tjh.dev
nixpkgs mirror (for testing)
github.com/NixOS/nixpkgs
nix
1{
2 lib,
3 stdenv,
4 fetchurl,
5 jre,
6 makeDesktopItem,
7 copyDesktopItems,
8 runtimeShell,
9}:
10
11stdenv.mkDerivation rec {
12 pname = "zap";
13 version = "2.16.1";
14 src = fetchurl {
15 url = "https://github.com/zaproxy/zaproxy/releases/download/v${version}/ZAP_${version}_Linux.tar.gz";
16 sha256 = "sha256-Wy64MZsIUSGm6K1Q1p1n2++MhnFm9xqTe/yIjSR6KsE=";
17 };
18
19 desktopItems = [
20 (makeDesktopItem {
21 name = "zap";
22 exec = "zap";
23 icon = "zap";
24 desktopName = "Zed Attack Proxy";
25 categories = [
26 "Development"
27 "Security"
28 "System"
29 ];
30 })
31 ];
32
33 buildInputs = [ jre ];
34
35 nativeBuildInputs = [ copyDesktopItems ];
36
37 # From https://github.com/zaproxy/zaproxy/blob/master/zap/src/main/java/org/parosproxy/paros/Constant.java
38 version_tag = "20012000";
39
40 # Copying config and adding version tag before first use to avoid permission
41 # issues if zap tries to copy config on it's own.
42 installPhase = ''
43 runHook preInstall
44
45 mkdir -p $out/{bin,share}
46
47 cp -pR . "$out/share/${pname}/"
48
49 cat >> "$out/bin/${pname}" << EOF
50 #!${runtimeShell}
51 export PATH="${lib.makeBinPath [ jre ]}:\$PATH"
52 export JAVA_HOME='${jre}'
53 if ! [ -f "\$HOME/.ZAP/config.xml" ];then
54 mkdir -p "\$HOME/.ZAP"
55 head -n 2 $out/share/${pname}/xml/config.xml > "\$HOME/.ZAP/config.xml"
56 echo "<version>${version_tag}</version>" >> "\$HOME/.ZAP/config.xml"
57 tail -n +3 $out/share/${pname}/xml/config.xml >> "\$HOME/.ZAP/config.xml"
58 fi
59 exec "$out/share/${pname}/zap.sh" "\$@"
60 EOF
61
62 chmod u+x "$out/bin/${pname}"
63
64 runHook postInstall
65 '';
66
67 meta = with lib; {
68 homepage = "https://www.zaproxy.org/";
69 description = "Java application for web penetration testing";
70 maintainers = with maintainers; [
71 mog
72 rafael
73 ];
74 platforms = platforms.linux;
75 license = licenses.asl20;
76 mainProgram = "zap";
77 };
78}