| 13 Oct 2021 |
 tomberek | colemickens 🏳️🌈: i almost always recommend people learn by not utilizing FUP/flake-utils/etc at all until they build up an understanding and actually want the ergonomics based on an informed choice. | 03:37:41 |
 cdepillabout | In reply to @colemickens:matrix.org
#5112 is soul-crushing Maybe I don't quite understand the issue, but what is important to you about this? I thought that Eelco's response here made sense, since it seems like most people would want nix build to build the package (even if means having to mutate the flake.lock file). What sort of situations does this cause you problems?
I could definitely understand wanting some generic Nix flag like --dont-update-flake-lock that will throw an error if there are inputs in flake.nix that are not in flake.lock.
| 04:14:23 |
 colemickens 🏳️🌈 | No other package management tool changes your lock file out from underneath you. | 07:07:59 |
| colemickens 🏳️🌈 | I haven't written this up, but imo it's not hard. | 07:08:07 |
| colemickens 🏳️🌈 | Hash the flake.nix->inputs, store that in the lock. | 07:08:16 |
| colemickens 🏳️🌈 | Any time the user updates the flake without updating the lock file, you can easily detect and spit out a big ole fat warning. | 07:08:31 |
| colemickens 🏳️🌈 | Otherwise, updates to hermetic lock files should be explicit. | 07:08:47 |
| colemickens 🏳️🌈 | there are examples given in the thread where it could change when a user isnt expecting it. Just because I add a dep doesn't mean I want to update everything, on and on. | 07:09:11 |
 lvkm | In reply to @colemickens:matrix.org
No other package management tool changes your lock file out from underneath you. colemickens 🏳️🌈: which package manager doesn't? I pretty sure cargo and poetry do add missing dependencies to their lock files | 07:32:22 |
 balsoft | Redacted or Malformed Event | 07:39:33 |
| balsoft | Anyhow, just add --no-write-lock-fileto your alias for nix build if that's such an issue. | 07:40:00 |
| balsoft | * Just add --no-write-lock-fileto your alias for nix build if that's such an issue. | 07:42:43 |
| cdepillabout | In reply to @colemickens:matrix.org
No other package management tool changes your lock file out from underneath you. Huh, I thought this was a common thing for package management tools to do. For instance, with stack, if you add a new dependency to extra-deps and run stack build, it will update your stack.yaml.lock file and add an entry for the new dependency you just added. | 07:48:41 |
| balsoft | Off the top of my head, I can think of only one package manager that doesn't do that, and that's npm | 07:49:29 |
| balsoft | (and maybe other nodejs stuff) | 07:49:37 |
| balsoft | Not sure we want to follow that example, tbh | 07:49:43 |
| colemickens 🏳️🌈 | well, Cargo does what I suggested per-dep as I understand, so at least users only get changes they'd expect. | 08:00:50 |
| colemickens 🏳️🌈 | which, would be fine, because changes that are 1:1 with explicit actions I took make sense | 08:01:07 |
| lvkm | you mean, nix build will update all dependencies instead of just adding the new ones? | 08:02:02 |
| balsoft | In reply to @colemickens:matrix.org
well, Cargo does what I suggested per-dep as I understand, so at least users only get changes they'd expect. I think that's what' | 08:02:26 |
| balsoft | * I think that's what's intended to happen with Nix | 08:02:31 |
| lvkm | (i'm not sure if i understand #5112) | 08:02:35 |
| balsoft | If it doesn't that's probably a bug | 08:02:37 |
| colemickens 🏳️🌈 | well, the behavior I just got from TIAS matched what y'all are saying. | 08:03:57 |
| colemickens 🏳️🌈 | so... I feel a bit silly, gonna review my own comments here are bit more closely to see what had been unexpected | 08:04:26 |
| colemickens 🏳️🌈 | well, anyway, that would seem to be the flavor of foot in my mouth, guess I should've reviewed more closely. | 08:08:10 |
| colemickens 🏳️🌈 | I almost feel like the comments from today deserve to be broken out into their own issues as they strike me as potentially more as explicit potential bugs | 08:08:42 |
| colemickens 🏳️🌈 | cc: David Arnold (blaggacao) ^ re your and nrdxp's comments on 5112 | 08:09:49 |
| colemickens 🏳️🌈 | * cc: David Arnold (blaggacao) ^ re your and nrdxp's comments on 5112 - consider splitting them into a new one - I'm not even sure I agree with my original UX complaint there and yours strikes as a potential bug. | 08:10:15 |
 David Arnold (blaggacao) | colemickens 🏳️🌈 agreed. For the flake.lock updating, I would say: the source of truth is flake.nix (the one you're looking at). So if the specification of a package is vague (e.g. pointing to a branch), well then at any given time e.g. "master" means "master" at that given time. | 11:25:07 |
