Releases: DeterminateSystems/nix-src
v3.17.2
Release 3.17.2 (2026-03-27)
- Based on upstream Nix 2.33.3.
What's Changed
Bug fixes
- Cache
getLegacyGitAccessor(). DeterminateSystems/nix-src#396 - Don't destroy
windowSizemutex. DeterminateSystems/nix-src#397 - When doing concurrent substitutions of the same path, download only once. DeterminateSystems/nix-src#398
builtins.getFlake: Handlepath:<p>where p has a discarded string context. DeterminateSystems/nix-src#402- Ensure
_interruptCallbacksis alive whilesignalHandlerThreadis running. DeterminateSystems/nix-src#403 - Fix assertion failure in
nix::BuiltPath::toRealisedPaths(). DeterminateSystems/nix-src#401
Full Changelog: v3.17.1...v3.17.2
v3.17.1
Release 3.17.1 (2026-03-18)
- Based on upstream Nix 2.33.3.
What's Changed
Provenance now supports "build-time" provenance tags
Users can now specify key/value tags to attach to a build's provenance.
For example, the nix-installer-action now attaches the following properties to each build:
- github_workflow_ref
- github_workflow_sha
- github_sha
- github_run_attempt
- github_run_id
- github_run_number
- github_job
- github_ref
- github_repository
- github_server_url
PR: DeterminateSystems/nix-src#374
Flake inputs are substituted when possible
Locked flake inputs will be fetched from a binary cache when possible, instead of preferring the authoritative flake source.
This is intended to reduce load on code forges, and also improves the user experience on large flake inputs.
PR: [#380](https://github.com/DeterminateSystems/nix-
nix profile upgrade and nix profile remove now support tab completion
PR: DeterminateSystems/nix-src#382
Flake schemas can now define an output as "legacy"
"Legacy" flakes are intended for legacyPackages on Nixpkgs.
The "legacy" mark is intended to reduce evaluation time due to the extreme size of legacyPackages.
Note: the name "legacy" is not intended as a value judgement, and at this point we're sort of stuck with the name.
Bug fixes
- Fix crash in
nix replloading an invalid WASM file twice. DeterminateSystems/nix-src#378 - nix profile upgrade/remove: Implement tab completion by @edolstra in * Don't crash if SIGINT happens while printing an exception. DeterminateSystems/nix-src#384
- nix-env -i: Wait for the async path writer. DeterminateSystems/nix-src#385
Full Changelog: v3.17.0...v3.17.1
Contributors
Assets 2
v3.17.0
Release 3.17.0 (2026-03-04)
- Based on upstream Nix 2.33.3.
What's Changed
Determinate Nix 3.17.0 brings exciting improvements like Flake Schemas, provenance, and Wasm / WASI.
We'll be posting more details over the next week or so on our blog: https://determinate.systems/blog/.
Full Changelog: v3.16.3...v3.17.0
v3.16.3
Release 3.16.3 (2026-02-24)
- Based on upstream Nix 2.33.3.
What's Changed
This release only includes changes in determinate-nixd.
v3.16.2
Release 3.16.2 (2026-02-23)
- Based on upstream Nix 2.33.3.
What's Changed
This release is exclusively improvements to determinate-nixd.
v3.16.1
Release 3.16.1 (2026-02-22)
- Based on upstream Nix 2.33.3.
What's Changed
nix store info now correctly support --refresh and --offline
Previously, Nix had a hard-coded TTL of seven days.
Determinate Nix moved that TTL to a new setting narinfo-cache-meta-ttl and now nix store info respects the --refresh and --offline flags.
This change makes it possible to freshly validate authenticating to a remote store.
PR: DeterminateSystems/nix-src#355
Corrected builtins.hashString behavior under lazy trees
builtins.hashString now devirtualizes lazy paths, making the hash result stable.
PR: DeterminateSystems/nix-src#360
Full Changelog: v3.16.0...v3.16.1
v3.16.0
Release 3.16.0 (2026-02-12)
- Based on upstream Nix 2.33.3.
Support .gitattributes in subdirectories
For performance, the Git backwards compatibility hack was only applied to repositories that had a .gitattributes in the root directory.
However, it is possible to have a .gitattributes file in a subdirectory, and there are real-world repos that do this, so we have dropped that restriction.
PR: DeterminateSystems/nix-src#335
Fix hung downloads when http-connections = 0
When we started limiting the number of active cURL handles in DeterminateSystems/nix-src#315, we did not take into account that http-connections = 0 is a special value that means, roughly "as many connections as possible" (the exact behavior is up to cURL).
This should now be fixed.
PR: DeterminateSystems/nix-src#327
builtins.getFlake now supports relative paths
builtins.getFlake now supports using relative paths, like:
builtins.getFlake ./..instead of the hacky
builtins.getFlake (builtins.flakeRefToString { type = "path"; path = self.sourceInfo.outPath; narHash = self.narHash; });Note that allowing builtins.getFlake to fetch from store paths is probably a bad idea, since it's ambiguous when using chroot stores, so a warning will be printed when this is encountered.
PRs:
Fixed a bug with too many open files
Recently, some users have reported seeing errors like:
error: creating git packfile indexer: failed to create temporary file '/Users/anon/.cache/nix/tarball-cache-v2/objects/pack/pack_git2_56d617039ac17c2b': Too many open files
This should now be fixed.
PR: DeterminateSystems/nix-src#347
Full Changelog: v3.15.2...v3.16.0
v3.15.2
Release 3.15.2 (2026-01-20)
- Based on upstream Nix 2.33.1.
What's Changed
Improved performance for users with a lot of dependencies
If you even had the occasion to query your binary cache for over 110,000 store path simultaneously you might have found it rather slow.
Previously, Nix would enqueue all the downloads at once.
This appears to trigger quadratic behavior in curl.
Determinate Nix now enqueues a reasonable number of subtitutions once.
At the same time, we fixed a performance issue in the progress bar with so many dependencies.
PR: DeterminateSystems/nix-src#315
Lazy trees update: path inputs are now lazy
Previously inputs like path:///path/to/a/dependency were eagerly fetched when lazy-trees is enabled.
In Determinate Nix 3.15.2, path input types are also fetched lazily.
This change saves time and improves performance for users with path inputs.
PRs:
nix repl now reports the Determinate version
A small change, but now nix repl correctly reports the Determinate Nix version:
$ nix repl
Nix (Determinate Nix 3.15.1) 2.33.0
Type :? for help.
nix-repl>
PR: DeterminateSystems/nix-src#316
New Contributors
- @dliberalesso made their first contribution in DeterminateSystems/nix-src#313
Full Changelog: v3.15.1...v3.15.2
Contributors
Assets 2
v3.15.1
Release 3.15.1 (2025-12-24)
- Based on upstream Nix 2.33.0.
What's Changed
Users reported the v3.15.0 tarball could not be fetched in a fixed-output derivation due to current stdenv paths present in the documentation. This release eliminated those paths.
PR: DeterminateSystems/nix-src#306
Additionally, this change re-enables CodeRabbit's code review on our changes. CodeRabit was disabled by the upstream project, and we inadvertently included that change.
PR: DeterminateSystems/nix-src#305
Full Changelog: v3.15.0...v3.15.1
v3.15.0
Release 3.15.0 (2025-12-19)
- Based on upstream Nix 2.33.0.
fetchTree improvement
builtins.fetchTree now implicitly treats the fetched tree as "final" when a narHash is supplied, meaning that it will not return attributes like lastModified or revCount unless they were specified by the caller. This makes it possible to substitute the tree from a binary cache, which is often more efficient. Furthermore, for Git inputs, it allows Nix to perform a shallow fetch, which is much faster.
This is primarily useful for users of flake-compat, since it uses builtins.fetchTree internally.
PR: DeterminateSystems/nix-src#297
New builtin function builtins.filterAttrs
Nixpkgs heavily relies on this function to select attributes from an attribute set:
filterAttrs = pred: set: removeAttrs set (filter (name: !pred name set.${name}) (attrNames set));Determinate Nix now has this function built-in, which makes it much faster.
PR: DeterminateSystems/nix-src#291
New Contributors
- @not-ronjinger made their first contribution in DeterminateSystems/nix-src#291
Full Changelog: v3.14.0...v3.15.0
