Jacek ΓαλοwιcζApr 24

Working on the @nixos_org test driver at #OceanSprint this week has been great. A few notable improvements for your test suites:

SSH Backdoors: Migrated to vhost-device-vsock. No more CID conflicts or extra sandbox paths needed.

Fail-Fast: qemu.forceAccel lets you force KVM/HVF and fail immediately if it’s unavailable.

Log Hygiene: The driver now uses proper log levels instead of just dumping everything to stdout.

Check out the full list of PRs here: https://applicative.systems/nixos-test-driver-manual/changelog/

#NixOS #Nix

Paul MeyerApr 18

The Nix sandbox aims to provide a pure environment by isolating the build environment from the rest of the system. However, some impurities can still affect builds inside the sandbox and lead to reproducibility issues. One of them is the filesystem.

A common example is builds that implicitly depend on inode numbering or directory entry ordering. In some cases, you might even run into a filesystem bug: a build succeeds on one machine, but fails on another with a different filesystem.

To debug these issues, you can now use nix-buildon. It lets you swap out the filesystem underneath the Nix sandbox. By running the sandbox on disorderfs, you can get a deterministic, sorted, or reverse-sorted view of directory entries. This makes it easy to check whether a build depends on filesystem behavior that should not matter in the first place.

https://github.com/katexochen/nix-buildon

I created this at #OceanSprint. 🌊

#Nix #NixOS #ReproducibleBuilds

GitHub - katexochen/nix-buildon: Discover filesystem-based reproducibility issues by running the Nix sandbox on different filesystems

Discover filesystem-based reproducibility issues by running the Nix sandbox on different filesystems - katexochen/nix-buildon

GitHub
Else, SomeoneSep 11, 2025
Instead of Condorcet and the SC, make #ThaigerSprint / #OceanSprint last three months and vote for elimination every half week. Other #Survivor rules apply as is. The Sole Survivor becomes #NixOS BDFL but for two years rather than FL.
Benedikt Ritter (he/him)Apr 1, 2025

Just published my blog post about #OceanSprint 2025 🌋🌴

A week full of code, sun, surf, and collaboration in Lanzarote.
From deep NixOS hacking to volcano hikes and weird keyboards—this was a special one.

💙 Huge thanks to the community, organizers & sponsors!

👉 https://britter.dev/blog/2025/04/01/oceansprint-2025/

#NixOS #OpenSource #Reproducibility #Community #Hackathon

OceanSprint 2025: Code, Community, and the Canary Islands

A sunny sprint of code and community in Lanzarote. OceanSprint 2025 brought together Nix enthusiasts for a week of collaboration, exploration, and connection—fueled by shared purpose and amazing sponsors.

Show threadPaul MeyerMar 22, 2025

I had a super nice time on Lanzarote. Big thanks to the sponsors: [email protected] @nixos_org @cyberus @flox @cachix and rest!

You can read the full report of #OceanSprint here: https://oceansprint.org/reports/2025/

#Nix #NixOS #Hackathon #OpenSource

OceanSprint 2025 - oceansprint.org

A week of Nix hacking near the ocean

Paul MeyerMar 22, 2025

#OceanSprint 2025 is over, it was an great experience!

I mostly worked on gobuild.nix, a next-generation builder for Go in nixpkgs. gobuild.nix removes vendoring for Go packages in nixpkgs, modeling the full dependency graph in Nix. Each module dependency will be its own derivation, including build cache on a module level.

During the sprint, I moved gobuild.nix from linking dependency source into a vendor directory to providing a local directory that can be used as GOPROXY. This is both more versatile and simple.

Together with @britter I started implementing a code generation tool that will help to package the large number of packages that will be part of the Go dependencies package set. The tool generates the Nix code for these packages, including the FOD hashes.

#Nix #nixpkgs #golang #vendoring

GitHub - katexochen/gobuild.nix: Experiment in new Go builders for Nix (not a go2nix tool)

Experiment in new Go builders for Nix (not a go2nix tool) - katexochen/gobuild.nix

GitHub
Benedikt Ritter (he/him)Mar 21, 2025

🌊💻 OceanSprint 2025 – Day 5 🚀

And just like that, it’s a wrap! Huge thanks to our amazing sponsors who made this unforgettable experience possible: @numtide, Mercury, Secunet, Clan.lol, Shopify, @nixos_org Nixcademy, @cyberus, @flox FlyingCircus.io, Supercede, @cachix and Pareto Security.

Your support enabled the venue, meals, surf lessons, winery visits, and more. Thank you for backing the NixOS community! 💙

#NixOS #OpenSource #OceanSprint #Sponsors

Benedikt Ritter (he/him)Mar 20, 2025

🌋💻 OceanSprint 2025 – Day 4 🚀

We made great progress today! Fixes to the apache-airflow package, improvements to Snix and integration test support in nixpkgs, and a blog post on preventing the XZ backdoor.

Big strides in supply chain security too: packaged SPIFFE for secure identity, and improved SBOM support via Laut, integrating it with Lila to track build provenance.

Plus, we hiked up a volcano for epic views and enjoyed traditional paella! 🍽️

#NixOS #OpenSource #OceanSprint

Benedikt Ritter (he/him)Mar 20, 2025

🌊💻 OceanSprint 2025 – Day 3 💻🌊

The most amazing part of this sprint isn't just the hacking or excursions (surfing at Famara Beach and winery visits were awesome!). It’s the sense of community. Despite recent drama around forks (Nix, Lix, Tvix/Snix), I've seen firsthand how people come together here—sharing ideas, having respectful discussions, and moving the ecosystem forward. The space is big enough for everyone, and that’s what makes it special.

#NixOS #Community #OpenSource #OceanSprint

Benedikt Ritter (he/him)Mar 18, 2025

🌊💻 OceanSprint 2025 – Day 2! 🚀

We're hacking on exciting projects like NixOS config diffing, Tvix/Snix, interpreterless initrd, and better Go support in nixpkgs. But it's not all code—we're also enjoying BBQ, mountain biking, hiking, and surfing in beautiful Lanzarote!

Great code, great people, and great vibes. Can't wait to see what we build next!

#NixOS #OpenSource #Hackathon #OceanSprint