From b8ba78f1d614e9faa981c6d74e83aff0c9cf66cf Mon Sep 17 00:00:00 2001 From: Andrew Marshall Date: Mon, 14 Nov 2022 09:55:35 -0500 Subject: [PATCH 1/2] checkov: Fix build checkov build has been broken since https://hydra.nixos.org/build/187798638 due to a minor incompatibility with flake8 5.x on Python 3.8+; this remedies it. Upstream does not notice this issue presently since they only run unit tests against Python 3.7, and positional-only arguments did not appear till 3.8. See https://github.com/PyCQA/flake8/pull/1490/commits/f98d52a398cd2ff5cad270fdee9e37b62444550a for details on the change. --- .../tools/analysis/checkov/default.nix | 4 +++ .../analysis/checkov/flake8-compat-5.x.patch | 25 +++++++++++++++++++ 2 files changed, 29 insertions(+) create mode 100644 pkgs/development/tools/analysis/checkov/flake8-compat-5.x.patch diff --git a/pkgs/development/tools/analysis/checkov/default.nix b/pkgs/development/tools/analysis/checkov/default.nix index 8a239b4c37f7..b89a9695939c 100644 --- a/pkgs/development/tools/analysis/checkov/default.nix +++ b/pkgs/development/tools/analysis/checkov/default.nix @@ -42,6 +42,10 @@ buildPythonApplication rec { hash = "sha256-dXpgm9S++jtBhuzX9db8Pm5LF6Qb4isXx5uyOGdWGUc="; }; + patches = [ + ./flake8-compat-5.x.patch + ]; + nativeBuildInputs = with py.pkgs; [ pythonRelaxDepsHook setuptools-scm diff --git a/pkgs/development/tools/analysis/checkov/flake8-compat-5.x.patch b/pkgs/development/tools/analysis/checkov/flake8-compat-5.x.patch new file mode 100644 index 000000000000..9bb019292536 --- /dev/null +++ b/pkgs/development/tools/analysis/checkov/flake8-compat-5.x.patch @@ -0,0 +1,25 @@ +diff --git a/flake8_plugins/flake8_class_attributes_plugin/tests/conftest.py b/flake8_plugins/flake8_class_attributes_plugin/tests/conftest.py +index 1ad762aed..c91078dcf 100644 +--- a/flake8_plugins/flake8_class_attributes_plugin/tests/conftest.py ++++ b/flake8_plugins/flake8_class_attributes_plugin/tests/conftest.py +@@ -1,6 +1,7 @@ + import ast + import os + ++import flake8 + from flake8.options.manager import OptionManager + + from flake8_plugins.flake8_class_attributes_plugin.flake8_class_attributes.checker import ClassAttributesChecker +@@ -17,7 +18,11 @@ def run_validator_for_test_file(filename, max_annotations_complexity=None, + raw_content = file_handler.read() + tree = ast.parse(raw_content) + +- options = OptionManager('flake8_class_attributes_order', '0.1.3') ++ options = OptionManager( ++ version=flake8.__version__, ++ plugin_versions='flake8_class_attributes_order: 0.1.3', ++ parents=[], ++ ) + options.use_class_attributes_order_strict_mode = strict_mode + options.class_attributes_order = attributes_order + ClassAttributesChecker.parse_options(options) From 41c56cadffe23835e60489f846675cb9e3c0a804 Mon Sep 17 00:00:00 2001 From: Andrew Marshall Date: Mon, 14 Nov 2022 10:08:52 -0500 Subject: [PATCH 2/2] checkov: Fix exe not executable MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Not really sure why it’s not—it’s executable in the Git repo and is listed properly as a script in setup.py. --- pkgs/development/tools/analysis/checkov/default.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/pkgs/development/tools/analysis/checkov/default.nix b/pkgs/development/tools/analysis/checkov/default.nix index b89a9695939c..105080ce2230 100644 --- a/pkgs/development/tools/analysis/checkov/default.nix +++ b/pkgs/development/tools/analysis/checkov/default.nix @@ -141,6 +141,10 @@ buildPythonApplication rec { "checkov" ]; + postInstall = '' + chmod +x $out/bin/checkov + ''; + meta = with lib; { description = "Static code analysis tool for infrastructure-as-code"; homepage = "https://github.com/bridgecrewio/checkov";