maurice/snix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
snix/doc/manual/release-notes/rl-1.9.xml
Eelco Dolstra 9be037448c Use sensible date format
2016-01-04 14:38:26 +01:00

216 lines
7.8 KiB
XML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<section xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="ssec-relnotes-1.9">
<title>Release 1.9 (2015-06-12)</title>
<para>In addition to the usual bug fixes, this release has the
following new features:</para>
<itemizedlist>
<listitem>
<para>Signed binary cache support. You can enable signature
checking by adding the following to <filename>nix.conf</filename>:
<programlisting>
signed-binary-caches = *
binary-cache-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=
</programlisting>
This will prevent Nix from downloading any binary from the cache
that is not signed by one of the keys listed in
<option>binary-cache-public-keys</option>.</para>
<para>Signature checking is only supported if you built Nix with
the <literal>libsodium</literal> package.</para>
<para>Note that while Nix has had experimental support for signed
binary caches since version 1.7, this release changes the
signature format in a backwards-incompatible way.</para>
</listitem>
<listitem>
<para>Automatic downloading of Nix expression tarballs. In various
places, you can now specify the URL of a tarball containing Nix
expressions (such as Nixpkgs), which will be downloaded and
unpacked automatically. For example:</para>
<itemizedlist>
<listitem><para>In <command>nix-env</command>:
<screen>
$ nix-env -f https://github.com/NixOS/nixpkgs-channels/archive/nixos-14.12.tar.gz -iA firefox
</screen>
This installs Firefox from the latest tested and built revision
of the NixOS 14.12 channel.</para></listitem>
<listitem><para>In <command>nix-build</command> and
<command>nix-shell</command>:
<screen>
$ nix-build https://github.com/NixOS/nixpkgs/archive/master.tar.gz -A hello
</screen>
This builds GNU Hello from the latest revision of the Nixpkgs
master branch.</para></listitem>
<listitem><para>In the Nix search path (as specified via
<envar>NIX_PATH</envar> or <option>-I</option>). For example, to
start a shell containing the Pan package from a specific version
of Nixpkgs:
<screen>
$ nix-shell -p pan -I nixpkgs=https://github.com/NixOS/nixpkgs-channels/archive/8a3eea054838b55aca962c3fbde9c83c102b8bf2.tar.gz
</screen>
</para></listitem>
<listitem><para>In <command>nixos-rebuild</command> (on NixOS):
<screen>
$ nixos-rebuild test -I nixpkgs=https://github.com/NixOS/nixpkgs-channels/archive/nixos-unstable.tar.gz
</screen>
</para></listitem>
<listitem><para>In Nix expressions, via the new builtin function <function>fetchTarball</function>:
<programlisting>
with import (fetchTarball https://github.com/NixOS/nixpkgs-channels/archive/nixos-14.12.tar.gz) {}; …
</programlisting>
(This is not allowed in restricted mode.)</para></listitem>
</itemizedlist>
</listitem>
<listitem>
<para><command>nix-shell</command> improvements:</para>
<itemizedlist>
<listitem><para><command>nix-shell</command> now has a flag
<option>--run</option> to execute a command in the
<command>nix-shell</command> environment,
e.g. <literal>nix-shell --run make</literal>. This is like
the existing <option>--command</option> flag, except that it
uses a non-interactive shell (ensuring that hitting Ctrl-C wont
drop you into the child shell).</para></listitem>
<listitem><para><command>nix-shell</command> can now be used as
a <literal>#!</literal>-interpreter. This allows you to write
scripts that dynamically fetch their own dependencies. For
example, here is a Haskell script that, when invoked, first
downloads GHC and the Haskell packages on which it depends:
<programlisting>
#! /usr/bin/env nix-shell
#! nix-shell -i runghc -p haskellPackages.ghc haskellPackages.HTTP
import Network.HTTP
main = do
resp &lt;- Network.HTTP.simpleHTTP (getRequest "http://nixos.org/")
body &lt;- getResponseBody resp
print (take 100 body)
</programlisting>
Of course, the dependencies are cached in the Nix store, so the
second invocation of this script will be much
faster.</para></listitem>
</itemizedlist>
</listitem>
<listitem>
<para>Chroot improvements:</para>
<itemizedlist>
<listitem><para>Chroot builds are now supported on Mac OS X
(using its sandbox mechanism).</para></listitem>
<listitem><para>If chroots are enabled, they are now used for
all derivations, including fixed-output derivations (such as
<function>fetchurl</function>). The latter do have network
access, but can no longer access the host filesystem. If you
need the old behaviour, you can set the option
<option>build-use-chroot</option> to
<literal>relaxed</literal>.</para></listitem>
<listitem><para>On Linux, if chroots are enabled, builds are
performed in a private PID namespace once again. (This
functionality was lost in Nix 1.8.)</para></listitem>
<listitem><para>Store paths listed in
<option>build-chroot-dirs</option> are now automatically
expanded to their closure. For instance, if you want
<filename>/nix/store/…-bash/bin/sh</filename> mounted in your
chroot as <filename>/bin/sh</filename>, you only need to say
<literal>build-chroot-dirs =
/bin/sh=/nix/store/…-bash/bin/sh</literal>; it is no longer
necessary to specify the dependencies of Bash.</para></listitem>
</itemizedlist>
</listitem>
<listitem><para>The new derivation attribute
<varname>passAsFile</varname> allows you to specify that the
contents of derivation attributes should be passed via files rather
than environment variables. This is useful if you need to pass very
long strings that exceed the size limit of the environment. The
Nixpkgs function <function>writeTextFile</function> uses
this.</para></listitem>
<listitem><para>You can now use <literal>~</literal> in Nix file
names to refer to your home directory, e.g. <literal>import
~/.nixpkgs/config.nix</literal>.</para></listitem>
<listitem><para>Nix has a new option <option>restrict-eval</option>
that allows limiting what paths the Nix evaluator has access to. By
passing <literal>--option restrict-eval true</literal> to Nix, the
evaluator will throw an exception if an attempt is made to access
any file outside of the Nix search path. This is primarily intended
for Hydra to ensure that a Hydra jobset only refers to its declared
inputs (and is therefore reproducible).</para></listitem>
<listitem><para><command>nix-env</command> now only creates a new
“generation” symlink in <filename>/nix/var/nix/profiles</filename>
if something actually changed.</para></listitem>
<listitem><para>The environment variable <envar>NIX_PAGER</envar>
can now be set to override <envar>PAGER</envar>. You can set it to
<literal>cat</literal> to disable paging for Nix commands
only.</para></listitem>
<listitem><para>Failing <literal>&lt;...></literal>
lookups now show position information.</para></listitem>
<listitem><para>Improved Boehm GC use: we disabled scanning for
interior pointers, which should reduce the “<literal>Repeated
allocation of very large block</literal>” warnings and associated
retention of memory.</para></listitem>
</itemizedlist>
<para>This release has contributions from aszlig, Benjamin Staffin,
Charles Strahan, Christian Theune, Daniel Hahler, Danylo Hlynskyi
Daniel Peebles, Dan Peebles, Domen Kožar, Eelco Dolstra, Harald van
Dijk, Hoang Xuan Phu, Jaka Hudoklin, Jeff Ramnani, j-keck, Linquize,
Luca Bruno, Michael Merickel, Oliver Dunkl, Rob Vermaas, Rok Garbas,
Shea Levy, Tobias Geerinckx-Rice and William A. Kennington III.</para>
</section>
Reference in a new issue View git blame Copy permalink