fix(nix): restrict package source to git-tracked files

Replace denylist approach with gitTracked to exclude node_modules, dist, .git, and any other untracked artifacts from the derivation. Keeps the nix/flake/md exclusions as they are nix-only or non-source.
2026-04-12 18:14:44 -05:00
parent 456816ab2e
commit f106cc6835
1 changed files with 1 additions and 11 deletions
@@ -16,24 +16,14 @@ buildNpmPackage {
  src =
    let
      fs = lib.fileset;
-      maybe = fs.maybeMissing;
    in
    fs.toSource {
      root = ../.;
-      fileset = fs.difference ../. (
+      fileset = fs.difference (fs.gitTracked ../.) (
        fs.unions [
          ../nix
          ../flake.nix
          ../flake.lock
-          (maybe ../release)
-          (maybe ../test-results)
-          (maybe ../playwright-report)
-          (maybe ../.github)
-          (maybe ../.vscode)
-          (maybe ../.idea)
-          (maybe ../.kiro)
-          (maybe ../.envrc)
-          (maybe ../.direnv)
          (fs.fileFilter (file: file.hasExt "md") ../.)
        ]
      );