Merge pull request #274193 from fabaff/dep-scan

{ lib

, python3

, fetchFromGitHub

}:

python3.pkgs.buildPythonApplication rec {

  pname = "dep-scan";

  version = "5.0.2";

  pyproject = true;

  src = fetchFromGitHub {

    owner = "owasp-dep-scan";

    repo = "dep-scan";

    rev = "refs/tags/v${version}";

    hash = "sha256-qiJyGBGxznNF4LNG9fbmjG7wX0odhrUO2LxOWABtLQA=";

  };

  postPatch = ''

    substituteInPlace pytest.ini \

      --replace " --cov-append --cov-report term --cov depscan" ""

  '';

  nativeBuildInputs = with python3.pkgs; [

    setuptools

  ];

  propagatedBuildInputs = with python3.pkgs; [

    appthreat-vulnerability-db

    defusedxml

    jinja2

    oras

    pdfkit

    pygithub

    pyyaml

    quart

    rich

    toml

  ];

  nativeCheckInputs = with python3.pkgs; [

    httpretty

    pytestCheckHook

  ];

  pythonImportsCheck = [

    "depscan"

  ];

  preCheck = ''

    export HOME=$(mktemp -d)

  '';

  disabledTests = [

    # Test is not present

    "test_query_metadata2"

  ];

  meta = with lib; {

    description = "Security and risk audit tool based on known vulnerabilities, advisories, and license limitations for project dependencies";

    homepage = "https://github.com/owasp-dep-scan/dep-scan";

    changelog = "https://github.com/owasp-dep-scan/dep-scan/releases/tag/v${version}";

    license = licenses.mit;

    maintainers = with maintainers; [ fab ];

    mainProgram = "dep-scan";

  };

}

{ lib

, buildPythonPackage

, fetchFromGitHub

, jsonschema

, pytestCheckHook

, pythonOlder

, requests

, setuptools

}:

buildPythonPackage rec {

  pname = "oras";

  version = "0.1.26";

  pyproject = true;

  disabled = pythonOlder "3.7";

  src = fetchFromGitHub {

    owner = "oras-project";

    repo = "oras-py";

    rev = "refs/tags/${version}";

    hash = "sha256-t3098ZeAkwLhinyrFwmi7KKrFgZZKPN6qvp3REQNwG8=";

  };

  nativeBuildInputs = [

    setuptools

  ];

  propagatedBuildInputs = [

    jsonschema

    requests

  ];

  nativeCheckInputs = [

    pytestCheckHook

  ];

  pythonImportsCheck = [

    "oras"

  ];

  disabledTests = [

    # Test requires network access

    "test_get_many_tags"

  ];

  meta = with lib; {

    description = "ORAS Python SDK";

    homepage = "https://github.com/oras-project/oras-py";

    changelog = "https://github.com/oras-project/oras-py/blob/${version}/CHANGELOG.md";

    license = licenses.asl20;

    maintainers = with maintainers; [ fab ];

  };

}

  orange-widget-base = callPackage ../development/python-modules/orange-widget-base { };

  oras = callPackage ../development/python-modules/oras { };

  orderedmultidict = callPackage ../development/python-modules/orderedmultidict { };

  ordered-set = callPackage ../development/python-modules/ordered-set { };