blob: 8986cba7d880fde3202e550184953d3669ba1a21 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
|
{ lib, stdenvNoCC, fetchPypi, unzip }:
let
common = import ./common.nix { inherit lib; };
in
stdenvNoCC.mkDerivation rec {
pname = "semgrep-core";
inherit (common) version;
# fetch pre-built semgrep-core since the ocaml build is complex and relies on
# the opam package manager at some point
# pulling it out of the python wheel as r2c no longer release a built binary
# on github releases
src =
let
inherit (stdenvNoCC.hostPlatform) system;
data = common.core.${system} or (throw "Unsupported system: ${system}");
in
fetchPypi rec {
pname = "semgrep";
inherit version;
format = "wheel";
dist = python;
python = "cp38.cp39.cp310.cp311.py37.py38.py39.py310.py311";
inherit (data) platform hash;
};
nativeBuildInputs = [ unzip ];
# _tryUnzip from unzip's setup-hook doesn't recognise .whl
# "do not know how to unpack source archive"
# perform unpack by hand
unpackPhase = ''
runHook preUnpack
LANG=en_US.UTF-8 unzip -qq "$src"
runHook postUnpack
'';
dontConfigure = true;
dontBuild = true;
installPhase = ''
runHook preInstall
install -Dm 755 -t $out/bin semgrep-${version}.data/purelib/semgrep/bin/semgrep-core
runHook postInstall
'';
meta = common.meta // {
description = common.meta.description + " - core binary";
mainProgram = "semgrep-core";
sourceProvenance = with lib.sourceTypes; [ binaryNativeCode ];
platforms = lib.attrNames common.core;
};
}
|