NixCon NA 2024 is getting sponsored by Anduril, what to do about it

The matrix discussion also includes a link to the NixOS foundation minutes that were posted a few weeks ago that included a discussion point on the Anduril sponsorship at NixCon NA:

  • Anduril-
    • People don’t make the distinction between NixOS Foundation and NixCon.
    • The foundation doesn’t discriminate so comply with the local organizers
    • there was a proposal from Tom with an Apache-like policy which is pretty basic for the entity to be legal
    • do we have community values that we can flesh out as guidelines?
      • must not be hostile to the community and goals and must align with our code of conduct
    • make it transparent how we made the decision and communicate
    • The decision is approved after evaluating the code of conduct, notes, and bylaws of the organizing entity (SCALE)

This clarifies that the “interim” policy of the NixOS foundation that Tom mentioned on Matrix is based on the Apache Software Foundation sponsorship policy. He had shared this policy idea on the discourse thread of the NixOS foundation’s report on the sponsorship controversy following NixCon 2023:

At the time, I replied to this proposal and pointed out that a potential problem with the Apache Software Foundation policy is that it explicitly avoids evaluation of ethical concerns with potential sponsors. I referred instead to the sponsorship policy of the Association for Computing Machinery Conference on Fairness, Accountability and Transparency, which has a sponsorship policy that includes a clear process for Sponsorship Approvals: ACM FAccT - 2022 Sponsorship Policy

To quote what I wrote at that time:

In short, to ensure conference sponsorships advance the FAccT principles , everyone on the steering committee for the conference has a say over whether a sponsor is accepted and the policy outlines a clear process for the necessary notifications and decision-making.

I think that the NixOS foundation and conferences should follow the lead of the ACM FAccT and develop a sponsorship policy that does not exclude ethical consideration from the decision-making process for accepting sponsorships.


Cleevy, (hi! by the way :wave: )

Thanks for the proposal. I took a look at the policy procedures. We don’t quite have the same exact names for things, I guess I filled the role of “Sponsor chair” and the Foundation Board and NixConNA team were in the roles of Steering + Executive Committee. Just looking at procedure, we didn’t stray too far from the spirit of what is described; we notified similar sets of people, we gave more time to deliberate, and our decision-making is more often by consensus than by strict ballot.

The objection methodology is also detailed. This makes things much more civil and structured:

Steering committee members will have at least 1 week from notification to submit an objection to the proposed sponsor by e-mail to the Executive Committee.
Objections should be specific to the sponsor in question, cite relevant evidence, and argue why sponsorship from this organization would impede FAccT’s mission as expressed in the Strategic Plan.

As I looked at this problem in my proposal, I did not outline particular procedures, but did call out the relevant committees. As to the guidance provided for decision-making, I like how the ACM FAccT has a strategic plan ( I would love to see us come up with something like this. In Governance I talked about it in the terms of “vision” + “goals”. This would be a great thing to collaborate on and to really know what direction we want Nix to go in.

That being said; that conference, by it’s very reason of existence, is about ethics, not any specific technology, so it is not surprising that ethical review takes a larger part in their decision making. We have a specific focus on Nix, thus I’d expect our goals are likely more oriented towards this technology than to achieve specific social goals. Even the ACM FAccT’s first goal (perhaps it is not in priority order) is to be a top-tier publication venue. This is then further elaborated upon by other goals. In this arena Apache wants sponsors to be “committed to open source software”. And I suspect it is common for any foundation to have a similar clause.

To summarize: yes, let’s elaborate on what can guide us for our decision beyond the fairly weak “is it legal?” and review things based on our mission and goals. Therefore I’ve been trying to raise these questions in the community:

  • What are our goals?
  • What is our mission?

Can I suggest adding ‘What are our values?’ as an especially relevant component to the current topic?

I can imagine thinking that there are some overlaps between these things, so this is an example of how I separate them:


  • Get to the store before it closes.


  • Drive my car until I get there.


  • Obey the rules of the road.
  • The safety of cyclists and pedestrians is important.
1 Like

@rhendric I cannot edit the above due to “slow post” rules, so I’ll add it here:

  • What are our goals?
  • What is our mission?
  • What are our values?

For context, the values have been discussed here (What are the values that you see being expressed in the NixOS project?). Though, I don’t think we are necessarily starving for more debate about values; I think we are each assuming different goals + missions, and thus talking past each other when discussing values. My intent is to have a discussion explicitly in the realm of mission + goal (using your breakdown above as a rough guide).



X-posting this as it’s probably of interest to the folks involved in that discussion:

1 Like

This is a sentiment which has been dragging out for quite a while now, but currently I feel it more than ever: The current foundation board increasingly feels disconnected from the community and its members. I am starting to doubt that the current cast is well suited for making meaningful decisions aligned with many of our contributors.

Setting aside the question whether or not military sponsorships are okay in general, given the debacle at the last NixCon, simply accepting Anduril was an unacceptable thing to do. I still have difficulties grasping how at all these stages seemingly nobody anticipated the community fallout (and the very real PR damage to the project as a whole) that such a decision would have.

And while yes the sponsorship selection was mainly done by the NixCon NA organizers AFAICT, the ball ultimately should have stopped at the Foundation.


They are making meaningful decisions aligned with many of the contributors. The only logically possible way to make meaningful decisions that are not objectionable to many contributors is to get rid of a significant percentage of active contributors. (Actively getting rid of contributors is required: the track record of bad decisions of various kinds sometimes being made in the project is long enough that clearly not everyone who objects to yet another decision will quit).

Or, alternatively, appreciated the need for a coherent policy and estimated that mimicking Apache, trying to establish a proper policy, and doing random calls at random will all cause fallout, but in the first case people will either quit or not, and in the other two people will burn out first and then quit or not.

(My own position is that I doubt Andruil actually reduces military budget dollars written off per one death — intended or unintended, and I don’t see how whatever NixCon decisions can change the operation budget of DoD, so I am with the «we need to divert more military dollars to something with civil applications, because that’s how technology scaling is typically paid for»)


About any sponsorship policies. The most basic legal ground has already been covered in [policy proposal]: Sponsorship · Issue #110 · NixOS/foundation · GitHub, so I am going to build on top of that. Most importantly to me, the process of selecting sponsors is as important as the actual policy itself, regardless of what the latter may be. Some point I’d like to see covered in general [rationale in brackets]:

  • The marketing team and the event organization team are mainly responsible for finding adequate sponsors. They may delegate that task.
  • Sponsorship candidates must be published two weeks before the sponsorship going live (i.e. start of the event) for community consideration.
  • The event organization team, the marketing team, the Foundation board and maybe also the moderation team are allowed to reject any sponsor each. [I have an obvious conflict of interest about the moderation bit, but also if things go south this *is* a lot of work so we kinda do have stakes in this]
  • Sponsorship of a company, by design, includes advertising for that company. Therefore, donations by a company (which are not tied to publicity) are a different topic of discussion and out of scope. [This is especially for the “let’s just take their money” camp. I know many people who would be fine with getting donations from companies like Anduril as long as it does not cause any dependencies or conflicts of interests, but would not be comfortable with publicly advertising for such a company]
  • Companies that are heavily or primarily involved in military, defense, intelligence or weapons manufacturing are not allowed to become a sponsor. [This is not a moral judgement on the companies themselves, just a reflection of the fact that a significant part of the community is not comfortable with advertising for them.]
    • No matter what, Anduril is out as a sponsor [Every rule has a story, I guess]
  • There are not additional blanket topic-specific restrictions for sponsorships for now. Sponsors may be rejected due to community feedback, and if necessary, more rules may be introduced. [Surveillance capitalism and for example Google have come up a couple of times in the discussion, but we’ll cross that bridge when we come to it. Let’s rather focus on preparing ourselves for that day by building robust processes instead of trying to cover all possible rules right now.]
  • To protect the overall community, events that fail to abide by these rules and processes cannot call themselves official, and must adapt their branding accordingly.

After thinking more about the distinction I made in Should organizations relating to the defense sector being able to sponsor NixOS? - #158 by piegames, I noticed the following thing: the actual issue here is with advertisements and publicity for certain companies. And while I think that sponsoring inherently implies some form of publicity, this distinction does matter because somebody already proposed having special sponsorship tiers for such cases (which I’d personally disagree with doing, but that’s besides the point).

Another important reason to discuss this, is that we need to talk about how to deal with companies like Anduril being present at an event like NixCon, even when they are not a sponsor. At NixCon 2023, we had an Anduril employee attending at the conference and holding a talk as a community member, and I think that banning them would have been the wrong thing to do.

The issue is, that many people are attending the conference both as individual community members as well as employees of their company, and that companies usually put some form of ads or “we’re hiring” on the slides of the talks of their employees.

My proposal for a policy about employees whose companies we do not want to advertise for (regardless of what the rules for that will turn out to be):

  • They are welcome to attend any events as community members.
    • No company logo on badges (in case that is a thing at the event), no giveaway swag or flyers etc., no recruitment.
  • They are welcome to hold talks as community members.
    • The topic of the talk must not be inherently related to the company. Given that, talking about company related projects or work done on company time is acceptable.
    • No company logo on slides(?)
    • Mentioning the employer as part of the introduction is okay(?)
    • It is okay to use a company mail address if it is the most fitting one to use within the scope of the talk
    • It is okay to link to projects within company namespaces, if they are relevant to the talk
  • Customized rules and exceptions may be negotiated with the even organizers should this be necessary.

this does seem to be the most specific and concrete point, and the rest you outline seems reasonable.

regarding company-level criteria, things snowball. lacking measurements, consider this speculative, but plausible scenario:

  1. 20 NixCon EU attendees have strong ethical disagreements with Anduril sponsorship.
  2. various last-minute things happen and Anduril’s founder makes incendiary remarks that alienate 100 non conference-attendees.
  3. Anduril chooses to sponsor NixCon NA without sufficiently addressing this history, leaving 200 people disillusioned that Anduril in particular is harmful to NixOS.

ethics is one criteria, and perhaps an acceptable proxy for the rest. still, an ethically identical Anduril-but-with-a-different-face likely could have arrested that snowball before catastrophe. possible takeaways are (1) static criteria will not always be “accurate” (which is not to say it isn’t worthwhile) or (2) because of those downstream uncertainties, a formal policy which aims to be consistent may have to be more strict in denying sponsorships than one might initially expect.


I am going to suggest a controversial counter proposal: Don’t do anything.

I feel for the organizers who spends time and energy to create as good conference as they can make it, only to be dragged into heated debates about a topic that is subjective and divisive.
if you have opinions about the sponsor, by all means, let your opinion be heard. But leave the judgement and decision to the organizer. I think it would be more respectful to the work they put in.


This is why I so strongly want the community’s input to be part of the feedback process. The idea here is to establish a fairly minimal set of base rules, and then decide on a case by case basis, optionally expanding or adapting the rules as necessary.

I am unsure about what you mean with “consistent” here. Do you mean logical consistency, as in free of contradictions?

We literally did nothing after the last NixCon, and look where it’s gotten us. Not doing anything and hoping for the best simply is not an option anymore at this point.

I do feel for the NixCon organizers, especially since I’ve been close enough to last year’s orga to have seen how shitty a situation it was for everybody involved. The processes and guidelines for sponsorships which need to be established are meant to protect future conference organizers from such situations.

Also, I’d like to add that there is no rule which says that the conference organizers also have to organize the sponsors. It would be equally fair to declare this task to be delegated towards the Marketing team, or some other entity. But this too would require writing down at least something.


“consistent” primarily as shorthand for “not having to walk back previous decisions”. scenarios in which a sponsor is approved when you vet them, and then at some time closer to the conference told they actually shouldn’t attend, are not great. which means you likely want to apply stricter-than-necessary criteria at the time of vetting to counter that uncertainty.


Bear in mind that Microsoft is heavily, but not primarily, involved in military, defence, intelligence or weapons manufacturing.

“Empowering militaries. Improving operations. Protecting national security.”

Amazon and Google are also involved, and both companies also provide to the Israeli military as part of its “Project Nimbus”. Project Nimbus for example has been heavily criticised by those concerned with Palestinian human rights including employees, particularly since recent events in the region.

If you’re suggesting policy, you should probably have in mind exactly what the criteria are and what companies are and are not excluded. For example, one possibility, if you want to allow these companies but not Anduril (or, say, Lockheed Martin), you could drop the “heavily”, and permit huge defence contractors provided it is not the majority of their business. Or, if it turns out the issue is really about image and not substance, you could say “companies that are primarily known for”, etc.


Quick heads-up (this was already mentioned in other related channels, but making sure that folks don’t miss it):

  • There’s an open call next Wednesday which will be the occasion to discuss a lightweight short-term policy that we can use right away;
  • Several people asked how they could make sure that this was followed-up on and wouldn’t just die-off once the tide is over. Beyond the general discussion (which risks to die-off indeed), I think that the best way forward is to open a a pull-request to GitHub - NixOS/foundation: This is the home of the NixOS Foundation with a draft proposal.
1 Like

I think either “majority of their business” or “primarily known for”, could, for some 90+% of businesses, find a consensus fairly easily as to which side of the line they’re on. Neither is perfect, but either is at least some kind of starting point.

Biggest concern with regards to “Primarily known for” is that it’s subject to geographic disparity. Especially in the case of a military supplier, people from two different countries could “know” the same company for extremely different things.


I do feel for the NixCon organizers, especially since I’ve been close enough to last year’s orga to have seen how shitty a situation it was for everybody involved. The processes and guidelines for sponsorships which need to be established are meant to protect future conference organizers from such situations

I don’t think processes and guidelines alone can protect from this happening again. I also think a fair share of introspection will be needed by the community itself.

1 Like

This is unfortunate. As someone who has seen how “traditional” defense procurement and development is done: seeing Nix used to solve a myriad of packaging, configuration, and integration problem is a super compelling story for Nix. I’m sure a lot of industry would be interested in how custom hardware, firmware, software, and services can be packaged and configured to deploy devices. Including per-customer modifications and extending a common “prototype” to many different variants. This is a massive headache in purely civilian contexts as well.

Without Nix, this would require probably a dozen different tools, and significantly more integration pain would be present at each abstraction (hardware, firmware, software) and service layer.

Not trying to shill a company, but rather “Nix is a super power”. And people should hear about it being a super power.


Why would you need a company logo on your badge/giveaway swag/flyers/recruitment to tell people about Nix being a super power?