diff --git a/doc/manual/release-notes/rl-1.12.xml b/doc/manual/release-notes/rl-1.12.xml
index b7f45fc44..6aab0ab90 100644
--- a/doc/manual/release-notes/rl-1.12.xml
+++ b/doc/manual/release-notes/rl-1.12.xml
@@ -10,6 +10,91 @@
+
+ Start of new nix command line
+ interface. This is a work in progress and the interface is subject
+ to change.
+
+
+
+ Self-documenting: shows
+ all available command-line arguments.
+
+ shows all
+ configuration options.
+
+ nix build: Replacement for
+ nix-build.
+
+ nix ls-store and nix
+ ls-nar allow listing the contents of a store path or
+ NAR file.
+
+ nix cat-store and
+ nix cat-nar allow extracting a file from a
+ store path or NAR file.
+
+ nix verify checks whether a
+ store path is unmodified and/or is trusted.
+
+ nix copy-sigs copies
+ signatures from one store to another.
+
+ nix sign-paths signs store
+ paths.
+
+ nix copy copies paths between
+ arbitrary Nix stores, generalising
+ nix-copy-closure and
+ nix-push.
+
+ nix path-info shows
+ information about store paths.
+
+ nix run starts a shell in
+ which the specified packages are available. (TODO: currently
+ broken in chroot mode)
+
+ nix log shows the build log
+ of a package or path. If the build log is not available locally,
+ it will try to obtain it from a binary cache.
+
+ nix eval replaces
+ nix-instantiate --eval.
+
+ nix dump-path to get a NAR
+ from a store path.
+
+ nix edit opens the source
+ code of a package in an editor.
+
+ nix search replaces
+ nix-env -qa. It searches the available
+ packages for occurences of a search string in the attribute
+ name, package name or description. It caches available packages
+ to speed up searches.
+
+
+
+
+
+
+ The external program nix-repl has been
+ integrated into Nix as nix repl.
+
+
+
+ Nix now supports floating-point numbers.
+
+
+
+ New build mode nix-build --hash that
+ builds a derivation, computes the hash of the output, and moves
+ the output to the store path corresponding to what a fixed-output
+ derivation with that hash would produce.
+ (Add docs and examples; see d367b8e7875161e655deaa96bf8a5dd0bcf8229e)
+
+
It is no longer necessary to set the
NIX_REMOTE environment variable if you need to use
@@ -21,9 +106,282 @@
The Nix language now supports floating point numbers. They are
based on regular C++ float and compatible with
existing integers and number-related operations. Export and import to and
- from JSON and XML works, too.
-
+ from JSON and XML works, too.
+
+
+ nix-shell now sets the
+ IN_NIX_SHELL environment variable during
+ evaluation and in the shell itself. This can be used to perform
+ different actions depending on whether you’re in a Nix shell or in
+ a regular build. Nixpkgs provides
+ lib.inNixShell to check this variable during
+ evaluation. (bb36a1a3cf3fbe6bc9d0afcc5fa0f928bed03170)
+
+
+
+ Internal: all Store classes are now
+ thread-safe. RemoteStore supports multiple
+ concurrent connections to the daemon. This is primarily useful in
+ multi-threaded programs such as
+ hydra-queue-runner.
+
+
+
+ The dependency on Perl has been removed. As a result, some
+ (obsolete) programs have been removed: nix-push
+ (replaced by nix copy),
+ nix-pull (obsoleted by binary caches),
+ nix-generate-patches,
+ bsdiff, bspatch.
+
+
+
+ Improved store abstraction. Substituters
+ eliminated. BinaryCacheStore, LocalBinaryCacheStore,
+ HttpBinaryCacheStore, S3BinaryCacheStore (compile-time
+ optional), SSHStore. Add docs + examples?
+
+
+
+
+ Nix now stores signatures for local store
+ paths. Locally-built paths are now signed automatically using the
+ secret keys specified by the
+ store option.
+
+ In addition, store paths that have been built locally are
+ marked as “ultimately trusted”, and content-addressable store
+ paths carry a “content-addressability assertion” that allow them
+ to be trusted without any signatures.
+
+
+
+ NIX_PATH is now lazy, so URIs in the path are
+ only downloaded if they are needed for evaluation.
+
+
+
+ You can now use
+ channel:channel-name as a
+ short-hand for
+ https://nixos.org/channels/channel-name/nixexprs.tar.xz. For
+ example, nix-build channel:nixos-15.09 -A hello
+ will build the GNU Hello package from the
+ nixos-15.09 channel.
+
+
+
+ “Nested” log output was removed. As a result,
+ nix-log2xml was also removed.
+
+
+
+ When is given, the last
+ 10 lines of the build log will be shown if a build
+ fails.
+
+
+
+ builtins.fetchgit.
+ (38539b943a060d9cdfc24d6e5d997c0885b8aa2f)
+
+
+
+ Git repositories can now be specified in the Nix search
+ path,
+ e.g. nixpkgs=git://github.com/NixOS/nixpkgs.
+ (d8bf0d4859e28ddd23401fbe89f4e528aa09ddb3)
+
+
+
+ Removed OpenSSL-based signing. (f435f8247553656774dd1b2c88e9de5d59cab203)
+
+
+
+ <nix/fetchurl.nix> now uses the
+ content-addressable tarball cache at
+ http://tarballs.nixos.org/, just like
+ fetchurl in
+ Nixpkgs. (f2682e6e18a76ecbfb8a12c17e3a0ca15c084197)
+
+
+
+ Chroot Nix stores: allow the “physical” location of the Nix
+ store (e.g. /home/alice/nix/store) to differ
+ from its “logical” location (typically
+ /nix/store). This allows non-root users to
+ use Nix while still getting the benefits from prebuilt binaries
+ from
+ cache.nixos.org. (4494000e04122f24558e1436e66d20d89028b4bd,
+ 3eb621750848e0e6b30e5a79f76afbb096bb6c8a)
+
+
+
+ On Linux, builds are now executed in a user
+ namespace with uid 1000 and gid 100.
+
+
+
+ builtins.fetchurl and
+ builtins.fetchTarball now support
+ sha256 and name
+ attributes. Using these functions is now allowed in restricted
+ mode if a hash is supplied.
+
+
+
+ HttpBinaryCacheStore (the replacement of
+ download-from-binary-cache) now retries
+ automatically on certain HTTP error codes.
+
+
+
+ Derivation attributes can now reference the outputs of the
+ derivation using the placeholder builtin
+ function. For example, the attribute
+
+
+configureFlags = "--prefix=${placeholder "out"} --includedir=${placeholder "dev"}";
+
+
+ will cause the configureFlags environment variable
+ to contain the actual store paths corresponding to the
+ out and dev outputs. TODO:
+ add docs.
+
+
+
+ Added builtin function
+ builtins.partition.
+
+
+
+ Support for HTTP/2. This makes binary cache lookups much
+ more efficient. (90ad02bf626b885a5dd8967894e2eafc953bdf92)
+
+
+
+ Caching of failed builds has been
+ removed. (8cffec84859cec8b610a2a22ab0c4d462a9351ff)
+
+
+
+ The configuration
+ option can now specify optional paths by appending a
+ ?, e.g. /dev/nvidiactl? will
+ bind-mount /dev/nvidiactl only if it
+ exists.
+
+
+
+ More support for testing build reproducibility: when
+ is set to
+ false, it’s no longer a fatal error build
+ rounds produce different output
+ (8bdf83f936adae6f2c907a6d2541e80d4120f051); add a hook to run
+ diffoscope when build rounds produce different output
+ (9a313469a4bdea2d1e8df24d16289dc2a172a169w).
+
+
+
+ Kill builds as soon as stdout/stderr is closed. This fixes a
+ bug that allowed builds to hang Nix indefinitely (regardless of
+ timeouts). (21948deed99a3295e4d5666e027a6ca42dc00b40)
+
+
+
+ Add support for passing structured data to builders. TODO:
+ document. (6de33a9c675b187437a2e1abbcb290981a89ecb1)
+
+
+
+ exportReferencesGraph: Export more
+ complete info in JSON
+ format. (c2b0d8749f7e77afc1c4b3e8dd36b7ee9720af4a)
+
+
+
+ Support for
+ netrc. (e6e74f987f0fa284d220432d426eb965269a97d6,
+ 302386f775eea309679654e5ea7c972fb6e7b9af)
+
+
+
+ Support s3:// URIs in all places where Nix allows
+ URIs. (9ff9c3f2f80ba4108e9c945bbfda2c64735f987b)
+
+
+
+ The option can be set to
+ auto to use the number of CPUs in the
+ system. (7251d048fa812d2551b7003bc9f13a8f5d4c95a5)
+
+
+
+ Add support for Brotli compression.
+ cache.nixos.org compresses build logs using
+ Brotli.
+
+
+
+ Substitutions from binary caches now require signatures by
+ default. This was already the case on
+ NixOS. (ecbc3fedd3d5bdc5a0e1a0a51b29062f2874ac8b)
+
+
+
+ nix-env now ignores packages with bad
+ derivation names (in particular those starting with a digit or
+ containing a
+ dot). (b0cb11722626e906a73f10dd9a0c9eea29faf43a)
+
+
+
+ Renamed various configuration options. (TODO: in progress)
+
+
+
+ Remote machines can now be specified on the command
+ line. TODO:
+ document. (1a68710d4dff609bbaf61db3e17a2573f0aadf17)
+
+
+
+ In Linux sandbox builds, we now use
+ /build instead of /tmp
+ as the temporary build directory. This fixes potential security
+ problems when a build accidentally stores its
+ TMPDIR in some critical place, such as an
+ RPATH. (eba840c8a13b465ace90172ff76a0db2899ab11b)
+
+
+
+ In Linux sandbox builds, we now provide a default
+ /bin/sh (namely ash from
+ BusyBox). (a2d92bb20e82a0957067ede60e91fab256948b41)
+
+
+
+ Make all configuration options available as command line
+ flags (b8283773bd64d7da6859ed520ee19867742a03ba).
+
+
+
+ Support base-64
+ hashes. (c0015e87af70f539f24d2aa2bc224a9d8b84276b)
+
+
+
+ nix-shell now used
+ bashInteractive from Nixpkgs, rather than the
+ bash command that happens to be in the caller’s
+ PATH. This is especially important on macOS where
+ the bash provided by the system is seriously
+ outdated and cannot execute stdenv’s setup
+ script.
+
+
This release has contributions from TBD.