upgrade-flake

The upgrade-flake skill provides a streamlined and safe workflow for updating dependency inputs in a Nix-based infrastructure project. It is designed for developers and system administrators who maintain NixOS configurations and wish to stay current with package updates, security patches, and upstream improvements without migrating to a new major NixOS release channel. By focusing exclusively on the flake.lock file, this skill ensures that the environment's core system version remains stable while individual components like nixpkgs and home-manager are bumped to their latest available commits.

• Updates all flake inputs including nixpkgs and home-manager to the latest upstream commit versions.

• Performs a safe, dry-run build verification using internal just tasks before applying changes to the active system.

• Facilitates a controlled transition by decoupling the flake update process from major NixOS distro version upgrades.

• Provides built-in rollback capabilities, allowing users to revert to the previous system generation or restore the previous flake.lock state instantly if issues arise.

• Encourages best practices by recommending a verification loop including git diff analysis and system service status checks.

• Best suited for NixOS environments using flake-based project structures with standard utilities like justfiles.

• Always run after verifying changes with git diff flake.lock to understand which versions are being updated.

• Requires existing infrastructure setup with Nix flakes; this tool acts as an orchestration layer for standard nix flake commands.

• Note that this does not handle breaking changes introduced in specific software packages; build failures should be addressed by inspecting the Nix error output during the verify stage.

• Highly recommended for users managing declarative configurations where frequent, small updates are preferred over infrequent, large system migrations.