diff --git a/pkgs/tools/security/sequoia-sqv/default.nix b/pkgs/tools/security/sequoia-sqv/default.nix new file mode 100644 index 000000000000..b09002602575 --- /dev/null +++ b/pkgs/tools/security/sequoia-sqv/default.nix @@ -0,0 +1,60 @@ +{ stdenv +, fetchFromGitLab +, lib +, nettle +, nix-update-script +, rustPlatform +, pkg-config +, installShellFiles +}: + +rustPlatform.buildRustPackage rec { + pname = "sequoia-sqv"; + version = "1.1.0"; + + src = fetchFromGitLab { + owner = "sequoia-pgp"; + repo = "sequoia-sqv"; + rev = "v${version}"; + hash = "sha256-KoB9YnPNE2aB5MW5G9r6Bk+1QnANVSKA2dp3ufSJ44M="; + }; + + cargoHash = "sha256-uwOU/yyh3eoD10El7Oe9E97F3dvPuXMHQhpnWEJ1gnI="; + + nativeBuildInputs = [ + pkg-config + rustPlatform.bindgenHook + installShellFiles + ]; + + buildInputs = [ + nettle + ]; + # Otherwise, the shell completion files are not built + cargoBuildFlags = [ + "--package" "sequoia-sqv" + ]; + # Use a predictable target directory, to access it when installing shell + # completion files. + preBuild = '' + export CARGO_TARGET_DIR="$(pwd)/target" + ''; + postInstall = '' + installShellCompletion --cmd sqv \ + --zsh target/_sqv \ + --bash target/sqv.bash \ + --fish target/sqv.fish + ''; + + doCheck = true; + + passthru.updateScript = nix-update-script { }; + + meta = with lib; { + description = "A command-line OpenPGP signature verification tool"; + homepage = "https://docs.sequoia-pgp.org/sqv/"; + license = licenses.gpl2Plus; + maintainers = with maintainers; [ doronbehar ]; + mainProgram = "sqv"; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index d9e4b88db37f..28e9a166ca01 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -12447,6 +12447,8 @@ with pkgs; sequoia-sq = callPackage ../tools/security/sequoia-sq { }; + sequoia-sqv = callPackage ../tools/security/sequoia-sqv { }; + sequoia-chameleon-gnupg = callPackage ../tools/security/sequoia-chameleon-gnupg { }; sewer = callPackage ../tools/admin/sewer { };