pkgs/development/python-modules/certvalidator/default.nix

   1 { lib, buildPythonPackage, fetchFromGitHub
   2 , asn1crypto, oscrypto
   3 , cacert
   4 }:
   5
   6 buildPythonPackage rec {
   7   pname = "certvalidator";
   8   version = "0.11.1";
   9
  10   src = fetchFromGitHub {
  11     owner = "wbond";
  12     repo = pname;
  13     rev = version;
  14     sha256 = "sha256-yVF7t4FuU3C9fDg67JeM7LWZZh/mv5F4EKmjlO4AuBY=";
  15   };
  16
  17   propagatedBuildInputs = [ asn1crypto oscrypto ];
  18
  19   checkInputs = [ cacert ];
  20   checkPhase = ''
  21     # Tests are run with a custom executor/loader
  22     # The regex to skip specific tests relies on negative lookahead of regular expressions
  23     # We're skipping the few tests that rely on the network, fetching CRLs, OCSP or remote certificates
  24     python -c 'import dev.tests; dev.tests.run("^(?!.*test_(basic_certificate_validator_tls|fetch|revocation|build_path)).*$")'
  25   '';
  26   pythonImportsCheck = [ "certvalidator" ];
  27
  28   meta = with lib; {
  29     homepage = "https://github.com/wbond/certvalidator";
  30     description = "Validates X.509 certificates and paths";
  31     license = licenses.mit;
  32     maintainers = with maintainers; [ baloo ];
  33   };
  34 }