diff --git a/pkgs/applications/misc/tandoor-recipes/common.nix b/pkgs/applications/misc/tandoor-recipes/common.nix index 49b38bec655a..1a3e4d261144 100644 --- a/pkgs/applications/misc/tandoor-recipes/common.nix +++ b/pkgs/applications/misc/tandoor-recipes/common.nix @@ -1,15 +1,15 @@ { lib, fetchFromGitHub }: rec { - version = "1.4.4"; + version = "1.4.9"; src = fetchFromGitHub { owner = "TandoorRecipes"; repo = "recipes"; rev = version; - sha256 = "sha256-1wqZoOT2Aafbs2P0mL33jw5HkrLIitUcRt6bQQcHx40="; + sha256 = "sha256-h424lUm/wmCHXkMW2XejogvH3wL/+J67cG4m8rIWM1U="; }; - yarnSha256 = "sha256-gH0q3pJ2BC5pAU9KSo3C9DDRUnpypoyLOEqKSrkxYrk="; + yarnSha256 = "sha256-LJ0uL66tcK6zL8Mkd2UB8dHsslMTtf8wQmgbZdvOT6s="; meta = with lib; { homepage = "https://tandoor.dev/"; diff --git a/pkgs/applications/misc/tandoor-recipes/default.nix b/pkgs/applications/misc/tandoor-recipes/default.nix index 89d1740a802c..1f5dee51c599 100644 --- a/pkgs/applications/misc/tandoor-recipes/default.nix +++ b/pkgs/applications/misc/tandoor-recipes/default.nix @@ -2,6 +2,7 @@ , nixosTests , python3 , fetchFromGitHub +, fetchpatch }: let python = python3.override { @@ -41,6 +42,12 @@ python.pkgs.pythonPackages.buildPythonPackage rec { patches = [ # Allow setting MEDIA_ROOT through environment variable ./media-root.patch + # Address CVE-2023-31047 on Django 4.2.1+ + (fetchpatch { + name = "fix-multiple-file-field"; + url = "https://github.com/TandoorRecipes/recipes/pull/2458/commits/6b04c922977317354a367487427b15a8ed619be9.patch"; + hash = "sha256-KmfjJSrB/4tOWtU7zrDJ/AOG4XlmWy/halw8IEEXdZ0="; + }) ]; propagatedBuildInputs = with python.pkgs; [ @@ -101,8 +108,10 @@ python.pkgs.pythonPackages.buildPythonPackage rec { buildPhase = '' runHook preBuild - # Avoid dependency on django debug toolbar + # Disable debug logging export DEBUG=0 + # Avoid dependency on django debug toolbar + export DEBUG_TOOLBAR=0 # See https://github.com/TandoorRecipes/recipes/issues/2043 mkdir cookbook/static/themes/maps/