From eabf99b8d8ba1feb3117a1025d061f28af752b9d Mon Sep 17 00:00:00 2001
From: Robert Scott <code@humanleg.org.uk>
Date: Wed, 9 Jun 2021 00:04:28 +0100
Subject: [PATCH] python3Packages.datasette: add patch for CVE-2021-32670

enable included test
---
 pkgs/development/python-modules/datasette/default.nix | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/pkgs/development/python-modules/datasette/default.nix b/pkgs/development/python-modules/datasette/default.nix
index 1d919de6ee8..19762d32fd7 100644
--- a/pkgs/development/python-modules/datasette/default.nix
+++ b/pkgs/development/python-modules/datasette/default.nix
@@ -1,6 +1,7 @@
 { lib
 , buildPythonPackage
 , fetchFromGitHub
+, fetchpatch
 , aiofiles
 , asgi-csrf
 , click
@@ -36,6 +37,14 @@ buildPythonPackage rec {
     sha256 = "sha256-Ixh56X9dI/FIJPXHXXGnFiYj3qeBmvW5L1FF7/0ofUQ=";
   };
 
+  patches = [
+    (fetchpatch {
+      name = "CVE-2021-32670.patch";
+      url = "https://github.com/simonw/datasette/commit/26fc539312bca2551b6f048b6bcf4ffbb491289f.patch";
+      sha256 = "1d4yy6dqb4l7y0c5xpdvl66522ckdb34wnqvzqw73pdl2hr5jsml";
+    })
+  ];
+
   nativeBuildInputs = [ pytestrunner ];
 
   propagatedBuildInputs = [
@@ -80,6 +89,8 @@ buildPythonPackage rec {
   # just run the csv tests, as this should give some indictation of correctness
   pytestFlagsArray = [
     "tests/test_csv.py"
+    # covers patched CVE-2021-32670
+    "tests/test_html.py"
   ];
   disabledTests = [
     "facet"