Merge pull request #253959 from dotlambda/poetry2nix-insecure
poetry2nix: mark poetry insecure
This commit is contained in:
commit
098c6db6dc
1 changed files with 26 additions and 0 deletions
|
@ -49,6 +49,32 @@ poetry2nix.mkPoetryApplication {
|
|||
# Fails because of impurities (network, git etc etc)
|
||||
doCheck = false;
|
||||
|
||||
overrides = [
|
||||
poetry2nix.defaultPoetryOverrides
|
||||
(self: super: {
|
||||
cryptography = super.cryptography.overridePythonAttrs (old: {
|
||||
meta = old.meta // {
|
||||
knownVulnerabilities = old.meta.knownVulnerabilities or [ ]
|
||||
++ lib.optionals (lib.versionOlder old.version "41.0.0") [
|
||||
"CVE-2023-2650"
|
||||
"CVE-2023-2975"
|
||||
"CVE-2023-3446"
|
||||
"CVE-2023-3817"
|
||||
"CVE-2023-38325"
|
||||
];
|
||||
};
|
||||
});
|
||||
requests = super.requests.overridePythonAttrs (old: {
|
||||
meta = old.meta // {
|
||||
knownVulnerabilities = old.meta.knownVulnerabilities or [ ]
|
||||
++ lib.optionals (lib.versionOlder old.version "2.31.0") [
|
||||
"CVE-2023-32681"
|
||||
];
|
||||
};
|
||||
});
|
||||
})
|
||||
];
|
||||
|
||||
meta = with lib; {
|
||||
inherit (python.meta) platforms;
|
||||
maintainers = with maintainers; [ adisbladis jakewaksbaum ];
|
||||
|
|
Loading…
Reference in a new issue