|
|
|
|
|
|
by hauleth
2604 days ago
|
|
|
1. Each package in Nixpkgs repo has assigned maintainer mentioned in source.
2. Nothing prevents you from using your own repo/hosting solution for Nix channel.
3. Writing or overwriting packages in Nix is dumb easy, so I do not see a problem here as well. I started using Nix exclusively on macOS and I couldn't be happier. The best part IMHO is the fact that I can easily test different packages without permanently changing my system and dealing with clutter left by these. So in general, this is less of the problem that you think it is, especially as you clone that repo locally, so you do not hit GH/Savannah on each installation. |
|
|
Nix takes security very seriously. See e.g. [1]. Plus, a distribution that defines packages declaratively and makes things so reproducible is the ultimate tool to avoid many security issues.
[1] https://github.com/flyingcircusio/vulnix