diff --git a/pkgs/tools/security/semgrep/common.nix b/pkgs/development/python-modules/semgrep/common.nix similarity index 100% rename from pkgs/tools/security/semgrep/common.nix rename to pkgs/development/python-modules/semgrep/common.nix diff --git a/pkgs/tools/security/semgrep/default.nix b/pkgs/development/python-modules/semgrep/default.nix similarity index 97% rename from pkgs/tools/security/semgrep/default.nix rename to pkgs/development/python-modules/semgrep/default.nix index 5baf13c2b833..939454a71975 100644 --- a/pkgs/tools/security/semgrep/default.nix +++ b/pkgs/development/python-modules/semgrep/default.nix @@ -1,7 +1,8 @@ { lib +, callPackage , fetchFromGitHub , semgrep-core -, buildPythonApplication +, buildPythonPackage , pythonPackages , pytestCheckHook @@ -15,7 +16,7 @@ let common = import ./common.nix { inherit lib; }; semgrepBinPath = lib.makeBinPath [ semgrep-core ]; in -buildPythonApplication rec { +buildPythonPackage rec { pname = "semgrep"; inherit (common) version; src = fetchFromGitHub { @@ -130,7 +131,7 @@ buildPythonApplication rec { ''; passthru = { - inherit common; + inherit common semgrep-core; submodulesSubset = lib.mapAttrs (k: args: fetchFromGitHub args) common.submodules; updateScript = ./update.sh; }; diff --git a/pkgs/tools/security/semgrep/semgrep-core.nix b/pkgs/development/python-modules/semgrep/semgrep-core.nix similarity index 100% rename from pkgs/tools/security/semgrep/semgrep-core.nix rename to pkgs/development/python-modules/semgrep/semgrep-core.nix diff --git a/pkgs/tools/security/semgrep/update.sh b/pkgs/development/python-modules/semgrep/update.sh similarity index 100% rename from pkgs/tools/security/semgrep/update.sh rename to pkgs/development/python-modules/semgrep/update.sh diff --git a/pkgs/development/python-modules/whispers/default.nix b/pkgs/development/python-modules/whispers/default.nix index 5ef1db19246b..ad550eafe520 100644 --- a/pkgs/development/python-modules/whispers/default.nix +++ b/pkgs/development/python-modules/whispers/default.nix @@ -13,6 +13,8 @@ pytestCheckHook, pythonOlder, pyyaml, + wrapt, + semgrep, setuptools, }: @@ -35,6 +37,12 @@ buildPythonPackage rec { --replace-fail '"pytest-runner"' "" ''; + pythonRelaxDeps = [ + "lxml" + "pyyaml" + "semgrep" + ]; + build-system = [ setuptools ]; dependencies = [ @@ -46,6 +54,8 @@ buildPythonPackage rec { luhn lxml pyyaml + wrapt + semgrep ]; nativeCheckInputs = [ @@ -53,7 +63,16 @@ buildPythonPackage rec { pytestCheckHook ]; + disabledTestPaths = [ + # pinning tests highly sensitive to semgrep version + "tests/unit/plugins/test_semgrep.py" + ]; + preCheck = '' + # pinning test highly sensitive to semgrep version + substituteInPlace tests/unit/test_main.py \ + --replace-fail '("--ast", 421),' "" + # Some tests need the binary available in PATH export PATH=$out/bin:$PATH ''; diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 7fd4ee0f3815..d66f3e35373e 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -11949,8 +11949,8 @@ with pkgs; semantic-release = callPackage ../development/tools/semantic-release { }; - semgrep = python3.pkgs.callPackage ../tools/security/semgrep { }; - semgrep-core = callPackage ../tools/security/semgrep/semgrep-core.nix { }; + semgrep = python3.pkgs.toPythonApplication python3.pkgs.semgrep; + inherit (semgrep.passthru) semgrep-core; setroot = callPackage ../tools/X11/setroot { }; diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index 48a04dffe93b..09df81c93322 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -14301,6 +14301,10 @@ self: super: with self; { semantic-version = callPackage ../development/python-modules/semantic-version { }; + semgrep = callPackage ../development/python-modules/semgrep { + semgrep-core = callPackage ../development/python-modules/semgrep/semgrep-core.nix { }; + }; + semaphore-bot = callPackage ../development/python-modules/semaphore-bot { }; semver = callPackage ../development/python-modules/semver { };