about summary refs log tree commit diff
path: root/pkgs/tools/security/oath-toolkit
diff options
context:
space:
mode:
authorschnusch <schnusch@users.noreply.github.com>2021-05-02 12:38:18 +0200
committerschnusch <schnusch@users.noreply.github.com>2021-06-04 23:23:20 +0200
commit9da90bfa87efaaf84c57ecfd25d8a5ea5f29a0f9 (patch)
treebf0329b836d979364a4f8ce6bf9524d53d24645b /pkgs/tools/security/oath-toolkit
parentcf9bf19bf32f8866b19fca02705e02be204a601d (diff)
oathToolkit: 2.6.6 -> 2.6.7
add update script
Diffstat (limited to 'pkgs/tools/security/oath-toolkit')
-rw-r--r--pkgs/tools/security/oath-toolkit/default.nix6
-rwxr-xr-xpkgs/tools/security/oath-toolkit/update.sh50
2 files changed, 54 insertions, 2 deletions
diff --git a/pkgs/tools/security/oath-toolkit/default.nix b/pkgs/tools/security/oath-toolkit/default.nix
index b1a493f309138..a925d07cb7c8a 100644
--- a/pkgs/tools/security/oath-toolkit/default.nix
+++ b/pkgs/tools/security/oath-toolkit/default.nix
@@ -7,15 +7,17 @@ let
 
 in stdenv.mkDerivation rec {
   pname = "oath-toolkit";
-  version = "2.6.6";
+  version = "2.6.7";
 
   src = fetchurl {
     url = "mirror://savannah/${pname}/${pname}-${version}.tar.gz";
-    sha256 = "0v4lrgip08b8xlivsfn3mwql3nv8hmcpzrn6pi3xp88vqwav6s7x";
+    sha256 = "1aa620k05lsw3l3slkp2mzma40q3p9wginspn9zk8digiz7dzv9n";
   };
 
   buildInputs = [ securityDependency ];
 
+  passthru.updateScript = ./update.sh;
+
   meta = with lib; {
     description = "Components for building one-time password authentication systems";
     homepage = "https://www.nongnu.org/oath-toolkit/";
diff --git a/pkgs/tools/security/oath-toolkit/update.sh b/pkgs/tools/security/oath-toolkit/update.sh
new file mode 100755
index 0000000000000..3502a541fa8ca
--- /dev/null
+++ b/pkgs/tools/security/oath-toolkit/update.sh
@@ -0,0 +1,50 @@
+#!/usr/bin/env nix-shell
+#!nix-shell -i bash -p curl git gnugrep nix
+
+set -euo pipefail
+
+nixfile='default.nix'
+release_url='https://download.savannah.nongnu.org/releases/oath-toolkit/'
+attr='oathToolkit'
+command='oathtool --version'
+
+color() {
+    printf '%s: \033[%sm%s\033[39m\n' "$0" "$1" "$2" >&2 || true
+}
+
+color 32 "downloading $release_url..."
+if ! release_page=$(curl -Lf "$release_url"); then
+    color 31 "cannot download release page"
+    exit 1
+fi
+
+tarball_name=$(printf '%s\n' "$release_page" \
+    | grep -Po '(?<=href=").*?\.tar\.gz(?=")' \
+    | sort -n | tail -n1)
+tarball_version="${tarball_name%.tar.*}"
+tarball_version="${tarball_version##*-}"
+tarball_url="mirror://savannah${release_url#https://*/releases}$tarball_name"
+
+color 32 "nix-prefetch-url $tarball_url..."
+if ! tarball_sha256=$(nix-prefetch-url --type sha256 "$tarball_url"); then
+    color 31 "cannot prefetch $tarball_url"
+    exit 1
+fi
+
+old_version=$(grep -Pom1 '(?<=version = ").*?(?=";)' "$nixfile")
+
+version=$(printf 'version = "%s";\n' "$tarball_version")
+sha256=$(printf 'sha256 = "%s";\n' "$tarball_sha256")
+sed -e "s,version = .*,$version," -e "s,sha256 = .*,$sha256," -i "$nixfile"
+
+if git diff --exit-code "$nixfile" > /dev/stderr; then
+    printf '\n' >&2 || true
+    color 32 "$tarball_version is up to date"
+else
+    color 32 "running '$command' with nix-shell..."
+    nix-shell -p "callPackage ./$nixfile {}" --run "$command"
+    msg="$attr: $old_version -> $tarball_version"
+    printf '\n' >&2 || true
+    color 31 "$msg"
+    git commit -m "$msg" "$nixfile"
+fi
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-08-06 03:27:32 +0000