!UNVBThoJtlIiVwiDjU:nixos.org

Staging

400 Members
Staging merges | Running staging cycles: https://github.com/NixOS/nixpkgs/pulls?q=is%3Apr+is%3Aopen+head%3Astaging-next+head%3Astaging-next-25.11 | Review Reports: https://malob.github.io/nix-review-tools-reports/128 Servers

You have reached the beginning of time (for this room).


SenderMessageTime
29 Jun 2026
@qyliss:fairydust.spaceAlyssa RossWe could, as a distribution, update a vulnerable library once, for all packages in Nixpkgs, regardless of maintenance17:08:55
@qyliss:fairydust.spaceAlyssa Ross * 17:09:01
@qyliss:fairydust.spaceAlyssa RossInstead, every hobby single person upstream project has to react to security patch releases in all of their recursive dependencies. This sucks.17:09:23
@qyliss:fairydust.spaceAlyssa RossIt's not impossible to solve this problem with lockfiles, but they do discourage it17:15:06
@lach:delta.rocksLachIts just that I have many things that I wish to upstream to nixpkgs, but the situation is awful with python, its either using old libraries, or applying tons of patches on top of them Making this a package maintainer problem doesn't seem to be a better solution17:15:18
@lach:delta.rocksLachAs for lockfiles, CVE fixes are usually patch releases, I actually have a solution for that which involves patching lockfiles for patch package versions... I wonder if it can be applied to nixpkgs17:16:45
@qyliss:fairydust.spaceAlyssa Rossthat is a possible solution17:17:15
@k900:0upti.meK900 hexa we have to eat a python-redis rebuild 17:36:28
@k900:0upti.meK9008.0.0 literally can't connect to a Unix socket17:36:28
@hexa:lossy.networkhexa🤷17:37:02
@hexa:lossy.networkhexahow large can the rebuild be17:37:19

Show newer messages


Back to Room ListRoom Version: 6