pyrox.dev
1{
2 lib,
3 buildPythonPackage,
4 fetchFromGitHub,
5 asn1crypto,
6 oscrypto,
7 cacert,
8}:
9
10buildPythonPackage rec {
11 pname = "certvalidator";
12 version = "0.11.1";
13 format = "setuptools";
14
15 src = fetchFromGitHub {
16 owner = "wbond";
17 repo = "certvalidator";
18 rev = version;
19 hash = "sha256-yVF7t4FuU3C9fDg67JeM7LWZZh/mv5F4EKmjlO4AuBY=";
20 };
21
22 propagatedBuildInputs = [
23 asn1crypto
24 oscrypto
25 ];
26
27 nativeCheckInputs = [ cacert ];
28 checkPhase = ''
29 # Tests are run with a custom executor/loader
30 # The regex to skip specific tests relies on negative lookahead of regular expressions
31 # We're skipping the few tests that rely on the network, fetching CRLs, OCSP or remote certificates
32 python -c 'import dev.tests; dev.tests.run("^(?!.*test_(basic_certificate_validator_tls|fetch|revocation|build_path)).*$")'
33 '';
34 pythonImportsCheck = [ "certvalidator" ];
35
36 meta = with lib; {
37 homepage = "https://github.com/wbond/certvalidator";
38 description = "Validates X.509 certificates and paths";
39 license = licenses.mit;
40 maintainers = with maintainers; [ baloo ];
41 };
42}