chore: purge nix per 2026-06-01 owner directive (guix-only)#18
Merged
Conversation
Owner directive 2026-06-01: "nix is now entirely deprecated and we use guix for everything." This commit removes nix from the top-level estate landing repo. Deleted: - flake.nix (template flake at root) Edited: - README.adoc — "Nix/Guix" -> "Guix" in Systems summary - CONTRIBUTING.md — "Using Nix" -> "Using Guix"; tree entry flake.nix -> guix.scm - QUICKSTART-DEV.adoc — drop "Option B: Nix (fallback)", reflow A/B; drop flake.nix tree entry; Option A uses `guix shell -m guix.scm` - QUICKSTART-MAINTAINER.adoc — drop "=== Nix" packaging section - setup.sh — drop nix branch in PKG_MGR detection and nix-env install case - .gitattributes — drop *.nix and flake.lock entries - .editorconfig — drop [*.nix] block Unresolved in this PR: - zotpress/ subdirectory (.gitattributes, .claude/CLAUDE.md, PRIORITY.adoc, workflows comment) — vendored tree; needs separate scope. - .github/workflows/governance.yml historical comment names removed `guix-nix-policy.yml`; leaving as accurate history. Follow-up: `.guix-channel` is absent at top level; needs owner input on channel URL before adding. To be filed as a separate issue. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2 tasks
🔍 Hypatia Security ScanFindings: 65 issues detected
View findings[
{
"reason": "Action perpolymath/standards/.github/workflows/governance-reusable.yml@main\n needs attention",
"type": "unpinned_action",
"file": "governance.yml",
"action": "pin_sha",
"rule_module": "workflow_audit",
"severity": "medium"
},
{
"reason": "Issue in boj-build.yml",
"type": "missing_timeout_minutes",
"file": "boj-build.yml",
"action": "flag",
"rule_module": "workflow_audit",
"severity": "medium"
},
{
"reason": "Issue in casket-pages.yml",
"type": "missing_timeout_minutes",
"file": "casket-pages.yml",
"action": "flag",
"rule_module": "workflow_audit",
"severity": "medium"
},
{
"reason": "Issue in casket-pages.yml",
"type": "missing_timeout_minutes",
"file": "casket-pages.yml",
"action": "flag",
"rule_module": "workflow_audit",
"severity": "medium"
},
{
"reason": "Issue in codeql.yml",
"type": "missing_timeout_minutes",
"file": "codeql.yml",
"action": "flag",
"rule_module": "workflow_audit",
"severity": "medium"
},
{
"reason": "Issue in dogfood-gate.yml",
"type": "missing_timeout_minutes",
"file": "dogfood-gate.yml",
"action": "flag",
"rule_module": "workflow_audit",
"severity": "medium"
},
{
"reason": "Issue in dogfood-gate.yml",
"type": "missing_timeout_minutes",
"file": "dogfood-gate.yml",
"action": "flag",
"rule_module": "workflow_audit",
"severity": "medium"
},
{
"reason": "Issue in dogfood-gate.yml",
"type": "missing_timeout_minutes",
"file": "dogfood-gate.yml",
"action": "flag",
"rule_module": "workflow_audit",
"severity": "medium"
},
{
"reason": "Issue in dogfood-gate.yml",
"type": "missing_timeout_minutes",
"file": "dogfood-gate.yml",
"action": "flag",
"rule_module": "workflow_audit",
"severity": "medium"
},
{
"reason": "Issue in dogfood-gate.yml",
"type": "missing_timeout_minutes",
"file": "dogfood-gate.yml",
"action": "flag",
"rule_module": "workflow_audit",
"severity": "medium"
}
]Powered by Hypatia Neurosymbolic CI/CD Intelligence |
3 tasks
hyperpolymath
added a commit
that referenced
this pull request
Jun 2, 2026
## Summary - Add `.hypatia-ignore` with 6 per-file exemptions for `zotpress/**/*.res` under the `cicd_rules/banned_language_file` rule. - Unblocks PR #18 (`chore: purge nix per 2026-06-01 owner directive`) which is currently red on `governance / Language / package anti-pattern policy` for these 6 grandfathered files that the PR's diff does not touch. ## Rationale `zotpress/` is a WordPress plugin (`composer.json` `type: wordpress-plugin`) that runs inside the WordPress host runtime — not estate-authored AffineScript-bound application code. The 6 in-tree `.res` files are auto-translated TypeScript placeholders (each carrying `/* Auto-translated placeholder from TypeScript. */`) awaiting the estate-wide ReScript→AffineScript migration umbrella (`hyperpolymath/standards#252`). The per-file `.hypatia-ignore` mechanism is the workflow's documented escape (`hyperpolymath/standards/.github/workflows/governance-reusable.yml` lines 298-300, `grep -qxF`). ## Files exempted ``` cicd_rules/banned_language_file:zotpress/scripts/build-css.res cicd_rules/banned_language_file:zotpress/scripts/build-js.res cicd_rules/banned_language_file:zotpress/scripts/build.res cicd_rules/banned_language_file:zotpress/src/js/zotpress.res cicd_rules/banned_language_file:zotpress/src/rescript/Utils.res cicd_rules/banned_language_file:zotpress/src/rescript/Zotpress.res ``` ## Sibling PR `hyperpolymath/standards` branch `docs/zotpress-rescript-carveout` adds `zotpress/**` to the upstream-fork/WordPress-plugin row of the ReScript Exemptions table in `.claude/CLAUDE.md` (and parallel TS / JS / npm tables) so the estate-wide manifest stays in sync with this per-repo escape. ## Test plan - [x] Locally replicated workflow logic (`is_exempt()` from governance-reusable.yml:292-305) — all 6 `.res` files report EXEMPT. - [ ] CI `governance / Language / package anti-pattern policy` job passes on this PR. - [ ] PR #18 rerun (or next-push) clears the same check. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Owner directive 2026-06-01: "nix is now entirely deprecated and we use guix for everything." This purges nix from the top-level estate landing repo (
hyperpolymath/hyperpolymath).Deleted
flake.nix(template flake at root)Edited
README.adoc— "Nix/Guix" -> "Guix" in Systems summaryCONTRIBUTING.md— "Using Nix" -> "Using Guix"; tree entryflake.nix->guix.scmQUICKSTART-DEV.adoc— drop "Option B: Nix (fallback)", reflow A/B; dropflake.nixtree entry; Option A usesguix shell -m guix.scmQUICKSTART-MAINTAINER.adoc— drop "=== Nix" packaging sectionsetup.sh— drop nix branch in PKG_MGR detection andnix-env -iA nixpkgs.justinstall case.gitattributes— drop*.nixandflake.lockentries.editorconfig— drop[*.nix]blockSweep result (post-edit)
Top-level estate-landing files: zero remaining nix references except a comment in
.github/workflows/governance.ymlnaming the historically-removedguix-nix-policy.ymlworkflow — kept as accurate history.Unresolved / out of scope
zotpress/subtree contains 4 nix references (.gitattributes,.claude/CLAUDE.md,PRIORITY.adoc,.github/workflows/governance.ymlhistorical comment). Vendored tree — needs a separate scoped pass..guix-channelis absent at top level; needs owner input on channel URL. Filing as a separate issue.Test plan
setup.shcontinues to detect guix/dnf/apt/etc. correctlyflake.nix)Co-Authored-By: Claude Opus 4.7 (1M context) noreply@anthropic.com