Off The Main Thread Podcast

More build tools: Nix

After talking about Bazel in one of our previous episodes, we are now looking at Nix, a build system that has been getting increasing attention lately.

Resources:

Transcript
  1. Surma:I know there's like two camps of people.
  2. Surma:The people who like ASMR and the people who get freaked out by mouth sounds.
  3. Jake:Oh, yeah, a little... I don't like the little mouse sounds. No, no, no, no, no. In particular,
  4. Jake:podcasts, if you've got that... It's a lip-smacking thing. I'm like, no, no, no, no, no, no, no.
  5. Jake:Edit it out. Edit it out. Oh, hope we don't do that.
  6. Jake:Welcome to another episode of OTMT, a podcast about... What do we do here, Simon? Web things!
  7. Jake:Hi, I'm Jake, and Shopify lets us do this, and we're ever-grateful.
  8. Surma:And I'm Surma.
  9. Surma:Thank you, Shopify.
  10. Surma:I think it actually has been too long without a bathroom story, and there is a story that
  11. Surma:I need to share with you.
  12. Jake:Oh, I'm ready. I am in the receive position for your bathroom story.
  13. Jake:Thrown. Absolutely.
  14. Surma:Are you on the edge of your...?
  15. Surma:This was when I was on vacation, and I was in, like, a restaurant, and I wanted to wash
  16. Surma:my hands.
  17. Surma:I was not even, you know, not even bodily functions.
  18. Surma:Just wanted to wash my hands.
  19. Surma:Went into a really nice-looking bathroom, you know, like, they're going to have, you
  20. Surma:know, like, proper cotton towel stacks and those kind of things.
  21. Surma:And the sinks were really quite interesting.
  22. Surma:So it was like a big mirror on the wall, like, one... basically, the entire wall was just
  23. Surma:one mirror.
  24. Surma:And then the sinks were at a 45-degree angle going into the wall, so you had, like, one
  25. Jake:I see kind of trough sort of thing. Wait, hang on. This was this was definitely the
  26. Surma:super long sink in front of you, effectively, so multiple people could wash their hands
  27. Surma:next to each other.
  28. Surma:Yeah, okay.
  29. Surma:Like a trough.
  30. Surma:Yes, I did double-check.
  31. Jake:sink and not the urinal. OK. Oh, so you're going to get you're going to get all angles
  32. Surma:But also, wouldn't it be weird if you had a urinal with a big-ass mirror in front of
  33. Surma:you?
  34. Surma:And by the way, the trough itself was also a mirror.
  35. Surma:Yeah, you know, if you need a good checking out, that's the place to be.
  36. Jake:of your of your little lad. Oh, I see. Yes. OK, I'm with you.
  37. Surma:So you kind of hold your hands into this trough, and, like, the trough goes a bit under
  38. Surma:the wall, and then suddenly water comes out, like, you kind of know them from, like, airports,
  39. Surma:kind of, like, auto-sensing things.
  40. Surma:And so I was washing my hands, admiring the undersides of my hands in the mirror of the
  41. Surma:trough, and suddenly, from below the sink, from basically inside the wall, hands appear
  42. Jake:What? No, I want my money back.
  43. Surma:with really nicely done red nail polish.
  44. Surma:And I let out a little yelp, and that's when I understood that this wall was shared with
  45. Surma:the ladies' room, and from both sides, basically, the wall contained the taps.
  46. Surma:And then the trough came in from both sides with a cut-through in the wall, and you could
  47. Surma:watch each other's hands, how they wash.
  48. Jake:I don't know. No, I I disinvest in this idea.
  49. Jake:Like, yeah, because there's a chance of just, you know, two people going in at the same
  50. Surma:Yeah, like a, like a nice little post-bathroom break handshake, is that not what you're looking
  51. Jake:time and a hand collision. And I would have to get a flight back home.
  52. Surma:for?
  53. Jake:Bathroom break, handshake. I mean, now I hear it rhyming. I like it.
  54. Surma:Now there's, there's a niche, there's a brand, yeah, it's, it really has burned itself into
  55. Surma:my brain as a startling experience that, and then, when you start, when you keep watching,
  56. Jake:Does sound like the kind of thing like someone who works in finance in the city would say
  57. Surma:and you realize there's more hands, it's just like these disembodied hands kind of wringing
  58. Surma:around each other to wash themselves.
  59. Surma:Very Addams Family, it was surreal.
  60. Jake:is like, excuse me, let's just going off through a bathroom break, handshake.
  61. Jake:You know what I mean? I mean, I don't know what you mean.
  62. Jake:No, you know what I mean? I don't know what you mean.
  63. Jake:Yeah, you know what I mean? Yeah, that's.
  64. Surma:That's probably also the people who would enjoy this the most, and not be startled by
  65. Jake:Yeah, they built it. Yeah, absolutely.
  66. Surma:it.
  67. Surma:So instead of analyzing this further and re-traumatizing myself, should we talk about tech, I suppose?
  68. Jake:Oh, wait, wait, what? This I don't like change.
  69. Surma:Ah, well, no, I know.
  70. Surma:Well, it is, it is useful for web development, so, you know, I'm going to talk about Nix.
  71. Jake:I.
  72. Jake:Hmm.
  73. Surma:So a couple months ago, I think, I don't know how long ago it is now, actually, I did an
  74. Surma:episode about Bazel, which also, you know, not really web development, but kind of tangential
  75. Surma:because it can be used for web development, and Nix is the same.
  76. Surma:It's also a build system, and I have been learning it, and I have become a big old fan
  77. Jake:Oh.
  78. Surma:of it.
  79. Surma:And therefore, I'm now here to kind of like talk a bit about why, because I do think it
  80. Jake:Hmm.
  81. Surma:is really interesting to think about.
  82. Surma:It genuinely has made me question certain things about why our current incarnation of
  83. Surma:operating system, build systems work the way they do, because some of these things seem
  84. Surma:kind of like bad choices in retrospect.
  85. Jake:I do think that there's so much of the web-built systems that we use
  86. Jake:that kind of haven't maybe learned enough from some of these grander scale systems,
  87. Surma:It even made me question some of the choices that, for example, the current Rust compiler
  88. Jake:so I'm excited to hear more about this.
  89. Surma:toolchain makes, like not question it, but you kind of realize they're all built on assumptions
  90. Surma:that have been around for ages, and they kind of work, but we could be, we could be doing
  91. Surma:so much better.
  92. Jake:Before you dive into that, I feel, has Rust now switched into that thing
  93. Jake:where people are actually critically analysing it?
  94. Jake:I'm seeing a lot of this, like a lot of Rust criticism all of a sudden.
  95. Jake:It felt like it's been for five years or however long,
  96. Surma:Yes and no.
  97. Jake:it's like, wow, this is just revolutionising everything,
  98. Jake:we should rewrite everything in Rust.
  99. Jake:And it feels now that it's kind of got to, it's sort of past that hype peak,
  100. Jake:and people are like, huh, this is, you know, maybe we should be using Zig or...
  101. Surma:I feel like it is becoming cooler to not like Rust, to an extent that's a deserved counter
  102. Surma:movement because there was also some undeserved overhype, like this whole, you know, the Rust
  103. Jake:I don't know.
  104. Surma:community, I think is really great.
  105. Surma:But there are also a couple of traits that for some reason are very present in many people
  106. Surma:in the Rust community, like what you just said, the whole like, this should be rewritten
  107. Surma:in Rust and it would be so much better.
  108. Surma:Most of the time, that's just a shitty thing to say, like a piece of software has been
  109. Surma:around for ages and working well and has been written in C or C++.
  110. Surma:Will it get better just because it's now rewritten in Rust?
  111. Jake:Yeah.
  112. Surma:I doubt it.
  113. Surma:Like, I personally would love it because it makes the code much more approachable to me.
  114. Surma:Like, I feel much more comfortable jumping into a Rust code base than I do into a C or
  115. Surma:C++ code base.
  116. Surma:But that's just the nature of being fluent in a language versus a language that I'm not
  117. Surma:comfortable or fluent in.
  118. Surma:Like, yes, I know some C, I know some C++, but I not once really in the last, I don't
  119. Surma:know, 15 years have I written a side project in C++.
  120. Surma:I've written a whole bunch in Rust.
  121. Surma:So that's, you know, I think you're right.
  122. Jake:Yeah.
  123. Surma:There's more people being more vocal about things that are not great in Rust because,
  124. Surma:you know, it has introduced many new things to the ecosystem and to coding.
  125. Surma:But of course, it's not perfect.
  126. Surma:But I, as always.
  127. Jake:Okay, I derailed you.
  128. Jake:So, like...
  129. Surma:Yeah, let's talk about Rust.
  130. Surma:So how do I start?
  131. Jake:What is Nix?
  132. Surma:Well, it's a build system, innit?
  133. Surma:So I tried myself at making a YouTube video and I'm not sure if, so people seem to like
  134. Jake:What is Nix?
  135. Surma:it, but I'm not sure if they liked it because of the way I explained Nix or because I did
  136. Surma:nice animations, because I discovered this cool thing called Motion Canvas, which was
  137. Surma:really fun to use to build basically a video with.
  138. Surma:You can also use to build presentations.
  139. Jake:It is really nice. We'll link to that.
  140. Surma:Yeah, and I'm not going to, I literally feel bad like taking credit for how nice animations
  141. Surma:look because I just plugged things together.
  142. Surma:Anyway, my plan is not to just like rehash the video.
  143. Surma:In the video, I really like explain step by step how Nix was started by a guy named Alko
  144. Jake:It is really nice. We'll link to that.
  145. Jake:It is really nice. We'll link to that.
  146. Surma:Doltstra throughout the work on his PhD thesis and then the individual building blocks.
  147. Surma:This is a podcast.
  148. Surma:I don't have visuals.
  149. Surma:I want to focus a bit more or speed run a bit through that to get to where we could
  150. Surma:be using it in web development, potentially, because that's, I think, where it gets interesting.
  151. Jake:I have to say, when someone says, like, if you want to know about, you know,
  152. Jake:how this build system works, read my PhD thesis.
  153. Jake:Like, I cannot close the tab fast enough.
  154. Surma:It does sound scary, doesn't it?
  155. Surma:And I will say, sadly, that is kind of on brand for Nix a little bit.
  156. Surma:Like the documentation situation on Nix is not good.
  157. Surma:Like you don't have to read the PhD thesis, but you do have to dive into, you know, standard
  158. Jake:All right. Okay. Good start.
  159. Surma:library code to figure out how to use it sometimes.
  160. Surma:That's definite.
  161. Surma:And everybody I feel like that likes and loves Nix immediately acknowledges like, yeah, our
  162. Jake:All right.
  163. Surma:documentation is not good.
  164. Surma:It's not good, mate.
  165. Surma:So that's something that hopefully will get better.
  166. Surma:And also, yes, it is a PhD thesis, although it is the product of a PhD thesis, which means
  167. Surma:it has its origins in academia.
  168. Surma:And even that shows it is a purely it involves a purely functional programming language that
  169. Surma:looks a lot like or reminds one of Haskell.
  170. Surma:And that's also not everybody's cup of tea.
  171. Jake:All right.
  172. Surma:That being said, he designed a language for this build system.
  173. Surma:And I'm not sure it was 100% necessary, but the language is so small that I felt comfortable
  174. Surma:with it very, very quickly.
  175. Surma:But let me take a step back before we talk about the language itself.
  176. Surma:Basically, the problem that this guy, Alcadolstra, was looking at for his PhD thesis is the general
  177. Surma:problem of how do I get my code or my software on machine A to run on machine B?
  178. Jake:All right.
  179. Surma:And that actually isn't necessarily easy to do in a reliable way.
  180. Surma:You know, when you install Chrome, you download a binary and you have to make sure you download
  181. Surma:for your operating system.
  182. Surma:If you download the Linux one and you're on Mac, that will not work.
  183. Surma:That's the first instance already where this model of deployment can go wrong.
  184. Surma:You need to make sure that you compile the right binary for the target system.
  185. Jake:All right.
  186. Surma:And then often these binaries rely on certain libraries being present on the machine it's
  187. Surma:supposed to run on.
  188. Surma:And if these libraries are missing or even just have the wrong version, then it will
  189. Surma:likely not work.
  190. Surma:So this whole thing of just like copying binaries around is just it's not a good system.
  191. Surma:But we know people like you and me, we work in open source.
  192. Surma:That's very different where you have the source and you can just copy the source code over
  193. Surma:and compile that.
  194. Surma:And I think that actually works fairly well.
  195. Surma:But I think even there, most of us have experienced the problem of just because it compiles on
  196. Jake:Yes.
  197. Jake:Yes.
  198. Surma:my machine doesn't mean it will successfully compile on your machine.
  199. Jake:Yes.
  200. Jake:And we hit this a lot with, well, in Squoosh,
  201. Jake:because when we were dealing with the various image libraries,
  202. Surma:And I will talk about Squoosh later because that's exactly where I want to use Nix in
  203. Jake:and even two of us using Mac.
  204. Jake:Like, yeah.
  205. Jake:Works on one machine, but not the other.
  206. Surma:the future.
  207. Surma:But yeah, even with just when you have notes or NPM libraries like Sharp that pull in C++
  208. Jake:Yeah.
  209. Surma:code or maybe even, you know, rely on certain files being present.
  210. Surma:But, you know, on Windows, everything is different.
  211. Surma:You can already tell just because something compiles on my machine doesn't mean it will
  212. Surma:compile on your machine.
  213. Surma:And even then, even if it compiles on both machines, doesn't mean that will run.
  214. Surma:Like if we have a JavaScript code base and we both run the exact same version of Vite
  215. Jake:And then Docker came along and solved the problem.
  216. Surma:to compile the exact same source code, they probably will spit out the exact same result.
  217. Surma:And yet, because you are on Node 20 and I'm on Node 22, it may not actually work because
  218. Surma:that code that was output relies on a specific version of the runtime or again on system
  219. Surma:libraries.
  220. Surma:Just if you think about one machine may have FFmpeg installed and the other one doesn't,
  221. Surma:but you rely on FFmpeg being there.
  222. Jake:Yeah.
  223. Surma:And everybody was happy.
  224. Surma:To an extent, yes, but also kind of no.
  225. Surma:I mean, so I think Docker is in its simplest terms, you can think about like it spins up
  226. Surma:a virtual machine.
  227. Surma:And so if everybody boots up the same virtual machine image, that means you can compile
  228. Surma:the software reliably in there because the entire environment is snapshotted basically
  229. Surma:in that image of the virtual machine effectively.
  230. Jake:Yes.
  231. Surma:But if you want to run the software outside of the virtual machine, you kind of back to
  232. Surma:the same problem.
  233. Surma:So unless you also tend to run the software inside the virtual machine, that problem is
  234. Surma:still kind of there because now you're back in the world outside of the virtual machine
  235. Surma:where you don't control what exactly is and isn't there.
  236. Surma:But you're right, like Docker is one of the things that's been around that kind of has
  237. Surma:made these things a lot more interesting.
  238. Surma:But also, and this is where and I think I'm basically I'm going to jump ahead here a little
  239. Jake:Yeah.
  240. Jake:Yeah.
  241. Surma:bit because we had a problem with or we use Docker in Squoosh.
  242. Jake:Yeah.
  243. Jake:Yeah.
  244. Surma:So in Squoosh, if you probably set the context here, we have loads of different image codecs.
  245. Jake:Yeah.
  246. Jake:Yeah.
  247. Jake:Yeah.
  248. Surma:So something that takes a bitmap and converts it to JPEG, another one to AVF, another one
  249. Surma:to JPEG XL.
  250. Surma:And those are all, you know, C++ or Rust programs that we have in there.
  251. Jake:Yeah.
  252. Jake:Yeah.
  253. Jake:Yeah.
  254. Surma:And we use Docker to turn those into WebAssembly because we did not want to force people to
  255. Surma:install all kinds of compiler tool chains and libraries to be able to work on these
  256. Jake:Yeah.
  257. Jake:Yeah.
  258. Jake:Yeah.
  259. Surma:image codecs.
  260. Surma:And for that, we use Docker.
  261. Surma:So inside the Docker container, we set up the basically the development environment
  262. Jake:Yeah.
  263. Surma:to work on the codecs and to also compile them.
  264. Jake:Yeah.
  265. Surma:And then we have WebAssembly, which kind of ensures that the binary works outside the
  266. Jake:Yes.
  267. Surma:virtual machine as well.
  268. Surma:But in there, in the inside the virtual machine, we still need to somehow formulate, codify
  269. Jake:Yes.
  270. Jake:Okay.
  271. Jake:Yes.
  272. Surma:how code is supposed to be built.
  273. Surma:And for that, we use makefiles.
  274. Jake:Yes.
  275. Surma:Basically, it's a bash script where every individual step, take these bunch of C files
  276. Jake:Yes.
  277. Surma:and compile them to a static library, take these bunch of C files and compile them to
  278. Jake:Yes.
  279. Surma:object files and then link them all together to form a WebAssembly file.
  280. Jake:Yes.
  281. Surma:And we kind of like wrote these steps out with a makefile, more or less.
  282. Jake:Yes.
  283. Surma:And makefiles have been around for ages, really well understood.
  284. Jake:Yes.
  285. Surma:And they work quite simply through the mechanism of timestamps.
  286. Jake:Yes.
  287. Surma:So you write your build instructions and you tell make these are the input files that this
  288. Jake:Yes.
  289. Jake:Yes.
  290. Surma:build step needs.
  291. Surma:And these are the expected output files.
  292. Jake:Yes.
  293. Surma:And if any one of the input files has a newer modify date than the output file that we have,
  294. Jake:Yes.
  295. Surma:we need to rerun the step.
  296. Jake:Yeah.
  297. Surma:That sounds pretty good on paper, but the reality is the amount of time that we lost
  298. Jake:Yes.
  299. Surma:hours to trying to figure out why something wasn't working until we realized our code
  300. Jake:Yes.
  301. Jake:Yes.
  302. Surma:changes are not actually being incorporated into the output, because somewhere along the
  303. Jake:Yes.
  304. Surma:stack of all these different build steps, there was a cache that just cached the output
  305. Jake:Yes.
  306. Jake:Yes.
  307. Surma:and didn't actually use the new output or something like that.
  308. Jake:Yes.
  309. Surma:We have lost so much time to that.
  310. Jake:Yes.
  311. Jake:Yes.
  312. Surma:No.
  313. Jake:Yes.
  314. Surma:And that's what I was praising so much about Bazel, where I felt like their caching is
  315. Jake:Yes.
  316. Surma:rock solid.
  317. Surma:Not once did I need to, you know, nuke a cache to fix a build error.
  318. Jake:Yes.
  319. Surma:It was always going to be the exact same build error because they got caching right.
  320. Jake:Yes.
  321. Jake:Yes.
  322. Surma:And I feel like Nix does the same.
  323. Surma:And that's, again, where then suddenly, to me, it becomes useful.
  324. Jake:Yes.
  325. Jake:Yes.
  326. Surma:So, you know, in Squoosh, we had this problem.
  327. Surma:We had basically used Docker to have a very consistent, shareable development environment.
  328. Jake:Yes.
  329. Jake:Yes.
  330. Surma:But then we used Makefile's glorified bash scripts to do the building.
  331. Jake:Yes.
  332. Surma:And going back to Nix and the PhD thesis, this is kind of the observation that I'll
  333. Jake:Yes.
  334. Surma:get as well.
  335. Jake:Yes.
  336. Surma:The problem with all of these tools is that on the one hand, they don't accurately necessarily
  337. Jake:Yes.
  338. Jake:Yes.
  339. Surma:track which steps need to be redone or rebuilt.
  340. Jake:Yes.
  341. Surma:And also that in many instances, it doesn't fully capture any variable that can affect
  342. Jake:Yes.
  343. Surma:the output.
  344. Surma:So, for example, in Makefile, you will just write, hey, take Clang as my C++ compiler,
  345. Jake:Yes.
  346. Jake:Yes.
  347. Surma:put these files in and take the output.
  348. Jake:Yes.
  349. Surma:But nowhere do you specify which exact version of Clang it is.
  350. Jake:Yes.
  351. Jake:Yes.
  352. Surma:Yes and no to an extent.
  353. Jake:Yes.
  354. Surma:I think it covers part of it, but it's still not, you know, bulletproof in that sense.
  355. Jake:Yes.
  356. Surma:And so what Alko did when he developed Nix is basically by tackling this problem from
  357. Jake:Yes.
  358. Jake:Yes.
  359. Surma:two sides.
  360. Surma:The one is to design a domain-specific language that is specifically designed to express how
  361. Jake:Yes.
  362. Jake:Yes.
  363. Surma:software is built.
  364. Surma:In that sense, it is like make, but on steroids.
  365. Jake:Yes.
  366. Surma:And these kind of like build recipes in Nix are called a derivation.
  367. Jake:Yes.
  368. Surma:And that's, again, that's probably academia leaking through a little bit, but it's a
  369. Jake:Yes.
  370. Surma:build recipe, right?
  371. Surma:And it is a bit like make in that you actually do end up writing bash scripts or scripts,
  372. Jake:Yes.
  373. Jake:Yes.
  374. Surma:abstraction of bash scripts, but basically just as a way for you to orchestrate these
  375. Jake:Yes.
  376. Surma:individual tools, similar to Makefile, where you invoke different tools and tell them which
  377. Jake:Yes.
  378. Surma:files to consume and where to put the output.
  379. Jake:Yes.
  380. Surma:So really what this is in that sense, again, it is still quite similar.
  381. Jake:Yes.
  382. Surma:These derivations, as they're called, they have inputs, which is usually source code
  383. Jake:Yes.
  384. Surma:and build tools.
  385. Surma:So the build tools are part of the input.
  386. Surma:They're exactly specified and they produce outputs.
  387. Jake:Yes.
  388. Surma:And here's where now the tracking of dependencies gets in.
  389. Jake:Yes.
  390. Surma:And I think it's really interesting that that build recipe, together with a list of the
  391. Jake:Yes.
  392. Surma:source files that it consumes and the tool that it needs, gets cryptographically hashed.
  393. Jake:Yes.
  394. Surma:I'm not going to go into details how, but basically I'm going to hand wave those details
  395. Jake:Yes.
  396. Surma:so that then this build recipe can be stored in what is called the Nix store.
  397. Jake:Yes.
  398. Jake:Yes.
  399. Surma:That's really just a folder on your disk, but that hash becomes part of the name.
  400. Jake:Yes.
  401. Surma:So in that sense, it's a bit like Git where it's content addressable.
  402. Jake:Yes.
  403. Surma:So if something changes in your derivation, it now gets a new name because the hash will
  404. Jake:Yes.
  405. Surma:be different.
  406. Surma:Yes, exactly.
  407. Jake:Yes.
  408. Surma:Because that's exactly where it gets kind of interesting and recursive with Nix, I feel
  409. Jake:Yes.
  410. Surma:like, because both the source files that you want to compile, as well as the tools, must
  411. Jake:Yes.
  412. Jake:Yes.
  413. Surma:come from the Nix store.
  414. Surma:You're basically not allowed to take something from anywhere else.
  415. Jake:Yes.
  416. Surma:So only things that have been hashed, you can use in your build recipe.
  417. Jake:Yes.
  418. Surma:And if you have this item in your Nix store, you can just use it.
  419. Jake:Yes.
  420. Surma:If you don't have it, because this hash also incorporates the build recipe that this item
  421. Jake:Yes.
  422. Jake:Yes.
  423. Surma:was built with, Nix can deduce how to create this item in the Nix store.
  424. Jake:Yes.
  425. Surma:So either you have this exact version of Clang on your system in the Nix store and you can
  426. Jake:Yes.
  427. Surma:use it.
  428. Jake:Yes.
  429. Surma:But if you don't, Nix can figure out how to build this exact version of Clang in the Nix
  430. Jake:Yes.
  431. Surma:store.
  432. Surma:How to build this exact version of Clang so that you have the exact same version of the
  433. Jake:Yes.
  434. Surma:compiler and the exact same version of all libraries and the exact correct source files
  435. Jake:Yes.
  436. Surma:to produce a specific output.
  437. Jake:Yes.
  438. Surma:And that sounds very tedious, but it is actually designed in a way where it's kind of natural
  439. Jake:Yes.
  440. Surma:to write this way.
  441. Jake:Yes.
  442. Surma:Yes, it is.
  443. Surma:In that sense, they bootstrap themselves up to the point where they are completely independent
  444. Jake:Yes.
  445. Jake:Yes.
  446. Surma:of the system.
  447. Surma:And that makes sense because the system is one of the biggest variables that differs
  448. Jake:Yes.
  449. Surma:between, well, systems where these kind of things, it works on my machine, but not yours.
  450. Jake:Yes.
  451. Surma:The origin often is differences in the system.
  452. Jake:Yes.
  453. Surma:And so he has designed this system in a way that you can use in your build recipe.
  454. Jake:Yes.
  455. Surma:Yes.
  456. Surma:So for example, the operating system is part of the hash.
  457. Jake:Yes.
  458. Surma:So that means if I'm building something on Windows, it will, by very definition, get
  459. Jake:Yes.
  460. Jake:Yes.
  461. Surma:a do... it's a do-it-yourself thing.
  462. Surma:It's not a do-it-yourself thing.
  463. Jake:Yes.
  464. Surma:It's a do-it-yourself thing.
  465. Surma:So if I'm building something on Windows, it will, by very definition, get a do...
  466. Jake:Yes.
  467. Jake:Yes.
  468. Surma:It's a different dependency chain all the way down than one on Darwin, because it is
  469. Jake:Yes.
  470. Surma:fundamentally a different operating system.
  471. Jake:Yes.
  472. Surma:It doesn't incorporate the version of the operating system, but I think that's all right
  473. Jake:Yes.
  474. Surma:because operating systems like kernels are stable in their APIs, or they're just assumed
  475. Jake:Yes.
  476. Surma:to be stable.
  477. Surma:And I think that's a realistic assumption.
  478. Jake:Yes.
  479. Surma:Exactly, exactly.
  480. Jake:Yes.
  481. Jake:Yes.
  482. Jake:Yes.
  483. Surma:Yeah.
  484. Surma:So they add stuff, but they barely break stuff.
  485. Jake:Yes.
  486. Surma:Breaking user land is a big no-no when it comes to operating system.
  487. Jake:Yes.
  488. Surma:So every piece of software that you express with Nix, you know, uses... needs tools to
  489. Jake:Yes.
  490. Surma:build it.
  491. Surma:And then these tools themselves must be buildable with Nix.
  492. Jake:Yes.
  493. Surma:Otherwise, they wouldn't exist in Nix.
  494. Surma:And this goes all the way down to like a very small... the smallest possible seed of kind
  495. Jake:Yes.
  496. Jake:Yes.
  497. Surma:of like impureness, where there's like one tiny, very basic, I don't know, maybe it's
  498. Jake:Yes.
  499. Jake:Yes.
  500. Surma:an assembler, I don't know, that is just pre-agreed to be accepted and will just be downloaded
  501. Jake:Yes.
  502. Surma:as a binary file or something.
  503. Surma:And everything else is bootstrapped from there.
  504. Jake:Yes.
  505. Surma:And that's because Nix is all about building software.
  506. Jake:Yes.
  507. Surma:And so it allows you to build the exact same version of this piece of code that you're
  508. Jake:Yes.
  509. Surma:looking at every single time.
  510. Jake:Yes.
  511. Surma:Of course, this sounds really, really slow.
  512. Surma:And it would be really, really slow if every time you'd have to like start from scratch
  513. Jake:Yes.
  514. Surma:and basically invent the universe.
  515. Jake:Yes.
  516. Surma:So the other thing that Alcott also looked at in his thesis is how you can do binary
  517. Jake:Yes.
  518. Jake:Yes.
  519. Surma:caching in a secure manner.
  520. Surma:So that basically, if one machine somewhere has already executed the derivation, like
  521. Jake:Yes.
  522. Jake:Yes.
  523. Surma:build the output, that you can just share that rather than having to rebuild it yourself.
  524. Jake:Yes.
  525. Surma:And there's all kinds of things you need to think about, you know, with like cache poisoning
  526. Jake:Yes.
  527. Surma:and other weird things.
  528. Surma:And he looks at all of it in the thesis.
  529. Jake:Yes.
  530. Surma:But basically, he found a solution that basically you could set up shared caches between systems
  531. Jake:Yes.
  532. Surma:that if one machine has already done the work, you don't need to redo the work, provided
  533. Jake:Yes.
  534. Surma:you have the same operating system.
  535. Jake:Yes.
  536. Jake:Yes.
  537. Surma:Yeah, it is in that sense.
  538. Jake:Yes.
  539. Surma:But the other part is that it is not just about setting up a system.
  540. Jake:Yes.
  541. Surma:It's also about executing build instructions, right?
  542. Jake:Yes.
  543. Surma:Like it's all about build recipe.
  544. Surma:So with Docker, you get your, I guess, you know, a Docker file in a sense, maybe.
  545. Jake:Yes.
  546. Surma:But even there, those are not, I guess, you know, if you think about even a Docker file
  547. Jake:Yes.
  548. Surma:is, it seems to be sufficiently reproducible considering we all use them in certain environments.
  549. Jake:Yes.
  550. Surma:But really, if you look at Docker files, they often just, you know, do apt-get install,
  551. Jake:Yes.
  552. Surma:which just downloads whatever is currently in that Debian package repository.
  553. Jake:Yes.
  554. Jake:Yes.
  555. Surma:And technically, it will definitely not be byte equivalent to what my Docker image looks
  556. Jake:Yes.
  557. Surma:like, necessarily, if we execute.
  558. Jake:Yes.
  559. Surma:Again, this is like the academic level of accuracy.
  560. Surma:And maybe that's not necessary.
  561. Jake:Yes.
  562. Surma:But I think in this case, the sharing these, these are these binary artifacts.
  563. Jake:Yes.
  564. Surma:There is stuff to think and to read about security.
  565. Surma:I'm not going to get into that.
  566. Surma:Because where it then gets interesting next is that, you know, now we have Nix, we can
  567. Surma:build software, we can bootstrap our way up from nothing and kind of.
  568. Surma:So it was originally and you still feel that kind of tailored for downloading tar balls
  569. Surma:of C or C++ source code and building that.
  570. Surma:But from there, you can kind of like continue building and build software packages like
  571. Jake:Yes.
  572. Surma:make or clang or whatever, but also build other language tool chains for like go or
  573. Jake:Yes.
  574. Surma:Dart or Rust.
  575. Surma:And that's what Nix packages is, which is an entire collection of build recipes for
  576. Jake:Yes.
  577. Jake:Yes.
  578. Surma:all kinds of software.
  579. Surma:And I think it is still currently, by a large margin, the biggest collection of packages
  580. Jake:Yes.
  581. Jake:Yes.
  582. Surma:and the most up to date ones.
  583. Surma:If you compare it to, you know, Debian's or Ubuntu's apt, or to Arch Linux's AUR, or
  584. Jake:Yes.
  585. Jake:Yes.
  586. Surma:even to Homebrew, these are all at about a third of the size than what Nix packages
  587. Jake:Yes.
  588. Surma:has.
  589. Jake:Yes.
  590. Jake:Yes.
  591. Jake:Yes.
  592. Jake:Yes.
  593. Jake:Yes.
  594. Jake:Yes.
  595. Jake:Yes.
  596. Surma:There's two factors here.
  597. Surma:The one factor is that it's only achieved this place in the ranking in the last two
  598. Jake:Yes.
  599. Surma:years, I want to say.
  600. Surma:It was, I think, a proactive effort where they basically now have a system where each
  601. Jake:Yes.
  602. Jake:Yes.
  603. Surma:build recipe has a script that will automatically update the build recipe itself if there is
  604. Jake:Yes.
  605. Jake:Yes.
  606. Surma:a new version pushed to, you know, that piece of software GitHub repository.
  607. Jake:Yes.
  608. Surma:Previously, you would have to step in and update the thing.
  609. Surma:But most of the time, you know, software projects just like do minor fixes.
  610. Jake:Yes.
  611. Surma:So compiling a new version is kind of just, you know, bump the reference Git commit, and
  612. Jake:Yes.
  613. Jake:Yes.
  614. Surma:then the same build recipe will probably still work.
  615. Jake:Yes.
  616. Surma:So that's one thing they have done where most of these recipes will now be automatically
  617. Jake:Yes.
  618. Surma:updated on an almost daily basis via CI.
  619. Jake:Yes.
  620. Surma:And the other part is Nix is just weird to an extent.
  621. Surma:It is actually a bit scary to install.
  622. Jake:Yes.
  623. Surma:One of the implications of wanting to be able to share your build output with other users
  624. Jake:Yes.
  625. Jake:Yes.
  626. Surma:on your system, or even people on the internet, is that the building is actually executed
  627. Jake:Yes.
  628. Surma:by a different user on your system.
  629. Jake:Yes.
  630. Surma:So the Nix installer creates a bunch of dummy users.
  631. Jake:Yes.
  632. Surma:And on Mac OS, it even creates a separate partition to prevent being nuked from your
  633. Jake:Yes.
  634. Surma:disk because Mac OS is very precious about what gets to be in your, you know, in slash
  635. Jake:Yes.
  636. Jake:Yes.
  637. Surma:on your file system.
  638. Surma:And it's all legit.
  639. Surma:It's all not dangerous.
  640. Jake:Yes.
  641. Surma:But I think that is definitely the turn for many people if you, you know, you start the
  642. Jake:Yes.
  643. Surma:install and goes like, hey, I'm going to create 30 users, 30 groups and a new partition on
  644. Jake:Yes.
  645. Surma:your Mac hard drive.
  646. Jake:Yes.
  647. Surma:Yeah, I only do it now because, you know, I know it's worth it for me, but I can totally
  648. Jake:Yes.
  649. Surma:I think if you told me this, like half a year ago, I would have said nope, especially
  650. Jake:Yes.
  651. Surma:on my work machine.
  652. Surma:But even there, I've done it now.
  653. Jake:Yes.
  654. Jake:Yes.
  655. Jake:Yes.
  656. Surma:Oh, yeah, it prints it every time you boot.
  657. Surma:Gotta gotta do it.
  658. Surma:So Nix packages is this collection, huge amounts of software in there.
  659. Jake:Yes.
  660. Surma:And also there's stuff in there that lets you, if you were the author of your own Nix
  661. Jake:Yes.
  662. Jake:Yes.
  663. Surma:build recipe, makes your life easier.
  664. Jake:Yes.
  665. Surma:So, you know, instead of having to figure out how to compile, I don't know, Node or
  666. Jake:Yes.
  667. Surma:NPM yourself, because you want to build your own Node project, Nix packages is full of
  668. Jake:Yes.
  669. Surma:helper stuff for the Nix language to do Rust projects, Node projects, Go projects.
  670. Jake:Yes.
  671. Surma:It's all kind of in there.
  672. Jake:Yes.
  673. Surma:There's something you might even call documentation around it.
  674. Surma:But yeah, there is definitely support in there to help you build your own projects using
  675. Jake:Yes.
  676. Jake:Yes.
  677. Surma:Nix if you need these kind of kind of benefits.
  678. Surma:And that's exactly why I've been looking at it for Squoosh, because another problem
  679. Jake:Yes.
  680. Jake:Yes.
  681. Surma:we had in this thing that we are working at this, you know, often our codecs come at the
  682. Jake:Yes.
  683. Surma:very least as a two step compilation process.
  684. Jake:Yes.
  685. Surma:Once you compile the library that contains the codec, and then you compile our glue code
  686. Jake:Yes.
  687. Jake:Yes.
  688. Surma:that, you know, provides the standardized interface that the Squoosh app expects in
  689. Jake:Yes.
  690. Surma:a WebAssembly way to invoke that library.
  691. Jake:Yes.
  692. Surma:And often the work that happens is mostly on the glue code, because we don't develop
  693. Jake:Yes.
  694. Surma:the codecs ourselves.
  695. Surma:We just take those off of GitHub and compile them to a library.
  696. Jake:Yes.
  697. Surma:And then we write the glue code and have to figure out how do we invoke this library correctly.
  698. Jake:Yes.
  699. Surma:But in many cases, it seemed like we end up recompiling the library over and over, which
  700. Jake:Yes.
  701. Surma:takes a long time because those are, you know, quite big, quite complex.
  702. Jake:Yes.
  703. Surma:And similar to what I was a fan about in Bazel is that you can break out these individual
  704. Jake:Yes.
  705. Jake:Yes.
  706. Surma:build steps into singular units of execution, and therefore they're cached individually.
  707. Jake:Yes.
  708. Surma:So once they get built, they will never get rebuilt unless the inputs file change.
  709. Jake:Yes.
  710. Surma:And that's kind of what I've been looking at for both our Rust-based codecs as well
  711. Jake:Yes.
  712. Surma:as our C++ codecs in Squoosh.
  713. Jake:Yes.
  714. Surma:Yeah, I have a branch, and I think because, well, here's the reason why, right?
  715. Jake:Yes.
  716. Surma:Like so far, we have been committing the Wasm binaries to our repository in Squoosh, just
  717. Jake:Yes.
  718. Jake:Yes.
  719. Surma:because most of the time, if we are going to get contributions on Squoosh, it's going
  720. Jake:Yes.
  721. Surma:to be on the web app part, just because Wasm is just more niche, I guess, and probably
  722. Jake:Yes.
  723. Surma:also those things don't need, once they work, they work.
  724. Jake:Yes.
  725. Surma:Maybe an update to a newer version of the codec, but it's a lot rarer that something
  726. Jake:Yes.
  727. Surma:needs to be changing there.
  728. Jake:Yes.
  729. Surma:And so we just committed them.
  730. Surma:And I always feel iffy about committing binaries to a repository.
  731. Jake:Yes.
  732. Surma:But what is the alternative?
  733. Jake:Yes.
  734. Surma:Because building every codec every single time would, at the very least, blow our CI
  735. Jake:Yes.
  736. Surma:runtime.
  737. Surma:But also, it would just make it not fun for people to contribute.
  738. Jake:Yes.
  739. Surma:You clone the repository, you run npm install.
  740. Jake:Yes.
  741. Surma:And the first time you do npm start or run dev, whatever it's called, and then you have
  742. Jake:Yes.
  743. Surma:to wait for, I don't know, yeah, that's not cool.
  744. Jake:Yes.
  745. Surma:And like I said, even if we were to invoke Docker, then it's like, it works maybe great
  746. Jake:Yes.
  747. Surma:for a fresh build.
  748. Surma:But once you start working on the code, there's often these caching problems.
  749. Jake:Yes.
  750. Surma:So yeah, that's why I'm looking into that.
  751. Jake:Yes.
  752. Surma:Because on the one hand, with the hashing of the sources, if you had it built once on
  753. Jake:Yes.
  754. Surma:your system, it would be very fast afterwards.
  755. Jake:Yes.
  756. Surma:But also, we could set up our own remote cache.
  757. Jake:Yes.
  758. Surma:Like there's actually a whole website called cachehicks that does it for you and is free
  759. Jake:Yes.
  760. Surma:for open source projects.
  761. Jake:Yes.
  762. Surma:But you can also just use a GCS bucket.
  763. Surma:And basically, we could just allow people to clone the repository, which would also
  764. Jake:Yes.
  765. Surma:get quicker if the WASM binaries weren't in there anymore.
  766. Jake:Yes.
  767. Surma:And once they do npm run, we would invoke Nix.
  768. Jake:Yes.
  769. Surma:But then it would just end up downloading the result rather than actually doing the
  770. Jake:Yes.
  771. Surma:build.
  772. Jake:Yes.
  773. Surma:Now that presupposes that they have Nix installed, which probably would lead us back to Docker.
  774. Jake:Yes.
  775. Surma:So that's also not a perfect solution.
  776. Surma:I'm not sure yet.
  777. Surma:But I'm mostly exploring it as a means to address the problem of why am I not able to
  778. Jake:Yes.
  779. Jake:Yes.
  780. Surma:fix the bucket I'm investigating?
  781. Jake:Yes.
  782. Surma:And then an hour later, you find out, oh, there's some caching going on somewhere along
  783. Jake:Yes.
  784. Surma:the stack that maybe you didn't know about or that wasn't supposed to be caching, but
  785. Surma:it's caching for some reason anyway, which has just been a massive pain point.
  786. Jake:Yes.
  787. Jake:Yes.
  788. Jake:Yes.
  789. Jake:Yes.
  790. Surma:So that's actually a really good point in general.
  791. Jake:Yes.
  792. Jake:Yes.
  793. Jake:Yes.
  794. Jake:Yes.
  795. Jake:Yes.
  796. Surma:That's also what most of these helper functions for Rust projects, Go projects, JavaScript
  797. Jake:Yes.
  798. Jake:Yes.
  799. Surma:projects do for you, that they download your dependencies for you and also put them in
  800. Jake:Yes.
  801. Surma:the Nix cache.
  802. Surma:So it's an additional like, you know, projects like Rust or JavaScript nowadays have their
  803. Jake:Yes.
  804. Surma:package log file, which already protects against supply chains attacks.
  805. Jake:Yes.
  806. Surma:But if you were to like run your own cache, and then somebody goes ahead and unpublishes
  807. Jake:Yes.
  808. Jake:Yes.
  809. Surma:a package from npm, if you still have it in your cache, you would still be able to build
  810. Jake:Yes.
  811. Surma:it because it's in there.
  812. Surma:And the other part is if somebody if there was a supply chain attack, and somebody manages
  813. Jake:Yes.
  814. Surma:to somehow replace a version somewhere without doing a version bump with malicious code,
  815. Jake:Yes.
  816. Jake:Yes.
  817. Surma:all of that would be caught and it's implemented at the Nix level, it doesn't need to be implemented
  818. Jake:Yes.
  819. Surma:at the language level if you're using.
  820. Surma:So if you're experimenting with like a very new young language or some other build tool
  821. Jake:Yes.
  822. Jake:Yes.
  823. Surma:that doesn't have this kind of protection built in, Nix can provide it for you.
  824. Jake:Yes.
  825. Surma:So this kind of like security thing that you're mentioning, it provides it across the
  826. Jake:Yes.
  827. Surma:entire project.
  828. Surma:And I think that's actually also something really valuable, which is also one of the
  829. Jake:Yes.
  830. Surma:reasons why we are looking at Nix now for Shopify, to see if we can build our system
  831. Jake:Yes.
  832. Surma:with Nix.
  833. Surma:But that's early exploration, nothing I want to commit too much to publicly.
  834. Jake:Yes.
  835. Jake:Yes.
  836. Surma:Yeah, so that's something I'm, I've been working on.
  837. Jake:Yes.
  838. Surma:And I have to say like the Nix packages as a whole has replaced Homebrew for me on my
  839. Jake:Yes.
  840. Surma:system.
  841. Surma:Again, because there is a global shared cache for everything in Nix packages specifically,
  842. Jake:Yes.
  843. Jake:Yes.
  844. Surma:most of the time, it's just downloading.
  845. Surma:So it is really quick.
  846. Surma:It has so many packages in there.
  847. Jake:Yes.
  848. Surma:And not only that, it's very easy to install an older version or a newer version, depending
  849. Jake:Yes.
  850. Surma:on what you need, because each of these packages expresses their dependencies so accurately
  851. Jake:Yes.
  852. Jake:Yes.
  853. Surma:down to like a cryptographic hash that you don't run into this problem where you maybe
  854. Jake:Yes.
  855. Surma:have two pieces of software installed and one needs this new version of the FFmpeg library
  856. Jake:Yes.
  857. Jake:Yes.
  858. Surma:and the other version doesn't work with this new version of FFmpeg but needs the older
  859. Surma:one.
  860. Surma:But both versions of FFmpeg cannot coexist, which is something that has happened before.
  861. Jake:Yes.
  862. Jake:Yes.
  863. Surma:And that I just find really, really appealing.
  864. Jake:Yes.
  865. Jake:Yes.
  866. Surma:Yes.
  867. Jake:Yes.
  868. Surma:No, I know.
  869. Surma:So there's differences.
  870. Jake:Yes.
  871. Surma:One of the things actually, it is actually something I really appreciate about Nix.
  872. Jake:Yes.
  873. Surma:There is a command that you get by default when you install it called nix shell.
  874. Jake:Yes.
  875. Surma:And you can just say nix shell dash p for package and say, for example, FFmpeg.
  876. Jake:Yes.
  877. Surma:And then it will, you know, basically create a new bash shell for you.
  878. Jake:Yes.
  879. Surma:And in the shell, FFmpeg is suddenly available for you and you can use it.
  880. Jake:Yes.
  881. Surma:And once you go out of the shell, FFmpeg is gone again.
  882. Jake:Yes.
  883. Surma:More or less like it was never on your system.
  884. Jake:Yes.
  885. Surma:So it's not like it has installed all kinds of shit to, you know, your slash op slash
  886. Jake:Yes.
  887. Surma:homebrew or anything like there's nothing that has been on your system outside of the
  888. Jake:Yes.
  889. Jake:Yes.
  890. Surma:Nix stores.
  891. Surma:There will be a Nix store item that is specifically for FFmpeg, but everything is contained within
  892. Jake:Yes.
  893. Surma:there.
  894. Surma:So that way you can actually try out something without having to commit to actually fully
  895. Jake:Yes.
  896. Surma:installing on your system.
  897. Jake:Yes.
  898. Surma:And then there's a command called nix collect garbage, which will remove everything from
  899. Jake:Yes.
  900. Surma:a Nix store that you currently don't use anymore.
  901. Surma:You can also install it persistently with a command called nixenv.
  902. Jake:Yes.
  903. Jake:Yes.
  904. Surma:These are kind of like, I guess, not the best practices anymore, but they're the easiest
  905. Surma:to explain.
  906. Jake:Yes.
  907. Surma:So there's, you know, every user gets their own so-called Nix environments, which you
  908. Jake:Yes.
  909. Surma:manage with the command called nixenv.
  910. Surma:And you can add Nix packages to this environment.
  911. Jake:Yes.
  912. Surma:And then they're just there until you remove them again.
  913. Jake:Yes.
  914. Surma:So that's how installing would work.
  915. Jake:Yes.
  916. Jake:Yes.
  917. Jake:Yes.
  918. Surma:With a Nix shell commands, it knows that the second you close the shell with nixenv, when
  919. Jake:Yes.
  920. Surma:you install a package, it installs it into your profile, which sounds very abstract,
  921. Jake:Yes.
  922. Jake:Yes.
  923. Surma:but basically, like I said, every user gets their own environment.
  924. Jake:Yes.
  925. Surma:And an environment is just a collection of symlinks.
  926. Surma:So basically, there will be a .nixprofile folder that is full of symlinks with different
  927. Jake:Yes.
  928. Surma:packages that you have installed.
  929. Jake:Yes.
  930. Surma:And as long as these symlinks exist, it knows it's still needed.
  931. Jake:Yes.
  932. Surma:And then it can obviously, you know, track the dependencies all the way down and basically
  933. Jake:Yes.
  934. Surma:mark what is still needed in Nix store and remove the rest.
  935. Jake:Yes.
  936. Surma:And that's kind of how it works.
  937. Surma:And if you use nixenv to uninstall something, technically, I think you could even just remove
  938. Jake:Yes.
  939. Surma:the symlink.
  940. Surma:I wouldn't recommend that, but you probably can do that.
  941. Jake:Yes.
  942. Surma:If you then run nix collect garbage again, now the symlink isn't there.
  943. Surma:Now this package will not get marked as still in use, and then it will also get removed.
  944. Jake:Yes.
  945. Jake:Yes.
  946. Jake:Yes.
  947. Jake:Yes.
  948. Jake:Yes.
  949. Surma:Yeah, it is weird, but I haven't been told of it.
  950. Jake:Yes.
  951. Surma:I mean, you can, as always, run it in Docker first if you want to play around with it and
  952. Jake:Yes.
  953. Surma:get familiar with the commands.
  954. Surma:To hint at something, there is a thing in Nix project called Home Manager.
  955. Jake:Yes.
  956. Jake:Yes.
  957. Surma:And I don't want to get too much into NixOS, which is a whole Linux distribution that put
  958. Jake:Yes.
  959. Surma:Nix at its heart, but I think it's more of a distraction.
  960. Surma:In Home Manager, basically, you kind of declare the setup of your machine.
  961. Jake:Yes.
  962. Jake:Yes.
  963. Surma:You basically say, these are my config files that I have in my home folder, you know, like,
  964. Jake:Yes.
  965. Surma:like, you know, like people used to have .file repositories.
  966. Jake:Yes.
  967. Surma:But it also lists, I want to have these packages installed.
  968. Jake:Yes.
  969. Surma:And then you can use Home Manager to just, like, set up your machine and continually
  970. Jake:Yes.
  971. Surma:maintain the state.
  972. Surma:So when you want to install a new package, you just add it to your Home Manager config,
  973. Jake:Yes.
  974. Surma:and suddenly this package is now there and installed and set up.
  975. Jake:Yes.
  976. Surma:And if you get a new machine, you just run this config file on a new machine, and it
  977. Jake:Yes.
  978. Surma:will be set up the exact same way.
  979. Surma:And I've done this a couple of times now.
  980. Jake:Yes.
  981. Surma:I've been playing around with a couple of Raspberry Pis at home, and basically being
  982. Jake:Yes.
  983. Surma:able to go on a freshly installed system and run two commands.
  984. Jake:Yes.
  985. Surma:And suddenly my entire environment is there.
  986. Surma:My Vim config, my SSH and GPG keys, all the tools I use are installed.
  987. Jake:Yes.
  988. Jake:Yes.
  989. Surma:There is something about that.
  990. Surma:And again, because it's all, you know, hashed and tracked, it knows exactly whether your
  991. Jake:Yes.
  992. Jake:Yes.
  993. Surma:environment is currently out of date or not.
  994. Surma:It doesn't come without its drawbacks.
  995. Jake:Yes.
  996. Surma:But if I have NerdSnipe people, they should take a look at that because it's, yeah, that's
  997. Jake:Yes.
  998. Surma:what I'm using now.
  999. Surma:I have my Home Manager config where every machine has its own little configuration file.
  1000. Jake:Yes.
  1001. Jake:Yes.
  1002. Surma:And there's a couple of shared files when, you know, because obviously I want the same
  1003. Jake:Yes.
  1004. Surma:Vim config on every machine.
  1005. Surma:So I don't want to duplicate that.
  1006. Surma:And yeah, that's what I use to kind of like make sure my system is set up.
  1007. Jake:Yes.
  1008. Surma:And you can even install, just like with Vue, proper applications.
  1009. Jake:Yes.
  1010. Surma:So if you want to install Arc or Obsidian or Audacity, all these things are available,
  1011. Jake:Yes.
  1012. Jake:Yes.
  1013. Surma:even if they're closed source.
  1014. Surma:Some people have added them to Nix packages and it's just, you know, it's a form that
  1015. Jake:Yes.
  1016. Surma:just downloads a binary.
  1017. Surma:But even there, you will be sure it will always be the exact same version to make sure your
  1018. Jake:Yes.
  1019. Jake:Yes.
  1020. Surma:system is in exactly the same state.
  1021. Surma:And I'm not sure that's always desirable, but for certain things that is definitely
  1022. Jake:Yes.
  1023. Jake:Yes.
  1024. Surma:helpful to know that if this config file is applied to my system, I know that my tools
  1025. Jake:Yes.
  1026. Surma:will work because they have worked on these exact versions for the previous past four
  1027. Jake:Yes.
  1028. Surma:weeks.
  1029. Surma:There's lots more to talk about, but I think I've fanboyed enough for this episode and
  1030. Jake:Yes.
  1031. Surma:I will link to a couple of interesting things to look at for folks who got successfully
  1032. Jake:Yes.
  1033. Jake:Yes.
  1034. Surma:nerd sniped by this.
  1035. Jake:Yes.
  1036. Surma:It does feel a bit like it, right?
  1037. Surma:Because I did Bazel, now I did Nix.
  1038. Jake:Yes.
  1039. Surma:I did feel a bit bad, but at the same time, you know what?
  1040. Jake:Yes.
  1041. Surma:No shame.
  1042. Jake:Yes.
  1043. Jake:Yes.
  1044. Surma:It is, it's the best part of it.
  1045. Jake:Yes.
  1046. Jake:Yes.
  1047. Surma:I feel like sometimes, well, you know, after your episode, we had to digest.
  1048. Surma:I definitely now need to digest my own episode.
  1049. Jake:Yes.
  1050. Surma:So I think with all that being said, with all that being shared, I think there's nothing
  1051. Jake:Yes.
  1052. Surma:left to say except for happy next time.
  1053. Jake:Yes.
  1054. Jake:Yes.
  1055. Jake:Yes.
  1056. Jake:Yes.
  1057. Jake:Yes.
  1058. Jake:Yes.
  1059. Jake:Yes.
  1060. Jake:Yes.
  1061. Jake:Yes.
  1. More build tools: Nix

    More build tools: Nix

  2. The new stylable <select> element

    The new stylable <select> element

  3. Chrome's new LLM AI API OMG

    Chrome's new LLM AI API OMG

  4. Chrome’s secretly installed extensions

    Chrome’s secretly installed extensions

  5. Are web components worth it?

    Are web components worth it?

  6. Why Source Maps don’t always work

    Why Source Maps don’t always work

  7. Putting React In The Browser

    Putting React In The Browser

  8. Canvas-based Web Apps

    Canvas-based Web Apps

  9. The Apple PWA Ban

    The Apple PWA Ban

  10. TC39 Roundup and Bevy’s ECS

    TC39 Roundup and Bevy’s ECS

  11. The Big Build Bool Bonanaza II

    The Big Build Bool Bonanaza II

  12. WebGPU and Browser Ideologies

    WebGPU and Browser Ideologies

  13. From the Archive — Changing jobs, Deno, and optimizing animations

    From the Archive — Changing jobs, Deno, and optimizing animations