base16-schemes: unstable-2024-06-21 -> unstable-2024-11-12 (#356361)
[NixPkgs.git] / pkgs / tools / security / ggshield / default.nix
blobb05329f614ad677f7606b877684f5620cecd1929
2   lib,
3   fetchFromGitHub,
4   git,
5   python3,
6 }:
8 python3.pkgs.buildPythonApplication rec {
9   pname = "ggshield";
10   version = "1.33.0";
11   pyproject = true;
13   src = fetchFromGitHub {
14     owner = "GitGuardian";
15     repo = "ggshield";
16     rev = "refs/tags/v${version}";
17     hash = "sha256-qvvCBJ56wC56p6tOCb5hh+J7Y/Hec/YgDKNmDbbWNig=";
18   };
20   pythonRelaxDeps = true;
22   build-system = with python3.pkgs; [ setuptools ];
25   dependencies = with python3.pkgs; [
26     appdirs
27     charset-normalizer
28     click
29     cryptography
30     marshmallow
31     marshmallow-dataclass
32     oauthlib
33     platformdirs
34     pygitguardian
35     pyjwt
36     python-dotenv
37     pyyaml
38     requests
39     rich
40   ];
42   nativeCheckInputs =
43     [ git ]
44     ++ (with python3.pkgs; [
45       jsonschema
46       pyfakefs
47       pytest-mock
48       pytest-voluptuous
49       pytestCheckHook
50       snapshottest
51       vcrpy
52     ]);
54   pythonImportsCheck = [ "ggshield" ];
56   disabledTestPaths = [
57     # Don't run functional tests
58     "tests/functional/"
59     "tests/unit/cmd/honeytoken"
60     "tests/unit/cmd/iac"
61     "tests/unit/cmd/sca/"
62     "tests/unit/cmd/scan/"
63   ];
65   disabledTests = [
66     # No TLS certificate, no .git folder, etc.
67     "test_cache_catches"
68     "test_is_git_dir"
69     "test_is_valid_git_commit_ref"
70     "test_check_git_dir"
71     "test_does_not_fail_if_cache"
72     # Encoding issues
73     "test_create_files_from_paths"
74     "test_file_decode_content"
75     "test_file_is_longer_than_does_not_read_utf8_file"
76     "test_file_is_longer_using_8bit_codec"
77     "test_generate_files_from_paths"
78   ];
80   meta = with lib; {
81     description = "Tool to find and fix various types of hardcoded secrets and infrastructure-as-code misconfigurations";
82     homepage = "https://github.com/GitGuardian/ggshield";
83     changelog = "https://github.com/GitGuardian/ggshield/blob/${version}/CHANGELOG.md";
84     license = licenses.mit;
85     maintainers = with maintainers; [ fab ];
86     mainProgram = "ggshield";
87   };