Merge pull request #302035 from fabaff/appthreat-vulnerability-db-bump

lol

python312Packages.apsw: 3.45.1.0 -> 3.45.2.0, python312Packages.appthreat-vulnerability-db: 5.6.6 -> 5.6.7, dep-scan: 5.2.14 -> 5.3.2

authored by

Fabian Affolter and committed by

GitHub 2 years ago 9207dabe def4bb02

+46 -112

6 changed files

expand all

pkgs

by-name

dep-scan

package.nix

development

python-modules

appthreat-vulnerability-db

default.nix

apsw

default.nix

tools

appthreat-depscan

default.nix

top-level

aliases.nix

all-packages.nix

+8 -14

pkgs/by-name/de/dep-scan/package.nix

··· 1 - { lib 2 - , python3 3 - , fetchFromGitHub 1 + { 2 + lib, 3 + fetchFromGitHub, 4 + python3, 4 5 }: 5 6 6 7 python3.pkgs.buildPythonApplication rec { 7 8 pname = "dep-scan"; 8 - version = "5.2.14"; 9 + version = "5.3.2"; 9 10 pyproject = true; 10 11 11 12 src = fetchFromGitHub { 12 13 owner = "owasp-dep-scan"; 13 14 repo = "dep-scan"; 14 15 rev = "refs/tags/v${version}"; 15 - hash = "sha256-G8i/tGEDgjPnIP04nrbx4HseiaU6N1GJGSg78yhaqII="; 16 + hash = "sha256-2WV4f9vHdfnzoQWvwK/+lT9IS0v0sGBqnwDFHWG48G4="; 16 17 }; 17 18 18 19 postPatch = '' 19 20 substituteInPlace pytest.ini \ 20 21 --replace-fail " --cov-append --cov-report term --cov depscan" "" 21 - # Already fixed by upstream 22 - substituteInPlace pyproject.toml \ 23 - --replace-fail "==5.6.4" ">=5.6.4" 24 22 ''; 25 23 26 - build-system = with python3.pkgs; [ 27 - setuptools 28 - ]; 24 + build-system = with python3.pkgs; [ setuptools ]; 29 25 30 26 dependencies = with python3.pkgs; [ 31 27 appthreat-vulnerability-db ··· 47 43 pytestCheckHook 48 44 ]; 49 45 50 - pythonImportsCheck = [ 51 - "depscan" 52 - ]; 46 + pythonImportsCheck = [ "depscan" ]; 53 47 54 48 preCheck = '' 55 49 export HOME=$(mktemp -d)

+22 -29

pkgs/development/python-modules/appthreat-vulnerability-db/default.nix

··· 1 - { lib 2 - , appdirs 3 - , buildPythonPackage 4 - , cvss 5 - , fetchFromGitHub 6 - , httpx 7 - , msgpack 8 - , orjson 9 - , packageurl-python 10 - , pytestCheckHook 11 - , pythonOlder 12 - , pythonRelaxDepsHook 13 - , semver 14 - , setuptools 15 - , tabulate 1 + { 2 + lib, 3 + appdirs, 4 + buildPythonPackage, 5 + cvss, 6 + fetchFromGitHub, 7 + httpx, 8 + msgpack, 9 + orjson, 10 + packageurl-python, 11 + pytestCheckHook, 12 + pythonOlder, 13 + pythonRelaxDepsHook, 14 + semver, 15 + setuptools, 16 + tabulate, 16 17 }: 17 18 18 19 buildPythonPackage rec { 19 20 pname = "appthreat-vulnerability-db"; 20 - version = "5.6.6"; 21 + version = "5.6.7"; 21 22 pyproject = true; 22 23 23 24 disabled = pythonOlder "3.10"; ··· 26 27 owner = "AppThreat"; 27 28 repo = "vulnerability-db"; 28 29 rev = "refs/tags/v${version}"; 29 - hash = "sha256-wVl2C1AG9LbSh/p95fstJyJr6JnhZFIhNvq8mhpg13Q="; 30 + hash = "sha256-/QzK+su+g2ESZ81C0coxKf13WOUVz1GyfJbOrO7fS98="; 30 31 }; 31 32 32 33 postPatch = '' ··· 39 40 "semver" 40 41 ]; 41 42 42 - build-system = [ 43 - setuptools 44 - ]; 43 + build-system = [ setuptools ]; 45 44 46 - nativeBuildInputs = [ 47 - pythonRelaxDepsHook 48 - ]; 45 + nativeBuildInputs = [ pythonRelaxDepsHook ]; 49 46 50 47 dependencies = [ 51 48 appdirs ··· 58 55 tabulate 59 56 ] ++ httpx.optional-dependencies.http2; 60 57 61 - nativeCheckInputs = [ 62 - pytestCheckHook 63 - ]; 58 + nativeCheckInputs = [ pytestCheckHook ]; 64 59 65 60 preCheck = '' 66 61 export HOME=$(mktemp -d); ··· 72 67 "test_download_recent" 73 68 ]; 74 69 75 - pythonImportsCheck = [ 76 - "vdb" 77 - ]; 70 + pythonImportsCheck = [ "vdb" ]; 78 71 79 72 meta = with lib; { 80 73 description = "Vulnerability database and package search for sources such as OSV, NVD, GitHub and npm";

+15 -14

pkgs/development/python-modules/apsw/default.nix

··· 1 - { lib 2 - , buildPythonPackage 3 - , fetchFromGitHub 4 - , sqlite 5 - , isPyPy 6 - , python 1 + { 2 + lib, 3 + buildPythonPackage, 4 + fetchFromGitHub, 5 + python, 6 + pythonOlder, 7 + setuptools, 8 + sqlite, 7 9 }: 8 10 9 11 buildPythonPackage rec { 10 12 pname = "apsw"; 11 13 version = "3.45.2.0"; 12 - format = "setuptools"; 14 + pyproject = true; 13 15 14 - disabled = isPyPy; 16 + disabled = pythonOlder "3.8"; 15 17 16 18 src = fetchFromGitHub { 17 19 owner = "rogerbinns"; ··· 20 22 hash = "sha256-tTi3/10W4OoGH6PQVhvPWc5o09on5BZrWoAvrfh4C/E="; 21 23 }; 22 24 23 - buildInputs = [ 24 - sqlite 25 - ]; 25 + build-system = [ setuptools ]; 26 + 27 + buildInputs = [ sqlite ]; 26 28 27 29 # Project uses custom test setup to exclude some tests by default, so using pytest 28 30 # requires more maintenance ··· 31 33 ${python.interpreter} setup.py test 32 34 ''; 33 35 34 - pythonImportsCheck = [ 35 - "apsw" 36 - ]; 36 + pythonImportsCheck = [ "apsw" ]; 37 37 38 38 meta = with lib; { 39 39 description = "A Python wrapper for the SQLite embedded relational database engine"; 40 40 homepage = "https://github.com/rogerbinns/apsw"; 41 + changelog = "https://github.com/rogerbinns/apsw/releases/tag/${version}"; 41 42 license = licenses.zlib; 42 43 maintainers = with maintainers; [ gador ]; 43 44 };

-53

pkgs/development/tools/appthreat-depscan/default.nix

··· 1 - { lib 2 - , fetchFromGitHub 3 - , python3 4 - }: 5 - 6 - python3.pkgs.buildPythonApplication rec { 7 - pname = "appthreat-depscan"; 8 - version = "3.6.0"; 9 - 10 - src = fetchFromGitHub { 11 - owner = "AppThreat"; 12 - repo = "dep-scan"; 13 - rev = "refs/tags/v${version}"; 14 - hash = "sha256-U8vHwdL1O54X0jPhcjTN/J1U7dKQgFEMfc6lbXe2Ff0="; 15 - }; 16 - 17 - propagatedBuildInputs = with python3.pkgs; [ 18 - appthreat-vulnerability-db 19 - defusedxml 20 - pyyaml 21 - rich 22 - ]; 23 - 24 - nativeCheckInputs = with python3.pkgs; [ 25 - pytestCheckHook 26 - ]; 27 - 28 - postPatch = '' 29 - substituteInPlace pytest.ini \ 30 - --replace " --cov-append --cov-report term --cov depscan" "" 31 - ''; 32 - 33 - preCheck = '' 34 - export HOME=$(mktemp -d); 35 - ''; 36 - 37 - disabledTests = [ 38 - # Assertion Error 39 - "test_query_metadata2" 40 - ]; 41 - 42 - pythonImportsCheck = [ 43 - "depscan" 44 - ]; 45 - 46 - meta = with lib; { 47 - description = "Tool to audit dependencies based on known vulnerabilities and advisories"; 48 - homepage = "https://github.com/AppThreat/dep-scan"; 49 - changelog = "https://github.com/AppThreat/dep-scan/releases/tag/v${version}"; 50 - license = with licenses; [ mit ]; 51 - maintainers = with maintainers; [ fab ]; 52 - }; 53 - }

pkgs/top-level/aliases.nix

··· 76 76 ansible_2_13 = throw "Ansible 2.13 goes end of life in 2023/11"; # Added 2023-12-30 77 77 apacheAnt_1_9 = throw "Ant 1.9 has been removed since it's not used in nixpkgs anymore"; # Added 2023-11-12 78 78 antimicroX = antimicrox; # Added 2021-10-31 79 + appthreat-depscan = dep-scan; # Added 2024-04-10 79 80 arcanPackages = throw "arcanPackages was removed and its sub-attributes were promoted to top-level"; # Added 2023-11-26 80 81 archiveopteryx = throw "archiveopteryx depended on an unsupported version of OpenSSL and was unmaintained"; # Added 2024-01-03 81 82 ardour_6 = throw "ardour_6 has been removed in favor of newer versions"; # Added 2023-10-13

-2

pkgs/top-level/all-packages.nix

··· 299 299 300 300 melange = callPackage ../development/tools/melange { }; 301 301 302 - appthreat-depscan = callPackage ../development/tools/appthreat-depscan { }; 303 - 304 302 activate-linux = callPackage ../applications/misc/activate-linux { }; 305 303 306 304 ansi = callPackage ../development/tools/ansi { };