We historically used SRP because:

• Have one source of truth
• We get a very good error message when the sha256 does not match
• The same approach is used by all other core teams

While in the approach introduced in #5188 one needs to update the git sha in two different places and if you forget to update:

• in cabal file, then it will work correctly with nix, but not without nix
• in nix file, then you get a cryptic message that does not give you a single hint of what is wrong.

So, @carlostome unless there is a really compelling reason why we should use this approach, I would like to ask you to revert changes made in this PR.

Originally posted by @lehins in #5188 (comment)