Since commit f7e28bf5d8 ("Split
buildPythonPackage into setup hooks"), the `ia` command provided by this
package has crashed with the error:
Traceback (most recent call last):
File "/nix/store/7n1jf081h0qnj82m2s69mxzj02zf746f-python3.7-internetarchive-1.8.1/bin/.ia-wrapped", line 7, in <module>
from internetarchive.cli.ia import main
File "/nix/store/7n1jf081h0qnj82m2s69mxzj02zf746f-python3.7-internetarchive-1.8.1/lib/python3.7/site-packages/internetarchive/cli/__init__.py", line 27, in <module>
from internetarchive.cli import ia, ia_configure, ia_delete, ia_download, ia_list, \
File "/nix/store/7n1jf081h0qnj82m2s69mxzj02zf746f-python3.7-internetarchive-1.8.1/lib/python3.7/site-packages/internetarchive/cli/ia.py", line 60, in <module>
from pkg_resources import iter_entry_points, DistributionNotFound
ModuleNotFoundError: No module named 'pkg_resources'
This commit fixes that by adding `setuptools` (which contains the
'pkg_resources' module) to `propagatedBuildInputs`.
https://about.gitlab.com/blog/2019/12/10/critical-security-release-gitlab-12-5-4-released/
Insufficient parameter sanitization for Maven package registry could lead to privilege escalation and remote code execution vulnerabilities under certain conditions. The issue is now mitigated in the latest release and is assigned CVE-2019-19628.
When transferring a public project to a private group, private code would be disclosed via the Group Search API provided by Elasticsearch integration. The issue is now mitigated in the latest release and is assigned CVE-2019-19629.
The Git dependency has been upgraded to 2.22.2 in order to apply security fixes detailed here.
CVE-2019-19604 was identified by the GitLab Security Research team. For more information on that issue, please visit the GitLab Security Research Advisory
closes#75506.
Having a default session resulted in GDM not remembering the last used
session.
So do not force the session until setSessionScript is made aware of the
last session used.
Install again default deps.edn. deps.edn was embedded in clojure jar,
but that change was reverted, see
a34969513f
Update derivation to produce only one output. Multiple outputs was
introduced by #35140, but I don't think is necessary anymore.
When 'grafting' '/nix/store/<hash>-loopback.cfg' from disk onto
'/boot/grub/loopback.cfg' on the iso, the parent 'grub' directory does not
exist yet. In this case it is automatically created and inherits its
attributes, including timestamp, from /nix/store.
This is correct/expected/intentional behavior of xorriso, but has the
undesired result of leaking the timestamps of /nix/store into the iso. For
this reason we put the loopback.cfg in a
'/nix/store/<hash>-loopback.cfg/grub/loopback.cfg' instead, so it will inherit
the attributes from the correctly-timestamped
'/nix/store/<hash>-loopback.cfg/grub' directory.
For the same reason we move '/EFI/boot/efi-background.png' down in the list
so it is grafted after its parent '/EFI/boot' directory is created with
the correct timestamp.
fixes#74944
Since testresources declares `Requires-Dist: pbr (>=1.8)` and imports
`pbr.version`, any user of testresources also needs to have pbr.
Signed-off-by: Anders Kaseorg <andersk@mit.edu>