Release 1.12 (TBA) This release has the following new features: Start of new nix command line interface. This is a work in progress and the interface is subject to change. Self-documenting: shows all available command-line arguments. shows all configuration options. nix build: Replacement for nix-build. nix ls-store and nix ls-nar allow listing the contents of a store path or NAR file. nix cat-store and nix cat-nar allow extracting a file from a store path or NAR file. nix verify checks whether a store path is unmodified and/or is trusted. nix copy-sigs copies signatures from one store to another. nix sign-paths signs store paths. nix copy copies paths between arbitrary Nix stores, generalising nix-copy-closure and nix-push. nix path-info shows information about store paths. nix run starts a shell in which the specified packages are available. (TODO: currently broken in chroot mode) nix log shows the build log of a package or path. If the build log is not available locally, it will try to obtain it from a binary cache. nix eval replaces nix-instantiate --eval. nix dump-path to get a NAR from a store path. nix edit opens the source code of a package in an editor. nix search replaces nix-env -qa. It searches the available packages for occurences of a search string in the attribute name, package name or description. It caches available packages to speed up searches. The external program nix-repl has been integrated into Nix as nix repl. Nix now supports floating-point numbers. New build mode nix-build --hash that builds a derivation, computes the hash of the output, and moves the output to the store path corresponding to what a fixed-output derivation with that hash would produce. (Add docs and examples; see d367b8e7875161e655deaa96bf8a5dd0bcf8229e) It is no longer necessary to set the NIX_REMOTE environment variable if you need to use the Nix daemon. Nix will use the daemon automatically if you don’t have write access to the Nix database. The Nix language now supports floating point numbers. They are based on regular C++ float and compatible with existing integers and number-related operations. Export and import to and from JSON and XML works, too. nix-shell now sets the IN_NIX_SHELL environment variable during evaluation and in the shell itself. This can be used to perform different actions depending on whether you’re in a Nix shell or in a regular build. Nixpkgs provides lib.inNixShell to check this variable during evaluation. (bb36a1a3cf3fbe6bc9d0afcc5fa0f928bed03170) Internal: all Store classes are now thread-safe. RemoteStore supports multiple concurrent connections to the daemon. This is primarily useful in multi-threaded programs such as hydra-queue-runner. The dependency on Perl has been removed. As a result, some (obsolete) programs have been removed: nix-push (replaced by nix copy), nix-pull (obsoleted by binary caches), nix-generate-patches, bsdiff, bspatch. Improved store abstraction. Substituters eliminated. BinaryCacheStore, LocalBinaryCacheStore, HttpBinaryCacheStore, S3BinaryCacheStore (compile-time optional), SSHStore. Add docs + examples? Nix now stores signatures for local store paths. Locally-built paths are now signed automatically using the secret keys specified by the store option. In addition, store paths that have been built locally are marked as “ultimately trusted”, and content-addressable store paths carry a “content-addressability assertion” that allow them to be trusted without any signatures. NIX_PATH is now lazy, so URIs in the path are only downloaded if they are needed for evaluation. You can now use channel:channel-name as a short-hand for https://nixos.org/channels/channel-name/nixexprs.tar.xz. For example, nix-build channel:nixos-15.09 -A hello will build the GNU Hello package from the nixos-15.09 channel. “Nested” log output was removed. As a result, nix-log2xml was also removed. When is given, the last 10 lines of the build log will be shown if a build fails. builtins.fetchgit. (38539b943a060d9cdfc24d6e5d997c0885b8aa2f) Git repositories can now be specified in the Nix search path, e.g. nixpkgs=git://github.com/NixOS/nixpkgs. (d8bf0d4859e28ddd23401fbe89f4e528aa09ddb3) Removed OpenSSL-based signing. (f435f8247553656774dd1b2c88e9de5d59cab203) <nix/fetchurl.nix> now uses the content-addressable tarball cache at http://tarballs.nixos.org/, just like fetchurl in Nixpkgs. (f2682e6e18a76ecbfb8a12c17e3a0ca15c084197) Chroot Nix stores: allow the “physical” location of the Nix store (e.g. /home/alice/nix/store) to differ from its “logical” location (typically /nix/store). This allows non-root users to use Nix while still getting the benefits from prebuilt binaries from cache.nixos.org. (4494000e04122f24558e1436e66d20d89028b4bd, 3eb621750848e0e6b30e5a79f76afbb096bb6c8a) On Linux, builds are now executed in a user namespace with uid 1000 and gid 100. builtins.fetchurl and builtins.fetchTarball now support sha256 and name attributes. Using these functions is now allowed in restricted mode if a hash is supplied. HttpBinaryCacheStore (the replacement of download-from-binary-cache) now retries automatically on certain HTTP error codes. Derivation attributes can now reference the outputs of the derivation using the placeholder builtin function. For example, the attribute configureFlags = "--prefix=${placeholder "out"} --includedir=${placeholder "dev"}"; will cause the configureFlags environment variable to contain the actual store paths corresponding to the out and dev outputs. TODO: add docs. Added builtin function builtins.partition. Support for HTTP/2. This makes binary cache lookups much more efficient. (90ad02bf626b885a5dd8967894e2eafc953bdf92) Caching of failed builds has been removed. (8cffec84859cec8b610a2a22ab0c4d462a9351ff) The configuration option can now specify optional paths by appending a ?, e.g. /dev/nvidiactl? will bind-mount /dev/nvidiactl only if it exists. More support for testing build reproducibility: when is set to false, it’s no longer a fatal error build rounds produce different output (8bdf83f936adae6f2c907a6d2541e80d4120f051); add a hook to run diffoscope when build rounds produce different output (9a313469a4bdea2d1e8df24d16289dc2a172a169w). Kill builds as soon as stdout/stderr is closed. This fixes a bug that allowed builds to hang Nix indefinitely (regardless of timeouts). (21948deed99a3295e4d5666e027a6ca42dc00b40) Add support for passing structured data to builders. TODO: document. (6de33a9c675b187437a2e1abbcb290981a89ecb1) exportReferencesGraph: Export more complete info in JSON format. (c2b0d8749f7e77afc1c4b3e8dd36b7ee9720af4a) Support for netrc. (e6e74f987f0fa284d220432d426eb965269a97d6, 302386f775eea309679654e5ea7c972fb6e7b9af) Support s3:// URIs in all places where Nix allows URIs. (9ff9c3f2f80ba4108e9c945bbfda2c64735f987b) The option can be set to auto to use the number of CPUs in the system. (7251d048fa812d2551b7003bc9f13a8f5d4c95a5) Add support for Brotli compression. cache.nixos.org compresses build logs using Brotli. Substitutions from binary caches now require signatures by default. This was already the case on NixOS. (ecbc3fedd3d5bdc5a0e1a0a51b29062f2874ac8b) nix-env now ignores packages with bad derivation names (in particular those starting with a digit or containing a dot). (b0cb11722626e906a73f10dd9a0c9eea29faf43a) Renamed various configuration options. (TODO: in progress) Remote machines can now be specified on the command line. TODO: document. (1a68710d4dff609bbaf61db3e17a2573f0aadf17) In Linux sandbox builds, we now use /build instead of /tmp as the temporary build directory. This fixes potential security problems when a build accidentally stores its TMPDIR in some critical place, such as an RPATH. (eba840c8a13b465ace90172ff76a0db2899ab11b) In Linux sandbox builds, we now provide a default /bin/sh (namely ash from BusyBox). (a2d92bb20e82a0957067ede60e91fab256948b41) Make all configuration options available as command line flags (b8283773bd64d7da6859ed520ee19867742a03ba). Support base-64 hashes. (c0015e87af70f539f24d2aa2bc224a9d8b84276b) nix-shell now used bashInteractive from Nixpkgs, rather than the bash command that happens to be in the caller’s PATH. This is especially important on macOS where the bash provided by the system is seriously outdated and cannot execute stdenv’s setup script. This release has contributions from TBD.