1) This is not a rebuild, since the old version should be in the build cache. 2) TBH, I hate that we have a single version of firefox and firefox-esr. Firefox derivation tends to break every second update. Can't we merge this, and then "add" not "replace" with a new one? I would merge this.

I build all of the available firefoxes on configurations with very different package overrides regularly (sometimes with a delay of a couple of days to a couple of weeks) and since I don't trust the hydra cache I see all the problems that transpire while compiling those. And, yes, they do break a lot, and I have to do reverts like this one a lot locally. ESR is not as crazy as mainline, but still, it breaks frequently enough to be an annoyance. This PR is a kind of voicing of my concern for this problem. Surely I'm not the only one who has to regularly revert firefox updates, but other people are simply silent. I think firefox should get at least two versions of each derivation (as tor-browser derivation does) unless its a security update for the branch. Even in the latter case, I would mark the old one as `meta.insecure`, not simply remove it. If we agree to this policy, I can write that up as a comment to `packages.nix` for future updates and push that into this PR.

In the last year * I had missing sources twice (but I'm too lazy to check all the revisions now) * bugs that made it unusable twice (I only cared about the first one, but still): 918f331 (previous update disabled alsa) and e067d26 (some of the previous updates broke i686) * I had it to surprisingly start failing to build with some of packages overriden at least once (there's almost no way I can find that now, my configs and nixpkgs are separate repositories and there're just too many possible combinations). I will start properly documenting all the failures from now on.