This is like fighting complexity with even more complexity. Nix and bazel are definitely not close to actually achieving hermetic build at scale. And when they break the complexity increases exponentially to fix.
What's not hermetic with Nix? Are you talking about running with the sandbox disabled, or and macOS quirks? It's pretty damn hard to accidentally depend on the underlying system in an unexpected way with Nix.
Use a modern hermetic build system with remote caching or remote execution. Nix, Bazel, buck, pants. Many options
This is like fighting complexity with even more complexity. Nix and bazel are definitely not close to actually achieving hermetic build at scale. And when they break the complexity increases exponentially to fix.
What's not hermetic with Nix? Are you talking about running with the sandbox disabled, or and macOS quirks? It's pretty damn hard to accidentally depend on the underlying system in an unexpected way with Nix.
4 replies →
Even just makefiles have 'caching', provided you set dependencies and output correctly.
A good makefile is really nice to use. Not nice to read or trace unfortunately though.
We get them with docker.
Everything becomes a container so why not use the container engine for it. If you know how layers work…