diff options
Diffstat (limited to 'nixpkgs/pkgs/tools/security')
203 files changed, 1525 insertions, 1123 deletions
diff --git a/nixpkgs/pkgs/tools/security/acsccid/default.nix b/nixpkgs/pkgs/tools/security/acsccid/default.nix index f471393b2cfc..dea5c14fc3bc 100644 --- a/nixpkgs/pkgs/tools/security/acsccid/default.nix +++ b/nixpkgs/pkgs/tools/security/acsccid/default.nix @@ -62,7 +62,7 @@ stdenv.mkDerivation rec { ''; meta = with lib; { - description = "A PC/SC driver for Linux/Mac OS X and it supports ACS CCID smart card readers"; + description = "PC/SC driver for Linux/Mac OS X and it supports ACS CCID smart card readers"; longDescription = '' acsccid is a PC/SC driver for Linux/Mac OS X and it supports ACS CCID smart card readers. This library provides a PC/SC IFD handler implementation and diff --git a/nixpkgs/pkgs/tools/security/age-plugin-ledger/default.nix b/nixpkgs/pkgs/tools/security/age-plugin-ledger/default.nix index d3e1e49904ef..516edc55db39 100644 --- a/nixpkgs/pkgs/tools/security/age-plugin-ledger/default.nix +++ b/nixpkgs/pkgs/tools/security/age-plugin-ledger/default.nix @@ -36,7 +36,7 @@ rustPlatform.buildRustPackage rec { ]; meta = with lib; { - description = "A Ledger Nano plugin for age"; + description = "Ledger Nano plugin for age"; mainProgram = "age-plugin-ledger"; homepage = "https://github.com/Ledger-Donjon/age-plugin-ledger"; license = with licenses; [ mit asl20 ]; diff --git a/nixpkgs/pkgs/tools/security/age/default.nix b/nixpkgs/pkgs/tools/security/age/default.nix index ea8108fde301..89acb4d14c33 100644 --- a/nixpkgs/pkgs/tools/security/age/default.nix +++ b/nixpkgs/pkgs/tools/security/age/default.nix @@ -2,36 +2,16 @@ buildGoModule rec { pname = "age"; - version = "1.1.1"; - vendorHash = "sha256-MumPdRTz840+hoisJ7ADgBhyK3n8P6URobbRJYDFkDY="; + version = "1.2.0"; src = fetchFromGitHub { owner = "FiloSottile"; repo = "age"; rev = "v${version}"; - sha256 = "sha256-LRxxJQLQkzoCNYGS/XBixVmYXoZ1mPHKvFicPGXYLcw="; + hash = "sha256-O0NKDPvr+6ZupakPIpnGgDcdfG3nWR1pvVE+3KkYurY="; }; - # Worked with the upstream to change the way test vectors were sourced from - # another repo at test run time, so we can run test without network access. - # https://github.com/FiloSottile/age/pull/476 - # - # Changes landed after v1.1.1, so we'll patch this one until next release. - patches = [ - # Revert "all: temporarily disable testscript tests" - (fetchpatch { - name = "0001-revert-temporarily-disabled-testscript-tests.patch"; - url = "https://github.com/FiloSottile/age/commit/5471e05672de168766f5f11453fd324c53c264e5.patch"; - sha256 = "sha256-F3oDhRWJqqcF9MDDWPeO9V/wUGXkmUXY87wgokUIoOk="; - }) - - # age: depend on c2sp.org/CCTV/age for TestVectors - (fetchpatch { - name = "0002-depend-on-c2sp_cctv_age__TestVectors.patch"; - url = "https://github.com/FiloSottile/age/commit/edf7388f7731b274b055dcab3ec4006cc4961b68.patch"; - sha256 = "sha256-CloCj/uF3cqTeCfRkV6TeYiovuDQXm1ZIklREWAot1E="; - }) - ]; + vendorHash = "sha256-5We4OYoexzzSF1AkxuGCUwuYJ3Wra+T6mCcT4XYgzhU="; ldflags = [ "-s" "-w" "-X main.Version=${version}" @@ -59,6 +39,7 @@ buildGoModule rec { ]; meta = with lib; { + changelog = "https://github.com/FiloSottile/age/releases/tag/v${version}"; homepage = "https://age-encryption.org/"; description = "Modern encryption tool with small explicit keys"; license = licenses.bsd3; diff --git a/nixpkgs/pkgs/tools/security/aide/default.nix b/nixpkgs/pkgs/tools/security/aide/default.nix index d5d1fe2ae5a1..a0cbd7da0f96 100644 --- a/nixpkgs/pkgs/tools/security/aide/default.nix +++ b/nixpkgs/pkgs/tools/security/aide/default.nix @@ -21,7 +21,7 @@ stdenv.mkDerivation rec { meta = with lib; { homepage = "https://aide.github.io/"; - description = "A file and directory integrity checker"; + description = "File and directory integrity checker"; mainProgram = "aide"; license = licenses.gpl2Plus; maintainers = with maintainers; [ happysalada ]; diff --git a/nixpkgs/pkgs/tools/security/apkleaks/default.nix b/nixpkgs/pkgs/tools/security/apkleaks/default.nix index 29a0b17ccb32..a8be3c4323c8 100644 --- a/nixpkgs/pkgs/tools/security/apkleaks/default.nix +++ b/nixpkgs/pkgs/tools/security/apkleaks/default.nix @@ -1,23 +1,25 @@ -{ lib -, fetchFromGitHub -, jadx -, python3 +{ + lib, + fetchFromGitHub, + jadx, + python3, }: python3.pkgs.buildPythonApplication rec { pname = "apkleaks"; - version = "2.6.1"; - - disabled = python3.pythonOlder "3.6"; + version = "2.6.2"; + pyproject = true; src = fetchFromGitHub { owner = "dwisiswant0"; - repo = pname; - rev = "v${version}"; - sha256 = "0ysciv643p8gkqw2wp7zy4n07hihdcyil8d20lj86cpgga71rd64"; + repo = "apkleaks"; + rev = "refs/tags/v${version}"; + hash = "sha256-a7zOowvhV9H91RwNDImN2+ecixY8g3WUotlBQVdmLgA="; }; - propagatedBuildInputs = with python3.pkgs; [ + build-system = with python3.pkgs; [ setuptools ]; + + dependencies = with python3.pkgs; [ jadx pyaxmlparser setuptools @@ -31,7 +33,8 @@ python3.pkgs.buildPythonApplication rec { meta = with lib; { description = "Scanning APK file for URIs, endpoints and secrets"; homepage = "https://github.com/dwisiswant0/apkleaks"; - license = with licenses; [ asl20 ]; + changelog = "https://github.com/dwisiswant0/apkleaks/releases/tag/v${version}"; + license = licenses.asl20; maintainers = with maintainers; [ fab ]; mainProgram = "apkleaks"; }; diff --git a/nixpkgs/pkgs/tools/security/argocd-vault-plugin/default.nix b/nixpkgs/pkgs/tools/security/argocd-vault-plugin/default.nix index b80a67792e5b..3219d0a74e2b 100644 --- a/nixpkgs/pkgs/tools/security/argocd-vault-plugin/default.nix +++ b/nixpkgs/pkgs/tools/security/argocd-vault-plugin/default.nix @@ -7,16 +7,16 @@ buildGoModule rec { pname = "argocd-vault-plugin"; - version = "1.17.0"; + version = "1.18.1"; src = fetchFromGitHub { owner = "argoproj-labs"; repo = pname; rev = "v${version}"; - hash = "sha256-YH7yNRaKdYzasaxYSManuiImyxglmIwgLvDKjUg3MR8="; + hash = "sha256-rWNR4GVivuEprdX/xhwk/9SReeJ19UWDWx8Bf8z6CTI="; }; - vendorHash = "sha256-0PrGrcS8Gx0cVImGrlmXlycFgWCTLjg2ISi0OhYoPpw="; + vendorHash = "sha256-iZ3WWM5p0UuKpdLq6wczLtgX01q6Vtx8j/XCAH+4POs="; ldflags = [ "-X=github.com/argoproj-labs/argocd-vault-plugin/version.Version=v${version}" @@ -38,7 +38,7 @@ buildGoModule rec { meta = with lib; { homepage = "https://argocd-vault-plugin.readthedocs.io"; changelog = "https://github.com/argoproj-labs/argocd-vault-plugin/releases/tag/v${version}"; - description = "An Argo CD plugin to retrieve secrets from Secret Management tools and inject them into Kubernetes secrets"; + description = "Argo CD plugin to retrieve secrets from Secret Management tools and inject them into Kubernetes secrets"; mainProgram = "argocd-vault-plugin"; license = licenses.asl20; maintainers = with maintainers; [ urandom ]; diff --git a/nixpkgs/pkgs/tools/security/arti/default.nix b/nixpkgs/pkgs/tools/security/arti/default.nix index 0dfd7c612292..8a00d80c0e8a 100644 --- a/nixpkgs/pkgs/tools/security/arti/default.nix +++ b/nixpkgs/pkgs/tools/security/arti/default.nix @@ -34,7 +34,7 @@ rustPlatform.buildRustPackage rec { cargoTestFlags = [ "--package" "arti" ]; meta = with lib; { - description = "An implementation of Tor in Rust"; + description = "Implementation of Tor in Rust"; mainProgram = "arti"; homepage = "https://arti.torproject.org/"; changelog = "https://gitlab.torproject.org/tpo/core/arti/-/blob/${src.rev}/CHANGELOG.md"; diff --git a/nixpkgs/pkgs/tools/security/b2sum/default.nix b/nixpkgs/pkgs/tools/security/b2sum/default.nix index 1ce14a55b079..0dc8a9b35e83 100644 --- a/nixpkgs/pkgs/tools/security/b2sum/default.nix +++ b/nixpkgs/pkgs/tools/security/b2sum/default.nix @@ -31,7 +31,7 @@ stdenv.mkDerivation (finalAttrs: { installFlags = [ "PREFIX=$(out)" ]; meta = with lib; { - description = "The b2sum utility is similar to the md5sum or shasum utilities but for BLAKE2"; + description = "B2sum utility is similar to the md5sum or shasum utilities but for BLAKE2"; mainProgram = "b2sum"; homepage = "https://blake2.net"; license = with licenses; [ asl20 cc0 openssl ]; diff --git a/nixpkgs/pkgs/tools/security/bao/default.nix b/nixpkgs/pkgs/tools/security/bao/default.nix index 503896885c13..0a6c615fb5a6 100644 --- a/nixpkgs/pkgs/tools/security/bao/default.nix +++ b/nixpkgs/pkgs/tools/security/bao/default.nix @@ -16,7 +16,7 @@ rustPlatform.buildRustPackage rec { cargoHash = "sha256-SNsRN5XgchZq6/BZnMeahIqnkP4Jq6bZxbE5cDVpsQA="; meta = { - description = "An implementation of BLAKE3 verified streaming"; + description = "Implementation of BLAKE3 verified streaming"; homepage = "https://github.com/oconnor663/bao"; maintainers = with lib.maintainers; [ amarshall ]; license = with lib.licenses; [ cc0 asl20 ]; diff --git a/nixpkgs/pkgs/tools/security/bettercap/default.nix b/nixpkgs/pkgs/tools/security/bettercap/default.nix index 2ece9ee6e4c4..db1104447951 100644 --- a/nixpkgs/pkgs/tools/security/bettercap/default.nix +++ b/nixpkgs/pkgs/tools/security/bettercap/default.nix @@ -28,7 +28,7 @@ buildGoModule rec { ++ lib.optionals stdenv.isLinux [ libnfnetlink libnetfilter_queue ]; meta = with lib; { - description = "A man in the middle tool"; + description = "Man in the middle tool"; longDescription = '' BetterCAP is a powerful, flexible and portable tool created to perform various types of MITM attacks against a network, manipulate HTTP, HTTPS and TCP traffic diff --git a/nixpkgs/pkgs/tools/security/beyond-identity/default.nix b/nixpkgs/pkgs/tools/security/beyond-identity/default.nix index 31b3439f0e87..4d535cbb89e1 100644 --- a/nixpkgs/pkgs/tools/security/beyond-identity/default.nix +++ b/nixpkgs/pkgs/tools/security/beyond-identity/default.nix @@ -5,7 +5,7 @@ let pname = "beyond-identity"; - version = "2.60.0-0"; + version = "2.97.0-0"; libPath = lib.makeLibraryPath ([ glib glibc openssl tpm2-tss gtk3 gnome.gnome-keyring polkit polkit_gnome ]); meta = with lib; { description = "Passwordless MFA identities for workforces, customers, and developers"; @@ -22,7 +22,7 @@ let src = fetchurl { url = "https://packages.beyondidentity.com/public/linux-authenticator/deb/ubuntu/pool/focal/main/b/be/${pname}_${version}/${pname}_${version}_amd64.deb"; - hash = "sha512-JrHLf7KkJVbJLxx54OTvOSaIzY3+hjX+bpkeBHKX23YriCJssUUvEP6vlbI4r6gjMMFMhW92k0iikAgD1Tr4ug=="; + hash = "sha512-aOQi0hG7AZ3lIAPCDgGAjqVmNCuqFC62CjI9XPLBpvbxBgr2yi7alP952i31MufzzruzVweoQb8SWgNIHq/zIw=="; }; nativeBuildInputs = [ @@ -38,9 +38,6 @@ let rm -rf usr/share/doc - # https://github.com/NixOS/nixpkgs/issues/42117 - sed -i -e 's/auth_self/yes/g' usr/share/polkit-1/actions/com.beyondidentity.endpoint.stepup.policy - cp -ar usr/{bin,share} $out cp -ar opt/beyond-identity/bin $out/opt/beyond-identity @@ -71,8 +68,7 @@ let }; # /usr/bin/pkcheck is hardcoded in binary - we need FHS in buildFHSEnv { - inherit meta; - name = pname; + inherit pname version meta; targetPkgs = pkgs: [ beyond-identity diff --git a/nixpkgs/pkgs/tools/security/binbloom/default.nix b/nixpkgs/pkgs/tools/security/binbloom/default.nix index ce99de997cc0..766e40f8f059 100644 --- a/nixpkgs/pkgs/tools/security/binbloom/default.nix +++ b/nixpkgs/pkgs/tools/security/binbloom/default.nix @@ -6,13 +6,13 @@ stdenv.mkDerivation rec { pname = "binbloom"; - version = "2.0"; + version = "2.1"; src = fetchFromGitHub { owner = "quarkslab"; repo = pname; rev = "v${version}"; - hash = "sha256-UiKiDey/pHtJDr4UYqt+T/TneKig5tT8YU2u98Ttjmo="; + hash = "sha256-ox4o9RPtqMsme//8dVatNUo+mA/6dM9eI/T5lsuSAus="; }; nativeBuildInputs = [ autoreconfHook ]; diff --git a/nixpkgs/pkgs/tools/security/bkcrack/default.nix b/nixpkgs/pkgs/tools/security/bkcrack/default.nix index afc18759c78d..5bebb8618b7e 100644 --- a/nixpkgs/pkgs/tools/security/bkcrack/default.nix +++ b/nixpkgs/pkgs/tools/security/bkcrack/default.nix @@ -7,13 +7,13 @@ stdenv.mkDerivation (finalAttrs: { pname = "bkcrack"; - version = "1.6.1"; + version = "1.7.0"; src = fetchFromGitHub { owner = "kimci86"; repo = "bkcrack"; rev = "v${finalAttrs.version}"; - hash = "sha256-x7JK7+DcD2uSWZRTJQPGCcF2mHBlu6FwYUbuYzbvD+s="; + hash = "sha256-smDmnqmYuFT3ip3ULQfiiF5YxkwzPwPYBujqq9GUyMs="; }; passthru.updateScript = nix-update-script { }; diff --git a/nixpkgs/pkgs/tools/security/cdxgen/default.nix b/nixpkgs/pkgs/tools/security/cdxgen/default.nix index 1742e47f1d84..a71b6ba5fef2 100644 --- a/nixpkgs/pkgs/tools/security/cdxgen/default.nix +++ b/nixpkgs/pkgs/tools/security/cdxgen/default.nix @@ -5,16 +5,16 @@ buildNpmPackage rec { pname = "cdxgen"; - version = "10.5.1"; + version = "10.5.2"; src = fetchFromGitHub { owner = "AppThreat"; repo = pname; rev = "v${version}"; - sha256 = "sha256-sGFKmO3nsu5xvli6uGcRAc6CRJgQEvb6avShh2Z0kYg="; + sha256 = "sha256-CmX19UdmXTbmO+6nFzsFbZspmIWYFtcUVaA0j8iU7GI="; }; - npmDepsHash = "sha256-1dKy9/cDr29RrVorpEdNNxPGGX12d/JXAU2g7IAdV/8="; + npmDepsHash = "sha256-Vd+zRExQFmmv9f8uWQFE/nWRs6y86nLFu5HrM6iCf7U="; dontNpmBuild = true; diff --git a/nixpkgs/pkgs/tools/security/cewl/default.nix b/nixpkgs/pkgs/tools/security/cewl/default.nix index dc1ad37513da..833c52125079 100644 --- a/nixpkgs/pkgs/tools/security/cewl/default.nix +++ b/nixpkgs/pkgs/tools/security/cewl/default.nix @@ -29,6 +29,5 @@ stdenv.mkDerivation rec { mainProgram = "cewl"; homepage = "https://digi.ninja/projects/cewl.php/"; license = licenses.gpl3Plus; - maintainers = with maintainers; [ elohmeier ]; }; } diff --git a/nixpkgs/pkgs/tools/security/cfripper/default.nix b/nixpkgs/pkgs/tools/security/cfripper/default.nix index edacd10e8b05..a1c9f9484981 100644 --- a/nixpkgs/pkgs/tools/security/cfripper/default.nix +++ b/nixpkgs/pkgs/tools/security/cfripper/default.nix @@ -3,36 +3,32 @@ , python3 }: - -let - python = python3.override { - packageOverrides = self: super: { - pydantic = self.pydantic_1; - }; - }; -in python.pkgs.buildPythonApplication rec { +python3.pkgs.buildPythonApplication rec { pname = "cfripper"; - version = "1.15.6"; + version = "1.15.7"; pyproject = true; src = fetchFromGitHub { owner = "Skyscanner"; repo = "cfripper"; rev = "refs/tags/v${version}"; - hash = "sha256-h/NNTE5u1coyD4owiGjsK6SIuvDq1SQOPW4RM4yJtno="; + hash = "sha256-ymuxZwW3Pwx/CyG2iPoY7LP9e+1K6EUBi/TApg0YvkE="; }; pythonRelaxDeps = [ "pluggy" ]; - nativeBuildInputs = with python.pkgs; [ - pythonRelaxDepsHook + build-system = with python3.pkgs; [ setuptools setuptools-scm ]; - propagatedBuildInputs = with python.pkgs; [ + nativeBuildInputs = with python3.pkgs; [ + pythonRelaxDepsHook + ]; + + dependencies = with python3.pkgs; [ boto3 cfn-flip click @@ -43,7 +39,7 @@ in python.pkgs.buildPythonApplication rec { setuptools ]; - nativeCheckInputs = with python.pkgs; [ + nativeCheckInputs = with python3.pkgs; [ moto pytestCheckHook ]; @@ -65,10 +61,10 @@ in python.pkgs.buildPythonApplication rec { meta = with lib; { description = "Tool for analysing CloudFormation templates"; - mainProgram = "cfripper"; homepage = "https://github.com/Skyscanner/cfripper"; changelog = "https://github.com/Skyscanner/cfripper/releases/tag/v${version}"; license = with licenses; [ asl20 ]; maintainers = with maintainers; [ fab ]; + mainProgram = "cfripper"; }; } diff --git a/nixpkgs/pkgs/tools/security/chain-bench/default.nix b/nixpkgs/pkgs/tools/security/chain-bench/default.nix index 883674951b14..1fc50d665002 100644 --- a/nixpkgs/pkgs/tools/security/chain-bench/default.nix +++ b/nixpkgs/pkgs/tools/security/chain-bench/default.nix @@ -42,7 +42,7 @@ buildGoModule rec { meta = with lib; { homepage = "https://github.com/aquasecurity/chain-bench"; changelog = "https://github.com/aquasecurity/chain-bench/releases/tag/v${version}"; - description = "An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchmark"; + description = "Open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchmark"; mainProgram = "chain-bench"; longDescription = '' Chain-bench is an open-source tool for auditing your software supply chain diff --git a/nixpkgs/pkgs/tools/security/cherrybomb/default.nix b/nixpkgs/pkgs/tools/security/cherrybomb/default.nix index 6f8fc1d2a8e3..139ac5aea1ad 100644 --- a/nixpkgs/pkgs/tools/security/cherrybomb/default.nix +++ b/nixpkgs/pkgs/tools/security/cherrybomb/default.nix @@ -21,7 +21,7 @@ rustPlatform.buildRustPackage rec { ]; meta = with lib; { - description = "A CLI tool that helps you avoid undefined user behavior by validating your API specifications"; + description = "CLI tool that helps you avoid undefined user behavior by validating your API specifications"; mainProgram = "cherrybomb"; homepage = "https://github.com/blst-security/cherrybomb"; changelog = "https://github.com/blst-security/cherrybomb/releases/tag/v${version}"; diff --git a/nixpkgs/pkgs/tools/security/chntpw/default.nix b/nixpkgs/pkgs/tools/security/chntpw/default.nix index 827a00f718c1..60cbed0f3d3d 100644 --- a/nixpkgs/pkgs/tools/security/chntpw/default.nix +++ b/nixpkgs/pkgs/tools/security/chntpw/default.nix @@ -60,7 +60,7 @@ stdenv.mkDerivation rec { meta = with lib; { homepage = "http://pogostick.net/~pnh/ntpasswd/"; - description = "An utility to reset the password of any user that has a valid local account on a Windows system"; + description = "Utility to reset the password of any user that has a valid local account on a Windows system"; maintainers = with lib.maintainers; [ deepfire ]; license = licenses.gpl2Only; platforms = lib.platforms.unix; diff --git a/nixpkgs/pkgs/tools/security/cnquery/default.nix b/nixpkgs/pkgs/tools/security/cnquery/default.nix index ad09b62e713a..22bb67677b0a 100644 --- a/nixpkgs/pkgs/tools/security/cnquery/default.nix +++ b/nixpkgs/pkgs/tools/security/cnquery/default.nix @@ -6,18 +6,18 @@ buildGoModule rec { pname = "cnquery"; - version = "11.4.3"; + version = "11.8.0"; src = fetchFromGitHub { owner = "mondoohq"; repo = "cnquery"; rev = "refs/tags/v${version}"; - hash = "sha256-j2cBoeUpxZV8NlC0D3e6bF533LVN0eIRqE7PSIWBGEw="; + hash = "sha256-TlDhfz7nS4zUalYlcvlc1pqytQI24rYCR6mayKX0X0M="; }; subPackages = [ "apps/cnquery" ]; - vendorHash = "sha256-kovSP+ru32vxve8tmeTRS1fsWTpyBTWhLp5iexKo0Fk="; + vendorHash = "sha256-9oOXiBvCNRV/spusFgG5f29I7CI5fy872NsAezOgs6c="; ldflags = [ "-w" diff --git a/nixpkgs/pkgs/tools/security/cnspec/default.nix b/nixpkgs/pkgs/tools/security/cnspec/default.nix index 2835576a8d6a..b02cc7ed4867 100644 --- a/nixpkgs/pkgs/tools/security/cnspec/default.nix +++ b/nixpkgs/pkgs/tools/security/cnspec/default.nix @@ -6,18 +6,18 @@ buildGoModule rec { pname = "cnspec"; - version = "11.4.3"; + version = "11.9.0"; src = fetchFromGitHub { owner = "mondoohq"; repo = "cnspec"; rev = "refs/tags/v${version}"; - hash = "sha256-vLkGysRhcSzSu++p71hZLbA0RNCDcukC3HqPrUugd/s="; + hash = "sha256-ry8VUMTswRwt0QViTi6ZnYxDN9P5wVdXLsNJlvhJ3yM="; }; proxyVendor = true; - vendorHash = "sha256-wL0cXNfJ8qyonUQRE7w2cRoqGLa6NGhv3EPFie/9/Z4="; + vendorHash = "sha256-csSdZifkohlAVD2vXe4P1J4nX+EJNFB+YaVXRZKBsKI="; subPackages = [ "apps/cnspec" ]; @@ -28,7 +28,7 @@ buildGoModule rec { ]; meta = with lib; { - description = "An open source, cloud-native security and policy project"; + description = "Open source, cloud-native security and policy project"; homepage = "https://github.com/mondoohq/cnspec"; changelog = "https://github.com/mondoohq/cnspec/releases/tag/v${version}"; license = licenses.bsl11; diff --git a/nixpkgs/pkgs/tools/security/crowbar/default.nix b/nixpkgs/pkgs/tools/security/crowbar/default.nix index 095004ab76df..114fdca5a85d 100644 --- a/nixpkgs/pkgs/tools/security/crowbar/default.nix +++ b/nixpkgs/pkgs/tools/security/crowbar/default.nix @@ -35,7 +35,7 @@ python3Packages.buildPythonApplication rec { meta = with lib; { homepage = "https://github.com/galkan/crowbar"; - description = "A brute forcing tool that can be used during penetration tests"; + description = "Brute forcing tool that can be used during penetration tests"; mainProgram = "crowbar"; license = licenses.mit; maintainers = with maintainers; [ pamplemousse ]; diff --git a/nixpkgs/pkgs/tools/security/crowdsec/default.nix b/nixpkgs/pkgs/tools/security/crowdsec/default.nix index eb3c3cd229e5..d53fbce80800 100644 --- a/nixpkgs/pkgs/tools/security/crowdsec/default.nix +++ b/nixpkgs/pkgs/tools/security/crowdsec/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "crowdsec"; - version = "1.6.1"; + version = "1.6.2"; src = fetchFromGitHub { owner = "crowdsecurity"; repo = pname; - rev = "v${version}"; - hash = "sha256-CCQDMIBpKmaUSRwyjryTO3YWVIrr6FwW64K+alTrcdw="; + rev = "refs/tags/v${version}"; + hash = "sha256-3GpSpADtCNvekR7gjbIlqzog7PMog6Sra5tpcnUf/gk="; }; - vendorHash = "sha256-K38hxWcrYOznXr8eST0xQBL0nNxHMAiGji5rFwAK0Qw="; + vendorHash = "sha256-kkQYKiOSmFHjhOrYV40YRZX9w6rUue0NSKfw+Bqxb9s="; nativeBuildInputs = [ installShellFiles ]; diff --git a/nixpkgs/pkgs/tools/security/ctmg/default.nix b/nixpkgs/pkgs/tools/security/ctmg/default.nix index 81d57513aac3..63c9004bcbc9 100644 --- a/nixpkgs/pkgs/tools/security/ctmg/default.nix +++ b/nixpkgs/pkgs/tools/security/ctmg/default.nix @@ -12,7 +12,7 @@ stdenv.mkDerivation rec { installPhase = "install -D ctmg.sh $out/bin/ctmg"; meta = with lib; { - description = "An encrypted container manager for Linux using cryptsetup"; + description = "Encrypted container manager for Linux using cryptsetup"; homepage = "https://git.zx2c4.com/ctmg/about/"; license = licenses.isc; maintainers = with maintainers; [ mrVanDalo ]; diff --git a/nixpkgs/pkgs/tools/security/dieharder/default.nix b/nixpkgs/pkgs/tools/security/dieharder/default.nix index 716b3266faee..2cc5f719aa1d 100644 --- a/nixpkgs/pkgs/tools/security/dieharder/default.nix +++ b/nixpkgs/pkgs/tools/security/dieharder/default.nix @@ -27,7 +27,7 @@ stdenv.mkDerivation rec { }; meta = with lib; { - description = "A Random Number Generator test suite"; + description = "Random Number Generator test suite"; mainProgram = "dieharder"; homepage = "https://webhome.phy.duke.edu/~rgb/General/dieharder.php"; license = licenses.gpl2Plus; diff --git a/nixpkgs/pkgs/tools/security/dnsenum/default.nix b/nixpkgs/pkgs/tools/security/dnsenum/default.nix index 826ebec015e4..4fa5c0e26207 100644 --- a/nixpkgs/pkgs/tools/security/dnsenum/default.nix +++ b/nixpkgs/pkgs/tools/security/dnsenum/default.nix @@ -23,7 +23,7 @@ stdenv.mkDerivation rec { meta = with lib; { homepage = "https://github.com/fwaeytens/dnsenum"; - description = "A tool to enumerate DNS information"; + description = "Tool to enumerate DNS information"; mainProgram = "dnsenum"; maintainers = with maintainers; [ c0bw3b ]; license = licenses.gpl2Plus; diff --git a/nixpkgs/pkgs/tools/security/doas-sudo-shim/default.nix b/nixpkgs/pkgs/tools/security/doas-sudo-shim/default.nix index 80b913d4cc9e..86f111da9f5e 100644 --- a/nixpkgs/pkgs/tools/security/doas-sudo-shim/default.nix +++ b/nixpkgs/pkgs/tools/security/doas-sudo-shim/default.nix @@ -44,7 +44,7 @@ stdenv.mkDerivation rec { }; meta = with lib; { - description = "A shim for the sudo command that utilizes doas"; + description = "Shim for the sudo command that utilizes doas"; homepage = "https://github.com/jirutka/doas-sudo-shim"; license = licenses.isc; mainProgram = "sudo"; diff --git a/nixpkgs/pkgs/tools/security/donkey/default.nix b/nixpkgs/pkgs/tools/security/donkey/default.nix index 22793db15431..f56811cc273f 100644 --- a/nixpkgs/pkgs/tools/security/donkey/default.nix +++ b/nixpkgs/pkgs/tools/security/donkey/default.nix @@ -30,7 +30,7 @@ stdenv.mkDerivation rec { passthru.tests.version = testers.testVersion { package = donkey; }; meta = with lib; { - description = "An alternative for S/KEY's 'key' command"; + description = "Alternative for S/KEY's 'key' command"; longDescription = '' Donkey is an alternative for S/KEY's "key" command. The new feature that the original key doesn't have is print an entry for skeykeys as diff --git a/nixpkgs/pkgs/tools/security/doona/default.nix b/nixpkgs/pkgs/tools/security/doona/default.nix index fd36680c022d..bc890d52abb5 100644 --- a/nixpkgs/pkgs/tools/security/doona/default.nix +++ b/nixpkgs/pkgs/tools/security/doona/default.nix @@ -25,7 +25,7 @@ stdenv.mkDerivation rec { meta = with lib; { homepage = "https://github.com/wireghoul/doona"; - description = "A fork of the Bruteforce Exploit Detector Tool (BED)"; + description = "Fork of the Bruteforce Exploit Detector Tool (BED)"; mainProgram = "doona"; longDescription = '' A fork of the Bruteforce Exploit Detector Tool (BED). diff --git a/nixpkgs/pkgs/tools/security/earlybird/default.nix b/nixpkgs/pkgs/tools/security/earlybird/default.nix index d5f001fc995a..46b94e9d708e 100644 --- a/nixpkgs/pkgs/tools/security/earlybird/default.nix +++ b/nixpkgs/pkgs/tools/security/earlybird/default.nix @@ -19,7 +19,7 @@ buildGoModule rec { ldflags = [ "-s" "-w" ]; meta = with lib; { - description = "A sensitive data detection tool capable of scanning source code repositories for passwords, key files, and more"; + description = "Sensitive data detection tool capable of scanning source code repositories for passwords, key files, and more"; mainProgram = "earlybird"; homepage = "https://github.com/americanexpress/earlybird"; changelog = "https://github.com/americanexpress/earlybird/releases/tag/v${version}"; diff --git a/nixpkgs/pkgs/tools/security/echidna/default.nix b/nixpkgs/pkgs/tools/security/echidna/default.nix index 7f503acd6f0b..b6c0d652ebb3 100644 --- a/nixpkgs/pkgs/tools/security/echidna/default.nix +++ b/nixpkgs/pkgs/tools/security/echidna/default.nix @@ -1,9 +1,7 @@ { lib , mkDerivation , fetchFromGitHub -, fetchpatch , haskellPackages -, haskell , slither-analyzer }: diff --git a/nixpkgs/pkgs/tools/security/efitools/aarch64.patch b/nixpkgs/pkgs/tools/security/efitools/aarch64.patch new file mode 100644 index 000000000000..89a77aafd3f5 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/efitools/aarch64.patch @@ -0,0 +1,16 @@ +diff --git a/Make.rules b/Make.rules +index 903a5a4..59eca2f 100644 +--- a/Make.rules ++++ b/Make.rules +@@ -51,11 +51,6 @@ ifeq ($(ARCH),arm) + FORMAT = -O binary + endif + +-ifeq ($(ARCH),aarch64) +- LDFLAGS += --defsym=EFI_SUBSYSTEM=0x0a +- FORMAT = -O binary +-endif +- + %.efi: %.so + $(OBJCOPY) -j .text -j .sdata -j .data -j .dynamic -j .dynsym \ + -j .rel -j .rela -j .rel.* -j .rela.* -j .rel* -j .rela* \ diff --git a/nixpkgs/pkgs/tools/security/efitools/default.nix b/nixpkgs/pkgs/tools/security/efitools/default.nix index 0d8dab926cb2..fac59ef8d773 100644 --- a/nixpkgs/pkgs/tools/security/efitools/default.nix +++ b/nixpkgs/pkgs/tools/security/efitools/default.nix @@ -21,6 +21,11 @@ stdenv.mkDerivation rec { sha256 = "0jabgl2pxvfl780yvghq131ylpf82k7banjz0ksjhlm66ik8gb1i"; }; + # https://github.com/ncroxon/gnu-efi/issues/7#issuecomment-2122741592 + patches = [ + ./aarch64.patch + ]; + postPatch = '' sed -i -e 's#/usr/include/efi#${gnu-efi}/include/efi/#g' Make.rules sed -i -e 's#/usr/lib64/gnuefi#${gnu-efi}/lib/#g' Make.rules diff --git a/nixpkgs/pkgs/tools/security/eid-mw/default.nix b/nixpkgs/pkgs/tools/security/eid-mw/default.nix index 1b445312353a..408d40609403 100644 --- a/nixpkgs/pkgs/tools/security/eid-mw/default.nix +++ b/nixpkgs/pkgs/tools/security/eid-mw/default.nix @@ -22,13 +22,13 @@ stdenv.mkDerivation rec { pname = "eid-mw"; # NOTE: Don't just blindly update to the latest version/tag. Releases are always for a specific OS. - version = "5.1.18"; + version = "5.1.19"; src = fetchFromGitHub { owner = "Fedict"; repo = "eid-mw"; rev = "v${version}"; - hash = "sha256-1cdBFpO9bvLlHJE6c7TCscV/Qgx8BHUtFe9UoKPfUOQ="; + hash = "sha256-SGdM3GJECFZwd4tAQ6YP7H7YB6DngvD4IU9DTXbJEIo="; }; postPatch = '' diff --git a/nixpkgs/pkgs/tools/security/enc/default.nix b/nixpkgs/pkgs/tools/security/enc/default.nix index c5f4d62586c5..cec98aff1151 100644 --- a/nixpkgs/pkgs/tools/security/enc/default.nix +++ b/nixpkgs/pkgs/tools/security/enc/default.nix @@ -40,7 +40,7 @@ buildGoModule rec { meta = with lib; { homepage = "https://github.com/life4/enc"; changelog = "https://github.com/life4/enc/releases/tag/v${version}"; - description = "A modern and friendly alternative to GnuPG"; + description = "Modern and friendly alternative to GnuPG"; mainProgram = "enc"; longDescription = '' Enc is a CLI tool for encryption, a modern and friendly alternative to GnuPG. diff --git a/nixpkgs/pkgs/tools/security/enpass/default.nix b/nixpkgs/pkgs/tools/security/enpass/default.nix index d95ba0baa9be..7ef13bce4307 100644 --- a/nixpkgs/pkgs/tools/security/enpass/default.nix +++ b/nixpkgs/pkgs/tools/security/enpass/default.nix @@ -57,7 +57,7 @@ let }; meta = with lib; { - description = "A well known password manager"; + description = "Well known password manager"; homepage = "https://www.enpass.io/"; sourceProvenance = with sourceTypes; [ binaryNativeCode ]; license = licenses.unfree; diff --git a/nixpkgs/pkgs/tools/security/enum4linux/default.nix b/nixpkgs/pkgs/tools/security/enum4linux/default.nix index dd054b58caa5..4703bae488db 100644 --- a/nixpkgs/pkgs/tools/security/enum4linux/default.nix +++ b/nixpkgs/pkgs/tools/security/enum4linux/default.nix @@ -39,7 +39,7 @@ stdenv.mkDerivation rec { ''; meta = with lib; { - description = "A tool for enumerating information from Windows and Samba systems"; + description = "Tool for enumerating information from Windows and Samba systems"; mainProgram = "enum4linux"; homepage = "https://labs.portcullis.co.uk/tools/enum4linux/"; license = licenses.gpl2Plus; diff --git a/nixpkgs/pkgs/tools/security/evil-winrm/default.nix b/nixpkgs/pkgs/tools/security/evil-winrm/default.nix index ab406caafb65..b8e88e1db9eb 100644 --- a/nixpkgs/pkgs/tools/security/evil-winrm/default.nix +++ b/nixpkgs/pkgs/tools/security/evil-winrm/default.nix @@ -42,6 +42,5 @@ stdenv.mkDerivation rec { homepage = "https://github.com/Hackplayers/evil-winrm"; changelog = "https://github.com/Hackplayers/evil-winrm/blob/v${version}/CHANGELOG.md"; license = licenses.lgpl3Plus; - maintainers = with maintainers; [ elohmeier ]; }; } diff --git a/nixpkgs/pkgs/tools/security/exploitdb/default.nix b/nixpkgs/pkgs/tools/security/exploitdb/default.nix index 56367fcc64c2..086927a43fce 100644 --- a/nixpkgs/pkgs/tools/security/exploitdb/default.nix +++ b/nixpkgs/pkgs/tools/security/exploitdb/default.nix @@ -7,13 +7,13 @@ stdenv.mkDerivation rec { pname = "exploitdb"; - version = "2024-05-16"; + version = "2024-06-15"; src = fetchFromGitLab { owner = "exploit-database"; repo = "exploitdb"; rev = "refs/tags/${version}"; - hash = "sha256-m00hnTu8PEUmWHO9ei9DYU10DAgn1zaKATt6yVJ7R1o="; + hash = "sha256-bETNSUv36GobOke1bwE+uTSRqln3kANqfl8UIx7bdjM="; }; nativeBuildInputs = [ makeWrapper ]; diff --git a/nixpkgs/pkgs/tools/security/fail2ban/default.nix b/nixpkgs/pkgs/tools/security/fail2ban/default.nix index 0ed0af4e0698..7526c21d6811 100644 --- a/nixpkgs/pkgs/tools/security/fail2ban/default.nix +++ b/nixpkgs/pkgs/tools/security/fail2ban/default.nix @@ -73,7 +73,7 @@ python3.pkgs.buildPythonApplication rec { meta = with lib; { homepage = "https://www.fail2ban.org/"; - description = "A program that scans log files for repeated failing login attempts and bans IP addresses"; + description = "Program that scans log files for repeated failing login attempts and bans IP addresses"; license = licenses.gpl2Plus; maintainers = with maintainers; [ eelco lovek323 ]; }; diff --git a/nixpkgs/pkgs/tools/security/faraday-agent-dispatcher/default.nix b/nixpkgs/pkgs/tools/security/faraday-agent-dispatcher/default.nix index 8c390f2b6f7a..2a44e8186ed1 100644 --- a/nixpkgs/pkgs/tools/security/faraday-agent-dispatcher/default.nix +++ b/nixpkgs/pkgs/tools/security/faraday-agent-dispatcher/default.nix @@ -5,31 +5,34 @@ python3.pkgs.buildPythonApplication rec { pname = "faraday-agent-dispatcher"; - version = "3.3.0"; + version = "3.4.1"; pyproject = true; src = fetchFromGitHub { owner = "infobyte"; repo = "faraday_agent_dispatcher"; rev = "refs/tags/${version}"; - hash = "sha256-rpi8S6pmei8MaACnfmOKFK+nNpljoMglu2uk75zvs9I="; + hash = "sha256-b62WO1+5EWzsTCzeZPX9T+ho8Sig46lH/9dPmGGhPWA="; }; postPatch = '' substituteInPlace setup.py \ - --replace '"pytest-runner",' "" + --replace-fail '"pytest-runner",' "" ''; pythonRelaxDeps = [ "python-socketio" ]; + build-system = with python3.pkgs; [ + setuptools-scm + ]; + nativeBuildInputs = with python3.pkgs; [ pythonRelaxDepsHook - setuptools-scm ]; - propagatedBuildInputs = with python3.pkgs; [ + dependencies = with python3.pkgs; [ aiohttp click faraday-agent-parameters-types @@ -71,10 +74,10 @@ python3.pkgs.buildPythonApplication rec { meta = with lib; { description = "Tool to send result from tools to the Faraday Platform"; - mainProgram = "faraday-dispatcher"; homepage = "https://github.com/infobyte/faraday_agent_dispatcher"; changelog = "https://github.com/infobyte/faraday_agent_dispatcher/releases/tag/${version}"; - license = with licenses; [ gpl3Only ]; + license = licenses.gpl3Only; maintainers = with maintainers; [ fab ]; + mainProgram = "faraday-dispatcher"; }; } diff --git a/nixpkgs/pkgs/tools/security/feroxbuster/default.nix b/nixpkgs/pkgs/tools/security/feroxbuster/default.nix index 0459519c43f7..f4e361332e96 100644 --- a/nixpkgs/pkgs/tools/security/feroxbuster/default.nix +++ b/nixpkgs/pkgs/tools/security/feroxbuster/default.nix @@ -5,6 +5,7 @@ , pkg-config , rustPlatform , Security +, SystemConfiguration }: rustPlatform.buildRustPackage rec { @@ -35,6 +36,7 @@ rustPlatform.buildRustPackage rec { openssl ] ++ lib.optionals stdenv.isDarwin [ Security + SystemConfiguration ]; # Tests require network access diff --git a/nixpkgs/pkgs/tools/security/firefox_decrypt/default.nix b/nixpkgs/pkgs/tools/security/firefox_decrypt/default.nix index 9ade5976e8d8..2799a990975a 100644 --- a/nixpkgs/pkgs/tools/security/firefox_decrypt/default.nix +++ b/nixpkgs/pkgs/tools/security/firefox_decrypt/default.nix @@ -38,7 +38,7 @@ buildPythonApplication rec { meta = with lib; { homepage = "https://github.com/unode/firefox_decrypt"; - description = "A tool to extract passwords from profiles of Mozilla Firefox and derivates"; + description = "Tool to extract passwords from profiles of Mozilla Firefox and derivates"; mainProgram = "firefox_decrypt"; license = licenses.gpl3Plus; maintainers = with maintainers; [ schnusch ]; diff --git a/nixpkgs/pkgs/tools/security/fscan/default.nix b/nixpkgs/pkgs/tools/security/fscan/default.nix index 29fbf2453ee4..37886995b361 100644 --- a/nixpkgs/pkgs/tools/security/fscan/default.nix +++ b/nixpkgs/pkgs/tools/security/fscan/default.nix @@ -14,7 +14,7 @@ buildGoModule rec { vendorHash = "sha256-FFYqvGEFe7sUEb4G3ApQOuYoiDXeA54P7spmKfRiEF0="; meta = with lib; { - description = "An intranet comprehensive scanning tool"; + description = "Intranet comprehensive scanning tool"; homepage = "https://github.com/shadow1ng/fscan"; license = licenses.mit; maintainers = with maintainers; [ Misaka13514 ]; diff --git a/nixpkgs/pkgs/tools/security/fulcio/default.nix b/nixpkgs/pkgs/tools/security/fulcio/default.nix index 2681c7126ebe..934cb4446ae0 100644 --- a/nixpkgs/pkgs/tools/security/fulcio/default.nix +++ b/nixpkgs/pkgs/tools/security/fulcio/default.nix @@ -66,7 +66,7 @@ buildGoModule rec { meta = with lib; { homepage = "https://github.com/sigstore/fulcio"; changelog = "https://github.com/sigstore/fulcio/releases/tag/v${version}"; - description = "A Root-CA for code signing certs - issuing certificates based on an OIDC email address"; + description = "Root-CA for code signing certs - issuing certificates based on an OIDC email address"; mainProgram = "fulcio"; longDescription = '' Fulcio is a free code signing Certificate Authority, built to make diff --git a/nixpkgs/pkgs/tools/security/genpass/default.nix b/nixpkgs/pkgs/tools/security/genpass/default.nix index 243132bb263d..da6b5c5bda08 100644 --- a/nixpkgs/pkgs/tools/security/genpass/default.nix +++ b/nixpkgs/pkgs/tools/security/genpass/default.nix @@ -20,7 +20,7 @@ rustPlatform.buildRustPackage rec { buildInputs = lib.optionals stdenv.isDarwin [ CoreFoundation libiconv Security ]; meta = with lib; { - description = "A simple yet robust commandline random password generator"; + description = "Simple yet robust commandline random password generator"; mainProgram = "genpass"; homepage = "https://sr.ht/~cyplo/genpass/"; license = licenses.agpl3Only; diff --git a/nixpkgs/pkgs/tools/security/ggshield/default.nix b/nixpkgs/pkgs/tools/security/ggshield/default.nix index 45b66653d6bf..aba9ce1c2277 100644 --- a/nixpkgs/pkgs/tools/security/ggshield/default.nix +++ b/nixpkgs/pkgs/tools/security/ggshield/default.nix @@ -7,14 +7,14 @@ python3.pkgs.buildPythonApplication rec { pname = "ggshield"; - version = "1.27.0"; + version = "1.28.0"; pyproject = true; src = fetchFromGitHub { owner = "GitGuardian"; repo = "ggshield"; rev = "refs/tags/v${version}"; - hash = "sha256-esrDJar9J7V0ZIupfyURFWeGigV04Kxo06o/jMz17Fk="; + hash = "sha256-iayxm234Rvi5O0Vb0RCid0iAvRQ2fCjoKAQVJY/9nbE="; }; pythonRelaxDeps = true; diff --git a/nixpkgs/pkgs/tools/security/ghauri/default.nix b/nixpkgs/pkgs/tools/security/ghauri/default.nix index fc7cfd2bb1e1..426cb66b7e6f 100644 --- a/nixpkgs/pkgs/tools/security/ghauri/default.nix +++ b/nixpkgs/pkgs/tools/security/ghauri/default.nix @@ -5,17 +5,21 @@ python3.pkgs.buildPythonApplication rec { pname = "ghauri"; - version = "1.3.2"; - format = "setuptools"; + version = "1.3.4"; + pyproject = true; src = fetchFromGitHub { owner = "r0oth3x49"; repo = "ghauri"; rev = "refs/tags/${version}"; - hash = "sha256-zd+Uf2t8yBWi07+BJYYYQ+4fIissuBdXjj877ul4gAQ="; + hash = "sha256-1xrswAxavUz3ybmT0E00pjiR8pmHvuBXE4zhAPnz5MQ="; }; - propagatedBuildInputs = with python3.pkgs; [ + build-system = with python3.pkgs; [ + setuptools + ]; + + dependencies = with python3.pkgs; [ chardet colorama requests @@ -31,10 +35,10 @@ python3.pkgs.buildPythonApplication rec { meta = with lib; { description = "Tool for detecting and exploiting SQL injection security flaws"; - mainProgram = "ghauri"; homepage = "https://github.com/r0oth3x49/ghauri"; changelog = "https://github.com/r0oth3x49/ghauri/releases/tag/${version}"; license = licenses.mit; maintainers = with maintainers; [ fab ]; + mainProgram = "ghauri"; }; } diff --git a/nixpkgs/pkgs/tools/security/ghidra/0002-Load-nix-extensions.patch b/nixpkgs/pkgs/tools/security/ghidra/0002-Load-nix-extensions.patch new file mode 100644 index 000000000000..0e87aa71a407 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/ghidra/0002-Load-nix-extensions.patch @@ -0,0 +1,15 @@ +diff --git a/Ghidra/Framework/Utility/src/main/java/utility/application/ApplicationUtilities.java b/Ghidra/Framework/Utility/src/main/java/utility/application/ApplicationUtilities.java +index ea12a661f0..da7779b07f 100644 +--- a/Ghidra/Framework/Utility/src/main/java/utility/application/ApplicationUtilities.java ++++ b/Ghidra/Framework/Utility/src/main/java/utility/application/ApplicationUtilities.java +@@ -36,6 +36,10 @@ public class ApplicationUtilities { + */ + public static Collection<ResourceFile> findDefaultApplicationRootDirs() { + Collection<ResourceFile> applicationRootDirs = new ArrayList<>(); ++ String nixGhidraHome = System.getenv("NIX_GHIDRAHOME"); ++ if (nixGhidraHome != null) { ++ applicationRootDirs.add(new ResourceFile(nixGhidraHome)); ++ }; + ResourceFile applicationRootDir = findPrimaryApplicationRootDir(); + if (applicationRootDir != null) { + applicationRootDirs.add(applicationRootDir); diff --git a/nixpkgs/pkgs/tools/security/ghidra/0003-Remove-build-datestamp.patch b/nixpkgs/pkgs/tools/security/ghidra/0003-Remove-build-datestamp.patch new file mode 100644 index 000000000000..0a8948701502 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/ghidra/0003-Remove-build-datestamp.patch @@ -0,0 +1,26 @@ +diff --git a/Ghidra/RuntimeScripts/Common/support/buildExtension.gradle b/Ghidra/RuntimeScripts/Common/support/buildExtension.gradle +index bc194f219..94b00fabd 100644 +--- a/Ghidra/RuntimeScripts/Common/support/buildExtension.gradle ++++ b/Ghidra/RuntimeScripts/Common/support/buildExtension.gradle +@@ -82,7 +82,7 @@ dependencies { + helpPath fileTree(dir: ghidraDir + '/Features/Base', include: "**/Base.jar") + } + +-def ZIP_NAME_PREFIX = "${DISTRO_PREFIX}_${RELEASE_NAME}_${getCurrentDate()}" ++def ZIP_NAME_PREFIX = "${DISTRO_PREFIX}_${RELEASE_NAME}" + def DISTRIBUTION_DIR = file("dist") + + def pathInZip = "${project.name}" +diff --git a/gradle/root/distribution.gradle b/gradle/root/distribution.gradle +index f44c8267b..f6231c417 100644 +--- a/gradle/root/distribution.gradle ++++ b/gradle/root/distribution.gradle +@@ -32,7 +32,7 @@ apply from: "$rootProject.projectDir/gradle/support/sbom.gradle" + def currentPlatform = getCurrentPlatformName() + def PROJECT_DIR = file (rootProject.projectDir.absolutePath) + ext.DISTRIBUTION_DIR = file("$buildDir/dist") +-ext.ZIP_NAME_PREFIX = "${rootProject.DISTRO_PREFIX}_${rootProject.BUILD_DATE_SHORT}" ++ext.ZIP_NAME_PREFIX = "${rootProject.DISTRO_PREFIX}" + ext.ZIP_DIR_PREFIX = "${rootProject.DISTRO_PREFIX}" + ext.ALL_REPOS = [rootProject.file('.').getName()] + diff --git a/nixpkgs/pkgs/tools/security/ghidra/build-extension.nix b/nixpkgs/pkgs/tools/security/ghidra/build-extension.nix new file mode 100644 index 000000000000..373f35784e54 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/ghidra/build-extension.nix @@ -0,0 +1,78 @@ +{ lib +, stdenv +, unzip +, jdk +, gradle +, ghidra +}: + +let + metaCommon = oldMeta: + oldMeta // (with lib; { + maintainers = (oldMeta.maintainers or []) ++ (with maintainers; [ vringar ]); + platforms = oldMeta.platforms or ghidra.meta.platforms; + }); + + buildGhidraExtension = { + pname, nativeBuildInputs ? [], meta ? { }, ... + }@args: + stdenv.mkDerivation (args // { + nativeBuildInputs = nativeBuildInputs ++ [ + unzip + jdk + gradle + ]; + + buildPhase = args.buildPhase or '' + runHook preBuild + + # Set project name, otherwise defaults to directory name + echo -e '\nrootProject.name = "${pname}"' >> settings.gradle + + export GRADLE_USER_HOME=$(mktemp -d) + gradle \ + --offline \ + --no-daemon \ + -PGHIDRA_INSTALL_DIR=${ghidra}/lib/ghidra + + runHook postBuild + ''; + + installPhase = args.installPhase or '' + runHook preInstall + + mkdir -p $out/lib/ghidra/Ghidra/Extensions + unzip -d $out/lib/ghidra/Ghidra/Extensions dist/*.zip + + runHook postInstall + ''; + + meta = metaCommon meta; + }); + + buildGhidraScripts = { pname, meta ? { }, ... }@args: + stdenv.mkDerivation (args // { + installPhase = '' + runHook preInstall + + GHIDRA_HOME=$out/lib/ghidra/Ghidra/Extensions/${pname} + mkdir -p $GHIDRA_HOME + cp -r . $GHIDRA_HOME/ghidra_scripts + + touch $GHIDRA_HOME/Module.manifest + cat <<'EOF' > extension.properties + name=${pname} + description=${meta.description or ""} + author= + createdOn= + version=${lib.getVersion ghidra} + + EOF + + runHook postInstall + ''; + + meta = metaCommon meta; + }); +in + { inherit buildGhidraExtension buildGhidraScripts; } diff --git a/nixpkgs/pkgs/tools/security/ghidra/build.nix b/nixpkgs/pkgs/tools/security/ghidra/build.nix index f8f0fb3ae5a8..ba23647c9c2d 100644 --- a/nixpkgs/pkgs/tools/security/ghidra/build.nix +++ b/nixpkgs/pkgs/tools/security/ghidra/build.nix @@ -1,15 +1,19 @@ { stdenv , fetchFromGitHub , lib +, callPackage , gradle_7 , perl -, makeWrapper +, makeBinaryWrapper , openjdk17 , unzip , makeDesktopItem +, copyDesktopItems +, desktopToDarwinBundle , icoutils , xcbuild , protobuf +, ghidra-extensions }: let @@ -17,25 +21,59 @@ let pname = "ghidra"; version = "11.0.3"; + releaseName = "NIX"; + distroPrefix = "ghidra_${version}_${releaseName}"; src = fetchFromGitHub { owner = "NationalSecurityAgency"; repo = "Ghidra"; rev = "Ghidra_${version}_build"; - hash = "sha256-Id595aKYHP1R3Zw9sV1oL32nAUAr7D/K4wn6Zs7q3Jo="; + hash = "sha256-IiLxaJvfJcK275FDZEsUCGp7haJjp8O2fUIoM4F9H30="; + # populate values that require us to use git. By doing this in postFetch we + # can delete .git afterwards and maintain better reproducibility of the src. + leaveDotGit = true; + postFetch = '' + cd "$out" + git rev-parse HEAD > $out/COMMIT + # 1970-Jan-01 + date -u -d "@$(git log -1 --pretty=%ct)" "+%Y-%b-%d" > $out/SOURCE_DATE_EPOCH + # 19700101 + date -u -d "@$(git log -1 --pretty=%ct)" "+%Y%m%d" > $out/SOURCE_DATE_EPOCH_SHORT + find "$out" -name .git -print0 | xargs -0 rm -rf + ''; }; gradle = gradle_7; - desktopItem = makeDesktopItem { - name = "ghidra"; - exec = "ghidra"; - icon = "ghidra"; - desktopName = "Ghidra"; - genericName = "Ghidra Software Reverse Engineering Suite"; - categories = [ "Development" ]; - }; + patches = [ + # Use our own protoc binary instead of the prebuilt one + ./0001-Use-protobuf-gradle-plugin.patch + + # Override installation directory to allow loading extensions + ./0002-Load-nix-extensions.patch + + # Remove build dates from output filenames for easier reference + ./0003-Remove-build-datestamp.patch + ]; + + postPatch = '' + # Set name of release (eg. PUBLIC, DEV, etc.) + sed -i -e 's/application\.release\.name=.*/application.release.name=${releaseName}/' Ghidra/application.properties + + # Set build date and git revision + echo "application.build.date=$(cat SOURCE_DATE_EPOCH)" >> Ghidra/application.properties + echo "application.build.date.short=$(cat SOURCE_DATE_EPOCH_SHORT)" >> Ghidra/application.properties + echo "application.revision.ghidra=$(cat COMMIT)" >> Ghidra/application.properties + + # Tells ghidra to use our own protoc binary instead of the prebuilt one. + cat >>Ghidra/Debug/Debugger-gadp/build.gradle <<HERE + protobuf { + protoc { + path = '${protobuf}/bin/protoc' + } + } + HERE + ''; - # postPatch scripts. # Adds a gradle step that downloads all the dependencies to the gradle cache. addResolveStep = '' cat >>build.gradle <<HERE @@ -64,9 +102,8 @@ HERE # Taken from mindustry derivation. deps = stdenv.mkDerivation { pname = "${pname}-deps"; - inherit version src; + inherit version src patches; - patches = [ ./0001-Use-protobuf-gradle-plugin.patch ]; postPatch = addResolveStep; nativeBuildInputs = [ gradle perl ] ++ lib.optional stdenv.isDarwin xcbuild; @@ -98,18 +135,35 @@ HERE outputHash = "sha256-nKfJiGoZlDEpbCmYVKNZXz2PYIosCd4nPFdy3MfprHc="; }; -in stdenv.mkDerivation { - inherit pname version src; +in stdenv.mkDerivation (finalAttrs: { + inherit pname version src patches postPatch; + + desktopItems = [ + (makeDesktopItem { + name = "ghidra"; + exec = "ghidra"; + icon = "ghidra"; + desktopName = "Ghidra"; + genericName = "Ghidra Software Reverse Engineering Suite"; + categories = [ "Development" ]; + terminal = false; + }) + ]; nativeBuildInputs = [ - gradle unzip makeWrapper icoutils protobuf - ] ++ lib.optional stdenv.isDarwin xcbuild; + gradle + unzip + makeBinaryWrapper + copyDesktopItems + protobuf + ] ++ lib.optionals stdenv.isDarwin [ + xcbuild + desktopToDarwinBundle + ]; dontStrip = true; - patches = [ - ./0001-Use-protobuf-gradle-plugin.patch - ]; + __darwinAllowLocalNetworking = true; buildPhase = '' runHook preBuild @@ -127,6 +181,7 @@ in stdenv.mkDerivation { installPhase = '' runHook preInstall + mkdir -p "${pkg_path}" "$out/share/applications" ZIP=build/dist/$(ls build/dist) @@ -136,15 +191,13 @@ in stdenv.mkDerivation { mv "${pkg_path}"/*/* "${pkg_path}" rmdir "''${f[@]}" - ln -s ${desktopItem}/share/applications/* $out/share/applications - - icotool -x "Ghidra/RuntimeScripts/Windows/support/ghidra.ico" - rm ghidra_4_40x40x32.png - for f in ghidra_*.png; do - res=$(basename "$f" ".png" | cut -d"_" -f3 | cut -d"x" -f1-2) - mkdir -pv "$out/share/icons/hicolor/$res/apps" - mv "$f" "$out/share/icons/hicolor/$res/apps/ghidra.png" + for f in Ghidra/Framework/Gui/src/main/resources/images/GhidraIcon*.png; do + res=$(basename "$f" ".png" | cut -d"_" -f3 | cut -c11-) + install -Dm444 "$f" "$out/share/icons/hicolor/''${res}x''${res}/apps/ghidra.png" done; + # improved macOS icon support + install -Dm444 Ghidra/Framework/Gui/src/main/resources/images/GhidraIcon64.png $out/share/icons/hicolor/32x32@2/apps/ghidra.png + runHook postInstall ''; @@ -152,11 +205,20 @@ in stdenv.mkDerivation { mkdir -p "$out/bin" ln -s "${pkg_path}/ghidraRun" "$out/bin/ghidra" wrapProgram "${pkg_path}/support/launch.sh" \ + --set-default NIX_GHIDRAHOME "${pkg_path}/Ghidra" \ --prefix PATH : ${lib.makeBinPath [ openjdk17 ]} ''; + passthru = { + inherit releaseName distroPrefix; + inherit (ghidra-extensions.override { ghidra = finalAttrs.finalPackage; }) buildGhidraExtension buildGhidraScripts; + + withExtensions = callPackage ./with-extensions.nix { ghidra = finalAttrs.finalPackage; }; + }; + meta = with lib; { - description = "A software reverse engineering (SRE) suite of tools developed by NSA's Research Directorate in support of the Cybersecurity mission"; + changelog = "https://htmlpreview.github.io/?https://github.com/NationalSecurityAgency/ghidra/blob/Ghidra_${finalAttrs.version}_build/Ghidra/Configurations/Public_Release/src/global/docs/ChangeHistory.html"; + description = "Software reverse engineering (SRE) suite of tools"; mainProgram = "ghidra"; homepage = "https://ghidra-sre.org/"; platforms = [ "x86_64-linux" "aarch64-linux" "x86_64-darwin" "aarch64-darwin" ]; @@ -165,8 +227,8 @@ in stdenv.mkDerivation { binaryBytecode # deps ]; license = licenses.asl20; - maintainers = with maintainers; [ roblabla ]; + maintainers = with maintainers; [ roblabla vringar ]; broken = stdenv.isDarwin && stdenv.isx86_64; }; -} +}) diff --git a/nixpkgs/pkgs/tools/security/ghidra/default.nix b/nixpkgs/pkgs/tools/security/ghidra/default.nix index 2337b36eb7c8..2788fe15974e 100644 --- a/nixpkgs/pkgs/tools/security/ghidra/default.nix +++ b/nixpkgs/pkgs/tools/security/ghidra/default.nix @@ -69,7 +69,7 @@ in stdenv.mkDerivation rec { ''; meta = with lib; { - description = "A software reverse engineering (SRE) suite of tools developed by NSA's Research Directorate in support of the Cybersecurity mission"; + description = "Software reverse engineering (SRE) suite of tools developed by NSA's Research Directorate in support of the Cybersecurity mission"; mainProgram = "ghidra"; homepage = "https://github.com/NationalSecurityAgency/ghidra"; platforms = [ "x86_64-linux" "x86_64-darwin" ]; diff --git a/nixpkgs/pkgs/tools/security/ghidra/extensions.nix b/nixpkgs/pkgs/tools/security/ghidra/extensions.nix new file mode 100644 index 000000000000..3f30dd8ab40a --- /dev/null +++ b/nixpkgs/pkgs/tools/security/ghidra/extensions.nix @@ -0,0 +1,14 @@ +{ lib, newScope, callPackage, ghidra }: + +lib.makeScope newScope (self: { + inherit (callPackage ./build-extension.nix { inherit ghidra; }) buildGhidraExtension buildGhidraScripts; + + ghidraninja-ghidra-scripts = self.callPackage ./extensions/ghidraninja-ghidra-scripts { }; + + gnudisassembler = self.callPackage ./extensions/gnudisassembler { inherit ghidra; }; + + machinelearning = self.callPackage ./extensions/machinelearning { inherit ghidra; }; + + sleighdevtools = self.callPackage ./extensions/sleighdevtools { inherit ghidra; }; + +}) diff --git a/nixpkgs/pkgs/tools/security/ghidra/extensions/ghidraninja-ghidra-scripts/default.nix b/nixpkgs/pkgs/tools/security/ghidra/extensions/ghidraninja-ghidra-scripts/default.nix new file mode 100644 index 000000000000..6c5e2ec2ea2a --- /dev/null +++ b/nixpkgs/pkgs/tools/security/ghidra/extensions/ghidraninja-ghidra-scripts/default.nix @@ -0,0 +1,36 @@ +{ lib +, fetchFromGitHub +, buildGhidraScripts +, binwalk +, swift +, yara +}: + +buildGhidraScripts { + pname = "ghidraninja-ghidra-scripts"; + version = "unstable-2020-10-07"; + + src = fetchFromGitHub { + owner = "ghidraninja"; + repo = "ghidra_scripts"; + rev = "99f2a8644a29479618f51e2d4e28f10ba5e9ac48"; + sha256 = "aElx0mp66/OHQRfXwTkqdLL0gT2T/yL00bOobYleME8="; + }; + + postPatch = '' + # Replace subprocesses with store versions + substituteInPlace binwalk.py --replace-fail 'subprocess.call(["binwalk"' 'subprocess.call(["${binwalk}/bin/binwalk"' + substituteInPlace swift_demangler.py --replace-fail '"swift"' '"${swift}/bin/swift"' + substituteInPlace yara.py --replace-fail 'subprocess.check_output(["yara"' 'subprocess.check_output(["${yara}/bin/yara"' + substituteInPlace YaraSearch.py --replace-fail '"yara "' '"${yara}/bin/yara "' + ''; + + meta = with lib; { + description = "Scripts for the Ghidra software reverse engineering suite"; + homepage = "https://github.com/ghidraninja/ghidra_scripts"; + license = with licenses; [ + gpl3Only + gpl2Only + ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/ghidra/extensions/gnudisassembler/default.nix b/nixpkgs/pkgs/tools/security/ghidra/extensions/gnudisassembler/default.nix new file mode 100644 index 000000000000..7ca4b056842e --- /dev/null +++ b/nixpkgs/pkgs/tools/security/ghidra/extensions/gnudisassembler/default.nix @@ -0,0 +1,71 @@ +{ lib +, stdenv +, fetchurl +, buildGhidraExtension +, ghidra +, flex +, bison +, texinfo +, perl +, zlib +, xcbuild +}: + +let + # Incorporates source from binutils + # https://github.com/NationalSecurityAgency/ghidra/blob/7ab9bf6abffb6938d61d072040fc34ad3331332b/GPL/GnuDisassembler/build.gradle#L34-L35 + binutils-version = "2.41"; + binutils-src = fetchurl { + url = "mirror://gnu/binutils/binutils-${binutils-version}.tar.bz2"; + sha256 = "sha256-pMS+wFL3uDcAJOYDieGUN38/SLVmGEGOpRBn9nqqsws="; + }; +in +buildGhidraExtension { + pname = "gnudisassembler"; + version = lib.getVersion ghidra; + + src = "${ghidra}/lib/ghidra/Extensions/Ghidra/${ghidra.distroPrefix}_GnuDisassembler.zip"; + + postPatch = '' + ln -s ${binutils-src} binutils-${binutils-version}.tar.bz2 + ''; + + # Don't modify ELF stub resources + dontPatchELF = true; + dontStrip = true; + + __darwinAllowLocalNetworking = true; + + nativeBuildInputs = [ + flex + bison + texinfo + perl + ] ++ lib.optionals stdenv.hostPlatform.isDarwin [ + xcbuild + ]; + + buildInputs = [ + zlib + ]; + + installPhase = '' + runHook preInstall + + EXTENSIONS_ROOT=$out/lib/ghidra/Ghidra/Extensions + mkdir -p $EXTENSIONS_ROOT + unzip -d $EXTENSIONS_ROOT $src + + mkdir -p $EXTENSIONS_ROOT/GnuDisassembler/build + cp -r build/os $EXTENSIONS_ROOT/GnuDisassembler/build/ + + runHook postInstall + ''; + + meta = with lib; { + description = "Leverage the binutils disassembler capabilities for various processors"; + homepage = "https://ghidra-sre.org/"; + downloadPage = "https://github.com/NationalSecurityAgency/ghidra/tree/master/GPL/GnuDisassembler"; + license = licenses.gpl2Only; + }; +} diff --git a/nixpkgs/pkgs/tools/security/ghidra/extensions/machinelearning/default.nix b/nixpkgs/pkgs/tools/security/ghidra/extensions/machinelearning/default.nix new file mode 100644 index 000000000000..ba1e315c7512 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/ghidra/extensions/machinelearning/default.nix @@ -0,0 +1,34 @@ +{ lib +, buildGhidraExtension +, ghidra +}: + +buildGhidraExtension { + pname = "machinelearning"; + version = lib.getVersion ghidra; + + src = "${ghidra}/lib/ghidra/Extensions/Ghidra/${ghidra.distroPrefix}_MachineLearning.zip"; + dontUnpack = true; + + # Built as part ghidra + dontBuild = true; + + installPhase = '' + runHook preInstall + + mkdir -p $out/lib/ghidra/Ghidra/Extensions + unzip -d $out/lib/ghidra/Ghidra/Extensions $src + + runHook postInstall + ''; + + meta = with lib; { + inherit (ghidra.meta) homepage license; + description = "Finds functions using ML"; + downloadPage = "https://github.com/NationalSecurityAgency/ghidra/tree/master/Ghidra/Extensions/MachineLearning"; + sourceProvenance = with sourceTypes; [ + fromSource + binaryBytecode # deps + ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/ghidra/extensions/sleighdevtools/default.nix b/nixpkgs/pkgs/tools/security/ghidra/extensions/sleighdevtools/default.nix new file mode 100644 index 000000000000..d8fd0182ab9d --- /dev/null +++ b/nixpkgs/pkgs/tools/security/ghidra/extensions/sleighdevtools/default.nix @@ -0,0 +1,40 @@ +{ lib +, buildGhidraExtension +, ghidra +, python3 +}: + +buildGhidraExtension { + pname = "sleighdevtools"; + version = lib.getVersion ghidra; + + src = "${ghidra}/lib/ghidra/Extensions/Ghidra/${ghidra.distroPrefix}_SleighDevTools.zip"; + dontUnpack = true; + + # Built as part ghidra + dontBuild = true; + buildInputs = [ python3 ]; + + installPhase = '' + runHook preInstall + + mkdir -p $out/lib/ghidra/Ghidra/Extensions + unzip -d $out/lib/ghidra/Ghidra/Extensions $src + + runHook postInstall + ''; + + meta = with lib; { + inherit (ghidra.meta) homepage license; + description = "Sleigh language development tools including external disassembler capabilities"; + longDescription = '' + Sleigh language development tools including external disassembler capabilities. + The GnuDisassembler extension may be also be required as a disassembly provider. + ''; + downloadPage = "https://github.com/NationalSecurityAgency/ghidra/tree/master/Ghidra/Extensions/SleighDevTools"; + sourceProvenance = with sourceTypes; [ + fromSource + binaryBytecode # deps + ]; + }; +} diff --git a/nixpkgs/pkgs/tools/security/ghidra/with-extensions.nix b/nixpkgs/pkgs/tools/security/ghidra/with-extensions.nix new file mode 100644 index 000000000000..38165ed94f71 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/ghidra/with-extensions.nix @@ -0,0 +1,36 @@ +{ lib +, stdenv +, callPackage +, symlinkJoin +, makeBinaryWrapper +, desktopToDarwinBundle +, ghidra +}: + +let + ghidra-extensions = callPackage ./extensions.nix { inherit ghidra; }; + allExtensions = lib.filterAttrs (n: pkg: lib.isDerivation pkg) ghidra-extensions; + + /* Make Ghidra with additional extensions + Example: + pkgs.ghidra.withExtensions (p: with p; [ + ghostrings + ]); + => /nix/store/3yn0rbnz5mbrxf0x70jbjq73wgkszr5c-ghidra-with-extensions-10.2.2 + */ + withExtensions = f: (symlinkJoin { + name = "${ghidra.pname}-with-extensions-${lib.getVersion ghidra}"; + paths = (f allExtensions); + nativeBuildInputs = [ makeBinaryWrapper ] + ++ lib.optional stdenv.hostPlatform.isDarwin desktopToDarwinBundle; + postBuild = '' + makeWrapper '${ghidra}/bin/ghidra' "$out/bin/ghidra" \ + --set NIX_GHIDRAHOME "$out/lib/ghidra/Ghidra" + ln -s ${ghidra}/share $out/share + '' + lib.optionalString stdenv.hostPlatform.isDarwin '' + convertDesktopFiles $prefix + ''; + inherit (ghidra) meta; + }); +in + withExtensions diff --git a/nixpkgs/pkgs/tools/security/gitleaks/default.nix b/nixpkgs/pkgs/tools/security/gitleaks/default.nix index d5bca2f14f85..207ee746a107 100644 --- a/nixpkgs/pkgs/tools/security/gitleaks/default.nix +++ b/nixpkgs/pkgs/tools/security/gitleaks/default.nix @@ -9,16 +9,16 @@ buildGoModule rec { pname = "gitleaks"; - version = "8.18.2"; + version = "8.18.4"; src = fetchFromGitHub { owner = "zricethezav"; repo = "gitleaks"; rev = "refs/tags/v${version}"; - hash = "sha256-+UPlknAwmIeXlosHBXl3qPREV186lfDZGZG/Zx1rxYs="; + hash = "sha256-tAomF5Ym+D/VMYXrsPlUnh3M94Xdx6I8WoU1jMouZag="; }; - vendorHash = "sha256-30IJNP4XuV2YNy1TumPUju+GrHFBYi76coy0bJBqDI4="; + vendorHash = "sha256-DgCtWRo5KNuFCdhGJvzoH2v8n7mIxNk8eHyZFPUPo24="; ldflags = [ "-s" diff --git a/nixpkgs/pkgs/tools/security/gnu-pw-mgr/default.nix b/nixpkgs/pkgs/tools/security/gnu-pw-mgr/default.nix index 8478c3748366..0e1c8c0f589e 100644 --- a/nixpkgs/pkgs/tools/security/gnu-pw-mgr/default.nix +++ b/nixpkgs/pkgs/tools/security/gnu-pw-mgr/default.nix @@ -12,7 +12,7 @@ stdenv.mkDerivation rec { meta = with lib; { homepage = "https://www.gnu.org/software/gnu-pw-mgr/"; - description = "A password manager designed to make it easy to reconstruct difficult passwords"; + description = "Password manager designed to make it easy to reconstruct difficult passwords"; license = with licenses; [ gpl3Plus lgpl3Plus ]; platforms = lib.platforms.linux; maintainers = with maintainers; [ qoelet ]; diff --git a/nixpkgs/pkgs/tools/security/gnupg-pkcs11-scd/default.nix b/nixpkgs/pkgs/tools/security/gnupg-pkcs11-scd/default.nix index 76cc2639bf90..e594fde69dac 100644 --- a/nixpkgs/pkgs/tools/security/gnupg-pkcs11-scd/default.nix +++ b/nixpkgs/pkgs/tools/security/gnupg-pkcs11-scd/default.nix @@ -20,7 +20,7 @@ stdenv.mkDerivation rec { ]; meta = with lib; { - description = "A smart-card daemon to enable the use of PKCS#11 tokens with GnuPG"; + description = "Smart-card daemon to enable the use of PKCS#11 tokens with GnuPG"; mainProgram = "gnupg-pkcs11-scd"; longDescription = '' gnupg-pkcs11 is a project to implement a BSD-licensed smart-card diff --git a/nixpkgs/pkgs/tools/security/go-cve-search/default.nix b/nixpkgs/pkgs/tools/security/go-cve-search/default.nix index 2e521de96ed3..e7eb19729ffb 100644 --- a/nixpkgs/pkgs/tools/security/go-cve-search/default.nix +++ b/nixpkgs/pkgs/tools/security/go-cve-search/default.nix @@ -20,7 +20,7 @@ buildGoModule rec { doCheck = false; meta = with lib; { - description = "A lightweight CVE search tool"; + description = "Lightweight CVE search tool"; mainProgram = "go-cve-search"; longDescription = '' go-cve-search is a lightweight tool to search CVE (Common Vulnerabilities diff --git a/nixpkgs/pkgs/tools/security/gopass/default.nix b/nixpkgs/pkgs/tools/security/gopass/default.nix index 5cc6624b721d..35961ad0abe1 100644 --- a/nixpkgs/pkgs/tools/security/gopass/default.nix +++ b/nixpkgs/pkgs/tools/security/gopass/default.nix @@ -58,7 +58,7 @@ buildGoModule rec { }; meta = with lib; { - description = "The slightly more awesome Standard Unix Password Manager for Teams. Written in Go"; + description = "Slightly more awesome Standard Unix Password Manager for Teams. Written in Go"; homepage = "https://www.gopass.pw/"; license = licenses.mit; maintainers = with maintainers; [ rvolosatovs sikmir ]; diff --git a/nixpkgs/pkgs/tools/security/gotrue/default.nix b/nixpkgs/pkgs/tools/security/gotrue/default.nix index 06b3560dec56..6a9d77ba062a 100644 --- a/nixpkgs/pkgs/tools/security/gotrue/default.nix +++ b/nixpkgs/pkgs/tools/security/gotrue/default.nix @@ -24,7 +24,7 @@ buildGoModule rec { meta = with lib; { homepage = "https://github.com/netlify/gotrue"; - description = "An SWT based API for managing users and issuing SWT tokens"; + description = "SWT based API for managing users and issuing SWT tokens"; mainProgram = "gotrue"; changelog = "https://github.com/netlify/gotrue/releases/tag/v${version}"; license = licenses.mit; diff --git a/nixpkgs/pkgs/tools/security/gotrue/supabase.nix b/nixpkgs/pkgs/tools/security/gotrue/supabase.nix index 9020a0c8c9ba..92a741167782 100644 --- a/nixpkgs/pkgs/tools/security/gotrue/supabase.nix +++ b/nixpkgs/pkgs/tools/security/gotrue/supabase.nix @@ -35,7 +35,7 @@ buildGoModule rec { meta = with lib; { homepage = "https://github.com/supabase/gotrue"; - description = "A JWT based API for managing users and issuing JWT tokens"; + description = "JWT based API for managing users and issuing JWT tokens"; mainProgram = "gotrue"; changelog = "https://github.com/supabase/gotrue/releases/tag/v${version}"; license = licenses.mit; diff --git a/nixpkgs/pkgs/tools/security/govulncheck/default.nix b/nixpkgs/pkgs/tools/security/govulncheck/default.nix index 166e6dd53963..9b51c052ed56 100644 --- a/nixpkgs/pkgs/tools/security/govulncheck/default.nix +++ b/nixpkgs/pkgs/tools/security/govulncheck/default.nix @@ -6,13 +6,13 @@ buildGoModule rec { pname = "govulncheck"; - version = "1.1.0"; + version = "1.1.2"; src = fetchFromGitHub { owner = "golang"; repo = "vuln"; rev = "refs/tags/v${version}"; - hash = "sha256-sS58HyrwyRv3zYi8OgiDYnKSbyu2i3KVoSX/0wQbqGw="; + hash = "sha256-kpAk6Gn/uXWPzg6thp2RYrP0kouMmEaVxZSaJpf445Y="; }; patches = [ @@ -23,7 +23,7 @@ buildGoModule rec { }) ]; - vendorHash = "sha256-ZHf//khvBGG+gRBKoKZo4NKoIJCQsbQfe2uT7cAHDcM="; + vendorHash = "sha256-0RtnyeOuvOv8cv4pFjRAR7VJB2FG6hqMML+Vz/FAjFM="; subPackages = [ "cmd/govulncheck" @@ -40,7 +40,8 @@ buildGoModule rec { meta = with lib; { homepage = "https://pkg.go.dev/golang.org/x/vuln/cmd/govulncheck"; downloadPage = "https://github.com/golang/vuln"; - description = "The database client and tools for the Go vulnerability database, also known as vuln"; + changelog = "https://github.com/golang/vuln/releases/tag/v${version}"; + description = "Database client and tools for the Go vulnerability database, also known as vuln"; mainProgram = "govulncheck"; longDescription = '' Govulncheck reports known vulnerabilities that affect Go code. It uses diff --git a/nixpkgs/pkgs/tools/security/graphw00f/default.nix b/nixpkgs/pkgs/tools/security/graphw00f/default.nix index 9edcf7c1f939..711b2f5b2116 100644 --- a/nixpkgs/pkgs/tools/security/graphw00f/default.nix +++ b/nixpkgs/pkgs/tools/security/graphw00f/default.nix @@ -5,14 +5,14 @@ python3.pkgs.buildPythonApplication rec { pname = "graphw00f"; - version = "1.1.15"; + version = "1.1.16"; format = "other"; src = fetchFromGitHub { owner = "dolevf"; repo = pname; rev = "refs/tags/${version}"; - hash = "sha256-wAymwT2PRyX7m/yh6BAa8YNkH7pE69bKHKZ15phuUJo="; + hash = "sha256-amyW+k6eXc4pyRLgrEXfOmMtReZvS8zDDBy+FSY6wHA="; }; propagatedBuildInputs = with python3.pkgs; [ diff --git a/nixpkgs/pkgs/tools/security/haka/default.nix b/nixpkgs/pkgs/tools/security/haka/default.nix index b20abbb8bf20..c51d582f4c0d 100644 --- a/nixpkgs/pkgs/tools/security/haka/default.nix +++ b/nixpkgs/pkgs/tools/security/haka/default.nix @@ -27,7 +27,7 @@ stdenv.mkDerivation { passthru.tests = { inherit (nixosTests) haka; }; meta = { - description = "A collection of tools that allows capturing TCP/IP packets and filtering them based on Lua policy files"; + description = "Collection of tools that allows capturing TCP/IP packets and filtering them based on Lua policy files"; homepage = "http://www.haka-security.org/"; license = lib.licenses.mpl20; maintainers = [ lib.maintainers.tvestelind ]; diff --git a/nixpkgs/pkgs/tools/security/hashdeep/default.nix b/nixpkgs/pkgs/tools/security/hashdeep/default.nix index f4f327b48d80..c870353d75b5 100644 --- a/nixpkgs/pkgs/tools/security/hashdeep/default.nix +++ b/nixpkgs/pkgs/tools/security/hashdeep/default.nix @@ -31,7 +31,7 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ autoreconfHook ]; meta = with lib; { - description = "A set of cross-platform tools to compute hashes"; + description = "Set of cross-platform tools to compute hashes"; homepage = "https://github.com/jessek/hashdeep"; license = licenses.gpl2Only; maintainers = [ maintainers.karantan ]; diff --git a/nixpkgs/pkgs/tools/security/haveged/default.nix b/nixpkgs/pkgs/tools/security/haveged/default.nix index c30469c3a3d9..63beadffa564 100644 --- a/nixpkgs/pkgs/tools/security/haveged/default.nix +++ b/nixpkgs/pkgs/tools/security/haveged/default.nix @@ -27,7 +27,7 @@ stdenv.mkDerivation rec { doCheck = true; meta = with lib; { - description = "A simple entropy daemon"; + description = "Simple entropy daemon"; mainProgram = "haveged"; longDescription = '' The haveged project is an attempt to provide an easy-to-use, unpredictable diff --git a/nixpkgs/pkgs/tools/security/himitsu/default.nix b/nixpkgs/pkgs/tools/security/himitsu/default.nix index d6bbb8fd6921..d4d6dcb211e4 100644 --- a/nixpkgs/pkgs/tools/security/himitsu/default.nix +++ b/nixpkgs/pkgs/tools/security/himitsu/default.nix @@ -1,38 +1,34 @@ -{ lib -, stdenv -, fetchFromSourcehut -, hare -, scdoc +{ + fetchFromSourcehut, + hareHook, + lib, + scdoc, + stdenv, }: -stdenv.mkDerivation rec { +stdenv.mkDerivation (finalAttrs: { pname = "himitsu"; - version = "0.6"; + version = "0.7"; src = fetchFromSourcehut { - name = pname + "-src"; owner = "~sircmpwn"; - repo = pname; - rev = version; - hash = "sha256-3x6Lc1rWBtYWVocBuMV5CtoZQjL0Ce+6J2xFjaYaeG4="; + repo = "himitsu"; + rev = finalAttrs.version; + hash = "sha256-jDxQajc8Kyfihm8q3wCpA+WsbAkQEZerLckLQXNhTa8="; }; nativeBuildInputs = [ - hare + hareHook scdoc ]; - preConfigure = '' - export HARECACHE=$(mktemp -d) - ''; - - installFlags = [ "PREFIX=" "DESTDIR=$(out)" ]; + installFlags = [ "PREFIX=${builtins.placeholder "out"}" ]; meta = with lib; { homepage = "https://himitsustore.org/"; - description = "A secret storage manager"; + description = "Secret storage manager"; license = licenses.gpl3Only; maintainers = with maintainers; [ auchter ]; - inherit (hare.meta) platforms badPlatforms; + inherit (hareHook.meta) platforms badPlatforms; }; -} +}) diff --git a/nixpkgs/pkgs/tools/security/httpx/default.nix b/nixpkgs/pkgs/tools/security/httpx/default.nix index 80a7404be002..d0d78c3047fa 100644 --- a/nixpkgs/pkgs/tools/security/httpx/default.nix +++ b/nixpkgs/pkgs/tools/security/httpx/default.nix @@ -1,24 +1,23 @@ -{ buildGoModule -, fetchFromGitHub -, lib +{ + lib, + buildGoModule, + fetchFromGitHub, }: buildGoModule rec { pname = "httpx"; - version = "1.6.0"; + version = "1.6.3"; src = fetchFromGitHub { owner = "projectdiscovery"; repo = "httpx"; rev = "refs/tags/v${version}"; - hash = "sha256-q8R3X1U2Dma0A9WRWIFPSRQHndNJFE2YdfMyPEM6dr8="; + hash = "sha256-N2Fym3OwTHjdaJ1fzGWL+BoUYsQ5216d3Ohz5Yrf558="; }; - vendorHash = "sha256-M7oxM0hMaOT78CxbSGyYk0nhGJC8dLWAlzi/b//EiHw="; + vendorHash = "sha256-jD5LQ9HZbWpoXgnyA7RacaDdyBPMbK02PhKQT+1il4Q="; - subPackages = [ - "cmd/httpx" - ]; + subPackages = [ "cmd/httpx" ]; ldflags = [ "-s" @@ -30,7 +29,6 @@ buildGoModule rec { meta = with lib; { description = "Fast and multi-purpose HTTP toolkit"; - mainProgram = "httpx"; longDescription = '' httpx is a fast and multi-purpose HTTP toolkit allow to run multiple probers using retryablehttp library, it is designed to maintain the @@ -40,5 +38,6 @@ buildGoModule rec { changelog = "https://github.com/projectdiscovery/httpx/releases/tag/v${version}"; license = licenses.mit; maintainers = with maintainers; [ fab ]; + mainProgram = "httpx"; }; } diff --git a/nixpkgs/pkgs/tools/security/iaito/default.nix b/nixpkgs/pkgs/tools/security/iaito/default.nix index 2ba6dd0aec26..79d9a65136c5 100644 --- a/nixpkgs/pkgs/tools/security/iaito/default.nix +++ b/nixpkgs/pkgs/tools/security/iaito/default.nix @@ -13,13 +13,13 @@ let pname = "iaito"; - version = "5.9.0"; + version = "5.9.2"; main_src = fetchFromGitHub rec { owner = "radareorg"; repo = pname; - rev = version; - hash = "sha256-Ep3Cbi0qjY4PKG0urr12y0DgX/l/Tsq8w1qlyH0lu3s="; + rev = "refs/tags/${version}"; + hash = "sha256-bq4kaP3BmDprKAxMxO+OvTceEQFeAxJ7aGDnRFHjVDA="; name = repo; }; @@ -31,8 +31,7 @@ let name = repo; }; in - -stdenv.mkDerivation rec { +stdenv.mkDerivation (finalAttrs: { inherit pname version; srcs = [ main_src translations_src ]; @@ -61,9 +60,6 @@ stdenv.mkDerivation rec { radare2 ]; - # the radare2 binary package seems to not install all necessary headers. - env.NIX_CFLAGS_COMPILE = toString [ "-I" "${radare2.src}/shlr/sdb/include/sdb" ]; - postBuild = '' pushd ../../../${translations_src.name} make build -j$NIX_BUILD_CORES PREFIX=$out @@ -86,16 +82,16 @@ stdenv.mkDerivation rec { ''; meta = with lib; { - description = "An official graphical interface of radare2"; - mainProgram = "iaito"; + description = "Official Qt frontend of radare2"; longDescription = '' - iaito is the official graphical interface of radare2. It's the - continuation of Cutter for radare2 after the Rizin fork. + iaito is the official graphical interface for radare2, a libre reverse + engineering framework. ''; homepage = "https://radare.org/n/iaito.html"; - changelog = "https://github.com/radareorg/iaito/releases/tag/${version}"; - license = licenses.gpl3Plus; + changelog = "https://github.com/radareorg/iaito/releases/tag/${finalAttrs.version}"; + license = licenses.gpl3Only; maintainers = with maintainers; [ azahi ]; + mainProgram = "iaito"; platforms = platforms.linux; }; -} +}) diff --git a/nixpkgs/pkgs/tools/security/jwt-cli/default.nix b/nixpkgs/pkgs/tools/security/jwt-cli/default.nix index 6d970dca9519..db049b1fa712 100644 --- a/nixpkgs/pkgs/tools/security/jwt-cli/default.nix +++ b/nixpkgs/pkgs/tools/security/jwt-cli/default.nix @@ -1,20 +1,29 @@ -{ lib, stdenv, fetchFromGitHub, rustPlatform, Security }: +{ lib, stdenv, fetchFromGitHub, installShellFiles, rustPlatform, Security }: rustPlatform.buildRustPackage rec { pname = "jwt-cli"; - version = "6.0.0"; + version = "6.1.0"; src = fetchFromGitHub { owner = "mike-engel"; repo = pname; rev = version; - sha256 = "sha256-EzXpiJGTAlTDHJwl7FwIsDHMqStj2PLD1PHmv0flBKc="; + sha256 = "sha256-iEZlT0Kyx+z/KYDw/YI3rb4eIi98Q48hEoK+6eRpJbM="; }; - cargoHash = "sha256-l1W+eYuKnMPN2wPhYPXo5ixUz2bX+FZnDazk+FbxquU="; + cargoHash = "sha256-DXyjdwVJUQpOz/Pctl35D00oSgrfehUg8wYyLdttiew="; + + nativeBuildInputs = [ installShellFiles ]; buildInputs = lib.optional stdenv.isDarwin Security; + postInstall = '' + installShellCompletion --cmd jwt \ + --bash <($out/bin/jwt completion bash) \ + --fish <($out/bin/jwt completion fish) \ + --zsh <($out/bin/jwt completion zsh) + ''; + doInstallCheck = true; installCheckPhase = '' $out/bin/jwt --version > /dev/null diff --git a/nixpkgs/pkgs/tools/security/jwt-hack/default.nix b/nixpkgs/pkgs/tools/security/jwt-hack/default.nix index 4922f67fe576..2b73d69249aa 100644 --- a/nixpkgs/pkgs/tools/security/jwt-hack/default.nix +++ b/nixpkgs/pkgs/tools/security/jwt-hack/default.nix @@ -1,24 +1,31 @@ -{ lib -, buildGoModule -, fetchFromGitHub +{ + lib, + buildGoModule, + fetchFromGitHub, }: buildGoModule rec { pname = "jwt-hack"; - version = "1.1.2"; + version = "1.2.0"; src = fetchFromGitHub { owner = "hahwul"; - repo = pname; - rev = "v${version}"; - hash = "sha256-K0ZtEi0zAKRlIGvorrXmtmkcMvyLIXWPnVMQANZbClk="; + repo = "jwt-hack"; + rev = "refs/tags/v${version}"; + hash = "sha256-IHR+ItI4ToINLpkVc7yrgpNTS17nD02G6x3pNMEfIW4="; }; - vendorHash = "sha256-VYh3oRy8bmtXf6AnLNi/M2kA6t+crW3AXBiGovpdt8U="; + vendorHash = "sha256-YEH+epSvyy1j0s8AIJ5+BdF47H7KqgBRC4t81noOkjo="; + + ldflags = [ + "-w" + "-s" + ]; meta = with lib; { description = "Tool for attacking JWT"; homepage = "https://github.com/hahwul/jwt-hack"; + changelog = "https://github.com/hahwul/jwt-hack/releases/tag/v${version}"; license = licenses.mit; maintainers = with maintainers; [ fab ]; mainProgram = "jwt-hack"; diff --git a/nixpkgs/pkgs/tools/security/katana/default.nix b/nixpkgs/pkgs/tools/security/katana/default.nix index 98aabba79d3a..f879f12481d5 100644 --- a/nixpkgs/pkgs/tools/security/katana/default.nix +++ b/nixpkgs/pkgs/tools/security/katana/default.nix @@ -26,7 +26,7 @@ buildGoModule rec { ]; meta = with lib; { - description = "A next-generation crawling and spidering framework"; + description = "Next-generation crawling and spidering framework"; mainProgram = "katana"; homepage = "https://github.com/projectdiscovery/katana"; changelog = "https://github.com/projectdiscovery/katana/releases/tag/v${version}"; diff --git a/nixpkgs/pkgs/tools/security/kbs2/default.nix b/nixpkgs/pkgs/tools/security/kbs2/default.nix index 4c1c23820f5f..4f193d4ffccb 100644 --- a/nixpkgs/pkgs/tools/security/kbs2/default.nix +++ b/nixpkgs/pkgs/tools/security/kbs2/default.nix @@ -46,7 +46,7 @@ rustPlatform.buildRustPackage rec { ''; meta = with lib; { - description = "A secret manager backed by age"; + description = "Secret manager backed by age"; mainProgram = "kbs2"; homepage = "https://github.com/woodruffw/kbs2"; changelog = "https://github.com/woodruffw/kbs2/blob/v${version}/CHANGELOG.md"; diff --git a/nixpkgs/pkgs/tools/security/kdigger/default.nix b/nixpkgs/pkgs/tools/security/kdigger/default.nix index dc700bc8e84a..a4f565bb791b 100644 --- a/nixpkgs/pkgs/tools/security/kdigger/default.nix +++ b/nixpkgs/pkgs/tools/security/kdigger/default.nix @@ -60,7 +60,7 @@ buildGoModule rec { meta = with lib; { homepage = "https://github.com/quarkslab/kdigger"; changelog = "https://github.com/quarkslab/kdigger/releases/tag/v${version}"; - description = "An in-pod context discovery tool for Kubernetes penetration testing"; + description = "In-pod context discovery tool for Kubernetes penetration testing"; mainProgram = "kdigger"; longDescription = '' kdigger, short for "Kubernetes digger", is a context discovery tool for diff --git a/nixpkgs/pkgs/tools/security/keybase/default.nix b/nixpkgs/pkgs/tools/security/keybase/default.nix index 38b5bf72fd31..6f77eab11323 100644 --- a/nixpkgs/pkgs/tools/security/keybase/default.nix +++ b/nixpkgs/pkgs/tools/security/keybase/default.nix @@ -34,7 +34,7 @@ buildGoModule rec { meta = with lib; { homepage = "https://www.keybase.io/"; - description = "The Keybase official command-line utility and service"; + description = "Keybase official command-line utility and service"; platforms = platforms.linux ++ platforms.darwin; maintainers = with maintainers; [ avaq np rvolosatovs Br1ght0ne shofius ]; license = licenses.bsd3; diff --git a/nixpkgs/pkgs/tools/security/keybase/gui.nix b/nixpkgs/pkgs/tools/security/keybase/gui.nix index e9f5f52e8a0b..666425e4d3d0 100644 --- a/nixpkgs/pkgs/tools/security/keybase/gui.nix +++ b/nixpkgs/pkgs/tools/security/keybase/gui.nix @@ -108,7 +108,7 @@ stdenv.mkDerivation rec { meta = with lib; { homepage = "https://www.keybase.io/"; - description = "The Keybase official GUI"; + description = "Keybase official GUI"; mainProgram = "keybase-gui"; platforms = [ "x86_64-linux" ]; maintainers = with maintainers; [ avaq rvolosatovs puffnfresh np Br1ght0ne shofius ]; diff --git a/nixpkgs/pkgs/tools/security/keybase/kbfs.nix b/nixpkgs/pkgs/tools/security/keybase/kbfs.nix index 3c508e86f76f..b3e2974a0033 100644 --- a/nixpkgs/pkgs/tools/security/keybase/kbfs.nix +++ b/nixpkgs/pkgs/tools/security/keybase/kbfs.nix @@ -13,7 +13,7 @@ buildGoModule { meta = with lib; { homepage = "https://keybase.io/docs/kbfs"; - description = "The Keybase filesystem"; + description = "Keybase filesystem"; maintainers = with maintainers; [ avaq rvolosatovs bennofs np shofius ]; license = licenses.bsd3; }; diff --git a/nixpkgs/pkgs/tools/security/keycard-cli/default.nix b/nixpkgs/pkgs/tools/security/keycard-cli/default.nix index 26c1d7934fbb..017990084c56 100644 --- a/nixpkgs/pkgs/tools/security/keycard-cli/default.nix +++ b/nixpkgs/pkgs/tools/security/keycard-cli/default.nix @@ -19,7 +19,7 @@ buildGoModule rec { ldflags = [ "-s" "-w" "-X main.version=${version}" ]; meta = with lib; { - description = "A command line tool and shell to manage keycards"; + description = "Command line tool and shell to manage keycards"; mainProgram = "keycard-cli"; homepage = "https://keycard.status.im"; license = licenses.mpl20; diff --git a/nixpkgs/pkgs/tools/security/keyscope/default.nix b/nixpkgs/pkgs/tools/security/keyscope/default.nix index 928daf4b2303..7601f2244579 100644 --- a/nixpkgs/pkgs/tools/security/keyscope/default.nix +++ b/nixpkgs/pkgs/tools/security/keyscope/default.nix @@ -40,7 +40,7 @@ rustPlatform.buildRustPackage rec { VERGEN_GIT_SEMVER = "v${version}"; meta = with lib; { - description = "A key and secret workflow (validation, invalidation, etc.) tool"; + description = "Key and secret workflow (validation, invalidation, etc.) tool"; mainProgram = "keyscope"; homepage = "https://github.com/spectralops/keyscope"; changelog = "https://github.com/spectralops/keyscope/blob/v${version}/CHANGELOG.md"; diff --git a/nixpkgs/pkgs/tools/security/kpcli/default.nix b/nixpkgs/pkgs/tools/security/kpcli/default.nix index 0509663af1aa..5a3b0a75862f 100644 --- a/nixpkgs/pkgs/tools/security/kpcli/default.nix +++ b/nixpkgs/pkgs/tools/security/kpcli/default.nix @@ -1,12 +1,12 @@ { lib, stdenv, fetchurl, makeWrapper, perl, perlPackages }: stdenv.mkDerivation rec { - version = "4.0"; + version = "4.1"; pname = "kpcli"; src = fetchurl { url = "mirror://sourceforge/kpcli/${pname}-${version}.pl"; - sha256 = "sha256-UYnX2tad3Jg00kdX5WHStI6u2pyts+SZlgj/jv4o/TU="; + sha256 = "sha256-3t8OhvRPj3oanFJKRaUVhGlF0B4E+UAlcfGMIpcet9s="; }; nativeBuildInputs = [ makeWrapper ]; diff --git a/nixpkgs/pkgs/tools/security/kubescape/default.nix b/nixpkgs/pkgs/tools/security/kubescape/default.nix index bfc482613d54..d0f8415cbedb 100644 --- a/nixpkgs/pkgs/tools/security/kubescape/default.nix +++ b/nixpkgs/pkgs/tools/security/kubescape/default.nix @@ -11,17 +11,17 @@ buildGoModule rec { pname = "kubescape"; - version = "3.0.10"; + version = "3.0.11"; src = fetchFromGitHub { owner = "kubescape"; repo = "kubescape"; rev = "refs/tags/v${version}"; - hash = "sha256-r6w2Cfyjxqf/1DMBGgmE8Oh/WnvBOa7mAEGXnPjk1Pg="; + hash = "sha256-hxHVQ8Ssvwq5lk+b7v1kLrYeGSfJEj/FudSd0V3tUnQ="; fetchSubmodules = true; }; - vendorHash = "sha256-WPa6IKPjdBtoHYKA2yYtaI1LCbkyv374fcThxbSEKxo="; + vendorHash = "sha256-iwcwhBX/Kl55G8SrI1mmkP5bj8BrLAGBdk3UnK1Xfag="; subPackages = [ "." ]; diff --git a/nixpkgs/pkgs/tools/security/kubestroyer/default.nix b/nixpkgs/pkgs/tools/security/kubestroyer/default.nix index 8e0922e4dfb0..a3f03e605c42 100644 --- a/nixpkgs/pkgs/tools/security/kubestroyer/default.nix +++ b/nixpkgs/pkgs/tools/security/kubestroyer/default.nix @@ -5,16 +5,16 @@ buildGoModule rec { pname = "kubestroyer"; - version = "0.2"; + version = "0.3.0"; src = fetchFromGitHub { owner = "Rolix44"; repo = "Kubestroyer"; rev = "refs/tags/v${version}"; - hash = "sha256-M/abb2IT0mXwj8lAitr18VtIgC4NvapPywBwcUWr9i8="; + hash = "sha256-A4kx0Xx3p9rP8OKRLPe9AfX+rqGggtvPb7Hsg+lLkSI="; }; - vendorHash = "sha256-x0lIi4QUuYn0kv0HV4h8k61kRu10LCyELudisqUdTAg="; + vendorHash = "sha256-V6qEvMsX7tdhooW116+0ayT6RYkdjDbz6QwWb8rC4ig="; ldflags = [ "-s" diff --git a/nixpkgs/pkgs/tools/security/ldeep/default.nix b/nixpkgs/pkgs/tools/security/ldeep/default.nix index 0b3a2b47df4c..098b811eb3f8 100644 --- a/nixpkgs/pkgs/tools/security/ldeep/default.nix +++ b/nixpkgs/pkgs/tools/security/ldeep/default.nix @@ -5,14 +5,14 @@ python3.pkgs.buildPythonApplication rec { pname = "ldeep"; - version = "1.0.53"; + version = "1.0.58"; pyproject = true; src = fetchFromGitHub { owner = "franc-pentest"; repo = "ldeep"; rev = "refs/tags/${version}"; - hash = "sha256-67jVpzvdjEcjFmTRE2YjPr4AO1iN+PakwoKcjvimt8g="; + hash = "sha256-u8qcihjGZmOAjjVBa6nLruD74zGozHnahShqUUXILcY="; }; pythonRelaxDeps = [ @@ -20,9 +20,12 @@ python3.pkgs.buildPythonApplication rec { ]; build-system = with python3.pkgs; [ + pdm-backend + ]; + + nativeBuildInputs = with python3.pkgs; [ cython pythonRelaxDepsHook - setuptools ]; dependencies = with python3.pkgs; [ @@ -50,7 +53,7 @@ python3.pkgs.buildPythonApplication rec { description = "In-depth LDAP enumeration utility"; homepage = "https://github.com/franc-pentest/ldeep"; changelog = "https://github.com/franc-pentest/ldeep/releases/tag/${version}"; - license = with licenses; [ mit ]; + license = licenses.mit; maintainers = with maintainers; [ fab ]; mainProgram = "ldeep"; }; diff --git a/nixpkgs/pkgs/tools/security/libtpms/default.nix b/nixpkgs/pkgs/tools/security/libtpms/default.nix index a7249481454a..5ac368eea9f0 100644 --- a/nixpkgs/pkgs/tools/security/libtpms/default.nix +++ b/nixpkgs/pkgs/tools/security/libtpms/default.nix @@ -33,7 +33,7 @@ stdenv.mkDerivation rec { ]; meta = with lib; { - description = "The libtpms library provides software emulation of a Trusted Platform Module (TPM 1.2 and TPM 2.0)"; + description = "Libtpms library provides software emulation of a Trusted Platform Module (TPM 1.2 and TPM 2.0)"; homepage = "https://github.com/stefanberger/libtpms"; license = licenses.bsd3; maintainers = [ maintainers.baloo ]; diff --git a/nixpkgs/pkgs/tools/security/logkeys/default.nix b/nixpkgs/pkgs/tools/security/logkeys/default.nix index 1172250f9c48..ed3180fd7e46 100644 --- a/nixpkgs/pkgs/tools/security/logkeys/default.nix +++ b/nixpkgs/pkgs/tools/security/logkeys/default.nix @@ -23,7 +23,7 @@ stdenv.mkDerivation { preConfigure = "./autogen.sh"; meta = with lib; { - description = "A GNU/Linux keylogger that works"; + description = "GNU/Linux keylogger that works"; license = licenses.gpl3; homepage = "https://github.com/kernc/logkeys"; maintainers = with maintainers; [mikoim offline]; diff --git a/nixpkgs/pkgs/tools/security/mantra/default.nix b/nixpkgs/pkgs/tools/security/mantra/default.nix index 348c0afc3251..5a6b0074b46b 100644 --- a/nixpkgs/pkgs/tools/security/mantra/default.nix +++ b/nixpkgs/pkgs/tools/security/mantra/default.nix @@ -5,13 +5,13 @@ buildGoModule rec { pname = "mantra"; - version = "1.1"; + version = "2.0"; src = fetchFromGitHub { owner = "MrEmpy"; repo = "Mantra"; - rev = "refs/tags/v.${version}"; - hash = "sha256-wIFZgxl6qULDvdUeq4yiuc5dPDudKsYvVUewSL0ITNM="; + rev = "refs/tags/v${version}"; + hash = "sha256-fBcoKoTBGCyJS8+mzKXLGxcxmRsCcZFZEyMTnA5Rkbw="; }; vendorHash = null; @@ -24,7 +24,7 @@ buildGoModule rec { meta = with lib; { description = "Tool used to hunt down API key leaks in JS files and pages"; homepage = "https://github.com/MrEmpy/Mantra"; - changelog = "https://github.com/MrEmpy/Mantra/releases/tag/v.${version}"; + changelog = "https://github.com/MrEmpy/Mantra/releases/tag/v${version}"; license = licenses.gpl3Only; maintainers = with maintainers; [ fab ]; mainProgram = "mantra"; diff --git a/nixpkgs/pkgs/tools/security/medusa/default.nix b/nixpkgs/pkgs/tools/security/medusa/default.nix index c7008be8f948..b33f36bd30f6 100644 --- a/nixpkgs/pkgs/tools/security/medusa/default.nix +++ b/nixpkgs/pkgs/tools/security/medusa/default.nix @@ -30,7 +30,7 @@ stdenv.mkDerivation rec { meta = with lib; { homepage = "https://github.com/jmk-foofus/medusa"; - description = "A speedy, parallel, and modular, login brute-forcer"; + description = "Speedy, parallel, and modular, login brute-forcer"; mainProgram = "medusa"; license = licenses.gpl2Plus; maintainers = with maintainers; [ ]; diff --git a/nixpkgs/pkgs/tools/security/metasploit/Gemfile b/nixpkgs/pkgs/tools/security/metasploit/Gemfile index 03770b1cc660..95bd1b8435df 100644 --- a/nixpkgs/pkgs/tools/security/metasploit/Gemfile +++ b/nixpkgs/pkgs/tools/security/metasploit/Gemfile @@ -1,4 +1,4 @@ # frozen_string_literal: true source "https://rubygems.org" -gem "metasploit-framework", git: "https://github.com/rapid7/metasploit-framework", ref: "refs/tags/6.4.8" +gem "metasploit-framework", git: "https://github.com/rapid7/metasploit-framework", ref: "refs/tags/6.4.13" diff --git a/nixpkgs/pkgs/tools/security/metasploit/Gemfile.lock b/nixpkgs/pkgs/tools/security/metasploit/Gemfile.lock index 0cbc2a918ad4..864358152c6d 100644 --- a/nixpkgs/pkgs/tools/security/metasploit/Gemfile.lock +++ b/nixpkgs/pkgs/tools/security/metasploit/Gemfile.lock @@ -1,9 +1,11 @@ GIT remote: https://github.com/rapid7/metasploit-framework - revision: e9f897a525576857abd73c96ac64beb0094ad547 - ref: refs/tags/6.4.8 + revision: 0dae49af4bc85231052e15fc97f8bfbf9ec56cf3 + ref: refs/tags/6.4.13 specs: - metasploit-framework (6.4.8) + metasploit-framework (6.4.13) + aarch64 + abbrev actionpack (~> 7.0.0) activerecord (~> 7.0.0) activesupport (~> 7.0.0) @@ -12,12 +14,16 @@ GIT aws-sdk-iam aws-sdk-s3 aws-sdk-ssm + base64 bcrypt bcrypt_pbkdf + bigdecimal bootsnap bson chunky_png + csv dnsruby + drb ed25519 em-http-request eventmachine @@ -26,6 +32,7 @@ GIT faraday-retry faye-websocket filesize + getoptlong hrr_rb_ssh-ed25519 http-cookie irb (~> 1.7.4) @@ -40,6 +47,7 @@ GIT metasploit_payloads-mettle (= 1.0.26) mqtt msgpack (~> 1.6.0) + mutex_m nessus_rest net-imap net-ldap @@ -47,7 +55,7 @@ GIT net-ssh network_interface nexpose - nokogiri (~> 1.14.0) + nokogiri octokit (~> 4.0) openssl-ccm openvas-omp @@ -87,7 +95,7 @@ GIT rubyntlm rubyzip sinatra - sqlite3 (= 1.6.6) + sqlite3 (= 1.7.3) sshkey swagger-blocks thin @@ -105,26 +113,29 @@ GIT GEM remote: https://rubygems.org/ specs: - Ascii85 (1.1.0) - actionpack (7.0.8.1) - actionview (= 7.0.8.1) - activesupport (= 7.0.8.1) + Ascii85 (1.1.1) + aarch64 (2.1.0) + racc (~> 1.6) + abbrev (0.1.2) + actionpack (7.0.8.3) + actionview (= 7.0.8.3) + activesupport (= 7.0.8.3) rack (~> 2.0, >= 2.2.4) rack-test (>= 0.6.3) rails-dom-testing (~> 2.0) rails-html-sanitizer (~> 1.0, >= 1.2.0) - actionview (7.0.8.1) - activesupport (= 7.0.8.1) + actionview (7.0.8.3) + activesupport (= 7.0.8.3) builder (~> 3.1) erubi (~> 1.4) rails-dom-testing (~> 2.0) rails-html-sanitizer (~> 1.1, >= 1.2.0) - activemodel (7.0.8.1) - activesupport (= 7.0.8.1) - activerecord (7.0.8.1) - activemodel (= 7.0.8.1) - activesupport (= 7.0.8.1) - activesupport (7.0.8.1) + activemodel (7.0.8.3) + activesupport (= 7.0.8.3) + activerecord (7.0.8.3) + activemodel (= 7.0.8.3) + activesupport (= 7.0.8.3) + activesupport (7.0.8.3) concurrent-ruby (~> 1.0, >= 1.0.2) i18n (>= 1.6, < 2) minitest (>= 5.1) @@ -135,37 +146,37 @@ GEM arel-helpers (2.14.0) activerecord (>= 3.1.0, < 8) aws-eventstream (1.3.0) - aws-partitions (1.916.0) - aws-sdk-core (3.192.1) + aws-partitions (1.933.0) + aws-sdk-core (3.196.1) aws-eventstream (~> 1, >= 1.3.0) aws-partitions (~> 1, >= 1.651.0) aws-sigv4 (~> 1.8) jmespath (~> 1, >= 1.6.1) - aws-sdk-ec2 (1.450.0) - aws-sdk-core (~> 3, >= 3.191.0) + aws-sdk-ec2 (1.457.1) + aws-sdk-core (~> 3, >= 3.193.0) aws-sigv4 (~> 1.1) - aws-sdk-ec2instanceconnect (1.38.0) - aws-sdk-core (~> 3, >= 3.191.0) + aws-sdk-ec2instanceconnect (1.40.0) + aws-sdk-core (~> 3, >= 3.193.0) aws-sigv4 (~> 1.1) - aws-sdk-iam (1.96.0) - aws-sdk-core (~> 3, >= 3.191.0) + aws-sdk-iam (1.98.0) + aws-sdk-core (~> 3, >= 3.193.0) aws-sigv4 (~> 1.1) - aws-sdk-kms (1.79.0) - aws-sdk-core (~> 3, >= 3.191.0) + aws-sdk-kms (1.82.0) + aws-sdk-core (~> 3, >= 3.193.0) aws-sigv4 (~> 1.1) - aws-sdk-s3 (1.147.0) - aws-sdk-core (~> 3, >= 3.192.0) + aws-sdk-s3 (1.151.0) + aws-sdk-core (~> 3, >= 3.194.0) aws-sdk-kms (~> 1) aws-sigv4 (~> 1.8) - aws-sdk-ssm (1.166.0) - aws-sdk-core (~> 3, >= 3.191.0) + aws-sdk-ssm (1.169.0) + aws-sdk-core (~> 3, >= 3.193.0) aws-sigv4 (~> 1.1) aws-sigv4 (1.8.0) aws-eventstream (~> 1, >= 1.0.2) base64 (0.2.0) bcrypt (3.1.20) - bcrypt_pbkdf (1.1.0) - bigdecimal (3.1.7) + bcrypt_pbkdf (1.1.1) + bigdecimal (3.1.8) bindata (2.4.15) bootsnap (1.18.3) msgpack (~> 1.2) @@ -175,11 +186,13 @@ GEM concurrent-ruby (1.2.3) cookiejar (0.3.4) crass (1.0.6) + csv (3.3.0) daemons (1.4.1) date (3.3.4) dnsruby (1.72.1) simpleidn (~> 0.2.1) domain_name (0.6.20240107) + drb (2.2.1) ed25519 (1.3.0) em-http-request (1.1.7) addressable (>= 2.3.4) @@ -205,6 +218,7 @@ GEM websocket-driver (>= 0.5.1) ffi (1.16.3) filesize (0.2.0) + getoptlong (0.2.1) gssapi (1.3.1) ffi (>= 1.0.1) gyoku (1.4.0) @@ -219,7 +233,7 @@ GEM domain_name (~> 0.5) http_parser.rb (0.8.0) httpclient (2.8.3) - i18n (1.14.4) + i18n (1.14.5) concurrent-ruby (~> 1.0) io-console (0.7.2) irb (1.7.4) @@ -269,14 +283,15 @@ GEM metasploit_payloads-mettle (1.0.26) method_source (1.1.0) mini_portile2 (2.8.6) - minitest (5.22.3) + minitest (5.23.1) mqtt (0.6.0) msgpack (1.6.1) multi_json (1.15.0) mustermann (3.0.0) ruby2_keywords (~> 0.0.1) + mutex_m (0.2.0) nessus_rest (0.1.6) - net-imap (0.4.10) + net-imap (0.4.11) date net-protocol net-ldap (0.19.0) @@ -287,7 +302,7 @@ GEM net-ssh (7.2.3) network_interface (0.0.4) nexpose (7.3.0) - nio4r (2.7.1) + nio4r (2.7.3) nokogiri (1.14.5) mini_portile2 (~> 2.8.0) racc (~> 1.4) @@ -302,7 +317,7 @@ GEM packetfu (2.0.0) pcaprub (~> 0.13.1) patch_finder (1.0.2) - pcaprub (0.13.1) + pcaprub (0.13.2) pdf-reader (2.12.0) Ascii85 (~> 1.0) afm (~> 0.2.1) @@ -313,7 +328,7 @@ GEM public_suffix (5.0.5) puma (6.4.2) nio4r (~> 2.0) - racc (1.7.3) + racc (1.8.0) rack (2.2.9) rack-protection (3.2.0) base64 (>= 0.1.0) @@ -327,9 +342,9 @@ GEM rails-html-sanitizer (1.6.0) loofah (~> 2.21) nokogiri (~> 1.14) - railties (7.0.8.1) - actionpack (= 7.0.8.1) - activesupport (= 7.0.8.1) + railties (7.0.8.3) + actionpack (= 7.0.8.3) + activesupport (= 7.0.8.3) method_source rake (>= 12.2) thor (~> 1.0) @@ -341,7 +356,7 @@ GEM recog (3.1.5) nokogiri redcarpet (3.6.0) - reline (0.5.2) + reline (0.5.7) io-console (~> 0.5) rex-arch (0.1.15) rex-text @@ -351,7 +366,7 @@ GEM rex-core rex-struct2 rex-text - rex-core (0.1.31) + rex-core (0.1.32) rex-encoder (0.1.7) metasm rex-arch @@ -374,7 +389,7 @@ GEM rex-random_identifier rex-text ruby-rc4 - rex-random_identifier (0.1.11) + rex-random_identifier (0.1.12) rex-text rex-registry (0.1.5) rex-rop_builder (0.1.5) @@ -388,16 +403,17 @@ GEM rex-socket rex-text rex-struct2 (0.1.4) - rex-text (0.2.57) + rex-text (0.2.58) rex-zip (0.1.5) rex-text - rexml (3.2.6) + rexml (3.2.8) + strscan (>= 3.0.9) rkelly-remix (0.0.7) ruby-macho (4.0.1) ruby-mysql (4.1.0) ruby-rc4 (0.1.5) ruby2_keywords (0.0.5) - ruby_smb (3.3.5) + ruby_smb (3.3.8) bindata (= 2.4.15) openssl-ccm openssl-cmac @@ -408,17 +424,17 @@ GEM sawyer (0.9.2) addressable (>= 2.3.5) faraday (>= 0.17.3, < 3) - simpleidn (0.2.1) - unf (~> 0.1.4) + simpleidn (0.2.3) sinatra (3.2.0) mustermann (~> 3.0) rack (~> 2.2, >= 2.2.4) rack-protection (= 3.2.0) tilt (~> 2.0) - sqlite3 (1.6.6) + sqlite3 (1.7.3) mini_portile2 (~> 2.8.0) sshkey (3.0.0) strptime (0.2.5) + strscan (3.1.0) swagger-blocks (3.0.0) thin (1.8.2) daemons (~> 1.0, >= 1.0.9) @@ -433,9 +449,6 @@ GEM concurrent-ruby (~> 1.0) tzinfo-data (1.2024.1) tzinfo (>= 1.0.0) - unf (0.1.4) - unf_ext - unf_ext (0.0.9.1) unix-crypt (1.3.1) warden (1.2.9) rack (>= 2.0.9) @@ -459,7 +472,7 @@ GEM activesupport (>= 4.2, < 8.0) xmlrpc (0.3.3) webrick - zeitwerk (2.6.13) + zeitwerk (2.6.14) PLATFORMS ruby @@ -468,4 +481,4 @@ DEPENDENCIES metasploit-framework! BUNDLED WITH - 2.5.7 + 2.5.9 diff --git a/nixpkgs/pkgs/tools/security/metasploit/default.nix b/nixpkgs/pkgs/tools/security/metasploit/default.nix index e9600b703bf8..b7144716ecf4 100644 --- a/nixpkgs/pkgs/tools/security/metasploit/default.nix +++ b/nixpkgs/pkgs/tools/security/metasploit/default.nix @@ -15,13 +15,13 @@ let }; in stdenv.mkDerivation rec { pname = "metasploit-framework"; - version = "6.4.8"; + version = "6.4.13"; src = fetchFromGitHub { owner = "rapid7"; repo = "metasploit-framework"; rev = "refs/tags/${version}"; - hash = "sha256-a5Igd8i5K9qt6r5dHuzRMWLrXZn95PJtYnW4A4HcUNE="; + hash = "sha256-9Qo+6FAkrzkXpaHPa6u3BgGH8yKDCKo1TtS4xO12Kew="; }; nativeBuildInputs = [ diff --git a/nixpkgs/pkgs/tools/security/metasploit/gemset.nix b/nixpkgs/pkgs/tools/security/metasploit/gemset.nix index ee104260ca7b..5edc7bb33135 100644 --- a/nixpkgs/pkgs/tools/security/metasploit/gemset.nix +++ b/nixpkgs/pkgs/tools/security/metasploit/gemset.nix @@ -1,53 +1,73 @@ { + aarch64 = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1c0hkbm94prkw0nb76l0il7fhz1xz5dkgzh6wwyrs88lwggv9avh"; + type = "gem"; + }; + version = "2.1.0"; + }; + abbrev = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0hj2qyx7rzpc7awhvqlm597x7qdxwi4kkml4aqnp5jylmsm4w6xd"; + type = "gem"; + }; + version = "0.1.2"; + }; actionpack = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0jh83rqd6glys1b2wsihzsln8yk6zdwgiyn9xncyiav9rcwjpkax"; + sha256 = "11c5pm65m46wlqd25glmwpkji1jn1v2n918jmklxp4w9rr43dzi6"; type = "gem"; }; - version = "7.0.8.1"; + version = "7.0.8.3"; }; actionview = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1ygpg75f3ffdcbxvf7s14xw3hcjin1nnx1nk3mg9mj2xc1nb60aa"; + sha256 = "0p0w1rl3f5k7m39j9gnyw5wqz6ym18bhcacisqq4zng2k6jf4893"; type = "gem"; }; - version = "7.0.8.1"; + version = "7.0.8.3"; }; activemodel = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0grdpvglh0cj96qhlxjj9bcfqkh13c1pfpcwc9ld3aw0yzvsw5a1"; + sha256 = "0y8w73rdd7x1m1gwswjhpqfbjr95hh7hcnkjqk1wz8x9gjk9njb6"; type = "gem"; }; - version = "7.0.8.1"; + version = "7.0.8.3"; }; activerecord = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0rlky1cr5kcdl0jad3nk5jpim6vjzbgkfhxnk7y492b3j2nznpcf"; + sha256 = "03pqj57md528dgwwplr234hq628allla71i1pxys2inbpp7s7vn8"; type = "gem"; }; - version = "7.0.8.1"; + version = "7.0.8.3"; }; activesupport = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0ff3x7q400flzhml131ix8zfwmh13h70rs6yzbzf513g781gbbxh"; + sha256 = "1ybapgiiysxgcjyzifn34ksbwjdjzslbvbcd7v83wiry1qmiyg93"; type = "gem"; }; - version = "7.0.8.1"; + version = "7.0.8.3"; }; addressable = { groups = ["default"]; @@ -84,10 +104,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1ds4v9xgsyvijnlflak4dzf1qwmda9yd5bv8jwsb56nngd399rlw"; + sha256 = "1c62cx96r0v265mywnlik43qx0wf6bjbzl54qa47x6dzjg861mvk"; type = "gem"; }; - version = "1.1.0"; + version = "1.1.1"; }; aws-eventstream = { groups = ["default"]; @@ -104,80 +124,80 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1gilrh9fb1576xm2ah0l6d33qkiabz55zpq004qqia9xavl43ylz"; + sha256 = "1axv3iicp4as5dxhmwrxf3rc7389ba94gk11yilw3vwv4hch87yx"; type = "gem"; }; - version = "1.916.0"; + version = "1.933.0"; }; aws-sdk-core = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1hp8rxk9wl3kmb7xabcz5hbcv7kzsvsx0wyib2fsg9d42kz149n0"; + sha256 = "0f44kp3g9g8v60f7xw769r734b7w6n774jj2njn42444ip3zwsz3"; type = "gem"; }; - version = "3.192.1"; + version = "3.196.1"; }; aws-sdk-ec2 = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "101jjqf912jwca119v86i4inlkf2gldmmhgdm2rdk5hqrwl4yrf4"; + sha256 = "114xd77sb1wzxv1ys2dg7adzyfbfzy3k2x885slgbdwh6q9nby0f"; type = "gem"; }; - version = "1.450.0"; + version = "1.457.1"; }; aws-sdk-ec2instanceconnect = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1mhqk2s8klp8djibrhgmh9lz9nr4rh1yy7y6c86if55r07i1912c"; + sha256 = "1sjjyp90hhgbxmiw9sdscyfgjpy86m10dbr1dmxw3dmq244p3ilq"; type = "gem"; }; - version = "1.38.0"; + version = "1.40.0"; }; aws-sdk-iam = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0zcvkal9ahwr84pz1cb3y9ylx3f74m4kgs4n160dfzf51b8m917l"; + sha256 = "0a2kir61jwjpwwk5nld3daxkbc38ivszrxyjs9v320cq6hk6g80v"; type = "gem"; }; - version = "1.96.0"; + version = "1.98.0"; }; aws-sdk-kms = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1cb0006xf5isq5drdwkvd6xz20886x3rzcj5qyly7g8gql5lc8aw"; + sha256 = "0j6wlmn9h8l571ll7pamqxk5b3mg5ms65b85w0r1qjs3v1i5xfcd"; type = "gem"; }; - version = "1.79.0"; + version = "1.82.0"; }; aws-sdk-s3 = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0ibw2v56k8v2sw92cyliprq1xxfyavnd60yl6ach3f4qbp156xrn"; + sha256 = "023h9xx65dd91z1sk9znhfwp4wr48imnnhdhvczv64m17r7ych4y"; type = "gem"; }; - version = "1.147.0"; + version = "1.151.0"; }; aws-sdk-ssm = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0drad0zka0kjayiy971vcl5dfp6j37wgga4xncya8w8xsrknh9s8"; + sha256 = "1liyqnj8hjyrix96kbbqflr4bh3hg07jjcx5x6bsiiqsixblq4md"; type = "gem"; }; - version = "1.166.0"; + version = "1.169.0"; }; aws-sigv4 = { groups = ["default"]; @@ -214,20 +234,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0ndamfaivnkhc6hy0yqyk2gkwr6f3bz6216lh74hsiiyk3axz445"; + sha256 = "04rb3rp9bdxn1y3qiflfpj7ccwb8ghrfbydh5vfz1l9px3fpg41g"; type = "gem"; }; - version = "1.1.0"; + version = "1.1.1"; }; bigdecimal = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0cq1c29zbkcxgdihqisirhcw76xc768z2zpd5vbccpq0l1lv76g7"; + sha256 = "1gi7zqgmqwi5lizggs1jhc3zlwaqayy9rx2ah80sxy24bbnng558"; type = "gem"; }; - version = "3.1.7"; + version = "3.1.8"; }; bindata = { groups = ["default"]; @@ -309,6 +329,16 @@ }; version = "1.0.6"; }; + csv = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0zfn40dvgjk1xv1z8l11hr9jfg3jncwsc9yhzsz4l4rivkpivg8b"; + type = "gem"; + }; + version = "3.3.0"; + }; daemons = { groups = ["default"]; platforms = []; @@ -349,6 +379,16 @@ }; version = "0.6.20240107"; }; + drb = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0h5kbj9hvg5hb3c7l425zpds0vb42phvln2knab8nmazg2zp5m79"; + type = "gem"; + }; + version = "2.2.1"; + }; ed25519 = { groups = ["default"]; platforms = []; @@ -469,6 +509,16 @@ }; version = "0.2.0"; }; + getoptlong = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "198vy9dxyzibqdbw9jg8p2ljj9iknkyiqlyl229vz55rjxrz08zx"; + type = "gem"; + }; + version = "0.2.1"; + }; gssapi = { groups = ["default"]; platforms = []; @@ -554,10 +604,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0lbm33fpb3w06wd2231sg58dwlwgjsvym93m548ajvl6s3mfvpn7"; + sha256 = "1ffix518y7976qih9k1lgnc17i3v6yrlh0a3mckpxdb4wc2vrp16"; type = "gem"; }; - version = "1.14.4"; + version = "1.14.5"; }; io-console = { groups = ["default"]; @@ -674,12 +724,12 @@ platforms = []; source = { fetchSubmodules = false; - rev = "e9f897a525576857abd73c96ac64beb0094ad547"; - sha256 = "1lahvj0h7f3mc9nz5r7xk5fynqiis7n1wpdyxanxlaxrr1vj14kb"; + rev = "0dae49af4bc85231052e15fc97f8bfbf9ec56cf3"; + sha256 = "1v19fvnw9f6l9qssl2434brqf086nymnpkx1llbkkbr4a3l3w2pm"; type = "git"; url = "https://github.com/rapid7/metasploit-framework"; }; - version = "6.4.8"; + version = "6.4.13"; }; metasploit-model = { groups = ["default"]; @@ -746,10 +796,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "07lq26b86giy3ha3fhrywk9r1ajhc2pm2mzj657jnpnbj1i6g17a"; + sha256 = "1gkslxvkhh44s21rbjvka3zsvfxxrf5pcl6f75rv2vyrzzbgis7i"; type = "gem"; }; - version = "5.22.3"; + version = "5.23.1"; }; mqtt = { groups = ["default"]; @@ -791,6 +841,16 @@ }; version = "3.0.0"; }; + mutex_m = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1ma093ayps1m92q845hmpk0dmadicvifkbf05rpq9pifhin0rvxn"; + type = "gem"; + }; + version = "0.2.0"; + }; nessus_rest = { groups = ["default"]; platforms = []; @@ -806,10 +866,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0zn7j2w0hc622ig0rslk4iy6yp3937dy9ibhyr1mwwx39n7paxaj"; + sha256 = "1y0pzapcasfjayk4nydy04hnx11xmsv8jl8myizxhbpkdmrl10dc"; type = "gem"; }; - version = "0.4.10"; + version = "0.4.11"; }; net-ldap = { groups = ["default"]; @@ -876,10 +936,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "15iwbiij52x6jhdbl0rkcldnhfndmsy0sbnsygkr9vhskfqrp72m"; + sha256 = "017nbw87dpr4wyk81cgj8kxkxqgsgblrkxnmmadc77cg9gflrfal"; type = "gem"; }; - version = "2.7.1"; + version = "2.7.3"; }; nokogiri = { dependencies = ["mini_portile2" "racc"]; @@ -967,10 +1027,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0886fcc5bi0kc0rbma5fj3wa3hbg2nl7ivnbi2j995yzg36zq7xy"; + sha256 = "0bwhm5b7f0ncazffxzlyql83khcgydx2ncav9k241gab4knkhb7l"; type = "gem"; }; - version = "0.13.1"; + version = "0.13.2"; }; pdf-reader = { groups = ["default"]; @@ -1017,10 +1077,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "01b9662zd2x9bp4rdjfid07h09zxj7kvn7f5fghbqhzc625ap1dp"; + sha256 = "021s7maw0c4d9a6s07vbmllrzqsj2sgmrwimlh8ffkvwqdjrld09"; type = "gem"; }; - version = "1.7.3"; + version = "1.8.0"; }; rack = { groups = ["default"]; @@ -1077,10 +1137,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "08ga56kz6a37dnlmi7y45r19fcc7jzb62mrc3ifavbzggmhy7r62"; + sha256 = "0sxki005rl1315mp78csayvfdx5zxjvwv8xmcfyjksgq27cimk5r"; type = "gem"; }; - version = "7.0.8.1"; + version = "7.0.8.3"; }; rake = { groups = ["default"]; @@ -1137,10 +1197,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0xwf7i2kvgaxbpdqqkncv9dpfhlj55shig4sdzgy7kgbfj09mm03"; + sha256 = "06rlp3wjcbwbgw3xlawclzzmj6ryn6ap65nh54x5yzgx0c3jlqqz"; type = "gem"; }; - version = "0.5.2"; + version = "0.5.7"; }; rex-arch = { groups = ["default"]; @@ -1167,10 +1227,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0s5fz1fipk2x9grd8rj7n09wfmq78kdhw9fvrmgr9z52zi640xzs"; + sha256 = "0468gxcwhzp5y7lahkf0cg4vyy01wb2fk6w1rx4fgh1l9330a64b"; type = "gem"; }; - version = "0.1.31"; + version = "0.1.32"; }; rex-encoder = { groups = ["default"]; @@ -1247,10 +1307,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1qxc05f0xvradyp50vz8s1h9lzgh9c31nz8yq7r22bph03v71f0c"; + sha256 = "02709z33zcbq2i3ca66b94n3aqbd8r6ib1dgb2fby1vk5nrg18p9"; type = "gem"; }; - version = "0.1.11"; + version = "0.1.12"; }; rex-registry = { groups = ["default"]; @@ -1307,10 +1367,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "08wrqy8sgncsn6kcplw7bl6c2bmyj9fza7x77wrlwh1gza7pcjk4"; + sha256 = "04icj61kn5bnd939km6y49ylv8sbkqb96jld91nbrijahawcf5yz"; type = "gem"; }; - version = "0.2.57"; + version = "0.2.58"; }; rex-zip = { groups = ["default"]; @@ -1327,10 +1387,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "05i8518ay14kjbma550mv0jm8a6di8yp5phzrd8rj44z9qnrlrp0"; + sha256 = "0d8ivcirrrxpkpjc1c835wknc9s2fl54xpw08s177yfrh5ish209"; type = "gem"; }; - version = "3.2.6"; + version = "3.2.8"; }; rkelly-remix = { groups = ["default"]; @@ -1387,10 +1447,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0fwk5hqaph37apa5zf1mg2n2wd5lkz3sgwl0f4ndhkv1vfxbb2ys"; + sha256 = "1hw3hj2q0xkqr90snzrpiqfa7lsc5k4w6bgdj624vxkh7q0nnfw7"; type = "gem"; }; - version = "3.3.5"; + version = "3.3.8"; }; rubyntlm = { groups = ["default"]; @@ -1427,10 +1487,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "06f7w6ph3bzzqk212yylfp4jfx275shgp9zg3xszbpv1ny2skp9m"; + sha256 = "0a9c1mdy12y81ck7mcn9f9i2s2wwzjh1nr92ps354q517zq9dkh8"; type = "gem"; }; - version = "0.2.1"; + version = "0.2.3"; }; sinatra = { groups = ["default"]; @@ -1447,10 +1507,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "15415lmz69jbzl6nch4q5l2jxv054676nk6y0vgy0g3iklmjrxvc"; + sha256 = "073hd24qwx9j26cqbk0jma0kiajjv9fb8swv9rnz8j4mf0ygcxzs"; type = "gem"; }; - version = "1.6.6"; + version = "1.7.3"; }; sshkey = { groups = ["default"]; @@ -1472,6 +1532,16 @@ }; version = "0.2.5"; }; + strscan = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0mamrl7pxacbc79ny5hzmakc9grbjysm3yy6119ppgsg44fsif01"; + type = "gem"; + }; + version = "3.1.0"; + }; swagger-blocks = { groups = ["default"]; platforms = []; @@ -1552,26 +1622,6 @@ }; version = "1.2024.1"; }; - unf = { - groups = ["default"]; - platforms = []; - source = { - remotes = ["https://rubygems.org"]; - sha256 = "0bh2cf73i2ffh4fcpdn9ir4mhq8zi50ik0zqa1braahzadx536a9"; - type = "gem"; - }; - version = "0.1.4"; - }; - unf_ext = { - groups = ["default"]; - platforms = []; - source = { - remotes = ["https://rubygems.org"]; - sha256 = "1sf6bxvf6x8gihv6j63iakixmdddgls58cpxpg32chckb2l18qcj"; - type = "gem"; - }; - version = "0.0.9.1"; - }; unix-crypt = { groups = ["default"]; platforms = []; @@ -1677,9 +1727,9 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1m67qmsak3x8ixs8rb971azl3l7wapri65pmbf5z886h46q63f1d"; + sha256 = "0ayraiqfhhjzpyr4yxp035002lq78ip1zhr0ix87rn3rqpnsrn3h"; type = "gem"; }; - version = "2.6.13"; + version = "2.6.14"; }; } diff --git a/nixpkgs/pkgs/tools/security/minica/default.nix b/nixpkgs/pkgs/tools/security/minica/default.nix index e7a05412303e..8c351e180361 100644 --- a/nixpkgs/pkgs/tools/security/minica/default.nix +++ b/nixpkgs/pkgs/tools/security/minica/default.nix @@ -5,13 +5,13 @@ buildGoModule rec { pname = "minica"; - version = "1.0.2"; + version = "1.1.0"; src = fetchFromGitHub { owner = "jsha"; repo = "minica"; rev = "v${version}"; - sha256 = "sha256-3p6rUFFiWXhX9BBbxqWxRoyRceexvNnqcFCyNi5HoaA="; + sha256 = "sha256-YUeP3xBoZzonJYfEAOWZYCTFwOxFWySW7ezvpMLNZ1I="; }; vendorHash = null; @@ -19,7 +19,7 @@ buildGoModule rec { ldflags = [ "-s" "-w" ]; meta = with lib; { - description = "A simple tool for generating self signed certificates"; + description = "Simple tool for generating self signed certificates"; mainProgram = "minica"; longDescription = '' Minica is a simple CA intended for use in situations where the CA operator diff --git a/nixpkgs/pkgs/tools/security/minio-certgen/default.nix b/nixpkgs/pkgs/tools/security/minio-certgen/default.nix index fed6bdca2c54..2379de92f430 100644 --- a/nixpkgs/pkgs/tools/security/minio-certgen/default.nix +++ b/nixpkgs/pkgs/tools/security/minio-certgen/default.nix @@ -2,19 +2,19 @@ buildGoModule rec { pname = "minio-certgen"; - version = "1.2.1"; + version = "1.3.0"; src = fetchFromGitHub { owner = "minio"; repo = "certgen"; rev = "v${version}"; - sha256 = "sha256-qi+SeNLW/jE2dGar4Lf16TKRT3ZTmWB/j8EsnoyrdxI="; + sha256 = "sha256-bYZfQeqPqroMkqJOqHri3l7xscEK9ml/oNLVPBVSDKk="; }; vendorHash = null; meta = with lib; { - description = "A simple Minio tool to generate self-signed certificates, and provides SAN certificates with DNS and IP entries"; + description = "Simple Minio tool to generate self-signed certificates, and provides SAN certificates with DNS and IP entries"; downloadPage = "https://github.com/minio/certgen"; license = licenses.bsd3; maintainers = with maintainers; [ bryanasdev000 ]; diff --git a/nixpkgs/pkgs/tools/security/minisign/default.nix b/nixpkgs/pkgs/tools/security/minisign/default.nix index aaa280f40e90..45886a3803be 100644 --- a/nixpkgs/pkgs/tools/security/minisign/default.nix +++ b/nixpkgs/pkgs/tools/security/minisign/default.nix @@ -15,7 +15,7 @@ stdenv.mkDerivation rec { buildInputs = [ libsodium ]; meta = with lib; { - description = "A simple tool for signing files and verifying signatures"; + description = "Simple tool for signing files and verifying signatures"; longDescription = '' minisign uses public key cryptography to help facilitate secure (but not necessarily private) file transfer, e.g., of software artefacts. minisign diff --git a/nixpkgs/pkgs/tools/security/mkrand/default.nix b/nixpkgs/pkgs/tools/security/mkrand/default.nix index b0ebe7e521fa..38ef22117fa3 100644 --- a/nixpkgs/pkgs/tools/security/mkrand/default.nix +++ b/nixpkgs/pkgs/tools/security/mkrand/default.nix @@ -12,7 +12,7 @@ stdenv.mkDerivation rec { doCheck = true; meta = { - description = "A Digital Random Bit Generator"; + description = "Digital Random Bit Generator"; mainProgram = "mkrand"; longDescription = "MKRAND is a utility for generating random information."; homepage = "https://github.com/mknight-tag/MKRAND/"; diff --git a/nixpkgs/pkgs/tools/security/mpw/default.nix b/nixpkgs/pkgs/tools/security/mpw/default.nix index 25c71eb046db..4ee765bdbdd1 100644 --- a/nixpkgs/pkgs/tools/security/mpw/default.nix +++ b/nixpkgs/pkgs/tools/security/mpw/default.nix @@ -56,7 +56,7 @@ in stdenv.mkDerivation rec { ''; meta = with lib; { - description = "A stateless password management solution"; + description = "Stateless password management solution"; mainProgram = "mpw"; homepage = "https://masterpasswordapp.com/"; license = licenses.gpl3; diff --git a/nixpkgs/pkgs/tools/security/networkminer/default.nix b/nixpkgs/pkgs/tools/security/networkminer/default.nix index 6e762ef543fe..f83c6b3e2415 100644 --- a/nixpkgs/pkgs/tools/security/networkminer/default.nix +++ b/nixpkgs/pkgs/tools/security/networkminer/default.nix @@ -62,7 +62,7 @@ buildDotnetModule rec { ''; meta = with lib; { - description = "The Open Source Network Forensic Analysis Tool (NFAT)"; + description = "Open Source Network Forensic Analysis Tool (NFAT)"; homepage = "https://www.netresec.com/?page=NetworkMiner"; license = licenses.gpl2Only; maintainers = with maintainers; [ emilytrau ]; diff --git a/nixpkgs/pkgs/tools/security/nitrokey-app2/default.nix b/nixpkgs/pkgs/tools/security/nitrokey-app2/default.nix index 8e97ce02af4c..5477a603d4af 100644 --- a/nixpkgs/pkgs/tools/security/nitrokey-app2/default.nix +++ b/nixpkgs/pkgs/tools/security/nitrokey-app2/default.nix @@ -1,49 +1,27 @@ { lib , stdenv , python3 -, fetchPypi , fetchFromGitHub , wrapQtAppsHook , qtbase , qtwayland }: -let - python = python3.override { - packageOverrides = self: super: { - pynitrokey = super.pynitrokey.overridePythonAttrs (old: rec { - version = "0.4.45"; - src = fetchPypi { - inherit (old) pname; - inherit version; - hash = "sha256-iY4ThrmXP7pEjTYYU4lePVAbuJGTdHX3iKswXzuf7W8="; - }; - }); - }; - }; -in python.pkgs.buildPythonApplication rec { +python3.pkgs.buildPythonApplication rec { pname = "nitrokey-app2"; - version = "2.2.2"; + version = "2.3.0"; pyproject = true; - disabled = python.pythonOlder "3.9"; + disabled = python3.pythonOlder "3.9"; src = fetchFromGitHub { owner = "Nitrokey"; repo = "nitrokey-app2"; rev = "v${version}"; - hash = "sha256-MiyfmsrKZRoe7YMEjR1LHPesfJh6+dcSydoEAgrALJ8="; + hash = "sha256-BSq3ezNt6btQUO1hMVw9bN3VCyUOUhfRFJcHDGkIm6Q="; }; - # https://github.com/Nitrokey/nitrokey-app2/issues/152 - # - # pythonRelaxDepsHook does not work here, because it runs in postBuild and - # only modifies the dependencies in the built distribution. - postPatch = '' - substituteInPlace pyproject.toml --replace 'pynitrokey = "' 'pynitrokey = ">=' - ''; - - nativeBuildInputs = with python.pkgs; [ + nativeBuildInputs = with python3.pkgs; [ poetry-core wrapQtAppsHook ]; @@ -52,7 +30,7 @@ in python.pkgs.buildPythonApplication rec { qtwayland ]; - propagatedBuildInputs = with python.pkgs; [ + propagatedBuildInputs = with python3.pkgs; [ pynitrokey pyudev pyside6 diff --git a/nixpkgs/pkgs/tools/security/nmap-formatter/default.nix b/nixpkgs/pkgs/tools/security/nmap-formatter/default.nix index ade602a65375..7b2fca55d954 100644 --- a/nixpkgs/pkgs/tools/security/nmap-formatter/default.nix +++ b/nixpkgs/pkgs/tools/security/nmap-formatter/default.nix @@ -5,16 +5,16 @@ buildGoModule rec { pname = "nmap-formatter"; - version = "2.1.6"; + version = "3.0.0"; src = fetchFromGitHub { owner = "vdjagilev"; repo = pname; rev = "v${version}"; - hash = "sha256-40ix4D/f63Q5cqVmBvpSmbK2KNXiYLdv/xXBNPJXfac="; + hash = "sha256-JqSsFEZmmVOnNza9xh+JrlWxE4XdA1GSX9yw2NIPYhQ="; }; - vendorHash = "sha256-OUhvQwC7EJF7CIM7NHCs0TqRTZHTiDupkfYREPaxpXo="; + vendorHash = "sha256-MiBY4kWBZM2ZcW3SMqQ+7gKFnFt78wMI9S3OfCgth5g="; meta = with lib; { description = "Tool that allows you to convert nmap output"; diff --git a/nixpkgs/pkgs/tools/security/nmap/default.nix b/nixpkgs/pkgs/tools/security/nmap/default.nix index 8d5b3d90e5c6..9280abbcfb5d 100644 --- a/nixpkgs/pkgs/tools/security/nmap/default.nix +++ b/nixpkgs/pkgs/tools/security/nmap/default.nix @@ -44,7 +44,7 @@ stdenv.mkDerivation rec { doCheck = false; # fails 3 tests, probably needs the net meta = with lib; { - description = "A free and open source utility for network discovery and security auditing"; + description = "Free and open source utility for network discovery and security auditing"; homepage = "http://www.nmap.org"; license = licenses.gpl2Only; platforms = platforms.all; diff --git a/nixpkgs/pkgs/tools/security/notary/default.nix b/nixpkgs/pkgs/tools/security/notary/default.nix index f1fed4806eb4..be147369ffe2 100644 --- a/nixpkgs/pkgs/tools/security/notary/default.nix +++ b/nixpkgs/pkgs/tools/security/notary/default.nix @@ -36,7 +36,7 @@ buildGoPackage rec { ''; meta = with lib; { - description = "A project that allows anyone to have trust over arbitrary collections of data"; + description = "Project that allows anyone to have trust over arbitrary collections of data"; mainProgram = "notary"; longDescription = '' The Notary project comprises a server and a client for running and diff --git a/nixpkgs/pkgs/tools/security/notation/default.nix b/nixpkgs/pkgs/tools/security/notation/default.nix index f9318296060f..3afd7bd27f2f 100644 --- a/nixpkgs/pkgs/tools/security/notation/default.nix +++ b/nixpkgs/pkgs/tools/security/notation/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "notation"; - version = "1.1.0"; + version = "1.1.1"; src = fetchFromGitHub { owner = "notaryproject"; repo = pname; rev = "v${version}"; - hash = "sha256-MJBFdtx+HkPCN1SIohKOy33BW746GNN2fWkr7TIuBmk="; + hash = "sha256-Pi4Ddlx8G4dRDz79yTiPBf6gf0wsvoE9CuyeVGrHst0="; }; - vendorHash = "sha256-USkufc1dG4eyRfRJHSX4mVZHnvOc5onHenF98Aedac4="; + vendorHash = "sha256-REJPSBLXzIPAmxwzckufTqJvZCWUUkJLBmHTx2nv9QM="; nativeBuildInputs = [ installShellFiles diff --git a/nixpkgs/pkgs/tools/security/nsjail/default.nix b/nixpkgs/pkgs/tools/security/nsjail/default.nix index 23b938a83f9a..dbf62872d21f 100644 --- a/nixpkgs/pkgs/tools/security/nsjail/default.nix +++ b/nixpkgs/pkgs/tools/security/nsjail/default.nix @@ -32,7 +32,7 @@ stdenv.mkDerivation rec { ''; meta = with lib; { - description = "A light-weight process isolation tool, making use of Linux namespaces and seccomp-bpf syscall filters"; + description = "Light-weight process isolation tool, making use of Linux namespaces and seccomp-bpf syscall filters"; homepage = "https://nsjail.dev/"; changelog = "https://github.com/google/nsjail/releases/tag/${version}"; license = licenses.asl20; diff --git a/nixpkgs/pkgs/tools/security/nuclei/default.nix b/nixpkgs/pkgs/tools/security/nuclei/default.nix index 259680693dac..29b8a5547cfb 100644 --- a/nixpkgs/pkgs/tools/security/nuclei/default.nix +++ b/nixpkgs/pkgs/tools/security/nuclei/default.nix @@ -6,16 +6,16 @@ buildGoModule rec { pname = "nuclei"; - version = "3.2.7"; + version = "3.2.9"; src = fetchFromGitHub { owner = "projectdiscovery"; repo = "nuclei"; rev = "refs/tags/v${version}"; - hash = "sha256-sXrDmtuKfFeYAJnxIZGQiYiAjx40YQLfnMQ8YUCkZ7s="; + hash = "sha256-4YfdpM+F2hP88GbB5ct2dla/balbt8uQcJSUyJut99U="; }; - vendorHash = "sha256-PXa8Fd7LE6uebpep1/HV2EuJdzj8cxeiZ4DYALIoh2A="; + vendorHash = "sha256-zonoIvDbSHpURKPJoTfL2SrpiIAQkh0oAGEDEQiH35M="; subPackages = [ "cmd/nuclei/" ]; diff --git a/nixpkgs/pkgs/tools/security/oauth2c/default.nix b/nixpkgs/pkgs/tools/security/oauth2c/default.nix index 292ac255b3a0..1289eb05f215 100644 --- a/nixpkgs/pkgs/tools/security/oauth2c/default.nix +++ b/nixpkgs/pkgs/tools/security/oauth2c/default.nix @@ -5,16 +5,16 @@ buildGoModule rec { pname = "oauth2c"; - version = "1.13.0"; + version = "1.14.0"; src = fetchFromGitHub { owner = "cloudentity"; repo = pname; rev = "v${version}"; - hash = "sha256-NNVHEV8qnPv+xXFzPsh1V+fSOQZxpADCRPIUsak5M5M="; + hash = "sha256-sxaInCsW3MKOYV3TscJYGwzSncg5TUW9YVheuxoO1h4="; }; - vendorHash = "sha256-x6cb19rKJXm+EIxJeykhpFmUYOPb/VljzCOVjorP5MQ="; + vendorHash = "sha256-PdLh/J0HUvr1JjW/ew5PQe9TJNykI4tJhlRoVjRT/hg="; doCheck = false; # tests want to talk to oauth2c.us.authz.cloudentity.io diff --git a/nixpkgs/pkgs/tools/security/openpgp-card-tools/default.nix b/nixpkgs/pkgs/tools/security/openpgp-card-tools/default.nix deleted file mode 100644 index 009807058661..000000000000 --- a/nixpkgs/pkgs/tools/security/openpgp-card-tools/default.nix +++ /dev/null @@ -1,43 +0,0 @@ -{ lib -, stdenv -, rustPlatform -, fetchFromGitea -, pkg-config -, pcsclite -, nettle -, PCSC -, testers -, openpgp-card-tools -}: - -rustPlatform.buildRustPackage rec { - pname = "openpgp-card-tools"; - version = "0.10.1"; - - src = fetchFromGitea { - domain = "codeberg.org"; - owner = "openpgp-card"; - repo = "openpgp-card-tools"; - rev = "v${version}"; - hash = "sha256-fasu2XElGk6TB2VNFg43rpa3ZafgGZga9WojyUiXj0k="; - }; - - cargoHash = "sha256-7OauQRG8DhIoANfel45QBm3igGjmtNw9KNAwt1TL5xg="; - - nativeBuildInputs = [ pkg-config rustPlatform.bindgenHook ]; - buildInputs = [ pcsclite nettle ] ++ lib.optionals stdenv.isDarwin [ PCSC ]; - - passthru = { - tests.version = testers.testVersion { - package = openpgp-card-tools; - }; - }; - - meta = with lib; { - description = "A tool for inspecting and configuring OpenPGP cards"; - homepage = "https://codeberg.org/openpgp-card/openpgp-card-tools"; - license = with licenses ;[ asl20 /* OR */ mit ]; - maintainers = with maintainers; [ nickcao ]; - mainProgram = "oct"; - }; -} diff --git a/nixpkgs/pkgs/tools/security/opensc/default.nix b/nixpkgs/pkgs/tools/security/opensc/default.nix index 8d8246028f7c..b767261b4e0a 100644 --- a/nixpkgs/pkgs/tools/security/opensc/default.nix +++ b/nixpkgs/pkgs/tools/security/opensc/default.nix @@ -1,6 +1,5 @@ { lib, stdenv, fetchFromGitHub, autoreconfHook, pkg-config, zlib, readline, openssl , libiconv, pcsclite, libassuan, libXt -, fetchpatch , docbook_xsl, libxslt, docbook_xml_dtd_412 , Carbon, PCSC, buildPackages , withApplePCSC ? stdenv.isDarwin diff --git a/nixpkgs/pkgs/tools/security/ospd-openvas/default.nix b/nixpkgs/pkgs/tools/security/ospd-openvas/default.nix index 9b20f221447e..f047958c2492 100644 --- a/nixpkgs/pkgs/tools/security/ospd-openvas/default.nix +++ b/nixpkgs/pkgs/tools/security/ospd-openvas/default.nix @@ -1,6 +1,7 @@ -{ lib -, fetchFromGitHub -, python3 +{ + lib, + fetchFromGitHub, + python3, }: python3.pkgs.buildPythonApplication rec { @@ -20,13 +21,9 @@ python3.pkgs.buildPythonApplication rec { "python-gnupg" ]; - build-system = with python3.pkgs; [ - poetry-core - ]; + build-system = with python3.pkgs; [ poetry-core ]; - nativeBuildInputs = with python3.pkgs; [ - pythonRelaxDepsHook - ]; + nativeBuildInputs = with python3.pkgs; [ pythonRelaxDepsHook ]; propagatedBuildInputs = with python3.pkgs; [ defusedxml @@ -40,13 +37,9 @@ python3.pkgs.buildPythonApplication rec { sentry-sdk ]; - nativeCheckInputs = with python3.pkgs; [ - pytestCheckHook - ]; + nativeCheckInputs = with python3.pkgs; [ pytestCheckHook ]; - pythonImportsCheck = [ - "ospd_openvas" - ]; + pythonImportsCheck = [ "ospd_openvas" ]; meta = with lib; { description = "OSP server implementation to allow GVM to remotely control an OpenVAS Scanner"; @@ -54,5 +47,6 @@ python3.pkgs.buildPythonApplication rec { changelog = "https://github.com/greenbone/ospd-openvas/releases/tag/v${version}"; license = licenses.agpl3Only; maintainers = with maintainers; [ fab ]; + platforms = platforms.linux; }; } diff --git a/nixpkgs/pkgs/tools/security/osv-scanner/default.nix b/nixpkgs/pkgs/tools/security/osv-scanner/default.nix index 3196ebe5706b..32be96f853e7 100644 --- a/nixpkgs/pkgs/tools/security/osv-scanner/default.nix +++ b/nixpkgs/pkgs/tools/security/osv-scanner/default.nix @@ -7,16 +7,16 @@ buildGoModule rec { pname = "osv-scanner"; - version = "1.7.3"; + version = "1.7.4"; src = fetchFromGitHub { owner = "google"; repo = "osv-scanner"; rev = "refs/tags/v${version}"; - hash = "sha256-tagTrjsYPT5csm841HvPbtUsbsaapS8JuHwsPTZWheA="; + hash = "sha256-Z5dRXVbisVoTeS/KVS2tnpaL0i9DMFZYu+vHGWQ1Mvc="; }; - vendorHash = "sha256-yu6qefmTiMRGeyOkiQVOtXQu3BGE2SBHerWNlDDlZxw="; + vendorHash = "sha256-6soB9XLh+ez+iGrnDYh1qrz94KQCoUJPiQA8Cv0oz+o="; subPackages = [ "cmd/osv-scanner" diff --git a/nixpkgs/pkgs/tools/security/pass/extensions/checkup.nix b/nixpkgs/pkgs/tools/security/pass/extensions/checkup.nix index b1cff6a20724..d275c19166f4 100644 --- a/nixpkgs/pkgs/tools/security/pass/extensions/checkup.nix +++ b/nixpkgs/pkgs/tools/security/pass/extensions/checkup.nix @@ -33,7 +33,7 @@ in stdenv.mkDerivation { ''; meta = with lib; { - description = "A pass extension to check against the Have I been pwned API to see if your passwords are publicly leaked or not"; + description = "Pass extension to check against the Have I been pwned API to see if your passwords are publicly leaked or not"; homepage = "https://github.com/etu/pass-checkup"; license = licenses.gpl3Plus; maintainers = with maintainers; [ etu ]; diff --git a/nixpkgs/pkgs/tools/security/pass/extensions/file.nix b/nixpkgs/pkgs/tools/security/pass/extensions/file.nix index 1c07e289ad28..962ab2bd2a40 100644 --- a/nixpkgs/pkgs/tools/security/pass/extensions/file.nix +++ b/nixpkgs/pkgs/tools/security/pass/extensions/file.nix @@ -14,7 +14,7 @@ stdenv.mkDerivation rec { installFlags = [ "PREFIX=$(out)" ]; meta = with lib; { - description = "A pass extension that allows to add files to password-store"; + description = "Pass extension that allows to add files to password-store"; homepage = "https://github.com/dvogt23/pass-file"; license = licenses.gpl3Plus; maintainers = with maintainers; [ taranarmo ]; diff --git a/nixpkgs/pkgs/tools/security/pass/extensions/import.nix b/nixpkgs/pkgs/tools/security/pass/extensions/import.nix index cbba33c1373a..badc58361d53 100644 --- a/nixpkgs/pkgs/tools/security/pass/extensions/import.nix +++ b/nixpkgs/pkgs/tools/security/pass/extensions/import.nix @@ -1,6 +1,5 @@ { lib -, fetchFromGitHub -, fetchpatch +, fetchurl , python3Packages , gnupg , pass @@ -8,30 +7,23 @@ python3Packages.buildPythonApplication rec { pname = "pass-import"; - version = "3.2"; + version = "3.5"; - src = fetchFromGitHub { - owner = "roddhjav"; - repo = "pass-import"; - rev = "v${version}"; - sha256 = "0hrpg7yiv50xmbajfy0zdilsyhbj5iv0qnlrgkfv99q1dvd5qy56"; + src = fetchurl { + url = "https://github.com/roddhjav/${pname}/releases/download/v${version}/${pname}-${version}.tar.gz"; + hash = "sha256-+wrff3OxPkAGu1Mn4Kl0KN4FmvIAb+MnaERcD5ScDNc="; }; - patches = [ - (fetchpatch { - name = "support-for-pykeepass-4.0.3.patch"; - url = "https://github.com/roddhjav/pass-import/commit/f1b167578916d971ee4f99be99ba0e86ef49015e.patch"; - hash = "sha256-u6bJbV3/QTfRaPauKSyCWNodpy6CKsreMXUZWKRbee0="; - }) - ]; - propagatedBuildInputs = with python3Packages; [ cryptography defusedxml + jsonpath-ng pyaml pykeepass python-magic # similar API to "file-magic", but already in nixpkgs. + requests secretstorage + zxcvbn ]; nativeCheckInputs = [ @@ -46,12 +38,12 @@ python3Packages.buildPythonApplication rec { postInstall = '' mkdir -p $out/lib/password-store/extensions - cp ${src}/import.bash $out/lib/password-store/extensions/import.bash + cp import.bash $out/lib/password-store/extensions/import.bash wrapProgram $out/lib/password-store/extensions/import.bash \ --prefix PATH : "${python3Packages.python.withPackages (_: propagatedBuildInputs)}/bin" \ --prefix PYTHONPATH : "$out/${python3Packages.python.sitePackages}" \ --run "export PREFIX" - cp -r ${src}/share $out/ + cp -r share $out/ ''; postCheck = '' diff --git a/nixpkgs/pkgs/tools/security/pass/extensions/otp.nix b/nixpkgs/pkgs/tools/security/pass/extensions/otp.nix index 15f075ccec40..87df97dcde72 100644 --- a/nixpkgs/pkgs/tools/security/pass/extensions/otp.nix +++ b/nixpkgs/pkgs/tools/security/pass/extensions/otp.nix @@ -24,7 +24,7 @@ stdenv.mkDerivation rec { ]; meta = with lib; { - description = "A pass extension for managing one-time-password (OTP) tokens"; + description = "Pass extension for managing one-time-password (OTP) tokens"; homepage = "https://github.com/tadfisher/pass-otp"; license = licenses.gpl3; maintainers = with maintainers; [ jwiegley tadfisher toonn ]; diff --git a/nixpkgs/pkgs/tools/security/pass/rofi-pass.nix b/nixpkgs/pkgs/tools/security/pass/rofi-pass.nix index 2c1e1ad5b7d2..bd2cdbfbbbab 100644 --- a/nixpkgs/pkgs/tools/security/pass/rofi-pass.nix +++ b/nixpkgs/pkgs/tools/security/pass/rofi-pass.nix @@ -29,13 +29,13 @@ assert lib.assertOneOf "backend" backend [ "x11" "wayland" ]; stdenv.mkDerivation { pname = "rofi-pass"; - version = "2.0.2-unstable-2024-02-13"; + version = "2.0.2-unstable-2024-06-16"; src = fetchFromGitHub { owner = "carnager"; repo = "rofi-pass"; - rev = "8aa6b9293a8f0af267425326fa966966ca42085e"; - hash = "sha256-g/AuLYj0yvLCXFR3y9GbMiE6hDCPBeuFM145c2Ukvys="; + rev = "37c4c862deb133a85b7d72989acfdbd2ef16b8ad"; + hash = "sha256-1lPNj47vTPLBK7mVm+PngV8C/ZsjJ2EN4ffXGU2TlQo="; }; nativeBuildInputs = [ makeWrapper ]; @@ -83,7 +83,7 @@ stdenv.mkDerivation { passthru.updateScript = unstableGitUpdater { }; meta = { - description = "A script to make rofi work with password-store"; + description = "Script to make rofi work with password-store"; mainProgram = "rofi-pass"; homepage = "https://github.com/carnager/rofi-pass"; license = lib.licenses.gpl3; diff --git a/nixpkgs/pkgs/tools/security/pass/wofi-pass.nix b/nixpkgs/pkgs/tools/security/pass/wofi-pass.nix index 9db6a7ffda35..ef48f335b5fd 100644 --- a/nixpkgs/pkgs/tools/security/pass/wofi-pass.nix +++ b/nixpkgs/pkgs/tools/security/pass/wofi-pass.nix @@ -55,7 +55,7 @@ stdenv.mkDerivation rec { ''; meta = { - description = "A script to make wofi work with password-store"; + description = "Script to make wofi work with password-store"; homepage = "https://github.com/schmidtandreas/wofi-pass"; maintainers = with lib.maintainers; [ akechishiro ]; license = lib.licenses.gpl2Plus; diff --git a/nixpkgs/pkgs/tools/security/pass2csv/default.nix b/nixpkgs/pkgs/tools/security/pass2csv/default.nix index 101af2e7aa94..7071ad9fb219 100644 --- a/nixpkgs/pkgs/tools/security/pass2csv/default.nix +++ b/nixpkgs/pkgs/tools/security/pass2csv/default.nix @@ -27,7 +27,7 @@ buildPythonApplication rec { doCheck = false; meta = with lib; { - description = "Export pass(1), \"the standard unix password manager\", to CSV"; + description = "Export pass(1), \"Standard unix password manager\", to CSV"; mainProgram = "pass2csv"; homepage = "https://github.com/reinefjord/pass2csv"; license = licenses.mit; diff --git a/nixpkgs/pkgs/tools/security/pgpdump/default.nix b/nixpkgs/pkgs/tools/security/pgpdump/default.nix index 31a1c506f329..5a9b0d276e0c 100644 --- a/nixpkgs/pkgs/tools/security/pgpdump/default.nix +++ b/nixpkgs/pkgs/tools/security/pgpdump/default.nix @@ -16,7 +16,7 @@ stdenv.mkDerivation rec { buildInputs = lib.optionals supportCompressedPackets [ zlib bzip2 ]; meta = with lib; { - description = "A PGP packet visualizer"; + description = "PGP packet visualizer"; mainProgram = "pgpdump"; longDescription = '' pgpdump is a PGP packet visualizer which displays the packet format of diff --git a/nixpkgs/pkgs/tools/security/phrasendrescher/default.nix b/nixpkgs/pkgs/tools/security/phrasendrescher/default.nix index d4f7242b2896..2f6017fd10ec 100644 --- a/nixpkgs/pkgs/tools/security/phrasendrescher/default.nix +++ b/nixpkgs/pkgs/tools/security/phrasendrescher/default.nix @@ -19,7 +19,7 @@ stdenv.mkDerivation rec { configureFlags = [ "--with-plugins" ]; meta = with lib; { - description = "A modular and multi processing pass phrase cracking tool"; + description = "Modular and multi processing pass phrase cracking tool"; homepage = "https://leidecker.info/projects/phrasendrescher/index.shtml"; license = licenses.gpl2Plus; platforms = platforms.all; diff --git a/nixpkgs/pkgs/tools/security/pinentry/default.nix b/nixpkgs/pkgs/tools/security/pinentry/default.nix index 756b2a67565a..bdbbd55e9607 100644 --- a/nixpkgs/pkgs/tools/security/pinentry/default.nix +++ b/nixpkgs/pkgs/tools/security/pinentry/default.nix @@ -1,23 +1,27 @@ -{ stdenv -, lib -, fetchurl -, fetchpatch -, pkg-config -, autoreconfHook -, wrapGAppsHook3 -, libgpg-error -, libassuan -, libsForQt5 -, ncurses -, gtk2 -, gcr -, withLibsecret ? true -, libsecret +{ + stdenv, + lib, + fetchurl, + fetchpatch, + pkg-config, + autoreconfHook, + wrapGAppsHook3, + libgpg-error, + libassuan, + libsForQt5, + qt6, + ncurses, + gtk2, + gcr, + withLibsecret ? true, + libsecret, }: let flavorInfo = { - tty = { flag = "tty"; }; + tty = { + flag = "tty"; + }; curses = { flag = "curses"; buildInputs = [ ncurses ]; @@ -31,52 +35,70 @@ let buildInputs = [ gcr ]; nativeBuildInputs = [ wrapGAppsHook3 ]; }; + qt5 = { + flag = "qt5"; + buildInputs = [ + libsForQt5.qtbase + libsForQt5.kwayland + libsForQt5.qtx11extras + ]; + nativeBuildInputs = [ libsForQt5.wrapQtAppsHook ]; + }; qt = { flag = "qt"; - buildInputs = [ libsForQt5.qtbase ]; - nativeBuildInputs = [ libsForQt5.wrapQtAppsHook ]; + buildInputs = [ + qt6.qtbase + qt6.qtwayland + ]; + nativeBuildInputs = [ qt6.wrapQtAppsHook ]; + }; + emacs = { + flag = "emacs"; }; - emacs = { flag = "emacs"; }; }; - buildPinentry = pinentryExtraPname: buildFlavors: + buildPinentry = + pinentryExtraPname: buildFlavors: let - enableFeaturePinentry = f: - lib.enableFeature (lib.elem f buildFlavors) ("pinentry-" + flavorInfo.${f}.flag); + enableFeaturePinentry = + f: lib.enableFeature (lib.elem f buildFlavors) ("pinentry-" + flavorInfo.${f}.flag); pinentryMkDerivation = - if (lib.elem "qt" buildFlavors) - then libsForQt5.mkDerivation - else stdenv.mkDerivation; - + if (lib.elem "qt5" buildFlavors) then libsForQt5.mkDerivation else stdenv.mkDerivation; in pinentryMkDerivation rec { pname = "pinentry-${pinentryExtraPname}"; - version = "1.2.1"; + version = "1.3.0"; src = fetchurl { url = "mirror://gnupg/pinentry/pinentry-${version}.tar.bz2"; - hash = "sha256-RXoYXlqFI4+5RalV3GNSq5YtyLSHILYvyfpIx1QKQGc="; + hash = "sha256-mzzVIm51l/L97TmaO8ZZkjNRU2VZ6dsIJpgbyjFklN4="; }; - nativeBuildInputs = [ pkg-config autoreconfHook ] - ++ lib.concatMap (f: flavorInfo.${f}.nativeBuildInputs or [ ]) buildFlavors; + nativeBuildInputs = [ + pkg-config + autoreconfHook + ] ++ lib.concatMap (f: flavorInfo.${f}.nativeBuildInputs or [ ]) buildFlavors; - buildInputs = [ libgpg-error libassuan ] + buildInputs = + [ + libgpg-error + libassuan + ] ++ lib.optional withLibsecret libsecret ++ lib.concatMap (f: flavorInfo.${f}.buildInputs or [ ]) buildFlavors; dontWrapGApps = true; dontWrapQtApps = true; - patches = [ - ./autoconf-ar.patch - ] ++ lib.optionals (lib.elem "gtk2" buildFlavors) [ - (fetchpatch { - url = "https://salsa.debian.org/debian/pinentry/raw/debian/1.1.0-1/debian/patches/0007-gtk2-When-X11-input-grabbing-fails-try-again-over-0..patch"; - sha256 = "15r1axby3fdlzz9wg5zx7miv7gqx2jy4immaw4xmmw5skiifnhfd"; - }) - ]; + patches = + [ ./autoconf-ar.patch ] + ++ lib.optionals (lib.elem "gtk2" buildFlavors) [ + (fetchpatch { + url = "https://salsa.debian.org/debian/pinentry/raw/debian/1.1.0-1/debian/patches/0007-gtk2-When-X11-input-grabbing-fails-try-again-over-0..patch"; + sha256 = "15r1axby3fdlzz9wg5zx7miv7gqx2jy4immaw4xmmw5skiifnhfd"; + }) + ]; configureFlags = [ "--with-libgpg-error-prefix=${libgpg-error.dev}" @@ -87,35 +109,76 @@ let postInstall = lib.optionalString (lib.elem "gnome3" buildFlavors) '' wrapGApp $out/bin/pinentry-gnome3 - '' + lib.optionalString (lib.elem "qt" buildFlavors) '' + '' + + lib.optionalString (lib.elem "qt5" buildFlavors) '' + wrapQtApp $out/bin/pinentry-qt5 + ln -sf $out/bin/pinentry-qt5 $out/bin/pinentry-qt + '' + + lib.optionalString (lib.elem "qt" buildFlavors) '' wrapQtApp $out/bin/pinentry-qt ''; - passthru = { flavors = buildFlavors; }; + passthru = { + flavors = buildFlavors; + }; - meta = with lib; { + meta = { homepage = "https://gnupg.org/software/pinentry/index.html"; description = "GnuPG’s interface to passphrase input"; - license = licenses.gpl2Plus; + license = lib.licenses.gpl2Plus; platforms = - if elem "gnome3" buildFlavors then platforms.linux else - if elem "qt" buildFlavors then (remove "aarch64-darwin" platforms.all) else - platforms.all; + if lib.elem "gnome3" buildFlavors then + lib.platforms.linux + else if (lib.elem "qt5" buildFlavors || lib.elem "qt" buildFlavors) then + (lib.remove "aarch64-darwin" lib.platforms.all) + else + lib.platforms.all; longDescription = '' Pinentry provides a console and (optional) GTK and Qt GUIs allowing users to enter a passphrase when `gpg` or `gpg2` is run and needs it. ''; - maintainers = with maintainers; [ fpletz ]; + maintainers = with lib.maintainers; [ fpletz ]; mainProgram = "pinentry"; }; }; in { - pinentry-curses = buildPinentry "curses" [ "curses" "tty" ]; - pinentry-emacs = buildPinentry "emacs" [ "emacs" "curses" "tty" ]; - pinentry-gnome3 = buildPinentry "gnome3" [ "gnome3" "curses" "tty" ]; - pinentry-gtk2 = buildPinentry "gtk2" [ "gtk2" "curses" "tty" ]; - pinentry-qt = buildPinentry "qt" [ "qt" "curses" "tty" ]; + pinentry-curses = buildPinentry "curses" [ + "curses" + "tty" + ]; + pinentry-emacs = buildPinentry "emacs" [ + "emacs" + "curses" + "tty" + ]; + pinentry-gnome3 = buildPinentry "gnome3" [ + "gnome3" + "curses" + "tty" + ]; + pinentry-gtk2 = buildPinentry "gtk2" [ + "gtk2" + "curses" + "tty" + ]; + pinentry-qt5 = buildPinentry "qt5" [ + "qt5" + "curses" + "tty" + ]; + pinentry-qt = buildPinentry "qt" [ + "qt" + "curses" + "tty" + ]; pinentry-tty = buildPinentry "tty" [ "tty" ]; - pinentry-all = buildPinentry "all" [ "curses" "tty" "gtk2" "gnome3" "qt" "emacs" ]; + pinentry-all = buildPinentry "all" [ + "curses" + "tty" + "gtk2" + "gnome3" + "qt" + "emacs" + ]; } diff --git a/nixpkgs/pkgs/tools/security/plasma-pass/default.nix b/nixpkgs/pkgs/tools/security/plasma-pass/default.nix index 9475b2a4a099..a2b0816dc238 100644 --- a/nixpkgs/pkgs/tools/security/plasma-pass/default.nix +++ b/nixpkgs/pkgs/tools/security/plasma-pass/default.nix @@ -31,7 +31,7 @@ mkDerivation rec { nativeBuildInputs = [ cmake extra-cmake-modules ]; meta = with lib; { - description = "A Plasma applet to access passwords from pass, the standard UNIX password manager"; + description = "Plasma applet to access passwords from pass, the standard UNIX password manager"; homepage = "https://invent.kde.org/plasma/plasma-pass"; license = licenses.lgpl21Plus; maintainers = with maintainers; [ matthiasbeyer ]; diff --git a/nixpkgs/pkgs/tools/security/please/default.nix b/nixpkgs/pkgs/tools/security/please/default.nix index 2ecbc9ab3035..822cdb54cfd3 100644 --- a/nixpkgs/pkgs/tools/security/please/default.nix +++ b/nixpkgs/pkgs/tools/security/please/default.nix @@ -35,7 +35,7 @@ rustPlatform.buildRustPackage rec { passthru.tests = { inherit (nixosTests) please; }; meta = with lib; { - description = "A polite regex-first sudo alternative"; + description = "Polite regex-first sudo alternative"; longDescription = '' Delegate accurate least privilege access with ease. Express easily with a regex and expose only what is needed and nothing more. Or validate file diff --git a/nixpkgs/pkgs/tools/security/polkit-gnome/default.nix b/nixpkgs/pkgs/tools/security/polkit-gnome/default.nix deleted file mode 100644 index e0d57d9bde23..000000000000 --- a/nixpkgs/pkgs/tools/security/polkit-gnome/default.nix +++ /dev/null @@ -1,29 +0,0 @@ -{ lib, stdenv, fetchurl, polkit, gtk3, pkg-config, intltool }: -stdenv.mkDerivation rec { - pname = "polkit-gnome"; - version = "0.105"; - - src = fetchurl { - url = "mirror://gnome/sources/polkit-gnome/${version}/${pname}-${version}.tar.xz"; - sha256 = "0sckmcbxyj6sbrnfc5p5lnw27ccghsid6v6wxq09mgxqcd4lk10p"; - }; - - buildInputs = [ polkit gtk3 ]; - nativeBuildInputs = [ pkg-config intltool ]; - - configureFlags = [ "--disable-introspection" ]; - - # Desktop file from Debian - postInstall = '' - mkdir -p $out/etc/xdg/autostart - substituteAll ${./polkit-gnome-authentication-agent-1.desktop} $out/etc/xdg/autostart/polkit-gnome-authentication-agent-1.desktop - ''; - - meta = { - homepage = "https://gitlab.gnome.org/Archive/policykit-gnome"; - description = "A dbus session bus service that is used to bring up authentication dialogs"; - license = lib.licenses.lgpl2Plus; - maintainers = with lib.maintainers; [ ]; - platforms = lib.platforms.linux; - }; -} diff --git a/nixpkgs/pkgs/tools/security/polkit-gnome/polkit-gnome-authentication-agent-1.desktop b/nixpkgs/pkgs/tools/security/polkit-gnome/polkit-gnome-authentication-agent-1.desktop deleted file mode 100644 index 5ddda50cb015..000000000000 --- a/nixpkgs/pkgs/tools/security/polkit-gnome/polkit-gnome-authentication-agent-1.desktop +++ /dev/null @@ -1,88 +0,0 @@ -[Desktop Entry] -Name=PolicyKit Authentication Agent -Name[ar]=مدير الاستيثاق PolicyKit -Name[be]=PolicyKit - аґент аўтэнтыфікацыі -Name[bn_IN]=PolicyKit অনুমোদনের এজেন্ট -Name[ca]=Agent d'autenticació del PolicyKit -Name[cs]=Ověřovací agent PolicyKit -Name[da]=Godkendelsesprogrammet PolicyKit -Name[de]=Legitimationsdienst von PolicyKit -Name[el]=Πράκτορας πιστοποίησης PolicyKit -Name[en_GB]=PolicyKit Authentication Agent -Name[es]=Agente de autenticación de PolicyKit -Name[eu]=PolicyKit autentifikatzeko agentea -Name[fi]=PolicytKit-tunnistautumisohjelma -Name[fr]=Agent d'authentification de PolicyKit -Name[gl]=Axente de autenticación PolicyKit -Name[gu]=PolicyKit સત્તાધિકરણ એજન્ટ -Name[hi]=PolicyKit प्रमाणीकरण प्रतिनिधि -Name[hu]=PolicyKit hitelesítési ügynök -Name[it]=Agente di autenticazione per PolicyKit -Name[ja]=PolicyKit 認証エージェント -Name[kn]=PolicyKit ದೃಢೀಕರಣ ಮಧ್ಯವರ್ತಿ -Name[lt]=PolicyKit tapatybės nustatymo agentas -Name[ml]=പോളിസിക്കിറ്റ് ഓഥന്റിക്കേഷന് ഏജന്റ് -Name[mr]=PolicyKit ऑथेंटीकेशन एजेंट -Name[or]=PolicyKit ବୈଧିକରଣ ସଦସ୍ୟ -Name[pa]=ਪਾਲਸੀਕਿੱਟ ਪਰਮਾਣਕਿਤਾ ਏਜੰਟ -Name[pl]=Agent uwierzytelniania PolicyKit -Name[pt]=Agente de Autenticação PolicyKit -Name[pt_BR]=Agente de autenticação PolicyKit -Name[ro]=Agent de autentificare PolicyKit -Name[sk]=Agent PolicyKit na overovanie totožnosti -Name[sl]=PolicyKit program overjanja -Name[sv]=Autentiseringsagent för PolicyKit -Name[ta]=PolicyKit அங்கீகார முகவர் -Name[te]=పాలసీకిట్ ధృవీకరణ ప్రతినిధి -Name[th]=ตัวกลางสำหรับยืนยันตัวบุคคล PolicyKit -Name[uk]=Агент автентифікації PolicyKit -Name[zh_CN]=PolicyKit 认证代理 -Name[zh_HK]=PolicyKit 驗證代理程式 -Name[zh_TW]=PolicyKit 驗證代理程式 -Comment=PolicyKit Authentication Agent -Comment[ar]=مدير الاستيثاق PolicyKit -Comment[be]=PolicyKit - аґент аўтэнтыфікацыі -Comment[bn_IN]=PolicyKit অনুমোদনের এজেন্ট -Comment[ca]=Agent d'autenticació del PolicyKit -Comment[cs]=Ověřovací agent PolicyKit -Comment[da]=Godkendelsesprogrammet PolicyKit -Comment[de]=Legitimationsdienst von PolicyKit -Comment[el]=Πράκτορας πιστοποίησης PolicyKit -Comment[en_GB]=PolicyKit Authentication Agent -Comment[es]=Agente de autenticación de PolicyKit -Comment[eu]=PolicyKit autentifikatzeko agentea -Comment[fi]=PolicytKit-tunnistautumisohjelma -Comment[fr]=Agent d'authentification de PolicyKit -Comment[gl]=Axente de autenticación PolicyKit -Comment[gu]=PolicyKit સત્તાધિકરણ એજન્ટ -Comment[hi]=PolicyKit प्रमाणीकरण प्रतिनिधि -Comment[hu]=PolicyKit hitelesítési ügynök -Comment[it]=Agente di autenticazione per PolicyKit -Comment[ja]=PolicyKit 認証エージェント -Comment[kn]=PolicyKit ದೃಢೀಕರಣ ಮಧ್ಯವರ್ತಿ -Comment[lt]=PolicyKit tapatybės nustatymo agentas -Comment[ml]=പോളിസിക്കിറ്റ് ഓഥന്റിക്കേഷന് ഏജന്റ് -Comment[mr]=PolicyKit ऑथेंटीकेशन एजेंट -Comment[or]=PolicyKit ବୈଧିକରଣ ସଦସ୍ୟ -Comment[pa]=ਪਾਲਸੀਕਿੱਟ ਪਰਮਾਣਕਿਤਾ ਏਜੰਟ -Comment[pl]=Agent uwierzytelniania PolicyKit -Comment[pt]=Agente de Autenticação PolicyKit -Comment[pt_BR]=Agente de autenticação PolicyKit -Comment[ro]=Agent de autentificare PolicyKit -Comment[sk]=Agent PolicyKit na overovanie totožnosti -Comment[sl]=PolicyKit program overjanja -Comment[sv]=Autentiseringsagent för PolicyKit -Comment[ta]=PolicyKit அங்கீகார முகவர் -Comment[te]=పాలసీకిట్ ధృవీకరణ ప్రతినిధి -Comment[th]=ตัวกลางสำหรับยืนยันตัวบุคคล PolicyKit -Comment[uk]=Агент автентифікації PolicyKit -Comment[zh_CN]=PolicyKit 认证代理 -Comment[zh_HK]=PolicyKit 驗證代理程式 -Comment[zh_TW]=PolicyKit 驗證代理程式 -Exec=@out@/libexec/polkit-gnome-authentication-agent-1 -Terminal=false -Type=Application -Categories= -NoDisplay=true -OnlyShowIn=GNOME;XFCE;Unity; -AutostartCondition=GNOME3 unless-session gnome diff --git a/nixpkgs/pkgs/tools/security/proxmark3/default.nix b/nixpkgs/pkgs/tools/security/proxmark3/default.nix index ee37f938b5d9..94d9d76b9288 100644 --- a/nixpkgs/pkgs/tools/security/proxmark3/default.nix +++ b/nixpkgs/pkgs/tools/security/proxmark3/default.nix @@ -26,13 +26,13 @@ assert withBlueshark -> stdenv.hostPlatform.isLinux; stdenv.mkDerivation (finalAttrs: { pname = "proxmark3"; - version = "4.18341"; + version = "4.18589"; src = fetchFromGitHub { owner = "RfidResearchGroup"; repo = "proxmark3"; rev = "v${finalAttrs.version}"; - hash = "sha256-YeBrrzCiDgl4WdhWYatm9sOAtBAECIv/f+OzB/RTdeg="; + hash = "sha256-e/FoyaHU/uH2yovEqtkrCXwHMlF94Acxl2lUA422Pig="; }; patches = [ diff --git a/nixpkgs/pkgs/tools/security/quark-engine/default.nix b/nixpkgs/pkgs/tools/security/quark-engine/default.nix index 58236cc8b30a..c01704d0add6 100644 --- a/nixpkgs/pkgs/tools/security/quark-engine/default.nix +++ b/nixpkgs/pkgs/tools/security/quark-engine/default.nix @@ -7,14 +7,14 @@ python3.pkgs.buildPythonApplication rec { pname = "quark-engine"; - version = "24.5.1"; + version = "24.6.1"; pyproject = true; src = fetchFromGitHub { owner = "quark-engine"; repo = "quark-engine"; rev = "refs/tags/v${version}"; - hash = "sha256-W1UeTiyyYZzxu3XQ/6VkTvEyqPWl1Du6QutuoPhaSfs="; + hash = "sha256-DDtDNa/QZ5n5ASN6Fu/nnVEQ/9Vu5HSKXKvbrg6Bsjs="; }; build-system = with python3.pkgs; [ setuptools ]; diff --git a/nixpkgs/pkgs/tools/security/radamsa/default.nix b/nixpkgs/pkgs/tools/security/radamsa/default.nix index 1903b435b770..e619a248137c 100644 --- a/nixpkgs/pkgs/tools/security/radamsa/default.nix +++ b/nixpkgs/pkgs/tools/security/radamsa/default.nix @@ -34,7 +34,7 @@ stdenv.mkDerivation rec { doCheck = true; meta = { - description = "A general purpose fuzzer"; + description = "General purpose fuzzer"; mainProgram = "radamsa"; longDescription = "Radamsa is a general purpose data fuzzer. It reads data from given sample files, or standard input if none are given, and outputs modified data. It is usually used to generate malformed data for testing programs."; homepage = "https://gitlab.com/akihe/radamsa"; diff --git a/nixpkgs/pkgs/tools/security/rblake2sum/default.nix b/nixpkgs/pkgs/tools/security/rblake2sum/default.nix index 8f2a86836356..9052ffb68a96 100644 --- a/nixpkgs/pkgs/tools/security/rblake2sum/default.nix +++ b/nixpkgs/pkgs/tools/security/rblake2sum/default.nix @@ -20,7 +20,7 @@ rustPlatform.buildRustPackage { buildInputs = lib.optionals stdenv.isDarwin [ Security ]; meta = with lib; { - description = "A recursive blake2 digest (hash) of a file-system path"; + description = "Recursive blake2 digest (hash) of a file-system path"; homepage = "https://github.com/crev-dev/rblake2sum"; license = [ licenses.mit ]; maintainers = with maintainers; [ dpc ]; diff --git a/nixpkgs/pkgs/tools/security/rblake3sum/default.nix b/nixpkgs/pkgs/tools/security/rblake3sum/default.nix index 341dcd06fb6a..62f290cdf320 100644 --- a/nixpkgs/pkgs/tools/security/rblake3sum/default.nix +++ b/nixpkgs/pkgs/tools/security/rblake3sum/default.nix @@ -20,7 +20,7 @@ rustPlatform.buildRustPackage { buildInputs = lib.optionals stdenv.isDarwin [ Security ]; meta = with lib; { - description = "A recursive blake3 digest (hash) of a file-system path"; + description = "Recursive blake3 digest (hash) of a file-system path"; homepage = "https://github.com/rustshop/rblake3sum"; license = [ licenses.mit ]; maintainers = with maintainers; [ dpc ]; diff --git a/nixpkgs/pkgs/tools/security/rbw/default.nix b/nixpkgs/pkgs/tools/security/rbw/default.nix index 177ec8d35e41..596257f90c9e 100644 --- a/nixpkgs/pkgs/tools/security/rbw/default.nix +++ b/nixpkgs/pkgs/tools/security/rbw/default.nix @@ -25,14 +25,14 @@ rustPlatform.buildRustPackage rec { pname = "rbw"; - version = "1.10.1"; + version = "1.10.2"; src = fetchzip { url = "https://git.tozt.net/rbw/snapshot/rbw-${version}.tar.gz"; - hash = "sha256-56QlWVEx6bWxQz3u/s9+bXsGVPSDaDEdFNj4nVw0SLY="; + hash = "sha256-ScVXtNk2QtfAQn6PtQkbDJNLWAu49l55s6Zpf1fiVjM="; }; - cargoHash = "sha256-mQrplqu9yiCTwsiChGPjfLDx3dZTofmrp+ouDFuwYO8="; + cargoHash = "sha256-ii0401TTDm1ySRGOcSmPts/10wTguxsx8h7wA4FsgQk="; nativeBuildInputs = [ installShellFiles diff --git a/nixpkgs/pkgs/tools/security/rhash/default.nix b/nixpkgs/pkgs/tools/security/rhash/default.nix index e789eeba0539..cdad16bb4b43 100644 --- a/nixpkgs/pkgs/tools/security/rhash/default.nix +++ b/nixpkgs/pkgs/tools/security/rhash/default.nix @@ -3,6 +3,7 @@ , fetchFromGitHub , which , enableStatic ? stdenv.hostPlatform.isStatic +, gettext }: stdenv.mkDerivation rec { @@ -16,7 +17,10 @@ stdenv.mkDerivation rec { sha256 = "sha256-3CW41ULdXoID4cOgrcG2j85tgIJ/sz5hU7A83qpuxf4="; }; + patches = [ ./dont-fail-ln.patch ./do-link-so.patch ]; + nativeBuildInputs = [ which ]; + buildInputs = lib.optionals stdenv.hostPlatform.isFreeBSD [ gettext ]; # configure script is not autotools-based, doesn't support these options dontAddStaticConfigureFlags = true; diff --git a/nixpkgs/pkgs/tools/security/rhash/do-link-so.patch b/nixpkgs/pkgs/tools/security/rhash/do-link-so.patch new file mode 100644 index 000000000000..d75df2d048cd --- /dev/null +++ b/nixpkgs/pkgs/tools/security/rhash/do-link-so.patch @@ -0,0 +1,22 @@ +From b8c91ea6551e99e10352386cd46ea26973bb4a4d Mon Sep 17 00:00:00 2001 +From: Aleksey Kravchenko <rhash.admin@gmail.com> +Date: Mon, 11 Sep 2023 03:49:20 +0300 +Subject: [PATCH] Fix #238: Build on Unix + +--- + librhash/Makefile | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/librhash/Makefile b/librhash/Makefile +index e8ee862..34f1263 100644 +--- a/librhash/Makefile ++++ b/librhash/Makefile +@@ -27,7 +27,7 @@ install-lib-static: $(LIBRHASH_STATIC) + install-lib-shared: $(LIBRHASH_SHARED) $(EXTRA_INSTALL_LIBSHARED) + $(INSTALL) -d $(SO_DIR) + $(INSTALL_SHARED) $(LIBRHASH_SHARED) $(SO_DIR)/ +- test "x$(LIBRHASH_SO_MAJ)" != "x$(LIBRHASH_SHARED)" || ( \ ++ test "x$(LIBRHASH_SO_MAJ)" = "x$(LIBRHASH_SHARED)" || ( \ + rm -f $(LIBDIR)/$(LIBRHASH_SO_MAJ) && \ + ln -s $(LIBRHASH_SHARED) $(LIBDIR)/$(LIBRHASH_SO_MAJ) ) + diff --git a/nixpkgs/pkgs/tools/security/rhash/dont-fail-ln.patch b/nixpkgs/pkgs/tools/security/rhash/dont-fail-ln.patch new file mode 100644 index 000000000000..7703db5feb24 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/rhash/dont-fail-ln.patch @@ -0,0 +1,59 @@ +From 9ef90b958b7ae50aeeb5c269468034d73d6e2efe Mon Sep 17 00:00:00 2001 +From: Aleksey Kravchenko <rhash.admin@gmail.com> +Date: Mon, 31 Jul 2023 02:48:15 +0300 +Subject: [PATCH] Fix #238: Build on *BSD + +--- + configure | 3 ++- + librhash/Makefile | 8 ++++---- + 2 files changed, 6 insertions(+), 5 deletions(-) + +diff --git a/configure b/configure +index dae76d5..39ef8c1 100755 +--- a/configure ++++ b/configure +@@ -567,6 +567,7 @@ qnx() { test "$OS_LC" = "qnx"; } + sunos() { test "$OS_LC" = "sunos"; } + wine() { test "$OS_LC" = "wine"; } + win32() { cygwin || mingw32 || mingw64 || msys || wine; } ++bsd() { dragonfly || freebsd || netbsd || openbsd ; } + posix_make() { aix || bsdos || hpux || irix || qnx || sunos; } + + ##################################################################### +@@ -713,7 +714,7 @@ if win32; then + elif darwin; then + SHARED_EXT=".${RHASH_VERSION_MAJOR}.dylib" + SOLINK_EXT=".dylib" +-elif linux; then ++elif linux || bsd; then + # use the full library version for the library file extension + SHARED_EXT=".so.${RHASH_VERSION}" + fi +diff --git a/librhash/Makefile b/librhash/Makefile +index d48e06e..e8ee862 100644 +--- a/librhash/Makefile ++++ b/librhash/Makefile +@@ -27,9 +27,9 @@ install-lib-static: $(LIBRHASH_STATIC) + install-lib-shared: $(LIBRHASH_SHARED) $(EXTRA_INSTALL_LIBSHARED) + $(INSTALL) -d $(SO_DIR) + $(INSTALL_SHARED) $(LIBRHASH_SHARED) $(SO_DIR)/ +- test "x$(LIBRHASH_SO_MAJ)" != "x$(LIBRHASH_SHARED)" && \ ++ test "x$(LIBRHASH_SO_MAJ)" != "x$(LIBRHASH_SHARED)" || ( \ + rm -f $(LIBDIR)/$(LIBRHASH_SO_MAJ) && \ +- ln -s $(LIBRHASH_SHARED) $(LIBDIR)/$(LIBRHASH_SO_MAJ) ++ ln -s $(LIBRHASH_SHARED) $(LIBDIR)/$(LIBRHASH_SO_MAJ) ) + + install-implib: + $(INSTALL) -d $(LIBDIR) +@@ -175,9 +175,9 @@ $(EXPORTS_FILE): $(LIB_HEADERS) + $(LIB_HEADERS) | grep -v "$(EXPORTS_SKIP)" > $@ + + $(LIBRHASH_SOLINK): +- test "x$(LIBRHASH_SO_MAJ)" != "x$(LIBRHASH_SHARED)" && \ ++ test "x$(LIBRHASH_SO_MAJ)" = "x$(LIBRHASH_SHARED)" || ( \ + rm -f $(LIBRHASH_SO_MAJ) && \ +- ln -s $(LIBRHASH_SHARED) $(LIBRHASH_SO_MAJ) ++ ln -s $(LIBRHASH_SHARED) $(LIBRHASH_SO_MAJ) ) + rm -f $(LIBRHASH_SOLINK) + ln -s $(LIBRHASH_SO_MAJ) $(LIBRHASH_SOLINK) + diff --git a/nixpkgs/pkgs/tools/security/ripasso/cursive.nix b/nixpkgs/pkgs/tools/security/ripasso/cursive.nix index faef4dbff48a..ac4f176950df 100644 --- a/nixpkgs/pkgs/tools/security/ripasso/cursive.nix +++ b/nixpkgs/pkgs/tools/security/ripasso/cursive.nix @@ -72,7 +72,7 @@ rustPlatform.buildRustPackage rec { ''; meta = with lib; { - description = "A simple password manager written in Rust"; + description = "Simple password manager written in Rust"; mainProgram = "ripasso-cursive"; homepage = "https://github.com/cortex/ripasso"; license = licenses.gpl3; diff --git a/nixpkgs/pkgs/tools/security/rng-tools/default.nix b/nixpkgs/pkgs/tools/security/rng-tools/default.nix index a5470f05613b..f17615eaa1dd 100644 --- a/nixpkgs/pkgs/tools/security/rng-tools/default.nix +++ b/nixpkgs/pkgs/tools/security/rng-tools/default.nix @@ -19,13 +19,13 @@ stdenv.mkDerivation rec { pname = "rng-tools"; - version = "6.16"; + version = "6.17"; src = fetchFromGitHub { owner = "nhorman"; repo = pname; rev = "v${version}"; - hash = "sha256-9pXQhG2nbu6bq4BnBgEOyyUBNkQTI5RhWmJIoLtFU+c="; + hash = "sha256-wqJvLvxmNG2nb5P525w25Y8byUUJi24QIHNJomCKeG8="; }; nativeBuildInputs = [ autoreconfHook libtool pkg-config ]; @@ -77,7 +77,7 @@ stdenv.mkDerivation rec { ''; meta = with lib; { - description = "A random number generator daemon"; + description = "Random number generator daemon"; homepage = "https://github.com/nhorman/rng-tools"; changelog = "https://github.com/nhorman/rng-tools/releases/tag/v${version}"; license = licenses.gpl2Plus; diff --git a/nixpkgs/pkgs/tools/security/ronin/default.nix b/nixpkgs/pkgs/tools/security/ronin/default.nix index 1bf98ae9eafc..ab9ec0cda4c9 100644 --- a/nixpkgs/pkgs/tools/security/ronin/default.nix +++ b/nixpkgs/pkgs/tools/security/ronin/default.nix @@ -23,7 +23,7 @@ bundlerEnv { passthru.updateScript = bundlerUpdateScript "ronin"; meta = with lib; { - description = "A free and Open Source Ruby toolkit for security research and development"; + description = "Free and Open Source Ruby toolkit for security research and development"; homepage = "https://ronin-rb.dev"; license = licenses.gpl3Plus; maintainers = with maintainers; [ Ch1keen ]; diff --git a/nixpkgs/pkgs/tools/security/rsign2/default.nix b/nixpkgs/pkgs/tools/security/rsign2/default.nix index 86f2d6d84338..10a526a7b2cb 100644 --- a/nixpkgs/pkgs/tools/security/rsign2/default.nix +++ b/nixpkgs/pkgs/tools/security/rsign2/default.nix @@ -15,7 +15,7 @@ rustPlatform.buildRustPackage rec { cargoHash = "sha256-xqNFJFNV9mIVxzyQvhv5QwHVcXLuH76VYFAsgp5hW+w="; meta = with lib; { - description = "A command-line tool to sign files and verify signatures"; + description = "Command-line tool to sign files and verify signatures"; homepage = "https://github.com/jedisct1/rsign2"; license = licenses.mit; maintainers = with maintainers; [ figsoda ]; diff --git a/nixpkgs/pkgs/tools/security/ruler/default.nix b/nixpkgs/pkgs/tools/security/ruler/default.nix index 6389c0eac041..fe63a7307280 100644 --- a/nixpkgs/pkgs/tools/security/ruler/default.nix +++ b/nixpkgs/pkgs/tools/security/ruler/default.nix @@ -1,6 +1,7 @@ -{ lib -, buildGoModule -, fetchFromGitHub +{ + lib, + buildGoModule, + fetchFromGitHub, }: buildGoModule rec { @@ -9,17 +10,24 @@ buildGoModule rec { src = fetchFromGitHub { owner = "sensepost"; - repo = pname; - rev = version; + repo = "ruler"; + rev = "refs/tags/${version}"; hash = "sha256-cEYpK1LB9b65xr6MCMax1vUtSWefjJdXNs4sPgx65d0="; }; vendorHash = "sha256-ITd3cvZmRBWK3922dDRvNHNH8KzHoVfIQI6S318ibxA="; + ldflags = [ + "-w" + "-s" + ]; + meta = with lib; { description = "Tool to abuse Exchange services"; homepage = "https://github.com/sensepost/ruler"; + changelog = "https://github.com/sensepost/ruler/releases/tag/${version}"; license = with licenses; [ cc-by-nc-40 ]; maintainers = with maintainers; [ fab ]; + mainProgram = "ruler"; }; } diff --git a/nixpkgs/pkgs/tools/security/safe/default.nix b/nixpkgs/pkgs/tools/security/safe/default.nix index 63fe240e5619..83562ac8f131 100644 --- a/nixpkgs/pkgs/tools/security/safe/default.nix +++ b/nixpkgs/pkgs/tools/security/safe/default.nix @@ -23,7 +23,7 @@ buildGoModule rec { ]; meta = with lib; { - description = "A Vault CLI"; + description = "Vault CLI"; mainProgram = "safe"; homepage = "https://github.com/starkandwayne/safe"; license = licenses.mit; diff --git a/nixpkgs/pkgs/tools/security/saml2aws/default.nix b/nixpkgs/pkgs/tools/security/saml2aws/default.nix index 7c61095cc3a9..dfc2e6f9ce9a 100644 --- a/nixpkgs/pkgs/tools/security/saml2aws/default.nix +++ b/nixpkgs/pkgs/tools/security/saml2aws/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "saml2aws"; - version = "2.36.15"; + version = "2.36.16"; src = fetchFromGitHub { owner = "Versent"; repo = "saml2aws"; rev = "v${version}"; - sha256 = "sha256-lfA+D3NsrnYwqX1hfC3TOQKEBW/65QGUjzYxe2RVVSM="; + sha256 = "sha256-qe4a8dmanXRji7hLtlTYrIOuZ8lHwJtDI6dSFVYwcIo="; }; - vendorHash = "sha256-3jne2an651tlyXgmmQ28R/bwsfaQzI4rC+4WJhyDA2E="; + vendorHash = "sha256-OdkgTBsoBjLajx/ueII3o1ldU7+fysTbdTp7tG9eMng="; buildInputs = lib.optionals stdenv.isDarwin [ AppKit ]; diff --git a/nixpkgs/pkgs/tools/security/schleuder/Gemfile b/nixpkgs/pkgs/tools/security/schleuder/Gemfile index 687c293bac91..41360b7292a8 100644 --- a/nixpkgs/pkgs/tools/security/schleuder/Gemfile +++ b/nixpkgs/pkgs/tools/security/schleuder/Gemfile @@ -1,3 +1,4 @@ source 'https://rubygems.org' do gem 'schleuder' + gem 'net-smtp' end diff --git a/nixpkgs/pkgs/tools/security/schleuder/Gemfile.lock b/nixpkgs/pkgs/tools/security/schleuder/Gemfile.lock index 7f15bb7bd717..96970097b875 100644 --- a/nixpkgs/pkgs/tools/security/schleuder/Gemfile.lock +++ b/nixpkgs/pkgs/tools/security/schleuder/Gemfile.lock @@ -4,41 +4,45 @@ GEM GEM remote: https://rubygems.org/ specs: - activemodel (6.1.6) - activesupport (= 6.1.6) - activerecord (6.1.6) - activemodel (= 6.1.6) - activesupport (= 6.1.6) - activesupport (6.1.6) + activemodel (6.1.7.7) + activesupport (= 6.1.7.7) + activerecord (6.1.7.7) + activemodel (= 6.1.7.7) + activesupport (= 6.1.7.7) + activesupport (6.1.7.7) concurrent-ruby (~> 1.0, >= 1.0.2) i18n (>= 1.6, < 2) minitest (>= 5.1) tzinfo (~> 2.0) zeitwerk (~> 2.3) - bcrypt (3.1.18) + bcrypt (3.1.20) charlock_holmes (0.7.7) - concurrent-ruby (1.1.10) + concurrent-ruby (1.3.1) daemons (1.4.1) eventmachine (1.2.7) - gpgme (2.0.20) - mini_portile2 (~> 2.3) - i18n (1.10.0) + gpgme (2.0.24) + mini_portile2 (~> 2.7) + i18n (1.14.5) concurrent-ruby (~> 1.0) mail (2.7.1) mini_mime (>= 0.1.1) mail-gpg (0.4.4) gpgme (~> 2.0, >= 2.0.2) mail (~> 2.5, >= 2.5.3) - mini_mime (1.1.2) - mini_portile2 (2.8.0) - minitest (5.16.1) + mini_mime (1.1.5) + mini_portile2 (2.8.6) + minitest (5.23.1) multi_json (1.15.0) - mustermann (1.1.1) + mustermann (2.0.2) ruby2_keywords (~> 0.0.1) - rack (2.2.3.1) - rack-protection (2.2.0) + net-protocol (0.2.2) + timeout + net-smtp (0.5.0) + net-protocol + rack (2.2.9) + rack-protection (2.2.4) rack - rake (13.0.6) + rake (13.2.1) ruby2_keywords (0.0.5) schleuder (4.0.3) activerecord (~> 6.1.3) @@ -53,34 +57,35 @@ GEM sqlite3 (~> 1.4.2) thin (~> 1) thor (~> 0) - sinatra (2.2.0) - mustermann (~> 1.0) + sinatra (2.2.4) + mustermann (~> 2.0) rack (~> 2.2) - rack-protection (= 2.2.0) + rack-protection (= 2.2.4) tilt (~> 2.0) - sinatra-contrib (2.2.0) + sinatra-contrib (2.2.4) multi_json - mustermann (~> 1.0) - rack-protection (= 2.2.0) - sinatra (= 2.2.0) + mustermann (~> 2.0) + rack-protection (= 2.2.4) + sinatra (= 2.2.4) tilt (~> 2.0) sqlite3 (1.4.4) - thin (1.8.1) + thin (1.8.2) daemons (~> 1.0, >= 1.0.9) eventmachine (~> 1.0, >= 1.0.4) rack (>= 1, < 3) thor (0.20.3) - tilt (2.0.10) - tzinfo (2.0.4) + tilt (2.3.0) + timeout (0.4.1) + tzinfo (2.0.6) concurrent-ruby (~> 1.0) - zeitwerk (2.6.0) + zeitwerk (2.6.15) PLATFORMS - aarch64-linux x86_64-linux DEPENDENCIES + net-smtp! schleuder! BUNDLED WITH - 2.3.9 + 2.5.9 diff --git a/nixpkgs/pkgs/tools/security/schleuder/cli/Gemfile b/nixpkgs/pkgs/tools/security/schleuder/cli/Gemfile index 428e856aecc6..12a93f677cfb 100644 --- a/nixpkgs/pkgs/tools/security/schleuder/cli/Gemfile +++ b/nixpkgs/pkgs/tools/security/schleuder/cli/Gemfile @@ -1,4 +1,4 @@ source "https://rubygems.org" -gem "schleuder-cli", git: "https://0xacab.org/schleuder/schleuder-cli", tag: "schleuder-cli-0.1.0" +gem "schleuder-cli", git: "https://0xacab.org/schleuder/schleuder-cli", tag: "schleuder-cli-0.2.0" diff --git a/nixpkgs/pkgs/tools/security/schleuder/cli/Gemfile.lock b/nixpkgs/pkgs/tools/security/schleuder/cli/Gemfile.lock index 3eead9459e05..808bcb8bc4f9 100644 --- a/nixpkgs/pkgs/tools/security/schleuder/cli/Gemfile.lock +++ b/nixpkgs/pkgs/tools/security/schleuder/cli/Gemfile.lock @@ -1,15 +1,15 @@ GIT remote: https://0xacab.org/schleuder/schleuder-cli - revision: 1de2548695d9a74f47b7868954561b48cbc966f9 - tag: schleuder-cli-0.1.0 + revision: fd010d28b1503504056e714e03abf043b64794ea + tag: schleuder-cli-0.2.0 specs: - schleuder-cli (0.1.0) - thor (~> 0) + schleuder-cli (0.2.0) + thor (~> 1) GEM remote: https://rubygems.org/ specs: - thor (0.20.3) + thor (1.3.1) PLATFORMS aarch64-linux @@ -19,4 +19,4 @@ DEPENDENCIES schleuder-cli! BUNDLED WITH - 2.3.9 + 2.5.9 diff --git a/nixpkgs/pkgs/tools/security/schleuder/cli/default.nix b/nixpkgs/pkgs/tools/security/schleuder/cli/default.nix index e34afa699f04..ea8e2c508342 100644 --- a/nixpkgs/pkgs/tools/security/schleuder/cli/default.nix +++ b/nixpkgs/pkgs/tools/security/schleuder/cli/default.nix @@ -20,7 +20,7 @@ bundlerApp { passthru.updateScript = bundlerUpdateScript "schleuder-cli"; meta = with lib; { - description = "A command line tool to create and manage schleuder-lists"; + description = "Command line tool to create and manage schleuder-lists"; longDescription = '' Schleuder-cli enables creating, configuring, and deleting lists, subscriptions, keys, etc. It uses the Schleuder API, provided by diff --git a/nixpkgs/pkgs/tools/security/schleuder/cli/gemset.nix b/nixpkgs/pkgs/tools/security/schleuder/cli/gemset.nix index 45ff62f89137..eeb05d82060f 100644 --- a/nixpkgs/pkgs/tools/security/schleuder/cli/gemset.nix +++ b/nixpkgs/pkgs/tools/security/schleuder/cli/gemset.nix @@ -5,21 +5,21 @@ platforms = []; source = { fetchSubmodules = false; - rev = "1de2548695d9a74f47b7868954561b48cbc966f9"; - sha256 = "0k4i33w9a0bscw4wbs301vxca367g7pa89y6cr24i0014pbmhs9z"; + rev = "fd010d28b1503504056e714e03abf043b64794ea"; + sha256 = "1r8ayi0d00c14q40247rwjf5s5n3dsy9d9blhf5jzm3kddzpwnbx"; type = "git"; url = "https://0xacab.org/schleuder/schleuder-cli"; }; - version = "0.1.0"; + version = "0.2.0"; }; thor = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1yhrnp9x8qcy5vc7g438amd5j9sw83ih7c30dr6g6slgw9zj3g29"; + sha256 = "1vq1fjp45az9hfp6fxljhdrkv75cvbab1jfrwcw738pnsiqk8zps"; type = "gem"; }; - version = "0.20.3"; + version = "1.3.1"; }; } diff --git a/nixpkgs/pkgs/tools/security/schleuder/gemset.nix b/nixpkgs/pkgs/tools/security/schleuder/gemset.nix index 63cd6a5db81f..ba22b478b00a 100644 --- a/nixpkgs/pkgs/tools/security/schleuder/gemset.nix +++ b/nixpkgs/pkgs/tools/security/schleuder/gemset.nix @@ -5,10 +5,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1f0ai51icvvx5q0jd1l89k0dlwzpsrkqlj6x43f8qc4bd1ya9glx"; + sha256 = "0zz32997k2fsyd0fzrh8f79yjr6hv3i4j9wykkxncl02j8dhrkay"; type = "gem"; }; - version = "6.1.6"; + version = "6.1.7.7"; }; activerecord = { dependencies = ["activemodel" "activesupport"]; @@ -16,10 +16,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0khjnkvmiyap1g3rvw9hp16mzai4smqcg5hxhq28pll25ljzxdbp"; + sha256 = "0qzymgyrvw2k32ldabp2jr0zgp6z9w8smyb946qgvs9zfs4n2qnn"; type = "gem"; }; - version = "6.1.6"; + version = "6.1.7.7"; }; activesupport = { dependencies = ["concurrent-ruby" "i18n" "minitest" "tzinfo" "zeitwerk"]; @@ -27,20 +27,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "08wzpwgdm03vzb8gqr8bvfdarb89g5ah0skvwqk6qv87p55xqkyw"; + sha256 = "0r2i9b0pm0b1dy8fc7kyls1g7f0bcnyq53v825rykibzdqfqdfgp"; type = "gem"; }; - version = "6.1.6"; + version = "6.1.7.7"; }; bcrypt = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "048z3fvcknqx7ikkhrcrykxlqmf9bzc7l0y5h1cnvrc9n2qf0k8m"; + sha256 = "16a0g2q40biv93i1hch3gw8rbmhp77qnnifj1k0a6m7dng3zh444"; type = "gem"; }; - version = "3.1.18"; + version = "3.1.20"; }; charlock_holmes = { groups = ["default"]; @@ -57,10 +57,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0s4fpn3mqiizpmpy2a24k4v365pv75y50292r8ajrv4i1p5b2k14"; + sha256 = "1kmhr3pz2nmhnq0nqlicqfwfmkzkcl835g7sw1gjjhjvhz8g2sf3"; type = "gem"; }; - version = "1.1.10"; + version = "1.3.1"; }; daemons = { groups = ["default"]; @@ -88,10 +88,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0xbgh9d8nbvsvyzqnd0mzhz0nr9hx4qn025kmz6d837lry4lc6gw"; + sha256 = "0r1vmql7w7ka5xzj1aqf8pk2a4sv0znwj2zkg1fgvd5b89qcvv2k"; type = "gem"; }; - version = "2.0.20"; + version = "2.0.24"; }; i18n = { dependencies = ["concurrent-ruby"]; @@ -99,10 +99,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0b2qyvnk4yynlg17ymkq4g5xgr275637fhl1mjh0valw3cb1fhhg"; + sha256 = "1ffix518y7976qih9k1lgnc17i3v6yrlh0a3mckpxdb4wc2vrp16"; type = "gem"; }; - version = "1.10.0"; + version = "1.14.5"; }; mail = { dependencies = ["mini_mime"]; @@ -131,30 +131,30 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0lbim375gw2dk6383qirz13hgdmxlan0vc5da2l072j3qw6fqjm5"; + sha256 = "1vycif7pjzkr29mfk4dlqv3disc5dn0va04lkwajlpr1wkibg0c6"; type = "gem"; }; - version = "1.1.2"; + version = "1.1.5"; }; mini_portile2 = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0rapl1sfmfi3bfr68da4ca16yhc0pp93vjwkj7y3rdqrzy3b41hy"; + sha256 = "149r94xi6b3jbp6bv72f8383b95ndn0p5sxnq11gs1j9jadv0ajf"; type = "gem"; }; - version = "2.8.0"; + version = "2.8.6"; }; minitest = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "08z6rgs1jgbc032843mwg3fayvzn4hihz8bl2gp87pf7z02kw5f3"; + sha256 = "1gkslxvkhh44s21rbjvka3zsvfxxrf5pcl6f75rv2vyrzzbgis7i"; type = "gem"; }; - version = "5.16.1"; + version = "5.23.1"; }; multi_json = { groups = ["default"]; @@ -172,20 +172,42 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0ccm54qgshr1lq3pr1dfh7gphkilc19dp63rw6fcx7460pjwy88a"; + sha256 = "0m70qz27mlv2rhk4j1li6pw797gmiwwqg02vcgxcxr1rq2v53rnb"; type = "gem"; }; - version = "1.1.1"; + version = "2.0.2"; + }; + net-protocol = { + dependencies = ["timeout"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1a32l4x73hz200cm587bc29q8q9az278syw3x6fkc9d1lv5y0wxa"; + type = "gem"; + }; + version = "0.2.2"; + }; + net-smtp = { + dependencies = ["net-protocol"]; + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0amlhz8fhnjfmsiqcjajip57ici2xhw089x7zqyhpk51drg43h2z"; + type = "gem"; + }; + version = "0.5.0"; }; rack = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1b1qsg0yfargdhmpapp2d3mlxj82wyygs9nj74w0r03diyi8swlc"; + sha256 = "0hj0rkw2z9r1lcg2wlrcld2n3phwrcgqcp7qd1g9a7hwgalh2qzx"; type = "gem"; }; - version = "2.2.3.1"; + version = "2.2.9"; }; rack-protection = { dependencies = ["rack"]; @@ -193,20 +215,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1hz6h6d67r217qi202qmxq2xkn3643ay3iybhl3dq3qd6j8nm3b2"; + sha256 = "1d6irsigm0i4ig1m47c94kixi3wb8jnxwvwkl8qxvyngmb73srl2"; type = "gem"; }; - version = "2.2.0"; + version = "2.2.4"; }; rake = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "15whn7p9nrkxangbs9hh75q585yfn66lv0v2mhj6q6dl6x8bzr2w"; + sha256 = "17850wcwkgi30p7yqh60960ypn7yibacjjha0av78zaxwvd3ijs6"; type = "gem"; }; - version = "13.0.6"; + version = "13.2.1"; }; ruby2_keywords = { groups = ["default"]; @@ -235,10 +257,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1x3rci7k30g96y307hvglpdgm3f7nga3k3n4i8n1v2xxx290800y"; + sha256 = "0wkc079h6hzq737j4wycpnv7c38mhd0rl33pszyy7768zzvyjc9y"; type = "gem"; }; - version = "2.2.0"; + version = "2.2.4"; }; sinatra-contrib = { dependencies = ["multi_json" "mustermann" "rack-protection" "sinatra" "tilt"]; @@ -246,10 +268,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0zzckl2n7r18fk3929hgcv8pby6hxwva0rbxw66yq6r96lnwzryb"; + sha256 = "0s6c1k3zzxp3xa7libvlpqaby27124rccyyxcsly04ih904cxk33"; type = "gem"; }; - version = "2.2.0"; + version = "2.2.4"; }; sqlite3 = { groups = ["default"]; @@ -267,10 +289,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "123bh7qlv6shk8bg8cjc84ix8bhlfcilwnn3iy6zq3l57yaplm9l"; + sha256 = "08g1yq6zzvgndj8fd98ah7pp8g2diw28p8bfjgv7rvjvp8d2am8w"; type = "gem"; }; - version = "1.8.1"; + version = "1.8.2"; }; thor = { groups = ["default"]; @@ -287,10 +309,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0rn8z8hda4h41a64l0zhkiwz2vxw9b1nb70gl37h1dg2k874yrlv"; + sha256 = "0p3l7v619hwfi781l3r7ypyv1l8hivp09r18kmkn6g11c4yr1pc2"; + type = "gem"; + }; + version = "2.3.0"; + }; + timeout = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "16mvvsmx90023wrhf8dxc1lpqh0m8alk65shb7xcya6a9gflw7vg"; type = "gem"; }; - version = "2.0.10"; + version = "0.4.1"; }; tzinfo = { dependencies = ["concurrent-ruby"]; @@ -298,19 +330,19 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "10qp5x7f9hvlc0psv9gsfbxg4a7s0485wsbq1kljkxq94in91l4z"; + sha256 = "16w2g84dzaf3z13gxyzlzbf748kylk5bdgg3n1ipvkvvqy685bwd"; type = "gem"; }; - version = "2.0.4"; + version = "2.0.6"; }; zeitwerk = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0xjdr2szxvn3zb1sb5l8nfd6k9jr3b4qqbbg1mj9grf68m3fxckc"; + sha256 = "1kr2731z8f6cj23jxh67cdnpkrnnfwbrxj1hfhshls4mp8i8drmj"; type = "gem"; }; - version = "2.6.0"; + version = "2.6.15"; }; } diff --git a/nixpkgs/pkgs/tools/security/scorecard/default.nix b/nixpkgs/pkgs/tools/security/scorecard/default.nix index 265253bba51b..75b6657fe7e2 100644 --- a/nixpkgs/pkgs/tools/security/scorecard/default.nix +++ b/nixpkgs/pkgs/tools/security/scorecard/default.nix @@ -8,13 +8,13 @@ buildGoModule rec { pname = "scorecard"; - version = "4.12.0"; + version = "4.13.1"; src = fetchFromGitHub { owner = "ossf"; repo = pname; rev = "v${version}"; - sha256 = "sha256-Ys7uO+xMSlcD8OGw7fV+aR0+Q1UXrxPKVLQbphV4rKk="; + hash = "sha256-xf6HyiZlkU9ifgXr+/O8UeElqwF8c1h/9IRWDVHx2+g="; # populate values otherwise taken care of by goreleaser, # unfortunately these require us to use git. By doing # this in postFetch we can delete .git afterwards and @@ -28,7 +28,7 @@ buildGoModule rec { find "$out" -name .git -print0 | xargs -0 rm -rf ''; }; - vendorHash = "sha256-L6HFZryniy3Gp8NKdjM4SK82ZG5eQPM7blkSE3YFhOw="; + vendorHash = "sha256-ohZcz7fn/YAglLI3YOi0J4FWkCJa2/nsM7T03+BOWkw="; nativeBuildInputs = [ installShellFiles ]; @@ -58,6 +58,11 @@ buildGoModule rec { export SKIP_GINKGO=1 ''; + checkFlags = [ + # https://github.com/ossf/scorecard/pull/4134 + "-skip TestRunScorecard/empty_commits_repos_should_return_repo_details_but_no_checks" + ]; + postInstall = '' installShellCompletion --cmd scorecard \ --bash <($out/bin/scorecard completion bash) \ @@ -69,7 +74,7 @@ buildGoModule rec { installCheckPhase = '' runHook preInstallCheck $out/bin/scorecard --help - # $out/bin/scorecard version 2>&1 | grep "v${version}" + $out/bin/scorecard version 2>&1 | grep "v${version}" runHook postInstallCheck ''; diff --git a/nixpkgs/pkgs/tools/security/secp256k1/default.nix b/nixpkgs/pkgs/tools/security/secp256k1/default.nix index 5494f8f26c24..335d9c5c18a5 100644 --- a/nixpkgs/pkgs/tools/security/secp256k1/default.nix +++ b/nixpkgs/pkgs/tools/security/secp256k1/default.nix @@ -7,13 +7,13 @@ stdenv.mkDerivation rec { pname = "secp256k1"; - version = "0.4.1"; + version = "0.5.0"; src = fetchFromGitHub { owner = "bitcoin-core"; repo = "secp256k1"; rev = "refs/tags/v${version}"; - sha256 = "sha256-atq34GnWkSkWTWxZP4PCSF3hIjGFhQ534E+WUtLRkiM="; + sha256 = "sha256-XcxBzOJngrm1szs48bBS6pcH2yaLfLKPUtyQ51eItaw="; }; nativeBuildInputs = [ autoreconfHook ]; diff --git a/nixpkgs/pkgs/tools/security/semgrep/common.nix b/nixpkgs/pkgs/tools/security/semgrep/common.nix index 49f7080ce072..d51853953bf4 100644 --- a/nixpkgs/pkgs/tools/security/semgrep/common.nix +++ b/nixpkgs/pkgs/tools/security/semgrep/common.nix @@ -1,9 +1,9 @@ { lib }: rec { - version = "1.72.0"; + version = "1.74.0"; - srcHash = "sha256-Rfu4ymNQ9AXuj5nkx01eUtIVMXDmunNTvUH/2Y7VaXM="; + srcHash = "sha256-PH0fTT6n6o3Jtuq+cyyRb048Tuv3VGNduCZCEKTXMrE="; # submodule dependencies # these are fetched so we: @@ -13,8 +13,8 @@ rec { "cli/src/semgrep/semgrep_interfaces" = { owner = "semgrep"; repo = "semgrep-interfaces"; - rev = "75abf193687b84ab341d8267d865ad68d81a89c9"; - hash = "sha256-pS95f9oZLtzCEOQrjJP6aGm6lrltumG4ZjSTaUcRDpU="; + rev = "9f38254957c50c68ea402eebae0f7aa40dd01cbf"; + hash = "sha256-/P8b7nSwNZSrm7dUFkehDaGz+r+bofrlFfuIo4U7tJM="; }; }; @@ -25,19 +25,19 @@ rec { core = { x86_64-linux = { platform = "any"; - hash = "sha256-/XZzzDbsW6pw8LC8DgofZ1Gr7eeQyH719NzJDCoXhpk="; + hash = "sha256-ZA5KlbSLkC0IJGqyK0XhuDKRx53987vf53vSM0zwD9k="; }; aarch64-linux = { platform = "musllinux_1_0_aarch64.manylinux2014_aarch64"; - hash = "sha256-7zCy2IbxsNO1Jl/efu9dwSyvv6a0HYvqEBzxVpTzqAM="; + hash = "sha256-aHq87uzk9TtnlMDfAS6492ocXRJSHdBinng0hu2xLas="; }; x86_64-darwin = { platform = "macosx_10_14_x86_64"; - hash = "sha256-jykFOXOCtEtlTxN6z17m8E2g2Wpb7qdXx6w4L6w+DbY="; + hash = "sha256-OorDXQ0oYHV8aPu9o1dQAd22u78/EjpUWA2yPYG0S9E="; }; aarch64-darwin = { platform = "macosx_11_0_arm64"; - hash = "sha256-0dBki3y9tMdjRRfYbxtl0fVTDXO8tLpx76EPISxtCy4="; + hash = "sha256-g8sFLh2V9NDIvAZOaDhMpFxKqbS/S1eKep4v1vlOOo8="; }; }; diff --git a/nixpkgs/pkgs/tools/security/semgrep/default.nix b/nixpkgs/pkgs/tools/security/semgrep/default.nix index 6b62ab80e7ea..13307d310102 100644 --- a/nixpkgs/pkgs/tools/security/semgrep/default.nix +++ b/nixpkgs/pkgs/tools/security/semgrep/default.nix @@ -1,6 +1,5 @@ { lib , fetchFromGitHub -, fetchpatch , semgrep-core , buildPythonApplication , pythonPackages diff --git a/nixpkgs/pkgs/tools/security/sequoia-sqop/default.nix b/nixpkgs/pkgs/tools/security/sequoia-sqop/default.nix index 9bd5684f30c6..2aba6b9043c9 100644 --- a/nixpkgs/pkgs/tools/security/sequoia-sqop/default.nix +++ b/nixpkgs/pkgs/tools/security/sequoia-sqop/default.nix @@ -9,7 +9,7 @@ rustPlatform.buildRustPackage rec { pname = "sequoia-sqop"; - version = "0.33.0"; + version = "0.34.0"; src = fetchFromGitLab { owner = "sequoia-pgp"; @@ -17,10 +17,10 @@ rustPlatform.buildRustPackage rec { # generated etc repo = "sequoia-sop"; rev = "v${version}"; - hash = "sha256-5XK5Cec6ojrpIncAtlp9jYr9KxmNYJKPhbsJraA0FA0="; + hash = "sha256-RpXMF0Q5Dp0zDt1gPl2Z3RKyDa4NI0uZY7kIc230F48="; }; - cargoHash = "sha256-8ujQyG9qLuG8vjHoRtvpn4ka/Ft39u+NoxSZrD9NsfY="; + cargoHash = "sha256-ccEnZPFUYU5F1PqkX1u7K2xuWYShhzJwEOfBEbi53gg="; nativeBuildInputs = [ pkg-config @@ -49,7 +49,7 @@ rustPlatform.buildRustPackage rec { passthru.updateScript = nix-update-script { }; meta = with lib; { - description = "An implementation of the Stateless OpenPGP Command Line Interface using Sequoia"; + description = "Implementation of the Stateless OpenPGP Command Line Interface using Sequoia"; homepage = "https://docs.sequoia-pgp.org/sqop/"; license = licenses.gpl2Plus; maintainers = with maintainers; [ doronbehar ]; diff --git a/nixpkgs/pkgs/tools/security/sequoia-sqv/default.nix b/nixpkgs/pkgs/tools/security/sequoia-sqv/default.nix index 1b80e9dd4518..7923b494c17e 100644 --- a/nixpkgs/pkgs/tools/security/sequoia-sqv/default.nix +++ b/nixpkgs/pkgs/tools/security/sequoia-sqv/default.nix @@ -51,7 +51,7 @@ rustPlatform.buildRustPackage rec { passthru.updateScript = nix-update-script { }; meta = with lib; { - description = "A command-line OpenPGP signature verification tool"; + description = "Command-line OpenPGP signature verification tool"; homepage = "https://docs.sequoia-pgp.org/sqv/"; license = licenses.gpl2Plus; maintainers = with maintainers; [ doronbehar ]; diff --git a/nixpkgs/pkgs/tools/security/sheesy-cli/default.nix b/nixpkgs/pkgs/tools/security/sheesy-cli/default.nix index c47e5a212858..50aee190a763 100644 --- a/nixpkgs/pkgs/tools/security/sheesy-cli/default.nix +++ b/nixpkgs/pkgs/tools/security/sheesy-cli/default.nix @@ -32,7 +32,7 @@ rustPlatform.buildRustPackage rec { ''; meta = with lib; { - description = "The 'share-secrets-safely' CLI to interact with GPG/pass-like vaults"; + description = "'share-secrets-safely' CLI to interact with GPG/pass-like vaults"; homepage = "https://share-secrets-safely.github.io/cli/"; changelog = "https://github.com/share-secrets-safely/cli/releases/tag/${version}"; license = with licenses; [ lgpl21Only ]; diff --git a/nixpkgs/pkgs/tools/security/shellnoob/default.nix b/nixpkgs/pkgs/tools/security/shellnoob/default.nix index f7814b24384b..ef9488239bd0 100644 --- a/nixpkgs/pkgs/tools/security/shellnoob/default.nix +++ b/nixpkgs/pkgs/tools/security/shellnoob/default.nix @@ -24,7 +24,7 @@ stdenvNoCC.mkDerivation rec { ''; meta = with lib; { - description = "A shellcode writing toolkit"; + description = "Shellcode writing toolkit"; homepage = "https://github.com/reyammer/shellnoob"; mainProgram = "snoob"; license = licenses.mit; diff --git a/nixpkgs/pkgs/tools/security/sherlock/default.nix b/nixpkgs/pkgs/tools/security/sherlock/default.nix index 2a475e13d3d5..6ee08c3f3f58 100644 --- a/nixpkgs/pkgs/tools/security/sherlock/default.nix +++ b/nixpkgs/pkgs/tools/security/sherlock/default.nix @@ -7,14 +7,14 @@ python3.pkgs.buildPythonApplication rec { pname = "sherlock"; - version = "0-unstable-2024-05-15"; + version = "0-unstable-2024-06-04"; format = "other"; src = fetchFromGitHub { owner = "sherlock-project"; repo = "sherlock"; - rev = "0ecb496ae91bc36476e3e6800aa3928c5dcd82f8"; - hash = "sha256-CikQaQsiwKz0yEk3rA6hi570LIobEaxxgQ5I/B6OxWk="; + rev = "ef124acf34e90626f4e59ab88bba1ed6141a4126"; + hash = "sha256-haxUKdZuuJrSI4TH8jA1fT+4fhr6tlxnrEgWTuBuIC4="; }; nativeBuildInputs = [ makeWrapper ]; diff --git a/nixpkgs/pkgs/tools/security/signing-party/default.nix b/nixpkgs/pkgs/tools/security/signing-party/default.nix index 323d7075a79c..d0c50ddad087 100644 --- a/nixpkgs/pkgs/tools/security/signing-party/default.nix +++ b/nixpkgs/pkgs/tools/security/signing-party/default.nix @@ -198,7 +198,7 @@ in stdenv.mkDerivation rec { meta = with lib; { homepage = "https://salsa.debian.org/signing-party-team/signing-party"; - description = "A collection of several projects relating to OpenPGP"; + description = "Collection of several projects relating to OpenPGP"; longDescription = '' This is a collection of several projects relating to OpenPGP. diff --git a/nixpkgs/pkgs/tools/security/sirikali/default.nix b/nixpkgs/pkgs/tools/security/sirikali/default.nix deleted file mode 100644 index 6ae689d95fd4..000000000000 --- a/nixpkgs/pkgs/tools/security/sirikali/default.nix +++ /dev/null @@ -1,87 +0,0 @@ -{ lib -, stdenv -, qtbase -, libpwquality -, hicolor-icon-theme -, fetchFromGitHub -, wrapQtAppsHook -, cmake -, pkg-config -, libgcrypt -, cryfs -, encfs -, fscrypt-experimental -, gocryptfs -, securefs -, sshfs -, libsecret -, kwallet -, withKWallet ? true -, withLibsecret ? true -}: - -stdenv.mkDerivation rec { - pname = "sirikali"; - version = "1.5.1"; - - src = fetchFromGitHub { - owner = "mhogomchungu"; - repo = "sirikali"; - rev = version; - hash = "sha256-1bY8cCMMK4Jie4+9c7eUEBrPEYDaOqFHZ5252TPSotA="; - }; - - buildInputs = [ - qtbase - libpwquality - hicolor-icon-theme - libgcrypt - cryfs - encfs - fscrypt-experimental - gocryptfs - securefs - sshfs - ] - ++ lib.optionals withKWallet [ libsecret ] - ++ lib.optionals withLibsecret [ kwallet ] - ; - - nativeBuildInputs = [ - wrapQtAppsHook - cmake - pkg-config - ]; - - qtWrapperArgs = [ - ''--prefix PATH : ${lib.makeBinPath [ - cryfs - encfs - fscrypt-experimental - gocryptfs - securefs - sshfs - ]}'' - ]; - - postPatch = '' - substituteInPlace "src/engines.cpp" --replace "/sbin/" "/run/wrappers/bin/" - ''; - - doCheck = true; - - cmakeFlags = [ - "-DINTERNAL_LXQT_WALLET=false" - "-DNOKDESUPPORT=${if withKWallet then "false" else "true"}" - "-DNOSECRETSUPPORT=${if withLibsecret then "false" else "true"}" - "-DQT5=true" - ]; - - meta = with lib; { - description = "A Qt/C++ GUI front end to sshfs, ecryptfs-simple, cryfs, gocryptfs, securefs, fscrypt and encfs"; - homepage = "https://github.com/mhogomchungu/sirikali"; - changelog = "https://github.com/mhogomchungu/sirikali/blob/${src.rev}/changelog"; - license = licenses.gpl3Only; - maintainers = with maintainers; [ linuxissuper ]; - }; -} diff --git a/nixpkgs/pkgs/tools/security/smbmap/default.nix b/nixpkgs/pkgs/tools/security/smbmap/default.nix index 772df0a66ef9..1e91764db609 100644 --- a/nixpkgs/pkgs/tools/security/smbmap/default.nix +++ b/nixpkgs/pkgs/tools/security/smbmap/default.nix @@ -1,21 +1,24 @@ -{ lib -, fetchFromGitHub -, python3 +{ + lib, + fetchFromGitHub, + python3, }: python3.pkgs.buildPythonApplication rec { pname = "smbmap"; - version = "1.10.2"; - format = "setuptools"; + version = "1.10.4"; + pyproject = true; src = fetchFromGitHub { owner = "ShawnDEvans"; repo = "smbmap"; rev = "refs/tags/v${version}"; - hash = "sha256-6+kO2Wfz3gGABS4fGxoebCubzvFAaJIGnMPA+k1mckc="; + hash = "sha256-CU0pio+R8JI/vQi13mOmiEeWC+r4EuLwWOQYLnm4Oao="; }; - propagatedBuildInputs = with python3.pkgs; [ + build-system = with python3.pkgs; [ setuptools ]; + + dependencies = with python3.pkgs; [ impacket pyasn1 pycrypto @@ -26,16 +29,14 @@ python3.pkgs.buildPythonApplication rec { # Project has no tests doCheck = false; - pythonImportsCheck = [ - "smbmap" - ]; + pythonImportsCheck = [ "smbmap" ]; meta = with lib; { description = "SMB enumeration tool"; - mainProgram = "smbmap"; homepage = "https://github.com/ShawnDEvans/smbmap"; changelog = "https://github.com/ShawnDEvans/smbmap/releases/tag/v${version}"; license = licenses.gpl3Only; maintainers = with maintainers; [ fab ]; + mainProgram = "smbmap"; }; } diff --git a/nixpkgs/pkgs/tools/security/snowcat/default.nix b/nixpkgs/pkgs/tools/security/snowcat/default.nix index a08b18edd147..0054c7a81322 100644 --- a/nixpkgs/pkgs/tools/security/snowcat/default.nix +++ b/nixpkgs/pkgs/tools/security/snowcat/default.nix @@ -17,7 +17,7 @@ buildGoModule rec { meta = with lib; { homepage = "https://github.com/praetorian-inc/snowcat"; changelog = "https://github.com/praetorian-inc/snowcat/releases/tag/v${version}"; - description = "A tool to audit the istio service mesh"; + description = "Tool to audit the istio service mesh"; mainProgram = "snowcat"; longDescription = '' Snowcat gathers and analyzes the configuration of an Istio cluster and diff --git a/nixpkgs/pkgs/tools/security/solo2-cli/default.nix b/nixpkgs/pkgs/tools/security/solo2-cli/default.nix index 417afd93a99c..a241e8780101 100644 --- a/nixpkgs/pkgs/tools/security/solo2-cli/default.nix +++ b/nixpkgs/pkgs/tools/security/solo2-cli/default.nix @@ -42,7 +42,7 @@ rustPlatform.buildRustPackage rec { buildFeatures = [ "cli" ]; meta = with lib; { - description = "A CLI tool for managing SoloKeys' Solo2 USB security keys"; + description = "CLI tool for managing SoloKeys' Solo2 USB security keys"; homepage = "https://github.com/solokeys/solo2-cli"; license = with licenses; [ asl20 mit ]; # either at your option maintainers = with maintainers; [ lukegb ]; diff --git a/nixpkgs/pkgs/tools/security/spectre-cli/default.nix b/nixpkgs/pkgs/tools/security/spectre-cli/default.nix index f06365de90b5..923046cdad4a 100644 --- a/nixpkgs/pkgs/tools/security/spectre-cli/default.nix +++ b/nixpkgs/pkgs/tools/security/spectre-cli/default.nix @@ -63,7 +63,7 @@ stdenv.mkDerivation rec { ''; meta = with lib; { - description = "A stateless cryptographic identity algorithm"; + description = "Stateless cryptographic identity algorithm"; homepage = "https://spectre.app"; license = licenses.gpl3Plus; maintainers = with maintainers; [ emmabastas ]; diff --git a/nixpkgs/pkgs/tools/security/spire/default.nix b/nixpkgs/pkgs/tools/security/spire/default.nix index 236710eb0eba..861167c15ae8 100644 --- a/nixpkgs/pkgs/tools/security/spire/default.nix +++ b/nixpkgs/pkgs/tools/security/spire/default.nix @@ -2,7 +2,7 @@ buildGoModule rec { pname = "spire"; - version = "1.9.5"; + version = "1.9.6"; outputs = [ "out" "agent" "server" ]; @@ -10,10 +10,10 @@ buildGoModule rec { owner = "spiffe"; repo = pname; rev = "v${version}"; - sha256 = "sha256-cn7ipY5dKcKSUTqOAqOf9KgdufMnk58WW4to9MfRL7g="; + sha256 = "sha256-wubrZJBPLA83VB57UVKLuh2cmyXHouwN4BVPiHFl+1s="; }; - vendorHash = "sha256-XWfo6NbADVRaMuemTrDgF2LQSpIe037z8el2CVzOJHI="; + vendorHash = "sha256-tx0zIr9rXuOvt+77Sp6dIdtN21fDX5FdnTxGpHWo7+A="; subPackages = [ "cmd/spire-agent" "cmd/spire-server" ]; @@ -28,7 +28,7 @@ buildGoModule rec { ''; meta = with lib; { - description = "The SPIFFE Runtime Environment"; + description = "SPIFFE Runtime Environment"; homepage = "https://github.com/spiffe/spire"; changelog = "https://github.com/spiffe/spire/releases/tag/v${version}"; license = licenses.asl20; diff --git a/nixpkgs/pkgs/tools/security/ssdeep/default.nix b/nixpkgs/pkgs/tools/security/ssdeep/default.nix index 110174d1a8bb..68b8afdf6712 100644 --- a/nixpkgs/pkgs/tools/security/ssdeep/default.nix +++ b/nixpkgs/pkgs/tools/security/ssdeep/default.nix @@ -19,7 +19,7 @@ stdenv.mkDerivation rec { ''; meta = { - description = "A program for calculating fuzzy hashes"; + description = "Program for calculating fuzzy hashes"; mainProgram = "ssdeep"; homepage = "http://www.ssdeep.sf.net"; license = lib.licenses.gpl2Plus; diff --git a/nixpkgs/pkgs/tools/security/ssh-audit/default.nix b/nixpkgs/pkgs/tools/security/ssh-audit/default.nix index 0551a7b10b22..ec12b6f4bde5 100644 --- a/nixpkgs/pkgs/tools/security/ssh-audit/default.nix +++ b/nixpkgs/pkgs/tools/security/ssh-audit/default.nix @@ -1,5 +1,6 @@ { lib , fetchFromGitHub +, installShellFiles , nixosTests , python3Packages }: @@ -8,6 +9,7 @@ python3Packages.buildPythonApplication rec { pname = "ssh-audit"; version = "3.2.0"; format = "setuptools"; + outputs = [ "out" "man" ]; src = fetchFromGitHub { owner = "jtesta"; @@ -16,6 +18,11 @@ python3Packages.buildPythonApplication rec { sha256 = "sha256-g5h0A1BJqzOZaSVUxyi7IsCcrbto4+7+HpiVjFZy50Y="; }; + nativeBuildInputs = [ installShellFiles ]; + postInstall = '' + installManPage $src/ssh-audit.1 + ''; + nativeCheckInputs = with python3Packages; [ pytestCheckHook ]; diff --git a/nixpkgs/pkgs/tools/security/ssh-to-pgp/default.nix b/nixpkgs/pkgs/tools/security/ssh-to-pgp/default.nix index 15067063d328..c2cc76ef74b7 100644 --- a/nixpkgs/pkgs/tools/security/ssh-to-pgp/default.nix +++ b/nixpkgs/pkgs/tools/security/ssh-to-pgp/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "ssh-to-pgp"; - version = "1.1.2"; + version = "1.1.3"; src = fetchFromGitHub { owner = "Mic92"; repo = "ssh-to-pgp"; rev = version; - sha256 = "sha256-SoHKBuI3ROfWTI45rFdMNkHVYHa5nX1A0/ljgGpF8NY="; + sha256 = "sha256-EynI4YQ6yjhMIOSoMM7WgLwI//5moFgdhFLX82J+bSA="; }; - vendorHash = "sha256-sHvb6jRSMXIUv1D0dbTJWmETCaFr9BquNmcc8J06m/o="; + vendorHash = "sha256-ww1CDDGo2r8h0ePvU8PS2owzE1vLTz2m7Z9thsQle7s="; nativeCheckInputs = [ gnupg ]; checkPhase = '' diff --git a/nixpkgs/pkgs/tools/security/sslscan/default.nix b/nixpkgs/pkgs/tools/security/sslscan/default.nix index 43e2b8ace717..ab699f8f02b7 100644 --- a/nixpkgs/pkgs/tools/security/sslscan/default.nix +++ b/nixpkgs/pkgs/tools/security/sslscan/default.nix @@ -6,13 +6,13 @@ stdenv.mkDerivation rec { pname = "sslscan"; - version = "2.1.3"; + version = "2.1.4"; src = fetchFromGitHub { owner = "rbsec"; repo = "sslscan"; rev = "refs/tags/${version}"; - hash = "sha256-oLlMeFVicDwr2XjCX/0cBMTXLKB8js50646uAf3tP9k="; + hash = "sha256-we55Oo9sIZ1FQn94xejlCKwlZBDMrQs/1f++blXTTUM="; }; buildInputs = [ openssl ]; diff --git a/nixpkgs/pkgs/tools/security/step-ca/default.nix b/nixpkgs/pkgs/tools/security/step-ca/default.nix index 1b227b3cdfdf..7c8f44918506 100644 --- a/nixpkgs/pkgs/tools/security/step-ca/default.nix +++ b/nixpkgs/pkgs/tools/security/step-ca/default.nix @@ -13,16 +13,16 @@ buildGoModule rec { pname = "step-ca"; - version = "0.26.1"; + version = "0.26.2"; src = fetchFromGitHub { owner = "smallstep"; repo = "certificates"; rev = "refs/tags/v${version}"; - hash = "sha256-yej7gzhaUPbcvqbse7Hh7Im38+DUfC9UZkpjpuG8ctk="; + hash = "sha256-sLHmeF/yh74/qsoF/DrYSAbULG9Nsvd6bvUT4tSVHdQ="; }; - vendorHash = "sha256-XlfdIg8YHCeCvc7kZczUxlxUonyZSQATgsxLTMvNDk4="; + vendorHash = "sha256-TISPM6bYzS0TpmopQLBns/rQqPKLDHK1job003vpFiQ="; ldflags = [ "-w" @@ -62,7 +62,7 @@ buildGoModule rec { passthru.tests.step-ca = nixosTests.step-ca; meta = with lib; { - description = "A private certificate authority (X.509 & SSH) & ACME server for secure automated certificate management, so you can use TLS everywhere & SSO for SSH"; + description = "Private certificate authority (X.509 & SSH) & ACME server for secure automated certificate management, so you can use TLS everywhere & SSO for SSH"; homepage = "https://smallstep.com/certificates/"; changelog = "https://github.com/smallstep/certificates/releases/tag/v${version}"; license = licenses.asl20; diff --git a/nixpkgs/pkgs/tools/security/step-kms-plugin/default.nix b/nixpkgs/pkgs/tools/security/step-kms-plugin/default.nix index 95a3b85fca63..a64f86a31d1e 100644 --- a/nixpkgs/pkgs/tools/security/step-kms-plugin/default.nix +++ b/nixpkgs/pkgs/tools/security/step-kms-plugin/default.nix @@ -11,16 +11,16 @@ buildGoModule rec { pname = "step-kms-plugin"; - version = "0.11.1"; + version = "0.11.3"; src = fetchFromGitHub { owner = "smallstep"; repo = pname; rev = "v${version}"; - hash = "sha256-EkLLhHXvh10tfEY6AY6o3n3JcmCXwauHsQ8VJRBpnnY="; + hash = "sha256-Gl/5AExN2/MEoR2HKpw7mDfuc/1Wj0UGSdXPzHl2JdU="; }; - vendorHash = "sha256-kwM5eNeAVtA6DaoFtBhxc7Jnfb7vVkdIGpUxVGjWwC8="; + vendorHash = "sha256-O6orQYrupJdJbx23TXCP0qWyvn6Hv2iDeRYvIgLp1NM="; proxyVendor = true; diff --git a/nixpkgs/pkgs/tools/security/sudo-rs/default.nix b/nixpkgs/pkgs/tools/security/sudo-rs/default.nix index a1e46c6ee708..f4ea401e7e10 100644 --- a/nixpkgs/pkgs/tools/security/sudo-rs/default.nix +++ b/nixpkgs/pkgs/tools/security/sudo-rs/default.nix @@ -70,7 +70,7 @@ rustPlatform.buildRustPackage rec { }; meta = with lib; { - description = "A memory safe implementation of sudo and su"; + description = "Memory safe implementation of sudo and su"; homepage = "https://github.com/memorysafety/sudo-rs"; changelog = "${meta.homepage}/blob/v${version}/CHANGELOG.md"; license = with licenses; [ asl20 mit ]; diff --git a/nixpkgs/pkgs/tools/security/sudo/default.nix b/nixpkgs/pkgs/tools/security/sudo/default.nix index 060dbb34f560..948297df707b 100644 --- a/nixpkgs/pkgs/tools/security/sudo/default.nix +++ b/nixpkgs/pkgs/tools/security/sudo/default.nix @@ -74,7 +74,7 @@ stdenv.mkDerivation (finalAttrs: { passthru.tests = { inherit (nixosTests) sudo; }; meta = with lib; { - description = "A command to run commands as root"; + description = "Command to run commands as root"; longDescription = '' Sudo (su "do") allows a system administrator to delegate @@ -86,7 +86,7 @@ stdenv.mkDerivation (finalAttrs: { # From https://www.sudo.ws/about/license/ license = with licenses; [ sudo bsd2 bsd3 zlib ]; maintainers = with maintainers; [ ]; - platforms = platforms.linux; + platforms = platforms.linux ++ platforms.freebsd; mainProgram = "sudo"; }; }) diff --git a/nixpkgs/pkgs/tools/security/tboot/default.nix b/nixpkgs/pkgs/tools/security/tboot/default.nix index 62f6b7823e83..e4b16cf9f290 100644 --- a/nixpkgs/pkgs/tools/security/tboot/default.nix +++ b/nixpkgs/pkgs/tools/security/tboot/default.nix @@ -25,7 +25,7 @@ stdenv.mkDerivation rec { installFlags = [ "DESTDIR=$(out)" ]; meta = with lib; { - description = "A pre-kernel/VMM module that uses Intel(R) TXT to perform a measured and verified launch of an OS kernel/VMM"; + description = "Pre-kernel/VMM module that uses Intel(R) TXT to perform a measured and verified launch of an OS kernel/VMM"; homepage = "https://sourceforge.net/projects/tboot/"; changelog = "https://sourceforge.net/p/tboot/code/ci/v${version}/tree/CHANGELOG"; license = licenses.bsd3; diff --git a/nixpkgs/pkgs/tools/security/tessen/default.nix b/nixpkgs/pkgs/tools/security/tessen/default.nix index 944695e831dc..961c86753d76 100644 --- a/nixpkgs/pkgs/tools/security/tessen/default.nix +++ b/nixpkgs/pkgs/tools/security/tessen/default.nix @@ -44,7 +44,7 @@ stdenvNoCC.mkDerivation rec { meta = with lib; { homepage = "https://sr.ht/~ayushnix/tessen"; - description = "An interactive menu to autotype and copy Pass and GoPass data"; + description = "Interactive menu to autotype and copy Pass and GoPass data"; license = licenses.gpl2Plus; platforms = platforms.linux; maintainers = with maintainers; [ monaaraj ]; diff --git a/nixpkgs/pkgs/tools/security/thc-hydra/default.nix b/nixpkgs/pkgs/tools/security/thc-hydra/default.nix index 7222cc81780e..6d366fd3e80b 100644 --- a/nixpkgs/pkgs/tools/security/thc-hydra/default.nix +++ b/nixpkgs/pkgs/tools/security/thc-hydra/default.nix @@ -41,7 +41,7 @@ stdenv.mkDerivation rec { ''; meta = with lib; { - description = "A very fast network logon cracker which support many different services"; + description = "Very fast network logon cracker which support many different services"; homepage = "https://github.com/vanhauser-thc/thc-hydra"; # https://www.thc.org/ changelog = "https://github.com/vanhauser-thc/thc-hydra/raw/v${version}/CHANGES"; license = licenses.agpl3Plus; diff --git a/nixpkgs/pkgs/tools/security/tor/default.nix b/nixpkgs/pkgs/tools/security/tor/default.nix index 2f33862fcffe..30eb8360fe39 100644 --- a/nixpkgs/pkgs/tools/security/tor/default.nix +++ b/nixpkgs/pkgs/tools/security/tor/default.nix @@ -30,11 +30,11 @@ let in stdenv.mkDerivation rec { pname = "tor"; - version = "0.4.8.11"; + version = "0.4.8.12"; src = fetchurl { url = "https://dist.torproject.org/${pname}-${version}.tar.gz"; - sha256 = "sha256-jyvfkOYzgHgSNap9YE4VlXDyg+zuZ0Zwhz2LtwUsjgc="; + sha256 = "sha256-ynzHNdmON0e1jy88wU+ATdeJ+g+zM6hNy2vXCtu4yHQ="; }; outputs = [ "out" "geoip" ]; diff --git a/nixpkgs/pkgs/tools/security/tpm-quote-tools/default.nix b/nixpkgs/pkgs/tools/security/tpm-quote-tools/default.nix index 938d0a6f2946..58ff7160924c 100644 --- a/nixpkgs/pkgs/tools/security/tpm-quote-tools/default.nix +++ b/nixpkgs/pkgs/tools/security/tpm-quote-tools/default.nix @@ -18,7 +18,7 @@ stdenv.mkDerivation rec { ''; meta = with lib; { - description = "A collection of programs that provide support for TPM based attestation using the TPM quote mechanism"; + description = "Collection of programs that provide support for TPM based attestation using the TPM quote mechanism"; longDescription = '' The TPM Quote Tools is a collection of programs that provide support for TPM based attestation using the TPM quote mechanism. The manual diff --git a/nixpkgs/pkgs/tools/security/tpm2-tools/default.nix b/nixpkgs/pkgs/tools/security/tpm2-tools/default.nix index 1cf4d4009138..2e78257a13e2 100644 --- a/nixpkgs/pkgs/tools/security/tpm2-tools/default.nix +++ b/nixpkgs/pkgs/tools/security/tpm2-tools/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, lib, fetchpatch +{ stdenv, fetchurl, lib , pandoc, pkg-config, makeWrapper, curl, openssl, tpm2-tss, libuuid , abrmdSupport ? true, tpm2-abrmd ? null }: diff --git a/nixpkgs/pkgs/tools/security/truecrack/default.nix b/nixpkgs/pkgs/tools/security/truecrack/default.nix index 1c0648f33bcb..06a0d7e4f6b2 100644 --- a/nixpkgs/pkgs/tools/security/truecrack/default.nix +++ b/nixpkgs/pkgs/tools/security/truecrack/default.nix @@ -40,7 +40,7 @@ gccStdenv.mkDerivation rec { enableParallelBuilding = true; meta = with lib; { - description = "A brute-force password cracker for TrueCrypt volumes, optimized for Nvidia Cuda technology"; + description = "Brute-force password cracker for TrueCrypt volumes, optimized for Nvidia Cuda technology"; mainProgram = "truecrack"; homepage = "https://gitlab.com/kalilinux/packages/truecrack"; broken = cudaSupport; diff --git a/nixpkgs/pkgs/tools/security/trufflehog/default.nix b/nixpkgs/pkgs/tools/security/trufflehog/default.nix index d0e9cb39a232..e94cfbd846ea 100644 --- a/nixpkgs/pkgs/tools/security/trufflehog/default.nix +++ b/nixpkgs/pkgs/tools/security/trufflehog/default.nix @@ -8,16 +8,16 @@ buildGoModule rec { pname = "trufflehog"; - version = "3.76.3"; + version = "3.78.1"; src = fetchFromGitHub { owner = "trufflesecurity"; repo = "trufflehog"; rev = "refs/tags/v${version}"; - hash = "sha256-Esw9O0OO6a4BwN/HA8WTDUX4xcwN6Jdu1io4DYko54A="; + hash = "sha256-Gek42O48RDkygeq+9oaV2f9UephOjxrevC6uQeAn24s="; }; - vendorHash = "sha256-vHHLHXfeRl9aEBqFidGCkBLs/ifwOysbUSYbQaTKcPU="; + vendorHash = "sha256-KSIHJe83F2PBWBYe/aoWJrqzGvDwZhrrCvJ2GVBnmfo="; proxyVendor = true; diff --git a/nixpkgs/pkgs/tools/security/uncover/default.nix b/nixpkgs/pkgs/tools/security/uncover/default.nix index f0ee8aa23757..7bb56ce21451 100644 --- a/nixpkgs/pkgs/tools/security/uncover/default.nix +++ b/nixpkgs/pkgs/tools/security/uncover/default.nix @@ -5,16 +5,16 @@ buildGoModule rec { pname = "uncover"; - version = "1.0.7"; + version = "1.0.8"; src = fetchFromGitHub { owner = "projectdiscovery"; repo = pname; rev = "refs/tags/v${version}"; - hash = "sha256-CJA+rDLubghaQT+yb0zQY3y8hF0/5ISH9YFvIQHwH2Y="; + hash = "sha256-iBZwR4hEd1pmmq4WzY/kfwHmpFj/MG+xGitbIQI8K5I="; }; - vendorHash = "sha256-A7XPsl27Q5CaQXQUEvNB05B2M3mFGz/yZ4sOnOHxhw8="; + vendorHash = "sha256-cf9Itdz1hR74TVoFOsOdUcrvEuT57RZn2tgrEXU4c8E="; meta = with lib; { description = "API wrapper to search for exposed hosts"; diff --git a/nixpkgs/pkgs/tools/security/vals/default.nix b/nixpkgs/pkgs/tools/security/vals/default.nix index b7b1012ad277..ff7f8246ef06 100644 --- a/nixpkgs/pkgs/tools/security/vals/default.nix +++ b/nixpkgs/pkgs/tools/security/vals/default.nix @@ -2,16 +2,18 @@ buildGoModule rec { pname = "vals"; - version = "0.37.1"; + version = "0.37.2"; src = fetchFromGitHub { rev = "v${version}"; owner = "helmfile"; repo = pname; - sha256 = "sha256-POFxoGUbcasEvFdovZ1RER+yxLzg9owyKjWcr1zI+nc="; + sha256 = "sha256-L0T0Lu5UP/KG2jdJfw5lM6/FagZUpMLGNWyf4tktzmQ="; }; - vendorHash = "sha256-Yzab4Y6ETOZM5zL/5fQSzqNFi51YOgDjsL53efW1vvk="; + vendorHash = "sha256-7ethl7BL6JBzIbyvpUE2TdvvPWs/CUvJQhjH2P5UCTY="; + + proxyVendor = true; ldflags = [ "-s" diff --git a/nixpkgs/pkgs/tools/security/vault-medusa/default.nix b/nixpkgs/pkgs/tools/security/vault-medusa/default.nix index cd7cf537de58..2995d4b9cd0b 100644 --- a/nixpkgs/pkgs/tools/security/vault-medusa/default.nix +++ b/nixpkgs/pkgs/tools/security/vault-medusa/default.nix @@ -2,19 +2,19 @@ buildGoModule rec { pname = "vault-medusa"; - version = "0.7.0"; + version = "0.7.2"; src = fetchFromGitHub { owner = "jonasvinther"; repo = "medusa"; rev = "v${version}"; - sha256 = "sha256-8lbaXcu+o+grbFPJxZ6p/LezxDFCUvOQyX49zX4V/v0="; + sha256 = "sha256-c5ldU54SQQKnKp2xxUiHVOaCRV9ttC24sN8AUMMuWzQ="; }; - vendorHash = "sha256-/8wusZt0BQ//HCokjiSpsgsGb19FggrGrEuhCrwm9L0="; + vendorHash = "sha256-GdQiPeU5SWZlqWkyk8gU9yVTUQxJlurhY3l1xZXKeJY="; meta = with lib; { - description = "A cli tool for importing and exporting Hashicorp Vault secrets"; + description = "Cli tool for importing and exporting Hashicorp Vault secrets"; mainProgram = "medusa"; homepage = "https://github.com/jonasvinther/medusa"; license = licenses.mit; diff --git a/nixpkgs/pkgs/tools/security/vault-ssh-plus/default.nix b/nixpkgs/pkgs/tools/security/vault-ssh-plus/default.nix index 80cfa8674cb2..a3a92f7c6a4c 100644 --- a/nixpkgs/pkgs/tools/security/vault-ssh-plus/default.nix +++ b/nixpkgs/pkgs/tools/security/vault-ssh-plus/default.nix @@ -8,16 +8,16 @@ }: buildGoModule rec { pname = "vault-ssh-plus"; - version = "0.7.3"; + version = "0.7.4"; src = fetchFromGitHub { owner = "isometry"; repo = pname; rev = "v${version}"; - hash = "sha256-IRmFC5WsLmHfPjS/jW5V7dNF5rNvmsh3YKwW7rGII24="; + hash = "sha256-djS50SBR8HTyEd5Ya2I9w5irBrLTqzekEi5ASmkl6yk="; }; - vendorHash = "sha256-cuU7rEpJrwrbiXLajdv4h6GePbpZclweyB9qZ3SIjP0="; + vendorHash = "sha256-NndIBvW1/EZJ2KwP6HZ6wvhrgtmhTe97l3VxprtWq30="; nativeBuildInputs = [ makeWrapper ]; diff --git a/nixpkgs/pkgs/tools/security/vault/default.nix b/nixpkgs/pkgs/tools/security/vault/default.nix index 5f24a8a6f6b2..6efce59221d8 100644 --- a/nixpkgs/pkgs/tools/security/vault/default.nix +++ b/nixpkgs/pkgs/tools/security/vault/default.nix @@ -6,16 +6,16 @@ buildGoModule rec { pname = "vault"; - version = "1.16.2"; + version = "1.17.0"; src = fetchFromGitHub { owner = "hashicorp"; repo = "vault"; rev = "v${version}"; - hash = "sha256-OFYUM6NFNwpx356y+G1yAOOgpinK8qOkLBtUMFPFXK8="; + hash = "sha256-jnX3sJJIe62y5p5w7xs5IQ5xE/9aWzM02H2x/p7E9gc="; }; - vendorHash = "sha256-pWteRqBGKHcqjN3wSxWuoy0YK7w2Zaz2BsiveG7UkVE="; + vendorHash = "sha256-r2tDPAPM8wPWRaArsjf5YcERyy3pwmIM4Wx2HSUdFEg="; proxyVendor = true; @@ -44,7 +44,7 @@ buildGoModule rec { meta = with lib; { homepage = "https://www.vaultproject.io/"; - description = "A tool for managing secrets"; + description = "Tool for managing secrets"; changelog = "https://github.com/hashicorp/vault/blob/v${version}/CHANGELOG.md"; license = licenses.bsl11; mainProgram = "vault"; diff --git a/nixpkgs/pkgs/tools/security/vault/vault-bin.nix b/nixpkgs/pkgs/tools/security/vault/vault-bin.nix index c1dd64d604b4..dbdd8d49f76b 100644 --- a/nixpkgs/pkgs/tools/security/vault/vault-bin.nix +++ b/nixpkgs/pkgs/tools/security/vault/vault-bin.nix @@ -52,7 +52,7 @@ stdenv.mkDerivation rec { passthru.updateScript = ./update-bin.sh; meta = with lib; { - description = "A tool for managing secrets, this binary includes the UI"; + description = "Tool for managing secrets, this binary includes the UI"; homepage = "https://www.vaultproject.io"; sourceProvenance = with sourceTypes; [ binaryNativeCode ]; license = licenses.bsl11; diff --git a/nixpkgs/pkgs/tools/security/vaultwarden/webvault.nix b/nixpkgs/pkgs/tools/security/vaultwarden/webvault.nix index 041b7ae3154a..1b07086846da 100644 --- a/nixpkgs/pkgs/tools/security/vaultwarden/webvault.nix +++ b/nixpkgs/pkgs/tools/security/vaultwarden/webvault.nix @@ -8,13 +8,13 @@ }: let - version = "2024.3.1"; + version = "2024.5.0"; bw_web_builds = fetchFromGitHub { owner = "dani-garcia"; repo = "bw_web_builds"; rev = "v${version}"; - hash = "sha256-oi0H8TIQwtpzxKoQGnKaOY0bcWu7avTtrY+NgNRiq8k="; + hash = "sha256-di0oOM3ju3rkDVGmKpvS6sCaIXL/QGawr0TUrQjZ8dM="; }; in buildNpmPackage rec { @@ -25,10 +25,10 @@ in buildNpmPackage rec { owner = "bitwarden"; repo = "clients"; rev = "web-v${lib.removeSuffix "b" version}"; - hash = "sha256-JBEP4dNGL4rYKl2qNyhB2y/wZunikaGFltGVXLxgMWI="; + hash = "sha256-kQ2tWfkkG5aifA8UGb5X1wQkGZr6dcVlrb+b78RFX/k="; }; - npmDepsHash = "sha256-vNudSHIMmF7oXGz+ZymQahyHebs/CBDc6Oy1g0A5nqA="; + npmDepsHash = "sha256-gprJGOE/uSSM3NHpcbelB7sueObEl4o522WRHIRFmwo="; postPatch = '' ln -s ${bw_web_builds}/{patches,resources} .. diff --git a/nixpkgs/pkgs/tools/security/vexctl/default.nix b/nixpkgs/pkgs/tools/security/vexctl/default.nix index 1bb56dbb0547..13086faf73d4 100644 --- a/nixpkgs/pkgs/tools/security/vexctl/default.nix +++ b/nixpkgs/pkgs/tools/security/vexctl/default.nix @@ -62,7 +62,7 @@ buildGoModule rec { meta = with lib; { homepage = "https://github.com/chainguard-dev/vex/"; - description = "A tool to attest VEX impact statements"; + description = "Tool to attest VEX impact statements"; mainProgram = "vexctl"; license = licenses.asl20; maintainers = with maintainers; [ jk ]; diff --git a/nixpkgs/pkgs/tools/security/volatility3/default.nix b/nixpkgs/pkgs/tools/security/volatility3/default.nix index 7f6307687323..ffc0a0c93280 100644 --- a/nixpkgs/pkgs/tools/security/volatility3/default.nix +++ b/nixpkgs/pkgs/tools/security/volatility3/default.nix @@ -5,21 +5,21 @@ python3.pkgs.buildPythonApplication rec { pname = "volatility3"; - version = "2.5.2"; + version = "2.7.0"; pyproject = true; src = fetchFromGitHub { owner = "volatilityfoundation"; repo = "volatility3"; rev = "refs/tags/v${version}"; - hash = "sha256-tghwDDfy8TohqTn9WQvmEal3qK0OKKq7GvGnPGTble0="; + hash = "sha256-elTUAvSe91TqpsTXg08SPKaVr6iM7FKcBaVNunv+HfU="; }; - nativeBuildInputs = with python3.pkgs; [ + build-system = with python3.pkgs; [ setuptools ]; - propagatedBuildInputs = with python3.pkgs; [ + dependencies = with python3.pkgs; [ capstone jsonschema pefile diff --git a/nixpkgs/pkgs/tools/security/wapiti/default.nix b/nixpkgs/pkgs/tools/security/wapiti/default.nix index 13a7e55cc3ec..1ddfbb703b96 100644 --- a/nixpkgs/pkgs/tools/security/wapiti/default.nix +++ b/nixpkgs/pkgs/tools/security/wapiti/default.nix @@ -1,57 +1,59 @@ -{ lib -, fetchFromGitHub -, python3 +{ + lib, + fetchFromGitHub, + python3, }: python3.pkgs.buildPythonApplication rec { pname = "wapiti"; version = "3.1.8"; - format = "pyproject"; + pyproject = true; src = fetchFromGitHub { owner = "wapiti-scanner"; - repo = pname; + repo = "wapiti"; rev = "refs/tags/${version}"; hash = "sha256-2ssbczUa4pTA5Fai+sK1hES8skJMIHxa/R2hNIiEVLs="; }; postPatch = '' - # Ignore pinned versions - sed -i -e "s/==[0-9.]*//;s/>=[0-9.]*//" pyproject.toml - # Remove code coverage checking substituteInPlace pyproject.toml \ --replace "--cov --cov-report=xml" "" ''; - nativeBuildInputs = with python3.pkgs; [ - setuptools - wheel - ]; + pythonRelaxDeps = true; + + build-system = with python3.pkgs; [ setuptools ]; - propagatedBuildInputs = with python3.pkgs; [ - aiocache - aiohttp - aiosqlite - arsenic - beautifulsoup4 - browser-cookie3 - dnspython - h11 - httpcore - httpx - httpx-ntlm - loguru - mako - markupsafe - mitmproxy - pyasn1 - six - sqlalchemy - tld - yaswfp - ] ++ httpx.optional-dependencies.brotli - ++ httpx.optional-dependencies.socks; + nativeBuildInputs = with python3.pkgs; [ pythonRelaxDepsHook ]; + + dependencies = + with python3.pkgs; + [ + aiocache + aiohttp + aiosqlite + arsenic + beautifulsoup4 + browser-cookie3 + dnspython + h11 + httpcore + httpx + httpx-ntlm + loguru + mako + markupsafe + mitmproxy + pyasn1 + six + sqlalchemy + tld + yaswfp + ] + ++ httpx.optional-dependencies.brotli + ++ httpx.optional-dependencies.socks; __darwinAllowLocalNetworking = true; @@ -138,9 +140,7 @@ python3.pkgs.buildPythonApplication rec { "tests/attack/test_mod_ssl.py" ]; - pythonImportsCheck = [ - "wapitiCore" - ]; + pythonImportsCheck = [ "wapitiCore" ]; meta = with lib; { description = "Web application vulnerability scanner"; @@ -154,7 +154,7 @@ python3.pkgs.buildPythonApplication rec { ''; homepage = "https://wapiti-scanner.github.io/"; changelog = "https://github.com/wapiti-scanner/wapiti/blob/${version}/doc/ChangeLog_Wapiti"; - license = with licenses; [ gpl2Only ]; + license = licenses.gpl2Only; maintainers = with maintainers; [ fab ]; }; } diff --git a/nixpkgs/pkgs/tools/security/witness/default.nix b/nixpkgs/pkgs/tools/security/witness/default.nix index 2aa26b7e6080..75cdc9e1ce61 100644 --- a/nixpkgs/pkgs/tools/security/witness/default.nix +++ b/nixpkgs/pkgs/tools/security/witness/default.nix @@ -10,15 +10,15 @@ buildGoModule rec { pname = "witness"; - version = "0.4.0"; + version = "0.5.2"; src = fetchFromGitHub { owner = "in-toto"; repo = "witness"; rev = "v${version}"; - sha256 = "sha256-QnZZVQZMkh9GH6io19mlE3gHaiX73TgH7ibFT1H5DB4="; + sha256 = "sha256-3up10DdW0nMPAghEVlnOrFUbjQd1AuNmraBDjBPdjm8="; }; - vendorHash = "sha256-5q405OP8VPChhxiH2tjh2H+ailQRjGmLZvul7CubjJo="; + vendorHash = "sha256-sYWcmQloeZlwuUz0SkucpVGOqkoOpgnsHDsuWyWTBPQ="; nativeBuildInputs = [ installShellFiles ]; @@ -52,7 +52,7 @@ buildGoModule rec { }; meta = with lib; { - description = "A pluggable framework for software supply chain security. Witness prevents tampering of build materials and verifies the integrity of the build process from source to target"; + description = "Pluggable framework for software supply chain security. Witness prevents tampering of build materials and verifies the integrity of the build process from source to target"; longDescription = '' Witness prevents tampering of build materials and verifies the integrity of the build process from source to target. It works by wrapping commands diff --git a/nixpkgs/pkgs/tools/security/xcrawl3r/default.nix b/nixpkgs/pkgs/tools/security/xcrawl3r/default.nix index b714d555bafb..c12439f49d67 100644 --- a/nixpkgs/pkgs/tools/security/xcrawl3r/default.nix +++ b/nixpkgs/pkgs/tools/security/xcrawl3r/default.nix @@ -22,7 +22,7 @@ buildGoModule rec { ]; meta = with lib; { - description = "A CLI utility to recursively crawl webpages"; + description = "CLI utility to recursively crawl webpages"; homepage = "https://github.com/hueristiq/xcrawl3r"; changelog = "https://github.com/hueristiq/xcrawl3r/releases/tag/${version}"; license = licenses.mit; diff --git a/nixpkgs/pkgs/tools/security/yarGen/default.nix b/nixpkgs/pkgs/tools/security/yarGen/default.nix index 12b2567f340e..d1bc8a864721 100644 --- a/nixpkgs/pkgs/tools/security/yarGen/default.nix +++ b/nixpkgs/pkgs/tools/security/yarGen/default.nix @@ -50,7 +50,7 @@ python3.pkgs.buildPythonApplication rec { ]; meta = with lib; { - description = "A generator for YARA rules"; + description = "Generator for YARA rules"; mainProgram = "yarGen.py"; homepage = "https://github.com/Neo23x0/yarGen"; license = licenses.bsd3; diff --git a/nixpkgs/pkgs/tools/security/yara/default.nix b/nixpkgs/pkgs/tools/security/yara/default.nix index 26eea76f016b..44b1544ab935 100644 --- a/nixpkgs/pkgs/tools/security/yara/default.nix +++ b/nixpkgs/pkgs/tools/security/yara/default.nix @@ -1,17 +1,22 @@ -{ lib, stdenv -, fetchFromGitHub -, fetchpatch -, autoreconfHook -, pcre -, pkg-config -, protobufc -, withCrypto ? true, openssl -, enableCuckoo ? true, jansson -, enableDex ? true -, enableDotNet ? true -, enableMacho ? true -, enableMagic ? true, file -, enableStatic ? false +{ + lib, + stdenv, + fetchFromGitHub, + fetchpatch, + autoreconfHook, + pcre, + pkg-config, + protobufc, + withCrypto ? true, + openssl, + enableCuckoo ? true, + jansson, + enableDex ? true, + enableDotNet ? true, + enableMacho ? true, + enableMagic ? true, + file, + enableStatic ? false, }: stdenv.mkDerivation rec { @@ -20,8 +25,8 @@ stdenv.mkDerivation rec { src = fetchFromGitHub { owner = "VirusTotal"; - repo = pname; - rev = "v${version}"; + repo = "yara"; + rev = "refs/tags/v${version}"; hash = "sha256-AecHsUBtBleUkWuYMQ4Tx/PY8cs9j7JwqncBziJD0hA="; }; @@ -38,16 +43,14 @@ stdenv.mkDerivation rec { pkg-config ]; - buildInputs = [ - pcre - protobufc - ] ++ lib.optionals withCrypto [ - openssl - ] ++ lib.optionals enableMagic [ - file - ] ++ lib.optionals enableCuckoo [ - jansson - ]; + buildInputs = + [ + pcre + protobufc + ] + ++ lib.optionals withCrypto [ openssl ] + ++ lib.optionals enableMagic [ file ] + ++ lib.optionals enableCuckoo [ jansson ]; preConfigure = "./bootstrap.sh"; @@ -64,10 +67,12 @@ stdenv.mkDerivation rec { doCheck = enableStatic; meta = with lib; { - description = "The pattern matching swiss knife for malware researchers"; + description = "Tool to perform pattern matching for malware-related tasks"; homepage = "http://Virustotal.github.io/yara/"; + changelog = "https://github.com/VirusTotal/yara/releases/tag/v${version}"; license = licenses.asl20; maintainers = with maintainers; [ fab ]; + mainProgram = "yara"; platforms = platforms.all; }; } diff --git a/nixpkgs/pkgs/tools/security/yaralyzer/default.nix b/nixpkgs/pkgs/tools/security/yaralyzer/default.nix index ddfc828741e5..47b5576e7bec 100644 --- a/nixpkgs/pkgs/tools/security/yaralyzer/default.nix +++ b/nixpkgs/pkgs/tools/security/yaralyzer/default.nix @@ -3,31 +3,16 @@ , fetchFromGitHub }: -let - python = python3.override { - packageOverrides = self: super: { - yara-python = super.yara-python.overridePythonAttrs (oldAttrs: rec { - version = "4.2.3"; - src = fetchFromGitHub { - owner = "VirusTotal"; - repo = "yara-python"; - rev = "v${version}"; - hash = "sha256-spUQuezQMqaG1hboM0/Gs7siCM6x0b40O+sV7qGGBng="; - }; - }); - }; - }; -in -python.pkgs.buildPythonApplication rec { +python3.pkgs.buildPythonApplication rec { pname = "yaralyzer"; - version = "0.9.3"; + version = "0.9.4"; pyproject = true; src = fetchFromGitHub { owner = "michelcrypt4d4mus"; repo = "yaralyzer"; rev = "refs/tags/v${version}"; - hash = "sha256-KGQNonzAZp8c0a3Rjb1WfsEkx5srgRzZfGR3gfNEdzY="; + hash = "sha256-rDb09XJOGWNARR0hhQQ91KXWepsLyR2a6/o3jagh6nA="; }; pythonRelaxDeps = [ @@ -35,12 +20,12 @@ python.pkgs.buildPythonApplication rec { "rich" ]; - nativeBuildInputs = with python.pkgs; [ + build-system = with python3.pkgs; [ poetry-core pythonRelaxDepsHook ]; - propagatedBuildInputs = with python.pkgs; [ + dependencies = with python3.pkgs; [ chardet python-dotenv rich @@ -52,12 +37,12 @@ python.pkgs.buildPythonApplication rec { "yaralyzer" ]; - meta = with lib; { + meta = { description = "Tool to visually inspect and force decode YARA and regex matches"; homepage = "https://github.com/michelcrypt4d4mus/yaralyzer"; - changelog = "https://github.com/michelcrypt4d4mus/yaralyzer/blob/${version}/CHANGELOG.md"; - license = licenses.gpl3Only; - maintainers = with maintainers; [ fab ]; + changelog = "https://github.com/michelcrypt4d4mus/yaralyzer/blob/v${version}/CHANGELOG.md"; + license = lib.licenses.gpl3Plus; + maintainers = with lib.maintainers; [ fab ]; mainProgram = "yaralyze"; }; } diff --git a/nixpkgs/pkgs/tools/security/yersinia/default.nix b/nixpkgs/pkgs/tools/security/yersinia/default.nix index ae2ca9babff2..cc17452a9692 100644 --- a/nixpkgs/pkgs/tools/security/yersinia/default.nix +++ b/nixpkgs/pkgs/tools/security/yersinia/default.nix @@ -1,4 +1,4 @@ -{ stdenv, lib, fetchFromGitHub, autoreconfHook, pkg-config, fetchpatch +{ stdenv, lib, fetchFromGitHub, autoreconfHook, pkg-config , ncurses, libpcap, libnet # alpha version of GTK interface , withGtk ? false, gtk2 @@ -33,7 +33,7 @@ stdenv.mkDerivation rec { makeFlags = [ "LDFLAGS=-lncurses" ]; meta = with lib; { - description = "A framework for layer 2 attacks"; + description = "Framework for layer 2 attacks"; mainProgram = "yersinia"; homepage = "https://github.com/tomac/yersinia"; license = licenses.gpl2Plus; diff --git a/nixpkgs/pkgs/tools/security/yubikey-agent/default.nix b/nixpkgs/pkgs/tools/security/yubikey-agent/default.nix index 24cd2d764267..f43e83e575e7 100644 --- a/nixpkgs/pkgs/tools/security/yubikey-agent/default.nix +++ b/nixpkgs/pkgs/tools/security/yubikey-agent/default.nix @@ -36,7 +36,7 @@ buildGoModule rec { ''; meta = with lib; { - description = "A seamless ssh-agent for YubiKeys"; + description = "Seamless ssh-agent for YubiKeys"; mainProgram = "yubikey-agent"; license = licenses.bsd3; homepage = "https://filippo.io/yubikey-agent"; diff --git a/nixpkgs/pkgs/tools/security/yubikey-touch-detector/default.nix b/nixpkgs/pkgs/tools/security/yubikey-touch-detector/default.nix index 36822b6728e6..1cb16d1ca712 100644 --- a/nixpkgs/pkgs/tools/security/yubikey-touch-detector/default.nix +++ b/nixpkgs/pkgs/tools/security/yubikey-touch-detector/default.nix @@ -1,4 +1,4 @@ -{ lib, libnotify, gpgme, buildGoModule, fetchFromGitHub, fetchurl, pkg-config }: +{ lib, libnotify, gpgme, buildGoModule, fetchFromGitHub, pkg-config }: buildGoModule rec { pname = "yubikey-touch-detector"; @@ -30,7 +30,7 @@ buildGoModule rec { ''; meta = with lib; { - description = "A tool to detect when your YubiKey is waiting for a touch"; + description = "Tool to detect when your YubiKey is waiting for a touch"; homepage = "https://github.com/maximbaz/yubikey-touch-detector"; maintainers = with maintainers; [ sumnerevans ]; license = with licenses; [ bsd2 isc ]; diff --git a/nixpkgs/pkgs/tools/security/zeekscript/default.nix b/nixpkgs/pkgs/tools/security/zeekscript/default.nix index eb7d097c5d74..7c652476e79a 100644 --- a/nixpkgs/pkgs/tools/security/zeekscript/default.nix +++ b/nixpkgs/pkgs/tools/security/zeekscript/default.nix @@ -31,7 +31,7 @@ python3.pkgs.buildPythonApplication rec { ]; meta = with lib; { - description = "A Zeek script formatter and analyzer"; + description = "Zeek script formatter and analyzer"; homepage = "https://github.com/zeek/zeekscript"; changelog = "https://github.com/zeek/zeekscript/blob/v${version}/CHANGES"; license = licenses.bsd3; diff --git a/nixpkgs/pkgs/tools/security/zmap/default.nix b/nixpkgs/pkgs/tools/security/zmap/default.nix index de1bc354cf62..16e58028f3e1 100644 --- a/nixpkgs/pkgs/tools/security/zmap/default.nix +++ b/nixpkgs/pkgs/tools/security/zmap/default.nix @@ -1,22 +1,22 @@ { lib, stdenv, fetchFromGitHub, cmake, pkg-config, libjson, json_c, gengetopt, flex, byacc, gmp -, libpcap, libunistring +, libpcap, libunistring, judy }: stdenv.mkDerivation rec { pname = "zmap"; - version = "3.0.0"; + version = "4.1.1"; src = fetchFromGitHub { owner = "zmap"; repo = pname; rev = "v${version}"; - sha256 = "sha256-OJZKcnsuBi3z/AI05RMBitgn01bhVTqx2jFYJLuIJk4="; + sha256 = "sha256-ftdjIBAAe+3qUEHoNMAOCmzy+PWD4neIMWvFXFi2JFo="; }; cmakeFlags = [ "-DRESPECT_INSTALL_PREFIX_CONFIG=ON" ]; nativeBuildInputs = [ cmake pkg-config gengetopt flex byacc ]; - buildInputs = [ libjson json_c gmp libpcap libunistring ]; + buildInputs = [ libjson json_c gmp libpcap libunistring judy ]; outputs = [ "out" "man" ]; |