diff options
Diffstat (limited to 'nixpkgs/pkgs/development/tools/analysis')
64 files changed, 2827 insertions, 0 deletions
diff --git a/nixpkgs/pkgs/development/tools/analysis/autoflake/default.nix b/nixpkgs/pkgs/development/tools/analysis/autoflake/default.nix new file mode 100644 index 000000000000..884b511b8af1 --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/autoflake/default.nix @@ -0,0 +1,23 @@ +{ lib, stdenv, python3Packages }: + +with python3Packages; +buildPythonApplication rec { + pname = "autoflake"; + version = "1.4"; + + src = fetchPypi { + inherit pname version; + sha256 = "61a353012cff6ab94ca062823d1fb2f692c4acda51c76ff83a8d77915fba51ea"; + }; + + propagatedBuildInputs = [ pyflakes ]; + + doCheck = true; + + meta = with lib; { + homepage = "https://github.com/myint/autoflake"; + description = "A simple program which removes unused imports and unused variables as reported by pyflakes"; + license = licenses.mit; + maintainers = with maintainers; [ yuriaisaka ]; + }; +} diff --git a/nixpkgs/pkgs/development/tools/analysis/bingrep/default.nix b/nixpkgs/pkgs/development/tools/analysis/bingrep/default.nix new file mode 100644 index 000000000000..ae54723dda3b --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/bingrep/default.nix @@ -0,0 +1,22 @@ +{ lib, stdenv, rustPlatform, fetchFromGitHub }: + +rustPlatform.buildRustPackage rec { + pname = "bingrep"; + version = "0.8.5"; + + src = fetchFromGitHub { + owner = "m4b"; + repo = pname; + rev = "v${version}"; + sha256 = "sha256-ayA3aEidZPa5GJgbbm5K3X2Xgd5Eb6TgUU80Gw/p07w="; + }; + + cargoSha256 = "sha256-3eGYU5O7HSpawIL/8OVmROCzXfdnoMAnIujjrIp00xg="; + + meta = with lib; { + description = "Greps through binaries from various OSs and architectures, and colors them"; + homepage = "https://github.com/m4b/bingrep"; + license = licenses.mit; + maintainers = with maintainers; [ minijackson ]; + }; +} diff --git a/nixpkgs/pkgs/development/tools/analysis/brakeman/default.nix b/nixpkgs/pkgs/development/tools/analysis/brakeman/default.nix new file mode 100644 index 000000000000..de351524f39b --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/brakeman/default.nix @@ -0,0 +1,18 @@ +{ lib, ruby, buildRubyGem }: + +buildRubyGem rec { + inherit ruby; + name = "${gemName}-${version}"; + gemName = "brakeman"; + version = "4.8.0"; + source.sha256 = "0xy28pq4x1i7xns5af9k8fx35sqffz2lg94fgbsi9zhi877b7srg"; + + meta = with lib; { + description = "Static analysis security scanner for Ruby on Rails"; + homepage = "https://brakemanscanner.org/"; + changelog = "https://github.com/presidentbeef/brakeman/releases/tag/v${version}"; + license = [ licenses.unfreeRedistributable ]; + platforms = ruby.meta.platforms; + maintainers = [ maintainers.marsam ]; + }; +} diff --git a/nixpkgs/pkgs/development/tools/analysis/cargo-tarpaulin/default.nix b/nixpkgs/pkgs/development/tools/analysis/cargo-tarpaulin/default.nix new file mode 100644 index 000000000000..a0f251bfe910 --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/cargo-tarpaulin/default.nix @@ -0,0 +1,30 @@ +{ lib, pkg-config, rustPlatform, fetchFromGitHub, openssl }: + +rustPlatform.buildRustPackage rec { + pname = "cargo-tarpaulin"; + version = "0.17.0"; + + src = fetchFromGitHub { + owner = "xd009642"; + repo = "tarpaulin"; + rev = version; + sha256 = "1z104cd3wg718x1d89znppx4h6f0c6icgmpcllyrd0d19lb71a2b"; + }; + + nativeBuildInputs = [ + pkg-config + ]; + buildInputs = [ openssl ]; + + cargoSha256 = "0pn9xgryfb7f0plx50v9i7hsv1wib87pi0fl43cv6hgqyrdb52ny"; + #checkFlags = [ "--test-threads" "1" ]; + doCheck = false; + + meta = with lib; { + description = "A code coverage tool for Rust projects"; + homepage = "https://github.com/xd009642/tarpaulin"; + license = with licenses; [ mit /* or */ asl20 ]; + maintainers = with maintainers; [ hugoreeves ]; + platforms = [ "x86_64-linux" ]; + }; +} diff --git a/nixpkgs/pkgs/development/tools/analysis/cccc/cccc.patch b/nixpkgs/pkgs/development/tools/analysis/cccc/cccc.patch new file mode 100644 index 000000000000..9454e3b18ad1 --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/cccc/cccc.patch @@ -0,0 +1,24 @@ +diff --git a/cccc/cccc_tbl.cc b/cccc/cccc_tbl.cc +index df98e2b..59f2572 100644 +--- a/cccc/cccc_tbl.cc ++++ b/cccc/cccc_tbl.cc +@@ -96,7 +96,7 @@ bool CCCC_Table<T>::remove(T* old_item_ptr) + typename map_t::iterator value_iterator=map_t::find(old_item_ptr->key()); + if(value_iterator!=map_t::end()) + { +- erase(value_iterator); ++ map_t::erase(value_iterator); + retval=true; + } + return retval; +diff --git a/makefile b/makefile +index 23ad004..2cca469 100644 +--- a/makefile ++++ b/makefile +@@ -20,5 +20,5 @@ test : + cd test ; make -f posix.mak + + install : +- cd install ; su root -c "make -f install.mak" ++ cd install ; make -f install.mak + diff --git a/nixpkgs/pkgs/development/tools/analysis/cccc/default.nix b/nixpkgs/pkgs/development/tools/analysis/cccc/default.nix new file mode 100644 index 000000000000..bcbda8ad7e60 --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/cccc/default.nix @@ -0,0 +1,37 @@ +{ lib, stdenv, fetchurl }: + +let + name = "cccc"; + version = "3.1.4"; +in +stdenv.mkDerivation { + name = "${name}-${version}"; + + src = fetchurl { + url = "mirror://sourceforge/${name}/${version}/${name}-${version}.tar.gz"; + sha256 = "1gsdzzisrk95kajs3gfxks3bjvfd9g680fin6a9pjrism2lyrcr7"; + }; + + hardeningDisable = [ "format" ]; + + patches = [ ./cccc.patch ]; + + preConfigure = '' + substituteInPlace install/install.mak --replace /usr/local/bin $out/bin + substituteInPlace install/install.mak --replace MKDIR=mkdir "MKDIR=mkdir -p" + ''; + buildFlags = [ "CCC=c++" "LD=c++" ]; + + meta = { + description = "C and C++ Code Counter"; + longDescription = '' + CCCC is a tool which analyzes C++ and Java files and generates a report + on various metrics of the code. Metrics supported include lines of code, McCabe's + complexity and metrics proposed by Chidamber&Kemerer and Henry&Kafura. + ''; + homepage = "http://cccc.sourceforge.net/"; + license = lib.licenses.gpl2; + platforms = lib.platforms.unix; + maintainers = [ lib.maintainers.linquize ]; + }; +} diff --git a/nixpkgs/pkgs/development/tools/analysis/checkov/default.nix b/nixpkgs/pkgs/development/tools/analysis/checkov/default.nix new file mode 100644 index 000000000000..6277b1d4239e --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/checkov/default.nix @@ -0,0 +1,77 @@ +{ stdenv, pkgs, lib, python3, fetchFromGitHub }: + +let + pname = "checkov"; + version = "1.0.674"; + src = fetchFromGitHub { + owner = "bridgecrewio"; + repo = pname; + rev = version; + sha256 = "/S8ic5ZVxA2vd/rjRPX5gslbmnULL7BSx34vgWIsheQ="; + }; + + disabled = pkgs.python3Packages.pythonOlder "3.7"; + + # CheckOV only work with `dpath 1.5.0` + dpath = pkgs.python3Packages.buildPythonPackage rec { + pname = "dpath"; + version = "1.5.0"; + + src = pkgs.python3Packages.fetchPypi { + inherit pname version; + sha256 = "SWYVtOqEI20Y4NKGEi3nSGmmDg+H4sfsZ4f/KGxINhs="; + }; + + doCheck = false; + }; +in +python3.pkgs.buildPythonPackage rec { + inherit pname version disabled src; + + nativeBuildInputs = with python3.pkgs; [ setuptools_scm ]; + + propagatedBuildInputs = with python3.pkgs; [ + pytest + coverage + bandit + bc-python-hcl2 + deep_merge + tabulate + colorama + termcolor + junit-xml + dpath + pyyaml + boto3 + GitPython + six + jmespath + tqdm + update_checker + semantic-version + packaging + ]; + + # Both of these tests are pulling from external srouces (https://github.com/bridgecrewio/checkov/blob/f03a4204d291cf47e3753a02a9b8c8d805bbd1be/.github/workflows/build.yml) + preCheck = '' + rm -rf integration_tests/* + rm -rf tests/terraform/* + ''; + + # Wrap the executable so that the python packages are available + # it's just a shebang script which calls `python -m checkov "$@"` + postFixup = '' + wrapProgram $out/bin/checkov \ + --set PYTHONPATH $PYTHONPATH + ''; + + meta = with lib; { + homepage = "https://github.com/bridgecrewio/checkov"; + description = "Static code analysis tool for infrastructure-as-code"; + longDescription = '' + Prevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes, Serverless framework and other infrastructure-as-code-languages with Checkov by Bridgecrew. + ''; + license = licenses.asl20; + maintainers = with maintainers; [ anhdle14 ]; + }; +} diff --git a/nixpkgs/pkgs/development/tools/analysis/checkstyle/default.nix b/nixpkgs/pkgs/development/tools/analysis/checkstyle/default.nix new file mode 100644 index 000000000000..e5325f7da8c7 --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/checkstyle/default.nix @@ -0,0 +1,37 @@ +{ lib, stdenv, fetchurl, makeWrapper, jre }: + +stdenv.mkDerivation rec { + version = "8.39"; + pname = "checkstyle"; + + src = fetchurl { + url = "https://github.com/checkstyle/checkstyle/releases/download/checkstyle-${version}/checkstyle-${version}-all.jar"; + sha256 = "sha256-CPPSJVKf01TA89Qk/uyvIU+ejo5JyT4Mc35KKJPv4IE="; + }; + + nativeBuildInputs = [ makeWrapper ]; + buildInputs = [ jre ]; + + dontUnpack = true; + + installPhase = '' + runHook preInstall + install -D $src $out/checkstyle/checkstyle-all.jar + makeWrapper ${jre}/bin/java $out/bin/checkstyle \ + --add-flags "-jar $out/checkstyle/checkstyle-all.jar" + runHook postInstall + ''; + + meta = with lib; { + description = "Checks Java source against a coding standard"; + longDescription = '' + checkstyle is a development tool to help programmers write Java code that + adheres to a coding standard. By default it supports the Sun Code + Conventions, but is highly configurable. + ''; + homepage = "http://checkstyle.sourceforge.net/"; + license = licenses.lgpl21; + maintainers = with maintainers; [ pSub ]; + platforms = jre.meta.platforms; + }; +} diff --git a/nixpkgs/pkgs/development/tools/analysis/clang-analyzer/0001-Fix-scan-build-to-use-NIX_CFLAGS_COMPILE.patch b/nixpkgs/pkgs/development/tools/analysis/clang-analyzer/0001-Fix-scan-build-to-use-NIX_CFLAGS_COMPILE.patch new file mode 100644 index 000000000000..16470740877e --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/clang-analyzer/0001-Fix-scan-build-to-use-NIX_CFLAGS_COMPILE.patch @@ -0,0 +1,35 @@ +From 40239d92957f1969652cdd41d6d2749c41ac4338 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= <joerg@thalheim.io> +Date: Fri, 31 Jul 2020 09:22:03 +0100 +Subject: [PATCH] [PATCH] Fix scan-build to use NIX_CFLAGS_COMPILE +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Signed-off-by: Jörg Thalheim <joerg@thalheim.io> +--- + tools/scan-build/libexec/ccc-analyzer | 8 ++++++++ + 1 file changed, 8 insertions(+) + +diff --git a/tools/scan-build/libexec/ccc-analyzer b/tools/scan-build/libexec/ccc-analyzer +index 800f38b5..0fb50fb3 100755 +--- a/tools/scan-build/libexec/ccc-analyzer ++++ b/tools/scan-build/libexec/ccc-analyzer +@@ -246,6 +246,14 @@ sub Analyze { + push @Args, "-target", $AnalyzerTarget; + } + ++ # Add Nix flags to analysis ++ if (defined $ENV{'NIX_CFLAGS_COMPILE'}) { ++ my @nixArgs = split(/\s+/, $ENV{'NIX_CFLAGS_COMPILE'}); ++ foreach my $nixArg (@nixArgs) { ++ push @Args, $nixArg; ++ } ++ } ++ + my $AnalysisArgs = GetCCArgs($HtmlDir, "--analyze", \@Args); + @CmdArgs = @$AnalysisArgs; + } +-- +2.27.0 + diff --git a/nixpkgs/pkgs/development/tools/analysis/clang-analyzer/default.nix b/nixpkgs/pkgs/development/tools/analysis/clang-analyzer/default.nix new file mode 100644 index 000000000000..4752b31649d3 --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/clang-analyzer/default.nix @@ -0,0 +1,34 @@ +{ lib, stdenv, fetchurl, clang, llvmPackages, perl, makeWrapper, python3 }: + +stdenv.mkDerivation rec { + pname = "clang-analyzer"; + inherit (llvmPackages.clang-unwrapped) src version; + + patches = [ ./0001-Fix-scan-build-to-use-NIX_CFLAGS_COMPILE.patch ]; + buildInputs = [ clang llvmPackages.clang perl python3 ]; + nativeBuildInputs = [ makeWrapper ]; + + dontBuild = true; + + installPhase = '' + mkdir -p $out/share/scan-view $out/bin + cp -R tools/scan-view/share/* $out/share/scan-view + cp -R tools/scan-view/bin/* $out/bin/scan-view + cp -R tools/scan-build/* $out + + rm $out/bin/*.bat $out/libexec/*.bat $out/CMakeLists.txt + + wrapProgram $out/bin/scan-build \ + --add-flags "--use-cc=${clang}/bin/clang" \ + --add-flags "--use-c++=${clang}/bin/clang++" \ + --add-flags "--use-analyzer='${llvmPackages.clang}/bin/clang'" + ''; + + meta = { + description = "Clang Static Analyzer"; + homepage = "http://clang-analyzer.llvm.org"; + license = lib.licenses.bsd3; + platforms = lib.platforms.unix; + maintainers = [ lib.maintainers.thoughtpolice ]; + }; +} diff --git a/nixpkgs/pkgs/development/tools/analysis/coan/default.nix b/nixpkgs/pkgs/development/tools/analysis/coan/default.nix new file mode 100644 index 000000000000..1e0b79e0daa5 --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/coan/default.nix @@ -0,0 +1,33 @@ +{ lib, stdenv, fetchurl, perl }: + +stdenv.mkDerivation rec { + version = "6.0.1"; + pname = "coan"; + + src = fetchurl { + url = "mirror://sourceforge/project/coan2/v${version}/${pname}-${version}.tar.gz"; + sha256 = "1d041j0nd1hc0562lbj269dydjm4rbzagdgzdnmwdxr98544yw44"; + }; + + nativeBuildInputs = [ perl ]; + + enableParallelBuilding = true; + + postInstall = '' + mv -v $out/share/man/man1/coan.1.{1,gz} + ''; + + meta = with lib; { + description = "The C preprocessor chainsaw"; + longDescription = '' + A software engineering tool for analysing preprocessor-based + configurations of C or C++ source code. Its principal use is to simplify + a body of source code by eliminating any parts that are redundant with + respect to a specified configuration. Dead code removal is an + application of this sort. + ''; + homepage = "http://coan2.sourceforge.net/"; + license = licenses.bsd3; + platforms = platforms.linux; + }; +} diff --git a/nixpkgs/pkgs/development/tools/analysis/codeql/default.nix b/nixpkgs/pkgs/development/tools/analysis/codeql/default.nix new file mode 100644 index 000000000000..f3ad1d81e57d --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/codeql/default.nix @@ -0,0 +1,61 @@ +{ lib, stdenv +, fetchzip +, zlib +, xorg +, freetype +, alsaLib +, jdk11 +, curl +, lttng-ust +, autoPatchelfHook +}: + +stdenv.mkDerivation rec { + pname = "codeql"; + version = "2.4.1"; + + dontConfigure = true; + dontBuild = true; + dontStrip = true; + + src = fetchzip { + url = "https://github.com/github/codeql-cli-binaries/releases/download/v${version}/codeql.zip"; + sha256 = "sha256-UHH+nV62jHvEY6T5UKz5cm9zse9pWHPAjjsGHfpPoPY="; + }; + + nativeBuildInputs = [ + zlib + xorg.libX11 + xorg.libXext + xorg.libXi + xorg.libXtst + xorg.libXrender + freetype + alsaLib + jdk11 + stdenv.cc.cc.lib + curl + lttng-ust + autoPatchelfHook + ]; + + installPhase = '' + # codeql directory should not be top-level, otherwise, + # it'll include /nix/store to resolve extractors. + mkdir -p $out/{codeql,bin} + cp -R * $out/codeql/ + + ln -sf $out/codeql/tools/linux64/lib64trace.so $out/codeql/tools/linux64/libtrace.so + + sed -i 's;"$CODEQL_DIST/tools/$CODEQL_PLATFORM/java/bin/java";"${jdk11}/bin/java";' $out/codeql/codeql + + ln -s $out/codeql/codeql $out/bin/ + ''; + + meta = with lib; { + description = "Semantic code analysis engine"; + homepage = "https://semmle.com/codeql"; + maintainers = [ maintainers.dump_stack ]; + license = licenses.unfree; + }; +} diff --git a/nixpkgs/pkgs/development/tools/analysis/cov-build/default.nix b/nixpkgs/pkgs/development/tools/analysis/cov-build/default.nix new file mode 100644 index 000000000000..93a4ffab388d --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/cov-build/default.nix @@ -0,0 +1,48 @@ +{ lib, stdenv, requireFile }: + +let + message = '' + Register an account at https://scan.coverity.com, download the + build tools, and add it to the nix store with nix-prefetch-url + ''; +in +stdenv.mkDerivation rec { + pname = "cov-build"; + version = "7.0.2"; + + src = + if stdenv.hostPlatform.system == "i686-linux" + then requireFile { + name = "cov-analysis-linux32-${version}.tar.gz"; + sha256 = "0i06wbd7blgx9adh9w09by4i18vwmldfp9ix97a5dph2cjymsviy"; + inherit message; + } + else requireFile { + name = "cov-analysis-linux64-${version}.tar.gz"; + sha256 = "0iby75p0g8gv7b501xav47milr8m9781h0hcgm1ch6x3qj6irqd8"; + inherit message; + }; + + dontStrip = true; + buildPhase = false; + installPhase = '' + mkdir -p $out/bin $out/libexec + mv * $out/libexec + for x in cov-build cov-capture cov-configure cov-emit cov-emit-java \ + cov-export-cva cov-extract-scm cov-help cov-import-scm cov-link \ + cov-internal-clang cov-internal-emit-clang cov-internal-nm \ + cov-internal-emit-java-bytecode cov-internal-reduce cov-translate \ + cov-preprocess cov-internal-pid-to-db cov-manage-emit \ + cov-manage-history; do + ln -s $out/libexec/bin/$x $out/bin/$x; + done + ''; + + meta = { + description = "Coverity Scan build tools"; + homepage = "https://scan.coverity.com"; + license = lib.licenses.unfreeRedistributable; + platforms = lib.platforms.linux; + maintainers = [ lib.maintainers.thoughtpolice ]; + }; +} diff --git a/nixpkgs/pkgs/development/tools/analysis/coz/default.nix b/nixpkgs/pkgs/development/tools/analysis/coz/default.nix new file mode 100644 index 000000000000..17968a466bf4 --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/coz/default.nix @@ -0,0 +1,56 @@ +{ lib, stdenv +, fetchFromGitHub +, libelfin +, ncurses +, python3 +, python3Packages +, makeWrapper +}: +stdenv.mkDerivation rec { + pname = "coz"; + version = "0.2.1"; + + src = fetchFromGitHub { + owner = "plasma-umass"; + repo = "coz"; + rev = version; + sha256 = "0val36yw987b1558iiyk3nqg0yy5k9y5wh49v91zj3cs58mmfyhc"; + }; + + postPatch = '' + sed -i -e '/pid_t gettid/,+2d' libcoz/ccutil/thread.h + ''; + + postConfigure = '' + # This is currently hard-coded. Will be fixed in the next release. + sed -e "s|/usr/lib/|$out/lib/|" -i ./coz + ''; + + nativeBuildInputs = [ + ncurses + makeWrapper + python3Packages.wrapPython + ]; + + buildInputs = [ + libelfin + (python3.withPackages (p: [ p.docutils ])) + ]; + + installPhase = '' + mkdir -p $out/share/man/man1 + make install prefix=$out + + # fix executable includes + chmod -x $out/include/coz.h + + wrapPythonPrograms + ''; + + meta = { + homepage = "https://github.com/plasma-umass/coz"; + description = "Profiler based on casual profiling"; + license = lib.licenses.bsd2; + maintainers = with lib.maintainers; [ zimbatm ]; + }; +} diff --git a/nixpkgs/pkgs/development/tools/analysis/cppcheck/default.nix b/nixpkgs/pkgs/development/tools/analysis/cppcheck/default.nix new file mode 100644 index 000000000000..30c0614446e6 --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/cppcheck/default.nix @@ -0,0 +1,39 @@ +{ lib, stdenv, fetchurl, libxslt, docbook_xsl, docbook_xml_dtd_45, pcre, withZ3 ? true, z3 }: + +stdenv.mkDerivation rec { + pname = "cppcheck"; + version = "2.3"; + + src = fetchurl { + url = "mirror://sourceforge/${pname}/${pname}-${version}.tar.bz2"; + sha256 = "0mlw0z20qf0g9qrmdmbykzf87wlcgmah8bacmp4mk6dwfzr9g9n3"; + }; + + buildInputs = [ pcre ] ++ lib.optionals withZ3 [ z3 ]; + nativeBuildInputs = [ libxslt docbook_xsl docbook_xml_dtd_45 ]; + + makeFlags = [ "PREFIX=$(out)" "FILESDIR=$(out)/cfg" "HAVE_RULES=yes" ] + ++ lib.optionals withZ3 [ "USE_Z3=yes" "CPPFLAGS=-DNEW_Z3=1" ]; + + outputs = [ "out" "man" ]; + + enableParallelBuilding = true; + + postInstall = '' + make DB2MAN=${docbook_xsl}/xml/xsl/docbook/manpages/docbook.xsl man + mkdir -p $man/share/man/man1 + cp cppcheck.1 $man/share/man/man1/cppcheck.1 + ''; + + meta = with lib; { + description = "A static analysis tool for C/C++ code"; + longDescription = '' + Check C/C++ code for memory leaks, mismatching allocation-deallocation, + buffer overruns and more. + ''; + homepage = "http://cppcheck.sourceforge.net/"; + license = licenses.gpl3Plus; + platforms = platforms.unix; + maintainers = with maintainers; [ joachifm ]; + }; +} diff --git a/nixpkgs/pkgs/development/tools/analysis/cpplint/default.nix b/nixpkgs/pkgs/development/tools/analysis/cpplint/default.nix new file mode 100644 index 000000000000..61aee215031a --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/cpplint/default.nix @@ -0,0 +1,30 @@ +{ lib, python3Packages, fetchFromGitHub }: + +python3Packages.buildPythonApplication rec { + pname = "cpplint"; + version = "1.5.1"; + + # Fetch from github instead of pypi, since the test cases are not in the pypi archive + src = fetchFromGitHub { + owner = pname; + repo = pname; + rev = version; + sha256 = "0k927mycj1k4l3fbxrk597bhcjl2nrpaas1imbjgk64cyq8dv7lh"; + }; + + postPatch = '' + patchShebangs cpplint_unittest.py + ''; + + checkInputs = with python3Packages; [ pytest pytestrunner ]; + checkPhase = '' + ./cpplint_unittest.py + ''; + + meta = with lib; { + homepage = "https://github.com/cpplint/cpplint"; + description = "Static code checker for C++"; + maintainers = [ maintainers.bhipple ]; + license = [ licenses.bsd3 ]; + }; +} diff --git a/nixpkgs/pkgs/development/tools/analysis/egypt/default.nix b/nixpkgs/pkgs/development/tools/analysis/egypt/default.nix new file mode 100644 index 000000000000..cfb974c86ddd --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/egypt/default.nix @@ -0,0 +1,32 @@ +{ lib, stdenv, fetchurl, perlPackages }: + +perlPackages.buildPerlPackage rec { + pname = "egypt"; + version = "1.10"; + + src = fetchurl { + sha256 = "0r0wj6v8z9fzlh9pb5617kyjdf92ppmlbzajaarrq729bbb6ln5m"; + url = "https://www.gson.org/egypt/download/${pname}-${version}.tar.gz"; + }; + + outputs = [ "out" ]; + + enableParallelBuilding = true; + + doCheck = true; + + meta = with lib; { + description = "Tool for making call graphs of C programmes"; + longDescription = '' + Egypt is a simple tool for creating call graphs of C programs. It neither + analyzes source code nor lays out graphs. Instead, it leaves the source + code analysis to GCC and the graph layout to Graphviz, both of which are + better at their respective jobs than egypt itself could ever hope to be. + Egypt is simply a very small Perl script that glues these existing tools + together. + ''; + homepage = "http://www.gson.org/egypt/"; + license = with licenses; [ artistic1 gpl1Plus ]; + platforms = platforms.unix; + }; +} diff --git a/nixpkgs/pkgs/development/tools/analysis/emma/default.nix b/nixpkgs/pkgs/development/tools/analysis/emma/default.nix new file mode 100644 index 000000000000..97f93722a182 --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/emma/default.nix @@ -0,0 +1,24 @@ +{lib, stdenv, fetchurl, unzip}: + +stdenv.mkDerivation { + name = "emma-2.0.5312"; + + src = fetchurl { + url = "mirror://sourceforge/emma/emma-2.0.5312.zip"; + sha256 = "0xxy39s2lvgs56vicjzpcz936l1vjaplliwa0dm7v3iyvw6jn7vj"; + }; + + buildInputs = [unzip]; + + installPhase = '' + mkdir -p $out/lib/jars + cp lib/*.jar $out/lib/jars/ + ''; + + meta = { + homepage = "http://emma.sourceforge.net/"; + description = "A code coverage tool for Java"; + platforms = lib.platforms.unix; + license = lib.licenses.cpl10; + }; +} diff --git a/nixpkgs/pkgs/development/tools/analysis/eresi/default.nix b/nixpkgs/pkgs/development/tools/analysis/eresi/default.nix new file mode 100644 index 000000000000..b8abad44f241 --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/eresi/default.nix @@ -0,0 +1,66 @@ +{ stdenv, lib, fetchFromGitHub, which, openssl, readline, fetchpatch }: + +stdenv.mkDerivation rec { + pname = "eresi"; + version = "0.83-a3-phoenix"; + + src = fetchFromGitHub { + owner = "thorkill"; + repo = "eresi"; + rev = version; + sha256 = "0a5a7mh2zw9lcdrl8n1mqccrc0xcgj7743l7l4kslkh722fxv625"; + }; + + patches = [ + (fetchpatch { + url = "https://github.com/thorkill/eresi/commit/a79406344cc21d594d27fa5ec5922abe9f7475e7.patch"; + sha256 = "1mjjc6hj7r06iarvai7prcdvjk9g0k5vwrmkwcm7b8ivd5xzxp2z"; + }) + ]; + + postPatch = '' + # Two occurences of fprintf() with only two arguments, which should really + # be fputs(). + # + # Upstream pull request: https://github.com/thorkill/eresi/pull/162 + # + sed -i -e 's/fprintf(\(stderr\), *\([a-z0-9]\+\))/fputs(\2, \1)/g' \ + libe2dbg/common/common.c libe2dbg/user/threads.c + + # We need to patch out a few ifs here, because it tries to create a series + # of configuration files in ~/.something. However, our builds are sandboxed + # and also don't contain a valid home, so let's NOP it out :-) + # + # The second fix we need to make is that we need to pretend being Gentoo + # because otherwise the build process tries to link against libtermcap, + # which I think is solely for historic reasons (nowadays Terminfo should + # have largely superseded it). + sed -i -e '/^if \[ ! -e/c if false; then' \ + -e 's/^GENTOO=.*/GENTOO=1/' configure + ''; + + configureFlags = [ + (if stdenv.is64bit then "--enable-32-64" else "--enable-32") + "--enable-readline" + ]; + + # The configure script is not generated by autoconf but is hand-rolled, so it + # has --enable-static but no --disabled-static and also doesn't support the + # equals sign in --prefix. + prefixKey = "--prefix "; + dontDisableStatic = true; + + nativeBuildInputs = [ which ]; + buildInputs = [ openssl readline ]; + enableParallelBuilding = true; + + installTargets = lib.singleton "install" + ++ lib.optional stdenv.is64bit "install64"; + + meta = { + description = "The ERESI Reverse Engineering Software Interface"; + license = lib.licenses.gpl2; + homepage = "http://www.eresi-project.org/"; + platforms = lib.platforms.linux; + }; +} diff --git a/nixpkgs/pkgs/development/tools/analysis/evmdis/default.nix b/nixpkgs/pkgs/development/tools/analysis/evmdis/default.nix new file mode 100644 index 000000000000..b8f3aa0ac1fb --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/evmdis/default.nix @@ -0,0 +1,21 @@ +{ lib, stdenv, buildGoPackage, fetchFromGitHub }: + +buildGoPackage { + pname = "evmdis-unstable"; + version = "2018-03-23"; + goPackagePath = "github.com/Arachnid/evmdis"; + + src = fetchFromGitHub { + owner = "Arachnid"; + repo = "evmdis"; + rev = "0d1406905c5fda6224651fa53260a21c907eb986"; + sha256 = "09y4j7ipgv8yd99g3xk3f079w8fqfj7kl1y7ry81ainysn0qlqrg"; + }; + + meta = with lib; { + homepage = "https://github.com/Arachnid/evmdis"; + description = "Ethereum EVM disassembler"; + license = [ licenses.asl20 ]; + maintainers = with maintainers; [ asymmetric ]; + }; +} diff --git a/nixpkgs/pkgs/development/tools/analysis/findbugs/default.nix b/nixpkgs/pkgs/development/tools/analysis/findbugs/default.nix new file mode 100644 index 000000000000..265f62904530 --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/findbugs/default.nix @@ -0,0 +1,44 @@ +{ lib, stdenv, fetchurl }: + +stdenv.mkDerivation rec { + name = "findbugs-3.0.1"; + + src = fetchurl { + url = "mirror://sourceforge/findbugs/${name}.tar.gz"; + sha256 = "06b46fz4nid7qvm36r66zw01fr87y4jyz21ixw27b8hkqah0s3p8"; + }; + + buildPhase = '' + substituteInPlace bin/findbugs --replace /bin/pwd pwd + ''; + + installPhase = '' + d=$out/libexec/findbugs + mkdir -p $d $out/bin $out/nix-support + + cp -prd bin lib plugin doc $d/ + rm $d/bin/*.bat + for i in $d/bin/*; do + if [ -f $i ]; then ln -s $i $out/bin/; fi + done + + # Get rid of unnecessary JARs. + rm $d/lib/ant.jar + + # Make some JARs findable. + mkdir -p $out/share/java + ln -s $d/lib/{findbugs.jar,findbugs-ant.jar} $out/share/java/ + + cat <<EOF > $out/nix-support/setup-hook + export FINDBUGS_HOME=$d + EOF + ''; + + meta = with lib; { + description = "A static analysis tool to find bugs in Java programs automatically"; + homepage = "http://findbugs.sourceforge.net/"; + maintainers = with maintainers; [ pSub ]; + platforms = with platforms; unix; + license = licenses.lgpl3; + }; +} diff --git a/nixpkgs/pkgs/development/tools/analysis/flow/default.nix b/nixpkgs/pkgs/development/tools/analysis/flow/default.nix new file mode 100644 index 000000000000..fc39e86007d4 --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/flow/default.nix @@ -0,0 +1,31 @@ +{ lib, stdenv, fetchFromGitHub, ocamlPackages, CoreServices }: + +stdenv.mkDerivation rec { + pname = "flow"; + version = "0.143.0"; + + src = fetchFromGitHub { + owner = "facebook"; + repo = "flow"; + rev = "refs/tags/v${version}"; + sha256 = "sha256-j4vsuPs/xr/oy4ZWGBBCy+2mPMQtxE01gqpjsYITCa0="; + }; + + installPhase = '' + install -Dm755 bin/flow $out/bin/flow + install -Dm644 resources/shell/bash-completion $out/share/bash-completion/completions/flow + ''; + + buildInputs = (with ocamlPackages; [ ocaml findlib ocamlbuild dtoa core_kernel sedlex_2 ocaml_lwt lwt_log lwt_ppx ppx_deriving ppx_gen_rec ppx_tools_versioned visitors wtf8 ocaml-migrate-parsetree ]) + ++ lib.optionals stdenv.isDarwin [ CoreServices ]; + + meta = with lib; { + description = "A static type checker for JavaScript"; + homepage = "https://flow.org/"; + changelog = "https://github.com/facebook/flow/releases/tag/v${version}"; + license = licenses.mit; + platforms = ocamlPackages.ocaml.meta.platforms; + broken = stdenv.isAarch64; # https://github.com/facebook/flow/issues/7556 + maintainers = with maintainers; [ marsam puffnfresh ]; + }; +} diff --git a/nixpkgs/pkgs/development/tools/analysis/frama-c/default.nix b/nixpkgs/pkgs/development/tools/analysis/frama-c/default.nix new file mode 100644 index 000000000000..394bd6558fbf --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/frama-c/default.nix @@ -0,0 +1,80 @@ +{ lib, stdenv, fetchurl, makeWrapper, writeText +, autoconf, ncurses, graphviz, doxygen +, ocamlPackages, ltl2ba, coq, why3 +, gdk-pixbuf, wrapGAppsHook +}: + +let + mkocamlpath = p: "${p}/lib/ocaml/${ocamlPackages.ocaml.version}/site-lib"; + runtimeDeps = with ocamlPackages; [ + apron.dev + biniou + camlzip + easy-format + menhir + mlgmpidl + num + ocamlgraph + why3 + yojson + zarith + ]; + ocamlpath = lib.concatMapStringsSep ":" mkocamlpath runtimeDeps; +in + +stdenv.mkDerivation rec { + pname = "frama-c"; + version = "22.0"; + slang = "Titanium"; + + src = fetchurl { + url = "http://frama-c.com/download/frama-c-${version}-${slang}.tar.gz"; + sha256 = "1mq1fijka95ydrla486yr4w6wdl9l7vmp512s1q00b0p6lmfwmkh"; + }; + + preConfigure = lib.optionalString stdenv.cc.isClang "configureFlagsArray=(\"--with-cpp=clang -E -C\")"; + + nativeBuildInputs = [ autoconf wrapGAppsHook ]; + + buildInputs = with ocamlPackages; [ + ncurses ocaml findlib ltl2ba ocamlgraph yojson menhir camlzip + lablgtk coq graphviz zarith apron why3 mlgmpidl doxygen + gdk-pixbuf + ]; + + enableParallelBuilding = true; + + preFixup = '' + gappsWrapperArgs+=(--prefix OCAMLPATH ':' ${ocamlpath}) + ''; + + # Allow loading of external Frama-C plugins + setupHook = writeText "setupHook.sh" '' + addFramaCPath () { + if test -d "''$1/lib/frama-c/plugins"; then + export FRAMAC_PLUGIN="''${FRAMAC_PLUGIN-}''${FRAMAC_PLUGIN:+:}''$1/lib/frama-c/plugins" + export OCAMLPATH="''${OCAMLPATH-}''${OCAMLPATH:+:}''$1/lib/frama-c/plugins" + fi + + if test -d "''$1/lib/frama-c"; then + export OCAMLPATH="''${OCAMLPATH-}''${OCAMLPATH:+:}''$1/lib/frama-c" + fi + + if test -d "''$1/share/frama-c/"; then + export FRAMAC_EXTRA_SHARE="''${FRAMAC_EXTRA_SHARE-}''${FRAMAC_EXTRA_SHARE:+:}''$1/share/frama-c" + fi + + } + + addEnvHooks "$targetOffset" addFramaCPath + ''; + + + meta = { + description = "An extensible and collaborative platform dedicated to source-code analysis of C software"; + homepage = "http://frama-c.com/"; + license = lib.licenses.lgpl21; + maintainers = with lib.maintainers; [ thoughtpolice amiddelk ]; + platforms = lib.platforms.unix; + }; +} diff --git a/nixpkgs/pkgs/development/tools/analysis/garcosim/tracefilegen/default.nix b/nixpkgs/pkgs/development/tools/analysis/garcosim/tracefilegen/default.nix new file mode 100644 index 000000000000..8984a395818b --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/garcosim/tracefilegen/default.nix @@ -0,0 +1,32 @@ +{ lib, stdenv, fetchFromGitHub, cmake }: + +stdenv.mkDerivation rec { + + name = "tracefilegen-2017-05-13"; + + src = fetchFromGitHub { + owner = "GarCoSim"; + repo = "TraceFileGen"; + rev = "0ebfd1fdb54079d4bdeaa81fc9267ecb9f016d60"; + sha256 = "1gsx18ksgz5gwl3v62vgrmhxc0wc99i74qwhpn0h57zllk41drjc"; + }; + + nativeBuildInputs = [ cmake ]; + + patches = [ ./gcc7.patch ]; + + installPhase = '' + install -Dm755 TraceFileGen $out/bin/TraceFileGen + mkdir -p $out/share/doc/${name}/ + cp -ar $src/Documentation/html $out/share/doc/${name}/. + ''; + + meta = with lib; { + description = "Automatically generate all types of basic memory management operations and write into trace files"; + homepage = "https://github.com/GarCoSim"; + maintainers = [ maintainers.cmcdragonkai ]; + license = licenses.gpl2; + platforms = platforms.linux; + }; + +} diff --git a/nixpkgs/pkgs/development/tools/analysis/garcosim/tracefilegen/gcc7.patch b/nixpkgs/pkgs/development/tools/analysis/garcosim/tracefilegen/gcc7.patch new file mode 100644 index 000000000000..48301bbf61ad --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/garcosim/tracefilegen/gcc7.patch @@ -0,0 +1,13 @@ +diff --git a/Utils/Logger.cpp b/Utils/Logger.cpp +index 747cd63..e3efdf1 100644 +--- a/Utils/Logger.cpp ++++ b/Utils/Logger.cpp +@@ -29,7 +29,7 @@ Logger::Logger(char* tracepath) { + trace = fopen(tracepath, "w"); + + // dot file is not used, set null as default value +- dot = '\0'; ++ dot = nullptr; + //dot = fopen("gcKons.dot", "w"); + //fprintf(dot,"digraph G {\n"); + } diff --git a/nixpkgs/pkgs/development/tools/analysis/garcosim/tracefilesim/default.nix b/nixpkgs/pkgs/development/tools/analysis/garcosim/tracefilesim/default.nix new file mode 100644 index 000000000000..3f97485cbfa4 --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/garcosim/tracefilesim/default.nix @@ -0,0 +1,28 @@ +{ lib, stdenv, fetchgit }: + +stdenv.mkDerivation { + + name = "tracefilesim-2015-11-07"; + + src = fetchgit { + url = "https://github.com/GarCoSim/TraceFileSim.git"; + rev = "368aa6b1d6560e7ecbd16fca47000c8f528f3da2"; + sha256 = "156m92k38ap4bzidbr8dzl065rni8lrib71ih88myk9z5y1x5nxm"; + }; + + hardeningDisable = [ "fortify" ]; + + installPhase = '' + mkdir --parents "$out/bin" + cp ./traceFileSim "$out/bin" + ''; + + meta = with lib; { + description = "Ease the analysis of existing memory management techniques, as well as the prototyping of new memory management techniques"; + homepage = "https://github.com/GarCoSim"; + maintainers = [ maintainers.cmcdragonkai ]; + license = licenses.gpl2; + platforms = platforms.linux; + }; + +} diff --git a/nixpkgs/pkgs/development/tools/analysis/hopper/default.nix b/nixpkgs/pkgs/development/tools/analysis/hopper/default.nix new file mode 100644 index 000000000000..b169877f5c1f --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/hopper/default.nix @@ -0,0 +1,80 @@ +{ stdenv +, fetchurl +, lib +, autoPatchelfHook +, wrapQtAppsHook +, libbsd +, python27 +, gmpxx +, ncurses5 +, gnustep +, libffi +}: +stdenv.mkDerivation rec { + pname = "hopper"; + version = "4.5.29"; + rev = "v${lib.versions.major version}"; + + src = fetchurl { + url = "https://d2ap6ypl1xbe4k.cloudfront.net/Hopper-${rev}-${version}-Linux.pkg.tar.xz"; + sha256 = "1v1pff5fiv41khvrnlpdks2vddjnvziyn14qqj6v26snyhwi86zh"; + }; + + sourceRoot = "."; + + nativeBuildInputs = [ + wrapQtAppsHook + autoPatchelfHook + ]; + + buildInputs = [ + libbsd + python27 + gmpxx + ncurses5 + gnustep.libobjc + ]; + + installPhase = '' + runHook preInstall + + mkdir -p $out/bin + mkdir -p $out/lib + mkdir -p $out/share + + cp $sourceRoot/opt/hopper-${rev}/bin/Hopper $out/bin/hopper + cp \ + --archive \ + $sourceRoot/opt/hopper-${rev}/lib/libBlocksRuntime.so* \ + $sourceRoot/opt/hopper-${rev}/lib/libdispatch.so* \ + $sourceRoot/opt/hopper-${rev}/lib/libgnustep-base.so* \ + $sourceRoot/opt/hopper-${rev}/lib/libHopperCore.so* \ + $sourceRoot/opt/hopper-${rev}/lib/libkqueue.so* \ + $sourceRoot/opt/hopper-${rev}/lib/libobjcxx.so* \ + $sourceRoot/opt/hopper-${rev}/lib/libpthread_workqueue.so* \ + $out/lib + + # we already ship libffi.so.7 + ln -s ${lib.getLib libffi}/lib/libffi.so $out/lib/libffi.so.6 + + cp -r $sourceRoot/usr/share $out + + runHook postInstall + ''; + + postFixup = '' + substituteInPlace "$out/share/applications/hopper-${rev}.desktop" \ + --replace "Exec=/opt/hopper-${rev}/bin/Hopper" "Exec=$out/bin/hopper" + ''; + + meta = with lib; { + homepage = "https://www.hopperapp.com/index.html"; + description = "A macOS and Linux Disassembler"; + license = licenses.unfree; + maintainers = with maintainers; [ + luis + Enteee + ]; + platforms = platforms.linux; + }; +} diff --git a/nixpkgs/pkgs/development/tools/analysis/hotspot/default.nix b/nixpkgs/pkgs/development/tools/analysis/hotspot/default.nix new file mode 100644 index 000000000000..6ea079e3ec15 --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/hotspot/default.nix @@ -0,0 +1,65 @@ +{ lib, stdenv, + mkDerivation, + cmake, + elfutils, + extra-cmake-modules, + fetchFromGitHub, + kconfigwidgets, + ki18n, + kio, + kitemmodels, + kitemviews, + kwindowsystem, + libelf, + qtbase, + threadweaver, +}: + +mkDerivation rec { + pname = "hotspot"; + version = "1.3.0"; + + src = fetchFromGitHub { + owner = "KDAB"; + repo = "hotspot"; + rev = "v${version}"; + sha256 = "1f68bssh3p387hkavfjkqcf7qf7w5caznmjfjldicxphap4riqr5"; + fetchSubmodules = true; + }; + + nativeBuildInputs = [ cmake ]; + buildInputs = [ + elfutils + extra-cmake-modules + kconfigwidgets + ki18n + kio + kitemmodels + kitemviews + kwindowsystem + libelf + qtbase + threadweaver + ]; + + # hotspot checks for the presence of third party libraries' + # git directory to give a nice warning when you forgot to clone + # submodules; but Nix clones them and removes .git (for reproducibility). + # So we need to fake their existence here. + postPatch = '' + mkdir -p 3rdparty/perfparser/.git + ''; + + meta = { + description = "A GUI for Linux perf"; + longDescription = '' + hotspot is a GUI replacement for `perf report`. + It takes a perf.data file, parses and evaluates its contents and + then displays the result in a graphical way. + ''; + homepage = "https://github.com/KDAB/hotspot"; + license = with lib.licenses; [ gpl2 gpl3 ]; + platforms = lib.platforms.linux; + maintainers = with lib.maintainers; [ nh2 ]; + }; +} diff --git a/nixpkgs/pkgs/development/tools/analysis/ikos/default.nix b/nixpkgs/pkgs/development/tools/analysis/ikos/default.nix new file mode 100644 index 000000000000..26c7b6dd0b70 --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/ikos/default.nix @@ -0,0 +1,37 @@ +{ stdenv, lib, fetchFromGitHub, cmake, boost, tbb +, gmp, llvm, clang, sqlite, python3 +, ocamlPackages, mpfr, ppl, doxygen, graphviz +}: + +let + python = python3.withPackages (ps: with ps; [ + pygments + ]); +in + +stdenv.mkDerivation rec { + name = "ikos"; + version = "3.0"; + + src = fetchFromGitHub { + owner = "NASA-SW-VnV"; + repo = name; + rev = "v${version}"; + sha256 = "0k3kp1af0qx3l1x6a4sl4fm8qlwchjvwkvs2ck0fhfnc62q2im5f"; + }; + + nativeBuildInputs = [ cmake ]; + buildInputs = [ boost tbb gmp clang llvm sqlite python + ocamlPackages.apron mpfr ppl doxygen graphviz ]; + + cmakeFlags = [ "-DAPRON_ROOT=${ocamlPackages.apron}" ]; + + postBuild = "make doc"; + + meta = with lib; { + homepage = "https://github.com/NASA-SW-VnV/ikos"; + description = "Static analyzer for C/C++ based on the theory of Abstract Interpretation"; + license = licenses.nasa13; + maintainers = with maintainers; [ atnnn ]; + }; +} diff --git a/nixpkgs/pkgs/development/tools/analysis/include-what-you-use/default.nix b/nixpkgs/pkgs/development/tools/analysis/include-what-you-use/default.nix new file mode 100644 index 000000000000..db1cf9c6ead5 --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/include-what-you-use/default.nix @@ -0,0 +1,37 @@ +{ lib, stdenv, fetchurl, cmake, llvmPackages, python2 }: + +stdenv.mkDerivation rec { + pname = "include-what-you-use"; + # Also bump llvmPackages in all-packages.nix to the supported version! + version = "0.14"; + + src = fetchurl { + sha256 = "1vq0c8jqspvlss8hbazml44fi0mbslgnp2i9wcr0qrjpvfbl6623"; + url = "${meta.homepage}/downloads/${pname}-${version}.src.tar.gz"; + }; + + buildInputs = with llvmPackages; [ clang-unwrapped llvm python2 ]; + nativeBuildInputs = [ cmake ]; + + cmakeFlags = [ "-DIWYU_LLVM_ROOT_PATH=${llvmPackages.clang-unwrapped}" ]; + + postInstall = '' + substituteInPlace $out/bin/iwyu_tool.py \ + --replace "'include-what-you-use'" "'$out/bin/include-what-you-use'" + ''; + + meta = with lib; { + description = "Analyze #includes in C/C++ source files with clang"; + longDescription = '' + For every symbol (type, function variable, or macro) that you use in + foo.cc, either foo.cc or foo.h should #include a .h file that exports the + declaration of that symbol. The main goal of include-what-you-use is to + remove superfluous #includes, both by figuring out what #includes are not + actually needed for this file (for both .cc and .h files), and by + replacing #includes with forward-declares when possible. + ''; + homepage = "https://include-what-you-use.org"; + license = licenses.bsd3; + platforms = platforms.unix; + }; +} diff --git a/nixpkgs/pkgs/development/tools/analysis/jdepend/default.nix b/nixpkgs/pkgs/development/tools/analysis/jdepend/default.nix new file mode 100644 index 000000000000..faa68dadc3b4 --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/jdepend/default.nix @@ -0,0 +1,35 @@ +{ lib, stdenv, fetchFromGitHub, ant, jdk, runtimeShell }: + +stdenv.mkDerivation rec { + pname = "jdepend"; + version = "2.10"; + + src = fetchFromGitHub { + owner = "clarkware"; + repo = "jdepend"; + rev = version; + sha256 = "1lxf3j9vflky7a2py3i59q7cwd1zvjv2b88l3za39vc90s04dz6k"; + }; + + nativeBuildInputs = [ ant jdk ]; + buildPhase = "ant jar"; + + installPhase = '' + mkdir -p $out/bin $out/share + install dist/${pname}-${version}.jar $out/share + + cat > "$out/bin/jdepend" <<EOF + #!${runtimeShell} + exec ${jdk.jre}/bin/java -classpath "$out/share/*" "\$@" + EOF + chmod a+x $out/bin/jdepend + ''; + + meta = with lib; { + description = "Traverses Java class file directories and generates design quality metrics for each Java package"; + homepage = "http://www.clarkware.com/software/JDepend.html"; + license = licenses.bsd3; + platforms = platforms.linux; + maintainers = with maintainers; [ pSub ]; + }; +} diff --git a/nixpkgs/pkgs/development/tools/analysis/kcov/default.nix b/nixpkgs/pkgs/development/tools/analysis/kcov/default.nix new file mode 100644 index 000000000000..15891e74044a --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/kcov/default.nix @@ -0,0 +1,36 @@ +{lib, stdenv, fetchFromGitHub, cmake, pkg-config, zlib, curl, elfutils, python, libiberty, libopcodes}: + +stdenv.mkDerivation rec { + pname = "kcov"; + version = "36"; + + src = fetchFromGitHub { + owner = "SimonKagstrom"; + repo = "kcov"; + rev = "v${version}"; + sha256 = "1q1mw5mxz041lr6qc2v4280rmx13pg1bx5r3bxz9bzs941r405r3"; + }; + + preConfigure = "patchShebangs src/bin-to-c-source.py"; + nativeBuildInputs = [ cmake pkg-config ]; + + buildInputs = [ zlib curl elfutils python libiberty libopcodes ]; + + meta = with lib; { + description = "Code coverage tester for compiled programs, Python scripts and shell scripts"; + + longDescription = '' + Kcov is a code coverage tester for compiled programs, Python + scripts and shell scripts. It allows collecting code coverage + information from executables without special command-line + arguments, and continuosly produces output from long-running + applications. + ''; + + homepage = "http://simonkagstrom.github.io/kcov/index.html"; + license = licenses.gpl2; + + maintainers = with maintainers; [ gal_bolle ekleog ]; + platforms = platforms.linux; + }; +} diff --git a/nixpkgs/pkgs/development/tools/analysis/lcov/default.nix b/nixpkgs/pkgs/development/tools/analysis/lcov/default.nix new file mode 100644 index 000000000000..35c75d67da50 --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/lcov/default.nix @@ -0,0 +1,44 @@ + {lib, stdenv, fetchFromGitHub, perl, perlPackages, makeWrapper }: + +stdenv.mkDerivation rec { + pname = "lcov"; + version = "1.15"; + + src = fetchFromGitHub { + owner = "linux-test-project"; + repo = "lcov"; + rev = "v${version}"; + sha256 = "1kvc7fkp45w48f0bxwbxvxkicnjrrydki0hllg294n1wrp80zzyk"; + }; + + buildInputs = [ perl makeWrapper ]; + + preBuild = '' + patchShebangs bin/ + makeFlagsArray=(PREFIX=$out LCOV_PERL_PATH=$(command -v perl)) + ''; + + postInstall = '' + wrapProgram $out/bin/lcov --set PERL5LIB ${perlPackages.makeFullPerlPath [ perlPackages.PerlIOgzip perlPackages.JSON ]} + wrapProgram $out/bin/genpng --set PERL5LIB ${perlPackages.makeFullPerlPath [ perlPackages.GD ]} + ''; + + meta = with lib; { + description = "Code coverage tool that enhances GNU gcov"; + + longDescription = + '' LCOV is an extension of GCOV, a GNU tool which provides information + about what parts of a program are actually executed (i.e., + "covered") while running a particular test case. The extension + consists of a set of PERL scripts which build on the textual GCOV + output to implement the following enhanced functionality such as + HTML output. + ''; + + homepage = "http://ltp.sourceforge.net/coverage/lcov.php"; + license = lib.licenses.gpl2Plus; + + maintainers = with maintainers; [ dezgeg ]; + platforms = platforms.all; + }; +} diff --git a/nixpkgs/pkgs/development/tools/analysis/makefile2graph/default.nix b/nixpkgs/pkgs/development/tools/analysis/makefile2graph/default.nix new file mode 100644 index 000000000000..66f767f47028 --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/makefile2graph/default.nix @@ -0,0 +1,32 @@ +{ lib, stdenv, fetchFromGitHub, makeWrapper, bash, gnumake }: + +stdenv.mkDerivation { + name = "makefile2graph-2018-01-03"; + + src = fetchFromGitHub { + owner = "lindenb"; + repo = "makefile2graph"; + rev = "61fb95a5ba91c20236f5e4deb11127c34b47091f"; + sha256 = "07hq40bl48i8ka35fcciqcafpd8k9rby1wf4vl2p53v0665xaghr"; + }; + + nativeBuildInputs = [ makeWrapper ]; + + makeFlags = [ "prefix=$(out)" ]; + + fixupPhase = '' + substituteInPlace $out/bin/makefile2graph \ + --replace '/bin/sh' ${bash}/bin/bash \ + --replace 'make2graph' "$out/bin/make2graph" + wrapProgram $out/bin/makefile2graph \ + --set PATH ${lib.makeBinPath [ gnumake ]} + ''; + + meta = with lib; { + homepage = "https://github.com/lindenb/makefile2graph"; + description = "Creates a graph of dependencies from GNU-Make; Output is a graphiz-dot file or a Gexf-XML file"; + maintainers = with maintainers; [ cmcdragonkai ]; + license = licenses.mit; + platforms = platforms.linux; + }; +} diff --git a/nixpkgs/pkgs/development/tools/analysis/massif-visualizer/default.nix b/nixpkgs/pkgs/development/tools/analysis/massif-visualizer/default.nix new file mode 100644 index 000000000000..c2f0236ed0b4 --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/massif-visualizer/default.nix @@ -0,0 +1,30 @@ +{ + mkDerivation, lib, fetchurl, + extra-cmake-modules, shared-mime-info, + qtsvg, qtxmlpatterns, karchive, kconfig, kcoreaddons, kparts, kio, ki18n, + kdiagram, kgraphviewer +}: + +mkDerivation rec { + pname = "massif-visualizer"; + version = "0.7.0"; + + src = fetchurl { + url = "mirror://kde/stable/massif-visualizer/${version}/src/${pname}-${version}.tar.xz"; + sha256 = "0v8z6r9gngzckvqyxjm9kp7hilwfqibyk2f9vag9l98ar0iwr97q"; + }; + + nativeBuildInputs = [ extra-cmake-modules shared-mime-info ]; + + buildInputs = [ + qtsvg qtxmlpatterns karchive kconfig kcoreaddons kparts kio ki18n + kdiagram kgraphviewer + ]; + + meta = with lib; { + description = "Tool that visualizes massif data generated by valgrind"; + license = licenses.gpl2; + platforms = platforms.linux; + maintainers = with maintainers; [ lethalman zraexy ]; + }; +} diff --git a/nixpkgs/pkgs/development/tools/analysis/nix-linter/default.nix b/nixpkgs/pkgs/development/tools/analysis/nix-linter/default.nix new file mode 100644 index 000000000000..138933ebb57f --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/nix-linter/default.nix @@ -0,0 +1,52 @@ +{ lib +, mkDerivation +, fetchFromGitHub +, fetchpatch +, fixplate +, tasty +, tasty-hunit +, tasty-th +, streamly +, mtl +, path +, pretty-terminal +, text +, base +, aeson +, path-io +, cmdargs +, containers +, hnix +, bytestring +}: + +mkDerivation rec { + pname = "nix-linter-unstable"; + version = "2020-09-25"; + + src = fetchFromGitHub { + owner = "Synthetica9"; + repo = "nix-linter"; + rev = "2516a8cda41f9bb553a1c3eca38e3dd94ebf53de"; + sha256 = "07mn2c9v67wsm57jlxv9pqac9hahw4618vngmj2sfbgihx8997kb"; + }; + + isLibrary = false; + isExecutable = true; + libraryHaskellDepends = [ fixplate ]; + executableHaskellDepends = [ streamly mtl path pretty-terminal text base aeson cmdargs containers hnix bytestring path-io ]; + testHaskellDepends = [ tasty tasty-hunit tasty-th ]; + + patches = [ + # raise upper bound on hnix https://github.com/Synthetica9/nix-linter/pull/46 + (fetchpatch { + url = "https://github.com/Synthetica9/nix-linter/commit/b406024e525977b3c69d78d6a94a683e2ded121f.patch"; + sha256 = "0viwbprslcmy70bxy3v27did79nqhlc0jcx4kp0lycswaccvnp1j"; + }) + ]; + + description = "Linter for Nix(pkgs), based on hnix"; + homepage = "https://github.com/Synthetica9/nix-linter"; + license = lib.licenses.bsd3; + maintainers = [ lib.maintainers.marsam ]; +} diff --git a/nixpkgs/pkgs/development/tools/analysis/oclgrind/default.nix b/nixpkgs/pkgs/development/tools/analysis/oclgrind/default.nix new file mode 100644 index 000000000000..72154e909b65 --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/oclgrind/default.nix @@ -0,0 +1,28 @@ +{ lib, stdenv, fetchFromGitHub, cmake, llvmPackages, readline, python }: + +stdenv.mkDerivation rec { + pname = "oclgrind"; + version = "19.10"; + + src = fetchFromGitHub { + owner = "jrprice"; + repo = "oclgrind"; + rev = "v${version}"; + sha256 = "12v5z5x3ls26p3y3yc4mqmh12cazc0nlrwvmfbn6cyg4af9dp0zn"; + }; + + nativeBuildInputs = [ cmake ]; + buildInputs = [ llvmPackages.llvm llvmPackages.clang-unwrapped readline python ]; + + cmakeFlags = [ + "-DCLANG_ROOT=${llvmPackages.clang-unwrapped}" + ]; + + meta = with lib; { + description = "An OpenCL device simulator and debugger"; + homepage = "https://github.com/jrprice/oclgrind"; + license = licenses.bsd3; + platforms = platforms.linux; + maintainers = with maintainers; [ athas ]; + }; +} diff --git a/nixpkgs/pkgs/development/tools/analysis/panopticon/default.nix b/nixpkgs/pkgs/development/tools/analysis/panopticon/default.nix new file mode 100644 index 000000000000..ff5014bd46a9 --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/panopticon/default.nix @@ -0,0 +1,49 @@ +{ lib, stdenv, fetchFromGitHub, rustPlatform, qt5, git, cmake +, pkg-config, makeWrapper }: + +rustPlatform.buildRustPackage rec { + pname = "panopticon"; + version = "unstable-20171202"; + + src = fetchFromGitHub { + owner = "das-labor"; + repo = pname; + rev = "33ffec0d6d379d51b38d6ea00d040f54b1356ae4"; + sha256 = "1zv87nqhrzsxx0m891df4vagzssj3kblfv9yp7j96dw0vn9950qa"; + }; + + nativeBuildInputs = [ cmake pkg-config ]; + buildInputs = [ makeWrapper ]; + propagatedBuildInputs = with qt5; [ + qt5.qtbase + qtdeclarative + qtsvg + qtquickcontrols2 + qtgraphicaleffects + git + ]; + + cargoSha256 = "1hdsn011y9invfy7can8c02zwa7birj9y1rxhrj7wyv4gh3659i0"; + doCheck = false; + + postInstall = '' + mkdir -p $out/share/${pname} $out/bin + cp -R qml $out/share/${pname} + mv $out/bin/${pname} $out/share/${pname} + chmod +x $out/share/${pname} + makeWrapper $out/share/${pname}/${pname} $out/bin/${pname} + ''; + + meta = with lib; { + description = "A libre cross-platform disassembler"; + longDescription = '' + Panopticon is a cross platform disassembler for reverse + engineering written in Rust. It can disassemble AMD64, + x86, AVR and MOS 6502 instruction sets and open ELF files. + Panopticon comes with Qt GUI for browsing and annotating + control flow graphs. + ''; + license = with licenses; [ gpl3 ]; + maintainers = with maintainers; [ leenaars ]; + }; +} diff --git a/nixpkgs/pkgs/development/tools/analysis/pev/default.nix b/nixpkgs/pkgs/development/tools/analysis/pev/default.nix new file mode 100644 index 000000000000..a46bc067f11b --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/pev/default.nix @@ -0,0 +1,30 @@ +{ lib, stdenv, openssl, fetchFromGitHub }: + +stdenv.mkDerivation { + pname = "pev"; + version = "unstable-2020-05-23"; + + src = fetchFromGitHub { + owner = "merces"; + repo = "pev"; + rev = "beec2b4f09585fea919ed41ce466dee06be0b6bf"; + sha256 = "sha256-HrMbk9YbuqkoBBM7+rfXpqVEnd1rDl2rMePdcfU1WDg="; + fetchSubmodules = true; + }; + + buildInputs = [ openssl ]; + + enableParallelBuilding = true; + + makeFlags = [ "prefix=$(out)" ]; + + installFlags = [ "prefix=$(out)" ]; + + meta = with lib; { + description = "A full-featured, open source, multiplatform command line toolkit to work with PE (Portable Executables) binaries"; + homepage = "https://pev.sourceforge.net/"; + license = licenses.gpl2; + maintainers = with maintainers; [ jeschli ]; + platforms = platforms.linux; + }; +} diff --git a/nixpkgs/pkgs/development/tools/analysis/pmd/default.nix b/nixpkgs/pkgs/development/tools/analysis/pmd/default.nix new file mode 100644 index 000000000000..a75445c363b0 --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/pmd/default.nix @@ -0,0 +1,29 @@ +{ lib, stdenv, fetchurl, unzip, makeWrapper, openjdk }: + +stdenv.mkDerivation rec { + pname = "pmd"; + version = "6.29.0"; + + src = fetchurl { + url = "mirror://sourceforge/pmd/pmd-bin-${version}.zip"; + sha256 = "08iibpf9jhkk7ihsmlm85wpjwy1bvznbvggvqyw6109f9gzlrvvq"; + }; + + nativeBuildInputs = [ unzip makeWrapper ]; + + installPhase = '' + runHook preInstall + mkdir -p $out + cp -R {bin,lib} $out + wrapProgram $out/bin/run.sh --prefix PATH : ${openjdk.jre}/bin + runHook postInstall + ''; + + meta = with lib; { + description = "An extensible cross-language static code analyzer"; + homepage = "https://pmd.github.io/"; + changelog = "https://pmd.github.io/pmd-${version}/pmd_release_notes.html"; + platforms = platforms.unix; + license = with licenses; [ bsdOriginal asl20 lgpl3Plus ]; + }; +} diff --git a/nixpkgs/pkgs/development/tools/analysis/qcachegrind/default.nix b/nixpkgs/pkgs/development/tools/analysis/qcachegrind/default.nix new file mode 100644 index 000000000000..0145e51ee262 --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/qcachegrind/default.nix @@ -0,0 +1,40 @@ +{ lib, stdenv, qmake, qtbase, perl, python, php, kcachegrind }: + +let + name = lib.replaceStrings ["kcachegrind"] ["qcachegrind"] kcachegrind.name; + +in stdenv.mkDerivation { + inherit name; + + src = kcachegrind.src; + + buildInputs = [ qtbase perl python php ]; + + nativeBuildInputs = [ qmake ]; + + postInstall = '' + mkdir -p $out/bin + cp -p converters/dprof2calltree $out/bin/dprof2calltree + cp -p converters/hotshot2calltree.cmake $out/bin/hotshot2calltree + cp -p converters/memprof2calltree $out/bin/memprof2calltree + cp -p converters/op2calltree $out/bin/op2calltree + cp -p converters/pprof2calltree $out/bin/pprof2calltree + chmod -R +x $out/bin/ + '' + (if stdenv.isDarwin then '' + mkdir -p $out/Applications + cp cgview/cgview.app/Contents/MacOS/cgview $out/bin + cp -a qcachegrind/qcachegrind.app $out/Applications + '' else '' + install qcachegrind/qcachegrind cgview/cgview -t "$out/bin" + install -Dm644 qcachegrind/qcachegrind.desktop -t "$out/share/applications" + install -Dm644 kcachegrind/32-apps-kcachegrind.png "$out/share/icons/hicolor/32x32/apps/kcachegrind.png" + install -Dm644 kcachegrind/48-apps-kcachegrind.png "$out/share/icons/hicolor/48x48/apps/kcachegrind.png" + ''); + + meta = with lib; { + description = "A Qt GUI to visualize profiling data"; + license = licenses.gpl2; + platforms = platforms.unix; + maintainers = with maintainers; [ periklis ]; + }; +} diff --git a/nixpkgs/pkgs/development/tools/analysis/radare2/cutter.nix b/nixpkgs/pkgs/development/tools/analysis/radare2/cutter.nix new file mode 100644 index 000000000000..6d9543e3836f --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/radare2/cutter.nix @@ -0,0 +1,63 @@ +{ fetchFromGitHub, lib, mkDerivation +# nativeBuildInputs +, qmake, pkg-config +# Qt +, qtbase, qtsvg, qtwebengine +# buildInputs +, r2-for-cutter +, python3 +, wrapQtAppsHook }: + +mkDerivation rec { + pname = "radare2-cutter"; + version = "1.12.0"; + + src = fetchFromGitHub { + owner = "radareorg"; + repo = "cutter"; + rev = "v${version}"; + sha256 = "0ljj3j3apbbw628n2nyrxpbnclixx20bqjxm0xwggqzz9vywsar0"; + }; + + postUnpack = "export sourceRoot=$sourceRoot/src"; + + # Remove this "very helpful" helper file intended for discovering r2, + # as it's a doozy of harddcoded paths and unexpected behavior. + # Happily Nix has everything all set so we don't need it, + # other than as basis for the qmakeFlags set below. + postPatch = '' + substituteInPlace Cutter.pro \ + --replace "include(lib_radare2.pri)" "" + ''; + + nativeBuildInputs = [ qmake pkg-config python3 wrapQtAppsHook ]; + propagatedBuildInputs = [ python3.pkgs.pyside2 ]; + buildInputs = [ qtbase qtsvg qtwebengine r2-for-cutter python3 ]; + + qmakeFlags = with python3.pkgs; [ + "CONFIG+=link_pkg-config" + "PKGCONFIG+=r_core" + # Leaving this enabled doesn't break build but generates errors + # at runtime (to console) about being unable to load needed bits. + # Disable until can be looked at. + "CUTTER_ENABLE_JUPYTER=false" + # Enable support for Python plugins + "CUTTER_ENABLE_PYTHON=true" + "CUTTER_ENABLE_PYTHON_BINDINGS=true" + "SHIBOKEN_EXTRA_OPTIONS+=-I${r2-for-cutter}/include/libr" + ]; + + preBuild = '' + export NIX_LDFLAGS="$NIX_LDFLAGS $(pkg-config --libs python3-embed)" + qtWrapperArgs+=(--prefix PYTHONPATH : "$PYTHONPATH") + ''; + + enableParallelBuilding = true; + + meta = with lib; { + description = "A Qt and C++ GUI for radare2 reverse engineering framework"; + homepage = src.meta.homepage; + license = licenses.gpl3; + maintainers = with maintainers; [ mic92 dtzWill ]; + }; +} diff --git a/nixpkgs/pkgs/development/tools/analysis/radare2/default.nix b/nixpkgs/pkgs/development/tools/analysis/radare2/default.nix new file mode 100644 index 000000000000..3623893ea63e --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/radare2/default.nix @@ -0,0 +1,128 @@ +{lib, stdenv, fetchFromGitHub +, buildPackages +, pkg-config +, libusb-compat-0_1, readline, libewf, perl, zlib, openssl +, libuv, file, libzip, xxHash +, gtk2 ? null, vte ? null, gtkdialog ? null +, python3 ? null +, ruby ? null +, lua ? null +, useX11 ? false +, rubyBindings ? false +, pythonBindings ? false +, luaBindings ? false +}: + +assert useX11 -> (gtk2 != null && vte != null && gtkdialog != null); +assert rubyBindings -> ruby != null; +assert pythonBindings -> python3 != null; + + +let + inherit (lib) optional; + + generic = { + version_commit, # unused + gittap, + gittip, + rev, + version, + sha256, + cs_ver, + cs_sha256 + }: + stdenv.mkDerivation { + pname = "radare2"; + inherit version; + + src = fetchFromGitHub { + owner = "radare"; + repo = "radare2"; + inherit rev sha256; + }; + + postPatch = let + capstone = fetchFromGitHub { + owner = "aquynh"; + repo = "capstone"; + # version from $sourceRoot/shlr/Makefile + rev = cs_ver; + sha256 = cs_sha256; + }; + in '' + mkdir -p build/shlr + cp -r ${capstone} capstone-${cs_ver} + chmod -R +w capstone-${cs_ver} + # radare 3.3 compat for radare2-cutter + (cd shlr && ln -s ../capstone-${cs_ver} capstone) + tar -czvf shlr/capstone-${cs_ver}.tar.gz capstone-${cs_ver} + ''; + + postInstall = '' + install -D -m755 $src/binr/r2pm/r2pm $out/bin/r2pm + ''; + + WITHOUT_PULL="1"; + makeFlags = [ + "GITTAP=${gittap}" + "GITTIP=${gittip}" + "RANLIB=${stdenv.cc.bintools.bintools}/bin/${stdenv.cc.bintools.targetPrefix}ranlib" + ]; + configureFlags = [ + "--with-sysmagic" + "--with-syszip" + "--with-sysxxhash" + "--with-openssl" + ]; + + enableParallelBuilding = true; + depsBuildBuild = [ buildPackages.stdenv.cc ]; + + nativeBuildInputs = [ pkg-config ]; + buildInputs = [ file readline libusb-compat-0_1 libewf perl zlib openssl libuv ] + ++ optional useX11 [ gtkdialog vte gtk2 ] + ++ optional rubyBindings [ ruby ] + ++ optional pythonBindings [ python3 ] + ++ optional luaBindings [ lua ]; + + propagatedBuildInputs = [ + # radare2 exposes r_lib which depends on these libraries + file # for its list of magic numbers (`libmagic`) + libzip + xxHash + ]; + + meta = { + description = "unix-like reverse engineering framework and commandline tools"; + homepage = "http://radare.org/"; + license = lib.licenses.gpl2Plus; + maintainers = with lib.maintainers; [ raskin makefu mic92 ]; + platforms = with lib.platforms; linux; + inherit version; + }; + }; +in { + #<generated> + # DO NOT EDIT! Automatically generated by ./update.py + radare2 = generic { + version_commit = "25480"; + gittap = "5.0.0"; + gittip = "a476454c00f64acbb7425c178c98714ef76e26d7"; + rev = "5.0.0"; + version = "5.0.0"; + sha256 = "0aa7c27kd0l55fy5qfvxqmakp4pz6240v3hn84095qmqkzcbs420"; + cs_ver = "4.0.2"; + cs_sha256 = "0y5g74yjyliciawpn16zhdwya7bd3d7b1cccpcccc2wg8vni1k2w"; + }; + r2-for-cutter = generic { + version_commit = "24959"; + gittap = "4.5.1"; + gittip = "293cf5ae65ba4e28828095dcae212955593ba255"; + rev = "4.5.1"; + version = "4.5.1"; + sha256 = "0qigy1px0jy74c5ig73dc2fqjcy6vcy76i25dx9r3as6zfpkkaxj"; + cs_ver = "4.0.2"; + cs_sha256 = "0y5g74yjyliciawpn16zhdwya7bd3d7b1cccpcccc2wg8vni1k2w"; + }; + #</generated> +} diff --git a/nixpkgs/pkgs/development/tools/analysis/radare2/update.py b/nixpkgs/pkgs/development/tools/analysis/radare2/update.py new file mode 100755 index 000000000000..ebd6e073fe53 --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/radare2/update.py @@ -0,0 +1,153 @@ +#!/usr/bin/env nix-shell +#!nix-shell -p nix -p python3 -p git -i python +# USAGE - just run the script: ./update.py +# When editing this file, make also sure it passes the mypy typecheck +# and is formatted with black. +import fileinput +import json +import xml.etree.ElementTree as ET +from urllib.parse import urlparse +import re +import subprocess +import tempfile +import urllib.request +from datetime import datetime +from pathlib import Path +from typing import Dict + +SCRIPT_DIR = Path(__file__).parent.resolve() + + +def sh(*args: str) -> str: + out = subprocess.check_output(list(args)) + return out.strip().decode("utf-8") + + +def prefetch_github(owner: str, repo: str, ref: str) -> str: + return sh( + "nix-prefetch-url", + "--unpack", + f"https://github.com/{owner}/{repo}/archive/{ref}.tar.gz", + ) + + +def get_radare2_rev() -> str: + feed_url = "http://github.com/radareorg/radare2/releases.atom" + with urllib.request.urlopen(feed_url) as resp: + tree = ET.fromstring(resp.read()) + releases = tree.findall(".//{http://www.w3.org/2005/Atom}entry") + for release in releases: + link = release.find("{http://www.w3.org/2005/Atom}link") + assert link is not None + url = urlparse(link.attrib["href"]) + tag = url.path.split("/")[-1] + if re.match(r"[0-9.]+", tag): + return tag + else: + print(f"ignore {tag}") + raise RuntimeError(f"No release found at {feed_url}") + + +def get_cutter_version() -> str: + version_expr = """ +(with import <nixpkgs> {}; lib.getVersion (qt5.callPackage <radare2/cutter.nix> {})) +""" + return sh("nix", "eval", "--raw", version_expr.strip(), "-I", "radare2={0}".format(SCRIPT_DIR)) + + +def get_r2_cutter_rev() -> str: + version = get_cutter_version() + url = f"https://api.github.com/repos/radareorg/cutter/contents?ref=v{version}" + with urllib.request.urlopen(url) as response: + data = json.load(response) # type: ignore + for entry in data: + if entry["name"] == "radare2": + return entry["sha"] + raise Exception("no radare2 submodule found in github.com/radareorg/cutter") + + +def git(dirname: str, *args: str) -> str: + return sh("git", "-C", dirname, *args) + + +def get_repo_info(dirname: str, rev: str) -> Dict[str, str]: + sha256 = prefetch_github("radare", "radare2", rev) + + cs_ver = None + with open(Path(dirname).joinpath("shlr", "Makefile")) as makefile: + for l in makefile: + match = re.match("CS_VER=(\S+)", l) + if match: + cs_ver = match.group(1) + assert cs_ver is not None + + cs_sha256 = prefetch_github("aquynh", "capstone", cs_ver) + + return dict( + rev=rev, + sha256=sha256, + version_commit=git(dirname, "rev-list", "--all", "--count"), + gittap=git(dirname, "describe", "--tags", "--match", "[0-9]*"), + gittip=git(dirname, "rev-parse", "HEAD"), + cs_ver=cs_ver, + cs_sha256=cs_sha256, + ) + + +def write_package_expr(version: str, info: Dict[str, str]) -> str: + return f"""generic {{ + version_commit = "{info["version_commit"]}"; + gittap = "{info["gittap"]}"; + gittip = "{info["gittip"]}"; + rev = "{info["rev"]}"; + version = "{version}"; + sha256 = "{info["sha256"]}"; + cs_ver = "{info["cs_ver"]}"; + cs_sha256 = "{info["cs_sha256"]}"; + }}""" + + +def main() -> None: + radare2_rev = get_radare2_rev() + r2_cutter_rev = get_r2_cutter_rev() + + with tempfile.TemporaryDirectory() as dirname: + git( + dirname, + "clone", + "--branch", + radare2_rev, + "https://github.com/radare/radare2", + ".", + ) + nix_file = str(SCRIPT_DIR.joinpath("default.nix")) + + radare2_info = get_repo_info(dirname, radare2_rev) + + git(dirname, "checkout", r2_cutter_rev) + + timestamp = git(dirname, "log", "-n1", "--format=%at") + r2_cutter_version = datetime.fromtimestamp(int(timestamp)).strftime("%Y-%m-%d") + + r2_cutter_info = get_repo_info(dirname, r2_cutter_rev) + + in_block = False + with fileinput.FileInput(nix_file, inplace=True) as f: + for l in f: + if "#<generated>" in l: + in_block = True + print( + f""" #<generated> + # DO NOT EDIT! Automatically generated by ./update.py + radare2 = {write_package_expr(radare2_rev, radare2_info)}; + r2-for-cutter = {write_package_expr(r2_cutter_version, r2_cutter_info)}; + #</generated>""" + ) + elif "#</generated>" in l: + in_block = False + elif not in_block: + print(l, end="") + + +if __name__ == "__main__": + main() diff --git a/nixpkgs/pkgs/development/tools/analysis/randoop/default.nix b/nixpkgs/pkgs/development/tools/analysis/randoop/default.nix new file mode 100644 index 000000000000..0d10d6d6b277 --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/randoop/default.nix @@ -0,0 +1,28 @@ +{ lib, stdenv, fetchurl, unzip }: + +stdenv.mkDerivation rec { + version = "4.2.5"; + pname = "randoop"; + + src = fetchurl { + url = "https://github.com/randoop/randoop/releases/download/v${version}/${pname}-${version}.zip"; + sha256 = "0v3vla3k6csfb8w0j9njrhcjj4n7yh172n9wv6z397f1sa0fs202"; + }; + + buildInputs = [ unzip ]; + + installPhase = '' + mkdir -p $out/lib $out/doc + + cp -R *.jar $out/lib + cp README.txt $out/doc + ''; + + meta = with lib; { + description = "Automatic test generation for Java"; + homepage = "https://randoop.github.io/randoop/"; + license = licenses.mit; + maintainers = with maintainers; [ pSub ]; + platforms = platforms.linux; + }; +} diff --git a/nixpkgs/pkgs/development/tools/analysis/retdec/default.nix b/nixpkgs/pkgs/development/tools/analysis/retdec/default.nix new file mode 100644 index 000000000000..1701abeb25fd --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/retdec/default.nix @@ -0,0 +1,233 @@ +{ stdenv +, fetchFromGitHub +, fetchpatch +, fetchzip +, lib +, callPackage +, openssl +, cmake +, autoconf +, automake +, libtool +, pkg-config +, bison +, flex +, groff +, perl +, python3 +, time +, upx +, ncurses +, libffi +, libxml2 +, zlib +, withPEPatterns ? false +}: + +let + capstone = fetchFromGitHub { + owner = "avast-tl"; + repo = "capstone"; + rev = "27c713fe4f6eaf9721785932d850b6291a6073fe"; + sha256 = "105z1g9q7s6n15qpln9vzhlij7vj6cyc5dqdr05n7wzjvlagwgxc"; + }; + elfio = fetchFromGitHub { + owner = "avast-tl"; + repo = "elfio"; + rev = "998374baace397ea98f3b1d768e81c978b4fba41"; + sha256 = "09n34rdp0wpm8zy30zx40wkkc4gbv2k3cv181y6c1260rllwk5d1"; + }; + keystone = fetchFromGitHub { # only for tests + owner = "keystone-engine"; + repo = "keystone"; + rev = "d7ba8e378e5284e6384fc9ecd660ed5f6532e922"; + sha256 = "1yzw3v8xvxh1rysh97y0i8y9svzbglx2zbsqjhrfx18vngh0x58f"; + }; + libdwarf = fetchFromGitHub { + owner = "avast-tl"; + repo = "libdwarf"; + rev = "85465d5e235cc2d2f90d04016d6aca1a452d0e73"; + sha256 = "11y62r65py8yp57i57a4cymxispimn62by9z4j2g19hngrpsgbki"; + }; + llvm = fetchFromGitHub { + owner = "avast-tl"; + repo = "llvm"; + rev = "725d0cee133c6ab9b95c493f05de3b08016f5c3c"; + sha256 = "0dzvafmn4qs62w1y9vh0a11clpj6q3hb41aym4izpcyybjndf9bq"; + }; + pelib = fetchFromGitHub { + owner = "avast-tl"; + repo = "pelib"; + rev = "a7004b2e80e4f6dc984f78b821e7b585a586050d"; + sha256 = "0nyrb3g749lxgcymz1j584xbb1x6rvy1mc700lyn0brznvqsm81n"; + }; + rapidjson = fetchFromGitHub { + owner = "Tencent"; + repo = "rapidjson"; + rev = "v1.1.0"; + sha256 = "1jixgb8w97l9gdh3inihz7avz7i770gy2j2irvvlyrq3wi41f5ab"; + }; + yaracpp = callPackage ./yaracpp.nix {}; # is its own package because it needs a patch + yaramod = fetchFromGitHub { + owner = "avast-tl"; + repo = "yaramod"; + rev = "v2.2.2"; + sha256 = "0cq9h4h686q9ybamisbl797g6xjy211s3cq83nixkwkigmz48ccp"; + }; + jsoncpp = fetchFromGitHub { + owner = "open-source-parsers"; + repo = "jsoncpp"; + rev = "1.8.4"; + sha256 = "1z0gj7a6jypkijmpknis04qybs1hkd04d1arr3gy89lnxmp6qzlm"; + }; + googletest = fetchFromGitHub { # only for tests + owner = "google"; + repo = "googletest"; + rev = "83fa0cb17dad47a1d905526dcdddb5b96ed189d2"; + sha256 = "1c2r0p9v7vz2vasy8bknfb448l6wsvzw35s8hmc5z013z5502mpk"; + }; + tinyxml2 = fetchFromGitHub { + owner = "leethomason"; + repo = "tinyxml2"; + rev = "cc1745b552dd12bb1297a99f82044f83b06729e0"; + sha256 = "015g8520a0c55gwmv7pfdsgfz2rpdmh3d1nq5n9bd65n35492s3q"; + }; + + retdec-support = let + version = "2018-02-08"; # make sure to adjust both hashes (once with withPEPatterns=true and once withPEPatterns=false) + in fetchzip { + url = "https://github.com/avast-tl/retdec-support/releases/download/${version}/retdec-support_${version}.tar.xz"; + sha256 = if withPEPatterns then "148i8flbyj1y4kfdyzsz7jsj38k4h97npjxj18h6v4wksd4m4jm7" + else "0ixv9qyqq40pzyqy6v9jf5rxrvivjb0z0zn260nbmb9gk765bacy"; + stripRoot = false; + # Removing PE signatures reduces this from 3.8GB -> 642MB (uncompressed) + extraPostFetch = lib.optionalString (!withPEPatterns) '' + rm -r "$out/generic/yara_patterns/static-code/pe" + ''; + } // { + inherit version; # necessary to check the version against the expected version + }; + + # patch CMakeLists.txt for a dependency and compare the versions to the ones expected by upstream + # this has to be applied for every dependency (which it is in postPatch) + patchDep = dep: '' + # check if our version of dep is the same version that upstream expects + echo "Checking version of ${dep.dep_name}" + expected_rev="$( sed -n -e 's|.*URL https://github.com/.*/archive/\(.*\)\.zip.*|\1|p' "deps/${dep.dep_name}/CMakeLists.txt" )" + if [ "$expected_rev" != '${dep.rev}' ]; then + echo "The ${dep.dep_name} dependency has the wrong version: ${dep.rev} while $expected_rev is expected." + exit 1 + fi + + # patch the CMakeLists.txt file to use our local copy of the dependency instead of fetching it at build time + sed -i -e 's|URL .*|URL ${dep}|' "deps/${dep.dep_name}/CMakeLists.txt" + ''; + +in stdenv.mkDerivation rec { + pname = "retdec"; + + # If you update this you will also need to adjust the versions of the updated dependencies. You can do this by first just updating retdec + # itself and trying to build it. The build should fail and tell you which dependencies you have to upgrade to which versions. + # I've notified upstream about this problem here: + # https://github.com/avast-tl/retdec/issues/412 + # gcc is pinned to gcc8 in all-packages.nix. That should probably be re-evaluated on update. + version = "3.2"; + + src = fetchFromGitHub { + owner = "avast-tl"; + repo = pname; + rev = "refs/tags/v${version}"; + sha256 = "0chky656lsddn20bnm3pmz6ix20y4a0y8swwr42hrhi01vkhmzrp"; + }; + + nativeBuildInputs = [ + cmake + autoconf + automake + libtool + pkg-config + bison + flex + groff + perl + python3 + ]; + + buildInputs = [ + openssl + ncurses + libffi + libxml2 + zlib + ]; + + cmakeFlags = [ + "-DRETDEC_TESTS=ON" # build tests + ]; + + # all dependencies that are normally fetched during build time (the subdirectories of `deps`) + # all of these need to be fetched through nix and the CMakeLists files need to be patched not to fetch them themselves + external_deps = [ + (capstone // { dep_name = "capstone"; }) + (elfio // { dep_name = "elfio"; }) + (googletest // { dep_name = "googletest"; }) + (jsoncpp // { dep_name = "jsoncpp"; }) + (keystone // { dep_name = "keystone"; }) + (libdwarf // { dep_name = "libdwarf"; }) + (llvm // { dep_name = "llvm"; }) + (pelib // { dep_name = "pelib"; }) + (rapidjson // { dep_name = "rapidjson"; }) + (tinyxml2 // { dep_name = "tinyxml2"; }) + (yaracpp // { dep_name = "yaracpp"; }) + (yaramod // { dep_name = "yaramod"; }) + ]; + + # Use newer yaramod to fix w/bison 3.2+ + patches = [ + # 2.1.2 -> 2.2.1 + (fetchpatch { + url = "https://github.com/avast-tl/retdec/commit/c9d23da1c6e23c149ed684c6becd3f3828fb4a55.patch"; + sha256 = "0hdq634f72fihdy10nx2ajbps561w03dfdsy5r35afv9fapla6mv"; + }) + # 2.2.1 -> 2.2.2 + (fetchpatch { + url = "https://github.com/avast-tl/retdec/commit/fb85f00754b5d13b781385651db557741679721e.patch"; + sha256 = "0a8mwmwb39pr5ag3q11nv81ncdk51shndqrkm92shqrmdq14va52"; + }) + ]; + + postPatch = (lib.concatMapStrings patchDep external_deps) + '' + # install retdec-support + echo "Checking version of retdec-support" + expected_version="$( sed -n -e "s|^version = '\(.*\)'$|\1|p" 'cmake/install-share.py' )" + if [ "$expected_version" != '${retdec-support.version}' ]; then + echo "The retdec-support dependency has the wrong version: ${retdec-support.version} while $expected_version is expected." + exit 1 + fi + mkdir -p "$out/share/retdec" + cp -r ${retdec-support} "$out/share/retdec/support" # write permission needed during install + chmod -R u+w "$out/share/retdec/support" + # python file originally responsible for fetching the retdec-support archive to $out/share/retdec + # that is not necessary anymore, so empty the file + echo > cmake/install-share.py + + # call correct `time` and `upx` programs + substituteInPlace scripts/retdec-config.py --replace /usr/bin/time ${time}/bin/time + substituteInPlace scripts/retdec-unpacker.py --replace "'upx'" "'${upx}/bin/upx'" + ''; + + doInstallCheck = true; + installCheckPhase = '' + ${python3.interpreter} "$out/bin/retdec-tests-runner.py" + + rm -rf $out/bin/__pycache__ + ''; + + meta = with lib; { + description = "A retargetable machine-code decompiler based on LLVM"; + homepage = "https://retdec.com"; + license = licenses.mit; + maintainers = with maintainers; [ dtzWill timokau ]; + platforms = ["x86_64-linux" "i686-linux"]; + }; +} diff --git a/nixpkgs/pkgs/development/tools/analysis/retdec/yaracpp.nix b/nixpkgs/pkgs/development/tools/analysis/retdec/yaracpp.nix new file mode 100644 index 000000000000..c8bc4ed747b3 --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/retdec/yaracpp.nix @@ -0,0 +1,49 @@ +{ stdenv +, fetchFromGitHub +, coreutils +}: + +let + yara = fetchFromGitHub { + owner = "avast-tl"; + repo = "yara"; + rev = "ea101c5856941f39cad2db3012f2660d1d5c8b65"; + sha256 = "033ssx2hql5k4pv9si043s3mjq2b748ymjzif8pg6rdwh260faky"; + }; +in stdenv.mkDerivation rec { + # only fetches the yaracpp source patched to work with a local yara clone, + # does not build anything + pname = "yaracpp-src"; + version = "2018-10-09"; + rev = "b92bde0e59e3b75bc445227e04b71105771dee8b"; # as specified in retdec/deps/yaracpp/CMakeLists.txt + + src = fetchFromGitHub { + inherit rev; + owner = "avast-tl"; + repo = "yaracpp"; + sha256 = "0fan7q79j7s3bjmhsd2nw6sqyi14xgikn7mr2p4nj87lick5l4a2"; + }; + + postPatch = '' + # check if our version of yara is the same version that upstream expects + echo "Checking version of yara" + expected_rev="$( sed -n -e 's|.*URL https://github.com/.*/archive/\(.*\)\.zip.*|\1|p' "deps/CMakeLists.txt" )" + if [ "$expected_rev" != '${yara.rev}' ]; then + echo "The yara dependency has the wrong version: ${yara.rev} while $expected_rev is expected." + exit 1 + fi + + # patch the CMakeLists.txt file to use our local copy of the dependency instead of fetching it at build time + sed -i -e "s|URL .*|URL ${yara}|" "deps/CMakeLists.txt" + + # abuse the CONFIGURE_COMMAND to make the source writeable after copying it to the build locatoin (necessary for the build) + sed -i -e 's|CONFIGURE_COMMAND ""|CONFIGURE_COMMAND COMMAND ${coreutils}/bin/chmod -R u+w .|' "deps/CMakeLists.txt" + ''; + + buildPhase = "# do nothing"; + configurePhase = "# do nothing"; + installPhase = '' + mkdir -p "$out" + cp -r * "$out" + ''; +} diff --git a/nixpkgs/pkgs/development/tools/analysis/rr/default.nix b/nixpkgs/pkgs/development/tools/analysis/rr/default.nix new file mode 100644 index 000000000000..b63713f00073 --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/rr/default.nix @@ -0,0 +1,59 @@ +{ lib, stdenv, fetchFromGitHub, cmake, libpfm, zlib, pkg-config, python3Packages, which, procps, gdb, capnproto }: + +stdenv.mkDerivation rec { + version = "5.4.0"; + pname = "rr"; + + src = fetchFromGitHub { + owner = "mozilla"; + repo = "rr"; + rev = version; + sha256 = "1sfldgkkmsdyaqa28i5agcykc63gwm3zjihd64g86i852w8al2w6"; + }; + + postPatch = '' + substituteInPlace src/Command.cc --replace '_BSD_SOURCE' '_DEFAULT_SOURCE' + sed '7i#include <math.h>' -i src/Scheduler.cc + patchShebangs . + ''; + + # TODO: remove this preConfigure hook after 5.2.0 since it is fixed upstream + # see https://github.com/mozilla/rr/issues/2269 + preConfigure = ''substituteInPlace CMakeLists.txt --replace "std=c++11" "std=c++14"''; + + nativeBuildInputs = [ cmake pkg-config which ]; + buildInputs = [ + libpfm zlib python3Packages.python python3Packages.pexpect procps gdb capnproto + ]; + propagatedBuildInputs = [ gdb ]; # needs GDB to replay programs at runtime + cmakeFlags = [ + "-DCMAKE_C_FLAGS_RELEASE:STRING=" + "-DCMAKE_CXX_FLAGS_RELEASE:STRING=" + "-Ddisable32bit=ON" + ]; + + # we turn on additional warnings due to hardening + NIX_CFLAGS_COMPILE = "-Wno-error"; + + hardeningDisable = [ "fortify" ]; + + # FIXME + #doCheck = true; + + preCheck = "export HOME=$TMPDIR"; + + meta = { + homepage = "https://rr-project.org/"; + description = "Records nondeterministic executions and debugs them deterministically"; + longDescription = '' + rr aspires to be your primary debugging tool, replacing -- well, + enhancing -- gdb. You record a failure once, then debug the + recording, deterministically, as many times as you want. Every + time the same execution is replayed. + ''; + + license = with lib.licenses; [ mit bsd2 ]; + maintainers = with lib.maintainers; [ pierron thoughtpolice ]; + platforms = lib.platforms.x86; + }; +} diff --git a/nixpkgs/pkgs/development/tools/analysis/rr/unstable.nix b/nixpkgs/pkgs/development/tools/analysis/rr/unstable.nix new file mode 100644 index 000000000000..82b644f76ae6 --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/rr/unstable.nix @@ -0,0 +1,23 @@ +# This is a temporary copy of the default.nix in this folder, with the version updated to the current tip of rr's master branch. +# This exists because rr has not had a release in a long time, but there have been a lot of improvements including UX. +# Some of the UX improvements help prevent foot shooting. +# Upstream has stated that it should be fine to use master. +# This file, and its attribute in all-packages, can be removed once rr makes a release. +# For further information, please see https://github.com/NixOS/nixpkgs/issues/99535 "Improve support for the rr debugger in nixos containers" + +{ callPackage, fetchFromGitHub }: + +let + rr = callPackage ./. {}; +in + + rr.overrideAttrs (old: { + version = "unstable-2020-10-04"; + + src = fetchFromGitHub { + owner = "mozilla"; + repo = "rr"; + rev = "9ff375813a740a0a6ebcdfcebc58bd61ab68c667"; + sha256 = "0raifs6cg5ckpi2445inhy3hfhp4p89s1lkx9z17mcc2g1c1phf5"; + }; + }) diff --git a/nixpkgs/pkgs/development/tools/analysis/smatch/default.nix b/nixpkgs/pkgs/development/tools/analysis/smatch/default.nix new file mode 100644 index 000000000000..4330ec3d7426 --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/smatch/default.nix @@ -0,0 +1,35 @@ +{ lib, stdenv, fetchgit, sqlite, pkg-config, perl +, buildllvmsparse ? true +, buildc2xml ? true +, llvm ? null, libxml2 ? null +}: + +assert buildllvmsparse -> llvm != null; +assert buildc2xml -> libxml2 != null; + +stdenv.mkDerivation { + name = "smatch-20120924"; + + src = fetchgit { + url = "git://repo.or.cz/smatch.git"; + rev = "23656e3e578b700cbf96d043f039e6341a3ba5b9"; + sha256 = "0r43qi6vryqg450fj73yjwbb7gzcgx64rhrhb3r1m6a252srijiy"; + }; + + nativeBuildInputs = [ pkg-config ]; + buildInputs = [sqlite perl] + ++ lib.optional buildllvmsparse llvm + ++ lib.optional buildc2xml libxml2; + + preBuild = + '' sed -i Makefile \ + -e "s|^PREFIX=.*|PREFIX = $out|g" + ''; + + meta = { + description = "A semantic analysis tool for C"; + homepage = "http://smatch.sourceforge.net/"; + license = lib.licenses.free; /* OSL, see http://www.opensource.org */ + platforms = lib.platforms.linux; + }; +} diff --git a/nixpkgs/pkgs/development/tools/analysis/snowman/default.nix b/nixpkgs/pkgs/development/tools/analysis/snowman/default.nix new file mode 100644 index 000000000000..261645c062d3 --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/snowman/default.nix @@ -0,0 +1,31 @@ +{ lib, stdenv, mkDerivation, fetchFromGitHub, cmake, boost, qtbase }: + +mkDerivation rec { + pname = "snowman"; + version = "0.1.3"; + + src = fetchFromGitHub { + owner = "yegord"; + repo = "snowman"; + rev = "v${version}"; + sha256 = "1mrmhj2nddi0d47c266vsg5vbapbqbcpj5ld4v1qcwnnk6z2zn0j"; + }; + + nativeBuildInputs = [ cmake ]; + + buildInputs = [ boost qtbase ]; + + postUnpack = '' + export sourceRoot=$sourceRoot/src + ''; + + meta = with lib; { + description = "Native code to C/C++ decompiler"; + homepage = "http://derevenets.com/"; + + # https://github.com/yegord/snowman/blob/master/doc/licenses.asciidoc + license = licenses.gpl3Plus; + maintainers = with maintainers; [ dtzWill ]; + platforms = platforms.all; + }; +} diff --git a/nixpkgs/pkgs/development/tools/analysis/sparse/default.nix b/nixpkgs/pkgs/development/tools/analysis/sparse/default.nix new file mode 100644 index 000000000000..e0d9840472b4 --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/sparse/default.nix @@ -0,0 +1,26 @@ +{ fetchurl, lib, stdenv, pkg-config, libxml2, llvm }: + +stdenv.mkDerivation rec { + name = "sparse-0.5.0"; + + src = fetchurl { + url = "mirror://kernel/software/devel/sparse/dist/${name}.tar.xz"; + sha256 = "1mc86jc5xdrdmv17nqj2cam2yqygnj6ar1iqkwsx2y37ij8wy7wj"; + }; + + preConfigure = '' + sed -i Makefile -e "s|^PREFIX=.*$|PREFIX=$out|g" + ''; + + nativeBuildInputs = [ pkg-config ]; + buildInputs = [ libxml2 llvm ]; + doCheck = true; + + meta = { + description = "Semantic parser for C"; + homepage = "https://git.kernel.org/cgit/devel/sparse/sparse.git/"; + license = lib.licenses.mit; + platforms = lib.platforms.linux; + maintainers = [ lib.maintainers.thoughtpolice ]; + }; +} diff --git a/nixpkgs/pkgs/development/tools/analysis/spin/default.nix b/nixpkgs/pkgs/development/tools/analysis/spin/default.nix new file mode 100644 index 000000000000..49e31f53a846 --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/spin/default.nix @@ -0,0 +1,46 @@ +{ stdenv, lib, fetchurl, makeWrapper, yacc, gcc +, withISpin ? true, tk, swarm, graphviz }: + +let + binPath = lib.makeBinPath [ gcc ]; + ibinPath = lib.makeBinPath [ gcc tk swarm graphviz tk ]; + +in stdenv.mkDerivation rec { + pname = "spin"; + version = "6.4.9"; + url-version = lib.replaceChars ["."] [""] version; + + src = fetchurl { + # The homepage is behind CloudFlare anti-DDoS protection, which blocks cURL. + # Dropbox mirror from developers: + # https://www.dropbox.com/sh/fgzipzp4wpo3qc1/AADZPqS4aoR-pjNF6OQXRLQHa + # (note that this URL doesn't work aross versions and hash should come from official site) + url = "https://www.dropbox.com/sh/fgzipzp4wpo3qc1/AABtxFePMJmPxsxSvU5cpxh8a/spin${url-version}.tar.gz?raw=1"; + sha256 = "07b7wk3qyfnp4pgwicqd33l7i1krzyihx0cf9zkv81ywaklf5vll"; + }; + + nativeBuildInputs = [ makeWrapper ]; + buildInputs = [ yacc ]; + + sourceRoot = "Spin/Src${version}"; + + installPhase = '' + install -Dm644 ../Man/spin.1 $out/share/man/man1/spin.1 + + install -Dm755 spin $out/bin/spin + wrapProgram $out/bin/spin \ + --prefix PATH : ${binPath} + '' + lib.optionalString withISpin '' + install -Dm755 ../iSpin/ispin.tcl $out/bin/ispin + wrapProgram $out/bin/ispin \ + --prefix PATH ':' "$out/bin:${ibinPath}" + ''; + + meta = with lib; { + description = "Formal verification tool for distributed software systems"; + homepage = "http://spinroot.com/"; + license = licenses.free; + platforms = platforms.linux; + maintainers = with maintainers; [ pSub ]; + }; +} diff --git a/nixpkgs/pkgs/development/tools/analysis/splint/darwin.patch b/nixpkgs/pkgs/development/tools/analysis/splint/darwin.patch new file mode 100644 index 000000000000..8c435707571d --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/splint/darwin.patch @@ -0,0 +1,13 @@ +diff --git a/src/osd.c b/src/osd.c +index ebe214a..4ba81d5 100644 +--- a/src/osd.c ++++ b/src/osd.c +@@ -516,7 +516,7 @@ osd_getPid () + # if defined (WIN32) || defined (OS2) && defined (__IBMC__) + int pid = _getpid (); + # else +- __pid_t pid = getpid (); ++ pid_t pid = getpid (); + # endif + + return (int) pid; diff --git a/nixpkgs/pkgs/development/tools/analysis/splint/default.nix b/nixpkgs/pkgs/development/tools/analysis/splint/default.nix new file mode 100644 index 000000000000..581ff56bb614 --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/splint/default.nix @@ -0,0 +1,32 @@ +{ fetchurl, lib, stdenv, flex }: + +stdenv.mkDerivation rec { + name = "splint-3.1.2"; + + src = fetchurl { + url = "http://www.splint.org/downloads/${name}.src.tgz"; + sha256 = "02pv8kscsrkrzip9r08pfs9xs98q74c52mlxzbii6cv6vx1vd3f7"; + }; + + patches = [ ./tmpdir.patch ] ++ lib.optional stdenv.isDarwin ./darwin.patch; + + buildInputs = [ flex ]; + + doCheck = true; + + meta = with lib; { + homepage = "http://www.splint.org/"; + description = "Annotation-assisted lightweight static analyzer for C"; + + longDescription = '' + Splint is a tool for statically checking C programs for security + vulnerabilities and coding mistakes. With minimal effort, Splint + can be used as a better lint. If additional effort is invested + adding annotations to programs, Splint can perform stronger + checking than can be done by any standard lint. + ''; + + license = licenses.gpl2Plus; + platforms = platforms.unix; + }; +} diff --git a/nixpkgs/pkgs/development/tools/analysis/splint/tmpdir.patch b/nixpkgs/pkgs/development/tools/analysis/splint/tmpdir.patch new file mode 100644 index 000000000000..01402ce943bc --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/splint/tmpdir.patch @@ -0,0 +1,16 @@ +Have Splint honor $TMPDIR. + +--- splint-3.1.2/src/context.c 2004-07-31 21:04:26.000000000 +0200 ++++ splint-3.1.2/src/context.c 2008-07-11 10:55:16.000000000 +0200 +@@ -801,7 +801,10 @@ context_resetAllFlags (void) + val = cstring_makeLiteral (env != NULL ? env : DEFAULT_TMPDIR); + } + # else +- val = cstring_makeLiteral (DEFAULT_TMPDIR); ++ { ++ char *env = getenv ("TMPDIR"); ++ val = cstring_makeLiteral (env != NULL ? env : DEFAULT_TMPDIR); ++ } + # endif /* !defined(OS2) && !defined(MSDOS) */ + + break; diff --git a/nixpkgs/pkgs/development/tools/analysis/svlint/default.nix b/nixpkgs/pkgs/development/tools/analysis/svlint/default.nix new file mode 100644 index 000000000000..51b363c6be33 --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/svlint/default.nix @@ -0,0 +1,25 @@ +{ lib +, rustPlatform +, fetchFromGitHub +}: + +rustPlatform.buildRustPackage rec { + pname = "svlint"; + version = "0.4.8"; + + src = fetchFromGitHub { + owner = "dalance"; + repo = "svlint"; + rev = "v${version}"; + sha256 = "1anbanvaikj8g5jcmjd165krzvjdwj1cl8f3vm1nmy997x8vxihf"; + }; + + cargoSha256 = "18xnqsrnf2gc9zny8ayzf1bah8mq1fy5k807cz039gqz36cvnma0"; + + meta = with lib; { + description = "SystemVerilog linter"; + homepage = "https://github.com/dalance/svlint"; + license = licenses.mit; + maintainers = with maintainers; [ trepetti ]; + }; +} diff --git a/nixpkgs/pkgs/development/tools/analysis/swarm/default.nix b/nixpkgs/pkgs/development/tools/analysis/swarm/default.nix new file mode 100644 index 000000000000..894d9a2357ea --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/swarm/default.nix @@ -0,0 +1,25 @@ +{ lib, stdenv, fetchFromGitHub }: + +stdenv.mkDerivation { + name = "swarm-2019-03-11"; + + src = fetchFromGitHub { + owner = "nimble-code"; + repo = "swarm"; + rev = "4b36ed83c8fbb074f2dc5777fe1c0ab4d73cc7d9"; + sha256 = "18zwlwsiiksivjpg6agmbmg0zsw2fl9475ss66b6pgcsya2q4afs"; + }; + + installPhase = '' + install -Dm755 Src/swarm $out/bin/swarm + install -Dm644 Doc/swarm.1 $out/share/man/man1/swarm.1 + ''; + + meta = with lib; { + description = "Verification script generator for Spin"; + homepage = "http://spinroot.com/"; + license = licenses.free; + platforms = platforms.linux; + maintainers = with maintainers; [ abbradar ]; + }; +} diff --git a/nixpkgs/pkgs/development/tools/analysis/tflint/default.nix b/nixpkgs/pkgs/development/tools/analysis/tflint/default.nix new file mode 100644 index 000000000000..617d255d7e51 --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/tflint/default.nix @@ -0,0 +1,27 @@ +{ lib, buildGoModule, fetchFromGitHub }: + +buildGoModule rec { + pname = "tflint"; + version = "0.23.1"; + + src = fetchFromGitHub { + owner = "terraform-linters"; + repo = pname; + rev = "v${version}"; + sha256 = "19vgan743xsnglwva93fs4sqcbpqbyrxbgn5qff809ns8hj8ir94"; + }; + + vendorSha256 = "1y6ra9bkp6wl0pikvyqywhg5w18v3glnyvwqrddkkkabspl05nqx"; + + doCheck = false; + + subPackages = [ "." ]; + + meta = with lib; { + description = "Terraform linter focused on possible errors, best practices, and so on"; + homepage = "https://github.com/terraform-linters/tflint"; + changelog = "https://github.com/terraform-linters/tflint/blob/v${version}/CHANGELOG.md"; + license = licenses.mpl20; + maintainers = [ maintainers.marsam ]; + }; +} diff --git a/nixpkgs/pkgs/development/tools/analysis/tfsec/default.nix b/nixpkgs/pkgs/development/tools/analysis/tfsec/default.nix new file mode 100644 index 000000000000..7d66264564b0 --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/tfsec/default.nix @@ -0,0 +1,24 @@ +{ lib, buildGoPackage, fetchFromGitHub }: + +buildGoPackage rec { + pname = "tfsec"; + version = "0.36.10"; + + src = fetchFromGitHub { + owner = "tfsec"; + repo = pname; + rev = "v${version}"; + sha256 = "11kv13d4cw515r79azfha1ksmvsha1rvg0jak9nvz9ggivyn0s7a"; + }; + + goPackagePath = "github.com/tfsec/tfsec"; + + buildFlagsArray = [ "-ldflags=-s -w -X ${goPackagePath}/version.Version=${version}" ]; + + meta = with lib; { + homepage = "https://github.com/tfsec/tfsec"; + description = "Static analysis powered security scanner for your terraform code"; + license = licenses.mit; + maintainers = [ maintainers.marsam ]; + }; +} diff --git a/nixpkgs/pkgs/development/tools/analysis/uefi-firmware-parser/default.nix b/nixpkgs/pkgs/development/tools/analysis/uefi-firmware-parser/default.nix new file mode 100644 index 000000000000..17f390714620 --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/uefi-firmware-parser/default.nix @@ -0,0 +1,30 @@ +{ lib, stdenv, python3, fetchFromGitHub }: + +with python3.pkgs; + +buildPythonApplication rec { + pname = "uefi-firmware-parser"; + version = "1.8"; + + # Version 1.8 is not published on pypi + src = fetchFromGitHub { + owner = "theopolis"; + repo = "uefi-firmware-parser"; + rev = "v${version}"; + sha256 = "1yn9vi91j1yxkn0icdnjhgl0qrqqkzyhccj39af4f19q1gdw995l"; + }; + + meta = with lib; { + homepage = "https://github.com/theopolis/uefi-firmware-parser/"; + description = "Parse BIOS/Intel ME/UEFI firmware related structures: Volumes, FileSystems, Files, etc"; + # MIT + license headers in some files + license = with licenses; [ + mit + zlib # uefi_firmware/me.py + bsd2 # uefi_firmware/compression/Tiano/**/* + publicDomain # uefi_firmware/compression/LZMA/SDK/C/* + ]; + platforms = [ "x86_64-linux" "aarch64-linux" ]; + maintainers = [ maintainers.samueldr ]; + }; +} diff --git a/nixpkgs/pkgs/development/tools/analysis/valgrind/coregrind-makefile-race.patch b/nixpkgs/pkgs/development/tools/analysis/valgrind/coregrind-makefile-race.patch new file mode 100644 index 000000000000..cd09f0edff37 --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/valgrind/coregrind-makefile-race.patch @@ -0,0 +1,41 @@ +From 7820fc268fae4353118b6355f1d4b9e1b7eeebec Mon Sep 17 00:00:00 2001 +From: Philippe Waroquiers <philippe.waroquiers@skynet.be> +Date: Sun, 28 Oct 2018 18:35:11 +0100 +Subject: [PATCH 1/1] Fix dependencies between libcoregrind*.a and + *m_main.o/*m_libcsetjmp.o + +The primary and secondary coregrind libraries must be updated +when m_main.c or m_libcsetjmp.c are changed. + +A dependency was missing between libcoregrind*.a and libnolto_coregrind*.a, +and so tools were not relinked when m_main.c or m_libcsetjmp.c were +changed. +--- + coregrind/Makefile.am | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/coregrind/Makefile.am b/coregrind/Makefile.am +index 914a270..8de1996 100644 +--- a/coregrind/Makefile.am ++++ b/coregrind/Makefile.am +@@ -511,6 +511,8 @@ libcoregrind_@VGCONF_ARCH_PRI@_@VGCONF_OS@_a_CFLAGS += \ + endif + libcoregrind_@VGCONF_ARCH_PRI@_@VGCONF_OS@_a_LIBADD = \ + $(libnolto_coregrind_@VGCONF_ARCH_PRI@_@VGCONF_OS@_a_OBJECTS) ++libcoregrind_@VGCONF_ARCH_PRI@_@VGCONF_OS@_a_DEPENDENCIES = \ ++ libnolto_coregrind-@VGCONF_ARCH_PRI@-@VGCONF_OS@.a + + if VGCONF_HAVE_PLATFORM_SEC + libcoregrind_@VGCONF_ARCH_SEC@_@VGCONF_OS@_a_SOURCES = \ +@@ -531,6 +533,8 @@ libcoregrind_@VGCONF_ARCH_SEC@_@VGCONF_OS@_a_CFLAGS += \ + endif + libcoregrind_@VGCONF_ARCH_SEC@_@VGCONF_OS@_a_LIBADD = \ + $(libnolto_coregrind_@VGCONF_ARCH_SEC@_@VGCONF_OS@_a_OBJECTS) ++libcoregrind_@VGCONF_ARCH_SEC@_@VGCONF_OS@_a_DEPENDENCIES = \ ++ libnolto_coregrind-@VGCONF_ARCH_SEC@-@VGCONF_OS@.a + endif + + #---------------------------------------------------------------------------- +-- +2.9.3 + diff --git a/nixpkgs/pkgs/development/tools/analysis/valgrind/default.nix b/nixpkgs/pkgs/development/tools/analysis/valgrind/default.nix new file mode 100644 index 000000000000..d99bbe1cae4b --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/valgrind/default.nix @@ -0,0 +1,91 @@ +{ lib, stdenv, fetchurl, perl, gdb, cctools, xnu, bootstrap_cmds }: + +stdenv.mkDerivation rec { + name = "valgrind-3.16.1"; + + src = fetchurl { + url = "https://sourceware.org/pub/valgrind/${name}.tar.bz2"; + sha256 = "1jik19rcd34ip8a5c9nv5wfj8k8maqb8cyclr4xhznq2gcpkl7y9"; + }; + + outputs = [ "out" "dev" "man" "doc" ]; + + hardeningDisable = [ "stackprotector" ]; + + # GDB is needed to provide a sane default for `--db-command'. + # Perl is needed for `callgrind_{annotate,control}'. + buildInputs = [ gdb perl ] ++ lib.optionals (stdenv.isDarwin) [ bootstrap_cmds xnu ]; + + # Perl is also a native build input. + nativeBuildInputs = [ perl ]; + + enableParallelBuilding = true; + separateDebugInfo = stdenv.isLinux; + + preConfigure = lib.optionalString stdenv.isDarwin ( + let OSRELEASE = '' + $(awk -F '"' '/#define OSRELEASE/{ print $2 }' \ + <${xnu}/Library/Frameworks/Kernel.framework/Headers/libkern/version.h)''; + in '' + echo "Don't derive our xnu version using uname -r." + substituteInPlace configure --replace "uname -r" "echo ${OSRELEASE}" + + # Apple's GCC doesn't recognize `-arch' (as of version 4.2.1, build 5666). + echo "getting rid of the \`-arch' GCC option..." + find -name Makefile\* -exec \ + sed -i {} -e's/DARWIN\(.*\)-arch [^ ]\+/DARWIN\1/g' \; + + sed -i coregrind/link_tool_exe_darwin.in \ + -e 's/^my \$archstr = .*/my $archstr = "x86_64";/g' + + substituteInPlace coregrind/m_debuginfo/readmacho.c \ + --replace /usr/bin/dsymutil ${stdenv.cc.bintools.bintools}/bin/dsymutil + + echo "substitute hardcoded /usr/bin/ld with ${cctools}/bin/ld" + substituteInPlace coregrind/link_tool_exe_darwin.in \ + --replace /usr/bin/ld ${cctools}/bin/ld + ''); + + # To prevent rebuild on linux when moving darwin's postPatch fixes to preConfigure + postPatch = ""; + + configureFlags = + lib.optional (stdenv.hostPlatform.system == "x86_64-linux" || stdenv.hostPlatform.system == "x86_64-darwin") "--enable-only64bit" + ++ lib.optional stdenv.hostPlatform.isDarwin "--with-xcodedir=${xnu}/include"; + + doCheck = false; # fails + + postInstall = '' + for i in $out/lib/valgrind/*.supp; do + substituteInPlace $i \ + --replace 'obj:/lib' 'obj:*/lib' \ + --replace 'obj:/usr/X11R6/lib' 'obj:*/lib' \ + --replace 'obj:/usr/lib' 'obj:*/lib' + done + ''; + + meta = { + homepage = "http://www.valgrind.org/"; + description = "Debugging and profiling tool suite"; + + longDescription = '' + Valgrind is an award-winning instrumentation framework for + building dynamic analysis tools. There are Valgrind tools that + can automatically detect many memory management and threading + bugs, and profile your programs in detail. You can also use + Valgrind to build new tools. + ''; + + license = lib.licenses.gpl2Plus; + + maintainers = [ lib.maintainers.eelco ]; + platforms = lib.platforms.unix; + badPlatforms = [ + "armv5tel-linux" "armv6l-linux" "armv6m-linux" + "sparc-linux" "sparc64-linux" + "riscv32-linux" "riscv64-linux" + "alpha-linux" + ]; + broken = stdenv.isDarwin; # https://hydra.nixos.org/build/128521440/nixlog/2 + }; +} diff --git a/nixpkgs/pkgs/development/tools/analysis/valkyrie/default.nix b/nixpkgs/pkgs/development/tools/analysis/valkyrie/default.nix new file mode 100644 index 000000000000..10b9f7291a22 --- /dev/null +++ b/nixpkgs/pkgs/development/tools/analysis/valkyrie/default.nix @@ -0,0 +1,30 @@ +{ lib, stdenv, fetchurl, qt4, qmake4Hook }: + +stdenv.mkDerivation rec { + name = "valkyrie-2.0.0"; + + src = fetchurl { + url = "http://valgrind.org/downloads/${name}.tar.bz2"; + sha256 = "0hwvsncf62mdkahwj9c8hpmm94c1wr5jn89370k6rj894kxry2x7"; + }; + + patchPhase = '' + sed -i '1s;^;#include <unistd.h>\n;' src/objects/tool_object.cpp + sed -i '1s;^;#include <unistd.h>\n;' src/utils/vk_config.cpp + sed -i '1s;^;#include <sys/types.h>\n;' src/utils/vk_config.cpp + sed -i '1s;^;#include <unistd.h>\n;' src/utils/vk_utils.cpp + sed -i '1s;^;#include <sys/types.h>\n;' src/utils/vk_utils.cpp + ''; + + buildInputs = [ qt4 ]; + + nativeBuildInputs = [ qmake4Hook ]; + + meta = with lib; { + homepage = "http://www.valgrind.org/"; + description = "Qt4-based GUI for the Valgrind 3.6.x series"; + license = licenses.gpl2; + platforms = platforms.linux; + maintainers = with maintainers; [ pSub ]; + }; +} |