AdrianoFeb 17, 2025
hexa-

If you're using #devenv for your projects, please note that the new `generate` command in 1.4.0 uses your repository content.

It tars up all files it can find through `git ls-files -z`³ and exfiltrates them to the service.

It handles `DO_NOT_TRACK=`¹ by sending that intent along² as a query string, so now you need to trust the service to not keep data.

🧵 1/n

[1] https://github.com/cachix/devenv/blob/6c987a8795eedea872afe4d1c1ac518d0c7f6db1/devenv/src/cli.rs#L202-L204
[2] https://github.com/cachix/devenv/blob/6c987a8795eedea872afe4d1c1ac518d0c7f6db1/devenv/src/devenv.rs#L212-L214
[3] https://github.com/cachix/devenv/blob/6c987a8795eedea872afe4d1c1ac518d0c7f6db1/devenv/src/devenv.rs#L226-L257

devenv/devenv/src/cli.rs at 6c987a8795eedea872afe4d1c1ac518d0c7f6db1 · cachix/devenv

Fast, Declarative, Reproducible, and Composable Developer Environments - cachix/devenv

GitHub
Feb 15, 2025 at 5:25pmWeb
Show threadhexa-Feb 15, 2025

The #devenv CLI does not do informed consent and neither `devenv.sh` nor `devenv.new` have a privacy policy or will tell you who runs the service and who it shares its data with.

In #nixpkgs the package was bumped to 1.4.0 after which a contributor immediately sent a follow-up PR¹ to enable `DO_NOT_TRACK=1` when wrapping the devenv binary.

This was promptly reverted² by the author of devenv.

🧵2/n

[1] https://github.com/NixOS/nixpkgs/pull/381817
[2] https://github.com/NixOS/nixpkgs/pull/381981

devenv: disable telemetry by default by kampka · Pull Request #381817 · NixOS/nixpkgs

Packages and modules in nixpkgs have a proven history of disabling / opting out of telemetry on behalf of their users. I believe it's reasonable to assume the same would be expected from the de...

GitHub
Show threadhexa-Feb 15, 2025

Unfortunately #nixpkgs is not well-equipped to resolve this conflict. There is no explicit policy and common sense seems not to be equally distributed.

Ultimately this is a governance issue for #NixOS where the steering committee would be in a great position to limit the scope of what is acceptable behaviour.

In fact, if you have an opinion on the matter, please reach out to any steering committee representative and tell them:

https://github.com/NixOS/org/blob/main/doc/governance.md

🧵3/n

org/doc/governance.md at main · NixOS/org

Organisational documentation. Contribute to NixOS/org development by creating an account on GitHub.

GitHub
Show threadhexa-Feb 15, 2025

The backing service is https://devenv.new, that creates the scaffolding from a prompt. That seemed pretty innocent in comparison.

But the documentation for the executable clearly states "based on your existing git source code"¹, so the behaviour is to be expected.

What is not to be expected is the lack of a privacy policy and informed consent. Your repository content is for example being passed on to Google Gemini.

🧵 4/n

[1] https://devenv.sh/blog/2025/02/13/devenv-14-generating-nix-developer-environments-using-ai/

Generate developer environments

Show threadhansenerdFeb 17, 2025
@hexa i noticed the PR discussion but… they upload your repo? Wow that's bad. Had no idea. Instant breach of contract had I used it on client's code 😳
Show threadSofie 🏳️‍🌈Feb 15, 2025
@hexa Do you mean in a packaging sense, or like a denouncement of action created by the NixOS organization?
Show threadhexa-Feb 15, 2025

@soupglasses Nixpkgs can control what it allows to be redistributed and what modifications are applied to it.

It is also in power of controlling who exerts power.

But these are really just examples, and I'm sure you have your own gripes that don't overlap with mine.

Show threadckFeb 15, 2025

@hexa @soupglasses There is a discussion around that on discourse if you're interested

https://discourse.nixos.org/t/should-commercial-actors-ship-telemetry-in-nixpkgs/60279

Personally, I find the situation quite bizarre, it kind of completely conflicts with my believe on how a FOSS space should function.

#nix #nixos

Should commercial actors ship telemetry in nixpkgs?

I’m not sure where to put this, so I’ll put it here. The events around devenv 1.4 sending telemetry by default to train their AI model has demonstrated (at least for me) that we need some clarification on the leeway that commercial actors should have on nixpkgs and it’s ecosystem. My personal opinion is that nixpkgs is a community project. Commercial actors are of course welcome to contribute and maintain their own packages, but the wishes and needs of the community should always have precede...

NixOS Discourse
Show threadSofie 🏳️‍🌈Feb 15, 2025

@ck @hexa Okay okay okay. I think this is very important to pull forward.

> The events around devenv 1.4 sending telemetry by default to train their AI model

This is beyond fucked up. Holy shit.

Show threadAsta [AMP]Feb 15, 2025
@soupglasses @ck @hexa Given that nix governance has largely been taken control of by outright bigots working for war profiteers (Jon Ringer, who threw a hissy fit so intense over DEI in the community he was banned... then somehow this was all reverted and he gained even more control?) this lack of ability to push back on telemetry is hardly surprising, unfortunately.

This "we should take no actions" stance is rather consistent with the kind of decisions and actions that resulted in the lix fork.

(this is also another huge mistake on their part; under no circumstances should that guy have force pushed telemetry, nor should he have been allowed to re-enable it by default).
Show threadSofie 🏳️‍🌈Feb 15, 2025

@hexa Sorry. I just read it over again.

Didn't realize it was nixpkgs we were talking about in the 2nd post. Don't know how I missed it 😅

Show threadAlexander Sosedkin Feb 15, 2025
@hexa "warning" doesn't do it justice. the only adequate next steps are commit privilege revocation and marking the package insecure
Show threadApril (@39c3) The Pink ⋆☾╶⃝⃤☽⋆ [AS208709]Feb 15, 2025
@hexa what? Can u explain it to me like im 3 and like i didnt just convince my colleagues that devenv is cool and we should start adding it to our private repos?
Show threadhexa-Feb 15, 2025

@april

April, please be careful with the generate command.

April, don't publish your private information to the internet.

April, be wary when the privacy policy does not exist or is "trust me, bro".

Show threadApril (@39c3) The Pink ⋆☾╶⃝⃤☽⋆ [AS208709]Feb 15, 2025
@hexa thx🥺
Show threadMOVED TO @[email protected]Feb 15, 2025
@hexa i dont know what's more insane, how they added that completely silently or the way it works
Show threadMarcusFeb 15, 2025
@hexa only if you use the generate command to ask an ai to make your devenv file for you tho. It’s kinda similar to how you send your context to copilot for better results in my mind.
Show threadJake HamiltonFeb 15, 2025
@marcus @hexa I don't think most users would equate running "make me a python dev environment config" with "upload all of my proprietary code to this service."
Show threadvascorsdFeb 15, 2025

@jakehamilton @marcus @hexa it seems that's what all AI out there that is not locally run does. It seems all businesses are now ok with that. Contrary to the initial questions about it that were raised at the beginning of if the ai apocalipse.

Copyright stopped mattering it seems. Time to pirate all proprietary software like they did to all open source.

Show threadJan CigerFeb 16, 2025

@vascorsd @jakehamilton @marcus @hexa

"All businesses are now okay with that" - only if it does not concern *THEIR* data and *THEIR* code. Then it is a no-go and you are going to be marched out of the door by security and the local compliance officer if you introduce something like this.

Sorry mate, but that's utter BS what you are saying there.

Show threadJost  🔥Feb 15, 2025
@hexa damn, I even approved the 1.3 -> 1.4 PR as I just tested my usual workflow. Wouldn't have thought about that and didn't notice, I am deeply sorry now
Show threadhexa-Feb 15, 2025

@alemann Goes to show what great care must be taken on version upgrades.

Obviously https://github.com/cachix/devenv/releases/tag/v1.4 does not exactly scream telemetry (or data exfiltration) at you and only a code review would have dug this up.

Release v1.4 · cachix/devenv

What's Changed Set GOTOOLCHAIN=local for languages.go by @mmlb in #1541 Add Typst language support by @ddogfoodd in #1546 feat(meilisearch): Add package option by @Alexnortung in #1547 docs: fix r...

GitHub
Show threadckFeb 15, 2025
@hexa @alemann Honestly, this is my main worry when I see people suggest we need more automation with handling #nixpkgs package updates and pull requests. Things like this will happen more often the more we go down that road.
Show threadEmber is so tired of people. Feb 16, 2025
@hexa @alemann malware-behavior tbh
Show threadwaldiFeb 15, 2025
@hexa Software is not in #Debian, good.
Show threadSteven ReedFeb 15, 2025
@hexa so I guess nixpkgs.config now needs a way to block software from a particular upstream, similar to blocklistedLicenses? :(
Show threadSteven ReedFeb 15, 2025
@hexa
packageOverrides = pkgs: {
devenv = pkgs.emptyDirectory;
};
Show threadErin 💽✨Feb 15, 2025
@hexa re 2: I wouldn't say it's sending it along with the telemetry. It's sending the data to the server for a legitimate purpose (i.e. to access a server side implementation of this feature). The issue is the lack of disclosure of the fact that this involves talking to a third party server.

If "devenv generate" told you that this involved talking to a server they run, told you what information would be sent, and asked your consent first, this would be fine. It would also be an ideal moment to ask if telemetry could be enabled. The fundamental problem is that it never informs you or asks.
Show threadJoshixFeb 15, 2025

@hexa i mean it seems to be an ai-as-a-service command. The files aren't only for telemetry. They are used to provide this (stupid) service. If the command was documented properly and it told people that it just uploads your files to some service, it would be fine. I wouldn't use it, but it's not different to Copilot and other ai crap using APIs.

The only way to handle telemetry with this is to send the opt out info to the server. They than could respect that on their server and not collect telemetry.

The pr that added the telemetry option: https://github.com/cachix/devenv/pull/1700

`devenv generate` by domenkozar · Pull Request #1700 · cachix/devenv

GitHub
Show threadre:fi.64 Feb 15, 2025
@hexa
So this is still kinda awful, but this seems to specifically be for the "devenv generate" command whose description *explicitly* states it's to generate a new project using "AI". For any current users, this wouldn't affect the workflow (it's a separate command from the usual new-project one), and the nature of the command would already imply it's talking to an external server.
Show threadckFeb 15, 2025
@hexa Are you guys going to issue an official security advisory on this that we can link to?
Show threadnotaFeb 15, 2025

@hexa funny, when it's about *his* stuff he suddenly cares about "permission" and "consent" :)

also this is all *extremely* gdpr uncompliant, even the apparent lack of a privacy policy for cachix in general

Show threadApril (@39c3) The Pink ⋆☾╶⃝⃤☽⋆ [AS208709]Feb 15, 2025
@nota @hexa awa
Show threadCyborusFeb 15, 2025
@hexa that has to be a crime, right? that's gotta be considered like unauthorized exfiltration or something idk
Show threadChristmas TreeFeb 16, 2025

@hexa looks like it was reverted?

https://github.com/cachix/devenv/issues/1733#issuecomment-2661242939

Urgent Request: Add a safeguard for `devenv generate` to avoid package ban-list in corporate environments. · Issue #1733 · cachix/devenv

The majority of software companies have very strict regulations on AI, specifically banning any application that could potentially send any information about their code anywhere external. I'm reque...

GitHub
Show threadirth  Feb 16, 2025
@hexa what's included in the telemetry?