From bfc558c972aa8d6f5ef15a3e720bed964925ae32 Mon Sep 17 00:00:00 2001
From: Archit Gupta <archit@accelbread.com>
Date: Fri, 14 Apr 2023 11:33:38 -0700
Subject: [PATCH 1/2] Whitelist commit-lockfile-summary in flake nixConfig

---
 src/libexpr/flake/config.cc | 2 +-
 src/nix/flake.md            | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/libexpr/flake/config.cc b/src/libexpr/flake/config.cc
index 89ddbde7e..e89014862 100644
--- a/src/libexpr/flake/config.cc
+++ b/src/libexpr/flake/config.cc
@@ -31,7 +31,7 @@ static void writeTrustedList(const TrustedList & trustedList)
 
 void ConfigFile::apply()
 {
-    std::set<std::string> whitelist{"bash-prompt", "bash-prompt-prefix", "bash-prompt-suffix", "flake-registry"};
+    std::set<std::string> whitelist{"bash-prompt", "bash-prompt-prefix", "bash-prompt-suffix", "flake-registry", "commit-lockfile-summary"};
 
     for (auto & [name, value] : settings) {
 
diff --git a/src/nix/flake.md b/src/nix/flake.md
index d70f34eeb..965f6eb48 100644
--- a/src/nix/flake.md
+++ b/src/nix/flake.md
@@ -382,9 +382,9 @@ The following attributes are supported in `flake.nix`:
 * `nixConfig`: a set of `nix.conf` options to be set when evaluating any
   part of a flake. In the interests of security, only a small set of
   whitelisted options (currently `bash-prompt`, `bash-prompt-prefix`,
-  `bash-prompt-suffix`, and `flake-registry`) are allowed to be set without
-  confirmation so long as `accept-flake-config` is not set in the global
-  configuration.
+  `bash-prompt-suffix`, `flake-registry`, and `commit-lockfile-summary`)
+  are allowed to be set without confirmation so long as `accept-flake-config`
+  is not set in the global configuration.
 
 ## Flake inputs
 

From 5cd9890e8a96e2f2ab205738c1e2e4a6b615f443 Mon Sep 17 00:00:00 2001
From: Robert Hensing <robert@roberthensing.nl>
Date: Tue, 18 Apr 2023 16:06:58 +0200
Subject: [PATCH 2/2] src/nix/flake.md: Itemize safe nixConfigs

---
 src/nix/flake.md | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/src/nix/flake.md b/src/nix/flake.md
index 965f6eb48..456fd0ea1 100644
--- a/src/nix/flake.md
+++ b/src/nix/flake.md
@@ -381,10 +381,12 @@ The following attributes are supported in `flake.nix`:
 
 * `nixConfig`: a set of `nix.conf` options to be set when evaluating any
   part of a flake. In the interests of security, only a small set of
-  whitelisted options (currently `bash-prompt`, `bash-prompt-prefix`,
-  `bash-prompt-suffix`, `flake-registry`, and `commit-lockfile-summary`)
-  are allowed to be set without confirmation so long as `accept-flake-config`
-  is not set in the global configuration.
+  set of options is allowed to be set without confirmation so long as [`accept-flake-config`](@docroot@/command-ref/conf-file.md#conf-accept-flake-config) is not enabled in the global configuration:
+   - [`bash-prompt`](@docroot@/command-ref/conf-file.md#conf-bash-prompt)
+   - [`bash-prompt-prefix`](@docroot@/command-ref/conf-file.md#conf-bash-prompt-prefix)
+   - [`bash-prompt-suffix`](@docroot@/command-ref/conf-file.md#conf-bash-prompt-suffix)
+   - [`flake-registry`](@docroot@/command-ref/conf-file.md#conf-flake-registry)
+   - [`commit-lockfile-summary`](@docroot@/command-ref/conf-file.md#conf-commit-lockfile-summary)
 
 ## Flake inputs