Jonathan Ringer

Fix for me was to use `trusted-substituters` (or `extra-trusted-substituters`) instead of `extra-substituters` since the `extra-` get's pruned with the setting merging logic https://github.com/NixOS/nix/blob/9d860f34673fbf07a2cf07ff854ae6683dae2fb8/src/libexpr/flake/config.cc#L38 and `substituters` isn't a valid [nix.conf value](https://nixos.org/manual/nix/stable/command-ref/conf-file.html#conf-trusted-substituters).

I found a potential short term solution, and this is probably a rare scenario https://github.com/NixOS/nixpkgs/pull/158856

> looking at other builtins: most of them do not set positions for attributes they create. this isn't currently fixable without a lot of `const_cast`ing (which might make merging a...

You would see a position error in https://repology.org/log/10896122

It's still quite a WIP, but the first few chapters I think are in a decent rough-draft state

~@fricklerhandwerk~ @infinisil Wow, your note taking is excellent

numpy removed some of their "deprecated" APIs. Not sure why they didn't do a major version bump... EDIT: looks like major version bumps are for ABI changes, but minor versions...

another option would be to create a "project" subcommand: ``` nix-template project python ```

nixops is poised to being marked vulnerable in nixpkgs https://github.com/NixOS/nixpkgs/issues/101964 EDIT: invulnerable -> vulnerable

Once https://github.com/NixOS/nixpkgs/pull/104726 gets merged and back-ported, people will have to explicitly add: ``` { permittedInsecurePackages = [ "python2.7-cryptography-2.9.2" ]; } ``` for nixops to work.