How to know what nixpkgs changes affect me?

Hello !
My current workflow to stay up to date with nixpkgs-unstable is to do:

nix flake update
sudo nixos-rebuild --flake $(pwd)#$(hostname) switch

However, there seems to be no way of knowing what packages or modules, that I use, got upgraded or changed. I like to go see changelogs of the programs I use, and I also want to be aware if an option got added/changed/removed in a module so that I can update my config.

Have I just missed the way to do that?

I absolutely love my NixOS journey until now. This is the only thing I miss from a regular package manager: I used to do pikaur -Syu and it would show me every packages that would get upgraded ordered by version number change (majors first then minors, then patches).


I don’t use flakes but nixos-rebuild has dry-build command which shows which store paths are going to be downloaded/built without doing anything. Can you use it?

1 Like

if you using nixos unstable, then you get what get, which is an unstable , a constantly changing set of code/derivations/packages

However, if you wait for a ‘release’, then you can always reference the release notes, then

These are pretty good and high quality, compiled from various source including info from git log
and manually by amazing release managers (past , previous and future) and have some of the information you need.

On unstable , things are a bit more chaotic. as @alexv says, dry-build will show you paths, however , if you always think of system as a ‘git checkout of nixpkgs’, then you can do something like this for the package cowsay, (a very important package).

git clone
<git checkout the commit you upgrading too>
cd nixpkgs/pkgs/tools/misc/cowsay
git log .

for modules something like

git log nixpkgs/nixos/modules/services/web-servers/darkhttpd.nix

which will basically give you all the commits related to the directory (the derivation or the package if you want to think of it that way).

you could probably use this method for modules etc etc, as long as the commit messages are descriptive, or they have links to the original pull request and related discussion around it.

There maybe better ways to do this, and i’m sure there a nix tool out there, or a nixer who knows a better way…

it would not be a massive job, to find out what dry-run is rebuilding, from source commit to upgrade commit, and pull the relevant metadata and show the relevant git logs for those derivations.

Another thought i had, you can use git (or maybe the github api) to find the original PR request for commits to derivations or nix code your interested in, thus you should be able to find the github PR , and the sometimes gargantuan discussions that go on over there! You can gleam a lot of data on why things the way they are in nix.

However, that exercise is left to the reader, because i’m so busy i need to hire nix people! so if you love nix, and want to work with it all day, everyday…DM’s accepted.


You can get the equivalent of what pikaur does using nix {profile,store} diff-closures. I.e., package update listings.

For module updates you are indeed a bit out of luck on unstable, but since a lot of people do depend on unstable it’s not uncommon to see deprecation warnings added as a courtesy before options are removed/changed.

Nonetheless, as long as you’re on unstable, you’re taking that inherent risk. I like the git log workflow @nixinator suggests, though, actually seems like something that could perhaps be scripted neatly :slight_smile:

That, or some sort of nix evaluation and diffing the resulting attrsets for modules you use… Hrmm… nix can print its evaluations as JSON…


Thank you all for your answers! They all help in their own way. I’ll start using nix profile diff-closures because this is the most important of what I needed.

A little program that will fetch modules you use in your config and look for git logs on those module files automatically would be pretty sweet. I’ll try to work on that when I have some spare time :slight_smile:

nix store diff-closures /nix/var/nix/profiles/$(\ls -r /nix/var/nix/profiles/ | \grep -E 'system\-' | sed -n '2 p') /nix/var/nix/profiles/system

1 Like