nixpkgs/pkgs/tools/security/osv-detector/default.nix
stuebinm ff1a94e523 treewide: add meta.mainProgram to packages with a single binary
The nixpkgs-unstable channel's programs.sqlite was used to identify
packages producing exactly one binary, and these automatically added
to their package definitions wherever possible.
2024-03-19 03:14:51 +01:00

58 lines
1.3 KiB
Nix

{ lib
, buildGoModule
, fetchFromGitHub
, osv-detector
, testers
}:
buildGoModule rec {
pname = "osv-detector";
version = "0.11.1";
src = fetchFromGitHub {
owner = "G-Rath";
repo = pname;
rev = "v${version}";
hash = "sha256-vIkLrKyDeMfRe/0EPhlKlHAO6XB0/OFY5mTUHeZbcg8=";
};
vendorHash = "sha256-Rrosye8foVntoFDvDmyNuXgnEgjzcOXenOKBMZVCRio=";
ldflags = [
"-w"
"-s"
"-X main.version=${version}"
];
checkFlags =
let
skippedTests = [
# Disable tests requiring network access
"TestRun_ParseAs_CsvFile"
"TestRun_ParseAs_CsvRow"
"TestRun_DBs"
"TestRun_Lockfile"
"TestRun_ParseAsGlobal"
"TestRun_Ignores"
"TestRun_ParseAsSpecific"
"TestRun_Configs"
];
in
[ "-skip" "${builtins.concatStringsSep "|" skippedTests}" ];
passthru.tests.version = testers.testVersion {
package = osv-detector;
command = "osv-detector -version";
version = "osv-detector ${version} (unknown, commit none)";
};
meta = with lib; {
description = "Auditing tool for detecting vulnerabilities";
mainProgram = "osv-detector";
homepage = "https://github.com/G-Rath/osv-detector";
changelog = "https://github.com/G-Rath/osv-detector/releases/tag/v${version}";
license = licenses.mit;
maintainers = with maintainers; [ fab ];
};
}