harryprayiv23h ago

I adore #Haskell and #Purescript and I’m very tired of using the brilliant but utterly BRITTLE #bash in the context of #Nix and #nixos infrastructure. Bash isn’t lazy, it’s not purely functional, and it commits the sin of “everything is a string”!

So, I forked a REALLY cool scripting language called #HellLanguage and added Nix-specific functionality to fully replace bash. #nixhell

I’ve already gotten quite far to the point that it is usable.

Current progress here:
https://github.com/harryprayiv/nix-hell/tree/phase2

GitHub - harryprayiv/nix-hell at phase2

Haskell-based shell scripting language (extended to work as an alternative nix scripting language) - harryprayiv/nix-hell

GitHub
Show threadharryprayiv

As I ponder the benefits of a system built using nix-hell instead of bashisms, I’m optimistic I might have a reliable way to encapsulate secrets in my Nix CI without them leaking due to potential bashisms.

I’m fooling myself, because in the end, Nix-Hell does allow me to call executables; keep thinking about that recent hack involving workflow CI.

Dev used a completion plugin and that completion plugin had a malware that was able to obtain secrets and send them off. ::shudders::

2:06amMastodon for iOS