Skip to content

Release v3.14.0 #289

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
detsys-spaghetti merged 5 commits into from
Dec 9, 2025
Merged

Release v3.14.0 #289

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
130c4a9
Prepare release v3.14.0
github-actions[bot] Dec 8, 2025
b208199
Set .version-determinate to 3.14.0
github-actions[bot] Dec 8, 2025
4105c90
Generate release notes for 3.14.0
github-actions[bot] Dec 8, 2025
b340667
Draft up a changelog
grahamc Dec 9, 2025
fa4df63
Fixup
grahamc Dec 9, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .version-determinate
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1 +1 @@
3.13.2
3.14.0
1 change: 1 addition & 0 deletions doc/manual/source/SUMMARY.md.in
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -131,6 +131,7 @@
- [Contributing](development/contributing.md)
- [Determinate Nix Release Notes](release-notes-determinate/index.md)
- [Changes between Nix and Determinate Nix](release-notes-determinate/changes.md)<!-- next -->
- [Release 3.14.0 (2025-12-08)](release-notes-determinate/v3.14.0.md)
- [Release 3.13.2 (2025-11-19)](release-notes-determinate/v3.13.2.md)
- [Release 3.13.1 (2025-11-12)](release-notes-determinate/v3.13.1.md)
- [Release 3.13.0 (2025-11-09)](release-notes-determinate/v3.13.0.md)
Expand Down
14 changes: 13 additions & 1 deletion doc/manual/source/release-notes-determinate/changes.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# Changes between Nix and Determinate Nix

This section lists the differences between upstream Nix 2.32 and Determinate Nix 3.13.2.<!-- differences -->
This section lists the differences between upstream Nix 2.32 and Determinate Nix 3.14.0.<!-- differences -->

* In Determinate Nix, flakes are stable. You no longer need to enable the `flakes` experimental feature.

Expand Down Expand Up @@ -156,3 +156,15 @@ This section lists the differences between upstream Nix 2.32 and Determinate Nix
* Avoid unnecessary Git refetches [DeterminateSystems/nix-src#270](https://github.com/DeterminateSystems/nix-src/pull/270)

* Use mirrored flake registry [DeterminateSystems/nix-src#271](https://github.com/DeterminateSystems/nix-src/pull/271)

<!-- Determinate Nix version 3.14.0 -->

* Fixed a builtins.path regression: Propagate references from derivation outputs [DeterminateSystems/nix-src#283](https://github.com/DeterminateSystems/nix-src/pull/283)

* nix build, nix profile: Report failing/succeeding installables [DeterminateSystems/nix-src#281](https://github.com/DeterminateSystems/nix-src/pull/281)

* nix flake check: Show which outputs failed or succeeded [DeterminateSystems/nix-src#285](https://github.com/DeterminateSystems/nix-src/pull/285)

* Add `nix ps` command [DeterminateSystems/nix-src#282](https://github.com/DeterminateSystems/nix-src/pull/282)

* Backward compatibility for Nix < 2.20: Git inputs using git-archive [DeterminateSystems/nix-src#278](https://github.com/DeterminateSystems/nix-src/pull/278)
159 changes: 159 additions & 0 deletions doc/manual/source/release-notes-determinate/v3.14.0.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,159 @@
# Release 3.14.0 (2025-12-08)

* Based on [upstream Nix 2.32.4](../release-notes/rl-2.32.md).

## What is going on?! `nix ps` to the rescue

Determinate Nix now features a `nix ps` command to summarize all of the active builds and child processes:

```
$ nix ps
USER PID CPU DERIVATION/COMMAND
_nixbld1 30167 0.4s /nix/store/h431bcfml83czhpyzljhp9mw4yrq95vs-determinate-nix-manual-3.14.0.drv (wall=9s)
_nixbld1 30167 0.2s └───bash -e /nix/store/vj1c3wf9c11a0qs6p3ymfvrnsdgsdcbq-source-stdenv.sh /nix/store/shkw4qm9qcw5sc5n1k5jznc83ny02r39-default-builder.s
_nixbld1 30278 0.0s └───ninja -j14
_nixbld1 30279 0.0s ├───/nix/store/v21kg4vm7yy0wflh0avkibz0shk86jn8-python3-3.12.11/bin/python3.12 /nix/store/lp001an6p80qx2fhdxgv5ysbn2iwj9pa-mes
_nixbld1 30286 0.0s │ └───/nix/store/z59zm01pjwzil2qkvv0s4ibk54risy9a-determinate-nix-3.14.0/bin/nix config show --json
_nixbld1 30280 0.0s ├───/nix/store/v21kg4vm7yy0wflh0avkibz0shk86jn8-python3-3.12.11/bin/python3.12 /nix/store/lp001an6p80qx2fhdxgv5ysbn2iwj9pa-mes
_nixbld1 30287 0.0s │ └───/nix/store/z59zm01pjwzil2qkvv0s4ibk54risy9a-determinate-nix-3.14.0/bin/nix __dump-language
_nixbld1 30281 0.0s ├───/nix/store/v21kg4vm7yy0wflh0avkibz0shk86jn8-python3-3.12.11/bin/python3.12 /nix/store/lp001an6p80qx2fhdxgv5ysbn2iwj9pa-mes
_nixbld1 30288 0.0s │ └───/nix/store/z59zm01pjwzil2qkvv0s4ibk54risy9a-determinate-nix-3.14.0/bin/nix __dump-cli
_nixbld1 30282 0.0s ├───/nix/store/v21kg4vm7yy0wflh0avkibz0shk86jn8-python3-3.12.11/bin/python3.12 /nix/store/lp001an6p80qx2fhdxgv5ysbn2iwj9pa-mes
_nixbld1 30284 0.0s │ └───/nix/store/z59zm01pjwzil2qkvv0s4ibk54risy9a-determinate-nix-3.14.0/bin/nix __dump-xp-features
_nixbld1 30283 0.0s └───/nix/store/v21kg4vm7yy0wflh0avkibz0shk86jn8-python3-3.12.11/bin/python3.12 /nix/store/lp001an6p80qx2fhdxgv5ysbn2iwj9pa-mes
_nixbld1 30285 0.0s └───/nix/store/5c8hb299k0acbypqw6j9m4znyd6b97cz-bash-5.2p37/bin/bash -euo pipefail -c if type -p build-release-notes > /de
_nixbld1 30289 0.0s └───changelog-d ../source/release-notes/../../rl-next
```

For the integrators out there, it also has a `--json` flag with all the raw data.

PRs:
* [DeterminateSystems/nix-src#282](https://github.com/DeterminateSystems/nix-src/pull/282)
* [DeterminateSystems/nix-src#287](https://github.com/DeterminateSystems/nix-src/pull/287)


## Nix `build`, `profile`, and `flake check` commands tell you what output failed

These commands now tell you exactly what flake outputs failed to build.
Previously, the error would indicate only what derivation failed to build -- but not which output.

Now, `nix build` and `nix profile` commands provide the specific output:
Copy link
Member

@cole-h cole-h Dec 9, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I didn't realize it affected nix profile, neat

Copy link
Member

@grahamc grahamc Dec 9, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

=) ya!


```
$ nix build .#oneFakeHash .#badSystem --keep-going
❌ git+file:///Users/grahamc/src/github.com/DeterminateSystems/samples#oneFakeHash
error: hash mismatch in fixed-output derivation '/nix/store/58pp1y74j4f5zxfq50xncv2wvnxf7w3y-one-fake-hash.drv':
specified: sha256-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
got: sha256-i7j83d71sibS/ssSjLJ5PMKmbhjAM+BHW0aElvkgEwY=
❌ git+file:///Users/grahamc/src/github.com/DeterminateSystems/samples#badSystem
error: Cannot build '/nix/store/5vsaxi730yl2icngkyvn8wiflik5wfmq-bad-system.drv'.
Reason: required system or feature not available
Required system: 'bogus' with features {}
Current system: 'aarch64-darwin' with features {apple-virt, benchmark, big-parallel, nixos-test}
```

And in a great change for CI, `nix flake check` users get improved summaries too:

```
$ nix flake check
❓ checks.aarch64-darwin.twoFakeHashes (cancelled)
❓ checks.aarch64-darwin.badSystemNested (cancelled)
❓ checks.aarch64-darwin.oneFakeHash (cancelled)
❓ checks.aarch64-darwin.failure (cancelled)
❓ checks.aarch64-darwin.badSystem (cancelled)
❓ checks.aarch64-darwin.weirdHash (cancelled)
❓ checks.aarch64-darwin.all (cancelled)
❓ checks.aarch64-darwin.fakeHashes (cancelled)
❓ checks.aarch64-darwin.incorrectHashes (cancelled)
❓ checks.aarch64-darwin.badFeaturesNested (cancelled)
❓ checks.aarch64-darwin.failureNested (cancelled)
❌ checks.aarch64-darwin.badFeatures
error: Cannot build '/nix/store/sc1cyhrpsm9yjx55cl2zzyr5lypwigi6-bad-feature.drv'.
Reason: required system or feature not available
Required system: 'aarch64-darwin' with features {bogus}
Current system: 'aarch64-darwin' with features {apple-virt, benchmark, big-parallel, nixos-test}
```

PRs:
* [DeterminateSystems/nix-src#281](https://github.com/DeterminateSystems/nix-src/pull/281)
* [DeterminateSystems/nix-src#285](https://github.com/DeterminateSystems/nix-src/pull/285)


## More seamless upgrades from Nix 2.18 and Nix 2.19

We've heard from some users who are trying to upgrade from Nix 2.18.

These users are primarily experiencing problems caused by Nix 2.20 switching from `git-archive` to `libgit2` for fetching repositories.
This change caused some `git-archive` filters to stop executing, like autocrlf.
Not running those filters is an improvement, and running those filters *can cause* instability in source hashes.
However, this switch *did* cause previously valid hashes to become invalid.

Determinate Nix now retries fetching an old archive with `git-archive` as a fallback when libgit2 fails to provide the correct source.

Further, to support a progressive migration Determinate Nix has a new option: `nix-219-compat`.
Set `nix-219-compat=true` to cause Nix to author new flake.nix files with a `git-archive` based source hash.

Finally, a user identified `builtins.path` changed since 2.18 and stopped propagating references.
We have corrected this regression.

PRs:
* [DeterminateSystems/nix-src#283](https://github.com/DeterminateSystems/nix-src/pull/283)
* [DeterminateSystems/nix-src#278](https://github.com/DeterminateSystems/nix-src/pull/278)

## Flake registry mirroring

Determinate Nix now includes a fallback copy of the Nix Registry.
This change builds on top of v3.13.2, where we changed from the upstream Nix registry to a mirrored copy hosted by `install.determinate.systems`.

Combined, these changes increase the reliability of Nix in the face of network outages.

> [!NOTE]
> Flake registry URLs for `flake.nix` inputs is deprecated.
> The flake registry should only be used for interactive use.
> See: https://github.com/DeterminateSystems/nix-src/issues/37

PR: [DeterminateSystems/nix-src#273](https://github.com/DeterminateSystems/nix-src/pull/273)

## Flake registry resolution CLI

We added the new command `nix registry resolve` to help debug issues with Flake registries.
This command looks up a flake registry input name and returns the flakeref it resolves to.

For example, looking up Nixpkgs:

```
$ nix registry resolve nixpkgs
github:NixOS/nixpkgs/nixpkgs-unstable
```

Or looking up the 25.11 branch of Nixpkgs:
```
$ nix registry resolve nixpkgs/release-25.11
github:NixOS/nixpkgs/release-25.11
```

> [!NOTE]
> Flake registry URLs for `flake.nix` inputs is deprecated.
> The flake registry should only be used for interactive use.
> See: https://github.com/DeterminateSystems/nix-src/issues/37

PR: [DeterminateSystems/nix-src#273](https://github.com/DeterminateSystems/nix-src/pull/273)

## Improved Docker image packaging

Thanks to `employee-64c7dcd530593118dcccc3fb`, the OCI / Docker images built by the Determinate Nix flake.nix can be further customized.

Users can specify their own base image by specifying `fromImage`.

Additionally, users can specify additional directories to include at the beginning or end of the PATH variable with `extraPrePaths` and `extraPostPaths`.

PRs:
* [DeterminateSystems/nix-src#277](https://github.com/DeterminateSystems/nix-src/pull/277)
* [DeterminateSystems/nix-src#280](https://github.com/DeterminateSystems/nix-src/pull/280)

## Bug fixes

* Corrected an error with parallel evaluation which ([DeterminateSystems/nix-src#286](https://github.com/DeterminateSystems/nix-src/pull/286))
* Fixed compatibility with updated Nixpkgs versions. Thank you SandaruKasa! ([DeterminateSystems/nix-src#284](https://github.com/DeterminateSystems/nix-src/pull/284))

**Full Changelog**: [v3.13.2...v3.14.0](https://github.com/DeterminateSystems/nix-src/compare/v3.13.2...v3.14.0)