nixpkgs-suyu/pkgs/development/tools/analysis/cvehound/default.nix

46 lines
1 KiB
Nix

{ lib
, fetchFromGitHub
, coccinelle
, gnugrep
, python3
}:
python3.pkgs.buildPythonApplication rec {
pname = "cvehound";
version = "1.0.9";
src = fetchFromGitHub {
owner = "evdenis";
repo = "cvehound";
rev = version;
hash = "sha256-qwQfpelY1Air3wVQ3RziM/+MNOR3jiKmLpO2w6kXZwM=";
};
makeWrapperArgs = [
"--prefix PATH : ${lib.makeBinPath [ coccinelle gnugrep ]}"
];
propagatedBuildInputs = with python3.pkgs; [
lxml
setuptools
sympy
];
checkInputs = with python3.pkgs; [
GitPython
psutil
pytestCheckHook
];
# Tries to clone the kernel sources
doCheck = false;
meta = with lib; {
description = "Tool to check linux kernel source dump for known CVEs";
homepage = "https://github.com/evdenis/cvehound";
changelog = "https://github.com/evdenis/cvehound/blob/${src.rev}/ChangeLog";
# See https://github.com/evdenis/cvehound/issues/22
license = with licenses; [ gpl2Only gpl3Plus ];
maintainers = with maintainers; [ ambroisie ];
};
}