diff options
author | github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> | 2023-10-18 00:02:49 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-10-18 00:02:49 +0000 |
commit | 07245b90f3036dd72407b196a777a5db9c38e6da (patch) | |
tree | 5af44f6aef58bed6c2c95146c2169d1c7a505c2f /pkgs/tools/security | |
parent | c99731d9ac7f60c5448fc9a94489856f28971daa (diff) | |
parent | 35eee590bed8670b5adb8462a7748ac9376296bf (diff) | |
download | nixpkgs-07245b90f3036dd72407b196a777a5db9c38e6da.tar nixpkgs-07245b90f3036dd72407b196a777a5db9c38e6da.tar.gz nixpkgs-07245b90f3036dd72407b196a777a5db9c38e6da.tar.bz2 nixpkgs-07245b90f3036dd72407b196a777a5db9c38e6da.tar.lz nixpkgs-07245b90f3036dd72407b196a777a5db9c38e6da.tar.xz nixpkgs-07245b90f3036dd72407b196a777a5db9c38e6da.tar.zst nixpkgs-07245b90f3036dd72407b196a777a5db9c38e6da.zip |
Merge staging-next into staging
Diffstat (limited to 'pkgs/tools/security')
-rw-r--r-- | pkgs/tools/security/age-plugin-tpm/default.nix | 16 | ||||
-rw-r--r-- | pkgs/tools/security/nsjail/default.nix | 5 | ||||
-rw-r--r-- | pkgs/tools/security/osv-scanner/default.nix | 6 | ||||
-rw-r--r-- | pkgs/tools/security/trufflehog/default.nix | 6 |
4 files changed, 18 insertions, 15 deletions
diff --git a/pkgs/tools/security/age-plugin-tpm/default.nix b/pkgs/tools/security/age-plugin-tpm/default.nix index 8882a70a1a9..4885aa326dd 100644 --- a/pkgs/tools/security/age-plugin-tpm/default.nix +++ b/pkgs/tools/security/age-plugin-tpm/default.nix @@ -2,30 +2,32 @@ , buildGoModule , fetchFromGitHub , swtpm +, openssl }: buildGoModule rec { pname = "age-plugin-tpm"; - version = "0.1.0"; + version = "0.2.0"; src = fetchFromGitHub { owner = "Foxboron"; repo = "age-plugin-tpm"; rev = "v${version}"; - hash = "sha256-Gp7n2/+vgQbsm/En6PQ1to/W6lvFam4Wh3LHdCZnafc="; + hash = "sha256-oTvK8U5j+llHgoChhGb+vcUrUf9doVYxd3d5MEuCNz8="; }; - vendorHash = "sha256-oZni/n2J0N3ZxNhf+RlUWyWeOFwL4+6KUIk6DQF8YpA="; + proxyVendor = true; - postConfigure = '' - substituteInPlace vendor/github.com/foxboron/swtpm_test/swtpm.go \ - --replace "/usr/share/swtpm/swtpm-create-user-config-files" "${swtpm}/share/swtpm/swtpm-create-user-config-files" - ''; + vendorHash = "sha256-BSb+8p5+RJMfcYc2+BuT4YbhCWCbcYOt9upesD11Ytw="; nativeCheckInputs = [ swtpm ]; + buildInputs = [ + openssl + ]; + ldflags = [ "-s" "-w" diff --git a/pkgs/tools/security/nsjail/default.nix b/pkgs/tools/security/nsjail/default.nix index 5abb9012b7d..187674596e1 100644 --- a/pkgs/tools/security/nsjail/default.nix +++ b/pkgs/tools/security/nsjail/default.nix @@ -4,14 +4,14 @@ stdenv.mkDerivation rec { pname = "nsjail"; - version = "3.3"; + version = "3.4"; src = fetchFromGitHub { owner = "google"; repo = "nsjail"; rev = version; fetchSubmodules = true; - hash = "sha256-L5x3rUDd1nXxDjoP/ZErQa02w2MJSkMBlgu00cy1D3M="; + hash = "sha256-/K+qJV5Dq+my45Cpw6czdsWLtO9lnJwZTsOIRt4Iijk="; }; nativeBuildInputs = [ autoconf bison flex installShellFiles libtool pkg-config which ]; @@ -32,6 +32,7 @@ stdenv.mkDerivation rec { meta = with lib; { description = "A light-weight process isolation tool, making use of Linux namespaces and seccomp-bpf syscall filters"; homepage = "https://nsjail.dev/"; + changelog = "https://github.com/google/nsjail/releases/tag/${version}"; license = licenses.asl20; maintainers = with maintainers; [ arturcygan bosu c0bw3b ]; platforms = platforms.linux; diff --git a/pkgs/tools/security/osv-scanner/default.nix b/pkgs/tools/security/osv-scanner/default.nix index 1397405dd8f..be8fbb2489f 100644 --- a/pkgs/tools/security/osv-scanner/default.nix +++ b/pkgs/tools/security/osv-scanner/default.nix @@ -6,16 +6,16 @@ }: buildGoModule rec { pname = "osv-scanner"; - version = "1.4.0"; + version = "1.4.1"; src = fetchFromGitHub { owner = "google"; repo = pname; rev = "v${version}"; - hash = "sha256-UJrqSzJ024IiQwuPOoxNGgTNNfhb00KjtIHQb5qpDPQ="; + hash = "sha256-xc9qdzdJYg12twjLAGw1GEkfkFsk8UBgzSyOSg/FB20="; }; - vendorHash = "sha256-oT4pjsEfjlPZyVo7Ic0rpTEK/sSUz1ShWk7fOJq+EQ8="; + vendorHash = "sha256-e1XG3DZGDBKKcEpMBi0vqKo3f9TnXdFKOUzZ7KZhPAw="; subPackages = [ "cmd/osv-scanner" diff --git a/pkgs/tools/security/trufflehog/default.nix b/pkgs/tools/security/trufflehog/default.nix index 86346b62010..9978cd6cd53 100644 --- a/pkgs/tools/security/trufflehog/default.nix +++ b/pkgs/tools/security/trufflehog/default.nix @@ -7,16 +7,16 @@ buildGoModule rec { pname = "trufflehog"; - version = "3.59.0"; + version = "3.60.0"; src = fetchFromGitHub { owner = "trufflesecurity"; repo = "trufflehog"; rev = "refs/tags/v${version}"; - hash = "sha256-J+hmWEBjTFb7mE9uj0g4uq+VZjKS/3sIOtJyNweYkRw="; + hash = "sha256-43KKw9/EdXoD4nzWEvll2LhgI6Ipt3PYN6EpiD8fhQc="; }; - vendorHash = "sha256-xsdtqRU3Exeo/EHkA8xars9+FUnrVZRdET0PGtv4ikI="; + vendorHash = "sha256-axB0JcvGeiqz1dBKHknNqW3XzQWaLCHk6gsB9QV3PN8="; ldflags = [ "-s" |