[pkgsrc/trunk]: pkgsrc/security/py-pip-audit security/py-pip-audit: import py...

To: pkgsrc-changes-hg%NetBSD.org@localhost
Subject: [pkgsrc/trunk]: pkgsrc/security/py-pip-audit security/py-pip-audit: import py...
From: wiz <wiz%pkgsrc.org@localhost>
Date: Tue, 16 Nov 2021 17:24:16 +0000
details:   https://anonhg.NetBSD.org/pkgsrc/rev/809364433997
branches:  trunk
changeset: 769588:809364433997
user:      wiz <wiz%pkgsrc.org@localhost>
date:      Tue Nov 16 16:04:40 2021 +0000

description:
security/py-pip-audit: import py-pip-audit-0.0.5

pip-audit is a prototype tool for scanning Python environments for
packages with known vulnerabilities. It uses the Python Packaging
Advisory Database via the PyPI JSON API as a source of vulnerability
reports.

diffstat:

 security/py-pip-audit/ALTERNATIVES           |   1 +
 security/py-pip-audit/DESCR                  |   4 +
 security/py-pip-audit/Makefile               |  50 ++++++++++++++++++
 security/py-pip-audit/PLIST                  |  74 ++++++++++++++++++++++++++++
 security/py-pip-audit/distinfo               |   6 ++
 security/py-pip-audit/patches/patch-setup.py |  15 +++++
 6 files changed, 150 insertions(+), 0 deletions(-)

diffs (174 lines):

diff -r ee75e4baa721 -r 809364433997 security/py-pip-audit/ALTERNATIVES
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/security/py-pip-audit/ALTERNATIVES        Tue Nov 16 16:04:40 2021 +0000
@@ -0,0 +1,1 @@
+bin/pip-audit @PREFIX@/bin/pip-audit-@PYVERSSUFFIX@
diff -r ee75e4baa721 -r 809364433997 security/py-pip-audit/DESCR
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/security/py-pip-audit/DESCR       Tue Nov 16 16:04:40 2021 +0000
@@ -0,0 +1,4 @@
+pip-audit is a prototype tool for scanning Python environments for
+packages with known vulnerabilities. It uses the Python Packaging
+Advisory Database via the PyPI JSON API as a source of vulnerability
+reports.
diff -r ee75e4baa721 -r 809364433997 security/py-pip-audit/Makefile
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/security/py-pip-audit/Makefile    Tue Nov 16 16:04:40 2021 +0000
@@ -0,0 +1,50 @@
+# $NetBSD: Makefile,v 1.1 2021/11/16 16:04:40 wiz Exp $
+
+DISTNAME=      pip-audit-0.0.5
+PKGNAME=       ${PYPKGPREFIX}-${DISTNAME}
+CATEGORIES=    security python
+# pypi file does not include tests
+#MASTER_SITES= ${MASTER_SITE_PYPI:=p/pip-audit/}
+MASTER_SITES=  ${MASTER_SITE_GITHUB:=trailofbits/}
+GITHUB_PROJECT=        pip-audit
+GITHUB_TAG=    v${PKGVERSION_NOREV}
+
+MAINTAINER=    pkgsrc-users%NetBSD.org@localhost
+HOMEPAGE=      https://pypi.org/project/pip-audit/
+COMMENT=       Scan Python environments for known vulnerabilities
+LICENSE=       apache-2.0
+
+DEPENDS+=      ${PYPKGPREFIX}-cachecontrol>=0.12.6:../../devel/py-cachecontrol
+DEPENDS+=      ${PYPKGPREFIX}-html5lib>=1.1:../../textproc/py-html5lib
+DEPENDS+=      ${PYPKGPREFIX}-lockfile>=0.12.2:../../devel/py-lockfile
+DEPENDS+=      ${PYPKGPREFIX}-packaging>=21.0.0:../../devel/py-packaging
+DEPENDS+=      ${PYPKGPREFIX}-pip-api>=0.0.23:../../devel/py-pip-api
+DEPENDS+=      ${PYPKGPREFIX}-progress>=1.6:../../devel/py-progress
+DEPENDS+=      ${PYPKGPREFIX}-resolvelib>=0.8.0:../../devel/py-resolvelib
+TEST_DEPENDS+= ${PYPKGPREFIX}-pretend-[0-9]*:../../devel/py-pretend
+TEST_DEPENDS+= ${PYPKGPREFIX}-test-[0-9]*:../../devel/py-test
+
+PYTHON_VERSIONS_INCOMPATIBLE=  27
+
+.include "../../lang/python/pyversion.mk"
+
+.if ${_PYTHON_VERSION} == 36
+DEPENDS+=      ${PYPKGPREFIX}-dataclasses>=0.6:../../devel/py-dataclasses
+.endif
+
+USE_LANGUAGES= # none
+
+post-install:
+       cd ${DESTDIR}${PREFIX}/bin && \
+        ${MV} pip-audit pip-audit-${PYVERSSUFFIX} || ${TRUE}
+       ${RM} -r ${DESTDIR}${PREFIX}/${PYSITELIB}/test
+
+# as of 0.0.4
+# 2 failed, 46 passed
+# https://github.com/trailofbits/pip-audit/issues/115
+TEST_ENV+=     PYTHONPATH=${WRKSRC}/build/lib:${WRKSRC}/build/lib/test
+do-test:
+       cd ${WRKSRC} && ${SETENV} ${TEST_ENV} pytest-${PYVERSSUFFIX}
+
+.include "../../lang/python/egg.mk"
+.include "../../mk/bsd.pkg.mk"
diff -r ee75e4baa721 -r 809364433997 security/py-pip-audit/PLIST
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/security/py-pip-audit/PLIST       Tue Nov 16 16:04:40 2021 +0000
@@ -0,0 +1,74 @@
+@comment $NetBSD: PLIST,v 1.1 2021/11/16 16:04:40 wiz Exp $
+bin/pip-audit-${PYVERSSUFFIX}
+${PYSITELIB}/${EGG_INFODIR}/PKG-INFO
+${PYSITELIB}/${EGG_INFODIR}/SOURCES.txt
+${PYSITELIB}/${EGG_INFODIR}/dependency_links.txt
+${PYSITELIB}/${EGG_INFODIR}/entry_points.txt
+${PYSITELIB}/${EGG_INFODIR}/requires.txt
+${PYSITELIB}/${EGG_INFODIR}/top_level.txt
+${PYSITELIB}/pip_audit/__init__.py
+${PYSITELIB}/pip_audit/__init__.pyc
+${PYSITELIB}/pip_audit/__init__.pyo
+${PYSITELIB}/pip_audit/_version.py
+${PYSITELIB}/pip_audit/_version.pyc
+${PYSITELIB}/pip_audit/_version.pyo
+${PYSITELIB}/pip_audit/audit.py
+${PYSITELIB}/pip_audit/audit.pyc
+${PYSITELIB}/pip_audit/audit.pyo
+${PYSITELIB}/pip_audit/cli.py
+${PYSITELIB}/pip_audit/cli.pyc
+${PYSITELIB}/pip_audit/cli.pyo
+${PYSITELIB}/pip_audit/dependency_source/__init__.py
+${PYSITELIB}/pip_audit/dependency_source/__init__.pyc
+${PYSITELIB}/pip_audit/dependency_source/__init__.pyo
+${PYSITELIB}/pip_audit/dependency_source/interface.py
+${PYSITELIB}/pip_audit/dependency_source/interface.pyc
+${PYSITELIB}/pip_audit/dependency_source/interface.pyo
+${PYSITELIB}/pip_audit/dependency_source/pip.py
+${PYSITELIB}/pip_audit/dependency_source/pip.pyc
+${PYSITELIB}/pip_audit/dependency_source/pip.pyo
+${PYSITELIB}/pip_audit/dependency_source/requirement.py
+${PYSITELIB}/pip_audit/dependency_source/requirement.pyc
+${PYSITELIB}/pip_audit/dependency_source/requirement.pyo
+${PYSITELIB}/pip_audit/dependency_source/resolvelib/__init__.py
+${PYSITELIB}/pip_audit/dependency_source/resolvelib/__init__.pyc
+${PYSITELIB}/pip_audit/dependency_source/resolvelib/__init__.pyo
+${PYSITELIB}/pip_audit/dependency_source/resolvelib/pypi_provider.py
+${PYSITELIB}/pip_audit/dependency_source/resolvelib/pypi_provider.pyc
+${PYSITELIB}/pip_audit/dependency_source/resolvelib/pypi_provider.pyo
+${PYSITELIB}/pip_audit/dependency_source/resolvelib/resolvelib.py
+${PYSITELIB}/pip_audit/dependency_source/resolvelib/resolvelib.pyc
+${PYSITELIB}/pip_audit/dependency_source/resolvelib/resolvelib.pyo
+${PYSITELIB}/pip_audit/format/__init__.py
+${PYSITELIB}/pip_audit/format/__init__.pyc
+${PYSITELIB}/pip_audit/format/__init__.pyo
+${PYSITELIB}/pip_audit/format/columns.py
+${PYSITELIB}/pip_audit/format/columns.pyc
+${PYSITELIB}/pip_audit/format/columns.pyo
+${PYSITELIB}/pip_audit/format/interface.py
+${PYSITELIB}/pip_audit/format/interface.pyc
+${PYSITELIB}/pip_audit/format/interface.pyo
+${PYSITELIB}/pip_audit/format/json.py
+${PYSITELIB}/pip_audit/format/json.pyc
+${PYSITELIB}/pip_audit/format/json.pyo
+${PYSITELIB}/pip_audit/service/__init__.py
+${PYSITELIB}/pip_audit/service/__init__.pyc
+${PYSITELIB}/pip_audit/service/__init__.pyo
+${PYSITELIB}/pip_audit/service/interface.py
+${PYSITELIB}/pip_audit/service/interface.pyc
+${PYSITELIB}/pip_audit/service/interface.pyo
+${PYSITELIB}/pip_audit/service/osv.py
+${PYSITELIB}/pip_audit/service/osv.pyc
+${PYSITELIB}/pip_audit/service/osv.pyo
+${PYSITELIB}/pip_audit/service/pypi.py
+${PYSITELIB}/pip_audit/service/pypi.pyc
+${PYSITELIB}/pip_audit/service/pypi.pyo
+${PYSITELIB}/pip_audit/state.py
+${PYSITELIB}/pip_audit/state.pyc
+${PYSITELIB}/pip_audit/state.pyo
+${PYSITELIB}/pip_audit/util.py
+${PYSITELIB}/pip_audit/util.pyc
+${PYSITELIB}/pip_audit/util.pyo
+${PYSITELIB}/pip_audit/virtual_env.py
+${PYSITELIB}/pip_audit/virtual_env.pyc
+${PYSITELIB}/pip_audit/virtual_env.pyo
diff -r ee75e4baa721 -r 809364433997 security/py-pip-audit/distinfo
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/security/py-pip-audit/distinfo    Tue Nov 16 16:04:40 2021 +0000
@@ -0,0 +1,6 @@
+$NetBSD: distinfo,v 1.1 2021/11/16 16:04:40 wiz Exp $
+
+BLAKE2s (pip-audit-0.0.5.tar.gz) = c60ea00a1e24ff8e0677ae3d8d7d72b606e919475534b108de32174b2cad7826
+SHA512 (pip-audit-0.0.5.tar.gz) = 018aa04901baee74399314faa3afeebd141be91d4bba7621f5c657281458ae5a7d90db60e3059d9bfec858dc0e4251b9c56321b8d22d2533edf9db1154180a03
+Size (pip-audit-0.0.5.tar.gz) = 31766 bytes
+SHA1 (patch-setup.py) = 2171a0cc6c3b737844cce29f1c38d1099115f640
diff -r ee75e4baa721 -r 809364433997 security/py-pip-audit/patches/patch-setup.py
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/security/py-pip-audit/patches/patch-setup.py      Tue Nov 16 16:04:40 2021 +0000
@@ -0,0 +1,15 @@
+$NetBSD: patch-setup.py,v 1.1 2021/11/16 16:04:40 wiz Exp $
+
+Do not insist on one particular version of CacheControl.
+
+--- setup.py.orig      2021-11-09 22:42:57.000000000 +0000
++++ setup.py
+@@ -35,7 +35,7 @@ setup(
+         "progress>=1.6",
+         "resolvelib>=0.8.0",
+         "html5lib>=1.1",
+-        "CacheControl==0.12.10",
++        "CacheControl>=0.12.10",
+         "lockfile>=0.12.2",
+     ],
+     extras_require={
Prev by Date: [pkgsrc/trunk]: pkgsrc/security security/Makefile: + py-pip-audit
Next by Date: [pkgsrc/trunk]: pkgsrc/doc doc: Added security/py-pip-audit version 0.0.5
Previous by Thread: [pkgsrc/trunk]: pkgsrc/security security/Makefile: + py-pip-audit
Next by Thread: [pkgsrc/trunk]: pkgsrc/doc doc: Added security/py-pip-audit version 0.0.5
Indexes:
Home | Main Index | Thread Index | Old Index