diff options
| author | Simon Bruder <simon@sbruder.de> | 2022-07-25 13:28:17 +0200 |
|---|---|---|
| committer | Simon Bruder <simon@sbruder.de> | 2022-08-04 16:43:06 +0200 |
| commit | ec0058d69ead58609565e511ab5294b1683a0a5c (patch) | |
| tree | b80fc2ce4b94f2f61bd1d1e8ffe640253fde77f6 /pkgs/tools/security/flare-floss | |
| parent | 2a12c578f44331c6c8a2321bb8c255c6b72237b8 (diff) | |
flare-floss: 1.7.0 -> 2.0.0
The upstream repository location changed, the old one redirects to the new one. It enables tests, which were disabled previously due to them requiring a submodule, because they are useful to check if all dependencies are working correctly.
Diffstat (limited to 'pkgs/tools/security/flare-floss')
| -rw-r--r-- | pkgs/tools/security/flare-floss/default.nix | 71 |
1 files changed, 50 insertions, 21 deletions
diff --git a/pkgs/tools/security/flare-floss/default.nix b/pkgs/tools/security/flare-floss/default.nix index fbf065dc3b153..6416adec0ece2 100644 --- a/pkgs/tools/security/flare-floss/default.nix +++ b/pkgs/tools/security/flare-floss/default.nix @@ -2,44 +2,73 @@ , python3 , fetchFromGitHub }: +let + py = python3.override { + packageOverrides = final: prev: { + # required for networkx 2.5.1 + decorator = prev.decorator.overridePythonAttrs (o: o // rec { + version = "4.4.2"; + src = o.src.override { + inherit version; + sha256 = "sha256-46YvBSAXJEDKDcyCN0kxk4Ljd/N/FAoLme9F/suEv+c="; + }; + }); -python3.pkgs.buildPythonPackage rec { + # flare-floss requires this exact version (newer versions are incompatible) + networkx = prev.networkx.overridePythonAttrs (o: o // rec { + version = "2.5.1"; + src = o.src.override { + inherit version; + sha256 = "sha256-EJzVhcrEEpf3EQPDxCrG73N58peI61TLdRvlpmO7I1o="; + }; + }); + }; + }; +in +py.pkgs.buildPythonPackage rec { pname = "flare-floss"; - version = "1.7.0"; + version = "2.0.0"; src = fetchFromGitHub { - owner = "fireeye"; + owner = "mandiant"; repo = "flare-floss"; rev = "v${version}"; - sha256 = "GMOA1+qM2A/Qw33kOTIINEvjsfqjWQWBXHNemh3IK8w="; + fetchSubmodules = true; # for tests + sha256 = "sha256-V4OWYcISyRdjf8x93B6h2hJwRgmRmk32hr8TrgRDu8Q="; }; - propagatedBuildInputs = with python3.pkgs; [ - pyyaml - simplejson + postPatch = '' + substituteInPlace setup.py \ + --replace "==" ">=" + + substituteInPlace floss/main.py \ + --replace 'sigs_path = os.path.join(get_default_root(), "sigs")' 'sigs_path = "'"$out"'/share/flare-floss/sigs"' + ''; + + propagatedBuildInputs = with py.pkgs; [ + halo + networkx + pydantic tabulate - vivisect - plugnplay + tqdm viv-utils - ]; + vivisect + ] ++ viv-utils.optional-dependencies.flirt; - checkInputs = with python3.pkgs; [ + checkInputs = with py.pkgs; [ + pytest-sugar pytestCheckHook + pyyaml ]; - disabledTests = [ - # test data is in a submodule - "test_main" - ]; - - pythonImportsCheck = [ - "floss" - "floss.plugins" - ]; + postInstall = '' + mkdir -p $out/share/flare-floss/ + cp -r sigs $out/share/flare-floss/ + ''; meta = with lib; { description = "Automatically extract obfuscated strings from malware"; - homepage = "https://github.com/fireeye/flare-floss"; + homepage = "https://github.com/mandiant/flare-floss"; license = licenses.asl20; maintainers = teams.determinatesystems.members; }; |