Re: [Nix-dev] Debugging callPackage builds?

... And anyway, the problem I was trying to debug turned out to be the GHC library ID bug. :) On Fri, Feb 26, 2016 at 10:11 AM Anand Patil < anand.prabhakar.pa...@gmail.com> wrote: > Never mind, figured it out: nix-shell ./nixpkgs -A > packages.haskell.compiler.ghcjs . I was confused because

Re: [Nix-dev] Signed git

> The binary caches are signed by the build farm, i.e. the mapping from > expressions to binaries is "safe". That's probably the only signing ATM. > For transporting nix expressions we offer https. > > Disclaimer: I'm no security expert. And I dislike giving a false feeling > of security. > >

Re: [Nix-dev] Debugging callPackage builds?

Never mind, figured it out: nix-shell ./nixpkgs -A packages.haskell.compiler.ghcjs . I was confused because nix-shell ./nixpkgs/pkgs/development/compilers/ghcjs was complaining that it didn't have default values for all the arguments. Anand On Thu, Feb 25, 2016 at 7:18 PM Anand Patil

Re: [Nix-dev] Signed git

For anyone not following the issue tracker, there's a related discussion going on there: https://github.com/NixOS/nix/issues/613 On Fri, Feb 26, 2016 at 7:06 AM, Eelco Dolstra wrote: > Hi, > > On 26/02/16 11:06, Vladimír Čunát wrote: > > > That is, assuming the ISOs

Re: [Nix-dev] Signed git

Hi, On 26/02/16 11:06, Vladimír Čunát wrote: > That is, assuming the ISOs are copied to the binary cache. I briefly > looked for the latest 15.09 ones, and they seem not to be there: > - latest channel revision: 922f03 > - the build: http://hydra.nixos.org/build/32068791#tabs-summary > -

Re: [Nix-dev] Signed git

On 02/26/2016 12:16 PM, Oliver Charles wrote: > You can only point to something if you can sign that pointer. Just > telling me a narinfo without any more information (that is, signing > that) puts us back to square one. Ah, I didn't realize you wanted to sign the act of releasing another ISO

Re: [Nix-dev] Signed git

You can only point to something if you can sign that pointer. Just telling me a narinfo without any more information (that is, signing that) puts us back to square one. On Fri, Feb 26, 2016 at 10:06 AM Vladimír Čunát wrote: > On 02/26/2016 09:55 AM, Oliver Charles wrote: > >

Re: [Nix-dev] Fwd: Fwd: Wiki is dead

Heck, even Apple uses it: https://github.com/apple/swift/tree/master/docs On Fri, Feb 26, 2016 at 10:05 AM, Freddy Rietdijk wrote: > It makes sense not to have multiple formats inside a single document. As > Eelco mentioned, it makes it harder to move around fragments,

Re: [Nix-dev] Signed git

On 02/26/2016 09:55 AM, Oliver Charles wrote: > Signed SHAs and the like give us a way to say "I am releasing this > version, and you have a way to check that 'I' really said it". We could point to the corresponding narinfo file. For any package there's a signature of the build farm. That is,

[Nix-dev] Fwd: Fwd: Wiki is dead

It makes sense not to have multiple formats inside a single document. As Eelco mentioned, it makes it harder to move around fragments, and, as I experienced now by using the `toDocbook` function, you still end up with XML errors. Therefore, instead of having to debug errors related to one format

Re: [Nix-dev] Signed git

I don't think S3 is looking for accountability but reproducibility. With nothing signed it's unclear what you should really be expecting for the release ISOs. Signed SHAs and the like give us a way to say "I am releasing this version, and you have a way to check that 'I' really said it". On Fri,

Re: [Nix-dev] Signed git

On 02/26/2016 08:19 AM, S3 wrote: > So, as far as I can tell, nothing is signed. The binary caches are signed by the build farm, i.e. the mapping from expressions to binaries is "safe". That's probably the only signing ATM. For transporting nix expressions we offer https. Disclaimer: I'm no

Re: [Nix-dev] Fwd: Wiki is dead

On 02/25/2016 01:39 PM, zimbatm wrote: > The output file wasn't exactly right, I had to replace ` id="something">` to `` tags and wrap it in a tag. That's because pandoc uses an older version of docbook where some tags are different. (IIRC I looked a few months ago and it didn't support the