diff options
author | Michael Weiss <dev.primeos@gmail.com> | 2019-04-02 19:16:32 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-04-02 19:16:32 +0200 |
commit | ef5fd41a1183a7bb23fdfac82203277e5d85ea8f (patch) | |
tree | ad4886b9c9b5333f29700639aba12b1fc1f87e91 /pkgs/tools | |
parent | cdf96e8a084a3efb60a93ab613183704a32f42ed (diff) | |
parent | 4572e79ef9e0d1017424f4b4eee7600028cb732a (diff) | |
download | nixpkgs-ef5fd41a1183a7bb23fdfac82203277e5d85ea8f.tar nixpkgs-ef5fd41a1183a7bb23fdfac82203277e5d85ea8f.tar.gz nixpkgs-ef5fd41a1183a7bb23fdfac82203277e5d85ea8f.tar.bz2 nixpkgs-ef5fd41a1183a7bb23fdfac82203277e5d85ea8f.tar.lz nixpkgs-ef5fd41a1183a7bb23fdfac82203277e5d85ea8f.tar.xz nixpkgs-ef5fd41a1183a7bb23fdfac82203277e5d85ea8f.tar.zst nixpkgs-ef5fd41a1183a7bb23fdfac82203277e5d85ea8f.zip |
Merge pull request #58814 from primeos/bundler-audit
bundler-audit: init at 0.6.1
Diffstat (limited to 'pkgs/tools')
-rw-r--r-- | pkgs/tools/security/bundler-audit/Gemfile | 2 | ||||
-rw-r--r-- | pkgs/tools/security/bundler-audit/Gemfile.lock | 16 | ||||
-rw-r--r-- | pkgs/tools/security/bundler-audit/default.nix | 26 | ||||
-rw-r--r-- | pkgs/tools/security/bundler-audit/gemset.nix | 19 |
4 files changed, 63 insertions, 0 deletions
diff --git a/pkgs/tools/security/bundler-audit/Gemfile b/pkgs/tools/security/bundler-audit/Gemfile new file mode 100644 index 00000000000..f9fb0e329bd --- /dev/null +++ b/pkgs/tools/security/bundler-audit/Gemfile @@ -0,0 +1,2 @@ +source 'https://rubygems.org' +gem 'bundler-audit' diff --git a/pkgs/tools/security/bundler-audit/Gemfile.lock b/pkgs/tools/security/bundler-audit/Gemfile.lock new file mode 100644 index 00000000000..28cbcf5a9a6 --- /dev/null +++ b/pkgs/tools/security/bundler-audit/Gemfile.lock @@ -0,0 +1,16 @@ +GEM + remote: https://rubygems.org/ + specs: + bundler-audit (0.6.1) + bundler (>= 1.2.0, < 3) + thor (~> 0.18) + thor (0.20.3) + +PLATFORMS + ruby + +DEPENDENCIES + bundler-audit + +BUNDLED WITH + 1.14.6 diff --git a/pkgs/tools/security/bundler-audit/default.nix b/pkgs/tools/security/bundler-audit/default.nix new file mode 100644 index 00000000000..8b19b6103d4 --- /dev/null +++ b/pkgs/tools/security/bundler-audit/default.nix @@ -0,0 +1,26 @@ +{ bundlerEnv, ruby, lib }: + +bundlerEnv rec { + name = "${pname}-${version}"; + pname = "bundler-audit"; + version = (import ./gemset.nix).bundler-audit.version; + + inherit ruby; + gemdir = ./.; + + meta = with lib; { + description = "Patch-level verification for Bundler"; + longDescription = '' + Features: + - Checks for vulnerable versions of gems in Gemfile.lock. + - Checks for insecure gem sources (http://). + - Allows ignoring certain advisories that have been manually worked around. + - Prints advisory information. + - Does not require a network connection. + ''; + homepage = https://github.com/rubysec/bundler-audit; + license = licenses.gpl3Plus; + maintainers = with maintainers; [ primeos ]; + platforms = platforms.unix; + }; +} diff --git a/pkgs/tools/security/bundler-audit/gemset.nix b/pkgs/tools/security/bundler-audit/gemset.nix new file mode 100644 index 00000000000..56d78b3e8f1 --- /dev/null +++ b/pkgs/tools/security/bundler-audit/gemset.nix @@ -0,0 +1,19 @@ +{ + bundler-audit = { + dependencies = ["thor"]; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0pm22xpn3xyymsainixnrk8v3l3xi9bzwkjkspx00cfzp84xvxbq"; + type = "gem"; + }; + version = "0.6.1"; + }; + thor = { + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1yhrnp9x8qcy5vc7g438amd5j9sw83ih7c30dr6g6slgw9zj3g29"; + type = "gem"; + }; + version = "0.20.3"; + }; +} \ No newline at end of file |