Merge pull request #205342 from dotlambda/nixops-insecure

nixops: mark certifi insecure
2022-12-11 13:08:08 -08:00 · 2022-12-11 13:08:08 -08:00 · 823d4b7e8c
parent f9642cc689 218122fa5c
commit 823d4b7e8c
2 changed files with 13 additions and 0 deletions
--- a/pkgs/applications/networking/cluster/nixops/default.nix
+++ b/pkgs/applications/networking/cluster/nixops/default.nix
@ -69,6 +69,14 @@ let
          };
        })

+        (self: super: {
+          certifi = super.certifi.overridePythonAttrs (old: {
+            meta = old.meta // {
+              knownVulnerabilities = [ "CVE-2022-23491" ];
+            };
+          });
+        })
+
      ];
    }
  ).python;
--- a/pkgs/tools/package-management/nixops/default.nix
+++ b/pkgs/tools/package-management/nixops/default.nix
@ -9,6 +9,11 @@ let
    overrides = [
      poetry2nix.defaultPoetryOverrides
      (self: super: {
+        certifi = super.certifi.overridePythonAttrs (old: {
+          meta = old.meta // {
+            knownVulnerabilities = [ "CVE-2022-23491" ];
+          };
+        });
        pyjwt = super.pyjwt.overridePythonAttrs (old: {
          meta = old.meta // {
            knownVulnerabilities = lib.optionals (lib.versionOlder old.version "2.4.0") [