diff options
Diffstat (limited to 'nixpkgs/pkgs/development/tools/analysis')
11 files changed, 292 insertions, 36 deletions
diff --git a/nixpkgs/pkgs/development/tools/analysis/checkov/default.nix b/nixpkgs/pkgs/development/tools/analysis/checkov/default.nix index a33c8a5cb2b5..ca5010accdeb 100644 --- a/nixpkgs/pkgs/development/tools/analysis/checkov/default.nix +++ b/nixpkgs/pkgs/development/tools/analysis/checkov/default.nix @@ -22,14 +22,14 @@ with py.pkgs; buildPythonApplication rec { pname = "checkov"; - version = "2.3.356"; + version = "2.4.2"; format = "setuptools"; src = fetchFromGitHub { owner = "bridgecrewio"; repo = pname; rev = "refs/tags/${version}"; - hash = "sha256-Bz+A0QUUZ3Pvcw9XnRqm1fD/AjToJLSK+L/B81Kay20="; + hash = "sha256-PbgNTYrA1fWot+sLgoT9yUa0IImHwyQPSo267w16YmU="; }; patches = [ diff --git a/nixpkgs/pkgs/development/tools/analysis/checkstyle/default.nix b/nixpkgs/pkgs/development/tools/analysis/checkstyle/default.nix index 82394980fcf6..c19c59d730b1 100644 --- a/nixpkgs/pkgs/development/tools/analysis/checkstyle/default.nix +++ b/nixpkgs/pkgs/development/tools/analysis/checkstyle/default.nix @@ -1,12 +1,12 @@ { lib, stdenvNoCC, fetchurl, makeBinaryWrapper, jre }: stdenvNoCC.mkDerivation rec { - version = "10.12.1"; + version = "10.12.2"; pname = "checkstyle"; src = fetchurl { url = "https://github.com/checkstyle/checkstyle/releases/download/checkstyle-${version}/checkstyle-${version}-all.jar"; - sha256 = "sha256-K6pQjcvofybGEtRz1sTVhP534SoJsChg2psngVMIyrY="; + sha256 = "sha256-0vv04vPROCDjFo/mqkH4GXKEB8PvbU7qryGu+mzmShM="; }; nativeBuildInputs = [ makeBinaryWrapper ]; diff --git a/nixpkgs/pkgs/development/tools/analysis/cppcheck/default.nix b/nixpkgs/pkgs/development/tools/analysis/cppcheck/default.nix index 8b8127a4ba80..15709e4cc869 100644 --- a/nixpkgs/pkgs/development/tools/analysis/cppcheck/default.nix +++ b/nixpkgs/pkgs/development/tools/analysis/cppcheck/default.nix @@ -1,30 +1,43 @@ -{ lib -, stdenv +{ docbook_xsl +, docbook_xml_dtd_45 , fetchFromGitHub , installShellFiles +, lib +, libxslt , pcre +, pkg-config , python3 -, libxslt -, docbook_xsl -, docbook_xml_dtd_45 +, stdenv , which -, pkg-config }: -stdenv.mkDerivation rec { +stdenv.mkDerivation (finalAttrs: { pname = "cppcheck"; - version = "2.11"; + version = "2.11.1"; src = fetchFromGitHub { owner = "danmar"; repo = "cppcheck"; - rev = version; - hash = "sha256-Zu1Ly5KsgmjtsVQlBzgB/h+varfkyB73t8bxzqB3a3M="; + rev = finalAttrs.version; + hash = "sha256-ZQ1EgnC2JBc0AvSW8PtgMzJoWSPt04Xfh8dqOU+KMfw="; }; strictDeps = true; - nativeBuildInputs = [ pkg-config installShellFiles libxslt docbook_xsl docbook_xml_dtd_45 which python3 ]; - buildInputs = [ pcre (python3.withPackages (ps: [ps.pygments])) ]; + + nativeBuildInputs = [ + docbook_xsl + docbook_xml_dtd_45 + installShellFiles + libxslt + pkg-config + python3 + which + ]; + + buildInputs = [ + pcre + (python3.withPackages (ps: [ ps.pygments ])) + ]; makeFlags = [ "PREFIX=$(out)" "MATCHCOMPILER=yes" "FILESDIR=$(out)/share/cppcheck" "HAVE_RULES=yes" ]; @@ -58,15 +71,15 @@ stdenv.mkDerivation rec { runHook postInstallCheck ''; - meta = with lib; { + meta = { description = "A static analysis tool for C/C++ code"; + homepage = "http://cppcheck.sourceforge.net/"; + license = lib.licenses.gpl3Plus; longDescription = '' Check C/C++ code for memory leaks, mismatching allocation-deallocation, buffer overruns and more. ''; - homepage = "http://cppcheck.sourceforge.net/"; - license = licenses.gpl3Plus; - platforms = platforms.unix; - maintainers = with maintainers; [ joachifm ]; + maintainers = with lib.maintainers; [ joachifm ]; + platforms = lib.platforms.unix; }; -} +}) diff --git a/nixpkgs/pkgs/development/tools/analysis/flow/default.nix b/nixpkgs/pkgs/development/tools/analysis/flow/default.nix index 47ee7bc3fc29..4516de52b3e8 100644 --- a/nixpkgs/pkgs/development/tools/analysis/flow/default.nix +++ b/nixpkgs/pkgs/development/tools/analysis/flow/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "flow"; - version = "0.213.0"; + version = "0.214.0"; src = fetchFromGitHub { owner = "facebook"; repo = "flow"; rev = "v${version}"; - sha256 = "sha256-6w09lo1+gBiFU481a6wYGQmJ61yVwQhMOll7QUeXy0U="; + sha256 = "sha256-N3eunmUl08RPu54k1QQWqgKa9RS0uzVVI2f0kCbmb2w="; }; postPatch = '' diff --git a/nixpkgs/pkgs/development/tools/analysis/rizin/cutter.nix b/nixpkgs/pkgs/development/tools/analysis/rizin/cutter.nix index dd5f43b9d7a4..ab4d1289b924 100644 --- a/nixpkgs/pkgs/development/tools/analysis/rizin/cutter.nix +++ b/nixpkgs/pkgs/development/tools/analysis/rizin/cutter.nix @@ -1,44 +1,63 @@ { fetchFromGitHub, lib, mkDerivation +# for passthru.plugins +, pkgs # nativeBuildInputs , qmake, pkg-config, cmake # Qt , qtbase, qtsvg, qtwebengine, qttools # buildInputs +, graphviz , rizin , python3 , wrapQtAppsHook }: -mkDerivation rec { +let cutter = mkDerivation rec { pname = "cutter"; - version = "2.2.1"; + version = "2.3.0"; src = fetchFromGitHub { owner = "rizinorg"; repo = "cutter"; rev = "v${version}"; - hash = "sha256-rzMLPkL382webds7cnfanHy9BsV+8ARkl6aES5ckmO4="; + hash = "sha256-oQ3sLIGKMEw3k27aSFcrJqo0TgGkkBNdzl6GSoOIYak="; fetchSubmodules = true; }; nativeBuildInputs = [ cmake qmake pkg-config python3 wrapQtAppsHook ]; propagatedBuildInputs = [ python3.pkgs.pyside2 ]; - buildInputs = [ qtbase qttools qtsvg qtwebengine rizin python3 ]; + buildInputs = [ graphviz qtbase qttools qtsvg qtwebengine rizin python3 ]; cmakeFlags = [ "-DCUTTER_USE_BUNDLED_RIZIN=OFF" "-DCUTTER_ENABLE_PYTHON=ON" "-DCUTTER_ENABLE_PYTHON_BINDINGS=ON" + "-DCUTTER_ENABLE_GRAPHVIZ=ON" ]; preBuild = '' qtWrapperArgs+=(--prefix PYTHONPATH : "$PYTHONPATH") ''; + passthru = rec { + plugins = rizin.plugins // { + rz-ghidra = rizin.plugins.rz-ghidra.override { + inherit cutter qtbase qtsvg; + enableCutterPlugin = true; + }; + }; + withPlugins = filter: pkgs.callPackage ./wrapper.nix { + inherit rizin cutter; + isCutter = true; + plugins = filter plugins; + }; + }; + meta = with lib; { description = "Free and Open Source Reverse Engineering Platform powered by rizin"; homepage = src.meta.homepage; license = licenses.gpl3; + mainProgram = "cutter"; maintainers = with maintainers; [ mic92 dtzWill ]; }; -} +}; in cutter diff --git a/nixpkgs/pkgs/development/tools/analysis/rizin/default.nix b/nixpkgs/pkgs/development/tools/analysis/rizin/default.nix index 276057583f4e..cfc24aef9799 100644 --- a/nixpkgs/pkgs/development/tools/analysis/rizin/default.nix +++ b/nixpkgs/pkgs/development/tools/analysis/rizin/default.nix @@ -1,4 +1,5 @@ { lib +, pkgs # for passthru.plugins , stdenv , fetchurl , pkg-config @@ -8,11 +9,12 @@ , perl , zlib , openssl -, libuv , file +, libmspack , libzip , lz4 , xxHash +, xz , meson , python3 , cmake @@ -21,13 +23,13 @@ , tree-sitter }: -stdenv.mkDerivation rec { +let rizin = stdenv.mkDerivation rec { pname = "rizin"; - version = "0.5.2"; + version = "0.6.0"; src = fetchurl { url = "https://github.com/rizinorg/rizin/releases/download/v${version}/rizin-src-v${version}.tar.xz"; - hash = "sha256-cauA/DyKycgKEAANg4EoryigXTGg7hg5AMLFxuNQ7KM="; + hash = "sha256-apJJBu/fVHrFBGJ2f1rdU5AkNuekhi0sDiTKkbd2FQg="; }; mesonFlags = [ @@ -35,12 +37,23 @@ stdenv.mkDerivation rec { "-Duse_sys_magic=enabled" "-Duse_sys_libzip=enabled" "-Duse_sys_zlib=enabled" - "-Duse_sys_xxhash=enabled" "-Duse_sys_lz4=enabled" + "-Duse_sys_lzma=enabled" + "-Duse_sys_xxhash=enabled" "-Duse_sys_openssl=enabled" + "-Duse_sys_libmspack=enabled" "-Duse_sys_tree_sitter=enabled" + # this is needed for wrapping (adding plugins) to work + "-Dportable=true" ]; + # Normally, Rizin only looks for files in the install prefix. With + # portable=true, it instead looks for files in relation to the parent + # of the directory of the binary file specified in /proc/self/exe, + # caching it. This patch replaces the entire logic to only look at + # the env var NIX_RZ_PREFIX + patches = [ ./librz-wrapper-support.patch ]; + nativeBuildInputs = [ pkg-config meson @@ -77,9 +90,10 @@ stdenv.mkDerivation rec { zlib lz4 openssl - libuv + libmspack tree-sitter xxHash + xz ]; postPatch = '' @@ -90,11 +104,31 @@ stdenv.mkDerivation rec { --replace "import('python').find_installation()" "find_program('python3')" ''; + passthru = rec { + plugins = { + jsdec = pkgs.callPackage ./jsdec.nix { + inherit rizin openssl; + }; + rz-ghidra = pkgs.libsForQt5.callPackage ./rz-ghidra.nix { + inherit rizin openssl; + enableCutterPlugin = false; + }; + # sigdb isn't a real plugin, but it's separated from the main rizin + # derivation so that only those who need it will download it + sigdb = pkgs.callPackage ./sigdb.nix { }; + }; + withPlugins = filter: pkgs.callPackage ./wrapper.nix { + inherit rizin; + plugins = filter plugins; + }; + }; + meta = { description = "UNIX-like reverse engineering framework and command-line toolset."; homepage = "https://rizin.re/"; license = lib.licenses.gpl3Plus; + mainProgram = "rizin"; maintainers = with lib.maintainers; [ raskin makefu mic92 ]; platforms = with lib.platforms; unix; }; -} +}; in rizin diff --git a/nixpkgs/pkgs/development/tools/analysis/rizin/jsdec.nix b/nixpkgs/pkgs/development/tools/analysis/rizin/jsdec.nix new file mode 100644 index 000000000000..df291d169eb5 --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/rizin/jsdec.nix @@ -0,0 +1,35 @@ +{ lib +, stdenv +, fetchFromGitHub +, meson +, pkg-config +, ninja +, rizin +, openssl +}: + +stdenv.mkDerivation rec { + pname = "jsdec"; + version = "0.6.0"; + + src = fetchFromGitHub { + owner = "rizinorg"; + repo = "jsdec"; + rev = "v${version}"; + hash = "sha256-iVaxxPBIJRhZrmejAOL/Fb4k66mGsZOBs7UikgMj5WA="; + }; + + nativeBuildInputs = [ meson ninja pkg-config ]; + preConfigure = '' + cd p + ''; + mesonFlags = [ "-Djsc_folder=.." ]; + buildInputs = [ openssl rizin ]; + + meta = with lib; { + description = "Simple decompiler for Rizin"; + homepage = src.meta.homepage; + license = with licenses; [ asl20 bsd3 mit ]; + maintainers = with maintainers; [ chayleaf ]; + }; +} diff --git a/nixpkgs/pkgs/development/tools/analysis/rizin/librz-wrapper-support.patch b/nixpkgs/pkgs/development/tools/analysis/rizin/librz-wrapper-support.patch new file mode 100644 index 000000000000..23df0d22c69a --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/rizin/librz-wrapper-support.patch @@ -0,0 +1,13 @@ +diff --git a/librz/util/path.c b/librz/util/path.c +index 8ea3d67..f4a8918 100644 +--- a/librz/util/path.c ++++ b/librz/util/path.c +@@ -35,6 +35,8 @@ static void fini_portable_prefix(void) { + } + + static char *set_portable_prefix(void) { ++ return rz_sys_getenv("NIX_RZ_PREFIX"); ++ + char *pid_to_path = rz_sys_pid_to_path(rz_sys_getpid()); + if (!pid_to_path) { + return NULL; diff --git a/nixpkgs/pkgs/development/tools/analysis/rizin/rz-ghidra.nix b/nixpkgs/pkgs/development/tools/analysis/rizin/rz-ghidra.nix new file mode 100644 index 000000000000..d349a33af814 --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/rizin/rz-ghidra.nix @@ -0,0 +1,62 @@ +{ lib +, stdenv +, fetchFromGitHub +, fetchpatch +, cmake +# buildInputs +, rizin +, openssl +, pugixml +# optional buildInputs +, enableCutterPlugin ? true +, cutter +, qtbase +, qtsvg +}: + +stdenv.mkDerivation rec { + pname = "rz-ghidra"; + version = "0.6.0"; + + src = fetchFromGitHub { + owner = "rizinorg"; + repo = "rz-ghidra"; + rev = "v${version}"; + hash = "sha256-tQAurouRr6fP1tbIkfd0a9UfeYcwiU1BpjOTcooXkT0="; + fetchSubmodules = true; + }; + + patches = [ + (fetchpatch { + url = "https://github.com/rizinorg/rz-ghidra/pull/327/commits/eba20e2c743ed3dfc5d1be090a5018f7267baa49.patch"; + hash = "sha256-aoXFClXZBcOnHl+6lLYrnui7sRb3cRJQhQfNDLxHtcs="; + }) + ]; + + nativeBuildInputs = [ cmake ]; + buildInputs = [ + openssl + pugixml + rizin + ] ++ lib.optionals enableCutterPlugin [ + cutter + qtbase + qtsvg + ]; + + dontWrapQtApps = true; + + cmakeFlags = [ + "-DUSE_SYSTEM_PUGIXML=ON" + ] ++ lib.optionals enableCutterPlugin [ + "-DBUILD_CUTTER_PLUGIN=ON" + "-DCUTTER_INSTALL_PLUGDIR=share/rizin/cutter/plugins/native" + ]; + + meta = with lib; { + description = "Deep ghidra decompiler and sleigh disassembler integration for rizin"; + homepage = src.meta.homepage; + license = licenses.lgpl3; + maintainers = with maintainers; [ chayleaf ]; + }; +} diff --git a/nixpkgs/pkgs/development/tools/analysis/rizin/sigdb.nix b/nixpkgs/pkgs/development/tools/analysis/rizin/sigdb.nix new file mode 100644 index 000000000000..2c4bdaebbaba --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/rizin/sigdb.nix @@ -0,0 +1,36 @@ +{ lib +, fetchFromGitHub +, stdenvNoCC +}: + +stdenvNoCC.mkDerivation rec { + pname = "rizin-sigdb"; + version = "unstable-2023-02-13"; + + src = fetchFromGitHub { + owner = "rizinorg"; + # sigdb-source: source files (.pat and etc), around 2.5gb total + # sigdb: built and deflated .sig files, around 50mb total + repo = "sigdb"; + rev = "829baf835e3515923266898fd597f7f75046ebd2"; + hash = "sha256-zvGna2CEsDctc9P7hWTaz7kdtxAtPsXHNWOrRQ9ocdc="; + }; + + buildPhase = '' + mkdir installdir + cp -r elf pe installdir + .scripts/verify-sigs-install.sh + ''; + + installPhase = '' + mkdir -p $out/share/rizin + mv installdir $out/share/rizin/sigdb + ''; + + meta = with lib; { + description = "Rizin FLIRT Signature Database"; + homepage = src.meta.homepage; + license = licenses.lgpl3; + maintainers = with lib.maintainers; [ chayleaf ]; + }; +} diff --git a/nixpkgs/pkgs/development/tools/analysis/rizin/wrapper.nix b/nixpkgs/pkgs/development/tools/analysis/rizin/wrapper.nix new file mode 100644 index 000000000000..11d046c27f6d --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/rizin/wrapper.nix @@ -0,0 +1,44 @@ +{ lib +, makeWrapper +, symlinkJoin +, plugins +, rizin +, isCutter ? false +, cutter +}: + +let + unwrapped = if isCutter then cutter else rizin; +in +symlinkJoin { + name = "${unwrapped.pname}-with-plugins-${unwrapped.version}"; + + # NIX_RZ_PREFIX only changes where *Rizin* locates files (plugins, + # themes, etc). But we must change it even for wrapping Cutter, because + # Cutter plugins often have associated Rizin plugins. This means that + # $out (which NIX_RZ_PREFIX will be set to) must always contain Rizin + # files, even if we only wrap Cutter - so for Cutter, include Rizin to + # symlinkJoin paths. + paths = [ unwrapped ] ++ lib.optional isCutter rizin ++ plugins; + + nativeBuildInputs = [ makeWrapper ]; + + passthru = { + inherit unwrapped; + }; + + postBuild = '' + rm $out/bin/* + wrapperArgs=(--set NIX_RZ_PREFIX $out${ + lib.optionalString isCutter " --prefix XDG_DATA_DIRS : $out/share" + }) + for binary in $(ls ${unwrapped}/bin); do + makeWrapper ${unwrapped}/bin/$binary $out/bin/$binary "''${wrapperArgs[@]}" + done + ''; + + meta = unwrapped.meta // { + # prefer wrapped over unwrapped + priority = (unwrapped.meta.priority or 0) - 1; + }; +} |