Skip to content

Commit

Permalink
Merge pull request #47884 from primeos/security-backports-for-18.09
Browse files Browse the repository at this point in the history 
[18.09] gollum, jekyll (security backports)
  • Loading branch information
@primeos
primeos committed Oct 4, 2018
2 parents 7c3459b + 1f96d2f commit cb08cb4
Show file tree
Hide file tree
Showing 7 changed files with 163 additions and 119 deletions.
46 changes: 27 additions & 19 deletions pkgs/applications/misc/gollum/Gemfile.lock
View file
@@ -1,54 +1,62 @@
GEM
remote: https://rubygems.org/
specs:
charlock_holmes (0.7.3)
charlock_holmes (0.7.6)
diff-lcs (1.3)
gemojione (3.3.0)
json
github-markup (1.6.1)
gitlab-grit (2.8.1)
github-markup (1.7.0)
gitlab-grit (2.8.2)
charlock_holmes (~> 0.6)
diff-lcs (~> 1.1)
mime-types (>= 1.16, < 3)
mime-types (>= 1.16)
posix-spawn (~> 0.3)
gollum (4.1.2)
gollum (4.1.4)
gemojione (~> 3.2)
gollum-lib (>= 4.2.7)
gollum-lib (~> 4.2, >= 4.2.10)
kramdown (~> 1.9.0)
mustache (>= 0.99.5, < 1.0.0)
sinatra (~> 1.4, >= 1.4.4)
useragent (~> 0.16.2)
gollum-grit_adapter (1.0.1)
gitlab-grit (~> 2.7, >= 2.7.1)
gollum-lib (4.2.7)
gollum-lib (4.2.10)
gemojione (~> 3.2)
github-markup (~> 1.6)
gollum-grit_adapter (~> 1.0)
nokogiri (>= 1.6.1, < 2.0)
rouge (~> 2.1)
sanitize (~> 2.1)
sanitize (~> 2.1.1, >= 2.1.1)
stringex (~> 2.6)
twitter-text (= 1.14.7)
json (2.1.0)
kramdown (1.9.0)
mime-types (2.99.3)
mini_portile2 (2.2.0)
mime-types (3.2.2)
mime-types-data (~> 3.2015)
mime-types-data (3.2018.0812)
mini_portile2 (2.3.0)
mustache (0.99.8)
nokogiri (1.8.0)
mini_portile2 (~> 2.2.0)
nokogiri (1.8.4)
mini_portile2 (~> 2.3.0)
posix-spawn (0.3.13)
rack (1.6.8)
rack-protection (1.5.3)
rack (1.6.10)
rack-protection (1.5.5)
rack
rouge (2.1.1)
sanitize (2.1.0)
rouge (2.2.1)
sanitize (2.1.1)
nokogiri (>= 1.4.4)
sinatra (1.4.8)
rack (~> 1.5)
rack-protection (~> 1.4)
tilt (>= 1.3, < 3)
stringex (2.7.1)
stringex (2.8.4)
tilt (2.0.8)
useragent (0.16.8)
twitter-text (1.14.7)
unf (~> 0.1.0)
unf (0.1.4)
unf_ext
unf_ext (0.0.7.5)
useragent (0.16.10)

PLATFORMS
ruby
Expand All @@ -57,4 +65,4 @@ DEPENDENCIES
gollum

BUNDLED WITH
1.15.3
1.16.3
1 change: 1 addition & 0 deletions pkgs/applications/misc/gollum/default.nix
View file
Expand Up @@ -4,6 +4,7 @@
stdenv.mkDerivation rec {
name = "${pname}-${version}";
pname = "gollum";
# nix-shell -p bundix icu zlib
version = (import ./gemset.nix).gollum.version;

nativeBuildInputs = [ makeWrapper ];
Expand Down
93 changes: 64 additions & 29 deletions pkgs/applications/misc/gollum/gemset.nix
View file
Expand Up @@ -2,10 +2,10 @@
charlock_holmes = {
source = {
remotes = ["https://rubygems.org"];
sha256 = "0jsl6k27wjmssxbwv9wpf7hgp9r0nvizcf6qpjnr7qs2nia53lf7";
sha256 = "1nf1l31n10yaark2rrg5qzyzcx9w80681449s3j09qmnipsl8rl5";
type = "gem";
};
version = "0.7.3";
version = "0.7.6";
};
diff-lcs = {
source = {
Expand All @@ -27,28 +27,28 @@
github-markup = {
source = {
remotes = ["https://rubygems.org"];
sha256 = "1nyb9ck2c9z5qi86n7r52w0m126qpnvc93yh35cn8bwsnkjqx0iq";
sha256 = "17g6g18gdjg63k75sfwiskjzl9i0hfcnrkcpb4fwrnb20v3jgswp";
type = "gem";
};
version = "1.6.1";
version = "1.7.0";
};
gitlab-grit = {
dependencies = ["charlock_holmes" "diff-lcs" "mime-types" "posix-spawn"];
source = {
remotes = ["https://rubygems.org"];
sha256 = "0lf1cr6pzqrbnxiiwym6q74b1a2ihdi91dynajk8hi1p093hl66n";
sha256 = "0xgs3l81ghlc5nm75n0pz7b2cj3hpscfq5iy27c483nnjn2v5mc4";
type = "gem";
};
version = "2.8.1";
version = "2.8.2";
};
gollum = {
dependencies = ["gemojione" "gollum-lib" "kramdown" "mustache" "sinatra" "useragent"];
source = {
remotes = ["https://rubygems.org"];
sha256 = "051pm2f50daiqcqy87aq4809x4c95iwwml6ca4wgvvmj5zkk6k5a";
sha256 = "0ik1b0f73lcxfwfml1h84dp6br79g0z9v6x54wvl46n9d1ndrhl7";
type = "gem";
};
version = "4.1.2";
version = "4.1.4";
};
gollum-grit_adapter = {
dependencies = ["gitlab-grit"];
Expand All @@ -60,13 +60,13 @@
version = "1.0.1";
};
gollum-lib = {
dependencies = ["gemojione" "github-markup" "gollum-grit_adapter" "nokogiri" "rouge" "sanitize" "stringex"];
dependencies = ["gemojione" "github-markup" "gollum-grit_adapter" "nokogiri" "rouge" "sanitize" "stringex" "twitter-text"];
source = {
remotes = ["https://rubygems.org"];
sha256 = "1filwvjfj5q2m6w4q274ai36d6f0mrsv2l2khhk4bv1q6pqby2fq";
sha256 = "1699wiir6f2a8yawk3qg0xn3zdc10mz783v53ri1ivfnzdrm3dvf";
type = "gem";
};
version = "4.2.7";
version = "4.2.10";
};
json = {
source = {
Expand All @@ -85,20 +85,29 @@
version = "1.9.0";
};
mime-types = {
dependencies = ["mime-types-data"];
source = {
remotes = ["https://rubygems.org"];
sha256 = "03j98xr0qw2p2jkclpmk7pm29yvmmh0073d8d43ajmr0h3w7i5l9";
sha256 = "0fjxy1jm52ixpnv3vg9ld9pr9f35gy0jp66i1njhqjvmnvq0iwwk";
type = "gem";
};
version = "2.99.3";
version = "3.2.2";
};
mime-types-data = {
source = {
remotes = ["https://rubygems.org"];
sha256 = "07wvp0aw2gjm4njibb70as6rh5hi1zzri5vky1q6jx95h8l56idc";
type = "gem";
};
version = "3.2018.0812";
};
mini_portile2 = {
source = {
remotes = ["https://rubygems.org"];
sha256 = "0g5bpgy08q0nc0anisg3yvwc1gc3inl854fcrg48wvg7glqd6dpm";
sha256 = "13d32jjadpjj6d2wdhkfpsmy68zjx90p49bgf8f7nkpz86r1fr11";
type = "gem";
};
version = "2.2.0";
version = "2.3.0";
};
mustache = {
source = {
Expand All @@ -112,10 +121,10 @@
dependencies = ["mini_portile2"];
source = {
remotes = ["https://rubygems.org"];
sha256 = "1nffsyx1xjg6v5n9rrbi8y1arrcx2i5f21cp6clgh9iwiqkr7rnn";
sha256 = "1h9nml9h3m0mpvmh8jfnqvblnz5n5y3mmhgfc38avfmfzdrq9bgc";
type = "gem";
};
version = "1.8.0";
version = "1.8.4";
};
posix-spawn = {
source = {
Expand All @@ -128,36 +137,36 @@
rack = {
source = {
remotes = ["https://rubygems.org"];
sha256 = "19m7aixb2ri7p1n0iqaqx8ldi97xdhvbxijbyrrcdcl6fv5prqza";
sha256 = "0in0amn0kwvzmi8h5zg6ijrx5wpsf8h96zrfmnk1kwh2ql4sxs2q";
type = "gem";
};
version = "1.6.8";
version = "1.6.10";
};
rack-protection = {
dependencies = ["rack"];
source = {
remotes = ["https://rubygems.org"];
sha256 = "0cvb21zz7p9wy23wdav63z5qzfn4nialik22yqp6gihkgfqqrh5r";
sha256 = "0my0wlw4a5l3hs79jkx2xzv7djhajgf8d28k8ai1ddlnxxb0v7ss";
type = "gem";
};
version = "1.5.3";
version = "1.5.5";
};
rouge = {
source = {
remotes = ["https://rubygems.org"];
sha256 = "1wn6rq5qjmcwh9ixkljazv6gmg746rgbgs6av5qnk0mxim5qw11p";
sha256 = "02kpahk5nkc33yxnn75649kzxaz073wvazr2zyg491nndykgnvcs";
type = "gem";
};
version = "2.1.1";
version = "2.2.1";
};
sanitize = {
dependencies = ["nokogiri"];
source = {
remotes = ["https://rubygems.org"];
sha256 = "0xsv6xqrlz91rd8wifjknadbl3z5h6qphmxy0hjb189qbdghggn3";
sha256 = "12ip1d80r0dgc621qn7c32bk12xxgkkg3w6q21s1ckxivcd7r898";
type = "gem";
};
version = "2.1.0";
version = "2.1.1";
};
sinatra = {
dependencies = ["rack" "rack-protection" "tilt"];
Expand All @@ -171,10 +180,10 @@
stringex = {
source = {
remotes = ["https://rubygems.org"];
sha256 = "1zc93v00av643lc6njl09wwki7h5yqayhh1din8zqfylw814l1dv";
sha256 = "0c5dfrjzkskzfsdvwsviq4111rwwpbk9022nxwdidz014mky5vi1";
type = "gem";
};
version = "2.7.1";
version = "2.8.4";
};
tilt = {
source = {
Expand All @@ -184,12 +193,38 @@
};
version = "2.0.8";
};
twitter-text = {
dependencies = ["unf"];
source = {
remotes = ["https://rubygems.org"];
sha256 = "1732h7hy1k152w8wfvjsx7b79alk45i5imwd37ia4qcx8hfm3gvg";
type = "gem";
};
version = "1.14.7";
};
unf = {
dependencies = ["unf_ext"];
source = {
remotes = ["https://rubygems.org"];
sha256 = "0bh2cf73i2ffh4fcpdn9ir4mhq8zi50ik0zqa1braahzadx536a9";
type = "gem";
};
version = "0.1.4";
};
unf_ext = {
source = {
remotes = ["https://rubygems.org"];
sha256 = "06p1i6qhy34bpb8q8ms88y6f2kz86azwm098yvcc0nyqk9y729j1";
type = "gem";
};
version = "0.0.7.5";
};
useragent = {
source = {
remotes = ["https://rubygems.org"];
sha256 = "1139cjqyv1hk1qcw89k81ajjkqyakqgbcyvmfrsmjqi8yn9kgqhq";
sha256 = "1fv5kvq494swy0p17h9qya9r50w15xsi9zmvhzb8gh55kq6ki50p";
type = "gem";
};
version = "0.16.8";
version = "0.16.10";
};
}
18 changes: 9 additions & 9 deletions pkgs/applications/misc/jekyll/basic/Gemfile.lock
View file
Expand Up @@ -17,13 +17,13 @@ GEM
ffi (1.9.25)
forwardable-extended (2.6.0)
gemoji (3.0.0)
html-pipeline (2.8.0)
html-pipeline (2.8.4)
activesupport (>= 2)
nokogiri (>= 1.4)
http_parser.rb (0.6.0)
i18n (0.9.5)
concurrent-ruby (~> 1.0)
jekyll (3.8.3)
jekyll (3.8.4)
addressable (~> 2.4)
colorator (~> 1.0)
em-websocket (~> 0.5)
Expand All @@ -38,7 +38,7 @@ GEM
safe_yaml (~> 1.0)
jekyll-avatar (0.6.0)
jekyll (~> 3.0)
jekyll-mentions (1.4.0)
jekyll-mentions (1.4.1)
html-pipeline (~> 2.3)
jekyll (~> 3.0)
jekyll-sass-converter (1.5.2)
Expand All @@ -49,7 +49,7 @@ GEM
jekyll (~> 3.3)
jekyll-watch (2.0.0)
listen (~> 3.0)
jemoji (0.10.0)
jemoji (0.10.1)
gemoji (~> 3.0)
html-pipeline (~> 2.2)
jekyll (~> 3.0)
Expand All @@ -62,18 +62,18 @@ GEM
mercenary (0.3.6)
mini_portile2 (2.3.0)
minitest (5.11.3)
nokogiri (1.8.2)
nokogiri (1.8.4)
mini_portile2 (~> 2.3.0)
pathutil (0.16.1)
forwardable-extended (~> 2.6)
public_suffix (3.0.2)
public_suffix (3.0.3)
rb-fsevent (0.10.3)
rb-inotify (0.9.10)
ffi (>= 0.5.0, < 2)
rouge (3.1.1)
rouge (3.2.1)
ruby_dep (1.5.0)
safe_yaml (1.0.4)
sass (3.5.6)
sass (3.5.7)
sass-listen (~> 4.0.0)
sass-listen (4.0.0)
rb-fsevent (~> 0.9, >= 0.9.4)
Expand All @@ -96,4 +96,4 @@ DEPENDENCIES
rouge

BUNDLED WITH
1.14.6
1.16.3

0 comments on commit cb08cb4

Please sign in to comment.