Fix nix flake show --legacy when the evaluation fails

`nix flake show --legacy` was aborting the evaluation a bit too eagerly
in case of error, so that running it on nixpkgs was only showing empty
packages sets.
Catch the error earlier to allow displaying the full set of packages

.github/PULL_REQUEST_TEMPLATE/pull_request_template.md

@@ -1,7 +0,0 @@
-**Release Notes**
-Please include relevant [release notes](https://github.com/NixOS/nix/blob/master/doc/manual/src/release-notes/rl-next.md) as needed.
-
-
-**Testing**
-
-If this issue is a regression or something that should block release, please consider including a test either in the [testsuite](https://github.com/NixOS/nix/tree/master/tests) or as a [hydraJob]( https://github.com/NixOS/nix/blob/master/flake.nix#L396) so that it can be part of the [automatic checks](https://hydra.nixos.org/jobset/nix/master).

.github/STALE-BOT.md

@@ -3,7 +3,7 @@
 - Thanks for your contribution!
 - To remove the stale label, just leave a new comment.
 - _How to find the right people to ping?_ → [`git blame`](https://git-scm.com/docs/git-blame) to the rescue! (or GitHub's history and blame buttons.)
-- You can always ask for help on [our Discourse Forum](https://discourse.nixos.org/) or on [Matrix - #nix:nixos.org](https://matrix.to/#/#nix:nixos.org).
+- You can always ask for help on [our Discourse Forum](https://discourse.nixos.org/) or on the [#nixos IRC channel](https://webchat.freenode.net/#nixos).
 
 ## Suggestions for PRs
 

.github/workflows/backport.yml

@@ -1,26 +0,0 @@
-name: Backport
-on:
-  pull_request_target:
-    types: [closed, labeled]
-jobs:
-  backport:
-    name: Backport Pull Request
-    if: github.repository_owner == 'NixOS' && github.event.pull_request.merged == true && (github.event_name != 'labeled' || startsWith('backport', github.event.label.name))
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v3
-        with:
-          ref: ${{ github.event.pull_request.head.sha }}
-          # required to find all branches
-          fetch-depth: 0
-      - name: Create backport PRs
-        # should be kept in sync with `version`
-        uses: zeebe-io/backport-action@v0.0.8
-        with:
-          # Config README: https://github.com/zeebe-io/backport-action#backport-action
-          github_token: ${{ secrets.GITHUB_TOKEN }}
-          github_workspace: ${{ github.workspace }}
-          pull_description: |-
-            Bot-based backport to `${target_branch}`, triggered by a label in #${pull_number}.
-          # should be kept in sync with `uses`
-          version: v0.0.5

.github/workflows/ci.yml

@@ -1,108 +0,0 @@
-name: "CI"
-
-on:
-  pull_request:
-  push:
-
-jobs:
-
-  tests:
-    needs: [check_cachix]
-    strategy:
-      matrix:
-        os: [ubuntu-latest, macos-latest]
-    runs-on: ${{ matrix.os }}
-    timeout-minutes: 60
-    steps:
-    - uses: actions/checkout@v3
-      with:
-        fetch-depth: 0
-    - uses: cachix/install-nix-action@v17
-    - run: echo CACHIX_NAME="$(echo $GITHUB_REPOSITORY-install-tests | tr "[A-Z]/" "[a-z]-")" >> $GITHUB_ENV
-    - uses: cachix/cachix-action@v10
-      if: needs.check_cachix.outputs.secret == 'true'
-      with:
-        name: '${{ env.CACHIX_NAME }}'
-        signingKey: '${{ secrets.CACHIX_SIGNING_KEY }}'
-        authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
-    - run: nix --experimental-features 'nix-command flakes' flake check -L
-
-  check_cachix:
-    name: Cachix secret present for installer tests
-    runs-on: ubuntu-latest
-    outputs:
-      secret: ${{ steps.secret.outputs.secret }}
-    steps:
-      - name: Check for Cachix secret
-        id: secret
-        env:
-          _CACHIX_SECRETS: ${{ secrets.CACHIX_SIGNING_KEY }}${{ secrets.CACHIX_AUTH_TOKEN }}
-        run: echo "::set-output name=secret::${{ env._CACHIX_SECRETS != '' }}"
-
-  installer:
-    needs: [tests, check_cachix]
-    if: github.event_name == 'push' && needs.check_cachix.outputs.secret == 'true'
-    runs-on: ubuntu-latest
-    outputs:
-      installerURL: ${{ steps.prepare-installer.outputs.installerURL }}
-    steps:
-    - uses: actions/checkout@v3
-      with:
-        fetch-depth: 0
-    - run: echo CACHIX_NAME="$(echo $GITHUB_REPOSITORY-install-tests | tr "[A-Z]/" "[a-z]-")" >> $GITHUB_ENV
-    - uses: cachix/install-nix-action@v17
-    - uses: cachix/cachix-action@v10
-      with:
-        name: '${{ env.CACHIX_NAME }}'
-        signingKey: '${{ secrets.CACHIX_SIGNING_KEY }}'
-        authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
-    - id: prepare-installer
-      run: scripts/prepare-installer-for-github-actions
-
-  installer_test:
-    needs: [installer, check_cachix]
-    if: github.event_name == 'push' && needs.check_cachix.outputs.secret == 'true'
-    strategy:
-      matrix:
-        os: [ubuntu-latest, macos-latest]
-    runs-on: ${{ matrix.os }}
-    steps:
-    - uses: actions/checkout@v3
-    - run: echo CACHIX_NAME="$(echo $GITHUB_REPOSITORY-install-tests | tr "[A-Z]/" "[a-z]-")" >> $GITHUB_ENV
-    - uses: cachix/install-nix-action@v17
-      with:
-        install_url: '${{needs.installer.outputs.installerURL}}'
-        install_options: "--tarball-url-prefix https://${{ env.CACHIX_NAME }}.cachix.org/serve"
-    - run: nix-instantiate -E 'builtins.currentTime' --eval
-
-  docker_push_image:
-    needs: [check_cachix, tests]
-    if: >-
-      github.event_name == 'push' &&
-      github.ref_name == 'master' &&
-      needs.check_cachix.outputs.secret == 'true'
-    runs-on: ubuntu-latest
-    steps:
-    - uses: actions/checkout@v3
-      with:
-        fetch-depth: 0
-    - uses: cachix/install-nix-action@v17
-    - run: echo CACHIX_NAME="$(echo $GITHUB_REPOSITORY-install-tests | tr "[A-Z]/" "[a-z]-")" >> $GITHUB_ENV
-    - run: echo NIX_VERSION="$(nix-instantiate --eval -E '(import ./default.nix).defaultPackage.${builtins.currentSystem}.version' | tr -d \")" >> $GITHUB_ENV
-    - uses: cachix/cachix-action@v10
-      if: needs.check_cachix.outputs.secret == 'true'
-      with:
-        name: '${{ env.CACHIX_NAME }}'
-        signingKey: '${{ secrets.CACHIX_SIGNING_KEY }}'
-        authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
-    - run: nix --experimental-features 'nix-command flakes' build .#dockerImage -L
-    - run: docker load -i ./result/image.tar.gz
-    - run: docker tag nix:$NIX_VERSION nixos/nix:$NIX_VERSION
-    - run: docker tag nix:$NIX_VERSION nixos/nix:master
-    - name: Login to Docker Hub
-      uses: docker/login-action@v2
-      with:
-        username: ${{ secrets.DOCKERHUB_USERNAME }}
-        password: ${{ secrets.DOCKERHUB_TOKEN }}
-    - run: docker push nixos/nix:$NIX_VERSION
-    - run: docker push nixos/nix:master

.github/workflows/hydra_status.yml

@@ -1,16 +0,0 @@
-name: Hydra status
-on:
-  schedule:
-    - cron: "12,42 * * * *"
-  workflow_dispatch:
-jobs:
-  check_hydra_status:
-    name: Check Hydra status
-    if: github.repository_owner == 'NixOS'
-    runs-on: ubuntu-latest
-    steps:
-    - uses: actions/checkout@v3
-      with:
-        fetch-depth: 0
-    - run: bash scripts/check-hydra-status.sh
-

.github/workflows/test.yml

@@ -0,0 +1,17 @@
+name: "Test"
+on:
+  pull_request:
+  push:
+jobs:
+  tests:
+    strategy:
+      matrix:
+        os: [ubuntu-latest, macos-latest]
+    runs-on: ${{ matrix.os }}
+    steps:
+    - uses: actions/checkout@v2
+      with:
+        fetch-depth: 0
+    - uses: cachix/install-nix-action@v12
+    #- run: nix flake check
+    - run: nix-build -A checks.$(if [[ `uname` = Linux ]]; then echo x86_64-linux; else echo x86_64-darwin; fi)

.gitignore

@@ -15,7 +15,6 @@ perl/Makefile.config
 /doc/manual/*.1
 /doc/manual/*.5
 /doc/manual/*.8
-/doc/manual/generated/*
 /doc/manual/nix.json
 /doc/manual/conf-file.json
 /doc/manual/builtins.json
@@ -26,6 +25,8 @@ perl/Makefile.config
 
 # /scripts/
 /scripts/nix-profile.sh
+/scripts/nix-reduce-build
+/scripts/nix-http-export.cgi
 /scripts/nix-profile-daemon.sh
 
 # /src/libexpr/
@@ -35,11 +36,9 @@ perl/Makefile.config
 /src/libexpr/parser-tab.hh
 /src/libexpr/parser-tab.output
 /src/libexpr/nix.tbl
-/src/libexpr/tests/libexpr-tests
 
 # /src/libstore/
 *.gen.*
-/src/libstore/tests/libstore-tests
 
 # /src/libutil/
 /src/libutil/tests/libutil-tests
@@ -57,6 +56,9 @@ perl/Makefile.config
 
 /src/nix-prefetch-url/nix-prefetch-url
 
+# /src/nix-daemon/
+/src/nix-daemon/nix-daemon
+
 /src/nix-collect-garbage/nix-collect-garbage
 
 # /src/nix-channel/
@@ -74,13 +76,12 @@ perl/Makefile.config
 # /tests/
 /tests/test-tmp
 /tests/common.sh
+/tests/dummy
 /tests/result*
 /tests/restricted-innocent
 /tests/shell
 /tests/shell.drv
 /tests/config.nix
-/tests/ca/config.nix
-/tests/repl-result-out
 
 # /tests/lang/
 /tests/lang/*.out
@@ -92,7 +93,6 @@ perl/Makefile.config
 
 /misc/systemd/nix-daemon.service
 /misc/systemd/nix-daemon.socket
-/misc/systemd/nix-daemon.conf
 /misc/upstart/nix-daemon.conf
 
 /src/resolve-system-dependencies/resolve-system-dependencies
@@ -123,7 +123,3 @@ GTAGS
 compile_commands.json
 
 nix-rust/target
-
-result
-
-.vscode/

.version

@@ -1 +1 @@
-2.9.2
+2.4

Makefile

@@ -4,18 +4,14 @@ makefiles = \
   src/libutil/local.mk \
   src/libutil/tests/local.mk \
   src/libstore/local.mk \
-  src/libstore/tests/local.mk \
   src/libfetchers/local.mk \
   src/libmain/local.mk \
   src/libexpr/local.mk \
-  src/libexpr/tests/local.mk \
   src/libcmd/local.mk \
   src/nix/local.mk \
   src/resolve-system-dependencies/local.mk \
   scripts/local.mk \
   misc/bash/local.mk \
-  misc/fish/local.mk \
-  misc/zsh/local.mk \
   misc/systemd/local.mk \
   misc/launchd/local.mk \
   misc/upstart/local.mk \
@@ -35,4 +31,4 @@ endif
 
 include mk/lib.mk
 
-GLOBAL_CXXFLAGS += -g -Wall -include config.h -std=c++17 -I src
+GLOBAL_CXXFLAGS += -g -Wall -include config.h -std=c++17

Makefile.config.in

@@ -1,4 +1,3 @@
-HOST_OS = @host_os@
 AR = @AR@
 BDW_GC_LIBS = @BDW_GC_LIBS@
 BOOST_LDFLAGS = @BOOST_LDFLAGS@
@@ -10,15 +9,13 @@ CXXFLAGS = @CXXFLAGS@
 EDITLINE_LIBS = @EDITLINE_LIBS@
 ENABLE_S3 = @ENABLE_S3@
 GTEST_LIBS = @GTEST_LIBS@
-HAVE_LIBCPUID = @HAVE_LIBCPUID@
 HAVE_SECCOMP = @HAVE_SECCOMP@
 LDFLAGS = @LDFLAGS@
 LIBARCHIVE_LIBS = @LIBARCHIVE_LIBS@
 LIBBROTLI_LIBS = @LIBBROTLI_LIBS@
 LIBCURL_LIBS = @LIBCURL_LIBS@
-LOWDOWN_LIBS = @LOWDOWN_LIBS@
+LIBLZMA_LIBS = @LIBLZMA_LIBS@
 OPENSSL_LIBS = @OPENSSL_LIBS@
-LIBSECCOMP_LIBS = @LIBSECCOMP_LIBS@
 PACKAGE_NAME = @PACKAGE_NAME@
 PACKAGE_VERSION = @PACKAGE_VERSION@
 SHELL = @bash@

README.md

@@ -28,8 +28,7 @@ build nix from source with nix-build or how to get a development environment.
 - [Nix manual](https://nixos.org/nix/manual)
 - [Nix jobsets on hydra.nixos.org](https://hydra.nixos.org/project/nix)
 - [NixOS Discourse](https://discourse.nixos.org/)
-- [Matrix - #nix:nixos.org](https://matrix.to/#/#nix:nixos.org)
-- [IRC - #nixos on libera.chat](irc://irc.libera.chat/#nixos)
+- [IRC - #nixos on freenode.net](irc://irc.freenode.net/#nixos)
 
 ## License
 

boehmgc-coroutine-sp-fallback.diff

@@ -1,45 +0,0 @@
-diff --git a/pthread_stop_world.c b/pthread_stop_world.c
-index 4b2c429..1fb4c52 100644
---- a/pthread_stop_world.c
-+++ b/pthread_stop_world.c
-@@ -673,6 +673,8 @@ GC_INNER void GC_push_all_stacks(void)
-     struct GC_traced_stack_sect_s *traced_stack_sect;
-     pthread_t self = pthread_self();
-     word total_size = 0;
-+    size_t stack_limit;
-+    pthread_attr_t pattr;
- 
-     if (!EXPECT(GC_thr_initialized, TRUE))
-       GC_thr_init();
-@@ -722,6 +724,31 @@ GC_INNER void GC_push_all_stacks(void)
-           hi = p->altstack + p->altstack_size;
-           /* FIXME: Need to scan the normal stack too, but how ? */
-           /* FIXME: Assume stack grows down */
-+        } else {
-+          if (pthread_getattr_np(p->id, &pattr)) {
-+            ABORT("GC_push_all_stacks: pthread_getattr_np failed!");
-+          }
-+          if (pthread_attr_getstacksize(&pattr, &stack_limit)) {
-+            ABORT("GC_push_all_stacks: pthread_attr_getstacksize failed!");
-+          }
-+          if (pthread_attr_destroy(&pattr)) {
-+            ABORT("GC_push_all_stacks: pthread_attr_destroy failed!");
-+          }
-+          // When a thread goes into a coroutine, we lose its original sp until
-+          // control flow returns to the thread.
-+          // While in the coroutine, the sp points outside the thread stack,
-+          // so we can detect this and push the entire thread stack instead,
-+          // as an approximation.
-+          // We assume that the coroutine has similarly added its entire stack.
-+          // This could be made accurate by cooperating with the application
-+          // via new functions and/or callbacks.
-+          #ifndef STACK_GROWS_UP
-+            if (lo >= hi || lo < hi - stack_limit) { // sp outside stack
-+              lo = hi - stack_limit;
-+            }
-+          #else
-+          #error "STACK_GROWS_UP not supported in boost_coroutine2 (as of june 2021), so we don't support it in Nix."
-+          #endif
-         }
-         GC_push_all_stack_sections(lo, hi, traced_stack_sect);
- #       ifdef STACK_GROWS_UP

config/config.guess

@@ -1,8 +1,8 @@
 #! /bin/sh
 # Attempt to guess a canonical system name.
-#   Copyright 1992-2021 Free Software Foundation, Inc.
+#   Copyright 1992-2020 Free Software Foundation, Inc.
 
-timestamp='2021-01-25'
+timestamp='2020-11-19'
 
 # This file is free software; you can redistribute it and/or modify it
 # under the terms of the GNU General Public License as published by
@@ -50,7 +50,7 @@ version="\
 GNU config.guess ($timestamp)
 
 Originally written by Per Bothner.
-Copyright 1992-2021 Free Software Foundation, Inc.
+Copyright 1992-2020 Free Software Foundation, Inc.
 
 This is free software; see the source for copying conditions.  There is NO
 warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE."
@@ -188,9 +188,10 @@ case "$UNAME_MACHINE:$UNAME_SYSTEM:$UNAME_RELEASE:$UNAME_VERSION" in
 	#
 	# Note: NetBSD doesn't particularly care about the vendor
 	# portion of the name.  We always set it to "unknown".
+	sysctl="sysctl -n hw.machine_arch"
 	UNAME_MACHINE_ARCH=$( (uname -p 2>/dev/null || \
-	    /sbin/sysctl -n hw.machine_arch 2>/dev/null || \
-	    /usr/sbin/sysctl -n hw.machine_arch 2>/dev/null || \
+	    "/sbin/$sysctl" 2>/dev/null || \
+	    "/usr/sbin/$sysctl" 2>/dev/null || \
 	    echo unknown))
 	case "$UNAME_MACHINE_ARCH" in
 	    aarch64eb) machine=aarch64_be-unknown ;;
@@ -995,9 +996,6 @@ EOF
     k1om:Linux:*:*)
 	echo "$UNAME_MACHINE"-unknown-linux-"$LIBC"
 	exit ;;
-    loongarch32:Linux:*:* | loongarch64:Linux:*:* | loongarchx32:Linux:*:*)
-	echo "$UNAME_MACHINE"-unknown-linux-"$LIBC"
-	exit ;;
     m32r*:Linux:*:*)
 	echo "$UNAME_MACHINE"-unknown-linux-"$LIBC"
 	exit ;;
@@ -1086,7 +1084,7 @@ EOF
     ppcle:Linux:*:*)
 	echo powerpcle-unknown-linux-"$LIBC"
 	exit ;;
-    riscv32:Linux:*:* | riscv32be:Linux:*:* | riscv64:Linux:*:* | riscv64be:Linux:*:*)
+    riscv32:Linux:*:* | riscv64:Linux:*:*)
 	echo "$UNAME_MACHINE"-unknown-linux-"$LIBC"
 	exit ;;
     s390:Linux:*:* | s390x:Linux:*:*)
@@ -1482,8 +1480,8 @@ EOF
     i*86:rdos:*:*)
 	echo "$UNAME_MACHINE"-pc-rdos
 	exit ;;
-    *:AROS:*:*)
-	echo "$UNAME_MACHINE"-unknown-aros
+    i*86:AROS:*:*)
+	echo "$UNAME_MACHINE"-pc-aros
 	exit ;;
     x86_64:VMkernel:*:*)
 	echo "$UNAME_MACHINE"-unknown-esx

config/config.sub

@@ -1,8 +1,8 @@
 #! /bin/sh
 # Configuration validation subroutine script.
-#   Copyright 1992-2021 Free Software Foundation, Inc.
+#   Copyright 1992-2020 Free Software Foundation, Inc.
 
-timestamp='2021-01-08'
+timestamp='2020-12-02'
 
 # This file is free software; you can redistribute it and/or modify it
 # under the terms of the GNU General Public License as published by
@@ -67,7 +67,7 @@ Report bugs and patches to <config-patches@gnu.org>."
 version="\
 GNU config.sub ($timestamp)
 
-Copyright 1992-2021 Free Software Foundation, Inc.
+Copyright 1992-2020 Free Software Foundation, Inc.
 
 This is free software; see the source for copying conditions.  There is NO
 warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE."
@@ -1185,7 +1185,6 @@ case $cpu-$vendor in
 			| k1om \
 			| le32 | le64 \
 			| lm32 \
-			| loongarch32 | loongarch64 | loongarchx32 \
 			| m32c | m32r | m32rle \
 			| m5200 | m68000 | m680[012346]0 | m68360 | m683?2 | m68k \
 			| m6811 | m68hc11 | m6812 | m68hc12 | m68hcs12x \
@@ -1230,7 +1229,7 @@ case $cpu-$vendor in
 			| powerpc | powerpc64 | powerpc64le | powerpcle | powerpcspe \
 			| pru \
 			| pyramid \
-			| riscv | riscv32 | riscv32be | riscv64 | riscv64be \
+			| riscv | riscv32 | riscv64 \
 			| rl78 | romp | rs6000 | rx \
 			| s390 | s390x \
 			| score \
@@ -1683,14 +1682,11 @@ fi
 
 # Now, validate our (potentially fixed-up) OS.
 case $os in
-	# Sometimes we do "kernel-libc", so those need to count as OSes.
+	# Sometimes we do "kernel-abi", so those need to count as OSes.
 	musl* | newlib* | uclibc*)
 		;;
-	# Likewise for "kernel-abi"
-	eabi* | gnueabi*)
-		;;
-	# VxWorks passes extra cpu info in the 4th filed.
-	simlinux | simwindows | spe)
+	# Likewise for "kernel-libc"
+	eabi | eabihf | gnueabi | gnueabihf)
 		;;
 	# Now accept the basic system types.
 	# The portable systems comes first.
@@ -1754,8 +1750,6 @@ case $kernel-$os in
 		;;
 	kfreebsd*-gnu* | kopensolaris*-gnu*)
 		;;
-	vxworks-simlinux | vxworks-simwindows | vxworks-spe)
-		;;
 	nto-qnx*)
 		;;
 	os2-emx)

configure.ac

@@ -1,4 +1,4 @@
-AC_INIT([nix],[m4_esyscmd(bash -c "echo -n $(cat ./.version)$VERSION_SUFFIX")])
+AC_INIT(nix, m4_esyscmd([bash -c "echo -n $(cat ./.version)$VERSION_SUFFIX"]))
 AC_CONFIG_MACRO_DIRS([m4])
 AC_CONFIG_SRCDIR(README.md)
 AC_CONFIG_AUX_DIR(config)
@@ -9,7 +9,8 @@ AC_PROG_SED
 AC_CANONICAL_HOST
 AC_MSG_CHECKING([for the canonical Nix system name])
 
-AC_ARG_WITH(system, AS_HELP_STRING([--with-system=SYSTEM],[Platform identifier (e.g., `i686-linux').]),
+AC_ARG_WITH(system, AC_HELP_STRING([--with-system=SYSTEM],
+  [Platform identifier (e.g., `i686-linux').]),
   [system=$withval],
   [case "$host_cpu" in
      i*86)
@@ -32,6 +33,14 @@ AC_ARG_WITH(system, AS_HELP_STRING([--with-system=SYSTEM],[Platform identifier (
         system="$machine_name-`echo $host_os | "$SED" -e's/@<:@0-9.@:>@*$//g'`";;
    esac])
 
+sys_name=$(uname -s | tr 'A-Z ' 'a-z_')
+
+case $sys_name in
+    cygwin*)
+        sys_name=cygwin
+        ;;
+esac
+
 AC_MSG_RESULT($system)
 AC_SUBST(system)
 AC_DEFINE_UNQUOTED(SYSTEM, ["$system"], [platform identifier ('cpu-os')])
@@ -55,12 +64,10 @@ AC_SYS_LARGEFILE
 
 # Solaris-specific stuff.
 AC_STRUCT_DIRENT_D_TYPE
-case "$host_os" in
-  solaris*)
+if test "$sys_name" = sunos; then
     # Solaris requires -lsocket -lnsl for network functions
-    LDFLAGS="-lsocket -lnsl $LDFLAGS"
-    ;;
-esac
+    LIBS="-lsocket -lnsl $LIBS"
+fi
 
 
 # Check for pubsetbuf.
@@ -120,7 +127,8 @@ NEED_PROG(jq, jq)
 AC_SUBST(coreutils, [$(dirname $(type -p cat))])
 
 
-AC_ARG_WITH(store-dir, AS_HELP_STRING([--with-store-dir=PATH],[path of the Nix store (defaults to /nix/store)]),
+AC_ARG_WITH(store-dir, AC_HELP_STRING([--with-store-dir=PATH],
+  [path of the Nix store (defaults to /nix/store)]),
   storedir=$withval, storedir='/nix/store')
 AC_SUBST(storedir)
 
@@ -144,12 +152,13 @@ int main() {
 }]])], GCC_ATOMIC_BUILTINS_NEED_LIBATOMIC=no, GCC_ATOMIC_BUILTINS_NEED_LIBATOMIC=yes)
 AC_MSG_RESULT($GCC_ATOMIC_BUILTINS_NEED_LIBATOMIC)
 if test "x$GCC_ATOMIC_BUILTINS_NEED_LIBATOMIC" = xyes; then
-    LDFLAGS="-latomic $LDFLAGS"
+    LIBS="-latomic $LIBS"
 fi
 
 PKG_PROG_PKG_CONFIG
 
-AC_ARG_ENABLE(shared, AS_HELP_STRING([--enable-shared],[Build shared libraries for Nix [default=yes]]),
+AC_ARG_ENABLE(shared, AC_HELP_STRING([--enable-shared],
+  [Build shared libraries for Nix [default=yes]]),
   shared=$enableval, shared=yes)
 if test "$shared" = yes; then
   AC_SUBST(BUILD_SHARED_LIBS, 1, [Whether to build shared libraries.])
@@ -163,6 +172,11 @@ fi
 PKG_CHECK_MODULES([OPENSSL], [libcrypto], [CXXFLAGS="$OPENSSL_CFLAGS $CXXFLAGS"])
 
 
+# Look for libbz2, a required dependency.
+AC_CHECK_LIB([bz2], [BZ2_bzWriteOpen], [true],
+  [AC_MSG_ERROR([Nix requires libbz2, which is part of bzip2.  See https://sourceware.org/bzip2/.])])
+AC_CHECK_HEADERS([bzlib.h], [true],
+  [AC_MSG_ERROR([Nix requires libbz2, which is part of bzip2.  See https://sourceware.org/bzip2/.])])
 # Checks for libarchive
 PKG_CHECK_MODULES([LIBARCHIVE], [libarchive >= 3.1.2], [CXXFLAGS="$LIBARCHIVE_CFLAGS $CXXFLAGS"])
 # Workaround until https://github.com/libarchive/libarchive/issues/1446 is fixed
@@ -188,55 +202,48 @@ PKG_CHECK_MODULES([EDITLINE], [libeditline], [CXXFLAGS="$EDITLINE_CFLAGS $CXXFLA
     [AC_MSG_ERROR([Nix requires libeditline; it was not found via pkg-config, but via its header, but required functions do not work. Maybe it is too old? >= 1.14 is required.])])
 ])
 
-# Look for libsodium.
+# Look for libsodium, an optional dependency.
 PKG_CHECK_MODULES([SODIUM], [libsodium], [CXXFLAGS="$SODIUM_CFLAGS $CXXFLAGS"])
 
+# Look for liblzma, a required dependency.
+PKG_CHECK_MODULES([LIBLZMA], [liblzma], [CXXFLAGS="$LIBLZMA_CFLAGS $CXXFLAGS"])
+AC_CHECK_LIB([lzma], [lzma_stream_encoder_mt],
+  [AC_DEFINE([HAVE_LZMA_MT], [1], [xz multithreaded compression support])])
+
+# Look for zlib, a required dependency.
+PKG_CHECK_MODULES([ZLIB], [zlib], [CXXFLAGS="$ZLIB_CFLAGS $CXXFLAGS"])
+AC_CHECK_HEADER([zlib.h],[:],[AC_MSG_ERROR([could not find the zlib.h header])])
+LDFLAGS="-lz $LDFLAGS"
+
 # Look for libbrotli{enc,dec}.
 PKG_CHECK_MODULES([LIBBROTLI], [libbrotlienc libbrotlidec], [CXXFLAGS="$LIBBROTLI_CFLAGS $CXXFLAGS"])
 
-# Look for libcpuid.
-have_libcpuid=
-if test "$machine_name" = "x86_64"; then
-    AC_ARG_ENABLE([cpuid],
-                  AS_HELP_STRING([--disable-cpuid], [Do not determine microarchitecture levels with libcpuid (relevant to x86_64 only)]))
-    if test "x$enable_cpuid" != "xno"; then
-      PKG_CHECK_MODULES([LIBCPUID], [libcpuid],
-        [CXXFLAGS="$LIBCPUID_CFLAGS $CXXFLAGS"
-         have_libcpuid=1
-         AC_DEFINE([HAVE_LIBCPUID], [1], [Use libcpuid])]
-      )
-    fi
-fi
-AC_SUBST(HAVE_LIBCPUID, [$have_libcpuid])
-
 
 # Look for libseccomp, required for Linux sandboxing.
-case "$host_os" in
-  linux*)
-    AC_ARG_ENABLE([seccomp-sandboxing],
-                  AS_HELP_STRING([--disable-seccomp-sandboxing],[Don't build support for seccomp sandboxing (only recommended if your arch doesn't support libseccomp yet!)
-                                ]))
-    if test "x$enable_seccomp_sandboxing" != "xno"; then
-      PKG_CHECK_MODULES([LIBSECCOMP], [libseccomp],
-                        [CXXFLAGS="$LIBSECCOMP_CFLAGS $CXXFLAGS"])
-      have_seccomp=1
-      AC_DEFINE([HAVE_SECCOMP], [1], [Whether seccomp is available and should be used for sandboxing.])
-    else
-      have_seccomp=
-    fi
-    ;;
-  *)
+if test "$sys_name" = linux; then
+  AC_ARG_ENABLE([seccomp-sandboxing],
+                AC_HELP_STRING([--disable-seccomp-sandboxing],
+                               [Don't build support for seccomp sandboxing (only recommended if your arch doesn't support libseccomp yet!)]
+                              ))
+  if test "x$enable_seccomp_sandboxing" != "xno"; then
+    PKG_CHECK_MODULES([LIBSECCOMP], [libseccomp],
+                      [CXXFLAGS="$LIBSECCOMP_CFLAGS $CXXFLAGS"])
+    have_seccomp=1
+    AC_DEFINE([HAVE_SECCOMP], [1], [Whether seccomp is available and should be used for sandboxing.])
+  else
     have_seccomp=
-    ;;
-esac
+  fi
+else
+  have_seccomp=
+fi
 AC_SUBST(HAVE_SECCOMP, [$have_seccomp])
 
 
 # Look for aws-cpp-sdk-s3.
 AC_LANG_PUSH(C++)
 AC_CHECK_HEADERS([aws/s3/S3Client.h],
-  [AC_DEFINE([ENABLE_S3], [1], [Whether to enable S3 support via aws-sdk-cpp.]) enable_s3=1],
-  [AC_DEFINE([ENABLE_S3], [0], [Whether to enable S3 support via aws-sdk-cpp.]) enable_s3=])
+  [AC_DEFINE([ENABLE_S3], [1], [Whether to enable S3 support via aws-sdk-cpp.])
+  enable_s3=1], [enable_s3=])
 AC_SUBST(ENABLE_S3, [$enable_s3])
 AC_LANG_POP(C++)
 
@@ -249,7 +256,8 @@ fi
 
 
 # Whether to use the Boehm garbage collector.
-AC_ARG_ENABLE(gc, AS_HELP_STRING([--enable-gc],[enable garbage collection in the Nix expression evaluator (requires Boehm GC) [default=yes]]),
+AC_ARG_ENABLE(gc, AC_HELP_STRING([--enable-gc],
+  [enable garbage collection in the Nix expression evaluator (requires Boehm GC) [default=yes]]),
   gc=$enableval, gc=yes)
 if test "$gc" = yes; then
   PKG_CHECK_MODULES([BDW_GC], [bdw-gc])
@@ -262,17 +270,12 @@ fi
 PKG_CHECK_MODULES([GTEST], [gtest_main])
 
 
-# Look for nlohmann/json.
-PKG_CHECK_MODULES([NLOHMANN_JSON], [nlohmann_json >= 3.9])
-
-
 # documentation generation switch
-AC_ARG_ENABLE(doc-gen, AS_HELP_STRING([--disable-doc-gen],[disable documentation generation]),
+AC_ARG_ENABLE(doc-gen, AC_HELP_STRING([--disable-doc-gen],
+  [disable documentation generation]),
   doc_generate=$enableval, doc_generate=yes)
 AC_SUBST(doc_generate)
 
-# Look for lowdown library.
-PKG_CHECK_MODULES([LOWDOWN], [lowdown >= 0.9.0], [CXXFLAGS="$LOWDOWN_CFLAGS $CXXFLAGS"])
 
 # Setuid installations.
 AC_CHECK_FUNCS([setresuid setreuid lchown])
@@ -284,27 +287,26 @@ AC_CHECK_FUNCS([strsignal posix_fallocate sysconf])
 
 # This is needed if bzip2 is a static library, and the Nix libraries
 # are dynamic.
-case "${host_os}" in
-  darwin*)
+if test "$(uname)" = "Darwin"; then
     LDFLAGS="-all_load $LDFLAGS"
-    ;;
-esac
+fi
 
 
-AC_ARG_WITH(sandbox-shell, AS_HELP_STRING([--with-sandbox-shell=PATH],[path of a statically-linked shell to use as /bin/sh in sandboxes]),
+# Do we have GNU tar?
+AC_MSG_CHECKING([if you have a recent GNU tar])
+if $tar --version 2> /dev/null | grep -q GNU && tar cvf /dev/null --warning=no-timestamp ./config.log > /dev/null; then
+    AC_MSG_RESULT(yes)
+    tarFlags="--warning=no-timestamp"
+else
+    AC_MSG_RESULT(no)
+fi
+AC_SUBST(tarFlags)
+
+
+AC_ARG_WITH(sandbox-shell, AC_HELP_STRING([--with-sandbox-shell=PATH],
+  [path of a statically-linked shell to use as /bin/sh in sandboxes]),
   sandbox_shell=$withval)
 AC_SUBST(sandbox_shell)
-if test ${cross_compiling:-no} = no && ! test -z ${sandbox_shell+x}; then
-  AC_MSG_CHECKING([whether sandbox-shell has the standalone feature])
-  # busybox shell sometimes allows executing other busybox applets,
-  # even if they are not in the path, breaking our sandbox
-  if PATH= $sandbox_shell -c "busybox" 2>&1 | grep -qv "not found"; then
-    AC_MSG_RESULT(enabled)
-    AC_MSG_ERROR([Please disable busybox FEATURE_SH_STANDALONE])
-  else
-    AC_MSG_RESULT(disabled)
-  fi
-fi
 
 # Expand all variables in config.status.
 test "$prefix" = NONE && prefix=$ac_default_prefix
@@ -317,6 +319,6 @@ done
 
 rm -f Makefile.config
 
-AC_CONFIG_HEADERS([config.h])
+AC_CONFIG_HEADER([config.h])
 AC_CONFIG_FILES([])
 AC_OUTPUT

default.nix

@@ -1,3 +1,3 @@
-(import (fetchTarball "https://github.com/edolstra/flake-compat/archive/master.tar.gz") {
+(import (fetchTarball https://github.com/edolstra/flake-compat/archive/master.tar.gz) {
   src = ./.;
 }).defaultNix

doc/manual/anchors.jq

@@ -1,31 +0,0 @@
-"\\[\\]\\{#(?<anchor>[^\\}]+?)\\}" as $empty_anchor_regex |
-"\\[(?<text>[^\\]]+?)\\]\\{#(?<anchor>[^\\}]+?)\\}" as $anchor_regex |
-
-
-def transform_anchors_html:
-    . | gsub($empty_anchor_regex; "<a name=\"" + .anchor + "\"></a>")
-      | gsub($anchor_regex; "<a href=\"#" + .anchor + "\" id=\"" + .anchor + "\">" + .text + "</a>");
-
-
-def transform_anchors_strip:
-    . | gsub($empty_anchor_regex; "")
-      | gsub($anchor_regex; .text);
-
-
-def map_contents_recursively(transformer):
-    . + {
-        Chapter: (.Chapter + {
-            content: .Chapter.content | transformer,
-            sub_items: .Chapter.sub_items | map(map_contents_recursively(transformer)),
-        }),
-    };
-
-
-def process_command:
-    .[0] as $context |
-    .[1] as $body |
-    $body + {
-        sections: $body.sections | map(map_contents_recursively(if $context.renderer == "html" then transform_anchors_html else transform_anchors_strip end)),
-    };
-
-process_command

doc/manual/book.toml

@@ -1,7 +1,2 @@
 [output.html]
 additional-css = ["custom.css"]
-additional-js = ["redirects.js"]
-
-[preprocessor.anchors]
-renderers = ["html"]
-command = "jq --from-file doc/manual/anchors.jq"

doc/manual/generate-builtins.nix

@@ -6,11 +6,9 @@ builtins:
 concatStrings (map
   (name:
     let builtin = builtins.${name}; in
-    "<dt id=\"builtins-${name}\"><a href=\"#builtins-${name}\"><code>${name} "
-    + concatStringsSep " " (map (s: "<var>${s}</var>") builtin.args)
-    + "</code></a></dt>"
-    + "<dd>\n\n"
-    + builtin.doc
-    + "\n\n</dd>"
+    "  - `builtins.${name}` " + concatStringsSep " " (map (s: "*${s}*") builtin.args)
+    + "  \n\n"
+    + concatStrings (map (s: "    ${s}\n") (splitLines builtin.doc)) + "\n\n"
   )
   (attrNames builtins))
+

doc/manual/generate-manpage.nix

@@ -1,4 +1,4 @@
-{ command, renderLinks ? false }:
+command:
 
 with builtins;
 with import ./utils.nix;
@@ -7,10 +7,7 @@ let
 
   showCommand =
     { command, def, filename }:
-    ''
-      **Warning**: This program is **experimental** and its interface is subject to change.
-    ''
-    + "# Name\n\n"
+    "# Name\n\n"
     + "`${command}` - ${def.description}\n\n"
     + "# Synopsis\n\n"
     + showSynopsis { inherit command; args = def.args; }
@@ -20,11 +17,7 @@ let
            categories = sort (x: y: x.id < y.id) (unique (map (cmd: cmd.category) (attrValues def.commands)));
            listCommands = cmds:
              concatStrings (map (name:
-               "* "
-               + (if renderLinks
-                  then "[`${command} ${name}`](./${appendName filename name}.md)"
-                  else "`${command} ${name}`")
-               + " - ${cmds.${name}.description}\n")
+               "* [`${command} ${name}`](./${appendName filename name}.md) - ${cmds.${name}.description}\n")
                (attrNames cmds));
          in
          "where *subcommand* is one of the following:\n\n"
@@ -93,7 +86,7 @@ let
 in
 
 let
-  manpages = processCommand { filename = "nix"; command = "nix"; def = builtins.fromJSON command; };
+  manpages = processCommand { filename = "nix"; command = "nix"; def = command; };
   summary = concatStrings (map (manpage: "    - [${manpage.command}](command-ref/new-cli/${manpage.name})\n") manpages);
 in
 (listToAttrs manpages) // { "SUMMARY.md" = summary; }

doc/manual/generate-options.nix

@@ -6,22 +6,19 @@ options:
 concatStrings (map
   (name:
     let option = options.${name}; in
-    "  - [`${name}`](#conf-${name})"
-    + "<p id=\"conf-${name}\"></p>\n\n"
+    "  - `${name}`  \n\n"
     + concatStrings (map (s: "    ${s}\n") (splitLines option.description)) + "\n\n"
-    + (if option.documentDefault
-       then "    **Default:** " + (
-       if option.value == "" || option.value == []
-       then "*empty*"
-       else if isBool option.value
-       then (if option.value then "`true`" else "`false`")
-       else
-         # n.b. a StringMap value type is specified as a string, but
-         # this shows the value type.  The empty stringmap is "null" in
-         # JSON, but that converts to "{ }" here.
-         (if isAttrs option.value then "`\"\"`"
-          else "`" + toString option.value + "`")) + "\n\n"
-       else "    **Default:** *machine-specific*\n")
+    + "    **Default:** " + (
+      if option.value == "" || option.value == []
+      then "*empty*"
+      else if isBool option.value
+      then (if option.value then "`true`" else "`false`")
+      else
+        # n.b. a StringMap value type is specified as a string, but
+        # this shows the value type.  The empty stringmap is "null" in
+        # JSON, but that converts to "{ }" here.
+        (if isAttrs option.value then "`\"\"`"
+         else "`" + toString option.value + "`")) + "\n\n"
     + (if option.aliases != []
        then "    **Deprecated alias:** " + (concatStringsSep ", " (map (s: "`${s}`") option.aliases)) + "\n\n"
        else "")

doc/manual/local.mk

@@ -1,5 +1,7 @@
 ifeq ($(doc_generate),yes)
 
+MANUAL_SRCS := $(call rwildcard, $(d)/src, *.md)
+
 # Generate man pages.
 man-pages := $(foreach n, \
   nix-env.1 nix-build.1 nix-shell.1 nix-store.1 nix-instantiate.1 \
@@ -12,32 +14,30 @@ man-pages := $(foreach n, \
 clean-files += $(d)/*.1 $(d)/*.5 $(d)/*.8
 
 # Provide a dummy environment for nix, so that it will not access files outside the macOS sandbox.
-# Set cores to 0 because otherwise nix show-config resolves the cores based on the current machine
 dummy-env = env -i \
 	HOME=/dummy \
 	NIX_CONF_DIR=/dummy \
 	NIX_SSL_CERT_FILE=/dummy/no-ca-bundle.crt \
-	NIX_STATE_DIR=/dummy \
-	NIX_CONFIG='cores = 0'
+	NIX_STATE_DIR=/dummy
 
 nix-eval = $(dummy-env) $(bindir)/nix eval --experimental-features nix-command -I nix/corepkgs=corepkgs --store dummy:// --impure --raw
 
 $(d)/%.1: $(d)/src/command-ref/%.md
 	@printf "Title: %s\n\n" "$$(basename $@ .1)" > $^.tmp
 	@cat $^ >> $^.tmp
-	$(trace-gen) lowdown -sT man -M section=1 $^.tmp -o $@
+	$(trace-gen) lowdown -sT man $^.tmp -o $@
 	@rm $^.tmp
 
 $(d)/%.8: $(d)/src/command-ref/%.md
 	@printf "Title: %s\n\n" "$$(basename $@ .8)" > $^.tmp
 	@cat $^ >> $^.tmp
-	$(trace-gen) lowdown -sT man -M section=8 $^.tmp -o $@
+	$(trace-gen) lowdown -sT man $^.tmp -o $@
 	@rm $^.tmp
 
 $(d)/nix.conf.5: $(d)/src/command-ref/conf-file.md
 	@printf "Title: %s\n\n" "$$(basename $@ .5)" > $^.tmp
 	@cat $^ >> $^.tmp
-	$(trace-gen) lowdown -sT man -M section=5 $^.tmp -o $@
+	$(trace-gen) lowdown -sT man $^.tmp -o $@
 	@rm $^.tmp
 
 $(d)/src/SUMMARY.md: $(d)/src/SUMMARY.md.in $(d)/src/command-ref/new-cli
@@ -46,7 +46,7 @@ $(d)/src/SUMMARY.md: $(d)/src/SUMMARY.md.in $(d)/src/command-ref/new-cli
 
 $(d)/src/command-ref/new-cli: $(d)/nix.json $(d)/generate-manpage.nix $(bindir)/nix
 	@rm -rf $@
-	$(trace-gen) $(nix-eval) --write-to $@ --expr 'import doc/manual/generate-manpage.nix { command = builtins.readFile $<; renderLinks = true; }'
+	$(trace-gen) $(nix-eval) --write-to $@ --expr 'import doc/manual/generate-manpage.nix (builtins.fromJSON (builtins.readFile $<))'
 
 $(d)/src/command-ref/conf-file.md: $(d)/conf-file.json $(d)/generate-options.nix $(d)/src/command-ref/conf-file-prefix.md $(bindir)/nix
 	@cat doc/manual/src/command-ref/conf-file-prefix.md > $@.tmp
@@ -64,7 +64,6 @@ $(d)/conf-file.json: $(bindir)/nix
 $(d)/src/expressions/builtins.md: $(d)/builtins.json $(d)/generate-builtins.nix $(d)/src/expressions/builtins-prefix.md $(bindir)/nix
 	@cat doc/manual/src/expressions/builtins-prefix.md > $@.tmp
 	$(trace-gen) $(nix-eval) --expr 'import doc/manual/generate-builtins.nix (builtins.fromJSON (builtins.readFile $<))' >> $@.tmp
-	@cat doc/manual/src/expressions/builtins-suffix.md >> $@.tmp
 	@mv $@.tmp $@
 
 $(d)/builtins.json: $(bindir)/nix
@@ -72,32 +71,20 @@ $(d)/builtins.json: $(bindir)/nix
 	@mv $@.tmp $@
 
 # Generate the HTML manual.
-html: $(docdir)/manual/index.html
 install: $(docdir)/manual/index.html
 
 # Generate 'nix' manpages.
-install: $(mandir)/man1/nix3-manpages
-man: doc/manual/generated/man1/nix3-manpages
-all: doc/manual/generated/man1/nix3-manpages
-
-$(mandir)/man1/nix3-manpages: doc/manual/generated/man1/nix3-manpages
-	@mkdir -p $(DESTDIR)$$(dirname $@)
-	$(trace-install) install -m 0644 $$(dirname $<)/* $(DESTDIR)$$(dirname $@)
-
-doc/manual/generated/man1/nix3-manpages: $(d)/src/command-ref/new-cli
-	@mkdir -p $(DESTDIR)$$(dirname $@)
+install: $(d)/src/command-ref/new-cli
 	$(trace-gen) for i in doc/manual/src/command-ref/new-cli/*.md; do \
 	  name=$$(basename $$i .md); \
-	  tmpFile=$$(mktemp); \
 	  if [[ $$name = SUMMARY ]]; then continue; fi; \
-	  printf "Title: %s\n\n" "$$name" > $$tmpFile; \
-	  cat $$i >> $$tmpFile; \
-	  lowdown -sT man -M section=1 $$tmpFile -o $(DESTDIR)$$(dirname $@)/$$name.1; \
-	  rm $$tmpFile; \
+	  printf "Title: %s\n\n" "$$name" > $$i.tmp; \
+	  cat $$i >> $$i.tmp; \
+	  lowdown -sT man $$i.tmp -o $(mandir)/man1/$$name.1; \
 	done
-	@touch $@
 
-$(docdir)/manual/index.html: $(MANUAL_SRCS) $(d)/book.toml $(d)/anchors.jq $(d)/custom.css $(d)/src/SUMMARY.md $(d)/src/command-ref/new-cli $(d)/src/command-ref/conf-file.md $(d)/src/expressions/builtins.md $(call rwildcard, $(d)/src, *.md)
-	$(trace-gen) RUST_LOG=warn mdbook build doc/manual -d $(DESTDIR)$(docdir)/manual
+$(docdir)/manual/index.html: $(MANUAL_SRCS) $(d)/book.toml $(d)/custom.css $(d)/src/SUMMARY.md $(d)/src/command-ref/new-cli $(d)/src/command-ref/conf-file.md $(d)/src/expressions/builtins.md
+	$(trace-gen) RUST_LOG=warn mdbook build doc/manual -d $(docdir)/manual
+	@cp doc/manual/highlight.pack.js $(docdir)/manual/highlight.js
 
 endif

doc/manual/redirects.js

@@ -1,337 +0,0 @@
-// Redirects from old DocBook manual.
-var redirects = {
-  "#part-advanced-topics": "advanced-topics/advanced-topics.html",
-  "#chap-tuning-cores-and-jobs": "advanced-topics/cores-vs-jobs.html",
-  "#chap-diff-hook": "advanced-topics/diff-hook.html",
-  "#check-dirs-are-unregistered": "advanced-topics/diff-hook.html#check-dirs-are-unregistered",
-  "#chap-distributed-builds": "advanced-topics/distributed-builds.html",
-  "#chap-post-build-hook": "advanced-topics/post-build-hook.html",
-  "#chap-post-build-hook-caveats": "advanced-topics/post-build-hook.html#implementation-caveats",
-  "#part-command-ref": "command-ref/command-ref.html",
-  "#conf-allow-import-from-derivation": "command-ref/conf-file.html#conf-allow-import-from-derivation",
-  "#conf-allow-new-privileges": "command-ref/conf-file.html#conf-allow-new-privileges",
-  "#conf-allowed-uris": "command-ref/conf-file.html#conf-allowed-uris",
-  "#conf-allowed-users": "command-ref/conf-file.html#conf-allowed-users",
-  "#conf-auto-optimise-store": "command-ref/conf-file.html#conf-auto-optimise-store",
-  "#conf-binary-cache-public-keys": "command-ref/conf-file.html#conf-binary-cache-public-keys",
-  "#conf-binary-caches": "command-ref/conf-file.html#conf-binary-caches",
-  "#conf-build-compress-log": "command-ref/conf-file.html#conf-build-compress-log",
-  "#conf-build-cores": "command-ref/conf-file.html#conf-build-cores",
-  "#conf-build-extra-chroot-dirs": "command-ref/conf-file.html#conf-build-extra-chroot-dirs",
-  "#conf-build-extra-sandbox-paths": "command-ref/conf-file.html#conf-build-extra-sandbox-paths",
-  "#conf-build-fallback": "command-ref/conf-file.html#conf-build-fallback",
-  "#conf-build-max-jobs": "command-ref/conf-file.html#conf-build-max-jobs",
-  "#conf-build-max-log-size": "command-ref/conf-file.html#conf-build-max-log-size",
-  "#conf-build-max-silent-time": "command-ref/conf-file.html#conf-build-max-silent-time",
-  "#conf-build-repeat": "command-ref/conf-file.html#conf-build-repeat",
-  "#conf-build-timeout": "command-ref/conf-file.html#conf-build-timeout",
-  "#conf-build-use-chroot": "command-ref/conf-file.html#conf-build-use-chroot",
-  "#conf-build-use-sandbox": "command-ref/conf-file.html#conf-build-use-sandbox",
-  "#conf-build-use-substitutes": "command-ref/conf-file.html#conf-build-use-substitutes",
-  "#conf-build-users-group": "command-ref/conf-file.html#conf-build-users-group",
-  "#conf-builders": "command-ref/conf-file.html#conf-builders",
-  "#conf-builders-use-substitutes": "command-ref/conf-file.html#conf-builders-use-substitutes",
-  "#conf-compress-build-log": "command-ref/conf-file.html#conf-compress-build-log",
-  "#conf-connect-timeout": "command-ref/conf-file.html#conf-connect-timeout",
-  "#conf-cores": "command-ref/conf-file.html#conf-cores",
-  "#conf-diff-hook": "command-ref/conf-file.html#conf-diff-hook",
-  "#conf-enforce-determinism": "command-ref/conf-file.html#conf-enforce-determinism",
-  "#conf-env-keep-derivations": "command-ref/conf-file.html#conf-env-keep-derivations",
-  "#conf-extra-binary-caches": "command-ref/conf-file.html#conf-extra-binary-caches",
-  "#conf-extra-platforms": "command-ref/conf-file.html#conf-extra-platforms",
-  "#conf-extra-sandbox-paths": "command-ref/conf-file.html#conf-extra-sandbox-paths",
-  "#conf-extra-substituters": "command-ref/conf-file.html#conf-extra-substituters",
-  "#conf-fallback": "command-ref/conf-file.html#conf-fallback",
-  "#conf-fsync-metadata": "command-ref/conf-file.html#conf-fsync-metadata",
-  "#conf-gc-keep-derivations": "command-ref/conf-file.html#conf-gc-keep-derivations",
-  "#conf-gc-keep-outputs": "command-ref/conf-file.html#conf-gc-keep-outputs",
-  "#conf-hashed-mirrors": "command-ref/conf-file.html#conf-hashed-mirrors",
-  "#conf-http-connections": "command-ref/conf-file.html#conf-http-connections",
-  "#conf-keep-build-log": "command-ref/conf-file.html#conf-keep-build-log",
-  "#conf-keep-derivations": "command-ref/conf-file.html#conf-keep-derivations",
-  "#conf-keep-env-derivations": "command-ref/conf-file.html#conf-keep-env-derivations",
-  "#conf-keep-outputs": "command-ref/conf-file.html#conf-keep-outputs",
-  "#conf-max-build-log-size": "command-ref/conf-file.html#conf-max-build-log-size",
-  "#conf-max-free": "command-ref/conf-file.html#conf-max-free",
-  "#conf-max-jobs": "command-ref/conf-file.html#conf-max-jobs",
-  "#conf-max-silent-time": "command-ref/conf-file.html#conf-max-silent-time",
-  "#conf-min-free": "command-ref/conf-file.html#conf-min-free",
-  "#conf-narinfo-cache-negative-ttl": "command-ref/conf-file.html#conf-narinfo-cache-negative-ttl",
-  "#conf-narinfo-cache-positive-ttl": "command-ref/conf-file.html#conf-narinfo-cache-positive-ttl",
-  "#conf-netrc-file": "command-ref/conf-file.html#conf-netrc-file",
-  "#conf-plugin-files": "command-ref/conf-file.html#conf-plugin-files",
-  "#conf-post-build-hook": "command-ref/conf-file.html#conf-post-build-hook",
-  "#conf-pre-build-hook": "command-ref/conf-file.html#conf-pre-build-hook",
-  "#conf-repeat": "command-ref/conf-file.html#conf-repeat",
-  "#conf-require-sigs": "command-ref/conf-file.html#conf-require-sigs",
-  "#conf-restrict-eval": "command-ref/conf-file.html#conf-restrict-eval",
-  "#conf-run-diff-hook": "command-ref/conf-file.html#conf-run-diff-hook",
-  "#conf-sandbox": "command-ref/conf-file.html#conf-sandbox",
-  "#conf-sandbox-dev-shm-size": "command-ref/conf-file.html#conf-sandbox-dev-shm-size",
-  "#conf-sandbox-paths": "command-ref/conf-file.html#conf-sandbox-paths",
-  "#conf-secret-key-files": "command-ref/conf-file.html#conf-secret-key-files",
-  "#conf-show-trace": "command-ref/conf-file.html#conf-show-trace",
-  "#conf-stalled-download-timeout": "command-ref/conf-file.html#conf-stalled-download-timeout",
-  "#conf-substitute": "command-ref/conf-file.html#conf-substitute",
-  "#conf-substituters": "command-ref/conf-file.html#conf-substituters",
-  "#conf-system": "command-ref/conf-file.html#conf-system",
-  "#conf-system-features": "command-ref/conf-file.html#conf-system-features",
-  "#conf-tarball-ttl": "command-ref/conf-file.html#conf-tarball-ttl",
-  "#conf-timeout": "command-ref/conf-file.html#conf-timeout",
-  "#conf-trace-function-calls": "command-ref/conf-file.html#conf-trace-function-calls",
-  "#conf-trusted-binary-caches": "command-ref/conf-file.html#conf-trusted-binary-caches",
-  "#conf-trusted-public-keys": "command-ref/conf-file.html#conf-trusted-public-keys",
-  "#conf-trusted-substituters": "command-ref/conf-file.html#conf-trusted-substituters",
-  "#conf-trusted-users": "command-ref/conf-file.html#conf-trusted-users",
-  "#extra-sandbox-paths": "command-ref/conf-file.html#extra-sandbox-paths",
-  "#sec-conf-file": "command-ref/conf-file.html",
-  "#env-NIX_PATH": "command-ref/env-common.html#env-NIX_PATH",
-  "#env-common": "command-ref/env-common.html",
-  "#envar-remote": "command-ref/env-common.html#env-NIX_REMOTE",
-  "#sec-common-env": "command-ref/env-common.html",
-  "#ch-files": "command-ref/files.html",
-  "#ch-main-commands": "command-ref/main-commands.html",
-  "#opt-out-link": "command-ref/nix-build.html#opt-out-link",
-  "#sec-nix-build": "command-ref/nix-build.html",
-  "#sec-nix-channel": "command-ref/nix-channel.html",
-  "#sec-nix-collect-garbage": "command-ref/nix-collect-garbage.html",
-  "#sec-nix-copy-closure": "command-ref/nix-copy-closure.html",
-  "#sec-nix-daemon": "command-ref/nix-daemon.html",
-  "#refsec-nix-env-install-examples": "command-ref/nix-env.html#examples",
-  "#rsec-nix-env-install": "command-ref/nix-env.html#operation---install",
-  "#rsec-nix-env-set": "command-ref/nix-env.html#operation---set",
-  "#rsec-nix-env-set-flag": "command-ref/nix-env.html#operation---set-flag",
-  "#rsec-nix-env-upgrade": "command-ref/nix-env.html#operation---upgrade",
-  "#sec-nix-env": "command-ref/nix-env.html",
-  "#ssec-version-comparisons": "command-ref/nix-env.html#versions",
-  "#sec-nix-hash": "command-ref/nix-hash.html",
-  "#sec-nix-instantiate": "command-ref/nix-instantiate.html",
-  "#sec-nix-prefetch-url": "command-ref/nix-prefetch-url.html",
-  "#sec-nix-shell": "command-ref/nix-shell.html",
-  "#ssec-nix-shell-shebang": "command-ref/nix-shell.html#use-as-a--interpreter",
-  "#nixref-queries": "command-ref/nix-store.html#queries",
-  "#opt-add-root": "command-ref/nix-store.html#opt-add-root",
-  "#refsec-nix-store-dump": "command-ref/nix-store.html#operation---dump",
-  "#refsec-nix-store-export": "command-ref/nix-store.html#operation---export",
-  "#refsec-nix-store-import": "command-ref/nix-store.html#operation---import",
-  "#refsec-nix-store-query": "command-ref/nix-store.html#operation---query",
-  "#refsec-nix-store-verify": "command-ref/nix-store.html#operation---verify",
-  "#rsec-nix-store-gc": "command-ref/nix-store.html#operation---gc",
-  "#rsec-nix-store-generate-binary-cache-key": "command-ref/nix-store.html#operation---generate-binary-cache-key",
-  "#rsec-nix-store-realise": "command-ref/nix-store.html#operation---realise",
-  "#rsec-nix-store-serve": "command-ref/nix-store.html#operation---serve",
-  "#sec-nix-store": "command-ref/nix-store.html",
-  "#opt-I": "command-ref/opt-common.html#opt-I",
-  "#opt-attr": "command-ref/opt-common.html#opt-attr",
-  "#opt-common": "command-ref/opt-common.html",
-  "#opt-cores": "command-ref/opt-common.html#opt-cores",
-  "#opt-log-format": "command-ref/opt-common.html#opt-log-format",
-  "#opt-max-jobs": "command-ref/opt-common.html#opt-max-jobs",
-  "#opt-max-silent-time": "command-ref/opt-common.html#opt-max-silent-time",
-  "#opt-timeout": "command-ref/opt-common.html#opt-timeout",
-  "#sec-common-options": "command-ref/opt-common.html",
-  "#ch-utilities": "command-ref/utilities.html",
-  "#chap-hacking": "contributing/hacking.html",
-  "#adv-attr-allowSubstitutes": "expressions/advanced-attributes.html#adv-attr-allowSubstitutes",
-  "#adv-attr-allowedReferences": "expressions/advanced-attributes.html#adv-attr-allowedReferences",
-  "#adv-attr-allowedRequisites": "expressions/advanced-attributes.html#adv-attr-allowedRequisites",
-  "#adv-attr-disallowedReferences": "expressions/advanced-attributes.html#adv-attr-disallowedReferences",
-  "#adv-attr-disallowedRequisites": "expressions/advanced-attributes.html#adv-attr-disallowedRequisites",
-  "#adv-attr-exportReferencesGraph": "expressions/advanced-attributes.html#adv-attr-exportReferencesGraph",
-  "#adv-attr-impureEnvVars": "expressions/advanced-attributes.html#adv-attr-impureEnvVars",
-  "#adv-attr-outputHash": "expressions/advanced-attributes.html#adv-attr-outputHash",
-  "#adv-attr-outputHashAlgo": "expressions/advanced-attributes.html#adv-attr-outputHashAlgo",
-  "#adv-attr-outputHashMode": "expressions/advanced-attributes.html#adv-attr-outputHashMode",
-  "#adv-attr-passAsFile": "expressions/advanced-attributes.html#adv-attr-passAsFile",
-  "#adv-attr-preferLocalBuild": "expressions/advanced-attributes.html#adv-attr-preferLocalBuild",
-  "#fixed-output-drvs": "expressions/advanced-attributes.html#adv-attr-outputHash",
-  "#sec-advanced-attributes": "expressions/advanced-attributes.html",
-  "#sec-arguments": "expressions/arguments-variables.html",
-  "#sec-build-script": "expressions/build-script.html",
-  "#builtin-abort": "expressions/builtins.html#builtins-abort",
-  "#builtin-add": "expressions/builtins.html#builtins-add",
-  "#builtin-all": "expressions/builtins.html#builtins-all",
-  "#builtin-any": "expressions/builtins.html#builtins-any",
-  "#builtin-attrNames": "expressions/builtins.html#builtins-attrNames",
-  "#builtin-attrValues": "expressions/builtins.html#builtins-attrValues",
-  "#builtin-baseNameOf": "expressions/builtins.html#builtins-baseNameOf",
-  "#builtin-bitAnd": "expressions/builtins.html#builtins-bitAnd",
-  "#builtin-bitOr": "expressions/builtins.html#builtins-bitOr",
-  "#builtin-bitXor": "expressions/builtins.html#builtins-bitXor",
-  "#builtin-builtins": "expressions/builtins.html#builtins-builtins",
-  "#builtin-compareVersions": "expressions/builtins.html#builtins-compareVersions",
-  "#builtin-concatLists": "expressions/builtins.html#builtins-concatLists",
-  "#builtin-concatStringsSep": "expressions/builtins.html#builtins-concatStringsSep",
-  "#builtin-currentSystem": "expressions/builtins.html#builtins-currentSystem",
-  "#builtin-deepSeq": "expressions/builtins.html#builtins-deepSeq",
-  "#builtin-derivation": "expressions/builtins.html#builtins-derivation",
-  "#builtin-dirOf": "expressions/builtins.html#builtins-dirOf",
-  "#builtin-div": "expressions/builtins.html#builtins-div",
-  "#builtin-elem": "expressions/builtins.html#builtins-elem",
-  "#builtin-elemAt": "expressions/builtins.html#builtins-elemAt",
-  "#builtin-fetchGit": "expressions/builtins.html#builtins-fetchGit",
-  "#builtin-fetchTarball": "expressions/builtins.html#builtins-fetchTarball",
-  "#builtin-fetchurl": "expressions/builtins.html#builtins-fetchurl",
-  "#builtin-filterSource": "expressions/builtins.html#builtins-filterSource",
-  "#builtin-foldl-prime": "expressions/builtins.html#builtins-foldl-prime",
-  "#builtin-fromJSON": "expressions/builtins.html#builtins-fromJSON",
-  "#builtin-functionArgs": "expressions/builtins.html#builtins-functionArgs",
-  "#builtin-genList": "expressions/builtins.html#builtins-genList",
-  "#builtin-getAttr": "expressions/builtins.html#builtins-getAttr",
-  "#builtin-getEnv": "expressions/builtins.html#builtins-getEnv",
-  "#builtin-hasAttr": "expressions/builtins.html#builtins-hasAttr",
-  "#builtin-hashFile": "expressions/builtins.html#builtins-hashFile",
-  "#builtin-hashString": "expressions/builtins.html#builtins-hashString",
-  "#builtin-head": "expressions/builtins.html#builtins-head",
-  "#builtin-import": "expressions/builtins.html#builtins-import",
-  "#builtin-intersectAttrs": "expressions/builtins.html#builtins-intersectAttrs",
-  "#builtin-isAttrs": "expressions/builtins.html#builtins-isAttrs",
-  "#builtin-isBool": "expressions/builtins.html#builtins-isBool",
-  "#builtin-isFloat": "expressions/builtins.html#builtins-isFloat",
-  "#builtin-isFunction": "expressions/builtins.html#builtins-isFunction",
-  "#builtin-isInt": "expressions/builtins.html#builtins-isInt",
-  "#builtin-isList": "expressions/builtins.html#builtins-isList",
-  "#builtin-isNull": "expressions/builtins.html#builtins-isNull",
-  "#builtin-isString": "expressions/builtins.html#builtins-isString",
-  "#builtin-length": "expressions/builtins.html#builtins-length",
-  "#builtin-lessThan": "expressions/builtins.html#builtins-lessThan",
-  "#builtin-listToAttrs": "expressions/builtins.html#builtins-listToAttrs",
-  "#builtin-map": "expressions/builtins.html#builtins-map",
-  "#builtin-match": "expressions/builtins.html#builtins-match",
-  "#builtin-mul": "expressions/builtins.html#builtins-mul",
-  "#builtin-parseDrvName": "expressions/builtins.html#builtins-parseDrvName",
-  "#builtin-path": "expressions/builtins.html#builtins-path",
-  "#builtin-pathExists": "expressions/builtins.html#builtins-pathExists",
-  "#builtin-placeholder": "expressions/builtins.html#builtins-placeholder",
-  "#builtin-readDir": "expressions/builtins.html#builtins-readDir",
-  "#builtin-readFile": "expressions/builtins.html#builtins-readFile",
-  "#builtin-removeAttrs": "expressions/builtins.html#builtins-removeAttrs",
-  "#builtin-replaceStrings": "expressions/builtins.html#builtins-replaceStrings",
-  "#builtin-seq": "expressions/builtins.html#builtins-seq",
-  "#builtin-sort": "expressions/builtins.html#builtins-sort",
-  "#builtin-split": "expressions/builtins.html#builtins-split",
-  "#builtin-splitVersion": "expressions/builtins.html#builtins-splitVersion",
-  "#builtin-stringLength": "expressions/builtins.html#builtins-stringLength",
-  "#builtin-sub": "expressions/builtins.html#builtins-sub",
-  "#builtin-substring": "expressions/builtins.html#builtins-substring",
-  "#builtin-tail": "expressions/builtins.html#builtins-tail",
-  "#builtin-throw": "expressions/builtins.html#builtins-throw",
-  "#builtin-toFile": "expressions/builtins.html#builtins-toFile",
-  "#builtin-toJSON": "expressions/builtins.html#builtins-toJSON",
-  "#builtin-toPath": "expressions/builtins.html#builtins-toPath",
-  "#builtin-toString": "expressions/builtins.html#builtins-toString",
-  "#builtin-toXML": "expressions/builtins.html#builtins-toXML",
-  "#builtin-trace": "expressions/builtins.html#builtins-trace",
-  "#builtin-tryEval": "expressions/builtins.html#builtins-tryEval",
-  "#builtin-typeOf": "expressions/builtins.html#builtins-typeOf",
-  "#ssec-builtins": "expressions/builtins.html",
-  "#attr-system": "expressions/derivations.html#attr-system",
-  "#ssec-derivation": "expressions/derivations.html",
-  "#ch-expression-language": "expressions/expression-language.html",
-  "#sec-expression-syntax": "expressions/expression-syntax.html",
-  "#sec-generic-builder": "expressions/generic-builder.html",
-  "#sec-constructs": "expressions/language-constructs.html",
-  "#sect-let-expressions": "expressions/language-constructs.html#let-expressions",
-  "#ss-functions": "expressions/language-constructs.html#functions",
-  "#sec-language-operators": "expressions/language-operators.html",
-  "#table-operators": "expressions/language-operators.html",
-  "#ssec-values": "expressions/language-values.html",
-  "#sec-building-simple": "expressions/simple-building-testing.html",
-  "#ch-simple-expression": "expressions/simple-expression.html",
-  "#chap-writing-nix-expressions": "expressions/writing-nix-expressions.html",
-  "#gloss-closure": "glossary.html#gloss-closure",
-  "#gloss-derivation": "glossary.html#gloss-derivation",
-  "#gloss-deriver": "glossary.html#gloss-deriver",
-  "#gloss-nar": "glossary.html#gloss-nar",
-  "#gloss-output-path": "glossary.html#gloss-output-path",
-  "#gloss-profile": "glossary.html#gloss-profile",
-  "#gloss-reachable": "glossary.html#gloss-reachable",
-  "#gloss-reference": "glossary.html#gloss-reference",
-  "#gloss-substitute": "glossary.html#gloss-substitute",
-  "#gloss-user-env": "glossary.html#gloss-user-env",
-  "#gloss-validity": "glossary.html#gloss-validity",
-  "#part-glossary": "glossary.html",
-  "#sec-building-source": "installation/building-source.html",
-  "#ch-env-variables": "installation/env-variables.html",
-  "#sec-installer-proxy-settings": "installation/env-variables.html#proxy-environment-variables",
-  "#sec-nix-ssl-cert-file": "installation/env-variables.html#nix_ssl_cert_file",
-  "#sec-nix-ssl-cert-file-with-nix-daemon-and-macos": "installation/env-variables.html#nix_ssl_cert_file-with-macos-and-the-nix-daemon",
-  "#chap-installation": "installation/installation.html",
-  "#ch-installing-binary": "installation/installing-binary.html",
-  "#sect-macos-installation": "installation/installing-binary.html#macos-installation",
-  "#sect-macos-installation-change-store-prefix": "installation/installing-binary.html#macos-installation",
-  "#sect-macos-installation-encrypted-volume": "installation/installing-binary.html#macos-installation",
-  "#sect-macos-installation-recommended-notes": "installation/installing-binary.html#macos-installation",
-  "#sect-macos-installation-symlink": "installation/installing-binary.html#macos-installation",
-  "#sect-multi-user-installation": "installation/installing-binary.html#multi-user-installation",
-  "#sect-nix-install-binary-tarball": "installation/installing-binary.html#installing-from-a-binary-tarball",
-  "#sect-nix-install-pinned-version-url": "installation/installing-binary.html#installing-a-pinned-nix-version-from-a-url",
-  "#sect-single-user-installation": "installation/installing-binary.html#single-user-installation",
-  "#ch-installing-source": "installation/installing-source.html",
-  "#ssec-multi-user": "installation/multi-user.html",
-  "#ch-nix-security": "installation/nix-security.html",
-  "#sec-obtaining-source": "installation/obtaining-source.html",
-  "#sec-prerequisites-source": "installation/prerequisites-source.html",
-  "#sec-single-user": "installation/single-user.html",
-  "#ch-supported-platforms": "installation/supported-platforms.html",
-  "#ch-upgrading-nix": "installation/upgrading.html",
-  "#ch-about-nix": "introduction.html",
-  "#chap-introduction": "introduction.html",
-  "#ch-basic-package-mgmt": "package-management/basic-package-mgmt.html",
-  "#ssec-binary-cache-substituter": "package-management/binary-cache-substituter.html",
-  "#sec-channels": "package-management/channels.html",
-  "#ssec-copy-closure": "package-management/copy-closure.html",
-  "#sec-garbage-collection": "package-management/garbage-collection.html",
-  "#ssec-gc-roots": "package-management/garbage-collector-roots.html",
-  "#chap-package-management": "package-management/package-management.html",
-  "#sec-profiles": "package-management/profiles.html",
-  "#ssec-s3-substituter": "package-management/s3-substituter.html",
-  "#ssec-s3-substituter-anonymous-reads": "package-management/s3-substituter.html#anonymous-reads-to-your-s3-compatible-binary-cache",
-  "#ssec-s3-substituter-authenticated-reads": "package-management/s3-substituter.html#authenticated-reads-to-your-s3-binary-cache",
-  "#ssec-s3-substituter-authenticated-writes": "package-management/s3-substituter.html#authenticated-writes-to-your-s3-compatible-binary-cache",
-  "#sec-sharing-packages": "package-management/sharing-packages.html",
-  "#ssec-ssh-substituter": "package-management/ssh-substituter.html",
-  "#chap-quick-start": "quick-start.html",
-  "#sec-relnotes": "release-notes/release-notes.html",
-  "#ch-relnotes-0.10.1": "release-notes/rl-0.10.1.html",
-  "#ch-relnotes-0.10": "release-notes/rl-0.10.html",
-  "#ssec-relnotes-0.11": "release-notes/rl-0.11.html",
-  "#ssec-relnotes-0.12": "release-notes/rl-0.12.html",
-  "#ssec-relnotes-0.13": "release-notes/rl-0.13.html",
-  "#ssec-relnotes-0.14": "release-notes/rl-0.14.html",
-  "#ssec-relnotes-0.15": "release-notes/rl-0.15.html",
-  "#ssec-relnotes-0.16": "release-notes/rl-0.16.html",
-  "#ch-relnotes-0.5": "release-notes/rl-0.5.html",
-  "#ch-relnotes-0.6": "release-notes/rl-0.6.html",
-  "#ch-relnotes-0.7": "release-notes/rl-0.7.html",
-  "#ch-relnotes-0.8.1": "release-notes/rl-0.8.1.html",
-  "#ch-relnotes-0.8": "release-notes/rl-0.8.html",
-  "#ch-relnotes-0.9.1": "release-notes/rl-0.9.1.html",
-  "#ch-relnotes-0.9.2": "release-notes/rl-0.9.2.html",
-  "#ch-relnotes-0.9": "release-notes/rl-0.9.html",
-  "#ssec-relnotes-1.0": "release-notes/rl-1.0.html",
-  "#ssec-relnotes-1.1": "release-notes/rl-1.1.html",
-  "#ssec-relnotes-1.10": "release-notes/rl-1.10.html",
-  "#ssec-relnotes-1.11.10": "release-notes/rl-1.11.10.html",
-  "#ssec-relnotes-1.11": "release-notes/rl-1.11.html",
-  "#ssec-relnotes-1.2": "release-notes/rl-1.2.html",
-  "#ssec-relnotes-1.3": "release-notes/rl-1.3.html",
-  "#ssec-relnotes-1.4": "release-notes/rl-1.4.html",
-  "#ssec-relnotes-1.5.1": "release-notes/rl-1.5.1.html",
-  "#ssec-relnotes-1.5.2": "release-notes/rl-1.5.2.html",
-  "#ssec-relnotes-1.5": "release-notes/rl-1.5.html",
-  "#ssec-relnotes-1.6.1": "release-notes/rl-1.6.1.html",
-  "#ssec-relnotes-1.6.0": "release-notes/rl-1.6.html",
-  "#ssec-relnotes-1.7": "release-notes/rl-1.7.html",
-  "#ssec-relnotes-1.8": "release-notes/rl-1.8.html",
-  "#ssec-relnotes-1.9": "release-notes/rl-1.9.html",
-  "#ssec-relnotes-2.0": "release-notes/rl-2.0.html",
-  "#ssec-relnotes-2.1": "release-notes/rl-2.1.html",
-  "#ssec-relnotes-2.2": "release-notes/rl-2.2.html",
-  "#ssec-relnotes-2.3": "release-notes/rl-2.3.html"
-};
-
-var isRoot = (document.location.pathname.endsWith('/') || document.location.pathname.endsWith('/index.html')) && path_to_root === '';
-if (isRoot && redirects[document.location.hash]) {
-  document.location.href = path_to_root + redirects[document.location.hash];
-}

doc/manual/src/SUMMARY.md.in

@@ -9,7 +9,6 @@
     - [Prerequisites](installation/prerequisites-source.md)
     - [Obtaining a Source Distribution](installation/obtaining-source.md)
     - [Building Nix from Source](installation/building-source.md)
-  - [Using Nix within Docker](installation/installing-docker.md)
   - [Security](installation/nix-security.md)
     - [Single-User Mode](installation/single-user.md)
     - [Multi-User Mode](installation/multi-user.md)
@@ -71,12 +70,6 @@
   - [Hacking](contributing/hacking.md)
   - [CLI guideline](contributing/cli-guideline.md)
 - [Release Notes](release-notes/release-notes.md)
-  - [Release 2.9 (2022-05-30)](release-notes/rl-2.9.md)
-  - [Release 2.8 (2022-04-19)](release-notes/rl-2.8.md)
-  - [Release 2.7 (2022-03-07)](release-notes/rl-2.7.md)
-  - [Release 2.6 (2022-01-24)](release-notes/rl-2.6.md)
-  - [Release 2.5 (2021-12-13)](release-notes/rl-2.5.md)
-  - [Release 2.4 (2021-11-01)](release-notes/rl-2.4.md)
   - [Release 2.3 (2019-09-04)](release-notes/rl-2.3.md)
   - [Release 2.2 (2019-01-11)](release-notes/rl-2.2.md)
   - [Release 2.1 (2018-09-02)](release-notes/rl-2.1.md)

doc/manual/src/advanced-topics/cores-vs-jobs.md

@@ -4,13 +4,13 @@ Nix has two relevant settings with regards to how your CPU cores will
 be utilized: `cores` and `max-jobs`. This chapter will talk about what
 they are, how they interact, and their configuration trade-offs.
 
-  - `max-jobs`\
+  - `max-jobs`  
     Dictates how many separate derivations will be built at the same
     time. If you set this to zero, the local machine will do no
     builds.  Nix will still substitute from binary caches, and build
     remotely if remote builders are configured.
 
-  - `cores`\
+  - `cores`  
     Suggests how many cores each derivation should use. Similar to
     `make -j`.
 

doc/manual/src/advanced-topics/diff-hook.md

@@ -101,7 +101,7 @@ In particular, notice the
 `/nix/store/krpqk0l9ib0ibi1d2w52z293zw455cap-unstable.check` output. Nix
 has copied the build results to that directory where you can examine it.
 
-> []{#check-dirs-are-unregistered} **Note**
+> **Note**
 > 
 > Check paths are not protected against garbage collection, and this
 > path will be deleted on the next garbage collection.

doc/manual/src/advanced-topics/distributed-builds.md

@@ -37,7 +37,7 @@ then you need to ensure that the `PATH` of non-interactive login shells
 contains Nix.
 
 > **Warning**
->
+> 
 > If you are building via the Nix daemon, it is the Nix daemon user
 > account (that is, `root`) that should have SSH access to the remote
 > machine. If you can’t or don’t want to configure `root` to be able to
@@ -52,9 +52,9 @@ example, the following command allows you to build a derivation for
 ```console
 $ uname
 Linux
-
-$ nix build --impure \
-  --expr '(with import <nixpkgs> { system = "x86_64-darwin"; }; runCommand "foo" {} "uname > $out")' \
+    
+$ nix build \
+  '(with import <nixpkgs> { system = "x86_64-darwin"; }; runCommand "foo" {} "uname > $out")' \
   --builders 'ssh://mac x86_64-darwin'
 [1/0/1 built, 0.0 MiB DL] building foo on ssh://mac
 
@@ -103,18 +103,14 @@ default, set it to `-`.
     ```nix
     requiredSystemFeatures = [ "kvm" ];
     ```
-
+    
     will cause the build to be performed on a machine that has the `kvm`
     feature.
 
 7.  A comma-separated list of *mandatory features*. A machine will only
     be used to build a derivation if all of the machine’s mandatory
     features appear in the derivation’s `requiredSystemFeatures`
-    attribute.
-
-8.  The (base64-encoded) public host key of the remote machine. If omitted, SSH
-    will use its regular known-hosts file. Specifically, the field is calculated
-    via `base64 -w0 /etc/ssh/ssh_host_ed25519_key.pub`.
+    attribute..
 
 For example, the machine specification
 

doc/manual/src/command-ref/conf-file-prefix.md

@@ -16,9 +16,8 @@ By default Nix reads settings from the following places:
     will be loaded in reverse order.
 
     Otherwise it will look for `nix/nix.conf` files in `XDG_CONFIG_DIRS`
-    and `XDG_CONFIG_HOME`. If unset, `XDG_CONFIG_DIRS` defaults to
-    `/etc/xdg`, and `XDG_CONFIG_HOME` defaults to `$HOME/.config`
-    as per [XDG Base Directory Specification](https://specifications.freedesktop.org/basedir-spec/basedir-spec-latest.html).
+    and `XDG_CONFIG_HOME`. If these are unset, it will look in
+    `$HOME/.config/nix.conf`.
 
   - If `NIX_CONFIG` is set, its contents is treated as the contents of
     a configuration file.

doc/manual/src/command-ref/env-common.md

@@ -2,49 +2,45 @@
 
 Most Nix commands interpret the following environment variables:
 
-  - [`IN_NIX_SHELL`]{#env-IN_NIX_SHELL}\
+  - `IN_NIX_SHELL`  
     Indicator that tells if the current environment was set up by
-    `nix-shell`. It can have the values `pure` or `impure`.
+    `nix-shell`. Since Nix 2.0 the values are `"pure"` and `"impure"`
 
-  - [`NIX_PATH`]{#env-NIX_PATH}\
+  - `NIX_PATH`  
     A colon-separated list of directories used to look up Nix
     expressions enclosed in angle brackets (i.e., `<path>`). For
     instance, the value
-
+    
         /home/eelco/Dev:/etc/nixos
-
+    
     will cause Nix to look for paths relative to `/home/eelco/Dev` and
     `/etc/nixos`, in this order. It is also possible to match paths
     against a prefix. For example, the value
-
+    
         nixpkgs=/home/eelco/Dev/nixpkgs-branch:/etc/nixos
-
+    
     will cause Nix to search for `<nixpkgs/path>` in
     `/home/eelco/Dev/nixpkgs-branch/path` and `/etc/nixos/nixpkgs/path`.
-
+    
     If a path in the Nix search path starts with `http://` or
     `https://`, it is interpreted as the URL of a tarball that will be
     downloaded and unpacked to a temporary location. The tarball must
     consist of a single top-level directory. For example, setting
     `NIX_PATH` to
+    
+        nixpkgs=https://github.com/NixOS/nixpkgs/archive/nixos-15.09.tar.gz
+    
+    tells Nix to download the latest revision in the Nixpkgs/NixOS 15.09
+    channel.
+    
+    A following shorthand can be used to refer to the official channels:
+    
+        nixpkgs=channel:nixos-15.09
+    
+    The search path can be extended using the `-I` option, which takes
+    precedence over `NIX_PATH`.
 
-        nixpkgs=https://github.com/NixOS/nixpkgs/archive/master.tar.gz
-
-    tells Nix to download and use the current contents of the
-    `master` branch in the `nixpkgs` repository.
-
-    The URLs of the tarballs from the official nixos.org channels (see
-    [the manual for `nix-channel`](nix-channel.md)) can be abbreviated
-    as `channel:<channel-name>`.  For instance, the following two
-    values of `NIX_PATH` are equivalent:
-
-        nixpkgs=channel:nixos-21.05
-        nixpkgs=https://nixos.org/channels/nixos-21.05/nixexprs.tar.xz
-
-    The Nix search path can also be extended using the `-I` option to
-    many Nix commands, which takes precedence over `NIX_PATH`.
-
-  - [`NIX_IGNORE_SYMLINK_STORE`]{#env-NIX_IGNORE_SYMLINK_STORE}\
+  - `NIX_IGNORE_SYMLINK_STORE`  
     Normally, the Nix store directory (typically `/nix/store`) is not
     allowed to contain any symlink components. This is to prevent
     “impure” builds. Builders sometimes “canonicalise” paths by
@@ -54,7 +50,7 @@ Most Nix commands interpret the following environment variables:
     builds are deployed to machines where `/nix/store` resolves
     differently. If you are sure that you’re not going to do that, you
     can set `NIX_IGNORE_SYMLINK_STORE` to `1`.
-
+    
     Note that if you’re symlinking the Nix store so that you can put it
     on another file system than the root file system, on Linux you’re
     better off using `bind` mount points, e.g.,
@@ -63,44 +59,44 @@ Most Nix commands interpret the following environment variables:
     $ mkdir /nix
     $ mount -o bind /mnt/otherdisk/nix /nix
     ```
-
+    
     Consult the mount 8 manual page for details.
 
-  - [`NIX_STORE_DIR`]{#env-NIX_STORE_DIR}\
+  - `NIX_STORE_DIR`  
     Overrides the location of the Nix store (default `prefix/store`).
 
-  - [`NIX_DATA_DIR`]{#env-NIX_DATA_DIR}\
+  - `NIX_DATA_DIR`  
     Overrides the location of the Nix static data directory (default
     `prefix/share`).
 
-  - [`NIX_LOG_DIR`]{#env-NIX_LOG_DIR}\
+  - `NIX_LOG_DIR`  
     Overrides the location of the Nix log directory (default
     `prefix/var/log/nix`).
 
-  - [`NIX_STATE_DIR`]{#env-NIX_STATE_DIR}\
+  - `NIX_STATE_DIR`  
     Overrides the location of the Nix state directory (default
     `prefix/var/nix`).
 
-  - [`NIX_CONF_DIR`]{#env-NIX_CONF_DIR}\
+  - `NIX_CONF_DIR`  
     Overrides the location of the system Nix configuration directory
     (default `prefix/etc/nix`).
 
-  - [`NIX_CONFIG`]{#env-NIX_CONFIG}\
+  - `NIX_CONFIG`  
     Applies settings from Nix configuration from the environment.
     The content is treated as if it was read from a Nix configuration file.
     Settings are separated by the newline character.
 
-  - [`NIX_USER_CONF_FILES`]{#env-NIX_USER_CONF_FILES}\
+  - `NIX_USER_CONF_FILES`  
     Overrides the location of the user Nix configuration files to load
     from (defaults to the XDG spec locations). The variable is treated
     as a list separated by the `:` token.
 
-  - [`TMPDIR`]{#env-TMPDIR}\
+  - `TMPDIR`  
     Use the specified directory to store temporary files. In particular,
     this includes temporary build directories; these can take up
     substantial amounts of disk space. The default is `/tmp`.
 
-  - [`NIX_REMOTE`]{#env-NIX_REMOTE}\
+  - `NIX_REMOTE`  
     This variable should be set to `daemon` if you want to use the Nix
     daemon to execute Nix operations. This is necessary in [multi-user
     Nix installations](../installation/multi-user.md). If the Nix
@@ -108,16 +104,16 @@ Most Nix commands interpret the following environment variables:
     should be set to `unix://path/to/socket`. Otherwise, it should be
     left unset.
 
-  - [`NIX_SHOW_STATS`]{#env-NIX_SHOW_STATS}\
+  - `NIX_SHOW_STATS`  
     If set to `1`, Nix will print some evaluation statistics, such as
     the number of values allocated.
 
-  - [`NIX_COUNT_CALLS`]{#env-NIX_COUNT_CALLS}\
+  - `NIX_COUNT_CALLS`  
     If set to `1`, Nix will print how often functions were called during
     Nix expression evaluation. This is useful for profiling your Nix
     expressions.
 
-  - [`GC_INITIAL_HEAP_SIZE`]{#env-GC_INITIAL_HEAP_SIZE}\
+  - `GC_INITIAL_HEAP_SIZE`  
     If Nix has been configured to use the Boehm garbage collector, this
     variable sets the initial size of the heap in bytes. It defaults to
     384 MiB. Setting it to a low value reduces memory consumption, but

doc/manual/src/command-ref/nix-build.md

@@ -47,16 +47,16 @@ All options not listed here are passed to `nix-store
 --realise`, except for `--arg` and `--attr` / `-A` which are passed to
 `nix-instantiate`.
 
-  - [`--no-out-link`]{#opt-no-out-link}\
+  - `--no-out-link`  
     Do not create a symlink to the output path. Note that as a result
     the output does not become a root of the garbage collector, and so
     might be deleted by `nix-store
                     --gc`.
 
-  - [`--dry-run`]{#opt-dry-run}\
+  - `--dry-run`  
     Show what store paths would be built or downloaded.
 
-  - [`--out-link`]{#opt-out-link} / `-o` *outlink*\
+  - `--out-link` / `-o` *outlink*  
     Change the name of the symlink to the output path created from
     `result` to *outlink*.
 

doc/manual/src/command-ref/nix-channel.md

@@ -17,26 +17,26 @@ To see the list of official NixOS channels, visit
 
 This command has the following operations:
 
-  - `--add` *url* \[*name*\]\
+  - `--add` *url* \[*name*\]  
     Adds a channel named *name* with URL *url* to the list of subscribed
     channels. If *name* is omitted, it defaults to the last component of
     *url*, with the suffixes `-stable` or `-unstable` removed.
 
-  - `--remove` *name*\
+  - `--remove` *name*  
     Removes the channel named *name* from the list of subscribed
     channels.
 
-  - `--list`\
+  - `--list`  
     Prints the names and URLs of all subscribed channels on standard
     output.
 
-  - `--update` \[*names*…\]\
+  - `--update` \[*names*…\]  
     Downloads the Nix expressions of all subscribed channels (or only
     those included in *names* if specified) and makes them the default
     for `nix-env` operations (by symlinking them from the directory
     `~/.nix-defexpr`).
 
-  - `--rollback` \[*generation*\]\
+  - `--rollback` \[*generation*\]  
     Reverts the previous call to `nix-channel
                     --update`. Optionally, you can specify a specific channel generation
     number to restore.
@@ -70,14 +70,14 @@ $ nix-instantiate --eval -E '(import <nixpkgs> {}).lib.version'
 
 # Files
 
-  - `/nix/var/nix/profiles/per-user/username/channels`\
+  - `/nix/var/nix/profiles/per-user/username/channels`  
     `nix-channel` uses a `nix-env` profile to keep track of previous
     versions of the subscribed channels. Every time you run `nix-channel
     --update`, a new channel generation (that is, a symlink to the
     channel Nix expressions in the Nix store) is created. This enables
     `nix-channel --rollback` to revert to previous versions.
 
-  - `~/.nix-defexpr/channels`\
+  - `~/.nix-defexpr/channels`  
     This is a symlink to
     `/nix/var/nix/profiles/per-user/username/channels`. It ensures that
     `nix-env` can find your channels. In a multi-user installation, you
@@ -89,7 +89,7 @@ $ nix-instantiate --eval -E '(import <nixpkgs> {}).lib.version'
 A channel URL should point to a directory containing the following
 files:
 
-  - `nixexprs.tar.xz`\
+  - `nixexprs.tar.xz`  
     A tarball containing Nix expressions and files referenced by them
     (such as build scripts and patches). At the top level, the tarball
     should contain a single directory. That directory must contain a

doc/manual/src/command-ref/nix-copy-closure.md

@@ -35,21 +35,21 @@ and second to send the dump of those paths.  If this bothers you, use
 
 # Options
 
-  - `--to`\
+  - `--to`  
     Copy the closure of _paths_ from the local Nix store to the Nix
     store on _machine_. This is the default.
 
-  - `--from`\
+  - `--from`  
     Copy the closure of _paths_ from the Nix store on _machine_ to the
     local Nix store.
 
-  - `--gzip`\
+  - `--gzip`  
     Enable compression of the SSH connection.
 
-  - `--include-outputs`\
+  - `--include-outputs`  
     Also copy the outputs of store derivations included in the closure.
 
-  - `--use-substitutes` / `-s`\
+  - `--use-substitutes` / `-s`  
     Attempt to download missing paths on the target machine using Nix’s
     substitute mechanism.  Any paths that cannot be substituted on the
     target are still copied normally from the source.  This is useful,
@@ -58,12 +58,12 @@ and second to send the dump of those paths.  If this bothers you, use
     `nixos.org` (the default binary cache server) is
     fast.
 
-  - `-v`\
+  - `-v`  
     Show verbose output.
 
 # Environment variables
 
-  - `NIX_SSHOPTS`\
+  - `NIX_SSHOPTS`  
     Additional options to be passed to `ssh` on the command
     line.
 

doc/manual/src/command-ref/nix-env.md

@@ -36,27 +36,27 @@ case-sensitive. The regular expression can optionally be followed by a
 dash and a version number; if omitted, any version of the package will
 match. Here are some examples:
 
-  - `firefox`\
+  - `firefox`  
     Matches the package name `firefox` and any version.
 
-  - `firefox-32.0`\
+  - `firefox-32.0`  
     Matches the package name `firefox` and version `32.0`.
 
-  - `gtk\\+`\
+  - `gtk\\+`  
     Matches the package name `gtk+`. The `+` character must be escaped
     using a backslash to prevent it from being interpreted as a
     quantifier, and the backslash must be escaped in turn with another
     backslash to ensure that the shell passes it on.
 
-  - `.\*`\
+  - `.\*`  
     Matches any package name. This is the default for most commands.
 
-  - `'.*zip.*'`\
+  - `'.*zip.*'`  
     Matches any package name containing the string `zip`. Note the dots:
     `'*zip*'` does not work, because in a regular expression, the
     character `*` is interpreted as a quantifier.
 
-  - `'.*(firefox|chromium).*'`\
+  - `'.*(firefox|chromium).*'`  
     Matches any package name containing the strings `firefox` or
     `chromium`.
 
@@ -66,7 +66,7 @@ This section lists the options that are common to all operations. These
 options are allowed for every subcommand, though they may not always
 have an effect.
 
-  - `--file` / `-f` *path*\
+  - `--file` / `-f` *path*  
     Specifies the Nix expression (designated below as the *active Nix
     expression*) used by the `--install`, `--upgrade`, and `--query
     --available` operations to obtain derivations. The default is
@@ -77,13 +77,13 @@ have an effect.
     unpacked to a temporary location. The tarball must include a single
     top-level directory containing at least a file named `default.nix`.
 
-  - `--profile` / `-p` *path*\
+  - `--profile` / `-p` *path*  
     Specifies the profile to be used by those operations that operate on
     a profile (designated below as the *active profile*). A profile is a
     sequence of user environments called *generations*, one of which is
     the *current generation*.
 
-  - `--dry-run`\
+  - `--dry-run`  
     For the `--install`, `--upgrade`, `--uninstall`,
     `--switch-generation`, `--delete-generations` and `--rollback`
     operations, this flag will cause `nix-env` to print what *would* be
@@ -93,7 +93,7 @@ have an effect.
     [substituted](../glossary.md) (i.e., downloaded) and which paths
     will be built from source (because no substitute is available).
 
-  - `--system-filter` *system*\
+  - `--system-filter` *system*  
     By default, operations such as `--query
                     --available` show derivations matching any platform. This option
     allows you to use derivations for the specified platform *system*.
@@ -102,7 +102,7 @@ have an effect.
 
 # Files
 
-  - `~/.nix-defexpr`\
+  - `~/.nix-defexpr`  
     The source for the default Nix expressions used by the
     `--install`, `--upgrade`, and `--query --available` operations to
     obtain derivations. The `--file` option may be used to override
@@ -140,7 +140,7 @@ have an effect.
     The command `nix-channel` places symlinks to the downloaded Nix
     expressions from each subscribed channel in this directory.
 
-  - `~/.nix-profile`\
+  - `~/.nix-profile`  
     A symbolic link to the user's current profile. By default, this
     symlink points to `prefix/var/nix/profiles/default`. The `PATH`
     environment variable should include `~/.nix-profile/bin` for the
@@ -217,13 +217,13 @@ a number of possible ways:
 
 ## Flags
 
-  - `--prebuilt-only` / `-b`\
+  - `--prebuilt-only` / `-b`  
     Use only derivations for which a substitute is registered, i.e.,
     there is a pre-built binary available that can be downloaded in lieu
     of building the derivation. Thus, no packages will be built from
     source.
 
-  - `--preserve-installed`; `-P`\
+  - `--preserve-installed`; `-P`  
     Do not remove derivations with a name matching one of the
     derivations being installed. Usually, trying to have two versions of
     the same package installed in the same generation of a profile will
@@ -231,23 +231,14 @@ a number of possible ways:
     clashes between the two versions. However, this is not the case for
     all packages.
 
-  - `--remove-all`; `-r`\
+  - `--remove-all`; `-r`  
     Remove all previously installed packages first. This is equivalent
     to running `nix-env -e '.*'` first, except that everything happens
     in a single transaction.
 
 ## Examples
 
-To install a package using a specific attribute path from the active Nix expression:
-
-```console
-$ nix-env -iA gcc40mips
-installing `gcc-4.0.2'
-$ nix-env -iA xorg.xorgserver
-installing `xorg-server-1.2.0'
-```
-
-To install a specific version of `gcc` using the derivation name:
+To install a specific version of `gcc` from the active Nix expression:
 
 ```console
 $ nix-env --install gcc-3.3.2
@@ -255,9 +246,6 @@ installing `gcc-3.3.2'
 uninstalling `gcc-3.1'
 ```
 
-Using attribute path for selecting a package is preferred,
-as it is much faster and there will not be multiple matches.
-
 Note the previously installed version is removed, since
 `--preserve-installed` was not specified.
 
@@ -268,6 +256,13 @@ $ nix-env --install gcc
 installing `gcc-3.3.2'
 ```
 
+To install using a specific attribute:
+
+```console
+$ nix-env -i -A gcc40mips
+$ nix-env -i -A xorg.xorgserver
+```
+
 To install all derivations in the Nix expression `foo.nix`:
 
 ```console
@@ -351,24 +346,24 @@ version is installed.
 
 ## Flags
 
-  - `--lt`\
+  - `--lt`  
     Only upgrade a derivation to newer versions. This is the default.
 
-  - `--leq`\
+  - `--leq`  
     In addition to upgrading to newer versions, also “upgrade” to
     derivations that have the same version. Version are not a unique
     identification of a derivation, so there may be many derivations
     that have the same version. This flag may be useful to force
     “synchronisation” between the installed and available derivations.
 
-  - `--eq`\
+  - `--eq`  
     *Only* “upgrade” to derivations that have the same version. This may
     not seem very useful, but it actually is, e.g., when there is a new
     release of Nixpkgs and you want to replace installed applications
     with the same versions built against newer dependencies (to reduce
     the number of dependencies floating around on your system).
 
-  - `--always`\
+  - `--always`  
     In addition to upgrading to newer versions, also “upgrade” to
     derivations that have the same or a lower version. I.e., derivations
     may actually be downgraded depending on what is available in the
@@ -379,29 +374,22 @@ For the other flags, see `--install`.
 ## Examples
 
 ```console
-$ nix-env --upgrade -A nixpkgs.gcc
+$ nix-env --upgrade gcc
 upgrading `gcc-3.3.1' to `gcc-3.4'
 ```
 
-When there are no updates available, nothing will happen:
-
 ```console
-$ nix-env --upgrade -A nixpkgs.pan
-```
-
-Using `-A` is preferred when possible, as it is faster and unambiguous but
-it is also possible to upgrade to a specific version by matching the derivation name:
-
-```console
-$ nix-env -u gcc-3.3.2 --always
+$ nix-env -u gcc-3.3.2 --always (switch to a specific version)
 upgrading `gcc-3.4' to `gcc-3.3.2'
 ```
 
-To try to upgrade everything
-(matching packages based on the part of the derivation name without version):
+```console
+$ nix-env --upgrade pan
+(no upgrades available, so nothing happens)
+```
 
 ```console
-$ nix-env -u
+$ nix-env -u (try to upgrade everything)
 upgrading `hello-2.1.2' to `hello-2.1.3'
 upgrading `mozilla-1.2' to `mozilla-1.4'
 ```
@@ -413,7 +401,7 @@ of a derivation `x` by looking at their respective `name` attributes.
 The names (e.g., `gcc-3.3.1` are split into two parts: the package name
 (`gcc`), and the version (`3.3.1`). The version part starts after the
 first dash not followed by a letter. `x` is considered an upgrade of `y`
-if their package names match, and the version of `y` is higher than that
+if their package names match, and the version of `y` is higher that that
 of `x`.
 
 The versions are compared by splitting them into contiguous components
@@ -590,11 +578,11 @@ The derivations are sorted by their `name` attributes.
 The following flags specify the set of things on which the query
 operates.
 
-  - `--installed`\
+  - `--installed`  
     The query operates on the store paths that are installed in the
     current generation of the active profile. This is the default.
 
-  - `--available`; `-a`\
+  - `--available`; `-a`  
     The query operates on the derivations that are available in the
     active Nix expression.
 
@@ -605,24 +593,24 @@ selected derivations. Multiple flags may be specified, in which case the
 information is shown in the order given here. Note that the name of the
 derivation is shown unless `--no-name` is specified.
 
-  - `--xml`\
+  - `--xml`  
     Print the result in an XML representation suitable for automatic
     processing by other tools. The root element is called `items`, which
     contains a `item` element for each available or installed
     derivation. The fields discussed below are all stored in attributes
     of the `item` elements.
 
-  - `--json`\
+  - `--json`  
     Print the result in a JSON representation suitable for automatic
     processing by other tools.
 
-  - `--prebuilt-only` / `-b`\
+  - `--prebuilt-only` / `-b`  
     Show only derivations for which a substitute is registered, i.e.,
     there is a pre-built binary available that can be downloaded in lieu
     of building the derivation. Thus, this shows all packages that
     probably can be installed quickly.
 
-  - `--status`; `-s`\
+  - `--status`; `-s`  
     Print the *status* of the derivation. The status consists of three
     characters. The first is `I` or `-`, indicating whether the
     derivation is currently installed in the current generation of the
@@ -633,49 +621,49 @@ derivation is shown unless `--no-name` is specified.
     derivation to be built. The third is `S` or `-`, indicating whether
     a substitute is available for the derivation.
 
-  - `--attr-path`; `-P`\
+  - `--attr-path`; `-P`  
     Print the *attribute path* of the derivation, which can be used to
     unambiguously select it using the `--attr` option available in
     commands that install derivations like `nix-env --install`. This
     option only works together with `--available`
 
-  - `--no-name`\
+  - `--no-name`  
     Suppress printing of the `name` attribute of each derivation.
 
-  - `--compare-versions` / `-c`\
+  - `--compare-versions` / `-c`  
     Compare installed versions to available versions, or vice versa (if
     `--available` is given). This is useful for quickly seeing whether
     upgrades for installed packages are available in a Nix expression. A
     column is added with the following meaning:
 
-      - `<` *version*\
+      - `<` *version*  
         A newer version of the package is available or installed.
 
-      - `=` *version*\
+      - `=` *version*  
         At most the same version of the package is available or
         installed.
 
-      - `>` *version*\
+      - `>` *version*  
         Only older versions of the package are available or installed.
 
-      - `- ?`\
+      - `- ?`  
         No version of the package is available or installed.
 
-  - `--system`\
+  - `--system`  
     Print the `system` attribute of the derivation.
 
-  - `--drv-path`\
+  - `--drv-path`  
     Print the path of the store derivation.
 
-  - `--out-path`\
+  - `--out-path`  
     Print the output path of the derivation.
 
-  - `--description`\
+  - `--description`  
     Print a short (one-line) description of the derivation, if
     available. The description is taken from the `meta.description`
     attribute of the derivation.
 
-  - `--meta`\
+  - `--meta`  
     Print all of the meta-attributes of the derivation. This option is
     only available with `--xml` or `--json`.
 
@@ -886,7 +874,7 @@ error: no generation older than the current (91) exists
 
 # Environment variables
 
-  - `NIX_PROFILE`\
+  - `NIX_PROFILE`  
     Location of the Nix profile. Defaults to the target of the symlink
     `~/.nix-profile`, if it exists, or `/nix/var/nix/profiles/default`
     otherwise.

doc/manual/src/command-ref/nix-hash.md

@@ -29,29 +29,29 @@ md5sum`.
 
 # Options
 
-  - `--flat`\
+  - `--flat`  
     Print the cryptographic hash of the contents of each regular file
     *path*. That is, do not compute the hash over the dump of *path*.
     The result is identical to that produced by the GNU commands
     `md5sum` and `sha1sum`.
 
-  - `--base32`\
+  - `--base32`  
     Print the hash in a base-32 representation rather than hexadecimal.
     This base-32 representation is more compact and can be used in Nix
     expressions (such as in calls to `fetchurl`).
 
-  - `--truncate`\
+  - `--truncate`  
     Truncate hashes longer than 160 bits (such as SHA-256) to 160 bits.
 
-  - `--type` *hashAlgo*\
+  - `--type` *hashAlgo*  
     Use the specified cryptographic hash algorithm, which can be one of
     `md5`, `sha1`, `sha256`, and `sha512`.
 
-  - `--to-base16`\
+  - `--to-base16`  
     Don’t hash anything, but convert the base-32 hash representation
     *hash* to hexadecimal.
 
-  - `--to-base32`\
+  - `--to-base32`  
     Don’t hash anything, but convert the hexadecimal hash representation
     *hash* to base-32.
 

doc/manual/src/command-ref/nix-instantiate.md

@@ -29,26 +29,26 @@ standard input.
 
 # Options
 
-  - `--add-root` *path*\
+  - `--add-root` *path*  
     See the [corresponding option](nix-store.md) in `nix-store`.
 
-  - `--parse`\
+  - `--parse`  
     Just parse the input files, and print their abstract syntax trees on
     standard output in ATerm format.
 
-  - `--eval`\
+  - `--eval`  
     Just parse and evaluate the input files, and print the resulting
     values on standard output. No instantiation of store derivations
     takes place.
 
-  - `--find-file`\
+  - `--find-file`  
     Look up the given files in Nix’s search path (as specified by the
     `NIX_PATH` environment variable). If found, print the corresponding
     absolute paths on standard output. For instance, if `NIX_PATH` is
     `nixpkgs=/home/alice/nixpkgs`, then `nix-instantiate --find-file
     nixpkgs/default.nix` will print `/home/alice/nixpkgs/default.nix`.
 
-  - `--strict`\
+  - `--strict`  
     When used with `--eval`, recursively evaluate list elements and
     attributes. Normally, such sub-expressions are left unevaluated
     (since the Nix expression language is lazy).
@@ -58,17 +58,17 @@ standard input.
     > This option can cause non-termination, because lazy data
     > structures can be infinitely large.
 
-  - `--json`\
+  - `--json`  
     When used with `--eval`, print the resulting value as an JSON
     representation of the abstract syntax tree rather than as an ATerm.
 
-  - `--xml`\
+  - `--xml`  
     When used with `--eval`, print the resulting value as an XML
     representation of the abstract syntax tree rather than as an ATerm.
     The schema is the same as that used by the [`toXML`
     built-in](../expressions/builtins.md).
 
-  - `--read-write-mode`\
+  - `--read-write-mode`  
     When used with `--eval`, perform evaluation in read/write mode so
     nix language features that require it will still work (at the cost
     of needing to do instantiation of every evaluated derivation). If

doc/manual/src/command-ref/nix-prefetch-url.md

@@ -37,22 +37,22 @@ Nix store is also printed.
 
 # Options
 
-  - `--type` *hashAlgo*\
+  - `--type` *hashAlgo*  
     Use the specified cryptographic hash algorithm, which can be one of
     `md5`, `sha1`, `sha256`, and `sha512`.
 
-  - `--print-path`\
+  - `--print-path`  
     Print the store path of the downloaded file on standard output.
 
-  - `--unpack`\
+  - `--unpack`  
     Unpack the archive (which must be a tarball or zip file) and add the
     result to the Nix store. The resulting hash can be used with
     functions such as Nixpkgs’s `fetchzip` or `fetchFromGitHub`.
 
-  - `--executable`\
+  - `--executable`  
     Set the executable bit on the downloaded file.
 
-  - `--name` *name*\
+  - `--name` *name*  
     Override the name of the file in the Nix store. By default, this is
     `hash-basename`, where *basename* is the last component of *url*.
     Overriding the name is necessary when *basename* contains characters

doc/manual/src/command-ref/nix-shell.md

@@ -11,8 +11,8 @@
   [`--command` *cmd*]
   [`--run` *cmd*]
   [`--exclude` *regexp*]
-  [`--pure`]
-  [`--keep` *name*]
+  [--pure]
+  [--keep *name*]
   {{`--packages` | `-p`} {*packages* | *expressions*} … | [*path*]}
 
 # Description
@@ -54,7 +54,7 @@ All options not listed here are passed to `nix-store
 --realise`, except for `--arg` and `--attr` / `-A` which are passed to
 `nix-instantiate`.
 
-  - `--command` *cmd*\
+  - `--command` *cmd*  
     In the environment of the derivation, run the shell command *cmd*.
     This command is executed in an interactive shell. (Use `--run` to
     use a non-interactive shell instead.) However, a call to `exit` is
@@ -64,34 +64,36 @@ All options not listed here are passed to `nix-store
     drop you into the interactive shell. This can be useful for doing
     any additional initialisation.
 
-  - `--run` *cmd*\
+  - `--run` *cmd*  
     Like `--command`, but executes the command in a non-interactive
     shell. This means (among other things) that if you hit Ctrl-C while
     the command is running, the shell exits.
 
-  - `--exclude` *regexp*\
+  - `--exclude` *regexp*  
     Do not build any dependencies whose store path matches the regular
     expression *regexp*. This option may be specified multiple times.
 
-  - `--pure`\
+  - `--pure`  
     If this flag is specified, the environment is almost entirely
     cleared before the interactive shell is started, so you get an
     environment that more closely corresponds to the “real” Nix build. A
     few variables, in particular `HOME`, `USER` and `DISPLAY`, are
-    retained.
+    retained. Note that (depending on your Bash
+    installation) `/etc/bashrc` is still sourced, so any variables set
+    there will affect the interactive shell.
 
-  - `--packages` / `-p` *packages*…\
+  - `--packages` / `-p` *packages*…  
     Set up an environment in which the specified packages are present.
     The command line arguments are interpreted as attribute names inside
     the Nix Packages collection. Thus, `nix-shell -p libjpeg openjdk`
     will start a shell in which the packages denoted by the attribute
     names `libjpeg` and `openjdk` are present.
 
-  - `-i` *interpreter*\
+  - `-i` *interpreter*  
     The chained script interpreter to be invoked by `nix-shell`. Only
     applicable in `#!`-scripts (described below).
 
-  - `--keep` *name*\
+  - `--keep` *name*  
     When a `--pure` shell is started, keep the listed environment
     variables.
 
@@ -99,10 +101,9 @@ The following common options are supported:
 
 # Environment variables
 
-  - `NIX_BUILD_SHELL`\
+  - `NIX_BUILD_SHELL`  
     Shell used to start the interactive environment. Defaults to the
-    `bash` found in `<nixpkgs>`, falling back to the `bash` found in
-    `PATH` if not found.
+    `bash` found in `PATH`.
 
 # Examples
 
@@ -111,19 +112,13 @@ shell in which to build it:
 
 ```console
 $ nix-shell '<nixpkgs>' -A pan
-[nix-shell]$ eval ${unpackPhase:-unpackPhase}
+[nix-shell]$ unpackPhase
 [nix-shell]$ cd pan-*
-[nix-shell]$ eval ${configurePhase:-configurePhase}
-[nix-shell]$ eval ${buildPhase:-buildPhase}
+[nix-shell]$ configurePhase
+[nix-shell]$ buildPhase
 [nix-shell]$ ./pan/gui/pan
 ```
 
-The reason we use form `eval ${configurePhase:-configurePhase}` here is because
-those packages that override these phases do so by exporting the overridden
-values in the environment variable of the same name.
-Here bash is being told to either evaluate the contents of 'configurePhase',
-if it exists as a variable, otherwise evaluate the configurePhase function.
-
 To clear the environment first, and do some additional automatic
 initialisation of the interactive shell:
 
@@ -237,23 +232,22 @@ terraform apply
 > in a nix-shell shebang.
 
 Finally, using the merging of multiple nix-shell shebangs the following
-Haskell script uses a specific branch of Nixpkgs/NixOS (the 20.03 stable
+Haskell script uses a specific branch of Nixpkgs/NixOS (the 18.03 stable
 branch):
 
 ```haskell
 #! /usr/bin/env nix-shell
-#! nix-shell -i runghc -p "haskellPackages.ghcWithPackages (ps: [ps.download-curl ps.tagsoup])"
-#! nix-shell -I nixpkgs=https://github.com/NixOS/nixpkgs/archive/nixos-20.03.tar.gz
+#! nix-shell -i runghc -p "haskellPackages.ghcWithPackages (ps: [ps.HTTP ps.tagsoup])"
+#! nix-shell -I nixpkgs=https://github.com/NixOS/nixpkgs/archive/nixos-18.03.tar.gz
 
-import Network.Curl.Download
+import Network.HTTP
 import Text.HTML.TagSoup
-import Data.Either
-import Data.ByteString.Char8 (unpack)
 
 -- Fetch nixos.org and print all hrefs.
 main = do
-  resp <- openURI "https://nixos.org/"
-  let tags = filter (isTagOpenName "a") $ parseTags $ unpack $ fromRight undefined resp
+  resp <- Network.HTTP.simpleHTTP (getRequest "http://nixos.org/")
+  body <- getResponseBody resp
+  let tags = filter (isTagOpenName "a") $ parseTags body
   let tags' = map (fromAttrib "href") tags
   mapM_ putStrLn $ filter (/= "") tags'
 ```

doc/manual/src/command-ref/nix-store.md

@@ -22,7 +22,7 @@ This section lists the options that are common to all operations. These
 options are allowed for every subcommand, though they may not always
 have an effect.
 
-  - [`--add-root`]{#opt-add-root} *path*\
+  - `--add-root` *path*  
     Causes the result of a realisation (`--realise` and
     `--force-realise`) to be registered as a root of the garbage
     collector. *path* will be created as a symlink to the resulting
@@ -79,22 +79,22 @@ paths. Realisation is a somewhat overloaded term:
     system). If the path is already valid, we are done immediately.
     Otherwise, the path and any missing paths in its closure may be
     produced through substitutes. If there are no (successful)
-    substitutes, realisation fails.
+    subsitutes, realisation fails.
 
 The output path of each derivation is printed on standard output. (For
 non-derivations argument, the argument itself is printed.)
 
 The following flags are available:
 
-  - `--dry-run`\
+  - `--dry-run`  
     Print on standard error a description of what packages would be
     built or downloaded, without actually performing the operation.
 
-  - `--ignore-unknown`\
+  - `--ignore-unknown`  
     If a non-derivation path does not have a substitute, then silently
     ignore it.
 
-  - `--check`\
+  - `--check`  
     This option allows you to check whether a derivation is
     deterministic. It rebuilds the specified derivation and checks
     whether the result is bitwise-identical with the existing outputs,
@@ -110,22 +110,22 @@ The following flags are available:
 
 Special exit codes:
 
-  - `100`\
+  - `100`  
     Generic build failure, the builder process returned with a non-zero
     exit code.
 
-  - `101`\
+  - `101`  
     Build timeout, the build was aborted because it did not complete
     within the specified `timeout`.
 
-  - `102`\
+  - `102`  
     Hash mismatch, the build output was rejected because it does not
     match the [`outputHash` attribute of the
     derivation](../expressions/advanced-attributes.md).
 
-  - `104`\
+  - `104`  
     Not deterministic, the build succeeded in check mode but the
-    resulting output is not binary reproducible.
+    resulting output is not binary reproducable.
 
 With the `--keep-going` flag it's possible for multiple failures to
 occur, in this case the 1xx status codes are or combined using binary
@@ -170,7 +170,7 @@ access to a restricted ssh user.
 
 The following flags are available:
 
-  - `--write`\
+  - `--write`  
     Allow the connected client to request the realization of
     derivations. In effect, this can be used to make the host act as a
     remote builder.
@@ -200,18 +200,18 @@ reachable via file system references from a set of “roots”, are deleted.
 
 The following suboperations may be specified:
 
-  - `--print-roots`\
+  - `--print-roots`  
     This operation prints on standard output the set of roots used by
     the garbage collector.
 
-  - `--print-live`\
+  - `--print-live`  
     This operation prints on standard output the set of “live” store
     paths, which are all the store paths reachable from the roots. Live
     paths should never be deleted, since that would break consistency —
     it would become possible that applications are installed that
     reference things that are no longer present in the store.
 
-  - `--print-dead`\
+  - `--print-dead`  
     This operation prints out on standard output the set of “dead” store
     paths, which is just the opposite of the set of live paths: any path
     in the store that is not live (with respect to the roots) is dead.
@@ -219,7 +219,7 @@ The following suboperations may be specified:
 By default, all unreachable paths are deleted. The following options
 control what gets deleted and in what order:
 
-  - `--max-freed` *bytes*\
+  - `--max-freed` *bytes*  
     Keep deleting paths until at least *bytes* bytes have been deleted,
     then stop. The argument *bytes* can be followed by the
     multiplicative suffix `K`, `M`, `G` or `T`, denoting KiB, MiB, GiB
@@ -300,29 +300,29 @@ symlink.
 
 ## Common query options
 
-  - `--use-output`; `-u`\
+  - `--use-output`; `-u`  
     For each argument to the query that is a store derivation, apply the
     query to the output path of the derivation instead.
 
-  - `--force-realise`; `-f`\
+  - `--force-realise`; `-f`  
     Realise each argument to the query first (see [`nix-store
     --realise`](#operation---realise)).
 
 ## Queries
 
-  - `--outputs`\
+  - `--outputs`  
     Prints out the [output paths](../glossary.md) of the store
     derivations *paths*. These are the paths that will be produced when
     the derivation is built.
 
-  - `--requisites`; `-R`\
+  - `--requisites`; `-R`  
     Prints out the [closure](../glossary.md) of the store path *paths*.
 
     This query has one option:
 
       - `--include-outputs`
-        Also include the existing output paths of store derivations,
-        and their closures.
+        Also include the output path of store derivations, and their
+        closures.
 
     This query can be used to implement various kinds of deployment. A
     *source deployment* is obtained by distributing the closure of a
@@ -332,31 +332,31 @@ symlink.
     dependencies) is obtained by distributing the closure of a store
     derivation and specifying the option `--include-outputs`.
 
-  - `--references`\
+  - `--references`  
     Prints the set of [references](../glossary.md) of the store paths
     *paths*, that is, their immediate dependencies. (For *all*
     dependencies, use `--requisites`.)
 
-  - `--referrers`\
+  - `--referrers`  
     Prints the set of *referrers* of the store paths *paths*, that is,
     the store paths currently existing in the Nix store that refer to
     one of *paths*. Note that contrary to the references, the set of
     referrers is not constant; it can change as store paths are added or
     removed.
 
-  - `--referrers-closure`\
+  - `--referrers-closure`  
     Prints the closure of the set of store paths *paths* under the
     referrers relation; that is, all store paths that directly or
     indirectly refer to one of *paths*. These are all the path currently
     in the Nix store that are dependent on *paths*.
 
-  - `--deriver`; `-d`\
+  - `--deriver`; `-d`  
     Prints the [deriver](../glossary.md) of the store paths *paths*. If
     the path has no deriver (e.g., if it is a source file), or if the
     deriver is not known (e.g., in the case of a binary-only
     deployment), the string `unknown-deriver` is printed.
 
-  - `--graph`\
+  - `--graph`  
     Prints the references graph of the store paths *paths* in the format
     of the `dot` tool of AT\&T's [Graphviz
     package](http://www.graphviz.org/). This can be used to visualise
@@ -364,39 +364,39 @@ symlink.
     this to a store derivation. To obtain a runtime dependency graph,
     apply it to an output path.
 
-  - `--tree`\
+  - `--tree`  
     Prints the references graph of the store paths *paths* as a nested
     ASCII tree. References are ordered by descending closure size; this
     tends to flatten the tree, making it more readable. The query only
     recurses into a store path when it is first encountered; this
     prevents a blowup of the tree representation of the graph.
 
-  - `--graphml`\
+  - `--graphml`  
     Prints the references graph of the store paths *paths* in the
     [GraphML](http://graphml.graphdrawing.org/) file format. This can be
     used to visualise dependency graphs. To obtain a build-time
     dependency graph, apply this to a store derivation. To obtain a
     runtime dependency graph, apply it to an output path.
 
-  - `--binding` *name*; `-b` *name*\
+  - `--binding` *name*; `-b` *name*  
     Prints the value of the attribute *name* (i.e., environment
     variable) of the store derivations *paths*. It is an error for a
     derivation to not have the specified attribute.
 
-  - `--hash`\
+  - `--hash`  
     Prints the SHA-256 hash of the contents of the store paths *paths*
     (that is, the hash of the output of `nix-store --dump` on the given
     paths). Since the hash is stored in the Nix database, this is a fast
     operation.
 
-  - `--size`\
+  - `--size`  
     Prints the size in bytes of the contents of the store paths *paths*
     — to be precise, the size of the output of `nix-store --dump` on
     the given paths. Note that the actual disk space required by the
     store paths may be higher, especially on filesystems with large
     cluster sizes.
 
-  - `--roots`\
+  - `--roots`  
     Prints the garbage collector roots that point, directly or
     indirectly, at the store paths *paths*.
 
@@ -513,7 +513,7 @@ public url or broke since the download expression was written.
 
 This operation has the following options:
 
-  - `--recursive`\
+  - `--recursive`  
     Use recursive instead of flat hashing mode, used when adding
     directories to the store.
 
@@ -540,14 +540,14 @@ being modified by non-Nix tools, or of bugs in Nix itself.
 
 This operation has the following options:
 
-  - `--check-contents`\
+  - `--check-contents`  
     Checks that the contents of every valid store path has not been
     altered by computing a SHA-256 hash of the contents and comparing it
     with the hash stored in the Nix database at build time. Paths that
     have been modified are printed out. For large stores,
     `--check-contents` is obviously quite slow.
 
-  - `--repair`\
+  - `--repair`  
     If any valid path is missing from the store, or (if
     `--check-contents` is given) the contents of a valid path has been
     modified, then try to repair the path by redownloading it. See

doc/manual/src/command-ref/opt-common.md

@@ -2,56 +2,56 @@
 
 Most Nix commands accept the following command-line options:
 
-  - [`--help`]{#opt-help}\
+  - `--help`  
     Prints out a summary of the command syntax and exits.
 
-  - [`--version`]{#opt-version}\
+  - `--version`  
     Prints out the Nix version number on standard output and exits.
 
-  - [`--verbose`]{#opt-verbose} / `-v`\
+  - `--verbose` / `-v`  
     Increases the level of verbosity of diagnostic messages printed on
     standard error. For each Nix operation, the information printed on
     standard output is well-defined; any diagnostic information is
     printed on standard error, never on standard output.
-
+    
     This option may be specified repeatedly. Currently, the following
     verbosity levels exist:
-
-      - 0\
+    
+      - 0  
         “Errors only”: only print messages explaining why the Nix
         invocation failed.
-
-      - 1\
+    
+      - 1  
         “Informational”: print *useful* messages about what Nix is
         doing. This is the default.
-
-      - 2\
+    
+      - 2  
         “Talkative”: print more informational messages.
-
-      - 3\
+    
+      - 3  
         “Chatty”: print even more informational messages.
-
-      - 4\
+    
+      - 4  
         “Debug”: print debug information.
-
-      - 5\
+    
+      - 5  
         “Vomit”: print vast amounts of debug information.
 
-  - [`--quiet`]{#opt-quiet}\
+  - `--quiet`  
     Decreases the level of verbosity of diagnostic messages printed on
     standard error. This is the inverse option to `-v` / `--verbose`.
-
+    
     This option may be specified repeatedly. See the previous verbosity
     levels list.
 
-  - [`--log-format`]{#opt-log-format} *format*\
+  - `--log-format` *format*  
     This option can be used to change the output of the log format, with
     *format* being one of:
-
-      - raw\
+    
+      - raw  
         This is the raw format, as outputted by nix-build.
-
-      - internal-json\
+    
+      - internal-json  
         Outputs the logs in a structured manner.
 
         > **Warning**
@@ -60,30 +60,30 @@ Most Nix commands accept the following command-line options:
         > the error-messages (namely of the `msg`-field) can change
         > between releases.
 
-      - bar\
+      - bar  
         Only display a progress bar during the builds.
-
-      - bar-with-logs\
+    
+      - bar-with-logs  
         Display the raw logs, with the progress bar at the bottom.
 
-  - [`--no-build-output`]{#opt-no-build-output} / `-Q`\
+  - `--no-build-output` / `-Q`  
     By default, output written by builders to standard output and
     standard error is echoed to the Nix command's standard error. This
     option suppresses this behaviour. Note that the builder's standard
     output and error are always written to a log file in
     `prefix/nix/var/log/nix`.
 
-  - [`--max-jobs`]{#opt-max-jobs} / `-j` *number*\
+  - `--max-jobs` / `-j` *number*  
     Sets the maximum number of build jobs that Nix will perform in
     parallel to the specified number. Specify `auto` to use the number
     of CPUs in the system. The default is specified by the `max-jobs`
     configuration setting, which itself defaults to `1`. A higher
     value is useful on SMP systems or to exploit I/O latency.
-
+    
     Setting it to `0` disallows building on the local machine, which is
     useful when you want builds to happen only on remote builders.
 
-  - [`--cores`]{#opt-cores}\
+  - `--cores`  
     Sets the value of the `NIX_BUILD_CORES` environment variable in
     the invocation of builders. Builders can use this variable at
     their discretion to control the maximum amount of parallelism. For
@@ -94,18 +94,18 @@ Most Nix commands accept the following command-line options:
     means that the builder should use all available CPU cores in the
     system.
 
-  - [`--max-silent-time`]{#opt-max-silent-time}\
+  - `--max-silent-time`  
     Sets the maximum number of seconds that a builder can go without
     producing any data on standard output or standard error. The
     default is specified by the `max-silent-time` configuration
     setting. `0` means no time-out.
 
-  - [`--timeout`]{#opt-timeout}\
+  - `--timeout`  
     Sets the maximum number of seconds that a builder can run. The
     default is specified by the `timeout` configuration setting. `0`
     means no timeout.
 
-  - [`--keep-going`]{#opt-keep-going} / `-k`\
+  - `--keep-going` / `-k`  
     Keep going in case of failed builds, to the greatest extent
     possible. That is, if building an input of some derivation fails,
     Nix will still build the other inputs, but not the derivation
@@ -113,17 +113,17 @@ Most Nix commands accept the following command-line options:
     for builds of substitutes), possibly killing builds in progress (in
     case of parallel or distributed builds).
 
-  - [`--keep-failed`]{#opt-keep-failed} / `-K`\
+  - `--keep-failed` / `-K`  
     Specifies that in case of a build failure, the temporary directory
     (usually in `/tmp`) in which the build takes place should not be
     deleted. The path of the build directory is printed as an
     informational message.
 
-  - [`--fallback`]{#opt-fallback}\
+  - `--fallback`  
     Whenever Nix attempts to build a derivation for which substitutes
     are known for each output path, but realising the output paths
     through the substitutes fails, fall back on building the derivation.
-
+    
     The most common scenario in which this is useful is when we have
     registered substitutes in order to perform binary distribution from,
     say, a network repository. If the repository is down, the
@@ -134,12 +134,21 @@ Most Nix commands accept the following command-line options:
     failure in obtaining the substitutes to lead to a full build from
     source (with the related consumption of resources).
 
-  - [`--readonly-mode`]{#opt-readonly-mode}\
+  - `--no-build-hook`  
+    Disables the build hook mechanism. This allows to ignore remote
+    builders if they are setup on the machine.
+    
+    It's useful in cases where the bandwidth between the client and the
+    remote builder is too low. In that case it can take more time to
+    upload the sources to the remote builder and fetch back the result
+    than to do the computation locally.
+
+  - `--readonly-mode`  
     When this option is used, no attempt is made to open the Nix
     database. Most Nix operations do need database access, so those
     operations will fail.
 
-  - [`--arg`]{#opt-arg} *name* *value*\
+  - `--arg` *name* *value*  
     This option is accepted by `nix-env`, `nix-instantiate`,
     `nix-shell` and `nix-build`. When evaluating Nix expressions, the
     expression evaluator will automatically try to call functions that
@@ -151,7 +160,7 @@ Most Nix commands accept the following command-line options:
     override a default value). That is, if the evaluator encounters a
     function with an argument named *name*, it will call it with value
     *value*.
-
+    
     For instance, the top-level `default.nix` in Nixpkgs is actually a
     function:
 
@@ -161,22 +170,22 @@ Most Nix commands accept the following command-line options:
       ...
     }: ...
     ```
-
-    So if you call this Nix expression (e.g., when you do `nix-env -iA
+    
+    So if you call this Nix expression (e.g., when you do `nix-env -i
     pkgname`), the function will be called automatically using the
     value [`builtins.currentSystem`](../expressions/builtins.md) for
     the `system` argument. You can override this using `--arg`, e.g.,
-    `nix-env -iA pkgname --arg system \"i686-freebsd\"`. (Note that
+    `nix-env -i pkgname --arg system \"i686-freebsd\"`. (Note that
     since the argument is a Nix string literal, you have to escape the
     quotes.)
 
-  - [`--argstr`]{#opt-argstr} *name* *value*\
+  - `--argstr` *name* *value*  
     This option is like `--arg`, only the value is not a Nix
     expression but a string. So instead of `--arg system
     \"i686-linux\"` (the outer quotes are to keep the shell happy) you
     can say `--argstr system i686-linux`.
 
-  - [`--attr`]{#opt-attr} / `-A` *attrPath*\
+  - `--attr` / `-A` *attrPath*  
     Select an attribute from the top-level Nix expression being
     evaluated. (`nix-env`, `nix-instantiate`, `nix-build` and
     `nix-shell` only.) The *attribute path* *attrPath* is a sequence
@@ -185,34 +194,34 @@ Most Nix commands accept the following command-line options:
     would cause the expression `e.xorg.xorgserver` to be used. See
     [`nix-env --install`](nix-env.md#operation---install) for some
     concrete examples.
-
+    
     In addition to attribute names, you can also specify array indices.
     For instance, the attribute path `foo.3.bar` selects the `bar`
     attribute of the fourth element of the array in the `foo` attribute
     of the top-level expression.
 
-  - [`--expr`]{#opt-expr} / `-E`\
+  - `--expr` / `-E`  
     Interpret the command line arguments as a list of Nix expressions to
     be parsed and evaluated, rather than as a list of file names of Nix
     expressions. (`nix-instantiate`, `nix-build` and `nix-shell` only.)
-
+    
     For `nix-shell`, this option is commonly used to give you a shell in
     which you can build the packages returned by the expression. If you
     want to get a shell which contain the *built* packages ready for
     use, give your expression to the `nix-shell -p` convenience flag
     instead.
 
-  - [`-I`]{#opt-I} *path*\
+  - `-I` *path*  
     Add a path to the Nix expression search path. This option may be
     given multiple times. See the `NIX_PATH` environment variable for
     information on the semantics of the Nix search path. Paths added
     through `-I` take precedence over `NIX_PATH`.
 
-  - [`--option`]{#opt-option} *name* *value*\
+  - `--option` *name* *value*  
     Set the Nix configuration option *name* to *value*. This overrides
     settings in the Nix configuration file (see nix.conf5).
 
-  - [`--repair`]{#opt-repair}\
+  - `--repair`  
     Fix corrupted or missing store paths by redownloading or rebuilding
     them. Note that this is slow because it requires computing a
     cryptographic hash of the contents of every path in the closure of

doc/manual/src/contributing/cli-guideline.md

@@ -3,7 +3,7 @@
 ## Goals
 
 Purpose of this document is to provide a clear direction to **help design
-delightful command line** experience. This document contains guidelines to
+delightful command line** experience. This document contain guidelines to
 follow to ensure a consistent and approachable user experience.
 
 ## Overview
@@ -103,7 +103,7 @@ impacted the most by bad user experience.
 # Help is essential
 
 Help should be built into your command line so that new users can gradually
-discover new features when they need them.
+discover new features when they need them. 
 
 ## Looking for help
 
@@ -115,7 +115,7 @@ The rules are:
 
 - Help is shown by using `--help` or `help` command (eg `nix` `--``help` or
   `nix help`).
-- For non-COMMANDs (eg. `nix` `--``help` and `nix store` `--``help`) we **show
+- For non-COMMANDs (eg. `nix` `--``help`  and `nix store` `--``help`) we **show
   a summary** of most common use cases. Summary is presented on the STDOUT
   without any use of PAGER.
 - For COMMANDs (eg. `nix init` `--``help` or `nix help init`) we display the
@@ -176,7 +176,7 @@ $ nix init --template=template#pyton
 ------------------------------------------------------------------------
 Initializing Nix project at `/path/to/here`.
       Select a template for you new project:
-          |> template#python
+          |> template#pyton
              template#python-pip
              template#python-poetry
 ```
@@ -230,17 +230,17 @@ Now **Learn** part of the output is where you educate users. You should only
 show it when you know that a build will take some time and not annoy users of
 the builds that take only few seconds.
 
-Every feature like this should go through an intensive review and testing to
-collect as much feedback as possible and to fine tune every little detail. If
+Every feature like this should go though a intensive review and testing to
+collect as much a feedback as possible and to fine tune every little detail. If
 done right this can be an awesome features beginners and advance users will
 love, but if not done perfectly it will annoy users and leave bad impression.
 
 # Input
 
-Input to a command is provided via `ARGUMENTS` and `OPTIONS`.
+Input to a command is provided via `ARGUMENTS` and `OPTIONS`. 
 
 `ARGUMENTS` represent a required input for a function. When choosing to use
-`ARGUMENTS` over `OPTIONS` please be aware of the downsides that come with it:
+`ARGUMENT` over function please be aware of the downsides that come with it:
 
 - User will need to remember the order of `ARGUMENTS`. This is not a problem if
   there is only one `ARGUMENT`.
@@ -253,7 +253,7 @@ developer consider the downsides and choose wisely.
 
 ## Naming the `OPTIONS`
 
-The only naming convention - apart from the ones mentioned in Naming the
+Then only naming convention - apart from the ones mentioned in Naming the
 `COMMANDS` section is how flags are named.
 
 Flags are a type of `OPTION` that represent an option that can be turned ON of
@@ -271,12 +271,12 @@ to improve the discoverability of possible input. A new user will most likely
 not know which `ARGUMENTS` and `OPTIONS` are required or which values are
 possible for those options.
 
-In case the user does not provide the input or they provide wrong input,
-rather than show the error, prompt a user with an option to find and select
+In cases, the user might not provide the input or they provide wrong input,
+rather then show the error, prompt a user with an option to find and select
 correct input (see examples).
 
 Prompting is of course not required when TTY is not attached to STDIN. This
-would mean that scripts won't need to handle prompt, but rather handle errors.
+would mean that scripts wont need to handle prompt, but rather handle errors.
 
 A place to use prompt and provide user with interactive select
 
@@ -300,9 +300,9 @@ going to happen.
 ```shell
 $ nix build --option substitutors https://cache.example.org
 ------------------------------------------------------------------------
-  Warning! A security related question needs to be answered.
+  Warning! A security related question need to be answered.
 ------------------------------------------------------------------------
-  The following substitutors will be used to in `my-project`:
+  The following substitutors will be used to in `my-project`: 
     - https://cache.example.org
 
   Do you allow `my-project` to use above mentioned substitutors?
@@ -311,14 +311,14 @@ $ nix build --option substitutors https://cache.example.org
 
 # Output
 
-Terminal output can be quite limiting in many ways. Which should force us to
+Terminal output can be quite limiting in many ways. Which should forces us to
 think about the experience even more. As with every design the output is a
 compromise between being terse and being verbose, between showing help to
 beginners and annoying advance users. For this it is important that we know
 what are the priorities.
 
 Nix command line should be first and foremost written with beginners in mind.
-But users won't stay beginners for long and what was once useful might quickly
+But users wont stay beginners for long and what was once useful might quickly
 become annoying. There is no golden rule that we can give in this guideline
 that would make it easier how to draw a line and find best compromise.
 
@@ -342,7 +342,7 @@ also allowing them to redirect content to a file. For example:
 ```shell
 $ nix build > build.txt
 ------------------------------------------------------------------------
-  Error! Attribute `bin` missing at (1:94) from string.
+  Error! Atrribute `bin` missing at (1:94) from string.
 ------------------------------------------------------------------------
 
   1| with import <nixpkgs> { }; (pkgs.runCommandCC or pkgs.runCommand) "shell" { buildInputs = [ (surge.bin) ]; } ""
@@ -408,7 +408,7 @@ Above command clearly states that command successfully completed. And in case
 of `nix build`, which is a command that might take some time to complete, it is
 equally important to also show that a command started.
 
-## Text alignment
+## Text alignment 
 
 Text alignment is the number one design element that will present all of the
 Nix commands as a family and not as separate tools glued together.
@@ -419,7 +419,7 @@ The format we should follow is:
 $ nix COMMAND
    VERB_1 NOUN and other words
   VERB__1 NOUN and other words
-       |> Some details
+       |> Some details 
 ```
 
 Few rules that we can extract from above example:
@@ -444,13 +444,13 @@ is not even notable, therefore relying on it wouldn’t make much sense.
 
 **The bright text is much better supported** across terminals and color
 schemes. Most of the time the difference is perceived as if the bright text
-would be bold.
+would be bold. 
 
 ## Colors
 
 Humans are already conditioned by society to attach certain meaning to certain
 colors. While the meaning is not universal, a simple collection of colors is
-used to represent basic emotions.
+used to represent basic emotions. 
 
 Colors that can be used in output
 
@@ -508,7 +508,7 @@ can, with a few key strokes, be changed into and advance introspection tool.
 
 ### Progress
 
-For longer running commands we should provide and overview the progress.
+For longer running commands we should provide and overview of the progress.
 This is shown best in `nix build` example:
 
 ```shell
@@ -553,9 +553,9 @@ going to happen.
 ```shell
 $ nix build --option substitutors https://cache.example.org
 ------------------------------------------------------------------------
-  Warning! A security related question needs to be answered.
+  Warning! A security related question need to be answered.
 ------------------------------------------------------------------------
-  The following substitutors will be used to in `my-project`:
+  The following substitutors will be used to in `my-project`: 
     - https://cache.example.org
 
   Do you allow `my-project` to use above mentioned substitutors?
@@ -566,7 +566,7 @@ $ nix build --option substitutors https://cache.example.org
 
 There are many ways that you can control verbosity.
 
-Verbosity levels are:
+Verbosity levels are: 
 
 - `ERROR` (level 0)
 - `WARN` (level 1)
@@ -586,4 +586,4 @@ There are also two shortcuts, `--debug` to run in `DEBUG` verbosity level and
 
 # Appendix 1: Commands naming exceptions
 
-`nix init` and `nix repl` are well established
+`nix init` and `nix repl` are well established 

doc/manual/src/contributing/hacking.md

@@ -35,25 +35,6 @@ variables are set up so that those dependencies can be found:
 $ nix-shell
 ```
 
-or if you have a flake-enabled nix:
-
-```console
-$ nix develop
-```
-
-To get a shell with a different compilation environment (e.g. stdenv,
-gccStdenv, clangStdenv, clang11Stdenv):
-
-```console
-$ nix-shell -A devShells.x86_64-linux.clang11StdenvPackages
-```
-
-or if you have a flake-enabled nix:
-
-```console
-$ nix develop .#clang11StdenvPackages
-```
-
 To build Nix itself in this shell:
 
 ```console
@@ -71,6 +52,18 @@ To install it in `$(pwd)/outputs` and test it:
 nix (Nix) 3.0
 ```
 
+To run a functional test:
+
+```console
+make tests/test-name-should-auto-complete.sh.test
+```
+
+To run the unit-tests for C++ code:
+
+```
+make check
+```
+
 If you have a flakes-enabled Nix you can replace:
 
 ```console
@@ -82,29 +75,3 @@ by:
 ```console
 $ nix develop
 ```
-
-## Testing
-
-Nix comes with three different flavors of tests: unit, functional and integration.
-
-### Unit-tests
-
-The unit-tests for each Nix library (`libexpr`, `libstore`, etc..) are defined
-under `src/{library_name}/tests` using the
-[googletest](https://google.github.io/googletest/) framework.
-
-You can run the whole testsuite with `make check`, or the tests for a specific component with `make libfoo-tests_RUN`. Finer-grained filtering is also possible using the [--gtest_filter](https://google.github.io/googletest/advanced.html#running-a-subset-of-the-tests) command-line option.
-
-### Functional tests
-
-The functional tests reside under the `tests` directory and are listed in `tests/local.mk`.
-The whole testsuite can be run with `make install && make installcheck`.
-Individual tests can be run with `make tests/{testName}.sh.test`.
-
-### Integration tests
-
-The integration tests are defined in the Nix flake under the `hydraJobs.tests` attribute.
-These tests include everything that needs to interact with external services or run Nix in a non-trivial distributed setup.
-Because these tests are expensive and require more than what the standard github-actions setup provides, they only run on the master branch (on <https://hydra.nixos.org/jobset/nix/master>).
-
-You can run them manually with `nix build .#hydraJobs.tests.{testName}` or `nix-build -A hydraJobs.tests.{testName}`

doc/manual/src/expressions/advanced-attributes.md

@@ -2,14 +2,14 @@
 
 Derivations can declare some infrequently used optional attributes.
 
-  - [`allowedReferences`]{#adv-attr-allowedReferences}\
+  - `allowedReferences`  
     The optional attribute `allowedReferences` specifies a list of legal
     references (dependencies) of the output of the builder. For example,
-
+    
     ```nix
     allowedReferences = [];
     ```
-
+    
     enforces that the output of a derivation cannot have any runtime
     dependencies on its inputs. To allow an output to have a runtime
     dependency on itself, use `"out"` as a list item. This is used in
@@ -17,45 +17,45 @@ Derivations can declare some infrequently used optional attributes.
     booting Linux don’t have accidental dependencies on other paths in
     the Nix store.
 
-  - [`allowedRequisites`]{#adv-attr-allowedRequisites}\
+  - `allowedRequisites`  
     This attribute is similar to `allowedReferences`, but it specifies
     the legal requisites of the whole closure, so all the dependencies
     recursively. For example,
-
+    
     ```nix
     allowedRequisites = [ foobar ];
     ```
-
+    
     enforces that the output of a derivation cannot have any other
     runtime dependency than `foobar`, and in addition it enforces that
     `foobar` itself doesn't introduce any other dependency itself.
 
-  - [`disallowedReferences`]{#adv-attr-disallowedReferences}\
+  - `disallowedReferences`  
     The optional attribute `disallowedReferences` specifies a list of
     illegal references (dependencies) of the output of the builder. For
     example,
-
+    
     ```nix
     disallowedReferences = [ foo ];
     ```
-
+    
     enforces that the output of a derivation cannot have a direct
     runtime dependencies on the derivation `foo`.
 
-  - [`disallowedRequisites`]{#adv-attr-disallowedRequisites}\
+  - `disallowedRequisites`  
     This attribute is similar to `disallowedReferences`, but it
     specifies illegal requisites for the whole closure, so all the
     dependencies recursively. For example,
-
+    
     ```nix
     disallowedRequisites = [ foobar ];
     ```
-
+    
     enforces that the output of a derivation cannot have any runtime
     dependency on `foobar` or any other derivation depending recursively
     on `foobar`.
 
-  - [`exportReferencesGraph`]{#adv-attr-exportReferencesGraph}\
+  - `exportReferencesGraph`  
     This attribute allows builders access to the references graph of
     their inputs. The attribute is a list of inputs in the Nix store
     whose references graph the builder needs to know. The value of
@@ -65,17 +65,17 @@ Derivations can declare some infrequently used optional attributes.
     files have the format used by `nix-store --register-validity`
     (with the deriver fields left empty). For example, when the
     following derivation is built:
-
+    
     ```nix
     derivation {
       ...
       exportReferencesGraph = [ "libfoo-graph" libfoo ];
     };
     ```
-
+    
     the references graph of `libfoo` is placed in the file
     `libfoo-graph` in the temporary build directory.
-
+    
     `exportReferencesGraph` is useful for builders that want to do
     something with the closure of a store path. Examples include the
     builders in NixOS that generate the initial ramdisk for booting
@@ -84,66 +84,66 @@ Derivations can declare some infrequently used optional attributes.
     with a Nix store containing the closure of a bootable NixOS
     configuration).
 
-  - [`impureEnvVars`]{#adv-attr-impureEnvVars}\
+  - `impureEnvVars`  
     This attribute allows you to specify a list of environment variables
     that should be passed from the environment of the calling user to
     the builder. Usually, the environment is cleared completely when the
     builder is executed, but with this attribute you can allow specific
     environment variables to be passed unmodified. For example,
     `fetchurl` in Nixpkgs has the line
-
+    
     ```nix
     impureEnvVars = [ "http_proxy" "https_proxy" ... ];
     ```
-
+    
     to make it use the proxy server configuration specified by the user
     in the environment variables `http_proxy` and friends.
-
+    
     This attribute is only allowed in *fixed-output derivations* (see
     below), where impurities such as these are okay since (the hash
     of) the output is known in advance. It is ignored for all other
     derivations.
-
+    
     > **Warning**
-    >
+    > 
     > `impureEnvVars` implementation takes environment variables from
     > the current builder process. When a daemon is building its
     > environmental variables are used. Without the daemon, the
     > environmental variables come from the environment of the
     > `nix-build`.
 
-  - [`outputHash`]{#adv-attr-outputHash}; [`outputHashAlgo`]{#adv-attr-outputHashAlgo}; [`outputHashMode`]{#adv-attr-outputHashMode}\
+  - `outputHash`; `outputHashAlgo`; `outputHashMode`  
     These attributes declare that the derivation is a so-called
     *fixed-output derivation*, which means that a cryptographic hash of
     the output is already known in advance. When the build of a
     fixed-output derivation finishes, Nix computes the cryptographic
     hash of the output and compares it to the hash declared with these
     attributes. If there is a mismatch, the build fails.
-
+    
     The rationale for fixed-output derivations is derivations such as
     those produced by the `fetchurl` function. This function downloads a
     file from a given URL. To ensure that the downloaded file has not
     been modified, the caller must also specify a cryptographic hash of
     the file. For example,
-
+    
     ```nix
     fetchurl {
       url = "http://ftp.gnu.org/pub/gnu/hello/hello-2.1.1.tar.gz";
       sha256 = "1md7jsfd8pa45z73bz1kszpp01yw6x5ljkjk2hx7wl800any6465";
     }
     ```
-
+    
     It sometimes happens that the URL of the file changes, e.g., because
     servers are reorganised or no longer available. We then must update
     the call to `fetchurl`, e.g.,
-
+    
     ```nix
     fetchurl {
       url = "ftp://ftp.nluug.nl/pub/gnu/hello/hello-2.1.1.tar.gz";
       sha256 = "1md7jsfd8pa45z73bz1kszpp01yw6x5ljkjk2hx7wl800any6465";
     }
     ```
-
+    
     If a `fetchurl` derivation was treated like a normal derivation, the
     output paths of the derivation and *all derivations depending on it*
     would change. For instance, if we were to change the URL of the
@@ -151,16 +151,16 @@ Derivations can declare some infrequently used optional attributes.
     other packages depend) massive rebuilds would be needed. This is
     unfortunate for a change which we know cannot have a real effect as
     it propagates upwards through the dependency graph.
-
+    
     For fixed-output derivations, on the other hand, the name of the
     output path only depends on the `outputHash*` and `name` attributes,
     while all other attributes are ignored for the purpose of computing
     the output path. (The `name` attribute is included because it is
     part of the path.)
-
+    
     As an example, here is the (simplified) Nix expression for
     `fetchurl`:
-
+    
     ```nix
     { stdenv, curl }: # The curl program is used for downloading.
 
@@ -180,51 +180,43 @@ Derivations can declare some infrequently used optional attributes.
       inherit url;
     }
     ```
-
+    
     The `outputHashAlgo` attribute specifies the hash algorithm used to
     compute the hash. It can currently be `"sha1"`, `"sha256"` or
     `"sha512"`.
-
+    
     The `outputHashMode` attribute determines how the hash is computed.
     It must be one of the following two values:
-
-      - `"flat"`\
+    
+      - `"flat"`  
         The output must be a non-executable regular file. If it isn’t,
         the build fails. The hash is simply computed over the contents
         of that file (so it’s equal to what Unix commands like
         `sha256sum` or `sha1sum` produce).
-
+        
         This is the default.
-
-      - `"recursive"`\
+    
+      - `"recursive"`  
         The hash is computed over the NAR archive dump of the output
         (i.e., the result of [`nix-store
         --dump`](../command-ref/nix-store.md#operation---dump)). In
         this case, the output can be anything, including a directory
         tree.
-
+    
     The `outputHash` attribute, finally, must be a string containing
     the hash in either hexadecimal or base-32 notation. (See the
     [`nix-hash` command](../command-ref/nix-hash.md) for information
     about converting to and from base-32 notation.)
-    
-  - [`__contentAddressed`]{#adv-attr-__contentAddressed}
-    If this **experimental** attribute is set to true, then the derivation
-    outputs will be stored in a content-addressed location rather than the
-    traditional input-addressed one.
-    This only has an effect if the `ca-derivation` experimental feature is enabled.
-    
-    Setting this attribute also requires setting `outputHashMode` and `outputHashAlgo` like for *fixed-output derivations* (see above).
 
-  - [`passAsFile`]{#adv-attr-passAsFile}\
+  - `passAsFile`  
     A list of names of attributes that should be passed via files rather
     than environment variables. For example, if you have
-
+    
     ```nix
     passAsFile = ["big"];
     big = "a very long string";
     ```
-
+    
     then when the builder runs, the environment variable `bigPath`
     will contain the absolute path to a temporary file containing `a
     very long string`. That is, for any attribute *x* listed in
@@ -234,22 +226,22 @@ Derivations can declare some infrequently used optional attributes.
     builder, since most operating systems impose a limit on the size
     of the environment (typically, a few hundred kilobyte).
 
-  - [`preferLocalBuild`]{#adv-attr-preferLocalBuild}\
+  - `preferLocalBuild`  
     If this attribute is set to `true` and [distributed building is
     enabled](../advanced-topics/distributed-builds.md), then, if
-    possible, the derivation will be built locally instead of forwarded
+    possible, the derivaton will be built locally instead of forwarded
     to a remote machine. This is appropriate for trivial builders
     where the cost of doing a download or remote build would exceed
     the cost of building locally.
 
-  - [`allowSubstitutes`]{#adv-attr-allowSubstitutes}\
+  - `allowSubstitutes`  
     If this attribute is set to `false`, then Nix will always build this
     derivation; it will not try to substitute its outputs. This is
     useful for very trivial derivations (such as `writeText` in Nixpkgs)
     that are cheaper to build than to substitute from a binary cache.
-
+    
     > **Note**
-    >
+    > 
     > You need to have a builder configured which satisfies the
     > derivation’s `system` attribute, since the derivation cannot be
     > substituted. Thus it is usually a good idea to align `system` with

doc/manual/src/expressions/builtin-constants.md

@@ -2,7 +2,7 @@
 
 Here are the constants built into the Nix expression evaluator:
 
-  - `builtins`\
+  - `builtins`  
     The set `builtins` contains all the built-in functions and values.
     You can use `builtins` to test for the availability of features in
     the Nix installation, e.g.,
@@ -14,7 +14,7 @@ Here are the constants built into the Nix expression evaluator:
     This allows a Nix expression to fall back gracefully on older Nix
     installations that don’t have the desired built-in function.
 
-  - [`builtins.currentSystem`]{#builtins-currentSystem}\
+  - `builtins.currentSystem`  
     The built-in value `currentSystem` evaluates to the Nix platform
     identifier for the Nix installation on which the expression is being
     evaluated, such as `"i686-linux"` or `"x86_64-darwin"`.

doc/manual/src/expressions/builtins-prefix.md

@@ -9,8 +9,7 @@ scope. Instead, you can access them through the `builtins` built-in
 value, which is a set that contains all built-in functions and values.
 For instance, `derivation` is also available as `builtins.derivation`.
 
-<dl>
-  <dt><code>derivation <var>attrs</var></code>;
-      <code>builtins.derivation <var>attrs</var></code></dt>
-  <dd><p><var>derivation</var> is described in
-         <a href="derivations.md">its own section</a>.</p></dd>
+  - `derivation` *attrs*; `builtins.derivation` *attrs*  
+
+    `derivation` is described in [its own section](derivations.md).
+

doc/manual/src/expressions/builtins-suffix.md

@@ -1 +0,0 @@
-</dl>

doc/manual/src/expressions/derivations.md

@@ -4,7 +4,7 @@ The most important built-in function is `derivation`, which is used to
 describe a single derivation (a build action). It takes as input a set,
 the attributes of which specify the inputs of the build.
 
-  - There must be an attribute named [`system`]{#attr-system} whose value must be a
+  - There must be an attribute named `system` whose value must be a
     string specifying a Nix system type, such as `"i686-linux"` or
     `"x86_64-darwin"`. (To figure out your system type, run `nix -vv
     --version`.) The build can only be performed on a machine and

doc/manual/src/expressions/expression-syntax.md

@@ -26,7 +26,7 @@ elements (referenced from the figure by number):
     called with three arguments: `stdenv`, `fetchurl`, and `perl`. They
     are needed to build Hello, but we don't know how to build them here;
     that's why they are function arguments. `stdenv` is a package that
-    is used by almost all Nix Packages; it provides a
+    is used by almost all Nix Packages packages; it provides a
     “standard” environment consisting of the things you would expect
     in a basic Unix environment: a C/C++ compiler (GCC, to be precise),
     the Bash shell, fundamental Unix tools such as `cp`, `grep`, `tar`,

doc/manual/src/expressions/language-constructs.md

@@ -284,10 +284,6 @@ The points of interest are:
     function is called with the `localServer` argument set to `true` but
     the `db4` argument set to `null`, then the evaluation fails.
 
-    Note that `->` is the [logical
-    implication](https://en.wikipedia.org/wiki/Truth_table#Logical_implication)
-    Boolean operation.
-
 2.  This is a more subtle condition: if Subversion is built with Apache
     (`httpServer`) support, then the Expat library (an XML library) used
     by Subversion should be same as the one used by Apache. This is

doc/manual/src/expressions/language-operators.md

@@ -17,12 +17,12 @@ order of precedence (from strongest to weakest binding).
 | String Concatenation     | *string1* `+` *string2*             | left          | String concatenation.                                                                                                                                                                                                         | 7          |
 | Not                      | `!` *e*                             | none          | Boolean negation.                                                                                                                                                                                                             | 8          |
 | Update                   | *e1* `//` *e2*                      | right         | Return a set consisting of the attributes in *e1* and *e2* (with the latter taking precedence over the former in case of equally named attributes).                                                                           | 9          |
-| Less Than                | *e1* `<` *e2*,                      | none          | Arithmetic/lexicographic comparison.                                                                                                                                                                                                        | 10         |
-| Less Than or Equal To    | *e1* `<=` *e2*                      | none          | Arithmetic/lexicographic comparison.                                                                                                                                                                                                        | 10         |
-| Greater Than             | *e1* `>` *e2*                       | none          | Arithmetic/lexicographic comparison.                                                                                                                                                                                                        | 10         |
-| Greater Than or Equal To | *e1* `>=` *e2*                      | none          | Arithmetic/lexicographic comparison.                                                                                                                                                                                                        | 10         |
+| Less Than                | *e1* `<` *e2*,                      | none          | Arithmetic comparison.                                                                                                                                                                                                        | 10         |
+| Less Than or Equal To    | *e1* `<=` *e2*                      | none          | Arithmetic comparison.                                                                                                                                                                                                        | 10         |
+| Greater Than             | *e1* `>` *e2*                       | none          | Arithmetic comparison.                                                                                                                                                                                                        | 10         |
+| Greater Than or Equal To | *e1* `>=` *e2*                      | none          | Arithmetic comparison.                                                                                                                                                                                                        | 10         |
 | Equality                 | *e1* `==` *e2*                      | none          | Equality.                                                                                                                                                                                                                     | 11         |
 | Inequality               | *e1* `!=` *e2*                      | none          | Inequality.                                                                                                                                                                                                                   | 11         |
 | Logical AND              | *e1* `&&` *e2*                      | left          | Logical AND.                                                                                                                                                                                                                  | 12         |
-| Logical OR               | *e1* <code>&#124;&#124;</code> *e2* | left          | Logical OR.                                                                                                                                                                                                                   | 13         |
-| Logical Implication      | *e1* `->` *e2*                      | none          | Logical implication (equivalent to <code>!e1 &#124;&#124; e2</code>).                                                                                                                                                                            | 14         |
+| Logical OR               | *e1* `\|\|` *e2*                    | left          | Logical OR.                                                                                                                                                                                                                   | 13         |
+| Logical Implication      | *e1* `->` *e2*                      | none          | Logical implication (equivalent to `!e1 \|\| e2`).                                                                                                                                                                            | 14         |

doc/manual/src/expressions/language-values.md

@@ -64,7 +64,7 @@ Nix has the following basic data types:
     the start of each line. To be precise, it strips from each line a
     number of spaces equal to the minimal indentation of the string as a
     whole (disregarding the indentation of empty lines). For instance,
-    the first and second line are indented two spaces, while the third
+    the first and second line are indented two space, while the third
     line is indented four spaces. Thus, two spaces are stripped from
     each line, so the resulting string is
     
@@ -139,13 +139,6 @@ Nix has the following basic data types:
     environment variable `NIX_PATH` will be searched for the given file
     or directory name.
 
-    Antiquotation is supported in any paths except those in angle brackets.
-    `./${foo}-${bar}.nix` is a more convenient way of writing 
-    `./. + "/" + foo + "-" + bar + ".nix"` or `./. + "/${foo}-${bar}.nix"`. At
-    least one slash must appear *before* any antiquotations for this to be
-    recognized as a path. `a.${foo}/b.${bar}` is a syntactically valid division
-    operation. `./a.${foo}/b.${bar}` is a path.
-
   - *Booleans* with values `true` and `false`.
 
   - The null value, denoted as `null`.

doc/manual/src/expressions/simple-building-testing.md

@@ -1,6 +1,6 @@
 # Building and Testing
 
-You can now try to build Hello. Of course, you could do `nix-env -f . -iA
+You can now try to build Hello. Of course, you could do `nix-env -i
 hello`, but you may not want to install a possibly broken package just
 yet. The best way to test the package is by using the command
 `nix-build`, which builds a Nix expression and creates a symlink named

doc/manual/src/glossary.md

@@ -1,62 +1,62 @@
 # Glossary
 
-  - [derivation]{#gloss-derivation}\
+  - derivation  
     A description of a build action. The result of a derivation is a
     store object. Derivations are typically specified in Nix expressions
     using the [`derivation` primitive](expressions/derivations.md). These are
     translated into low-level *store derivations* (implicitly by
     `nix-env` and `nix-build`, or explicitly by `nix-instantiate`).
 
-  - [store]{#gloss-store}\
+  - store  
     The location in the file system where store objects live. Typically
     `/nix/store`.
 
-  - [store path]{#gloss-store-path}\
+  - store path  
     The location in the file system of a store object, i.e., an
     immediate child of the Nix store directory.
 
-  - [store object]{#gloss-store-object}\
+  - store object  
     A file that is an immediate child of the Nix store directory. These
     can be regular files, but also entire directory trees. Store objects
     can be sources (objects copied from outside of the store),
     derivation outputs (objects produced by running a build action), or
     derivations (files describing a build action).
 
-  - [substitute]{#gloss-substitute}\
+  - substitute  
     A substitute is a command invocation stored in the Nix database that
     describes how to build a store object, bypassing the normal build
     mechanism (i.e., derivations). Typically, the substitute builds the
     store object by downloading a pre-built version of the store object
     from some server.
 
-  - [purity]{#gloss-purity}\
+  - purity  
     The assumption that equal Nix derivations when run always produce
     the same output. This cannot be guaranteed in general (e.g., a
     builder can rely on external inputs such as the network or the
     system time) but the Nix model assumes it.
 
-  - [Nix expression]{#gloss-nix-expression}\
+  - Nix expression  
     A high-level description of software packages and compositions
     thereof. Deploying software using Nix entails writing Nix
     expressions for your packages. Nix expressions are translated to
     derivations that are stored in the Nix store. These derivations can
     then be built.
 
-  - [reference]{#gloss-reference}\
+  - reference  
     A store path `P` is said to have a reference to a store path `Q` if
     the store object at `P` contains the path `Q` somewhere. The
     *references* of a store path are the set of store paths to which it
     has a reference.
-
+    
     A derivation can reference other derivations and sources (but not
     output paths), whereas an output path only references other output
     paths.
 
-  - [reachable]{#gloss-reachable}\
+  - reachable  
     A store path `Q` is reachable from another store path `P` if `Q`
     is in the *closure* of the *references* relation.
 
-  - [closure]{#gloss-closure}\
+  - closure  
     The closure of a store path is the set of store paths that are
     directly or indirectly “reachable” from that store path; that is,
     it’s the closure of the path under the *references* relation. For
@@ -66,39 +66,35 @@
     is necessary to deploy whole closures, since otherwise at runtime
     files could be missing. The command `nix-store -qR` prints out
     closures of store paths.
-
+    
     As an example, if the store object at path `P` contains a reference
     to path `Q`, then `Q` is in the closure of `P`. Further, if `Q`
     references `R` then `R` is also in the closure of `P`.
 
-  - [output path]{#gloss-output-path}\
+  - output path  
     A store path produced by a derivation.
 
-  - [deriver]{#gloss-deriver}\
+  - deriver  
     The deriver of an *output path* is the store
     derivation that built it.
 
-  - [validity]{#gloss-validity}\
+  - validity  
     A store path is considered *valid* if it exists in the file system,
     is listed in the Nix database as being valid, and if all paths in
     its closure are also valid.
 
-  - [user environment]{#gloss-user-env}\
+  - user environment  
     An automatically generated store object that consists of a set of
     symlinks to “active” applications, i.e., other store paths. These
     are generated automatically by
     [`nix-env`](command-ref/nix-env.md). See *profiles*.
 
-  - [profile]{#gloss-profile}\
+  - profile  
     A symlink to the current *user environment* of a user, e.g.,
     `/nix/var/nix/profiles/default`.
 
-  - [NAR]{#gloss-nar}\
+  - NAR  
     A *N*ix *AR*chive. This is a serialisation of a path in the Nix
     store. It can contain regular files, directories and symbolic
     links.  NARs are generated and unpacked using `nix-store --dump`
     and `nix-store --restore`.
-  - [`∅`]{#gloss-emtpy-set}\
-    The empty set symbol. In the context of profile history, this denotes a package is not present in a particular version of the profile.
-  - [`ε`]{#gloss-epsilon}\
-    The epsilon symbol. In the context of a package, this means the version is empty. More precisely, the derivation does not have a version attribute.

doc/manual/src/installation/building-source.md

@@ -1,9 +1,9 @@
 # Building Nix from Source
 
-After cloning Nix's Git repository, issue the following commands:
+After unpacking or checking out the Nix sources, issue the following
+commands:
 
 ```console
-$ ./bootstrap.sh
 $ ./configure options...
 $ make
 $ make install
@@ -11,6 +11,13 @@ $ make install
 
 Nix requires GNU Make so you may need to invoke `gmake` instead.
 
+When building from the Git repository, these should be preceded by the
+command:
+
+```console
+$ ./bootstrap.sh
+```
+
 The installation path can be specified by passing the `--prefix=prefix`
 to `configure`. The default installation directory is `/usr/local`. You
 can change this to any location you like. You must have write permission

doc/manual/src/installation/env-variables.md

@@ -40,7 +40,7 @@ export NIX_SSL_CERT_FILE=/etc/ssl/my-certificate-bundle.crt
 > **Note**
 > 
 > You must not add the export and then do the install, as the Nix
-> installer will detect the presence of Nix configuration, and abort.
+> installer will detect the presense of Nix configuration, and abort.
 
 ## `NIX_SSL_CERT_FILE` with macOS and the Nix daemon
 

doc/manual/src/installation/installing-binary.md

@@ -1,26 +1,18 @@
 # Installing a Binary Distribution
 
-The easiest way to install Nix is to run the following command:
+If you are using Linux or macOS versions up to 10.14 (Mojave), the
+easiest way to install Nix is to run the following command:
 
 ```console
 $ sh <(curl -L https://nixos.org/nix/install)
 ```
 
-This will run the installer interactively (causing it to explain what
-it is doing more explicitly), and perform the default "type" of install
-for your platform:
-- single-user on Linux
-- multi-user on macOS
+If you're using macOS 10.15 (Catalina) or newer, consult [the macOS
+installation instructions](#macos-installation) before installing.
 
-  > **Notes on read-only filesystem root in macOS 10.15 Catalina +**
-  > 
-  > - It took some time to support this cleanly. You may see posts,
-  >   examples, and tutorials using obsolete workarounds.
-  > - Supporting it cleanly made macOS installs too complex to qualify
-  >   as single-user, so this type is no longer supported on macOS.
-
-We recommend the multi-user install if it supports your platform and
-you can authenticate with `sudo`.
+As of Nix 2.1.0, the Nix installer will always default to creating a
+single-user installation, however opting in to the multi-user
+installation is highly recommended.
 
 # Single User Installation
 
@@ -58,9 +50,9 @@ $ rm -rf /nix
 The multi-user Nix installation creates system users, and a system
 service for the Nix daemon.
 
-**Supported Systems**
-- Linux running systemd, with SELinux disabled
-- macOS
+  - Linux running systemd, with SELinux disabled
+
+  - macOS
 
 You can instruct the installer to perform a multi-user installation on
 your system:
@@ -84,9 +76,7 @@ The installer will modify `/etc/bashrc`, and `/etc/zshrc` if they exist.
 The installer will first back up these files with a `.backup-before-nix`
 extension. The installer will also create `/etc/profile.d/nix.sh`.
 
-## Uninstalling
-
-### Linux
+You can uninstall Nix with the following commands:
 
 ```console
 sudo rm -rf /etc/profile/nix.sh /etc/nix /nix ~root/.nix-profile ~root/.nix-defexpr ~root/.nix-channels ~/.nix-profile ~/.nix-defexpr ~/.nix-channels
@@ -97,142 +87,174 @@ sudo systemctl stop nix-daemon.service
 sudo systemctl disable nix-daemon.socket
 sudo systemctl disable nix-daemon.service
 sudo systemctl daemon-reload
+
+# If you are on macOS, you will need to run:
+sudo launchctl unload /Library/LaunchDaemons/org.nixos.nix-daemon.plist
+sudo rm /Library/LaunchDaemons/org.nixos.nix-daemon.plist
 ```
 
 There may also be references to Nix in `/etc/profile`, `/etc/bashrc`,
 and `/etc/zshrc` which you may remove.
 
-### macOS
+# macOS Installation
 
-1. Edit `/etc/zshrc` and `/etc/bashrc` to remove the lines sourcing
-   `nix-daemon.sh`, which should look like this:
+Starting with macOS 10.15 (Catalina), the root filesystem is read-only.
+This means `/nix` can no longer live on your system volume, and that
+you'll need a workaround to install Nix.
 
-   ```bash
-   # Nix
-   if [ -e '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh' ]; then
-     . '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh'
-   fi
-   # End Nix
-   ```
-
-   If these files haven't been altered since installing Nix you can simply put
-   the backups back in place:
-
-   ```console
-   sudo mv /etc/zshrc.backup-before-nix /etc/zshrc
-   sudo mv /etc/bashrc.backup-before-nix /etc/bashrc
-   ```
-
-   This will stop shells from sourcing the file and bringing everything you
-   installed using Nix in scope.
-
-2. Stop and remove the Nix daemon services:
-
-   ```console
-   sudo launchctl unload /Library/LaunchDaemons/org.nixos.nix-daemon.plist
-   sudo rm /Library/LaunchDaemons/org.nixos.nix-daemon.plist
-   sudo launchctl unload /Library/LaunchDaemons/org.nixos.darwin-store.plist
-   sudo rm /Library/LaunchDaemons/org.nixos.darwin-store.plist
-   ```
-
-   This stops the Nix daemon and prevents it from being started next time you
-   boot the system.
-
-3. Remove the `nixbld` group and the `_nixbuildN` users:
-
-   ```console
-   sudo dscl . -delete /Groups/nixbld
-   for u in $(sudo dscl . -list /Users | grep _nixbld); do sudo dscl . -delete /Users/$u; done
-   ```
-
-   This will remove all the build users that no longer serve a purpose.
-
-4. Edit fstab using `sudo vifs` to remove the line mounting the Nix Store
-   volume on `/nix`, which looks like this,
-   `LABEL=Nix\040Store /nix apfs rw,nobrowse`. This will prevent automatic
-   mounting of the Nix Store volume.
-
-5. Edit `/etc/synthetic.conf` to remove the `nix` line. If this is the only
-   line in the file you can remove it entirely, `sudo rm /etc/synthetic.conf`.
-   This will prevent the creation of the empty `/nix` directory to provide a
-   mountpoint for the Nix Store volume.
-
-6. Remove the files Nix added to your system:
-
-   ```console
-   sudo rm -rf /etc/nix /var/root/.nix-profile /var/root/.nix-defexpr /var/root/.nix-channels ~/.nix-profile ~/.nix-defexpr ~/.nix-channels
-   ```
-
-   This gets rid of any data Nix may have created except for the store which is
-   removed next.
-
-7. Remove the Nix Store volume:
-   
-   ```console
-   sudo diskutil apfs deleteVolume /nix
-   ```
-
-   This will remove the Nix Store volume and everything that was added to the
-   store.
+The recommended approach, which creates an unencrypted APFS volume for
+your Nix store and a "synthetic" empty directory to mount it over at
+`/nix`, is least likely to impair Nix or your system.
 
 > **Note**
 > 
-> After you complete the steps here, you will still have an empty `/nix`
-> directory. This is an expected sign of a successful uninstall. The empty
-> `/nix` directory will disappear the next time you reboot.
->
-> You do not have to reboot to finish uninstalling Nix. The uninstall is
-> complete. macOS (Catalina+) directly controls root directories and its
-> read-only root will prevent you from manually deleting the empty `/nix`
-> mountpoint.
+> With all separate-volume approaches, it's possible something on your
+> system (particularly daemons/services and restored apps) may need
+> access to your Nix store before the volume is mounted. Adding
+> additional encryption makes this more likely.
 
-# macOS Installation
-[]{#sect-macos-installation-change-store-prefix}[]{#sect-macos-installation-encrypted-volume}[]{#sect-macos-installation-symlink}[]{#sect-macos-installation-recommended-notes}
-<!-- Note: anchors above to catch permalinks to old explanations -->
+If you're using a recent Mac with a [T2
+chip](https://www.apple.com/euro/mac/shared/docs/Apple_T2_Security_Chip_Overview.pdf),
+your drive will still be encrypted at rest (in which case "unencrypted"
+is a bit of a misnomer). To use this approach, just install Nix with:
 
-We believe we have ironed out how to cleanly support the read-only root
-on modern macOS. New installs will do this automatically, and you can
-also re-run a new installer to convert your existing setup.
+```console
+$ sh <(curl -L https://nixos.org/nix/install) --darwin-use-unencrypted-nix-store-volume
+```
 
-This section previously detailed the situation, options, and trade-offs,
-but it now only outlines what the installer does. You don't need to know
-this to run the installer, but it may help if you run into trouble:
+If you don't like the sound of this, you'll want to weigh the other
+approaches and tradeoffs detailed in this section.
 
-- create a new APFS volume for your Nix store
-- update `/etc/synthetic.conf` to direct macOS to create a "synthetic"
-  empty root directory to mount your volume
-- specify mount options for the volume in `/etc/fstab`
-  - `rw`: read-write
-  - `noauto`: prevent the system from auto-mounting the volume (so the
-    LaunchDaemon mentioned below can control mounting it, and to avoid
-    masking problems with that mounting service).
-  - `nobrowse`: prevent the Nix Store volume from showing up on your
-    desktop; also keeps Spotlight from spending resources to index
-    this volume
-  <!-- TODO:
-  - `suid`: honor setuid? surely not? ...
-  - `owners`: honor file ownership on the volume
+> **Note**
+> 
+> All of the known workarounds have drawbacks, but we hope better
+> solutions will be available in the future. Some that we have our eye
+> on are:
+> 
+> 1.  A true firmlink would enable the Nix store to live on the primary
+>     data volume without the build problems caused by the symlink
+>     approach. End users cannot currently create true firmlinks.
+> 
+> 2.  If the Nix store volume shared FileVault encryption with the
+>     primary data volume (probably by using the same volume group and
+>     role), FileVault encryption could be easily supported by the
+>     installer without requiring manual setup by each user.
 
-    For now I'll avoid pretending to understand suid/owners more
-    than I do. There've been some vague reports of file-ownership
-    and permission issues, particularly in cloud/VM/headless setups.
-    My pet theory is that this has something to do with these setups
-    not having a token that gets delegated to initial/admin accounts
-    on macOS. See scripts/create-darwin-volume.sh for a little more.
+## Change the Nix store path prefix
 
-    In any case, by Dec 4 2021, it _seems_ like some combination of
-    suid, owners, and calling diskutil enableOwnership have stopped
-    new reports from coming in. But I hesitate to celebrate because we
-    haven't really named and catalogued the behavior, understood what
-    we're fixing, and validated that all 3 components are essential.
-  -->
-- if you have FileVault enabled
-    - generate an encryption password
-    - put it in your system Keychain
-    - use it to encrypt the volume
-- create a system LaunchDaemon to mount this volume early enough in the
-  boot process to avoid problems loading or restoring any programs that
-  need access to your Nix store
+Changing the default prefix for the Nix store is a simple approach which
+enables you to leave it on your root volume, where it can take full
+advantage of FileVault encryption if enabled. Unfortunately, this
+approach also opts your device out of some benefits that are enabled by
+using the same prefix across systems:
+
+  - Your system won't be able to take advantage of the binary cache
+    (unless someone is able to stand up and support duplicate caching
+    infrastructure), which means you'll spend more time waiting for
+    builds.
+
+  - It's harder to build and deploy packages to Linux systems.
+
+It would also possible (and often requested) to just apply this change
+ecosystem-wide, but it's an intrusive process that has side effects we
+want to avoid for now.
+
+## Use a separate encrypted volume
+
+If you like, you can also add encryption to the recommended approach
+taken by the installer. You can do this by pre-creating an encrypted
+volume before you run the installer--or you can run the installer and
+encrypt the volume it creates later.
+
+In either case, adding encryption to a second volume isn't quite as
+simple as enabling FileVault for your boot volume. Before you dive in,
+there are a few things to weigh:
+
+1.  The additional volume won't be encrypted with your existing
+    FileVault key, so you'll need another mechanism to decrypt the
+    volume.
+
+2.  You can store the password in Keychain to automatically decrypt the
+    volume on boot--but it'll have to wait on Keychain and may not mount
+    before your GUI apps restore. If any of your launchd agents or apps
+    depend on Nix-installed software (for example, if you use a
+    Nix-installed login shell), the restore may fail or break.
+    
+    On a case-by-case basis, you may be able to work around this problem
+    by using `wait4path` to block execution until your executable is
+    available.
+    
+    It's also possible to decrypt and mount the volume earlier with a
+    login hook--but this mechanism appears to be deprecated and its
+    future is unclear.
+
+3.  You can hard-code the password in the clear, so that your store
+    volume can be decrypted before Keychain is available.
+
+If you are comfortable navigating these tradeoffs, you can encrypt the
+volume with something along the lines of:
+
+```console
+$ diskutil apfs enableFileVault /nix -user disk
+```
+
+## Symlink the Nix store to a custom location
+
+Another simple approach is using `/etc/synthetic.conf` to symlink the
+Nix store to the data volume. This option also enables your store to
+share any configured FileVault encryption. Unfortunately, builds that
+resolve the symlink may leak the canonical path or even fail.
+
+Because of these downsides, we can't recommend this approach.
+
+## Notes on the recommended approach
+
+This section goes into a little more detail on the recommended approach.
+You don't need to understand it to run the installer, but it can serve
+as a helpful reference if you run into trouble.
+
+1.  In order to compose user-writable locations into the new read-only
+    system root, Apple introduced a new concept called `firmlinks`,
+    which it describes as a "bi-directional wormhole" between two
+    filesystems. You can see the current firmlinks in
+    `/usr/share/firmlinks`. Unfortunately, firmlinks aren't (currently?)
+    user-configurable.
+    
+    For special cases like NFS mount points or package manager roots,
+    [synthetic.conf(5)](https://developer.apple.com/library/archive/documentation/System/Conceptual/ManPages_iPhoneOS/man5/synthetic.conf.5.html)
+    supports limited user-controlled file-creation (of symlinks, and
+    synthetic empty directories) at `/`. To create a synthetic empty
+    directory for mounting at `/nix`, add the following line to
+    `/etc/synthetic.conf` (create it if necessary):
+    
+        nix
+
+2.  This configuration is applied at boot time, but you can use
+    `apfs.util` to trigger creation (not deletion) of new entries
+    without a reboot:
+    
+    ```console
+    $ /System/Library/Filesystems/apfs.fs/Contents/Resources/apfs.util -B
+    ```
+
+3.  Create the new APFS volume with diskutil:
+    
+    ```console
+    $ sudo diskutil apfs addVolume diskX APFS 'Nix Store' -mountpoint /nix
+    ```
+
+4.  Using `vifs`, add the new mount to `/etc/fstab`. If it doesn't
+    already have other entries, it should look something like:
+    
+        #
+        # Warning - this file should only be modified with vifs(8)
+        #
+        # Failure to do so is unsupported and may be destructive.
+        #
+        LABEL=Nix\040Store /nix apfs rw,nobrowse
+    
+    The nobrowse setting will keep Spotlight from indexing this volume,
+    and keep it from showing up on your desktop.
 
 # Installing a pinned Nix version from a URL
 

doc/manual/src/installation/installing-docker.md

@@ -1,59 +0,0 @@
-# Using Nix within Docker
-
-To run the latest stable release of Nix with Docker run the following command:
-
-```console
-$ docker run -ti nixos/nix
-Unable to find image 'nixos/nix:latest' locally
-latest: Pulling from nixos/nix
-5843afab3874: Pull complete
-b52bf13f109c: Pull complete
-1e2415612aa3: Pull complete
-Digest: sha256:27f6e7f60227e959ee7ece361f75d4844a40e1cc6878b6868fe30140420031ff
-Status: Downloaded newer image for nixos/nix:latest
-35ca4ada6e96:/# nix --version
-nix (Nix) 2.3.12
-35ca4ada6e96:/# exit
-```
-
-# What is included in Nix's Docker image?
-
-The official Docker image is created using `pkgs.dockerTools.buildLayeredImage`
-(and not with `Dockerfile` as it is usual with Docker images). You can still
-base your custom Docker image on it as you would do with any other Docker
-image.
-
-The Docker image is also not based on any other image and includes minimal set
-of runtime dependencies that are required to use Nix:
-
- - pkgs.nix
- - pkgs.bashInteractive
- - pkgs.coreutils-full
- - pkgs.gnutar
- - pkgs.gzip
- - pkgs.gnugrep
- - pkgs.which
- - pkgs.curl
- - pkgs.less
- - pkgs.wget
- - pkgs.man
- - pkgs.cacert.out
- - pkgs.findutils
-
-# Docker image with the latest development version of Nix
-
-To get the latest image that was built by [Hydra](https://hydra.nixos.org) run
-the following command:
-
-```console
-$ curl -L https://hydra.nixos.org/job/nix/master/dockerImage.x86_64-linux/latest/download/1 | docker load
-$ docker run -ti nix:2.5pre20211105
-```
-
-You can also build a Docker image from source yourself:
-
-```console
-$ nix build ./\#hydraJobs.dockerImage.x86_64-linux
-$ docker load -i ./result/image.tar.gz
-$ docker run -ti nix:2.5pre20211105
-```

doc/manual/src/installation/installing-source.md

@@ -1,4 +1,4 @@
 # Installing Nix from Source
 
-If no binary package is available or if you want to hack on Nix, you
-can build Nix from its Git repository.
+If no binary package is available, you can download and compile a source
+distribution.

doc/manual/src/installation/obtaining-source.md

@@ -1,9 +1,14 @@
-# Obtaining the Source
+# Obtaining a Source Distribution
 
-The most recent sources of Nix can be obtained from its [Git
-repository](https://github.com/NixOS/nix). For example, the following
-command will check out the latest revision into a directory called
-`nix`:
+The source tarball of the most recent stable release can be downloaded
+from the [Nix homepage](http://nixos.org/nix/download.html). You can
+also grab the [most recent development
+release](http://hydra.nixos.org/job/nix/master/release/latest-finished#tabs-constituents).
+
+Alternatively, the most recent sources of Nix can be obtained from its
+[Git repository](https://github.com/NixOS/nix). For example, the
+following command will check out the latest revision into a directory
+called `nix`:
 
 ```console
 $ git clone https://github.com/NixOS/nix

doc/manual/src/installation/prerequisites-source.md

@@ -2,8 +2,9 @@
 
   - GNU Autoconf (<https://www.gnu.org/software/autoconf/>) and the
     autoconf-archive macro collection
-    (<https://www.gnu.org/software/autoconf-archive/>). These are
-    needed to run the bootstrap script.
+    (<https://www.gnu.org/software/autoconf-archive/>). These are only
+    needed to run the bootstrap script, and are not necessary if your
+    source distribution came with a pre-built `./configure` script.
 
   - GNU Make.
 
@@ -25,6 +26,15 @@
     available for download from the official repository
     <https://github.com/google/brotli>.
 
+  - The bzip2 compressor program and the `libbz2` library. Thus you must
+    have bzip2 installed, including development headers and libraries.
+    If your distribution does not provide these, you can obtain bzip2
+    from
+    <https://sourceware.org/bzip2/>.
+
+  - `liblzma`, which is provided by XZ Utils. If your distribution does
+    not provide this, you can get it from <https://tukaani.org/xz/>.
+
   - cURL and its library. If your distribution does not provide it, you
     can get it from <https://curl.haxx.se/>.
 
@@ -44,11 +54,6 @@
     obtained from the its repository
     <https://github.com/troglobit/editline>.
 
-  - The `libsodium` library for verifying cryptographic signatures
-    of contents fetched from binary caches.
-    It can be obtained from the official web site
-    <https://libsodium.org>.
-
   - Recent versions of Bison and Flex to build the parser. (This is
     because Nix needs GLR support in Bison and reentrancy support in
     Flex.) For Bison, you need version 2.6, which can be obtained from
@@ -56,18 +61,11 @@
     you need version 2.5.35, which is available on
     [SourceForge](http://lex.sourceforge.net/). Slightly older versions
     may also work, but ancient versions like the ubiquitous 2.5.4a
-    won't.
+    won't. Note that these are only required if you modify the parser or
+    when you are building from the Git repository.
 
   - The `libseccomp` is used to provide syscall filtering on Linux. This
     is an optional dependency and can be disabled passing a
     `--disable-seccomp-sandboxing` option to the `configure` script (Not
     recommended unless your system doesn't support `libseccomp`). To get
     the library, visit <https://github.com/seccomp/libseccomp>.
-
-  - On 64-bit x86 machines only, `libcpuid` library
-    is used to determine which microarchitecture levels are supported
-    (e.g., as whether to have `x86_64-v2-linux` among additional system types).
-    The library is available from its homepage
-    <http://libcpuid.sourceforge.net>.
-    This is an optional dependency and can be disabled
-    by providing a `--disable-cpuid` to the `configure` script.

doc/manual/src/installation/supported-platforms.md

@@ -4,4 +4,4 @@ Nix is currently supported on the following platforms:
 
   - Linux (i686, x86\_64, aarch64).
 
-  - macOS (x86\_64, aarch64).
+  - macOS (x86\_64).

doc/manual/src/introduction.md

@@ -76,7 +76,7 @@ there after an upgrade.  This means that you can _roll back_ to the
 old version:
 
 ```console
-$ nix-env --upgrade -A nixpkgs.some-package
+$ nix-env --upgrade some-packages
 $ nix-env --rollback
 ```
 
@@ -122,12 +122,12 @@ Nix expressions generally describe how to build a package from
 source, so an installation action like
 
 ```console
-$ nix-env --install -A nixpkgs.firefox
+$ nix-env --install firefox
 ```
 
 _could_ cause quite a bit of build activity, as not only Firefox but
 also all its dependencies (all the way up to the C library and the
-compiler) would have to be built, at least if they are not already in the
+compiler) would have to built, at least if they are not already in the
 Nix store.  This is a _source deployment model_.  For most users,
 building from source is not very pleasant as it takes far too long.
 However, Nix can automatically skip building from source and instead

doc/manual/src/package-management/basic-package-mgmt.md

@@ -24,7 +24,7 @@ collection; you could write your own Nix expressions based on Nixpkgs,
 or completely new ones.)
 
 You can manually download the latest version of Nixpkgs from
-<https://github.com/NixOS/nixpkgs>. However, it’s much more
+<http://nixos.org/nixpkgs/download.html>. However, it’s much more
 convenient to use the Nixpkgs [*channel*](channels.md), since it makes
 it easy to stay up to date with new versions of Nixpkgs. Nixpkgs is
 automatically added to your list of “subscribed” channels when you
@@ -40,52 +40,48 @@ $ nix-channel --update
 > 
 > On NixOS, you’re automatically subscribed to a NixOS channel
 > corresponding to your NixOS major release (e.g.
-> <http://nixos.org/channels/nixos-21.11>). A NixOS channel is identical
+> <http://nixos.org/channels/nixos-14.12>). A NixOS channel is identical
 > to the Nixpkgs channel, except that it contains only Linux binaries
 > and is updated only if a set of regression tests succeed.
 
 You can view the set of available packages in Nixpkgs:
 
 ```console
-$ nix-env -qaP
-nixpkgs.aterm                       aterm-2.2
-nixpkgs.bash                        bash-3.0
-nixpkgs.binutils                    binutils-2.15
-nixpkgs.bison                       bison-1.875d
-nixpkgs.blackdown                   blackdown-1.4.2
-nixpkgs.bzip2                       bzip2-1.0.2
+$ nix-env -qa
+aterm-2.2
+bash-3.0
+binutils-2.15
+bison-1.875d
+blackdown-1.4.2
+bzip2-1.0.2
 …
 ```
 
-The flag `-q` specifies a query operation, `-a` means that you want
+The flag `-q` specifies a query operation, and `-a` means that you want
 to show the “available” (i.e., installable) packages, as opposed to the
-installed packages, and `-P` prints the attribute paths that can be used
-to unambiguously select a package for installation (listed in the first column).
-If you downloaded Nixpkgs yourself, or if you checked it out from GitHub,
-then you need to pass the path to your Nixpkgs tree using the `-f` flag:
+installed packages. If you downloaded Nixpkgs yourself, or if you
+checked it out from GitHub, then you need to pass the path to your
+Nixpkgs tree using the `-f` flag:
 
 ```console
-$ nix-env -qaPf /path/to/nixpkgs
-aterm                               aterm-2.2
-bash                                bash-3.0
-…
+$ nix-env -qaf /path/to/nixpkgs
 ```
 
 where */path/to/nixpkgs* is where you’ve unpacked or checked out
 Nixpkgs.
 
-You can filter the packages by name:
+You can select specific packages by name:
 
 ```console
-$ nix-env -qaP firefox
-nixpkgs.firefox-esr                 firefox-91.3.0esr
-nixpkgs.firefox                     firefox-94.0.1
+$ nix-env -qa firefox
+firefox-34.0.5
+firefox-with-plugins-34.0.5
 ```
 
 and using regular expressions:
 
 ```console
-$ nix-env -qaP 'firefox.*'
+$ nix-env -qa 'firefox.*'
 ```
 
 It is also possible to see the *status* of available packages, i.e.,
@@ -93,11 +89,11 @@ whether they are installed into the user environment and/or present in
 the system:
 
 ```console
-$ nix-env -qaPs
+$ nix-env -qas
 …
--PS  nixpkgs.bash                bash-3.0
---S  nixpkgs.binutils            binutils-2.15
-IPS  nixpkgs.bison               bison-1.875d
+-PS bash-3.0
+--S binutils-2.15
+IPS bison-1.875d
 …
 ```
 
@@ -110,13 +106,13 @@ which is Nix’s mechanism for doing binary deployment. It just means that
 Nix knows that it can fetch a pre-built package from somewhere
 (typically a network server) instead of building it locally.
 
-You can install a package using `nix-env -iA`. For instance,
+You can install a package using `nix-env -i`. For instance,
 
 ```console
-$ nix-env -iA nixpkgs.subversion
+$ nix-env -i subversion
 ```
 
-will install the package called `subversion` from `nixpkgs` channel (which is, of course, the
+will install the package called `subversion` (which is, of course, the
 [Subversion version management system](http://subversion.tigris.org/)).
 
 > **Note**
@@ -126,7 +122,7 @@ will install the package called `subversion` from `nixpkgs` channel (which is, o
 > binary cache <https://cache.nixos.org>; it contains binaries for most
 > packages in Nixpkgs. Only if no binary is available in the binary
 > cache, Nix will build the package from source. So if `nix-env
-> -iA nixpkgs.subversion` results in Nix building stuff from source, then either
+> -i subversion` results in Nix building stuff from source, then either
 > the package is not built for your platform by the Nixpkgs build
 > servers, or your version of Nixpkgs is too old or too new. For
 > instance, if you have a very recent checkout of Nixpkgs, then the
@@ -137,10 +133,7 @@ will install the package called `subversion` from `nixpkgs` channel (which is, o
 > using a Git checkout of the Nixpkgs tree), you will get binaries for
 > most packages.
 
-Naturally, packages can also be uninstalled. Unlike when installing, you will
-need to use the derivation name (though the version part can be omitted),
-instead of the attribute path, as `nix-env` does not record which attribute
-was used for installing:
+Naturally, packages can also be uninstalled:
 
 ```console
 $ nix-env -e subversion
@@ -150,7 +143,7 @@ Upgrading to a new version is just as easy. If you have a new release of
 Nix Packages, you can do:
 
 ```console
-$ nix-env -uA nixpkgs.subversion
+$ nix-env -u subversion
 ```
 
 This will *only* upgrade Subversion if there is a “newer” version in the

doc/manual/src/package-management/binary-cache-substituter.md

@@ -9,7 +9,7 @@ The daemon that handles binary cache requests via HTTP, `nix-serve`, is
 not part of the Nix distribution, but you can install it from Nixpkgs:
 
 ```console
-$ nix-env -iA nixpkgs.nix-serve
+$ nix-env -i nix-serve
 ```
 
 You can then start the server, listening for HTTP connections on
@@ -35,7 +35,7 @@ On the client side, you can tell Nix to use your binary cache using
 `--option extra-binary-caches`, e.g.:
 
 ```console
-$ nix-env -iA nixpkgs.firefox --option extra-binary-caches http://avalon:8080/
+$ nix-env -i firefox --option extra-binary-caches http://avalon:8080/
 ```
 
 The option `extra-binary-caches` tells Nix to use this binary cache in

doc/manual/src/package-management/garbage-collection.md

@@ -44,7 +44,7 @@ collector as follows:
 $ nix-store --gc
 ```
 
-The behaviour of the garbage collector is affected by the
+The behaviour of the gargage collector is affected by the
 `keep-derivations` (default: true) and `keep-outputs` (default: false)
 options in the Nix configuration file. The defaults will ensure that all
 derivations that are build-time dependencies of garbage collector roots

doc/manual/src/package-management/profiles.md

@@ -39,7 +39,7 @@ just Subversion 1.1.2 (arrows in the figure indicate symlinks). This
 would be what we would obtain if we had done
 
 ```console
-$ nix-env -iA nixpkgs.subversion
+$ nix-env -i subversion
 ```
 
 on a set of Nix expressions that contained Subversion 1.1.2.
@@ -54,7 +54,7 @@ environment is generated based on the current one. For instance,
 generation 43 was created from generation 42 when we did
 
 ```console
-$ nix-env -iA nixpkgs.subversion nixpkgs.firefox
+$ nix-env -i subversion firefox
 ```
 
 on a set of Nix expressions that contained Firefox and a new version of
@@ -127,7 +127,7 @@ All `nix-env` operations work on the profile pointed to by
 (abbreviation `-p`):
 
 ```console
-$ nix-env -p /nix/var/nix/profiles/other-profile -iA nixpkgs.subversion
+$ nix-env -p /nix/var/nix/profiles/other-profile -i subversion
 ```
 
 This will *not* change the `~/.nix-profile` symlink.

doc/manual/src/package-management/s3-substituter.md

@@ -7,17 +7,17 @@ cache mechanism that Nix usually uses to fetch prebuilt binaries from
 
 The following options can be specified as URL parameters to the S3 URL:
 
-  - `profile`\
+  - `profile`  
     The name of the AWS configuration profile to use. By default Nix
     will use the `default` profile.
 
-  - `region`\
+  - `region`  
     The region of the S3 bucket. `us–east-1` by default.
     
     If your bucket is not in `us–east-1`, you should always explicitly
     specify the region parameter.
 
-  - `endpoint`\
+  - `endpoint`  
     The URL to your S3-compatible service, for when not using Amazon S3.
     Do not specify this value if you're using Amazon S3.
     
@@ -26,7 +26,7 @@ The following options can be specified as URL parameters to the S3 URL:
     > This endpoint must support HTTPS and will use path-based
     > addressing instead of virtual host based addressing.
 
-  - `scheme`\
+  - `scheme`  
     The scheme used for S3 requests, `https` (default) or `http`. This
     option allows you to disable HTTPS for binary caches which don't
     support it.

doc/manual/src/package-management/ssh-substituter.md

@@ -6,7 +6,7 @@ automatically fetching any store paths in Firefox’s closure if they are
 available on the server `avalon`:
 
 ```console
-$ nix-env -iA nixpkgs.firefox --substituters ssh://alice@avalon
+$ nix-env -i firefox --substituters ssh://alice@avalon
 ```
 
 This works similar to the binary cache substituter that Nix usually

doc/manual/src/quick-start.md

@@ -19,19 +19,19 @@ to subsequent chapters.
    channel:
 
    ```console
-   $ nix-env -qaP
-   nixpkgs.docbook_xml_dtd_43                    docbook-xml-4.3
-   nixpkgs.docbook_xml_dtd_45                    docbook-xml-4.5
-   nixpkgs.firefox                               firefox-33.0.2
-   nixpkgs.hello                                 hello-2.9
-   nixpkgs.libxslt                               libxslt-1.1.28
+   $ nix-env -qa
+   docbook-xml-4.3
+   docbook-xml-4.5
+   firefox-33.0.2
+   hello-2.9
+   libxslt-1.1.28
    …
    ```
 
 1. Install some packages from the channel:
 
    ```console
-   $ nix-env -iA nixpkgs.hello
+   $ nix-env -i hello
    ```
 
    This should download pre-built packages; it should not build them

doc/manual/src/release-notes/rl-2.4.md

@@ -1,542 +0,0 @@
-# Release 2.4 (2021-11-01)
-
-This is the first release in more than two years and is the result of
-more than 2800 commits from 195 contributors since release 2.3.
-
-## Highlights
-
-* Nix's **error messages** have been improved a lot. For instance,
-  evaluation errors now point out the location of the error:
-
-  ```
-  $ nix build
-  error: undefined variable 'bzip3'
-
-         at /nix/store/449lv242z0zsgwv95a8124xi11sp419f-source/flake.nix:88:13:
-
-             87|           [ curl
-             88|             bzip3 xz brotli editline
-               |             ^
-             89|             openssl sqlite
-  ```
-
-* The **`nix` command** has seen a lot of work and is now almost at
-  feature parity with the old command-line interface (the `nix-*`
-  commands). It aims to be [more modern, consistent and pleasant to
-  use](../contributing/cli-guideline.md) than the old CLI. It is still
-  marked as experimental but its interface should not change much
-  anymore in future releases.
-
-* **Flakes** are a new format to package Nix-based projects in a more
-  discoverable, composable, consistent and reproducible way. A flake
-  is just a repository or tarball containing a file named `flake.nix`
-  that specifies dependencies on other flakes and returns any Nix
-  assets such as packages, Nixpkgs overlays, NixOS modules or CI
-  tests. The new `nix` CLI is primarily based around flakes; for
-  example, a command like `nix run nixpkgs#hello` runs the `hello`
-  application from the `nixpkgs` flake.
-
-  Flakes are currently marked as experimental. For an introduction,
-  see [this blog
-  post](https://www.tweag.io/blog/2020-05-25-flakes/). For detailed
-  information about flake syntax and semantics, see the [`nix flake`
-  manual page](../command-ref/new-cli/nix3-flake.md).
-
-* Nix's store can now be **content-addressed**, meaning that the hash
-  component of a store path is the hash of the path's
-  contents. Previously Nix could only build **input-addressed** store
-  paths, where the hash is computed from the derivation dependency
-  graph. Content-addressing allows deduplication, early cutoff in
-  build systems, and unprivileged closure copying. This is still [an
-  experimental
-  feature](https://discourse.nixos.org/t/content-addressed-nix-call-for-testers/12881).
-
-* The Nix manual has been converted into Markdown, making it easier to
-  contribute. In addition, every `nix` subcommand now has a manual
-  page, documenting every option.
-
-* A new setting that allows **experimental features** to be enabled
-  selectively. This allows us to merge unstable features into Nix more
-  quickly and do more frequent releases.
-
-## Other features
-
-* There are many new `nix` subcommands:
-
-  - `nix develop` is intended to replace `nix-shell`. It has a number
-    of new features:
-
-    * It automatically sets the output environment variables (such as
-      `$out`) to writable locations (such as `./outputs/out`).
-
-    * It can store the environment in a profile. This is useful for
-      offline work.
-
-    * It can run specific phases directly. For instance, `nix develop
-      --build` runs `buildPhase`.
-
-    - It allows dependencies in the Nix store to be "redirected" to
-      arbitrary directories using the `--redirect` flag. This is
-      useful if you want to hack on a package *and* some of its
-      dependencies at the same time.
-
-  - `nix print-dev-env` prints the environment variables and bash
-    functions defined by a derivation. This is useful for users of
-    other shells than bash (especially with `--json`).
-
-  - `nix shell` was previously named `nix run` and is intended to
-    replace `nix-shell -p`, but without the `stdenv` overhead. It
-    simply starts a shell where some packages have been added to
-    `$PATH`.
-
-  - `nix run` (not to be confused with the old subcommand that has
-    been renamed to `nix shell`) runs an "app", a flake output that
-    specifies a command to run, or an eponymous program from a
-    package. For example, `nix run nixpkgs#hello` runs the `hello`
-    program from the `hello` package in `nixpkgs`.
-
-  - `nix flake` is the container for flake-related operations, such as
-    creating a new flake, querying the contents of a flake or updating
-    flake lock files.
-
-  - `nix registry` allows you to query and update the flake registry,
-    which maps identifiers such as `nixpkgs` to concrete flake URLs.
-
-  - `nix profile` is intended to replace `nix-env`. Its main advantage
-    is that it keeps track of the provenance of installed packages
-    (e.g. exactly which flake version a package came from). It also
-    has some helpful subcommands:
-
-    * `nix profile history` shows what packages were added, upgraded
-      or removed between each version of a profile.
-
-    * `nix profile diff-closures` shows the changes between the
-      closures of each version of a profile. This allows you to
-      discover the addition or removal of dependencies or size
-      changes.
-
-    **Warning**: after a profile has been updated using `nix profile`,
-    it is no longer usable with `nix-env`.
-
-  - `nix store diff-closures` shows the differences between the
-    closures of two store paths in terms of the versions and sizes of
-    dependencies in the closures.
-
-  - `nix store make-content-addressable` rewrites an arbitrary closure
-    to make it content-addressed. Such paths can be copied into other
-    stores without requiring signatures.
-
-  - `nix bundle` uses the [`nix-bundle`
-    program](https://github.com/matthewbauer/nix-bundle) to convert a
-    closure into a self-extracting executable.
-
-  - Various other replacements for the old CLI, e.g. `nix store gc`,
-    `nix store delete`, `nix store repair`, `nix nar dump-path`, `nix
-    store prefetch-file`, `nix store prefetch-tarball`, `nix key` and
-    `nix daemon`.
-
-* Nix now has an **evaluation cache** for flake outputs. For example,
-  a second invocation of the command `nix run nixpkgs#firefox` will
-  not need to evaluate the `firefox` attribute because it's already in
-  the evaluation cache. This is made possible by the hermetic
-  evaluation model of flakes.
-
-* The new `--offline` flag disables substituters and causes all
-  locally cached tarballs and repositories to be considered
-  up-to-date.
-
-* The new `--refresh` flag causes all locally cached tarballs and
-  repositories to be considered out-of-date.
-
-* Many `nix` subcommands now have a `--json` option to produce
-  machine-readable output.
-
-* `nix repl` has a new `:doc` command to show documentation about
-  builtin functions (e.g. `:doc builtins.map`).
-
-* Binary cache stores now have an option `index-debug-info` to create
-  an index of DWARF debuginfo files for use by
-  [`dwarffs`](https://github.com/edolstra/dwarffs).
-
-* To support flakes, Nix now has an extensible mechanism for fetching
-  source trees. Currently it has the following backends:
-
-  * Git repositories
-
-  * Mercurial repositories
-
-  * GitHub and GitLab repositories (an optimisation for faster
-    fetching than Git)
-
-  * Tarballs
-
-  * Arbitrary directories
-
-  The fetcher infrastructure is exposed via flake input specifications
-  and via the `fetchTree` built-in.
-
-* **Languages changes**: the only new language feature is that you can
-  now have antiquotations in paths, e.g. `./${foo}` instead of `./. +
-  foo`.
-
-* **New built-in functions**:
-
-  - `builtins.fetchTree` allows fetching a source tree using any
-    backends supported by the fetcher infrastructure. It subsumes the
-    functionality of existing built-ins like `fetchGit`,
-    `fetchMercurial` and `fetchTarball`.
-
-  - `builtins.getFlake` fetches a flake and returns its output
-    attributes. This function should not be used inside flakes! Use
-    flake inputs instead.
-
-  - `builtins.floor` and `builtins.ceil` round a floating-point number
-    down and up, respectively.
-
-* Experimental support for recursive Nix. This means that Nix
-  derivations can now call Nix to build other derivations. This is not
-  in a stable state yet and not well
-  [documented](https://github.com/NixOS/nix/commit/c4d7c76b641d82b2696fef73ce0ac160043c18da).
-
-* The new experimental feature `no-url-literals` disables URL
-  literals. This helps to implement [RFC
-  45](https://github.com/NixOS/rfcs/pull/45).
-
-* Nix now uses `libarchive` to decompress and unpack tarballs and zip
-  files, so `tar` is no longer required.
-
-* The priority of substituters can now be overridden using the
-  `priority` substituter setting (e.g. `--substituters
-  'http://cache.nixos.org?priority=100 daemon?priority=10'`).
-
-* `nix edit` now supports non-derivation attributes, e.g. `nix edit
-  .#nixosConfigurations.bla`.
-
-* The `nix` command now provides command line completion for `bash`,
-  `zsh` and `fish`. Since the support for getting completions is built
-  into `nix`, it's easy to add support for other shells.
-
-* The new `--log-format` flag selects what Nix's output looks like. It
-  defaults to a terse progress indicator. There is a new
-  `internal-json` output format for use by other programs.
-
-* `nix eval` has a new `--apply` flag that applies a function to the
-  evaluation result.
-
-* `nix eval` has a new `--write-to` flag that allows it to write a
-  nested attribute set of string leaves to a corresponding directory
-  tree.
-
-* Memory improvements: many operations that add paths to the store or
-  copy paths between stores now run in constant memory.
-
-* Many `nix` commands now support the flag `--derivation` to operate
-  on a `.drv` file itself instead of its outputs.
-
-* There is a new store called `dummy://` that does not support
-  building or adding paths. This is useful if you want to use the Nix
-  evaluator but don't have a Nix store.
-
-* The `ssh-ng://` store now allows substituting paths on the remote,
-  as `ssh://` already did.
-
-* When auto-calling a function with an ellipsis, all arguments are now
-  passed.
-
-* New `nix-shell` features:
-
-  - It preserves the `PS1` environment variable if
-    `NIX_SHELL_PRESERVE_PROMPT` is set.
-
-  - With `-p`, it passes any `--arg`s as Nixpkgs arguments.
-
-  - Support for structured attributes.
-
-* `nix-prefetch-url` has a new `--executable` flag.
-
-* On `x86_64` systems, [`x86_64` microarchitecture
-  levels](https://lwn.net/Articles/844831/) are mapped to additional
-  system types (e.g. `x86_64-v1-linux`).
-
-* The new `--eval-store` flag allows you to use a different store for
-  evaluation than for building or storing the build result. This is
-  primarily useful when you want to query whether something exists in
-  a read-only store, such as a binary cache:
-
-  ```
-  # nix path-info --json --store https://cache.nixos.org \
-    --eval-store auto nixpkgs#hello
-  ```
-
-  (Here `auto` indicates the local store.)
-
-* The Nix daemon has a new low-latency mechanism for copying
-  closures. This is useful when building on remote stores such as
-  `ssh-ng://`.
-
-* Plugins can now register `nix` subcommands.
-
-* The `--indirect` flag to `nix-store --add-root` has become a no-op.
-  `--add-root` will always generate indirect GC roots from now on.
-
-## Incompatible changes
-
-* The `nix` command is now marked as an experimental feature. This
-  means that you need to add
-
-  ```
-  experimental-features = nix-command
-  ```
-
-  to your `nix.conf` if you want to use it, or pass
-  `--extra-experimental-features nix-command` on the command line.
-
-* The `nix` command no longer has a syntax for referring to packages
-  in a channel. This means that the following no longer works:
-
-  ```console
-  nix build nixpkgs.hello # Nix 2.3
-  ```
-
-  Instead, you can either use the `#` syntax to select a package from
-  a flake, e.g.
-
-  ```console
-  nix build nixpkgs#hello
-  ```
-
-  Or, if you want to use the `nixpkgs` channel in the `NIX_PATH`
-  environment variable:
-
-  ```console
-  nix build -f '<nixpkgs>' hello
-  ```
-
-* The old `nix run` has been renamed to `nix shell`, while there is a
-  new `nix run` that runs a default command. So instead of
-
-  ```console
-  nix run nixpkgs.hello -c hello # Nix 2.3
-  ```
-
-  you should use
-
-  ```console
-  nix shell nixpkgs#hello -c hello
-  ```
-
-  or just
-
-  ```console
-  nix run nixpkgs#hello
-  ```
-
-  if the command you want to run has the same name as the package.
-
-* It is now an error to modify the `plugin-files` setting via a
-  command-line flag that appears after the first non-flag argument to
-  any command, including a subcommand to `nix`. For example,
-  `nix-instantiate default.nix --plugin-files ""` must now become
-  `nix-instantiate --plugin-files "" default.nix`.
-
-* We no longer release source tarballs. If you want to build from
-  source, please build from the tags in the Git repository.
-
-## Contributors
-
-This release has contributions from
-Adam Höse,
-Albert Safin,
-Alex Kovar,
-Alex Zero,
-Alexander Bantyev,
-Alexandre Esteves,
-Alyssa Ross,
-Anatole Lucet,
-Anders Kaseorg,
-Andreas Rammhold,
-Antoine Eiche,
-Antoine Martin,
-Arnout Engelen,
-Arthur Gautier,
-aszlig,
-Ben Burdette,
-Benjamin Hipple,
-Bernardo Meurer,
-Björn Gohla,
-Bjørn Forsman,
-Bob van der Linden,
-Brian Leung,
-Brian McKenna,
-Brian Wignall,
-Bruce Toll,
-Bryan Richter,
-Calle Rosenquist,
-Calvin Loncaric,
-Carlo Nucera,
-Carlos D'Agostino,
-Chaz Schlarp,
-Christian Höppner,
-Christian Kampka,
-Chua Hou,
-Chuck,
-Cole Helbling,
-Daiderd Jordan,
-Dan Callahan,
-Dani,
-Daniel Fitzpatrick,
-Danila Fedorin,
-Daniël de Kok,
-Danny Bautista,
-DavHau,
-David McFarland,
-Dima,
-Domen Kožar,
-Dominik Schrempf,
-Dominique Martinet,
-dramforever,
-Dustin DeWeese,
-edef,
-Eelco Dolstra,
-Ellie Hermaszewska,
-Emilio Karakey,
-Emily,
-Eric Culp,
-Ersin Akinci,
-Fabian Möller,
-Farid Zakaria,
-Federico Pellegrin,
-Finn Behrens,
-Florian Franzen,
-Félix Baylac-Jacqué,
-Gabriella Gonzalez,
-Geoff Reedy,
-Georges Dubus,
-Graham Christensen,
-Greg Hale,
-Greg Price,
-Gregor Kleen,
-Gregory Hale,
-Griffin Smith,
-Guillaume Bouchard,
-Harald van Dijk,
-illustris,
-Ivan Zvonimir Horvat,
-Jade,
-Jake Waksbaum,
-jakobrs,
-James Ottaway,
-Jan Tojnar,
-Janne Heß,
-Jaroslavas Pocepko,
-Jarrett Keifer,
-Jeremy Schlatter,
-Joachim Breitner,
-Joe Pea,
-John Ericson,
-Jonathan Ringer,
-Josef Kemetmüller,
-Joseph Lucas,
-Jude Taylor,
-Julian Stecklina,
-Julien Tanguy,
-Jörg Thalheim,
-Kai Wohlfahrt,
-keke,
-Keshav Kini,
-Kevin Quick,
-Kevin Stock,
-Kjetil Orbekk,
-Krzysztof Gogolewski,
-kvtb,
-Lars Mühmel,
-Leonhard Markert,
-Lily Ballard,
-Linus Heckemann,
-Lorenzo Manacorda,
-Lucas Desgouilles,
-Lucas Franceschino,
-Lucas Hoffmann,
-Luke Granger-Brown,
-Madeline Haraj,
-Marwan Aljubeh,
-Mat Marini,
-Mateusz Piotrowski,
-Matthew Bauer,
-Matthew Kenigsberg,
-Mauricio Scheffer,
-Maximilian Bosch,
-Michael Adler,
-Michael Bishop,
-Michael Fellinger,
-Michael Forney,
-Michael Reilly,
-mlatus,
-Mykola Orliuk,
-Nathan van Doorn,
-Naïm Favier,
-ng0,
-Nick Van den Broeck,
-Nicolas Stig124 Formichella,
-Niels Egberts,
-Niklas Hambüchen,
-Nikola Knezevic,
-oxalica,
-p01arst0rm,
-Pamplemousse,
-Patrick Hilhorst,
-Paul Opiyo,
-Pavol Rusnak,
-Peter Kolloch,
-Philipp Bartsch,
-Philipp Middendorf,
-Piotr Szubiakowski,
-Profpatsch,
-Puck Meerburg,
-Ricardo M. Correia,
-Rickard Nilsson,
-Robert Hensing,
-Robin Gloster,
-Rodrigo,
-Rok Garbas,
-Ronnie Ebrin,
-Rovanion Luckey,
-Ryan Burns,
-Ryan Mulligan,
-Ryne Everett,
-Sam Doshi,
-Sam Lidder,
-Samir Talwar,
-Samuel Dionne-Riel,
-Sebastian Ullrich,
-Sergei Trofimovich,
-Sevan Janiyan,
-Shao Cheng,
-Shea Levy,
-Silvan Mosberger,
-Stefan Frijters,
-Stefan Jaax,
-sternenseemann,
-Steven Shaw,
-Stéphan Kochen,
-SuperSandro2000,
-Suraj Barkale,
-Taeer Bar-Yam,
-Thomas Churchman,
-Théophane Hufschmitt,
-Timothy DeHerrera,
-Timothy Klim,
-Tobias Möst,
-Tobias Pflug,
-Tom Bereknyei,
-Travis A. Everett,
-Ujjwal Jain,
-Vladimír Čunát,
-Wil Taylor,
-Will Dietz,
-Yaroslav Bolyukin,
-Yestin L. Harrison,
-YI,
-Yorick van Pelt,
-Yuriy Taraday and
-zimbatm.

doc/manual/src/release-notes/rl-2.5.md

@@ -1,16 +0,0 @@
-# Release 2.5 (2021-12-13)
-
-* The garbage collector no longer blocks new builds, so the message
-  `waiting for the big garbage collector lock...` is a thing of the
-  past.
-
-* Binary cache stores now have a setting `compression-level`.
-
-* `nix develop` now has a flag `--unpack` to run `unpackPhase`.
-
-* Lists can now be compared lexicographically using the `<` operator.
-
-* New built-in function: `builtins.groupBy`, with the same functionality as
-  Nixpkgs' `lib.groupBy`, but faster.
-
-* `nix repl` now has a `:log` command.

doc/manual/src/release-notes/rl-2.6.md

@@ -1,21 +0,0 @@
-# Release 2.6 (2022-01-24)
-
-* The Nix CLI now searches for a `flake.nix` up until the root of the current
-  Git repository or a filesystem boundary rather than just in the current
-  directory.
-* The TOML parser used by `builtins.fromTOML` has been replaced by [a
-  more compliant one](https://github.com/ToruNiina/toml11).
-* Added `:st`/`:show-trace` commands to `nix repl`, which are used to
-  set or toggle display of error traces.
-* New builtin function `builtins.zipAttrsWith` with the same
-  functionality as `lib.zipAttrsWith` from Nixpkgs, but much more
-  efficient.
-* New command `nix store copy-log` to copy build logs from one store
-  to another.
-* The `commit-lockfile-summary` option can be set to a non-empty
-  string to override the commit summary used when commiting an updated
-  lockfile.  This may be used in conjunction with the `nixConfig`
-  attribute in `flake.nix` to better conform to repository
-  conventions.
-* `docker run -ti nixos/nix:master` will place you in the Docker
-  container with the latest version of Nix from the `master` branch.

doc/manual/src/release-notes/rl-2.7.md

@@ -1,33 +0,0 @@
-# Release 2.7 (2022-03-07)
-
-* Nix will now make some helpful suggestions when you mistype
-  something on the command line. For instance, if you type `nix build
-  nixpkgs#thunderbrd`, it will suggest `thunderbird`.
-
-* A number of "default" flake output attributes have been
-  renamed. These are:
-
-  * `defaultPackage.<system>` → `packages.<system>.default`
-  * `defaultApps.<system>` → `apps.<system>.default`
-  * `defaultTemplate` → `templates.default`
-  * `defaultBundler.<system>` → `bundlers.<system>.default`
-  * `overlay` → `overlays.default`
-  * `devShell.<system>` → `devShells.<system>.default`
-
-  The old flake output attributes still work, but `nix flake check`
-  will warn about them.
-
-* Breaking API change: `nix bundle` now supports bundlers of the form
-  `bundler.<system>.<name>= derivation: another-derivation;`. This
-  supports additional functionality to inspect evaluation information
-  during bundling. A new
-  [repository](https://github.com/NixOS/bundlers) has various bundlers
-  implemented.
-
-* `nix store ping` now reports the version of the remote Nix daemon.
-
-* `nix flake {init,new}` now display information about which files have been
-  created.
-
-* Templates can now define a `welcomeText` attribute, which is printed out by
-  `nix flake {init,new} --template <template>`.

doc/manual/src/release-notes/rl-2.8.md

@@ -1,53 +0,0 @@
-# Release 2.8 (2022-04-19)
-
-* New experimental command: `nix fmt`, which applies a formatter
-  defined by the `formatter.<system>` flake output to the Nix
-  expressions in a flake.
-
-* Various Nix commands can now read expressions from standard input
-  using `--file -`.
-
-* New experimental builtin function `builtins.fetchClosure` that
-  copies a closure from a binary cache at evaluation time and rewrites
-  it to content-addressed form (if it isn't already). Like
-  `builtins.storePath`, this allows importing pre-built store paths;
-  the difference is that it doesn't require the user to configure
-  binary caches and trusted public keys.
-
-  This function is only available if you enable the experimental
-  feature `fetch-closure`.
-
-* New experimental feature: *impure derivations*. These are
-  derivations that can produce a different result every time they're
-  built. Here is an example:
-
-  ```nix
-  stdenv.mkDerivation {
-    name = "impure";
-    __impure = true; # marks this derivation as impure
-    buildCommand = "date > $out";
-  }
-  ```
-
-  Running `nix build` twice on this expression will build the
-  derivation twice, producing two different content-addressed store
-  paths. Like fixed-output derivations, impure derivations have access
-  to the network. Only fixed-output derivations and impure derivations
-  can depend on an impure derivation.
-
-* `nix store make-content-addressable` has been renamed to `nix store
-  make-content-addressed`.
-
-* The `nixosModule` flake output attribute has been renamed consistent
-  with the `.default` renames in Nix 2.7.
-
-  * `nixosModule` → `nixosModules.default`
-
-  As before, the old output will continue to work, but `nix flake check` will
-  issue a warning about it.
-
-* `nix run` is now stricter in what it accepts: members of the `apps`
-  flake output are now required to be apps (as defined in [the
-  manual](https://nixos.org/manual/nix/stable/command-ref/new-cli/nix3-run.html#apps)),
-  and members of `packages` or `legacyPackages` must be derivations
-  (not apps).

doc/manual/src/release-notes/rl-2.9.md

@@ -1,47 +0,0 @@
-# Release 2.9 (2022-05-30)
-
-* Running Nix with the new `--debugger` flag will cause it to start a
-  repl session if if an exception is thrown during evaluation, or if
-  `builtins.break` is called.  From there you can inspect the values
-  of variables and evaluate Nix expressions.  In debug mode, the
-  following new repl commands are available:
-
-  ```
-  :env          Show env stack
-  :bt           Show trace stack
-  :st           Show current trace
-  :st <idx>     Change to another trace in the stack
-  :c            Go until end of program, exception, or builtins.break().
-  :s            Go one step
-  ```
-
-  Read more about the debugger
-  [here](https://www.zknotes.com/note/5970).
-
-* Nix now provides better integration with zsh's `run-help`
-  feature. It is now included in the Nix installation in the form of
-  an autoloadable shell function, `run-help-nix`. It picks up Nix
-  subcommands from the currently typed in command and directs the user
-  to the associated man pages.
-
-* `nix repl` has a new build-and-link (`:bl`) command that builds a
-  derivation while creating GC root symlinks.
-
-* The path produced by `builtins.toFile` is now allowed to be imported
-  or read even with restricted evaluation. Note that this will not
-  work with a read-only store.
-
-* `nix build` has a new `--print-out-paths` flag to print the
-  resulting output paths.  This matches the default behaviour of
-  `nix-build`.
-
-* You can now specify which outputs of a derivation `nix` should
-  operate on using the syntax `installable^outputs`,
-  e.g. `nixpkgs#glibc^dev,static` or `nixpkgs#glibc^*`. By default,
-  `nix` will use the outputs specified by the derivation's
-  `meta.outputsToInstall` attribute if it exists, or all outputs
-  otherwise.
-
-* `builtins.fetchTree` (and flake inputs) can now be used to fetch
-  plain files over the `http(s)` and `file` protocols in addition to
-  directory tarballs.

doc/manual/src/release-notes/rl-next.md

@@ -1 +0,0 @@
-# Release X.Y (202?-??-??)

docker.nix

@@ -1,265 +0,0 @@
-{ pkgs ? import <nixpkgs> { }
-, lib ? pkgs.lib
-, name ? "nix"
-, tag ? "latest"
-, channelName ? "nixpkgs"
-, channelURL ? "https://nixos.org/channels/nixpkgs-unstable"
-}:
-let
-  defaultPkgs = with pkgs; [
-    nix
-    bashInteractive
-    coreutils-full
-    gnutar
-    gzip
-    gnugrep
-    which
-    curl
-    less
-    wget
-    man
-    cacert.out
-    findutils
-    iana-etc
-    git
-    openssh
-  ];
-
-  users = {
-
-    root = {
-      uid = 0;
-      shell = "/bin/bash";
-      home = "/root";
-      gid = 0;
-    };
-
-  } // lib.listToAttrs (
-    map
-      (
-        n: {
-          name = "nixbld${toString n}";
-          value = {
-            uid = 30000 + n;
-            gid = 30000;
-            groups = [ "nixbld" ];
-            description = "Nix build user ${toString n}";
-          };
-        }
-      )
-      (lib.lists.range 1 32)
-  );
-
-  groups = {
-    root.gid = 0;
-    nixbld.gid = 30000;
-  };
-
-  userToPasswd = (
-    k:
-    { uid
-    , gid ? 65534
-    , home ? "/var/empty"
-    , description ? ""
-    , shell ? "/bin/false"
-    , groups ? [ ]
-    }: "${k}:x:${toString uid}:${toString gid}:${description}:${home}:${shell}"
-  );
-  passwdContents = (
-    lib.concatStringsSep "\n"
-      (lib.attrValues (lib.mapAttrs userToPasswd users))
-  );
-
-  userToShadow = k: { ... }: "${k}:!:1::::::";
-  shadowContents = (
-    lib.concatStringsSep "\n"
-      (lib.attrValues (lib.mapAttrs userToShadow users))
-  );
-
-  # Map groups to members
-  # {
-  #   group = [ "user1" "user2" ];
-  # }
-  groupMemberMap = (
-    let
-      # Create a flat list of user/group mappings
-      mappings = (
-        builtins.foldl'
-          (
-            acc: user:
-              let
-                groups = users.${user}.groups or [ ];
-              in
-              acc ++ map
-                (group: {
-                  inherit user group;
-                })
-                groups
-          )
-          [ ]
-          (lib.attrNames users)
-      );
-    in
-    (
-      builtins.foldl'
-        (
-          acc: v: acc // {
-            ${v.group} = acc.${v.group} or [ ] ++ [ v.user ];
-          }
-        )
-        { }
-        mappings)
-  );
-
-  groupToGroup = k: { gid }:
-    let
-      members = groupMemberMap.${k} or [ ];
-    in
-    "${k}:x:${toString gid}:${lib.concatStringsSep "," members}";
-  groupContents = (
-    lib.concatStringsSep "\n"
-      (lib.attrValues (lib.mapAttrs groupToGroup groups))
-  );
-
-  nixConf = {
-    sandbox = "false";
-    build-users-group = "nixbld";
-    trusted-public-keys = "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=";
-  };
-  nixConfContents = (lib.concatStringsSep "\n" (lib.mapAttrsFlatten (n: v: "${n} = ${v}") nixConf)) + "\n";
-
-  baseSystem =
-    let
-      nixpkgs = pkgs.path;
-      channel = pkgs.runCommand "channel-nixos" { } ''
-        mkdir $out
-        ln -s ${nixpkgs} $out/nixpkgs
-        echo "[]" > $out/manifest.nix
-      '';
-      rootEnv = pkgs.buildPackages.buildEnv {
-        name = "root-profile-env";
-        paths = defaultPkgs;
-      };
-      manifest = pkgs.buildPackages.runCommand "manifest.nix" { } ''
-        cat > $out <<EOF
-        [
-        ${lib.concatStringsSep "\n" (builtins.map (drv: let
-          outputs = drv.outputsToInstall or [ "out" ];
-        in ''
-          {
-            ${lib.concatStringsSep "\n" (builtins.map (output: ''
-              ${output} = { outPath = "${lib.getOutput output drv}"; };
-            '') outputs)}
-            outputs = [ ${lib.concatStringsSep " " (builtins.map (x: "\"${x}\"") outputs)} ];
-            name = "${drv.name}";
-            outPath = "${drv}";
-            system = "${drv.system}";
-            type = "derivation";
-            meta = { };
-          }
-        '') defaultPkgs)}
-        ]
-        EOF
-      '';
-      profile = pkgs.buildPackages.runCommand "user-environment" { } ''
-        mkdir $out
-        cp -a ${rootEnv}/* $out/
-        ln -s ${manifest} $out/manifest.nix
-      '';
-    in
-    pkgs.runCommand "base-system"
-      {
-        inherit passwdContents groupContents shadowContents nixConfContents;
-        passAsFile = [
-          "passwdContents"
-          "groupContents"
-          "shadowContents"
-          "nixConfContents"
-        ];
-        allowSubstitutes = false;
-        preferLocalBuild = true;
-      } ''
-      env
-      set -x
-      mkdir -p $out/etc
-
-      mkdir -p $out/etc/ssl/certs
-      ln -s /nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt $out/etc/ssl/certs
-
-      cat $passwdContentsPath > $out/etc/passwd
-      echo "" >> $out/etc/passwd
-
-      cat $groupContentsPath > $out/etc/group
-      echo "" >> $out/etc/group
-
-      cat $shadowContentsPath > $out/etc/shadow
-      echo "" >> $out/etc/shadow
-
-      mkdir -p $out/usr
-      ln -s /nix/var/nix/profiles/share $out/usr/
-
-      mkdir -p $out/nix/var/nix/gcroots
-
-      mkdir $out/tmp
-
-      mkdir -p $out/var/tmp
-
-      mkdir -p $out/etc/nix
-      cat $nixConfContentsPath > $out/etc/nix/nix.conf
-
-      mkdir -p $out/root
-      mkdir -p $out/nix/var/nix/profiles/per-user/root
-
-      ln -s ${profile} $out/nix/var/nix/profiles/default-1-link
-      ln -s $out/nix/var/nix/profiles/default-1-link $out/nix/var/nix/profiles/default
-      ln -s /nix/var/nix/profiles/default $out/root/.nix-profile
-
-      ln -s ${channel} $out/nix/var/nix/profiles/per-user/root/channels-1-link
-      ln -s $out/nix/var/nix/profiles/per-user/root/channels-1-link $out/nix/var/nix/profiles/per-user/root/channels
-
-      mkdir -p $out/root/.nix-defexpr
-      ln -s $out/nix/var/nix/profiles/per-user/root/channels $out/root/.nix-defexpr/channels
-      echo "${channelURL} ${channelName}" > $out/root/.nix-channels
-
-      mkdir -p $out/bin $out/usr/bin
-      ln -s ${pkgs.coreutils}/bin/env $out/usr/bin/env
-      ln -s ${pkgs.bashInteractive}/bin/bash $out/bin/sh
-    '';
-
-in
-pkgs.dockerTools.buildLayeredImageWithNixDb {
-
-  inherit name tag;
-
-  contents = [ baseSystem ];
-
-  extraCommands = ''
-    rm -rf nix-support
-    ln -s /nix/var/nix/profiles nix/var/nix/gcroots/profiles
-  '';
-  fakeRootCommands = ''
-    chmod 1777 tmp
-    chmod 1777 var/tmp
-  '';
-
-  config = {
-    Cmd = [ "/root/.nix-profile/bin/bash" ];
-    Env = [
-      "USER=root"
-      "PATH=${lib.concatStringsSep ":" [
-        "/root/.nix-profile/bin"
-        "/nix/var/nix/profiles/default/bin"
-        "/nix/var/nix/profiles/default/sbin"
-      ]}"
-      "MANPATH=${lib.concatStringsSep ":" [
-        "/root/.nix-profile/share/man"
-        "/nix/var/nix/profiles/default/share/man"
-      ]}"
-      "SSL_CERT_FILE=/nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt"
-      "GIT_SSL_CAINFO=/nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt"
-      "NIX_SSL_CERT_FILE=/nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt"
-      "NIX_PATH=/nix/var/nix/profiles/per-user/root/channels:/root/.nix-defexpr/channels"
-    ];
-  };
-
-}

flake.lock

@@ -1,56 +1,23 @@
 {
   "nodes": {
-    "lowdown-src": {
-      "flake": false,
-      "locked": {
-        "lastModified": 1633514407,
-        "narHash": "sha256-Dw32tiMjdK9t3ETl5fzGrutQTzh2rufgZV4A/BbxuD4=",
-        "owner": "kristapsdz",
-        "repo": "lowdown",
-        "rev": "d2c2b44ff6c27b936ec27358a2653caaef8f73b8",
-        "type": "github"
-      },
-      "original": {
-        "owner": "kristapsdz",
-        "repo": "lowdown",
-        "type": "github"
-      }
-    },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1645296114,
-        "narHash": "sha256-y53N7TyIkXsjMpOG7RhvqJFGDacLs9HlyHeSTBioqYU=",
+        "lastModified": 1602702596,
+        "narHash": "sha256-fqJ4UgOb4ZUnCDIapDb4gCrtAah5Rnr2/At3IzMitig=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "530a53dcbc9437363471167a5e4762c5fcfa34a1",
+        "rev": "ad0d20345219790533ebe06571f82ed6b034db31",
         "type": "github"
       },
       "original": {
         "id": "nixpkgs",
-        "ref": "nixos-21.05-small",
-        "type": "indirect"
-      }
-    },
-    "nixpkgs-regression": {
-      "locked": {
-        "lastModified": 1643052045,
-        "narHash": "sha256-uGJ0VXIhWKGXxkeNnq4TvV3CIOkUJ3PAoLZ3HMzNVMw=",
-        "owner": "NixOS",
-        "repo": "nixpkgs",
-        "rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2",
-        "type": "github"
-      },
-      "original": {
-        "id": "nixpkgs",
-        "rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2",
+        "ref": "nixos-20.09-small",
         "type": "indirect"
       }
     },
     "root": {
       "inputs": {
-        "lowdown-src": "lowdown-src",
-        "nixpkgs": "nixpkgs",
-        "nixpkgs-regression": "nixpkgs-regression"
+        "nixpkgs": "nixpkgs"
       }
     }
   },

flake.nix

@@ -1,11 +1,10 @@
 {
   description = "The purely functional package manager";
 
-  inputs.nixpkgs.url = "nixpkgs/nixos-21.05-small";
-  inputs.nixpkgs-regression.url = "nixpkgs/215d4d0fd80ca5163643b03a33fde804a29cc1e2";
-  inputs.lowdown-src = { url = "github:kristapsdz/lowdown"; flake = false; };
+  inputs.nixpkgs.url = "nixpkgs/nixos-20.09-small";
+  #inputs.lowdown-src = { url = "github:kristapsdz/lowdown"; flake = false; };
 
-  outputs = { self, nixpkgs, nixpkgs-regression, lowdown-src }:
+  outputs = { self, nixpkgs }:
 
     let
 
@@ -15,44 +14,21 @@
         then ""
         else "pre${builtins.substring 0 8 (self.lastModifiedDate or self.lastModified or "19700101")}_${self.shortRev or "dirty"}";
 
-      officialRelease = true;
+      officialRelease = false;
 
       linux64BitSystems = [ "x86_64-linux" "aarch64-linux" ];
       linuxSystems = linux64BitSystems ++ [ "i686-linux" ];
-      systems = linuxSystems ++ [ "x86_64-darwin" "aarch64-darwin" ];
-
-      crossSystems = [ "armv6l-linux" "armv7l-linux" ];
-
-      stdenvs = [ "gccStdenv" "clangStdenv" "clang11Stdenv" "stdenv" "libcxxStdenv" ];
+      systems = linuxSystems ++ [ "x86_64-darwin" ];
 
       forAllSystems = f: nixpkgs.lib.genAttrs systems (system: f system);
-      forAllSystemsAndStdenvs = f: forAllSystems (system:
-        nixpkgs.lib.listToAttrs
-          (map
-            (n:
-            nixpkgs.lib.nameValuePair "${n}Packages" (
-              f system n
-            )) stdenvs
-          )
-      );
-
-      forAllStdenvs = stdenvs: f: nixpkgs.lib.genAttrs stdenvs (stdenv: f stdenv);
 
       # Memoize nixpkgs for different platforms for efficiency.
-      nixpkgsFor =
-        let stdenvsPackages = forAllSystemsAndStdenvs
-          (system: stdenv:
-            import nixpkgs {
-              inherit system;
-              overlays = [
-                (overlayFor (p: p.${stdenv}))
-              ];
-            }
-          );
-        in
-        # Add the `stdenvPackages` at toplevel, both because these are the ones
-        # we want most of the time and for backwards compatibility
-        forAllSystems (system: stdenvsPackages.${system} // stdenvsPackages.${system}.stdenvPackages);
+      nixpkgsFor = forAllSystems (system:
+        import nixpkgs {
+          inherit system;
+          overlays = [ self.overlay ];
+        }
+      );
 
       commonDeps = pkgs: with pkgs; rec {
         # Use "busybox-sandbox-shell" if present,
@@ -83,7 +59,6 @@
 
         configureFlags =
           lib.optionals stdenv.isLinux [
-            "--with-boost=${boost}/lib"
             "--with-sandbox-shell=${sh}/bin/busybox"
             "LDFLAGS=-fuse-ld=gold"
           ];
@@ -93,31 +68,30 @@
           [
             buildPackages.bison
             buildPackages.flex
-            (lib.getBin buildPackages.lowdown-nix)
+            (lib.getBin buildPackages.lowdown)
             buildPackages.mdbook
             buildPackages.autoconf-archive
             buildPackages.autoreconfHook
-            buildPackages.pkg-config
+            buildPackages.pkgconfig
 
             # Tests
             buildPackages.git
-            buildPackages.mercurial # FIXME: remove? only needed for tests
-            buildPackages.jq # Also for custom mdBook preprocessor.
-          ]
-          ++ lib.optionals stdenv.hostPlatform.isLinux [(buildPackages.util-linuxMinimal or buildPackages.utillinuxMinimal)];
+            buildPackages.mercurial
+            buildPackages.jq
+          ];
 
         buildDeps =
           [ curl
-            bzip2 xz brotli editline
+            bzip2 xz brotli zlib editline
             openssl sqlite
             libarchive
             boost
-            lowdown-nix
-            gtest
+            nlohmann_json
+            lowdown
+            gmock
           ]
-          ++ lib.optionals stdenv.isLinux [libseccomp]
-          ++ lib.optional (stdenv.isLinux || stdenv.isDarwin) libsodium
-          ++ lib.optional stdenv.hostPlatform.isx86_64 libcpuid;
+          ++ lib.optionals stdenv.isLinux [libseccomp utillinuxMinimal]
+          ++ lib.optional (stdenv.isLinux || stdenv.isDarwin) libsodium;
 
         awsDeps = lib.optional (stdenv.isLinux || stdenv.isDarwin)
           (aws-sdk-cpp.override {
@@ -126,286 +100,127 @@
           });
 
         propagatedDeps =
-          [ ((boehmgc.override {
-              enableLargeConfig = true;
-            }).overrideAttrs(o: {
-              patches = (o.patches or []) ++ [
-                ./boehmgc-coroutine-sp-fallback.diff
-              ];
-            }))
-            nlohmann_json
+          [ (boehmgc.override { enableLargeConfig = true; })
+          ];
+
+        perlDeps =
+          [ perl
+            perlPackages.DBDSQLite
           ];
       };
 
-      installScriptFor = systems:
-        with nixpkgsFor.x86_64-linux;
-        runCommand "installer-script"
-          { buildInputs = [ nix ];
-          }
-          ''
-            mkdir -p $out/nix-support
-
-            # Converts /nix/store/50p3qk8k...-nix-2.4pre20201102_550e11f/bin/nix to 50p3qk8k.../bin/nix.
-            tarballPath() {
-              # Remove the store prefix
-              local path=''${1#${builtins.storeDir}/}
-              # Get the path relative to the derivation root
-              local rest=''${path#*/}
-              # Get the derivation hash
-              local drvHash=''${path%%-*}
-              echo "$drvHash/$rest"
-            }
-
-            substitute ${./scripts/install.in} $out/install \
-              ${pkgs.lib.concatMapStrings
-                (system: let
-                    tarball = if builtins.elem system crossSystems then self.hydraJobs.binaryTarballCross.x86_64-linux.${system} else self.hydraJobs.binaryTarball.${system};
-                  in '' \
-                  --replace '@tarballHash_${system}@' $(nix --experimental-features nix-command hash-file --base16 --type sha256 ${tarball}/*.tar.xz) \
-                  --replace '@tarballPath_${system}@' $(tarballPath ${tarball}/*.tar.xz) \
-                  ''
-                )
-                systems
-              } --replace '@nixVersion@' ${version}
-
-            echo "file installer $out/install" >> $out/nix-support/hydra-build-products
-          '';
-
-      testNixVersions = pkgs: client: daemon: with commonDeps pkgs; with pkgs.lib; pkgs.stdenv.mkDerivation {
-        NIX_DAEMON_PACKAGE = daemon;
-        NIX_CLIENT_PACKAGE = client;
-        name =
-          "nix-tests"
-          + optionalString
-            (versionAtLeast daemon.version "2.4pre20211005" &&
-             versionAtLeast client.version "2.4pre20211005")
-            "-${client.version}-against-${daemon.version}";
-        inherit version;
-
-        src = self;
-
-        VERSION_SUFFIX = versionSuffix;
-
-        nativeBuildInputs = nativeBuildDeps;
-        buildInputs = buildDeps ++ awsDeps;
-        propagatedBuildInputs = propagatedDeps;
-
-        enableParallelBuilding = true;
-
-        dontBuild = true;
-        doInstallCheck = true;
-
-        installPhase = ''
-          mkdir -p $out
-        '';
-
-        installCheckPhase = "make installcheck -j$NIX_BUILD_CORES -l$NIX_BUILD_CORES";
-      };
-
-      binaryTarball = buildPackages: nix: pkgs:
-        let
-          inherit (pkgs) cacert;
-          installerClosureInfo = buildPackages.closureInfo { rootPaths = [ nix cacert ]; };
-        in
-
-        buildPackages.runCommand "nix-binary-tarball-${version}"
-          { #nativeBuildInputs = lib.optional (system != "aarch64-linux") shellcheck;
-            meta.description = "Distribution-independent Nix bootstrap binaries for ${pkgs.system}";
-          }
-          ''
-            cp ${installerClosureInfo}/registration $TMPDIR/reginfo
-            cp ${./scripts/create-darwin-volume.sh} $TMPDIR/create-darwin-volume.sh
-            substitute ${./scripts/install-nix-from-closure.sh} $TMPDIR/install \
-              --subst-var-by nix ${nix} \
-              --subst-var-by cacert ${cacert}
-
-            substitute ${./scripts/install-darwin-multi-user.sh} $TMPDIR/install-darwin-multi-user.sh \
-              --subst-var-by nix ${nix} \
-              --subst-var-by cacert ${cacert}
-            substitute ${./scripts/install-systemd-multi-user.sh} $TMPDIR/install-systemd-multi-user.sh \
-              --subst-var-by nix ${nix} \
-              --subst-var-by cacert ${cacert}
-            substitute ${./scripts/install-multi-user.sh} $TMPDIR/install-multi-user \
-              --subst-var-by nix ${nix} \
-              --subst-var-by cacert ${cacert}
-
-            if type -p shellcheck; then
-              # SC1090: Don't worry about not being able to find
-              #         $nix/etc/profile.d/nix.sh
-              shellcheck --exclude SC1090 $TMPDIR/install
-              shellcheck $TMPDIR/create-darwin-volume.sh
-              shellcheck $TMPDIR/install-darwin-multi-user.sh
-              shellcheck $TMPDIR/install-systemd-multi-user.sh
-
-              # SC1091: Don't panic about not being able to source
-              #         /etc/profile
-              # SC2002: Ignore "useless cat" "error", when loading
-              #         .reginfo, as the cat is a much cleaner
-              #         implementation, even though it is "useless"
-              # SC2116: Allow ROOT_HOME=$(echo ~root) for resolving
-              #         root's home directory
-              shellcheck --external-sources \
-                --exclude SC1091,SC2002,SC2116 $TMPDIR/install-multi-user
-            fi
-
-            chmod +x $TMPDIR/install
-            chmod +x $TMPDIR/create-darwin-volume.sh
-            chmod +x $TMPDIR/install-darwin-multi-user.sh
-            chmod +x $TMPDIR/install-systemd-multi-user.sh
-            chmod +x $TMPDIR/install-multi-user
-            dir=nix-${version}-${pkgs.system}
-            fn=$out/$dir.tar.xz
-            mkdir -p $out/nix-support
-            echo "file binary-dist $fn" >> $out/nix-support/hydra-build-products
-            tar cvfJ $fn \
-              --owner=0 --group=0 --mode=u+rw,uga+r \
-              --absolute-names \
-              --hard-dereference \
-              --transform "s,$TMPDIR/install,$dir/install," \
-              --transform "s,$TMPDIR/create-darwin-volume.sh,$dir/create-darwin-volume.sh," \
-              --transform "s,$TMPDIR/reginfo,$dir/.reginfo," \
-              --transform "s,$NIX_STORE,$dir/store,S" \
-              $TMPDIR/install \
-              $TMPDIR/create-darwin-volume.sh \
-              $TMPDIR/install-darwin-multi-user.sh \
-              $TMPDIR/install-systemd-multi-user.sh \
-              $TMPDIR/install-multi-user \
-              $TMPDIR/reginfo \
-              $(cat ${installerClosureInfo}/store-paths)
-          '';
-
-      overlayFor = getStdenv: final: prev:
-        let currentStdenv = getStdenv final; in
-        {
-          nixStable = prev.nix;
-
-          # Forward from the previous stage as we don’t want it to pick the lowdown override
-          nixUnstable = prev.nixUnstable;
-
-          nix = with final; with commonDeps pkgs; currentStdenv.mkDerivation {
-            name = "nix-${version}";
-            inherit version;
-
-            src = self;
-
-            VERSION_SUFFIX = versionSuffix;
-
-            outputs = [ "out" "dev" "doc" ];
-
-            nativeBuildInputs = nativeBuildDeps;
-            buildInputs = buildDeps ++ awsDeps;
-
-            propagatedBuildInputs = propagatedDeps;
-
-            disallowedReferences = [ boost ];
-
-            preConfigure =
-              ''
-                # Copy libboost_context so we don't get all of Boost in our closure.
-                # https://github.com/NixOS/nixpkgs/issues/45462
-                mkdir -p $out/lib
-                cp -pd ${boost}/lib/{libboost_context*,libboost_thread*,libboost_system*} $out/lib
-                rm -f $out/lib/*.a
-                ${lib.optionalString currentStdenv.isLinux ''
-                  chmod u+w $out/lib/*.so.*
-                  patchelf --set-rpath $out/lib:${currentStdenv.cc.cc.lib}/lib $out/lib/libboost_thread.so.*
-                ''}
-                ${lib.optionalString currentStdenv.isDarwin ''
-                  for LIB in $out/lib/*.dylib; do
-                    chmod u+w $LIB
-                    install_name_tool -id $LIB $LIB
-                  done
-                  install_name_tool -change ${boost}/lib/libboost_system.dylib $out/lib/libboost_system.dylib $out/lib/libboost_thread.dylib
-                ''}
-              '';
-
-            configureFlags = configureFlags ++
-              [ "--sysconfdir=/etc" ];
-
-            enableParallelBuilding = true;
-
-            makeFlags = "profiledir=$(out)/etc/profile.d PRECOMPILE_HEADERS=1";
-
-            doCheck = true;
-
-            installFlags = "sysconfdir=$(out)/etc";
-
-            postInstall = ''
-              mkdir -p $doc/nix-support
-              echo "doc manual $doc/share/doc/nix/manual" >> $doc/nix-support/hydra-build-products
-              ${lib.optionalString currentStdenv.isDarwin ''
-              install_name_tool \
-                -change ${boost}/lib/libboost_context.dylib \
-                $out/lib/libboost_context.dylib \
-                $out/lib/libnixutil.dylib
-              ''}
-            '';
-
-            doInstallCheck = true;
-            installCheckFlags = "sysconfdir=$(out)/etc";
-
-            separateDebugInfo = true;
-
-            strictDeps = true;
-
-            passthru.perl-bindings = with final; perl.pkgs.toPerlModule (currentStdenv.mkDerivation {
-              name = "nix-perl-${version}";
-
-              src = self;
-
-              nativeBuildInputs =
-                [ buildPackages.autoconf-archive
-                  buildPackages.autoreconfHook
-                  buildPackages.pkg-config
-                ];
-
-              buildInputs =
-                [ nix
-                  curl
-                  bzip2
-                  xz
-                  pkgs.perl
-                  boost
-                ]
-                ++ lib.optional (currentStdenv.isLinux || currentStdenv.isDarwin) libsodium
-                ++ lib.optional currentStdenv.isDarwin darwin.apple_sdk.frameworks.Security;
-
-              configureFlags = ''
-                --with-dbi=${perlPackages.DBI}/${pkgs.perl.libPrefix}
-                --with-dbd-sqlite=${perlPackages.DBDSQLite}/${pkgs.perl.libPrefix}
-              '';
-
-              enableParallelBuilding = true;
-
-              postUnpack = "sourceRoot=$sourceRoot/perl";
-            });
-
-            meta.platforms = systems;
-          };
-
-          lowdown-nix = with final; currentStdenv.mkDerivation rec {
-            name = "lowdown-0.9.0";
-
-            src = lowdown-src;
-
-            outputs = [ "out" "bin" "dev" ];
-
-            nativeBuildInputs = [ buildPackages.which ];
-
-            configurePhase = ''
-                ${if (currentStdenv.isDarwin && currentStdenv.isAarch64) then "echo \"HAVE_SANDBOX_INIT=false\" > configure.local" else ""}
-                ./configure \
-                  PREFIX=${placeholder "dev"} \
-                  BINDIR=${placeholder "bin"}/bin
-            '';
-          };
-        };
-
     in {
 
       # A Nixpkgs overlay that overrides the 'nix' and
       # 'nix.perl-bindings' packages.
-      overlay = overlayFor (p: p.stdenv);
+      overlay = final: prev: {
+
+        nix = with final; with commonDeps pkgs; stdenv.mkDerivation {
+          name = "nix-${version}";
+          inherit version;
+
+          src = self;
+
+          VERSION_SUFFIX = versionSuffix;
+
+          outputs = [ "out" "dev" "doc" ];
+
+          nativeBuildInputs = nativeBuildDeps;
+          buildInputs = buildDeps ++ awsDeps;
+
+          propagatedBuildInputs = propagatedDeps;
+
+          preConfigure =
+            ''
+              # Copy libboost_context so we don't get all of Boost in our closure.
+              # https://github.com/NixOS/nixpkgs/issues/45462
+              mkdir -p $out/lib
+              cp -pd ${boost}/lib/{libboost_context*,libboost_thread*,libboost_system*} $out/lib
+              rm -f $out/lib/*.a
+              ${lib.optionalString stdenv.isLinux ''
+                chmod u+w $out/lib/*.so.*
+                patchelf --set-rpath $out/lib:${stdenv.cc.cc.lib}/lib $out/lib/libboost_thread.so.*
+              ''}
+            '';
+
+          configureFlags = configureFlags ++
+            [ "--sysconfdir=/etc" ];
+
+          enableParallelBuilding = true;
+
+          makeFlags = "profiledir=$(out)/etc/profile.d PRECOMPILE_HEADERS=1";
+
+          doCheck = true;
+
+          installFlags = "sysconfdir=$(out)/etc";
+
+          postInstall = ''
+            mkdir -p $doc/nix-support
+            echo "doc manual $doc/share/doc/nix/manual" >> $doc/nix-support/hydra-build-products
+          '';
+
+          doInstallCheck = true;
+          installCheckFlags = "sysconfdir=$(out)/etc";
+
+          separateDebugInfo = true;
+
+          passthru.perl-bindings = with final; stdenv.mkDerivation {
+            name = "nix-perl-${version}";
+
+            src = self;
+
+            nativeBuildInputs =
+              [ buildPackages.autoconf-archive
+                buildPackages.autoreconfHook
+                buildPackages.pkgconfig
+              ];
+
+            buildInputs =
+              [ nix
+                curl
+                bzip2
+                xz
+                pkgs.perl
+                boost
+                nlohmann_json
+              ]
+              ++ lib.optional (stdenv.isLinux || stdenv.isDarwin) libsodium;
+
+            configureFlags = ''
+              --with-dbi=${perlPackages.DBI}/${pkgs.perl.libPrefix}
+              --with-dbd-sqlite=${perlPackages.DBDSQLite}/${pkgs.perl.libPrefix}
+            '';
+
+            enableParallelBuilding = true;
+
+            postUnpack = "sourceRoot=$sourceRoot/perl";
+          };
+
+        };
+
+        lowdown = with final; stdenv.mkDerivation rec {
+          name = "lowdown-0.8.0";
+
+          src = fetchurl {
+            url = "https://kristaps.bsd.lv/lowdown/snapshots/${name}.tar.gz";
+            hash = "sha512-U9WeGoInT9vrawwa57t6u9dEdRge4/P+0wLxmQyOL9nhzOEUU2FRz2Be9H0dCjYE7p2v3vCXIYk40M+jjULATw==";
+          };
+
+          #src = lowdown-src;
+
+          outputs = [ "out" "bin" "dev" ];
+
+          nativeBuildInputs = [ which ];
+
+          configurePhase =
+            ''
+              ./configure \
+                PREFIX=${placeholder "dev"} \
+                BINDIR=${placeholder "bin"}/bin
+            '';
+        };
+
+      };
 
       hydraJobs = {
 
@@ -414,36 +229,124 @@
 
         buildStatic = nixpkgs.lib.genAttrs linux64BitSystems (system: self.packages.${system}.nix-static);
 
-        buildCross = nixpkgs.lib.genAttrs crossSystems (crossSystem:
-          nixpkgs.lib.genAttrs ["x86_64-linux"] (system: self.packages.${system}."nix-${crossSystem}"));
-
         # Perl bindings for various platforms.
         perlBindings = nixpkgs.lib.genAttrs systems (system: self.packages.${system}.nix.perl-bindings);
 
         # Binary tarball for various platforms, containing a Nix store
         # with the closure of 'nix' package, and the second half of
         # the installation script.
-        binaryTarball = nixpkgs.lib.genAttrs systems (system: binaryTarball nixpkgsFor.${system} nixpkgsFor.${system}.nix nixpkgsFor.${system});
+        binaryTarball = nixpkgs.lib.genAttrs systems (system:
 
-        binaryTarballCross = nixpkgs.lib.genAttrs ["x86_64-linux"] (system: builtins.listToAttrs (map (crossSystem: {
-          name = crossSystem;
-          value = let
-            nixpkgsCross = import nixpkgs {
-              inherit system crossSystem;
-              overlays = [ self.overlay ];
-            };
-          in binaryTarball nixpkgsFor.${system} self.packages.${system}."nix-${crossSystem}" nixpkgsCross;
-        }) crossSystems));
+          with nixpkgsFor.${system};
+
+          let
+            installerClosureInfo = closureInfo { rootPaths = [ nix cacert ]; };
+          in
+
+          runCommand "nix-binary-tarball-${version}"
+            { #nativeBuildInputs = lib.optional (system != "aarch64-linux") shellcheck;
+              meta.description = "Distribution-independent Nix bootstrap binaries for ${system}";
+            }
+            ''
+              cp ${installerClosureInfo}/registration $TMPDIR/reginfo
+              cp ${./scripts/create-darwin-volume.sh} $TMPDIR/create-darwin-volume.sh
+              substitute ${./scripts/install-nix-from-closure.sh} $TMPDIR/install \
+                --subst-var-by nix ${nix} \
+                --subst-var-by cacert ${cacert}
+
+              substitute ${./scripts/install-darwin-multi-user.sh} $TMPDIR/install-darwin-multi-user.sh \
+                --subst-var-by nix ${nix} \
+                --subst-var-by cacert ${cacert}
+              substitute ${./scripts/install-systemd-multi-user.sh} $TMPDIR/install-systemd-multi-user.sh \
+                --subst-var-by nix ${nix} \
+                --subst-var-by cacert ${cacert}
+              substitute ${./scripts/install-multi-user.sh} $TMPDIR/install-multi-user \
+                --subst-var-by nix ${nix} \
+                --subst-var-by cacert ${cacert}
+
+              if type -p shellcheck; then
+                # SC1090: Don't worry about not being able to find
+                #         $nix/etc/profile.d/nix.sh
+                shellcheck --exclude SC1090 $TMPDIR/install
+                shellcheck $TMPDIR/create-darwin-volume.sh
+                shellcheck $TMPDIR/install-darwin-multi-user.sh
+                shellcheck $TMPDIR/install-systemd-multi-user.sh
+
+                # SC1091: Don't panic about not being able to source
+                #         /etc/profile
+                # SC2002: Ignore "useless cat" "error", when loading
+                #         .reginfo, as the cat is a much cleaner
+                #         implementation, even though it is "useless"
+                # SC2116: Allow ROOT_HOME=$(echo ~root) for resolving
+                #         root's home directory
+                shellcheck --external-sources \
+                  --exclude SC1091,SC2002,SC2116 $TMPDIR/install-multi-user
+              fi
+
+              chmod +x $TMPDIR/install
+              chmod +x $TMPDIR/create-darwin-volume.sh
+              chmod +x $TMPDIR/install-darwin-multi-user.sh
+              chmod +x $TMPDIR/install-systemd-multi-user.sh
+              chmod +x $TMPDIR/install-multi-user
+              dir=nix-${version}-${system}
+              fn=$out/$dir.tar.xz
+              mkdir -p $out/nix-support
+              echo "file binary-dist $fn" >> $out/nix-support/hydra-build-products
+              tar cvfJ $fn \
+                --owner=0 --group=0 --mode=u+rw,uga+r \
+                --absolute-names \
+                --hard-dereference \
+                --transform "s,$TMPDIR/install,$dir/install," \
+                --transform "s,$TMPDIR/create-darwin-volume.sh,$dir/create-darwin-volume.sh," \
+                --transform "s,$TMPDIR/reginfo,$dir/.reginfo," \
+                --transform "s,$NIX_STORE,$dir/store,S" \
+                $TMPDIR/install \
+                $TMPDIR/create-darwin-volume.sh \
+                $TMPDIR/install-darwin-multi-user.sh \
+                $TMPDIR/install-systemd-multi-user.sh \
+                $TMPDIR/install-multi-user \
+                $TMPDIR/reginfo \
+                $(cat ${installerClosureInfo}/store-paths)
+            '');
 
         # The first half of the installation script. This is uploaded
         # to https://nixos.org/nix/install. It downloads the binary
         # tarball for the user's system and calls the second half of the
         # installation script.
-        installerScript = installScriptFor [ "x86_64-linux" "i686-linux" "aarch64-linux" "x86_64-darwin" "aarch64-darwin" "armv6l-linux" "armv7l-linux" ];
-        installerScriptForGHA = installScriptFor [ "x86_64-linux" "x86_64-darwin" "armv6l-linux" "armv7l-linux"];
+        installerScript =
+          with nixpkgsFor.x86_64-linux;
+          runCommand "installer-script"
+            { buildInputs = [ nix ];
+            }
+            ''
+              mkdir -p $out/nix-support
 
-        # docker image with Nix inside
-        dockerImage = nixpkgs.lib.genAttrs linux64BitSystems (system: self.packages.${system}.dockerImage);
+              # Converts /nix/store/50p3qk8kka9dl6wyq40vydq945k0j3kv-nix-2.4pre20201102_550e11f/bin/nix
+              # To 50p3qk8kka9dl6wyq40vydq945k0j3kv/bin/nix
+              tarballPath() {
+                # Remove the store prefix
+                local path=''${1#${builtins.storeDir}/}
+                # Get the path relative to the derivation root
+                local rest=''${path#*/}
+                # Get the derivation hash
+                local drvHash=''${path%%-*}
+                echo "$drvHash/$rest"
+              }
+
+              substitute ${./scripts/install.in} $out/install \
+                ${pkgs.lib.concatMapStrings
+                  (system:
+                    '' \
+                    --replace '@tarballHash_${system}@' $(nix --experimental-features nix-command hash-file --base16 --type sha256 ${self.hydraJobs.binaryTarball.${system}}/*.tar.xz) \
+                    --replace '@tarballPath_${system}@' $(tarballPath ${self.hydraJobs.binaryTarball.${system}}/*.tar.xz) \
+                    ''
+                  )
+                  [ "x86_64-linux" "i686-linux" "x86_64-darwin" "aarch64-linux" ]
+                } \
+                --replace '@nixVersion@' ${version}
+
+              echo "file installer $out/install" >> $out/nix-support/hydra-build-products
+            '';
 
         # Line coverage analysis.
         coverage =
@@ -485,24 +388,12 @@
           inherit (self) overlay;
         };
 
-        tests.nssPreload = (import ./tests/nss-preload.nix rec {
-          system = "x86_64-linux";
-          inherit nixpkgs;
-          inherit (self) overlay;
-        });
-
         tests.githubFlakes = (import ./tests/github-flakes.nix rec {
           system = "x86_64-linux";
           inherit nixpkgs;
           inherit (self) overlay;
         });
 
-        tests.sourcehutFlakes = (import ./tests/sourcehut-flakes.nix rec {
-          system = "x86_64-linux";
-          inherit nixpkgs;
-          inherit (self) overlay;
-        });
-
         tests.setuid = nixpkgs.lib.genAttrs
           ["i686-linux" "x86_64-linux"]
           (system:
@@ -511,51 +402,40 @@
               inherit (self) overlay;
             });
 
-        # Make sure that nix-env still produces the exact same result
-        # on a particular version of Nixpkgs.
+        /*
+        # Check whether we can still evaluate all of Nixpkgs.
         tests.evalNixpkgs =
+          import (nixpkgs + "/pkgs/top-level/make-tarball.nix") {
+            # FIXME: fix pkgs/top-level/make-tarball.nix in NixOS to not require a revCount.
+            inherit nixpkgs;
+            pkgs = nixpkgsFor.x86_64-linux;
+            officialRelease = false;
+          };
+
+        # Check whether we can still evaluate NixOS.
+        tests.evalNixOS =
           with nixpkgsFor.x86_64-linux;
           runCommand "eval-nixos" { buildInputs = [ nix ]; }
             ''
-              type -p nix-env
-              # Note: we're filtering out nixos-install-tools because https://github.com/NixOS/nixpkgs/pull/153594#issuecomment-1020530593.
-              time nix-env --store dummy:// -f ${nixpkgs-regression} -qaP --drv-path | sort | grep -v nixos-install-tools > packages
-              [[ $(sha1sum < packages | cut -c1-40) = ff451c521e61e4fe72bdbe2d0ca5d1809affa733 ]]
-              mkdir $out
+              export NIX_STATE_DIR=$TMPDIR
+
+              nix-instantiate ${nixpkgs}/nixos/release-combined.nix -A tested --dry-run \
+                --arg nixpkgs '{ outPath = ${nixpkgs}; revCount = 123; shortRev = "abcdefgh"; }'
+
+              touch $out
             '';
-
-        metrics.nixpkgs = import "${nixpkgs-regression}/pkgs/top-level/metrics.nix" {
-          pkgs = nixpkgsFor.x86_64-linux;
-          nixpkgs = nixpkgs-regression;
-        };
-
-        installTests = forAllSystems (system:
-          let pkgs = nixpkgsFor.${system}; in
-          pkgs.runCommand "install-tests" {
-            againstSelf = testNixVersions pkgs pkgs.nix pkgs.pkgs.nix;
-            againstCurrentUnstable =
-              # FIXME: temporarily disable this on macOS because of #3605.
-              if system == "x86_64-linux"
-              then testNixVersions pkgs pkgs.nix pkgs.nixUnstable
-              else null;
-            # Disabled because the latest stable version doesn't handle
-            # `NIX_DAEMON_SOCKET_PATH` which is required for the tests to work
-            # againstLatestStable = testNixVersions pkgs pkgs.nix pkgs.nixStable;
-          } "touch $out");
+        */
 
       };
 
       checks = forAllSystems (system: {
         binaryTarball = self.hydraJobs.binaryTarball.${system};
         perlBindings = self.hydraJobs.perlBindings.${system};
-        installTests = self.hydraJobs.installTests.${system};
-      } // (nixpkgs.lib.optionalAttrs (builtins.elem system linux64BitSystems)) {
-        dockerImage = self.hydraJobs.dockerImage.${system};
       });
 
       packages = forAllSystems (system: {
         inherit (nixpkgsFor.${system}) nix;
-      } // (nixpkgs.lib.optionalAttrs (builtins.elem system linux64BitSystems) {
+      } // nixpkgs.lib.optionalAttrs (builtins.elem system linux64BitSystems) {
         nix-static = let
           nixpkgs = nixpkgsFor.${system}.pkgsStatic;
         in with commonDeps nixpkgs; nixpkgs.stdenv.mkDerivation {
@@ -591,85 +471,22 @@
           installCheckFlags = "sysconfdir=$(out)/etc";
 
           stripAllList = ["bin"];
-
-          strictDeps = true;
-
-          hardeningDisable = [ "pie" ];
         };
-        dockerImage =
-          let
-            pkgs = nixpkgsFor.${system};
-            image = import ./docker.nix { inherit pkgs; tag = version; };
-          in
-          pkgs.runCommand
-            "docker-image-tarball-${version}"
-            { meta.description = "Docker image with Nix for ${system}"; }
-            ''
-              mkdir -p $out/nix-support
-              image=$out/image.tar.gz
-              ln -s ${image} $image
-              echo "file binary-dist $image" >> $out/nix-support/hydra-build-products
-            '';
-      } // builtins.listToAttrs (map (crossSystem: {
-        name = "nix-${crossSystem}";
-        value = let
-          nixpkgsCross = import nixpkgs {
-            inherit system crossSystem;
-            overlays = [ self.overlay ];
-          };
-        in with commonDeps nixpkgsCross; nixpkgsCross.stdenv.mkDerivation {
-          name = "nix-${version}";
-
-          src = self;
-
-          VERSION_SUFFIX = versionSuffix;
-
-          outputs = [ "out" "dev" "doc" ];
-
-          nativeBuildInputs = nativeBuildDeps;
-          buildInputs = buildDeps ++ propagatedDeps;
-
-          configureFlags = [ "--sysconfdir=/etc" "--disable-doc-gen" ];
-
-          enableParallelBuilding = true;
-
-          makeFlags = "profiledir=$(out)/etc/profile.d";
-
-          doCheck = true;
-
-          installFlags = "sysconfdir=$(out)/etc";
-
-          postInstall = ''
-            mkdir -p $doc/nix-support
-            echo "doc manual $doc/share/doc/nix/manual" >> $doc/nix-support/hydra-build-products
-            mkdir -p $out/nix-support
-            echo "file binary-dist $out/bin/nix" >> $out/nix-support/hydra-build-products
-          '';
-
-          doInstallCheck = true;
-          installCheckFlags = "sysconfdir=$(out)/etc";
-        };
-      }) crossSystems)) // (builtins.listToAttrs (map (stdenvName:
-        nixpkgsFor.${system}.lib.nameValuePair
-          "nix-${stdenvName}"
-          nixpkgsFor.${system}."${stdenvName}Packages".nix
-      ) stdenvs)));
+      });
 
       defaultPackage = forAllSystems (system: self.packages.${system}.nix);
 
-      devShell = forAllSystems (system: self.devShells.${system}.stdenvPackages);
-
-      devShells = forAllSystemsAndStdenvs (system: stdenv:
+      devShell = forAllSystems (system:
         with nixpkgsFor.${system};
         with commonDeps pkgs;
 
-        nixpkgsFor.${system}.${stdenv}.mkDerivation {
+        stdenv.mkDerivation {
           name = "nix";
 
           outputs = [ "out" "dev" "doc" ];
 
           nativeBuildInputs = nativeBuildDeps;
-          buildInputs = buildDeps ++ propagatedDeps ++ awsDeps;
+          buildInputs = buildDeps ++ propagatedDeps ++ awsDeps ++ perlDeps;
 
           inherit configureFlags;
 
@@ -682,9 +499,6 @@
               PATH=$prefix/bin:$PATH
               unset PYTHONPATH
               export MANPATH=$out/share/man:$MANPATH
-
-              # Make bash completion work.
-              XDG_DATA_DIRS+=:$out/share
             '';
         });
 

maintainers/upload-release.pl

@@ -19,8 +19,6 @@ my $nixpkgsDir = "/home/eelco/Dev/nixpkgs-pristine";
 
 my $TMPDIR = $ENV{'TMPDIR'} // "/tmp";
 
-my $isLatest = ($ENV{'IS_LATEST'} // "") eq "1";
-
 # FIXME: cut&paste from nixos-channel-scripts.
 sub fetch {
     my ($url, $type) = @_;
@@ -37,29 +35,22 @@ sub fetch {
 my $evalUrl = "https://hydra.nixos.org/eval/$evalId";
 my $evalInfo = decode_json(fetch($evalUrl, 'application/json'));
 #print Dumper($evalInfo);
-my $flakeUrl = $evalInfo->{flake} or die;
-my $flakeInfo = decode_json(`nix flake metadata --json "$flakeUrl"` or die);
-my $nixRev = $flakeInfo->{revision} or die;
 
-my $buildInfo = decode_json(fetch("$evalUrl/job/build.x86_64-linux", 'application/json'));
-#print Dumper($buildInfo);
+my $nixRev = $evalInfo->{jobsetevalinputs}->{nix}->{revision} or die;
 
-my $releaseName = $buildInfo->{nixname};
+my $tarballInfo = decode_json(fetch("$evalUrl/job/tarball", 'application/json'));
+
+my $releaseName = $tarballInfo->{releasename};
 $releaseName =~ /nix-(.*)$/ or die;
 my $version = $1;
 
-print STDERR "Flake URL is $flakeUrl, Nix revision is $nixRev, version is $version\n";
+print STDERR "Nix revision is $nixRev, version is $version\n";
 
 my $releaseDir = "nix/$releaseName";
 
 my $tmpDir = "$TMPDIR/nix-release/$releaseName";
 File::Path::make_path($tmpDir);
 
-my $narCache = "$TMPDIR/nar-cache";
-File::Path::make_path($narCache);
-
-my $binaryCache = "https://cache.nixos.org/?local-nar-cache=$narCache";
-
 # S3 setup.
 my $aws_access_key_id = $ENV{'AWS_ACCESS_KEY_ID'} or die "No AWS_ACCESS_KEY_ID given.";
 my $aws_secret_access_key = $ENV{'AWS_SECRET_ACCESS_KEY'} or die "No AWS_SECRET_ACCESS_KEY given.";
@@ -85,7 +76,6 @@ sub downloadFile {
     my ($jobName, $productNr, $dstName) = @_;
 
     my $buildInfo = decode_json(fetch("$evalUrl/job/$jobName", 'application/json'));
-    #print STDERR "$jobName: ", Dumper($buildInfo), "\n";
 
     my $srcFile = $buildInfo->{buildproducts}->{$productNr}->{path} or die "job '$jobName' lacks product $productNr\n";
     $dstName //= basename($srcFile);
@@ -93,27 +83,19 @@ sub downloadFile {
 
     if (!-e $tmpFile) {
         print STDERR "downloading $srcFile to $tmpFile...\n";
-
-        my $fileInfo = decode_json(`NIX_REMOTE=$binaryCache nix store ls --json '$srcFile'`);
-
-        $srcFile = $fileInfo->{target} if $fileInfo->{type} eq 'symlink';
-
-        #print STDERR $srcFile, " ", Dumper($fileInfo), "\n";
-
-        system("NIX_REMOTE=$binaryCache nix store cat '$srcFile' > '$tmpFile'.tmp") == 0
+        system("NIX_REMOTE=https://cache.nixos.org/ nix cat-store '$srcFile' > '$tmpFile'") == 0
             or die "unable to fetch $srcFile\n";
-        rename("$tmpFile.tmp", $tmpFile) or die;
     }
 
-    my $sha256_expected = $buildInfo->{buildproducts}->{$productNr}->{sha256hash};
-    my $sha256_actual = `nix hash file --base16 --type sha256 '$tmpFile'`;
+    my $sha256_expected = $buildInfo->{buildproducts}->{$productNr}->{sha256hash} or die;
+    my $sha256_actual = `nix hash-file --base16 --type sha256 '$tmpFile'`;
     chomp $sha256_actual;
-    if (defined($sha256_expected) && $sha256_expected ne $sha256_actual) {
+    if ($sha256_expected ne $sha256_actual) {
         print STDERR "file $tmpFile is corrupt, got $sha256_actual, expected $sha256_expected\n";
         exit 1;
     }
 
-    write_file("$tmpFile.sha256", $sha256_actual);
+    write_file("$tmpFile.sha256", $sha256_expected);
 
     if (! -e "$tmpFile.asc") {
         system("gpg2 --detach-sign --armor $tmpFile") == 0 or die "unable to sign $tmpFile\n";
@@ -122,69 +104,14 @@ sub downloadFile {
     return $sha256_expected;
 }
 
+downloadFile("tarball", "2"); # .tar.bz2
+my $tarballHash = downloadFile("tarball", "3"); # .tar.xz
 downloadFile("binaryTarball.i686-linux", "1");
 downloadFile("binaryTarball.x86_64-linux", "1");
 downloadFile("binaryTarball.aarch64-linux", "1");
 downloadFile("binaryTarball.x86_64-darwin", "1");
-downloadFile("binaryTarball.aarch64-darwin", "1");
-downloadFile("binaryTarballCross.x86_64-linux.armv6l-linux", "1");
-downloadFile("binaryTarballCross.x86_64-linux.armv7l-linux", "1");
 downloadFile("installerScript", "1");
 
-# Upload docker images to dockerhub.
-my $dockerManifest = "";
-my $dockerManifestLatest = "";
-
-for my $platforms (["x86_64-linux", "amd64"], ["aarch64-linux", "arm64"]) {
-    my $system = $platforms->[0];
-    my $dockerPlatform = $platforms->[1];
-    my $fn = "nix-$version-docker-image-$dockerPlatform.tar.gz";
-    downloadFile("dockerImage.$system", "1", $fn);
-
-    print STDERR "loading docker image for $dockerPlatform...\n";
-    system("docker load -i $tmpDir/$fn") == 0 or die;
-
-    my $tag = "nixos/nix:$version-$dockerPlatform";
-    my $latestTag = "nixos/nix:latest-$dockerPlatform";
-
-    print STDERR "tagging $version docker image for $dockerPlatform...\n";
-    system("docker tag nix:$version $tag") == 0 or die;
-
-    if ($isLatest) {
-        print STDERR "tagging latest docker image for $dockerPlatform...\n";
-        system("docker tag nix:$version $latestTag") == 0 or die;
-    }
-
-    print STDERR "pushing $version docker image for $dockerPlatform...\n";
-    system("docker push -q $tag") == 0 or die;
-
-    if ($isLatest) {
-        print STDERR "pushing latest docker image for $dockerPlatform...\n";
-        system("docker push -q $latestTag") == 0 or die;
-    }
-
-    $dockerManifest .= " --amend $tag";
-    $dockerManifestLatest .= " --amend $latestTag"
-}
-
-print STDERR "creating multi-platform docker manifest...\n";
-system("docker manifest rm nixos/nix:$version");
-system("docker manifest create nixos/nix:$version $dockerManifest") == 0 or die;
-if ($isLatest) {
-    print STDERR "creating latest multi-platform docker manifest...\n";
-    system("docker manifest rm nixos/nix:latest");
-    system("docker manifest create nixos/nix:latest $dockerManifestLatest") == 0 or die;
-}
-
-print STDERR "pushing multi-platform docker manifest...\n";
-system("docker manifest push nixos/nix:$version") == 0 or die;
-
-if ($isLatest) {
-    print STDERR "pushing latest multi-platform docker manifest...\n";
-    system("docker manifest push nixos/nix:latest") == 0 or die;
-}
-
-# Upload release files to S3.
 for my $fn (glob "$tmpDir/*") {
     my $name = basename($fn);
     my $dstKey = "$releaseDir/" . $name;
@@ -204,38 +131,53 @@ for my $fn (glob "$tmpDir/*") {
     }
 }
 
-# Update nix-fallback-paths.nix.
-if ($isLatest) {
-    system("cd $nixpkgsDir && git pull") == 0 or die;
+exit if $version =~ /pre/;
 
-    sub getStorePath {
-        my ($jobName) = @_;
-        my $buildInfo = decode_json(fetch("$evalUrl/job/$jobName", 'application/json'));
-        return $buildInfo->{buildoutputs}->{out}->{path} or die "cannot get store path for '$jobName'";
+# Update Nixpkgs in a very hacky way.
+system("cd $nixpkgsDir && git pull") == 0 or die;
+my $oldName = `nix-instantiate --eval $nixpkgsDir -A nix.name`; chomp $oldName;
+my $oldHash = `nix-instantiate --eval $nixpkgsDir -A nix.src.outputHash`; chomp $oldHash;
+print STDERR "old stable version in Nixpkgs = $oldName / $oldHash\n";
+
+my $fn = "$nixpkgsDir/pkgs/tools/package-management/nix/default.nix";
+my $oldFile = read_file($fn);
+$oldFile =~ s/$oldName/"$releaseName"/g;
+$oldFile =~ s/$oldHash/"$tarballHash"/g;
+write_file($fn, $oldFile);
+
+$oldName =~ s/nix-//g;
+$oldName =~ s/"//g;
+
+sub getStorePath {
+    my ($jobName) = @_;
+    my $buildInfo = decode_json(fetch("$evalUrl/job/$jobName", 'application/json'));
+    for my $product (values %{$buildInfo->{buildproducts}}) {
+        next unless $product->{type} eq "nix-build";
+        next if $product->{path} =~ /[a-z]+$/;
+        return $product->{path};
     }
-
-    write_file("$nixpkgsDir/nixos/modules/installer/tools/nix-fallback-paths.nix",
-               "{\n" .
-               "  x86_64-linux = \"" . getStorePath("build.x86_64-linux") . "\";\n" .
-               "  i686-linux = \"" . getStorePath("build.i686-linux") . "\";\n" .
-               "  aarch64-linux = \"" . getStorePath("build.aarch64-linux") . "\";\n" .
-               "  x86_64-darwin = \"" . getStorePath("build.x86_64-darwin") . "\";\n" .
-               "  aarch64-darwin = \"" . getStorePath("build.aarch64-darwin") . "\";\n" .
-               "}\n");
-
-    system("cd $nixpkgsDir && git commit -a -m 'nix-fallback-paths.nix: Update to $version'") == 0 or die;
+    die;
 }
 
+write_file("$nixpkgsDir/nixos/modules/installer/tools/nix-fallback-paths.nix",
+           "{\n" .
+           "  x86_64-linux = \"" . getStorePath("build.x86_64-linux") . "\";\n" .
+           "  i686-linux = \"" . getStorePath("build.i686-linux") . "\";\n" .
+           "  aarch64-linux = \"" . getStorePath("build.aarch64-linux") . "\";\n" .
+           "  x86_64-darwin = \"" . getStorePath("build.x86_64-darwin") . "\";\n" .
+           "}\n");
+
+system("cd $nixpkgsDir && git commit -a -m 'nix: $oldName -> $version'") == 0 or die;
+
 # Update the "latest" symlink.
 $channelsBucket->add_key(
     "nix-latest/install", "",
     { "x-amz-website-redirect-location" => "https://releases.nixos.org/$releaseDir/install" })
-    or die $channelsBucket->err . ": " . $channelsBucket->errstr
-    if $isLatest;
+    or die $channelsBucket->err . ": " . $channelsBucket->errstr;
 
 # Tag the release in Git.
 chdir("/home/eelco/Dev/nix-pristine") or die;
 system("git remote update origin") == 0 or die;
 system("git tag --force --sign $version $nixRev -m 'Tagging release $version'") == 0 or die;
 system("git push --tags") == 0 or die;
-system("git push --force-with-lease origin $nixRev:refs/heads/latest-release") == 0 or die if $isLatest;
+system("git push --force-with-lease origin $nixRev:refs/heads/latest-release") == 0 or die;

misc/bash/completion.sh

@@ -7,15 +7,13 @@ function _complete_nix {
         local completion=${line%%	*}
         if [[ -z $have_type ]]; then
             have_type=1
-            if [[ $completion == filenames ]]; then
+            if [[ $completion = filenames ]]; then
                 compopt -o filenames
-            elif [[ $completion == attrs ]]; then
-                compopt -o nospace
             fi
         else
             COMPREPLY+=("$completion")
         fi
-    done < <(NIX_GET_COMPLETIONS=$cword "${words[@]}" 2>/dev/null)
+    done < <(NIX_GET_COMPLETIONS=$cword "${words[@]}")
     __ltrim_colon_completions "$cur"
 }
 

misc/fish/completion.fish

@@ -1,36 +0,0 @@
-function _nix_complete
-  # Get the current command up to a cursor.
-  # - Behaves correctly even with pipes and nested in commands like env.
-  # - TODO: Returns the command verbatim (does not interpolate variables).
-  #   That might not be optimal for arguments like -f.
-  set -l nix_args (commandline --current-process --tokenize --cut-at-cursor)
-  # --cut-at-cursor with --tokenize removes the current token so we need to add it separately.
-  # https://github.com/fish-shell/fish-shell/issues/7375
-  # Can be an empty string.
-  set -l current_token (commandline --current-token --cut-at-cursor)
-
-  # Nix wants the index of the argv item to complete but the $nix_args variable
-  # also contains the program name (argv[0]) so we would need to subtract 1.
-  # But the variable also misses the current token so it cancels out.
-  set -l nix_arg_to_complete (count $nix_args)
-
-  env NIX_GET_COMPLETIONS=$nix_arg_to_complete $nix_args $current_token
-end
-
-function _nix_accepts_files
-  set -l response (_nix_complete)
-  test $response[1] = 'filenames'
-end
-
-function _nix
-  set -l response (_nix_complete)
-  # Skip the first line since it handled by _nix_accepts_files.
-  # Tail lines each contain a command followed by a tab character and, optionally, a description.
-  # This is also the format fish expects.
-  string collect -- $response[2..-1]
-end
-
-# Disable file path completion if paths do not belong in the current context.
-complete --command nix --condition 'not _nix_accepts_files' --no-files
-
-complete --command nix --arguments '(_nix)'

misc/fish/local.mk

@@ -1 +0,0 @@
-$(eval $(call install-file-as, $(d)/completion.fish, $(datarootdir)/fish/vendor_completions.d/nix.fish, 0644))

misc/launchd/local.mk

@@ -1,4 +1,4 @@
-ifdef HOST_DARWIN
+ifeq ($(OS), Darwin)
 
   $(eval $(call install-data-in, $(d)/org.nixos.nix-daemon.plist, $(prefix)/Library/LaunchDaemons))
 

misc/launchd/org.nixos.nix-daemon.plist.in

@@ -19,16 +19,11 @@
     <array>
       <string>/bin/sh</string>
       <string>-c</string>
-      <string>/bin/wait4path /nix/var/nix/profiles/default/bin/nix-daemon &amp;&amp; exec /nix/var/nix/profiles/default/bin/nix-daemon</string>
+      <string>/bin/wait4path /nix/var/nix/profiles/default/bin/nix-daemon &amp;&amp; /nix/var/nix/profiles/default/bin/nix-daemon</string>
     </array>
     <key>StandardErrorPath</key>
     <string>/var/log/nix-daemon.log</string>
     <key>StandardOutPath</key>
     <string>/dev/null</string>
-    <key>SoftResourceLimits</key>
-    <dict>
-      <key>NumberOfFiles</key>
-      <integer>4096</integer>
-    </dict>
   </dict>
 </plist>

misc/systemd/local.mk

@@ -1,8 +1,7 @@
-ifdef HOST_LINUX
+ifeq ($(OS), Linux)
 
   $(foreach n, nix-daemon.socket nix-daemon.service, $(eval $(call install-file-in, $(d)/$(n), $(prefix)/lib/systemd/system, 0644)))
-  $(foreach n, nix-daemon.conf, $(eval $(call install-file-in, $(d)/$(n), $(prefix)/lib/tmpfiles.d, 0644)))
 
-  clean-files += $(d)/nix-daemon.socket $(d)/nix-daemon.service $(d)/nix-daemon.conf
+  clean-files += $(d)/nix-daemon.socket $(d)/nix-daemon.service
 
 endif

misc/systemd/nix-daemon.conf.in

@@ -1 +0,0 @@
-d @localstatedir@/nix/daemon-socket 0755 root root - -

misc/systemd/nix-daemon.service.in

@@ -1,15 +1,12 @@
 [Unit]
 Description=Nix Daemon
-Documentation=man:nix-daemon https://nixos.org/manual
 RequiresMountsFor=@storedir@
 RequiresMountsFor=@localstatedir@
-RequiresMountsFor=@localstatedir@/nix/db
 ConditionPathIsReadWrite=@localstatedir@/nix/daemon-socket
 
 [Service]
 ExecStart=@@bindir@/nix-daemon nix-daemon --daemon
 KillMode=process
-LimitNOFILE=4096
 
 [Install]
 WantedBy=multi-user.target

misc/upstart/local.mk

@@ -1,4 +1,4 @@
-ifdef HOST_LINUX
+ifeq ($(OS), Linux)
 
   $(foreach n, nix-daemon.conf, $(eval $(call install-file-in, $(d)/$(n), $(sysconfdir)/init, 0644)))
 

misc/zsh/completion.zsh

@@ -1,10 +1,8 @@
-#compdef nix
-
 function _nix() {
   local ifs_bk="$IFS"
   local input=("${(Q)words[@]}")
   IFS=$'\n'
-  local res=($(NIX_GET_COMPLETIONS=$((CURRENT - 1)) "$input[@]" 2>/dev/null))
+  local res=($(NIX_GET_COMPLETIONS=$((CURRENT - 1)) "$input[@]"))
   IFS="$ifs_bk"
   local tpe="${${res[1]}%%>	*}"
   local -a suggestions
@@ -20,4 +18,4 @@ function _nix() {
   _describe 'nix' suggestions
 }
 
-_nix "$@"
+compdef _nix nix

misc/zsh/local.mk

@@ -1,2 +0,0 @@
-$(eval $(call install-file-as, $(d)/completion.zsh, $(datarootdir)/zsh/site-functions/_nix, 0644))
-$(eval $(call install-file-as, $(d)/run-help-nix, $(datarootdir)/zsh/site-functions/run-help-nix, 0644))

misc/zsh/run-help-nix

@@ -1,42 +0,0 @@
-emulate -L zsh
-
-# run-help is a zsh widget that can be bound to a key. It mainly looks up the
-# man page for the currently typed in command.
-#
-# Although run-help works for any command without requiring special support,
-# it can only deduce the right man page based solely on the name of the
-# command. Programs like Nix provide better integration with run-help by
-# helping zsh identify Nix subcommands and their corresponding man pages. This
-# is what this function does.
-#
-# To actually use run-help on zsh, place the following lines in your .zshrc:
-#
-#     (( $+aliases[run-help] )) && unalias run-help
-#     autoload -Uz run-help run-help-nix
-#
-# Then also assign run-help to any key of choice:
-#
-#     bindkey '^[h' run-help
-
-while [[ "$#" != 0 && "$1" == -* ]]; do
-  shift
-done
-
-local -a subcommands; subcommands=( nix3 )
-
-local arg
-for arg in "$@"; do
-  if man -w "${(j:-:)subcommands}-$arg" >/dev/null 2>&1; then
-    subcommands+="$arg"
-  else
-    break
-  fi
-done
-
-if (( $#subcommands > 1 )); then
-  man "${(j:-:)subcommands}"
-else
-  man nix
-fi
-
-return $?

mk/jars.mk

@@ -0,0 +1,36 @@
+define build-jar
+
+  $(1)_NAME ?= $(1)
+
+  _d := $$(strip $$($(1)_DIR))
+
+  $(1)_PATH := $$(_d)/$$($(1)_NAME).jar
+
+  $(1)_TMPDIR := $$(_d)/.$$($(1)_NAME).jar.tmp
+
+  _jars := $$(foreach jar, $$($(1)_JARS), $$($$(jar)_PATH))
+
+  $$($(1)_PATH): $$($(1)_SOURCES) $$(_jars) $$($(1)_EXTRA_DEPS)| $$($(1)_ORDER_AFTER)
+	@rm -rf $$($(1)_TMPDIR)
+	@mkdir -p $$($(1)_TMPDIR)
+	$$(trace-javac) javac $(GLOBAL_JAVACFLAGS) $$($(1)_JAVACFLAGS) -d $$($(1)_TMPDIR) \
+	  $$(foreach fn, $$($(1)_SOURCES), '$$(fn)') \
+	  -cp "$$(subst $$(space),,$$(foreach jar,$$($(1)_JARS),$$($$(jar)_PATH):))$$$$CLASSPATH"
+	@echo -e '$$(subst $$(newline),\n,$$($(1)_MANIFEST))' > $$($(1)_PATH).manifest
+	$$(trace-jar) jar cfm $$($(1)_PATH) $$($(1)_PATH).manifest -C $$($(1)_TMPDIR) .
+	@rm $$($(1)_PATH).manifest
+	@rm -rf $$($(1)_TMPDIR)
+
+  $(1)_INSTALL_DIR ?= $$(jardir)
+
+  $(1)_INSTALL_PATH := $$($(1)_INSTALL_DIR)/$$($(1)_NAME).jar
+
+  $$(eval $$(call install-file-as, $$($(1)_PATH), $$($(1)_INSTALL_PATH), 0644))
+
+  install: $$($(1)_INSTALL_PATH)
+
+  jars-list += $$($(1)_PATH)
+
+  clean-files += $$($(1)_PATH)
+
+endef

mk/lib.mk

@@ -10,25 +10,8 @@ bin-scripts :=
 noinst-scripts :=
 man-pages :=
 install-tests :=
+OS = $(shell uname -s)
 
-ifdef HOST_OS
-  HOST_KERNEL = $(firstword $(subst -, ,$(HOST_OS)))
-  ifeq ($(HOST_KERNEL), cygwin)
-    HOST_CYGWIN = 1
-  endif
-  ifeq ($(patsubst darwin%,,$(HOST_KERNEL)),)
-    HOST_DARWIN = 1
-  endif
-  ifeq ($(patsubst freebsd%,,$(HOST_KERNEL)),)
-    HOST_FREEBSD = 1
-  endif
-  ifeq ($(HOST_KERNEL), linux)
-    HOST_LINUX = 1
-  endif
-  ifeq ($(patsubst solaris%,,$(HOST_KERNEL)),)
-    HOST_SOLARIS = 1
-  endif
-endif
 
 # Hack to define a literal space.
 space :=
@@ -48,6 +31,7 @@ libdir ?= $(prefix)/lib
 bindir ?= $(prefix)/bin
 libexecdir ?= $(prefix)/libexec
 datadir ?= $(prefix)/share
+jardir ?= $(datadir)/java
 localstatedir ?= $(prefix)/var
 sysconfdir ?= $(prefix)/etc
 mandir ?= $(prefix)/share/man
@@ -67,16 +51,16 @@ endif
 BUILD_SHARED_LIBS ?= 1
 
 ifeq ($(BUILD_SHARED_LIBS), 1)
-  ifdef HOST_CYGWIN
+  ifeq (CYGWIN,$(findstring CYGWIN,$(OS)))
     GLOBAL_CFLAGS += -U__STRICT_ANSI__ -D_GNU_SOURCE
     GLOBAL_CXXFLAGS += -U__STRICT_ANSI__ -D_GNU_SOURCE
   else
     GLOBAL_CFLAGS += -fPIC
     GLOBAL_CXXFLAGS += -fPIC
   endif
-  ifndef HOST_DARWIN
-   ifndef HOST_SOLARIS
-    ifndef HOST_FREEBSD
+  ifneq ($(OS), Darwin)
+   ifneq ($(OS), SunOS)
+    ifneq ($(OS), FreeBSD)
      GLOBAL_LDFLAGS += -Wl,--no-copy-dt-needed-entries
     endif
    endif
@@ -90,6 +74,7 @@ BUILD_DEBUG ?= 1
 ifeq ($(BUILD_DEBUG), 1)
   GLOBAL_CFLAGS += -g
   GLOBAL_CXXFLAGS += -g
+  GLOBAL_JAVACFLAGS += -g
 endif
 
 
@@ -99,6 +84,7 @@ include mk/clean.mk
 include mk/install.mk
 include mk/libraries.mk
 include mk/programs.mk
+include mk/jars.mk
 include mk/patterns.mk
 include mk/templates.mk
 include mk/tests.mk
@@ -116,6 +102,7 @@ $(foreach mf, $(makefiles), $(eval $(call include-sub-makefile, $(mf))))
 # Instantiate stuff.
 $(foreach lib, $(libraries), $(eval $(call build-library,$(lib))))
 $(foreach prog, $(programs), $(eval $(call build-program,$(prog))))
+$(foreach jar, $(jars), $(eval $(call build-jar,$(jar))))
 $(foreach script, $(bin-scripts), $(eval $(call install-program-in,$(script),$(bindir))))
 $(foreach script, $(bin-scripts), $(eval programs-list += $(script)))
 $(foreach script, $(noinst-scripts), $(eval programs-list += $(script)))
@@ -126,7 +113,7 @@ $(foreach file, $(man-pages), $(eval $(call install-data-in, $(file), $(mandir)/
 
 .PHONY: default all man help
 
-all: $(programs-list) $(libs-list) $(man-pages)
+all: $(programs-list) $(libs-list) $(jars-list) $(man-pages)
 
 man: $(man-pages)
 
@@ -150,6 +137,12 @@ ifdef libs-list
 	@echo "The following libraries can be built:"
 	@echo ""
 	@for i in $(libs-list); do echo "  $$i"; done
+endif
+ifdef jars-list
+	@echo ""
+	@echo "The following JARs can be built:"
+	@echo ""
+	@for i in $(jars-list); do echo "  $$i"; done
 endif
 	@echo ""
 	@echo "The following variables control the build:"
@@ -160,5 +153,4 @@ endif
 	@echo "  CFLAGS: Flags for the C compiler"
 	@echo "  CXX ($(CXX)): C++ compiler to be used"
 	@echo "  CXXFLAGS: Flags for the C++ compiler"
-	@echo "  CPPFLAGS: C preprocessor flags, used for both CC and CXX"
 	@$(print-var-help)

mk/libraries.mk

@@ -1,9 +1,9 @@
 libs-list :=
 
-ifdef HOST_DARWIN
+ifeq ($(OS), Darwin)
   SO_EXT = dylib
 else
-  ifdef HOST_CYGWIN
+  ifeq (CYGWIN,$(findstring CYGWIN,$(OS)))
     SO_EXT = dll
   else
     SO_EXT = so
@@ -59,7 +59,7 @@ define build-library
   $(1)_OBJS := $$(addprefix $(buildprefix), $$(addsuffix .o, $$(basename $$(_srcs))))
   _libs := $$(foreach lib, $$($(1)_LIBS), $$($$(lib)_PATH))
 
-  ifdef HOST_CYGWIN
+  ifeq (CYGWIN,$(findstring CYGWIN,$(OS)))
     $(1)_INSTALL_DIR ?= $$(bindir)
   else
     $(1)_INSTALL_DIR ?= $$(libdir)
@@ -73,18 +73,18 @@ define build-library
   ifeq ($(BUILD_SHARED_LIBS), 1)
 
     ifdef $(1)_ALLOW_UNDEFINED
-      ifdef HOST_DARWIN
+      ifeq ($(OS), Darwin)
         $(1)_LDFLAGS += -undefined suppress -flat_namespace
       endif
     else
-      ifndef HOST_DARWIN
-        ifndef HOST_CYGWIN
+      ifneq ($(OS), Darwin)
+        ifneq (CYGWIN,$(findstring CYGWIN,$(OS)))
           $(1)_LDFLAGS += -Wl,-z,defs
         endif
       endif
     endif
 
-    ifndef HOST_DARWIN
+    ifneq ($(OS), Darwin)
       $(1)_LDFLAGS += -Wl,-soname=$$($(1)_NAME).$(SO_EXT)
     endif
 
@@ -93,7 +93,7 @@ define build-library
     $$($(1)_PATH): $$($(1)_OBJS) $$(_libs) | $$(_d)/
 	$$(trace-ld) $(CXX) -o $$(abspath $$@) -shared $$(LDFLAGS) $$(GLOBAL_LDFLAGS) $$($(1)_OBJS) $$($(1)_LDFLAGS) $$($(1)_LDFLAGS_PROPAGATED) $$(foreach lib, $$($(1)_LIBS), $$($$(lib)_LDFLAGS_USE)) $$($(1)_LDFLAGS_UNINSTALLED)
 
-    ifndef HOST_DARWIN
+    ifneq ($(OS), Darwin)
       $(1)_LDFLAGS_USE += -Wl,-rpath,$$(abspath $$(_d))
     endif
     $(1)_LDFLAGS_USE += -L$$(_d) -l$$(patsubst lib%,%,$$(strip $$($(1)_NAME)))
@@ -108,7 +108,7 @@ define build-library
 	$$(trace-ld) $(CXX) -o $$@ -shared $$(LDFLAGS) $$(GLOBAL_LDFLAGS) $$($(1)_OBJS) $$($(1)_LDFLAGS) $$($(1)_LDFLAGS_PROPAGATED) $$(foreach lib, $$($(1)_LIBS), $$($$(lib)_LDFLAGS_USE_INSTALLED))
 
     $(1)_LDFLAGS_USE_INSTALLED += -L$$(DESTDIR)$$($(1)_INSTALL_DIR) -l$$(patsubst lib%,%,$$(strip $$($(1)_NAME)))
-    ifndef HOST_DARWIN
+    ifneq ($(OS), Darwin)
       ifeq ($(SET_RPATH_TO_LIBS), 1)
         $(1)_LDFLAGS_USE_INSTALLED += -Wl,-rpath,$$($(1)_INSTALL_DIR)
       else
@@ -125,8 +125,8 @@ define build-library
     $(1)_PATH := $$(_d)/$$($(1)_NAME).a
 
     $$($(1)_PATH): $$($(1)_OBJS) | $$(_d)/
-	$$(trace-ld) $(LD) -Ur -o $$(_d)/$$($(1)_NAME).o $$?
-	$$(trace-ar) $(AR) crs $$@ $$(_d)/$$($(1)_NAME).o
+	$(trace-ld) $(LD) -Ur -o $$(_d)/$$($(1)_NAME).o $$?
+	$(trace-ar) $(AR) crs $$@ $$(_d)/$$($(1)_NAME).o
 
     $(1)_LDFLAGS_USE += $$($(1)_PATH) $$($(1)_LDFLAGS)
 

mk/patterns.mk

@@ -1,11 +1,11 @@
 $(buildprefix)%.o: %.cc
 	@mkdir -p "$(dir $@)"
-	$(trace-cxx) $(CXX) -o $@ -c $< $(CPPFLAGS) $(GLOBAL_CXXFLAGS_PCH) $(GLOBAL_CXXFLAGS) $(CXXFLAGS) $($@_CXXFLAGS) -MMD -MF $(call filename-to-dep, $@) -MP
+	$(trace-cxx) $(CXX) -o $@ -c $< $(GLOBAL_CXXFLAGS_PCH) $(GLOBAL_CXXFLAGS) $(CXXFLAGS) $($@_CXXFLAGS) -MMD -MF $(call filename-to-dep, $@) -MP
 
 $(buildprefix)%.o: %.cpp
 	@mkdir -p "$(dir $@)"
-	$(trace-cxx) $(CXX) -o $@ -c $< $(CPPFLAGS) $(GLOBAL_CXXFLAGS_PCH) $(GLOBAL_CXXFLAGS) $(CXXFLAGS) $($@_CXXFLAGS) -MMD -MF $(call filename-to-dep, $@) -MP
+	$(trace-cxx) $(CXX) -o $@ -c $< $(GLOBAL_CXXFLAGS_PCH) $(GLOBAL_CXXFLAGS) $(CXXFLAGS) $($@_CXXFLAGS) -MMD -MF $(call filename-to-dep, $@) -MP
 
 $(buildprefix)%.o: %.c
 	@mkdir -p "$(dir $@)"
-	$(trace-cc) $(CC) -o $@ -c $< $(CPPFLAGS) $(GLOBAL_CFLAGS) $(CFLAGS) $($@_CFLAGS) -MMD -MF $(call filename-to-dep, $@) -MP
+	$(trace-cc) $(CC) -o $@ -c $< $(GLOBAL_CFLAGS) $(CFLAGS) $($@_CFLAGS) -MMD -MF $(call filename-to-dep, $@) -MP

mk/run_test.sh

@@ -14,27 +14,9 @@ if [ -t 1 ]; then
     yellow=""
     normal=""
 fi
-
-run_test () {
-    (cd tests && env ${TESTS_ENVIRONMENT} init.sh 2>/dev/null > /dev/null)
-    log="$(cd $(dirname $1) && env ${TESTS_ENVIRONMENT} $(basename $1) 2>&1)"
-    status=$?
-}
-
-run_test "$1"
-
-# Hack: Retry the test if it fails with “unexpected EOF reading a line” as these
-# appear randomly without anyone knowing why.
-# See https://github.com/NixOS/nix/issues/3605 for more info
-if [[ $status -ne 0 && $status -ne 99 && \
-    "$(uname)" == "Darwin" && \
-    "$log" =~ "unexpected EOF reading a line" \
-]]; then
-    echo "$post_run_msg [${yellow}FAIL$normal] (possibly flaky, so will be retried)"
-    echo "$log" | sed 's/^/    /'
-    run_test "$1"
-fi
-
+(cd $(dirname $1) && env ${TESTS_ENVIRONMENT} init.sh 2>/dev/null > /dev/null)
+log="$(cd $(dirname $1) && env ${TESTS_ENVIRONMENT} $(basename $1) 2>&1)"
+status=$?
 if [ $status -eq 0 ]; then
   echo "$post_run_msg [${green}PASS$normal]"
 elif [ $status -eq 99 ]; then

mk/tests.mk

@@ -8,12 +8,8 @@ define run-install-test
 
   .PHONY: $1.test
   $1.test: $1 $(test-deps)
-	@env TEST_NAME=$(basename $1) TESTS_ENVIRONMENT="$(tests-environment)" mk/run_test.sh $1 < /dev/null
+	@env TEST_NAME=$(notdir $(basename $1)) TESTS_ENVIRONMENT="$(tests-environment)" mk/run_test.sh $1 < /dev/null
 
 endef
 
 .PHONY: check installcheck
-
-print-top-help += \
-  echo "  check: Run unit tests"; \
-  echo "  installcheck: Run functional tests";

mk/tracing.mk

@@ -8,6 +8,8 @@ ifeq ($(V), 0)
   trace-ld      = @echo "  LD    " $@;
   trace-ar      = @echo "  AR    " $@;
   trace-install = @echo "  INST  " $@;
+  trace-javac   = @echo "  JAVAC " $@;
+  trace-jar     = @echo "  JAR   " $@;
   trace-mkdir   = @echo "  MKDIR " $@;
   trace-test    = @echo "  TEST  " $@;
 

nix-rust/Cargo.lock

@@ -0,0 +1,399 @@
+# This file is automatically @generated by Cargo.
+# It is not intended for manual editing.
+[[package]]
+name = "assert_matches"
+version = "1.3.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[[package]]
+name = "autocfg"
+version = "0.1.7"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[[package]]
+name = "bit-set"
+version = "0.5.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "bit-vec 0.5.1 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "bit-vec"
+version = "0.5.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[[package]]
+name = "bitflags"
+version = "1.2.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[[package]]
+name = "byteorder"
+version = "1.3.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[[package]]
+name = "c2-chacha"
+version = "0.2.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "ppv-lite86 0.2.6 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "cfg-if"
+version = "0.1.10"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[[package]]
+name = "cloudabi"
+version = "0.0.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "bitflags 1.2.1 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "fnv"
+version = "1.0.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[[package]]
+name = "fuchsia-cprng"
+version = "0.1.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[[package]]
+name = "getrandom"
+version = "0.1.13"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "cfg-if 0.1.10 (registry+https://github.com/rust-lang/crates.io-index)",
+ "libc 0.2.66 (registry+https://github.com/rust-lang/crates.io-index)",
+ "wasi 0.7.0 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "hex"
+version = "0.3.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[[package]]
+name = "lazy_static"
+version = "1.4.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[[package]]
+name = "libc"
+version = "0.2.66"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[[package]]
+name = "nix-rust"
+version = "0.1.0"
+dependencies = [
+ "assert_matches 1.3.0 (registry+https://github.com/rust-lang/crates.io-index)",
+ "hex 0.3.2 (registry+https://github.com/rust-lang/crates.io-index)",
+ "lazy_static 1.4.0 (registry+https://github.com/rust-lang/crates.io-index)",
+ "libc 0.2.66 (registry+https://github.com/rust-lang/crates.io-index)",
+ "proptest 0.9.4 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "num-traits"
+version = "0.2.10"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "autocfg 0.1.7 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "ppv-lite86"
+version = "0.2.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[[package]]
+name = "proptest"
+version = "0.9.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "bit-set 0.5.1 (registry+https://github.com/rust-lang/crates.io-index)",
+ "bitflags 1.2.1 (registry+https://github.com/rust-lang/crates.io-index)",
+ "byteorder 1.3.2 (registry+https://github.com/rust-lang/crates.io-index)",
+ "lazy_static 1.4.0 (registry+https://github.com/rust-lang/crates.io-index)",
+ "num-traits 0.2.10 (registry+https://github.com/rust-lang/crates.io-index)",
+ "quick-error 1.2.2 (registry+https://github.com/rust-lang/crates.io-index)",
+ "rand 0.6.5 (registry+https://github.com/rust-lang/crates.io-index)",
+ "rand_chacha 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)",
+ "rand_xorshift 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)",
+ "regex-syntax 0.6.12 (registry+https://github.com/rust-lang/crates.io-index)",
+ "rusty-fork 0.2.2 (registry+https://github.com/rust-lang/crates.io-index)",
+ "tempfile 3.1.0 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "quick-error"
+version = "1.2.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[[package]]
+name = "rand"
+version = "0.6.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "autocfg 0.1.7 (registry+https://github.com/rust-lang/crates.io-index)",
+ "libc 0.2.66 (registry+https://github.com/rust-lang/crates.io-index)",
+ "rand_chacha 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)",
+ "rand_core 0.4.2 (registry+https://github.com/rust-lang/crates.io-index)",
+ "rand_hc 0.1.0 (registry+https://github.com/rust-lang/crates.io-index)",
+ "rand_isaac 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)",
+ "rand_jitter 0.1.4 (registry+https://github.com/rust-lang/crates.io-index)",
+ "rand_os 0.1.3 (registry+https://github.com/rust-lang/crates.io-index)",
+ "rand_pcg 0.1.2 (registry+https://github.com/rust-lang/crates.io-index)",
+ "rand_xorshift 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)",
+ "winapi 0.3.8 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "rand"
+version = "0.7.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "getrandom 0.1.13 (registry+https://github.com/rust-lang/crates.io-index)",
+ "libc 0.2.66 (registry+https://github.com/rust-lang/crates.io-index)",
+ "rand_chacha 0.2.1 (registry+https://github.com/rust-lang/crates.io-index)",
+ "rand_core 0.5.1 (registry+https://github.com/rust-lang/crates.io-index)",
+ "rand_hc 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "rand_chacha"
+version = "0.1.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "autocfg 0.1.7 (registry+https://github.com/rust-lang/crates.io-index)",
+ "rand_core 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "rand_chacha"
+version = "0.2.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "c2-chacha 0.2.3 (registry+https://github.com/rust-lang/crates.io-index)",
+ "rand_core 0.5.1 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "rand_core"
+version = "0.3.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "rand_core 0.4.2 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "rand_core"
+version = "0.4.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[[package]]
+name = "rand_core"
+version = "0.5.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "getrandom 0.1.13 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "rand_hc"
+version = "0.1.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "rand_core 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "rand_hc"
+version = "0.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "rand_core 0.5.1 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "rand_isaac"
+version = "0.1.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "rand_core 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "rand_jitter"
+version = "0.1.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "libc 0.2.66 (registry+https://github.com/rust-lang/crates.io-index)",
+ "rand_core 0.4.2 (registry+https://github.com/rust-lang/crates.io-index)",
+ "winapi 0.3.8 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "rand_os"
+version = "0.1.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "cloudabi 0.0.3 (registry+https://github.com/rust-lang/crates.io-index)",
+ "fuchsia-cprng 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)",
+ "libc 0.2.66 (registry+https://github.com/rust-lang/crates.io-index)",
+ "rand_core 0.4.2 (registry+https://github.com/rust-lang/crates.io-index)",
+ "rdrand 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)",
+ "winapi 0.3.8 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "rand_pcg"
+version = "0.1.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "autocfg 0.1.7 (registry+https://github.com/rust-lang/crates.io-index)",
+ "rand_core 0.4.2 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "rand_xorshift"
+version = "0.1.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "rand_core 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "rdrand"
+version = "0.4.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "rand_core 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "redox_syscall"
+version = "0.1.56"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[[package]]
+name = "regex-syntax"
+version = "0.6.12"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[[package]]
+name = "remove_dir_all"
+version = "0.5.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "winapi 0.3.8 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "rusty-fork"
+version = "0.2.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "fnv 1.0.6 (registry+https://github.com/rust-lang/crates.io-index)",
+ "quick-error 1.2.2 (registry+https://github.com/rust-lang/crates.io-index)",
+ "tempfile 3.1.0 (registry+https://github.com/rust-lang/crates.io-index)",
+ "wait-timeout 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "tempfile"
+version = "3.1.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "cfg-if 0.1.10 (registry+https://github.com/rust-lang/crates.io-index)",
+ "libc 0.2.66 (registry+https://github.com/rust-lang/crates.io-index)",
+ "rand 0.7.2 (registry+https://github.com/rust-lang/crates.io-index)",
+ "redox_syscall 0.1.56 (registry+https://github.com/rust-lang/crates.io-index)",
+ "remove_dir_all 0.5.2 (registry+https://github.com/rust-lang/crates.io-index)",
+ "winapi 0.3.8 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "wait-timeout"
+version = "0.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "libc 0.2.66 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "wasi"
+version = "0.7.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[[package]]
+name = "winapi"
+version = "0.3.8"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "winapi-i686-pc-windows-gnu 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)",
+ "winapi-x86_64-pc-windows-gnu 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "winapi-i686-pc-windows-gnu"
+version = "0.4.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[[package]]
+name = "winapi-x86_64-pc-windows-gnu"
+version = "0.4.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
+[metadata]
+"checksum assert_matches 1.3.0 (registry+https://github.com/rust-lang/crates.io-index)" = "7deb0a829ca7bcfaf5da70b073a8d128619259a7be8216a355e23f00763059e5"
+"checksum autocfg 0.1.7 (registry+https://github.com/rust-lang/crates.io-index)" = "1d49d90015b3c36167a20fe2810c5cd875ad504b39cff3d4eae7977e6b7c1cb2"
+"checksum bit-set 0.5.1 (registry+https://github.com/rust-lang/crates.io-index)" = "e84c238982c4b1e1ee668d136c510c67a13465279c0cb367ea6baf6310620a80"
+"checksum bit-vec 0.5.1 (registry+https://github.com/rust-lang/crates.io-index)" = "f59bbe95d4e52a6398ec21238d31577f2b28a9d86807f06ca59d191d8440d0bb"
+"checksum bitflags 1.2.1 (registry+https://github.com/rust-lang/crates.io-index)" = "cf1de2fe8c75bc145a2f577add951f8134889b4795d47466a54a5c846d691693"
+"checksum byteorder 1.3.2 (registry+https://github.com/rust-lang/crates.io-index)" = "a7c3dd8985a7111efc5c80b44e23ecdd8c007de8ade3b96595387e812b957cf5"
+"checksum c2-chacha 0.2.3 (registry+https://github.com/rust-lang/crates.io-index)" = "214238caa1bf3a496ec3392968969cab8549f96ff30652c9e56885329315f6bb"
+"checksum cfg-if 0.1.10 (registry+https://github.com/rust-lang/crates.io-index)" = "4785bdd1c96b2a846b2bd7cc02e86b6b3dbf14e7e53446c4f54c92a361040822"
+"checksum cloudabi 0.0.3 (registry+https://github.com/rust-lang/crates.io-index)" = "ddfc5b9aa5d4507acaf872de71051dfd0e309860e88966e1051e462a077aac4f"
+"checksum fnv 1.0.6 (registry+https://github.com/rust-lang/crates.io-index)" = "2fad85553e09a6f881f739c29f0b00b0f01357c743266d478b68951ce23285f3"
+"checksum fuchsia-cprng 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)" = "a06f77d526c1a601b7c4cdd98f54b5eaabffc14d5f2f0296febdc7f357c6d3ba"
+"checksum getrandom 0.1.13 (registry+https://github.com/rust-lang/crates.io-index)" = "e7db7ca94ed4cd01190ceee0d8a8052f08a247aa1b469a7f68c6a3b71afcf407"
+"checksum hex 0.3.2 (registry+https://github.com/rust-lang/crates.io-index)" = "805026a5d0141ffc30abb3be3173848ad46a1b1664fe632428479619a3644d77"
+"checksum lazy_static 1.4.0 (registry+https://github.com/rust-lang/crates.io-index)" = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646"
+"checksum libc 0.2.66 (registry+https://github.com/rust-lang/crates.io-index)" = "d515b1f41455adea1313a4a2ac8a8a477634fbae63cc6100e3aebb207ce61558"
+"checksum num-traits 0.2.10 (registry+https://github.com/rust-lang/crates.io-index)" = "d4c81ffc11c212fa327657cb19dd85eb7419e163b5b076bede2bdb5c974c07e4"
+"checksum ppv-lite86 0.2.6 (registry+https://github.com/rust-lang/crates.io-index)" = "74490b50b9fbe561ac330df47c08f3f33073d2d00c150f719147d7c54522fa1b"
+"checksum proptest 0.9.4 (registry+https://github.com/rust-lang/crates.io-index)" = "cf147e022eacf0c8a054ab864914a7602618adba841d800a9a9868a5237a529f"
+"checksum quick-error 1.2.2 (registry+https://github.com/rust-lang/crates.io-index)" = "9274b940887ce9addde99c4eee6b5c44cc494b182b97e73dc8ffdcb3397fd3f0"
+"checksum rand 0.6.5 (registry+https://github.com/rust-lang/crates.io-index)" = "6d71dacdc3c88c1fde3885a3be3fbab9f35724e6ce99467f7d9c5026132184ca"
+"checksum rand 0.7.2 (registry+https://github.com/rust-lang/crates.io-index)" = "3ae1b169243eaf61759b8475a998f0a385e42042370f3a7dbaf35246eacc8412"
+"checksum rand_chacha 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)" = "556d3a1ca6600bfcbab7c7c91ccb085ac7fbbcd70e008a98742e7847f4f7bcef"
+"checksum rand_chacha 0.2.1 (registry+https://github.com/rust-lang/crates.io-index)" = "03a2a90da8c7523f554344f921aa97283eadf6ac484a6d2a7d0212fa7f8d6853"
+"checksum rand_core 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)" = "7a6fdeb83b075e8266dcc8762c22776f6877a63111121f5f8c7411e5be7eed4b"
+"checksum rand_core 0.4.2 (registry+https://github.com/rust-lang/crates.io-index)" = "9c33a3c44ca05fa6f1807d8e6743f3824e8509beca625669633be0acbdf509dc"
+"checksum rand_core 0.5.1 (registry+https://github.com/rust-lang/crates.io-index)" = "90bde5296fc891b0cef12a6d03ddccc162ce7b2aff54160af9338f8d40df6d19"
+"checksum rand_hc 0.1.0 (registry+https://github.com/rust-lang/crates.io-index)" = "7b40677c7be09ae76218dc623efbf7b18e34bced3f38883af07bb75630a21bc4"
+"checksum rand_hc 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)" = "ca3129af7b92a17112d59ad498c6f81eaf463253766b90396d39ea7a39d6613c"
+"checksum rand_isaac 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)" = "ded997c9d5f13925be2a6fd7e66bf1872597f759fd9dd93513dd7e92e5a5ee08"
+"checksum rand_jitter 0.1.4 (registry+https://github.com/rust-lang/crates.io-index)" = "1166d5c91dc97b88d1decc3285bb0a99ed84b05cfd0bc2341bdf2d43fc41e39b"
+"checksum rand_os 0.1.3 (registry+https://github.com/rust-lang/crates.io-index)" = "7b75f676a1e053fc562eafbb47838d67c84801e38fc1ba459e8f180deabd5071"
+"checksum rand_pcg 0.1.2 (registry+https://github.com/rust-lang/crates.io-index)" = "abf9b09b01790cfe0364f52bf32995ea3c39f4d2dd011eac241d2914146d0b44"
+"checksum rand_xorshift 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)" = "cbf7e9e623549b0e21f6e97cf8ecf247c1a8fd2e8a992ae265314300b2455d5c"
+"checksum rdrand 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)" = "678054eb77286b51581ba43620cc911abf02758c91f93f479767aed0f90458b2"
+"checksum redox_syscall 0.1.56 (registry+https://github.com/rust-lang/crates.io-index)" = "2439c63f3f6139d1b57529d16bc3b8bb855230c8efcc5d3a896c8bea7c3b1e84"
+"checksum regex-syntax 0.6.12 (registry+https://github.com/rust-lang/crates.io-index)" = "11a7e20d1cce64ef2fed88b66d347f88bd9babb82845b2b858f3edbf59a4f716"
+"checksum remove_dir_all 0.5.2 (registry+https://github.com/rust-lang/crates.io-index)" = "4a83fa3702a688b9359eccba92d153ac33fd2e8462f9e0e3fdf155239ea7792e"
+"checksum rusty-fork 0.2.2 (registry+https://github.com/rust-lang/crates.io-index)" = "3dd93264e10c577503e926bd1430193eeb5d21b059148910082245309b424fae"
+"checksum tempfile 3.1.0 (registry+https://github.com/rust-lang/crates.io-index)" = "7a6e24d9338a0a5be79593e2fa15a648add6138caa803e2d5bc782c371732ca9"
+"checksum wait-timeout 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)" = "9f200f5b12eb75f8c1ed65abd4b2db8a6e1b138a20de009dacee265a2498f3f6"
+"checksum wasi 0.7.0 (registry+https://github.com/rust-lang/crates.io-index)" = "b89c3ce4ce14bdc6fb6beaf9ec7928ca331de5df7e5ea278375642a2f478570d"
+"checksum winapi 0.3.8 (registry+https://github.com/rust-lang/crates.io-index)" = "8093091eeb260906a183e6ae1abdba2ef5ef2257a21801128899c3fc699229c6"
+"checksum winapi-i686-pc-windows-gnu 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)" = "ac3b87c63620426dd9b991e5ce0329eff545bccbbb34f3be09ff6fb6ab51b7b6"
+"checksum winapi-x86_64-pc-windows-gnu 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)" = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f"