python310Packages.cookiecutter: 1.7.3 -> 2.1.1

fixes CVE-2022-24065
2022-06-21 00:22:37 +00:00 · 2022-06-21 00:22:37 +00:00 · 68ead458d3
commit 68ead458d3
parent 12fb03569f
1 changed files with 13 additions and 5 deletions
--- a/pkgs/development/python-modules/cookiecutter/default.nix
+++ b/pkgs/development/python-modules/cookiecutter/default.nix
@ -1,23 +1,31 @@
 { lib, buildPythonPackage, fetchPypi, isPyPy
 , pytest, pytest-cov, pytest-mock, freezegun
-, jinja2, future, binaryornot, click, whichcraft, poyo, jinja2_time, requests
-, python-slugify }:
+, jinja2, future, binaryornot, click, jinja2_time, requests
+, python-slugify
+, pyyaml
+}:

 buildPythonPackage rec {
  pname = "cookiecutter";
-  version = "1.7.3";
+  version = "2.1.1";

  # not sure why this is broken
  disabled = isPyPy;

  src = fetchPypi {
    inherit pname version;
-    sha256 = "sha256-a5pNcoguJDvgd6c5fQ8fdv5mzz35HzEV27UzDiFPpFc=";
+    sha256 = "sha256-85gr6NnFPawSYYZAE/3sf4Ov0uQu3m9t0GnF4UnFQNU=";
  };

  checkInputs = [ pytest pytest-cov pytest-mock freezegun ];
  propagatedBuildInputs = [
-    jinja2 future binaryornot click whichcraft poyo jinja2_time requests python-slugify
+    binaryornot
+    jinja2
+    click
+    pyyaml
+    jinja2_time
+    python-slugify
+    requests
  ];

  # requires network access for cloning git repos