diff options
author | Alyssa Ross <hi@alyssa.is> | 2021-04-09 18:28:16 +0000 |
---|---|---|
committer | Alyssa Ross <hi@alyssa.is> | 2021-04-12 18:46:15 +0000 |
commit | fd2e737e0678ee7d8081baef05b305146a2c0034 (patch) | |
tree | ac3e9b27576a0382335532d126f9a66d486bc638 /nixpkgs/pkgs/development/libraries/libhsts | |
parent | cc207d720b6aa836e256c1ee9842bc739e630a8a (diff) | |
parent | 9e377a6ce42dccd9b624ae4ce8f978dc892ba0e2 (diff) | |
download | nixlib-fd2e737e0678ee7d8081baef05b305146a2c0034.tar nixlib-fd2e737e0678ee7d8081baef05b305146a2c0034.tar.gz nixlib-fd2e737e0678ee7d8081baef05b305146a2c0034.tar.bz2 nixlib-fd2e737e0678ee7d8081baef05b305146a2c0034.tar.lz nixlib-fd2e737e0678ee7d8081baef05b305146a2c0034.tar.xz nixlib-fd2e737e0678ee7d8081baef05b305146a2c0034.tar.zst nixlib-fd2e737e0678ee7d8081baef05b305146a2c0034.zip |
Merge remote-tracking branch 'nixpkgs/nixos-unstable'
Diffstat (limited to 'nixpkgs/pkgs/development/libraries/libhsts')
-rw-r--r-- | nixpkgs/pkgs/development/libraries/libhsts/default.nix | 40 | ||||
-rwxr-xr-x | nixpkgs/pkgs/development/libraries/libhsts/update.sh | 13 |
2 files changed, 53 insertions, 0 deletions
diff --git a/nixpkgs/pkgs/development/libraries/libhsts/default.nix b/nixpkgs/pkgs/development/libraries/libhsts/default.nix new file mode 100644 index 000000000000..df53e7d294f2 --- /dev/null +++ b/nixpkgs/pkgs/development/libraries/libhsts/default.nix @@ -0,0 +1,40 @@ +{ lib, stdenv, fetchFromGitLab, fetchurl, autoconf-archive, autoreconfHook, pkg-config, python3 }: +let + chromium_version = "90.0.4417.1"; + + hsts_list = fetchurl { + url = "https://raw.github.com/chromium/chromium/${chromium_version}/net/http/transport_security_state_static.json"; + sha256 = "09f24n30x5dmqk8zk7k2glcilgr27832a3304wj1yp97158sqsfx"; + }; + +in +stdenv.mkDerivation rec { + pname = "libhsts"; + version = "0.1.0"; + + src = fetchFromGitLab { + owner = "rockdaboot"; + repo = pname; + rev = "libhsts-${version}"; + sha256 = "0gbchzf0f4xzb6zjc56dk74hqrmdgyirmgxvvsqp9vqn9wb5kkx4"; + }; + + postPatch = '' + pushd tests + cp ${hsts_list} transport_security_state_static.json + sed 's/^ *\/\/.*$//g' transport_security_state_static.json >hsts.json + popd + patchShebangs src/hsts-make-dafsa + ''; + + nativeBuildInputs = [ autoconf-archive autoreconfHook pkg-config python3 ]; + + outputs = [ "out" "dev" ]; + + meta = with lib; { + description = "Library to easily check a domain against the Chromium HSTS Preload list"; + homepage = "https://gitlab.com/rockdaboot/libhsts"; + license = with licenses; [ mit bsd3 ]; + maintainers = with maintainers; [ SuperSandro2000 ]; + }; +} diff --git a/nixpkgs/pkgs/development/libraries/libhsts/update.sh b/nixpkgs/pkgs/development/libraries/libhsts/update.sh new file mode 100755 index 000000000000..f80966e08c9a --- /dev/null +++ b/nixpkgs/pkgs/development/libraries/libhsts/update.sh @@ -0,0 +1,13 @@ +#!/usr/bin/env nix-shell +#!nix-shell -i bash -p curl jq + +set -euo pipefail -x + +cd "$(dirname "$0")" + +chromium_version=$(curl -s "https://api.github.com/repos/chromium/chromium/tags" | jq -r 'map(select(.prerelease | not)) | .[1].name') +sha256=$(nix-prefetch-url "https://raw.github.com/chromium/chromium/$chromium_version/net/http/transport_security_state_static.json") + +sed -e "0,/chromium_version/s/chromium_version = \".*\"/chromium_version = \"$chromium_version\"/" \ + -e "0,/sha256/s/sha256 = \".*\"/sha256 = \"$sha256\"/" \ + --in-place ./default.nix |