nixpkgs/pkgs/tools/security/grype/default.nix

{ lib
, buildGoModule
, docker
, fetchFromGitHub
}:

buildGoModule rec {
  pname = "grype";
  version = "0.17.0";

  src = fetchFromGitHub {
    owner = "anchore";
    repo = pname;
    rev = "v${version}";
    sha256 = "sha256-410mCfYzbqgj3hb3dgVOGPWPCIYrB41soLA8dXK23NE=";
  };

  vendorSha256 = "sha256-KkS/1VSObniAykAwv7uW+RCrdvb5BM6DbHzDWZ6kPoQ=";

  propagatedBuildInputs = [ docker ];

  ldflags = [
    "-s" "-w" "-X github.com/anchore/grype/internal/version.version=${version}"
  ];

  # Tests require a running Docker instance
  doCheck = false;

  meta = with lib; {
    description = "Vulnerability scanner for container images and filesystems";
    longDescription = ''
      As a vulnerability scanner is grype abale to scan the contents of a container
      image or filesystem to find known vulnerabilities.
    '';
    homepage = "https://github.com/anchore/grype";
    license = with licenses; [ asl20 ];
    maintainers = with maintainers; [ fab ];
  };
}
grype: set version 2021-03-27 14:16:51 +00:00			`{ lib`
			`, buildGoModule`
grype: init at 0.6.1 2021-01-06 18:11:00 +00:00			`, docker`
			`, fetchFromGitHub`
			`}:`

			`buildGoModule rec {`
			`pname = "grype";`
grype: 0.16.0 -> 0.17.0 2021-08-26 07:23:38 +01:00			`version = "0.17.0";`
grype: init at 0.6.1 2021-01-06 18:11:00 +00:00
			`src = fetchFromGitHub {`
			`owner = "anchore";`
			`repo = pname;`
			`rev = "v${version}";`
grype: 0.16.0 -> 0.17.0 2021-08-26 07:23:38 +01:00			`sha256 = "sha256-410mCfYzbqgj3hb3dgVOGPWPCIYrB41soLA8dXK23NE=";`
grype: init at 0.6.1 2021-01-06 18:11:00 +00:00			`};`

grype: 0.16.0 -> 0.17.0 2021-08-26 07:23:38 +01:00			`vendorSha256 = "sha256-KkS/1VSObniAykAwv7uW+RCrdvb5BM6DbHzDWZ6kPoQ=";`
grype: init at 0.6.1 2021-01-06 18:11:00 +00:00
			`propagatedBuildInputs = [ docker ];`

grype: buildFlagsArray -> ldflags 2021-08-21 09:23:50 +01:00			`ldflags = [`
			`"-s" "-w" "-X github.com/anchore/grype/internal/version.version=${version}"`
			`];`
grype: set version 2021-03-27 14:16:51 +00:00
			`# Tests require a running Docker instance`
grype: init at 0.6.1 2021-01-06 18:11:00 +00:00			`doCheck = false;`

treewide: with stdenv.lib; in meta -> with lib; Part of: https://github.com/NixOS/nixpkgs/issues/108938 meta = with stdenv.lib; is a widely used pattern. We want to slowly remove the `stdenv.lib` indirection and encourage people to use `lib` directly. Thus let’s start with the meta field. This used a rewriting script to mostly automatically replace all occurances of this pattern, and add the `lib` argument to the package header if it doesn’t exist yet. The script in its current form is available at https://cs.tvl.fyi/depot@2f807d7f141068d2d60676a89213eaa5353ca6e0/-/blob/users/Profpatsch/nixpkgs-rewriter/default.nix 2021-01-11 07:54:33 +00:00			`meta = with lib; {`
grype: init at 0.6.1 2021-01-06 18:11:00 +00:00			`description = "Vulnerability scanner for container images and filesystems";`
			`longDescription = ''`
			`As a vulnerability scanner is grype abale to scan the contents of a container`
			`image or filesystem to find known vulnerabilities.`
			`'';`
			`homepage = "https://github.com/anchore/grype";`
			`license = with licenses; [ asl20 ];`
			`maintainers = with maintainers; [ fab ];`
			`};`
			`}`