pith. machine review for the scientific record. sign in

arxiv: 2604.11398 · v1 · submitted 2026-04-13 · 💻 cs.SE · cs.ET

Recognition: 2 theorem links

· Lean Theorem

Nix: A Solution With Problems

Matias Zwinger
Authors on Pith no claims yet

Pith reviewed 2026-05-10 16:12 UTC · model grok-4.3

classification 💻 cs.SE cs.ET
keywords Nixpackage managementsoftware deploymentreproducibilitydependency resolutionbuild systemsfunctional programmingconfiguration management
0
0 comments X

The pith

Nix's purely functional package management solves reproducibility and dependency issues but introduces new problems and leaves trust and incremental builds unresolved.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

The paper examines longstanding problems in software deployment across build systems, package managers, configuration management, and development environments, using popular tools as case studies to show issues like irreproducibility and failed dependency resolution. It then presents Nix as the first large-scale implementation of a purely functional approach that treats builds as deterministic functions of their inputs, successfully addressing several of those problems. The review concludes by cataloging novel issues that Nix itself creates, along with persistent unsolved ones such as establishing trust and supporting granular incremental builds, and it surveys community proposals to set directions for future work.

Core claim

Nix is the first large project to utilize the purely functional approach to package management, solving some deployment problems but introducing novel issues and failing to solve others such as trust and granular incremental builds.

What carries the argument

The purely functional approach to package management, which models builds and dependencies as pure functions to guarantee reproducibility and consistent resolution.

If this is right

  • Research on Nix must prioritize mechanisms for establishing trust in package derivations and sources.
  • New techniques are required to achieve granular incremental builds without sacrificing the reproducibility guarantees of the functional model.
  • Community-proposed solutions for remaining problems need systematic evaluation against the issues identified in the review.
  • Developers adopting Nix should account for its introduced complexities when planning deployment pipelines.

Where Pith is reading between the lines

These are editorial extensions of the paper, not claims the author makes directly.

  • Purely functional models in deployment may trade off flexibility for determinism, suggesting similar trade-offs could appear if the approach spreads to configuration management or development environments.
  • The review's structure implies that future tools might combine functional purity with selective mutability to address incremental-build gaps.
  • Persistent trust problems indicate that purely functional package management alone does not solve the broader supply-chain security challenges faced by all deployment categories.

Load-bearing premise

The literature review comprehensively and accurately captures the state of research on Nix and the problems in the four categories of deployment tools without selection bias or incomplete coverage of community proposals.

What would settle it

A follow-up survey or empirical study that demonstrates Nix introduces no novel problems and that existing community proposals fully resolve trust and granular incremental build issues would falsify the central analysis.

Figures

Figures reproduced from arXiv: 2604.11398 by Matias Zwinger.

Figure 1
Figure 1. Figure 1: Conflicting dependencies. Arrows denote dependency relations, numbers [PITH_FULL_IMAGE:figures/full_fig_p010_1.png] view at source ↗
Figure 2
Figure 2. Figure 2: Diamond dependency relation. Arrows denote dependency relations. Numbers [PITH_FULL_IMAGE:figures/full_fig_p011_2.png] view at source ↗
Figure 3
Figure 3. Figure 3: Snix is a rewrite of NixCPP, often cited as solving many issues faced by Nix. [PITH_FULL_IMAGE:figures/full_fig_p022_3.png] view at source ↗
Figure 4
Figure 4. Figure 4: Equivalence class collision 26The final output path of the derivation can be accessed with the environment variable $out during the build process. 27While Dolstra’s thesis talks about a randomly generated hash, the NixCPP implementation actually uses a hash calculated over essentially the same string as IA paths, just with a different prefix: "nix￾upstream-output:" + drvHash + ":" + drvName + optionalOutpu… view at source ↗
Figure 5
Figure 5. Figure 5: Equivalence class collision resolution 4.2.3. Hash Rewriting Nix guarantees 𝑃suff, and 𝑃necc has been observed to not be violated in practice [1], so it can be assumed to apply. IA relies on 𝑃suff ∧ 𝑃necc, as an exhaustive list of runtime dependencies is needed to create the full closure of a derivation. If a runtime dependency is not found in the build artifacts, it will not be part of the resulting closu… view at source ↗
Figure 6
Figure 6. Figure 6: Nix package manager concept map from the Nix reference manual [PITH_FULL_IMAGE:figures/full_fig_p043_6.png] view at source ↗
read the original abstract

Software deployment suffers from numerous problems pertaining, for example, to reproducibility and dependency resolution. Many of these problems have been successfully solved by the purely functional approach to package management implemented in the Nix project. However, Nix does not solve all issues, and it does introduces some novel problems of its own. Therefore, the aim of this thesis is to conduct a literature review on the current state of research on Nix and to determine the direction of future research. The first part of this paper explores the problems historically faced in different areas of software deployment, e.g., irreproducibility and dependency resolution issues. The main four categories of software deployment tools analyzed are build systems, package managers, configuration management, and development environments. Popular software from each category serve as case studies to illustrate the problems. The second part introduces Nix and explains the methods utilized to solve some of the problems introduced in the earlier part. Because Nix is the first large project to utilize the purely functional approach, it is far from a perfect solution. Thus, the third part is dedicated to analyzing the new problems that Nix introduces, as well as old problems, which Nix has been unable to solve, such as trust and granular incremental builds. Furthermore, some proposed state of the art solutions put forth by the Nix community are discussed.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Referee Report

2 major / 3 minor

Summary. The manuscript is a three-part literature review on software deployment challenges. Part 1 surveys historical problems (e.g., irreproducibility, dependency resolution) via case studies in four tool categories: build systems, package managers, configuration management, and development environments. Part 2 presents Nix as the first large-scale purely functional package manager and explains how its approach resolves some of these issues. Part 3 examines problems Nix leaves unsolved (trust, granular incremental builds) or newly introduces, along with community-proposed solutions, to identify directions for future research.

Significance. If the literature synthesis is comprehensive and balanced, the review would usefully consolidate existing work on functional package management for the software engineering community, clarifying Nix's contributions and open challenges to guide reproducible deployment research. The standard review structure and focus on both solved and persistent issues provide a clear framing, though the absence of novel empirical contributions or machine-checked elements limits its impact relative to primary research.

major comments (2)
  1. [Part 2 / abstract] Part 3: The central positioning of Nix as 'the first large project to utilize the purely functional approach' (abstract and Part 2) requires explicit historical citations or a timeline of prior functional package management efforts to substantiate the novelty claim; without this, the framing of subsequent limitations and community solutions rests on an unverified premise.
  2. [Part 3] Part 3: Claims that Nix fails to solve trust and granular incremental builds, while introducing novel problems, must be tied to specific cited sources or community proposals with evidence of their current status; otherwise the determination of 'future research directions' lacks load-bearing support.
minor comments (3)
  1. [Abstract] Abstract: The phrase 'it does introduces some novel problems' is grammatically incorrect and should read 'it does introduce some novel problems'.
  2. [Overall structure] Overall: The manuscript would benefit from explicit section numbering (e.g., §1 for historical problems, §2 for Nix solutions, §3 for limitations) to match the three-part structure described in the abstract and improve navigability.
  3. [Part 1] Part 1: Case studies of popular tools in each category should include a brief justification for selection to address potential coverage gaps, even if only as a minor clarification.

Simulated Author's Rebuttal

2 responses · 0 unresolved

We thank the referee for the constructive feedback on our literature review. We address each major comment below and indicate the revisions we will make to address the concerns raised.

read point-by-point responses

  1. Referee: [Part 2 / abstract] Part 3: The central positioning of Nix as 'the first large project to utilize the purely functional approach' (abstract and Part 2) requires explicit historical citations or a timeline of prior functional package management efforts to substantiate the novelty claim; without this, the framing of subsequent limitations and community solutions rests on an unverified premise.

    Authors: We agree that the claim would be strengthened by explicit historical context. In the revised manuscript we will insert a concise timeline of prior functional package management efforts in Part 2, supported by citations to relevant earlier literature on functional approaches to build systems and package management. This addition will substantiate the novelty framing used in the abstract and Part 2 and thereby support the subsequent analysis of limitations in Part 3. revision: yes

  2. Referee: [Part 3] Part 3: Claims that Nix fails to solve trust and granular incremental builds, while introducing novel problems, must be tied to specific cited sources or community proposals with evidence of their current status; otherwise the determination of 'future research directions' lacks load-bearing support.

    Authors: We accept that the discussion of unsolved and newly introduced problems requires firmer anchoring in sources. We will revise Part 3 to attach each claim about trust, granular incremental builds, and other issues to specific cited papers, Nix community RFCs, GitHub issues, or documented proposals, together with a brief note on their current implementation status. These additions will provide the necessary load-bearing support for the future research directions identified. revision: yes

Circularity Check

0 steps flagged

No significant circularity

full rationale

This manuscript is a literature review thesis whose structure consists of historical problem enumeration across four tool categories, description of Nix's functional approach drawn from external sources, and discussion of remaining limitations plus community proposals. No original derivations, equations, fitted parameters, or predictions appear in the provided text. All central claims (Nix as first large-scale purely functional package manager, specific unsolved problems like trust and incremental builds) are presented as synthesis of cited literature rather than reductions to the paper's own inputs or self-citations. None of the six enumerated circularity patterns apply; the work is self-contained against external benchmarks.

Axiom & Free-Parameter Ledger

0 free parameters · 2 axioms · 0 invented entities

The central claim rests on standard domain assumptions about software deployment problems and the description of Nix's functional approach drawn from prior literature; no free parameters, new entities, or ad-hoc axioms are introduced beyond those implicit in any review.

axioms (2)
  • domain assumption Software deployment suffers from irreproducibility and dependency resolution issues across build systems, package managers, configuration management, and development environments
    Invoked in the first part of the paper as historical problems illustrated by case studies.
  • domain assumption Nix utilizes a purely functional approach to package management that solves some but not all deployment problems
    Stated in the second and third parts as the basis for analyzing solutions and remaining issues.

pith-pipeline@v0.9.0 · 5516 in / 1392 out tokens · 66746 ms · 2026-05-10T16:12:59.150485+00:00 · methodology

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Lean theorems connected to this paper

Citations machine-checked in the Pith Canon. Every link opens the source theorem in the public Lean library.

What do these tags mean?
matches
The paper's claim is directly supported by a theorem in the formal canon.
supports
The theorem supports part of the paper's argument, but the paper may add assumptions or extra steps.
extends
The paper goes beyond the formal theorem; the theorem is a base layer rather than the whole result.
uses
The paper appears to rely on the theorem as machinery.
contradicts
The paper's claim conflicts with a theorem or certificate in the canon.
unclear
Pith found a possible connection, but the passage is too broad, indirect, or ambiguous to say the theorem truly supports the claim.

Reference graph

Works this paper leans on

80 extracted references · 11 canonical work pages · 1 internal anchor

  1. [1]

    The Purely Functional Software Deployment Model,

    E. Dolstra, “The Purely Functional Software Deployment Model,” 2006

    2006

  2. [2]

    Make - A Program for Maintaining Computer Programs

    S. I. Feldman, “Make - A Program for Maintaining Computer Programs.” 1979

    1979

  3. [3]

    Build systems a la carte,

    A. Mokhov, N. Mitchell, and S. Peyton Jones, “Build systems a la carte,” in Proc International Conference on Functional Programming (ICFP'18), Sept. 2018

    2018

  4. [4]

    Correct, Efficient, and Tailored: The Future of Build Systems,

    G. Maudoux and K. Mens, “Correct, Efficient, and Tailored: The Future of Build Systems,” IEEE Software, vol. 35, no. 2, pp. 32–37, 2018, doi: 10.1109/ MS.2018.111095025

    work page arXiv 2018

  5. [5]

    Reproducible research: a minority opinion,

    C. Drummond, “Reproducible research: a minority opinion,” Journal of Experi- mental & Theoretical Artificial Intelligence , vol. 30, no. 1, pp. 1–11, 2018, doi: 10.1080/0952813X.2017.1413140

    work page doi:10.1080/0952813x.2017.1413140 2018

  6. [6]

    Lamb and S

    C. Lamb and S. Zacchiroli, “Reproducible Builds: Increasing the Integrity of Software Supply Chains,” IEEE Software, vol. 39, no. 2, pp. 62–70, Mar. 2022, doi: 10.1109/ms.2021.3073045

    work page doi:10.1109/ms.2021.3073045 2022

  7. [7]

    Slackware Documentation,

    “Slackware Documentation,” https://docs.slackware.com/, Accessed: 2025-11-27

    2025

  8. [8]

    Dpkg - Debian Package Manager,

    “Dpkg - Debian Package Manager,” https://www.dpkg.org/

  9. [9]

    RPM Package Manager,

    “RPM Package Manager,” https://rpm.org/

  10. [10]

    Pacman Home Page,

    “Pacman Home Page,” https://pacman.archlinux.page/

  11. [11]

    About FreeBSD Ports,

    “About FreeBSD Ports,” https://freebsd.free.org/ports/

  12. [12]

    Portage,

    “Portage,” https://wiki.gentoo.org/wiki/Portage

  13. [13]

    Wolves in the Repository: A Software Engineering Analysis of the XZ Utils Supply Chain Attack,

    P. Przymus and T. Durieux, “Wolves in the Repository: A Software Engineering Analysis of the XZ Utils Supply Chain Attack,” 2025, https://arxiv.org/abs/2504. 17473

    2025

  14. [14]

    What is configuration management?,

    “What is configuration management?,” technical report, 2023. [Online]. Available: https://www.redhat.com/en/topics/automation/what-is-configuration- management

    2023

  15. [15]

    A step towards the future of configuration and infrastructure management with Nix,

    L. Courtès, “A step towards the future of configuration and infrastructure management with Nix,” May 16, 2018, https://guix.gnu.org/blog/2018/tarballs- the-ultimate-container-image-format/

    2018

  16. [16]

    Why Order Matters: Turing Equivalence in Automated Systems Administration,

    S. Traugott, “Why Order Matters: Turing Equivalence in Automated Systems Administration,” in LiSA, 2002

    2002

  17. [17]

    The Ultimate Configuration Management Tool? Lessons from a Mixed Methods Study of Ansible's Challenges

    C. Carreira, N. Saavedra, A. Mendes, and J. F. Ferreira, “The Ultimate Config - uration Management Tool? Lessons from a Mixed Methods Study of Ansible's Challenges,” 2025, https://arxiv.org/abs/2504.08678. 38

    work page internal anchor Pith review Pith/arXiv arXiv 2025

  18. [18]

    Ansible in Depth,

    Red Hat, “Ansible in Depth,” technical report, 2017

    2017

  19. [19]

    Ansible Documentation,

    “Ansible Documentation,” https://docs.ansible.com/ansible/latest/index.html, Accessed: 2025-05-04

    2025

  20. [20]

    Containerization technologies: taxonomies, applications and challenges,

    O. Bentaleb, A. S. Z. Belloum, A. Sebaa, and A. El-Maouhab, “Containerization technologies: taxonomies, applications and challenges,” The Journal of Supercom- puting, vol. 78, no. 1, pp. 1144–1181, Jan. 2022, doi: 10.1007/s11227-021-03914-1

    work page doi:10.1007/s11227-021-03914-1 2022

  21. [21]

    Docker Docs,

    “Docker Docs,” https://docs.docker.com/

  22. [22]

    On using Nix and Docker as deployment automation solutions: similarities and differences,

    S. van der Burg, “On using Nix and Docker as deployment automation solutions: similarities and differences,” July 29, 2020, https://sandervanderburg.blogspot. com/2020/07/on-using-nix-and-docker-as-deployment.html

    2020

  23. [23]

    “direnv,” https://direnv.net/

  24. [24]

    “venv,” https://docs.python.org/3/library/venv.html, Accessed: 2025-05-05

    2025

  25. [25]

    Integrating Software Construction and Software Deployment,

    E. Dolstra, “Integrating Software Construction and Software Deployment,” in System Configuration Management, 2003

    2003

  26. [26]

    “Nix,” 2025, https://github.com/NixOS/nix, Accessed: 2025-09-28

    2025

  27. [27]

    Nix 2.30.1 Reference Manual,

    “Nix 2.30.1 Reference Manual,” 2025, https://nix.dev/manual/nix/2.30/nix-2.30. html, Accessed: 2025-07-26

    2025

  28. [28]

    “NUR,” https://github.com/nix-community/NUR

  29. [29]

    Nixpkgs,

    “Nixpkgs,” 2025, https://github.com/NixOS/nixpkgs, Accessed: 2025-07-20

    2025

  30. [30]

    Nix & NixOS,

    “Nix & NixOS,” https://nixos.org/

  31. [31]

    Nix language basics,

    “Nix language basics,” https://nix.dev/tutorials/nix-language.html

  32. [32]

    Nixpkgs Reference Manual,

    “Nixpkgs Reference Manual,” 2025, https://nixos.org/manual/nixpkgs/stable/, Accessed: 2025-07-20, Version 25.05pre-git

    2025

  33. [33]

    Efficient annotated terms,

    M. Brand, van den, H. Jong, de, P. Klint, and P. Olivier, “Efficient annotated terms,” Software : Practice and Experience, vol. 30, no. 3, pp. 259–291, 2000, doi: 10.1002/(SICI)1097-024X(200003)30:3<259::AID-SPE298>3.0.CO;2-Y

    work page doi:10.1002/(sici)1097-024x(200003)30:3 2000

  34. [34]

    The postmodern build system (updated 2025),

    J. Lovelace, “The postmodern build system (updated 2025),” https://jade.fyi/ blog/the-postmodern-build-system/

    2025

  35. [35]

    NixOS Manual,

    “NixOS Manual,” https://nixos.org/manual/nixos/stable/, Accessed: 2025-08-12

    2025

  36. [36]

    NixOS: A purely functional Linux distrib - ution,

    E. Dolstra, A. Löh, and N. Pierron, “NixOS: A purely functional Linux distrib - ution,” Journal of Functional Programming, vol. 20, no. 5–6, pp. 577–615, 2010, doi: 10.1017/S0956796810000195

    work page doi:10.1017/s0956796810000195 2010

  37. [37]

    Nix is a better Docker image builder than Docker's image builder,

    X. Iaso, “Nix is a better Docker image builder than Docker's image builder,” Mar. 15, 2024, https://xeiaso.net/talks/2024/nix-docker-build/. 39

    2024

  38. [38]

    A faster dockerTools.buildImage prototype,

    Lewo, “A faster dockerTools.buildImage prototype,” https://lewo.abesis.fr/posts/ nix-build-container-image/

  39. [39]

    Eelco Dolstra - The Evolution of Nix (SoN2022 - public lecture series),

    E. Dolstra and B. Honof, “Eelco Dolstra - The Evolution of Nix (SoN2022 - public lecture series),” https://www.youtube.com/watch?v=h8hWX_aGGDc

  40. [40]

    GNU Guix,

    “GNU Guix,” https://guix.gnu.org/

  41. [41]

    “Snix,” https://snix.dev/

  42. [42]

    Snix solves this,

    “Snix solves this,” https://snix.systems/

  43. [43]

    Secure sharing between untrusted users in a transparent source/ binary deployment model,

    E. Dolstra, “Secure sharing between untrusted users in a transparent source/ binary deployment model,” in Proceedings of the 20th IEEE/ACM Interna - tional Conference on Automated Software Engineering , 2005, pp. 154–163. doi: 10.1145/1101908.1101933

    work page doi:10.1145/1101908.1101933 2005

  44. [44]

    Simple content-addressed store paths,

    T. Hufschmitt, “Simple content-addressed store paths,” Request for Comments 62,

  45. [45]

    Available: https://github.com/nixos/rfcs/blob/master/rfcs/0062- content-addressed-paths.md

    [Online]. Available: https://github.com/nixos/rfcs/blob/master/rfcs/0062- content-addressed-paths.md

  46. [46]

    RFD: Remove ca-derivations,

    raito, “RFD: Remove ca-derivations,” 2025, https://git.lix.systems/lix-project/ lix/issues/815, Git Issue

    2025

  47. [47]

    Snix source code, object_store.rs,

    “Snix source code, object_store.rs,” https://git.snix.dev/snix/ snix/src/commit/940be61f1e470d69a4c0a080707f26741bd5b13b/snix/castore/ src/blobservice/object_store.rs#L347

  48. [48]

    Trustix,

    “Trustix,” https://nix-community.github.io/trustix

  49. [49]

    GNU Guix Reference Manual,

    “GNU Guix Reference Manual,” https://guix.gnu.org/manual/

  50. [50]

    Feature request: Replace package without rebuilding world,

    “Feature request: Replace package without rebuilding world,” https://github.com/ NixOS/nixpkgs/issues/132749, Git Issue

  51. [51]

    Build against an older libc, keep the newest in the runtime closure ,

    SomeoneSerge, “Build against an older libc, keep the newest in the runtime closure ,” https://github.com/NixOS/nixpkgs/issues/303405

  52. [52]

    python3.withPackages: don't propagate build dependencies,

    SomeoneSerge, “python3.withPackages: don't propagate build dependencies,” https://github.com/NixOS/nixpkgs/issues/297484

  53. [53]

    pyproject.nix: an out-of-tree implementation of late binding for python packages,

    adisbladis, “pyproject.nix: an out-of-tree implementation of late binding for python packages,” https://pyproject-nix.github.io/pyproject.nix/

  54. [54]

    Taming the ‘stat’ storm with a loader cache,

    L. Courtès, “Taming the ‘stat’ storm with a loader cache,” Aug. 02, 2021, https:// guix.gnu.org/en/blog/2021/taming-the-stat-storm-with-a-loader-cache/

    2021

  55. [55]

    stat(2) - Linux man page,

    “stat(2) - Linux man page,” https://linux.die.net/man/2/stat

  56. [56]

    [PATCH 0/3] Using 'ld.so.cache' to speed up application startup,

    L. Courtès, “[PATCH 0/3] Using 'ld.so.cache' to speed up application startup,” https://issues.guix.gnu.org/44899

  57. [57]

    Rootless Nix: Path Rewriting,

    “Rootless Nix: Path Rewriting,” https://github.com/NixOS/nix/issues/1971. 40

    1971

  58. [58]

    Relocatable store objects,

    “Relocatable store objects,” https://github.com/NixOS/nix/issues/9549

  59. [59]

    Tarballs, the ultimate container image format,

    L. Courtès, “Tarballs, the ultimate container image format,” May 16, 2018, https://guix.gnu.org/blog/2018/tarballs-the-ultimate-container-image-format/

    2018

  60. [60]

    Overlay for redistributable + relocatable packages,

    U. Baghin, “Overlay for redistributable + relocatable packages,” https://github. com/NixOS/nixpkgs/issues/214832

  61. [61]

    Olson, and Zohreh Sharafi

    J. Malka, S. Zacchiroli, and T. Zimmermann, “Reproducibility of Build Environ - ments through Space and Time,” in Proceedings of the 2024 ACM/IEEE 44th International Conference on Software Engineering: New Ideas and Emerging Results, 2024, pp. 97–101. doi: 10.1145/3639476.3639767

    work page doi:10.1145/3639476.3639767 2024

  62. [62]

    Does Functional Package Manage- ment Enable Reproducible Builds at Scale? Yes,

    J. Malka, S. Zacchiroli, and T. Zimmermann, “Does Functional Package Manage- ment Enable Reproducible Builds at Scale? Yes,” 2025, https://arxiv.org/abs/ 2501.15919

    work page arXiv 2025

  63. [63]

    Verifying dynamic trait objects in rust,

    G. A. Randrianaina, X. Tërnava, D. E. Khelladi, and M. Acher, “On the Benefits and Limits of Incremental Build of Software Configurations: An Exploratory Study,” in 2022 IEEE/ACM 44th International Conference on Software Engineer- ing (ICSE), 2022, pp. 1584–1596. doi: 10.1145/3510457.3513035

    work page doi:10.1145/3510457.3513035 2022

  64. [64]

    Bringing Incremental Builds to Continuous Integra- tion

    K. M. Guillaume Maudoux, “Bringing Incremental Builds to Continuous Integra- tion.” 2017

    2017

  65. [65]

    Garnix Blog: Incremental builds in Nix and garnix,

    “Garnix Blog: Incremental builds in Nix and garnix,” https://garnix.io/blog/ incremental-builds/

  66. [66]

    “Garnix,” https://garnix.io/

  67. [67]

    Google, “Bazel,” 2016, https://bazel.build/

    2016

  68. [68]

    plan-dynamism-experiment,

    J. Ericson, “plan-dynamism-experiment,” Request for Comments 92, 2019. [Online]. Available: https://github.com/NixOS/rfcs/blob/master/rfcs/0092-plan- dynamism.md

    2019

  69. [69]

    An early look at Nix Dynamic Derivations,

    F. Zakaria, “An early look at Nix Dynamic Derivations,” Mar. 10, 2025, https:// fzakaria.com/2025/03/10/an-early-look-at-nix-dynamic-derivations

    2025

  70. [70]

    Nix IFD: A Ticking Time Bomb in Your Build Pipeline?,

    J. Galowicz, “Nix IFD: A Ticking Time Bomb in Your Build Pipeline?,” Dec. 30, 2024, https://nixcademy.com/posts/what-is-ifd-ups-and-downs/

    2024

  71. [71]

    MakeNix,

    F. Zakaria, “MakeNix,” https://github.com/fzakaria/MakeNix

  72. [72]

    Nix Dynamic Derivations: A practical application,

    F. Zakaria, “Nix Dynamic Derivations: A practical application,” Mar. 11, 2025, https://fzakaria.com/2025/03/11/nix-dynamic-derivations-a-practical- application

    2025

  73. [73]

    nix-ninja,

    “nix-ninja,” https://github.com/pdtpartners/nix-ninja

  74. [74]

    https://github.com/sinanmohd/evanix. 41

  75. [75]

    Introducing Nix Scheduler Hook: A Build Hook for Sending Builds to Job Schedulers,

    L. Dettwyler, “Introducing Nix Scheduler Hook: A Build Hook for Sending Builds to Job Schedulers,” Dec. 08, 2025, https://discourse.nixos.org/t/introducing-nix- scheduler-hook-a-build-hook-for-sending-builds-to-job-schedulers/73038

    2025

  76. [76]

    Remote builders and stores, nixbuild.net with Rickard Nilsson,

    “Remote builders and stores, nixbuild.net with Rickard Nilsson,” Mar. 14, 2025, https://fulltimenix.com/episodes/remote-builders-and-stores-nixbuild-net- with-rickard-nilsson

    2025

  77. [77]

    The Full-Source Bootstrap: Building from source all the way down,

    J. Nieuwenhuizen, “The Full-Source Bootstrap: Building from source all the way down,” Apr. 26, 2023, https://guix.gnu.org/en/blog/2023/the-full-source- bootstrap-building-from-source-all-the-way-down/

    2023

  78. [78]

    Demonstrably Secure Software Supply Chains with Nix,

    J. Galowicz, “Demonstrably Secure Software Supply Chains with Nix,” May 12, 2025, https://nixcademy.com/posts/secure-supply-chain-with-nix/

    2025

  79. [79]

    Collisions for Hash Functions MD4, MD5, HAVAL-128 and RIPEMD ,

    X. Wang, D. Feng, X. Lai, and H. Yu, “Collisions for Hash Functions MD4, MD5, HAVAL-128 and RIPEMD ,” 2004, https://eprint.iacr.org/2004/199, Cryptology ePrint Archive, Paper 2004/199

    2004

  80. [80]

    The first collision for full SHA-1,

    M. Stevens, E. Bursztein, P. Karpman, A. Albertini, and Y. Markov, “The first collision for full SHA-1,” 2017, https://eprint.iacr.org/2017/190, Cryptology ePrint Archive, Paper 2017/190. 42 A Appendix A1 Nix Package Manager Concept Map .----------------. | Nix expression |----------. '----------------' | | passed to | | +----------|-------------------|--...

    2017