pkgs/tools/security/bundler-audit/default.nix at devShellTools-shell · tjh.dev/nixpkgs

tjh.dev / nixpkgs

Clone of https://github.com/NixOS/nixpkgs.git (to stress-test knotserver)

nixpkgs / pkgs / tools / security / bundler-audit / default.nix

at devShellTools-shell 36 lines 983 B view raw

 1{
 2  bundlerEnv,
 3  ruby,
 4  lib,
 5  bundlerUpdateScript,
 6}:
 7
 8bundlerEnv rec {
 9  name = "${pname}-${version}";
10  pname = "bundler-audit";
11  version = (import ./gemset.nix).bundler-audit.version;
12
13  inherit ruby;
14  gemdir = ./.;
15
16  passthru.updateScript = bundlerUpdateScript "bundler-audit";
17
18  meta = with lib; {
19    description = "Patch-level verification for Bundler";
20    longDescription = ''
21      Features:
22      - Checks for vulnerable versions of gems in Gemfile.lock.
23      - Checks for insecure gem sources (http://).
24      - Allows ignoring certain advisories that have been manually worked around.
25      - Prints advisory information.
26      - Does not require a network connection.
27    '';
28    homepage = "https://github.com/rubysec/bundler-audit";
29    changelog = "https://github.com/rubysec/bundler-audit/blob/v${version}/ChangeLog.md";
30    license = licenses.gpl3Plus;
31    maintainers = with maintainers; [
32      nicknovitski
33    ];
34    platforms = platforms.unix;
35  };
36}