pyrox.dev
1{ lib
2, python3
3, fetchFromGitHub
4}:
5python3.pkgs.buildPythonApplication rec {
6 pname = "cyclonedx-python";
7 version = "0.4.3";
8
9 src = fetchFromGitHub {
10 owner = "CycloneDX";
11 repo = "cyclonedx-python";
12 rev = "v${version}";
13 sha256 = "BvG4aWBMsllW2L4lLsiRFUCPjgoDpHxN49fsUFdg7tQ=";
14 };
15
16 # They pin versions for exact version numbers because "A bill-of-material such
17 # as CycloneDX expects exact version numbers" -- but that's unnecessary with
18 # Nix.
19 preBuild = ''
20 sed "s@==.*'@'@" -i setup.py
21 '';
22
23 propagatedBuildInputs = with python3.pkgs; [
24 packageurl-python
25 requests
26 xmlschema
27 setuptools
28 requirements-parser
29 packaging
30 chardet
31 jsonschema
32 ];
33
34 # the tests want access to the cyclonedx binary
35 doCheck = false;
36
37 pythonImportsCheck = [
38 "cyclonedx"
39 ];
40
41 meta = with lib; {
42 description = "Creates CycloneDX Software Bill of Materials (SBOM) from Python projects";
43 homepage = "https://github.com/CycloneDX/cyclonedx-python";
44 license = licenses.asl20;
45 maintainers = teams.determinatesystems.members;
46 };
47}