treewide: remove redundant stylix.image escaping and string coercion

[trueNAHO]

commit 3f6651a26e0127654e6b24a3616239e2eaaf392b
Author: NAHO <[email protected]>
Date:   2026-01-09 19:39:44 +0100

    stylix/palette: use derivation arguments instead of string interpolation

    Co-authored-by: Matt Sturgeon <[email protected]>

 stylix/palette.nix | 10 ++++------
 1 file changed, 4 insertions(+), 6 deletions(-)

commit b2fa5a9fa1d2d2975099ed9d8ff94295db4457b5
Author: NAHO <[email protected]>
Date:   2026-01-08 20:55:49 +0100

    stylix/palette: coerce derivations to store paths

    Coerce derivations to store paths to ensure non-null values are
    stringified store paths with valid string contexts.

    Fixes: 838df8b8ad7d ("stylix: improve `stylix.image` type (#1414)")

    Co-authored-by: Matt Sturgeon <[email protected]>

 stylix/palette.nix | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

commit c4ae2ea8d5fac9a8ca091c1e920e963472121ad6
Author: NAHO <[email protected]>
Date:   2026-01-08 21:18:36 +0100

    treewide: remove redundant stylix.image escaping and string coercion

    Remove redundant shell escaping and string coercion as stylix.image is
    guaranteed to be a stringified store path with a valid string context
    and no special characters.

    Fixes: 3499e3ec704b ("treewide: properly quote stylix.image when used as a shell argument")

 modules/grub/nixos.nix   | 2 +-
 modules/hyprlock/hm.nix  | 4 +---
 modules/hyprpaper/hm.nix | 2 +-
 3 files changed, 3 insertions(+), 5 deletions(-)

---

• I certify that I have the right to submit this contribution under the MIT license
• Commit messages adhere to Stylix commit conventions
• Theming changes adhere to the Stylix style guide
• Changes have been tested locally
• Changes have been tested in testbeds
• Each commit in this PR is suitable for backport to the current stable branch

[0xda157]

cc @MattSturgeon

[MattSturgeon]

Initial review from my phone, so hard to test or view full context.

[MattSturgeon]

Maybe some of these removed escapeShellArg and toString serialisers were handling the "null" case?

Afaict, moving from apply to coercedTo shouldn't significantly change the final semantics, so if serialising nix→shell was needed before, it may still be.

[trueNAHO]

Maybe some of these removed escapeShellArg and toString serialisers were handling the "null" case?

The CI failure can be locally reproduced with the "schemeless" testbeds:

nix eval .#testbed:alacritty:schemeless

For some reason, adding lib.escapeShellArg back to the palette generator arguments fixes the CI failures:

diff --git a/stylix/palette.nix b/stylix/palette.nix
index db340676..86ccedf7 100644
--- a/stylix/palette.nix
+++ b/stylix/palette.nix
@@ -81,7 +81,7 @@ in
         default = pkgs.runCommand "palette.json" { } ''
           ${lib.getExe cfg.paletteGenerator} \
             "${cfg.polarity}" \
-            ${cfg.image} \
+            ${lib.escapeShellArg cfg.image} \
             "$out"
         '';
       };

Maybe the palette generator parses the stylix.image argument incorrectly.

[MattSturgeon]

Some filepaths contain whitespace:

$ nix eval .#testbed:alacritty:schemeless
trace:
cfg.image is: /nix/store/7shj92cnnfcxbkqlhhsmv3m7v7k59ii3-three-bicycles/three bicycles.jpg
escapeShellArg cfg.image is: '/nix/store/7shj92cnnfcxbkqlhhsmv3m7v7k59ii3-three-bicycles/three bicycles.jpg'

NOTE: This means the escapeShellArg removed on this line was also not redundant.

---

IMO, a cleaner way to handle this kinda thing generally is using derivationArgs:

pkgs.runCommand "palette.json"
  {
    inherit (cfg) polarity image;
  }
  ''
    ${lib.getExe cfg.paletteGenerator} \
      "$polarity" \
      "$image" \
      "$out"
  '';

derivation args always get serialised into shell variables, so things like whitespace get handled automatically.

You can also use nativeBuildInputs to put paletteGenerator on the PATH during the build, so you don't need getExe.

[trueNAHO]

Some filepaths contain whitespace:

$ nix eval .#testbed:alacritty:schemeless
trace:
cfg.image is: /nix/store/7shj92cnnfcxbkqlhhsmv3m7v7k59ii3-three-bicycles/three bicycles.jpg
escapeShellArg cfg.image is: '/nix/store/7shj92cnnfcxbkqlhhsmv3m7v7k59ii3-three-bicycles/three bicycles.jpg'

NOTE: This means the escapeShellArg removed on this line was also not redundant.

This is intentionally being tested by

stylix/stylix/testbed/images.nix

Lines 9 to 26 in 2b727da

	light =
	let
	image = fetchurl {
	name = "three-bicycles.jpg";
	url = "https://unsplash.com/photos/hwLAI5lRhdM/download?ixid=M3wxMjA3fDB8MXxhbGx8fHx8fHx8fHwxNzE2MzYxNDcwfA&force=true";
	hash = "sha256-S0MumuBGJulUekoGI2oZfUa/50Jw0ZzkqDDu1nRkFUA=";
	};
	# Create a path containing a space to test that `stylix.image` is
	# correctly quoted when used as a shell argument. We have to use a
	# directory as the parent because derivation names themselves cannot
	# contain spaces.
	directory = runCommandLocal "three-bicycles" { } ''
	mkdir "$out"
	cp ${image} "$out/three bicycles.jpg"
	'';
	in
	"${directory}/three bicycles.jpg";

to catch these edge cases.

IMO, a cleaner way to handle this kinda thing generally is using derivationArgs:

pkgs.runCommand "palette.json"
  {
    inherit (cfg) polarity image;
  }
  ''
    ${lib.getExe cfg.paletteGenerator} \
      "$polarity" \
      "$image" \
      "$out"
  '';

derivation args always get serialised into shell variables, so things like whitespace get handled automatically.

You can also use nativeBuildInputs to put paletteGenerator on the PATH during the build, so you don't need getExe.

Yes, I just think no one bothered refactoring this until now. I added commit 3f6651a ("stylix/palette: use derivation arguments instead of string interpolation") to this PR.

[MrSom3body]

hyprlock works :)

[MattSturgeon]

Otherwise LGTM

[MattSturgeon]

This will fail for any image path that needs shell escaping, such as ones containing whitespace. Same issue as what you've already addressed in palette.json.

[MrSom3body]

LGTM hyprlock still works