From 0efe135d99311b3daa4e081e278d460200cc4105 Mon Sep 17 00:00:00 2001
From: 06kellyjac <dev@j-k.io>
Date: Fri, 8 Oct 2021 12:04:08 +0100
Subject: scorecard: 2.2.8 -> 3.0.1

---
 pkgs/tools/security/scorecard/default.nix | 29 +++++++++++++++++++++++------
 1 file changed, 23 insertions(+), 6 deletions(-)

diff --git a/pkgs/tools/security/scorecard/default.nix b/pkgs/tools/security/scorecard/default.nix
index d0908c359502..0cc94c63c9f0 100644
--- a/pkgs/tools/security/scorecard/default.nix
+++ b/pkgs/tools/security/scorecard/default.nix
@@ -1,16 +1,33 @@
-{ lib, buildGoModule, fetchFromGitHub, installShellFiles }:
+{ lib, buildGoModule, fetchFromGitHub, fetchgit, installShellFiles }:
 
 buildGoModule rec {
   pname = "scorecard";
-  version = "2.2.8";
+  version = "3.0.1";
 
   src = fetchFromGitHub {
     owner = "ossf";
     repo = pname;
     rev = "v${version}";
-    sha256 = "sha256-U29NCZFXOhu0xLfDlJ1Q7m8TbAm+C6+ecYFhcI5gg6s=";
+    sha256 = "sha256-19XDAgv9ARCZ7eNlWUPcsbGNyKA9vYFry8m6D3+vQP8=";
+    # populate values otherwise taken care of by goreleaser,
+    # unfortunately these require us to use git. By doing
+    # this in postFetch we can delete .git afterwards and
+    # maintain better reproducibility of the src.
+    leaveDotGit = true;
+    postFetch = ''
+      cd "$out"
+
+      commit="$(git rev-parse HEAD)"
+      source_date_epoch=$(git log --date=iso8601-strict -1 --pretty=%ct)
+
+      substituteInPlace "$out/pkg/scorecard_version.go" \
+        --replace 'gitCommit = "unknown"' "gitCommit = \"$commit\"" \
+        --replace 'buildDate = "unknown"' "buildDate = \"$source_date_epoch\""
+
+      find "$out" -name .git -print0 | xargs -0 rm -rf
+    '';
   };
-  vendorSha256 = "sha256-hOATCXjBE0doHnY2BaRKZocQ6SIigL0q4m9eEJGKh6Q=";
+  vendorSha256 = "sha256-ucF26pTEvG8tkzsyC9WNbvl8QCeetKBvBIcQL2NTfjo=";
 
   # Install completions post-install
   nativeBuildInputs = [ installShellFiles ];
@@ -20,8 +37,8 @@ buildGoModule rec {
   ldflags = [
     "-s"
     "-w"
-    "-X github.com/ossf/scorecard/v2/pkg.gitVersion=v${version}"
-    "-X github.com/ossf/scorecard/v2/pkg.gitTreeState=clean"
+    "-X github.com/ossf/scorecard/v${lib.versions.major version}/pkg.gitVersion=v${version}"
+    "-X github.com/ossf/scorecard/v${lib.versions.major version}/pkg.gitTreeState=clean"
   ];
 
   preCheck = ''
-- 
cgit v1.2.3