| 19 Mar 2026 |
 37h4n | Hello! I'm Ethan Reece. I'm currently an MS CS student at UT Dallas, and I love to hack around with Nix configurations. I have a project that extends Devenv with automatic editor/AI integrations for LSP/formatters. I also have a set of extendable Nix configurations for myself that focuses on compartmentalization, and I recently started adding security hardening to the NixOS-specific portions, focusing on nix-mineral, lanzaboote, and impermanence modules and ideas from SecureBlue. In doing this, I've dug around Nixpkgs some, submitted update requests, applied PRs to my configs to fix broken packages, and fixed a nix-your-shell bug involving Nushell.
I came across GSoC recently and am also looking for more ways to get involved in open source projects that other people use (and am looking for Nix-related jobs as well). Seeing the ideas list, Review Nixpkgs PRs looks like something I could get involved in, and I'm also interested in ideas related to my development environment work in the project I mentioned above. I also find security interesting as well as security-focused OSes like Genode, which someone worked on a Nix integration for and I think is a cool idea.
Considering that I'm new to GSoC (and contributing in general), does anyone have any guidence or recommendations for next steps?
| 04:51:29 |
 Kaku | Hi, I’m interested in the “Improved release notes for Nixpkgs” GSoC project.
Could someone tell me who the mentor is?
| 06:31:26 |
 not-jack | Hey all, I'm Jack. I'm a computing science student from Utrecht University, and have been using nixos on multiple devices for around a year now. I maintain a few packages and services, but would like to sink my teeth in to something more technically challenging/involved, e.g. compiler, bootup, etc... | 10:56:24 |
|  Ugwu joined the room. | 14:58:59 |
|  pegion joined the room. | 15:13:03 |
| pegion set a profile picture. | 15:43:33 |
| pegion changed their profile picture. | 15:57:52 |
|  @squat:beeper.com joined the room. | 19:44:28 |
| @squat:beeper.com left the room. | 19:52:02 |
|  fexa joined the room. | 20:27:50 |
 Robert Hensing (roberth) | The review idea is a bit unorthodox if Google were to judge it by its title. I'd recommend to give it a twist, pick a particular set of packages, or a particular approach, perhaps automation. | 22:34:50 |
| Robert Hensing (roberth) | We don't have a designated mentor for this, but someone can still jump in. Knowing a mentor is not a requirement for submitting a proposal to GSoC | 22:36:28 |
 Omoruyi Emmanuel | Omoruyi Osakue: Could you tell me who the mentor is Review Nixpkgs PRs or am I too late? | 22:42:22 |
| Robert Hensing (roberth) | We don't have a designated mentor for this yet, but otoh this is our main activity so I don't think that should deter you | 23:04:29 |
| 20 Mar 2026 |
|  Clumsily6239 joined the room. | 05:22:18 |
| Clumsily6239 | Hi all,
I'm looking into the GSoC project for 'SBOM Accuracy and PURL Integration for Nixpkgs'. I noticed the mentor field is currently open on the ideas list, does anyone know who is the current mentor? I was reviewing the prior efforts and wanted to ask a few questions. | 09:44:38 |
| Clumsily6239 | * Hi all,
I'm looking into the GSoC project for 'SBOM Accuracy and PURL Integration for Nixpkgs'. I noticed the mentor field is currently open on the ideas list, does anyone know who is the mentor? I was reviewing the prior efforts and wanted to ask a few questions. | 09:44:47 |
 fricklerhandwerk | This is the right place to ask those questions, the SBOM team will be delighted to help you out: https://matrix.to/#/#nixpkgs-sbom:matrix.org | 10:00:12 |
| Clumsily6239 | Oh, ty. | 10:03:26 |
| Clumsily6239 | Can we also propose our own ideas? Is that allowed? | 10:30:27 |
| not-jack | Yea | 10:59:07 |
| Clumsily6239 | I was looking at the list of ideas for GSoC, and came across the "Enhanced Patch Information Extraction" project.
I read through the referenced issue, and there doesn’t seem to be a clearly enforced format for how patches are named or described, apart from some CVE-related patches including identifiers.
I wanted to better understand what the intended goal of this project is, whether the focus is on standardizing how patches are described, extracting structured metadata from existing patches for downstream tools, or a combination of both. | 11:45:12 |
| Robert Hensing (roberth) | A combination of both. Note that the ideas are just suggestions. Ultimately it's the submissions to GSoC that get reviewed | 12:05:36 |
| Robert Hensing (roberth) | * A combination of both. Note that the ideas are just suggestions. Ultimately it's your submissions to GSoC that get reviewed | 12:05:45 |
| Clumsily6239 | Got it, thanks! | 12:19:29 |
 Tristan Ross | I believe I should be under that | 15:18:54 |
| Tristan Ross | Yeah, I think that is one that I proposed when I was asked about GSoC ideas a while back. Some of it is there's patches which fixes CVE's but they do not contain a CVE name in it. So it would require identifying that. I've also thought about adding vulnerability or patch metadata to nixpkgs. This is very useful to be able to say where a patch comes from if it's a vendored file. There's also various other things that become useful which could be attached. | 15:22:17 |
 Swaraj | Robert Hensing (roberth): Hi Robert! Just wanted to let you know that raf has agreed to be a mentor for the "Improved release notes for Nixpkgs" GSoC project! | 15:43:00 |
|  Ian joined the room. | 16:21:52 |
|  曜日 set a profile picture. | 17:37:28 |
