Determinate Nix 3.14.0 is here to deliver major quality-of-life improvements just in time for the holiday season. Based on upstream Nix 2.32.4, this release brings:
- A new
nix pscommand for visualizing in-progress Nix builds - Much-improved failure output for some vital Nix commands
- An improved upgrade experience for some Nix users
- Flake registry mirroring for improved reliability
- A new
nix registry resolvecommand - Some improvements to the Determinate Nix Docker image
- A handful of bug fixes
What is going on?! nix ps to the rescue
Determinate Nix 3.14.0 introduces a nix ps command that summarizes all of Nix’s current active builds and child processes:
nix psHere’s an example visualization:
USER PID CPU DERIVATION/COMMAND_nixbld1 30167 0.4s /nix/store/h431bcfml83czhpyzljhp9mw4yrq95vs-determinate-nix-manual-3.14.0.drv (wall=9s)_nixbld1 30167 0.2s └───bash -e /nix/store/vj1c3wf9c11a0qs6p3ymfvrnsdgsdcbq-source-stdenv.sh /nix/store/shkw4qm9qcw5sc5n1k5jznc83ny02r39-default-builder.s_nixbld1 30278 0.0s └───ninja -j14_nixbld1 30279 0.0s ├───/nix/store/v21kg4vm7yy0wflh0avkibz0shk86jn8-python3-3.12.11/bin/python3.12 /nix/store/lp001an6p80qx2fhdxgv5ysbn2iwj9pa-mes_nixbld1 30286 0.0s │ └───/nix/store/z59zm01pjwzil2qkvv0s4ibk54risy9a-determinate-nix-3.14.0/bin/nix config show --json_nixbld1 30280 0.0s ├───/nix/store/v21kg4vm7yy0wflh0avkibz0shk86jn8-python3-3.12.11/bin/python3.12 /nix/store/lp001an6p80qx2fhdxgv5ysbn2iwj9pa-mes_nixbld1 30287 0.0s │ └───/nix/store/z59zm01pjwzil2qkvv0s4ibk54risy9a-determinate-nix-3.14.0/bin/nix __dump-language_nixbld1 30281 0.0s ├───/nix/store/v21kg4vm7yy0wflh0avkibz0shk86jn8-python3-3.12.11/bin/python3.12 /nix/store/lp001an6p80qx2fhdxgv5ysbn2iwj9pa-mes_nixbld1 30288 0.0s │ └───/nix/store/z59zm01pjwzil2qkvv0s4ibk54risy9a-determinate-nix-3.14.0/bin/nix __dump-cli_nixbld1 30282 0.0s ├───/nix/store/v21kg4vm7yy0wflh0avkibz0shk86jn8-python3-3.12.11/bin/python3.12 /nix/store/lp001an6p80qx2fhdxgv5ysbn2iwj9pa-mes_nixbld1 30284 0.0s │ └───/nix/store/z59zm01pjwzil2qkvv0s4ibk54risy9a-determinate-nix-3.14.0/bin/nix __dump-xp-features_nixbld1 30283 0.0s └───/nix/store/v21kg4vm7yy0wflh0avkibz0shk86jn8-python3-3.12.11/bin/python3.12 /nix/store/lp001an6p80qx2fhdxgv5ysbn2iwj9pa-mes_nixbld1 30285 0.0s └───/nix/store/5c8hb299k0acbypqw6j9m4znyd6b97cz-bash-5.2p37/bin/bash -euo pipefail -c if type -p build-release-notes > /de_nixbld1 30289 0.0s └───changelog-d ../source/release-notes/../../rl-nextFor people who want to integrate it with other tools, nix ps has a --json flag that you can set to get all the raw data in JSON form.
Here’s an example:
[ { "cgroup": null, "clientPid": null, "clientUid": null, "derivation": "a1l9brca1wrz7w840jgx0ys3xybxpx1z-apache-kafka-2.13-4.1.0.drv", "mainPid": 99530, "mainUser": { "name": "_nixbld1",45 collapsed lines
"uid": 351 }, "nixPid": 99528, "processes": [ { "argv": [ "bash", "-e", "/nix/store/l622p70vy8k5sh7y5wizi5f2mic6ynpg-source-stdenv.sh", "/nix/store/shkw4qm9qcw5sc5n1k5jznc83ny02r39-default-builder.sh" ], "cstime": null, "cutime": null, "parentPid": 99528, "pid": 99530, "stime": 0.07667700201272964, "user": { "name": "_nixbld1", "uid": 351 }, "utime": 0.13316699862480164 }, { "argv": [ "dirname", "/nix/store/0rmw10m3fwqqkgfdsvq2sj0w9nriyqg6-apache-kafka-2.13-4.1.0/bin/kafka-consumer-groups.sh" ], "cstime": null, "cutime": null, "parentPid": 99530, "pid": 99664, "stime": 0.0010509999701753259, "user": { "name": "_nixbld1", "uid": 351 }, "utime": 0.0014799999771639705 } ], "startTime": 1765379479.0, "stime": null, "type": "build", "utime": null }]Relevant pull requests
The build, profile, and flake check commands tell you which output failed
In Determinate Nix 3.14.0 nix build, nix profile, and nix flake check now tell you exactly which flake outputs failed to build.
Previously, the error would indicate only which derivation failed to build, which can be helpful, but really you want to see the output.
Here’s an example command that builds two failing outputs:
nix build .#oneFakeHash .#badSystem --keep-goingYou can clearly see the flake output behind each failure:
❌ git+file:///Users/grahamc/src/github.com/DeterminateSystems/samples#oneFakeHasherror: hash mismatch in fixed-output derivation '/nix/store/58pp1y74j4f5zxfq50xncv2wvnxf7w3y-one-fake-hash.drv': specified: sha256-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA= got: sha256-i7j83d71sibS/ssSjLJ5PMKmbhjAM+BHW0aElvkgEwY=❌ git+file:///Users/grahamc/src/github.com/DeterminateSystems/samples#badSystemerror: Cannot build '/nix/store/5vsaxi730yl2icngkyvn8wiflik5wfmq-bad-system.drv'. Reason: required system or feature not available Required system: 'bogus' with features {} Current system: 'aarch64-darwin' with features {apple-virt, benchmark, big-parallel, nixos-test}And in a change that we find especially useful in CI, nix flake check now provides greatly improved summaries.
So you can now run this…
nix flake check…and see something colorful and nuanced yet crystal clear:
❓ checks.aarch64-darwin.twoFakeHashes (cancelled)❓ checks.aarch64-darwin.badSystemNested (cancelled)❓ checks.aarch64-darwin.oneFakeHash (cancelled)❓ checks.aarch64-darwin.failure (cancelled)❓ checks.aarch64-darwin.badSystem (cancelled)❓ checks.aarch64-darwin.weirdHash (cancelled)❓ checks.aarch64-darwin.all (cancelled)❓ checks.aarch64-darwin.fakeHashes (cancelled)❓ checks.aarch64-darwin.incorrectHashes (cancelled)❓ checks.aarch64-darwin.badFeaturesNested (cancelled)❓ checks.aarch64-darwin.failureNested (cancelled)❌ checks.aarch64-darwin.badFeatureserror: Cannot build '/nix/store/sc1cyhrpsm9yjx55cl2zzyr5lypwigi6-bad-feature.drv'. Reason: required system or feature not available Required system: 'aarch64-darwin' with features {bogus} Current system: 'aarch64-darwin' with features {apple-virt, benchmark, big-parallel, nixos-test}Relevant pull requests
More seamless upgrades from Nix 2.18 and Nix 2.19
We’ve heard from some users who have struggled to upgrade from Nix 2.18. These users are primarily experiencing problems caused by Nix 2.20 switching from git-archive to libgit2 for fetching repositories. This change caused some git-archive filters, like autocrlf, to stop executing. Not running those filters is an improvement because running those filters can cause instability in source hashes. This switch, however, did cause previously valid hashes to become invalid.
Determinate Nix now retries fetching an old archive with git-archive as a fallback when libgit2 fails to provide the correct source.
Further, to support a progressive migration Determinate Nix has a new option: nix-219-compat.
You can set nix-219-compat = true to cause Nix to author new flake.nix files with a git-archive-based source hash.
Finally, a user identified that builtins.path had changed since 2.18 and stopped propagating references.
We have corrected this regression.
Relevant pull requests
Flake registry mirroring
Determinate Nix now includes a fallback copy of the install.determinate.systems.
Combined, these changes enhance the reliability of Nix in the face of network outages.
Relevant pull request
Flake registry resolution CLI
We added the new command nix registry resolve to help debug issues with flake registries.
This command looks up a flake registry input name and returns the
For example, looking up Nixpkgs:
nix registry resolve nixpkgsExample output:
https://flakehub.com/f/DeterminateSystems/nixpkgs-weekly/0.1Or looking up the 25.11 branch of Nixpkgs:
nix registry resolve nixpkgs/release-25.11Example output:
github:NixOS/nixpkgs/release-25.11Relevant pull request
Improved Docker image packaging
Thanks to GitHub user employee-64c7dcd530593118dcccc3fb, you can now further customize the OCI/Docker images built by Determinate Nix’s flake.nix.
In particular, you can now specify a base image using the fromImage attribute and additional directories to include at the beginning or end of the PATH variable using the extraPrePaths and extraPostPaths attributes, respectively.
Relevant pull requests
Bug fixes
And as always, we squashed some random bugs:
- Corrected an error with parallel evaluation (DeterminateSystems/nix-src#286)
- Fixed compatibility with updated Nixpkgs versions. Thank you, SandaruKasa! (DeterminateSystems/nix-src#284)
How to get Determinate Nix
If you already have Determinate Nix installed, you can upgrade to 3.14.0 with one Determinate Nixd command:
sudo determinate-nixd upgradeIf you don’t yet have Determinate Nix installed, you can upgrade or migrate to Determinate Nix on macOS using our graphical installer:
Install Determinate Nix on macOS now 🍎
With support for Apple Silicon (aarch64-darwin)
On Linux:
curl --proto '=https' --tlsv1.2 -sSf -L https://install.determinate.systems/nix | \ sh -s -- install --determinateOn NixOS, we recommend using our dedicated NixOS module or our NixOS ISO (NixOS installer for x86_64, NixOS installer for ARM) with Determinate Nix pre-installed.
On GitHub Actions:
on: pull_request: workflow_dispatch: push: branches: - main
jobs: nix-ci: runs-on: ubuntu-latest # Include this block to log in to FlakeHub and access private flakes permissions: id-token: write contents: read steps: - uses: actions/checkout@v5 - uses: DeterminateSystems/flake-checker-action@main - uses: DeterminateSystems/determinate-nix-action@v3 - uses: DeterminateSystems/flakehub-cache-action@main - run: nix flake checkIn Amazon Web Services:
data "aws_ami" "detsys_nixos" { most_recent = true owners = ["535002876703"]
filter { name = "name" values = ["determinate/nixos/epoch-1/*"] }
filter { name = "architecture" values = ["x86_64"] }}