Merge pull request #302035 from fabaff/appthreat-vulnerability-db-bump

{ lib

, python3

, fetchFromGitHub

{

  lib,

  fetchFromGitHub,

  python3,

}:

python3.pkgs.buildPythonApplication rec {

  pname = "dep-scan";

  version = "5.2.14";

  version = "5.3.2";

  pyproject = true;

  src = fetchFromGitHub {

    owner = "owasp-dep-scan";

    repo = "dep-scan";

    rev = "refs/tags/v${version}";

    hash = "sha256-G8i/tGEDgjPnIP04nrbx4HseiaU6N1GJGSg78yhaqII=";

    hash = "sha256-2WV4f9vHdfnzoQWvwK/+lT9IS0v0sGBqnwDFHWG48G4=";

  };

  postPatch = ''

    substituteInPlace pytest.ini \

      --replace-fail " --cov-append --cov-report term --cov depscan" ""

    # Already fixed by upstream

    substituteInPlace pyproject.toml \

      --replace-fail "==5.6.4" ">=5.6.4"

  '';

  build-system = with python3.pkgs; [

    setuptools

  ];

  build-system = with python3.pkgs; [ setuptools ];

  dependencies = with python3.pkgs; [

    appthreat-vulnerability-db

    pytestCheckHook

  ];

  pythonImportsCheck = [

    "depscan"

  ];

  pythonImportsCheck = [ "depscan" ];

  preCheck = ''

    export HOME=$(mktemp -d)

{ lib

, appdirs

, buildPythonPackage

, cvss

, fetchFromGitHub

, httpx

, msgpack

, orjson

, packageurl-python

, pytestCheckHook

, pythonOlder

, pythonRelaxDepsHook

, semver

, setuptools

, tabulate

{

  lib,

  appdirs,

  buildPythonPackage,

  cvss,

  fetchFromGitHub,

  httpx,

  msgpack,

  orjson,

  packageurl-python,

  pytestCheckHook,

  pythonOlder,

  pythonRelaxDepsHook,

  semver,

  setuptools,

  tabulate,

}:

buildPythonPackage rec {

  pname = "appthreat-vulnerability-db";

  version = "5.6.6";

  version = "5.6.7";

  pyproject = true;

  disabled = pythonOlder "3.10";

    owner = "AppThreat";

    repo = "vulnerability-db";

    rev = "refs/tags/v${version}";

    hash = "sha256-wVl2C1AG9LbSh/p95fstJyJr6JnhZFIhNvq8mhpg13Q=";

    hash = "sha256-/QzK+su+g2ESZ81C0coxKf13WOUVz1GyfJbOrO7fS98=";

  };

  postPatch = ''

    "semver"

  ];

  build-system = [

    setuptools

  ];

  build-system = [ setuptools ];

  nativeBuildInputs = [

    pythonRelaxDepsHook

  ];

  nativeBuildInputs = [ pythonRelaxDepsHook ];

  dependencies = [

    appdirs

    tabulate

  ] ++ httpx.optional-dependencies.http2;

  nativeCheckInputs = [

    pytestCheckHook

  ];

  nativeCheckInputs = [ pytestCheckHook ];

  preCheck = ''

    export HOME=$(mktemp -d);

    "test_download_recent"

  ];

  pythonImportsCheck = [

    "vdb"

  ];

  pythonImportsCheck = [ "vdb" ];

  meta = with lib; {

    description = "Vulnerability database and package search for sources such as OSV, NVD, GitHub and npm";

{ lib

, buildPythonPackage

, fetchFromGitHub

, sqlite

, isPyPy

, python

{

  lib,

  buildPythonPackage,

  fetchFromGitHub,

  python,

  pythonOlder,

  setuptools,

  sqlite,

}:

buildPythonPackage rec {

  pname = "apsw";

  version = "3.45.2.0";

  format = "setuptools";

  pyproject = true;

  disabled = isPyPy;

  disabled = pythonOlder "3.8";

  src = fetchFromGitHub {

    owner = "rogerbinns";

    hash = "sha256-tTi3/10W4OoGH6PQVhvPWc5o09on5BZrWoAvrfh4C/E=";

  };

  buildInputs = [

    sqlite

  ];

  build-system = [ setuptools ];

  buildInputs = [ sqlite ];

  # Project uses custom test setup to exclude some tests by default, so using pytest

  # requires more maintenance

    ${python.interpreter} setup.py test

  '';

  pythonImportsCheck = [

    "apsw"

  ];

  pythonImportsCheck = [ "apsw" ];

  meta = with lib; {

    description = "A Python wrapper for the SQLite embedded relational database engine";

    homepage = "https://github.com/rogerbinns/apsw";

    changelog = "https://github.com/rogerbinns/apsw/releases/tag/${version}";

    license = licenses.zlib;

    maintainers = with maintainers; [ gador ];

  };

{ lib

, fetchFromGitHub

, python3

}:

python3.pkgs.buildPythonApplication rec {

  pname = "appthreat-depscan";

  version = "3.6.0";

  src = fetchFromGitHub {

    owner = "AppThreat";

    repo = "dep-scan";

    rev = "refs/tags/v${version}";

    hash = "sha256-U8vHwdL1O54X0jPhcjTN/J1U7dKQgFEMfc6lbXe2Ff0=";

  };

  propagatedBuildInputs = with python3.pkgs; [

    appthreat-vulnerability-db

    defusedxml

    pyyaml

    rich

  ];

  nativeCheckInputs = with python3.pkgs; [

    pytestCheckHook

  ];

  postPatch = ''

    substituteInPlace pytest.ini \

      --replace " --cov-append --cov-report term --cov depscan" ""

  '';

  preCheck = ''

    export HOME=$(mktemp -d);

  '';

  disabledTests = [

    # Assertion Error

    "test_query_metadata2"

  ];

  pythonImportsCheck = [

    "depscan"

  ];

  meta = with lib; {

    description = "Tool to audit dependencies based on known vulnerabilities and advisories";

    homepage = "https://github.com/AppThreat/dep-scan";

    changelog = "https://github.com/AppThreat/dep-scan/releases/tag/v${version}";

    license = with licenses; [ mit ];

    maintainers = with maintainers; [ fab ];

  };

}

  ansible_2_13 = throw "Ansible 2.13 goes end of life in 2023/11"; # Added 2023-12-30

  apacheAnt_1_9 = throw "Ant 1.9 has been removed since it's not used in nixpkgs anymore"; # Added 2023-11-12

  antimicroX = antimicrox; # Added 2021-10-31

  appthreat-depscan = dep-scan; # Added 2024-04-10

  arcanPackages = throw "arcanPackages was removed and its sub-attributes were promoted to top-level"; # Added 2023-11-26

  archiveopteryx = throw "archiveopteryx depended on an unsupported version of OpenSSL and was unmaintained"; # Added 2024-01-03

  ardour_6 = throw "ardour_6 has been removed in favor of newer versions"; # Added 2023-10-13