ioc-scan: init at 1.5.0

2023-03-02 20:09:04 +01:00 · 2023-03-02 20:09:04 +01:00 · a05cf84d58
parent f6ddacbf89
commit a05cf84d58
2 changed files with 45 additions and 0 deletions
--- a/pkgs/tools/security/ioc-scan/default.nix
+++ b/pkgs/tools/security/ioc-scan/default.nix
@ -0,0 +1,43 @@
+{ lib
+, fetchFromGitHub
+, python3
+}:
+
+python3.pkgs.buildPythonApplication rec {
+  pname = "ioc-scan";
+  version = "1.5.0";
+  format = "setuptools";
+
+  src = fetchFromGitHub {
+    owner = "cisagov";
+    repo = "ioc-scanner";
+    rev = "refs/tags/v${version}";
+    hash = "sha256-dRrLd41HVVHJse7nkem8Cy+ltfJRnJiWrX/WShMfcOw=";
+  };
+
+  postPatch = ''
+    substituteInPlace pytest.ini \
+      --replace " --cov" ""
+  '';
+
+  propagatedBuildInputs = with python3.pkgs; [
+    docopt
+  ];
+
+  nativeCheckInputs = with python3.pkgs; [
+    pyfakefs
+    pytestCheckHook
+  ];
+
+  pythonImportsCheck = [
+    "ioc_scan"
+  ];
+
+  meta = with lib; {
+    description = "Tool to search a filesystem for indicators of compromise (IoC)";
+    homepage = "https://github.com/cisagov/ioc-scanner";
+    changelog = "https://github.com/cisagov/ioc-scanner/releases/tag/v${version}";
+    license = with licenses; [ cc0 ];
+    maintainers = with maintainers; [ fab ];
+  };
+}
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@ -8545,6 +8545,8 @@ with pkgs;

  iodine = callPackage ../tools/networking/iodine { };

+  ioc-scan = callPackage ../tools/security/ioc-scan { };
+
  ioccheck = callPackage ../tools/security/ioccheck { };

  ioping = callPackage ../tools/system/ioping { };