ChanServ changed the topic of #zig to: zig programming language | ziglang.org | be excellent to each other | channel logs: https://irclog.whitequark.org/zig/
cenomla has quit [Quit: cenomla]
arBmind1 has joined #zig
arBmind has quit [Ping timeout: 264 seconds]
tiehuis has joined #zig
hasen_judy has joined #zig
_whitelogger has joined #zig
cenomla has joined #zig
cenomla has quit [Quit: cenomla]
cenomla has joined #zig
cenomla has quit [Client Quit]
cenomla has joined #zig
cenomla has quit [Client Quit]
cenomla has joined #zig
cenomla has quit [Client Quit]
cenomla has joined #zig
cenomla has quit [Quit: cenomla]
cenomla has joined #zig
cenomla has quit [Quit: cenomla]
cenomla has joined #zig
cenomla has quit [Client Quit]
cenomla has joined #zig
cenomla has quit [Quit: cenomla]
cenomla has joined #zig
cenomla has quit [Client Quit]
cenomla has joined #zig
cenomla has quit [Client Quit]
cenomla has joined #zig
cenomla has quit [Quit: cenomla]
cenomla has joined #zig
cenomla has quit [Client Quit]
cenomla has joined #zig
cenomla has quit [Client Quit]
cenomla has joined #zig
cenomla has quit [Client Quit]
cenomla has joined #zig
cenomla has quit [Client Quit]
cenomla has joined #zig
arBmind1 has quit [Quit: Leaving.]
_whitelogger has joined #zig
hasen_judy has joined #zig
cenomla has quit [Quit: cenomla]
cenomla has joined #zig
cenomla has quit [Quit: cenomla]
cenomla has joined #zig
cenomla has quit [Quit: cenomla]
cenomla has joined #zig
cenomla has quit [Client Quit]
cenomla has joined #zig
_whitelogger has joined #zig
<Wanddsd> I think manual memory management isnt that bothersome. It's the safety that is important, either I want total safety from a GC, from a perfect memory leak detection system or from some other type of static analysis like Rust. Just telling me "dont make mistakes" is really not enough in 2017 (imo)
hasen_judy has quit [Remote host closed the connection]
Wanddsd has quit [Ping timeout: 240 seconds]
hasen_judy has joined #zig
_whitelogger has joined #zig
arBmind has joined #zig
tiehuis has quit [Quit: WeeChat 1.9.1]
arBmind has quit [Quit: Leaving.]
cenomla has quit [Quit: cenomla]
cenomla has joined #zig
Wanddsd has joined #zig
cenomla has quit [Client Quit]
cenomla has joined #zig
zignube has joined #zig
zignube has quit [Ping timeout: 240 seconds]
hasen_judy has quit [Remote host closed the connection]
arBmind has joined #zig
zignube has joined #zig
<zignube> Is there any intent for ziglang.org to publish a public key and use it to sign downloads?
Graven has joined #zig
<Graven> Hi
<Graven> im new ;)
arBmind has quit [Ping timeout: 240 seconds]
Graven has quit [Client Quit]
arBmind has joined #zig
arBmind has quit [Ping timeout: 252 seconds]
pupp has joined #zig
zignube has quit [Ping timeout: 240 seconds]
_dev_zero has quit [Remote host closed the connection]
arBmind has joined #zig
_dev_zero has joined #zig
hasen_judy has joined #zig
hasen_judy has quit [Ping timeout: 258 seconds]
zignube has joined #zig
<andrewrk> Hi Graven
<andrewrk> zignube, the downloads are over https
<andrewrk> I'll see how much work it is to make the whole site https
<zignube> andrewrk: I'll take that as a "No" then. Interesting looking language, I hope it succeeds.
pupp has quit [Ping timeout: 264 seconds]
<andrewrk> zignube, I mean you can always compile it yourself. That's the only way to be 100% sure the private key wasn't compromised
<andrewrk> typically the way that package managers solve this problem is to save the hash of the download once, verify the contents, and make sure future downloads match that hash
<zignube> zignube: well, yes, that would be preferable to downloading a binary I guess, but I'd still feel safer with that signature. Perhaps I misunderstand, but it would tend to avoid trouble like that reported here,
<andrewrk> I'm only looking at the URL, but this is relevant only if malware gains root access
<zignube> Oh sorry, s/zignube:/andrewrk:/
<zignube> andrewrk: I daresay you're right. Thanks for answering my question.
<andrewrk> I'll try to work binary signing into future releases
<andrewrk> it's a bit of work to set up
<andrewrk> right now ziglang.org provides a hosting service for release binaries but not a verification service
<zignube> andrewrk: I don't mean to be more annoying than necessary, but.. isn't it just a matter of adding a .sig file alongside the main download? The pub key I guess you'd need to publish for a while to get it established, so to speak, so if an attacker tries to replace it too then people can notice something odd happened. Not trivial in all, I have to admit.
<andrewrk> zignube, and why is that .sig file to be trusted and not the binary served by the exact same host?
<andrewrk> if an attacker can compromise the binary download, they can compromise the .sig download
<andrewrk> and provide their public key instead of mine
<zignube> andrewrk: they can indeed do those things. But when I verify, my gpg installation will warn me that the signature isn't one I have in my keyring, assuming I already downloaded your valid public key. That would make me wonder what's going on and probably come here to ask.
<zignube> If that makes sense... I mean, provided I have your valid public key, an attacker can't sneak past that.
<andrewrk> interesting, that's pretty reasonable
<zignube> Well, unless that attacker gets your private key too. That would be bad, but if you can make a new programming language I'm pretty sure you're clever enough to keep a key safe.
pupp has joined #zig
arBmind has quit [Ping timeout: 248 seconds]
arBmind has joined #zig
Wanddsd has quit [Quit: Leaving]
zignube has quit [Quit: leaving]
<GitHub51> [zig] andrewrk pushed 1 new commit to master: https://git.io/vdNUL
<GitHub51> zig/master b3d12d2 Andrew Kelley: zig build: fix system libraries not respected for C artifacts...
<GitHub5> [zig] andrewrk pushed 1 new commit to master: https://git.io/vdNUz
<GitHub5> zig/master 9b91c76 Andrew Kelley: std.fmt.format supports ints smaller than u8...
<GitHub160> [zig] andrewrk pushed 1 new commit to master: https://git.io/vdNUh
<GitHub160> zig/master 1758939 Andrew Kelley: fix compiler crash regarding type name of undefined...
cenomla has quit [Quit: cenomla]
cenomla has joined #zig
_dev_zero has quit [Remote host closed the connection]
_dev_zero has joined #zig
cenomla has quit [Client Quit]
cenomla has joined #zig
meena has joined #zig
meena has quit [Remote host closed the connection]
meena has joined #zig
arBmind has quit [Quit: Leaving.]
arBmind has joined #zig
cenomla has quit [Quit: cenomla]
cenomla has joined #zig
arBmind has quit [Ping timeout: 240 seconds]
cenomla has quit [Client Quit]
cenomla has joined #zig
hasen_judy has joined #zig
cenomla has quit [Quit: cenomla]
ofelas has joined #zig
hasen_judy has quit [Ping timeout: 246 seconds]
ofelas has quit [Quit: shutdown -h now]
<GitHub117> [zig] andrewrk pushed 1 new commit to master: https://git.io/vdNYH
<GitHub117> zig/master a1af7cb Andrew Kelley: report compile error instead of crashing for void in var args...
arBmind has joined #zig
<andrewrk> tankfeeder, do you remember, was there an issue for the performance regression recently?
<GitHub103> [zig] andrewrk pushed 1 new commit to master: https://git.io/vdNsM
<GitHub103> zig/master c164235 Andrew Kelley: parse-c: improve performance...
<andrewrk> I just did a performance improvement on the C parser. Building tetris just went from 5.3 seconds to 0.76
pupp has quit [Ping timeout: 248 seconds]
mjacob has joined #zig
<mjacob> andrewrk: good to know that someone is trying to add a "stack size function" into a programming language
<mjacob> andrewrk: i have some ideas / comments which are a bit too off-topic for the llvm mailing list, but i'm happy to discuss them here
hasen_judy has joined #zig
hasen_judy has quit [Ping timeout: 252 seconds]
tiehuis has joined #zig
<tiehuis> setting the OS/ABI in the elf header to FreeBSD allows the hello world to run as expected, so doesn't seem a major
_whitelogger has joined #zig
<andrewrk> mjacob, I'd like to hear them
<andrewrk> although I'm going to be AFK for a while
<mjacob> andrewrk: i need some food before being able to discuss :)
<mjacob> andrewrk: let me know when you're back; maybe i'm still awake then
<andrewrk> mjacob, there is also https://github.com/zig-lang/zig/issues/157
<andrewrk> I can respond asynchronously
<mjacob> sure, i'll will wrote down the idea and we can defer the "interactive discussion" to later
<mjacob> s/idea/ideas/
hasen_judy has joined #zig
hasen_judy has quit [Ping timeout: 246 seconds]