sqlint: update deps to eliminate vulnerable dependency

nixpkgs mirror (for testing) github.com/NixOS/nixpkgs

nix

See #351833

Gemfile: ./pkgs/development/tools/sqlint/Gemfile.lock
Name: google-protobuf
Version: 3.25.0
CVE: CVE-2024-7254
GHSA: GHSA-735f-pc8j-v9w8
Criticality: High
URL: https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-735f-pc8j-v9w8
Title: protobuf-java has potential Denial of Service issue
Solution: upgrade to '~> 3.25.5', '~> 4.27.5', '>= 4.28.2'

Steve Purcell 1 year ago da2a5cfa 74411387

+3 -3

2 changed files

expand all

pkgs

development

tools

sqlint

Gemfile.lock

gemset.nix

+1 -1

pkgs/development/tools/sqlint/Gemfile.lock

··· 1 1 GEM 2 2 remote: https://rubygems.org/ 3 3 specs: 4 - google-protobuf (3.25.0) 4 + google-protobuf (3.25.5) 5 5 pg_query (4.2.3) 6 6 google-protobuf (>= 3.22.3) 7 7 sqlint (0.3.0)

+2 -2

pkgs/development/tools/sqlint/gemset.nix

··· 4 4 platforms = []; 5 5 source = { 6 6 remotes = ["https://rubygems.org"]; 7 - sha256 = "18d1w5j7vjaza3v1ig9j7zyis04kxqdkb1272vbgncxn03ck45mm"; 7 + sha256 = "0fanhdf3vzghma51w1hqpp8s585mwzxgqkwvxj5is4q9j0pgwcs3"; 8 8 type = "gem"; 9 9 }; 10 - version = "3.25.0"; 10 + version = "3.25.5"; 11 11 }; 12 12 pg_query = { 13 13 dependencies = ["google-protobuf"];

Configure Feed

Configure Feed