March 2026 monthly summary for NixOS Hydra: delivered Nix 2.34 integration in the build process, enhanced security and type safety, improved output handling, and Hydra service configuration. Implemented signing improvements, typed NarInfo hashes, and safer DrvOutput construction; added support for relative StorePaths; configured dedicated home directories for Hydra services. Also resolved related issues and hardened the binary-cache integration for reliability.

February 2026 focused on architectural improvements and sandboxing features in NixOS/nix. Implemented a new StoreConfigCommand to manage store configurations without opening the store and refactored commands to use the new class, increasing explicit store selection and modularity; relocated handleExceptions from libmain to libutil to improve cross-project reuse. Introduced nix-nswrapper, a new program that runs nix inside its own user namespace to simulate root access for sandboxing without elevated privileges. These changes reduce coupling, improve maintainability, and strengthen security posture while enabling clearer workflows for store configuration and sandboxed execution.

January 2026 — NixOS/nix: Focused on enabling safe multi-user operation, improving portability, and strengthening resource management. Delivered unprivileged garbage collection support with tests and root handling fixes, extended ReadLine with a customizable terminator, added a cross-platform fstat wrapper, and enhanced PID management. These changes boost reliability, security, and deployment flexibility across POSIX and Windows environments, while maintaining performance and maintainability.