cve-bin-tool: unstable-2021-04-15 -> 2.2.1

* move cve-bin-tool from development/python-modules to tools/security

Co-authored-by: r-burns <52847440+r-burns@users.noreply.github.com>

1 files changed, 84 insertions, 0 deletions

diff --git a/pkgs/tools/security/cve-bin-tool/default.nix b/pkgs/tools/security/cve-bin-tool/default.nix
new file mode 100644
index 0000000000000..fac922628752d
--- /dev/null
+++ b/pkgs/tools/security/cve-bin-tool/default.nix
@@ -0,0 +1,84 @@
+{ lib
+, buildPythonApplication
+, fetchFromGitHub
+, jsonschema
+, plotly
+, pytest
+, pytest-xdist
+, pytest-cov
+, pytest-asyncio
+, beautifulsoup4
+, pyyaml
+, isort
+, py
+, jinja2
+, rpmfile
+, reportlab
+, zstandard
+, rich
+, aiohttp
+, toml
+, distro
+  # aiohttp[speedups]
+, aiodns
+, brotlipy
+, cchardet
+, pillow
+, pytestCheckHook
+}:
+buildPythonApplication rec {
+  pname = "cve-bin-tool";
+  version = "2.2.1";
+
+  src = fetchFromGitHub {
+    owner = "intel";
+    repo = "cve-bin-tool";
+    rev = "v${version}";
+    sha256 = "087w7fsc4vd4sjz8ww6q71b108yhz94ydr76d99rhlmcqsq7fihs";
+  };
+
+  # Wants to open a sqlite database, access the internet, etc
+  doCheck = false;
+
+  propagatedBuildInputs = [
+    jsonschema
+    plotly
+    pytest
+    pytest-xdist
+    pytest-cov
+    pytest-asyncio
+    beautifulsoup4
+    pyyaml
+    isort
+    py
+    jinja2
+    rpmfile
+    reportlab
+    zstandard
+    rich
+    aiohttp
+    toml
+    distro
+    # aiohttp[speedups]
+    aiodns
+    brotlipy
+    cchardet
+    # needed by brotlipy
+    pillow
+  ];
+
+  checkInputs = [
+    pytestCheckHook
+  ];
+
+  pythonImportsCheck = [
+    "cve_bin_tool"
+  ];
+
+  meta = with lib; {
+    description = "CVE Binary Checker Tool";
+    homepage = "https://github.com/intel/cve-bin-tool";
+    license = licenses.gpl3Only;
+    maintainers = teams.determinatesystems.members;
+  };
+}