nixpkgs/pkgs/development/tools/analysis/cvehound/default.nix

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

47 lines
1.0 KiB
Nix
Raw Normal View History

{ lib
, fetchFromGitHub
, coccinelle
, gnugrep
, python3
}:
python3.pkgs.buildPythonApplication rec {
2021-09-23 11:42:59 +00:00
pname = "cvehound";
2022-06-05 00:58:36 +00:00
version = "1.1.0";
2021-09-23 11:42:59 +00:00
src = fetchFromGitHub {
owner = "evdenis";
repo = "cvehound";
2022-06-05 00:58:36 +00:00
rev = "refs/tags/${version}";
hash = "sha256-4+0Virpsq4mwOIpostS87VYTX8hsumXEL1w8FiOrNtA=";
2021-09-23 11:42:59 +00:00
};
makeWrapperArgs = [
"--prefix PATH : ${lib.makeBinPath [ coccinelle gnugrep ]}"
];
propagatedBuildInputs = with python3.pkgs; [
lxml
2021-09-23 11:42:59 +00:00
setuptools
sympy
];
checkInputs = with python3.pkgs; [
2021-09-23 11:42:59 +00:00
GitPython
psutil
2021-09-23 11:42:59 +00:00
pytestCheckHook
];
# Tries to clone the kernel sources
doCheck = false;
meta = with lib; {
description = "Tool to check linux kernel source dump for known CVEs";
2021-09-23 11:42:59 +00:00
homepage = "https://github.com/evdenis/cvehound";
changelog = "https://github.com/evdenis/cvehound/blob/${src.rev}/ChangeLog";
2021-09-23 11:42:59 +00:00
# See https://github.com/evdenis/cvehound/issues/22
license = with licenses; [ gpl2Only gpl3Plus ];
2021-09-23 11:42:59 +00:00
maintainers = with maintainers; [ ambroisie ];
};
}