| 13 Sep 2022 |
 f0x | and the bridge uses none of the crypto stuff anyways | 13:08:54 |
| f0x | but fair, yeah | 13:09:00 |
 hexa | wow 😕 | 13:09:06 |
| f0x | it's a dependency downgrade, but still in the supported semver by matrix-appservice-bridge^3.2.0 | 13:11:41 |
| f0x | * it's a dependency downgrade, but still in the supported version range by matrix-appservice-bridge^3.2.0 | 13:11:47 |
| hexa | I don't have a strong opinion in this case | 13:19:25 |
| hexa | I'm not sure if or when they will bump the lower end | 13:19:56 |
| hexa | both are band-aids | 13:20:11 |
| hexa | * both solutions are band-aids | 13:20:15 |
| f0x | yep.. | 13:20:38 |
| hexa | https://matrix.org/blog/2022/09/13/security-release-of-matrix-appservice-irc-0-35-0-high-severity | 16:25:22 |
| hexa | unstable-small has the bump fwiw | 16:25:29 |
 @pacien:pacien.net | In reply to @hexa:lossy.network
roast me (╯°□°)╯︵ ┻━┻
(ノಠ益ಠ)ノ✂️
https://github.com/NixOS/nixpkgs/pull/186316#discussion_r970080894 | 21:06:14 |
| hexa | Notkea: if you could try building the rust native thing, unless you're in a hurry | 21:07:23 |
| hexa | that would be neat | 21:07:29 |
| @pacien:pacien.net | I tried. This requires napi-rs, which requires Yarn v2, whose lock format isn't supported by our yarn2nix… | 21:08:05 |
| hexa | oh boy | 21:08:23 |
