From 39d27661d51150ff5e79eeaf77669df79ca1d0c3 Mon Sep 17 00:00:00 2001
From: Paul Meyer <49727155+katexochen@users.noreply.github.com>
Date: Sat, 27 Apr 2024 15:16:10 +0200
Subject: bob: fix vulnerable dependencies

Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
---
 pkgs/development/tools/build-managers/bob/default.nix | 19 +++++++++++++++++--
 1 file changed, 17 insertions(+), 2 deletions(-)

diff --git a/pkgs/development/tools/build-managers/bob/default.nix b/pkgs/development/tools/build-managers/bob/default.nix
index 6821dc19116fb..98559d1ca4b4a 100644
--- a/pkgs/development/tools/build-managers/bob/default.nix
+++ b/pkgs/development/tools/build-managers/bob/default.nix
@@ -1,4 +1,10 @@
-{ lib, stdenv, buildGoModule, fetchFromGitHub, installShellFiles }:
+{ lib
+, stdenv
+, buildGoModule
+, fetchFromGitHub
+, installShellFiles
+, fetchpatch
+}:
 
 buildGoModule rec {
   pname = "bob";
@@ -11,9 +17,18 @@ buildGoModule rec {
     hash = "sha256-zmWfOLBb+GWw9v6LdCC7/WaP1Wz7UipPwqkmI1+rG8Q=";
   };
 
+  patches = [
+    # Fix vulnerable dependencies
+    # Backport of https://github.com/benchkram/bob/pull/387
+    (fetchpatch {
+      url = "https://github.com/benchkram/bob/commit/5020e6fafbfbcb1b3add5d936886423ce882793d.patch";
+      hash = "sha256-if1ZErI0Un7d26eOkYSkEa87+VTRcEtF6JbsJYOHpHE=";
+    })
+  ];
+
   ldflags = [ "-s" "-w" "-X main.Version=${version}" ];
 
-  vendorHash = "sha256-S1XUgjdSVTWXehOLCxXcvj0SH12cxqvYadVlCw/saF4=";
+  vendorHash = "sha256-u0nFaTQWU9O7A/RAhGaLcBka+YNGjSlpycDF8TLQALw=";
 
   excludedPackages = [ "example/server-db" "test/e2e" "tui-example" ];
 
-- 
cgit 1.4.1