pkgs/by-name/pi/pip-audit/package.nix at devShellTools-shell · tjh.dev/nixpkgs

tjh.dev / nixpkgs

Clone of https://github.com/NixOS/nixpkgs.git (to stress-test knotserver)

nixpkgs / pkgs / by-name / pi / pip-audit / package.nix

at devShellTools-shell 70 lines 1.5 kB view raw

 1{
 2  lib,
 3  fetchFromGitHub,
 4  python3,
 5}:
 6
 7python3.pkgs.buildPythonApplication rec {
 8  pname = "pip-audit";
 9  version = "2.9.0";
10  format = "pyproject";
11
12  src = fetchFromGitHub {
13    owner = "trailofbits";
14    repo = "pip-audit";
15    tag = "v${version}";
16    hash = "sha256-j8ZKqE7PEwaCTUNnJunqM0A2eyuWfx8zG5i3nmZERow=";
17  };
18
19  build-system = with python3.pkgs; [ flit-core ];
20
21  dependencies =
22    with python3.pkgs;
23    [
24      cachecontrol
25      cyclonedx-python-lib
26      html5lib
27      packaging
28      pip-api
29      pip-requirements-parser
30      platformdirs
31      rich
32      toml
33    ]
34    ++ cachecontrol.optional-dependencies.filecache;
35
36  nativeCheckInputs = with python3.pkgs; [
37    pretend
38    pytestCheckHook
39  ];
40
41  pythonImportsCheck = [ "pip_audit" ];
42
43  preCheck = ''
44    export HOME=$(mktemp -d);
45  '';
46
47  disabledTestPaths = [
48    # Tests require network access
49    "test/dependency_source/test_requirement.py"
50    "test/service/test_pypi.py"
51    "test/service/test_osv.py"
52  ];
53
54  disabledTests = [
55    # Tests requrire network access
56    "test_get_pip_cache"
57    "test_virtual_env"
58    "test_pyproject_source"
59    "test_pyproject_source_duplicate_deps"
60  ];
61
62  meta = with lib; {
63    description = "Tool for scanning Python environments for known vulnerabilities";
64    homepage = "https://github.com/trailofbits/pip-audit";
65    changelog = "https://github.com/pypa/pip-audit/releases/tag/${src.tag}";
66    license = licenses.asl20;
67    maintainers = with maintainers; [ fab ];
68    mainProgram = "pip-audit";
69  };
70}