From d8f641207475ac9ab21f7db696b1b3d23de6227f Mon Sep 17 00:00:00 2001
From: Leonardo Robol <leo@robol.it>
Date: Tue, 23 Nov 2021 08:00:23 +0100
Subject: [PATCH] Bump the mailman-hyperkitty plugin to 1.2.0.

This new version sends the api_key as an Authorization header instead of
a GET parameter, which fixes a security vulnerability. The change is needed
since Hyperkitty has been upgraded to 1.3.5.
---
 core/Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/Dockerfile b/core/Dockerfile
index 9b2cd53..32e7202 100644
--- a/core/Dockerfile
+++ b/core/Dockerfile
@@ -15,7 +15,7 @@ RUN --mount=type=cache,target=/root/.cache \
         && python3 -m pip install psycopg2 \
                    gunicorn==19.9.0 \
                    mailman==3.3.5 \
-                   mailman-hyperkitty==1.1.0 \
+                   mailman-hyperkitty==1.2.0 \
                    pymysql \
                    'sqlalchemy<1.4.0' \
     && apk del build-deps \