Feature request: Snap or Flatpak

[ghost]

In order to support more distros, it would be great to have one of the above. There's surely a way to publish those with a CI at every release. Hopefully it will reduce the size of the executable too since at the moment the archive is 300MB. That's pretty large for a browser.

[jmercouris]

Hi, thank you for your interest in the project! Currently we use Guix because of the many benefits and guarantees it provides, this currently works on any distribution. Do those solutions provide complete reproducibility and transparency for the end-user?

[Ambrevar]

The archive is big because webkit is big and has too many dependencies.

With a bit of work on the Guix packages, we could reduce the size of the dependencies. By how much I don't know :p

[ghost]

Hello @jmercouris

Are you talking about Guix "an advanced distribution of the GNU operating system developed by the GNU Project—which respects the freedom of computer users"?

I'm not sure what you mean by reproducibility, but snap and flatpak sandbox the application and (if I'm not mistaken) run them in containers or sandboxes. Here's a page that compares them.

It should also reduce the size of the published application, especially when other applications use webkit. If a user has electron apps, then they would share the dependency.

There are quite a few distros that come with snapd preinstalled and quite a few with flatpak preinstalled. Therefore out of the box, you'd support a wide range of distros by publishing to either (or both).

[Ambrevar]

Guix is a package manager which you can install on any distribution.

As with Flatpak and Snap, every application that uses WebKit will share the dependency.

See https://guix.gnu.org/blog/2018/tarballs-the-ultimate-container-image-format/ for some technical details.

Reproducibility means that you can rebuild the image on your end and check that you get the exact same result, bit per bit, thus ensuring that you nothing malicious was introduced in the distributed image.

In effect, all non-reproducible flatpaks and snaps are potentially malicious. I would not recommend to run a web browser with such a system.

See https://reproducible-builds.org/ for more.

Hope that helps :)

[ghost]

I see now. Thank you. Indeed it's interesting.

However, since snap and flatpak are already available quite a few distros, while guix isn't, it might help quite a bit to have next be packaged for those - at least until guix is included in the repos of major distros.

[Ambrevar]

Guix is available in Arch Linux, Debian (if not now, very soon), OpenSuse if I'm not mistaken and a few other popular distributions.

For other distributions, Guix can be installed via a simple script from the download page: https://guix.gnu.org/download/

But all this is irrelevant for the Next Guix pack since it does not even require Guix itself: it's a simple archive anyone can extract and execute.

I would prefer to stay away from Snap and Flatpak which don't fit the bill in terms of security requirements.

[ghost]

I guess that settles it

[ghost]

Hello again,

I have been trying to install next using guix on opensuse tumbleweed and it doesn't work. Installing hello works, but it can't find next ("Unknown package"). Multiple guix pulls and nothing.  How can I resolve that error? I find downloading a tarball way less secure so that's one of the things I won't do.

[Ambrevar]

You can also run the tarball in a container.

Regarding your issue with Guix, can you provide an exact recipe of the commands you typed and the outputs you got?

What does

guix search next

return?

Also can you provide the output of

which guix

? Thanks!

[ghost]

Guix 1.0.1

Please find the logs of guix install next and guix search next attached (hopefully emails allow it, otherwise I'll have to update this later).

And how can I run a tar.gz in a container? I don't think that's described on the install page guile: warning: failed to install locale hint: Consider installing the glibc-utf8-locales' orglibc-locales' package and defining `GUIX_LOCPATH', along these lines:

 guix package -i glibc-utf8-locales
 export GUIX_LOCPATH="$HOME/.guix-profile/lib/locale"

See the "Application Setup" section in the manual, for more info.

name: perl-class-c3-adopt-next version: 0.13 outputs: out systems: x86_64-linux i686-linux armhf-linux aarch64-linux mips64el-linux dependencies: perl-list-moreutils@0.428 perl-mro-compat@0.13

• perl-test-exception@0.43 location: gnu/packages/perl.scm:955:2 homepage: https://metacpan.org/release/Class-C3-Adopt-NEXT license: GPL 1+ synopsis: Drop-in replacement for NEXT
  description: This module is intended as a drop-in replacement for NEXT,
• supporting the same interface, but using Class::C3 to do the hard work. relevance: 9

name: sbcl-next version: 1.2.1 outputs: out lib systems: x86_64-linux i686-linux armhf-linux dependencies: gcc@7.4.0 next-gtk-webkit@1.2.1 pkg-config@0.29.2

• sbcl-alexandria@0.0.0-1.926a066 sbcl-anaphora@0.9.6
• sbcl-bordeaux-threads@0.8.6-1.5dce49f sbcl-cl-css@0.1-1.8fe654c
• sbcl-cl-json@0.5-1.6dfebb9 sbcl-cl-markup@0.1-1.e0eb7de
• sbcl-cl-sqlite@0.2-1.c738e66 sbcl-cl-string-match@0-1.5048480
• sbcl-cl-strings@0.0.0-1.c5c5cba sbcl-closer-mop@1.0.0-1.fac29ce
• sbcl-find-port@0.1 sbcl-log4cl@1.1.2 sbcl-parenscript@2.6-1.061d8e2
• sbcl-puri@20180228 sbcl-s-xml-rpc@7 sbcl-slime-swank@2.22
• sbcl-trivial-clipboard@0.0.0.0-2.5af3415 sbcl-trivial-features@0.8
• sbcl-unix-opts@0.1.7 location: gnu/packages/web-browsers.scm:413:2 homepage: https://next.atlas.engineer license: Modified BSD synopsis: Infinitely extensible web-browser (with Lisp development files)
  description: Next is a keyboard-oriented, extensible web-browser inspired by
• Emacs and designed for power users. The application has familiar
• key-bindings, is fully configurable and extensible in Lisp, and has powerful
• features for productive professionals. relevance: 6

name: next-gtk-webkit version: 1.2.1 outputs: out systems: x86_64-linux i686-linux armhf-linux aarch64-linux mips64el-linux dependencies: gcc@7.4.0 glib-networking@2.58.0

• gsettings-desktop-schemas@3.28.0 pkg-config@0.29.2 webkitgtk@2.24.1 location: gnu/packages/web-browsers.scm:369:2 homepage: https://next.atlas.engineer license: Modified BSD synopsis: Infinitely extensible web-browser (user interface only)
  description: Next is a keyboard-oriented, extensible web-browser inspired by
• Emacs and designed for power users. The application has familiar
• key-bindings, is fully configurable and extensible in Lisp, and has powerful
• features for productive professionals. relevance: 6

name: windowmaker version: 0.95.8 outputs: out systems: x86_64-linux i686-linux armhf-linux aarch64-linux mips64el-linux dependencies: fontconfig@2.13.1 giflib@5.1.4 libjpeg@9c libpng@1.6.34

• libtiff@4.0.10 libx11@1.6.6 libxft@2.3.2 libxinerama@1.1.4 libxmu@1.1.2
• pkg-config@0.29.2 location: gnu/packages/gnustep.scm:68:2 homepage: http://windowmaker.org/ license: GPL 2+ synopsis: NeXTSTEP-like window manager
  description: Window Maker is an X11 window manager originally designed to
• provide integration support for the GNUstep Desktop Environment. In every way
• possible, it reproduces the elegant look and feel of the NeXTSTEP user
• interface. It is fast, feature rich, easy to configure, and easy to use. relevance: 5

name: r-systempiper version: 1.18.0 outputs: out systems: x86_64-linux i686-linux dependencies: r-annotate@1.62.0 r-batchtools@0.9.11 r-biocgenerics@0.30.0

• r-biostrings@2.52.0 r-deseq2@1.24.0 r-edger@3.26.0 r-genomicfeatures@1.36.0
• r-genomicranges@1.36.0 r-ggplot2@3.1.1 r-go-db@3.7.0 r-gostats@2.50.0
• r-limma@3.40.0 r-pheatmap@1.0.12 r-rjson@0.2.20 r-rsamtools@2.0.0
• r-shortread@1.42.0 r-summarizedexperiment@1.14.0 r-variantannotation@1.30.0
• r-yaml@2.2.0 location: gnu/packages/bioinformatics.scm:6946:2 homepage: https://github.com/tgirke/systemPipeR license: Artistic License 2.0 synopsis: Next generation sequencing workflow and reporting environment
  description: This R package provides tools for building and running automated
• end-to-end analysis workflows for a wide range of "next generation sequence"
• (NGS) applications such as RNA-Seq, ChIP-Seq, VAR-Seq and Ribo-Seq. Important
• features include a uniform workflow interface across different NGS
• applications, automated report generation, and support for running both R and
• command-line software, such as NGS aligners or peak/variant callers, on local
• computers or compute clusters. Efficient handling of complex sample sets and
• experimental designs is facilitated by a consistently implemented sample
• annotation infrastructure. relevance: 5

name: python2-nose2 version: 0.6.5 outputs: out systems: x86_64-linux i686-linux armhf-linux aarch64-linux mips64el-linux dependencies: python2-cov-core@1.15.0 python2-pytest-cov@2.6.1

• python2-six@1.11.0 location: gnu/packages/check.scm:641:2 homepage: https://github.com/nose-devs/nose2 license: FreeBSD synopsis: Next generation of nicer testing for Python
  description: Nose2 is the next generation of nicer testing for Python, based
• on the plugins branch of unittest2. Nose2 aims to improve on nose by
• providing a better plugin api, being easier for users to configure, and
• simplifying internal interfaces and processes. relevance: 5

name: python-nose2 version: 0.6.5 outputs: out systems: x86_64-linux i686-linux armhf-linux aarch64-linux mips64el-linux dependencies: python-cov-core@1.15.0 python-pytest-cov@2.6.1 python-six@1.11.0 location: gnu/packages/check.scm:641:2 homepage: https://github.com/nose-devs/nose2 license: FreeBSD synopsis: Next generation of nicer testing for Python
description: Nose2 is the next generation of nicer testing for Python, based

• on the plugins branch of unittest2. Nose2 aims to improve on nose by
• providing a better plugin api, being easier for users to configure, and
• simplifying internal interfaces and processes. relevance: 5

name: ngs-sdk version: 2.9.3 outputs: out systems: i686-linux x86_64-linux dependencies: perl@5.28.0 location: gnu/packages/bioinformatics.scm:5516:2 homepage: https://github.com/ncbi/ngs license: Public Domain synopsis: API for accessing Next Generation Sequencing data
description: NGS is a domain-specific API for accessing reads, alignments and

• pileups produced from Next Generation Sequencing. The API itself is
• independent from any particular back-end implementation, and supports use of
• multiple back-ends simultaneously. relevance: 5

name: ngless version: 0.9.1 outputs: out systems: x86_64-linux dependencies: bwa@0.7.17 ghc-aeson@1.3.1.1 ghc-ansi-terminal@0.8.0.4

• ghc-async@2.2.1 ghc-atomic-write@0.2.0.5 ghc-bytestring-lexing@0.5.0.2
• ghc-chart-cairo@1.9 ghc-chart@1.9 ghc-conduit-algorithms@0.0.8.1
• ghc-conduit-combinators@1.3.0 ghc-conduit-extra@1.3.0 ghc-conduit@1.3.0.3
• ghc-configurator@0.3.0.0 ghc-convertible@1.1.1.0 ghc-data-default@0.7.1.1
• ghc-double-conversion@2.0.2.0 ghc-edit-distance@0.2.2.1 ghc-either@5.0.1
• ghc-errors@2.3.0 ghc-extra@1.6.9 ghc-file-embed@0.0.10.1 ghc-filemanip@0.3.6.3
• ghc-gitrev@1.3.1 ghc-hashtables@1.2.3.1 ghc-hpack@0.28.2
• ghc-http-conduit@2.3.2 ghc-inline-c-cpp@0.2.2.1 ghc-inline-c@0.6.1.0
• ghc-intervalmap@0.6.0.0 ghc-missingh@1.4.0.1 ghc-optparse-applicative@0.14.2.0
• ghc-parsec@3.1.13.0 ghc-quickcheck@2.11.3 ghc-regex@1.0.1.3 ghc-safe@0.3.17
• ghc-safeio@0.0.5.0 ghc-strict@0.3.2 ghc-tar@0.5.1.0
• ghc-test-framework-hunit@0.3.0.2 ghc-test-framework-quickcheck2@0.3.0.4
• ghc-test-framework-th@0.2.4 ghc-test-framework@0.8.2.0 ghc-text@1.2.3.0
• ghc-unliftio-core@0.1.1.0 ghc-unliftio@0.2.7.0 ghc-vector@0.12.0.1
• ghc-yaml@0.8.32 ghc-zlib@0.6.2 minimap2@2.10 prodigal@2.6.3 r-hdf5r@1.2.0
• r-iterators@1.0.10 r-itertools@0.1-3 r-matrix@1.2-17 r-r6@2.4.0 samtools@1.9 location: gnu/packages/bioinformatics.scm:13992:2 homepage: https://gitlab.com/ngless/ngless license: Expat synopsis: DSL for processing next-generation sequencing data
  description: Ngless is a domain-specific language for "next-generation
• sequencing" (NGS) data processing. relevance: 5

name: squashfs-tools-next version: 4.3-1fb33dfc outputs: out systems: x86_64-linux i686-linux armhf-linux aarch64-linux mips64el-linux dependencies: lz4@1.8.1.2 lzo@2.10 xz@5.2.4 zlib@1.2.11 location: gnu/packages/compression.scm:791:4 homepage: http://squashfs.sourceforge.net/ license: GPL 2+ synopsis: Tools to create and extract squashfs file systems
description: Squashfs is a highly compressed read-only file system for Linux.

• It uses zlib to compress files, inodes, and directories. All blocks are
• packed to minimize the data overhead, and block sizes of between 4K and 1M are
• supported. It is intended to be used for archival use, for live CDs, and for
• embedded systems where low overhead is needed. This package allows you to
• create and extract such file systems. relevance: 4

name: perl-encode-hanextra version: 0.23 outputs: out systems: x86_64-linux i686-linux armhf-linux aarch64-linux mips64el-linux dependencies: location: gnu/packages/perl.scm:3109:2 homepage: https://metacpan.org/release/Encode-HanExtra license: Expat synopsis: Additional Chinese encodings
description: This Perl module provides Chinese encodings that are not part of

• Perl by default, including "BIG5-1984", "BIG5-2003", "BIG5PLUS", "BIG5EXT",
• "CCCII", "EUC-TW", "CNS11643-*", "GB18030", and "UNISYS". relevance: 4

name: opensmtpd-next version: 6.4.1p2 outputs: out systems: x86_64-linux i686-linux armhf-linux aarch64-linux mips64el-linux dependencies: bdb@6.2.32 bison@3.0.5 groff@1.22.3 libasr@201602131606

• libevent@2.1.8 libressl@2.7.4 linux-pam@1.3.1 zlib@1.2.11 location: gnu/packages/mail.scm:2146:2 homepage: https://www.opensmtpd.org license: FreeBSD, Modified BSD, Original BSD, non-copyleft, Public Domain, ISC, OpenSSL synopsis: Lightweight SMTP daemon
  description: OpenSMTPD is an implementation of server-side , with some
• additional standard extensions. It allows ordinary machines to exchange
• e-mails with other systems speaking the SMTP protocol, or to deliver them to
• local users.
• In order to simplify the use of SMTP, OpenSMTPD implements a smaller set of
• functionality than those available in other SMTP daemons. The objective is to
• provide enough features to satisfy typical usage at the risk of unsuitability
• to esoteric or niche requirements. relevance: 4

name: guile-next version: 2.9.1 outputs: out debug systems: x86_64-linux i686-linux armhf-linux aarch64-linux mips64el-linux dependencies: bash-minimal@4.4.23 gmp@6.1.2 libffi@3.2.1 libgc@7.6.6

• libltdl@2.4.6 libunistring@0.9.10 pkg-config@0.29.2 location: gnu/packages/guile.scm:293:4 homepage: https://www.gnu.org/software/guile/ license: LGPL 3+ synopsis: Scheme implementation intended especially for extensions
  description: Guile is the GNU Ubiquitous Intelligent Language for Extensions,
• the official extension language of the GNU system. It is an implementation of
• the Scheme language which can be easily embedded in other applications to
• provide a convenient means of extending the functionality of the application
• without requiring the source code to be rewritten. relevance: 4

name: genext2fs version: 1.4.1-4 outputs: out systems: x86_64-linux i686-linux armhf-linux aarch64-linux mips64el-linux dependencies: autoconf@2.69 automake@1.16.1 location: gnu/packages/linux.scm:5278:2 homepage: https://github.com/jeremie-koenig/genext2fs license: GPL 2 synopsis: Generate ext2 file system as a normal user
description: This package provides a program to generate an ext2 file system

• as a normal (non-root) user. It does not require you to mount the image file
• to copy files on it, nor does it require that you become the superuser to make
• device nodes. relevance: 4

name: emacs-nov-el version: 0.2.6 outputs: out systems: x86_64-linux i686-linux armhf-linux aarch64-linux mips64el-linux dependencies: emacs-dash@2.16.0 emacs-esxml@0.3.4 unzip@6.0 location: gnu/packages/emacs-xyz.scm:9084:2 homepage: https://github.com/wasamasa/nov.el/ license: GPL 3+ synopsis: Major mode for reading EPUBs in Emacs
description: `nov.el' provides a major mode for reading EPUB documents.

• Features:
• • Basic navigation (jump to TOC, previous/next chapter)
• • Remembering and restoring the last read position
• • Jump to next chapter when scrolling beyond end
• • Renders EPUB2 (.ncx') and EPUB3 (
    ') TOCs
• • Hyperlinks to internal and external targets
• • Supports textual and image documents
• • View source of document files
• • Metadata display
• • Image rescaling relevance: 4

name: emacs-highlight-symbol version: 1.3 outputs: out systems: x86_64-linux i686-linux armhf-linux aarch64-linux mips64el-linux dependencies: location: gnu/packages/emacs-xyz.scm:4076:2 homepage: https://nschum.de/src/emacs/highlight-symbol license: GPL 2+ synopsis: Automatic and manual symbol highlighting for Emacs
description: Use `highlight-symbol' to toggle highlighting of the symbol at

• point throughout the current buffer. Use `highlight-symbol-mode' to keep the
• symbol at point highlighted.
• The functions highlight-symbol-next',highlight-symbol-prev',
• highlight-symbol-next-in-defun' andhighlight-symbol-prev-in-defun' allow
• for cycling through the locations of any symbol at point. Use
• highlight-symbol-nav-mode' to enable key bindingsM-p' and `M-p' for
• navigation. When `highlight-symbol-on-navigation-p' is set, highlighting is
• triggered regardless of `highlight-symbol-idle-delay'.
• `highlight-symbol-query-replace' can be used to replace the symbol. relevance: 4

name: vim-neocomplete version: 2.1 outputs: out systems: x86_64-linux i686-linux armhf-linux aarch64-linux mips64el-linux dependencies: location: gnu/packages/vim.scm:229:2 homepage: https://github.com/Shougo/neocomplete.vim/ license: Expat synopsis: Next generation completion framework for Vim
description: `neocomplete', an abbreviation of 'neo-completion with cache', is

• a plugin for Vim. It provides keyword completion system by maintaining a
• cache of keywords in the current buffer. Neocomplete can be customized easily
• and has many more features than Vim's built-in completion. relevance: 3

name: subread version: 1.6.0 outputs: out systems: x86_64-linux i686-linux armhf-linux aarch64-linux mips64el-linux dependencies: zlib@1.2.11 location: gnu/packages/bioinformatics.scm:6372:2 homepage: http://bioinf.wehi.edu.au/subread-package/ license: GPL 3+ synopsis: Tool kit for processing next-gen sequencing data
description: The subread package contains the following tools: subread

• aligner, a general-purpose read aligner; subjunc aligner: detecting exon-exon
• junctions and mapping RNA-seq reads; featureCounts: counting mapped reads for
• genomic features; exactSNP: a SNP caller that discovers SNPs by testing
• signals against local background noises. relevance: 3

name: gnujump version: 1.0.8 outputs: out systems: x86_64-linux i686-linux armhf-linux aarch64-linux mips64el-linux dependencies: glu@9.0.0 mesa@18.3.5 sdl-image@1.2.12 sdl-mixer@1.2.12

• sdl@1.2.15 location: gnu/packages/games.scm:2190:2 homepage: http://gnujump.es.gnu.org/ license: GPL 3+ synopsis: Game of jumping to the next floor, trying not to fall
  description: GNUjump is a simple, yet addictive game in which you must jump
• from platform to platform to avoid falling, while the platforms drop at faster
• rates the higher you go. The game features multiplayer, unlimited FPS, smooth
• floor falling, themeable graphics and sounds, and replays. relevance: 3

name: wesnoth version: 1.14.7 outputs: out systems: x86_64-linux i686-linux armhf-linux aarch64-linux mips64el-linux dependencies: boost@1.69.0 dbus@1.12.12 fribidi@1.0.5 gettext-minimal@0.19.8.1

• libvorbis@1.3.6 openssl@1.0.2p pango@1.42.4 pkg-config@0.29.2 sdl-union@1.2.15 location: gnu/packages/games.scm:2224:2 homepage: https://www.wesnoth.org/ license: GPL 2+ synopsis: Turn-based strategy game
  description: The Battle for Wesnoth is a fantasy, turn based tactical strategy
• game, with several single player campaigns, and multiplayer games (both
• networked and local).
• Battle for control on a range of maps, using variety of units which have
• advantages and disadvantages against different types of attacks. Units gain
• experience and advance levels, and are carried over from one scenario to the
• next campaign. relevance: 2

name: vim-fugitive version: 2.5 outputs: out systems: x86_64-linux i686-linux armhf-linux aarch64-linux mips64el-linux dependencies: location: gnu/packages/vim.scm:481:2 homepage: https://github.com/tpope/vim-fugitive license: Vim synopsis: Vim plugin to work with Git
description: Vim-fugitive is a wrapper for Vim that complements the command

• window, where you can stage and review your changes before the next commit or
• run any Git arbitrary command. relevance: 2

name: sortmerna version: 2.1b outputs: out db systems: x86_64-linux i686-linux dependencies: zlib@1.2.11 location: gnu/packages/bioinformatics.scm:6215:2 homepage: http://bioinfo.lifl.fr/RNA/sortmerna license: LGPL 3 synopsis: Biological sequence analysis tool for NGS reads
description: SortMeRNA is a biological sequence analysis tool for filtering,

• mapping and operational taxonomic unit (OTU) picking of next generation
• sequencing (NGS) reads. The core algorithm is based on approximate seeds and
• allows for fast and sensitive analyses of nucleotide sequences. The main
• application of SortMeRNA is filtering rRNA from metatranscriptomic data. relevance: 2

name: silkaj version: 0.6.5 outputs: out systems: x86_64-linux i686-linux armhf-linux aarch64-linux mips64el-linux dependencies: python-click@7.0 python-duniterpy@0.53.1 python-ipaddress@1.0.22

• python-pynacl@1.3.0 python-tabulate@0.7.7 location: gnu/packages/finance.scm:992:2 homepage: https://silkaj.duniter.org/ license: AGPL 3+ synopsis: Command line client for Duniter network
  description: `Silkaj' is a command line client for the Duniter
• (https://github.com/duniter/duniter/) network.
• Its features are:
• • information about currency,
• • issuers difficulty to generate next block,
• • network view of nodes,
• • list of last issuers,
• • send transactions,
• • get account amount. relevance: 2

name: sbcl-cl-who version: 1.1.4-1.2c08caa outputs: out systems: x86_64-linux i686-linux armhf-linux dependencies: sbcl-flexi-streams@1.0.16 location: gnu/packages/lisp.scm:4077:4 homepage: https://edicl.github.io/cl-who/ license: FreeBSD synopsis: Yet another Lisp markup language
description: There are plenty of Lisp Markup Languages out there - every Lisp

• programmer seems to write at least one during his career - and CL-WHO (where
• WHO means "with-html-output" for want of a better acronym) is probably just as
• good or bad as the next one. relevance: 2

name: ruby-minitest-focus version: 1.1.2 outputs: out systems: x86_64-linux i686-linux armhf-linux aarch64-linux mips64el-linux dependencies: ruby-hoe@3.16.2 ruby-minitest@5.11.3 location: gnu/packages/ruby.scm:3129:2 homepage: https://github.com/seattlerb/minitest-focus license: Expat synopsis: Allows a few specific tests to be focused on
description: `minitest-focus' gives the ability focus on a few tests with ease

• without having to use command-line arguments. It introduces a `focus' class
• method for use in testing classes, specifying that the next defined test is to
• be run. relevance: 2

name: ruby-bump version: 0.7.0 outputs: out systems: x86_64-linux i686-linux armhf-linux aarch64-linux mips64el-linux dependencies: location: gnu/packages/ruby.scm:756:2 homepage: https://github.com/gregorym/bump license: Expat synopsis: Tool for working with Rubygems
description: Bump provides commands to manage Rubygem versioning, updating to

• the next patch version for example. relevance: 2

name: r-magrittr version: 1.5 outputs: out systems: x86_64-linux i686-linux armhf-linux aarch64-linux mips64el-linux dependencies: location: gnu/packages/statistics.scm:892:2 homepage: https://cran.r-project.org/web/packages/magrittr/index.html license: Expat synopsis: A forward-pipe operator for R
description: Magrittr provides a mechanism for chaining commands with a new

• forward-pipe operator, %>%. This operator will forward a value, or the result
• of an expression, into the next function call/expression. There is flexible
• support for the type of right-hand side expressions. For more information,
• see package vignette. To quote Rene Magritte, "Ceci n'est pas un pipe." relevance: 2

name: r-fastseg version: 1.30.0 outputs: out systems: x86_64-linux i686-linux armhf-linux aarch64-linux mips64el-linux dependencies: r-biobase@2.44.0 r-biocgenerics@0.30.0 r-genomicranges@1.36.0

• r-iranges@2.18.0 r-s4vectors@0.22.0 location: gnu/packages/bioinformatics.scm:9668:2 homepage: http://www.bioinf.jku.at/software/fastseg/index.html license: LGPL 2.0+ synopsis: Fast segmentation algorithm for genetic sequencing data
  description: Fastseg implements a very fast and efficient segmentation
• algorithm. It can segment data from DNA microarrays and data from next
• generation sequencing for example to detect copy number segments. Further it
• can segment data from RNA microarrays like tiling arrays to identify
• transcripts. Most generally, it can segment data given as a matrix or as a
• vector. Various data formats can be used as input to fastseg like expression
• set objects for microarrays or GRanges for sequencing data. relevance: 2

name: r-dplyr version: 0.8.0.1 outputs: out systems: x86_64-linux i686-linux armhf-linux aarch64-linux mips64el-linux dependencies: r-assertthat@0.2.1 r-bh@1.69.0-1 r-glue@1.3.1 r-magrittr@1.5

• r-pkgconfig@2.0.2 r-plogr@0.2.0 r-r6@2.4.0 r-rcpp@1.0.1 r-rlang@0.3.4
• r-tibble@2.1.1 r-tidyselect@0.2.5 location: gnu/packages/statistics.scm:1696:2 homepage: https://github.com/hadley/dplyr license: Expat synopsis: Tools for working with data frames in R
  description: dplyr is the next iteration of plyr. It is focussed on tools for
• working with data frames. It has three main goals: 1) identify the most
• important data manipulation tools needed for data analysis and make them easy
• to use in R; 2) provide fast performance for in-memory data by writing key
• pieces of code in C++; 3) use the same code interface to work with data no
• matter where it is stored, whether in a data frame, a data table or database. relevance: 2

name: r-bayseq version: 2.18.0 outputs: out systems: x86_64-linux i686-linux armhf-linux aarch64-linux mips64el-linux dependencies: r-abind@1.4-5 r-edger@3.26.0 r-genomicranges@1.36.0 location: gnu/packages/bioconductor.scm:1304:2 homepage: https://bioconductor.org/packages/baySeq/ license: GPL 3 synopsis: Bayesian analysis of differential expression patterns in count data
description: This package identifies differential expression in

• high-throughput count data, such as that derived from next-generation
• sequencing machines, calculating estimated posterior likelihoods of
• differential expression (or more complex hypotheses) via empirical Bayesian
• methods. relevance: 2

name: python-debug version: 3.7.0 outputs: out debug systems: x86_64-linux i686-linux armhf-linux aarch64-linux mips64el-linux dependencies: bzip2@1.0.6 gdbm@1.18 libffi@3.2.1 openssl@1.0.2p

• pkg-config@0.29.2 readline@7.0.5 sqlite@3.24.0 tcl@8.6.8 tk@8.6.8 zlib@1.2.11 location: gnu/packages/python.scm:402:2 homepage: https://www.python.org license: Python Software Foundation License synopsis: High-level, dynamically-typed programming language (for debugging)
  description: This variant of Python provides an interpreter built with
• `--with-pydebug' to help develop and debug extensions. See
• `https://pythonextensionpatterns.readthedocs.io/en/latest/debugging/debug.html
• ', for more information. relevance: 2

name: pdfpc version: 4.3.2 outputs: out systems: x86_64-linux i686-linux armhf-linux aarch64-linux mips64el-linux dependencies: cairo@1.16.0 gst-plugins-base@1.14.4 gstreamer@1.14.4

• gtk+@3.24.7 libgee@0.20.1 pango@1.42.4 pkg-config@0.29.2 poppler@0.72.0
• vala@0.40.9 location: gnu/packages/pdf.scm:1035:2 homepage: https://pdfpc.github.io/ license: GPL 2+ synopsis: Presenter console with multi-monitor support for PDF files
  description: pdfpc is a presentation viewer application which uses
• multi-monitor output to provide meta information to the speaker during the
• presentation. It is able to show a normal presentation window on one screen,
• while showing a more sophisticated overview on the other one providing
• information like a picture of the next slide, as well as the left over time
• till the end of the presentation. The input files processed by pdfpc are PDF
• documents. relevance: 2

name: openbox version: 3.6.1 outputs: out systems: x86_64-linux i686-linux armhf-linux aarch64-linux mips64el-linux dependencies: imlib2@1.5.1 librsvg@2.40.20 libsm@1.2.2 libxcursor@1.2.0

• libxft@2.3.2 libxinerama@1.1.4 libxml2@2.9.8 libxrandr@1.5.1 pango@1.42.4
• pkg-config@0.29.2 python2-pyxdg@0.25 python2@2.7.15 location: gnu/packages/openbox.scm:38:2 homepage: http://openbox.org/wiki/Main_Page license: GPL 2+ synopsis: Box style window manager
  description: Openbox is a highly configurable, next generation window manager
• with extensive standards support. The *box visual style is well known for its
• minimalistic appearance. Openbox uses the *box visual style, while providing
• a greater number of options for theme developers than previous *box
• implementations. relevance: 2

name: ocaml-migrate-parsetree version: 1.2.0 outputs: out systems: x86_64-linux i686-linux armhf-linux aarch64-linux mips64el-linux dependencies: ocaml-ppx-derivers@1.2.1 ocaml-result@1.3 ocamlbuild@0.13.1 location: gnu/packages/ocaml.scm:1347:2 homepage: https://github.com/ocaml-ppx/ocaml-migrate-parsetree license: LGPL 2.1+ synopsis: OCaml parsetree convertor
description: This library converts between parsetrees of different OCaml

• versions. For each version, there is a snapshot of the parsetree and
• conversion functions to the next and/or previous version. relevance: 2

name: neofetch version: 6.0.0 outputs: out systems: x86_64-linux i686-linux armhf-linux aarch64-linux mips64el-linux dependencies: location: gnu/packages/admin.scm:2609:2 homepage: https://github.com/dylanaraps/neofetch license: Expat synopsis: System information script
description: Neofetch is a command-line system information tool written in

• Bash. Neofetch displays information about your system next to an image, your
• OS logo, or any ASCII file of your choice. The main purpose of Neofetch is to
• be used in screenshots to show other users what operating system or
• distribution you are running, what theme or icon set you are using, etc. relevance: 2

name: libdvdnav version: 6.0.0 outputs: out systems: x86_64-linux i686-linux armhf-linux aarch64-linux mips64el-linux dependencies: libdvdread@6.0.1 pkg-config@0.29.2 location: gnu/packages/video.scm:1778:2 homepage: http://dvdnav.mplayerhq.hu/ license: GPL 2+ synopsis: Library for video DVD navigation features
description: Libdvdnav is a library for developers of multimedia applications.

• It allows easy use of sophisticated DVD navigation features such as DVD menus,
• multiangle playback and even interactive DVD games. All this functionality is
• provided through a simple API which provides the DVD playback as a single
• logical stream of blocks, intermitted by special dvdnav events to report
• certain conditions. The main usage of libdvdnav is a loop regularly calling a
• function to get the next block, surrounded by additional calls to tell the
• library of user interaction. The whole DVD virtual machine and internal
• playback states are completely encapsulated. relevance: 2

name: java-ngs version: 2.9.3 outputs: out systems: i686-linux x86_64-linux dependencies: icedtea@3.7.0 ngs-sdk@2.9.3 perl@5.28.0 location: gnu/packages/bioinformatics.scm:5564:2 homepage: https://github.com/ncbi/ngs license: Public Domain synopsis: Java bindings for NGS SDK
description: NGS is a domain-specific API for accessing reads, alignments and

• pileups produced from Next Generation Sequencing. The API itself is
• independent from any particular back-end implementation, and supports use of
• multiple back-ends simultaneously. relevance: 2

name: jamm version: 1.0.7.5 outputs: out systems: x86_64-linux i686-linux armhf-linux aarch64-linux mips64el-linux dependencies: bash@4.4.23 coreutils@8.30 gawk@4.2.1 perl@5.28.0 r-mclust@5.4.3

• r-minimal@3.6.0 r-signal@0.7-6 location: gnu/packages/bioinformatics.scm:13918:2 homepage: https://github.com/mahmoudibrahim/JAMM license: GPL 3+ synopsis: Peak finder for NGS datasets
  description: JAMM is a peak finder for next generation sequencing datasets
• (ChIP-Seq, ATAC-Seq, DNase-Seq, etc.) that can integrate replicates and assign
• peak boundaries accurately. JAMM is applicable to both broad and narrow
• datasets. relevance: 2

name: hisat2 version: 2.0.5 outputs: out systems: x86_64-linux i686-linux dependencies: ghc-pandoc@2.2.1 perl@5.28.0 unzip@6.0 location: gnu/packages/bioinformatics.scm:3399:2 homepage: http://ccb.jhu.edu/software/hisat2/index.shtml license: GPL 3+ synopsis: Graph-based alignment of genomic sequencing reads
description: HISAT2 is a fast and sensitive alignment program for mapping

• next-generation sequencing reads (both DNA and RNA) to a population of human
• genomes (as well as to a single reference genome). In addition to using one
• global "graph FM" (GFM) index that represents a population of human genomes,
• HISAT2 uses a large set of small GFM indexes that collectively cover the whole
• genome. These small indexes, combined with several alignment strategies,
• enable rapid and accurate alignment of sequencing reads. This new indexing
• scheme is called a "Hierarchical Graph FM index" (HGFM). relevance: 2

name: go-github-com-gorhill-cronexpr version: 0.0.0-0.f098431 outputs: out systems: x86_64-linux i686-linux armhf-linux aarch64-linux dependencies: location: gnu/packages/golang.scm:1842:4 homepage: https://github.com/gorhill/cronexpr license: GPL 3+, ASL 2.0 synopsis: Cron expression parser in the Go language
description: This package provides a cron expression parser in the Go

• language. Given a cron expression and a time stamp, you can get the next time
• stamp which satisfies the cron expression. relevance: 2

name: ghc-language-haskell-extract version: 0.2.4 outputs: out systems: x86_64-linux i686-linux dependencies: ghc-regex-posix@0.95.2 location: gnu/packages/haskell.scm:8884:2 homepage: https://github.com/finnsson/template-helper license: Modified BSD synopsis: Haskell module to automatically extract functions from the local code
description: This package contains helper functions on top of Template

• Haskell.
• For example, `functionExtractor' extracts all functions after a
• regexp-pattern, which can be useful if you wish to extract all functions
• beginning with `test' (for a test framework) or all functions beginning with
• `wc' (for a web service). relevance: 2

name: frescobaldi version: 3.0.0 outputs: out systems: x86_64-linux i686-linux armhf-linux aarch64-linux mips64el-linux dependencies: lilypond@2.19.80 poppler@0.72.0 portmidi@217 python-ly@0.9.5

• python-poppler-qt5@0.24.2 python-pyportmidi@217 python-pyqt@5.11.3
• python-sip@4.19.13 location: gnu/packages/music.scm:1981:2 homepage: http://www.frescobaldi.org/ license: GPL 2+ synopsis: LilyPond sheet music text editor
  description: Frescobaldi is a LilyPond sheet music text editor with syntax
• highlighting and automatic completion. Among other things, it can render
• scores next to the source, can capture input from MIDI or read MusicXML and
• ABC files, has a MIDI player for proof-listening, and includes a documentation
• browser. relevance: 2

name: fping version: 4.2 outputs: out systems: x86_64-linux i686-linux armhf-linux aarch64-linux mips64el-linux dependencies: location: gnu/packages/networking.scm:662:2 homepage: https://fping.org/ license: Expat synopsis: Send ICMP ECHO_REQUEST packets to network hosts
description: fping is a ping like program which uses the Internet Control

• Message Protocol (ICMP) echo request to determine if a target host is
• responding. fping differs from ping in that you can specify any number of
• targets on the command line, or specify a file containing the lists of targets
• to ping. Instead of sending to one target until it times out or replies,
• fping will send out a ping packet and move on to the next target in a
• round-robin fashion. relevance: 2

name: fortify-headers version: 1.0 outputs: out systems: x86_64-linux i686-linux armhf-linux aarch64-linux mips64el-linux dependencies: location: gnu/packages/suckless.scm:560:2 homepage: https://git.2f30.org/fortify-headers/ license: ISC synopsis: Standalone fortify-source implementation
description: This is a standalone implementation of fortify source. It

• provides compile time buffer checks. It is libc-agnostic and simply overlays
• the system headers by using the `#include_next' extension found in GCC. It
• was initially intended to be used on musl-based Linux distributions.
• • It is portable, works on *BSD, Linux, Solaris and possibly others.
• • It will only trap non-conformant programs. This means that fortify level
• 2 is treated in the same way as level 1.
• • Avoids making function calls when undefined behaviour has already been
• invoked. This is handled by using `__builtin_trap()'.
• • Support for out-of-bounds read interfaces, such as send()',write()',
• `fwrite()', etc.
• • No ABI is enforced. All of the fortify check functions are inlined into
• the resulting binary. relevance: 2

name: flexbar version: 3.4.0 outputs: out systems: x86_64-linux i686-linux armhf-linux aarch64-linux mips64el-linux dependencies: pkg-config@0.29.2 seqan@2.4.0 tbb@2019_U6 zlib@1.2.11 location: gnu/packages/bioinformatics.scm:3020:2 homepage: https://github.com/seqan/flexbar license: Modified BSD synopsis: Barcode and adapter removal tool for sequencing platforms
description: Flexbar preprocesses high-throughput nucleotide sequencing data

• efficiently. It demultiplexes barcoded runs and removes adapter sequences.
• Moreover, trimming and filtering features are provided. Flexbar increases
• read mapping rates and improves genome and transcriptome assemblies. It
• supports next-generation sequencing data in fasta/q and csfasta/q format from
• Illumina, Roche 454, and the SOLiD platform. relevance: 2

name: fastx-toolkit version: 0.0.14 outputs: out systems: x86_64-linux i686-linux armhf-linux aarch64-linux mips64el-linux dependencies: libgtextutils@0.7 pkg-config@0.29.2 location: gnu/packages/bioinformatics.scm:2988:2 homepage: http://hannonlab.cshl.edu/fastx_toolkit/ license: AGPL 3+ synopsis: Tools for FASTA/FASTQ file preprocessing
description: The FASTX-Toolkit is a collection of command line tools for

• Short-Reads FASTA/FASTQ files preprocessing.
• Next-Generation sequencing machines usually produce FASTA or FASTQ files,
• containing multiple short-reads sequences. The main processing of such
• FASTA/FASTQ files is mapping the sequences to reference genomes. However, it
• is sometimes more productive to preprocess the files before mapping the
• sequences to the genome---manipulating the sequences to produce better mapping
• results. The FASTX-Toolkit tools perform some of these preprocessing tasks. relevance: 2

name: emacs-org-tree-slide version: 0.1-0.dff8f1a outputs: out systems: x86_64-linux i686-linux armhf-linux aarch64-linux mips64el-linux dependencies: location: gnu/packages/emacs-xyz.scm:8955:4 homepage: https://github.com/takaxp/org-tree-slide license: GPL 3+ synopsis: Presentation tool for org-mode
description: Org-tree-slide provides a slideshow mode to view org-mode files.

• Use org-tree-slide-mode' to enter the slideshow mode, and thenC->' and
• `C-<' to jump to the next and previous slide. relevance: 2

name: emacs-ivy version: 0.11.0 outputs: out systems: x86_64-linux i686-linux armhf-linux aarch64-linux mips64el-linux dependencies: emacs-hydra@0.14.0 texinfo@6.5 location: gnu/packages/emacs-xyz.scm:4359:2 homepage: http://oremacs.com/swiper/ license: GPL 3+ synopsis: Incremental vertical completion for Emacs
description: This package provides `ivy-read' as an alternative to

• `completing-read' and similar functions. No attempt is made to determine the
• best candidate. Instead, the user can navigate candidates with
• ivy-next-line' andivy-previous-line'. The matching is done by splitting
• the input text by spaces and re-building it into a regular expression. relevance: 2

name: emacs-hl-todo version: 3.0.0 outputs: out systems: x86_64-linux i686-linux armhf-linux aarch64-linux mips64el-linux dependencies: location: gnu/packages/emacs-xyz.scm:4108:2 homepage: https://github.com/tarsius/hl-todo license: GPL 3+ synopsis: Emacs mode to highlight TODO and similar keywords
description: This package provides an Emacs mode to highlight TODO and similar

• keywords in comments and strings. This package also provides commands for
• moving to the next or previous keyword and to invoke `occur' with a regexp
• that matches all known keywords. relevance: 2

name: efibootmgr version: 16 outputs: out systems: x86_64-linux i686-linux armhf-linux aarch64-linux mips64el-linux dependencies: efivar@37 pkg-config@0.29.2 popt@1.16 location: gnu/packages/linux.scm:4280:2 homepage: https://github.com/rhinstaller/efibootmgr license: GPL 2+ synopsis: Modify the Extensible Firmware Interface (EFI) boot manager
description: `efibootmgr' is a user-space application to modify the Intel

• Extensible Firmware Interface (EFI) Boot Manager. This application can create
• and destroy boot entries, change the boot order, change the next running boot
• option, and more. relevance: 2

name: cl-who version: 1.1.4-1.2c08caa outputs: out systems: x86_64-linux i686-linux armhf-linux aarch64-linux mips64el-linux dependencies: cl-flexi-streams@1.0.16 location: gnu/packages/lisp.scm:4077:4 homepage: https://edicl.github.io/cl-who/ license: FreeBSD synopsis: Yet another Lisp markup language
description: There are plenty of Lisp Markup Languages out there - every Lisp

• programmer seems to write at least one during his career - and CL-WHO (where
• WHO means "with-html-output" for want of a better acronym) is probably just as
• good or bad as the next one. relevance: 2

name: bless version: 1p02 outputs: out systems: x86_64-linux dependencies: boost@1.69.0 openmpi@4.0.1 perl@5.28.0 pigz@2.4 sparsehash@2.0.3

• zlib@1.2.11 location: gnu/packages/bioinformatics.scm:1419:2 homepage: https://sourceforge.net/p/bless-ec/wiki/Home/ license: GPL 3+ synopsis: Bloom-filter-based error correction tool for NGS reads
  description: "Bloom-filter-based error correction solution for high-throughput
• sequencing reads" (BLESS) uses a single minimum-sized bloom filter is a
• correction tool for genomic reads produced by "Next-generation sequencing"
• (NGS). BLESS produces accurate correction results with much less memory
• compared with previous solutions and is also able to tolerate a higher
• false-positive rate. BLESS can extend reads like DNA assemblers to correct
• errors at the end of reads. relevance: 2

name: bastet version: 0.43.2 outputs: out systems: x86_64-linux i686-linux armhf-linux aarch64-linux mips64el-linux dependencies: boost@1.69.0 hicolor-icon-theme@0.17 ncurses@6.1 location: gnu/packages/games.scm:329:2 homepage: http://fph.altervista.org/prog/bastet.html license: GPL 3+ synopsis: Antagonistic Tetris-style falling brick game for text terminals
description: Bastet (short for Bastard Tetris) is a simple ncurses-based

• falling brick game. Unlike normal Tetris, Bastet does not choose the next
• brick at random. Instead, it uses a special algorithm to choose the worst
• brick possible.
• Playing bastet can be a painful experience, especially if you usually make
• canyons and wait for the long I-shaped block to clear four rows at a time. relevance: 2

name: ao version: 1.2.0 outputs: out systems: x86_64-linux i686-linux armhf-linux aarch64-linux mips64el-linux dependencies: alsa-lib@1.1.8 pkg-config@0.29.2 pulseaudio@12.2 location: gnu/packages/xiph.scm:186:2 homepage: https://www.xiph.org/ao/ license: GPL 2+ synopsis: Cross platform audio library
description: Libao is a cross-platform audio library that allows programs to

• output audio using a simple API on a wide variety of platforms. It currently
• supports:
• 1. Null output (handy for testing without a sound device),
• 2. WAV files,
• 3. AU files,
• 4. RAW files,
• 5. OSS (Open Sound System, used on Linux and FreeBSD),
• 6. ALSA (Advanced Linux Sound Architecture),
• 7. aRts (Analog RealTime Synth, used by KDE),
• 8. PulseAudio (next generation GNOME sound server),
• 9. esd (EsounD or Enlightened Sound Daemon),
• 10. Mac OS X,
• 11. Windows (98 and later),
• 12. AIX,
• 13. Sun/NetBSD/OpenBSD,
• 14. IRIX,
• 15. NAS (Network Audio Server),
• 16. RoarAudio (Modern, multi-OS, networked Sound System),
• 17. OpenBSD's sndio. relevance: 2

guile: warning: failed to install locale hint: Consider installing the glibc-utf8-locales' orglibc-locales' package and defining `GUIX_LOCPATH', along these lines:

 guix package -i glibc-utf8-locales
 export GUIX_LOCPATH="$HOME/.guix-profile/lib/locale"

See the "Application Setup" section in the manual, for more info.

guix install: error: next: unknown package

[Ambrevar]

OK, it's quite simple, you are running Guix 1.0.1 which is quite old now and only knows sbcl-next.

Simply update Guix with guix pull. Make sure you are running the updated version of guix: which guix should return

$HOME/.config/guix/current/bin/guix

If which guix return something else, make sure to source the above profile from your .profile or .bash_profile:

GUIX_PROFILE=$HOME/.config/guix/current ; \ source $HOME/.config/guix/current/etc/profile

Then you'll be able to install the latest Next with

guix install next

You can run mostly anything in a container. This is an operation that mostly depends on your kernel, so you can do it with anything. For a variety of options, see:

• https://wiki.archlinux.org/index.php/PRoot
• https://wiki.archlinux.org/index.php/Chroot
• https://wiki.archlinux.org/index.php/Linux_Container
• https://wiki.archlinux.org/index.php/Systemd-nspawn

[outergod]

Hello maintainers of Nyxt! I have created an experimental Flatpak for Nyxt based off the latest Ubuntu release that seems to work well. Maybe you'd like to adopt it and publish to Flathub?

I know you're very fond of Guix, but it actually doesn't work on every distribution, such as mine, Fedora Silverblue, because of its design around a read-only base filesystem. Flatpak also has the added benefit of proper sandboxing as @LoveIsGrief already mentioned, which is especially beneficial for an attack vector like a web browser.

If you're not interested, I will consider publishing it, if you don't mind.

[Ambrevar]

because of its design around a read-only base filesystem

This is probably not the issue. The main issues are related to the kernel options or the graphics device driver. Don't hesitate to report the issue, we can help you out.

Flatpak does not solve everything either, and adds loads of more important problems, such as the lack of trust :p See https://guix.gnu.org/en/blog/2018/tarballs-the-ultimate-container-image-format/.

Also note that sandboxing works for the Guix pack.

I'm personally not interesting in maintaining the Flatpak as it would add to the maintenance burden. However, if you are interested, you're more than welcome, this would be very helpful for distributing Nyxt to more people I believe!

[outergod]

This is probably not the issue. The main issues are related to the kernel options or the graphics device driver. Don't hesitate to report the issue, we can help you out.

I realize I misread the instructions and was assuming an installation to /usr/local, not ./usr/local. Of course, this way nyxt works well on my machine.

Also note that sandboxing works for the Guix pack.

However about the sandboxing aspect, now nyxt has access to my full filesystem which I just verified using file:///etc, however when I use the Flatpak version, it only sees the sandbox /etc. Same for D-BUS access, etc. How would this work with a Guix package?

Flatpak does not solve everything either, and adds loads of more important problems, such as the lack of trust :p See https://guix.gnu.org/en/blog/2018/tarballs-the-ultimate-container-image-format/.

And how does Flatpak solve or not solve the lack of trust problem in contrast to Guix? I can build all Flatpaks myself rather easily, just like Guix packs, I suppose.

I'm personally not interesting in maintaining the Flatpak as it would add to the maintenance burden. However, if you are interested, you're more than welcome, this would be very helpful for distributing Nyxt to more people I believe!

More than happy to help, love your work, keep it up!

[Ambrevar]

Also note that sandboxing works for the Guix pack.

However about the sandboxing aspect, now nyxt has access to my full filesystem which I just verified using file:///etc, however when I use the Flatpak version, it only sees the sandbox /etc. Same for D-BUS access, etc. How would this work with a Guix package?

The Guix pack is unrelated to sandboxing. If you want to create a sandbox, you must install Guix. Then you can run

guix shell --container --network nyxt ...

This is documented in https://github.com/atlas-engineer/nyxt/blob/master/documents/README.org#run-nyxt-in-a-security-sandbox.

And how does Flatpak solve or not solve the lack of trust problem in contrast to Guix? I can build all Flatpaks myself rather easily, just like Guix packs, I suppose.

Flatpak is not designed with reproducibility in mind as far as I'm aware. See the article I've linked. Distributing Flatpaks is very much like distributing a blackbox, you can't trust these because if you build it yourself, you won't get the same result so you can't know what's in the box.