diff options
| author | github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> | 2024-02-15 00:02:51 +0000 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-02-15 00:02:51 +0000 |
| commit | 604991674d3921284607cd13a4969bb6382aca65 (patch) | |
| tree | c6968be3adae75fce690241757f9345947698098 /pkgs/development/php-packages/composer/default.nix | |
| parent | 08b62a0025ee9331067d6f4c478699e6a82bd33d (diff) | |
| parent | 537907d90e7272b65756a6e8261264bee5465b3c (diff) | |
| download | nixlib-604991674d3921284607cd13a4969bb6382aca65.tar nixlib-604991674d3921284607cd13a4969bb6382aca65.tar.gz nixlib-604991674d3921284607cd13a4969bb6382aca65.tar.bz2 nixlib-604991674d3921284607cd13a4969bb6382aca65.tar.lz nixlib-604991674d3921284607cd13a4969bb6382aca65.tar.xz nixlib-604991674d3921284607cd13a4969bb6382aca65.tar.zst nixlib-604991674d3921284607cd13a4969bb6382aca65.zip | |
Merge staging-next into staging
Diffstat (limited to 'pkgs/development/php-packages/composer/default.nix')
| -rw-r--r-- | pkgs/development/php-packages/composer/default.nix | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/pkgs/development/php-packages/composer/default.nix b/pkgs/development/php-packages/composer/default.nix index 9cfc8683eca5..8a626f46181a 100644 --- a/pkgs/development/php-packages/composer/default.nix +++ b/pkgs/development/php-packages/composer/default.nix @@ -1,4 +1,4 @@ -{ lib, callPackage, fetchFromGitHub, php, unzip, _7zz, xz, git, curl, cacert, makeBinaryWrapper }: +{ lib, callPackage, fetchFromGitHub, fetchpatch, php, unzip, _7zz, xz, git, curl, cacert, makeBinaryWrapper }: php.buildComposerProject (finalAttrs: { # Hash used by ../../../build-support/php/pkgs/composer-phar.nix to @@ -22,6 +22,18 @@ php.buildComposerProject (finalAttrs: { hash = "sha256-KsTZi7dSlQcAxoen9rpofbptVdLYhK+bZeDSXQY7o5M="; }; + patches = [ + (fetchpatch { + name = "CVE-2024-24821.patch"; + url = "https://github.com/composer/composer/commit/77e3982918bc1d886843dc3d5e575e7e871b27b7.patch"; + hash = "sha256-Q7gkPLf59+p++DpfJZeOrAOiWePuGkdGYRaS/rK+Nv4="; + excludes = [ + # Skipping test files, they are not included in the source tarball + "tests/*" + ]; + }) + ]; + nativeBuildInputs = [ makeBinaryWrapper ]; postInstall = '' |