| 17 Nov 2024 |
 SigmaSquadron | In reply to @sigmasquadron:matrix.org
As far as I'm aware, they don't use NixOS, so no. Maybe we can change that in the future! The Xen CM will publish it some time in December, to coincide with a website overhaul upstream is working on. | 16:15:18 |
| 20 Nov 2024 |
|  Inayet removed their profile picture. | 00:59:09 |
| 22 Nov 2024 |
|  Morgan (@numinit) joined the room. | 17:51:38 |
| 23 Nov 2024 |
 aleksana 🏳️⚧️ (force me to bed after 18:00 UTC) | https://x.com/CyanNyan6/status/1860081140088107027
Pls forward this | 04:00:16 |
| aleksana 🏳️⚧️ (force me to bed after 18:00 UTC) | https://vt.social/@lina/113532916219667185 | 17:06:05 |
| aleksana 🏳️⚧️ (force me to bed after 18:00 UTC) | This one instead | 17:06:11 |
| aleksana 🏳️⚧️ (force me to bed after 18:00 UTC) | ping @raboof | 17:10:20 |
| 25 Nov 2024 |
 Bryan Honof | I'm not quite sure if someone is still doing the socials. But if anyone knows how to access these, I wouldn't mind take it over for a little. | 07:45:24 |
 raboof | I have scheduled a few posts and am boosting stuff on Mastodon. Happy to point you in the right direction assuming people are OK with that. | 08:46:30 |
| 27 Nov 2024 |
 crertel | Hi!
I was redirected here to discuss things. I've made some PRs, some merged, some stalled, some pending, some closed. I'm happy to follow process, but I'd also like to be able to productively use my time and Github issues seems like a perfectly reasonable way of working out in the open (and discoverability for Matrix is suboptimal for discussion and decisonmaking when compared with forge tooling).
The PRs in question I'd like feedback on on pushing forward:
- https://github.com/NixOS/nixos-homepage/pull/1587 -- This one is about closing 1511, a pretty straightforward request by somebody ( fricklerhandwerk I think?) to start debloating the community page.
- https://github.com/NixOS/nixos-homepage/pull/1573 -- This one is about trying to figure out how to make security front-and-center on the site as something the NixOS distribution cares about. Currently, it's kinda buried in the community security team page--and working on this has shown that the email alias for
security@nixos.org seems to be either busted or have spotty connectivity to the folks on the security team (based on testing). The thing here is that I don't actually know what the security policy should be (though I have guesses) and I'm trying to avoid telling the security folks how to do their job. I was kinda hoping we could workshop the PR and get to a good place with stakeholders (as has happened successfully with, for example, the extensive work on the immich PR).
Thanks!
| 01:26:00 |
 hexa | 
Download image.png | 01:38:26 |
| hexa | security is already down here | 01:38:30 |
| hexa | we already get lots of useful reports | 01:38:34 |
| hexa | implementing well-known security is what is currently missing | 01:40:16 |
| hexa | https://en.wikipedia.org/wiki/Security.txt | 01:41:03 |
| hexa | https://datatracker.ietf.org/doc/html/rfc9116 | 01:41:15 |
| hexa | you kinda went in without a concrete plan | 01:41:41 |
| hexa | prior art was linked early on and not acted upon | 01:42:01 |
| crertel | I was asking for a plan, and the information you just gave me--which would've been helpful to have on a comment on that PR--is a big help. Thank you! | 01:42:05 |
| crertel | There's another philosophical question which is: would it be a good idea to put security right on the navbar? My personal bet is yes, because:
- there was a semi-high-profile kerfluffle earlier this year and not having an obvious single touchpoint seems to have hurt there.
- more generally (outside of internal NixOS stuff), one of the hugely useful things about using NixOS is supply chain integrity and other things of interest to security-conscious users.
| 01:45:33 |
| hexa |
there was a semi-high-profile kerfluffle earlier this year and not having an obvious single touchpoint seems to have hurt there.
Uh … what?
| 01:46:31 |
| hexa | I don't mind whether it is down there or up there, but the start page mentions security a bit too much | 01:47:15 |
| hexa | 
Download image.png | 01:47:18 |
| hexa | moving it up would improve the tab order | 01:47:36 |
| crertel | Sure, and we could probably stand to ditch a tab or two as well...it is a little busy. | 01:48:02 |
| crertel | (and again, I'm not wed to this, just kicking around an idea) | 01:48:19 |
 avocadoom | Hmmm, at some point we maybe should consider some kind of drop down menu for the main nav, otherwise this would clog up a lot | 01:49:01 |
| crertel | 
Download image.png | 01:49:27 |
| crertel | so that's what we have right now | 01:49:31 |
| avocadoom | Yup | 01:51:25 |
