nixpkgs/pkgs/tools/security/grype/default.nix

{ lib
, buildGoModule
, docker
, fetchFromGitHub
}:

buildGoModule rec {
  pname = "grype";
  version = "0.15.0";

  src = fetchFromGitHub {
    owner = "anchore";
    repo = pname;
    rev = "v${version}";
    sha256 = "sha256-xiUDyuVNVkVT+kxOEFOq4RKxMc5nNjsom/ZTKzfkOhU=";
  };

  vendorSha256 = "sha256-mW3e4WFa9pKSpyTZYmPA2j8nZz+94G2PqdqI0BDo3wc=";

  propagatedBuildInputs = [ docker ];

  preBuild = ''
    buildFlagsArray+=("-ldflags" "-s -w -X github.com/anchore/grype/internal/version.version=${version}")
  '';

  # Tests require a running Docker instance
  doCheck = false;

  meta = with lib; {
    description = "Vulnerability scanner for container images and filesystems";
    longDescription = ''
      As a vulnerability scanner is grype abale to scan the contents of a container
      image or filesystem to find known vulnerabilities.
    '';
    homepage = "https://github.com/anchore/grype";
    license = with licenses; [ asl20 ];
    maintainers = with maintainers; [ fab ];
  };
}
grype: set version 2021-03-27 15:16:51 +01:00			`{ lib`
			`, buildGoModule`
grype: init at 0.6.1 2021-01-06 19:11:00 +01:00			`, docker`
			`, fetchFromGitHub`
			`}:`

			`buildGoModule rec {`
			`pname = "grype";`
grype: 0.14.0 -> 0.15.0 2021-07-20 07:12:24 +02:00			`version = "0.15.0";`
grype: init at 0.6.1 2021-01-06 19:11:00 +01:00
			`src = fetchFromGitHub {`
			`owner = "anchore";`
			`repo = pname;`
			`rev = "v${version}";`
grype: 0.14.0 -> 0.15.0 2021-07-20 07:12:24 +02:00			`sha256 = "sha256-xiUDyuVNVkVT+kxOEFOq4RKxMc5nNjsom/ZTKzfkOhU=";`
grype: init at 0.6.1 2021-01-06 19:11:00 +01:00			`};`

grype: 0.13.0 -> 0.14.0 2021-07-01 09:09:06 +02:00			`vendorSha256 = "sha256-mW3e4WFa9pKSpyTZYmPA2j8nZz+94G2PqdqI0BDo3wc=";`
grype: init at 0.6.1 2021-01-06 19:11:00 +01:00
			`propagatedBuildInputs = [ docker ];`

grype: set version 2021-03-27 15:16:51 +01:00			`preBuild = ''`
			`buildFlagsArray+=("-ldflags" "-s -w -X github.com/anchore/grype/internal/version.version=${version}")`
			`'';`

			`# Tests require a running Docker instance`
grype: init at 0.6.1 2021-01-06 19:11:00 +01:00			`doCheck = false;`

treewide: with stdenv.lib; in meta -> with lib; Part of: https://github.com/NixOS/nixpkgs/issues/108938 meta = with stdenv.lib; is a widely used pattern. We want to slowly remove the `stdenv.lib` indirection and encourage people to use `lib` directly. Thus let’s start with the meta field. This used a rewriting script to mostly automatically replace all occurances of this pattern, and add the `lib` argument to the package header if it doesn’t exist yet. The script in its current form is available at https://cs.tvl.fyi/depot@2f807d7f141068d2d60676a89213eaa5353ca6e0/-/blob/users/Profpatsch/nixpkgs-rewriter/default.nix 2021-01-11 08:54:33 +01:00			`meta = with lib; {`
grype: init at 0.6.1 2021-01-06 19:11:00 +01:00			`description = "Vulnerability scanner for container images and filesystems";`
			`longDescription = ''`
			`As a vulnerability scanner is grype abale to scan the contents of a container`
			`image or filesystem to find known vulnerabilities.`
			`'';`
			`homepage = "https://github.com/anchore/grype";`
			`license = with licenses; [ asl20 ];`
			`maintainers = with maintainers; [ fab ];`
			`};`
			`}`