| 28 Feb 2025 |
 vcunat | (136, was it?) | 06:42:48 |
| vcunat | * (since 136, was it?) | 06:42:51 |
 hexa | yeah, the esr-bin was lagging behind as well sadly | 06:42:54 |
| hexa | https://github.com/NixOS/nixpkgs/pull/384250 | 06:43:05 |
| vcunat | Right, I'm not watching -bin. | 06:43:36 |
 aloisw | In reply to @vcunat:matrix.org
Newer thunderbird-latest(-unwrapped) didn't seem to work well, so it remains rotting. https://github.com/NixOS/nixpkgs/pull/382444#issuecomment-2661364204 Should we guide users towards ESR with a warning then (assuming the profile is compatible with downgrades)? | 07:05:38 |
| vcunat | ESR is the default thunderbird. | 07:05:59 |
| vcunat | But maybe we could mark -latest as insecure. | 07:06:38 |
| vcunat | I'm testing everything with a single profile, so downgrades should be OK. | 07:06:59 |
| aloisw | In reply to @vcunat:matrix.org
ESR is the default thunderbird. Some people have -latest in their config and may not be aware that it is randomly 2 months out of date. | 07:12:17 |
| vcunat | Another option is to just merge the updates. | 07:13:20 |
| aloisw | If downgrades are supported, marking it insecure seems fine. | 07:13:35 |
| aloisw | In reply to @vcunat:matrix.org
Another option is to just merge the updates. I don't think this is a good option if the updates are broken and ESR is fine. | 07:14:23 |
| vcunat | Firefox 136 should happen in 4 days, so we could hope that TB 136 fixes this. | 07:16:50 |
 colemickens | I'm going to test the nixpkgs-mozilla smaller PR against some old/newer nixpkgs and merge it. | 16:47:55 |
| colemickens | But I'd also like to review K900's PR for rewriting flake-firefox-nightly tonight, maybe, and merge it. I tested it a bit yesterday and it seemed to work (though there wasn't a material update so it was a limited test). | 16:48:34 |
 emily | I suspect this can result in data loss | 17:25:28 |
| emily | (source: tried patching out the libolm Matrix support from Thunderbird; it clobbered user data upon switching back) | 17:25:53 |
| emily | (presumed corollary: rolling back to versions that don't support newly-added profile data probably deletes that data) | 17:26:07 |
 nbp | colemickens: Thanks for taking care of this repository :) | 17:38:30 |
| aloisw | In reply to @emilazy:matrix.org
(presumed corollary: rolling back to versions that don't support newly-added profile data probably deletes that data) So the question really is whether such new data have been introduced between 128 and 133, and if yes how bad they would be to lose. | 17:46:57 |
| 1 Mar 2025 |
| aloisw | As an additional data point, I have now "down"graded from 133 to 128.7.1 and my mail is still there. | 09:38:36 |
| hexa | I tested 135 and downgraded back to 128.7.1 before this discussion | 16:53:17 |
| hexa | https://ftp.mozilla.org/pub/security/nss/releases/NSS_3_109_RTM/src/ | 18:44:14 |
| hexa | no changelog yet | 18:44:17 |
| hexa | nvm, there is one on git | 18:44:43 |
| hexa | https://github.com/nss-dev/nss/blob/NSS_3_109_RTM/doc/rst/releases/nss_3_109.rst | 18:45:28 |
| hexa | ajs124: do you think this changes anything about cacert? https://github.com/nss-dev/nss/commit/12f97c4811c696a050861af04f930f96bc4ca3dc | 18:46:53 |
| hexa | https://github.com/NixOS/nixpkgs/pull/386166 | 18:48:43 |
| vcunat | Try building it and simply compare the bundles? The cacert package produces basically just this single text file. | 18:51:14 |
