about summary refs log tree commit diff
path: root/nixpkgs/pkgs/tools/security/trufflehog/default.nix
diff options
context:
space:
mode:
Diffstat (limited to 'nixpkgs/pkgs/tools/security/trufflehog/default.nix')
-rw-r--r--nixpkgs/pkgs/tools/security/trufflehog/default.nix73
1 files changed, 41 insertions, 32 deletions
diff --git a/nixpkgs/pkgs/tools/security/trufflehog/default.nix b/nixpkgs/pkgs/tools/security/trufflehog/default.nix
index 57f49988e75b..76b27bfebbf6 100644
--- a/nixpkgs/pkgs/tools/security/trufflehog/default.nix
+++ b/nixpkgs/pkgs/tools/security/trufflehog/default.nix
@@ -1,38 +1,47 @@
-{ lib, python3Packages }:
-
-let
-  truffleHogRegexes = python3Packages.buildPythonPackage rec {
-    pname = "truffleHogRegexes";
-    version = "0.0.7";
-    src = python3Packages.fetchPypi {
-      inherit pname version;
-      sha256 = "b81dfc60c86c1e353f436a0e201fd88edb72d5a574615a7858485c59edf32405";
-    };
+{ lib
+, fetchFromGitHub
+, buildGoModule
+, testers
+, trufflehog
+}:
+
+buildGoModule rec {
+  pname = "trufflehog";
+  version = "3.39.0";
+
+  src = fetchFromGitHub {
+    owner = "trufflesecurity";
+    repo = "trufflehog";
+    rev = "refs/tags/v${version}";
+    hash = "sha256-CAYUp/GoGvz/HEVR21Xro50dOefqvNMwo8wo8/MNJko=";
   };
-in
-  python3Packages.buildPythonApplication rec {
-    pname = "truffleHog";
-    version = "2.2.1";
-
-    src = python3Packages.fetchPypi {
-      inherit pname version;
-      sha256 = "sha256-fw0JyM2iqQrkL4FAXllEozJdkKWELS3eAURx5NZcceQ=";
-    };
 
-    # Relax overly restricted version constraint
-    postPatch = ''
-      substituteInPlace setup.py --replace "GitPython ==" "GitPython >= "
-    '';
+  vendorHash = "sha256-eYUoWBNHoXiFvI1zaZ301KayESJWVqbD3D4NytqcDGk=";
 
-    propagatedBuildInputs = [ python3Packages.GitPython truffleHogRegexes ];
+  ldflags = [
+    "-s"
+    "-w"
+    "-X=github.com/trufflesecurity/trufflehog/v3/pkg/version.BuildVersion=${version}"
+  ];
 
-    # Test cases run git clone and require network access
-    doCheck = false;
+  # Test cases run git clone and require network access
+  doCheck = false;
 
-    meta = {
-      homepage = "https://github.com/dxa4481/truffleHog";
-      description = "Searches through git repositories for high entropy strings and secrets, digging deep into commit history";
-      license = with lib.licenses; [ gpl2 ];
-      maintainers = with lib.maintainers; [ bhipple ];
+  postInstall = ''
+    rm $out/bin/{generate,snifftest}
+  '';
+
+  passthru = {
+    tests.version = testers.testVersion {
+      package = trufflehog;
     };
-  }
+  };
+
+  meta = with lib; {
+    description = "Find credentials all over the place";
+    homepage = "https://github.com/trufflesecurity/trufflehog";
+    changelog = "https://github.com/trufflesecurity/trufflehog/releases/tag/v${version}";
+    license = with licenses; [ agpl3Only ];
+    maintainers = with maintainers; [ fab ];
+  };
+}
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-06-02 11:26:55 +0000