!9IQChSjwSHXPPWTa:lix.systems

Lix

1137 Members
Lix user channel. Feel free to discuss on-topic issues here and give each other help. For matrix.to links to the rest of the Lix channels, see: https://wiki.lix.systems/books/lix-organisation/page/matrix-rooms313 Servers

Load older messages

SenderMessageTime
7 Apr 2026
@raitobezarius:matrix.orgraitobezariusif you nix copy only the derivers, you may not want to copy the outputs of the dependencies of the derivers22:21:54
@raitobezarius:matrix.orgraitobezariusbut this could have been designed completely differently i guess?22:22:08
@raitobezarius:matrix.orgraitobezarius("copy as many prebuilt things as possible and the recipes for what is missing", etc.)22:22:19
@jlamur:matrix.orgJules Lamur

I tried to write a small reproducer (with no dependencies on nixpkgs), but I failed to reproduce:

let
  system = "x86_64-linux";
  # just a basic C program that outputs whatever is in $myRefs env var to $out env var
  builder = ./basic_builder;
in rec {
  a = derivation {
    inherit system builder;
    name = "a";
  };
  b = derivation {
    inherit system builder;
    name = "b";
    myRefs = [ a ]; # $myRefs is written by the builder in the output (so they are run-time deps only?)
  };
  c = derivation {
    inherit system builder;
    name = "c";
    myFakeRefs = [ b ]; #myFakeRefs are not used by the builder, (so they are build-time deps only?)
  };
}

And I get that result:

$ nix-store -q -R --include-outputs "$(nix-instantiate --eval --raw -A c.drvPath)"
/nix/store/bdv4b4s9wryp2cd951x276z17s7v1pi3-basic_builder
/nix/store/1rai7c3259jzzc9qj8jbs0yfwk1c6amx-a.drv
/nix/store/c4f5rm2pchf5b1vri68rpa2in03rnlwg-a
/nix/store/whfq9h0h0blyawwq0nd1qnsyagzm3nli-b.drv
/nix/store/gfs6f7kxal5a52ikndfq8fvfpmx0vz08-c.drv
/nix/store/ircx9amlbg2wlxycrcnsv76cv95fx8g1-b
/nix/store/m6gaqy1fh5hkmlippb5cxjx4l6a7ha98-c
22:24:45
@raitobezarius:matrix.orgraitobezariuswhat if you use __structuredAttrs?22:26:20
@raitobezarius:matrix.orgraitobezariusdo you also reproduce with stdenv.mkDerivation ?22:26:35
@jlamur:matrix.orgJules LamurI did not try stdenv.mkDerivation yet22:26:52
@raitobezarius:matrix.orgraitobezariusit's possible that mkDerivation is doing a lot of work22:27:05
@jlamur:matrix.orgJules Lamur(still trying to process your previous comments šŸ˜)22:27:06
@raitobezarius:matrix.orgraitobezariusI'm not sure myself but I'd take a look at path registration for .drvs22:27:28
@raitobezarius:matrix.orgraitobezariusI'm going to bed for now, but I can take a look a bit more later22:27:35
@jlamur:matrix.orgJules LamurYou gave me some clues on where to search already. I hope I will figure this out tonight :) Thanks a lot! Have a good night :)22:32:31
@weirdrock:4d2.orgquartzwhat is Pasta in Lix?22:36:07
@weirdrock:4d2.orgquartz * what is Pasta in Lix as referred to by the announcement? 22:36:25
@jlamur:matrix.orgJules Lamurhttps://passt.top22:38:00
@blokyk:matrix.orgzoƫ (she/her)(basically, if i understand correctly: on linux, it allows giving as much flexibility as possible to derivations that use the network (normally only fixed-output derivations), by putting them in "user namespaces" (a similar mechanism to how isolation works for containers). without pasta, you'd need to run a larger chunk of the network- and isolation-managing code as root, extending the attack surface (and generally making things messier and harder to maintain))22:45:47
@blokyk:matrix.orgzoƫ (she/her)i'm not a team member though so take what i say with a grain of salt22:46:30
@jlamur:matrix.orgJules Lamur

I think I figured it out raito, nix-store does not add what it does not have in its local store, after a GC of my a, b and c drvs and outputs:

$ nix-store -q -R --include-outputs "$(nix-instantiate --raw -A c --arg entropy '"asdf"')"
warning: you did not specify '--add-root'; the result might be removed by the garbage collector
/nix/store/bdv4b4s9wryp2cd951x276z17s7v1pi3-basic_builder
/nix/store/xdz4vb0mxqi9qdw277xbvcbgkq3hdlwc-a.drv
/nix/store/2xs04agqx8ky9rnrxpis7d8ykhd86l9v-b.drv
/nix/store/xnamzrlkfhg36l5hzpqbsj9ipra0114y-c.drv

I expected to be able to re-use nix-store -q to query the list of all dependencies (at build and runtime) without having to populate my local store.
I guess I will fall back to recursively parsing the .drvs by myself :)

22:49:50
@jlamur:matrix.orgJules Lamur* https://passt.top (edit: sorry I didn't mean to RTFM, I thought you just asked for a link)22:50:34
@jlamur:matrix.orgJules Lamur *

I think I figured it out raito, nix-store does not add what it does not have in its local store, after a GC of my a, b and c drvs and outputs:

$ nix-store -q -R --include-outputs "$(nix-instantiate --raw -A c)"
warning: you did not specify '--add-root'; the result might be removed by the garbage collector
/nix/store/bdv4b4s9wryp2cd951x276z17s7v1pi3-basic_builder
/nix/store/xdz4vb0mxqi9qdw277xbvcbgkq3hdlwc-a.drv
/nix/store/2xs04agqx8ky9rnrxpis7d8ykhd86l9v-b.drv
/nix/store/xnamzrlkfhg36l5hzpqbsj9ipra0114y-c.drv

I expected to be able to re-use nix-store -q to query the list of all dependencies (at build and runtime) without having to populate my local store.
I guess I will fall back to recursively parsing the .drvs by myself :)

22:52:19
@weirdrock:4d2.orgquartz
In reply to @jlamur:matrix.org
https://passt.top (edit: sorry I didn't mean to RTFM, I thought you just asked for a link)
no I was fine with this, thanks 		22:53:53
@weirdrock:4d2.orgquartz
In reply to @blokyk:matrix.org
(basically, if i understand correctly: on linux, it allows giving as much flexibility as possible to derivations that use the network (normally only fixed-output derivations), by putting them in "user namespaces" (a similar mechanism to how isolation works for containers). without pasta, you'd need to run a larger chunk of the network- and isolation-managing code as root, extending the attack surface (and generally making things messier and harder to maintain))
and thank you too 		22:53:58
@blokyk:matrix.orgzoƫ (she/her) i don't know what you're trying to find the end, and i can't try it right now, but if you're trying to do recursive stuff on drv dependencies, could nix path-info --recursive help you? 22:55:05
@raitobezarius:matrix.orgraitobezarius
In reply to @weirdrock:4d2.org
what is Pasta in Lix as referred to by the announcement?
https://docs.lix.systems/manual/lix/stable/advanced-topics/pasta.html 		22:55:10
@blokyk:matrix.orgzoƫ (she/her)aaah i was too lazy to check the manual and couldn't find it with google so i just assumed i hallucinated it because of tiredness22:56:06
@raitobezarius:matrix.orgraitobezarius
In reply to @jlamur:matrix.org

I think I figured it out raito, nix-store does not add what it does not have in its local store, after a GC of my a, b and c drvs and outputs:

$ nix-store -q -R --include-outputs "$(nix-instantiate --raw -A c)"
warning: you did not specify '--add-root'; the result might be removed by the garbage collector
/nix/store/bdv4b4s9wryp2cd951x276z17s7v1pi3-basic_builder
/nix/store/xdz4vb0mxqi9qdw277xbvcbgkq3hdlwc-a.drv
/nix/store/2xs04agqx8ky9rnrxpis7d8ykhd86l9v-b.drv
/nix/store/xnamzrlkfhg36l5hzpqbsj9ipra0114y-c.drv

I expected to be able to re-use nix-store -q to query the list of all dependencies (at build and runtime) without having to populate my local store.
I guess I will fall back to recursively parsing the .drvs by myself :)

Worth a feature request perhaps 		22:56:06
@jlamur:matrix.orgJules Lamurthanks for the suggestion, it has the same behavior sadly :(23:03:50
@jlamur:matrix.orgJules Lamur what I'm trying to do is get the complete list of all the .drv and outputs of all the dependencies in pkgs/top-level/release.nix (or nixos/release.nix, it does not matter) 23:05:15
@jlamur:matrix.orgJules Lamur(without having to fill my local store with >1TB of packages)23:06:09
@raitobezarius:matrix.orgraitobezariusnix-eval-jobs ?23:06:35

Show newer messages

Back to Room ListRoom Version: 10