sbomnix: 1.4.5 -> 1.6.1
Signed-off-by: Henri Rosten <henri.rosten@unikie.com>
This commit is contained in:
parent
4269d8e8e6
commit
70cabcb4d5
|
@ -1,53 +1,85 @@
|
||||||
{ lib
|
{ lib
|
||||||
, fetchFromGitHub
|
, fetchFromGitHub
|
||||||
, coreutils
|
, grype
|
||||||
, curl
|
|
||||||
, gnugrep
|
|
||||||
, gnused
|
|
||||||
, gzip
|
|
||||||
, nix
|
, nix
|
||||||
|
, nix-visualize
|
||||||
, python
|
, python
|
||||||
# python libs
|
, vulnix
|
||||||
|
, # python libs
|
||||||
|
beautifulsoup4
|
||||||
, colorlog
|
, colorlog
|
||||||
|
, dfdiskcache
|
||||||
, graphviz
|
, graphviz
|
||||||
, numpy
|
, numpy
|
||||||
, packageurl-python
|
, packageurl-python
|
||||||
|
, packaging
|
||||||
, pandas
|
, pandas
|
||||||
|
, pyrate-limiter
|
||||||
, requests
|
, requests
|
||||||
|
, requests-cache
|
||||||
|
, requests-ratelimiter
|
||||||
, reuse
|
, reuse
|
||||||
|
, setuptools
|
||||||
, tabulate
|
, tabulate
|
||||||
|
,
|
||||||
}:
|
}:
|
||||||
|
|
||||||
python.pkgs.buildPythonApplication rec {
|
python.pkgs.buildPythonApplication rec {
|
||||||
pname = "sbomnix";
|
pname = "sbomnix";
|
||||||
version = "1.4.5";
|
version = "1.6.1";
|
||||||
|
pyproject = true;
|
||||||
|
|
||||||
src = fetchFromGitHub {
|
src = fetchFromGitHub {
|
||||||
owner = "tiiuae";
|
owner = "tiiuae";
|
||||||
repo = pname;
|
repo = "sbomnix";
|
||||||
rev = "refs/tags/v${version}";
|
rev = "refs/tags/v${version}";
|
||||||
hash = "sha256-RxDFxVGivVBw2uhtzf231Q2HHTBFKSqGrknr2Es/ygM=";
|
hash = "sha256-kPjCK9NEs3D0qFsSSVX6MYGKbwqeij0svTfzz5JC4qM=";
|
||||||
|
|
||||||
|
# Remove documentation as it contains references to nix store
|
||||||
|
postFetch = ''
|
||||||
|
rm -fr "$out"/doc
|
||||||
|
find "$out" -name '*.md' ! -name "README.md" -exec rm -f '{}' \;
|
||||||
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
makeWrapperArgs = [
|
postInstall = ''
|
||||||
"--prefix PATH : ${lib.makeBinPath [ coreutils curl gnugrep gnused gzip graphviz nix ]}"
|
wrapProgram $out/bin/sbomnix \
|
||||||
];
|
--prefix PATH : ${lib.makeBinPath [nix graphviz]}
|
||||||
|
wrapProgram $out/bin/nixgraph \
|
||||||
|
--prefix PATH : ${lib.makeBinPath [nix graphviz]}
|
||||||
|
wrapProgram $out/bin/vulnxscan \
|
||||||
|
--prefix PATH : ${lib.makeBinPath [grype nix vulnix]}
|
||||||
|
wrapProgram $out/bin/nix_outdated \
|
||||||
|
--prefix PATH : ${lib.makeBinPath [nix-visualize]}
|
||||||
|
wrapProgram $out/bin/provenance \
|
||||||
|
--prefix PATH : ${lib.makeBinPath [nix]}
|
||||||
|
'';
|
||||||
|
|
||||||
|
nativeBuildInputs = [ setuptools ];
|
||||||
|
|
||||||
propagatedBuildInputs = [
|
propagatedBuildInputs = [
|
||||||
|
beautifulsoup4
|
||||||
colorlog
|
colorlog
|
||||||
|
dfdiskcache
|
||||||
graphviz
|
graphviz
|
||||||
numpy
|
numpy
|
||||||
packageurl-python
|
packageurl-python
|
||||||
|
packaging
|
||||||
pandas
|
pandas
|
||||||
|
pyrate-limiter
|
||||||
requests
|
requests
|
||||||
|
requests-cache
|
||||||
|
requests-ratelimiter
|
||||||
reuse
|
reuse
|
||||||
tabulate
|
tabulate
|
||||||
];
|
];
|
||||||
|
|
||||||
pythonImportsCheck = [ "sbomnix" ];
|
pythonImportsCheck = [ "sbomnix" ];
|
||||||
|
# Tests require network access
|
||||||
|
doCheck = false;
|
||||||
|
|
||||||
meta = with lib; {
|
meta = with lib; {
|
||||||
description = "Generate SBOMs for nix targets";
|
description = "Utilities to help with software supply chain challenges on nix targets";
|
||||||
homepage = "https://github.com/tiiuae/sbomnix";
|
homepage = "https://github.com/tiiuae/sbomnix";
|
||||||
license = with licenses; [ asl20 bsd3 cc-by-30 ];
|
license = with licenses; [ asl20 bsd3 cc-by-30 ];
|
||||||
maintainers = with maintainers; [ henrirosten jk ];
|
maintainers = with maintainers; [ henrirosten jk ];
|
||||||
|
|
Loading…
Reference in New Issue
Block a user