How to get latest nixpkgs unstable properties?

Is there a quick (ideally single command) to get the name, url and sha256 properties for fetchTarball for latest unstable nixpkgs? I’ve come up with the following horrible hack:

  1. Go to https://github.com/NixOS/nixpkgs
  2. Open the “Switch branches/tags” drop-down
  3. Select the “nixos-unstable” branch
  4. Click the shortened commit ID near the top of the page
  5. Copy the full commit ID near the top right of the page, for example “2da64a81275b68fdad38af669afeda43d401e94b”
  6. Switch back to the IDE
  7. Replace the checksum part of the url
  8. Google the commit ID to find the name (This part is obviously not reliable, but I’ve no idea where else to get the “preNUMBER” part of the name. Also, I know the name just has to be unique, but using the release name seems like an obvious way to make sure it’s easily understood.)
  9. Switch back to the IDE
  10. Replace the name
  11. Run nix-shell or other command to … instantiate the … derivation? Frobnicate the doohickey?
  12. Wait for it to report the hash mismatch
  13. Switch back to the IDE
  14. Replace the checksum with the one from the got: line
  15. Run the command I was trying to run in the first place

The result, for current unstable, is:

name = "nixos-22.11pre405560.2da64a81275";
url = "https://github.com/NixOS/nixpkgs/archive/2da64a81275b68fdad38af669afeda43d401e94b.tar.gz";
sha256 = "1k71lmzdaa48yqkmsnd22n177qmxxi4gj2qcmdbv0mc6l4f27wd0";

But that is a lot of steps. I guess adding the unstable channel would help, but I don’t really want to risk getting any software from unstable at the moment.

If you use flakes:

{
  inputs.nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
...
}

To update:

nix flake lock --update-input nixpkgs

For the old workflow, I think you just listed the steps

1 Like

Or you can use https://github.com/nmattia/niv to manage the pinnings, if you do not want to rely on experimental features.

I don’t understand this comment. You’d get the same effect on packages by adding the channel (under some name) and using nix-channel to manage it. Of course, the commit (now and past ones) would not be encoded in your fetchurl, instead you’d have it in the state of /nix/var/nix/profiles/...

Still, I expect most people will nowadays prefer flakes, as mentioned above (or other tools).

You’d get the same effect on packages by adding the channel (under some name) and using nix-channel to manage it.

That’s what I meant. But I’m trying to pin nixpkgs in a .nix file, so adding the channel would just be a slight convenience in getting the commit ID.

I’d rather not rely on experimental features. Maybe it’s dumb, but I’m trying to create as stable a setup as possible, since I’m relying on Nix in a whole bunch of repos by now.

Channels are updated manually, so basically it is pinning. Assuming you’d name it separately for this purpose.

1 Like

Flakes are fairly stable now and commonly used in production. There’s still no promise that no incompatible change happens, strictly speaking, but…

The problem with trying anything new in Nix is that the blockers I’ve run into are incredibly obtuse: GLIBC mismatches, poetry2nix breakages, infinite recursion, why pkgs.python3.withPackages(…) is not the same data structure as pkgs.python3, and more I can’t remember. Learning to deal with a whole new class of blockers using flakes/niv/mach-nix/home-manager/etc is just not attractive, because I don’t expect them to be more stable than the rest of Nix. When Nix works it’s fantastic, but it’s really hard to go beyond the trivial stuff.

1 Like
Hosted by Flying Circus.