Check out FlakeHub — the best place to discover and publish Nix flakes, from Determinate Systems.

We use a single, first-party analytics cookie to focus our limited time and energy on the most important documentation. Check out our privacy policy .

Provenance

The origin of a piece of software

Concepts / Provenance

We recommend starting with the Nix quick start and consulting concept docs primarily for clarification. Feel free to click x to the right to disable this notification on all concept docs.

Provenance is a term that’s basically synonymous for the origins of a thing. In software, provenance usually refers to the build process that created an artifact (a program, a file, a smartphone app, and so on).

Without establishing the provenance of a piece of software—like the code it was built from or the server it was downloaded from—it’s hard to know how much you should trust that piece of software. Is it a useful piece of software created by people you trust? Or does it masquerade as a useful piece of software while doing something you don’t want, like mining secrets from your filesystem or mining Bitcoin? Establishing the provenance of that software usually helps to answer that question.


Was this page helpful?