nixpkgs/pkgs/development/interpreters/wasm3/default.nix

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

47 lines
1.1 KiB
Nix
Raw Normal View History

2021-06-18 23:49:03 +02:00
{ lib, stdenv, cmake, fetchFromGitHub }:
stdenv.mkDerivation rec {
pname = "wasm3";
version = "0.5.0";
src = fetchFromGitHub {
owner = "wasm3";
repo = "wasm3";
rev = "v${version}";
sha256 = "07zzmk776j8ydyxhrnnjiscbhhmz182a62r6aix6kfk5kq2cwia2";
};
nativeBuildInputs = [ cmake ];
cmakeFlags = [
"-DBUILD_WASI=simple"
];
installPhase = ''
runHook preInstal
install -Dm755 wasm3 -t $out/bin
runHook postInstall
'';
meta = with lib; {
homepage = "https://github.com/wasm3/wasm3";
description = "The fastest WebAssembly interpreter, and the most universal runtime.";
platforms = platforms.all;
maintainers = with maintainers; [ malbarbo ];
license = licenses.mit;
2022-09-25 19:02:35 +02:00
knownVulnerabilities = [
# wasm3 expects all wasm code to be pre-validated, any users
# should be aware that running unvalidated wasm will potentially
# lead to RCE until upstream have added a builtin validator
"CVE-2022-39974"
"CVE-2022-34529"
"CVE-2022-28990"
"CVE-2022-28966"
"CVE-2021-45947"
"CVE-2021-45946"
"CVE-2021-45929"
"CVE-2021-38592"
];
2021-06-18 23:49:03 +02:00
};
}