| 29 Jul 2025 |
 emily | though hexa (clat on linux when) is the real judge | 14:32:00 |
| emily | (and stage 1 is a kind of bootstrap anyway :P) | 14:32:06 |
| emily | like we're slimming down python3Minimal to use in hooks | 14:32:13 |
| emily | but that's not required for bootstrapping | 14:32:17 |
| emily | Darwin bootstrap builds full python3 and works fine | 14:32:22 |
| emily | it's just more convenient to have a small thing | 14:32:32 |
 Sandro 🐧 | I don't see where it is used in hooks | 14:33:33 |
| Sandro 🐧 | it is only used in bootstrapping things where using python3 is not really possible | 14:33:46 |
| emily | that is the plan | 14:34:27 |
| emily | https://github.com/NixOS/nixpkgs/pull/417581 | 14:34:35 |
| emily | to do less bash | 14:34:37 |
| Sandro 🐧 | that's mainly cleaning up the horrible null override hacks which we stopped doing in packages some time ago | 14:36:42 |
| emily | looks like IfState needs jsonschema, pyroute2, pyyaml, setproctitle, and pyroute2 has no further deps… I think plausible it'll work with python3Minimal since it is systems programmy and presumably has no use for a TLS library or such | 14:36:43 |
| emily | please, this PR exists because of a conversation I had with DavHau and mweinelt in the staging room about using python3Minimal for stdenv hooks… | 14:37:09 |
| emily | and it says that's the motivation in the description | 14:37:12 |
| emily | I'm not just making up that being the plan :P | 14:37:34 |
| Sandro 🐧 | as long as you don't leak them in nix-shell | 14:37:40 |
| Sandro 🐧 | * as long as you don't leak it in nix-shell | 14:37:46 |
| emily | we had regressions from overfancy Bash optimizations and agreed that slimming down Python to allow its use in hooks would be better | 14:37:52 |
| emily | the hooks can just be Bash stubs that call out to a wrapped Python | 14:38:02 |
| emily | (and that can be abstracted) | 14:38:10 |
| emily | shouldn't be any leak | 14:38:11 |
| emily | I wouldn't want to use python3Minimal for a random stage 2 application but I think "not bloating initrd by 100 MiB" is a fair use case if it works | 14:38:35 |
| Sandro 🐧 | lucky, those deps are pretty minimal and don't do import * | 14:39:04 |
| Sandro 🐧 | yeah, exactly | 14:39:27 |
| emily | (looks like pyroute2 does have Netlink-over-TLS support but uh, I hope IfState isn't using that) | 14:39:40 |
| emily | (it would need an import ssl making conditional I suppose, so not zero effort) | 14:39:53 |
 hexa | when would you use Netlink-over-TLS? | 14:40:13 |
| emily | 0.1.4
netlink: remote netlink access
netlink: SSL/TLS server/client auth support
netlink: tcp and unix transports
| 14:40:24 |
| hexa | that sounds like exposing it cross host or something weird | 14:40:25 |
