pyrox.dev / nixpkgs
lol
fork atom
nixpkgs / pkgs / tools / admin / trivy / default.nix
at 24.05-pre 57 lines 1.6 kB view raw
Fabian Affolter trivy: 0.46.1 -> 0.47.0
aabf7263
1{ lib 2, buildGoModule 3, fetchFromGitHub 4, testers 5, trivy 6}: 7 8buildGoModule rec { 9 pname = "trivy"; 10 version = "0.47.0"; 11 12 src = fetchFromGitHub { 13 owner = "aquasecurity"; 14 repo = pname; 15 rev = "refs/tags/v${version}"; 16 hash = "sha256-Ahy6wiBoOwS3MIrAIg2gIk2gkmphkCJUYAUtqVydA2Q="; 17 }; 18 19 # Hash mismatch on across Linux and Darwin 20 proxyVendor = true; 21 22 vendorHash = "sha256-qG4z52oVa3sgu8QKX8UbHsk/aSfacgZShX298WUu2oU="; 23 24 subPackages = [ "cmd/trivy" ]; 25 26 ldflags = [ 27 "-s" 28 "-w" 29 "-X=github.com/aquasecurity/trivy/pkg/version.ver=v${version}" 30 ]; 31 32 # Tests require network access 33 doCheck = false; 34 35 doInstallCheck = true; 36 37 passthru.tests.version = testers.testVersion { 38 package = trivy; 39 command = "trivy --version"; 40 version = "Version: v${version}"; 41 }; 42 43 meta = with lib; { 44 homepage = "https://github.com/aquasecurity/trivy"; 45 changelog = "https://github.com/aquasecurity/trivy/releases/tag/v${version}"; 46 description = "A simple and comprehensive vulnerability scanner for containers, suitable for CI"; 47 longDescription = '' 48 Trivy is a simple and comprehensive vulnerability scanner for containers 49 and other artifacts. A software vulnerability is a glitch, flaw, or 50 weakness present in the software or in an Operating System. Trivy detects 51 vulnerabilities of OS packages (Alpine, RHEL, CentOS, etc.) and 52 application dependencies (Bundler, Composer, npm, yarn, etc.). 53 ''; 54 license = licenses.asl20; 55 maintainers = with maintainers; [ fab jk ]; 56 }; 57}