From ca827ed60af88293382bd09bbc0e13f994311fe7 Mon Sep 17 00:00:00 2001 From: Fabian Affolter Date: Thu, 13 Feb 2025 23:58:11 +0100 Subject: [PATCH 1/2] checkov: migrate to pkgs/by-name --- .../analysis => by-name/ch}/checkov/flake8-compat-5.x.patch | 0 .../checkov/default.nix => by-name/ch/checkov/package.nix} | 6 ++---- pkgs/top-level/all-packages.nix | 2 -- 3 files changed, 2 insertions(+), 6 deletions(-) rename pkgs/{development/tools/analysis => by-name/ch}/checkov/flake8-compat-5.x.patch (100%) rename pkgs/{development/tools/analysis/checkov/default.nix => by-name/ch/checkov/package.nix} (96%) diff --git a/pkgs/development/tools/analysis/checkov/flake8-compat-5.x.patch b/pkgs/by-name/ch/checkov/flake8-compat-5.x.patch similarity index 100% rename from pkgs/development/tools/analysis/checkov/flake8-compat-5.x.patch rename to pkgs/by-name/ch/checkov/flake8-compat-5.x.patch diff --git a/pkgs/development/tools/analysis/checkov/default.nix b/pkgs/by-name/ch/checkov/package.nix similarity index 96% rename from pkgs/development/tools/analysis/checkov/default.nix rename to pkgs/by-name/ch/checkov/package.nix index f25ce7248c60..07da280fe860 100644 --- a/pkgs/development/tools/analysis/checkov/default.nix +++ b/pkgs/by-name/ch/checkov/package.nix @@ -6,18 +6,16 @@ python3.pkgs.buildPythonApplication rec { pname = "checkov"; - version = "3.2.364"; + version = "3.2.370"; pyproject = true; src = fetchFromGitHub { owner = "bridgecrewio"; repo = "checkov"; tag = version; - hash = "sha256-ZmvIICAnC9RDizKl06aOD1LNEAo8WG7E1ZZB3Rero+c="; + hash = "sha256-IaE2Mg8Fk1Xb3ujPRHTY1N4ev75qM8Kj5o7IPtKuNsk="; }; - patches = [ ./flake8-compat-5.x.patch ]; - pythonRelaxDeps = [ "bc-detect-secrets" "bc-python-hcl2" diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index d1fad5c7dcd1..fb3618d837a1 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -287,8 +287,6 @@ with pkgs; chef-cli = callPackage ../tools/misc/chef-cli { }; - checkov = callPackage ../development/tools/analysis/checkov { }; - clang-uml = callPackage ../by-name/cl/clang-uml/package.nix { stdenv = clangStdenv; }; From 3834b653fe0301c39147a577f0f44574891e267c Mon Sep 17 00:00:00 2001 From: Fabian Affolter Date: Fri, 14 Feb 2025 00:22:06 +0100 Subject: [PATCH 2/2] checkov: 3.2.364 -> 3.2.370 Diff: https://github.com/bridgecrewio/checkov/compare/refs/tags/3.2.364...3.2.370 Changelog: https://github.com/bridgecrewio/checkov/releases/tag/3.2.370 --- pkgs/by-name/ch/checkov/package.nix | 25 ++++++++++++++++++++++--- pkgs/by-name/pi/pip-audit/package.nix | 2 +- 2 files changed, 23 insertions(+), 4 deletions(-) diff --git a/pkgs/by-name/ch/checkov/package.nix b/pkgs/by-name/ch/checkov/package.nix index 07da280fe860..905fd2bfa585 100644 --- a/pkgs/by-name/ch/checkov/package.nix +++ b/pkgs/by-name/ch/checkov/package.nix @@ -4,6 +4,25 @@ python3, }: +let + py = python3.override { + packageOverrides = self: super: { + + # Requires 'cyclonedx-python-lib = ">=6.0.0,<8.0.0"' + cyclonedx-python-lib = super.cyclonedx-python-lib.overridePythonAttrs (oldAttrs: rec { + version = "7.6.2"; + src = fetchFromGitHub { + owner = "CycloneDX"; + repo = "cyclonedx-python-lib"; + tag = "v${version}"; + hash = "sha256-nklizCiu7Nmynjd5WU5oX/v2TWy9xFVF4GkmCwFKZLI="; + }; + }); + }; + }; +in +with py.pkgs; + python3.pkgs.buildPythonApplication rec { pname = "checkov"; version = "3.2.370"; @@ -43,9 +62,9 @@ python3.pkgs.buildPythonApplication rec { "pycep-parser" ]; - build-system = with python3.pkgs; [ setuptools-scm ]; + build-system = with py.pkgs; [ setuptools-scm ]; - dependencies = with python3.pkgs; [ + dependencies = with py.pkgs; [ aiodns aiohttp aiomultiprocess @@ -88,7 +107,7 @@ python3.pkgs.buildPythonApplication rec { update-checker ]; - nativeCheckInputs = with python3.pkgs; [ + nativeCheckInputs = with py.pkgs; [ aioresponses distutils mock diff --git a/pkgs/by-name/pi/pip-audit/package.nix b/pkgs/by-name/pi/pip-audit/package.nix index 0e55d55e9142..6522775d1e4e 100644 --- a/pkgs/by-name/pi/pip-audit/package.nix +++ b/pkgs/by-name/pi/pip-audit/package.nix @@ -7,7 +7,7 @@ python3.pkgs.buildPythonApplication rec { pname = "pip-audit"; version = "2.7.3"; - format = "pyproject"; + pyproject = true; src = fetchFromGitHub { owner = "trailofbits";