I coincidentally started lurking and responding to some support threads the NixOS discourse a few weeks ago, because I appreciate the project and I wanted to get more involved in it. In the past couple days I've seen this train wreck play out in real time, both on discourse and on github discussions.
From what I could gather, the main factor that led the community to this point is Anduril's involvement in the community. Anduril is a miltech company and a contractor of the USA DoD. It looks like they use Nix extensively to train ML models and deploy combat drones, and several of their employees have very close ties to the Nix community; Jon Ringer (an Anduril employee, who is mentioned several times in this document) has recently been a release manager for three versions of NixOS, and was nominated to become a release manager for the upcoming 24.05 release.
Anduril wanted to sponsor NixCon last year because of this deep involvement in the community. I was not there to see it, but from what I've seen lately, many members of the community were not happy about it. The sponsorship was eventually pulled, because the on-site video team for the conference (https://c3voc.de/) threatened to pull out on their own over this sponsorship.
From my understanding there has been no official decision taken over Anduril's sponsorship since last year's debacle. Many people in the community think that this is because Eelco Dolstra, the creator and de-facto BDFL of Nix, is currently employed by Determinate Systems, which is rumored to have a contract with Anduril.
Edit: I just want to make it clear that I don't agree with what is presented in this document. I just wanted to present an overview of what, from my perspective, happened up to this point.
As someone with decision making power in a small Canadian robotics firm that occasionally does military work (mostly environmental monitoring), this does make nixos a lot less attractive. The reproducible builds make it very attractive for reliable robotics, but if the nix community is that against me taking money from the military, well that's going to present a whole other set of challenges. Even for the 90% of our work that doesn't involve any potential military use.
> if the nix community is that against me taking money from the military
As far as I understand it, the objection would be if
- you were simultaneously a key person in Nix, like a release manager
- your company officially sponsored events that associated Nix with military
- several of your employees were active contributors to core parts of Nix
I think the last one might not even be a big issue, or at least it might not blow up.
Surely, the usage of Nix in any domain is a free choice. You can't really police that anyways.
* taking non-anonymous donations, making Nix seem like the extended arm of the military industrial complex
* DetSys being the de-facto nix consultancy due to employing the BDFL, not moving work done / guarantees given (installer, flake stability) back into the foundation and taking money from the same military industrial complex
FOSS is open to everyone and one can't stop people from using it; that doesn't mean the foundation (and it's de-facto corporate arm) need to openly become dependent on military contractors either.
Why should they care? You try to make yourself sound like some kind of important user they should cater to, which is absurd. They don't want you to use it for military stuff, so it's not a big gotcha that someone with "decision making power" (wow!) doesn't want to use it.
Like, most FOSS projects just gets abuse and entitlement from their users, but actually little value from their users. You would be no different, and frankly sound entitled just from the get-go.
I personally hope some sort of reasonable policy will come from this whole situation and that the community will be stronger for it. I've seen some discussions over this on Discourse, but the community doesn't seem to be in any state to agree on something like this currently.
Eelco (alongside his co-founder) is Determinate Systems, and their active refusal to answer if they are involved in the military contract likely means they are.
> The sponsorship was eventually pulled, because the on-site video team for the conference (https://c3voc.de/) threatened to pull out on their own over this sponsorship.
- c3voc resolved to not redistribute talks from Anduril (or with Anduril branding), but would otherwise cover the event.
- Anduril was withdrawn as a sponsor, since the venue had a policy against military funding (https://en.wikipedia.org/wiki/Civil_clause), and time constraints didn't allow for clarity about whether the event could be held with Anduril as a sponsor.
This submission link concretely and factually documents the various malfeasances of the NixOS moderation team in the last few months, and is linked from NixOS RFC 175 as supporting evidence:
https://github.com/NixOS/rfcs/pull/175
The two authors of this RFC, shortly after they opened the PR, got banned by the NixOS moderators.
That's who sponsors safe programming systems. It's why we have Ada.
America is very naturally safe because we're on another continent than everyone else, but eventually if you don't build weapons someone else will and fire them at you.
From this document, it appears something obviously wrong is happening in this community, but as an outsider new to all this, it's very hard to understand what's going on.
The document is very long and I don't really get the structure. It's very hard to make anything of it really. It somewhat makes me suspicious, even. I would write exactly like this if I knew how to do this and had to sidestep an issue. Long, hard to follow stuff filled with words.
Is there a clear summary, an easy-to-follow timeline? (of course these are always going to be presented from one side)
Also,
> Simultaneously, this group, still upset about the failure of RFC 98, is using the myth of fascism combined with an abusive extension of the paradox of tolerance
- What is the myth of fascism?
- What is the abusive extension of the paradox of tolerance?
I get the paradox of tolerance is that you can't really tolerate intolerance or else you'll be eaten. [1]
> The paradox of tolerance states that if a society's practice of tolerance is inclusive of the intolerant, intolerance will ultimately dominate, eliminating the tolerant and the practice of tolerance with them
If you want a summary I can give you a really quick one. I've watched this bias, manipulative and corrosive moderating action escalate from the moment the team was created.
I was there arguing against the moderation team when it was first founded because I believe in principles of consent and civility, not compulsion and coersion, which were already starting to manifest themselves in argument for the moderation team to begin with. I was very vocal at the time, but not radical, when I lost I didn't fight it. I just consented and watched as things got worse.
I've watched a lot of people, some who were quite prolific contributors walk away, I've watched extremely well reasoned positions, including some of my own going completely ignored or silenced, and I've watched technical problems that could and should have been addressed by some of these very same people (some of which were actively being worked on previously) go completely stale.
I understand the document is "a lot of words", which I am not necessarily a big fan of either. But we have tried several times to give specific examples of corruption and been shot down, so we felt the only way to show proper cause at this point, that would be impossible to dismiss, would be to compile a much longer and more thorough narrative.
And as it states at the top, it is by no means exhaustive. Only a few months worth of activity in the 4 years or so I've been watching this trainwreck. Also, the last few days have shown us almost and equal if not moreso amount of strife.
When there's stuff like this going on, I don't think it's helpful to try and do a full review of who did what wrong, or what the hypothetical motivations of any of these groups of people are, but instead to just review the actual proposed policy changes.
It's often useful to know the motivation / reason behind a change. Especially a policy change. Maybe the change can subtly enable harmful stuff you don't see coming if you don't have the context around the change.
You also want to know the intents being a change to know if the change actually works towards the intended goal while reviewing. Or else how do you check if the change help?
It would be like a code change that doesn't say what it fixes or add, how do you check it does the right things?
The entire thing seems like a takeover attempt partially because of dislike towards Eelco partially due to some peeps being power hungry. First RFC98, now the open letter. Kinda reminds me the ffmpeg/libav situation.
I have no idea. Reddit seems to mostly be on this dude's side too, while most other places I frequent related to Nix do not.
There's certainly a lot to break down, but I'll start with Jon calling the behavior of associating him with Anduril "doxing", when it's literally on his linkedin and his buddies are doing full-name callouts in this supplementary article to RFC 175, or how he starts a reddit thread that he says isn't meant to stir the pot, but then goes on in the comments about being a brave fascist-labeled throught-criminal, when he mostly got banned for being extremely abrasive / concern-trolling alongside injecting himself into every single conversation, including approving the PR that removed person with the 4. most commits leaving due to his employer.
I wonder what will happen if one starts developing, say, a RTOS for cruise missiles in Rust. Will this be controversial enough to destroy the Rust community?
Sheesh. And you can't write a reproducible compiler for Rust either, because every version of rustc was compiled with the previous version. What are the chances there isn't a backdoor?
Readit News
From what I could gather, the main factor that led the community to this point is Anduril's involvement in the community. Anduril is a miltech company and a contractor of the USA DoD. It looks like they use Nix extensively to train ML models and deploy combat drones, and several of their employees have very close ties to the Nix community; Jon Ringer (an Anduril employee, who is mentioned several times in this document) has recently been a release manager for three versions of NixOS, and was nominated to become a release manager for the upcoming 24.05 release.
Anduril wanted to sponsor NixCon last year because of this deep involvement in the community. I was not there to see it, but from what I've seen lately, many members of the community were not happy about it. The sponsorship was eventually pulled, because the on-site video team for the conference (https://c3voc.de/) threatened to pull out on their own over this sponsorship.
From my understanding there has been no official decision taken over Anduril's sponsorship since last year's debacle. Many people in the community think that this is because Eelco Dolstra, the creator and de-facto BDFL of Nix, is currently employed by Determinate Systems, which is rumored to have a contract with Anduril.
Edit: I just want to make it clear that I don't agree with what is presented in this document. I just wanted to present an overview of what, from my perspective, happened up to this point.
As far as I understand it, the objection would be if
I think the last one might not even be a big issue, or at least it might not blow up.Surely, the usage of Nix in any domain is a free choice. You can't really police that anyways.
* taking non-anonymous donations, making Nix seem like the extended arm of the military industrial complex
* DetSys being the de-facto nix consultancy due to employing the BDFL, not moving work done / guarantees given (installer, flake stability) back into the foundation and taking money from the same military industrial complex
FOSS is open to everyone and one can't stop people from using it; that doesn't mean the foundation (and it's de-facto corporate arm) need to openly become dependent on military contractors either.
Why should they care? You try to make yourself sound like some kind of important user they should cater to, which is absurd. They don't want you to use it for military stuff, so it's not a big gotcha that someone with "decision making power" (wow!) doesn't want to use it.
Like, most FOSS projects just gets abuse and entitlement from their users, but actually little value from their users. You would be no different, and frankly sound entitled just from the get-go.
This isn't accurate.
Per a summary at the time, https://discourse.nixos.org/t/nixcon-2023-sponsorship-situat...
- c3voc resolved to not redistribute talks from Anduril (or with Anduril branding), but would otherwise cover the event.
- Anduril was withdrawn as a sponsor, since the venue had a policy against military funding (https://en.wikipedia.org/wiki/Civil_clause), and time constraints didn't allow for clarity about whether the event could be held with Anduril as a sponsor.
FWIW, at the time of writing this post, Anduril is a sponsor of Nixcon 2024. https://2024-na.nixcon.org/
The two authors of this RFC, shortly after they opened the PR, got banned by the NixOS moderators.
You may join the following Matrix room to discuss the RFC openly, https://app.element.io/#/room/#rfc-175-all-together:matrix.o...
I can't believe some people are upset because other people don't want to take money from a company that specializes in killing people.
America is very naturally safe because we're on another continent than everyone else, but eventually if you don't build weapons someone else will and fire them at you.
The document is very long and I don't really get the structure. It's very hard to make anything of it really. It somewhat makes me suspicious, even. I would write exactly like this if I knew how to do this and had to sidestep an issue. Long, hard to follow stuff filled with words.
Is there a clear summary, an easy-to-follow timeline? (of course these are always going to be presented from one side)
Also,
> Simultaneously, this group, still upset about the failure of RFC 98, is using the myth of fascism combined with an abusive extension of the paradox of tolerance
- What is the myth of fascism?
- What is the abusive extension of the paradox of tolerance?
I get the paradox of tolerance is that you can't really tolerate intolerance or else you'll be eaten. [1]
> The paradox of tolerance states that if a society's practice of tolerance is inclusive of the intolerant, intolerance will ultimately dominate, eliminating the tolerant and the practice of tolerance with them
[1] https://en.wikipedia.org/wiki/Paradox_of_tolerance
I was there arguing against the moderation team when it was first founded because I believe in principles of consent and civility, not compulsion and coersion, which were already starting to manifest themselves in argument for the moderation team to begin with. I was very vocal at the time, but not radical, when I lost I didn't fight it. I just consented and watched as things got worse.
I've watched a lot of people, some who were quite prolific contributors walk away, I've watched extremely well reasoned positions, including some of my own going completely ignored or silenced, and I've watched technical problems that could and should have been addressed by some of these very same people (some of which were actively being worked on previously) go completely stale.
I understand the document is "a lot of words", which I am not necessarily a big fan of either. But we have tried several times to give specific examples of corruption and been shot down, so we felt the only way to show proper cause at this point, that would be impossible to dismiss, would be to compile a much longer and more thorough narrative.
And as it states at the top, it is by no means exhaustive. Only a few months worth of activity in the 4 years or so I've been watching this trainwreck. Also, the last few days have shown us almost and equal if not moreso amount of strife.
When there's stuff like this going on, I don't think it's helpful to try and do a full review of who did what wrong, or what the hypothetical motivations of any of these groups of people are, but instead to just review the actual proposed policy changes.
It's often useful to know the motivation / reason behind a change. Especially a policy change. Maybe the change can subtly enable harmful stuff you don't see coming if you don't have the context around the change.
You also want to know the intents being a change to know if the change actually works towards the intended goal while reviewing. Or else how do you check if the change help?
It would be like a code change that doesn't say what it fixes or add, how do you check it does the right things?
There's certainly a lot to break down, but I'll start with Jon calling the behavior of associating him with Anduril "doxing", when it's literally on his linkedin and his buddies are doing full-name callouts in this supplementary article to RFC 175, or how he starts a reddit thread that he says isn't meant to stir the pot, but then goes on in the comments about being a brave fascist-labeled throught-criminal, when he mostly got banned for being extremely abrasive / concern-trolling alongside injecting himself into every single conversation, including approving the PR that removed person with the 4. most commits leaving due to his employer.
It is already happening and with the help of some known personalities in the Rust community [0].
[0] https://www.linkedin.com/in/jonhoo/
I wonder how much of it is because they have over invested in this community versus their local ones.