00:11:13 is anybody here bored right now and has a working linux docker environment? 00:16:58 depends, what do you want to do? 00:17:02 jbo: 00:17:49 souji, somebody submitted a build that failed in form of a Dockerfile and I don't have a setup ready to test it 00:18:02 souji, https://github.com/simulton/QSchematic/issues/65#issuecomment-1950975618 00:18:04 Title: Build faild when disable QSCHEMATIC_BUILD_STATIC under linux · Issue #65 · simulton/QSchematic · GitHub 00:18:04 65 – certian password entry errors confuse vipw forever https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=65 00:19:11 I'll take a look at this 00:21:23 souji, is my understanding correct that it's a matter of copy-pasting that Dockerfile and running docker? or would that be more effort for you? 00:22:20 jbo: no, I think I just need to build the image 00:26:03 jbo: For me it does not find the headers QPointF and QObject 00:28:55 souji, so same issue then :/ 00:29:21 wait a second... 00:29:28 souji, how good is your docker knowledge? All I know is that this builds out of the box in a Ubuntu VM and some other Linux distros - but don't have a docker based CI 00:30:06 it should make no difference if you build it in a docker container or a VM 00:30:20 that's what I thought - hence I was wondering if somebody can reproduce this :) 00:34:02 does the build work in a VM? 00:34:12 yes 00:34:16 also in the github action runner 00:34:24 what OS do you use? 00:34:34 Ubuntu 2-something 00:34:47 although that is not building & installing the GPDS dependency manually, instead it uses -DQSCHEMATIC_DEPENDENCY_DOWNLOAD=ON 00:34:56 builds also work under FreeBSD 00:35:07 In that case it might be some debian problem 00:35:25 I'll try to use a ubuntu image for the docker container 00:38:50 souji, I hope that's not a major effort on your end. 00:48:10 jbo: did you also tried to run it with: QSCHEMATIC_BUILD_STATIC=OFF? 00:55:12 souji, interesting... 00:55:22 souji, that is indeed failing o.O 00:55:38 souji, I just checked and the CI has not been updated for that scenario 00:58:14 souji, seems to work on FreeBSD. time to investigate why those includes are not being found. I can certainly reproduce this in an Ubuntu 23 VM 00:59:34 ok, at that point I have no clue how CMake works... Good luck 00:59:46 I appreciate your help, thank you! 01:01:35 no problem 01:15:17 fixed :) 01:18:06 nice :) 01:18:17 what was the issue? 01:21:52 https://github.com/simulton/QSchematic/commit/66a7cb1b8b8f0e78f012bb59ba3db346431c2213 01:21:53 Title: cmake: Fix qschematic-wiresystem-test target · simulton/QSchematic@66a7cb1 · GitHub 01:22:13 forgot to update the CMake script of a test case which was still hardcoded to link towards the -static target .__. 01:25:26 ah ok xD 05:47:28 jmnbtslsQE, please include my nickname in the message so I get a notification. 05:49:08 Back to php, Let me give you an example: I'm asking which is better to use to get to the store bus or train, and you answering - you better smell food before eating... 08:16:29 man, I really love bectl(8) so much. It's a helpful companion for the CURRENT user. Takes away the fear. :) 08:22:44 kenrap, I had so many times issues with bectl 08:23:22 how come? 08:23:34 its ok if zfs is working properly, but once it become corrupted - recovery and mounting partitions become sooooo difficult, next to impossible 08:24:24 IMHO - recursive snapshots + !!! exporting snapshots to some external/ different storage regularly is a MUST 08:25:16 bectl basically substitutes a boot environment with snapshots .. 08:26:30 nerozero: how often do your zfs filesystems become corrupted? 08:26:35 Degraded =/= Corrupted, I had couple of times issues loading zfs after upgrading 08:26:41 On a related note, I do take advantage of making recursive boot environments with the -r flag when creating them 08:27:28 lw, I had it twice, 1 happened when upgrade the bsd, second time due to hard drive issues 08:29:35 snapshot =/= backup, the backup is when you put your data to a different storage media, better - not connected ( all the time ) to a given machine 08:30:08 On the same installation I'm using, I went from 13.2-RELEASE -> 14-CURRENT -> 14-STABLE -> 15-CURRENT and didn't have a single zfs corruption 08:31:05 I will consider doing the backup approach as well 08:31:06 it was back when freebsd was not build around openzfs 08:31:20 But my lesson was lerned hard 08:32:18 if I recall correctly it was 12.x -> 13.0 but maybe it was earlier 08:34:37 I could have a dedicated external drive to store my exported snapshots backups 08:34:48 And exported snapshot gives you a chance to restore entire system on a different machine from scratch 08:35:39 zstd doing compression quite fast so pipe zfs send to zstd 08:37:03 if recover is need - just prepare new boot partitions on a fresh drives and receive back your data 08:37:23 Sounds great! 08:38:07 keep 1-2 snapshots on the machine so in case of troubles - you will be able to roll back quickly 08:39:07 and do not forget to make recovery freebsd live usb drive 08:39:11 always handy 08:40:08 yeah, I need to download a (working) CURRENT usb img to flash a usb drive with. 08:40:44 In my case I bought 64GB fast flash drive and installed headless bsd there 08:41:53 with read/write access to it, but you can do the same with a live image, you just need to modify a mounting type and expend it to entire drive, not too hard to do 08:45:09 how do you modify the mounting type of an img? 08:45:39 that would be something interesting for me to keep in mind 08:45:44 kenrap, you dont, you can modify content of the live image on say usb drive 08:45:53 mount it and growfs 08:46:02 and change fstab 08:47:06 you can install a new ports there afterwards say vim is a must to me with some plugins and some poudriere keys 08:47:43 gotcha 08:48:29 https://docs.freebsd.org/en/books/handbook/disks/#disks-growing 08:48:30 Title: Chapter 20. Storage | FreeBSD Documentation Portal 08:49:56 if I recall correctly image mount its partition in 2 steps, so you need to do that twise on both partitions 08:58:03 I just figured out on my own how to resize the old school MBR slice partitions and then the freebsd-ufs partition for the usb filesystem, since the img file flashes with the MBR table. I haven't done this before in FreeBSD, so that's how "new school" I am here 08:58:41 and now I can growfs(8) it 08:59:13 Awesome! 08:59:25 and make install to it from what I already built with my CURRENT build 09:00:31 ages ago I used to build my own kernels, now days it is way to time consuming and hard to maintain, so I stick to generic 09:01:48 AFK 09:05:01 That's how I was with my Linux days, but overtime I got so tired of it when I didn't want to deal the tediousness of rebuilding because of missing driver/module and just wanted to use generic kernel with their initramfs built in. In this case with FreeBSD, I rather have the GENERIC prebuilt modules there ready for devd to load them just from plugging something compatible in. No fuss and it's GSD-friendly. 09:14:45 GSD == Getting Sh*t/Stuff Done :) 09:19:32 some people do linux because gsd 09:21:01 that's not my point, and of course sure. 10:56:12 Hello. 10:56:19 How can I dedicate a separate ip for jail? 10:57:14 ...add the following lines to /etc/rc.conf: 10:57:35 defaultrouter="192.168.1.1" 10:57:40 what should be here? 10:57:49 what if i connected through 192.168.100.1 router? 12:17:58 hi , i just installed samba419-4.19.4, now there is no start script in /usr/local/etc/rc.d no more 12:20:49 never mind, it wasa me 14:07:02 Any developers/committers around? I've got sparc related question I'd like to ask in private ;) 14:19:12 kaktus: elo 14:19:29 y0 14:19:49 kaktus: now that you're here I've got someone to blame 14:20:13 i blame freebsd 14:54:47 ketas, people that do linux because gsd probably don't have any serious stuff to get done :p 14:55:02 (mostly joking/teasing) 14:57:05 lw, ping (question regarding sublime-music) 14:59:08 jbo: hi 14:59:55 lw, good morning 15:00:16 lw, I guess I should give you the courtesy of taking back the sublime-music PR? :D 15:00:45 lw, I recall that when we talked about it you said it needed python 3.11. According to the patch 3.10 is fine too? 15:01:19 jbo: i built it with 3.11 because it's what i have here, 3.10 should work 15:01:42 I can already feel the pain testing this 15:01:54 jbo: based on the comment that 3.11 is coming "soon" and we'll skip 3.10 entirely, we could just make it require 3.11 instead of spending hours building 3.10 to test it 15:02:18 lw, before I run into the same trap again: did you successfully testport for 13.2-RELEASE and 14.0-RELEASE too? :) 15:02:24 lw, yeah, that is what I was thinking too... 15:02:35 no, because i don't have X/Wayland installs on those versions to test with, i'd have to set up dedicated VMs or something 15:02:53 maintainer gotta maintain, bro :p 15:04:11 so everyone who maintains a port that uses X keeps a VM of every supported FreeBSD version around to test on? 15:04:18 I do 15:04:34 and most maintainers I know do too 15:04:52 there is no hard ruling but maintainers are expected to test (also runtime test) their packages on common configurations/setups. 15:05:21 lw, I'm wondering whether we should just sit it out until 3.11 has actually become the default - rather than handling the sublime-music PR upfront and having awkward discussions about it. What is your opinion on this? Are you in a hurry with this PR? 15:06:07 does that make anything easier? the testing procedure is the same, it's just a case of setting DEFAULT_VERSIONS+=python=3.11 in your make.conf(s) 15:06:41 if I read the patch correctly DEFAULT_VERSIONS+=python=3.10 should work too, no? 15:07:45 lw, I have limited CPU time. right now I only have one 32-cores/256GB-RAM box left for dicking around. I take it that this would probably take up +10 hours :D 15:08:00 but I don't have a good feeling for the python deps tree 15:13:30 nerozero: your question is nonsense 15:13:42 it's also not related to freebsd 15:13:51 lw, I hope I didn't piss you off - honestly just trying to get your opinion! 15:15:30 nerozero: unless you're talking about ports and packages when you say "modules" - in that case you just upgrade to lang/php$VERSION, then lang/php${VERSION}-extensions 15:16:24 (though the extensions one also has PHP has a dependency) 15:19:09 jbo: you 'only' have one machine with 32 cores and 256GB RAM? maybe that's why all this compiling seems so easy for you :-) i have to test everything on my 8-core desktop, and poudriere kills interactive performance 15:20:01 nerozero: if you're upgrading extensions, ensure that lang/php${V}-extensions build the same extensions as what you currently have installed 15:20:14 jbo: yes, python3.10 should work too, but then you don't know if it works with 3.11, right? (i guess this makes python ports hard to test because you have to build with every python version, it's a bit easier in this case since only 10 and 11 are supported, and i assume we don't need to test with 12) 15:20:37 jmnbtslsQE, thank you for reply. No I dont use php-extensions 15:21:07 lw, I have two machines with 28-cores/126GB RAM each and one with 32-cores/256GB RAM. but only the latter one is currently not busy. My desktop is a rather slow i7-8086k with 64-GB RAM. I am desperately trying to raise the money for an upgrade to a Xeon w5-3435X :D 15:21:49 lw, yeah, as a committer I'll have to test for both 3.10 and 3.11 if I do my job properly right now. hence I'm trying to understand whether it's worth the pain or whether we can wait until we have 3.11 as default :D 15:22:06 jbo: also, this is not a trick question (i promise): you have to test on 13 and 14 before your commit will be approved, right - you can't just take my word for it that i did that? so isn't it a bit of a waste of time that we both do exactly the same testing? :) 15:22:15 jbo: i can't answer that, i guess it's a question for python@ 15:22:25 nerozero: i think the php-extensions port/package is a good way to install the extensions that you want. you just need `make config` to choose the extensions to install (or `poudriere options [...]` 15:23:02 if you don't have any extensions to install then there is nothing to do than just upgrading the PHP package/port 15:23:07 jbo: my feeling is that since 3.11 is about to become default, and 3.10 has never been and never will be the default, it makes more sense to just test on 3.11, but apparently my feelings don't exactly align with the project on this 15:23:26 Yes I do have poudriere but due to php often putting staff unto core modules the extention ruining everything 15:23:49 lw, the review/approval is only because I'm still under mentorship. that might go away soon (or not) but it's unrelated to being a regular committer. To actually answer the question: as a committer I'm responsible to ensure that nothing stupid happens and I will take the heat if it does. as much as I do appreciate your skill and experience I don't think that any committer would currently push this without properly testing it :p 15:24:16 lw, well, some of the project's decisions are also not on par with my preferences, but rules are there for a reason - I adhere to them even if it's not what I would be doing myself :) 15:24:24 partly also because there is a shit ton of stuff I simply don't know (yet) 15:24:41 there isn't a rule on this, is there? (what python versions you have to test on... at least besides the default, which is 3.9) 15:24:57 so - if there is no specialized approach like do-upgrade -from=php81 -to=php82 then IMHO there is no straight forward way which is works 15:25:24 s/unto/into/ 15:25:46 part of begin a ports committer is "be reasonable". Right now I would be pushing a port which cannot work with the default version and 3.11 is not there yet so I feel like I should also be testing with 3.10 given that this is not an unlikely scenario that users are currently encountering. 15:26:23 btw, you'll have to install navidrome or subsonic to actually test the app, it can't play from local files... 15:26:39 (or i could give you vpn access to my instance temporarily) 15:26:41 nerozero: what do you mean by module ? i have not had problems with this approach for some time: build updated extensions package, which includes the extensions that i want, and build updated php package. install them on a test instance and ensure it works. then install in production 15:26:48 lw, as a committer I am not responsible for runtime testing, only build testing. runtime testing _IS_ the maintainers job. 15:27:06 nerozero: the only extension i've had issues with is YAML, which can be built manually (not sure if that is the issue you encounter) 15:27:07 ok 15:27:28 lw, I appreciate that you are willing to consider giving me VPN access to your instance - that is very telling :) 15:27:28 like openssl recently was moved into core 15:27:37 jbo: please leave it for now, i'm busy at work and also need to do some tech work and home and won't have time to do this for at least a week or two (it's probably going to take a couple of days to test at least) 15:27:44 s/and home/at home 15:27:58 and a lot of other minor changes 15:28:39 upgrading from 7x to 8x had A LOT of different things. Anyway thanks for reply. 15:28:52 lw, alright. but just to be clear: This was supposed to be an open discussion - not me trying to be opinionated. I am very willing to move this forward before 3.11 lands if you'd like that. It will definitely take a couple of days tho. 15:28:57 OK 15:29:36 lw, so if you're even the slightest amount of salty about this please let me know now :D 15:30:04 lw, other than that - I am looking forward completing 277020 and 276996 :) 15:30:13 in the mean time i hope the package builder gets around to building the security/krb5-ldap flavour that Cy made for me 15:31:37 sounds like you're surrounding yourself with the mighty power of the committers lol :D 15:32:06 (apologies for the long review durations on my end - can't do much about it - part of the process of learning on my end). 15:32:09 well, by 'made for me' i mean i opened a PR and he committed it, we didn't have a secret meeting about it :-P 15:32:17 hah :p 15:32:52 lw, any ETA on the other two open PRs? (absolutely not necessary if there's none, just in case I could plan in the CPU time slots) 15:33:54 jbo: for 276996, do i need to test with every (supported) Go version? 15:35:07 i think, rather than doing this manually, it might makes sense setting up a local CI instance i can do automated testing on 15:35:16 lw, don't quote me on this but in this case I would expect the maintainer to test against the default go version only but definitely for 13.2-RELEASE and 14.0-RELEASE (and 15.0-CURRENT in your case). 15:35:23 not sure what people use for that other than gitlib which i really dislike 15:35:58 lw, you can setup different environments in poudriere and then just have a shell script. that is what I usually do. and when it comes to testing different port option combinations (which we have to), I do those by hand. 15:36:32 poudriere doesn't help with runtime testing, i'd need something to install the package, set it up with a config connected to a postgres instance, etc (at least for the exporter, wine i guess has to be tested by hand) 15:36:45 lw, I think(!!) that the situation with go versions is a lot less dire than with python versions. Hence my "opinion" above. 15:37:32 lw, as long as it's headless you can use the poudriere interactive mode. I do assume that you can have the postgres instance external to that jail. 15:38:10 anyway, i need to do some home work this week which is becoming more urgent (mount a new access point, move a couple of things to the rack, replace a switch...) which it going to take up my tech time for a few days, hopefully that'll be done in a day or two then i can look at setting up testing for those PRs 15:39:07 sure - no hurry from my side. 16:51:07 Howdy, folks. :) Apparently I am missing where encrypting ZFS datasets on FreeBSD is documented. I just went through https://docs.freebsd.org/en/books/handbook/zfs/ and did not see what I need to set up an encrypted ZFS dataset. Is this covered elsewhere than in the handbook? 16:51:08 Title: Chapter 22. The Z File System (ZFS) | FreeBSD Documentation Portal 17:07:39 unixman_home: Best to use GELI. The installer will do it. 17:07:55 unixman_home: Native ZFS encryption has many issues. 17:08:05 mason, thanks! 17:24:46 unixman_home, Good background article: https://klarasystems.com/articles/openzfs-native-encryption/ 17:24:47 Title: OpenZFS Native Encryption | Klara Inc 17:33:20 unixman_home, I strongly disagree on the native ZFS encryption has many issues comment. 17:33:54 I am using that very successfully for many years. From what I can tell, the only real drawback nowdays is that it exposes the datasets (i.e. an attacker will now that they exist even if they can't decrypt them) 17:36:46 rel: https://forums.freebsd.org/threads/geli-vs-zfs-encrypted-dataset.84721/ 17:36:47 Title: ZFS - GELI vs ZFS encrypted dataset | The FreeBSD Forums 17:40:06 rwp, jbo, thank you! 17:40:09 jbo: Um. There are a bunch of data-loss bugs, some quite recent. It's dangerous code. 17:40:37 jbo: If you want to risk your own data, fine, but let people know about the risks rather than party-lining them into data loss. 17:41:38 are those bugs documented or are they just some rumor? 17:41:46 tsoome: Pretty extensively documented. 17:41:56 you can't get more secure than lost data ;-) 17:41:58 link? 17:42:27 tsoome: Nope, busy just now. If I get some time. If you ask in the ZFS channels, someone will have a compilation handy. PMT used to maintain one and still might. 17:42:54 paulf, lol 17:43:05 mason, I'd also be interested in seeing those links (totally understand that you're busy now) 17:43:24 Once I'm done migrating VMs I'll dig it up, unless someone finds it sooner. 17:45:33 Here, actually. This is a reasonable read: https://www.phoronix.com/news/OpenZFS-Encrypt-Corrupt 17:45:35 Title: OpenZFS Native Encryption Use Raises Data Corruption Concerns - Phoronix 17:45:47 And PMT just noted https://github.com/openzfs/zfs/issues/15837 17:45:49 Title: Permanent zpool errors after a few days of making natively encrypted zvol snapshots with sanoid · Issue #15837 · openzfs/zfs · GitHub 17:45:49 15837 – NIC: ex0: Intel EtherExpress Pro/10 stopped working https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=15837 17:45:50 As I recall the majority of bugs I have read about recently were in the area of send|recv of encrypted datasets. Which I could imagine would have some corner-case issues for sure. 17:46:15 > A Phoronix reader wrote in today about an OpenZFS data corruption bug when employing native encryption and making use of send/recv support. 17:46:16 indeed. 17:46:22 rwp: That last one is just snapshotting. 17:46:34 So, if you avoid snapshots, it won't bite you? =cough= 17:47:08 Also of note, look at the span of time FreeBSD's ZFS has been impacted. These are not new and not going away terribly fast. 17:47:22 It's worth noting the history of the issues. 17:47:41 https://github.com/openzfs/zfs/issues/11688 17:47:44 Title: permanent errors (ereport.fs.zfs.authentication) reported after syncoid snapshot/send workload · Issue #11688 · openzfs/zfs · GitHub 17:47:45 11688 – clarify send-pr categories... https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=11688 17:48:02 I have never been an early adopter of things like this. I am still waiting for 14.1 before I upgrade. I have not installed zfs native encryption yet. Still using GELI on the laptop. 17:48:58 I found 14.0 compelling enough that I've got it rolled out several places. I'm probably 50/50 right now. 17:49:27 rwp: Note that the most recent bug linked goes back to FreeBSD 12. 17:50:09 https://github.com/openzfs/zfs/discussions/15267 17:50:10 Title: Decryption errors start occurring after several days of uptime · openzfs/zfs · Discussion #15267 · GitHub 17:53:28 I am a little confused about those bugs. 15837 seems to be unrelated to zfs. 11688 seems to be a documentation bug? I don't know as I did not understand it at all. 15267 looks like a serious one in the area of send|recv though. 17:53:40 Anyway. Today, I'm clearing one of my Debian hypervisors so I can one again have a dedicated FreeBSD hypervisor/jail host. I've got VMs hosting jails now, but it feels like time to shift my infrastructure more solidly to Debian, migrating services to jails, etc. 17:54:01 i've seen that bug with sanoid causing data corruption on encrypted datasets... i posted on fs@ about it a while ago (no response though) 17:55:11 It'll be super useful when native encryption is as solid as most of ZFS. Illumos, for instance, inherits Solaris's lack of stacking block layers, so there is no equivalent to GELI or LUKS that can work on Illumos. Native encryption would fix that. 17:55:38 That native encryption doesn't allow for multiple keyslots, however, has bothered me a lot since before it was released. 17:56:39 Tragicomically I have a friend (running Ubuntu) who is compiling OpenZFS top of tree in order to avoid some of the known bugs in the Ubuntu stable release. But he was complaining that he keeps needing to keep compiling a new version due to the continuous finding of new bugs. 17:57:18 rwp: That's partly exacerbated by Canonical introducing new bugs of their own randomly/accidentally. 17:57:41 So yeah, people build their own and dance through hoops to suppress the shipped versions. 17:57:57 Meanwhile... I have not hit a zfs bug in FreeBSD during my normal use which is repeatedly doing the same things and I am not poking into the corners and it has been very solid for me for the last two releases 12 and 13 that I have been using it. 17:58:35 rwp: That and the immensely better integration is part of my ditching Debian on several servers. 17:58:38 there was also a fun bug in 14.0 where any write to an encrypted dataset would cause data corruption, but that only happened if you loaded ossl(4) which isn't the default 17:58:53 so... i can certainly understand people wanting to avoid zfs encryption right now 17:59:52 Let me be clear... *I* am avoiding the fun new features. But I do want *all of you* to use the new features. Work the bugs out of them before I get there! :-) 18:00:36 haha 18:01:54 FWIW, I just remembered/found https://github.com/openzfs/openzfs-docs/issues/494 18:01:55 Title: Proposal: Consider adding warnings against using zfs native encryption along with send/recv in production · Issue #494 · openzfs/openzfs-docs · GitHub 18:06:15 I am poking at a different corner of things though. I am trying to run 4 displays. Anyone have that working? 18:06:20 If I add a second graphics adaptor (AMD Cedar HD 5450 using radeonkms) then of course I am forced to create an xorg.conf file, which I do as a snapshot of the running configuration with one graphics adaptor installed. 18:06:24 Then I install the second graphics adaptor of identical type, boot, vt console is okay, xinit then immediately crashes with a kernel general protection fault! 18:06:32 Logged "trying to bind memory to uninitialized GART" and other associated errors. 18:06:38 I pulled the card out so I could keep working on other things. But I need to start down the kernel debugging path on that one. 18:07:30 i would be mildly surprised if anyone had even tested DRM with two cards, tbh 18:09:28 A few years ago I was running xorg with two nVidia cards as my daily driver. If you ignore the "xrandr --setprovideroutputsource 1 0" magic incantation needed then it did work okay then. 18:12:16 Unfortunately life and time is what keeps everything from happening all at once. I will /suffer/ through only being able to use 2 displays for a while longer. :-) 18:23:23 heh 18:58:34 If I have to modify the REQUIRE line of an rc.d script, I assume I uncomment it? 18:59:00 CrtxReavr: no, that's a magical comment which is parsed by rc(8), leave it commented and just edit it 18:59:12 'k 19:10:09 Quick question with the security(7) man page. It talks about making sure that PTYs in /etc/ttys are specified as being "insecure" so that direct root logins via telnet(1) are disallowed. 19:10:33 Is this man page out of date? As far as I knew, telnetd isn't part of the base system 19:10:49 or is it in reference to those that still use telnetd? 19:20:42 RoyalYork__, I think you are correct. Though the feature is generic I rather understand that /etc/ttys is designed for hardware serial port terminals. 19:30:33 thanks 19:47:23 lw, that's not working. 19:48:42 I need named to start after dhcp6c is started. 19:51:05 https://bpa.st/5EPQ 19:51:06 Title: View paste 5EPQ 19:51:10 I think I see the issue. 20:22:01 Just ran a pkg upgrade and didn't catch that it removed Firefox, which appears to be missing from FreeBSD 14 quarterly. Any idea why this might be? 20:24:15 https://portsfallout.com/fallout?port=www%2Ffirefox%24 20:24:16 Title: Fallout list - FreeBSD pkg-fallout 20:25:28 hm, failed in build-depends firefox-123.0_2,2 depends on package: libvpx>=1.14.0 - not found 20:27:22 ah I see - I guess I should have snapshotted before upgrading packages. Still, a bit frustrating that I'm left without a working browser :( 20:32:31 seems like someone put firefox 123.0 into quarterly without checking that the changed dependencies are there as well 20:32:48 eek 20:33:37 stupid question, but will I need to wait a quarter for a fix? 20:34:04 ShinyCyril: you can temporarily work around it by installing it from latest 20:34:11 but yeah, not great. 20:37:57 hm, is cmt@ here, he cherry picked the firefox update without cherry picking the libvpx update 20:40:39 @dstolfa thanks for the tip - managed to install the latest libvpx :) 20:42:35 ShinyCyril: nah, the quarterly ports tree can be fixed by putting the libvpx update in there as well and if there are reasons against that, then by reverting the firefox update and then the builders have to build the fixed tree 20:42:45 Snapshot early. Snapshot often! 20:51:25 RoyalYork__, I spent a little time reading security(7) and honestly I am disappointed in it. It reads little like an authoritative OS manual and more like a personal blog posting of hints and allegations that one finds on the net. 20:51:41 As a blog we would forgive lack of detail because we know the person probably does not look at the source code. But for an OS manual I really expect more authority and detail. It reads as very slack writing to me.