Tweag+Nix dev update #46

Hey everyone!

Previously in Tweag :eyes:

Making Nix solve people’s problems :wrench::toolbox:

Documentation :books:

Python bindings

Thanks to some funding from Antithesis, @infinisil started working a few weeks ago on providing python bindings to Nix. @yorickvp recently joined the effort, bringing in his deeper knowledge of the internals of Nix.

Making Nix work reliably everywhere :penguin::apple::window:

Making Nix ubiquitous :rocket:

Blog posts and media :newspaper:

  • @djacu is working on the next “What’s new in Nix” video


  • @arsleust organized a Nix meetup in the Paris Tweag office gathering some twenty passionate Nixers from all around Europe

Community organization


  • The team worked on adding missing stuff to the stdlib, as well as making a pass on the documentation (#1195, #1196, #1203)
  • @vkleen is adding right now this documentation on the website (in progress)
  • @vkleen found a non-trivial interaction between lazy contracts, recursive fields and record mapping. We worked to try to find a (semantically) clean solution, which he implemented (#1194)
  • @yannham opened an issue about merging arrays not being idempotent, and started preliminary work to fix it (#1203, #1211, #1213)
  • @yannham started to improve the implementation of the type checker again, in particular to follow the bidirectional type checking discipline more closely (part 1: #1193)
  • @ebresafegaga fixed a bug in the LSP when an import failed to type check (#1191)
  • @ebresafegaga worked on an emacs mode for Nickel
  • @matthew-healy continued to update string functions to use Unicode grapheme clusters as the atomic unit (#1200)
  • @dpl0a and @yannham continued to work on incremental evaluation, focusing on merging for now. It’s almost there, but they are hunting the last train of bugs.

:computer: may Nix become more visible :v:


It would also be really nice to be able to generate a SBOM for a specific derivation (not sure if it would be possible). This would allow us to provide a SBOM for nix2container built images in order to make CVE analyzers working on nix2container images as reported in this nix2container issue.


I plan to make the SBOM generation from a nix expression, so let’s say a flake with its fixed inputs, so if you build your software with nix build, and then generate its SBOM (or in the other way), you will have a SBOM that match your derivation.


Very exciting & interesting on the SBOM generation, have you seen GitHub - nikstur/bombon: Nix CycloneDX Software Bills of Materials (SBOMs) (from @nikstur) on the subject? Last time we discussed, he was interested into expanding Bombon, and we discussed some stuff in RFC: introduce a patches file in <pkg>/nix-support/ by AmineChikhaoui · Pull Request #61974 · NixOS/nixpkgs · GitHub.


In case you have not seen this, here’s a link to a tool we wrote recently that relates to this same topic: GitHub - tiiuae/sbomnix: A suite of utilities to help with software supply chain challenges on nix targets. That repository also includes a number of other related tools or PoCs, such as:


syft also just merged a cataloger for nix, it appears with help from flokli: Add Nix cataloger by wagoodman · Pull Request #1696 · anchore/syft · GitHub


How has development on Genealogos been progressing? The NLNet page doesn’t have a link to any source.

1 Like

Let me ping @Arsleust :smiley:

Hopefully we should be able to make progress early 2024 :slight_smile:

1 Like