diff options
Diffstat (limited to 'nixpkgs/pkgs/tools/security/trufflehog')
-rw-r--r-- | nixpkgs/pkgs/tools/security/trufflehog/default.nix | 38 |
1 files changed, 38 insertions, 0 deletions
diff --git a/nixpkgs/pkgs/tools/security/trufflehog/default.nix b/nixpkgs/pkgs/tools/security/trufflehog/default.nix new file mode 100644 index 000000000000..57f49988e75b --- /dev/null +++ b/nixpkgs/pkgs/tools/security/trufflehog/default.nix @@ -0,0 +1,38 @@ +{ lib, python3Packages }: + +let + truffleHogRegexes = python3Packages.buildPythonPackage rec { + pname = "truffleHogRegexes"; + version = "0.0.7"; + src = python3Packages.fetchPypi { + inherit pname version; + sha256 = "b81dfc60c86c1e353f436a0e201fd88edb72d5a574615a7858485c59edf32405"; + }; + }; +in + python3Packages.buildPythonApplication rec { + pname = "truffleHog"; + version = "2.2.1"; + + src = python3Packages.fetchPypi { + inherit pname version; + sha256 = "sha256-fw0JyM2iqQrkL4FAXllEozJdkKWELS3eAURx5NZcceQ="; + }; + + # Relax overly restricted version constraint + postPatch = '' + substituteInPlace setup.py --replace "GitPython ==" "GitPython >= " + ''; + + propagatedBuildInputs = [ python3Packages.GitPython truffleHogRegexes ]; + + # Test cases run git clone and require network access + doCheck = false; + + meta = { + homepage = "https://github.com/dxa4481/truffleHog"; + description = "Searches through git repositories for high entropy strings and secrets, digging deep into commit history"; + license = with lib.licenses; [ gpl2 ]; + maintainers = with lib.maintainers; [ bhipple ]; + }; + } |