How can I find the last "stable" nixpkgs-unstable commit?

behrangsa · December 7, 2025, 12:19am

And is there a more efficient workflow compared what I am doing right now:

I go to https://status.nixos.org
Click on the commit ID
Copy the full commit ID from GitHub
Copy it to my configuration.nix and switch upgrade
I get a message that my hash is wrong
I update the hash and redo switch upgrade and my unstable packages are updated

Relevant snippet from my configuration.nix file:

let
  pkgsUnstable =
    import
      (builtins.fetchTarball {
        url = "https://github.com/NixOS/nixpkgs/archive/0d59e0290eefe0f12512043842d7096c4070f30e.tar.gz";
        sha256 = "sha256:04a03ffnjc2y22460n01djgvqgkrnmm02kqhrlzpd3wwjjbz3bb7";
      })
# ...
  environment.systemPackages = with pkgs; [
    # --- Group unstables together here, in alphabetical order
    pkgsUnstable.calibre
    pkgsUnstable.ghostty

I checked https://status.nixos.org now and looks like the current commit ID has build problems. How can I find the last commit ID that didn’t have build problems?

And is there a more efficient workflow to do what I am doing—sans using npins?

Thanks in advance.

waffle8946 · December 7, 2025, 12:44am

Just use the branch directly (nixos-unstable, not nixpkgs-unstable, since you’re on NixOS). It won’t advance if a channel blocker has a build problem.

If you don’t want to manually update hashes, you either add a new channel for the root user or you use npins. Otherwise you’ll still have to do steps 4-6.

TLATER · December 7, 2025, 1:49pm

npins exists precisely to give you a more efficient - and more easily automated - workflow, FWIW. You’re just manually running the steps the npins project does for you.

behrangsa · December 7, 2025, 4:05pm

I will try to give it a go. Just I am a bit overwhelmed right now.

behrangsa · December 7, 2025, 4:06pm

How can I do that, I tried to mess around with this with no success:

let
  pkgsUnstable =
    import
      (builtins.fetchTarball {
        url = "https://github.com/NixOS/nixpkgs/archive/0d59e0290eefe0f12512043842d7096c4070f30e.tar.gz";
        sha256 = "sha256:04a03ffnjc2y22460n01djgvqgkrnmm02kqhrlzpd3wwjjbz3bb7";
      })
      {
        config = pkgs.config;
        overlays = pkgs.overlays or [ ];
        inherit (pkgs) system;
      };
in
{
  imports = [

If I add the channel, can I delete:

let
  pkgsUnstable =
    import
      (builtins.fetchTarball {
        url = "https://github.com/NixOS/nixpkgs/archive/0d59e0290eefe0f12512043842d7096c4070f30e.tar.gz";
        sha256 = "sha256:04a03ffnjc2y22460n01djgvqgkrnmm02kqhrlzpd3wwjjbz3bb7";
      })
      {
        config = pkgs.config;
        overlays = pkgs.overlays or [ ];
        inherit (pkgs) system;
      };
in

And how should I then prefix the unstable packages:

  environment.systemPackages = with pkgs; [
    pkgsUnstable.calibre

Thanks in advance.

TLATER · December 7, 2025, 4:11pm

This command should give you the latest commit hash:

 curl https://api.github.com/repos/NixOS/nixpkgs/branches/nixos-unstable | jq .commit.sha

waffle8946 · December 7, 2025, 4:21pm

If you add the channel:

sudo nix-channel --add https://channels.nixos.org/nixos-unstable

Then you could reference it via its channel name:

let
  pkgsUnstable = import <nixos-unstable> {
    inherit (pkgs) config overlays;
    inherit (pkgs.stdenv.hostPlatform) system;
  };
in
# ...

Do not use this kind of URL - use a specific commit, if using a URL at all. Otherwise, the hash will change out from under you and your config will break.

behrangsa · December 7, 2025, 4:21pm

behrangsa:

      (builtins.fetchTarball {
        url = "https://github.com/NixOS/nixpkgs/archive/0d59e0290eefe0f12512043842d7096c4070f30e.tar.gz";
        sha256 = "sha256:04a03ffnjc2y22460n01djgvqgkrnmm02kqhrlzpd3wwjjbz3bb7";

Yes, I reverted the changes. But I think I should something other than fetchTarball?

I tried:

      (builtins.fetchTarball {
        url = "https://github.com/NixOS/nixpkgs/tree/nixos-unstable";
        sha256 = "";

But I got this error:

       error: Failed to open archive (Unrecognized archive format)
Command 'nix-build '<nixpkgs/nixos>' --attr config.system.build.toplevel --no-out-link' returned non-zero exit status 1.

I tried:

let
  pkgsUnstable =
    import
      (builtins.fetchTarball {
        url = "https://github.com/NixOS/nixpkgs/archive/commit/f61125a668a320878494449750330ca58b78c557.tar.gz";
        sha256 = "";
      })

I got this error:

       error: Failed to open archive (Source threw exception: error: unable to download 'https://github.com/NixOS/nixpkgs/archive/commit/f61125a668a320878494449750330ca58b78c557.tar.gz': HTTP error 404

              response body:

              404: Not Found)
Command 'nix-build '<nixpkgs/nixos>' --attr config.system.build.toplevel --no-out-link' returned non-zero exit status 1.

I tried url = https://api.github.com/repos/NixOS/nixpkgs/branches/nixos-unstable/archive/commit/f61125a668a320878494449750330ca58b78c557.tar.gz

I got this error:

       error: Failed to open archive (Source threw exception: error: unable to download 'https://api.github.com/repos/NixOS/nixpkgs/branches/nixos-unstable/archive/commit/f61125a668a320878494449750330ca58b78c557.tar.gz': HTTP error 404

              response body:

              {
                "message": "Branch not found",
                "documentation_url": "https://docs.github.com/rest/branches/branches#get-a-branch",
                "status": "404"
              })
Command 'nix-build '<nixpkgs/nixos>' --attr config.system.build.toplevel --no-out-link' returned non-zero exit status 1.

Noob world… with a sprinkle of adhd…

TLATER · December 7, 2025, 4:25pm

Drop the commit, I think, you were using just:

https://github.com/NixOS/nixpkgs/archive/0d59e0290eefe0f12512043842d7096c4070f30e.tar.gz

previously.

If you replace the commit hash in there, it should work:

https://github.com/NixOS/nixpkgs/archive/f61125a668a320878494449750330ca58b78c557.tar.gz

… that said, if you follow @waffle8946 's suggestion, you can update your whole system with just:

$ sudo nix-channel --update
$ nixos-rebuild boot --sudo

If you don’t want to use flakes or npins for automating updates, I suggest using channels. This will also download the tarball from NixOS foundation servers instead of GitHub, which has a bunch of nice benefits.

behrangsa · December 7, 2025, 4:28pm

Looks like I lost my stable channel:

$ sudo nix-channel --list
nixos https://nixos.org/channels/nixos-25.11

$ sudo nix-channel --add https://channels.nixos.org/nixos-unstable

$ sudo nix-channel --list
nixos https://channels.nixos.org/nixos-unstable

I also ran nix-channel --add https://channels.nixos.org/nixos-unstable once without sudo…

TLATER · December 7, 2025, 4:31pm

Right, to fix your channels, run:

$ sudo nix-channel --add https://channels.nixos.org/nixos-25.11 nixos
$ sudo nix-channel --add https://channels.nixos.org/nixos-unstable nixos-unstable
$ sudo nix-channel --update
$ nix-channel --remove nixos
$ nix-channel --remove nixos-unstable # might fail, don't worry if it does

That’ll leave you with no user-specific channels, and the correct system channels. The downside of channels is indeed that you might end up accidentally only updating user channels, while your nixos config uses system channels, so keep an eye on your user channels and make sure they stay empty.