diff options
| author | Sandro <sandro.jaeckel@gmail.com> | 2021-10-10 18:23:25 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-10-10 18:23:25 +0200 |
| commit | 575c56d1fec3e2ec93728b1dee111f747f8fdca8 (patch) | |
| tree | 30fdfdb4efc6370f861937591f3d6d7b0102c375 | |
| parent | d265fdf83a5fba0342fff2fc1fddcca55adb95ed (diff) | |
| parent | 0efe135d99311b3daa4e081e278d460200cc4105 (diff) | |
Merge pull request #140968 from 06kellyjac/scorecard
| -rw-r--r-- | pkgs/tools/security/scorecard/default.nix | 29 |
1 files changed, 23 insertions, 6 deletions
diff --git a/pkgs/tools/security/scorecard/default.nix b/pkgs/tools/security/scorecard/default.nix index d0908c359502..0cc94c63c9f0 100644 --- a/pkgs/tools/security/scorecard/default.nix +++ b/pkgs/tools/security/scorecard/default.nix @@ -1,16 +1,33 @@ -{ lib, buildGoModule, fetchFromGitHub, installShellFiles }: +{ lib, buildGoModule, fetchFromGitHub, fetchgit, installShellFiles }: buildGoModule rec { pname = "scorecard"; - version = "2.2.8"; + version = "3.0.1"; src = fetchFromGitHub { owner = "ossf"; repo = pname; rev = "v${version}"; - sha256 = "sha256-U29NCZFXOhu0xLfDlJ1Q7m8TbAm+C6+ecYFhcI5gg6s="; + sha256 = "sha256-19XDAgv9ARCZ7eNlWUPcsbGNyKA9vYFry8m6D3+vQP8="; + # populate values otherwise taken care of by goreleaser, + # unfortunately these require us to use git. By doing + # this in postFetch we can delete .git afterwards and + # maintain better reproducibility of the src. + leaveDotGit = true; + postFetch = '' + cd "$out" + + commit="$(git rev-parse HEAD)" + source_date_epoch=$(git log --date=iso8601-strict -1 --pretty=%ct) + + substituteInPlace "$out/pkg/scorecard_version.go" \ + --replace 'gitCommit = "unknown"' "gitCommit = \"$commit\"" \ + --replace 'buildDate = "unknown"' "buildDate = \"$source_date_epoch\"" + + find "$out" -name .git -print0 | xargs -0 rm -rf + ''; }; - vendorSha256 = "sha256-hOATCXjBE0doHnY2BaRKZocQ6SIigL0q4m9eEJGKh6Q="; + vendorSha256 = "sha256-ucF26pTEvG8tkzsyC9WNbvl8QCeetKBvBIcQL2NTfjo="; # Install completions post-install nativeBuildInputs = [ installShellFiles ]; @@ -20,8 +37,8 @@ buildGoModule rec { ldflags = [ "-s" "-w" - "-X github.com/ossf/scorecard/v2/pkg.gitVersion=v${version}" - "-X github.com/ossf/scorecard/v2/pkg.gitTreeState=clean" + "-X github.com/ossf/scorecard/v${lib.versions.major version}/pkg.gitVersion=v${version}" + "-X github.com/ossf/scorecard/v${lib.versions.major version}/pkg.gitTreeState=clean" ]; preCheck = '' |