File tree Expand file tree Collapse file tree 1 file changed +37
-19
lines changed
pkgs/tools/security/cve-bin-tool Expand file tree Collapse file tree 1 file changed +37
-19
lines changed Original file line number Diff line number Diff line change 22 lib ,
33 buildPythonApplication ,
44 fetchFromGitHub ,
5- # aiohttp[speedups]
6- aiodns ,
5+
6+ # build-system
7+ setuptools ,
8+
9+ # dependencies
710 aiohttp ,
811 beautifulsoup4 ,
912 brotlipy ,
1013 cvss ,
1114 distro ,
1215 filetype ,
13- google-cloud-sdk ,
1416 jinja2 ,
1517 jsonschema ,
1618 lib4sbom ,
1719 lib4vex ,
1820 packageurl-python ,
1921 packaging ,
2022 plotly ,
21- pytestCheckHook ,
2223 python-gnupg ,
2324 pyyaml ,
2425 requests ,
2526 rich ,
2627 rpmfile ,
27- setuptools ,
2828 xmlschema ,
29+ zipp ,
2930 zstandard ,
31+
32+ # optional-dependencies
3033 reportlab ,
31- pip ,
32- testers ,
33- cve-bin-tool ,
34+
35+ # runtime-dependencies
36+ google-cloud-sdk ,
37+
38+ # tests
39+ versionCheckHook ,
3440} :
3541
3642buildPythonApplication rec {
3743 pname = "cve-bin-tool" ;
3844 version = "3.4" ;
39- format = "setuptools" ;
45+ pyproject = true ;
4046
4147 src = fetchFromGitHub {
4248 owner = "intel" ;
@@ -45,19 +51,15 @@ buildPythonApplication rec {
4551 hash = "sha256-pv8XjKjZBUw5FmmUn1dakGeS1uw2xzF3wSIZOYQ2/3c=" ;
4652 } ;
4753
48- # Wants to open a sqlite database, access the internet, etc
49- doCheck = false ;
54+ build-system = [ setuptools ] ;
5055
5156 dependencies = [
52- # aiohttp[speedups]
53- aiodns
5457 aiohttp
5558 beautifulsoup4
5659 brotlipy
5760 cvss
5861 distro
5962 filetype
60- google-cloud-sdk # gsutil
6163 jinja2
6264 jsonschema
6365 lib4sbom
@@ -72,20 +74,36 @@ buildPythonApplication rec {
7274 rpmfile
7375 setuptools
7476 xmlschema
77+ zipp
7578 zstandard
76- ] ;
79+ ] ++ aiohttp . optional-dependencies . speedups ;
7780
7881 optional-dependencies = {
7982 pdf = [ reportlab ] ;
8083 } ;
8184
82- propagatedBuildInputs = [ pip ] ;
85+ pythonRemoveDeps = [
86+ # gsutil is only called as a binary at runtime instead of being used as a library
87+ "gsutil"
88+ ] ;
8389
84- nativeCheckInputs = [ pytestCheckHook ] ++ lib . flatten ( lib . attrValues optional-dependencies ) ;
90+ # don't run pytestCheckHook because it wants to open a sqlite database, access the internet, etc
91+ nativeCheckInputs = [
92+ versionCheckHook
93+ ] ++ lib . flatten ( lib . attrValues optional-dependencies ) ;
8594
86- pythonImportsCheck = [ "cve_bin_tool" ] ;
95+ pythonImportsCheck = [
96+ "cve_bin_tool"
97+ "cve_bin_tool.mismatch_loader"
98+ ] ;
8799
88- passthru . tests . version = testers . testVersion { package = cve-bin-tool ; } ;
100+ # provide gsutil
101+ makeWrapperArgs = [
102+ "--prefix"
103+ "PATH"
104+ ":"
105+ ( lib . makeBinPath [ google-cloud-sdk ] )
106+ ] ;
89107
90108 meta = with lib ; {
91109 description = "CVE Binary Checker Tool" ;
You can’t perform that action at this time.
0 commit comments