From 0d96fd6e2b375c127ab80d7170343fc44d4630f7 Mon Sep 17 00:00:00 2001
From: sommerfeld <sommerfeld@sommerfeld.dev>
Date: Wed, 20 May 2026 13:56:10 +0100
Subject: feat(pkg,nix): migrate 14 leaf tools to nix; drop 6 unused packages
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Migrated to Home-Manager (nix/common.nix):

  duf, gdu, nmap, procs, yazi, difftastic, direnv (was duplicated),
  git-absorb, samply, strace, t-rec, act, pandoc, gdb, lldb

  lldb stays nix-only (no longer in base.txt) — per user policy, only
  ever used to debug own builds, so glibc/kernel ABI skew vs the
  pacman-built system isn't a concern. Same logic could extend to
  valgrind, but valgrind has tighter glibc compat needs; perf links
  against kernel ABI and must match the running kernel. Both stay
  pacman.

  uv was already in nix; removed pacman duplicate.

Kept on pacman (cannot migrate without breaking system builds, per
nix/common.nix policy that bans compilers/linkers/build systems on
PATH):

  ccache, clang, cmake, lld, mold, ninja, npm, rustup, sccache,
  podman-compose, podman-docker (system runtime integration),
  perf, valgrind (kernel/glibc-coupled), unzip (transitive via base),
  doxygen (huge nixpkgs closure not worth it).

Dropped entirely (unused):

  android-tools, go, gpg-tui, luarocks (was for Mason-managed nvim
  plugin deps; Mason is gone), bash-completion (zsh-only setup),
  pandoc-bin (replaced by nix pandoc).

  jdk21-openjdk kept — still needed for the groovy/jenkins toolchain
  paths in nvim.

Rewrote the --- dev --- section comment to explain the policy.
---
 nix/common.nix | 29 +++++++++++++++++++++++++----
 1 file changed, 25 insertions(+), 4 deletions(-)

(limited to 'nix')

diff --git a/nix/common.nix b/nix/common.nix
index 66cd6ac..091a263 100644
--- a/nix/common.nix
+++ b/nix/common.nix
@@ -52,6 +52,8 @@ in
     gh
     delta
     mergiraf
+    git-absorb
+    difftastic
 
     # JSON / YAML
     jq
@@ -61,19 +63,36 @@ in
     htop
     fastfetch
     hyperfine
+    duf
+    gdu
+    procs
+    yazi
 
     # Net
     curl
     curlie
     wget
     dog
+    nmap
     rsync
     openssh
 
+    # Debug / trace / profile — moved off pacman. User policy: only
+    # used against own builds, so glibc/kernel version skew vs the
+    # system isn't an issue. `perf` and `valgrind` stay system: `perf`
+    # links against kernel ABI (pacman's matches the running kernel);
+    # `valgrind` has tighter glibc compat requirements.
+    gdb
+    lldb        # also brings lldb-dap (used by dap.lua via type="lldb")
+    strace
+    samply
+    t-rec
+
     # Docs
     tldr
     man-db
     man-pages
+    pandoc
 
     # Secrets — `pass-otp` is wired as an extension so `pass otp ...`
     # works against the same store. `pass` from pacman is removed.
@@ -83,6 +102,9 @@ in
     # C/C++ source tooling (no compiler driver in PATH)
     clang-tools
 
+    # CI runner (drives podman from pacman; act itself is just a Go binary)
+    act
+
     # Editor/AI agent runtimes — NOT for project builds (see policy above)
     nodejs_24 # copilot-language-server requires Node 24 (see ai.lua)
     uv        # for project tooling that asks for `uv`/`uvx`; brings no python
@@ -136,10 +158,9 @@ in
     typos
     yamllint
 
-    # DAPs / debuggers — `lldb-dap` (from pkgs.lldb) is the upstream
-    # successor to vscode-lldb's `codelldb`. dap configs in
-    # plugins/debug.lua target it via `type = "lldb"`.
-    lldb
+    # DAPs / debuggers — `lldb-dap` ships in pkgs.lldb (declared in the
+    # debug/trace block above). dap configs in plugins/debug.lua target
+    # it via `type = "lldb"`.
 
     # Zsh and plugins (loaded from $HOME/.nix-profile/share/... by the
     # shared zshrc; nix-profile path is preferred, system path is the
-- 
cgit v1.3.1