About me: My name is Solène Rapenne, pronouns she/her. I like learning and sharing knowledge. Hobbies: '(BSD OpenBSD Qubes OS Lisp cmdline gaming security QubesOS internet-stuff). I love percent and lambda characters. OpenBSD developer solene@. No AI is involved in this blog.

Contact me: solene at dataswamp dot org or @solene@bsd.network (mastodon).

I'm a freelance OpenBSD, FreeBSD, Linux and Qubes OS consultant, this includes DevOps, DevSecOps, technical writing or documentation work.

If you enjoy this blog, you can sponsor my open source work financially so I can write this blog and contribute to Free Software as my daily job.

What is going on in Nix community?

Written by Solène, on 27 April 2024.
Tags: #nix #nixos #life

Comments on Fediverse/Mastodon

1. Introduction §

You may have heard about issues within the Nix/NixOS community, this blog post will try to help you understand what is going on.

Please note that it is hard to get a grasp of the big picture, it is a more long term feeling that the project governance was wrong (or absent?) and people got tired.

This blog posts was written with my knowledge and feelings, I clearly do not represent the community.

Save Nix Together: an open letter to the NixOS foundation

Xe blog post: Much ado about nothing

There is a maintainer departure milestone in the Nixpkgs GitHub project.

GitHub milestone 27: Maintainers leaving

2. Project structure §

First, it is important to understand how the project works.

Nix (and NixOS, but it is not the core of the project), was developed by Eelco Dolstra early 2000. The project is open source, available on GitHub and everyone can contribute.

Nix is a tool to handle packaging in a certain way, and it has another huge repository (top 10 GitHub repo) called nixpkgs that contains all packages definition. nixpkgs is known to be the most up-to-date repository and biggest repository of packages, thanks to heavy automation and a huge community.

The NixOS foundation (that's the name of the entity managing the project) has a board that steer the project in some direction and handle questions. First problem is that it is known to be slow to act and response.

Making huge changes to Nix or Nixpkgs requires making an RFC (Request For Comment), explaining the rationale behind a change and a consensus has to be found with others to agree (it is somewhat democratic). Eelco decided a while ago to introduce a huge change in Nix (called Flakes) without going through the whole RFC process, this introduced a lot of tension and criticism because they should have gone through the process like every other people, and the feature is half-baked but got some traction and now Nix paradigm was split between two different modes that are not really compatible.

GitHub Pull request to introduce Flakes: Eelco Dolstra mentioning they could merge it as experimental

There are also issues related to some sponsors in the Nix conferences, like companies related to militaries, but this is better explained in the links above, so I will not make a recap.

3. Company involvement §

This point is what made me leave NixOS community. I worked for a company called Tweag, involved into Nix for a while and paying people to contribute to Nix and Nixpkgs to improve the user experience for their client. This made me realize the impact of companies into open source, and the more I got involved into this, the more I realized that Nix was mostly driven by companies paying developers to improve the tool for business.

Paying people to develop features or fixing bug is fine, but when a huge number of contributors are paid by companies, this lead to poor decisions and conflicts of interest.

In the current situation, Eelco Dolstra published a blog post to remember the project is open source and belong to its contributors.

Eelco Dolstra blog post

The thing in this blog post, that puzzles me, is that most people at Determinate Systems (Eelco co-founded company) are deeply involved into Nix in various way. In this situation, it is complicated for contributors to separate what they want for the project from what their employer wants. It is common for nix contributors to contribute with both hats.

4. Conclusion §

Unfortunately, I am not really surprised this is happening. When a huge majority of people spending their free time contributing to a project they love and that companies relentlessly quiet their voice, it just can't work.

I hope Nix community will be able to sort this out and keep contributing to the project they love. This is open source and libre software, most affected people contribute because they like doing so, they do not deserve what is happening, but it never came with any guarantees either.

5. Extra: Why did I stop using Nix? §

I don't think this deserved a dedicated blog post, so here are some words.

From my experience, contributing to Nix was complicated. Sometimes, changes could be committed in minutes, leaving no time for other to review a change, and sometimes a PR could take months or years because of nitpicking and maintainer losing faith.

Another reason I stopped using nix was that it is quite easy to get nixpkgs commit access (I don't have commit access myself, I never wanted to inflict the nix language to myself), a supply chain attack would be easy to achieve in my opinion: there are so many commits done that it is impossible for a trustable group to review everything, and there are too many contributors to be sure they are all trustable.

6. Alternative to Nix/NixOS? §

If you do not like Nix/NixOS governance, it could be time to take a look at Guix, a Nix fork that happened in 2012. It is a much smaller community than nix, but the tooling, packages set and community is not at rest.

Guix being a 100% libre software project, it does not target MacOS like nix, nor it will include/package proprietary software, however for the second "problem", there is an unofficial repository called guix-nonfree that contains many packages like firmware and proprietary software, most users will want to include this repo.

Guix is old school, people exchange over IRC and send git diff over email, please do not bother them if this is not your cup of tea. On top of that, Guix uses the programming language Scheme (a Lisp-1 language) and if you want to work with this language, emacs is your best friend (try geiser mode!).

Guix official project webpage