The standard editor
The standard editor
Nix packages arent containerized by default. But since every depenedency is clearly defined. there are tools wrap packkages using bublewrap, or tools build layered docker imahes
But building packages happens in sandbox
Reminds me https://xkcd.com/1200
The safest install method \s