New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
eyewitness: init at v20201021.1 #101893
eyewitness: init at v20201021.1 #101893
Conversation
@redvers Can you please fix the eval error?
|
c23dfd2
to
380f674
Compare
Fixed - AND it works on aarch64 swoon |
Result of 1 package built:
|
firefox | ||
geckodriver | ||
xorg.xorgserver | ||
python37 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I am not sure what the best approach here is. Usually I just pass a single python
script into these expressions. That one python version is generated via python3.withPackages (p: [ p.netaddr p.selenium … ] )
.
- We should probably avoid hard coding python version 3.7 if we can. Just using python 3 should be sufficient.
- Why did you add
pip
as dependency? Does it try to install packages during runtime?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
cc @FRidh on the matter of how we pass python envs these days.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is still using python3.7 explicitly unless really required we should use python3 here.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this part needs some revisiting.
380f674
to
ee3e8e3
Compare
ee3e8e3
to
2d8489b
Compare
Can you rebase this branch on master to fix the eval error? |
2d8489b
to
f95be69
Compare
Result of 1 package built:
|
|
||
stdenv.mkDerivation rec { | ||
pname = "eyewitness"; | ||
version = "v20201021.1"; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
version = "v20201021.1"; | |
version = "20201021.1"; |
src = fetchFromGitHub { | ||
owner = "FortyNorthSecurity"; | ||
repo = "EyeWitness"; | ||
rev = version; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
rev = version; | |
rev = "v${version}"; |
firefox | ||
geckodriver | ||
xorg.xorgserver | ||
python37 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this part needs some revisiting.
|
||
doCheck = false; | ||
|
||
meta = with stdenv.lib; { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
meta = with stdenv.lib; { | |
meta = with lib; { |
homepage = "https://github.com/FortyNorthSecurity/EyeWitness"; | ||
maintainers = with maintainers; [ redvers ]; | ||
platforms = platforms.linux; | ||
license = licenses.gpl3; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
gpl3Plus or gpl3Only?
The latest release is v20210205.1. Related to #81418 |
Thanks - I thought this PR was mothballed - I'll get to addressing the above issues a little later today. |
I marked this as stale due to inactivity. → More info |
Closing due to inactivity from author. |
Motivation for this change
EyeWitness is a tool that I use on a daily basis to evaluate large swathes of network services that I am responsible for. It is a headless application which takes as input a list of URLs and outputs screenshots and source-code for each item in the list.
To test:
(You can see example output of the above here: https://evil.red/2020-10-28_032409/report.html)
Things done
sandbox
innix.conf
on non-NixOS linux)nix-shell -p nixpkgs-review --run "nixpkgs-review wip"
./result/bin/
)nix path-info -S
before and after)