pkgs/tools/security/ioc-scan/default.nix at netboot-syslinux-multiplatform · tjh.dev/nixpkgs

tjh.dev / nixpkgs

Clone of https://github.com/NixOS/nixpkgs.git (to stress-test knotserver)

nixpkgs / pkgs / tools / security / ioc-scan / default.nix

at netboot-syslinux-multiplatform 43 lines 945 B view raw

 1{ lib
 2, fetchFromGitHub
 3, python3
 4}:
 5
 6python3.pkgs.buildPythonApplication rec {
 7  pname = "ioc-scan";
 8  version = "1.5.0";
 9  format = "setuptools";
10
11  src = fetchFromGitHub {
12    owner = "cisagov";
13    repo = "ioc-scanner";
14    rev = "refs/tags/v${version}";
15    hash = "sha256-dRrLd41HVVHJse7nkem8Cy+ltfJRnJiWrX/WShMfcOw=";
16  };
17
18  postPatch = ''
19    substituteInPlace pytest.ini \
20      --replace " --cov" ""
21  '';
22
23  propagatedBuildInputs = with python3.pkgs; [
24    docopt
25  ];
26
27  nativeCheckInputs = with python3.pkgs; [
28    pyfakefs
29    pytestCheckHook
30  ];
31
32  pythonImportsCheck = [
33    "ioc_scan"
34  ];
35
36  meta = with lib; {
37    description = "Tool to search a filesystem for indicators of compromise (IoC)";
38    homepage = "https://github.com/cisagov/ioc-scanner";
39    changelog = "https://github.com/cisagov/ioc-scanner/releases/tag/v${version}";
40    license = with licenses; [ cc0 ];
41    maintainers = with maintainers; [ fab ];
42  };
43}