tandoor-recipes: 1.4.4 -> 1.4.9

Changelog: see 1.4.4...1.4.9 [1].

[1]: https://github.com/TandoorRecipes/recipes/compare/1.4.4...1.4.9

pkgs/applications/misc/tandoor-recipes/common.nix

@@ -1,15 +1,15 @@
 { lib, fetchFromGitHub }:
 rec {
-  version = "1.4.4";
+  version = "1.4.9";
 
   src = fetchFromGitHub {
     owner = "TandoorRecipes";
     repo = "recipes";
     rev = version;
-    sha256 = "sha256-1wqZoOT2Aafbs2P0mL33jw5HkrLIitUcRt6bQQcHx40=";
+    sha256 = "sha256-h424lUm/wmCHXkMW2XejogvH3wL/+J67cG4m8rIWM1U=";
   };
 
-  yarnSha256 = "sha256-gH0q3pJ2BC5pAU9KSo3C9DDRUnpypoyLOEqKSrkxYrk=";
+  yarnSha256 = "sha256-LJ0uL66tcK6zL8Mkd2UB8dHsslMTtf8wQmgbZdvOT6s=";
 
   meta = with lib; {
     homepage = "https://tandoor.dev/";

pkgs/applications/misc/tandoor-recipes/default.nix

@@ -2,6 +2,7 @@
 , nixosTests
 , python3
 , fetchFromGitHub
+, fetchpatch
 }:
 let
   python = python3.override {
@@ -41,6 +42,12 @@ python.pkgs.pythonPackages.buildPythonPackage rec {
   patches = [
     # Allow setting MEDIA_ROOT through environment variable
     ./media-root.patch
+    # Address CVE-2023-31047 on Django 4.2.1+
+    (fetchpatch {
+      name = "fix-multiple-file-field";
+      url = "https://github.com/TandoorRecipes/recipes/pull/2458/commits/6b04c922977317354a367487427b15a8ed619be9.patch";
+      hash = "sha256-KmfjJSrB/4tOWtU7zrDJ/AOG4XlmWy/halw8IEEXdZ0=";
+    })
   ];
 
   propagatedBuildInputs = with python.pkgs; [
@@ -101,8 +108,10 @@ python.pkgs.pythonPackages.buildPythonPackage rec {
   buildPhase = ''
     runHook preBuild
 
-    # Avoid dependency on django debug toolbar
+    # Disable debug logging
     export DEBUG=0
+    # Avoid dependency on django debug toolbar
+    export DEBUG_TOOLBAR=0
 
     # See https://github.com/TandoorRecipes/recipes/issues/2043
     mkdir cookbook/static/themes/maps/