about summary refs log tree commit diff
path: root/nixpkgs/pkgs/tools/security/bundler-audit
diff options
context:
space:
mode:
Diffstat (limited to 'nixpkgs/pkgs/tools/security/bundler-audit')
-rw-r--r--nixpkgs/pkgs/tools/security/bundler-audit/Gemfile2
-rw-r--r--nixpkgs/pkgs/tools/security/bundler-audit/Gemfile.lock16
-rw-r--r--nixpkgs/pkgs/tools/security/bundler-audit/default.nix29
-rw-r--r--nixpkgs/pkgs/tools/security/bundler-audit/gemset.nix23
4 files changed, 70 insertions, 0 deletions
diff --git a/nixpkgs/pkgs/tools/security/bundler-audit/Gemfile b/nixpkgs/pkgs/tools/security/bundler-audit/Gemfile
new file mode 100644
index 000000000000..f9fb0e329bd4
--- /dev/null
+++ b/nixpkgs/pkgs/tools/security/bundler-audit/Gemfile
@@ -0,0 +1,2 @@
+source 'https://rubygems.org'
+gem 'bundler-audit'
diff --git a/nixpkgs/pkgs/tools/security/bundler-audit/Gemfile.lock b/nixpkgs/pkgs/tools/security/bundler-audit/Gemfile.lock
new file mode 100644
index 000000000000..f1671500fe43
--- /dev/null
+++ b/nixpkgs/pkgs/tools/security/bundler-audit/Gemfile.lock
@@ -0,0 +1,16 @@
+GEM
+  remote: https://rubygems.org/
+  specs:
+    bundler-audit (0.9.0.1)
+      bundler (>= 1.2.0, < 3)
+      thor (~> 1.0)
+    thor (1.1.0)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  bundler-audit
+
+BUNDLED WITH
+   2.2.20
diff --git a/nixpkgs/pkgs/tools/security/bundler-audit/default.nix b/nixpkgs/pkgs/tools/security/bundler-audit/default.nix
new file mode 100644
index 000000000000..c24831f26b06
--- /dev/null
+++ b/nixpkgs/pkgs/tools/security/bundler-audit/default.nix
@@ -0,0 +1,29 @@
+{ bundlerEnv, ruby, lib, bundlerUpdateScript }:
+
+bundlerEnv rec {
+  name = "${pname}-${version}";
+  pname = "bundler-audit";
+  version = (import ./gemset.nix).bundler-audit.version;
+
+  inherit ruby;
+  gemdir = ./.;
+
+  passthru.updateScript = bundlerUpdateScript "bundler-audit";
+
+  meta = with lib; {
+    description = "Patch-level verification for Bundler";
+    longDescription = ''
+      Features:
+      - Checks for vulnerable versions of gems in Gemfile.lock.
+      - Checks for insecure gem sources (http://).
+      - Allows ignoring certain advisories that have been manually worked around.
+      - Prints advisory information.
+      - Does not require a network connection.
+    '';
+    homepage    = "https://github.com/rubysec/bundler-audit";
+    changelog   = "https://github.com/rubysec/bundler-audit/blob/v${version}/ChangeLog.md";
+    license     = licenses.gpl3Plus;
+    maintainers = with maintainers; [ primeos nicknovitski ];
+    platforms   = platforms.unix;
+  };
+}
diff --git a/nixpkgs/pkgs/tools/security/bundler-audit/gemset.nix b/nixpkgs/pkgs/tools/security/bundler-audit/gemset.nix
new file mode 100644
index 000000000000..a740f40e4073
--- /dev/null
+++ b/nixpkgs/pkgs/tools/security/bundler-audit/gemset.nix
@@ -0,0 +1,23 @@
+{
+  bundler-audit = {
+    dependencies = ["thor"];
+    groups = ["default"];
+    platforms = [];
+    source = {
+      remotes = ["https://rubygems.org"];
+      sha256 = "05k19l5388248rd74cn2lm2ksci7fzmga74n835v7k31m4kbzw8v";
+      type = "gem";
+    };
+    version = "0.9.0.1";
+  };
+  thor = {
+    groups = ["default"];
+    platforms = [];
+    source = {
+      remotes = ["https://rubygems.org"];
+      sha256 = "18yhlvmfya23cs3pvhr1qy38y41b6mhr5q9vwv5lrgk16wmf3jna";
+      type = "gem";
+    };
+    version = "1.1.0";
+  };
+}
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-08-07 08:06:40 +0000