tjh.dev / nixpkgs
Clone of https://github.com/NixOS/nixpkgs.git (to stress-test knotserver)
fork atom
nixpkgs / pkgs / development / python-modules / bc-detect-secrets / default.nix
at devShellTools-shell 1.6 kB view raw
1{ 2 lib, 3 buildPythonPackage, 4 fetchFromGitHub, 5 gibberish-detector, 6 mock, 7 pkgs, 8 pyahocorasick, 9 pytestCheckHook, 10 pythonOlder, 11 pyyaml, 12 requests, 13 responses, 14 setuptools, 15 unidiff, 16}: 17 18buildPythonPackage rec { 19 pname = "bc-detect-secrets"; 20 version = "1.5.44"; 21 pyproject = true; 22 23 disabled = pythonOlder "3.8"; 24 25 src = fetchFromGitHub { 26 owner = "bridgecrewio"; 27 repo = "detect-secrets"; 28 tag = version; 29 hash = "sha256-cEhZo/HfCp6Cpx2zEX7THQQJH264NJvoCRrM+ci3RrE="; 30 }; 31 32 build-system = [ setuptools ]; 33 34 dependencies = [ 35 pyyaml 36 requests 37 unidiff 38 ]; 39 40 optional-dependencies = { 41 word_list = [ pyahocorasick ]; 42 gibberish = [ gibberish-detector ]; 43 }; 44 45 nativeCheckInputs = [ 46 mock 47 pkgs.gitMinimal 48 pytestCheckHook 49 responses 50 ] 51 ++ lib.flatten (builtins.attrValues optional-dependencies); 52 53 preCheck = '' 54 export HOME=$(mktemp -d); 55 ''; 56 57 disabledTests = [ 58 # Tests are failing for various reasons (missing git repo, missing test data, etc.) 59 "test_baseline_filters_out_known_secrets" 60 "test_make_decisions" 61 "test_saves_to_baseline" 62 "test_start_halfway" 63 "TestCreate" 64 "TestDiff" 65 "TestGetFilesToScan" 66 "TestLineNumberChanges" 67 "TestModifiesBaselineFromVersionChange" 68 ]; 69 70 pythonImportsCheck = [ "detect_secrets" ]; 71 72 meta = with lib; { 73 description = "Tool to detect secrets in the code"; 74 homepage = "https://github.com/bridgecrewio/detect-secrets"; 75 license = licenses.asl20; 76 maintainers = with maintainers; [ fab ]; 77 }; 78}