diff options
author | Benjamin Hipple <bhipple@protonmail.com> | 2018-05-12 10:59:54 -0400 |
---|---|---|
committer | Benjamin Hipple <bhipple@protonmail.com> | 2018-05-13 11:41:02 -0400 |
commit | 3fc1694e8ae7fe148288e9e0a0f3e47008fdd580 (patch) | |
tree | 3a347903c9861cf02a7c1635baa00e2d8e60f432 /pkgs/tools/security/trufflehog | |
parent | 5efce7c43d269c7e95a17c289ce6ca146341cfcf (diff) |
truffleHog: init at 2.0.91
This commit adds the python3 application truffleHog, which is a stand-alone tool that scans a git repo for unencrypted passwords. This depends on a newer GitPython, which depends on a new major version of gitdb, which depends on a new major version of smmap, so I've packaged those as well in the preceding commits.
Diffstat (limited to 'pkgs/tools/security/trufflehog')
-rw-r--r-- | pkgs/tools/security/trufflehog/default.nix | 38 |
1 files changed, 38 insertions, 0 deletions
diff --git a/pkgs/tools/security/trufflehog/default.nix b/pkgs/tools/security/trufflehog/default.nix new file mode 100644 index 0000000000000..f805670a5d5e9 --- /dev/null +++ b/pkgs/tools/security/trufflehog/default.nix @@ -0,0 +1,38 @@ +{ lib, pythonPackages }: + +let + truffleHogRegexes = pythonPackages.buildPythonPackage rec { + pname = "truffleHogRegexes"; + version = "0.0.4"; + src = pythonPackages.fetchPypi { + inherit pname version; + sha256 = "09vrscbb4h4w01gmamlzghxx6cvrqdscylrbdcnbjsd05xl7zh4z"; + }; + }; +in + pythonPackages.buildPythonApplication rec { + pname = "truffleHog"; + version = "2.0.91"; + + src = pythonPackages.fetchPypi { + inherit pname version; + sha256 = "0r4c9ihy6wjh5cwli7lb6cr2yfvxrh7r6cgznql1src5gzlnkymx"; + }; + + # Relax overly restricted version constraint + postPatch = '' + substituteInPlace setup.py --replace "GitPython ==" "GitPython >= " + ''; + + propagatedBuildInputs = [ pythonPackages.GitPython truffleHogRegexes ]; + + # Test cases run git clone and require network access + doCheck = false; + + meta = { + homepage = https://github.com/dxa4481/truffleHog; + description = "Searches through git repositories for high entropy strings and secrets, digging deep into commit history"; + license = with lib.licenses; [ gpl2 ]; + maintainers = with lib.maintainers; [ bhipple ]; + }; + } |