diff --git a/pkgs/tools/graphics/graphviz/base.nix b/pkgs/tools/graphics/graphviz/base.nix index cd2302efd16..700bed237bd 100644 --- a/pkgs/tools/graphics/graphviz/base.nix +++ b/pkgs/tools/graphics/graphviz/base.nix @@ -7,7 +7,7 @@ assert stdenv.isDarwin -> ApplicationServices != null; let - inherit (stdenv.lib) optionals optionalString; + inherit (stdenv.lib) optional optionals optionalString; raw_patch = # https://gitlab.com/graphviz/graphviz/issues/1367 CVE-2018-10196 fetchpatch { @@ -17,11 +17,13 @@ let excludes = ["tests/*"]; # we don't run them and they don't apply }; # the patch needs a small adaption for older versions - patch = if stdenv.lib.versionAtLeast version "2.37" then raw_patch else + patchToUse = if stdenv.lib.versionAtLeast version "2.37" then raw_patch else stdenv.mkDerivation { inherit (raw_patch) name; buildCommand = "sed s/dot_root/agroot/g ${raw_patch} > $out"; }; + # 2.42 has the patch included + patches = optional (stdenv.lib.versionOlder version "2.42") patchToUse; in stdenv.mkDerivation { @@ -52,9 +54,7 @@ stdenv.mkDerivation { "--with-ltdl-include=${libtool}/include" ] ++ stdenv.lib.optional (xorg == null) [ "--without-x" ]; - patches = [ - patch - ]; + inherit patches; postPatch = '' for f in $(find . -name Makefile.in); do diff --git a/pkgs/tools/graphics/graphviz/default.nix b/pkgs/tools/graphics/graphviz/default.nix index 7249a6cdaad..c79fe3aaf4d 100644 --- a/pkgs/tools/graphics/graphviz/default.nix +++ b/pkgs/tools/graphics/graphviz/default.nix @@ -1,5 +1,5 @@ import ./base.nix rec { - rev = "67cd2e5121379a38e0801cc05cce5033f8a2a609"; - version = "2.40.1"; - sha256 = "1xjqq3g2n6jgwp5xzyvibgrxawlskkpam69fjjz9ksrrjas2qwzj"; + rev = "da4c2ec6f24ca1b6d1752c6b5bc4389e55682147"; # use rev as tags have disappeared before + version = "2.42.2"; + sha256 = "0lacl11amyvj04j78m63qifljl4c0nkyy50z4bkg8mg9j4hjdy0x"; }