pkgsrc-WIP-changes archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

wip/py-pip-audit: import py-pip-audit-0.0.4



Module Name:	pkgsrc-wip
Committed By:	Thomas Klausner <tk%giga.or.at@localhost>
Pushed By:	wiz
Date:		Tue Nov 9 21:47:58 2021 +0100
Changeset:	0feb3c059bbe47a275196b0373ceeb3d13638974

Added Files:
	py-pip-audit/ALTERNATIVES
	py-pip-audit/DESCR
	py-pip-audit/Makefile
	py-pip-audit/PLIST
	py-pip-audit/distinfo
	py-pip-audit/patches/patch-setup.py

Log Message:
wip/py-pip-audit: import py-pip-audit-0.0.4

pip-audit is a prototype tool for scanning Python environments for
packages with known vulnerabilities. It uses the Python Packaging
Advisory Database via the PyPI JSON API as a source of vulnerability
reports.

To see a diff of this commit:
https://wip.pkgsrc.org/cgi-bin/gitweb.cgi?p=pkgsrc-wip.git;a=commitdiff;h=0feb3c059bbe47a275196b0373ceeb3d13638974

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

diffstat:
 py-pip-audit/ALTERNATIVES           |  1 +
 py-pip-audit/DESCR                  |  4 ++
 py-pip-audit/Makefile               | 38 +++++++++++++++++++
 py-pip-audit/PLIST                  | 74 +++++++++++++++++++++++++++++++++++++
 py-pip-audit/distinfo               |  6 +++
 py-pip-audit/patches/patch-setup.py | 21 +++++++++++
 6 files changed, 144 insertions(+)

diffs:
diff --git a/py-pip-audit/ALTERNATIVES b/py-pip-audit/ALTERNATIVES
new file mode 100644
index 0000000000..92e2cd1851
--- /dev/null
+++ b/py-pip-audit/ALTERNATIVES
@@ -0,0 +1 @@
+bin/pip-audit @PREFIX@/bin/pip-audit-@PYVERSSUFFIX@
diff --git a/py-pip-audit/DESCR b/py-pip-audit/DESCR
new file mode 100644
index 0000000000..9ad6523ba9
--- /dev/null
+++ b/py-pip-audit/DESCR
@@ -0,0 +1,4 @@
+pip-audit is a prototype tool for scanning Python environments for
+packages with known vulnerabilities. It uses the Python Packaging
+Advisory Database via the PyPI JSON API as a source of vulnerability
+reports.
diff --git a/py-pip-audit/Makefile b/py-pip-audit/Makefile
new file mode 100644
index 0000000000..ecc245ebb1
--- /dev/null
+++ b/py-pip-audit/Makefile
@@ -0,0 +1,38 @@
+# $NetBSD: Makefile,v 1.45 2020/12/18 09:03:43 adam Exp $
+
+DISTNAME=	pip-audit-0.0.4
+PKGNAME=	${PYPKGPREFIX}-${DISTNAME}
+CATEGORIES=	security python
+MASTER_SITES=	${MASTER_SITE_PYPI:=p/pip-audit/}
+
+MAINTAINER=	pkgsrc-users%NetBSD.org@localhost
+HOMEPAGE=	https://pypi.org/project/pip-audit/
+COMMENT=	Scan Python environments for known vulnerabilities
+LICENSE=	apache-2.0
+
+DEPENDS+=	${PYPKGPREFIX}-cachecontrol>=0.12.6:../../devel/py-cachecontrol
+DEPENDS+=	${PYPKGPREFIX}-html5lib>=1.1:../../textproc/py-html5lib
+DEPENDS+=	${PYPKGPREFIX}-lockfile>=0.12.2:../../devel/py-lockfile
+DEPENDS+=	${PYPKGPREFIX}-packaging>=21.0.0:../../devel/py-packaging
+DEPENDS+=	${PYPKGPREFIX}-pip-api>=0.0.23:../../wip/py-pip-api
+DEPENDS+=	${PYPKGPREFIX}-progress>=1.6:../../wip/py-progress
+DEPENDS+=	${PYPKGPREFIX}-resolvelib>=0.8.0:../../wip/py-resolvelib
+TEST_DEPENDS+=	${PYPKGPREFIX}-pretend-[0-9]*:../../devel/py-pretend
+TEST_DEPENDS+=	${PYPKGPREFIX}-test-[0-9]*:../../devel/py-test
+
+USE_LANGUAGES=	# none
+
+PYTHON_VERSIONS_INCOMPATIBLE=	27 36
+
+post-install:
+	cd ${DESTDIR}${PREFIX}/bin && \
+        ${MV} pip-audit pip-audit-${PYVERSSUFFIX} || ${TRUE}
+
+# needs package installed
+# 2 test failures as of 0.0.4:
+# https://github.com/trailofbits/pip-audit/issues/115
+do-test:
+	cd ${WRKSRC} && ${SETENV} ${MAKE_ENV} pytest-${PYVERSSUFFIX}
+
+.include "../../lang/python/egg.mk"
+.include "../../mk/bsd.pkg.mk"
diff --git a/py-pip-audit/PLIST b/py-pip-audit/PLIST
new file mode 100644
index 0000000000..6d5d8f2d6f
--- /dev/null
+++ b/py-pip-audit/PLIST
@@ -0,0 +1,74 @@
+@comment $NetBSD$
+bin/pip-audit-${PYVERSSUFFIX}
+${PYSITELIB}/${EGG_INFODIR}/PKG-INFO
+${PYSITELIB}/${EGG_INFODIR}/SOURCES.txt
+${PYSITELIB}/${EGG_INFODIR}/dependency_links.txt
+${PYSITELIB}/${EGG_INFODIR}/entry_points.txt
+${PYSITELIB}/${EGG_INFODIR}/requires.txt
+${PYSITELIB}/${EGG_INFODIR}/top_level.txt
+${PYSITELIB}/pip_audit/__init__.py
+${PYSITELIB}/pip_audit/__init__.pyc
+${PYSITELIB}/pip_audit/__init__.pyo
+${PYSITELIB}/pip_audit/_version.py
+${PYSITELIB}/pip_audit/_version.pyc
+${PYSITELIB}/pip_audit/_version.pyo
+${PYSITELIB}/pip_audit/audit.py
+${PYSITELIB}/pip_audit/audit.pyc
+${PYSITELIB}/pip_audit/audit.pyo
+${PYSITELIB}/pip_audit/cli.py
+${PYSITELIB}/pip_audit/cli.pyc
+${PYSITELIB}/pip_audit/cli.pyo
+${PYSITELIB}/pip_audit/dependency_source/__init__.py
+${PYSITELIB}/pip_audit/dependency_source/__init__.pyc
+${PYSITELIB}/pip_audit/dependency_source/__init__.pyo
+${PYSITELIB}/pip_audit/dependency_source/interface.py
+${PYSITELIB}/pip_audit/dependency_source/interface.pyc
+${PYSITELIB}/pip_audit/dependency_source/interface.pyo
+${PYSITELIB}/pip_audit/dependency_source/pip.py
+${PYSITELIB}/pip_audit/dependency_source/pip.pyc
+${PYSITELIB}/pip_audit/dependency_source/pip.pyo
+${PYSITELIB}/pip_audit/dependency_source/requirement.py
+${PYSITELIB}/pip_audit/dependency_source/requirement.pyc
+${PYSITELIB}/pip_audit/dependency_source/requirement.pyo
+${PYSITELIB}/pip_audit/dependency_source/resolvelib/__init__.py
+${PYSITELIB}/pip_audit/dependency_source/resolvelib/__init__.pyc
+${PYSITELIB}/pip_audit/dependency_source/resolvelib/__init__.pyo
+${PYSITELIB}/pip_audit/dependency_source/resolvelib/pypi_provider.py
+${PYSITELIB}/pip_audit/dependency_source/resolvelib/pypi_provider.pyc
+${PYSITELIB}/pip_audit/dependency_source/resolvelib/pypi_provider.pyo
+${PYSITELIB}/pip_audit/dependency_source/resolvelib/resolvelib.py
+${PYSITELIB}/pip_audit/dependency_source/resolvelib/resolvelib.pyc
+${PYSITELIB}/pip_audit/dependency_source/resolvelib/resolvelib.pyo
+${PYSITELIB}/pip_audit/format/__init__.py
+${PYSITELIB}/pip_audit/format/__init__.pyc
+${PYSITELIB}/pip_audit/format/__init__.pyo
+${PYSITELIB}/pip_audit/format/columns.py
+${PYSITELIB}/pip_audit/format/columns.pyc
+${PYSITELIB}/pip_audit/format/columns.pyo
+${PYSITELIB}/pip_audit/format/interface.py
+${PYSITELIB}/pip_audit/format/interface.pyc
+${PYSITELIB}/pip_audit/format/interface.pyo
+${PYSITELIB}/pip_audit/format/json.py
+${PYSITELIB}/pip_audit/format/json.pyc
+${PYSITELIB}/pip_audit/format/json.pyo
+${PYSITELIB}/pip_audit/service/__init__.py
+${PYSITELIB}/pip_audit/service/__init__.pyc
+${PYSITELIB}/pip_audit/service/__init__.pyo
+${PYSITELIB}/pip_audit/service/interface.py
+${PYSITELIB}/pip_audit/service/interface.pyc
+${PYSITELIB}/pip_audit/service/interface.pyo
+${PYSITELIB}/pip_audit/service/osv.py
+${PYSITELIB}/pip_audit/service/osv.pyc
+${PYSITELIB}/pip_audit/service/osv.pyo
+${PYSITELIB}/pip_audit/service/pypi.py
+${PYSITELIB}/pip_audit/service/pypi.pyc
+${PYSITELIB}/pip_audit/service/pypi.pyo
+${PYSITELIB}/pip_audit/state.py
+${PYSITELIB}/pip_audit/state.pyc
+${PYSITELIB}/pip_audit/state.pyo
+${PYSITELIB}/pip_audit/util.py
+${PYSITELIB}/pip_audit/util.pyc
+${PYSITELIB}/pip_audit/util.pyo
+${PYSITELIB}/pip_audit/virtual_env.py
+${PYSITELIB}/pip_audit/virtual_env.pyc
+${PYSITELIB}/pip_audit/virtual_env.pyo
diff --git a/py-pip-audit/distinfo b/py-pip-audit/distinfo
new file mode 100644
index 0000000000..ec9b375f58
--- /dev/null
+++ b/py-pip-audit/distinfo
@@ -0,0 +1,6 @@
+$NetBSD: distinfo,v 1.40 2021/10/26 10:18:45 nia Exp $
+
+BLAKE2s (pip-audit-0.0.4.tar.gz) = 00f5e7539b10ae2659cdc9a2f4b91b5d4612ab1be2fa40dd70d3da748b93ee3e
+SHA512 (pip-audit-0.0.4.tar.gz) = e314caff5841b2595d4de61f7865794fd6fe6bc623badc0201f553404c64c6d51f6fe52effe68b3e317965e1d3658a78555dc0556e3410f13b7c2d962263bfa1
+Size (pip-audit-0.0.4.tar.gz) = 26124 bytes
+SHA1 (patch-setup.py) = 1808507d47b7d95d772636ab2db8bde54224b5b8
diff --git a/py-pip-audit/patches/patch-setup.py b/py-pip-audit/patches/patch-setup.py
new file mode 100644
index 0000000000..016712706a
--- /dev/null
+++ b/py-pip-audit/patches/patch-setup.py
@@ -0,0 +1,21 @@
+$NetBSD$
+
+Do not insist on one particular version.
+Remove python 3.6-only dependency.
+
+--- setup.py.orig	2021-11-09 16:12:41.000000000 +0000
++++ setup.py
+@@ -30,12 +30,10 @@ setup(
+     install_requires=[
+         "pip-api>=0.0.23",
+         "packaging>=21.0.0",
+-        # TODO: Remove this once 3.7 is our minimally supported version.
+-        "dataclasses>=0.6",
+         "progress>=1.6",
+         "resolvelib>=0.8.0",
+         "html5lib>=1.1",
+-        "CacheControl==0.12.6",
++        "CacheControl>=0.12.6",
+         "lockfile>=0.12.2",
+     ],
+     extras_require={


Home | Main Index | Thread Index | Old Index