commit 8f5c4cf5eb969a7f048503a21ca6ffdd1b8c7c3d · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs

lol

fork atom

agebox: update vulnerable dependency

Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>

Paul Meyer 2 years ago 8f5c4cf5 51c39ced

+11 -2

1 changed file

expand all

unified split

pkgs

tools

security

agebox

default.nix

+11 -2

pkgs/tools/security/agebox/default.nix

··· 1 - { lib, buildGoModule, fetchFromGitHub }: 2 3 buildGoModule rec { 4 pname = "agebox"; ··· 11 hash = "sha256-W6/v5BIl+k6tMan/Wdua7mHKMsq23QZN13Cy24akJr4="; 12 }; 13 14 - vendorHash = "sha256-PLeNTlQ0OMcupfbVN/KGb0iJYf3Jbcevg8gTcKHpn8s="; 15 16 ldflags = [ 17 "-s"

··· 1 + { lib, buildGoModule, fetchFromGitHub, fetchpatch }: 2 3 buildGoModule rec { 4 pname = "agebox"; ··· 11 hash = "sha256-W6/v5BIl+k6tMan/Wdua7mHKMsq23QZN13Cy24akJr4="; 12 }; 13 14 + patches = [ 15 + # Update gopkg.in/yaml.v2 to v2.2.8 to fix vulnerabilities. 16 + # https://github.com/slok/agebox/pull/199 17 + (fetchpatch { 18 + url = "https://github.com/slok/agebox/commit/40a515d39911f601ebe05cc914e8a02695d85dc7.patch"; 19 + hash = "sha256-0iBI0nID12OoWqWY/8MPb3vvTUDe0JdSHu2vefix/bM="; 20 + }) 21 + ]; 22 + 23 + vendorHash = "sha256-MNAF2ExIOYPzXyGR6H7lfUEhnMDCyD7ecst5MKm7u+A="; 24 25 ldflags = [ 26 "-s"