cafkafk/nixpkgs
cafkafk/nixpkgs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 2

Merge pull request #307229 from katexochen/agebox/fix-vuln

Browse source 
agebox: update vulnerable dependency
This commit is contained in:
Thomas Gerbet 2024-04-27 19:01:02 +02:00 committed by GitHub
commit 36134ff401
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 11 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
pkgs/tools/security/agebox/default.nix
View file

@ -1,4 +1,4 @@
{ lib, buildGoModule, fetchFromGitHub }: { lib, buildGoModule, fetchFromGitHub, fetchpatch }:
buildGoModule rec { buildGoModule rec {
pname = "agebox"; pname = "agebox";
@ -11,7 +11,16 @@ buildGoModule rec {
hash = "sha256-W6/v5BIl+k6tMan/Wdua7mHKMsq23QZN13Cy24akJr4="; hash = "sha256-W6/v5BIl+k6tMan/Wdua7mHKMsq23QZN13Cy24akJr4=";
}; };
vendorHash = "sha256-PLeNTlQ0OMcupfbVN/KGb0iJYf3Jbcevg8gTcKHpn8s="; patches = [
# Update gopkg.in/yaml.v2 to v2.2.8 to fix vulnerabilities.
# https://github.com/slok/agebox/pull/199
(fetchpatch {
url = "https://github.com/slok/agebox/commit/40a515d39911f601ebe05cc914e8a02695d85dc7.patch";
hash = "sha256-0iBI0nID12OoWqWY/8MPb3vvTUDe0JdSHu2vefix/bM=";
})
];
vendorHash = "sha256-MNAF2ExIOYPzXyGR6H7lfUEhnMDCyD7ecst5MKm7u+A=";
ldflags = [ ldflags = [
"-s" "-s"