> I suppose it works best when the application doesn’t also auto-update, which many do.
Yes, the update prompts get annoying (auto-updaters don't work since everything's read-only). I use niv to update things, e.g.
$ niv update firefox -v94.0
That will:
- Update firefox's version field in nix/sources.json
- Update its url field based on its template (for Firefox that's "https://ftp.mozilla.org/pub/firefox/releases/<version>/mac-E...")
- Fetch that file to the Nix store
- Update firefox's sha256 field to match that file's
Running nix-build will create a new system package, and the nix/sources.json changes can be committed to git.
