nixpkgs/pkgs/tools/security/bundler-audit/default.nix

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

30 lines
983 B
Nix
Raw Normal View History

{ bundlerEnv, ruby, lib, bundlerUpdateScript }:
2019-04-02 15:21:22 +00:00
bundlerEnv rec {
name = "${pname}-${version}";
pname = "bundler-audit";
version = (import ./gemset.nix).bundler-audit.version;
inherit ruby;
gemdir = ./.;
passthru.updateScript = bundlerUpdateScript "bundler-audit";
2019-04-02 15:21:22 +00:00
meta = with lib; {
description = "Patch-level verification for Bundler";
longDescription = ''
Features:
- Checks for vulnerable versions of gems in Gemfile.lock.
- Checks for insecure gem sources (http://).
- Allows ignoring certain advisories that have been manually worked around.
- Prints advisory information.
- Does not require a network connection.
'';
homepage = "https://github.com/rubysec/bundler-audit";
2020-06-13 13:15:10 +00:00
changelog = "https://github.com/rubysec/bundler-audit/blob/v${version}/ChangeLog.md";
2019-04-02 15:21:22 +00:00
license = licenses.gpl3Plus;
maintainers = with maintainers; [ primeos nicknovitski ];
2019-04-02 15:21:22 +00:00
platforms = platforms.unix;
};
}