pkgsrc-WIP-changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
py-pip-audit: add upgrade candidate, currently broken
Module Name: pkgsrc-wip
Committed By: Thomas Klausner <tk%giga.or.at@localhost>
Pushed By: wiz
Date: Tue Dec 7 19:07:31 2021 +0100
Changeset: 2e97035d39e3c1ae61463a2b4929a51e38194bd5
Modified Files:
Makefile
Added Files:
py-pip-audit/ALTERNATIVES
py-pip-audit/DESCR
py-pip-audit/Makefile
py-pip-audit/PLIST
py-pip-audit/TODO
py-pip-audit/distinfo
Log Message:
py-pip-audit: add upgrade candidate, currently broken
See https://github.com/trailofbits/pip-audit/issues/195
To see a diff of this commit:
https://wip.pkgsrc.org/cgi-bin/gitweb.cgi?p=pkgsrc-wip.git;a=commitdiff;h=2e97035d39e3c1ae61463a2b4929a51e38194bd5
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
diffstat:
Makefile | 1 +
py-pip-audit/ALTERNATIVES | 1 +
py-pip-audit/DESCR | 4 +++
py-pip-audit/Makefile | 51 ++++++++++++++++++++++++++++++
py-pip-audit/PLIST | 80 +++++++++++++++++++++++++++++++++++++++++++++++
py-pip-audit/TODO | 2 ++
py-pip-audit/distinfo | 5 +++
7 files changed, 144 insertions(+)
diffs:
diff --git a/Makefile b/Makefile
index 5f1457478a..e2ffd47f67 100644
--- a/Makefile
+++ b/Makefile
@@ -4283,6 +4283,7 @@ SUBDIR+= py-picture-to-gds
SUBDIR+= py-pillow
SUBDIR+= py-pinout
SUBDIR+= py-pint
+SUBDIR+= py-pip-audit
SUBDIR+= py-pip2pi
SUBDIR+= py-pipdeptree
SUBDIR+= py-pipenv
diff --git a/py-pip-audit/ALTERNATIVES b/py-pip-audit/ALTERNATIVES
new file mode 100644
index 0000000000..92e2cd1851
--- /dev/null
+++ b/py-pip-audit/ALTERNATIVES
@@ -0,0 +1 @@
+bin/pip-audit @PREFIX@/bin/pip-audit-@PYVERSSUFFIX@
diff --git a/py-pip-audit/DESCR b/py-pip-audit/DESCR
new file mode 100644
index 0000000000..9ad6523ba9
--- /dev/null
+++ b/py-pip-audit/DESCR
@@ -0,0 +1,4 @@
+pip-audit is a prototype tool for scanning Python environments for
+packages with known vulnerabilities. It uses the Python Packaging
+Advisory Database via the PyPI JSON API as a source of vulnerability
+reports.
diff --git a/py-pip-audit/Makefile b/py-pip-audit/Makefile
new file mode 100644
index 0000000000..34b7a0c42a
--- /dev/null
+++ b/py-pip-audit/Makefile
@@ -0,0 +1,51 @@
+# $NetBSD: Makefile,v 1.1 2021/11/16 16:04:40 wiz Exp $
+
+DISTNAME= pip-audit-1.1.0
+PKGNAME= ${PYPKGPREFIX}-${DISTNAME}
+CATEGORIES= security python
+# pypi file does not include tests
+#MASTER_SITES= ${MASTER_SITE_PYPI:=p/pip-audit/}
+MASTER_SITES= ${MASTER_SITE_GITHUB:=trailofbits/}
+GITHUB_PROJECT= pip-audit
+GITHUB_TAG= v${PKGVERSION_NOREV}
+
+MAINTAINER= pkgsrc-users%NetBSD.org@localhost
+HOMEPAGE= https://pypi.org/project/pip-audit/
+COMMENT= Scan Python environments for known vulnerabilities
+LICENSE= apache-2.0
+
+DEPENDS+= ${PYPKGPREFIX}-cachecontrol>=0.12.6:../../devel/py-cachecontrol
+DEPENDS+= ${PYPKGPREFIX}-cyclonedx-python-lib-[0-9]*:../../security/py-cyclonedx-python-lib
+DEPENDS+= ${PYPKGPREFIX}-html5lib>=1.1:../../textproc/py-html5lib
+DEPENDS+= ${PYPKGPREFIX}-lockfile>=0.12.2:../../devel/py-lockfile
+DEPENDS+= ${PYPKGPREFIX}-packaging>=21.0.0:../../devel/py-packaging
+DEPENDS+= ${PYPKGPREFIX}-pip-api>=0.0.23:../../devel/py-pip-api
+DEPENDS+= ${PYPKGPREFIX}-progress>=1.6:../../devel/py-progress
+DEPENDS+= ${PYPKGPREFIX}-resolvelib>=0.8.0:../../devel/py-resolvelib
+TEST_DEPENDS+= ${PYPKGPREFIX}-pretend-[0-9]*:../../devel/py-pretend
+TEST_DEPENDS+= ${PYPKGPREFIX}-test-[0-9]*:../../devel/py-test
+
+PYTHON_VERSIONS_INCOMPATIBLE= 27
+
+.include "../../lang/python/pyversion.mk"
+
+.if ${_PYTHON_VERSION} == 36
+DEPENDS+= ${PYPKGPREFIX}-dataclasses>=0.6:../../devel/py-dataclasses
+.endif
+
+USE_LANGUAGES= c
+
+post-install:
+ cd ${DESTDIR}${PREFIX}/bin && \
+ ${MV} pip-audit pip-audit-${PYVERSSUFFIX} || ${TRUE}
+ ${RM} -r ${DESTDIR}${PREFIX}/${PYSITELIB}/test
+
+# as of 1.1.0
+# 2 failed, 59 passed
+# https://github.com/trailofbits/pip-audit/issues/195
+TEST_ENV+= PYTHONPATH=${WRKSRC}/build/lib:${WRKSRC}/build/lib/test
+do-test:
+ cd ${WRKSRC} && ${SETENV} ${TEST_ENV} pytest-${PYVERSSUFFIX}
+
+.include "../../lang/python/egg.mk"
+.include "../../mk/bsd.pkg.mk"
diff --git a/py-pip-audit/PLIST b/py-pip-audit/PLIST
new file mode 100644
index 0000000000..de5cfc1fa9
--- /dev/null
+++ b/py-pip-audit/PLIST
@@ -0,0 +1,80 @@
+@comment $NetBSD$
+bin/pip-audit-${PYVERSSUFFIX}
+${PYSITELIB}/${EGG_INFODIR}/PKG-INFO
+${PYSITELIB}/${EGG_INFODIR}/SOURCES.txt
+${PYSITELIB}/${EGG_INFODIR}/dependency_links.txt
+${PYSITELIB}/${EGG_INFODIR}/entry_points.txt
+${PYSITELIB}/${EGG_INFODIR}/requires.txt
+${PYSITELIB}/${EGG_INFODIR}/top_level.txt
+${PYSITELIB}/pip_audit/__init__.py
+${PYSITELIB}/pip_audit/__init__.pyc
+${PYSITELIB}/pip_audit/__init__.pyo
+${PYSITELIB}/pip_audit/__main__.py
+${PYSITELIB}/pip_audit/__main__.pyc
+${PYSITELIB}/pip_audit/__main__.pyo
+${PYSITELIB}/pip_audit/_audit.py
+${PYSITELIB}/pip_audit/_audit.pyc
+${PYSITELIB}/pip_audit/_audit.pyo
+${PYSITELIB}/pip_audit/_cli.py
+${PYSITELIB}/pip_audit/_cli.pyc
+${PYSITELIB}/pip_audit/_cli.pyo
+${PYSITELIB}/pip_audit/_dependency_source/__init__.py
+${PYSITELIB}/pip_audit/_dependency_source/__init__.pyc
+${PYSITELIB}/pip_audit/_dependency_source/__init__.pyo
+${PYSITELIB}/pip_audit/_dependency_source/interface.py
+${PYSITELIB}/pip_audit/_dependency_source/interface.pyc
+${PYSITELIB}/pip_audit/_dependency_source/interface.pyo
+${PYSITELIB}/pip_audit/_dependency_source/pip.py
+${PYSITELIB}/pip_audit/_dependency_source/pip.pyc
+${PYSITELIB}/pip_audit/_dependency_source/pip.pyo
+${PYSITELIB}/pip_audit/_dependency_source/requirement.py
+${PYSITELIB}/pip_audit/_dependency_source/requirement.pyc
+${PYSITELIB}/pip_audit/_dependency_source/requirement.pyo
+${PYSITELIB}/pip_audit/_dependency_source/resolvelib/__init__.py
+${PYSITELIB}/pip_audit/_dependency_source/resolvelib/__init__.pyc
+${PYSITELIB}/pip_audit/_dependency_source/resolvelib/__init__.pyo
+${PYSITELIB}/pip_audit/_dependency_source/resolvelib/pypi_provider.py
+${PYSITELIB}/pip_audit/_dependency_source/resolvelib/pypi_provider.pyc
+${PYSITELIB}/pip_audit/_dependency_source/resolvelib/pypi_provider.pyo
+${PYSITELIB}/pip_audit/_dependency_source/resolvelib/resolvelib.py
+${PYSITELIB}/pip_audit/_dependency_source/resolvelib/resolvelib.pyc
+${PYSITELIB}/pip_audit/_dependency_source/resolvelib/resolvelib.pyo
+${PYSITELIB}/pip_audit/_format/__init__.py
+${PYSITELIB}/pip_audit/_format/__init__.pyc
+${PYSITELIB}/pip_audit/_format/__init__.pyo
+${PYSITELIB}/pip_audit/_format/columns.py
+${PYSITELIB}/pip_audit/_format/columns.pyc
+${PYSITELIB}/pip_audit/_format/columns.pyo
+${PYSITELIB}/pip_audit/_format/cyclonedx.py
+${PYSITELIB}/pip_audit/_format/cyclonedx.pyc
+${PYSITELIB}/pip_audit/_format/cyclonedx.pyo
+${PYSITELIB}/pip_audit/_format/interface.py
+${PYSITELIB}/pip_audit/_format/interface.pyc
+${PYSITELIB}/pip_audit/_format/interface.pyo
+${PYSITELIB}/pip_audit/_format/json.py
+${PYSITELIB}/pip_audit/_format/json.pyc
+${PYSITELIB}/pip_audit/_format/json.pyo
+${PYSITELIB}/pip_audit/_service/__init__.py
+${PYSITELIB}/pip_audit/_service/__init__.pyc
+${PYSITELIB}/pip_audit/_service/__init__.pyo
+${PYSITELIB}/pip_audit/_service/interface.py
+${PYSITELIB}/pip_audit/_service/interface.pyc
+${PYSITELIB}/pip_audit/_service/interface.pyo
+${PYSITELIB}/pip_audit/_service/osv.py
+${PYSITELIB}/pip_audit/_service/osv.pyc
+${PYSITELIB}/pip_audit/_service/osv.pyo
+${PYSITELIB}/pip_audit/_service/pypi.py
+${PYSITELIB}/pip_audit/_service/pypi.pyc
+${PYSITELIB}/pip_audit/_service/pypi.pyo
+${PYSITELIB}/pip_audit/_state.py
+${PYSITELIB}/pip_audit/_state.pyc
+${PYSITELIB}/pip_audit/_state.pyo
+${PYSITELIB}/pip_audit/_util.py
+${PYSITELIB}/pip_audit/_util.pyc
+${PYSITELIB}/pip_audit/_util.pyo
+${PYSITELIB}/pip_audit/_version.py
+${PYSITELIB}/pip_audit/_version.pyc
+${PYSITELIB}/pip_audit/_version.pyo
+${PYSITELIB}/pip_audit/_virtual_env.py
+${PYSITELIB}/pip_audit/_virtual_env.pyc
+${PYSITELIB}/pip_audit/_virtual_env.pyo
diff --git a/py-pip-audit/TODO b/py-pip-audit/TODO
new file mode 100644
index 0000000000..224c04f60f
--- /dev/null
+++ b/py-pip-audit/TODO
@@ -0,0 +1,2 @@
+Broken, see
+https://github.com/trailofbits/pip-audit/issues/195
diff --git a/py-pip-audit/distinfo b/py-pip-audit/distinfo
new file mode 100644
index 0000000000..21552bda02
--- /dev/null
+++ b/py-pip-audit/distinfo
@@ -0,0 +1,5 @@
+$NetBSD: distinfo,v 1.1 2021/11/16 16:04:40 wiz Exp $
+
+BLAKE2s (pip-audit-1.1.0.tar.gz) = c31697d727e3fe5413a281f37b24e83732afbc20dfead2e436a4680d3fc6e8a4
+SHA512 (pip-audit-1.1.0.tar.gz) = 77c0552f840ca17fb9a80e9dd594bf8faf74aad5331e1689ad6b7c436d29589fd1b5db9db3e41a16679934fe1856ad0d0821ee5c52a5d4508fda6236bdf27f22
+Size (pip-audit-1.1.0.tar.gz) = 41526 bytes
Home |
Main Index |
Thread Index |
Old Index