Distro agnostic packages like flatpaks and appimages have become extremely popular over the past few years, yet they seem to get a lot of dirt thrown on them because they are super bloated (since they bring all their dependencies with them).

NixPkgs are also distro agnostic, but they are about as light as regular system packages (.deb/.rpm/.PKG) all the while having an impressive 80 000 packages in their repos.

I don’t get why more people aren’t using them, sure they do need some tweaking but so do flatpaks, my main theory is that there are no graphical installer for them and the CLI installer is lacking (no progress bar, no ETA, strange syntax) I’m also scared that there is a downside to them I dont know about.

  • toasteecup@lemmy.world
    link
    fedilink
    English
    arrow-up
    2
    ·
    9 months ago

    So it sounds like nixpkgs is more akin to virtualenvs in Python rather than a traditional package manager. Is that an accurate statement?

    If so, I’d recommend that be your selling point because that’s some powerful security.

    • Shareni@programming.dev
      link
      fedilink
      arrow-up
      4
      ·
      9 months ago

      Nixpkgs: the official nix repository

      Nix shell: only creates a venv with extra packages

      Nix develop: full environment configuration on top of nix shell, so you can for example set up project specific envars

      Besides that, nix can also work for regular userland packages as an:

      • imperative package manager (same style as apt install)

      • declarative package manager (you make a list of packages, nix/home-manager ensures they’re installed)

      The selling point for me is that I can just write a list of packages, and have the bleeding edge versions installed on top of Debian. I can git that list and have all of my packages available on every device, no matter the os or distro.

        • Shareni@programming.dev
          link
          fedilink
          arrow-up
          2
          ·
          9 months ago

          Here’s a part of my other comment because the docs are horrible:

          It’s just a list of packages, and an optional flake to control the repositories (stable/unstable) and add packages from outside of the official ones.

          To update everything nix related I just run:

          cd ~/dotfiles/nix/ && nix flake update && home-manager switch

          It took me days to get to that point simply because you need to trawl through outdated and nixos resources. Those examples + home-manager manual will get you going in 10 minutes.

    • 2xsaiko@discuss.tchncs.de
      link
      fedilink
      arrow-up
      1
      ·
      9 months ago

      For development, yeah you’re supposed to use it like that, as opposed to installing dependencies systemwide. I don’t think you can even really do that on NixOS.

      However, it has nothing to do with security though, but rather dependency isolation, so you can use one version of library X for one project and another for the other without them conflicting.

      • toasteecup@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        9 months ago

        I mean, security is an unintended outcome of it. Any kind of isolation of packages provides a level of security.

        • 2xsaiko@discuss.tchncs.de
          link
          fedilink
          arrow-up
          2
          ·
          9 months ago

          Ehhhh, security by obscurity if anything. Every downloaded or built nix package is in /nix/store and readable for every user.