DeterminateSystems · Feb 28, 2026 · Feb 13, 2026 · Feb 22, 2026 · Feb 22, 2026 · Feb 22, 2026
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -6,6 +6,7 @@ members = [
     "nix-wasm-plugin-yaml",
     "nix-wasm-plugin-mandelbrot",
     "nix-wasm-plugin-test",
+    "nix-wasm-plugin-quickjs",
     "nix-wasm-plugin-grep",
 ]
 resolver = "2"

diff --git a/flake.lock b/flake.lock
diff --git a/flake.nix b/flake.nix
@@ -4,7 +4,7 @@
   inputs = {
     nixpkgs.follows = "nix/nixpkgs";
     flake-schemas.url = "https://flakehub.com/f/DeterminateSystems/flake-schemas/*.tar.gz";
-    nix.url = "github:DeterminateSystems/nix-src/wasm";
+    nix.url = "github:DeterminateSystems/nix-src/main";
   };
 
   outputs = { self, ... }@inputs:
@@ -20,6 +20,105 @@
       packages = forAllSystems ({ pkgs, system }: rec {
         default = nix-wasm-plugins;
 
+        nix-wasm-plugin-quickjs = with pkgs;
+          let
+            quickjsCargoToml = builtins.fromTOML (builtins.readFile ./nix-wasm-plugin-quickjs/Cargo.toml);
+            rustPackages = pkgs.rustPackages_1_89;
+            rustPlatform = rustPackages.rustPlatform;
+            rustSysroot = runCommand "rust-sysroot" { } ''
+              mkdir -p $out/lib/rustlib
+              cp -r ${rustPackages."rustc-unwrapped"}/lib/rustlib/* $out/lib/rustlib/
+              mkdir -p $out/lib/rustlib/src
+              ln -s ${rustPlatform.rustcSrc} $out/lib/rustlib/src/rust
+            '';
+            rustcWithSysroot = runCommand "rustc-with-sysroot" { } ''
+              mkdir -p $out/bin
+              cat > $out/bin/rustc <<'EOF'
+              #!/bin/sh
+              exec ${rustPackages.rustc}/bin/rustc --sysroot ${rustSysroot} "$@"
+              EOF
+              chmod +x $out/bin/rustc
+            '';
+            wasiCc = pkgs.pkgsCross.wasi32.stdenv.cc;
+            wasiLibc = pkgs.pkgsCross.wasi32.wasilibc;
+            wasiLibcDev = wasiLibc.dev;
+            wasiSysroot = runCommand "wasi-sysroot" { } ''
+              mkdir -p $out/include $out/lib/wasm32-wasip1
+              cp -R ${wasiLibcDev}/include/* $out/include/
+              cp -R ${wasiLibc}/lib/* $out/lib/
+              cp -R ${wasiLibc}/lib/* $out/lib/wasm32-wasip1/
+            '';
+            wasiSdk = runCommand "wasi-sdk-compat" { } ''
+              mkdir -p $out/bin $out/lib/clang/19 $out/share
+
+              ln -s ${wasiCc}/bin/wasm32-unknown-wasi-clang $out/bin/clang
+              ln -s ${wasiCc}/bin/wasm32-unknown-wasi-clang++ $out/bin/clang++
+              ln -s ${wasiCc}/bin/wasm32-unknown-wasi-ar $out/bin/ar
+              ln -s ${wasiCc}/bin/wasm32-unknown-wasi-ld.lld $out/bin/ld.lld
+
+              ln -s ${wasiCc}/resource-root/include $out/lib/clang/19/include
+              ln -s ${wasiSysroot} $out/share/wasi-sysroot
+            '';
+            workspaceVendor = rustPlatform.fetchCargoVendor {
+              src = self;
+              hash = "sha256-c2jpj5YfRKIiIAwry0dOoNzAqW6YUdnHWsCe61t/New=";
+            };
+            stdlibVendor = rustPlatform.fetchCargoVendor {
+              src = rustPlatform.rustcSrc;
+              cargoRoot = "library";
+              hash = "sha256-XD+1wJ7GfnJG4qyulIdZum7VV4rtIoQRM+L0xXUHjXA=";
+            };
+            cargoVendor = runCommand "cargo-vendor-merged" { } ''
+              mkdir -p $out
+              cp -R ${workspaceVendor}/* $out/
+              mkdir -p $out/.cargo
+              cp -R ${workspaceVendor}/.cargo/* $out/.cargo/
+              chmod -R u+w $out
+              cp -R ${stdlibVendor}/* $out/
+              cp ${workspaceVendor}/Cargo.lock $out/Cargo.lock
+              cp ${workspaceVendor}/.cargo/config.toml $out/.cargo/config.toml
+            '';
+          in rustPlatform.buildRustPackage {
+            pname = quickjsCargoToml.package.name;
+            version = quickjsCargoToml.package.version;
+
+            cargoLock.lockFile = ./Cargo.lock;
+            cargoDeps = cargoVendor;
+
+            src = self;
+
+            buildPhase = ''
+              RUSTFLAGS="-L ${wasiSdk}/share/wasi-sysroot/lib/wasm32-wasip1" \
+                cargo build --release -p nix-wasm-plugin-quickjs \
+                --target wasm32-wasip1 -Z build-std=std,panic_abort
+            '';
+
+            installPhase = ''
+              mkdir -p $out
+              for i in target/wasm32-wasip1/release/*.wasm; do
+                wasm-opt -O3 --enable-bulk-memory --enable-nontrapping-float-to-int --enable-simd -o "$out/$(basename "$i")" "$i"
+              done
+            '';
+
+            nativeBuildInputs = [
+              rustPackages.rustc.llvmPackages.lld
+              binaryen
+              llvmPackages.clang
+              llvmPackages.libclang
+            ];
+
+            WASI_SDK = "${wasiSdk}";
+            LIBCLANG_PATH = "${llvmPackages.libclang.lib}/lib";
+            RUSTC = "${rustcWithSysroot}/bin/rustc";
+            CC_wasm32_wasip1 = "${wasiSdk}/bin/clang";
+            AR_wasm32_wasip1 = "${wasiSdk}/bin/ar";
+            CFLAGS_wasm32_wasip1 = "--sysroot=${wasiSdk}/share/wasi-sysroot -isystem ${wasiSdk}/lib/clang/19/include";
+            BINDGEN_EXTRA_CLANG_ARGS_wasm32_wasip1 = "-fvisibility=default --sysroot=${wasiSdk}/share/wasi-sysroot -isystem ${wasiSdk}/lib/clang/19/include -resource-dir ${wasiSdk}/lib/clang/19";
+            CARGO_TARGET_WASM32_WASIP1_LINKER = "${wasiSdk}/bin/ld.lld";
+            RUSTC_BOOTSTRAP = "1";
+            doCheck = false;
+          };
+
         nix-wasm-plugins = with pkgs; rustPlatform.buildRustPackage {
           pname = cargoToml.package.name;
           version = cargoToml.package.version;
@@ -29,13 +128,17 @@
           src = self;
 
           CARGO_BUILD_TARGET = "wasm32-unknown-unknown";
-          buildPhase = "cargo build --release";
+          buildPhase = "cargo build --release --workspace --exclude nix-wasm-plugin-quickjs";
 
           checkPhase = ''
+            mkdir -p plugins
+            cp target/wasm32-unknown-unknown/release/*.wasm plugins/
+            cp ${nix-wasm-plugin-quickjs}/*.wasm plugins/
+
             for i in nix-wasm-plugin-*/tests/*.nix; do
               echo "running test $i..."
               base="$(dirname $i)/$(basename $i .nix)"
-              nix eval --store dummy:// --offline --json --show-trace -I plugins=target/wasm32-unknown-unknown/release --impure --eval-cores 0 --file "$i" > "$base.out"
+              nix eval --store dummy:// --offline --json --show-trace -I plugins=plugins --impure --eval-cores 0 --file "$i" > "$base.out"
               cmp "$base.exp" "$base.out"
             done
           '';
@@ -45,6 +148,7 @@
             for i in target/wasm32-unknown-unknown/release/*.wasm; do
               wasm-opt -O3 -o "$out/$(basename "$i")" "$i"
             done
+            cp ${nix-wasm-plugin-quickjs}/*.wasm $out/
           '';
 
           nativeBuildInputs = [

diff --git a/nix-wasm-plugin-quickjs/Cargo.toml b/nix-wasm-plugin-quickjs/Cargo.toml
@@ -0,0 +1,11 @@
+[package]
+name = "nix-wasm-plugin-quickjs"
+version = "0.1.0"
+edition = "2021"
+
+[lib]
+crate-type = ["cdylib"]
+
+[dependencies]
+nix-wasm-rust = { path = "../nix-wasm-rust" }
+rquickjs = { version = "0.11.0", features = ["bindgen"] }
diff --git a/nix-wasm-plugin-quickjs/src/lib.rs b/nix-wasm-plugin-quickjs/src/lib.rs
@@ -0,0 +1,82 @@
+use nix_wasm_rust::{nix_wasm_init_v1, warn, wasi_arg, Value};
+use rquickjs::{Array, Context, Object, Runtime, Value as JsValue};
+use std::string::String as StdString;
+
+fn fail(context: &str, err: impl std::fmt::Display) -> ! {
+    warn!("quickjs {context} failed: {err}");
+    panic!("quickjs {context} failed: {err}");
+}
+
+fn js_value_to_nix(value: JsValue) -> Value {
+    if value.is_null() || value.is_undefined() {
+        return Value::make_null();
+    }
+    if let Some(b) = value.as_bool() {
+        return Value::make_bool(b);
+    }
+    if let Some(i) = value.as_int() {
+        return Value::make_int(i as i64);
+    }
+    if let Some(f) = value.as_float() {
+        return Value::make_float(f);
+    }
+    if let Some(js_str) = value.as_string() {
+        let s = js_str.to_string().unwrap_or_else(|err| fail("string conversion", err));
+        return Value::make_string(&s);
+    }
+    if value.is_array() {
+        let array: Array = value
+            .clone()
+            .into_array()
+            .unwrap_or_else(|| fail("array conversion", "value is not an array"));
+        let mut items = Vec::new();
+        for entry in array.into_iter() {
+            let entry = entry.unwrap_or_else(|err| fail("array iteration", err));
+            items.push(js_value_to_nix(entry));
+        }
+        return Value::make_list(&items);
+    }
+    if value.is_object() {
+        let object: Object = value
+            .into_object()
+            .unwrap_or_else(|| fail("object conversion", "value is not an object"));
+        let mut entries: Vec<(StdString, Value)> = Vec::new();
+        for entry in object.props::<StdString, JsValue>() {
+            let (key, value) = entry.unwrap_or_else(|err| fail("object iteration", err));
+            entries.push((key, js_value_to_nix(value)));
+        }
+        let attrs: Vec<(&str, Value)> = entries
+            .iter()
+            .map(|(key, value)| (key.as_str(), *value))
+            .collect();
+        return Value::make_attrset(&attrs);
+    }
+
+    warn!("quickjs value type not supported: {:?}", value.type_of());
+    panic!("quickjs value type not supported: {:?}", value.type_of());
+}
+
+fn eval_impl(arg: Value) -> Value {
+    let code = arg.get_string();
+
+    let runtime = Runtime::new().unwrap_or_else(|err| fail("runtime init", err));
+    let context = Context::full(&runtime).unwrap_or_else(|err| fail("context init", err));
+
+    context.with(|ctx| {
+        let value: JsValue = ctx.eval(code).unwrap_or_else(|err| fail("eval", err));
+        js_value_to_nix(value)
+    })
+}
+
+#[no_mangle]
+pub extern "C" fn eval(arg: Value) -> Value {
+    nix_wasm_init_v1();
+    eval_impl(arg)
+}
+
+#[no_mangle]
+pub extern "C" fn _start() {
+    nix_wasm_init_v1();
+    let result = eval_impl(wasi_arg());
+    result.return_to_nix();
+}
diff --git a/nix-wasm-plugin-quickjs/tests/eval.exp b/nix-wasm-plugin-quickjs/tests/eval.exp
@@ -0,0 +1 @@
+{"arr":[1,"two",false],"bool":true,"float":1.5,"nil":null,"num":1,"obj":{"nested":3},"str":"hello","undef":null}
diff --git a/nix-wasm-plugin-quickjs/tests/eval.nix b/nix-wasm-plugin-quickjs/tests/eval.nix
@@ -0,0 +1,12 @@
+builtins.wasi <plugins/nix_wasm_plugin_quickjs.wasm> ''
+  ({
+    num: 1,
+    float: 1.5,
+    str: "hello",
+    bool: true,
+    nil: null,
+    undef: undefined,
+    arr: [1, "two", false],
+    obj: { nested: 3 }
+  })
+''
diff --git a/nix-wasm-rust/src/lib.rs b/nix-wasm-rust/src/lib.rs
@@ -36,6 +36,16 @@ pub struct Value(ValueId);
 
 type ValueId = u32;
 
+pub fn wasi_arg() -> Value {
+    let arg = std::env::args()
+        .nth(1)
+        .unwrap_or_else(|| panic("missing WASI argument"));
+    let value_id = arg.parse::<ValueId>().unwrap_or_else(|err| {
+        panic(&format!("invalid WASI argument '{arg}': {err}"))
+    });
+    Value::from_raw(value_id)
+}
+
 #[repr(C)]
 pub enum Type {
     Int = 1,
@@ -50,6 +60,21 @@ pub enum Type {
 }
 
 impl Value {
+    pub const fn from_raw(value: ValueId) -> Value {
+        Value(value)
+    }
+
+    pub const fn id(self) -> ValueId {
+        self.0
+    }
+
+    pub fn return_to_nix(self) -> ! {
+        extern "C" {
+            fn return_to_nix(value: ValueId) -> !;
+        }
+        unsafe { return_to_nix(self.0) }
+    }
+
     pub fn get_type(&self) -> Type {
         extern "C" {
             fn get_type(value: ValueId) -> Type;
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		{"arr":[1,"two",false],"bool":true,"float":1.5,"nil":null,"num":1,"obj":{"nested":3},"str":"hello","undef":null}