graphviz_2_0: hide inside monotoneViz

The old Graphviz version is vulnerable, but monotone-viz will never feed it bad input. (cherry picked from commit c731738)
NixOS · Feb 15, 2017 · 50b671b · 50b671b
1 parent 4838518
commit 50b671b
Show file tree

Hide file tree

Showing 3 changed files with 9 additions and 7 deletions.
diff --git a/pkgs/applications/version-management/monotone-viz/default.nix b/pkgs/applications/version-management/monotone-viz/default.nix
@@ -1,4 +1,12 @@
-{stdenv, fetchurl, ocaml, lablgtk, libgnomecanvas, camlp4, glib, pkgconfig, graphviz_2_0, makeWrapper}:
+{stdenv, fetchurl, ocaml, lablgtk, libgnomecanvas, camlp4, glib, pkgconfig, makeWrapper
+, libtool, libpng, yacc, expat, fontconfig, gd, pango, libjpeg, libwebp, xlibsWrapper, libXaw
+}:
+# We need an old version of Graphviz for format compatibility reasons.
+# This version is vulnerable, but monotone-viz will never feed it bad input.
+let graphviz_2_0 = import ./graphviz-2.0.nix {
+      inherit stdenv fetchurl pkgconfig xlibsWrapper libpng libjpeg expat libXaw
+        yacc libtool fontconfig pango gd libwebp;
+    }; in
 stdenv.mkDerivation rec {
   version = "1.0.2";
   name = "monotone-viz-${version}";

diff --git a/pkgs/tools/graphics/graphviz/2.0.nix → ...-management/monotone-viz/graphviz-2.0.nix b/pkgs/tools/graphics/graphviz/2.0.nix → ...-management/monotone-viz/graphviz-2.0.nix
diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix
@@ -1869,12 +1869,6 @@ in
     libdevil = libdevil-nox;
   };
 
-  /* Readded by Michael Raskin. There are programs in the wild
-   * that do want 2.0 but not 2.22. Please give a day's notice for
-   * objections before removal. The feature is integer coordinates
-   */
-  graphviz_2_0 = callPackage ../tools/graphics/graphviz/2.0.nix { };
-
   /* Readded by Michael Raskin. There are programs in the wild
    * that do want 2.32 but not 2.0 or 2.36. Please give a day's notice for
    * objections before removal. The feature is libgraph.