summary refs log tree commit diff
path: root/pkgs/tools/security
diff options
context:
space:
mode:
Diffstat (limited to 'pkgs/tools/security')
-rw-r--r--pkgs/tools/security/age/default.nix8
-rw-r--r--pkgs/tools/security/bitwarden/default.nix4
-rw-r--r--pkgs/tools/security/hcxdumptool/default.nix4
-rw-r--r--pkgs/tools/security/hcxtools/default.nix4
-rw-r--r--pkgs/tools/security/kbs2/default.nix42
-rw-r--r--pkgs/tools/security/lynis/default.nix12
-rw-r--r--pkgs/tools/security/sn0int/default.nix10
-rw-r--r--pkgs/tools/security/verifpal/default.nix30
-rw-r--r--pkgs/tools/security/verifpal/deps.nix12
9 files changed, 77 insertions, 49 deletions
diff --git a/pkgs/tools/security/age/default.nix b/pkgs/tools/security/age/default.nix
index c3756b545e3..429a8689a1f 100644
--- a/pkgs/tools/security/age/default.nix
+++ b/pkgs/tools/security/age/default.nix
@@ -2,7 +2,7 @@
 
 buildGoModule rec {
   pname = "age";
-  version = "unstable-2020-03-25";
+  version = "1.0.0-beta4";
   goPackagePath = "github.com/FiloSottile/age";
   vendorSha256 = "0km7a2826j3fk2nrkmgc990chrkcfz006wfw14yilsa4p2hmfl7m";
 
@@ -14,8 +14,8 @@ buildGoModule rec {
   src = fetchFromGitHub {
     owner = "FiloSottile";
     repo = "age";
-    rev = "f0f8092d60bb96737fa096c29ec6d8adb5810390";
-    sha256 = "079kfc8d1pr39hr4qnx48kviyzwg4p8m4pz0bdkypns4aq8ppbfk";
+    rev = "v${version}";
+    sha256 = "0pp6zn4rdypyxn1md9ppisiwiapkfkbh08rzfl3qwn0998wx6gnb";
   };
 
   meta = with lib; {
@@ -24,4 +24,4 @@ buildGoModule rec {
     license = licenses.bsd3;
     maintainers = with maintainers; [ tazjin ];
   };
-}
\ No newline at end of file
+}
diff --git a/pkgs/tools/security/bitwarden/default.nix b/pkgs/tools/security/bitwarden/default.nix
index 2da8840eee1..ff55ad6691d 100644
--- a/pkgs/tools/security/bitwarden/default.nix
+++ b/pkgs/tools/security/bitwarden/default.nix
@@ -16,11 +16,11 @@ let
   pname = "bitwarden";
 
   version = {
-    x86_64-linux = "1.18.0";
+    x86_64-linux = "1.19.0";
   }.${system} or "";
 
   sha256 = {
-    x86_64-linux = "04rry33jccf65smzpjp1dhcirffdb7y36yn8whqaikhsavsawx3j";
+    x86_64-linux = "16qlgnqyi0jwzlz8wg2628jhh83xsk46bl6p4dnwi0ay07lhab9w";
   }.${system} or "";
 
   meta = with stdenv.lib; {
diff --git a/pkgs/tools/security/hcxdumptool/default.nix b/pkgs/tools/security/hcxdumptool/default.nix
index c7a5a998555..b59cef13942 100644
--- a/pkgs/tools/security/hcxdumptool/default.nix
+++ b/pkgs/tools/security/hcxdumptool/default.nix
@@ -2,13 +2,13 @@
 
 stdenv.mkDerivation rec {
   pname = "hcxdumptool";
-  version = "6.0.6";
+  version = "6.0.7";
 
   src = fetchFromGitHub {
     owner = "ZerBea";
     repo = "hcxdumptool";
     rev = version;
-    sha256 = "1b4d543y64ib92w9gcmiyjn5hz2vyjqmxk3f3yr1zk04fhw16gmf";
+    sha256 = "14w4f63nrcwhqj753rjif9cgs1xh1r1619827p69dz0v2x3xdvn1";
   };
 
   buildInputs = [ openssl ];
diff --git a/pkgs/tools/security/hcxtools/default.nix b/pkgs/tools/security/hcxtools/default.nix
index 5634ee6cff0..a81c1ef75cf 100644
--- a/pkgs/tools/security/hcxtools/default.nix
+++ b/pkgs/tools/security/hcxtools/default.nix
@@ -2,13 +2,13 @@
 
 stdenv.mkDerivation rec {
   pname = "hcxtools";
-  version = "6.0.2";
+  version = "6.0.3";
 
   src = fetchFromGitHub {
     owner = "ZerBea";
     repo = pname;
     rev = version;
-    sha256 = "0a36184igdgs2h83zr4zihc5acps91ipmgph37jakvzwrsn64ma6";
+    sha256 = "0s9l5mvzcv6hnj7h28piabnm66b09hk2l57vb85ny35w99hzpkc0";
   };
 
   buildInputs = [ curl openssl zlib ];
diff --git a/pkgs/tools/security/kbs2/default.nix b/pkgs/tools/security/kbs2/default.nix
new file mode 100644
index 00000000000..354b28b9fa2
--- /dev/null
+++ b/pkgs/tools/security/kbs2/default.nix
@@ -0,0 +1,42 @@
+{ stdenv, rustPlatform, fetchFromGitHub, installShellFiles, python3, libxcb, AppKit }:
+
+rustPlatform.buildRustPackage rec {
+  pname = "kbs2";
+  version = "0.1.1";
+
+  src = fetchFromGitHub {
+    owner = "woodruffw";
+    repo = pname;
+    rev = "v${version}";
+    sha256 = "0761g8cl9v7jj444vp83zq9f1shrddqq20pd41d5mbl6f8qpk4m5";
+  };
+
+  cargoSha256 = "0vzjkw1g6saz4nwy823dpip02jg2f21rsd8kkpra206b8i6q0mfg";
+
+  nativeBuildInputs = [ installShellFiles ]
+    ++ stdenv.lib.optionals stdenv.isLinux [ python3 ];
+
+  buildInputs = [ ]
+    ++ stdenv.lib.optionals stdenv.isLinux [ libxcb ]
+    ++ stdenv.lib.optionals stdenv.isDarwin [ AppKit ];
+
+  preCheck = ''
+    export HOME=$TMPDIR
+  '';
+
+  checkFlagsArray = [ "--skip=kbs2::config::tests::test_find_config_dir" ];
+
+  postInstall = ''
+    for shell in bash fish zsh; do
+      $out/bin/kbs2 --completions $shell > kbs2.$shell
+      installShellCompletion kbs2.$shell
+    done
+  '';
+
+  meta = with stdenv.lib; {
+    description = "A secret manager backed by age";
+    homepage = "https://github.com/woodruffw/kbs2";
+    license = licenses.mit;
+    maintainers = [ maintainers.marsam ];
+  };
+}
diff --git a/pkgs/tools/security/lynis/default.nix b/pkgs/tools/security/lynis/default.nix
index bbed166d759..d7f42479d0b 100644
--- a/pkgs/tools/security/lynis/default.nix
+++ b/pkgs/tools/security/lynis/default.nix
@@ -1,17 +1,17 @@
-{ stdenv, makeWrapper, fetchFromGitHub, gawk }:
+{ stdenv, makeWrapper, fetchFromGitHub, gawk, installShellFiles }:
 
 stdenv.mkDerivation rec {
   pname = "lynis";
-  version = "2.7.5";
+  version = "3.0.0";
 
   src = fetchFromGitHub {
     owner = "CISOfy";
     repo = pname;
     rev = version;
-    sha256 = "1lkkbvxm0rgrrlx0szaxmf8ghc3d26wal96sgqk84m37mvs1f7p0";
+    sha256 = "05p8h2ww4jcc6lgxrm796cbvlfmw26rxq5fmw0xxavbpadiw752j";
   };
 
-  nativeBuildInputs = [ makeWrapper ];
+  nativeBuildInputs = [ installShellFiles makeWrapper ];
 
   postPatch = ''
     grep -rl '/usr/local/lynis' ./ | xargs sed -i "s@/usr/local/lynis@$out/share/lynis@g"
@@ -22,6 +22,10 @@ stdenv.mkDerivation rec {
     cp -r include db default.prf $out/share/lynis/
     cp -a lynis $out/bin
     wrapProgram "$out/bin/lynis" --prefix PATH : ${stdenv.lib.makeBinPath [ gawk ]}
+
+    installManPage lynis.8
+    installShellCompletion --bash --name lynis.bash \
+      extras/bash_completion.d/lynis
   '';
 
   meta = with stdenv.lib; {
diff --git a/pkgs/tools/security/sn0int/default.nix b/pkgs/tools/security/sn0int/default.nix
index 9e9cbe2bb3a..8b99649e0c9 100644
--- a/pkgs/tools/security/sn0int/default.nix
+++ b/pkgs/tools/security/sn0int/default.nix
@@ -1,18 +1,18 @@
-{ lib, fetchFromGitHub, rustPlatform,
-  libsodium, libseccomp, sqlite, pkgconfig }:
+{ lib, fetchFromGitHub, rustPlatform, libsodium, libseccomp, sqlite, pkgconfig
+}:
 
 rustPlatform.buildRustPackage rec {
   pname = "sn0int";
-  version = "0.18.2";
+  version = "0.19.1";
 
   src = fetchFromGitHub {
     owner = "kpcyrd";
     repo = pname;
     rev = "v${version}";
-    sha256 = "0b21b0ryq03zrhqailg2iajirn30l358aj3k44lfnravr4h9zwkj";
+    sha256 = "10f1wblczxlww09f4dl8i9zzgpr14jj7s329wkvm7lafmwx3qrn5";
   };
 
-  cargoSha256 = "1pvn0sc325b5fh29m2l6cack4qfssa4lp3zhyb1qzkb3fmw3lgcy";
+  cargoSha256 = "1v0q751ylsfpdjwsbl20pvn7g75w503jwjl5kn5kc8xq3g0lnp65";
 
   nativeBuildInputs = [ pkgconfig ];
 
diff --git a/pkgs/tools/security/verifpal/default.nix b/pkgs/tools/security/verifpal/default.nix
index e1e5e100bd1..a3f3132aa3c 100644
--- a/pkgs/tools/security/verifpal/default.nix
+++ b/pkgs/tools/security/verifpal/default.nix
@@ -1,35 +1,29 @@
 { lib
 , fetchgit
-, buildGoPackage
+, buildGoModule
 , pigeon
 }:
 
-buildGoPackage rec {
+buildGoModule rec {
   pname = "verifpal";
-  version = "0.7.5";
-
-  goPackagePath = "github.com/SymbolicSoft/verifpal";
-  goDeps = ./deps.nix;
+  version = "0.13.7";
 
   src = fetchgit {
     url = "https://source.symbolic.software/verifpal/verifpal.git";
-    rev = version;
-    sha256 = "0njgn6j5qg5kgid6ddv23axhw5gwjbayhdjkj4ya08mnxndr284m";
+    rev = "v${version}";
+    sha256 = "1ia3mxwcvcxghga2vvhf6mia59cm3jl7vh8laywh421bfj42sh9d";
   };
 
-  nativeBuildInputs = [ pigeon ];
+  vendorSha256 = "0cmj6h103igg5pcs9c9wrcmrsf0mwp9vbgzf5amsnj1206ryb1p2";
 
-  postPatch = ''
-    sed -e 's|/bin/echo |echo |g' -i Makefile
-  '';
+  nativeBuildInputs = [ pigeon ];
 
-  buildPhase = ''
-    make -C go/src/$goPackagePath parser linux
-  '';
+  subPackages = [ "cmd/verifpal" ];
 
-  installPhase = ''
-    mkdir -p $out/bin
-    cp go/src/$goPackagePath/build/bin/linux/verifpal $out/bin/
+  # goversioninfo is for Windows only and can be skipped during go generate
+  preBuild = ''
+    substituteInPlace cmd/verifpal/main.go --replace "go:generate goversioninfo" "(disabled goversioninfo)"
+    go generate verifpal.com/cmd/verifpal
   '';
 
   meta = {
diff --git a/pkgs/tools/security/verifpal/deps.nix b/pkgs/tools/security/verifpal/deps.nix
deleted file mode 100644
index aaa4269416a..00000000000
--- a/pkgs/tools/security/verifpal/deps.nix
+++ /dev/null
@@ -1,12 +0,0 @@
-# file generated from go.mod using vgo2nix (https://github.com/adisbladis/vgo2nix)
-[
-  {
-    goPackagePath = "github.com/logrusorgru/aurora";
-    fetch = {
-      type = "git";
-      url = "https://github.com/logrusorgru/aurora";
-      rev = "94edacc10f9b";
-      sha256 = "0bhwy3rrd8mwb8xjwf44nj6vmxaj5hdvayvszr1rskkmz08l5v01";
-    };
-  }
-]
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-06-17 11:15:47 +0000