Why should Firefox in particular be kept up to date, in contrast with
every other package in our stable distribution? I think this could be a
dangerous road to go down, and could lead to a maintenance nightmare –
the same justification could be applied to any other package.
We already have a good path for running stable and pulling specific
packages from unstable. I’m not sure what you mean by “formally
support”, but I’ve never seen anything to suggest that fetching closures
from unstable shouldn’t be supported – in fact the guarantees of Nix
mean that it should always work, short of something like a kernel
incompatibility. If it’s not documented well, that can be improved. If
it’s not elegant, well, there are ideas like Flakes that will improve
the flow.