nixpkgs/pkgs/tools/security/cve-bin-tool/default.nix

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

102 lines
1.6 KiB
Nix
Raw Normal View History

{ lib
, buildPythonApplication
, fetchFromGitHub
# aiohttp[speedups]
, aiodns
, aiohttp
, beautifulsoup4
, brotlipy
, cvss
, distro
2024-05-03 17:07:34 +00:00
, filetype
, google-cloud-sdk
, jinja2
, jsonschema
2024-05-03 17:07:34 +00:00
, lib4sbom
, packageurl-python
, packaging
, plotly
, pytestCheckHook
, python-gnupg
, pyyaml
, requests
, rich
, rpmfile
, setuptools
, xmlschema
, zstandard
, reportlab
, pip
, testers
, cve-bin-tool
}:
buildPythonApplication rec {
pname = "cve-bin-tool";
2024-05-03 17:07:34 +00:00
version = "3.3";
format = "setuptools";
src = fetchFromGitHub {
owner = "intel";
repo = "cve-bin-tool";
2022-12-09 19:47:49 +00:00
rev = "refs/tags/v${version}";
2024-05-03 17:07:34 +00:00
hash = "sha256-A5w4U5EDX+UZWNMuz8GTOcubo8N2KfDlVV0aRNsO8/E=";
};
# Wants to open a sqlite database, access the internet, etc
doCheck = false;
dependencies = [
# aiohttp[speedups]
aiodns
aiohttp
beautifulsoup4
brotlipy
cvss
distro
2024-05-03 17:07:34 +00:00
filetype
google-cloud-sdk # gsutil
jinja2
jsonschema
2024-05-03 17:07:34 +00:00
lib4sbom
packageurl-python
packaging
plotly
python-gnupg
pyyaml
requests
rich
rpmfile
setuptools
xmlschema
zstandard
];
optional-dependencies = {
pdf = [
reportlab
];
};
propagatedBuildInputs = [
pip
];
nativeCheckInputs = [
pytestCheckHook
] ++ lib.flatten (lib.attrValues optional-dependencies);
pythonImportsCheck = [
"cve_bin_tool"
];
passthru.tests.version = testers.testVersion { package = cve-bin-tool; };
meta = with lib; {
description = "CVE Binary Checker Tool";
homepage = "https://github.com/intel/cve-bin-tool";
license = licenses.gpl3Plus;
2023-03-22 14:12:17 +00:00
maintainers = [ ];
};
}