From 68ead458d39660e346f05276c890184d4ec7ea68 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Robert=20Sch=C3=BCtz?= Date: Tue, 21 Jun 2022 00:22:37 +0000 Subject: [PATCH] python310Packages.cookiecutter: 1.7.3 -> 2.1.1 fixes CVE-2022-24065 --- .../python-modules/cookiecutter/default.nix | 18 +++++++++++++----- 1 file changed, 13 insertions(+), 5 deletions(-) diff --git a/pkgs/development/python-modules/cookiecutter/default.nix b/pkgs/development/python-modules/cookiecutter/default.nix index de42f7284112..fdad4febcdaf 100644 --- a/pkgs/development/python-modules/cookiecutter/default.nix +++ b/pkgs/development/python-modules/cookiecutter/default.nix @@ -1,23 +1,31 @@ { lib, buildPythonPackage, fetchPypi, isPyPy , pytest, pytest-cov, pytest-mock, freezegun -, jinja2, future, binaryornot, click, whichcraft, poyo, jinja2_time, requests -, python-slugify }: +, jinja2, future, binaryornot, click, jinja2_time, requests +, python-slugify +, pyyaml +}: buildPythonPackage rec { pname = "cookiecutter"; - version = "1.7.3"; + version = "2.1.1"; # not sure why this is broken disabled = isPyPy; src = fetchPypi { inherit pname version; - sha256 = "sha256-a5pNcoguJDvgd6c5fQ8fdv5mzz35HzEV27UzDiFPpFc="; + sha256 = "sha256-85gr6NnFPawSYYZAE/3sf4Ov0uQu3m9t0GnF4UnFQNU="; }; checkInputs = [ pytest pytest-cov pytest-mock freezegun ]; propagatedBuildInputs = [ - jinja2 future binaryornot click whichcraft poyo jinja2_time requests python-slugify + binaryornot + jinja2 + click + pyyaml + jinja2_time + python-slugify + requests ]; # requires network access for cloning git repos