Merge pull request #11415 from NixOS/mergify/bp/2.18-maintenance/pr-10919

install-darwin: fix _nixbld uids for macOS sequoia (backport #10919)

.clang-format

@@ -1,30 +0,0 @@
-BasedOnStyle: LLVM
-IndentWidth: 4
-BreakBeforeBraces: Custom
-BraceWrapping:
-  AfterStruct: true
-  AfterClass: true
-  AfterFunction: true
-  AfterUnion: true
-  SplitEmptyRecord: false
-PointerAlignment: Middle
-FixNamespaceComments: false
-SortIncludes: Never
-#IndentPPDirectives: BeforeHash
-SpaceAfterCStyleCast: true
-SpaceAfterTemplateKeyword: false
-AccessModifierOffset: -4
-AlignAfterOpenBracket: AlwaysBreak
-AlignEscapedNewlines: DontAlign
-ColumnLimit: 120
-BreakStringLiterals: false
-BitFieldColonSpacing: None
-AllowShortFunctionsOnASingleLine: Empty
-AlwaysBreakTemplateDeclarations: Yes
-BinPackParameters: false
-BreakConstructorInitializers: BeforeComma
-EmptyLineAfterAccessModifier: Leave # change to always/never later?
-EmptyLineBeforeAccessModifier: Leave
-#PackConstructorInitializers: BinPack
-BreakBeforeBinaryOperators: NonAssignment
-AlwaysBreakBeforeMultilineStrings: true

.clang-tidy

@@ -1,3 +0,0 @@
-# We use pointers to aggregates in a couple of places, intentionally.
-# void * would look weird.
-Checks: '-bugprone-sizeof-expression'

.editorconfig

@@ -17,7 +17,7 @@ indent_style = space
 indent_size = 2
 
 # Match c++/shell/perl, set indent to spaces with width of four
-[*.{hpp,cc,hh,sh,pl,xs}]
+[*.{hpp,cc,hh,sh,pl}]
 indent_style = space
 indent_size = 4
 

.github/CODEOWNERS

@@ -10,8 +10,9 @@
 # This file
 .github/CODEOWNERS @edolstra
 
-# Documentation of built-in functions
-src/libexpr/primops.cc @roberth
+# Public documentation
+/doc @fricklerhandwerk
+*.md @fricklerhandwerk
 
 # Libstore layer
 /src/libstore @thufschmitt

.github/PULL_REQUEST_TEMPLATE.md

@@ -10,8 +10,6 @@
 
 <!-- Large change: Provide instructions to reviewers how to read the diff. -->
 
-# Priorities and Process
+# Priorities
 
 Add :+1: to [pull requests you find important](https://github.com/NixOS/nix/pulls?q=is%3Aopen+sort%3Areactions-%2B1-desc).
-
-The Nix maintainer team uses a [GitHub project board](https://github.com/orgs/NixOS/projects/19) to [schedule and track reviews](https://github.com/NixOS/nix/tree/master/maintainers#project-board-protocol). 

.github/labeler.yml

@@ -1,30 +1,23 @@
 "documentation":
-  - changed-files:
-    - any-glob-to-any-file: "doc/manual/*"
-    - any-glob-to-any-file: "src/nix/**/*.md"
+  - doc/manual/*
+  - src/nix/**/*.md
 
 "store":
-  - changed-files:
-    - any-glob-to-any-file: "src/libstore/store-api.*"
-    - any-glob-to-any-file: "src/libstore/*-store.*"
+  - src/libstore/store-api.*
+  - src/libstore/*-store.*
 
 "fetching":
-  - changed-files:
-    - any-glob-to-any-file: "src/libfetchers/**/*"
+  - src/libfetchers/**/*
 
 "repl":
-  - changed-files:
-    - any-glob-to-any-file: "src/libcmd/repl.*"
-    - any-glob-to-any-file: "src/nix/repl.*"
+  - src/libcmd/repl.*
+  - src/nix/repl.*
 
 "new-cli":
-  - changed-files:
-    - any-glob-to-any-file: "src/nix/**/*"
+  - src/nix/**/*
 
 "with-tests":
-  - changed-files:
-    # Unit tests
-    - any-glob-to-any-file: "src/*/tests/**/*"
-    # Functional and integration tests
-    - any-glob-to-any-file: "tests/functional/**/*"
-    
+  # Unit tests
+  - src/*/tests/**/*
+  # Functional and integration tests
+  - tests/functional/**/*

.github/workflows/backport.yml

@@ -21,7 +21,7 @@ jobs:
           fetch-depth: 0
       - name: Create backport PRs
         # should be kept in sync with `version`
-        uses: zeebe-io/backport-action@v2.4.1
+        uses: zeebe-io/backport-action@v1.4.0
         with:
           # Config README: https://github.com/zeebe-io/backport-action#backport-action
           github_token: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/ci.yml

@@ -20,12 +20,12 @@ jobs:
     - uses: actions/checkout@v4
       with:
         fetch-depth: 0
-    - uses: cachix/install-nix-action@v25
+    - uses: cachix/install-nix-action@v23
       with:
         # The sandbox would otherwise be disabled by default on Darwin
         extra_nix_config: "sandbox = true"
     - run: echo CACHIX_NAME="$(echo $GITHUB_REPOSITORY-install-tests | tr "[A-Z]/" "[a-z]-")" >> $GITHUB_ENV
-    - uses: cachix/cachix-action@v14
+    - uses: cachix/cachix-action@v12
       if: needs.check_secrets.outputs.cachix == 'true'
       with:
         name: '${{ env.CACHIX_NAME }}'
@@ -62,10 +62,10 @@ jobs:
       with:
         fetch-depth: 0
     - run: echo CACHIX_NAME="$(echo $GITHUB_REPOSITORY-install-tests | tr "[A-Z]/" "[a-z]-")" >> $GITHUB_ENV
-    - uses: cachix/install-nix-action@v25
+    - uses: cachix/install-nix-action@v23
       with:
         install_url: https://releases.nixos.org/nix/nix-2.13.3/install
-    - uses: cachix/cachix-action@v14
+    - uses: cachix/cachix-action@v12
       with:
         name: '${{ env.CACHIX_NAME }}'
         signingKey: '${{ secrets.CACHIX_SIGNING_KEY }}'
@@ -84,7 +84,7 @@ jobs:
     steps:
     - uses: actions/checkout@v4
     - run: echo CACHIX_NAME="$(echo $GITHUB_REPOSITORY-install-tests | tr "[A-Z]/" "[a-z]-")" >> $GITHUB_ENV
-    - uses: cachix/install-nix-action@v25
+    - uses: cachix/install-nix-action@v23
       with:
         install_url: '${{needs.installer.outputs.installerURL}}'
         install_options: "--tarball-url-prefix https://${{ env.CACHIX_NAME }}.cachix.org/serve"
@@ -101,9 +101,6 @@ jobs:
 
   docker_push_image:
     needs: [check_secrets, tests]
-    permissions:
-      contents: read
-      packages: write
     if: >-
       github.event_name == 'push' &&
       github.ref_name == 'master' &&
@@ -114,12 +111,12 @@ jobs:
     - uses: actions/checkout@v4
       with:
         fetch-depth: 0
-    - uses: cachix/install-nix-action@v25
+    - uses: cachix/install-nix-action@v23
       with:
         install_url: https://releases.nixos.org/nix/nix-2.13.3/install
     - run: echo CACHIX_NAME="$(echo $GITHUB_REPOSITORY-install-tests | tr "[A-Z]/" "[a-z]-")" >> $GITHUB_ENV
     - run: echo NIX_VERSION="$(nix --experimental-features 'nix-command flakes' eval .\#default.version | tr -d \")" >> $GITHUB_ENV
-    - uses: cachix/cachix-action@v14
+    - uses: cachix/cachix-action@v12
       if: needs.check_secrets.outputs.cachix == 'true'
       with:
         name: '${{ env.CACHIX_NAME }}'
@@ -129,9 +126,6 @@ jobs:
     - run: docker load -i ./result/image.tar.gz
     - run: docker tag nix:$NIX_VERSION nixos/nix:$NIX_VERSION
     - run: docker tag nix:$NIX_VERSION nixos/nix:master
-    # We'll deploy the newly built image to both Docker Hub and Github Container Registry.
-    #
-    # Push to Docker Hub first
     - name: Login to Docker Hub
       uses: docker/login-action@v3
       with:
@@ -139,20 +133,3 @@ jobs:
         password: ${{ secrets.DOCKERHUB_TOKEN }}
     - run: docker push nixos/nix:$NIX_VERSION
     - run: docker push nixos/nix:master
-    # Push to GitHub Container Registry as well
-    - name: Login to GitHub Container Registry
-      uses: docker/login-action@v3
-      with:
-        registry: ghcr.io
-        username: ${{ github.actor }}
-        password: ${{ secrets.GITHUB_TOKEN }}
-    - name: Push image
-      run: |
-        IMAGE_ID=ghcr.io/${{ github.repository_owner }}/nix
-        # Change all uppercase to lowercase
-        IMAGE_ID=$(echo $IMAGE_ID | tr '[A-Z]' '[a-z]')
-
-        docker tag nix:$NIX_VERSION $IMAGE_ID:$NIX_VERSION
-        docker tag nix:$NIX_VERSION $IMAGE_ID:master
-        docker push $IMAGE_ID:$NIX_VERSION
-        docker push $IMAGE_ID:master

.github/workflows/labels.yml

@@ -18,7 +18,7 @@ jobs:
     runs-on: ubuntu-latest
     if: github.repository_owner == 'NixOS'
     steps:
-    - uses: actions/labeler@v5
+    - uses: actions/labeler@v4
       with:
         repo-token: ${{ secrets.GITHUB_TOKEN }}
         sync-labels: false

.gitignore

@@ -21,16 +21,12 @@ perl/Makefile.config
 /doc/manual/language.json
 /doc/manual/xp-features.json
 /doc/manual/src/SUMMARY.md
-/doc/manual/src/SUMMARY-rl-next.md
-/doc/manual/src/store/types/*
-!/doc/manual/src/store/types/index.md.in
 /doc/manual/src/command-ref/new-cli
 /doc/manual/src/command-ref/conf-file.md
 /doc/manual/src/command-ref/experimental-features-shortlist.md
 /doc/manual/src/contributing/experimental-feature-descriptions.md
 /doc/manual/src/language/builtins.md
 /doc/manual/src/language/builtin-constants.md
-/doc/manual/src/release-notes/rl-next.md
 
 # /scripts/
 /scripts/nix-profile.sh
@@ -56,7 +52,7 @@ perl/Makefile.config
 
 /src/nix/nix
 
-/src/nix/generated-doc
+/src/nix/doc
 
 # /src/nix-env/
 /src/nix-env/nix-env
@@ -94,7 +90,6 @@ perl/Makefile.config
 /tests/functional/ca/config.nix
 /tests/functional/dyn-drv/config.nix
 /tests/functional/repl-result-out
-/tests/functional/debugger-test-out
 /tests/functional/test-libstoreconsumer/test-libstoreconsumer
 
 # /tests/functional/lang/
@@ -108,9 +103,6 @@ perl/Makefile.config
 
 /misc/systemd/nix-daemon.service
 /misc/systemd/nix-daemon.socket
-/misc/systemd/nix-gc-trace.service
-/misc/systemd/nix-gc-trace.socket
-
 /misc/systemd/nix-daemon.conf
 /misc/upstart/nix-daemon.conf
 
@@ -145,14 +137,8 @@ compile_commands.json
 nix-rust/target
 
 result
-result-*
 
-# IDE
 .vscode/
-.idea/
 
 # clangd and possibly more
 .cache/
-
-# Mac OS
-.DS_Store

.version

@@ -1 +1 @@
-2.21.0
+2.18.6

CONTRIBUTING.md

@@ -24,33 +24,25 @@ Check out the [security policy](https://github.com/NixOS/nix/security/policy).
 
 ## Making changes to Nix
 
-1. Search for related issues that cover what you're going to work on.
-   It could help to mention there that you will work on the issue.
-
-   Issues labeled [good first issue](https://github.com/NixOS/nix/labels/good%20first%20issue) should be relatively easy to fix and are likely to get merged quickly.
-   Pull requests addressing issues labeled [idea approved](https://github.com/NixOS/nix/labels/idea%20approved) or [RFC](https://github.com/NixOS/nix/labels/RFC) are especially welcomed by maintainers and will receive prioritised review.
-
-   If you are proficient with C++, addressing one of the [popular issues](https://github.com/NixOS/nix/issues?q=is%3Aissue+is%3Aopen+sort%3Areactions-%2B1-desc) will be highly appreciated by maintainers and Nix users all over the world.
-   For far-reaching changes, please investigate possible blockers and design implications, and coordinate with maintainers before investing too much time in writing code that may not end up getting merged.
-
-   If there is no relevant issue yet and you're not sure whether your change is likely to be accepted, [open an issue](https://github.com/NixOS/nix/issues/new/choose) yourself.
-
-2. Check for [pull requests](https://github.com/NixOS/nix/pulls) that might already cover the contribution you are about to make.
-   There are many open pull requests that might already do what you intend to work on.
+1. Check for [pull requests](https://github.com/NixOS/nix/pulls) that might already cover the contribution you are about to make.
+   There are many open pull requests that might already do what you intent to work on.
    You can use [labels](https://github.com/NixOS/nix/labels) to filter for relevant topics.
 
+2. Search for related issues that cover what you're going to work on. It could help to mention there that you will work on the issue.
+
+   Issues labeled [good first issue](https://github.com/NixOS/nix/labels/good-first-issue) should be relatively easy to fix and are likely to get merged quickly.
+   Pull requests addressing issues labeled [idea approved](https://github.com/NixOS/nix/labels/idea%20approved) are especially welcomed by maintainers and will receive prioritised review.
+
 3. Check the [Nix reference manual](https://nixos.org/manual/nix/unstable/contributing/hacking.html) for information on building Nix and running its tests.
 
    For contributions to the command line interface, please check the [CLI guidelines](https://nixos.org/manual/nix/unstable/contributing/cli-guideline.html).
 
-4. Make your change!
+4. Make your changes!
 
 5. [Create a pull request](https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-a-pull-request) for your changes.
-   * Clearly explain the problem that you're solving.
-
-     Link related issues to inform interested parties and future contributors about your change.
-     If your pull request closes one or multiple issues, mention that in the description using `Closes: #<number>`, as it will then happen automatically when your change is merged.
+   * Link related issues in your pull request to inform interested parties and future contributors about your change.
    * Make sure to have [a clean history of commits on your branch by using rebase](https://www.digitalocean.com/community/tutorials/how-to-rebase-and-update-a-pull-request).
+     If your pull request closes one or multiple issues, note that in the description using `Closes: #<number>`, as it will then happen automatically when your change is merged.
    * [Mark the pull request as draft](https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/changing-the-stage-of-a-pull-request) if you're not done with the changes.
 
 6. Do not expect your pull request to be reviewed immediately.
@@ -63,7 +55,7 @@ Check out the [security policy](https://github.com/NixOS/nix/security/policy).
      - Functional tests – [`tests/functional/**.sh`](./tests/functional)
      - Unit tests – [`src/*/tests`](./src/)
      - Integration tests – [`tests/nixos/*`](./tests/nixos)
-   - [ ] User documentation in the [manual](./doc/manual/src)
+   - [ ] User documentation in the [manual](..doc/manual/src)
    - [ ] API documentation in header files
    - [ ] Code and comments are self-explanatory
    - [ ] Commit message explains **why** the change was made

Makefile

@@ -1,18 +1,7 @@
-# External build directory support
-
-include mk/build-dir.mk
-
--include $(buildprefix)Makefile.config
-clean-files += $(buildprefix)Makefile.config
-
-# List makefiles
-
-ifeq ($(ENABLE_BUILD), yes)
 makefiles = \
   mk/precompiled-headers.mk \
   local.mk \
   src/libutil/local.mk \
-  src/nix-find-roots/local.mk \
   src/libstore/local.mk \
   src/libfetchers/local.mk \
   src/libmain/local.mk \
@@ -26,42 +15,30 @@ makefiles = \
   misc/zsh/local.mk \
   misc/systemd/local.mk \
   misc/launchd/local.mk \
-  misc/upstart/local.mk
-endif
+  misc/upstart/local.mk \
+  doc/manual/local.mk \
+  doc/internal-api/local.mk
 
-ifeq ($(ENABLE_UNIT_TESTS), yes)
+-include Makefile.config
+
+ifeq ($(tests), yes)
 makefiles += \
   tests/unit/libutil/local.mk \
   tests/unit/libutil-support/local.mk \
   tests/unit/libstore/local.mk \
   tests/unit/libstore-support/local.mk \
   tests/unit/libexpr/local.mk \
-  tests/unit/libexpr-support/local.mk
-endif
-
-ifeq ($(ENABLE_FUNCTIONAL_TESTS), yes)
-makefiles += \
+  tests/unit/libexpr-support/local.mk \
   tests/functional/local.mk \
-  tests/functional/gc-external-daemon/local.mk \
   tests/functional/ca/local.mk \
   tests/functional/dyn-drv/local.mk \
   tests/functional/test-libstoreconsumer/local.mk \
   tests/functional/plugins/local.mk
+else
+makefiles += \
+  mk/disable-tests.mk
 endif
 
-# Some makefiles require access to built programs and must be included late.
-makefiles-late =
-
-ifeq ($(ENABLE_DOC_GEN), yes)
-makefiles-late += doc/manual/local.mk
-endif
-
-ifeq ($(ENABLE_INTERNAL_API_DOCS), yes)
-makefiles-late += doc/internal-api/local.mk
-endif
-
-# Miscellaneous global Flags
-
 OPTIMIZE = 1
 
 ifeq ($(OPTIMIZE), 1)
@@ -71,55 +48,6 @@ else
   GLOBAL_CXXFLAGS += -O0 -U_FORTIFY_SOURCE
 endif
 
-include mk/platform.mk
-
-ifdef HOST_WINDOWS
-  # Windows DLLs are stricter about symbol visibility than Unix shared
-  # objects --- see https://gcc.gnu.org/wiki/Visibility for details.
-  # This is a temporary sledgehammer to export everything like on Unix,
-  # and not detail with this yet.
-  #
-  # TODO do not do this, and instead do fine-grained export annotations.
-  GLOBAL_LDFLAGS += -Wl,--export-all-symbols
-endif
-
-GLOBAL_CXXFLAGS += -g -Wall -include $(buildprefix)config.h -std=c++2a -I src
-
-# Include the main lib, causing rules to be defined
-
 include mk/lib.mk
 
-# Fallback stub rules for better UX when things are disabled
-#
-# These must be defined after `mk/lib.mk`. Otherwise the first rule
-# incorrectly becomes the default target.
-
-ifneq ($(ENABLE_UNIT_TESTS), yes)
-.PHONY: check
-check:
-	@echo "Unit tests are disabled. Configure without '--disable-unit-tests', or avoid calling 'make check'."
-	@exit 1
-endif
-
-ifneq ($(ENABLE_FUNCTIONAL_TESTS), yes)
-.PHONY: installcheck
-installcheck:
-	@echo "Functional tests are disabled. Configure without '--disable-functional-tests', or avoid calling 'make installcheck'."
-	@exit 1
-endif
-
-# Documentation fallback stub rules.
-
-ifneq ($(ENABLE_DOC_GEN), yes)
-.PHONY: manual-html manpages
-manual-html manpages:
-	@echo "Generated docs are disabled. Configure without '--disable-doc-gen', or avoid calling 'make manpages' and 'make manual-html'."
-	@exit 1
-endif
-
-ifneq ($(ENABLE_INTERNAL_API_DOCS), yes)
-.PHONY: internal-api-html
-internal-api-html:
-	@echo "Internal API docs are disabled. Configure with '--enable-internal-api-docs', or avoid calling 'make internal-api-html'."
-	@exit 1
-endif
+GLOBAL_CXXFLAGS += -g -Wall -include config.h -std=c++2a -I src

Makefile.config.in

@@ -8,36 +8,29 @@ CXX = @CXX@
 CXXFLAGS = @CXXFLAGS@
 CXXLTO = @CXXLTO@
 EDITLINE_LIBS = @EDITLINE_LIBS@
-ENABLE_BUILD = @ENABLE_BUILD@
-ENABLE_DOC_GEN = @ENABLE_DOC_GEN@
-ENABLE_FUNCTIONAL_TESTS = @ENABLE_FUNCTIONAL_TESTS@
-ENABLE_INTERNAL_API_DOCS = @ENABLE_INTERNAL_API_DOCS@
 ENABLE_S3 = @ENABLE_S3@
-ENABLE_UNIT_TESTS = @ENABLE_UNIT_TESTS@
 GTEST_LIBS = @GTEST_LIBS@
 HAVE_LIBCPUID = @HAVE_LIBCPUID@
 HAVE_SECCOMP = @HAVE_SECCOMP@
 HOST_OS = @host_os@
-INSTALL_UNIT_TESTS = @INSTALL_UNIT_TESTS@
 LDFLAGS = @LDFLAGS@
 LIBARCHIVE_LIBS = @LIBARCHIVE_LIBS@
 LIBBROTLI_LIBS = @LIBBROTLI_LIBS@
 LIBCURL_LIBS = @LIBCURL_LIBS@
-LIBGIT2_LIBS = @LIBGIT2_LIBS@
 LIBSECCOMP_LIBS = @LIBSECCOMP_LIBS@
 LOWDOWN_LIBS = @LOWDOWN_LIBS@
 OPENSSL_LIBS = @OPENSSL_LIBS@
 PACKAGE_NAME = @PACKAGE_NAME@
 PACKAGE_VERSION = @PACKAGE_VERSION@
+RAPIDCHECK_HEADERS = @RAPIDCHECK_HEADERS@
 SHELL = @bash@
 SODIUM_LIBS = @SODIUM_LIBS@
 SQLITE3_LIBS = @SQLITE3_LIBS@
 bash = @bash@
 bindir = @bindir@
-checkbindir = @checkbindir@
-checklibdir = @checklibdir@
 datadir = @datadir@
 datarootdir = @datarootdir@
+doc_generate = @doc_generate@
 docdir = @docdir@
 embedded_sandbox_shell = @embedded_sandbox_shell@
 exec_prefix = @exec_prefix@
@@ -53,3 +46,5 @@ sandbox_shell = @sandbox_shell@
 storedir = @storedir@
 sysconfdir = @sysconfdir@
 system = @system@
+tests = @tests@
+internal_api_docs = @internal_api_docs@

README.md

@@ -7,20 +7,21 @@ Nix is a powerful package manager for Linux and other Unix systems that makes pa
 management reliable and reproducible. Please refer to the [Nix manual](https://nixos.org/nix/manual)
 for more details.
 
-## Installation and first steps
+## Installation
 
-Visit [nix.dev](https://nix.dev) for [installation instructions](https://nix.dev/tutorials/install-nix) and [beginner tutorials](https://nix.dev/tutorials/first-steps).
+On Linux and macOS the easiest way to install Nix is to run the following shell command
+(as a user other than root):
 
-Full reference documentation can be found in the [Nix manual](https://nixos.org/nix/manual).
+```console
+$ curl -L https://nixos.org/nix/install | sh
+```
+
+Information on additional installation methods is available on the [Nix download page](https://nixos.org/download.html).
 
 ## Building And Developing
 
 See our [Hacking guide](https://nixos.org/manual/nix/unstable/contributing/hacking.html) in our manual for instruction on how to
- set up a development environment and build Nix from source.
-
-## Contributing
-
-Check the [contributing guide](./CONTRIBUTING.md) if you want to get involved with developing Nix.
+to set up a development environment and build Nix from source.
 
 ## Additional Resources
 
@@ -28,6 +29,7 @@ Check the [contributing guide](./CONTRIBUTING.md) if you want to get involved wi
 - [Nix jobsets on hydra.nixos.org](https://hydra.nixos.org/project/nix)
 - [NixOS Discourse](https://discourse.nixos.org/)
 - [Matrix - #nix:nixos.org](https://matrix.to/#/#nix:nixos.org)
+- [IRC - #nixos on libera.chat](irc://irc.libera.chat/#nixos)
 
 ## License
 

boehmgc-coroutine-sp-fallback.diff

@@ -59,18 +59,12 @@ index b5d71e62..aed7b0bf 100644
      GC_bool found_me = FALSE;
      size_t nthreads = 0;
      int i;
-@@ -851,6 +853,37 @@ GC_INNER void GC_push_all_stacks(void)
+@@ -851,6 +853,31 @@ GC_INNER void GC_push_all_stacks(void)
            hi = p->altstack + p->altstack_size;
            /* FIXME: Need to scan the normal stack too, but how ? */
            /* FIXME: Assume stack grows down */
 +        } else {
-+#ifdef HAVE_PTHREAD_ATTR_GET_NP
-+          if (!pthread_attr_init(&pattr)
-+              || !pthread_attr_get_np(p->id, &pattr))
-+#else /* HAVE_PTHREAD_GETATTR_NP */
-+          if (pthread_getattr_np(p->id, &pattr))
-+#endif
-+          {
++          if (pthread_getattr_np(p->id, &pattr)) {
 +            ABORT("GC_push_all_stacks: pthread_getattr_np failed!");
 +          }
 +          if (pthread_attr_getstacksize(&pattr, &stack_limit)) {

bootstrap.sh

@@ -0,0 +1,4 @@
+#! /bin/sh -e
+rm -f aclocal.m4
+mkdir -p config
+exec autoreconf -vfi

configure.ac

@@ -47,10 +47,6 @@ AC_DEFINE_UNQUOTED(SYSTEM, ["$system"], [platform identifier ('cpu-os')])
 # State should be stored in /nix/var, unless the user overrides it explicitly.
 test "$localstatedir" = '${prefix}/var' && localstatedir=/nix/var
 
-# Assign a default value to C{,XX}FLAGS as the default configure script sets them
-# to -O2 otherwise, which we don't want to have hardcoded
-CFLAGS=${CFLAGS-""}
-CXXFLAGS=${CXXFLAGS-""}
 
 AC_PROG_CC
 AC_PROG_CXX
@@ -72,9 +68,6 @@ case "$host_os" in
 esac
 
 
-ENSURE_NO_GCC_BUG_80431
-
-
 # Check for pubsetbuf.
 AC_MSG_CHECKING([for pubsetbuf])
 AC_LANG_PUSH(C++)
@@ -126,6 +119,7 @@ AC_PATH_PROG(flex, flex, false)
 AC_PATH_PROG(bison, bison, false)
 AC_PATH_PROG(dot, dot)
 AC_PATH_PROG(lsof, lsof, lsof)
+NEED_PROG(jq, jq)
 
 
 AC_SUBST(coreutils, [$(dirname $(type -p cat))])
@@ -136,48 +130,6 @@ AC_ARG_WITH(store-dir, AS_HELP_STRING([--with-store-dir=PATH],[path of the Nix s
 AC_SUBST(storedir)
 
 
-# Running the functional tests without building Nix is useful for testing
-# different pre-built versions of Nix against each other.
-AC_ARG_ENABLE(build, AS_HELP_STRING([--disable-build],[Do not build nix]),
-  ENABLE_BUILD=$enableval, ENABLE_BUILD=yes)
-AC_SUBST(ENABLE_BUILD)
-
-# Building without unit tests is useful for bootstrapping with a smaller footprint
-# or running the tests in a separate derivation. Otherwise, we do compile and
-# run them.
-
-AC_ARG_ENABLE(unit-tests, AS_HELP_STRING([--disable-unit-tests],[Do not build the tests]),
-  ENABLE_UNIT_TESTS=$enableval, ENABLE_UNIT_TESTS=$ENABLE_BUILD)
-AC_SUBST(ENABLE_UNIT_TESTS)
-
-AS_IF(
-  [test "$ENABLE_BUILD" == "no" && test "$ENABLE_UNIT_TESTS" == "yes"],
-  [AC_MSG_ERROR([Cannot enable unit tests when building overall is disabled. Please do not pass '--enable-unit-tests' or do not pass '--disable-build'.])])
-
-AC_ARG_ENABLE(functional-tests, AS_HELP_STRING([--disable-functional-tests],[Do not build the tests]),
-  ENABLE_FUNCTIONAL_TESTS=$enableval, ENABLE_FUNCTIONAL_TESTS=yes)
-AC_SUBST(ENABLE_FUNCTIONAL_TESTS)
-
-# documentation generation switch
-AC_ARG_ENABLE(doc-gen, AS_HELP_STRING([--disable-doc-gen],[disable documentation generation]),
-  ENABLE_DOC_GEN=$enableval, ENABLE_DOC_GEN=$ENABLE_BUILD)
-AC_SUBST(ENABLE_DOC_GEN)
-
-AS_IF(
-  [test "$ENABLE_BUILD" == "no" && test "$ENABLE_DOC_GEN" == "yes"],
-  [AC_MSG_ERROR([Cannot enable generated docs when building overall is disabled. Please do not pass '--enable-doc-gen' or do not pass '--disable-build'.])])
-
-# Building without API docs is the default as Nix' C++ interfaces are internal and unstable.
-AC_ARG_ENABLE(internal-api-docs, AS_HELP_STRING([--enable-internal-api-docs],[Build API docs for Nix's internal unstable C++ interfaces]),
-  ENABLE_INTERNAL_API_DOCS=$enableval, ENABLE_INTERNAL_API_DOCS=no)
-AC_SUBST(ENABLE_INTERNAL_API_DOCS)
-
-AS_IF(
-  [test "$ENABLE_FUNCTIONAL_TESTS" == "yes" || test "$ENABLE_DOC_GEN" == "yes"],
-  [NEED_PROG(jq, jq)])
-
-AS_IF([test "$ENABLE_BUILD" == "yes"],[
-
 # Look for boost, a required dependency.
 # Note that AX_BOOST_BASE only exports *CPP* BOOST_CPPFLAGS, no CXX flags,
 # and CPPFLAGS are not passed to the C++ compiler automatically.
@@ -200,17 +152,17 @@ if test "x$GCC_ATOMIC_BUILTINS_NEED_LIBATOMIC" = xyes; then
     LDFLAGS="-latomic $LDFLAGS"
 fi
 
-AC_ARG_ENABLE(install-unit-tests, AS_HELP_STRING([--enable-install-unit-tests],[Install the unit tests for running later (default no)]),
-  INSTALL_UNIT_TESTS=$enableval, INSTALL_UNIT_TESTS=no)
-AC_SUBST(INSTALL_UNIT_TESTS)
+# Building without tests is useful for bootstrapping with a smaller footprint
+# or running the tests in a separate derivation. Otherwise, we do compile and
+# run them.
+AC_ARG_ENABLE(tests, AS_HELP_STRING([--disable-tests],[Do not build the tests]),
+  tests=$enableval, tests=yes)
+AC_SUBST(tests)
 
-AC_ARG_WITH(check-bin-dir, AS_HELP_STRING([--with-check-bin-dir=PATH],[path to install unit tests for running later (defaults to $libexecdir/nix)]),
-  checkbindir=$withval, checkbindir=$libexecdir/nix)
-AC_SUBST(checkbindir)
-
-AC_ARG_WITH(check-lib-dir, AS_HELP_STRING([--with-check-lib-dir=PATH],[path to install unit tests for running later (defaults to $libdir)]),
-  checklibdir=$withval, checklibdir=$libdir)
-AC_SUBST(checklibdir)
+# Building without API docs is the default as Nix' C++ interfaces are internal and unstable.
+AC_ARG_ENABLE(internal_api_docs, AS_HELP_STRING([--enable-internal-api-docs],[Build API docs for Nix's internal unstable C++ interfaces]),
+  internal_api_docs=$enableval, internal_api_docs=no)
+AC_SUBST(internal_api_docs)
 
 # LTO is currently broken with clang for unknown reasons; ld segfaults in the llvm plugin
 AC_ARG_ENABLE(lto, AS_HELP_STRING([--enable-lto],[Enable LTO (only supported with GCC) [default=no]]),
@@ -255,25 +207,17 @@ PKG_CHECK_MODULES([SQLITE3], [sqlite3 >= 3.6.19], [CXXFLAGS="$SQLITE3_CFLAGS $CX
 # Look for libcurl, a required dependency.
 PKG_CHECK_MODULES([LIBCURL], [libcurl], [CXXFLAGS="$LIBCURL_CFLAGS $CXXFLAGS"])
 
-# Look for editline or readline, a required dependency.
+# Look for editline, a required dependency.
 # The the libeditline.pc file was added only in libeditline >= 1.15.2,
 # see https://github.com/troglobit/editline/commit/0a8f2ef4203c3a4a4726b9dd1336869cd0da8607,
-# Older versions are no longer supported.
-AC_ARG_WITH(
-  [readline-flavor],
-  AS_HELP_STRING([--with-readline-flavor],[Which library to use for nice line editting with the Nix language REPL" [default=editline]]),
-  [readline_flavor=$withval],
-  [readline_flavor=editline])
-AS_CASE(["$readline_flavor"],
-  [editline], [
-    readline_flavor_pc=libeditline
-  ],
-  [readline], [
-    readline_flavor_pc=readline
-    AC_DEFINE([USE_READLINE], [1], [Use readline instead of editline])
-  ],
-  [AC_MSG_ERROR([bad value "$readline_flavor" for --with-readline-flavor, must be one of: editline, readline])])
-PKG_CHECK_MODULES([EDITLINE], [$readline_flavor_pc], [CXXFLAGS="$EDITLINE_CFLAGS $CXXFLAGS"])
+# but e.g. Ubuntu 16.04 has an older version, so we fall back to searching for
+# editline.h when the pkg-config approach fails.
+PKG_CHECK_MODULES([EDITLINE], [libeditline], [CXXFLAGS="$EDITLINE_CFLAGS $CXXFLAGS"], [
+  AC_CHECK_HEADERS([editline.h], [true],
+    [AC_MSG_ERROR([Nix requires libeditline; it was found neither via pkg-config nor its normal header.])])
+  AC_SEARCH_LIBS([readline read_history], [editline], [],
+    [AC_MSG_ERROR([Nix requires libeditline; it was not found via pkg-config, but via its header, but required functions do not work. Maybe it is too old? >= 1.14 is required.])])
+])
 
 # Look for libsodium.
 PKG_CHECK_MODULES([SODIUM], [libsodium], [CXXFLAGS="$SODIUM_CFLAGS $CXXFLAGS"])
@@ -308,6 +252,17 @@ case "$host_os" in
                         [CXXFLAGS="$LIBSECCOMP_CFLAGS $CXXFLAGS"])
       have_seccomp=1
       AC_DEFINE([HAVE_SECCOMP], [1], [Whether seccomp is available and should be used for sandboxing.])
+      AC_COMPILE_IFELSE([
+        AC_LANG_SOURCE([[
+          #include <seccomp.h>
+          #ifndef __SNR_fchmodat2
+          # error "Missing support for fchmodat2"
+          #endif
+        ]])
+      ], [], [
+        echo "libseccomp is missing __SNR_fchmodat2. Please provide libseccomp 2.5.5 or later"
+        exit 1
+      ])
     else
       have_seccomp=
     fi
@@ -318,14 +273,6 @@ case "$host_os" in
 esac
 AC_SUBST(HAVE_SECCOMP, [$have_seccomp])
 
-# Optional dependencies for better normalizing file system data
-AC_CHECK_HEADERS([sys/xattr.h])
-AS_IF([test "$ac_cv_header_sys_xattr_h" = "yes"],[
-  AC_CHECK_FUNCS([llistxattr lremovexattr])
-  AS_IF([test "$ac_cv_func_llistxattr" = "yes" && test "$ac_cv_func_lremovexattr" = "yes"],[
-    AC_DEFINE([HAVE_ACL_SUPPORT], [1], [Define if we can manipulate file system Access Control Lists])
-  ])
-])
 
 # Look for aws-cpp-sdk-s3.
 AC_LANG_PUSH(C++)
@@ -352,40 +299,47 @@ if test "$gc" = yes; then
   AC_DEFINE(HAVE_BOEHMGC, 1, [Whether to use the Boehm garbage collector.])
 fi
 
-AS_IF([test "$ENABLE_UNIT_TESTS" == "yes"],[
+
+if test "$tests" = yes; then
 
 # Look for gtest.
-PKG_CHECK_MODULES([GTEST], [gtest_main gmock_main])
+PKG_CHECK_MODULES([GTEST], [gtest_main])
+
 
 # Look for rapidcheck.
-PKG_CHECK_MODULES([RAPIDCHECK], [rapidcheck rapidcheck_gtest])
+AC_ARG_VAR([RAPIDCHECK_HEADERS], [include path of gtest headers shipped by RAPIDCHECK])
+# No pkg-config yet, https://github.com/emil-e/rapidcheck/issues/302
+AC_LANG_PUSH(C++)
+AC_SUBST(RAPIDCHECK_HEADERS)
+[CXXFLAGS="-I $RAPIDCHECK_HEADERS $CXXFLAGS"]
+[LIBS="-lrapidcheck -lgtest $LIBS"]
+AC_CHECK_HEADERS([rapidcheck/gtest.h], [], [], [#include <gtest/gtest.h>])
+dnl AC_CHECK_LIB doesn't work for C++ libs with mangled symbols
+AC_LINK_IFELSE([
+    AC_LANG_PROGRAM([[
+      #include <gtest/gtest.h>
+      #include <rapidcheck/gtest.h>
+    ]], [[
+      return RUN_ALL_TESTS();
+    ]])
+  ],
+  [],
+  [AC_MSG_ERROR([librapidcheck is not found.])])
+AC_LANG_POP(C++)
 
-])
+fi
 
 # Look for nlohmann/json.
 PKG_CHECK_MODULES([NLOHMANN_JSON], [nlohmann_json >= 3.9])
 
 
+# documentation generation switch
+AC_ARG_ENABLE(doc-gen, AS_HELP_STRING([--disable-doc-gen],[disable documentation generation]),
+  doc_generate=$enableval, doc_generate=yes)
+AC_SUBST(doc_generate)
+
 # Look for lowdown library.
-AC_ARG_ENABLE([markdown], AS_HELP_STRING([--enable-markdown], [Enable Markdown rendering in the Nix binary (requires lowdown) [default=auto]]),
-  enable_markdown=$enableval, enable_markdown=auto)
-AS_CASE(["$enable_markdown"],
-  [yes | auto], [
-    PKG_CHECK_MODULES([LOWDOWN], [lowdown >= 0.9.0], [
-      CXXFLAGS="$LOWDOWN_CFLAGS $CXXFLAGS"
-      have_lowdown=1
-      AC_DEFINE(HAVE_LOWDOWN, 1, [Whether lowdown is available and should be used for Markdown rendering.])
-    ], [
-      AS_IF([test "x$enable_markdown" == "xyes"], [AC_MSG_ERROR([--enable-markdown was specified, but lowdown was not found.])])
-    ])
-  ],
-  [no], [have_lowdown=],
-  [AC_MSG_ERROR([bad value "$enable_markdown" for --enable-markdown, must be one of: yes, no, auto])])
-
-
-# Look for libgit2.
-PKG_CHECK_MODULES([LIBGIT2], [libgit2])
-
+PKG_CHECK_MODULES([LOWDOWN], [lowdown >= 0.9.0], [CXXFLAGS="$LOWDOWN_CFLAGS $CXXFLAGS"])
 
 # Setuid installations.
 AC_CHECK_FUNCS([setresuid setreuid lchown])
@@ -417,8 +371,6 @@ if test "$embedded_sandbox_shell" = yes; then
   AC_DEFINE(HAVE_EMBEDDED_SANDBOX_SHELL, 1, [Include the sandbox shell in the Nix binary.])
 fi
 
-])
-
 
 # Expand all variables in config.status.
 test "$prefix" = NONE && prefix=$ac_default_prefix

dep-patches/boehmgc-traceable_allocator-public.diff

@@ -1,12 +0,0 @@
-diff --git a/include/gc_allocator.h b/include/gc_allocator.h
-index 597c7f13..587286be 100644
---- a/include/gc_allocator.h
-+++ b/include/gc_allocator.h
-@@ -312,6 +312,7 @@ public:
- 
- template<>
- class traceable_allocator<void> {
-+public:
-   typedef size_t      size_type;
-   typedef ptrdiff_t   difference_type;
-   typedef void*       pointer;

doc/internal-api/doxygen.cfg.in

@@ -58,40 +58,10 @@ INPUT                  = \
   src/nix-env \
   src/nix-store
 
-# If the MACRO_EXPANSION tag is set to YES, doxygen will expand all macro names
-# in the source code. If set to NO, only conditional compilation will be
-# performed. Macro expansion can be done in a controlled way by setting
-# EXPAND_ONLY_PREDEF to YES.
-# The default value is: NO.
-# This tag requires that the tag ENABLE_PREPROCESSING is set to YES.
-
-MACRO_EXPANSION        = YES
-
-# If the EXPAND_ONLY_PREDEF and MACRO_EXPANSION tags are both set to YES then
-# the macro expansion is limited to the macros specified with the PREDEFINED and
-# EXPAND_AS_DEFINED tags.
-# The default value is: NO.
-# This tag requires that the tag ENABLE_PREPROCESSING is set to YES.
-
-EXPAND_ONLY_PREDEF     = YES
-
 # The INCLUDE_PATH tag can be used to specify one or more directories that
 # contain include files that are not input files but should be processed by the
 # preprocessor. Note that the INCLUDE_PATH is not recursive, so the setting of
 # RECURSIVE has no effect here.
 # This tag requires that the tag SEARCH_INCLUDES is set to YES.
 
-INCLUDE_PATH           =
-
-# If the MACRO_EXPANSION and EXPAND_ONLY_PREDEF tags are set to YES then this
-# tag can be used to specify a list of macro names that should be expanded. The
-# macro definition that is found in the sources will be used. Use the PREDEFINED
-# tag if you want to use a different macro definition that overrules the
-# definition found in the source code.
-# This tag requires that the tag ENABLE_PREPROCESSING is set to YES.
-
-EXPAND_AS_DEFINED      = \
-  DECLARE_COMMON_SERIALISER \
-  DECLARE_WORKER_SERIALISER \
-  DECLARE_SERVE_SERIALISER \
-  LENGTH_PREFIXED_PROTO_HELPER
+INCLUDE_PATH           = @RAPIDCHECK_HEADERS@

doc/internal-api/local.mk

@@ -1,7 +1,19 @@
+.PHONY: internal-api-html
+
+ifeq ($(internal_api_docs), yes)
+
 $(docdir)/internal-api/html/index.html $(docdir)/internal-api/latex: $(d)/doxygen.cfg
 	mkdir -p $(docdir)/internal-api
 	{ cat $< ; echo "OUTPUT_DIRECTORY=$(docdir)/internal-api" ; } | doxygen -
 
 # Generate the HTML API docs for Nix's unstable internal interfaces.
-.PHONY: internal-api-html
 internal-api-html: $(docdir)/internal-api/html/index.html
+
+else
+
+# Make a nicer error message
+internal-api-html:
+	@echo "Internal API docs are disabled. Configure with '--enable-internal-api-docs', or avoid calling 'make internal-api-html'."
+	@exit 1
+
+endif

doc/manual/book.toml

@@ -6,8 +6,6 @@ additional-css = ["custom.css"]
 additional-js = ["redirects.js"]
 edit-url-template = "https://github.com/NixOS/nix/tree/master/doc/manual/{path}"
 git-repository-url = "https://github.com/NixOS/nix"
-fold.enable = true
-fold.level = 1
 
 [preprocessor.anchors]
 renderers = ["html"]

doc/manual/custom.css

@@ -1,3 +1,25 @@
+:root {
+    --sidebar-width: 23em;
+}
+
+h1.menu-title::before {
+  content: "";
+  background-image: url("./favicon.svg");
+  padding: 1.25em;
+  background-position: center center;
+  background-size: 2em;
+  background-repeat: no-repeat;
+}
+
+
+h1.menu-title {
+  padding: 0.5em;
+}
+
+.sidebar .sidebar-scrollbox {
+  padding: 1em;
+}
+
 h1:not(:first-of-type) {
     margin-top: 1.3em;
 }

doc/manual/generate-builtin-constants.nix

@@ -1,6 +1,6 @@
 let
   inherit (builtins) concatStringsSep attrValues mapAttrs;
-  inherit (import <nix/utils.nix>) optionalString squash;
+  inherit (import ./utils.nix) optionalString squash;
 in
 
 builtinsInfo:

doc/manual/generate-builtins.nix

@@ -1,6 +1,6 @@
 let
   inherit (builtins) concatStringsSep attrValues mapAttrs;
-  inherit (import <nix/utils.nix>) optionalString squash;
+  inherit (import ./utils.nix) optionalString squash;
 in
 
 builtinsInfo:
@@ -8,15 +8,7 @@ let
   showBuiltin = name: { doc, args, arity, experimental-feature }:
     let
       experimentalNotice = optionalString (experimental-feature != null) ''
-        > **Note**
-        >
-        > This function is only available if the [`${experimental-feature}` experimental feature](@docroot@/contributing/experimental-features.md#xp-feature-${experimental-feature}) is enabled.
-        >
-        > For example, include the following in [`nix.conf`](@docroot@/command-ref/conf-file.md):
-        >
-        > ```
-        > extra-experimental-features = ${experimental-feature}
-        > ```
+        This function is only available if the [${experimental-feature}](@docroot@/contributing/experimental-features.md#xp-feature-${experimental-feature}) experimental feature is enabled.
       '';
     in
     squash ''
@@ -25,9 +17,10 @@ let
       </dt>
       <dd>
 
+      ${doc}
+
       ${experimentalNotice}
 
-      ${doc}
       </dd>
     '';
   listArgs = args: concatStringsSep " " (map (s: "<var>${s}</var>") args);

doc/manual/generate-manpage.nix

@@ -1,29 +1,8 @@
 let
   inherit (builtins)
-    attrNames
-    attrValues
-    concatMap
-    concatStringsSep
-    fromJSON
-    groupBy
-    length
-    lessThan
-    listToAttrs
-    mapAttrs
-    match
-    replaceStrings
-    sort
-    ;
-  inherit (import <nix/utils.nix>)
-    attrsToList
-    concatStrings
-    filterAttrs
-    optionalString
-    squash
-    trim
-    unique
-    ;
-  showStoreDocs = import <nix/generate-store-info.nix>;
+    attrNames attrValues fromJSON listToAttrs mapAttrs
+    concatStringsSep concatMap length lessThan replaceStrings sort;
+  inherit (import ./utils.nix) concatStrings optionalString filterAttrs trim squash unique showSettings;
 in
 
 inlineHTML: commandDump:
@@ -51,7 +30,7 @@ let
 
         ${maybeSubcommands}
 
-        ${maybeProse}
+        ${maybeStoreDocs}
 
         ${maybeOptions}
       '';
@@ -61,15 +40,15 @@ let
           showArgument = arg: "*${arg.label}*" + optionalString (! arg ? arity) "...";
           arguments = concatStringsSep " " (map showArgument args);
         in ''
-          `${command}` [*option*...] ${arguments}
+         `${command}` [*option*...] ${arguments}
         '';
 
       maybeSubcommands = optionalString (details ? commands && details.commands != {})
-        ''
-          where *subcommand* is one of the following:
+         ''
+           where *subcommand* is one of the following:
 
-          ${subcommands}
-        '';
+           ${subcommands}
+         '';
 
       subcommands = if length categories > 1
         then listCategories
@@ -91,66 +70,29 @@ let
         * [`${command} ${name}`](./${appendName filename name}.md) - ${subcmd.description}
       '';
 
-      maybeProse =
-        # FIXME: this is a horrible hack to keep `nix help-stores` working.
+      maybeStoreDocs = optionalString
+        (details ? doc)
+        (replaceStrings ["@stores@"] [storeDocs] details.doc);
+
+      maybeOptions = optionalString (details.flags != {}) ''
+        # Options
+
+        ${showOptions details.flags toplevel.flags}
+      '';
+
+      showOptions = options: commonOptions:
         let
-          help-stores = ''
-            ${index}
+          allOptions = options // commonOptions;
+          showCategory = cat: ''
+            ${optionalString (cat != "") "**${cat}:**"}
 
-            ${allStores}
-          '';
-          index = replaceStrings
-            [ "@store-types@" "./local-store.md" "./local-daemon-store.md" ]
-            [ storesOverview "#local-store" "#local-daemon-store" ]
-            details.doc;
-          storesOverview =
-            let
-              showEntry = store:
-                "- [${store.name}](#${store.slug})";
-            in
-            concatStringsSep "\n" (map showEntry storesList) + "\n";
-          allStores = concatStringsSep "\n" (attrValues storePages);
-          storePages = listToAttrs
-            (map (s: { name = s.filename; value = s.page; }) storesList);
-          storesList = showStoreDocs {
-            storeInfo = commandInfo.stores;
-            inherit inlineHTML;
-          };
-        in
-        optionalString (details ? doc) (
-          if match ".*@store-types@.*" details.doc != null
-          then help-stores
-          else details.doc
-        );
-
-      maybeOptions =
-        let
-          allVisibleOptions = filterAttrs
-            (_: o: ! o.hiddenCategory)
-            (details.flags // toplevel.flags);
-        in
-        optionalString (allVisibleOptions != { }) ''
-          # Options
-
-          ${showOptions inlineHTML allVisibleOptions}
-
-          > **Note**
-          >
-          > See [`man nix.conf`](@docroot@/command-ref/conf-file.md#command-line-flags) for overriding configuration settings with command line flags.
-        '';
-
-      showOptions = inlineHTML: allOptions:
-        let
-          showCategory = cat: opts: ''
-            ${optionalString (cat != "") "## ${cat}"}
-
-            ${concatStringsSep "\n" (attrValues (mapAttrs showOption opts))}
-          '';
+            ${listOptions (filterAttrs (n: v: v.category == cat) allOptions)}
+            '';
+          listOptions = opts: concatStringsSep "\n" (attrValues (mapAttrs showOption opts));
           showOption = name: option:
             let
               result = trim ''
                 - ${item}
-
                   ${option.description}
               '';
               item = if inlineHTML
@@ -163,13 +105,8 @@ let
                 (option ? labels)
                 (concatStringsSep " " (map (s: "*${s}*") option.labels));
             in result;
-          categories = mapAttrs
-            # Convert each group from a list of key-value pairs back to an attrset
-            (_: listToAttrs)
-            (groupBy
-              (cmd: cmd.value.category)
-              (attrsToList allOptions));
-        in concatStrings (attrValues (mapAttrs showCategory categories));
+          categories = sort lessThan (unique (map (cmd: cmd.category) (attrValues allOptions)));
+        in concatStrings (map showCategory categories);
     in squash result;
 
   appendName = filename: name: (if filename == "nix" then "nix3" else filename) + "-" + name;
@@ -201,4 +138,35 @@ let
       "    - [${page.command}](command-ref/new-cli/${page.name})";
     in concatStringsSep "\n" (map showEntry manpages) + "\n";
 
+  storeDocs =
+    let
+      showStore = name: { settings, doc, experimentalFeature }:
+        let
+          experimentalFeatureNote = optionalString (experimentalFeature != null) ''
+            > **Warning**
+            > This store is part of an
+            > [experimental feature](@docroot@/contributing/experimental-features.md).
+
+            To use this store, you need to make sure the corresponding experimental feature,
+            [`${experimentalFeature}`](@docroot@/contributing/experimental-features.md#xp-feature-${experimentalFeature}),
+            is enabled.
+            For example, include the following in [`nix.conf`](#):
+
+            ```
+            extra-experimental-features = ${experimentalFeature}
+            ```
+          '';
+        in ''
+          ## ${name}
+
+          ${doc}
+
+          ${experimentalFeatureNote}
+
+          **Settings**:
+
+          ${showSettings { inherit inlineHTML; } settings}
+        '';
+    in concatStrings (attrValues (mapAttrs showStore commandInfo.stores));
+
 in (listToAttrs manpages) // { "SUMMARY.md" = tableOfContents; }

doc/manual/generate-settings.nix

@@ -1,67 +0,0 @@
-let
-  inherit (builtins) attrValues concatStringsSep isAttrs isBool mapAttrs;
-  inherit (import <nix/utils.nix>) concatStrings indent optionalString squash;
-in
-
-# `inlineHTML` is a hack to accommodate inconsistent output from `lowdown`
-{ prefix, inlineHTML ? true }: settingsInfo:
-
-let
-
-  showSetting = prefix: setting: { description, documentDefault, defaultValue, aliases, value, experimentalFeature }:
-    let
-      result = squash ''
-          - ${item}
-
-          ${indent "  " body}
-        '';
-      item = if inlineHTML
-        then ''<span id="${prefix}-${setting}">[`${setting}`](#${prefix}-${setting})</span>''
-        else "`${setting}`";
-      # separate body to cleanly handle indentation
-      body = ''
-          ${experimentalFeatureNote}
-
-          ${description}
-
-          **Default:** ${showDefault documentDefault defaultValue}
-
-          ${showAliases aliases}
-        '';
-
-      experimentalFeatureNote = optionalString (experimentalFeature != null) ''
-          > **Warning**
-          >
-          > This setting is part of an
-          > [experimental feature](@docroot@/contributing/experimental-features.md).
-          >
-          > To change this setting, make sure the
-          > [`${experimentalFeature}` experimental feature](@docroot@/contributing/experimental-features.md#xp-feature-${experimentalFeature})
-          > is enabled.
-          > For example, include the following in [`nix.conf`](@docroot@/command-ref/conf-file.md):
-          >
-          > ```
-          > extra-experimental-features = ${experimentalFeature}
-          > ${setting} = ...
-          > ```
-        '';
-
-      showDefault = documentDefault: defaultValue:
-        if documentDefault then
-          # a StringMap value type is specified as a string, but
-          # this shows the value type. The empty stringmap is `null` in
-          # JSON, but that converts to `{ }` here.
-          if defaultValue == "" || defaultValue == [] || isAttrs defaultValue
-            then "*empty*"
-            else if isBool defaultValue then
-              if defaultValue then "`true`" else "`false`"
-            else "`${toString defaultValue}`"
-        else "*machine-specific*";
-
-      showAliases = aliases:
-          optionalString (aliases != [])
-            "**Deprecated alias:** ${(concatStringsSep ", " (map (s: "`${s}`") aliases))}";
-
-    in result;
-
-in concatStrings (attrValues (mapAttrs (showSetting prefix) settingsInfo))

doc/manual/generate-store-info.nix

@@ -1,57 +0,0 @@
-let
-  inherit (builtins) attrNames listToAttrs concatStringsSep readFile replaceStrings;
-  inherit (import <nix/utils.nix>) optionalString filterAttrs trim squash toLower unique indent;
-  showSettings = import <nix/generate-settings.nix>;
-in
-
-{
-  # data structure describing all stores and their parameters
-  storeInfo,
-  # whether to add inline HTML tags
-  # `lowdown` does not eat those for one of the output modes
-  inlineHTML,
-}:
-
-let
-
-  showStore = { name, slug }: { settings, doc, experimentalFeature }:
-    let
-      result = squash ''
-        # ${name}
-
-        ${experimentalFeatureNote}
-
-        ${doc}
-
-        ## Settings
-
-        ${showSettings { prefix = "store-${slug}"; inherit inlineHTML; } settings}
-      '';
-
-      experimentalFeatureNote = optionalString (experimentalFeature != null) ''
-        > **Warning**
-        >
-        > This store is part of an
-        > [experimental feature](@docroot@/contributing/experimental-features.md).
-        >
-        > To use this store, make sure the
-        > [`${experimentalFeature}` experimental feature](@docroot@/contributing/experimental-features.md#xp-feature-${experimentalFeature})
-        > is enabled.
-        > For example, include the following in [`nix.conf`](@docroot@/command-ref/conf-file.md):
-        >
-        > ```
-        > extra-experimental-features = ${experimentalFeature}
-        > ```
-      '';
-    in result;
-
-  storesList = map
-    (name: rec {
-      inherit name;
-      slug = replaceStrings [ " " ] [ "-" ] (toLower name);
-      filename = "${slug}.md";
-      page = showStore { inherit name slug; } storeInfo.${name};
-    })
-    (attrNames storeInfo);
-
-in storesList

doc/manual/generate-store-types.nix

@@ -1,39 +0,0 @@
-let
-  inherit (builtins) attrNames listToAttrs concatStringsSep readFile replaceStrings;
-  showSettings = import <nix/generate-settings.nix>;
-  showStoreDocs = import <nix/generate-store-info.nix>;
-in
-
-storeInfo:
-
-let
-  storesList = showStoreDocs {
-    inherit storeInfo;
-    inlineHTML = true;
-  };
-
-  index =
-    let
-      showEntry = store:
-        "- [${store.name}](./${store.filename})";
-    in
-    concatStringsSep "\n" (map showEntry storesList);
-
-  "index.md" = replaceStrings
-    [ "@store-types@" ] [ index ]
-    (readFile ./src/store/types/index.md.in);
-
-  tableOfContents =
-    let
-      showEntry = store:
-        "    - [${store.name}](store/types/${store.filename})";
-    in
-    concatStringsSep "\n" (map showEntry storesList) + "\n";
-
-  "SUMMARY.md" = tableOfContents;
-
-  storePages = listToAttrs
-    (map (s: { name = s.filename; value = s.page; }) storesList);
-
-in
-storePages // { inherit "index.md" "SUMMARY.md"; }

doc/manual/generate-xp-features-shortlist.nix

@@ -1,5 +1,5 @@
 with builtins;
-with import <nix/utils.nix>;
+with import ./utils.nix;
 
 let
   showExperimentalFeature = name: doc:

doc/manual/generate-xp-features.nix

@@ -1,5 +1,5 @@
 with builtins;
-with import <nix/utils.nix>;
+with import ./utils.nix;
 
 let
   showExperimentalFeature = name: doc:
@@ -8,6 +8,4 @@ let
 
       ${doc}
     '';
-in
-
-xps: (concatStringsSep "\n" (attrValues (mapAttrs showExperimentalFeature xps)))
+in xps: (concatStringsSep "\n" (attrValues (mapAttrs showExperimentalFeature xps)))

doc/manual/local.mk

@@ -1,7 +1,4 @@
-# The version of Nix used to generate the doc. Can also be
-# `$(nix_INSTALL_PATH)` or just `nix` (to grap ambient from the `PATH`),
-# if one prefers.
-doc_nix = $(nix_PATH)
+ifeq ($(doc_generate),yes)
 
 MANUAL_SRCS := \
 	$(call rwildcard, $(d)/src, *.md) \
@@ -27,7 +24,7 @@ man-pages += $(foreach subcommand, \
 clean-files += $(d)/*.1 $(d)/*.5 $(d)/*.8
 
 # Provide a dummy environment for nix, so that it will not access files outside the macOS sandbox.
-# Set cores to 0 because otherwise `nix config show` resolves the cores based on the current machine
+# Set cores to 0 because otherwise nix show-config resolves the cores based on the current machine
 dummy-env = env -i \
 	HOME=/dummy \
 	NIX_CONF_DIR=/dummy \
@@ -35,7 +32,7 @@ dummy-env = env -i \
 	NIX_STATE_DIR=/dummy \
 	NIX_CONFIG='cores = 0'
 
-nix-eval = $(dummy-env) $(doc_nix) eval --experimental-features nix-command -I nix=doc/manual --store dummy:// --impure --raw
+nix-eval = $(dummy-env) $(bindir)/nix eval --experimental-features nix-command -I nix/corepkgs=corepkgs --store dummy:// --impure --raw
 
 # re-implement mdBook's include directive to make it usable for terminal output and for proper @docroot@ substitution
 define process-includes
@@ -95,91 +92,64 @@ $(d)/nix-profiles.5: $(d)/src/command-ref/files/profiles.md
 	$(trace-gen) lowdown -sT man --nroff-nolinks -M section=5 $^.tmp -o $@
 	@rm $^.tmp
 
-$(d)/src/SUMMARY.md: $(d)/src/SUMMARY.md.in $(d)/src/SUMMARY-rl-next.md $(d)/src/store/types $(d)/src/command-ref/new-cli $(d)/src/contributing/experimental-feature-descriptions.md
+$(d)/src/SUMMARY.md: $(d)/src/SUMMARY.md.in $(d)/src/command-ref/new-cli $(d)/src/contributing/experimental-feature-descriptions.md
 	@cp $< $@
 	@$(call process-includes,$@,$@)
 
-$(d)/src/store/types: $(d)/nix.json $(d)/utils.nix $(d)/generate-store-info.nix  $(d)/generate-store-types.nix $(d)/src/store/types/index.md.in $(doc_nix)
-	@# FIXME: build out of tree!
-	@rm -rf $@.tmp
-	$(trace-gen) $(nix-eval) --write-to $@.tmp --expr 'import doc/manual/generate-store-types.nix (builtins.fromJSON (builtins.readFile $<)).stores'
-	@# do not destroy existing contents
-	@mv $@.tmp/* $@/
-
-$(d)/src/command-ref/new-cli: $(d)/nix.json $(d)/utils.nix $(d)/generate-manpage.nix $(d)/generate-settings.nix $(d)/generate-store-info.nix $(doc_nix)
+$(d)/src/command-ref/new-cli: $(d)/nix.json $(d)/utils.nix $(d)/generate-manpage.nix $(bindir)/nix
 	@rm -rf $@ $@.tmp
 	$(trace-gen) $(nix-eval) --write-to $@.tmp --expr 'import doc/manual/generate-manpage.nix true (builtins.readFile $<)'
 	@mv $@.tmp $@
 
-$(d)/src/command-ref/conf-file.md: $(d)/conf-file.json $(d)/utils.nix $(d)/generate-settings.nix $(d)/src/command-ref/conf-file-prefix.md $(d)/src/command-ref/experimental-features-shortlist.md $(doc_nix)
+$(d)/src/command-ref/conf-file.md: $(d)/conf-file.json $(d)/utils.nix $(d)/src/command-ref/conf-file-prefix.md $(d)/src/command-ref/experimental-features-shortlist.md $(bindir)/nix
 	@cat doc/manual/src/command-ref/conf-file-prefix.md > $@.tmp
-	$(trace-gen) $(nix-eval) --expr 'import doc/manual/generate-settings.nix { prefix = "conf"; } (builtins.fromJSON (builtins.readFile $<))' >> $@.tmp;
+	$(trace-gen) $(nix-eval) --expr '(import doc/manual/utils.nix).showSettings { inlineHTML = true; } (builtins.fromJSON (builtins.readFile $<))' >> $@.tmp;
 	@mv $@.tmp $@
 
-$(d)/nix.json: $(doc_nix)
-	$(trace-gen) $(dummy-env) $(doc_nix) __dump-cli > $@.tmp
+$(d)/nix.json: $(bindir)/nix
+	$(trace-gen) $(dummy-env) $(bindir)/nix __dump-cli > $@.tmp
 	@mv $@.tmp $@
 
-$(d)/conf-file.json: $(doc_nix)
-	$(trace-gen) $(dummy-env) $(doc_nix) config show --json --experimental-features nix-command > $@.tmp
+$(d)/conf-file.json: $(bindir)/nix
+	$(trace-gen) $(dummy-env) $(bindir)/nix show-config --json --experimental-features nix-command > $@.tmp
 	@mv $@.tmp $@
 
-$(d)/src/contributing/experimental-feature-descriptions.md: $(d)/xp-features.json $(d)/utils.nix $(d)/generate-xp-features.nix $(doc_nix)
+$(d)/src/contributing/experimental-feature-descriptions.md: $(d)/xp-features.json $(d)/utils.nix $(d)/generate-xp-features.nix $(bindir)/nix
 	@rm -rf $@ $@.tmp
 	$(trace-gen) $(nix-eval) --write-to $@.tmp --expr 'import doc/manual/generate-xp-features.nix (builtins.fromJSON (builtins.readFile $<))'
 	@mv $@.tmp $@
 
-$(d)/src/command-ref/experimental-features-shortlist.md: $(d)/xp-features.json $(d)/utils.nix $(d)/generate-xp-features-shortlist.nix $(doc_nix)
+$(d)/src/command-ref/experimental-features-shortlist.md: $(d)/xp-features.json $(d)/utils.nix $(d)/generate-xp-features-shortlist.nix $(bindir)/nix
 	@rm -rf $@ $@.tmp
 	$(trace-gen) $(nix-eval) --write-to $@.tmp --expr 'import doc/manual/generate-xp-features-shortlist.nix (builtins.fromJSON (builtins.readFile $<))'
 	@mv $@.tmp $@
 
-$(d)/xp-features.json: $(doc_nix)
-	$(trace-gen) $(dummy-env) $(doc_nix) __dump-xp-features > $@.tmp
+$(d)/xp-features.json: $(bindir)/nix
+	$(trace-gen) $(dummy-env) NIX_PATH=nix/corepkgs=corepkgs $(bindir)/nix __dump-xp-features > $@.tmp
 	@mv $@.tmp $@
 
-$(d)/src/language/builtins.md: $(d)/language.json $(d)/generate-builtins.nix $(d)/src/language/builtins-prefix.md $(doc_nix)
+$(d)/src/language/builtins.md: $(d)/language.json $(d)/generate-builtins.nix $(d)/src/language/builtins-prefix.md $(bindir)/nix
 	@cat doc/manual/src/language/builtins-prefix.md > $@.tmp
 	$(trace-gen) $(nix-eval) --expr 'import doc/manual/generate-builtins.nix (builtins.fromJSON (builtins.readFile $<)).builtins' >> $@.tmp;
 	@cat doc/manual/src/language/builtins-suffix.md >> $@.tmp
 	@mv $@.tmp $@
 
-$(d)/src/language/builtin-constants.md: $(d)/language.json $(d)/generate-builtin-constants.nix $(d)/src/language/builtin-constants-prefix.md $(doc_nix)
+$(d)/src/language/builtin-constants.md: $(d)/language.json $(d)/generate-builtin-constants.nix $(d)/src/language/builtin-constants-prefix.md $(bindir)/nix
 	@cat doc/manual/src/language/builtin-constants-prefix.md > $@.tmp
 	$(trace-gen) $(nix-eval) --expr 'import doc/manual/generate-builtin-constants.nix (builtins.fromJSON (builtins.readFile $<)).constants' >> $@.tmp;
 	@cat doc/manual/src/language/builtin-constants-suffix.md >> $@.tmp
 	@mv $@.tmp $@
 
-$(d)/language.json: $(doc_nix)
-	$(trace-gen) $(dummy-env) $(doc_nix) __dump-language > $@.tmp
+$(d)/language.json: $(bindir)/nix
+	$(trace-gen) $(dummy-env) NIX_PATH=nix/corepkgs=corepkgs $(bindir)/nix __dump-language > $@.tmp
 	@mv $@.tmp $@
 
-# Generate "Upcoming release" notes (or clear it and remove from menu)
-$(d)/src/release-notes/rl-next.md: $(d)/rl-next $(d)/rl-next/*
-	@if type -p changelog-d > /dev/null; then \
-		echo "  GEN   " $@; \
-		changelog-d doc/manual/rl-next > $@; \
-	else \
-		echo "  NULL  " $@; \
-		true > $@; \
-	fi
-
-$(d)/src/SUMMARY-rl-next.md: $(d)/src/release-notes/rl-next.md
-	$(trace-gen) true
-	@if [ -s $< ]; then \
-		echo '  - [Upcoming release](release-notes/rl-next.md)' > $@; \
-	else \
-	  true > $@; \
-	fi
-
 # Generate the HTML manual.
 .PHONY: manual-html
 manual-html: $(docdir)/manual/index.html
 install: $(docdir)/manual/index.html
 
 # Generate 'nix' manpages.
-.PHONY: manpages
-manpages: $(mandir)/man1/nix3-manpages
 install: $(mandir)/man1/nix3-manpages
 man: doc/manual/generated/man1/nix3-manpages
 all: doc/manual/generated/man1/nix3-manpages
@@ -203,18 +173,14 @@ doc/manual/generated/man1/nix3-manpages: $(d)/src/command-ref/new-cli
 	done
 	@touch $@
 
-# the `! -name 'contributing.md'` filter excludes the one place where
-# `@docroot@` is to be preserved for documenting the mechanism
-# FIXME: maybe contributing guides should live right next to the code
-# instead of in the manual
-$(docdir)/manual/index.html: $(MANUAL_SRCS) $(d)/book.toml $(d)/anchors.jq $(d)/custom.css $(d)/src/SUMMARY.md $(d)/src/store/types $(d)/src/command-ref/new-cli $(d)/src/contributing/experimental-feature-descriptions.md $(d)/src/command-ref/conf-file.md $(d)/src/language/builtins.md $(d)/src/language/builtin-constants.md $(d)/src/release-notes/rl-next.md
+$(docdir)/manual/index.html: $(MANUAL_SRCS) $(d)/book.toml $(d)/anchors.jq $(d)/custom.css $(d)/src/SUMMARY.md $(d)/src/command-ref/new-cli $(d)/src/contributing/experimental-feature-descriptions.md $(d)/src/command-ref/conf-file.md $(d)/src/language/builtins.md $(d)/src/language/builtin-constants.md $(d)/src/favicon.png $(d)/src/favicon.svg
 	$(trace-gen) \
 		tmp="$$(mktemp -d)"; \
 		cp -r doc/manual "$$tmp"; \
 		find "$$tmp" -name '*.md' | while read -r file; do \
 			$(call process-includes,$$file,$$file); \
 		done; \
-		find "$$tmp" -name '*.md' ! -name 'documentation.md' | while read -r file; do \
+		find "$$tmp" -name '*.md' | while read -r file; do \
 			docroot="$$(realpath --relative-to="$$(dirname "$$file")" $$tmp/manual/src)"; \
 			sed -i "s,@docroot@,$$docroot,g" "$$file"; \
 		done; \
@@ -225,3 +191,5 @@ $(docdir)/manual/index.html: $(MANUAL_SRCS) $(d)/book.toml $(d)/anchors.jq $(d)/
 	@rm -rf $(DESTDIR)$(docdir)/manual
 	@mv $(DESTDIR)$(docdir)/manual.tmp/html $(DESTDIR)$(docdir)/manual
 	@rm -rf $(DESTDIR)$(docdir)/manual.tmp
+
+endif

doc/manual/redirects.js

@@ -18,7 +18,7 @@ const redirects = {
     "chap-tuning-cores-and-jobs": "advanced-topics/cores-vs-jobs.html",
     "chap-diff-hook": "advanced-topics/diff-hook.html",
     "check-dirs-are-unregistered": "advanced-topics/diff-hook.html#check-dirs-are-unregistered",
-    "chap-distributed-builds": "command-ref/conf-file.html#conf-builders",
+    "chap-distributed-builds": "advanced-topics/distributed-builds.html",
     "chap-post-build-hook": "advanced-topics/post-build-hook.html",
     "chap-post-build-hook-caveats": "advanced-topics/post-build-hook.html#implementation-caveats",
     "chap-writing-nix-expressions": "language/index.html",
@@ -339,13 +339,14 @@ const redirects = {
     "simple-values": "#primitives",
     "lists": "#list",
     "strings": "#string",
+    "lists": "#list",
     "attribute-sets": "#attribute-set",
   },
   "installation/installing-binary.html": {
     "linux": "uninstall.html#linux",
     "macos": "uninstall.html#macos",
     "uninstalling": "uninstall.html",
-  },
+  }
   "contributing/hacking.html": {
     "nix-with-flakes": "#building-nix-with-flakes",
     "classic-nix": "#building-nix",
@@ -357,12 +358,7 @@ const redirects = {
     "installer-tests": "testing.html#installer-tests",
     "one-time-setup": "testing.html#one-time-setup",
     "using-the-ci-generated-installer-for-manual-testing": "testing.html#using-the-ci-generated-installer-for-manual-testing",
-    "characterization-testing": "#characterisation-testing-unit",
-  },
-  "glossary.html": {
-    "gloss-local-store": "store/types/local-store.html",
-    "gloss-chroot-store": "store/types/local-store.html",
-  },
+  }
 };
 
 // the following code matches the current page's URL against the set of redirects.

doc/manual/rl-next/better-errors-in-nix-repl.md

@@ -1,40 +0,0 @@
----
-synopsis: Concise error printing in `nix repl`
-prs: 9928
----
-
-Previously, if an element of a list or attribute set threw an error while
-evaluating, `nix repl` would print the entire error (including source location
-information) inline. This output was clumsy and difficult to parse:
-
-```
-nix-repl> { err = builtins.throw "uh oh!"; }
-{ err = «error:
-       … while calling the 'throw' builtin
-         at «string»:1:9:
-            1| { err = builtins.throw "uh oh!"; }
-             |         ^
-
-       error: uh oh!»; }
-```
-
-Now, only the error message is displayed, making the output much more readable.
-```
-nix-repl> { err = builtins.throw "uh oh!"; }
-{ err = «error: uh oh!»; }
-```
-
-However, if the whole expression being evaluated throws an error, source
-locations and (if applicable) a stack trace are printed, just like you'd expect:
-
-```
-nix-repl> builtins.throw "uh oh!"
-error:
-       … while calling the 'throw' builtin
-         at «string»:1:1:
-            1| builtins.throw "uh oh!"
-             | ^
-
-       error: uh oh!
-```
-

doc/manual/rl-next/config

@@ -1,2 +0,0 @@
-organization: NixOS
-repository: nix

doc/manual/rl-next/debugger-locals-for-let-expressions.md

@@ -1,9 +0,0 @@
----
-synopsis: "`--debugger` can now access bindings from `let` expressions"
-prs: 9918
-issues: 8827.
----
-
-Breakpoints and errors in the bindings of a `let` expression can now access
-those bindings in the debugger. Previously, only the body of `let` expressions
-could access those bindings.

doc/manual/rl-next/debugger-on-trace.md

@@ -1,9 +0,0 @@
----
-synopsis: Enter the `--debugger` when `builtins.trace` is called if `debugger-on-trace` is set
-prs: 9914
----
-
-If the `debugger-on-trace` option is set and `--debugger` is given,
-`builtins.trace` calls will behave similarly to `builtins.break` and will enter
-the debug REPL. This is useful for determining where warnings are being emitted
-from.

doc/manual/rl-next/debugger-positions.md

@@ -1,25 +0,0 @@
----
-synopsis: Debugger prints source position information
-prs: 9913
----
-
-The `--debugger` now prints source location information, instead of the
-pointers of source location information. Before:
-
-```
-nix-repl> :bt
-0: while evaluating the attribute 'python311.pythonForBuild.pkgs'
-0x600001522598
-```
-
-After:
-
-```
-0: while evaluating the attribute 'python311.pythonForBuild.pkgs'
-/nix/store/hg65h51xnp74ikahns9hyf3py5mlbbqq-source/overrides/default.nix:132:27
-
-   131|
-   132|       bootstrappingBase = pkgs.${self.python.pythonAttr}.pythonForBuild.pkgs;
-      |                           ^
-   133|     in
-```

doc/manual/rl-next/enter-debugger-more-reliably-in-let-and-calls.md

@@ -1,25 +0,0 @@
----
-synopsis: The `--debugger` will start more reliably in `let` expressions and function calls
-prs: 9917
-issues: 6649
----
-
-Previously, if you attempted to evaluate this file with the debugger:
-
-```nix
-let
-  a = builtins.trace "before inner break" (
-    builtins.break "hello"
-  );
-  b = builtins.trace "before outer break" (
-    builtins.break a
-  );
-in
-  b
-```
-
-Nix would correctly enter the debugger at `builtins.break a`, but if you asked
-it to `:continue`, it would skip over the `builtins.break "hello"` expression
-entirely.
-
-Now, Nix will correctly enter the debugger at both breakpoints.

doc/manual/rl-next/harden-user-sandboxing.md

@@ -0,0 +1,8 @@
+---
+synopsis: Harden the user sandboxing
+significance: significant
+issues:
+prs: <only provided once merged>
+---
+
+The build directory has been hardened against interference with the outside world by nesting it inside another directory owned by (and only readable by) the daemon user.

doc/manual/rl-next/lambda-printing.md

@@ -1,50 +0,0 @@
----
-synopsis: Functions are printed with more detail
-prs: 9606
-issues: 7145
----
-
-Functions and `builtins` are printed with more detail in `nix repl`, `nix
-eval`, `builtins.trace`, and most other places values are printed.
-
-Before:
-
-```
-$ nix repl nixpkgs
-nix-repl> builtins.map
-«primop»
-
-nix-repl> builtins.map lib.id
-«primop-app»
-
-nix-repl> builtins.trace lib.id "my-value"
-trace: <LAMBDA>
-"my-value"
-
-$ nix eval --file functions.nix
-{ id = <LAMBDA>; primop = <PRIMOP>; primop-app = <PRIMOP-APP>; }
-```
-
-After:
-
-```
-$ nix repl nixpkgs
-nix-repl> builtins.map
-«primop map»
-
-nix-repl> builtins.map lib.id
-«partially applied primop map»
-
-nix-repl> builtins.trace lib.id "my-value"
-trace: «lambda id @ /nix/store/8rrzq23h2zq7sv5l2vhw44kls5w0f654-source/lib/trivial.nix:26:5»
-"my-value"
-
-$ nix eval --file functions.nix
-{ id = «lambda id @ /Users/wiggles/nix/functions.nix:2:8»; primop = «primop map»; primop-app = «partially applied primop map»; }
-```
-
-This was actually released in Nix 2.20, but wasn't added to the release notes
-so we're announcing it here. The historical release notes have been updated as well.
-
-[type-error]: https://github.com/NixOS/nix/pull/9753
-[coercion-error]: https://github.com/NixOS/nix/pull/9754

doc/manual/rl-next/more-commands-respect-ctrl-c.md

@@ -1,13 +0,0 @@
----
-synopsis: Nix commands respect Ctrl-C
-prs: 9687 6995
-issues: 7245
----
-
-Previously, many Nix commands would hang indefinitely if Ctrl-C was pressed
-while performing various operations (including `nix develop`, `nix flake
-update`, and so on). With several fixes to Nix's signal handlers, Nix commands
-will now exit quickly after Ctrl-C is pressed.
-
-This was actually released in Nix 2.20, but wasn't added to the release notes
-so we're announcing it here. The historical release notes have been updated as well.

doc/manual/rl-next/pretty-print-in-nix-repl.md

@@ -1,24 +0,0 @@
----
-synopsis: "`nix repl` pretty-prints values"
-prs: 9931
----
-
-`nix repl` will now pretty-print values:
-
-```
-{
-  attrs = {
-    a = {
-      b = {
-        c = { };
-      };
-    };
-  };
-  list = [ 1 ];
-  list' = [
-    1
-    2
-    3
-  ];
-}
-```

doc/manual/rl-next/reduce-debugger-clutter.md

@@ -1,37 +0,0 @@
----
-synopsis: "Visual clutter in `--debugger` is reduced"
-prs: 9919
----
-
-Before:
-```
-info: breakpoint reached
-
-
-Starting REPL to allow you to inspect the current state of the evaluator.
-
-Welcome to Nix 2.20.0pre20231222_dirty. Type :? for help.
-
-nix-repl> :continue
-error: uh oh
-
-
-Starting REPL to allow you to inspect the current state of the evaluator.
-
-Welcome to Nix 2.20.0pre20231222_dirty. Type :? for help.
-
-nix-repl>
-```
-
-After:
-
-```
-info: breakpoint reached
-
-Nix 2.20.0pre20231222_dirty debugger
-Type :? for help.
-nix-repl> :continue
-error: uh oh
-
-nix-repl>
-```

doc/manual/rl-next/repl-ctrl-c-while-printing.md

@@ -1,8 +0,0 @@
----
-synopsis: "`nix repl` now respects Ctrl-C while printing values"
-prs: 9927
----
-
-`nix repl` will now halt immediately when Ctrl-C is pressed while it's printing
-a value. This is useful if you got curious about what would happen if you
-printed all of Nixpkgs.

doc/manual/rl-next/repl-cycle-detection.md

@@ -1,22 +0,0 @@
----
-synopsis: Cycle detection in `nix repl` is simpler and more reliable
-prs: 9926
-issues: 8672
----
-
-The cycle detection in `nix repl`, `nix eval`, `builtins.trace`, and everywhere
-else values are printed is now simpler and matches the cycle detection in
-`nix-instantiate --eval` output.
-
-Before:
-
-```
-nix eval --expr 'let self = { inherit self; }; in self'
-{ self = { self = «repeated»; }; }
-```
-
-After:
-
-```
-{ self = «repeated»; }
-```

doc/manual/rl-next/stack-size-macos.md

@@ -1,9 +0,0 @@
----
-synopsis: Stack size is increased on macOS
-prs: 9860
----
-
-Previously, Nix would set the stack size to 64MiB on Linux, but would leave the
-stack size set to the default (approximately 8KiB) on macOS. Now, the stack
-size is correctly set to 64MiB on macOS as well, which should reduce stack
-overflow segfaults in deeply-recursive Nix expressions.

doc/manual/src/SUMMARY.md.in

@@ -2,7 +2,7 @@
 
 - [Introduction](introduction.md)
 - [Quick Start](quick-start.md)
-- [Installation](installation/index.md)
+- [Installation](installation/installation.md)
   - [Supported Platforms](installation/supported-platforms.md)
   - [Installing a Binary Distribution](installation/installing-binary.md)
   - [Installing Nix from Source](installation/installing-source.md)
@@ -16,38 +16,31 @@
   - [Environment Variables](installation/env-variables.md)
   - [Upgrading Nix](installation/upgrading.md)
   - [Uninstalling Nix](installation/uninstall.md)
-- [Nix Store](store/index.md)
-  - [File System Object](store/file-system-object.md)
-  - [Store Object](store/store-object.md)
-  - [Store Path](store/store-path.md)
-  - [Store Types](store/types/index.md)
-{{#include ./store/types/SUMMARY.md}}
-- [Nix Language](language/index.md)
-  - [Data Types](language/values.md)
-  - [Language Constructs](language/constructs.md)
-    - [String interpolation](language/string-interpolation.md)
-    - [Lookup path](language/constructs/lookup-path.md)
-  - [Operators](language/operators.md)
-  - [Derivations](language/derivations.md)
-    - [Advanced Attributes](language/advanced-attributes.md)
-    - [Import From Derivation](language/import-from-derivation.md)
-  - [Built-in Constants](language/builtin-constants.md)
-  - [Built-in Functions](language/builtins.md)
-- [Package Management](package-management/index.md)
+- [Package Management](package-management/package-management.md)
+  - [Basic Package Management](package-management/basic-package-mgmt.md)
   - [Profiles](package-management/profiles.md)
   - [Garbage Collection](package-management/garbage-collection.md)
     - [Garbage Collector Roots](package-management/garbage-collector-roots.md)
-- [Advanced Topics](advanced-topics/index.md)
   - [Sharing Packages Between Machines](package-management/sharing-packages.md)
     - [Serving a Nix store via HTTP](package-management/binary-cache-substituter.md)
     - [Copying Closures via SSH](package-management/copy-closure.md)
     - [Serving a Nix store via SSH](package-management/ssh-substituter.md)
     - [Serving a Nix store via S3](package-management/s3-substituter.md)
+- [Nix Language](language/index.md)
+  - [Data Types](language/values.md)
+  - [Language Constructs](language/constructs.md)
+    - [String interpolation](language/string-interpolation.md)
+  - [Operators](language/operators.md)
+  - [Derivations](language/derivations.md)
+    - [Advanced Attributes](language/advanced-attributes.md)
+  - [Built-in Constants](language/builtin-constants.md)
+  - [Built-in Functions](language/builtins.md)
+- [Advanced Topics](advanced-topics/advanced-topics.md)
   - [Remote Builds](advanced-topics/distributed-builds.md)
   - [Tuning Cores and Jobs](advanced-topics/cores-vs-jobs.md)
   - [Verifying Build Reproducibility](advanced-topics/diff-hook.md)
   - [Using the `post-build-hook`](advanced-topics/post-build-hook.md)
-- [Command Reference](command-ref/index.md)
+- [Command Reference](command-ref/command-ref.md)
   - [Common Options](command-ref/opt-common.md)
   - [Common Environment Variables](command-ref/env-common.md)
   - [Main Commands](command-ref/main-commands.md)
@@ -104,25 +97,18 @@
     - [Channels](command-ref/files/channels.md)
     - [Default Nix expression](command-ref/files/default-nix-expression.md)
 - [Architecture and Design](architecture/architecture.md)
-- [Formats and Protocols](protocols/index.md)
-  - [JSON Formats](protocols/json/index.md)
-    - [Store Object Info](protocols/json/store-object-info.md)
-    - [Derivation](protocols/json/derivation.md)
+  - [File System Object](architecture/file-system-object.md)
+- [Protocols](protocols/protocols.md)
   - [Serving Tarball Flakes](protocols/tarball-fetcher.md)
-  - [Store Path Specification](protocols/store-path.md)
   - [Derivation "ATerm" file format](protocols/derivation-aterm.md)
 - [Glossary](glossary.md)
-- [Contributing](contributing/index.md)
+- [Contributing](contributing/contributing.md)
   - [Hacking](contributing/hacking.md)
   - [Testing](contributing/testing.md)
-  - [Documentation](contributing/documentation.md)
   - [Experimental Features](contributing/experimental-features.md)
   - [CLI guideline](contributing/cli-guideline.md)
   - [C++ style guide](contributing/cxx.md)
-- [Release Notes](release-notes/index.md)
-{{#include ./SUMMARY-rl-next.md}}
-  - [Release 2.20 (2024-01-29)](release-notes/rl-2.20.md)
-  - [Release 2.19 (2023-11-17)](release-notes/rl-2.19.md)
+- [Release Notes](release-notes/release-notes.md)
   - [Release 2.18 (2023-09-20)](release-notes/rl-2.18.md)
   - [Release 2.17 (2023-07-24)](release-notes/rl-2.17.md)
   - [Release 2.16 (2023-05-31)](release-notes/rl-2.16.md)

doc/manual/src/_redirects

@@ -13,29 +13,18 @@
 # conventions:
 # - always force (<CODE>!) since this allows re-using file names
 # - group related paths to ease readability
-# - keep in alphabetical/wildcards-last order, which will reduce version control conflicts
+# - always append new redirects to the end of the file
 # - redirects that should have been there but are missing can be inserted where they belong
 
-/advanced-topics/advanced-topics /advanced-topics 301!
-
-/command-ref/command-ref /command-ref 301!
-
-/contributing/contributing /contributing 301!
-
 /expressions/expression-language /language/ 301!
+/expressions/language-values /language/values 301!
 /expressions/language-constructs /language/constructs 301!
 /expressions/language-operators /language/operators 301!
-/expressions/language-values /language/values 301!
 /expressions/* /language/:splat 301!
 
-/installation/installation /installation 301!
-
 /package-management/basic-package-mgmt /command-ref/nix-env 301!
-/package-management/channels /command-ref/nix-channel 301!
-/package-management/package-management /package-management 301!
-/package-management/s3-substituter /store/types/s3-binary-cache-store 301!
 
-/protocols/protocols /protocols 301!
-/json/* /protocols/json/:splat 301!
+/package-management/channels* /command-ref/nix-channel 301!
+
+/package-management/s3-substituter* /command-ref/new-cli/nix3-help-stores#s3-binary-cache-store 301!
 
-/release-notes/release-notes /release-notes 301!

doc/manual/src/advanced-topics/distributed-builds.md

@@ -12,14 +12,14 @@ machine is accessible via SSH and that it has Nix installed. You can
 test whether connecting to the remote Nix instance works, e.g.
 
 ```console
-$ nix store info --store ssh://mac
+$ nix store ping --store ssh://mac
 ```
 
 will try to connect to the machine named `mac`. It is possible to
 specify an SSH identity file as part of the remote store URI, e.g.
 
 ```console
-$ nix store info --store ssh://mac?ssh-key=/home/alice/my-key
+$ nix store ping --store ssh://mac?ssh-key=/home/alice/my-key
 ```
 
 Since builds should be non-interactive, the key should not have a
@@ -36,8 +36,16 @@ error: cannot connect to 'mac'
 then you need to ensure that the `PATH` of non-interactive login shells
 contains Nix.
 
-The [list of remote build machines](@docroot@/command-ref/conf-file.md#conf-builders) can be specified on the command line or in the Nix configuration file.
-For example, the following command allows you to build a derivation for `x86_64-darwin` on a Linux machine:
+> **Warning**
+>
+> If you are building via the Nix daemon, it is the Nix daemon user account (that is, `root`) that should have SSH access to a user (not necessarily `root`) on the remote machine.
+>
+> If you can’t or don’t want to configure `root` to be able to access the remote machine, you can use a private Nix store instead by passing e.g. `--store ~/my-nix` when running a Nix command from the local machine.
+
+The list of remote machines can be specified on the command line or in
+the Nix configuration file. The former is convenient for testing. For
+example, the following command allows you to build a derivation for
+`x86_64-darwin` on a Linux machine:
 
 ```console
 $ uname
@@ -52,20 +60,97 @@ $ cat ./result
 Darwin
 ```
 
-It is possible to specify multiple build machines separated by a semicolon or a newline, e.g.
+It is possible to specify multiple builders separated by a semicolon or
+a newline, e.g.
 
 ```console
   --builders 'ssh://mac x86_64-darwin ; ssh://beastie x86_64-freebsd'
 ```
 
-Remote build machines can also be configured in [`nix.conf`](@docroot@/command-ref/conf-file.md), e.g.
+Each machine specification consists of the following elements, separated
+by spaces. Only the first element is required. To leave a field at its
+default, set it to `-`.
+
+1.  The URI of the remote store in the format
+    `ssh://[username@]hostname`, e.g. `ssh://nix@mac` or `ssh://mac`.
+    For backward compatibility, `ssh://` may be omitted. The hostname
+    may be an alias defined in your `~/.ssh/config`.
+
+2.  A comma-separated list of Nix platform type identifiers, such as
+    `x86_64-darwin`. It is possible for a machine to support multiple
+    platform types, e.g., `i686-linux,x86_64-linux`. If omitted, this
+    defaults to the local platform type.
+
+3.  The SSH identity file to be used to log in to the remote machine. If
+    omitted, SSH will use its regular identities.
+
+4.  The maximum number of builds that Nix will execute in parallel on
+    the machine. Typically this should be equal to the number of CPU
+    cores. For instance, the machine `itchy` in the example will execute
+    up to 8 builds in parallel.
+
+5.  The “speed factor”, indicating the relative speed of the machine. If
+    there are multiple machines of the right type, Nix will prefer the
+    fastest, taking load into account.
+
+6.  A comma-separated list of *supported features*. If a derivation has
+    the `requiredSystemFeatures` attribute, then Nix will only perform
+    the derivation on a machine that has the specified features. For
+    instance, the attribute
+
+    ```nix
+    requiredSystemFeatures = [ "kvm" ];
+    ```
+
+    will cause the build to be performed on a machine that has the `kvm`
+    feature.
+
+7.  A comma-separated list of *mandatory features*. A machine will only
+    be used to build a derivation if all of the machine’s mandatory
+    features appear in the derivation’s `requiredSystemFeatures`
+    attribute.
+
+8.  The (base64-encoded) public host key of the remote machine. If omitted, SSH
+    will use its regular known-hosts file. Specifically, the field is calculated
+    via `base64 -w0 /etc/ssh/ssh_host_ed25519_key.pub`.
+
+For example, the machine specification
+
+    nix@scratchy.labs.cs.uu.nl  i686-linux      /home/nix/.ssh/id_scratchy_auto        8 1 kvm
+    nix@itchy.labs.cs.uu.nl     i686-linux      /home/nix/.ssh/id_scratchy_auto        8 2
+    nix@poochie.labs.cs.uu.nl   i686-linux      /home/nix/.ssh/id_scratchy_auto        1 2 kvm benchmark
+
+specifies several machines that can perform `i686-linux` builds.
+However, `poochie` will only do builds that have the attribute
+
+```nix
+requiredSystemFeatures = [ "benchmark" ];
+```
+
+or
+
+```nix
+requiredSystemFeatures = [ "benchmark" "kvm" ];
+```
+
+`itchy` cannot do builds that require `kvm`, but `scratchy` does support
+such builds. For regular builds, `itchy` will be preferred over
+`scratchy` because it has a higher speed factor.
+
+Remote builders can also be configured in `nix.conf`, e.g.
 
     builders = ssh://mac x86_64-darwin ; ssh://beastie x86_64-freebsd
 
-Finally, remote build machines can be configured in a separate configuration
-file included in `builders` via the syntax `@/path/to/file`. For example,
+Finally, remote builders can be configured in a separate configuration
+file included in `builders` via the syntax `@file`. For example,
 
     builders = @/etc/nix/machines
 
-causes the list of machines in `/etc/nix/machines` to be included.
-(This is the default.)
+causes the list of machines in `/etc/nix/machines` to be included. (This
+is the default.)
+
+If you want the builders to use caches, you likely want to set the
+option `builders-use-substitutes` in your local `nix.conf`.
+
+To build only on remote builders and disable building on the local
+machine, you can use the option `--max-jobs 0`.

doc/manual/src/advanced-topics/post-build-hook.md

@@ -17,8 +17,9 @@ the build loop.
 
 # Prerequisites
 
-This tutorial assumes you have configured an [S3-compatible binary cache](@docroot@/command-ref/new-cli/nix3-help-stores.md#s3-binary-cache-store) as a [substituter](../command-ref/conf-file.md#conf-substituters),
-and that the `root` user's default AWS profile can upload to the bucket.
+This tutorial assumes you have [configured an S3-compatible binary
+cache](../package-management/s3-substituter.md), and that the `root`
+user's default AWS profile can upload to the bucket.
 
 # Set up a Signing Key
 
@@ -68,8 +69,6 @@ exec nix copy --to "s3://example-nix-cache" $OUT_PATHS
 > store sign`. Nix guarantees the paths will not contain any spaces,
 > however a store path might contain glob characters. The `set -f`
 > disables globbing in the shell.
-> If you want to upload the `.drv` file too, the `$DRV_PATH` variable
-> is also defined for the script and works just like `$OUT_PATHS`.
 
 Then make sure the hook program is executable by the `root` user:
 

doc/manual/src/architecture/architecture.md

@@ -52,18 +52,17 @@ The following [concept map] shows its main components (rectangles), the objects
                                             '---------------'
 ```
 
-At the top is the [command line interface](../command-ref/index.md) that drives the underlying layers.
+At the top is the [command line interface](../command-ref/command-ref.md) that drives the underlying layers.
 
 The [Nix language](../language/index.md) evaluator transforms Nix expressions into self-contained *build plans*, which are used to derive *build results* from referenced *build inputs*.
 
 The command line interface and Nix expressions are what users deal with most.
 
 > **Note**
->
 > The Nix language itself does not have a notion of *packages* or *configurations*.
 > As far as we are concerned here, the inputs and results of a build plan are just data.
 
-Underlying the command line interface and the Nix language evaluator is the [Nix store](../store/index.md), a mechanism to keep track of build plans, data, and references between them.
+Underlying the command line interface and the Nix language evaluator is the [Nix store](../glossary.md#gloss-store), a mechanism to keep track of build plans, data, and references between them.
 It can also execute build plans to produce new data, which are made available to the operating system as files.
 
 A build plan itself is a series of *build tasks*, together with their build inputs.

doc/manual/src/command-ref/env-common.md

@@ -2,124 +2,109 @@
 
 Most Nix commands interpret the following environment variables:
 
-- <span id="env-IN_NIX_SHELL">[`IN_NIX_SHELL`](#env-IN_NIX_SHELL)</span>
+  - <span id="env-IN_NIX_SHELL">[`IN_NIX_SHELL`](#env-IN_NIX_SHELL)</span>\
+    Indicator that tells if the current environment was set up by
+    `nix-shell`. It can have the values `pure` or `impure`.
 
-  Indicator that tells if the current environment was set up by
-  `nix-shell`. It can have the values `pure` or `impure`.
+  - <span id="env-NIX_PATH">[`NIX_PATH`](#env-NIX_PATH)</span>\
+    A colon-separated list of directories used to look up the location of Nix
+    expressions using [paths](@docroot@/language/values.md#type-path)
+    enclosed in angle brackets (i.e., `<path>`),
+    e.g. `/home/eelco/Dev:/etc/nixos`. It can be extended using the
+    [`-I` option](@docroot@/command-ref/opt-common.md#opt-I).
 
-- <span id="env-NIX_PATH">[`NIX_PATH`](#env-NIX_PATH)</span>
+    If `NIX_PATH` is not set at all, Nix will fall back to the following list in [impure](@docroot@/command-ref/conf-file.md#conf-pure-eval) and [unrestricted](@docroot@/command-ref/conf-file.md#conf-restrict-eval) evaluation mode:
 
-  A colon-separated list of directories used to look up the location of Nix
-  expressions using [paths](@docroot@/language/values.md#type-path)
-  enclosed in angle brackets (i.e., `<path>`),
-  e.g. `/home/eelco/Dev:/etc/nixos`. It can be extended using the
-  [`-I` option](@docroot@/command-ref/opt-common.md#opt-I).
+      1. `$HOME/.nix-defexpr/channels`
+      2. `nixpkgs=/nix/var/nix/profiles/per-user/root/channels/nixpkgs`
+      3. `/nix/var/nix/profiles/per-user/root/channels`
 
-  If `NIX_PATH` is not set at all, Nix will fall back to the following list in [impure](@docroot@/command-ref/conf-file.md#conf-pure-eval) and [unrestricted](@docroot@/command-ref/conf-file.md#conf-restrict-eval) evaluation mode:
+    If `NIX_PATH` is set to an empty string, resolving search paths will always fail.
+    For example, attempting to use `<nixpkgs>` will produce:
 
-  1. `$HOME/.nix-defexpr/channels`
-  2. `nixpkgs=/nix/var/nix/profiles/per-user/root/channels/nixpkgs`
-  3. `/nix/var/nix/profiles/per-user/root/channels`
+        error: file 'nixpkgs' was not found in the Nix search path
 
-  If `NIX_PATH` is set to an empty string, resolving search paths will always fail.
-  For example, attempting to use `<nixpkgs>` will produce:
+  - <span id="env-NIX_IGNORE_SYMLINK_STORE">[`NIX_IGNORE_SYMLINK_STORE`](#env-NIX_IGNORE_SYMLINK_STORE)</span>\
+    Normally, the Nix store directory (typically `/nix/store`) is not
+    allowed to contain any symlink components. This is to prevent
+    “impure” builds. Builders sometimes “canonicalise” paths by
+    resolving all symlink components. Thus, builds on different machines
+    (with `/nix/store` resolving to different locations) could yield
+    different results. This is generally not a problem, except when
+    builds are deployed to machines where `/nix/store` resolves
+    differently. If you are sure that you’re not going to do that, you
+    can set `NIX_IGNORE_SYMLINK_STORE` to `1`.
 
-      error: file 'nixpkgs' was not found in the Nix search path
+    Note that if you’re symlinking the Nix store so that you can put it
+    on another file system than the root file system, on Linux you’re
+    better off using `bind` mount points, e.g.,
 
-- <span id="env-NIX_IGNORE_SYMLINK_STORE">[`NIX_IGNORE_SYMLINK_STORE`](#env-NIX_IGNORE_SYMLINK_STORE)</span>
+    ```console
+    $ mkdir /nix
+    $ mount -o bind /mnt/otherdisk/nix /nix
+    ```
 
-  Normally, the Nix store directory (typically `/nix/store`) is not
-  allowed to contain any symlink components. This is to prevent
-  “impure” builds. Builders sometimes “canonicalise” paths by
-  resolving all symlink components. Thus, builds on different machines
-  (with `/nix/store` resolving to different locations) could yield
-  different results. This is generally not a problem, except when
-  builds are deployed to machines where `/nix/store` resolves
-  differently. If you are sure that you’re not going to do that, you
-  can set `NIX_IGNORE_SYMLINK_STORE` to `1`.
+    Consult the mount 8 manual page for details.
 
-  Note that if you’re symlinking the Nix store so that you can put it
-  on another file system than the root file system, on Linux you’re
-  better off using `bind` mount points, e.g.,
+  - <span id="env-NIX_STORE_DIR">[`NIX_STORE_DIR`](#env-NIX_STORE_DIR)</span>\
+    Overrides the location of the Nix store (default `prefix/store`).
 
-  ```console
-  $ mkdir /nix
-  $ mount -o bind /mnt/otherdisk/nix /nix
-  ```
+  - <span id="env-NIX_DATA_DIR">[`NIX_DATA_DIR`](#env-NIX_DATA_DIR)</span>\
+    Overrides the location of the Nix static data directory (default
+    `prefix/share`).
 
-  Consult the mount 8 manual page for details.
+  - <span id="env-NIX_LOG_DIR">[`NIX_LOG_DIR`](#env-NIX_LOG_DIR)</span>\
+    Overrides the location of the Nix log directory (default
+    `prefix/var/log/nix`).
 
-- <span id="env-NIX_STORE_DIR">[`NIX_STORE_DIR`](#env-NIX_STORE_DIR)</span>
+  - <span id="env-NIX_STATE_DIR">[`NIX_STATE_DIR`](#env-NIX_STATE_DIR)</span>\
+    Overrides the location of the Nix state directory (default
+    `prefix/var/nix`).
 
-  Overrides the location of the Nix store (default `prefix/store`).
+  - <span id="env-NIX_CONF_DIR">[`NIX_CONF_DIR`](#env-NIX_CONF_DIR)</span>\
+    Overrides the location of the system Nix configuration directory
+    (default `prefix/etc/nix`).
 
-- <span id="env-NIX_DATA_DIR">[`NIX_DATA_DIR`](#env-NIX_DATA_DIR)</span>
+  - <span id="env-NIX_CONFIG">[`NIX_CONFIG`](#env-NIX_CONFIG)</span>\
+    Applies settings from Nix configuration from the environment.
+    The content is treated as if it was read from a Nix configuration file.
+    Settings are separated by the newline character.
 
-  Overrides the location of the Nix static data directory (default
-  `prefix/share`).
+  - <span id="env-NIX_USER_CONF_FILES">[`NIX_USER_CONF_FILES`](#env-NIX_USER_CONF_FILES)</span>\
+    Overrides the location of the Nix user configuration files to load from.
 
-- <span id="env-NIX_LOG_DIR">[`NIX_LOG_DIR`](#env-NIX_LOG_DIR)</span>
+    The default are the locations according to the [XDG Base Directory Specification].
+    See the [XDG Base Directories](#xdg-base-directories) sub-section for details.
 
-  Overrides the location of the Nix log directory (default
-  `prefix/var/log/nix`).
+    The variable is treated as a list separated by the `:` token.
 
-- <span id="env-NIX_STATE_DIR">[`NIX_STATE_DIR`](#env-NIX_STATE_DIR)</span>
+  - <span id="env-TMPDIR">[`TMPDIR`](#env-TMPDIR)</span>\
+    Use the specified directory to store temporary files. In particular,
+    this includes temporary build directories; these can take up
+    substantial amounts of disk space. The default is `/tmp`.
 
-  Overrides the location of the Nix state directory (default
-  `prefix/var/nix`).
+  - <span id="env-NIX_REMOTE">[`NIX_REMOTE`](#env-NIX_REMOTE)</span>\
+    This variable should be set to `daemon` if you want to use the Nix
+    daemon to execute Nix operations. This is necessary in [multi-user
+    Nix installations](@docroot@/installation/multi-user.md). If the Nix
+    daemon's Unix socket is at some non-standard path, this variable
+    should be set to `unix://path/to/socket`. Otherwise, it should be
+    left unset.
 
-- <span id="env-NIX_CONF_DIR">[`NIX_CONF_DIR`](#env-NIX_CONF_DIR)</span>
+  - <span id="env-NIX_SHOW_STATS">[`NIX_SHOW_STATS`](#env-NIX_SHOW_STATS)</span>\
+    If set to `1`, Nix will print some evaluation statistics, such as
+    the number of values allocated.
 
-  Overrides the location of the system Nix configuration directory
-  (default `prefix/etc/nix`).
+  - <span id="env-NIX_COUNT_CALLS">[`NIX_COUNT_CALLS`](#env-NIX_COUNT_CALLS)</span>\
+    If set to `1`, Nix will print how often functions were called during
+    Nix expression evaluation. This is useful for profiling your Nix
+    expressions.
 
-- <span id="env-NIX_CONFIG">[`NIX_CONFIG`](#env-NIX_CONFIG)</span>
-
-  Applies settings from Nix configuration from the environment.
-  The content is treated as if it was read from a Nix configuration file.
-  Settings are separated by the newline character.
-
-- <span id="env-NIX_USER_CONF_FILES">[`NIX_USER_CONF_FILES`](#env-NIX_USER_CONF_FILES)</span>
-
-  Overrides the location of the Nix user configuration files to load from.
-
-  The default are the locations according to the [XDG Base Directory Specification].
-  See the [XDG Base Directories](#xdg-base-directories) sub-section for details.
-
-  The variable is treated as a list separated by the `:` token.
-
-- <span id="env-TMPDIR">[`TMPDIR`](#env-TMPDIR)</span>
-
-  Use the specified directory to store temporary files. In particular,
-  this includes temporary build directories; these can take up
-  substantial amounts of disk space. The default is `/tmp`.
-
-- <span id="env-NIX_REMOTE">[`NIX_REMOTE`](#env-NIX_REMOTE)</span>
-
-  This variable should be set to `daemon` if you want to use the Nix
-  daemon to execute Nix operations. This is necessary in [multi-user
-  Nix installations](@docroot@/installation/multi-user.md). If the Nix
-  daemon's Unix socket is at some non-standard path, this variable
-  should be set to `unix://path/to/socket`. Otherwise, it should be
-  left unset.
-
-- <span id="env-NIX_SHOW_STATS">[`NIX_SHOW_STATS`](#env-NIX_SHOW_STATS)</span>
-
-  If set to `1`, Nix will print some evaluation statistics, such as
-  the number of values allocated.
-
-- <span id="env-NIX_COUNT_CALLS">[`NIX_COUNT_CALLS`](#env-NIX_COUNT_CALLS)</span>
-
-  If set to `1`, Nix will print how often functions were called during
-  Nix expression evaluation. This is useful for profiling your Nix
-  expressions.
-
-- <span id="env-GC_INITIAL_HEAP_SIZE">[`GC_INITIAL_HEAP_SIZE`](#env-GC_INITIAL_HEAP_SIZE)</span>
-
-  If Nix has been configured to use the Boehm garbage collector, this
-  variable sets the initial size of the heap in bytes. It defaults to
-  384 MiB. Setting it to a low value reduces memory consumption, but
-  will increase runtime due to the overhead of garbage collection.
+  - <span id="env-GC_INITIAL_HEAP_SIZE">[`GC_INITIAL_HEAP_SIZE`](#env-GC_INITIAL_HEAP_SIZE)</span>\
+    If Nix has been configured to use the Boehm garbage collector, this
+    variable sets the initial size of the heap in bytes. It defaults to
+    384 MiB. Setting it to a low value reduces memory consumption, but
+    will increase runtime due to the overhead of garbage collection.
 
 ## XDG Base Directories
 

doc/manual/src/command-ref/nix-collect-garbage.md

@@ -51,7 +51,7 @@ These options are for deleting old [profiles] prior to deleting unreachable [sto
 - <span id="opt-delete-old">[`--delete-old`](#opt-delete-old)</span> / `-d`\
   Delete all old generations of profiles.
 
-  This is the equivalent of invoking [`nix-env --delete-generations old`](@docroot@/command-ref/nix-env/delete-generations.md#generations-old) on each found profile.
+  This is the equivalent of invoking `nix-env --delete-generations old` on each found profile.
 
 - <span id="opt-delete-older-than">[`--delete-older-than`](#opt-delete-older-than)</span> *period*\
   Delete all generations of profiles older than the specified amount (except for the generations that were active at that point in time).

doc/manual/src/command-ref/nix-env/delete-generations.md

@@ -12,13 +12,13 @@ This operation deletes the specified generations of the current profile.
 
 *generations* can be a one of the following:
 
-- <span id="generations-list">[`<number>...`](#generations-list)</span>:\
+- <span id="generations-list">`<number>...`</span>:\
   A list of generation numbers, each one a separate command-line argument.
 
   Delete exactly the profile generations given by their generation number.
   Deleting the current generation is not allowed.
 
-- <span id="generations-old">[The special value `old`](#generations-old)</span>
+- The special value <span id="generations-old">`old`</span>
 
   Delete all generations except the current one.
 
@@ -30,7 +30,7 @@ This operation deletes the specified generations of the current profile.
   > Because one can roll back to a previous generation, it is possible to have generations newer than the current one.
   > They will also be deleted.
 
-- <span id="generations-time">[`<number>d`](#generations-time)</span>:\
+- <span id="generations-time">`<number>d`</span>:\
   The last *number* days
 
   *Example*: `30d`
@@ -38,7 +38,7 @@ This operation deletes the specified generations of the current profile.
   Delete all generations created more than *number* days ago, except the most recent one of them.
   This allows rolling back to generations that were available within the specified period.
 
-- <span id="generations-count">[`+<number>`](#generations-count)</span>:\
+- <span id="generations-count">`+<number>`</span>:\
   The last *number* generations up to the present
 
   *Example*: `+5`

doc/manual/src/command-ref/nix-env/install.md

@@ -14,21 +14,16 @@
 
 # Description
 
-The install operation creates a new user environment.
-It is based on the current generation of the active [profile](@docroot@/command-ref/files/profiles.md), to which a set of [store paths] described by *args* is added.
+The install operation creates a new user environment, based on the
+current generation of the active profile, to which a set of store paths
+described by *args* is added. The arguments *args* map to store paths in
+a number of possible ways:
 
-[store paths]: @docroot@/glossary.md#gloss-store-path
-
-The arguments *args* map to store paths in a number of possible ways:
-
-
-  - By default, *args* is a set of [derivation] names denoting derivations in the [default Nix expression].
-    These are [realised], and the resulting output paths are installed.
-    Currently installed derivations with a name equal to the name of a derivation being added are removed unless the option `--preserve-installed` is specified.
-
-    [derivation]: @docroot@/glossary.md#gloss-derivation
-    [default Nix expression]: @docroot@/command-ref/files/default-nix-expression.md
-    [realised]: @docroot@/glossary.md#gloss-realise
+  - By default, *args* is a set of derivation names denoting derivations
+    in the active Nix expression. These are realised, and the resulting
+    output paths are installed. Currently installed derivations with a
+    name equal to the name of a derivation being added are removed
+    unless the option `--preserve-installed` is specified.
 
     If there are multiple derivations matching a name in *args* that
     have the same name (e.g., `gcc-3.3.6` and `gcc-4.1.1`), then the
@@ -45,90 +40,44 @@ The arguments *args* map to store paths in a number of possible ways:
     gcc-3.3.6 gcc-4.1.1` will install both version of GCC (and will
     probably cause a user environment conflict\!).
 
-  - If [`--attr`](#opt-attr) / `-A` is specified, the arguments are *attribute paths* that select attributes from the [default Nix expression].
-    This is faster than using derivation names and unambiguous.
-    Show the attribute paths of available packages with [`nix-env --query`](./query.md):
-
-    ```console
-    nix-env --query --available --attr-path`
-    ```
+  - If `--attr` (`-A`) is specified, the arguments are *attribute
+    paths* that select attributes from the top-level Nix
+    expression. This is faster than using derivation names and
+    unambiguous. To find out the attribute paths of available
+    packages, use `nix-env --query --available --attr-path `.
 
   - If `--from-profile` *path* is given, *args* is a set of names
-    denoting installed [store paths] in the profile *path*. This is an
+    denoting installed store paths in the profile *path*. This is an
     easy way to copy user environment elements from one profile to
     another.
 
-  - If `--from-expression` is given, *args* are [Nix language functions](@docroot@/language/constructs.md#functions) that are called with the [default Nix expression] as their single argument.
-    The derivations returned by those function calls are installed.
-    This allows derivations to be specified in an unambiguous way, which is necessary if there are multiple derivations with the same name.
+  - If `--from-expression` is given, *args* are Nix
+    [functions](@docroot@/language/constructs.md#functions)
+    that are called with the active Nix expression as their single
+    argument. The derivations returned by those function calls are
+    installed. This allows derivations to be specified in an
+    unambiguous way, which is necessary if there are multiple
+    derivations with the same name.
 
-  - If *args* are [store derivations](@docroot@/glossary.md#gloss-store-derivation), then these are [realised], and the resulting output paths are installed.
+  - If *args* are [store derivations](@docroot@/glossary.md#gloss-store-derivation), then these are
+    [realised](@docroot@/command-ref/nix-store/realise.md), and the resulting output paths
+    are installed.
 
-  - If *args* are [store paths] that are not store derivations, then these are [realised] and installed.
+  - If *args* are store paths that are not store derivations, then these
+    are [realised](@docroot@/command-ref/nix-store/realise.md) and installed.
 
-  - By default all [outputs](@docroot@/language/derivations.md#attr-outputs) are installed for each [derivation].
-    This can be overridden by adding a `meta.outputsToInstall` attribute on the derivation listing a subset of the output names.
+  - By default all outputs are installed for each derivation. That can
+    be reduced by setting `meta.outputsToInstall`.
 
-    Example:
-
-    The file `example.nix` defines a derivation with two outputs `foo` and `bar`, each containing a file.
-
-    ```nix
-    # example.nix
-    let
-      pkgs = import <nixpkgs> {};
-      command = ''
-        ${pkgs.coreutils}/bin/mkdir -p $foo $bar
-        echo foo > $foo/foo-file
-        echo bar > $bar/bar-file
-      '';
-    in
-    derivation {
-      name = "example";
-      builder = "${pkgs.bash}/bin/bash";
-      args = [ "-c" command ];
-      outputs = [ "foo" "bar" ];
-      system = builtins.currentSystem;
-    }
-    ```
-
-    Installing from this Nix expression will make files from both outputs appear in the current profile.
-
-    ```console
-    $ nix-env --install --file example.nix
-    installing 'example'
-    $ ls ~/.nix-profile
-    foo-file
-    bar-file
-    manifest.nix
-    ```
-
-    Adding `meta.outputsToInstall` to that derivation will make `nix-env` only install files from the specified outputs.
-
-    ```nix
-    # example-outputs.nix
-    import ./example.nix // { meta.outputsToInstall = [ "bar" ]; }
-    ```
-
-    ```console
-    $ nix-env --install --file example-outputs.nix
-    installing 'example'
-    $ ls ~/.nix-profile
-    bar-file
-    manifest.nix
-    ```
-
-# Options
-
-  - `--prebuilt-only` / `-b`
+# Flags
 
+  - `--prebuilt-only` / `-b`\
     Use only derivations for which a substitute is registered, i.e.,
     there is a pre-built binary available that can be downloaded in lieu
     of building the derivation. Thus, no packages will be built from
     source.
 
-  - `--preserve-installed` / `-P`
-
+  - `--preserve-installed` / `-P`\
     Do not remove derivations with a name matching one of the
     derivations being installed. Usually, trying to have two versions of
     the same package installed in the same generation of a profile will
@@ -136,8 +85,7 @@ The arguments *args* map to store paths in a number of possible ways:
     clashes between the two versions. However, this is not the case for
     all packages.
 
-  - `--remove-all` / `-r`
-
+  - `--remove-all` / `-r`\
     Remove all previously installed packages first. This is equivalent
     to running `nix-env --uninstall '.*'` first, except that everything happens
     in a single transaction.

doc/manual/src/command-ref/nix-instantiate.md

@@ -35,51 +35,13 @@ standard input.
 
   - `--parse`\
     Just parse the input files, and print their abstract syntax trees on
-    standard output as a Nix expression.
+    standard output in ATerm format.
 
   - `--eval`\
     Just parse and evaluate the input files, and print the resulting
     values on standard output. No instantiation of store derivations
     takes place.
 
-    > **Warning**
-    >
-    > This option produces output which can be parsed as a Nix expression which
-    > will produce a different result than the input expression when evaluated.
-    > For example, these two Nix expressions print the same result despite
-    > having different meaning:
-    >
-    > ```console
-    > $ nix-instantiate --eval --expr '{ a = {}; }'
-    > { a = <CODE>; }
-    > $ nix-instantiate --eval --expr '{ a = <CODE>; }'
-    > { a = <CODE>; }
-    > ```
-    >
-    > For human-readable output, `nix eval` (experimental) is more informative:
-    >
-    > ```console
-    > $ nix-instantiate --eval --expr 'a: a'
-    > <LAMBDA>
-    > $ nix eval --expr 'a: a'
-    > «lambda @ «string»:1:1»
-    > ```
-    >
-    > For machine-readable output, the `--xml` option produces unambiguous
-    > output:
-    >
-    > ```console
-    > $ nix-instantiate --eval --xml --expr '{ foo = <CODE>; }'
-    > <?xml version='1.0' encoding='utf-8'?>
-    > <expr>
-    >   <attrs>
-    >     <attr column="3" line="1" name="foo">
-    >       <unevaluated />
-    >     </attr>
-    >   </attrs>
-    > </expr>
-    > ```
-
   - `--find-file`\
     Look up the given files in Nix’s search path (as specified by the
     `NIX_PATH` environment variable). If found, print the corresponding
@@ -99,11 +61,11 @@ standard input.
 
   - `--json`\
     When used with `--eval`, print the resulting value as an JSON
-    representation of the abstract syntax tree rather than as a Nix expression.
+    representation of the abstract syntax tree rather than as an ATerm.
 
   - `--xml`\
     When used with `--eval`, print the resulting value as an XML
-    representation of the abstract syntax tree rather than as a Nix expression.
+    representation of the abstract syntax tree rather than as an ATerm.
     The schema is the same as that used by the [`toXML`
     built-in](../language/builtins.md).
 
@@ -171,24 +133,28 @@ $ nix-instantiate --eval --xml --expr '1 + 2'
 The difference between non-strict and strict evaluation:
 
 ```console
-$ nix-instantiate --eval --xml --expr '{ x = {}; }'
-<?xml version='1.0' encoding='utf-8'?>
-<expr>
-  <attrs>
-    <attr column="3" line="1" name="x">
-      <unevaluated />
-    </attr>
-  </attrs>
-</expr>
-
-$ nix-instantiate --eval --xml --strict --expr '{ x = {}; }'
-<?xml version='1.0' encoding='utf-8'?>
-<expr>
-  <attrs>
-    <attr column="3" line="1" name="x">
-      <attrs>
-      </attrs>
-    </attr>
-  </attrs>
-</expr>
+$ nix-instantiate --eval --xml --expr 'rec { x = "foo"; y = x; }'
+...
+  <attr name="x">
+    <string value="foo" />
+  </attr>
+  <attr name="y">
+    <unevaluated />
+  </attr>
+...
+```
+
+Note that `y` is left unevaluated (the XML representation doesn’t
+attempt to show non-normal forms).
+
+```console
+$ nix-instantiate --eval --xml --strict --expr 'rec { x = "foo"; y = x; }'
+...
+  <attr name="x">
+    <string value="foo" />
+  </attr>
+  <attr name="y">
+    <string value="foo" />
+  </attr>
+...
 ```

doc/manual/src/command-ref/nix-shell.md

@@ -235,14 +235,14 @@ package like Terraform:
 
 ```bash
 #! /usr/bin/env nix-shell
-#! nix-shell -i bash --packages 'terraform.withPlugins (plugins: [ plugins.openstack ])'
+#! nix-shell -i bash --packages "terraform.withPlugins (plugins: [ plugins.openstack ])"
 
 terraform apply
 ```
 
 > **Note**
 >
-> You must use single or double quotes (`'`, `"`) when passing a simple Nix expression
+> You must use double quotes (`"`) when passing a simple Nix expression
 > in a nix-shell shebang.
 
 Finally, using the merging of multiple nix-shell shebangs the following
@@ -251,7 +251,7 @@ branch):
 
 ```haskell
 #! /usr/bin/env nix-shell
-#! nix-shell -i runghc --packages 'haskellPackages.ghcWithPackages (ps: [ps.download-curl ps.tagsoup])'
+#! nix-shell -i runghc --packages "haskellPackages.ghcWithPackages (ps: [ps.download-curl ps.tagsoup])"
 #! nix-shell -I nixpkgs=https://github.com/NixOS/nixpkgs/archive/nixos-20.03.tar.gz
 
 import Network.Curl.Download

doc/manual/src/command-ref/nix-store/realise.md

@@ -15,12 +15,8 @@ Each of *paths* is processed as follows:
   1. If it is not [valid], substitute the store derivation file itself.
   2. Realise its [output paths]:
     - Try to fetch from [substituters] the [store objects] associated with the output paths in the store derivation's [closure].
-      - With [content-addressed derivations] (experimental):
-        Determine the output paths to realise by querying content-addressed realisation entries in the [Nix database].
-    - For any store paths that cannot be substituted, produce the required store objects:
-      1. Realise all outputs of the derivation's dependencies
-      2. Run the derivation's [`builder`](@docroot@/language/derivations.md#attr-builder) executable
-         <!-- TODO: Link to build process page #8888 -->
+      - With [content-addressed derivations] (experimental): Determine the output paths to realise by querying content-addressed realisation entries in the [Nix database].
+    - For any store paths that cannot be substituted, produce the required store objects. This involves first realising all outputs of the derivation's dependencies and then running the derivation's [`builder`](@docroot@/language/derivations.md#attr-builder) executable. <!-- TODO: Link to build process page #8888 -->
 - Otherwise, and if the path is not already valid: Try to fetch the associated [store objects] in the path's [closure] from [substituters].
 
 If no substitutes are available and no store derivation is given, realisation fails.

doc/manual/src/command-ref/opt-common-syn.md

@@ -0,0 +1,57 @@
+\--help
+
+\--version
+
+\--verbose
+
+\-v
+
+\--quiet
+
+\--log-format
+
+format
+
+\--no-build-output
+
+\-Q
+
+\--max-jobs
+
+\-j
+
+number
+
+\--cores
+
+number
+
+\--max-silent-time
+
+number
+
+\--timeout
+
+number
+
+\--keep-going
+
+\-k
+
+\--keep-failed
+
+\-K
+
+\--fallback
+
+\--readonly-mode
+
+\-I
+
+path
+
+\--option
+
+name
+
+value

doc/manual/src/command-ref/opt-common.md

@@ -203,7 +203,3 @@ Most Nix commands accept the following command-line options:
   Fix corrupted or missing store paths by redownloading or rebuilding them.
   Note that this is slow because it requires computing a cryptographic hash of the contents of every path in the closure of the build.
   Also note the warning under `nix-store --repair-path`.
-
-> **Note**
->
-> See [`man nix.conf`](@docroot@/command-ref/conf-file.md#command-line-flags) for overriding configuration settings with command line flags.

doc/manual/src/command-ref/opt-inst-syn.md

@@ -0,0 +1,15 @@
+\--prebuilt-only
+
+\-b
+
+\--attr
+
+\-A
+
+\--from-expression
+
+\-E
+
+\--from-profile
+
+path

doc/manual/src/contributing/cli-guideline.md

@@ -87,7 +87,7 @@ impacted the most by bad user experience.
       and [aligning of text](#text-alignment).
     - [Autocomplete](#shell-completion) of options.
 
-  Examples of such commands: `nix edit`, `nix eval`, ...
+  Examples of such commands: `nix doctor`, `nix edit`, `nix eval`, ...
 
 - **Utility and scripting commands**
 
@@ -426,7 +426,7 @@ This leads to the following guidelines:
 ### Examples
 
 
-This is bad, because all keys must be assumed to be store types:
+This is bad, because all keys must be assumed to be store implementations:
 
 ```json
 {

doc/manual/src/contributing/contributing.md

@@ -0,0 +1 @@
+# Contributing

doc/manual/src/contributing/documentation.md

@@ -1,210 +0,0 @@
-# Contributing documentation
-
-Improvements to documentation are very much appreciated, and a good way to start out with contributing to Nix.
-
-This is how you can help:
-- Address [open issues with documentation](https://github.com/NixOS/nix/issues?q=is%3Aissue+is%3Aopen+label%3Adocumentation)
-- Review [pull requests concerning documentation](https://github.com/NixOS/nix/pulls?q=is%3Apr+is%3Aopen+label%3Adocumentation)
-
-Incremental refactorings of the documentation build setup to make it faster or easier to understand and maintain are also welcome.
-
-## Building the manual
-
-Build the manual from scratch:
-
-```console
-nix-build $(nix-instantiate)'!doc'
-```
-
-or
-
-```console
-nix build .#^doc
-```
-
-and open `./result-doc/share/doc/nix/manual/index.html`.
-
-To build the manual incrementally, [enter the development shell](./hacking.md) and run:
-
-```console
-make manual-html -j $NIX_BUILD_CORES
-```
-
-and open `./outputs/out/share/doc/nix/manual/language/index.html`.
-
-In order to reflect changes to the [Makefile for the manual], clear all generated files before re-building:
-
-[Makefile for the manual]: https://github.com/NixOS/nix/blob/master/doc/manual/local.mk
-
-```console
-rm $(git ls-files doc/manual/ -o | grep -F '.md') && rmdir doc/manual/src/command-ref/new-cli && make manual-html -j $NIX_BUILD_CORES
-```
-
-## Style guide
-
-The goal of this style guide is to make it such that
-- The manual is easy to search and skim for relevant information
-- Documentation sources are easy to edit
-- Changes to documentation are easy to review
-
-You will notice that this is not implemented consistently yet.
-Please follow the guide when making additions or changes to existing documentation.
-Do not make sweeping changes, unless they are programmatic and can be validated easily.
-
-### Language
-
-This manual is [reference documentation](https://diataxis.fr/reference/).
-The typical usage pattern is to look up isolated pieces of information.
-It should therefore aim to be correct, consistent, complete, and easy to navigate at a glance.
-
-- Aim for clarity and brevity.
-
-  Please take the time to read the [plain language guidelines](https://www.plainlanguage.gov/guidelines/) for details.
-
-- Describe the subject factually.
-
-  In particular, do not make value judgements or recommendations.
-  Check the code or add tests if in doubt.
-
-- Provide complete, minimal examples, and explain them.
-
-  Readers should be able to try examples verbatim and get the same results as shown in the manual.
-  Always describe in words what a given example does.
-
-  Non-trivial examples may need additional explanation, especially if they use concepts from outside the given context.
-
-- Always explain code examples in the text.
-
-  Use comments in code samples very sparingly, for instance to highlight a particular aspect.
-  Readers tend to glance over large amounts of code when scanning for information.
-
-  Especially beginners will likely find reading more complex-looking code strenuous and may therefore avoid it altogether.
-
-  If a code sample appears to require a lot of inline explanation, consider replacing it with a simpler one.
-  If that's not possible, break the example down into multiple parts, explain them separately, and then show the combined result at the end.
-  This should be a last resort, as that would amount to writing a [tutorial](https://diataxis.fr/tutorials/) on the given subject.
-
-- Use British English.
-
-  This is a somewhat arbitrary choice to force consistency, and accounts for the fact that a majority of Nix users and developers are from Europe.
-
-### Links and anchors
-
-Reference documentation must be readable in arbitrary order.
-Readers cannot be expected to have any particular prerequisite knowledge about Nix.
-While the table of contents can provide guidance and full-text search can help, they are most likely to find what they need by following sensible cross-references.
-
-- Link to technical terms
-
-  When mentioning Nix-specific concepts, commands, options, settings, etc., link to appropriate documentation.
-  Also link to external tools or concepts, especially if their meaning may be ambiguous.
-  You may also want to link to definitions of less common technical terms.
-
-  Then readers won't have to actively search for definitions and are more likely to discover relevant information on their own.
-
-  > **Note**
-  >
-  > `man` and `--help` pages don't display links.
-  > Use appropriate link texts such that readers of terminal output can infer search terms.
-
-- Do not break existing URLs between releases.
-
-  There are countless links in the wild pointing to old versions of the manual.
-  We want people to find up-to-date documentation when following popular advice.
-
-  - When moving files, update [redirects on nixos.org](https://github.com/NixOS/nixos-homepage/blob/master/netlify.toml).
-
-    This is especially important when moving information out of the Nix manual to other resources.
-
-  - When changing anchors, update [client-side redirects](https://github.com/NixOS/nix/blob/master/doc/manual/redirects.js)
-
-  The current setup is cumbersome, and help making better automation is appreciated.
-
-The build checks for broken internal links with.
-This happens late in the process, so [building the whole manual](#building-the-manual) is not suitable for iterating quickly.
-[`mdbook-linkcheck`] does not implement checking [URI fragments] yet.
-
-[`mdbook-linkcheck`]: https://github.com/Michael-F-Bryan/mdbook-linkcheck
-[URI fragments]: https://en.wikipedia.org/wiki/URI_fragment
-
-### Markdown conventions
-
-The manual is written in markdown, and rendered with [mdBook](https://github.com/rust-lang/mdBook) for the web and with [lowdown](https://github.com/kristapsdz/lowdown) for `man` pages and `--help` output.
-
-For supported markdown features, refer to:
-- [mdBook documentation](https://rust-lang.github.io/mdBook/format/markdown.html)
-- [lowdown documentation](https://kristaps.bsd.lv/lowdown/)
-
-Please observe these guidelines to ease reviews:
-
-- Write one sentence per line.
-
-  This makes long sentences immediately visible, and makes it easier to review changes and make direct suggestions.
-
-- Use reference links – sparingly – to ease source readability.
-  Put definitions close to their first use.
-
-  Example:
-
-  ```
-  A [store object] contains a [file system object] and [references] to other store objects.
-
-  [store object]: @docroot@/glossary.md#gloss-store-object
-  [file system object]: @docroot@/architecture/file-system-object.md
-  [references]: @docroot@/glossary.md#gloss-reference
-  ```
-
-- Use admonitions of the following form:
-
-  ```
-  > **Note**
-  >
-  > This is a note.
-  ```
-
-  Highlight examples as such:
-
-  ````
-  > **Example**
-  >
-  > ```console
-  > $ nix --version
-  > ```
-  ````
-
-  Highlight syntax definitions as such, using [EBNF](https://en.wikipedia.org/wiki/Extended_Backus%E2%80%93Naur_form) notation:
-
-  ````
-  > **Syntax**
-  >
-  > *attribute-set* = `{` [ *attribute-name* `=` *expression* `;` ... ] `}`
-  ````
-
-### The `@docroot@` variable
-
-`@docroot@` provides a base path for links that occur in reusable snippets or other documentation that doesn't have a base path of its own.
-
-If a broken link occurs in a snippet that was inserted into multiple generated files in different directories, use `@docroot@` to reference the `doc/manual/src` directory.
-
-If the `@docroot@` literal appears in an error message from the [`mdbook-linkcheck`] tool, the `@docroot@` replacement needs to be applied to the generated source file that mentions it.
-See existing `@docroot@` logic in the [Makefile for the manual].
-Regular markdown files used for the manual have a base path of their own and they can use relative paths instead of `@docroot@`.
-
-## API documentation
-
-[Doxygen API documentation] is available online.
-You can also build and view it yourself:
-
-[Doxygen API documentation]: https://hydra.nixos.org/job/nix/master/internal-api-docs/latest/download-by-type/doc/internal-api-docs
-
-```console
-# nix build .#hydraJobs.internal-api-docs
-# xdg-open ./result/share/doc/nix/internal-api/html/index.html
-```
-
-or inside `nix-shell` or `nix develop`:
-
-```
-# make internal-api-html
-# xdg-open ./outputs/doc/share/doc/nix/internal-api/html/index.html
-```

doc/manual/src/contributing/hacking.md

@@ -10,7 +10,7 @@ $ cd nix
 
 The following instructions assume you already have some version of Nix installed locally, so that you can use it to set up the development environment. If you don't have it installed, follow the [installation instructions].
 
-[installation instructions]: ../installation/index.md
+[installation instructions]: ../installation/installation.md
 
 ## Building Nix with flakes
 
@@ -31,7 +31,7 @@ This shell also adds `./outputs/bin/nix` to your `$PATH` so you can run `nix` im
 To get a shell with one of the other [supported compilation environments](#compilation-environments):
 
 ```console
-$ nix develop .#native-clangStdenvPackages
+$ nix develop .#native-clang11StdenvPackages
 ```
 
 > **Note**
@@ -42,23 +42,20 @@ $ nix develop .#native-clangStdenvPackages
 To build Nix itself in this shell:
 
 ```console
-[nix-shell]$ autoreconfPhase
-[nix-shell]$ configurePhase
-[nix-shell]$ make -j $NIX_BUILD_CORES OPTIMIZE=0
+[nix-shell]$ ./bootstrap.sh
+[nix-shell]$ ./configure $configureFlags --prefix=$(pwd)/outputs/out
+[nix-shell]$ make -j $NIX_BUILD_CORES
 ```
 
 To install it in `$(pwd)/outputs` and test it:
 
 ```console
-[nix-shell]$ make install OPTIMIZE=0
-[nix-shell]$ make installcheck check -j $NIX_BUILD_CORES
+[nix-shell]$ make install
+[nix-shell]$ make installcheck -j $NIX_BUILD_CORES
 [nix-shell]$ nix --version
 nix (Nix) 2.12
 ```
 
-For more information on running and filtering tests, see
-[`testing.md`](./testing.md).
-
 To build a release version of Nix for the current operating system and CPU architecture:
 
 ```console
@@ -78,7 +75,7 @@ $ nix-shell
 To get a shell with one of the other [supported compilation environments](#compilation-environments):
 
 ```console
-$ nix-shell --attr devShells.x86_64-linux.native-clangStdenvPackages
+$ nix-shell --attr devShells.x86_64-linux.native-clang11StdenvPackages
 ```
 
 > **Note**
@@ -89,7 +86,7 @@ $ nix-shell --attr devShells.x86_64-linux.native-clangStdenvPackages
 To build Nix itself in this shell:
 
 ```console
-[nix-shell]$ autoreconfPhase
+[nix-shell]$ ./bootstrap.sh
 [nix-shell]$ ./configure $configureFlags --prefix=$(pwd)/outputs/out
 [nix-shell]$ make -j $NIX_BUILD_CORES
 ```
@@ -111,26 +108,6 @@ $ nix-build
 
 You can also build Nix for one of the [supported platforms](#platforms).
 
-## Makefile variables
-
-You may need `profiledir=$out/etc/profile.d` and `sysconfdir=$out/etc` to run `make install`.
-
-Run `make` with [`-e` / `--environment-overrides`](https://www.gnu.org/software/make/manual/make.html#index-_002de) to allow environment variables to override `Makefile` variables:
-
-- `ENABLE_BUILD=yes` to enable building the C++ code.
-- `ENABLE_DOC_GEN=yes` to enable building the documentation (manual, man pages, etc.).
-
-  The docs can take a while to build, so you may want to disable this for local development.
-- `ENABLE_FUNCTIONAL_TESTS=yes` to enable building the functional tests.
-- `ENABLE_UNIT_TESTS=yes` to enable building the unit tests.
-- `OPTIMIZE=1` to enable optimizations.
-- `libraries=libutil programs=` to only build a specific library.
-
-  This will fail in the linking phase if the other libraries haven't been built, but is useful for checking types.
-- `libraries= programs=nix` to only build a specific program.
-
-  This will not work in general, because the programs need the libraries.
-
 ## Platforms
 
 Nix can be built for various platforms, as specified in [`flake.nix`]:
@@ -147,10 +124,10 @@ Nix can be built for various platforms, as specified in [`flake.nix`]:
 
 In order to build Nix for a different platform than the one you're currently
 on, you need a way for your current Nix installation to build code for that
-platform. Common solutions include [remote build machines] and [binary format emulation]
+platform. Common solutions include [remote builders] and [binary format emulation]
 (only supported on NixOS).
 
-[remote builders]: @docroot@/language/derivations.md#attr-builder
+[remote builders]: ../advanced-topics/distributed-builds.md
 [binary format emulation]: https://nixos.org/manual/nixos/stable/options.html#opt-boot.binfmt.emulatedSystems
 
 Given such a setup, executing the build only requires selecting the respective attribute.
@@ -169,31 +146,6 @@ $ nix build .#packages.aarch64-linux.default
 Cross-compiled builds are available for ARMv6 (`armv6l-linux`) and ARMv7 (`armv7l-linux`).
 Add more [system types](#system-type) to `crossSystems` in `flake.nix` to bootstrap Nix on unsupported platforms.
 
-### Building for multiple platforms at once
-
-It is useful to perform multiple cross and native builds on the same source tree,
-for example to ensure that better support for one platform doesn't break the build for another.
-In order to facilitate this, Nix has some support for being built out of tree – that is, placing build artefacts in a different directory than the source code:
-
-1. Create a directory for the build, e.g.
-
-   ```bash
-   mkdir build
-   ```
-
-2. Run the configure script from that directory, e.g.
-
-   ```bash
-   cd build
-   ../configure <configure flags>
-   ```
-
-3. Run make from the source directory, but with the build directory specified, e.g.
-
-   ```bash
-   make builddir=build <make flags>
-   ```
-
 ## System type
 
 Nix uses a string with he following format to identify the *system type* or *platform* it runs on:
@@ -258,7 +210,7 @@ See [supported compilation environments](#compilation-environments) and instruct
 To use the LSP with your editor, you first need to [set up `clangd`](https://clangd.llvm.org/installation#project-setup) by running:
 
 ```console
-make clean && bear -- make -j$NIX_BUILD_CORES default check install
+make clean && bear -- make -j$NIX_BUILD_CORES install
 ```
 
 Configure your editor to use the `clangd` from the shell, either by running it inside the development shell, or by using [nix-direnv](https://github.com/nix-community/nix-direnv) and [the appropriate editor plugin](https://github.com/direnv/direnv/wiki#editor-integration).
@@ -269,80 +221,67 @@ Configure your editor to use the `clangd` from the shell, either by running it i
 > Some other editors (e.g. Emacs, Vim) need a plugin to support LSP servers in general (e.g. [lsp-mode](https://github.com/emacs-lsp/lsp-mode) for Emacs and [vim-lsp](https://github.com/prabirshrestha/vim-lsp) for vim).
 > Editor-specific setup is typically opinionated, so we will not cover it here in more detail.
 
-## Add a release note
+### Checking links in the manual
 
-`doc/manual/rl-next` contains release notes entries for all unreleased changes.
+The build checks for broken internal links.
+This happens late in the process, so `nix build` is not suitable for iterating.
+To build the manual incrementally, run:
 
-User-visible changes should come with a release note.
-
-### Add an entry
-
-Here's what a complete entry looks like. The file name is not incorporated in the document.
-
-```
----
-synopsis: Basically a title
-issues: 1234
-prs: 1238
----
-
-Here's one or more paragraphs that describe the change.
-
-- It's markdown
-- Add references to the manual using @docroot@
+```console
+make html -j $NIX_BUILD_CORES
 ```
 
-Significant changes should add the following header, which moves them to the top.
+In order to reflect changes to the [Makefile], clear all generated files before re-building:
 
-```
-significance: significant
+[Makefile]: https://github.com/NixOS/nix/blob/master/doc/manual/local.mk
+
+```console
+rm $(git ls-files doc/manual/ -o | grep -F '.md') && rmdir doc/manual/src/command-ref/new-cli && make html -j $NIX_BUILD_CORES
 ```
 
-<!-- Keep an eye on https://codeberg.org/fgaz/changelog-d/issues/1 -->
-See also the [format documentation](https://github.com/haskell/cabal/blob/master/CONTRIBUTING.md#changelog).
+[`mdbook-linkcheck`] does not implement checking [URI fragments] yet.
 
-### Build process
+[`mdbook-linkcheck`]: https://github.com/Michael-F-Bryan/mdbook-linkcheck
+[URI fragments]: https://en.wikipedia.org/wiki/URI_fragment
 
-Releases have a precomputed `rl-MAJOR.MINOR.md`, and no `rl-next.md`.
+#### `@docroot@` variable
 
-## Branches
+`@docroot@` provides a base path for links that occur in reusable snippets or other documentation that doesn't have a base path of its own.
 
-- [`master`](https://github.com/NixOS/nix/commits/master)
+If a broken link occurs in a snippet that was inserted into multiple generated files in different directories, use `@docroot@` to reference the `doc/manual/src` directory.
 
-  The main development branch. All changes are approved and merged here.
-  When developing a change, create a branch based on the latest `master`.
+If the `@docroot@` literal appears in an error message from the `mdbook-linkcheck` tool, the `@docroot@` replacement needs to be applied to the generated source file that mentions it.
+See existing `@docroot@` logic in the [Makefile].
+Regular markdown files used for the manual have a base path of their own and they can use relative paths instead of `@docroot@`.
 
-  Maintainers try to [keep it in a release-worthy state](#reverting).
+## API documentation
 
-- [`maintenance-*.*`](https://github.com/NixOS/nix/branches/all?query=maintenance)
+Doxygen API documentation is [available
+online](https://hydra.nixos.org/job/nix/master/internal-api-docs/latest/download-by-type/doc/internal-api-docs). You
+can also build and view it yourself:
 
-  These branches are the subject of backports only, and are
-  also [kept](#reverting) in a release-worthy state.
+```console
+# nix build .#hydraJobs.internal-api-docs
+# xdg-open ./result/share/doc/nix/internal-api/html/index.html
+```
 
-  See [`maintainers/backporting.md`](https://github.com/NixOS/nix/blob/master/maintainers/backporting.md)
+or inside a `nix develop` shell by running:
 
-- [`latest-release`](https://github.com/NixOS/nix/tree/latest-release)
+```
+# make internal-api-html
+# xdg-open ./outputs/doc/share/doc/nix/internal-api/html/index.html
+```
 
-  The latest patch release of the latest minor version.
+## Coverage analysis
 
-  See [`maintainers/release-process.md`](https://github.com/NixOS/nix/blob/master/maintainers/release-process.md)
+A coverage analysis report is [available
+online](https://hydra.nixos.org/job/nix/master/coverage/latest/download-by-type/report/coverage). You
+can build it yourself:
 
-- [`backport-*-to-*`](https://github.com/NixOS/nix/branches/all?query=backport)
+```
+# nix build .#hydraJobs.coverage
+# xdg-open ./result/coverage/index.html
+```
 
-  Generally branches created by the backport action.
-
-  See [`maintainers/backporting.md`](https://github.com/NixOS/nix/blob/master/maintainers/backporting.md)
-
-- [_other_](https://github.com/NixOS/nix/branches/all)
-
-  Branches that do not conform to the above patterns should be feature branches.
-
-## Reverting
-
-If a change turns out to be merged by mistake, or contain a regression, it may be reverted.
-A revert is not a rejection of the contribution, but merely part of an effective development process.
-It makes sure that development keeps running smoothly, with minimal uncertainty, and less overhead.
-If maintainers have to worry too much about avoiding reverts, they would not be able to merge as much.
-By embracing reverts as a good part of the development process, everyone wins.
-
-However, taking a step back may be frustrating, so maintainers will be extra supportive on the next try.
+Metrics about the change in line/function coverage over time are also
+[available](https://hydra.nixos.org/job/nix/master/coverage#tabs-charts).

doc/manual/src/contributing/index.md

@@ -1,8 +0,0 @@
-# Development
-
-Nix is developed on GitHub.
-Check the [contributing guide](https://github.com/NixOS/nix/blob/master/CONTRIBUTING.md) if you want to get involved.
-
-This chapter is a collection of guides for making changes to the code and documentation.
-
-If you're not sure where to start, try to [compile Nix from source](./hacking.md) and consider [making improvements to documentation](./documentation.md).

doc/manual/src/contributing/testing.md

@@ -1,101 +1,14 @@
 # Running tests
 
-## Coverage analysis
-
-A [coverage analysis report] is available online
-You can build it yourself:
-
-[coverage analysis report]: https://hydra.nixos.org/job/nix/master/coverage/latest/download-by-type/report/coverage
-
-```
-# nix build .#hydraJobs.coverage
-# xdg-open ./result/coverage/index.html
-```
-
-[Extensive records of build metrics](https://hydra.nixos.org/job/nix/master/coverage#tabs-charts), such as test coverage over time, are also available online.
-
 ## Unit-tests
 
-The unit tests are defined using the [googletest] and [rapidcheck] frameworks.
-
-[googletest]: https://google.github.io/googletest/
-[rapidcheck]: https://github.com/emil-e/rapidcheck
-[property testing]: https://en.wikipedia.org/wiki/Property_testing
-
-### Source and header layout
-
-> An example of some files, demonstrating much of what is described below
->
-> ```
-> src
-> ├── libexpr
-> │   ├── local.mk
-> │   ├── value/context.hh
-> │   ├── value/context.cc
-> │   …
-> │
-> ├── tests
-> │   │
-> │   …
-> │   └── unit
-> │       ├── libutil
-> │       │   ├── local.mk
-> │       │   …
-> │       │   └── data
-> │       │       ├── git/tree.txt
-> │       │       …
-> │       │
-> │       ├── libexpr-support
-> │       │   ├── local.mk
-> │       │   └── tests
-> │       │       ├── value/context.hh
-> │       │       ├── value/context.cc
-> │       │       …
-> │       │
-> │       ├── libexpr
-> │       …   ├── local.mk
-> │           ├── value/context.cc
-> │           …
-> …
-> ```
-
-The tests for each Nix library (`libnixexpr`, `libnixstore`, etc..) live inside a directory `tests/unit/${library_name_without-nix}`.
-Given a interface (header) and implementation pair in the original library, say, `src/libexpr/value/context.{hh,cc}`, we write tests for it in `tests/unit/libexpr/tests/value/context.cc`, and (possibly) declare/define additional interfaces for testing purposes in `tests/unit/libexpr-support/tests/value/context.{hh,cc}`.
-
-Data for unit tests is stored in a `data` subdir of the directory for each unit test executable.
-For example, `libnixstore` code is in `src/libstore`, and its test data is in `tests/unit/libstore/data`.
-The path to the `tests/unit/data` directory is passed to the unit test executable with the environment variable `_NIX_TEST_UNIT_DATA`.
-Note that each executable only gets the data for its tests.
-
-The unit test libraries are in `tests/unit/${library_name_without-nix}-lib`.
-All headers are in a `tests` subdirectory so they are included with `#include "tests/"`.
-
-The use of all these separate directories for the unit tests might seem inconvenient, as for example the tests are not "right next to" the part of the code they are testing.
-But organizing the tests this way has one big benefit:
-there is no risk of any build-system wildcards for the library accidentally picking up test code that should not built and installed as part of the library.
-
-### Running tests
+The unit-tests for each Nix library (`libexpr`, `libstore`, etc..) are defined
+under `tests/unit/{library_name}/tests` using the
+[googletest](https://google.github.io/googletest/) and
+[rapidcheck](https://github.com/emil-e/rapidcheck) frameworks.
 
 You can run the whole testsuite with `make check`, or the tests for a specific component with `make libfoo-tests_RUN`.
-Finer-grained filtering is also possible using the [--gtest_filter](https://google.github.io/googletest/advanced.html#running-a-subset-of-the-tests) command-line option, or the `GTEST_FILTER` environment variable, e.g. `GTEST_FILTER='ErrorTraceTest.*' make check`.
-
-### Characterisation testing { #characaterisation-testing-unit }
-
-See [functional characterisation testing](#characterisation-testing-functional) for a broader discussion of characterisation testing.
-
-Like with the functional characterisation, `_NIX_TEST_ACCEPT=1` is also used.
-For example:
-```shell-session
-$ _NIX_TEST_ACCEPT=1 make libstore-tests_RUN
-...
-[  SKIPPED ] WorkerProtoTest.string_read
-[  SKIPPED ] WorkerProtoTest.string_write
-[  SKIPPED ] WorkerProtoTest.storePath_read
-[  SKIPPED ] WorkerProtoTest.storePath_write
-...
-```
-will regenerate the "golden master" expected result for the `libnixstore` characterisation tests.
-The characterisation tests will mark themselves "skipped" since they regenerated the expected result instead of actually testing anything.
+Finer-grained filtering is also possible using the [--gtest_filter](https://google.github.io/googletest/advanced.html#running-a-subset-of-the-tests) command-line option, or the `GTEST_FILTER` environment variable.
 
 ### Unit test support libraries
 
@@ -162,17 +75,17 @@ ran test tests/functional/${testName}.sh... [PASS]
 or without `make`:
 
 ```shell-session
-$ ./mk/run-test.sh tests/functional/${testName}.sh tests/functional/init.sh
+$ ./mk/run-test.sh tests/functional/${testName}.sh
 ran test tests/functional/${testName}.sh... [PASS]
 ```
 
 To see the complete output, one can also run:
 
 ```shell-session
-$ ./mk/debug-test.sh tests/functional/${testName}.sh tests/functional/init.sh
-+(${testName}.sh:1) foo
+$ ./mk/debug-test.sh tests/functional/${testName}.sh
++ foo
 output from foo
-+(${testName}.sh:2) bar
++ bar
 output from bar
 ...
 ```
@@ -204,7 +117,7 @@ edit it like so:
 Then, running the test with `./mk/debug-test.sh` will drop you into GDB once the script reaches that point:
 
 ```shell-session
-$ ./mk/debug-test.sh tests/functional/${testName}.sh tests/functional/init.sh
+$ ./mk/debug-test.sh tests/functional/${testName}.sh
 ...
 + gdb blash blub
 GNU gdb (GDB) 12.1
@@ -215,18 +128,9 @@ GNU gdb (GDB) 12.1
 One can debug the Nix invocation in all the usual ways.
 For example, enter `run` to start the Nix invocation.
 
-### Troubleshooting
+### Characterization testing
 
-Sometimes running tests in the development shell may leave artefacts in the local repository.
-To remove any traces of that:
-
-```console
-git clean -x --force tests
-```
-
-### Characterisation testing { #characterisation-testing-functional }
-
-Occasionally, Nix utilizes a technique called [Characterisation Testing](https://en.wikipedia.org/wiki/Characterization_test) as part of the functional tests.
+Occasionally, Nix utilizes a technique called [Characterization Testing](https://en.wikipedia.org/wiki/Characterization_test) as part of the functional tests.
 This technique is to include the exact output/behavior of a former version of Nix in a test in order to check that Nix continues to produce the same behavior going forward.
 
 For example, this technique is used for the language tests, to check both the printed final value if evaluation was successful, and any errors and warnings encountered.
@@ -237,7 +141,6 @@ For example:
 ```bash
 _NIX_TEST_ACCEPT=1 make tests/functional/lang.sh.test
 ```
-This convention is shared with the [characterisation unit tests](#characterisation-testing-unit) too.
 
 An interesting situation to document is the case when these tests are "overfitted".
 The language tests are, again, an example of this.
@@ -250,7 +153,7 @@ Diagnostic outputs are indeed not a stable interface, but they still are importa
 By recording the expected output, the test suite guards against accidental changes, and ensure the *result* (not just the code that implements it) of the diagnostic code paths are under code review.
 Regressions are caught, and improvements always show up in code review.
 
-To ensure that characterisation testing doesn't make it harder to intentionally change these interfaces, there always must be an easy way to regenerate the expected output, as we do with `_NIX_TEST_ACCEPT=1`.
+To ensure that characterization testing doesn't make it harder to intentionally change these interfaces, there always must be an easy way to regenerate the expected output, as we do with `_NIX_TEST_ACCEPT=1`.
 
 ## Integration tests
 
@@ -264,7 +167,7 @@ You can run them manually with `nix build .#hydraJobs.tests.{testName}` or `nix-
 
 After a one-time setup, the Nix repository's GitHub Actions continuous integration (CI) workflow can test the installer each time you push to a branch.
 
-Creating a Cachix cache for your installer tests and adding its authorisation token to GitHub enables [two installer-specific jobs in the CI workflow](https://github.com/NixOS/nix/blob/88a45d6149c0e304f6eb2efcc2d7a4d0d569f8af/.github/workflows/ci.yml#L50-L91):
+Creating a Cachix cache for your installer tests and adding its authorization token to GitHub enables [two installer-specific jobs in the CI workflow](https://github.com/NixOS/nix/blob/88a45d6149c0e304f6eb2efcc2d7a4d0d569f8af/.github/workflows/ci.yml#L50-L91):
 
 - The `installer` job generates installers for the platforms below and uploads them to your Cachix cache:
   - `x86_64-linux`

doc/manual/src/favicon.svg

@@ -0,0 +1 @@
+<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="587.11" height="516.604" viewBox="0 0 550.416 484.317"><defs><linearGradient id="a"><stop offset="0" style="stop-color:#699ad7;stop-opacity:1"/><stop offset=".243" style="stop-color:#7eb1dd;stop-opacity:1"/><stop offset="1" style="stop-color:#7ebae4;stop-opacity:1"/></linearGradient><linearGradient id="b"><stop offset="0" style="stop-color:#415e9a;stop-opacity:1"/><stop offset=".232" style="stop-color:#4a6baf;stop-opacity:1"/><stop offset="1" style="stop-color:#5277c3;stop-opacity:1"/></linearGradient><linearGradient xlink:href="#a" id="c" x1="200.597" x2="290.087" y1="351.411" y2="506.188" gradientTransform="translate(70.65 -1055.151)" gradientUnits="userSpaceOnUse"/><linearGradient xlink:href="#b" id="e" x1="-584.199" x2="-496.297" y1="782.336" y2="937.714" gradientTransform="translate(864.696 -1491.34)" gradientUnits="userSpaceOnUse"/></defs><g style="display:inline;opacity:1" transform="translate(-132.651 958.04)"><path id="d" d="m309.549-710.388 122.197 211.675-56.157.527-32.624-56.87-32.856 56.566-27.903-.011-14.29-24.69 46.81-80.49-33.23-57.826z" style="opacity:1;fill:url(#c);fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:3;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"/><use xlink:href="#d" width="100%" height="100%" transform="rotate(60 407.112 -715.787)"/><use xlink:href="#d" width="100%" height="100%" transform="rotate(-60 407.312 -715.7)"/><use xlink:href="#d" width="100%" height="100%" transform="rotate(180 407.419 -715.756)"/><path id="f" d="m309.549-710.388 122.197 211.675-56.157.527-32.624-56.87-32.856 56.566-27.903-.011-14.29-24.69 46.81-80.49-33.23-57.826z" style="color:#000;clip-rule:nonzero;display:inline;overflow:visible;visibility:visible;opacity:1;isolation:auto;mix-blend-mode:normal;color-interpolation:sRGB;color-interpolation-filters:linearRGB;solid-color:#000;solid-opacity:1;fill:url(#e);fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:3;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;color-rendering:auto;image-rendering:auto;shape-rendering:auto;text-rendering:auto;enable-background:accumulate"/><use xlink:href="#f" width="100%" height="100%" style="display:inline" transform="rotate(120 407.34 -716.084)"/><use xlink:href="#f" width="100%" height="100%" style="display:inline" transform="rotate(-120 407.288 -715.87)"/></g></svg>

doc/manual/src/glossary.md

@@ -3,10 +3,10 @@
 - [derivation]{#gloss-derivation}
 
   A description of a build task. The result of a derivation is a
-  store object. Derivations declared in Nix expressions are specified
+  store object. Derivations are typically specified in Nix expressions
   using the [`derivation` primitive](./language/derivations.md). These are
   translated into low-level *store derivations* (implicitly by
-  `nix-build`, or explicitly by `nix-instantiate`).
+  `nix-env` and `nix-build`, or explicitly by `nix-instantiate`).
 
   [derivation]: #gloss-derivation
 
@@ -14,7 +14,6 @@
 
   A [derivation] represented as a `.drv` file in the [store].
   It has a [store path], like any [store object].
-  It is the [instantiated][instantiate] form of a derivation.
 
   Example: `/nix/store/g946hcz4c8mdvq2g8vxx42z51qb71rvp-git-2.38.1.drv`
 
@@ -24,9 +23,9 @@
 
 - [instantiate]{#gloss-instantiate}, instantiation
 
-  Save an evaluated [derivation] as a [store derivation] in the Nix [store].
+  Translate a [derivation] into a [store derivation].
 
-  See [`nix-instantiate`](./command-ref/nix-instantiate.md), which produces a store derivation from a Nix expression that evaluates to a derivation.
+  See [`nix-instantiate`](./command-ref/nix-instantiate.md).
 
   [instantiate]: #gloss-instantiate
 
@@ -34,15 +33,11 @@
 
   Ensure a [store path] is [valid][validity].
 
-  This can be achieved by:
-  - Fetching a pre-built [store object] from a [substituter]
-  - Running the [`builder`](@docroot@/language/derivations.md#attr-builder) executable as specified in the corresponding [derivation]
-  - Delegating to a [remote machine](@docroot@/command-ref/conf-file.md#conf-builders) and retrieving the outputs
-  <!-- TODO: link [running] to build process page, #8888 -->
+  This means either running the [`builder`](@docroot@/language/derivations.md#attr-builder) executable as specified in the corresponding [derivation], or fetching a pre-built [store object] from a [substituter], or delegating to a [remote builder](@docroot@/advanced-topics/distributed-builds.html) and retrieving the outputs. <!-- TODO: link [running] to build process page, #8888 -->
 
-  See [`nix-store --realise`](@docroot@/command-ref/nix-store/realise.md) for a detailed description of the algorithm.
+  See [`nix-build`](./command-ref/nix-build.md) and [`nix-store --realise`](@docroot@/command-ref/nix-store/realise.md).
 
-  See also [`nix-build`](./command-ref/nix-build.md) and [`nix build`](./command-ref/new-cli/nix3-build.md) (experimental).
+  See [`nix build`](./command-ref/new-cli/nix3-build.md) (experimental).
 
   [realise]: #gloss-realise
 
@@ -59,12 +54,29 @@
 
 - [store]{#gloss-store}
 
-  A collection of [store objects][store object], with operations to manipulate that collection.
-  See [Nix Store](./store/index.md) for details.
+  The location in the file system where store objects live. Typically
+  `/nix/store`.
 
-  There are many types of stores, see [Store Types](./store/types/index.md) for details.
+  From   the  perspective   of   the  location   where  Nix   is
+  invoked, the  Nix store can be  referred to
+  as a "_local_" or a "_remote_" one:
+
+  + A [local store]{#gloss-local-store} exists on the filesystem of
+    the machine where Nix is  invoked. You can use other
+    local stores  by passing  the `--store` flag  to the
+    `nix` command.  Local stores can be used for building derivations.
+
+  + A  *remote store*  exists  anywhere  other than  the
+    local  filesystem. One  example is  the `/nix/store`
+    directory on another machine,  accessed via `ssh` or
+    served by the `nix-serve` Perl script.
 
   [store]: #gloss-store
+  [local store]: #gloss-local-store
+
+- [chroot store]{#gloss-chroot-store}
+
+  A [local store] whose canonical path is anything other than `/nix/store`.
 
 - [binary cache]{#gloss-binary-cache}
 
@@ -76,13 +88,10 @@
 
 - [store path]{#gloss-store-path}
 
-  The location of a [store object] in the file system, i.e., an immediate child of the Nix store directory.
+  The location of a [store object] in the file system, i.e., an
+  immediate child of the Nix store directory.
 
-  > **Example**
-  >
-  > `/nix/store/a040m110amc4h71lds2jmr8qrkj2jhxd-git-2.38.1`
-
-  See [Store Path](@docroot@/store/store-path.md) for details.
+  Example: `/nix/store/a040m110amc4h71lds2jmr8qrkj2jhxd-git-2.38.1`
 
   [store path]: #gloss-store-path
 
@@ -90,25 +99,18 @@
 
   The Nix data model for representing simplified file system data.
 
-  See [File System Object](@docroot@/store/file-system-object.md) for details.
+  See [File System Object](@docroot@/architecture/file-system-object.md) for details.
 
   [file system object]: #gloss-file-system-object
 
 - [store object]{#gloss-store-object}
 
-  Part of the contents of a [store].
 
-  A store object consists of a [file system object], [references][reference] to other store objects, and other metadata.
+  A store object consists of a [file system object], [reference]s to other store objects, and other metadata.
   It can be referred to by a [store path].
 
-  See [Store Object](@docroot@/store/index.md#store-object) for details.
-
   [store object]: #gloss-store-object
 
-- [IFD]{#gloss-ifd}
-
-  [Import From Derivation](./language/import-from-derivation.md)
-
 - [input-addressed store object]{#gloss-input-addressed-store-object}
 
   A store object produced by building a
@@ -116,7 +118,7 @@
   non-[fixed-output](#gloss-fixed-output-derivation)
   derivation.
 
-- [content-addressed store object]{#gloss-content-addressed-store-object}
+- [output-addressed store object]{#gloss-output-addressed-store-object}
 
   A [store object] whose [store path] is determined by its contents.
   This includes derivations, the outputs of [content-addressed derivations](#gloss-content-addressed-derivation), and the outputs of [fixed-output derivations](#gloss-fixed-output-derivation).
@@ -145,11 +147,6 @@
   builder can rely on external inputs such as the network or the
   system time) but the Nix model assumes it.
 
-- [impure derivation]{#gloss-impure-derivation}
-
-  [An experimental feature](#@docroot@/contributing/experimental-features.md#xp-feature-impure-derivations) that allows derivations to be explicitly marked as impure,
-  so that they are always rebuilt, and their outputs not reused by subsequent calls to realise them.
-
 - [Nix database]{#gloss-nix-database}
 
   An SQlite database to track [reference]s between [store object]s.
@@ -161,13 +158,11 @@
 
 - [Nix expression]{#gloss-nix-expression}
 
-  1. Commonly, a high-level description of software packages and compositions
-    thereof. Deploying software using Nix entails writing Nix
-    expressions for your packages. Nix expressions specify [derivations][derivation],
-    which are [instantiated][instantiate] into the Nix store as [store derivations][store derivation].
-    These derivations can then be [realised][realise] to produce [outputs][output].
-
-  2. A syntactically valid use of the [Nix language]. For example, the contents of a `.nix` file form an expression.
+  A high-level description of software packages and compositions
+  thereof. Deploying software using Nix entails writing Nix
+  expressions for your packages. Nix expressions are translated to
+  derivations that are stored in the Nix store. These derivations can
+  then be built.
 
 - [reference]{#gloss-reference}
 
@@ -205,7 +200,6 @@
 - [output]{#gloss-output}
 
   A [store object] produced by a [derivation].
-  See [the `outputs` argument to the `derivation` function](@docroot@/language/derivations.md#attr-outputs) for details.
 
   [output]: #gloss-output
 
@@ -219,9 +213,6 @@
 
   The [store derivation] that produced an [output path].
 
-  The deriver for an output path can be queried with the `--deriver` option to
-  [`nix-store --query`](@docroot@/command-ref/nix-store/query.md).
-
 - [validity]{#gloss-validity}
 
   A store path is valid if all [store object]s in its [closure] can be read from the [store].
@@ -232,7 +223,6 @@
   - All paths in the store path's [closure] are valid.
 
   [validity]: #gloss-validity
-  [local store]: @docroot@/store/types/local-store.md
 
 - [user environment]{#gloss-user-env}
 
@@ -267,21 +257,6 @@
 
   The epsilon symbol. In the context of a package, this means the version is empty. More precisely, the derivation does not have a version attribute.
 
-- [package]{#package}
-
-  1. A software package; a collection of files and other data.
-
-  2. A [package attribute set].
-
-- [package attribute set]{#package-attribute-set}
-
-  An [attribute set](@docroot@/language/values.md#attribute-set) containing the attribute `type = "derivation";` (derivation for historical reasons), as well as other attributes, such as
-  - attributes that refer to the files of a [package], typically in the form of [derivation outputs](#output),
-  - attributes that declare something about how the package is supposed to be installed or used,
-  - other metadata or arbitrary attributes.
-
-  [package attribute set]: #package-attribute-set
-
 - [string interpolation]{#gloss-string-interpolation}
 
   Expanding expressions enclosed in `${ }` within a [string], [path], or [attribute name].
@@ -298,6 +273,3 @@
   These flags are enabled or disabled with the [`experimental-features`](./command-ref/conf-file.html#conf-experimental-features) setting.
 
   See the contribution guide on the [purpose and lifecycle of experimental feaures](@docroot@/contributing/experimental-features.md).
-
-
-[Nix language]: ./language/index.md

doc/manual/src/installation/building-source.md

@@ -3,7 +3,7 @@
 After cloning Nix's Git repository, issue the following commands:
 
 ```console
-$ autoreconf -vfi
+$ ./bootstrap.sh
 $ ./configure options...
 $ make
 $ make install

doc/manual/src/installation/installing-binary.md

@@ -1,60 +1,26 @@
 # Installing a Binary Distribution
 
-To install the latest version Nix, run the following command:
+The easiest way to install Nix is to run the following command:
 
 ```console
 $ curl -L https://nixos.org/nix/install | sh
 ```
 
-This performs the default type of installation for your platform:
+This will run the installer interactively (causing it to explain what
+it is doing more explicitly), and perform the default "type" of install
+for your platform:
+- single-user on Linux
+- multi-user on macOS
 
-- [Multi-user](#multi-user-installation):
-  - Linux with systemd and without SELinux
-  - macOS
-- [Single-user](#single-user-installation):
-  - Linux without systemd
-  - Linux with SELinux
+  > **Notes on read-only filesystem root in macOS 10.15 Catalina +**
+  >
+  > - It took some time to support this cleanly. You may see posts,
+  >   examples, and tutorials using obsolete workarounds.
+  > - Supporting it cleanly made macOS installs too complex to qualify
+  >   as single-user, so this type is no longer supported on macOS.
 
-We recommend the multi-user installation if it supports your platform and you can authenticate with `sudo`.
-
-The installer can configured with various command line arguments and environment variables.
-To show available command line flags:
-
-```console
-$ curl -L https://nixos.org/nix/install | sh -s -- --help
-```
-
-To check what it does and how it can be customised further, [download and edit the second-stage installation script](#installing-from-a-binary-tarball).
-
-# Installing a pinned Nix version from a URL
-
-Version-specific installation URLs for all Nix versions since 1.11.16 can be found at [releases.nixos.org](https://releases.nixos.org/?prefix=nix/).
-The directory for each version contains the corresponding SHA-256 hash.
-
-All installation scripts are invoked the same way:
-
-```console
-$ export VERSION=2.19.2 
-$ curl -L https://releases.nixos.org/nix/nix-$VERSION/install | sh
-```
-
-# Multi User Installation
-
-The multi-user Nix installation creates system users and a system service for the Nix daemon.
-
-Supported systems:
-
-- Linux running systemd, with SELinux disabled
-- macOS
-
-To explicitly instruct the installer to perform a multi-user installation on your system:
-
-```console
-$ curl -L https://nixos.org/nix/install | sh -s -- --daemon
-```
-
-You can run this under your usual user account or `root`.
-The script will invoke `sudo` as needed.
+We recommend the multi-user install if it supports your platform and
+you can authenticate with `sudo`.
 
 # Single User Installation
 
@@ -64,48 +30,60 @@ To explicitly select a single-user installation on your system:
 $ curl -L https://nixos.org/nix/install | sh -s -- --no-daemon
 ```
 
-In a single-user installation, `/nix` is owned by the invoking user.
-The script will invoke `sudo` to create `/nix` if it doesn’t already exist.
-If you don’t have `sudo`, manually create `/nix` as `root`:
+This will perform a single-user installation of Nix, meaning that `/nix`
+is owned by the invoking user. You can run this under your usual user
+account or root. The script will invoke `sudo` to create `/nix`
+if it doesn’t already exist. If you don’t have `sudo`, you should
+manually create `/nix` first as root, e.g.:
 
 ```console
-$ su root
-# mkdir /nix
-# chown alice /nix
+$ mkdir /nix
+$ chown alice /nix
 ```
 
-# Installing from a binary tarball
+The install script will modify the first writable file from amongst
+`.bash_profile`, `.bash_login` and `.profile` to source
+`~/.nix-profile/etc/profile.d/nix.sh`. You can set the
+`NIX_INSTALLER_NO_MODIFY_PROFILE` environment variable before executing
+the install script to disable this behaviour.
 
-You can also download a binary tarball that contains Nix and all its dependencies:
-- Choose a [version](https://releases.nixos.org/?prefix=nix/) and [system type](../contributing/hacking.md#platforms)
-- Download and unpack the tarball
-- Run the installer
+# Multi User Installation
 
-> **Example**
+The multi-user Nix installation creates system users, and a system
+service for the Nix daemon.
+
+**Supported Systems**
+- Linux running systemd, with SELinux disabled
+- macOS
+
+You can instruct the installer to perform a multi-user installation on
+your system:
+
+```console
+$ curl -L https://nixos.org/nix/install | sh -s -- --daemon
+```
+
+The multi-user installation of Nix will create build users between the
+user IDs 30001 and 30032, and a group with the group ID 30000. You
+can run this under your usual user account or root. The script
+will invoke `sudo` as needed.
+
+> **Note**
 >
-> ```console
-> $ pushd $(mktemp -d)
-> $ export VERSION=2.19.2
-> $ export SYSTEM=x86_64-linux
-> $ curl -LO https://releases.nixos.org/nix/nix-$VERSION/nix-$VERSION-$SYSTEM.tar.xz
-> $ tar xfj nix-$VERSION-$SYSTEM.tar.xz
-> $ cd nix-$VERSION-$SYSTEM
-> $ ./install
-> $ popd
-> ```
+> If you need Nix to use a different group ID or user ID set, you will
+> have to download the tarball manually and [edit the install
+> script](#installing-from-a-binary-tarball).
 
-The installer can be customised with the environment variables declared in the file named `install-multi-user`.
-
-## Native packages for Linux distributions
-
-The Nix community maintains installers for some Linux distributions in their native packaging format(https://nix-community.github.io/nix-installers/).
+The installer will modify `/etc/bashrc`, and `/etc/zshrc` if they exist.
+The installer will first back up these files with a `.backup-before-nix`
+extension. The installer will also create `/etc/profile.d/nix.sh`.
 
 # macOS Installation
 
-<!-- anchors to catch existing links -->
 []{#sect-macos-installation-change-store-prefix}[]{#sect-macos-installation-encrypted-volume}[]{#sect-macos-installation-symlink}[]{#sect-macos-installation-recommended-notes}
+<!-- Note: anchors above to catch permalinks to old explanations -->
 
-We believe we have ironed out how to cleanly support the read-only root file system
+We believe we have ironed out how to cleanly support the read-only root
 on modern macOS. New installs will do this automatically.
 
 This section previously detailed the situation, options, and trade-offs,
@@ -148,3 +126,33 @@ this to run the installer, but it may help if you run into trouble:
   boot process to avoid problems loading or restoring any programs that
   need access to your Nix store
 
+# Installing a pinned Nix version from a URL
+
+Version-specific installation URLs for all Nix versions
+since 1.11.16 can be found at [releases.nixos.org](https://releases.nixos.org/?prefix=nix/).
+The corresponding SHA-256 hash can be found in the directory for the given version.
+
+These install scripts can be used the same as usual:
+
+```console
+$ curl -L https://releases.nixos.org/nix/nix-<version>/install | sh
+```
+
+# Installing from a binary tarball
+
+You can also download a binary tarball that contains Nix and all its
+dependencies. (This is what the install script at
+<https://nixos.org/nix/install> does automatically.) You should unpack
+it somewhere (e.g. in `/tmp`), and then run the script named `install`
+inside the binary tarball:
+
+```console
+$ cd /tmp
+$ tar xfj nix-1.8-x86_64-darwin.tar.bz2
+$ cd nix-1.8-x86_64-darwin
+$ ./install
+```
+
+If you need to edit the multi-user installation script to use different
+group ID or a different user ID range, modify the variables set in the
+file named `install-multi-user`.

doc/manual/src/installation/installing-docker.md

@@ -3,14 +3,14 @@
 To run the latest stable release of Nix with Docker run the following command:
 
 ```console
-$ docker run -ti ghcr.io/nixos/nix
-Unable to find image 'ghcr.io/nixos/nix:latest' locally
-latest: Pulling from ghcr.io/nixos/nix
+$ docker run -ti nixos/nix
+Unable to find image 'nixos/nix:latest' locally
+latest: Pulling from nixos/nix
 5843afab3874: Pull complete
 b52bf13f109c: Pull complete
 1e2415612aa3: Pull complete
 Digest: sha256:27f6e7f60227e959ee7ece361f75d4844a40e1cc6878b6868fe30140420031ff
-Status: Downloaded newer image for ghcr.io/nixos/nix:latest
+Status: Downloaded newer image for nixos/nix:latest
 35ca4ada6e96:/# nix --version
 nix (Nix) 2.3.12
 35ca4ada6e96:/# exit

doc/manual/src/installation/installing-rootless-daemon.md

@@ -1,138 +0,0 @@
-# Using Nix in multi-user mode with a non-root daemon
-
-> Experimental blurb
-
-It is experimentally possible to run Nix in multi-user mode without running the whole daemon as root.
-This is done by delegating the only part that requires root access to a separate daemon, with a much smaller attack surface.
-Because of the need for a second daemon, this makes the setup a bit more complex and isn't yet supported by the installer. It is however possible to set this up manually:
-
-1. Create a new user and group for the daemon:
-    ```sh
-    sudo groupadd nix-daemon
-    sudo useradd --gid nix-daemon --system -c "Nix daemon user" nix-daemon
-    ```
-2. Create `/nix` owned by that user:
-    ```sh
-    sudo mkdir -m 0755 /nix
-    sudo chown nix-daemon:nix-daemon /nix
-    ```
-3. Download a statically-compiled Nix version for bootstrapping
-    ```sh
-    curl -L https://hydra.nixos.org/job/nix/master/buildStatic.x86_64-linux/latest/download-by-type/file/binary-dist -o /tmp/nix-env
-    chmod +x /tmp/nix-env
-    ```
-4. Install a proper Nix and the tracing daemon in the store
-    ```sh
-    export DAEMON_HOME=$(sudo -u nix-daemon mktemp -d)
-    sudo -u nix-daemon HOME="$DAEMON_HOME" \
-        /tmp/nix-env \
-        -f https://github.com/nixos/nix/archive/rootless-daemon.tar.gz \
-        -iA default packages.x86_64-linux.nix-find-roots \
-        --option extra-substituters https://nixos-nix-install-tests.cachix.org \
-        --option extra-trusted-public-keys nixos-nix-install-tests.cachix.org-1:Le57vOUJjOcdzLlbwmZVBuLGoDC+Xg2rQDtmIzALgFU= \
-        --store / \
-        --profile /nix/var/nix/profiles/default
-    sudo -u nix-daemon mkdir -p /nix/var/nix/gc-socket
-    sudo -u nix-daemon rm -rf "$DAEMON_HOME"
-    ```
-5. Move the tracing daemon executable out of the store (as we don't want Nix
-   to own it)
-   ```sh
-   sudo cp /nix/var/nix/profiles/default/bin/nix-find-roots /usr/bin/
-   ```
-6. Install the systemd services for the daemon:
-    ```sh
-    cat <<EOF | sudo tee /etc/systemd/system/nix-daemon.service
-    [Unit]
-    Description=Nix Daemon
-    Documentation=man:nix-daemon https://nixos.org/manual
-    RequiresMountsFor=/nix/store
-    RequiresMountsFor=/nix/var
-    RequiresMountsFor=/nix/var/nix/db
-    ConditionPathIsReadWrite=/nix/var/nix/daemon-socket
-
-    [Service]
-    ExecStart=@/nix/var/nix/profiles/default/bin/nix-daemon nix-daemon --daemon
-    KillMode=process
-    LimitNOFILE=1048576
-    TasksMax=1048576
-    User=nix-daemon
-    Group=nix-daemon
-
-    [Install]
-    WantedBy=multi-user.target
-    EOF
-    ```
-    ```sh
-    cat <<EOF | sudo tee /etc/systemd/system/nix-daemon.socket
-    [Unit]
-    Description=Nix Daemon Socket
-    Before=multi-user.target
-    RequiresMountsFor=/nix/store
-    ConditionPathIsReadWrite=/nix/var/nix/daemon-socket
-
-    [Socket]
-    ListenStream=/nix/var/nix/daemon-socket/socket
-    SocketUser=nix-daemon
-
-    [Install]
-    WantedBy=sockets.target
-    EOF
-    ```
-7. Install the systemd services for the tracing daemon:
-    ```sh
-    cat <<EOF | sudo tee /etc/systemd/system/nix-find-roots.service
-    [Unit]
-    Description=Nix GC tracer daemon
-    RequiresMountsFor=/nix/store
-    RequiresMountsFor=/nix/var
-    ConditionPathIsReadWrite=/nix/var/nix/gc-socket
-    ProcSubset=pid
-
-    [Service]
-    ExecStart=@/usr/bin/nix-find-roots nix-find-roots
-    Type=simple
-    StandardError=journal
-    ProtectSystem=full
-    ReadWritePaths=/nix/var/nix/gc-socket
-    SystemCallFilter=@system-service
-    SystemCallErrorNumber=EPERM
-    PrivateNetwork=true
-    PrivateDevices=true
-    ProtectKernelTunables=true
-
-    [Install]
-    WantedBy=multi-user.target
-    EOF
-    ```
-    ```sh
-    cat <<EOF | sudo tee /etc/systemd/system/nix-find-roots.socket
-    [Unit]
-    Description=Nix Daemon Socket
-    Before=multi-user.target
-    RequiresMountsFor=/nix/store
-    ConditionPathIsReadWrite=/nix/var/nix/gc-socket
-
-    [Socket]
-    ListenStream=/nix/var/nix/gc-socket/socket
-    Accept=false
-
-    [Install]
-    WantedBy=sockets.target
-    EOF
-    ```
-8. Enable the required experimental Nix feature and basic configuration:
-    ```sh
-    sudo mkdir /etc/nix
-    cat <<EOF | sudo tee /etc/nix/nix.conf
-    experimental-features = external-gc-daemon
-    trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=
-    substituters = https://cache.nixos.org/
-    EOF
-    ```
-9. Start the systemd sockets:
-    ```sh
-    sudo systemctl start nix-daemon.socket
-    sudo systemctl start nix-find-roots.socket
-    ```
-10. Profit

doc/manual/src/installation/prerequisites-source.md

@@ -32,15 +32,11 @@
     your distribution does not provide it, please install it from
     <http://www.sqlite.org/>.
 
-  - The [Boehm garbage collector (`bdw-gc`)](http://www.hboehm.info/gc/) to reduce
-    the evaluator’s memory consumption (optional).
-
-    To enable it, install
+  - The [Boehm garbage collector](http://www.hboehm.info/gc/) to reduce
+    the evaluator’s memory consumption (optional). To enable it, install
     `pkgconfig` and the Boehm garbage collector, and pass the flag
     `--enable-gc` to `configure`.
 
-    For `bdw-gc` <= 8.2.4 Nix needs a [small patch](https://github.com/NixOS/nix/blob/ac4d2e7b857acdfeac35ac8a592bdecee2d29838/boehmgc-traceable_allocator-public.diff) to be applied.
-
   - The `boost` library of version 1.66.0 or higher. It can be obtained
     from the official web site <https://www.boost.org/>.
 
@@ -76,7 +72,7 @@
     This is an optional dependency and can be disabled
     by providing a `--disable-cpuid` to the `configure` script.
 
-  - Unless `./configure --disable-unit-tests` is specified, GoogleTest (GTest) and
+  - Unless `./configure --disable-tests` is specified, GoogleTest (GTest) and
     RapidCheck are required, which are available at
     <https://google.github.io/googletest/> and
     <https://github.com/emil-e/rapidcheck> respectively.

doc/manual/src/installation/upgrading.md

@@ -1,40 +1,14 @@
 # Upgrading Nix
 
-> **Note**
->
-> These upgrade instructions apply where Nix was installed following the [installation instructions in this manual](./index.md).
+Multi-user Nix users on macOS can upgrade Nix by running: `sudo -i sh -c
+'nix-channel --update &&
+nix-env --install --attr nixpkgs.nix &&
+launchctl remove org.nixos.nix-daemon &&
+launchctl load /Library/LaunchDaemons/org.nixos.nix-daemon.plist'`
 
-Check which Nix version will be installed, for example from one of the [release channels](http://channels.nixos.org/) such as `nixpkgs-unstable`:
+Single-user installations of Nix should run this: `nix-channel --update;
+nix-env --install --attr nixpkgs.nix nixpkgs.cacert`
 
-```console
-$ nix-shell -p nix -I nixpkgs=channel:nixpkgs-unstable --run "nix --version"
-nix (Nix) 2.18.1
-```
-
-> **Warning**
->
-> Writing to the [local store](@docroot@/store/types/local-store.md) with a newer version of Nix, for example by building derivations with [`nix-build`](@docroot@/command-ref/nix-build.md) or [`nix-store --realise`](@docroot@/command-ref/nix-store/realise.md), may change the database schema!
-> Reverting to an older version of Nix may therefore require purging the store database before it can be used.
-
-## Linux multi-user
-
-```console
-$ sudo su
-# nix-env --install --file '<nixpkgs>' --attr nix cacert -I nixpkgs=channel:nixpkgs-unstable
-# systemctl daemon-reload
-# systemctl restart nix-daemon
-```
-
-## macOS multi-user
-
-```console
-$ sudo nix-env --install --file '<nixpkgs>' --attr nix -I nixpkgs=channel:nixpkgs-unstable
-$ sudo launchctl remove org.nixos.nix-daemon
-$ sudo launchctl load /Library/LaunchDaemons/org.nixos.nix-daemon.plist
-```
-
-## Single-user all platforms
-
-```console
-$ nix-env --install --file '<nixpkgs>' --attr nix cacert -I nixpkgs=channel:nixpkgs-unstable
-```
+Multi-user Nix users on Linux should run this with sudo: `nix-channel
+--update; nix-env --install --attr nixpkgs.nix nixpkgs.cacert; systemctl
+daemon-reload; systemctl restart nix-daemon`

doc/manual/src/language/advanced-attributes.md

@@ -112,13 +112,6 @@ Derivations can declare some infrequently used optional attributes.
     > environmental variables come from the environment of the
     > `nix-build`.
 
-    If the [`configurable-impure-env` experimental
-    feature](@docroot@/contributing/experimental-features.md#xp-feature-configurable-impure-env)
-    is enabled, these environment variables can also be controlled
-    through the
-    [`impure-env`](@docroot@/command-ref/conf-file.md#conf-impure-env)
-    configuration setting.
-
   - [`outputHash`]{#adv-attr-outputHash}; [`outputHashAlgo`]{#adv-attr-outputHashAlgo}; [`outputHashMode`]{#adv-attr-outputHashMode}\
     These attributes declare that the derivation is a so-called
     *fixed-output derivation*, which means that a cryptographic hash of
@@ -236,8 +229,6 @@ Derivations can declare some infrequently used optional attributes.
     [`outputHashAlgo`](#adv-attr-outputHashAlgo)
     like for *fixed-output derivations* (see above).
 
-    It also implicitly requires that the machine to build the derivation must have the `ca-derivations` [system feature](@docroot@/command-ref/conf-file.md#conf-system-features).
-
   - [`passAsFile`]{#adv-attr-passAsFile}\
     A list of names of attributes that should be passed via files rather
     than environment variables. For example, if you have
@@ -257,36 +248,41 @@ Derivations can declare some infrequently used optional attributes.
     of the environment (typically, a few hundred kilobyte).
 
   - [`preferLocalBuild`]{#adv-attr-preferLocalBuild}\
-    If this attribute is set to `true` and [distributed building is enabled](@docroot@/command-ref/conf-file.md#conf-builders), then, if possible, the derivation will be built locally instead of being forwarded to a remote machine.
-    This is useful for derivations that are cheapest to build locally.
+    If this attribute is set to `true` and [distributed building is
+    enabled](../advanced-topics/distributed-builds.md), then, if
+    possible, the derivation will be built locally instead of forwarded
+    to a remote machine. This is appropriate for trivial builders
+    where the cost of doing a download or remote build would exceed
+    the cost of building locally.
 
   - [`allowSubstitutes`]{#adv-attr-allowSubstitutes}\
-    If this attribute is set to `false`, then Nix will always build this derivation (locally or remotely); it will not try to substitute its outputs.
-    This is useful for derivations that are cheaper to build than to substitute.
-
-    This attribute can be ignored by setting [`always-allow-substitutes`](@docroot@/command-ref/conf-file.md#conf-always-allow-substitutes) to `true`.
+    If this attribute is set to `false`, then Nix will always build this
+    derivation; it will not try to substitute its outputs. This is
+    useful for very trivial derivations (such as `writeText` in Nixpkgs)
+    that are cheaper to build than to substitute from a binary cache.
 
     > **Note**
     >
-    > If set to `false`, the [`builder`](./derivations.md#attr-builder) should be able to run on the system type specified in the [`system` attribute](./derivations.md#attr-system), since the derivation cannot be substituted.
+    > You need to have a builder configured which satisfies the
+    > derivation’s `system` attribute, since the derivation cannot be
+    > substituted. Thus it is usually a good idea to align `system` with
+    > `builtins.currentSystem` when setting `allowSubstitutes` to
+    > `false`. For most trivial derivations this should be the case.
 
   - [`__structuredAttrs`]{#adv-attr-structuredAttrs}\
     If the special attribute `__structuredAttrs` is set to `true`, the other derivation
-    attributes are serialised into a file in JSON format. The environment variable
-    `NIX_ATTRS_JSON_FILE` points to the exact location of that file both in a build
-    and a [`nix-shell`](../command-ref/nix-shell.md). This obviates the need for
-    [`passAsFile`](#adv-attr-passAsFile) since JSON files have no size restrictions,
-    unlike process environments.
+    attributes are serialised in JSON format and made available to the
+    builder via the file `.attrs.json` in the builder’s temporary
+    directory. This obviates the need for [`passAsFile`](#adv-attr-passAsFile) since JSON files
+    have no size restrictions, unlike process environments.
 
     It also makes it possible to tweak derivation settings in a structured way; see
     [`outputChecks`](#adv-attr-outputChecks) for example.
 
     As a convenience to Bash builders,
-    Nix writes a script that initialises shell variables
-    corresponding to all attributes that are representable in Bash. The
-    environment variable `NIX_ATTRS_SH_FILE` points to the exact
-    location of the script, both in a build and a
-    [`nix-shell`](../command-ref/nix-shell.md). This includes non-nested
+    Nix writes a script named `.attrs.sh` to the builder’s directory
+    that initialises shell variables corresponding to all attributes
+    that are representable in Bash. This includes non-nested
     (associative) arrays. For example, the attribute `hardening.format = true`
     ends up as the Bash associative array element `${hardening[format]}`.
 
@@ -339,15 +335,3 @@ Derivations can declare some infrequently used optional attributes.
     This is useful, for example, when generating self-contained filesystem images with
     their own embedded Nix store: hashes found inside such an image refer
     to the embedded store and not to the host's Nix store.
-
-- [`requiredSystemFeatures`]{#adv-attr-requiredSystemFeatures}\
-
-  If a derivation has the `requiredSystemFeatures` attribute, then Nix will only build it on a machine that has the corresponding features set in its [`system-features` configuration](@docroot@/command-ref/conf-file.md#conf-system-features).
-
-  For example, setting
-
-  ```nix
-  requiredSystemFeatures = [ "kvm" ];
-  ```
-
-  ensures that the derivation can only be built on a machine with the `kvm` feature.

doc/manual/src/language/constructs.md

@@ -132,32 +132,6 @@ a = src-set.a; b = src-set.b; c = src-set.c;
 when used while defining local variables in a let-expression or while
 defining a set.
 
-In a `let` expression, `inherit` can be used to selectively bring specific attributes of a set into scope. For example
-
-
-```nix
-let
-  x = { a = 1; b = 2; };
-  inherit (builtins) attrNames;
-in
-{
-  names = attrNames x;
-}
-```
-
-is equivalent to
-
-```nix
-let
-  x = { a = 1; b = 2; };
-in
-{
-  names = builtins.attrNames x;
-}
-```
-
-both evaluate to `{ names = [ "a" "b" ]; }`.
-
 ## Functions
 
 Functions have the following form:
@@ -172,65 +146,65 @@ three kinds of patterns:
 
   - If a pattern is a single identifier, then the function matches any
     argument. Example:
-
+    
     ```nix
     let negate = x: !x;
         concat = x: y: x + y;
     in if negate true then concat "foo" "bar" else ""
     ```
-
+    
     Note that `concat` is a function that takes one argument and returns
     a function that takes another argument. This allows partial
     parameterisation (i.e., only filling some of the arguments of a
     function); e.g.,
-
+    
     ```nix
     map (concat "foo") [ "bar" "bla" "abc" ]
     ```
-
+    
     evaluates to `[ "foobar" "foobla" "fooabc" ]`.
 
   - A *set pattern* of the form `{ name1, name2, …, nameN }` matches a
     set containing the listed attributes, and binds the values of those
     attributes to variables in the function body. For example, the
     function
-
+    
     ```nix
     { x, y, z }: z + y + x
     ```
-
+    
     can only be called with a set containing exactly the attributes `x`,
     `y` and `z`. No other attributes are allowed. If you want to allow
     additional arguments, you can use an ellipsis (`...`):
-
+    
     ```nix
     { x, y, z, ... }: z + y + x
     ```
-
+    
     This works on any set that contains at least the three named
     attributes.
-
+    
     It is possible to provide *default values* for attributes, in
     which case they are allowed to be missing. A default value is
     specified by writing `name ?  e`, where *e* is an arbitrary
     expression. For example,
-
+    
     ```nix
     { x, y ? "foo", z ? "bar" }: z + y + x
     ```
-
+    
     specifies a function that only requires an attribute named `x`, but
     optionally accepts `y` and `z`.
 
   - An `@`-pattern provides a means of referring to the whole value
     being matched:
-
+    
     ```nix
     args@{ x, y, z, ... }: z + y + x + args.a
     ```
-
+    
     but can also be written as:
-
+    
     ```nix
     { x, y, z, ... } @ args: z + y + x + args.a
     ```

doc/manual/src/language/constructs/lookup-path.md

@@ -1,27 +0,0 @@
-# Lookup path
-
-> **Syntax**
->
-> *lookup-path* = `<` *identifier* [ `/` *identifier* ]... `>`
-
-A lookup path is an identifier with an optional path suffix that resolves to a [path value](@docroot@/language/values.md#type-path) if the identifier matches a search path entry.
-
-The value of a lookup path is determined by [`builtins.nixPath`](@docroot@/language/builtin-constants.md#builtins-nixPath).
-
-See [`builtins.findFile`](@docroot@/language/builtins.md#builtins-findFile) for details on lookup path resolution.
-
-> **Example**
->
-> ```nix
-> <nixpkgs>
->```
->
->     /nix/var/nix/profiles/per-user/root/channels/nixpkgs
-
-> **Example**
->
-> ```nix
-> <nixpkgs/nixos>
->```
->
->     /nix/var/nix/profiles/per-user/root/channels/nixpkgs/nixos

doc/manual/src/language/derivations.md

@@ -1,315 +1,161 @@
 # Derivations
 
-The most important built-in function is `derivation`, which is used to describe a single derivation:
-a specification for running an executable on precisely defined input files to repeatably produce output files at uniquely determined file system paths.
-
-It takes as input an attribute set, the attributes of which specify the inputs to the process.
-It outputs an attribute set, and produces a [store derivation] as a side effect of evaluation.
-
-[store derivation]: @docroot@/glossary.md#gloss-store-derivation
-
-## Input attributes
-
-### Required
-
-- [`name`]{#attr-name} ([String](@docroot@/language/values.md#type-string))
-
-  A symbolic name for the derivation.
-  It is added to the [store path] of the corresponding [store derivation] as well as to its [output paths](@docroot@/glossary.md#gloss-output-path).
-
-  [store path]: @docroot@/glossary.md#gloss-store-path
-
-  > **Example**
-  >
-  > ```nix
-  > derivation {
-  >   name = "hello";
-  >   # ...
-  > }
-  > ```
-  >
-  > The store derivation's path will be `/nix/store/<hash>-hello.drv`.
-  > The [output](#attr-outputs) paths will be of the form `/nix/store/<hash>-hello[-<output>]`
-
-- [`system`]{#attr-system} ([String](@docroot@/language/values.md#type-string))
-
-  The system type on which the [`builder`](#attr-builder) executable is meant to be run.
-
-  A necessary condition for Nix to build derivations locally is that the `system` attribute matches the current [`system` configuration option].
-  It can automatically [build on other platforms](@docroot@/language/derivations.md#attr-builder) by forwarding build requests to other machines.
-
-  [`system` configuration option]: @docroot@/command-ref/conf-file.md#conf-system
-
-  > **Example**
-  >
-  > Declare a derivation to be built on a specific system type:
-  >
-  > ```nix
-  > derivation {
-  >   # ...
-  >   system = "x86_64-linux";
-  >   # ...
-  > }
-  > ```
-
-  > **Example**
-  >
-  > Declare a derivation to be built on the system type that evaluates the expression:
-  >
-  > ```nix
-  > derivation {
-  >   # ...
-  >   system = builtins.currentSystem;
-  >   # ...
-  > }
-  > ```
-  >
-  > [`builtins.currentSystem`](@docroot@/language/builtin-constants.md#builtins-currentSystem) has the value of the [`system` configuration option], and defaults to the system type of the current Nix installation.
-
-- [`builder`]{#attr-builder} ([Path](@docroot@/language/values.md#type-path) | [String](@docroot@/language/values.md#type-string))
-
-  Path to an executable that will perform the build.
-
-  > **Example**
-  >
-  > Use the file located at `/bin/bash` as the builder executable:
-  >
-  > ```nix
-  > derivation {
-  >   # ...
-  >   builder = "/bin/bash";
-  >   # ...
-  > };
-  > ```
-
-  <!-- -->
-
-  > **Example**
-  >
-  > Copy a local file to the Nix store for use as the builder executable:
-  >
-  > ```nix
-  > derivation {
-  >   # ...
-  >   builder = ./builder.sh;
-  >   # ...
-  > };
-  > ```
-
-  <!-- -->
-
-  > **Example**
-  >
-  > Use a file from another derivation as the builder executable:
-  >
-  > ```nix
-  > let pkgs = import <nixpkgs> {}; in
-  > derivation {
-  >   # ...
-  >   builder = "${pkgs.python}/bin/python";
-  >   # ...
-  > };
-  > ```
-
-### Optional
-
-- [`args`]{#attr-args} ([List](@docroot@/language/values.md#list) of [String](@docroot@/language/values.md#type-string))
-
-  Default: `[ ]`
-
-  Command-line arguments to be passed to the [`builder`](#attr-builder) executable.
-
-  > **Example**
-  >
-  > Pass arguments to Bash to interpret a shell command:
-  >
-  > ```nix
-  > derivation {
-  >   # ...
-  >   builder = "/bin/bash";
-  >   args = [ "-c" "echo hello world > $out" ];
-  >   # ...
-  > };
-  > ```
-
-- [`outputs`]{#attr-outputs} ([List](@docroot@/language/values.md#list) of [String](@docroot@/language/values.md#type-string))
-
-  Default: `[ "out" ]`
-
-  Symbolic outputs of the derivation.
-  Each output name is passed to the [`builder`](#attr-builder) executable as an environment variable with its value set to the corresponding [store path].
-
-  By default, a derivation produces a single output called `out`.
-  However, derivations can produce multiple outputs.
-  This allows the associated [store objects](@docroot@/glossary.md#gloss-store-object) and their [closures](@docroot@/glossary.md#gloss-closure) to be copied or garbage-collected separately.
-
-  > **Example**
-  >
-  > Imagine a library package that provides a dynamic library, header files, and documentation.
-  > A program that links against such a library doesn’t need the header files and documentation at runtime, and it doesn’t need the documentation at build time.
-  > Thus, the library package could specify:
-  >
-  > ```nix
-  > derivation {
-  >   # ...
-  >   outputs = [ "lib" "dev" "doc" ];
-  >   # ...
-  > }
-  > ```
-  >
-  > This will cause Nix to pass environment variables `lib`, `dev`, and `doc` to the builder containing the intended store paths of each output.
-  > The builder would typically do something like
-  >
-  > ```bash
-  > ./configure \
-  >   --libdir=$lib/lib \
-  >   --includedir=$dev/include \
-  >   --docdir=$doc/share/doc
-  > ```
-  >
-  > for an Autoconf-style package.
-
-  The name of an output is combined with the name of the derivation to create the name part of the output's store path, unless it is `out`, in which case just the name of the derivation is used.
-
-  > **Example**
-  >
-  >
-  > ```nix
-  > derivation {
-  >   name = "example";
-  >   outputs = [ "lib" "dev" "doc" "out" ];
-  >   # ...
-  > }
-  > ```
-  >
-  > The store derivation path will be `/nix/store/<hash>-example.drv`.
-  > The output paths will be
-  > - `/nix/store/<hash>-example-lib`
-  > - `/nix/store/<hash>-example-dev`
-  > - `/nix/store/<hash>-example-doc`
-  > - `/nix/store/<hash>-example`
-
-  You can refer to each output of a derivation by selecting it as an attribute.
-  The first element of `outputs` determines the *default output* and ends up at the top-level.
-
-  > **Example**
-  >
-  > Select an output by attribute name:
-  >
-  > ```nix
-  > let
-  >   myPackage = derivation {
-  >     name = "example";
-  >     outputs = [ "lib" "dev" "doc" "out" ];
-  >     # ...
-  >   };
-  > in myPackage.dev
-  > ```
-  >
-  > Since `lib` is the first output, `myPackage` is equivalent to `myPackage.lib`.
-
-  <!-- FIXME: refer to the output attributes when we have one -->
-
-- See [Advanced Attributes](./advanced-attributes.md) for more, infrequently used, optional attributes.
-
-  <!-- FIXME: This should be moved here -->
-
-- Every other attribute is passed as an environment variable to the builder.
-  Attribute values are translated to environment variables as follows:
-
-    - Strings are passed unchanged.
-
-    - Integral numbers are converted to decimal notation.
-
-    - Floating point numbers are converted to simple decimal or scientific notation with a preset precision.
-
-    - A *path* (e.g., `../foo/sources.tar`) causes the referenced file
-      to be copied to the store; its location in the store is put in
-      the environment variable. The idea is that all sources should
-      reside in the Nix store, since all inputs to a derivation should
-      reside in the Nix store.
-
-    - A *derivation* causes that derivation to be built prior to the
-      present derivation. The environment variable is set to the [store path] of the derivation's default [output](#attr-outputs).
-
-    - Lists of the previous types are also allowed. They are simply
-      concatenated, separated by spaces.
-
-    - `true` is passed as the string `1`, `false` and `null` are
-      passed as an empty string.
-
-<!-- FIXME: add a section on output attributes -->
-
-## Builder execution
-
-The [`builder`](#attr-builder) is executed as follows:
-
-- A temporary directory is created under the directory specified by
-  `TMPDIR` (default `/tmp`) where the build will take place. The
-  current directory is changed to this directory.
-
-- The environment is cleared and set to the derivation attributes, as
-  specified above.
-
-- In addition, the following variables are set:
-
-  - `NIX_BUILD_TOP` contains the path of the temporary directory for
-    this build.
-
-  - Also, `TMPDIR`, `TEMPDIR`, `TMP`, `TEMP` are set to point to the
-    temporary directory. This is to prevent the builder from
-    accidentally writing temporary files anywhere else. Doing so
-    might cause interference by other processes.
-
-  - `PATH` is set to `/path-not-set` to prevent shells from
-    initialising it to their built-in default value.
-
-  - `HOME` is set to `/homeless-shelter` to prevent programs from
-    using `/etc/passwd` or the like to find the user's home
-    directory, which could cause impurity. Usually, when `HOME` is
-    set, it is used as the location of the home directory, even if
-    it points to a non-existent path.
-
-  - `NIX_STORE` is set to the path of the top-level Nix store
-    directory (typically, `/nix/store`).
-
-  - `NIX_ATTRS_JSON_FILE` & `NIX_ATTRS_SH_FILE` if `__structuredAttrs`
-    is set to `true` for the derivation. A detailed explanation of this
-    behavior can be found in the
-    [section about structured attrs](./advanced-attributes.md#adv-attr-structuredAttrs).
-
-  - For each output declared in `outputs`, the corresponding
-    environment variable is set to point to the intended path in the
-    Nix store for that output. Each output path is a concatenation
-    of the cryptographic hash of all build inputs, the `name`
-    attribute and the output name. (The output name is omitted if
-    it’s `out`.)
-
-- If an output path already exists, it is removed. Also, locks are
-  acquired to prevent multiple Nix instances from performing the same
-  build at the same time.
-
-- A log of the combined standard output and error is written to
-  `/nix/var/log/nix`.
-
-- The builder is executed with the arguments specified by the
-  attribute `args`. If it exits with exit code 0, it is considered to
-  have succeeded.
-
-- The temporary directory is removed (unless the `-K` option was
-  specified).
-
-- If the build was successful, Nix scans each output path for
-  references to input paths by looking for the hash parts of the input
-  paths. Since these are potential runtime dependencies, Nix registers
-  them as dependencies of the output paths.
-
-- After the build, Nix sets the last-modified timestamp on all files
-  in the build result to 1 (00:00:01 1/1/1970 UTC), sets the group to
-  the default group, and sets the mode of the file to 0444 or 0555
-  (i.e., read-only, with execute permission enabled if the file was
-  originally executable). Note that possible `setuid` and `setgid`
-  bits are cleared. Setuid and setgid programs are not currently
-  supported by Nix. This is because the Nix archives used in
-  deployment have no concept of ownership information, and because it
-  makes the build result dependent on the user performing the build.
+The most important built-in function is `derivation`, which is used to
+describe a single derivation (a build task). It takes as input a set,
+the attributes of which specify the inputs of the build.
+
+  - There must be an attribute named [`system`]{#attr-system} whose value must be a
+    string specifying a Nix system type, such as `"i686-linux"` or
+    `"x86_64-darwin"`. (To figure out your system type, run `nix -vv
+    --version`.) The build can only be performed on a machine and
+    operating system matching the system type. (Nix can automatically
+    [forward builds for other
+    platforms](../advanced-topics/distributed-builds.md) by forwarding
+    them to other machines.)
+
+  - There must be an attribute named `name` whose value must be a
+    string. This is used as a symbolic name for the package by
+    `nix-env`, and it is appended to the output paths of the derivation.
+
+  - There must be an attribute named [`builder`]{#attr-builder} that identifies the
+    program that is executed to perform the build. It can be either a
+    derivation or a source (a local file reference, e.g.,
+    `./builder.sh`).
+
+  - Every attribute is passed as an environment variable to the builder.
+    Attribute values are translated to environment variables as follows:
+    
+      - Strings and numbers are just passed verbatim.
+    
+      - A *path* (e.g., `../foo/sources.tar`) causes the referenced file
+        to be copied to the store; its location in the store is put in
+        the environment variable. The idea is that all sources should
+        reside in the Nix store, since all inputs to a derivation should
+        reside in the Nix store.
+    
+      - A *derivation* causes that derivation to be built prior to the
+        present derivation; its default output path is put in the
+        environment variable.
+    
+      - Lists of the previous types are also allowed. They are simply
+        concatenated, separated by spaces.
+    
+      - `true` is passed as the string `1`, `false` and `null` are
+        passed as an empty string.
+
+  - The optional attribute `args` specifies command-line arguments to be
+    passed to the builder. It should be a list.
+
+  - The optional attribute `outputs` specifies a list of symbolic
+    outputs of the derivation. By default, a derivation produces a
+    single output path, denoted as `out`. However, derivations can
+    produce multiple output paths. This is useful because it allows
+    outputs to be downloaded or garbage-collected separately. For
+    instance, imagine a library package that provides a dynamic library,
+    header files, and documentation. A program that links against the
+    library doesn’t need the header files and documentation at runtime,
+    and it doesn’t need the documentation at build time. Thus, the
+    library package could specify:
+    
+    ```nix
+    outputs = [ "lib" "headers" "doc" ];
+    ```
+    
+    This will cause Nix to pass environment variables `lib`, `headers`
+    and `doc` to the builder containing the intended store paths of each
+    output. The builder would typically do something like
+    
+    ```bash
+    ./configure \
+      --libdir=$lib/lib \
+      --includedir=$headers/include \
+      --docdir=$doc/share/doc
+    ```
+    
+    for an Autoconf-style package. You can refer to each output of a
+    derivation by selecting it as an attribute, e.g.
+    
+    ```nix
+    buildInputs = [ pkg.lib pkg.headers ];
+    ```
+    
+    The first element of `outputs` determines the *default output*.
+    Thus, you could also write
+    
+    ```nix
+    buildInputs = [ pkg pkg.headers ];
+    ```
+    
+    since `pkg` is equivalent to `pkg.lib`.
+
+The function `mkDerivation` in the Nixpkgs standard environment is a
+wrapper around `derivation` that adds a default value for `system` and
+always uses Bash as the builder, to which the supplied builder is passed
+as a command-line argument. See the Nixpkgs manual for details.
+
+The builder is executed as follows:
+
+  - A temporary directory is created under the directory specified by
+    `TMPDIR` (default `/tmp`) where the build will take place. The
+    current directory is changed to this directory.
+
+  - The environment is cleared and set to the derivation attributes, as
+    specified above.
+
+  - In addition, the following variables are set:
+    
+      - `NIX_BUILD_TOP` contains the path of the temporary directory for
+        this build.
+    
+      - Also, `TMPDIR`, `TEMPDIR`, `TMP`, `TEMP` are set to point to the
+        temporary directory. This is to prevent the builder from
+        accidentally writing temporary files anywhere else. Doing so
+        might cause interference by other processes.
+    
+      - `PATH` is set to `/path-not-set` to prevent shells from
+        initialising it to their built-in default value.
+    
+      - `HOME` is set to `/homeless-shelter` to prevent programs from
+        using `/etc/passwd` or the like to find the user's home
+        directory, which could cause impurity. Usually, when `HOME` is
+        set, it is used as the location of the home directory, even if
+        it points to a non-existent path.
+    
+      - `NIX_STORE` is set to the path of the top-level Nix store
+        directory (typically, `/nix/store`).
+    
+      - For each output declared in `outputs`, the corresponding
+        environment variable is set to point to the intended path in the
+        Nix store for that output. Each output path is a concatenation
+        of the cryptographic hash of all build inputs, the `name`
+        attribute and the output name. (The output name is omitted if
+        it’s `out`.)
+
+  - If an output path already exists, it is removed. Also, locks are
+    acquired to prevent multiple Nix instances from performing the same
+    build at the same time.
+
+  - A log of the combined standard output and error is written to
+    `/nix/var/log/nix`.
+
+  - The builder is executed with the arguments specified by the
+    attribute `args`. If it exits with exit code 0, it is considered to
+    have succeeded.
+
+  - The temporary directory is removed (unless the `-K` option was
+    specified).
+
+  - If the build was successful, Nix scans each output path for
+    references to input paths by looking for the hash parts of the input
+    paths. Since these are potential runtime dependencies, Nix registers
+    them as dependencies of the output paths.
+
+  - After the build, Nix sets the last-modified timestamp on all files
+    in the build result to 1 (00:00:01 1/1/1970 UTC), sets the group to
+    the default group, and sets the mode of the file to 0444 or 0555
+    (i.e., read-only, with execute permission enabled if the file was
+    originally executable). Note that possible `setuid` and `setgid`
+    bits are cleared. Setuid and setgid programs are not currently
+    supported by Nix. This is because the Nix archives used in
+    deployment have no concept of ownership information, and because it
+    makes the build result dependent on the user performing the build.

doc/manual/src/language/import-from-derivation.md

@@ -1,141 +0,0 @@
-# Import From Derivation
-
-The value of a Nix expression can depend on the contents of a [store object].
-
-[store object]: @docroot@/glossary.md#gloss-store-object
-
-Passing an expression `expr` that evaluates to a [store path](@docroot@/glossary.md#gloss-store-path) to any built-in function which reads from the filesystem constitutes Import From Derivation (IFD):
-
-- [`import`](./builtins.md#builtins-import)` expr`
-- [`builtins.readFile`](./builtins.md#builtins-readFile)` expr`
-- [`builtins.readFileType`](./builtins.md#builtins-readFileType)` expr`
-- [`builtins.readDir`](./builtins.md#builtins-readDir)` expr`
-- [`builtins.pathExists`](./builtins.md#builtins-pathExists)` expr`
-- [`builtins.filterSource`](./builtins.md#builtins-filterSource)` f expr`
-- [`builtins.path`](./builtins.md#builtins-path)` { path = expr; }`
-- [`builtins.hashFile`](./builtins.md#builtins-hashFile)` t expr`
-- `builtins.scopedImport x drv`
-
-When the store path needs to be accessed, evaluation will be paused, the corresponding store object [realised], and then evaluation resumed.
-
-[realised]: @docroot@/glossary.md#gloss-realise
-
-This has performance implications:
-Evaluation can only finish when all required store objects are realised.
-Since the Nix language evaluator is sequential, it only finds store paths to read from one at a time.
-While realisation is always parallel, in this case it cannot be done for all required store paths at once, and is therefore much slower than otherwise.
-
-Realising store objects during evaluation can be disabled by setting [`allow-import-from-derivation`](../command-ref/conf-file.md#conf-allow-import-from-derivation) to `false`.
-Without IFD it is ensured that evaluation is complete and Nix can produce a build plan before starting any realisation.
-
-## Example
-
-In the following Nix expression, the inner derivation `drv` produces a file with contents `hello`.
-
-```nix
-# IFD.nix
-let
-  drv = derivation {
-    name = "hello";
-    builder = "/bin/sh";
-    args = [ "-c" "echo -n hello > $out" ];
-    system = builtins.currentSystem;
-  };
-in "${builtins.readFile drv} world"
-```
-
-```shellSession
-nix-instantiate IFD.nix --eval --read-write-mode
-```
-
-```
-building '/nix/store/348q1cal6sdgfxs8zqi9v8llrsn4kqkq-hello.drv'...
-"hello world"
-```
-
-The contents of the derivation's output have to be [realised] before they can be read with [`readFile`](./builtins.md#builtins-readFile).
-Only then evaluation can continue to produce the final result.
-
-## Illustration
-
-As a first approximation, the following data flow graph shows how evaluation and building are interleaved, if the value of a Nix expression depends on realising a [store object].
-Boxes are data structures, arrow labels are transformations.
-
-```
-+----------------------+             +------------------------+
-| Nix evaluator        |             | Nix store              |
-|  .----------------.  |             |                        |
-|  | Nix expression |  |             |                        |
-|  '----------------'  |             |                        |
-|          |           |             |                        |
-|       evaluate       |             |                        |
-|          |           |             |                        |
-|          V           |             |                        |
-|    .------------.    |             |  .------------------.  |
-|    | derivation |----|-instantiate-|->| store derivation |  |
-|    '------------'    |             |  '------------------'  |
-|                      |             |           |            |
-|                      |             |        realise         |
-|                      |             |           |            |
-|                      |             |           V            |
-|  .----------------.  |             |    .--------------.    |
-|  | Nix expression |<-|----read-----|----| store object |    |
-|  '----------------'  |             |    '--------------'    |
-|          |           |             |                        |
-|       evaluate       |             |                        |
-|          |           |             |                        |
-|          V           |             |                        |
-|    .------------.    |             |                        |
-|    |   value    |    |             |                        |
-|    '------------'    |             |                        |
-+----------------------+             +------------------------+
-```
-
-In more detail, the following sequence diagram shows how the expression is evaluated step by step, and where evaluation is blocked to wait for the build output to appear.
-
-```
-.-------.     .-------------.                        .---------.
-|Nix CLI|     |Nix evaluator|                        |Nix store|
-'-------'     '-------------'                        '---------'
-    |                |                                    |
-    |evaluate IFD.nix|                                    |
-    |--------------->|                                    |
-    |                |                                    |
-    |  evaluate `"${readFile drv} world"`                 |
-    |                |                                    |
-    |    evaluate `readFile drv`                          |
-    |                |                                    |
-    |   evaluate `drv` as string                          |
-    |                |                                    |
-    |                |instantiate /nix/store/...-hello.drv|
-    |                |----------------------------------->|
-    |                :                                    |
-    |                :  realise /nix/store/...-hello.drv  |
-    |                :----------------------------------->|
-    |                :                                    |
-    |                                                     |--------.
-    |                :                                    |        |
-    |      (evaluation blocked)                           |  echo hello > $out
-    |                :                                    |        |
-    |                                                     |<-------'
-    |                :        /nix/store/...-hello        |
-    |                |<-----------------------------------|
-    |                |                                    |
-    |  resume `readFile /nix/store/...-hello`             |
-    |                |                                    |
-    |                |   readFile /nix/store/...-hello    |
-    |                |----------------------------------->|
-    |                |                                    |
-    |                |               hello                |
-    |                |<-----------------------------------|
-    |                |                                    |
-    |      resume `"${"hello"} world"`                    |
-    |                |                                    |
-    |        resume `"hello world"`                       |
-    |                |                                    |
-    | "hello world"  |                                    |
-    |<---------------|                                    |
-.-------.     .-------------.                        .---------.
-|Nix CLI|     |Nix evaluator|                        |Nix store|
-'-------'     '-------------'                        '---------'
-```

doc/manual/src/language/index.md

@@ -83,8 +83,7 @@ This is an incomplete overview of language features, by example.
   </td>
   <td>
 
-   <!-- FIXME: using two no-break spaces, because apparently mdBook swallows the second regular space! -->
-   A multi-line string. Strips common prefixed whitespace. Evaluates to `"multi\n line\n  string"`.
+   A multi-line string. Strips common prefixed whitespace. Evaluates to `"multi\n line\n  string"`.
 
   </td>
  </tr>

doc/manual/src/language/operators.md

@@ -25,7 +25,7 @@
 | Inequality                             | *expr* `!=` *expr*                         | none          | 11         |
 | Logical conjunction (`AND`)            | *bool* `&&` *bool*                         | left          | 12         |
 | Logical disjunction (`OR`)             | *bool* <code>\|\|</code> *bool*            | left          | 13         |
-| [Logical implication]                  | *bool* `->` *bool*                         | right         | 14         |
+| [Logical implication]                  | *bool* `->` *bool*                         | none          | 14         |
 
 [string]: ./values.md#type-string
 [path]: ./values.md#type-path
@@ -35,8 +35,6 @@
 
 ## Attribute selection
 
-> **Syntax**
->
 > *attrset* `.` *attrpath* \[ `or` *expr* \]
 
 Select the attribute denoted by attribute path *attrpath* from [attribute set] *attrset*.
@@ -44,29 +42,21 @@ If the attribute doesn’t exist, return the *expr* after `or` if provided, othe
 
 An attribute path is a dot-separated list of [attribute names](./values.md#attribute-set).
 
-> **Syntax**
->
 > *attrpath* = *name* [ `.` *name* ]...
 
 [Attribute selection]: #attribute-selection
 
 ## Has attribute
 
-> **Syntax**
->
 > *attrset* `?` *attrpath*
 
 Test whether [attribute set] *attrset* contains the attribute denoted by *attrpath*.
 The result is a [Boolean] value.
 
-See also: [`builtins.hasAttr`](@docroot@/language/builtins.md#builtins-hasAttr)
-
 [Boolean]: ./values.md#type-boolean
 
 [Has attribute]: #has-attribute
 
-After evaluating *attrset* and *attrpath*, the computational complexity is O(log(*n*)) for *n* attributes in the *attrset*
-
 ## Arithmetic
 
 Numbers are type-compatible:
@@ -80,29 +70,23 @@ The `+` operator is overloaded to also work on strings and paths.
 
 ## String concatenation
 
-> **Syntax**
->
 > *string* `+` *string*
 
-Concatenate two [strings][string] and merge their string contexts.
+Concatenate two [string]s and merge their string contexts.
 
 [String concatenation]: #string-concatenation
 
 ## Path concatenation
 
-> **Syntax**
->
 > *path* `+` *path*
 
-Concatenate two [paths][path].
+Concatenate two [path]s.
 The result is a path.
 
 [Path concatenation]: #path-concatenation
 
 ## Path and string concatenation
 
-> **Syntax**
->
 > *path* + *string*
 
 Concatenate *[path]* with *[string]*.
@@ -116,8 +100,6 @@ The result is a path.
 
 ## String and path concatenation
 
-> **Syntax**
->
 > *string* + *path*
 
 Concatenate *[string]* with *[path]*.
@@ -135,8 +117,6 @@ The result is a string.
 
 ## Update
 
-> **Syntax**
->
 > *attrset1* // *attrset2*
 
 Update [attribute set] *attrset1* with names and values from *attrset2*.
@@ -150,9 +130,9 @@ If an attribute name is present in both, the attribute value from the latter is
 
 Comparison is
 
-- [arithmetic] for [numbers][number]
-- lexicographic for [strings][string] and [paths][path]
-- item-wise lexicographic for [lists][list]:
+- [arithmetic] for [number]s
+- lexicographic for [string]s and [path]s
+- item-wise lexicographic for [list]s:
   elements at the same index in both lists are compared according to their type and skipped if they are equal.
 
 All comparison operators are implemented in terms of `<`, and the following equivalencies hold:
@@ -163,12 +143,12 @@ All comparison operators are implemented in terms of `<`, and the following equi
 | *a* `>`  *b* |       *b* `<` *a*     |
 | *a* `>=` *b* | `! (` *a* `<` *b* `)` |
 
-[Comparison]: #comparison
+[Comparison]: #comparison-operators
 
 ## Equality
 
-- [Attribute sets][attribute set] and [lists][list] are compared recursively, and therefore are fully evaluated.
-- Comparison of [functions][function] always returns `false`.
+- [Attribute sets][attribute set] and [list]s are compared recursively, and therefore are fully evaluated.
+- Comparison of [function]s always returns `false`.
 - Numbers are type-compatible, see [arithmetic] operators.
 - Floating point numbers only differ up to a limited precision.
 

doc/manual/src/language/string-interpolation.md

@@ -1,12 +1,19 @@
 # String interpolation
 
-String interpolation is a language feature where a [string], [path], or [attribute name][attribute set] can contain expressions enclosed in `${ }` (dollar-sign with curly brackets).
+String interpolation is a language feature where a [string], [path], or [attribute name] can contain expressions enclosed in `${ }` (dollar-sign with curly brackets).
 
-Such a construct is called *interpolated string*, and the expression inside is an [interpolated expression](#interpolated-expression).
+Such a string is an *interpolated string*, and an expression inside is an *interpolated expression*.
+
+Interpolated expressions must evaluate to one of the following:
+
+- a [string]
+- a [path]
+- a [derivation]
 
 [string]: ./values.md#type-string
 [path]: ./values.md#type-path
-[attribute set]: ./values.md#attribute-set
+[attribute name]: ./values.md#attribute-set
+[derivation]: ../glossary.md#gloss-derivation
 
 ## Examples
 
@@ -20,8 +27,6 @@ Rather than writing
 
 (where `freetype` is a [derivation]), you can instead write
 
-[derivation]: ../glossary.md#gloss-derivation
-
 ```nix
 "--with-freetype2-library=${freetype}/lib"
 ```
@@ -65,136 +70,13 @@ you can instead write
 
 ### Attribute name
 
-<!--
-FIXME: these examples are redundant with the main page on attribute sets.
-figure out what to do about that
--->
+Attribute names can be created dynamically with string interpolation:
 
-Attribute names can be interpolated strings.
+```nix
+let name = "foo"; in
+{
+  ${name} = "bar";
+}
+```
 
-> **Example**
->
-> ```nix
-> let name = "foo"; in
-> { ${name} = 123; }
-> ```
->
->     { foo = 123; }
-
-Attributes can be selected with interpolated strings.
-
-> **Example**
->
-> ```nix
-> let name = "foo"; in
-> { foo = 123; }.${name}
-> ```
->
->     123
-
-# Interpolated expression
-
-An expression that is interpolated must evaluate to one of the following:
-
-- a [string]
-- a [path]
-- an [attribute set] that has a `__toString` attribute or an `outPath` attribute
-
-  - `__toString` must be a function that takes the attribute set itself and returns a string
-  - `outPath` must be a string
-
-  This includes [derivations](./derivations.md) or [flake inputs](@docroot@/command-ref/new-cli/nix3-flake.md#flake-inputs) (experimental).
-
-A string interpolates to itself.
-
-A path in an interpolated expression is first copied into the Nix store, and the resulting string is the [store path] of the newly created [store object](../glossary.md#gloss-store-object).
-
-[store path]: ../glossary.md#gloss-store-path
-
-> **Example**
->
-> ```console
-> $ mkdir foo
-> ```
->
-> Reference the empty directory in an interpolated expression:
->
-> ```nix
-> "${./foo}"
-> ```
->
->     "/nix/store/2hhl2nz5v0khbn06ys82nrk99aa1xxdw-foo"
-
-A derivation interpolates to the [store path] of its first [output](./derivations.md#attr-outputs).
-
-> **Example**
->
-> ```nix
-> let
->   pkgs = import <nixpkgs> {};
-> in
-> "${pkgs.hello}"
-> ```
->
->     "/nix/store/4xpfqf29z4m8vbhrqcz064wfmb46w5r7-hello-2.12.1"
-
-An attribute set interpolates to the return value of the function in the `__toString` applied to the attribute set itself.
-
-> **Example**
->
-> ```nix
-> let
->   a = {
->     value = 1;
->     __toString = self: toString (self.value + 1);
->   };
-> in
-> "${a}"
-> ```
->
->     "2"
-
-An attribute set also interpolates to the value of its `outPath` attribute.
-
-> **Example**
->
-> ```nix
-> let
->   a = { outPath = "foo"; };
-> in
-> "${a}"
-> ```
->
->     "foo"
-
-If both `__toString` and `outPath` are present in an attribute set, `__toString` takes precedence.
-
-> **Example**
->
-> ```nix
-> let
->   a = { __toString = _: "yes"; outPath = throw "no"; };
-> in
-> "${a}"
-> ```
->
->     "yes"
-
-If neither is present, an error is thrown.
-
-> **Example**
->
-> ```nix
-> let
->   a = {};
-> in
-> "${a}"
-> ```
->
->     error: cannot coerce a set to a string: { }
->
->            at «string»:4:2:
->
->                 3| in
->                 4| "${a}"
->                  |  ^
+    { foo = "bar"; }

doc/manual/src/language/values.md

@@ -107,25 +107,29 @@
   e.g. `~/foo` would be equivalent to `/home/edolstra/foo` for a user
   whose home directory is `/home/edolstra`.
 
+  Paths can also be specified between angle brackets, e.g.
+  `<nixpkgs>`. This means that the directories listed in the
+  environment variable `NIX_PATH` will be searched for the given file
+  or directory name.
+
+  When an [interpolated string][string interpolation] evaluates to a path, the path is first copied into the Nix store and the resulting string is the [store path] of the newly created [store object].
+
+  [store path]: ../glossary.md#gloss-store-path
+  [store object]: ../glossary.md#gloss-store-object
+
   For instance, evaluating `"${./foo.txt}"` will cause `foo.txt` in the current directory to be copied into the Nix store and result in the string `"/nix/store/<hash>-foo.txt"`.
 
   Note that the Nix language assumes that all input files will remain _unchanged_ while  evaluating a Nix expression.
   For example, assume you used a file path in an interpolated string during a `nix repl` session.
-  Later in the same session, after having changed the file contents, evaluating the interpolated string with the file path again might not return a new [store path], since Nix might not re-read the file contents.
+  Later in the same session, after having changed the file contents, evaluating the interpolated string with the file path again might not return a new store path, since Nix might not re-read the file contents.
 
-  [store path]: ../glossary.md#gloss-store-path
-
-  Paths can include [string interpolation] and can themselves be [interpolated in other expressions].
-
-  [interpolated in other expressions]: ./string-interpolation.md#interpolated-expressions
+  Paths themselves, except those in angle brackets (`< >`), support [string interpolation].
 
   At least one slash (`/`) must appear *before* any interpolated expression for the result to be recognized as a path.
 
   `a.${foo}/b.${bar}` is a syntactically valid division operation.
   `./a.${foo}/b.${bar}` is a path.
 
-  [Lookup paths](./constructs/lookup-path.md) such as `<nixpkgs>` resolve to path values.
-
 - <a id="type-boolean" href="#type-boolean">Boolean</a>
 
   *Booleans* with values `true` and `false`.
@@ -156,8 +160,6 @@ function and the fifth being a set.
 
 Note that lists are only lazy in values, and they are strict in length.
 
-Elements in a list can be accessed using [`builtins.elemAt`](./builtins.md#builtins-elemAt). 
-
 ## Attribute Set
 
 An attribute set is a collection of name-value-pairs (called *attributes*) enclosed in curly brackets (`{ }`).
@@ -165,17 +167,13 @@ An attribute set is a collection of name-value-pairs (called *attributes*) enclo
 An attribute name can be an identifier or a [string](#string).
 An identifier must start with a letter (`a-z`, `A-Z`) or underscore (`_`), and can otherwise contain letters (`a-z`, `A-Z`), numbers (`0-9`), underscores (`_`), apostrophes (`'`), or dashes (`-`).
 
-> **Syntax**
->
 > *name* = *identifier* | *string* \
 > *identifier* ~ `[a-zA-Z_][a-zA-Z0-9_'-]*`
 
 Names and values are separated by an equal sign (`=`).
 Each value is an arbitrary expression terminated by a semicolon (`;`).
 
-> **Syntax**
->
-> *attrset* = `{` [ *name* `=` *expr* `;` ]... `}`
+> *attrset* = `{` [ *name* `=` *expr* `;` `]`... `}`
 
 Attributes can appear in any order.
 An attribute name may only occur once.

doc/manual/src/package-management/basic-package-mgmt.md

@@ -0,0 +1,179 @@
+# Basic Package Management
+
+The main command for package management is
+[`nix-env`](../command-ref/nix-env.md).  You can use it to install,
+upgrade, and erase packages, and to query what packages are installed
+or are available for installation.
+
+In Nix, different users can have different “views” on the set of
+installed applications. That is, there might be lots of applications
+present on the system (possibly in many different versions), but users
+can have a specific selection of those active — where “active” just
+means that it appears in a directory in the user’s `PATH`. Such a view
+on the set of installed applications is called a *user environment*,
+which is just a directory tree consisting of symlinks to the files of
+the active applications.
+
+Components are installed from a set of *Nix expressions* that tell Nix
+how to build those packages, including, if necessary, their
+dependencies. There is a collection of Nix expressions called the
+Nixpkgs package collection that contains packages ranging from basic
+development stuff such as GCC and Glibc, to end-user applications like
+Mozilla Firefox. (Nix is however not tied to the Nixpkgs package
+collection; you could write your own Nix expressions based on Nixpkgs,
+or completely new ones.)
+
+You can manually download the latest version of Nixpkgs from
+<https://github.com/NixOS/nixpkgs>. However, it’s much more
+convenient to use the Nixpkgs [*channel*](../command-ref/nix-channel.md), since it makes
+it easy to stay up to date with new versions of Nixpkgs. Nixpkgs is
+automatically added to your list of “subscribed” channels when you
+install Nix. If this is not the case for some reason, you can add it
+as follows:
+
+```console
+$ nix-channel --add https://nixos.org/channels/nixpkgs-unstable
+$ nix-channel --update
+```
+
+> **Note**
+> 
+> On NixOS, you’re automatically subscribed to a NixOS channel
+> corresponding to your NixOS major release (e.g.
+> <http://nixos.org/channels/nixos-21.11>). A NixOS channel is identical
+> to the Nixpkgs channel, except that it contains only Linux binaries
+> and is updated only if a set of regression tests succeed.
+
+You can view the set of available packages in Nixpkgs:
+
+```console
+$ nix-env --query --available --attr-path
+nixpkgs.aterm                       aterm-2.2
+nixpkgs.bash                        bash-3.0
+nixpkgs.binutils                    binutils-2.15
+nixpkgs.bison                       bison-1.875d
+nixpkgs.blackdown                   blackdown-1.4.2
+nixpkgs.bzip2                       bzip2-1.0.2
+…
+```
+
+The flag `-q` specifies a query operation, `-a` means that you want
+to show the “available” (i.e., installable) packages, as opposed to the
+installed packages, and `-P` prints the attribute paths that can be used
+to unambiguously select a package for installation (listed in the first column).
+If you downloaded Nixpkgs yourself, or if you checked it out from GitHub,
+then you need to pass the path to your Nixpkgs tree using the `-f` flag:
+
+```console
+$ nix-env --query --available --attr-path --file /path/to/nixpkgs
+aterm                               aterm-2.2
+bash                                bash-3.0
+…
+```
+
+where */path/to/nixpkgs* is where you’ve unpacked or checked out
+Nixpkgs.
+
+You can filter the packages by name:
+
+```console
+$ nix-env --query --available --attr-path firefox
+nixpkgs.firefox-esr                 firefox-91.3.0esr
+nixpkgs.firefox                     firefox-94.0.1
+```
+
+and using regular expressions:
+
+```console
+$ nix-env --query --available --attr-path 'firefox.*'
+```
+
+It is also possible to see the *status* of available packages, i.e.,
+whether they are installed into the user environment and/or present in
+the system:
+
+```console
+$ nix-env --query --available --attr-path --status
+…
+-PS  nixpkgs.bash                bash-3.0
+--S  nixpkgs.binutils            binutils-2.15
+IPS  nixpkgs.bison               bison-1.875d
+…
+```
+
+The first character (`I`) indicates whether the package is installed in
+your current user environment. The second (`P`) indicates whether it is
+present on your system (in which case installing it into your user
+environment would be a very quick operation). The last one (`S`)
+indicates whether there is a so-called *substitute* for the package,
+which is Nix’s mechanism for doing binary deployment. It just means that
+Nix knows that it can fetch a pre-built package from somewhere
+(typically a network server) instead of building it locally.
+
+You can install a package using `nix-env --install --attr `. For instance,
+
+```console
+$ nix-env --install --attr nixpkgs.subversion
+```
+
+will install the package called `subversion` from `nixpkgs` channel (which is, of course, the
+[Subversion version management system](http://subversion.tigris.org/)).
+
+> **Note**
+> 
+> When you ask Nix to install a package, it will first try to get it in
+> pre-compiled form from a *binary cache*. By default, Nix will use the
+> binary cache <https://cache.nixos.org>; it contains binaries for most
+> packages in Nixpkgs. Only if no binary is available in the binary
+> cache, Nix will build the package from source. So if `nix-env
+> -iA nixpkgs.subversion` results in Nix building stuff from source, then either
+> the package is not built for your platform by the Nixpkgs build
+> servers, or your version of Nixpkgs is too old or too new. For
+> instance, if you have a very recent checkout of Nixpkgs, then the
+> Nixpkgs build servers may not have had a chance to build everything
+> and upload the resulting binaries to <https://cache.nixos.org>. The
+> Nixpkgs channel is only updated after all binaries have been uploaded
+> to the cache, so if you stick to the Nixpkgs channel (rather than
+> using a Git checkout of the Nixpkgs tree), you will get binaries for
+> most packages.
+
+Naturally, packages can also be uninstalled. Unlike when installing, you will
+need to use the derivation name (though the version part can be omitted),
+instead of the attribute path, as `nix-env` does not record which attribute
+was used for installing:
+
+```console
+$ nix-env --uninstall subversion
+```
+
+Upgrading to a new version is just as easy. If you have a new release of
+Nix Packages, you can do:
+
+```console
+$ nix-env --upgrade --attr nixpkgs.subversion
+```
+
+This will *only* upgrade Subversion if there is a “newer” version in the
+new set of Nix expressions, as defined by some pretty arbitrary rules
+regarding ordering of version numbers (which generally do what you’d
+expect of them). To just unconditionally replace Subversion with
+whatever version is in the Nix expressions, use `-i` instead of `-u`;
+`-i` will remove whatever version is already installed.
+
+You can also upgrade all packages for which there are newer versions:
+
+```console
+$ nix-env --upgrade
+```
+
+Sometimes it’s useful to be able to ask what `nix-env` would do, without
+actually doing it. For instance, to find out what packages would be
+upgraded by `nix-env --upgrade `, you can do
+
+```console
+$ nix-env --upgrade --dry-run
+(dry run; not doing anything)
+upgrading `libxslt-1.1.0' to `libxslt-1.1.10'
+upgrading `graphviz-1.10' to `graphviz-1.12'
+upgrading `coreutils-5.0' to `coreutils-5.2.1'
+```

doc/manual/src/package-management/s3-substituter.md

@@ -0,0 +1,115 @@
+# Serving a Nix store via S3
+
+Nix has [built-in support](@docroot@/command-ref/new-cli/nix3-help-stores.md#s3-binary-cache-store)
+for storing and fetching store paths from
+Amazon S3 and S3-compatible services. This uses the same *binary*
+cache mechanism that Nix usually uses to fetch prebuilt binaries from
+[cache.nixos.org](https://cache.nixos.org/).
+
+In this example we will use the bucket named `example-nix-cache`.
+
+## Anonymous Reads to your S3-compatible binary cache
+
+If your binary cache is publicly accessible and does not require
+authentication, the simplest and easiest way to use Nix with your S3
+compatible binary cache is to use the HTTP URL for that cache.
+
+For AWS S3 the binary cache URL for example bucket will be exactly
+<https://example-nix-cache.s3.amazonaws.com> or
+<s3://example-nix-cache>. For S3 compatible binary caches, consult that
+cache's documentation.
+
+Your bucket will need the following bucket policy:
+
+```json
+{
+    "Id": "DirectReads",
+    "Version": "2012-10-17",
+    "Statement": [
+        {
+            "Sid": "AllowDirectReads",
+            "Action": [
+                "s3:GetObject",
+                "s3:GetBucketLocation"
+            ],
+            "Effect": "Allow",
+            "Resource": [
+                "arn:aws:s3:::example-nix-cache",
+                "arn:aws:s3:::example-nix-cache/*"
+            ],
+            "Principal": "*"
+        }
+    ]
+}
+```
+
+## Authenticated Reads to your S3 binary cache
+
+For AWS S3 the binary cache URL for example bucket will be exactly
+<s3://example-nix-cache>.
+
+Nix will use the [default credential provider
+chain](https://docs.aws.amazon.com/sdk-for-cpp/v1/developer-guide/credentials.html)
+for authenticating requests to Amazon S3.
+
+Nix supports authenticated reads from Amazon S3 and S3 compatible binary
+caches.
+
+Your bucket will need a bucket policy allowing the desired users to
+perform the `s3:GetObject` and `s3:GetBucketLocation` action on all
+objects in the bucket. The [anonymous policy given
+above](#anonymous-reads-to-your-s3-compatible-binary-cache) can be
+updated to have a restricted `Principal` to support this.
+
+## Authenticated Writes to your S3-compatible binary cache
+
+Nix support fully supports writing to Amazon S3 and S3 compatible
+buckets. The binary cache URL for our example bucket will be
+<s3://example-nix-cache>.
+
+Nix will use the [default credential provider
+chain](https://docs.aws.amazon.com/sdk-for-cpp/v1/developer-guide/credentials.html)
+for authenticating requests to Amazon S3.
+
+Your account will need the following IAM policy to upload to the cache:
+
+```json
+{
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+      "Sid": "UploadToCache",
+      "Effect": "Allow",
+      "Action": [
+        "s3:AbortMultipartUpload",
+        "s3:GetBucketLocation",
+        "s3:GetObject",
+        "s3:ListBucket",
+        "s3:ListBucketMultipartUploads",
+        "s3:ListMultipartUploadParts",
+        "s3:PutObject"
+      ],
+      "Resource": [
+        "arn:aws:s3:::example-nix-cache",
+        "arn:aws:s3:::example-nix-cache/*"
+      ]
+    }
+  ]
+}
+```
+
+## Examples
+
+To upload with a specific credential profile for Amazon S3:
+
+```console
+$ nix copy nixpkgs.hello \
+  --to 's3://example-nix-cache?profile=cache-upload&region=eu-west-2'
+```
+
+To upload to an S3-compatible binary cache:
+
+```console
+$ nix copy nixpkgs.hello --to \
+  's3://example-nix-cache?profile=cache-upload&scheme=https&endpoint=minio.example.com'
+```

doc/manual/src/protocols/json/derivation.md

@@ -1,71 +0,0 @@
-# Derivation JSON Format
-
-> **Warning**
->
-> This JSON format is currently
-> [**experimental**](@docroot@/contributing/experimental-features.md#xp-feature-nix-command)
-> and subject to change.
-
-The JSON serialization of a
-[derivations](@docroot@/glossary.md#gloss-store-derivation)
-is a JSON object with the following fields:
-
-* `name`:
-  The name of the derivation.
-  This is used when calculating the store paths of the derivation's outputs.
-
-* `outputs`:
-  Information about the output paths of the derivation.
-  This is a JSON object with one member per output, where the key is the output name and the value is a JSON object with these fields:
-
-  * `path`: The output path.
-
-  * `hashAlgo`:
-    For fixed-output derivations, the hashing algorithm (e.g. `sha256`), optionally prefixed by `r:` if `hash` denotes a NAR hash rather than a flat file hash.
-
-  * `hash`:
-    For fixed-output derivations, the expected content hash in base-16.
-
-  > **Example**
-  >
-  > ```json
-  > "outputs": {
-  >   "out": {
-  >     "path": "/nix/store/2543j7c6jn75blc3drf4g5vhb1rhdq29-source",
-  >     "hashAlgo": "r:sha256",
-  >     "hash": "6fc80dcc62179dbc12fc0b5881275898f93444833d21b89dfe5f7fbcbb1d0d62"
-  >   }
-  > }
-  > ```
-
-* `inputSrcs`:
-  A list of store paths on which this derivation depends.
-
-* `inputDrvs`:
-  A JSON object specifying the derivations on which this derivation depends, and what outputs of those derivations.
-
-  > **Example**
-  >
-  > ```json
-  > "inputDrvs": {
-  >   "/nix/store/6lkh5yi7nlb7l6dr8fljlli5zfd9hq58-curl-7.73.0.drv": ["dev"],
-  >   "/nix/store/fn3kgnfzl5dzym26j8g907gq3kbm8bfh-unzip-6.0.drv": ["out"]
-  > }
-  > ```
-
-  specifies that this derivation depends on the `dev` output of `curl`, and the `out` output of `unzip`.
-
-* `system`:
-  The system type on which this derivation is to be built
-  (e.g. `x86_64-linux`).
-
-* `builder`:
-  The absolute path of the program to be executed to run the build.
-  Typically this is the `bash` shell
-  (e.g. `/nix/store/r3j288vpmczbl500w6zz89gyfa4nr0b1-bash-4.4-p23/bin/bash`).
-
-* `args`:
-  The command-line arguments passed to the `builder`.
-
-* `env`:
-  The environment passed to the `builder`.

doc/manual/src/protocols/json/store-object-info.md

@@ -1,98 +0,0 @@
-# Store object info JSON format
-
-> **Warning**
->
-> This JSON format is currently
-> [**experimental**](@docroot@/contributing/experimental-features.md#xp-feature-nix-command)
-> and subject to change.
-
-Info about a [store object].
-
-* `path`:
-
-  [Store path][store path] to the given store object.
-
-* `narHash`:
-
-  Hash of the [file system object] part of the store object when serialized as a [Nix Archive].
-
-* `narSize`:
-
-  Size of the [file system object] part of the store object when serialized as a [Nix Archive].
-
-* `references`:
-
-  An array of [store paths][store path], possibly including this one.
-
-* `ca` (optional):
-
-  Content address of this store object's file system object, used to compute its store path.
-
-[store path]: @docroot@/glossary.md#gloss-store-path
-[file system object]: @docroot@/store/file-system-object.md
-[Nix Archive]: @docroot@/glossary.md#gloss-nar
-
-## Impure fields
-
-These are not intrinsic properties of the store object.
-In other words, the same store object residing in different store could have different values for these properties.
-
-* `deriver` (optional):
-
-  The path to the [derivation] from which this store object is produced.
-
-  [derivation]: @docroot@/glossary.md#gloss-store-derivation
-
-* `registrationTime` (optional):
-
-  When this derivation was added to the store.
-
-* `ultimate` (optional):
-
-  Whether this store object is trusted because we built it ourselves, rather than substituted a build product from elsewhere.
-
-* `signatures` (optional):
-
-  Signatures claiming that this store object is what it claims to be.
-  Not relevant for [content-addressed] store objects,
-  but useful for [input-addressed] store objects.
-
-  [content-addressed]: @docroot@/glossary.md#gloss-content-addressed-store-object
-  [input-addressed]: @docroot@/glossary.md#gloss-input-addressed-store-object
-
-### `.narinfo` extra fields
-
-This meta data is specific to the "binary cache" family of Nix store types.
-This information is not intrinsic to the store object, but about how it is stored.
-
-* `url`:
-
-  Where to download a compressed archive of the file system objects of this store object.
-
-* `compression`:
-
-  The compression format that the archive is in.
-
-* `fileHash`:
-
-  A digest for the compressed archive itself, as opposed to the data contained within.
-
-* `fileSize`:
-
-  The size of the compressed archive itself.
-
-## Computed closure fields
-
-These fields are not stored at all, but computed by traverising the other other fields across all the store objects in a [closure].
-
-* `closureSize`:
-
-  The total size of the compressed archive itself for this object, and the compressed archive of every object in this object's [closure].
-
-### `.narinfo` extra fields
-
-* `closureSize`:
-
-  The total size of this store object and every other object in its [closure].
-
-[closure]: @docroot@/glossary.md#gloss-closure

doc/manual/src/protocols/store-path.md

@@ -1,126 +0,0 @@
-# Complete Store Path Calculation
-
-This is the complete specification for how store paths are calculated.
-
-The format of this specification is close to [Extended Backus–Naur form](https://en.wikipedia.org/wiki/Extended_Backus%E2%80%93Naur_form), but must deviate for a few things such as hash functions which we treat as bidirectional for specification purposes.
-
-Regular users do *not* need to know this information --- store paths can be treated as black boxes computed from the properties of the store objects they refer to.
-But for those interested in exactly how Nix works, e.g. if they are reimplementing it, this information can be useful.
-
-## Store path proper
-
-```ebnf
-store-path = store-dir "/" digest "-" name
-```
-where
-
-- `name` = the name of the store object.
-
-- `store-dir` = the [store directory](@docroot@/store/store-path.md#store-directory)
-
-- `digest` = base-32 representation of the first 160 bits of a [SHA-256] hash of `fingerprint`
-
-  This the hash part of the store name
-
-## Fingerprint
-
-- ```ebnf
-  fingerprint = type ":" sha256 ":" inner-digest ":" store ":" name
-  ```
-
-  Note that it includes the location of the store as well as the name to make sure that changes to either of those are reflected in the hash
-  (e.g. you won't get `/nix/store/<digest>-name1` and `/nix/store/<digest>-name2`, or `/gnu/store/<digest>-name1`, with equal hash parts).
-
-- `type` = one of:
-
-  - ```ebnf
-    | "text" ( ":" store-path )*
-    ```
-
-    for encoded derivations written to the store.
-    The optional trailing store paths are the references of the store object.
-
-  - ```ebnf
-    | "source" ( ":" store-path )*
-    ```
-
-    For paths copied to the store and hashed via a [Nix Archive (NAR)] and [SHA-256][sha-256].
-    Just like in the text case, we can have the store objects referenced by their paths.
-    Additionally, we can have an optional `:self` label to denote self reference.
-
-  - ```ebnf
-    | "output:" id
-    ```
-
-    For either the outputs built from derivations,
-    paths copied to the store hashed that area single file hashed directly, or the via a hash algorithm other than [SHA-256][sha-256].
-    (in that case "source" is used; this is only necessary for compatibility).
-
-    `id` is the name of the output (usually, "out").
-    For content-addressed store objects, `id`, is always "out".
-
-- `inner-digest` = base-16 representation of a SHA-256 hash of `inner-fingerprint`
-
-## Inner fingerprint
-
-- `inner-fingerprint` = one of the following based on `type`:
-
-  - if `type` = `"text:" ...`:
-
-    the string written to the resulting store path.
-
-  - if `type` = `"source:" ...`:
-
-    the the hash of the [Nix Archive (NAR)] serialization of the [file system object](@docroot@/store/file-system-object.md) of the store object.
-
-  - if `type` = `"output:" id`:
-
-    - For input-addressed derivation outputs:
-
-      the [ATerm](@docroot@/protocols/derivation-aterm.md) serialization of the derivation modulo fixed output derivations.
-
-    - For content-addressed store paths:
-
-      ```ebnf
-      "fixed:out:" rec algo ":" hash ":"
-      ```
-
-      where
-
-      - `rec` = one of:
-
-        - ```ebnf
-          | "r:"
-          ```
-          hashes of the for [Nix Archive (NAR)] (arbitrary file system object) serialization
-
-        - ```ebnf
-          | ""
-          ```
-          (empty string) for hashes of the flat (single file) serialization
-
-      - ```ebnf
-        algo = "md5" | "sha1" | "sha256"
-        ```
-
-      - `hash` = base-16 representation of the path or flat hash of the contents of the path (or expected contents of the path for fixed-output derivations).
-
-      Note that `id` = `"out"`, regardless of the name part of the store path.
-      Also note that NAR + SHA-256 must not use this case, and instead must use the `type` = `"source:" ...` case.
-
-[Nix Archive (NAR)]: @docroot@/glossary.md#gloss-NAR
-[sha-256]: https://en.m.wikipedia.org/wiki/SHA-256
-
-### Historical Note
-
-The `type` = `"source:" ...` and `type` = `"output:out"` grammars technically overlap in purpose,
-in that both can represent data hashed by its SHA-256 NAR serialization.
-
-The original reason for this way of computing names was to prevent name collisions (for security).
-For instance, the thinking was that it shouldn't be feasible to come up with a derivation whose output path collides with the path for a copied source.
-The former would have an `inner-fingerprint` starting with `output:out:`, while the latter would have an `inner-fingerprint` starting with `source:`.
-
-Since `64519cfd657d024ae6e2bb74cb21ad21b886fd2a` (2008), however, it was decided that separating derivation-produced vs manually-hashed content-addressed data like this was not useful.
-Now, data that is content-addressed with SHA-256 + NAR-serialization always uses the `source:...` construction, regardless of how it was produced (manually or by derivation).
-This allows freely switching between using [fixed-output derivations](@docroot@/glossary.md#gloss-fixed-output-derivation) for fetching, and fetching out-of-band and then manually adding.
-It also removes the ambiguity from the grammar.

doc/manual/src/quick-start.md

@@ -1,43 +1,99 @@
 # Quick Start
 
-This chapter is for impatient people who don't like reading documentation.
-For more in-depth information you are kindly referred to subsequent chapters.
+This chapter is for impatient people who don't like reading
+documentation.  For more in-depth information you are kindly referred
+to subsequent chapters.
 
-1. Install Nix:
+1. Install Nix by running the following:
 
    ```console
    $ curl -L https://nixos.org/nix/install | sh
    ```
 
    The install script will use `sudo`, so make sure you have sufficient rights.
+   On Linux, `--daemon` can be omitted for a single-user install.
 
-   For other installation methods, see the detailed [installation instructions](installation/index.md).
+   For other installation methods, see [here](installation/installation.md).
 
-1. Run software without installing it permanently:
+1. See what installable packages are currently available in the
+   channel:
 
    ```console
-   $ nix-shell --packages cowsay lolcat
+   $ nix-env --query --available --attr-path
+   nixpkgs.docbook_xml_dtd_43                    docbook-xml-4.3
+   nixpkgs.docbook_xml_dtd_45                    docbook-xml-4.5
+   nixpkgs.firefox                               firefox-33.0.2
+   nixpkgs.hello                                 hello-2.9
+   nixpkgs.libxslt                               libxslt-1.1.28
+   …
    ```
 
-   This downloads the specified packages with all their dependencies, and drops you into a Bash shell where the commands provided by those packages are present.
-   This will not affect your normal environment:
+1. Install some packages from the channel:
 
    ```console
-   [nix-shell:~]$ cowsay Hello, Nix! | lolcat
+   $ nix-env --install --attr nixpkgs.hello
    ```
 
-   Exiting the shell will make the programs disappear again:
+   This should download pre-built packages; it should not build them
+   locally (if it does, something went wrong).
+
+1. Test that they work:
 
    ```console
+   $ which hello
+   /home/eelco/.nix-profile/bin/hello
+   $ hello
+   Hello, world!
+   ```
+
+1. Uninstall a package:
+
+   ```console
+   $ nix-env --uninstall hello
+   ```
+
+1. You can also test a package without installing it:
+
+   ```console
+   $ nix-shell --packages hello
+   ```
+
+   This builds or downloads GNU Hello and its dependencies, then drops
+   you into a Bash shell where the `hello` command is present, all
+   without affecting your normal environment:
+
+   ```console
+   [nix-shell:~]$ hello
+   Hello, world!
+
    [nix-shell:~]$ exit
-   $ lolcat
-   lolcat: command not found
+
+   $ hello
+   hello: command not found
    ```
 
-1. Search for more packages on <search.nixos.org> to try them out.
-
-1. Free up storage space:
+1. To keep up-to-date with the channel, do:
 
    ```console
-   $ nix-collect-garbage
+   $ nix-channel --update nixpkgs
+   $ nix-env --upgrade '*'
+   ```
+
+   The latter command will upgrade each installed package for which
+   there is a “newer” version (as determined by comparing the version
+   numbers).
+
+1. If you're unhappy with the result of a `nix-env` action (e.g., an
+   upgraded package turned out not to work properly), you can go back:
+
+   ```console
+   $ nix-env --rollback
+   ```
+
+1. You should periodically run the Nix garbage collector to get rid of
+   unused packages, since uninstalls or upgrades don't actually delete
+   them:
+
+   ```console
+   $ nix-collect-garbage --delete-old
    ```

doc/manual/src/release-notes/index.md

@@ -1,12 +0,0 @@
-# Nix Release Notes
-
-Nix has a release cycle of roughly 6 weeks.
-Notable changes and additions are announced in the release notes for each version.
-
-Bugfixes can be backported on request to previous Nix releases.
-We typically backport only as far back as the Nix version used in the latest NixOS release, which is announced in the [NixOS release notes](https://nixos.org/manual/nixos/stable/release-notes.html#ch-release-notes).
-
-Backports never skip releases.
-If a feature is backported to version `x.y`, it must also be available in version `x.(y+1)`.
-This ensures that upgrading from an older version with backports is still safe and no backported functionality will go missing.
-

doc/manual/src/release-notes/release-notes.md

@@ -0,0 +1 @@
+# Nix Release Notes