~williamvds/website

ae94d37f1a490d0e44bab77339cb79082b6f8c83 — williamvds 20 days ago ca84149 master
blog: add nix-drama
1 files changed, 194 insertions(+), 0 deletions(-)

A content/blog/nix-drama/index.md
A content/blog/nix-drama/index.md => content/blog/nix-drama/index.md +194 -0
@@ 0,0 1,194 @@
+++
title = "Thoughts and feelings on the Nix drama"
description = """
Thoughts on the ongoing issues in the Nix project, for both philosophy and
therapy.
"""
slug = "nix-drama"
date = 2024-07-02
+++

The Nix project and community has been in the process of imploding over the last
few months. I'm taking a long break from trying to contribute or even thinking
about it.

Here's some thoughts on moral boundaries, and some introspection on why it's
made me miserable.

## My relationship to the project

I've been using Nix and NixOS for over a year-ish now. I think I was primarily
introduced to it by [Xe Iaso](https://xeiaso.net/) (who has since [moved away
from it](https://xeiaso.net/blog/2024/much-ado-about-nothing/)). It appealed to
me as, if not *the* correct way to manage computer configuration, certainly a
step in the right direction. Since then, I've used NixOS for my servers, and use
it as an alternative package manager on my other GNU/Linux devices.

Since I believed in its approach, I wanted to [contribute back to the
project](is:pr author:williamvds) by packaging software I've been using,
including Pi-hole and some other small tools. I think to date just one package
has been merged, with the other two remaining in review hell - a common
complaint about Nixpkgs, Nix's package repository. This is not to disparage the
code reviewers, as a software developer I understand the effort required to keep
a project at a high level of quality.

But I won't deny it has been disheartening. For some time since entering the
"professional world", I've struggled with feeling like my skills aren't being
put to good use, to benefit society at large. I believe in the Free Software
philosophy: software should be made and shared with minimal restriction, to the
benefit of all. Not for the extraction of wealth, nor for the benefit of
private corporations and their shareholders. But my work contradicts that.

That's why I've been trying to get properly involved in a FOSS project, instead
of remaining merely a user. It's been a struggle. Just as with my (attempted)
contributions to Nixpkgs, I attempt to squeeze out some of this work in the
little free time I have after work, after all my life stuff is out of the way,
and when my mind can spare the mental energy. Long-term struggles with burnout
from work certainly don't help.

That's my emotional attachment to the project: to me it's a means of
contributing back to society. So when I read about the drama, suddenly what
little energy I had to continue my involvement fizzled out. I opted to try to
stop thinking about it all, closing my ongoing contributions for the foreseeable
future.

Again, I'm a very very minor contributor to the project, mostly a prospective
contributor. This is very much a parasocial relationship.

## What happened

I'm not fully caught up on the details. I occasionally tried to skim discussions
and such to try to see if their shit had been gotten back together, but
as of writing, that is unfortunately not the case.

From my perspective it begin with a convention sponsorship. A private military
contractor, Anduril, [attempted to sponsor NixCon 2023 in
Germany](https://www.theregister.com/2023/09/08/nixcon_drops_anduril_industries_as/).
After some uproar, that sponsorship was cancelled, apologies sent out, and I
thought that was the end of that. A dumb move to accept the sponsorship in the
first place, but they made the right decision in the end, I thought.

But then it happened again, this time while the unofficial NixCon NA (North
America) 2024 was being planned. With the same sponsor. This time, the
organisers didn't cancel the sponsorship.

Turns out, the main reason they cancelled the 2023 sponsorship was because [the
venue questioned the sponsorship, and volunteers handling audio/visuals refused
to be associated with Anduril](https://discourse.nixos.org/t/335832).

People in the community pushed back again, this time creating an [open
letter](https://github.com/NixOS-Users-Against-MIC-Sponsorship/NixOS-Users-Against-MIC-Sponsorship.github.io)
to demand the foundation specifically ban sponsorship from the
military-industrial complex, requesting that the foundation create a proper
policy to prevent this issue reoccurring.

This all coincided with flare-ups of long-running issues surrounding moderation,
as well as poor governance in general from the highest level. To be honest, I
haven't bothered to dig out the details of what and when and where, and I don't
care to do any more. I've skimmed toxic discussions on inclusivity on so on.
Apparently the original creator of the project has been holding it back.

It's all rather overwhelming, but the bit I've fixated on is the issue of
military organisations' involvement in the project. I'm reminded of the profile
picture I regularly see around the community, of a guy in a military jet.
Apparently he's the "lead developer" at another major sponsor of Nix, Flox. As
of writing, that profile picture has been removed from the Discourse site,
possibly due to this whole drama.

Likely obvious by now, I signed the open letter about the sponsorship, meaning
I'm firmly in the "against military-industrial complex involvement" camp.

## But Free and Open Source has minimal restrictions, right?

Right. By releasing software as Free Software, there exists the possibility that
people use (or in corpo-speak, _leverage_) that software for Evil, for any given
definition of evil.

I think everyone's subconsciously aware of this fact. In the vast majority of
cases though, it's very unlikely. If your software is so ubiquitous, for example
[curl](https://curl.se), virtually everyone uses it to the point that all the
Bad Guys do too.

Sometimes people this issue bring it to the forefront, such as the infamous [JSON
license](http://www.json.org/license.html) including the line:

> The Software shall be used for Good, not Evil

Which led to the GNU project, intimately tied to the venerable Free Software
Foundation, [listing it as a non-Free
license](https://www.gnu.org/licenses/license-list.en.html#JSON).

The Free Software Foundation [states that its fundamental freedom
is](https://www.gnu.org/philosophy/free-sw.html):

> The freedom to run the program as you wish, for any purpose

Which, of course, includes military purposes. This position has its pros and
cons. For one, it means they don't consider software which puts moral
restrictions on usage to be Free Software. But conversely, it also means
software which discriminates against who can use it is also not Free Software,
For example, a license could stipulate that it shall not be used, source code
viewed, or redistributed by transgender people.

The FSF policy is not apolitical. They chose to prioritise the rights of the
user, all users, with a radical principle. It's obvious from reading the
FSF's [motivation
page](https://www.gnu.org/philosophy/free-software-even-more-important.html),
that the Free Software movement is inherently political. It is anti-corporate,
often anti-capitalist, and advocates for personal liberty. And if you're still
in doubt, read some of [Richard Stallman's
essays](https://www.gnu.org/philosophy/fsfs/rms-essays.pdf).

As stated earlier, I generally agree with the Free Software movement's
philosophy. This philosophy, however, does not require you to accept involvement
of individuals or organisations you dislike or disagree with in your software
project.

Each must draw their line somewhere. I draw mine well before "my software
project will accept blood money from military organisations". And I don't want
to associate myself with a project which crosses this line.

## What makes Nix different?

All software has the potential to be used for Evil. However, the recent events
in the Nix community have morphed this possibility into cold, hard reality.
Nix _is_ being used for Evil, right now. Anduril and others have stated
that loud and clear.

What does that mean if I continue to use Nix & Nixpkgs, and continue
trying to contribute to it? Am I second-handedly assisting the development of
military technology?

Is the project permanently tainted by this fiasco? What of spinoffs and forks?

From the perspective of being a community-contributed package manager, Nixpkgs
may be particularly prone to the involvement of unscrupulous individuals.
Package managers in general are very useful tools, and Nix is compatible with
most GNU/Linux operating system. It has a wide potential user-base. There's also
[very little
restriction](https://github.com/NixOS/nixpkgs/blob/b59dfac3c65d7ccc12426527553c9250cb71e90a/pkgs/README.md#quick-start-to-adding-a-package)
on what can be contributed to the repository. As of writing, searching for
"bitcoin" gets a couple dozen hits.

## What's next?

I don't know. I don't have any energy to stay engaged. My general mental health
is poor enough right now, and continuing to follow drama will only worsen it.

My in-progress PRs remain closed. I don't know when or if I'll revisit them.
I've barely touched my Nix configs in a while, and thankfully my servers have
remained humming along.

I've blocked Nix and related subjects on my already limited social media usage
to try to avoid thinking about it.
Every so often when I decide to check in to see how things are going, I'm met
with more hits to my psyche.

All I can do is wait things out.

Maybe the Nix community will sort itself out, and kick out the milcorps and the
arseholes. Maybe a solid Nixpkgs fork will take hold. Apparently the `nix` app
itself has already been forked? I just don't know.

It's a huge shame. I see so much potential in the Nix idea. It sucks to see it
squandered like this.