Merge pull request #160723 from erictapen/mastodon
mastodon: apply upstream patch for CVE-2022-0432
This commit is contained in:
commit
3e432f195f
@ -1,4 +1,4 @@
|
||||
{ lib, stdenv, nodejs-slim, mkYarnPackage, fetchFromGitHub, bundlerEnv
|
||||
{ lib, stdenv, nodejs-slim, mkYarnPackage, fetchFromGitHub, fetchpatch, bundlerEnv
|
||||
, yarn, callPackage, imagemagick, ffmpeg, file, ruby_3_0, writeShellScript
|
||||
|
||||
# Allow building a fork or custom version of Mastodon:
|
||||
@ -15,6 +15,14 @@ stdenv.mkDerivation rec {
|
||||
# Putting the callPackage up in the arguments list also does not work.
|
||||
src = if srcOverride != null then srcOverride else callPackage ./source.nix {};
|
||||
|
||||
patches = [
|
||||
(fetchpatch {
|
||||
name = "CVE-2022-0432.patch";
|
||||
url = "https://github.com/mastodon/mastodon/commit/4d6d4b43c6186a13e67b92eaf70fe1b70ea24a09.patch";
|
||||
sha256 = "sha256-C18X2ErBqP/dIEt8NrA7hdiqxUg5977clouuu7Lv4/E=";
|
||||
})
|
||||
];
|
||||
|
||||
mastodon-gems = bundlerEnv {
|
||||
name = "${pname}-gems-${version}";
|
||||
inherit version;
|
||||
|
Loading…
Reference in New Issue
Block a user