about summary refs log tree commit diff
path: root/pkgs/tools/security/bundler-audit
diff options
context:
space:
mode:
authorMichael Weiss <dev.primeos@gmail.com>2019-04-02 17:21:22 +0200
committerMichael Weiss <dev.primeos@gmail.com>2019-04-02 17:53:25 +0200
commit4572e79ef9e0d1017424f4b4eee7600028cb732a (patch)
tree113469907563fd706f5bcdd73f5793bdfb442892 /pkgs/tools/security/bundler-audit
parent69555825f84a0f81c32097913088ab586e12b982 (diff)
downloadnixlib-4572e79ef9e0d1017424f4b4eee7600028cb732a.tar
nixlib-4572e79ef9e0d1017424f4b4eee7600028cb732a.tar.gz
nixlib-4572e79ef9e0d1017424f4b4eee7600028cb732a.tar.bz2
nixlib-4572e79ef9e0d1017424f4b4eee7600028cb732a.tar.lz
nixlib-4572e79ef9e0d1017424f4b4eee7600028cb732a.tar.xz
nixlib-4572e79ef9e0d1017424f4b4eee7600028cb732a.tar.zst
nixlib-4572e79ef9e0d1017424f4b4eee7600028cb732a.zip
bundler-audit: init at 0.6.1
Diffstat (limited to 'pkgs/tools/security/bundler-audit')
-rw-r--r--pkgs/tools/security/bundler-audit/Gemfile2


-rw-r--r--pkgs/tools/security/bundler-audit/Gemfile.lock16


-rw-r--r--pkgs/tools/security/bundler-audit/default.nix26


-rw-r--r--pkgs/tools/security/bundler-audit/gemset.nix19


4 files changed, 63 insertions, 0 deletions
diff --git a/pkgs/tools/security/bundler-audit/Gemfile b/pkgs/tools/security/bundler-audit/Gemfile
new file mode 100644
index 000000000000..f9fb0e329bd4
--- /dev/null
+++ b/pkgs/tools/security/bundler-audit/Gemfile
@@ -0,0 +1,2 @@
+source 'https://rubygems.org'
+gem 'bundler-audit'
diff --git a/pkgs/tools/security/bundler-audit/Gemfile.lock b/pkgs/tools/security/bundler-audit/Gemfile.lock
new file mode 100644
index 000000000000..28cbcf5a9a66
--- /dev/null
+++ b/pkgs/tools/security/bundler-audit/Gemfile.lock
@@ -0,0 +1,16 @@
+GEM
+  remote: https://rubygems.org/
+  specs:
+    bundler-audit (0.6.1)
+      bundler (>= 1.2.0, < 3)
+      thor (~> 0.18)
+    thor (0.20.3)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  bundler-audit
+
+BUNDLED WITH
+   1.14.6
diff --git a/pkgs/tools/security/bundler-audit/default.nix b/pkgs/tools/security/bundler-audit/default.nix
new file mode 100644
index 000000000000..8b19b6103d4a
--- /dev/null
+++ b/pkgs/tools/security/bundler-audit/default.nix
@@ -0,0 +1,26 @@
+{ bundlerEnv, ruby, lib }:
+
+bundlerEnv rec {
+  name = "${pname}-${version}";
+  pname = "bundler-audit";
+  version = (import ./gemset.nix).bundler-audit.version;
+
+  inherit ruby;
+  gemdir = ./.;
+
+  meta = with lib; {
+    description = "Patch-level verification for Bundler";
+    longDescription = ''
+      Features:
+      - Checks for vulnerable versions of gems in Gemfile.lock.
+      - Checks for insecure gem sources (http://).
+      - Allows ignoring certain advisories that have been manually worked around.
+      - Prints advisory information.
+      - Does not require a network connection.
+    '';
+    homepage    = https://github.com/rubysec/bundler-audit;
+    license     = licenses.gpl3Plus;
+    maintainers = with maintainers; [ primeos ];
+    platforms   = platforms.unix;
+  };
+}
diff --git a/pkgs/tools/security/bundler-audit/gemset.nix b/pkgs/tools/security/bundler-audit/gemset.nix
new file mode 100644
index 000000000000..56d78b3e8f16
--- /dev/null
+++ b/pkgs/tools/security/bundler-audit/gemset.nix
@@ -0,0 +1,19 @@
+{
+  bundler-audit = {
+    dependencies = ["thor"];
+    source = {
+      remotes = ["https://rubygems.org"];
+      sha256 = "0pm22xpn3xyymsainixnrk8v3l3xi9bzwkjkspx00cfzp84xvxbq";
+      type = "gem";
+    };
+    version = "0.6.1";
+  };
+  thor = {
+    source = {
+      remotes = ["https://rubygems.org"];
+      sha256 = "1yhrnp9x8qcy5vc7g438amd5j9sw83ih7c30dr6g6slgw9zj3g29";
+      type = "gem";
+    };
+    version = "0.20.3";
+  };
+}
\ No newline at end of file

 

generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-21 22:47:30 +0000