From daa500499a1d2756351bc67599763dcdd4d9c768 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Thu, 4 Apr 2024 17:38:21 +0000 Subject: [PATCH 1/3] syft: 1.1.0 -> 1.1.1 --- pkgs/tools/admin/syft/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/tools/admin/syft/default.nix b/pkgs/tools/admin/syft/default.nix index c71ae0821896..92ef2469237d 100644 --- a/pkgs/tools/admin/syft/default.nix +++ b/pkgs/tools/admin/syft/default.nix @@ -2,13 +2,13 @@ buildGoModule rec { pname = "syft"; - version = "1.1.0"; + version = "1.1.1"; src = fetchFromGitHub { owner = "anchore"; repo = pname; rev = "v${version}"; - hash = "sha256-VLCxbD9LFXH8bdc2v9RB/vlLZtg1ekDotZi1xwORdjc="; + hash = "sha256-75puiKfXp8vS9iiSk6R85RBn9xlQp9jk51ZNBeJXc/U="; # populate values that require us to use git. By doing this in postFetch we # can delete .git afterwards and maintain better reproducibility of the src. leaveDotGit = true; @@ -22,7 +22,7 @@ buildGoModule rec { }; # hash mismatch with darwin proxyVendor = true; - vendorHash = "sha256-eJCXRXeYAk3VTe+RcFjjKUbKCniPKY1wPXsBpZjeCNw="; + vendorHash = "sha256-AHzKmitIUw0CqBU2Xinb6UVnlZB+2ED85uqGUFonkWM="; nativeBuildInputs = [ installShellFiles ]; From e2df5831f922a571fc0a38fbb03bb1cf8396577f Mon Sep 17 00:00:00 2001 From: Fabian Affolter Date: Fri, 5 Apr 2024 00:45:05 +0200 Subject: [PATCH 2/3] syft: refactor --- pkgs/tools/admin/syft/default.nix | 19 ++++++++++++------- 1 file changed, 12 insertions(+), 7 deletions(-) diff --git a/pkgs/tools/admin/syft/default.nix b/pkgs/tools/admin/syft/default.nix index 92ef2469237d..e55954ef4191 100644 --- a/pkgs/tools/admin/syft/default.nix +++ b/pkgs/tools/admin/syft/default.nix @@ -1,4 +1,8 @@ -{ lib, buildGoModule, fetchFromGitHub, installShellFiles }: +{ lib +, buildGoModule +, fetchFromGitHub +, installShellFiles +}: buildGoModule rec { pname = "syft"; @@ -6,8 +10,8 @@ buildGoModule rec { src = fetchFromGitHub { owner = "anchore"; - repo = pname; - rev = "v${version}"; + repo = "syft"; + rev = "refs/tags/v${version}"; hash = "sha256-75puiKfXp8vS9iiSk6R85RBn9xlQp9jk51ZNBeJXc/U="; # populate values that require us to use git. By doing this in postFetch we # can delete .git afterwards and maintain better reproducibility of the src. @@ -22,6 +26,7 @@ buildGoModule rec { }; # hash mismatch with darwin proxyVendor = true; + vendorHash = "sha256-AHzKmitIUw0CqBU2Xinb6UVnlZB+2ED85uqGUFonkWM="; nativeBuildInputs = [ installShellFiles ]; @@ -31,9 +36,9 @@ buildGoModule rec { ldflags = [ "-s" "-w" - "-X main.version=${version}" - "-X main.gitDescription=v${version}" - "-X main.gitTreeState=clean" + "-X=main.version=${version}" + "-X=main.gitDescription=v${version}" + "-X=main.gitTreeState=clean" ]; preBuild = '' @@ -66,9 +71,9 @@ buildGoModule rec { ''; meta = with lib; { + description = "CLI tool and library for generating a Software Bill of Materials from container images and filesystems"; homepage = "https://github.com/anchore/syft"; changelog = "https://github.com/anchore/syft/releases/tag/v${version}"; - description = "CLI tool and library for generating a Software Bill of Materials from container images and filesystems"; longDescription = '' A CLI tool and Go library for generating a Software Bill of Materials (SBOM) from container images and filesystems. Exceptional for From c0c6f392a95d200ae5d25577d349f66d9aa746bf Mon Sep 17 00:00:00 2001 From: Fabian Affolter Date: Fri, 5 Apr 2024 00:45:57 +0200 Subject: [PATCH 3/3] syft: format with nixfmt --- pkgs/tools/admin/syft/default.nix | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/pkgs/tools/admin/syft/default.nix b/pkgs/tools/admin/syft/default.nix index e55954ef4191..33951c4ab9b4 100644 --- a/pkgs/tools/admin/syft/default.nix +++ b/pkgs/tools/admin/syft/default.nix @@ -1,7 +1,8 @@ -{ lib -, buildGoModule -, fetchFromGitHub -, installShellFiles +{ + lib, + buildGoModule, + fetchFromGitHub, + installShellFiles, }: buildGoModule rec { @@ -80,7 +81,11 @@ buildGoModule rec { vulnerability detection when used with a scanner tool like Grype. ''; license = with licenses; [ asl20 ]; - maintainers = with maintainers; [ jk developer-guy kashw2 ]; + maintainers = with maintainers; [ + developer-guy + jk + kashw2 + ]; mainProgram = "syft"; }; }