|
|
|
|
|
|
by mschwaig
507 days ago
|
|
|
I think its great that Julien and his coauthors actually show some evidence of Nix working at scale, to successfully rebuild the vast majority of things, and bit-by-bit reproduce a significant portion.
Lots of people have been working on that inside nixpkgs for a long time, alongside similar reproducible builds efforts in other distros. For me it's also an opportunity to plug my own recent work about what 'trust' actually means in these systems, with the result that we can plug some holes and get to a stricter and more useful definition in future versions of tools like Nix (especially when builds are bit-by-bit reproducible):
https://dl.acm.org/doi/10.1145/3689944.3696169 |
|
|