pip-audit: init at 2.0.0

2 years ago · 86e49c7114
parent b897629a2c
commit 86e49c7114
2 changed files with 77 additions and 0 deletions
--- a/pkgs/development/tools/pip-audit/default.nix
+++ b/pkgs/development/tools/pip-audit/default.nix
@ -0,0 +1,75 @@
+{ lib
+, fetchFromGitHub
+, fetchpatch
+, python3
+}:
+
+let
+  py = python3.override {
+    packageOverrides = self: super: {
+
+      # ansible doesn't support resolvelib > 0.6.0 and can't have an override
+      resolvelib = super.resolvelib.overridePythonAttrs (oldAttrs: rec {
+        version = "0.8.1";
+        src = fetchFromGitHub {
+          owner = "sarugaku";
+          repo = "resolvelib";
+          rev = version;
+          sha256 = "1qpd0gg9yl0kbamlgjs9pkxd39kx511kbc92civ77v0ka5sw8ca0";
+        };
+      });
+    };
+  };
+in
+with py.pkgs;
+
+buildPythonApplication rec {
+  pname = "pip-audit";
+  version = "2.0.0";
+  format = "setuptools";
+
+  src = fetchFromGitHub {
+    owner = "trailofbits";
+    repo = pname;
+    rev = "v${version}";
+    hash = "sha256-JHRUYugptbsbqyXy5IxBVQq1NNbTR1xdt791ZQ2jP7s=";
+  };
+
+  propagatedBuildInputs = [
+    cachecontrol
+    cyclonedx-python-lib
+    html5lib
+    packaging
+    pip-api
+    progress
+    resolvelib
+  ];
+
+  checkInputs = [
+    pretend
+    pytestCheckHook
+  ];
+
+  pythonImportsCheck = [
+    "pip_audit"
+  ];
+
+  disabledTestPaths = [
+    "test/dependency_source/test_requirement.py"
+    "test/dependency_source/test_resolvelib.py"
+    "test/service/test_pypi.py"
+    "test/service/test_osv.py"
+  ];
+
+  disabledTests = [
+    "test_get_pip_cache"
+    "test_virtual_env"
+  ];
+
+  meta = with lib; {
+    description = "Tool for scanning Python environments for known vulnerabilities";
+    homepage = "https://github.com/trailofbits/pip-audit";
+    license = with licenses; [ asl20 ];
+    maintainers = with maintainers; [ fab ];
+  };
+}
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@ -14433,6 +14433,8 @@ with pkgs;

  poetry2conda = python3Packages.callPackage ../development/python-modules/poetry2conda { };

+  pip-audit = callPackage ../development/tools/pip-audit {};
+
  pipenv = callPackage ../development/tools/pipenv {};

  pipewire = callPackage ../development/libraries/pipewire {