2022-12-17 10:02:37 +00:00
|
|
|
{ lib
|
|
|
|
, pkgs
|
|
|
|
, pkgsBuildHost
|
2022-04-15 01:41:22 +00:00
|
|
|
, ...
|
2021-01-05 17:05:55 +00:00
|
|
|
}:
|
|
|
|
|
2021-09-26 12:46:18 +00:00
|
|
|
let
|
2023-01-20 10:41:00 +00:00
|
|
|
removeKnownVulnerabilities = pkg: pkg.overrideAttrs (old: {
|
|
|
|
meta = (old.meta or { }) // { knownVulnerabilities = [ ]; };
|
|
|
|
});
|
|
|
|
# We are removing `meta.knownVulnerabilities` from `python27`,
|
|
|
|
# and setting it in `resholve` itself.
|
|
|
|
python27' = (removeKnownVulnerabilities pkgsBuildHost.python27).override {
|
2022-12-17 10:02:37 +00:00
|
|
|
self = python27';
|
|
|
|
pkgsBuildHost = pkgsBuildHost // { python27 = python27'; };
|
|
|
|
# strip down that python version as much as possible
|
2023-01-20 10:41:00 +00:00
|
|
|
openssl = null;
|
2022-12-17 10:02:37 +00:00
|
|
|
bzip2 = null;
|
|
|
|
readline = null;
|
|
|
|
ncurses = null;
|
|
|
|
gdbm = null;
|
|
|
|
sqlite = null;
|
|
|
|
rebuildBytecode = false;
|
|
|
|
stripBytecode = true;
|
|
|
|
strip2to3 = true;
|
|
|
|
stripConfig = true;
|
|
|
|
stripIdlelib = true;
|
|
|
|
stripTests = true;
|
|
|
|
enableOptimizations = false;
|
|
|
|
};
|
2024-04-21 15:54:59 +00:00
|
|
|
callPackage = lib.callPackageWith (pkgsBuildHost // { python27 = python27'; });
|
2021-09-26 12:46:18 +00:00
|
|
|
source = callPackage ./source.nix { };
|
|
|
|
deps = callPackage ./deps.nix { };
|
|
|
|
in
|
2021-01-05 17:05:55 +00:00
|
|
|
rec {
|
2023-01-20 10:41:00 +00:00
|
|
|
# not exposed in all-packages
|
|
|
|
resholveBuildTimeOnly = removeKnownVulnerabilities resholve;
|
2022-04-15 01:41:22 +00:00
|
|
|
# resholve itself
|
2024-01-02 11:29:13 +00:00
|
|
|
resholve = (callPackage ./resholve.nix {
|
2021-09-28 08:13:01 +00:00
|
|
|
inherit (source) rSrc version;
|
2021-09-26 12:46:18 +00:00
|
|
|
inherit (deps.oil) oildev;
|
2022-12-17 10:02:37 +00:00
|
|
|
inherit (deps) configargparse;
|
2022-04-15 01:41:22 +00:00
|
|
|
inherit resholve-utils;
|
2023-01-20 10:41:00 +00:00
|
|
|
# used only in tests
|
|
|
|
resholve = resholveBuildTimeOnly;
|
2024-01-02 11:29:13 +00:00
|
|
|
});
|
2022-04-15 01:41:22 +00:00
|
|
|
# funcs to validate and phrase invocations of resholve
|
|
|
|
# and use those invocations to build packages
|
2021-09-28 08:13:01 +00:00
|
|
|
resholve-utils = callPackage ./resholve-utils.nix {
|
2023-01-20 10:41:00 +00:00
|
|
|
# we can still use resholve-utils without triggering a security warn
|
|
|
|
# this is safe since we will only use `resholve` at build time
|
|
|
|
resholve = resholveBuildTimeOnly;
|
2021-09-26 12:46:18 +00:00
|
|
|
};
|
2021-01-05 17:05:55 +00:00
|
|
|
}
|