35 lines
1 KiB
Nix
35 lines
1 KiB
Nix
{ lib, buildPythonPackage, fetchFromGitHub
|
|
, asn1crypto, oscrypto
|
|
, cacert
|
|
}:
|
|
|
|
buildPythonPackage rec {
|
|
pname = "certvalidator";
|
|
version = "0.11.1";
|
|
|
|
src = fetchFromGitHub {
|
|
owner = "wbond";
|
|
repo = pname;
|
|
rev = version;
|
|
hash = "sha256-yVF7t4FuU3C9fDg67JeM7LWZZh/mv5F4EKmjlO4AuBY=";
|
|
};
|
|
|
|
propagatedBuildInputs = [ asn1crypto oscrypto ];
|
|
|
|
nativeCheckInputs = [ cacert ];
|
|
checkPhase = ''
|
|
# Tests are run with a custom executor/loader
|
|
# The regex to skip specific tests relies on negative lookahead of regular expressions
|
|
# We're skipping the few tests that rely on the network, fetching CRLs, OCSP or remote certificates
|
|
python -c 'import dev.tests; dev.tests.run("^(?!.*test_(basic_certificate_validator_tls|fetch|revocation|build_path)).*$")'
|
|
'';
|
|
pythonImportsCheck = [ "certvalidator" ];
|
|
|
|
meta = with lib; {
|
|
homepage = "https://github.com/wbond/certvalidator";
|
|
description = "Validates X.509 certificates and paths";
|
|
license = licenses.mit;
|
|
maintainers = with maintainers; [ baloo ];
|
|
};
|
|
}
|