←back to thread

Nix Derivation Madness

(fzakaria.com)
184 points birdculture | 3 comments | 31 Oct 25 14:28 UTC | HN request time: 0s | source
Show context
eviks ◴[31 Oct 25 16:21 UTC] No.45773806[source]
> nix/store/24v9wpp393ib1gllip7ic13aycbi704g-ruby-3.3.9.drv

A different type of madness, but are ugly names so common, why not start with ruby-3.3.9 so any list of files is semantically sorted/readable?

replies(6): >>45773869 #>>45774382 #>>45774390 #>>45776319 #>>45777560 #>>45778772 #
Kootle ◴[31 Oct 25 17:18 UTC] No.45774390[source]
In nix packages (derivations) are so lightweight that your store has tens of thousands of them, many with the same name, or with no meaningful name at all. On the rare occasions that you need to look in the store for a package you’re much more likely to be looking for a particular hash than a particular name. That, and having the hash as a prefix looks nicer in tabular output.
replies(2): >>45774723 #>>45780928 #
Ericson2314 ◴[31 Oct 25 17:49 UTC] No.45774723[source]
If I had my way

1. store paths would have no names at all

2. listing the contents of the store directory would not be allowed

3. store paths have more bits of information

Then store paths are halfway decent (but non-revocable) capabilities.

replies(3): >>45774760 #>>45775711 #>>45776985 #
eviks ◴[31 Oct 25 19:22 UTC] No.45775711[source]
> 2. listing the contents of the store directory would not be allowed

Wow, that's awful, that's what Windows AppStore does, so it's even hard to see how much of the preinstalled garbage there is or even whether you might have a huge game you forgot to uninstall but might want to to free up some space.

What's the cool benefit that could justify this limitation?

replies(2): >>45776716 #>>45777280 #
tadfisher ◴[31 Oct 25 22:14 UTC] No.45777280[source]
Nothing should rely on how store paths are named, ever. Like, there is actually no reason to know that hash 1234abc is a certain output of derivation xyz-12.1.0. The contents of the store can be garbage-collected at any point. So you actively do not want things outside the Nix store (or managed by NixOS tools, or Nix-aware tools) referencing paths in /nix/store.

If you do something like write a config file that references /nix/store/1234abc-xyz-12.1.0/bin/xyz, that config file will break the next time you update the derivation that produces that path. Again, this makes knowing what things are in the store completely pointless unless you are writing Nix-aware tooling or debugging, in which case there are tools to show you what path your derivation produced. But you should never need to do the opposite, which is to resolve which derivation produced a path in /nix/store/.

The Windows Store problem is completely orthogonal; paths in /nix/store are not "installed" on your system, they are derivations or outputs of Nix derivations. NixOS "installs" things by adding some of these to your PATH in a shell script that is also a derivation output in /nix/store.

replies(2): >>45777446 #>>45780230 #
1. gf000 ◴[01 Nov 25 08:59 UTC] No.45780230[source]
I'm afraid this doesn't work in a generic Unix world -- what stops an application from saving some env variable it was first initialized with into its local config and later accessing them (and potentially failing if they were GCd in the meanwhile)? E.g. many developer tools store references to compilers and the like.
replies(1): >>45787673 #
2. Ericson2314 ◴[02 Nov 25 03:33 UTC] No.45787673[source]
Nix is over 20 years old. We've fought all those tools and won by now. (I.e. we've figured out how to configure them to not do that when we don't want them too.)
replies(1): >>45788439 #
3. gf000 ◴[02 Nov 25 07:16 UTC] No.45788439[source]
I am using Nix everywhere and have some packages contributed, so I do know how it goes - and there absolutely are cases like I have mentioned. Sure, apps can be patched, problems can be circumvented, but a fundamentally malicious/ignorant program can end up a pain in the ass for nix to manage (without bringing out the big guns like build FHS env)