diff options
author | Paul Meyer <49727155+katexochen@users.noreply.github.com> | 2024-04-27 16:34:30 +0200 |
---|---|---|
committer | github-actions[bot] <github-actions[bot]@users.noreply.github.com> | 2024-04-27 17:01:32 +0000 |
commit | 7ff4eec5120528cb14bc679ab5f40291c2844939 (patch) | |
tree | ab8c056cacad5c487aa1baf2261503fc04205627 | |
parent | 485480127ad7df42fb0d82bc56efcdd33f37f350 (diff) |
agebox: update vulnerable dependency
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com> (cherry picked from commit 8f5c4cf5eb969a7f048503a21ca6ffdd1b8c7c3d)
-rw-r--r-- | pkgs/tools/security/agebox/default.nix | 13 |
1 files changed, 11 insertions, 2 deletions
diff --git a/pkgs/tools/security/agebox/default.nix b/pkgs/tools/security/agebox/default.nix index b87cb2b8ca2af..fb75fbf9b0937 100644 --- a/pkgs/tools/security/agebox/default.nix +++ b/pkgs/tools/security/agebox/default.nix @@ -1,4 +1,4 @@ -{ lib, buildGoModule, fetchFromGitHub }: +{ lib, buildGoModule, fetchFromGitHub, fetchpatch }: buildGoModule rec { pname = "agebox"; @@ -11,7 +11,16 @@ buildGoModule rec { hash = "sha256-W6/v5BIl+k6tMan/Wdua7mHKMsq23QZN13Cy24akJr4="; }; - vendorHash = "sha256-PLeNTlQ0OMcupfbVN/KGb0iJYf3Jbcevg8gTcKHpn8s="; + patches = [ + # Update gopkg.in/yaml.v2 to v2.2.8 to fix vulnerabilities. + # https://github.com/slok/agebox/pull/199 + (fetchpatch { + url = "https://github.com/slok/agebox/commit/40a515d39911f601ebe05cc914e8a02695d85dc7.patch"; + hash = "sha256-0iBI0nID12OoWqWY/8MPb3vvTUDe0JdSHu2vefix/bM="; + }) + ]; + + vendorHash = "sha256-MNAF2ExIOYPzXyGR6H7lfUEhnMDCyD7ecst5MKm7u+A="; ldflags = [ "-s" |