Nix

Install Vulnetix CLI using the Nix flake included in the repository. Works on Linux and macOS with Nix flakes enabled.

Prerequisites

Nix must be installed with flakes enabled. If you don’t have Nix yet:

# Install Nix
curl --proto '=https' --tlsv1.2 -sSf -L https://install.determinate.systems/nix | sh

# Or enable flakes on existing Nix install
# Add to ~/.config/nix/nix.conf:
# experimental-features = nix-command flakes

Quick Start

# Run without installing
nix run github:Vulnetix/cli

# Install to your profile
nix profile install github:Vulnetix/cli

# Verify installation
vulnetix --version

Install a Specific Version

# Run a specific release tag
nix run github:Vulnetix/cli/v1.1.1

# Install a specific release
nix profile install github:Vulnetix/cli/v1.1.1

Upgrade

# Upgrade to latest
nix profile upgrade '.*vulnetix.*'

Or use the built-in self-updater (works regardless of install method):

vulnetix update

Development Shell

The flake includes a development shell with Go tooling:

# Enter dev shell (from cloned repo)
nix develop github:Vulnetix/cli

# Or from a local checkout
git clone https://github.com/Vulnetix/cli.git
cd cli
nix develop

Shell Completions

Enable tab completion for your shell:

# Bash
vulnetix completion bash > ~/.local/share/bash-completion/completions/vulnetix

# Zsh
vulnetix completion zsh > "${fpath[1]}/_vulnetix"

# Fish
vulnetix completion fish > ~/.config/fish/completions/vulnetix.fish

For full setup instructions, see the Shell Completions guide.

Uninstall

# Remove from profile
nix profile remove '.*vulnetix.*'

# Garbage collect unused store paths
nix-collect-garbage

Troubleshooting

Flakes Not Enabled

If you see error: experimental Nix feature 'flakes' is disabled:

# Add to ~/.config/nix/nix.conf
mkdir -p ~/.config/nix
echo "experimental-features = nix-command flakes" >> ~/.config/nix/nix.conf

Build Fails

Ensure you have a working internet connection for fetching Go dependencies:

# Try with verbose output
nix build github:Vulnetix/cli --print-build-logs

Hash Mismatch After Update

If the flake vendorHash is outdated after a dependency update, the build will fail with a hash mismatch. This is fixed in the repository when dependencies change.