grafana: 9.4.3 -> 9.4.7

Sadly, upstream doesn't publish proper changelogs anymore[1] and there's
also quite a gap - this is the first time a release was published for
9.4.x since 9.4.3, so I decided to skim through the commit log on my own[2].

While there are no apparent problematic changes for us, but only
bugfixes, internal changes and a few doc fixes, I found at least one
security patch[3] fixing XSS in the graphite datasource settings, hence
the corresponding PR will get a security label.

[1] https://github.com/grafana/grafana/releases/tag/v9.4.7
    / adcdf190bb
[2] https://github.com/grafana/grafana/compare/v9.4.3...v9.4.7
[3] ef2eb2b6bf

pkgs/servers/monitoring/grafana/default.nix

@@ -2,7 +2,7 @@
 
 buildGoModule rec {
   pname = "grafana";
-  version = "9.4.3";
+  version = "9.4.7";
 
   excludedPackages = [ "alert_webhook_listener" "clean-swagger" "release_publisher" "slow_proxy" "slow_proxy_mac" "macaron" "devenv" ];
 
@@ -10,15 +10,15 @@ buildGoModule rec {
     rev = "v${version}";
     owner = "grafana";
     repo = "grafana";
-    sha256 = "sha256-LYUbypPXoWwWA4u2JxhUS/lozQNo2DCFGDPCmNP3GoE=";
+    sha256 = "sha256-vhGFZjxO20M3fQhXlEDDkad/yOyFOu48sHZ63MEnWIA=";
   };
 
   srcStatic = fetchurl {
     url = "https://dl.grafana.com/oss/release/grafana-${version}.linux-amd64.tar.gz";
-    sha256 = "sha256-aq6/sMfYVebxh46+zxphfWttFN4vBpUgCLXobLWVozk=";
+    sha256 = "sha256-HiKr1ier13xUlrwsJrxo60wwqmiPcza2oOLIfMgFWc0=";
   };
 
-  vendorSha256 = "sha256-atnlEdGDiUqQkslvRlPSi6VC5rEvRVV6R2Wxur3geew=";
+  vendorSha256 = "sha256-sUvjZTg2/6UGjc2Qv8YO4IWlS4Y/FzGRVOQ9I/wp/aM=";
 
   nativeBuildInputs = [ wire ];