diff options
author | Fabian Affolter <fabian@affolter-engineering.ch> | 2022-05-04 08:37:54 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-05-04 08:37:54 +0200 |
commit | f450d5b35401ee6880969802e5ed6baaade41ce6 (patch) | |
tree | 14c4945d8b68c125a6b69d73a904c1a2b88646d6 | |
parent | aa885f45818e5b3164dad2ceddbbaea4116464b2 (diff) | |
parent | 1d17d14cb72c8a3d122827c53f6d30bd9e490314 (diff) | |
download | nixpkgs-f450d5b35401ee6880969802e5ed6baaade41ce6.tar nixpkgs-f450d5b35401ee6880969802e5ed6baaade41ce6.tar.gz nixpkgs-f450d5b35401ee6880969802e5ed6baaade41ce6.tar.bz2 nixpkgs-f450d5b35401ee6880969802e5ed6baaade41ce6.tar.lz nixpkgs-f450d5b35401ee6880969802e5ed6baaade41ce6.tar.xz nixpkgs-f450d5b35401ee6880969802e5ed6baaade41ce6.tar.zst nixpkgs-f450d5b35401ee6880969802e5ed6baaade41ce6.zip |
Merge pull request #163588 from fabaff/pip-audit
pip-audit: init at 2.0.0
-rw-r--r-- | pkgs/development/python-modules/cachecontrol/default.nix | 4 | ||||
-rw-r--r-- | pkgs/development/python-modules/pip-api/default.nix | 52 | ||||
-rw-r--r-- | pkgs/development/python-modules/pretend/default.nix | 29 | ||||
-rw-r--r-- | pkgs/development/tools/pip-audit/default.nix | 83 | ||||
-rw-r--r-- | pkgs/top-level/all-packages.nix | 2 | ||||
-rw-r--r-- | pkgs/top-level/python-packages.nix | 2 |
6 files changed, 164 insertions, 8 deletions
diff --git a/pkgs/development/python-modules/cachecontrol/default.nix b/pkgs/development/python-modules/cachecontrol/default.nix index d074183e79d..bee126fbf16 100644 --- a/pkgs/development/python-modules/cachecontrol/default.nix +++ b/pkgs/development/python-modules/cachecontrol/default.nix @@ -21,10 +21,11 @@ buildPythonPackage rec { owner = "ionrock"; repo = pname; rev = "v${version}"; - sha256 = "sha256-mgvL0q10UbPHY1H3tJprke5p8qNl3HNYoeLAERZTcTs="; + hash = "sha256-mgvL0q10UbPHY1H3tJprke5p8qNl3HNYoeLAERZTcTs="; }; propagatedBuildInputs = [ + lockfile msgpack requests ]; @@ -32,7 +33,6 @@ buildPythonPackage rec { checkInputs = [ cherrypy mock - lockfile pytestCheckHook ]; diff --git a/pkgs/development/python-modules/pip-api/default.nix b/pkgs/development/python-modules/pip-api/default.nix new file mode 100644 index 00000000000..5e4412dcf85 --- /dev/null +++ b/pkgs/development/python-modules/pip-api/default.nix @@ -0,0 +1,52 @@ +{ lib +, buildPythonPackage +, fetchPypi +, pip +, pretend +, pytestCheckHook +, pythonOlder +, virtualenv +}: + +buildPythonPackage rec { + pname = "pip-api"; + version = "0.0.29"; + format = "setuptools"; + + disabled = pythonOlder "3.7"; + + src = fetchPypi { + inherit pname version; + hash = "sha256-9wFYTrHD4BAhyEb4nWKauTc7ZiTwYmdXd0rVT8TClXE="; + }; + + propagatedBuildInputs = [ + pip + ]; + + checkInputs = [ + pretend + pytestCheckHook + virtualenv + ]; + + pythonImportsCheck = [ + "pip_api" + ]; + + disabledTests = [ + "test_hash" + "test_hash_default_algorithm_is_256" + "test_installed_distributions" + "test_invoke_install" + "test_invoke_uninstall" + "test_isolation" + ]; + + meta = with lib; { + description = "Importable pip API"; + homepage = "https://github.com/di/pip-api"; + license = with licenses; [ mit ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/pkgs/development/python-modules/pretend/default.nix b/pkgs/development/python-modules/pretend/default.nix index 87e0e6613b1..0134b0dc36a 100644 --- a/pkgs/development/python-modules/pretend/default.nix +++ b/pkgs/development/python-modules/pretend/default.nix @@ -1,19 +1,36 @@ -{ lib, buildPythonPackage, fetchPypi }: +{ lib +, buildPythonPackage +, fetchFromGitHub +, pytestCheckHook +, pythonOlder +}: buildPythonPackage rec { pname = "pretend"; version = "1.0.9"; + format = "setuptools"; - src = fetchPypi { - inherit pname version; - sha256 = "c90eb810cde8ebb06dafcb8796f9a95228ce796531bc806e794c2f4649aa1b10"; + disabled = pythonOlder "3.7"; + + src = fetchFromGitHub { + owner = "alex"; + repo = pname; + rev = "v${version}"; + hash = "sha256-OqMfeIMFNBBLq6ejR3uOCIHZ9aA4zew7iefVlAsy1JQ="; }; - # No tests in archive - doCheck = false; + checkInputs = [ + pytestCheckHook + ]; + + pythonImportsCheck = [ + "pretend" + ]; meta = with lib; { + description = "Module for stubbing"; homepage = "https://github.com/alex/pretend"; license = licenses.bsd3; + maintainers = with maintainers; [ ]; }; } diff --git a/pkgs/development/tools/pip-audit/default.nix b/pkgs/development/tools/pip-audit/default.nix new file mode 100644 index 00000000000..8f700761d16 --- /dev/null +++ b/pkgs/development/tools/pip-audit/default.nix @@ -0,0 +1,83 @@ +{ lib +, fetchFromGitHub +, fetchpatch +, python3 +}: + +let + py = python3.override { + packageOverrides = self: super: { + + # ansible doesn't support resolvelib > 0.6.0 and can't have an override + resolvelib = super.resolvelib.overridePythonAttrs (oldAttrs: rec { + version = "0.8.1"; + src = fetchFromGitHub { + owner = "sarugaku"; + repo = "resolvelib"; + rev = version; + sha256 = "1qpd0gg9yl0kbamlgjs9pkxd39kx511kbc92civ77v0ka5sw8ca0"; + }; + }); + }; + }; +in +with py.pkgs; + +buildPythonApplication rec { + pname = "pip-audit"; + version = "2.2.1"; + format = "setuptools"; + + src = fetchFromGitHub { + owner = "trailofbits"; + repo = pname; + rev = "v${version}"; + hash = "sha256-ji61783imVlvoBaDMTxQwbf1L1G4lJbOFZ1FjcNOT/8="; + }; + + propagatedBuildInputs = [ + cachecontrol + cyclonedx-python-lib + html5lib + packaging + pip-api + progress + resolvelib + ]; + + checkInputs = [ + pretend + pytestCheckHook + ]; + + pythonImportsCheck = [ + "pip_audit" + ]; + + preCheck = '' + export HOME=$(mktemp -d); + ''; + + disabledTestPaths = [ + # Tests require network access + "test/dependency_source/test_requirement.py" + "test/dependency_source/test_resolvelib.py" + "test/service/test_pypi.py" + "test/service/test_osv.py" + ]; + + disabledTests = [ + # Tests requrire network access + "test_get_pip_cache" + "test_virtual_env" + "test_pyproject_source" + "test_pyproject_source_duplicate_deps" + ]; + + meta = with lib; { + description = "Tool for scanning Python environments for known vulnerabilities"; + homepage = "https://github.com/trailofbits/pip-audit"; + license = with licenses; [ asl20 ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index aa6e8e6e0bb..ff2c55688b3 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -14440,6 +14440,8 @@ with pkgs; poetry2conda = python3Packages.callPackage ../development/python-modules/poetry2conda { }; + pip-audit = callPackage ../development/tools/pip-audit {}; + pipenv = callPackage ../development/tools/pipenv {}; pipewire = callPackage ../development/libraries/pipewire { diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index 1ce394f4cdb..86a42ff6b33 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -6314,6 +6314,8 @@ in { pipenv-poetry-migrate = callPackage ../development/python-modules/pipenv-poetry-migrate { }; + pip-api = callPackage ../development/python-modules/pip-api { }; + pip-tools = callPackage ../development/python-modules/pip-tools { }; pipx = callPackage ../development/python-modules/pipx { }; |