New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
testssl.sh: init at 2.9.5-1 #29694
testssl.sh: init at 2.9.5-1 #29694
Conversation
src = fetchFromGitHub { | ||
owner = "drwetter"; | ||
repo = "testssl.sh"; | ||
rev = "ed88add923139e0c8cf4d9cf59d6f9e6cf5326cf"; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
rev = "v${version}";
works.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Oh, ok. Changing that :)
''; | ||
homepage = https://testssl.sh/; | ||
license = licenses.gpl2; | ||
}; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
A maintainer must be set, did you want to maintain this package?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sure, I can do that. I will amend and push that together with the version fix.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you. Added a few nits for you to consider, nothing major but I think they ought be addressed before merging.
@@ -0,0 +1,51 @@ | |||
{ stdenv, fetchFromGitHub, pkgs, lib }: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please do not pass all of pkgs
, instead declare each parameter you need directly. Also note that lib
is typically accessed via stdenv.lib
.
sha256 = "0hz6g685jwl0c0jrdca746425xpwiwc8lnlc2gigga5hkcq8qzl9"; | ||
}; | ||
|
||
buildInputs = with pkgs; [ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nit: makeWrapper
is build-time only and could be listed in nativeBuildInputs
instead.
''; | ||
|
||
meta = with stdenv.lib; { | ||
description = "testssl.sh is a commandline tool to check a server's TLS/SSL capabilities"; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please drop the "foo is a ..."
from the short description.
makeWrapper | ||
]; | ||
|
||
# Replace /bin/pwd with the actual path to pwd in coreutils |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nit: this comment and those below just restate what the code immediately following obviously does, so seem redundant (similar to int x = 1+1; /* add 1 to 1 */
).
# Copy script | ||
cp testssl.sh $out/bin/testssl.sh | ||
|
||
# Make wrapper to let the script know where the etc folder is |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Seeing as this is a bash script, you could avoid the wrapper indirection by simply injecting those values into the script itself.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'll fix this and the notes above in an amend :)
Add testssl.sh which is a nice utility for testing TLS/SSL capabilities of servers without having to use any kind of web-service. It's very useful for testing setups of services before deployment and such.
Motivation for this change
Add testssl.sh which is a nice utility for testing TLS/SSL capabilities of servers without having to use any kind of web-service. It's very useful for testing setups of services before deployment and such.
Things done
build-use-sandbox
innix.conf
on non-NixOS)nix-shell -p nox --run "nox-review wip"
./result/bin/
)