| 29 Jul 2025 |
 emily | and it says that's the motivation in the description | 14:37:12 |
| emily | I'm not just making up that being the plan :P | 14:37:34 |
 Sandro 🐧 | as long as you don't leak them in nix-shell | 14:37:40 |
| Sandro 🐧 | * as long as you don't leak it in nix-shell | 14:37:46 |
| emily | we had regressions from overfancy Bash optimizations and agreed that slimming down Python to allow its use in hooks would be better | 14:37:52 |
| emily | the hooks can just be Bash stubs that call out to a wrapped Python | 14:38:02 |
| emily | (and that can be abstracted) | 14:38:10 |
| emily | shouldn't be any leak | 14:38:11 |
| emily | I wouldn't want to use python3Minimal for a random stage 2 application but I think "not bloating initrd by 100 MiB" is a fair use case if it works | 14:38:35 |
| Sandro 🐧 | lucky, those deps are pretty minimal and don't do import * | 14:39:04 |
| Sandro 🐧 | yeah, exactly | 14:39:27 |
| emily | (looks like pyroute2 does have Netlink-over-TLS support but uh, I hope IfState isn't using that) | 14:39:40 |
| emily | (it would need an import ssl making conditional I suppose, so not zero effort) | 14:39:53 |
 hexa (clat on linux when) | when would you use Netlink-over-TLS? | 14:40:13 |
| emily | 0.1.4
netlink: remote netlink access
netlink: SSL/TLS server/client auth support
netlink: tcp and unix transports
| 14:40:24 |
| hexa (clat on linux when) | that sounds like exposing it cross host or something weird | 14:40:25 |
| emily | I mean I guess it's just a protocol… | 14:40:27 |
| emily | nothing's stopping you | 14:40:30 |
| emily | if you're nuts | 14:40:32 |
| emily | I bet some HPC cluster is doing crimes like that | 14:40:48 |
| Sandro 🐧 | but do you then want to run the normal ifstate also with python3Minimal? You kinda want to do that as otherwise you have bugs that only exist in initrd and then we have a random application in userland running python3Minimal which we don't really want to 😅 | 14:40:52 |
| emily | it's like the management port on DSA switches! | 14:40:56 |
| hexa (clat on linux when) | as long as it doesn't require any features not covered by it, why not | 14:41:13 |
| emily | stage 1 environment is already moderately different tbf, but yeah I'm not sure. I wouldn't be super mad about python3Minimal in stage 2 for something core like this | 14:41:22 |
| hexa (clat on linux when) | the use case of having it in initrd makes it preferable | 14:41:25 |
| emily | I mean really the answer is don't use Python for this layer of the stack | 14:41:28 |
| emily | but sounds like upstream already knows/is working on that | 14:41:32 |
| Sandro 🐧 | python has nothing for such inbuilt things, so we also need to run all tests and everything with python3Minimal as otherwise we might sneak some bug by | 14:41:45 |
| emily | I'm also fine with just having huge initrds if it's not a problem for people | 14:41:49 |
| emily | but it does make it less appealing I think | 14:42:13 |
