> > So the invariant I suggest is
> > * If it'd work in an empty database, it should work in any non-empty one
> > * Installing X should never break the existing installation of Y
> This makes a lot of sense to me.

We've been working on this for some time and this property is sometimes
known as hermetic builds. The first approximation will be sandbox in (as it
is relatively easy to implement). Long term we want a write only Nix like
package store.
