| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
github-copilot-cli (broken)
nodePackages was removed wholesale from nixpkgs; everything that lived
under it must be referenced via its top-level name or dropped.
- prettier: moved nodePackages.prettier -> prettier (top-level alias).
- jsonlint: not available at top level. Dropped from nix/common.nix
AND from the nvim-lint and conform-nvim configs in
dot_config/nvim/lua/plugins/lsp.lua. jsonls already provides
schema-aware diagnostics; jq still handles formatting. The
jsonlint redundancy is acceptable to lose.
- github-copilot-cli (1.0.40 in nixpkgs): buildNpmPackage derivation
doesn't redirect HOME during npm postinstall, so it fails with
EACCES on /var/empty/.cache on Determinate nix. Removed; install
manually from https://github.com/github/copilot-cli into
/usr/local/bin/ as before (current host already has it there).
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
in nix-switch
- gh-actions-language-server is an npm package (lttb/gh-actions-language-server)
not packaged in nixpkgs. Removed from nix/common.nix and from the
vim.lsp.enable list in dot_config/nvim/lua/plugins/lsp.lua. Restore
later via a per-project flake.nix if working on a workflows-heavy repo.
- just runs recipes with a sanitized env where $USER may be unset;
home-manager's activation script dereferences it unconditionally
and fails with 'USER: unbound variable'. Export USER (and HOME for
symmetry) at the top of the nix-switch recipe.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
LSPs, formatters, linters, and the lldb-dap debugger now come from
~/.nix-profile/bin (see nix/common.nix). lspconfig keeps the default
configs; we just opt-in via vim.lsp.enable() with an explicit list.
Changes:
- dot_config/nvim/lua/plugins/lsp.lua: drop mason*, replace
mason-lspconfig handler with explicit vim.lsp.enable({...}); drop
groovy/jenkins formatters and lint entries; drop systemd lint
(nginx + groovy + systemdlint tools dropped per plan).
- dot_config/nvim/lua/plugins/debug.lua: drop mason-nvim-dap; drop
codelldb adapter; switch dap.configurations.cpp to type='lldb'
(lldb-dap is the upstream successor, ships with pkgs.lldb).
- dot_config/nvim/init.lua: remove mason.nvim, mason-lspconfig.nvim,
mason-tool-installer.nvim, mason-nvim-dap.nvim from vim.pack.add.
- dot_config/nvim/lua/config/update.lua: remove MasonToolsUpdateSync.
- dot_config/zsh/dot_zshrc: flip plugin source order — prefer
~/.nix-profile/share, fall back to /usr/share/zsh (was the other
way around).
- nix/bootstrap.sh: drop the uv-python3.11 step (no longer needed
once Mason no longer source-builds Python LSPs on Ubuntu 20.04).
Phase 6 of the nix-on-host migration plan.
|
| |
|
|
|
|
|
| |
nvim_create_user_command passes the callback a table with command
metadata (args, bang, ...). Newer neovim's vim.pack.update validates
its first arg as a list of names — that metadata table fails the
list check with 'names: expected list, got table'. Wrap it.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Mason's pypi distribution of basedpyright pulls nodejs-wheel-binaries
which only ships manylinux_2_28 Linux wheels. uv's python-build-
standalone interpreter is tagged manylinux2014 (glibc 2.17 for max
portability) and rejects those wheels; pip then falls back to building
Node 24 from source, which fails on Ubuntu 20.04's gcc 9.4 (needs
gcc >=10 for -std=gnu++20).
Provide basedpyright via the system package manager instead:
- pacman on Arch (added to meta/base.txt)
- pkgs.basedpyright on the VM (added to remote-dev/home.nix)
Drop it from mason-tool-installer's ensure_installed; lspconfig picks
it up from PATH. Document the exception in remote-dev/README.md.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously `clipboard` was set to empty inside SSH sessions on the
assumption no clipboard tool would be reachable. That broke yank →
host-clipboard on the remote-dev VM.
nvim ≥0.10 ships a built-in OSC 52 provider
(vim.ui.clipboard.osc52). The terminal emulator (ghostty locally,
zellij forwarding inside it) handles the escape sequence and writes
to the host's clipboard, so we get yank-to-host without needing
wl-copy/xclip on the VM. Paste over OSC 52 is rarely supported by
terminals (security), so we wire it but it's effectively a no-op;
bracketed paste from the terminal still delivers clipboard contents
into the buffer.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
User policy: Mason should install everything it lists regardless of
host-provided versions. Revert the PATH-filtering wrapper around
ensure_installed (b2f129e) — back to a plain table literal.
For shellharden specifically, Mason's only install source is
`cargo install`. The Arch host has cargo via base-devel/rustup; the
VM previously didn't, so Mason errored "ENOENT cargo". Add `cargo`
and `rustc` to the remote-dev nix profile so Mason can build it on
the VM too. Drop the shellharden package from home.nix — Mason owns
it now, no more provider competition with the nix-profile binary.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Mason's installer tries one source per package. For tools that we
already provide via the system package manager (Arch pkgs on the
host) or nix-profile (on the remote-dev VM), Mason will keep trying
to (re-)install via cargo/pip/etc. and report failures — but
conform.nvim/nvim-lint resolve their binary from PATH anyway, so
the Mason install is redundant.
Filter ensure_installed at startup against vim.fn.executable(). Keeps
behaviour identical on a fresh host (Mason still pulls everything),
but silences spurious failures for tools that the user has chosen to
provide system-wide (shellharden via nix-profile being the immediate
case).
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
JRE/shellharden/python3-venv
copilot.lua was hard-coding the chezmoi-pinned Node 24 at
~/.local/share/copilot-node/bin/node, which only exists on the Arch
host where chezmoi runs run_onchange_after_install-copilot-node.sh.
On the remote-dev VM the path is absent, so copilot-language-server
spawned with cmd[0]=<missing> and printed 'Could not determine
Node.js version'. Probe the pinned path with vim.fn.executable() and
fall back to 'node' from PATH otherwise.
For the VM PATH 'node' to be a supported version, switch home.nix
from the rolling 'nodejs' alias to 'nodejs_24' (the version the
chezmoi script also pins on the host).
Address the cluster of Mason install failures on the VM:
- autotools-language-server, codespell, mdformat,
nginx-language-server, systemdlint -- pip-installed; fail because
Ubuntu's python3 ships without venv. bootstrap.sh now apt-installs
python3-venv; README documents the manual command for existing VMs.
- groovy-language-server -- needs a JRE. Add 'jre' to home.packages.
- shellharden -- Mason's cargo fallback can't run under our
leaf-tools policy. Provide the binary via nix-profile instead so
Mason finds it on PATH.
|
| |
|
|
|
|
| |
Pure formatter output from shfmt (2-space indent, '|' line breaks),
prettier (KEYBINDS.md), and 'just fmt' (justfile blank line).
No behavior change.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
copilot-language-server emits 'HTTP 200 response does not appear to
originate from GitHub' under Node 26 (the current Arch nodejs). Upstream
tracking:
https://github.com/zbirenbaum/copilot.lua/issues/695
https://github.com/github/copilot.vim/issues/282
https://github.com/github/copilot-language-server-release/issues/45
Workaround universally confirmed in those threads is to run the
language-server under Node 24. Rather than downgrade system nodejs (used
by lots of other tooling) install a private Node 24 under
~/.local/share/copilot-node/ via a chezmoi run_onchange script that
verifies the official sha256, and point copilot.lua at it via
copilot_node_command. Drop in once, bump NODE_VERSION when the upstream
incompatibility is resolved.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Two related changes around the 'just update' UX:
1. nvim-update no longer runs --headless. The diff buffer that
vim.pack.update opens *is* the per-plugin changelog, and that was
being thrown away under headless. Drop --headless from the justfile
recipe and the trailing :qa! from config.update.run() so the buffer
stays open until the user reviews and quits manually. Mason output
was already visible because mason-tool-installer print()s.
2. New waybar 'custom/update' module + matching mako notification as a
gentle staleness reminder, replacing any temptation to run
unattended pacman -Syu (a bad idea on Arch: rolling, news-driven
manual interventions, AUR rebuilds, partial-upgrade hazards).
Source of truth: /var/log/pacman.log — last '[PACMAN] starting full
system upgrade'. No daemon, no -Sy poll, no extra state file beyond
a per-session notify-throttle stamp in $XDG_RUNTIME_DIR.
Tiers (hours since last full upgrade):
< 24h hidden (":empty" via #custom-update.fresh padding 0)
24-168h yellow + normal-urgency mako, throttled to 1/24h
>= 168h red + critical-urgency mako, throttled to 1/24h
Click runs 'just update' in a floating ghostty.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
doas's one-shot password and absent 'sudo -v' kept wasting hour-long
paru AUR builds. sudo-rs is a memory-safe Rust rewrite (ISRG/Ferrous
Systems), drop-in CLI compatible, and the same one Ubuntu 25.10 ships
as default. We follow the Arch wiki 'Using sudo-rs without the sudo
package' recipe verbatim — no custom shims.
- meta/base.txt: -doas-sudo-shim +sudo-rs
- etc/sudoers-rs (mode 0440): wiki minimal config + NOPASSWD reboot/poweroff
- etc/pam.d/sudo: 4-line copy of upstream sudo's PAM file
- run_onchange_after_deploy-etc.sh.tmpl: use real sudo, deploy sudoers-rs
at 0440, create /etc/pam.d/sudo-i and /usr/local/bin/{sudo,sudoedit,
su,visudo} → sudo-rs symlinks idempotently
- delete etc/doas.conf, dot_local/bin/{doasedit,sudo}
- zshrc: drop sudo=doas/sudoedit=doasedit aliases; rewrite ss/gimme/
pacdiff/ssys to call sudo
- justfile: s/doas/sudo/g (status/diff/restore helpers)
- nvim: rename :DoasWrite → :SudoWrite (uses sudo -S)
- sway config: reboot/poweroff buttons call sudo
- bootstrap.sh: update step-5 comment
- README/KEYBINDS/copilot-instructions: flip the privesc convention
No Defaults overrides: sudo's defaults (passwd_tries=3,
timestamp_timeout=5) already fix the doas pain, and paru SudoLoop
(kept) refreshes the 5-min window via real sudo -v.
|
| |
|
|
|
|
|
|
|
|
|
| |
overseer.nvim removed save/load_task_bundle in the "task bundles get the
axe" refactor, which caused auto-session to error on every session restore:
/lua/plugins/session.lua:27: attempt to call field 'load_task_bundle'
(a nil value)
Remove the pre_save/pre_restore/post_restore hooks that called the removed
API. DAP breakpoint save/restore via save_extra_data is preserved.
|
| |
|
|
|
| |
selene's neovim stdlib doesn't expose io.stdout:write/:flush. print()
goes to the same place in headless mode and is already allowed.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
New recipes (new 'Updates' section after 'Day-to-day'):
- update: pkg-update nvim-update
- pkg-update: paru -Syu
- nvim-update: nvim --headless +'lua require("config.update").run()'
New dot_config/nvim/lua/config/update.lua drives the headless session:
clean orphan plugins, vim.pack.update with force=true (skips the confirm
buffer since this is unattended; changes still go to nvim-pack.log),
then :MasonToolsUpdateSync — the blocking variant intended for headless
Interactive :PackSync stays unchanged (confirm buffer remains visible
for reviewed updates).
|
| |
|
|
|
|
| |
Auto-writing it defeated the purpose — no feedback on what changed.
Now :PackUpdate and :PackSync show the confirm buffer; user reviews
and :w to apply or :q to cancel. Matches vim.pack's intended UX.
|
| |
|
|
|
|
|
|
|
| |
Upstream broke itself today by adding require('async') without shipping
lua/async.lua. I never use these mappings anyway. Removed the plugin
spec, setup call, <leader>r* keymaps, and the which-key group entry.
plenary.nvim stays — neogit still depends on it.
Run :PackClean afterwards to prune the on-disk plugin.
|
| |
|
|
|
|
|
|
| |
The seeded lockfile offered little value for a single-user setup: fresh
bootstraps will resolve version specs at install time, and any meaningful
pinning is already expressed in init.lua's vim.pack.add() specs. Added
an explicit .chezmoiignore entry so the runtime file doesn't show up as
drift.
|
| |
|
|
|
|
|
| |
The file is owned by vim.pack at runtime — tracking it causes constant
chezmoi drift on every plugin update. The create_ prefix writes it once
on fresh machines and leaves it alone after. Manually chezmoi re-add
when you want to snapshot a known-good revision set.
|
| |
|
|
|
|
|
| |
It drives its async git ops with internal vim.wait and makes the confirm
buffer current before returning. No need for a FileType autocmd: just
write the buffer if the filetype matches (guards the 'Nothing to update'
case where no buffer is created).
|
| |
|
|
|
|
| |
Using force=true hid all feedback. Now we let vim.pack.update open its
confirmation buffer (showing pending changes) and auto-:write it via a
one-shot FileType=nvim-pack autocmd. User sees what updated.
|
| |
|
|
|
| |
Uses vim.pack.get() and prints one line per plugin:
● (active) or ○ (orphan), name, short rev, version spec.
|
| |
|
|
|
|
|
|
|
|
| |
Wraps vim.pack for a more ergonomic workflow:
- :PackClean - delete plugins no longer declared in vim.pack.add()
(computed from vim.pack.get() where active == false)
- :PackUpdate - run vim.pack.update(nil, { force = true }); skips
the confirmation buffer
- :PackSync - :PackClean followed by :PackUpdate
|
| |
|
|
|
| |
Required by the 'just lint' and 'just fmt' recipes for lua linting and
TOML format/lint respectively.
|
| |
|
|
|
|
|
|
|
|
| |
Inline directives for cases where the linter's shell/language dialect
doesn't match reality:
- init.lua: _G.P helper is intentional
- dot_zprofile: zsh tied arrays, $+commands, optional sourcing
- dot_zshrc: zsh brace-group-as-function-body
- ipython_config: 'c' is injected by IPython at load time
- doasedit: /bin/sh on Arch is bash, -O test is supported
|
| |
|
|
| |
Also removes a stray ANSI escape in treesitter.lua.
|
| | |
|
|
|
Rename home/ contents to chezmoi naming conventions:
- dot_ prefix for dotfiles and dot-dirs
- private_dot_ for .gnupg and .ssh directories
- private_ for 0600 files (nym.pub)
- executable_ for scripts in .local/bin and display-toggle.sh
- symlink_ for mimeapps.list symlink
|
sommerfeld