checkov 0 -> 1 attrpath: checkov Checking auto update branch... [version] [version] skipping because derivation has updateScript [rustCrateVersion] [rustCrateVersion] No cargoSha256 or cargoHash found [golangModuleVersion] [golangModuleVersion] Not a buildGoModule package with vendorSha256 or vendorHash [npmDepsVersion] [npmDepsVersion] No npmDepsHash [updateScript] [updateScript] Success [updateScript] this derivation will be built: /nix/store/fh23j0h9mfl4fwnby6swj1aj6k73nwz5-packages.json.drv building '/nix/store/fh23j0h9mfl4fwnby6swj1aj6k73nwz5-packages.json.drv'... Going to be running update for following packages: - checkov-3.2.0 Press Enter key to continue... Running update for: - checkov-3.2.0: UPDATING ... - checkov-3.2.0: DONE. Packages updated! Diff after rewrites: diff --git a/pkgs/development/tools/analysis/checkov/default.nix b/pkgs/development/tools/analysis/checkov/default.nix index 99de7b6021f0..fde655201a81 100644 --- a/pkgs/development/tools/analysis/checkov/default.nix +++ b/pkgs/development/tools/analysis/checkov/default.nix @@ -5,14 +5,14 @@ python3.pkgs.buildPythonApplication rec { pname = "checkov"; - version = "3.2.0"; + version = "3.2.3"; pyproject = true; src = fetchFromGitHub { owner = "bridgecrewio"; repo = "checkov"; rev = "refs/tags/${version}"; - hash = "sha256-mNmOU64UyvHSM7Jo9d4plgT1hcLM156CZk36iHDMZN8="; + hash = "sha256-zrrWPe2rc9knv6PitDokDvXa23rPDt1nr3tqPqP/fYs="; }; patches = [ No auto update branch exists Old version 3.2.0" not present in master derivation file with contents: { lib , fetchFromGitHub , python3 }: python3.pkgs.buildPythonApplication rec { pname = "checkov"; version = "3.2.2"; pyproject = true; src = fetchFromGitHub { owner = "bridgecrewio"; repo = "checkov"; rev = "refs/tags/${version}"; hash = "sha256-z/kt7nkPcEFRZ3w68PQ3g28VPnIXzPE2jJQPp6aG+JM="; }; patches = [ ./flake8-compat-5.x.patch ]; pythonRelaxDeps = [ "bc-detect-secrets" "bc-python-hcl2" "dpath" "igraph" "license-expression" "networkx" "openai" "pycep-parser" "termcolor" ]; pythonRemoveDeps = [ # pythonRelaxDeps doesn't work with that one "pycep-parser" ]; nativeBuildInputs = with python3.pkgs; [ pythonRelaxDepsHook setuptools-scm ]; propagatedBuildInputs = with python3.pkgs; [ aiodns aiohttp aiomultiprocess argcomplete bc-detect-secrets bc-jsonpath-ng bc-python-hcl2 boto3 cachetools charset-normalizer cloudsplaining colorama configargparse cyclonedx-python-lib docker dockerfile-parse dpath flake8 gitpython igraph jmespath jsonschema junit-xml license-expression networkx openai packaging policyuniverse prettytable pycep-parser pyyaml pydantic rustworkx semantic-version spdx-tools tabulate termcolor tqdm typing-extensions update-checker ]; nativeCheckInputs = with python3.pkgs; [ aioresponses mock pytest-asyncio pytest-mock pytest-xdist pytestCheckHook responses ]; preCheck = '' export HOME=$(mktemp -d); ''; disabledTests = [ # No API key available "api_key" # Requires network access "TestSarifReport" "test_skip_mapping_default" # Flake8 test "test_file_with_class" "test_dataclass_skip" "test_typing_class_skip" # Tests are comparing console output "cli" "console" # Assertion error "test_runner" # AssertionError: assert ['