I know it’s a strange place for this conversation but the facts remain: docker images don’t do this and nix flakes actually do. As the video I linked demonstrates and you allude to, Docker files aren’t 100% hermetic (which means they’re not reproducible) while Nix flakes actually do achieve this. Watch the video I linked for more explanation which directly talks about how nix works with the goals of Docker that you mentioned in the head of your last comment. I hope my non-confrontational tone comes across somehow. This is all said with respect and in the spirit of science.

No offense but it sounds like you don’t actually understand nix flakes if you think they’re 1:1 equivalent to Docker.

They simply are not containers. They allow the declarative BUILD of any derivation at any time in the future. They hermetically lock all dependencies and build instructions which allows you to archive and reproduce the EXACT content-addressed dependency graph of the software. You can rebuild using a flake while Docker doesn’t actually allow that same hermetic reproducible guarantee whatsoever.

See here for a much better explanation of the glaring differences between the two: https://youtu.be/0uixRE8xlbY

You could even build a container with a flake though I’d recommend OCI instead because they’re an open standard…

How long until nix flakes go mainstream and fix this problem?