pkgs/development/python-modules/python-jose/default.nix at fix-function-merge · tjh.dev/nixpkgs

tjh.dev / nixpkgs

Clone of https://github.com/NixOS/nixpkgs.git (to stress-test knotserver)

nixpkgs / pkgs / development / python-modules / python-jose / default.nix

at fix-function-merge 2.0 kB view raw

 1{
 2  lib,
 3  buildPythonPackage,
 4  fetchFromGitHub,
 5  fetchpatch,
 6
 7  # build-system
 8  setuptools,
 9
10  # dependencies
11  ecdsa,
12  rsa,
13  pyasn1,
14
15  # optional-dependencies
16  cryptography,
17  pycrypto,
18  pycryptodome,
19
20  # tests
21  pytestCheckHook,
22}:
23
24buildPythonPackage rec {
25  pname = "python-jose";
26  version = "3.3.0";
27  pyproject = true;
28
29  src = fetchFromGitHub {
30    owner = "mpdavis";
31    repo = pname;
32    rev = version;
33    hash = "sha256-6VGC6M5oyGCOiXcYp6mpyhL+JlcYZKIqOQU9Sm/TkKM=";
34  };
35
36  patches = [
37    (fetchpatch {
38      name = "CVE-2024-33663.patch";
39      url = "https://build.opensuse.org/public/source/openSUSE:Factory/python-python-jose/CVE-2024-33663.patch?rev=36cd8815411620042f56a3b81599b341";
40      hash = "sha256-uxOCa7Lg82zY2nuHzw6CbcymCKUodITrFU3lLY1XMFU=";
41    })
42    (fetchpatch {
43      name = "CVE-2024-33664.patch";
44      url = "https://build.opensuse.org/public/source/openSUSE:Factory/python-python-jose/CVE-2024-33664.patch?rev=36cd8815411620042f56a3b81599b341";
45      hash = "sha256-wx/U1T7t7TloP+dMXxGxEVB3bMC7e6epmN8RE8FKksM=";
46    })
47  ];
48
49  postPatch = ''
50    substituteInPlace setup.py \
51      --replace '"pytest-runner",' ""
52  '';
53
54  nativeBuildInputs = [ setuptools ];
55
56  propagatedBuildInputs = [
57    ecdsa
58    pyasn1
59    rsa
60  ];
61
62  passthru.optional-dependencies = {
63    cryptography = [ cryptography ];
64    pycrypto = [ pycrypto ];
65    pycryptodome = [ pycryptodome ];
66  };
67
68  pythonImportsCheck = [ "jose" ];
69
70  nativeCheckInputs = [
71    pytestCheckHook
72  ] ++ lib.flatten (lib.attrValues passthru.optional-dependencies);
73
74  disabledTests = [
75    # https://github.com/mpdavis/python-jose/issues/348
76    "TestBackendEcdsaCompatibility"
77  ];
78
79  meta = with lib; {
80    changelog = "https://github.com/mpdavis/python-jose/releases/tag/${version}";
81    homepage = "https://github.com/mpdavis/python-jose";
82    description = "JOSE implementation in Python";
83    license = licenses.mit;
84    maintainers = with maintainers; [ jhhuh ];
85  };
86}