This pull request has been mentioned on Nix community. There might be relevant details there:

https://discourse.nixos.org/t/support-patching-nixpkgs/2737/1

Some design decisions I took:

• I perform the patching as early as possible, right after the Nix version check. So the order of imports is:

  • ./default.nix
  • ./patched.nix EDIT: I moved the patching to ./default.nix
  • ./pkgs/top-level/impure.nix
  • ./pkgs/top-level/default.nix

  I think this makes sense because now we can use this patch mechanism to patch the later phases.

*I choose to implement this in a separate file ./patched.nix instead of in ./default.nix to separate concerns. However, I also don't mind merging this logic in ./default.nix because then we end up with a single .nix again in the root of nixpkgs which might be nice.

• The bootstrapPkgs set, which the user can use to get the fetchpatch function from and which is used to perform the actual patching (i.e.bootstrapPkgs.stdenvNoCC.mkDerivation {...}), is a nixpkgs set configured for the specified localSystem. I think it makes sense to perform all work, including patching, on a builder for the specified localSystem. Although I'm not completely sure about this. Maybe preferLocalBuild = true might even be better here. I appreciate comments on this!

• bootstrapPkgs has no overlays defined. This makes it possible to depend overlays on the patched content which I think is way more common than the other way around.

@basvandijk Nice to see you standardizing this patching idea you presented at NixCon a while back. I've been happily using that method on my job's nixops nixpkgs repo. I think it is great for encouraging upstreaming of contributions, because the patch is in the same format as whatever should eventually be applied to nixpkgs.

One issue we ran into is that the default fetchpatch implementation strips away information that is necessary for renaming files. ( #32084 ) Is that a problem with this implementation?

Our workaround is to use fetchurl on the patches that need to rename files, but I guess that opens us up to some instability that fetchpatch is trying to avoid.

One issue we ran into is that the default fetchpatch implementation strips away information that is necessary for renaming files. ( #32084 ) Is that a problem with this implementation?

@ryantm thanks for pointing me to #32084. Fortunately, this implementation lets the user decide how to fetch patches. So users deciding to use fetchpatch could potentially suffer from #32084. In that case they could fall back to using fetchurl or include patches literally in their repos.

I liked @volth idea of having a separate fix function which applies a list of patches to a source directory. So I added this function to trivaial-builders.nix but gave it the more descriptive name: applyPatches.

I also decided to move the patching code to ./default.nix instead of having it in a separate file. I believe it's a bit cleaner this way.

I'm 👎 on this. It seems very ad hoc and hacky to make Nixpkgs rewrite its own source tree. That's the job of the version management tool (e.g. Git), which can do a much better job of managing sources and patches.

Maybe flakes could provide this functionality (e.g. by having a flake reference like github:NixOS/nixpkgs?patch=./foo.patch) but I'm convinced it's a good idea.

I would like to be able to declare a base version of nixpkgs and a list of patches. Maybe we need to make a separate community tool that makes it easy to do that.

Reasons I like using something like @basvandijk's proposal:

1. Easy to downstream changes: You can pick patches from unstable to apply to a stable version.
2. Easy to upstream changes: Changes you make are done as patches (e.g. instead of overrides), so you can easily convert them into a pull request.
3. You don't have to maintain an internal fork of nixpkgs.

@ryantm I feel that that tool already exists, namely Git. I typically have a branch like local-19.03 containing local / cherry-picked patches that gets rebased on top of nixos-channels/nixos-19.03 periodically. It might be nice if the rebasing were done automatically, though.

@edolstra maintaining the local-19.03 branch you are describing doesn't sound like what I mean when I say "declare". I would like a declarative description of a publicly available version of nixpkgs and a list of publicly available patches. That way I can share this declarative description with collaborators who can each arrive at the same copy of nixpkgs without sharing it directly.

I use this at work to keep the nixpkgs we use for NixOps consistent among all my co-workers.

You may be right that Git is the tool we need to do this! I'll try to look into it some.

The problem with maintaining such a list of patches is that you have to resolve any conflicts manually, e.g. if you try to update the base Nixpkgs version. Whereas with git rebase, you get a more-or-less friendly way to resolve conflicts.

I do see the usefulness of that, but I think relying on IFD is a bad idea. It would be better to extend builtins.fetchGit / builtins.fetchTarball with a patches argument, e.g.

builtins.fetchTarball {
  url = https://github.com/NixOS/nixpkgs-channels/archive/nixos-19.03.tar.gz;
  patches = [ ./meltdown.patch ]
}

since this does not rely on IFD.

That's not IFD because builtins.fetchTarball is not a derivation :-)

While I understand the need for this feature, as I my-self tried to solved it in the past.
Import-From-Derivation is a banned pattern in Nixpkgs repository.

Then everytime you need to upgrade nixpkgs you rebase your branch on the latest upstream branch that you're tracking. This process works but is a bit involved and somewhat untransparent.

@P-E-Meunier could this be a case where Pijul could help? As a way to add/substract a set of changes on top of a frequently updated repository.

That is indeed the main use case for Pijul. Don't use it for Nixpkgs before the next version, the repository will be huge and slow. However, if all goes as planned, the next version will be competitive with Git on these two things.

I want to do ad hoc patching a lot so I really like the idea here regardless of if it should be used in nixpkgs. I should have found this PR earlier. :)

I find it useful to just vary nix expressions during a development/prototyping process instead of futzing imperatively with git.

The solution (tbd): NixOS/nix#4433.

I marked this as stale due to inactivity. → More info

This pull request has been mentioned on NixOS Discourse. There might be relevant details there:

https://discourse.nixos.org/t/how-to-try-a-pr/15410/6

This is possible now, see this comment for a example #142273 (comment)