diff options
Diffstat (limited to 'pkgs/tools/security')
-rw-r--r-- | pkgs/tools/security/argocd-vault-plugin/default.nix | 21 | ||||
-rw-r--r-- | pkgs/tools/security/cloudhunter/default.nix | 4 | ||||
-rw-r--r-- | pkgs/tools/security/cnquery/default.nix | 6 | ||||
-rw-r--r-- | pkgs/tools/security/faraday-cli/default.nix | 10 | ||||
-rw-r--r-- | pkgs/tools/security/govulncheck/default.nix | 6 | ||||
-rw-r--r-- | pkgs/tools/security/grype/default.nix | 6 | ||||
-rw-r--r-- | pkgs/tools/security/keepwn/default.nix | 13 | ||||
-rw-r--r-- | pkgs/tools/security/mkp224o/default.nix | 4 | ||||
-rw-r--r-- | pkgs/tools/security/naabu/default.nix | 11 | ||||
-rw-r--r-- | pkgs/tools/security/nuclei/default.nix | 6 | ||||
-rw-r--r-- | pkgs/tools/security/sslscan/default.nix | 4 | ||||
-rw-r--r-- | pkgs/tools/security/trufflehog/default.nix | 6 | ||||
-rw-r--r-- | pkgs/tools/security/trustymail/default.nix | 4 | ||||
-rw-r--r-- | pkgs/tools/security/vals/default.nix | 6 |
14 files changed, 71 insertions, 36 deletions
diff --git a/pkgs/tools/security/argocd-vault-plugin/default.nix b/pkgs/tools/security/argocd-vault-plugin/default.nix index bd6e4c15fa27d..934be7d099428 100644 --- a/pkgs/tools/security/argocd-vault-plugin/default.nix +++ b/pkgs/tools/security/argocd-vault-plugin/default.nix @@ -1,4 +1,9 @@ -{ buildGoModule, fetchFromGitHub, lib }: +{ buildGoModule +, fetchFromGitHub +, lib +, testers +, argocd-vault-plugin +}: buildGoModule rec { pname = "argocd-vault-plugin"; @@ -13,9 +18,23 @@ buildGoModule rec { vendorHash = "sha256-0PrGrcS8Gx0cVImGrlmXlycFgWCTLjg2ISi0OhYoPpw="; + ldflags = [ + "-X=github.com/argoproj-labs/argocd-vault-plugin/version.Version=v${version}" + "-X=github.com/argoproj-labs/argocd-vault-plugin/version.BuildDate=1970-01-01T00:00:00Z" + "-X=github.com/argoproj-labs/argocd-vault-plugin/version.CommitSHA=unknown" + ]; + # integration tests require filesystem and network access for credentials doCheck = false; + doInstallCheck = true; + + passthru.tests.version = testers.testVersion { + package = argocd-vault-plugin; + command = "argocd-vault-plugin version"; + version = "argocd-vault-plugin v${version} (unknown) BuildDate: 1970-01-01T00:00:00Z"; + }; + meta = with lib; { homepage = "https://argocd-vault-plugin.readthedocs.io"; changelog = "https://github.com/argoproj-labs/argocd-vault-plugin/releases/tag/v${version}"; diff --git a/pkgs/tools/security/cloudhunter/default.nix b/pkgs/tools/security/cloudhunter/default.nix index 109bd5a9df7aa..206879d537592 100644 --- a/pkgs/tools/security/cloudhunter/default.nix +++ b/pkgs/tools/security/cloudhunter/default.nix @@ -5,14 +5,14 @@ python3.pkgs.buildPythonApplication rec { pname = "cloudhunter"; - version = "0.7.0"; + version = "0.7.1"; format = "other"; src = fetchFromGitHub { owner = "belane"; repo = "CloudHunter"; rev = "refs/tags/v${version}"; - hash = "sha256-yRl3x1dboOcoPeKxpUEhDk8OJx1hynEJRHL9/Su8OyA="; + hash = "sha256-7iT4vr0kcNXEyJJdBbJsllIcbZRGY3T5t/FjEONkuq0="; }; postPatch = '' diff --git a/pkgs/tools/security/cnquery/default.nix b/pkgs/tools/security/cnquery/default.nix index 158629f1cd109..9c6803ecd840e 100644 --- a/pkgs/tools/security/cnquery/default.nix +++ b/pkgs/tools/security/cnquery/default.nix @@ -5,18 +5,18 @@ buildGoModule rec { pname = "cnquery"; - version = "9.13.0"; + version = "9.14.0"; src = fetchFromGitHub { owner = "mondoohq"; repo = "cnquery"; rev = "v${version}"; - hash = "sha256-jJayS4zGnbQBY/Z7rk4Xx0nHjCdAYCDs/FDYPVBxcqE="; + hash = "sha256-/Lawxl+jMJKSOKi5yxc+d7Gro69rLCB7nyYPmLtNGoU="; }; subPackages = [ "apps/cnquery" ]; - vendorHash = "sha256-AHVmvmTn2MlL+aVBUQs4PA3k8w9/QQRD57DvSpSq09I="; + vendorHash = "sha256-T7pD88v2sF7w/t5O+sekn1oy/uvA6LytYptLXrd+X4c="; meta = with lib; { description = "cloud-native, graph-based asset inventory"; diff --git a/pkgs/tools/security/faraday-cli/default.nix b/pkgs/tools/security/faraday-cli/default.nix index cebe1540c605b..b0ee2015555c4 100644 --- a/pkgs/tools/security/faraday-cli/default.nix +++ b/pkgs/tools/security/faraday-cli/default.nix @@ -5,16 +5,20 @@ python3.pkgs.buildPythonApplication rec { pname = "faraday-cli"; - version = "2.1.9"; - format = "setuptools"; + version = "2.1.10"; + pyproject = true; src = fetchFromGitHub { owner = "infobyte"; repo = pname; rev = "refs/tags/${version}"; - hash = "sha256-8D1oYYqf0R41DPYtorcvykZ99p6P6Diwe7PgEN378pU="; + hash = "sha256-7Yg2m0xHpBPZ58gJodSYO8vXaxSlr4GK1Lin63WozOE="; }; + nativeBuildInputs = with python3.pkgs; [ + setuptools + ]; + propagatedBuildInputs = with python3.pkgs; [ arrow click diff --git a/pkgs/tools/security/govulncheck/default.nix b/pkgs/tools/security/govulncheck/default.nix index 1b7ee6cf015da..746c72a017e8b 100644 --- a/pkgs/tools/security/govulncheck/default.nix +++ b/pkgs/tools/security/govulncheck/default.nix @@ -6,13 +6,13 @@ buildGoModule rec { pname = "govulncheck"; - version = "1.0.1"; + version = "1.0.2"; src = fetchFromGitHub { owner = "golang"; repo = "vuln"; rev = "refs/tags/v${version}"; - hash = "sha256-cewQ03dK/k3mXevE09M01Yox/3ZWP6IrG0H4QsZMzy8="; + hash = "sha256-vTHP7I3r7EAt4puh7bonKj6A94j169tKWgTfxASWyo0="; }; patches = [ @@ -23,7 +23,7 @@ buildGoModule rec { }) ]; - vendorHash = "sha256-r9XshbgVA5rppJF46SFYPad344ZHMLWTHTnL6vbIFH8="; + vendorHash = "sha256-Jg2Nx63Xak149111jbBP6SgK3hze21Dx5qcDKXCqa48="; subPackages = [ "cmd/govulncheck" diff --git a/pkgs/tools/security/grype/default.nix b/pkgs/tools/security/grype/default.nix index 188741bcf00c0..1e0f050d4a4cf 100644 --- a/pkgs/tools/security/grype/default.nix +++ b/pkgs/tools/security/grype/default.nix @@ -7,13 +7,13 @@ buildGoModule rec { pname = "grype"; - version = "0.74.1"; + version = "0.74.2"; src = fetchFromGitHub { owner = "anchore"; repo = pname; rev = "refs/tags/v${version}"; - hash = "sha256-/s23QSg4+reF+BTbbk1MXtUC0ytdgd8olaiUTqR7LqM="; + hash = "sha256-ZqYyVNaVLBh/IixUB72+EVvUUiovi+pexkIVYNsNLVY="; # populate values that require us to use git. By doing this in postFetch we # can delete .git afterwards and maintain better reproducibility of the src. leaveDotGit = true; @@ -28,7 +28,7 @@ buildGoModule rec { proxyVendor = true; - vendorHash = "sha256-LNyYwnQhGZfsHrA02fHdXKRTJ83Xii3q//Tfrq3sLFc="; + vendorHash = "sha256-60xkcrMwgDs8ATRdPbDUZQlBaMMleQ3x+1oX2h13tZU="; nativeBuildInputs = [ installShellFiles diff --git a/pkgs/tools/security/keepwn/default.nix b/pkgs/tools/security/keepwn/default.nix index 9720e14d7a506..bb856c80710b8 100644 --- a/pkgs/tools/security/keepwn/default.nix +++ b/pkgs/tools/security/keepwn/default.nix @@ -6,20 +6,27 @@ python3.pkgs.buildPythonApplication rec { pname = "keepwn"; - version = "0.1"; - format = "setuptools"; + version = "0.3"; + pyproject = true; src = fetchFromGitHub { owner = "Orange-Cyberdefense"; repo = "KeePwn"; rev = "refs/tags/${version}"; - hash = "sha256-s+r6QEUzkzCbs5j1G+PVgDx8cvnmQzEQ1MHAakG+skA="; + hash = "sha256-haKWuoTtyC9vIise+gznruHEwMIDz1W6euihLLKnSdc="; }; + nativeBuildInputs = with python3.pkgs; [ + setuptools + ]; + propagatedBuildInputs = with python3.pkgs; [ chardet impacket lxml + pefile + pykeepass + python-magic termcolor ]; diff --git a/pkgs/tools/security/mkp224o/default.nix b/pkgs/tools/security/mkp224o/default.nix index 2ac4304d6d2eb..d6ee40e6f5eab 100644 --- a/pkgs/tools/security/mkp224o/default.nix +++ b/pkgs/tools/security/mkp224o/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "mkp224o"; - version = "1.6.1"; + version = "1.7.0"; src = fetchFromGitHub { owner = "cathugger"; repo = "mkp224o"; rev = "v${version}"; - sha256 = "sha256-+TJ137DmgaFZX+/N6VwXJwfVCoTWtC8NqfXfYJC8UHo="; + sha256 = "sha256-OL3xhoxIS1OqfVp0QboENFdNH/e1Aq1R/MFFM9LNFbQ="; }; buildCommand = diff --git a/pkgs/tools/security/naabu/default.nix b/pkgs/tools/security/naabu/default.nix index 8569b957db2d5..7d3981222f914 100644 --- a/pkgs/tools/security/naabu/default.nix +++ b/pkgs/tools/security/naabu/default.nix @@ -6,16 +6,16 @@ buildGoModule rec { pname = "naabu"; - version = "2.2.0"; + version = "2.2.1"; src = fetchFromGitHub { owner = "projectdiscovery"; repo = "naabu"; rev = "refs/tags/v${version}"; - hash = "sha256-he9SJ4lCFNV3DvwqYR7lcWPIPwLIpJDWWnnei069k1k="; + hash = "sha256-z81LL+tx15Zo6OWj4gRSodo7Dk763M+QQ5kYgjrWO3Q="; }; - vendorHash = "sha256-fVqPRDycT9ImBkHakNrby0uXPWrXXatTk8QQSi2OnV0="; + vendorHash = "sha256-nwrqxlbvr9FZXJpzmcn0IBEtlJfeYCy8DJsBvxEgj6k="; buildInputs = [ libpcap @@ -27,6 +27,11 @@ buildGoModule rec { "cmd/naabu/" ]; + ldflags = [ + "-w" + "-s" + ]; + meta = with lib; { description = "Fast SYN/CONNECT port scanner"; longDescription = '' diff --git a/pkgs/tools/security/nuclei/default.nix b/pkgs/tools/security/nuclei/default.nix index 17915567d46cc..4c56d061754e5 100644 --- a/pkgs/tools/security/nuclei/default.nix +++ b/pkgs/tools/security/nuclei/default.nix @@ -5,16 +5,16 @@ buildGoModule rec { pname = "nuclei"; - version = "3.1.6"; + version = "3.1.7"; src = fetchFromGitHub { owner = "projectdiscovery"; repo = "nuclei"; rev = "refs/tags/v${version}"; - hash = "sha256-Xtebrmd1M46slPX/0nQRo2CEA4mGOZiUxhlokXdYReA="; + hash = "sha256-O7GWH65zOKK9mPlap5BL302ow/ruXOz8CxUjaHfIj3w="; }; - vendorHash = "sha256-x2bx5A09hYtsn7BROXZbB8X8gFN1zI5Jg51HYZPYIno="; + vendorHash = "sha256-mwqDoX79cnG6zPncN1l5uAdOSbyAVWzw2dV+2rnBsqw="; subPackages = [ "cmd/nuclei/" diff --git a/pkgs/tools/security/sslscan/default.nix b/pkgs/tools/security/sslscan/default.nix index 6f5999978a107..529b1bb1683e6 100644 --- a/pkgs/tools/security/sslscan/default.nix +++ b/pkgs/tools/security/sslscan/default.nix @@ -6,13 +6,13 @@ stdenv.mkDerivation rec { pname = "sslscan"; - version = "2.1.2"; + version = "2.1.3"; src = fetchFromGitHub { owner = "rbsec"; repo = "sslscan"; rev = "refs/tags/${version}"; - hash = "sha256-6teCWzv9DXhGSBjyIurRW3ymSTwMUlbJGjuXmsqpkUc="; + hash = "sha256-oLlMeFVicDwr2XjCX/0cBMTXLKB8js50646uAf3tP9k="; }; buildInputs = [ openssl ]; diff --git a/pkgs/tools/security/trufflehog/default.nix b/pkgs/tools/security/trufflehog/default.nix index 2ad22b513d833..606620deae555 100644 --- a/pkgs/tools/security/trufflehog/default.nix +++ b/pkgs/tools/security/trufflehog/default.nix @@ -7,16 +7,16 @@ buildGoModule rec { pname = "trufflehog"; - version = "3.63.10"; + version = "3.63.11"; src = fetchFromGitHub { owner = "trufflesecurity"; repo = "trufflehog"; rev = "refs/tags/v${version}"; - hash = "sha256-yxeXJXHSwouDzT1u8e29piqMs20VYh4pwKFFllOCJqM="; + hash = "sha256-potMA/fLiwH0TZNwXJSC+SFRG8qxXe2drdk6Aj+4GUQ="; }; - vendorHash = "sha256-eD6PcJgwulwMbizUBDr2jLwVfsAdxiQWFqqe17wNqp0="; + vendorHash = "sha256-hzSGhq10n09C2lTeJr3oO+KyeTLqpuNXfn7NukGf0ck="; ldflags = [ "-s" diff --git a/pkgs/tools/security/trustymail/default.nix b/pkgs/tools/security/trustymail/default.nix index eb384ce162539..88d321708886f 100644 --- a/pkgs/tools/security/trustymail/default.nix +++ b/pkgs/tools/security/trustymail/default.nix @@ -5,14 +5,14 @@ python3.pkgs.buildPythonApplication rec { pname = "trustymail"; - version = "0.8.1"; + version = "0.8.3"; format = "setuptools"; src = fetchFromGitHub { owner = "cisagov"; repo = pname; rev = "refs/tags/v${version}"; - hash = "sha256-hKiQWAOzUjmoCcEH9OTgkgU7s1V+Vv3+93OLkqDRDoU="; + hash = "sha256-aFXz78Gviki0yIcnn2EgR3mHmt0wMoY5u6RoT6zQc1Y="; }; postPatch = '' diff --git a/pkgs/tools/security/vals/default.nix b/pkgs/tools/security/vals/default.nix index 8f25dc1a211aa..55fffe9fd2bf2 100644 --- a/pkgs/tools/security/vals/default.nix +++ b/pkgs/tools/security/vals/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "vals"; - version = "0.32.0"; + version = "0.33.0"; src = fetchFromGitHub { rev = "v${version}"; owner = "variantdev"; repo = pname; - sha256 = "sha256-UBN0QMrYyYm7O1MrduGmXOSLZ5Qwjq0LMgvWhoVwzGI="; + sha256 = "sha256-ZF73oLe/2s+zsMNElgjnVT7GCsH4VSP1IWTy647JZyw="; }; - vendorHash = "sha256-2gS4m+eQSrXcMtT/7AzPW5KcGww8gSJm2doyBa6pLHQ="; + vendorHash = "sha256-1wlwG0YaLcoLEh5t1hAfgQ+8EMfMDQn430nWGsuFTqs="; ldflags = [ "-s" |