LWN: Comments on "Security and reproducible-build progress in Guix 0.11"

Security and reproducible-build progress in Guix 0.11

acyclic — Tue, 16 Aug 2016 02:07:48 +0000

I wish one of these marvelous new functional package managers would integrate blockchain technology. Then you'll have reproducibility, immutability and better resistance to spoofing attacks.
Bonus points for the first package manager to include a system for making micro-payments to the packagers & authors.

Security and reproducible-build progress in Guix 0.11

gasche — Sun, 14 Aug 2016 08:09:47 +0000

The package description language for Guix *is* a Scheme, while the package description language for Nix is a home-made language that is not Haskell (iirc. it is dynamically typed, etc.). I don't know what you mean by "semantics" in this context.

I also remarked these lines in the article that are wrong -- nothing very serious, but still a fairly misleading claim. One argument for Guix is that Nix's language is limiting, and it would certainly have much less traction if Nix actually used Haskell.

Security and reproducible-build progress in Guix 0.11

mhw — Fri, 12 Aug 2016 04:42:55 +0000

Correction: the USB installer debuted with the Guix 0.7 release. See http://savannah.gnu.org/forum/forum.php?forum_id=8034

Security and reproducible-build progress in Guix 0.11

gnu — Fri, 12 Aug 2016 03:21:55 +0000

> Haskell in Nix's case, Scheme in Guix's

As far as I know, the Nix's declarative language is *not* Haskell. It is an untyped language invented by the Nix folks. In the case of Guix, the declarative language is Scheme.

Security and reproducible-build progress in Guix 0.11

servilio-ap — Thu, 11 Aug 2016 15:57:10 +0000

Though you are right regarding the implementation languages for the Nix expression interpreter, the article author was referring to the semantics of the package description languages. Don't know how accurate he is in that regards, though I don't remember any Haskell reference in the Nix expression language description in the manual.

Security and reproducible-build progress in Guix 0.11

davexunit — Thu, 11 Aug 2016 14:37:51 +0000

Yes, you can install Guix on top of your daily driver GNU/Linux system. At work, my workstation runs Ubuntu LTS, but I use Guix to provide things like the latest Emacs, all of my elisp packages, GCC, and also replace some developer tools like RVM and virtualenv.

Here's some instructions for bootstrapping Guix on your non-GuixSD system: https://www.gnu.org/software/guix/manual/html_node/Binary...

Security and reproducible-build progress in Guix 0.11

peterhoeg — Thu, 11 Aug 2016 13:47:44 +0000

Minor correction: While Nix (and NixOS) are very popular with the Haskell crowd, Nix (the package manager) is written in C++ and Perl and the system and package definitions written in Nix (the language).

Security and reproducible-build progress in Guix 0.11

mageta — Thu, 11 Aug 2016 12:36:46 +0000

So, do I understand it right that Guix can be installed in parallel to a existing distribution such as Debian, and essentially be used w/o interfering with that Distro? So it might be used to e.g. get a more up-to-date toolchain in parallel to a stable base-system? That would sound interesting for me.

And I wonder if this can tackle many of the problems that the folks at gentoo's portage have gone through pains to solve over the last decade, such as having multiple package-versions in parallel (e.g. multiple GCCs, with each a own update-stream), multi-arch (x86 <-> x86_64) on the same system, supporting dependencies for packages such as python where at least some can run on 2.X, 3.X, pypyX, .. the whole configure-option 'hell' to begin with and such, when compiling all from source (and many more that I am note even aware of right now). Or maybe that is not the target of this project? It just seems a bit like all these projects 're-start' this whole learn-process yet again - might also be that I don't get the 'real' point, not precluding that.