Understand the journey of package managers & how dependency hell emerged, then discover absolution via NIX ecosystem

1. NIXNIX
ABSOLUTION FROMABSOLUTION FROM
DEPENDENCY HELLDEPENDENCY HELL
@Keidrych Anton@Keidrych Anton

2. DEPENDENCY HELLDEPENDENCY HELL
“When people stop valuing simplicity over complexity“When people stop valuing simplicity over complexity
~ Barbara Liskov”~ Barbara Liskov”

3. HELL ISHELL IS
Dependencies > ApplicationDependencies > Application
npm install --save gatsby
…
+ gatsby@2.19.28
added 1 package from 1 contributor, removed 9 packages,
updated 10 packages and audited 19001 packages in 40.382s

4. HELL ISHELL IS
Long Chains & Con ictingLong Chains & Con icting
a
e
z
b c1
c2
d
f

5. HELL ISHELL IS
CircularCircular
a b

6. HELL ISHELL IS
DiamondDiamond
yum b
c
d2
d1

7. PACKAGE MANAGERSPACKAGE MANAGERS

8. YUMEDYUMED
yum install meetup
[..]
Error: 'meetup' conflicts with 'zoom'

9. SOLVINGSOLVING
Cycles via BootStrappingCycles via BootStrapping
Minimal System of a few dozen cyclical packagesMinimal System of a few dozen cyclical packages
Capable of providing dependencies for any otherCapable of providing dependencies for any other
packagepackage
Makes system harder to backdoorMakes system harder to backdoor
i.e.i.e. GentooGentoo

10. SOLVINGSOLVING
Con icts via AlternativesCon icts via Alternatives
vivi && vimvim
Di erent programs, aliased due toDi erent programs, aliased due to commoncommon
expectationexpectation

11. SOLVINGSOLVING
via Atomicity / Transactionalityvia Atomicity / Transactionality
Not available in legacy systemsNot available in legacy systems
Windows, Debian, RhelWindows, Debian, Rhel

12. SOLVINGSOLVING
via System Rollback / Versioningvia System Rollback / Versioning
Provided Transactionality existsProvided Transactionality exists
State of system is justState of system is just versioned snapshotsversioned snapshots
Package manager = transition function betweenPackage manager = transition function between
snapshotssnapshots

13. WHY SO MUCH PAIN?WHY SO MUCH PAIN?
Filesystem Hierarchy Standard (FHS) - via Linux -Filesystem Hierarchy Standard (FHS) - via Linux -
fundamentally incompatible with reproducibilityfundamentally incompatible with reproducibility
Version?Version?
Libraries used?Libraries used?
Flags during build?Flags during build?

14. AUTHOR /AUTHOR /
MAINTAINER CONTROLMAINTAINER CONTROL
AuthorAuthor
Typically more up-to-dateTypically more up-to-date
Wander in standards & readabilityWander in standards & readability
MaintainerMaintainer
Typically more stableTypically more stable
Rigor inRigor in same as other packagessame as other packages / Linted/ Linted

15. BINARY BLOBSBINARY BLOBS
App StoresApp Stores
OCI ContainersOCI Containers
SNAP / Flatpack / AppImageSNAP / Flatpack / AppImage
Ignore most of the issues with Package ManagersIgnore most of the issues with Package Managers

16. ¯_(ツ)_/¯¯_(ツ)_/¯
“Just Isolate FHS, all will be well…”“Just Isolate FHS, all will be well…”

17. LANGUAGES ARELANGUAGES ARE
SUPERIORSUPERIOR
AllowAllow LooseLoose versioningversioning ^1.0.0^1.0.0
Unable to manageUnable to manage otherother languageslanguages
Vary in quality depending on languages.Vary in quality depending on languages. MustMust
supportsupport pinningpinning
npm cinpm ci
vsvs pip installpip install ++ pip toolspip tools

19. NPM BUILDNPM BUILD
649 Dependencies to build NPM649 Dependencies to build NPM
NPMNPM neededneeded to build & manage NPMto build & manage NPM
CanCan be package manager for an Operatingbe package manager for an Operating
SystemSystem
NodeOSNodeOS

20. npm
@babel/code-frame@7.10.4
@babel/highlight@7.10.4
@babel/generator@7.11.6
@babel/types@7.11.5
jsesc@2.5.2
source-map@0.5.7
@babel/helper-function-name@7.10.4 @babel/helper-get-function-arity@7.10.4
@babel/template@7.10.4
@babel/helper-split-export-declaration@7.11.0
@babel/helper-validator-identifier@7.10.4
chalk@2.4.2
js-tokens@4.0.0
@babel/parser@7.11.5
@babel/traverse@7.11.5
debug@4.3.0
globals@11.12.0
lodash@4.17.20
to-fast-properties@2.0.0
@blueoak/list@1.0.2
@iarna/cli@1.2.0
signal-exit@3.0.3
update-notifier@2.5.0
yargs@8.0.2
@iarna/cli@2.1.0
glob@7.1.6
JSONStream@1.3.5
jsonparse@1.3.1
through@2.3.8abbrev@1.1.1
acorn-jsx@3.0.1
acorn@3.3.0
acorn@5.7.4
agent-base@4.2.1
es6-promisify@5.0.0
agent-base@4.3.0
agentkeepalive@3.5.2
humanize-ms@1.2.1
ajv-keywords@2.1.1
ajv@5.5.2
co@4.6.0
fast-deep-equal@1.1.0
fast-json-stable-stringify@2.1.0
json-schema-traverse@0.3.1
ajv@6.12.5 fast-deep-equal@3.1.3
json-schema-traverse@0.4.1
uri-js@4.4.0
ansi-align@2.0.0
string-width@2.1.1
ansi-escapes@3.2.0
ansi-regex@2.1.1
ansi-regex@3.0.0
ansi-regex@4.1.0
ansi-styles@2.2.1
ansi-styles@3.2.1 color-convert@1.9.3
ansicolors@0.3.2
ansistyles@0.1.3
append-transform@1.0.0
default-require-extensions@2.0.0
aproba@1.2.0
aproba@2.0.0
archy@1.0.0
are-we-there-yet@1.1.5
delegates@1.0.0
readable-stream@2.3.7
arg@4.1.3
argparse@1.0.10 sprintf-js@1.0.3
array-find-index@1.0.2
array-includes@3.1.1
define-properties@1.1.3
es-abstract@1.17.6
is-string@1.0.5
asap@2.0.6
asn1@0.2.4
safer-buffer@2.1.2
assert-plus@1.0.0
asynckit@0.4.0
aws-sign2@0.7.0
aws4@1.10.1
babel-code-frame@6.26.0
chalk@1.1.3esutils@2.0.3
js-tokens@3.0.2
balanced-match@1.0.0
base64-js@1.3.1
bcrypt-pbkdf@1.0.2
tweetnacl@0.14.5
bin-links@1.1.8
bluebird@3.7.2
cmd-shim@3.0.3gentle-fs@2.3.1
graceful-fs@4.2.4
npm-normalize-package-bin@1.0.1
write-file-atomic@2.4.3
bind-obj-methods@2.0.0
bl@4.0.3 buffer@5.6.0
inherits@2.0.4
readable-stream@3.6.0
boxen@1.3.0
camelcase@4.1.0
cli-boxes@1.0.0
term-size@1.2.0
widest-line@2.0.1
brace-expansion@1.1.11
concat-map@0.0.1
browser-process-hrtime@1.0.0
buffer-from@1.1.1
ieee754@1.1.13
builtin-modules@1.1.1
builtins@1.0.3
byline@5.0.0
byte-size@5.0.1
cacache@12.0.4
chownr@1.1.4
figgy-pudding@3.5.2
infer-owner@1.0.4
lru-cache@5.1.1
mississippi@3.0.0
mkdirp@0.5.5
move-concurrently@1.0.1
promise-inflight@1.0.1
rimraf@2.7.1
ssri@6.0.1
unique-filename@1.1.1
y18n@4.0.0
caching-transform@3.0.2
hasha@3.0.0
make-dir@2.1.0
package-hash@3.0.0
call-limit@1.1.1
caller-path@0.1.0
callsites@0.2.0
caller@1.0.1
camelcase@5.3.1
capture-stack-trace@1.0.1
caseless@0.12.0
escape-string-regexp@1.0.5
has-ansi@2.0.0
strip-ansi@3.0.1
supports-color@2.0.0
supports-color@5.5.0
chardet@0.4.2
ci-info@1.6.0
ci-info@2.0.0
cidr-regex@2.0.10 ip-regex@2.1.0
circular-json@0.3.3
clean-yaml-object@0.1.0
cli-columns@3.1.2
cli-cursor@2.1.0
restore-cursor@2.0.0
cli-table3@0.5.1 colors@1.4.0
object-assign@4.1.1
cli-width@2.2.1
cliui@3.2.0
string-width@1.0.2
wrap-ansi@2.1.0
cliui@5.0.0
string-width@3.1.0 strip-ansi@5.2.0
wrap-ansi@5.1.0
clone@1.0.4
code-point-at@1.1.0
color-name@1.1.3
color-support@1.1.3
columnify@1.5.4
wcwidth@1.0.1
combined-stream@1.0.8 delayed-stream@1.0.0
commondir@1.0.1
concat-stream@1.6.2 typedarray@0.0.6
config-chain@1.1.12
ini@1.3.5
proto-list@1.2.4
configstore@3.1.5
dot-prop@4.2.1
make-dir@1.3.0
unique-string@1.0.0
xdg-basedir@3.0.0
console-control-strings@1.1.0
contains-path@0.1.0
convert-source-map@1.7.0
safe-buffer@5.1.2
copy-concurrently@1.0.5
fs-write-stream-atomic@1.0.10 iferr@0.1.5
run-queue@1.0.3
core-util-is@1.0.2
correct-license-metadata@1.4.0
spdx-expression-validate@2.0.0
coveralls@3.1.0
js-yaml@3.14.0
lcov-parse@1.0.0
log-driver@1.2.7
minimist@1.2.5
request@2.88.2
cp-file@6.2.0 nested-error-stacks@2.1.0 pify@4.0.1
safe-buffer@5.2.1
create-error-class@3.0.2
cross-spawn@4.0.2
lru-cache@4.1.5
which@1.3.1
cross-spawn@5.1.0
shebang-command@1.2.0
crypto-random-string@1.0.0
cyclist@1.0.1
dashdash@1.14.1
debug-log@1.0.1
debug@2.6.9
ms@2.0.0
debug@3.1.0
debug@3.2.6
ms@2.1.2
debuglog@1.0.1
decamelize@1.2.0
decode-uri-component@0.2.0
deep-equal@0.2.1
deep-equal@1.1.1 is-arguments@1.0.4
is-date-object@1.0.2
is-regex@1.1.1
object-is@1.1.2
object-keys@1.1.1
regexp.prototype.flags@1.3.0
deep-extend@0.6.0
deep-is@0.1.3
strip-bom@3.0.0
defaults@1.0.3
deglob@2.1.1
find-root@1.1.0
ignore@3.3.10
pkg-config@1.1.1
run-parallel@1.1.9
uniq@1.0.1
detect-indent@5.0.0
detect-newline@2.1.0
dezalgo@1.0.3 wrappy@1.0.2
diff@1.4.0
diff@4.0.2
docopt@0.6.2
doctrine@1.5.0
isarray@1.0.0
doctrine@2.1.0
domain-browser@1.2.0
is-obj@1.0.1
dotenv@5.0.1
duplexer3@0.1.4
duplexify@3.7.1
end-of-stream@1.4.4
stream-shift@1.0.1
ecc-jsbn@0.1.2
jsbn@0.1.1
editor@1.0.0
emoji-regex@7.0.3
encoding@0.1.13
iconv-lite@0.6.2
once@1.4.0
env-paths@2.2.0
err-code@1.1.2
errno@0.1.7
prr@1.0.1
error-ex@1.3.2 is-arrayish@0.2.1
es-to-primitive@1.2.1
function-bind@1.1.1
has-symbols@1.0.1
has@1.0.3
is-callable@1.2.2
object-inspect@1.8.0
object.assign@4.1.1
string.prototype.trimend@1.0.1
string.prototype.trimstart@1.0.1
es-abstract@1.18.0-next.0 is-negative-zero@2.0.0
is-symbol@1.0.3
es6-error@4.1.1
es6-promise@4.2.8
eslint-config-standard-jsx@5.0.0
eslint-config-standard@11.0.0
eslint-import-resolver-node@0.3.4
resolve@1.17.0
eslint-module-utils@2.6.0
pkg-dir@2.0.0
eslint-plugin-import@2.9.0
minimatch@3.0.4
read-pkg-up@2.0.0
eslint-plugin-node@6.0.1
semver@5.7.1
eslint-plugin-promise@3.7.0
eslint-plugin-react@7.7.0
jsx-ast-utils@2.4.1
prop-types@15.7.2
eslint-plugin-standard@3.0.1
eslint-scope@3.7.3
esrecurse@4.3.0
estraverse@4.3.0
eslint-visitor-keys@1.3.0
eslint@4.18.2
espree@3.5.4
esquery@1.3.1
file-entry-cache@2.0.0
functional-red-black-tree@1.0.1
imurmurhash@0.1.4
inquirer@3.3.0
is-resolvable@1.1.0
json-stable-stringify-without-jsonify@1.0.1
levn@0.3.0
natural-compare@1.4.0
optionator@0.8.3
path-is-inside@1.0.2
pluralize@7.0.0
progress@2.0.3
require-uncached@1.0.3
strip-ansi@4.0.0
strip-json-comments@2.0.1
table@4.0.2
text-table@0.2.0
esm@3.2.25
esprima@4.0.1
estraverse@5.2.0
events-to-array@1.1.2
execa@0.7.0
get-stream@3.0.0
is-stream@1.1.0
npm-run-path@2.0.2
p-finally@1.0.0
strip-eof@1.0.0
extend@3.0.2
external-editor@2.2.0
iconv-lite@0.4.24
tmp@0.0.33
extsprintf@1.3.0
extsprintf@1.4.0
fast-levenshtein@2.0.6
figures@2.0.0
flat-cache@1.3.4
find-cache-dir@2.1.0
pkg-dir@3.0.0
find-npm-prefix@1.0.2
find-up@2.1.0
locate-path@2.0.0
find-up@3.0.0
locate-path@3.0.0
rimraf@2.6.3
write@0.2.1
flush-write-stream@1.1.1
foreground-child@1.5.6
forever-agent@0.6.1
form-data@2.3.3
mime-types@2.1.27
from2@1.3.0 readable-stream@1.1.14
from2@2.3.0
fs-access@2.0.0 null-check@1.0.0
fs-constants@1.0.0
fs-exists-cached@1.0.0
fs-minipass@1.2.7
minipass@2.9.0
fs-vacuum@1.2.10
fs.realpath@1.0.0
function-loop@1.0.2
gauge@2.7.4
has-unicode@2.0.1
wide-align@1.1.3
genfun@5.0.0
read-cmd-shim@1.0.5
slide@1.1.6
get-caller-file@1.0.3
get-caller-file@2.0.5
get-stdin@6.0.0
get-stream@4.1.0
pump@3.0.0
getpass@0.1.7
inflight@1.0.6
path-is-absolute@1.0.1
global-dirs@0.1.1
got@6.7.1
is-redirect@1.0.0
is-retry-allowed@1.2.0
lowercase-keys@1.0.1
timed-out@4.0.1
unzip-response@2.0.1
url-parse-lax@1.0.0
har-schema@2.0.0har-validator@5.1.5
has-flag@3.0.0
hock@0.2.5
hosted-git-info@2.8.8
html-escaper@2.0.2
http-cache-semantics@3.8.1
http-proxy-agent@2.1.0
http-signature@1.2.0
jsprim@1.4.1
sshpk@1.16.1
https-proxy-agent@2.2.4
iferr@1.0.2
ignore-walk@3.0.3
import-lazy@2.1.0
init-package-json@1.10.3
npm-package-arg@6.1.1
promzard@0.3.0
read-package-json@2.1.2
read@1.0.7
validate-npm-package-license@3.0.4
validate-npm-package-name@3.0.0
mute-stream@0.0.7
run-async@2.4.1
rx-lite-aggregates@4.0.8
rx-lite@4.0.8
invert-kv@1.0.0
ip@1.1.5
is-ci@1.2.1
is-cidr@3.1.1
is-fullwidth-code-point@1.0.0
number-is-nan@1.0.1
is-fullwidth-code-point@2.0.0
is-installed-globally@0.1.0
is-path-inside@1.0.1
is-npm@1.0.0
is-typedarray@1.0.0
isarray@0.0.1
isexe@2.0.0
isstream@0.1.2
istanbul-lib-coverage@2.0.5
istanbul-lib-hook@2.0.7
istanbul-lib-instrument@3.3.0
semver@6.3.0
istanbul-lib-report@2.0.8
supports-color@6.1.0
istanbul-lib-source-maps@3.0.6
source-map@0.6.1
istanbul-reports@2.2.7
json-parse-better-errors@1.0.2
json-parse-errback@2.0.1
json-parse-even-better-errors@2.3.1
json-schema@0.2.3
json-stringify-safe@5.0.1
verror@1.10.0
latest-version@3.1.0 package-json@4.0.1
lazy-property@1.0.0
lcid@1.0.0
prelude-ls@1.1.2type-check@0.3.2
libcipm@4.0.8
lock-verify@2.2.1
npm-lifecycle@3.1.5
npm-logical-tree@1.2.1
pacote@9.5.12
worker-farm@1.7.0
libnpm@3.0.1
libnpmaccess@3.0.2
libnpmconfig@1.2.1libnpmhook@5.0.3
libnpmorg@1.0.1
libnpmpublish@1.1.3
libnpmsearch@2.0.2
libnpmteam@1.0.2
npm-profile@4.0.4
npm-registry-fetch@4.0.7
npmlog@4.1.2
stringify-package@1.0.1
lodash.clonedeep@4.5.0
normalize-package-data@2.5.0
libnpx@10.2.4
yargs@14.2.3
licensee@7.0.3
npm-license-corrections@1.3.1
read-package-tree@5.3.1
simple-concat@1.0.1
spdx-expression-parse@3.0.1
spdx-osi@3.0.0
spdx-whitelisted@1.0.0
load-json-file@2.0.0
parse-json@2.2.0
pify@2.3.0
load-json-file@4.0.0
parse-json@4.0.0
pify@3.0.0
p-locate@2.0.0
path-exists@3.0.0
p-locate@3.0.0
lockfile@1.0.4
lodash._baseindexof@3.1.0
lodash._baseuniq@4.6.0
lodash._createset@4.0.3
lodash._root@3.0.1
lodash._bindcallback@3.0.1
lodash._cacheindexof@3.0.2
lodash._createcache@3.1.2 lodash._getnative@3.9.1
lodash.flattendeep@4.4.0
lodash.restparam@3.6.1
lodash.union@4.6.0
lodash.uniq@4.5.0
lodash.without@4.4.0
loose-envify@1.4.0
pseudomap@1.0.2
yallist@2.1.2
yallist@3.1.1
make-error@1.3.6
make-fetch-happen@5.0.2
node-fetch-npm@2.0.4
promise-retry@1.1.1
socks-proxy-agent@4.0.2
marked-man@0.7.0
marked@0.7.0
meant@1.0.2
mem@1.1.0
mimic-fn@1.2.0
merge-source-map@1.1.0
mime-db@1.44.0
minizlib@1.3.3
parallel-transform@1.2.0
pumpify@1.5.1
stream-each@1.2.3
through2@2.0.5
mute-stream@0.0.8
node-gyp@5.1.1
nopt@4.0.3
tar@4.4.13
osenv@0.1.5
npm-audit-report@1.3.3
npm-bundled@1.1.1
npm-cache-filename@1.0.2
npm-install-checks@3.0.2
resolve-from@4.0.0
uid-number@0.0.6
umask@1.1.0
npm-packlist@1.4.8
npm-pick-manifest@3.0.2
npm-registry-mock@1.3.1
readdir-scoped-modules@1.1.0
util-extend@1.0.3
path-key@2.0.1
npm-user-validate@1.0.0
npm@6.14.8
opener@1.5.2
qrcode-terminal@0.12.0
query-string@6.13.2
qw@1.0.1
read-installed@4.0.3
require-inject@1.4.4
retry@0.12.0
sha@3.0.0
sorted-object@2.0.1
sorted-union-stream@2.1.3
sprintf-js@1.1.2
standard@11.0.1
tacks@1.3.0
tap@12.7.0
tar-stream@2.1.4
tiny-relative-date@1.3.0
unpipe@1.0.0
uuid@3.4.0
set-blocking@2.0.0
nyc@14.1.1
spawn-wrap@1.4.3
test-exclude@5.2.3
yargs-parser@13.1.2
yargs@13.3.2
oauth-sign@0.9.0
object.getownpropertydescriptors@2.1.0
onetime@2.0.1
word-wrap@1.2.3
os-homedir@1.0.2
os-locale@2.1.0
os-tmpdir@1.0.2
own-or-env@1.0.1
own-or@1.0.0
p-limit@1.3.0 p-try@1.0.0
p-limit@2.3.0 p-try@2.2.0
release-zalgo@1.0.0
registry-auth-token@3.4.0
registry-url@3.1.0
protoduck@5.0.1
path-parse@1.0.6
path-type@2.0.0
path-type@3.0.0
performance-now@2.1.0
pkg-conf@2.1.0
xtend@4.0.2
prepend-http@1.0.4
process-nextick-args@2.0.1
retry@0.10.1
react-is@16.13.1
psl@1.8.0
pump@2.0.1
punycode@1.4.1
punycode@2.1.1
qs@6.5.2
split-on-first@1.1.0
strict-uri-encode@2.0.0
rc@1.2.8util-promisify@2.1.0
read-pkg@2.0.0
read-pkg-up@4.0.0
read-pkg@3.0.0
string_decoder@0.10.31
string_decoder@1.1.1
util-deprecate@1.0.2
string_decoder@1.3.0
tough-cookie@2.5.0
tunnel-agent@0.6.0
require-directory@2.1.1
require-main-filename@1.0.1
require-main-filename@2.0.0
resolve-from@1.0.1
semver-diff@2.1.0
shebang-regex@1.0.0
slice-ansi@1.0.0
smart-buffer@4.1.0
socks@2.3.3
stream-iterate@1.2.0
source-map-support@0.5.19
spdx-compare@1.0.0
spdx-ranges@2.1.1
spdx-correct@3.1.1
spdx-license-ids@3.0.6
spdx-exceptions@2.3.0
stack-utils@1.0.2
standard-engine@8.0.1
tap-mocha-reporter@3.0.9
tap-parser@5.4.0
unicode-length@1.0.3
tap-parser@7.0.0
tmatch@4.0.0
trivial-deferred@1.0.1
ts-node@8.10.2
tsame@2.0.1
typescript@3.9.7
yapool@1.0.0
yn@3.1.1
unique-slug@2.0.2
which-module@2.0.0
y18n@3.2.1
yargs-parser@15.0.1
yargs-parser@7.0.0

21. NIX BUILDNIX BUILD
34 Dependencies34 Dependencies
AnyAny system withsystem with glibcglibc can build & runcan build & run

22. nix-2.3.7
brotli-1.0.7-libcurl-7.71.1
aws-sdk-cpp-1.7.90
xz-5.2.5
xz-5.2.5-bin
bash-4.4-p23
libkrb5-1.18
openssl-1.1.1g
libssh2-1.9.0sqlite-3.32.3
coreutils-8.31
bzip2-1.0.6.0.1
bzip2-1.0.6.0.1-bin
editline-1.17.0
libsodium-1.0.18
busybox-1.31.1-x86_64-unknown-linux-musl
glibc-2.31
gzip-1.10
libseccomp-2.4.3-lib
boehm-gc-8.0.4
gcc-9.3.0-lib gnutar-1.32
zlib-1.2.11
nghttp2-1.40.0-lib
keyutils-1.6.1-lib attr-2.4.48
acl-2.2.53
aws-checksums-0.1.7
aws-c-event-stream-0.1.1
nix-2.3.7-man
libidn2-2.3.0
libunistring-0.9.10
aws-c-common-0.3.11

23. NIX BUILD NPMNIX BUILD NPM
25 Dependencies25 Dependencies
1 Extra Dependency than required to run NodeJS1 Extra Dependency than required to run NodeJS

24. node_npm-6.14.7
bash-4.4-p23
python-2.7.18
nodejs-12.18.3
icu4c-67.1
icu4c-67.1-dev
glibc-2.31
openssl-1.1.1g
sqlite-3.32.3 coreutils-8.31db-5.3.28
bzip2-1.0.6.0.1
zlib-1.2.11
ncurses-6.2
readline-6.3p08
gdbm-1.18.1 attr-2.4.48
acl-2.2.53 gcc-9.3.0-lib
libuv-1.38.1
openssl-1.1.1g-bin
openssl-1.1.1g-devzlib-1.2.11-dev
libidn2-2.3.0
libunistring-0.9.10

25. NIXNIX
“NIX can be the future of computing… if we can nd a“NIX can be the future of computing… if we can nd a
better way to explain it ~ Burke Libbey”better way to explain it ~ Burke Libbey”

26. NIX: STORENIX: STORE
Fixes FHS via:Fixes FHS via:
Directed Acrylic Graph (DAG) via lesystemDirected Acrylic Graph (DAG) via lesystem
DAG / StoreDAG / Store isis a Database, queries as sucha Database, queries as such
nix store query referencesnix store query references
/nix/store/zp9i44m81fmnkgrc9zz2yc3p/nix/store/zp9i44m81fmnkgrc9zz2yc3p
nix-2.3.6nix-2.3.6
Maintains integrity when directly copied between maMaintains integrity when directly copied between ma
(same architecture)(same architecture)

27. NIX: HASHNIX: HASH
zp9i44m81fmnkgrc9zz2yc3pix1ncnxbzp9i44m81fmnkgrc9zz2yc3pix1ncnxb
links to alinks to a .drv.drv (Derivation)(Derivation)
expands toexpands to
SeeSee
Derive([("out","/nix/store/9pqfirjppd91mzhkgh8xnn66iwh53zk2-hello
Nix Pill #18Nix Pill #18

28. EXPLAINING NIXEXPLAINING NIX
Maintenance / Upgrading a carMaintenance / Upgrading a car
Debian et al: Working on your car in yourDebian et al: Working on your car in your
own garage… results can varyown garage… results can vary
NIX: 3D Printing a new car every timeNIX: 3D Printing a new car every time
something changessomething changes

29. EXPLAINING NIXEXPLAINING NIX
Turning Complete LanguageTurning Complete Language
Con gurationCon guration
BuildingBuilding
RuntimeRuntime

30. EXPLAINING NIXEXPLAINING NIX
ProvidesProvides
Reproducability (any machine)Reproducability (any machine)
Atomicity / TransactionalityAtomicity / Transactionality
Binary Caching: S3 / Disk /Binary Caching: S3 / Disk /
Multiple Package Versions areMultiple Package Versions are normalnormal
Distributed & non-privileged BuildsDistributed & non-privileged Builds
CachixCachix
Integrated Secrets Management via SOPSIntegrated Secrets Management via SOPS

31. EXPLAINING NIXEXPLAINING NIX
NIX is:NIX is:
A Language (producingA Language (producing .drv.drv) into) into
A Store (building / executing) viaA Store (building / executing) via
A Sandbox assembling part / all ofA Sandbox assembling part / all of
An Operating System via *nixAn Operating System via *nix
Some or all functionality can be usedSome or all functionality can be used

32. DEMO: INSTALLING NIXDEMO: INSTALLING NIX
curl -L https://nixos.org/nix/install | sh

33. DEMO: HELLO WORLDDEMO: HELLO WORLD
helloWorld.nix
with import <nixpkgs> {};
let
# Use the let-in clause to assign the derivation to a variable
myScript = pkgs.writeShellScriptBin "helloWorld" "echo Hello Wo
in
stdenv.mkDerivation rec {
name = "test-environment";
# Add the derivation to the PATH
buildInputs = [ myScript ];
}

34. nix-shell helloWorld.nix

35. helloWorld.drv
Derive([("out","/nix/store/qsgajw2yhrf33qgibsvd9y8zaw64w7j7-helloW

36. helloWorld
nix-store --query --references /nix/store/qsgajw2yhrf33qgibsvd9y8
/nix/store/hrpvwkjz04s9i4nmli843hyw9z4pwhww-bash-4.4-p23

37. DEMO: CURL.NIXDEMO: CURL.NIX
curl.nix
with import <nixpkgs> {};
let
# The ${...} is for string interpolation
# The '' quotes are used for multi-line strings
simplePackage = pkgs.writeShellScriptBin "whatIsMyIp" ''
${pkgs.curl}/bin/curl http://httpbin.org/get
| ${pkgs.jq}/bin/jq --raw-output .origin
'';
in
stdenv.mkDerivation rec {
name = "test-environment";
buildInputs = [ simplePackage ];
}

38. POWER DEMO:POWER DEMO:
CONTAINIZENCONTAINIZEN