From eb1af216cf6442138e46448c0f503276aba4d55f Mon Sep 17 00:00:00 2001
From: William Carroll <wpcarro@gmail.com>
Date: Thu, 2 Jul 2020 14:39:08 +0100
Subject: [PATCH] Clear $NIX_PATH

Ensure that $NIX_PATH is empty using a .envrc file. nix.dev considers references
to <nixpkgs>, <briefcase>, <depot>, <unstable> to be an anti-pattern because it
hinders reproducibility by introducing an implicit environment.

This repository is chock-full of references to
<{nixpkgs,unstable,briefcase,depot}>, so right now everything is broken.
---
 .envrc      |  6 +++++-
 default.nix | 22 ++++++++++++++++++----
 2 files changed, 23 insertions(+), 5 deletions(-)

diff --git a/.envrc b/.envrc
index 47a1605b5..db68a946a 100644
--- a/.envrc
+++ b/.envrc
@@ -1,6 +1,10 @@
 export BRIEFCASE="$(realpath ~/briefcase)"
 export DEPOT="$(realpath ~/depot)"
 export NIXPKGS="$(realpath ~/nixpkgs)"
-export NIX_PATH="nixpkgs=${NIXPKGS}:unstable=$(realpath ~/nixpkgs-channels):depot=${DEPOT}:briefcase=${BRIEFCASE}";
+# I'm ensuring that $NIX_PATH is unset to avoid the anti-pattern of depending on
+# <nixpkgs>, <briefcase>, <depot>, <unstable>.
+# For more information about setting this to "", see:
+# https://nix.dev/tutorials/towards-reproducibility-pinning-nixpkgs.html#pinning-nixpkgs
+export NIX_PATH="";
 export DESKTOP="zeno.lon.corp.google.com";
 export LAPTOP="seneca";
diff --git a/default.nix b/default.nix
index a60fd6679..9c8c711ef 100644
--- a/default.nix
+++ b/default.nix
@@ -1,10 +1,24 @@
 { ... }:
 
 let
-  readTree = import <depot/nix/readTree> {} {
-    pkgs      = import <nixpkgs> {};
-    depot     = import <depot> {};
-    briefcase = import <briefcase> {};
+  depot = import (builtins.fetchGit {
+    url = "https://cl.tvl.fyi/depot";
+    rev = "a2e86152401c7c531801c79347c3f15e1806aabc";
+  }) {};
+  readTree = depot.readTree {
+    pkgs = import (builtins.fetchGit {
+      url = "https://github.com/NixOS/nixpkgs";
+      rev = "f1a79c86358c5464c64b4fad00fca07a10e62a74";
+    }) {};
+    unstable = import (builtins.fetchGit {
+      url = "https://github.com/NixOS/nixpkgs";
+      rev = "b3251e04ee470c20f81e75d5a6080ba92dc7ed3f";
+    }) {};
+    briefcase = import (builtins.path {
+      path = ./.;
+      name = "briefcase";
+    }) {};
+    depot = depot;
   };
 in {
   nixos       = readTree ./nixos;