Determinate Nix version 3.8.1 is now available, including important security improvements. This release follows the revocation of Determinate Nix 3.8.0 after discovering a security regression for macOS users.
All users on macOS should upgrade to Determinate Nix 3.8.1 as soon as possible to address the issue.
We will publish further details in a follow-up post.
Note that platform and security notices are also published to our status page, and users are encouraged to subscribe for updates. For further questions, feel free to contact support.
How to get Determinate Nix
If you already have Determinate Nix installed, you can upgrade to 3.8.1 with one Determinate Nixd command:
sudo determinate-nixd upgradeIf you don’t yet have Determinate Nix installed, you can upgrade or migrate to Determinate Nix on macOS using our graphical installer:
Install Determinate Nix on macOS now
Apple Silicon and Intel
On Linux:
curl --proto '=https' --tlsv1.2 -sSf -L https://install.determinate.systems/nix | \ sh -s -- install --determinateOn NixOS, we recommend using our dedicated NixOS module or our NixOS ISO (NixOS installer for x86_64, NixOS installer for ARM) with Determinate Nix pre-installed.
On GitHub Actions:
on: pull_request: workflow_dispatch: push: branches: - main
jobs: nix-ci: runs-on: ubuntu-latest # Include this block to log in to FlakeHub and access private flakes permissions: id-token: write contents: read steps: - uses: actions/checkout@v4 - uses: DeterminateSystems/determinate-nix-action@v3 - uses: DeterminateSystems/flakehub-cache-action@main - uses: DeterminateSystems/nix-flake-checker-action@main - run: nix flake checkIn Amazon Web Services:
data "aws_ami" "detsys_nixos" { most_recent = true owners = ["535002876703"]
filter { name = "name" values = ["determinate/nixos/epoch-1/*"] }
filter { name = "architecture" values = ["x86_64"] }}