:pinuse-package can pin a package to a specific archive using the
:pin keyword.5 This allows you to mix and match
packages from different archives. The primary use-case for this is
preferring to install packages from GNU ELPA or
NonGNU ELPA (indicated by gnu and nongnu,
respectively), while installing specific packages from third-party
archives.
For example:
(use-package company :ensure t :pin gnu) ; GNU ELPA
Unfortunately, the third-party archive MELPA uses a
versioning scheme based on dates, which means that packages from that
archive are always preferred. If you are using that archive, we
strongly encourage you to customize use-package-always-pin to
nongnu. This guarantees that you are using a version of that
package that has been specifically marked for release by its
developer, and not a development snapshot.
If you want to manually keep a package updated and ignore upstream
updates, you can pin it to ‘manual’. This will work as long as
you have not customized a repository to use that name in the
package-archives variable.
Example:
(use-package org :ensure t ;; ignore org-mode from upstream and use a manually installed version :pin manual)
use-package signals an error if you try to pin a package to an
archive that is not configured using package-archives (except
from the special ‘manual’ archive).