pyrox.dev
1{ lib, buildPythonPackage, fetchFromGitHub
2, asn1crypto, oscrypto
3, cacert
4}:
5
6buildPythonPackage rec {
7 pname = "certvalidator";
8 version = "0.11.1";
9
10 src = fetchFromGitHub {
11 owner = "wbond";
12 repo = pname;
13 rev = version;
14 hash = "sha256-yVF7t4FuU3C9fDg67JeM7LWZZh/mv5F4EKmjlO4AuBY=";
15 };
16
17 propagatedBuildInputs = [ asn1crypto oscrypto ];
18
19 nativeCheckInputs = [ cacert ];
20 checkPhase = ''
21 # Tests are run with a custom executor/loader
22 # The regex to skip specific tests relies on negative lookahead of regular expressions
23 # We're skipping the few tests that rely on the network, fetching CRLs, OCSP or remote certificates
24 python -c 'import dev.tests; dev.tests.run("^(?!.*test_(basic_certificate_validator_tls|fetch|revocation|build_path)).*$")'
25 '';
26 pythonImportsCheck = [ "certvalidator" ];
27
28 meta = with lib; {
29 homepage = "https://github.com/wbond/certvalidator";
30 description = "Validates X.509 certificates and paths";
31 license = licenses.mit;
32 maintainers = with maintainers; [ baloo ];
33 };
34}