Skip to content

Commit

Permalink
fix: Devshell
Browse files Browse the repository at this point in the history
- expose `vulnix` and `nix-visualize` as package outputs
- include `vulnix` and `nix-visualize` in devshell

This fixes running `vulnxscan` and `nix_outdated` from
within the devshell.

Signed-off-by: Brian McGee <[email protected]>
  • Loading branch information
brianmcgee authored and henrirosten committed Nov 11, 2023
1 parent 343919c commit fe9b7d1
Show file tree
Hide file tree
Showing 2 changed files with 16 additions and 11 deletions.
5 changes: 5 additions & 0 deletions nix/devshell.nix
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@
perSystem = {
pkgs,
inputs',
self',
...
}: {
devShells.default = let
Expand All @@ -25,6 +26,10 @@
nix
reuse
])
++ (with self'.packages; [
vulnix
nix-visualize
])
++ (with pp; [
beautifulsoup4
colorlog
Expand Down
22 changes: 11 additions & 11 deletions nix/packages.nix
Original file line number Diff line number Diff line change
Expand Up @@ -9,17 +9,6 @@
}: let
pp = pkgs.python3Packages;

# We use vulnix from 'https://github.com/henrirosten/vulnix' to get
# vulnix support for runtime-only scan ('-C' command-line option)
# which is currently not available in released version of vulnix.
# Pending https://github.com/nix-community/vulnix/pull/80
vulnix = (import inputs.vulnix) {
inherit (inputs) nixpkgs; # required but not used as we provide pkgs
inherit pkgs lib;
};

nix-visualize = (import inputs.nix-visualize) {inherit pkgs;};

pyrate-limiter = pp.buildPythonPackage rec {
version = "2.10.0";
pname = "pyrate-limiter";
Expand Down Expand Up @@ -55,6 +44,17 @@
packages = rec {
default = sbomnix;

# We use vulnix from 'https://github.com/henrirosten/vulnix' to get
# vulnix support for runtime-only scan ('-C' command-line option)
# which is currently not available in released version of vulnix.
# Pending https://github.com/nix-community/vulnix/pull/80
vulnix = (import inputs.vulnix) {
inherit (inputs) nixpkgs; # required but not used as we provide pkgs
inherit pkgs lib;
};

nix-visualize = (import inputs.nix-visualize) {inherit pkgs;};

sbomnix = pp.buildPythonPackage rec {
pname = "sbomnix";
version = pkgs.lib.removeSuffix "\n" (builtins.readFile ../VERSION);
Expand Down

0 comments on commit fe9b7d1

Please sign in to comment.