Release 2.0 (2018-02-??)This release has the following new features:Start of new nix command line
interface. This is a work in progress and the interface is subject
to change.Self-documenting: shows
all available command-line arguments. shows all
configuration options.nix build: Replacement for
nix-build.nix ls-store and nix
ls-nar allow listing the contents of a store path or
NAR file.nix cat-store and
nix cat-nar allow extracting a file from a
store path or NAR file.nix verify checks whether a
store path is unmodified and/or is trusted.nix copy-sigs copies
signatures from one store to another.nix sign-paths signs store
paths.nix copy copies paths between
arbitrary Nix stores, generalising
nix-copy-closure and
nix-push.nix path-info shows
information about store paths.nix run starts a shell in
which the specified packages are available.nix log shows the build log
of a package or path. If the build log is not available locally,
it will try to obtain it from a binary cache.nix eval replaces
nix-instantiate --eval.nix dump-path to get a NAR
from a store path.nix edit opens the source
code of a package in an editor.nix search replaces
nix-env -qa. It searches the available
packages for occurences of a search string in the attribute
name, package name or description. It caches available packages
to speed up searches.nix why-depends (d41c5eb13f4f3a37d80dbc6d3888644170c3b44a).nix show-derivation (e8d6ee7c1b90a2fe6d824f1a875acc56799ae6e2).nix add-to-store (970366266b8df712f5f9cedb45af183ef5a8357f).nix upgrade-nix upgrades Nix
to the latest stable version. This requires that Nix is
installed in a profile. (Thus it won’t work on NixOS, or if it’s
installed outside of the Nix store.)Progress indicator.All options are available as flags now
(b8283773bd64d7da6859ed520ee19867742a03ba).The external program nix-repl has been
integrated into Nix as nix repl.If a fixed-output derivation produces a result with an
incorrect hash, the output path will be moved to the location
corresponding to the actual hash and registered as valid. Thus, a
subsequent build of the fixed-output derivation with the correct
hash is unnecessary.It is no longer necessary to set the
NIX_REMOTE environment variable if you need to use
the Nix daemon. Nix will use the daemon automatically if you don’t
have write access to the Nix database.The Nix language now supports floating point numbers. They are
based on regular C++ float and compatible with
existing integers and number-related operations. Export and import to and
from JSON and XML works, too.nix-shell now sets the
IN_NIX_SHELL environment variable during
evaluation and in the shell itself. This can be used to perform
different actions depending on whether you’re in a Nix shell or in
a regular build. Nixpkgs provides
lib.inNixShell to check this variable during
evaluation. (bb36a1a3cf3fbe6bc9d0afcc5fa0f928bed03170)Internal: all Store classes are now
thread-safe. RemoteStore supports multiple
concurrent connections to the daemon. This is primarily useful in
multi-threaded programs such as
hydra-queue-runner.The dependency on Perl has been removed. As a result, some
(obsolete) programs have been removed: nix-push
(replaced by nix copy),
nix-pull (obsoleted by binary caches),
nix-generate-patches,
bsdiff, bspatch.Improved store abstraction. Substituters
eliminated. BinaryCacheStore, LocalBinaryCacheStore,
HttpBinaryCacheStore, S3BinaryCacheStore (compile-time
optional), SSHStore. Add docs + examples?
Nix now stores signatures for local store
paths. Locally-built paths are now signed automatically using the
secret keys specified by the
store option.In addition, store paths that have been built locally are
marked as “ultimately trusted”, and content-addressable store
paths carry a “content-addressability assertion” that allow them
to be trusted without any signatures.NIX_PATH is now lazy, so URIs in the path are
only downloaded if they are needed for evaluation.You can now use
channel:channel-name as a
short-hand for
https://nixos.org/channels/channel-name/nixexprs.tar.xz. For
example, nix-build channel:nixos-15.09 -A hello
will build the GNU Hello package from the
nixos-15.09 channel.When is given, the last
10 lines of the build log will be shown if a build
fails.builtins.fetchGit.
(38539b943a060d9cdfc24d6e5d997c0885b8aa2f)<nix/fetchurl.nix> now uses the
content-addressable tarball cache at
http://tarballs.nixos.org/, just like
fetchurl in
Nixpkgs. (f2682e6e18a76ecbfb8a12c17e3a0ca15c084197)Chroot Nix stores: allow the “physical” location of the Nix
store (e.g. /home/alice/nix/store) to differ
from its “logical” location (typically
/nix/store). This allows non-root users to
use Nix while still getting the benefits from prebuilt binaries
from
cache.nixos.org. (4494000e04122f24558e1436e66d20d89028b4bd,
3eb621750848e0e6b30e5a79f76afbb096bb6c8a)On Linux, builds are now executed in a user
namespace with uid 1000 and gid 100.builtins.fetchurl and
builtins.fetchTarball now support
sha256 and name
attributes.HttpBinaryCacheStore (the replacement of
download-from-binary-cache) now retries
automatically on certain HTTP error codes.Derivation attributes can now reference the outputs of the
derivation using the placeholder builtin
function. For example, the attribute
configureFlags = "--prefix=${placeholder "out"} --includedir=${placeholder "dev"}";
will cause the configureFlags environment variable
to contain the actual store paths corresponding to the
out and dev outputs. TODO:
add docs.Support for HTTP/2. This makes binary cache lookups much
more efficient. (90ad02bf626b885a5dd8967894e2eafc953bdf92)The configuration
option can now specify optional paths by appending a
?, e.g. /dev/nvidiactl? will
bind-mount /dev/nvidiactl only if it
exists.More support for testing build reproducibility: when
is set to
false, it’s no longer a fatal error build
rounds produce different output
(8bdf83f936adae6f2c907a6d2541e80d4120f051); add a hook to run
diffoscope when build rounds produce different output
(9a313469a4bdea2d1e8df24d16289dc2a172a169w).Kill builds as soon as stdout/stderr is closed. This fixes a
bug that allowed builds to hang Nix indefinitely (regardless of
timeouts). (21948deed99a3295e4d5666e027a6ca42dc00b40)Add support for passing structured data to builders. TODO:
document. (6de33a9c675b187437a2e1abbcb290981a89ecb1)exportReferencesGraph: Export more
complete info in JSON
format. (c2b0d8749f7e77afc1c4b3e8dd36b7ee9720af4a)Support for
netrc. (e6e74f987f0fa284d220432d426eb965269a97d6,
302386f775eea309679654e5ea7c972fb6e7b9af)Support s3:// URIs in all places where Nix allows
URIs. (9ff9c3f2f80ba4108e9c945bbfda2c64735f987b)The option can be set to
auto to use the number of CPUs in the
system. (7251d048fa812d2551b7003bc9f13a8f5d4c95a5)Add support for Brotli compression.
cache.nixos.org compresses build logs using
Brotli.Substitutions from binary caches now require signatures by
default. This was already the case on
NixOS. (ecbc3fedd3d5bdc5a0e1a0a51b29062f2874ac8b)nix-env now ignores packages with bad
derivation names (in particular those starting with a digit or
containing a
dot). (b0cb11722626e906a73f10dd9a0c9eea29faf43a)Renamed various configuration options. (TODO: in progress)Remote machines can now be specified on the command
line. TODO:
document. (1a68710d4dff609bbaf61db3e17a2573f0aadf17)In Linux sandbox builds, we now use
/build instead of /tmp
as the temporary build directory. This fixes potential security
problems when a build accidentally stores its
TMPDIR in some critical place, such as an
RPATH. (eba840c8a13b465ace90172ff76a0db2899ab11b)In Linux sandbox builds, we now provide a default
/bin/sh (namely ash from
BusyBox). (a2d92bb20e82a0957067ede60e91fab256948b41)Make all configuration options available as command line
flags (b8283773bd64d7da6859ed520ee19867742a03ba).Support base-64
hashes. (c0015e87af70f539f24d2aa2bc224a9d8b84276b)nix-shell now uses
bashInteractive from Nixpkgs, rather than the
bash command that happens to be in the caller’s
PATH. This is especially important on macOS where
the bash provided by the system is seriously
outdated and cannot execute stdenv’s setup
script.New builtin functions: builtins.split
(b8867a0239b1930a16f9ef3f7f3e864b01416dff),
builtins.partition.Automatic garbage collection.nix-store -q --roots and
nix-store --gc --print-roots now show temporary
and in-memory roots.Builders can now communicate what build phase they are in by
writing messages to the file descriptor specified in
NIX_LOG_FD. (88e6bb76de5564b3217be9688677d1c89101b2a3)
Some features were removed:“Nested” log output. As a result,
nix-log2xml was also removed.OpenSSL-based signing. (f435f8247553656774dd1b2c88e9de5d59cab203)Caching of failed
builds. (8cffec84859cec8b610a2a22ab0c4d462a9351ff)nix-mode.el has been removed from
Nix. It is now a separate repository in
https://github.com/NixOS/nix-mode and can be installed
through the MELPA package repository.In restricted evaluation mode
(), builtin functions that
download from the network (such as fetchGit)
are permitted to fetch underneath the list of URI prefixes
specified in the option .This release has contributions from TBD.