Our great sponsors
nixpkgs | nickel | |
---|---|---|
969 | 46 | |
15,581 | 2,127 | |
4.9% | 3.0% | |
10.0 | 9.5 | |
about 17 hours ago | 3 days ago | |
Nix | Rust | |
MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
nixpkgs
- NixOS/nixpkgs: There isn't a clear canonical way to refer to a specific package
-
NixOS Is Not Reproducible
Yes, Nix doesn't actually ensure that the builds are deterministic. In fact it works just fine if they aren't. There are packages in nixpkgs that aren't reproducible: https://github.com/NixOS/nixpkgs/issues?q=is%3Aopen+is%3Aiss...
-
The xz attack shell script
I'm not familiar with Bazel, but Nix in it's current form wouldn't have solved this attack. First of all, the standard mkDerivation function calls the same configure; make; make install process that made this attack possible. Nixpkgs regularly pulls in external resources (fetchUrl and friends) that are equally vulnerable to a poisoned release tarball. Checkout the comment on the current xz entry in nixpkgs https://github.com/NixOS/nixpkgs/blob/master/pkgs/tools/comp...
-
Debian Git Monorepo
NixOS uses a monorepo and I think everyone's love it.
I love being able to easily grep through all the packages source code and there's regularly PRs that harmonizes conventions across many packages.
Nixpkgs doesn't include the packaged software source code, so it's a lot more practical than what Debian is doing.
-
From xz to ibus: more questionable tarballs
In this specific case, nix uses fetchFromGitHub to download the source archive, which are generated by GitHub for the specified revision[1]. Arch seems to just download the tarball from the releases page[2].
[1]: https://github.com/NixOS/nixpkgs/blob/3c2fdd0a4e6396fc310a6e...
[2]: https://gitlab.archlinux.org/archlinux/packaging/packages/ib...
-
GitHub Disabled the Xz Repo
True, but irrelevant -- _some packages_, _somewhere_, do depend on xz, which, if built, requires pulling the source from GitHub (see the default.nix: https://github.com/NixOS/nixpkgs/blob/nixos-23.11/pkgs/tools...)
It's not the vulnerability that's a problem right now (NixOS was protected by a couple of factors) but rather GitHub's hamfisted response.
That is the problem.
-
Combining Nix with Terraform for better DevOps
We’ve noticed that some users have been asking about how to use older versions of Terraform in their Nix setups [1, 2]. This is an example of the diverse needs of people and the importance of maintaining backward compatibility. We hope that nixpkgs-terraform will be a useful tool for these users.
-
Nix is a better Docker image builder than Docker's image builder
I think whateveracct was referring to is this link:
https://github.com/NixOS/nixpkgs/blob/master/pkgs/developmen...
What that file is doing, is building a package, and it essentially is a combination of what Makefile and what RPM spec file does.
I don't know if you're familiar with those tools, but if you aren't it takes some time to know them enough to understand what is happening. So why would be different here?
-
Use Ansible to create and start LXD virtual machines
#!/usr/bin/env nix-shell #! nix-shell -i bash #! nix-shell -p sops #! nix-shell -I https://github.com/NixOS/nixpkgs/archive/refs/tags/23.05.tar.gz source config.sh "$@"
-
What AI assistants are already bundled for Linux?
NixOS just got tabbyml[1] which is built on llama-cpp. Working on systemsd services the weekend and updating latest tabbyml release which supports rocm in addition to cuda
nickel
-
Nix – A One Pager
So, its key features are:
1. domain-specific: designed for conveniently creating and composing derivations. This reason alone already justifies a new language, or an embedded domain-specific language (such as the Guile/Scheme for guix), or a mix of both (Starlark, the build language of Bazel embedded in a restricted Python-variant).
2. purely functional: this ties well into the philosophical backing of Nix the package manager, which aims to be purely functional, also known as hermeticity in other build systems (Bazel).
3. lazily evaluated: similar to other build systems (including Bazel), so that you can build only what you need on demand.
4. dynamically typed: this one is controversial. Being dynamically typed—in other words, not developing a type system—gets Nix out of the door first. But users often complain about the lack of proper types and modularity. There are experiments to address this, such as Nickel (https://github.com/tweag/nickel).
It is understandable that a one-pager may not have space for the whys.
-
10 Ways for Kubernetes Declarative Configuration Management
Nickel:Nickel is a straightforward configuration language aimed at automatically generating static configuration files. Essentially, it's akin to JSON with the addition of functions and types.
-
Show HN: Togomak – declarative pipeline orchestrator based on HCL and Terraform
Also look at nickel which is an evolution of nix. It's my favorite in this space.
nickel-lang.org
- Show HN: Flake schemas – teaching Nix about your flake outputs
-
What config format do you prefer?
Or this https://github.com/tweag/nickel
-
Nickel 1.0
Nickel is a programming language. While HCL is just a configuration format, so not really comparable.
Here's a comparison with similar tools: https://github.com/tweag/nickel#comparison
-
Announcing Nickel 1.0, a configuration language written in (and usable from) Rust
As for 'providence', I suppose you meant provenance :) it's been delayed because this was less critical for 1.0 to decide on or to implement (as it: it doesn't break backward compatibility in any way to add this feature in the short term), but this is very much on the roadmap: Issue #235. That's a must-have in a language with merging like Nickel.
-
Rewrite it in Rust: Kubernetes
Have you considered using a different language for templating? this could be a BIG selling point. Some good ones are cue-lang (though I haven't seen support for rust), kcl or nickel-lang.
- Nickel v1.0.0
- Design rationale for the Nickel configuration language
What are some alternatives?
asdf - Extendable version manager with support for Ruby, Node.js, Elixir, Erlang & more
rnix-lsp - WIP Language Server for Nix! [maintainer=@aaronjanse]
Home Manager using Nix - Manage a user environment using Nix [maintainer=@rycee]
nixos - My NixOS Configurations
git-lfs - Git extension for versioning large files
nix-gui - Use NixOS Without Coding
easyeffects - Limiter, compressor, convolver, equalizer and auto volume and many other plugins for PipeWire applications
nix-doc - An interactive Nix documentation tool providing a CLI for function search, a Nix plugin for docs in the REPL, and a ctags implementation for Nix script
spack - A flexible package manager that supports multiple versions, configurations, platforms, and compilers.
AppImageKit - Package desktop applications as AppImages that run on common Linux-based operating systems, such as RHEL, CentOS, openSUSE, SLED, Ubuntu, Fedora, debian and derivatives. Join #AppImage on irc.libera.chat
waydroid - Waydroid uses a container-based approach to boot a full Android system on a regular GNU/Linux system like Ubuntu.
nix - Nix, the purely functional package manager