b12f/nixpkgs
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

calibre-web: 0.6.19 -> 0.6.20

Browse source 
Fixes CVE-2022-2525 and CVE-2023-2106.

https://github.com/janeczku/calibre-web/releases/tag/0.6.20
This commit is contained in:
Thomas Gerbet 2023-04-26 01:42:17 +02:00
parent 64a2fcb824
commit 64fed11531
1 changed files with 6 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
pkgs/servers/calibre-web/default.nix
View file

@ -21,13 +21,13 @@ let
in
python.pkgs.buildPythonApplication rec {
pname = "calibre-web";
version = "0.6.19";
version = "0.6.20";
src = fetchFromGitHub {
owner = "janeczku";
repo = "calibre-web";
rev = version;
hash = "sha256-mNYLQ+3u6xRaoZ5oH6HdylFfgz1fq1ZB86AWk9vULWQ=";
hash = "sha256-0lArY1aTpO4sgIVDSqClYMGlip92f9hE/L2UouTLK8Q=";
};
propagatedBuildInputs = with python.pkgs; [
@ -38,9 +38,10 @@ python.pkgs.buildPythonApplication rec {
flask-login
flask_principal
flask-wtf
flask-limiter
iso-639
lxml
pypdf3
pypdf
requests
sqlalchemy
tornado
@ -58,12 +59,6 @@ python.pkgs.buildPythonApplication rec {
# and exit. This is gonna be used to configure calibre-web declaratively, as most of its configuration parameters
# are stored in the DB.
./db-migrations.patch
# Handle version 3.0 of flask-babel
(fetchpatch {
url = "https://github.com/janeczku/calibre-web/commit/94a6931d48d347ae6c07e2b5f0301e8cf97cf53d.patch";
excludes = [ "requirements.txt" ];
hash = "sha256-0DQ+LbIOOwjBXQh+b1w8dYQ3s+xZ6nFoH5GvgJdBAFI=";
})
];
# calibre-web doesn't follow setuptools directory structure. The following is taken from the script
@ -81,12 +76,12 @@ python.pkgs.buildPythonApplication rec {
--replace "APScheduler>=3.6.3,<3.10.0" "APScheduler>=3.6.3" \
--replace "chardet>=3.0.0,<4.1.0" "chardet>=3.0.0,<6" \
--replace "Flask>=1.0.2,<2.1.0" "Flask>=1.0.2" \
--replace "Flask-Babel>=0.11.1,<2.1.0" "Flask-Babel>=0.11.1" \
--replace "Flask-Babel>=0.11.1,<3.1.0" "Flask-Babel>=0.11.1" \
--replace "Flask-Login>=0.3.2,<0.6.2" "Flask-Login>=0.3.2" \
--replace "flask-wtf>=0.14.2,<1.1.0" "flask-wtf>=0.14.2" \
--replace "lxml>=3.8.0,<4.9.0" "lxml>=3.8.0" \
--replace "tornado>=4.1,<6.2" "tornado>=4.1,<7" \
--replace "PyPDF3>=1.0.0,<1.0.7" "PyPDF3>=1.0.0" \
--replace "PyPDF>=3.0.0,<3.6.0" "PyPDF>=3.0.0" \
--replace "requests>=2.11.1,<2.28.0" "requests" \
--replace "unidecode>=0.04.19,<1.4.0" "unidecode>=0.04.19" \
--replace "werkzeug<2.1.0" ""