From ff2bf86c752d862808a9b6eddd71e655d9695ab2 Mon Sep 17 00:00:00 2001
From: Martin Weinelt <hexa@darmstadt.ccc.de>
Date: Sat, 7 Mar 2026 15:12:08 +0100
Subject: [PATCH] svgo: 4.0.0 -> 4.0.1

https://github.com/svg/svgo/releases/tag/v4.0.1
https://github.com/svg/svgo/security/advisories/GHSA-xpqw-6gx7-v673

Fixes: CVE-2026-29074
---
 pkgs/by-name/sv/svgo/package.nix | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/pkgs/by-name/sv/svgo/package.nix b/pkgs/by-name/sv/svgo/package.nix
index 2cd74ca00403..f691b0adcd61 100644
--- a/pkgs/by-name/sv/svgo/package.nix
+++ b/pkgs/by-name/sv/svgo/package.nix
@@ -12,20 +12,20 @@ let
 in
 stdenv.mkDerivation (finalAttrs: {
   pname = "svgo";
-  version = "4.0.0";
+  version = "4.0.1";
 
   src = fetchFromGitHub {
     owner = "svg";
     repo = "svgo";
     tag = "v${finalAttrs.version}";
-    hash = "sha256-eSttRNHxcZquIxrTogk+7YS7rhp083qnOwJI71cmO20=";
+    hash = "sha256-HYI3E14MN0XhREQMYkhLB1gZOBtrpjayC1RyVEhvkOU=";
   };
 
   missingHashes = ./missing-hashes.json;
 
   offlineCache = yarn-berry.fetchYarnBerryDeps {
     inherit (finalAttrs) src missingHashes;
-    hash = "sha256-DrIbnm0TWviCfylCI/12XYsx7YOIk7JFVV18Q4dImwU=";
+    hash = "sha256-oBWUTYlMa3wi7TYAOTXSNBbSMiAZI6APXZvPyQzoPbM=";
   };
 
   nativeBuildInputs = [