Merge pull request #302035 from fabaff/appthreat-vulnerability-db-bump

python312Packages.apsw: 3.45.1.0 -> 3.45.2.0, python312Packages.appthreat-vulnerability-db: 5.6.6 -> 5.6.7, dep-scan: 5.2.14 -> 5.3.2
2024-04-10 23:50:04 +02:00 · 2024-04-10 23:50:04 +02:00 · 9207dabe91
parent def4bb025d ee3702bff2
commit 9207dabe91
6 changed files with 46 additions and 112 deletions
--- a/pkgs/by-name/de/dep-scan/package.nix
+++ b/pkgs/by-name/de/dep-scan/package.nix
@ -1,31 +1,27 @@
-{ lib
-, python3
-, fetchFromGitHub
+{
+  lib,
+  fetchFromGitHub,
+  python3,
 }:

 python3.pkgs.buildPythonApplication rec {
  pname = "dep-scan";
-  version = "5.2.14";
+  version = "5.3.2";
  pyproject = true;

  src = fetchFromGitHub {
    owner = "owasp-dep-scan";
    repo = "dep-scan";
    rev = "refs/tags/v${version}";
-    hash = "sha256-G8i/tGEDgjPnIP04nrbx4HseiaU6N1GJGSg78yhaqII=";
+    hash = "sha256-2WV4f9vHdfnzoQWvwK/+lT9IS0v0sGBqnwDFHWG48G4=";
  };

  postPatch = ''
    substituteInPlace pytest.ini \
      --replace-fail " --cov-append --cov-report term --cov depscan" ""
-    # Already fixed by upstream
-    substituteInPlace pyproject.toml \
-      --replace-fail "==5.6.4" ">=5.6.4"
  '';

-  build-system = with python3.pkgs; [
-    setuptools
-  ];
+  build-system = with python3.pkgs; [ setuptools ];

  dependencies = with python3.pkgs; [
    appthreat-vulnerability-db
@ -47,9 +43,7 @@ python3.pkgs.buildPythonApplication rec {
    pytestCheckHook
  ];

-  pythonImportsCheck = [
-    "depscan"
-  ];
+  pythonImportsCheck = [ "depscan" ];

  preCheck = ''
    export HOME=$(mktemp -d)
--- a/pkgs/development/python-modules/appthreat-vulnerability-db/default.nix
+++ b/pkgs/development/python-modules/appthreat-vulnerability-db/default.nix
@ -1,23 +1,24 @@
-{ lib
-, appdirs
-, buildPythonPackage
-, cvss
-, fetchFromGitHub
-, httpx
-, msgpack
-, orjson
-, packageurl-python
-, pytestCheckHook
-, pythonOlder
-, pythonRelaxDepsHook
-, semver
-, setuptools
-, tabulate
+{
+  lib,
+  appdirs,
+  buildPythonPackage,
+  cvss,
+  fetchFromGitHub,
+  httpx,
+  msgpack,
+  orjson,
+  packageurl-python,
+  pytestCheckHook,
+  pythonOlder,
+  pythonRelaxDepsHook,
+  semver,
+  setuptools,
+  tabulate,
 }:

 buildPythonPackage rec {
  pname = "appthreat-vulnerability-db";
-  version = "5.6.6";
+  version = "5.6.7";
  pyproject = true;

  disabled = pythonOlder "3.10";
@ -26,7 +27,7 @@ buildPythonPackage rec {
    owner = "AppThreat";
    repo = "vulnerability-db";
    rev = "refs/tags/v${version}";
-    hash = "sha256-wVl2C1AG9LbSh/p95fstJyJr6JnhZFIhNvq8mhpg13Q=";
+    hash = "sha256-/QzK+su+g2ESZ81C0coxKf13WOUVz1GyfJbOrO7fS98=";
  };

  postPatch = ''
@ -39,13 +40,9 @@ buildPythonPackage rec {
    "semver"
  ];

-  build-system = [
-    setuptools
-  ];
+  build-system = [ setuptools ];

-  nativeBuildInputs = [
-    pythonRelaxDepsHook
-  ];
+  nativeBuildInputs = [ pythonRelaxDepsHook ];

  dependencies = [
    appdirs
@ -58,9 +55,7 @@ buildPythonPackage rec {
    tabulate
  ] ++ httpx.optional-dependencies.http2;

-  nativeCheckInputs = [
-    pytestCheckHook
-  ];
+  nativeCheckInputs = [ pytestCheckHook ];

  preCheck = ''
    export HOME=$(mktemp -d);
@ -72,9 +67,7 @@ buildPythonPackage rec {
    "test_download_recent"
  ];

-  pythonImportsCheck = [
-    "vdb"
-  ];
+  pythonImportsCheck = [ "vdb" ];

  meta = with lib; {
    description = "Vulnerability database and package search for sources such as OSV, NVD, GitHub and npm";
--- a/pkgs/development/python-modules/apsw/default.nix
+++ b/pkgs/development/python-modules/apsw/default.nix
@ -1,17 +1,19 @@
-{ lib
-, buildPythonPackage
-, fetchFromGitHub
-, sqlite
-, isPyPy
-, python
+{
+  lib,
+  buildPythonPackage,
+  fetchFromGitHub,
+  python,
+  pythonOlder,
+  setuptools,
+  sqlite,
 }:

 buildPythonPackage rec {
  pname = "apsw";
  version = "3.45.2.0";
-  format = "setuptools";
+  pyproject = true;

-  disabled = isPyPy;
+  disabled = pythonOlder "3.8";

  src = fetchFromGitHub {
    owner = "rogerbinns";
@ -20,9 +22,9 @@ buildPythonPackage rec {
    hash = "sha256-tTi3/10W4OoGH6PQVhvPWc5o09on5BZrWoAvrfh4C/E=";
  };

-  buildInputs = [
-    sqlite
-  ];
+  build-system = [ setuptools ];
+
+  buildInputs = [ sqlite ];

  # Project uses custom test setup to exclude some tests by default, so using pytest
  # requires more maintenance
@ -31,13 +33,12 @@ buildPythonPackage rec {
    ${python.interpreter} setup.py test
  '';

-  pythonImportsCheck = [
-    "apsw"
-  ];
+  pythonImportsCheck = [ "apsw" ];

  meta = with lib; {
    description = "A Python wrapper for the SQLite embedded relational database engine";
    homepage = "https://github.com/rogerbinns/apsw";
+    changelog = "https://github.com/rogerbinns/apsw/releases/tag/${version}";
    license = licenses.zlib;
    maintainers = with maintainers; [ gador ];
  };
--- a/pkgs/development/tools/appthreat-depscan/default.nix
+++ b/pkgs/development/tools/appthreat-depscan/default.nix
@ -1,53 +0,0 @@
-{ lib
-, fetchFromGitHub
-, python3
-}:
-
-python3.pkgs.buildPythonApplication rec {
-  pname = "appthreat-depscan";
-  version = "3.6.0";
-
-  src = fetchFromGitHub {
-    owner = "AppThreat";
-    repo = "dep-scan";
-    rev = "refs/tags/v${version}";
-    hash = "sha256-U8vHwdL1O54X0jPhcjTN/J1U7dKQgFEMfc6lbXe2Ff0=";
-  };
-
-  propagatedBuildInputs = with python3.pkgs; [
-    appthreat-vulnerability-db
-    defusedxml
-    pyyaml
-    rich
-  ];
-
-  nativeCheckInputs = with python3.pkgs; [
-    pytestCheckHook
-  ];
-
-  postPatch = ''
-    substituteInPlace pytest.ini \
-      --replace " --cov-append --cov-report term --cov depscan" ""
-  '';
-
-  preCheck = ''
-    export HOME=$(mktemp -d);
-  '';
-
-  disabledTests = [
-    # Assertion Error
-    "test_query_metadata2"
-  ];
-
-  pythonImportsCheck = [
-    "depscan"
-  ];
-
-  meta = with lib; {
-    description = "Tool to audit dependencies based on known vulnerabilities and advisories";
-    homepage = "https://github.com/AppThreat/dep-scan";
-    changelog = "https://github.com/AppThreat/dep-scan/releases/tag/v${version}";
-    license = with licenses; [ mit ];
-    maintainers = with maintainers; [ fab ];
-  };
-}
--- a/pkgs/top-level/aliases.nix
+++ b/pkgs/top-level/aliases.nix
@ -76,6 +76,7 @@ mapAliases ({
  ansible_2_13 = throw "Ansible 2.13 goes end of life in 2023/11"; # Added 2023-12-30
  apacheAnt_1_9 = throw "Ant 1.9 has been removed since it's not used in nixpkgs anymore"; # Added 2023-11-12
  antimicroX = antimicrox; # Added 2021-10-31
+  appthreat-depscan = dep-scan; # Added 2024-04-10
  arcanPackages = throw "arcanPackages was removed and its sub-attributes were promoted to top-level"; # Added 2023-11-26
  archiveopteryx = throw "archiveopteryx depended on an unsupported version of OpenSSL and was unmaintained"; # Added 2024-01-03
  ardour_6 = throw "ardour_6 has been removed in favor of newer versions"; # Added 2023-10-13
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@ -299,8 +299,6 @@ with pkgs;

  melange = callPackage ../development/tools/melange { };

-  appthreat-depscan = callPackage ../development/tools/appthreat-depscan { };
-
  activate-linux = callPackage ../applications/misc/activate-linux { };

  ansi = callPackage ../development/tools/ansi { };