From 94c09d121c05347279a198559d039b7e5e270dcd Mon Sep 17 00:00:00 2001 From: Charlotte Van Petegem Date: Wed, 14 Feb 2024 17:08:16 +0100 Subject: [PATCH] patches: Add mastodon security patch --- patches/288806.patch | 117 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 117 insertions(+) create mode 100644 patches/288806.patch diff --git a/patches/288806.patch b/patches/288806.patch new file mode 100644 index 00000000..d72b192c --- /dev/null +++ b/patches/288806.patch @@ -0,0 +1,117 @@ +diff --git a/pkgs/servers/mastodon/gemset.nix b/pkgs/servers/mastodon/gemset.nix +index 537b865fc64959..7279f61bac72e5 100644 +--- a/pkgs/servers/mastodon/gemset.nix ++++ b/pkgs/servers/mastodon/gemset.nix +@@ -610,10 +610,10 @@ + platforms = []; + source = { + remotes = ["https://rubygems.org"]; +- sha256 = "0krcwb6mn0iklajwngwsg850nk8k9b35dhmc2qkbdqvmifdi2y9q"; ++ sha256 = "1qh1b14jwbbj242klkyz5fc7npd4j0mvndz62gajhvl1l3wd7zc2"; + type = "gem"; + }; +- version = "1.2.2"; ++ version = "1.2.3"; + }; + connection_pool = { + groups = ["default" "test"]; +@@ -1723,10 +1723,10 @@ + platforms = []; + source = { + remotes = ["https://rubygems.org"]; +- sha256 = "02mj8mpd6ck5gpcnsimx5brzggw5h5mmmpq2djdypfq16wcw82qq"; ++ sha256 = "1kl9c3kdchjabrihdqfmcplk3lq4cw1rr9f378y6q22qwy5dndvs"; + type = "gem"; + }; +- version = "2.8.4"; ++ version = "2.8.5"; + }; + minitest = { + groups = ["default" "development" "pam_authentication" "production" "test"]; +@@ -1881,10 +1881,10 @@ + platforms = []; + source = { + remotes = ["https://rubygems.org"]; +- sha256 = "0k9w2z0953mnjrsji74cshqqp08q7m1r6zhadw1w0g34xzjh3a74"; ++ sha256 = "173zavvxlwyi48lfskk48wcrdbkvjlhjhvy4jpcrfx72rpjjx4k8"; + type = "gem"; + }; +- version = "1.15.4"; ++ version = "1.16.2"; + }; + nsa = { + dependencies = ["activesupport" "concurrent-ruby" "sidekiq" "statsd-ruby"]; +@@ -2170,10 +2170,10 @@ + platforms = []; + source = { + remotes = ["https://rubygems.org"]; +- sha256 = "11v3l46mwnlzlc371wr3x6yylpgafgwdf0q7hc7c1lzx6r414r5g"; ++ sha256 = "01b9662zd2x9bp4rdjfid07h09zxj7kvn7f5fghbqhzc625ap1dp"; + type = "gem"; + }; +- version = "1.7.1"; ++ version = "1.7.3"; + }; + rack = { + groups = ["default" "development" "pam_authentication" "production" "test"]; +@@ -2781,10 +2781,10 @@ + platforms = []; + source = { + remotes = ["https://rubygems.org"]; +- sha256 = "0w9a1cwv86c9zb3hj1m42gbjk6r7rgs5ismalr9c9nx365yyj90i"; ++ sha256 = "0zqr9is8y7mg5dfs1q8w5jl9spwvqkhbi9r6np8208n40hi3pydl"; + type = "gem"; + }; +- version = "6.5.10"; ++ version = "6.5.12"; + }; + sidekiq-bulk = { + dependencies = ["sidekiq"]; +@@ -2814,10 +2814,10 @@ + platforms = []; + source = { + remotes = ["https://rubygems.org"]; +- sha256 = "02f91b24hrrn688wqvxb13lwvcgqb7g9k3sxylnydd6v89wr8mcg"; ++ sha256 = "1am17wfx023z1x9sxq90cyjarcmcwb95mi456mcf13m783r4n190"; + type = "gem"; + }; +- version = "7.1.29"; ++ version = "7.1.33"; + }; + simple-navigation = { + dependencies = ["activesupport"]; +@@ -3025,10 +3025,10 @@ + platforms = []; + source = { + remotes = ["https://rubygems.org"]; +- sha256 = "0k7j2wn14h1pl4smibasw0bp66kg626drxb59z7rzflch99cd4rg"; ++ sha256 = "1hx77jxkrwi66yvs10wfxqa8s25ds25ywgrrf66acm9nbfg7zp0s"; + type = "gem"; + }; +- version = "1.2.2"; ++ version = "1.3.0"; + }; + tilt = { + groups = ["default" "development"]; +diff --git a/pkgs/servers/mastodon/source.nix b/pkgs/servers/mastodon/source.nix +index 06c07c09df5b56..bb1a11ac7e60a0 100644 +--- a/pkgs/servers/mastodon/source.nix ++++ b/pkgs/servers/mastodon/source.nix +@@ -1,7 +1,7 @@ + # This file was generated by pkgs.mastodon.updateScript. + { fetchFromGitHub, applyPatches, patches ? [] }: + let +- version = "4.2.5"; ++ version = "4.2.6"; + in + ( + applyPatches { +@@ -9,7 +9,7 @@ in + owner = "mastodon"; + repo = "mastodon"; + rev = "v${version}"; +- hash = "sha256-dgC5V/CVE9F1ORTjPWUWc/JVcWCEj/pb4eWpDV0WliY="; ++ hash = "sha256-xUJiyQN3xsl/8+D/kaky+iYunY0ctlSbjkftN2+NQNw="; + }; + patches = patches ++ []; + }) // {