Add hardeningDisable to devShell module

API_GUIDE.md

@@ -508,6 +508,9 @@ list.
 initialization. It can optionally be a function taking the package set and
 returning such a string.
 
+`devShell.hardeningDisable` is a list of hardening options to disable. Setting
+it to `["all"]` disables all Nix hardening.
+
 `devShell.env` is for setting environment variables in the shell. It is an
 attribute set mapping variables to values. It can optionally be a function
 taking the package set and returning such an attribute set.

builtinModules/devShells.nix

@@ -25,6 +25,11 @@ let
       default = "";
     };
 
+    hardeningDisable = mkOption {
+      type = listOf str;
+      default = [ ];
+    };
+
     env = mkOption {
       type = optFunctionTo (lazyAttrsOf str);
       default = { };
@@ -59,7 +64,10 @@ let
     else
       let cfg' = mapAttrs (_: v: v pkgs) cfg; in
       pkgs.mkShell.override { inherit (cfg') stdenv; }
-        (cfg'.env // { inherit (cfg') inputsFrom packages shellHook; });
+        (cfg'.env // {
+          inherit (cfg') inputsFrom packages shellHook;
+          inherit (cfg) hardeningDisable;
+        });
 in
 {
   options = {

tests/default.nix

@@ -343,6 +343,7 @@ in
         '';
         env.TEST_VAR = "test value";
         stdenv = pkgs: pkgs.clangStdenv;
+        hardeningDisable = [ "all" ];
       };
     })
     (f: lib.isDerivation f.devShells.x86_64-linux.default);