site
nixpkgs
Our great sponsors
site | nixpkgs | |
---|---|---|
12 | 974 | |
601 | 15,656 | |
- | 5.3% | |
9.5 | 10.0 | |
7 days ago | 4 days ago | |
MDX | Nix | |
zlib License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
site
-
Ask HN: What side projects landed you a job?
My blog https://xeiaso.net (source code: https://github.com/Xe/site) and the stuff I've written for it ended up doing several things to help me get employed over the years:
1. Letting me have a place to write to get better at writing, which makes it easier to do my in DevRel.
2. Lets me talk about all of the interesting projects I work on (eg: an AI novel writing experiment https://xeiaso.net/videos/2023/ai-hackathon/) that people regularly find interesting. This gets people interested in wanting to employ me, which ends up working up well for me in the long run.
Do side projects, but write about what you did and what you learned.
- My First Impressions of Nix
-
Hacker News evading criticism by selectively adding noreferrer to certain links
As someone who is regularly falling victim to the rightward lurch (for having committed the dastardly crime of the wrong hormone activating in-utero), the only reason I don't actively block Hacker News readers is that I make ad money off of them. That is the only reason it's worth the abuse vector to me.
dang, if you are reading this, please take a moment to seriously consider the actions you have taken today. I understand your desire for the community that Hacker News could be, but that is so far away from what it is today that it's almost laughable. Yes, this is a no-win situation but that's bascially how it is globally when trying to be centerist about any issue. I use Hacker News referers to change the page slightly (mostly to add a deserved "hey, can you please not be an asshole, thanks" via this code: https://github.com/Xe/site/blob/686cc58fb6fc8f2e3bf0197e9b38...) and I would be very frustrated if that went away. Maybe even to the point of having a worker process figure out if my articles are posted to hacker news and making them go dark if they are on the front page. I know you value the articles I post (as our email threads have contained), but really it's an abuse vector that I need to keep metrics of.
Website administrators should be allowed to block Hacker News referers. Yes this is a thing that is not desirable for you as an administrator, but at some level something's got to give. The enshittening of Hacker News is something that is very undesirable for me too. I've gone over this in our emails. This was going to be another one of those emails, but I really would prefer this one to be out in the open.
-
Anything can be a message queue if you use it wrongly enough
My read time estimate code is here: https://github.com/Xe/site/blob/aa3608afa6c62695ca0ab139f823...
I've been trying to play with the constants over the years to make the read time estimate more "accurate", but it's a tough nut to crack in general. So I can go over my numbers more accurately, how long did it take you to read it?
-
Ask HN: Those with money-making side projects,how did you come up with the idea?
I originally started putting ads on my blog after people started being an asshole about my articles on Hacker News, originally scoped to only readers from Hacker News. That combined with Patreon pays for all my hosting costs (even the CDN on fly.io and my random AWS infrastructure) and all the video games I play (about $280 US per month of income). It's gotten to the point where it's a tax burden, but I think it's worth it. I've never had a side project make an actual profit before and I'm excited to keep writing as a way to hone my skills and get experience with even more fun technology.
My recent post on embedding Rust into Go programs with WebAssembly (https://news.ycombinator.com/item?id=33713717) made me about $20 of ad impressions on the day of its release, pretty impressive given how many of you people must run ad blockers!
It'd be cool to make my blog generate more income and eventually take over as my full time job, but I'm pretty happy with the fact that it's a side project that I can peck at when I want to. A lot of energy that would be spent doing various random Discord/IRC bots that go nowhere ends up being thrust into the blog instead. I also love being able to integrate various cursed things (like a Dhall script that takes my salary history data to spit out LaTeX for my resume: https://github.com/Xe/site/blob/main/dhall/latex/resume.dhal...) and then write up how I did it and why. It makes coming up with ideas for the blog a lot easier!
I have plans to make a "Why I think WASI is cool" style post with interactive terminals that run WebAssembly programs in the browser, but I'm still trying to figure out how to graft xterm.js into my custom build setup with Deno. I have an untested but should theoretically work implementation here though in case anyone has any tips: https://github.com/Xe/site/blob/main/src/frontend/wasiterm.t...
Filing my taxes is a huge pain now lol.
-
The carcinization of Go programs (via WASM)
Hi! I was going to ask about your site template but I see you already answered my questions :D
-
Salary Transparency
Patches are welcome: https://github.com/Xe/site/blob/main/templates/salary_transp...
-
Ask HN: Is having a Personal blog/brand worth it for you?
I've found it worth doing. My blog (xeiaso.net, formerly christine.website) is the main way that I get employed at this point. It also helps that people link it here a lot. After 100 articles or so writing got a lot easier and now people rely on my blog for a lot of things. I think it's worth it, but I've also been exclusively self-hosting it. I currently have the code (and writing) open source on GitHub (https://github.com/Xe/site) but I'm considering moving the writing to either a private repo or a SQLite database because people keep copying it, slathering it in ads and rehosting it.
- I Miss Heroku's DevEx
-
Crimes with Go Generics
Oh dear. I pushed an addendum to the article: https://github.com/Xe/site/commit/05135edcbe5e474131c15c2476...
Thanks for pointing that out!
nixpkgs
- Maintainers Leaving
-
Air Force picks Anduril, General Atomics to develop unmanned fighter jets
https://github.com/NixOS/nixpkgs/commits?author=neon-sunset
-
Eelco Dolstra's leadership is corrosive to the Nix project
I see two signers in the top 6 displayed on https://github.com/NixOS/nixpkgs/graphs/contributors
-
3rd Edition of Programming: Principles and Practice Using C++ by Stroustrup
For a single file script, nix can make the package management quite easy: https://github.com/NixOS/nixpkgs/blob/master/doc/languages-f...
For example,
```
- NixOS/nixpkgs: There isn't a clear canonical way to refer to a specific package
-
NixOS Is Not Reproducible
Yes, Nix doesn't actually ensure that the builds are deterministic. In fact it works just fine if they aren't. There are packages in nixpkgs that aren't reproducible: https://github.com/NixOS/nixpkgs/issues?q=is%3Aopen+is%3Aiss...
-
The xz attack shell script
I'm not familiar with Bazel, but Nix in it's current form wouldn't have solved this attack. First of all, the standard mkDerivation function calls the same configure; make; make install process that made this attack possible. Nixpkgs regularly pulls in external resources (fetchUrl and friends) that are equally vulnerable to a poisoned release tarball. Checkout the comment on the current xz entry in nixpkgs https://github.com/NixOS/nixpkgs/blob/master/pkgs/tools/comp...
-
Debian Git Monorepo
NixOS uses a monorepo and I think everyone's love it.
I love being able to easily grep through all the packages source code and there's regularly PRs that harmonizes conventions across many packages.
Nixpkgs doesn't include the packaged software source code, so it's a lot more practical than what Debian is doing.
https://github.com/NixOS/nixpkgs
-
From xz to ibus: more questionable tarballs
In this specific case, nix uses fetchFromGitHub to download the source archive, which are generated by GitHub for the specified revision[1]. Arch seems to just download the tarball from the releases page[2].
[1]: https://github.com/NixOS/nixpkgs/blob/3c2fdd0a4e6396fc310a6e...
[2]: https://gitlab.archlinux.org/archlinux/packaging/packages/ib...
-
GitHub Disabled the Xz Repo
True, but irrelevant -- _some packages_, _somewhere_, do depend on xz, which, if built, requires pulling the source from GitHub (see the default.nix: https://github.com/NixOS/nixpkgs/blob/nixos-23.11/pkgs/tools...)
It's not the vulnerability that's a problem right now (NixOS was protected by a couple of factors) but rather GitHub's hamfisted response.
That is the problem.
What are some alternatives?
tumblelog - A static tumblelog generator available as both a Perl and Python version
asdf - Extendable version manager with support for Ruby, Node.js, Elixir, Erlang & more
markwhen - Make a cascading timeline from markdown-like text. Supports simple American/European date styles, ISO8601, images, links, locations, and more.
Home Manager using Nix - Manage a user environment using Nix [maintainer=@rycee]
recco - Gain information about applications to inform deployments
git-lfs - Git extension for versioning large files
type-safe-builder-experiment - Experimenting with the type safe builder pattern in different languages.
easyeffects - Limiter, compressor, convolver, equalizer and auto volume and many other plugins for PipeWire applications
pgBackRest - Reliable PostgreSQL Backup & Restore
spack - A flexible package manager that supports multiple versions, configurations, platforms, and compilers.
Bailo - Managing the lifecycle of machine learning to support scalability, impact, collaboration, compliance and sharing.
waydroid - Waydroid uses a container-based approach to boot a full Android system on a regular GNU/Linux system like Ubuntu.