diff options
author | Joachim F <joachifm@users.noreply.github.com> | 2017-02-04 15:27:32 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-02-04 15:27:32 +0100 |
commit | 664360229e00f3774b856358d685602191ffcc0d (patch) | |
tree | ddac9f59d95c7d926660f302153e7bffea8f1045 /pkgs/tools/package-management | |
parent | d1aa065a5d1924b3315075c03e3206f18378cd42 (diff) | |
parent | 4494720241df849ef121510a1bba74a20ddae52b (diff) |
Merge pull request #22374 from peterhoeg/f/ruby-tar
fpm: fix vulnerable dependency
Diffstat (limited to 'pkgs/tools/package-management')
-rw-r--r-- | pkgs/tools/package-management/fpm/Gemfile | 2 | ||||
-rw-r--r-- | pkgs/tools/package-management/fpm/Gemfile.lock | 10 | ||||
-rw-r--r-- | pkgs/tools/package-management/fpm/gemset.nix | 10 |
3 files changed, 16 insertions, 6 deletions
diff --git a/pkgs/tools/package-management/fpm/Gemfile b/pkgs/tools/package-management/fpm/Gemfile index 95916cf4322ae..ea498ca783557 100644 --- a/pkgs/tools/package-management/fpm/Gemfile +++ b/pkgs/tools/package-management/fpm/Gemfile @@ -1,2 +1,4 @@ source 'https://rubygems.org' + +gem 'archive-tar-minitar', '>= 0.5.2.1', github: 'peterhoeg/archive-tar-minitar' gem 'fpm' diff --git a/pkgs/tools/package-management/fpm/Gemfile.lock b/pkgs/tools/package-management/fpm/Gemfile.lock index ab3d4dd6b46b3..16d7a8250ec93 100644 --- a/pkgs/tools/package-management/fpm/Gemfile.lock +++ b/pkgs/tools/package-management/fpm/Gemfile.lock @@ -1,7 +1,12 @@ +GIT + remote: git://github.com/peterhoeg/archive-tar-minitar.git + revision: dae32ca550a87dba32597115ae18805db4782ebe + specs: + archive-tar-minitar (0.5.2.1) + GEM remote: https://rubygems.org/ specs: - archive-tar-minitar (0.5.2) arr-pm (0.0.10) cabin (> 0) backports (3.6.8) @@ -40,7 +45,8 @@ PLATFORMS ruby DEPENDENCIES + archive-tar-minitar (>= 0.5.2.1)! fpm BUNDLED WITH - 1.12.5 + 1.14.3 diff --git a/pkgs/tools/package-management/fpm/gemset.nix b/pkgs/tools/package-management/fpm/gemset.nix index 0670d3a5b140b..4243651dd25da 100644 --- a/pkgs/tools/package-management/fpm/gemset.nix +++ b/pkgs/tools/package-management/fpm/gemset.nix @@ -1,11 +1,13 @@ { archive-tar-minitar = { source = { - remotes = ["https://rubygems.org"]; - sha256 = "1j666713r3cc3wb0042x0wcmq2v11vwwy5pcaayy5f0lnd26iqig"; - type = "gem"; + fetchSubmodules = false; + rev = "dae32ca550a87dba32597115ae18805db4782ebe"; + sha256 = "0fvxacbcb52fm5dis451kdd7dv74z8p6nm4vnfqf7jg2aghcxdkd"; + type = "git"; + url = "git://github.com/peterhoeg/archive-tar-minitar.git"; }; - version = "0.5.2"; + version = "0.5.2.1"; }; arr-pm = { source = { |