Nix

add usedforsecurity=False to md5/sha1 for FIPS compliance #4310

	name: "Nix"
	on:
	pull_request:
	merge_group:
	push:
	branches:
	- main
	jobs:
	build:
	strategy:
	matrix:
	include:
	- os: ubuntu-latest
	arch: x86_64-linux
	- os: ubuntu-latest
	arch: aarch64-linux
	- os: macos-14
	arch: x86_64-darwin
	- os: macos-14
	arch: aarch64-darwin
	name: Build Nix - ${{ matrix.arch }}.${{ matrix.os }}
	runs-on: ${{ matrix.os }}
	steps:
	- uses: actions/checkout@v4
	- name: Setup git lfs
	uses: ./.github/actions/setup-git-lfs
	- uses: cachix/install-nix-action@v31
	with:
	install_url: https://releases.nixos.org/nix/nix-2.18.8/install
	extra_nix_config: \|
	access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
	- name: Setup emulation
	if: ${{ matrix.arch == 'aarch64-linux' }}
	run: \|
	sudo apt update
	sudo apt install -q -y qemu-system-aarch64 qemu-efi-aarch64 binfmt-support qemu-user-static
	mkdir -p ~/.config/nix
	echo "system-features = aarch64-linux arm-linux" \| sudo tee -a /etc/nix/nix.conf
	- uses: cachix/cachix-action@v16
	with:
	name: unblob
	authToken: ${{ secrets.CACHIX_AUTH_TOKEN }}
	extraPullNames: pyperscan
	- run: \|
	nix flake check -L --option system ${{ matrix.arch }} --extra-platforms ${{ matrix.arch }}

Provide feedback