diff options
Diffstat (limited to 'nixpkgs/pkgs/tools/security/trufflehog/default.nix')
-rw-r--r-- | nixpkgs/pkgs/tools/security/trufflehog/default.nix | 73 |
1 files changed, 41 insertions, 32 deletions
diff --git a/nixpkgs/pkgs/tools/security/trufflehog/default.nix b/nixpkgs/pkgs/tools/security/trufflehog/default.nix index 57f49988e75b..76b27bfebbf6 100644 --- a/nixpkgs/pkgs/tools/security/trufflehog/default.nix +++ b/nixpkgs/pkgs/tools/security/trufflehog/default.nix @@ -1,38 +1,47 @@ -{ lib, python3Packages }: - -let - truffleHogRegexes = python3Packages.buildPythonPackage rec { - pname = "truffleHogRegexes"; - version = "0.0.7"; - src = python3Packages.fetchPypi { - inherit pname version; - sha256 = "b81dfc60c86c1e353f436a0e201fd88edb72d5a574615a7858485c59edf32405"; - }; +{ lib +, fetchFromGitHub +, buildGoModule +, testers +, trufflehog +}: + +buildGoModule rec { + pname = "trufflehog"; + version = "3.39.0"; + + src = fetchFromGitHub { + owner = "trufflesecurity"; + repo = "trufflehog"; + rev = "refs/tags/v${version}"; + hash = "sha256-CAYUp/GoGvz/HEVR21Xro50dOefqvNMwo8wo8/MNJko="; }; -in - python3Packages.buildPythonApplication rec { - pname = "truffleHog"; - version = "2.2.1"; - - src = python3Packages.fetchPypi { - inherit pname version; - sha256 = "sha256-fw0JyM2iqQrkL4FAXllEozJdkKWELS3eAURx5NZcceQ="; - }; - # Relax overly restricted version constraint - postPatch = '' - substituteInPlace setup.py --replace "GitPython ==" "GitPython >= " - ''; + vendorHash = "sha256-eYUoWBNHoXiFvI1zaZ301KayESJWVqbD3D4NytqcDGk="; - propagatedBuildInputs = [ python3Packages.GitPython truffleHogRegexes ]; + ldflags = [ + "-s" + "-w" + "-X=github.com/trufflesecurity/trufflehog/v3/pkg/version.BuildVersion=${version}" + ]; - # Test cases run git clone and require network access - doCheck = false; + # Test cases run git clone and require network access + doCheck = false; - meta = { - homepage = "https://github.com/dxa4481/truffleHog"; - description = "Searches through git repositories for high entropy strings and secrets, digging deep into commit history"; - license = with lib.licenses; [ gpl2 ]; - maintainers = with lib.maintainers; [ bhipple ]; + postInstall = '' + rm $out/bin/{generate,snifftest} + ''; + + passthru = { + tests.version = testers.testVersion { + package = trufflehog; }; - } + }; + + meta = with lib; { + description = "Find credentials all over the place"; + homepage = "https://github.com/trufflesecurity/trufflehog"; + changelog = "https://github.com/trufflesecurity/trufflehog/releases/tag/v${version}"; + license = with licenses; [ agpl3Only ]; + maintainers = with maintainers; [ fab ]; + }; +} |