pyrox.dev
1{
2 lib,
3 buildPythonPackage,
4 fetchPypi,
5 pythonOlder,
6 gitpython,
7 pbr,
8 pyyaml,
9 rich,
10 stevedore,
11}:
12
13buildPythonPackage rec {
14 pname = "bandit";
15 version = "1.8.6";
16 pyproject = true;
17
18 disabled = pythonOlder "3.9";
19
20 src = fetchPypi {
21 inherit pname version;
22 hash = "sha256-2/6cJfxpYcIHhZPeVf0Z8lWfnkW5nxJyNB9bld6k5Ws=";
23 };
24
25 nativeBuildInputs = [ pbr ];
26
27 propagatedBuildInputs = [
28 gitpython
29 pyyaml
30 rich
31 stevedore
32 ];
33
34 # Framework is Tox, tox performs 'pip install' inside the virtual-env
35 # and this requires Network Connectivity
36 doCheck = false;
37
38 pythonImportsCheck = [ "bandit" ];
39
40 meta = with lib; {
41 description = "Security oriented static analyser for python code";
42 homepage = "https://bandit.readthedocs.io/";
43 changelog = "https://github.com/PyCQA/bandit/releases/tag/${version}";
44 license = licenses.asl20;
45 maintainers = with maintainers; [ kamadorueda ];
46 };
47}