diff --git a/pkgs/by-name/sc/scorecard/package.nix b/pkgs/by-name/sc/scorecard/package.nix index 7ed3d944d27e..e382f0aa6805 100644 --- a/pkgs/by-name/sc/scorecard/package.nix +++ b/pkgs/by-name/sc/scorecard/package.nix @@ -1,21 +1,23 @@ { lib, + stdenv, buildGoModule, fetchFromGitHub, installShellFiles, testers, scorecard, + gitMinimal, }: buildGoModule rec { pname = "scorecard"; - version = "5.0.0"; + version = "5.1.1"; src = fetchFromGitHub { owner = "ossf"; - repo = pname; - rev = "v${version}"; - hash = "sha256-9DuADuEIoZNwkvdKyqus2zNfIK31Jc3+bPW3/z8fvlc="; + repo = "scorecard"; + tag = "v${version}"; + hash = "sha256-6lJ+duP/gTC2xIIWbLL0hx2UYS/no4vd8pqTDR18G8Y="; # populate values otherwise taken care of by goreleaser, # unfortunately these require us to use git. By doing # this in postFetch we can delete .git afterwards and @@ -29,7 +31,11 @@ buildGoModule rec { find "$out" -name .git -print0 | xargs -0 rm -rf ''; }; - vendorHash = "sha256-apOVAlGjaYSrW4qtUdDNgqwWxnVlBLhrefWEUvN4lzE="; + vendorHash = + if stdenv.hostPlatform.isLinux then + "sha256-zWMmbC0lkjlIwrfq3ql0+ndn/4y/PW92TgTiUYfEn0M=" + else + "sha256-/AtW36Pl5W+WNVCKhC0WMwYS848MUvAaKdm+i8t88D8="; nativeBuildInputs = [ installShellFiles ]; @@ -48,6 +54,10 @@ buildGoModule rec { ldflags+=" -X sigs.k8s.io/release-utils/version.buildDate=$(cat SOURCE_DATE_EPOCH)" ''; + __darwinAllowLocalNetworking = true; + + nativeCheckInputs = [ gitMinimal ]; + preCheck = '' # Feed in all but the e2e tests for testing # This is because subPackages above limits what is built to just what we @@ -84,13 +94,13 @@ buildGoModule rec { version = "v${version}"; }; - meta = with lib; { + meta = { homepage = "https://github.com/ossf/scorecard"; changelog = "https://github.com/ossf/scorecard/releases/tag/v${version}"; description = "Security health metrics for Open Source"; mainProgram = "scorecard"; - license = licenses.asl20; - maintainers = with maintainers; [ + license = lib.licenses.asl20; + maintainers = with lib.maintainers; [ jk developer-guy ];