Loading pkgs/tools/security/cve-bin-tool/default.nix +37 −19 Original line number Diff line number Diff line Loading @@ -2,15 +2,17 @@ lib, buildPythonApplication, fetchFromGitHub, # aiohttp[speedups] aiodns, # build-system setuptools, # dependencies aiohttp, beautifulsoup4, brotlipy, cvss, distro, filetype, google-cloud-sdk, jinja2, jsonschema, lib4sbom, Loading @@ -18,25 +20,29 @@ packageurl-python, packaging, plotly, pytestCheckHook, python-gnupg, pyyaml, requests, rich, rpmfile, setuptools, xmlschema, zipp, zstandard, # optional-dependencies reportlab, pip, testers, cve-bin-tool, # runtime-dependencies google-cloud-sdk, # tests versionCheckHook, }: buildPythonApplication rec { pname = "cve-bin-tool"; version = "3.4"; format = "setuptools"; pyproject = true; src = fetchFromGitHub { owner = "intel"; Loading @@ -45,19 +51,15 @@ buildPythonApplication rec { hash = "sha256-pv8XjKjZBUw5FmmUn1dakGeS1uw2xzF3wSIZOYQ2/3c="; }; # Wants to open a sqlite database, access the internet, etc doCheck = false; build-system = [ setuptools ]; dependencies = [ # aiohttp[speedups] aiodns aiohttp beautifulsoup4 brotlipy cvss distro filetype google-cloud-sdk # gsutil jinja2 jsonschema lib4sbom Loading @@ -72,20 +74,36 @@ buildPythonApplication rec { rpmfile setuptools xmlschema zipp zstandard ]; ] ++ aiohttp.optional-dependencies.speedups; optional-dependencies = { pdf = [ reportlab ]; }; propagatedBuildInputs = [ pip ]; pythonRemoveDeps = [ # gsutil is only called as a binary at runtime instead of being used as a library "gsutil" ]; nativeCheckInputs = [ pytestCheckHook ] ++ lib.flatten (lib.attrValues optional-dependencies); # don't run pytestCheckHook because it wants to open a sqlite database, access the internet, etc nativeCheckInputs = [ versionCheckHook ] ++ lib.flatten (lib.attrValues optional-dependencies); pythonImportsCheck = [ "cve_bin_tool" ]; pythonImportsCheck = [ "cve_bin_tool" "cve_bin_tool.mismatch_loader" ]; passthru.tests.version = testers.testVersion { package = cve-bin-tool; }; # provide gsutil makeWrapperArgs = [ "--prefix" "PATH" ":" (lib.makeBinPath [ google-cloud-sdk ]) ]; meta = with lib; { description = "CVE Binary Checker Tool"; Loading Loading
pkgs/tools/security/cve-bin-tool/default.nix +37 −19 Original line number Diff line number Diff line Loading @@ -2,15 +2,17 @@ lib, buildPythonApplication, fetchFromGitHub, # aiohttp[speedups] aiodns, # build-system setuptools, # dependencies aiohttp, beautifulsoup4, brotlipy, cvss, distro, filetype, google-cloud-sdk, jinja2, jsonschema, lib4sbom, Loading @@ -18,25 +20,29 @@ packageurl-python, packaging, plotly, pytestCheckHook, python-gnupg, pyyaml, requests, rich, rpmfile, setuptools, xmlschema, zipp, zstandard, # optional-dependencies reportlab, pip, testers, cve-bin-tool, # runtime-dependencies google-cloud-sdk, # tests versionCheckHook, }: buildPythonApplication rec { pname = "cve-bin-tool"; version = "3.4"; format = "setuptools"; pyproject = true; src = fetchFromGitHub { owner = "intel"; Loading @@ -45,19 +51,15 @@ buildPythonApplication rec { hash = "sha256-pv8XjKjZBUw5FmmUn1dakGeS1uw2xzF3wSIZOYQ2/3c="; }; # Wants to open a sqlite database, access the internet, etc doCheck = false; build-system = [ setuptools ]; dependencies = [ # aiohttp[speedups] aiodns aiohttp beautifulsoup4 brotlipy cvss distro filetype google-cloud-sdk # gsutil jinja2 jsonschema lib4sbom Loading @@ -72,20 +74,36 @@ buildPythonApplication rec { rpmfile setuptools xmlschema zipp zstandard ]; ] ++ aiohttp.optional-dependencies.speedups; optional-dependencies = { pdf = [ reportlab ]; }; propagatedBuildInputs = [ pip ]; pythonRemoveDeps = [ # gsutil is only called as a binary at runtime instead of being used as a library "gsutil" ]; nativeCheckInputs = [ pytestCheckHook ] ++ lib.flatten (lib.attrValues optional-dependencies); # don't run pytestCheckHook because it wants to open a sqlite database, access the internet, etc nativeCheckInputs = [ versionCheckHook ] ++ lib.flatten (lib.attrValues optional-dependencies); pythonImportsCheck = [ "cve_bin_tool" ]; pythonImportsCheck = [ "cve_bin_tool" "cve_bin_tool.mismatch_loader" ]; passthru.tests.version = testers.testVersion { package = cve-bin-tool; }; # provide gsutil makeWrapperArgs = [ "--prefix" "PATH" ":" (lib.makeBinPath [ google-cloud-sdk ]) ]; meta = with lib; { description = "CVE Binary Checker Tool"; Loading
