I was fixing a package by downloading a patch from Github via fetchpatch. After entering the sha256-sum, the patch would not apply cleanly and required some more changes with various fetchpatch-options (stripLen, extraPrefix). However, the patch would keep failing to apply and after a bit, I noticed that the patch applied never changed.
Apparently, the sha256-sum entered there is for the final patch after
filterdiff has been running. And when Nix finds a pre-built patch that matches this sha256-sum, it will just take it. Hence, it looked like my changes to the derivation would do nothing.
Essentially, changing patch options now requires two builds all the time. First change the sha256-sum to something invalid, then update the fetchpatch options, build, see the actual sha256, insert this sha256 into the derivation, do another build. And if you forget the first step, your changed fetchpatch options will just be ignored.
Is there a way of working that prevents this issue? It seems like a bit of a developer trap to me.