feat(nix): expose reusable dev-hygiene flake-module#15
Merged
Conversation
Make dryvist/.github a lean Nix flake (nixpkgs + treefmt-nix + git-hooks only) exposing flakeModules.dev-hygiene — the org's treefmt + git-hooks + zizmor config as one importable flake-parts module, pre-bound to this repo's inputs and its own zizmor.yml. Consuming Nix repos import it instead of inlining or pulling nix-devenv's heavier closure. Includes the CHANGELOG.md treefmt exclude (release-please owns that file). Plain-source consumers (flake = false, e.g. for zizmor.yml) are unaffected. Assisted-by: Claude:claude-opus-4-8
JacobPEvans-personal
added a commit
to dryvist/nix-claude-code
that referenced
this pull request
May 31, 2026
Stop redefining the org-wide dev-hygiene global settings locally. Delete the inlined flake/dev-hygiene.nix and import inputs.dryvist-github.flakeModules.dev-hygiene instead — the same dryvist/.github source already used for zizmor.yml, now a lean flake (treefmt-nix + git-hooks only, no devenv/crate2nix/devshell). dryvist-github becomes a flake input (nixpkgs follows ours); the standalone treefmt-nix and git-hooks inputs are dropped (now transitive via .github). The CHANGELOG.md treefmt exclude lives in the shared module, not here. Lock temporarily pins the dryvist/.github#15 branch; repointed to main once it merges. nix flake check passes (EXIT 0). Refs: dryvist/.github#15 Assisted-by: Claude:claude-opus-4-8
JacobPEvans-personal
added a commit
to dryvist/nix-claude-code
that referenced
this pull request
May 31, 2026
* fix(dev-hygiene): exclude CHANGELOG.md from treefmt release-please regenerates CHANGELOG.md with `*` bullets each release; prettier (via treefmt) rewrote them to `-` and failed the treefmt and pre-commit flake checks. Exclude CHANGELOG.md from treefmt, mirroring the existing markdownlint-cli2 exclude. Collapse the settings.* assignments into one block to satisfy statix. This failure was masked until now because CI died at the FlakeHub cache step before nix flake check ran. Assisted-by: Claude:claude-opus-4-8 * fix(ci): drop FlakeHub cache, call shared nix-validate template The inline ci.yml used DeterminateSystems/magic-nix-cache-action, which now authenticates its cache against api.flakehub.com and fails CI: FlakeHub: cache initialized failed: Unauthenticated: Cannot find netrc credentials for https://api.flakehub.com/ FlakeHub's hosted cache no longer has a useful free tier. Replace the three inline jobs with a single call to the shared, FlakeHub-free _nix-validate template (actions/cache + Determinate installer). nix flake check covers flake eval + treefmt + pre-commit + lib tests; all_systems:false keeps it to the runner's system, matching prior x86_64-linux-only behavior. Refs: dryvist/.github#13 Assisted-by: Claude:claude-opus-4-8 * chore(deps): bump dryvist-github for dryvist/* zizmor trust dryvist/.github#13 merged: adds the _nix-validate template and the dryvist/* entry to the zizmor unpinned-uses trusted-publisher policy. Bump the pinned input so the local/CI zizmor check (which reads ${inputs.dryvist-github}/zizmor.yml) accepts the dryvist/.github@main reusable-workflow reference in ci.yml. nix flake check passes (EXIT 0). Assisted-by: Claude:claude-opus-4-8 * refactor(flake): inherit dev-hygiene from dryvist/.github flake-module Stop redefining the org-wide dev-hygiene global settings locally. Delete the inlined flake/dev-hygiene.nix and import inputs.dryvist-github.flakeModules.dev-hygiene instead — the same dryvist/.github source already used for zizmor.yml, now a lean flake (treefmt-nix + git-hooks only, no devenv/crate2nix/devshell). dryvist-github becomes a flake input (nixpkgs follows ours); the standalone treefmt-nix and git-hooks inputs are dropped (now transitive via .github). The CHANGELOG.md treefmt exclude lives in the shared module, not here. Lock temporarily pins the dryvist/.github#15 branch; repointed to main once it merges. nix flake check passes (EXIT 0). Refs: dryvist/.github#15 Assisted-by: Claude:claude-opus-4-8
JacobPEvans-personal
added a commit
to dryvist/nix-claude-code
that referenced
this pull request
May 31, 2026
PR #33 merged with the lock pinned to the dryvist/.github#15 branch commit (the module had not yet landed on main). #15 is now merged; move the pin to dryvist/.github main (de34cfe) so nix-claude-code main no longer depends on a feature-branch commit. nix flake check passes (EXIT 0). Assisted-by: Claude:claude-opus-4-8
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What
Make
dryvist/.githuba lean Nix flake that exposesflakeModules.dev-hygiene— the org's treefmt + git-hooks + zizmor config as one importable flake-parts module.flake.nix— inputs:nixpkgs+treefmt-nix+git-hooksonly (no devenv/crate2nix/devshell). Output:flakeModules.dev-hygiene, pre-bound to this repo's inputs and its ownzizmor.yml(${self}/zizmor.yml).nix/dev-hygiene.nix— the module (formatter set, pre-commit hooks, markdownlint with theCHANGELOG.mdexclude, zizmor via--config). Includes the treefmtCHANGELOG.mdexclude so prettier stops fighting release-please's generated bullets.Why
Global dev-hygiene settings should live in
.githuband be inherited, not redefined per-repo. Todaynix-claude-codeinlines a full copy (PR #27, to dodge nix-devenv's ~30-node transitive closure) and onlyzizmor.ymlis inherited. This gives every Nix repo a single, lean home to import from — the same source they already pullzizmor.ymlfrom.Consumer:
First consumer: dryvist/nix-claude-code#33 (drops its inlined
flake/dev-hygiene.nix). Later, nix-ai/nix-home/nix-darwin can migrate off nix-devenv's copy.Verification
.github:nix flake checkpasses (only the expected "flakeModules is unchecked" note); lock closure is lean (nixpkgs,treefmt-nix,git-hooks). Consumer-side:nix flake checkin nix-claude-code passes end-to-end importing this module (markdownlint/statix/treefmt/zizmor all green), with the local copy deleted.Plain-source consumers (
flake = false, e.g. nix-devenv reading${dryvist-github}/zizmor.yml) are unaffected by addingflake.nix.Refs: dryvist/nix-claude-code#33
🤖 Generated with Claude Code