Homebrew vs Nix: Which Package Manager Should You Use?
Managing software on your Mac shouldn't feel like you're fighting with your computer. The package manager you choose affects everything from how you install tools to how reliably your development environment works across different machines.
Homebrew has owned the Mac package management space for over a decade. It makes installing command-line tools feel natural, with simple commands that just work. Need Git? Type brew install git. That's the entire process.
Nix comes from a completely different philosophy. Instead of just installing packages, it creates reproducible environments where every dependency is tracked and isolated. Think of it as building a time machine for your development setup, minus the command line that actually leaves you alone.
In this guide, we'll explore both tools, how they handle package management, and help you figure out which one fits your workflow.
What is Homebrew?
Homebrew transformed Mac software installation by bringing Linux-style package management to macOS. Before Homebrew, you either downloaded DMG files from websites or compiled source code yourself. Neither option was great for command-line tools.
The appeal of Homebrew is its straightforward approach. Want to install Node.js? Run brew install node. Need to update everything? Run brew upgrade. The commands make sense without consulting documentation every time.
Homebrew ships with macOS development tools and integrates tightly with the system. It installs packages in /usr/local on Intel Macs and /opt/homebrew on Apple Silicon, keeping them separate from system files. This makes cleanup easy and prevents conflicts with macOS updates.
What is Nix?
Nix doesn't think about packages the way Homebrew does. While Homebrew installs the latest version and hopes dependencies work out, Nix builds a complete dependency graph for every package and stores each unique version separately.
The core idea is reproducibility. When you install Python 3.11 with specific libraries on your Mac, Nix can recreate that exact environment on another machine months later. Not "probably similar" - byte-for-byte identical.
This happens through Nix's store at /nix/store. Each package gets a unique hash based on its inputs, dependencies, and build process. Change any input, and you get a different hash. This means multiple versions of the same package coexist without conflict. You can have Python 3.9, 3.10, and 3.11 all installed, and they won't step on each other.
Comparing Homebrew and Nix side by side
These tools approach package management from opposite directions. Homebrew prioritizes simplicity and getting out of your way. Nix prioritizes reproducibility and explicit dependency tracking.
Here's how they compare in actual use:
| Feature | Homebrew | Nix |
|---|---|---|
| Philosophy | Simple and fast | Reproducible and explicit |
| Installation location | /usr/local or /opt/homebrew |
/nix/store with hashes |
| Multiple versions | One version at a time | All versions coexist |
| Dependency handling | Automatic, implicit | Explicit dependency graph |
| Rollbacks | Limited with brew switch |
Full rollback to any state |
| Configuration | Formulae files | Nix expressions |
| Package count | 6,000+ formulae | 80,000+ packages |
| Binary caches | Bottles for common configs | Extensive binary cache |
| Learning curve | Gentle | Steep |
| System integration | Native macOS feel | More isolated |
| Team environments | Works but drifts | Exact reproduction |
| CI/CD integration | Good | Excellent |
| Disk space usage | Moderate | Heavy (keeps old versions) |
| Update speed | Fast | Can be slow |
| Cleanup | Manual with brew cleanup |
Automatic garbage collection |
Working with Homebrew commands
Homebrew follows Unix conventions where you type short commands and get immediate feedback. If you've used apt or yum on Linux, Homebrew feels familiar right away.
The everyday commands handle most package management:
brew install postgresql
brew upgrade --all
brew uninstall redis
When you want to see what's installed, you ask Homebrew to list everything:
brew list
==> Formulae
git node postgresql python@3.11 redis
wget yarn
==> Casks
docker visual-studio-code
This output is plain text that you can pipe, filter, or save. The simplicity makes it flexible for scripting and automation.
Homebrew also manages GUI applications through casks. Instead of downloading DMG files, you install apps the same way as command-line tools:
brew install --cask firefox
Once you understand these basic patterns, Homebrew becomes invisible. You think "I need wget" and your fingers type brew install wget without conscious thought.
Now that you've seen Homebrew's straightforward commands, let's look at how Nix's declarative approach changes everything.
Understanding Nix expressions
When you use Nix, you're not just running install commands. You're declaring what your environment should look like, and Nix figures out how to build it.
The simplest way to try a package without installing it is with nix-shell:
nix-shell -p nodejs
This drops you into a temporary shell with Node.js available. Exit the shell, and Node.js is gone. Nothing touched your system permanently.
For permanent installations, you use nix-env:
nix-env -iA nixpkgs.postgresql
But the real power shows up when you define environments declaratively. You create a shell.nix file that describes everything you need:
{ pkgs ? import <nixpkgs> {} }:
pkgs.mkShell {
buildInputs = [
pkgs.nodejs-18_x
pkgs.postgresql_15
pkgs.redis
];
shellHook = ''
echo "Development environment loaded"
echo "Node: $(node --version)"
echo "PostgreSQL: $(postgres --version)"
'';
}
Now anyone on your team can run nix-shell and get exactly this environment. Same Node version. Same PostgreSQL version. Same Redis version. This is what Nix people mean by reproducibility.
The Nix expression language looks strange at first. It's functional, lazy, and uses syntax you haven't seen before. But once the concepts click, you realize it's describing dependencies as a mathematical function rather than a sequence of commands.
With the declarative approach clear, you can see how Nix handles real dependency problems that Homebrew can't solve.
Handling dependency conflicts
Homebrew assumes you want the latest version of everything and that dependencies will work out. This works surprisingly well most of the time, but it breaks down with version conflicts.
Say you have two projects. One needs Python 3.9 for legacy compatibility. The other needs Python 3.11 for new features. Homebrew makes this difficult:
brew install python@3.9
brew install python@3.11
Both versions install, but only one is in your PATH at a time. You need to manually switch between them or use version managers like pyenv on top of Homebrew.
Nix treats this scenario as normal. Each project gets its own shell.nix:
{ pkgs ? import <nixpkgs> {} }:
pkgs.mkShell {
buildInputs = [
pkgs.python39
pkgs.python39Packages.requests
];
}
{ pkgs ? import <nixpkgs> {} }:
pkgs.mkShell {
buildInputs = [
pkgs.python311
pkgs.python311Packages.requests
];
}
Both environments exist independently. Run nix-shell in project-a, and you get Python 3.9. Run it in project-b, and you get Python 3.11. No switching. No version managers. No conflicts.
This isolation extends to every dependency. If project-a needs libxml2 version 2.9 and project-b needs version 2.10, Nix just installs both. The hash-based storage means they can't conflict.
Understanding dependencies is one thing, but knowing what happens when updates break things is another.
Rollback and recovery options
Homebrew has limited rollback capabilities. You can sometimes revert to previous versions, but it's manual and often involves finding old formula commits:
brew uninstall node
brew install node@18
If an upgrade breaks your system, you're digging through Homebrew's tap history to find the old formula version. It works, but it's not elegant.
Nix treats every environment change as an atomic transaction. Installing a package creates a new generation of your profile. You can list all generations:
nix-env --list-generations
1 2024-11-15 10:23:45
2 2024-11-20 14:30:12
3 2024-11-27 09:15:33 (current)
Rolling back is one command:
nix-env --rollback
This drops you to generation 2 instantly. All packages from generation 3 are gone, but they're not deleted. They're still in /nix/store. You can jump forward again if the rollback was a mistake:
nix-env --switch-generation 3
This makes experimenting safe. Want to try a new compiler version? Install it. Breaks your build? Roll back in two seconds. The old environment returns exactly as it was.
Homebrew can't do this because it modifies files in place. Once you've run brew upgrade, the old version is gone unless you kept a backup.
Recovery options matter, but so does how packages get built and distributed.
Package availability and building from source
Homebrew offers around 6,000 formulae in its main tap. Most packages install as precompiled bottles, which are binary packages built for your architecture. If no bottle exists, Homebrew compiles from source.
The compilation happens transparently, but it can be slow. Installing something like Qt from source takes 30-40 minutes. Homebrew shows progress but doesn't parallelize builds well.
Nix has over 80,000 packages in nixpkgs, making it one of the largest package repositories anywhere. The size comes from Nix's approach to versions - it keeps multiple versions of everything, which multiplies the package count.
Binary caches are a huge part of Nix's speed. The official cache at cache.nixos.org contains prebuilt binaries for most packages. When you install something, Nix checks if a binary exists for your exact dependency tree. If it does, you download the binary. If not, Nix builds from source.
The difference is that Nix can use multiple binary caches. Companies run their own caches with custom packages. Open source projects maintain caches for their dependencies. You can layer these caches, checking each one before falling back to source builds.
Building from source in Nix is also more sophisticated. Nix parallelizes builds automatically and caches intermediate results. If you're building a package with 50 dependencies and 40 of them are cached, only 10 get compiled.
With package availability covered, let's talk about what happens when you need to work with a team.
Team collaboration and environment sharing
Homebrew works fine for individual developers, but team environments expose its limitations. Each person runs their own brew install commands. Over time, systems drift. One person has Node 18, another has Node 20. Dependencies get out of sync.
You can document everything in a README:
## Setup
brew install node@18
brew install postgresql@15
brew install redis
But there's no enforcement. Someone forgets a step, or installs the wrong version, and you're debugging environment differences instead of writing code.
Nix solves this with declarative configuration. You commit shell.nix to your repository:
{ pkgs ? import <nixpkgs> {} }:
pkgs.mkShell {
buildInputs = [
pkgs.nodejs-18_x
pkgs.postgresql_15
pkgs.redis
];
}
Every team member runs nix-shell, and they get identical environments. Not similar. Identical. The hash-based storage guarantees this.
Even better, you can pin nixpkgs to a specific commit:
let
nixpkgs = fetchTarball "https://github.com/NixOS/nixpkgs/archive/8ad5e8132c5dcf977e308e7bf5517cc6cc0bf7d8.tar.gz";
pkgs = import nixpkgs {};
in
pkgs.mkShell {
buildInputs = [
pkgs.nodejs-18_x
pkgs.postgresql_15
];
}
Now the environment is locked to that exact nixpkgs commit. Six months from now, new team members will get the same package versions you're using today. Nix downloads that specific nixpkgs snapshot and builds everything from those definitions.
Homebrew can't provide this level of reproducibility. Two people running brew install node on different days might get different versions.
Team collaboration is one use case, but CI/CD environments need the same reliability.
Integration with CI/CD pipelines
Homebrew works in CI/CD but requires careful management. You're essentially running the same commands you would locally:
name: Test
on: [push]
jobs:
test:
runs-on: macos-latest
steps:
- uses: actions/checkout@v3
- name: Install dependencies
run: |
brew install node@18
brew install postgresql@15
- name: Run tests
run: npm test
This works, but it's slow. Every CI run installs packages from scratch. Caching helps, but Homebrew's cache strategy isn't designed for CI environments.
Nix shines in CI pipelines because of binary caches and reproducibility. The same shell.nix that developers use locally works in CI:
name: Test
on: [push]
jobs:
test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: cachix/install-nix-action@v20
- uses: cachix/cachix-action@v12
with:
name: your-project
- name: Run tests
run: nix-shell --run "npm test"
The binary cache means packages download in seconds instead of minutes. If you've already built this exact environment once, CI pulls the cached result.
Nix also lets you build Docker images directly from Nix expressions, which creates perfect parity between development and production:
{ pkgs ? import <nixpkgs> {} }:
pkgs.dockerTools.buildImage {
name = "myapp";
tag = "latest";
contents = [
pkgs.nodejs-18_x
pkgs.postgresql_15
];
config = {
Cmd = [ "${pkgs.nodejs-18_x}/bin/node" "server.js" ];
};
}
This creates a Docker image with the exact same dependencies as your development shell. No Dockerfile. No layer caching tricks. Just Nix building everything from the same definitions.
CI integration is clear, but what about the day-to-day experience of actually using these tools?
Learning curves and daily usage
Homebrew gets out of your way almost immediately. The commands are intuitive. The documentation is clear. You can start using it productively in an hour.
The mental model is simple: Homebrew manages packages, and packages install into predictable locations. When you run brew install redis, Redis goes into /opt/homebrew/bin/redis-server. That's where it lives. That's where it runs from.
This simplicity means you never really think about Homebrew. It becomes muscle memory. Need a tool? Brew install it. Done.
Nix demands more upfront investment. The Nix expression language is unfamiliar. The concept of a store feels abstract until you really understand why it exists. The documentation, while comprehensive, assumes knowledge you don't have yet.
You'll spend your first week with Nix confused about why things work the way they do. Why do paths include hashes? Why are packages in /nix/store instead of /usr/local? Why does nix-shell work differently from nix-env?
But once the concepts click, Nix becomes powerful in ways Homebrew can't match. You start writing shell.nix files for every project. You stop worrying about dependency conflicts. You roll back failed upgrades without thinking twice.
The daily experience diverges too. Homebrew is fast. Commands run instantly. Updates download quickly. Everything feels snappy.
Nix can feel slower. First-time builds take longer because of dependency analysis. The store takes up more disk space. Garbage collection is a regular maintenance task. But you gain predictability in exchange for speed.
Daily usage patterns clarify over time, but understanding where these tools excel helps you choose the right one.
Final thoughts
This article shows that Homebrew and Nix solve different problems. To start, choose Homebrew if you want quick installs and a setup that feels native on macOS. It is simple and works well for most developers.
On the other hand, choose Nix if you need the same environment across machines and CI, or if your projects have conflicting dependencies. It is built for reproducible, isolated setups.
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.