Does anyone (any bot) clean up nixpkgs?

It is nice to have statistics which show that nixpkgs has way more packages than all other …
Not really helpful if there are “old” packages which are e.g. archived and not marked or flagged in any way

  • like with a flag (and or date) in the meta data

E.g. does anyone still use and care about


Old packages like this usually don’t get removed until one of these things happen:

  1. the package fails to build
  2. the maintainers decide to remove it
  3. the package gets critical security issues

In this case, 1 and 2 didn’t happen, and I’m not aware of any critical security issues, so no one really tried to remove tidyp.

Also, a package being old or unmaintained doesn’t mean it’s not helpful. It could just be finished and doesn’t require any maintenance, and people can still find it useful even it has some small issues due to being unmaintained.

On a side note, tidyp is still present in quite a few package repositories, so I’m not sure if removing is the right thing to do here.


The message is

  • why not cleaning up? (for sure that question should make people think)
  • and if not (which would be totally ok) make it TRANSPARENT → like with META DATA
    so that everyone is able to see at first glance that tidy is “legacy/aging” and not relevant compared to alternative maintained/current packages

If I understood you correctly, you only argued against the (for you provoking) thought of cleaning up.

  • why not mentioning ideas to solve the sub-optimal current situation?
  • why not discussing useful and simple approaches like adding those facts into the meta data of a package?

you are speaking hypothetically, right?

Statistics are nice but only because other repos still have it, doesn’t really mean a lot - other than that those repos want to keep as many packages as they can → to be able to present better statistics, right?

I understand, leading in the statistics mean high prestige, even with packages no one is using any more. (The “same logic” is driving a “typical” maintainer - figures sells)

How many unmaintained packages are you using in your daily workflow and what for?

Is there any reason not to make it transparent e.g. via meta data?

  • for unmaintained packages
  • the date/time of the last maintenance/update to a package

What is sub-optimal for you about the current situation?

It’s not clear to me what problem you are trying to solve.

Should we clean up (speaking in general terms) - sure. We should do many things, but it’s all about resources and priorities.

I don’t think anyone is resisting any kind of clean-up effort simply because we like big numbers, but instead because without knowing what exactly the problem is, we are also not able to find the best way to solve it/them.

You seem to focus on additional meta tags. Now, which tag do you propose, how does one (whether human or bot) decide how/if/when to add the tag and again, which tangible problem are you trying to solve by doing it.


I don’t think this is what drives a “typical” maintainer. In 99.9% of the cases maintaining a package is more of a burden than “prestige”. I agree we sometimes use the ‘we have the most packages’ stats as marketing and we should be careful about that, though.

I like that nixpkgs also has old things: those can be hard to get to work on ‘traditional’ distro’s, and nixpkgs makes it easy to try them out and see if there’s anything worth salvaging from such projects. As long as there’s no security issues or build failures, and someone is prepared to put in the energy to maintain it, I think it’s generally valuable that they’re there.

Some kind of “if you’re considering X then also have a look at Y which might be a more well-maintained way to do the same” recommendations would be interesting. Not sure where those should live and how they should be maintained, though.


keep everything in status quo.

  • Users will have the effort to find what they need - instead of investing that time in engagement/commits for the project

Totally fine for me, personally.

  • not at all a win-win situation for the community/users (as a whole and over time)

How do you know that there is or isn’t a problem? Do you have means to check it (efficiently) without e.g. these information in the meta data of the nixpkgs?

Should we talk about emotions or facts?

why not adopting “good practice”?



there are already bots (like terraform-providers.pagerduty: 2.14.5 -> 2.14.6 · NixOS/nixpkgs@0c664a5 · GitHub) that update the hash of packages.
It would be “minimal” effort to let it check if the status of a repo is archived (and additionally the topic tags could be checked e.g. for abandoned unmaintained deprecated) ?

  • if archived → meta unmaintained: true and or maintenance:20190414
  • if topics include abandoned or unmaintained or deprecated tag → meta unmaintained: true

Does this sound reasonable?

Is the specific problem you want to solve as follows: if the source repository has been archived, you want to have a meta tag updated on the package to say that it no longer maintained to avoid the end user installing un-maintained software?

How do you know that there is or isn’t a problem?

I don’t know if it’s a problem. You seem to think that it is, so I would very much like to understand how this is a problem and how many people it affects.

Should we talk about emotions or facts?

Facts obviously. So what are the facts?


Simply because no one did

I think @peterhoeg put it the best

If you really want this package removed, open an PR to remove it. I’m sure more people will respond with why or why not this package specifically should be removed.

I was not trying to argue with you. I was just answering the question “Does anyone (any bot) clean up nixpkgs”.

Because I don’t need to respond to every single aspect of your post.

Not really, I was trying to explain generally how packages get removed, since I don’t know what tidyp does. All I know is that the package still builds and nobody tried to remove it.

When I said “I’m not sure if removing is the right thing to do here”, sorry if my wording made it sound like that, but I was not trying to argue against removing the package, instead I’m just providing more information that’s relevant to the post.

I will not participate in the bikeshedding

I don’t know, and to be honest, I don’t think it matters if they still work as expected.