35 lines
1 KiB
Nix
35 lines
1 KiB
Nix
|
{ lib, buildPythonPackage, fetchFromGitHub
|
||
|
, asn1crypto, oscrypto
|
||
|
, cacert
|
||
|
}:
|
||
|
|
||
|
buildPythonPackage rec {
|
||
|
pname = "certvalidator";
|
||
|
version = "0.11.1";
|
||
|
|
||
|
src = fetchFromGitHub {
|
||
|
owner = "wbond";
|
||
|
repo = pname;
|
||
|
rev = version;
|
||
|
sha256 = "sha256-yVF7t4FuU3C9fDg67JeM7LWZZh/mv5F4EKmjlO4AuBY=";
|
||
|
};
|
||
|
|
||
|
propagatedBuildInputs = [ asn1crypto oscrypto ];
|
||
|
|
||
|
checkInputs = [ cacert ];
|
||
|
checkPhase = ''
|
||
|
# Tests are run with a custom executor/loader
|
||
|
# The regex to skip specific tests relies on negative lookahead of regular expressions
|
||
|
# We're skipping the few tests that rely on the network, fetching CRLs, OCSP or remote certificates
|
||
|
python -c 'import dev.tests; dev.tests.run("^(?!.*test_(basic_certificate_validator_tls|fetch|revocation|build_path)).*$")'
|
||
|
'';
|
||
|
pythonImportsCheck = [ "certvalidator" ];
|
||
|
|
||
|
meta = with lib; {
|
||
|
homepage = "https://github.com/wbond/certvalidator";
|
||
|
description = "Validates X.509 certificates and paths";
|
||
|
license = licenses.mit;
|
||
|
maintainers = with maintainers; [ baloo ];
|
||
|
};
|
||
|
}
|