From 6df6f276a36d2cc18472e467f94226dd2795f6ba Mon Sep 17 00:00:00 2001
From: "Frederick F. Kautz IV" <fkautz@alumni.cmu.edu>
Date: Sun, 6 Feb 2022 16:15:14 -0800
Subject: witness: init at 0.1.1

Co-authored-by: zowoq <59103226+zowoq@users.noreply.github.com>
Co-authored-by: Patrick Hilhorst <git@hilhorst.be>
Signed-off-by: Frederick F. Kautz IV <fkautz@alumni.cmu.edu>
---
 pkgs/tools/security/witness/default.nix | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)
 create mode 100644 pkgs/tools/security/witness/default.nix

(limited to 'pkgs/tools/security')

diff --git a/pkgs/tools/security/witness/default.nix b/pkgs/tools/security/witness/default.nix
new file mode 100644
index 00000000000..571685afb40
--- /dev/null
+++ b/pkgs/tools/security/witness/default.nix
@@ -0,0 +1,25 @@
+{ lib, buildGoModule, fetchFromGitHub }:
+
+buildGoModule rec {
+  pname = "witness";
+  version = "0.1.1";
+
+  src = fetchFromGitHub {
+    owner = "testifysec";
+    repo = pname;
+    rev = "v${version}";
+    sha256 = "sha256-NnDsiDUTCdjsHVA/mHnB8WRnvwFTzETkWUOd7IgMIWE=";
+  };
+
+  vendorSha256 = "sha256-zkLparWJsuqrhOQxxV37dBqt6fwpSinTO+paJkbl+sM=";
+
+  # We only want the witness binary, not the helper utilities for generating docs.
+  subPackages = [ "cmd/witness" ];
+
+  meta = with lib; {
+    description = "A pluggable framework for software supply chain security. Witness prevents tampering of build materials and verifies the integrity of the build process from source to target";
+    homepage = "https://github.com/testifysec/witness";
+    license = licenses.asl20;
+    maintainers = with maintainers; [ fkautz ];
+  };
+}
-- 
cgit 1.4.1