nixpkgs/pkgs/tools/security/trufflehog/default.nix

39 lines
1.1 KiB
Nix
Raw Normal View History

{ lib, pythonPackages }:
let
truffleHogRegexes = pythonPackages.buildPythonPackage rec {
pname = "truffleHogRegexes";
version = "0.0.4";
src = pythonPackages.fetchPypi {
inherit pname version;
sha256 = "09vrscbb4h4w01gmamlzghxx6cvrqdscylrbdcnbjsd05xl7zh4z";
};
};
in
pythonPackages.buildPythonApplication rec {
pname = "truffleHog";
version = "2.0.97";
src = pythonPackages.fetchPypi {
inherit pname version;
sha256 = "034kpv1p4m90286slvc6d4mlrzaf0b5jbd4qaj87hj65wbpcpg8r";
};
# Relax overly restricted version constraint
postPatch = ''
substituteInPlace setup.py --replace "GitPython ==" "GitPython >= "
'';
propagatedBuildInputs = [ pythonPackages.GitPython truffleHogRegexes ];
# Test cases run git clone and require network access
doCheck = false;
meta = {
homepage = "https://github.com/dxa4481/truffleHog";
description = "Searches through git repositories for high entropy strings and secrets, digging deep into commit history";
license = with lib.licenses; [ gpl2 ];
maintainers = with lib.maintainers; [ bhipple ];
};
}