{ lib , aiohttp , asn1crypto , buildPythonPackage , cryptography , fetchFromGitHub , freezegun , oscrypto , pytest-asyncio , pytestCheckHook , pythonOlder , requests , setuptools , uritools }: buildPythonPackage rec { pname = "pyhanko-certvalidator"; version = "0.23.0"; format = "pyproject"; disabled = pythonOlder "3.7"; src = fetchFromGitHub { owner = "MatthiasValvekens"; repo = "certvalidator"; rev = "refs/tags/v${version}"; hash = "sha256-q2YxncyMHmbRmcoLb68huK02CYiKqF2CFRl8vkUfxg4="; }; postPatch = '' substituteInPlace pyproject.toml \ --replace ', "pytest-runner",' "" ''; nativeBuildInputs = [ setuptools ]; propagatedBuildInputs = [ asn1crypto cryptography oscrypto requests uritools ]; nativeCheckInputs = [ aiohttp freezegun pytest-asyncio pytestCheckHook ]; disabledTestPaths = [ # Requests "tests/test_crl_client.py" ]; disabledTests = [ # Look for nonexisting certificates "test_basic_certificate_validator_tls" # Failed to fetch OCSP response from http://ocsp.digicert.com "test_fetch_ocsp_aiohttp" "test_fetch_ocsp_requests" "test_fetch_ocsp_err_requests" # Unable to build a validation path for the certificate "%s" - no issuer matching "%s" was found "test_revocation_mode_hard_aiohttp_autofetch" # The path could not be validated because no revocation information could be found for intermediate certificate 1 "test_revocation_mode_hard" # certificate expired 2022-09-17 "test_revocation_mode_soft" ]; pythonImportsCheck = [ "pyhanko_certvalidator" ]; meta = with lib; { description = "Python library for validating X.509 certificates and paths"; homepage = "https://github.com/MatthiasValvekens/certvalidator"; changelog = "https://github.com/MatthiasValvekens/certvalidator/blob/v${version}/changelog.md"; license = licenses.mit; maintainers = with maintainers; [ wolfangaukang ]; }; }