no, and it frequently comes up.
One thing you can do to prevent this is by supplying a name attribute to fetchurl (or helpers) that includes version information which will change the drv.
fetchurl = {
url = https://.....;
sha256 = "XXXX";
};
will only check the sha.
fetchurl = {
url = https://.....;
sha256 = "XXXX";
name = "${pname}-${version}-source";
};
will make a new derivation when version of the outer attr set changes. (this assumes the outer set has the rec keyword)