agebox: update vulnerable dependency

Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com> (cherry picked from commit 8f5c4cf5eb969a7f048503a21ca6ffdd1b8c7c3d)
author: Paul Meyer <49727155+katexochen@users.noreply.github.com> 2024-04-27 16:34:30 +0200
committer: github-actions[bot] <github-actions[bot]@users.noreply.github.com> 2024-04-27 17:01:32 +0000
commit: 7ff4eec5120528cb14bc679ab5f40291c2844939 (patch)
tree: ab8c056cacad5c487aa1baf2261503fc04205627
parent: 485480127ad7df42fb0d82bc56efcdd33f37f350 (diff)
1 files changed, 11 insertions, 2 deletions
diff --git a/pkgs/tools/security/agebox/default.nix b/pkgs/tools/security/agebox/default.nix
index b87cb2b8ca2af..fb75fbf9b0937 100644
--- a/pkgs/tools/security/agebox/default.nix
+++ b/pkgs/tools/security/agebox/default.nix
@@ -1,4 +1,4 @@
-{ lib, buildGoModule, fetchFromGitHub }:
+{ lib, buildGoModule, fetchFromGitHub, fetchpatch }:
 
 buildGoModule rec {
   pname = "agebox";
@@ -11,7 +11,16 @@ buildGoModule rec {
     hash = "sha256-W6/v5BIl+k6tMan/Wdua7mHKMsq23QZN13Cy24akJr4=";
   };
 
-  vendorHash = "sha256-PLeNTlQ0OMcupfbVN/KGb0iJYf3Jbcevg8gTcKHpn8s=";
+  patches = [
+    # Update gopkg.in/yaml.v2 to v2.2.8 to fix vulnerabilities.
+    # https://github.com/slok/agebox/pull/199
+    (fetchpatch {
+      url = "https://github.com/slok/agebox/commit/40a515d39911f601ebe05cc914e8a02695d85dc7.patch";
+      hash = "sha256-0iBI0nID12OoWqWY/8MPb3vvTUDe0JdSHu2vefix/bM=";
+    })
+  ];
+
+  vendorHash = "sha256-MNAF2ExIOYPzXyGR6H7lfUEhnMDCyD7ecst5MKm7u+A=";
 
   ldflags = [
     "-s"
author	Paul Meyer <49727155+katexochen@users.noreply.github.com>	2024-04-27 16:34:30 +0200
committer	github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2024-04-27 17:01:32 +0000
commit	7ff4eec5120528cb14bc679ab5f40291c2844939 (patch)
tree	ab8c056cacad5c487aa1baf2261503fc04205627
parent	485480127ad7df42fb0d82bc56efcdd33f37f350 (diff)