Nix also needs the build output to be deterministic to calculate the hash. It also has the problems of timestamps etc. The build environment tries to be hermetic by setting the time to be epoch among other things.
Yes, reading this I was thinking about how many of these problems go away with a nix environment. Certainly not all of them, but it’s a great way to get a reproducible build environment that includes direct specification of system dependencies.
https://reproducible-builds.org/docs/source-date-epoch/
(although Nix sets it as a default)