Merge pull request #308858 from teatwig/cve-bin-tool
cve-bin-util: 3.2 -> 3.3
This commit is contained in:
commit
c67f3c4288
57
pkgs/by-name/li/lib4sbom/package.nix
Normal file
57
pkgs/by-name/li/lib4sbom/package.nix
Normal file
|
@ -0,0 +1,57 @@
|
|||
{ lib
|
||||
, python3Packages
|
||||
, fetchFromGitHub
|
||||
}:
|
||||
|
||||
python3Packages.buildPythonPackage rec {
|
||||
pname = "lib4sbom";
|
||||
version = "0.7.1";
|
||||
format = "setuptools";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "anthonyharrison";
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
hash = "sha256-UQZZYTRDbUqSH6F8hjhp9L70025cRO3zXQ8Aoznotg4=";
|
||||
};
|
||||
|
||||
propagatedBuildInputs = with python3Packages; [
|
||||
pyyaml
|
||||
semantic-version
|
||||
defusedxml
|
||||
];
|
||||
|
||||
nativeCheckInputs = with python3Packages; [
|
||||
pytestCheckHook
|
||||
];
|
||||
|
||||
disabledTests = [
|
||||
# stub tests that always fail
|
||||
"TestCycloneDXGenerator"
|
||||
"TestCcycloneDX_parser"
|
||||
"TestGenerator"
|
||||
"TestOutput"
|
||||
"TestParser"
|
||||
"TestSPDX_Generator"
|
||||
"TestSPDX_Parser"
|
||||
# tests with missing getters
|
||||
"test_set_downloadlocation"
|
||||
"test_set_homepage"
|
||||
"test_set_checksum"
|
||||
"test_set_externalreference"
|
||||
# checks for invalid return type
|
||||
"test_set_type"
|
||||
# wrong capilatization
|
||||
"test_set_supplier"
|
||||
"test_set_originator"
|
||||
];
|
||||
|
||||
pythonImportsCheck = [ "lib4sbom" ];
|
||||
|
||||
meta = with lib; {
|
||||
description = "Library to ingest and generate SBOMs";
|
||||
homepage = "https://github.com/anthonyharrison/lib4sbom";
|
||||
license = licenses.asl20;
|
||||
maintainers = with maintainers; [ teatwig ];
|
||||
};
|
||||
}
|
|
@ -1,8 +1,11 @@
|
|||
{ lib
|
||||
, buildPythonApplication
|
||||
, fetchFromGitHub
|
||||
, fetchpatch
|
||||
, filetype
|
||||
, jsonschema
|
||||
, lib4sbom
|
||||
, packageurl-python
|
||||
, python-gnupg
|
||||
, plotly
|
||||
, beautifulsoup4
|
||||
, pyyaml
|
||||
|
@ -30,67 +33,20 @@
|
|||
, pip
|
||||
, testers
|
||||
, cve-bin-tool
|
||||
# pinned packaging
|
||||
, pyparsing
|
||||
, fetchPypi
|
||||
, buildPythonPackage
|
||||
, pretend
|
||||
, pythonOlder
|
||||
, wheel
|
||||
}:
|
||||
|
||||
let
|
||||
# pin packaging to < 22 until issue related to https://github.com/intel/cve-bin-tool/pull/2436 are resolved by upstream (post-3.2)
|
||||
packaging_21_3 = buildPythonPackage rec {
|
||||
inherit (packaging) pname passthru meta;
|
||||
version = "21.3";
|
||||
format = "pyproject";
|
||||
disabled = pythonOlder "3.6";
|
||||
|
||||
src = fetchPypi {
|
||||
inherit pname version;
|
||||
sha256 = "sha256-3UfEKSfYmrkR5gZRiQfMLTofOLvQJjhZcGQ/nFuOz+s=";
|
||||
};
|
||||
nativeBuildInputs = [
|
||||
setuptools
|
||||
wheel
|
||||
];
|
||||
propagatedBuildInputs = [
|
||||
pyparsing
|
||||
];
|
||||
|
||||
nativeCheckInputs = [
|
||||
pytestCheckHook
|
||||
pretend
|
||||
];
|
||||
|
||||
doCheck = false;
|
||||
};
|
||||
in
|
||||
buildPythonApplication rec {
|
||||
pname = "cve-bin-tool";
|
||||
version = "3.2";
|
||||
version = "3.3";
|
||||
format = "setuptools";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "intel";
|
||||
repo = "cve-bin-tool";
|
||||
rev = "refs/tags/v${version}";
|
||||
hash = "sha256-QOnWt6iit0/F6d/MfZ8qJqDuT3IHh0Qjs6BcJkI/CBw=";
|
||||
hash = "sha256-A5w4U5EDX+UZWNMuz8GTOcubo8N2KfDlVV0aRNsO8/E=";
|
||||
};
|
||||
|
||||
patches = [
|
||||
# Not needed as python dependency, should just be on the PATH
|
||||
./no-gsutil-python-dependency.patch
|
||||
# Already merged upstream, to be removed post-3.2
|
||||
# https://github.com/intel/cve-bin-tool/pull/2524
|
||||
(fetchpatch {
|
||||
name = "cve-bin-tool-version-success.patch";
|
||||
url = "https://github.com/intel/cve-bin-tool/commit/6f9bd565219932c565c1443ac467fe4163408dd8.patch";
|
||||
hash = "sha256-Glj6qiOvmvsuetXn4tysyiN/vrcOPFLORh+u3BoGzCI=";
|
||||
})
|
||||
];
|
||||
|
||||
# Wants to open a sqlite database, access the internet, etc
|
||||
doCheck = false;
|
||||
|
||||
|
@ -100,7 +56,11 @@ buildPythonApplication rec {
|
|||
|
||||
propagatedBuildInputs = [
|
||||
google-cloud-sdk
|
||||
filetype
|
||||
jsonschema
|
||||
lib4sbom
|
||||
packageurl-python
|
||||
python-gnupg
|
||||
plotly
|
||||
beautifulsoup4
|
||||
pyyaml
|
||||
|
@ -123,7 +83,7 @@ buildPythonApplication rec {
|
|||
setuptools
|
||||
xmlschema
|
||||
cvss
|
||||
packaging_21_3
|
||||
packaging
|
||||
];
|
||||
|
||||
nativeCheckInputs = [
|
||||
|
|
|
@ -1,12 +0,0 @@
|
|||
diff --git a/requirements.txt b/requirements.txt
|
||||
index 1d4aa9a..c9e9171 100644
|
||||
--- a/requirements.txt
|
||||
+++ b/requirements.txt
|
||||
@@ -14,6 +14,6 @@ xmlschema
|
||||
importlib_metadata; python_version < "3.8"
|
||||
requests
|
||||
urllib3>=1.26.5 # dependency of requests added explictly to avoid CVEs
|
||||
-gsutil
|
||||
+#gsutil
|
||||
cvss
|
||||
packaging
|
Loading…
Reference in New Issue
Block a user