Some time ago, I upgraded Emacs to version 29.1 which has some issues with GnuPG >= 2.4.1. At first, I simply fell back to GnuPG 2.2.x using pkgs.gnupg22 in my Nix configuration but since it is insecure, Nix refused to build without me setting the NIXPKGS_ALLOW_INSECURE environment variable to 1.

I finally grew tired of doing that on every rebuild, so I looked to find if a fix was out there. It seems there is one on the way, it is merged in the 2.4 branch of GnuPG but has not been released yet. I decided to wait for a release and settled to version 2.4.0 which works but which is not in nixpkgs (which is why my first solution was to fall back to GnuPG 2.2.x).

Since nix is very flexible, all I had to do was add an overlay to nixpkgs like this:

let
  pkgs = import nixpkgs
    {
      system = "aarch64-darwin";
      overlays = [
        (final: prev: {
          gnupg = prev.gnupg24.overrideAttrs (old: {
            version = "2.4.0";
            src = pkgs.fetchurl {
              url = "mirror://gnupg/gnupg/${old.pname}-2.4.0.tar.bz2";
              hash = "sha256-HXkVjdAdmSQx3S4/rLif2slxJ/iXhOosthDGAPsMFIM=";
            };
          });
        })
      ];
    };
in
{
  home.packages = [
    pkgs.gnupg
  ];
}

I find it to be a great example of how easy it is to modify packages in nix, while keeping everything else working.