a19cd4ffb1
This reverts commit65a333600d. This wasn't tested for correctness with something like fodwatch [0], and should not have been (self-)merged so quickly, especially without further review. It also resulted in the breakage of at least one package [1] (and that's the one we know of and was caught). A few packages that were updated in between this commit and this revert were not reverted back to using `rev`, but other than that, this is a 1:1 revert. [0]: https://codeberg.org/raphaelr/fodwatch [1]: https://github.com/NixOS/nixpkgs/pull/396904 /758551e458
43 lines
1.1 KiB
Nix
43 lines
1.1 KiB
Nix
{
|
|
lib,
|
|
buildPythonPackage,
|
|
fetchFromGitHub,
|
|
asn1crypto,
|
|
oscrypto,
|
|
cacert,
|
|
}:
|
|
|
|
buildPythonPackage rec {
|
|
pname = "certvalidator";
|
|
version = "0.11.1";
|
|
format = "setuptools";
|
|
|
|
src = fetchFromGitHub {
|
|
owner = "wbond";
|
|
repo = pname;
|
|
rev = version;
|
|
hash = "sha256-yVF7t4FuU3C9fDg67JeM7LWZZh/mv5F4EKmjlO4AuBY=";
|
|
};
|
|
|
|
propagatedBuildInputs = [
|
|
asn1crypto
|
|
oscrypto
|
|
];
|
|
|
|
nativeCheckInputs = [ cacert ];
|
|
checkPhase = ''
|
|
# Tests are run with a custom executor/loader
|
|
# The regex to skip specific tests relies on negative lookahead of regular expressions
|
|
# We're skipping the few tests that rely on the network, fetching CRLs, OCSP or remote certificates
|
|
python -c 'import dev.tests; dev.tests.run("^(?!.*test_(basic_certificate_validator_tls|fetch|revocation|build_path)).*$")'
|
|
'';
|
|
pythonImportsCheck = [ "certvalidator" ];
|
|
|
|
meta = with lib; {
|
|
homepage = "https://github.com/wbond/certvalidator";
|
|
description = "Validates X.509 certificates and paths";
|
|
license = licenses.mit;
|
|
maintainers = with maintainers; [ baloo ];
|
|
};
|
|
}
|