maurice/snix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
snix/doc/manual/release-notes/rl-2.0.xml
Shea Levy 88cd2d41ac
Add plugins to make Nix more extensible. 
All plugins in plugin-files will be dlopened, allowing them to
statically construct instances of the various Register* types Nix
supports.
2018-02-08 12:44:37 -05:00

438 lines
15 KiB
XML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<section xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="ssec-relnotes-2.0">
<title>Release 2.0 (2018-02-??)</title>
<para>This release has the following new features:</para>
<itemizedlist>
<listitem>
<para>Start of new <command>nix</command> command line
interface. This is a work in progress and the interface is subject
to change.</para>
<itemizedlist>
<listitem><para>Self-documenting: <option>--help</option> shows
all available command-line arguments.</para></listitem>
<listitem><para><option>--help-config</option> shows all
configuration options.</para></listitem>
<listitem><para><command>nix build</command>: Replacement for
<command>nix-build</command>.</para></listitem>
<listitem><para><command>nix ls-store</command> and <command>nix
ls-nar</command> allow listing the contents of a store path or
NAR file.</para></listitem>
<listitem><para><command>nix cat-store</command> and
<command>nix cat-nar</command> allow extracting a file from a
store path or NAR file.</para></listitem>
<listitem><para><command>nix verify</command> checks whether a
store path is unmodified and/or is trusted.</para></listitem>
<listitem><para><command>nix copy-sigs</command> copies
signatures from one store to another.</para></listitem>
<listitem><para><command>nix sign-paths</command> signs store
paths.</para></listitem>
<listitem><para><command>nix copy</command> copies paths between
arbitrary Nix stores, generalising
<command>nix-copy-closure</command> and
<command>nix-push</command>.</para></listitem>
<listitem><para><command>nix path-info</command> shows
information about store paths.</para></listitem>
<listitem><para><command>nix run</command> starts a shell in
which the specified packages are available.</para></listitem>
<listitem><para><command>nix log</command> shows the build log
of a package or path. If the build log is not available locally,
it will try to obtain it from a binary cache.</para></listitem>
<listitem><para><command>nix eval</command> replaces
<command>nix-instantiate --eval</command>.</para></listitem>
<listitem><para><command>nix dump-path</command> to get a NAR
from a store path.</para></listitem>
<listitem><para><command>nix edit</command> opens the source
code of a package in an editor.</para></listitem>
<listitem><para><command>nix search</command> replaces
<command>nix-env -qa</command>. It searches the available
packages for occurences of a search string in the attribute
name, package name or description. It caches available packages
to speed up searches.</para></listitem>
<listitem><para><command>nix why-depends</command> (d41c5eb13f4f3a37d80dbc6d3888644170c3b44a).</para></listitem>
<listitem><para><command>nix show-derivation</command> (e8d6ee7c1b90a2fe6d824f1a875acc56799ae6e2).</para></listitem>
<listitem><para><command>nix add-to-store</command> (970366266b8df712f5f9cedb45af183ef5a8357f).</para></listitem>
<listitem><para><command>nix upgrade-nix</command> upgrades Nix
to the latest stable version. This requires that Nix is
installed in a profile. (Thus it wont work on NixOS, or if its
installed outside of the Nix store.)</para></listitem>
<listitem><para>Progress indicator.</para></listitem>
<listitem><para>All options are available as flags now
(b8283773bd64d7da6859ed520ee19867742a03ba).</para></listitem>
</itemizedlist>
</listitem>
<listitem>
<para>The external program <command>nix-repl</command> has been
integrated into Nix as <command>nix repl</command>.</para>
</listitem>
<listitem>
<para>If a fixed-output derivation produces a result with an
incorrect hash, the output path will be moved to the location
corresponding to the actual hash and registered as valid. Thus, a
subsequent build of the fixed-output derivation with the correct
hash is unnecessary.</para>
</listitem>
<listitem>
<para>It is no longer necessary to set the
<envar>NIX_REMOTE</envar> environment variable if you need to use
the Nix daemon. Nix will use the daemon automatically if you dont
have write access to the Nix database.</para>
</listitem>
<listitem>
<para>The Nix language now supports floating point numbers. They are
based on regular C++ <literal>float</literal> and compatible with
existing integers and number-related operations. Export and import to and
from JSON and XML works, too.</para>
</listitem>
<listitem>
<para><command>nix-shell</command> now sets the
<varname>IN_NIX_SHELL</varname> environment variable during
evaluation and in the shell itself. This can be used to perform
different actions depending on whether youre in a Nix shell or in
a regular build. Nixpkgs provides
<varname>lib.inNixShell</varname> to check this variable during
evaluation. (bb36a1a3cf3fbe6bc9d0afcc5fa0f928bed03170)</para>
</listitem>
<listitem>
<para>Internal: all <classname>Store</classname> classes are now
thread-safe. <classname>RemoteStore</classname> supports multiple
concurrent connections to the daemon. This is primarily useful in
multi-threaded programs such as
<command>hydra-queue-runner</command>.</para>
</listitem>
<listitem>
<para>The dependency on Perl has been removed. As a result, some
(obsolete) programs have been removed: <command>nix-push</command>
(replaced by <command>nix copy</command>),
<command>nix-pull</command> (obsoleted by binary caches),
<command>nix-generate-patches</command>,
<command>bsdiff</command>, <command>bspatch</command>.</para>
</listitem>
<listitem>
<para>Improved store abstraction. Substituters
eliminated. BinaryCacheStore, LocalBinaryCacheStore,
HttpBinaryCacheStore, S3BinaryCacheStore (compile-time
optional), SSHStore. Add docs + examples?
</para>
</listitem>
<listitem>
<para>Nix now stores signatures for local store
paths. Locally-built paths are now signed automatically using the
secret keys specified by the <option>secret-key-files</option>
store option.</para>
<para>In addition, store paths that have been built locally are
marked as “ultimately trusted”, and content-addressable store
paths carry a “content-addressability assertion” that allow them
to be trusted without any signatures.</para>
</listitem>
<listitem>
<para><envar>NIX_PATH</envar> is now lazy, so URIs in the path are
only downloaded if they are needed for evaluation.</para>
</listitem>
<listitem>
<para>You can now use
<uri>channel:<replaceable>channel-name</replaceable></uri> as a
short-hand for
<uri>https://nixos.org/channels/<replaceable>channel-name</replaceable>/nixexprs.tar.xz</uri>. For
example, <literal>nix-build channel:nixos-15.09 -A hello</literal>
will build the GNU Hello package from the
<literal>nixos-15.09</literal> channel.</para>
</listitem>
<listitem>
<para>When <option>--no-build-output</option> is given, the last
10 lines of the build log will be shown if a build
fails.</para>
</listitem>
<listitem>
<para><function>builtins.fetchGit</function>.
(38539b943a060d9cdfc24d6e5d997c0885b8aa2f)</para>
</listitem>
<listitem>
<para><literal>&lt;nix/fetchurl.nix&gt;</literal> now uses the
content-addressable tarball cache at
<uri>http://tarballs.nixos.org/</uri>, just like
<function>fetchurl</function> in
Nixpkgs. (f2682e6e18a76ecbfb8a12c17e3a0ca15c084197)</para>
</listitem>
<listitem>
<para>Chroot Nix stores: allow the “physical” location of the Nix
store (e.g. <filename>/home/alice/nix/store</filename>) to differ
from its “logical” location (typically
<filename>/nix/store</filename>). This allows non-root users to
use Nix while still getting the benefits from prebuilt binaries
from
<uri>cache.nixos.org</uri>. (4494000e04122f24558e1436e66d20d89028b4bd,
3eb621750848e0e6b30e5a79f76afbb096bb6c8a)</para>
</listitem>
<listitem>
<para>On Linux, builds are now executed in a user
namespace with uid 1000 and gid 100.</para>
</listitem>
<listitem>
<para><function>builtins.fetchurl</function> and
<function>builtins.fetchTarball</function> now support
<varname>sha256</varname> and <varname>name</varname>
attributes.</para>
</listitem>
<listitem>
<para><literal>HttpBinaryCacheStore</literal> (the replacement of
<command>download-from-binary-cache</command>) now retries
automatically on certain HTTP error codes.</para>
</listitem>
<listitem>
<para>Derivation attributes can now reference the outputs of the
derivation using the <function>placeholder</function> builtin
function. For example, the attribute
<programlisting>
configureFlags = "--prefix=${placeholder "out"} --includedir=${placeholder "dev"}";
</programlisting>
will cause the <envar>configureFlags</envar> environment variable
to contain the actual store paths corresponding to the
<literal>out</literal> and <literal>dev</literal> outputs. TODO:
add docs.</para>
</listitem>
<listitem>
<para>Support for HTTP/2. This makes binary cache lookups much
more efficient. (90ad02bf626b885a5dd8967894e2eafc953bdf92)</para>
</listitem>
<listitem>
<para>The <option>build-sandbox-paths</option> configuration
option can now specify optional paths by appending a
<literal>?</literal>, e.g. <literal>/dev/nvidiactl?</literal> will
bind-mount <varname>/dev/nvidiactl</varname> only if it
exists.</para>
</listitem>
<listitem>
<para>More support for testing build reproducibility: when
<option>enforce-determinism</option> is set to
<literal>false</literal>, its no longer a fatal error build
rounds produce different output
(8bdf83f936adae6f2c907a6d2541e80d4120f051); add a hook to run
diffoscope when build rounds produce different output
(9a313469a4bdea2d1e8df24d16289dc2a172a169w).</para>
</listitem>
<listitem>
<para>Kill builds as soon as stdout/stderr is closed. This fixes a
bug that allowed builds to hang Nix indefinitely (regardless of
timeouts). (21948deed99a3295e4d5666e027a6ca42dc00b40)</para>
</listitem>
<listitem>
<para>Add support for passing structured data to builders. TODO:
document. (6de33a9c675b187437a2e1abbcb290981a89ecb1)</para>
</listitem>
<listitem>
<para><varname>exportReferencesGraph</varname>: Export more
complete info in JSON
format. (c2b0d8749f7e77afc1c4b3e8dd36b7ee9720af4a)</para>
</listitem>
<listitem>
<para>Support for
netrc. (e6e74f987f0fa284d220432d426eb965269a97d6,
302386f775eea309679654e5ea7c972fb6e7b9af)</para>
</listitem>
<listitem>
<para>Support <uri>s3://</uri> URIs in all places where Nix allows
URIs. (9ff9c3f2f80ba4108e9c945bbfda2c64735f987b)</para>
</listitem>
<listitem>
<para>The <option>build-max-jobs</option> option can be set to
<literal>auto</literal> to use the number of CPUs in the
system. (7251d048fa812d2551b7003bc9f13a8f5d4c95a5)</para>
</listitem>
<listitem>
<para>Add support for Brotli compression.
<uri>cache.nixos.org</uri> compresses build logs using
Brotli.</para>
</listitem>
<listitem>
<para>Substitutions from binary caches now require signatures by
default. This was already the case on
NixOS. (ecbc3fedd3d5bdc5a0e1a0a51b29062f2874ac8b)</para>
</listitem>
<listitem>
<para><command>nix-env</command> now ignores packages with bad
derivation names (in particular those starting with a digit or
containing a
dot). (b0cb11722626e906a73f10dd9a0c9eea29faf43a)</para>
</listitem>
<listitem>
<para>Renamed various configuration options. (TODO: in progress)</para>
</listitem>
<listitem>
<para>Remote machines can now be specified on the command
line. TODO:
document. (1a68710d4dff609bbaf61db3e17a2573f0aadf17)</para>
</listitem>
<listitem>
<para>In Linux sandbox builds, we now use
<filename>/build</filename> instead of <filename>/tmp</filename>
as the temporary build directory. This fixes potential security
problems when a build accidentally stores its
<envar>TMPDIR</envar> in some critical place, such as an
RPATH. (eba840c8a13b465ace90172ff76a0db2899ab11b)</para>
</listitem>
<listitem>
<para>In Linux sandbox builds, we now provide a default
<filename>/bin/sh</filename> (namely <filename>ash</filename> from
BusyBox). (a2d92bb20e82a0957067ede60e91fab256948b41)</para>
</listitem>
<listitem>
<para>Make all configuration options available as command line
flags (b8283773bd64d7da6859ed520ee19867742a03ba).</para>
</listitem>
<listitem>
<para>Support base-64
hashes. (c0015e87af70f539f24d2aa2bc224a9d8b84276b)</para>
</listitem>
<listitem>
<para><command>nix-shell</command> now uses
<varname>bashInteractive</varname> from Nixpkgs, rather than the
<command>bash</command> command that happens to be in the callers
<envar>PATH</envar>. This is especially important on macOS where
the <command>bash</command> provided by the system is seriously
outdated and cannot execute <literal>stdenv</literal>s setup
script.</para>
</listitem>
<listitem>
<para>New builtin functions: <function>builtins.split</function>
(b8867a0239b1930a16f9ef3f7f3e864b01416dff),
<function>builtins.partition</function>.</para>
</listitem>
<listitem>
<para>Automatic garbage collection.</para>
</listitem>
<listitem>
<para><command>nix-store -q --roots</command> and
<command>nix-store --gc --print-roots</command> now show temporary
and in-memory roots.</para>
</listitem>
<listitem>
<para>Builders can now communicate what build phase they are in by
writing messages to the file descriptor specified in
<envar>NIX_LOG_FD</envar>. (88e6bb76de5564b3217be9688677d1c89101b2a3)
</para>
</listitem>
<listitem>
<para>
Nix can now be extended with plugins. See the documentation of
the 'plugin-files' option for more details.
</para>
</listitem>
</itemizedlist>
<para>Some features were removed:</para>
<itemizedlist>
<listitem>
<para>“Nested” log output. As a result,
<command>nix-log2xml</command> was also removed.</para>
</listitem>
<listitem>
<para>OpenSSL-based signing. (f435f8247553656774dd1b2c88e9de5d59cab203)</para>
</listitem>
<listitem>
<para>Caching of failed
builds. (8cffec84859cec8b610a2a22ab0c4d462a9351ff)</para>
</listitem>
<listitem>
<para><filename>nix-mode.el</filename> has been removed from
Nix. It is now a separate repository in
<uri>https://github.com/NixOS/nix-mode</uri> and can be installed
through the MELPA package repository.</para>
</listitem>
<listitem>
<para>In restricted evaluation mode
(<option>--restrict-eval</option>), builtin functions that
download from the network (such as <function>fetchGit</function>)
are permitted to fetch underneath the list of URI prefixes
specified in the option <option>allowed-uris</option>.</para>
</listitem>
</itemizedlist>
<para>This release has contributions from TBD.</para>
</section>
Reference in a new issue View git blame Copy permalink