nixpkgs/pkgs/development/tools/detect-secrets/default.nix
2018-12-27 05:23:32 -05:00

34 lines
1.1 KiB
Nix

{ lib, buildPythonApplication, fetchFromGitHub, isPy27, pyyaml, unidiff, configparser, enum34, future, functools32, mock, pytest }:
buildPythonApplication rec {
pname = "detect-secrets";
version = "0.11.0";
# PyPI tarball doesn't ship tests
src = fetchFromGitHub {
owner = "Yelp";
repo = "detect-secrets";
rev = "v${version}";
sha256 = "11r11q6d8aajqqnhhz4lsa93qf1x745331kl9jd3z4y4w91l4gdz";
};
propagatedBuildInputs = [ pyyaml unidiff ]
++ lib.optionals isPy27 [ configparser enum34 future functools32 ];
checkInputs = [ mock pytest ];
# deselect tests which require git setup
checkPhase = ''
PYTHONPATH=$PWD:$PYTHONPATH pytest \
--deselect tests/main_test.py::TestMain \
--deselect tests/pre_commit_hook_test.py::TestPreCommitHook \
--deselect tests/core/baseline_test.py::TestInitializeBaseline
'';
meta = with lib; {
description = "An enterprise friendly way of detecting and preventing secrets in code";
homepage = https://github.com/Yelp/detect-secrets;
license = licenses.asl20;
maintainers = [ maintainers.marsam ];
};
}