cosign: 1.10.0 -> 1.10.1

https://github.com/sigstore/cosign/releases/tag/v1.10.1 Includes a fix for CVE-2022-35929 https://github.com/sigstore/cosign/security/advisories/GHSA-vjxv-45g9-9296
2024-11-26 17:03:01 +00:00 · 2022-08-05 09:01:25 +02:00 · 2022-08-05 09:01:25 +02:00 · 958dd9a8c7
commit 958dd9a8c7
parent a7521391b9
1 changed files with 3 additions and 3 deletions
--- a/pkgs/tools/security/cosign/default.nix
+++ b/pkgs/tools/security/cosign/default.nix
@ -2,13 +2,13 @@

 buildGoModule rec {
  pname = "cosign";
-  version = "1.10.0";
+  version = "1.10.1";

  src = fetchFromGitHub {
    owner = "sigstore";
    repo = pname;
    rev = "v${version}";
-    sha256 = "sha256-EJ1NOaGLLBkEkWLWn8wfyFA6Kgsb9mctkw4G2um9cWE=";
+    sha256 = "sha256-DMNjzTor22uyTzieWsni9wvscfU7uCFuf3AXOYP4LRo=";
  };

  buildInputs = lib.optional (stdenv.isLinux && pivKeySupport) (lib.getDev pcsclite)
@ -16,7 +16,7 @@ buildGoModule rec {

  nativeBuildInputs = [ pkg-config installShellFiles ];

-  vendorSha256 = "sha256-JL7bqdLrNwOQPVUhlIktRM1cAPycq0PVpB1xXXiJiKM=";
+  vendorSha256 = "sha256-onRfo3ZK/+uEa0xR7P9IlEsd2aXy9foJjZl0UBO/cbs=";

  subPackages = [
    "cmd/cosign"