nixpkgs/pkgs/tools/security/bundler-audit/default.nix


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29

{ bundlerEnv, ruby, lib, bundlerUpdateScript }:

bundlerEnv rec {
  name = "${pname}-${version}";
  pname = "bundler-audit";
  version = (import ./gemset.nix).bundler-audit.version;

  inherit ruby;
  gemdir = ./.;

  passthru.updateScript = bundlerUpdateScript "bundler-audit";

  meta = with lib; {
    description = "Patch-level verification for Bundler";
    longDescription = ''
      Features:
      - Checks for vulnerable versions of gems in Gemfile.lock.
      - Checks for insecure gem sources (http://).
      - Allows ignoring certain advisories that have been manually worked around.
      - Prints advisory information.
      - Does not require a network connection.
    '';
    homepage    = "https://github.com/rubysec/bundler-audit";
    changelog   = "https://github.com/rubysec/bundler-audit/blob/v${version}/ChangeLog.md";
    license     = licenses.gpl3Plus;
    maintainers = with maintainers; [ primeos nicknovitski ];
    platforms   = platforms.unix;
  };
}