tjh.dev
1{ lib
2, buildPythonPackage
3, fetchPypi
4, pyyaml
5, docker
6, dockerfile-parse
7, requests
8, stevedore
9, pbr
10, debian-inspector
11, regex
12, GitPython
13, prettytable
14, idna
15}:
16buildPythonPackage rec {
17 pname = "tern";
18 version = "2.5.0";
19
20 src = fetchPypi {
21 inherit pname version;
22 sha256 = "606c62944991b2cbcccf3f5353be693305d6d7d318c3865b9ecca49dbeab2727";
23 };
24
25 patches = [
26 # debut was renamed to debian-inspector
27 # https://github.com/tern-tools/tern/pull/962
28 # NOTE: Has to be in-tree because the upstream patch doesn't apply cleanly
29 # to the PyPi source.
30 ./0001-Replace-debut-with-debian-inspector.patch
31 ];
32
33 preBuild = ''
34 cp requirements.{in,txt}
35 '';
36
37 nativeBuildInputs = [
38 pbr
39 ];
40
41 propagatedBuildInputs = [
42 pyyaml
43 docker
44 dockerfile-parse
45 requests
46 stevedore
47 debian-inspector
48 regex
49 GitPython
50 prettytable
51 idna
52 ];
53
54 # No tests
55 doCheck = false;
56
57 pythonImportsCheck = [
58 "tern"
59 ];
60
61 meta = with lib; {
62 description = "A software composition analysis tool and Python library that generates a Software Bill of Materials for container images and Dockerfiles";
63 homepage = "https://github.com/tern-tools/tern";
64 license = licenses.bsd2;
65 maintainers = teams.determinatesystems.members;
66 };
67}