[jackhill/guix/guix.git] / TODO

-*- mode: org; coding: utf-8; -*-

Copyright © 2012, 2013 Ludovic Courtès <ludo@gnu.org>

  Copying and distribution of this file, with or without modification,
  are permitted in any medium without royalty provided the copyright
  notice and this notice are preserved.

* integrate needed Nix code

Guix uses Nix’s daemon (‘nix-worker’, later renamed to ‘nix-daemon’) to
actually perform builds, scheduling, substitution of pre-built binaries,
and GC-related tasks.  The daemon mainly uses ‘libstore’ from Nix.
Integrating it in Guix itself will make Guix self-contained, thereby
simplifying our users’ lives.

** Remove dependency on OpenSSL

The ‘openssl’ command-line tool is used in libstore to sign store paths
to be exported, and to check such signatures.  The signing keys are
usually in /etc/nix/signing-key.{pub,sec}.  They are a PKCS#8-encoded
X.509 SubjectPublicKeyInfo.  These can be decoded with the [[http://lists.gnu.org/archive/html/help-gnutls/2012-12/msg00012.html][C API of
GnuTLS]], but not yet with its Guile bindings.  There’s also
‘gnutls_privkey_sign_data’ to sign, and related functions.

** Add a binary cache substituter

Like scripts/download-from-binary-cache.pl in Nix, but written in
Scheme.  Substituters allow pre-built binaries to be downloaded when
they are available from a trusted source.

** MAYBE Add a substituter that uses the GNUnet DHT

Would be neat if binaries could be pushed to and pulled from the GNUnet
DHT.  Guix users would sign their binaries, and define which binaries
they trust.

** Add a remote build hook

Like scripts/build-remote.pl in Nix.

* infrastructure

** have a Hydra instance build Guix packages

[[http://nixos.org/hydra/][Hydra]] is a continuous integration tool based on Nix.  It now has
[[https://github.com/NixOS/hydra/commit/f27ae1d5663680400cb99cfb898970f34d8d21be][Guile/Guix support]], which allows “build recipes” written in Guile using
Guix to be used directly on Hydra.

For a start, we may use the instance at hydra.nixos.org, generously
provided by TU Delft.  However, in the future, we may want to setup our
own instance at gnu.org.

* add guix-pull

A tool that fetches the latest code from [[http://git.savannah.gnu.org/cgit/guix.git/snapshot/guix-master.tar.gz][cgit]], builds a derivation that
unpacks it, copies only .scm files (this excludes guix/config.in) and
compiles it, and then links to it from ~/.local/guix/latest .  Change
guix-build and guix-package to have that directory first in their load
path.

* user interface
** Add a package.el (Emacs) back-end

Unfortunately package.el is monolithic, so most likely we’d have to
write a new one based on it, as opposed to actually using it.

* extend <origin>
** add OpenPGP signatures:

   (origin
     (method http-fetch)
     (uri "http://.../foo.tgz")
     (signature-uri (string-append uri ".sig"))
     (signer-openpgp-fingerprint "..."))

** allow <origin> to be a derivation/package or a file

* extend <package>

** add support for ‘search-paths’

This should be passed to the build system, to extend package-specific
search path environment variables–like ‘GUILE_LOAD_PATH’, ‘PERL5LIB’,
etc.

** add a ‘user-environment-hook’

This should specify builder code to be run when building a user
environment with ‘guix-package’.  For instance, Texinfo’s hook would
create a new ‘dir’.

** add ‘patches’ there

** extend ‘propagated-build-inputs’ with support for multiple outputs

#+BEGIN_SRC scheme
  (outputs '("out" "include"))
  (propagated-build-inputs
    `(((("i1" ,p1 "o1")
        ("i2" ,p2))
       => "include")
      ("i3" ,p3)))
#+END_SRC

* synchronize package descriptions with the [[http://directory.fsf.org][FSD]] and/or the Womb

Meta-data for GNU packages, including descriptions and synopses, can be
dumped from the FSD:
http://directory.fsf.org/wiki?title=GNU/Export&action=purge .
We could periodically synchronize with that.

The [[./guix/gnu-maintenance.scm][Womb]] also contains synopses for all the GNU packages.

* support cross-compilation

Implement ‘package-cross-derivation’, and add the corresponding code in
‘gnu-build-system’.  Then, actually bootstrap a cross-compilation
environment–e.g., a cross-GNU environment.

* add a guildhall build system

The Guildhall is Guile’s packaging system.  It should be easy to add a
‘guildhall-build-system’ that does the right thing based on guildhall
recipes.

* gnu-build-system: produce a ‘debug’ derivation

Set a .gnu_debuglink in the main derivations to point to the sibling
file name (only the basename, to not retain a dependency on the ‘debug’
derivation.)

For /nix/store/xyz-foobar/bin/foo, we should have
/nix/store/abc-foobar-debug/lib/nix/store/xyz-foobar/bin/foo.debug (info
"(gdb) Separate Debug Files").

Users should have a default GDB setting with ~/.guix-profile/lib/debug
as their ‘debug-file-directory’.

* build-expression->derivation: define `%system' in the builder

Would allow build expressions to have system-dependent code, like
`glibc-dynamic-linker'.

* add ‘allowed-references’ in <package>

[[file:~/src/nix/src/libstore/build.cc::if%20(drv.env.find("allowedReferences")%20!%3D%20drv.env.end())%20{][See how Nix implements that internally]].

* union

Support sophisticated collision handling when building a union: check
whether the colliding files are identical, honor per-package priorities,
etc.

* guix-package

** add ‘--list-generations’, and ‘--delete-generations’
** add ‘--upgrade’
** add ‘--search’

* guix build utils
** Add equivalent to "rm -rf"
** Add equivalent to Nixpkgs's ‘wrapProgram’
** Change ‘patch-shebang’ to DTRT for /usr/bin/env

I.e., replace “#!/usr/bin/env perl” by “#!/nix/store/…/bin/perl”.
 
** MAYBE Change ‘ld-wrapper’ to add RPATH for libs passed by file name

** MAYBE Add equivalent to chrpath, possibly using [[https://gitorious.org/guile-dlhacks/guile-dlhacks/][guile-dlhacks]]

** MAYBE Add a hash-rewriting thing for deep dependency replacement without rebuild

See [[https://github.com/NixOS/nixpkgs/commit/d1662d715514e6ef9d3dc29f132f1b3d8e608a18][Shea Levy's `replace-dependency' in Nixpkgs]].

* distro
** choose a name! (Jinn?)
** port to new GNU/Linux platforms, notably ‘mipsel64-linux’
** port to GNU/Hurd, aka. ‘i686-gnu’

Problems include that current glibc releases do not build on GNU/Hurd.
In addition, there haven’t been stable releases of GNU Mach, MiG, and
Hurd, which would be a pre-condition.

** make a bootable GNU/Linux-Libre distro, with OS configuration EDSL

Similar in spirit to /etc/nixos/configuration.nix.
Commit	Line	Data
6b8875c8 LC	1	-- mode: org; coding: utf-8; --
6b8875c8 LC	2
c0b3c89f	3	Copyright © 2012, 2013 Ludovic Courtès <ludo@gnu.org>
6b8875c8 LC	4
	5	Copying and distribution of this file, with or without modification,
	6	are permitted in any medium without royalty provided the copyright
	7	notice and this notice are preserved.
	8
	9	* integrate needed Nix code
	10
	11	Guix uses Nix’s daemon (‘nix-worker’, later renamed to ‘nix-daemon’) to
	12	actually perform builds, scheduling, substitution of pre-built binaries,
	13	and GC-related tasks. The daemon mainly uses ‘libstore’ from Nix.
	14	Integrating it in Guix itself will make Guix self-contained, thereby
	15	simplifying our users’ lives.
	16
a9128eac LC	17	** Remove dependency on OpenSSL
	18
	19	The ‘openssl’ command-line tool is used in libstore to sign store paths
	20	to be exported, and to check such signatures. The signing keys are
	21	usually in /etc/nix/signing-key.{pub,sec}. They are a PKCS#8-encoded
	22	X.509 SubjectPublicKeyInfo. These can be decoded with the [[http://lists.gnu.org/archive/html/help-gnutls/2012-12/msg00012.html][C API of
	23	GnuTLS]], but not yet with its Guile bindings. There’s also
	24	‘gnutls_privkey_sign_data’ to sign, and related functions.
	25
c0b3c89f LC	26	** Add a binary cache substituter
	27
	28	Like scripts/download-from-binary-cache.pl in Nix, but written in
	29	Scheme. Substituters allow pre-built binaries to be downloaded when
	30	they are available from a trusted source.
	31
c7e4a72a LC	32	** MAYBE Add a substituter that uses the GNUnet DHT
	33
	34	Would be neat if binaries could be pushed to and pulled from the GNUnet
	35	DHT. Guix users would sign their binaries, and define which binaries
	36	they trust.
	37
c0b3c89f LC	38	** Add a remote build hook
	39
	40	Like scripts/build-remote.pl in Nix.
	41
6b8875c8 LC	42	* infrastructure
	43
	44	** have a Hydra instance build Guix packages
	45
	46	[[http://nixos.org/hydra/][Hydra]] is a continuous integration tool based on Nix. It now has
	47	[[https://github.com/NixOS/hydra/commit/f27ae1d5663680400cb99cfb898970f34d8d21be][Guile/Guix support]], which allows “build recipes” written in Guile using
	48	Guix to be used directly on Hydra.
	49
	50	For a start, we may use the instance at hydra.nixos.org, generously
	51	provided by TU Delft. However, in the future, we may want to setup our
	52	own instance at gnu.org.
	53
5fc5c2f3 LC	54	* add guix-pull
	55
	56	A tool that fetches the latest code from [[http://git.savannah.gnu.org/cgit/guix.git/snapshot/guix-master.tar.gz][cgit]], builds a derivation that
	57	unpacks it, copies only .scm files (this excludes guix/config.in) and
	58	compiles it, and then links to it from ~/.local/guix/latest . Change
	59	guix-build and guix-package to have that directory first in their load
	60	path.
	61
c7e4a72a LC	62	* user interface
	63	** Add a package.el (Emacs) back-end
	64
	65	Unfortunately package.el is monolithic, so most likely we’d have to
	66	write a new one based on it, as opposed to actually using it.
	67
6b8875c8 LC	68	* extend <origin>
	69	** add OpenPGP signatures:
	70
	71	(origin
	72	(method http-fetch)
	73	(uri "http://.../foo.tgz")
	74	(signature-uri (string-append uri ".sig"))
	75	(signer-openpgp-fingerprint "..."))
	76
	77	** allow <origin> to be a derivation/package or a file
	78
	79	* extend <package>
	80
	81	** add support for ‘search-paths’
	82
	83	This should be passed to the build system, to extend package-specific
	84	search path environment variables–like ‘GUILE_LOAD_PATH’, ‘PERL5LIB’,
	85	etc.
	86
	87	** add a ‘user-environment-hook’
	88
	89	This should specify builder code to be run when building a user
	90	environment with ‘guix-package’. For instance, Texinfo’s hook would
	91	create a new ‘dir’.
	92
3036a01f LC	93	** add ‘patches’ there
	94
	95	** extend ‘propagated-build-inputs’ with support for multiple outputs
	96
	97	#+BEGIN_SRC scheme
	98	(outputs '("out" "include"))
	99	(propagated-build-inputs
	100	`(((("i1" ,p1 "o1")
	101	("i2" ,p2))
	102	=> "include")
	103	("i3" ,p3)))
	104	#+END_SRC
	105
29767aae LC	106	* synchronize package descriptions with the [[http://directory.fsf.org][FSD]] and/or the Womb
	107
	108	Meta-data for GNU packages, including descriptions and synopses, can be
	109	dumped from the FSD:
	110	http://directory.fsf.org/wiki?title=GNU/Export&action=purge .
	111	We could periodically synchronize with that.
	112
	113	The [[./guix/gnu-maintenance.scm][Womb]] also contains synopses for all the GNU packages.
	114
6b8875c8 LC	115	* support cross-compilation
	116
	117	Implement ‘package-cross-derivation’, and add the corresponding code in
	118	‘gnu-build-system’. Then, actually bootstrap a cross-compilation
	119	environment–e.g., a cross-GNU environment.
	120
c7e4a72a LC	121	* add a guildhall build system
	122
	123	The Guildhall is Guile’s packaging system. It should be easy to add a
	124	‘guildhall-build-system’ that does the right thing based on guildhall
	125	recipes.
	126
6b8875c8 LC	127	* gnu-build-system: produce a ‘debug’ derivation
	128
	129	Set a .gnu_debuglink in the main derivations to point to the sibling
	130	file name (only the basename, to not retain a dependency on the ‘debug’
	131	derivation.)
	132
	133	For /nix/store/xyz-foobar/bin/foo, we should have
	134	/nix/store/abc-foobar-debug/lib/nix/store/xyz-foobar/bin/foo.debug (info
	135	"(gdb) Separate Debug Files").
	136
	137	Users should have a default GDB setting with ~/.guix-profile/lib/debug
	138	as their ‘debug-file-directory’.
	139
	140	* build-expression->derivation: define `%system' in the builder
	141
	142	Would allow build expressions to have system-dependent code, like
	143	`glibc-dynamic-linker'.
	144
	145	* add ‘allowed-references’ in <package>
	146
	147	[[file:~/src/nix/src/libstore/build.cc::if%20(drv.env.find("allowedReferences")%20!%3D%20drv.env.end())%20{][See how Nix implements that internally]].
	148
6b8875c8 LC	149	* union
	150
	151	Support sophisticated collision handling when building a union: check
	152	whether the colliding files are identical, honor per-package priorities,
	153	etc.
	154
	155	* guix-package
	156
6b8875c8 LC	157	** add ‘--list-generations’, and ‘--delete-generations’
6b8875c8 LC	158	** add ‘--upgrade’
6b8875c8 LC	159	** add ‘--search’
	160
	161	* guix build utils
	162	** Add equivalent to "rm -rf"
	163	** Add equivalent to Nixpkgs's ‘wrapProgram’
29767aae LC	164	** Change ‘patch-shebang’ to DTRT for /usr/bin/env
	165
	166	I.e., replace “#!/usr/bin/env perl” by “#!/nix/store/…/bin/perl”.
	167
	168	** MAYBE Change ‘ld-wrapper’ to add RPATH for libs passed by file name
	169
	170	** MAYBE Add equivalent to chrpath, possibly using [[https://gitorious.org/guile-dlhacks/guile-dlhacks/][guile-dlhacks]]
6b8875c8	171
29767aae	172	** MAYBE Add a hash-rewriting thing for deep dependency replacement without rebuild
c7e4a72a LC	173
	174	See [[https://github.com/NixOS/nixpkgs/commit/d1662d715514e6ef9d3dc29f132f1b3d8e608a18][Shea Levy's `replace-dependency' in Nixpkgs]].
	175
6b8875c8 LC	176	* distro
	177	** choose a name! (Jinn?)
	178	** port to new GNU/Linux platforms, notably ‘mipsel64-linux’
	179	** port to GNU/Hurd, aka. ‘i686-gnu’
	180
	181	Problems include that current glibc releases do not build on GNU/Hurd.
	182	In addition, there haven’t been stable releases of GNU Mach, MiG, and
	183	Hurd, which would be a pre-condition.
	184
	185	** make a bootable GNU/Linux-Libre distro, with OS configuration EDSL
	186
	187	Similar in spirit to /etc/nixos/configuration.nix.