| 9 Apr 2026 |
 piegames | I think so, yes | 19:09:39 |
 K900 | Note that the snix evaluator can't evaluate nixpkgs fully correctly still afaik | 19:14:53 |
 neobrain | mhm relying on the command-line interface doesn't sound so bad now after all :( | 19:33:11 |
 @rosssmyth:matrix.org | I think it can eval some subset of nixpkgs. I remember someone building firefox and the Linux kernel successfully | 19:50:22 |
| @rosssmyth:matrix.org | Unsure what you are doing exactly, but you can check this out
https://github.com/Rucadi/njq | 19:51:54 |
| neobrain | Nice, will take a look thanks! I was mainly curious about the options. For the specific tool I have in mind atm it seems just using the CLI is best | 20:00:48 |
| neobrain | (the expression to evaluate is basically just pkgs.dockerTools.pullImage bundled with a shell script, so not exactly worth pulling in an entire evaluator for :D) | 20:02:46 |
|  Lisanna changed their profile picture. | 21:59:37 |
| Lisanna changed their profile picture. | 22:00:54 |
| Lisanna changed their profile picture. | 22:02:04 |
| Lisanna changed their profile picture. | 22:12:21 |
 nikstur | Super exited for this! I think this will be the game changer for building out Remote Builders and CI | 23:03:06 |
 emily | what's the current most least uncursed way of going from a build's PID/UID to the .drv it's building? | 23:07:58 |
| emily | picking the .drv out of temproots is my current best guess | 23:13:42 |
| Lisanna changed their profile picture. | 23:14:48 |
 Neil Mayhew | OK, that makes sense. There's no point in trying to make cachix use the lix-store library. However, what would happen if I use the current cachix (linked with nix-store) on a system that's using Lix as the nix-daemon? Would that break too? | 23:48:58 |
| 10 Apr 2026 |
 kfiz | Maybe, I only just learned that lix-daemon is only compatible with v1.35 of the nix-daemon protocol. If cachix relies on newer features this might break. | 00:47:26 |
| Neil Mayhew | Thanks, that's helpful and gives me something concrete to check | 00:48:30 |
| kfiz | Your welcome. see link to source from an earlier post. | 00:51:57 |
| Lisanna | If you're planning anything in the remote builder space, I'd be very interested to know btw ^^ I've been doing work on improving remote building in cppnix so always interested in seeing what other use cases people have | 01:33:59 |
| Lisanna | also, if y'all would like any help on that effort, I definitely have the time, unless you think it would be harder to split the work | 01:41:57 |
 raitobezarius | In reply to @emilazy:matrix.org
what's the current most least uncursed way of going from a build's PID/UID to the .drv it's building? What nix-top does: look into /nix/var/nix/builds and then peek at env-vars outPath I'd say | 04:25:37 |
| K900 | No, it should be fine | 05:45:46 |
 phaer | There's a third rust implementation of it in harmonia, https://github.com/nix-community/harmonia/blob/main/harmonia-daemon/README.md. | 08:23:36 |
 Yureka (she/her) | that implements the other side | 08:27:43 |
| emily | so UID -> owner of build dir -> envs?
that var could be overridden by an evil derivation though right?
| 10:35:21 |
| emily | it feels a bit less robust than the temproots route to me | 10:36:08 |
| raitobezarius | cannot remember right away if an evil derivation can edit outPath, if security against malicious derivations is important, yeah, that's not ideal | 11:05:43 |
| emily | it's "workload attestation at home" | 11:11:33 |
| emily | so would at least be nice | 11:11:52 |
