commit e06fbb9606ee9bc3a285f2a362c8f01b661a1c92 · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs

lol

fork atom

pleroma: 2.5.2 -> 2.5.4 (#247422)

https://git.pleroma.social/pleroma/pleroma/-/blob/v2.5.4/CHANGELOG.md

authored by Yaya and committed by GitHub 2 years ago e06fbb96 97aecb69

+46 -2

2 changed files

expand all

unified split

pkgs

servers

pleroma

Revert-Config-Restrict-permissions-of-OTP-config.patch

default.nix

+40

pkgs/servers/pleroma/Revert-Config-Restrict-permissions-of-OTP-config.patch

···

··· 1 + From 29af78b112f7956ac1211fbfec2eadbf4caca40f Mon Sep 17 00:00:00 2001 2 + From: Yaya <yaya@uwu.is> 3 + Date: Sun, 6 Aug 2023 00:02:40 +0000 4 + Subject: [PATCH] Revert "Config: Restrict permissions of OTP config file" 5 + 6 + This reverts commit 4befb3b1d02f32eb2c56f12e4684a7bb3167b0ee. 7 + 8 + The Nix store is world readable by design. 9 + --- 10 + lib/pleroma/config/release_runtime_provider.ex | 14 -------------- 11 + 1 file changed, 14 deletions(-) 12 + 13 + diff --git a/lib/pleroma/config/release_runtime_provider.ex b/lib/pleroma/config/release_runtime_provider.ex 14 + index 9ec0f975e..91e5f1a54 100644 15 + --- a/lib/pleroma/config/release_runtime_provider.ex 16 + +++ b/lib/pleroma/config/release_runtime_provider.ex 17 + @@ -20,20 +20,6 @@ def load(config, opts) do 18 + 19 + with_runtime_config = 20 + if File.exists?(config_path) do 21 + - # <https://git.pleroma.social/pleroma/pleroma/-/issues/3135> 22 + - %File.Stat{mode: mode} = File.lstat!(config_path) 23 + - 24 + - if Bitwise.band(mode, 0o007) > 0 do 25 + - raise "Configuration at #{config_path} has world-permissions, execute the following: chmod o= #{config_path}" 26 + - end 27 + - 28 + - if Bitwise.band(mode, 0o020) > 0 do 29 + - raise "Configuration at #{config_path} has group-wise write permissions, execute the following: chmod g-w #{config_path}" 30 + - end 31 + - 32 + - # Note: Elixir doesn't provides a getuid(2) 33 + - # so cannot forbid group-read only when config is owned by us 34 + - 35 + runtime_config = Config.Reader.read!(config_path) 36 + 37 + with_defaults 38 + -- 39 + 2.40.1 40 +

+6 -2

pkgs/servers/pleroma/default.nix

··· 7 8 beamPackages.mixRelease rec { 9 pname = "pleroma"; 10 - version = "2.5.2"; 11 12 src = fetchFromGitLab { 13 domain = "git.pleroma.social"; 14 owner = "pleroma"; 15 repo = "pleroma"; 16 rev = "v${version}"; 17 - sha256 = "sha256-5qxop/hJj1hIsEcK6vJnI2RnAcLf3tO43B0e0FcNZcA="; 18 }; 19 20 mixNixDeps = import ./mix.nix { 21 inherit beamPackages lib;

··· 7 8 beamPackages.mixRelease rec { 9 pname = "pleroma"; 10 + version = "2.5.4"; 11 12 src = fetchFromGitLab { 13 domain = "git.pleroma.social"; 14 owner = "pleroma"; 15 repo = "pleroma"; 16 rev = "v${version}"; 17 + sha256 = "sha256-V/q6qpQkdrtMLzihV/0d3B+QUWwG4cYy8c2jNd5npww="; 18 }; 19 + 20 + patches = [ 21 + ./Revert-Config-Restrict-permissions-of-OTP-config.patch 22 + ]; 23 24 mixNixDeps = import ./mix.nix { 25 inherit beamPackages lib;