I have a tentative resholve update that introduces a Nix API for doing very-rudimentary binary analysis to judge how likely package executables are to be able to exec commands present in their arguments (previously mentioned in this comment on RFC 75).
I couldn’t find much precedent to model it after, so I’m seeking feedback on some high-level questions and concerns.
I prepared a gist laying out:
- what resholve is, if you aren’t familiar
- the problem this feature helps address
- the general approach to the problem
- the implementation, with a focus on the component I’m seeking feedback on
- a list of questions I already have
Happy to discuss wherever (here, on Matrix, on gist, etc.)