diff --git a/nixos/modules/services/web-apps/invoiceplane.nix b/nixos/modules/services/web-apps/invoiceplane.nix index 156cc238e89a..c54915b10a2d 100644 --- a/nixos/modules/services/web-apps/invoiceplane.nix +++ b/nixos/modules/services/web-apps/invoiceplane.nix @@ -36,10 +36,10 @@ let version = src.version; src = pkgs.invoiceplane; - patchPhase = '' + postPhase = '' # Patch index.php file to load additional config file substituteInPlace index.php \ - --replace "require('vendor/autoload.php');" "require('vendor/autoload.php'); \$dotenv = new \Dotenv\Dotenv(__DIR__, 'extraConfig.php'); \$dotenv->load();"; + --replace "require('vendor/autoload.php');" "require('vendor/autoload.php'); \$dotenv = Dotenv\Dotenv::createImmutable(__DIR__, 'extraConfig.php'); \$dotenv->load();"; ''; installPhase = '' diff --git a/nixos/tests/invoiceplane.nix b/nixos/tests/invoiceplane.nix index 4e63f8ac21c9..260e49db54d3 100644 --- a/nixos/tests/invoiceplane.nix +++ b/nixos/tests/invoiceplane.nix @@ -13,12 +13,12 @@ import ./make-test-python.nix ({ pkgs, ... }: services.invoiceplane.webserver = "caddy"; services.invoiceplane.sites = { "site1.local" = { - #database.name = "invoiceplane1"; + database.name = "invoiceplane1"; database.createLocally = true; enable = true; }; "site2.local" = { - #database.name = "invoiceplane2"; + database.name = "invoiceplane2"; database.createLocally = true; enable = true; }; diff --git a/pkgs/servers/web-apps/invoiceplane/default.nix b/pkgs/servers/web-apps/invoiceplane/default.nix index fa79997fbd01..670d42102f51 100644 --- a/pkgs/servers/web-apps/invoiceplane/default.nix +++ b/pkgs/servers/web-apps/invoiceplane/default.nix @@ -2,51 +2,20 @@ stdenv.mkDerivation rec { pname = "invoiceplane"; - version = "1.5.11"; + version = "1.6-beta-1"; src = fetchurl { url = "https://github.com/InvoicePlane/InvoicePlane/releases/download/v${version}/v${version}.zip"; - sha256 = "137g0xps4kb3j7f5gz84ql18iggbya6d9dnrfp05g2qcbbp8kqad"; + sha256 = "sha256-hIbk9zzqbwv2kSFClgPfTObB1YHj7KR4swKjGoN2v2E="; }; - patches = [ - - # Fix CVE-2021-29024, unauthenticated directory listing - # Should be included in a later release > 1.5.11 - # https://github.com/NixOS/nixpkgs/issues/166655 - # https://github.com/InvoicePlane/InvoicePlane/pull/754 - (fetchpatch { - url = "https://patch-diff.githubusercontent.com/raw/InvoicePlane/InvoicePlane/pull/754.patch"; - sha256 = "sha256-EHXw7Zqli/nA3tPIrhxpt8ueXvDtshz0XRzZT78sdQk="; - }) - - # Fix CVE-2021-29023, password reset rate-limiting - # Should be included in a later release > 1.5.11 - # https://github.com/NixOS/nixpkgs/issues/166655 - # https://github.com/InvoicePlane/InvoicePlane/pull/739 - (fetchpatch { - url = "https://patch-diff.githubusercontent.com/raw/InvoicePlane/InvoicePlane/pull/739.patch"; - sha256 = "sha256-6ksJjW6awr3lZsDRxa22pCcRGBVBYyV8+TbhOp6HBq0="; - }) - - # Fix CVE-2021-29022, full path disclosure - # Should be included in a later release > 1.5.11 - # https://github.com/NixOS/nixpkgs/issues/166655 - # https://github.com/InvoicePlane/InvoicePlane/pull/767 - #(fetchpatch { - # url = "https://patch-diff.githubusercontent.com/raw/InvoicePlane/InvoicePlane/pull/767.patch"; - # sha256 = "sha256-rSWDH8KeHSRWLyQEa7RSwv+8+ja9etTz+6Q9XThuwUo="; - #}) - - ]; - nativeBuildInputs = [ unzip ]; sourceRoot = "."; installPhase = '' mkdir -p $out/ - cp -r . $out/ + cp -r ip/. $out/ ''; passthru.tests = {