{
  lib,
  fetchFromGitHub,
  fetchpatch,
  python3,
}:

python3.pkgs.buildPythonApplication rec {
  pname = "cve-prioritizer";
  version = "1.8.0";
  pyproject = true;

  src = fetchFromGitHub {
    owner = "TURROKS";
    repo = "CVE_Prioritizer";
    rev = "refs/tags/v${version}";
    hash = "sha256-ade/gcRrdvVsp5F61ZndsNL3s3gq8TDk/dZvPc55S/8=";
  };

  patches = [
    # Add script, https://github.com/TURROKS/CVE_Prioritizer/pull/33
    (fetchpatch {
      name = "add-script.patch";
      url = "https://github.com/TURROKS/CVE_Prioritizer/commit/c29f2332cde7d79e0c9f34c0a1811611a8fb73c9.patch";
      hash = "sha256-/hnS+YKO4zNGVGTG+KsugJH7Bt2OE8Q2F+7ZX+uhFlU=";
    })
  ];

  postPatch = ''
    # https://github.com/TURROKS/CVE_Prioritizer/pull/32
    substituteInPlace pyproject.toml \
      --replace-fail "CVE Prioritizer" "cve-prioritizer"
  '';

  build-system = with python3.pkgs; [ setuptools ];

  dependencies = with python3.pkgs; [
    click
    pandas
    python-dotenv
    requests
    termcolor
  ];

  # Project has no tests
  doCheck = false;

  pythonImportsCheck = [ "cve_prioritizer" ];

  meta = {
    description = "Vulnerability patching with CVSS, EPSS, and CISA's Known Exploited Vulnerabilities";
    homepage = "https://github.com/TURROKS/CVE_Prioritizer";
    changelog = "https://github.com/TURROKS/CVE_Prioritizer/releases/tag/v${version}";
    license = lib.licenses.bsd3;
    maintainers = with lib.maintainers; [ fab ];
    mainProgram = "cve-prioritizer";
  };
}