Release 1.12 (TBA)This release has the following new features:Start of new nix command line
interface. This is a work in progress and the interface is subject
to change.Self-documenting: shows
all available command-line arguments. shows all
configuration options.nix build: Replacement for
nix-build.nix ls-store and nix
ls-nar allow listing the contents of a store path or
NAR file.nix cat-store and
nix cat-nar allow extracting a file from a
store path or NAR file.nix verify checks whether a
store path is unmodified and/or is trusted.nix copy-sigs copies
signatures from one store to another.nix sign-paths signs store
paths.nix copy copies paths between
arbitrary Nix stores, generalising
nix-copy-closure and
nix-push.nix path-info shows
information about store paths.nix run starts a shell in
which the specified packages are available. (TODO: currently
broken in chroot mode)nix log shows the build log
of a package or path. If the build log is not available locally,
it will try to obtain it from a binary cache.nix eval replaces
nix-instantiate --eval.nix dump-path to get a NAR
from a store path.nix edit opens the source
code of a package in an editor.nix search replaces
nix-env -qa. It searches the available
packages for occurences of a search string in the attribute
name, package name or description. It caches available packages
to speed up searches.The external program nix-repl has been
integrated into Nix as nix repl.Nix now supports floating-point numbers.New build mode nix-build --hash that
builds a derivation, computes the hash of the output, and moves
the output to the store path corresponding to what a fixed-output
derivation with that hash would produce.
(Add docs and examples; see d367b8e7875161e655deaa96bf8a5dd0bcf8229e)It is no longer necessary to set the
NIX_REMOTE environment variable if you need to use
the Nix daemon. Nix will use the daemon automatically if you don’t
have write access to the Nix database.The Nix language now supports floating point numbers. They are
based on regular C++ float and compatible with
existing integers and number-related operations. Export and import to and
from JSON and XML works, too.nix-shell now sets the
IN_NIX_SHELL environment variable during
evaluation and in the shell itself. This can be used to perform
different actions depending on whether you’re in a Nix shell or in
a regular build. Nixpkgs provides
lib.inNixShell to check this variable during
evaluation. (bb36a1a3cf3fbe6bc9d0afcc5fa0f928bed03170)Internal: all Store classes are now
thread-safe. RemoteStore supports multiple
concurrent connections to the daemon. This is primarily useful in
multi-threaded programs such as
hydra-queue-runner.The dependency on Perl has been removed. As a result, some
(obsolete) programs have been removed: nix-push
(replaced by nix copy),
nix-pull (obsoleted by binary caches),
nix-generate-patches,
bsdiff, bspatch.Improved store abstraction. Substituters
eliminated. BinaryCacheStore, LocalBinaryCacheStore,
HttpBinaryCacheStore, S3BinaryCacheStore (compile-time
optional), SSHStore. Add docs + examples?
Nix now stores signatures for local store
paths. Locally-built paths are now signed automatically using the
secret keys specified by the
store option.In addition, store paths that have been built locally are
marked as “ultimately trusted”, and content-addressable store
paths carry a “content-addressability assertion” that allow them
to be trusted without any signatures.NIX_PATH is now lazy, so URIs in the path are
only downloaded if they are needed for evaluation.You can now use
channel:channel-name as a
short-hand for
https://nixos.org/channels/channel-name/nixexprs.tar.xz. For
example, nix-build channel:nixos-15.09 -A hello
will build the GNU Hello package from the
nixos-15.09 channel.“Nested” log output was removed. As a result,
nix-log2xml was also removed.When is given, the last
10 lines of the build log will be shown if a build
fails.builtins.fetchgit.
(38539b943a060d9cdfc24d6e5d997c0885b8aa2f)Git repositories can now be specified in the Nix search
path,
e.g. nixpkgs=git://github.com/NixOS/nixpkgs.
(d8bf0d4859e28ddd23401fbe89f4e528aa09ddb3)Removed OpenSSL-based signing. (f435f8247553656774dd1b2c88e9de5d59cab203)<nix/fetchurl.nix> now uses the
content-addressable tarball cache at
http://tarballs.nixos.org/, just like
fetchurl in
Nixpkgs. (f2682e6e18a76ecbfb8a12c17e3a0ca15c084197)Chroot Nix stores: allow the “physical” location of the Nix
store (e.g. /home/alice/nix/store) to differ
from its “logical” location (typically
/nix/store). This allows non-root users to
use Nix while still getting the benefits from prebuilt binaries
from
cache.nixos.org. (4494000e04122f24558e1436e66d20d89028b4bd,
3eb621750848e0e6b30e5a79f76afbb096bb6c8a)On Linux, builds are now executed in a user
namespace with uid 1000 and gid 100.builtins.fetchurl and
builtins.fetchTarball now support
sha256 and name
attributes. Using these functions is now allowed in restricted
mode if a hash is supplied.HttpBinaryCacheStore (the replacement of
download-from-binary-cache) now retries
automatically on certain HTTP error codes.Derivation attributes can now reference the outputs of the
derivation using the placeholder builtin
function. For example, the attribute
configureFlags = "--prefix=${placeholder "out"} --includedir=${placeholder "dev"}";
will cause the configureFlags environment variable
to contain the actual store paths corresponding to the
out and dev outputs. TODO:
add docs.Added builtin function
builtins.partition.Support for HTTP/2. This makes binary cache lookups much
more efficient. (90ad02bf626b885a5dd8967894e2eafc953bdf92)Caching of failed builds has been
removed. (8cffec84859cec8b610a2a22ab0c4d462a9351ff)The configuration
option can now specify optional paths by appending a
?, e.g. /dev/nvidiactl? will
bind-mount /dev/nvidiactl only if it
exists.More support for testing build reproducibility: when
is set to
false, it’s no longer a fatal error build
rounds produce different output
(8bdf83f936adae6f2c907a6d2541e80d4120f051); add a hook to run
diffoscope when build rounds produce different output
(9a313469a4bdea2d1e8df24d16289dc2a172a169w).Kill builds as soon as stdout/stderr is closed. This fixes a
bug that allowed builds to hang Nix indefinitely (regardless of
timeouts). (21948deed99a3295e4d5666e027a6ca42dc00b40)Add support for passing structured data to builders. TODO:
document. (6de33a9c675b187437a2e1abbcb290981a89ecb1)exportReferencesGraph: Export more
complete info in JSON
format. (c2b0d8749f7e77afc1c4b3e8dd36b7ee9720af4a)Support for
netrc. (e6e74f987f0fa284d220432d426eb965269a97d6,
302386f775eea309679654e5ea7c972fb6e7b9af)Support s3:// URIs in all places where Nix allows
URIs. (9ff9c3f2f80ba4108e9c945bbfda2c64735f987b)The option can be set to
auto to use the number of CPUs in the
system. (7251d048fa812d2551b7003bc9f13a8f5d4c95a5)Add support for Brotli compression.
cache.nixos.org compresses build logs using
Brotli.Substitutions from binary caches now require signatures by
default. This was already the case on
NixOS. (ecbc3fedd3d5bdc5a0e1a0a51b29062f2874ac8b)nix-env now ignores packages with bad
derivation names (in particular those starting with a digit or
containing a
dot). (b0cb11722626e906a73f10dd9a0c9eea29faf43a)Renamed various configuration options. (TODO: in progress)Remote machines can now be specified on the command
line. TODO:
document. (1a68710d4dff609bbaf61db3e17a2573f0aadf17)In Linux sandbox builds, we now use
/build instead of /tmp
as the temporary build directory. This fixes potential security
problems when a build accidentally stores its
TMPDIR in some critical place, such as an
RPATH. (eba840c8a13b465ace90172ff76a0db2899ab11b)In Linux sandbox builds, we now provide a default
/bin/sh (namely ash from
BusyBox). (a2d92bb20e82a0957067ede60e91fab256948b41)Make all configuration options available as command line
flags (b8283773bd64d7da6859ed520ee19867742a03ba).Support base-64
hashes. (c0015e87af70f539f24d2aa2bc224a9d8b84276b)nix-shell now used
bashInteractive from Nixpkgs, rather than the
bash command that happens to be in the caller’s
PATH. This is especially important on macOS where
the bash provided by the system is seriously
outdated and cannot execute stdenv’s setup
script.This release has contributions from TBD.