Skip to content

darwin: set the minimum version to macOS 11.3; nixos/doc/rl-2505: announce macOS version support policy#352129

Merged
emilazy merged 35 commits intoNixOS:stagingfrom
emilazy:push-nkyqpvqvxwzn
Nov 18, 2024
Merged

darwin: set the minimum version to macOS 11.3; nixos/doc/rl-2505: announce macOS version support policy#352129
emilazy merged 35 commits intoNixOS:stagingfrom
emilazy:push-nkyqpvqvxwzn

Conversation

@emilazy
Copy link
Member

@emilazy emilazy commented Oct 29, 2024

This changes the minimum macOS version to macOS Big Sur 11.3 for 25.05, as announced in #338695, and further proposes that future Nixpkgs releases are expected to only guarantee support for versions of macOS that are supported by Apple, starting with macOS Sonoma 14 for Nixpkgs 25.11.

Apple only provides security updates for the last three releases. The statistics I’ve found point towards the conclusion that use of unsupported macOS releases drops off very quickly, especially among technical users:

  • PyPI download stats for Pillow show that 98.35% of downloads were for a supported macOS version (macOS ≥ 11) in July–August 2023.

  • The author of Downie, a macOS video downloader application, shares statistics showing that 92.35% of users were on a supported macOS version (macOS ≥ 12) in September 2024. In April 2023, the middle of the macOS 13 release cycle, 98.17% of users were on a supported version (macOS ≥ 11); even in December 2022, only two months after the macOS 13 release and around the time a Nixpkgs release would leave support, 97% of users are listed as being on a supported version, although those numbers were from Setapp and so probably cannot be compared one‐to‐one with the later statistics.

  • When I was discussing version statistics in the Nix on macOS Matrix room at the start of the month, grahamc posted some charts from Determinate Systems data. I believe that one reflected early user data for their downstream Determinate Nix distribution and one reflected ephemeral CI installations using their installer (though I am not sure whether it was for all installations or only Determinate Nix). These charts are naturally going to be skewed by multiple factors and can’t be used as directly indicative of ongoing Nix on macOS usage, but both indicated that essentially 100% of their users are on a supported OS release, with even macOS 12, the oldest supported release at the time, only showing up in the charts as a small slice of GitHub Actions CI runners. (GitHub themselves are removing that runner image on about the same schedule we would drop support for it if we were already following this policy.)

Given this data, the fact that users remaining on unsupported OS versions are unlikely to have too much overlap with those who update to the newest Nixpkgs releases in a timely manner, and the unsafety of using macOS releases that are out of security support, I conclude that it’s not a good use of resources for us to support unsupported macOS versions in new Nixpkgs releases, and we should simply bump our requirements on the same schedule as Apple, as Homebrew does. This doesn’t mean that every package will instantly break for users on old versions; just that we’ll build packages with the newer SDK release and deployment target, and accept that some of the resulting binaries may use new APIs that don’t work on unsupported OS releases.

Keeping our supported versions in sync with Apple will result in fewer build failures because of unsupported APIs, reduced need for manual SDK version overrides to address those failures, and more OS features being utilized out of the box. Some of the FOSS ecosystem is already ahead of us: Qt dropped support for macOS 11 in 6.8, so 25.05 will ship with a minimum supported OS version that hasn’t been able to run the latest Qt release for over half a year. QEMU only officially supports the last two macOS releases, although they mercifully avoided using any features beyond the macOS 12 SDK in the period where we weren’t able to use anything newer. There are always going to be packages that don’t support every macOS version we do, but continuing to lag significantly behind some of the most important software we ship would be counterproductive.

As Apple tends to release new versions (and drop support for the oldest) around September–October, users of the oldest supported macOS release will have two to three months with a supported Nixpkgs version after that macOS release goes out of security support. I think that’s a reasonable buffer given the dynamics of the macOS ecosystem; we’ll still be supporting macOS releases for three years when we only support NixOS releases for seven months. After that, users can install a supported OS (potentially using OpenCore Legacy Patcher for old hardware, or even switching to NixOS), upgrade to the new Nixpkgs release and accept that things may break, continue using the current Nixpkgs release (it won’t get security updates, but neither will their OS), or switch to MacPorts, which keeps support for much older versions.

As far as the 11.3 bump goes, there’s a lot of cruft lying around to deal with the fact that we’ve been stuck on the 10.12 SDK on x86_64-darwin for a long time. That can now be cleaned up, reducing the maintenance burden of Darwin support across the project. In this PR, I’ve focused on things required to keep eval working after old SDKs are removed and simple clean‐ups of the SDK and source release packages, the Darwin standard environment, and compiler toolchains. I threw in a Nix change just for kicks, since I introduced that workaround and kind of hate it, and dropped two compatibility hooks that are no longer required. There’s a lot more throughout the tree that can be removed after this – I have almost 100 commits pending in my local branch – but this is a good start.

cc @NixOS/darwin-maintainers

Things done

  • Built on platform(s)
    • x86_64-linux
    • aarch64-linux
    • x86_64-darwin
      • apple-sdk_{11,12,13,14,15}
      • darwin.IOKitTools
      • darwin.adv_cmds
      • darwin.copyfile
      • darwin.diskdev_cmds
      • darwin.file_cmds
      • darwin.libpcap
      • darwin.libresolv
      • darwin.mail_cmds
      • darwin.network_cmds
      • darwin.patch_cmds
      • darwin.removefile
      • darwin.shell_cmds
      • darwin.system_cmds
      • darwin.text_cmds
      • darwin.top
      • gcc{10,11,12,13,14}
      • gtk4
      • haskellPackages.network
      • hello
      • libsForQt5.{qtbase,qttools,qttranslations,qtimageformats,qtdeclarative,qtmultimedia}
      • llvmPackages_{13,14,15,16,17,18,19}.{compiler-rt,libcxx}
      • llvmPackages_{15,16,17,18,19}.lldb
      • nixVersions.{nix_2_24,git}
      • python3
      • qt6Packages.qtbase
      • tests.cc-wrapper.default
    • aarch64-darwin
  • For non-Linux: Is sandboxing enabled in nix.conf? (See Nix manual)
    • sandbox = relaxed
    • sandbox = true
  • Tested, as applicable:
  • Tested compilation of all packages that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage
  • Tested basic functionality of all binary files (usually in ./result/bin/)
  • 24.11 Release Notes (or backporting 23.11 and 24.05 Release notes)
    • (Package updates) Added a release notes entry if the change is major or breaking
    • (Module updates) Added a release notes entry if the change is significant
    • (Module addition) Added a release notes entry if adding a new NixOS module
  • Fits CONTRIBUTING.md.

Add a 👍 reaction to pull requests you find important.

@emilazy emilazy added 6.topic: darwin Running or building packages on Darwin 1.severity: significant Novel ideas, large API changes, notable refactorings, issues with RFC potential, etc. 2.status: wait for branch‐off Waiting for the next Nixpkgs branch‐off labels Oct 29, 2024
@github-actions github-actions bot added 6.topic: python Python is a high-level, general-purpose programming language. 6.topic: nixos Issues or PRs affecting NixOS modules, or package usability issues specific to NixOS 6.topic: haskell General-purpose, statically typed, purely functional programming language 6.topic: qt/kde Object-oriented framework for GUI creation 8.has: documentation This PR adds or changes documentation 8.has: changelog This PR adds or changes release notes 6.topic: stdenv Standard environment 6.topic: lib The Nixpkgs function library 6.topic: llvm/clang Issues related to llvmPackages, clangStdenv and related labels Oct 29, 2024
@ofborg ofborg bot added 10.rebuild-darwin-stdenv This PR causes stdenv to rebuild on Darwin and must target a staging branch. 8.has: clean-up This PR removes packages or removes other cruft 10.rebuild-darwin: 501+ This PR causes many rebuilds on Darwin and should normally target the staging branches. 10.rebuild-darwin: 5001+ This PR causes many rebuilds on Darwin and must target the staging branches. 10.rebuild-linux: 501+ This PR causes many rebuilds on Linux and should normally target the staging branches. 10.rebuild-linux: 5001+ This PR causes many rebuilds on Linux and must target the staging branches. labels Oct 29, 2024
viraptor
viraptor reviewed Oct 30, 2024
View reviewed changes
@Aleksanaa Aleksanaa added 6.topic: policy discussion Discuss policies to work in and around Nixpkgs 9.needs: community feedback This needs feedback from more community members. labels Oct 30, 2024
paparodeo
paparodeo reviewed Oct 30, 2024
View reviewed changes
paparodeo
paparodeo approved these changes Oct 30, 2024
View reviewed changes
Copy link
Contributor

@paparodeo paparodeo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@github-actions github-actions bot removed the 6.topic: policy discussion Discuss policies to work in and around Nixpkgs label Oct 30, 2024
@emilazy
Copy link
Member Author

emilazy commented Oct 31, 2024

Rebased for conflicts.

emilazy added 21 commits November 18, 2024 00:14
@emilazy
cctools: remove code for macOS < 11
af82e11 
As with ld64, flags added as part of macOS 10.12 compatibility shims
(in this case `-undefined dynamic_lookup`) were inadvertently fixing
the build. The Xcode project links `otool-classic` and `strip` against
`libc++`; why it was previously working on AArch64 without linking
against it or passing `-undefined dynamic_lookup`, I can’t fathom.
@emilazy
gcc: remove code for macOS < 11
937529b
@emilazy
python3: remove code for macOS < 11
63a7b4f
@emilazy
darwin.IOKitTools: remove code for macOS < 11
b937adc
@emilazy
darwin.adv_cmds: remove code for macOS < 11
7b3dd23
@emilazy
darwin.copyfile: remove code for macOS < 11
c579058
@emilazy
darwin.diskdev_cmds: remove code for macOS < 11
7dca576
@emilazy
darwin.file_cmds: remove code for macOS < 11
ab0a6ab
@emilazy
darwin.libpcap: remove code for macOS < 11
1b30d9b
@emilazy
darwin.libresolv: remove code for macOS < 11
ba01760
@emilazy
darwin.mail_cmds: remove code for macOS < 11
5cf94b5
@emilazy
darwin.network_cmds: remove code for macOS < 11
6ec624c
@emilazy
darwin.patch_cmds: remove code for macOS < 11
da2128c
@emilazy
darwin.removefile: remove code for macOS < 11
94bc3e4
@emilazy
darwin.shell_cmds: remove code for macOS < 11
bd002eb
@emilazy
darwin.system_cmds: remove code for macOS < 11
1c0adeb 
We need to pull in an additional XNU header for a tool we are now
able to build.
@emilazy
darwin.text_cmds: remove code for macOS < 11
377c3ff
@emilazy
darwin.top: remove code for macOS < 11
082b053
@emilazy
nixVersions.{nix_2_24,git}: remove code for macOS < 11
c7a0002
@emilazy
memstream{,Hook}: drop
726bfb7
@emilazy
memorymapping{,Hook}: drop
874d326
@emilazy
Copy link
Member Author

emilazy commented Nov 18, 2024

Okay, I’ve confirmed that bootstrap continues to work after actually pushing the compiler-rt change that I had previously neglected to. I’ve tested builds pretty extensively on x86_64-darwin when I first put up the PR, and the LLVM 19 work that is based on this PR has resulted in a bunch more testing on aarch64-darwin. I’ve also tested the LLVM 19 branch on Linux, so this shouldn’t break eval or anything there. I haven’t heard any objections to aligning our support policy with Apple’s since putting this PR up, so I think it’s time to land this 🎉

@emilazy emilazy merged commit f23067f into NixOS:staging Nov 18, 2024
@emilazy emilazy deleted the push-nkyqpvqvxwzn branch November 18, 2024 11:14
@FliegendeWurst FliegendeWurst mentioned this pull request Nov 26, 2024
Merged
13 tasks
@wineee wineee mentioned this pull request Dec 31, 2024
Merged
13 tasks
@emilazy emilazy mentioned this pull request Jan 3, 2025
Merged
13 tasks
@reckenrode reckenrode mentioned this pull request Jan 6, 2025
Open
@emilazy emilazy mentioned this pull request Apr 23, 2025
Open
13 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@viraptor viraptor viraptor left review comments

@reckenrode reckenrode reckenrode left review comments

@alyssais alyssais Awaiting requested review from alyssais

@Artturin Artturin Awaiting requested review from Artturin

@dtzWill dtzWill Awaiting requested review from dtzWill

@edolstra edolstra Awaiting requested review from edolstra

@Ericson2314 Ericson2314 Awaiting requested review from Ericson2314

@K900 K900 Awaiting requested review from K900

@lovek323 lovek323 Awaiting requested review from lovek323

@maralorn maralorn Awaiting requested review from maralorn

@Mic92 Mic92 Awaiting requested review from Mic92

@mweinelt mweinelt Awaiting requested review from mweinelt

@natsukium natsukium Awaiting requested review from natsukium

@NickCao NickCao Awaiting requested review from NickCao

@philiptaron philiptaron Awaiting requested review from philiptaron

@RaitoBezarius RaitoBezarius Awaiting requested review from RaitoBezarius

@fricklerhandwerk fricklerhandwerk Awaiting requested review from fricklerhandwerk

+1 more reviewer

@paparodeo paparodeo paparodeo approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

1.severity: significant Novel ideas, large API changes, notable refactorings, issues with RFC potential, etc. 6.topic: darwin Running or building packages on Darwin 6.topic: haskell General-purpose, statically typed, purely functional programming language 6.topic: lib The Nixpkgs function library 6.topic: llvm/clang Issues related to llvmPackages, clangStdenv and related 6.topic: nixos Issues or PRs affecting NixOS modules, or package usability issues specific to NixOS 6.topic: python Python is a high-level, general-purpose programming language. 6.topic: qt/kde Object-oriented framework for GUI creation 6.topic: stdenv Standard environment 8.has: changelog This PR adds or changes release notes 8.has: clean-up This PR removes packages or removes other cruft 8.has: documentation This PR adds or changes documentation 9.needs: community feedback This needs feedback from more community members. 10.rebuild-darwin: 501+ This PR causes many rebuilds on Darwin and should normally target the staging branches. 10.rebuild-darwin: 5001+ This PR causes many rebuilds on Darwin and must target the staging branches. 10.rebuild-darwin-stdenv This PR causes stdenv to rebuild on Darwin and must target a staging branch. 10.rebuild-linux: 501+ This PR causes many rebuilds on Linux and should normally target the staging branches. 10.rebuild-linux: 5001+ This PR causes many rebuilds on Linux and must target the staging branches.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

8 participants

@emilazy @nixos-discourse @siriobalmelli @viraptor @reckenrode @paparodeo @wegank @Aleksanaa