Try to build cline cli package

arnaud-bourree · February 10, 2026, 9:57pm

I try to build cline command line package with the following cline/default.nix file:

{
  lib,
  fetchFromGitHub,
  buildNpmPackage,
  ...
}:

let
  # Récupération du dépôt GitHub avec fetchFromGitHub
  cline-src = fetchFromGitHub {
    owner = "cline";
    repo = "cline";
    rev = "cli-build-a03642b"; # Tag ou commit spécifique
    sha256 = "U8P654K0Sy4otcb5O6z1tXpp6gNz/1CUhGITLvL6dIA="; # Remplacez par le vrai hash SHA256
  };
in

buildNpmPackage rec {
  pname = "cline";
  version = "2.0.5-a03642b";

  src = cline-src;

  npmDepsHash = "sha256-lEwazA23OceBVp+qt0MCfSCm5bDNXfyZIU+ibFQcyD8=";
  npmPackFlags = [ "--ignore-scripts" ];

  meta = with lib; {
    description = "Package NixOS pour l'outil cline, construit à partir de la release cli-build-a03642b.";
    homepage = "https://github.com/cline/cline";
    license = licenses.asl20;
    maintainers = with maintainers; [ ];
  };
}

I failed with the following error:

building '/nix/store/iy6ywfqkx99brvdg3yly0dj8f1b2v3nd-cline-2.0.5-a03642b.drv'...
Running phase: unpackPhase
unpacking source archive /nix/store/pbgjcdmn18i9d6wgh2p6ma9klgg1j8g9-source
source root is source
Running phase: patchPhase
Executing npmConfigHook
Configuring npm
Validating consistency between /build/source/package-lock.json and /nix/store/kjkqrj3558nsanxvfspjzlwayisky4vk-cline-2.0.5-a03642b-npm-deps/package-lock.json
Setting npm_config_cache to /nix/store/kjkqrj3558nsanxvfspjzlwayisky4vk-cline-2.0.5-a03642b-npm-deps
Installing dependencies
npm warn EBADENGINE Unsupported engine {
npm warn EBADENGINE   package: 'posthog-node@5.24.10',
npm warn EBADENGINE   required: { node: '^20.20.0 || >=22.22.0' },
npm warn EBADENGINE   current: { node: 'v22.18.0', npm: '10.9.3' }
npm warn EBADENGINE }
npm warn deprecated inflight@1.0.6: This module is not supported, and leaks memory. Do not use it. Check out lru-cache if you want a good and tested way to coalesce async requests by a key value, which is much more comprehensive and powerful.
npm warn deprecated rimraf@2.7.1: Rimraf versions prior to v4 are no longer supported
npm warn deprecated whatwg-encoding@3.1.1: Use @exodus/bytes instead for a more spec-conformant and faster implementation
npm warn deprecated lodash.isequal@4.5.0: This package is deprecated. Use require('node:util').isDeepStrictEqual instead.
npm warn deprecated rimraf@3.0.2: Rimraf versions prior to v4 are no longer supported
npm warn deprecated rimraf@3.0.2: Rimraf versions prior to v4 are no longer supported
npm warn deprecated rimraf@3.0.2: Rimraf versions prior to v4 are no longer supported
npm warn deprecated glob@7.2.3: Old versions of glob are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting i@izs.me
npm warn deprecated glob@7.2.3: Old versions of glob are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting i@izs.me
npm warn deprecated glob@8.1.0: Old versions of glob are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting i@izs.me
npm warn deprecated glob@7.2.3: Old versions of glob are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting i@izs.me
npm warn deprecated glob@7.2.3: Old versions of glob are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting i@izs.me
npm warn deprecated glob@7.2.3: Old versions of glob are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting i@izs.me
npm warn deprecated glob@7.2.3: Old versions of glob are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting i@izs.me
npm warn deprecated gauge@5.0.2: This package is no longer supported.
npm warn deprecated fstream@1.0.12: This package is no longer supported.
npm warn deprecated node-domexception@1.0.0: Use your platform's native DOMException instead
npm warn deprecated glob@11.1.0: Old versions of glob are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting i@izs.me
npm warn deprecated glob@10.5.0: Old versions of glob are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting i@izs.me
npm error code ENOTCACHED
npm error request to https://registry.npmjs.org/dotenv failed: cache mode is 'only-if-cached' but no cached response is available.
npm error Log files were not written due to an error writing to the directory: /nix/store/kjkqrj3558nsanxvfspjzlwayisky4vk-cline-2.0.5-a03642b-npm-deps/_logs
npm error You can rerun the command with `--loglevel=verbose` to see the logs in your terminal

ERROR: npm failed to install dependencies

Here are a few things you can try, depending on the error:
1. Set `makeCacheWritable = true`
  Note that this won't help if npm is complaining about not being able to write to the logs directory -- look above that for the actual error.
2. Set `npmFlags = [ "--legacy-peer-deps" ]`

error: builder for '/nix/store/iy6ywfqkx99brvdg3yly0dj8f1b2v3nd-cline-2.0.5-a03642b.drv' failed with exit code 1

I’m building package from my NixOS configuration on WSL-NixOS 25.05

Does anybody have idea what’s wrong or investigation path ?

PS. It is my first post here, sorry if I forget some environment details or post in wrong channel.

toxaris · February 22, 2026, 11:51pm

Also tried this today and run into the same issue.

I believe the problem is that the cline repository contains two npm workspaces . and cli, but the buildNpmPackage ignores that and then the logic for downloading dependencies with nix only sees the dependencies needed for the . workspace, but the npm install command still tries to install both workspaces. Since the npm install runs in the nix sandbox, it tries to install the missing dependencies for the cli workspace and fails (because there is no Internet in the sandbox).

I tried the following setup to focus on the cli workspace:

{ buildNpmPackage, fetchFromGitHub, importNpmLock, lib }:

let
  pname = "cline";
  version = "2.4.2";
  npmWorkspace = "cli";

  src = fetchFromGitHub {
    owner = pname;
    repo = pname;
    rev = "v${version}-cli";
    sha256 = "sha256-VzJ3qg1joOTBlPIB73eSeHyIbMdbcDiOnF4yoQ2ezXk=";
  };
in

buildNpmPackage {
  inherit pname version src npmWorkspace;

  npmDeps = importNpmLock {
    inherit pname version;
    npmRoot = src;
    package = lib.importJSON "${src}/${npmWorkspace}/package.json";
    packageLock = lib.importJSON "${src}/package-lock.json";
  };

  inherit (importNpmLock) npmConfigHook;
}

This seems to get me a bit further, but then fails because it tries to download the ripgrep executable (as part of the postinstall script for @vscode/ripgrep).

I guess the next step is to look into disabling that download and using a nix-built ripgrep instead but I have to stop for now.

arnaud-bourree · February 24, 2026, 6:32pm

Thanks @toxaris

I love way you improve code, I’m still newbie.
I investigated on ‘@vscode/ripgrep’ dependency and I update this way:

{ fetchFromGitHub, buildNpmPackage, importNpmLock, writeTextFile, ripgrep, lib }:

let
  pname = "cline";
  version = "2.4.2";
  npmWorkspace = "cli";

  src = fetchFromGitHub {
    owner = pname;
    repo = pname;
    rev = "v${version}-cli";
    sha256 = "sha256-VzJ3qg1joOTBlPIB73eSeHyIbMdbcDiOnF4yoQ2ezXk=";
  };
in

buildNpmPackage {
  inherit pname version src npmWorkspace;

  npmDeps = importNpmLock {
    inherit pname version;
    npmRoot = src;
    package = lib.importJSON "${src}/${npmWorkspace}/package.json";
    packageLock = lib.importJSON "${src}/package-lock.json";
    packageSourceOverrides = {
      "node_modules/@vscode/ripgrep" =
      let
        pname = "vscode-ripgrep";
        version = "1.17.0";
        src = fetchFromGitHub {
          owner = "microsoft";
          repo = pname;
          rev = "v${version}";
          sha256 = "sha256-s2Y21E0yZ2XYE8gpG79hx6S+JjdxB7HNUvhU3nI2q6M=";
        };
        postinstallScript = writeTextFile {
          name = "postinstall.js";
          text = ''
            const fs = require('fs');
            const path = require('path');

            if (!fs.existsSync('./bin')) {
              fs.mkdirSync('./bin');
            }

            const target = '${ripgrep}/bin/rg';
            const linkPath = './bin/rg';

            if (!fs.existsSync(linkPath)) {
              fs.symlinkSync(target, linkPath, 'file');
            }
          '';
          destination = "/lib/postinstall.js";
        };
      in
      buildNpmPackage {
        inherit pname version src;
        npmDepsHash = "sha256-/YYo8JlxBe/INWsp3LmzRHfFRlc6D6Wu/Cv+n7RX77E=";
        postUnpack = ''
          cp -r ${postinstallScript}/* ./source/
        '';
        dontNpmBuild = true;
      };
    };
  };
  inherit (importNpmLock) npmConfigHook;

  meta = with lib; {
    description = "command line cline";
    homepage = "https://github.com/cline/cline";
    license = licenses.asl20; # Apache 2.0
    maintainers = with maintainers; [ ];
  };
}

It isn’t perfect, but it does the job: using Nix-built ripgrep.

But that is not enough, it looks like dependencies from root package.json are required for cline cli.
I will continue investigations.

arnaud-bourree · February 25, 2026, 7:56am

I found in root ‘package.json’ there is “cli:build” script entry.
I remove npmWorkspace and update this way:

{ fetchFromGitHub, buildNpmPackage, importNpmLock, writeTextFile, ripgrep, lib }:

let
  pname = "cline";
  version = "2.4.2";
  npmWorkspace = "cli";

  src = fetchFromGitHub {
    owner = pname;
    repo = pname;
    rev = "v${version}-cli";
    sha256 = "sha256-VzJ3qg1joOTBlPIB73eSeHyIbMdbcDiOnF4yoQ2ezXk=";
  };
in

buildNpmPackage {
  inherit pname version src ;

  npmDeps = importNpmLock {
    inherit pname version;
    npmRoot = src;
    package = lib.importJSON "${src}/package.json";
    packageLock = lib.importJSON "${src}/package-lock.json";
    packageSourceOverrides = {
      "node_modules/@vscode/ripgrep" =
      let
        pname = "vscode-ripgrep";
        version = "1.17.0";
        src = fetchFromGitHub {
          owner = "microsoft";
          repo = pname;
          rev = "v${version}";
          sha256 = "sha256-s2Y21E0yZ2XYE8gpG79hx6S+JjdxB7HNUvhU3nI2q6M=";
        };
        postinstallScript = writeTextFile {
          name = "postinstall.js";
          text = ''
            const fs = require('fs');
            const path = require('path');

            if (!fs.existsSync('./bin')) {
              fs.mkdirSync('./bin');
            }

            const target = '${ripgrep}/bin/rg';
            const linkPath = './bin/rg';

            if (!fs.existsSync(linkPath)) {
              fs.symlinkSync(target, linkPath, 'file');
            }
          '';
          destination = "/lib/postinstall.js";
        };
      in
      buildNpmPackage {
        inherit pname version src;
        npmDepsHash = "sha256-/YYo8JlxBe/INWsp3LmzRHfFRlc6D6Wu/Cv+n7RX77E=";
        postUnpack = ''
          cp -r ${postinstallScript}/* ./source/
        '';
        dontNpmBuild = true;
      };
    };
  };
  inherit (importNpmLock) npmConfigHook;
  npmBuild = "cli:build";

  meta = with lib; {
    description = "command line cline";
    homepage = "https://github.com/cline/cline";
    license = licenses.asl20; # Apache 2.0
    maintainers = with maintainers; [ ];
  };
}

Now it’s failed for dotenv npm on

failed: cache mode is ‘only-if-cached’ but no cached response is available.