{ fetchurl, stdenv, flex }: stdenv.mkDerivation rec { name = "splint-3.1.2"; src = fetchurl { url = "http://www.splint.org/downloads/${name}.src.tgz"; sha256 = "02pv8kscsrkrzip9r08pfs9xs98q74c52mlxzbii6cv6vx1vd3f7"; }; patches = [ ./tmpdir.patch ] ++ stdenv.lib.optional stdenv.isDarwin ./darwin.patch; buildInputs = [ flex ]; doCheck = true; meta = with stdenv.lib; { homepage = "http://www.splint.org/"; description = "Annotation-assisted lightweight static analyzer for C"; longDescription = '' Splint is a tool for statically checking C programs for security vulnerabilities and coding mistakes. With minimal effort, Splint can be used as a better lint. If additional effort is invested adding annotations to programs, Splint can perform stronger checking than can be done by any standard lint. ''; license = licenses.gpl2Plus; platforms = platforms.unix; }; }