depot/third_party/nixpkgs/pkgs/development/python-modules/python-jose/default.nix

87 lines
1.9 KiB
Nix
Raw Normal View History

{
lib,
buildPythonPackage,
fetchFromGitHub,
fetchpatch,
# build-system
setuptools,
# dependencies
ecdsa,
rsa,
pyasn1,
# optional-dependencies
cryptography,
pycrypto,
pycryptodome,
# tests
pytestCheckHook,
}:
buildPythonPackage rec {
pname = "python-jose";
version = "3.3.0";
pyproject = true;
src = fetchFromGitHub {
owner = "mpdavis";
repo = pname;
rev = version;
hash = "sha256-6VGC6M5oyGCOiXcYp6mpyhL+JlcYZKIqOQU9Sm/TkKM=";
};
patches = [
(fetchpatch {
name = "CVE-2024-33663.patch";
url = "https://build.opensuse.org/public/source/openSUSE:Factory/python-python-jose/CVE-2024-33663.patch?rev=36cd8815411620042f56a3b81599b341";
hash = "sha256-uxOCa7Lg82zY2nuHzw6CbcymCKUodITrFU3lLY1XMFU=";
})
(fetchpatch {
name = "CVE-2024-33664.patch";
url = "https://build.opensuse.org/public/source/openSUSE:Factory/python-python-jose/CVE-2024-33664.patch?rev=36cd8815411620042f56a3b81599b341";
hash = "sha256-wx/U1T7t7TloP+dMXxGxEVB3bMC7e6epmN8RE8FKksM=";
})
];
postPatch = ''
substituteInPlace setup.py \
--replace '"pytest-runner",' ""
'';
nativeBuildInputs = [ setuptools ];
propagatedBuildInputs = [
ecdsa
pyasn1
rsa
];
optional-dependencies = {
cryptography = [ cryptography ];
pycrypto = [ pycrypto ];
pycryptodome = [ pycryptodome ];
};
pythonImportsCheck = [ "jose" ];
nativeCheckInputs = [
pytestCheckHook
] ++ lib.flatten (lib.attrValues optional-dependencies);
disabledTests = [
# https://github.com/mpdavis/python-jose/issues/348
"TestBackendEcdsaCompatibility"
];
meta = with lib; {
changelog = "https://github.com/mpdavis/python-jose/releases/tag/${version}";
homepage = "https://github.com/mpdavis/python-jose";
description = "JOSE implementation in Python";
license = licenses.mit;
maintainers = [ ];
};
}