rekor-cli, rekor-server: 1.1.1 -> 1.2.1

Fixes CVE-2023-33199. Changelog: https://github.com/sigstore/rekor/releases/tag/v1.2.1 (cherry picked from commit e655d0318cefedac078bf541a30494a7d828ac3a)
author: Thomas Gerbet <thomas@gerbet.me> 2023-05-26 17:45:25 +0200
committer: github-actions[bot] <github-actions[bot]@users.noreply.github.com> 2023-05-26 18:48:36 +0000
commit: 28b5e66f35793e4d8c92bf338eeb3d0281672d53 (patch)
tree: 6bd70a3893aa11dabd92282de44cbce142d20eaa /pkgs
parent: e122f584b24d18f03249919fab770640a03e7fe0 (diff)
1 files changed, 3 insertions, 3 deletions
diff --git a/pkgs/tools/security/rekor/default.nix b/pkgs/tools/security/rekor/default.nix
index 27c2719bc424c..62de3da174497 100644
--- a/pkgs/tools/security/rekor/default.nix
+++ b/pkgs/tools/security/rekor/default.nix
@@ -4,13 +4,13 @@ let
   generic = { pname, packageToBuild, description }:
     buildGoModule rec {
       inherit pname;
-      version = "1.1.1";
+      version = "1.2.1";
 
       src = fetchFromGitHub {
         owner = "sigstore";
         repo = "rekor";
         rev = "v${version}";
-        hash = "sha256-/zNDruJsnLlqHud67S8/QpNEPLfFcboA+2SWLB1jzbM=";
+        hash = "sha256-tPiojtSCpqJjLGRZ1rNno7TKhmZ3jBtdb4dWLfRmh14=";
         # populate values that require us to use git. By doing this in postFetch we
         # can delete .git afterwards and maintain better reproducibility of the src.
         leaveDotGit = true;
@@ -23,7 +23,7 @@ let
         '';
       };
 
-      vendorHash = "sha256-iQBVMYt5hXSp7y0gzKCMae3gHCvS6CN+/mDWmt1yPh8=";
+      vendorHash = "sha256-AIXoq/sYQRCR1pllwBhflAnanUD0aGo54drBOsaxiDQ=";
 
       nativeBuildInputs = [ installShellFiles ];
author	Thomas Gerbet <thomas@gerbet.me>	2023-05-26 17:45:25 +0200
committer	github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2023-05-26 18:48:36 +0000
commit	28b5e66f35793e4d8c92bf338eeb3d0281672d53 (patch)
tree	6bd70a3893aa11dabd92282de44cbce142d20eaa /pkgs
parent	e122f584b24d18f03249919fab770640a03e7fe0 (diff)