diff options
Diffstat (limited to 'pkgs/development/python-modules/python-jose/default.nix')
-rw-r--r-- | pkgs/development/python-modules/python-jose/default.nix | 67 |
1 files changed, 36 insertions, 31 deletions
diff --git a/pkgs/development/python-modules/python-jose/default.nix b/pkgs/development/python-modules/python-jose/default.nix index 9739e5bf7f65e..271115978bb98 100644 --- a/pkgs/development/python-modules/python-jose/default.nix +++ b/pkgs/development/python-modules/python-jose/default.nix @@ -1,22 +1,24 @@ -{ lib -, buildPythonPackage -, fetchFromGitHub +{ + lib, + buildPythonPackage, + fetchFromGitHub, + fetchpatch, -# build-system -, setuptools + # build-system + setuptools, -# dependencies -, ecdsa -, rsa -, pyasn1 + # dependencies + ecdsa, + rsa, + pyasn1, -# optional-dependencies -, cryptography -, pycrypto -, pycryptodome + # optional-dependencies + cryptography, + pycrypto, + pycryptodome, -# tests -, pytestCheckHook + # tests + pytestCheckHook, }: buildPythonPackage rec { @@ -31,14 +33,25 @@ buildPythonPackage rec { hash = "sha256-6VGC6M5oyGCOiXcYp6mpyhL+JlcYZKIqOQU9Sm/TkKM="; }; + patches = [ + (fetchpatch { + name = "CVE-2024-33663.patch"; + url = "https://build.opensuse.org/public/source/openSUSE:Factory/python-python-jose/CVE-2024-33663.patch?rev=36cd8815411620042f56a3b81599b341"; + hash = "sha256-uxOCa7Lg82zY2nuHzw6CbcymCKUodITrFU3lLY1XMFU="; + }) + (fetchpatch { + name = "CVE-2024-33664.patch"; + url = "https://build.opensuse.org/public/source/openSUSE:Factory/python-python-jose/CVE-2024-33664.patch?rev=36cd8815411620042f56a3b81599b341"; + hash = "sha256-wx/U1T7t7TloP+dMXxGxEVB3bMC7e6epmN8RE8FKksM="; + }) + ]; + postPatch = '' substituteInPlace setup.py \ --replace '"pytest-runner",' "" ''; - nativeBuildInputs = [ - setuptools - ]; + nativeBuildInputs = [ setuptools ]; propagatedBuildInputs = [ ecdsa @@ -47,20 +60,12 @@ buildPythonPackage rec { ]; passthru.optional-dependencies = { - cryptography = [ - cryptography - ]; - pycrypto = [ - pycrypto - ]; - pycryptodome = [ - pycryptodome - ]; + cryptography = [ cryptography ]; + pycrypto = [ pycrypto ]; + pycryptodome = [ pycryptodome ]; }; - pythonImportsCheck = [ - "jose" - ]; + pythonImportsCheck = [ "jose" ]; nativeCheckInputs = [ pytestCheckHook @@ -74,7 +79,7 @@ buildPythonPackage rec { meta = with lib; { changelog = "https://github.com/mpdavis/python-jose/releases/tag/${version}"; homepage = "https://github.com/mpdavis/python-jose"; - description = "A JOSE implementation in Python"; + description = "JOSE implementation in Python"; license = licenses.mit; maintainers = with maintainers; [ jhhuh ]; }; |