pkgs/development/libraries/libhsts/default.nix at netboot-syslinux-multiplatform · tjh.dev/nixpkgs

tjh.dev / nixpkgs

Clone of https://github.com/NixOS/nixpkgs.git (to stress-test knotserver)

nixpkgs / pkgs / development / libraries / libhsts / default.nix

at netboot-syslinux-multiplatform 40 lines 1.2 kB view raw

 1{ lib, stdenv, fetchFromGitLab, fetchurl, autoconf-archive, autoreconfHook, pkg-config, python3 }:
 2let
 3  chromium_version = "90.0.4417.1";
 4
 5  hsts_list = fetchurl {
 6    url = "https://raw.github.com/chromium/chromium/${chromium_version}/net/http/transport_security_state_static.json";
 7    sha256 = "09f24n30x5dmqk8zk7k2glcilgr27832a3304wj1yp97158sqsfx";
 8  };
 9
10in
11stdenv.mkDerivation rec {
12  pname = "libhsts";
13  version = "0.1.0";
14
15  src = fetchFromGitLab {
16    owner = "rockdaboot";
17    repo = pname;
18    rev = "libhsts-${version}";
19    sha256 = "0gbchzf0f4xzb6zjc56dk74hqrmdgyirmgxvvsqp9vqn9wb5kkx4";
20  };
21
22  postPatch = ''
23    pushd tests
24    cp ${hsts_list} transport_security_state_static.json
25    sed 's/^ *\/\/.*$//g' transport_security_state_static.json >hsts.json
26    popd
27    patchShebangs src/hsts-make-dafsa
28  '';
29
30  nativeBuildInputs = [ autoconf-archive autoreconfHook pkg-config python3 ];
31
32  outputs = [ "out" "dev" ];
33
34  meta = with lib; {
35    description = "Library to easily check a domain against the Chromium HSTS Preload list";
36    homepage = "https://gitlab.com/rockdaboot/libhsts";
37    license = with licenses; [ mit bsd3 ];
38    maintainers = with maintainers; [ SuperSandro2000 ];
39  };
40}