changelog: add all new NixOS modules

kicad: 2013 stable -> 4.0.2
(cherry picked from commit cce37d2164)
2026-06-06 05:13:37 +00:00 · 2016-03-31 23:00:24 +01:00 · 2016-03-31 23:11:47 +02:00 · 2016-03-31 23:11:00 +02:00 · 2016-03-31 20:50:37 +02:00 · 2016-03-31 19:53:21 +03:00
9963 changed files with 1031906 additions and 563911 deletions
--- a/.editorconfig
+++ b/.editorconfig
@@ -1,28 +0,0 @@
-# EditorConfig configuration for nixpkgs
-# http://EditorConfig.org
-
-# Top-most EditorConfig file
-root = true
-
-# Unix-style newlines with a newline ending every file, utf-8 charset
-[*]
-end_of_line = lf
-insert_final_newline = true
-trim_trailing_whitespace = true
-charset = utf-8
-
-# see https://nixos.org/nixpkgs/manual/#chap-conventions
-
-# Match nix/ruby files, set indent to spaces with width of two
-[*.{nix,rb}]
-indent_style = space
-indent_size = 2
-
-# Match shell/python/perl scripts, set indent to spaces with width of four
-[*.{sh,py,pl}]
-indent_style = space
-indent_size = 4
-
-# Match diffs, avoid to trim trailing whitespace
-[*.{diff,patch}]
-trim_trailing_whitespace = false
--- a/.github/CONTRIBUTING.md
+++ b/.github/CONTRIBUTING.md
@@ -12,38 +12,4 @@ under the terms of [COPYING](../COPYING), which is an MIT-like license.

 ## Submitting changes

-* Format the commits in the following way:
-
-  ```
-  (pkg-name | service-name): (from -> to | init at version | refactor | etc)
-  
-  (Motivation for change. Additional information.)
-  ```
-
-  Examples:
-
-  * nginx: init at 2.0.1
-  * firefox: 3.0 -> 3.1.1
-  * hydra service: add bazBaz option
-  
-    Dual baz behavior is needed to do foo.
-  * nginx service: refactor config generation
-    
-    The old config generation system used impure shell scripts and could break in specific circumstances (see #1234).
-
-* `meta.description` should:
-  * Be capitalized
-  * Not start with the package name
-  * Not have a dot at the end
-
-See the nixpkgs manual for more details on how to [Submit changes to nixpkgs](https://nixos.org/nixpkgs/manual/#chap-submitting-changes).
-
-## Writing good commit messages
-
-In addition to writing properly formatted commit messages, it's important to include relevant information so other developers can later understand *why* a change was made. While this information usually can be found by digging code, mailing list archives, pull request discussions or upstream changes, it may require a lot of work.
-
-For package version upgrades and such a one-line commit message is usually sufficient.
-
-## Reviewing contributions
-
-See the nixpkgs manual for more details on how to [Review contributions](https://nixos.org/nixpkgs/manual/#sec-reviewing-contributions).
+See the nixpkgs manual for details on how to [Submit changes to nixpkgs](http://hydra.nixos.org/job/nixpkgs/trunk/manual/latest/download-by-type/doc/manual#chap-submitting-changes).
--- a/.github/ISSUE_TEMPLATE.md
+++ b/.github/ISSUE_TEMPLATE.md
@@ -1,13 +1,17 @@
-## Issue description
+## Basic info

+To make sure that we are on the same page:

-
-### Steps to reproduce
-
-
-
-## Technical details
-
+* Kernel: (run `uname -a`)
 * System: (NixOS: `nixos-version`, Ubuntu/Fedora: `lsb_release -a`, ...)
 * Nix version: (run `nix-env --version`)
 * Nixpkgs version: (run `nix-instantiate --eval '<nixpkgs>' -A lib.nixpkgsVersion`)
+
+## Describe your issue here
+
+### Expected result
+
+### Actual result
+
+### Steps to reproduce
+
--- a/.github/PULL_REQUEST_TEMPLATE.md
+++ b/.github/PULL_REQUEST_TEMPLATE.md
@@ -1,19 +1,18 @@
-###### Motivation for this change
+###### Things done:

-
-###### Things done
-
- [ ] Tested using sandboxing
-  ([nix.useSandbox](http://nixos.org/nixos/manual/options.html#opt-nix.useSandbox) on NixOS,
-    or option `build-use-sandbox` in [`nix.conf`](http://nixos.org/nix/manual/#sec-conf-file)
-    on non-NixOS)
- Built on platform(s)
-   - [ ] NixOS
-   - [ ] macOS
-   - [ ] Linux
+- [ ] Tested using sandboxing (`nix-build --option build-use-chroot true` or [nix.useChroot](http://nixos.org/nixos/manual/options.html#opt-nix.useChroot) on NixOS)
+- [ ] Built on platform(s): NixOS / OSX / Linux
 - [ ] Tested compilation of all pkgs that depend on this change using `nix-shell -p nox --run "nox-review wip"`
 - [ ] Tested execution of all binary files (usually in `./result/bin/`)
 - [ ] Fits [CONTRIBUTING.md](https://github.com/NixOS/nixpkgs/blob/master/.github/CONTRIBUTING.md).

+###### More
+
+Fixes issue #<insert id>
+
+cc @<maintainer>
+
+
 ---

+_Please note, that points are not mandatory, but rather desired._
--- a/.mention-bot
+++ b/.mention-bot
@@ -1,14 +1,5 @@
 {
  "userBlacklist": [
-    "civodul",
-    "jhasse",
-    "shlevy",
-    "bbenoist"
-  ],
-  "alwaysNotifyForPaths": [
-    { "name": "FRidh", "files": ["pkgs/top-level/python-packages.nix", "pkgs/development/interpreters/python/*", "pkgs/development/python-modules/*" ] },
-    { "name": "LnL7", "files": ["pkgs/stdenv/darwin/*", "pkgs/os-specific/darwin/*"] },
-    { "name": "copumpkin", "files": ["pkgs/stdenv/darwin/*", "pkgs/os-specific/darwin/apple-source-releases/*"] }
-  ],
-  "fileBlacklist": ["pkgs/top-level/all-packages.nix"]
+    "civodul"
+  ]
 }
--- a/.travis.yml
+++ b/.travis.yml
@@ -1,25 +1,7 @@
-language: nix
-matrix:
-    include:
-        - os: linux
-          sudo: false
-          script:
-              - ./maintainers/scripts/travis-nox-review-pr.sh nixpkgs-verify nixpkgs-manual nixpkgs-tarball nixpkgs-unstable
-              - ./maintainers/scripts/travis-nox-review-pr.sh nixos-options nixos-manual
-        - os: linux
-          sudo: required
-          dist: trusty
-          before_script:
-              - sudo mount -o remount,exec,size=2G,mode=755 /run/user
-          script: ./maintainers/scripts/travis-nox-review-pr.sh nox pr
-        - os: osx
-          osx_image: xcode7.3
-          script: ./maintainers/scripts/travis-nox-review-pr.sh nox pr
-env:
-    global:
-        - GITHUB_TOKEN=5edaaf1017f691ed34e7f80878f8f5fbd071603f
-
-notifications:
-    email:
-        on_success: never
-        on_failure: change
+language: python
+python: "3.4"
+sudo: required
+dist: trusty
+before_install: ./maintainers/scripts/travis-nox-review-pr.sh nix
+install: ./maintainers/scripts/travis-nox-review-pr.sh nox
+script: ./maintainers/scripts/travis-nox-review-pr.sh build
--- a/.version
+++ b/.version
@@ -1 +1 @@
-17.03
+16.03
--- a/2
+++ b/2
@@ -1,4 +1,4 @@
-Copyright (c) 2003-2017 Eelco Dolstra and the Nixpkgs/NixOS contributors
+Copyright (c) 2003-2016 Eelco Dolstra and the Nixpkgs/NixOS contributors

 Permission is hereby granted, free of charge, to any person obtaining
 a copy of this software and associated documentation files (the
--- a/README.md
+++ b/README.md
@@ -1,7 +1,8 @@
 [<img src="http://nixos.org/logo/nixos-hires.png" width="500px" alt="logo" />](https://nixos.org/nixos)

 [![Build Status](https://travis-ci.org/NixOS/nixpkgs.svg?branch=master)](https://travis-ci.org/NixOS/nixpkgs)
-[![Code Triagers Badge](https://www.codetriage.com/nixos/nixpkgs/badges/users.svg)](https://www.codetriage.com/nixos/nixpkgs)
+[![Issue Stats](http://www.issuestats.com/github/nixos/nixpkgs/badge/pr?style=flat)](http://www.issuestats.com/github/nixos/nixpkgs)
+[![Issue Stats](http://www.issuestats.com/github/nixos/nixpkgs/badge/issue?style=flat)](http://www.issuestats.com/github/nixos/nixpkgs)

 Nixpkgs is a collection of packages for the [Nix](https://nixos.org/nix/) package
 manager. It is periodically built and tested by the [hydra](http://hydra.nixos.org/)
@@ -13,12 +14,12 @@ build daemon as so-called channels. To get channel information via git, add
 ```

 For stability and maximum binary package support, it is recommended to maintain
-custom changes on top of one of the channels, e.g. `nixos-17.03` for the latest
+custom changes on top of one of the channels, e.g. `nixos-15.09` for the latest
 release and `nixos-unstable` for the latest successful build of master:

 ```
 % git remote update channels
-% git rebase channels/nixos-17.03
+% git rebase channels/nixos-15.09
 ```

 For pull-requests, please rebase onto nixpkgs `master`.
@@ -30,11 +31,11 @@ For pull-requests, please rebase onto nixpkgs `master`.
 * [Documentation (Nix Expression Language chapter)](https://nixos.org/nix/manual/#ch-expression-language)
 * [Manual (How to write packages for Nix)](https://nixos.org/nixpkgs/manual/)
 * [Manual (NixOS)](https://nixos.org/nixos/manual/)
-* [Nix Wiki](https://nixos.org/wiki/) (deprecated, see milestone ["Move the Wiki!"](https://github.com/NixOS/nixpkgs/issues?q=is%3Aopen+is%3Aissue+milestone%3A%22Move+the+wiki%21%22))
+* [Nix Wiki](https://nixos.org/wiki/)
 * [Continuous package builds for unstable/master](https://hydra.nixos.org/jobset/nixos/trunk-combined)
-* [Continuous package builds for 17.03 release](https://hydra.nixos.org/jobset/nixos/release-17.03)
+* [Continuous package builds for 15.09 release](https://hydra.nixos.org/jobset/nixos/release-15.09)
 * [Tests for unstable/master](https://hydra.nixos.org/job/nixos/trunk-combined/tested#tabs-constituents)
-* [Tests for 17.03 release](https://hydra.nixos.org/job/nixos/release-17.03/tested#tabs-constituents)
+* [Tests for 15.09 release](https://hydra.nixos.org/job/nixos/release-15.09/tested#tabs-constituents)

 Communication:

--- a/default.nix
+++ b/default.nix
@@ -6,4 +6,4 @@ if ! builtins ? nixVersion || builtins.compareVersions requiredVersion builtins.

 else

-  import ./pkgs/top-level/impure.nix
+  import ./pkgs/top-level/all-packages.nix
--- a/doc/coding-conventions.xml
+++ b/doc/coding-conventions.xml
@@ -251,13 +251,16 @@ bound to the variable name <varname>e2fsprogs</varname> in

  <listitem><para>The version part of the <literal>name</literal>
  attribute <emphasis>must</emphasis> start with a digit (following a
-  dash) — e.g., <literal>"hello-0.3.1rc2"</literal>.</para></listitem>
+  dash) — e.g., <literal>"hello-0.3-pre-r3910"</literal> instead of
+  <literal>"hello-svn-r3910"</literal>, as the latter would be seen as
+  a package named <literal>hello-svn</literal> by
+  <command>nix-env</command>.</para></listitem>

-  <listitem><para>If a package is not a release but a commit from a repository, then
+  <listitem><para>If package is fetched from git's commit then
  the version part of the name <emphasis>must</emphasis> be the date of that 
  (fetched) commit. The date must be in <literal>"YYYY-MM-DD"</literal> format.
-  Also append <literal>"unstable"</literal> to the name - e.g.,
-  <literal>"pkgname-unstable-2014-09-23"</literal>.</para></listitem>
+  Also add <literal>"git"</literal> to the name - e.g.,
+  <literal>"pkgname-git-2014-09-23"</literal>.</para></listitem>

  <listitem><para>Dashes in the package name should be preserved
  in new variable names, rather than converted to underscores
@@ -623,7 +626,7 @@ evaluate correctly.</para>
    from bad to good:
    <itemizedlist>
      <listitem>
-        <para>Bad: Uses <literal>git://</literal> which won't be proxied.
+        <para>Uses <literal>git://</literal> which won't be proxied.
 <programlisting>
 src = fetchgit {
  url = "git://github.com/NixOS/nix.git";
@@ -634,7 +637,7 @@ src = fetchgit {
        </para>
      </listitem>
      <listitem>
-        <para>Better: This is ok, but an archive fetch will still be faster.
+        <para>This is ok, but an archive fetch will still be faster.
 <programlisting>
 src = fetchgit {
  url = "https://github.com/NixOS/nix.git";
@@ -645,7 +648,7 @@ src = fetchgit {
        </para>
      </listitem>
      <listitem>
-        <para>Best: Fetches a snapshot archive and you get the rev you want.
+        <para>Fetches a snapshot archive and you get the rev you want.
 <programlisting>
 src = fetchFromGitHub {
  owner = "NixOS";
@@ -659,22 +662,4 @@ src = fetchFromGitHub {
    </itemizedlist>
  </para>
 </section>
-
-<section xml:id="sec-patches"><title>Patches</title>
-  <para>Only patches that are unique to <literal>nixpkgs</literal> should be 
-    included in <literal>nixpkgs</literal> source.</para>
-  <para>Patches available online should be retrieved using 
-    <literal>fetchpatch</literal>.</para>
-  <para>
-<programlisting>
-patches = [
-  (fetchpatch {
-    name = "fix-check-for-using-shared-freetype-lib.patch";
-    url = "http://git.ghostscript.com/?p=ghostpdl.git;a=patch;h=8f5d285";
-    sha256 = "1f0k043rng7f0rfl9hhb89qzvvksqmkrikmm38p61yfx51l325xr";
-  })
-];
-</programlisting>
-  </para>
-</section>
 </chapter>
--- a/doc/configuration.xml
+++ b/doc/configuration.xml
@@ -2,223 +2,85 @@
         xmlns:xlink="http://www.w3.org/1999/xlink"
         xml:id="chap-packageconfig">

-<title>Global configuration</title>
+<title><filename>~/.nixpkgs/config.nix</filename>: global configuration</title>

-<para>Nix comes with certain defaults about what packages can and
-cannot be installed, based on a package's metadata. By default, Nix
-will prevent installation if any of the following criteria are
-true:</para>
+<para>Nix packages can be configured to allow or deny certain options.</para>

-<itemizedlist>
-  <listitem><para>The package is thought to be broken, and has had
-  its <literal>meta.broken</literal> set to
-  <literal>true</literal>.</para></listitem>
+<para>To apply the configuration edit
+<filename>~/.nixpkgs/config.nix</filename> and set it like

-  <listitem><para>The package's <literal>meta.license</literal> is set
-  to a license which is considered to be unfree.</para></listitem>
-
-  <listitem><para>The package has known security vulnerabilities but
-  has not or can not be updated for some reason, and a list of issues
-  has been entered in to the package's
-  <literal>meta.knownVulnerabilities</literal>.</para></listitem>
-</itemizedlist>
-
-<para>Note that all this is checked during evaluation already,
-and the check includes any package that is evaluated.
-In particular, all build-time dependencies are checked.
-<literal>nix-env -qa</literal> will (attempt to) hide any packages
-that would be refused.
-</para>
-
-<para>Each of these criteria can be altered in the nixpkgs
-configuration.</para>
-
-<para>The nixpkgs configuration for a NixOS system is set in the
-<literal>configuration.nix</literal>, as in the following example:
-<programlisting>
-{
-  nixpkgs.config = {
-    allowUnfree = true;
-  };
-}
-</programlisting>
-However, this does not allow unfree software for individual users.
-Their configurations are managed separately.</para>
-
-<para>A user's of nixpkgs configuration is stored in a user-specific
-configuration file located at
-<filename>~/.config/nixpkgs/config.nix</filename>. For example:
 <programlisting>
 {
  allowUnfree = true;
 }
 </programlisting>
-</para>

-<section xml:id="sec-allow-broken">
-  <title>Installing broken packages</title>
+and will allow the Nix package manager to install unfree licensed packages.</para>

+<para>The configuration as listed also applies to NixOS under
+<option>nixpkgs.config</option> set.</para>

-  <para>There are two ways to try compiling a package which has been
-  marked as broken.</para>
+<itemizedlist>

-  <itemizedlist>
-    <listitem><para>
-      For allowing the build of a broken package once, you can use an
-      environment variable for a single invocation of the nix tools:
+  <listitem>
+    <para>Allow installing of packages that are distributed under
+    unfree license by setting <programlisting>allowUnfree =
+    true;</programlisting> or deny them by setting it to
+    <literal>false</literal>.</para>

-      <programlisting>$ export NIXPKGS_ALLOW_BROKEN=1</programlisting>
-    </para></listitem>
-
-    <listitem><para>
-      For permanently allowing broken packages to be built, you may
-      add <literal>allowBroken = true;</literal> to your user's
-      configuration file, like this:
+    <para>Same can be achieved by setting the environment variable:

 <programlisting>
-{
-  allowBroken = true;
-}
+$ export NIXPKGS_ALLOW_UNFREE=1
 </programlisting>
-    </para></listitem>
-  </itemizedlist>
-</section>

-<section xml:id="sec-allow-unfree">
-  <title>Installing unfree packages</title>
+    </para>
+  </listitem>

-  <para>There are several ways to tweak how Nix handles a package
-  which has been marked as unfree.</para>
-
-  <itemizedlist>
-    <listitem><para>
-      To temporarily allow all unfree packages, you can use an
-      environment variable for a single invocation of the nix tools:
-
-      <programlisting>$ export NIXPKGS_ALLOW_UNFREE=1</programlisting>
-    </para></listitem>
-
-    <listitem><para>
-      It is possible to permanently allow individual unfree packages,
-      while still blocking unfree packages by default using the
-      <literal>allowUnfreePredicate</literal> configuration
-      option in the user configuration file.</para>
-
-      <para>This option is a function which accepts a package as a
-      parameter, and returns a boolean. The following example
-      configuration accepts a package and always returns false:
-<programlisting>
-{
-  allowUnfreePredicate = (pkg: false);
-}
-</programlisting>
-      </para>
-
-      <para>A more useful example, the following configuration allows
-      only allows flash player and visual studio code:
+  <listitem>
+    <para>Whenever unfree packages are not allowed, single packages
+    can still be allowed by a predicate function that accepts package
+    as an argument and should return a boolean:

 <programlisting>
-{
-  allowUnfreePredicate = (pkg: elem (builtins.parseDrvName pkg.name).name [ "flashplayer" "vscode" ]);
-}
+allowUnfreePredicate = (pkg: ...);
 </programlisting>
-    </para></listitem>

-    <listitem>
-      <para>It is also possible to whitelist and blacklist licenses
-      that are specifically acceptable or not acceptable, using
-      <literal>whitelistedLicenses</literal> and
-      <literal>blacklistedLicenses</literal>, respectively.
-      </para>
-
-      <para>The following example configuration whitelists the
-      licenses <literal>amd</literal> and <literal>wtfpl</literal>:
+    Example to allow flash player only:

 <programlisting>
-{
-  whitelistedLicenses = with stdenv.lib.licenses; [ amd wtfpl ];
-}
+allowUnfreePredicate = (pkg: pkgs.lib.hasPrefix "flashplayer-" pkg.name);
 </programlisting>
-      </para>

-      <para>The following example configuration blacklists the
-      <literal>gpl3</literal> and <literal>agpl3</literal> licenses:
+    </para>
+  </listitem>
+
+  <listitem>
+    <para>Whenever unfree packages are not allowed, packages can still
+    be whitelisted by their license:

 <programlisting>
-{
-  blacklistedLicenses = with stdenv.lib.licenses; [ agpl3 gpl3 ];
-}
+whitelistedLicenses = with stdenv.lib.licenses; [ amd wtfpl ];
 </programlisting>
-      </para>
-    </listitem>
-  </itemizedlist>
+    </para>
+  </listitem>

-  <para>A complete list of licenses can be found in the file
-  <filename>lib/licenses.nix</filename> of the nixpkgs tree.</para>
-</section>
-
-
-<section xml:id="sec-allow-insecure">
-  <title>
-    Installing insecure packages
-  </title>
-
-  <para>There are several ways to tweak how Nix handles a package
-  which has been marked as insecure.</para>
-
-  <itemizedlist>
-    <listitem><para>
-      To temporarily allow all insecure packages, you can use an
-      environment variable for a single invocation of the nix tools:
-
-      <programlisting>$ export NIXPKGS_ALLOW_INSECURE=1</programlisting>
-    </para></listitem>
-
-    <listitem><para>
-      It is possible to permanently allow individual insecure
-      packages, while still blocking other insecure packages by
-      default using the <literal>permittedInsecurePackages</literal>
-      configuration option in the user configuration file.</para>
-
-      <para>The following example configuration permits the
-      installation of the hypothetically insecure package
-      <literal>hello</literal>, version <literal>1.2.3</literal>:
-<programlisting>
-{
-  permittedInsecurePackages = [
-    "hello-1.2.3"
-  ];
-}
-</programlisting>
-      </para>
-    </listitem>
-
-    <listitem><para>
-      It is also possible to create a custom policy around which
-      insecure packages to allow and deny, by overriding the
-      <literal>allowInsecurePredicate</literal> configuration
-      option.</para>
-
-      <para>The <literal>allowInsecurePredicate</literal> option is a
-      function which accepts a package and returns a boolean, much
-      like <literal>allowUnfreePredicate</literal>.</para>
-
-      <para>The following configuration example only allows insecure
-      packages with very short names:
+  <listitem>
+    <para>In addition to whitelisting licenses which are denied by the
+    <literal>allowUnfree</literal> setting, you can also explicitely
+    deny installation of packages which have a certain license:

 <programlisting>
-{
-  allowInsecurePredicate = (pkg: (builtins.stringLength (builtins.parseDrvName pkg.name).name) &lt;= 5);
-}
+blacklistedLicenses = with stdenv.lib.licenses; [ agpl3 gpl3 ];
 </programlisting>
-      </para>
+    </para>
+  </listitem>
+
+</itemizedlist>
+
+<para>A complete list of licenses can be found in the file
+<filename>lib/licenses.nix</filename> of the nix package tree.</para>

-      <para>Note that <literal>permittedInsecurePackages</literal> is
-      only checked if <literal>allowInsecurePredicate</literal> is not
-      specified.
-    </para></listitem>
-  </itemizedlist>
-</section>

 <!--============================================================-->

@@ -227,7 +89,7 @@ packages via <literal>packageOverrides</literal></title>

 <para>You can define a function called
 <varname>packageOverrides</varname> in your local
-<filename>~/.config/nixpkgs/config.nix</filename> to override nix packages.  It
+<filename>~/.nixpkgs/config.nix</filename> to overide nix packages.  It
 must be a function that takes pkgs as an argument and return modified
 set of packages.

--- a/doc/cross-compilation.xml
+++ b/doc/cross-compilation.xml
@@ -1,168 +0,0 @@
-<chapter xmlns="http://docbook.org/ns/docbook"
-         xmlns:xlink="http://www.w3.org/1999/xlink"
-         xml:id="chap-cross">
-
-<title>Cross-compilation</title>
-
-<section xml:id="sec-cross-intro">
-  <title>Introduction</title>
-  <para>
-    "Cross-compilation" means compiling a program on one machine for another type of machine.
-    For example, a typical use of cross compilation is to compile programs for embedded devices.
-    These devices often don't have the computing power and memory to compile their own programs.
-    One might think that cross-compilation is a fairly niche concern, but there are advantages to being rigorous about distinguishing build-time vs run-time environments even when one is developing and deploying on the same machine.
-    Nixpkgs is increasingly adopting this opinion in that packages should be written with cross-compilation in mind, and nixpkgs should evaluate in a similar way (by minimizing cross-compilation-specific special cases) whether or not one is cross-compiling.
-  </para>
-
-  <para>
-    This chapter will be organized in three parts.
-    First, it will describe the basics of how to package software in a way that supports cross-compilation.
-    Second, it will describe how to use Nixpkgs when cross-compiling.
-    Third, it will describe the internal infrastructure supporting cross-compilation.
-  </para>
-</section>
-
-<!--============================================================-->
-
-<section xml:id="sec-cross-packaging">
-  <title>Packaging in a cross-friendly manner</title>
-
-  <section>
-    <title>Platform parameters</title>
-    <para>
-      The three GNU Autoconf platforms, <wordasword>build</wordasword>, <wordasword>host</wordasword>, and <wordasword>cross</wordasword>, are historically the result of much confusion.
-      <link xlink:href="https://gcc.gnu.org/onlinedocs/gccint/Configure-Terms.html" /> clears this up somewhat but there is more to be said.
-      An important advice to get out the way is, unless you are packaging a compiler or other build tool, just worry about the build and host platforms.
-      Dealing with just two platforms usually better matches people's preconceptions, and in this case is completely correct.
-    </para>
-    <para>
-      In Nixpkgs, these three platforms are defined as attribute sets under the names <literal>buildPlatform</literal>, <literal>hostPlatform</literal>, and <literal>targetPlatform</literal>.
-      All are guaranteed to contain at least a <varname>platform</varname> field, which contains detailed information on the platform.
-      All three are always defined at the top level, so one can get at them just like a dependency in a function that is imported with <literal>callPackage</literal>:
-      <programlisting>{ stdenv, buildPlatform, hostPlatform, fooDep, barDep, .. }: ...</programlisting>
-    </para>
-    <warning><para>
-      These platforms should all have the same structure in all scenarios, but that is currently not the case.
-      When not cross-compiling, they will each contain a <literal>system</literal> field with a short 2-part, hyphen-separated summering string name for the platform.
-      But, when when cross compiling, <literal>hostPlatform</literal> and <literal>targetPlatform</literal> may instead contain <literal>config</literal> with a fuller 3- or 4-part string in the manner of LLVM.
-      We should have all 3 platforms always contain both, and maybe give <literal>config</literal> a better name while we are at it.
-    </para></warning>
-    <variablelist>
-      <varlistentry>
-        <term><varname>buildPlatform</varname></term>
-        <listitem><para>
-          The "build platform" is the platform on which a package is built.
-          Once someone has a built package, or pre-built binary package, the build platform should not matter and be safe to ignore.
-        </para></listitem>
-      </varlistentry>
-      <varlistentry>
-        <term><varname>hostPlatform</varname></term>
-        <listitem><para>
-          The "host platform" is the platform on which a package is run.
-          This is the simplest platform to understand, but also the one with the worst name.
-        </para></listitem>
-      </varlistentry>
-      <varlistentry>
-        <term><varname>targetPlatform</varname></term>
-        <listitem>
-          <para>
-            The "target platform" is black sheep.
-            The other two intrinsically apply to all compiled software—or any build process with a notion of "build-time" followed by "run-time".
-            The target platform only applies to programming tools, and even then only is a good for for some of them.
-            Briefly, GCC, Binutils, GHC, and certain other tools are written in such a way such that a single build can only compiler code for a single platform.
-            Thus, when building them, one must think ahead about what platforms they wish to use the tool to produce machine code for, and build binaries for each.
-          </para>
-          <para>
-            There is no fundamental need to think about the target ahead of time like this.
-            LLVM, for example, was designed from the beginning with cross-compilation in mind, and so a normal LLVM binary will support every architecture that LLVM supports.
-            If the tool supports modular or pluggable backends, one might imagine specifying a <emphasis>set</emphasis> of target platforms / backends one wishes to support, rather than a single one.
-          </para>
-          <para>
-            The biggest reason for mess, if there is one, is that many compilers have the bad habit a build process that builds the compiler and standard library/runtime together.
-            Then the specifying target platform is essential, because it determines the host platform of the standard library/runtime.
-            Nixpkgs tries to avoid this where possible too, but still, because the concept of a target platform is so ingrained now in Autoconf and other tools, it is best to support it as is.
-            Tools like LLVM that don't need up-front target platforms can safely ignore it like normal packages, and it will do no harm.
-          </para>
-          </listitem>
-      </varlistentry>
-    </variablelist>
-    <note><para>
-      If you dig around nixpkgs, you may notice there is also <varname>stdenv.cross</varname>.
-      This field defined as <varname>hostPlatform</varname> when the host and build platforms differ, but otherwise not defined at all.
-      This field is obsolete and will soon disappear—please do not use it.
-    </para></note>
-  </section>
-
-  <section>
-    <title>Specifying Dependencies</title>
-    <para>
-      As mentioned in the introduction to this chapter, one can think about a build time vs run time distinction whether cross-compiling or not.
-      In the case of cross-compilation, this corresponds with whether a derivation running on the native or foreign platform is produced.
-      An interesting thing to think about is how this corresponds with the three Autoconf platforms.
-      In the run-time case, the depending and depended-on package simply have matching build, host, and target platforms.
-      But in the build-time case, one can imagine "sliding" the platforms one over.
-      The depended-on package's host and target platforms (respectively) become the depending package's build and host platforms.
-      This is the most important guiding principle behind cross-compilation with Nixpkgs, and will be called the <wordasword>sliding window principle</wordasword>.
-      In this manner, given the 3 platforms for one package, we can determine the three platforms for all its transitive dependencies.
-    </para>
-    <para>
-      Some examples will probably make this clearer.
-      If a package is being built with a <literal>(build, host, target)</literal> platform triple of <literal>(foo, bar, bar)</literal>, then its build-time dependencies would have a triple of <literal>(foo, foo, bar)</literal>, and <emphasis>those packages'</emphasis> build-time dependencies would have triple of <literal>(foo, foo, foo)</literal>.
-      In other words, it should take two "rounds" of following build-time dependency edges before one reaches a fixed point where, by the sliding window principle, the platform triple no longer changes.
-      Indeed, this happens with cross compilation, where only rounds of native dependencies starting with the second necessarily coincide with native packages.
-    </para>
-    <note><para>
-      The depending package's target platform is unconstrained by the sliding window principle, which makes sense in that one can in principle build cross compilers targeting arbitrary platforms.
-    </para></note>
-    <para>
-      How does this work in practice? Nixpkgs is now structured so that build-time dependencies are taken from from <varname>buildPackages</varname>, whereas run-time dependencies are taken from the top level attribute set.
-      For example, <varname>buildPackages.gcc</varname> should be used at build time, while <varname>gcc</varname> should be used at run time.
-      Now, for most of Nixpkgs's history, there was no <varname>buildPackages</varname>, and most packages have not been refactored to use it explicitly.
-      Instead, one can use the four attributes used for specifying dependencies as documented in <link linkend="ssec-stdenv-attributes" />.
-      We "splice" together the run-time and build-time package sets with <varname>callPackage</varname>, and then <varname>mkDerivation</varname> for each of four attributes pulls the right derivation out.
-      This splicing can be skipped when not cross compiling as the package sets are the same, but is a bit slow for cross compiling.
-      Because of this, a best-of-both-worlds solution is in the works with no splicing or explicit access of <varname>buildPackages</varname> needed.
-      For now, feel free to use either method.
-    </para>
-  </section>
-
-</section>
-
-<!--============================================================-->
-
-<section xml:id="sec-cross-usage">
-  <title>Cross-building packages</title>
-  <note><para>
-    More information needs to moved from the old wiki, especially <link xlink:href="https://nixos.org/wiki/CrossCompiling" />, for this section.
-  </para></note>
-  <para>
-    Many sources (manual, wiki, etc) probably mention passing <varname>system</varname>, <varname>platform</varname>, and, optionally, <varname>crossSystem</varname> to nixpkgs:
-    <literal>import &lt;nixpkgs&gt; { system = ..; platform = ..; crossSystem = ..; }</literal>.
-    <varname>system</varname> and <varname>platform</varname> together determine the system on which packages are built, and <varname>crossSystem</varname> specifies the platform on which packages are ultimately intended to run, if it is different.
-    This still works, but with more recent changes, one can alternatively pass <varname>localSystem</varname>, containing <varname>system</varname> and <varname>platform</varname>, for symmetry.
-  </para>
-  <para>
-    One would think that <varname>localSystem</varname> and <varname>crossSystem</varname> overlap horribly with the three <varname>*Platforms</varname> (<varname>buildPlatform</varname>, <varname>hostPlatform,</varname> and <varname>targetPlatform</varname>; see <varname>stage.nix</varname> or the manual).
-    Actually, those identifiers are purposefully not used here to draw a subtle but important distinction:
-    While the granularity of having 3 platforms is necessary to properly *build* packages, it is overkill for specifying the user's *intent* when making a build plan or package set.
-    A simple "build vs deploy" dichotomy is adequate: the sliding window principle described in the previous section shows how to interpolate between the these two "end points" to get the 3 platform triple for each bootstrapping stage.
-    That means for any package a given package set, even those not bound on the top level but only reachable via dependencies or <varname>buildPackages</varname>, the three platforms will be defined as one of <varname>localSystem</varname> or <varname>crossSystem</varname>, with the former replacing the latter as one traverses build-time dependencies.
-    A last simple difference then is <varname>crossSystem</varname> should be null when one doesn't want to cross-compile, while the <varname>*Platform</varname>s are always non-null.
-    <varname>localSystem</varname> is always non-null.
-  </para>
-</section>
-
-<!--============================================================-->
-
-<section xml:id="sec-cross-infra">
-  <title>Cross-compilation infrastructure</title>
-  <para>To be written.</para>
-  <note><para>
-    If one explores nixpkgs, they will see derivations with names like <literal>gccCross</literal>.
-    Such <literal>*Cross</literal> derivations is a holdover from before we properly distinguished between the host and target platforms
-    —the derivation with "Cross" in the name covered the <literal>build = host != target</literal> case, while the other covered the <literal>host = target</literal>, with build platform the same or not based on whether one was using its <literal>.nativeDrv</literal> or <literal>.crossDrv</literal>.
-    This ugliness will disappear soon.
-  </para></note>
-</section>
-
-</chapter>
--- a/doc/default.nix
+++ b/doc/default.nix
@@ -1,14 +1,14 @@
+with import ./.. { };
+with lib;
 let
-  pkgs = import ./.. { };
-  lib = pkgs.lib;
-  sources = lib.sourceFilesBySuffices ./. [".xml"];
+  sources = sourceFilesBySuffices ./. [".xml"];
  sources-langs = ./languages-frameworks;
 in
-pkgs.stdenv.mkDerivation {
+stdenv.mkDerivation {
  name = "nixpkgs-manual";


-  buildInputs = with pkgs; [ pandoc libxml2 libxslt zip ];
+  buildInputs = [ pandoc libxml2 libxslt ];

  xsltFlags = ''
    --param section.autolabel 1
@@ -26,8 +26,7 @@ pkgs.stdenv.mkDerivation {
      extraHeader = ''xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" '';
    in ''
      {
-        pandoc '${inputFile}' -w docbook ${lib.optionalString useChapters "--chapters"} \
-          --smart \
+        pandoc '${inputFile}' -w docbook ${optionalString useChapters "--chapters"} \
          | sed -e 's|<ulink url=|<link xlink:href=|' \
              -e 's|</ulink>|</link>|' \
              -e 's|<sect. id=|<section xml:id=|' \
@@ -49,65 +48,38 @@ pkgs.stdenv.mkDerivation {
      useChapters = true;
    }
  + toDocbook {
-      inputFile = ./languages-frameworks/python.md;
-      outputFile = "./languages-frameworks/python.xml";
+      inputFile = ./haskell-users-guide.md;
+      outputFile = "haskell-users-guide.xml";
+      useChapters = true;
    }
  + toDocbook {
-      inputFile = ./languages-frameworks/haskell.md;
-      outputFile = "./languages-frameworks/haskell.xml";
-    }
-  + toDocbook {
-      inputFile = ../pkgs/development/idris-modules/README.md;
+      inputFile = ./../pkgs/development/idris-modules/README.md;
      outputFile = "languages-frameworks/idris.xml";
    }
  + toDocbook {
-      inputFile = ../pkgs/development/node-packages/README.md;
-      outputFile = "languages-frameworks/node.xml";
-    }
-  + toDocbook {
-      inputFile = ../pkgs/development/r-modules/README.md;
+      inputFile = ./../pkgs/development/r-modules/README.md;
      outputFile = "languages-frameworks/r.xml";
    }
-  + toDocbook {
-      inputFile = ./languages-frameworks/rust.md;
-      outputFile = "./languages-frameworks/rust.xml";
-    }
-  + toDocbook {
-      inputFile = ./languages-frameworks/vim.md;
-      outputFile = "./languages-frameworks/vim.xml";
-    }
  + ''
-    echo ${lib.nixpkgsVersion} > .version
+    echo ${nixpkgsVersion} > .version

    # validate against relaxng schema
    xmllint --nonet --xinclude --noxincludenode manual.xml --output manual-full.xml
-    ${pkgs.jing}/bin/jing ${pkgs.docbook5}/xml/rng/docbook/docbook.rng manual-full.xml
+    ${jing}/bin/jing ${docbook5}/xml/rng/docbook/docbook.rng manual-full.xml

    dst=$out/share/doc/nixpkgs
    mkdir -p $dst
    xsltproc $xsltFlags --nonet --xinclude \
      --output $dst/manual.html \
-      ${pkgs.docbook5_xsl}/xml/xsl/docbook/xhtml/docbook.xsl \
+      ${docbook5_xsl}/xml/xsl/docbook/xhtml/docbook.xsl \
      ./manual.xml

    cp ${./style.css} $dst/style.css

    mkdir -p $dst/images/callouts
-    cp "${pkgs.docbook5_xsl}/xml/xsl/docbook/images/callouts/"*.gif $dst/images/callouts/
+    cp "${docbook5_xsl}/xml/xsl/docbook/images/callouts/"*.gif $dst/images/callouts/

    mkdir -p $out/nix-support
    echo "doc manual $dst manual.html" >> $out/nix-support/hydra-build-products
-
-    xsltproc $xsltFlags --nonet --xinclude \
-      --output $dst/epub/ \
-      ${pkgs.docbook5_xsl}/xml/xsl/docbook/epub/docbook.xsl \
-      ./manual.xml
-
-    cp -r $dst/images $dst/epub/OEBPS
-    echo "application/epub+zip" > mimetype
-    manual="$dst/nixpkgs-manual.epub"
-    zip -0Xq "$manual" mimetype
-    cd $dst/epub && zip -Xr9D "$manual" *
-    rm -rf $dst/epub
  '';
 }
--- a/doc/erlang-users-guide.xml
+++ b/doc/erlang-users-guide.xml
@@ -0,0 +1,305 @@
+<chapter xmlns="http://docbook.org/ns/docbook"
+         xmlns:xlink="http://www.w3.org/1999/xlink"
+         xml:id="users-guide-to-the-erlang-infrastructure">
+
+<title>User's Guide to the Erlang Infrastructure</title>
+<section xml:id="build-tools">
+  <title>Build Tools</title>
+  <para>
+    By default Rebar3 wants to manage it's own dependencies. In the
+    normal non-Nix, this is perfectly acceptable. In the Nix world it
+    is not. To support this we have created two versions of rebar3,
+    <literal>rebar3</literal> and <literal>rebar3-open</literal>. The
+    <literal>rebar3</literal> version has been patched to remove the
+    ability to download anything from it. If you are not running it a
+    nix-shell or a nix-build then its probably not going to work for
+    you. <literal>rebar3-open</literal> is the normal, un-modified
+    rebar3. It should work exactly as would any other version of
+    rebar3. Any Erlang package should rely on
+    <literal>rebar3</literal> and thats really what you should be
+    using too.
+  </para>
+</section>
+
+<section xml:id="how-to-install-erlang-packages">
+  <title>How to install Erlang packages</title>
+  <para>
+    Erlang packages are not registered in the top level simply because
+    they are not relevant to the vast majority of Nix users. They are
+    installable using the <literal>erlangPackages</literal> attribute set.
+
+    You can list the avialable packages in the
+    <literal>erlangPackages</literal> with the following command:
+  </para>
+
+  <programlisting>
+$ nix-env -f &quot;&lt;nixpkgs&gt;&quot; -qaP -A erlangPackages
+erlangPackages.esqlite    esqlite-0.2.1
+erlangPackages.goldrush   goldrush-0.1.7
+erlangPackages.ibrowse    ibrowse-4.2.2
+erlangPackages.jiffy      jiffy-0.14.5
+erlangPackages.lager      lager-3.0.2
+erlangPackages.meck       meck-0.8.3
+erlangPackages.rebar3-pc  pc-1.1.0
+  </programlisting>
+  <para>
+    To install any of those packages into your profile, refer to them by
+    their attribute path (first column):
+  </para>
+  <programlisting>
+$ nix-env -f &quot;&lt;nixpkgs&gt;&quot; -iA erlangPackages.ibrowse
+  </programlisting>
+  <para>
+    The attribute path of any Erlang packages corresponds to the name
+    of that particular package in Hex or its OTP Application/Release name.
+  </para>
+</section>
+<section xml:id="packaging-erlang-applications">
+  <title>Packaging Erlang Applications</title>
+  <section xml:id="rebar3-packages">
+    <title>Rebar3 Packages</title>
+    <para>
+      There is a Nix functional called
+      <literal>buildRebar3</literal>. We use this function to make a
+      derivation that understands how to build the rebar3 project. For
+      example, the epression we use to build the <link
+      xlink:href="https://github.com/erlang-nix/hex2nix">hex2nix</link>
+      project follows.
+    </para>
+    <programlisting>
+{stdenv, fetchFromGitHub, buildRebar3, ibrowse, jsx, erlware_commons }:
+
+buildRebar3 rec {
+    name = "hex2nix";
+    version = "0.0.1";
+
+    src = fetchFromGitHub {
+        owner = "ericbmerritt";
+        repo = "hex2nix";
+        rev = "${version}";
+        sha256 = "1w7xjidz1l5yjmhlplfx7kphmnpvqm67w99hd2m7kdixwdxq0zqg";
+    };
+
+    erlangDeps = [ ibrowse jsx erlware_commons ];
+}
+    </programlisting>
+    <para>
+      The only visible difference between this derivation and
+      something like <literal>stdenv.mkDerivation</literal> is that we
+      have added <literal>erlangDeps</literal> to the derivation. If
+      you add your Erlang dependencies here they will be correctly
+      handled by the system.
+    </para>
+    <para>
+      If your package needs to compile native code via Rebar's port
+      compilation mechenism. You should add <literal>compilePort =
+      true;</literal> to the derivation.
+    </para>
+  </section>
+
+  <section xml:id="hex-packages">
+    <title>Hex Packages</title>
+    <para>
+      Hex packages are based on Rebar packages. In fact, at the moment
+      we can only compile Hex packages that are buildable with
+      Rebar3. Packages that use Mix and other build systems are not
+      supported. That being said, we know a lot more about Hex and can
+      do more for you.
+    </para>
+    <programlisting>
+{ buildHex }:
+  buildHex {
+    name = "esqlite";
+    version = "0.2.1";
+    sha256 = "1296fn1lz4lz4zqzn4dwc3flgkh0i6n4sydg501faabfbv8d3wkr";
+    compilePort = true;
+}
+    </programlisting>
+    <para>
+      For Hex packages you need to provide the name, the version, and
+      the Sha 256 digest of the package and use
+      <literal>buildHex</literal> to build it. Obviously, the package
+      needs to have already been published to Hex.
+    </para>
+  </section>
+</section>
+<section xml:id="how-to-develop">
+  <title>How to develop</title>
+  <section xml:id="accessing-an-environment">
+    <title>Accessing an Environment</title>
+    <para>
+      Often, all you want to do is be able to access a valid
+      environment that contains a specific package and its
+      dependencies. we can do that with the <literal>env</literal>
+      part of a derivation. For example, lets say we want to access an
+      erlang repl with ibrowse loaded up. We could do the following.
+    </para>
+    <programlisting>
+      ~/w/nixpkgs ❯❯❯ nix-shell -A erlangPackages.ibrowse.env --run "erl"
+      Erlang/OTP 18 [erts-7.0] [source] [64-bit] [smp:4:4] [async-threads:10] [hipe] [kernel-poll:false]
+
+      Eshell V7.0  (abort with ^G)
+      1> m(ibrowse).
+      Module: ibrowse
+      MD5: 3b3e0137d0cbb28070146978a3392945
+      Compiled: January 10 2016, 23:34
+      Object file: /nix/store/g1rlf65rdgjs4abbyj4grp37ry7ywivj-ibrowse-4.2.2/lib/erlang/lib/ibrowse-4.2.2/ebin/ibrowse.beam
+      Compiler options:  [{outdir,"/tmp/nix-build-ibrowse-4.2.2.drv-0/hex-source-ibrowse-4.2.2/_build/default/lib/ibrowse/ebin"},
+      debug_info,debug_info,nowarn_shadow_vars,
+      warn_unused_import,warn_unused_vars,warnings_as_errors,
+      {i,"/tmp/nix-build-ibrowse-4.2.2.drv-0/hex-source-ibrowse-4.2.2/_build/default/lib/ibrowse/include"}]
+      Exports:
+      add_config/1                  send_req_direct/7
+      all_trace_off/0               set_dest/3
+      code_change/3                 set_max_attempts/3
+      get_config_value/1            set_max_pipeline_size/3
+      get_config_value/2            set_max_sessions/3
+      get_metrics/0                 show_dest_status/0
+      get_metrics/2                 show_dest_status/1
+      handle_call/3                 show_dest_status/2
+      handle_cast/2                 spawn_link_worker_process/1
+      handle_info/2                 spawn_link_worker_process/2
+      init/1                        spawn_worker_process/1
+      module_info/0                 spawn_worker_process/2
+      module_info/1                 start/0
+      rescan_config/0               start_link/0
+      rescan_config/1               stop/0
+      send_req/3                    stop_worker_process/1
+      send_req/4                    stream_close/1
+      send_req/5                    stream_next/1
+      send_req/6                    terminate/2
+      send_req_direct/4             trace_off/0
+      send_req_direct/5             trace_off/2
+      send_req_direct/6             trace_on/0
+      trace_on/2
+      ok
+      2>
+    </programlisting>
+    <para>
+      Notice the <literal>-A erlangPackages.ibrowse.env</literal>.That
+      is the key to this functionality.
+    </para>
+  </section>
+  <section xml:id="creating-a-shell">
+    <title>Creating a Shell</title>
+    <para>
+      Getting access to an environment often isn't enough to do real
+      development. Many times we need to create a
+      <literal>shell.nix</literal> file and do our development inside
+      of the environment specified by that file. This file looks a lot
+      like the packageing described above. The main difference is that
+      <literal>src</literal> points to project root and we call the
+      package directly.
+    </para>
+    <programlisting>
+{ pkgs ? import &quot;&lt;nixpkgs&quot;&gt; {} }:
+
+with pkgs;
+
+let
+
+  f = { buildHex, ibrowse, jsx, erlware_commons }:
+      buildHex {
+        name = "hex2nix";
+        version = "0.1.0";
+        src = ./.;
+        erlangDeps = [ ibrowse jsx erlware_commons ];
+      };
+  drv = erlangPackages.callPackage f {};
+
+in
+ drv
+    </programlisting>
+    <section xml:id="building-in-a-shell">
+    <title>Building in a shell</title>
+    <para>
+      Unfortunatly for us users of Nix, Rebar isn't very cooperative
+      with us from the standpoint of building a hermetic
+      environment. When building the rebar3 support we had to do some
+      sneaky things to get it not to go out and pull packages on its
+      own. Also unfortunately, you have to do some of the same things
+      when building a project inside of a Nix shell.
+
+      <orderedlist numeration="arabic">
+        <listitem>
+          <para>Run <literal>rebar3-nix-bootstrap</literal> every time
+          dependencies change</para>
+        </listitem>
+        <listitem>
+          <para>Set Home to the current directory.</para>
+        </listitem>
+      </orderedlist>
+
+      If you do these two things then Rebar will be happy with you. I
+      codify these into a makefile. Forunately, rebar3-nix-bootstrap
+      is idempotent and fairly quick. so you can run it as often as
+      you like.
+    </para>
+    <programlisting>
+# =============================================================================
+# Rules
+# =============================================================================
+.PHONY= all test clean repl shell build test analyze bootstrap
+
+all: test
+
+clean:
+        rm -rf _build
+        rm -rf .cache
+
+repl:
+        nix-shell --run "erl"
+
+shell:
+        nix-shell --run "bash"
+
+bootstrap:
+        nix-shell --pure --run "rebar3-nix-bootstrap"
+
+build: bootstrap
+        nix-shell --pure --run "HOME=$(CURDIR) rebar3 compile"
+
+analyze: bootstrap
+        nix-shell --pure --run "HOME=$(CURDIR) rebar3 do compile,dialyzer"
+
+test: bootstrap
+        nix-shell --pure --run "HOME=$(CURDIR) rebar3 do compile,dialyzer,eunit"
+
+    </programlisting>
+    <para>
+      If you add the <literal>shell.nix</literal> as described and
+      user rebar as follows things should simply work.
+    </para>
+  </section>
+</section>
+</section>
+<section xml:id="generating-packages-from-hex-with-hex2nix">
+  <title>Generating Packages from Hex with Hex2Nix</title>
+  <para>
+    Updating the Hex packages requires the use of the
+    <literal>hex2nix</literal> tool. Given the path to the Erlang
+    modules (usually
+    <literal>pkgs/development/erlang-modules</literal>). It will
+    happily dump a file called
+    <literal>hex-packages.nix</literal>. That file will contain all
+    the packages that use a recognized build system in Hex. However,
+    it can't know whether or not all those packages are buildable.
+    </para>
+    <para>
+      To make life easier for our users, it makes good sense to go
+      ahead and attempt to build all those packages and remove the
+      ones that don't build. To do that, simply run the command (in
+      the root of your <literal>nixpkgs</literal> repository). that follows.
+    </para>
+    <programlisting>
+$ nix-build -A erlangPackages
+    </programlisting>
+    <para>
+      That will build every package in
+      <literal>erlangPackages</literal>. Then you can go through and
+      manually remove the ones that fail. Hopefully, someone will
+      improve <literal>hex2nix</literal> in the future to automate
+      that.
+    </para>
+</section>
+</chapter>
--- a/doc/functions.xml
+++ b/doc/functions.xml
@@ -8,253 +8,198 @@
  The nixpkgs repository has several utility functions to manipulate Nix expressions.
 </para>

-<section xml:id="sec-overrides">
-  <title>Overriding</title>
+<section xml:id="sec-pkgs-overridePackages">
+  <title>pkgs.overridePackages</title>

  <para>
-    Sometimes one wants to override parts of
-    <literal>nixpkgs</literal>, e.g. derivation attributes, the results of
-    derivations or even the whole package set.
+    This function inside the nixpkgs expression (<varname>pkgs</varname>)
+    can be used to override the set of packages itself.
+  </para>
+  <para>
+    Warning: this function is expensive and must not be used from within
+    the nixpkgs repository.
+  </para>
+  <para>
+    Example usage:
+
+    <programlisting>let
+  pkgs = import &lt;nixpkgs&gt; {};
+  newpkgs = pkgs.overridePackages (self: super: {
+    foo = super.foo.override { ... };
+  };
+in ...</programlisting>
  </para>

-  <section xml:id="sec-pkg-override">
-    <title>&lt;pkg&gt;.override</title>
+  <para>
+    The resulting <varname>newpkgs</varname> will have the new <varname>foo</varname>
+    expression, and all other expressions depending on <varname>foo</varname> will also
+    use the new <varname>foo</varname> expression.
+  </para>

-    <para>
-      The function <varname>override</varname> is usually available for all the
-      derivations in the nixpkgs expression (<varname>pkgs</varname>).
-    </para>
-    <para>
-      It is used to override the arguments passed to a function.
-    </para>
-    <para>
-      Example usages:
+  <para>
+    The behavior of this function is similar to <link 
+    linkend="sec-modify-via-packageOverrides">config.packageOverrides</link>.
+  </para>

-      <programlisting>pkgs.foo.override { arg1 = val1; arg2 = val2; ... }</programlisting>
-      <programlisting>import pkgs.path { overlays = [ (self: super: {
-    foo = super.foo.override { barSupport = true ; };
-  })]};</programlisting>
-      <programlisting>mypkg = pkgs.callPackage ./mypkg.nix {
-    mydep = pkgs.mydep.override { ... };
-  }</programlisting>
-    </para>
+  <para>
+    The <varname>self</varname> parameter refers to the final package set with the
+    applied overrides. Using this parameter may lead to infinite recursion if not
+    used consciously.
+  </para>

-    <para>
-      In the first example, <varname>pkgs.foo</varname> is the result of a function call
-      with some default arguments, usually a derivation.
-      Using <varname>pkgs.foo.override</varname> will call the same function with
-      the given new arguments.
-    </para>
-
-  </section>
-
-  <section xml:id="sec-pkg-overrideAttrs">
-    <title>&lt;pkg&gt;.overrideAttrs</title>
-
-    <para>
-      The function <varname>overrideAttrs</varname> allows overriding the
-      attribute set passed to a <varname>stdenv.mkDerivation</varname> call,
-      producing a new derivation based on the original one.
-      This function is available on all derivations produced by the
-      <varname>stdenv.mkDerivation</varname> function, which is most packages
-      in the nixpkgs expression <varname>pkgs</varname>.
-    </para>
-
-    <para>
-      Example usage:
-
-      <programlisting>helloWithDebug = pkgs.hello.overrideAttrs (oldAttrs: rec {
-    separateDebugInfo = true;
-  });</programlisting>
-    </para>
-
-    <para>
-      In the above example, the <varname>separateDebugInfo</varname> attribute is
-      overridden to be true, thus building debug info for
-      <varname>helloWithDebug</varname>, while all other attributes will be
-      retained from the original <varname>hello</varname> package.
-    </para>
-
-    <para>
-      The argument <varname>oldAttrs</varname> is conventionally used to refer to
-      the attr set originally passed to <varname>stdenv.mkDerivation</varname>.
-    </para>
-
-    <note>
-      <para>
-        Note that <varname>separateDebugInfo</varname> is processed only by the
-        <varname>stdenv.mkDerivation</varname> function, not the generated, raw
-        Nix derivation. Thus, using <varname>overrideDerivation</varname> will
-        not work in this case, as it overrides only the attributes of the final
-        derivation. It is for this reason that <varname>overrideAttrs</varname>
-        should be preferred in (almost) all cases to
-        <varname>overrideDerivation</varname>, i.e. to allow using
-        <varname>sdenv.mkDerivation</varname> to process input arguments, as well
-        as the fact that it is easier to use (you can use the same attribute
-        names you see in your Nix code, instead of the ones generated (e.g.
-        <varname>buildInputs</varname> vs <varname>nativeBuildInputs</varname>,
-        and involves less typing.
-      </para>
-    </note>
-
-  </section>
-
-
-  <section xml:id="sec-pkg-overrideDerivation">
-    <title>&lt;pkg&gt;.overrideDerivation</title>
-
-    <warning>
-      <para>You should prefer <varname>overrideAttrs</varname> in almost all
-      cases, see its documentation for the reasons why.
-      <varname>overrideDerivation</varname> is not deprecated and will continue
-      to work, but is less nice to use and does not have as many abilities as
-      <varname>overrideAttrs</varname>.
-      </para>
-    </warning>
-
-    <warning>
-      <para>Do not use this function in Nixpkgs as it evaluates a Derivation
-      before modifying it, which breaks package abstraction and removes
-      error-checking of function arguments. In addition, this
-      evaluation-per-function application incurs a performance penalty,
-      which can become a problem if many overrides are used.
-      It is only intended for ad-hoc customisation, such as in
-      <filename>~/.config/nixpkgs/config.nix</filename>.
-    </para>
-    </warning>
-
-    <para>
-      The function <varname>overrideDerivation</varname> creates a new derivation
-      based on an existing one by overriding the original's attributes with
-      the attribute set produced by the specified function.
-      This function is available on all
-      derivations defined using the <varname>makeOverridable</varname> function.
-      Most standard derivation-producing functions, such as
-      <varname>stdenv.mkDerivation</varname>, are defined using this
-      function, which means most packages in the nixpkgs expression,
-      <varname>pkgs</varname>, have this function.
-    </para>
-
-    <para>
-      Example usage:
-
-      <programlisting>mySed = pkgs.gnused.overrideDerivation (oldAttrs: {
-    name = "sed-4.2.2-pre";
-    src = fetchurl {
-      url = ftp://alpha.gnu.org/gnu/sed/sed-4.2.2-pre.tar.bz2;
-      sha256 = "11nq06d131y4wmf3drm0yk502d2xc6n5qy82cg88rb9nqd2lj41k";
-    };
-    patches = [];
-  });</programlisting>
-    </para>
-
-    <para>
-      In the above example, the <varname>name</varname>, <varname>src</varname>,
-      and <varname>patches</varname> of the derivation will be overridden, while
-      all other attributes will be retained from the original derivation.
-    </para>
-
-    <para>
-      The argument <varname>oldAttrs</varname> is used to refer to the attribute set of
-      the original derivation.
-    </para>
-
-    <note>
-      <para>
-        A package's attributes are evaluated *before* being modified by
-        the <varname>overrideDerivation</varname> function.
-        For example, the <varname>name</varname> attribute reference
-        in <varname>url = "mirror://gnu/hello/${name}.tar.gz";</varname>
-        is filled-in *before* the <varname>overrideDerivation</varname> function
-        modifies the attribute set. This means that overriding the
-        <varname>name</varname> attribute, in this example, *will not* change the
-        value of the <varname>url</varname> attribute. Instead, we need to override
-        both the <varname>name</varname> *and* <varname>url</varname> attributes.
-      </para>
-    </note>
-
-  </section>
-
-  <section xml:id="sec-lib-makeOverridable">
-    <title>lib.makeOverridable</title>
-
-    <para>
-      The function <varname>lib.makeOverridable</varname> is used to make the result
-      of a function easily customizable. This utility only makes sense for functions
-      that accept an argument set and return an attribute set.
-    </para>
-
-    <para>
-      Example usage:
-
-      <programlisting>f = { a, b }: { result = a+b; }
-  c = lib.makeOverridable f { a = 1; b = 2; }</programlisting>
-
-    </para>
-
-    <para>
-      The variable <varname>c</varname> is the value of the <varname>f</varname> function
-      applied with some default arguments. Hence the value of <varname>c.result</varname>
-      is <literal>3</literal>, in this example.
-    </para>
-
-    <para>
-      The variable <varname>c</varname> however also has some additional functions, like
-      <link linkend="sec-pkg-override">c.override</link> which can be used to
-      override the default arguments. In this example the value of
-      <varname>(c.override { a = 4; }).result</varname> is 6.
-    </para>
-
-  </section>
+  <para>
+    The <varname>super</varname> parameter refers to the old package set.
+    It's equivalent to <varname>pkgs</varname> in the above example.
+  </para>

 </section>

-<section xml:id="sec-generators">
-  <title>Generators</title>
+<section xml:id="sec-pkg-override">
+  <title>&lt;pkg&gt;.override</title>

  <para>
-    Generators are functions that create file formats from nix
-    data structures, e. g. for configuration files.
-    There are generators available for: <literal>INI</literal>,
-    <literal>JSON</literal> and <literal>YAML</literal>
+    The function <varname>override</varname> is usually available for all the
+    derivations in the nixpkgs expression (<varname>pkgs</varname>).
+  </para>
+  <para>
+    It is used to override the arguments passed to a function.
+  </para>
+  <para>
+    Example usages:
+
+    <programlisting>pkgs.foo.override { arg1 = val1; arg2 = val2; ... }</programlisting>
+    <programlisting>pkgs.overridePackages (self: super: {
+  foo = super.foo.override { barSupport = true ; };
+})</programlisting>
+    <programlisting>mypkg = pkgs.callPackage ./mypkg.nix {
+  mydep = pkgs.mydep.override { ... };
+})</programlisting>
  </para>

  <para>
-    All generators follow a similar call interface: <code>generatorName
-    configFunctions data</code>, where <literal>configFunctions</literal> is a
-    set of user-defined functions that format variable parts of the content.
-    They each have common defaults, so often they do not need to be set
-    manually. An example is <code>mkSectionName ? (name: libStr.escape [ "[" "]"
-    ] name)</code> from the <literal>INI</literal> generator. It gets the name
-    of a section and returns a sanitized name. The default
-    <literal>mkSectionName</literal> escapes <literal>[</literal> and
-    <literal>]</literal> with a backslash.
+    In the first example, <varname>pkgs.foo</varname> is the result of a function call
+    with some default arguments, usually a derivation.
+    Using <varname>pkgs.foo.override</varname> will call the same function with
+    the given new arguments.
  </para>

-  <note><para>Nix store paths can be converted to strings by enclosing a
-  derivation attribute like so: <code>"${drv}"</code>.</para></note>
+</section>
+
+<section xml:id="sec-pkg-overrideDerivation">
+  <title>&lt;pkg&gt;.overrideDerivation</title>
+
+  <warning>
+    <para>Do not use this function in Nixpkgs. Because it breaks
+    package abstraction and doesn’t provide error checking for
+    function arguments, it is only intended for ad-hoc customisation
+    (such as in <filename>~/.nixpkgs/config.nix</filename>).</para>
+  </warning>

  <para>
-    Detailed documentation for each generator can be found in
-    <literal>lib/generators.nix</literal>.
+    The function <varname>overrideDerivation</varname> is usually available for all the
+    derivations in the nixpkgs expression (<varname>pkgs</varname>).
+  </para> 
+  <para>
+    It is used to create a new derivation by overriding the attributes of
+    the original derivation according to the given function.
+  </para>
+
+  <para>
+    Example usage:
+
+    <programlisting>mySed = pkgs.gnused.overrideDerivation (oldAttrs: {
+  name = "sed-4.2.2-pre";
+  src = fetchurl {
+    url = ftp://alpha.gnu.org/gnu/sed/sed-4.2.2-pre.tar.bz2;
+    sha256 = "11nq06d131y4wmf3drm0yk502d2xc6n5qy82cg88rb9nqd2lj41k";
+  };
+  patches = [];
+});</programlisting>
+  </para>
+
+  <para>
+    In the above example, the name, src and patches of the derivation
+    will be overridden, while all other attributes will be retained from the
+    original derivation.
+  </para>
+
+  <para>
+    The argument <varname>oldAttrs</varname> is used to refer to the attribute set of
+    the original derivation.
+  </para>
+
+</section>
+
+<section xml:id="sec-lib-makeOverridable">
+  <title>lib.makeOverridable</title>
+
+  <para>
+    The function <varname>lib.makeOverridable</varname> is used to make the result
+    of a function easily customizable. This utility only makes sense for functions
+    that accept an argument set and return an attribute set.
+  </para>
+
+  <para>
+    Example usage:
+
+    <programlisting>f = { a, b }: { result = a+b; }
+c = lib.makeOverridable f { a = 1; b = 2; }</programlisting>
+
+  </para>
+
+  <para>
+    The variable <varname>c</varname> is the value of the <varname>f</varname> function
+    applied with some default arguments. Hence the value of <varname>c.result</varname>
+    is <literal>3</literal>, in this example.
+  </para>
+
+  <para>
+    The variable <varname>c</varname> however also has some additional functions, like
+    <link linkend="sec-pkg-override">c.override</link> which can be used to
+    override the default arguments. In this example the value of
+    <varname>(c.override { a = 4; }).result</varname> is 6.
  </para>

 </section>


 <section xml:id="sec-fhs-environments">
-  <title>buildFHSUserEnv</title>
+  <title>buildFHSChrootEnv/buildFHSUserEnv</title>

  <para>
-    <function>buildFHSUserEnv</function> provides a way to build and run
-    FHS-compatible lightweight sandboxes. It creates an isolated root with
-    bound <filename>/nix/store</filename>, so its footprint in terms of disk
+    <function>buildFHSChrootEnv</function> and
+    <function>buildFHSUserEnv</function> provide a way to build and run
+    FHS-compatible lightweight sandboxes. They get their own isolated root with
+    binded <filename>/nix/store</filename>, so their footprint in terms of disk
    space needed is quite small. This allows one to run software which is hard or
    unfeasible to patch for NixOS -- 3rd-party source trees with FHS assumptions,
    games distributed as tarballs, software with integrity checking and/or external
-    self-updated binaries. It uses Linux namespaces feature to create
+    self-updated binaries.
+  </para>
+
+  <para>
+    <function>buildFHSChrootEnv</function> allows to create persistent
+    environments, which can be constructed, deconstructed and entered by
+    multiple users at once. A downside is that it requires
+    <literal>root</literal> access for both those who create and destroy and
+    those who enter it. It can be useful to create environments for daemons that
+    one can enter and observe.
+  </para>
+
+  <para>
+    <function>buildFHSUserEnv</function> uses Linux namespaces feature to create
    temporary lightweight environments which are destroyed after all child
-    processes exit, without root user rights requirement. Accepted arguments are:
+    processes exit. It does not require root access, and can be useful to create
+    sandboxes and wrap applications.
+  </para>
+
+  <para>
+    Those functions both rely on <function>buildFHSEnv</function>, which creates
+    an actual directory structure given a list of necessary packages and extra
+    build commands.
+    <function>buildFHSChrootEnv</function> and <function>buildFHSUserEnv</function>
+    both accept those arguments which are passed to
+    <function>buildFHSEnv</function>:
  </para>

  <variablelist>
@@ -268,16 +213,14 @@
    <term><literal>targetPkgs</literal></term>

    <listitem><para>Packages to be installed for the main host's architecture
-    (i.e. x86_64 on x86_64 installations). Along with libraries binaries are also
-    installed.</para></listitem>
+    (i.e. x86_64 on x86_64 installations).</para></listitem>
    </varlistentry>

    <varlistentry>
    <term><literal>multiPkgs</literal></term>

    <listitem><para>Packages to be installed for all architectures supported by
-    a host (i.e. i686 and x86_64 on x86_64 installations). Only libraries are
-    installed by default.</para></listitem>
+    a host (i.e. i686 and x86_64 on x86_64 installations).</para></listitem>
    </varlistentry>

    <varlistentry>
@@ -290,33 +233,29 @@
    <varlistentry>
    <term><literal>extraBuildCommandsMulti</literal></term>

-    <listitem><para>Like <literal>extraBuildCommands</literal>, but
+    <listitem><para>Like <literal>extraBuildCommandsMulti</literal>, but
    executed only on multilib architectures.</para></listitem>
    </varlistentry>
-
-    <varlistentry>
-    <term><literal>extraOutputsToInstall</literal></term>
-
-    <listitem><para>Additional derivation outputs to be linked for both
-    target and multi-architecture packages.</para></listitem>
-    </varlistentry>
-
-    <varlistentry>
-    <term><literal>extraInstallCommands</literal></term>
-
-    <listitem><para>Additional commands to be executed for finalizing the
-    derivation with runner script.</para></listitem>
-    </varlistentry>
-
-    <varlistentry>
-    <term><literal>runScript</literal></term>
-
-    <listitem><para>A command that would be executed inside the sandbox and
-    passed all the command line arguments. It defaults to
-    <literal>bash</literal>.</para></listitem>
-    </varlistentry>
  </variablelist>

+  <para>
+    Additionally, <function>buildFHSUserEnv</function> accepts
+    <literal>runScript</literal> parameter, which is a command that would be
+    executed inside the sandbox and passed all the command line arguments. It
+    default to <literal>bash</literal>.
+  </para>
+  <para>
+    It also uses <literal>CHROOTENV_EXTRA_BINDS</literal> environment variable
+    for binding extra directories in the sandbox to outside places. The format of
+    the variable is <literal>/mnt=test-mnt:/data</literal>, where
+    <literal>/mnt</literal> would be mounted as <literal>/test-mnt</literal>
+    and <literal>/data</literal> would be mounted as <literal>/data</literal>.
+    <literal>extraBindMounts</literal> array argument to
+    <function>buildFHSUserEnv</function> function is prepended to this variable.
+    Latter entries take priority if defined several times -- i.e. in case of
+    <literal>/data=data1:/data=data2</literal> the actual bind path would be
+    <literal>/data2</literal>.
+  </para>
  <para>
    One can create a simple environment using a <literal>shell.nix</literal>
    like that:
@@ -353,37 +292,37 @@
 </section>

 <section xml:id="sec-pkgs-dockerTools">
-<title>pkgs.dockerTools</title>
+ <title>pkgs.dockerTools</title>

-<para>
+ <para>
  <varname>pkgs.dockerTools</varname> is a set of functions for creating and
  manipulating Docker images according to the
  <link xlink:href="https://github.com/docker/docker/blob/master/image/spec/v1.md#docker-image-specification-v100">
-  Docker Image Specification v1.0.0
+   Docker Image Specification v1.0.0
  </link>. Docker itself is not used to perform any of the operations done by these
  functions.
-</para>
+ </para>

-<warning>
+ <warning>
  <para>
-  The <varname>dockerTools</varname> API is unstable and may be subject to
-  backwards-incompatible changes in the future.
+   The <varname>dockerTools</varname> API is unstable and may be subject to
+   backwards-incompatible changes in the future.
  </para>
-</warning>
+ </warning>

-<section xml:id="ssec-pkgs-dockerTools-buildImage">
+ <section xml:id="ssec-pkgs-dockerTools-buildImage">
  <title>buildImage</title>

  <para>
-  This function is analogous to the <command>docker build</command> command,
-  in that can used to build a Docker-compatible repository tarball containing
-  a single image with one or multiple layers. As such, the result
-  is suitable for being loaded in Docker with <command>docker load</command>.
+   This function is analogous to the <command>docker build</command> command,
+   in that can used to build a Docker-compatible repository tarball containing
+   a single image with one or multiple layers. As such, the result
+   is suitable for being loaded in Docker with <command>docker load</command>.
  </para>

  <para>
-  The parameters of <varname>buildImage</varname> with relative example values are
-  described below:
+   The parameters of <varname>buildImage</varname> with relative example values are
+   described below:
  </para>

  <example xml:id='ex-dockerTools-buildImage'><title>Docker build</title>
@@ -391,11 +330,11 @@
  buildImage {
    name = "redis"; <co xml:id='ex-dockerTools-buildImage-1' />
    tag = "latest"; <co xml:id='ex-dockerTools-buildImage-2' />
-
+    
    fromImage = someBaseImage; <co xml:id='ex-dockerTools-buildImage-3' />
    fromImageName = null; <co xml:id='ex-dockerTools-buildImage-4' />
    fromImageTag = "latest"; <co xml:id='ex-dockerTools-buildImage-5' />
-
+    
    contents = pkgs.redis; <co xml:id='ex-dockerTools-buildImage-6' />
    runAsRoot = '' <co xml:id='ex-dockerTools-buildImage-runAsRoot' />
      #!${stdenv.shell}
@@ -414,147 +353,131 @@
  </example>

  <para>The above example will build a Docker image <literal>redis/latest</literal>
-  from the given base image. Loading and running this image in Docker results in
-  <literal>redis-server</literal> being started automatically.
+   from the given base image. Loading and running this image in Docker results in
+   <literal>redis-server</literal> being started automatically.
  </para>

  <calloutlist>
-  <callout arearefs='ex-dockerTools-buildImage-1'>
+   <callout arearefs='ex-dockerTools-buildImage-1'>
    <para>
-    <varname>name</varname> specifies the name of the resulting image.
-    This is the only required argument for <varname>buildImage</varname>.
+     <varname>name</varname> specifies the name of the resulting image.
+     This is the only required argument for <varname>buildImage</varname>.
    </para>
-  </callout>
+   </callout>

-  <callout arearefs='ex-dockerTools-buildImage-2'>
+   <callout arearefs='ex-dockerTools-buildImage-2'>
    <para>
-    <varname>tag</varname> specifies the tag of the resulting image.
-    By default it's <literal>latest</literal>.
+     <varname>tag</varname> specifies the tag of the resulting image.
+     By default it's <literal>latest</literal>.
    </para>
-  </callout>
+   </callout>

-  <callout arearefs='ex-dockerTools-buildImage-3'>
+   <callout arearefs='ex-dockerTools-buildImage-3'>
    <para>
-    <varname>fromImage</varname> is the repository tarball containing the base image.
-    It must be a valid Docker image, such as exported by <command>docker save</command>.
-    By default it's <literal>null</literal>, which can be seen as equivalent
-    to <literal>FROM scratch</literal> of a <filename>Dockerfile</filename>.
+     <varname>fromImage</varname> is the repository tarball containing the base image.
+     It must be a valid Docker image, such as exported by <command>docker save</command>.
+     By default it's <literal>null</literal>, which can be seen as equivalent
+     to <literal>FROM scratch</literal> of a <filename>Dockerfile</filename>.
    </para>
-  </callout>
-
-  <callout arearefs='ex-dockerTools-buildImage-4'>
+   </callout>
+   
+   <callout arearefs='ex-dockerTools-buildImage-4'>
    <para>
-    <varname>fromImageName</varname> can be used to further specify
-    the base image within the repository, in case it contains multiple images.
-    By default it's <literal>null</literal>, in which case
-    <varname>buildImage</varname> will peek the first image available
-    in the repository.
+     <varname>fromImageName</varname> can be used to further specify
+     the base image within the repository, in case it contains multiple images.
+     By default it's <literal>null</literal>, in which case
+     <varname>buildImage</varname> will peek the first image available
+     in the repository.
    </para>
-  </callout>
+   </callout>

-  <callout arearefs='ex-dockerTools-buildImage-5'>
+   <callout arearefs='ex-dockerTools-buildImage-5'>
    <para>
-    <varname>fromImageTag</varname> can be used to further specify the tag
-    of the base image within the repository, in case an image contains multiple tags.
-    By default it's <literal>null</literal>, in which case
-    <varname>buildImage</varname> will peek the first tag available for the base image.
+     <varname>fromImageTag</varname> can be used to further specify the tag
+     of the base image within the repository, in case an image contains multiple tags.
+     By default it's <literal>null</literal>, in which case
+     <varname>buildImage</varname> will peek the first tag available for the base image.
    </para>
-  </callout>
+   </callout>

-  <callout arearefs='ex-dockerTools-buildImage-6'>
+   <callout arearefs='ex-dockerTools-buildImage-6'>
    <para>
-    <varname>contents</varname> is a derivation that will be copied in the new
-    layer of the resulting image. This can be similarly seen as
-    <command>ADD contents/ /</command> in a <filename>Dockerfile</filename>.
-    By default it's <literal>null</literal>.
+     <varname>contents</varname> is a derivation that will be copied in the new
+     layer of the resulting image. This can be similarly seen as
+     <command>ADD contents/ /</command> in a <filename>Dockerfile</filename>.
+     By default it's <literal>null</literal>.
    </para>
-  </callout>
+   </callout>

-  <callout arearefs='ex-dockerTools-buildImage-runAsRoot'>
+   <callout arearefs='ex-dockerTools-buildImage-runAsRoot'>
    <para>
-    <varname>runAsRoot</varname> is a bash script that will run as root
-    in an environment that overlays the existing layers of the base image with
-    the new resulting layer, including the previously copied
-    <varname>contents</varname> derivation.
-    This can be similarly seen as
-    <command>RUN ...</command> in a <filename>Dockerfile</filename>.
-
-    <note>
+     <varname>runAsRoot</varname> is a bash script that will run as root
+     in an environment that overlays the existing layers of the base image with
+     the new resulting layer, including the previously copied
+     <varname>contents</varname> derivation.
+     This can be similarly seen as
+     <command>RUN ...</command> in a <filename>Dockerfile</filename>.
+     
+     <note>
      <para>
-      Using this parameter requires the <literal>kvm</literal>
-      device to be available.
+       Using this parameter requires the <literal>kvm</literal>
+       device to be available.
      </para>
-    </note>
+     </note>
    </para>
-  </callout>
+   </callout>

-  <callout arearefs='ex-dockerTools-buildImage-8'>
+   <callout arearefs='ex-dockerTools-buildImage-8'>
    <para>
-    <varname>config</varname> is used to specify the configuration of the
-    containers that will be started off the built image in Docker.
-    The available options are listed in the
-    <link xlink:href="https://github.com/docker/docker/blob/master/image/spec/v1.md#container-runconfig-field-descriptions">
+     <varname>config</varname> is used to specify the configuration of the
+     containers that will be started off the built image in Docker.
+     The available options are listed in the
+     <link xlink:href="https://github.com/docker/docker/blob/master/image/spec/v1.md#container-runconfig-field-descriptions">
      Docker Image Specification v1.0.0
-    </link>.
+     </link>.
    </para>
-  </callout>
+   </callout>

  </calloutlist>

  <para>
-  After the new layer has been created, its closure
-  (to which <varname>contents</varname>, <varname>config</varname> and
-  <varname>runAsRoot</varname> contribute) will be copied in the layer itself.
-  Only new dependencies that are not already in the existing layers will be copied.
+   After the new layer has been created, its closure
+   (to which <varname>contents</varname>, <varname>config</varname> and
+   <varname>runAsRoot</varname> contribute) will be copied in the layer itself.
+   Only new dependencies that are not already in the existing layers will be copied.
  </para>

  <para>
-  At the end of the process, only one new single layer will be produced and
-  added to the resulting image.
+   At the end of the process, only one new single layer will be produced and
+   added to the resulting image.
  </para>

  <para>
-  The resulting repository will only list the single image
-  <varname>image/tag</varname>. In the case of <xref linkend='ex-dockerTools-buildImage'/>
-  it would be <varname>redis/latest</varname>.
+   The resulting repository will only list the single image
+   <varname>image/tag</varname>. In the case of <xref linkend='ex-dockerTools-buildImage'/>
+   it would be <varname>redis/latest</varname>.
  </para>

  <para>
-  It is possible to inspect the arguments with which an image was built
-  using its <varname>buildArgs</varname> attribute.
+   It is possible to inspect the arguments with which an image was built
+   using its <varname>buildArgs</varname> attribute.
  </para>

+ </section>

-
-  <note>
-  <para>
-  If you see errors similar to <literal>getProtocolByName: does not exist (no such protocol name: tcp)</literal>
-  you may need to add <literal>pkgs.iana_etc</literal> to <varname>contents</varname>.
-  </para>
-  </note>
-
-  <note>
-  <para>
-  If you see errors similar to <literal>Error_Protocol ("certificate has unknown CA",True,UnknownCa)</literal>
-  you may need to add <literal>pkgs.cacert</literal> to <varname>contents</varname>.
-  </para>
-  </note>
-
-</section>
-
-<section xml:id="ssec-pkgs-dockerTools-fetchFromRegistry">
+ <section xml:id="ssec-pkgs-dockerTools-fetchFromRegistry">
  <title>pullImage</title>

  <para>
-  This function is analogous to the <command>docker pull</command> command,
-  in that can be used to fetch a Docker image from a Docker registry.
-  Currently only registry <literal>v1</literal> is supported.
-  By default <link xlink:href="https://hub.docker.com/">Docker Hub</link>
-  is used to pull images.
+   This function is analogous to the <command>docker pull</command> command,
+   in that can be used to fetch a Docker image from a Docker registry.
+   Currently only registry <literal>v1</literal> is supported.
+   By default <link xlink:href="https://hub.docker.com/">Docker Hub</link>
+   is used to pull images.
  </para>

  <para>
-  Its parameters are described in the example below:
+   Its parameters are described in the example below:
  </para>

  <example xml:id='ex-dockerTools-pullImage'><title>Docker pull</title>
@@ -572,73 +495,73 @@
  </example>

  <calloutlist>
-  <callout arearefs='ex-dockerTools-pullImage-1'>
+   <callout arearefs='ex-dockerTools-pullImage-1'>
    <para>
-    <varname>imageName</varname> specifies the name of the image to be downloaded,
-    which can also include the registry namespace (e.g. <literal>library/debian</literal>).
-    This argument is required.
+     <varname>imageName</varname> specifies the name of the image to be downloaded,
+     which can also include the registry namespace (e.g. <literal>library/debian</literal>).
+     This argument is required.
    </para>
-  </callout>
-
-  <callout arearefs='ex-dockerTools-pullImage-2'>
+   </callout>
+   
+   <callout arearefs='ex-dockerTools-pullImage-2'>
    <para>
-    <varname>imageTag</varname> specifies the tag of the image to be downloaded.
-    By default it's <literal>latest</literal>.
+     <varname>imageTag</varname> specifies the tag of the image to be downloaded.
+     By default it's <literal>latest</literal>.
    </para>
-  </callout>
+   </callout>

-  <callout arearefs='ex-dockerTools-pullImage-3'>
+   <callout arearefs='ex-dockerTools-pullImage-3'>
    <para>
-    <varname>imageId</varname>, if specified this exact image will be fetched, instead
-    of <varname>imageName/imageTag</varname>. However, the resulting repository
-    will still be named <varname>imageName/imageTag</varname>.
-    By default it's <literal>null</literal>.
+     <varname>imageId</varname>, if specified this exact image will be fetched, instead
+     of <varname>imageName/imageTag</varname>. However, the resulting repository
+     will still be named <varname>imageName/imageTag</varname>.
+     By default it's <literal>null</literal>.
    </para>
-  </callout>
+   </callout>

-  <callout arearefs='ex-dockerTools-pullImage-4'>
+   <callout arearefs='ex-dockerTools-pullImage-4'>
    <para>
-    <varname>sha256</varname> is the checksum of the whole fetched image.
-    This argument is required.
+     <varname>sha256</varname> is the checksum of the whole fetched image.
+     This argument is required.
    </para>

    <note>
-    <para>The checksum is computed on the unpacked directory, not on the final tarball.</para>
+     <para>The checksum is computed on the unpacked directory, not on the final tarball.</para>
    </note>

-  </callout>
+   </callout>

-  <callout arearefs='ex-dockerTools-pullImage-5'>
+   <callout arearefs='ex-dockerTools-pullImage-5'>
    <para>
-    In the above example the default values are shown for the variables
-    <varname>indexUrl</varname> and <varname>registryVersion</varname>.
-    Hence by default the Docker.io registry is used to pull the images.
+     In the above example the default values are shown for the variables
+     <varname>indexUrl</varname> and <varname>registryVersion</varname>.
+     Hence by default the Docker.io registry is used to pull the images.
    </para>
-  </callout>
+   </callout>
  </calloutlist>
-
-</section>
-
-<section xml:id="ssec-pkgs-dockerTools-exportImage">
+   
+ </section>
+  
+ <section xml:id="ssec-pkgs-dockerTools-exportImage">
  <title>exportImage</title>

  <para>
-  This function is analogous to the <command>docker export</command> command,
-  in that can used to flatten a Docker image that contains multiple layers.
-  It is in fact the result of the merge of all the layers of the image.
-  As such, the result is suitable for being imported in Docker
-  with <command>docker import</command>.
+   This function is analogous to the <command>docker export</command> command,
+   in that can used to flatten a Docker image that contains multiple layers.
+   It is in fact the result of the merge of all the layers of the image.
+   As such, the result is suitable for being imported in Docker
+   with <command>docker import</command>.
  </para>

  <note>
-  <para>
+   <para>
    Using this function requires the <literal>kvm</literal>
    device to be available.
-  </para>
+   </para>
  </note>

  <para>
-  The parameters of <varname>exportImage</varname> are the following:
+   The parameters of <varname>exportImage</varname> are the following:
  </para>

  <example xml:id='ex-dockerTools-exportImage'><title>Docker export</title>
@@ -647,35 +570,35 @@
    fromImage = someLayeredImage;
    fromImageName = null;
    fromImageTag = null;
-
+    
    name = someLayeredImage.name;
  }
  </programlisting>
  </example>

  <para>
-  The parameters relative to the base image have the same synopsis as
-  described in <xref linkend='ssec-pkgs-dockerTools-buildImage'/>, except that
-  <varname>fromImage</varname> is the only required argument in this case.
+   The parameters relative to the base image have the same synopsis as
+   described in <xref linkend='ssec-pkgs-dockerTools-buildImage'/>, except that
+   <varname>fromImage</varname> is the only required argument in this case.
  </para>

  <para>
-  The <varname>name</varname> argument is the name of the derivation output,
-  which defaults to <varname>fromImage.name</varname>.
+   The <varname>name</varname> argument is the name of the derivation output,
+   which defaults to <varname>fromImage.name</varname>.
  </para>
-</section>
+ </section>

-<section xml:id="ssec-pkgs-dockerTools-shadowSetup">
+ <section xml:id="ssec-pkgs-dockerTools-shadowSetup">
  <title>shadowSetup</title>

  <para>
-  This constant string is a helper for setting up the base files for managing
-  users and groups, only if such files don't exist already.
-  It is suitable for being used in a
-  <varname>runAsRoot</varname> <xref linkend='ex-dockerTools-buildImage-runAsRoot'/> script for cases like
-  in the example below:
+   This constant string is a helper for setting up the base files for managing
+   users and groups, only if such files don't exist already.
+   It is suitable for being used in a
+   <varname>runAsRoot</varname> <xref linkend='ex-dockerTools-buildImage-runAsRoot'/> script for cases like
+   in the example below:
  </para>
-
+  
  <example xml:id='ex-dockerTools-shadowSetup'><title>Shadow base files</title>
  <programlisting>
  buildImage {
@@ -694,13 +617,13 @@
  </example>

  <para>
-  Creating base files like <literal>/etc/passwd</literal> or
-  <literal>/etc/login.defs</literal> are necessary for shadow-utils to
-  manipulate users and groups.
+   Creating base files like <literal>/etc/passwd</literal> or
+   <literal>/etc/login.defs</literal> are necessary for shadow-utils to
+   manipulate users and groups.
  </para>
-
-</section>
-
+  
+ </section>
+ 
 </section>

 </chapter>
--- a/doc/haskell-users-guide.md
+++ b/doc/haskell-users-guide.md
@@ -0,0 +1,784 @@
+---
+title: User's Guide for Haskell in Nixpkgs
+author: Peter Simons
+date: 2015-06-01
+---
+# User's Guide to the Haskell Infrastructure
+
+
+## How to install Haskell packages
+
+Nixpkgs distributes build instructions for all Haskell packages registered on
+[Hackage](http://hackage.haskell.org/), but strangely enough normal Nix package
+lookups don't seem to discover any of them, except for the default version of ghc, cabal-install, and stack:
+
+    $ nix-env -i alex
+    error: selector ‘alex’ matches no derivations
+    $ nix-env -qa ghc
+    ghc-7.10.2
+
+The Haskell package set is not registered in the top-level namespace because it
+is *huge*. If all Haskell packages were visible to these commands, then
+name-based search/install operations would be much slower than they are now. We
+avoided that by keeping all Haskell-related packages in a separate attribute
+set called `haskellPackages`, which the following command will list:
+
+    $ nix-env -f "<nixpkgs>" -qaP -A haskellPackages
+    haskellPackages.a50         a50-0.5
+    haskellPackages.abacate     haskell-abacate-0.0.0.0
+    haskellPackages.abcBridge   haskell-abcBridge-0.12
+    haskellPackages.afv         afv-0.1.1
+    haskellPackages.alex        alex-3.1.4
+    haskellPackages.Allure      Allure-0.4.101.1
+    haskellPackages.alms        alms-0.6.7
+    [... some 8000 entries omitted  ...]
+
+To install any of those packages into your profile, refer to them by their
+attribute path (first column):
+
+    $ nix-env -f "<nixpkgs>" -iA haskellPackages.Allure ...
+
+The attribute path of any Haskell packages corresponds to the name of that
+particular package on Hackage: the package `cabal-install` has the attribute
+`haskellPackages.cabal-install`, and so on. (Actually, this convention causes
+trouble with packages like `3dmodels` and `4Blocks`, because these names are
+invalid identifiers in the Nix language. The issue of how to deal with these
+rare corner cases is currently unresolved.)
+
+Haskell packages who's Nix name (second column) begins with a `haskell-` prefix
+are packages that provide a library whereas packages without that prefix
+provide just executables. Libraries may provide executables too, though: the
+package `haskell-pandoc`, for example, installs both a library and an
+application. You can install and use Haskell executables just like any other
+program in Nixpkgs, but using Haskell libraries for development is a bit
+trickier and we'll address that subject in great detail in section [How to
+create a development environment].
+
+Attribute paths are deterministic inside of Nixpkgs, but the path necessary to
+reach Nixpkgs varies from system to system. We dodged that problem by giving
+`nix-env` an explicit `-f "<nixpkgs>"` parameter, but if you call `nix-env`
+without that flag, then chances are the invocation fails:
+
+    $ nix-env -iA haskellPackages.cabal-install
+    error: attribute ‘haskellPackages’ in selection path
+           ‘haskellPackages.cabal-install’ not found
+
+On NixOS, for example, Nixpkgs does *not* exist in the top-level namespace by
+default. To figure out the proper attribute path, it's easiest to query for the
+path of a well-known Nixpkgs package, i.e.:
+
+    $ nix-env -qaP coreutils
+    nixos.coreutils  coreutils-8.23
+
+If your system responds like that (most NixOS installations will), then the
+attribute path to `haskellPackages` is `nixos.haskellPackages`. Thus, if you
+want to use `nix-env` without giving an explicit `-f` flag, then that's the way
+to do it:
+
+    $ nix-env -qaP -A nixos.haskellPackages
+    $ nix-env -iA nixos.haskellPackages.cabal-install
+
+Our current default compiler is GHC 7.10.x and the `haskellPackages` set
+contains packages built with that particular version. Nixpkgs contains the
+latest major release of every GHC since 6.10.4, however, and there is a whole
+family of package sets available that defines Hackage packages built with each
+of those compilers, too:
+
+    $ nix-env -f "<nixpkgs>" -qaP -A haskell.packages.ghc6123
+    $ nix-env -f "<nixpkgs>" -qaP -A haskell.packages.ghc763
+
+The name `haskellPackages` is really just a synonym for
+`haskell.packages.ghc7102`, because we prefer that package set internally and
+recommend it to our users as their default choice, but ultimately you are free
+to compile your Haskell packages with any GHC version you please. The following
+command displays the complete list of available compilers:
+
+    $ nix-env -f "<nixpkgs>" -qaP -A haskell.compiler
+    haskell.compiler.ghc6104        ghc-6.10.4
+    haskell.compiler.ghc6123        ghc-6.12.3
+    haskell.compiler.ghc704         ghc-7.0.4
+    haskell.compiler.ghc722         ghc-7.2.2
+    haskell.compiler.ghc742         ghc-7.4.2
+    haskell.compiler.ghc763         ghc-7.6.3
+    haskell.compiler.ghc784         ghc-7.8.4
+    haskell.compiler.ghc7102        ghc-7.10.2
+    haskell.compiler.ghcHEAD        ghc-7.11.20150402
+    haskell.compiler.ghcNokinds     ghc-nokinds-7.11.20150704
+    haskell.compiler.ghcjs          ghcjs-0.1.0
+    haskell.compiler.jhc            jhc-0.8.2
+    haskell.compiler.uhc            uhc-1.1.9.0
+
+We have no package sets for `jhc` or `uhc` yet, unfortunately, but for every
+version of GHC listed above, there exists a package set based on that compiler.
+Also, the attributes `haskell.compiler.ghcXYC` and
+`haskell.packages.ghcXYC.ghc` are synonymous for the sake of convenience.
+
+## How to create a development environment
+
+### How to install a compiler
+
+A simple development environment consists of a Haskell compiler and one or both
+of the tools `cabal-install` and `stack`. We saw in section
+[How to install Haskell packages] how you can install those programs into your
+user profile:
+
+    $ nix-env -f "<nixpkgs>" -iA haskellPackages.ghc haskellPackages.cabal-install
+
+Instead of the default package set `haskellPackages`, you can also use the more
+precise name `haskell.compiler.ghc7102`, which has the advantage that it refers
+to the same GHC version regardless of what Nixpkgs considers "default" at any
+given time.
+
+Once you've made those tools available in `$PATH`, it's possible to build
+Hackage packages the same way people without access to Nix do it all the time:
+
+    $ cabal get lens-4.11 && cd lens-4.11
+    $ cabal install -j --dependencies-only
+    $ cabal configure
+    $ cabal build
+
+If you enjoy working with Cabal sandboxes, then that's entirely possible too:
+just execute the command
+
+    $ cabal sandbox init
+
+before installing the required dependencies.
+
+The `nix-shell` utility makes it easy to switch to a different compiler
+version; just enter the Nix shell environment with the command
+
+    $ nix-shell -p haskell.compiler.ghc784
+
+to bring GHC 7.8.4 into `$PATH`. Alternatively, you can use Stack instead of
+`nix-shell` directly to select compiler versions and other build tools
+per-project. It uses `nix-shell` under the hood when Nix support is turned on.
+See [How to build a Haskell project using Stack].
+
+If you're using `cabal-install`, re-running `cabal configure` inside the spawned
+shell switches your build to use that compiler instead. If you're working on
+a project that doesn't depend on any additional system libraries outside of GHC,
+then it's even sufficient to just run the `cabal configure` command inside of
+the shell:
+
+    $ nix-shell -p haskell.compiler.ghc784 --command "cabal configure"
+
+Afterwards, all other commands like `cabal build` work just fine in any shell
+environment, because the configure phase recorded the absolute paths to all
+required tools like GHC in its build configuration inside of the `dist/`
+directory. Please note, however, that `nix-collect-garbage` can break such an
+environment because the Nix store paths created by `nix-shell` aren't "alive"
+anymore once `nix-shell` has terminated. If you find that your Haskell builds
+no longer work after garbage collection, then you'll have to re-run `cabal
+configure` inside of a new `nix-shell` environment.
+
+### How to install a compiler with libraries
+
+GHC expects to find all installed libraries inside of its own `lib` directory.
+This approach works fine on traditional Unix systems, but it doesn't work for
+Nix, because GHC's store path is immutable once it's built. We cannot install
+additional libraries into that location. As a consequence, our copies of GHC
+don't know any packages except their own core libraries, like `base`,
+`containers`, `Cabal`, etc.
+
+We can register additional libraries to GHC, however, using a special build
+function called `ghcWithPackages`. That function expects one argument: a
+function that maps from an attribute set of Haskell packages to a list of
+packages, which determines the libraries known to that particular version of
+GHC. For example, the Nix expression `ghcWithPackages (pkgs: [pkgs.mtl])`
+generates a copy of GHC that has the `mtl` library registered in addition to
+its normal core packages:
+
+    $ nix-shell -p "haskellPackages.ghcWithPackages (pkgs: [pkgs.mtl])"
+
+    [nix-shell:~]$ ghc-pkg list mtl
+    /nix/store/zy79...-ghc-7.10.2/lib/ghc-7.10.2/package.conf.d:
+        mtl-2.2.1
+
+This function allows users to define their own development environment by means
+of an override. After adding the following snippet to `~/.nixpkgs/config.nix`,
+
+    {
+      packageOverrides = super: let self = super.pkgs; in
+      {
+        myHaskellEnv = self.haskell.packages.ghc7102.ghcWithPackages
+                         (haskellPackages: with haskellPackages; [
+                           # libraries
+                           arrows async cgi criterion
+                           # tools
+                           cabal-install haskintex
+                         ]);
+      };
+    }
+
+it's possible to install that compiler with `nix-env -f "<nixpkgs>" -iA
+myHaskellEnv`. If you'd like to switch that development environment to a
+different version of GHC, just replace the `ghc7102` bit in the previous
+definition with the appropriate name. Of course, it's also possible to define
+any number of these development environments! (You can't install two of them
+into the same profile at the same time, though, because that would result in
+file conflicts.)
+
+The generated `ghc` program is a wrapper script that re-directs the real
+GHC executable to use a new `lib` directory --- one that we specifically
+constructed to contain all those packages the user requested:
+
+    $ cat $(type -p ghc)
+    #! /nix/store/xlxj...-bash-4.3-p33/bin/bash -e
+    export NIX_GHC=/nix/store/19sm...-ghc-7.10.2/bin/ghc
+    export NIX_GHCPKG=/nix/store/19sm...-ghc-7.10.2/bin/ghc-pkg
+    export NIX_GHC_DOCDIR=/nix/store/19sm...-ghc-7.10.2/share/doc/ghc/html
+    export NIX_GHC_LIBDIR=/nix/store/19sm...-ghc-7.10.2/lib/ghc-7.10.2
+    exec /nix/store/j50p...-ghc-7.10.2/bin/ghc "-B$NIX_GHC_LIBDIR" "$@"
+
+The variables `$NIX_GHC`, `$NIX_GHCPKG`, etc. point to the *new* store path
+`ghcWithPackages` constructed specifically for this environment. The last line
+of the wrapper script then executes the real `ghc`, but passes the path to the
+new `lib` directory using GHC's `-B` flag.
+
+The purpose of those environment variables is to work around an impurity in the
+popular [ghc-paths](http://hackage.haskell.org/package/ghc-paths) library. That
+library promises to give its users access to GHC's installation paths. Only,
+the library can't possible know that path when it's compiled, because the path
+GHC considers its own is determined only much later, when the user configures
+it through `ghcWithPackages`. So we [patched
+ghc-paths](https://github.com/NixOS/nixpkgs/blob/master/pkgs/development/haskell-modules/patches/ghc-paths-nix.patch)
+to return the paths found in those environment variables at run-time rather
+than trying to guess them at compile-time.
+
+To make sure that mechanism works properly all the time, we recommend that you
+set those variables to meaningful values in your shell environment, too, i.e.
+by adding the following code to your `~/.bashrc`:
+
+    if type >/dev/null 2>&1 -p ghc; then
+      eval "$(egrep ^export "$(type -p ghc)")"
+    fi
+
+If you are certain that you'll use only one GHC environment which is located in
+your user profile, then you can use the following code, too, which has the
+advantage that it doesn't contain any paths from the Nix store, i.e. those
+settings always remain valid even if a `nix-env -u` operation updates the GHC
+environment in your profile:
+
+    if [ -e ~/.nix-profile/bin/ghc ]; then
+      export NIX_GHC="$HOME/.nix-profile/bin/ghc"
+      export NIX_GHCPKG="$HOME/.nix-profile/bin/ghc-pkg"
+      export NIX_GHC_DOCDIR="$HOME/.nix-profile/share/doc/ghc/html"
+      export NIX_GHC_LIBDIR="$HOME/.nix-profile/lib/ghc-$($NIX_GHC --numeric-version)"
+    fi
+
+### How to install a compiler with libraries, hoogle and documentation indexes
+
+If you plan to use your environment for interactive programming, not just
+compiling random Haskell code, you might want to replace `ghcWithPackages` in
+all the listings above with `ghcWithHoogle`.
+
+This environment generator not only produces an environment with GHC and all
+the specified libraries, but also generates a `hoogle` and `haddock` indexes
+for all the packages, and provides a wrapper script around `hoogle` binary that
+uses all those things. A precise name for this thing would be
+"`ghcWithPackagesAndHoogleAndDocumentationIndexes`", which is, regrettably, too
+long and scary.
+
+For example, installing the following environment
+
+    {
+      packageOverrides = super: let self = super.pkgs; in
+      {
+        myHaskellEnv = self.haskellPackages.ghcWithHoogle
+                         (haskellPackages: with haskellPackages; [
+                           # libraries
+                           arrows async cgi criterion
+                           # tools
+                           cabal-install haskintex
+                         ]);
+      };
+    }
+
+allows one to browse module documentation index [not too dissimilar to
+this](https://downloads.haskell.org/~ghc/latest/docs/html/libraries/index.html)
+for all the specified packages and their dependencies by directing a browser of
+choice to `~/.nix-profiles/share/doc/hoogle/index.html` (or
+`/run/current-system/sw/share/doc/hoogle/index.html` in case you put it in
+`environment.systemPackages` in NixOS).
+
+After you've marveled enough at that try adding the following to your
+`~/.ghc/ghci.conf`
+
+    :def hoogle \s -> return $ ":! hoogle search -cl --count=15 \"" ++ s ++ "\""
+    :def doc \s -> return $ ":! hoogle search -cl --info \"" ++ s ++ "\""
+
+and test it by typing into `ghci`:
+
+    :hoogle a -> a
+    :doc a -> a
+
+Be sure to note the links to `haddock` files in the output. With any modern and
+properly configured terminal emulator you can just click those links to
+navigate there.
+
+Finally, you can run
+
+    hoogle server -p 8080
+
+and navigate to http://localhost:8080/ for your own local
+[Hoogle](https://www.haskell.org/hoogle/). Note, however, that Firefox and
+possibly other browsers disallow navigation from `http:` to `file:` URIs for
+security reasons, which might be quite an inconvenience. See [this
+page](http://kb.mozillazine.org/Links_to_local_pages_do_not_work) for
+workarounds.
+
+### How to build a Haskell project using Stack
+
+[Stack][http://haskellstack.org] is a popular build tool for Haskell projects.
+It has first-class support for Nix. Stack can optionally use Nix to
+automatically select the right version of GHC and other build tools to build,
+test and execute apps in an existing project downloaded from somewhere on the
+Internet. Pass the `--nix` flag to any `stack` command to do so, e.g.
+
+    $ git clone --recursive http://github.com/yesodweb/wai
+    $ cd wai
+    $ stack --nix build
+
+If you want `stack` to use Nix by default, you can add a `nix` section to the
+`stack.yaml` file, as explained in the [Stack documentation][stack-nix-doc]. For
+example:
+
+    nix:
+      enable: true
+      packages: [pkgconfig zeromq zlib]
+
+The example configuration snippet above tells Stack to create an ad hoc
+environment for `nix-shell` as in the below section, in which the `pkgconfig`,
+`zeromq` and `zlib` packages from Nixpkgs are available. All `stack` commands
+will implicitly be executed inside this ad hoc environment.
+
+Some projects have more sophisticated needs. For examples, some ad hoc
+environments might need to expose Nixpkgs packages compiled in a certain way, or
+with extra environment variables. In these cases, you'll need a `shell` field
+instead of `packages`:
+
+    nix:
+      enable: true
+      shell-file: shell.nix
+
+For more on how to write a `shell.nix` file see the below section. You'll need
+to express a derivation. Note that Nixpkgs ships with a convenience wrapper
+function around `mkDerivation` called `haskell.lib.buildStackProject` to help you
+create this derivation in exactly the way Stack expects. All of the same inputs
+as `mkDerivation` can be provided. For example, to build a Stack project that
+including packages that link against a version of the R library compiled with
+special options turned on:
+
+    with (import <nixpkgs> { });
+
+    let R = pkgs.R.override { enableStrictBarrier = true; };
+    in
+	haskell.lib.buildStackProject {
+      name = "HaskellR";
+	  buildInputs = [ R zeromq zlib ];
+    }
+
+[stack-nix-doc]: http://docs.haskellstack.org/en/stable/nix_integration.html
+
+### How to create ad hoc environments for `nix-shell`
+
+The easiest way to create an ad hoc development environment is to run
+`nix-shell` with the appropriate GHC environment given on the command-line:
+
+    nix-shell -p "haskellPackages.ghcWithPackages (pkgs: with pkgs; [mtl pandoc])"
+
+For more sophisticated use-cases, however, it's more convenient to save the
+desired configuration in a file called `shell.nix` that looks like this:
+
+    { nixpkgs ? import <nixpkgs> {}, compiler ? "ghc7102" }:
+    let
+      inherit (nixpkgs) pkgs;
+      ghc = pkgs.haskell.packages.${compiler}.ghcWithPackages (ps: with ps; [
+              monad-par mtl
+            ]);
+    in
+    pkgs.stdenv.mkDerivation {
+      name = "my-haskell-env-0";
+      buildInputs = [ ghc ];
+      shellHook = "eval $(egrep ^export ${ghc}/bin/ghc)";
+    }
+
+Now run `nix-shell` --- or even `nix-shell --pure` --- to enter a shell
+environment that has the appropriate compiler in `$PATH`. If you use `--pure`,
+then add all other packages that your development environment needs into the
+`buildInputs` attribute. If you'd like to switch to a different compiler
+version, then pass an appropriate `compiler` argument to the expression, i.e.
+`nix-shell --argstr compiler ghc784`.
+
+If you need such an environment because you'd like to compile a Hackage package
+outside of Nix --- i.e. because you're hacking on the latest version from Git
+---, then the package set provides suitable nix-shell environments for you
+already! Every Haskell package has an `env` attribute that provides a shell
+environment suitable for compiling that particular package. If you'd like to
+hack the `lens` library, for example, then you just have to check out the
+source code and enter the appropriate environment:
+
+      $ cabal get lens-4.11 && cd lens-4.11
+      Downloading lens-4.11...
+      Unpacking to lens-4.11/
+
+      $ nix-shell "<nixpkgs>" -A haskellPackages.lens.env
+      [nix-shell:/tmp/lens-4.11]$
+
+At point, you can run `cabal configure`, `cabal build`, and all the other
+development commands. Note that you need `cabal-install` installed in your
+`$PATH` already to use it here --- the `nix-shell` environment does not provide
+it.
+
+## How to create Nix builds for your own private Haskell packages
+
+If your own Haskell packages have build instructions for Cabal, then you can
+convert those automatically into build instructions for Nix using the
+`cabal2nix` utility, which you can install into your profile by running
+`nix-env -i cabal2nix`.
+
+### How to build a stand-alone project
+
+For example, let's assume that you're working on a private project called
+`foo`. To generate a Nix build expression for it, change into the project's
+top-level directory and run the command:
+
+    $ cabal2nix . >foo.nix
+
+Then write the following snippet into a file called `default.nix`:
+
+    { nixpkgs ? import <nixpkgs> {}, compiler ? "ghc7102" }:
+    nixpkgs.pkgs.haskell.packages.${compiler}.callPackage ./foo.nix { }
+
+Finally, store the following code in a file called `shell.nix`:
+
+    { nixpkgs ? import <nixpkgs> {}, compiler ? "ghc7102" }:
+    (import ./default.nix { inherit nixpkgs compiler; }).env
+
+At this point, you can run `nix-build` to have Nix compile your project and
+install it into a Nix store path. The local directory will contain a symlink
+called `result` after `nix-build` returns that points into that location. Of
+course, passing the flag `--argstr compiler ghc763` allows switching the build
+to any version of GHC currently supported.
+
+Furthermore, you can call `nix-shell` to enter an interactive development
+environment in which you can use `cabal configure` and `cabal build` to develop
+your code. That environment will automatically contain a proper GHC derivation
+with all the required libraries registered as well as all the system-level
+libraries your package might need.
+
+If your package does not depend on any system-level libraries, then it's
+sufficient to run
+
+    $ nix-shell --command "cabal configure"
+
+once to set up your build. `cabal-install` determines the absolute paths to all
+resources required for the build and writes them into a config file in the
+`dist/` directory. Once that's done, you can run `cabal build` and any other
+command for that project even outside of the `nix-shell` environment. This
+feature is particularly nice for those of us who like to edit their code with
+an IDE, like Emacs' `haskell-mode`, because it's not necessary to start Emacs
+inside of nix-shell just to make it find out the necessary settings for
+building the project; `cabal-install` has already done that for us.
+
+If you want to do some quick-and-dirty hacking and don't want to bother setting
+up a `default.nix` and `shell.nix` file manually, then you can use the
+`--shell` flag offered by `cabal2nix` to have it generate a stand-alone
+`nix-shell` environment for you. With that feature, running
+
+    $ cabal2nix --shell . >shell.nix
+    $ nix-shell --command "cabal configure"
+
+is usually enough to set up a build environment for any given Haskell package.
+You can even use that generated file to run `nix-build`, too:
+
+    $ nix-build shell.nix
+
+### How to build projects that depend on each other
+
+If you have multiple private Haskell packages that depend on each other, then
+you'll have to register those packages in the Nixpkgs set to make them visible
+for the dependency resolution performed by `callPackage`. First of all, change
+into each of your projects top-level directories and generate a `default.nix`
+file with `cabal2nix`:
+
+    $ cd ~/src/foo && cabal2nix . >default.nix
+    $ cd ~/src/bar && cabal2nix . >default.nix
+
+Then edit your `~/.nixpkgs/config.nix` file to register those builds in the
+default Haskell package set:
+
+      {
+        packageOverrides = super: let self = super.pkgs; in
+        {
+          haskellPackages = super.haskellPackages.override {
+            overrides = self: super: {
+              foo = self.callPackage ../src/foo {};
+              bar = self.callPackage ../src/bar {};
+            };
+          };
+        };
+      }
+
+Once that's accomplished, `nix-env -f "<nixpkgs>" -qA haskellPackages` will
+show your packages like any other package from Hackage, and you can build them
+
+    $ nix-build "<nixpkgs>" -A haskellPackages.foo
+
+or enter an interactive shell environment suitable for building them:
+
+    $ nix-shell "<nixpkgs>" -A haskellPackages.bar.env
+
+## Miscellaneous Topics
+
+### How to build with profiling enabled
+
+Every Haskell package set takes a function called `overrides` that you can use
+to manipulate the package as much as you please. One useful application of this
+feature is to replace the default `mkDerivation` function with one that enables
+library profiling for all packages. To accomplish that, add configure the
+following snippet in your `~/.nixpkgs/config.nix` file:
+
+    {
+      packageOverrides = super: let self = super.pkgs; in
+      {
+        profiledHaskellPackages = self.haskellPackages.override {
+          overrides = self: super: {
+            mkDerivation = args: super.mkDerivation (args // {
+              enableLibraryProfiling = true;
+            });
+          };
+        };
+      };
+    }
+
+Then, replace instances of `haskellPackages` in the `cabal2nix`-generated
+`default.nix` or `shell.nix` files with `profiledHaskellPackages`.
+
+### How to override package versions in a compiler-specific package set
+
+Nixpkgs provides the latest version of
+[`ghc-events`](http://hackage.haskell.org/package/ghc-events), which is 0.4.4.0
+at the time of this writing. This is fine for users of GHC 7.10.x, but GHC
+7.8.4 cannot compile that binary. Now, one way to solve that problem is to
+register an older version of `ghc-events` in the 7.8.x-specific package set.
+The first step is to generate Nix build instructions with `cabal2nix`:
+
+    $ cabal2nix cabal://ghc-events-0.4.3.0 >~/.nixpkgs/ghc-events-0.4.3.0.nix
+
+Then add the override in `~/.nixpkgs/config.nix`:
+
+    {
+      packageOverrides = super: let self = super.pkgs; in
+      {
+        haskell = super.haskell // {
+          packages = super.haskell.packages // {
+            ghc784 = super.haskell.packages.ghc784.override {
+              overrides = self: super: {
+                ghc-events = self.callPackage ./ghc-events-0.4.3.0.nix {};
+              };
+            };
+          };
+        };
+      };
+    }
+
+This code is a little crazy, no doubt, but it's necessary because the intuitive
+version
+
+    haskell.packages.ghc784 = super.haskell.packages.ghc784.override {
+      overrides = self: super: {
+        ghc-events = self.callPackage ./ghc-events-0.4.3.0.nix {};
+      };
+    };
+
+doesn't do what we want it to: that code replaces the `haskell` package set in
+Nixpkgs with one that contains only one entry,`packages`, which contains only
+one entry `ghc784`. This override loses the `haskell.compiler` set, and it
+loses the `haskell.packages.ghcXYZ` sets for all compilers but GHC 7.8.4. To
+avoid that problem, we have to perform the convoluted little dance from above,
+iterating over each step in hierarchy.
+
+Once it's accomplished, however, we can install a variant of `ghc-events`
+that's compiled with GHC 7.8.4:
+
+    nix-env -f "<nixpkgs>" -iA haskell.packages.ghc784.ghc-events
+
+Unfortunately, it turns out that this build fails again while executing the
+test suite! Apparently, the release archive on Hackage is missing some data
+files that the test suite requires, so we cannot run it. We accomplish that by
+re-generating the Nix expression with the `--no-check` flag:
+
+    $ cabal2nix --no-check cabal://ghc-events-0.4.3.0 >~/.nixpkgs/ghc-events-0.4.3.0.nix
+
+Now the builds succeeds.
+
+Of course, in the concrete example of `ghc-events` this whole exercise is not
+an ideal solution, because `ghc-events` can analyze the output emitted by any
+version of GHC later than 6.12 regardless of the compiler version that was used
+to build the `ghc-events' executable, so strictly speaking there's no reason to
+prefer one built with GHC 7.8.x in the first place. However, for users who
+cannot use GHC 7.10.x at all for some reason, the approach of downgrading to an
+older version might be useful.
+
+### How to recover from GHC's infamous non-deterministic library ID bug
+
+GHC and distributed build farms don't get along well:
+
+    https://ghc.haskell.org/trac/ghc/ticket/4012
+
+When you see an error like this one
+
+    package foo-0.7.1.0 is broken due to missing package
+    text-1.2.0.4-98506efb1b9ada233bb5c2b2db516d91
+
+then you have to download and re-install `foo` and all its dependents from
+scratch:
+
+    # nix-store -q --referrers /nix/store/*-haskell-text-1.2.0.4 \
+      | xargs -L 1 nix-store --repair-path --option binary-caches http://hydra.nixos.org
+
+If you're using additional Hydra servers other than `hydra.nixos.org`, then it
+might be necessary to purge the local caches that store data from those
+machines to disable these binary channels for the duration of the previous
+command, i.e. by running:
+
+    rm /nix/var/nix/binary-cache-v3.sqlite
+    rm /nix/var/nix/manifests/*
+    rm /nix/var/nix/channel-cache/*
+
+### Builds on Darwin fail with `math.h` not found
+
+Users of GHC on Darwin have occasionally reported that builds fail, because the
+compiler complains about a missing include file:
+
+    fatal error: 'math.h' file not found
+
+The issue has been discussed at length in [ticket
+6390](https://github.com/NixOS/nixpkgs/issues/6390), and so far no good
+solution has been proposed. As a work-around, users who run into this problem
+can configure the environment variables
+
+    export NIX_CFLAGS_COMPILE="-idirafter /usr/include"
+    export NIX_CFLAGS_LINK="-L/usr/lib"
+
+in their `~/.bashrc` file to avoid the compiler error.
+
+### Builds using Stack complain about missing system libraries
+
+    --  While building package zlib-0.5.4.2 using:
+      runhaskell -package=Cabal-1.22.4.0 -clear-package-db [... lots of flags ...]
+    Process exited with code: ExitFailure 1
+    Logs have been written to: /home/foo/src/stack-ide/.stack-work/logs/zlib-0.5.4.2.log
+
+    Configuring zlib-0.5.4.2...
+    Setup.hs: Missing dependency on a foreign library:
+    * Missing (or bad) header file: zlib.h
+    This problem can usually be solved by installing the system package that
+    provides this library (you may need the "-dev" version). If the library is
+    already installed but in a non-standard location then you can use the flags
+    --extra-include-dirs= and --extra-lib-dirs= to specify where it is.
+    If the header file does exist, it may contain errors that are caught by the C
+    compiler at the preprocessing stage. In this case you can re-run configure
+    with the verbosity flag -v3 to see the error messages.
+
+When you run the build inside of the nix-shell environment, the system
+is configured to find libz.so without any special flags -- the compiler
+and linker "just know" how to find it. Consequently, Cabal won't record
+any search paths for libz.so in the package description, which means
+that the package works fine inside of nix-shell, but once you leave the
+shell the shared object can no longer be found. That issue is by no
+means specific to Stack: you'll have that problem with any other
+Haskell package that's built inside of nix-shell but run outside of that
+environment.
+
+You can remedy this issue in several ways. The easiest is to add a `nix` section
+to the `stack.yaml` like the following:
+
+    nix:
+      enable: true
+	  packages: [ zlib ]
+
+Stack's Nix support knows to add `${zlib}/lib` and `${zlib}/include` as an
+`--extra-lib-dirs` and `extra-include-dirs`, respectively. Alternatively, you
+can achieve the same effect by hand. First of all, run
+
+    $ nix-build --no-out-link "<nixpkgs>" -A zlib
+    /nix/store/alsvwzkiw4b7ip38l4nlfjijdvg3fvzn-zlib-1.2.8
+
+to find out the store path of the system's zlib library. Now, you can
+
+1) add that path (plus a "/lib" suffix) to your $LD_LIBRARY_PATH
+   environment variable to make sure your system linker finds libz.so
+   automatically. It's no pretty solution, but it will work.
+
+2) As a variant of (1), you can also install any number of system
+   libraries into your user's profile (or some other profile) and point
+   $LD_LIBRARY_PATH to that profile instead, so that you don't have to
+   list dozens of those store paths all over the place.
+
+3) The solution I prefer is to call stack with an appropriate
+   --extra-lib-dirs flag like so:
+
+    $ stack --extra-lib-dirs=/nix/store/alsvwzkiw4b7ip38l4nlfjijdvg3fvzn-zlib-1.2.8/lib build
+
+   Typically, you'll need --extra-include-dirs as well. It's possible
+   to add those flag to the project's "stack.yaml" or your user's
+   global "~/.stack/global/stack.yaml" file so that you don't have to
+   specify them manually every time. But again, you're likely better off using
+   Stack's Nix support instead.
+
+   The same thing applies to `cabal configure`, of course, if you're
+   building with `cabal-install` instead of Stack.
+
+### Creating statically linked binaries
+
+There are two levels of static linking. The first option is to configure the
+build with the Cabal flag `--disable-executable-dynamic`. In Nix expressions,
+this can be achieved by setting the attribute:
+
+    enableSharedExecutables = false;
+
+That gives you a binary with statically linked Haskell libraries and
+dynamically linked system libraries.
+
+To link both Haskell libraries and system libraries statically, the additional
+flags `--ghc-option=-optl=-static --ghc-option=-optl=-pthread` need to be used.
+In Nix, this is accomplished with:
+
+    configureFlags = [ "--ghc-option=-optl=-static" "--ghc-option=-optl=-pthread" ];
+
+It's important to realize, however, that most system libraries in Nix are built
+as shared libraries only, i.e. there is just no static library available that
+Cabal could link!
+
+
+## Other resources
+
+- The Youtube video [Nix Loves Haskell](https://www.youtube.com/watch?v=BsBhi_r-OeE)
+  provides an introduction into Haskell NG aimed at beginners. The slides are
+  available at http://cryp.to/nixos-meetup-3-slides.pdf and also -- in a form
+  ready for cut & paste -- at
+  https://github.com/NixOS/cabal2nix/blob/master/doc/nixos-meetup-3-slides.md.
+
+- Another Youtube video is [Escaping Cabal Hell with Nix](https://www.youtube.com/watch?v=mQd3s57n_2Y),
+  which discusses the subject of Haskell development with Nix but also provides
+  a basic introduction to Nix as well, i.e. it's suitable for viewers with
+  almost no prior Nix experience.
+
+- Oliver Charles wrote a very nice [Tutorial how to develop Haskell packages with Nix](http://wiki.ocharles.org.uk/Nix).
+
+- The *Journey into the Haskell NG infrastructure* series of postings
+  describe the new Haskell infrastructure in great detail:
+
+    - [Part 1](http://lists.science.uu.nl/pipermail/nix-dev/2015-January/015591.html)
+      explains the differences between the old and the new code and gives
+      instructions how to migrate to the new setup.
+
+    - [Part 2](http://lists.science.uu.nl/pipermail/nix-dev/2015-January/015608.html)
+      looks in-depth at how to tweak and configure your setup by means of
+      overrides.
+
+    - [Part 3](http://lists.science.uu.nl/pipermail/nix-dev/2015-April/016912.html)
+      describes the infrastructure that keeps the Haskell package set in Nixpkgs
+      up-to-date.
--- a/doc/introduction.md
+++ b/doc/introduction.md
@@ -6,14 +6,13 @@ date: 2015-11-25

 # Introduction

-The Nix Packages collection (Nixpkgs) is a set of thousands of packages for the
-[Nix package manager](http://nixos.org/nix/), released under a
-[permissive MIT/X11 license](https://github.com/NixOS/nixpkgs/blob/master/COPYING).
-Packages are available for several platforms, and can be used with the Nix
-package manager on most GNU/Linux distributions as well as NixOS.
+The Nix Packages collection (Nixpkgs) is a set of over 30,000 packages for the
+[Nix package manager](http://nixos.org/nix/), released under a [permissive MIT/X11 license](https://github.com/NixOS/nixpkgs/blob/master/COPYING).
+Packages are available for several architectures, and can be used with the Nix package manager
+on most GNU/Linux distributions as well as NixOS.

-This manual primarily describes how to write packages for the Nix Packages collection
-(Nixpkgs). Thus it’s mainly for packagers and developers who want to add packages to
+This manual describes how to write packages for the Nix Packages collection
+(Nixpkgs). Thus it’s for packagers and developers who want to add packages to
 Nixpkgs. If you like to learn more about the Nix package manager and the Nix
 expression language, then you are kindly referred to the [Nix manual](http://nixos.org/nix/manual/).

@@ -21,33 +20,29 @@ expression language, then you are kindly referred to the [Nix manual](http://nix

 Nix expressions describe how to build packages from source and are collected in
 the [nixpkgs repository](https://github.com/NixOS/nixpkgs). Also included in the
-collection are Nix expressions for
-[NixOS modules](http://nixos.org/nixos/manual/index.html#sec-writing-modules).
-With these expressions the Nix package manager can build binary packages.
+collection are Nix expressions for [NixOS modules](http://nixos.org/nixos/manual/index.html#sec-writing-modules). With
+these expressions the Nix package manager can build binary packages.

 Packages, including the Nix packages collection, are distributed through
 [channels](http://nixos.org/nix/manual/#sec-channels). The collection is
 distributed for users of Nix on non-NixOS distributions through the channel
 `nixpkgs`. Users of NixOS generally use one of the `nixos-*` channels, e.g.
-`nixos-16.03`, which includes all packages and modules for the stable NixOS
-16.03. The purpose of stable NixOS releases are generally only given
+`nixos-15.09`, which includes all packages and modules for the stable NixOS
+15.09. The channels of the stable NixOS releases are generally only given
 security updates. More up to date packages and modules are available via the
 `nixos-unstable` channel.

 Both `nixos-unstable` and `nixpkgs` follow the `master` branch of the Nixpkgs
-repository, although both do lag the `master` branch by generally
-[a couple of days](http://howoldis.herokuapp.com/). Updates to a channel are
-distributed as soon as all tests for that channel pass, e.g.
-[this table](http://hydra.nixos.org/job/nixpkgs/trunk/unstable#tabs-constituents)
+repository, although both do lag the `master` branch by generally [a couple of days](http://howoldis.herokuapp.com/). Updates to a channel are distributed as
+soon as all tests for that channel pass, e.g. [this table](http://hydra.nixos.org/job/nixpkgs/trunk/unstable#tabs-constituents)
 shows the status of tests for the `nixpkgs` channel.

 The tests are conducted by a cluster called [Hydra](http://nixos.org/hydra/),
-which also builds binary packages from the Nix expressions in Nixpkgs for
-`x86_64-linux`, `i686-linux` and `x86_64-darwin`.
-The binaries are made available via a [binary cache](https://cache.nixos.org).
+which also builds binary packages from the Nix expressions in Nixpkgs. As soon
+as a channel is updated, the binaries are made available via a [binary cache](https://cache.nixos.org). Until the channel updates, binaries that have
+already been built, are available via [Hydra's binary cache](https://hydra.nixos.org).

 The current Nix expressions of the channels are available in the
 [`nixpkgs-channels`](https://github.com/NixOS/nixpkgs-channels) repository,
 which has branches corresponding to the available channels. There is also the
-[Nixpkgs Monitor](http://monitor.nixos.org) which keeps track of updates
-and security vulnerabilities.
+Nixpkgs Monitor which keeps track of updates and security vulnerabilities.
--- a/doc/languages-frameworks/beam.xml
+++ b/doc/languages-frameworks/beam.xml
@@ -1,376 +0,0 @@
-<section xmlns="http://docbook.org/ns/docbook"
-         xmlns:xlink="http://www.w3.org/1999/xlink"
-         xml:id="sec-beam">
-
-  <title>Beam Languages (Erlang &amp; Elixir)</title>
-  <section xml:id="beam-introduction">
-    <title>Introduction</title>
-    <para>
-      In this document and related Nix expressions we use the term
-      <emphasis>Beam</emphasis> to describe the environment. Beam is
-      the name of the Erlang Virtial Machine and, as far as we know,
-      from a packaging perspective all languages that run on Beam are
-      interchangable. The things that do change, like the build
-      system, are transperant to the users of the package. So we make
-      no distinction.
-    </para>
-  </section>
-<section xml:id="build-tools">
-  <title>Build Tools</title>
-  <section xml:id="build-tools-rebar3">
-    <title>Rebar3</title>
-    <para>
-      By default Rebar3 wants to manage it's own dependencies. In the
-      normal non-Nix, this is perfectly acceptable. In the Nix world it
-      is not. To support this we have created two versions of rebar3,
-      <literal>rebar3</literal> and <literal>rebar3-open</literal>. The
-      <literal>rebar3</literal> version has been patched to remove the
-      ability to download anything from it. If you are not running it a
-      nix-shell or a nix-build then its probably not going to work for
-      you. <literal>rebar3-open</literal> is the normal, un-modified
-      rebar3. It should work exactly as would any other version of
-      rebar3. Any Erlang package should rely on
-      <literal>rebar3</literal> and thats really what you should be
-      using too.
-    </para>
-  </section>
-  <section xml:id="build-tools-other">
-    <title>Mix &amp; Erlang.mk</title>
-    <para>
-      Both Mix and Erlang.mk work exactly as you would expect. There
-      is a bootstrap process that needs to be run for both of
-      them. However, that is supported by the
-      <literal>buildMix</literal> and <literal>buildErlangMk</literal> derivations.
-    </para>
-  </section>
-
-</section>
-
-<section xml:id="how-to-install-beam-packages">
-  <title>How to install Beam packages</title>
-  <para>
-    Beam packages are not registered in the top level simply because
-    they are not relevant to the vast majority of Nix users. They are
-    installable using the <literal>beamPackages</literal> attribute
-    set.
-
-    You can list the avialable packages in the
-    <literal>beamPackages</literal> with the following command:
-  </para>
-
-  <programlisting>
-$ nix-env -f &quot;&lt;nixpkgs&gt;&quot; -qaP -A beamPackages
-beamPackages.esqlite    esqlite-0.2.1
-beamPackages.goldrush   goldrush-0.1.7
-beamPackages.ibrowse    ibrowse-4.2.2
-beamPackages.jiffy      jiffy-0.14.5
-beamPackages.lager      lager-3.0.2
-beamPackages.meck       meck-0.8.3
-beamPackages.rebar3-pc  pc-1.1.0
-  </programlisting>
-  <para>
-    To install any of those packages into your profile, refer to them by
-    their attribute path (first column):
-  </para>
-  <programlisting>
-$ nix-env -f &quot;&lt;nixpkgs&gt;&quot; -iA beamPackages.ibrowse
-  </programlisting>
-  <para>
-    The attribute path of any Beam packages corresponds to the name
-    of that particular package in Hex or its OTP Application/Release name.
-  </para>
-</section>
-<section xml:id="packaging-beam-applications">
-  <title>Packaging Beam Applications</title>
-  <section  xml:id="packaging-erlang-applications">
-    <title>Erlang Applications</title>
-    <section xml:id="rebar3-packages">
-      <title>Rebar3 Packages</title>
-      <para>
-        There is a Nix functional called
-        <literal>buildRebar3</literal>. We use this function to make a
-        derivation that understands how to build the rebar3 project. For
-        example, the epression we use to build the <link
-        xlink:href="https://github.com/erlang-nix/hex2nix">hex2nix</link>
-        project follows.
-      </para>
-      <programlisting>
-        {stdenv, fetchFromGitHub, buildRebar3, ibrowse, jsx, erlware_commons }:
-
-          buildRebar3 rec {
-            name = "hex2nix";
-            version = "0.0.1";
-
-            src = fetchFromGitHub {
-              owner = "ericbmerritt";
-              repo = "hex2nix";
-              rev = "${version}";
-              sha256 = "1w7xjidz1l5yjmhlplfx7kphmnpvqm67w99hd2m7kdixwdxq0zqg";
-            };
-
-          beamDeps = [ ibrowse jsx erlware_commons ];
-        }
-      </programlisting>
-      <para>
-        The only visible difference between this derivation and
-        something like <literal>stdenv.mkDerivation</literal> is that we
-        have added <literal>erlangDeps</literal> to the derivation. If
-        you add your Beam dependencies here they will be correctly
-        handled by the system.
-      </para>
-      <para>
-        If your package needs to compile native code via Rebar's port
-        compilation mechenism. You should add <literal>compilePort =
-        true;</literal> to the derivation.
-      </para>
-    </section>
-    <section xml:id="erlang-mk-packages">
-      <title>Erlang.mk Packages</title>
-      <para>
-        Erlang.mk functions almost identically to Rebar. The only real
-        difference is that <literal>buildErlangMk</literal> is called
-        instead of <literal>buildRebar3</literal>
-      </para>
-      <programlisting>
-        { buildErlangMk, fetchHex,  cowlib, ranch }:
-          buildErlangMk {
-            name = "cowboy";
-            version = "1.0.4";
-            src = fetchHex {
-              pkg = "cowboy";
-              version = "1.0.4";
-              sha256 =
-                "6a0edee96885fae3a8dd0ac1f333538a42e807db638a9453064ccfdaa6b9fdac";
-            };
-            beamDeps  = [ cowlib ranch ];
-
-            meta = {
-              description = ''Small, fast, modular HTTP server written in
-                            Erlang.'';
-              license = stdenv.lib.licenses.isc;
-              homepage = "https://github.com/ninenines/cowboy";
-            };
-        }
-      </programlisting>
-    </section>
-    <section xml:id="mix-packages">
-      <title>Mix Packages</title>
-      <para>
-        Mix functions almost identically to Rebar. The only real
-        difference is that <literal>buildMix</literal> is called
-        instead of <literal>buildRebar3</literal>
-      </para>
-      <programlisting>
-        { buildMix, fetchHex, plug, absinthe }:
-        buildMix {
-          name = "absinthe_plug";
-          version = "1.0.0";
-          src = fetchHex {
-            pkg = "absinthe_plug";
-            version = "1.0.0";
-            sha256 =
-              "08459823fe1fd4f0325a8bf0c937a4520583a5a26d73b193040ab30a1dfc0b33";
-          };
-          beamDeps  = [ plug absinthe];
-
-          meta = {
-            description = ''A plug for Absinthe, an experimental GraphQL
-                            toolkit'';
-            license = stdenv.lib.licenses.bsd3;
-            homepage = "https://github.com/CargoSense/absinthe_plug";
-         };
-       }
-      </programlisting>
-    </section>
-  </section>
-</section>
-<section xml:id="how-to-develop">
-  <title>How to develop</title>
-  <section xml:id="accessing-an-environment">
-    <title>Accessing an Environment</title>
-    <para>
-      Often, all you want to do is be able to access a valid
-      environment that contains a specific package and its
-      dependencies. we can do that with the <literal>env</literal>
-      part of a derivation. For example, lets say we want to access an
-      erlang repl with ibrowse loaded up. We could do the following.
-    </para>
-    <programlisting>
-      ~/w/nixpkgs ❯❯❯ nix-shell -A beamPackages.ibrowse.env --run "erl"
-      Erlang/OTP 18 [erts-7.0] [source] [64-bit] [smp:4:4] [async-threads:10] [hipe] [kernel-poll:false]
-
-      Eshell V7.0  (abort with ^G)
-      1> m(ibrowse).
-      Module: ibrowse
-      MD5: 3b3e0137d0cbb28070146978a3392945
-      Compiled: January 10 2016, 23:34
-      Object file: /nix/store/g1rlf65rdgjs4abbyj4grp37ry7ywivj-ibrowse-4.2.2/lib/erlang/lib/ibrowse-4.2.2/ebin/ibrowse.beam
-      Compiler options:  [{outdir,"/tmp/nix-build-ibrowse-4.2.2.drv-0/hex-source-ibrowse-4.2.2/_build/default/lib/ibrowse/ebin"},
-      debug_info,debug_info,nowarn_shadow_vars,
-      warn_unused_import,warn_unused_vars,warnings_as_errors,
-      {i,"/tmp/nix-build-ibrowse-4.2.2.drv-0/hex-source-ibrowse-4.2.2/_build/default/lib/ibrowse/include"}]
-      Exports:
-      add_config/1                  send_req_direct/7
-      all_trace_off/0               set_dest/3
-      code_change/3                 set_max_attempts/3
-      get_config_value/1            set_max_pipeline_size/3
-      get_config_value/2            set_max_sessions/3
-      get_metrics/0                 show_dest_status/0
-      get_metrics/2                 show_dest_status/1
-      handle_call/3                 show_dest_status/2
-      handle_cast/2                 spawn_link_worker_process/1
-      handle_info/2                 spawn_link_worker_process/2
-      init/1                        spawn_worker_process/1
-      module_info/0                 spawn_worker_process/2
-      module_info/1                 start/0
-      rescan_config/0               start_link/0
-      rescan_config/1               stop/0
-      send_req/3                    stop_worker_process/1
-      send_req/4                    stream_close/1
-      send_req/5                    stream_next/1
-      send_req/6                    terminate/2
-      send_req_direct/4             trace_off/0
-      send_req_direct/5             trace_off/2
-      send_req_direct/6             trace_on/0
-      trace_on/2
-      ok
-      2>
-    </programlisting>
-    <para>
-      Notice the <literal>-A beamPackages.ibrowse.env</literal>.That
-      is the key to this functionality.
-    </para>
-  </section>
-  <section xml:id="creating-a-shell">
-    <title>Creating a Shell</title>
-    <para>
-      Getting access to an environment often isn't enough to do real
-      development. Many times we need to create a
-      <literal>shell.nix</literal> file and do our development inside
-      of the environment specified by that file. This file looks a lot
-      like the packaging described above. The main difference is that
-      <literal>src</literal> points to project root and we call the
-      package directly.
-    </para>
-    <programlisting>
-{ pkgs ? import &quot;&lt;nixpkgs&quot;&gt; {} }:
-
-with pkgs;
-
-let
-
-  f = { buildRebar3, ibrowse, jsx, erlware_commons }:
-      buildRebar3 {
-        name = "hex2nix";
-        version = "0.1.0";
-        src = ./.;
-        erlangDeps = [ ibrowse jsx erlware_commons ];
-      };
-  drv = beamPackages.callPackage f {};
-
-in
- drv
-    </programlisting>
-    <section xml:id="building-in-a-shell">
-    <title>Building in a shell</title>
-    <para>
-      We can leveral the support of the Derivation, regardless of
-      which build Derivation is called by calling the commands themselv.s
-    </para>
-    <programlisting>
-# =============================================================================
-# Variables
-# =============================================================================
-
-NIX_TEMPLATES := "$(CURDIR)/nix-templates"
-
-TARGET := "$(PREFIX)"
-
-PROJECT_NAME := thorndyke
-
-NIXPKGS=../nixpkgs
-NIX_PATH=nixpkgs=$(NIXPKGS)
-NIX_SHELL=nix-shell -I "$(NIX_PATH)" --pure
-# =============================================================================
-# Rules
-# =============================================================================
-.PHONY= all test clean repl shell build test analyze configure install \
-        test-nix-install publish plt analyze
-
-all: build
-
-guard-%:
-        @ if [ "${${*}}" == "" ]; then \
-                echo "Environment variable $* not set"; \
-                exit 1; \
-        fi
-
-clean:
-        rm -rf _build
-        rm -rf .cache
-
-repl:
-        $(NIX_SHELL) --run "iex -pa './_build/prod/lib/*/ebin'"
-
-shell:
-        $(NIX_SHELL)
-
-configure:
-        $(NIX_SHELL) --command 'eval "$$configurePhase"'
-
-build: configure
-        $(NIX_SHELL) --command 'eval "$$buildPhase"'
-
-install:
-        $(NIX_SHELL) --command 'eval "$$installPhase"'
-
-test:
-        $(NIX_SHELL) --command 'mix test --no-start --no-deps-check'
-
-plt:
-        $(NIX_SHELL) --run "mix dialyzer.plt --no-deps-check"
-
-analyze: build plt
-        $(NIX_SHELL) --run "mix dialyzer --no-compile"
-
-    </programlisting>
-    <para>
-      If you add the <literal>shell.nix</literal> as described and
-      user rebar as follows things should simply work. Aside from the
-      <literal>test</literal>, <literal>plt</literal>, and
-      <literal>analyze</literal> the talks work just fine for all of
-      the build Derivations.
-    </para>
-  </section>
-</section>
-</section>
-<section xml:id="generating-packages-from-hex-with-hex2nix">
-  <title>Generating Packages from Hex with Hex2Nix</title>
-  <para>
-    Updating the Hex packages requires the use of the
-    <literal>hex2nix</literal> tool. Given the path to the Erlang
-    modules (usually
-    <literal>pkgs/development/erlang-modules</literal>). It will
-    happily dump a file called
-    <literal>hex-packages.nix</literal>. That file will contain all
-    the packages that use a recognized build system in Hex. However,
-    it can't know whether or not all those packages are buildable.
-    </para>
-    <para>
-      To make life easier for our users, it makes good sense to go
-      ahead and attempt to build all those packages and remove the
-      ones that don't build. To do that, simply run the command (in
-      the root of your <literal>nixpkgs</literal> repository). that follows.
-    </para>
-    <programlisting>
-$ nix-build -A beamPackages
-    </programlisting>
-    <para>
-      That will build every package in
-      <literal>beamPackages</literal>. Then you can go through and
-      manually remove the ones that fail. Hopefully, someone will
-      improve <literal>hex2nix</literal> in the future to automate
-      that.
-    </para>
-</section>
-</section>
--- a/doc/languages-frameworks/bower.xml
+++ b/doc/languages-frameworks/bower.xml
@@ -1,244 +0,0 @@
-<section xmlns="http://docbook.org/ns/docbook"
-         xmlns:xlink="http://www.w3.org/1999/xlink"
-         xml:id="sec-bower">
-
-<title>Bower</title>
-
-<para>
-  <link xlink:href="http://bower.io">Bower</link> is a package manager
-  for web site front-end components. Bower packages (comprising of
-  build artefacts and sometimes sources) are stored in
-  <command>git</command> repositories, typically on Github. The
-  package registry is run by the Bower team with package metadata
-  coming from the <filename>bower.json</filename> file within each
-  package.
-</para>
-
-<para>
-  The end result of running Bower is a
-  <filename>bower_components</filename> directory which can be included
-  in the web app's build process.
-</para>
-
-<para>
-  Bower can be run interactively, by installing
-  <varname>nodePackages.bower</varname>. More interestingly, the Bower
-  components can be declared in a Nix derivation, with the help of
-  <varname>nodePackages.bower2nix</varname>.
-</para>
-
-<section xml:id="ssec-bower2nix-usage">
-  <title><command>bower2nix</command> usage</title>
-
-<para>
-  Suppose you have a <filename>bower.json</filename> with the following contents:
-
-
-<example xml:id="ex-bowerJson"><title><filename>bower.json</filename></title>
-<programlisting language="json">
-<![CDATA[{
-  "name": "my-web-app",
-  "dependencies": {
-    "angular": "~1.5.0",
-    "bootstrap": "~3.3.6"
-  }
-}]]>
-</programlisting>
-</example>
-</para>
-
-
-<para>
-  Running <command>bower2nix</command> will produce something like the
-  following output:
-
-<programlisting language="nix">
-<![CDATA[{ fetchbower, buildEnv }:
-buildEnv { name = "bower-env"; ignoreCollisions = true; paths = [
-  (fetchbower "angular" "1.5.3" "~1.5.0" "1749xb0firxdra4rzadm4q9x90v6pzkbd7xmcyjk6qfza09ykk9y")
-  (fetchbower "bootstrap" "3.3.6" "~3.3.6" "1vvqlpbfcy0k5pncfjaiskj3y6scwifxygfqnw393sjfxiviwmbv")
-  (fetchbower "jquery" "2.2.2" "1.9.1 - 2" "10sp5h98sqwk90y4k6hbdviwqzvzwqf47r3r51pakch5ii2y7js1")
-]; }]]>
-</programlisting>
-</para>
-
-
-<para>
-  Using the <command>bower2nix</command> command line arguments, the
-  output can be redirected to a file. A name like
-  <filename>bower-packages.nix</filename> would be fine.
-</para>
-
-<para>
-  The resulting derivation is a union of all the downloaded Bower
-  packages (and their dependencies). To use it, they still need to be
-  linked together by Bower, which is where
-  <varname>buildBowerComponents</varname> is useful.
-</para>
-</section>
-
-<section xml:id="ssec-build-bower-components"><title><varname>buildBowerComponents</varname> function</title>
-
-  <para>
-  The function is implemented in <link xlink:href="https://github.com/NixOS/nixpkgs/blob/master/pkgs/development/bower-modules/generic/default.nix">
-  <filename>pkgs/development/bower-modules/generic/default.nix</filename></link>.
-  Example usage:
-
-<example xml:id="ex-buildBowerComponents"><title>buildBowerComponents</title>
-<programlisting language="nix">
-bowerComponents = buildBowerComponents {
-  name = "my-web-app";
-  generated = ./bower-packages.nix; <co xml:id="ex-buildBowerComponents-1" />
-  src = myWebApp; <co xml:id="ex-buildBowerComponents-2" />
-};
-</programlisting>
-</example>
-  </para>
-
-<para>
-In <xref linkend="ex-buildBowerComponents" />, the following arguments
-are of special significance to the function:
-
-<calloutlist>
-  <callout arearefs="ex-buildBowerComponents-1">
-    <para>
-      <varname>generated</varname> specifies the file which was created by <command>bower2nix</command>.
-    </para>
-  </callout>
-
-  <callout arearefs="ex-buildBowerComponents-2">
-    <para>
-      <varname>src</varname> is your project's sources. It needs to
-      contain a <filename>bower.json</filename> file.
-    </para>
-  </callout>
-</calloutlist>
-</para>
-
-<para>
-  <varname>buildBowerComponents</varname> will run Bower to link
-  together the output of <command>bower2nix</command>, resulting in a
-  <filename>bower_components</filename> directory which can be used.
-</para>
-
-<para>
-  Here is an example of a web frontend build process using
-  <command>gulp</command>. You might use <command>grunt</command>, or
-  anything else.
-</para>
-
-<example xml:id="ex-bowerGulpFile"><title>Example build script (<filename>gulpfile.js</filename>)</title>
-<programlisting language="javascript">
-<![CDATA[var gulp = require('gulp');
-
-gulp.task('default', [], function () {
-  gulp.start('build');
-});
-
-gulp.task('build', [], function () {
-  console.log("Just a dummy gulp build");
-  gulp
-    .src(["./bower_components/**/*"])
-    .pipe(gulp.dest("./gulpdist/"));
-});]]>
-</programlisting>
-</example>
-
-<example xml:id="ex-buildBowerComponentsDefaultNix">
-  <title>Full example — <filename>default.nix</filename></title>
-<programlisting language="nix">
-{ myWebApp ? { outPath = ./.; name = "myWebApp"; }
-, pkgs ? import &lt;nixpkgs&gt; {}
-}:
-
-pkgs.stdenv.mkDerivation {
-  name = "my-web-app-frontend";
-  src = myWebApp;
-
-  buildInputs = [ pkgs.nodePackages.gulp ];
-
-  bowerComponents = pkgs.buildBowerComponents { <co xml:id="ex-buildBowerComponentsDefault-1" />
-    name = "my-web-app";
-    generated = ./bower-packages.nix;
-    src = myWebApp;
-  };
-
-  buildPhase = ''
-    cp --reflink=auto --no-preserve=mode -R $bowerComponents/bower_components . <co xml:id="ex-buildBowerComponentsDefault-2" />
-    export HOME=$PWD <co xml:id="ex-buildBowerComponentsDefault-3" />
-    ${pkgs.nodePackages.gulp}/bin/gulp build <co xml:id="ex-buildBowerComponentsDefault-4" />
-  '';
-
-  installPhase = "mv gulpdist $out";
-}
-</programlisting>
-</example>
-
-<para>
-A few notes about <xref linkend="ex-buildBowerComponentsDefaultNix" />:
-
-<calloutlist>
-  <callout arearefs="ex-buildBowerComponentsDefault-1">
-    <para>
-      The result of <varname>buildBowerComponents</varname> is an
-      input to the frontend build.
-    </para>
-  </callout>
-
-  <callout arearefs="ex-buildBowerComponentsDefault-2">
-    <para>
-      Whether to symlink or copy the
-      <filename>bower_components</filename> directory depends on the
-      build tool in use. In this case a copy is used to avoid
-      <command>gulp</command> silliness with permissions.
-    </para>
-  </callout>
-
-  <callout arearefs="ex-buildBowerComponentsDefault-3">
-    <para>
-      <command>gulp</command> requires <varname>HOME</varname> to
-      refer to a writeable directory.
-    </para>
-  </callout>
-
-  <callout arearefs="ex-buildBowerComponentsDefault-4">
-    <para>
-      The actual build command. Other tools could be used.
-    </para>
-  </callout>
-</calloutlist>
-</para>
-</section>
-
-<section xml:id="ssec-bower2nix-troubleshooting">
-  <title>Troubleshooting</title>
-
-<variablelist>
-
-  <varlistentry>
-    <term>
-    <literal>ENOCACHE</literal> errors from
-    <varname>buildBowerComponents</varname>
-    </term>
-    <listitem>
-      <para>
-        This means that Bower was looking for a package version which
-        doesn't exist in the generated
-        <filename>bower-packages.nix</filename>.
-      </para>
-      <para>
-        If <filename>bower.json</filename> has been updated, then run
-        <command>bower2nix</command> again.
-      </para>
-      <para>
-        It could also be a bug in <command>bower2nix</command> or
-        <command>fetchbower</command>. If possible, try reformulating
-        the version specification in <filename>bower.json</filename>.
-      </para>
-    </listitem>
-  </varlistentry>
-</variablelist>
-
-</section>
-
-</section>
--- a/doc/languages-frameworks/go.xml
+++ b/doc/languages-frameworks/go.xml
@@ -5,29 +5,27 @@
 <title>Go</title>

 <para>The function <varname>buildGoPackage</varname> builds
-standard Go programs.
+standard Go packages.
 </para>

 <example xml:id='ex-buildGoPackage'><title>buildGoPackage</title>
 <programlisting>
-deis = buildGoPackage rec {
-  name = "deis-${version}";
-  version = "1.13.0";
-  
-  goPackagePath = "github.com/deis/deis"; <co xml:id='ex-buildGoPackage-1' />
-  subPackages = [ "client" ]; <co xml:id='ex-buildGoPackage-2' />
-
+net = buildGoPackage rec {
+  name = "go.net-${rev}";
+  goPackagePath = "golang.org/x/net"; <co xml:id='ex-buildGoPackage-1' />
+  subPackages = [ "ipv4" "ipv6" ]; <co xml:id='ex-buildGoPackage-2' />
+  rev = "e0403b4e005";
  src = fetchFromGitHub {
-    owner = "deis";
-    repo = "deis";
-    rev = "v${version}";
-    sha256 = "1qv9lxqx7m18029lj8cw3k7jngvxs4iciwrypdy0gd2nnghc68sw";
+    inherit rev;
+    owner = "golang";
+    repo = "net";
+    sha256 = "1g7cjzw4g4301a3yqpbk8n1d4s97sfby2aysl275x04g0zh8jxqp";
  };
-
-  goDeps = ./deps.nix; <co xml:id='ex-buildGoPackage-3' />
-
-  buildFlags = "--tags release"; <co xml:id='ex-buildGoPackage-4' />
-}
+  goPackageAliases = [ "code.google.com/p/go.net" ]; <co xml:id='ex-buildGoPackage-3' />
+  propagatedBuildInputs = [ goPackages.text ]; <co xml:id='ex-buildGoPackage-4' />
+  buildFlags = "--tags release"; <co xml:id='ex-buildGoPackage-5' />
+  disabled = isGo13;<co xml:id='ex-buildGoPackage-6' />
+};
 </programlisting>
 </example>

@@ -49,80 +47,50 @@ the following arguments are of special significance to the function:
      packages will be built.
    </para>
    <para>
-      In this example only <literal>github.com/deis/deis/client</literal> will be built.
+      In this example only <literal>code.google.com/p/go.net/ipv4</literal> and
+      <literal>code.google.com/p/go.net/ipv6</literal> will be built.
    </para>
  </callout>

  <callout arearefs='ex-buildGoPackage-3'>
    <para>
-      <varname>goDeps</varname> is where the Go dependencies of a Go program are listed
-      as a list of package source identified by Go import path.
-      It could be imported as a separate <varname>deps.nix</varname> file for
-      readability. The dependency data structure is described below.
+      <varname>goPackageAliases</varname> is a list of alternative import paths
+      that are valid for this library.
+      Packages that depend on this library will automatically rename
+      import paths that match any of the aliases to <literal>goPackagePath</literal>.
+    </para>
+    <para>
+      In this example imports will be renamed from
+      <literal>code.google.com/p/go.net</literal> to
+      <literal>golang.org/x/net</literal> in every package that depend on the
+      <literal>go.net</literal> library.
    </para>
  </callout>

  <callout arearefs='ex-buildGoPackage-4'>
+    <para>
+      <varname>propagatedBuildInputs</varname> is where the dependencies of a Go library are
+      listed. Only libraries should list <varname>propagatedBuildInputs</varname>. If a standalone
+      program is being built instead, use <varname>buildInputs</varname>. If a library's tests require
+      additional dependencies that are not propagated, they should be listed in <varname>buildInputs</varname>.
+    </para>
+  </callout>
+
+  <callout arearefs='ex-buildGoPackage-5'>
    <para>
      <varname>buildFlags</varname> is a list of flags passed to the go build command.
    </para>
  </callout>

-</calloutlist>
-
-</para>
-
-<para>The <varname>goDeps</varname> attribute can be imported from a separate
-  <varname>nix</varname> file that defines which Go libraries are needed and should
-  be included in <varname>GOPATH</varname> for <varname>buildPhase</varname>.
-</para>
-
-<example xml:id='ex-goDeps'><title>deps.nix</title>
-<programlisting>
-[ <co xml:id='ex-goDeps-1' />
-  {
-    goPackagePath = "gopkg.in/yaml.v2"; <co xml:id='ex-goDeps-2' />
-    fetch = {
-      type = "git"; <co xml:id='ex-goDeps-3' />
-      url = "https://gopkg.in/yaml.v2";
-      rev = "a83829b6f1293c91addabc89d0571c246397bbf4";
-      sha256 = "1m4dsmk90sbi17571h6pld44zxz7jc4lrnl4f27dpd1l8g5xvjhh";
-    };
-  }
-  {
-    goPackagePath = "github.com/docopt/docopt-go";
-    fetch = {
-      type = "git";
-      url = "https://github.com/docopt/docopt-go";
-      rev = "784ddc588536785e7299f7272f39101f7faccc3f";
-      sha256 = "0wwz48jl9fvl1iknvn9dqr4gfy1qs03gxaikrxxp9gry6773v3sj";
-    };
-  }
-]
-</programlisting>
-</example>
-
-<para>
-
-<calloutlist>
-
-  <callout arearefs='ex-goDeps-1'>
+  <callout arearefs='ex-buildGoPackage-6'>
    <para>
-      <varname>goDeps</varname> is a list of Go dependencies.
+      If <varname>disabled</varname> is <literal>true</literal>,
+      nix will refuse to build this package.
    </para>
-  </callout>
-
-  <callout arearefs='ex-goDeps-2'>
    <para>
-      <varname>goPackagePath</varname> specifies Go package import path.
-    </para>
-  </callout>
-
-  <callout arearefs='ex-goDeps-3'>
-    <para>
-      <varname>fetch type</varname> that needs to be used to get package source. If <varname>git</varname>
-      is used there should be <varname>url</varname>, <varname>rev</varname> and <varname>sha256</varname>
-      defined next to it.
+      In this example the package will not be built for go 1.3. The <literal>isGo13</literal>
+      is an utility function that returns <literal>true</literal> if go used to build the
+      package has version 1.3.x.
    </para>
  </callout>

@@ -131,21 +99,12 @@ the following arguments are of special significance to the function:
 </para>

 <para>
-  <varname>buildGoPackage</varname> produces <xref linkend='chap-multiple-output' xrefstyle="select: title" />
-  where <varname>bin</varname> includes program binaries. You can test build a Go binary as follows:
+Reusable Go libraries may be found in the <varname>goPackages</varname> set. You can test
+build a Go package as follows:

-  <screen>
-    $ nix-build -A deis.bin
-  </screen>
-
-  or build all outputs with:
-
-  <screen>
-    $ nix-build -A deis.all
-  </screen>
-
-  <varname>bin</varname> output will be installed by default with <varname>nix-env -i</varname>
-  or <varname>systemPackages</varname>.
+<screen>
+$ nix-build -A goPackages.net
+</screen>

 </para>

@@ -160,7 +119,6 @@ done
 </screen>
 </para>

-<para>To extract dependency information from a Go package in automated way use <link xlink:href="https://github.com/kamilchm/go2nix">go2nix</link>.
-  It can produce complete derivation and <varname>goDeps</varname> file for Go programs.</para>
+  <para>To extract dependency information from a Go package in automated way use <link xlink:href="https://github.com/cstrahan/go2nix">go2nix</link>.</para>
 </section>

--- a/doc/languages-frameworks/haskell.md
+++ b/doc/languages-frameworks/haskell.md
@@ -1,883 +0,0 @@
---
-title: User's Guide for Haskell in Nixpkgs
-author: Peter Simons
-date: 2015-06-01
---
-# User's Guide to the Haskell Infrastructure
-
-
-## How to install Haskell packages
-
-Nixpkgs distributes build instructions for all Haskell packages registered on
-[Hackage](http://hackage.haskell.org/), but strangely enough normal Nix package
-lookups don't seem to discover any of them, except for the default version of ghc, cabal-install, and stack:
-
-    $ nix-env -i alex
-    error: selector ‘alex’ matches no derivations
-    $ nix-env -qa ghc
-    ghc-7.10.2
-
-The Haskell package set is not registered in the top-level namespace because it
-is *huge*. If all Haskell packages were visible to these commands, then
-name-based search/install operations would be much slower than they are now. We
-avoided that by keeping all Haskell-related packages in a separate attribute
-set called `haskellPackages`, which the following command will list:
-
-    $ nix-env -f "<nixpkgs>" -qaP -A haskellPackages
-    haskellPackages.a50         a50-0.5
-    haskellPackages.abacate     haskell-abacate-0.0.0.0
-    haskellPackages.abcBridge   haskell-abcBridge-0.12
-    haskellPackages.afv         afv-0.1.1
-    haskellPackages.alex        alex-3.1.4
-    haskellPackages.Allure      Allure-0.4.101.1
-    haskellPackages.alms        alms-0.6.7
-    [... some 8000 entries omitted  ...]
-
-To install any of those packages into your profile, refer to them by their
-attribute path (first column):
-
-    $ nix-env -f "<nixpkgs>" -iA haskellPackages.Allure ...
-
-The attribute path of any Haskell packages corresponds to the name of that
-particular package on Hackage: the package `cabal-install` has the attribute
-`haskellPackages.cabal-install`, and so on. (Actually, this convention causes
-trouble with packages like `3dmodels` and `4Blocks`, because these names are
-invalid identifiers in the Nix language. The issue of how to deal with these
-rare corner cases is currently unresolved.)
-
-Haskell packages who's Nix name (second column) begins with a `haskell-` prefix
-are packages that provide a library whereas packages without that prefix
-provide just executables. Libraries may provide executables too, though: the
-package `haskell-pandoc`, for example, installs both a library and an
-application. You can install and use Haskell executables just like any other
-program in Nixpkgs, but using Haskell libraries for development is a bit
-trickier and we'll address that subject in great detail in section [How to
-create a development environment].
-
-Attribute paths are deterministic inside of Nixpkgs, but the path necessary to
-reach Nixpkgs varies from system to system. We dodged that problem by giving
-`nix-env` an explicit `-f "<nixpkgs>"` parameter, but if you call `nix-env`
-without that flag, then chances are the invocation fails:
-
-    $ nix-env -iA haskellPackages.cabal-install
-    error: attribute ‘haskellPackages’ in selection path
-           ‘haskellPackages.cabal-install’ not found
-
-On NixOS, for example, Nixpkgs does *not* exist in the top-level namespace by
-default. To figure out the proper attribute path, it's easiest to query for the
-path of a well-known Nixpkgs package, i.e.:
-
-    $ nix-env -qaP coreutils
-    nixos.coreutils  coreutils-8.23
-
-If your system responds like that (most NixOS installations will), then the
-attribute path to `haskellPackages` is `nixos.haskellPackages`. Thus, if you
-want to use `nix-env` without giving an explicit `-f` flag, then that's the way
-to do it:
-
-    $ nix-env -qaP -A nixos.haskellPackages
-    $ nix-env -iA nixos.haskellPackages.cabal-install
-
-Our current default compiler is GHC 7.10.x and the `haskellPackages` set
-contains packages built with that particular version. Nixpkgs contains the
-latest major release of every GHC since 6.10.4, however, and there is a whole
-family of package sets available that defines Hackage packages built with each
-of those compilers, too:
-
-    $ nix-env -f "<nixpkgs>" -qaP -A haskell.packages.ghc6123
-    $ nix-env -f "<nixpkgs>" -qaP -A haskell.packages.ghc763
-
-The name `haskellPackages` is really just a synonym for
-`haskell.packages.ghc7102`, because we prefer that package set internally and
-recommend it to our users as their default choice, but ultimately you are free
-to compile your Haskell packages with any GHC version you please. The following
-command displays the complete list of available compilers:
-
-    $ nix-env -f "<nixpkgs>" -qaP -A haskell.compiler
-    haskell.compiler.ghc6104        ghc-6.10.4
-    haskell.compiler.ghc6123        ghc-6.12.3
-    haskell.compiler.ghc704         ghc-7.0.4
-    haskell.compiler.ghc722         ghc-7.2.2
-    haskell.compiler.ghc742         ghc-7.4.2
-    haskell.compiler.ghc763         ghc-7.6.3
-    haskell.compiler.ghc784         ghc-7.8.4
-    haskell.compiler.ghc7102        ghc-7.10.2
-    haskell.compiler.ghcHEAD        ghc-7.11.20150402
-    haskell.compiler.ghcNokinds     ghc-nokinds-7.11.20150704
-    haskell.compiler.ghcjs          ghcjs-0.1.0
-    haskell.compiler.jhc            jhc-0.8.2
-    haskell.compiler.uhc            uhc-1.1.9.0
-
-We have no package sets for `jhc` or `uhc` yet, unfortunately, but for every
-version of GHC listed above, there exists a package set based on that compiler.
-Also, the attributes `haskell.compiler.ghcXYC` and
-`haskell.packages.ghcXYC.ghc` are synonymous for the sake of convenience.
-
-## How to create a development environment
-
-### How to install a compiler
-
-A simple development environment consists of a Haskell compiler and one or both
-of the tools `cabal-install` and `stack`. We saw in section
-[How to install Haskell packages] how you can install those programs into your
-user profile:
-
-    $ nix-env -f "<nixpkgs>" -iA haskellPackages.ghc haskellPackages.cabal-install
-
-Instead of the default package set `haskellPackages`, you can also use the more
-precise name `haskell.compiler.ghc7102`, which has the advantage that it refers
-to the same GHC version regardless of what Nixpkgs considers "default" at any
-given time.
-
-Once you've made those tools available in `$PATH`, it's possible to build
-Hackage packages the same way people without access to Nix do it all the time:
-
-    $ cabal get lens-4.11 && cd lens-4.11
-    $ cabal install -j --dependencies-only
-    $ cabal configure
-    $ cabal build
-
-If you enjoy working with Cabal sandboxes, then that's entirely possible too:
-just execute the command
-
-    $ cabal sandbox init
-
-before installing the required dependencies.
-
-The `nix-shell` utility makes it easy to switch to a different compiler
-version; just enter the Nix shell environment with the command
-
-    $ nix-shell -p haskell.compiler.ghc784
-
-to bring GHC 7.8.4 into `$PATH`. Alternatively, you can use Stack instead of
-`nix-shell` directly to select compiler versions and other build tools
-per-project. It uses `nix-shell` under the hood when Nix support is turned on.
-See [How to build a Haskell project using Stack].
-
-If you're using `cabal-install`, re-running `cabal configure` inside the spawned
-shell switches your build to use that compiler instead. If you're working on
-a project that doesn't depend on any additional system libraries outside of GHC,
-then it's even sufficient to just run the `cabal configure` command inside of
-the shell:
-
-    $ nix-shell -p haskell.compiler.ghc784 --command "cabal configure"
-
-Afterwards, all other commands like `cabal build` work just fine in any shell
-environment, because the configure phase recorded the absolute paths to all
-required tools like GHC in its build configuration inside of the `dist/`
-directory. Please note, however, that `nix-collect-garbage` can break such an
-environment because the Nix store paths created by `nix-shell` aren't "alive"
-anymore once `nix-shell` has terminated. If you find that your Haskell builds
-no longer work after garbage collection, then you'll have to re-run `cabal
-configure` inside of a new `nix-shell` environment.
-
-### How to install a compiler with libraries
-
-GHC expects to find all installed libraries inside of its own `lib` directory.
-This approach works fine on traditional Unix systems, but it doesn't work for
-Nix, because GHC's store path is immutable once it's built. We cannot install
-additional libraries into that location. As a consequence, our copies of GHC
-don't know any packages except their own core libraries, like `base`,
-`containers`, `Cabal`, etc.
-
-We can register additional libraries to GHC, however, using a special build
-function called `ghcWithPackages`. That function expects one argument: a
-function that maps from an attribute set of Haskell packages to a list of
-packages, which determines the libraries known to that particular version of
-GHC. For example, the Nix expression `ghcWithPackages (pkgs: [pkgs.mtl])`
-generates a copy of GHC that has the `mtl` library registered in addition to
-its normal core packages:
-
-    $ nix-shell -p "haskellPackages.ghcWithPackages (pkgs: [pkgs.mtl])"
-
-    [nix-shell:~]$ ghc-pkg list mtl
-    /nix/store/zy79...-ghc-7.10.2/lib/ghc-7.10.2/package.conf.d:
-        mtl-2.2.1
-
-This function allows users to define their own development environment by means
-of an override. After adding the following snippet to `~/.config/nixpkgs/config.nix`,
-
-    {
-      packageOverrides = super: let self = super.pkgs; in
-      {
-        myHaskellEnv = self.haskell.packages.ghc7102.ghcWithPackages
-                         (haskellPackages: with haskellPackages; [
-                           # libraries
-                           arrows async cgi criterion
-                           # tools
-                           cabal-install haskintex
-                         ]);
-      };
-    }
-
-it's possible to install that compiler with `nix-env -f "<nixpkgs>" -iA
-myHaskellEnv`. If you'd like to switch that development environment to a
-different version of GHC, just replace the `ghc7102` bit in the previous
-definition with the appropriate name. Of course, it's also possible to define
-any number of these development environments! (You can't install two of them
-into the same profile at the same time, though, because that would result in
-file conflicts.)
-
-The generated `ghc` program is a wrapper script that re-directs the real
-GHC executable to use a new `lib` directory --- one that we specifically
-constructed to contain all those packages the user requested:
-
-    $ cat $(type -p ghc)
-    #! /nix/store/xlxj...-bash-4.3-p33/bin/bash -e
-    export NIX_GHC=/nix/store/19sm...-ghc-7.10.2/bin/ghc
-    export NIX_GHCPKG=/nix/store/19sm...-ghc-7.10.2/bin/ghc-pkg
-    export NIX_GHC_DOCDIR=/nix/store/19sm...-ghc-7.10.2/share/doc/ghc/html
-    export NIX_GHC_LIBDIR=/nix/store/19sm...-ghc-7.10.2/lib/ghc-7.10.2
-    exec /nix/store/j50p...-ghc-7.10.2/bin/ghc "-B$NIX_GHC_LIBDIR" "$@"
-
-The variables `$NIX_GHC`, `$NIX_GHCPKG`, etc. point to the *new* store path
-`ghcWithPackages` constructed specifically for this environment. The last line
-of the wrapper script then executes the real `ghc`, but passes the path to the
-new `lib` directory using GHC's `-B` flag.
-
-The purpose of those environment variables is to work around an impurity in the
-popular [ghc-paths](http://hackage.haskell.org/package/ghc-paths) library. That
-library promises to give its users access to GHC's installation paths. Only,
-the library can't possible know that path when it's compiled, because the path
-GHC considers its own is determined only much later, when the user configures
-it through `ghcWithPackages`. So we [patched
-ghc-paths](https://github.com/NixOS/nixpkgs/blob/master/pkgs/development/haskell-modules/patches/ghc-paths-nix.patch)
-to return the paths found in those environment variables at run-time rather
-than trying to guess them at compile-time.
-
-To make sure that mechanism works properly all the time, we recommend that you
-set those variables to meaningful values in your shell environment, too, i.e.
-by adding the following code to your `~/.bashrc`:
-
-    if type >/dev/null 2>&1 -p ghc; then
-      eval "$(egrep ^export "$(type -p ghc)")"
-    fi
-
-If you are certain that you'll use only one GHC environment which is located in
-your user profile, then you can use the following code, too, which has the
-advantage that it doesn't contain any paths from the Nix store, i.e. those
-settings always remain valid even if a `nix-env -u` operation updates the GHC
-environment in your profile:
-
-    if [ -e ~/.nix-profile/bin/ghc ]; then
-      export NIX_GHC="$HOME/.nix-profile/bin/ghc"
-      export NIX_GHCPKG="$HOME/.nix-profile/bin/ghc-pkg"
-      export NIX_GHC_DOCDIR="$HOME/.nix-profile/share/doc/ghc/html"
-      export NIX_GHC_LIBDIR="$HOME/.nix-profile/lib/ghc-$($NIX_GHC --numeric-version)"
-    fi
-
-### How to install a compiler with libraries, hoogle and documentation indexes
-
-If you plan to use your environment for interactive programming, not just
-compiling random Haskell code, you might want to replace `ghcWithPackages` in
-all the listings above with `ghcWithHoogle`.
-
-This environment generator not only produces an environment with GHC and all
-the specified libraries, but also generates a `hoogle` and `haddock` indexes
-for all the packages, and provides a wrapper script around `hoogle` binary that
-uses all those things. A precise name for this thing would be
-"`ghcWithPackagesAndHoogleAndDocumentationIndexes`", which is, regrettably, too
-long and scary.
-
-For example, installing the following environment
-
-    {
-      packageOverrides = super: let self = super.pkgs; in
-      {
-        myHaskellEnv = self.haskellPackages.ghcWithHoogle
-                         (haskellPackages: with haskellPackages; [
-                           # libraries
-                           arrows async cgi criterion
-                           # tools
-                           cabal-install haskintex
-                         ]);
-      };
-    }
-
-allows one to browse module documentation index [not too dissimilar to
-this](https://downloads.haskell.org/~ghc/latest/docs/html/libraries/index.html)
-for all the specified packages and their dependencies by directing a browser of
-choice to `~/.nix-profiles/share/doc/hoogle/index.html` (or
-`/run/current-system/sw/share/doc/hoogle/index.html` in case you put it in
-`environment.systemPackages` in NixOS).
-
-After you've marveled enough at that try adding the following to your
-`~/.ghc/ghci.conf`
-
-    :def hoogle \s -> return $ ":! hoogle search -cl --count=15 \"" ++ s ++ "\""
-    :def doc \s -> return $ ":! hoogle search -cl --info \"" ++ s ++ "\""
-
-and test it by typing into `ghci`:
-
-    :hoogle a -> a
-    :doc a -> a
-
-Be sure to note the links to `haddock` files in the output. With any modern and
-properly configured terminal emulator you can just click those links to
-navigate there.
-
-Finally, you can run
-
-    hoogle server -p 8080
-
-and navigate to http://localhost:8080/ for your own local
-[Hoogle](https://www.haskell.org/hoogle/). Note, however, that Firefox and
-possibly other browsers disallow navigation from `http:` to `file:` URIs for
-security reasons, which might be quite an inconvenience. See [this
-page](http://kb.mozillazine.org/Links_to_local_pages_do_not_work) for
-workarounds.
-
-### How to build a Haskell project using Stack
-
-[Stack](http://haskellstack.org) is a popular build tool for Haskell projects.
-It has first-class support for Nix. Stack can optionally use Nix to
-automatically select the right version of GHC and other build tools to build,
-test and execute apps in an existing project downloaded from somewhere on the
-Internet. Pass the `--nix` flag to any `stack` command to do so, e.g.
-
-    $ git clone --recursive http://github.com/yesodweb/wai
-    $ cd wai
-    $ stack --nix build
-
-If you want `stack` to use Nix by default, you can add a `nix` section to the
-`stack.yaml` file, as explained in the [Stack documentation][stack-nix-doc]. For
-example:
-
-    nix:
-      enable: true
-      packages: [pkgconfig zeromq zlib]
-
-The example configuration snippet above tells Stack to create an ad hoc
-environment for `nix-shell` as in the below section, in which the `pkgconfig`,
-`zeromq` and `zlib` packages from Nixpkgs are available. All `stack` commands
-will implicitly be executed inside this ad hoc environment.
-
-Some projects have more sophisticated needs. For examples, some ad hoc
-environments might need to expose Nixpkgs packages compiled in a certain way, or
-with extra environment variables. In these cases, you'll need a `shell` field
-instead of `packages`:
-
-    nix:
-      enable: true
-      shell-file: shell.nix
-
-For more on how to write a `shell.nix` file see the below section. You'll need
-to express a derivation. Note that Nixpkgs ships with a convenience wrapper
-function around `mkDerivation` called `haskell.lib.buildStackProject` to help you
-create this derivation in exactly the way Stack expects. All of the same inputs
-as `mkDerivation` can be provided. For example, to build a Stack project that
-including packages that link against a version of the R library compiled with
-special options turned on:
-
-    with (import <nixpkgs> { });
-
-    let R = pkgs.R.override { enableStrictBarrier = true; };
-    in
-	haskell.lib.buildStackProject {
-      name = "HaskellR";
-	  buildInputs = [ R zeromq zlib ];
-    }
-
-You can select a particular GHC version to compile with by setting the
-`ghc` attribute as an argument to `buildStackProject`. Better yet, let
-Stack choose what GHC version it wants based on the snapshot specified
-in `stack.yaml` (only works with Stack >= 1.1.3):
-
-    {nixpkgs ? import <nixpkgs> { }, ghc ? nixpkgs.ghc}:
-
-    with nixpkgs;
-
-    let R = pkgs.R.override { enableStrictBarrier = true; };
-    in
-    haskell.lib.buildStackProject {
-      name = "HaskellR";
-      buildInputs = [ R zeromq zlib ];
-      inherit ghc;
-    }
-
-[stack-nix-doc]: http://docs.haskellstack.org/en/stable/nix_integration.html
-
-### How to create ad hoc environments for `nix-shell`
-
-The easiest way to create an ad hoc development environment is to run
-`nix-shell` with the appropriate GHC environment given on the command-line:
-
-    nix-shell -p "haskellPackages.ghcWithPackages (pkgs: with pkgs; [mtl pandoc])"
-
-For more sophisticated use-cases, however, it's more convenient to save the
-desired configuration in a file called `shell.nix` that looks like this:
-
-    { nixpkgs ? import <nixpkgs> {}, compiler ? "ghc7102" }:
-    let
-      inherit (nixpkgs) pkgs;
-      ghc = pkgs.haskell.packages.${compiler}.ghcWithPackages (ps: with ps; [
-              monad-par mtl
-            ]);
-    in
-    pkgs.stdenv.mkDerivation {
-      name = "my-haskell-env-0";
-      buildInputs = [ ghc ];
-      shellHook = "eval $(egrep ^export ${ghc}/bin/ghc)";
-    }
-
-Now run `nix-shell` --- or even `nix-shell --pure` --- to enter a shell
-environment that has the appropriate compiler in `$PATH`. If you use `--pure`,
-then add all other packages that your development environment needs into the
-`buildInputs` attribute. If you'd like to switch to a different compiler
-version, then pass an appropriate `compiler` argument to the expression, i.e.
-`nix-shell --argstr compiler ghc784`.
-
-If you need such an environment because you'd like to compile a Hackage package
-outside of Nix --- i.e. because you're hacking on the latest version from Git
---, then the package set provides suitable nix-shell environments for you
-already! Every Haskell package has an `env` attribute that provides a shell
-environment suitable for compiling that particular package. If you'd like to
-hack the `lens` library, for example, then you just have to check out the
-source code and enter the appropriate environment:
-
-      $ cabal get lens-4.11 && cd lens-4.11
-      Downloading lens-4.11...
-      Unpacking to lens-4.11/
-
-      $ nix-shell "<nixpkgs>" -A haskellPackages.lens.env
-      [nix-shell:/tmp/lens-4.11]$
-
-At point, you can run `cabal configure`, `cabal build`, and all the other
-development commands. Note that you need `cabal-install` installed in your
-`$PATH` already to use it here --- the `nix-shell` environment does not provide
-it.
-
-## How to create Nix builds for your own private Haskell packages
-
-If your own Haskell packages have build instructions for Cabal, then you can
-convert those automatically into build instructions for Nix using the
-`cabal2nix` utility, which you can install into your profile by running
-`nix-env -i cabal2nix`.
-
-### How to build a stand-alone project
-
-For example, let's assume that you're working on a private project called
-`foo`. To generate a Nix build expression for it, change into the project's
-top-level directory and run the command:
-
-    $ cabal2nix . >foo.nix
-
-Then write the following snippet into a file called `default.nix`:
-
-    { nixpkgs ? import <nixpkgs> {}, compiler ? "ghc7102" }:
-    nixpkgs.pkgs.haskell.packages.${compiler}.callPackage ./foo.nix { }
-
-Finally, store the following code in a file called `shell.nix`:
-
-    { nixpkgs ? import <nixpkgs> {}, compiler ? "ghc7102" }:
-    (import ./default.nix { inherit nixpkgs compiler; }).env
-
-At this point, you can run `nix-build` to have Nix compile your project and
-install it into a Nix store path. The local directory will contain a symlink
-called `result` after `nix-build` returns that points into that location. Of
-course, passing the flag `--argstr compiler ghc763` allows switching the build
-to any version of GHC currently supported.
-
-Furthermore, you can call `nix-shell` to enter an interactive development
-environment in which you can use `cabal configure` and `cabal build` to develop
-your code. That environment will automatically contain a proper GHC derivation
-with all the required libraries registered as well as all the system-level
-libraries your package might need.
-
-If your package does not depend on any system-level libraries, then it's
-sufficient to run
-
-    $ nix-shell --command "cabal configure"
-
-once to set up your build. `cabal-install` determines the absolute paths to all
-resources required for the build and writes them into a config file in the
-`dist/` directory. Once that's done, you can run `cabal build` and any other
-command for that project even outside of the `nix-shell` environment. This
-feature is particularly nice for those of us who like to edit their code with
-an IDE, like Emacs' `haskell-mode`, because it's not necessary to start Emacs
-inside of nix-shell just to make it find out the necessary settings for
-building the project; `cabal-install` has already done that for us.
-
-If you want to do some quick-and-dirty hacking and don't want to bother setting
-up a `default.nix` and `shell.nix` file manually, then you can use the
-`--shell` flag offered by `cabal2nix` to have it generate a stand-alone
-`nix-shell` environment for you. With that feature, running
-
-    $ cabal2nix --shell . >shell.nix
-    $ nix-shell --command "cabal configure"
-
-is usually enough to set up a build environment for any given Haskell package.
-You can even use that generated file to run `nix-build`, too:
-
-    $ nix-build shell.nix
-
-### How to build projects that depend on each other
-
-If you have multiple private Haskell packages that depend on each other, then
-you'll have to register those packages in the Nixpkgs set to make them visible
-for the dependency resolution performed by `callPackage`. First of all, change
-into each of your projects top-level directories and generate a `default.nix`
-file with `cabal2nix`:
-
-    $ cd ~/src/foo && cabal2nix . >default.nix
-    $ cd ~/src/bar && cabal2nix . >default.nix
-
-Then edit your `~/.config/nixpkgs/config.nix` file to register those builds in the
-default Haskell package set:
-
-      {
-        packageOverrides = super: let self = super.pkgs; in
-        {
-          haskellPackages = super.haskellPackages.override {
-            overrides = self: super: {
-              foo = self.callPackage ../src/foo {};
-              bar = self.callPackage ../src/bar {};
-            };
-          };
-        };
-      }
-
-Once that's accomplished, `nix-env -f "<nixpkgs>" -qA haskellPackages` will
-show your packages like any other package from Hackage, and you can build them
-
-    $ nix-build "<nixpkgs>" -A haskellPackages.foo
-
-or enter an interactive shell environment suitable for building them:
-
-    $ nix-shell "<nixpkgs>" -A haskellPackages.bar.env
-
-## Miscellaneous Topics
-
-### How to build with profiling enabled
-
-Every Haskell package set takes a function called `overrides` that you can use
-to manipulate the package as much as you please. One useful application of this
-feature is to replace the default `mkDerivation` function with one that enables
-library profiling for all packages. To accomplish that, add configure the
-following snippet in your `~/.config/nixpkgs/config.nix` file:
-
-    {
-      packageOverrides = super: let self = super.pkgs; in
-      {
-        profiledHaskellPackages = self.haskellPackages.override {
-          overrides = self: super: {
-            mkDerivation = args: super.mkDerivation (args // {
-              enableLibraryProfiling = true;
-            });
-          };
-        };
-      };
-    }
-
-Then, replace instances of `haskellPackages` in the `cabal2nix`-generated
-`default.nix` or `shell.nix` files with `profiledHaskellPackages`.
-
-### How to override package versions in a compiler-specific package set
-
-Nixpkgs provides the latest version of
-[`ghc-events`](http://hackage.haskell.org/package/ghc-events), which is 0.4.4.0
-at the time of this writing. This is fine for users of GHC 7.10.x, but GHC
-7.8.4 cannot compile that binary. Now, one way to solve that problem is to
-register an older version of `ghc-events` in the 7.8.x-specific package set.
-The first step is to generate Nix build instructions with `cabal2nix`:
-
-    $ cabal2nix cabal://ghc-events-0.4.3.0 >~/.nixpkgs/ghc-events-0.4.3.0.nix
-
-Then add the override in `~/.config/nixpkgs/config.nix`:
-
-    {
-      packageOverrides = super: let self = super.pkgs; in
-      {
-        haskell = super.haskell // {
-          packages = super.haskell.packages // {
-            ghc784 = super.haskell.packages.ghc784.override {
-              overrides = self: super: {
-                ghc-events = self.callPackage ./ghc-events-0.4.3.0.nix {};
-              };
-            };
-          };
-        };
-      };
-    }
-
-This code is a little crazy, no doubt, but it's necessary because the intuitive
-version
-
-    haskell.packages.ghc784 = super.haskell.packages.ghc784.override {
-      overrides = self: super: {
-        ghc-events = self.callPackage ./ghc-events-0.4.3.0.nix {};
-      };
-    };
-
-doesn't do what we want it to: that code replaces the `haskell` package set in
-Nixpkgs with one that contains only one entry,`packages`, which contains only
-one entry `ghc784`. This override loses the `haskell.compiler` set, and it
-loses the `haskell.packages.ghcXYZ` sets for all compilers but GHC 7.8.4. To
-avoid that problem, we have to perform the convoluted little dance from above,
-iterating over each step in hierarchy.
-
-Once it's accomplished, however, we can install a variant of `ghc-events`
-that's compiled with GHC 7.8.4:
-
-    nix-env -f "<nixpkgs>" -iA haskell.packages.ghc784.ghc-events
-
-Unfortunately, it turns out that this build fails again while executing the
-test suite! Apparently, the release archive on Hackage is missing some data
-files that the test suite requires, so we cannot run it. We accomplish that by
-re-generating the Nix expression with the `--no-check` flag:
-
-    $ cabal2nix --no-check cabal://ghc-events-0.4.3.0 >~/.nixpkgs/ghc-events-0.4.3.0.nix
-
-Now the builds succeeds.
-
-Of course, in the concrete example of `ghc-events` this whole exercise is not
-an ideal solution, because `ghc-events` can analyze the output emitted by any
-version of GHC later than 6.12 regardless of the compiler version that was used
-to build the `ghc-events` executable, so strictly speaking there's no reason to
-prefer one built with GHC 7.8.x in the first place. However, for users who
-cannot use GHC 7.10.x at all for some reason, the approach of downgrading to an
-older version might be useful.
-
-### How to recover from GHC's infamous non-deterministic library ID bug
-
-GHC and distributed build farms don't get along well:
-
-    https://ghc.haskell.org/trac/ghc/ticket/4012
-
-When you see an error like this one
-
-    package foo-0.7.1.0 is broken due to missing package
-    text-1.2.0.4-98506efb1b9ada233bb5c2b2db516d91
-
-then you have to download and re-install `foo` and all its dependents from
-scratch:
-
-    # nix-store -q --referrers /nix/store/*-haskell-text-1.2.0.4 \
-      | xargs -L 1 nix-store --repair-path
-
-If you're using additional Hydra servers other than `hydra.nixos.org`, then it
-might be necessary to purge the local caches that store data from those
-machines to disable these binary channels for the duration of the previous
-command, i.e. by running:
-
-    rm /nix/var/nix/binary-cache-v3.sqlite
-    rm /nix/var/nix/manifests/*
-    rm /nix/var/nix/channel-cache/*
-
-### How to use the Haste Haskell-to-Javascript transpiler
-
-Open a shell with `haste-compiler` and `haste-cabal-install` (you don't actually need
-`node`, but it can be useful to test stuff):
-
-    $ nix-shell -p "haskellPackages.ghcWithPackages (self: with self; [haste-cabal-install haste-compiler])" -p nodejs
-
-You may not need the following step but if `haste-boot` fails to compile all the
-packages it needs, this might do the trick
-
-    $ haste-cabal update
-
-`haste-boot` builds a set of core libraries so that they can be used from Javascript
-transpiled programs:
-
-    $ haste-boot
-
-Transpile and run a "Hello world" program:
-
-    $ echo 'module Main where main = putStrLn "Hello world"' > hello-world.hs
-    $ hastec --onexec hello-world.hs
-    $ node hello-world.js
-    Hello world
-
-### Builds on Darwin fail with `math.h` not found
-
-Users of GHC on Darwin have occasionally reported that builds fail, because the
-compiler complains about a missing include file:
-
-    fatal error: 'math.h' file not found
-
-The issue has been discussed at length in [ticket
-6390](https://github.com/NixOS/nixpkgs/issues/6390), and so far no good
-solution has been proposed. As a work-around, users who run into this problem
-can configure the environment variables
-
-    export NIX_CFLAGS_COMPILE="-idirafter /usr/include"
-    export NIX_CFLAGS_LINK="-L/usr/lib"
-
-in their `~/.bashrc` file to avoid the compiler error.
-
-### Builds using Stack complain about missing system libraries
-
-    --  While building package zlib-0.5.4.2 using:
-      runhaskell -package=Cabal-1.22.4.0 -clear-package-db [... lots of flags ...]
-    Process exited with code: ExitFailure 1
-    Logs have been written to: /home/foo/src/stack-ide/.stack-work/logs/zlib-0.5.4.2.log
-
-    Configuring zlib-0.5.4.2...
-    Setup.hs: Missing dependency on a foreign library:
-    * Missing (or bad) header file: zlib.h
-    This problem can usually be solved by installing the system package that
-    provides this library (you may need the "-dev" version). If the library is
-    already installed but in a non-standard location then you can use the flags
-    --extra-include-dirs= and --extra-lib-dirs= to specify where it is.
-    If the header file does exist, it may contain errors that are caught by the C
-    compiler at the preprocessing stage. In this case you can re-run configure
-    with the verbosity flag -v3 to see the error messages.
-
-When you run the build inside of the nix-shell environment, the system
-is configured to find libz.so without any special flags -- the compiler
-and linker "just know" how to find it. Consequently, Cabal won't record
-any search paths for libz.so in the package description, which means
-that the package works fine inside of nix-shell, but once you leave the
-shell the shared object can no longer be found. That issue is by no
-means specific to Stack: you'll have that problem with any other
-Haskell package that's built inside of nix-shell but run outside of that
-environment.
-
-You can remedy this issue in several ways. The easiest is to add a `nix` section
-to the `stack.yaml` like the following:
-
-    nix:
-      enable: true
-	  packages: [ zlib ]
-
-Stack's Nix support knows to add `${zlib.out}/lib` and `${zlib.dev}/include` as an
-`--extra-lib-dirs` and `extra-include-dirs`, respectively. Alternatively, you
-can achieve the same effect by hand. First of all, run
-
-    $ nix-build --no-out-link "<nixpkgs>" -A zlib
-    /nix/store/alsvwzkiw4b7ip38l4nlfjijdvg3fvzn-zlib-1.2.8
-
-to find out the store path of the system's zlib library. Now, you can
-
-1) add that path (plus a "/lib" suffix) to your $LD_LIBRARY_PATH
-   environment variable to make sure your system linker finds libz.so
-   automatically. It's no pretty solution, but it will work.
-
-2) As a variant of (1), you can also install any number of system
-   libraries into your user's profile (or some other profile) and point
-   $LD_LIBRARY_PATH to that profile instead, so that you don't have to
-   list dozens of those store paths all over the place.
-
-3) The solution I prefer is to call stack with an appropriate
-   --extra-lib-dirs flag like so:
-
-    $ stack --extra-lib-dirs=/nix/store/alsvwzkiw4b7ip38l4nlfjijdvg3fvzn-zlib-1.2.8/lib build
-
-   Typically, you'll need --extra-include-dirs as well. It's possible
-   to add those flag to the project's "stack.yaml" or your user's
-   global "~/.stack/global/stack.yaml" file so that you don't have to
-   specify them manually every time. But again, you're likely better off using
-   Stack's Nix support instead.
-
-   The same thing applies to `cabal configure`, of course, if you're
-   building with `cabal-install` instead of Stack.
-
-### Creating statically linked binaries
-
-There are two levels of static linking. The first option is to configure the
-build with the Cabal flag `--disable-executable-dynamic`. In Nix expressions,
-this can be achieved by setting the attribute:
-
-    enableSharedExecutables = false;
-
-That gives you a binary with statically linked Haskell libraries and
-dynamically linked system libraries.
-
-To link both Haskell libraries and system libraries statically, the additional
-flags `--ghc-option=-optl=-static --ghc-option=-optl=-pthread` need to be used.
-In Nix, this is accomplished with:
-
-    configureFlags = [ "--ghc-option=-optl=-static" "--ghc-option=-optl=-pthread" ];
-
-It's important to realize, however, that most system libraries in Nix are built
-as shared libraries only, i.e. there is just no static library available that
-Cabal could link!
-
-### Building GHC with integer-simple
-
-By default GHC implements the Integer type using the
-[GNU Multiple Precision Arithmetic (GMP) library](https://gmplib.org/).
-The implementation can be found in the
-[integer-gmp](http://hackage.haskell.org/package/integer-gmp) package.
-
-A potential problem with this is that GMP is licensed under the
-[GNU Lesser General Public License (LGPL)](http://www.gnu.org/copyleft/lesser.html),
-a kind of "copyleft" license. According to the terms of the LGPL, paragraph 5,
-you may distribute a program that is designed to be compiled and dynamically
-linked with the library under the terms of your choice (i.e., commercially) but
-if your program incorporates portions of the library, if it is linked
-statically, then your program is a "derivative"--a "work based on the
-library"--and according to paragraph 2, section c, you "must cause the whole of
-the work to be licensed" under the terms of the LGPL (including for free).
-
-The LGPL licensing for GMP is a problem for the overall licensing of binary
-programs compiled with GHC because most distributions (and builds) of GHC use
-static libraries. (Dynamic libraries are currently distributed only for OS X.)
-The LGPL licensing situation may be worse: even though
-[The Glasgow Haskell Compiler License](https://www.haskell.org/ghc/license)
-is essentially a "free software" license (BSD3), according to
-paragraph 2 of the LGPL, GHC must be distributed under the terms of the LGPL!
-
-To work around these problems GHC can be build with a slower but LGPL-free
-alternative implemention for Integer called
-[integer-simple](http://hackage.haskell.org/package/integer-simple).
-
-To get a GHC compiler build with `integer-simple` instead of `integer-gmp` use
-the attribute: `pkgs.haskell.compiler.integer-simple."${ghcVersion}"`.
-For example:
-
-    $ nix-build -E '(import <nixpkgs> {}).pkgs.haskell.compiler.integer-simple.ghc802'
-    ...
-    $ result/bin/ghc-pkg list | grep integer
-        integer-simple-0.1.1.1
-
-The following command displays the complete list of GHC compilers build with `integer-simple`:
-
-    $ nix-env -f "<nixpkgs>" -qaP -A haskell.compiler.integer-simple
-    haskell.compiler.integer-simple.ghc7102  ghc-7.10.2
-    haskell.compiler.integer-simple.ghc7103  ghc-7.10.3
-    haskell.compiler.integer-simple.ghc722   ghc-7.2.2
-    haskell.compiler.integer-simple.ghc742   ghc-7.4.2
-    haskell.compiler.integer-simple.ghc763   ghc-7.6.3
-    haskell.compiler.integer-simple.ghc783   ghc-7.8.3
-    haskell.compiler.integer-simple.ghc784   ghc-7.8.4
-    haskell.compiler.integer-simple.ghc801   ghc-8.0.1
-    haskell.compiler.integer-simple.ghc802   ghc-8.0.2
-    haskell.compiler.integer-simple.ghcHEAD  ghc-8.1.20170106
-
-To get a package set supporting `integer-simple` use the attribute:
-`pkgs.haskell.packages.integer-simple."${ghcVersion}"`. For example
-use the following to get the `scientific` package build with `integer-simple`:
-
-    $ nix-build -A pkgs.haskell.packages.integer-simple.ghc802.scientific
-
-
-## Other resources
-
- The Youtube video [Nix Loves Haskell](https://www.youtube.com/watch?v=BsBhi_r-OeE)
-  provides an introduction into Haskell NG aimed at beginners. The slides are
-  available at http://cryp.to/nixos-meetup-3-slides.pdf and also -- in a form
-  ready for cut & paste -- at
-  https://github.com/NixOS/cabal2nix/blob/master/doc/nixos-meetup-3-slides.md.
-
- Another Youtube video is [Escaping Cabal Hell with Nix](https://www.youtube.com/watch?v=mQd3s57n_2Y),
-  which discusses the subject of Haskell development with Nix but also provides
-  a basic introduction to Nix as well, i.e. it's suitable for viewers with
-  almost no prior Nix experience.
-
- Oliver Charles wrote a very nice [Tutorial how to develop Haskell packages with Nix](http://wiki.ocharles.org.uk/Nix).
-
- The *Journey into the Haskell NG infrastructure* series of postings
-  describe the new Haskell infrastructure in great detail:
-
-    - [Part 1](http://lists.science.uu.nl/pipermail/nix-dev/2015-January/015591.html)
-      explains the differences between the old and the new code and gives
-      instructions how to migrate to the new setup.
-
-    - [Part 2](http://lists.science.uu.nl/pipermail/nix-dev/2015-January/015608.html)
-      looks in-depth at how to tweak and configure your setup by means of
-      overrides.
-
-    - [Part 3](http://lists.science.uu.nl/pipermail/nix-dev/2015-April/016912.html)
-      describes the infrastructure that keeps the Haskell package set in Nixpkgs
-      up-to-date.
--- a/doc/languages-frameworks/index.xml
+++ b/doc/languages-frameworks/index.xml
@@ -13,23 +13,33 @@ in Nixpkgs to easily build packages for other programming languages,
 such as Perl or Haskell.  These are described in this chapter.</para>


-<xi:include href="beam.xml" />
-<xi:include href="bower.xml" />
-<xi:include href="coq.xml" />
-<xi:include href="go.xml" />
-<xi:include href="haskell.xml" />
-<xi:include href="idris.xml" /> <!-- generated from ../../pkgs/development/idris-modules/README.md  -->
-<xi:include href="java.xml" />
-<xi:include href="lua.xml" />
-<xi:include href="node.xml" /> <!-- generated from ../../pkgs/development/node-packages/README.md  -->
 <xi:include href="perl.xml" />
 <xi:include href="python.xml" />
-<xi:include href="qt.xml" />
-<xi:include href="r.xml" /> <!-- generated from ../../pkgs/development/r-modules/README.md  -->
 <xi:include href="ruby.xml" />
-<xi:include href="rust.xml" />
+<xi:include href="go.xml" />
+<xi:include href="java.xml" />
+<xi:include href="lua.xml" />
+<xi:include href="coq.xml" />
+<xi:include href="idris.xml" /> <!-- generated from ../../pkgs/development/idris-modules/README.md  -->
+<xi:include href="r.xml" /> <!-- generated from ../../pkgs/development/r-modules/README.md  -->
+<xi:include href="qt.xml" />
 <xi:include href="texlive.xml" />
-<xi:include href="vim.xml" />
+
+
+<!--
+<section><title>Haskell</title>
+
+<para>TODO</para>
+
+</section>
+
+
+<section><title>TeX / LaTeX</title>
+
+<para>* Special support for building TeX documents</para>
+
+</section>
+-->


 </chapter>
--- a/doc/languages-frameworks/perl.xml
+++ b/doc/languages-frameworks/perl.xml
@@ -157,16 +157,16 @@ expression on standard output.  For example:

 <screen>
 $ nix-generate-from-cpan XML::Simple
-  XMLSimple = buildPerlPackage rec {
-    name = "XML-Simple-2.22";
+  XMLSimple = buildPerlPackage {
+    name = "XML-Simple-2.20";
    src = fetchurl {
-      url = "mirror://cpan/authors/id/G/GR/GRANTM/${name}.tar.gz";
-      sha256 = "b9450ef22ea9644ae5d6ada086dc4300fa105be050a2030ebd4efd28c198eb49";
+      url = mirror://cpan/authors/id/G/GR/GRANTM/XML-Simple-2.20.tar.gz;
+      sha256 = "5cff13d0802792da1eb45895ce1be461903d98ec97c9c953bc8406af7294434a";
    };
    propagatedBuildInputs = [ XMLNamespaceSupport XMLSAX XMLSAXExpat ];
    meta = {
-      description = "An API for simple XML files";
-      license = with stdenv.lib.licenses; [ artistic1 gpl1Plus ];
+      description = "Easily read/write XML (esp config files)";
+      license = "perl";
    };
  };
 </screen>
--- a/doc/languages-frameworks/python.md
+++ b/doc/languages-frameworks/python.md
@@ -1,936 +0,0 @@
-# Python
-
-## User Guide
-
-Several versions of Python are available on Nix as well as a high amount of
-packages. The default interpreter is CPython 2.7.
-
-### Using Python
-
-#### Installing Python and packages
-
-It is important to make a distinction between Python packages that are
-used as libraries, and applications that are written in Python.
-
-Applications on Nix are installed typically into your user
-profile imperatively using `nix-env -i`, and on NixOS declaratively by adding the
-package name to `environment.systemPackages` in `/etc/nixos/configuration.nix`.
-Dependencies such as libraries are automatically installed and should not be
-installed explicitly.
-
-The same goes for Python applications and libraries. Python applications can be
-installed in your profile, but Python libraries you would like to use to develop
-cannot. If you do install libraries in your profile, then you will end up with
-import errors.
-
-#### Python environments using `nix-shell`
-
-The recommended method for creating Python environments for development is with
-`nix-shell`. Executing
-
-```sh
-$ nix-shell -p python35Packages.numpy python35Packages.toolz
-```
-
-opens a Nix shell which has available the requested packages and dependencies.
-Now you can launch the Python interpreter (which is itself a dependency)
-
-```sh
-[nix-shell:~] python3
-```
-
-If the packages were not available yet in the Nix store, Nix would download or
-build them automatically. A convenient option with `nix-shell` is the `--run`
-option, with which you can execute a command in the `nix-shell`. Let's say we
-want the above environment and directly run the Python interpreter
-
-```sh
-$ nix-shell -p python35Packages.numpy python35Packages.toolz --run "python3"
-```
-
-This way you can use the `--run` option also to directly run a script
-
-```sh
-$ nix-shell -p python35Packages.numpy python35Packages.toolz --run "python3 myscript.py"
-```
-
-In fact, for this specific use case there is a more convenient method. You can
-add a [shebang](https://en.wikipedia.org/wiki/Shebang_(Unix)) to your script
-specifying which dependencies Nix shell needs. With the following shebang, you
-can use `nix-shell myscript.py` and it will make available all dependencies and
-run the script in the `python3` shell.
-
-```py
-#! /usr/bin/env nix-shell
-#! nix-shell -i python3 -p python3Packages.numpy
-
-import numpy
-
-print(numpy.__version__)
-```
-
-Likely you do not want to type your dependencies each and every time. What you
-can do is write a simple Nix expression which sets up an environment for you,
-requiring you only to type `nix-shell`. Say we want to have Python 3.5, `numpy`
-and `toolz`, like before, in an environment. With a `shell.nix` file
-containing
-```nix
-with import <nixpkgs> {};
-
-(pkgs.python35.withPackages (ps: [ps.numpy ps.toolz])).env
-```
-executing `nix-shell` gives you again a Nix shell from which you can run Python.
-
-What's happening here?
-
-1. We begin with importing the Nix Packages collections. `import <nixpkgs>` import the `<nixpkgs>` function, `{}` calls it and the `with` statement brings all attributes of `nixpkgs` in the local scope. Therefore we can now use `pkgs`.
-2. Then we create a Python 3.5 environment with the `withPackages` function.
-3. The `withPackages` function expects us to provide a function as an argument that takes the set of all python packages and returns a list of packages to include in the environment. Here, we select the packages `numpy` and `toolz` from the package set.
-4. And finally, for in interactive use we return the environment by using the `env` attribute.
-
-### Developing with Python
-
-
-Now that you know how to get a working Python environment on Nix, it is time to go forward and start actually developing with Python.
-We will first have a look at how Python packages are packaged on Nix. Then, we will look how you can use development mode with your code.
-
-#### Python packaging on Nix
-
-On Nix all packages are built by functions. The main function in Nix for building Python packages is [`buildPythonPackage`](https://github.com/NixOS/nixpkgs/blob/master/pkgs/development/interpreters/python/build-python-package.nix).
-Let's see how we would build the `toolz` package. According to [`python-packages.nix`](https://raw.githubusercontent.com/NixOS/nixpkgs/master/pkgs/top-level/python-packages.nix) `toolz` is build using
-
-```nix
-{ # ...
-
-  toolz = buildPythonPackage rec {
-    name = "toolz-${version}";
-    version = "0.7.4";
-
-    src = pkgs.fetchurl {
-      url = "mirror://pypi/t/toolz/toolz-${version}.tar.gz";
-      sha256 = "43c2c9e5e7a16b6c88ba3088a9bfc82f7db8e13378be7c78d6c14a5f8ed05afd";
-    };
-
-    meta = {
-      homepage = "http://github.com/pytoolz/toolz/";
-      description = "List processing tools and functional utilities";
-      license = licenses.bsd3;
-      maintainers = with maintainers; [ fridh ];
-    };
-  };
-}
-```
-
-What happens here? The function `buildPythonPackage` is called and as argument
-it accepts a set. In this case the set is a recursive set ([`rec`](http://nixos.org/nix/manual/#sec-constructs)).
-One of the arguments is the name of the package, which consists of a basename
-(generally following the name on PyPi) and a version. Another argument, `src`
-specifies the source, which in this case is fetched from an url. `fetchurl` not
-only downloads the target file, but also validates its hash. Furthermore, we
-specify some (optional) [meta information](http://nixos.org/nixpkgs/manual/#chap-meta).
-
-The output of the function is a derivation, which is an attribute with the name
-`toolz` of the set `pythonPackages`. Actually, sets are created for all interpreter versions,
-so e.g. `python27Packages`, `python35Packages` and `pypyPackages`.
-
-The above example works when you're directly working on
-`pkgs/top-level/python-packages.nix` in the Nixpkgs repository. Often though,
-you will want to test a Nix expression outside of the Nixpkgs tree. If you
-create a `shell.nix` file with the following contents
-
-```nix
-with import <nixpkgs> {};
-
-pkgs.python35Packages.buildPythonPackage rec {
-  name = "toolz-${version}";
-  version = "0.8.0";
-
-  src = pkgs.fetchurl {
-    url = "mirror://pypi/t/toolz/toolz-${version}.tar.gz";
-    sha256 = "e8451af61face57b7c5d09e71c0d27b8005f001ead56e9fdf470417e5cc6d479";
-  };
-
-  doCheck = false;
-
-  meta = {
-    homepage = "http://github.com/pytoolz/toolz/";
-    description = "List processing tools and functional utilities";
-    license = licenses.bsd3;
-    maintainers = with maintainers; [ fridh ];
-  };
-}
-```
-
-and then execute `nix-shell` will result in an environment in which you can use
-Python 3.5 and the `toolz` package. As you can see we had to explicitly mention
-for which Python version we want to build a package.
-
-The above example considered only a single package. Generally you will want to use multiple packages.
-If we create a `shell.nix` file with the following contents
-
-```nix
-with import <nixpkgs> {};
-
-( let
-    toolz = pkgs.python35Packages.buildPythonPackage rec {
-      name = "toolz-${version}";
-      version = "0.8.0";
-
-      src = pkgs.fetchurl {
-        url = "mirror://pypi/t/toolz/toolz-${version}.tar.gz";
-        sha256 = "e8451af61face57b7c5d09e71c0d27b8005f001ead56e9fdf470417e5cc6d479";
-      };
-
-      doCheck = false;
-
-      meta = {
-        homepage = "http://github.com/pytoolz/toolz/";
-        description = "List processing tools and functional utilities";
-      };
-    };
-
-  in pkgs.python35.withPackages (ps: [ps.numpy toolz])
-).env
-```
-
-and again execute `nix-shell`, then we get a Python 3.5 environment with our
-locally defined package as well as `numpy` which is build according to the
-definition in Nixpkgs. What did we do here? Well, we took the Nix expression
-that we used earlier to build a Python environment, and said that we wanted to
-include our own version of `toolz`. To introduce our own package in the scope of
-`withPackages` we used a
-[`let`](http://nixos.org/nix/manual/#sec-constructs) expression.
-You can see that we used `ps.numpy` to select numpy from the nixpkgs package set (`ps`).
-But we do not take `toolz` from the nixpkgs package set this time.
-Instead, `toolz` will resolve to our local definition that we introduced with `let`.
-
-### Handling dependencies
-
-Our example, `toolz`, doesn't have any dependencies on other Python
-packages or system libraries. According to the manual,  `buildPythonPackage`
-uses the arguments `buildInputs` and `propagatedBuildInputs` to specify dependencies. If something is
-exclusively a build-time dependency, then the dependency should be included as a
-`buildInput`, but if it is (also) a runtime dependency, then it should be added
-to `propagatedBuildInputs`. Test dependencies are considered build-time dependencies.
-
-The following example shows which arguments are given to `buildPythonPackage` in
-order to build [`datashape`](https://github.com/blaze/datashape).
-
-```nix
-{ # ...
-
-  datashape = buildPythonPackage rec {
-    name = "datashape-${version}";
-    version = "0.4.7";
-
-    src = pkgs.fetchurl {
-      url = "mirror://pypi/D/DataShape/${name}.tar.gz";
-      sha256 = "14b2ef766d4c9652ab813182e866f493475e65e558bed0822e38bf07bba1a278";
-    };
-
-    buildInputs = with self; [ pytest ];
-    propagatedBuildInputs = with self; [ numpy multipledispatch dateutil ];
-
-    meta = {
-      homepage = https://github.com/ContinuumIO/datashape;
-      description = "A data description language";
-      license = licenses.bsd2;
-      maintainers = with maintainers; [ fridh ];
-    };
-  };
-}
-```
-
-We can see several runtime dependencies, `numpy`, `multipledispatch`, and
-`dateutil`. Furthermore, we have one `buildInput`, i.e. `pytest`. `pytest` is a
-test runner and is only used during the `checkPhase` and is therefore not added
-to `propagatedBuildInputs`.
-
-In the previous case we had only dependencies on other Python packages to consider.
-Occasionally you have also system libraries to consider. E.g., `lxml` provides
-Python bindings to `libxml2` and `libxslt`. These libraries are only required
-when building the bindings and are therefore added as `buildInputs`.
-
-```nix
-{ # ...
-
-  lxml = buildPythonPackage rec {
-    name = "lxml-3.4.4";
-
-    src = pkgs.fetchurl {
-      url = "mirror://pypi/l/lxml/${name}.tar.gz";
-      sha256 = "16a0fa97hym9ysdk3rmqz32xdjqmy4w34ld3rm3jf5viqjx65lxk";
-    };
-
-    buildInputs = with self; [ pkgs.libxml2 pkgs.libxslt ];
-
-    meta = {
-      description = "Pythonic binding for the libxml2 and libxslt libraries";
-      homepage = http://lxml.de;
-      license = licenses.bsd3;
-      maintainers = with maintainers; [ sjourdois ];
-    };
-  };
-}
-```
-
-In this example `lxml` and Nix are able to work out exactly where the relevant
-files of the dependencies are. This is not always the case.
-
-The example below shows bindings to The Fastest Fourier Transform in the West, commonly known as
-FFTW. On Nix we have separate packages of FFTW for the different types of floats
-(`"single"`, `"double"`, `"long-double"`). The bindings need all three types,
-and therefore we add all three as `buildInputs`. The bindings don't expect to
-find each of them in a different folder, and therefore we have to set `LDFLAGS`
-and `CFLAGS`.
-
-```nix
-{ # ...
-
-  pyfftw = buildPythonPackage rec {
-    name = "pyfftw-${version}";
-    version = "0.9.2";
-
-    src = pkgs.fetchurl {
-      url = "mirror://pypi/p/pyFFTW/pyFFTW-${version}.tar.gz";
-      sha256 = "f6bbb6afa93085409ab24885a1a3cdb8909f095a142f4d49e346f2bd1b789074";
-    };
-
-    buildInputs = [ pkgs.fftw pkgs.fftwFloat pkgs.fftwLongDouble];
-
-    propagatedBuildInputs = with self; [ numpy scipy ];
-
-    # Tests cannot import pyfftw. pyfftw works fine though.
-    doCheck = false;
-
-    preConfigure = ''
-      export LDFLAGS="-L${pkgs.fftw.dev}/lib -L${pkgs.fftwFloat.out}/lib -L${pkgs.fftwLongDouble.out}/lib"
-      export CFLAGS="-I${pkgs.fftw.dev}/include -I${pkgs.fftwFloat.dev}/include -I${pkgs.fftwLongDouble.dev}/include"
-    '';
-
-    meta = {
-      description = "A pythonic wrapper around FFTW, the FFT library, presenting a unified interface for all the supported transforms";
-      homepage = http://hgomersall.github.com/pyFFTW/;
-      license = with licenses; [ bsd2 bsd3 ];
-      maintainer = with maintainers; [ fridh ];
-    };
-  };
-}
-```
-Note also the line `doCheck = false;`, we explicitly disabled running the test-suite.
-
-
-#### Develop local package
-
-As a Python developer you're likely aware of [development mode](http://setuptools.readthedocs.io/en/latest/setuptools.html#development-mode) (`python setup.py develop`);
-instead of installing the package this command creates a special link to the project code.
-That way, you can run updated code without having to reinstall after each and every change you make.
-Development mode is also available. Let's see how you can use it.
-
-In the previous Nix expression the source was fetched from an url. We can also refer to a local source instead using
-`src = ./path/to/source/tree;`
-
-If we create a `shell.nix` file which calls `buildPythonPackage`, and if `src`
-is a local source, and if the local source has a `setup.py`, then development
-mode is activated.
-
-In the following example we create a simple environment that
-has a Python 3.5 version of our package in it, as well as its dependencies and
-other packages we like to have in the environment, all specified with `propagatedBuildInputs`.
-Indeed, we can just add any package we like to have in our environment to `propagatedBuildInputs`.
-
-```nix
-with import <nixpkgs> {};
-with pkgs.python35Packages;
-
-buildPythonPackage rec {
-  name = "mypackage";
-  src = ./path/to/package/source;
-  propagatedBuildInputs = [ pytest numpy pkgs.libsndfile ];
-}
-```
-
-It is important to note that due to how development mode is implemented on Nix it is not possible to have multiple packages simultaneously in development mode.
-
-
-### Organising your packages
-
-So far we discussed how you can use Python on Nix, and how you can develop with
-it. We've looked at how you write expressions to package Python packages, and we
-looked at how you can create environments in which specified packages are
-available.
-
-At some point you'll likely have multiple packages which you would
-like to be able to use in different projects. In order to minimise unnecessary
-duplication we now look at how you can maintain yourself a repository with your
-own packages. The important functions here are `import` and `callPackage`.
-
-### Including a derivation using `callPackage`
-
-Earlier we created a Python environment using `withPackages`, and included the
-`toolz` package via a `let` expression.
-Let's split the package definition from the environment definition.
-
-We first create a function that builds `toolz` in `~/path/to/toolz/release.nix`
-
-```nix
-{ pkgs, buildPythonPackage }:
-
-buildPythonPackage rec {
-  name = "toolz-${version}";
-  version = "0.7.4";
-
-  src = pkgs.fetchurl {
-    url = "mirror://pypi/t/toolz/toolz-${version}.tar.gz";
-    sha256 = "43c2c9e5e7a16b6c88ba3088a9bfc82f7db8e13378be7c78d6c14a5f8ed05afd";
-  };
-
-  meta = {
-    homepage = "http://github.com/pytoolz/toolz/";
-    description = "List processing tools and functional utilities";
-    license = licenses.bsd3;
-    maintainers = with maintainers; [ fridh ];
-  };
-}
-```
-
-It takes two arguments, `pkgs` and `buildPythonPackage`.
-We now call this function using `callPackage` in the definition of our environment
-
-```nix
-with import <nixpkgs> {};
-
-( let
-    toolz = pkgs.callPackage /path/to/toolz/release.nix {
-      pkgs = pkgs;
-      buildPythonPackage = pkgs.python35Packages.buildPythonPackage;
-    };
-  in pkgs.python35.withPackages (ps: [ ps.numpy toolz ])
-).env
-```
-
-Important to remember is that the Python version for which the package is made
-depends on the `python` derivation that is passed to `buildPythonPackage`. Nix
-tries to automatically pass arguments when possible, which is why generally you
-don't explicitly define which `python` derivation should be used. In the above
-example we use `buildPythonPackage` that is part of the set `python35Packages`,
-and in this case the `python35` interpreter is automatically used.
-
-
-
-## Reference
-
-### Interpreters
-
-Versions 2.7, 3.3, 3.4, 3.5 and 3.6 of the CPython interpreter are available as
-respectively `python27`, `python33`, `python34`, `python35` and `python36`. The PyPy interpreter
-is available as `pypy`. The aliases `python2` and `python3` correspond to respectively `python27` and
-`python35`. The default interpreter, `python`, maps to `python2`.
-The Nix expressions for the interpreters can be found in
-`pkgs/development/interpreters/python`.
-
-All packages depending on any Python interpreter get appended
-`out/{python.sitePackages}` to `$PYTHONPATH` if such directory
-exists.
-
-#### Missing `tkinter` module standard library
-
-To reduce closure size the `Tkinter`/`tkinter` is available as a separate package, `pythonPackages.tkinter`.
-
-#### Attributes on interpreters packages
-
-Each interpreter has the following attributes:
-
- `libPrefix`. Name of the folder in `${python}/lib/` for corresponding interpreter.
- `interpreter`. Alias for `${python}/bin/${executable}`.
- `buildEnv`. Function to build python interpreter environments with extra packages bundled together. See section *python.buildEnv function* for usage and documentation.
- `withPackages`. Simpler interface to `buildEnv`. See section *python.withPackages function* for usage and documentation.
- `sitePackages`. Alias for `lib/${libPrefix}/site-packages`.
- `executable`. Name of the interpreter executable, e.g. `python3.4`.
- `pkgs`. Set of Python packages for that specific interpreter. The package set can be modified by overriding the interpreter and passing `packageOverrides`.
-
-### Building packages and applications
-
-Python libraries and applications that use `setuptools` or
-`distutils` are typically build with respectively the `buildPythonPackage` and
-`buildPythonApplication` functions. These two functions also support installing a `wheel`.
-
-All Python packages reside in `pkgs/top-level/python-packages.nix` and all
-applications elsewhere. In case a package is used as both a library and an application,
-then the package should be in `pkgs/top-level/python-packages.nix` since only those packages are made
-available for all interpreter versions. The preferred location for library expressions is in
-`pkgs/development/python-modules`. It is important that these packages are
-called from `pkgs/top-level/python-packages.nix` and not elsewhere, to guarantee
-the right version of the package is built.
-
-Based on the packages defined in `pkgs/top-level/python-packages.nix` an
-attribute set is created for each available Python interpreter. The available
-sets are
-
-* `pkgs.python26Packages`
-* `pkgs.python27Packages`
-* `pkgs.python33Packages`
-* `pkgs.python34Packages`
-* `pkgs.python35Packages`
-* `pkgs.python36Packages`
-* `pkgs.pypyPackages`
-
-and the aliases
-
-* `pkgs.python2Packages` pointing to `pkgs.python27Packages`
-* `pkgs.python3Packages` pointing to `pkgs.python35Packages`
-* `pkgs.pythonPackages` pointing to `pkgs.python2Packages`
-
-#### `buildPythonPackage` function
-
-The `buildPythonPackage` function is implemented in
-`pkgs/development/interpreters/python/build-python-package.nix`
-
-The following is an example:
-```nix
-{ # ...
-
-  twisted = buildPythonPackage {
-    name = "twisted-8.1.0";
-
-    src = pkgs.fetchurl {
-      url = http://tmrc.mit.edu/mirror/twisted/Twisted/8.1/Twisted-8.1.0.tar.bz2;
-      sha256 = "0q25zbr4xzknaghha72mq57kh53qw1bf8csgp63pm9sfi72qhirl";
-    };
-
-    propagatedBuildInputs = [ self.ZopeInterface ];
-
-    meta = {
-      homepage = http://twistedmatrix.com/;
-      description = "Twisted, an event-driven networking engine written in Python";
-      license = stdenv.lib.licenses.mit;
-    };
-  };
-}
-```
-
-The `buildPythonPackage` mainly does four things:
-
-* In the `buildPhase`, it calls `${python.interpreter} setup.py bdist_wheel` to
-  build a wheel binary zipfile.
-* In the `installPhase`, it installs the wheel file using `pip install *.whl`.
-* In the `postFixup` phase, the `wrapPythonPrograms` bash function is called to
-  wrap all programs in the `$out/bin/*` directory to include `$PATH`
-  environment variable and add dependent libraries to script's `sys.path`.
-* In the `installCheck` phase, `${python.interpreter} setup.py test` is ran.
-
-As in Perl, dependencies on other Python packages can be specified in the
-`buildInputs` and `propagatedBuildInputs` attributes.  If something is
-exclusively a build-time dependency, use `buildInputs`; if it’s (also) a runtime
-dependency, use `propagatedBuildInputs`.
-
-By default tests are run because `doCheck = true`. Test dependencies, like
-e.g. the test runner, should be added to `buildInputs`.
-
-By default `meta.platforms` is set to the same value
-as the interpreter unless overriden otherwise.
-
-##### `buildPythonPackage` parameters
-
-All parameters from `mkDerivation` function are still supported.
-
-* `namePrefix`: Prepended text to `${name}` parameter. Defaults to `"python3.3-"` for Python 3.3, etc. Set it to `""` if you're packaging an application or a command line tool.
-* `disabled`: If `true`, package is not build for particular python interpreter version. Grep around `pkgs/top-level/python-packages.nix` for examples.
-* `setupPyBuildFlags`: List of flags passed to `setup.py build_ext` command.
-* `pythonPath`: List of packages to be added into `$PYTHONPATH`. Packages in `pythonPath` are not propagated (contrary to `propagatedBuildInputs`).
-* `preShellHook`: Hook to execute commands before `shellHook`.
-* `postShellHook`: Hook to execute commands after `shellHook`.
-* `makeWrapperArgs`: A list of strings. Arguments to be passed to `makeWrapper`, which wraps generated binaries. By default, the arguments to `makeWrapper` set `PATH` and `PYTHONPATH` environment variables before calling the binary. Additional arguments here can allow a developer to set environment variables which will be available when the binary is run. For example, `makeWrapperArgs = ["--set FOO BAR" "--set BAZ QUX"]`.
-* `installFlags`: A list of strings. Arguments to be passed to `pip install`. To pass options to `python setup.py install`, use `--install-option`. E.g., `installFlags=["--install-option='--cpp_implementation'"].
-* `format`: Format of the source. Valid options are `setuptools` (default), `flit`, `wheel`, and `other`. `setuptools` is for when the source has a `setup.py` and `setuptools` is used to build a wheel, `flit`, in case `flit` should be used to build a wheel, and `wheel` in case a wheel is provided. In case you need to provide your own `buildPhase` and `installPhase` you can use `other`.
-* `catchConflicts` If `true`, abort package build if a package name appears more than once in dependency tree. Default is `true`.
-* `checkInputs` Dependencies needed for running the `checkPhase`. These are added to `buildInputs` when `doCheck = true`.
-
-#### `buildPythonApplication` function
-
-The `buildPythonApplication` function is practically the same as `buildPythonPackage`.
-The difference is that `buildPythonPackage` by default prefixes the names of the packages with the version of the interpreter.
-Because with an application we're not interested in multiple version the prefix is dropped.
-
-#### python.buildEnv function
-
-Python environments can be created using the low-level `pkgs.buildEnv` function.
-This example shows how to create an environment that has the Pyramid Web Framework.
-Saving the following as `default.nix`
-```nix
-with import <nixpkgs> {};
-
-python.buildEnv.override {
-  extraLibs = [ pkgs.pythonPackages.pyramid ];
-  ignoreCollisions = true;
-}
-```
-
-and running `nix-build` will create
-```
-/nix/store/cf1xhjwzmdki7fasgr4kz6di72ykicl5-python-2.7.8-env
-```
-
-with wrapped binaries in `bin/`.
-
-You can also use the `env` attribute to create local environments with needed
-packages installed. This is somewhat comparable to `virtualenv`. For example,
-running `nix-shell` with the following `shell.nix`
-```nix
-with import <nixpkgs> {};
-
-(python3.buildEnv.override {
-  extraLibs = with python3Packages; [ numpy requests2 ];
-}).env
-```
-
-will drop you into a shell where Python will have the
-specified packages in its path.
-
-
-##### `python.buildEnv` arguments
-
-* `extraLibs`: List of packages installed inside the environment.
-* `postBuild`: Shell command executed after the build of environment.
-* `ignoreCollisions`: Ignore file collisions inside the environment (default is `false`).
-
-#### python.withPackages function
-
-The `python.withPackages` function provides a simpler interface to the `python.buildEnv` functionality.
-It takes a function as an argument that is passed the set of python packages and returns the list
-of the packages to be included in the environment. Using the `withPackages` function, the previous
-example for the Pyramid Web Framework environment can be written like this:
-```nix
-with import <nixpkgs> {};
-
-python.withPackages (ps: [ps.pyramid])
-```
-
-`withPackages` passes the correct package set for the specific interpreter version as an
-argument to the function. In the above example, `ps` equals `pythonPackages`.
-But you can also easily switch to using python3:
-```nix
-with import <nixpkgs> {};
-
-python3.withPackages (ps: [ps.pyramid])
-```
-
-Now, `ps` is set to `python3Packages`, matching the version of the interpreter.
-
-As `python.withPackages` simply uses `python.buildEnv` under the hood, it also supports the `env`
-attribute. The `shell.nix` file from the previous section can thus be also written like this:
-```nix
-with import <nixpkgs> {};
-
-(python33.withPackages (ps: [ps.numpy ps.requests2])).env
-```
-
-In contrast to `python.buildEnv`, `python.withPackages` does not support the more advanced options
-such as `ignoreCollisions = true` or `postBuild`. If you need them, you have to use `python.buildEnv`.
-
-Python 2 namespace packages may provide `__init__.py` that collide. In that case `python.buildEnv` 
-should be used with `ignoreCollisions = true`.
-
-### Development mode
-
-Development or editable mode is supported. To develop Python packages
-`buildPythonPackage` has additional logic inside `shellPhase` to run `pip
-install -e . --prefix $TMPDIR/`for the package.
-
-Warning: `shellPhase` is executed only if `setup.py` exists.
-
-Given a `default.nix`:
-```nix
-with import <nixpkgs> {};
-
-buildPythonPackage { name = "myproject";
-
-buildInputs = with pkgs.pythonPackages; [ pyramid ];
-
-src = ./.; }
-```
-
-Running `nix-shell` with no arguments should give you
-the environment in which the package would be built with
-`nix-build`.
-
-Shortcut to setup environments with C headers/libraries and python packages:
-```shell
-nix-shell -p pythonPackages.pyramid zlib libjpeg git
-```
-
-Note: There is a boolean value `lib.inNixShell` set to `true` if nix-shell is invoked.
-
-### Tools
-
-Packages inside nixpkgs are written by hand. However many tools exist in
-community to help save time. No tool is preferred at the moment.
-
- [python2nix](https://github.com/proger/python2nix) by Vladimir Kirillov
- [pypi2nix](https://github.com/garbas/pypi2nix) by Rok Garbas
- [pypi2nix](https://github.com/offlinehacker/pypi2nix) by Jaka Hudoklin
-
-### Deterministic builds
-
-Python 2.7, 3.5 and 3.6 are now built deterministically and 3.4 mostly.
-Minor modifications had to be made to the interpreters in order to generate
-deterministic bytecode. This has security implications and is relevant for
-those using Python in a `nix-shell`.
-
-When the environment variable `DETERMINISTIC_BUILD` is set, all bytecode will have timestamp 1.
-The `buildPythonPackage` function sets `DETERMINISTIC_BUILD=1` and
-[PYTHONHASHSEED=0](https://docs.python.org/3.5/using/cmdline.html#envvar-PYTHONHASHSEED).
-Both are also exported in `nix-shell`.
-
-
-## FAQ
-
-### How can I install a working Python environment?
-
-As explained in the user's guide installing individual Python packages
-imperatively with `nix-env -i` or declaratively in `environment.systemPackages`
-is not supported. However, it is possible to install a Python environment with packages (`python.buildEnv`).
-
-In the following examples we create an environment with Python 3.5, `numpy` and `ipython`.
-As you might imagine there is one limitation here, and that's you can install
-only one environment at a time. You will notice the complaints about collisions
-when you try to install a second environment.
-
-#### Environment defined in separate `.nix` file
-
-Create a file, e.g. `build.nix`, with the following expression
-```nix
-with import <nixpkgs> {};
-
-pkgs.python35.withPackages (ps: with ps; [ numpy ipython ])
-```
-and install it in your profile with
-```shell
-nix-env -if build.nix
-```
-Now you can use the Python interpreter, as well as the extra packages that you added to the environment.
-
-#### Environment defined in `~/.nixpkgs/config.nix`
-
-If you prefer to, you could also add the environment as a package override to the Nixpkgs set.
-```nix
-{ # ...
-
-  packageOverrides = pkgs: with pkgs; {
-    myEnv = python35.withPackages (ps: with ps; [ numpy ipython ]);
-  };
-}
-```
-and install it in your profile with
-```shell
-nix-env -iA nixpkgs.myEnv
-```
-
-We're installing using the attribute path and assume the channels is named `nixpkgs`.
-Note that I'm using the attribute path here.
-
-#### Environment defined in `/etc/nixos/configuration.nix`
-
-For the sake of completeness, here's another example how to install the environment system-wide.
-
-```nix
-{ # ...
-
-  environment.systemPackages = with pkgs; [
-    (python35.withPackages(ps: with ps; [ numpy ipython ]))
-  ];
-}
-```
-
-### How to solve circular dependencies?
-
-Consider the packages `A` and `B` that depend on each other. When packaging `B`,
-a solution is to override package `A` not to depend on `B` as an input. The same
-should also be done when packaging `A`.
-
-### How to override a Python package?
-
-We can override the interpreter and pass `packageOverrides`.
-In the following example we rename the `pandas` package and build it.
-```nix
-with import <nixpkgs> {};
-
-let
-  python = let
-    packageOverrides = self: super: {
-      pandas = super.pandas.override {name="foo";};
-    };
-  in pkgs.python35.override {inherit packageOverrides;};
-
-in python.pkgs.pandas
-```
-Using `nix-build` on this expression will build the package `pandas`
-but with the new name `foo`.
-
-All packages in the package set will use the renamed package.
-A typical use case is to switch to another version of a certain package.
-For example, in the Nixpkgs repository we have multiple versions of `django` and `scipy`.
-In the following example we use a different version of `scipy` and create an environment that uses it.
-All packages in the Python package set will now use the updated `scipy` version.
-
-```nix
-with import <nixpkgs> {};
-
-( let
-    packageOverrides = self: super: {
-      scipy = super.scipy_0_17;
-    };
-  in (pkgs.python35.override {inherit packageOverrides;}).withPackages (ps: [ps.blaze])
-).env
-```
-The requested package `blaze` depends on `pandas` which itself depends on `scipy`.
-
-If you want the whole of Nixpkgs to use your modifications, then you can use `overlays`
-as explained in this manual. In the following example we build a `inkscape` using a different version of `numpy`.
-```nix
-let
-  pkgs = import <nixpkgs> {};
-  newpkgs = import pkgs.path { overlays = [ (pkgsself: pkgssuper: {
-    python27 = let
-      packageOverrides = self: super: {
-        numpy = super.numpy_1_10;
-      };
-    in pkgssuper.python27.override {inherit packageOverrides;};
-  } ) ]; };
-in newpkgs.inkscape
-```
-
-### `python setup.py bdist_wheel` cannot create .whl
-
-Executing `python setup.py bdist_wheel` in a `nix-shell `fails with
-```
-ValueError: ZIP does not support timestamps before 1980
-```
-This is because files are included that depend on items in the Nix store which have a timestamp of, that is, it corresponds to January the 1st, 1970 at 00:00:00. And as the error informs you, ZIP does not support that.
-The command `bdist_wheel` takes into account `SOURCE_DATE_EPOCH`, and `nix-shell` sets this to 1. By setting it to a value corresponding to 1980 or later, or by unsetting it, it is possible to build wheels.
-
-Use 1980 as timestamp:
-```shell
-nix-shell --run "SOURCE_DATE_EPOCH=315532800 python3 setup.py bdist_wheel"
-```
-or the current time:
-```shell
-nix-shell --run "SOURCE_DATE_EPOCH=$(date +%s) python3 setup.py bdist_wheel"
-```
-or unset:
-```shell
-nix-shell --run "unset SOURCE_DATE_EPOCH; python3 setup.py bdist_wheel"
-```
-
-### `install_data` / `data_files` problems
-
-If you get the following error:
-```
-could not create '/nix/store/6l1bvljpy8gazlsw2aw9skwwp4pmvyxw-python-2.7.8/etc':
-Permission denied
-```
-This is a [known bug](https://github.com/pypa/setuptools/issues/130) in `setuptools`.
-Setuptools `install_data` does not respect `--prefix`. An example of such package using the feature is `pkgs/tools/X11/xpra/default.nix`.
-As workaround install it as an extra `preInstall` step:
-```shell
-${python.interpreter} setup.py install_data --install-dir=$out --root=$out
-sed -i '/ = data\_files/d' setup.py
-```
-
-###  Rationale of non-existent global site-packages
-
-On most operating systems a global `site-packages` is maintained. This however
-becomes problematic if you want to run multiple Python versions or have multiple
-versions of certain libraries for your projects. Generally, you would solve such
-issues by creating virtual environments using `virtualenv`.
-
-On Nix each package has an isolated dependency tree which, in the case of
-Python, guarantees the right versions of the interpreter and libraries or
-packages are available. There is therefore no need to maintain a global `site-packages`.
-
-If you want to create a Python environment for development, then the recommended
-method is to use `nix-shell`, either with or without the `python.buildEnv`
-function.
-
-### How to consume python modules using pip in a virtualenv like I am used to on other Operating Systems ?
-
-This is an example of a `default.nix` for a `nix-shell`, which allows to consume a `virtualenv` environment,
-and install python modules through `pip` the traditional way.
-
-Create this `default.nix` file, together with a `requirements.txt` and simply execute `nix-shell`.
-
-```nix
-with import <nixpkgs> {};
-with pkgs.python27Packages;
-
-stdenv.mkDerivation {
-  name = "impurePythonEnv";
-  buildInputs = [
-    # these packages are required for virtualenv and pip to work:
-    #
-    python27Full
-    python27Packages.virtualenv
-    python27Packages.pip
-    # the following packages are related to the dependencies of your python
-    # project.
-    # In this particular example the python modules listed in the
-    # requirements.tx require the following packages to be installed locally
-    # in order to compile any binary extensions they may require.
-    #
-    taglib
-    openssl
-    git
-    libxml2
-    libxslt
-    libzip
-    stdenv
-    zlib ];
-  src = null;
-  shellHook = ''
-  # set SOURCE_DATE_EPOCH so that we can use python wheels
-  SOURCE_DATE_EPOCH=$(date +%s)
-  virtualenv --no-setuptools venv
-  export PATH=$PWD/venv/bin:$PATH
-  pip install -r requirements.txt
-  '';
-}
-```
-
-Note that the `pip install` is an imperative action. So every time `nix-shell`
-is executed it will attempt to download the python modules listed in
-requirements.txt. However these will be cached locally within the `virtualenv`
-folder and not downloaded again.
-
-### How to override a Python package from `configuration.nix`?
-
-If you need to change a package's attribute(s) from `configuration.nix` you could do:
-
-```nix
-  nixpkgs.config.packageOverrides = superP: {
-    pythonPackages = superP.pythonPackages.override {
-      overrides = self: super: {
-        bepasty-server = super.bepasty-server.overrideAttrs ( oldAttrs: {
-          src = pkgs.fetchgit {
-            url = "https://github.com/bepasty/bepasty-server";
-            sha256 = "9ziqshmsf0rjvdhhca55sm0x8jz76fsf2q4rwh4m6lpcf8wr0nps";
-            rev = "e2516e8cf4f2afb5185337073607eb9e84a61d2d";
-          };
-        });
-      };
-    };
-  };
-```
-
-If you are using the `bepasty-server` package somewhere, for example in `systemPackages` or indirectly from `services.bepasty`, then a `nixos-rebuild switch` will rebuild the system but with the `bepasty-server` package using a different `src` attribute. This way one can modify `python` based software/libraries easily. Using `self` and `super` one can also alter dependencies (`buildInputs`) between the old state (`self`) and new state (`super`). 
-
-## Contributing
-
-### Contributing guidelines
-
-Following rules are desired to be respected:
-
-* Python libraries are supposed to be called from `python-packages.nix` and packaged with `buildPythonPackage`. The expression of a library should be in `pkgs/development/python-modules/<name>/default.nix`. Libraries in `pkgs/top-level/python-packages.nix` are sorted quasi-alphabetically to avoid merge conflicts.
-* Python applications live outside of `python-packages.nix` and are packaged with `buildPythonApplication`.
-* Make sure libraries build for all Python interpreters.
-* By default we enable tests. Make sure the tests are found and, in the case of libraries, are passing for all interpreters. If certain tests fail they can be disabled individually. Try to avoid disabling the tests altogether. In any case, when you disable tests, leave a comment explaining why.
-* Commit names of Python libraries should include `pythonPackages`, for example `pythonPackages.numpy: 1.11 -> 1.12`.
--- a/doc/languages-frameworks/python.xml
+++ b/doc/languages-frameworks/python.xml
@@ -0,0 +1,447 @@
+<section xmlns="http://docbook.org/ns/docbook"
+         xmlns:xlink="http://www.w3.org/1999/xlink"
+         xml:id="sec-python">
+
+<title>Python</title>
+
+<para>
+  Currently supported interpreters are <varname>python26</varname>, <varname>python27</varname>,
+  <varname>python33</varname>, <varname>python34</varname>, <varname>python35</varname>
+  and <varname>pypy</varname>.
+</para>
+
+<para>
+  <varname>python</varname> is an alias to <varname>python27</varname> and <varname>python3</varname> is an alias to <varname>python34</varname>.
+</para>
+
+<para>
+  <varname>python26</varname> and <varname>python27</varname> do not include modules that require
+  external dependencies (to reduce dependency bloat). Following modules need to be added as
+  <varname>buildInput</varname> explicitly:
+</para>
+
+<itemizedlist>
+  <listitem><para><varname>python.modules.bsddb</varname></para></listitem>
+  <listitem><para><varname>python.modules.curses</varname></para></listitem>
+  <listitem><para><varname>python.modules.curses_panel</varname></para></listitem>
+  <listitem><para><varname>python.modules.crypt</varname></para></listitem>
+  <listitem><para><varname>python.modules.gdbm</varname></para></listitem>
+  <listitem><para><varname>python.modules.sqlite3</varname></para></listitem>
+  <listitem><para><varname>python.modules.tkinter</varname></para></listitem>
+  <listitem><para><varname>python.modules.readline</varname></para></listitem>
+</itemizedlist>
+
+<para>For convenience <varname>python27Full</varname> and <varname>python26Full</varname>
+are provided with all modules included.</para>
+
+<para>
+  Python packages that
+  use <link xlink:href="http://pypi.python.org/pypi/setuptools/"><literal>setuptools</literal></link> or <literal>distutils</literal>,
+  can be built using the <varname>buildPythonPackage</varname> function as documented below.
+</para>
+
+<para>
+ All packages depending on any Python interpreter get appended <varname>$out/${python.sitePackages}</varname>
+ to <literal>$PYTHONPATH</literal> if such directory exists.
+</para>
+
+<variablelist>
+  <title>
+     Useful attributes on interpreters packages:
+  </title>
+
+  <varlistentry>
+    <term><varname>libPrefix</varname></term>
+    <listitem><para>
+        Name of the folder in <literal>${python}/lib/</literal> for corresponding interpreter.
+    </para></listitem>
+  </varlistentry>
+
+  <varlistentry>
+    <term><varname>interpreter</varname></term>
+    <listitem><para>
+        Alias for <literal>${python}/bin/${executable}.</literal>
+    </para></listitem>
+  </varlistentry>
+
+  <varlistentry>
+    <term><varname>buildEnv</varname></term>
+    <listitem><para>
+        Function to build python interpreter environments with extra packages bundled together.
+        See <xref linkend="ssec-python-build-env" /> for usage and documentation.
+    </para></listitem>
+  </varlistentry>
+
+  <varlistentry>
+    <term><varname>sitePackages</varname></term>
+    <listitem><para>
+      Alias for <literal>lib/${libPrefix}/site-packages</literal>.
+    </para></listitem>
+  </varlistentry>
+
+  <varlistentry>
+    <term><varname>executable</varname></term>
+    <listitem><para>
+      Name of the interpreter executable, ie <literal>python3.4</literal>.
+    </para></listitem>
+  </varlistentry>
+
+</variablelist>
+<section xml:id="ssec-build-python-package"><title><varname>buildPythonPackage</varname> function</title>
+
+  <para>
+  The function is implemented in <link xlink:href="https://github.com/NixOS/nixpkgs/blob/master/pkgs/development/python-modules/generic/default.nix">
+  <filename>pkgs/development/python-modules/generic/default.nix</filename></link>.
+  Example usage:
+
+<programlisting language="nix">
+twisted = buildPythonPackage {
+  name = "twisted-8.1.0";
+
+  src = pkgs.fetchurl {
+    url = http://tmrc.mit.edu/mirror/twisted/Twisted/8.1/Twisted-8.1.0.tar.bz2;
+    sha256 = "0q25zbr4xzknaghha72mq57kh53qw1bf8csgp63pm9sfi72qhirl";
+  };
+
+  propagatedBuildInputs = [ self.ZopeInterface ];
+
+  meta = {
+    homepage = http://twistedmatrix.com/;
+    description = "Twisted, an event-driven networking engine written in Python";
+    license = stdenv.lib.licenses.mit;
+  };
+};
+</programlisting>
+
+  Most of Python packages that use <varname>buildPythonPackage</varname> are defined
+  in <link xlink:href="https://github.com/NixOS/nixpkgs/blob/master/pkgs/top-level/python-packages.nix"><filename>pkgs/top-level/python-packages.nix</filename></link>
+  and generated for each python interpreter separately into attribute sets <varname>python26Packages</varname>,
+  <varname>python27Packages</varname>, <varname>python35Packages</varname>, <varname>python33Packages</varname>,
+  <varname>python34Packages</varname> and <varname>pypyPackages</varname>.
+  </para>
+
+  <para>
+    <function>buildPythonPackage</function> mainly does four things:
+
+    <orderedlist>
+      <listitem><para>
+        In the <varname>buildPhase</varname>, it calls
+        <literal>${python.interpreter} setup.py bdist_wheel</literal> to build a wheel binary zipfile.
+      </para></listitem>
+
+      <listitem><para>
+        In the <varname>installPhase</varname>, it installs the wheel file using
+        <literal>pip install *.whl</literal>.
+      </para></listitem>
+
+      <listitem><para>
+        In the <varname>postFixup</varname> phase, <literal>wrapPythonPrograms</literal>
+        bash function is called to wrap all programs in <filename>$out/bin/*</filename>
+        directory to include <literal>$PYTHONPATH</literal> and <literal>$PATH</literal>
+        environment variables.
+      </para></listitem>
+
+      <listitem><para>
+        In the <varname>installCheck</varname> phase, <literal>${python.interpreter} setup.py test</literal>
+        is ran.
+      </para></listitem>
+    </orderedlist>
+  </para>
+
+  <para>By default <varname>doCheck = true</varname> is set</para>
+
+  <para>
+    As in Perl, dependencies on other Python packages can be specified in the
+    <varname>buildInputs</varname> and
+    <varname>propagatedBuildInputs</varname> attributes.  If something is
+    exclusively a build-time dependency, use
+    <varname>buildInputs</varname>; if it’s (also) a runtime dependency,
+    use <varname>propagatedBuildInputs</varname>.
+  </para>
+
+  <para>
+    By default <varname>meta.platforms</varname> is set to the same value
+    as the interpreter unless overriden otherwise.
+  </para>
+
+  <variablelist>
+    <title>
+      <varname>buildPythonPackage</varname> parameters
+      (all parameters from <varname>mkDerivation</varname> function are still supported)
+    </title>
+
+    <varlistentry>
+      <term><varname>namePrefix</varname></term>
+      <listitem><para>
+        Prepended text to <varname>${name}</varname> parameter.
+        Defaults to <literal>"python3.3-"</literal> for Python 3.3, etc. Set it to
+        <literal>""</literal>
+        if you're packaging an application or a command line tool.
+      </para></listitem>
+    </varlistentry>
+
+    <varlistentry>
+      <term><varname>disabled</varname></term>
+      <listitem><para>
+        If <varname>true</varname>, package is not build for
+        particular python interpreter version. Grep around
+        <filename>pkgs/top-level/python-packages.nix</filename>
+        for examples.
+      </para></listitem>
+    </varlistentry>
+
+    <varlistentry>
+      <term><varname>setupPyBuildFlags</varname></term>
+      <listitem><para>
+        List of flags passed to <command>setup.py build_ext</command> command.
+      </para></listitem>
+    </varlistentry>
+
+    <varlistentry>
+      <term><varname>pythonPath</varname></term>
+      <listitem><para>
+        List of packages to be added into <literal>$PYTHONPATH</literal>.
+        Packages in <varname>pythonPath</varname> are not propagated
+        (contrary to <varname>propagatedBuildInputs</varname>).
+      </para></listitem>
+    </varlistentry>
+
+    <varlistentry>
+      <term><varname>preShellHook</varname></term>
+      <listitem><para>
+        Hook to execute commands before <varname>shellHook</varname>.
+      </para></listitem>
+    </varlistentry>
+
+    <varlistentry>
+      <term><varname>postShellHook</varname></term>
+      <listitem><para>
+        Hook to execute commands after <varname>shellHook</varname>.
+      </para></listitem>
+    </varlistentry>
+
+    <varlistentry>
+      <term><varname>makeWrapperArgs</varname></term>
+      <listitem><para>
+        A list of strings. Arguments to be passed to
+        <varname>makeWrapper</varname>, which wraps generated binaries. By
+        default, the arguments to <varname>makeWrapper</varname> set
+        <varname>PATH</varname> and <varname>PYTHONPATH</varname> environment
+        variables before calling the binary. Additional arguments here can
+        allow a developer to set environment variables which will be
+        available when the binary is run. For example,
+        <varname>makeWrapperArgs = ["--set FOO BAR" "--set BAZ QUX"]</varname>.
+      </para></listitem>
+    </varlistentry>
+
+  </variablelist>
+
+</section>
+
+<section xml:id="ssec-python-build-env"><title><function>python.buildEnv</function> function</title>
+  <para>
+    Create Python environments using low-level <function>pkgs.buildEnv</function> function. Example <filename>default.nix</filename>:
+
+<programlisting language="nix">
+<![CDATA[with import <nixpkgs> {};
+
+python.buildEnv.override {
+  extraLibs = [ pkgs.pythonPackages.pyramid ];
+  ignoreCollisions = true;
+}]]>
+</programlisting>
+
+    Running <command>nix-build</command> will create
+    <filename>/nix/store/cf1xhjwzmdki7fasgr4kz6di72ykicl5-python-2.7.8-env</filename>
+    with wrapped binaries in <filename>bin/</filename>.
+  </para>
+
+  <para>
+  You can also use <varname>env</varname> attribute to create local
+  environments with needed packages installed (somewhat comparable to
+  <literal>virtualenv</literal>). For example, with the following
+  <filename>shell.nix</filename>:
+
+<programlisting language="nix">
+<![CDATA[with import <nixpkgs> {};
+
+(python3.buildEnv.override {
+  extraLibs = with python3Packages;
+    [ numpy
+      requests
+    ];
+}).env]]>
+</programlisting>
+
+  Running <command>nix-shell</command> will drop you into a shell where
+  <command>python</command> will have specified packages in its path.
+  </para>
+
+  <variablelist>
+    <title>
+      <function>python.buildEnv</function> arguments
+    </title>
+
+    <varlistentry>
+      <term><varname>extraLibs</varname></term>
+      <listitem><para>
+        List of packages installed inside the environment.
+      </para></listitem>
+    </varlistentry>
+
+    <varlistentry>
+      <term><varname>postBuild</varname></term>
+      <listitem><para>
+        Shell command executed after the build of environment.
+      </para></listitem>
+    </varlistentry>
+
+    <varlistentry>
+      <term><varname>ignoreCollisions</varname></term>
+      <listitem><para>
+         Ignore file collisions inside the environment (default is <varname>false</varname>).
+      </para></listitem>
+    </varlistentry>
+  </variablelist>
+</section>
+
+<section xml:id="ssec-python-tools"><title>Tools</title>
+
+<para>Packages inside nixpkgs are written by hand. However many tools
+exist in community to help save time. No tool is preferred at the moment.
+</para>
+
+<itemizedlist>
+
+  <listitem><para>
+    <link xlink:href="https://github.com/proger/python2nix">python2nix</link>
+    by Vladimir Kirillov
+  </para></listitem>
+
+  <listitem><para>
+    <link xlink:href="https://github.com/garbas/pypi2nix">pypi2nix</link>
+    by Rok Garbas
+  </para></listitem>
+
+  <listitem><para>
+    <link xlink:href="https://github.com/offlinehacker/pypi2nix">pypi2nix</link>
+    by Jaka Hudoklin
+  </para></listitem>
+
+</itemizedlist>
+
+</section>
+
+<section xml:id="ssec-python-development"><title>Development</title>
+
+  <para>
+    To develop Python packages <function>buildPythonPackage</function> has
+    additional logic inside <varname>shellPhase</varname> to run
+    <command>pip install -e . --prefix $TMPDIR/</command> for the package.
+  </para>
+
+  <warning><para><varname>shellPhase</varname> is executed only if <filename>setup.py</filename>
+  exists.</para></warning>
+
+  <para>
+    Given a <filename>default.nix</filename>:
+
+<programlisting language="nix">
+<![CDATA[with import <nixpkgs> {};
+
+buildPythonPackage {
+  name = "myproject";
+
+  buildInputs = with pkgs.pythonPackages; [ pyramid ];
+
+  src = ./.;
+}]]>
+</programlisting>
+
+    Running <command>nix-shell</command> with no arguments should give you
+    the environment in which the package would be build with
+    <command>nix-build</command>.
+  </para>
+
+  <para>
+    Shortcut to setup environments with C headers/libraries and python packages:
+
+    <programlisting language="bash">$ nix-shell -p pythonPackages.pyramid zlib libjpeg git</programlisting>
+  </para>
+
+  <note><para>
+    There is a boolean value <varname>lib.inNixShell</varname> set to
+    <varname>true</varname> if nix-shell is invoked.
+  </para></note>
+
+</section>
+
+<section xml:id="ssec-python-faq"><title>FAQ</title>
+
+<variablelist>
+
+  <varlistentry>
+    <term>How to solve circular dependencies?</term>
+    <listitem><para>
+      If you have packages <varname>A</varname> and <varname>B</varname> that
+      depend on each other, when packaging <varname>B</varname> override package
+      <varname>A</varname> not to depend on <varname>B</varname> as input
+      (and also the other way around).
+    </para></listitem>
+  </varlistentry>
+
+  <varlistentry>
+    <term><varname>install_data / data_files</varname> problems resulting into <literal>error: could not create '/nix/store/6l1bvljpy8gazlsw2aw9skwwp4pmvyxw-python-2.7.8/etc': Permission denied</literal></term>
+    <listitem><para>
+      <link xlink:href="https://bitbucket.org/pypa/setuptools/issue/130/install_data-doesnt-respect-prefix">
+      Known bug in setuptools <varname>install_data</varname> does not respect --prefix</link>. Example of
+      such package using the feature is <filename>pkgs/tools/X11/xpra/default.nix</filename>. As workaround
+      install it as an extra <varname>preInstall</varname> step:
+
+      <programlisting>${python.interpreter} setup.py install_data --install-dir=$out --root=$out
+sed -i '/ = data_files/d' setup.py</programlisting>
+    </para></listitem>
+  </varlistentry>
+
+  <varlistentry>
+    <term>Rationale of non-existent global site-packages</term>
+    <listitem><para>
+      There is no need to have global site-packages in Nix. Each package has isolated
+      dependency tree and installing any python package will only populate <varname>$PATH</varname>
+      inside user environment. See <xref linkend="ssec-python-build-env" /> to create self-contained
+      interpreter with a set of packages.
+    </para></listitem>
+  </varlistentry>
+
+</variablelist>
+
+</section>
+
+
+<section xml:id="ssec-python-contrib"><title>Contributing guidelines</title>
+<para>
+  Following rules are desired to be respected:
+</para>
+
+<itemizedlist>
+
+  <listitem><para>
+    Make sure package builds for all python interpreters. Use <varname>disabled</varname> argument to
+    <function>buildPythonPackage</function> to set unsupported interpreters.
+  </para></listitem>
+
+  <listitem><para>
+    If tests need to be disabled for a package, make sure you leave a comment about reasoning.
+  </para></listitem>
+
+  <listitem><para>
+    Packages in <link xlink:href="https://github.com/NixOS/nixpkgs/blob/master/pkgs/top-level/python-packages.nix"><filename>pkgs/top-level/python-packages.nix</filename></link>
+    are sorted quasi-alphabetically to avoid merge conflicts.
+  </para></listitem>
+
+</itemizedlist>
+
+</section>
+
+</section>
+
--- a/doc/languages-frameworks/qt.xml
+++ b/doc/languages-frameworks/qt.xml
@@ -2,31 +2,67 @@
         xmlns:xlink="http://www.w3.org/1999/xlink"
         xml:id="sec-language-qt">

-<title>Qt and KDE</title>
+<title>Qt</title>

-<para>Qt is a comprehensive desktop and mobile application development toolkit for C++. Legacy support is available for Qt 3 and Qt 4, but all current development uses Qt 5. The Qt 5 packages in Nixpkgs are updated frequently to take advantage of new features, but older versions are typically retained to support packages that may not be compatible with the latest version. When packaging applications and libraries for Nixpkgs, it is important to ensure that compatible versions of Qt 5 are used throughout; this consideration motivates the tools described below.</para>
+<para>The information in this section applies to Qt 5.5 and later.</para>
+
+<para>Qt is an application development toolkit for C++. Although it is
+not a distinct programming language, there are special considerations
+for packaging Qt-based programs and libraries. A small set of tools
+and conventions has grown out of these considerations.</para>

 <section xml:id="ssec-qt-libraries"><title>Libraries</title>

-<para>Libraries that depend on Qt 5 should be built with each available version to avoid linking a dependent package against incompatible versions of Qt 5. (Although Qt 5 maintains backward ABI compatibility, linking against multiple versions at once is generally not possible; at best it will lead to runtime faults.) Packages that provide libraries should be added to the top-level function <varname>mkLibsForQt5</varname>, which is used to build a set of libraries for every Qt 5 version. The <varname>callPackage</varname> provided in this scope will ensure that only one Qt version will be used throughout the dependency tree. Dependencies should be imported unqualified, i.e. <literal>qtbase</literal> not <literal>qt5.qtbase</literal>, so that <varname>callPackage</varname> can do its work. <emphasis>Do not</emphasis> import a package set such as <literal>qt5</literal> or <literal>libsForQt5</literal> into your package; although it may work fine in the moment, it could well break at the next Qt update.</para>
-
-<para>If a library does not support a particular version of Qt 5, it is best to mark it as broken by setting its <literal>meta.broken</literal> attribute. A package may be marked broken for certain versions by testing the <literal>qtbase.version</literal> attribute, which will always give the current Qt 5 version.</para>
+<para>Packages that provide libraries should be listed in
+<varname>qt5LibsFun</varname> so that the library is built with each
+Qt version. A set of packages is provided for each version of Qt; for
+example, <varname>qt5Libs</varname> always provides libraries built
+with the latest version, <varname>qt55Libs</varname> provides
+libraries built with Qt 5.5, and so on. To avoid version conflicts, no
+top-level attributes are created for these packages.</para>

 </section>

-<section xml:id="ssec-qt-applications"><title>Applications</title>
+<section xml:id="ssec-qt-programs"><title>Programs</title>

-<para>Applications generally do not need to be built with every Qt version because they do not provide any libraries for dependent packages to link against. The primary consideration is merely ensuring that the application itself and its dependencies are linked against only one version of Qt. To call your application expression, use <literal>libsForQt5.callPackage</literal> instead of <literal>callPackage</literal>. Dependencies should be imported unqualified, i.e. <literal>qtbase</literal> not <literal>qt5.qtbase</literal>. <emphasis>Do not</emphasis> import a package set such as <literal>qt5</literal> or <literal>libsForQt5</literal> into your package; although it may work fine in the moment, it could well break at the next Qt update.</para>
+<para>Application packages do not need to be built with every Qt
+version. To ensure consistency between the package's dependencies,
+call the package with <literal>qt5Libs.callPackage</literal> instead
+of the usual <literal>callPackage</literal>. An older version may be
+selected in case of incompatibility. For example, to build with Qt
+5.5, call the package with
+<literal>qt55Libs.callPackage</literal>.</para>

-<para>It is generally best to build an application package against the <varname>libsForQt5</varname> library set. In case a package does not build with the latest Qt version, it is possible to pick a set pinned to a particular version, e.g. <varname>libsForQt55</varname> for Qt 5.5, if that is the latest version the package supports.</para>
+<para>Several environment variables must be set at runtime for Qt
+applications to function correctly, including:</para>

-<para>Qt-based applications require that several paths be set at runtime. This is accomplished by wrapping the provided executables in a package with <literal>wrapQtProgram</literal> or <literal>makeQtWrapper</literal> during the <literal>postFixup</literal> phase. To use the wrapper generators, add <literal>makeQtWrapper</literal> to <literal>nativeBuildInputs</literal>. The wrapper generators support the same options as <literal>wrapProgram</literal> and <literal>makeWrapper</literal> respectively. It is usually only necessary to generate wrappers for programs intended to be invoked by the user.</para>
+<itemizedlist>
+  <listitem><para><envar>QT_PLUGIN_PATH</envar></para></listitem>
+  <listitem><para><envar>QML_IMPORT_PATH</envar></para></listitem>
+  <listitem><para><envar>QML2_IMPORT_PATH</envar></para></listitem>
+  <listitem><para><envar>XDG_DATA_DIRS</envar></para></listitem>
+</itemizedlist>
+
+<para>To ensure that these are set correctly, the program must be wrapped by
+invoking <literal>wrapQtProgram <replaceable>program</replaceable></literal>
+during installation (for example, during
+<literal>fixupPhase</literal>). <literal>wrapQtProgram</literal>
+accepts the same options as <literal>makeWrapper</literal>.
+</para>

 </section>

 <section xml:id="ssec-qt-kde"><title>KDE</title>

-<para>The KDE Frameworks are a set of libraries for Qt 5 which form the basis of the Plasma desktop environment and the KDE Applications suite. Packaging a Frameworks-based library does not require any steps beyond those described above for general Qt-based libraries. Frameworks-based applications should not use <literal>makeQtWrapper</literal>; instead, use <literal>kdeWrapper</literal> to create the necessary wrappers: <literal>kdeWrapper { unwrapped = <replaceable>expr</replaceable>; targets = <replaceable>exes</replaceable>; }</literal>, where <replaceable>expr</replaceable> is the un-wrapped package expression and <replaceable>exes</replaceable> is a list of strings giving the relative paths to programs in the package which should be wrapped.</para>
+<para>Many of the considerations above also apply to KDE packages,
+especially the need to set the correct environment variables at
+runtime. To ensure that this is done, invoke <literal>wrapKDEProgram
+<replaceable>program</replaceable></literal> during
+installation. <literal>wrapKDEProgram</literal> also generates a
+<literal>ksycoca</literal> database so that required data and services
+can be found. Like its Qt counterpart,
+<literal>wrapKDEProgram</literal> accepts the same options as
+<literal>makeWrapper</literal>.</para>

 </section>

--- a/doc/languages-frameworks/ruby.xml
+++ b/doc/languages-frameworks/ruby.xml
@@ -12,25 +12,25 @@
 <screen>
 <![CDATA[$ cd pkgs/servers/monitoring
 $ mkdir sensu
-$ cd sensu
 $ cat > Gemfile
 source 'https://rubygems.org'
 gem 'sensu'
-$ nix-shell -p bundler --command "bundler package --path /tmp/vendor/bundle"
+$ bundler package --path /tmp/vendor/bundle
 $ $(nix-build '<nixpkgs>' -A bundix)/bin/bundix
 $ cat > default.nix
 { lib, bundlerEnv, ruby }:

-bundlerEnv rec {
-  name = "sensu-${version}";
+bundlerEnv {
+  name = "sensu-0.17.1";

-  version = (import gemset).sensu.version;
  inherit ruby;
-  # expects Gemfile, Gemfile.lock and gemset.nix in the same directory
-  gemdir = ./.;
+  gemfile = ./Gemfile;
+  lockfile = ./Gemfile.lock;
+  gemset = ./gemset.nix;

  meta = with lib; {
-    description = "A monitoring framework that aims to be simple, malleable, and scalable";
+    description = "A monitoring framework that aims to be simple, malleable,
+and scalable";
    homepage    = http://sensuapp.org/;
    license     = with licenses; mit;
    maintainers = with maintainers; [ theuni ];
--- a/doc/languages-frameworks/rust.md
+++ b/doc/languages-frameworks/rust.md
@@ -1,91 +0,0 @@
---
-title: Rust
-author: Matthias Beyer
-date: 2017-03-05
---
-
-# User's Guide to the Rust Infrastructure
-
-To install the rust compiler and cargo put
-
-```
-rustStable.rustc
-rustStable.cargo
-```
-
-into the `environment.systemPackages` or bring them into scope with
-`nix-shell -p rustStable.rustc -p rustStable.cargo`.
-
-There are also `rustBeta` and `rustNightly` package sets available.
-These are not updated very regulary. For daily builds see
-[Using the Rust nightlies overlay](#using-the-rust-nightlies-overlay)
-
-## Packaging Rust applications
-
-Rust applications are packaged by using the `buildRustPackage` helper from `rustPlatform`:
-
-```
-with rustPlatform;
-
-buildRustPackage rec {
-  name = "ripgrep-${version}";
-  version = "0.4.0";
-
-  src = fetchFromGitHub {
-    owner = "BurntSushi";
-    repo = "ripgrep";
-    rev = "${version}";
-    sha256 = "0y5d1n6hkw85jb3rblcxqas2fp82h3nghssa4xqrhqnz25l799pj";
-  };
-
-  depsSha256 = "0q68qyl2h6i0qsz82z840myxlnjay8p1w5z7hfyr8fqp7wgwa9cx";
-
-  meta = with stdenv.lib; {
-    description = "A utility that combines the usability of The Silver Searcher with the raw speed of grep";
-    homepage = https://github.com/BurntSushi/ripgrep;
-    license = with licenses; [ unlicense ];
-    maintainers = [ maintainers.tailhook ];
-    platforms = platforms.all;
-  };
-}
-```
-
-`buildRustPackage` requires a `depsSha256` attribute which is computed over
-all crate sources of this package. Currently it is obtained by inserting a
-fake checksum into the expression and building the package once. The correct
-checksum can be then take from the failed build.
-
-To install crates with nix there is also an experimental project called
-[nixcrates](https://github.com/fractalide/nixcrates).
-
-## Using the Rust nightlies overlay
-
-Mozilla provides an overlay for nixpkgs to bring a nightly version of Rust into scope.
-This overlay can _also_ be used to install recent unstable or stable versions
-of Rust, if desired.
-
-To use this overlay, clone
-[nixpkgs-mozilla](https://github.com/mozilla/nixpkgs-mozilla),
-and create a symbolic link to the file
-[rust-overlay.nix](https://github.com/mozilla/nixpkgs-mozilla/blob/master/rust-overlay.nix)
-in the `~/.config/nixpkgs/overlays` directory.
-
-    $ git clone https://github.com/mozilla/nixpkgs-mozilla.git
-    $ mkdir -p ~/.config/nixpkgs/overlays
-    $ ln -s $(pwd)/nixpkgs-mozilla/rust-overlay.nix ~/.config/nixpkgs/overlays/rust-overlay.nix
-
-The latest version can be installed with the following command:
-
-    $ nix-env -Ai nixos.rustChannels.stable.rust
-
-Or using the attribute with nix-shell:
-
-    $ nix-shell -p nixos.rustChannels.stable.rust
-
-To install the beta or nightly channel, "stable" should be substituted by
-"nightly" or "beta", or
-use the function provided by this overlay to pull a version based on a
-build date.
-
-The overlay automatically updates itself as it uses the same source as
-[rustup](https://www.rustup.rs/).
--- a/doc/languages-frameworks/texlive.xml
+++ b/doc/languages-frameworks/texlive.xml
@@ -35,7 +35,6 @@ texlive.combine {
      You can list packages e.g. by <command>nix-repl</command>.
      <programlisting>
 $ nix-repl
-nix-repl> :l &lt;nixpkgs>
 nix-repl> texlive.collection-&lt;TAB>
      </programlisting>
    </para></listitem>
--- a/doc/languages-frameworks/vim.md
+++ b/doc/languages-frameworks/vim.md
@@ -1,102 +0,0 @@
---
-title: User's Guide for Vim in Nixpkgs
-author: Marc Weber
-date: 2016-06-25
---
-# User's Guide to Vim Plugins/Addons/Bundles/Scripts in Nixpkgs
-
-You'll get a vim(-your-suffix) in PATH also loading the plugins you want.
-Loading can be deferred; see examples.
-
-VAM (=vim-addon-manager) and Pathogen plugin managers are supported.
-Vundle, NeoBundle could be your turn.
-
-## dependencies by Vim plugins
-
-VAM introduced .json files supporting dependencies without versioning
-assuming that "using latest version" is ok most of the time.
-
-## HOWTO
-
-First create a vim-scripts file having one plugin name per line. Example:
-
-    "tlib"
-    {'name': 'vim-addon-sql'}
-    {'filetype_regex': '\%(vim)$', 'names': ['reload', 'vim-dev-plugin']}
-
-Such vim-scripts file can be read by VAM as well like this:
-
-    call vam#Scripts(expand('~/.vim-scripts'), {})
-
-Create a default.nix file:
-
-    { nixpkgs ? import <nixpkgs> {}, compiler ? "ghc7102" }:
-    nixpkgs.vim_configurable.customize { name = "vim"; vimrcConfig.vam.pluginDictionaries = [ "vim-addon-vim2nix" ]; }
-
-Create a generate.vim file:
-
-    ActivateAddons vim-addon-vim2nix
-    let vim_scripts = "vim-scripts"
-    call nix#ExportPluginsForNix({
-    \  'path_to_nixpkgs': eval('{"'.substitute(substitute(substitute($NIX_PATH, ':', ',', 'g'), '=',':', 'g'), '\([:,]\)', '"\1"',"g").'"}')["nixpkgs"],
-    \  'cache_file': '/tmp/vim2nix-cache',
-    \  'try_catch': 0,
-    \  'plugin_dictionaries': ["vim-addon-manager"]+map(readfile(vim_scripts), 'eval(v:val)')
-    \ })
-
-Then run
-
-    nix-shell -p vimUtils.vim_with_vim2nix --command "vim -c 'source generate.vim'"
-
-You should get a Vim buffer with the nix derivations (output1) and vam.pluginDictionaries (output2).
-You can add your vim to your system's configuration file like this and start it by "vim-my":
-
-    my-vim =
-     let plugins = let inherit (vimUtils) buildVimPluginFrom2Nix; in {
-          copy paste output1 here
-     }; in vim_configurable.customize {
-       name = "vim-my";
-
-       vimrcConfig.vam.knownPlugins = plugins; # optional
-       vimrcConfig.vam.pluginDictionaries = [
-          copy paste output2 here
-       ];
-
-       # Pathogen would be
-       # vimrcConfig.pathogen.knownPlugins = plugins; # plugins
-       # vimrcConfig.pathogen.pluginNames = ["tlib"];
-     };
-
-
-Sample output1:
-
-    "reload" = buildVimPluginFrom2Nix { # created by nix#NixDerivation
-      name = "reload";
-      src = fetchgit {
-        url = "git://github.com/xolox/vim-reload";
-        rev = "0a601a668727f5b675cb1ddc19f6861f3f7ab9e1";
-        sha256 = "0vb832l9yxj919f5hfg6qj6bn9ni57gnjd3bj7zpq7d4iv2s4wdh";
-      };
-      dependencies = ["nim-misc"];
-
-    };
-    [...]
-
-Sample output2:
-
-    [
-      ''vim-addon-manager''
-      ''tlib''
-      { "name" = ''vim-addon-sql''; }
-      { "filetype_regex" = ''\%(vim)$$''; "names" = [ ''reload'' ''vim-dev-plugin'' ]; }
-    ]
-
-
-## Important repositories
-
- [vim-pi](https://bitbucket.org/vimcommunity/vim-pi) is a plugin repository
-  from VAM plugin manager meant to be used by others as well used by
-
- [vim2nix](http://github.com/MarcWeber/vim-addon-vim2nix) which generates the
-  .nix code
-
--- a/doc/manual.xml
+++ b/doc/manual.xml
@@ -12,17 +12,15 @@
  <xi:include href="introduction.xml" />
  <xi:include href="quick-start.xml" />
  <xi:include href="stdenv.xml" />
-  <xi:include href="multiple-output.xml" />
-  <xi:include href="cross-compilation.xml" />
  <xi:include href="configuration.xml" />
  <xi:include href="functions.xml" />
  <xi:include href="meta.xml" />
  <xi:include href="languages-frameworks/index.xml" />
  <xi:include href="package-notes.xml" />
-  <xi:include href="overlays.xml" />
  <xi:include href="coding-conventions.xml" />
  <xi:include href="submitting-changes.xml" />
-  <xi:include href="reviewing-contributions.xml" />
+  <xi:include href="haskell-users-guide.xml" />
+  <xi:include href="erlang-users-guide.xml" />
  <xi:include href="contributing.xml" />

 </book>
--- a/doc/multiple-output.xml
+++ b/doc/multiple-output.xml
@@ -1,103 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE chapter [
-  <!ENTITY ndash "&#x2013;"> <!-- @vcunat likes to use this one ;-) -->
-]>
-<chapter xmlns="http://docbook.org/ns/docbook"
-         xmlns:xlink="http://www.w3.org/1999/xlink"
-         xml:id="chap-multiple-output">
-
-<title>Multiple-output packages</title>
-
-<section><title>Introduction</title>
-  <para>The Nix language allows a derivation to produce multiple outputs, which is similar to what is utilized by other Linux distribution packaging systems.  The outputs reside in separate nix store paths, so they can be mostly handled independently of each other, including passing to build inputs, garbage collection or binary substitution.  The exception is that building from source always produces all the outputs.</para>
-  <para>The main motivation is to save disk space by reducing runtime closure sizes; consequently also sizes of substituted binaries get reduced.  Splitting can be used to have more granular runtime dependencies, for example the typical reduction is to split away development-only files, as those are typically not needed during runtime.  As a result, closure sizes of many packages can get reduced to a half or even much less.</para>
-  <note><para>The reduction effects could be instead achieved by building the parts in completely separate derivations.  That would often additionally reduce build-time closures, but it tends to be much harder to write such derivations, as build systems typically assume all parts are being built at once.  This compromise approach of single source package producing multiple binary packages is also utilized often by rpm and deb.</para></note>
-</section>
-
-<section><title>Installing a split package</title>
-  <para>When installing a package via <varname>systemPackages</varname> or <command>nix-env</command> you have several options:</para>
-  <itemizedlist>
-    <listitem><para>You can install particular outputs explicitly, as each is available in the Nix language as an attribute of the package.  The <varname>outputs</varname> attribute contains a list of output names.</para></listitem>
-    <listitem><para>You can let it use the default outputs.  These are handled by <varname>meta.outputsToInstall</varname> attribute that contains a list of output names.</para>
-      <para>TODO: more about tweaking the attribute, etc.</para></listitem>
-    <listitem><para>NixOS provides configuration option <varname>environment.extraOutputsToInstall</varname> that allows adding extra outputs of <varname>environment.systemPackages</varname> atop the default ones.  It's mainly meant for documentation and debug symbols, and it's also modified by specific options.</para>
-      <note><para>At this moment there is no similar configurability for packages installed by <command>nix-env</command>.  You can still use approach from <xref linkend="sec-modify-via-packageOverrides" /> to override <varname>meta.outputsToInstall</varname> attributes, but that's a rather inconvenient way.</para></note>
-    </listitem>
-  </itemizedlist>
-</section>
-
-<section><title>Using a split package</title>
-  <para>In the Nix language the individual outputs can be reached explicitly as attributes, e.g. <varname>coreutils.info</varname>, but the typical case is just using packages as build inputs.</para>
-  <para>When a multiple-output derivation gets into a build input of another derivation, the <varname>dev</varname> output is added if it exists, otherwise the first output is added. In addition to that, <varname>propagatedBuildOutputs</varname> of that package which by default contain <varname>$outputBin</varname> and <varname>$outputLib</varname> are also added. (See <xref linkend="multiple-output-file-type-groups" />.)</para>
-</section>
-
-
-<section><title>Writing a split derivation</title>
-  <para>Here you find how to write a derivation that produces multiple outputs.</para>
-  <para>In nixpkgs there is a framework supporting multiple-output derivations. It tries to cover most cases by default behavior.  You can find the source separated in &lt;<filename>nixpkgs/pkgs/build-support/setup-hooks/multiple-outputs.sh</filename>&gt;; it's relatively well-readable.  The whole machinery is triggered by defining the <varname>outputs</varname> attribute to contain the list of desired output names (strings).</para>
-  <programlisting>outputs = [ "bin" "dev" "out" "doc" ];</programlisting>
-  <para>Often such a single line is enough.  For each output an equally named environment variable is passed to the builder and contains the path in nix store for that output.  By convention, the first output should contain the executable programs provided by the package as that output is used by Nix in string conversions, allowing references to binaries like <literal>${pkgs.perl}/bin/perl</literal> to always work. Typically you also want to have the main <varname>out</varname> output, as it catches any files that didn't get elsewhere.</para>
-
-  <note><para>There is a special handling of the <varname>debug</varname> output, described at <xref linkend="stdenv-separateDebugInfo" />.</para></note>
-
-  <section xml:id="multiple-output-file-type-groups">
-    <title>File type groups</title>
-    <para>The support code currently recognizes some particular kinds of outputs and either instructs the build system of the package to put files into their desired outputs or it moves the files during the fixup phase.  Each group of file types has an <varname>outputFoo</varname> variable specifying the output name where they should go.  If that variable isn't defined by the derivation writer, it is guessed &ndash; a default output name is defined, falling back to other possibilities if the output isn't defined.</para>
-    <variablelist>
-
-      <varlistentry><term><varname>
-         $outputDev</varname></term><listitem><para>
-         is for development-only files. These include C(++) headers, pkg-config, cmake and aclocal files.  They go to <varname>dev</varname> or <varname>out</varname> by default.
-       </para></listitem>
-      </varlistentry>
-
-      <varlistentry><term><varname>
-        $outputBin</varname></term><listitem><para>
-        is meant for user-facing binaries, typically residing in bin/.  They go to <varname>bin</varname> or <varname>out</varname> by default.
-      </para></listitem></varlistentry>
-
-      <varlistentry><term><varname>
-        $outputLib</varname></term><listitem><para>
-        is meant for libraries, typically residing in <filename>lib/</filename> and <filename>libexec/</filename>.  They go to <varname>lib</varname> or <varname>out</varname> by default.
-      </para></listitem></varlistentry>
-
-      <varlistentry><term><varname>
-        $outputDoc</varname></term><listitem><para>
-        is for user documentation, typically residing in <filename>share/doc/</filename>.  It goes to <varname>doc</varname> or <varname>out</varname> by default.
-      </para></listitem></varlistentry>
-
-      <varlistentry><term><varname>
-        $outputDevdoc</varname></term><listitem><para>
-        is for <emphasis>developer</emphasis> documentation.  Currently we count gtk-doc in there.  It goes to <varname>devdoc</varname> or is removed (!) by default.  This is because e.g. gtk-doc tends to be rather large and completely unused by nixpkgs users.
-      </para></listitem></varlistentry>
-
-      <varlistentry><term><varname>
-        $outputMan</varname></term><listitem><para>
-        is for man pages (except for section 3). They go to <varname>man</varname> or <varname>doc</varname> or <varname>$outputBin</varname> by default.
-      </para></listitem></varlistentry>
-
-      <varlistentry><term><varname>
-        $outputDevman</varname></term><listitem><para>
-        is for section 3 man pages. They go to <varname>devman</varname> or <varname>$outputMan</varname> by default.
-      </para></listitem></varlistentry>
-
-      <varlistentry><term><varname>
-        $outputInfo</varname></term><listitem><para>
-        is for info pages. They go to <varname>info</varname> or <varname>doc</varname> or <varname>$outputMan</varname> by default.
-      </para></listitem></varlistentry>
-
-    </variablelist>
-  </section>
-
-  <section><title>Common caveats</title>
-    <itemizedlist>
-      <listitem><para>Some configure scripts don't like some of the parameters passed by default by the framework, e.g. <literal>--docdir=/foo/bar</literal>.  You can disable this by setting <literal>setOutputFlags = false;</literal>.</para></listitem>
-      <listitem><para>The outputs of a single derivation can retain references to each other, but note that circular references are not allowed.  (And each strongly-connected component would act as a single output anyway.)</para></listitem>
-      <listitem><para>Most of split packages contain their core functionality in libraries.  These libraries tend to refer to various kind of data that typically gets into <varname>out</varname>, e.g. locale strings, so there is often no advantage in separating the libraries into <varname>lib</varname>, as keeping them in <varname>out</varname> is easier.</para></listitem>
-      <listitem><para>Some packages have hidden assumptions on install paths, which complicates splitting.</para></listitem>
-    </itemizedlist>
-  </section>
-
-</section><!--Writing a split derivation-->
-
-</chapter>
--- a/doc/old/cross.txt
+++ b/doc/old/cross.txt
@@ -61,7 +61,7 @@ stdenv.mkDerivation {
  builder = ./builder.sh;
  src = fetchurl {
    url = http://ftp.nluug.nl/gnu/binutils/binutils-2.16.1.tar.bz2;
-    sha256 = "1ian3kwh2vg6hr3ymrv48s04gijs539vzrq62xr76bxbhbwnz2np";
+    md5 = "6a9d529efb285071dad10e1f3d2b2967";
  };
  inherit noSysDirs;
  configureFlags = "--target=arm-linux";
@@ -81,11 +81,11 @@ Step 2: build kernel headers for the target architecture
 assert stdenv.system == "i686-linux";

 stdenv.mkDerivation {
-  name = "linux-headers-2.6.13.1-arm";
+  name = "linux-headers-2.6.13.4-arm";
  builder = ./builder.sh;
  src = fetchurl {
-    url = http://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.13.1.tar.bz2;
-    sha256 = "12qxmc827fjhaz53kjy7vyrzsaqcg78amiqsb3qm20z26w705lma";
+    url = http://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.13.4.tar.bz2;
+    md5 = "94768d7eef90a9d8174639b2a7d3f58d";
  };
 }
 ---
@@ -152,7 +152,9 @@ stdenv.mkDerivation {
  builder = ./builder.sh;
  src = fetchurl {
    url = ftp://ftp.nluug.nl/pub/gnu/gcc/gcc-4.0.2/gcc-core-4.0.2.tar.bz2;
-    sha256 = "02fxh0asflm8825w23l2jq1wvs7hbnam0jayrivg7zdv2ifnc0rc";
+    md5 = "f7781398ada62ba255486673e6274b26";
+    #url = ftp://ftp.nluug.nl/pub/gnu/gcc/gcc-4.0.2/gcc-4.0.2.tar.bz2;
+    #md5 = "a659b8388cac9db2b13e056e574ceeb0";
  };
  # !!! apply only if noSysDirs is set
  patches = [./no-sys-dirs.patch ./gcc-inhibit.patch];
--- a/doc/old/update-upstream-data.txt
+++ b/doc/old/update-upstream-data.txt
@@ -0,0 +1,14 @@
+Semi-automatic source information updating using "update-upstream-data.sh" script and "src-{,info-}for-*.nix"
+
+1. Recognizing when a pre-existing package uses this mechanism.
+
+Packages using this automatical update mechanism have src-info-for-default.nix and src-for-default.nix next to default.nix. src-info-for-default.nix describes getting the freshest source from upstream web site; src-for-default.nix is a generated file with the current data about used source. Both files define a simple attrSet. 
+
+src-info-for-default.nix (for a file grabbed via http) contains at least downloadPage attribute - it is the page we need to look at to find out the latest version. It also contains baseName that is used for automatical generation of package name containing version. It can contain extra data for trickier cases.
+
+src-for-default.nix will contain advertisedUrl (raw URL chosen on the site; its change prompts regeneration of source data), url for fetchurl, hash, version retrieved from the download URL and suggested package name.
+
+2. Updating a package
+
+nixpkgs/pkgs/build-support/upstream-updater directory contains some scripts. The worker script is called update-upstream-data.sh. This script requires main expression name (e.g. default.nix). It can optionally accpet a second parameter, URL which will be used instead of getting one by parsing the downloadPage (version extraction, mirror URL creation etc. will still be run). After running the script, check src-for-default.nix (or replace default.nix with expression name, if there are seceral expressions in the directory) for new version information.
+
--- a/doc/overlays.xml
+++ b/doc/overlays.xml
@@ -1,99 +0,0 @@
-<chapter xmlns="http://docbook.org/ns/docbook"
-         xmlns:xlink="http://www.w3.org/1999/xlink"
-         xml:id="chap-overlays">
-
-<title>Overlays</title>
-
-<para>This chapter describes how to extend and change Nixpkgs packages using
-overlays. Overlays are used to add layers in the fix-point used by Nixpkgs
-to compose the set of all packages.</para>
-
-<!--============================================================-->
-
-<section xml:id="sec-overlays-install">
-<title>Installing Overlays</title>
-
-<para>The set of overlays is looked for in the following places. The
-first one present is considered, and all the rest are ignored:
-
-<orderedlist>
-
-  <listitem>
-
-    <para>As an argument of the imported attribute set. When importing Nixpkgs,
-    the <varname>overlays</varname> attribute argument can be set to a list of
-    functions, which is described in <xref linkend="sec-overlays-layout"/>.</para>
-
-  </listitem>
-
-  <listitem>
-
-    <para>In the directory pointed to by the Nix search path entry
-    <literal>&lt;nixpkgs-overlays></literal>.</para>
-  </listitem>
-
-  <listitem>
-
-    <para>In the directory <filename>~/.config/nixpkgs/overlays/</filename>.</para>
-  </listitem>
-
-</orderedlist>
-</para>
-
-<para>For the second and third options, the directory should contain Nix expressions defining the
-overlays. Each overlay can be a file, a directory containing a
-<filename>default.nix</filename>, or a symlink to one of those. The expressions should follow
-the syntax described in <xref linkend="sec-overlays-layout"/>.</para>
-
-<para>The order of the overlay layers can influence the recipe of packages if multiple layers override
-the same recipe. In the case where overlays are loaded from a directory, they are loaded in
-alphabetical order.</para>
-
-<para>To install an overlay using the last option, you can clone the overlay's repository and add
-a symbolic link to it in <filename>~/.config/nixpkgs/overlays/</filename> directory.</para>
-
-</section>
-
-<!--============================================================-->
-
-<section xml:id="sec-overlays-layout">
-<title>Overlays Layout</title>
-
-<para>Overlays are expressed as Nix functions which accept 2 arguments and return a set of
-packages.</para>
-
-<programlisting>
-self: super:
-
-{
-  boost = super.boost.override {
-    python = self.python3;
-  };
-  rr = super.callPackage ./pkgs/rr {
-    stdenv = self.stdenv_32bit;
-  };
-}
-</programlisting>
-
-<para>The first argument, usually named <varname>self</varname>, corresponds to the final package
-set. You should use this set for the dependencies of all packages specified in your
-overlay. For example, all the dependencies of <varname>rr</varname> in the example above come
-from <varname>self</varname>, as well as the overridden dependencies used in the
-<varname>boost</varname> override.</para>
-
-<para>The second argument, usually named <varname>super</varname>,
-corresponds to the result of the evaluation of the previous stages of
-Nixpkgs. It does not contain any of the packages added by the current
-overlay nor any of the following overlays. This set should be used either
-to refer to packages you wish to override, or to access functions defined
-in Nixpkgs. For example, the original recipe of <varname>boost</varname>
-in the above example, comes from <varname>super</varname>, as well as the
-<varname>callPackage</varname> function.</para>
-
-<para>The value returned by this function should be a set similar to
-<filename>pkgs/top-level/all-packages.nix</filename>, which contains
-overridden and/or new packages.</para>
-
-</section>
-
-</chapter>
--- a/doc/package-notes.xml
+++ b/doc/package-notes.xml
@@ -278,7 +278,7 @@ packageOverrides = pkgs: {
 </screen>

    to your Nixpkgs configuration
-    (<filename>~/.config/nixpkgs/config.nix</filename>) and install it by
+    (<filename>~/.nixpkgs/config.nix</filename>) and install it by
    running <command>nix-env -f '&lt;nixpkgs&gt;' -iA
    myEclipse</command> and afterward run Eclipse as usual. It is
    possible to find out which plugins are available for installation
@@ -366,154 +366,4 @@ it. Place the resulting <filename>package.nix</filename> file into

 </section>

-<section xml:id="sec-autojump">
-
-<title>Autojump</title>
-
-<para>
-  autojump needs the shell integration to be useful but unlike other systems,
-  nix doesn't have a standard share directory location. This is why a
-  <command>autojump-share</command> script is shipped that prints the location
-  of the shared folder. This can then be used in the .bashrc like this:
-<screen>
-  source "$(autojump-share)/autojump.bash"
-</screen>
-</para>
-
-</section>
-
-<section xml:id="sec-steam">
-
-<title>Steam</title>
-
-<section xml:id="sec-steam-nix">
-
-<title>Steam in Nix</title>
-
-<para>
-  Steam is distributed as a <filename>.deb</filename> file, for now only 
-  as an i686 package (the amd64 package only has documentation). 
-  When unpacked, it has a script called <filename>steam</filename> that 
-  in ubuntu (their target distro) would go to <filename>/usr/bin
-  </filename>. When run for the first time, this script copies some 
-  files to the user's home, which include another script that is the 
-  ultimate responsible for launching the steam binary, which is also 
-  in $HOME.
-</para>
-<para>
-  Nix problems and constraints:
-<itemizedlist>
-  <listitem><para>We don't have <filename>/bin/bash</filename> and many 
-  scripts point there. Similarly for <filename>/usr/bin/python</filename>
-  .</para></listitem>
-  <listitem><para>We don't have the dynamic loader in <filename>/lib
-  </filename>.</para></listitem>
-  <listitem><para>The <filename>steam.sh</filename> script in $HOME can 
-  not be patched, as it is checked and rewritten by steam.</para></listitem>
-  <listitem><para>The steam binary cannot be patched, it's also checked.</para></listitem>
-</itemizedlist>
-</para>
-<para>
-  The current approach to deploy Steam in NixOS is composing a FHS-compatible
-  chroot environment, as documented
-  <link xlink:href="http://sandervanderburg.blogspot.nl/2013/09/composing-fhs-compatible-chroot.html">here</link>.
-  This allows us to have binaries in the expected paths without disrupting the system,
-  and to avoid patching them to work in a non FHS environment.
-</para>
-
-</section>
-
-<section xml:id="sec-steam-play">
-
-<title>How to play</title>
-
-<para>
-  For 64-bit systems it's important to have 
-  <programlisting>hardware.opengl.driSupport32Bit = true;</programlisting> 
-  in your <filename>/etc/nixos/configuration.nix</filename>. You'll also need 
-  <programlisting>hardware.pulseaudio.support32Bit = true;</programlisting> 
-  if you are using PulseAudio - this will enable 32bit ALSA apps integration.
-  To use the Steam controller, you need to add
-  <programlisting>services.udev.extraRules = ''
-    SUBSYSTEM=="usb", ATTRS{idVendor}=="28de", MODE="0666"
-    KERNEL=="uinput", MODE="0660", GROUP="users", OPTIONS+="static_node=uinput"
-  '';</programlisting>
-  to your configuration.
-</para>
-
-</section>
-
-<section xml:id="sec-steam-troub">
-
-<title>Troubleshooting</title>
-
-<para>
-<variablelist>
-
-  <varlistentry>
-    <term>Steam fails to start. What do I do?</term>
-    <listitem><para>Try to run 
-    <programlisting>strace steam</programlisting>
-    to see what is causing steam to fail.</para></listitem>
-  </varlistentry>
-
-  <varlistentry>
-  <term>Using the FOSS Radeon drivers</term>
-  <listitem><itemizedlist><listitem><para>
-  The open source radeon drivers need a newer libc++ than is provided 
-  by the default runtime, which leads to a crash on launch. Use
-  <programlisting>environment.systemPackages = [(pkgs.steam.override { newStdcpp = true; })];</programlisting>
-  in your config if you get an error like
-  <programlisting>
-libGL error: unable to load driver: radeonsi_dri.so
-libGL error: driver pointer missing
-libGL error: failed to load driver: radeonsi
-libGL error: unable to load driver: swrast_dri.so
-libGL error: failed to load driver: swrast</programlisting></para></listitem>
-  <listitem><para>
-  Steam ships statically linked with a version of libcrypto that
-  conflics with the one dynamically loaded by radeonsi_dri.so.
-  If you get the error
-  <programlisting>steam.sh: line 713: 7842 Segmentation fault (core dumped)</programlisting>
-  have a look at <link xlink:href="https://github.com/NixOS/nixpkgs/pull/20269">this pull request</link>.
-  </para></listitem>
-
-  </itemizedlist></listitem></varlistentry>
-
-  <varlistentry>
-  <term>Java</term>
-  <listitem><orderedlist>
-  <listitem><para>
-  There is no java in steam chrootenv by default. If you get a message like
-  <programlisting>/home/foo/.local/share/Steam/SteamApps/common/towns/towns.sh: line 1: java: command not found</programlisting>
-  You need to add  
-  <programlisting> steam.override { withJava = true; };</programlisting>
-  to your configuration.
-  </para></listitem>
-  </orderedlist></listitem></varlistentry>
-
-</variablelist>
-</para>
-
-</section>
-
-<section xml:id="sec-steam-run">
-
-<title>steam-run</title>
-<para>
-The FHS-compatible chroot used for steam can also be used to run 
-other linux games that expect a FHS environment.
-To do it, add 
-<programlisting>pkgs.(steam.override {
-          nativeOnly = true;
-          newStdcpp = true;
-        }).run</programlisting>
-to your configuration, rebuild, and run the game with 
-<programlisting>steam-run ./foo</programlisting>
-</para>
-
-</section>
-
-</section>
-
 </chapter>
--- a/doc/reviewing-contributions.xml
+++ b/doc/reviewing-contributions.xml
@@ -1,393 +0,0 @@
-<chapter xmlns="http://docbook.org/ns/docbook"
-        xmlns:xlink="http://www.w3.org/1999/xlink"
-        xmlns:xi="http://www.w3.org/2001/XInclude"
-        version="5.0"
-        xml:id="sec-reviewing-contributions">
-
-<title>Reviewing contributions</title>
-
-<warning>
-  <para>The following section is a draft and reviewing policy is still being 
-    discussed.</para>
-</warning>
-
-<para>The nixpkgs projects receives a fairly high number of contributions via 
-  GitHub pull-requests. Reviewing and approving these is an important task and a 
-  way to contribute to the project.</para>
-
-<para>The high change rate of nixpkgs make any pull request that is open for 
-  long enough subject to conflicts that will require extra work from the 
-  submitter or the merger. Reviewing pull requests in a timely manner and being 
-  responsive to the comments is the key to avoid these. GitHub provides sort 
-  filters that can be used to see the <link 
-    xlink:href="https://github.com/NixOS/nixpkgs/pulls?q=is%3Apr+is%3Aopen+sort%3Aupdated-desc">most 
-    recently</link> and the <link 
-    xlink:href="https://github.com/NixOS/nixpkgs/pulls?q=is%3Apr+is%3Aopen+sort%3Aupdated-asc">least 
-    recently</link> updated pull-requests.</para>
-
-<para>When reviewing a pull request, please always be nice and polite. 
-  Controversial changes can lead to controversial opinions, but it is important 
-  to respect every community members and their work.</para>
-
-<para>GitHub provides reactions, they are a simple and quick way to provide 
-  feedback to pull-requests or any comments. The thumb-down reaction should be 
-  used with care and if possible accompanied with some explanations so the 
-  submitter has directions to improve his contribution.</para>
-
-<para>Pull-requests reviews should include a list of what has been reviewed in a 
-  comment, so other reviewers and mergers can know the state of the 
-  review.</para>
-
-<para>All the review template samples provided in this section are generic and 
-  meant as examples. Their usage is optional and the reviewer is free to adapt 
-  them to his liking.</para>
-
-<section><title>Package updates</title>
-
-<para>A package update is the most trivial and common type of pull-request. 
-  These pull-requests mainly consist in updating the version part of the package 
-  name and the source hash.</para>
-<para>It can happen that non trivial updates include patches or more complex 
-  changes.</para>
-
-<para>Reviewing process:</para>
-
-<itemizedlist>
-  <listitem><para>Add labels to the pull-request. (Requires commit 
-      rights)</para>
-    <itemizedlist>
-      <listitem><para><literal>8.has: package (update)</literal> and any topic 
-          label that fit the updated package.</para></listitem>
-    </itemizedlist>
-  </listitem>
-  <listitem><para>Ensure that the package versioning is fitting the 
-      guidelines.</para></listitem>
-  <listitem><para>Ensure that the commit text is fitting the 
-      guidelines.</para></listitem>
-  <listitem><para>Ensure that the package maintainers are notified.</para>
-    <itemizedlist>
-      <listitem><para>mention-bot usually notify GitHub users based on the 
-          submitted changes, but it can happen that it misses some of the 
-          package maintainers.</para></listitem>
-    </itemizedlist>
-  </listitem>
-  <listitem><para>Ensure that the meta field contains correct 
-      information.</para>
-    <itemizedlist>
-      <listitem><para>License can change with version updates, so it should be 
-          checked to be fitting upstream license.</para></listitem>
-      <listitem><para>If the package has no maintainer, a maintainer must be 
-          set. This can be the update submitter or a community member that 
-          accepts to take maintainership of the package.</para></listitem>
-    </itemizedlist>
-  </listitem>
-  <listitem><para>Ensure that the code contains no typos.</para></listitem>
-  <listitem><para>Building the package locally.</para>
-    <itemizedlist>
-      <listitem><para>Pull-requests are often targeted to the master or staging 
-          branch so building the pull-request locally as it is submitted can 
-          trigger a large amount of source builds.</para>
-        <para>It is possible to rebase the changes on nixos-unstable or 
-          nixpkgs-unstable for easier review by running the following commands 
-          from a nixpkgs clone.
-<screen>
-$ git remote add channels https://github.com/NixOS/nixpkgs-channels.git <co 
-  xml:id='reviewing-rebase-1' />
-$ git fetch channels nixos-unstable <co xml:id='reviewing-rebase-2' />
-$ git fetch origin pull/PRNUMBER/head <co xml:id='reviewing-rebase-3' />
-$ git rebase --onto nixos-unstable BASEBRANCH FETCH_HEAD <co 
-  xml:id='reviewing-rebase-4' />
-</screen>
-        <calloutlist>
-          <callout arearefs='reviewing-rebase-1'>
-            <para>This should be done only once to be able to fetch channel 
-              branches from the nixpkgs-channels repository.</para>
-          </callout>
-          <callout arearefs='reviewing-rebase-2'>
-            <para>Fetching the nixos-unstable branch.</para>
-          </callout>
-          <callout arearefs='reviewing-rebase-3'>
-            <para>Fetching the pull-request changes, <varname>PRNUMBER</varname> 
-              is the number at the end of the pull-request title and 
-              <varname>BASEBRANCH</varname> the base branch of the 
-              pull-request.</para>
-          </callout>
-          <callout arearefs='reviewing-rebase-3'>
-            <para>Rebasing the pull-request changes to the nixos-unstable 
-              branch.</para>
-          </callout>
-        </calloutlist>
-        </para>
-      </listitem>
-      <listitem>
-        <para>The <link xlink:href="https://github.com/madjar/nox">nox</link> 
-          tool can be used to review a pull-request content in a single command. 
-          It doesn't rebase on a channel branch so it might trigger multiple 
-          source builds. <varname>PRNUMBER</varname> should be replaced by the 
-          number at the end of the pull-request title.</para>
-<screen>
-$ nix-shell -p nox --run "nox-review -k pr PRNUMBER"
-</screen>
-      </listitem>
-    </itemizedlist>
-  </listitem>
-  <listitem><para>Running every binary.</para></listitem>
-</itemizedlist>
-
-<example><title>Sample template for a package update review</title>
-<screen>
-##### Reviewed points
-
- [ ] package name fits guidelines
- [ ] package version fits guidelines
- [ ] package build on ARCHITECTURE
- [ ] executables tested on ARCHITECTURE
- [ ] all depending packages build
-
-##### Possible improvements
-
-##### Comments
-
-</screen></example>
-</section>
-
-<section><title>New packages</title>
-
-<para>New packages are a common type of pull-requests. These pull requests 
-  consists in adding a new nix-expression for a package.</para>
-
-<para>Reviewing process:</para>
-
-<itemizedlist>
-  <listitem><para>Add labels to the pull-request. (Requires commit 
-      rights)</para>
-    <itemizedlist>
-      <listitem><para><literal>8.has: package (new)</literal> and any topic 
-          label that fit the new package.</para></listitem>
-    </itemizedlist>
-  </listitem>
-  <listitem><para>Ensure that the package versioning is fitting the 
-      guidelines.</para></listitem>
-  <listitem><para>Ensure that the commit name is fitting the 
-      guidelines.</para></listitem>
-  <listitem><para>Ensure that the meta field contains correct 
-      information.</para>
-    <itemizedlist>
-      <listitem><para>License must be checked to be fitting upstream 
-          license.</para></listitem>
-      <listitem><para>Platforms should be set or the package will not get binary 
-          substitutes.</para></listitem>
-      <listitem><para>A maintainer must be set, this can be the package 
-          submitter or a community member that accepts to take maintainership of 
-          the package.</para></listitem>
-    </itemizedlist>
-  </listitem>
-  <listitem><para>Ensure that the code contains no typos.</para></listitem>
-  <listitem><para>Ensure the package source.</para>
-    <itemizedlist>
-      <listitem><para>Mirrors urls should be used when 
-          available.</para></listitem>
-      <listitem><para>The most appropriate function should be used (e.g. 
-          packages from GitHub should use 
-          <literal>fetchFromGitHub</literal>).</para></listitem>
-    </itemizedlist>
-  </listitem>
-  <listitem><para>Building the package locally.</para></listitem>
-  <listitem><para>Running every binary.</para></listitem>
-</itemizedlist>
-
-<example><title>Sample template for a new package review</title>
-<screen>
-##### Reviewed points
-
- [ ] package path fits guidelines
- [ ] package name fits guidelines
- [ ] package version fits guidelines
- [ ] package build on ARCHITECTURE
- [ ] executables tested on ARCHITECTURE
- [ ] `meta.description` is set and fits guidelines
- [ ] `meta.license` fits upstream license
- [ ] `meta.platforms` is set
- [ ] `meta.maintainers` is set
- [ ] build time only dependencies are declared in `nativeBuildInputs`
- [ ] source is fetched using the appropriate function
- [ ] phases are respected
- [ ] patches that are remotely available are fetched with `fetchpatch`
-
-##### Possible improvements
-
-##### Comments
-
-</screen></example>
-</section>
-
-<section><title>Module updates</title>
-
-<para>Module updates are submissions changing modules in some ways. These often 
-  contains changes to the options or introduce new options.</para>
-
-<para>Reviewing process</para>
-
-<itemizedlist>
-  <listitem><para>Add labels to the pull-request. (Requires commit 
-      rights)</para>
-    <itemizedlist>
-      <listitem><para><literal>8.has: module (update)</literal> and any topic 
-          label that fit the module.</para></listitem>
-    </itemizedlist>
-  </listitem>
-  <listitem><para>Ensure that the module maintainers are notified.</para>
-    <itemizedlist>
-      <listitem><para>Mention-bot notify GitHub users based on the submitted 
-          changes, but it can happen that it miss some of the package 
-          maintainers.</para></listitem>
-    </itemizedlist>
-  </listitem>
-  <listitem><para>Ensure that the module tests, if any, are 
-      succeeding.</para></listitem>
-  <listitem><para>Ensure that the introduced options are correct.</para>
-    <itemizedlist>
-      <listitem><para>Type should be appropriate (string related types differs 
-          in their merging capabilities, <literal>optionSet</literal> and 
-          <literal>string</literal> types are deprecated).</para></listitem>
-      <listitem><para>Description, default and example should be 
-          provided.</para></listitem>
-    </itemizedlist>
-  </listitem>
-  <listitem><para>Ensure that option changes are backward compatible.</para>
-    <itemizedlist>
-      <listitem><para><literal>mkRenamedOptionModule</literal> and 
-          <literal>mkAliasOptionModule</literal> functions provide way to make 
-          option changes backward compatible.</para></listitem>
-    </itemizedlist>
-  </listitem>
-  <listitem><para>Ensure that removed options are declared with 
-      <literal>mkRemovedOptionModule</literal></para></listitem>
-  <listitem><para>Ensure that changes that are not backward compatible are 
-      mentioned in release notes.</para></listitem>
-  <listitem><para>Ensure that documentations affected by the change is 
-      updated.</para></listitem>
-</itemizedlist>
-
-<example><title>Sample template for a module update review</title>
-<screen>
-##### Reviewed points
-
- [ ] changes are backward compatible
- [ ] removed options are declared with `mkRemovedOptionModule`
- [ ] changes that are not backward compatible are documented in release notes
- [ ] module tests succeed on ARCHITECTURE
- [ ] options types are appropriate
- [ ] options description is set
- [ ] options example is provided
- [ ] documentation affected by the changes is updated
-
-##### Possible improvements
-
-##### Comments
-
-</screen></example>
-</section>
-
-<section><title>New modules</title>
-
-<para>New modules submissions introduce a new module to NixOS.</para>
-
-<itemizedlist>
-  <listitem><para>Add labels to the pull-request. (Requires commit 
-      rights)</para>
-    <itemizedlist>
-      <listitem><para><literal>8.has: module (new)</literal> and any topic label 
-          that fit the module.</para></listitem>
-    </itemizedlist>
-  </listitem>
-  <listitem><para>Ensure that the module tests, if any, are 
-      succeeding.</para></listitem>
-  <listitem><para>Ensure that the introduced options are correct.</para>
-    <itemizedlist>
-      <listitem><para>Type should be appropriate (string related types differs 
-          in their merging capabilities, <literal>optionSet</literal> and 
-          <literal>string</literal> types are deprecated).</para></listitem>
-      <listitem><para>Description, default and example should be 
-          provided.</para></listitem>
-    </itemizedlist>
-  </listitem>
-  <listitem><para>Ensure that module <literal>meta</literal> field is 
-      present</para>
-    <itemizedlist>
-      <listitem><para>Maintainers should be declared in 
-          <literal>meta.maintainers</literal>.</para></listitem>
-      <listitem><para>Module documentation should be declared with 
-          <literal>meta.doc</literal>.</para></listitem>
-    </itemizedlist>
-  </listitem>
-  <listitem><para>Ensure that the module respect other modules 
-      functionality.</para>
-    <itemizedlist>
-      <listitem><para>For example, enabling a module should not open firewall 
-          ports by default.</para></listitem>
-    </itemizedlist>
-  </listitem>
-</itemizedlist>
-
-<example><title>Sample template for a new module review</title>
-<screen>
-##### Reviewed points
-
- [ ] module path fits the guidelines
- [ ] module tests succeed on ARCHITECTURE
- [ ] options have appropriate types
- [ ] options have default
- [ ] options have example
- [ ] options have descriptions
- [ ] No unneeded package is added to system.environmentPackages
- [ ] meta.maintainers is set
- [ ] module documentation is declared in meta.doc
-
-##### Possible improvements
-
-##### Comments
-
-</screen></example>
-</section>
-
-<section><title>Other submissions</title>
-
-<para>Other type of submissions requires different reviewing steps.</para>
-
-<para>If you consider having enough knowledge and experience in a topic and 
-  would like to be a long-term reviewer for related submissions, please contact 
-  the current reviewers for that topic. They will give you information about the 
-  reviewing process.
-The main reviewers for a topic can be hard to find as there is no list, but 
-checking past pull-requests to see who reviewed or git-blaming the code to see 
-who committed to that topic can give some hints.</para>
-
-<para>Container system, boot system and library changes are some examples of the 
-  pull requests fitting this category.</para>
-
-</section>
-
-<section><title>Merging pull-requests</title>
-
-<para>It is possible for community members that have enough knowledge and 
-  experience on a special topic to contribute by merging pull requests.</para>
-
-<para>TODO: add the procedure to request merging rights.</para>
-
-<!--
-The following paragraph about how to deal with unactive contributors is just a
-proposition and should be modified to what the community agrees to be the right
-policy.
-
-<para>Please note that contributors with commit rights unactive for more than 
-  three months will have their commit rights revoked.</para>
-->
-
-<para>In a case a contributor leaves definitively the Nix community, he should 
-  create an issue or notify the mailing list with references of packages and 
-  modules he maintains so the maintainership can be taken over by other 
-  contributors.</para>
-
-</section>
-</chapter>
--- a/doc/stdenv.xml
+++ b/doc/stdenv.xml
@@ -27,7 +27,7 @@ stdenv.mkDerivation {
  name = "libfoo-1.2.3";
  src = fetchurl {
    url = http://example.org/libfoo-1.2.3.tar.bz2;
-    sha256 = "0x2g1jqygyr5wiwg4ma1nd7w4ydpy82z9gkcv8vh2v8dn3y58v5m";
+    md5 = "e1ec107956b6ddcb0b8b0679367e9ac9";
  };
 }</programlisting>

@@ -194,52 +194,33 @@ genericBuild
    tools.</para></listitem>
  </varlistentry>

-</variablelist>
-
-<variablelist>
-  <title>Variables specifying dependencies</title>
-
-  <varlistentry>
-    <term><varname>nativeBuildInputs</varname></term>
-    <listitem><para>
-      A list of dependencies used by the new derivation at <emphasis>build</emphasis>-time.
-      I.e. these dependencies should not make it into the package's runtime-closure, though this is currently not checked.
-      For each dependency <replaceable>dir</replaceable>, the directory <filename><replaceable>dir</replaceable>/bin</filename>, if it exists, is added to the <envar>PATH</envar> environment variable.
-      Other environment variables are also set up via a pluggable mechanism.
-      For instance, if <varname>buildInputs</varname> contains Perl, then the <filename>lib/site_perl</filename> subdirectory of each input is added to the <envar>PERL5LIB</envar> environment variable.
-      See <xref linkend="ssec-setup-hooks"/> for details.
-    </para></listitem>
-  </varlistentry>
-
  <varlistentry>
    <term><varname>buildInputs</varname></term>
-    <listitem><para>
-      A list of dependencies used by the new derivation at <emphasis>run</emphasis>-time.
-      Currently, the build-time environment is modified in the exact same way as with <varname>nativeBuildInputs</varname>.
-      This is problematic in that when cross-compiling, foreign executables can clobber native ones on the <envar>PATH</envar>.
-      Even more confusing is static-linking.
-      A statically-linked library should be listed here because ultimately that generated machine code will be used at run-time, even though a derivation containing the object files or static archives will only be used at build-time.
-      A less confusing solution to this would be nice.
-    </para></listitem>
+    <listitem><para>A list of dependencies used by
+    <literal>stdenv</literal> to set up the environment for the build.
+    For each dependency <replaceable>dir</replaceable>, the directory
+    <filename><replaceable>dir</replaceable>/bin</filename>, if it
+    exists, is added to the <envar>PATH</envar> environment variable.
+    Other environment variables are also set up via a pluggable
+    mechanism.  For instance, if <varname>buildInputs</varname>
+    contains Perl, then the <filename>lib/site_perl</filename>
+    subdirectory of each input is added to the <envar>PERL5LIB</envar>
+    environment variable.  See <xref linkend="ssec-setup-hooks"/> for
+    details.</para></listitem>
  </varlistentry>
-
-
-  <varlistentry>
-    <term><varname>propagatedNativeBuildInputs</varname></term>
-    <listitem><para>
-      Like <varname>nativeBuildInputs</varname>, but these dependencies are <emphasis>propagated</emphasis>:
-      that is, the dependencies listed here are added to the <varname>nativeBuildInputs</varname> of any package that uses <emphasis>this</emphasis> package as a dependency.
-      So if package Y has <literal>propagatedBuildInputs = [X]</literal>, and package Z has <literal>buildInputs = [Y]</literal>, then package X will appear in Z’s build environment automatically.
-    </para></listitem>
-  </varlistentry>
-
+  
  <varlistentry>
    <term><varname>propagatedBuildInputs</varname></term>
-    <listitem><para>
-      Like <varname>buildInputs</varname>, but propagated just like <varname>propagatedNativeBuildInputs</varname>.
-      This inherits <varname>buildInputs</varname>'s flaws of clobbering native executables when cross-compiling and being confusing for static linking.
-    </para></listitem>
+    <listitem><para>Like <varname>buildInputs</varname>, but these
+    dependencies are <emphasis>propagated</emphasis>: that is, the
+    dependencies listed here are added to the
+    <varname>buildInputs</varname> of any package that uses
+    <emphasis>this</emphasis> package as a dependency.  So if package
+    Y has <literal>propagatedBuildInputs = [X]</literal>, and package
+    Z has <literal>buildInputs = [Y]</literal>, then package X will
+    appear in Z’s build environment automatically.</para></listitem>
  </varlistentry>
+  

 </variablelist>

@@ -341,7 +322,7 @@ executed and in what order:
      $preInstallPhases installPhase fixupPhase $preDistPhases
      distPhase $postPhases</literal>.
      </para>
-
+      
      <para>Usually, if you just want to add a few phases, it’s more
      convenient to set one of the variables below (such as
      <varname>preInstallPhases</varname>), as you then don’t specify
@@ -576,8 +557,8 @@ script) if it exists.</para>

  <varlistentry>
    <term><varname>configureFlags</varname></term>
-    <listitem><para>A list of strings passed as additional arguments to the
-    configure script.</para></listitem>
+    <listitem><para>Additional arguments passed to the configure
+    script.</para></listitem>
  </varlistentry>

  <varlistentry>
@@ -677,7 +658,7 @@ nothing.</para>

  <varlistentry>
    <term><varname>makeFlags</varname></term>
-    <listitem><para>A list of strings passed as additional flags to
+    <listitem><para>Additional flags passed to
    <command>make</command>.  These flags are also used by the default
    install and check phase.  For setting make flags specific to the
    build phase, use <varname>buildFlags</varname> (see
@@ -704,7 +685,7 @@ makeFlagsArray=(CFLAGS="-O0 -g" LDFLAGS="-lfoo -lbar")

  <varlistentry>
    <term><varname>buildFlags</varname> / <varname>buildFlagsArray</varname></term>
-    <listitem><para>A list of strings passed as additional flags to
+    <listitem><para>Additional flags passed to
    <command>make</command>.  Like <varname>makeFlags</varname> and
    <varname>makeFlagsArray</varname>, but only used by the build
    phase.</para></listitem>
@@ -725,7 +706,7 @@ makeFlagsArray=(CFLAGS="-O0 -g" LDFLAGS="-lfoo -lbar")
 </variablelist>


-<para>
+<para> 
 You can set flags for <command>make</command> through the
 <varname>makeFlags</varname> variable.</para>

@@ -772,7 +753,7 @@ doCheck = true;</programlisting>

  <varlistentry>
    <term><varname>checkFlags</varname> / <varname>checkFlagsArray</varname></term>
-    <listitem><para>A list of strings passed as additional flags to
+    <listitem><para>Additional flags passed to
    <command>make</command>.  Like <varname>makeFlags</varname> and
    <varname>makeFlagsArray</varname>, but only used by the check
    phase.</para></listitem>
@@ -792,7 +773,7 @@ doCheck = true;</programlisting>

 </variablelist>

-
+  
 </section>


@@ -827,7 +808,7 @@ installTargets = "install-bin install-doc";</programlisting>

  <varlistentry>
    <term><varname>installFlags</varname> / <varname>installFlagsArray</varname></term>
-    <listitem><para>A list of strings passed as additional flags to
+    <listitem><para>Additional flags passed to
    <command>make</command>.  Like <varname>makeFlags</varname> and
    <varname>makeFlagsArray</varname>, but only used by the install
    phase.</para></listitem>
@@ -859,12 +840,12 @@ install phase.  The default <function>fixupPhase</function> does the
 following:

 <itemizedlist>
-
+      
  <listitem><para>It moves the <filename>man/</filename>,
  <filename>doc/</filename> and <filename>info/</filename>
  subdirectories of <envar>$out</envar> to
  <filename>share/</filename>.</para></listitem>
-
+      
  <listitem><para>It strips libraries and executables of debug
  information.</para></listitem>

@@ -975,7 +956,7 @@ following:
    phase.</para></listitem>
  </varlistentry>

-  <varlistentry xml:id="stdenv-separateDebugInfo">
+  <varlistentry>
    <term><varname>separateDebugInfo</varname></term>
    <listitem><para>If set to <literal>true</literal>, the standard
    environment will enable debug information in C/C++ builds. After
@@ -1007,41 +988,6 @@ set debug-file-directory ~/.nix-profile/lib/debug

 </section>

-<section xml:id="ssec-installCheck-phase"><title>The installCheck phase</title>
-
-<para>The installCheck phase checks whether the package was installed
-correctly by running its test suite against the installed directories.
-The default <function>installCheck</function> calls <command>make
-installcheck</command>.</para>
-
-<variablelist>
-  <title>Variables controlling the installCheck phase</title>
-
-  <varlistentry>
-    <term><varname>doInstallCheck</varname></term>
-    <listitem><para>If set to a non-empty string, the installCheck phase is
-    executed, otherwise it is skipped (default).  Thus you should set
-
-    <programlisting>doInstallCheck = true;</programlisting>
-
-    in the derivation to enable install checks.</para></listitem>
-  </varlistentry>
-
-  <varlistentry>
-    <term><varname>preInstallCheck</varname></term>
-    <listitem><para>Hook executed at the start of the installCheck
-    phase.</para></listitem>
-  </varlistentry>
-
-  <varlistentry>
-    <term><varname>postInstallCheck</varname></term>
-    <listitem><para>Hook executed at the end of the installCheck
-    phase.</para></listitem>
-  </varlistentry>
-
-</variablelist>
-
-</section>

 <section xml:id="ssec-distribution-phase"><title>The distribution
 phase</title>
@@ -1110,41 +1056,13 @@ functions.</para>

 <variablelist>

-
-  <varlistentry xml:id='fun-makeWrapper'>
-    <term><function>makeWrapper</function>
-    <replaceable>executable</replaceable>
-    <replaceable>wrapperfile</replaceable>
-    <replaceable>args</replaceable></term>
-    <listitem><para>Constructs a wrapper for a program with various
-    possible arguments. For example:
-
-<programlisting>
-# adds `FOOBAR=baz` to `$out/bin/foo`’s environment
-makeWrapper $out/bin/foo $wrapperfile --set FOOBAR baz
-
-# prefixes the binary paths of `hello` and `git`
-# Be advised that paths often should be patched in directly
-# (via string replacements or in `configurePhase`).
-makeWrapper $out/bin/foo $wrapperfile --prefix PATH : ${lib.makeBinPath [ hello git ]}
-</programlisting>
-
-    There’s many more kinds of arguments, they are documented in
-    <literal>nixpkgs/pkgs/build-support/setup-hooks/make-wrapper.sh</literal>.</para>
-
-    <para><literal>wrapProgram</literal> is a convenience function you probably
-    want to use most of the time.</para>
-
-    </listitem>
-  </varlistentry>
  
-
  <varlistentry xml:id='fun-substitute'>
    <term><function>substitute</function>
    <replaceable>infile</replaceable>
    <replaceable>outfile</replaceable>
    <replaceable>subs</replaceable></term>
-
+    
    <listitem>
      <para>Performs string substitution on the contents of
      <replaceable>infile</replaceable>, writing the result to
@@ -1156,7 +1074,7 @@ makeWrapper $out/bin/foo $wrapperfile --prefix PATH : ${lib.makeBinPath [ hello
            <term><option>--replace</option>
            <replaceable>s1</replaceable>
            <replaceable>s2</replaceable></term>
-            <listitem><para>Replace every occurrence of the string
+            <listitem><para>Replace every occurence of the string
            <replaceable>s1</replaceable> by
            <replaceable>s2</replaceable>.</para></listitem>
          </varlistentry>
@@ -1164,7 +1082,7 @@ makeWrapper $out/bin/foo $wrapperfile --prefix PATH : ${lib.makeBinPath [ hello
          <varlistentry>
            <term><option>--subst-var</option>
            <replaceable>varName</replaceable></term>
-            <listitem><para>Replace every occurrence of
+            <listitem><para>Replace every occurence of
            <literal>@<replaceable>varName</replaceable>@</literal> by
            the contents of the environment variable
            <replaceable>varName</replaceable>.  This is useful for
@@ -1172,16 +1090,16 @@ makeWrapper $out/bin/foo $wrapperfile --prefix PATH : ${lib.makeBinPath [ hello
            <literal>@<replaceable>...</replaceable>@</literal> in the
            template as placeholders.</para></listitem>
          </varlistentry>
-
+          
          <varlistentry>
            <term><option>--subst-var-by</option>
            <replaceable>varName</replaceable>
            <replaceable>s</replaceable></term>
-            <listitem><para>Replace every occurrence of
+            <listitem><para>Replace every occurence of
            <literal>@<replaceable>varName</replaceable>@</literal> by
            the string <replaceable>s</replaceable>.</para></listitem>
          </varlistentry>
-
+          
        </variablelist>

      </para>
@@ -1209,7 +1127,7 @@ substitute ./foo.in ./foo.out \

    </listitem>
  </varlistentry>
-
+  

  <varlistentry xml:id='fun-substituteInPlace'>
    <term><function>substituteInPlace</function>
@@ -1220,12 +1138,12 @@ substitute ./foo.in ./foo.out \
    <replaceable>file</replaceable>.</para></listitem>
  </varlistentry>

-
+  
  <varlistentry xml:id='fun-substituteAll'>
    <term><function>substituteAll</function>
    <replaceable>infile</replaceable>
    <replaceable>outfile</replaceable></term>
-    <listitem><para>Replaces every occurrence of
+    <listitem><para>Replaces every occurence of
    <literal>@<replaceable>varName</replaceable>@</literal>, where
    <replaceable>varName</replaceable> is any environment variable, in
    <replaceable>infile</replaceable>, writing the result to
@@ -1251,17 +1169,7 @@ PATH=/nix/store/68afga4khv0w...-coreutils-6.12/bin
 echo @foo@
 </programlisting>

-    That is, no substitution is performed for undefined variables.</para>
-
-    <para>Environment variables that start with an uppercase letter or an
-    underscore are filtered out,
-    to prevent global variables (like <literal>HOME</literal>) or private
-    variables (like <literal>__ETC_PROFILE_DONE</literal>) from accidentally
-    getting substituted.
-    The variables also have to be valid bash “names”, as
-    defined in the bash manpage (alphanumeric or <literal>_</literal>,
-    must not start with a number).</para>
-  </listitem>
+    That is, no substitution is performed for undefined variables.</para></listitem>
  </varlistentry>


@@ -1278,42 +1186,13 @@ echo @foo@
    <term><function>stripHash</function>
    <replaceable>path</replaceable></term>
    <listitem><para>Strips the directory and hash part of a store
-    path, outputting the name part to <literal>stdout</literal>.
-    For example:
-
-<programlisting>
-# prints coreutils-8.24
-stripHash "/nix/store/9s9r019176g7cvn2nvcw41gsp862y6b4-coreutils-8.24"
-</programlisting>
-
-    If you wish to store the result in another variable, then the
-    following idiom may be useful:
-
-<programlisting>
-name="/nix/store/9s9r019176g7cvn2nvcw41gsp862y6b4-coreutils-8.24"
-someVar=$(stripHash $name)
-</programlisting>
-
-    </para></listitem>
+    path, and prints (on standard output) only the name part.  For
+    instance, <literal>stripHash
+    /nix/store/68afga4khv0w...-coreutils-6.12</literal> print
+    <literal>coreutils-6.12</literal>.</para></listitem>
  </varlistentry>
+
  
-
-  <varlistentry xml:id='fun-wrapProgram'>
-    <term><function>wrapProgram</function>
-    <replaceable>executable</replaceable>
-    <replaceable>makeWrapperArgs</replaceable></term>
-    <listitem><para>Convenience function for <literal>makeWrapper</literal>
-    that automatically creates a sane wrapper file
-
-    It takes all the same arguments as <literal>makeWrapper</literal>,
-    except for <literal>--argv0</literal>.</para>
-
-    <para>It cannot be applied multiple times, since it will overwrite the wrapper
-    file.</para>
-    </listitem>
-  </varlistentry>
-
-
 </variablelist>

 </section>
@@ -1416,25 +1295,6 @@ someVar=$(stripHash $name)
    <envar>GST_PLUGIN_SYSTEM_PATH</envar> environment variable.</para></listitem>
  </varlistentry>

-  <varlistentry>
-    <term>paxctl</term>
-    <listitem><para>Defines the <varname>paxmark</varname> helper for
-    setting per-executable PaX flags on Linux (where it is available by
-    default; on all other platforms, <varname>paxmark</varname> is a no-op).
-    For example, to disable secure memory protections on the executable
-    <replaceable>foo</replaceable>:
-    <programlisting>
-      postFixup = ''
-        paxmark m $out/bin/<replaceable>foo</replaceable>
-      '';
-    </programlisting>
-    The <literal>m</literal> flag is the most common flag and is typically
-    required for applications that employ JIT compilation or otherwise need to
-    execute code generated at run-time.  Disabling PaX protections should be
-    considered a last resort: if possible, problematic features should be
-    disabled or patched to work with PaX.</para></listitem>
-  </varlistentry>
-
 </variablelist>

 </para>
@@ -1457,216 +1317,6 @@ in the default system locations.</para>

 </section>

-<section xml:id="sec-hardening-in-nixpkgs"><title>Hardening in Nixpkgs</title>
-
-<para>There are flags available to harden packages at compile or link-time.
-These can be toggled using the <varname>stdenv.mkDerivation</varname> parameters
-<varname>hardeningDisable</varname> and <varname>hardeningEnable</varname>.
-</para>
-
-<para>
-Both parameters take a list of flags as strings. The special
-<varname>"all"</varname> flag can be passed to <varname>hardeningDisable</varname>
-to turn off all hardening. These flags can also be used as environment variables
-for testing or development purposes.
-</para>
-
-<para>The following flags are enabled by default and might require disabling with
-<varname>hardeningDisable</varname> if the program to package is incompatible.
-</para>
-
-<variablelist>
-
-  <varlistentry>
-    <term><varname>format</varname></term>
-    <listitem><para>Adds the <option>-Wformat -Wformat-security
-    -Werror=format-security</option> compiler options. At present,
-    this warns about calls to <varname>printf</varname> and
-    <varname>scanf</varname> functions where the format string is
-    not a string literal and there are no format arguments, as in
-    <literal>printf(foo);</literal>. This may be a security hole
-    if the format string came from untrusted input and contains
-    <literal>%n</literal>.</para>
-
-    <para>This needs to be turned off or fixed for errors similar to:</para>
-
-    <programlisting>
-/tmp/nix-build-zynaddsubfx-2.5.2.drv-0/zynaddsubfx-2.5.2/src/UI/guimain.cpp:571:28: error: format not a string literal and no format arguments [-Werror=format-security]
-         printf(help_message);
-                            ^
-cc1plus: some warnings being treated as errors
-    </programlisting></listitem>
-  </varlistentry>
-
-  <varlistentry>
-    <term><varname>stackprotector</varname></term>
-    <listitem>
-    <para>Adds the <option>-fstack-protector-strong
-    --param ssp-buffer-size=4</option>
-    compiler options. This adds safety checks against stack overwrites
-    rendering many potential code injection attacks into aborting situations.
-    In the best case this turns code injection vulnerabilities into denial
-    of service or into non-issues (depending on the application).</para>
-
-    <para>This needs to be turned off or fixed for errors similar to:</para>
-
-    <programlisting>
-bin/blib.a(bios_console.o): In function `bios_handle_cup':
-/tmp/nix-build-ipxe-20141124-5cbdc41.drv-0/ipxe-5cbdc41/src/arch/i386/firmware/pcbios/bios_console.c:86: undefined reference to `__stack_chk_fail'
-    </programlisting></listitem>
-  </varlistentry>
-
-  <varlistentry>
-    <term><varname>fortify</varname></term>
-    <listitem>
-    <para>Adds the <option>-O2 -D_FORTIFY_SOURCE=2</option> compiler
-    options. During code generation the compiler knows a great deal of
-    information about buffer sizes (where possible), and attempts to replace
-    insecure unlimited length buffer function calls with length-limited ones.
-    This is especially useful for old, crufty code. Additionally, format
-    strings in writable memory that contain '%n' are blocked. If an application
-    depends on such a format string, it will need to be worked around.
-    </para>
-
-    <para>Additionally, some warnings are enabled which might trigger build
-    failures if compiler warnings are treated as errors in the package build.
-    In this case, set <option>NIX_CFLAGS_COMPILE</option> to
-    <option>-Wno-error=warning-type</option>.</para>
-
-    <para>This needs to be turned off or fixed for errors similar to:</para>
-
-    <programlisting>
-malloc.c:404:15: error: return type is an incomplete type
-malloc.c:410:19: error: storage size of 'ms' isn't known
-    </programlisting>
-    <programlisting>
-strdup.h:22:1: error: expected identifier or '(' before '__extension__'
-    </programlisting>
-    <programlisting>
-strsep.c:65:23: error: register name not specified for 'delim'
-    </programlisting>
-    <programlisting>
-installwatch.c:3751:5: error: conflicting types for '__open_2'
-    </programlisting>
-    <programlisting>
-fcntl2.h:50:4: error: call to '__open_missing_mode' declared with attribute error: open with O_CREAT or O_TMPFILE in second argument needs 3 arguments
-    </programlisting>
-    </listitem>
-  </varlistentry>
-
-  <varlistentry>
-    <term><varname>pic</varname></term>
-    <listitem>
-    <para>Adds the <option>-fPIC</option> compiler options. This options adds
-    support for position independent code in shared libraries and thus making
-    ASLR possible.</para>
-    <para>Most notably, the Linux kernel, kernel modules and other code
-    not running in an operating system environment like boot loaders won't
-    build with PIC enabled. The compiler will is most cases complain that
-    PIC is not supported for a specific build.
-    </para>
-
-    <para>This needs to be turned off or fixed for assembler errors similar to:</para>
-
-    <programlisting>
-ccbLfRgg.s: Assembler messages:
-ccbLfRgg.s:33: Error: missing or invalid displacement expression `private_key_len@GOTOFF'
-    </programlisting>
-    </listitem>
-  </varlistentry>
-
-  <varlistentry>
-    <term><varname>strictoverflow</varname></term>
-    <listitem>
-    <para>Signed integer overflow is undefined behaviour according to the C
-    standard. If it happens, it is an error in the program as it should check
-    for overflow before it can happen, not afterwards. GCC provides built-in
-    functions to perform arithmetic with overflow checking, which are correct
-    and faster than any custom implementation. As a workaround, the option
-    <option>-fno-strict-overflow</option> makes gcc behave as if signed
-    integer overflows were defined.
-    </para>
-
-    <para>This flag should not trigger any build or runtime errors.</para>
-    </listitem>
-  </varlistentry>
-
-  <varlistentry>
-    <term><varname>relro</varname></term>
-    <listitem>
-    <para>Adds the <option>-z relro</option> linker option. During program
-    load, several ELF memory sections need to be written to by the linker,
-    but can be turned read-only before turning over control to the program.
-    This prevents some GOT (and .dtors) overwrite attacks, but at least the
-    part of the GOT used by the dynamic linker (.got.plt) is still vulnerable.
-    </para>
-
-    <para>This flag can break dynamic shared object loading. For instance, the
-    module systems of Xorg and OpenCV are incompatible with this flag. In almost
-    all cases the <varname>bindnow</varname> flag must also be disabled and
-    incompatible programs typically fail with similar errors at runtime.</para>
-    </listitem>
-  </varlistentry>
-
-  <varlistentry>
-    <term><varname>bindnow</varname></term>
-    <listitem>
-    <para>Adds the <option>-z bindnow</option> linker option. During program
-    load, all dynamic symbols are resolved, allowing for the complete GOT to
-    be marked read-only (due to <varname>relro</varname>). This prevents GOT
-    overwrite attacks. For very large applications, this can incur some
-    performance loss during initial load while symbols are resolved, but this
-    shouldn't be an issue for daemons.
-    </para>
-
-    <para>This flag can break dynamic shared object loading. For instance, the
-    module systems of Xorg and PHP are incompatible with this flag. Programs
-    incompatible with this flag often fail at runtime due to missing symbols,
-    like:</para>
-
-    <programlisting>
-intel_drv.so: undefined symbol: vgaHWFreeHWRec
-    </programlisting>
-    </listitem>
-  </varlistentry>
-
-</variablelist>
-
-<para>The following flags are disabled by default and should be enabled
-with <varname>hardeningEnable</varname> for packages that take untrusted
-input like network services.
-</para>
-
-<variablelist>
-
-  <varlistentry>
-    <term><varname>pie</varname></term>
-    <listitem>
-    <para>Adds the <option>-fPIE</option> compiler and <option>-pie</option>
-    linker options. Position Independent Executables are needed to take
-    advantage of Address Space Layout Randomization, supported by modern
-    kernel versions. While ASLR can already be enforced for data areas in
-    the stack and heap (brk and mmap), the code areas must be compiled as
-    position-independent. Shared libraries already do this with the
-    <varname>pic</varname> flag, so they gain ASLR automatically, but binary
-    .text regions need to be build with <varname>pie</varname> to gain ASLR.
-    When this happens, ROP attacks are much harder since there are no static
-    locations to bounce off of during a memory corruption attack.
-    </para>
-    </listitem>
-  </varlistentry>
-
-</variablelist>
-
-<para>For more in-depth information on these hardening flags and hardening in
-general, refer to the
-<link xlink:href="https://wiki.debian.org/Hardening">Debian Wiki</link>,
-<link xlink:href="https://wiki.ubuntu.com/Security/Features">Ubuntu Wiki</link>,
-<link xlink:href="https://wiki.gentoo.org/wiki/Project:Hardened">Gentoo Wiki</link>,
-and the <link xlink:href="https://wiki.archlinux.org/index.php/DeveloperWiki:Security">
-Arch Wiki</link>.
-</para>
-
-</section>

 </chapter>
+
--- a/lib/attrsets.nix
+++ b/lib/attrsets.nix
@@ -12,15 +12,9 @@ rec {
  inherit (builtins) attrNames listToAttrs hasAttr isAttrs getAttr;


-  /* Return an attribute from nested attribute sets.
-
-     Example:
-       x = { a = { b = 3; }; }
-       attrByPath ["a" "b"] 6 x
-       => 3
-       attrByPath ["z" "z"] 6 x
-       => 6
-  */
+  /* Return an attribute from nested attribute sets.  For instance
+     ["x" "y"] applied to some set e returns e.x.y, if it exists.  The
+     default value is returned otherwise. */
  attrByPath = attrPath: default: e:
    let attr = head attrPath;
    in
@@ -30,15 +24,8 @@ rec {
      else default;

  /* Return if an attribute from nested attribute set exists.
-
-     Example:
-       x = { a = { b = 3; }; }
-       hasAttrByPath ["a" "b"] x
-       => true
-       hasAttrByPath ["z" "z"] x
-       => false
-
-  */
+     For instance ["x" "y"] applied to some set e returns true, if e.x.y exists. False
+     is returned otherwise. */
  hasAttrByPath = attrPath: e:
    let attr = head attrPath;
    in
@@ -48,28 +35,14 @@ rec {
      else false;


-  /* Return nested attribute set in which an attribute is set.
-
-     Example:
-       setAttrByPath ["a" "b"] 3
-       => { a = { b = 3; }; }
-  */
+  /* Return nested attribute set in which an attribute is set.  For instance
+     ["x" "y"] applied with some value v returns `x.y = v;' */
  setAttrByPath = attrPath: value:
    if attrPath == [] then value
    else listToAttrs
      [ { name = head attrPath; value = setAttrByPath (tail attrPath) value; } ];


-  /* Like `getAttrPath' without a default value. If it doesn't find the
-     path it will throw.
-
-     Example:
-       x = { a = { b = 3; }; }
-       getAttrFromPath ["a" "b"] x
-       => 3
-       getAttrFromPath ["z" "z"] x
-       => error: cannot find attribute `z.z'
-  */
  getAttrFromPath = attrPath: set:
    let errorMsg = "cannot find attribute `" + concatStringsSep "." attrPath + "'";
    in attrByPath attrPath (abort errorMsg) set;
@@ -136,11 +109,9 @@ rec {
      ) (attrNames set)
    );

-  /* Apply fold functions to values grouped by key.
-
-     Example:
-       foldAttrs (n: a: [n] ++ a) [] [{ a = 2; } { a = 3; }]
-       => { a = [ 2 3 ]; }
+  /* foldAttrs: apply fold functions to values grouped by key. Eg accumulate values as list:
+     foldAttrs (n: a: [n] ++ a) [] [{ a = 2; } { a = 3; }]
+     => { a = [ 2 3 ]; }
  */
  foldAttrs = op: nul: list_of_attrs:
    fold (n: a:
@@ -176,12 +147,7 @@ rec {


  /* Utility function that creates a {name, value} pair as expected by
-     builtins.listToAttrs.
-
-     Example:
-       nameValuePair "some" 6
-       => { name = "some"; value = 6; }
-  */
+     builtins.listToAttrs. */
  nameValuePair = name: value: { inherit name value; };


@@ -282,76 +248,46 @@ rec {
    listToAttrs (map (n: nameValuePair n (f n)) names);


-  /* Check whether the argument is a derivation. Any set with
-     { type = "derivation"; } counts as a derivation.
-
-     Example:
-       nixpkgs = import <nixpkgs> {}
-       isDerivation nixpkgs.ruby
-       => true
-       isDerivation "foobar"
-       => false
-  */
+  /* Check whether the argument is a derivation. */
  isDerivation = x: isAttrs x && x ? type && x.type == "derivation";

-  /* Converts a store path to a fake derivation. */
+
+  /* Convert a store path to a fake derivation. */
  toDerivation = path:
-    let
-      path' = builtins.storePath path;
-      res =
-        { type = "derivation";
-          name = builtins.unsafeDiscardStringContext (builtins.substring 33 (-1) (baseNameOf path'));
-          outPath = path';
-          outputs = [ "out" ];
-          out = res;
-          outputName = "out";
-        };
-    in res;
+    let path' = builtins.storePath path; in
+    { type = "derivation";
+      name = builtins.unsafeDiscardStringContext (builtins.substring 33 (-1) (baseNameOf path'));
+      outPath = path';
+      outputs = [ "out" ];
+    };


-  /* If `cond' is true, return the attribute set `as',
-     otherwise an empty attribute set.
-
-     Example:
-       optionalAttrs (true) { my = "set"; }
-       => { my = "set"; }
-       optionalAttrs (false) { my = "set"; }
-       => { }
-  */
+  /* If the Boolean `cond' is true, return the attribute set `as',
+     otherwise an empty attribute set. */
  optionalAttrs = cond: as: if cond then as else {};


  /* Merge sets of attributes and use the function f to merge attributes
-     values.
-
-     Example:
-       zipAttrsWithNames ["a"] (name: vs: vs) [{a = "x";} {a = "y"; b = "z";}]
-       => { a = ["x" "y"]; }
-  */
+     values. */
  zipAttrsWithNames = names: f: sets:
    listToAttrs (map (name: {
      inherit name;
      value = f name (catAttrs name sets);
    }) names);

-  /* Implentation note: Common names  appear multiple times in the list of
-     names, hopefully this does not affect the system because the maximal
-     laziness avoid computing twice the same expression and listToAttrs does
-     not care about duplicated attribute names.
-
-     Example:
-       zipAttrsWith (name: values: values) [{a = "x";} {a = "y"; b = "z";}]
-       => { a = ["x" "y"]; b = ["z"] }
-  */
+  # implentation note: Common names  appear multiple times in the list of
+  # names, hopefully this does not affect the system because the maximal
+  # laziness avoid computing twice the same expression and listToAttrs does
+  # not care about duplicated attribute names.
  zipAttrsWith = f: sets: zipAttrsWithNames (concatMap attrNames sets) f sets;
-  /* Like `zipAttrsWith' with `(name: values: value)' as the function.

-    Example:
-      zipAttrs [{a = "x";} {a = "y"; b = "z";}]
-      => { a = ["x" "y"]; b = ["z"] }
-  */
  zipAttrs = zipAttrsWith (name: values: values);

+  /* backward compatibility */
+  zipWithNames = zipAttrsWithNames;
+  zip = builtins.trace "lib.zip is deprecated, use lib.zipAttrsWith instead" zipAttrsWith;
+
+
  /* Does the same as the update operator '//' except that attributes are
     merged until the given pedicate is verified.  The predicate should
     accept 3 arguments which are the path to reach the attribute, a part of
@@ -391,7 +327,7 @@ rec {
      );
    in f [] [rhs lhs];

-  /* A recursive variant of the update operator ‘//’.  The recursion
+  /* A recursive variant of the update operator ‘//’.  The recusion
     stops when one of the attribute values is not an attribute set,
     in which case the right hand side value takes precedence over the
     left hand side value.
@@ -415,15 +351,6 @@ rec {
      !(isAttrs lhs && isAttrs rhs)
    ) lhs rhs;

-  /* Returns true if the pattern is contained in the set. False otherwise.
-
-     FIXME(zimbatm): this example doesn't work !!!
-
-     Example:
-       sys = mkSystem { }
-       matchAttrs { cpu = { bits = 64; }; } sys
-       => true
-   */
  matchAttrs = pattern: attrs:
    fold or false (attrValues (zipAttrsWithNames (attrNames pattern) (n: values:
      let pat = head values; val = head (tail values); in
@@ -432,40 +359,10 @@ rec {
      else pat == val
    ) [pattern attrs]));

-  /* Override only the attributes that are already present in the old set
-    useful for deep-overriding.
-
-    Example:
-      x = { a = { b = 4; c = 3; }; }
-      overrideExisting x { a = { b = 6; d = 2; }; }
-      => { a = { b = 6; d = 2; }; }
-  */
+  # override only the attributes that are already present in the old set
+  # useful for deep-overriding
  overrideExisting = old: new:
    old // listToAttrs (map (attr: nameValuePair attr (attrByPath [attr] old.${attr} new)) (attrNames old));

-  /* Get a package output.
-     If no output is found, fallback to `.out` and then to the default.
-
-     Example:
-       getOutput "dev" pkgs.openssl
-       => "/nix/store/9rz8gxhzf8sw4kf2j2f1grr49w8zx5vj-openssl-1.0.1r-dev"
-  */
-  getOutput = output: pkg:
-    if pkg.outputUnspecified or false
-      then pkg.${output} or pkg.out or pkg
-      else pkg;
-
-  getBin = getOutput "bin";
-  getLib = getOutput "lib";
-  getDev = getOutput "dev";
-
-  /* Pick the outputs of packages to place in buildInputs */
-  chooseDevOutputs = drvs: builtins.map getDev drvs;
-
-  /*** deprecated stuff ***/
-
-  zipWithNames = zipAttrsWithNames;
-  zip = builtins.trace
-    "lib.zip is deprecated, use lib.zipAttrsWith instead" zipAttrsWith;
-
+  deepSeqAttrs = x: y: deepSeqList (attrValues x) y;
 }
--- a/lib/composable-derivation.nix
+++ b/lib/composable-derivation.nix
@@ -50,7 +50,7 @@ let inherit (lib) nv nvs; in
  # nice features:
  # declaring "optional featuers" is modular. For instance:
  #   flags.curl = {
-  #     configureFlags = ["--with-curl=${curl.dev}" "--with-curlwrappers"];
+  #     configureFlags = ["--with-curl=${curl}" "--with-curlwrappers"];
  #     buildInputs = [curl openssl];
  #   };
  #   flags.other = { .. }
--- a/lib/customisation.nix
+++ b/lib/customisation.nix
@@ -15,10 +15,10 @@ rec {
     the original derivation attributes.

     `overrideDerivation' allows certain "ad-hoc" customisation
-     scenarios (e.g. in ~/.config/nixpkgs/config.nix).  For instance,
-     if you want to "patch" the derivation returned by a package
-     function in Nixpkgs to build another version than what the
-     function itself provides, you can do something like this:
+     scenarios (e.g. in ~/.nixpkgs/config.nix).  For instance, if you
+     want to "patch" the derivation returned by a package function in
+     Nixpkgs to build another version than what the function itself
+     provides, you can do something like this:

       mySed = overrideDerivation pkgs.gnused (oldAttrs: {
         name = "sed-4.2.2-pre";
@@ -56,18 +56,16 @@ rec {
      ff = f origArgs;
      overrideWith = newArgs: origArgs // (if builtins.isFunction newArgs then newArgs origArgs else newArgs);
    in
-      if builtins.isAttrs ff then (ff // {
-        override = newArgs: makeOverridable f (overrideWith newArgs);
-        overrideDerivation = fdrv:
-          makeOverridable (args: overrideDerivation (f args) fdrv) origArgs;
-        ${if ff ? overrideAttrs then "overrideAttrs" else null} = fdrv:
-          makeOverridable (args: (f args).overrideAttrs fdrv) origArgs;
-      })
-      else if builtins.isFunction ff then {
-        override = newArgs: makeOverridable f (overrideWith newArgs);
-        __functor = self: ff;
-        overrideDerivation = throw "overrideDerivation not yet supported for functors";
-      }
+      if builtins.isAttrs ff then (ff //
+        { override = newArgs: makeOverridable f (overrideWith newArgs);
+          overrideDerivation = fdrv:
+            makeOverridable (args: overrideDerivation (f args) fdrv) origArgs;
+        })
+      else if builtins.isFunction ff then
+        { override = newArgs: makeOverridable f (overrideWith newArgs);
+          __functor = self: ff;
+          overrideDerivation = throw "overrideDerivation not yet supported for functors";
+        }
      else ff;


@@ -106,9 +104,11 @@ rec {
    let
      f = if builtins.isFunction fn then fn else import fn;
      auto = builtins.intersectAttrs (builtins.functionArgs f) autoArgs;
-      origArgs = auto // args;
-      pkgs = f origArgs;
-      mkAttrOverridable = name: pkg: makeOverridable (newArgs: (f newArgs).${name}) origArgs;
+      finalArgs = auto // args;
+      pkgs = f finalArgs;
+      mkAttrOverridable = name: pkg: pkg // {
+        override = newArgs: mkAttrOverridable name (f (finalArgs // newArgs)).${name};
+      };
    in lib.mapAttrs mkAttrOverridable pkgs;


@@ -129,7 +129,7 @@ rec {
        };

      outputsList = map outputToAttrListElement outputs;
-  in commonAttrs // { outputUnspecified = true; };
+  in commonAttrs.${drv.outputName};


  /* Strip a derivation of all non-essential attributes, returning
@@ -177,10 +177,9 @@ rec {
    let self = f self // {
          newScope = scope: newScope (self // scope);
          callPackage = self.newScope {};
-          override = g:
-            makeScope newScope
-            (self_: let super = f self_; in super // g super self_);
-          packages = f;
+          override = g: makeScope newScope (self_:
+            let super = f self_;
+            in super // g super self_);
        };
    in self;

--- a/lib/debug.nix
+++ b/lib/debug.nix
@@ -19,10 +19,6 @@ rec {
  traceXMLVal = x: trace (builtins.toXML x) x;
  traceXMLValMarked = str: x: trace (str + builtins.toXML x) x;

-  # strict trace functions (traced structure is fully evaluated and printed)
-  traceSeq = x: y: trace (builtins.deepSeq x x) y;
-  traceValSeq = v: traceVal (builtins.deepSeq v v);
-
  # this can help debug your code as well - designed to not produce thousands of lines
  traceShowVal = x : trace (showVal x) x;
  traceShowValMarked = str: x: trace (str + showVal x) x;
@@ -73,9 +69,27 @@ rec {
  # usage: { testX = allTrue [ true ]; }
  testAllTrue = expr : { inherit expr; expected = map (x: true) expr; };

-  strict = v:
-    trace "Warning: strict is deprecated and will be removed in the next release"
-      (builtins.seq v v);
+  # evaluate everything once so that errors will occur earlier
+  # hacky: traverse attrs by adding a dummy
+  # ignores functions (should this behavior change?) See strictf
+  #
+  # Note: This should be a primop! Something like seq of haskell would be nice to
+  # have as well. It's used fore debugging only anyway
+  strict = x :
+    let
+        traverse = x :
+          if isString x then true
+          else if isAttrs x then
+            if x ? outPath then true
+            else all id (mapAttrsFlatten (n: traverse) x)
+          else if isList x then
+            all id (map traverse x)
+          else if isBool x then true
+          else if isFunction x then true
+          else if isInt x then true
+          else if x == null then true
+          else true; # a (store) path?
+    in if traverse x then x else throw "else never reached";

  # example: (traceCallXml "myfun" id 3) will output something like
  # calling myfun arg 1: 3 result: 3
--- a/lib/default.nix
+++ b/lib/default.nix
@@ -1,50 +1,27 @@
-let
+let 

-  # trivial, often used functions
  trivial = import ./trivial.nix;
-
-  # datatypes
-  attrsets = import ./attrsets.nix;
  lists = import ./lists.nix;
  strings = import ./strings.nix;
  stringsWithDeps = import ./strings-with-deps.nix;
-
-  # packaging
-  customisation = import ./customisation.nix;
-  maintainers = import ./maintainers.nix;
-  meta = import ./meta.nix;
+  attrsets = import ./attrsets.nix;
  sources = import ./sources.nix;
-
-  # module system
  modules = import ./modules.nix;
  options = import ./options.nix;
  types = import ./types.nix;
-
-  # constants
-  licenses = import ./licenses.nix;
+  meta = import ./meta.nix;
+  debug = import ./debug.nix;
+  misc = import ./deprecated.nix;
+  maintainers = import ./maintainers.nix;
  platforms = import ./platforms.nix;
  systems = import ./systems.nix;
-
-  # misc
-  debug = import ./debug.nix;
-  generators = import ./generators.nix;
-  misc = import ./deprecated.nix;
-
-  # domain-specific
+  customisation = import ./customisation.nix;
+  licenses = import ./licenses.nix;
  sandbox = import ./sandbox.nix;
-  fetchers = import ./fetchers.nix;
-
-  # Eval-time filesystem handling
-  filesystem = import ./filesystem.nix;

 in
-  { inherit trivial
-            attrsets lists strings stringsWithDeps
-            customisation maintainers meta sources
-            modules options types
-            licenses platforms systems
-            debug generators misc
-            sandbox fetchers filesystem;
+  { inherit trivial lists strings stringsWithDeps attrsets sources options
+      modules types meta debug maintainers licenses platforms systems sandbox;
  }
  # !!! don't include everything at top-level; perhaps only the most
  # commonly used functions.
--- a/lib/fetchers.nix
+++ b/lib/fetchers.nix
@@ -1,12 +0,0 @@
-# snippets that can be shared by mutliple fetchers (pkgs/build-support)
-{
-
-  proxyImpureEnvVars = [
-    # We borrow these environment variables from the caller to allow
-    # easy proxy configuration.  This is impure, but a fixed-output
-    # derivation like fetchurl is allowed to do so since its result is
-    # by definition pure.
-    "http_proxy" "https_proxy" "ftp_proxy" "all_proxy" "no_proxy"
-  ];
-
-}
--- a/lib/filesystem.nix
+++ b/lib/filesystem.nix
@@ -1,44 +0,0 @@
-{ # haskellPathsInDir : Path -> Map String Path
-  # A map of all haskell packages defined in the given path,
-  # identified by having a cabal file with the same name as the
-  # directory itself.
-  haskellPathsInDir = root:
-    let # Files in the root
-        root-files = builtins.attrNames (builtins.readDir root);
-        # Files with their full paths
-        root-files-with-paths =
-          map (file:
-            { name = file; value = root + "/${file}"; }
-          ) root-files;
-        # Subdirectories of the root with a cabal file.
-        cabal-subdirs =
-          builtins.filter ({ name, value }:
-            builtins.pathExists (value + "/${name}.cabal")
-          ) root-files-with-paths;
-    in builtins.listToAttrs cabal-subdirs;
-  # locateDominatingFile :  RegExp
-  #                      -> Path
-  #                      -> Nullable { path : Path;
-  #                                    matches : [ MatchResults ];
-  #                                  }
-  # Find the first directory containing a file matching 'pattern'
-  # upward from a given 'file'.
-  # Returns 'null' if no directories contain a file matching 'pattern'.
-  locateDominatingFile = pattern: file:
-    let go = path:
-          let files = builtins.attrNames (builtins.readDir path);
-              matches = builtins.filter (match: match != null)
-                          (map (builtins.match pattern) files);
-          in
-            if builtins.length matches != 0
-              then { inherit path matches; }
-              else if path == /.
-                then null
-                else go (dirOf path);
-        parent = dirOf file;
-        isDir =
-          let base = baseNameOf file;
-              type = (builtins.readDir parent).${base} or null;
-          in file == /. || type == "directory";
-    in go (if isDir then file else parent);
-}
--- a/lib/generators.nix
+++ b/lib/generators.nix
@@ -1,93 +0,0 @@
-/* Functions that generate widespread file
- * formats from nix data structures.
- *
- * They all follow a similar interface:
- * generator { config-attrs } data
- *
- * Tests can be found in ./tests.nix
- * Documentation in the manual, #sec-generators
- */
-with import ./trivial.nix;
-let
-  libStr = import ./strings.nix;
-  libAttr = import ./attrsets.nix;
-
-  flipMapAttrs = flip libAttr.mapAttrs;
-in
-
-rec {
-
-  /* Generate a line of key k and value v, separated by
-   * character sep. If sep appears in k, it is escaped.
-   * Helper for synaxes with different separators.
-   *
-   * mkKeyValueDefault ":" "f:oo" "bar"
-   * > "f\:oo:bar"
-   */
-  mkKeyValueDefault = sep: k: v:
-    "${libStr.escape [sep] k}${sep}${toString v}";
-
-
-  /* Generate a key-value-style config file from an attrset.
-   *
-   * mkKeyValue is the same as in toINI.
-   */
-  toKeyValue = {
-    mkKeyValue ? mkKeyValueDefault "="
-  }: attrs:
-    let mkLine = k: v: mkKeyValue k v + "\n";
-    in libStr.concatStrings (libAttr.mapAttrsToList mkLine attrs);
-
-
-  /* Generate an INI-style config file from an
-   * attrset of sections to an attrset of key-value pairs.
-   *
-   * generators.toINI {} {
-   *   foo = { hi = "${pkgs.hello}"; ciao = "bar"; };
-   *   baz = { "also, integers" = 42; };
-   * }
-   *
-   *> [baz]
-   *> also, integers=42
-   *>
-   *> [foo]
-   *> ciao=bar
-   *> hi=/nix/store/y93qql1p5ggfnaqjjqhxcw0vqw95rlz0-hello-2.10
-   *
-   * The mk* configuration attributes can generically change
-   * the way sections and key-value strings are generated.
-   *
-   * For more examples see the test cases in ./tests.nix.
-   */
-  toINI = {
-    # apply transformations (e.g. escapes) to section names
-    mkSectionName ? (name: libStr.escape [ "[" "]" ] name),
-    # format a setting line from key and value
-    mkKeyValue    ? mkKeyValueDefault "="
-  }: attrsOfAttrs:
-    let
-        # map function to string for each key val
-        mapAttrsToStringsSep = sep: mapFn: attrs:
-          libStr.concatStringsSep sep
-            (libAttr.mapAttrsToList mapFn attrs);
-        mkSection = sectName: sectValues: ''
-          [${mkSectionName sectName}]
-        '' + toKeyValue { inherit mkKeyValue; } sectValues;
-    in
-      # map input to ini sections
-      mapAttrsToStringsSep "\n" mkSection attrsOfAttrs;
-
-
-  /* Generates JSON from an arbitrary (non-function) value.
-    * For more information see the documentation of the builtin.
-    */
-  toJSON = {}: builtins.toJSON;
-
-
-  /* YAML has been a strict superset of JSON since 1.2, so we
-    * use toJSON. Before it only had a few differences referring
-    * to implicit typing rules, so it should work with older
-    * parsers as well.
-    */
-  toYAML = {}@args: toJSON args;
-}
--- a/lib/licenses.nix
+++ b/lib/licenses.nix
@@ -65,11 +65,6 @@ lib.mapAttrs (n: v: v // { shortName = n; }) rec {
    fullName = "Boost Software License 1.0";
  };

-  beerware = spdx {
-    spdxId = "Beerware";
-    fullName = ''Beerware License'';
-  };
-
  bsd2 = spdx {
    spdxId = "BSD-2-Clause";
    fullName = ''BSD 2-clause "Simplified" License'';
@@ -110,11 +105,6 @@ lib.mapAttrs (n: v: v // { shortName = n; }) rec {
    fullName = "Creative Commons Attribution Non Commercial Share Alike 4.0";
  };

-  cc-by-nd-30 = spdx {
-    spdxId = "CC-BY-ND-3.0";
-    fullName = "Creative Commons Attribution-No Derivative Works v3.00";
-  };
-
  cc-by-sa-25 = spdx {
    spdxId = "CC-BY-SA-2.5";
    fullName = "Creative Commons Attribution Share Alike 2.5";
@@ -185,17 +175,6 @@ lib.mapAttrs (n: v: v // { shortName = n; }) rec {
    fullName = "Eclipse Public License 1.0";
  };

-  epson = {
-    fullName = "Seiko Epson Corporation Software License Agreement for Linux";
-    url = https://download.ebz.epson.net/dsc/du/02/eula/global/LINUX_EN.html;
-    free = false;
-  };
-
-  eupl11 = spdx {
-    spdxId = "EUPL-1.1";
-    fullname = "European Union Public License 1.1";
-  };
-
  fdl12 = spdx {
    spdxId = "GFDL-1.2";
    fullName = "GNU Free Documentation License v1.2";
@@ -203,24 +182,13 @@ lib.mapAttrs (n: v: v // { shortName = n; }) rec {

  fdl13 = spdx {
    spdxId = "GFDL-1.3";
-    fullName = "GNU Free Documentation License v1.3";
+    fullName = "GNU Free Documentation License v1.2";
  };

  free = {
    fullName = "Unspecified free software license";
  };

-  g4sl = {
-    fullName = "Geant4 Software License";
-    url = https://geant4.web.cern.ch/geant4/license/LICENSE.html;
-  };
-
-  geogebra = {
-    fullName = "GeoGebra Non-Commercial License Agreement";
-    url = https://www.geogebra.org/license;
-    free = false;
-  };
-
  gpl1 = spdx {
    spdxId = "GPL-1.0";
    fullName = "GNU General Public License v1.0 only";
@@ -379,11 +347,6 @@ lib.mapAttrs (n: v: v // { shortName = n; }) rec {
    fullName = "Mozilla Public License 2.0";
  };

-  mspl = spdx {
-    spdxId = "MS-PL";
-    fullName = "Microsoft Public License";
-  };
-
  msrla = {
    fullName  = "Microsoft Research License Agreement";
    url       = "http://research.microsoft.com/en-us/projects/pex/msr-la.txt";
@@ -459,12 +422,6 @@ lib.mapAttrs (n: v: v // { shortName = n; }) rec {
    fullName = "Sleepycat License";
  };

-  smail = {
-    shortName = "smail";
-    fullName = "SMAIL General Public License";
-    url = http://metadata.ftp-master.debian.org/changelogs/main/d/debianutils/debianutils_4.8.1_copyright;
-  };
-
  tcltk = spdx {
    spdxId = "TCL";
    fullName = "TCL/TK License";
@@ -496,11 +453,6 @@ lib.mapAttrs (n: v: v // { shortName = n; }) rec {
    fullName = "The Unlicense";
  };

-  upl = {
-    fullName = "Universal Permissive License";
-    url = "https://oss.oracle.com/licenses/upl/";
-  };
-
  vim = spdx {
    spdxId = "Vim";
    fullName = "Vim License";
--- a/lib/lists.nix
+++ b/lib/lists.nix
@@ -6,26 +6,17 @@ rec {

  inherit (builtins) head tail length isList elemAt concatLists filter elem genList;

-  /*  Create a list consisting of a single element.  `singleton x' is
-      sometimes more convenient with respect to indentation than `[x]'
-      when x spans multiple lines.

-      Example:
-        singleton "foo"
-        => [ "foo" ]
-  */
+  # Create a list consisting of a single element.  `singleton x' is
+  # sometimes more convenient with respect to indentation than `[x]'
+  # when x spans multiple lines.
  singleton = x: [x];

-  /* "Fold" a binary function `op' between successive elements of
-     `list' with `nul' as the starting value, i.e., `fold op nul [x_1
-     x_2 ... x_n] == op x_1 (op x_2 ... (op x_n nul))'.  (This is
-     Haskell's foldr).

-     Example:
-       concat = fold (a: b: a + b) "z"
-       concat [ "a" "b" "c" ]
-       => "abcz"
-  */
+  # "Fold" a binary function `op' between successive elements of
+  # `list' with `nul' as the starting value, i.e., `fold op nul [x_1
+  # x_2 ... x_n] == op x_1 (op x_2 ... (op x_n nul))'.  (This is
+  # Haskell's foldr).
  fold = op: nul: list:
    let
      len = length list;
@@ -35,14 +26,8 @@ rec {
        else op (elemAt list n) (fold' (n + 1));
    in fold' 0;

-  /* Left fold: `fold op nul [x_1 x_2 ... x_n] == op (... (op (op nul
-     x_1) x_2) ... x_n)'.
-
-     Example:
-       lconcat = foldl (a: b: a + b) "z"
-       lconcat [ "a" "b" "c" ]
-       => "zabc"
-  */
+  # Left fold: `fold op nul [x_1 x_2 ... x_n] == op (... (op (op nul
+  # x_1) x_2) ... x_n)'.
  foldl = op: nul: list:
    let
      len = length list;
@@ -52,299 +37,145 @@ rec {
        else op (foldl' (n - 1)) (elemAt list n);
    in foldl' (length list - 1);

-  /* Strict version of foldl.

-     The difference is that evaluation is forced upon access. Usually used
-     with small whole results (in contract with lazily-generated list or large
-     lists where only a part is consumed.)
-  */
+  # Strict version of foldl.
  foldl' = builtins.foldl' or foldl;

-  /* Map with index

-     FIXME(zimbatm): why does this start to count at 1?
+  # Map with index: `imap (i: v: "${v}-${toString i}") ["a" "b"] ==
+  # ["a-1" "b-2"]'. FIXME: why does this start to count at 1?
+  imap =
+    if builtins ? genList then
+      f: list: genList (n: f (n + 1) (elemAt list n)) (length list)
+    else
+      f: list:
+      let
+        len = length list;
+        imap' = n:
+          if n == len
+            then []
+            else [ (f (n + 1) (elemAt list n)) ] ++ imap' (n + 1);
+      in imap' 0;

-     Example:
-       imap (i: v: "${v}-${toString i}") ["a" "b"]
-       => [ "a-1" "b-2" ]
-  */
-  imap = f: list: genList (n: f (n + 1) (elemAt list n)) (length list);

-  /* Map and concatenate the result.
-
-     Example:
-       concatMap (x: [x] ++ ["z"]) ["a" "b"]
-       => [ "a" "z" "b" "z" ]
-  */
+  # Map and concatenate the result.
  concatMap = f: list: concatLists (map f list);

-  /* Flatten the argument into a single list; that is, nested lists are
-     spliced into the top-level lists.

-     Example:
-       flatten [1 [2 [3] 4] 5]
-       => [1 2 3 4 5]
-       flatten 1
-       => [1]
-  */
+  # Flatten the argument into a single list; that is, nested lists are
+  # spliced into the top-level lists.  E.g., `flatten [1 [2 [3] 4] 5]
+  # == [1 2 3 4 5]' and `flatten 1 == [1]'.
  flatten = x:
    if isList x
-    then concatMap (y: flatten y) x
+    then foldl' (x: y: x ++ (flatten y)) [] x
    else [x];

-  /* Remove elements equal to 'e' from a list.  Useful for buildInputs.

-     Example:
-       remove 3 [ 1 3 4 3 ]
-       => [ 1 4 ]
-  */
+  # Remove elements equal to 'e' from a list.  Useful for buildInputs.
  remove = e: filter (x: x != e);

-  /* Find the sole element in the list matching the specified
-     predicate, returns `default' if no such element exists, or
-     `multiple' if there are multiple matching elements.

-     Example:
-       findSingle (x: x == 3) "none" "multiple" [ 1 3 3 ]
-       => "multiple"
-       findSingle (x: x == 3) "none" "multiple" [ 1 3 ]
-       => 3
-       findSingle (x: x == 3) "none" "multiple" [ 1 9 ]
-       => "none"
-  */
+  # Find the sole element in the list matching the specified
+  # predicate, returns `default' if no such element exists, or
+  # `multiple' if there are multiple matching elements.
  findSingle = pred: default: multiple: list:
    let found = filter pred list; len = length found;
    in if len == 0 then default
      else if len != 1 then multiple
      else head found;

-  /* Find the first element in the list matching the specified
-     predicate or returns `default' if no such element exists.

-     Example:
-       findFirst (x: x > 3) 7 [ 1 6 4 ]
-       => 6
-       findFirst (x: x > 9) 7 [ 1 6 4 ]
-       => 7
-  */
+  # Find the first element in the list matching the specified
+  # predicate or returns `default' if no such element exists.
  findFirst = pred: default: list:
    let found = filter pred list;
    in if found == [] then default else head found;

-  /* Return true iff function `pred' returns true for at least element
-     of `list'.

-     Example:
-       any isString [ 1 "a" { } ]
-       => true
-       any isString [ 1 { } ]
-       => false
-  */
+  # Return true iff function `pred' returns true for at least element
+  # of `list'.
  any = builtins.any or (pred: fold (x: y: if pred x then true else y) false);

-  /* Return true iff function `pred' returns true for all elements of
-     `list'.

-     Example:
-       all (x: x < 3) [ 1 2 ]
-       => true
-       all (x: x < 3) [ 1 2 3 ]
-       => false
-  */
+  # Return true iff function `pred' returns true for all elements of
+  # `list'.
  all = builtins.all or (pred: fold (x: y: if pred x then y else false) true);

-  /* Count how many times function `pred' returns true for the elements
-     of `list'.

-     Example:
-       count (x: x == 3) [ 3 2 3 4 6 ]
-       => 2
-  */
+  # Count how many times function `pred' returns true for the elements
+  # of `list'.
  count = pred: foldl' (c: x: if pred x then c + 1 else c) 0;

-  /* Return a singleton list or an empty list, depending on a boolean
-     value.  Useful when building lists with optional elements
-     (e.g. `++ optional (system == "i686-linux") flashplayer').

-     Example:
-       optional true "foo"
-       => [ "foo" ]
-       optional false "foo"
-       => [ ]
-  */
+  # Return a singleton list or an empty list, depending on a boolean
+  # value.  Useful when building lists with optional elements
+  # (e.g. `++ optional (system == "i686-linux") flashplayer').
  optional = cond: elem: if cond then [elem] else [];

-  /* Return a list or an empty list, dependening on a boolean value.

-     Example:
-       optionals true [ 2 3 ]
-       => [ 2 3 ]
-       optionals false [ 2 3 ]
-       => [ ]
-  */
+  # Return a list or an empty list, dependening on a boolean value.
  optionals = cond: elems: if cond then elems else [];


-  /* If argument is a list, return it; else, wrap it in a singleton
-     list.  If you're using this, you should almost certainly
-     reconsider if there isn't a more "well-typed" approach.
-
-     Example:
-       toList [ 1 2 ]
-       => [ 1 2 ]
-       toList "hi"
-       => [ "hi "]
-  */
+  # If argument is a list, return it; else, wrap it in a singleton
+  # list.  If you're using this, you should almost certainly
+  # reconsider if there isn't a more "well-typed" approach.
  toList = x: if isList x then x else [x];

-  /* Return a list of integers from `first' up to and including `last'.

-     Example:
-       range 2 4
-       => [ 2 3 4 ]
-       range 3 2
-       => [ ]
-  */
-  range = first: last:
-    if first > last then
-      []
+  # Return a list of integers from `first' up to and including `last'.
+  range =
+    if builtins ? genList then
+      first: last:
+        if first > last
+        then []
+        else genList (n: first + n) (last - first + 1)
    else
-      genList (n: first + n) (last - first + 1);
+      first: last:
+        if last < first
+        then []
+        else [first] ++ range (first + 1) last;

-  /* Splits the elements of a list in two lists, `right' and
-     `wrong', depending on the evaluation of a predicate.

-     Example:
-       partition (x: x > 2) [ 5 1 2 3 4 ]
-       => { right = [ 5 3 4 ]; wrong = [ 1 2 ]; }
-  */
-  partition = builtins.partition or (pred:
+  # Partition the elements of a list in two lists, `right' and
+  # `wrong', depending on the evaluation of a predicate.
+  partition = pred:
    fold (h: t:
      if pred h
      then { right = [h] ++ t.right; wrong = t.wrong; }
      else { right = t.right; wrong = [h] ++ t.wrong; }
-    ) { right = []; wrong = []; });
+    ) { right = []; wrong = []; };

-  /* Merges two lists of the same size together. If the sizes aren't the same
-     the merging stops at the shortest. How both lists are merged is defined
-     by the first argument.

-     Example:
-       zipListsWith (a: b: a + b) ["h" "l"] ["e" "o"]
-       => ["he" "lo"]
-  */
-  zipListsWith = f: fst: snd:
-    genList
-      (n: f (elemAt fst n) (elemAt snd n)) (min (length fst) (length snd));
+  zipListsWith =
+    if builtins ? genList then
+      f: fst: snd: genList (n: f (elemAt fst n) (elemAt snd n)) (min (length fst) (length snd))
+    else
+      f: fst: snd:
+      let
+        len = min (length fst) (length snd);
+        zipListsWith' = n:
+          if n != len then
+            [ (f (elemAt fst n) (elemAt snd n)) ]
+            ++ zipListsWith' (n + 1)
+          else [];
+      in zipListsWith' 0;

-  /* Merges two lists of the same size together. If the sizes aren't the same
-     the merging stops at the shortest.
-
-     Example:
-       zipLists [ 1 2 ] [ "a" "b" ]
-       => [ { fst = 1; snd = "a"; } { fst = 2; snd = "b"; } ]
-  */
  zipLists = zipListsWith (fst: snd: { inherit fst snd; });

-  /* Reverse the order of the elements of a list.

-     Example:
+  # Reverse the order of the elements of a list.
+  reverseList =
+    if builtins ? genList then
+      xs: let l = length xs; in genList (n: elemAt xs (l - n - 1)) l
+    else
+      fold (e: acc: acc ++ [ e ]) [];

-       reverseList [ "b" "o" "j" ]
-       => [ "j" "o" "b" ]
-  */
-  reverseList = xs:
-    let l = length xs; in genList (n: elemAt xs (l - n - 1)) l;

-  /* Depth-First Search (DFS) for lists `list != []`.
-
-     `before a b == true` means that `b` depends on `a` (there's an
-     edge from `b` to `a`).
-
-     Examples:
-
-         listDfs true hasPrefix [ "/home/user" "other" "/" "/home" ]
-           == { minimal = "/";                  # minimal element
-                visited = [ "/home/user" ];     # seen elements (in reverse order)
-                rest    = [ "/home" "other" ];  # everything else
-              }
-
-         listDfs true hasPrefix [ "/home/user" "other" "/" "/home" "/" ]
-           == { cycle   = "/";                  # cycle encountered at this element
-                loops   = [ "/" ];              # and continues to these elements
-                visited = [ "/" "/home/user" ]; # elements leading to the cycle (in reverse order)
-                rest    = [ "/home" "other" ];  # everything else
-
-   */
-
-  listDfs = stopOnCycles: before: list:
-    let
-      dfs' = us: visited: rest:
-        let
-          c = filter (x: before x us) visited;
-          b = partition (x: before x us) rest;
-        in if stopOnCycles && (length c > 0)
-           then { cycle = us; loops = c; inherit visited rest; }
-           else if length b.right == 0
-                then # nothing is before us
-                     { minimal = us; inherit visited rest; }
-                else # grab the first one before us and continue
-                     dfs' (head b.right)
-                          ([ us ] ++ visited)
-                          (tail b.right ++ b.wrong);
-    in dfs' (head list) [] (tail list);
-
-  /* Sort a list based on a partial ordering using DFS. This
-     implementation is O(N^2), if your ordering is linear, use `sort`
-     instead.
-
-     `before a b == true` means that `b` should be after `a`
-     in the result.
-
-     Examples:
-
-         toposort hasPrefix [ "/home/user" "other" "/" "/home" ]
-           == { result = [ "/" "/home" "/home/user" "other" ]; }
-
-         toposort hasPrefix [ "/home/user" "other" "/" "/home" "/" ]
-           == { cycle = [ "/home/user" "/" "/" ]; # path leading to a cycle
-                loops = [ "/" ]; }                # loops back to these elements
-
-         toposort hasPrefix [ "other" "/home/user" "/home" "/" ]
-           == { result = [ "other" "/" "/home" "/home/user" ]; }
-
-         toposort (a: b: a < b) [ 3 2 1 ] == { result = [ 1 2 3 ]; }
-
-   */
-
-  toposort = before: list:
-    let
-      dfsthis = listDfs true before list;
-      toporest = toposort before (dfsthis.visited ++ dfsthis.rest);
-    in
-      if length list < 2
-      then # finish
-           { result =  list; }
-      else if dfsthis ? "cycle"
-           then # there's a cycle, starting from the current vertex, return it
-                { cycle = reverseList ([ dfsthis.cycle ] ++ dfsthis.visited);
-                  inherit (dfsthis) loops; }
-           else if toporest ? "cycle"
-                then # there's a cycle somewhere else in the graph, return it
-                     toporest
-                # Slow, but short. Can be made a bit faster with an explicit stack.
-                else # there are no cycles
-                     { result = [ dfsthis.minimal ] ++ toporest.result; };
-
-  /* Sort a list based on a comparator function which compares two
-     elements and returns true if the first argument is strictly below
-     the second argument.  The returned list is sorted in an increasing
-     order.  The implementation does a quick-sort.
-
-     Example:
-       sort (a: b: a < b) [ 5 3 7 ]
-       => [ 3 5 7 ]
-  */
+  # Sort a list based on a comparator function which compares two
+  # elements and returns true if the first argument is strictly below
+  # the second argument.  The returned list is sorted in an increasing
+  # order.  The implementation does a quick-sort.
  sort = builtins.sort or (
    strictLess: list:
    let
@@ -362,35 +193,41 @@ rec {
      if len < 2 then list
      else (sort strictLess pivot.left) ++  [ first ] ++  (sort strictLess pivot.right));

-  /* Return the first (at most) N elements of a list.

-     Example:
-       take 2 [ "a" "b" "c" "d" ]
-       => [ "a" "b" ]
-       take 2 [ ]
-       => [ ]
-  */
-  take = count: sublist 0 count;
+  # Return the first (at most) N elements of a list.
+  take =
+    if builtins ? genList then
+      count: sublist 0 count
+    else
+      count: list:
+        let
+          len = length list;
+          take' = n:
+            if n == len || n == count
+              then []
+            else
+              [ (elemAt list n) ] ++ take' (n + 1);
+        in take' 0;

-  /* Remove the first (at most) N elements of a list.

-     Example:
-       drop 2 [ "a" "b" "c" "d" ]
-       => [ "c" "d" ]
-       drop 2 [ ]
-       => [ ]
-  */
-  drop = count: list: sublist count (length list) list;
+  # Remove the first (at most) N elements of a list.
+  drop =
+    if builtins ? genList then
+      count: list: sublist count (length list) list
+    else
+      count: list:
+        let
+          len = length list;
+          drop' = n:
+            if n == -1 || n < count
+              then []
+            else
+              drop' (n - 1) ++ [ (elemAt list n) ];
+        in drop' (len - 1);

-  /* Return a list consisting of at most ‘count’ elements of ‘list’,
-     starting at index ‘start’.

-     Example:
-       sublist 1 3 [ "a" "b" "c" "d" "e" ]
-       => [ "b" "c" "d" ]
-       sublist 1 3 [ ]
-       => [ ]
-  */
+  # Return a list consisting of at most ‘count’ elements of ‘list’,
+  # starting at index ‘start’.
  sublist = start: count: list:
    let len = length list; in
    genList
@@ -399,36 +236,23 @@ rec {
       else if start + count > len then len - start
       else count);

-  /* Return the last element of a list.

-     Example:
-       last [ 1 2 3 ]
-       => 3
-  */
+  # Return the last element of a list.
  last = list:
    assert list != []; elemAt list (length list - 1);

-  /* Return all elements but the last

-     Example:
-       init [ 1 2 3 ]
-       => [ 1 2 ]
-  */
+  # Return all elements but the last
  init = list: assert list != []; take (length list - 1) list;


-  /* FIXME(zimbatm) Not used anywhere
-   */
+  deepSeqList = xs: y: if any (x: deepSeq x false) xs then y else y;
+
+
  crossLists = f: foldl (fs: args: concatMap (f: map f args) fs) [f];


-  /* Remove duplicate elements from the list. O(n^2) complexity.
-
-     Example:
-
-       unique [ 3 2 3 4 ]
-       => [ 3 2 4 ]
-   */
+  # Remove duplicate elements from the list. O(n^2) complexity.
  unique = list:
    if list == [] then
      []
@@ -438,20 +262,12 @@ rec {
        xs = unique (drop 1 list);
      in [x] ++ remove x xs;

-  /* Intersects list 'e' and another list. O(nm) complexity.

-     Example:
-       intersectLists [ 1 2 3 ] [ 6 3 2 ]
-       => [ 3 2 ]
-  */
+  # Intersects list 'e' and another list. O(nm) complexity.
  intersectLists = e: filter (x: elem x e);

-  /* Subtracts list 'e' from another list. O(nm) complexity.

-     Example:
-       subtractLists [ 3 2 ] [ 1 2 3 4 5 3 ]
-       => [ 1 4 5 ]
-  */
+  # Subtracts list 'e' from another list. O(nm) complexity.
  subtractLists = e: filter (x: !(elem x e));

 }
--- a/lib/maintainers.nix
+++ b/lib/maintainers.nix
@@ -10,61 +10,43 @@
  aaronschif = "Aaron Schif <aaronschif@gmail.com>";
  abaldeau = "Andreas Baldeau <andreas@baldeau.net>";
  abbradar = "Nikolay Amiantov <ab@fmap.me>";
-  abigailbuccaneer = "Abigail Bunyan <abigailbuccaneer@gmail.com>";
-  aboseley = "Adam Boseley <adam.boseley@gmail.com>";
-  abuibrahim = "Ruslan Babayev <ruslan@babayev.com>";
-  acowley = "Anthony Cowley <acowley@gmail.com>";
  adev = "Adrien Devresse <adev@adev.name>";
-  Adjective-Object = "Maxwell Huang-Hobbs <mhuan13@gmail.com>";
-  adnelson = "Allen Nelson <ithinkican@gmail.com>";
-  adolfogc = "Adolfo E. García Castro <adolfo.garcia.cr@gmail.com>";
  aespinosa = "Allan Espinosa <allan.espinosa@outlook.com>";
  aflatter = "Alexander Flatter <flatter@fastmail.fm>";
-  afldcr   = "James Alexander Feldman-Crough <alex@fldcr.com>";
  aforemny = "Alexander Foremny <alexanderforemny@googlemail.com>";
-  afranchuk = "Alex Franchuk <alex.franchuk@gmail.com>";
  aherrmann = "Andreas Herrmann <andreash87@gmx.ch>";
  ak = "Alexander Kjeldaas <ak@formalprivacy.com>";
  akaWolf = "Artjom Vejsel <akawolf0@gmail.com>";
  akc = "Anders Claesson <akc@akc.is>";
  algorith = "Dries Van Daele <dries_van_daele@telenet.be>";
-  alibabzo = "Alistair Bill <alistair.bill@gmail.com>";
  all = "Nix Committers <nix-commits@lists.science.uu.nl>";
  ambrop72 = "Ambroz Bizjak <ambrop7@gmail.com>";
  amiddelk = "Arie Middelkoop <amiddelk@gmail.com>";
-  amiloradovsky = "Andrew Miloradovsky <miloradovsky@gmail.com>";
  amorsillo = "Andrew Morsillo <andrew.morsillo@gmail.com>";
  AndersonTorres = "Anderson Torres <torres.anderson.85@gmail.com>";
  anderspapitto = "Anders Papitto <anderspapitto@gmail.com>";
  andres = "Andres Loeh <ksnixos@andres-loeh.de>";
  andrewrk = "Andrew Kelley <superjoe30@gmail.com>";
-  andsild = "Anders Sildnes <andsild@gmail.com>";
  aneeshusa = "Aneesh Agrawal <aneeshusa@gmail.com>";
  antono = "Antono Vasiljev <self@antono.info>";
-  apeyroux = "Alexandre Peyroux <alex@px.io>";
  ardumont = "Antoine R. Dumont <eniotna.t@gmail.com>";
  aristid = "Aristid Breitkreuz <aristidb@gmail.com>";
  arobyn = "Alexei Robyn <shados@shados.net>";
-  artuuge = "Artur E. Ruuge <artuuge@gmail.com>";
-  ashalkhakov = "Artyom Shalkhakov <artyom.shalkhakov@gmail.com>";
-  aske = "Kirill Boltaev <aske@fmap.me>";
  asppsa = "Alastair Pharo <asppsa@gmail.com>";
  astsmtl = "Alexander Tsamutali <astsmtl@yandex.ru>";
-  asymmetric = "Lorenzo Manacorda <lorenzo@mailbox.org>";
  aszlig = "aszlig <aszlig@redmoonstudios.org>";
  auntie = "Jonathan Glines <auntieNeo@gmail.com>";
  avnik = "Alexander V. Nikolaev <avn@avnik.info>";
  aycanirican = "Aycan iRiCAN <iricanaycan@gmail.com>";
-  bachp = "Pascal Bach <pascal.bach@nextrem.ch>";
  badi = "Badi' Abdul-Wahid <abdulwahidc@gmail.com>";
  balajisivaraman = "Balaji Sivaraman<sivaraman.balaji@gmail.com>";
  Baughn = "Svein Ove Aas <sveina@gmail.com>";
+  bbenoist = "Baptist BENOIST <return_0@live.com>";
  bcarrell = "Brandon Carrell <brandoncarrell@gmail.com>";
  bcdarwin = "Ben Darwin <bcdarwin@gmail.com>";
  bdimcheff = "Brandon Dimcheff <brandon@dimcheff.com>";
  benley = "Benjamin Staffin <benley@gmail.com>";
  bennofs = "Benno Fünfstück <benno.fuenfstueck@gmail.com>";
-  benwbooth = "Ben Booth <benwbooth@gmail.com>";
  berdario = "Dario Bertini <berdario@gmail.com>";
  bergey = "Daniel Bergey <bergey@teallabs.org>";
  bjg = "Brian Gough <bjg@gnu.org>";
@@ -74,75 +56,44 @@
  bodil = "Bodil Stokke <nix@bodil.org>";
  boothead = "Ben Ford <ben@perurbis.com>";
  bosu = "Boris Sukholitko <boriss@gmail.com>";
-  bradediger = "Brad Ediger <brad@bradediger.com>";
  bramd = "Bram Duvigneau <bram@bramd.nl>";
  bstrik = "Berno Strik <dutchman55@gmx.com>";
  bzizou = "Bruno Bzeznik <Bruno@bzizou.net>";
  c0dehero = "CodeHero <codehero@nerdpol.ch>";
  calrama = "Moritz Maxeiner <moritz@ucworks.org>";
  campadrenalin = "Philip Horger <campadrenalin@gmail.com>";
-  canndrew = "Andrew Cann <shum@canndrew.org>";
-  carlsverre = "Carl Sverre <accounts@carlsverre.com>";
  cdepillabout = "Dennis Gosnell <cdep.illabout@gmail.com>";
  cfouche = "Chaddaï Fouché <chaddai.fouche@gmail.com>";
  chaoflow = "Florian Friesdorf <flo@chaoflow.net>";
  chattered = "Phil Scott <me@philscotted.com>";
-  changlinli = "Changlin Li <mail@changlinli.com>";
-  choochootrain = "Hurshal Patel <hurshal@imap.cc>";
-  chris-martin = "Chris Martin <ch.martin@gmail.com>";
-  chrisjefferson = "Christopher Jefferson <chris@bubblescope.net>";
  christopherpoole = "Christopher Mark Poole <mail@christopherpoole.net>";
-  ckampka = "Christian Kampka <christian@kampka.net>";
-  cko = "Christine Koppelt <christine.koppelt@gmail.com>";
  cleverca22 = "Michael Bishop <cleverca22@gmail.com>";
-  cmcdragonkai = "Roger Qiu <roger.qiu@matrix.ai>";
-  cmfwyp = "cmfwyp <cmfwyp@riseup.net>";
  coconnor = "Corey O'Connor <coreyoconnor@gmail.com>";
  codsl = "codsl <codsl@riseup.net>";
  codyopel = "Cody Opel <codyopel@gmail.com>";
  colemickens = "Cole Mickens <cole.mickens@gmail.com>";
  copumpkin = "Dan Peebles <pumpkingod@gmail.com>";
-  corngood = "David McFarland <corngood@gmail.com>";
  coroa = "Jonas Hörsch <jonas@chaoflow.net>";
  couchemar = "Andrey Pavlov <couchemar@yandex.ru>";
-  cpages = "Carles Pagès <page@ruiec.cat>";
-  cransom = "Casey Ransom <cransom@hubns.net>";
-  cryptix = "Henry Bubert <cryptix@riseup.net>";
-  CrystalGamma = "Jona Stubbe <nixos@crystalgamma.de>";
-  cstrahan = "Charles Strahan <charles@cstrahan.com>";
+  cstrahan = "Charles Strahan <charles.c.strahan@gmail.com>";
  cwoac = "Oliver Matthews <oliver@codersoffortune.net>";
  DamienCassou = "Damien Cassou <damien@cassou.me>";
-  danbst = "Danylo Hlynskyi <abcz2.uprola@gmail.com>";
-  dancek = "Hannu Hartikainen <hannu.hartikainen@gmail.com>";
-  danielfullmer = "Daniel Fullmer <danielrf12@gmail.com>";
  dasuxullebt = "Christoph-Simon Senjak <christoph.senjak@googlemail.com>";
  davidak = "David Kleuker <post@davidak.de>";
  davidrusu = "David Rusu <davidrusu.me@gmail.com>";
-  davorb = "Davor Babic <davor@davor.se>";
  dbohdan = "Danyil Bohdan <danyil.bohdan@gmail.com>";
-  dbrock = "Daniel Brockman <daniel@brockman.se>";
  deepfire = "Kosyrev Serge <_deepfire@feelingofgreen.ru>";
  demin-dmitriy = "Dmitriy Demin <demindf@gmail.com>";
  DerGuteMoritz = "Moritz Heidkamp <moritz@twoticketsplease.de>";
-  DerTim1 = "Tim Digel <tim.digel@active-group.de>";
  desiderius = "Didier J. Devroye <didier@devroye.name>";
  devhell = "devhell <\"^\"@regexmail.net>";
  dezgeg = "Tuomas Tynkkynen <tuomas.tynkkynen@iki.fi>";
  dfoxfranke = "Daniel Fox Franke <dfoxfranke@gmail.com>";
  dgonyeo = "Derek Gonyeo <derek@gonyeo.com>";
-  dipinhora = "Dipin Hora <dipinhora+github@gmail.com>";
  dmalikov = "Dmitry Malikov <malikov.d.y@gmail.com>";
-  dmjio = "David Johnson <djohnson.m@gmail.com>";
  dochang = "Desmond O. Chang <dochang@gmail.com>";
-  domenkozar = "Domen Kozar <domen@dev.si>";
  doublec = "Chris Double <chris.double@double.co.nz>";
-  dpaetzel = "David Pätzel <david.a.paetzel@gmail.com>";
-  drets = "Dmytro Rets <dmitryrets@gmail.com>";
-  drewkett = "Andrew Burkett <burkett.andrew@gmail.com>";
-  dtzWill = "Will Dietz <nix@wdtz.org>";
-  e-user = "Alexander Kahl <nixos@sodosopa.io>";
  ebzzry = "Rommel Martinez <ebzzry@gmail.com>";
-  edanaher = "Evan Danaher <nixos@edanaher.net>";
  ederoyd46 = "Matthew Brown <matt@ederoyd.co.uk>";
  eduarrrd = "Eduard Bachmakov <e.bachmakov@gmail.com>";
  edwtjo = "Edward Tjörnhammar <ed@cflags.cc>";
@@ -151,29 +102,24 @@
  ehmry = "Emery Hemingway <emery@vfemail.net>";
  eikek = "Eike Kettner <eike.kettner@posteo.de>";
  elasticdog = "Aaron Bull Schaefer <aaron@elasticdog.com>";
-  eleanor = "Dejan Lukan <dejan@proteansec.com>";
  elitak = "Eric Litak <elitak@gmail.com>";
  ellis = "Ellis Whitehead <nixos@ellisw.net>";
  epitrochoid = "Mabry Cervin <mpcervin@uncg.edu>";
  ericbmerritt = "Eric Merritt <eric@afiniate.com>";
  ericsagnes = "Eric Sagnes <eric.sagnes@gmail.com>";
  erikryb = "Erik Rybakken <erik.rybakken@math.ntnu.no>";
-  ertes = "Ertugrul Söylemez <esz@posteo.de>";
-  ethercrow = "Dmitry Ivanov <ethercrow@gmail.com>";
+  ertes = "Ertugrul Söylemez <ertesx@gmx.de>";
  exi = "Reno Reckling <nixos@reckling.org>";
  exlevan = "Alexey Levan <exlevan@gmail.com>";
-  expipiplus1 = "Joe Hermaszewski <nix@monoid.al>";
  fadenb = "Tristan Helmich <tristan.helmich+nixos@gmail.com>";
  falsifian = "James Cook <james.cook@utoronto.ca>";
  flosse = "Markus Kohlhase <mail@markus-kohlhase.de>";
  fluffynukeit = "Daniel Austin <dan@fluffynukeit.com>";
-  fmthoma = "Franz Thoma <f.m.thoma@googlemail.com>";
  forkk = "Andrew Okin <forkk@forkk.net>";
  fornever = "Friedrich von Never <friedrich@fornever.me>";
  fpletz = "Franz Pletz <fpletz@fnordicwalking.de>";
  fps = "Florian Paul Schmidt <mista.tapas@gmx.net>";
  fridh = "Frederik Rietdijk <fridh@fridh.nl>";
-  frlan = "Frank Lanitz <frank@frank.uvena.de>";
  fro_ozen = "fro_ozen <fro_ozen@gmx.de>";
  ftrvxmtrx = "Siarhei Zirukin <ftrvxmtrx@gmail.com>";
  funfunctor = "Edward O'Callaghan <eocallaghan@alterapraxis.com>";
@@ -184,101 +130,72 @@
  garrison = "Jim Garrison <jim@garrison.cc>";
  gavin = "Gavin Rogers <gavin@praxeology.co.uk>";
  gebner = "Gabriel Ebner <gebner@gebner.org>";
-  gilligan = "Tobias Pflug <tobias.pflug@gmail.com>";
+  gfxmonk = "Tim Cuthbertson <tim@gfxmonk.net>";
  giogadi = "Luis G. Torres <lgtorres42@gmail.com>";
  gleber = "Gleb Peregud <gleber.p@gmail.com>";
  globin = "Robin Gloster <mail@glob.in>";
-  gnidorah = "Alex Ivanov <yourbestfriend@opmbx.org>";
  goibhniu = "Cillian de Róiste <cillian.deroiste@gmail.com>";
  Gonzih = "Max Gonzih <gonzih@gmail.com>";
-  goodrone = "Andrew Trachenko <goodrone@gmail.com>";
-  gpyh = "Yacine Hmito <yacine.hmito@gmail.com>";
-  grahamc = "Graham Christensen <graham@grahamc.com>";
  gridaphobe = "Eric Seidel <eric@seidel.io>";
  guibert = "David Guibert <david.guibert@gmail.com>";
-  guillaumekoenig = "Guillaume Koenig <guillaume.edward.koenig@gmail.com>";
-  guyonvarch = "Joris Guyonvarch <joris@guyonvarch.me>";
-  hakuch = "Jesse Haber-Kucharsky <hakuch@gmail.com>";
  havvy = "Ryan Scheel <ryan.havvy@gmail.com>";
  hbunke = "Hendrik Bunke <bunke.hendrik@gmail.com>";
-  hce = "Hans-Christian Esperer <hc@hcesperer.org>";
  henrytill = "Henry Till <henrytill@gmail.com>";
+  hiberno = "Christian Lask <mail@elfsechsundzwanzig.de>";
  hinton = "Tom Hinton <t@larkery.com>";
  hrdinka = "Christoph Hrdinka <c.nix@hrdinka.at>";
  iand675 = "Ian Duncan <ian@iankduncan.com>";
  ianwookim = "Ian-Woo Kim <ianwookim@gmail.com>";
+  iElectric = "Domen Kozar <domen@dev.si>";
  igsha = "Igor Sharonov <igor.sharonov@gmail.com>";
  ikervagyok = "Balázs Lengyel <ikervagyok@gmail.com>";
-  ivan-tkatchev = "Ivan Tkatchev <tkatchev@gmail.com>";
  j-keck = "Jürgen Keck <jhyphenkeck@gmail.com>";
  jagajaga = "Arseniy Seroka <ars.seroka@gmail.com>";
  javaguirre = "Javier Aguirre <contacto@javaguirre.net>";
  jb55 = "William Casarin <bill@casarin.me>";
-  jbedo = "Justin Bedő <cu@cua0.org>";
  jcumming = "Jack Cummings <jack@mudshark.org>";
-  jdagilliland = "Jason Gilliland <jdagilliland@gmail.com>";
  jefdaj = "Jeffrey David Johnson <jefdaj@gmail.com>";
-  jerith666 = "Matt McHenry <github@matt.mchenryfamily.org>";
  jfb = "James Felix Black <james@yamtime.com>";
  jgeerds = "Jascha Geerds <jascha@jgeerds.name>";
-  jgertm = "Tim Jaeger <jger.tm@gmail.com>";
  jgillich = "Jakob Gillich <jakob@gillich.me>";
  jirkamarsik = "Jirka Marsik <jiri.marsik89@gmail.com>";
  joachifm = "Joachim Fasting <joachifm@fastmail.fm>";
  joamaki = "Jussi Maki <joamaki@gmail.com>";
  joelmo = "Joel Moberg <joel.moberg@gmail.com>";
  joelteon = "Joel Taylor <me@joelt.io>";
-  johbo = "Johannes Bornhold <johannes@bornhold.name>";
-  joko = "Ioannis Koutras <ioannis.koutras@gmail.com>";
-  jonafato = "Jon Banafato <jon@jonafato.com>";
  jpbernardy = "Jean-Philippe Bernardy <jeanphilippe.bernardy@gmail.com>";
-  jpierre03 = "Jean-Pierre PRUNARET <nix@prunetwork.fr>";
-  jraygauthier = "Raymond Gauthier <jraygauthier@gmail.com>";
-  juliendehos = "Julien Dehos <dehos@lisic.univ-littoral.fr>";
  jwiegley = "John Wiegley <johnw@newartisans.com>";
  jwilberding = "Jordan Wilberding <jwilberding@afiniate.com>";
  jzellner = "Jeff Zellner <jeffz@eml.cc>";
-  kaiha = "Kai Harries <kai.harries@gmail.com>";
  kamilchm = "Kamil Chmielewski <kamil.chm@gmail.com>";
  kampfschlaefer = "Arnold Krille <arnold@arnoldarts.de>";
  kevincox = "Kevin Cox <kevincox@kevincox.ca>";
  khumba = "Bryan Gardiner <bog@khumba.net>";
-  KibaFox = "Kiba Fox <kiba.fox@foxypossibilities.com>";
-  kierdavis = "Kier Davis <kierdavis@gmail.com>";
  kkallio = "Karn Kallio <tierpluspluslists@gmail.com>";
-  knedlsepp = "Josef Kemetmüller <josef.kemetmueller@gmail.com>";
  koral = "Koral <koral@mailoo.org>";
  kovirobi = "Kovacsics Robert <kovirobi@gmail.com>";
  kragniz = "Louis Taylor <louis@kragniz.eu>";
-  kristoff3r = "Kristoffer Søholm <k.soeholm@gmail.com>";
  ktosiek = "Tomasz Kontusz <tomasz.kontusz@gmail.com>";
  lassulus = "Lassulus <lassulus@gmail.com>";
  layus = "Guillaume Maudoux <layus.on@gmail.com>";
-  ldesgoui = "Lucas Desgouilles <ldesgoui@gmail.com>";
-  league = "Christopher League <league@contrapunctus.net>";
  lebastr = "Alexander Lebedev <lebastr@gmail.com>";
-  leemachin = "Lee Machin <me@mrl.ee>";
  leenaars = "Michiel Leenaars <ml.software@leenaa.rs>";
  leonardoce = "Leonardo Cecchi <leonardo.cecchi@gmail.com>";
  lethalman = "Luca Bruno <lucabru@src.gnome.org>";
  lewo = "Antoine Eiche <lewo@abesis.fr>";
-  lheckemann = "Linus Heckemann <git@sphalerite.org>";
  lhvwb = "Nathaniel Baxter <nathaniel.baxter@gmail.com>";
  lihop = "Leroy Hopson <nixos@leroy.geek.nz>";
  linquize = "Linquize <linquize@yahoo.com.hk>";
  linus = "Linus Arver <linusarver@gmail.com>";
  lnl7 = "Daiderd Jordan <daiderd@gmail.com>";
-  loskutov = "Ignat Loskutov <ignat.loskutov@gmail.com>";
  lovek323 = "Jason O'Conal <jason@oconal.id.au>";
  lowfatcomputing = "Andreas Wagner <andreas.wagner@lowfatcomputing.org>";
  lsix = "Lancelot SIX <lsix@lancelotsix.com>";
-  lucas8 = "Luc Chabassier <luc.linux@mailoo.org>";
  ludo = "Ludovic Courtès <ludo@gnu.org>";
  luispedro = "Luis Pedro Coelho <luis@luispedro.org>";
+  lukasepple = "Lukas Epple <post@lukasepple.de>";
  lukego = "Luke Gorrie <luke@snabb.co>";
  lw = "Sergey Sofeychuk <lw@fmap.me>";
-  lyt = "Tim Liou <wheatdoge@gmail.com>";
-  ma27 = "Maximilian Bosch <maximilian@mbosch.me>";
  madjar = "Georges Dubus <georges.dubus@compiletoi.net>";
  magnetophon = "Bart Brouns <bart@magnetophon.nl>";
  mahe = "Matthias Herrmann <matthias.mh.herrmann@gmail.com>";
@@ -286,98 +203,52 @@
  malyn = "Michael Alyn Miller <malyn@strangeGizmo.com>";
  manveru = "Michael Fellinger <m.fellinger@gmail.com>";
  marcweber = "Marc Weber <marco-oweber@gmx.de>";
-  markus1189 = "Markus Hauck <markus1189@gmail.com>";
  markWot = "Markus Wotringer <markus@wotringer.de>";
-  martijnvermaat = "Martijn Vermaat <martijn@vermaat.name>";
-  martingms = "Martin Gammelsæter <martin@mg.am>";
  matejc = "Matej Cotman <cotman.matej@gmail.com>";
  mathnerd314 = "Mathnerd314 <mathnerd314.gph+hs@gmail.com>";
-  matthewbauer = "Matthew Bauer <mjbauer95@gmail.com>";
  matthiasbeyer = "Matthias Beyer <mail@beyermatthias.de>";
  maurer = "Matthew Maurer <matthew.r.maurer+nix@gmail.com>";
-  mbakke = "Marius Bakke <mbakke@fastmail.com>";
-  mbbx6spp = "Susan Potter <me@susanpotter.net>";
+  mbakke = "Marius Bakke <ymse@tuta.io>";
  mbe = "Brandon Edens <brandonedens@gmail.com>";
-  mboes = "Mathieu Boespflug <mboes@tweag.net>";
-  mbrgm = "Marius Bergmann <marius@yeai.de>";
  mcmtroffaes = "Matthias C. M. Troffaes <matthias.troffaes@gmail.com>";
-  mdaiter = "Matthew S. Daiter <mdaiter8121@gmail.com>";
  meditans = "Carlo Nucera <meditans@gmail.com>";
  meisternu = "Matt Miemiec <meister@krutt.org>";
-  metabar = "Celine Mercier <softs@metabarcoding.org>";
-  mguentner = "Maximilian Güntner <code@klandest.in>";
-  mic92 = "Jörg Thalheim <joerg@thalheim.io>";
  michaelpj = "Michael Peyton Jones <michaelpj@gmail.com>";
-  michalrus = "Michal Rus <m@michalrus.com>";
  michelk = "Michel Kuhlmann <michel@kuhlmanns.info>";
-  mikefaille = "Michaël Faille <michael@faille.io>";
-  mimadrid = "Miguel Madrid <mimadrid@ucm.es>";
  mingchuan = "Ming Chuan <ming@culpring.com>";
  mirdhyn = "Merlin Gaillard <mirdhyn@gmail.com>";
-  mirrexagon = "Andrew Abbott <mirrexagon@mirrexagon.com>";
-  mjanczyk = "Marcin Janczyk <m@dragonvr.pl>";
-  mlieberman85 = "Michael Lieberman <mlieberman85@gmail.com>";
  modulistic = "Pablo Costa <modulistic@gmail.com>";
  mog = "Matthew O'Gorman <mog-lists@rldn.net>";
-  montag451 = "montag451 <montag451@laposte.net>";
-  moosingin3space = "Nathan Moos <moosingin3space@gmail.com>";
-  moretea = "Maarten Hoogendoorn <maarten@moretea.nl>";
  mornfall = "Petr Ročkai <me@mornfall.net>";
-  MostAwesomeDude = "Corbin Simpson <cds@corbinsimpson.com>";
-  mounium = "Katona László <muoniurn@gmail.com>";
  MP2E = "Cray Elliott <MP2E@archlinux.us>";
-  mpscholten = "Marc Scholten <marc@mpscholten.de>";
-  mpsyco = "Francis St-Amour <fr.st-amour@gmail.com>";
  msackman = "Matthew Sackman <matthew@wellquite.org>";
  mschristiansen = "Mikkel Christiansen <mikkel@rheosystems.com>";
  msteen = "Matthijs Steen <emailmatthijs@gmail.com>";
  mtreskin = "Max Treskin <zerthurd@gmail.com>";
  mudri = "James Wood <lamudri@gmail.com>";
  muflax = "Stefan Dorn <mail@muflax.com>";
-  myrl = "Myrl Hex <myrl.0xf@gmail.com>";
-  namore = "Roman Naumann <namor@hemio.de>";
-  nand0p = "Fernando Jose Pando <nando@hex7.com>";
-  Nate-Devv = "Nathan Moore <natedevv@gmail.com>";
  nathan-gs = "Nathan Bijnens <nathan@nathan.gs>";
  nckx = "Tobias Geerinckx-Rice <tobias.geerinckx.rice@gmail.com>";
-  ndowens = "Nathan Owens <ndowens04@gmail.com>";
  nequissimus = "Tim Steinbach <tim@nequissimus.com>";
  nfjinjing = "Jinjing Wang <nfjinjing@gmail.com>";
-  nhooyr = "Anmol Sethi <anmol@aubble.com>";
-  nickhu = "Nick Hu <me@nickhu.co.uk>";
-  nicknovitski = "Nick Novitski <nixpkgs@nicknovitski.com>";
  nico202 = "Nicolò Balzarotti <anothersms@gmail.com>";
-  NikolaMandic = "Ratko Mladic <nikola@mandic.email>";
-  nixy = "Andrew R. M. <andrewmiller237@gmail.com>";
-  nocoolnametom = "Tom Doggett <nocoolnametom@gmail.com>";
  notthemessiah = "Brian Cohen <brian.cohen.88@gmail.com>";
  np = "Nicolas Pouillard <np.nix@nicolaspouillard.fr>";
  nslqqq = "Nikita Mikhailov <nslqqq@gmail.com>";
-  xnwdd = "Guillermo NWDD <nwdd+nixos@no.team>";
-  obadz = "obadz <obadz-nixos@obadz.com>";
+  obadz = "obadz <dav-nixos@odav.org>";
  ocharles = "Oliver Charles <ollie@ocharles.org.uk>";
  odi = "Oliver Dunkl <oliver.dunkl@gmail.com>";
  offline = "Jaka Hudoklin <jakahudoklin@gmail.com>";
-  oida = "oida <oida@posteo.de>";
-  okasu = "Okasu <oka.sux@gmail.com>";
  olcai = "Erik Timan <dev@timan.info>";
-  olejorgenb = "Ole Jørgen Brønner <olejorgenb@yahoo.no>";
-  orbekk = "KJ Ørbekk <kjetil.orbekk@gmail.com>";
  orbitz = "Malcolm Matalka <mmatalka@gmail.com>";
-  orivej = "Orivej Desh <orivej@gmx.fr>";
  osener = "Ozan Sener <ozan@ozansener.com>";
-  otwieracz = "Slawomir Gonet <slawek@otwiera.cz>";
  oxij = "Jan Malakhovski <oxij@oxij.org>";
+  page = "Carles Pagès <page@cubata.homelinux.net>";
  paholg = "Paho Lurie-Gregg <paho@paholg.com>";
  pakhfn = "Fedor Pakhomov <pakhfn@gmail.com>";
  palo = "Ingolf Wanger <palipalo9@googlemail.com>";
-  paperdigits = "Mica Semrick <mica@silentumbrella.com>";
  pashev = "Igor Pashev <pashev.igor@gmail.com>";
-  pawelpacana = "Paweł Pacana <pawel.pacana@gmail.com>";
-  periklis = "theopompos@gmail.com";
  pesterhazy = "Paulus Esterhazy <pesterhazy@gmail.com>";
-  peterhoeg = "Peter Hoeg <peter@hoeg.com>";
-  peti = "Peter Simons <simons@cryp.to>";
  philandstuff = "Philip Potter <philip.g.potter@gmail.com>";
  phile314 = "Philipp Hausmann <nix@314.ch>";
  Phlogistique = "Noé Rubinstein <noe.rubinstein@gmail.com>";
@@ -389,144 +260,93 @@
  pjones = "Peter Jones <pjones@devalot.com>";
  pkmx = "Chih-Mao Chen <pkmx.tw@gmail.com>";
  plcplc = "Philip Lykke Carlsen <plcplc@gmail.com>";
-  plumps = "Maksim Bronsky <maks.bronsky@web.de";
  pmahoney = "Patrick Mahoney <pat@polycrystal.org>";
  pmiddend = "Philipp Middendorf <pmidden@secure.mailbox.org>";
-  polyrod = "Maurizio Di Pietro <dc1mdp@gmail.com>";
-  pradeepchhetri = "Pradeep Chhetri <pradeep.chhetri89@gmail.com>";
  prikhi = "Pavan Rikhi <pavan.rikhi@gmail.com>";
-  primeos = "Michael Weiss <dev.primeos@gmail.com>";
  profpatsch = "Profpatsch <mail@profpatsch.de>";
-  proglodyte = "Proglodyte <proglodyte23@gmail.com>";
-  pshendry = "Paul Hendry <paul@pshendry.com>";
  psibi = "Sibi <sibi@psibi.in>";
-  pstn = "Philipp Steinpaß <philipp@xndr.de>";
  pSub = "Pascal Wittmann <mail@pascal-wittmann.de>";
  puffnfresh = "Brian McKenna <brian@brianmckenna.org>";
  pxc = "Patrick Callahan <patrick.callahan@latitudeengineering.com>";
  qknight = "Joachim Schiele <js@lastlog.de>";
  ragge = "Ragnar Dahlen <r.dahlen@gmail.com>";
-  ralith = "Benjamin Saunders <ben.e.saunders@gmail.com>";
-  ramkromberg = "Ram Kromberg <ramkromberg@mail.com>";
-  rardiol = "Ricardo Ardissone <ricardo.ardissone@gmail.com>";
-  rasendubi = "Alexey Shmalko <rasen.dubi@gmail.com>";
  raskin = "Michael Raskin <7c6f434c@mail.ru>";
-  rbasso = "Rafael Basso <rbasso@sharpgeeks.net>";
  redbaron = "Maxim Ivanov <ivanov.maxim@gmail.com>";
-  redvers = "Redvers Davies <red@infect.me>";
  refnil = "Martin Lavoie <broemartino@gmail.com>";
-  regnat = "Théophane Hufschmitt <regnat@regnat.ovh>";
  relrod = "Ricky Elrod <ricky@elrod.me>";
  renzo = "Renzo Carbonara <renzocarbonara@gmail.com>";
-  retrry = "Tadas Barzdžius <retrry@gmail.com>";
  rick68 = "Wei-Ming Yang <rick68@gmail.com>";
  rickynils = "Rickard Nilsson <rickynils@gmail.com>";
-  ris = "Robert Scott <code@humanleg.org.uk>";
-  rlupton20 = "Richard Lupton <richard.lupton@gmail.com>";
  rnhmjoj = "Michele Guerini Rocco <micheleguerinirocco@me.com>";
  rob = "Rob Vermaas <rob.vermaas@gmail.com>";
  robberer = "Longrin Wischnewski <robberer@freakmail.de>";
  robbinch = "Robbin C. <robbinch33@gmail.com>";
  robgssp = "Rob Glossop <robgssp@gmail.com>";
-  roblabla = "Robin Lambertz <robinlambertz+dev@gmail.com>";
  roconnor = "Russell O'Connor <roconnor@theorem.ca>";
  romildo = "José Romildo Malaquias <malaquias@gmail.com>";
-  rongcuid = "Rongcui Dong <rongcuid@outlook.com>";
-  ronny = "Ronny Pfannschmidt <nixos@ronnypfannschmidt.de>";
  rszibele = "Richard Szibele <richard_szibele@hotmail.com>";
-  rtreffer = "Rene Treffer <treffer+nixos@measite.de>";
  rushmorem = "Rushmore Mushambi <rushmore@webenchanter.com>";
  rvl = "Rodney Lorrimar <dev+nix@rodney.id.au>";
  rvlander = "Gaëtan André <rvlander@gaetanandre.eu>";
-  ryanartecona = "Ryan Artecona <ryanartecona@gmail.com>";
-  ryansydnor = "Ryan Sydnor <ryan.t.sydnor@gmail.com>";
  ryantm = "Ryan Mulligan <ryan@ryantm.com>";
  rycee = "Robert Helgesson <robert@rycee.net>";
-  ryneeverett = "Ryne Everett <ryneeverett@gmail.com>";
-  s1lvester = "Markus Silvester <s1lvester@bockhacker.me>";
  samuelrivas = "Samuel Rivas <samuelrivas@gmail.com>";
  sander = "Sander van der Burg <s.vanderburg@tudelft.nl>";
  schmitthenner = "Fabian Schmitthenner <development@schmitthenner.eu>";
-  schneefux = "schneefux <schneefux+nixos_pkg@schneefux.xyz>";
  schristo = "Scott Christopher <schristopher@konputa.com>";
-  scolobb = "Sergiu Ivanov <sivanov@colimite.fr>";
  sepi = "Raffael Mancini <raffael@mancini.lu>";
-  seppeljordan = "Sebastian Jordan <sebastian.jordan.mail@googlemail.com>";
-  sheenobu = "Sheena Artrip <sheena.artrip@gmail.com>";
  sheganinans = "Aistis Raulinaitis <sheganinans@gmail.com>";
  shell = "Shell Turner <cam.turn@gmail.com>";
  shlevy = "Shea Levy <shea@shealevy.com>";
-  siddharthist = "Langston Barrett <langston.barrett@gmail.com>";
+  simons = "Peter Simons <simons@cryp.to>";
  simonvandel = "Simon Vandel Sillesen <simon.vandel@gmail.com>";
  sjagoe = "Simon Jagoe <simon@simonjagoe.com>";
  sjmackenzie = "Stewart Mackenzie <setori88@gmail.com>";
  sjourdois = "Stéphane ‘kwisatz’ Jourdois <sjourdois@gmail.com>";
  skeidel = "Sven Keidel <svenkeidel@gmail.com>";
-  skrzyp = "Jakub Skrzypnik <jot.skrzyp@gmail.com>";
  sleexyz = "Sean Lee <freshdried@gmail.com>";
-  smironov = "Sergey Mironov <grrwlf@gmail.com>";
-  solson = "Scott Olson <scott@solson.me>";
+  smironov = "Sergey Mironov <ierton@gmail.com>";
  spacefrogg = "Michael Raitza <spacefrogg-nixos@meterriblecrew.net>";
  spencerjanssen = "Spencer Janssen <spencerjanssen@gmail.com>";
  spinus = "Tomasz Czyż <tomasz.czyz@gmail.com>";
  sprock = "Roger Mason <rmason@mun.ca>";
  spwhitt = "Spencer Whitt <sw@swhitt.me>";
-  srhb = "Sarah Brofeldt <sbrofeldt@gmail.com>";
-  SShrike = "Severen Redwood <severen@shrike.me>";
  stephenmw = "Stephen Weinberg <stephen@q5comm.com>";
-  sternenseemann = "Lukas Epple <post@lukasepple.de>";
-  stesie = "Stefan Siegl <stesie@brokenpipe.de>";
  steveej = "Stefan Junker <mail@stefanjunker.de>";
-  swarren83 = "Shawn Warren <shawn.w.warren@gmail.com>";
-  swistak35 = "Rafał Łasocha <me@swistak35.com>";
  szczyp = "Szczyp <qb@szczyp.com>";
  sztupi = "Attila Sztupak <attila.sztupak@gmail.com>";
  taeer = "Taeer Bar-Yam <taeer@necsi.edu>";
  tailhook = "Paul Colomiets <paul@colomiets.name>";
-  takikawa = "Asumu Takikawa <asumu@igalia.com>";
  taktoa = "Remy Goldschmidt <taktoa@gmail.com>";
  tavyc = "Octavian Cerna <octavian.cerna@gmail.com>";
-  teh = "Tom Hunger <tehunger@gmail.com>";
  telotortium = "Robert Irelan <rirelan@gmail.com>";
  thall = "Niclas Thall <niclas.thall@gmail.com>";
  thammers = "Tobias Hammerschmidt <jawr@gmx.de>";
  the-kenny = "Moritz Ulrich <moritz@tarn-vedra.de>";
  theuni = "Christian Theune <ct@flyingcircus.io>";
  thoughtpolice = "Austin Seipp <aseipp@pobox.com>";
-  timbertson = "Tim Cuthbertson <tim@gfxmonk.net>";
  titanous = "Jonathan Rudenberg <jonathan@titanous.com>";
  tohl = "Tomas Hlavaty <tom@logand.com>";
  tokudan = "Daniel Frank <git@danielfrank.net>";
  tomberek = "Thomas Bereknyei <tomberek@gmail.com>";
  travisbhartwell = "Travis B. Hartwell <nafai@travishartwell.net>";
  trino = "Hubert Mühlhans <muehlhans.hubert@ekodia.de>";
-  tstrobel = "Thomas Strobel <4ZKTUB6TEP74PYJOPWIR013S2AV29YUBW5F9ZH2F4D5UMJUJ6S@hash.domains>";
-  ttuegel = "Thomas Tuegel <ttuegel@mailbox.org>";
+  tstrobel = "Thomas Strobel <ts468@cam.ac.uk>";
+  ttuegel = "Thomas Tuegel <ttuegel@gmail.com>";
  tv = "Tomislav Viljetić <tv@shackspace.de>";
  tvestelind = "Tomas Vestelind <tomas.vestelind@fripost.org>";
-  tvorog = "Marsel Zaripov <marszaripov@gmail.com>";
  twey = "James ‘Twey’ Kay <twey@twey.co.uk>";
-  uralbash = "Svintsov Dmitry <root@uralbash.ru>";
-  #urkud = "Yury G. Kudryashov <urkud+nix@ya.ru>"; inactive since 2012
-  uwap = "uwap <me@uwap.name>";
+  urkud = "Yury G. Kudryashov <urkud+nix@ya.ru>";
  vandenoever = "Jos van den Oever <jos@vandenoever.info>";
-  vanschelven = "Klaas van Schelven <klaas@vanschelven.com>";
  vanzef = "Ivan Solyankin <vanzef@gmail.com>";
  vbgl = "Vincent Laporte <Vincent.Laporte@gmail.com>";
  vbmithr = "Vincent Bernardoff <vb@luminar.eu.org>";
  vcunat = "Vladimír Čunát <vcunat@gmail.com>";
-  vdemeester = "Vincent Demeester <vincent@sbr.pm>";
-  veprbl = "Dmitry Kalinkin <veprbl@gmail.com>";
-  vifino = "Adrian Pistol <vifino@tty.sh>";
  viric = "Lluís Batlle i Rossell <viric@viric.name>";
  vizanto = "Danny Wilson <danny@prime.vc>";
-  vklquevs = "vklquevs <vklquevs@gmail.com>";
  vlstill = "Vladimír Štill <xstill@fi.muni.cz>";
  vmandela = "Venkateswara Rao Mandela <venkat.mandela@gmail.com>";
-  volhovm = "Mikhail Volkhov <volhovm.cs@gmail.com>";
-  volth = "Jaroslavas Pocepko <jaroslavas@volth.com>";
  vozz = "Oliver Hunt <oliver.huntuk@gmail.com>";
-  vrthra = "Rahul Gopinath <rahul@gopinath.org>";
  wedens = "wedens <kirill.wedens@gmail.com>";
  willtim = "Tim Philip Williams <tim.williams.public@gmail.com>";
  winden = "Antonio Vargas Gonzalez <windenntw@gmail.com>";
@@ -537,19 +357,11 @@
  womfoo = "Kranium Gikos Mendoza <kranium@gikos.net>";
  wscott = "Wayne Scott <wsc9tt@gmail.com>";
  wyvie = "Elijah Rum <elijahrum@gmail.com>";
-  xvapx = "Marti Serra <marti.serra.coscollano@gmail.com>";
-  xwvvvvwx = "David Terry <davidterry@posteo.de>";
  yarr = "Dmitry V. <savraz@gmail.com>";
-  yochai = "Yochai <yochai@titat.info>";
-  yorickvp = "Yorick van Pelt <yorickvanpelt@gmail.com>";
-  yurrriq = "Eric Bailey <eric@ericb.me>";
  z77z = "Marco Maggesi <maggesi@math.unifi.it>";
  zagy = "Christian Zagrodnick <cz@flyingcircus.io>";
-  zauberpony = "Elmar Athmer <elmar@athmer.org>";
  zef = "Zef Hemel <zef@zef.me>";
  zimbatm = "zimbatm <zimbatm@zimbatm.com>";
  zohl = "Al Zohali <zohl@fmap.me>";
  zoomulator = "Kim Simmons <zoomulator@gmail.com>";
-  zraexy = "David Mell <zraexy@gmail.com>";
-  zx2c4 = "Jason A. Donenfeld <Jason@zx2c4.com>";
 }
--- a/lib/modules.nix
+++ b/lib/modules.nix
@@ -1,5 +1,4 @@
 with import ./lists.nix;
-with import ./strings.nix;
 with import ./trivial.nix;
 with import ./attrsets.nix;
 with import ./options.nix;
@@ -106,12 +105,8 @@ rec {
  /* Massage a module into canonical form, that is, a set consisting
     of ‘options’, ‘config’ and ‘imports’ attributes. */
  unifyModuleSyntax = file: key: m:
-    let metaSet = if m ? meta 
-      then { meta = m.meta; }
-      else {};
-    in
    if m ? config || m ? options then
-      let badAttrs = removeAttrs m ["imports" "options" "config" "key" "_file" "meta"]; in
+      let badAttrs = removeAttrs m ["imports" "options" "config" "key" "_file"]; in
      if badAttrs != {} then
        throw "Module `${key}' has an unsupported attribute `${head (attrNames badAttrs)}'. This is caused by assignments to the top-level attributes `config' or `options'."
      else
@@ -119,14 +114,14 @@ rec {
          key = toString m.key or key;
          imports = m.imports or [];
          options = m.options or {};
-          config = mkMerge [ (m.config or {}) metaSet ];
+          config = m.config or {};
        }
    else
      { file = m._file or file;
        key = toString m.key or key;
        imports = m.require or [] ++ m.imports or [];
        options = {};
-        config = mkMerge [ (removeAttrs m ["key" "_file" "require" "imports"]) metaSet ];
+        config = removeAttrs m ["key" "_file" "require" "imports"];
      };

  applyIfFunction = key: f: args@{ config, options, lib, ... }: if isFunction f then
@@ -231,20 +226,12 @@ rec {
     correspond to the definition of 'loc' in 'opt.file'. */
  mergeOptionDecls = loc: opts:
    foldl' (res: opt:
-      let t  = res.type;
-          t' = opt.options.type;
-          mergedType = t.typeMerge t'.functor;
-          typesMergeable = mergedType != null;
-          typeSet = if (bothHave "type") && typesMergeable
-                       then { type = mergedType; }
-                       else {};
-          bothHave = k: opt.options ? ${k} && res ? ${k};
-      in
-      if bothHave "default" ||
-         bothHave "example" ||
-         bothHave "description" ||
-         bothHave "apply" ||
-         (bothHave "type" && (! typesMergeable))
+      if opt.options ? default && res ? default ||
+         opt.options ? example && res ? example ||
+         opt.options ? description && res ? description ||
+         opt.options ? apply && res ? apply ||
+         # Accept to merge options which have identical types.
+         opt.options ? type && res ? type && opt.options.type.name != res.type.name
      then
        throw "The option `${showOption loc}' in `${opt.file}' is already declared in ${showFiles res.declarations}."
      else
@@ -266,7 +253,7 @@ rec {
        in opt.options // res //
          { declarations = res.declarations ++ [opt.file];
            options = submodules;
-          } // typeSet
+          }
    ) { inherit loc; declarations = []; options = []; } opts;

  /* Merge all the definitions of an option to produce the final
@@ -326,7 +313,7 @@ rec {
    # Type-check the remaining definitions, and merge them.
    mergedValue = foldl' (res: def:
      if type.check def.value then res
-      else throw "The option value `${showOption loc}' in `${def.file}' is not a ${type.description}.")
+      else throw "The option value `${showOption loc}' in `${def.file}' is not a ${type.name}.")
      (type.merge loc defsFinal) defsFinal;

    isDefined = defsFinal != [];
@@ -375,13 +362,10 @@ rec {
    if def._type or "" == "merge" then
      concatMap dischargeProperties def.contents
    else if def._type or "" == "if" then
-      if isBool def.condition then
-        if def.condition then
-          dischargeProperties def.content
-        else
-          [ ]
+      if def.condition then
+        dischargeProperties def.content
      else
-        throw "‘mkIf’ called with a non-Boolean condition"
+        [ ]
    else
      [ def ];

@@ -433,14 +417,12 @@ rec {
      options = opt.options or
        (throw "Option `${showOption loc'}' has type optionSet but has no option attribute, in ${showFiles opt.declarations}.");
      f = tp:
-        let optionSetIn = type: (tp.name == type) && (tp.functor.wrapped.name == "optionSet");
-        in
        if tp.name == "option set" || tp.name == "submodule" then
          throw "The option ${showOption loc} uses submodules without a wrapping type, in ${showFiles opt.declarations}."
-        else if optionSetIn "attrsOf" then types.attrsOf (types.submodule options)
-        else if optionSetIn "loaOf"   then types.loaOf   (types.submodule options)
-        else if optionSetIn "listOf"  then types.listOf  (types.submodule options)
-        else if optionSetIn "nullOr"  then types.nullOr  (types.submodule options)
+        else if tp.name == "attribute set of option sets" then types.attrsOf (types.submodule options)
+        else if tp.name == "list or attribute set of option sets" then types.loaOf (types.submodule options)
+        else if tp.name == "list of option sets" then types.listOf (types.submodule options)
+        else if tp.name == "null or option set" then types.nullOr (types.submodule options)
        else tp;
    in
      if opt.type.getSubModules or null == null
@@ -521,25 +503,19 @@ rec {
  /* Return a module that causes a warning to be shown if the
     specified option is defined. For example,

-       mkRemovedOptionModule [ "boot" "loader" "grub" "bootDevice" ] "<replacement instructions>"
+       mkRemovedOptionModule [ "boot" "loader" "grub" "bootDevice" ]

     causes a warning if the user defines boot.loader.grub.bootDevice.
-
-     replacementInstructions is a string that provides instructions on
-     how to achieve the same functionality without the removed option,
-     or alternatively a reasoning why the functionality is not needed.
-     replacementInstructions SHOULD be provided!
  */
-  mkRemovedOptionModule = optionName: replacementInstructions:
+  mkRemovedOptionModule = optionName:
    { options, ... }:
    { options = setAttrByPath optionName (mkOption {
        visible = false;
      });
      config.warnings =
        let opt = getAttrFromPath optionName options; in
-        optional opt.isDefined ''
-            The option definition `${showOption optionName}' in ${showFiles opt.files} no longer has any effect; please remove it.
-            ${replacementInstructions}'';
+        optional opt.isDefined
+          "The option definition `${showOption optionName}' in ${showFiles opt.files} no longer has any effect; please remove it.";
    };

  /* Return a module that causes a warning to be shown if the
@@ -559,84 +535,6 @@ rec {
    use = builtins.trace "Obsolete option `${showOption from}' is used. It was renamed to `${showOption to}'.";
  };

-  /* Return a module that causes a warning to be shown if any of the "from"
-     option is defined; the defined values can be used in the "mergeFn" to set
-     the "to" value.
-     This function can be used to merge multiple options into one that has a
-     different type.
-
-     "mergeFn" takes the module "config" as a parameter and must return a value
-     of "to" option type.
-
-       mkMergedOptionModule
-         [ [ "a" "b" "c" ]
-           [ "d" "e" "f" ] ]
-         [ "x" "y" "z" ]
-         (config:
-           let value = p: getAttrFromPath p config;
-           in
-           if      (value [ "a" "b" "c" ]) == true then "foo"
-           else if (value [ "d" "e" "f" ]) == true then "bar"
-           else "baz")
-
-     - options.a.b.c is a removed boolean option
-     - options.d.e.f is a removed boolean option
-     - options.x.y.z is a new str option that combines a.b.c and d.e.f
-       functionality
-
-     This show a warning if any a.b.c or d.e.f is set, and set the value of
-     x.y.z to the result of the merge function 
-  */
-  mkMergedOptionModule = from: to: mergeFn:
-    { config, options, ... }:
-    {
-      options = foldl recursiveUpdate {} (map (path: setAttrByPath path (mkOption {
-        visible = false;
-        # To use the value in mergeFn without triggering errors
-        default = "_mkMergedOptionModule";
-      })) from);
-
-      config = {
-        warnings = filter (x: x != "") (map (f:
-          let val = getAttrFromPath f config;
-              opt = getAttrFromPath f options;
-          in
-          optionalString 
-            (val != "_mkMergedOptionModule")
-            "The option `${showOption f}' defined in ${showFiles opt.files} has been changed to `${showOption to}' that has a different type. Please read `${showOption to}' documentation and update your configuration accordingly."
-        ) from);
-      } // setAttrByPath to (mkMerge
-             (optional 
-               (any (f: (getAttrFromPath f config) != "_mkMergedOptionModule") from)
-               (mergeFn config)));
-    };
-
-  /* Single "from" version of mkMergedOptionModule.
-     Return a module that causes a warning to be shown if the "from" option is
-     defined; the defined value can be used in the "mergeFn" to set the "to"
-     value.
-     This function can be used to change an option into another that has a
-     different type.
-
-     "mergeFn" takes the module "config" as a parameter and must return a value of
-     "to" option type.
-
-       mkChangedOptionModule [ "a" "b" "c" ] [ "x" "y" "z" ]
-         (config:
-           let value = getAttrFromPath [ "a" "b" "c" ] config;
-           in
-           if   value > 100 then "high"
-           else "normal")
-
-     - options.a.b.c is a removed int option
-     - options.x.y.z is a new str option that supersedes a.b.c
-
-     This show a warning if a.b.c is set, and set the value of x.y.z to the
-     result of the change function
-  */
-  mkChangedOptionModule = from: to: changeFn:
-    mkMergedOptionModule [ from ] to changeFn;
-
  /* Like ‘mkRenamedOptionModule’, but doesn't show a warning. */
  mkAliasOptionModule = from: to: doRename {
    inherit from to;
@@ -656,10 +554,12 @@ rec {
          apply = x: use (toOf config);
        });
        config = {
+        /*
          warnings =
            let opt = getAttrFromPath from options; in
            optional (warn && opt.isDefined)
              "The option `${showOption from}' defined in ${showFiles opt.files} has been renamed to `${showOption to}'.";
+              */
        } // setAttrByPath to (mkAliasDefinitions (getAttrFromPath from options));
      };

--- a/lib/options.nix
+++ b/lib/options.nix
@@ -92,7 +92,7 @@ rec {
          internal = opt.internal or false;
          visible = opt.visible or true;
          readOnly = opt.readOnly or false;
-          type = opt.type.description or null;
+          type = opt.type.name or null;
        }
        // (if opt ? example then { example = scrubOptionValue opt.example; } else {})
        // (if opt ? default then { default = scrubOptionValue opt.default; } else {})
--- a/lib/platforms.nix
+++ b/lib/platforms.nix
@@ -15,10 +15,10 @@ rec {
  freebsd = ["i686-freebsd" "x86_64-freebsd"];
  gnu = linux; /* ++ hurd ++ kfreebsd ++ ... */
  illumos = ["x86_64-solaris"];
-  linux = ["i686-linux" "x86_64-linux" "armv5tel-linux" "armv6l-linux" "armv7l-linux" "aarch64-linux" "mips64el-linux"];
+  linux = ["i686-linux" "x86_64-linux" "armv5tel-linux" "armv6l-linux" "armv7l-linux" "mips64el-linux"];
  netbsd = ["i686-netbsd" "x86_64-netbsd"];
  openbsd = ["i686-openbsd" "x86_64-openbsd"];
  unix = linux ++ darwin ++ freebsd ++ openbsd ++ netbsd ++ illumos;

-  mesaPlatforms = ["i686-linux" "x86_64-linux" "x86_64-darwin" "armv5tel-linux" "armv6l-linux" "armv7l-linux" "aarch64-linux"];
+  mesaPlatforms = ["i686-linux" "x86_64-linux" "x86_64-darwin" "armv5tel-linux" "armv6l-linux" "armv7l-linux"];
 }
--- a/lib/sources.nix
+++ b/lib/sources.nix
@@ -4,34 +4,21 @@ let lib = import ./default.nix; in

 rec {

-  # Returns the type of a path: regular (for file), symlink, or directory
-  pathType = p: with builtins; getAttr (baseNameOf p) (readDir (dirOf p));
-
-  # Returns true if the path exists and is a directory, false otherwise
-  pathIsDirectory = p: if builtins.pathExists p then (pathType p) == "directory" else false;

  # Bring in a path as a source, filtering out all Subversion and CVS
  # directories, as well as backup files (*~).
-  cleanSourceFilter = name: type: let baseName = baseNameOf (toString name); in ! (
-    # Filter out Subversion and CVS directories.
-    (type == "directory" && (baseName == ".git" || baseName == ".svn" || baseName == "CVS" || baseName == ".hg")) ||
-    # Filter out backup files.
-    lib.hasSuffix "~" baseName ||
-    # Filter out generates files.
-    lib.hasSuffix ".o" baseName ||
-    lib.hasSuffix ".so" baseName ||
-    # Filter out nix-build result symlinks
-    (type == "symlink" && lib.hasPrefix "result" baseName)
-  );
+  cleanSource =
+    let filter = name: type: let baseName = baseNameOf (toString name); in ! (
+      # Filter out Subversion and CVS directories.
+      (type == "directory" && (baseName == ".git" || baseName == ".svn" || baseName == "CVS" || baseName == ".hg")) ||
+      # Filter out backup files.
+      lib.hasSuffix "~" baseName ||
+      # Filter out generates files.
+      lib.hasSuffix ".o" baseName ||
+      lib.hasSuffix ".so" baseName
+    );
+    in src: builtins.filterSource filter src;

-  cleanSource = builtins.filterSource cleanSourceFilter;
-
-  # Filter sources by a list of regular expressions.
-  #
-  # E.g. `src = sourceByRegex ./my-subproject [".*\.py$" "^database.sql$"]`
-  sourceByRegex = src: regexes: builtins.filterSource (path: type:
-    let relPath = lib.removePrefix (toString src + "/") (toString path);
-    in lib.any (re: builtins.match re relPath != null) regexes) src;

  # Get all files ending with the specified suffices from the given
  # directory or its descendants.  E.g. `sourceFilesBySuffices ./dir
@@ -42,32 +29,4 @@ rec {
      in type == "directory" || lib.any (ext: lib.hasSuffix ext base) exts;
    in builtins.filterSource filter path;

-
-  # Get the commit id of a git repo
-  # Example: commitIdFromGitRepo <nixpkgs/.git>
-  commitIdFromGitRepo =
-    let readCommitFromFile = path: file:
-      with builtins;
-        let fileName       = toString path + "/" + file;
-            packedRefsName = toString path + "/packed-refs";
-        in if lib.pathExists fileName
-           then
-             let fileContent = lib.fileContents fileName;
-                 # Sometimes git stores the commitId directly in the file but
-                 # sometimes it stores something like: «ref: refs/heads/branch-name»
-                 matchRef    = match "^ref: (.*)$" fileContent;
-             in if   isNull matchRef
-                then fileContent
-                else readCommitFromFile path (lib.head matchRef)
-           # Sometimes, the file isn't there at all and has been packed away in the
-           # packed-refs file, so we have to grep through it:
-           else if lib.pathExists packedRefsName
-           then
-             let fileContent = readFile packedRefsName;
-                 matchRef    = match (".*\n([^\n ]*) " + file + "\n.*") fileContent;
-             in if   isNull matchRef
-                then throw ("Could not find " + file + " in " + packedRefsName)
-                else lib.head matchRef
-           else throw ("Not a .git directory: " + path);
-    in lib.flip readCommitFromFile "HEAD";
 }
--- a/lib/strings-with-deps.nix
+++ b/lib/strings-with-deps.nix
@@ -15,7 +15,7 @@ Usage:
  Attention:

  let
-    pkgs = (import <nixpkgs>) {};
+    pkgs = (import /etc/nixos/nixpkgs/pkgs/top-level/all-packages.nix) {};
  in let
    inherit (pkgs.stringsWithDeps) fullDepEntry packEntry noDepEntry textClosureMap;
    inherit (pkgs.lib) id;
--- a/lib/strings.nix
+++ b/lib/strings.nix
@@ -10,216 +10,102 @@ rec {

  inherit (builtins) stringLength substring head tail isString replaceStrings;

-  /* Concatenate a list of strings.

-     Example:
-       concatStrings ["foo" "bar"]
-       => "foobar"
-  */
-  concatStrings = builtins.concatStringsSep "";
+  # Concatenate a list of strings.
+  concatStrings =
+    if builtins ? concatStringsSep then
+      builtins.concatStringsSep ""
+    else
+      lib.foldl' (x: y: x + y) "";

-  /* Map a function over a list and concatenate the resulting strings.

-     Example:
-       concatMapStrings (x: "a" + x) ["foo" "bar"]
-       => "afooabar"
-  */
+  # Map a function over a list and concatenate the resulting strings.
  concatMapStrings = f: list: concatStrings (map f list);
-
-  /* Like `concatMapStrings' except that the f functions also gets the
-     position as a parameter.
-
-     Example:
-       concatImapStrings (pos: x: "${toString pos}-${x}") ["foo" "bar"]
-       => "1-foo2-bar"
-  */
  concatImapStrings = f: list: concatStrings (lib.imap f list);

-  /* Place an element between each element of a list

-     Example:
-       intersperse "/" ["usr" "local" "bin"]
-       => ["usr" "/" "local" "/" "bin"].
-  */
+  # Place an element between each element of a list, e.g.,
+  # `intersperse "," ["a" "b" "c"]' returns ["a" "," "b" "," "c"].
  intersperse = separator: list:
    if list == [] || length list == 1
    then list
    else tail (lib.concatMap (x: [separator x]) list);

-  /* Concatenate a list of strings with a separator between each element

-     Example:
-        concatStringsSep "/" ["usr" "local" "bin"]
-        => "usr/local/bin"
-  */
+  # Concatenate a list of strings with a separator between each element, e.g.
+  # concatStringsSep " " ["foo" "bar" "xyzzy"] == "foo bar xyzzy"
  concatStringsSep = builtins.concatStringsSep or (separator: list:
    concatStrings (intersperse separator list));

-  /* First maps over the list and then concatenates it.
-
-     Example:
-        concatMapStringsSep "-" (x: toUpper x)  ["foo" "bar" "baz"]
-        => "FOO-BAR-BAZ"
-  */
  concatMapStringsSep = sep: f: list: concatStringsSep sep (map f list);
-
-  /* First imaps over the list and then concatenates it.
-
-     Example:
-
-       concatImapStringsSep "-" (pos: x: toString (x / pos)) [ 6 6 6 ]
-       => "6-3-2"
-  */
  concatImapStringsSep = sep: f: list: concatStringsSep sep (lib.imap f list);

-  /* Construct a Unix-style search path consisting of each `subDir"
-     directory of the given list of packages.

-     Example:
-       makeSearchPath "bin" ["/root" "/usr" "/usr/local"]
-       => "/root/bin:/usr/bin:/usr/local/bin"
-       makeSearchPath "bin" ["/"]
-       => "//bin"
-  */
+  # Construct a Unix-style search path consisting of each `subDir"
+  # directory of the given list of packages.  For example,
+  # `makeSearchPath "bin" ["x" "y" "z"]' returns "x/bin:y/bin:z/bin".
  makeSearchPath = subDir: packages:
    concatStringsSep ":" (map (path: path + "/" + subDir) packages);

-  /* Construct a Unix-style search path, using given package output.
-     If no output is found, fallback to `.out` and then to the default.

-     Example:
-       makeSearchPathOutput "dev" "bin" [ pkgs.openssl pkgs.zlib ]
-       => "/nix/store/9rz8gxhzf8sw4kf2j2f1grr49w8zx5vj-openssl-1.0.1r-dev/bin:/nix/store/wwh7mhwh269sfjkm6k5665b5kgp7jrk2-zlib-1.2.8/bin"
-  */
-  makeSearchPathOutput = output: subDir: pkgs: makeSearchPath subDir (map (lib.getOutput output) pkgs);
+  # Construct a library search path (such as RPATH) containing the
+  # libraries for a set of packages, e.g. "${pkg1}/lib:${pkg2}/lib:...".
+  makeLibraryPath = makeSearchPath "lib";

-  /* Construct a library search path (such as RPATH) containing the
-     libraries for a set of packages
-
-     Example:
-       makeLibraryPath [ "/usr" "/usr/local" ]
-       => "/usr/lib:/usr/local/lib"
-       pkgs = import <nixpkgs> { }
-       makeLibraryPath [ pkgs.openssl pkgs.zlib ]
-       => "/nix/store/9rz8gxhzf8sw4kf2j2f1grr49w8zx5vj-openssl-1.0.1r/lib:/nix/store/wwh7mhwh269sfjkm6k5665b5kgp7jrk2-zlib-1.2.8/lib"
-  */
-  makeLibraryPath = makeSearchPathOutput "lib" "lib";
-
-  /* Construct a binary search path (such as $PATH) containing the
-     binaries for a set of packages.
-
-     Example:
-       makeBinPath ["/root" "/usr" "/usr/local"]
-       => "/root/bin:/usr/bin:/usr/local/bin"
-  */
-  makeBinPath = makeSearchPathOutput "bin" "bin";
+  # Construct a binary search path (such as $PATH) containing the
+  # binaries for a set of packages, e.g. "${pkg1}/bin:${pkg2}/bin:...".
+  makeBinPath = makeSearchPath "bin";


-  /* Construct a perl search path (such as $PERL5LIB)
+  # Idem for Perl search paths.
+  makePerlPath = makeSearchPath "lib/perl5/site_perl";

-     FIXME(zimbatm): this should be moved in perl-specific code

-     Example:
-       pkgs = import <nixpkgs> { }
-       makePerlPath [ pkgs.perlPackages.NetSMTP ]
-       => "/nix/store/n0m1fk9c960d8wlrs62sncnadygqqc6y-perl-Net-SMTP-1.25/lib/perl5/site_perl"
-  */
-  makePerlPath = makeSearchPathOutput "lib" "lib/perl5/site_perl";
-
-  /* Dependening on the boolean `cond', return either the given string
-     or the empty string. Useful to contatenate against a bigger string.
-
-     Example:
-       optionalString true "some-string"
-       => "some-string"
-       optionalString false "some-string"
-       => ""
-  */
+  # Dependening on the boolean `cond', return either the given string
+  # or the empty string.
  optionalString = cond: string: if cond then string else "";

-  /* Determine whether a string has given prefix.

-     Example:
-       hasPrefix "foo" "foobar"
-       => true
-       hasPrefix "foo" "barfoo"
-       => false
-  */
+  # Determine whether a string has given prefix/suffix.
  hasPrefix = pref: str:
    substring 0 (stringLength pref) str == pref;
-
-  /* Determine whether a string has given suffix.
-
-     Example:
-       hasSuffix "foo" "foobar"
-       => false
-       hasSuffix "foo" "barfoo"
-       => true
-  */
-  hasSuffix = suffix: content:
+  hasSuffix = suff: str:
    let
-      lenContent = stringLength content;
-      lenSuffix = stringLength suffix;
-    in lenContent >= lenSuffix &&
-       substring (lenContent - lenSuffix) lenContent content == suffix;
+      lenStr = stringLength str;
+      lenSuff = stringLength suff;
+    in lenStr >= lenSuff &&
+       substring (lenStr - lenSuff) lenStr str == suff;

-  /* Convert a string to a list of characters (i.e. singleton strings).
-     This allows you to, e.g., map a function over each character.  However,
-     note that this will likely be horribly inefficient; Nix is not a
-     general purpose programming language. Complex string manipulations
-     should, if appropriate, be done in a derivation.
-     Also note that Nix treats strings as a list of bytes and thus doesn't
-     handle unicode.

-     Example:
-       stringToCharacters ""
-       => [ ]
-       stringToCharacters "abc"
-       => [ "a" "b" "c" ]
-       stringToCharacters "💩"
-       => [ "<EFBFBD>" "<EFBFBD>" "<EFBFBD>" "<EFBFBD>" ]
-  */
+  # Convert a string to a list of characters (i.e. singleton strings).
+  # For instance, "abc" becomes ["a" "b" "c"].  This allows you to,
+  # e.g., map a function over each character.  However, note that this
+  # will likely be horribly inefficient; Nix is not a general purpose
+  # programming language.  Complex string manipulations should, if
+  # appropriate, be done in a derivation.
  stringToCharacters = s:
    map (p: substring p 1 s) (lib.range 0 (stringLength s - 1));

-  /* Manipulate a string character by character and replace them by
-     strings before concatenating the results.

-     Example:
-       stringAsChars (x: if x == "a" then "i" else x) "nax"
-       => "nix"
-  */
+  # Manipulate a string charactter by character and replace them by
+  # strings before concatenating the results.
  stringAsChars = f: s:
    concatStrings (
      map f (stringToCharacters s)
    );

-  /* Escape occurrence of the elements of ‘list’ in ‘string’ by
-     prefixing it with a backslash.

-     Example:
-       escape ["(" ")"] "(foo)"
-       => "\\(foo\\)"
-  */
+  # Escape occurrence of the elements of ‘list’ in ‘string’ by
+  # prefixing it with a backslash. For example, ‘escape ["(" ")"]
+  # "(foo)"’ returns the string ‘\(foo\)’.
  escape = list: replaceChars list (map (c: "\\${c}") list);

-  /* Quote string to be used safely within the Bourne shell.

-     Example:
-       escapeShellArg "esc'ape\nme"
-       => "'esc'\\''ape\nme'"
-  */
-  escapeShellArg = arg: "'${replaceStrings ["'"] ["'\\''"] (toString arg)}'";
+  # Escape all characters that have special meaning in the Bourne shell.
+  escapeShellArg = lib.escape (stringToCharacters "\\ ';$`()|<>\t*[]");

-  /* Quote all arguments to be safely passed to the Bourne shell.

-     Example:
-       escapeShellArgs ["one" "two three" "four'five"]
-       => "'one' 'two three' 'four'\\''five'"
-  */
-  escapeShellArgs = concatMapStringsSep " " escapeShellArg;
-
-  /* Obsolete - use replaceStrings instead. */
+  # Obsolete - use replaceStrings instead.
  replaceChars = builtins.replaceStrings or (
    del: new: s:
    let
@@ -233,52 +119,21 @@ rec {
    in
      stringAsChars subst s);

+
  # Case conversion utilities.
  lowerChars = stringToCharacters "abcdefghijklmnopqrstuvwxyz";
  upperChars = stringToCharacters "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
-
-  /* Converts an ASCII string to lower-case.
-
-     Example:
-       toLower "HOME"
-       => "home"
-  */
  toLower = replaceChars upperChars lowerChars;
-
-  /* Converts an ASCII string to upper-case.
-
-     Example:
-       toUpper "home"
-       => "HOME"
-  */
  toUpper = replaceChars lowerChars upperChars;

-  /* Appends string context from another string.  This is an implementation
-     detail of Nix.

-     Strings in Nix carry an invisible `context' which is a list of strings
-     representing store paths.  If the string is later used in a derivation
-     attribute, the derivation will properly populate the inputDrvs and
-     inputSrcs.
-
-     Example:
-       pkgs = import <nixpkgs> { };
-       addContextFrom pkgs.coreutils "bar"
-       => "bar"
-  */
+  # Appends string context from another string.
  addContextFrom = a: b: substring 0 0 a + b;

-  /* Cut a string with a separator and produces a list of strings which
-     were separated by this separator.

-     NOTE: this function is not performant and should never be used.
-
-     Example:
-       splitString "." "foo.bar.baz"
-       => [ "foo" "bar" "baz" ]
-       splitString "/" "/usr/local/bin"
-       => [ "" "usr" "local" "bin" ]
-  */
+  # Cut a string with a separator and produces a list of strings which
+  # were separated by this separator; e.g., `splitString "."
+  # "foo.bar.baz"' returns ["foo" "bar" "baz"].
  splitString = _sep: _s:
    let
      sep = addContextFrom _s _sep;
@@ -302,15 +157,10 @@ rec {
    in
      recurse 0 0;

-  /* Return the suffix of the second argument if the first argument matches
-     its prefix.

-     Example:
-       removePrefix "foo." "foo.bar.baz"
-       => "bar.baz"
-       removePrefix "xxx" "foo.bar.baz"
-       => "foo.bar.baz"
-  */
+  # return the suffix of the second argument if the first argument match its
+  # prefix. e.g.,
+  # `removePrefix "foo." "foo.bar.baz"' returns "bar.baz".
  removePrefix = pre: s:
    let
      preLen = stringLength pre;
@@ -321,15 +171,6 @@ rec {
      else
        s;

-  /* Return the prefix of the second argument if the first argument matches
-     its suffix.
-
-     Example:
-       removeSuffix "front" "homefront"
-       => "home"
-       removeSuffix "xxx" "homefront"
-       => "homefront"
-  */
  removeSuffix = suf: s:
    let
      sufLen = stringLength suf;
@@ -340,54 +181,25 @@ rec {
      else
        s;

-  /* Return true iff string v1 denotes a version older than v2.
-
-     Example:
-       versionOlder "1.1" "1.2"
-       => true
-       versionOlder "1.1" "1.1"
-       => false
-  */
+  # Return true iff string v1 denotes a version older than v2.
  versionOlder = v1: v2: builtins.compareVersions v2 v1 == 1;

-  /* Return true iff string v1 denotes a version equal to or newer than v2.

-     Example:
-       versionAtLeast "1.1" "1.0"
-       => true
-       versionAtLeast "1.1" "1.1"
-       => true
-       versionAtLeast "1.1" "1.2"
-       => false
-  */
+  # Return true iff string v1 denotes a version equal to or newer than v2.
  versionAtLeast = v1: v2: !versionOlder v1 v2;

-  /* This function takes an argument that's either a derivation or a
-     derivation's "name" attribute and extracts the version part from that
-     argument.

-     Example:
-       getVersion "youtube-dl-2016.01.01"
-       => "2016.01.01"
-       getVersion pkgs.youtube-dl
-       => "2016.01.01"
-  */
-  getVersion = x:
-   let
-     parse = drv: (builtins.parseDrvName drv).version;
-   in if isString x
-      then parse x
-      else x.version or (parse x.name);
+  # This function takes an argument that's either a derivation or a
+  # derivation's "name" attribute and extracts the version part from that
+  # argument. For example:
+  #
+  #    lib.getVersion "youtube-dl-2016.01.01" ==> "2016.01.01"
+  #    lib.getVersion pkgs.youtube-dl         ==> "2016.01.01"
+  getVersion = x: (builtins.parseDrvName (x.name or x)).version;

-  /* Extract name with version from URL. Ask for separator which is
-     supposed to start extension.

-     Example:
-       nameFromURL "https://nixos.org/releases/nix/nix-1.7/nix-1.7-x86_64-linux.tar.bz2" "-"
-       => "nix"
-       nameFromURL "https://nixos.org/releases/nix/nix-1.7/nix-1.7-x86_64-linux.tar.bz2" "_"
-       => "nix-1.7-x86"
-  */
+  # Extract name with version from URL. Ask for separator which is
+  # supposed to start extension.
  nameFromURL = url: sep:
    let
      components = splitString "/" url;
@@ -395,24 +207,14 @@ rec {
      name = builtins.head (splitString sep filename);
    in assert name !=  filename; name;

-  /* Create an --{enable,disable}-<feat> string that can be passed to
-     standard GNU Autoconf scripts.

-     Example:
-       enableFeature true "shared"
-       => "--enable-shared"
-       enableFeature false "shared"
-       => "--disable-shared"
-  */
+  # Create an --{enable,disable}-<feat> string that can be passed to
+  # standard GNU Autoconf scripts.
  enableFeature = enable: feat: "--${if enable then "enable" else "disable"}-${feat}";

-  /* Create a fixed width string with additional prefix to match
-     required width.

-     Example:
-       fixedWidthString 5 "0" (toString 15)
-       => "00015"
-  */
+  # Create a fixed width string with additional prefix to match
+  # required width.
  fixedWidthString = width: filler: str:
    let
      strw = lib.stringLength str;
@@ -421,58 +223,25 @@ rec {
      assert strw <= width;
      if strw == width then str else filler + fixedWidthString reqWidth filler str;

-  /* Format a number adding leading zeroes up to fixed width.

-     Example:
-       fixedWidthNumber 5 15
-       => "00015"
-  */
+  # Format a number adding leading zeroes up to fixed width.
  fixedWidthNumber = width: n: fixedWidthString width "0" (toString n);

-  /* Check whether a value is a store path.

-     Example:
-       isStorePath "/nix/store/d945ibfx9x185xf04b890y4f9g3cbb63-python-2.7.11/bin/python"
-       => false
-       isStorePath "/nix/store/d945ibfx9x185xf04b890y4f9g3cbb63-python-2.7.11/"
-       => true
-       isStorePath pkgs.python
-       => true
-  */
+  # Check whether a value is a store path.
  isStorePath = x: builtins.substring 0 1 (toString x) == "/" && dirOf (builtins.toPath x) == builtins.storeDir;

-  /* Convert string to int
-     Obviously, it is a bit hacky to use fromJSON that way.
-
-     Example:
-       toInt "1337"
-       => 1337
-       toInt "-4"
-       => -4
-       toInt "3.14"
-       => error: floating point JSON numbers are not supported
-  */
+  # Convert string to int
+  # Obviously, it is a bit hacky to use fromJSON that way.
  toInt = str:
    let may_be_int = builtins.fromJSON str; in
    if builtins.isInt may_be_int
    then may_be_int
    else throw "Could not convert ${str} to int.";

-  /* Read a list of paths from `file', relative to the `rootPath'. Lines
-     beginning with `#' are treated as comments and ignored. Whitespace
-     is significant.
-
-     NOTE: this function is not performant and should be avoided
-
-     Example:
-       readPathsFromFile /prefix
-         ./pkgs/development/libraries/qt-5/5.4/qtbase/series
-       => [ "/prefix/dlopen-resolv.patch" "/prefix/tzdir.patch"
-            "/prefix/dlopen-libXcursor.patch" "/prefix/dlopen-openssl.patch"
-            "/prefix/dlopen-dbus.patch" "/prefix/xdg-config-dirs.patch"
-            "/prefix/nix-profiles-library-paths.patch"
-            "/prefix/compose-search-path.patch" ]
-  */
+  # Read a list of paths from `file', relative to the `rootPath'. Lines
+  # beginning with `#' are treated as comments and ignored. Whitespace
+  # is significant.
  readPathsFromFile = rootPath: file:
    let
      root = toString rootPath;
@@ -485,13 +254,4 @@ rec {
    in
      absolutePaths;

-  /* Read the contents of a file removing the trailing \n
-
-     Example:
-       $ echo "1.0" > ./version
-
-       fileContents ./version
-       => "1.0"
-  */
-  fileContents = file: removeSuffix "\n" (builtins.readFile file);
 }
--- a/lib/tests.nix
+++ b/lib/tests.nix
@@ -130,94 +130,4 @@ runTests {
    expected = false;
  };

-
-  /* Generator tests */
-  # these tests assume attributes are converted to lists
-  # in alphabetical order
-
-  testMkKeyValueDefault = {
-    expr = generators.mkKeyValueDefault ":" "f:oo" "bar";
-    expected = ''f\:oo:bar'';
-  };
-
-  testToKeyValue = {
-    expr = generators.toKeyValue {} {
-      key = "value";
-      "other=key" = "baz";
-    };
-    expected = ''
-      key=value
-      other\=key=baz
-    '';
-  };
-
-  testToINIEmpty = {
-    expr = generators.toINI {} {};
-    expected = "";
-  };
-
-  testToINIEmptySection = {
-    expr = generators.toINI {} { foo = {}; bar = {}; };
-    expected = ''
-      [bar]
-
-      [foo]
-    '';
-  };
-
-  testToINIDefaultEscapes = {
-    expr = generators.toINI {} {
-      "no [ and ] allowed unescaped" = {
-        "and also no = in keys" = 42;
-      };
-    };
-    expected = ''
-      [no \[ and \] allowed unescaped]
-      and also no \= in keys=42
-    '';
-  };
-
-  testToINIDefaultFull = {
-    expr = generators.toINI {} {
-      "section 1" = {
-        attribute1 = 5;
-        x = "Me-se JarJar Binx";
-      };
-      "foo[]" = {
-        "he\\h=he" = "this is okay";
-      };
-    };
-    expected = ''
-      [foo\[\]]
-      he\h\=he=this is okay
-
-      [section 1]
-      attribute1=5
-      x=Me-se JarJar Binx
-    '';
-  };
-
-  /* right now only invocation check */
-  testToJSONSimple =
-    let val = {
-      foobar = [ "baz" 1 2 3 ];
-    };
-    in {
-      expr = generators.toJSON {} val;
-      # trival implementation
-      expected = builtins.toJSON val;
-  };
-
-  /* right now only invocation check */
-  testToYAMLSimple =
-    let val = {
-      list = [ { one = 1; } { two = 2; } ];
-      all = 42;
-    };
-    in {
-      expr = generators.toYAML {} val;
-      # trival implementation
-      expected = builtins.toJSON val;
-  };
-
 }
--- a/lib/tests/modules.sh
+++ b/lib/tests/modules.sh
@@ -115,11 +115,6 @@ set -- config.enable ./declare-enable.nix ./define-enable.nix ./define-loaOfSub-
 checkConfigError 'The option .* defined in .* does not exist.' "$@"
 checkConfigOutput "true" "$@" ./define-module-check.nix

-# Check coerced value.
-checkConfigOutput "\"42\"" config.value ./declare-coerced-value.nix
-checkConfigOutput "\"24\"" config.value ./declare-coerced-value.nix ./define-value-string.nix
-checkConfigError 'The option value .* in .* is not a string or integer.' config.value ./declare-coerced-value.nix ./define-value-list.nix
-
 cat <<EOF
 ====== module tests ======
 $pass Pass
--- a/lib/tests/modules/declare-coerced-value.nix
+++ b/lib/tests/modules/declare-coerced-value.nix
@@ -1,10 +0,0 @@
-{ lib, ... }:
-
-{
-  options = {
-    value = lib.mkOption {
-      default = 42;
-      type = lib.types.coercedTo lib.types.int builtins.toString lib.types.str;
-    };
-  };
-}
--- a/lib/tests/modules/define-value-list.nix
+++ b/lib/tests/modules/define-value-list.nix
@@ -1,3 +0,0 @@
-{
-  value = [];
-}
--- a/lib/tests/modules/define-value-string.nix
+++ b/lib/tests/modules/define-value-string.nix
@@ -1,3 +0,0 @@
-{
-  value = "24";
-}
--- a/lib/tests/release.nix
+++ b/lib/tests/release.nix
@@ -1,6 +1,6 @@
 { nixpkgs }:

-with import ../.. { };
+with import ./../.. { };
 with lib;

 stdenv.mkDerivation {
--- a/lib/trivial.nix
+++ b/lib/trivial.nix
@@ -53,40 +53,6 @@ rec {
  # argument, but it's nice this way if several uses of `extends` are cascaded.
  extends = f: rattrs: self: let super = rattrs self; in super // f self super;

-  # Compose two extending functions of the type expected by 'extends'
-  # into one where changes made in the first are available in the
-  # 'super' of the second
-  composeExtensions =
-    f: g: self: super:
-      let fApplied = f self super;
-          super' = super // fApplied;
-      in fApplied // g self super';
-
-  # Create an overridable, recursive attribute set. For example:
-  #
-  #     nix-repl> obj = makeExtensible (self: { })
-  #
-  #     nix-repl> obj
-  #     { __unfix__ = «lambda»; extend = «lambda»; }
-  #
-  #     nix-repl> obj = obj.extend (self: super: { foo = "foo"; })
-  #
-  #     nix-repl> obj
-  #     { __unfix__ = «lambda»; extend = «lambda»; foo = "foo"; }
-  #
-  #     nix-repl> obj = obj.extend (self: super: { foo = super.foo + " + "; bar = "bar"; foobar = self.foo + self.bar; })
-  #
-  #     nix-repl> obj
-  #     { __unfix__ = «lambda»; bar = "bar"; extend = «lambda»; foo = "foo + "; foobar = "foo + bar"; }
-  makeExtensible = makeExtensibleWithCustomName "extend";
-
-  # Same as `makeExtensible` but the name of the extending attribute is
-  # customized.
-  makeExtensibleWithCustomName = extenderName: rattrs:
-    fix' rattrs // {
-      ${extenderName} = f: makeExtensibleWithCustomName extenderName (extends f rattrs);
-   };
-
  # Flip the order of the arguments of a binary function.
  flip = f: a: b: f b a;

@@ -96,37 +62,17 @@ rec {
    isInt add sub lessThan
    seq deepSeq genericClosure;

-  inherit (import ./strings.nix) fileContents;
-
  # Return the Nixpkgs version number.
  nixpkgsVersion =
    let suffixFile = ../.version-suffix; in
-    fileContents ../.version
-    + (if pathExists suffixFile then fileContents suffixFile else "pre-git");
+    readFile ../.version
+    + (if pathExists suffixFile then readFile suffixFile else "pre-git");

  # Whether we're being called by nix-shell.
-  inNixShell = builtins.getEnv "IN_NIX_SHELL" != "";
+  inNixShell = builtins.getEnv "IN_NIX_SHELL" == "1";

  # Return minimum/maximum of two numbers.
  min = x: y: if x < y then x else y;
  max = x: y: if x > y then x else y;

-  /* Reads a JSON file. */
-  importJSON = path:
-    builtins.fromJSON (builtins.readFile path);
-
-  /* See https://github.com/NixOS/nix/issues/749. Eventually we'd like these
-     to expand to Nix builtins that carry metadata so that Nix can filter out
-     the INFO messages without parsing the message string.
-
-     Usage:
-     {
-       foo = lib.warn "foo is deprecated" oldFoo;
-     }
-
-     TODO: figure out a clever way to integrate location information from
-     something like __unsafeGetAttrPos.
-  */
-  warn = msg: builtins.trace "WARNING: ${msg}";
-  info = msg: builtins.trace "INFO: ${msg}";
 }
--- a/lib/types.nix
+++ b/lib/types.nix
@@ -17,43 +17,10 @@ rec {
  };


-  # Default type merging function
-  # takes two type functors and return the merged type
-  defaultTypeMerge = f: f':
-    let wrapped = f.wrapped.typeMerge f'.wrapped.functor;
-        payload = f.binOp f.payload f'.payload;
-    in
-    # cannot merge different types
-    if f.name != f'.name
-       then null
-    # simple types
-    else if    (f.wrapped == null && f'.wrapped == null)
-            && (f.payload == null && f'.payload == null)
-       then f.type
-    # composed types
-    else if (f.wrapped != null && f'.wrapped != null) && (wrapped != null)
-       then f.type wrapped
-    # value types
-    else if (f.payload != null && f'.payload != null) && (payload != null)
-       then f.type payload
-    else null;
-
-  # Default type functor
-  defaultFunctor = name: {
-    inherit name;
-    type    = types."${name}" or null;
-    wrapped = null;
-    payload = null;
-    binOp   = a: b: null;
-  };
-
  isOptionType = isType "option-type";
  mkOptionType =
-    { # Human-readable representation of the type, should be equivalent to
-      # the type function name.
+    { # Human-readable representation of the type.
      name
-    , # Description of the type, defined recursively by embedding the the wrapped type if any.
-      description ? null
    , # Function applied to each definition that should return true if
      # its type-correct, false otherwise.
      check ? (x: true)
@@ -69,26 +36,12 @@ rec {
      getSubOptions ? prefix: {}
    , # List of modules if any, or null if none.
      getSubModules ? null
-    , # Function for building the same option type with a different list of
+    , # Function for building the same option type  with a different list of
      # modules.
      substSubModules ? m: null
-    , # Function that merge type declarations.
-      # internal, takes a functor as argument and returns the merged type.
-      # returning null means the type is not mergeable
-      typeMerge ? defaultTypeMerge functor
-    , # The type functor.
-      # internal, representation of the type as an attribute set.
-      #   name: name of the type
-      #   type: type function.
-      #   wrapped: the type wrapped in case of compound types.
-      #   payload: values of the type, two payloads of the same type must be 
-      #            combinable with the binOp binary operation.
-      #   binOp: binary operation that merge two payloads of the same type.
-      functor ? defaultFunctor name
    }:
    { _type = "option-type";
-      inherit name check merge getSubOptions getSubModules substSubModules typeMerge functor;
-      description = if description == null then name else description;
+      inherit name check merge getSubOptions getSubModules substSubModules;
    };


@@ -99,39 +52,29 @@ rec {
    };

    bool = mkOptionType {
-      name = "bool";
-      description = "boolean";
+      name = "boolean";
      check = isBool;
      merge = mergeEqualOption;
    };

-    int = mkOptionType rec {
-      name = "int";
-      description = "integer";
+    int = mkOptionType {
+      name = "integer";
      check = isInt;
      merge = mergeOneOption;
    };

    str = mkOptionType {
-      name = "str";
-      description = "string";
+      name = "string";
      check = isString;
      merge = mergeOneOption;
    };

    # Merge multiple definitions by concatenating them (with the given
    # separator between the values).
-    separatedString = sep: mkOptionType rec {
-      name = "separatedString";
-      description = "string";
+    separatedString = sep: mkOptionType {
+      name = "string";
      check = isString;
      merge = loc: defs: concatStringsSep sep (getValues defs);
-      functor = (defaultFunctor name) // {
-        payload = sep;
-        binOp = sepLhs: sepRhs:
-          if sepLhs == sepRhs then sepLhs
-          else null;
-      };
    };

    lines = separatedString "\n";
@@ -143,8 +86,7 @@ rec {
    string = separatedString "";

    attrs = mkOptionType {
-      name = "attrs";
-      description = "attribute set";
+      name = "attribute set";
      check = isAttrs;
      merge = loc: foldl' (res: def: mergeAttrs res def.value) {};
    };
@@ -158,10 +100,6 @@ rec {
        in if isDerivation res then res else toDerivation res;
    };

-    shellPackage = package // {
-      check = x: (package.check x) && (hasAttr "shellPath" x);
-    };
-
    path = mkOptionType {
      name = "path";
      # Hacky: there is no ‘isPath’ primop.
@@ -172,31 +110,24 @@ rec {
    # drop this in the future:
    list = builtins.trace "`types.list' is deprecated; use `types.listOf' instead" types.listOf;

-    listOf = elemType: mkOptionType rec {
-      name = "listOf";
-      description = "list of ${elemType.description}s";
+    listOf = elemType: mkOptionType {
+      name = "list of ${elemType.name}s";
      check = isList;
      merge = loc: defs:
-        map (x: x.value) (filter (x: x ? value) (concatLists (imap (n: def:
-          if isList def.value then
-            imap (m: def':
-              (mergeDefinitions
-                (loc ++ ["[definition ${toString n}-entry ${toString m}]"])
-                elemType
-                [{ inherit (def) file; value = def'; }]
-              ).optionalValue
-            ) def.value
-          else
-            throw "The option value `${showOption loc}' in `${def.file}' is not a list.") defs)));
+        map (x: x.value) (filter (x: x ? value) (concatLists (imap (n: def: imap (m: def':
+            (mergeDefinitions
+              (loc ++ ["[definition ${toString n}-entry ${toString m}]"])
+              elemType
+              [{ inherit (def) file; value = def'; }]
+            ).optionalValue
+          ) def.value) defs)));
      getSubOptions = prefix: elemType.getSubOptions (prefix ++ ["*"]);
      getSubModules = elemType.getSubModules;
      substSubModules = m: listOf (elemType.substSubModules m);
-      functor = (defaultFunctor name) // { wrapped = elemType; };
    };

-    attrsOf = elemType: mkOptionType rec {
-      name = "attrsOf";
-      description = "attribute set of ${elemType.description}s";
+    attrsOf = elemType: mkOptionType {
+      name = "attribute set of ${elemType.name}s";
      check = isAttrs;
      merge = loc: defs:
        mapAttrs (n: v: v.value) (filterAttrs (n: v: v ? value) (zipAttrsWith (name: defs:
@@ -208,7 +139,6 @@ rec {
      getSubOptions = prefix: elemType.getSubOptions (prefix ++ ["<name>"]);
      getSubModules = elemType.getSubModules;
      substSubModules = m: attrsOf (elemType.substSubModules m);
-      functor = (defaultFunctor name) // { wrapped = elemType; };
    };

    # List or attribute set of ...
@@ -227,21 +157,18 @@ rec {
            def;
        listOnly = listOf elemType;
        attrOnly = attrsOf elemType;
-      in mkOptionType rec {
-        name = "loaOf";
-        description = "list or attribute set of ${elemType.description}s";
+      in mkOptionType {
+        name = "list or attribute set of ${elemType.name}s";
        check = x: isList x || isAttrs x;
        merge = loc: defs: attrOnly.merge loc (imap convertIfList defs);
        getSubOptions = prefix: elemType.getSubOptions (prefix ++ ["<name?>"]);
        getSubModules = elemType.getSubModules;
        substSubModules = m: loaOf (elemType.substSubModules m);
-        functor = (defaultFunctor name) // { wrapped = elemType; };
      };

    # List or element of ...
-    loeOf = elemType: mkOptionType rec {
-      name = "loeOf";
-      description = "element or list of ${elemType.description}s";
+    loeOf = elemType: mkOptionType {
+      name = "element or list of ${elemType.name}s";
      check = x: isList x || elemType.check x;
      merge = loc: defs:
        let
@@ -254,22 +181,18 @@ rec {
        else if !isString res then
          throw "The option `${showOption loc}' does not have a string value, in ${showFiles (getFiles defs)}."
        else res;
-      functor = (defaultFunctor name) // { wrapped = elemType; };
    };

-    uniq = elemType: mkOptionType rec {
-      name = "uniq";
-      inherit (elemType) description check;
+    uniq = elemType: mkOptionType {
+      inherit (elemType) name check;
      merge = mergeOneOption;
      getSubOptions = elemType.getSubOptions;
      getSubModules = elemType.getSubModules;
      substSubModules = m: uniq (elemType.substSubModules m);
-      functor = (defaultFunctor name) // { wrapped = elemType; };
    };

-    nullOr = elemType: mkOptionType rec {
-      name = "nullOr";
-      description = "null or ${elemType.description}";
+    nullOr = elemType: mkOptionType {
+      name = "null or ${elemType.name}";
      check = x: x == null || elemType.check x;
      merge = loc: defs:
        let nrNulls = count (def: def.value == null) defs; in
@@ -280,7 +203,6 @@ rec {
      getSubOptions = elemType.getSubOptions;
      getSubModules = elemType.getSubModules;
      substSubModules = m: nullOr (elemType.substSubModules m);
-      functor = (defaultFunctor name) // { wrapped = elemType; };
    };

    submodule = opts:
@@ -306,12 +228,6 @@ rec {
            args = { name = ""; }; }).options;
        getSubModules = opts';
        substSubModules = m: submodule m;
-        functor = (defaultFunctor name) // {
-          # Merging of submodules is done as part of mergeOptionDecls, as we have to annotate
-          # each submodule with its location.
-          payload = [];
-          binOp = lhs: rhs: [];
-        };
      };

    enum = values:
@@ -321,65 +237,23 @@ rec {
          else if builtins.isInt v then builtins.toString v
          else ''<${builtins.typeOf v}>'';
      in
-      mkOptionType rec {
-        name = "enum";
-        description = "one of ${concatMapStringsSep ", " show values}";
+      mkOptionType {
+        name = "one of ${concatMapStringsSep ", " show values}";
        check = flip elem values;
        merge = mergeOneOption;
-        functor = (defaultFunctor name) // { payload = values; binOp = a: b: unique (a ++ b); };
      };

-    either = t1: t2: mkOptionType rec {
-      name = "either";
-      description = "${t1.description} or ${t2.description}";
+    either = t1: t2: mkOptionType {
+      name = "${t1.name} or ${t2.name}";
      check = x: t1.check x || t2.check x;
-      merge = loc: defs:
-        let
-          defList = map (d: d.value) defs;
-        in
-          if   all (x: t1.check x) defList
-               then t1.merge loc defs
-          else if all (x: t2.check x) defList
-               then t2.merge loc defs
-          else mergeOneOption loc defs;
-      typeMerge = f':
-        let mt1 = t1.typeMerge (elemAt f'.wrapped 0).functor;
-            mt2 = t2.typeMerge (elemAt f'.wrapped 1).functor;
-        in
-           if (name == f'.name) && (mt1 != null) && (mt2 != null)
-           then functor.type mt1 mt2
-           else null;
-      functor = (defaultFunctor name) // { wrapped = [ t1 t2 ]; };
+      merge = mergeOneOption;
    };

-    coercedTo = coercedType: coerceFunc: finalType:
-      assert coercedType.getSubModules == null;
-      mkOptionType rec {
-        name = "coercedTo";
-        description = "${finalType.description} or ${coercedType.description}";
-        check = x: finalType.check x || coercedType.check x;
-        merge = loc: defs:
-          let
-            coerceVal = val:
-              if finalType.check val then val
-              else let
-                coerced = coerceFunc val;
-              in assert finalType.check coerced; coerced;
-
-          in finalType.merge loc (map (def: def // { value = coerceVal def.value; }) defs);
-        getSubOptions = finalType.getSubOptions;
-        getSubModules = finalType.getSubModules;
-        substSubModules = m: coercedTo coercedType coerceFunc (finalType.substSubModules m);
-        typeMerge = t1: t2: null;
-        functor = (defaultFunctor name) // { wrapped = finalType; };
-      };
-
    # Obsolete alternative to configOf.  It takes its option
    # declarations from the ‘options’ attribute of containing option
    # declaration.
    optionSet = mkOptionType {
-      name = builtins.trace "types.optionSet is deprecated; use types.submodule instead" "optionSet";
-      description = "option set";
+      name = /* builtins.trace "types.optionSet is deprecated; use types.submodule instead" */ "option set";
    };

    # Augment the given type with an additional type check function.
--- a/maintainers/scripts/copy-tarballs.pl
+++ b/maintainers/scripts/copy-tarballs.pl
@@ -5,7 +5,7 @@
 # content-addressed cache used by fetchurl as a fallback for when
 # upstream tarballs disappear or change. Usage:
 #
-# 1) To upload one or more files:
+# 1) To upload a single file:
 #
 #    $ copy-tarballs.pl --file /path/to/tarball.tar.gz
 #
@@ -22,38 +22,9 @@ use JSON;
 use Net::Amazon::S3;
 use Nix::Store;

-isValidPath("/nix/store/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-foo"); # FIXME: forces Nix::Store initialisation
-
-sub usage {
-    die "Syntax: $0 [--dry-run] [--exclude REGEXP] [--expr EXPR | --file FILES...]\n";
-}
-
-my $dryRun = 0;
-my $expr;
-my @fileNames;
-my $exclude;
-
-while (@ARGV) {
-    my $flag = shift @ARGV;
-
-    if ($flag eq "--expr") {
-        $expr = shift @ARGV or die "--expr requires an argument";
-    } elsif ($flag eq "--file") {
-        @fileNames = @ARGV;
-        last;
-    } elsif ($flag eq "--dry-run") {
-        $dryRun = 1;
-    } elsif ($flag eq "--exclude") {
-        $exclude = shift @ARGV or die "--exclude requires an argument";
-    } else {
-        usage();
-    }
-}
-
-
 # S3 setup.
-my $aws_access_key_id = $ENV{'AWS_ACCESS_KEY_ID'} or die "AWS_ACCESS_KEY_ID not set\n";
-my $aws_secret_access_key = $ENV{'AWS_SECRET_ACCESS_KEY'} or die "AWS_SECRET_ACCESS_KEY not set\n";
+my $aws_access_key_id = $ENV{'AWS_ACCESS_KEY_ID'} or die;
+my $aws_secret_access_key = $ENV{'AWS_SECRET_ACCESS_KEY'} or die;

 my $s3 = Net::Amazon::S3->new(
    { aws_access_key_id     => $aws_access_key_id,
@@ -63,15 +34,12 @@ my $s3 = Net::Amazon::S3->new(

 my $bucket = $s3->bucket("nixpkgs-tarballs") or die;

-my $doWrite = 0;
-my $cacheFile = ($ENV{"HOME"} or die "\$HOME is not set") . "/.cache/nix/copy-tarballs";
+my $cacheFile = "/tmp/copy-tarballs-cache";
 my %cache;
 $cache{$_} = 1 foreach read_file($cacheFile, err_mode => 'quiet', chomp => 1);
-$doWrite = 1;

 END() {
-    File::Path::mkpath(dirname($cacheFile), 0, 0755);
-    write_file($cacheFile, map { "$_\n" } keys %cache) if $doWrite;
+    write_file($cacheFile, map { "$_\n" } keys %cache);
 }

 sub alreadyMirrored {
@@ -116,9 +84,11 @@ sub uploadFile {
    $cache{$mainKey} = 1;
 }

-if (scalar @fileNames) {
+my $op = shift @ARGV;
+
+if ($op eq "--file") {
    my $res = 0;
-    foreach my $fn (@fileNames) {
+    foreach my $fn (@ARGV) {
        eval {
            if (alreadyMirrored("sha512", hashFile("sha512", 0, $fn))) {
                print STDERR "$fn is already mirrored\n";
@@ -127,16 +97,17 @@ if (scalar @fileNames) {
            }
        };
        if ($@) {
-            warn "$@";
+            warn "$@\n";
            $res = 1;
        }
    }
    exit $res;
 }

-elsif (defined $expr) {
+elsif ($op eq "--expr") {

    # Evaluate find-tarballs.nix.
+    my $expr = $ARGV[0] // die "$0: --expr requires a Nix expression\n";
    my $pid = open(JSON, "-|", "nix-instantiate", "--eval", "--json", "--strict",
                   "<nixpkgs/maintainers/scripts/find-tarballs.nix>",
                   "--arg", "expr", $expr);
@@ -152,11 +123,10 @@ elsif (defined $expr) {
    # Check every fetchurl call discovered by find-tarballs.nix.
    my $mirrored = 0;
    my $have = 0;
-    foreach my $fetch (sort { $a->{url} cmp $b->{url} } @{$fetches}) {
+    foreach my $fetch (@{$fetches}) {
        my $url = $fetch->{url};
        my $algo = $fetch->{type};
        my $hash = $fetch->{hash};
-        my $name = $fetch->{name};

        if (defined $ENV{DEBUG}) {
            print "$url $algo $hash\n";
@@ -168,44 +138,26 @@ elsif (defined $expr) {
            next;
        }

-        next if defined $exclude && $url =~ /$exclude/;
-
        if (alreadyMirrored($algo, $hash)) {
            $have++;
            next;
        }

-        my $storePath = makeFixedOutputPath(0, $algo, $hash, $name);
+        print STDERR "mirroring $url...\n";

-        print STDERR "mirroring $url ($storePath)...\n";
+        next if $ENV{DRY_RUN};

-        if ($dryRun) {
-            $mirrored++;
+        # Download the file using nix-prefetch-url.
+        $ENV{QUIET} = 1;
+        $ENV{PRINT_PATH} = 1;
+        my $fh;
+        my $pid = open($fh, "-|", "nix-prefetch-url", "--type", $algo, $url, $hash) or die;
+        waitpid($pid, 0) or die;
+        if ($? != 0) {
+            print STDERR "failed to fetch $url: $?\n";
            next;
        }
-
-        # Substitute the output.
-        if (!isValidPath($storePath)) {
-            system("nix-store", "-r", $storePath);
-        }
-
-        # Otherwise download the file using nix-prefetch-url.
-        if (!isValidPath($storePath)) {
-            $ENV{QUIET} = 1;
-            $ENV{PRINT_PATH} = 1;
-            my $fh;
-            my $pid = open($fh, "-|", "nix-prefetch-url", "--type", $algo, $url, $hash) or die;
-            waitpid($pid, 0) or die;
-            if ($? != 0) {
-                print STDERR "failed to fetch $url: $?\n";
-                next;
-            }
-            <$fh>; my $storePath2 = <$fh>; chomp $storePath2;
-            if ($storePath ne $storePath2) {
-                warn "strange: $storePath != $storePath2\n";
-                next;
-            }
-        }
+        <$fh>; my $storePath = <$fh>; chomp $storePath;

        uploadFile($storePath, $url);
        $mirrored++;
@@ -215,5 +167,5 @@ elsif (defined $expr) {
 }

 else {
-    usage();
+    die "Syntax: $0 --file FILENAMES... | --expr EXPR\n";
 }
--- a/maintainers/scripts/fetch-kde-qt.sh
+++ b/maintainers/scripts/fetch-kde-qt.sh
@@ -1,60 +0,0 @@
-#! /usr/bin/env nix-shell
-#! nix-shell -i bash -p coreutils findutils gnused nix wget
-
-set -efuo pipefail
-
-SRCS=
-if [ -d "$1" ]; then
-    SRCS="$(pwd)/$1/srcs.nix"
-    . "$1/fetch.sh"
-else
-    SRCS="$(pwd)/$(dirname $1)/srcs.nix"
-    . "$1"
-fi
-
-tmp=$(mktemp -d)
-pushd $tmp >/dev/null
-wget -nH -r -c --no-parent "${WGET_ARGS[@]}" >/dev/null
-
-csv=$(mktemp)
-find . -type f | while read src; do
-    # Sanitize file name
-    filename=$(basename "$src" | tr '@' '_')
-    nameVersion="${filename%.tar.*}"
-    name=$(echo "$nameVersion" | sed -e 's,-[[:digit:]].*,,' | sed -e 's,-opensource-src$,,')
-    version=$(echo "$nameVersion" | sed -e 's,^\([[:alpha:]][[:alnum:]]*-\)\+,,')
-    echo "$name,$version,$src,$filename" >>$csv
-done
-
-cat >"$SRCS" <<EOF
-# DO NOT EDIT! This file is generated automatically by fetch-kde-qt.sh
-{ fetchurl, mirror }:
-
-{
-EOF
-
-gawk -F , "{ print \$1 }" $csv | sort | uniq | while read name; do
-    versions=$(gawk -F , "/^$name,/ { print \$2 }" $csv)
-    latestVersion=$(echo "$versions" | sort -rV | head -n 1)
-    src=$(gawk -F , "/^$name,$latestVersion,/ { print \$3 }" $csv)
-    filename=$(gawk -F , "/^$name,$latestVersion,/ { print \$4 }" $csv)
-    url="${src:2}"
-    sha256=$(nix-hash --type sha256 --base32 --flat "$src")
-    cat >>"$SRCS" <<EOF
-  $name = {
-    version = "$latestVersion";
-    src = fetchurl {
-      url = "\${mirror}/$url";
-      sha256 = "$sha256";
-      name = "$filename";
-    };
-  };
-EOF
-done
-
-echo "}" >>"$SRCS"
-
-popd >/dev/null
-rm -fr $tmp >/dev/null
-
-rm -f $csv >/dev/null
--- a/maintainers/scripts/find-tarballs.nix
+++ b/maintainers/scripts/find-tarballs.nix
@@ -14,12 +14,12 @@ let
    operator = const [ ];
  });

-  urls = map (drv: { url = head (drv.urls or [ drv.url ]); hash = drv.outputHash; type = drv.outputHashAlgo; name = drv.name; }) fetchurlDependencies;
+  urls = map (drv: { url = head drv.urls; hash = drv.outputHash; type = drv.outputHashAlgo; }) fetchurlDependencies;

  fetchurlDependencies =
    filter
      (drv: drv.outputHash or "" != "" && drv.outputHashMode or "flat" == "flat"
-          && drv.postFetch or "" == "" && (drv ? url || drv ? urls))
+          && drv.postFetch or "" == "" && drv ? urls)
      dependencies;

  dependencies = map (x: x.value) (genericClosure {
--- a/maintainers/scripts/hydra-eval-failures.py
+++ b/maintainers/scripts/hydra-eval-failures.py
@@ -1,94 +0,0 @@
-#!/usr/bin/env nix-shell
-#!nix-shell -i python -p pythonFull pythonPackages.requests pythonPackages.pyquery pythonPackages.click
-
-# To use, just execute this script with --help to display help.
-
-import subprocess
-import json
-import sys
-
-import click
-import requests
-from pyquery import PyQuery as pq
-
-
-maintainers_json = subprocess.check_output([
-    'nix-instantiate',
-    'lib/maintainers.nix',
-    '--eval',
-    '--json'])
-maintainers = json.loads(maintainers_json)
-MAINTAINERS = {v: k for k, v in maintainers.iteritems()}
-
-
-def get_response_text(url):
-    return pq(requests.get(url).text)  # IO
-
-EVAL_FILE = {
-    'nixos': 'nixos/release.nix',
-    'nixpkgs': 'pkgs/top-level/release.nix',
-}
-
-
-def get_maintainers(attr_name):
-    nixname = attr_name.split('.')
-    meta_json = subprocess.check_output([
-        'nix-instantiate',
-        '--eval',
-        '--strict',
-        '-A',
-        '.'.join(nixname[1:]) + '.meta',
-        EVAL_FILE[nixname[0]],
-        '--json'])
-    meta = json.loads(meta_json)
-    if meta.get('maintainers'):
-        return [MAINTAINERS[name] for name in meta['maintainers'] if MAINTAINERS.get(name)]
-
-
-@click.command()
-@click.option(
-    '--jobset',
-    default="nixos/release-17.03",
-    help='Hydra project like nixos/release-17.03')
-def cli(jobset):
-    """
-    Given a Hydra project, inspect latest evaluation
-    and print a summary of failed builds
-    """
-
-    url = "http://hydra.nixos.org/jobset/{}".format(jobset)
-
-    # get the last evaluation
-    click.echo(click.style(
-        'Getting latest evaluation for {}'.format(url), fg='green'))
-    d = get_response_text(url)
-    evaluations = d('#tabs-evaluations').find('a[class="row-link"]')
-    latest_eval_url = evaluations[0].get('href')
-
-    # parse last evaluation page
-    click.echo(click.style(
-        'Parsing evaluation {}'.format(latest_eval_url), fg='green'))
-    d = get_response_text(latest_eval_url + '?full=1')
-
-    # TODO: aborted evaluations
-    # TODO: dependency failed without propagated builds
-    for tr in d('img[alt="Failed"]').parents('tr'):
-        a = pq(tr)('a')[1]
-        print "- [ ] [{}]({})".format(a.text, a.get('href'))
-
-        sys.stdout.flush()
-
-        maintainers = get_maintainers(a.text)
-        if maintainers:
-            print "  - maintainers: {}".format(", ".join(map(lambda u: '@' + u, maintainers)))
-        # TODO: print last three persons that touched this file
-        # TODO: pinpoint the diff that broke this build, or maybe it's transient or maybe it never worked?
-
-        sys.stdout.flush()
-
-
-if __name__ == "__main__":
-    try:
-        cli()
-    except:
-        import pdb;pdb.post_mortem()
--- a/maintainers/scripts/map-files.pl
+++ b/maintainers/scripts/map-files.pl
@@ -0,0 +1,22 @@
+#! /usr/bin/perl -w
+
+use strict;
+
+my %map;
+open LIST1, "<$ARGV[0]" or die;
+while (<LIST1>) {
+    /^(\S+)\s+(.*)$/;
+    $map{$1} = $2;
+}
+
+open LIST1, "<$ARGV[1]" or die;
+while (<LIST1>) {
+    /^(\S+)\s+(.*)$/;
+    if (!defined $map{$1}) {
+        print STDERR "missing file: $2\n";
+        next;
+    }
+    print "$2\n";
+    print "$map{$1}\n";
+}
+
--- a/maintainers/scripts/nix-generate-from-cpan.nix
+++ b/maintainers/scripts/nix-generate-from-cpan.nix
@@ -1,7 +1,7 @@
 { stdenv, makeWrapper, perl, perlPackages }:

 stdenv.mkDerivation {
-  name = "nix-generate-from-cpan-3";
+  name = "nix-generate-from-cpan-2";

  buildInputs = with perlPackages; [
    makeWrapper perl CPANMeta GetoptLongDescriptive CPANPLUS Readonly Log4Perl
@@ -20,6 +20,5 @@ stdenv.mkDerivation {
  meta = {
    maintainers = with stdenv.lib.maintainers; [ eelco rycee ];
    description = "Utility to generate a Nix expression for a Perl package from CPAN";
-    platforms = stdenv.lib.platforms.unix;
  };
 }
--- a/maintainers/scripts/nix-generate-from-cpan.pl
+++ b/maintainers/scripts/nix-generate-from-cpan.pl
@@ -278,13 +278,13 @@ sub get_deps {
    foreach my $n ( $deps->required_modules ) {
        next if $n eq "perl";

-        # Figure out whether the module is a core module by attempting
-        # to `use` the module in a pure Perl interpreter and checking
-        # whether it succeeded. Note, $^X is a magic variable holding
-        # the path to the running Perl interpreter.
-        if ( system("env -i $^X -M$n -e1 >/dev/null 2>&1") == 0 ) {
-            DEBUG("skipping Perl-builtin module $n");
-            next;
+        # Hacky way to figure out if this module is part of Perl.
+        if ( $n !~ /^JSON/ && $n !~ /^YAML/ && $n !~ /^Module::Pluggable/  && $n !~ /^if$/ ) {
+            eval "use $n;";
+            if ( !$@ ) {
+                DEBUG("skipping Perl-builtin module $n");
+                next;
+            }
        }

        my $pkg = module_to_pkg( $cb, $n );
@@ -395,21 +395,16 @@ my $meta = read_meta($pkg_path);

 DEBUG( "metadata: ", encode_json( $meta->as_struct ) ) if defined $meta;

-my @runtime_deps = sort( uniq( get_deps( $cb, $meta, "runtime" ) ) );
-INFO("runtime deps: @runtime_deps");
-
 my @build_deps = sort( uniq(
        get_deps( $cb, $meta, "configure" ),
        get_deps( $cb, $meta, "build" ),
        get_deps( $cb, $meta, "test" )
 ) );
-
-# Filter out runtime dependencies since those are already handled.
-my %in_runtime_deps = map { $_ => 1 } @runtime_deps;
-@build_deps = grep { not $in_runtime_deps{$_} } @build_deps;
-
 INFO("build deps: @build_deps");

+my @runtime_deps = sort( uniq( get_deps( $cb, $meta, "runtime" ) ) );
+INFO("runtime deps: @runtime_deps");
+
 my $homepage = $meta ? $meta->resources->{homepage} : undef;
 INFO("homepage: $homepage") if defined $homepage;

--- a/maintainers/scripts/nixpkgs-lint.nix
+++ b/maintainers/scripts/nixpkgs-lint.nix
@@ -18,6 +18,5 @@ stdenv.mkDerivation {
  meta = {
    maintainers = [ stdenv.lib.maintainers.eelco ];
    description = "A utility for Nixpkgs contributors to check Nixpkgs for common errors";
-    platforms = stdenv.lib.platforms.unix;
  };
 }
--- a/maintainers/scripts/travis-nox-review-pr.sh
+++ b/maintainers/scripts/travis-nox-review-pr.sh
@@ -1,82 +1,46 @@
 #! /usr/bin/env bash
 set -e

-while test -n "$1"; do
+export NIX_CURL_FLAGS=-sS

-    # tell Travis to use folding
-    echo -en "travis_fold:start:$1\r"
+if [[ $1 == nix ]]; then
+    echo "=== Installing Nix..."
+    # Install Nix
+    bash <(curl -sS https://nixos.org/nix/install)
+    source $HOME/.nix-profile/etc/profile.d/nix.sh

-    case $1 in
+    # Make sure we can use hydra's binary cache
+    sudo mkdir /etc/nix
+    sudo sh -c 'echo "build-max-jobs = 4" > /etc/nix/nix.conf'

-        nixpkgs-verify)
-            echo "=== Verifying that nixpkgs evaluates..."
+    # Verify evaluation
+    echo "=== Verifying that nixpkgs evaluates..."
+    nix-env -f. -qa --json >/dev/null
+elif [[ $1 == nox ]]; then
+    echo "=== Installing nox..."
+    git clone -q https://github.com/madjar/nox
+    pip --quiet install -e nox
+elif [[ $1 == build ]]; then
+    source $HOME/.nix-profile/etc/profile.d/nix.sh

-            nix-env --file $TRAVIS_BUILD_DIR --query --available --json > /dev/null
-            ;;
+    echo "=== Checking tarball creation"
+    nix-build pkgs/top-level/release.nix -A tarball

-        nixos-options)
-            echo "=== Checking NixOS options"
+    if [[ $TRAVIS_PULL_REQUEST == false ]]; then
+        echo "=== Not a pull request"
+    else
+        echo "=== Checking PR"

-            nix-build $TRAVIS_BUILD_DIR/nixos/release.nix --attr options --show-trace
-            ;;
-
-        nixos-manual)
-            echo "=== Checking NixOS manuals"
-
-            nix-build $TRAVIS_BUILD_DIR/nixos/release.nix --attr manual --show-trace
-            ;;
-
-        nixpkgs-manual)
-            echo "=== Checking nixpkgs manuals"
-
-            nix-build $TRAVIS_BUILD_DIR/pkgs/top-level/release.nix --attr manual --show-trace
-            ;;
-
-        nixpkgs-tarball)
-            echo "=== Checking nixpkgs tarball creation"
-
-            nix-build $TRAVIS_BUILD_DIR/pkgs/top-level/release.nix --attr tarball --show-trace
-            ;;
-
-        nixpkgs-unstable)
-            echo "=== Checking nixpkgs unstable job"
-
-            nix-instantiate $TRAVIS_BUILD_DIR/pkgs/top-level/release.nix --attr unstable --show-trace
-            ;;
-
-        nixpkgs-lint)
-            echo "=== Checking nixpkgs lint"
-
-            nix-shell --packages nixpkgs-lint --run "nixpkgs-lint -f $TRAVIS_BUILD_DIR"
-            ;;
-
-        nox)
-            echo "=== Fetching Nox from binary cache"
-
-            # build nox silently so it's not in the log
-            nix-build "<nixpkgs>" -A nox -A stdenv
-            ;;
-
-        pr)
-            if [ "$TRAVIS_PULL_REQUEST" == "false" ]; then
-                echo "=== No pull request found"
-            else
-                echo "=== Building pull request #$TRAVIS_PULL_REQUEST"
-
-                token=""
-                if [ -n "$GITHUB_TOKEN" ]; then
-                    token="--token $GITHUB_TOKEN"
-                fi
-
-                nix-shell --packages nox --run "nox-review pr --slug $TRAVIS_REPO_SLUG $token $TRAVIS_PULL_REQUEST"
+        if ! nox-review pr ${TRAVIS_PULL_REQUEST}; then
+            if sudo dmesg | egrep 'Out of memory|Killed process' > /tmp/oom-log; then
+                echo "=== The build failed due to running out of memory:"
+                cat /tmp/oom-log
+                echo "=== Please disregard the result of this Travis build."
            fi
-            ;;
-
-        *)
-            echo "Skipping unknown option $1"
-            ;;
-    esac
-
-    echo -en "travis_fold:end:$1\r"
-    shift
-done
+            exit 1
+        fi
+    fi
+else
+    echo "$0: Unknown option $1" >&2
+    false
+fi
--- a/maintainers/scripts/update.nix
+++ b/maintainers/scripts/update.nix
@@ -1,131 +0,0 @@
-{ package ? null
-, maintainer ? null
-}:
-
-# TODO: add assert statements
-
-let
-
-  pkgs = import ./../../default.nix { };
-
-  packagesWith = cond: return: set:
-    pkgs.lib.flatten
-      (pkgs.lib.mapAttrsToList
-        (name: pkg:
-          let
-            result = builtins.tryEval (
-              if pkgs.lib.isDerivation pkg && cond name pkg
-                then [(return name pkg)]
-              else if pkg.recurseForDerivations or false || pkg.recurseForRelease or false
-                then packagesWith cond return pkg
-              else []
-            );
-          in
-            if result.success then result.value
-            else []
-        )
-        set
-      );
-
-  packagesWithUpdateScriptAndMaintainer = maintainer':
-    let
-      maintainer =
-        if ! builtins.hasAttr maintainer' pkgs.lib.maintainers then
-          builtins.throw "Maintainer with name `${maintainer'} does not exist in `lib/maintainers.nix`."
-        else
-          builtins.getAttr maintainer' pkgs.lib.maintainers;
-    in
-      packagesWith (name: pkg: builtins.hasAttr "updateScript" pkg &&
-                                 (if builtins.hasAttr "maintainers" pkg.meta
-                                   then (if builtins.isList pkg.meta.maintainers
-                                           then builtins.elem maintainer pkg.meta.maintainers
-                                           else maintainer == pkg.meta.maintainers
-                                        )
-                                   else false
-                                 )
-                   )
-                   (name: pkg: pkg)
-                   pkgs;
-
-  packageByName = name:
-    let
-        package = pkgs.lib.attrByPath (pkgs.lib.splitString "." name) null pkgs;
-    in
-      if package == null then
-        builtins.throw "Package with an attribute name `${name}` does not exists."
-      else if ! builtins.hasAttr "updateScript" package then
-        builtins.throw "Package with an attribute name `${name}` does have an `passthru.updateScript` defined."
-      else
-        package;
-
-  packages =
-    if package != null then
-      [ (packageByName package) ]
-    else if maintainer != null then
-      packagesWithUpdateScriptAndMaintainer maintainer
-    else
-      builtins.throw "No arguments provided.\n\n${helpText}";
-
-  helpText = ''
-    Please run:
-
-        % nix-shell maintainers/scripts/update.nix --argstr maintainer garbas
-
-    to run all update scripts for all packages that lists \`garbas\` as a maintainer
-    and have \`updateScript\` defined, or:
-
-        % nix-shell maintainers/scripts/update.nix --argstr package garbas
-
-    to run update script for specific package.
-  '';
-
-  runUpdateScript = package: ''
-    echo -ne " - ${package.name}: UPDATING ..."\\r
-    ${package.updateScript} &> ${(builtins.parseDrvName package.name).name}.log
-    CODE=$?
-    if [ "$CODE" != "0" ]; then
-      echo " - ${package.name}: ERROR       "
-      echo ""
-      echo "--- SHOWING ERROR LOG FOR ${package.name} ----------------------"
-      echo ""
-      cat ${(builtins.parseDrvName package.name).name}.log
-      echo ""
-      echo "--- SHOWING ERROR LOG FOR ${package.name} ----------------------"
-      exit $CODE
-    else
-      rm ${(builtins.parseDrvName package.name).name}.log
-    fi
-    echo " - ${package.name}: DONE.       "
-  '';
-
-in pkgs.stdenv.mkDerivation {
-  name = "nixpkgs-update-script";
-  buildCommand = ''
-    echo ""
-    echo "----------------------------------------------------------------"
-    echo ""
-    echo "Not possible to update packages using \`nix-build\`"
-    echo ""
-    echo "${helpText}"
-    echo "----------------------------------------------------------------"
-    exit 1
-  '';
-  shellHook = ''
-    echo ""
-    echo "Going to be running update for following packages:"
-    echo "${builtins.concatStringsSep "\n" (map (x: " - ${x.name}") packages)}"
-    echo ""
-    read -n1 -r -p "Press space to continue..." confirm
-    if [ "$confirm" = "" ]; then
-      echo ""
-      echo "Running update for:"
-      ${builtins.concatStringsSep "\n" (map runUpdateScript packages)}
-      echo ""
-      echo "Packages updated!"
-      exit 0
-    else
-      echo "Aborting!"
-      exit 1
-    fi
-  '';
-}
--- a/maintainers/scripts/vanity.sh
+++ b/maintainers/scripts/vanity.sh
@@ -101,15 +101,15 @@ cleaner_script="$(echo "$name_list_canonical" | denormalize_name |

 # Add github usernames
 if [ -n "$NIXPKGS_GITHUB_NAME_CACHE" ]; then
-    github_adder_script="$(mktemp)"
-    echo "$github_name_list" |
+    github_adder_script="$(echo "$github_name_list" |
        grep -E "$(echo "$name_list_canonical" | cut -f 2 |
 	    tr '\n' '|' )" |
 	sort | uniq |
        sed -re 's/(.*)\t(.*)/s| \1$| \1\t\2|g;/' |
-	denormalize_name > "$github_adder_script"
+	denormalize_name
+	)"
 else
-    github_adder_script='/dev/null'
+    github_adder_script=''
 fi

 echo "$name_list" | denormalize_name
@@ -118,5 +118,5 @@ echo

 echo "$git_data" | cut -f 1 |
    sed -e "$cleaner_script" |
-    sort | uniq -c | sort -k1n | sed -rf "$github_adder_script" |
+    sort | uniq -c | sort -k1n | sed -re "$github_adder_script" |
    sed -re 's/^ *([0-9]+) /\1\t/'
--- a/nixos/default.nix
+++ b/nixos/default.nix
@@ -37,4 +37,7 @@ in
  vm = vmConfig.system.build.vm;

  vmWithBootLoader = vmWithBootLoaderConfig.system.build.vm;
+
+  # The following are used by nixos-rebuild.
+  nixFallback = pkgs.nixUnstable;
 }
--- a/nixos/doc/manual/administration/cleaning-store.xml
+++ b/nixos/doc/manual/administration/cleaning-store.xml
@@ -21,7 +21,7 @@ Alternatively, you can use a systemd unit that does the same in the
 background:

 <screen>
-# systemctl start nix-gc.service
+$ systemctl start nix-gc.service
 </screen>

 You can tell NixOS in <filename>configuration.nix</filename> to run
@@ -59,4 +59,4 @@ $ nix-store --optimise
 Since this command needs to read the entire Nix store, it can take
 quite a while to finish.</para>

-</chapter>
+</chapter>
--- a/nixos/doc/manual/administration/container-networking.xml
+++ b/nixos/doc/manual/administration/container-networking.xml
@@ -13,7 +13,7 @@ create</literal>, it gets it own private IPv4 address in the range
 address as follows:

 <screen>
-# nixos-container show-ip foo
+$ nixos-container show-ip foo
 10.233.4.2

 $ ping -c1 10.233.4.2
@@ -47,12 +47,4 @@ where <literal>eth0</literal> should be replaced with the desired
 external interface. Note that <literal>ve-+</literal> is a wildcard
 that matches all container interfaces.</para>

-<para>If you are using Network Manager, you need to explicitly prevent
-it from managing container interfaces:
-
-<programlisting>
-networking.networkmanager.unmanaged = [ "interface-name:ve-*" ];
-</programlisting>
-</para>
-
-</section>
+</section>
--- a/nixos/doc/manual/administration/imperative-containers.xml
+++ b/nixos/doc/manual/administration/imperative-containers.xml
@@ -7,15 +7,11 @@
 <title>Imperative Container Management</title>

 <para>We’ll cover imperative container management using
-<command>nixos-container</command> first.
-Be aware that container management is currently only possible
-as <literal>root</literal>.</para>
-
-<para>You create a container with
+<command>nixos-container</command> first. You create a container with
 identifier <literal>foo</literal> as follows:

 <screen>
-# nixos-container create foo
+$ nixos-container create foo
 </screen>

 This creates the container’s root directory in
@@ -29,7 +25,7 @@ line. For instance, to create a container that has
 <literal>root</literal>:

 <screen>
-# nixos-container create foo --config 'services.openssh.enable = true; \
+$ nixos-container create foo --config 'services.openssh.enable = true; \
  users.extraUsers.root.openssh.authorizedKeys.keys = ["ssh-dss AAAAB3N…"];'
 </screen>

@@ -39,7 +35,7 @@ line. For instance, to create a container that has
 run:

 <screen>
-# nixos-container start foo
+$ nixos-container start foo
 </screen>

 This command will return as soon as the container has booted and has
@@ -50,16 +46,16 @@ Thus, if something went wrong, you can get status info using
 <command>systemctl</command>:

 <screen>
-# systemctl status container@foo
+$ systemctl status container@foo
 </screen>

 </para>

-<para>If the container has started successfully, you can log in as
+<para>If the container has started succesfully, you can log in as
 root using the <command>root-login</command> operation:

 <screen>
-# nixos-container root-login foo
+$ nixos-container root-login foo
 [root@foo:~]#
 </screen>

@@ -69,7 +65,7 @@ authentication).  You can also get a regular login prompt using the
 the host:

 <screen>
-# nixos-container login foo
+$ nixos-container login foo
 foo login: alice
 Password: ***
 </screen>
@@ -78,7 +74,7 @@ With <command>nixos-container run</command>, you can execute arbitrary
 commands in the container:

 <screen>
-# nixos-container run foo -- uname -a
+$ nixos-container run foo -- uname -a
 Linux foo 3.4.82 #1-NixOS SMP Thu Mar 20 14:44:05 UTC 2014 x86_64 GNU/Linux
 </screen>

@@ -90,17 +86,17 @@ container. First, on the host, you can edit
 and run

 <screen>
-# nixos-container update foo
+$ nixos-container update foo
 </screen>

 This will build and activate the new configuration. You can also
 specify a new configuration on the command line:

 <screen>
-# nixos-container update foo --config 'services.httpd.enable = true; \
+$ nixos-container update foo --config 'services.httpd.enable = true; \
  services.httpd.adminAddr = "foo@example.org";'

-# curl http://$(nixos-container show-ip foo)/
+$ curl http://$(nixos-container show-ip foo)/
 &lt;!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">…
 </screen>

@@ -120,9 +116,9 @@ start</literal>, respectively, or by using
 destroy a container, including its file system, do

 <screen>
-# nixos-container destroy foo
+$ nixos-container destroy foo
 </screen>

 </para>

-</section>
+</section>
--- a/nixos/doc/manual/administration/maintenance-mode.xml
+++ b/nixos/doc/manual/administration/maintenance-mode.xml
@@ -9,10 +9,10 @@
 <para>You can enter rescue mode by running:

 <screen>
-# systemctl rescue</screen>
+$ systemctl rescue</screen>

 This will eventually give you a single-user root shell.  Systemd will
 stop (almost) all system services.  To get out of maintenance mode,
 just exit from the rescue shell.</para>

-</section>
+</section>
--- a/nixos/doc/manual/administration/network-problems.xml
+++ b/nixos/doc/manual/administration/network-problems.xml
@@ -18,14 +18,14 @@ You can disable the use of the binary cache by adding <option>--option
 use-binary-caches false</option>, e.g.

 <screen>
-# nixos-rebuild switch --option use-binary-caches false
+$ nixos-rebuild switch --option use-binary-caches false
 </screen>

 If you have an alternative binary cache at your disposal, you can use
 it instead:

 <screen>
-# nixos-rebuild switch --option binary-caches http://my-cache.example.org/
+$ nixos-rebuild switch --option binary-caches http://my-cache.example.org/
 </screen>

 </para>
--- a/nixos/doc/manual/administration/rebooting.xml
+++ b/nixos/doc/manual/administration/rebooting.xml
@@ -10,7 +10,7 @@
 doing:

 <screen>
-# shutdown
+$ shutdown
 </screen>

 This is equivalent to running <command>systemctl
@@ -19,7 +19,7 @@ poweroff</command>.</para>
 <para>To reboot the system, run

 <screen>
-# reboot
+$ reboot
 </screen>

 which is equivalent to <command>systemctl reboot</command>.
@@ -28,7 +28,7 @@ Alternatively, you can quickly reboot the system using
 the new kernel into memory:

 <screen>
-# systemctl kexec
+$ systemctl kexec
 </screen>

 </para>
@@ -41,4 +41,4 @@ the new kernel into memory:
 i.e. on a virtual console or in X11; otherwise, the user is asked for
 authentication.</para>

-</chapter>
+</chapter>
--- a/nixos/doc/manual/administration/rollback.xml
+++ b/nixos/doc/manual/administration/rollback.xml
@@ -19,7 +19,7 @@ fails to boot.  After the system has booted, you can make the selected
 configuration the default for subsequent boots:

 <screen>
-# /run/current-system/bin/switch-to-configuration boot</screen>
+$ /run/current-system/bin/switch-to-configuration boot</screen>

 </para>

@@ -27,12 +27,12 @@ configuration the default for subsequent boots:
 system:

 <screen>
-# nixos-rebuild switch --rollback</screen>
+$ nixos-rebuild switch --rollback</screen>

 This is equivalent to running:

 <screen>
-# /nix/var/nix/profiles/system-<replaceable>N</replaceable>-link/bin/switch-to-configuration switch</screen>
+$ /nix/var/nix/profiles/system-<replaceable>N</replaceable>-link/bin/switch-to-configuration switch</screen>

 where <replaceable>N</replaceable> is the number of the NixOS system
 configuration.  To get a list of the available configurations, do:
@@ -45,4 +45,4 @@ lrwxrwxrwx 1 root root 78 Aug 12 13:54 /nix/var/nix/profiles/system-268-link ->

 </para>

-</section>
+</section>
--- a/nixos/doc/manual/administration/service-mgmt.xml
+++ b/nixos/doc/manual/administration/service-mgmt.xml
@@ -66,9 +66,9 @@ messages from the service.
 <para>Units can be stopped, started or restarted:

 <screen>
-# systemctl stop postgresql.service
-# systemctl start postgresql.service
-# systemctl restart postgresql.service
+$ systemctl stop postgresql.service
+$ systemctl start postgresql.service
+$ systemctl restart postgresql.service
 </screen>

 These operations are synchronous: they wait until the service has
--- a/nixos/doc/manual/administration/store-corruption.xml
+++ b/nixos/doc/manual/administration/store-corruption.xml
@@ -18,7 +18,7 @@ you may be able to fix it automatically.</para>
 system configuration, you can fix it by doing

 <screen>
-# nixos-rebuild switch --repair
+$ nixos-rebuild switch --repair
 </screen>

 This will cause Nix to check every path in the closure, and if its
@@ -28,10 +28,10 @@ the path is rebuilt or redownloaded.</para>
 <para>You can also scan the entire Nix store for corrupt paths:

 <screen>
-# nix-store --verify --check-contents --repair
+$ nix-store --verify --check-contents --repair
 </screen>

 Any corrupt paths will be redownloaded if they’re available in a
 binary cache; otherwise, they cannot be repaired.</para>

-</section>
+</section>
--- a/nixos/doc/manual/administration/user-sessions.xml
+++ b/nixos/doc/manual/administration/user-sessions.xml
@@ -45,9 +45,9 @@ track of this, you can terminate a session in a way that ensures that
 all the session’s processes are gone:

 <screen>
-# loginctl terminate-session c3
+$ loginctl terminate-session c3
 </screen>

 </para>

-</chapter>
+</chapter>
--- a/nixos/doc/manual/configuration/adding-custom-packages.xml
+++ b/nixos/doc/manual/configuration/adding-custom-packages.xml
@@ -31,7 +31,7 @@ and you run <command>nixos-rebuild</command>, specifying your own
 Nixpkgs tree:

 <screen>
-# nixos-rebuild switch -I nixpkgs=/path/to/my/nixpkgs</screen>
+$ nixos-rebuild switch -I nixpkgs=/path/to/my/nixpkgs</screen>

 </para>

--- a/nixos/doc/manual/configuration/config-file.xml
+++ b/nixos/doc/manual/configuration/config-file.xml
@@ -106,15 +106,11 @@ networking.extraHosts =
  '';
 </programlisting>

-      The main difference is that it strips from each line
-      a number of spaces equal to the minimal indentation of
-      the string as a whole (disregarding the indentation of
-      empty lines), and that characters like
+      The main difference is that preceding whitespace is
+      automatically stripped from each line, and that characters like
      <literal>"</literal> and <literal>\</literal> are not special
      (making it more convenient for including things like shell
-      code).
-      See more info about this in the Nix manual <link
-      xlink:href="https://nixos.org/nix/manual/#ssec-values">here</link>.</para>
+      code).</para>
    </listitem>
  </varlistentry>

--- a/nixos/doc/manual/configuration/configuration.xml
+++ b/nixos/doc/manual/configuration/configuration.xml
@@ -21,13 +21,14 @@ effect after you run <command>nixos-rebuild</command>.</para>
 <xi:include href="user-mgmt.xml" />
 <xi:include href="file-systems.xml" />
 <xi:include href="x-windows.xml" />
-<xi:include href="xfce.xml" />
 <xi:include href="networking.xml" />
 <xi:include href="linux-kernel.xml" />

-<xi:include href="modules.xml" xpointer="xpointer(//section[@id='modules']/*)" />
+<!-- FIXME: auto-include NixOS module docs -->
+<xi:include href="postgresql.xml" />
+<xi:include href="gitlab.xml" />
+<xi:include href="acme.xml" />

 <!-- Apache; libvirtd virtualisation -->

 </part>
-
--- a/nixos/doc/manual/configuration/customizing-packages.xml
+++ b/nixos/doc/manual/configuration/customizing-packages.xml
@@ -42,30 +42,29 @@ construction, so without them,
 elements.)</para>

 <para>Even greater customisation is possible using the function
-<varname>overrideAttrs</varname>.  While the
+<varname>overrideDerivation</varname>.  While the
 <varname>override</varname> mechanism above overrides the arguments of
-a package function, <varname>overrideAttrs</varname> allows
-changing the <emphasis>attributes</emphasis> passed to <literal>mkDerivation</literal>.
-This permits changing any aspect of the package, such as the source code.
+a package function, <varname>overrideDerivation</varname> allows
+changing the <emphasis>result</emphasis> of the function.  This
+permits changing any aspect of the package, such as the source code.
 For instance, if you want to override the source code of Emacs, you
 can say:

 <programlisting>
-environment.systemPackages = [
-  (pkgs.emacs.overrideAttrs (oldAttrs: {
-    name = "emacs-25.0-pre";
-    src = /path/to/my/emacs/tree;
-  }))
-];
+environment.systemPackages =
+  [ (pkgs.lib.overrideDerivation pkgs.emacs (attrs: {
+      name = "emacs-25.0-pre";
+      src = /path/to/my/emacs/tree;
+    }))
+  ];
 </programlisting>

-Here, <varname>overrideAttrs</varname> takes the Nix derivation
+Here, <varname>overrideDerivation</varname> takes the Nix derivation
 specified by <varname>pkgs.emacs</varname> and produces a new
 derivation in which the original’s <literal>name</literal> and
 <literal>src</literal> attribute have been replaced by the given
-values by re-calling <literal>stdenv.mkDerivation</literal>.
-The original attributes are accessible via the function argument,
-which is conventionally named <varname>oldAttrs</varname>.</para>
+values.  The original attributes are accessible via
+<varname>attrs</varname>.</para>

 <para>The overrides shown above are not global.  They do not affect
 the original package; other packages in Nixpkgs continue to depend on
--- a/nixos/doc/manual/configuration/file-systems.xml
+++ b/nixos/doc/manual/configuration/file-systems.xml
@@ -35,12 +35,6 @@ or <literal>ext4</literal>, then it’s best to specify
 <option>fsType</option> to ensure that the kernel module is
 available.</para>

-<note><para>System startup will fail if any of the filesystems fails to mount,
-dropping you to the emergency shell.
-You can make a mount asynchronous and non-critical by adding
-<literal>options = [ "nofail" ];</literal>.
-</para></note>
-
 <xi:include href="luks-file-systems.xml" />

 </chapter>
--- a/nixos/doc/manual/configuration/ipv6-config.xml
+++ b/nixos/doc/manual/configuration/ipv6-config.xml
@@ -12,35 +12,8 @@ can disable IPv6 support globally by setting:

 <programlisting>
 networking.enableIPv6 = false;
-</programlisting></para>
-
-<para>You can disable IPv6 on a single interface using a normal sysctl (in this
-example, we use interface <varname>eth0</varname>):
-
-<programlisting>
-boot.kernel.sysctl."net.ipv6.conf.eth0.disable_ipv6" = true;
 </programlisting>
-</para>

-<para>As with IPv4 networking interfaces are automatically configured via
-DHCPv6. You can configure an interface manually:
-
-<programlisting>
-networking.interfaces.eth0.ip6 = [ { address = "fe00:aa:bb:cc::2"; prefixLength = 64; } ];
-</programlisting>
-</para>
-
-<para>For configuring a gateway, optionally with explicitly specified interface:
-
-<programlisting>
-networking.defaultGateway6 = {
-  address = "fe00::1";
-  interface = "enp0s3";
-}
-</programlisting>
-</para>
-
-<para>See <xref linkend='sec-ipv4' /> for similar examples and additional information.
 </para>

 </section>
--- a/nixos/doc/manual/configuration/linux-kernel.xml
+++ b/nixos/doc/manual/configuration/linux-kernel.xml
@@ -19,7 +19,7 @@ kernel.</para>

 <para>The default Linux kernel configuration should be fine for most users. You can see the configuration of your current kernel with the following command:
 <programlisting>
-zcat /proc/config.gz
+cat /proc/config.gz | gunzip
 </programlisting>
 If you want to change the kernel configuration, you can use the
 <option>packageOverrides</option> feature (see <xref
@@ -66,25 +66,4 @@ boot.kernel.sysctl."net.ipv4.tcp_keepalive_time" = 120;
 sets the kernel’s TCP keepalive time to 120 seconds.  To see the
 available parameters, run <command>sysctl -a</command>.</para>

-<section>
-  <title>Developing kernel modules</title>
-
-  <para>When developing kernel modules it's often convenient to run
-  edit-compile-run loop as quickly as possible.
-
-  See below snippet as an example of developing <literal>mellanox</literal>
-  drivers.
-  </para>
-
-  <screen><![CDATA[
-$ nix-build '<nixpkgs>' -A linuxPackages.kernel.dev
-$ nix-shell '<nixpkgs>' -A linuxPackages.kernel
-$ unpackPhase
-$ cd linux-*
-$ make -C $dev/lib/modules/*/build M=$(pwd)/drivers/net/ethernet/mellanox modules
-# insmod ./drivers/net/ethernet/mellanox/mlx5/core/mlx5_core.ko
-]]></screen>
-
-</section>
-
 </chapter>
--- a/nixos/doc/manual/configuration/luks-file-systems.xml
+++ b/nixos/doc/manual/configuration/luks-file-systems.xml
@@ -9,23 +9,23 @@
 <para>NixOS supports file systems that are encrypted using
 <emphasis>LUKS</emphasis> (Linux Unified Key Setup).  For example,
 here is how you create an encrypted Ext4 file system on the device
-<filename>/dev/disk/by-uuid/3f6b0024-3a44-4fde-a43a-767b872abe5d</filename>:
+<filename>/dev/sda2</filename>:

 <screen>
-# cryptsetup luksFormat /dev/disk/by-uuid/3f6b0024-3a44-4fde-a43a-767b872abe5d
+$ cryptsetup luksFormat /dev/sda2

 WARNING!
 ========
-This will overwrite data on /dev/disk/by-uuid/3f6b0024-3a44-4fde-a43a-767b872abe5d irrevocably.
+This will overwrite data on /dev/sda2 irrevocably.

 Are you sure? (Type uppercase yes): YES
 Enter LUKS passphrase: ***
 Verify passphrase: ***

-# cryptsetup luksOpen /dev/disk/by-uuid/3f6b0024-3a44-4fde-a43a-767b872abe5d crypted
-Enter passphrase for /dev/disk/by-uuid/3f6b0024-3a44-4fde-a43a-767b872abe5d: ***
+$ cryptsetup luksOpen /dev/sda2 crypted
+Enter passphrase for /dev/sda2: ***

-# mkfs.ext4 /dev/mapper/crypted
+$ mkfs.ext4 /dev/mapper/crypted
 </screen>

 To ensure that this file system is automatically mounted at boot time
@@ -33,14 +33,10 @@ as <filename>/</filename>, add the following to
 <filename>configuration.nix</filename>:

 <programlisting>
-boot.initrd.luks.devices.crypted.device = "/dev/disk/by-uuid/3f6b0024-3a44-4fde-a43a-767b872abe5d";
+boot.initrd.luks.devices = [ { device = "/dev/sda2"; name = "crypted"; } ];
 fileSystems."/".device = "/dev/mapper/crypted";
 </programlisting>

-Should grub be used as bootloader, and <filename>/boot</filename> is located
-on an encrypted partition, it is necessary to add the following grub option:
-<programlisting>boot.loader.grub.enableCryptodisk = true;</programlisting>
-
 </para>

 </section>
--- a/nixos/doc/manual/configuration/modularity.xml
+++ b/nixos/doc/manual/configuration/modularity.xml
@@ -36,8 +36,9 @@ latter might look like this:
 { config, pkgs, ... }:

 { services.xserver.enable = true;
-  services.xserver.displayManager.sddm.enable = true;
-  services.xserver.desktopManager.plasma5.enable = true;
+  services.xserver.displayManager.kdm.enable = true;
+  services.xserver.desktopManager.kde4.enable = true;
+  environment.systemPackages = [ pkgs.kde4.kscreensaver ];
 }
 </programlisting>

@@ -128,7 +129,7 @@ default; run <literal>nix-env -i nix-repl</literal> to get it.  A
 typical use:

 <screen>
-$ nix-repl '&lt;nixpkgs/nixos>'
+$ nix-repl '&lt;nixos>'

 nix-repl> config.networking.hostName
 "mandark"
--- a/nixos/doc/manual/configuration/network-manager.xml
+++ b/nixos/doc/manual/configuration/network-manager.xml
@@ -16,26 +16,12 @@ networking.networkmanager.enable = true;
 some desktop managers (e.g., GNOME) enable NetworkManager
 automatically for you.</para>

-<para>All users that should have permission to change network settings must
-belong to the <code>networkmanager</code> group:
-
-<programlisting>
-users.extraUsers.youruser.extraGroups = [ "networkmanager" ];
-</programlisting>
-</para>
-
-<para>NetworkManager is controlled using either <command>nmcli</command> or
-<command>nmtui</command> (curses-based terminal user interface). See their
-manual pages for details on their usage. Some desktop environments (GNOME, KDE)
-have their own configuration tools for NetworkManager. On XFCE, there is no
-configuration tool for NetworkManager by default: by adding
-<code>networkmanagerapplet</code> to the list of system packages, the graphical
-applet will be installed and will launch automatically when XFCE is starting
-(and will show in the status tray).</para>
+<para>All users that should have permission to change network settings
+must belong to the <code>networkmanager</code> group.</para>

 <note><para><code>networking.networkmanager</code> and
-<code>networking.wireless</code> (WPA Supplicant) cannot be enabled at the same
-time: you can still connect to the wireless networks using
+<code>networking.wireless</code> can not be enabled at the same time:
+you can still connect to the wireless networks using
 NetworkManager.</para></note>

 </section>
--- a/nixos/doc/manual/configuration/user-mgmt.xml
+++ b/nixos/doc/manual/configuration/user-mgmt.xml
@@ -36,10 +36,7 @@ to set a password, which is retained across invocations of
 and /etc/group will be congruent to your NixOS configuration. For instance,
 if you remove a user from users.extraUsers and run nixos-rebuild, the user
 account will cease to exist. Also, imperative commands for managing users
-and groups, such as useradd, are no longer available. Passwords may still be
-assigned by setting the user's <literal>hashedPassword</literal> option. A
-hashed password can be generated using <command>mkpasswd -m sha-512</command>
-after installing the <literal>mkpasswd</literal> package.</para>
+and groups, such as useradd, are no longer available.</para>

 <para>A user ID (uid) is assigned automatically.  You can also specify
 a uid manually by adding
@@ -66,14 +63,14 @@ commands such as <command>useradd</command>,
 account named <literal>alice</literal>:

 <screen>
-# useradd -m alice</screen>
+$ useradd -m alice</screen>

 To make all nix tools available to this new user use `su - USER` which 
 opens a login shell (==shell that loads the profile) for given user. 
 This will create the ~/.nix-defexpr symlink. So run:

 <screen>
-# su - alice -c "true"</screen>
+$ su - alice -c "true"</screen>


 The flag <option>-m</option> causes the creation of a home directory
@@ -82,7 +79,7 @@ have an initial password and therefore cannot log in.  A password can
 be set using the <command>passwd</command> utility:

 <screen>
-# passwd alice
+$ passwd alice
 Enter new UNIX password: ***
 Retype new UNIX password: ***
 </screen>
@@ -90,7 +87,7 @@ Retype new UNIX password: ***
 A user can be deleted using <command>userdel</command>:

 <screen>
-# userdel -r alice</screen>
+$ userdel -r alice</screen>

 The flag <option>-r</option> deletes the user’s home directory.
 Accounts can be modified using <command>usermod</command>.  Unix
--- a/nixos/doc/manual/configuration/wireless.xml
+++ b/nixos/doc/manual/configuration/wireless.xml
@@ -41,13 +41,13 @@ If you are using WPA2 the <command>wpa_passphrase</command> tool might be useful
 to generate the <literal>wpa_supplicant.conf</literal>.

 <screen>
-# wpa_passphrase ESSID PSK > /etc/wpa_supplicant.conf</screen>
+$ wpa_passphrase ESSID PSK > /etc/wpa_supplicant.conf</screen>

 After you have edited the <literal>wpa_supplicant.conf</literal>,
 you need to restart the wpa_supplicant service.

 <screen>
-# systemctl restart wpa_supplicant.service</screen>
+$ systemctl restart wpa_supplicant.service</screen>
 </para>

 </section>
--- a/nixos/doc/manual/configuration/x-windows.xml
+++ b/nixos/doc/manual/configuration/x-windows.xml
@@ -5,7 +5,7 @@
         xml:id="sec-x11">

 <title>X Window System</title>
-
+    
 <para>The X Window System (X11) provides the basis of NixOS’ graphical
 user interface.  It can be enabled as follows:
 <programlisting>
@@ -25,23 +25,19 @@ Otherwise, you can only log into a plain undecorated
 <command>xterm</command> window.  Thus you should pick one or more of
 the following lines:
 <programlisting>
-services.xserver.desktopManager.plasma5.enable = true;
+services.xserver.desktopManager.kde4.enable = true;
 services.xserver.desktopManager.xfce.enable = true;
-services.xserver.desktopManager.gnome3.enable = true;
 services.xserver.windowManager.xmonad.enable = true;
 services.xserver.windowManager.twm.enable = true;
 services.xserver.windowManager.icewm.enable = true;
-services.xserver.windowManager.i3.enable = true;
 </programlisting>
 </para>

 <para>NixOS’s default <emphasis>display manager</emphasis> (the
 program that provides a graphical login prompt and manages the X
-server) is SLiM. You can select an alternative one by picking one
-of the following lines:
+server) is SLiM.  You can select KDE’s <command>kdm</command> instead:
 <programlisting>
-services.xserver.displayManager.sddm.enable = true;
-services.xserver.displayManager.lightdm.enable = true;
+services.xserver.displayManager.kdm.enable = true;
 </programlisting>
 </para>

@@ -52,7 +48,7 @@ services.xserver.autorun = false;
 </programlisting>
 The X server can then be started manually:
 <screen>
-# systemctl start display-manager.service
+$ systemctl start display-manager.service
 </screen>
 </para>

@@ -119,14 +115,5 @@ services.xserver.synaptics.twoFingerScroll = true;

 </simplesect>

-<simplesect><title>GTK/Qt themes</title>
-
-<para>GTK themes can be installed either to user profile or system-wide (via
-<literal>system.environmentPackages</literal>). To make Qt 5 applications look similar
-to GTK2 ones, you can install <literal>qt5.qtbase.gtk</literal> package into your
-system environment. It should work for all Qt 5 library versions.
-</para>
-
-</simplesect>

 </chapter>
--- a/nixos/doc/manual/configuration/xfce.xml
+++ b/nixos/doc/manual/configuration/xfce.xml
@@ -1,105 +0,0 @@
-<chapter xmlns="http://docbook.org/ns/docbook"
-         xmlns:xlink="http://www.w3.org/1999/xlink"
-         xmlns:xi="http://www.w3.org/2001/XInclude"
-         version="5.0"
-         xml:id="sec-xfce">
-
-    <title>Xfce Desktop Environment</title>
-
-    <para>
-        To enable the Xfce Desktop Environment, set
-        <programlisting>
-services.xserver.desktopManager = {
-    xfce.enable = true;
-    default = "xfce";
-};
-        </programlisting>
-    </para>
-
-    <para>
-        Optionally, <emphasis>compton</emphasis>
-        can be enabled for nice graphical effects, some example settings:
-        <programlisting>
-services.compton = {
-  enable          = true;
-  fade            = true;
-  inactiveOpacity = "0.9";
-  shadow          = true;
-  fadeDelta       = 4;
-};
-        </programlisting>
-    </para>
-
-    <para>
-        Some Xfce programs are not installed automatically.
-        To install them manually (system wide), put them into your
-        <literal>environment.systemPackages</literal>.
-    </para>
-
-    <para>
-        NixOS’s default <emphasis>display manager</emphasis> is SLiM.
-        (DM is the program that provides a graphical login prompt
-         and manages the X server.)
-        You can, for example, select KDE’s
-        <command>sddm</command> instead:
-        <programlisting>
-services.xserver.displayManager.sddm.enable = true;
-        </programlisting>
-    </para>
-
-    <simplesect>
-        <title>Thunar Volume Support</title>
-
-        <para>
-            To enable
-            <emphasis>Thunar</emphasis>
-            volume support, put
-            <programlisting>
-services.xserver.desktopManager.xfce.enable = true;
-            </programlisting>
-            into your <emphasis>configuration.nix</emphasis>.
-        </para>
-
-    </simplesect>
-
-    <simplesect>
-        <title>Polkit Authentication Agent</title>
-
-        <para>
-            There is no authentication agent automatically installed alongside
-            Xfce. To allow mounting of local (non-removable) filesystems, you
-            will need to install one.
-
-            Installing <emphasis>polkit_gnome</emphasis>, a rebuild, logout and
-            login did the trick.
-        </para>
-
-    </simplesect>
-
-    <simplesect>
-        <title>Troubleshooting</title>
-
-        <para>
-            Even after enabling udisks2, volume management might not work.
-            Thunar and/or the desktop takes time to show up.
-
-            Thunar will spit out this kind of message on start
-            (look at <command>journalctl --user -b</command>).
-
-            <programlisting>
-Thunar:2410): GVFS-RemoteVolumeMonitor-WARNING **: remote volume monitor with dbus name org.gtk.Private.UDisks2VolumeMonitor is not supported
-            </programlisting>
-
-            This is caused by some needed GNOME services not running.
-            This is all fixed by enabling "Launch GNOME services on startup" in
-            the Advanced tab of the Session and Startup settings panel.
-            Alternatively, you can run this command to do the same thing.
-            <programlisting>
-$ xfconf-query -c xfce4-session -p /compat/LaunchGNOME -s true
-            </programlisting>
-            A log-out and re-log will be needed for this to take effect.
-        </para>
-
-    </simplesect>
-
-</chapter>
--- a/Show More
+++ b/Show More
@@ -1 +1 @@
 .03
 .03