Minimal nix update

.github/workflows/nix-dev-cache.yaml

@@ -24,7 +24,7 @@ jobs:
           - ubuntu-24.04
           # - ubuntu-24.04-arm https://github.com/unisonweb/unison/issues/5789
           - macos-13
-          - macos-14
+          - macos-15
     steps:
     - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
     - name: mount Nix store on larger partition
@@ -33,13 +33,13 @@ jobs:
       run: |
         sudo mkdir /nix /mnt/nix
         sudo mount --bind /mnt/nix /nix
-    - uses: cachix/install-nix-action@ba0dd844c9180cbf77aa72a116d6fbc515d0e87b # v27
+    - uses: cachix/install-nix-action@9280e7aca88deada44c930f1e2c78e21c3ae3edd # v31.7
       if: runner.os == 'Linux'
       with:
         extra_nix_config: |
           extra-trusted-public-keys = hydra.iohk.io:f/Ea+s+dFdN+3Y/G+FDgSq+a5NEWhJGzdjvKNGv0/EQ=
           extra-substituters = https://cache.iog.io
-    - uses: cachix/install-nix-action@ba0dd844c9180cbf77aa72a116d6fbc515d0e87b # v27
+    - uses: cachix/install-nix-action@9280e7aca88deada44c930f1e2c78e21c3ae3edd # v31.7
       if: runner.os != 'Linux'
     - uses: cachix/cachix-action@ad2ddac53f961de1989924296a1f236fcfbaa4fc # v15
       with:

codebase2/codebase-sqlite/unison-codebase-sqlite.cabal

@@ -1,6 +1,6 @@
 cabal-version: 1.12
 
--- This file has been generated from package.yaml by hpack version 0.37.0.
+-- This file has been generated from package.yaml by hpack version 0.36.0.
 --
 -- see: https://github.com/sol/hpack
 

codebase2/codebase-sync/unison-codebase-sync.cabal

@@ -1,6 +1,6 @@
 cabal-version: 1.12
 
--- This file has been generated from package.yaml by hpack version 0.35.0.
+-- This file has been generated from package.yaml by hpack version 0.36.0.
 --
 -- see: https://github.com/sol/hpack
 

codebase2/util-serialization/unison-util-serialization.cabal

@@ -1,6 +1,6 @@
 cabal-version: 1.12
 
--- This file has been generated from package.yaml by hpack version 0.35.0.
+-- This file has been generated from package.yaml by hpack version 0.36.0.
 --
 -- see: https://github.com/sol/hpack
 

codebase2/util-term/unison-util-term.cabal

@@ -1,6 +1,6 @@
 cabal-version: 1.12
 
--- This file has been generated from package.yaml by hpack version 0.35.0.
+-- This file has been generated from package.yaml by hpack version 0.36.0.
 --
 -- see: https://github.com/sol/hpack
 

flake.nix

@@ -5,54 +5,52 @@
     allow-import-from-derivation = true;
     extra-substituters = ["https://unison.cachix.org"];
     extra-trusted-public-keys = ["unison.cachix.org-1:i1DUFkisRPVOyLp/vblDsbsObmyCviq/zs6eRuzth3k="];
+    ## This allows derivations with `__noChroot` set to run outside the sandbox.
+    sandbox = "relaxed";
   };
 
   inputs = {
+    flake-utils.url = "github:numtide/flake-utils";
     haskellNix.url = "github:input-output-hk/haskell.nix";
-    nixpkgs-haskellNix.follows = "haskellNix/nixpkgs-unstable";
+    nixpkgs.follows = "haskellNix/nixpkgs-unstable";
     nixpkgs-release.url = "github:NixOS/nixpkgs/release-24.05";
-    flake-utils.url = "github:numtide/flake-utils";
+    systems.follows = "flake-utils/systems";
   };
 
   outputs = {
-    self,
+    flake-utils,
     haskellNix,
-    nixpkgs-haskellNix,
+    nixpkgs,
     nixpkgs-release,
-    flake-utils,
+    self,
+    systems,
   }:
-    flake-utils.lib.eachSystem [
-      "x86_64-linux"
-      "x86_64-darwin"
-      "aarch64-darwin"
-      "aarch64-linux"
-    ]
+    flake-utils.lib.eachSystem (import systems)
     (system: let
-      versions = import ./nix/versions.nix {inherit (nixpkgs-haskellNix) lib;};
-      pkgs = import nixpkgs-haskellNix {
+      versions = import ./nix/versions.nix {inherit (nixpkgs) lib;};
+      pkgs = import nixpkgs {
         inherit system;
         inherit (haskellNix) config;
         overlays = [
           haskellNix.overlay
-          (import ./nix/dependencies.nix {inherit nixpkgs-release;})
+          (import ./nix/dependencies.nix {nixpkgs = nixpkgs-release;})
         ];
       };
       unison-project = import ./nix/unison-project.nix {
-        inherit (nixpkgs-haskellNix) lib;
+        inherit (nixpkgs) lib;
         inherit (pkgs) haskell-nix;
       };
       haskell-nix-flake = import ./nix/haskell-nix-flake.nix {
         inherit pkgs unison-project versions;
-        inherit (nixpkgs-haskellNix) lib;
+        inherit (nixpkgs) lib;
       };
       renameAttrs = fn:
-        nixpkgs-haskellNix.lib.mapAttrs' (name: value: {
+        nixpkgs.lib.mapAttrs' (name: value: {
           inherit value;
           name = fn name;
         });
     in
-      assert pkgs.stack.version == versions.stack;
-      assert pkgs.hpack.version == versions.hpack; {
+      assert pkgs.stack.version == versions.stack; {
         packages =
           renameAttrs (name: "component-${name}") haskell-nix-flake.packages
           // renameAttrs (name: "docker-${name}") (import ./nix/docker.nix {

lib/orphans/network-uri-orphans-sqlite/network-uri-orphans-sqlite.cabal

@@ -1,6 +1,6 @@
 cabal-version: 1.12
 
--- This file has been generated from package.yaml by hpack version 0.35.2.
+-- This file has been generated from package.yaml by hpack version 0.36.0.
 --
 -- see: https://github.com/sol/hpack
 

lib/orphans/unison-core-orphans-sqlite/unison-core-orphans-sqlite.cabal

@@ -1,6 +1,6 @@
 cabal-version: 1.12
 
--- This file has been generated from package.yaml by hpack version 0.35.2.
+-- This file has been generated from package.yaml by hpack version 0.36.0.
 --
 -- see: https://github.com/sol/hpack
 

lib/orphans/unison-hash-orphans-aeson/unison-hash-orphans-aeson.cabal

@@ -1,6 +1,6 @@
 cabal-version: 1.12
 
--- This file has been generated from package.yaml by hpack version 0.35.2.
+-- This file has been generated from package.yaml by hpack version 0.36.0.
 --
 -- see: https://github.com/sol/hpack
 

lib/orphans/unison-hash-orphans-sqlite/unison-hash-orphans-sqlite.cabal

@@ -1,6 +1,6 @@
 cabal-version: 1.12
 
--- This file has been generated from package.yaml by hpack version 0.35.2.
+-- This file has been generated from package.yaml by hpack version 0.36.0.
 --
 -- see: https://github.com/sol/hpack
 

lib/orphans/uuid-orphans-sqlite/uuid-orphans-sqlite.cabal

@@ -1,6 +1,6 @@
 cabal-version: 1.12
 
--- This file has been generated from package.yaml by hpack version 0.35.2.
+-- This file has been generated from package.yaml by hpack version 0.36.0.
 --
 -- see: https://github.com/sol/hpack
 

lib/unison-hashing/unison-hashing.cabal

@@ -1,6 +1,6 @@
 cabal-version: 1.12
 
--- This file has been generated from package.yaml by hpack version 0.37.0.
+-- This file has been generated from package.yaml by hpack version 0.36.0.
 --
 -- see: https://github.com/sol/hpack
 

lib/unison-pretty-printer/unison-pretty-printer.cabal

@@ -1,6 +1,6 @@
 cabal-version: 1.12
 
--- This file has been generated from package.yaml by hpack version 0.37.0.
+-- This file has been generated from package.yaml by hpack version 0.36.0.
 --
 -- see: https://github.com/sol/hpack
 

lib/unison-sqlite/unison-sqlite.cabal

@@ -1,6 +1,6 @@
 cabal-version: 1.12
 
--- This file has been generated from package.yaml by hpack version 0.37.0.
+-- This file has been generated from package.yaml by hpack version 0.36.0.
 --
 -- see: https://github.com/sol/hpack
 

lib/unison-util-file-embed/unison-util-file-embed.cabal

@@ -1,6 +1,6 @@
 cabal-version: 1.12
 
--- This file has been generated from package.yaml by hpack version 0.35.2.
+-- This file has been generated from package.yaml by hpack version 0.36.0.
 --
 -- see: https://github.com/sol/hpack
 

lib/unison-util-rope/unison-util-rope.cabal

@@ -1,6 +1,6 @@
 cabal-version: 1.12
 
--- This file has been generated from package.yaml by hpack version 0.35.2.
+-- This file has been generated from package.yaml by hpack version 0.36.0.
 --
 -- see: https://github.com/sol/hpack
 

nix/dependencies.nix

@@ -1,10 +1,10 @@
-{nixpkgs-release}: final: prev: let
-  pinned-pkgs = import nixpkgs-release {inherit (final) system;};
+{nixpkgs}: final: prev: let
+  pinned-pkgs = nixpkgs.legacyPackages.${final.system};
 in {
   stack = pinned-pkgs.stack;
 
-  ## See https://docs.haskellstack.org/en/stable/nix_integration/#supporting-both-nix-and-non-nix-developers for an
-  ## explanation of this package.
+  ## See https://docs.haskellstack.org/en/stable/topics/nix_integration/#supporting-both-nix-and-non-nix-developers for
+  ## an explanation of this package.
   stack-wrapped = final.symlinkJoin {
     name = "stack"; # will be available as the usual `stack` in terminal
     paths = [final.stack];

nix/haskell-nix-flake.nix

@@ -33,20 +33,14 @@
         ++ [
           pkgs.cachix
           pkgs.gettext # for envsubst, used by unison-src/builtin-tests/interpreter-tests.sh
-          pkgs.hpack
           pkgs.jq # helpful when pushing to Cachix
           pkgs.pkg-config
           pkgs.stack-wrapped
         ];
-      # workaround for https://gitlab.haskell.org/ghc/ghc/-/issues/11042
-      shellHook = ''
-        export LD_LIBRARY_PATH=${pkgs.zlib}/lib:$LD_LIBRARY_PATH
-      '';
       tools =
         (args.tools or {})
         // {
-          cabal = {version = versions.cabal;};
-          ormolu = {version = versions.ormolu;};
+          cabal.version = versions.cabal;
           haskell-language-server = {
             version = versions.hls;
             modules = [
@@ -65,7 +59,9 @@
               constraints: ormolu == ${versions.ormolu}
             '';
           };
-          weeder = {version = versions.weeder;};
+          hpack.version = versions.hpack;
+          ormolu.version = versions.ormolu;
+          weeder.version = versions.weeder;
         };
     };
 
@@ -80,6 +76,10 @@ in
       // {
         ## This check has a test that tries to write to $HOME, so we give it a fake one.
         "unison-cli:test:cli-tests" = haskell-nix-flake.checks."unison-cli:test:cli-tests".overrideAttrs (old: {
+          ## On macOS, this derivation requires access to `security`, which is outside the sandbox, so we tell Nix that
+          ## it doesn’t work in the sandbox. There is a lot of discussion, but no fix, with NixOS/nixpkgs#297775 maybe
+          ## being the best starting point.
+          __noChroot = pkgs.stdenv.isDarwin;
           ## The builder here doesn’t `runHook preBuild`, so we just prepend onto `buildPhase`.
           buildPhase =
             ''

nix/versions.nix

@@ -6,7 +6,7 @@ in
   vscodeSettings."haskell.toolchain"
   ## There are some things we want to pin that the VS Code Haskell extension doesn’t let us control.
   // {
-    hpack = "0.35.2";
+    hpack = "0.36.0"; # This needs to match the version returned by `nix develop --command stack --version`.
     ormolu = "0.7.2.0";
     weeder = "2.8.0";
   }

parser-typechecker/unison-parser-typechecker.cabal

@@ -1,6 +1,6 @@
 cabal-version: 1.12
 
--- This file has been generated from package.yaml by hpack version 0.37.0.
+-- This file has been generated from package.yaml by hpack version 0.36.0.
 --
 -- see: https://github.com/sol/hpack
 

unison-cli-integration/unison-cli-integration.cabal

@@ -1,6 +1,6 @@
 cabal-version: 1.12
 
--- This file has been generated from package.yaml by hpack version 0.37.0.
+-- This file has been generated from package.yaml by hpack version 0.36.0.
 --
 -- see: https://github.com/sol/hpack
 

unison-cli-main/unison-cli-main.cabal

@@ -1,6 +1,6 @@
 cabal-version: 1.12
 
--- This file has been generated from package.yaml by hpack version 0.37.0.
+-- This file has been generated from package.yaml by hpack version 0.36.0.
 --
 -- see: https://github.com/sol/hpack
 

unison-runtime/unison-runtime.cabal

@@ -1,6 +1,6 @@
 cabal-version: 1.12
 
--- This file has been generated from package.yaml by hpack version 0.37.0.
+-- This file has been generated from package.yaml by hpack version 0.36.0.
 --
 -- see: https://github.com/sol/hpack
 

unison-share-api/unison-share-api.cabal

@@ -1,6 +1,6 @@
 cabal-version: 1.12
 
--- This file has been generated from package.yaml by hpack version 0.37.0.
+-- This file has been generated from package.yaml by hpack version 0.36.0.
 --
 -- see: https://github.com/sol/hpack
 

unison-share-projects-api/unison-share-projects-api.cabal

@@ -1,6 +1,6 @@
 cabal-version: 1.12
 
--- This file has been generated from package.yaml by hpack version 0.37.0.
+-- This file has been generated from package.yaml by hpack version 0.36.0.
 --
 -- see: https://github.com/sol/hpack