about summary refs log tree commit diff
path: root/pkgs/tools/security/ghidra/build.nix
diff options
context:
space:
mode:
Diffstat (limited to 'pkgs/tools/security/ghidra/build.nix')
-rw-r--r--pkgs/tools/security/ghidra/build.nix101
1 files changed, 18 insertions, 83 deletions
diff --git a/pkgs/tools/security/ghidra/build.nix b/pkgs/tools/security/ghidra/build.nix
index 3c739602514c8..b9a756dd597ce 100644
--- a/pkgs/tools/security/ghidra/build.nix
+++ b/pkgs/tools/security/ghidra/build.nix
@@ -3,10 +3,9 @@
   fetchFromGitHub,
   lib,
   callPackage,
-  gradle_7,
-  perl,
+  gradle,
   makeBinaryWrapper,
-  openjdk17,
+  openjdk21,
   unzip,
   makeDesktopItem,
   copyDesktopItems,
@@ -21,7 +20,7 @@
 let
   pkg_path = "$out/lib/ghidra";
   pname = "ghidra";
-  version = "11.1.1";
+  version = "11.2";
 
   releaseName = "NIX";
   distroPrefix = "ghidra_${version}_${releaseName}";
@@ -29,7 +28,7 @@ let
     owner = "NationalSecurityAgency";
     repo = "Ghidra";
     rev = "Ghidra_${version}_build";
-    hash = "sha256-t96FcAK3JwO66dOf4OhpOfU8CQfAczfF61Cg7m+B3fA=";
+    hash = "sha256-iO6g3t8JNdc/wAC+JG+6Y7aZCq7T9zYQC3KKZcr+wzc=";
     # populate values that require us to use git. By doing this in postFetch we
     # can delete .git afterwards and maintain better reproducibility of the src.
     leaveDotGit = true;
@@ -44,8 +43,6 @@ let
     '';
   };
 
-  gradle = gradle_7;
-
   patches = [
     # Use our own protoc binary instead of the prebuilt one
     ./0001-Use-protobuf-gradle-plugin.patch
@@ -76,69 +73,6 @@ let
     HERE
   '';
 
-  # Adds a gradle step that downloads all the dependencies to the gradle cache.
-  addResolveStep = ''
-        cat >>build.gradle <<HERE
-    task resolveDependencies {
-      doLast {
-        project.rootProject.allprojects.each { subProject ->
-          subProject.buildscript.configurations.each { configuration ->
-            resolveConfiguration(subProject, configuration, "buildscript config \''${configuration.name}")
-          }
-          subProject.configurations.each { configuration ->
-            resolveConfiguration(subProject, configuration, "config \''${configuration.name}")
-          }
-        }
-      }
-    }
-    void resolveConfiguration(subProject, configuration, name) {
-      if (configuration.canBeResolved) {
-        logger.info("Resolving project {} {}", subProject.name, name)
-        configuration.resolve()
-      }
-    }
-    HERE
-  '';
-
-  # fake build to pre-download deps into fixed-output derivation
-  # Taken from mindustry derivation.
-  deps = stdenv.mkDerivation {
-    pname = "${pname}-deps";
-    inherit version src patches;
-
-    postPatch = addResolveStep;
-
-    nativeBuildInputs = [
-      gradle
-      perl
-    ] ++ lib.optional stdenv.isDarwin xcbuild;
-    buildPhase = ''
-      runHook preBuild
-      export HOME="$NIX_BUILD_TOP/home"
-      mkdir -p "$HOME"
-      export JAVA_TOOL_OPTIONS="-Duser.home='$HOME'"
-      export GRADLE_USER_HOME="$HOME/.gradle"
-
-      # First, fetch the static dependencies.
-      gradle --no-daemon --info -Dorg.gradle.java.home=${openjdk17} -I gradle/support/fetchDependencies.gradle init
-
-      # Then, fetch the maven dependencies.
-      gradle --no-daemon --info -Dorg.gradle.java.home=${openjdk17} resolveDependencies
-      runHook postBuild
-    '';
-    # perl code mavenizes pathes (com.squareup.okio/okio/1.13.0/a9283170b7305c8d92d25aff02a6ab7e45d06cbe/okio-1.13.0.jar -> com/squareup/okio/okio/1.13.0/okio-1.13.0.jar)
-    installPhase = ''
-      runHook preInstall
-      find $GRADLE_USER_HOME/caches/modules-2 -type f -regex '.*\.\(jar\|pom\)' \
-        | perl -pe 's#(.*/([^/]+)/([^/]+)/([^/]+)/[0-9a-f]{30,40}/([^/\s]+))$# ($x = $2) =~ tr|\.|/|; "install -Dm444 $1 \$out/maven/$x/$3/$4/$5" #e' \
-        | sh
-      cp -r dependencies $out/dependencies
-      runHook postInstall
-    '';
-    outputHashAlgo = "sha256";
-    outputHashMode = "recursive";
-    outputHash = "sha256-66gL4UFlBUo2JIEOXoF6tFvXtBdEX4b2MeSrV1b6Vg4=";
-  };
 in
 stdenv.mkDerivation (finalAttrs: {
   inherit
@@ -178,7 +112,7 @@ stdenv.mkDerivation (finalAttrs: {
       python3
       python3Packages.pip
     ]
-    ++ lib.optionals stdenv.isDarwin [
+    ++ lib.optionals stdenv.hostPlatform.isDarwin [
       xcbuild
       desktopToDarwinBundle
     ];
@@ -187,20 +121,20 @@ stdenv.mkDerivation (finalAttrs: {
 
   __darwinAllowLocalNetworking = true;
 
-  buildPhase = ''
-    runHook preBuild
-    export HOME="$NIX_BUILD_TOP/home"
-    mkdir -p "$HOME"
-    export JAVA_TOOL_OPTIONS="-Duser.home='$HOME'"
-
-    ln -s ${deps}/dependencies dependencies
+  mitmCache = gradle.fetchDeps {
+    inherit pname;
+    data = ./deps.json;
+  };
 
-    sed -i "s#mavenLocal()#mavenLocal(); maven { url '${deps}/maven' }#g" build.gradle
+  gradleFlags = [ "-Dorg.gradle.java.home=${openjdk21}" ];
 
-    gradle --offline --no-daemon --info -Dorg.gradle.java.home=${openjdk17} buildGhidra
-    runHook postBuild
+  preBuild = ''
+    export JAVA_TOOL_OPTIONS="-Duser.home=$NIX_BUILD_TOP/home"
+    gradle -I gradle/support/fetchDependencies.gradle
   '';
 
+  gradleBuildTask = "buildGhidra";
+
   installPhase = ''
     runHook preInstall
 
@@ -226,9 +160,10 @@ stdenv.mkDerivation (finalAttrs: {
   postFixup = ''
     mkdir -p "$out/bin"
     ln -s "${pkg_path}/ghidraRun" "$out/bin/ghidra"
+    ln -s "${pkg_path}/support/analyzeHeadless" "$out/bin/ghidra-analyzeHeadless"
     wrapProgram "${pkg_path}/support/launch.sh" \
       --set-default NIX_GHIDRAHOME "${pkg_path}/Ghidra" \
-      --prefix PATH : ${lib.makeBinPath [ openjdk17 ]}
+      --prefix PATH : ${lib.makeBinPath [ openjdk21 ]}
   '';
 
   passthru = {
@@ -261,6 +196,6 @@ stdenv.mkDerivation (finalAttrs: {
       roblabla
       vringar
     ];
-    broken = stdenv.isDarwin && stdenv.isx86_64;
+    broken = stdenv.hostPlatform.isDarwin && stdenv.hostPlatform.isx86_64;
   };
 })
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-10-11 08:45:28 +0000