00:04:42 i gtg, but if this somehow still produces the same i686 linux archive: can you exec into your gitrun container and look for unbound-1.19.1-86cd726f39e.tar.gz and zeromq-4.3.4-ce87484fee4.tar.gz, docker cp them out of there and upload them somewhere for me? 00:05:57 you got it 00:06:23 thanks for the patience. I don't think this is user error. one way or another, happy to help 02:40:44 alright, I will have to upload those items for you. hash still same as last time. docker inspect --format='{{index .RepoDigests 0}}' ubuntu:bionic returns error: no such object: ubuntu:bionic. Weird. Will look tomorrow 03:12:47 https://send.vis.ee/download/94ab4016df0ac303/#hbEBAtc1zggVWBnackLJfw 03:14:14 net/tor: improve address parsing https://paste.debian.net/hidden/72ed4eb6 03:15:09 Sorry, should also link writeup (if you can call it that): https://codeberg.org/jpk68/monero/pulls/13 03:22:45 cc sech1 03:35:48 LGTM 09:30:14 hi folks - is there a list somewhere of current core team members? 09:34:05 Did you look on getmonero.org ? If it's anywhere, it's most likely there. 09:37:07 Yep I did, couldn’t see anything authoritative. 09:38:12 Just looking to see how big the team is really. No hass. 09:46:05 scoobybejesus: can you send me the output of: docker history --no-trunc base-bionic-amd64 09:46:14 and also docker exec -it gitian-target bash and then the output of apt list --installed 10:35:57 john_alan: They're all around you, answering your questions too. 😁 10:36:10 https://mrelay.p2pool.observer/m/matrix.org/THrFIUSfZbrjvvoIKIYfInBD.jpg (Screenshot_20260509-172340.jpg) 11:14:04 yes > using a reproducibility issue on an unimportant target (e.g. i686 linux) to get all builders to use fresh (malicious) images is exactly how i would expect someone to attempt to backdoor our gitian builds 13:19:26 <321bob321> @xorchi2:matrix.org: There everywhere, but nowhere 14:06:42 tobtoht: docker history: https://paste.debian.net/hidden/e5661c35 apt list: https://paste.debian.net/hidden/9c0f0fdf 14:45:03 scoobybejesus: thank you. can you: docker cp gitrun:/home/ubuntu/builder/var , zip this directory and upload it somewhere? 15:25:56 tobtoht, sure thing. https://send.vis.ee/download/ead92293bbae6a59/#r7CVHEjeiUNWdPZFmnlMXQ heading out for a bit 16:17:04 fun now we have AI bots opening PRs and then quickly closing them again because their prompt says don't waste maintainer time 16:24:28 I was about to mention that earlier. I dont like how the commits arent attributed to the LLM 16:25:53 They should at least leave the LLM as the author/co-author, no? Theres been a handful of these no-attribution prs opened just this week 16:31:08 https://github.com/monero-project/monero/pull/10551 16:31:08 https://github.com/monero-project/monero/pull/10446 16:31:08 lol.. 16:31:33 are these accts run by bots? 16:33:14 And their controller is another bot. 16:36:55 [a-z]{5}9 16:45:04 GitHub ban system is working perfectly, I see 16:46:42 well, maybe they pay for copilot 🧠 16:47:08 Just realized that I'm still listed under "Top Committers" somehow? 16:47:09 https://github.com/monero-project/monero/pulse 16:47:24 You can still see my bio and picture if you hover over the icon 16:51:12 @jpk68:matrix.org: is ur github acc banned ? 16:51:18 Yes :( 16:51:25 Damn why ? 16:51:38 "Abuse of GitHub actions" which I have never even used 16:51:58 Now I have to bother people every time I want to submit a PR 😎 16:52:15 you can make a new account to ig 16:52:46 I've tried that as well 16:53:14 they dont alllow making a new account too ? 16:53:50 The CAPTCHA is plain broken 16:53:51 https://github.com/orgs/community/discussions/57317 16:53:51 https://github.com/orgs/community/discussions/183787 16:55:08 Damnn Github is cooked 16:56:08 Tryna get me banned :P > <@jpk68:matrix.org> "Abuse of GitHub actions" which I have never even used 17:14:51 scoobybejesus: Ok, so far I found a mitigation for the next release. I don't know the root cause yet. 17:16:24 some of the bot PRs are not bad, like from what I can tell this does fix a bug https://github.com/monero-project/monero/pull/10549 17:17:29 but yes it would be nice if fully autonomous account would disclose being bots 17:30:20 https://github.com/monero-project/monero/pull/10556#issuecomment-4413129012 lmfao 17:30:51 Not even the same account 17:34:11 "approved" "im closing after review so im not wasting maintianers time" 17:34:49 It just closed it again 💀 17:35:22 Talk about wasting maintainer time 17:35:39 If it closes it again, i'll just re-steal the credit and resubmit it 17:36:49 tobtoht let me know if you want me to pull in a PR or patch to run again to confirm 17:40:01 wait monero is getting clanked ? 19:23:46 .merge+ 10517 10518 10519 10546 19:23:46 Added 19:24:35 bot was sleeping 21:25:01 <321bob321> selsta: You can. There is a project put in there contribute for bots to get priority to put robot emojis in the title . 22:37:36 .merge+ 10568 22:37:36 Added