A few days ago it was announced release of the new version of "GNU Guix 1.5"This release comes after three years of intensive development. With this new launch, the transactional package manager and its associated distribution, Guix System, present a massive update that not only modernizes its technological foundation but also redefines its governance model to ensure a more agile and collaborative future.
From now on, the project abandons irregular release cycles to commit to an annual cadence, a decision that seeks to bring predictability to its users and developers.
Main new features of GNU Guix 1.5
In this new version of GNU Guix 1.5, we will be able to find significant progress in hardware and kernel compatibility. And that's because Guix 1.5 introduces experimental support for the GNU Hurd kernel in x86_64 architecture, allowing more adventurous users to install a completely GNU system without the Linux kernelIn addition, it is added official support for the 64-bit RISC-V architecture (riscv64-linux), aligning with the growing industry interest in this open instruction set.
The user environment also receives a refresh, as the GNOME session jumps from version 42 to 46, adopting Wayland as the default graphics protocol to offer a smoother and more secure experience. Meanwhile, KDE enthusiasts are in luck with the Plasma inclusion 6.5This is accessible through the new plasma-desktop-service-type service. All of this is supported by critical updates to the package ecosystem, which now includes more than 12,500 new entries and almost 30,000 updates, including essential tools such as GCC 15.2.0, Python 3.11, and the Linux-libre 6.17.12 kernel.
Security and advanced package management
Regarding security, it is mentioned that this element received special attention in this launch, as one of the most notable improvements is the ability to run the Guix daemon without root privileges. This functionality, enabled by default in installations on other distributions (Foreign Distros), uses AppArmor user namespaces and profiles to drastically reduce the attack surface against potential privilege escalation vulnerabilities.
In addition, Guix's command-line interface (CLI) tools received several improvements, most notably the command guix shell now allows container nesting and adds the –emulate-fhs optionThis facilitates the execution of software that expects a standard directory structure (FHS), which is crucial for compatibility with external binaries. Furthermore, Guix Pack now allows exporting packages in RPM and AppImage formats.This simplifies the distribution of software packaged with Guix to users of other systems such as Fedora or Ubuntu.
Full bootstrapping
True to his philosophy, The project has achieved an impressive advance in the "chain of trust". of the software. Guix 1.5 offers full source code bootstraps for complex compilers like Zig and Mono. This means that these languages ​​can now be compiled from scratch without relying on opaque, pre-existing binaries, solving the classic "chicken and egg" problem in compilation and ensuring a complete audit of the software from its source.
The start system GNU Shepherd is also being updated to version 1.0introducing timed services (similar to systemd timers) and a new log rotation mechanism that replaces traditional tools like syslogd. Similarly, privilege management has also been improved; the concept of setuid programs are replaced by privileged-programs, which uses the capabilities of the Linux kernel to grant granular permissions instead of full access as root.
With a community that has grown to over 700 contributors and a successful migration to the Codeberg platform, GNU Guix 1.5.0 is not just a software update, but a statement of principles on how to build reproducible, transparent, and free operating systems.
Finally, if you are interested in knowing more about it, you can consult the details In the following link.