[Nix-dev] Why having releases if you break things in it often

Sat Feb 11 03:08:21 CET 2017

Hey, I'd suggest for you to not use channels. I don't. Pin your nixpkgs to
a commit hash. And upgrade when you want to/need to. This should be the
recommended way IMHO.
On 11/02/2017 10:07 AM, "Stefan Huchler" <stefan.huchler at mail.de> wrote:

> Hello,
>
> I start to get frustrated again, the documentation of nixos is not very
> good if you do more than just the most basic stuff.
>
> So you kind of are if you are not a full-time nixos developer dependend
> of help from the developers.
>
> So I wrote here about the bug, then I startet a bugreport:
>
> https://github.com/NixOS/nixpkgs/issues/22246
>
> Nothing happens at all. Well nobody else does anything about lets try to
> find a workaround.
>
> I dont even care anymore if it is a imperative solution or anything, its
> just absolutly inaccaptable that there not even any workaround.
>
> I may have a different bug now after maybe installing a different
> version (unstable) of flexget, now its with beautifulsoup.
>
> nix-env  -f
> https://github.com/NixOS/nixpkgs-channels/archive/nixos-unstable.tar.gz
> -i  python2.7-FlexGet-1.2.337
>
> I did that. Now I get the next error, how can that be such a big big bug
> in every channels and completly broken and no real solution there, if a
> change messes up such huge stuff cant you revert it?
>
> in other distros I would use just python-pip and it would work, now you
> took the challenge on you to manage that, but if that leads to MORE
> problems then pip already has, it really sucks.
>
> I still dont get how you can brake working things just cause of some minor
> security problems.
>
> And of course some bad things happen, but at least give either a fast
> fix or as alternative any workaround.
>
> There are 85 mio nix* commands/options and config files, I am not a
> full-time
> nixos developer, I dont understand all of that many different ways you
> can do stuff.
>
> So any help would be nice. I am a technicaly shurly keen guy, but I cant
> reboot daily my machine for months, cause nobody of you experts can
> invest 5-15 mins to fix that.
>
> Sorry for whining but I am not used to me throwing brain and time after
> something x times and nothing advances at all.
>
> I dont want to be a 100% full time nixos developer / sysadmin just to
> solve such stupid problem. Except somebody would pay me for that, then I
> would think about it.
>
> I guess its maybe a rare case that you have 2 versions that both dont
> work 100%, so I cant just use a older version and wait months till you
> fix that problem finaly. But even than it would suck cause I cant really
> test new configurations in taht case.
>
> I would try to learn nixos better, but the documentation is horrible. I
> had 0 problems using, ubuntu / fedora / debian / archlinux / gentoo, but
> the doku of nixos is horrible.
>
> Heck if I want to know a package name I have to search on github for
> package names and options.
>
> So
> 1. bug reports dont work...
> 2. RTFM cant be done because the doku is horrible
> 3. mailing list seem to not work either?
>
> Is that really what I have to expect?
>
> Sorry for ranting here, I stopp now, but maybe some of that feedback
> helps you to improve something, and maybe somebody could give me some
> config lines or nix-env commands that gets flexget running again.
>
> Graham Christensen <graham at grahamc.com> writes:
>
> > I'm very sorry you've had a bad experience with breakage on stable. :( I
> > use 16.09 myself.
> >
> >>> yes I think that html5lib thing would it be. So it was at least a
> >>> security fix, so you dont just update stuff to update it, which would
> >>> make releases pretty useless concept :)
> >
> > Roughly, this is why backports happen:
> >
> >  - Security patches which aren't major updates
> >  - If a security patch is a major upgrade, try and find patches to our
> >    current version which accomplish the same goal. Apply the major
> >    update to master, and the patches to stable.
> >  - Bug fixes to applications which, again, aren't major updates.
> >    Generally be cautious about these.
> >  - Any updates when the current stable version is utterly broken. A key
> >    example of this is Spotify, who regularly breaks their old versions.
> >  - Extremely security-sensitive software, in particular Chrome,
> >    Chromium, Firefox, Thunderbird, and of course the kernel.
> >
> >>> Sorry I formulated that message a bit trollish, but just wanted to
> learn
> >>> why how releases are done in nixos.
> >
> > Please know that Freddy, Franz, Robin, Domen, myself, and the rest of
> > the people contributing to NixOS work very hard to keep the stable
> > version of NixOS working nicely. This is very important to us.
> >
> > It can be very stressful when preparing to backport changes, but it is
> > important to do them anyway. I try to think through impact and run tests
> > across a wide range of software to see what will break. We also try not
> > to backport any substantial changes, but instead smaller patches to
> > prevent breakage.
> >
> > When you do find breakage, please do promptly open an issue on send a
> > report on the mailing list so we can address the problem and perhaps add
> > testing to prevent it in the future. We're also quite accessible on the
> > #nixos IRC channel on Freenode.
> >
> > If you would like to take part in the process of identifying and solving
> > security problems on master and backporting to stable, we sure would
> > love the extra help -- feel free to comment on
> > https://github.com/NixOS/nixpkgs/issues/21967 and I'll tag you on
> > Wednesday when I open the next roundup.
> >
> > Best,
> > Graham Christensen
>
> _______________________________________________
> nix-dev mailing list
> nix-dev at lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.science.uu.nl/pipermail/nix-dev/attachments/20170211/517fed68/attachment.html>