Merge pull request #242640 from qbit/govulncheck-0.2.0

This commit is contained in:
Sandro 2023-07-11 10:57:24 +02:00 committed by GitHub
commit c35a9050ef
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -1,37 +1,22 @@
{ lib, buildGoModule, fetchFromGitHub }:
buildGoModule {
buildGoModule rec {
pname = "govulncheck";
version = "unstable-2023-03-22";
version = "0.2.0";
src = fetchFromGitHub {
owner = "golang";
repo = "vuln";
rev = "f2d9b5a6e023e7cd80347eb7ebca02ae19b28903";
sha256 = "sha256-zaeCEgFlv3Oxm4dIT/Evevww05JYEecekXO9UtIKLkU=";
rev = "v${version}";
sha256 = "sha256-0lb1GwOcEpchT3TkdSve335bjYbVsuVzq1SvCDwtX/Q=";
};
vendorSha256 = "sha256-RxdiZ3NN+EWVCiBPI0VIDuRI1/h4rnU4KCNn2WwZL7Q=";
vendorSha256 = "sha256-r9XshbgVA5rppJF46SFYPad344ZHMLWTHTnL6vbIFH8=";
subPackages = [ "cmd/govulncheck" ];
preCheck = ''
# test all paths
unset subPackages
# remove test that calls checks.bash
# the header check and misspell gets upset at the vendor dir
rm all_test.go
# remove tests that generally have "inconsistent vendoring" issues
# - tries to builds govulncheck again
rm cmd/govulncheck/main_command_118_test.go
# - does go builds of example go files
rm internal/vulncheck/binary_test.go
# - just have resolution issues
rm internal/vulncheck/{source,vulncheck}_test.go
rm internal/govulncheck/callstacks_test.go
'';
# Vendoring breaks tests
doCheck = false;
ldflags = [ "-s" "-w" ];