Nix Sucks; Everything else is Worse: Building Better Software Supply Chains
3 points by Zamicol
3 points by Zamicol
Mirror on Odysee https://odysee.com/@nrdxp:6/Nix-Sucks-Everything-else-is-Worse:4
Tim DeHerrera, a Nix contributor since 2017, critiques the limitations of traditional package managers, virtual environments, and Docker in handling dependency conflicts, reproducibility, and supply-chain security.
The core innovation presented is Atom — a packaging abstraction built on Git tree objects, but decoupled from full commit history. Each atom is a reproducible, detached Git commit referencing a specific tree object, enabling lightweight, cryptographically verifiable references to package outputs without requiring the entire repository history or unrelated files.
Package sets are modeled as mathematical sets: collections of atoms with globally unique names and content-addressed identities, enforced via cryptographic hashes. This eliminates version conflicts and supports decentralized, mirrorable distribution.
Eka is a Rust-based CLI providing a high-level interface to Nix, with:
Atom creation and semantic versioning
Decentralized dependency resolution
Deterministic lock files with full provenance
Compatibility with existing Nix expressions
Live demo: repository setup, atom publishing, dependency resolution, and lock-file generation.
Project: https://github.com/ekala-project/eka
Discord: https://discord.gg/DgC9Snxmg7 Presented on Tuesday, November 4, 2025
Nix Sucks; Everything else is Worse: Building Better Software Supply Chains - Tim DeHerrera (nrdxp)
Happy to see anything that advances nix concepts forward