aland/nixpkgs-odroid-hc4
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 2

uboot: (firmwareOdroidC2/C4) don't invoke patch tool, use patches = [] instead

Browse source 
https://github.com/NixOS/nixpkgs/blob/master/pkgs/stdenv/generic/setup.sh#L948
this can do it nicely.

Signed-off-by: Anton Arapov <anton@deadbeef.mx>
This commit is contained in:
Anton Arapov 2021-04-03 12:58:10 +02:00 committed by Alan Daniels
commit 56de2bcd43
30691 changed files with 3076956 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

45
pkgs/development/tools/analysis/actionlint/default.nix Normal file
View file

@ -0,0 +1,45 @@
{ lib
, buildGoModule
, fetchFromGitHub
, installShellFiles
, makeWrapper
, python3Packages
, ronn
, shellcheck
}:
buildGoModule rec {
pname = "actionlint";
version = "1.6.13";
subPackages = [ "cmd/actionlint" ];
src = fetchFromGitHub {
owner = "rhysd";
repo = "actionlint";
rev = "v${version}";
sha256 = "sha256-EZqWamNfv4+f1Ajm6StEdDLOwwWdJr1mrzd3+ba3YHI=";
};
vendorSha256 = "sha256-fADaYrGtg4B7XqD2MUMw30xfGT70Hx+iue79AIDsSRc=";
nativeBuildInputs = [ makeWrapper ronn installShellFiles ];
postInstall = ''
ronn --roff man/actionlint.1.ronn
installManPage man/actionlint.1
wrapProgram "$out/bin/actionlint" \
--prefix PATH : ${lib.makeBinPath [ python3Packages.pyflakes shellcheck ]}
'';
ldflags = [ "-s" "-w" "-X github.com/rhysd/actionlint.version=${version}" ];
meta = with lib; {
homepage = "https://rhysd.github.io/actionlint/";
description = "Static checker for GitHub Actions workflow files";
changelog = "https://github.com/rhysd/actionlint/raw/v${version}/CHANGELOG.md";
license = licenses.mit;
maintainers = [ maintainers.marsam ];
mainProgram = "actionlint";
};
}

23
pkgs/development/tools/analysis/autoflake/default.nix Normal file
View file

@ -0,0 +1,23 @@
{ lib, python3Packages }:
with python3Packages;
buildPythonApplication rec {
pname = "autoflake";
version = "1.4";
src = fetchPypi {
inherit pname version;
sha256 = "61a353012cff6ab94ca062823d1fb2f692c4acda51c76ff83a8d77915fba51ea";
};
propagatedBuildInputs = [ pyflakes ];
doCheck = true;
meta = with lib; {
homepage = "https://github.com/myint/autoflake";
description = "A simple program which removes unused imports and unused variables as reported by pyflakes";
license = licenses.mit;
maintainers = with maintainers; [ yuriaisaka ];
};
}

22
pkgs/development/tools/analysis/bingrep/default.nix Normal file
View file

@ -0,0 +1,22 @@
{ lib, rustPlatform, fetchFromGitHub }:
rustPlatform.buildRustPackage rec {
pname = "bingrep";
version = "0.9.0";
src = fetchFromGitHub {
owner = "m4b";
repo = pname;
rev = "v${version}";
hash = "sha256-M3BYj1SKQKjEqP9cxaVlh7UeleDbcx6JN+UI6Ez+QJ8=";
};
cargoHash = "sha256-botAoLNg/qTh+cjPXcjo/Ol2Vktj/c5130k5falEuLY=";
meta = with lib; {
description = "Greps through binaries from various OSs and architectures, and colors them";
homepage = "https://github.com/m4b/bingrep";
license = licenses.mit;
maintainers = with maintainers; [ minijackson ];
};
}

113
pkgs/development/tools/analysis/binlore/default.nix Normal file
View file

@ -0,0 +1,113 @@
{ lib
, fetchFromGitHub
, runCommand
, yallback
, yara
}:
/* TODO/CAUTION:
I don't want to discourage use, but I'm not sure how stable
the API is. Have fun, but be prepared to track changes! :)
For _now_, binlore is basically a thin wrapper around
`<invoke yara> | <postprocess with yallback>` with support
for running it on a derivation, saving the result in the
store, and aggregating results from a set of packages.
In the longer term, I suspect there are more uses for this
general pattern (i.e., run some analysis tool that produces
a deterministic output and cache the result per package...).
I'm not sure how that'll look and if it'll be the case that
binlore automatically collects all of them, or if you'll be
configuring which "kind(s)" of lore it generates. Nailing
that down will almost certainly mean reworking the API.
*/
let
src = fetchFromGitHub {
owner = "abathur";
repo = "binlore";
rev = "v0.2.0";
hash = "sha256-bBJky7Km+mieHTqoMz3mda3KaKxr9ipYpfQqn/4w8J0=";
};
/*
binlore has one one more yallbacks responsible for
routing the appropriate lore to a named file in the
appropriate format. At some point I might try to do
something fancy with this, but for now the answer to
*all* questions about the lore are: the bare minimum
to get resholve over the next feature hump in time to
hopefully slip this feature in before the branch-off.
*/
# TODO: feeling really uninspired on the API
loreDef = {
# YARA rule file
rules = (src + /execers.yar);
# output filenames; "types" of lore
types = [ "execers" "wrappers" ];
# shell rule callbacks; see github.com/abathur/yallback
yallback = (src + /execers.yall);
# TODO:
# - echo for debug, can be removed at some point
# - I really just wanted to put the bit after the pipe
# in here, but I'm erring on the side of flexibility
# since this form will make it easier to pilot other
# uses of binlore.
callback = lore: drv: overrides: ''
if [[ -d "${drv}/bin" ]] || [[ -d "${drv}/lib" ]] || [[ -d "${drv}/libexec" ]]; then
echo generating binlore for $drv by running:
echo "${yara}/bin/yara --scan-list --recursive ${lore.rules} <(printf '%s\n' ${drv}/{bin,lib,libexec}) | ${yallback}/bin/yallback ${lore.yallback}"
else
echo "failed to generate binlore for $drv (none of ${drv}/{bin,lib,libexec} exist)"
fi
'' +
/*
Override lore for some packages. Unsure, but for now:
1. start with the ~name (pname-version)
2. remove characters from the end until we find a match
in overrides/
3. execute the override script with the list of expected
lore types
*/
''
i=''${#identifier}
filter=
while [[ $i > 0 ]] && [[ -z "$filter" ]]; do
if [[ -f "${overrides}/''${identifier:0:$i}" ]]; then
filter="${overrides}/''${identifier:0:$i}"
echo using "${overrides}/''${identifier:0:$i}" to generate overriden binlore for $drv
break
fi
((i--)) || true # don't break build
done # || true # don't break build
if [[ -d "${drv}/bin" ]] || [[ -d "${drv}/lib" ]] || [[ -d "${drv}/libexec" ]]; then
${yara}/bin/yara --scan-list --recursive ${lore.rules} <(printf '%s\n' ${drv}/{bin,lib,libexec}) | ${yallback}/bin/yallback ${lore.yallback} "$filter"
fi
'';
};
overrides = (src + /overrides);
in rec {
collect = { lore ? loreDef, drvs, strip ? [ ] }: (runCommand "more-binlore" { } ''
mkdir $out
for lorefile in ${toString lore.types}; do
cat ${lib.concatMapStrings (x: x + "/$lorefile ") (map (make lore) (map lib.getBin (builtins.filter lib.isDerivation drvs)))} > $out/$lorefile
substituteInPlace $out/$lorefile ${lib.concatMapStrings (x: "--replace '${x}/' '' ") strip}
done
'');
# TODO: echo for debug, can be removed at some point
make = lore: drv: runCommand "${drv.name}-binlore" {
identifier = drv.name;
drv = drv;
} (''
mkdir $out
touch $out/{${builtins.concatStringsSep "," lore.types}}
${lore.callback lore drv overrides}
echo binlore for $drv written to $out
'');
}

2
pkgs/development/tools/analysis/brakeman/Gemfile Normal file
View file

@ -0,0 +1,2 @@
source "https://rubygems.org"
gem "brakeman"

13
pkgs/development/tools/analysis/brakeman/Gemfile.lock Normal file
View file

@ -0,0 +1,13 @@
GEM
remote: https://rubygems.org/
specs:
brakeman (5.2.3)
PLATFORMS
ruby
DEPENDENCIES
brakeman
BUNDLED WITH
2.3.9

18
pkgs/development/tools/analysis/brakeman/default.nix Normal file
View file

@ -0,0 +1,18 @@
{ lib, ruby, bundlerApp, bundlerUpdateScript }:
bundlerApp rec {
pname = "brakeman";
exes = [ "brakeman" ];
gemdir = ./.;
passthru.updateScript = bundlerUpdateScript "brakeman";
meta = with lib; {
description = "Static analysis security scanner for Ruby on Rails";
homepage = "https://brakemanscanner.org/";
changelog = "https://github.com/presidentbeef/brakeman/blob/v${version}/CHANGES.md";
license = [ licenses.unfreeRedistributable ];
platforms = ruby.meta.platforms;
maintainers = [ maintainers.marsam ];
};
}

12
pkgs/development/tools/analysis/brakeman/gemset.nix Normal file
View file

@ -0,0 +1,12 @@
{
brakeman = {
groups = ["default"];
platforms = [];
source = {
remotes = ["https://rubygems.org"];
sha256 = "1m188ypcl2lb1hin21fmyk9d4fbjw4w7cr2k6l37jasw3rmgnvjv";
type = "gem";
};
version = "5.2.3";
};
}

31
pkgs/development/tools/analysis/cargo-tarpaulin/default.nix Normal file
View file

@ -0,0 +1,31 @@
{ lib, stdenv, rustPlatform, fetchFromGitHub, pkg-config, curl, openssl, Security }:
rustPlatform.buildRustPackage rec {
pname = "cargo-tarpaulin";
version = "0.20.1";
src = fetchFromGitHub {
owner = "xd009642";
repo = "tarpaulin";
rev = version;
sha256 = "sha256-WobKZeO0U54mHj7hlkOH33TcOklWBJRWYSJBEt5sYII=";
};
nativeBuildInputs = [
pkg-config
];
buildInputs = [ openssl ]
++ lib.optionals stdenv.isDarwin [ curl Security ];
cargoSha256 = "sha256-LR4jU7V44f00ry0VEd3qFryZtnn/t0K/OZGnRproksE=";
#checkFlags = [ "--test-threads" "1" ];
doCheck = false;
meta = with lib; {
description = "A code coverage tool for Rust projects";
homepage = "https://github.com/xd009642/tarpaulin";
license = with licenses; [ mit /* or */ asl20 ];
maintainers = with maintainers; [ hugoreeves ];
platforms = lib.platforms.x86_64;
};
}

24
pkgs/development/tools/analysis/cccc/cccc.patch Normal file
View file

@ -0,0 +1,24 @@
diff --git a/cccc/cccc_tbl.cc b/cccc/cccc_tbl.cc
index df98e2b..59f2572 100644
--- a/cccc/cccc_tbl.cc
+++ b/cccc/cccc_tbl.cc
@@ -96,7 +96,7 @@ bool CCCC_Table<T>::remove(T* old_item_ptr)
typename map_t::iterator value_iterator=map_t::find(old_item_ptr->key());
if(value_iterator!=map_t::end())
{
- erase(value_iterator);
+ map_t::erase(value_iterator);
retval=true;
}
return retval;
diff --git a/makefile b/makefile
index 23ad004..2cca469 100644
--- a/makefile
+++ b/makefile
@@ -20,5 +20,5 @@ test :
cd test ; make -f posix.mak
install :
- cd install ; su root -c "make -f install.mak"
+ cd install ; make -f install.mak

34
pkgs/development/tools/analysis/cccc/default.nix Normal file
View file

@ -0,0 +1,34 @@
{ lib, stdenv, fetchurl }:
stdenv.mkDerivation rec {
pname = "cccc";
version = "3.1.4";
src = fetchurl {
url = "mirror://sourceforge/cccc/${version}/cccc-${version}.tar.gz";
sha256 = "1gsdzzisrk95kajs3gfxks3bjvfd9g680fin6a9pjrism2lyrcr7";
};
hardeningDisable = [ "format" ];
patches = [ ./cccc.patch ];
preConfigure = ''
substituteInPlace install/install.mak --replace /usr/local/bin $out/bin
substituteInPlace install/install.mak --replace MKDIR=mkdir "MKDIR=mkdir -p"
'';
buildFlags = [ "CCC=c++" "LD=c++" ];
meta = {
description = "C and C++ Code Counter";
longDescription = ''
CCCC is a tool which analyzes C++ and Java files and generates a report
on various metrics of the code. Metrics supported include lines of code, McCabe's
complexity and metrics proposed by Chidamber&Kemerer and Henry&Kafura.
'';
homepage = "http://cccc.sourceforge.net/";
license = lib.licenses.gpl2;
platforms = lib.platforms.unix;
maintainers = [ lib.maintainers.linquize ];
};
}

150
pkgs/development/tools/analysis/checkov/default.nix Normal file
View file

@ -0,0 +1,150 @@
{ lib
, fetchFromGitHub
, python3
}:
let
py = python3.override {
packageOverrides = self: super: {
dpath = super.dpath.overridePythonAttrs (oldAttrs: rec {
version = "1.5.0";
src = oldAttrs.src.override {
inherit version;
sha256 = "06rn91n2izw7czncgql71w7acsa8wwni51njw0c6s8w4xas1arj9";
};
doCheck = false;
});
jsonschema = super.jsonschema.overridePythonAttrs (oldAttrs: rec {
version = "3.2.0";
src = oldAttrs.src.override {
inherit version;
sha256 = "sha256-yKhbKNN3zHc35G4tnytPRO48Dh3qxr9G3e/HGH0weXo=";
};
SETUPTOOLS_SCM_PRETEND_VERSION = version;
doCheck = false;
});
};
};
in
with py.pkgs;
buildPythonApplication rec {
pname = "checkov";
version = "2.0.1201";
format = "setuptools";
src = fetchFromGitHub {
owner = "bridgecrewio";
repo = pname;
rev = version;
hash = "sha256-ZQCUYnoCaVZkXr5rZ/vkEOlADMQmj6OfZ12KBerXdmQ=";
};
nativeBuildInputs = with py.pkgs; [
pythonRelaxDepsHook
setuptools-scm
];
propagatedBuildInputs = with py.pkgs; [
aiodns
aiohttp
aiomultiprocess
argcomplete
bc-python-hcl2
boto3
cachetools
charset-normalizer
cloudsplaining
colorama
configargparse
cyclonedx-python-lib
deep_merge
detect-secrets
docker
dockerfile-parse
dpath
flake8
GitPython
jmespath
jsonpath-ng
jsonschema
junit-xml
networkx
packaging
policyuniverse
prettytable
pycep-parser
pyyaml
semantic-version
tabulate
termcolor
tqdm
typing-extensions
update_checker
];
checkInputs = with py.pkgs; [
aioresponses
mock
pytest-asyncio
pytest-mock
pytest-xdist
pytestCheckHook
responses
];
pythonRelaxDeps = [
"bc-python-hcl2"
"pycep-parser"
];
preCheck = ''
export HOME=$(mktemp -d);
'';
disabledTests = [
# No API key available
"api_key"
# Requires network access
"TestSarifReport"
# Will probably be fixed in one of the next releases
"test_valid_cyclonedx_bom"
"test_record_relative_path_with"
"test_record_relative_path_with_relative_dir"
# Requires prettytable release which is only available in staging
"test_skipped_check_exists"
# AssertionError: 0 not greater than 0
"test_skip_mapping_default"
# Test is failing
"test_SQLServerAuditingEnabled"
];
disabledTestPaths = [
# Tests are pulling from external sources
# https://github.com/bridgecrewio/checkov/blob/f03a4204d291cf47e3753a02a9b8c8d805bbd1be/.github/workflows/build.yml
"integration_tests/"
"tests/terraform/"
# Performance tests have no value for us
"performance_tests/test_checkov_performance.py"
# Requires prettytable release which is only available in staging
"tests/sca_package/"
"tests/test_runner_filter.py"
];
pythonImportsCheck = [
"checkov"
];
meta = with lib; {
description = "Static code analysis tool for infrastructure-as-code";
homepage = "https://github.com/bridgecrewio/checkov";
longDescription = ''
Prevent cloud misconfigurations during build-time for Terraform, Cloudformation,
Kubernetes, Serverless framework and other infrastructure-as-code-languages.
'';
license = licenses.asl20;
maintainers = with maintainers; [ anhdle14 fab ];
};
}

38
pkgs/development/tools/analysis/checkstyle/default.nix Normal file
View file

@ -0,0 +1,38 @@
{ lib, stdenv, fetchurl, makeWrapper, jre }:
stdenv.mkDerivation rec {
version = "10.2";
pname = "checkstyle";
src = fetchurl {
url = "https://github.com/checkstyle/checkstyle/releases/download/checkstyle-${version}/checkstyle-${version}-all.jar";
sha256 = "sha256-jcu7KMeYbHZW4zswaV/cLkY4CLX9vJIcElXJq06EfRY=";
};
nativeBuildInputs = [ makeWrapper ];
buildInputs = [ jre ];
dontUnpack = true;
installPhase = ''
runHook preInstall
install -D $src $out/checkstyle/checkstyle-all.jar
makeWrapper ${jre}/bin/java $out/bin/checkstyle \
--add-flags "-jar $out/checkstyle/checkstyle-all.jar"
runHook postInstall
'';
meta = with lib; {
description = "Checks Java source against a coding standard";
longDescription = ''
checkstyle is a development tool to help programmers write Java code that
adheres to a coding standard. By default it supports the Sun Code
Conventions, but is highly configurable.
'';
homepage = "http://checkstyle.sourceforge.net/";
sourceProvenance = with sourceTypes; [ binaryBytecode ];
license = licenses.lgpl21;
maintainers = with maintainers; [ pSub ];
platforms = jre.meta.platforms;
};
}

35
pkgs/development/tools/analysis/clang-analyzer/0001-Fix-scan-build-to-use-NIX_CFLAGS_COMPILE.patch Normal file
View file

@ -0,0 +1,35 @@
From 99a7e55a60c8d96e160f9104a3dd31b7914d3488 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= <joerg@thalheim.io>
Date: Fri, 31 Jul 2020 09:22:03 +0100
Subject: [PATCH] Fix scan-build to use NIX_CFLAGS_COMPILE
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: Jörg Thalheim <joerg@thalheim.io>
---
clang/tools/scan-build/libexec/ccc-analyzer | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/clang/tools/scan-build/libexec/ccc-analyzer
b/clang/tools/scan-build/libexec/ccc-analyzer
index ed0d4d3d73f3..2d5113435ca5 100755
--- a/clang/tools/scan-build/libexec/ccc-analyzer
+++ b/clang/tools/scan-build/libexec/ccc-analyzer
@@ -249,6 +249,14 @@ sub Analyze {
push @Args, "-target", $AnalyzerTarget;
}
+ # Add Nix flags to analysis
+ if (defined $ENV{'NIX_CFLAGS_COMPILE'}) {
+ my @nixArgs = split(/\s+/, $ENV{'NIX_CFLAGS_COMPILE'});
+ foreach my $nixArg (@nixArgs) {
+ push @Args, $nixArg;
+ }
+ }
+
my $AnalysisArgs = GetCCArgs($HtmlDir, "--analyze", \@Args);
@CmdArgs = @$AnalysisArgs;
}
--
2.33.0

38
pkgs/development/tools/analysis/clang-analyzer/default.nix Normal file
View file

@ -0,0 +1,38 @@
{ lib, stdenv, fetchurl, clang, llvmPackages, perl, makeWrapper, python3 }:
stdenv.mkDerivation rec {
pname = "clang-analyzer";
inherit (llvmPackages.clang-unwrapped) src version;
patches = [ ./0001-Fix-scan-build-to-use-NIX_CFLAGS_COMPILE.patch ];
buildInputs = [ clang llvmPackages.clang perl python3 ];
nativeBuildInputs = [ makeWrapper ];
dontBuild = true;
installPhase = ''
mkdir -p $out/share/scan-view $out/bin
cp -R clang/tools/scan-view/share/* $out/share/scan-view
cp -R clang/tools/scan-view/bin/* $out/bin/scan-view
cp -R clang/tools/scan-build/* $out
rm $out/bin/*.bat $out/libexec/*.bat $out/CMakeLists.txt
wrapProgram $out/bin/scan-build \
--add-flags "--use-cc=${clang}/bin/clang" \
--add-flags "--use-c++=${clang}/bin/clang++" \
--add-flags "--use-analyzer='${llvmPackages.clang}/bin/clang'"
'';
meta = {
description = "Clang Static Analyzer";
longDescription = ''
The Clang Static Analyzer is a source code analysis tool that finds bugs
in C, C++, and Objective-C programs.
'';
homepage = "https://clang-analyzer.llvm.org/";
license = lib.licenses.bsd3;
platforms = lib.platforms.unix;
maintainers = [ lib.maintainers.thoughtpolice ];
};
}

38
pkgs/development/tools/analysis/coan/default.nix Normal file
View file

@ -0,0 +1,38 @@
{ lib, stdenv, fetchurl, perl }:
stdenv.mkDerivation rec {
version = "6.0.1";
pname = "coan";
src = fetchurl {
url = "mirror://sourceforge/project/coan2/v${version}/${pname}-${version}.tar.gz";
sha256 = "1d041j0nd1hc0562lbj269dydjm4rbzagdgzdnmwdxr98544yw44";
};
nativeBuildInputs = [ perl ];
NIX_CFLAGS_COMPILE = [
"-std=c++11"
];
enableParallelBuilding = true;
postInstall = ''
mv -v $out/share/man/man1/coan.1.{1,gz}
'';
meta = with lib; {
broken = stdenv.isDarwin;
description = "The C preprocessor chainsaw";
longDescription = ''
A software engineering tool for analysing preprocessor-based
configurations of C or C++ source code. Its principal use is to simplify
a body of source code by eliminating any parts that are redundant with
respect to a specified configuration. Dead code removal is an
application of this sort.
'';
homepage = "http://coan2.sourceforge.net/";
license = licenses.bsd3;
platforms = platforms.all;
};
}

49
pkgs/development/tools/analysis/codeql/default.nix Normal file
View file

@ -0,0 +1,49 @@
{ lib, stdenv, fetchzip, zlib, xorg, freetype, jdk11, curl }:
stdenv.mkDerivation rec {
pname = "codeql";
version = "2.8.5";
dontConfigure = true;
dontBuild = true;
dontStrip = true;
src = fetchzip {
url = "https://github.com/github/codeql-cli-binaries/releases/download/v${version}/codeql.zip";
sha256 = "sha256-HZJBqm196RgWR/14mfrLYQlU+4W3t0b4TXme04XkfKw=";
};
nativeBuildInputs = [
zlib
xorg.libX11
xorg.libXext
xorg.libXi
xorg.libXtst
xorg.libXrender
freetype
jdk11
stdenv.cc.cc.lib
curl
];
installPhase = ''
# codeql directory should not be top-level, otherwise,
# it'll include /nix/store to resolve extractors.
mkdir -p $out/{codeql,bin}
cp -R * $out/codeql/
ln -sf $out/codeql/tools/linux64/lib64trace.so $out/codeql/tools/linux64/libtrace.so
sed -i 's%\$CODEQL_DIST/tools/\$CODEQL_PLATFORM/java%\${jdk11}%g' $out/codeql/codeql
ln -s $out/codeql/codeql $out/bin/
'';
meta = with lib; {
description = "Semantic code analysis engine";
homepage = "https://codeql.github.com";
maintainers = [ maintainers.dump_stack ];
platforms = lib.platforms.linux ++ lib.platforms.darwin;
license = licenses.unfree;
};
}

48
pkgs/development/tools/analysis/cov-build/default.nix Normal file
View file

@ -0,0 +1,48 @@
{ lib, stdenv, requireFile }:
let
message = ''
Register an account at https://scan.coverity.com, download the
build tools, and add it to the nix store with nix-prefetch-url
'';
in
stdenv.mkDerivation rec {
pname = "cov-build";
version = "7.0.2";
src =
if stdenv.hostPlatform.system == "i686-linux"
then requireFile {
name = "cov-analysis-linux32-${version}.tar.gz";
sha256 = "0i06wbd7blgx9adh9w09by4i18vwmldfp9ix97a5dph2cjymsviy";
inherit message;
}
else requireFile {
name = "cov-analysis-linux64-${version}.tar.gz";
sha256 = "0iby75p0g8gv7b501xav47milr8m9781h0hcgm1ch6x3qj6irqd8";
inherit message;
};
dontStrip = true;
buildPhase = false;
installPhase = ''
mkdir -p $out/bin $out/libexec
mv * $out/libexec
for x in cov-build cov-capture cov-configure cov-emit cov-emit-java \
cov-export-cva cov-extract-scm cov-help cov-import-scm cov-link \
cov-internal-clang cov-internal-emit-clang cov-internal-nm \
cov-internal-emit-java-bytecode cov-internal-reduce cov-translate \
cov-preprocess cov-internal-pid-to-db cov-manage-emit \
cov-manage-history; do
ln -s $out/libexec/bin/$x $out/bin/$x;
done
'';
meta = {
description = "Coverity Scan build tools";
homepage = "https://scan.coverity.com";
license = lib.licenses.unfreeRedistributable;
platforms = lib.platforms.linux;
maintainers = [ lib.maintainers.thoughtpolice ];
};
}

56
pkgs/development/tools/analysis/coz/default.nix Normal file
View file

@ -0,0 +1,56 @@
{ lib, stdenv
, fetchFromGitHub
, libelfin
, ncurses
, python3
, python3Packages
, makeWrapper
}:
stdenv.mkDerivation rec {
pname = "coz";
version = "0.2.1";
src = fetchFromGitHub {
owner = "plasma-umass";
repo = "coz";
rev = version;
sha256 = "0val36yw987b1558iiyk3nqg0yy5k9y5wh49v91zj3cs58mmfyhc";
};
postPatch = ''
sed -i -e '/pid_t gettid/,+2d' libcoz/ccutil/thread.h
'';
postConfigure = ''
# This is currently hard-coded. Will be fixed in the next release.
sed -e "s|/usr/lib/|$out/lib/|" -i ./coz
'';
nativeBuildInputs = [
ncurses
makeWrapper
python3Packages.wrapPython
];
buildInputs = [
libelfin
(python3.withPackages (p: [ p.docutils ]))
];
installPhase = ''
mkdir -p $out/share/man/man1
make install prefix=$out
# fix executable includes
chmod -x $out/include/coz.h
wrapPythonPrograms
'';
meta = {
homepage = "https://github.com/plasma-umass/coz";
description = "Profiler based on casual profiling";
license = lib.licenses.bsd2;
maintainers = with lib.maintainers; [ zimbatm ];
};
}

45
pkgs/development/tools/analysis/cppcheck/default.nix Normal file
View file

@ -0,0 +1,45 @@
{ lib, stdenv, fetchFromGitHub, libxslt, docbook_xsl, docbook_xml_dtd_45, pcre, withZ3 ? true, z3, python3 }:
stdenv.mkDerivation rec {
pname = "cppcheck";
version = "2.8";
src = fetchFromGitHub {
owner = "danmar";
repo = "cppcheck";
rev = version;
sha256 = "sha256-2gPgsu4XOPAEsxGNoDFl2Q7Vr/58SI98FnPeKZMv0go=";
};
buildInputs = [ pcre
(python3.withPackages (ps: [ps.pygments]))
] ++ lib.optionals withZ3 [ z3 ];
nativeBuildInputs = [ libxslt docbook_xsl docbook_xml_dtd_45 ];
makeFlags = [ "PREFIX=$(out)" "FILESDIR=$(out)/cfg" "HAVE_RULES=yes" ]
++ lib.optionals withZ3 [ "USE_Z3=yes" "CPPFLAGS=-DNEW_Z3=1" ];
outputs = [ "out" "man" ];
enableParallelBuilding = true;
doCheck = true;
postInstall = ''
make DB2MAN=${docbook_xsl}/xml/xsl/docbook/manpages/docbook.xsl man
mkdir -p $man/share/man/man1
cp cppcheck.1 $man/share/man/man1/cppcheck.1
'';
meta = with lib; {
description = "A static analysis tool for C/C++ code";
longDescription = ''
Check C/C++ code for memory leaks, mismatching allocation-deallocation,
buffer overruns and more.
'';
homepage = "http://cppcheck.sourceforge.net/";
license = licenses.gpl3Plus;
platforms = platforms.unix;
maintainers = with maintainers; [ joachifm ];
};
}

16
pkgs/development/tools/analysis/cpplint/0001-Remove-pytest-runner-version-pin.patch Normal file
View file

@ -0,0 +1,16 @@
diff --git a/setup.py b/setup.py
index aef5c4e..030ea14 100755
--- a/setup.py
+++ b/setup.py
@@ -73,7 +73,7 @@ setup(name='cpplint',
long_description=open('README.rst').read(),
license='BSD-3-Clause',
setup_requires=[
- "pytest-runner==5.2"
+ "pytest-runner"
],
tests_require=test_required,
# extras_require allow pip install .[dev]
--
2.31.1

32
pkgs/development/tools/analysis/cpplint/default.nix Normal file
View file

@ -0,0 +1,32 @@
{ lib, python3Packages, fetchFromGitHub }:
python3Packages.buildPythonApplication rec {
pname = "cpplint";
version = "1.5.5";
# Fetch from github instead of pypi, since the test cases are not in the pypi archive
src = fetchFromGitHub {
owner = pname;
repo = pname;
rev = version;
sha256 = "sha256-JXz2Ufo7JSceZVqYwCRkuAsOR08znZlIUk8GCLAyiI4=";
};
patches = [ ./0001-Remove-pytest-runner-version-pin.patch ];
postPatch = ''
patchShebangs cpplint_unittest.py
'';
checkInputs = with python3Packages; [ pytest pytest-runner ];
checkPhase = ''
./cpplint_unittest.py
'';
meta = with lib; {
homepage = "https://github.com/cpplint/cpplint";
description = "Static code checker for C++";
maintainers = [ maintainers.bhipple ];
license = [ licenses.bsd3 ];
};
}

46
pkgs/development/tools/analysis/cvehound/default.nix Normal file
View file

@ -0,0 +1,46 @@
{ lib
, fetchFromGitHub
, coccinelle
, gnugrep
, python3
}:
python3.pkgs.buildPythonApplication rec {
pname = "cvehound";
version = "1.0.9";
src = fetchFromGitHub {
owner = "evdenis";
repo = "cvehound";
rev = version;
hash = "sha256-qwQfpelY1Air3wVQ3RziM/+MNOR3jiKmLpO2w6kXZwM=";
};
makeWrapperArgs = [
"--prefix PATH : ${lib.makeBinPath [ coccinelle gnugrep ]}"
];
propagatedBuildInputs = with python3.pkgs; [
lxml
setuptools
sympy
];
checkInputs = with python3.pkgs; [
GitPython
psutil
pytestCheckHook
];
# Tries to clone the kernel sources
doCheck = false;
meta = with lib; {
description = "Tool to check linux kernel source dump for known CVEs";
homepage = "https://github.com/evdenis/cvehound";
changelog = "https://github.com/evdenis/cvehound/blob/${src.rev}/ChangeLog";
# See https://github.com/evdenis/cvehound/issues/22
license = with licenses; [ gpl2Only gpl3Plus ];
maintainers = with maintainers; [ ambroisie ];
};
}

27
pkgs/development/tools/analysis/dotenv-linter/default.nix Normal file
View file

@ -0,0 +1,27 @@
{ stdenv
, lib
, rustPlatform
, fetchFromGitHub
}:
rustPlatform.buildRustPackage rec {
pname = "dotenv-linter";
version = "3.2.0";
src = fetchFromGitHub {
owner = "dotenv-linter";
repo = "dotenv-linter";
rev = "v${version}";
sha256 = "sha256-YWL1aPcMdU4lo7h/T2sdl2H6qnx3lfMtV39Ak4yP88w=";
};
cargoSha256 = "sha256-q59hpnXc00OzrJk1KOWbIPQYfIE+7ku9XtTDXHgwQBg=";
meta = with lib; {
broken = stdenv.isDarwin;
description = "Lightning-fast linter for .env files. Written in Rust";
homepage = "https://dotenv-linter.github.io";
license = licenses.mit;
maintainers = with maintainers; [ humancalico ];
};
}

32
pkgs/development/tools/analysis/egypt/default.nix Normal file
View file

@ -0,0 +1,32 @@
{ lib, fetchurl, perlPackages }:
perlPackages.buildPerlPackage rec {
pname = "egypt";
version = "1.10";
src = fetchurl {
sha256 = "0r0wj6v8z9fzlh9pb5617kyjdf92ppmlbzajaarrq729bbb6ln5m";
url = "https://www.gson.org/egypt/download/${pname}-${version}.tar.gz";
};
outputs = [ "out" ];
enableParallelBuilding = true;
doCheck = true;
meta = with lib; {
description = "Tool for making call graphs of C programmes";
longDescription = ''
Egypt is a simple tool for creating call graphs of C programs. It neither
analyzes source code nor lays out graphs. Instead, it leaves the source
code analysis to GCC and the graph layout to Graphviz, both of which are
better at their respective jobs than egypt itself could ever hope to be.
Egypt is simply a very small Perl script that glues these existing tools
together.
'';
homepage = "http://www.gson.org/egypt/";
license = with licenses; [ artistic1 gpl1Plus ];
platforms = platforms.unix;
};
}

26
pkgs/development/tools/analysis/emma/default.nix Normal file
View file

@ -0,0 +1,26 @@
{lib, stdenv, fetchurl, unzip}:
stdenv.mkDerivation rec {
pname = "emma";
version = "2.0.5312";
src = fetchurl {
url = "mirror://sourceforge/${pname}/${pname}-${version}.zip";
sha256 = "0xxy39s2lvgs56vicjzpcz936l1vjaplliwa0dm7v3iyvw6jn7vj";
};
nativeBuildInputs = [ unzip ];
installPhase = ''
mkdir -p $out/lib/jars
cp lib/*.jar $out/lib/jars/
'';
meta = {
homepage = "http://emma.sourceforge.net/";
description = "A code coverage tool for Java";
sourceProvenance = with lib.sourceTypes; [ binaryBytecode ];
platforms = lib.platforms.unix;
license = lib.licenses.cpl10;
};
}

73
pkgs/development/tools/analysis/eresi/default.nix Normal file
View file

@ -0,0 +1,73 @@
{ stdenv, lib, fetchFromGitHub, which, openssl, readline, fetchpatch }:
stdenv.mkDerivation rec {
pname = "eresi";
version = "0.83-a3-phoenix";
src = fetchFromGitHub {
owner = "thorkill";
repo = "eresi";
rev = version;
sha256 = "0a5a7mh2zw9lcdrl8n1mqccrc0xcgj7743l7l4kslkh722fxv625";
};
patches = [
(fetchpatch {
url = "https://github.com/thorkill/eresi/commit/a79406344cc21d594d27fa5ec5922abe9f7475e7.patch";
sha256 = "1mjjc6hj7r06iarvai7prcdvjk9g0k5vwrmkwcm7b8ivd5xzxp2z";
})
# Pull patch pending upstream inclusion for -fno-common toolchains:
# https://github.com/thorkill/eresi/pull/166
(fetchpatch {
url = "https://github.com/thorkill/eresi/commit/bc5b9a75c326f277e5f89e01a3b8f7f0519a99f6.patch";
sha256 = "0lqwrnkkhhd3vi1r8ngvziyqkk09h98h93rrs3ndqi048a898ys1";
})
];
postPatch = ''
# Two occurences of fprintf() with only two arguments, which should really
# be fputs().
#
# Upstream pull request: https://github.com/thorkill/eresi/pull/162
#
sed -i -e 's/fprintf(\(stderr\), *\([a-z0-9]\+\))/fputs(\2, \1)/g' \
libe2dbg/common/common.c libe2dbg/user/threads.c
# We need to patch out a few ifs here, because it tries to create a series
# of configuration files in ~/.something. However, our builds are sandboxed
# and also don't contain a valid home, so let's NOP it out :-)
#
# The second fix we need to make is that we need to pretend being Gentoo
# because otherwise the build process tries to link against libtermcap,
# which I think is solely for historic reasons (nowadays Terminfo should
# have largely superseded it).
sed -i -e '/^if \[ ! -e/c if false; then' \
-e 's/^GENTOO=.*/GENTOO=1/' configure
'';
configureFlags = [
(if stdenv.is64bit then "--enable-32-64" else "--enable-32")
"--enable-readline"
];
# The configure script is not generated by autoconf but is hand-rolled, so it
# has --enable-static but no --disabled-static and also doesn't support the
# equals sign in --prefix.
prefixKey = "--prefix ";
dontDisableStatic = true;
nativeBuildInputs = [ which ];
buildInputs = [ openssl readline ];
enableParallelBuilding = true;
installTargets = lib.singleton "install"
++ lib.optional stdenv.is64bit "install64";
meta = {
description = "The ERESI Reverse Engineering Software Interface";
license = lib.licenses.gpl2Only;
homepage = "https://github.com/thorkill/eresi"; # Formerly http://www.eresi-project.org/
platforms = lib.platforms.linux;
};
}

21
pkgs/development/tools/analysis/evmdis/default.nix Normal file
View file

@ -0,0 +1,21 @@
{ lib, buildGoPackage, fetchFromGitHub }:
buildGoPackage {
pname = "evmdis-unstable";
version = "2018-03-23";
goPackagePath = "github.com/Arachnid/evmdis";
src = fetchFromGitHub {
owner = "Arachnid";
repo = "evmdis";
rev = "0d1406905c5fda6224651fa53260a21c907eb986";
sha256 = "09y4j7ipgv8yd99g3xk3f079w8fqfj7kl1y7ry81ainysn0qlqrg";
};
meta = with lib; {
homepage = "https://github.com/Arachnid/evmdis";
description = "Ethereum EVM disassembler";
license = [ licenses.asl20 ];
maintainers = with maintainers; [ asymmetric ];
};
}

46
pkgs/development/tools/analysis/findbugs/default.nix Normal file
View file

@ -0,0 +1,46 @@
{ lib, stdenv, fetchurl }:
stdenv.mkDerivation rec {
pname = "findbugs";
version = "3.0.1";
src = fetchurl {
url = "mirror://sourceforge/${pname}/${pname}-${version}.tar.gz";
sha256 = "06b46fz4nid7qvm36r66zw01fr87y4jyz21ixw27b8hkqah0s3p8";
};
buildPhase = ''
substituteInPlace bin/findbugs --replace /bin/pwd pwd
'';
installPhase = ''
d=$out/libexec/findbugs
mkdir -p $d $out/bin $out/nix-support
cp -prd bin lib plugin doc $d/
rm $d/bin/*.bat
for i in $d/bin/*; do
if [ -f $i ]; then ln -s $i $out/bin/; fi
done
# Get rid of unnecessary JARs.
rm $d/lib/ant.jar
# Make some JARs findable.
mkdir -p $out/share/java
ln -s $d/lib/{findbugs.jar,findbugs-ant.jar} $out/share/java/
cat <<EOF > $out/nix-support/setup-hook
export FINDBUGS_HOME=$d
EOF
'';
meta = with lib; {
description = "A static analysis tool to find bugs in Java programs automatically";
homepage = "http://findbugs.sourceforge.net/";
maintainers = with maintainers; [ pSub ];
platforms = with platforms; unix;
sourceProvenance = with sourceTypes; [ binaryBytecode ];
license = licenses.lgpl3;
};
}

32
pkgs/development/tools/analysis/flow/default.nix Normal file
View file

@ -0,0 +1,32 @@
{ lib, stdenv, fetchFromGitHub, ocamlPackages, CoreServices }:
stdenv.mkDerivation rec {
pname = "flow";
version = "0.176.3";
src = fetchFromGitHub {
owner = "facebook";
repo = "flow";
rev = "v${version}";
sha256 = "sha256-ZjWIaZ4XT7v66ozjQu+ld0Tz2gVjQFUD6JoL1nW/DmE=";
};
makeFlags = [ "FLOW_RELEASE=1" ];
installPhase = ''
install -Dm755 bin/flow $out/bin/flow
install -Dm644 resources/shell/bash-completion $out/share/bash-completion/completions/flow
'';
buildInputs = (with ocamlPackages; [ ocaml findlib ocamlbuild ocaml-migrate-parsetree-2 dtoa core_kernel sedlex ocaml_lwt lwt_log lwt_ppx ppx_deriving ppx_gen_rec visitors wtf8 ])
++ lib.optionals stdenv.isDarwin [ CoreServices ];
meta = with lib; {
description = "A static type checker for JavaScript";
homepage = "https://flow.org/";
changelog = "https://github.com/facebook/flow/raw/v${version}/Changelog.md";
license = licenses.mit;
platforms = ocamlPackages.ocaml.meta.platforms;
maintainers = with maintainers; [ marsam puffnfresh ];
};
}

96
pkgs/development/tools/analysis/frama-c/default.nix Normal file
View file

@ -0,0 +1,96 @@
{ lib, stdenv, fetchurl, makeWrapper, writeText
, autoconf, ncurses, graphviz, doxygen
, ocamlPackages, ltl2ba, coq, why3
, gdk-pixbuf, wrapGAppsHook
}:
let why3_1_5 = why3; in
let why3 = why3_1_5.overrideAttrs (o: rec {
version = "1.4.1";
src = fetchurl {
url = "https://why3.gitlabpages.inria.fr/releases/${o.pname}-${version}.tar.gz";
sha256 = "sha256:1rqyypzlvagrn43ykl0c5wxyvnry5fl1ykn3xcvlzgghk96yq3jq";
};
}); in
let
mkocamlpath = p: "${p}/lib/ocaml/${ocamlPackages.ocaml.version}/site-lib";
runtimeDeps = with ocamlPackages; [
apron.dev
biniou
camlzip
easy-format
menhirLib
mlgmpidl
num
ocamlgraph
stdlib-shims
why3
re
seq
sexplib
sexplib0
parsexp
base
yojson
zarith
];
ocamlpath = lib.concatMapStringsSep ":" mkocamlpath runtimeDeps;
in
stdenv.mkDerivation rec {
pname = "frama-c";
version = "24.0";
slang = "Chromium";
src = fetchurl {
url = "https://frama-c.com/download/frama-c-${version}-${slang}.tar.gz";
sha256 = "sha256:0x1xgip50jdz1phsb9rzwf2ra8lshn1hmd9g967xia402wrg3sjf";
};
preConfigure = lib.optionalString stdenv.cc.isClang "configureFlagsArray=(\"--with-cpp=clang -E -C\")";
nativeBuildInputs = [ autoconf wrapGAppsHook ];
buildInputs = with ocamlPackages; [
ncurses ocaml findlib ltl2ba ocamlgraph yojson menhirLib camlzip
lablgtk3 lablgtk3-sourceview3 coq graphviz zarith apron why3 mlgmpidl doxygen
gdk-pixbuf
];
enableParallelBuilding = true;
preFixup = ''
gappsWrapperArgs+=(--prefix OCAMLPATH ':' ${ocamlpath})
'';
# Allow loading of external Frama-C plugins
setupHook = writeText "setupHook.sh" ''
addFramaCPath () {
if test -d "''$1/lib/frama-c/plugins"; then
export FRAMAC_PLUGIN="''${FRAMAC_PLUGIN-}''${FRAMAC_PLUGIN:+:}''$1/lib/frama-c/plugins"
export OCAMLPATH="''${OCAMLPATH-}''${OCAMLPATH:+:}''$1/lib/frama-c/plugins"
fi
if test -d "''$1/lib/frama-c"; then
export OCAMLPATH="''${OCAMLPATH-}''${OCAMLPATH:+:}''$1/lib/frama-c"
fi
if test -d "''$1/share/frama-c/"; then
export FRAMAC_EXTRA_SHARE="''${FRAMAC_EXTRA_SHARE-}''${FRAMAC_EXTRA_SHARE:+:}''$1/share/frama-c"
fi
}
addEnvHooks "$targetOffset" addFramaCPath
'';
meta = {
description = "An extensible and collaborative platform dedicated to source-code analysis of C software";
homepage = "http://frama-c.com/";
license = lib.licenses.lgpl21;
maintainers = with lib.maintainers; [ thoughtpolice amiddelk ];
platforms = lib.platforms.unix;
};
}

33
pkgs/development/tools/analysis/garcosim/tracefilegen/default.nix Normal file
View file

@ -0,0 +1,33 @@
{ lib, stdenv, fetchFromGitHub, cmake }:
stdenv.mkDerivation rec {
pname = "tracefilegen";
version = "unstable-2017-05-13";
src = fetchFromGitHub {
owner = "GarCoSim";
repo = "TraceFileGen";
rev = "0ebfd1fdb54079d4bdeaa81fc9267ecb9f016d60";
sha256 = "1gsx18ksgz5gwl3v62vgrmhxc0wc99i74qwhpn0h57zllk41drjc";
};
nativeBuildInputs = [ cmake ];
patches = [ ./gcc7.patch ];
installPhase = ''
install -Dm755 TraceFileGen $out/bin/TraceFileGen
mkdir -p $out/share/doc/${pname}-${version}/
cp -ar $src/Documentation/html $out/share/doc/${pname}-${version}/.
'';
meta = with lib; {
description = "Automatically generate all types of basic memory management operations and write into trace files";
homepage = "https://github.com/GarCoSim";
maintainers = [ maintainers.cmcdragonkai ];
license = licenses.gpl2;
platforms = platforms.linux;
};
}

13
pkgs/development/tools/analysis/garcosim/tracefilegen/gcc7.patch Normal file
View file

@ -0,0 +1,13 @@
diff --git a/Utils/Logger.cpp b/Utils/Logger.cpp
index 747cd63..e3efdf1 100644
--- a/Utils/Logger.cpp
+++ b/Utils/Logger.cpp
@@ -29,7 +29,7 @@ Logger::Logger(char* tracepath) {
trace = fopen(tracepath, "w");
// dot file is not used, set null as default value
- dot = '\0';
+ dot = nullptr;
//dot = fopen("gcKons.dot", "w");
//fprintf(dot,"digraph G {\n");
}

30
pkgs/development/tools/analysis/garcosim/tracefilesim/default.nix Normal file
View file

@ -0,0 +1,30 @@
{ lib, stdenv, fetchFromGitHub }:
stdenv.mkDerivation {
pname = "tracefilesim";
version = "unstable-2015-11-07";
src = fetchFromGitHub {
owner = "GarCoSim";
repo = "TraceFileSim";
rev = "368aa6b1d6560e7ecbd16fca47000c8f528f3da2";
sha256 = "156m92k38ap4bzidbr8dzl065rni8lrib71ih88myk9z5y1x5nxm";
};
hardeningDisable = [ "fortify" ];
installPhase = ''
mkdir --parents "$out/bin"
cp ./traceFileSim "$out/bin"
'';
meta = with lib; {
description = "Ease the analysis of existing memory management techniques, as well as the prototyping of new memory management techniques";
homepage = "https://github.com/GarCoSim";
maintainers = [ maintainers.cmcdragonkai ];
license = licenses.gpl2;
platforms = platforms.linux;
};
}

76
pkgs/development/tools/analysis/hopper/default.nix Normal file
View file

@ -0,0 +1,76 @@
{ stdenv
, fetchurl
, lib
, autoPatchelfHook
, wrapQtAppsHook
, gmpxx
, gnustep
, libbsd
, libffi_3_3
, ncurses6
}:
stdenv.mkDerivation rec {
pname = "hopper";
version = "5.5.3";
rev = "v4";
src = fetchurl {
url = "https://d2ap6ypl1xbe4k.cloudfront.net/Hopper-${rev}-${version}-Linux-demo.pkg.tar.xz";
hash = "sha256-xq9ZVg1leHm/tq6LYyQLa8p5dDwBd64Jt92uMoE0z58=";
};
sourceRoot = ".";
nativeBuildInputs = [
autoPatchelfHook
wrapQtAppsHook
];
buildInputs = [
gnustep.libobjc
libbsd
libffi_3_3
ncurses6
];
installPhase = ''
runHook preInstall
mkdir -p $out/bin
mkdir -p $out/lib
mkdir -p $out/share
cp $sourceRoot/opt/hopper-${rev}/bin/Hopper $out/bin/hopper
cp \
--archive \
$sourceRoot/opt/hopper-${rev}/lib/libBlocksRuntime.so* \
$sourceRoot/opt/hopper-${rev}/lib/libdispatch.so* \
$sourceRoot/opt/hopper-${rev}/lib/libgnustep-base.so* \
$sourceRoot/opt/hopper-${rev}/lib/libHopperCore.so* \
$sourceRoot/opt/hopper-${rev}/lib/libkqueue.so* \
$sourceRoot/opt/hopper-${rev}/lib/libobjcxx.so* \
$sourceRoot/opt/hopper-${rev}/lib/libpthread_workqueue.so* \
$out/lib
cp -r $sourceRoot/usr/share $out
runHook postInstall
'';
postFixup = ''
substituteInPlace "$out/share/applications/hopper-${rev}.desktop" \
--replace "Exec=/opt/hopper-${rev}/bin/Hopper" "Exec=$out/bin/hopper"
'';
meta = with lib; {
homepage = "https://www.hopperapp.com/index.html";
description = "A macOS and Linux Disassembler";
license = licenses.unfree;
maintainers = with maintainers; [
luis
Enteee
];
platforms = platforms.linux;
};
}

80
pkgs/development/tools/analysis/hotspot/default.nix Normal file
View file

@ -0,0 +1,80 @@
{ lib
, mkDerivation
, cmake
, elfutils
, extra-cmake-modules
, fetchFromGitHub
, kconfigwidgets
, ki18n
, kio
, kitemmodels
, kitemviews
, kwindowsystem
, libelf
, qtbase
, threadweaver
, qtx11extras
, zstd
, kddockwidgets
, rustc-demangle
}:
mkDerivation rec {
pname = "hotspot";
version = "1.3.0";
src = fetchFromGitHub {
owner = "KDAB";
repo = "hotspot";
rev = "v${version}";
sha256 = "1f68bssh3p387hkavfjkqcf7qf7w5caznmjfjldicxphap4riqr5";
fetchSubmodules = true;
};
nativeBuildInputs = [
cmake
extra-cmake-modules
];
buildInputs = [
elfutils
kconfigwidgets
ki18n
kio
kitemmodels
kitemviews
kwindowsystem
libelf
qtbase
threadweaver
qtx11extras
zstd
kddockwidgets
rustc-demangle
];
# hotspot checks for the presence of third party libraries'
# git directory to give a nice warning when you forgot to clone
# submodules; but Nix clones them and removes .git (for reproducibility).
# So we need to fake their existence here.
postPatch = ''
mkdir -p 3rdparty/{perfparser,PrefixTickLabels}/.git
'';
cmakeFlags = [
"-DRUSTC_DEMANGLE_INCLUDE_DIR=${rustc-demangle}/include"
"-DRUSTC_DEMANGLE_LIBRARY=${rustc-demangle}/lib/librustc_demangle.so"
];
meta = {
description = "A GUI for Linux perf";
longDescription = ''
hotspot is a GUI replacement for `perf report`.
It takes a perf.data file, parses and evaluates its contents and
then displays the result in a graphical way.
'';
homepage = "https://github.com/KDAB/hotspot";
license = with lib.licenses; [ gpl2Only gpl3Only ];
platforms = lib.platforms.linux;
maintainers = with lib.maintainers; [ nh2 ];
};
}

37
pkgs/development/tools/analysis/ikos/default.nix Normal file
View file

@ -0,0 +1,37 @@
{ stdenv, lib, fetchFromGitHub, cmake, boost, tbb
, gmp, llvm, clang, sqlite, python3
, ocamlPackages, mpfr, ppl, doxygen, graphviz
}:
let
python = python3.withPackages (ps: with ps; [
pygments
]);
in
stdenv.mkDerivation rec {
pname = "ikos";
version = "3.0";
src = fetchFromGitHub {
owner = "NASA-SW-VnV";
repo = "ikos";
rev = "v${version}";
sha256 = "0k3kp1af0qx3l1x6a4sl4fm8qlwchjvwkvs2ck0fhfnc62q2im5f";
};
nativeBuildInputs = [ cmake ];
buildInputs = [ boost tbb gmp clang llvm sqlite python
ocamlPackages.apron mpfr ppl doxygen graphviz ];
cmakeFlags = [ "-DAPRON_ROOT=${ocamlPackages.apron}" ];
postBuild = "make doc";
meta = with lib; {
homepage = "https://github.com/NASA-SW-VnV/ikos";
description = "Static analyzer for C/C++ based on the theory of Abstract Interpretation";
license = licenses.nasa13;
maintainers = with maintainers; [ atnnn ];
};
}

37
pkgs/development/tools/analysis/include-what-you-use/default.nix Normal file
View file

@ -0,0 +1,37 @@
{ lib, stdenv, fetchurl, cmake, llvmPackages, python3 }:
stdenv.mkDerivation rec {
pname = "include-what-you-use";
# Also bump llvmPackages in all-packages.nix to the supported version!
version = "0.18";
src = fetchurl {
sha256 = "sha256-kQL8hBkpR1ffhqic5uwwX42QqBjR8lmKE50V6xiUuPM=";
url = "${meta.homepage}/downloads/${pname}-${version}.src.tar.gz";
};
nativeBuildInputs = with llvmPackages; [ cmake llvm.dev llvm python3];
buildInputs = with llvmPackages; [ libclang clang-unwrapped ];
cmakeFlags = [ "-DIWYU_LLVM_ROOT_PATH=${llvmPackages.clang-unwrapped}" ];
postInstall = ''
substituteInPlace $out/bin/iwyu_tool.py \
--replace "'include-what-you-use'" "'$out/bin/include-what-you-use'"
'';
meta = with lib; {
description = "Analyze #includes in C/C++ source files with clang";
longDescription = ''
For every symbol (type, function variable, or macro) that you use in
foo.cc, either foo.cc or foo.h should #include a .h file that exports the
declaration of that symbol. The main goal of include-what-you-use is to
remove superfluous #includes, both by figuring out what #includes are not
actually needed for this file (for both .cc and .h files), and by
replacing #includes with forward-declares when possible.
'';
homepage = "https://include-what-you-use.org";
license = licenses.bsd3;
platforms = platforms.unix;
};
}

35
pkgs/development/tools/analysis/jdepend/default.nix Normal file
View file

@ -0,0 +1,35 @@
{ lib, stdenv, fetchFromGitHub, ant, jdk, runtimeShell }:
stdenv.mkDerivation rec {
pname = "jdepend";
version = "2.10";
src = fetchFromGitHub {
owner = "clarkware";
repo = "jdepend";
rev = version;
sha256 = "1lxf3j9vflky7a2py3i59q7cwd1zvjv2b88l3za39vc90s04dz6k";
};
nativeBuildInputs = [ ant jdk ];
buildPhase = "ant jar";
installPhase = ''
mkdir -p $out/bin $out/share
install dist/${pname}-${version}.jar $out/share
cat > "$out/bin/jdepend" <<EOF
#!${runtimeShell}
exec ${jdk.jre}/bin/java -classpath "$out/share/*" "\$@"
EOF
chmod a+x $out/bin/jdepend
'';
meta = with lib; {
description = "Traverses Java class file directories and generates design quality metrics for each Java package";
homepage = "http://www.clarkware.com/software/JDepend.html";
license = licenses.bsd3;
platforms = platforms.linux;
maintainers = with maintainers; [ pSub ];
};
}

84
pkgs/development/tools/analysis/kcov/default.nix Normal file
View file

@ -0,0 +1,84 @@
{ lib
, stdenv
, fetchFromGitHub
, cmake
, pkg-config
, zlib
, curl
, elfutils
, python3
, libiberty
, libopcodes
, runCommand
, gcc
, rustc
}:
let
self =
stdenv.mkDerivation rec {
pname = "kcov";
version = "38";
src = fetchFromGitHub {
owner = "SimonKagstrom";
repo = "kcov";
rev = "v${version}";
sha256 = "sha256-6LoIo2/yMUz8qIpwJVcA3qZjjF+8KEM1MyHuyHsQD38=";
};
preConfigure = "patchShebangs src/bin-to-c-source.py";
nativeBuildInputs = [ cmake pkg-config python3 ];
buildInputs = [ curl zlib elfutils libiberty libopcodes ];
strictDeps = true;
passthru.tests = {
works-on-c = runCommand "works-on-c" {} ''
set -ex
cat - > a.c <<EOF
int main() {}
EOF
${gcc}/bin/gcc a.c -o a.out
${self}/bin/kcov /tmp/kcov ./a.out
test -e /tmp/kcov/index.html
touch $out
set +x
'';
works-on-rust = runCommand "works-on-rust" {} ''
set -ex
cat - > a.rs <<EOF
fn main() {}
EOF
# Put gcc in the path so that `cc` is found
PATH=${gcc}/bin:$PATH ${rustc}/bin/rustc a.rs -o a.out
${self}/bin/kcov /tmp/kcov ./a.out
test -e /tmp/kcov/index.html
touch $out
set +x
'';
};
meta = with lib; {
description = "Code coverage tester for compiled programs, Python scripts and shell scripts";
longDescription = ''
Kcov is a code coverage tester for compiled programs, Python
scripts and shell scripts. It allows collecting code coverage
information from executables without special command-line
arguments, and continuosly produces output from long-running
applications.
'';
homepage = "http://simonkagstrom.github.io/kcov/index.html";
license = licenses.gpl2;
changelog = "https://github.com/SimonKagstrom/kcov/blob/master/ChangeLog";
maintainers = with maintainers; [ gal_bolle ekleog ];
platforms = platforms.linux;
};
};
in
self

45
pkgs/development/tools/analysis/lcov/default.nix Normal file
View file

@ -0,0 +1,45 @@
{lib, stdenv, fetchFromGitHub, perl, perlPackages, makeWrapper }:
stdenv.mkDerivation rec {
pname = "lcov";
version = "1.15";
src = fetchFromGitHub {
owner = "linux-test-project";
repo = "lcov";
rev = "v${version}";
sha256 = "1kvc7fkp45w48f0bxwbxvxkicnjrrydki0hllg294n1wrp80zzyk";
};
nativeBuildInputs = [ makeWrapper ];
buildInputs = [ perl ];
preBuild = ''
patchShebangs bin/
makeFlagsArray=(PREFIX=$out LCOV_PERL_PATH=$(command -v perl))
'';
postInstall = ''
wrapProgram $out/bin/lcov --set PERL5LIB ${perlPackages.makeFullPerlPath [ perlPackages.PerlIOgzip perlPackages.JSON ]}
wrapProgram $out/bin/genpng --set PERL5LIB ${perlPackages.makeFullPerlPath [ perlPackages.GD ]}
'';
meta = with lib; {
description = "Code coverage tool that enhances GNU gcov";
longDescription =
'' LCOV is an extension of GCOV, a GNU tool which provides information
about what parts of a program are actually executed (i.e.,
"covered") while running a particular test case. The extension
consists of a set of PERL scripts which build on the textual GCOV
output to implement the following enhanced functionality such as
HTML output.
'';
homepage = "http://ltp.sourceforge.net/coverage/lcov.php";
license = lib.licenses.gpl2Plus;
maintainers = with maintainers; [ dezgeg ];
platforms = platforms.all;
};
}

33
pkgs/development/tools/analysis/makefile2graph/default.nix Normal file
View file

@ -0,0 +1,33 @@
{ lib, stdenv, fetchFromGitHub, makeWrapper, bash, gnumake }:
stdenv.mkDerivation rec {
pname = "makefile2graph";
version = "unstable-2018-01-03";
src = fetchFromGitHub {
owner = "lindenb";
repo = "makefile2graph";
rev = "61fb95a5ba91c20236f5e4deb11127c34b47091f";
sha256 = "07hq40bl48i8ka35fcciqcafpd8k9rby1wf4vl2p53v0665xaghr";
};
nativeBuildInputs = [ makeWrapper ];
makeFlags = [ "prefix=$(out)" ];
fixupPhase = ''
substituteInPlace $out/bin/makefile2graph \
--replace '/bin/sh' ${bash}/bin/bash \
--replace 'make2graph' "$out/bin/make2graph"
wrapProgram $out/bin/makefile2graph \
--set PATH ${lib.makeBinPath [ gnumake ]}
'';
meta = with lib; {
homepage = "https://github.com/lindenb/makefile2graph";
description = "Creates a graph of dependencies from GNU-Make; Output is a graphiz-dot file or a Gexf-XML file";
maintainers = with maintainers; [ cmcdragonkai ];
license = licenses.mit;
platforms = platforms.all;
};
}

30
pkgs/development/tools/analysis/massif-visualizer/default.nix Normal file
View file

@ -0,0 +1,30 @@
{
mkDerivation, lib, fetchurl,
extra-cmake-modules, shared-mime-info,
qtsvg, qtxmlpatterns, karchive, kconfig, kcoreaddons, kparts, kio, ki18n,
kdiagram, kgraphviewer
}:
mkDerivation rec {
pname = "massif-visualizer";
version = "0.7.0";
src = fetchurl {
url = "mirror://kde/stable/massif-visualizer/${version}/src/${pname}-${version}.tar.xz";
sha256 = "0v8z6r9gngzckvqyxjm9kp7hilwfqibyk2f9vag9l98ar0iwr97q";
};
nativeBuildInputs = [ extra-cmake-modules shared-mime-info ];
buildInputs = [
qtsvg qtxmlpatterns karchive kconfig kcoreaddons kparts kio ki18n
kdiagram kgraphviewer
];
meta = with lib; {
description = "Tool that visualizes massif data generated by valgrind";
license = licenses.gpl2;
platforms = platforms.linux;
maintainers = with maintainers; [ zraexy ];
};
}

43
pkgs/development/tools/analysis/nix-linter/default.nix Normal file
View file

@ -0,0 +1,43 @@
{ lib
, mkDerivation
, fetchFromGitHub
, fixplate
, tasty
, tasty-hunit
, tasty-th
, streamly
, mtl
, path
, pretty-terminal
, text
, base
, aeson
, path-io
, cmdargs
, containers
, hnix
, bytestring
}:
mkDerivation rec {
pname = "nix-linter";
version = "0.2.0.4";
src = fetchFromGitHub {
owner = "Synthetica9";
repo = "nix-linter";
rev = "ecdd50750fd3ffaff83c0637474b884a0c38f8b9";
sha256 = "0hm6iaamh1wlvqk8z4yfh4idgbclbsimxhlgflwz2hnv9mm12sf1";
};
isLibrary = false;
isExecutable = true;
libraryHaskellDepends = [ fixplate ];
executableHaskellDepends = [ streamly mtl path pretty-terminal text base aeson cmdargs containers hnix bytestring path-io ];
testHaskellDepends = [ tasty tasty-hunit tasty-th ];
description = "Linter for Nix(pkgs), based on hnix";
homepage = "https://github.com/Synthetica9/nix-linter";
license = lib.licenses.bsd3;
maintainers = [ lib.maintainers.marsam ];
}

29
pkgs/development/tools/analysis/oclgrind/default.nix Normal file
View file

@ -0,0 +1,29 @@
{ lib, stdenv, fetchFromGitHub, cmake, llvmPackages, readline, python3 }:
stdenv.mkDerivation rec {
pname = "oclgrind";
version = "21.10";
src = fetchFromGitHub {
owner = "jrprice";
repo = "oclgrind";
rev = "v${version}";
sha256 = "sha256-DGCF7X2rPV1w9guxg2bMylRirXQgez24sG7Unlct3ow=";
};
nativeBuildInputs = [ cmake ];
checkInputs = [ python3 ];
buildInputs = [ llvmPackages.llvm llvmPackages.clang-unwrapped readline ];
cmakeFlags = [
"-DCLANG_ROOT=${llvmPackages.clang-unwrapped}"
];
meta = with lib; {
description = "An OpenCL device simulator and debugger";
homepage = "https://github.com/jrprice/oclgrind";
license = licenses.bsd3;
platforms = platforms.linux;
maintainers = with maintainers; [ athas ];
};
}

51
pkgs/development/tools/analysis/panopticon/default.nix Normal file
View file

@ -0,0 +1,51 @@
{ stdenv, lib, fetchFromGitHub, rustPlatform, qt5, git, cmake
, pkg-config, makeWrapper }:
rustPlatform.buildRustPackage rec {
pname = "panopticon";
version = "unstable-20171202";
src = fetchFromGitHub {
owner = "das-labor";
repo = pname;
rev = "33ffec0d6d379d51b38d6ea00d040f54b1356ae4";
sha256 = "1zv87nqhrzsxx0m891df4vagzssj3kblfv9yp7j96dw0vn9950qa";
};
nativeBuildInputs = [ cmake pkg-config makeWrapper ];
propagatedBuildInputs = with qt5; [
qt5.qtbase
qtdeclarative
qtsvg
qtquickcontrols2
qtgraphicaleffects
git
];
dontWrapQtApps = true;
cargoSha256 = "0vhcb3kw1zgchx3nrk8lyrz8p5071y99vsysxvi71klv7dcvn0am";
doCheck = false;
postInstall = ''
mkdir -p $out/share/${pname} $out/bin
cp -R qml $out/share/${pname}
mv $out/bin/${pname} $out/share/${pname}
chmod +x $out/share/${pname}
makeWrapper $out/share/${pname}/${pname} $out/bin/${pname}
'';
meta = with lib; {
broken = stdenv.isDarwin;
description = "A libre cross-platform disassembler";
longDescription = ''
Panopticon is a cross platform disassembler for reverse
engineering written in Rust. It can disassemble AMD64,
x86, AVR and MOS 6502 instruction sets and open ELF files.
Panopticon comes with Qt GUI for browsing and annotating
control flow graphs.
'';
license = with licenses; [ gpl3 ];
maintainers = with maintainers; [ leenaars ];
};
}

30
pkgs/development/tools/analysis/pev/default.nix Normal file
View file

@ -0,0 +1,30 @@
{ lib, stdenv, openssl, fetchFromGitHub }:
stdenv.mkDerivation {
pname = "pev";
version = "unstable-2020-05-23";
src = fetchFromGitHub {
owner = "merces";
repo = "pev";
rev = "beec2b4f09585fea919ed41ce466dee06be0b6bf";
sha256 = "sha256-HrMbk9YbuqkoBBM7+rfXpqVEnd1rDl2rMePdcfU1WDg=";
fetchSubmodules = true;
};
buildInputs = [ openssl ];
enableParallelBuilding = true;
makeFlags = [ "prefix=$(out)" ];
installFlags = [ "prefix=$(out)" ];
meta = with lib; {
description = "A full-featured, open source, multiplatform command line toolkit to work with PE (Portable Executables) binaries";
homepage = "https://pev.sourceforge.net/";
license = licenses.gpl2;
maintainers = with maintainers; [ jeschli ];
platforms = platforms.linux;
};
}

29
pkgs/development/tools/analysis/pmd/default.nix Normal file
View file

@ -0,0 +1,29 @@
{ lib, stdenv, fetchurl, unzip, makeWrapper, openjdk }:
stdenv.mkDerivation rec {
pname = "pmd";
version = "6.43.0";
src = fetchurl {
url = "mirror://sourceforge/pmd/pmd-bin-${version}.zip";
sha256 = "sha256-+eJCN890vm4WBcMZ2VCGOS8WUyIckL+DfQVNaUSovGE=";
};
nativeBuildInputs = [ unzip makeWrapper ];
installPhase = ''
runHook preInstall
mkdir -p $out
cp -R {bin,lib} $out
wrapProgram $out/bin/run.sh --prefix PATH : ${openjdk.jre}/bin
runHook postInstall
'';
meta = with lib; {
description = "An extensible cross-language static code analyzer";
homepage = "https://pmd.github.io/";
changelog = "https://pmd.github.io/pmd-${version}/pmd_release_notes.html";
platforms = platforms.unix;
license = with licenses; [ bsdOriginal asl20 ];
};
}

44
pkgs/development/tools/analysis/qcachegrind/default.nix Normal file
View file

@ -0,0 +1,44 @@
{ lib, stdenv, qmake, qtbase, perl, php, kcachegrind, wrapQtAppsHook }:
stdenv.mkDerivation {
pname = "qcachegrind";
version = kcachegrind.version;
src = kcachegrind.src;
buildInputs = [ qtbase perl php ];
nativeBuildInputs = [ qmake wrapQtAppsHook ];
dontWrapQtApps = true;
postInstall = ''
mkdir -p $out/bin
cp -p converters/dprof2calltree $out/bin/dprof2calltree
cp -p converters/memprof2calltree $out/bin/memprof2calltree
cp -p converters/op2calltree $out/bin/op2calltree
cp -p converters/pprof2calltree $out/bin/pprof2calltree
chmod -R +x $out/bin/
'' + (if stdenv.isDarwin then ''
mkdir -p $out/Applications
cp cgview/cgview.app/Contents/MacOS/cgview $out/bin
cp -a qcachegrind/qcachegrind.app $out/Applications
'' else ''
install qcachegrind/qcachegrind cgview/cgview -t "$out/bin"
install -Dm644 qcachegrind/qcachegrind.desktop -t "$out/share/applications"
install -Dm644 kcachegrind/32-apps-kcachegrind.png "$out/share/icons/hicolor/32x32/apps/kcachegrind.png"
install -Dm644 kcachegrind/48-apps-kcachegrind.png "$out/share/icons/hicolor/48x48/apps/kcachegrind.png"
'');
preFixup = ''
wrapQtApp "$out/bin/qcachegrind"
'';
meta = with lib; {
broken = stdenv.isDarwin;
description = "A Qt GUI to visualize profiling data";
license = licenses.gpl2Plus;
platforms = platforms.unix;
maintainers = with maintainers; [ periklis ];
};
}

120
pkgs/development/tools/analysis/radare2/default.nix Normal file
View file

@ -0,0 +1,120 @@
{ lib
, stdenv
, fetchFromGitHub
, buildPackages
, pkg-config
, libusb-compat-0_1
, readline
, libewf
, perl
, zlib
, openssl
, libuv
, file
, libzip
, xxHash
, gtk2
, vte
, gtkdialog
, python3
, ruby
, lua
, capstone
, useX11 ? false
, rubyBindings ? false
, pythonBindings ? false
, luaBindings ? false
}:
let
# FIXME: Compare revision with https://github.com/radareorg/radare2/blob/master/libr/asm/arch/arm/v35arm64/Makefile#L20
arm64 = fetchFromGitHub {
owner = "radareorg";
repo = "vector35-arch-arm64";
rev = "3c5eaba46dab72ecb7d5f5b865a13fdeee95b464";
sha256 = "sha256-alcGEi+D8CptXzfznnuxQKCvU2mbzn2sQge5jSqLVpg=";
};
armv7 = fetchFromGitHub {
owner = "radareorg";
repo = "vector35-arch-armv7";
rev = "dde39f69ffea19fc37e681874b12cb4707bc4f30";
sha256 = "sha256-bnWQc0dScM9rhIdzf+iVXvMqYWq/bguEAUQPaZRgdlU=";
};
in
stdenv.mkDerivation rec {
pname = "radare2";
version = "5.7.0";
src = fetchFromGitHub {
owner = "radare";
repo = "radare2";
rev = version;
sha256 = "sha256-tCFi1m3xyQlG+8FijjQh8PMwg6CIfIxvLkd5xCIZHHo=";
};
preBuild = ''
cp -r ${arm64} libr/asm/arch/arm/v35arm64/arch-arm64
chmod -R +w libr/asm/arch/arm/v35arm64/arch-arm64
cp -r ${armv7} libr/asm/arch/arm/v35arm64/arch-armv7
chmod -R +w libr/asm/arch/arm/v35arm64/arch-armv7
'';
postFixup = lib.optionalString stdenv.isDarwin ''
for file in $out/bin/rasm2 $out/bin/ragg2 $out/bin/rabin2 $out/lib/libr_asm.${version}.dylib $out/lib/libr_anal.${version}.dylib; do
install_name_tool -change libcapstone.4.dylib ${capstone}/lib/libcapstone.4.dylib $file
done
'';
WITHOUT_PULL = "1";
makeFlags = [
"GITTAP=${version}"
"RANLIB=${stdenv.cc.bintools.bintools}/bin/${stdenv.cc.bintools.targetPrefix}ranlib"
"CC=${stdenv.cc.targetPrefix}cc"
"HOST_CC=${stdenv.cc.targetPrefix}cc"
];
configureFlags = [
"--with-sysmagic"
"--with-syszip"
"--with-sysxxhash"
"--with-syscapstone"
"--with-openssl"
];
enableParallelBuilding = true;
depsBuildBuild = [ buildPackages.stdenv.cc ];
nativeBuildInputs = [ pkg-config ];
buildInputs = [
capstone
file
readline
libusb-compat-0_1
libewf
perl
zlib
openssl
libuv
] ++ lib.optional useX11 [ gtkdialog vte gtk2 ]
++ lib.optional rubyBindings [ ruby ]
++ lib.optional pythonBindings [ python3 ]
++ lib.optional luaBindings [ lua ];
propagatedBuildInputs = [
# radare2 exposes r_lib which depends on these libraries
file # for its list of magic numbers (`libmagic`)
libzip
xxHash
];
meta = with lib; {
broken = stdenv.isDarwin;
description = "unix-like reverse engineering framework and commandline tools";
homepage = "https://radare.org/";
license = licenses.gpl2Plus;
maintainers = with maintainers; [ raskin makefu mic92 arkivm ];
platforms = platforms.unix;
};
}

29
pkgs/development/tools/analysis/randoop/default.nix Normal file
View file

@ -0,0 +1,29 @@
{ lib, stdenv, fetchurl, unzip }:
stdenv.mkDerivation rec {
version = "4.3.0";
pname = "randoop";
src = fetchurl {
url = "https://github.com/randoop/randoop/releases/download/v${version}/${pname}-${version}.zip";
sha256 = "sha256-3svBmXcRvscaK8YD4qm/geQSJ6cAm0en/d7H09h41PQ=";
};
nativeBuildInputs = [ unzip ];
installPhase = ''
mkdir -p $out/lib $out/doc
cp -R *.jar $out/lib
cp README.txt $out/doc
'';
meta = with lib; {
description = "Automatic test generation for Java";
homepage = "https://randoop.github.io/randoop/";
sourceProvenance = with sourceTypes; [ binaryBytecode ];
license = licenses.mit;
maintainers = with maintainers; [ pSub ];
platforms = platforms.linux;
};
}

233
pkgs/development/tools/analysis/retdec/default.nix Normal file
View file

@ -0,0 +1,233 @@
{ stdenv
, fetchFromGitHub
, fetchpatch
, fetchzip
, lib
, callPackage
, openssl
, cmake
, autoconf
, automake
, libtool
, pkg-config
, bison
, flex
, groff
, perl
, python3
, time
, upx
, ncurses
, libffi
, libxml2
, zlib
, withPEPatterns ? false
}:
let
capstone = fetchFromGitHub {
owner = "avast-tl";
repo = "capstone";
rev = "27c713fe4f6eaf9721785932d850b6291a6073fe";
sha256 = "105z1g9q7s6n15qpln9vzhlij7vj6cyc5dqdr05n7wzjvlagwgxc";
};
elfio = fetchFromGitHub {
owner = "avast-tl";
repo = "elfio";
rev = "998374baace397ea98f3b1d768e81c978b4fba41";
sha256 = "09n34rdp0wpm8zy30zx40wkkc4gbv2k3cv181y6c1260rllwk5d1";
};
keystone = fetchFromGitHub { # only for tests
owner = "keystone-engine";
repo = "keystone";
rev = "d7ba8e378e5284e6384fc9ecd660ed5f6532e922";
sha256 = "1yzw3v8xvxh1rysh97y0i8y9svzbglx2zbsqjhrfx18vngh0x58f";
};
libdwarf = fetchFromGitHub {
owner = "avast-tl";
repo = "libdwarf";
rev = "85465d5e235cc2d2f90d04016d6aca1a452d0e73";
sha256 = "11y62r65py8yp57i57a4cymxispimn62by9z4j2g19hngrpsgbki";
};
llvm = fetchFromGitHub {
owner = "avast-tl";
repo = "llvm";
rev = "725d0cee133c6ab9b95c493f05de3b08016f5c3c";
sha256 = "0dzvafmn4qs62w1y9vh0a11clpj6q3hb41aym4izpcyybjndf9bq";
};
pelib = fetchFromGitHub {
owner = "avast-tl";
repo = "pelib";
rev = "a7004b2e80e4f6dc984f78b821e7b585a586050d";
sha256 = "0nyrb3g749lxgcymz1j584xbb1x6rvy1mc700lyn0brznvqsm81n";
};
rapidjson = fetchFromGitHub {
owner = "Tencent";
repo = "rapidjson";
rev = "v1.1.0";
sha256 = "1jixgb8w97l9gdh3inihz7avz7i770gy2j2irvvlyrq3wi41f5ab";
};
yaracpp = callPackage ./yaracpp.nix {}; # is its own package because it needs a patch
yaramod = fetchFromGitHub {
owner = "avast-tl";
repo = "yaramod";
rev = "v2.2.2";
sha256 = "0cq9h4h686q9ybamisbl797g6xjy211s3cq83nixkwkigmz48ccp";
};
jsoncpp = fetchFromGitHub {
owner = "open-source-parsers";
repo = "jsoncpp";
rev = "1.8.4";
sha256 = "1z0gj7a6jypkijmpknis04qybs1hkd04d1arr3gy89lnxmp6qzlm";
};
googletest = fetchFromGitHub { # only for tests
owner = "google";
repo = "googletest";
rev = "83fa0cb17dad47a1d905526dcdddb5b96ed189d2";
sha256 = "1c2r0p9v7vz2vasy8bknfb448l6wsvzw35s8hmc5z013z5502mpk";
};
tinyxml2 = fetchFromGitHub {
owner = "leethomason";
repo = "tinyxml2";
rev = "cc1745b552dd12bb1297a99f82044f83b06729e0";
sha256 = "015g8520a0c55gwmv7pfdsgfz2rpdmh3d1nq5n9bd65n35492s3q";
};
retdec-support = let
version = "2018-02-08"; # make sure to adjust both hashes (once with withPEPatterns=true and once withPEPatterns=false)
in fetchzip {
url = "https://github.com/avast-tl/retdec-support/releases/download/${version}/retdec-support_${version}.tar.xz";
sha256 = if withPEPatterns then "148i8flbyj1y4kfdyzsz7jsj38k4h97npjxj18h6v4wksd4m4jm7"
else "0ixv9qyqq40pzyqy6v9jf5rxrvivjb0z0zn260nbmb9gk765bacy";
stripRoot = false;
# Removing PE signatures reduces this from 3.8GB -> 642MB (uncompressed)
postFetch = lib.optionalString (!withPEPatterns) ''
rm -r "$out/generic/yara_patterns/static-code/pe"
'';
} // {
inherit version; # necessary to check the version against the expected version
};
# patch CMakeLists.txt for a dependency and compare the versions to the ones expected by upstream
# this has to be applied for every dependency (which it is in postPatch)
patchDep = dep: ''
# check if our version of dep is the same version that upstream expects
echo "Checking version of ${dep.dep_name}"
expected_rev="$( sed -n -e 's|.*URL https://github.com/.*/archive/\(.*\)\.zip.*|\1|p' "deps/${dep.dep_name}/CMakeLists.txt" )"
if [ "$expected_rev" != '${dep.rev}' ]; then
echo "The ${dep.dep_name} dependency has the wrong version: ${dep.rev} while $expected_rev is expected."
exit 1
fi
# patch the CMakeLists.txt file to use our local copy of the dependency instead of fetching it at build time
sed -i -e 's|URL .*|URL ${dep}|' "deps/${dep.dep_name}/CMakeLists.txt"
'';
in stdenv.mkDerivation rec {
pname = "retdec";
# If you update this you will also need to adjust the versions of the updated dependencies. You can do this by first just updating retdec
# itself and trying to build it. The build should fail and tell you which dependencies you have to upgrade to which versions.
# I've notified upstream about this problem here:
# https://github.com/avast-tl/retdec/issues/412
# gcc is pinned to gcc8 in all-packages.nix. That should probably be re-evaluated on update.
version = "3.2";
src = fetchFromGitHub {
owner = "avast-tl";
repo = pname;
rev = "refs/tags/v${version}";
sha256 = "0chky656lsddn20bnm3pmz6ix20y4a0y8swwr42hrhi01vkhmzrp";
};
nativeBuildInputs = [
cmake
autoconf
automake
libtool
pkg-config
bison
flex
groff
perl
python3
];
buildInputs = [
openssl
ncurses
libffi
libxml2
zlib
];
cmakeFlags = [
"-DRETDEC_TESTS=ON" # build tests
];
# all dependencies that are normally fetched during build time (the subdirectories of `deps`)
# all of these need to be fetched through nix and the CMakeLists files need to be patched not to fetch them themselves
external_deps = [
(capstone // { dep_name = "capstone"; })
(elfio // { dep_name = "elfio"; })
(googletest // { dep_name = "googletest"; })
(jsoncpp // { dep_name = "jsoncpp"; })
(keystone // { dep_name = "keystone"; })
(libdwarf // { dep_name = "libdwarf"; })
(llvm // { dep_name = "llvm"; })
(pelib // { dep_name = "pelib"; })
(rapidjson // { dep_name = "rapidjson"; })
(tinyxml2 // { dep_name = "tinyxml2"; })
(yaracpp // { dep_name = "yaracpp"; })
(yaramod // { dep_name = "yaramod"; })
];
# Use newer yaramod to fix w/bison 3.2+
patches = [
# 2.1.2 -> 2.2.1
(fetchpatch {
url = "https://github.com/avast-tl/retdec/commit/c9d23da1c6e23c149ed684c6becd3f3828fb4a55.patch";
sha256 = "0hdq634f72fihdy10nx2ajbps561w03dfdsy5r35afv9fapla6mv";
})
# 2.2.1 -> 2.2.2
(fetchpatch {
url = "https://github.com/avast-tl/retdec/commit/fb85f00754b5d13b781385651db557741679721e.patch";
sha256 = "0a8mwmwb39pr5ag3q11nv81ncdk51shndqrkm92shqrmdq14va52";
})
];
postPatch = (lib.concatMapStrings patchDep external_deps) + ''
# install retdec-support
echo "Checking version of retdec-support"
expected_version="$( sed -n -e "s|^version = '\(.*\)'$|\1|p" 'cmake/install-share.py' )"
if [ "$expected_version" != '${retdec-support.version}' ]; then
echo "The retdec-support dependency has the wrong version: ${retdec-support.version} while $expected_version is expected."
exit 1
fi
mkdir -p "$out/share/retdec"
cp -r ${retdec-support} "$out/share/retdec/support" # write permission needed during install
chmod -R u+w "$out/share/retdec/support"
# python file originally responsible for fetching the retdec-support archive to $out/share/retdec
# that is not necessary anymore, so empty the file
echo > cmake/install-share.py
# call correct `time` and `upx` programs
substituteInPlace scripts/retdec-config.py --replace /usr/bin/time ${time}/bin/time
substituteInPlace scripts/retdec-unpacker.py --replace "'upx'" "'${upx}/bin/upx'"
'';
doInstallCheck = true;
installCheckPhase = ''
${python3.interpreter} "$out/bin/retdec-tests-runner.py"
rm -rf $out/bin/__pycache__
'';
meta = with lib; {
description = "A retargetable machine-code decompiler based on LLVM";
homepage = "https://retdec.com";
license = licenses.mit;
maintainers = with maintainers; [ dtzWill timokau ];
platforms = ["x86_64-linux" "i686-linux"];
};
}

49
pkgs/development/tools/analysis/retdec/yaracpp.nix Normal file
View file

@ -0,0 +1,49 @@
{ stdenv
, fetchFromGitHub
, coreutils
}:
let
yara = fetchFromGitHub {
owner = "avast-tl";
repo = "yara";
rev = "ea101c5856941f39cad2db3012f2660d1d5c8b65";
sha256 = "033ssx2hql5k4pv9si043s3mjq2b748ymjzif8pg6rdwh260faky";
};
in stdenv.mkDerivation rec {
# only fetches the yaracpp source patched to work with a local yara clone,
# does not build anything
pname = "yaracpp-src";
version = "2018-10-09";
rev = "b92bde0e59e3b75bc445227e04b71105771dee8b"; # as specified in retdec/deps/yaracpp/CMakeLists.txt
src = fetchFromGitHub {
inherit rev;
owner = "avast-tl";
repo = "yaracpp";
sha256 = "0fan7q79j7s3bjmhsd2nw6sqyi14xgikn7mr2p4nj87lick5l4a2";
};
postPatch = ''
# check if our version of yara is the same version that upstream expects
echo "Checking version of yara"
expected_rev="$( sed -n -e 's|.*URL https://github.com/.*/archive/\(.*\)\.zip.*|\1|p' "deps/CMakeLists.txt" )"
if [ "$expected_rev" != '${yara.rev}' ]; then
echo "The yara dependency has the wrong version: ${yara.rev} while $expected_rev is expected."
exit 1
fi
# patch the CMakeLists.txt file to use our local copy of the dependency instead of fetching it at build time
sed -i -e "s|URL .*|URL ${yara}|" "deps/CMakeLists.txt"
# abuse the CONFIGURE_COMMAND to make the source writeable after copying it to the build locatoin (necessary for the build)
sed -i -e 's|CONFIGURE_COMMAND ""|CONFIGURE_COMMAND COMMAND ${coreutils}/bin/chmod -R u+w .|' "deps/CMakeLists.txt"
'';
buildPhase = "# do nothing";
configurePhase = "# do nothing";
installPhase = ''
mkdir -p "$out"
cp -r * "$out"
'';
}

44
pkgs/development/tools/analysis/rizin/cutter.nix Normal file
View file

@ -0,0 +1,44 @@
{ fetchFromGitHub, lib, mkDerivation
# nativeBuildInputs
, qmake, pkg-config, cmake
# Qt
, qtbase, qtsvg, qtwebengine, qttools
# buildInputs
, rizin
, python3
, wrapQtAppsHook
}:
mkDerivation rec {
pname = "cutter";
version = "2.0.5";
src = fetchFromGitHub {
owner = "rizinorg";
repo = "cutter";
rev = "v${version}";
sha256 = "sha256-ljws9S7ZxZK/Ou8jgGSoR++vtzFTEBywHMhCC/UOLEs=";
fetchSubmodules = true;
};
nativeBuildInputs = [ cmake qmake pkg-config python3 wrapQtAppsHook ];
propagatedBuildInputs = [ python3.pkgs.pyside2 ];
buildInputs = [ qtbase qttools qtsvg qtwebengine rizin python3 ];
cmakeFlags = [
"-DCUTTER_USE_BUNDLED_RIZIN=OFF"
"-DCUTTER_ENABLE_PYTHON=ON"
"-DCUTTER_ENABLE_PYTHON_BINDINGS=ON"
];
preBuild = ''
qtWrapperArgs+=(--prefix PYTHONPATH : "$PYTHONPATH")
'';
meta = with lib; {
description = "Free and Open Source Reverse Engineering Platform powered by rizin";
homepage = src.meta.homepage;
license = licenses.gpl3;
maintainers = with maintainers; [ mic92 dtzWill ];
};
}

81
pkgs/development/tools/analysis/rizin/default.nix Normal file
View file

@ -0,0 +1,81 @@
{ lib
, stdenv
, fetchurl
, pkg-config
, libusb-compat-0_1
, readline
, libewf
, perl
, zlib
, openssl
, libuv
, file
, libzip
, lz4
, xxHash
, meson
, cmake
, ninja
, capstone
, tree-sitter
, python3
}:
stdenv.mkDerivation rec {
pname = "rizin";
version = "0.3.4";
src = fetchurl {
url = "https://github.com/rizinorg/rizin/releases/download/v${version}/rizin-src-v${version}.tar.xz";
sha256 = "sha256-7qSbOWOHwJ0ZcFqrAqYXzbFWgvymfxAf8rJ+75SnEOk=";
};
mesonFlags = [
"-Duse_sys_capstone=enabled"
"-Duse_sys_magic=enabled"
"-Duse_sys_libzip=enabled"
"-Duse_sys_zlib=enabled"
"-Duse_sys_xxhash=enabled"
"-Duse_sys_lz4=enabled"
"-Duse_sys_openssl=enabled"
"-Duse_sys_tree_sitter=enabled"
];
nativeBuildInputs = [ pkg-config meson ninja cmake (python3.withPackages (ps: [ ps.setuptools ])) ];
# meson's find_library seems to not use our compiler wrapper if static parameter
# is either true/false... We work around by also providing LIBRARY_PATH
preConfigure = ''
LIBRARY_PATH=""
for b in ${toString (map lib.getLib buildInputs)}; do
if [[ -d "$b/lib" ]]; then
LIBRARY_PATH="$b/lib''${LIBRARY_PATH:+:}$LIBRARY_PATH"
fi
done
export LIBRARY_PATH
'';
buildInputs = [
file
libzip
capstone
readline
libusb-compat-0_1
libewf
perl
zlib
lz4
openssl
libuv
tree-sitter
xxHash
];
meta = {
description = "UNIX-like reverse engineering framework and command-line toolset.";
homepage = "https://rizin.re/";
license = lib.licenses.gpl3Plus;
maintainers = with lib.maintainers; [ raskin makefu mic92 ];
platforms = with lib.platforms; linux;
};
}

65
pkgs/development/tools/analysis/rr/default.nix Normal file
View file

@ -0,0 +1,65 @@
{ lib, stdenv, fetchFromGitHub, cmake, libpfm, zlib, pkg-config, python3Packages, which, procps, gdb, capnproto }:
stdenv.mkDerivation rec {
version = "5.5.0";
pname = "rr";
src = fetchFromGitHub {
owner = "mozilla";
repo = "rr";
rev = version;
sha256 = "sha256-ZZhkmDWGNWejwXZEcFO9p9NG1dopK7kXRj7OrkJCPR0=";
};
postPatch = ''
substituteInPlace src/Command.cc --replace '_BSD_SOURCE' '_DEFAULT_SOURCE'
sed '7i#include <math.h>' -i src/Scheduler.cc
patchShebangs .
'';
# With LTO enabled, linking fails with the following message:
#
# src/AddressSpace.cc:1666: undefined reference to `rr_syscall_addr'
# ld.bfd: bin/rr: hidden symbol `rr_syscall_addr' isn't defined
# ld.bfd: final link failed: bad value
# collect2: error: ld returned 1 exit status
#
# See also https://github.com/NixOS/nixpkgs/pull/110846
preConfigure = ''substituteInPlace CMakeLists.txt --replace "-flto" ""'';
nativeBuildInputs = [ cmake pkg-config which ];
buildInputs = [
libpfm zlib python3Packages.python python3Packages.pexpect procps gdb capnproto
];
propagatedBuildInputs = [ gdb ]; # needs GDB to replay programs at runtime
cmakeFlags = [
"-DCMAKE_C_FLAGS_RELEASE:STRING="
"-DCMAKE_CXX_FLAGS_RELEASE:STRING="
"-Ddisable32bit=ON"
];
# we turn on additional warnings due to hardening
NIX_CFLAGS_COMPILE = "-Wno-error";
hardeningDisable = [ "fortify" ];
# FIXME
#doCheck = true;
preCheck = "export HOME=$TMPDIR";
meta = {
homepage = "https://rr-project.org/";
description = "Records nondeterministic executions and debugs them deterministically";
longDescription = ''
rr aspires to be your primary debugging tool, replacing -- well,
enhancing -- gdb. You record a failure once, then debug the
recording, deterministically, as many times as you want. Every
time the same execution is replayed.
'';
license = with lib.licenses; [ mit bsd2 ];
maintainers = with lib.maintainers; [ pierron thoughtpolice ];
platforms = lib.platforms.x86;
};
}

22
pkgs/development/tools/analysis/rr/unstable.nix Normal file
View file

@ -0,0 +1,22 @@
# This is a temporary copy of the default.nix in this folder, with the version
# updated to the current tip of rr's master branch. This exists because rr has
# not had a release in a long time. Upstream has stated that it should be fine
# to use master. This file, and its attribute in all-packages, can be removed
# once rr makes a release.
{ callPackage, fetchFromGitHub }:
let
rr = callPackage ./. {};
in
rr.overrideAttrs (old: {
version = "unstable-2022-05-12";
src = fetchFromGitHub {
owner = "mozilla";
repo = "rr";
rev = "c96cb688106634ad09af6214aa91252c3a4f74b1";
sha256 = "sha256-K4cEQnvBXr/j9qXCgIHLqMrRzm96ushTO5STivRj+Mk=";
};
})

45
pkgs/development/tools/analysis/rr/zen_workaround.nix Normal file
View file

@ -0,0 +1,45 @@
{ stdenv, lib, fetchzip, kernel }:
/* The python script shouldn't be needed for users of this kernel module.
https://github.com/rr-debugger/rr/blob/master/scripts/zen_workaround.py
The module itself is called "zen_workaround" (a bit generic unfortunately).
*/
stdenv.mkDerivation rec {
pname = "rr-zen_workaround";
version = "2020-09-22";
src = fetchzip {
url = "https://gist.github.com/glandium/01d54cefdb70561b5f6675e08f2990f2/archive/2f430f0c136a69b0886281d0c76708997d8878af.zip";
sha256 = "1mbmbyymgl75wparv3rgnyxnc44rd6n935jziz9anl9apy031ryi";
};
hardeningDisable = [ "pic" ];
nativeBuildInputs = kernel.moduleBuildDependencies;
makeFlags = [
"-C${kernel.dev}/lib/modules/${kernel.modDirVersion}/build"
];
postConfigure = ''
makeFlags="$makeFlags M=$(pwd)"
'';
buildFlags = "modules";
installPhase = let
modDestDir = "$out/lib/modules/${kernel.modDirVersion}/kernel"; #TODO: longer path?
in ''
runHook preInstall
mkdir -p "${modDestDir}"
cp *.ko "${modDestDir}/"
find ${modDestDir} -name '*.ko' -exec xz -f '{}' \;
runHook postInstall
'';
meta = with lib; {
description = "Kernel module supporting the rr debugger on (some) AMD Zen-based CPUs";
homepage = "https://github.com/rr-debugger/rr/wiki/Zen#kernel-module";
license = licenses.gpl2;
maintainers = [ maintainers.vcunat ];
platforms = [ "x86_64-linux" ];
broken = versionOlder kernel.version "4.19"; # 4.14 breaks and 4.19 works
};
}

39
pkgs/development/tools/analysis/smatch/default.nix Normal file
View file

@ -0,0 +1,39 @@
{ lib
, stdenv
, fetchFromGitHub
, pkg-config
, sqlite
, openssl
, buildllvmsparse ? false
, buildc2xml ? false
, libllvm
, libxml2
}:
stdenv.mkDerivation rec {
pname = "smatch";
version = "1.72";
src = fetchFromGitHub {
owner = "error27";
repo = "smatch";
rev = version;
sha256 = "sha256-XVW4sAgIxaJjAk75bp/O286uddIfgfKtIA2LniUGWBM=";
};
nativeBuildInputs = [ pkg-config ];
buildInputs = [ sqlite openssl ]
++ lib.optionals buildllvmsparse [ libllvm ]
++ lib.optionals buildc2xml [ libxml2.dev ];
makeFlags = [ "PREFIX=${placeholder "out"}" "CXX=${stdenv.cc.targetPrefix}c++" ];
meta = with lib; {
description = "A semantic analysis tool for C";
homepage = "http://smatch.sourceforge.net/";
maintainers = with maintainers; [ marsam ];
license = licenses.gpl2Plus;
platforms = platforms.all;
};
}

31
pkgs/development/tools/analysis/snowman/default.nix Normal file
View file

@ -0,0 +1,31 @@
{ lib, mkDerivation, fetchFromGitHub, cmake, boost, qtbase }:
mkDerivation rec {
pname = "snowman";
version = "0.1.3";
src = fetchFromGitHub {
owner = "yegord";
repo = "snowman";
rev = "v${version}";
sha256 = "1mrmhj2nddi0d47c266vsg5vbapbqbcpj5ld4v1qcwnnk6z2zn0j";
};
nativeBuildInputs = [ cmake ];
buildInputs = [ boost qtbase ];
postUnpack = ''
export sourceRoot=$sourceRoot/src
'';
meta = with lib; {
description = "Native code to C/C++ decompiler";
homepage = "http://derevenets.com/";
# https://github.com/yegord/snowman/blob/master/doc/licenses.asciidoc
license = licenses.gpl3Plus;
maintainers = with maintainers; [ dtzWill ];
platforms = platforms.all;
};
}

36
pkgs/development/tools/analysis/sparse/default.nix Normal file
View file

@ -0,0 +1,36 @@
{ callPackage, fetchurl, lib, stdenv, gtk3, pkg-config, libxml2, llvm, perl, sqlite }:
let
GCC_BASE = "${stdenv.cc.cc}/lib/gcc/${stdenv.hostPlatform.uname.processor}-unknown-linux-gnu/${stdenv.cc.cc.version}";
in stdenv.mkDerivation rec {
pname = "sparse";
version = "0.6.4";
src = fetchurl {
url = "mirror://kernel/software/devel/sparse/dist/${pname}-${version}.tar.xz";
sha256 = "sha256-arKLSZG8au29c1UCkTYKpqs99B9ZIGqb3paQIIpuOHw=";
};
preConfigure = ''
sed -i 's|"/usr/include"|"${stdenv.cc.libc.dev}/include"|' pre-process.c
sed -i 's|qx(\$ccom -print-file-name=)|"${GCC_BASE}"|' cgcc
makeFlags+=" PREFIX=$out"
'';
nativeBuildInputs = [ pkg-config ];
buildInputs = [ gtk3 libxml2 llvm perl sqlite ];
doCheck = true;
buildFlags = "GCC_BASE:=${GCC_BASE}";
passthru.tests = {
simple-execution = callPackage ./tests.nix { };
};
meta = with lib; {
description = "Semantic parser for C";
homepage = "https://git.kernel.org/cgit/devel/sparse/sparse.git/";
license = licenses.mit;
platforms = platforms.linux;
maintainers = with maintainers; [ thoughtpolice jkarlson ];
};
}

24
pkgs/development/tools/analysis/sparse/tests.nix Normal file
View file

@ -0,0 +1,24 @@
{ runCommand, gcc, sparse, writeText }:
let
src = writeText "CODE.c" ''
#include <stdio.h>
#include <stddef.h>
#include <stdlib.h>
int main(int argc, char *argv[]) {
return EXIT_SUCCESS;
}
'';
in
runCommand "${sparse.pname}-tests" { buildInputs = [ gcc sparse ]; meta.timeout = 3; }
''
set -eu
${sparse}/bin/cgcc ${src} > output 2>&1 || ret=$?
if [[ -z $(<output) ]]; then
mv output $out
else
echo "Test build returned $ret"
cat output
exit 1
fi
''

42
pkgs/development/tools/analysis/spin/default.nix Normal file
View file

@ -0,0 +1,42 @@
{ stdenv, lib, fetchFromGitHub, makeWrapper, bison, gcc, tk, swarm, graphviz }:
let
binPath = lib.makeBinPath [ gcc graphviz tk swarm ];
in
stdenv.mkDerivation rec {
pname = "spin";
version = "6.5.2";
src = fetchFromGitHub {
owner = "nimble-code";
repo = "Spin";
rev = "version-${version}";
sha256 = "sha256-drvQXfDZCZRycBZt/VNngy8zs4XVJg+d1b4dQXVcyFU=";
};
nativeBuildInputs = [ makeWrapper ];
buildInputs = [ bison ];
sourceRoot = "source/Src";
preBuild = ''
mkdir -p $out/bin
mkdir -p $out/share/man/man1
'';
enableParallelBuilding = true;
makeFlags = [ "DESTDIR=$(out)" ];
postInstall = ''
wrapProgram $out/bin/spin --prefix PATH : ${binPath}
'';
meta = with lib; {
description = "Formal verification tool for distributed software systems";
homepage = "https://spinroot.com/";
license = licenses.bsd3;
platforms = platforms.unix;
maintainers = with maintainers; [ pSub siraben ];
};
}

13
pkgs/development/tools/analysis/splint/darwin.patch Normal file
View file

@ -0,0 +1,13 @@
diff --git a/src/osd.c b/src/osd.c
index ebe214a..4ba81d5 100644
--- a/src/osd.c
+++ b/src/osd.c
@@ -516,7 +516,7 @@ osd_getPid ()
# if defined (WIN32) || defined (OS2) && defined (__IBMC__)
int pid = _getpid ();
# else
- __pid_t pid = getpid ();
+ pid_t pid = getpid ();
# endif
return (int) pid;

33
pkgs/development/tools/analysis/splint/default.nix Normal file
View file

@ -0,0 +1,33 @@
{ fetchurl, lib, stdenv, flex }:
stdenv.mkDerivation rec {
pname = "splint";
version = "3.1.2";
src = fetchurl {
url = "https://www.splint.org/downloads/${pname}-${version}.src.tgz";
sha256 = "02pv8kscsrkrzip9r08pfs9xs98q74c52mlxzbii6cv6vx1vd3f7";
};
patches = [ ./tmpdir.patch ] ++ lib.optional stdenv.isDarwin ./darwin.patch;
buildInputs = [ flex ];
doCheck = true;
meta = with lib; {
homepage = "http://www.splint.org/";
description = "Annotation-assisted lightweight static analyzer for C";
longDescription = ''
Splint is a tool for statically checking C programs for security
vulnerabilities and coding mistakes. With minimal effort, Splint
can be used as a better lint. If additional effort is invested
adding annotations to programs, Splint can perform stronger
checking than can be done by any standard lint.
'';
license = licenses.gpl2Plus;
platforms = platforms.unix;
};
}

16
pkgs/development/tools/analysis/splint/tmpdir.patch Normal file
View file

@ -0,0 +1,16 @@
Have Splint honor $TMPDIR.
--- splint-3.1.2/src/context.c 2004-07-31 21:04:26.000000000 +0200
+++ splint-3.1.2/src/context.c 2008-07-11 10:55:16.000000000 +0200
@@ -801,7 +801,10 @@ context_resetAllFlags (void)
val = cstring_makeLiteral (env != NULL ? env : DEFAULT_TMPDIR);
}
# else
- val = cstring_makeLiteral (DEFAULT_TMPDIR);
+ {
+ char *env = getenv ("TMPDIR");
+ val = cstring_makeLiteral (env != NULL ? env : DEFAULT_TMPDIR);
+ }
# endif /* !defined(OS2) && !defined(MSDOS) */
break;

25
pkgs/development/tools/analysis/svlint/default.nix Normal file
View file

@ -0,0 +1,25 @@
{ lib
, rustPlatform
, fetchFromGitHub
}:
rustPlatform.buildRustPackage rec {
pname = "svlint";
version = "0.5.1";
src = fetchFromGitHub {
owner = "dalance";
repo = "svlint";
rev = "v${version}";
sha256 = "sha256-BgkzbKRcZkot3qkwPqSE9QkH3A3HNDuLjpFzKsU+Wb0=";
};
cargoSha256 = "sha256-HeFh8H7IN3m4HiEH1QbCBROslzVCzYxGIaeyM4K7gcs=";
meta = with lib; {
description = "SystemVerilog linter";
homepage = "https://github.com/dalance/svlint";
license = licenses.mit;
maintainers = with maintainers; [ trepetti ];
};
}

26
pkgs/development/tools/analysis/swarm/default.nix Normal file
View file

@ -0,0 +1,26 @@
{ lib, stdenv, fetchFromGitHub }:
stdenv.mkDerivation rec {
pname = "swarm";
version = "unstable-2019-03-11";
src = fetchFromGitHub {
owner = "nimble-code";
repo = "swarm";
rev = "4b36ed83c8fbb074f2dc5777fe1c0ab4d73cc7d9";
sha256 = "18zwlwsiiksivjpg6agmbmg0zsw2fl9475ss66b6pgcsya2q4afs";
};
installPhase = ''
install -Dm755 Src/swarm $out/bin/swarm
install -Dm644 Doc/swarm.1 $out/share/man/man1/swarm.1
'';
meta = with lib; {
description = "Verification script generator for Spin";
homepage = "http://spinroot.com/";
license = licenses.free;
platforms = platforms.unix;
maintainers = with maintainers; [ abbradar ];
};
}

53
pkgs/development/tools/analysis/tartan/default.nix Normal file
View file

@ -0,0 +1,53 @@
{ stdenv
, lib
, fetchFromGitLab
, meson
, ninja
, pkg-config
, llvmPackages
, gobject-introspection
, glib
, unstableGitUpdater
}:
stdenv.mkDerivation rec {
pname = "tartan";
version = "unstable-2021-12-23";
src = fetchFromGitLab {
domain = "gitlab.freedesktop.org";
owner = "tartan";
repo = "tartan";
rev = "bd4ea95d8b3ce1258491e9fac7fcc37d2b241a16";
sha256 = "l3duPt8Kh/JljzOV+Dm26XbS7gZ+mmFfYUYofWSJRyo=";
};
nativeBuildInputs = [
meson
ninja
pkg-config
];
buildInputs = [
gobject-introspection
glib
llvmPackages.libclang
llvmPackages.libllvm
];
passthru = {
updateScript = unstableGitUpdater {
# The updater tries src.url by default, which does not exist for fetchFromGitLab (fetchurl).
url = "https://gitlab.freedesktop.org/tartan/tartan.git";
};
};
meta = with lib; {
broken = stdenv.isDarwin;
description = "Tools and Clang plugins for developing code with GLib";
homepage = "https://freedesktop.org/wiki/Software/tartan";
license = licenses.gpl3Plus;
platforms = platforms.unix;
maintainers = with maintainers; [ jtojnar ];
};
}

29
pkgs/development/tools/analysis/tflint/default.nix Normal file
View file

@ -0,0 +1,29 @@
{ lib, buildGoModule, fetchFromGitHub }:
buildGoModule rec {
pname = "tflint";
version = "0.37.0";
src = fetchFromGitHub {
owner = "terraform-linters";
repo = pname;
rev = "v${version}";
sha256 = "sha256-2fcrKwbYuCOZE++Sin0zNuGaBQQd0dNs1MRL/doOLOw=";
};
vendorSha256 = "sha256-2v070TwDWkN4HZ/EOu85lotA9qIKLgpwD9TrfH7pGY4=";
doCheck = false;
subPackages = [ "." ];
ldflags = [ "-s" "-w" ];
meta = with lib; {
description = "Terraform linter focused on possible errors, best practices, and so on";
homepage = "https://github.com/terraform-linters/tflint";
changelog = "https://github.com/terraform-linters/tflint/raw/v${version}/CHANGELOG.md";
license = licenses.mpl20;
maintainers = [ maintainers.marsam ];
};
}

38
pkgs/development/tools/analysis/tfsec/default.nix Normal file
View file

@ -0,0 +1,38 @@
{ lib
, buildGoModule
, fetchFromGitHub
}:
buildGoModule rec {
pname = "tfsec";
version = "1.21.2";
src = fetchFromGitHub {
owner = "aquasecurity";
repo = pname;
rev = "v${version}";
sha256 = "sha256-oKHGowW/LetNGtMA/sTWhmc98Tt6X475CbpqI88g4Jc=";
};
ldflags = [
"-s" "-w"
"-X github.com/aquasecurity/tfsec/version.Version=${version}"
## not sure if this is needed (https://github.com/aquasecurity/tfsec/blob/master/.goreleaser.yml#L6)
# "-extldflags '-fno-PIC -static'"
];
vendorSha256 = "sha256-l39wXMgJLWIf0TcM6VQpcV4ckHqW/SjMy07e9w7dbgs=";
subPackages = [
"cmd/tfsec"
"cmd/tfsec-docs"
"cmd/tfsec-checkgen"
];
meta = with lib; {
description = "Static analysis powered security scanner for terraform code";
homepage = "https://github.com/aquasecurity/tfsec";
license = licenses.mit;
maintainers = with maintainers; [ fab marsam peterromfeldhk ];
};
}

30
pkgs/development/tools/analysis/uefi-firmware-parser/default.nix Normal file
View file

@ -0,0 +1,30 @@
{ lib, python3, fetchFromGitHub }:
with python3.pkgs;
buildPythonApplication rec {
pname = "uefi-firmware-parser";
version = "1.8";
# Version 1.8 is not published on pypi
src = fetchFromGitHub {
owner = "theopolis";
repo = "uefi-firmware-parser";
rev = "v${version}";
sha256 = "1yn9vi91j1yxkn0icdnjhgl0qrqqkzyhccj39af4f19q1gdw995l";
};
meta = with lib; {
homepage = "https://github.com/theopolis/uefi-firmware-parser/";
description = "Parse BIOS/Intel ME/UEFI firmware related structures: Volumes, FileSystems, Files, etc";
# MIT + license headers in some files
license = with licenses; [
mit
zlib # uefi_firmware/me.py
bsd2 # uefi_firmware/compression/Tiano/**/*
publicDomain # uefi_firmware/compression/LZMA/SDK/C/*
];
platforms = [ "x86_64-linux" "aarch64-linux" ];
maintainers = [ maintainers.samueldr ];
};
}

117
pkgs/development/tools/analysis/valgrind/default.nix Normal file
View file

@ -0,0 +1,117 @@
{ lib, stdenv, fetchurl, fetchpatch
, autoreconfHook, perl
, gdb, cctools, xnu, bootstrap_cmds
, writeScript
}:
stdenv.mkDerivation rec {
pname = "valgrind";
version = "3.19.0";
src = fetchurl {
url = "https://sourceware.org/pub/${pname}/${pname}-${version}.tar.bz2";
sha256 = "sha256-3V40SG8aSD/3vnMAzBa01rJGkJh4d8MnjXl1NNZzjwI=";
};
patches = [
# Fix checks on Musl.
# https://bugs.kde.org/show_bug.cgi?id=453929
(fetchpatch {
url = "https://bugsfiles.kde.org/attachment.cgi?id=148912";
sha256 = "Za+7K93pgnuEUQ+jDItEzWlN0izhbynX2crSOXBBY/I=";
})
];
outputs = [ "out" "dev" "man" "doc" ];
hardeningDisable = [ "pie" "stackprotector" ];
# GDB is needed to provide a sane default for `--db-command'.
# Perl is needed for `callgrind_{annotate,control}'.
buildInputs = [ gdb perl ] ++ lib.optionals (stdenv.isDarwin) [ bootstrap_cmds xnu ];
# Perl is also a native build input.
nativeBuildInputs = [ autoreconfHook perl ];
enableParallelBuilding = true;
separateDebugInfo = stdenv.isLinux;
preConfigure = lib.optionalString stdenv.isDarwin (
let OSRELEASE = ''
$(awk -F '"' '/#define OSRELEASE/{ print $2 }' \
<${xnu}/Library/Frameworks/Kernel.framework/Headers/libkern/version.h)'';
in ''
echo "Don't derive our xnu version using uname -r."
substituteInPlace configure --replace "uname -r" "echo ${OSRELEASE}"
# Apple's GCC doesn't recognize `-arch' (as of version 4.2.1, build 5666).
echo "getting rid of the \`-arch' GCC option..."
find -name Makefile\* -exec \
sed -i {} -e's/DARWIN\(.*\)-arch [^ ]\+/DARWIN\1/g' \;
sed -i coregrind/link_tool_exe_darwin.in \
-e 's/^my \$archstr = .*/my $archstr = "x86_64";/g'
substituteInPlace coregrind/m_debuginfo/readmacho.c \
--replace /usr/bin/dsymutil ${stdenv.cc.bintools.bintools}/bin/dsymutil
echo "substitute hardcoded /usr/bin/ld with ${cctools}/bin/ld"
substituteInPlace coregrind/link_tool_exe_darwin.in \
--replace /usr/bin/ld ${cctools}/bin/ld
'');
configureFlags =
lib.optional (stdenv.hostPlatform.system == "x86_64-linux" || stdenv.hostPlatform.system == "x86_64-darwin") "--enable-only64bit"
++ lib.optional stdenv.hostPlatform.isDarwin "--with-xcodedir=${xnu}/include";
doCheck = true;
postInstall = ''
for i in $out/libexec/valgrind/*.supp; do
substituteInPlace $i \
--replace 'obj:/lib' 'obj:*/lib' \
--replace 'obj:/usr/X11R6/lib' 'obj:*/lib' \
--replace 'obj:/usr/lib' 'obj:*/lib'
done
'';
passthru = {
updateScript = writeScript "update-valgrind" ''
#!/usr/bin/env nix-shell
#!nix-shell -i bash -p curl pcre common-updater-scripts
set -eu -o pipefail
# Expect the text in format of:
# 'Current release: <a href="/downloads/current.html#current">valgrind-3.19.0</a>'
new_version="$(curl -s https://valgrind.org/ |
pcregrep -o1 'Current release: .*>valgrind-([0-9.]+)</a>')"
update-source-version ${pname} "$new_version"
'';
};
meta = {
homepage = "http://www.valgrind.org/";
description = "Debugging and profiling tool suite";
longDescription = ''
Valgrind is an award-winning instrumentation framework for
building dynamic analysis tools. There are Valgrind tools that
can automatically detect many memory management and threading
bugs, and profile your programs in detail. You can also use
Valgrind to build new tools.
'';
license = lib.licenses.gpl2Plus;
maintainers = [ lib.maintainers.eelco ];
platforms = lib.platforms.unix;
badPlatforms = [
"armv5tel-linux" "armv6l-linux" "armv6m-linux"
"sparc-linux" "sparc64-linux"
"riscv32-linux" "riscv64-linux"
"alpha-linux"
];
broken = stdenv.isDarwin || stdenv.hostPlatform.isStatic; # https://hydra.nixos.org/build/128521440/nixlog/2
};
}

31
pkgs/development/tools/analysis/valkyrie/default.nix Normal file
View file

@ -0,0 +1,31 @@
{ lib, stdenv, fetchurl, qt4, qmake4Hook }:
stdenv.mkDerivation rec {
pname = "valkyrie";
version = "2.0.0";
src = fetchurl {
url = "https://valgrind.org/downloads/${pname}-${version}.tar.bz2";
sha256 = "0hwvsncf62mdkahwj9c8hpmm94c1wr5jn89370k6rj894kxry2x7";
};
patchPhase = ''
sed -i '1s;^;#include <unistd.h>\n;' src/objects/tool_object.cpp
sed -i '1s;^;#include <unistd.h>\n;' src/utils/vk_config.cpp
sed -i '1s;^;#include <sys/types.h>\n;' src/utils/vk_config.cpp
sed -i '1s;^;#include <unistd.h>\n;' src/utils/vk_utils.cpp
sed -i '1s;^;#include <sys/types.h>\n;' src/utils/vk_utils.cpp
'';
buildInputs = [ qt4 ];
nativeBuildInputs = [ qmake4Hook ];
meta = with lib; {
homepage = "http://www.valgrind.org/";
description = "Qt4-based GUI for the Valgrind 3.6.x series";
license = licenses.gpl2;
platforms = platforms.linux;
maintainers = with maintainers; [ pSub ];
};
}

34
pkgs/development/tools/analysis/yallback/default.nix Normal file
View file

@ -0,0 +1,34 @@
{ lib
, stdenv
, fetchFromGitHub
, makeWrapper
, coreutils
, bashInteractive
}:
stdenv.mkDerivation rec {
version = "0.2.0";
pname = "yallback";
src = fetchFromGitHub {
owner = "abathur";
repo = "yallback";
rev = "v${version}";
hash = "sha256-t+fdnDJMFiFqN23dSY3TnsZsIDcravtwdNKJ5MiZosE=";
};
buildInputs = [ coreutils bashInteractive ];
nativeBuildInputs = [ makeWrapper ];
installPhase = ''
install -Dv yallback $out/bin/yallback
wrapProgram $out/bin/yallback --prefix PATH : ${lib.makeBinPath [ coreutils ]}
'';
meta = with lib; {
description = "Callbacks for YARA rule matches";
homepage = "https://github.com/abathur/yallback";
license = licenses.mit;
maintainers = with maintainers; [ abathur ];
platforms = platforms.all;
};
}