tjh.dev / nixpkgs
nixpkgs mirror (for testing) github.com/NixOS/nixpkgs
nix
fork

Configure Feed

Select the types of activity you want to include in your feed.

nixpkgs / pkgs / by-name / tr / trivy / package.nix
at python-updates 75 lines 2.0 kB view raw
1{ 2 lib, 3 stdenv, 4 buildPackages, 5 buildGoModule, 6 fetchFromGitHub, 7 installShellFiles, 8 testers, 9 trivy, 10}: 11buildGoModule rec { 12 pname = "trivy"; 13 version = "0.69.0"; 14 15 src = fetchFromGitHub { 16 owner = "aquasecurity"; 17 repo = "trivy"; 18 tag = "v${version}"; 19 hash = "sha256-auCbZmVr7LzYrw+IOpXBZPUs2YmcPAzr5fo12vSyHeM="; 20 }; 21 22 # Hash mismatch on across Linux and Darwin 23 proxyVendor = true; 24 25 vendorHash = "sha256-GLHr2bLAt3jIOz+E38fryca3r9QqC31sjSOXXk3UP0w="; 26 27 subPackages = [ "cmd/trivy" ]; 28 29 ldflags = [ 30 "-s" 31 "-w" 32 "-X=github.com/aquasecurity/trivy/pkg/version/app.ver=${version}" 33 ]; 34 35 env.GOEXPERIMENT = "jsonv2"; 36 37 nativeBuildInputs = [ installShellFiles ]; 38 39 # Tests require network access 40 doCheck = false; 41 42 postInstall = lib.optionalString (stdenv.buildPlatform.canExecute stdenv.hostPlatform) '' 43 installShellCompletion --cmd trivy \ 44 --bash <($out/bin/trivy completion bash) \ 45 --fish <($out/bin/trivy completion fish) \ 46 --zsh <($out/bin/trivy completion zsh) 47 ''; 48 49 doInstallCheck = true; 50 51 passthru.tests.version = testers.testVersion { 52 package = trivy; 53 command = "trivy --version"; 54 version = "Version: ${version}"; 55 }; 56 57 meta = { 58 description = "Simple and comprehensive vulnerability scanner for containers, suitable for CI"; 59 homepage = "https://github.com/aquasecurity/trivy"; 60 changelog = "https://github.com/aquasecurity/trivy/releases/tag/v${version}"; 61 longDescription = '' 62 Trivy is a simple and comprehensive vulnerability scanner for containers 63 and other artifacts. A software vulnerability is a glitch, flaw, or 64 weakness present in the software or in an Operating System. Trivy detects 65 vulnerabilities of OS packages (Alpine, RHEL, CentOS, etc.) and 66 application dependencies (Bundler, Composer, npm, yarn, etc.). 67 ''; 68 mainProgram = "trivy"; 69 license = lib.licenses.asl20; 70 maintainers = with lib.maintainers; [ 71 fab 72 jk 73 ]; 74 }; 75}