Merge pull request #280683 from fabaff/cyclonedx-python-bump

cyclonedx-python: 0.4.3 -> 3.11.7
This commit is contained in:
Fabian Affolter 2024-01-13 21:39:39 +01:00 committed by GitHub
commit 6c064b347e
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -1,37 +1,54 @@
{ lib
, python3
, fetchFromGitHub
, python3
}:
let
py = python3.override {
packageOverrides = self: super: {
# Requires 'cyclonedx-python-lib = ">= 2.0.0, < 4.0.0"'
cyclonedx-python-lib = super.cyclonedx-python-lib.overridePythonAttrs (oldAttrs: rec {
version = "3.1.5";
src = fetchFromGitHub {
owner = "CycloneDX";
repo = "cyclonedx-python-lib";
rev = "refs/tags/v${version}";
hash = "sha256-4lA8OdmvQD94jTeDf+Iz7ZyEQ9fZzCxnXQG9Ir8FKhk=";
};
});
};
};
in
with py.pkgs;
python3.pkgs.buildPythonApplication rec {
pname = "cyclonedx-python";
version = "0.4.3";
version = "3.11.7";
pyproject = true;
src = fetchFromGitHub {
owner = "CycloneDX";
repo = "cyclonedx-python";
rev = "v${version}";
sha256 = "BvG4aWBMsllW2L4lLsiRFUCPjgoDpHxN49fsUFdg7tQ=";
rev = "refs/tags/v${version}";
sha256 = "sha256-jU/0FkQCyph59TnEE+lckJXsU9whfvWp7dkdfzprYw8=";
};
# They pin versions for exact version numbers because "A bill-of-material such
# as CycloneDX expects exact version numbers" -- but that's unnecessary with
# Nix.
preBuild = ''
sed "s@==.*'@'@" -i setup.py
'';
propagatedBuildInputs = with python3.pkgs; [
packageurl-python
requests
xmlschema
setuptools
requirements-parser
packaging
chardet
jsonschema
nativeBuildInputs = with py.pkgs; [
poetry-core
pythonRelaxDepsHook
];
# the tests want access to the cyclonedx binary
propagatedBuildInputs = with py.pkgs; [
chardet
cyclonedx-python-lib
packageurl-python
pip-requirements-parser
setuptools
toml
];
# The tests want access to the cyclonedx binary
doCheck = false;
pythonImportsCheck = [
@ -41,8 +58,9 @@ python3.pkgs.buildPythonApplication rec {
meta = with lib; {
description = "Creates CycloneDX Software Bill of Materials (SBOM) from Python projects";
homepage = "https://github.com/CycloneDX/cyclonedx-python";
changelog = "https://github.com/CycloneDX/cyclonedx-python/releases/tag/v${version}";
license = licenses.asl20;
maintainers = [ ];
maintainers = with maintainers; [ ];
mainProgram = "cyclonedx-py";
};
}