cachix/devenv-nixpkgs

---

cachix/devenv-nixpkgs.json

{
  "createdAt": "2024-03-03T11:51:40Z",
  "defaultBranch": "main",
  "description": "Tested nixpkgs pins that work with devenv",
  "fullName": "cachix/devenv-nixpkgs",
  "homepage": null,
  "language": "Python",
  "name": "devenv-nixpkgs",
  "pushedAt": "2026-03-16T23:43:39Z",
  "stargazersCount": 24,
  "topics": [],
  "updatedAt": "2026-03-16T16:18:39Z",
  "url": "https://github.com/cachix/devenv-nixpkgs"
}

devenv-nixpkgs

Battle-tested nixpkgs using devenv’s extensive testing infrastructure.

Currently, the only supported release is rolling.

Rolling is based on nixpkgs-unstable plus any patches that improve the integrations and services offered by devenv.

Usage

In your devenv.yaml:

inputs:
  nixpkgs:
    url: github:cachix/devenv-nixpkgs/rolling
    flake: false

Patches

Patches are defined in [patches/default.nix]!(./patches/default.nix) with two categories:

• upstream: Patches from nixpkgs PRs or unreleased fixes
• local: Patches not yet submitted upstream

Adding an Upstream Patch

Download the PR patch and commit it as a local file:

curl -L https://github.com/NixOS/nixpkgs/pull/12345.patch -o patches/fix-python-darwin.patch

Then add it to patches/default.nix:

upstream = [
  ./fix-python-darwin.patch
];

Note: Avoid using fetchpatch for unmerged PRs — a force-push to the PR branch changes the content at that URL. fetchpatch is fine for merged commits whose content is immutable (e.g. unreleased fixes not yet in nixpkgs-unstable):

(fetchpatch {
  name = "fix-python-darwin.patch";
  url = "https://github.com/NixOS/nixpkgs/commit/abc123.patch";
  sha256 = "sha256-AAAA...";
})

Adding a Local Patch

For patches not yet submitted upstream:

1. Create your patch in a nixpkgs checkout:

   git format-patch -1 HEAD -o /path/to/devenv-nixpkgs/patches/

2. Add it to patches/default.nix:

   local = [
     ./001-fix-something.patch
   ];

Testing Locally

Test patches before pushing:

# Build a package with patches applied
nix build .#legacyPackages.x86_64-linux.hello

# Or enter a shell
nix develop

Overlays

For package-level fixes that don’t require source patches, use [overlays/default.nix]!(./overlays/default.nix):

[
  (final: prev: {
    somePackage = prev.somePackage.overrideAttrs (old: {
      patches = old.patches or [] ++ [ ./fix.patch ];
    });
  })
]

Overlays are more resilient to upstream changes than source patches.

Test Results

Latest test results from devenv’s comprehensive test suite:

Status: ❌ Some tests failing

Nixpkgs revision: 70a799e

Test run: View detailed results

Last updated: 2026-03-16 16:18:33 UTC

Platform Results

Platform	Tests Failed/Total	Success Rate
aarch64-linux	4/70	94.2%
x86_64-linux	5/71	92.9%
aarch64-darwin	14/71	80.2%
x86_64-darwin	12/71	83.0%

Summary

• Total test jobs: 284
• Successful: 248 ✅
• Failed: 35 ❌
• Success rate: 87%

Deployment

How It Works

1. flake.nix imports nixpkgs-unstable and applies patches at evaluation time
2. flake.lock pins the exact nixpkgs revision
3. CI runs weekly to update, test, and create release PRs

Branches

• main: development branch, receives weekly nixpkgs updates
• rolling: stable release, promoted from main via PR

CI Workflow

Every Monday at 9:00 UTC (or manually triggered):

1. Update: nix flake update pulls latest nixpkgs-unstable
2. Validate: Build a test package to verify patches apply
3. Push: Commit updated flake.lock to main
4. Test: Run devenv test suite across all platforms
5. Summary: Update README with test results
6. Release PR: Create PR to promote main → rolling

Manual Updates

Test locally:

nix flake update
nix build .#legacyPackages.x86_64-linux.hello

Trigger CI manually:

gh workflow run "Update and test"

Release Process

After tests complete, a PR is automatically created to promote main → rolling with the test results summary. Merge the PR to release.