Unverified Commit f18a3a22 authored by Ethan Carter Edwards's avatar Ethan Carter Edwards
Browse files

dep-scan: bump, fix error when scanning projects 



This version is required in order to can use manifest v6 of vdb.

It also requires access to the cdxgen binary.

Signed-off-by: default avatarEthan Carter Edwards <ethan@ethancedwards.com>
parent 46879c2c

pkgs/by-name/de/dep-scan/package.nix

+29 −25
Original line number Diff line number Diff line 
{

  lib,

  fetchFromGitHub,

  python3,

  python3Packages,

  writableTmpDirAsHomeHook,

  makeWrapper,

  cdxgen,

}:



let

  appthreat-vulnerability-db = (

    python3.pkgs.appthreat-vulnerability-db.overrideAttrs (oldAttrs: rec {

      version = "5.8.1";

      src = oldAttrs.src.override {

        tag = "v${version}";

        hash = "sha256-/Yo0yyDp2vd9KJhy3LGRml55eqTiaHSSuSoe2h2bSw0=";

      };

    })

  );



in

python3.pkgs.buildPythonApplication rec {

python3Packages.buildPythonApplication rec {

  pname = "dep-scan";

  version = "5.5.0";

  version = "6.0.0b3";

  pyproject = true;



  src = fetchFromGitHub {

    owner = "owasp-dep-scan";

    repo = "dep-scan";

    tag = "v${version}";

    hash = "sha256-lgqS8GY5JuHL3strNcb0B3mGieFkQTzGuRyV4dBp5e4=";

    hash = "sha256-GdrFsECcBZ2J47ojM33flqOtrY3avchGpsZk6pt8Aks=";

  };



  pythonRelaxDeps = [ "oras" ];



  build-system = with python3.pkgs; [ setuptools ];

  build-system = with python3Packages; [ setuptools ];



  dependencies = with python3.pkgs; [

  dependencies = with python3Packages; [

    appthreat-vulnerability-db

    custom-json-diff

    cvss

    defusedxml

    ds-analysis-lib

    ds-reporting-lib

    ds-xbom-lib

    jinja2

    oras

    packageurl-python
@@ -47,23 +40,34 @@ python3.pkgs.buildPythonApplication rec { 
    toml

  ];



  nativeCheckInputs = with python3.pkgs; [

  nativeCheckInputs = with python3Packages; [

    httpretty

    pytest-cov-stub

    pytestCheckHook

    writableTmpDirAsHomeHook

  ];



  pythonImportsCheck = [ "depscan" ];



  preCheck = ''

    export HOME=$(mktemp -d)

  '';



  disabledTests = [

    # Test is not present

    "test_query_metadata2"

  ];



  # depscan --src shiftleft/scan-slim -o containertests -t docker

  #

  # WARNING [2025-07-28 20:17:35,654] cdxgen command not found. Please install using npm install @cyclonedx/cdxgen or set PATH variable

  # WARNING [2025-07-28 20:17:35,654] /nix/store/56bxjw4rgdqa82f61w70z92qq6b14ass-dep-scan-5.5.0/lib/python3.13/site-packages/depscan/lib/local_bin/cdxgen command not found. Please install using npm install @cyclonedx/cdxgen or set PATH variable

  # INFO [2025-07-28 20:17:35,654] Generating Software Bill-of-Materials for container image shiftleft/scan-slim. This might take a few mins ...

  # WARNING [2025-07-28 20:17:35,654] Unable to locate cdxgen command.

  makeWrapperArgs = [

    "--prefix PATH : ${

      lib.makeBinPath [

        cdxgen

      ]

    }"

  ];



  meta = {

    description = "Security and risk audit tool based on known vulnerabilities, advisories, and license limitations for project dependencies";

    homepage = "https://github.com/owasp-dep-scan/dep-scan";