Robert Scott
Robert Scott
The issue is that `relro` is an ELF thing and doesn't really mean anything on a Mach-O system as far as I can tell.
Simply that older leptonica versions have security vulnerabilities meaning we (NixOS) can't ship them. Perhaps this is an indication that we should just drop the qt-box-editor package, but as long...
Working with a similar setup myself, the critical component here seems to be using `pandas` > 1.0.5.
Sorry, I don't. I just know that given two setups identical apart from `pandas` version with throw this error for me with pandas >= 1.1.0
Indeed, if you simply revert pandas back to that prior version on an otherwise unmodified `master`, the error reoccurs. @martindurant if you have Nix installed, we can guide you to...
I certainly think this conversation needs to be revived because of the security implications of > Nix reuses existing fixed-output outputs between different derivations without actually checking the derivation actually...
You're _close_ to the scenario detailed by that author to the security team. Ultimately we can never completely *stop* a malicious change missing the attention of a reviewer (and this...
> So what I think we need is some CI check that will try to download any fixed output derivation that is new and verify it gets the same hash....
We were looking into this area a month or so ago and I desperately wanted to try and find a way of observing CF's already-existing healthchecks either through monitoring or...
This may risk going offtopic, but I'd quite like an _access-time_-basis for prioritizing deletions. Doing quite a lot of nix development, many things I build may not _currently_ be in...