kookie
/
nomicon
1
0
Fork 0
Code Issues Projects Releases 1 Activity

Merge pull request #23863 from plumps/add-vulnix

Browse Source 
vulnix: init at 1.2.2
wip/yesman
Frederik Rietdijk 7 years ago committed by GitHub
parent f38c4ee775 70322d8b87
commit f4a1eab239
7 changed files with 199 additions and 98 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 1
      lib/maintainers.nix
  2. 79
      pkgs/development/python-modules/btrees-py35.patch
  3. 20
      pkgs/development/python-modules/btrees/default.nix
  4. 42
      pkgs/tools/security/vulnix/default.nix
  5. 131
      pkgs/tools/security/vulnix/requirements.nix
  6. 4
      pkgs/top-level/all-packages.nix
  7. 20
      pkgs/top-level/python-packages.nix

1
lib/maintainers.nix
Unescape View File

@ -398,6 +398,7 @@
pjones = "Peter Jones <pjones@devalot.com>";
pkmx = "Chih-Mao Chen <pkmx.tw@gmail.com>";
plcplc = "Philip Lykke Carlsen <plcplc@gmail.com>";
plumps = "Maksim Bronsky <maks.bronsky@web.de";
pmahoney = "Patrick Mahoney <pat@polycrystal.org>";
pmiddend = "Philipp Middendorf <pmidden@secure.mailbox.org>";
polyrod = "Maurizio Di Pietro <dc1mdp@gmail.com>";

79
pkgs/development/python-modules/btrees-py35.patch
Unescape View File

@ -1,79 +0,0 @@
From eee0beef88d135640871050b40844272a3aee790 Mon Sep 17 00:00:00 2001
From: Tres Seaver <tseaver@palladion.com>
Date: Tue, 15 Sep 2015 17:20:18 -0400
Subject: [PATCH 1/2] Ensure that we don't overlook errors in first
PyObject_RichCompareBool call.
Python 3.5 turns such cases into SystemErrors.
See: https://bugs.python.org/issue23571
Fixes #15.
---
BTrees/_compat.h | 22 +++++++++++++++++++---
1 file changed, 19 insertions(+), 3 deletions(-)
diff --git a/BTrees/_compat.h b/BTrees/_compat.h
index e004d54..19dd377 100644
--- a/BTrees/_compat.h
+++ b/BTrees/_compat.h
@@ -27,9 +27,25 @@
#define TEXT_FROM_STRING PyUnicode_FromString
#define TEXT_FORMAT PyUnicode_Format
-#define COMPARE(lhs, rhs) \
- PyObject_RichCompareBool((lhs), (rhs), Py_LT) > 0 ? -1 : \
- (PyObject_RichCompareBool((lhs), (rhs), Py_EQ) > 0 ? 0 : 1)
+/* Emulate Python2's __cmp__, wrapping PyObject_RichCompareBool(),
+ * Return -2/-3 for errors, -1 for lhs<rhs, 0 for lhs==rhs, 1 for lhs>rhs.
+ */
+static inline
+int __compare(PyObject *lhs, PyObject *rhs) {
+ int less, equal;
+
+ less = PyObject_RichCompareBool(lhs, rhs, Py_LT);
+ if ( less == -1 ) {
+ return -2;
+ }
+ equal = PyObject_RichCompareBool(lhs, rhs, Py_EQ);
+ if ( equal == -1 ) {
+ return -3;
+ }
+ return less ? -1 : (equal ? 0 : 1);
+}
+
+#define COMPARE(lhs, rhs) __compare((lhs), (rhs))
#else
From ff4c3309fe471f2b9bdd642b8f7d1c2fe0f5e458 Mon Sep 17 00:00:00 2001
From: Tres Seaver <tseaver@palladion.com>
Date: Sun, 20 Sep 2015 11:07:10 -0400
Subject: [PATCH 2/2] Avoid unnecessary comparison for 'Py_EQ' if 'Py_LT'
returned True.
---
BTrees/_compat.h | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/BTrees/_compat.h b/BTrees/_compat.h
index 19dd377..ece2bf9 100644
--- a/BTrees/_compat.h
+++ b/BTrees/_compat.h
@@ -38,11 +38,14 @@ int __compare(PyObject *lhs, PyObject *rhs) {
if ( less == -1 ) {
return -2;
}
+ if (less) {
+ return -1;
+ }
equal = PyObject_RichCompareBool(lhs, rhs, Py_EQ);
if ( equal == -1 ) {
return -3;
}
- return less ? -1 : (equal ? 0 : 1);
+ return equal ? 0 : 1;
}
#define COMPARE(lhs, rhs) __compare((lhs), (rhs))

20
pkgs/development/python-modules/btrees/default.nix
Unescape View File

@ -0,0 +1,20 @@
{ stdenv, buildPythonPackage, persistent, zope_interface, transaction }:
buildPythonPackage rec {
pname = "BTrees";
version = "4.3.1";
name = "${pname}-${version}";
propagatedBuildInputs = [ persistent zope_interface transaction ];
src = fetchPypi {
inherit pname version;
sha256 = "15as34f9sa4nnd62nnjkik2jd4rg1byp0i4kwaqwdpv0ab9vfr95";
};
meta = with stdenv.lib; {
description = "Scalable persistent components";
homepage = http://packages.python.org/BTrees;
license = licenses.zpt21;
};
}

42
pkgs/tools/security/vulnix/default.nix
Unescape View File

@ -0,0 +1,42 @@
{ stdenv, pythonPackages, fetchurl, callPackage, nix, }:
let
external = callPackage ./requirements.nix {
inherit pythonPackages;
};
in pythonPackages.buildPythonApplication rec{
name = "${pname}-${version}";
pname = "vulnix";
version = "1.2.2";
src = pythonPackages.fetchPypi {
inherit pname version;
sha256 = "1ia9plziwach0bxnlcd33q30kcsf8sv0nf2jc78gsmrqnxjabr12";
};
buildInputs = with pythonPackages; [ flake8 pytest pytestcov ];
postPatch = ''
sed -i -e 's/==\([^=]\+\)/>=\1/g' setup.py
'';
propagatedBuildInputs = [
nix
] ++ (with pythonPackages; [
click
colorama
lxml
pyyaml
requests2
external.zodb
]);
checkPhase = "py.test";
meta = with stdenv.lib; {
description = "NixOS vulnerability scanner";
homepage = https://github.com/flyingcircusio/vulnix;
license = licenses.bsd2;
maintainers = with maintainers; [ plumps ];
};
}

131
pkgs/tools/security/vulnix/requirements.nix
Unescape View File

@ -0,0 +1,131 @@
{ pythonPackages, fetchurl, stdenv }:
rec {
BTrees = pythonPackages.buildPythonPackage {
name = "BTrees-4.3.1";
src = fetchurl {
url = "https://pypi.python.org/packages/24/76/cd6f225f2180c22af5cdb6656f51aec5fca45e45bdc4fa75c0a32f161a61/BTrees-4.3.1.tar.gz";
sha256 = "2565b7d35260dfc6b1e2934470fd0a2f9326c58c535a2b4cb396289d1c195a95";
};
propagatedBuildInputs = [
persistent
transaction
zope_interface
] ++ (with pythonPackages; [ coverage ]);
meta = with stdenv.lib; {
homepage = "";
license = licenses.zpt21;
description = "Scalable persistent object containers";
};
};
ZConfig = pythonPackages.buildPythonPackage {
name = "ZConfig-3.1.0";
src = fetchurl {
url = "https://pypi.python.org/packages/52/b3/a96d62711a26d8cfbe546519975dc9ed54d2eb50b3238d2e6de045764796/ZConfig-3.1.0.tar.gz";
sha256 = "c21fa3a073a56925a8098036d46717392994a92cffea1b3cda3176b70c0a842e";
};
meta = with stdenv.lib; {
homepage = "";
license = licenses.zpt21;
description = "Structured Configuration Library";
};
};
zodb = pythonPackages.buildPythonPackage {
name = "ZODB-5.2.0";
src = fetchurl {
url = "https://pypi.python.org/packages/1e/47/2f17075ca94a4a537ebd8e195c458456ef49aa67355ec805e478b8ad1959/ZODB-5.2.0.tar.gz";
sha256 = "11l495lyym2fpvalj18yvcqwnsp8gyp18sgv5v575k4s2035lz0x";
};
doCheck = false;
propagatedBuildInputs = [
BTrees
persistent
transaction
ZConfig
zc.lockfile
zodbpickle
] ++ (with pythonPackages; [ six wheel zope_interface ]);
meta = with stdenv.lib; {
homepage = "";
license = licenses.zpt21;
description = "Zope Object Database: object database and persistence";
};
};
persistent = pythonPackages.buildPythonPackage {
name = "persistent-4.2.2";
src = fetchurl {
url = "https://pypi.python.org/packages/3d/71/3302512282b606ec4d054e09be24c065915518903b29380b6573bff79c24/persistent-4.2.2.tar.gz";
sha256 = "52ececc6dbba5ef572d3435189318b4dff07675bafa9620e32f785e147c6563c";
};
propagatedBuildInputs = [
zope_interface
] ++ (with pythonPackages; [ six wheel ]);
meta = with stdenv.lib; {
homepage = "";
license = licenses.zpt21;
description = "Translucent persistent objects";
};
};
transaction = pythonPackages.buildPythonPackage {
name = "transaction-2.0.3";
src = fetchurl {
url = "https://pypi.python.org/packages/8c/af/3ffafe85bcc93ecb09459f3f2bd8fbe142e9ab34048f9e2774543b470cbd/transaction-2.0.3.tar.gz";
sha256 = "67bfb81309ba9717edbb2ca2e5717c325b78beec0bf19f44e5b4b9410f82df7f";
};
propagatedBuildInputs = [
zope_interface
] ++ (with pythonPackages; [ six wheel ]);
meta = with stdenv.lib; {
homepage = "";
license = licenses.zpt21;
description = "Transaction management for Python";
};
};
zc.lockfile = pythonPackages.buildPythonPackage {
name = "zc.lockfile-1.2.1";
src = fetchurl {
url = "https://pypi.python.org/packages/bd/84/0299bbabbc9d3f84f718ba1039cc068030d3ad723c08f82a64337edf901e/zc.lockfile-1.2.1.tar.gz";
sha256 = "11db91ada7f22fe8aae268d4bfdeae012c4fe655f66bbb315b00822ec00d043e";
};
meta = with stdenv.lib; {
homepage = "";
license = licenses.zpt21;
description = "Basic inter-process locks";
};
};
zodbpickle = pythonPackages.buildPythonPackage {
name = "zodbpickle-0.6.0";
src = fetchurl {
url = "https://pypi.python.org/packages/7a/fc/f6f437a5222b330735eaf8f1e67a6845bd1b600e9a9455e552d3c13c4902/zodbpickle-0.6.0.tar.gz";
sha256 = "ea3248be966159e7791e3db0e35ea992b9235d52e7d39835438686741d196665";
};
doCheck = false;
meta = with stdenv.lib; {
homepage = "";
license = licenses.zpt21;
description = "Fork of Python 3 pickle module.";
};
};
zope_interface = pythonPackages.buildPythonPackage {
name = "zope.interface-4.3.3";
src = fetchurl {
url = "https://pypi.python.org/packages/44/af/cea1e18bc0d3be0e0824762d3236f0e61088eeed75287e7b854d65ec9916/zope.interface-4.3.3.tar.gz";
sha256 = "8780ef68ca8c3fe1abb30c058a59015129d6e04a6b02c2e56b9c7de6078dfa88";
};
propagatedBuildInputs = [ ];
meta = with stdenv.lib; {
homepage = "";
license = licenses.zpt21;
description = "Interfaces for Python";
};
};
}

4
pkgs/top-level/all-packages.nix
Unescape View File

@ -6963,6 +6963,10 @@ with pkgs;
vultr = callPackage ../development/tools/vultr { };
vulnix = callPackage ../tools/security/vulnix {
pythonPackages = python3Packages;
};
xc3sprog = callPackage ../development/tools/misc/xc3sprog { };
xcbuild = callPackage ../development/tools/xcbuild/wrapper.nix {

20
pkgs/top-level/python-packages.nix
Unescape View File

@ -27550,25 +27550,7 @@ EOF
};
};
BTrees = self.buildPythonPackage rec {
name = "BTrees-4.1.4";
propagatedBuildInputs = with self; [ persistent zope_interface transaction ];
src = pkgs.fetchurl {
url = "mirror://pypi/B/BTrees/${name}.tar.gz";
sha256 = "1avvhkd7rvp3rzhw20v6ank8a8m9a1lmh99c4gjjsa1ry0zsri3y";
};
patches = [ ../development/python-modules/btrees-py35.patch ];
meta = {
description = "Scalable persistent components";
homepage = http://packages.python.org/BTrees;
};
};
BTrees = callPackage ../development/python-modules/btrees {};
persistent = self.buildPythonPackage rec {
name = "persistent-4.0.8";

Write Preview
Loading…
Cancel
Save