diff --git a/pkgs/tools/misc/cyclonedx-python/default.nix b/pkgs/tools/misc/cyclonedx-python/default.nix index 8284035c99e1..fa5be39000af 100644 --- a/pkgs/tools/misc/cyclonedx-python/default.nix +++ b/pkgs/tools/misc/cyclonedx-python/default.nix @@ -1,37 +1,54 @@ { lib -, python3 , fetchFromGitHub +, python3 }: + +let + py = python3.override { + packageOverrides = self: super: { + + # Requires 'cyclonedx-python-lib = ">= 2.0.0, < 4.0.0"' + cyclonedx-python-lib = super.cyclonedx-python-lib.overridePythonAttrs (oldAttrs: rec { + version = "3.1.5"; + src = fetchFromGitHub { + owner = "CycloneDX"; + repo = "cyclonedx-python-lib"; + rev = "refs/tags/v${version}"; + hash = "sha256-4lA8OdmvQD94jTeDf+Iz7ZyEQ9fZzCxnXQG9Ir8FKhk="; + }; + }); + }; + }; +in +with py.pkgs; + python3.pkgs.buildPythonApplication rec { pname = "cyclonedx-python"; - version = "0.4.3"; + version = "3.11.7"; + pyproject = true; src = fetchFromGitHub { owner = "CycloneDX"; repo = "cyclonedx-python"; - rev = "v${version}"; - sha256 = "BvG4aWBMsllW2L4lLsiRFUCPjgoDpHxN49fsUFdg7tQ="; + rev = "refs/tags/v${version}"; + sha256 = "sha256-jU/0FkQCyph59TnEE+lckJXsU9whfvWp7dkdfzprYw8="; }; - # They pin versions for exact version numbers because "A bill-of-material such - # as CycloneDX expects exact version numbers" -- but that's unnecessary with - # Nix. - preBuild = '' - sed "s@==.*'@'@" -i setup.py - ''; - - propagatedBuildInputs = with python3.pkgs; [ - packageurl-python - requests - xmlschema - setuptools - requirements-parser - packaging - chardet - jsonschema + nativeBuildInputs = with py.pkgs; [ + poetry-core + pythonRelaxDepsHook ]; - # the tests want access to the cyclonedx binary + propagatedBuildInputs = with py.pkgs; [ + chardet + cyclonedx-python-lib + packageurl-python + pip-requirements-parser + setuptools + toml + ]; + + # The tests want access to the cyclonedx binary doCheck = false; pythonImportsCheck = [ @@ -41,8 +58,9 @@ python3.pkgs.buildPythonApplication rec { meta = with lib; { description = "Creates CycloneDX Software Bill of Materials (SBOM) from Python projects"; homepage = "https://github.com/CycloneDX/cyclonedx-python"; + changelog = "https://github.com/CycloneDX/cyclonedx-python/releases/tag/v${version}"; license = licenses.asl20; - maintainers = [ ]; + maintainers = with maintainers; [ ]; mainProgram = "cyclonedx-py"; }; }