| The claim that Chrome was not updated on the unstable branch for weeks is wrong. The two releases in question are: 88.0.4324.96 on Jan 19: https://chromereleases.googleblog.com/2021/01/stable-channel... 88.0.4324.146 on Feb 2: https://chromereleases.googleblog.com/2021/02/stable-channel... The commits updating them in nixpkgs are: https://github.com/NixOS/nixpkgs/commit/5b6d3c4b13e50540d044... https://github.com/NixOS/nixpkgs/commit/4fe69d33aeb6dac647e4... The first landed in master on Jan 19 (the same day), the second landed in master on Feb 3 (one day late). The way nix works, the CI has to build and verify a large chunk of packages before it gets promoted to unstable. So when did they hit nixos-unstable? It's not possible to tell from git alone, but the history of the channel is archived here: https://channels.nix.gsc.io/ I did the search and the first release hit nixos-unstable on Jan 21 18:20:45 (UTC), and the second on Feb 6 08:30:17 (UTC). So around two days and four days. The backports to nixos-20.09 hit that branch on Jan 26 16:55:17 and Feb 6 13:45:20, so seven days and four days. I'm not sure what the parent commentor was doing that led to them missing these updates. To be clear, this is not a great record. I was running nixos-20.09 and I updated my system ahead of the channels (which is fairly easy, not at all difficult as the parent comment implies). But it's not "weeks", and it's not that bad for a volunteer project. |
The interval of time during which I was most concerned about unpatched holes in Nixos-unstable's google-chrome was the days leading up to Mar 12.