[Nix-dev] hermetically sealed nixpkgs
Chris Forno
jekor at jekor.com
Mon Dec 7 05:44:17 CET 2015
How would you go about (pre)fetching every source in the nixpkgs tree? How
large would you estimate the result to be (number of archives/space on
disk)?
In the last couple days:
* GNU bash silently updated patch 42 (
https://github.com/NixOS/nixpkgs/issues/11475)
* OpenSSL moved the 1.0.2d release to the "old" directory (breaking the
URL) (
https://github.com/NixOS/nixpkgs/commit/51a5f49d700890a93c36dd50e5eca4bf6ee6966b
)
These kind of breakages introduced by the external world erode the promise
of Nix that attracted me as a developer: reproducible builds into the
future. In this respect alone, Nix + a fixed nixpkgs checkout provides
little/no advantage over building in a VM: both work indefinitely as long
as you don't introduce new dependencies.
I intend to build/test a sort of hermetically sealed Nix where all
dependencies are frozen in time (saved somewhere). I suspect I'm not alone
in wanting this (
http://permalink.gmane.org/gmane.linux.distributions.nixos/18611). I'd
appreciate any tips/guidance/references to related work before I begin.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.science.uu.nl/pipermail/nix-dev/attachments/20151207/72f7243c/attachment-0001.html
More information about the nix-dev
mailing list