maintainers/scripts/update.nix: Run updateScript in development shell

Update scripts aren't always run in the development shell by default,
especially not in the regular automated updates.
The parent commit makes the update scripts depend on running in the
development shell, so let's make sure it's always done.

maintainers/scripts/update.py

@@ -7,6 +7,7 @@ import contextlib
 import json
 import os
 import re
+import shlex
 import subprocess
 import sys
 import tempfile
@@ -235,7 +236,11 @@ async def run_update_script(
             f"UPDATE_NIX_PNAME={package['pname']}",
             f"UPDATE_NIX_OLD_VERSION={package['oldVersion']}",
             f"UPDATE_NIX_ATTR_PATH={package['attrPath']}",
-            *update_script_command,
+            # Run all update scripts in the Nixpkgs development shell to get access to formatters and co.
+            "nix-shell",
+            nixpkgs_root + "/shell.nix",
+            "--run",
+            " ".join([ shlex.quote(s) for s in update_script_command ]),
             stdout=asyncio.subprocess.PIPE,
             stderr=asyncio.subprocess.PIPE,
             cwd=worktree,

pkgs/README.md

@@ -940,7 +940,8 @@ Update scripts are to be invoked by the [automatic package update script](../mai
 You can run `nix-shell maintainers/scripts/update.nix` in the root of Nixpkgs repository for information on how to use it.
 `update.nix` offers several modes for selecting packages to update, and it will execute update scripts for all matched packages that have an `updateScript` attribute.
 
-Each update script will be passed the following environment variables:
+Update scripts will be run inside the [Nixpkgs development shell](../shell.nix), providing access to some useful tools for CI.
+Furthermore each update script will be passed the following environment variables:
 
 - [`UPDATE_NIX_NAME`] – content of the `name` attribute of the updated package
 - [`UPDATE_NIX_PNAME`] – content of the `pname` attribute of the updated package