@roberth Thanks for the input, sorry to say that it will likely take me some time to react.

In the meantime: The eval fails with an error I'm not seeing locally:

  error:
       Failed assertions:
       - Your system configures nixpkgs with an externally created instance.
       `nixpkgs.config` options should be passed when creating the instance instead.

I would appreciate some guidance on how to reproduce / avoid this.

I would appreciate some guidance on how to reproduce / avoid this.

Looking at generic/check-meta.nix#126 it looks like the safest way to solve this would be to enhance that code to change the fallback function to look into nixpkgs.config.allowUnfreePackages by default, and not have a type for that thing at all, but just some configuration.

The whole thing is constructed in this strange way, which makes me think that there may be a rationale behind this? Perhaps something like that one can share the nixpkgs.config variable safely with a new instance of nixpkgs when importing it?

I have to admit that I don't really understand why this is built like this. :/

Failed assertions:
       - Your system configures nixpkgs with an externally created instance.
       `nixpkgs.config` options should be passed when creating the instance instead.

There's 2 ways to use Nixpkgs: standalone, where NixOS configures Nixpkgs, or you can use NixOS with an already configured Nixpkgs. Yours seems to be of the latter kind, based on the error message. You could either change it to ignore the pkgs you already have, or you could change the config where that pkgs is constructed.
To say anything with more certainty, I'd have to know more about how you NixOS config is created.

@roberth Not quite sure I get you, that error is from a check in a GitHub runner - not from my system. From reading the code it seems likely (though I didn't find anything definitive) that what I am doing in the code, that is setting something in nixpkgs.config from inside nixpkgs is unwanted? I don't quite grok the message and the code that generates it so the intent of that error message is not clear to me.

@roberth I think I found a better way to integrate this functionality. This involves a custom merge function on the nixpkgs.config type (which seems a bit messy), but the beauty is, that building the predicate now happens in check-meta.nix as a fallback if no predicate is defined. Therefore hopefully sidestepping the eval failure I this idea created before.

To me, there should probably be some sort of assertion to prevent you defining both a predicate and the list of package names, but at least it works, and doesn't complain in the nixpkgs checks, so this is hopefully a good start.

Some more points for discussion / input that I gathered from reading the code, but am not sure I get correctly as I haven't found any documentation on this:

• Is there a specific reason why the config attribute is not a normal nixpkgs module that merges via it's types, as they are defined in pkgs/top-level/config.nix? Something I was thinking of, is that this allows sharing the config attribute set between different nixpkgs instances (i.e. copying it over from your normal nixpkgs to nixpkgs-unstable or a local nixpkgs-dev)
• This might also be the reason why it is a good idea to have a collection of strings in there, instead of jut collecting the packages directly. Is that the case? Is there some other reason?
• Would it be better to assert that packages cannot be set together with the predicate? Or should the two be merged? Or should we allow that the predicate overrides the package list?

I guess there is more, but I would really like some input on these questions to know how to develop this further.

For this I would like to ping @roberth and perhaps @emilazy or some of the contributors who worked on this previously like @Stunkymonkey or @Mic92 or @reckenrode (at least if I interpret the history of these files correctly. Sorry if I don't).

@roberth I would also appreciate another review from you.

This is working for me. 🎉 But the pull request title and commit descriptions still refer to nixpkgs.allowUnfreePackages, which confused me while I was switching over.

@Majiir am I missing something? What would you have expected the pull request title to be?

The new option is nixpkgs.config.allowUnfreePackages, not nixpkgs.allowUnfreePackages.

This pull request has been mentioned on NixOS Discourse. There might be relevant details there:

https://discourse.nixos.org/t/prs-in-distress/3604/127

This pull request has been mentioned on NixOS Discourse. There might be relevant details there:

https://discourse.nixos.org/t/prs-ready-for-review/3032/6326

Thank you for your patience in waiting for the review and merge.

There are two followup tasks here:

• Tree-wide, use the new option where it makes sense (tree-wide: use allowUnfreePackages where applicable #484367)
• In pkgs/stdenv/generic/check-meta.nix you will find the code which suggests allowUnfreePredicates to the user to allow specific unfree packages when attempting to eval them. This should be changed to suggest allowUnfreePackages instead, although this requires a slight rework of remediate_allowlist / remediate_predicate.

Regarding of sharing the option type between nixos and pkgs made this pr for that #489889