Loading pkgs/by-name/cs/csaf-tool/package.nix 0 → 100644 +5 −0 Original line number Diff line number Diff line { python3Packages, }: python3Packages.toPythonApplication python3Packages.csaf-tool pkgs/development/python-modules/csaf-tool/default.nix 0 → 100644 +47 −0 Original line number Diff line number Diff line { lib, buildPythonPackage, fetchFromGitHub, packageurl-python, pythonOlder, rich, setuptools, versionCheckHook, }: buildPythonPackage rec { pname = "csaf-tool"; version = "0.3.2"; pyproject = true; disabled = pythonOlder "3.6"; src = fetchFromGitHub { owner = "anthonyharrison"; repo = "csaf"; tag = "${version}"; hash = "sha256-LR6r03z0nvvAQgFHaTWfukoJmLZ6SLPXfbp/G8N/HtM="; }; build-system = [ setuptools ]; dependencies = [ packageurl-python rich ]; # has not tests doCheck = false; pythonImportsCheck = [ "csaf" ]; nativeCheckInputs = [ versionCheckHook ]; meta = with lib; { description = "CSAF generator and validator"; homepage = "https://github.com/anthonyharrison/csaf"; changelog = "https://github.com/anthonyharrison/csaf/releases/tag/${src.tag}"; license = licenses.asl20; maintainers = with maintainers; [ teatwig ]; }; } pkgs/development/python-modules/lib4sbom/default.nix +3 −3 Original line number Diff line number Diff line Loading @@ -12,7 +12,7 @@ buildPythonPackage rec { pname = "lib4sbom"; version = "0.8.1"; version = "0.8.3"; pyproject = true; disabled = pythonOlder "3.7"; Loading @@ -21,7 +21,7 @@ buildPythonPackage rec { owner = "anthonyharrison"; repo = "lib4sbom"; tag = "v${version}"; hash = "sha256-OxYYHiV7TuPiLyd/rdrGfY3agv0vBcATaod37XYb7DY="; hash = "sha256-7ERjzfMIz1tRvShxO2hR+DzRYyfV3KxpHmgJTLErnRw="; }; build-system = [ setuptools ]; Loading Loading @@ -60,7 +60,7 @@ buildPythonPackage rec { meta = with lib; { description = "Library to ingest and generate SBOMs"; homepage = "https://github.com/anthonyharrison/lib4sbom"; changelog = "https://github.com/anthonyharrison/lib4sbom/releases/tag/v${version}"; changelog = "https://github.com/anthonyharrison/lib4sbom/releases/tag/${src.tag}"; license = licenses.asl20; maintainers = with maintainers; [ teatwig ]; }; Loading pkgs/development/python-modules/lib4vex/default.nix 0 → 100644 +46 −0 Original line number Diff line number Diff line { lib, buildPythonPackage, fetchFromGitHub, csaf-tool, lib4sbom, packageurl-python, pythonOlder, setuptools, }: buildPythonPackage rec { pname = "lib4vex"; version = "0.2.0"; pyproject = true; disabled = pythonOlder "3.7"; src = fetchFromGitHub { owner = "anthonyharrison"; repo = "lib4vex"; tag = "v${version}"; hash = "sha256-mR9ZpJDC2O04js3Kd/8qlg4Ds/jy2CmpTywRVYqmnQw="; }; build-system = [ setuptools ]; dependencies = [ csaf-tool lib4sbom packageurl-python ]; # has no tests doCheck = false; pythonImportsCheck = [ "lib4vex" ]; meta = with lib; { description = "Library to ingest and generate VEX documents"; homepage = "https://github.com/anthonyharrison/lib4vex"; changelog = "https://github.com/anthonyharrison/lib4vex/releases/tag/${src.tag}"; license = licenses.asl20; maintainers = with maintainers; [ teatwig ]; }; } pkgs/tools/security/cve-bin-tool/default.nix +42 −21 Original line number Diff line number Diff line Loading @@ -2,64 +2,68 @@ lib, buildPythonApplication, fetchFromGitHub, # aiohttp[speedups] aiodns, # build-system setuptools, # dependencies aiohttp, beautifulsoup4, brotlipy, cvss, distro, filetype, google-cloud-sdk, jinja2, jsonschema, lib4sbom, lib4vex, packageurl-python, packaging, plotly, pytestCheckHook, python-gnupg, pyyaml, requests, rich, rpmfile, setuptools, xmlschema, zipp, zstandard, # optional-dependencies reportlab, pip, testers, cve-bin-tool, # runtime-dependencies google-cloud-sdk, # tests versionCheckHook, }: buildPythonApplication rec { pname = "cve-bin-tool"; version = "3.3"; format = "setuptools"; version = "3.4"; pyproject = true; src = fetchFromGitHub { owner = "intel"; repo = "cve-bin-tool"; tag = "v${version}"; hash = "sha256-A5w4U5EDX+UZWNMuz8GTOcubo8N2KfDlVV0aRNsO8/E="; hash = "sha256-pv8XjKjZBUw5FmmUn1dakGeS1uw2xzF3wSIZOYQ2/3c="; }; # Wants to open a sqlite database, access the internet, etc doCheck = false; build-system = [ setuptools ]; dependencies = [ # aiohttp[speedups] aiodns aiohttp beautifulsoup4 brotlipy cvss distro filetype google-cloud-sdk # gsutil jinja2 jsonschema lib4sbom lib4vex packageurl-python packaging plotly Loading @@ -70,24 +74,41 @@ buildPythonApplication rec { rpmfile setuptools xmlschema zipp zstandard ]; ] ++ aiohttp.optional-dependencies.speedups; optional-dependencies = { pdf = [ reportlab ]; }; propagatedBuildInputs = [ pip ]; pythonRemoveDeps = [ # gsutil is only called as a binary at runtime instead of being used as a library "gsutil" ]; nativeCheckInputs = [ pytestCheckHook ] ++ lib.flatten (lib.attrValues optional-dependencies); # don't run pytestCheckHook because it wants to open a sqlite database, access the internet, etc nativeCheckInputs = [ versionCheckHook ] ++ lib.flatten (lib.attrValues optional-dependencies); pythonImportsCheck = [ "cve_bin_tool" ]; pythonImportsCheck = [ "cve_bin_tool" "cve_bin_tool.mismatch_loader" ]; passthru.tests.version = testers.testVersion { package = cve-bin-tool; }; # provide gsutil makeWrapperArgs = [ "--prefix" "PATH" ":" (lib.makeBinPath [ google-cloud-sdk ]) ]; meta = with lib; { description = "CVE Binary Checker Tool"; homepage = "https://github.com/intel/cve-bin-tool"; changelog = "https://github.com/intel/cve-bin-tool/releases/tag/${src.tag}"; license = licenses.gpl3Plus; maintainers = [ ]; }; Loading Loading
pkgs/by-name/cs/csaf-tool/package.nix 0 → 100644 +5 −0 Original line number Diff line number Diff line { python3Packages, }: python3Packages.toPythonApplication python3Packages.csaf-tool
pkgs/development/python-modules/csaf-tool/default.nix 0 → 100644 +47 −0 Original line number Diff line number Diff line { lib, buildPythonPackage, fetchFromGitHub, packageurl-python, pythonOlder, rich, setuptools, versionCheckHook, }: buildPythonPackage rec { pname = "csaf-tool"; version = "0.3.2"; pyproject = true; disabled = pythonOlder "3.6"; src = fetchFromGitHub { owner = "anthonyharrison"; repo = "csaf"; tag = "${version}"; hash = "sha256-LR6r03z0nvvAQgFHaTWfukoJmLZ6SLPXfbp/G8N/HtM="; }; build-system = [ setuptools ]; dependencies = [ packageurl-python rich ]; # has not tests doCheck = false; pythonImportsCheck = [ "csaf" ]; nativeCheckInputs = [ versionCheckHook ]; meta = with lib; { description = "CSAF generator and validator"; homepage = "https://github.com/anthonyharrison/csaf"; changelog = "https://github.com/anthonyharrison/csaf/releases/tag/${src.tag}"; license = licenses.asl20; maintainers = with maintainers; [ teatwig ]; }; }
pkgs/development/python-modules/lib4sbom/default.nix +3 −3 Original line number Diff line number Diff line Loading @@ -12,7 +12,7 @@ buildPythonPackage rec { pname = "lib4sbom"; version = "0.8.1"; version = "0.8.3"; pyproject = true; disabled = pythonOlder "3.7"; Loading @@ -21,7 +21,7 @@ buildPythonPackage rec { owner = "anthonyharrison"; repo = "lib4sbom"; tag = "v${version}"; hash = "sha256-OxYYHiV7TuPiLyd/rdrGfY3agv0vBcATaod37XYb7DY="; hash = "sha256-7ERjzfMIz1tRvShxO2hR+DzRYyfV3KxpHmgJTLErnRw="; }; build-system = [ setuptools ]; Loading Loading @@ -60,7 +60,7 @@ buildPythonPackage rec { meta = with lib; { description = "Library to ingest and generate SBOMs"; homepage = "https://github.com/anthonyharrison/lib4sbom"; changelog = "https://github.com/anthonyharrison/lib4sbom/releases/tag/v${version}"; changelog = "https://github.com/anthonyharrison/lib4sbom/releases/tag/${src.tag}"; license = licenses.asl20; maintainers = with maintainers; [ teatwig ]; }; Loading
pkgs/development/python-modules/lib4vex/default.nix 0 → 100644 +46 −0 Original line number Diff line number Diff line { lib, buildPythonPackage, fetchFromGitHub, csaf-tool, lib4sbom, packageurl-python, pythonOlder, setuptools, }: buildPythonPackage rec { pname = "lib4vex"; version = "0.2.0"; pyproject = true; disabled = pythonOlder "3.7"; src = fetchFromGitHub { owner = "anthonyharrison"; repo = "lib4vex"; tag = "v${version}"; hash = "sha256-mR9ZpJDC2O04js3Kd/8qlg4Ds/jy2CmpTywRVYqmnQw="; }; build-system = [ setuptools ]; dependencies = [ csaf-tool lib4sbom packageurl-python ]; # has no tests doCheck = false; pythonImportsCheck = [ "lib4vex" ]; meta = with lib; { description = "Library to ingest and generate VEX documents"; homepage = "https://github.com/anthonyharrison/lib4vex"; changelog = "https://github.com/anthonyharrison/lib4vex/releases/tag/${src.tag}"; license = licenses.asl20; maintainers = with maintainers; [ teatwig ]; }; }
pkgs/tools/security/cve-bin-tool/default.nix +42 −21 Original line number Diff line number Diff line Loading @@ -2,64 +2,68 @@ lib, buildPythonApplication, fetchFromGitHub, # aiohttp[speedups] aiodns, # build-system setuptools, # dependencies aiohttp, beautifulsoup4, brotlipy, cvss, distro, filetype, google-cloud-sdk, jinja2, jsonschema, lib4sbom, lib4vex, packageurl-python, packaging, plotly, pytestCheckHook, python-gnupg, pyyaml, requests, rich, rpmfile, setuptools, xmlschema, zipp, zstandard, # optional-dependencies reportlab, pip, testers, cve-bin-tool, # runtime-dependencies google-cloud-sdk, # tests versionCheckHook, }: buildPythonApplication rec { pname = "cve-bin-tool"; version = "3.3"; format = "setuptools"; version = "3.4"; pyproject = true; src = fetchFromGitHub { owner = "intel"; repo = "cve-bin-tool"; tag = "v${version}"; hash = "sha256-A5w4U5EDX+UZWNMuz8GTOcubo8N2KfDlVV0aRNsO8/E="; hash = "sha256-pv8XjKjZBUw5FmmUn1dakGeS1uw2xzF3wSIZOYQ2/3c="; }; # Wants to open a sqlite database, access the internet, etc doCheck = false; build-system = [ setuptools ]; dependencies = [ # aiohttp[speedups] aiodns aiohttp beautifulsoup4 brotlipy cvss distro filetype google-cloud-sdk # gsutil jinja2 jsonschema lib4sbom lib4vex packageurl-python packaging plotly Loading @@ -70,24 +74,41 @@ buildPythonApplication rec { rpmfile setuptools xmlschema zipp zstandard ]; ] ++ aiohttp.optional-dependencies.speedups; optional-dependencies = { pdf = [ reportlab ]; }; propagatedBuildInputs = [ pip ]; pythonRemoveDeps = [ # gsutil is only called as a binary at runtime instead of being used as a library "gsutil" ]; nativeCheckInputs = [ pytestCheckHook ] ++ lib.flatten (lib.attrValues optional-dependencies); # don't run pytestCheckHook because it wants to open a sqlite database, access the internet, etc nativeCheckInputs = [ versionCheckHook ] ++ lib.flatten (lib.attrValues optional-dependencies); pythonImportsCheck = [ "cve_bin_tool" ]; pythonImportsCheck = [ "cve_bin_tool" "cve_bin_tool.mismatch_loader" ]; passthru.tests.version = testers.testVersion { package = cve-bin-tool; }; # provide gsutil makeWrapperArgs = [ "--prefix" "PATH" ":" (lib.makeBinPath [ google-cloud-sdk ]) ]; meta = with lib; { description = "CVE Binary Checker Tool"; homepage = "https://github.com/intel/cve-bin-tool"; changelog = "https://github.com/intel/cve-bin-tool/releases/tag/${src.tag}"; license = licenses.gpl3Plus; maintainers = [ ]; }; Loading
