curl-impersonate 0 -> 1 attrpath: curl-impersonate Checking auto update branch... [version] [version] generic version rewriter does not support multiple hashes [rustCrateVersion] [rustCrateVersion] No cargoSha256 or cargoHash found [golangModuleVersion] [golangModuleVersion] skipping because derivation has updateScript [npmDepsVersion] [npmDepsVersion] No npmDepsHash [updateScript] [updateScript] Success [updateScript] Going to be running update for following packages: - curl-impersonate-0.5.4 Press Enter key to continue... Running update for: - curl-impersonate-0.5.4: UPDATING ... - curl-impersonate-0.5.4: DONE. Packages updated! Diff after rewrites: diff --git a/pkgs/tools/networking/curl-impersonate/default.nix b/pkgs/tools/networking/curl-impersonate/default.nix index 070aab8d53f2..bdac8b4c07ac 100644 --- a/pkgs/tools/networking/curl-impersonate/default.nix +++ b/pkgs/tools/networking/curl-impersonate/default.nix @@ -25,13 +25,13 @@ let makeCurlImpersonate = { name, target }: stdenv.mkDerivation rec { pname = "curl-impersonate-${name}"; - version = "0.5.4"; + version = "0.6.0"; src = fetchFromGitHub { owner = "lwthiker"; repo = "curl-impersonate"; rev = "v${version}"; - hash = "sha256-LBGWFal2szqgURIBCLB84kHWpdpt5quvBBZu6buGj2A="; + hash = "sha256-EB5l6Nz9wEtId75bi++9h+kcGH8r+fL3310yJugaHKU="; }; patches = [ diff --git a/pkgs/tools/networking/curl-impersonate/deps.nix b/pkgs/tools/networking/curl-impersonate/deps.nix index 498616247dce..0df7de8b083f 100644 --- a/pkgs/tools/networking/curl-impersonate/deps.nix +++ b/pkgs/tools/networking/curl-impersonate/deps.nix @@ -2,9 +2,9 @@ { fetchurl }: { - "curl-7.84.0.tar.xz" = fetchurl { - url = "https://curl.se/download/curl-7.84.0.tar.xz"; - hash = "sha256-LRGLQ/VHv+W66AbY1HtOWW6lslpsHwgK70n7zYF8Xbg="; + "curl-8.1.1.tar.xz" = fetchurl { + url = "https://curl.se/download/curl-8.1.1.tar.xz"; + hash = "sha256-CKlI4GGSlkVZfB73GU4HswiyIIT/A/p0ALRl5sBRSeU="; }; "brotli-1.0.9.tar.gz" = fetchurl { @@ -12,9 +12,9 @@ hash = "sha256-+ejYHQQFumbRgVKa9CozVPg4yTkJX/mZMNpqqc32/kY="; }; - "nss-3.87.tar.gz" = fetchurl { - url = "https://ftp.mozilla.org/pub/security/nss/releases/NSS_3_87_RTM/src/nss-3.87-with-nspr-4.35.tar.gz"; - hash = "sha256-63DqC1jc5pqkkOnp/s0TKn1kTh2j1jHhYzdqDcwRoCI="; + "nss-3.92.tar.gz" = fetchurl { + url = "https://ftp.mozilla.org/pub/security/nss/releases/NSS_3_92_RTM/src/nss-3.92-with-nspr-4.35.tar.gz"; + hash = "sha256-IcF2v/+27IQLX5hcf48BRoL0ovtVsGkkc0Fy1cBIbcU="; }; "boringssl.zip" = fetchurl { @@ -22,8 +22,8 @@ hash = "sha256-HsDIkd1x5IH49fUF07dJaabMIMsQygW+NI7GneULpA8="; }; - "nghttp2-1.46.0.tar.bz2" = fetchurl { - url = "https://github.com/nghttp2/nghttp2/releases/download/v1.46.0/nghttp2-1.46.0.tar.bz2"; - hash = "sha256-moKXjIcAcbdp8n0riBkct3/clFpRwdaFx/YafhP8Ryk="; + "nghttp2-1.56.0.tar.bz2" = fetchurl { + url = "https://github.com/nghttp2/nghttp2/releases/download/v1.56.0/nghttp2-1.56.0.tar.bz2"; + hash = "sha256-L13Nv1d6LfUTokZGRUhMw10uTQczZT1jGTrlHbQd70E="; }; } No auto update branch exists Received ExitFailure 1 when running Raw command: /nix/store/3nqhcyc7vid1npgcd0m7arg5sn325nhz-nix-2.12.0/bin/nix-build --option sandbox true --arg config "{ allowBroken = true; allowUnfree = true; allowAliases = false; }" --arg overlays "[ ]" -A curl-impersonate Received ExitFailure 1 when running Raw command: /nix/store/3nqhcyc7vid1npgcd0m7arg5sn325nhz-nix-2.12.0/bin/nix --extra-experimental-features nix-command log -f . curl-impersonate Standard output: error: Package ‘curl-impersonate-0.6.0’ in /var/cache/nixpkgs-update/worker/worktree/curl-impersonate/pkgs/tools/networking/curl-impersonate/default.nix:150 is marked as insecure, refusing to evaluate. Known issues: - CVE-2023-38545 - CVE-2023-32001 - CVE-2022-43551 - CVE-2022-42916 You can install it anyway by allowing this package, using the following methods: a) To temporarily allow all insecure packages, you can use an environment variable for a single invocation of the nix tools: $ export NIXPKGS_ALLOW_INSECURE=1 Note: When using `nix shell`, `nix build`, `nix develop`, etc with a flake, then pass `--impure` in order to allow use of environment variables. b) for `nixos-rebuild` you can add ‘curl-impersonate-0.6.0’ to `nixpkgs.config.permittedInsecurePackages` in the configuration.nix, like so: { nixpkgs.config.permittedInsecurePackages = [ "curl-impersonate-0.6.0" ]; } c) For `nix-env`, `nix-build`, `nix-shell` or any other Nix command you can add ‘curl-impersonate-0.6.0’ to `permittedInsecurePackages` in ~/.config/nixpkgs/config.nix, like so: { permittedInsecurePackages = [ "curl-impersonate-0.6.0" ]; } (use '--show-trace' to show detailed location information)