npub1nkvpa088yl6l404ft8pkg085aypy3rn7zc3xe69dke3mhau0fxyqudmuy8 (npub1nkv…muy8) let's say you have package C depending on B which depend on A
A has a security vuln, you'd have to rebuild A, B, C in the Nix model
With grafting, you assume that you could just rebuild A and convince B, C that A is still the "same" dependency, that's grafting (graft on the dependency tree)
It's not culturally developed in Nix (system.replaceRuntimeDependencies) because it can break in complicated ways if the new A breaks ABI
Raito Bezarius /
npub1t2…w5ty4
2023-08-09 18:43:44
in reply to nevent1q…xvg0
Author Public Key
npub1t2c07cksmsemlfwr8qxej8n9pexz3w2f7m2jfch0wurgar4lxl2shw5ty4Published at
2023-08-09 18:43:44Event JSON
{
"id": "896383d62203b264febbe62b5f8b48e3db4015cc14104b21a267320d8d33995c",
"pubkey": "5ab0ff62d0dc33bfa5c3380d991e650e4c28b949f6d524e2ef77068e8ebf37d5",
"created_at": 1691606624,
"kind": 1,
"tags": [
[
"p",
"9d981ebce727f5fabea959c3643cf4e902488e7e16226ce8adb663bbf78f4988",
"wss://relay.mostr.pub"
],
[
"p",
"d8ac6e484f946941f4f6dde295cc6fa659ba1aea429040758ecc428883e38d64",
"wss://relay.mostr.pub"
],
[
"e",
"98a3dcef30e9c15230d5cc9e00b1fc0a7a0b3b4ed157cc14509a06d4c00c8ca0",
"wss://relay.mostr.pub",
"reply"
],
[
"proxy",
"https://nixos.paris/users/raito/statuses/110861131739117429",
"activitypub"
]
],
"content": "nostr:npub1nkvpa088yl6l404ft8pkg085aypy3rn7zc3xe69dke3mhau0fxyqudmuy8 let's say you have package C depending on B which depend on A\n\nA has a security vuln, you'd have to rebuild A, B, C in the Nix model\n\nWith grafting, you assume that you could just rebuild A and convince B, C that A is still the \"same\" dependency, that's grafting (graft on the dependency tree)\n\nIt's not culturally developed in Nix (system.replaceRuntimeDependencies) because it can break in complicated ways if the new A breaks ABI",
"sig": "89b02695c26e55e7457b13c4c00d95629ccff6161072b13c07887f68ea6d91a4f016eec10dd0ae667336417d2b2c5f7146a970d7adb0e7d95a6d368d17ed6f60"
}