Policy
Nix is banned estate-wide; Guix is the sole package manager (owner directive). The current guix-nix-policy workflow/check is named "Guix primary / Nix fallback" and its logic explicitly accepts Nix as a fallback (✅ Nix package management detected (fallback)) and suggests adding flake.nix. This contradicts the ban.
Do
- Restate the canonical policy as Guix-only, Nix-present → FAIL.
- Update the canonical
guix-nix-policy workflow (templated estate-wide) so any *.nix/flake.* present fails the check; drop the "add flake.nix" suggestion; rename the step away from "Nix fallback".
- This is the policy source; the estate rollout/execution is tracked in reposystem (Nix-deletion sweep + policy-template propagation).
Context
Estate scan 2026-06-22: 66 repos carry Nix (138 flake.nix, 32 flake.lock, +11 .nix), 53 repos have a use flake block in .envrc, 13 CI files use Nix. See dev-notes/ Nix scan.
Policy
Nix is banned estate-wide; Guix is the sole package manager (owner directive). The current
guix-nix-policyworkflow/check is named "Guix primary / Nix fallback" and its logic explicitly accepts Nix as a fallback (✅ Nix package management detected (fallback)) and suggests addingflake.nix. This contradicts the ban.Do
guix-nix-policyworkflow (templated estate-wide) so any*.nix/flake.*present fails the check; drop the "add flake.nix" suggestion; rename the step away from "Nix fallback".Context
Estate scan 2026-06-22: 66 repos carry Nix (138 flake.nix, 32 flake.lock, +11 .nix), 53 repos have a
use flakeblock in.envrc, 13 CI files use Nix. Seedev-notes/Nix scan.