[Nix-dev] Proposal: Highly available security-specific trusted build infrastructure
Graham Christensen
graham at grahamc.com
Thu Oct 20 13:06:27 CEST 2016
Edit: The last commit pushed out from hydra was the last commit from the
_previous week's_ roundup.
On Thu, Oct 20, 2016 at 7:05 AM Graham Christensen <graham at grahamc.com>
wrote:
> Hi Jascha,
>
> After each vulnerability roundup (
> https://github.com/NixOS/nixpkgs/issues/19678 was from yesterday) I try
> to watch hydra and make sure they get released soon. The last commit pushed
> out from hydra was the last commit from that roundup.
>
> Yesterday we went through ~20 vulnerabilities, and today I'm watching
> Hydra to identify problems potentially keeping the channel update done.
>
> I'm only able to do these vulnerability hunts and fixes once a week, is
> part of why there aren't more for the remainder of the week. Additionally,
> if you are able to volunteer time -- keeping an eye on build failures at
> https://hydra.nixos.org/jobset/nixos/release-16.09 and fixing them as
> they come up, that would also hasten the release process.
>
> Thank you,
> Graham
>
> On Thu, Oct 20, 2016 at 4:18 AM Jascha Geerds <jascha at jgeerds.name> wrote:
>
> I'm also not sure if another Hydra instance would be the right way. On
> the other hand, I would appreciate more frequent (security) updates for
> NixOS 16.09. Currently, the channel stucks for over a week for whatever
> reason...
>
> Same applies for nixpkgs-unstable where tests randomly (?) fail too
> which prevents channel updates. But that's another story.
> _______________________________________________
> nix-dev mailing list
> nix-dev at lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.science.uu.nl/pipermail/nix-dev/attachments/20161020/caf46f8b/attachment.html>
More information about the nix-dev
mailing list