diff --git a/dev/nix/nodejs.nix b/dev/nix/nodejs.nix
index 71c4dc8d488..b7a8cfbb2d5 100644
--- a/dev/nix/nodejs.nix
+++ b/dev/nix/nodejs.nix
@@ -4,8 +4,8 @@ pkgs.nodejs_20.overrideAttrs (oldAttrs: {
   # and building is super expensive
   # version = "16.19.0";
 
-  passthru.pkgs = oldAttrs.passthru.pkgs // {
-    pnpm = oldAttrs.passthru.pkgs.pnpm.override rec {
+  passthru.pkgs = oldAttrs.passthru.pkgs // (with oldAttrs.passthru.pkgs; {
+    pnpm = pnpm.override rec {
       # PLEASE UPDATE THE SHA512 BELOW OR NOTIFY ONE OF THE NIX USERS BEFORE MERGING A CHANGE TO THESE FILES
       version = "8.9.2";
       src = fetchurl {
@@ -16,6 +16,6 @@ pkgs.nodejs_20.overrideAttrs (oldAttrs: {
     # fetching typescript 5.2.2 from npm registry results in an archive with a missing package-lock.json, which nix
     # refuses to build without. We can generate this lock file with `npm install --package-lock-only` but at the time I didn't
     # want to vendor the file. Fortunately, nixpkgs-unstable has typescript at 5.2.2
-    typescript = pkgs.nodePackages.typescript; # 5.2.2
-  };
+    typescript = assert typescript.version == "5.2.2"; typescript;
+  });
 })