think the correct attitude is just making lix reject those probably want to keep around a flag forever for old Nixpkgs compat. though I don't know how high a priority that is since I think Lix has removed things used by prehistoric Nixpkgs. but SHA-1 was probably more recently used | 22:14:19 |
| emily | e.g. by everyone's favourite Chromium update script | 22:14:32 |
| jade_ | indeed. i mean. the real point is that lix becomes a linter when it bans stuff | 22:14:38 |
| emily | which is an argument against using SHA1DC | 22:14:46 |
| jade_ | * indeed. i mean. the real point is that lix becomes a linter when it bans stuff and ensures it is gone from nixpkgs forever | 22:14:49 |
